@webex/webex-core 3.0.0-beta.4 → 3.0.0-beta.400
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/config.js +1 -11
- package/dist/config.js.map +1 -1
- package/dist/credentials-config.js +44 -64
- package/dist/credentials-config.js.map +1 -1
- package/dist/index.js +0 -76
- package/dist/index.js.map +1 -1
- package/dist/interceptors/auth.js +22 -55
- package/dist/interceptors/auth.js.map +1 -1
- package/dist/interceptors/default-options.js +0 -20
- package/dist/interceptors/default-options.js.map +1 -1
- package/dist/interceptors/embargo.js +0 -21
- package/dist/interceptors/embargo.js.map +1 -1
- package/dist/interceptors/network-timing.js +2 -21
- package/dist/interceptors/network-timing.js.map +1 -1
- package/dist/interceptors/payload-transformer.js +2 -22
- package/dist/interceptors/payload-transformer.js.map +1 -1
- package/dist/interceptors/rate-limit.js +25 -57
- package/dist/interceptors/rate-limit.js.map +1 -1
- package/dist/interceptors/redirect.js +4 -33
- package/dist/interceptors/redirect.js.map +1 -1
- package/dist/interceptors/request-event.js +3 -30
- package/dist/interceptors/request-event.js.map +1 -1
- package/dist/interceptors/request-logger.js +1 -30
- package/dist/interceptors/request-logger.js.map +1 -1
- package/dist/interceptors/request-timing.js +3 -22
- package/dist/interceptors/request-timing.js.map +1 -1
- package/dist/interceptors/response-logger.js +2 -31
- package/dist/interceptors/response-logger.js.map +1 -1
- package/dist/interceptors/user-agent.js +2 -29
- package/dist/interceptors/user-agent.js.map +1 -1
- package/dist/interceptors/webex-tracking-id.js +5 -28
- package/dist/interceptors/webex-tracking-id.js.map +1 -1
- package/dist/interceptors/webex-user-agent.js +5 -38
- package/dist/interceptors/webex-user-agent.js.map +1 -1
- package/dist/lib/batcher.js +3 -51
- package/dist/lib/batcher.js.map +1 -1
- package/dist/lib/constants.js +14 -0
- package/dist/lib/constants.js.map +1 -0
- package/dist/lib/credentials/credentials.js +98 -139
- package/dist/lib/credentials/credentials.js.map +1 -1
- package/dist/lib/credentials/grant-errors.js +0 -49
- package/dist/lib/credentials/grant-errors.js.map +1 -1
- package/dist/lib/credentials/index.js +1 -13
- package/dist/lib/credentials/index.js.map +1 -1
- package/dist/lib/credentials/scope.js +25 -14
- package/dist/lib/credentials/scope.js.map +1 -1
- package/dist/lib/credentials/token-collection.js +1 -7
- package/dist/lib/credentials/token-collection.js.map +1 -1
- package/dist/lib/credentials/token.js +42 -118
- package/dist/lib/credentials/token.js.map +1 -1
- package/dist/lib/page.js +13 -26
- package/dist/lib/page.js.map +1 -1
- package/dist/lib/services/constants.js +0 -2
- package/dist/lib/services/constants.js.map +1 -1
- package/dist/lib/services/index.js +1 -28
- package/dist/lib/services/index.js.map +1 -1
- package/dist/lib/services/interceptors/server-error.js +2 -23
- package/dist/lib/services/interceptors/server-error.js.map +1 -1
- package/dist/lib/services/interceptors/service.js +15 -35
- package/dist/lib/services/interceptors/service.js.map +1 -1
- package/dist/lib/services/metrics.js +0 -2
- package/dist/lib/services/metrics.js.map +1 -1
- package/dist/lib/services/service-catalog.js +12 -91
- package/dist/lib/services/service-catalog.js.map +1 -1
- package/dist/lib/services/service-fed-ramp.js +0 -2
- package/dist/lib/services/service-fed-ramp.js.map +1 -1
- package/dist/lib/services/service-host.js +47 -62
- package/dist/lib/services/service-host.js.map +1 -1
- package/dist/lib/services/service-registry.js +78 -90
- package/dist/lib/services/service-registry.js.map +1 -1
- package/dist/lib/services/service-state.js +3 -15
- package/dist/lib/services/service-state.js.map +1 -1
- package/dist/lib/services/service-url.js +4 -25
- package/dist/lib/services/service-url.js.map +1 -1
- package/dist/lib/services/services.js +135 -239
- package/dist/lib/services/services.js.map +1 -1
- package/dist/lib/stateless-webex-plugin.js +5 -28
- package/dist/lib/stateless-webex-plugin.js.map +1 -1
- package/dist/lib/storage/decorators.js +19 -62
- package/dist/lib/storage/decorators.js.map +1 -1
- package/dist/lib/storage/errors.js +0 -23
- package/dist/lib/storage/errors.js.map +1 -1
- package/dist/lib/storage/index.js +2 -16
- package/dist/lib/storage/index.js.map +1 -1
- package/dist/lib/storage/make-webex-plugin-store.js +11 -41
- package/dist/lib/storage/make-webex-plugin-store.js.map +1 -1
- package/dist/lib/storage/make-webex-store.js +8 -30
- package/dist/lib/storage/make-webex-store.js.map +1 -1
- package/dist/lib/storage/memory-store-adapter.js +1 -19
- package/dist/lib/storage/memory-store-adapter.js.map +1 -1
- package/dist/lib/webex-core-plugin-mixin.js +9 -29
- package/dist/lib/webex-core-plugin-mixin.js.map +1 -1
- package/dist/lib/webex-http-error.js +1 -31
- package/dist/lib/webex-http-error.js.map +1 -1
- package/dist/lib/webex-internal-core-plugin-mixin.js +9 -29
- package/dist/lib/webex-internal-core-plugin-mixin.js.map +1 -1
- package/dist/lib/webex-plugin.js +6 -40
- package/dist/lib/webex-plugin.js.map +1 -1
- package/dist/plugins/logger.js +3 -17
- package/dist/plugins/logger.js.map +1 -1
- package/dist/webex-core.js +84 -203
- package/dist/webex-core.js.map +1 -1
- package/dist/webex-internal-core.js +0 -10
- package/dist/webex-internal-core.js.map +1 -1
- package/package.json +14 -14
- package/src/config.js +9 -11
- package/src/credentials-config.js +110 -72
- package/src/index.js +4 -14
- package/src/interceptors/auth.js +36 -37
- package/src/interceptors/default-options.js +0 -1
- package/src/interceptors/embargo.js +1 -1
- package/src/interceptors/payload-transformer.js +1 -2
- package/src/interceptors/rate-limit.js +8 -5
- package/src/interceptors/redirect.js +14 -8
- package/src/interceptors/request-event.js +4 -8
- package/src/interceptors/request-logger.js +8 -5
- package/src/interceptors/response-logger.js +11 -8
- package/src/interceptors/user-agent.js +1 -2
- package/src/interceptors/webex-user-agent.js +3 -9
- package/src/lib/batcher.js +70 -69
- package/src/lib/constants.js +6 -0
- package/src/lib/credentials/credentials.js +173 -141
- package/src/lib/credentials/grant-errors.js +6 -7
- package/src/lib/credentials/index.js +1 -4
- package/src/lib/credentials/scope.js +24 -8
- package/src/lib/credentials/token-collection.js +1 -1
- package/src/lib/credentials/token.js +95 -81
- package/src/lib/page.js +10 -11
- package/src/lib/services/constants.js +3 -13
- package/src/lib/services/index.js +2 -2
- package/src/lib/services/interceptors/server-error.js +12 -7
- package/src/lib/services/interceptors/service.js +7 -6
- package/src/lib/services/metrics.js +1 -1
- package/src/lib/services/service-catalog.js +112 -100
- package/src/lib/services/service-fed-ramp.js +1 -2
- package/src/lib/services/service-host.js +10 -17
- package/src/lib/services/service-registry.js +69 -96
- package/src/lib/services/service-state.js +4 -6
- package/src/lib/services/service-url.js +24 -23
- package/src/lib/services/services.js +272 -249
- package/src/lib/stateless-webex-plugin.js +4 -2
- package/src/lib/storage/decorators.js +68 -66
- package/src/lib/storage/index.js +4 -6
- package/src/lib/storage/make-webex-plugin-store.js +34 -21
- package/src/lib/storage/make-webex-store.js +6 -7
- package/src/lib/storage/memory-store-adapter.js +3 -3
- package/src/lib/webex-core-plugin-mixin.js +10 -7
- package/src/lib/webex-http-error.js +7 -8
- package/src/lib/webex-internal-core-plugin-mixin.js +9 -6
- package/src/lib/webex-plugin.js +41 -34
- package/src/plugins/logger.js +8 -3
- package/src/webex-core.js +198 -117
- package/src/webex-internal-core.js +15 -9
- package/test/integration/spec/credentials/credentials.js +26 -30
- package/test/integration/spec/credentials/token.js +36 -33
- package/test/integration/spec/services/service-catalog.js +177 -156
- package/test/integration/spec/services/services.js +313 -304
- package/test/integration/spec/webex-core.js +98 -86
- package/test/unit/spec/_setup.js +26 -18
- package/test/unit/spec/credentials/credentials.js +352 -162
- package/test/unit/spec/credentials/scope.js +80 -0
- package/test/unit/spec/credentials/token.js +105 -77
- package/test/unit/spec/interceptors/auth.js +294 -243
- package/test/unit/spec/interceptors/default-options.js +36 -24
- package/test/unit/spec/interceptors/embargo.js +32 -27
- package/test/unit/spec/interceptors/network-timing.js +2 -2
- package/test/unit/spec/interceptors/payload-transformer.js +61 -52
- package/test/unit/spec/interceptors/rate-limit.js +104 -75
- package/test/unit/spec/interceptors/redirect.js +22 -20
- package/test/unit/spec/interceptors/request-timing.js +18 -22
- package/test/unit/spec/interceptors/user-agent.js +28 -16
- package/test/unit/spec/interceptors/webex-tracking-id.js +14 -8
- package/test/unit/spec/interceptors/webex-user-agent.js +83 -37
- package/test/unit/spec/lib/batcher.js +36 -32
- package/test/unit/spec/lib/page.js +36 -32
- package/test/unit/spec/lib/webex-plugin.js +1 -1
- package/test/unit/spec/services/interceptors/server-error.js +67 -90
- package/test/unit/spec/services/interceptors/service.js +23 -28
- package/test/unit/spec/services/service-catalog.js +19 -27
- package/test/unit/spec/services/service-host.js +29 -26
- package/test/unit/spec/services/service-registry.js +128 -170
- package/test/unit/spec/services/service-state.js +13 -22
- package/test/unit/spec/services/service-url.js +24 -43
- package/test/unit/spec/services/services.js +147 -41
- package/test/unit/spec/storage/persist.js +6 -9
- package/test/unit/spec/storage/wait-for-value.js +22 -21
- package/test/unit/spec/webex-core.js +90 -57
- package/test/unit/spec/webex-internal-core.js +56 -31
|
@@ -1,65 +1,48 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
|
|
3
|
+
var _typeof = require("@babel/runtime-corejs2/helpers/typeof");
|
|
4
|
+
var _Object$keys2 = require("@babel/runtime-corejs2/core-js/object/keys");
|
|
5
|
+
var _Object$getOwnPropertySymbols = require("@babel/runtime-corejs2/core-js/object/get-own-property-symbols");
|
|
6
|
+
var _Object$getOwnPropertyDescriptor2 = require("@babel/runtime-corejs2/core-js/object/get-own-property-descriptor");
|
|
7
|
+
var _Object$getOwnPropertyDescriptors = require("@babel/runtime-corejs2/core-js/object/get-own-property-descriptors");
|
|
8
|
+
var _Object$defineProperties = require("@babel/runtime-corejs2/core-js/object/define-properties");
|
|
3
9
|
var _Object$defineProperty = require("@babel/runtime-corejs2/core-js/object/define-property");
|
|
4
|
-
|
|
10
|
+
var _WeakMap = require("@babel/runtime-corejs2/core-js/weak-map");
|
|
5
11
|
var _interopRequireDefault = require("@babel/runtime-corejs2/helpers/interopRequireDefault");
|
|
6
|
-
|
|
7
12
|
_Object$defineProperty(exports, "__esModule", {
|
|
8
13
|
value: true
|
|
9
14
|
});
|
|
10
|
-
|
|
11
15
|
exports.default = void 0;
|
|
12
|
-
|
|
13
16
|
var _deleteProperty = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/reflect/delete-property"));
|
|
14
|
-
|
|
15
17
|
var _stringify = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/json/stringify"));
|
|
16
|
-
|
|
17
|
-
var _assign = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/object/assign"));
|
|
18
|
-
|
|
19
18
|
var _keys = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/object/keys"));
|
|
20
|
-
|
|
21
19
|
var _apply = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/reflect/apply"));
|
|
22
|
-
|
|
23
20
|
var _promise = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/promise"));
|
|
24
|
-
|
|
25
21
|
var _now = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/date/now"));
|
|
26
|
-
|
|
27
22
|
var _getOwnPropertyDescriptor = _interopRequireDefault(require("@babel/runtime-corejs2/core-js/object/get-own-property-descriptor"));
|
|
28
|
-
|
|
23
|
+
var _defineProperty2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/defineProperty"));
|
|
29
24
|
var _applyDecoratedDescriptor2 = _interopRequireDefault(require("@babel/runtime-corejs2/helpers/applyDecoratedDescriptor"));
|
|
30
|
-
|
|
31
25
|
var _isEmpty2 = _interopRequireDefault(require("lodash/isEmpty"));
|
|
32
|
-
|
|
33
26
|
var _isObject2 = _interopRequireDefault(require("lodash/isObject"));
|
|
34
|
-
|
|
35
27
|
var _cloneDeep2 = _interopRequireDefault(require("lodash/cloneDeep"));
|
|
36
|
-
|
|
37
28
|
var _clone2 = _interopRequireDefault(require("lodash/clone"));
|
|
38
|
-
|
|
39
29
|
var _querystring = _interopRequireDefault(require("querystring"));
|
|
40
|
-
|
|
41
30
|
var _url = _interopRequireDefault(require("url"));
|
|
42
|
-
|
|
43
31
|
var _jsonwebtoken = _interopRequireDefault(require("jsonwebtoken"));
|
|
44
|
-
|
|
45
32
|
var _common = require("@webex/common");
|
|
46
|
-
|
|
47
33
|
var _commonTimers = require("@webex/common-timers");
|
|
48
|
-
|
|
49
34
|
var _webexPlugin = _interopRequireDefault(require("../webex-plugin"));
|
|
50
|
-
|
|
51
35
|
var _decorators = require("../storage/decorators");
|
|
52
|
-
|
|
53
|
-
var _grantErrors = _interopRequireDefault(require("./grant-errors"));
|
|
54
|
-
|
|
36
|
+
var _grantErrors = _interopRequireWildcard(require("./grant-errors"));
|
|
55
37
|
var _scope = require("./scope");
|
|
56
|
-
|
|
57
38
|
var _token = _interopRequireDefault(require("./token"));
|
|
58
|
-
|
|
59
39
|
var _tokenCollection = _interopRequireDefault(require("./token-collection"));
|
|
60
|
-
|
|
40
|
+
var _constants = require("../constants");
|
|
61
41
|
var _dec, _dec2, _dec3, _dec4, _dec5, _dec6, _obj;
|
|
62
|
-
|
|
42
|
+
function _getRequireWildcardCache(nodeInterop) { if (typeof _WeakMap !== "function") return null; var cacheBabelInterop = new _WeakMap(); var cacheNodeInterop = new _WeakMap(); return (_getRequireWildcardCache = function _getRequireWildcardCache(nodeInterop) { return nodeInterop ? cacheNodeInterop : cacheBabelInterop; })(nodeInterop); }
|
|
43
|
+
function _interopRequireWildcard(obj, nodeInterop) { if (!nodeInterop && obj && obj.__esModule) { return obj; } if (obj === null || _typeof(obj) !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(nodeInterop); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = _Object$defineProperty && _Object$getOwnPropertyDescriptor2; for (var key in obj) { if (key !== "default" && Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? _Object$getOwnPropertyDescriptor2(obj, key) : null; if (desc && (desc.get || desc.set)) { _Object$defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; }
|
|
44
|
+
function ownKeys(object, enumerableOnly) { var keys = _Object$keys2(object); if (_Object$getOwnPropertySymbols) { var symbols = _Object$getOwnPropertySymbols(object); enumerableOnly && (symbols = symbols.filter(function (sym) { return _Object$getOwnPropertyDescriptor2(object, sym).enumerable; })), keys.push.apply(keys, symbols); } return keys; }
|
|
45
|
+
function _objectSpread(target) { for (var i = 1; i < arguments.length; i++) { var source = null != arguments[i] ? arguments[i] : {}; i % 2 ? ownKeys(Object(source), !0).forEach(function (key) { (0, _defineProperty2.default)(target, key, source[key]); }) : _Object$getOwnPropertyDescriptors ? _Object$defineProperties(target, _Object$getOwnPropertyDescriptors(source)) : ownKeys(Object(source)).forEach(function (key) { _Object$defineProperty(target, key, _Object$getOwnPropertyDescriptor2(source, key)); }); } return target; }
|
|
63
46
|
/**
|
|
64
47
|
* @class
|
|
65
48
|
*/
|
|
@@ -88,9 +71,24 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
88
71
|
if (this.config.jwtRefreshCallback) {
|
|
89
72
|
return true;
|
|
90
73
|
}
|
|
91
|
-
|
|
92
74
|
return Boolean(this.supertoken && this.supertoken.canRefresh);
|
|
93
75
|
}
|
|
76
|
+
},
|
|
77
|
+
isUnverifiedGuest: {
|
|
78
|
+
deps: ['supertoken'],
|
|
79
|
+
/**
|
|
80
|
+
* Returns true if the user is an unverified guest
|
|
81
|
+
* @returns {boolean}
|
|
82
|
+
*/
|
|
83
|
+
fn: function fn() {
|
|
84
|
+
var isGuest = false;
|
|
85
|
+
try {
|
|
86
|
+
isGuest = JSON.parse(_common.base64.decode(this.supertoken.access_token.split('.')[1])).user_type === 'guest';
|
|
87
|
+
} catch (_unused) {
|
|
88
|
+
/* the non-guest token is formatted differently so catch is expected */
|
|
89
|
+
}
|
|
90
|
+
return isGuest;
|
|
91
|
+
}
|
|
94
92
|
}
|
|
95
93
|
},
|
|
96
94
|
props: {
|
|
@@ -102,7 +100,6 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
102
100
|
default: false,
|
|
103
101
|
type: 'boolean'
|
|
104
102
|
},
|
|
105
|
-
|
|
106
103
|
/**
|
|
107
104
|
* Becomes `true` once the {@link loaded} event fires.
|
|
108
105
|
* @see {@link WebexPlugin#ready}
|
|
@@ -119,7 +116,6 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
119
116
|
type: 'any'
|
|
120
117
|
}
|
|
121
118
|
},
|
|
122
|
-
|
|
123
119
|
/**
|
|
124
120
|
* Generates an OAuth Login URL. Prefers the api.ciscospark.com proxy if the
|
|
125
121
|
* instance is initialize with an authorizatUrl, but fallsback to idbroker
|
|
@@ -133,23 +129,18 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
133
129
|
var options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {
|
|
134
130
|
clientType: 'public'
|
|
135
131
|
};
|
|
136
|
-
|
|
137
132
|
/* eslint-disable camelcase */
|
|
138
133
|
if (options.state && !(0, _isObject2.default)(options.state)) {
|
|
139
134
|
throw new Error('if specified, `options.state` must be an object');
|
|
140
135
|
}
|
|
141
|
-
|
|
142
136
|
options.client_id = this.config.client_id;
|
|
143
137
|
options.redirect_uri = this.config.redirect_uri;
|
|
144
138
|
options.scope = this.config.scope;
|
|
145
139
|
options = (0, _cloneDeep2.default)(options);
|
|
146
|
-
|
|
147
140
|
if (!options.response_type) {
|
|
148
141
|
options.response_type = options.clientType === 'public' ? 'token' : 'code';
|
|
149
142
|
}
|
|
150
|
-
|
|
151
143
|
(0, _deleteProperty.default)(options, 'clientType');
|
|
152
|
-
|
|
153
144
|
if (options.state) {
|
|
154
145
|
if (!(0, _isEmpty2.default)(options.state)) {
|
|
155
146
|
options.state = _common.base64.toBase64Url((0, _stringify.default)(options.state));
|
|
@@ -157,11 +148,9 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
157
148
|
delete options.state;
|
|
158
149
|
}
|
|
159
150
|
}
|
|
160
|
-
|
|
161
151
|
return "".concat(this.config.authorizeUrl, "?").concat(_querystring.default.stringify(options));
|
|
162
152
|
/* eslint-enable camelcase */
|
|
163
153
|
},
|
|
164
|
-
|
|
165
154
|
/**
|
|
166
155
|
* Get the determined OrgId.
|
|
167
156
|
*
|
|
@@ -170,7 +159,6 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
170
159
|
*/
|
|
171
160
|
getOrgId: function getOrgId() {
|
|
172
161
|
this.logger.info('credentials: attempting to retrieve the OrgId from token');
|
|
173
|
-
|
|
174
162
|
try {
|
|
175
163
|
// Attempt to extract a client-authenticated token's OrgId.
|
|
176
164
|
this.logger.info('credentials: trying to extract OrgId from JWT');
|
|
@@ -179,10 +167,8 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
179
167
|
// Attempt to extract a user token's OrgId.
|
|
180
168
|
this.logger.info('credentials: could not extract OrgId from JWT');
|
|
181
169
|
this.logger.info('credentials: attempting to extract OrgId from user token');
|
|
182
|
-
|
|
183
170
|
try {
|
|
184
171
|
var _this$supertoken;
|
|
185
|
-
|
|
186
172
|
return this.extractOrgIdFromUserToken((_this$supertoken = this.supertoken) === null || _this$supertoken === void 0 ? void 0 : _this$supertoken.access_token);
|
|
187
173
|
} catch (f) {
|
|
188
174
|
this.logger.info('credentials: could not extract OrgId from user token');
|
|
@@ -190,7 +176,6 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
190
176
|
}
|
|
191
177
|
}
|
|
192
178
|
},
|
|
193
|
-
|
|
194
179
|
/**
|
|
195
180
|
* Extract the OrgId [realm] from a provided JWT.
|
|
196
181
|
*
|
|
@@ -201,23 +186,20 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
201
186
|
*/
|
|
202
187
|
extractOrgIdFromJWT: function extractOrgIdFromJWT() {
|
|
203
188
|
var token = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : '';
|
|
204
|
-
|
|
205
189
|
// Decoded the provided token.
|
|
206
|
-
var decodedJWT = _jsonwebtoken.default.decode(token);
|
|
207
|
-
|
|
190
|
+
var decodedJWT = _jsonwebtoken.default.decode(token);
|
|
208
191
|
|
|
192
|
+
// Validate that the provided token is a JWT.
|
|
209
193
|
if (!decodedJWT) {
|
|
210
194
|
throw new Error('unable to extract the OrgId from the provided JWT');
|
|
211
195
|
}
|
|
212
|
-
|
|
213
196
|
if (!decodedJWT.realm) {
|
|
214
197
|
throw new Error('the provided JWT does not contain an OrgId');
|
|
215
|
-
}
|
|
216
|
-
|
|
198
|
+
}
|
|
217
199
|
|
|
200
|
+
// Return the OrgId [realm].
|
|
218
201
|
return decodedJWT.realm;
|
|
219
202
|
},
|
|
220
|
-
|
|
221
203
|
/**
|
|
222
204
|
* Extract the OrgId [realm] from a provided user token.
|
|
223
205
|
*
|
|
@@ -229,16 +211,16 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
229
211
|
extractOrgIdFromUserToken: function extractOrgIdFromUserToken() {
|
|
230
212
|
var token = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : '';
|
|
231
213
|
// Split the provided token into subsections.
|
|
232
|
-
var fields = token.split('_');
|
|
214
|
+
var fields = token.split('_');
|
|
233
215
|
|
|
216
|
+
// Validate that the provided token has the proper amount of sections.
|
|
234
217
|
if (fields.length !== 3) {
|
|
235
218
|
throw new Error('the provided token is not a valid format');
|
|
236
|
-
}
|
|
237
|
-
|
|
219
|
+
}
|
|
238
220
|
|
|
221
|
+
// Return the token section that contains the OrgId.
|
|
239
222
|
return fields[2];
|
|
240
223
|
},
|
|
241
|
-
|
|
242
224
|
/**
|
|
243
225
|
* Generates a Logout URL
|
|
244
226
|
* @instance
|
|
@@ -248,12 +230,11 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
248
230
|
*/
|
|
249
231
|
buildLogoutUrl: function buildLogoutUrl() {
|
|
250
232
|
var options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
|
|
251
|
-
return "".concat(this.config.logoutUrl, "?").concat(_querystring.default.stringify((
|
|
233
|
+
return "".concat(this.config.logoutUrl, "?").concat(_querystring.default.stringify(_objectSpread({
|
|
252
234
|
cisService: this.config.service,
|
|
253
235
|
goto: this.config.redirect_uri
|
|
254
236
|
}, options)));
|
|
255
237
|
},
|
|
256
|
-
|
|
257
238
|
/**
|
|
258
239
|
* Generates a number between 60% - 90% of expired value
|
|
259
240
|
* @instance
|
|
@@ -267,7 +248,6 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
267
248
|
},
|
|
268
249
|
constructor: function constructor() {
|
|
269
250
|
var _this = this;
|
|
270
|
-
|
|
271
251
|
// HACK to deal with the fact that AmpersandState#dataTypes#set is a pure
|
|
272
252
|
// function.
|
|
273
253
|
this._dataTypes = (0, _cloneDeep2.default)(this._dataTypes);
|
|
@@ -275,15 +255,13 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
275
255
|
if (_this._dataTypes[key].set) {
|
|
276
256
|
_this._dataTypes[key].set = _this._dataTypes[key].set.bind(_this);
|
|
277
257
|
}
|
|
278
|
-
});
|
|
279
|
-
|
|
258
|
+
});
|
|
259
|
+
// END HACK
|
|
280
260
|
for (var _len = arguments.length, args = new Array(_len), _key = 0; _key < _len; _key++) {
|
|
281
261
|
args[_key] = arguments[_key];
|
|
282
262
|
}
|
|
283
|
-
|
|
284
263
|
(0, _apply.default)(_webexPlugin.default, this, args);
|
|
285
264
|
},
|
|
286
|
-
|
|
287
265
|
/**
|
|
288
266
|
* Downscopes a token
|
|
289
267
|
* @instance
|
|
@@ -294,20 +272,24 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
294
272
|
*/
|
|
295
273
|
downscope: function downscope(scope) {
|
|
296
274
|
var _this2 = this;
|
|
297
|
-
|
|
298
275
|
return this.supertoken.downscope(scope).catch(function (reason) {
|
|
299
|
-
|
|
300
|
-
|
|
276
|
+
var _reason$body;
|
|
277
|
+
var failReason = (_reason$body = reason === null || reason === void 0 ? void 0 : reason.body) !== null && _reason$body !== void 0 ? _reason$body : reason;
|
|
278
|
+
_this2.logger.warn("credentials: failed to downscope supertoken to \"".concat(scope, "\""), failReason);
|
|
301
279
|
_this2.logger.trace("credentials: falling back to supertoken for ".concat(scope));
|
|
302
|
-
|
|
303
|
-
|
|
280
|
+
_this2.webex.internal.metrics.submitClientMetrics(_constants.METRICS.JS_SDK_CREDENTIALS_DOWNSCOPE_FAILED, {
|
|
281
|
+
fields: {
|
|
282
|
+
requestedScope: scope,
|
|
283
|
+
failReason: failReason
|
|
284
|
+
}
|
|
285
|
+
});
|
|
286
|
+
return _promise.default.resolve(new _token.default(_objectSpread({
|
|
304
287
|
scope: scope
|
|
305
288
|
}, _this2.supertoken.serialize())), {
|
|
306
289
|
parent: _this2
|
|
307
290
|
});
|
|
308
291
|
});
|
|
309
292
|
},
|
|
310
|
-
|
|
311
293
|
/**
|
|
312
294
|
* Requests a client credentials grant and returns the token. Given the
|
|
313
295
|
* limited use for such tokens as this time, this method does not cache its
|
|
@@ -319,7 +301,6 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
319
301
|
*/
|
|
320
302
|
getClientToken: function getClientToken() {
|
|
321
303
|
var _this3 = this;
|
|
322
|
-
|
|
323
304
|
var options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
|
|
324
305
|
this.logger.info('credentials: requesting client credentials grant');
|
|
325
306
|
return this.webex.request({
|
|
@@ -338,7 +319,6 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
338
319
|
},
|
|
339
320
|
shouldRefreshAccessToken: false
|
|
340
321
|
/* eslint-enable camelcase */
|
|
341
|
-
|
|
342
322
|
}).then(function (res) {
|
|
343
323
|
return new _token.default(res.body, {
|
|
344
324
|
parent: _this3
|
|
@@ -347,13 +327,10 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
347
327
|
if (res.statusCode !== 400) {
|
|
348
328
|
return _promise.default.reject(res);
|
|
349
329
|
}
|
|
350
|
-
|
|
351
330
|
var ErrorConstructor = _grantErrors.default.select(res.body.error);
|
|
352
|
-
|
|
353
331
|
return _promise.default.reject(new ErrorConstructor(res._res || res));
|
|
354
332
|
});
|
|
355
333
|
},
|
|
356
|
-
|
|
357
334
|
/**
|
|
358
335
|
* Resolves with a token with the specified scopes. If no scope is specified,
|
|
359
336
|
* defaults to omit(webex.credentials.scope, 'spark:kms'). If no such token is
|
|
@@ -365,46 +342,36 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
365
342
|
*/
|
|
366
343
|
getUserToken: function getUserToken(scope) {
|
|
367
344
|
var _this4 = this;
|
|
368
|
-
|
|
369
345
|
return _promise.default.resolve(!this.isRefreshing || new _promise.default(function (resolve) {
|
|
370
346
|
_this4.logger.info('credentials: token refresh inflight; delaying getUserToken until refresh completes');
|
|
371
|
-
|
|
372
347
|
_this4.once('change:isRefreshing', function () {
|
|
373
348
|
_this4.logger.info('credentials: token refresh complete; reinvoking getUserToken');
|
|
374
|
-
|
|
375
349
|
resolve();
|
|
376
350
|
});
|
|
377
351
|
})).then(function () {
|
|
378
352
|
if (!_this4.canAuthorize) {
|
|
379
353
|
_this4.logger.info('credentials: cannot produce an access token from current state');
|
|
380
|
-
|
|
381
354
|
return _promise.default.reject(new Error('Current state cannot produce an access token'));
|
|
382
355
|
}
|
|
383
|
-
|
|
384
356
|
if (!scope) {
|
|
385
|
-
scope = (0, _scope.filterScope)('spark:kms', _this4.
|
|
357
|
+
scope = (0, _scope.filterScope)('spark:kms', _this4.supertoken.scope);
|
|
386
358
|
}
|
|
387
|
-
|
|
388
359
|
scope = (0, _scope.sortScope)(scope);
|
|
389
|
-
|
|
390
|
-
if (scope === (0, _scope.sortScope)(_this4.config.scope)) {
|
|
360
|
+
if (scope === (0, _scope.sortScope)(_this4.supertoken.scope)) {
|
|
391
361
|
return _promise.default.resolve(_this4.supertoken);
|
|
392
362
|
}
|
|
363
|
+
var token = _this4.userTokens.get(scope);
|
|
393
364
|
|
|
394
|
-
|
|
365
|
+
// we should also check for the token.access_token since token object does
|
|
395
366
|
// not get cleared on unsetting while logging out.
|
|
396
|
-
|
|
397
|
-
|
|
398
367
|
if (!token || !token.access_token) {
|
|
399
368
|
return _this4.downscope(scope).then((0, _common.tap)(function (t) {
|
|
400
369
|
return _this4.userTokens.add(t);
|
|
401
370
|
}));
|
|
402
371
|
}
|
|
403
|
-
|
|
404
372
|
return _promise.default.resolve(token);
|
|
405
373
|
});
|
|
406
374
|
},
|
|
407
|
-
|
|
408
375
|
/**
|
|
409
376
|
* Initializer
|
|
410
377
|
* @instance
|
|
@@ -416,37 +383,32 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
416
383
|
*/
|
|
417
384
|
initialize: function initialize(attrs, options) {
|
|
418
385
|
var _this5 = this;
|
|
419
|
-
|
|
420
386
|
if (attrs) {
|
|
421
387
|
if (typeof attrs === 'string') {
|
|
422
388
|
this.supertoken = attrs;
|
|
423
389
|
}
|
|
424
|
-
|
|
425
390
|
if (attrs.access_token) {
|
|
426
391
|
this.supertoken = attrs;
|
|
427
392
|
}
|
|
428
|
-
|
|
429
393
|
if (attrs.authorization) {
|
|
430
394
|
if (attrs.authorization.supertoken) {
|
|
431
395
|
this.supertoken = attrs.authorization.supertoken;
|
|
432
396
|
} else {
|
|
433
397
|
this.supertoken = attrs.authorization;
|
|
434
398
|
}
|
|
435
|
-
}
|
|
436
|
-
|
|
399
|
+
}
|
|
437
400
|
|
|
401
|
+
// schedule refresh
|
|
438
402
|
if (this.supertoken && this.supertoken.expires) {
|
|
439
403
|
this.scheduleRefresh(this.supertoken.expires);
|
|
440
404
|
}
|
|
441
405
|
}
|
|
442
|
-
|
|
443
406
|
(0, _apply.default)(_webexPlugin.default.prototype.initialize, this, [attrs, options]);
|
|
444
407
|
this.listenToOnce(this.parent, 'change:config', function () {
|
|
445
408
|
if (_this5.config.authorizationString) {
|
|
446
409
|
var parsed = _url.default.parse(_this5.config.authorizationString, true);
|
|
447
|
-
/* eslint-disable camelcase */
|
|
448
|
-
|
|
449
410
|
|
|
411
|
+
/* eslint-disable camelcase */
|
|
450
412
|
_this5.config.client_id = parsed.query.client_id;
|
|
451
413
|
_this5.config.redirect_uri = parsed.query.redirect_uri;
|
|
452
414
|
_this5.config.scope = parsed.query.scope;
|
|
@@ -454,11 +416,11 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
454
416
|
/* eslint-enable camelcase */
|
|
455
417
|
}
|
|
456
418
|
});
|
|
419
|
+
|
|
457
420
|
this.webex.once('loaded', function () {
|
|
458
421
|
_this5.ready = true;
|
|
459
422
|
});
|
|
460
423
|
},
|
|
461
|
-
|
|
462
424
|
/**
|
|
463
425
|
* Clears all tokens from store them from the stores.
|
|
464
426
|
*
|
|
@@ -469,19 +431,18 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
469
431
|
* @returns {Promise}
|
|
470
432
|
*/
|
|
471
433
|
invalidate: function invalidate() {
|
|
472
|
-
this.logger.info('credentials: invalidating tokens');
|
|
434
|
+
this.logger.info('credentials: invalidating tokens');
|
|
473
435
|
|
|
436
|
+
// clear refresh timer
|
|
474
437
|
if (this.refreshTimer) {
|
|
475
438
|
clearTimeout(this.refreshTimer);
|
|
476
439
|
this.unset('refreshTimer');
|
|
477
440
|
}
|
|
478
|
-
|
|
479
441
|
try {
|
|
480
442
|
this.unset('supertoken');
|
|
481
443
|
} catch (err) {
|
|
482
444
|
this.logger.warn('credentials: failed to clear supertoken', err);
|
|
483
445
|
}
|
|
484
|
-
|
|
485
446
|
while (this.userTokens.models.length) {
|
|
486
447
|
try {
|
|
487
448
|
this.userTokens.remove(this.userTokens.models[0]);
|
|
@@ -489,13 +450,12 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
489
450
|
this.logger.warn('credentials: failed to remove user token', err);
|
|
490
451
|
}
|
|
491
452
|
}
|
|
453
|
+
this.logger.info('credentials: finished removing tokens');
|
|
492
454
|
|
|
493
|
-
|
|
455
|
+
// Return a promise to give the storage layer a tick or two to clear
|
|
494
456
|
// localStorage
|
|
495
|
-
|
|
496
457
|
return _promise.default.resolve();
|
|
497
458
|
},
|
|
498
|
-
|
|
499
459
|
/**
|
|
500
460
|
* Removes the supertoken and child tokens, then refreshes the supertoken;
|
|
501
461
|
* subsequent calls to {@link Credentials#getUserToken()} will re-downscope
|
|
@@ -507,75 +467,77 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
507
467
|
*/
|
|
508
468
|
refresh: function refresh() {
|
|
509
469
|
var _this6 = this;
|
|
510
|
-
|
|
511
470
|
this.logger.info('credentials: refresh requested');
|
|
512
471
|
var supertoken = this.supertoken;
|
|
513
|
-
var tokens = (0, _clone2.default)(this.userTokens.models);
|
|
472
|
+
var tokens = (0, _clone2.default)(this.userTokens.models);
|
|
473
|
+
|
|
474
|
+
// This is kind of a leaky abstraction, since it relies on the authorization
|
|
514
475
|
// plugin, but the only alternatives I see are
|
|
515
476
|
// 1. put all JWT support in core
|
|
516
477
|
// 2. have separate jwt and non-jwt auth plugins
|
|
517
478
|
// while I like #2 from a code simplicity standpoint, the third-party DX
|
|
518
479
|
// isn't great
|
|
519
|
-
|
|
520
480
|
if (this.config.jwtRefreshCallback) {
|
|
521
|
-
return this.config.jwtRefreshCallback(this.webex)
|
|
481
|
+
return this.config.jwtRefreshCallback(this.webex)
|
|
482
|
+
// eslint-disable-next-line no-shadow
|
|
483
|
+
.then(function (jwt) {
|
|
522
484
|
return _this6.webex.authorization.requestAccessTokenFromJwt({
|
|
523
485
|
jwt: jwt
|
|
524
486
|
});
|
|
525
487
|
});
|
|
526
488
|
}
|
|
527
|
-
|
|
528
489
|
if (this.webex.internal.services) {
|
|
529
490
|
this.webex.internal.services.updateCredentialsConfig();
|
|
530
491
|
}
|
|
531
|
-
|
|
532
|
-
|
|
492
|
+
return supertoken.refresh().catch(function (error) {
|
|
493
|
+
if (error instanceof _grantErrors.OAuthError) {
|
|
494
|
+
// Error: super token refresh failed with 400 status code.
|
|
495
|
+
// Hence emit an event to the client, an opportunity to logout.
|
|
496
|
+
_this6.unset('supertoken');
|
|
497
|
+
while (_this6.userTokens.models.length) {
|
|
498
|
+
try {
|
|
499
|
+
_this6.userTokens.remove(_this6.userTokens.models[0]);
|
|
500
|
+
} catch (err) {
|
|
501
|
+
_this6.logger.warn('credentials: failed to remove user token', err);
|
|
502
|
+
}
|
|
503
|
+
}
|
|
504
|
+
_this6.webex.trigger('client:InvalidRequestError');
|
|
505
|
+
}
|
|
506
|
+
return _promise.default.reject(error);
|
|
507
|
+
}).then(function (st) {
|
|
533
508
|
// clear refresh timer
|
|
534
509
|
if (_this6.refreshTimer) {
|
|
535
510
|
clearTimeout(_this6.refreshTimer);
|
|
536
|
-
|
|
537
511
|
_this6.unset('refreshTimer');
|
|
538
512
|
}
|
|
539
|
-
|
|
540
513
|
_this6.supertoken = st;
|
|
514
|
+
var invalidScopes = (0, _scope.diffScopes)(_this6.config.scope, st.scope);
|
|
515
|
+
if (invalidScopes !== '') {
|
|
516
|
+
_this6.logger.warn("credentials: \"".concat(invalidScopes, "\" scope(s) are invalid because not listed in the supertoken, they will be excluded from user token requests."));
|
|
517
|
+
_this6.webex.internal.metrics.submitClientMetrics(_constants.METRICS.JS_SDK_CREDENTIALS_TOKEN_REFRESH_SCOPE_MISMATCH, {
|
|
518
|
+
fields: {
|
|
519
|
+
invalidScopes: invalidScopes
|
|
520
|
+
}
|
|
521
|
+
});
|
|
522
|
+
}
|
|
541
523
|
return _promise.default.all(tokens.map(function (token) {
|
|
542
|
-
|
|
524
|
+
var tokenScope = (0, _scope.filterScope)((0, _scope.diffScopes)(token.scope, st.scope), token.scope);
|
|
525
|
+
return _this6.downscope(tokenScope)
|
|
526
|
+
// eslint-disable-next-line max-nested-callbacks
|
|
543
527
|
.then(function (t) {
|
|
544
528
|
_this6.logger.info("credentials: revoking token for ".concat(token.scope));
|
|
545
|
-
|
|
546
529
|
return token.revoke().catch(function (err) {
|
|
547
530
|
_this6.logger.warn('credentials: failed to revoke user token', err);
|
|
548
531
|
}).then(function () {
|
|
549
532
|
_this6.userTokens.remove(token.scope);
|
|
550
|
-
|
|
551
533
|
_this6.userTokens.add(t);
|
|
552
534
|
});
|
|
553
535
|
});
|
|
554
536
|
}));
|
|
555
537
|
}).then(function () {
|
|
556
538
|
_this6.scheduleRefresh(_this6.supertoken.expires);
|
|
557
|
-
}).catch(function (error) {
|
|
558
|
-
var InvalidRequestError = _grantErrors.default.InvalidRequestError;
|
|
559
|
-
|
|
560
|
-
if (error instanceof InvalidRequestError) {
|
|
561
|
-
// Error: The refresh token provided is expired, revoked, malformed, or invalid. Hence emit an event to the client, an opportunity to logout.
|
|
562
|
-
_this6.unset('supertoken');
|
|
563
|
-
|
|
564
|
-
while (_this6.userTokens.models.length) {
|
|
565
|
-
try {
|
|
566
|
-
_this6.userTokens.remove(_this6.userTokens.models[0]);
|
|
567
|
-
} catch (err) {
|
|
568
|
-
_this6.logger.warn('credentials: failed to remove user token', err);
|
|
569
|
-
}
|
|
570
|
-
}
|
|
571
|
-
|
|
572
|
-
_this6.webex.trigger('client:InvalidRequestError');
|
|
573
|
-
}
|
|
574
|
-
|
|
575
|
-
return _promise.default.reject(error);
|
|
576
539
|
});
|
|
577
540
|
},
|
|
578
|
-
|
|
579
541
|
/**
|
|
580
542
|
* Schedules a token refresh or refreshes the token if token has expired
|
|
581
543
|
* @instance
|
|
@@ -586,9 +548,7 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
586
548
|
*/
|
|
587
549
|
scheduleRefresh: function scheduleRefresh(expires) {
|
|
588
550
|
var _this7 = this;
|
|
589
|
-
|
|
590
551
|
var expiresIn = expires - (0, _now.default)();
|
|
591
|
-
|
|
592
552
|
if (expiresIn > 0) {
|
|
593
553
|
var timeoutLength = this.calcRefreshTimeout(expiresIn);
|
|
594
554
|
this.refreshTimer = (0, _commonTimers.safeSetTimeout)(function () {
|
|
@@ -598,9 +558,8 @@ var Credentials = _webexPlugin.default.extend((_dec = (0, _common.oneFlight)({
|
|
|
598
558
|
this.refresh();
|
|
599
559
|
}
|
|
600
560
|
},
|
|
601
|
-
version: "3.0.0-beta.
|
|
561
|
+
version: "3.0.0-beta.400"
|
|
602
562
|
}, ((0, _applyDecoratedDescriptor2.default)(_obj, "getUserToken", [_dec, _dec2], (0, _getOwnPropertyDescriptor.default)(_obj, "getUserToken"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "initialize", [_dec3], (0, _getOwnPropertyDescriptor.default)(_obj, "initialize"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "invalidate", [_common.oneFlight, _dec4], (0, _getOwnPropertyDescriptor.default)(_obj, "invalidate"), _obj), (0, _applyDecoratedDescriptor2.default)(_obj, "refresh", [_common.oneFlight, _dec5, _dec6], (0, _getOwnPropertyDescriptor.default)(_obj, "refresh"), _obj)), _obj)));
|
|
603
|
-
|
|
604
563
|
var _default = Credentials;
|
|
605
564
|
exports.default = _default;
|
|
606
565
|
//# sourceMappingURL=credentials.js.map
|