npm - emulate - Versions diffs - 0.4.1 → 0.6.0 - Mend

emulate 0.4.1 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (50) hide show

package/README.md +198 -27
package/dist/api.d.ts +2 -1
package/dist/api.js +675 -103
package/dist/api.js.map +1 -1
package/dist/chunk-WVQMFHQM.js +83 -0
package/dist/chunk-WVQMFHQM.js.map +1 -0
package/dist/{dist-B674PYKV.js → dist-2ZZGNPJI.js} +22 -43
package/dist/dist-2ZZGNPJI.js.map +1 -0
package/dist/{dist-RDFBZ5O6.js → dist-CXRPM6BK.js} +211 -48
package/dist/dist-CXRPM6BK.js.map +1 -0
package/dist/{dist-VVXVP5EZ.js → dist-DSJSF3GY.js} +551 -91
package/dist/dist-DSJSF3GY.js.map +1 -0
package/dist/{dist-RMK3BS5M.js → dist-IFULY5LE.js} +196 -33
package/dist/dist-IFULY5LE.js.map +1 -0
package/dist/dist-IRUBHCZU.js +1898 -0
package/dist/dist-IRUBHCZU.js.map +1 -0
package/dist/{dist-YOVM5HEY.js → dist-NJJLJT2N.js} +520 -61
package/dist/dist-NJJLJT2N.js.map +1 -0
package/dist/dist-OGSAVJ25.js +4874 -0
package/dist/dist-OGSAVJ25.js.map +1 -0
package/dist/{dist-H6JYGQM4.js → dist-PO4CL5SJ.js} +271 -158
package/dist/dist-PO4CL5SJ.js.map +1 -0
package/dist/{dist-QMOJM6DV.js → dist-R3TNKUIE.js} +238 -55
package/dist/dist-R3TNKUIE.js.map +1 -0
package/dist/{dist-6JFNJPUU.js → dist-WACHAAVU.js} +171 -22
package/dist/dist-WACHAAVU.js.map +1 -0
package/dist/{dist-OTJZRQ3Q.js → dist-XWWZVLQQ.js} +216 -75
package/dist/dist-XWWZVLQQ.js.map +1 -0
package/dist/{dist-6EW7SSOZ.js → dist-ZY5SZSJ2.js} +397 -223
package/dist/dist-ZY5SZSJ2.js.map +1 -0
package/dist/fonts/favicon.ico +0 -0
package/dist/helpers-LXLP3DFE-LBOTATT5.js +17 -0
package/dist/helpers-LXLP3DFE-LBOTATT5.js.map +1 -0
package/dist/index.js +812 -117
package/dist/index.js.map +1 -1
package/package.json +17 -15
package/dist/chunk-TEPNEZ63.js +0 -2143
package/dist/chunk-TEPNEZ63.js.map +0 -1
package/dist/dist-6EW7SSOZ.js.map +0 -1
package/dist/dist-6JFNJPUU.js.map +0 -1
package/dist/dist-B674PYKV.js.map +0 -1
package/dist/dist-G7WQPZ3Y.js +0 -1287
package/dist/dist-G7WQPZ3Y.js.map +0 -1
package/dist/dist-H6JYGQM4.js.map +0 -1
package/dist/dist-OTJZRQ3Q.js.map +0 -1
package/dist/dist-QMOJM6DV.js.map +0 -1
package/dist/dist-RDFBZ5O6.js.map +0 -1
package/dist/dist-RMK3BS5M.js.map +0 -1
package/dist/dist-VVXVP5EZ.js.map +0 -1
package/dist/dist-YOVM5HEY.js.map +0 -1

package/dist/{dist-OTJZRQ3Q.js → dist-XWWZVLQQ.js} RENAMED Viewed

@@ -3,7 +3,6 @@ import {
   exportJWK,
   generateKeyPair
 } from "./chunk-D6EKRYGP.js";
-import "./chunk-TEPNEZ63.js";
 // ../@emulators/okta/dist/index.js
 import { randomUUID } from "crypto";
@@ -129,6 +128,7 @@ var FONTS = {
   "geist-sans.woff2": readFileSync(join(__dirname, "fonts", "geist-sans.woff2")),
   "GeistPixel-Square.woff2": readFileSync(join(__dirname, "fonts", "GeistPixel-Square.woff2"))
 };
+var FAVICON = readFileSync(join(__dirname, "fonts", "favicon.ico"));
 function parsePagination(c) {
   const page = Math.max(1, parseInt(c.req.query("page") ?? "1", 10) || 1);
   const per_page = Math.min(100, Math.max(1, parseInt(c.req.query("per_page") ?? "30", 10) || 30));
@@ -306,6 +306,132 @@ body{
 .app-link-name{font-weight:600;font-size:.875rem;color:#33ff00;}
 .app-link-scopes{font-size:.6875rem;color:#1a8c00;margin-top:1px;}
 .empty{color:#1a8c00;text-align:center;padding:28px 0;font-size:.875rem;}
+.inspector-layout{max-width:960px;margin:0 auto;padding:28px 20px;}
+.inspector-tabs{display:flex;gap:4px;margin-bottom:20px;}
+.inspector-tabs a{
+  padding:7px 16px;border-radius:6px;text-decoration:none;
+  font-size:.8125rem;color:#1a8c00;border:1px solid transparent;
+  transition:color .15s,border-color .15s;
+}
+.inspector-tabs a:hover{color:#33ff00;}
+.inspector-tabs a.active{color:#33ff00;font-weight:600;border-color:#0a3300;background:#0a3300;}
+.inspector-section{margin-bottom:24px;}
+.inspector-section h2{
+  font-family:'Geist Pixel',monospace;
+  font-size:1rem;font-weight:600;color:#33ff00;margin-bottom:10px;
+}
+.inspector-section h3{
+  font-family:'Geist Pixel',monospace;
+  font-size:.875rem;font-weight:600;color:#1a8c00;margin:16px 0 8px;
+}
+.inspector-table{width:100%;border-collapse:collapse;margin-bottom:12px;}
+.inspector-table th,.inspector-table td{
+  text-align:left;padding:8px 12px;border-bottom:1px solid #0a3300;
+  font-size:.8125rem;
+}
+.inspector-table th{color:#1a8c00;font-weight:600;font-size:.75rem;text-transform:uppercase;letter-spacing:.04em;}
+.inspector-table td{color:#33ff00;}
+.inspector-table tbody tr{transition:background .1s;}
+.inspector-table tbody tr:hover{background:#0a3300;}
+.inspector-empty{color:#1a8c00;text-align:center;padding:20px 0;font-size:.8125rem;}
+.checkout-layout{
+  display:flex;min-height:calc(100vh - 42px);
+}
+.checkout-summary{
+  flex:1;background:#020;padding:48px 40px 48px 10%;
+  display:flex;flex-direction:column;justify-content:center;
+  border-right:1px solid #0a3300;
+}
+.checkout-form-side{
+  flex:1;background:#000;padding:48px 10% 48px 40px;
+  display:flex;flex-direction:column;justify-content:center;
+}
+.checkout-merchant{
+  display:flex;align-items:center;gap:10px;margin-bottom:6px;
+}
+.checkout-merchant-name{
+  font-family:'Geist Pixel',monospace;
+  font-size:.9375rem;font-weight:600;color:#33ff00;
+}
+.checkout-test-badge{
+  font-size:.625rem;font-weight:700;letter-spacing:.04em;text-transform:uppercase;
+  background:#0a3300;color:#1a8c00;padding:2px 8px;border-radius:4px;
+}
+.checkout-total{
+  font-family:'Geist Pixel',monospace;
+  font-size:2rem;font-weight:700;color:#33ff00;margin:8px 0 28px;
+}
+.checkout-line-item{
+  display:flex;align-items:center;gap:14px;padding:14px 0;
+  border-bottom:1px solid #0a3300;
+}
+.checkout-line-item:first-child{border-top:1px solid #0a3300;}
+.checkout-item-icon{
+  width:42px;height:42px;border-radius:6px;background:#0a3300;
+  display:flex;align-items:center;justify-content:center;flex-shrink:0;
+  font-family:'Geist Pixel',monospace;font-size:.875rem;font-weight:700;color:#116600;
+}
+.checkout-item-details{flex:1;min-width:0;}
+.checkout-item-name{font-size:.875rem;font-weight:600;color:#33ff00;}
+.checkout-item-qty{font-size:.75rem;color:#1a8c00;margin-top:2px;}
+.checkout-item-price{
+  font-size:.875rem;font-weight:600;color:#33ff00;text-align:right;white-space:nowrap;
+}
+.checkout-item-unit{font-size:.6875rem;color:#1a8c00;text-align:right;margin-top:2px;}
+.checkout-totals{margin-top:20px;}
+.checkout-totals-row{
+  display:flex;justify-content:space-between;padding:6px 0;
+  font-size:.8125rem;color:#1a8c00;
+}
+.checkout-totals-row.total{
+  border-top:1px solid #0a3300;margin-top:8px;padding-top:14px;
+  font-size:.9375rem;font-weight:600;color:#33ff00;
+}
+.checkout-form-section{margin-bottom:24px;}
+.checkout-form-label{
+  font-size:.8125rem;font-weight:600;color:#33ff00;margin-bottom:8px;display:block;
+}
+.checkout-input{
+  width:100%;padding:10px 12px;border:1px solid #0a3300;border-radius:6px;
+  background:#020;color:#33ff00;font:inherit;font-size:.875rem;
+  transition:border-color .15s;outline:none;
+}
+.checkout-input:focus{border-color:#33ff00;}
+.checkout-input::placeholder{color:#116600;}
+.checkout-card-box{
+  border:1px solid #0a3300;border-radius:6px;padding:14px;
+  background:#020;
+}
+.checkout-card-row{
+  display:flex;gap:12px;margin-top:10px;
+}
+.checkout-card-row .checkout-input{flex:1;}
+.checkout-sim-note{
+  font-size:.6875rem;color:#1a8c00;margin-top:10px;text-align:center;
+  font-style:italic;
+}
+.checkout-pay-btn{
+  width:100%;padding:14px;border:none;border-radius:8px;
+  background:#33ff00;color:#000;font:inherit;font-size:.9375rem;font-weight:700;
+  cursor:pointer;transition:background .15s;
+  font-family:'Geist Pixel',monospace;
+}
+.checkout-pay-btn:hover{background:#44ff22;}
+.checkout-cancel{
+  text-align:center;margin-top:14px;
+}
+.checkout-cancel a{
+  color:#1a8c00;text-decoration:none;font-size:.8125rem;
+  transition:color .15s;
+}
+.checkout-cancel a:hover{color:#33ff00;}
+@media(max-width:768px){
+  .checkout-layout{flex-direction:column;}
+  .checkout-summary{padding:32px 20px;border-right:none;border-bottom:1px solid #0a3300;}
+  .checkout-form-side{padding:32px 20px;}
+}
 `;
 var POWERED_BY = `<div class="powered-by">Powered by <a href="https://emulate.dev" target="_blank" rel="noopener">emulate</a></div>`;
 function emuBar(service) {
@@ -325,6 +451,7 @@ function head(title) {
 <head>
 <meta charset="utf-8"/>
 <meta name="viewport" content="width=device-width,initial-scale=1"/>
+<link rel="icon" href="/_emulate/favicon.ico"/>
 <title>${escapeHtml(title)} | emulate</title>
 <style>${CSS}</style>
 </head>`;
@@ -356,6 +483,25 @@ ${emuBar(service)}
 ${POWERED_BY}
 </body></html>`;
 }
+function renderFormPostPage(action, fields, service) {
+  const hiddens = Object.entries(fields).filter(([, v]) => v != null).map(([k, v]) => `<input type="hidden" name="${escapeAttr(k)}" value="${escapeAttr(v)}"/>`).join("\n");
+  return `${head("Redirecting")}
+<body onload="document.forms[0].submit()">
+${emuBar(service)}
+<div class="content">
+  <div class="content-inner" style="text-align:center">
+    <div class="card-subtitle">Redirecting&hellip;</div>
+    <form method="POST" action="${escapeAttr(action)}">
+${hiddens}
+    <noscript><button type="submit" class="user-btn" style="margin-top:12px;justify-content:center">
+      <span class="user-login">Continue</span>
+    </button></noscript>
+    </form>
+  </div>
+</div>
+${POWERED_BY}
+</body></html>`;
+}
 function renderUserButton(opts) {
   const hiddens = Object.entries(opts.hiddenFields).map(([k, v]) => `<input type="hidden" name="${escapeAttr(k)}" value="${escapeAttr(v)}"/>`).join("");
   const nameLine = opts.name ? `<div class="user-meta">${escapeHtml(opts.name)}</div>` : "";
@@ -538,7 +684,10 @@ function getOktaStore(store) {
     apps: store.collection("okta.apps", ["okta_id", "name"]),
     oauthClients: store.collection("okta.oauth_clients", ["client_id", "auth_server_id"]),
     authorizationServers: store.collection("okta.auth_servers", ["server_id"]),
-    groupMemberships: store.collection("okta.group_memberships", ["group_okta_id", "user_okta_id"]),
+    groupMemberships: store.collection("okta.group_memberships", [
+      "group_okta_id",
+      "user_okta_id"
+    ]),
     appAssignments: store.collection("okta.app_assignments", ["app_okta_id", "user_okta_id"])
   };
 }
@@ -550,9 +699,7 @@ function appRoutes({ app, store, baseUrl, tokenMap }) {
     const q = (c.req.query("q") ?? "").toLowerCase();
     let apps = oktaStore.apps.all();
     if (q) {
-      apps = apps.filter(
-        (entry) => `${entry.name} ${entry.label}`.toLowerCase().includes(q)
-      );
+      apps = apps.filter((entry) => `${entry.name} ${entry.label}`.toLowerCase().includes(q));
     }
     const { page, per_page } = parsePagination(c);
     const total = apps.length;
@@ -776,9 +923,7 @@ function groupRoutes({ app, store, baseUrl, tokenMap }) {
     const q = (c.req.query("q") ?? "").toLowerCase();
     let groups = oktaStore.groups.all();
     if (q) {
-      groups = groups.filter(
-        (group) => `${group.name} ${group.description ?? ""}`.toLowerCase().includes(q)
-      );
+      groups = groups.filter((group) => `${group.name} ${group.description ?? ""}`.toLowerCase().includes(q));
     }
     const { page, per_page } = parsePagination(c);
     const total = groups.length;
@@ -1080,10 +1225,10 @@ async function createIdToken(oktaStore, user, clientId, nonce, issuer, scope) {
   return new SignJWT(claims).setProtectedHeader({ alg: "RS256", kid: KID, typ: "JWT" }).setIssuer(issuer).setAudience(clientId).setIssuedAt(now).setExpirationTime("1h").sign(privateKey);
 }
 function unauthorizedOAuthError() {
-  return new Response(
-    JSON.stringify({ error: "invalid_token", error_description: "The access token is invalid." }),
-    { status: 401, headers: { "Content-Type": "application/json" } }
-  );
+  return new Response(JSON.stringify({ error: "invalid_token", error_description: "The access token is invalid." }), {
+    status: 401,
+    headers: { "Content-Type": "application/json" }
+  });
 }
 function oauthRoutes({ app, store, baseUrl, tokenMap }) {
   const oktaStore = getOktaStore(store);
@@ -1152,7 +1297,11 @@ function oauthRoutes({ app, store, baseUrl, tokenMap }) {
       }
       if (!matchesRedirectUri(redirectUri, client.redirect_uris)) {
         return c.html(
-          renderErrorPage("Redirect URI mismatch", "The redirect_uri is not registered for this application.", SERVICE_LABEL),
+          renderErrorPage(
+            "Redirect URI mismatch",
+            "The redirect_uri is not registered for this application.",
+            SERVICE_LABEL
+          ),
           400
         );
       }
@@ -1160,25 +1309,27 @@ function oauthRoutes({ app, store, baseUrl, tokenMap }) {
     }
     const users = oktaStore.users.all();
     const callbackPath = `${buildOAuthBasePath(authServerId)}/authorize/callback`;
-    const buttons = users.map((user) => renderUserButton({
-      letter: (user.login[0] ?? "?").toUpperCase(),
-      login: user.login,
-      name: userDisplayName(user),
-      email: user.email,
-      formAction: callbackPath,
-      hiddenFields: {
-        user_ref: user.okta_id,
-        redirect_uri: redirectUri,
-        scope,
-        state,
-        nonce,
-        client_id: clientId,
-        response_mode: responseMode,
-        code_challenge: codeChallenge,
-        code_challenge_method: codeChallengeMethod,
-        auth_server_id: authServerId
-      }
-    })).join("\n");
+    const buttons = users.map(
+      (user) => renderUserButton({
+        letter: (user.login[0] ?? "?").toUpperCase(),
+        login: user.login,
+        name: userDisplayName(user),
+        email: user.email,
+        formAction: callbackPath,
+        hiddenFields: {
+          user_ref: user.okta_id,
+          redirect_uri: redirectUri,
+          scope,
+          state,
+          nonce,
+          client_id: clientId,
+          response_mode: responseMode,
+          code_challenge: codeChallenge,
+          code_challenge_method: codeChallengeMethod,
+          auth_server_id: authServerId
+        }
+      })
+    ).join("\n");
     const subtitle = clientName ? `Sign in to <strong>${escapeHtml(clientName)}</strong> with your Okta account.` : "Choose a seeded user to continue.";
     return c.html(
       renderCardPage(
@@ -1212,10 +1363,7 @@ function oauthRoutes({ app, store, baseUrl, tokenMap }) {
     }
     const user = findUserByRef(oktaStore, userRef);
     if (!user) {
-      return c.html(
-        renderErrorPage("Unknown user", "The selected user is not available.", SERVICE_LABEL),
-        400
-      );
+      return c.html(renderErrorPage("Unknown user", "The selected user is not available.", SERVICE_LABEL), 400);
     }
     const configuredClients = getClientsForServer(oktaStore.oauthClients.all(), authServerId);
     if (configuredClients.length > 0) {
@@ -1228,7 +1376,11 @@ function oauthRoutes({ app, store, baseUrl, tokenMap }) {
       }
       if (!matchesRedirectUri(redirectUri, client.redirect_uris)) {
         return c.html(
-          renderErrorPage("Redirect URI mismatch", "The redirect_uri is not registered for this application.", SERVICE_LABEL),
+          renderErrorPage(
+            "Redirect URI mismatch",
+            "The redirect_uri is not registered for this application.",
+            SERVICE_LABEL
+          ),
           400
         );
       }
@@ -1247,17 +1399,7 @@ function oauthRoutes({ app, store, baseUrl, tokenMap }) {
     });
     debug("okta.oauth", `[callback] code=${code.slice(0, 8)}... user=${user.login} server=${authServerId}`);
     if (responseMode === "form_post") {
-      const html = `<!DOCTYPE html>
-<html>
-<head><title>Submit</title></head>
-<body onload="document.forms[0].submit()">
-<form method="POST" action="${escapeAttr(redirectUri)}">
-<input type="hidden" name="code" value="${escapeAttr(code)}" />
-<input type="hidden" name="state" value="${escapeAttr(state)}" />
-</form>
-</body>
-</html>`;
-      return c.html(html);
+      return c.html(renderFormPostPage(redirectUri, { code, state }, SERVICE_LABEL));
     }
     const url = new URL(redirectUri);
     url.searchParams.set("code", code);
@@ -1265,7 +1407,10 @@ function oauthRoutes({ app, store, baseUrl, tokenMap }) {
     return c.redirect(url.toString(), 302);
   };
   app.post("/oauth2/v1/authorize/callback", (c) => handleAuthorizeCallback(c, ORG_AUTH_SERVER_ID));
-  app.post("/oauth2/:authServerId/v1/authorize/callback", (c) => handleAuthorizeCallback(c, c.req.param("authServerId")));
+  app.post(
+    "/oauth2/:authServerId/v1/authorize/callback",
+    (c) => handleAuthorizeCallback(c, c.req.param("authServerId"))
+  );
   const handleToken = async (c, authServerId) => {
     const server = resolveServer(authServerId, baseUrl, oktaStore);
     if (!server) return oktaError(c, 404, "E0000007", `Not found: authorization server '${authServerId}'`);
@@ -1295,7 +1440,10 @@ function oauthRoutes({ app, store, baseUrl, tokenMap }) {
         return c.json({ error: "invalid_grant", error_description: "redirect_uri does not match." }, 400);
       }
       if (validatedClient && validatedClient.client_id !== pending.clientId) {
-        return c.json({ error: "invalid_grant", error_description: "Authorization code was not issued to this client." }, 400);
+        return c.json(
+          { error: "invalid_grant", error_description: "Authorization code was not issued to this client." },
+          400
+        );
       }
       if (pending.codeChallenge !== null) {
         if (!codeVerifier) {
@@ -1345,14 +1493,7 @@ function oauthRoutes({ app, store, baseUrl, tokenMap }) {
         id: user.id,
         scopes: parseScope(scope)
       });
-      const idToken = await createIdToken(
-        oktaStore,
-        user,
-        audienceClient,
-        pending.nonce,
-        server.issuer,
-        scope
-      );
+      const idToken = await createIdToken(oktaStore, user, audienceClient, pending.nonce, server.issuer, scope);
       return c.json({
         token_type: "Bearer",
         expires_in: 3600,
@@ -1371,7 +1512,10 @@ function oauthRoutes({ app, store, baseUrl, tokenMap }) {
         return c.json({ error: "invalid_grant", error_description: "Authorization server mismatch." }, 400);
       }
       if (validatedClient && validatedClient.client_id !== existing.clientId) {
-        return c.json({ error: "invalid_grant", error_description: "Refresh token was not issued to this client." }, 400);
+        return c.json(
+          { error: "invalid_grant", error_description: "Refresh token was not issued to this client." },
+          400
+        );
       }
       const user = oktaStore.users.findOneBy("okta_id", existing.userOktaId);
       if (!user) return c.json({ error: "invalid_grant", error_description: "Unknown user." }, 400);
@@ -1541,9 +1685,7 @@ function oauthRoutes({ app, store, baseUrl, tokenMap }) {
     if (!postLogoutRedirectUri) return c.text("Logged out");
     const scopedClients = getClientsForServer(oktaStore.oauthClients.all(), authServerId);
     if (scopedClients.length > 0) {
-      const isAllowed = scopedClients.some(
-        (client) => matchesRedirectUri(postLogoutRedirectUri, client.redirect_uris)
-      );
+      const isAllowed = scopedClients.some((client) => matchesRedirectUri(postLogoutRedirectUri, client.redirect_uris));
       if (!isAllowed) return c.text("Invalid post_logout_redirect_uri", 400);
     }
     return c.redirect(postLogoutRedirectUri, 302);
@@ -1665,14 +1807,16 @@ function userRoutes({ app, store, baseUrl, tokenMap }) {
     if (!user) return oktaError(c, 404, "E0000007", "Not found: user");
     const memberships = oktaStore.groupMemberships.findBy("user_okta_id", user.okta_id);
     const groups = memberships.map((membership) => oktaStore.groups.findOneBy("okta_id", membership.group_okta_id)).filter((group) => Boolean(group));
-    return c.json(groups.map((group) => ({
-      id: group.okta_id,
-      profile: {
-        name: group.name,
-        description: group.description
-      },
-      type: group.type
-    })));
+    return c.json(
+      groups.map((group) => ({
+        id: group.okta_id,
+        profile: {
+          name: group.name,
+          description: group.description
+        },
+        type: group.type
+      }))
+    );
   });
   app.post("/api/v1/users/:userId/lifecycle/activate", (c) => {
     const auth = requireManagementAuth(c, tokenMap);
@@ -1818,10 +1962,7 @@ function seedDefaults(store, _baseUrl) {
       client_id: "okta-test-app",
       client_secret: "",
       name: "Sample Public PKCE Client",
-      redirect_uris: [
-        "http://localhost:3000/official-sdk/callback",
-        "http://localhost:3000/official-sdk"
-      ],
+      redirect_uris: ["http://localhost:3000/official-sdk/callback", "http://localhost:3000/official-sdk"],
       response_types: ["code"],
       grant_types: ["authorization_code", "refresh_token"],
       token_endpoint_auth_method: "none",
@@ -1953,4 +2094,4 @@ export {
   oktaPlugin,
   seedFromConfig
 };
-//# sourceMappingURL=dist-OTJZRQ3Q.js.map
+//# sourceMappingURL=dist-XWWZVLQQ.js.map