UNPKG

@okta-dfuhriman/okta-auth-js

Version:
125 lines (121 loc) 5.19 kB
/*! * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved. * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.") * * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0. * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * * See the License for the specific language governing permissions and limitations under the License. */ import { addPostMessageListener, loadFrame } from './util/browser.js'; import { getOAuthUrls } from './util/oauth.js'; import AuthSdkError from '../errors/AuthSdkError.js'; import { getAuthorizeUrl } from './util/getAuthorizeUrl.js'; import '../_virtual/_tslib.js'; import 'tiny-emitter'; import 'js-cookie'; import 'cross-fetch'; import { prepareTokenParams } from './util/prepareTokenParams.js'; import './types/Token.js'; import { handleOAuthResponse } from './handleOAuthResponse.js'; async function getToken(sdk, options) { var _a; if (arguments.length > 2) { return Promise.reject(new AuthSdkError('As of version 3.0, "getToken" takes only a single set of options')); } options = options || {}; const popupWindow = options.popupWindow; options.popupWindow = undefined; const tokenParams = await prepareTokenParams(sdk, options); const sessionTokenOverrides = { prompt: 'none', responseMode: ((_a = sdk === null || sdk === void 0 ? void 0 : sdk.options) === null || _a === void 0 ? void 0 : _a.provider) === 'okta-cic' ? 'web_message' : 'okta_post_message', display: null }; const idpOverrides = { display: 'popup' }; if (options.sessionToken) { Object.assign(tokenParams, sessionTokenOverrides); } else if (options.idp) { Object.assign(tokenParams, idpOverrides); } const urls = getOAuthUrls(sdk, tokenParams); const endpoint = options.codeVerifier ? urls.tokenUrl : urls.authorizeUrl; const requestUrl = await getAuthorizeUrl(sdk, tokenParams, endpoint); var flowType; if (tokenParams.sessionToken || tokenParams.display === null) { flowType = 'IFRAME'; } else if (tokenParams.display === 'popup') { flowType = 'POPUP'; } else { flowType = 'IMPLICIT'; } switch (flowType) { case 'IFRAME': var iframePromise = addPostMessageListener(sdk, options.timeout, tokenParams.state); var iframeEl = loadFrame(requestUrl); return iframePromise .then(function (res) { if (!res) { throw new AuthSdkError('Did not receive a valid OAuthResponse'); } return handleOAuthResponse(sdk, tokenParams, res, urls); }) .finally(function () { var _a; if (document.body.contains(iframeEl)) { (_a = iframeEl.parentElement) === null || _a === void 0 ? void 0 : _a.removeChild(iframeEl); } }); case 'POPUP': var oauthPromise; if ((tokenParams === null || tokenParams === void 0 ? void 0 : tokenParams.responseMode) && ['okta_post_message', 'web_message'].includes(tokenParams.responseMode)) { if (!sdk.features.isPopupPostMessageSupported()) { throw new AuthSdkError('This browser doesn\'t have full postMessage support'); } oauthPromise = addPostMessageListener(sdk, options.timeout, tokenParams.state); } if (popupWindow) { popupWindow.location.assign(requestUrl); } var popupPromise = new Promise(function (resolve, reject) { var closePoller = setInterval(function () { if (!popupWindow || popupWindow.closed) { clearInterval(closePoller); reject(new AuthSdkError('Unable to parse OAuth flow response')); } }, 100); oauthPromise .then(function (res) { clearInterval(closePoller); resolve(res); }) .catch(function (err) { clearInterval(closePoller); reject(err); }); }); return popupPromise .then(function (res) { if (!res) { throw new AuthSdkError('Did not receive a valid OAuthResponse'); } return handleOAuthResponse(sdk, tokenParams, res, urls); }) .finally(function () { if (popupWindow && !popupWindow.closed) { popupWindow.close(); } }); default: throw new AuthSdkError('The full page redirect flow is not supported'); } } export { getToken }; //# sourceMappingURL=getToken.js.map