Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
@esri/arcgis-rest-auth
Advanced tools
@esri/arcgis-rest-auth - npm Package Compare versions
Comparing version 2.22.0 to 2.23.0
@@ -68,5 +68,4 @@ /* Copyright (c) 2018-2020 Environmental Systems Research Institute, Inc. | ||
| }, | ||
| // We need to ensure the cookies are sent as that's | ||
| // what the API uses to convert things | ||
| credentials: "include", | ||
| // Note: request has logic to include the cookie | ||
| // for platformSelf calls w/ the X-Esri-Auth-Client-Id header | ||
| params: { | ||
@@ -73,0 +72,0 @@ f: "json", |
@@ -7,1 +7,2 @@ export * from "./ApplicationSession"; | ||
| export { IUser } from "@esri/arcgis-rest-types"; | ||
| export * from "./app-tokens"; |
@@ -8,2 +8,3 @@ /* Copyright (c) 2018 Environmental Systems Research Institute, Inc. | ||
| export * from "./authenticated-request-options"; | ||
| export * from "./app-tokens"; | ||
| //# sourceMappingURL=index.js.map |
@@ -72,5 +72,4 @@ "use strict"; | ||
| }, | ||
| // We need to ensure the cookies are sent as that's | ||
| // what the API uses to convert things | ||
| credentials: "include", | ||
| // Note: request has logic to include the cookie | ||
| // for platformSelf calls w/ the X-Esri-Auth-Client-Id header | ||
| params: { | ||
@@ -77,0 +76,0 @@ f: "json", |
@@ -11,2 +11,3 @@ "use strict"; | ||
| tslib_1.__exportStar(require("./authenticated-request-options"), exports); | ||
| tslib_1.__exportStar(require("./app-tokens"), exports); | ||
| //# sourceMappingURL=index.js.map |
| /* @preserve | ||
| * @esri/arcgis-rest-auth - v2.22.0 - Apache-2.0 | ||
| * @esri/arcgis-rest-auth - v2.23.0 - Apache-2.0 | ||
| * Copyright (c) 2017-2020 Esri, Inc. | ||
| * Wed Nov 18 2020 12:54:03 GMT-0800 (Pacific Standard Time) | ||
| * Mon Dec 07 2020 13:29:26 GMT-0700 (Mountain Standard Time) | ||
| */ | ||
@@ -983,6 +983,84 @@ (function (global, factory) { | ||
| /* Copyright (c) 2018-2020 Environmental Systems Research Institute, Inc. | ||
| * Apache-2.0 */ | ||
| /** | ||
| * Request app-specific token, passing in the token for the current app. | ||
| * | ||
| * This call returns a token after performing the same checks made by validateAppAccess. | ||
| * It returns an app-specific token of the signed-in user only if the user has access | ||
| * to the app and the encrypted platform cookie is valid. | ||
| * | ||
| * A scenario where an app would use this is if it is iframed into another platform app | ||
| * and recieves credentials via postMessage. Those credentials contain a token that is | ||
| * specific to the host app, so the embedded app would use `exchangeToken` to get one | ||
| * that is specific to itself. | ||
| * | ||
| * Note: This is only usable by Esri applications hosted on *arcgis.com, *esri.com or within | ||
| * an ArcGIS Enterprise installation. Custom applications can not use this. | ||
| * | ||
| * @param token | ||
| * @param clientId application | ||
| * @param portal | ||
| */ | ||
| function exchangeToken(token, clientId, portal) { | ||
| if (portal === void 0) { portal = "https://www.arcgis.com/sharing/rest"; } | ||
| var url = portal + "/oauth2/exchangeToken"; | ||
| var ro = { | ||
| method: "POST", | ||
| params: { | ||
| f: "json", | ||
| client_id: clientId, | ||
| token: token, | ||
| }, | ||
| }; | ||
| // make the request and return the token | ||
| return arcgisRestRequest.request(url, ro).then(function (response) { return response.token; }); | ||
| } | ||
| /** | ||
| * Request a token for a specific application using the esri_aopc encrypted cookie | ||
| * | ||
| * When a client app boots up, it will know it's clientId and the redirectUri for use | ||
| * in the normal /oauth/authorize pop-out oAuth flow. | ||
| * | ||
| * If the app sees an `esri_aopc` cookie (only set if the app is hosted on *.arcgis.com), | ||
| * it can call the /oauth2/platformSelf end-point passing in the clientId and redirectUri | ||
| * in headers, and it will recieve back an app-specific token, assuming the user has | ||
| * access to the app. | ||
| * | ||
| * Since there are scenarios where an app can boot using credintials/token from localstorage | ||
| * but those creds are not for the same user as the esri_aopc cookie, it is recommended that | ||
| * an app check the returned username against any existing identity they may have loaded. | ||
| * | ||
| * Note: This is only usable by Esri applications hosted on *arcgis.com, *esri.com or within | ||
| * an ArcGIS Enterprise installation. Custom applications can not use this. | ||
| * @param clientId | ||
| * @param redirectUri | ||
| * @param portal | ||
| */ | ||
| function platformSelf(clientId, redirectUri, portal) { | ||
| if (portal === void 0) { portal = "https://www.arcgis.com/sharing/rest"; } | ||
| // TEMPORARY: the f=json should not be needed, but currently is | ||
| var url = portal + "/oauth2/platformSelf?f=json"; | ||
| var ro = { | ||
| method: "POST", | ||
| headers: { | ||
| "X-Esri-Auth-Client-Id": clientId, | ||
| "X-Esri-Auth-Redirect-Uri": redirectUri, | ||
| }, | ||
| // Note: request has logic to include the cookie | ||
| // for platformSelf calls w/ the X-Esri-Auth-Client-Id header | ||
| params: { | ||
| f: "json", | ||
| }, | ||
| }; | ||
| // make the request and return the token | ||
| return arcgisRestRequest.request(url, ro); | ||
| } | ||
| exports.ApplicationSession = ApplicationSession; | ||
| exports.UserSession = UserSession; | ||
| exports.exchangeToken = exchangeToken; | ||
| exports.fetchToken = fetchToken; | ||
| exports.generateToken = generateToken; | ||
| exports.platformSelf = platformSelf; | ||
@@ -989,0 +1067,0 @@ Object.defineProperty(exports, '__esModule', { value: true }); |
| /* @preserve | ||
| * @esri/arcgis-rest-auth - v2.22.0 - Apache-2.0 | ||
| * @esri/arcgis-rest-auth - v2.23.0 - Apache-2.0 | ||
| * Copyright (c) 2017-2020 Esri, Inc. | ||
| * Wed Nov 18 2020 12:54:06 GMT-0800 (Pacific Standard Time) | ||
| * Mon Dec 07 2020 13:29:30 GMT-0700 (Mountain Standard Time) | ||
| */ | ||
| !function(e,r){"object"==typeof exports&&"undefined"!=typeof module?r(exports,require("@esri/arcgis-rest-request")):"function"==typeof define&&define.amd?define(["exports","@esri/arcgis-rest-request"],r):r((e="undefined"!=typeof globalThis?globalThis:e||self).arcgisRest=e.arcgisRest||{},e.arcgisRest)}(this,function(e,g){"use strict";var w=function(){return(w=Object.assign||function(e){for(var r,t=1,n=arguments.length;t<n;t++)for(var s in r=arguments[t])Object.prototype.hasOwnProperty.call(r,s)&&(e[s]=r[s]);return e}).apply(this,arguments)};function a(e,r){var t=r;return t.rawResponse=!1,g.request(e,t).then(function(e){var r={token:e.access_token,username:e.username,expires:new Date(Date.now()+(1e3*e.expires_in-1e3)),ssl:!0===e.ssl};return e.refresh_token&&(r.refreshToken=e.refresh_token),r})}var r=(t.prototype.getToken=function(e,r){return this.token&&this.expires&&this.expires.getTime()>Date.now()?Promise.resolve(this.token):(this._pendingTokenRequest||(this._pendingTokenRequest=this.refreshToken(r)),this._pendingTokenRequest)},t.prototype.refreshToken=function(e){var r=this,t=w({params:{client_id:this.clientId,client_secret:this.clientSecret,grant_type:"client_credentials",expiration:this.duration}},e);return a(this.portal+"/oauth2/token/",t).then(function(e){return r._pendingTokenRequest=null,r.token=e.token,r.expires=e.expires,e.token})},t.prototype.refreshSession=function(){var e=this;return this.refreshToken().then(function(){return e})},t);function t(e){this.clientId=e.clientId,this.clientSecret=e.clientSecret,this.token=e.token,this.expires=e.expires,this.portal=e.portal||"https://www.arcgis.com/sharing/rest",this.duration=e.duration||7200}function o(e,r){var t=r;return"undefined"!=typeof window&&window.location&&window.location.host?t.params.referer=window.location.host:t.params.referer=g.NODEJS_DEFAULT_REFERER_HEADER,g.request(e,t)}var s=/^https?:\/\/(\S+)\.arcgis\.com.+/;function p(e){return s.test(e)}function h(e){if(!s.test(e))return null;var r=e.match(s)[1].split(".").pop();return r.includes("dev")?"dev":r.includes("qa")?"qa":"production"}function i(e,r){var t=g.cleanUrl(function(e){if(!s.test(e))return e;switch(h(e)){case"dev":return"https://devext.arcgis.com/sharing/rest";case"qa":return"https://qaext.arcgis.com/sharing/rest";default:return"https://www.arcgis.com/sharing/rest"}}(r)).replace(/https?:\/\//,""),n=g.cleanUrl(e).replace(/https?:\/\//,"");return new RegExp(n,"i").test(t)}var n=(Object.defineProperty(T.prototype,"token",{get:function(){return this._token},enumerable:!1,configurable:!0}),Object.defineProperty(T.prototype,"tokenExpires",{get:function(){return this._tokenExpires},enumerable:!1,configurable:!0}),Object.defineProperty(T.prototype,"refreshToken",{get:function(){return this._refreshToken},enumerable:!1,configurable:!0}),Object.defineProperty(T.prototype,"refreshTokenExpires",{get:function(){return this._refreshTokenExpires},enumerable:!1,configurable:!0}),T.beginOAuth2=function(e,r){void 0===r&&(r=window);var t=w({portal:"https://www.arcgis.com/sharing/rest",provider:"arcgis",duration:20160,popup:!0,popupWindowFeatures:"height=400,width=600,menubar=no,location=yes,resizable=yes,scrollbars=yes,status=yes",state:e.clientId,locale:""},e),s=t.portal,n=t.provider,o=t.clientId,i=t.duration,a=t.redirectUri,p=t.popup,h=t.popupWindowFeatures,u=t.state,c=t.locale,l=t.params,d="arcgis"===n?s+"/oauth2/authorize?client_id="+o+"&response_type=token&expiration="+i+"&redirect_uri="+encodeURIComponent(a)+"&state="+u+"&locale="+c:s+"/oauth2/social/authorize?client_id="+o+"&socialLoginProviderName="+n+"&autoAccountCreateForSocial=true&response_type=token&expiration="+i+"&redirect_uri="+encodeURIComponent(a)+"&state="+u+"&locale="+c;if(l&&(d=d+"&"+g.encodeQueryString(l)),p){var f,k=((f={promise:null,resolve:null,reject:null}).promise=new Promise(function(e,r){f.resolve=e,f.reject=r}),f);return r["__ESRI_REST_AUTH_HANDLER_"+o]=function(e,r){var t,n;e?(t=JSON.parse(e),k.reject(new g.ArcGISAuthError(t.errorMessage,t.error))):r&&(n=JSON.parse(r),k.resolve(new T({clientId:o,portal:s,ssl:n.ssl,token:n.token,tokenExpires:new Date(n.expires),username:n.username})))},r.open(d,"oauth-window",h),k.promise}r.location.href=d},T.completeOAuth2=function(e,s){void 0===s&&(s=window);var r=w({portal:"https://www.arcgis.com/sharing/rest",popup:!0},e),o=r.portal,i=r.clientId,a=r.popup;function t(e,r){try{var t=void 0,n="__ESRI_REST_AUTH_HANDLER_"+i;if(a&&(s.opener?s.opener.parent&&s.opener.parent[n]?t=s.opener.parent[n]:s.opener&&s.opener[n]&&(t=s.opener[n]):s!==s.parent&&s.parent&&s.parent[n]&&(t=s.parent[n]),t))return t(e?JSON.stringify(e):void 0,JSON.stringify(r)),void s.close()}catch(e){throw new g.ArcGISAuthError('Unable to complete authentication. It\'s possible you specified popup based oAuth2 but no handler from "beginOAuth2()" present. This generally happens because the "popup" option differs between "beginOAuth2()" and "completeOAuth2()".')}if(e)throw new g.ArcGISAuthError(e.errorMessage,e.error);return new T({clientId:i,portal:o,ssl:r.ssl,token:r.token,tokenExpires:r.expires,username:r.username})}var n=g.decodeQueryString(s.location.hash);if(!n.access_token){var p=void 0,h="Unknown error";return n.error&&(p=n.error,h=n.error_description),t({error:p,errorMessage:h})}var u=n.access_token,c=new Date(Date.now()+1e3*parseInt(n.expires_in,10)-6e4),l=n.username;return t(void 0,{token:u,expires:c,ssl:"true"===n.ssl,username:l})},T.fromParent=function(n,s){var o;return!s&&window&&(s=window),new Promise(function(r,t){o=function(e){if(e.origin===n)try{return r(T.parentMessageHandler(e))}catch(e){return t(e)}},s.addEventListener("message",o,!1),s.parent.postMessage({type:"arcgis:auth:requestCredential"},n)}).then(function(e){return s.removeEventListener("message",o,!1),e})},T.authorize=function(e,r){var t=w({portal:"https://arcgis.com/sharing/rest",duration:20160},e),n=t.portal,s=t.clientId,o=t.duration,i=t.redirectUri;r.writeHead(301,{Location:n+"/oauth2/authorize?client_id="+s+"&duration="+o+"&response_type=code&redirect_uri="+encodeURIComponent(i)}),r.end()},T.exchangeAuthorizationCode=function(e,r){var t=w({portal:"https://www.arcgis.com/sharing/rest",refreshTokenTTL:1440},e),n=t.portal,s=t.clientId,o=t.redirectUri,i=t.refreshTokenTTL;return a(n+"/oauth2/token",{params:{grant_type:"authorization_code",client_id:s,redirect_uri:o,code:r}}).then(function(e){return new T({clientId:s,portal:n,ssl:e.ssl,redirectUri:o,refreshToken:e.refreshToken,refreshTokenTTL:i,refreshTokenExpires:new Date(Date.now()+1e3*(i-1)),token:e.token,tokenExpires:e.expires,username:e.username})})},T.deserialize=function(e){var r=JSON.parse(e);return new T({clientId:r.clientId,refreshToken:r.refreshToken,refreshTokenExpires:new Date(r.refreshTokenExpires),username:r.username,password:r.password,token:r.token,tokenExpires:new Date(r.tokenExpires),portal:r.portal,ssl:r.ssl,tokenDuration:r.tokenDuration,redirectUri:r.redirectUri,refreshTokenTTL:r.refreshTokenTTL})},T.fromCredential=function(e){return new T({portal:e.server.includes("sharing/rest")?e.server:e.server+"/sharing/rest",ssl:e.ssl,token:e.token,username:e.userId,tokenExpires:new Date(e.expires)})},T.parentMessageHandler=function(e){if("arcgis:auth:credential"===e.data.type)return T.fromCredential(e.data.credential);throw"arcgis:auth:rejected"===e.data.type?new Error(e.data.message):new Error("Unknown message type.")},T.prototype.toCredential=function(){return{expires:this.tokenExpires.getTime(),server:this.portal,ssl:this.ssl,token:this.token,userId:this.username}},T.prototype.getUser=function(e){var r=this;if(this._pendingUserRequest)return this._pendingUserRequest;if(this._user)return Promise.resolve(this._user);var t=this.portal+"/community/self",n=w(w({httpMethod:"GET",authentication:this},e),{rawResponse:!1});return this._pendingUserRequest=g.request(t,n).then(function(e){return r._user=e,r._pendingUserRequest=null,e}),this._pendingUserRequest},T.prototype.getUsername=function(){return this.username?Promise.resolve(this.username):this._user?Promise.resolve(this._user.username):this.getUser().then(function(e){return e.username})},T.prototype.getToken=function(e,r){return t=this.portal,n=e,s=p(t),o=p(n),i=h(t),a=h(n),s&&o&&i===a||new RegExp(this.portal,"i").test(e)?this.getFreshToken(r):this.getTokenForServer(e,r);var t,n,s,o,i,a},T.prototype.validateAppAccess=function(r){return this.getToken(this.portal).then(function(e){return function(e,r,t){void 0===t&&(t="https://www.arcgis.com/sharing/rest");var n=t+"/oauth2/validateAppAccess",s={method:"POST",params:{f:"json",client_id:r,token:e}};return g.request(n,s)}(e,r)})},T.prototype.toJSON=function(){return{clientId:this.clientId,refreshToken:this.refreshToken,refreshTokenExpires:this.refreshTokenExpires,username:this.username,password:this.password,token:this.token,tokenExpires:this.tokenExpires,portal:this.portal,ssl:this.ssl,tokenDuration:this.tokenDuration,redirectUri:this.redirectUri,refreshTokenTTL:this.refreshTokenTTL}},T.prototype.serialize=function(){return JSON.stringify(this)},T.prototype.enablePostMessageAuth=function(e,r){!r&&window&&(r=window),this._hostHandler=this.createPostMessageHandler(e),r.addEventListener("message",this._hostHandler,!1)},T.prototype.disablePostMessageAuth=function(e){!e&&window&&(e=window),e.removeEventListener("message",this._hostHandler,!1)},T.prototype.refreshSession=function(e){return this._user=null,this.username&&this.password?this.refreshWithUsernameAndPassword(e):this.clientId&&this.refreshToken?this.refreshWithRefreshToken():Promise.reject(new g.ArcGISAuthError("Unable to refresh token."))},T.prototype.getServerRootUrl=function(e){var r=g.cleanUrl(e).split(/\/rest(\/admin)?\/services(?:\/|#|\?|$)/)[0].match(/(https?:\/\/)(.+)/),t=(r[0],r[1]),n=r[2].split("/"),s=n[0],o=n.slice(1);return""+t+s.toLowerCase()+"/"+o.join("/")},T.prototype.createPostMessageHandler=function(t){var n=this;return function(e){var r;-1<t.indexOf(e.origin)?(r=n.toCredential(),e.source.postMessage({type:"arcgis:auth:credential",credential:r},e.origin)):e.source.postMessage({type:"arcgis:auth:rejected",message:"Rejected authentication request."},e.origin)}},T.prototype.getTokenForServer=function(r,t){var n=this,s=this.getServerRootUrl(r),e=this.trustedServers[s];return e&&e.expires&&e.expires.getTime()>Date.now()?Promise.resolve(e.token):(this._pendingTokenRequests[s]||(this._pendingTokenRequests[s]=g.request(s+"/rest/info").then(function(e){if(e.owningSystemUrl){if(i(e.owningSystemUrl,n.portal))return g.request(e.owningSystemUrl+"/sharing/rest/info",t);throw new g.ArcGISAuthError(r+" is not federated with "+n.portal+".","NOT_FEDERATED")}if(e.authInfo&&void 0!==n.trustedServers[s])return Promise.resolve({authInfo:e.authInfo});throw new g.ArcGISAuthError(r+" is not federated with any portal and is not explicitly trusted.","NOT_FEDERATED")}).then(function(e){return e.authInfo.tokenServicesUrl}).then(function(e){return n.token&&n.tokenExpires.getTime()>Date.now()?o(e,{params:{token:n.token,serverUrl:r,expiration:n.tokenDuration,client:"referer"}}):o(e,{params:{username:n.username,password:n.password,expiration:n.tokenDuration,client:"referer"}}).then(function(e){return n._token=e.token,n._tokenExpires=new Date(e.expires),e})}).then(function(e){return n.trustedServers[s]={expires:new Date(e.expires),token:e.token},delete n._pendingTokenRequests[s],e.token})),this._pendingTokenRequests[s])},T.prototype.getFreshToken=function(e){var r=this;return this.token&&!this.tokenExpires||this.token&&this.tokenExpires&&this.tokenExpires.getTime()>Date.now()?Promise.resolve(this.token):(this._pendingTokenRequests[this.portal]||(this._pendingTokenRequests[this.portal]=this.refreshSession(e).then(function(e){return r._pendingTokenRequests[r.portal]=null,e.token})),this._pendingTokenRequests[this.portal])},T.prototype.refreshWithUsernameAndPassword=function(e){var r=this,t=w({params:{username:this.username,password:this.password,expiration:this.tokenDuration}},e);return o(this.portal+"/generateToken",t).then(function(e){return r._token=e.token,r._tokenExpires=new Date(e.expires),r})},T.prototype.refreshWithRefreshToken=function(e){var r=this;if(this.refreshToken&&this.refreshTokenExpires&&this.refreshTokenExpires.getTime()<Date.now())return this.refreshRefreshToken(e);var t=w({params:{client_id:this.clientId,refresh_token:this.refreshToken,grant_type:"refresh_token"}},e);return a(this.portal+"/oauth2/token",t).then(function(e){return r._token=e.token,r._tokenExpires=e.expires,r})},T.prototype.refreshRefreshToken=function(e){var r=this,t=w({params:{client_id:this.clientId,refresh_token:this.refreshToken,redirect_uri:this.redirectUri,grant_type:"exchange_refresh_token"}},e);return a(this.portal+"/oauth2/token",t).then(function(e){return r._token=e.token,r._tokenExpires=e.expires,r._refreshToken=e.refreshToken,r._refreshTokenExpires=new Date(Date.now()+60*(r.refreshTokenTTL-1)*1e3),r})},T);function T(e){var r;this.clientId=e.clientId,this._refreshToken=e.refreshToken,this._refreshTokenExpires=e.refreshTokenExpires,this.username=e.username,this.password=e.password,this._token=e.token,this._tokenExpires=e.tokenExpires,this.portal=e.portal?g.cleanUrl(e.portal):"https://www.arcgis.com/sharing/rest",this.ssl=e.ssl,this.provider=e.provider||"arcgis",this.tokenDuration=e.tokenDuration||20160,this.redirectUri=e.redirectUri,this.refreshTokenTTL=e.refreshTokenTTL||1440,this.trustedServers={},e.server&&(r=this.getServerRootUrl(e.server),this.trustedServers[r]={token:e.token,expires:e.tokenExpires}),this._pendingTokenRequests={}}e.ApplicationSession=r,e.UserSession=n,e.fetchToken=a,e.generateToken=o,Object.defineProperty(e,"__esModule",{value:!0})}); | ||
| !function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports,require("@esri/arcgis-rest-request")):"function"==typeof define&&define.amd?define(["exports","@esri/arcgis-rest-request"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).arcgisRest=e.arcgisRest||{},e.arcgisRest)}(this,function(e,g){"use strict";var w=function(){return(w=Object.assign||function(e){for(var t,r=1,n=arguments.length;r<n;r++)for(var s in t=arguments[r])Object.prototype.hasOwnProperty.call(t,s)&&(e[s]=t[s]);return e}).apply(this,arguments)};function a(e,t){var r=t;return r.rawResponse=!1,g.request(e,r).then(function(e){var t={token:e.access_token,username:e.username,expires:new Date(Date.now()+(1e3*e.expires_in-1e3)),ssl:!0===e.ssl};return e.refresh_token&&(t.refreshToken=e.refresh_token),t})}var t=(r.prototype.getToken=function(e,t){return this.token&&this.expires&&this.expires.getTime()>Date.now()?Promise.resolve(this.token):(this._pendingTokenRequest||(this._pendingTokenRequest=this.refreshToken(t)),this._pendingTokenRequest)},r.prototype.refreshToken=function(e){var t=this,r=w({params:{client_id:this.clientId,client_secret:this.clientSecret,grant_type:"client_credentials",expiration:this.duration}},e);return a(this.portal+"/oauth2/token/",r).then(function(e){return t._pendingTokenRequest=null,t.token=e.token,t.expires=e.expires,e.token})},r.prototype.refreshSession=function(){var e=this;return this.refreshToken().then(function(){return e})},r);function r(e){this.clientId=e.clientId,this.clientSecret=e.clientSecret,this.token=e.token,this.expires=e.expires,this.portal=e.portal||"https://www.arcgis.com/sharing/rest",this.duration=e.duration||7200}function o(e,t){var r=t;return"undefined"!=typeof window&&window.location&&window.location.host?r.params.referer=window.location.host:r.params.referer=g.NODEJS_DEFAULT_REFERER_HEADER,g.request(e,r)}var s=/^https?:\/\/(\S+)\.arcgis\.com.+/;function h(e){return s.test(e)}function u(e){if(!s.test(e))return null;var t=e.match(s)[1].split(".").pop();return t.includes("dev")?"dev":t.includes("qa")?"qa":"production"}function i(e,t){var r=g.cleanUrl(function(e){if(!s.test(e))return e;switch(u(e)){case"dev":return"https://devext.arcgis.com/sharing/rest";case"qa":return"https://qaext.arcgis.com/sharing/rest";default:return"https://www.arcgis.com/sharing/rest"}}(t)).replace(/https?:\/\//,""),n=g.cleanUrl(e).replace(/https?:\/\//,"");return new RegExp(n,"i").test(r)}var n=(Object.defineProperty(m.prototype,"token",{get:function(){return this._token},enumerable:!1,configurable:!0}),Object.defineProperty(m.prototype,"tokenExpires",{get:function(){return this._tokenExpires},enumerable:!1,configurable:!0}),Object.defineProperty(m.prototype,"refreshToken",{get:function(){return this._refreshToken},enumerable:!1,configurable:!0}),Object.defineProperty(m.prototype,"refreshTokenExpires",{get:function(){return this._refreshTokenExpires},enumerable:!1,configurable:!0}),m.beginOAuth2=function(e,t){void 0===t&&(t=window);var r=w({portal:"https://www.arcgis.com/sharing/rest",provider:"arcgis",duration:20160,popup:!0,popupWindowFeatures:"height=400,width=600,menubar=no,location=yes,resizable=yes,scrollbars=yes,status=yes",state:e.clientId,locale:""},e),s=r.portal,n=r.provider,o=r.clientId,i=r.duration,a=r.redirectUri,h=r.popup,u=r.popupWindowFeatures,p=r.state,c=r.locale,l=r.params,d="arcgis"===n?s+"/oauth2/authorize?client_id="+o+"&response_type=token&expiration="+i+"&redirect_uri="+encodeURIComponent(a)+"&state="+p+"&locale="+c:s+"/oauth2/social/authorize?client_id="+o+"&socialLoginProviderName="+n+"&autoAccountCreateForSocial=true&response_type=token&expiration="+i+"&redirect_uri="+encodeURIComponent(a)+"&state="+p+"&locale="+c;if(l&&(d=d+"&"+g.encodeQueryString(l)),h){var f,k=((f={promise:null,resolve:null,reject:null}).promise=new Promise(function(e,t){f.resolve=e,f.reject=t}),f);return t["__ESRI_REST_AUTH_HANDLER_"+o]=function(e,t){var r,n;e?(r=JSON.parse(e),k.reject(new g.ArcGISAuthError(r.errorMessage,r.error))):t&&(n=JSON.parse(t),k.resolve(new m({clientId:o,portal:s,ssl:n.ssl,token:n.token,tokenExpires:new Date(n.expires),username:n.username})))},t.open(d,"oauth-window",u),k.promise}t.location.href=d},m.completeOAuth2=function(e,s){void 0===s&&(s=window);var t=w({portal:"https://www.arcgis.com/sharing/rest",popup:!0},e),o=t.portal,i=t.clientId,a=t.popup;function r(e,t){try{var r=void 0,n="__ESRI_REST_AUTH_HANDLER_"+i;if(a&&(s.opener?s.opener.parent&&s.opener.parent[n]?r=s.opener.parent[n]:s.opener&&s.opener[n]&&(r=s.opener[n]):s!==s.parent&&s.parent&&s.parent[n]&&(r=s.parent[n]),r))return r(e?JSON.stringify(e):void 0,JSON.stringify(t)),void s.close()}catch(e){throw new g.ArcGISAuthError('Unable to complete authentication. It\'s possible you specified popup based oAuth2 but no handler from "beginOAuth2()" present. This generally happens because the "popup" option differs between "beginOAuth2()" and "completeOAuth2()".')}if(e)throw new g.ArcGISAuthError(e.errorMessage,e.error);return new m({clientId:i,portal:o,ssl:t.ssl,token:t.token,tokenExpires:t.expires,username:t.username})}var n=g.decodeQueryString(s.location.hash);if(!n.access_token){var h=void 0,u="Unknown error";return n.error&&(h=n.error,u=n.error_description),r({error:h,errorMessage:u})}var p=n.access_token,c=new Date(Date.now()+1e3*parseInt(n.expires_in,10)-6e4),l=n.username;return r(void 0,{token:p,expires:c,ssl:"true"===n.ssl,username:l})},m.fromParent=function(n,s){var o;return!s&&window&&(s=window),new Promise(function(t,r){o=function(e){if(e.origin===n)try{return t(m.parentMessageHandler(e))}catch(e){return r(e)}},s.addEventListener("message",o,!1),s.parent.postMessage({type:"arcgis:auth:requestCredential"},n)}).then(function(e){return s.removeEventListener("message",o,!1),e})},m.authorize=function(e,t){var r=w({portal:"https://arcgis.com/sharing/rest",duration:20160},e),n=r.portal,s=r.clientId,o=r.duration,i=r.redirectUri;t.writeHead(301,{Location:n+"/oauth2/authorize?client_id="+s+"&duration="+o+"&response_type=code&redirect_uri="+encodeURIComponent(i)}),t.end()},m.exchangeAuthorizationCode=function(e,t){var r=w({portal:"https://www.arcgis.com/sharing/rest",refreshTokenTTL:1440},e),n=r.portal,s=r.clientId,o=r.redirectUri,i=r.refreshTokenTTL;return a(n+"/oauth2/token",{params:{grant_type:"authorization_code",client_id:s,redirect_uri:o,code:t}}).then(function(e){return new m({clientId:s,portal:n,ssl:e.ssl,redirectUri:o,refreshToken:e.refreshToken,refreshTokenTTL:i,refreshTokenExpires:new Date(Date.now()+1e3*(i-1)),token:e.token,tokenExpires:e.expires,username:e.username})})},m.deserialize=function(e){var t=JSON.parse(e);return new m({clientId:t.clientId,refreshToken:t.refreshToken,refreshTokenExpires:new Date(t.refreshTokenExpires),username:t.username,password:t.password,token:t.token,tokenExpires:new Date(t.tokenExpires),portal:t.portal,ssl:t.ssl,tokenDuration:t.tokenDuration,redirectUri:t.redirectUri,refreshTokenTTL:t.refreshTokenTTL})},m.fromCredential=function(e){return new m({portal:e.server.includes("sharing/rest")?e.server:e.server+"/sharing/rest",ssl:e.ssl,token:e.token,username:e.userId,tokenExpires:new Date(e.expires)})},m.parentMessageHandler=function(e){if("arcgis:auth:credential"===e.data.type)return m.fromCredential(e.data.credential);throw"arcgis:auth:rejected"===e.data.type?new Error(e.data.message):new Error("Unknown message type.")},m.prototype.toCredential=function(){return{expires:this.tokenExpires.getTime(),server:this.portal,ssl:this.ssl,token:this.token,userId:this.username}},m.prototype.getUser=function(e){var t=this;if(this._pendingUserRequest)return this._pendingUserRequest;if(this._user)return Promise.resolve(this._user);var r=this.portal+"/community/self",n=w(w({httpMethod:"GET",authentication:this},e),{rawResponse:!1});return this._pendingUserRequest=g.request(r,n).then(function(e){return t._user=e,t._pendingUserRequest=null,e}),this._pendingUserRequest},m.prototype.getUsername=function(){return this.username?Promise.resolve(this.username):this._user?Promise.resolve(this._user.username):this.getUser().then(function(e){return e.username})},m.prototype.getToken=function(e,t){return r=this.portal,n=e,s=h(r),o=h(n),i=u(r),a=u(n),s&&o&&i===a||new RegExp(this.portal,"i").test(e)?this.getFreshToken(t):this.getTokenForServer(e,t);var r,n,s,o,i,a},m.prototype.validateAppAccess=function(t){return this.getToken(this.portal).then(function(e){return function(e,t,r){void 0===r&&(r="https://www.arcgis.com/sharing/rest");var n=r+"/oauth2/validateAppAccess",s={method:"POST",params:{f:"json",client_id:t,token:e}};return g.request(n,s)}(e,t)})},m.prototype.toJSON=function(){return{clientId:this.clientId,refreshToken:this.refreshToken,refreshTokenExpires:this.refreshTokenExpires,username:this.username,password:this.password,token:this.token,tokenExpires:this.tokenExpires,portal:this.portal,ssl:this.ssl,tokenDuration:this.tokenDuration,redirectUri:this.redirectUri,refreshTokenTTL:this.refreshTokenTTL}},m.prototype.serialize=function(){return JSON.stringify(this)},m.prototype.enablePostMessageAuth=function(e,t){!t&&window&&(t=window),this._hostHandler=this.createPostMessageHandler(e),t.addEventListener("message",this._hostHandler,!1)},m.prototype.disablePostMessageAuth=function(e){!e&&window&&(e=window),e.removeEventListener("message",this._hostHandler,!1)},m.prototype.refreshSession=function(e){return this._user=null,this.username&&this.password?this.refreshWithUsernameAndPassword(e):this.clientId&&this.refreshToken?this.refreshWithRefreshToken():Promise.reject(new g.ArcGISAuthError("Unable to refresh token."))},m.prototype.getServerRootUrl=function(e){var t=g.cleanUrl(e).split(/\/rest(\/admin)?\/services(?:\/|#|\?|$)/)[0].match(/(https?:\/\/)(.+)/),r=(t[0],t[1]),n=t[2].split("/"),s=n[0],o=n.slice(1);return""+r+s.toLowerCase()+"/"+o.join("/")},m.prototype.createPostMessageHandler=function(r){var n=this;return function(e){var t;-1<r.indexOf(e.origin)?(t=n.toCredential(),e.source.postMessage({type:"arcgis:auth:credential",credential:t},e.origin)):e.source.postMessage({type:"arcgis:auth:rejected",message:"Rejected authentication request."},e.origin)}},m.prototype.getTokenForServer=function(t,r){var n=this,s=this.getServerRootUrl(t),e=this.trustedServers[s];return e&&e.expires&&e.expires.getTime()>Date.now()?Promise.resolve(e.token):(this._pendingTokenRequests[s]||(this._pendingTokenRequests[s]=g.request(s+"/rest/info").then(function(e){if(e.owningSystemUrl){if(i(e.owningSystemUrl,n.portal))return g.request(e.owningSystemUrl+"/sharing/rest/info",r);throw new g.ArcGISAuthError(t+" is not federated with "+n.portal+".","NOT_FEDERATED")}if(e.authInfo&&void 0!==n.trustedServers[s])return Promise.resolve({authInfo:e.authInfo});throw new g.ArcGISAuthError(t+" is not federated with any portal and is not explicitly trusted.","NOT_FEDERATED")}).then(function(e){return e.authInfo.tokenServicesUrl}).then(function(e){return n.token&&n.tokenExpires.getTime()>Date.now()?o(e,{params:{token:n.token,serverUrl:t,expiration:n.tokenDuration,client:"referer"}}):o(e,{params:{username:n.username,password:n.password,expiration:n.tokenDuration,client:"referer"}}).then(function(e){return n._token=e.token,n._tokenExpires=new Date(e.expires),e})}).then(function(e){return n.trustedServers[s]={expires:new Date(e.expires),token:e.token},delete n._pendingTokenRequests[s],e.token})),this._pendingTokenRequests[s])},m.prototype.getFreshToken=function(e){var t=this;return this.token&&!this.tokenExpires||this.token&&this.tokenExpires&&this.tokenExpires.getTime()>Date.now()?Promise.resolve(this.token):(this._pendingTokenRequests[this.portal]||(this._pendingTokenRequests[this.portal]=this.refreshSession(e).then(function(e){return t._pendingTokenRequests[t.portal]=null,e.token})),this._pendingTokenRequests[this.portal])},m.prototype.refreshWithUsernameAndPassword=function(e){var t=this,r=w({params:{username:this.username,password:this.password,expiration:this.tokenDuration}},e);return o(this.portal+"/generateToken",r).then(function(e){return t._token=e.token,t._tokenExpires=new Date(e.expires),t})},m.prototype.refreshWithRefreshToken=function(e){var t=this;if(this.refreshToken&&this.refreshTokenExpires&&this.refreshTokenExpires.getTime()<Date.now())return this.refreshRefreshToken(e);var r=w({params:{client_id:this.clientId,refresh_token:this.refreshToken,grant_type:"refresh_token"}},e);return a(this.portal+"/oauth2/token",r).then(function(e){return t._token=e.token,t._tokenExpires=e.expires,t})},m.prototype.refreshRefreshToken=function(e){var t=this,r=w({params:{client_id:this.clientId,refresh_token:this.refreshToken,redirect_uri:this.redirectUri,grant_type:"exchange_refresh_token"}},e);return a(this.portal+"/oauth2/token",r).then(function(e){return t._token=e.token,t._tokenExpires=e.expires,t._refreshToken=e.refreshToken,t._refreshTokenExpires=new Date(Date.now()+60*(t.refreshTokenTTL-1)*1e3),t})},m);function m(e){var t;this.clientId=e.clientId,this._refreshToken=e.refreshToken,this._refreshTokenExpires=e.refreshTokenExpires,this.username=e.username,this.password=e.password,this._token=e.token,this._tokenExpires=e.tokenExpires,this.portal=e.portal?g.cleanUrl(e.portal):"https://www.arcgis.com/sharing/rest",this.ssl=e.ssl,this.provider=e.provider||"arcgis",this.tokenDuration=e.tokenDuration||20160,this.redirectUri=e.redirectUri,this.refreshTokenTTL=e.refreshTokenTTL||1440,this.trustedServers={},e.server&&(t=this.getServerRootUrl(e.server),this.trustedServers[t]={token:e.token,expires:e.tokenExpires}),this._pendingTokenRequests={}}e.ApplicationSession=t,e.UserSession=n,e.exchangeToken=function(e,t,r){void 0===r&&(r="https://www.arcgis.com/sharing/rest");var n=r+"/oauth2/exchangeToken",s={method:"POST",params:{f:"json",client_id:t,token:e}};return g.request(n,s).then(function(e){return e.token})},e.fetchToken=a,e.generateToken=o,e.platformSelf=function(e,t,r){void 0===r&&(r="https://www.arcgis.com/sharing/rest");var n=r+"/oauth2/platformSelf?f=json",s={method:"POST",headers:{"X-Esri-Auth-Client-Id":e,"X-Esri-Auth-Redirect-Uri":t},params:{f:"json"}};return g.request(n,s)},Object.defineProperty(e,"__esModule",{value:!0})}); | ||
| //# sourceMappingURL=auth.umd.min.js.map |
| { | ||
| "name": "@esri/arcgis-rest-auth", | ||
| "version": "2.22.0", | ||
| "version": "2.23.0", | ||
| "description": "Authentication helpers for @esri/arcgis-rest-js.", | ||
@@ -16,10 +16,10 @@ "main": "dist/node/index.js", | ||
| "dependencies": { | ||
| "@esri/arcgis-rest-types": "^2.22.0", | ||
| "@esri/arcgis-rest-types": "^2.23.0", | ||
| "tslib": "^1.13.0" | ||
| }, | ||
| "devDependencies": { | ||
| "@esri/arcgis-rest-request": "^2.22.0" | ||
| "@esri/arcgis-rest-request": "^2.23.0" | ||
| }, | ||
| "peerDependencies": { | ||
| "@esri/arcgis-rest-request": "^2.0.0" | ||
| "@esri/arcgis-rest-request": "^2.23.0" | ||
| }, | ||
@@ -26,0 +26,0 @@ "scripts": { |
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by3.36%
373067
- Lines of code
- increased by2.09%
3905