New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

@okta/okta-auth-js

Package Overview
Dependencies
Maintainers
1
Versions
159
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@okta/okta-auth-js - npm Package Compare versions

Comparing version 3.1.3 to 3.1.4

8

CHANGELOG.md
# Changelog
## 3.1.4
### Bug Fixes
- [#400](https://github.com/okta/okta-auth-js/pull/400) Allows an accessToken to be retrieved without an idToken. Also allows retrieving "default" scopes as defined by the custom authorization server.
- [#402](https://github.com/okta/okta-auth-js/pull/402) Fixes tokenManager cookie storage size limitation issue by store tokens in separated cookies.
## 3.1.3

@@ -4,0 +12,0 @@

2

dist/okta-auth-js.min.js

@@ -13,3 +13,3 @@ /*!

*/
!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.OktaAuth=t():e.OktaAuth=t()}("undefined"!=typeof self?self:this,function(){return function(e){function t(n){if(r[n])return r[n].exports;var o=r[n]={i:n,l:!1,exports:{}};return e[n].call(o.exports,o,o.exports,t),o.l=!0,o.exports}var r={};return t.m=e,t.c=r,t.d=function(e,r,n){t.o(e,r)||Object.defineProperty(e,r,{configurable:!1,enumerable:!0,get:n})},t.n=function(e){var r=e&&e.__esModule?function(){return e.default}:function(){return e};return t.d(r,"a",r),r},t.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},t.p="",t(t.s=11)}([function(e,t){var r=e.exports;r.stringToBase64Url=function(e){var t=btoa(e);return r.base64ToBase64Url(t)},r.base64ToBase64Url=function(e){return e.replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")},r.base64UrlToBase64=function(e){return e.replace(/-/g,"+").replace(/_/g,"/")},r.base64UrlToString=function(e){var t=r.base64UrlToBase64(e);switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw"Not a valid Base64Url"}var n=atob(t);try{return decodeURIComponent(escape(n))}catch(e){return n}},r.stringToBuffer=function(e){for(var t=new Uint8Array(e.length),r=0;r<e.length;r++)t[r]=e.charCodeAt(r);return t},r.base64UrlDecode=function(e){return atob(r.base64UrlToBase64(e))},r.bind=function(e,t){var r=Array.prototype.slice.call(arguments,2);return function(){var n=Array.prototype.slice.call(arguments);return n=r.concat(n),e.apply(t,n)}},r.isAbsoluteUrl=function(e){return/^(?:[a-z]+:)?\/\//i.test(e)},r.isString=function(e){return"[object String]"===Object.prototype.toString.call(e)},r.isObject=function(e){return"[object Object]"===Object.prototype.toString.call(e)},r.isNumber=function(e){return"[object Number]"===Object.prototype.toString.call(e)},r.isoToUTCString=function(e){var t=e.match(/\d+/g),r=Date.UTC(t[0],t[1]-1,t[2],t[3],t[4],t[5]);return new Date(r).toUTCString()},r.toQueryParams=function(e){var t=[];if(null!==e)for(var r in e)e.hasOwnProperty(r)&&void 0!==e[r]&&null!==e[r]&&t.push(r+"="+encodeURIComponent(e[r]));return t.length?"?"+t.join("&"):""},r.genRandomString=function(e){for(var t="abcdefghijklnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789",r="",n=0,o=t.length;n<e;++n)r+=t[Math.floor(Math.random()*o)];return r},r.extend=function(){var e=arguments[0];return[].slice.call(arguments,1).forEach(function(t){for(var r in t)t.hasOwnProperty(r)&&void 0!==t[r]&&(e[r]=t[r])}),e},r.removeNils=function(e){var t={};for(var r in e)if(e.hasOwnProperty(r)){var n=e[r];null!==n&&void 0!==n&&(t[r]=n)}return t},r.clone=function(e){if(e){var t=JSON.stringify(e);if(t)return JSON.parse(t)}return e},r.omit=function(e){var t=Array.prototype.slice.call(arguments,1),n={};for(var o in e)e.hasOwnProperty(o)&&-1==t.indexOf(o)&&(n[o]=e[o]);return r.clone(n)},r.find=function(e,t){for(var r=e.length;r--;){var n=e[r],o=!0;for(var i in t)if(t.hasOwnProperty(i)&&n[i]!==t[i]){o=!1;break}if(o)return n}},r.getLink=function(e,t,n){if(e&&e._links){var o=r.clone(e._links[t]);return o&&o.name&&n?o.name===n?o:void 0:o}},r.getNativeConsole=function(){return"undefined"!=typeof window?window.console:"undefined"!=typeof console?console:void 0},r.getConsole=function(){var e=r.getNativeConsole();return e&&e.log?e:{log:function(){}}},r.warn=function(e){r.getConsole().log("[okta-auth-sdk] WARN: "+e)},r.deprecate=function(e){r.getConsole().log("[okta-auth-sdk] DEPRECATION: "+e)},r.deprecateWrap=function(e,t){return function(){return r.deprecate(e),t.apply(null,arguments)}},r.removeTrailingSlash=function(e){if(e){var t=e.replace(/^\s+|\s+$/gm,"");return t=t.replace(/\/+$/,"")}},r.isIE11OrLess=function(){return!!document.documentMode&&document.documentMode<=11},r.isFunction=function(e){return!!e&&"[object Function]"==={}.toString.call(e)},r.delay=function(e){return new Promise(function(t){setTimeout(t,e)})},r.isPromise=function(e){return e&&e.finally&&"function"==typeof e.finally}},function(e,t){function r(e,t){this.name="AuthSdkError",this.message=e,this.errorCode="INTERNAL",this.errorSummary=e,this.errorLink="INTERNAL",this.errorId="INTERNAL",this.errorCauses=[],t&&(this.xhr=t)}r.prototype=new Error,e.exports=r},function(e,t){e.exports={STATE_TOKEN_KEY_NAME:"oktaStateToken",DEFAULT_POLLING_DELAY:500,DEFAULT_MAX_CLOCK_SKEW:300,DEFAULT_CACHE_DURATION:86400,REDIRECT_OAUTH_PARAMS_COOKIE_NAME:"okta-oauth-redirect-params",REDIRECT_STATE_COOKIE_NAME:"okta-oauth-state",REDIRECT_NONCE_COOKIE_NAME:"okta-oauth-nonce",TOKEN_STORAGE_NAME:"okta-token-storage",CACHE_STORAGE_NAME:"okta-cache-storage",PKCE_STORAGE_NAME:"okta-pkce-storage"}},function(e,t,r){function n(e,t){t=t||{};var r=t.url,n=t.method,o=t.args,i=t.saveAuthnState,c=t.accessToken,f=!1!==t.withCredentials,l=e.options.storageUtil,p=l.storage,h=l.getHttpCache(e.options.cookies);if(t.cacheResponse){var d=h.getStorage(),g=d[r];if(g&&Date.now()/1e3<g.expiresAt)return Promise.resolve(g.response)}var m={Accept:"application/json","Content-Type":"application/json","X-Okta-User-Agent-Extended":e.userAgent};s.extend(m,e.options.headers,t.headers),c&&s.isString(c)&&(m.Authorization="Bearer "+c);var y,v,w={headers:m,data:o||void 0,withCredentials:f};return e.options.httpRequestClient(n,r,w).then(function(n){return v=n.responseText,v&&s.isString(v)&&(v=JSON.parse(v)),i&&(v.stateToken||p.delete(u.STATE_TOKEN_KEY_NAME)),v&&v.stateToken&&v.expiresAt&&p.set(u.STATE_TOKEN_KEY_NAME,v.stateToken,v.expiresAt,e.options.cookies),v&&t.cacheResponse&&h.updateStorage(r,{expiresAt:Math.floor(Date.now()/1e3)+u.DEFAULT_CACHE_DURATION,response:v}),v}).catch(function(t){var r=t.responseText||{};if(s.isString(r))try{r=JSON.parse(r)}catch(e){r={errorSummary:"Unknown error"}}throw t.status>=500&&(r.errorSummary="Unknown error"),e.options.transformErrorXHR&&(t=e.options.transformErrorXHR(s.clone(t))),y=new a(r,t),"E0000011"===y.errorCode&&p.delete(u.STATE_TOKEN_KEY_NAME),y})}function o(e,t,r){t=s.isAbsoluteUrl(t)?t:e.getIssuerOrigin()+t;var o={url:t,method:"GET"};return s.extend(o,r),n(e,o)}function i(e,t,r,o){t=s.isAbsoluteUrl(t)?t:e.getIssuerOrigin()+t;var i={url:t,method:"POST",args:r,saveAuthnState:!0};return s.extend(i,o),n(e,i)}var s=r(0),a=r(19),u=r(2);e.exports={get:o,post:i,httpRequest:n}},function(e,t,r){var n=r(14),o=r(6),i=r(2),s=r(1),a={};a.browserHasLocalStorage=function(){try{var e=a.getLocalStorage();return a.testStorage(e)}catch(e){return!1}},a.browserHasSessionStorage=function(){try{var e=a.getSessionStorage();return a.testStorage(e)}catch(e){return!1}},a.getPKCEStorage=function(e){return e=e||{},!e.preferLocalStorage&&a.browserHasSessionStorage()?o(a.getSessionStorage(),i.PKCE_STORAGE_NAME):a.browserHasLocalStorage()?o(a.getLocalStorage(),i.PKCE_STORAGE_NAME):o(a.getCookieStorage(e),i.PKCE_STORAGE_NAME)},a.getHttpCache=function(e){return a.browserHasLocalStorage()?o(a.getLocalStorage(),i.CACHE_STORAGE_NAME):a.browserHasSessionStorage()?o(a.getSessionStorage(),i.CACHE_STORAGE_NAME):o(a.getCookieStorage(e),i.CACHE_STORAGE_NAME)},a.getLocalStorage=function(){return localStorage},a.getSessionStorage=function(){return sessionStorage},a.getCookieStorage=function(e){var t=e.secure,r=e.sameSite;if(void 0===t||void 0===r)throw new s('getCookieStorage: "secure" and "sameSite" options must be provided');return{getItem:a.storage.get,setItem:function(e,n){a.storage.set(e,n,"2200-01-01T00:00:00.000Z",{secure:t,sameSite:r})}}},a.getInMemoryStorage=function(){var e={};return{getItem:function(t){return e[t]},setItem:function(t,r){e[t]=r}}},a.testStorage=function(e){var t="okta-test-storage";try{return e.setItem(t,t),e.removeItem(t),!0}catch(e){return!1}},a.storage={set:function(e,t,r,o){var i=o.secure,u=o.sameSite;if(void 0===i||void 0===u)throw new s('storage.set: "secure" and "sameSite" options must be provided');var c={path:o.path||"/",secure:i,sameSite:u};return Date.parse(r)&&(c.expires=new Date(r)),n.set(e,t,c),a.storage.get(e)},get:function(e){return n.get(e)},delete:function(e){return n.remove(e,{path:"/"})}},e.exports=a},function(e,t){function r(t){return"function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?e.exports=r=function(e){return typeof e}:e.exports=r=function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},r(t)}e.exports=r},function(e,t,r){function n(e,t){function r(){var r=e.getItem(t);r=r||"{}";try{return JSON.parse(r)}catch(e){throw new o("Unable to parse storage string: "+t)}}function n(r){try{var n=JSON.stringify(r);e.setItem(t,n)}catch(e){throw new o("Unable to set storage: "+t)}}function i(e){if(!e)return n({});var t=r();delete t[e],n(t)}function s(e,t){var o=r();o[e]=t,n(o)}if("string"!=typeof t||!t.length)throw new o('"storageName" is required');return{getStorage:r,setStorage:n,clearStorage:i,updateStorage:s}}var o=r(1);e.exports=n},function(e,t,r){e.exports=r(16)},function(e,t){function r(e,t,r,n,o,i,s){try{var a=e[i](s),u=a.value}catch(e){return void r(e)}a.done?t(u):Promise.resolve(u).then(n,o)}function n(e){return function(){var t=this,n=arguments;return new Promise(function(o,i){function s(e){r(u,o,i,s,a,"next",e)}function a(e){r(u,o,i,s,a,"throw",e)}var u=e.apply(t,n);s(void 0)})}}e.exports=n},function(e,t,r){function n(e,t){var r={};return y.extend(r,t),!r.stateToken&&e.stateToken&&(r.stateToken=e.stateToken),r}function o(e){return n(e)}function i(e,t){return t=n(e,t),m.post(e,e.getIssuerOrigin()+"/api/v1/authn",t)}function s(e,t){if(!t||!t.stateToken){var r=e.tx.exists._get(k.STATE_TOKEN_KEY_NAME);if(!r)return Promise.reject(new v("No transaction to resume"));t={stateToken:r}}return e.tx.status(t).then(function(t){return new g(e,t)})}function a(e,t){if(!t||!t.stateToken){var r=e.tx.exists._get(k.STATE_TOKEN_KEY_NAME);if(!r)return Promise.reject(new v("No transaction to evaluate"));t={stateToken:r}}return u(e,t).then(function(t){return new g(e,t)})}function u(e,t){return t=n(e,t),m.post(e,e.getIssuerOrigin()+"/api/v1/authn/introspect",t)}function c(e){return!!e.tx.exists._get(k.STATE_TOKEN_KEY_NAME)}function f(e,t,r,n){return m.post(e,t,r,n).then(function(t){return new g(e,t)})}function l(e,t,r){return function(n){function i(){var r={};if("function"==typeof u)try{r.autoPush=!!u()}catch(e){return Promise.reject(new v("AutoPush resulted in an error."))}else void 0!==u&&null!==u&&(r.autoPush=!!u);if("function"==typeof a)try{r.rememberDevice=!!a()}catch(e){return Promise.reject(new v("RememberDevice resulted in an error."))}else void 0!==a&&null!==a&&(r.rememberDevice=!!a);var n=f.href+y.toQueryParams(r);return m.post(e,n,o(t),{saveAuthnState:!1})}var s,a,u,c;y.isNumber(n)?s=n:y.isObject(n)&&(s=n.delay,a=n.rememberDevice,u=n.autoPush,c=n.transactionCallBack),s||0===s||(s=k.DEFAULT_POLLING_DELAY);var f=y.getLink(t,"next","poll");r.isPolling=!0;var l=0;return function t(){return r.isPolling?i().then(function(n){if(l=0,n.factorResult&&"WAITING"===n.factorResult){if(!r.isPolling)throw new w;return"function"==typeof c&&c(n),y.delay(s).then(t)}return r.isPolling=!1,new g(e,n)}).catch(function(e){if(e.xhr&&(0===e.xhr.status||429===e.xhr.status)&&l<=4){var r=1e3*Math.pow(2,l);return l++,y.delay(r).then(t)}throw e}):Promise.reject(new w)}().catch(function(e){throw r.isPolling=!1,e})}}function p(e,t,r,o,i){if(Array.isArray(o))return function(n,s){if(!n)throw new v("Must provide a link name");var a=y.find(o,{name:n});if(!a)throw new v("No link found for that name");return p(e,t,r,a,i)(s)};if(o.hints&&o.hints.allow&&1===o.hints.allow.length){switch(o.hints.allow[0]){case"GET":return function(){return m.get(e,o.href)};case"POST":return function(s){i&&i.isPolling&&(i.isPolling=!1);var a=n(t,s);"MFA_ENROLL"!==t.status&&"FACTOR_ENROLL"!==t.status||y.extend(a,{factorType:r.factorType,provider:r.provider});var u={},c=a.autoPush;if(void 0!==c){if("function"==typeof c)try{u.autoPush=!!c()}catch(e){return Promise.reject(new v("AutoPush resulted in an error."))}else null!==c&&(u.autoPush=!!c);a=y.omit(a,"autoPush")}var l=a.rememberDevice;if(void 0!==l){if("function"==typeof l)try{u.rememberDevice=!!l()}catch(e){return Promise.reject(new v("RememberDevice resulted in an error."))}else null!==l&&(u.rememberDevice=!!l);a=y.omit(a,"rememberDevice")}else a.profile&&void 0!==a.profile.updatePhone&&(a.profile.updatePhone&&(u.updatePhone=!0),a.profile=y.omit(a.profile,"updatePhone"));var p=o.href+y.toQueryParams(u);return f(e,p,a)}}}}function h(e,t,r,n){var o={};for(var i in r._links)if(r._links.hasOwnProperty(i)){var s=r._links[i];if("next"===i&&(i=s.name),s.type)o[i]=s;else switch(i){case"poll":o.poll=l(e,t,n);break;default:var a=p(e,t,r,s,n);a&&(o[i]=a)}}return o}function d(e,t,r,n){if(r=r||t,r=y.clone(r),Array.isArray(r)){for(var o=[],i=0,s=r.length;i<s;i++)o.push(d(e,t,r[i],n));return o}var a=r._embedded||{};for(var u in a)a.hasOwnProperty(u)&&(y.isObject(a[u])||Array.isArray(a[u]))&&(a[u]=d(e,t,a[u],n));var c=h(e,t,r,n);return y.extend(a,c),r=y.omit(r,"_embedded","_links"),y.extend(r,a),r}function g(e,t){t&&(this.data=t,y.extend(this,d(e,t,t,{})),delete this.stateToken,"RECOVERY_CHALLENGE"!==t.status||t._links||(this.cancel=function(){return Promise.resolve(new g(e))}))}var m=r(3),y=r(0),v=r(1),w=r(20),k=r(2);e.exports={transactionStatus:i,resumeTransaction:s,transactionExists:c,postToTransaction:f,introspect:a}},function(e,t,r){function n(){return m.genRandomString(64)}function o(){return m.genRandomString(64)}function i(e){return!(!e||!e.accessToken&&!e.idToken||!Array.isArray(e.scopes))}function s(e,t,r){e.addEventListener?e.addEventListener(t,r):e.attachEvent("on"+t,r)}function a(e,t,r){e.removeEventListener?e.removeEventListener(t,r):e.detachEvent("on"+t,r)}function u(e){var t=document.createElement("iframe");return t.style.display="none",t.src=e,document.body.appendChild(t)}function c(e,t){var r=t.popupTitle||"External Identity Provider User Authentication",n="toolbar=no, scrollbars=yes, resizable=yes, top=100, left=500, width=600, height=600";if(m.isIE11OrLess()){var o=window.open("/",r,n);return o.location.href=e,o}return window.open(e,r,n)}function f(e,t){var r=t||e.options.issuer;return g.get(e,r+"/.well-known/openid-configuration",{cacheResponse:!0})}function l(e,t,r){var n=y.getHttpCache(e.options.cookies);return f(e,t).then(function(t){var o=t.jwks_uri,i=n.getStorage(),s=i[o];if(s&&Date.now()/1e3<s.expiresAt){var a=m.find(s.response.keys,{kid:r});if(a)return a}return n.clearStorage(o),g.get(e,o,{cacheResponse:!0}).then(function(e){var t=m.find(e.keys,{kid:r});if(t)return t;throw new v("The key id, "+r+", was not found in the server's keys")})})}function p(e,t,r){var n=r.clientId,o=r.issuer,i=r.nonce;if(!t||!o||!n)throw new v("The jwt, iss, and aud arguments are all required");if(i&&t.nonce!==i)throw new v("OAuth flow response nonce doesn't match request nonce");var s=Math.floor(Date.now()/1e3);if(t.iss!==o)throw new v("The issuer ["+t.iss+"] does not match ["+o+"]");if(t.aud!==n)throw new v("The audience ["+t.aud+"] does not match ["+n+"]");if(t.iat>t.exp)throw new v("The JWT expired before it was issued");if(s-e.options.maxClockSkew>t.exp)throw new v("The JWT expired and is no longer valid");if(t.iat>s+e.options.maxClockSkew)throw new v("The JWT was issued in the future")}function h(e,t){if(arguments.length>2)throw new v('As of version 3.0, "getOAuthUrls" takes only a single set of options');t=t||{};var r=m.removeTrailingSlash(t.authorizeUrl)||e.options.authorizeUrl,n=m.removeTrailingSlash(t.issuer)||e.options.issuer,o=m.removeTrailingSlash(t.userinfoUrl)||e.options.userinfoUrl,i=m.removeTrailingSlash(t.tokenUrl)||e.options.tokenUrl,s=m.removeTrailingSlash(t.logoutUrl)||e.options.logoutUrl,a=m.removeTrailingSlash(t.revokeUrl)||e.options.revokeUrl,u=n.indexOf("/oauth2")>0?n:n+"/oauth2";return r=r||u+"/v1/authorize",o=o||u+"/v1/userinfo",i=i||u+"/v1/token",a=a||u+"/v1/revoke",s=s||u+"/v1/logout",{issuer:n,authorizeUrl:r,userinfoUrl:o,tokenUrl:i,revokeUrl:a,logoutUrl:s}}function d(e){var t=/\+/g,r=/([^&=]+)=?([^&]*)/g,n=e;"#"===n.charAt(0)&&"/"===n.charAt(1)&&(n=n.substring(2)),"#"!==n.charAt(0)&&"?"!==n.charAt(0)||(n=n.substring(1));for(var o,i={};;){if(!(o=r.exec(n)))break;var s=o[1],a=o[2];i[s]="id_token"===s||"access_token"===s||"code"===s?a:decodeURIComponent(a.replace(t," "))}return i}var g=r(3),m=r(0),y=r(4),v=r(1);e.exports={generateState:n,generateNonce:o,getWellKnown:f,getKey:l,validateClaims:p,getOAuthUrls:h,loadFrame:u,loadPopup:c,urlParamsToObject:d,isToken:i,addListener:s,removeListener:a}},function(e,t,r){var n=r(12),o=r(4);e.exports=r(15)(o,n)},function(e,t,r){function n(e){return e.headers.get("Content-Type")&&e.headers.get("Content-Type").toLowerCase().indexOf("application/json")>=0?e.json().catch(function(e){return{error:e,errorSummary:"Could not parse server response"}}):e.text()}function o(e,t){var r="object"===s(t),n={responseText:r?JSON.stringify(t):t,status:e};return r&&(n.responseType="json",n.responseJSON=t),n}function i(e,t,r){var i=r.data,s=r.headers||{};return"application/json"===(s["Content-Type"]||s["content-type"]||"")&&i&&"string"!=typeof i&&(i=JSON.stringify(i)),a(t,{method:e,headers:r.headers,body:i,credentials:r.withCredentials?"include":"omit"}).then(function(e){var t=!e.ok,r=e.status;return n(e).then(function(e){return o(r,e)}).then(function(e){if(t)throw e;return e})})}var s=r(5),a=r(13);e.exports=i},function(e,t){var r=function(e){function t(){this.fetch=!1,this.DOMException=e.DOMException}return t.prototype=e,new t}("undefined"!=typeof self?self:this);!function(e){!function(t){function r(e){return e&&DataView.prototype.isPrototypeOf(e)}function n(e){if("string"!=typeof e&&(e=String(e)),/[^a-z0-9\-#$%&'*+.^_`|~]/i.test(e))throw new TypeError("Invalid character in header field name");return e.toLowerCase()}function o(e){return"string"!=typeof e&&(e=String(e)),e}function i(e){var t={next:function(){var t=e.shift();return{done:void 0===t,value:t}}};return k.iterable&&(t[Symbol.iterator]=function(){return t}),t}function s(e){this.map={},e instanceof s?e.forEach(function(e,t){this.append(t,e)},this):Array.isArray(e)?e.forEach(function(e){this.append(e[0],e[1])},this):e&&Object.getOwnPropertyNames(e).forEach(function(t){this.append(t,e[t])},this)}function a(e){if(e.bodyUsed)return Promise.reject(new TypeError("Already read"));e.bodyUsed=!0}function u(e){return new Promise(function(t,r){e.onload=function(){t(e.result)},e.onerror=function(){r(e.error)}})}function c(e){var t=new FileReader,r=u(t);return t.readAsArrayBuffer(e),r}function f(e){var t=new FileReader,r=u(t);return t.readAsText(e),r}function l(e){for(var t=new Uint8Array(e),r=new Array(t.length),n=0;n<t.length;n++)r[n]=String.fromCharCode(t[n]);return r.join("")}function p(e){if(e.slice)return e.slice(0);var t=new Uint8Array(e.byteLength);return t.set(new Uint8Array(e)),t.buffer}function h(){return this.bodyUsed=!1,this._initBody=function(e){this._bodyInit=e,e?"string"==typeof e?this._bodyText=e:k.blob&&Blob.prototype.isPrototypeOf(e)?this._bodyBlob=e:k.formData&&FormData.prototype.isPrototypeOf(e)?this._bodyFormData=e:k.searchParams&&URLSearchParams.prototype.isPrototypeOf(e)?this._bodyText=e.toString():k.arrayBuffer&&k.blob&&r(e)?(this._bodyArrayBuffer=p(e.buffer),this._bodyInit=new Blob([this._bodyArrayBuffer])):k.arrayBuffer&&(ArrayBuffer.prototype.isPrototypeOf(e)||b(e))?this._bodyArrayBuffer=p(e):this._bodyText=e=Object.prototype.toString.call(e):this._bodyText="",this.headers.get("content-type")||("string"==typeof e?this.headers.set("content-type","text/plain;charset=UTF-8"):this._bodyBlob&&this._bodyBlob.type?this.headers.set("content-type",this._bodyBlob.type):k.searchParams&&URLSearchParams.prototype.isPrototypeOf(e)&&this.headers.set("content-type","application/x-www-form-urlencoded;charset=UTF-8"))},k.blob&&(this.blob=function(){var e=a(this);if(e)return e;if(this._bodyBlob)return Promise.resolve(this._bodyBlob);if(this._bodyArrayBuffer)return Promise.resolve(new Blob([this._bodyArrayBuffer]));if(this._bodyFormData)throw new Error("could not read FormData body as blob");return Promise.resolve(new Blob([this._bodyText]))},this.arrayBuffer=function(){return this._bodyArrayBuffer?a(this)||Promise.resolve(this._bodyArrayBuffer):this.blob().then(c)}),this.text=function(){var e=a(this);if(e)return e;if(this._bodyBlob)return f(this._bodyBlob);if(this._bodyArrayBuffer)return Promise.resolve(l(this._bodyArrayBuffer));if(this._bodyFormData)throw new Error("could not read FormData body as text");return Promise.resolve(this._bodyText)},k.formData&&(this.formData=function(){return this.text().then(m)}),this.json=function(){return this.text().then(JSON.parse)},this}function d(e){var t=e.toUpperCase();return S.indexOf(t)>-1?t:e}function g(e,t){t=t||{};var r=t.body;if(e instanceof g){if(e.bodyUsed)throw new TypeError("Already read");this.url=e.url,this.credentials=e.credentials,t.headers||(this.headers=new s(e.headers)),this.method=e.method,this.mode=e.mode,this.signal=e.signal,r||null==e._bodyInit||(r=e._bodyInit,e.bodyUsed=!0)}else this.url=String(e);if(this.credentials=t.credentials||this.credentials||"same-origin",!t.headers&&this.headers||(this.headers=new s(t.headers)),this.method=d(t.method||this.method||"GET"),this.mode=t.mode||this.mode||null,this.signal=t.signal||this.signal,this.referrer=null,("GET"===this.method||"HEAD"===this.method)&&r)throw new TypeError("Body not allowed for GET or HEAD requests");this._initBody(r)}function m(e){var t=new FormData;return e.trim().split("&").forEach(function(e){if(e){var r=e.split("="),n=r.shift().replace(/\+/g," "),o=r.join("=").replace(/\+/g," ");t.append(decodeURIComponent(n),decodeURIComponent(o))}}),t}function y(e){var t=new s;return e.replace(/\r?\n[\t ]+/g," ").split(/\r?\n/).forEach(function(e){var r=e.split(":"),n=r.shift().trim();if(n){var o=r.join(":").trim();t.append(n,o)}}),t}function v(e,t){t||(t={}),this.type="default",this.status=void 0===t.status?200:t.status,this.ok=this.status>=200&&this.status<300,this.statusText="statusText"in t?t.statusText:"OK",this.headers=new s(t.headers),this.url=t.url||"",this._initBody(e)}function w(e,r){return new Promise(function(n,o){function i(){a.abort()}var s=new g(e,r);if(s.signal&&s.signal.aborted)return o(new t.DOMException("Aborted","AbortError"));var a=new XMLHttpRequest;a.onload=function(){var e={status:a.status,statusText:a.statusText,headers:y(a.getAllResponseHeaders()||"")};e.url="responseURL"in a?a.responseURL:e.headers.get("X-Request-URL");var t="response"in a?a.response:a.responseText;n(new v(t,e))},a.onerror=function(){o(new TypeError("Network request failed"))},a.ontimeout=function(){o(new TypeError("Network request failed"))},a.onabort=function(){o(new t.DOMException("Aborted","AbortError"))},a.open(s.method,s.url,!0),"include"===s.credentials?a.withCredentials=!0:"omit"===s.credentials&&(a.withCredentials=!1),"responseType"in a&&k.blob&&(a.responseType="blob"),s.headers.forEach(function(e,t){a.setRequestHeader(t,e)}),s.signal&&(s.signal.addEventListener("abort",i),a.onreadystatechange=function(){4===a.readyState&&s.signal.removeEventListener("abort",i)}),a.send(void 0===s._bodyInit?null:s._bodyInit)})}var k={searchParams:"URLSearchParams"in e,iterable:"Symbol"in e&&"iterator"in Symbol,blob:"FileReader"in e&&"Blob"in e&&function(){try{return new Blob,!0}catch(e){return!1}}(),formData:"FormData"in e,arrayBuffer:"ArrayBuffer"in e};if(k.arrayBuffer)var T=["[object Int8Array]","[object Uint8Array]","[object Uint8ClampedArray]","[object Int16Array]","[object Uint16Array]","[object Int32Array]","[object Uint32Array]","[object Float32Array]","[object Float64Array]"],b=ArrayBuffer.isView||function(e){return e&&T.indexOf(Object.prototype.toString.call(e))>-1};s.prototype.append=function(e,t){e=n(e),t=o(t);var r=this.map[e];this.map[e]=r?r+", "+t:t},s.prototype.delete=function(e){delete this.map[n(e)]},s.prototype.get=function(e){return e=n(e),this.has(e)?this.map[e]:null},s.prototype.has=function(e){return this.map.hasOwnProperty(n(e))},s.prototype.set=function(e,t){this.map[n(e)]=o(t)},s.prototype.forEach=function(e,t){for(var r in this.map)this.map.hasOwnProperty(r)&&e.call(t,this.map[r],r,this)},s.prototype.keys=function(){var e=[];return this.forEach(function(t,r){e.push(r)}),i(e)},s.prototype.values=function(){var e=[];return this.forEach(function(t){e.push(t)}),i(e)},s.prototype.entries=function(){var e=[];return this.forEach(function(t,r){e.push([r,t])}),i(e)},k.iterable&&(s.prototype[Symbol.iterator]=s.prototype.entries);var S=["DELETE","GET","HEAD","OPTIONS","POST","PUT"];g.prototype.clone=function(){return new g(this,{body:this._bodyInit})},h.call(g.prototype),h.call(v.prototype),v.prototype.clone=function(){return new v(this._bodyInit,{status:this.status,statusText:this.statusText,headers:new s(this.headers),url:this.url})},v.error=function(){var e=new v(null,{status:0,statusText:""});return e.type="error",e};var A=[301,302,303,307,308];v.redirect=function(e,t){if(-1===A.indexOf(t))throw new RangeError("Invalid status code");return new v(null,{status:t,headers:{location:e}})},t.DOMException=e.DOMException;try{new t.DOMException}catch(e){t.DOMException=function(e,t){this.message=e,this.name=t;var r=Error(e);this.stack=r.stack},t.DOMException.prototype=Object.create(Error.prototype),t.DOMException.prototype.constructor=t.DOMException}w.polyfill=!0,e.fetch||(e.fetch=w,e.Headers=s,e.Request=g,e.Response=v),t.Headers=s,t.Request=g,t.Response=v,t.fetch=w}({})}(r),delete r.fetch.polyfill,t=r.fetch,t.default=r.fetch,t.fetch=r.fetch,t.Headers=r.Headers,t.Request=r.Request,t.Response=r.Response,e.exports=t},function(e,t,r){var n,o;!function(i){var s=!1;if(n=i,void 0!==(o="function"==typeof n?n.call(t,r,t,e):n)&&(e.exports=o),s=!0,e.exports=i(),s=!0,!s){var a=window.Cookies,u=window.Cookies=i();u.noConflict=function(){return window.Cookies=a,u}}}(function(){function e(){for(var e=0,t={};e<arguments.length;e++){var r=arguments[e];for(var n in r)t[n]=r[n]}return t}function t(r){function n(t,o,i){var s;if("undefined"!=typeof document){if(arguments.length>1){if(i=e({path:"/"},n.defaults,i),"number"==typeof i.expires){var a=new Date;a.setMilliseconds(a.getMilliseconds()+864e5*i.expires),i.expires=a}i.expires=i.expires?i.expires.toUTCString():"";try{s=JSON.stringify(o),/^[\{\[]/.test(s)&&(o=s)}catch(e){}o=r.write?r.write(o,t):encodeURIComponent(String(o)).replace(/%(23|24|26|2B|3A|3C|3E|3D|2F|3F|40|5B|5D|5E|60|7B|7D|7C)/g,decodeURIComponent),t=encodeURIComponent(String(t)),t=t.replace(/%(23|24|26|2B|5E|60|7C)/g,decodeURIComponent),t=t.replace(/[\(\)]/g,escape);var u="";for(var c in i)i[c]&&(u+="; "+c,!0!==i[c]&&(u+="="+i[c]));return document.cookie=t+"="+o+u}t||(s={});for(var f=document.cookie?document.cookie.split("; "):[],l=/(%[0-9A-Z]{2})+/g,p=0;p<f.length;p++){var h=f[p].split("="),d=h.slice(1).join("=");this.json||'"'!==d.charAt(0)||(d=d.slice(1,-1));try{var g=h[0].replace(l,decodeURIComponent);if(d=r.read?r.read(d,g):r(d,g)||d.replace(l,decodeURIComponent),this.json)try{d=JSON.parse(d)}catch(e){}if(t===g){s=d;break}t||(s[g]=d)}catch(e){}}return s}}return n.set=n,n.get=function(e){return n.call(n,e)},n.getJSON=function(){return n.apply({json:!0},[].slice.call(arguments))},n.defaults={},n.remove=function(t,r){n(t,"",e(r,{expires:-1}))},n.withConverter=t,n}return t(function(){})})},function(e,t,r){function n(e){var t=this;u.assertValidConfig(e);var r=y.extend({secure:!0},e.cookies);t.features.isLocalhost()&&!t.features.isHTTPS()&&(r.secure=!1),void 0===r.sameSite&&(r.sameSite=r.secure?"none":"lax"),r.secure&&!t.features.isHTTPS()&&(console.warn('The current page is not being served with the HTTPS protocol.\nFor security reasons, we strongly recommend using HTTPS.\nIf you cannot use HTTPS, set "cookies.secure" option to false.'),r.secure=!1),this.options={clientId:e.clientId,issuer:y.removeTrailingSlash(e.issuer),authorizeUrl:y.removeTrailingSlash(e.authorizeUrl),userinfoUrl:y.removeTrailingSlash(e.userinfoUrl),tokenUrl:y.removeTrailingSlash(e.tokenUrl),revokeUrl:y.removeTrailingSlash(e.revokeUrl),logoutUrl:y.removeTrailingSlash(e.logoutUrl),pkce:!1!==e.pkce,redirectUri:e.redirectUri,postLogoutRedirectUri:e.postLogoutRedirectUri,responseMode:e.responseMode,httpRequestClient:e.httpRequestClient,storageUtil:e.storageUtil,transformErrorXHR:e.transformErrorXHR,headers:e.headers,onSessionExpired:e.onSessionExpired,cookies:r},this.userAgent=u.getUserAgent(e,"okta-auth-js/".concat("3.1.3")),e.maxClockSkew||0===e.maxClockSkew?this.options.maxClockSkew=e.maxClockSkew:this.options.maxClockSkew=c.DEFAULT_MAX_CLOCK_SKEW,this.options.ignoreSignature=!!e.ignoreSignature,t.session={close:y.bind(h.closeSession,null,t),exists:y.bind(h.sessionExists,null,t),get:y.bind(h.getSession,null,t),refresh:y.bind(h.refreshSession,null,t),setCookieAndRedirect:y.bind(h.setCookieAndRedirect,null,t)},t.tx={status:y.bind(m.transactionStatus,null,t),resume:y.bind(m.resumeTransaction,null,t),exists:y.bind(m.transactionExists,null,t),introspect:y.bind(m.introspect,null,t)},t.tx.exists._get=function(e){return f.get(e)},t.idToken={authorize:{_getLocationHref:function(){return window.location.href}}},t._tokenQueue=new v,t.token={getWithoutPrompt:y.bind(d.getWithoutPrompt,null,t),getWithPopup:y.bind(d.getWithPopup,null,t),getWithRedirect:y.bind(d.getWithRedirect,null,t),parseFromUrl:y.bind(d.parseFromUrl,null,t),decode:d.decodeToken,revoke:y.bind(d.revokeToken,null,t),renew:y.bind(d.renewToken,null,t),getUserInfo:y.bind(d.getUserInfo,null,t),verify:y.bind(d.verifyToken,null,t)},Object.keys(t.token).forEach(function(e){if("decode"!==e){var r=t.token[e];t.token[e]=y.bind(v.prototype.push,t._tokenQueue,r,null)}}),t.token.getWithRedirect._setLocation=function(e){window.location=e},t.token.parseFromUrl._getHistory=function(){return window.history},t.token.parseFromUrl._getLocation=function(){return window.location},t.token.parseFromUrl._getDocument=function(){return window.document},t.fingerprint._getUserAgent=function(){return navigator.userAgent};var n=/windows phone|iemobile|wpdesktop/i;t.features.isFingerprintSupported=function(){var e=t.fingerprint._getUserAgent();return e&&!n.test(e)},t.emitter=new s,t.tokenManager=new g(t,e.tokenManager),t.tokenManager.on("error",this._onTokenManagerError,this)}var o=r(7),i=r(8),s=r(17),a=r(1),u=r(18),c=r(2),f=r(4).storage,l=r(3),p=r(10),h=r(21),d=r(22),g=r(26),m=r(9),y=r(0),v=r(28),w=n.prototype;w._onTokenManagerError=function(e){"login_required"===e.errorCode&&e.accessToken&&(this.options.onSessionExpired?this.options.onSessionExpired():console.error("Session has expired or was closed outside the application."))},w.features={},w.features.isPopupPostMessageSupported=function(){var e=document.documentMode&&document.documentMode<10;return!(!window.postMessage||e)},w.features.isTokenVerifySupported=function(){return"undefined"!=typeof crypto&&crypto.subtle&&"undefined"!=typeof Uint8Array},w.features.hasTextEncoder=function(){return"undefined"!=typeof TextEncoder},w.features.isPKCESupported=function(){return w.features.isTokenVerifySupported()&&w.features.hasTextEncoder()},w.features.isHTTPS=function(){return"https:"===window.location.protocol},w.features.isLocalhost=function(){return"localhost"===window.location.hostname},w.signIn=function(e){function t(t){return delete e.sendFingerprint,m.postToTransaction(r,"/api/v1/authn",e,t)}var r=this;return e=y.clone(e||{}),e.sendFingerprint?r.fingerprint().then(function(e){return t({headers:{"X-Device-Fingerprint":e}})}):t()},w.closeSession=function(){var e=this;return e.tokenManager.clear(),e.session.close().catch(function(e){if("AuthApiError"!==e.name||"E0000007"!==e.errorCode)throw e})},w.revokeAccessToken=function(){function e(e){return t.apply(this,arguments)}var t=i(o.mark(function e(t){var r;return o.wrap(function(e){for(;;)switch(e.prev=e.next){case 0:if(r=this,t){e.next=5;break}return e.next=4,r.tokenManager.get("accessToken");case 4:t=e.sent;case 5:if(t){e.next=7;break}return e.abrupt("return",Promise.resolve());case 7:return e.abrupt("return",r.token.revoke(t));case 8:case"end":return e.stop()}},e,this)}));return e}(),w.signOut=function(){var e=i(o.mark(function e(t){var r,n,i,s,a,u,c,f,l,h;return o.wrap(function(e){for(;;)switch(e.prev=e.next){case 0:if(t=y.extend({},t),r=window.location.origin,n=t.postLogoutRedirectUri||this.options.postLogoutRedirectUri||r,i=t.accessToken,s=!1!==t.revokeAccessToken,a=t.idToken,u=this,c=p.getOAuthUrls(u).logoutUrl,void 0!==a){e.next=12;break}return e.next=11,u.tokenManager.get("idToken");case 11:a=e.sent;case 12:if(!s||void 0!==i){e.next=16;break}return e.next=15,u.tokenManager.get("token");case 15:i=e.sent;case 16:if(u.tokenManager.clear(),!s||!i){e.next=20;break}return e.next=20,u.revokeAccessToken(i);case 20:if(a){e.next=22;break}return e.abrupt("return",u.closeSession().then(function(){n===r?window.location.reload():window.location.assign(n)}));case 22:f=t.state,l=a.idToken,h=c+"?id_token_hint="+encodeURIComponent(l)+"&post_logout_redirect_uri="+encodeURIComponent(n),f&&(h+="&state="+encodeURIComponent(f)),window.location.assign(h);case 27:case"end":return e.stop()}},e,this)}));return function(t){return e.apply(this,arguments)}}(),u.addSharedPrototypes(w),w.webfinger=function(e){var t="/.well-known/webfinger"+y.toQueryParams(e),r={headers:{Accept:"application/jrd+json"}};return l.get(this,t,r)},w.fingerprint=function(e){e=e||{};var t=this;if(!t.features.isFingerprintSupported())return Promise.reject(new a("Fingerprinting is not supported on this device"));var r,n,o;return new Promise(function(i,s){n=document.createElement("iframe"),n.style.display="none",o=function(e){if(e&&e.data&&e.origin===t.getIssuerOrigin()){try{var r=JSON.parse(e.data)}catch(e){return s(new a("Unable to parse iframe response"))}if(r)return"FingerprintAvailable"===r.type?i(r.fingerprint):void("FingerprintServiceReady"===r.type&&e.source.postMessage(JSON.stringify({type:"GetFingerprint"}),e.origin))}},p.addListener(window,"message",o),n.src=t.getIssuerOrigin()+"/auth/services/devicefingerprint",document.body.appendChild(n),r=setTimeout(function(){s(new a("Fingerprinting timed out"))},e.timeout||15e3)}).finally(function(){clearTimeout(r),p.removeListener(window,"message",o),document.body.contains(n)&&n.parentElement.removeChild(n)})},e.exports=u.buildOktaAuth(n)},function(e,t,r){var n=function(e){"use strict";function t(e,t,r,o){var i=t&&t.prototype instanceof n?t:n,s=Object.create(i.prototype),a=new p(o||[]);return s._invoke=u(e,r,a),s}function r(e,t,r){try{return{type:"normal",arg:e.call(t,r)}}catch(e){return{type:"throw",arg:e}}}function n(){}function o(){}function i(){}function s(e){["next","throw","return"].forEach(function(t){e[t]=function(e){return this._invoke(t,e)}})}function a(e){function t(n,o,i,s){var a=r(e[n],e,o);if("throw"!==a.type){var u=a.arg,c=u.value;return c&&"object"==typeof c&&y.call(c,"__await")?Promise.resolve(c.__await).then(function(e){t("next",e,i,s)},function(e){t("throw",e,i,s)}):Promise.resolve(c).then(function(e){u.value=e,i(u)},function(e){return t("throw",e,i,s)})}s(a.arg)}function n(e,r){function n(){return new Promise(function(n,o){t(e,r,n,o)})}return o=o?o.then(n,n):n()}var o;this._invoke=n}function u(e,t,n){var o=b;return function(i,s){if(o===A)throw new Error("Generator is already running");if(o===E){if("throw"===i)throw s;return d()}for(n.method=i,n.arg=s;;){var a=n.delegate;if(a){var u=c(a,n);if(u){if(u===x)continue;return u}}if("next"===n.method)n.sent=n._sent=n.arg;else if("throw"===n.method){if(o===b)throw o=E,n.arg;n.dispatchException(n.arg)}else"return"===n.method&&n.abrupt("return",n.arg);o=A;var f=r(e,t,n);if("normal"===f.type){if(o=n.done?E:S,f.arg===x)continue;return{value:f.arg,done:n.done}}"throw"===f.type&&(o=E,n.method="throw",n.arg=f.arg)}}}function c(e,t){var n=e.iterator[t.method];if(n===g){if(t.delegate=null,"throw"===t.method){if(e.iterator.return&&(t.method="return",t.arg=g,c(e,t),"throw"===t.method))return x;t.method="throw",t.arg=new TypeError("The iterator does not provide a 'throw' method")}return x}var o=r(n,e.iterator,t.arg);if("throw"===o.type)return t.method="throw",t.arg=o.arg,t.delegate=null,x;var i=o.arg;return i?i.done?(t[e.resultName]=i.value,t.next=e.nextLoc,"return"!==t.method&&(t.method="next",t.arg=g),t.delegate=null,x):i:(t.method="throw",t.arg=new TypeError("iterator result is not an object"),t.delegate=null,x)}function f(e){var t={tryLoc:e[0]};1 in e&&(t.catchLoc=e[1]),2 in e&&(t.finallyLoc=e[2],t.afterLoc=e[3]),this.tryEntries.push(t)}function l(e){var t=e.completion||{};t.type="normal",delete t.arg,e.completion=t}function p(e){this.tryEntries=[{tryLoc:"root"}],e.forEach(f,this),this.reset(!0)}function h(e){if(e){var t=e[w];if(t)return t.call(e);if("function"==typeof e.next)return e;if(!isNaN(e.length)){var r=-1,n=function t(){for(;++r<e.length;)if(y.call(e,r))return t.value=e[r],t.done=!1,t;return t.value=g,t.done=!0,t};return n.next=n}}return{next:d}}function d(){return{value:g,done:!0}}var g,m=Object.prototype,y=m.hasOwnProperty,v="function"==typeof Symbol?Symbol:{},w=v.iterator||"@@iterator",k=v.asyncIterator||"@@asyncIterator",T=v.toStringTag||"@@toStringTag";e.wrap=t;var b="suspendedStart",S="suspendedYield",A="executing",E="completed",x={},_={};_[w]=function(){return this};var O=Object.getPrototypeOf,U=O&&O(O(h([])));U&&U!==m&&y.call(U,w)&&(_=U);var P=i.prototype=n.prototype=Object.create(_);return o.prototype=P.constructor=i,i.constructor=o,i[T]=o.displayName="GeneratorFunction",e.isGeneratorFunction=function(e){var t="function"==typeof e&&e.constructor;return!!t&&(t===o||"GeneratorFunction"===(t.displayName||t.name))},e.mark=function(e){return Object.setPrototypeOf?Object.setPrototypeOf(e,i):(e.__proto__=i,T in e||(e[T]="GeneratorFunction")),e.prototype=Object.create(P),e},e.awrap=function(e){return{__await:e}},s(a.prototype),a.prototype[k]=function(){return this},e.AsyncIterator=a,e.async=function(r,n,o,i){var s=new a(t(r,n,o,i));return e.isGeneratorFunction(n)?s:s.next().then(function(e){return e.done?e.value:s.next()})},s(P),P[T]="Generator",P[w]=function(){return this},P.toString=function(){return"[object Generator]"},e.keys=function(e){var t=[];for(var r in e)t.push(r);return t.reverse(),function r(){for(;t.length;){var n=t.pop();if(n in e)return r.value=n,r.done=!1,r}return r.done=!0,r}},e.values=h,p.prototype={constructor:p,reset:function(e){if(this.prev=0,this.next=0,this.sent=this._sent=g,this.done=!1,this.delegate=null,this.method="next",this.arg=g,this.tryEntries.forEach(l),!e)for(var t in this)"t"===t.charAt(0)&&y.call(this,t)&&!isNaN(+t.slice(1))&&(this[t]=g)},stop:function(){this.done=!0;var e=this.tryEntries[0],t=e.completion;if("throw"===t.type)throw t.arg;return this.rval},dispatchException:function(e){function t(t,n){return i.type="throw",i.arg=e,r.next=t,n&&(r.method="next",r.arg=g),!!n}if(this.done)throw e;for(var r=this,n=this.tryEntries.length-1;n>=0;--n){var o=this.tryEntries[n],i=o.completion;if("root"===o.tryLoc)return t("end");if(o.tryLoc<=this.prev){var s=y.call(o,"catchLoc"),a=y.call(o,"finallyLoc");if(s&&a){if(this.prev<o.catchLoc)return t(o.catchLoc,!0);if(this.prev<o.finallyLoc)return t(o.finallyLoc)}else if(s){if(this.prev<o.catchLoc)return t(o.catchLoc,!0)}else{if(!a)throw new Error("try statement without catch or finally");if(this.prev<o.finallyLoc)return t(o.finallyLoc)}}}},abrupt:function(e,t){for(var r=this.tryEntries.length-1;r>=0;--r){var n=this.tryEntries[r];if(n.tryLoc<=this.prev&&y.call(n,"finallyLoc")&&this.prev<n.finallyLoc){var o=n;break}}o&&("break"===e||"continue"===e)&&o.tryLoc<=t&&t<=o.finallyLoc&&(o=null);var i=o?o.completion:{};return i.type=e,i.arg=t,o?(this.method="next",this.next=o.finallyLoc,x):this.complete(i)},complete:function(e,t){if("throw"===e.type)throw e.arg;return"break"===e.type||"continue"===e.type?this.next=e.arg:"return"===e.type?(this.rval=this.arg=e.arg,this.method="return",this.next="end"):"normal"===e.type&&t&&(this.next=t),x},finish:function(e){for(var t=this.tryEntries.length-1;t>=0;--t){var r=this.tryEntries[t];if(r.finallyLoc===e)return this.complete(r.completion,r.afterLoc),l(r),x}},catch:function(e){for(var t=this.tryEntries.length-1;t>=0;--t){var r=this.tryEntries[t];if(r.tryLoc===e){var n=r.completion;if("throw"===n.type){var o=n.arg;l(r)}return o}}throw new Error("illegal catch attempt")},delegateYield:function(e,t,r){return this.delegate={iterator:h(e),resultName:t,nextLoc:r},"next"===this.method&&(this.arg=g),x}},e}(e.exports);try{regeneratorRuntime=n}catch(e){Function("r","regeneratorRuntime = r")(n)}},function(e,t){function r(){}r.prototype={on:function(e,t,r){var n=this.e||(this.e={});return(n[e]||(n[e]=[])).push({fn:t,ctx:r}),this},once:function(e,t,r){function n(){o.off(e,n),t.apply(r,arguments)}var o=this;return n._=t,this.on(e,n,r)},emit:function(e){var t=[].slice.call(arguments,1),r=((this.e||(this.e={}))[e]||[]).slice(),n=0,o=r.length;for(n;n<o;n++)r[n].fn.apply(r[n].ctx,t);return this},off:function(e,t){var r=this.e||(this.e={}),n=r[e],o=[];if(n&&t)for(var i=0,s=n.length;i<s;i++)n[i].fn!==t&&n[i].fn._!==t&&o.push(n[i]);return o.length?r[e]=o:delete r[e],this}},e.exports=r},function(e,t,r){function n(e){if(!e)throw new a("No arguments passed to constructor. Required usage: new OktaAuth(args)");var t=e.issuer;if(!t)throw new a('No issuer passed to constructor. Required usage: new OktaAuth({issuer: "https://{yourOktaDomain}.com/oauth2/{authServerId}"})');if(!new RegExp("^http?s?://.+").test(e.issuer))throw new a('Issuer must be a valid URL. Required usage: new OktaAuth({issuer: "https://{yourOktaDomain}.com/oauth2/{authServerId}"})');if(-1!==t.indexOf("-admin."))throw new a('Issuer URL passed to constructor contains "-admin" in subdomain. Required usage: new OktaAuth({issuer: "https://{yourOktaDomain}.com})');var r=e.userAgent;if(r&&r.template&&-1===r.template.indexOf("$OKTA_AUTH_JS"))throw new a('UserAgentTemplate must include "$OKTA_AUTH_JS" placeholder. Required usage: new OktaAuth({userAgentTemplate: "xxx $OKTA_AUTH_JS xxx"})')}function o(e){e.getIssuerOrigin=function(){return this.options.issuer.split("/oauth2/")[0]},e.forgotPassword=function(e){return u.postToTransaction(this,"/api/v1/authn/recovery/password",e)},e.unlockAccount=function(e){return u.postToTransaction(this,"/api/v1/authn/recovery/unlock",e)},e.verifyRecoveryToken=function(e){return u.postToTransaction(this,"/api/v1/authn/recovery/token",e)}}function i(e){return function(t,r){function n(o){if(!(this instanceof n))return new n(o);o&&(o.storageUtil=t,o.ajaxRequest?(c.deprecate("ajaxRequest is being deprecated, use httpRequestClient attribute instead."),o.httpRequestClient=o.ajaxRequest):o.httpRequestClient||(o.httpRequestClient=r)),c.bind(e,this)(o)}return n.prototype=e.prototype,n.prototype.constructor=n,n.features=e.prototype.features,n}}function s(e,t){var r=e.userAgent||{};return r.value?r.value:r.template?r.template.replace("$OKTA_AUTH_JS",t):t}var a=r(1),u=r(9),c=r(0);e.exports={addSharedPrototypes:o,buildOktaAuth:i,assertValidConfig:n,getUserAgent:s}},function(e,t){function r(e,t){this.name="AuthApiError",this.message=e.errorSummary,this.errorSummary=e.errorSummary,this.errorCode=e.errorCode,this.errorLink=e.errorLink,this.errorId=e.errorId,this.errorCauses=e.errorCauses,t&&(this.xhr=t)}r.prototype=new Error,e.exports=r},function(e,t){function r(){this.name="AuthPollStopError",this.message="The poll was stopped by the sdk"}r.prototype=new Error,e.exports=r},function(e,t,r){function n(e){return e.session.get().then(function(e){return"ACTIVE"===e.status}).catch(function(){return!1})}function o(e){return c.get(e,"/api/v1/sessions/me").then(function(t){var r=u.omit(t,"_links");return r.refresh=function(){return c.post(e,u.getLink(t,"refresh").href)},r.user=function(){return c.get(e,u.getLink(t,"user").href)},r}).catch(function(){return{status:"INACTIVE"}})}function i(e){return c.httpRequest(e,{url:e.getIssuerOrigin()+"/api/v1/sessions/me",method:"DELETE"})}function s(e){return c.post(e,"/api/v1/sessions/me/lifecycle/refresh")}function a(e,t,r){r=r||window.location.href,window.location=e.getIssuerOrigin()+"/login/sessionCookieRedirect"+u.toQueryParams({checkAccountSetupComplete:!0,token:t,redirectUrl:r})}var u=r(0),c=r(3);e.exports={sessionExists:n,getSession:o,closeSession:i,refreshSession:s,setCookieAndRedirect:a}},function(e,t,r){function n(e,t){return Promise.resolve().then(function(){if(!t||!t.accessToken)throw new C("A valid access token object is required");var r=e.options.clientId;if(!r)throw new C("A clientId must be specified in the OktaAuth constructor to revoke a token");var n=U.getOAuthUrls(e).revokeUrl,o=t.accessToken,i=O.toQueryParams({token_type_hint:"access_token",token:o}).slice(1),s=btoa(r);return _.post(e,n,i,{headers:{"Content-Type":"application/x-www-form-urlencoded",Authorization:"Basic "+s}})})}function o(e){var t,r=e.split(".");try{t={header:JSON.parse(O.base64UrlToString(r[0])),payload:JSON.parse(O.base64UrlToString(r[1])),signature:r[2]}}catch(e){throw new C("Malformed token")}return t}function i(e,t,r){return Promise.resolve().then(function(){if(!t||!t.idToken)throw new C("Only idTokens may be verified");var n=o(t.idToken),i={clientId:e.options.clientId,issuer:e.options.issuer,ignoreSignature:e.options.ignoreSignature};return O.extend(i,r),U.validateClaims(e,n.payload,i),1!=i.ignoreSignature&&e.features.isTokenVerifySupported()?U.getKey(e,t.issuer,n.header.kid).then(function(e){return P.verifyToken(t.idToken,e)}).then(function(e){if(!e)throw new C("The token signature is not valid");if(r&&r.accessToken&&t.claims.at_hash)return P.getOidcHash(r.accessToken).then(function(e){if(e!==t.claims.at_hash)throw new C("Token hash verification failed")})}).then(function(){return t}):t})}function s(e,t,r){var n,o;return new Promise(function(i,s){n=function(t){if(t.data&&t.data.state===r)return t.origin!==e.getIssuerOrigin()?s(new C("The request does not match client configuration")):void i(t.data)},U.addListener(window,"message",n),o=setTimeout(function(){s(new C("OAuth flow timed out"))},t||12e4)}).finally(function(){clearTimeout(o),U.removeListener(window,"message",n)})}function a(e,t,r){var n;return new Promise(function(e,o){function i(){try{t&&t.location&&t.location.hash?e(U.hashToObject(t.location.hash)):t&&!t.closed&&setTimeout(i,500)}catch(e){setTimeout(i,500)}}i(),n=setTimeout(function(){o(new C("OAuth flow timed out"))},r||12e4)}).finally(function(){clearTimeout(n)})}function u(e,t,r,n){var o=M.loadMeta(e),i={clientId:t.clientId,authorizationCode:r,codeVerifier:o.codeVerifier,redirectUri:o.redirectUri};return M.getToken(e,i,n).then(function(e){return c(e,i),e}).finally(function(){M.clearMeta(e)})}function c(e,t){if(e.error||e.error_description)throw new R(e.error,e.error_description);if(e.state!==t.state)throw new C("OAuth flow response state doesn't match request state")}function f(e,t,r,n){n=n||{};var o=t.responseType;Array.isArray(o)||(o=[o]);var s=O.clone(t.scopes),a=t.clientId||e.options.clientId,f=!1!==e.options.pkce;return Promise.resolve().then(function(){return c(r,t),r.code&&f?(o=["token","id_token"],u(e,t,r.code,n)):r}).then(function(r){var o={},u=r.expires_in,c=r.token_type,f=r.access_token,l=r.id_token;if(f&&(o.accessToken={value:f,accessToken:f,expiresAt:Number(u)+Math.floor(Date.now()/1e3),tokenType:c,scopes:s,authorizeUrl:n.authorizeUrl,userinfoUrl:n.userinfoUrl}),l){var p=e.token.decode(l),h={value:l,idToken:l,claims:p.payload,expiresAt:p.payload.exp,scopes:s,authorizeUrl:n.authorizeUrl,issuer:n.issuer,clientId:a},d={clientId:a,issuer:n.issuer,nonce:t.nonce,accessToken:f};return void 0!==t.ignoreSignature&&(d.ignoreSignature=t.ignoreSignature),i(e,h,d).then(function(){return o.idToken=h,o})}return o}).then(function(e){if(-1!==o.indexOf("token")&&!e.accessToken)throw new C('Unable to parse OAuth flow response: response type "token" was requested but "access_token" was not returned.');if(-1!==o.indexOf("id_token")&&!e.idToken)throw new C('Unable to parse OAuth flow response: response type "id_token" was requested but "id_token" was not returned.');return{tokens:e,state:r.state,code:r.code}})}function l(e){return{pkce:e.options.pkce,clientId:e.options.clientId,redirectUri:e.options.redirectUri||window.location.href,responseType:["token","id_token"],responseMode:e.options.responseMode,state:U.generateState(),nonce:U.generateNonce(),scopes:["openid","email"],ignoreSignature:e.options.ignoreSignature}}function p(e){if(!e.clientId)throw new C("A clientId must be specified in the OktaAuth constructor to get a token");if(O.isString(e.responseType)&&-1!==e.responseType.indexOf(" "))throw new C("Multiple OAuth responseTypes must be defined as an array");var t=O.removeNils({client_id:e.clientId,code_challenge:e.codeChallenge,code_challenge_method:e.codeChallengeMethod,display:e.display,idp:e.idp,idp_scope:e.idpScope,login_hint:e.loginHint,max_age:e.maxAge,nonce:e.nonce,prompt:e.prompt,redirect_uri:e.redirectUri,response_mode:e.responseMode,response_type:e.responseType,sessionToken:e.sessionToken,state:e.state});if(["idp_scope","response_type"].forEach(function(e){Array.isArray(t[e])&&(t[e]=t[e].join(" "))}),-1!==e.responseType.indexOf("id_token")&&-1===e.scopes.indexOf("openid"))throw new C("openid scope must be specified in the scopes argument when requesting an id_token");return t.scope=e.scopes.join(" "),t}function h(e){var t=p(e);return O.toQueryParams(t)}function d(e,t){return arguments.length>2?Promise.reject(new C('As of version 3.0, "getToken" takes only a single set of options')):(t=t||{},y(e,t).then(function(r){function n(e){return/^(https?\:\/\/)?([^:\/?#]*(?:\:[0-9]+)?)/.exec(e)[0]}var o={prompt:"none",responseMode:"okta_post_message",display:null},i={display:"popup"};t.sessionToken?O.extend(r,o):t.idp&&O.extend(r,i);var u,c,l;l=U.getOAuthUrls(e,r),c=t.codeVerifier?l.tokenUrl:l.authorizeUrl,u=c+h(r);switch(r.sessionToken||null===r.display?"IFRAME":"popup"===r.display?"POPUP":"IMPLICIT"){case"IFRAME":var p=s(e,t.timeout,r.state),d=U.loadFrame(u);return p.then(function(t){return f(e,r,t,l)}).finally(function(){document.body.contains(d)&&d.parentElement.removeChild(d)});case"POPUP":var g;if("okta_post_message"===r.responseMode){if(!e.features.isPopupPostMessageSupported())throw new C("This browser doesn't have full postMessage support");g=s(e,t.timeout,r.state)}var m={popupTitle:t.popupTitle},y=U.loadPopup(u,m);if("fragment"===r.responseMode){var v=n(e.idToken.authorize._getLocationHref()),w=n(r.redirectUri);if(v!==w)throw new C("Using fragment, the redirectUri origin ("+w+") must match the origin of this page ("+v+")");g=a(e,y,t.timeout)}return new Promise(function(e,t){var r=setInterval(function(){y&&!y.closed||(clearInterval(r),t(new C("Unable to parse OAuth flow response")))},100);g.then(function(t){clearInterval(r),e(t)}).catch(function(e){clearInterval(r),t(e)})}).then(function(t){return f(e,r,t,l)}).finally(function(){y&&!y.closed&&y.close()});default:throw new C("The full page redirect flow is not supported")}}))}function g(e,t){return arguments.length>2?Promise.reject(new C('As of version 3.0, "getWithoutPrompt" takes only a single set of options')):(t=O.clone(t)||{},O.extend(t,{prompt:"none",responseMode:"okta_post_message",display:null}),d(e,t))}function m(e,t){return arguments.length>2?Promise.reject(new C('As of version 3.0, "getWithPopup" takes only a single set of options')):(t=O.clone(t)||{},O.extend(t,{display:"popup",responseMode:"okta_post_message"}),d(e,t))}function y(e,t){t=O.clone(t)||{};var r=l(e);if(O.extend(r,t),!1===r.pkce)return Promise.resolve(r);if(!e.features.isPKCESupported()){var n="PKCE requires a modern browser with encryption support running in a secure context.";return e.features.isHTTPS()||(n+="\nThe current page is not being served with HTTPS protocol. PKCE requires secure HTTPS protocol."),e.features.hasTextEncoder()||(n+='\n"TextEncoder" is not defined. To use PKCE, you may need to include a polyfill/shim for this browser.'),Promise.reject(new C(n))}return r.codeChallengeMethod||(r.codeChallengeMethod=M.DEFAULT_CODE_CHALLENGE_METHOD),r.responseType="code",U.getWellKnown(e,null).then(function(e){if(-1===(e.code_challenge_methods_supported||[]).indexOf(r.codeChallengeMethod))throw new C("Invalid code_challenge_method")}).then(function(){var t=M.generateVerifier(r.codeVerifier),n={codeVerifier:t,redirectUri:r.redirectUri};return M.saveMeta(e,n),M.computeChallenge(t)}).then(function(e){var t=O.clone(r)||{};return O.extend(t,r,{codeChallenge:e}),t})}function v(e,t){return arguments.length>2?Promise.reject(new C('As of version 3.0, "getWithRedirect" takes only a single set of options')):(t=O.clone(t)||{},y(e,t).then(function(r){var n=U.getOAuthUrls(e,t),o=n.authorizeUrl+h(r);L.set(I.REDIRECT_OAUTH_PARAMS_COOKIE_NAME,JSON.stringify({responseType:r.responseType,state:r.state,nonce:r.nonce,scopes:r.scopes,clientId:r.clientId,urls:n,ignoreSignature:r.ignoreSignature}),null,e.options.cookies),L.set(I.REDIRECT_NONCE_COOKIE_NAME,r.nonce,null,e.options.cookies),L.set(I.REDIRECT_STATE_COOKIE_NAME,r.state,null,e.options.cookies),e.token.getWithRedirect._setLocation(o)}))}function w(e,t){if(!U.isToken(t))return Promise.reject(new C("Renew must be passed a token with an array of scopes and an accessToken or idToken"));var r;return r=e.options.pkce?"code":t.accessToken?"token":"id_token",g(e,{responseType:r,scopes:t.scopes,authorizeUrl:t.authorizeUrl,userinfoUrl:t.userinfoUrl,issuer:t.issuer}).then(function(e){var r=e.tokens;return t.idToken?r.idToken:r.accessToken})}function k(e){var t=e.token.parseFromUrl._getHistory(),r=e.token.parseFromUrl._getDocument(),n=e.token.parseFromUrl._getLocation();t&&t.replaceState?t.replaceState(null,r.title,n.pathname+n.search):n.hash=""}function T(e){var t=e.token.parseFromUrl._getHistory(),r=e.token.parseFromUrl._getDocument(),n=e.token.parseFromUrl._getLocation();t&&t.replaceState?t.replaceState(null,r.title,n.pathname+n.hash):n.search=""}function b(e,t){t=t||{},O.isString(t)&&(t={url:t});var r,n=e.options.pkce?"query":"fragment",o=t.url,i=t.responseMode||e.options.responseMode||n,s=e.token.parseFromUrl._getLocation();if(!(r="query"===i?o?o.substring(o.indexOf("?")):s.search:o?o.substring(o.indexOf("#")):s.hash))return Promise.reject(new C("Unable to parse a token from the url"));var a=L.get(I.REDIRECT_OAUTH_PARAMS_COOKIE_NAME);if(!a)return Promise.reject(new C("Unable to retrieve OAuth redirect params cookie"));try{var u=JSON.parse(a),c=u.urls;delete u.urls,L.delete(I.REDIRECT_OAUTH_PARAMS_COOKIE_NAME)}catch(e){return Promise.reject(new C("Unable to parse the "+I.REDIRECT_OAUTH_PARAMS_COOKIE_NAME+" cookie: "+e.message))}return Promise.resolve(U.urlParamsToObject(r)).then(function(t){return o||("query"===i?T(e):k(e)),f(e,u,t,c)})}function S(e,t,r){return A.apply(this,arguments)}function A(){return A=x(E.mark(function e(t,r,n){return E.wrap(function(e){for(;;)switch(e.prev=e.next){case 0:if(r){e.next=4;break}return e.next=3,t.tokenManager.get("accessToken");case 3:r=e.sent;case 4:if(n){e.next=8;break}return e.next=7,t.tokenManager.get("idToken");case 7:n=e.sent;case 8:if(r&&(U.isToken(r)||r.accessToken||r.userinfoUrl)){e.next=10;break}return e.abrupt("return",Promise.reject(new C("getUserInfo requires an access token object")));case 10:if(n&&(U.isToken(n)||n.idToken)){e.next=12;break}return e.abrupt("return",Promise.reject(new C("getUserInfo requires an ID token object")));case 12:return e.abrupt("return",_.httpRequest(t,{url:r.userinfoUrl,method:"GET",accessToken:r.accessToken}).then(function(e){return e.sub===n.claims.sub?e:Promise.reject(new C("getUserInfo request was rejected due to token mismatch"))}).catch(function(e){if(e.xhr&&(401===e.xhr.status||403===e.xhr.status)){var t;if(e.xhr.headers&&O.isFunction(e.xhr.headers.get)&&e.xhr.headers.get("WWW-Authenticate")?t=e.xhr.headers.get("WWW-Authenticate"):O.isFunction(e.xhr.getResponseHeader)&&(t=e.xhr.getResponseHeader("WWW-Authenticate")),t){var r=t.match(/error="(.*?)"/)||[],n=t.match(/error_description="(.*?)"/)||[],o=r[1],i=n[1];o&&i&&(e=new R(o,i))}}throw e}));case 13:case"end":return e.stop()}},e)})),A.apply(this,arguments)}var E=r(7),x=r(8),_=r(3),O=r(0),U=r(10),P=r(23),C=r(1),R=r(24),I=r(2),L=r(4).storage,M=r(25);e.exports={revokeToken:n,getToken:d,getWithoutPrompt:g,getWithPopup:m,getWithRedirect:v,parseFromUrl:b,decodeToken:o,renewToken:w,getUserInfo:S,verifyToken:i,handleOAuthResponse:f,prepareOauthParams:y}},function(e,t,r){function n(e){var t=(new TextEncoder).encode(e);return crypto.subtle.digest("SHA-256",t).then(function(e){var t=new Uint8Array(e),r=t.slice(0,16),n=String.fromCharCode.apply(null,r);return i.stringToBase64Url(n)})}function o(e,t){t=i.clone(t);var r={name:"RSASSA-PKCS1-v1_5",hash:{name:"SHA-256"}},n=["verify"];return delete t.use,crypto.subtle.importKey("jwk",t,r,!0,n).then(function(t){var n=e.split("."),o=i.stringToBuffer(n[0]+"."+n[1]),s=i.base64UrlDecode(n[2]),a=i.stringToBuffer(s);return crypto.subtle.verify(r,t,a,o)})}var i=r(0);e.exports={getOidcHash:n,verifyToken:o}},function(e,t){function r(e,t){this.name="OAuthError",this.message=t,this.errorCode=e,this.errorSummary=t}r.prototype=new Error,e.exports=r},function(e,t,r){function n(e){return("0"+e.toString(16)).substr(-2)}function o(e){var t=new Uint8Array(Math.ceil(e/2));return crypto.getRandomValues(t),Array.from(t,n).join("").slice(0,e)}function i(e){var t=e||"";return t.length<y&&(t+=o(y-t.length)),encodeURIComponent(t).slice(0,v)}function s(e,t){return t=m.extend({},e.options.cookies,t),e.options.storageUtil.getPKCEStorage(t)}function a(e,t){s(e).setStorage(t)}function u(e){var t=s(e),r=t.getStorage();if(!r.codeVerifier&&(t=s(e,{preferLocalStorage:!0}),r=t.getStorage(),!r.codeVerifier))throw new d("Could not load PKCE codeVerifier from storage");return r}function c(e){s(e).clearStorage()}function f(e){var t=(new TextEncoder).encode(e);return crypto.subtle.digest("SHA-256",t).then(function(e){var t=String.fromCharCode.apply(null,new Uint8Array(e));return m.stringToBase64Url(t)})}function l(e){if(!e.clientId)throw new d("A clientId must be specified in the OktaAuth constructor to get a token");if(!e.redirectUri)throw new d("The redirectUri passed to /authorize must also be passed to /token");if(!e.authorizationCode)throw new d("An authorization code (returned from /authorize) must be passed to /token");if(!e.codeVerifier)throw new d('The "codeVerifier" (generated and saved by your app) must be passed to /token')}function p(e){var t=m.removeNils({client_id:e.clientId,redirect_uri:e.redirectUri,grant_type:"authorization_code",code:e.authorizationCode,code_verifier:e.codeVerifier});return m.toQueryParams(t).slice(1)}function h(e,t,r){l(t);var n=p(t);return g.httpRequest(e,{url:r.tokenUrl,method:"POST",args:n,withCredentials:!1,headers:{"Content-Type":"application/x-www-form-urlencoded"}})}var d=r(1),g=r(3),m=r(0),y=43,v=128;e.exports={DEFAULT_CODE_CHALLENGE_METHOD:"S256",generateVerifier:i,clearMeta:c,saveMeta:a,loadMeta:u,computeChallenge:f,getToken:h}},function(e,t,r){function n(e,t){return t.expiresAt-e.options.expireEarlySeconds}function o(e,t){return n(e,t)<=e.clock.now()}function i(e,t,r){e.emitter.emit("expired",t,r)}function s(e,t){e.emitter.emit("error",t)}function a(e,t){clearTimeout(e.expireTimeouts[t]),delete e.expireTimeouts[t],delete e.renewPromise[t]}function u(e){var t=e.expireTimeouts;for(var r in t)t.hasOwnProperty(r)&&a(e,r)}function c(e,t,r,o){var s=n(t,o),u=1e3*Math.max(s-t.clock.now(),0);a(t,r);var c=setTimeout(function(){i(t,r,o)},u);t.expireTimeouts[r]=c}function f(e,t,r){try{var n=r.getStorage()}catch(e){return void s(t,e)}for(var o in n)if(n.hasOwnProperty(o)){var i=n[o];c(e,t,o,i)}}function l(e,t,r,n,o){var i=r.getStorage();if(!w.isObject(o)||!o.scopes||!o.expiresAt&&0!==o.expiresAt||!o.idToken&&!o.accessToken)throw new k("Token must be an Object with scopes, expiresAt, and an idToken or accessToken properties");i[n]=o,r.setStorage(i),c(e,t,n,o)}function p(e,t){return e.getStorage()[t]}function h(e,t,r,n){return new Promise(function(i){var s=p(r,n);return i(s&&o(t,s)?t.options.autoRenew?g(e,t,r,n):d(t,r,n):s)})}function d(e,t,r){a(e,r);var n=t.getStorage();delete n[r],t.setStorage(n)}function g(e,t,r,n){var o=t.renewPromise[n];if(o)return o;try{var i=p(r,n);if(!i)throw new k("The tokenManager has no token for the key: "+n)}catch(e){return Promise.reject(e)}return a(t,n),t.renewPromise[n]=e.token.renew(i).then(function(o){var i=p(r,n);if(i)return l(e,t,r,n,o),t.emitter.emit("renewed",n,o,i),o}).catch(function(e){throw"OAuthError"!==e.name&&"AuthSdkError"!==e.name||(d(t,r,n),e.tokenKey=n,e.accessToken=!!i.accessToken,s(t,e)),e}).finally(function(){delete t.renewPromise[n]}),t.renewPromise[n]}function m(e,t){u(e),t.clearStorage()}function y(e,t){t=w.extend({},E,w.removeNils(t)),"localStorage"!==t.storage||T.browserHasLocalStorage()||(w.warn("This browser doesn't support localStorage. Switching to sessionStorage."),t.storage="sessionStorage"),"sessionStorage"!==t.storage||T.browserHasSessionStorage()||(w.warn("This browser doesn't support sessionStorage. Switching to cookie-based storage."),t.storage="cookie");var r;if("object"===v(t.storage))r=t.storage;else switch(t.storage){case"localStorage":r=localStorage;break;case"sessionStorage":r=sessionStorage;break;case"cookie":r=T.getCookieStorage(e.options.cookies);break;case"memory":r=T.getInMemoryStorage();break;default:throw new k("Unrecognized storage option")}var n=t.storageKey||b.TOKEN_STORAGE_NAME,o=S(r,n),i=A.create(e,t),s={clock:i,options:t,emitter:e.emitter,expireTimeouts:{},renewPromise:{}};this.add=w.bind(l,this,e,s,o),this.get=w.bind(h,this,e,s,o),this.remove=w.bind(d,this,s,o),this.clear=w.bind(m,this,s,o),this.renew=w.bind(g,this,e,s,o),this.on=w.bind(s.emitter.on,s.emitter),this.off=w.bind(s.emitter.off,s.emitter),f(e,s,o)}var v=r(5),w=r(0),k=r(1),T=r(4),b=r(2),S=r(6),A=r(27),E={autoRenew:!0,storage:"localStorage",expireEarlySeconds:30};e.exports=y},function(e,t,r){function n(e){this.localOffset=parseInt(e||0)}r(0).extend(n.prototype,{now:function(){return(Date.now()+this.localOffset)/1e3}}),n.create=function(){return new n(0)},e.exports=n},function(e,t,r){function n(){this.queue=[],this.running=!1}var o=r(0);o.extend(n.prototype,{push:function(){var e=this,t=Array.prototype.slice.call(arguments),r=t[0],n=t[1];return t=t.slice(2),new Promise(function(o,i){e.queue.push({method:r,thisObject:n,args:t,resolve:o,reject:i}),e.run()})},run:function(){var e=this;if(!this.running&&0!==this.queue.length){this.running=!0;var t=this.queue.shift(),r=t.method.apply(t.thisObject,t.args);o.isPromise(r)?r.then(t.resolve,t.reject).finally(function(){e.running=!1,e.run()}):(t.resolve(r),this.running=!1,this.run())}}}),e.exports=n}])});
!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.OktaAuth=t():e.OktaAuth=t()}("undefined"!=typeof self?self:this,function(){return function(e){function t(n){if(r[n])return r[n].exports;var o=r[n]={i:n,l:!1,exports:{}};return e[n].call(o.exports,o,o.exports,t),o.l=!0,o.exports}var r={};return t.m=e,t.c=r,t.d=function(e,r,n){t.o(e,r)||Object.defineProperty(e,r,{configurable:!1,enumerable:!0,get:n})},t.n=function(e){var r=e&&e.__esModule?function(){return e.default}:function(){return e};return t.d(r,"a",r),r},t.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},t.p="",t(t.s=11)}([function(e,t){var r=e.exports;r.stringToBase64Url=function(e){var t=btoa(e);return r.base64ToBase64Url(t)},r.base64ToBase64Url=function(e){return e.replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")},r.base64UrlToBase64=function(e){return e.replace(/-/g,"+").replace(/_/g,"/")},r.base64UrlToString=function(e){var t=r.base64UrlToBase64(e);switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw"Not a valid Base64Url"}var n=atob(t);try{return decodeURIComponent(escape(n))}catch(e){return n}},r.stringToBuffer=function(e){for(var t=new Uint8Array(e.length),r=0;r<e.length;r++)t[r]=e.charCodeAt(r);return t},r.base64UrlDecode=function(e){return atob(r.base64UrlToBase64(e))},r.bind=function(e,t){var r=Array.prototype.slice.call(arguments,2);return function(){var n=Array.prototype.slice.call(arguments);return n=r.concat(n),e.apply(t,n)}},r.isAbsoluteUrl=function(e){return/^(?:[a-z]+:)?\/\//i.test(e)},r.isString=function(e){return"[object String]"===Object.prototype.toString.call(e)},r.isObject=function(e){return"[object Object]"===Object.prototype.toString.call(e)},r.isNumber=function(e){return"[object Number]"===Object.prototype.toString.call(e)},r.isoToUTCString=function(e){var t=e.match(/\d+/g),r=Date.UTC(t[0],t[1]-1,t[2],t[3],t[4],t[5]);return new Date(r).toUTCString()},r.toQueryParams=function(e){var t=[];if(null!==e)for(var r in e)e.hasOwnProperty(r)&&void 0!==e[r]&&null!==e[r]&&t.push(r+"="+encodeURIComponent(e[r]));return t.length?"?"+t.join("&"):""},r.genRandomString=function(e){for(var t="abcdefghijklnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789",r="",n=0,o=t.length;n<e;++n)r+=t[Math.floor(Math.random()*o)];return r},r.extend=function(){var e=arguments[0];return[].slice.call(arguments,1).forEach(function(t){for(var r in t)t.hasOwnProperty(r)&&void 0!==t[r]&&(e[r]=t[r])}),e},r.removeNils=function(e){var t={};for(var r in e)if(e.hasOwnProperty(r)){var n=e[r];null!==n&&void 0!==n&&(t[r]=n)}return t},r.clone=function(e){if(e){var t=JSON.stringify(e);if(t)return JSON.parse(t)}return e},r.omit=function(e){var t=Array.prototype.slice.call(arguments,1),n={};for(var o in e)e.hasOwnProperty(o)&&-1==t.indexOf(o)&&(n[o]=e[o]);return r.clone(n)},r.find=function(e,t){for(var r=e.length;r--;){var n=e[r],o=!0;for(var i in t)if(t.hasOwnProperty(i)&&n[i]!==t[i]){o=!1;break}if(o)return n}},r.getLink=function(e,t,n){if(e&&e._links){var o=r.clone(e._links[t]);return o&&o.name&&n?o.name===n?o:void 0:o}},r.getNativeConsole=function(){return"undefined"!=typeof window?window.console:"undefined"!=typeof console?console:void 0},r.getConsole=function(){var e=r.getNativeConsole();return e&&e.log?e:{log:function(){}}},r.warn=function(e){r.getConsole().log("[okta-auth-sdk] WARN: "+e)},r.deprecate=function(e){r.getConsole().log("[okta-auth-sdk] DEPRECATION: "+e)},r.deprecateWrap=function(e,t){return function(){return r.deprecate(e),t.apply(null,arguments)}},r.removeTrailingSlash=function(e){if(e){var t=e.replace(/^\s+|\s+$/gm,"");return t=t.replace(/\/+$/,"")}},r.isIE11OrLess=function(){return!!document.documentMode&&document.documentMode<=11},r.isFunction=function(e){return!!e&&"[object Function]"==={}.toString.call(e)},r.delay=function(e){return new Promise(function(t){setTimeout(t,e)})},r.isPromise=function(e){return e&&e.finally&&"function"==typeof e.finally}},function(e,t){function r(e,t){this.name="AuthSdkError",this.message=e,this.errorCode="INTERNAL",this.errorSummary=e,this.errorLink="INTERNAL",this.errorId="INTERNAL",this.errorCauses=[],t&&(this.xhr=t)}r.prototype=new Error,e.exports=r},function(e,t){e.exports={STATE_TOKEN_KEY_NAME:"oktaStateToken",DEFAULT_POLLING_DELAY:500,DEFAULT_MAX_CLOCK_SKEW:300,DEFAULT_CACHE_DURATION:86400,REDIRECT_OAUTH_PARAMS_COOKIE_NAME:"okta-oauth-redirect-params",REDIRECT_STATE_COOKIE_NAME:"okta-oauth-state",REDIRECT_NONCE_COOKIE_NAME:"okta-oauth-nonce",TOKEN_STORAGE_NAME:"okta-token-storage",CACHE_STORAGE_NAME:"okta-cache-storage",PKCE_STORAGE_NAME:"okta-pkce-storage"}},function(e,t,r){function n(e,t){t=t||{};var r=t.url,n=t.method,o=t.args,i=t.saveAuthnState,c=t.accessToken,f=!1!==t.withCredentials,l=e.options.storageUtil,p=l.storage,h=l.getHttpCache(e.options.cookies);if(t.cacheResponse){var d=h.getStorage(),g=d[r];if(g&&Date.now()/1e3<g.expiresAt)return Promise.resolve(g.response)}var m={Accept:"application/json","Content-Type":"application/json","X-Okta-User-Agent-Extended":e.userAgent};s.extend(m,e.options.headers,t.headers),c&&s.isString(c)&&(m.Authorization="Bearer "+c);var y,v,w={headers:m,data:o||void 0,withCredentials:f};return e.options.httpRequestClient(n,r,w).then(function(n){return v=n.responseText,v&&s.isString(v)&&(v=JSON.parse(v)),i&&(v.stateToken||p.delete(u.STATE_TOKEN_KEY_NAME)),v&&v.stateToken&&v.expiresAt&&p.set(u.STATE_TOKEN_KEY_NAME,v.stateToken,v.expiresAt,e.options.cookies),v&&t.cacheResponse&&h.updateStorage(r,{expiresAt:Math.floor(Date.now()/1e3)+u.DEFAULT_CACHE_DURATION,response:v}),v}).catch(function(t){var r=t.responseText||{};if(s.isString(r))try{r=JSON.parse(r)}catch(e){r={errorSummary:"Unknown error"}}throw t.status>=500&&(r.errorSummary="Unknown error"),e.options.transformErrorXHR&&(t=e.options.transformErrorXHR(s.clone(t))),y=new a(r,t),"E0000011"===y.errorCode&&p.delete(u.STATE_TOKEN_KEY_NAME),y})}function o(e,t,r){t=s.isAbsoluteUrl(t)?t:e.getIssuerOrigin()+t;var o={url:t,method:"GET"};return s.extend(o,r),n(e,o)}function i(e,t,r,o){t=s.isAbsoluteUrl(t)?t:e.getIssuerOrigin()+t;var i={url:t,method:"POST",args:r,saveAuthnState:!0};return s.extend(i,o),n(e,i)}var s=r(0),a=r(19),u=r(2);e.exports={get:o,post:i,httpRequest:n}},function(e,t,r){var n=r(14),o=r(6),i=r(2),s=r(1),a={};a.browserHasLocalStorage=function(){try{var e=a.getLocalStorage();return a.testStorage(e)}catch(e){return!1}},a.browserHasSessionStorage=function(){try{var e=a.getSessionStorage();return a.testStorage(e)}catch(e){return!1}},a.getPKCEStorage=function(e){return e=e||{},!e.preferLocalStorage&&a.browserHasSessionStorage()?o(a.getSessionStorage(),i.PKCE_STORAGE_NAME):a.browserHasLocalStorage()?o(a.getLocalStorage(),i.PKCE_STORAGE_NAME):o(a.getCookieStorage(e),i.PKCE_STORAGE_NAME)},a.getHttpCache=function(e){return a.browserHasLocalStorage()?o(a.getLocalStorage(),i.CACHE_STORAGE_NAME):a.browserHasSessionStorage()?o(a.getSessionStorage(),i.CACHE_STORAGE_NAME):o(a.getCookieStorage(e),i.CACHE_STORAGE_NAME)},a.getLocalStorage=function(){return localStorage},a.getSessionStorage=function(){return sessionStorage},a.getCookieStorage=function(e){var t=e.secure,r=e.sameSite;if(void 0===t||void 0===r)throw new s('getCookieStorage: "secure" and "sameSite" options must be provided');return{getItem:a.storage.get,setItem:function(e,n){a.storage.set(e,n,"2200-01-01T00:00:00.000Z",{secure:t,sameSite:r})}}},a.getInMemoryStorage=function(){var e={};return{getItem:function(t){return e[t]},setItem:function(t,r){e[t]=r}}},a.testStorage=function(e){var t="okta-test-storage";try{return e.setItem(t,t),e.removeItem(t),!0}catch(e){return!1}},a.storage={set:function(e,t,r,o){var i=o.secure,u=o.sameSite;if(void 0===i||void 0===u)throw new s('storage.set: "secure" and "sameSite" options must be provided');var c={path:o.path||"/",secure:i,sameSite:u};return Date.parse(r)&&(c.expires=new Date(r)),n.set(e,t,c),a.storage.get(e)},get:function(e){return n.get(e)},delete:function(e){return n.remove(e,{path:"/"})}},e.exports=a},function(e,t){function r(t){return"function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?e.exports=r=function(e){return typeof e}:e.exports=r=function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},r(t)}e.exports=r},function(e,t,r){function n(e,t){function r(){var r=e.getItem(t);r=r||"{}";try{return JSON.parse(r)}catch(e){throw new o("Unable to parse storage string: "+t)}}function n(r){try{var n=JSON.stringify(r);e.setItem(t,n)}catch(e){throw new o("Unable to set storage: "+t)}}function i(e){if(!e)return n({});var t=r();delete t[e],n(t)}function s(e,t){var o=r();o[e]=t,n(o)}if("string"!=typeof t||!t.length)throw new o('"storageName" is required');return{getStorage:r,setStorage:n,clearStorage:i,updateStorage:s}}var o=r(1);e.exports=n},function(e,t,r){e.exports=r(16)},function(e,t){function r(e,t,r,n,o,i,s){try{var a=e[i](s),u=a.value}catch(e){return void r(e)}a.done?t(u):Promise.resolve(u).then(n,o)}function n(e){return function(){var t=this,n=arguments;return new Promise(function(o,i){function s(e){r(u,o,i,s,a,"next",e)}function a(e){r(u,o,i,s,a,"throw",e)}var u=e.apply(t,n);s(void 0)})}}e.exports=n},function(e,t,r){function n(e,t){var r={};return y.extend(r,t),!r.stateToken&&e.stateToken&&(r.stateToken=e.stateToken),r}function o(e){return n(e)}function i(e,t){return t=n(e,t),m.post(e,e.getIssuerOrigin()+"/api/v1/authn",t)}function s(e,t){if(!t||!t.stateToken){var r=e.tx.exists._get(k.STATE_TOKEN_KEY_NAME);if(!r)return Promise.reject(new v("No transaction to resume"));t={stateToken:r}}return e.tx.status(t).then(function(t){return new g(e,t)})}function a(e,t){if(!t||!t.stateToken){var r=e.tx.exists._get(k.STATE_TOKEN_KEY_NAME);if(!r)return Promise.reject(new v("No transaction to evaluate"));t={stateToken:r}}return u(e,t).then(function(t){return new g(e,t)})}function u(e,t){return t=n(e,t),m.post(e,e.getIssuerOrigin()+"/api/v1/authn/introspect",t)}function c(e){return!!e.tx.exists._get(k.STATE_TOKEN_KEY_NAME)}function f(e,t,r,n){return m.post(e,t,r,n).then(function(t){return new g(e,t)})}function l(e,t,r){return function(n){function i(){var r={};if("function"==typeof u)try{r.autoPush=!!u()}catch(e){return Promise.reject(new v("AutoPush resulted in an error."))}else void 0!==u&&null!==u&&(r.autoPush=!!u);if("function"==typeof a)try{r.rememberDevice=!!a()}catch(e){return Promise.reject(new v("RememberDevice resulted in an error."))}else void 0!==a&&null!==a&&(r.rememberDevice=!!a);var n=f.href+y.toQueryParams(r);return m.post(e,n,o(t),{saveAuthnState:!1})}var s,a,u,c;y.isNumber(n)?s=n:y.isObject(n)&&(s=n.delay,a=n.rememberDevice,u=n.autoPush,c=n.transactionCallBack),s||0===s||(s=k.DEFAULT_POLLING_DELAY);var f=y.getLink(t,"next","poll");r.isPolling=!0;var l=0;return function t(){return r.isPolling?i().then(function(n){if(l=0,n.factorResult&&"WAITING"===n.factorResult){if(!r.isPolling)throw new w;return"function"==typeof c&&c(n),y.delay(s).then(t)}return r.isPolling=!1,new g(e,n)}).catch(function(e){if(e.xhr&&(0===e.xhr.status||429===e.xhr.status)&&l<=4){var r=1e3*Math.pow(2,l);return l++,y.delay(r).then(t)}throw e}):Promise.reject(new w)}().catch(function(e){throw r.isPolling=!1,e})}}function p(e,t,r,o,i){if(Array.isArray(o))return function(n,s){if(!n)throw new v("Must provide a link name");var a=y.find(o,{name:n});if(!a)throw new v("No link found for that name");return p(e,t,r,a,i)(s)};if(o.hints&&o.hints.allow&&1===o.hints.allow.length){switch(o.hints.allow[0]){case"GET":return function(){return m.get(e,o.href)};case"POST":return function(s){i&&i.isPolling&&(i.isPolling=!1);var a=n(t,s);"MFA_ENROLL"!==t.status&&"FACTOR_ENROLL"!==t.status||y.extend(a,{factorType:r.factorType,provider:r.provider});var u={},c=a.autoPush;if(void 0!==c){if("function"==typeof c)try{u.autoPush=!!c()}catch(e){return Promise.reject(new v("AutoPush resulted in an error."))}else null!==c&&(u.autoPush=!!c);a=y.omit(a,"autoPush")}var l=a.rememberDevice;if(void 0!==l){if("function"==typeof l)try{u.rememberDevice=!!l()}catch(e){return Promise.reject(new v("RememberDevice resulted in an error."))}else null!==l&&(u.rememberDevice=!!l);a=y.omit(a,"rememberDevice")}else a.profile&&void 0!==a.profile.updatePhone&&(a.profile.updatePhone&&(u.updatePhone=!0),a.profile=y.omit(a.profile,"updatePhone"));var p=o.href+y.toQueryParams(u);return f(e,p,a)}}}}function h(e,t,r,n){var o={};for(var i in r._links)if(r._links.hasOwnProperty(i)){var s=r._links[i];if("next"===i&&(i=s.name),s.type)o[i]=s;else switch(i){case"poll":o.poll=l(e,t,n);break;default:var a=p(e,t,r,s,n);a&&(o[i]=a)}}return o}function d(e,t,r,n){if(r=r||t,r=y.clone(r),Array.isArray(r)){for(var o=[],i=0,s=r.length;i<s;i++)o.push(d(e,t,r[i],n));return o}var a=r._embedded||{};for(var u in a)a.hasOwnProperty(u)&&(y.isObject(a[u])||Array.isArray(a[u]))&&(a[u]=d(e,t,a[u],n));var c=h(e,t,r,n);return y.extend(a,c),r=y.omit(r,"_embedded","_links"),y.extend(r,a),r}function g(e,t){t&&(this.data=t,y.extend(this,d(e,t,t,{})),delete this.stateToken,"RECOVERY_CHALLENGE"!==t.status||t._links||(this.cancel=function(){return Promise.resolve(new g(e))}))}var m=r(3),y=r(0),v=r(1),w=r(20),k=r(2);e.exports={transactionStatus:i,resumeTransaction:s,transactionExists:c,postToTransaction:f,introspect:a}},function(e,t,r){function n(){return m.genRandomString(64)}function o(){return m.genRandomString(64)}function i(e){return!(!e||!e.accessToken&&!e.idToken||!Array.isArray(e.scopes))}function s(e,t,r){e.addEventListener?e.addEventListener(t,r):e.attachEvent("on"+t,r)}function a(e,t,r){e.removeEventListener?e.removeEventListener(t,r):e.detachEvent("on"+t,r)}function u(e){var t=document.createElement("iframe");return t.style.display="none",t.src=e,document.body.appendChild(t)}function c(e,t){var r=t.popupTitle||"External Identity Provider User Authentication",n="toolbar=no, scrollbars=yes, resizable=yes, top=100, left=500, width=600, height=600";if(m.isIE11OrLess()){var o=window.open("/",r,n);return o.location.href=e,o}return window.open(e,r,n)}function f(e,t){var r=t||e.options.issuer;return g.get(e,r+"/.well-known/openid-configuration",{cacheResponse:!0})}function l(e,t,r){var n=y.getHttpCache(e.options.cookies);return f(e,t).then(function(t){var o=t.jwks_uri,i=n.getStorage(),s=i[o];if(s&&Date.now()/1e3<s.expiresAt){var a=m.find(s.response.keys,{kid:r});if(a)return a}return n.clearStorage(o),g.get(e,o,{cacheResponse:!0}).then(function(e){var t=m.find(e.keys,{kid:r});if(t)return t;throw new v("The key id, "+r+", was not found in the server's keys")})})}function p(e,t,r){var n=r.clientId,o=r.issuer,i=r.nonce;if(!t||!o||!n)throw new v("The jwt, iss, and aud arguments are all required");if(i&&t.nonce!==i)throw new v("OAuth flow response nonce doesn't match request nonce");var s=Math.floor(Date.now()/1e3);if(t.iss!==o)throw new v("The issuer ["+t.iss+"] does not match ["+o+"]");if(t.aud!==n)throw new v("The audience ["+t.aud+"] does not match ["+n+"]");if(t.iat>t.exp)throw new v("The JWT expired before it was issued");if(s-e.options.maxClockSkew>t.exp)throw new v("The JWT expired and is no longer valid");if(t.iat>s+e.options.maxClockSkew)throw new v("The JWT was issued in the future")}function h(e,t){if(arguments.length>2)throw new v('As of version 3.0, "getOAuthUrls" takes only a single set of options');t=t||{};var r=m.removeTrailingSlash(t.authorizeUrl)||e.options.authorizeUrl,n=m.removeTrailingSlash(t.issuer)||e.options.issuer,o=m.removeTrailingSlash(t.userinfoUrl)||e.options.userinfoUrl,i=m.removeTrailingSlash(t.tokenUrl)||e.options.tokenUrl,s=m.removeTrailingSlash(t.logoutUrl)||e.options.logoutUrl,a=m.removeTrailingSlash(t.revokeUrl)||e.options.revokeUrl,u=n.indexOf("/oauth2")>0?n:n+"/oauth2";return r=r||u+"/v1/authorize",o=o||u+"/v1/userinfo",i=i||u+"/v1/token",a=a||u+"/v1/revoke",s=s||u+"/v1/logout",{issuer:n,authorizeUrl:r,userinfoUrl:o,tokenUrl:i,revokeUrl:a,logoutUrl:s}}function d(e){var t=/\+/g,r=/([^&=]+)=?([^&]*)/g,n=e;"#"===n.charAt(0)&&"/"===n.charAt(1)&&(n=n.substring(2)),"#"!==n.charAt(0)&&"?"!==n.charAt(0)||(n=n.substring(1));for(var o,i={};;){if(!(o=r.exec(n)))break;var s=o[1],a=o[2];i[s]="id_token"===s||"access_token"===s||"code"===s?a:decodeURIComponent(a.replace(t," "))}return i}var g=r(3),m=r(0),y=r(4),v=r(1);e.exports={generateState:n,generateNonce:o,getWellKnown:f,getKey:l,validateClaims:p,getOAuthUrls:h,loadFrame:u,loadPopup:c,urlParamsToObject:d,isToken:i,addListener:s,removeListener:a}},function(e,t,r){var n=r(12),o=r(4);e.exports=r(15)(o,n)},function(e,t,r){function n(e){return e.headers.get("Content-Type")&&e.headers.get("Content-Type").toLowerCase().indexOf("application/json")>=0?e.json().catch(function(e){return{error:e,errorSummary:"Could not parse server response"}}):e.text()}function o(e,t){var r="object"===s(t),n={responseText:r?JSON.stringify(t):t,status:e};return r&&(n.responseType="json",n.responseJSON=t),n}function i(e,t,r){var i=r.data,s=r.headers||{};return"application/json"===(s["Content-Type"]||s["content-type"]||"")&&i&&"string"!=typeof i&&(i=JSON.stringify(i)),a(t,{method:e,headers:r.headers,body:i,credentials:r.withCredentials?"include":"omit"}).then(function(e){var t=!e.ok,r=e.status;return n(e).then(function(e){return o(r,e)}).then(function(e){if(t)throw e;return e})})}var s=r(5),a=r(13);e.exports=i},function(e,t){var r=function(e){function t(){this.fetch=!1,this.DOMException=e.DOMException}return t.prototype=e,new t}("undefined"!=typeof self?self:this);!function(e){!function(t){function r(e){return e&&DataView.prototype.isPrototypeOf(e)}function n(e){if("string"!=typeof e&&(e=String(e)),/[^a-z0-9\-#$%&'*+.^_`|~]/i.test(e))throw new TypeError("Invalid character in header field name");return e.toLowerCase()}function o(e){return"string"!=typeof e&&(e=String(e)),e}function i(e){var t={next:function(){var t=e.shift();return{done:void 0===t,value:t}}};return k.iterable&&(t[Symbol.iterator]=function(){return t}),t}function s(e){this.map={},e instanceof s?e.forEach(function(e,t){this.append(t,e)},this):Array.isArray(e)?e.forEach(function(e){this.append(e[0],e[1])},this):e&&Object.getOwnPropertyNames(e).forEach(function(t){this.append(t,e[t])},this)}function a(e){if(e.bodyUsed)return Promise.reject(new TypeError("Already read"));e.bodyUsed=!0}function u(e){return new Promise(function(t,r){e.onload=function(){t(e.result)},e.onerror=function(){r(e.error)}})}function c(e){var t=new FileReader,r=u(t);return t.readAsArrayBuffer(e),r}function f(e){var t=new FileReader,r=u(t);return t.readAsText(e),r}function l(e){for(var t=new Uint8Array(e),r=new Array(t.length),n=0;n<t.length;n++)r[n]=String.fromCharCode(t[n]);return r.join("")}function p(e){if(e.slice)return e.slice(0);var t=new Uint8Array(e.byteLength);return t.set(new Uint8Array(e)),t.buffer}function h(){return this.bodyUsed=!1,this._initBody=function(e){this._bodyInit=e,e?"string"==typeof e?this._bodyText=e:k.blob&&Blob.prototype.isPrototypeOf(e)?this._bodyBlob=e:k.formData&&FormData.prototype.isPrototypeOf(e)?this._bodyFormData=e:k.searchParams&&URLSearchParams.prototype.isPrototypeOf(e)?this._bodyText=e.toString():k.arrayBuffer&&k.blob&&r(e)?(this._bodyArrayBuffer=p(e.buffer),this._bodyInit=new Blob([this._bodyArrayBuffer])):k.arrayBuffer&&(ArrayBuffer.prototype.isPrototypeOf(e)||b(e))?this._bodyArrayBuffer=p(e):this._bodyText=e=Object.prototype.toString.call(e):this._bodyText="",this.headers.get("content-type")||("string"==typeof e?this.headers.set("content-type","text/plain;charset=UTF-8"):this._bodyBlob&&this._bodyBlob.type?this.headers.set("content-type",this._bodyBlob.type):k.searchParams&&URLSearchParams.prototype.isPrototypeOf(e)&&this.headers.set("content-type","application/x-www-form-urlencoded;charset=UTF-8"))},k.blob&&(this.blob=function(){var e=a(this);if(e)return e;if(this._bodyBlob)return Promise.resolve(this._bodyBlob);if(this._bodyArrayBuffer)return Promise.resolve(new Blob([this._bodyArrayBuffer]));if(this._bodyFormData)throw new Error("could not read FormData body as blob");return Promise.resolve(new Blob([this._bodyText]))},this.arrayBuffer=function(){return this._bodyArrayBuffer?a(this)||Promise.resolve(this._bodyArrayBuffer):this.blob().then(c)}),this.text=function(){var e=a(this);if(e)return e;if(this._bodyBlob)return f(this._bodyBlob);if(this._bodyArrayBuffer)return Promise.resolve(l(this._bodyArrayBuffer));if(this._bodyFormData)throw new Error("could not read FormData body as text");return Promise.resolve(this._bodyText)},k.formData&&(this.formData=function(){return this.text().then(m)}),this.json=function(){return this.text().then(JSON.parse)},this}function d(e){var t=e.toUpperCase();return S.indexOf(t)>-1?t:e}function g(e,t){t=t||{};var r=t.body;if(e instanceof g){if(e.bodyUsed)throw new TypeError("Already read");this.url=e.url,this.credentials=e.credentials,t.headers||(this.headers=new s(e.headers)),this.method=e.method,this.mode=e.mode,this.signal=e.signal,r||null==e._bodyInit||(r=e._bodyInit,e.bodyUsed=!0)}else this.url=String(e);if(this.credentials=t.credentials||this.credentials||"same-origin",!t.headers&&this.headers||(this.headers=new s(t.headers)),this.method=d(t.method||this.method||"GET"),this.mode=t.mode||this.mode||null,this.signal=t.signal||this.signal,this.referrer=null,("GET"===this.method||"HEAD"===this.method)&&r)throw new TypeError("Body not allowed for GET or HEAD requests");this._initBody(r)}function m(e){var t=new FormData;return e.trim().split("&").forEach(function(e){if(e){var r=e.split("="),n=r.shift().replace(/\+/g," "),o=r.join("=").replace(/\+/g," ");t.append(decodeURIComponent(n),decodeURIComponent(o))}}),t}function y(e){var t=new s;return e.replace(/\r?\n[\t ]+/g," ").split(/\r?\n/).forEach(function(e){var r=e.split(":"),n=r.shift().trim();if(n){var o=r.join(":").trim();t.append(n,o)}}),t}function v(e,t){t||(t={}),this.type="default",this.status=void 0===t.status?200:t.status,this.ok=this.status>=200&&this.status<300,this.statusText="statusText"in t?t.statusText:"OK",this.headers=new s(t.headers),this.url=t.url||"",this._initBody(e)}function w(e,r){return new Promise(function(n,o){function i(){a.abort()}var s=new g(e,r);if(s.signal&&s.signal.aborted)return o(new t.DOMException("Aborted","AbortError"));var a=new XMLHttpRequest;a.onload=function(){var e={status:a.status,statusText:a.statusText,headers:y(a.getAllResponseHeaders()||"")};e.url="responseURL"in a?a.responseURL:e.headers.get("X-Request-URL");var t="response"in a?a.response:a.responseText;n(new v(t,e))},a.onerror=function(){o(new TypeError("Network request failed"))},a.ontimeout=function(){o(new TypeError("Network request failed"))},a.onabort=function(){o(new t.DOMException("Aborted","AbortError"))},a.open(s.method,s.url,!0),"include"===s.credentials?a.withCredentials=!0:"omit"===s.credentials&&(a.withCredentials=!1),"responseType"in a&&k.blob&&(a.responseType="blob"),s.headers.forEach(function(e,t){a.setRequestHeader(t,e)}),s.signal&&(s.signal.addEventListener("abort",i),a.onreadystatechange=function(){4===a.readyState&&s.signal.removeEventListener("abort",i)}),a.send(void 0===s._bodyInit?null:s._bodyInit)})}var k={searchParams:"URLSearchParams"in e,iterable:"Symbol"in e&&"iterator"in Symbol,blob:"FileReader"in e&&"Blob"in e&&function(){try{return new Blob,!0}catch(e){return!1}}(),formData:"FormData"in e,arrayBuffer:"ArrayBuffer"in e};if(k.arrayBuffer)var T=["[object Int8Array]","[object Uint8Array]","[object Uint8ClampedArray]","[object Int16Array]","[object Uint16Array]","[object Int32Array]","[object Uint32Array]","[object Float32Array]","[object Float64Array]"],b=ArrayBuffer.isView||function(e){return e&&T.indexOf(Object.prototype.toString.call(e))>-1};s.prototype.append=function(e,t){e=n(e),t=o(t);var r=this.map[e];this.map[e]=r?r+", "+t:t},s.prototype.delete=function(e){delete this.map[n(e)]},s.prototype.get=function(e){return e=n(e),this.has(e)?this.map[e]:null},s.prototype.has=function(e){return this.map.hasOwnProperty(n(e))},s.prototype.set=function(e,t){this.map[n(e)]=o(t)},s.prototype.forEach=function(e,t){for(var r in this.map)this.map.hasOwnProperty(r)&&e.call(t,this.map[r],r,this)},s.prototype.keys=function(){var e=[];return this.forEach(function(t,r){e.push(r)}),i(e)},s.prototype.values=function(){var e=[];return this.forEach(function(t){e.push(t)}),i(e)},s.prototype.entries=function(){var e=[];return this.forEach(function(t,r){e.push([r,t])}),i(e)},k.iterable&&(s.prototype[Symbol.iterator]=s.prototype.entries);var S=["DELETE","GET","HEAD","OPTIONS","POST","PUT"];g.prototype.clone=function(){return new g(this,{body:this._bodyInit})},h.call(g.prototype),h.call(v.prototype),v.prototype.clone=function(){return new v(this._bodyInit,{status:this.status,statusText:this.statusText,headers:new s(this.headers),url:this.url})},v.error=function(){var e=new v(null,{status:0,statusText:""});return e.type="error",e};var E=[301,302,303,307,308];v.redirect=function(e,t){if(-1===E.indexOf(t))throw new RangeError("Invalid status code");return new v(null,{status:t,headers:{location:e}})},t.DOMException=e.DOMException;try{new t.DOMException}catch(e){t.DOMException=function(e,t){this.message=e,this.name=t;var r=Error(e);this.stack=r.stack},t.DOMException.prototype=Object.create(Error.prototype),t.DOMException.prototype.constructor=t.DOMException}w.polyfill=!0,e.fetch||(e.fetch=w,e.Headers=s,e.Request=g,e.Response=v),t.Headers=s,t.Request=g,t.Response=v,t.fetch=w}({})}(r),delete r.fetch.polyfill,t=r.fetch,t.default=r.fetch,t.fetch=r.fetch,t.Headers=r.Headers,t.Request=r.Request,t.Response=r.Response,e.exports=t},function(e,t,r){var n,o;!function(i){var s=!1;if(n=i,void 0!==(o="function"==typeof n?n.call(t,r,t,e):n)&&(e.exports=o),s=!0,e.exports=i(),s=!0,!s){var a=window.Cookies,u=window.Cookies=i();u.noConflict=function(){return window.Cookies=a,u}}}(function(){function e(){for(var e=0,t={};e<arguments.length;e++){var r=arguments[e];for(var n in r)t[n]=r[n]}return t}function t(r){function n(t,o,i){var s;if("undefined"!=typeof document){if(arguments.length>1){if(i=e({path:"/"},n.defaults,i),"number"==typeof i.expires){var a=new Date;a.setMilliseconds(a.getMilliseconds()+864e5*i.expires),i.expires=a}i.expires=i.expires?i.expires.toUTCString():"";try{s=JSON.stringify(o),/^[\{\[]/.test(s)&&(o=s)}catch(e){}o=r.write?r.write(o,t):encodeURIComponent(String(o)).replace(/%(23|24|26|2B|3A|3C|3E|3D|2F|3F|40|5B|5D|5E|60|7B|7D|7C)/g,decodeURIComponent),t=encodeURIComponent(String(t)),t=t.replace(/%(23|24|26|2B|5E|60|7C)/g,decodeURIComponent),t=t.replace(/[\(\)]/g,escape);var u="";for(var c in i)i[c]&&(u+="; "+c,!0!==i[c]&&(u+="="+i[c]));return document.cookie=t+"="+o+u}t||(s={});for(var f=document.cookie?document.cookie.split("; "):[],l=/(%[0-9A-Z]{2})+/g,p=0;p<f.length;p++){var h=f[p].split("="),d=h.slice(1).join("=");this.json||'"'!==d.charAt(0)||(d=d.slice(1,-1));try{var g=h[0].replace(l,decodeURIComponent);if(d=r.read?r.read(d,g):r(d,g)||d.replace(l,decodeURIComponent),this.json)try{d=JSON.parse(d)}catch(e){}if(t===g){s=d;break}t||(s[g]=d)}catch(e){}}return s}}return n.set=n,n.get=function(e){return n.call(n,e)},n.getJSON=function(){return n.apply({json:!0},[].slice.call(arguments))},n.defaults={},n.remove=function(t,r){n(t,"",e(r,{expires:-1}))},n.withConverter=t,n}return t(function(){})})},function(e,t,r){function n(e){var t=this;u.assertValidConfig(e);var r=y.extend({secure:!0},e.cookies);t.features.isLocalhost()&&!t.features.isHTTPS()&&(r.secure=!1),void 0===r.sameSite&&(r.sameSite=r.secure?"none":"lax"),r.secure&&!t.features.isHTTPS()&&(console.warn('The current page is not being served with the HTTPS protocol.\nFor security reasons, we strongly recommend using HTTPS.\nIf you cannot use HTTPS, set "cookies.secure" option to false.'),r.secure=!1),this.options={clientId:e.clientId,issuer:y.removeTrailingSlash(e.issuer),authorizeUrl:y.removeTrailingSlash(e.authorizeUrl),userinfoUrl:y.removeTrailingSlash(e.userinfoUrl),tokenUrl:y.removeTrailingSlash(e.tokenUrl),revokeUrl:y.removeTrailingSlash(e.revokeUrl),logoutUrl:y.removeTrailingSlash(e.logoutUrl),pkce:!1!==e.pkce,redirectUri:e.redirectUri,postLogoutRedirectUri:e.postLogoutRedirectUri,responseMode:e.responseMode,httpRequestClient:e.httpRequestClient,storageUtil:e.storageUtil,transformErrorXHR:e.transformErrorXHR,headers:e.headers,onSessionExpired:e.onSessionExpired,cookies:r},this.userAgent=u.getUserAgent(e,"okta-auth-js/".concat("3.1.4")),e.maxClockSkew||0===e.maxClockSkew?this.options.maxClockSkew=e.maxClockSkew:this.options.maxClockSkew=c.DEFAULT_MAX_CLOCK_SKEW,this.options.ignoreSignature=!!e.ignoreSignature,t.session={close:y.bind(h.closeSession,null,t),exists:y.bind(h.sessionExists,null,t),get:y.bind(h.getSession,null,t),refresh:y.bind(h.refreshSession,null,t),setCookieAndRedirect:y.bind(h.setCookieAndRedirect,null,t)},t.tx={status:y.bind(m.transactionStatus,null,t),resume:y.bind(m.resumeTransaction,null,t),exists:y.bind(m.transactionExists,null,t),introspect:y.bind(m.introspect,null,t)},t.tx.exists._get=function(e){return f.get(e)},t.idToken={authorize:{_getLocationHref:function(){return window.location.href}}},t._tokenQueue=new v,t.token={getWithoutPrompt:y.bind(d.getWithoutPrompt,null,t),getWithPopup:y.bind(d.getWithPopup,null,t),getWithRedirect:y.bind(d.getWithRedirect,null,t),parseFromUrl:y.bind(d.parseFromUrl,null,t),decode:d.decodeToken,revoke:y.bind(d.revokeToken,null,t),renew:y.bind(d.renewToken,null,t),getUserInfo:y.bind(d.getUserInfo,null,t),verify:y.bind(d.verifyToken,null,t)},Object.keys(t.token).forEach(function(e){if("decode"!==e){var r=t.token[e];t.token[e]=y.bind(v.prototype.push,t._tokenQueue,r,null)}}),t.token.getWithRedirect._setLocation=function(e){window.location=e},t.token.parseFromUrl._getHistory=function(){return window.history},t.token.parseFromUrl._getLocation=function(){return window.location},t.token.parseFromUrl._getDocument=function(){return window.document},t.fingerprint._getUserAgent=function(){return navigator.userAgent};var n=/windows phone|iemobile|wpdesktop/i;t.features.isFingerprintSupported=function(){var e=t.fingerprint._getUserAgent();return e&&!n.test(e)},t.emitter=new s,t.tokenManager=new g(t,e.tokenManager),t.tokenManager.on("error",this._onTokenManagerError,this)}var o=r(7),i=r(8),s=r(17),a=r(1),u=r(18),c=r(2),f=r(4).storage,l=r(3),p=r(10),h=r(21),d=r(22),g=r(26),m=r(9),y=r(0),v=r(28),w=n.prototype;w._onTokenManagerError=function(e){"login_required"===e.errorCode&&e.accessToken&&(this.options.onSessionExpired?this.options.onSessionExpired():console.error("Session has expired or was closed outside the application."))},w.features={},w.features.isPopupPostMessageSupported=function(){var e=document.documentMode&&document.documentMode<10;return!(!window.postMessage||e)},w.features.isTokenVerifySupported=function(){return"undefined"!=typeof crypto&&crypto.subtle&&"undefined"!=typeof Uint8Array},w.features.hasTextEncoder=function(){return"undefined"!=typeof TextEncoder},w.features.isPKCESupported=function(){return w.features.isTokenVerifySupported()&&w.features.hasTextEncoder()},w.features.isHTTPS=function(){return"https:"===window.location.protocol},w.features.isLocalhost=function(){return"localhost"===window.location.hostname},w.signIn=function(e){function t(t){return delete e.sendFingerprint,m.postToTransaction(r,"/api/v1/authn",e,t)}var r=this;return e=y.clone(e||{}),e.sendFingerprint?r.fingerprint().then(function(e){return t({headers:{"X-Device-Fingerprint":e}})}):t()},w.closeSession=function(){var e=this;return e.tokenManager.clear(),e.session.close().catch(function(e){if("AuthApiError"!==e.name||"E0000007"!==e.errorCode)throw e})},w.revokeAccessToken=function(){function e(e){return t.apply(this,arguments)}var t=i(o.mark(function e(t){var r;return o.wrap(function(e){for(;;)switch(e.prev=e.next){case 0:if(r=this,t){e.next=5;break}return e.next=4,r.tokenManager.get("accessToken");case 4:t=e.sent;case 5:if(t){e.next=7;break}return e.abrupt("return",Promise.resolve());case 7:return e.abrupt("return",r.token.revoke(t));case 8:case"end":return e.stop()}},e,this)}));return e}(),w.signOut=function(){var e=i(o.mark(function e(t){var r,n,i,s,a,u,c,f,l,h;return o.wrap(function(e){for(;;)switch(e.prev=e.next){case 0:if(t=y.extend({},t),r=window.location.origin,n=t.postLogoutRedirectUri||this.options.postLogoutRedirectUri||r,i=t.accessToken,s=!1!==t.revokeAccessToken,a=t.idToken,u=this,c=p.getOAuthUrls(u).logoutUrl,void 0!==a){e.next=12;break}return e.next=11,u.tokenManager.get("idToken");case 11:a=e.sent;case 12:if(!s||void 0!==i){e.next=16;break}return e.next=15,u.tokenManager.get("token");case 15:i=e.sent;case 16:if(u.tokenManager.clear(),!s||!i){e.next=20;break}return e.next=20,u.revokeAccessToken(i);case 20:if(a){e.next=22;break}return e.abrupt("return",u.closeSession().then(function(){n===r?window.location.reload():window.location.assign(n)}));case 22:f=t.state,l=a.idToken,h=c+"?id_token_hint="+encodeURIComponent(l)+"&post_logout_redirect_uri="+encodeURIComponent(n),f&&(h+="&state="+encodeURIComponent(f)),window.location.assign(h);case 27:case"end":return e.stop()}},e,this)}));return function(t){return e.apply(this,arguments)}}(),u.addSharedPrototypes(w),w.webfinger=function(e){var t="/.well-known/webfinger"+y.toQueryParams(e),r={headers:{Accept:"application/jrd+json"}};return l.get(this,t,r)},w.fingerprint=function(e){e=e||{};var t=this;if(!t.features.isFingerprintSupported())return Promise.reject(new a("Fingerprinting is not supported on this device"));var r,n,o;return new Promise(function(i,s){n=document.createElement("iframe"),n.style.display="none",o=function(e){if(e&&e.data&&e.origin===t.getIssuerOrigin()){try{var r=JSON.parse(e.data)}catch(e){return s(new a("Unable to parse iframe response"))}if(r)return"FingerprintAvailable"===r.type?i(r.fingerprint):void("FingerprintServiceReady"===r.type&&e.source.postMessage(JSON.stringify({type:"GetFingerprint"}),e.origin))}},p.addListener(window,"message",o),n.src=t.getIssuerOrigin()+"/auth/services/devicefingerprint",document.body.appendChild(n),r=setTimeout(function(){s(new a("Fingerprinting timed out"))},e.timeout||15e3)}).finally(function(){clearTimeout(r),p.removeListener(window,"message",o),document.body.contains(n)&&n.parentElement.removeChild(n)})},e.exports=u.buildOktaAuth(n)},function(e,t,r){var n=function(e){"use strict";function t(e,t,r,o){var i=t&&t.prototype instanceof n?t:n,s=Object.create(i.prototype),a=new p(o||[]);return s._invoke=u(e,r,a),s}function r(e,t,r){try{return{type:"normal",arg:e.call(t,r)}}catch(e){return{type:"throw",arg:e}}}function n(){}function o(){}function i(){}function s(e){["next","throw","return"].forEach(function(t){e[t]=function(e){return this._invoke(t,e)}})}function a(e){function t(n,o,i,s){var a=r(e[n],e,o);if("throw"!==a.type){var u=a.arg,c=u.value;return c&&"object"==typeof c&&y.call(c,"__await")?Promise.resolve(c.__await).then(function(e){t("next",e,i,s)},function(e){t("throw",e,i,s)}):Promise.resolve(c).then(function(e){u.value=e,i(u)},function(e){return t("throw",e,i,s)})}s(a.arg)}function n(e,r){function n(){return new Promise(function(n,o){t(e,r,n,o)})}return o=o?o.then(n,n):n()}var o;this._invoke=n}function u(e,t,n){var o=b;return function(i,s){if(o===E)throw new Error("Generator is already running");if(o===A){if("throw"===i)throw s;return d()}for(n.method=i,n.arg=s;;){var a=n.delegate;if(a){var u=c(a,n);if(u){if(u===x)continue;return u}}if("next"===n.method)n.sent=n._sent=n.arg;else if("throw"===n.method){if(o===b)throw o=A,n.arg;n.dispatchException(n.arg)}else"return"===n.method&&n.abrupt("return",n.arg);o=E;var f=r(e,t,n);if("normal"===f.type){if(o=n.done?A:S,f.arg===x)continue;return{value:f.arg,done:n.done}}"throw"===f.type&&(o=A,n.method="throw",n.arg=f.arg)}}}function c(e,t){var n=e.iterator[t.method];if(n===g){if(t.delegate=null,"throw"===t.method){if(e.iterator.return&&(t.method="return",t.arg=g,c(e,t),"throw"===t.method))return x;t.method="throw",t.arg=new TypeError("The iterator does not provide a 'throw' method")}return x}var o=r(n,e.iterator,t.arg);if("throw"===o.type)return t.method="throw",t.arg=o.arg,t.delegate=null,x;var i=o.arg;return i?i.done?(t[e.resultName]=i.value,t.next=e.nextLoc,"return"!==t.method&&(t.method="next",t.arg=g),t.delegate=null,x):i:(t.method="throw",t.arg=new TypeError("iterator result is not an object"),t.delegate=null,x)}function f(e){var t={tryLoc:e[0]};1 in e&&(t.catchLoc=e[1]),2 in e&&(t.finallyLoc=e[2],t.afterLoc=e[3]),this.tryEntries.push(t)}function l(e){var t=e.completion||{};t.type="normal",delete t.arg,e.completion=t}function p(e){this.tryEntries=[{tryLoc:"root"}],e.forEach(f,this),this.reset(!0)}function h(e){if(e){var t=e[w];if(t)return t.call(e);if("function"==typeof e.next)return e;if(!isNaN(e.length)){var r=-1,n=function t(){for(;++r<e.length;)if(y.call(e,r))return t.value=e[r],t.done=!1,t;return t.value=g,t.done=!0,t};return n.next=n}}return{next:d}}function d(){return{value:g,done:!0}}var g,m=Object.prototype,y=m.hasOwnProperty,v="function"==typeof Symbol?Symbol:{},w=v.iterator||"@@iterator",k=v.asyncIterator||"@@asyncIterator",T=v.toStringTag||"@@toStringTag";e.wrap=t;var b="suspendedStart",S="suspendedYield",E="executing",A="completed",x={},_={};_[w]=function(){return this};var O=Object.getPrototypeOf,U=O&&O(O(h([])));U&&U!==m&&y.call(U,w)&&(_=U);var P=i.prototype=n.prototype=Object.create(_);return o.prototype=P.constructor=i,i.constructor=o,i[T]=o.displayName="GeneratorFunction",e.isGeneratorFunction=function(e){var t="function"==typeof e&&e.constructor;return!!t&&(t===o||"GeneratorFunction"===(t.displayName||t.name))},e.mark=function(e){return Object.setPrototypeOf?Object.setPrototypeOf(e,i):(e.__proto__=i,T in e||(e[T]="GeneratorFunction")),e.prototype=Object.create(P),e},e.awrap=function(e){return{__await:e}},s(a.prototype),a.prototype[k]=function(){return this},e.AsyncIterator=a,e.async=function(r,n,o,i){var s=new a(t(r,n,o,i));return e.isGeneratorFunction(n)?s:s.next().then(function(e){return e.done?e.value:s.next()})},s(P),P[T]="Generator",P[w]=function(){return this},P.toString=function(){return"[object Generator]"},e.keys=function(e){var t=[];for(var r in e)t.push(r);return t.reverse(),function r(){for(;t.length;){var n=t.pop();if(n in e)return r.value=n,r.done=!1,r}return r.done=!0,r}},e.values=h,p.prototype={constructor:p,reset:function(e){if(this.prev=0,this.next=0,this.sent=this._sent=g,this.done=!1,this.delegate=null,this.method="next",this.arg=g,this.tryEntries.forEach(l),!e)for(var t in this)"t"===t.charAt(0)&&y.call(this,t)&&!isNaN(+t.slice(1))&&(this[t]=g)},stop:function(){this.done=!0;var e=this.tryEntries[0],t=e.completion;if("throw"===t.type)throw t.arg;return this.rval},dispatchException:function(e){function t(t,n){return i.type="throw",i.arg=e,r.next=t,n&&(r.method="next",r.arg=g),!!n}if(this.done)throw e;for(var r=this,n=this.tryEntries.length-1;n>=0;--n){var o=this.tryEntries[n],i=o.completion;if("root"===o.tryLoc)return t("end");if(o.tryLoc<=this.prev){var s=y.call(o,"catchLoc"),a=y.call(o,"finallyLoc");if(s&&a){if(this.prev<o.catchLoc)return t(o.catchLoc,!0);if(this.prev<o.finallyLoc)return t(o.finallyLoc)}else if(s){if(this.prev<o.catchLoc)return t(o.catchLoc,!0)}else{if(!a)throw new Error("try statement without catch or finally");if(this.prev<o.finallyLoc)return t(o.finallyLoc)}}}},abrupt:function(e,t){for(var r=this.tryEntries.length-1;r>=0;--r){var n=this.tryEntries[r];if(n.tryLoc<=this.prev&&y.call(n,"finallyLoc")&&this.prev<n.finallyLoc){var o=n;break}}o&&("break"===e||"continue"===e)&&o.tryLoc<=t&&t<=o.finallyLoc&&(o=null);var i=o?o.completion:{};return i.type=e,i.arg=t,o?(this.method="next",this.next=o.finallyLoc,x):this.complete(i)},complete:function(e,t){if("throw"===e.type)throw e.arg;return"break"===e.type||"continue"===e.type?this.next=e.arg:"return"===e.type?(this.rval=this.arg=e.arg,this.method="return",this.next="end"):"normal"===e.type&&t&&(this.next=t),x},finish:function(e){for(var t=this.tryEntries.length-1;t>=0;--t){var r=this.tryEntries[t];if(r.finallyLoc===e)return this.complete(r.completion,r.afterLoc),l(r),x}},catch:function(e){for(var t=this.tryEntries.length-1;t>=0;--t){var r=this.tryEntries[t];if(r.tryLoc===e){var n=r.completion;if("throw"===n.type){var o=n.arg;l(r)}return o}}throw new Error("illegal catch attempt")},delegateYield:function(e,t,r){return this.delegate={iterator:h(e),resultName:t,nextLoc:r},"next"===this.method&&(this.arg=g),x}},e}(e.exports);try{regeneratorRuntime=n}catch(e){Function("r","regeneratorRuntime = r")(n)}},function(e,t){function r(){}r.prototype={on:function(e,t,r){var n=this.e||(this.e={});return(n[e]||(n[e]=[])).push({fn:t,ctx:r}),this},once:function(e,t,r){function n(){o.off(e,n),t.apply(r,arguments)}var o=this;return n._=t,this.on(e,n,r)},emit:function(e){var t=[].slice.call(arguments,1),r=((this.e||(this.e={}))[e]||[]).slice(),n=0,o=r.length;for(n;n<o;n++)r[n].fn.apply(r[n].ctx,t);return this},off:function(e,t){var r=this.e||(this.e={}),n=r[e],o=[];if(n&&t)for(var i=0,s=n.length;i<s;i++)n[i].fn!==t&&n[i].fn._!==t&&o.push(n[i]);return o.length?r[e]=o:delete r[e],this}},e.exports=r},function(e,t,r){function n(e){if(!e)throw new a("No arguments passed to constructor. Required usage: new OktaAuth(args)");var t=e.issuer;if(!t)throw new a('No issuer passed to constructor. Required usage: new OktaAuth({issuer: "https://{yourOktaDomain}.com/oauth2/{authServerId}"})');if(!new RegExp("^http?s?://.+").test(e.issuer))throw new a('Issuer must be a valid URL. Required usage: new OktaAuth({issuer: "https://{yourOktaDomain}.com/oauth2/{authServerId}"})');if(-1!==t.indexOf("-admin."))throw new a('Issuer URL passed to constructor contains "-admin" in subdomain. Required usage: new OktaAuth({issuer: "https://{yourOktaDomain}.com})');var r=e.userAgent;if(r&&r.template&&-1===r.template.indexOf("$OKTA_AUTH_JS"))throw new a('UserAgentTemplate must include "$OKTA_AUTH_JS" placeholder. Required usage: new OktaAuth({userAgentTemplate: "xxx $OKTA_AUTH_JS xxx"})')}function o(e){e.getIssuerOrigin=function(){return this.options.issuer.split("/oauth2/")[0]},e.forgotPassword=function(e){return u.postToTransaction(this,"/api/v1/authn/recovery/password",e)},e.unlockAccount=function(e){return u.postToTransaction(this,"/api/v1/authn/recovery/unlock",e)},e.verifyRecoveryToken=function(e){return u.postToTransaction(this,"/api/v1/authn/recovery/token",e)}}function i(e){return function(t,r){function n(o){if(!(this instanceof n))return new n(o);o&&(o.storageUtil=t,o.ajaxRequest?(c.deprecate("ajaxRequest is being deprecated, use httpRequestClient attribute instead."),o.httpRequestClient=o.ajaxRequest):o.httpRequestClient||(o.httpRequestClient=r)),c.bind(e,this)(o)}return n.prototype=e.prototype,n.prototype.constructor=n,n.features=e.prototype.features,n}}function s(e,t){var r=e.userAgent||{};return r.value?r.value:r.template?r.template.replace("$OKTA_AUTH_JS",t):t}var a=r(1),u=r(9),c=r(0);e.exports={addSharedPrototypes:o,buildOktaAuth:i,assertValidConfig:n,getUserAgent:s}},function(e,t){function r(e,t){this.name="AuthApiError",this.message=e.errorSummary,this.errorSummary=e.errorSummary,this.errorCode=e.errorCode,this.errorLink=e.errorLink,this.errorId=e.errorId,this.errorCauses=e.errorCauses,t&&(this.xhr=t)}r.prototype=new Error,e.exports=r},function(e,t){function r(){this.name="AuthPollStopError",this.message="The poll was stopped by the sdk"}r.prototype=new Error,e.exports=r},function(e,t,r){function n(e){return e.session.get().then(function(e){return"ACTIVE"===e.status}).catch(function(){return!1})}function o(e){return c.get(e,"/api/v1/sessions/me").then(function(t){var r=u.omit(t,"_links");return r.refresh=function(){return c.post(e,u.getLink(t,"refresh").href)},r.user=function(){return c.get(e,u.getLink(t,"user").href)},r}).catch(function(){return{status:"INACTIVE"}})}function i(e){return c.httpRequest(e,{url:e.getIssuerOrigin()+"/api/v1/sessions/me",method:"DELETE"})}function s(e){return c.post(e,"/api/v1/sessions/me/lifecycle/refresh")}function a(e,t,r){r=r||window.location.href,window.location=e.getIssuerOrigin()+"/login/sessionCookieRedirect"+u.toQueryParams({checkAccountSetupComplete:!0,token:t,redirectUrl:r})}var u=r(0),c=r(3);e.exports={sessionExists:n,getSession:o,closeSession:i,refreshSession:s,setCookieAndRedirect:a}},function(e,t,r){function n(e,t){return Promise.resolve().then(function(){if(!t||!t.accessToken)throw new C("A valid access token object is required");var r=e.options.clientId;if(!r)throw new C("A clientId must be specified in the OktaAuth constructor to revoke a token");var n=U.getOAuthUrls(e).revokeUrl,o=t.accessToken,i=O.toQueryParams({token_type_hint:"access_token",token:o}).slice(1),s=btoa(r);return _.post(e,n,i,{headers:{"Content-Type":"application/x-www-form-urlencoded",Authorization:"Basic "+s}})})}function o(e){var t,r=e.split(".");try{t={header:JSON.parse(O.base64UrlToString(r[0])),payload:JSON.parse(O.base64UrlToString(r[1])),signature:r[2]}}catch(e){throw new C("Malformed token")}return t}function i(e,t,r){return Promise.resolve().then(function(){if(!t||!t.idToken)throw new C("Only idTokens may be verified");var n=o(t.idToken),i={clientId:e.options.clientId,issuer:e.options.issuer,ignoreSignature:e.options.ignoreSignature};return O.extend(i,r),U.validateClaims(e,n.payload,i),1!=i.ignoreSignature&&e.features.isTokenVerifySupported()?U.getKey(e,t.issuer,n.header.kid).then(function(e){return P.verifyToken(t.idToken,e)}).then(function(e){if(!e)throw new C("The token signature is not valid");if(r&&r.accessToken&&t.claims.at_hash)return P.getOidcHash(r.accessToken).then(function(e){if(e!==t.claims.at_hash)throw new C("Token hash verification failed")})}).then(function(){return t}):t})}function s(e,t,r){var n,o;return new Promise(function(i,s){n=function(t){if(t.data&&t.data.state===r)return t.origin!==e.getIssuerOrigin()?s(new C("The request does not match client configuration")):void i(t.data)},U.addListener(window,"message",n),o=setTimeout(function(){s(new C("OAuth flow timed out"))},t||12e4)}).finally(function(){clearTimeout(o),U.removeListener(window,"message",n)})}function a(e,t,r){var n;return new Promise(function(e,o){function i(){try{t&&t.location&&t.location.hash?e(U.hashToObject(t.location.hash)):t&&!t.closed&&setTimeout(i,500)}catch(e){setTimeout(i,500)}}i(),n=setTimeout(function(){o(new C("OAuth flow timed out"))},r||12e4)}).finally(function(){clearTimeout(n)})}function u(e,t,r,n){var o=N.loadMeta(e),i={clientId:t.clientId,authorizationCode:r,codeVerifier:o.codeVerifier,redirectUri:o.redirectUri};return N.getToken(e,i,n).then(function(e){return c(e,i),e}).finally(function(){N.clearMeta(e)})}function c(e,t){if(e.error||e.error_description)throw new R(e.error,e.error_description);if(e.state!==t.state)throw new C("OAuth flow response state doesn't match request state")}function f(e,t,r,n){n=n||{};var o=t.responseType;Array.isArray(o)||(o=[o]);var s=O.clone(t.scopes),a=t.clientId||e.options.clientId,f=!1!==e.options.pkce;return Promise.resolve().then(function(){return c(r,t),r.code&&f?(o=["token"],-1!==s.indexOf("openid")&&o.push("id_token"),u(e,t,r.code,n)):r}).then(function(r){var o={},u=r.expires_in,c=r.token_type,f=r.access_token,l=r.id_token;if(f&&(o.accessToken={value:f,accessToken:f,expiresAt:Number(u)+Math.floor(Date.now()/1e3),tokenType:c,scopes:s,authorizeUrl:n.authorizeUrl,userinfoUrl:n.userinfoUrl}),l){var p=e.token.decode(l),h={value:l,idToken:l,claims:p.payload,expiresAt:p.payload.exp,scopes:s,authorizeUrl:n.authorizeUrl,issuer:n.issuer,clientId:a},d={clientId:a,issuer:n.issuer,nonce:t.nonce,accessToken:f};return void 0!==t.ignoreSignature&&(d.ignoreSignature=t.ignoreSignature),i(e,h,d).then(function(){return o.idToken=h,o})}return o}).then(function(e){if(-1!==o.indexOf("token")&&!e.accessToken)throw new C('Unable to parse OAuth flow response: response type "token" was requested but "access_token" was not returned.');if(-1!==o.indexOf("id_token")&&!e.idToken)throw new C('Unable to parse OAuth flow response: response type "id_token" was requested but "id_token" was not returned.');return{tokens:e,state:r.state,code:r.code}})}function l(e){return{pkce:e.options.pkce,clientId:e.options.clientId,redirectUri:e.options.redirectUri||window.location.href,responseType:["token","id_token"],responseMode:e.options.responseMode,state:U.generateState(),nonce:U.generateNonce(),scopes:["openid","email"],ignoreSignature:e.options.ignoreSignature}}function p(e){if(!e.clientId)throw new C("A clientId must be specified in the OktaAuth constructor to get a token");if(O.isString(e.responseType)&&-1!==e.responseType.indexOf(" "))throw new C("Multiple OAuth responseTypes must be defined as an array");var t=O.removeNils({client_id:e.clientId,code_challenge:e.codeChallenge,code_challenge_method:e.codeChallengeMethod,display:e.display,idp:e.idp,idp_scope:e.idpScope,login_hint:e.loginHint,max_age:e.maxAge,nonce:e.nonce,prompt:e.prompt,redirect_uri:e.redirectUri,response_mode:e.responseMode,response_type:e.responseType,sessionToken:e.sessionToken,state:e.state});if(["idp_scope","response_type"].forEach(function(e){Array.isArray(t[e])&&(t[e]=t[e].join(" "))}),-1!==e.responseType.indexOf("id_token")&&-1===e.scopes.indexOf("openid"))throw new C("openid scope must be specified in the scopes argument when requesting an id_token");return t.scope=e.scopes.join(" "),t}function h(e){var t=p(e);return O.toQueryParams(t)}function d(e,t){return arguments.length>2?Promise.reject(new C('As of version 3.0, "getToken" takes only a single set of options')):(t=t||{},y(e,t).then(function(r){function n(e){return/^(https?\:\/\/)?([^:\/?#]*(?:\:[0-9]+)?)/.exec(e)[0]}var o={prompt:"none",responseMode:"okta_post_message",display:null},i={display:"popup"};t.sessionToken?O.extend(r,o):t.idp&&O.extend(r,i);var u,c,l;l=U.getOAuthUrls(e,r),c=t.codeVerifier?l.tokenUrl:l.authorizeUrl,u=c+h(r);switch(r.sessionToken||null===r.display?"IFRAME":"popup"===r.display?"POPUP":"IMPLICIT"){case"IFRAME":var p=s(e,t.timeout,r.state),d=U.loadFrame(u);return p.then(function(t){return f(e,r,t,l)}).finally(function(){document.body.contains(d)&&d.parentElement.removeChild(d)});case"POPUP":var g;if("okta_post_message"===r.responseMode){if(!e.features.isPopupPostMessageSupported())throw new C("This browser doesn't have full postMessage support");g=s(e,t.timeout,r.state)}var m={popupTitle:t.popupTitle},y=U.loadPopup(u,m);if("fragment"===r.responseMode){var v=n(e.idToken.authorize._getLocationHref()),w=n(r.redirectUri);if(v!==w)throw new C("Using fragment, the redirectUri origin ("+w+") must match the origin of this page ("+v+")");g=a(e,y,t.timeout)}return new Promise(function(e,t){var r=setInterval(function(){y&&!y.closed||(clearInterval(r),t(new C("Unable to parse OAuth flow response")))},100);g.then(function(t){clearInterval(r),e(t)}).catch(function(e){clearInterval(r),t(e)})}).then(function(t){return f(e,r,t,l)}).finally(function(){y&&!y.closed&&y.close()});default:throw new C("The full page redirect flow is not supported")}}))}function g(e,t){return arguments.length>2?Promise.reject(new C('As of version 3.0, "getWithoutPrompt" takes only a single set of options')):(t=O.clone(t)||{},O.extend(t,{prompt:"none",responseMode:"okta_post_message",display:null}),d(e,t))}function m(e,t){return arguments.length>2?Promise.reject(new C('As of version 3.0, "getWithPopup" takes only a single set of options')):(t=O.clone(t)||{},O.extend(t,{display:"popup",responseMode:"okta_post_message"}),d(e,t))}function y(e,t){t=O.clone(t)||{};var r=l(e);if(O.extend(r,t),!1===r.pkce)return Promise.resolve(r);if(!e.features.isPKCESupported()){var n="PKCE requires a modern browser with encryption support running in a secure context.";return e.features.isHTTPS()||(n+="\nThe current page is not being served with HTTPS protocol. PKCE requires secure HTTPS protocol."),e.features.hasTextEncoder()||(n+='\n"TextEncoder" is not defined. To use PKCE, you may need to include a polyfill/shim for this browser.'),Promise.reject(new C(n))}return r.codeChallengeMethod||(r.codeChallengeMethod=N.DEFAULT_CODE_CHALLENGE_METHOD),r.responseType="code",U.getWellKnown(e,null).then(function(e){if(-1===(e.code_challenge_methods_supported||[]).indexOf(r.codeChallengeMethod))throw new C("Invalid code_challenge_method")}).then(function(){var t=N.generateVerifier(r.codeVerifier),n={codeVerifier:t,redirectUri:r.redirectUri};return N.saveMeta(e,n),N.computeChallenge(t)}).then(function(e){var t=O.clone(r)||{};return O.extend(t,r,{codeChallenge:e}),t})}function v(e,t){return arguments.length>2?Promise.reject(new C('As of version 3.0, "getWithRedirect" takes only a single set of options')):(t=O.clone(t)||{},y(e,t).then(function(r){var n=U.getOAuthUrls(e,t),o=n.authorizeUrl+h(r);L.set(I.REDIRECT_OAUTH_PARAMS_COOKIE_NAME,JSON.stringify({responseType:r.responseType,state:r.state,nonce:r.nonce,scopes:r.scopes,clientId:r.clientId,urls:n,ignoreSignature:r.ignoreSignature}),null,e.options.cookies),L.set(I.REDIRECT_NONCE_COOKIE_NAME,r.nonce,null,e.options.cookies),L.set(I.REDIRECT_STATE_COOKIE_NAME,r.state,null,e.options.cookies),e.token.getWithRedirect._setLocation(o)}))}function w(e,t){if(!U.isToken(t))return Promise.reject(new C("Renew must be passed a token with an array of scopes and an accessToken or idToken"));var r;return r=e.options.pkce?"code":t.accessToken?"token":"id_token",g(e,{responseType:r,scopes:t.scopes,authorizeUrl:t.authorizeUrl,userinfoUrl:t.userinfoUrl,issuer:t.issuer}).then(function(e){var r=e.tokens;return t.idToken?r.idToken:r.accessToken})}function k(e){var t=e.token.parseFromUrl._getHistory(),r=e.token.parseFromUrl._getDocument(),n=e.token.parseFromUrl._getLocation();t&&t.replaceState?t.replaceState(null,r.title,n.pathname+n.search):n.hash=""}function T(e){var t=e.token.parseFromUrl._getHistory(),r=e.token.parseFromUrl._getDocument(),n=e.token.parseFromUrl._getLocation();t&&t.replaceState?t.replaceState(null,r.title,n.pathname+n.hash):n.search=""}function b(e,t){t=t||{},O.isString(t)&&(t={url:t});var r,n=e.options.pkce?"query":"fragment",o=t.url,i=t.responseMode||e.options.responseMode||n,s=e.token.parseFromUrl._getLocation();if(!(r="query"===i?o?o.substring(o.indexOf("?")):s.search:o?o.substring(o.indexOf("#")):s.hash))return Promise.reject(new C("Unable to parse a token from the url"));var a=L.get(I.REDIRECT_OAUTH_PARAMS_COOKIE_NAME);if(!a)return Promise.reject(new C("Unable to retrieve OAuth redirect params cookie"));try{var u=JSON.parse(a),c=u.urls;delete u.urls,L.delete(I.REDIRECT_OAUTH_PARAMS_COOKIE_NAME)}catch(e){return Promise.reject(new C("Unable to parse the "+I.REDIRECT_OAUTH_PARAMS_COOKIE_NAME+" cookie: "+e.message))}return Promise.resolve(U.urlParamsToObject(r)).then(function(t){return o||("query"===i?T(e):k(e)),f(e,u,t,c)})}function S(e,t,r){return E.apply(this,arguments)}function E(){return E=x(A.mark(function e(t,r,n){return A.wrap(function(e){for(;;)switch(e.prev=e.next){case 0:if(r){e.next=4;break}return e.next=3,t.tokenManager.get("accessToken");case 3:r=e.sent;case 4:if(n){e.next=8;break}return e.next=7,t.tokenManager.get("idToken");case 7:n=e.sent;case 8:if(r&&(U.isToken(r)||r.accessToken||r.userinfoUrl)){e.next=10;break}return e.abrupt("return",Promise.reject(new C("getUserInfo requires an access token object")));case 10:if(n&&(U.isToken(n)||n.idToken)){e.next=12;break}return e.abrupt("return",Promise.reject(new C("getUserInfo requires an ID token object")));case 12:return e.abrupt("return",_.httpRequest(t,{url:r.userinfoUrl,method:"GET",accessToken:r.accessToken}).then(function(e){return e.sub===n.claims.sub?e:Promise.reject(new C("getUserInfo request was rejected due to token mismatch"))}).catch(function(e){if(e.xhr&&(401===e.xhr.status||403===e.xhr.status)){var t;if(e.xhr.headers&&O.isFunction(e.xhr.headers.get)&&e.xhr.headers.get("WWW-Authenticate")?t=e.xhr.headers.get("WWW-Authenticate"):O.isFunction(e.xhr.getResponseHeader)&&(t=e.xhr.getResponseHeader("WWW-Authenticate")),t){var r=t.match(/error="(.*?)"/)||[],n=t.match(/error_description="(.*?)"/)||[],o=r[1],i=n[1];o&&i&&(e=new R(o,i))}}throw e}));case 13:case"end":return e.stop()}},e)})),E.apply(this,arguments)}var A=r(7),x=r(8),_=r(3),O=r(0),U=r(10),P=r(23),C=r(1),R=r(24),I=r(2),L=r(4).storage,N=r(25);e.exports={revokeToken:n,getToken:d,getWithoutPrompt:g,getWithPopup:m,getWithRedirect:v,parseFromUrl:b,decodeToken:o,renewToken:w,getUserInfo:S,verifyToken:i,handleOAuthResponse:f,prepareOauthParams:y}},function(e,t,r){function n(e){var t=(new TextEncoder).encode(e);return crypto.subtle.digest("SHA-256",t).then(function(e){var t=new Uint8Array(e),r=t.slice(0,16),n=String.fromCharCode.apply(null,r);return i.stringToBase64Url(n)})}function o(e,t){t=i.clone(t);var r={name:"RSASSA-PKCS1-v1_5",hash:{name:"SHA-256"}},n=["verify"];return delete t.use,crypto.subtle.importKey("jwk",t,r,!0,n).then(function(t){var n=e.split("."),o=i.stringToBuffer(n[0]+"."+n[1]),s=i.base64UrlDecode(n[2]),a=i.stringToBuffer(s);return crypto.subtle.verify(r,t,a,o)})}var i=r(0);e.exports={getOidcHash:n,verifyToken:o}},function(e,t){function r(e,t){this.name="OAuthError",this.message=t,this.errorCode=e,this.errorSummary=t}r.prototype=new Error,e.exports=r},function(e,t,r){function n(e){return("0"+e.toString(16)).substr(-2)}function o(e){var t=new Uint8Array(Math.ceil(e/2));return crypto.getRandomValues(t),Array.from(t,n).join("").slice(0,e)}function i(e){var t=e||"";return t.length<y&&(t+=o(y-t.length)),encodeURIComponent(t).slice(0,v)}function s(e,t){return t=m.extend({},e.options.cookies,t),e.options.storageUtil.getPKCEStorage(t)}function a(e,t){s(e).setStorage(t)}function u(e){var t=s(e),r=t.getStorage();if(!r.codeVerifier&&(t=s(e,{preferLocalStorage:!0}),r=t.getStorage(),!r.codeVerifier))throw new d("Could not load PKCE codeVerifier from storage");return r}function c(e){s(e).clearStorage()}function f(e){var t=(new TextEncoder).encode(e);return crypto.subtle.digest("SHA-256",t).then(function(e){var t=String.fromCharCode.apply(null,new Uint8Array(e));return m.stringToBase64Url(t)})}function l(e){if(!e.clientId)throw new d("A clientId must be specified in the OktaAuth constructor to get a token");if(!e.redirectUri)throw new d("The redirectUri passed to /authorize must also be passed to /token");if(!e.authorizationCode)throw new d("An authorization code (returned from /authorize) must be passed to /token");if(!e.codeVerifier)throw new d('The "codeVerifier" (generated and saved by your app) must be passed to /token')}function p(e){var t=m.removeNils({client_id:e.clientId,redirect_uri:e.redirectUri,grant_type:"authorization_code",code:e.authorizationCode,code_verifier:e.codeVerifier});return m.toQueryParams(t).slice(1)}function h(e,t,r){l(t);var n=p(t);return g.httpRequest(e,{url:r.tokenUrl,method:"POST",args:n,withCredentials:!1,headers:{"Content-Type":"application/x-www-form-urlencoded"}})}var d=r(1),g=r(3),m=r(0),y=43,v=128;e.exports={DEFAULT_CODE_CHALLENGE_METHOD:"S256",generateVerifier:i,clearMeta:c,saveMeta:a,loadMeta:u,computeChallenge:f,getToken:h}},function(e,t,r){function n(e,t){return t.expiresAt-e.options.expireEarlySeconds}function o(e,t){return n(e,t)<=e.clock.now()}function i(e,t,r){e.emitter.emit("expired",t,r)}function s(e,t){e.emitter.emit("error",t)}function a(e,t){clearTimeout(e.expireTimeouts[t]),delete e.expireTimeouts[t],delete e.renewPromise[t]}function u(e){var t=e.expireTimeouts;for(var r in t)t.hasOwnProperty(r)&&a(e,r)}function c(e,t,r,o){var s=n(t,o),u=1e3*Math.max(s-t.clock.now(),0);a(t,r);var c=setTimeout(function(){i(t,r,o)},u);t.expireTimeouts[r]=c}function f(e,t,r){try{var n=r.getStorage()}catch(e){return void s(t,e)}for(var o in n)if(n.hasOwnProperty(o)){var i=n[o];c(e,t,o,i)}}function l(e,t,r,n,o){var i=r.getStorage();if(!w.isObject(o)||!o.scopes||!o.expiresAt&&0!==o.expiresAt||!o.idToken&&!o.accessToken)throw new k("Token must be an Object with scopes, expiresAt, and an idToken or accessToken properties");i[n]=o,r.setStorage(i),c(e,t,n,o)}function p(e,t){return e.getStorage()[t]}function h(e,t,r,n){return new Promise(function(i){var s=p(r,n);return i(s&&o(t,s)?t.options.autoRenew?g(e,t,r,n):d(t,r,n):s)})}function d(e,t,r){a(e,r);var n=t.getStorage();delete n[r],t.setStorage(n)}function g(e,t,r,n){var o=t.renewPromise[n];if(o)return o;try{var i=p(r,n);if(!i)throw new k("The tokenManager has no token for the key: "+n)}catch(e){return Promise.reject(e)}return a(t,n),t.renewPromise[n]=e.token.renew(i).then(function(o){var i=p(r,n);if(i)return l(e,t,r,n,o),t.emitter.emit("renewed",n,o,i),o}).catch(function(e){throw"OAuthError"!==e.name&&"AuthSdkError"!==e.name||(d(t,r,n),e.tokenKey=n,e.accessToken=!!i.accessToken,s(t,e)),e}).finally(function(){delete t.renewPromise[n]}),t.renewPromise[n]}function m(e,t){u(e),t.clearStorage()}function y(e,t){t=w.extend({},A,w.removeNils(t)),"localStorage"!==t.storage||T.browserHasLocalStorage()||(w.warn("This browser doesn't support localStorage. Switching to sessionStorage."),t.storage="sessionStorage"),"sessionStorage"!==t.storage||T.browserHasSessionStorage()||(w.warn("This browser doesn't support sessionStorage. Switching to cookie-based storage."),t.storage="cookie");var r;if("object"===v(t.storage))r=t.storage;else switch(t.storage){case"localStorage":r=localStorage;break;case"sessionStorage":r=sessionStorage;break;case"cookie":r=function(e){var t=T.getCookieStorage(e);return{getItem:function(e){var r=t.getItem(),n={};return Object.keys(r).forEach(function(t){0===t.indexOf(e)&&(n[t.replace("".concat(e,"_"),"")]=JSON.parse(r[t]))}),JSON.stringify(n)},setItem:function(e,r){var n=JSON.parse(this.getItem(e));r=JSON.parse(r),Object.keys(r).forEach(function(o){var i=e+"_"+o,s=JSON.stringify(r[o]);t.setItem(i,s),delete n[o]}),Object.keys(n).forEach(function(t){T.storage.delete(e+"_"+t)})}}}(e.options.cookies);break;case"memory":r=T.getInMemoryStorage();break;default:throw new k("Unrecognized storage option")}var n=t.storageKey||b.TOKEN_STORAGE_NAME,o=S(r,n),i=E.create(e,t),s={clock:i,options:t,emitter:e.emitter,expireTimeouts:{},renewPromise:{}};this.add=w.bind(l,this,e,s,o),this.get=w.bind(h,this,e,s,o),this.remove=w.bind(d,this,s,o),this.clear=w.bind(m,this,s,o),this.renew=w.bind(g,this,e,s,o),this.on=w.bind(s.emitter.on,s.emitter),this.off=w.bind(s.emitter.off,s.emitter),f(e,s,o)}var v=r(5),w=r(0),k=r(1),T=r(4),b=r(2),S=r(6),E=r(27),A={autoRenew:!0,storage:"localStorage",expireEarlySeconds:30};e.exports=y},function(e,t,r){function n(e){this.localOffset=parseInt(e||0)}r(0).extend(n.prototype,{now:function(){return(Date.now()+this.localOffset)/1e3}}),n.create=function(){return new n(0)},e.exports=n},function(e,t,r){function n(){this.queue=[],this.running=!1}var o=r(0);o.extend(n.prototype,{push:function(){var e=this,t=Array.prototype.slice.call(arguments),r=t[0],n=t[1];return t=t.slice(2),new Promise(function(o,i){e.queue.push({method:r,thisObject:n,args:t,resolve:o,reject:i}),e.run()})},run:function(){var e=this;if(!this.running&&0!==this.queue.length){this.running=!0;var t=this.queue.shift(),r=t.method.apply(t.thisObject,t.args);o.isPromise(r)?r.then(t.resolve,t.reject).finally(function(){e.running=!1,e.run()}):(t.resolve(r),this.running=!1,this.run())}}}),e.exports=n}])});
//# sourceMappingURL=okta-auth-js.min.js.map

7

lib/token.js

@@ -241,3 +241,8 @@ /*!

if (res.code && pkce) {
responseType = ['token', 'id_token']; // what we expect the code to provide us
// responseType is not sent to the token endpoint.
// We populate this array to validate the response below
responseType = ['token']; // an accessToken will always be returned
if (scopes.indexOf('openid') !== -1) {
responseType.push('id_token'); // an idToken will be returned if "openid" is in the scopes
}
return exchangeCodeForToken(sdk, oauthParams, res.code, urls);

@@ -244,0 +249,0 @@ }

32

lib/TokenManager.js

@@ -222,3 +222,33 @@ /*!

case 'cookie':
storageProvider = storageUtil.getCookieStorage(sdk.options.cookies);
// Implement customized cookie storage to make sure each token is stored separatedly in cookie
storageProvider = (function(options) {
var storage = storageUtil.getCookieStorage(options);
return {
getItem: function(key) {
var data = storage.getItem();
var value = {};
Object.keys(data).forEach(k => {
if (k.indexOf(key) === 0) {
value[k.replace(`${key}_`, '')] = JSON.parse(data[k]);
}
});
return JSON.stringify(value);
},
setItem: function(key, value) {
var existingValues = JSON.parse(this.getItem(key));
value = JSON.parse(value);
// Set key-value pairs from input to cookies
Object.keys(value).forEach(k => {
var storageKey = key + '_' + k;
var valueToStore = JSON.stringify(value[k]);
storage.setItem(storageKey, valueToStore);
delete existingValues[k];
});
// Delete unmatched keys from existing cookies
Object.keys(existingValues).forEach(k => {
storageUtil.storage.delete(key + '_' + k);
});
}
};
}(sdk.options.cookies));
break;

@@ -225,0 +255,0 @@ case 'memory':

9

package.json
{
"name": "@okta/okta-auth-js",
"description": "The Okta Auth SDK",
"version": "3.1.3",
"version": "3.1.4",
"homepage": "https://github.com/okta/okta-auth-js",

@@ -26,3 +26,4 @@ "license": "Apache-2.0",

"build": "webpack --config webpack.config.js",
"prepare": "yarn build"
"prepare": "yarn build",
"dev": "webpack --config webpack.dev.config.js"
},

@@ -84,5 +85,5 @@ "author": "Okta",

"okta": {
"commitSha": "57cf89f55f35a43b4de66d264bcb066a1d2bd462",
"fullVersion": "3.1.3-20200612010914-57cf89f"
"commitSha": "e13818df741a6fceb41a8833bb4af0d3d3d42bb8",
"fullVersion": "3.1.4-20200616230029-e13818d"
}
}
dist/okta-auth-js.min.js.map

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc