refactor: separate env specific code for options at build time

OKTA-446542 <<<Jenkins Check-In of Tested SHA: 16cdcbf for eng_productivity_ci_bot_okta@okta.com>>> Artifact: okta-auth-js Files changed count: 8 PR Link: "#1109"
okta · Feb 14, 2022 · da969b7 · da969b7
1 parent f2a3922
commit da969b7
Show file tree

Hide file tree

Showing 8 changed files with 224 additions and 180 deletions.
diff --git a/jest.browser.js b/jest.browser.js
@@ -9,7 +9,10 @@ const config = Object.assign({}, baseConfig, {
   testPathIgnorePatterns: baseConfig.testPathIgnorePatterns.concat([
     '<rootDir>/test/spec/serverStorage.js',
     '<rootDir>/test/spec/features/server'
-  ])
+  ]),
+  moduleNameMapper: Object.assign({}, baseConfig.moduleNameMapper, {
+    '^./node$': './browser'
+  })
 });
 
 module.exports = config;
diff --git a/lib/options.ts b/lib/options.ts
diff --git a/lib/options/browser.ts b/lib/options/browser.ts
@@ -0,0 +1,85 @@
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * 
+ * See the License for the specific language governing permissions and limitations under the License.
+ */
+
+/* eslint-disable complexity */
+import { StorageManagerOptions, OktaAuthOptions } from '../types';
+import { warn } from '../util';
+
+export { default as storage } from '../browser/browserStorage';
+
+export const STORAGE_MANAGER_OPTIONS: StorageManagerOptions = {
+  token: {
+    storageTypes: [
+      'localStorage',
+      'sessionStorage',
+      'cookie'
+    ]
+  },
+  cache: {
+    storageTypes: [
+      'localStorage',
+      'sessionStorage',
+      'cookie'
+    ]
+  },
+  transaction: {
+    storageTypes: [
+      'sessionStorage',
+      'localStorage',
+      'cookie'
+    ]
+  },
+  'shared-transaction': {
+    storageTypes: [
+      'localStorage'
+    ]
+  },
+  'original-uri': {
+    storageTypes: [
+      'localStorage'
+    ]
+  }
+};
+
+export const enableSharedStorage = true;
+
+export function getCookieSettings(args: OktaAuthOptions = {}, isHTTPS: boolean) {
+  // Secure cookies will be automatically used on a HTTPS connection
+  // Non-secure cookies will be automatically used on a HTTP connection
+  // secure option can override the automatic behavior
+  var cookieSettings = args.cookies || {};
+  if (typeof cookieSettings.secure === 'undefined') {
+    cookieSettings.secure = isHTTPS;
+  }
+  if (typeof cookieSettings.sameSite === 'undefined') {
+    cookieSettings.sameSite = cookieSettings.secure ? 'none' : 'lax';
+  }
+
+  // If secure=true, but the connection is not HTTPS, set secure=false.
+  if (cookieSettings.secure && !isHTTPS) {
+    // eslint-disable-next-line no-console
+    warn(
+      'The current page is not being served with the HTTPS protocol.\n' +
+      'For security reasons, we strongly recommend using HTTPS.\n' +
+      'If you cannot use HTTPS, set "cookies.secure" option to false.'
+    );
+    cookieSettings.secure = false;
+  }
+
+  // Chrome >= 80 will block cookies with SameSite=None unless they are also Secure
+  // If sameSite=none, but the connection is not HTTPS, set sameSite=lax.
+  if (cookieSettings.sameSite === 'none' && !cookieSettings.secure) {
+    cookieSettings.sameSite = 'lax';
+  }
+
+  return cookieSettings;
+}
diff --git a/lib/options/index.ts b/lib/options/index.ts
@@ -0,0 +1,85 @@
+/*!
+ * Copyright (c) 2015-present, Okta, Inc. and/or its affiliates. All rights reserved.
+ * The Okta software accompanied by this notice is provided pursuant to the Apache License, Version 2.0 (the "License.")
+ *
+ * You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * 
+ * See the License for the specific language governing permissions and limitations under the License.
+ */
+
+import { removeTrailingSlash, removeNils } from '../util';
+import { assertValidConfig } from '../builderUtil';
+import { OktaAuthOptions } from '../types';
+
+import fetchRequest from '../fetch/fetchRequest';
+import { storage, STORAGE_MANAGER_OPTIONS, enableSharedStorage, getCookieSettings } from './node';
+import { isHTTPS } from '../features';
+
+export function getDefaultOptions(): OktaAuthOptions {
+  const options = {
+    devMode: false,
+    httpRequestClient: fetchRequest,
+    storageUtil: storage,
+    storageManager: STORAGE_MANAGER_OPTIONS,
+    transactionManager: {
+      enableSharedStorage
+    }
+  };
+  return options;
+}
+
+function mergeOptions(options, args): OktaAuthOptions {
+  return Object.assign({}, options, removeNils(args), {
+    storageManager: Object.assign({}, options.storageManager, args.storageManager),
+    transactionManager: Object.assign({}, options.transactionManager, args.transactionManager),
+  });
+}
+
+export function buildOptions(args: OktaAuthOptions = {}): OktaAuthOptions {
+  assertValidConfig(args);
+  args = mergeOptions(getDefaultOptions(), args);
+  return removeNils({
+    // OIDC configuration
+    issuer: removeTrailingSlash(args.issuer),
+    tokenUrl: removeTrailingSlash(args.tokenUrl),
+    authorizeUrl: removeTrailingSlash(args.authorizeUrl),
+    userinfoUrl: removeTrailingSlash(args.userinfoUrl),
+    revokeUrl: removeTrailingSlash(args.revokeUrl),
+    logoutUrl: removeTrailingSlash(args.logoutUrl),
+    clientId: args.clientId,
+    redirectUri: args.redirectUri,
+    state: args.state,
+    scopes: args.scopes,
+    postLogoutRedirectUri: args.postLogoutRedirectUri,
+    responseMode: args.responseMode,
+    responseType: args.responseType,
+    pkce: args.pkce === false ? false : true, // PKCE defaults to true
+    useInteractionCodeFlow: args.useInteractionCodeFlow,
+
+    // Internal options
+    httpRequestClient: args.httpRequestClient,
+    transformErrorXHR: args.transformErrorXHR,
+    transformAuthState: args.transformAuthState,
+    restoreOriginalUri: args.restoreOriginalUri,
+    storageUtil: args.storageUtil,
+    headers: args.headers,
+    devMode: !!args.devMode,
+    storageManager: args.storageManager,
+    transactionManager: args.transactionManager,
+    cookies: getCookieSettings(args, isHTTPS()),
+    flow: args.flow,
+    codeChallenge: args.codeChallenge,
+    codeChallengeMethod: args.codeChallengeMethod,
+    recoveryToken: args.recoveryToken,
+    activationToken: args.activationToken,
+
+    // Give the developer the ability to disable token signature validation.
+    ignoreSignature: !!args.ignoreSignature,
+
+    // Server-side web applications
+    clientSecret: args.clientSecret
+  });
+}