Reverts 3.0 changes for 2.2.1

.eslintignore

@@ -1,2 +1,4 @@
 node_modules
 /dist
+src/@types
+src/okta/models

README.md

@@ -32,10 +32,9 @@ All of these features are supported by this SDK. Additionally, using this SDK, y
 This library currently supports:
 
 - [OAuth 2.0 Implicit Flow](https://tools.ietf.org/html/rfc6749#section-1.3.2)
-- [OAuth 2.0 Authorization Code Flow](https://tools.ietf.org/html/rfc6749#section-1.3.1) with [Proof Key for Code Exchange (PKCE)](https://tools.ietf.org/html/rfc7636)
+- [OAuth 2.0 Authorization Code Flow](https://tools.ietf.org/html/rfc6749#section-1.3.1) with [Proof Key for Code Exchange (PKCE)](https://tools.ietf.org/html/rfc7636) 
 
 > This library has been tested for compatibility with the following Angular versions: 4, 5, 6, 7, 8, 9
-> :warning: Angular versions older than 7 may not be fully compatible with all dependencies of this library, due to an older Typescript version. You may be able to workaround this issue by setting `skipLibChecks: true` in your `tsconfig.json` file.
 
 ## Getting Started
 
@@ -315,9 +314,7 @@ const oktaConfig = {
 
 ### `OktaAuthService`
 
-In your components, your can take advantage of all of `okta-angular`'s features by importing the `OktaAuthService`. The `OktaAuthService` inherits from the `OktaAuth` service exported by [@okta/okta-auth-js](https://github.com/okta/okta-auth-js) making the full [configuration](https://github.com/okta/okta-auth-js#configuration-reference) and [api](https://github.com/okta/okta-auth-js#api-reference) available on `OktaAuthService`.
-
-The example below shows connecting two buttons to handle **login** and **logout**:
+In your components, your can take advantage of all of `okta-angular`'s features by importing the `OktaAuthService`. The example below shows connecting two buttons to handle **login** and **logout**:
 
 ```typescript
 // sample.component.ts

package.json

@@ -1,7 +1,7 @@
 {
   "name": "@okta/okta-angular",
   "private": true,
-  "version": "3.0.0",
+  "version": "2.2.1",
   "description": "Angular support for Okta",
   "main": "./dist/bundles/okta-angular.umd.js",
   "module": "./dist/fesm5/okta-angular.js",
@@ -42,8 +42,8 @@
   ],
   "license": "Apache-2.0",
   "dependencies": {
-    "@okta/configuration-validation": "^1.0.0",
-    "@okta/okta-auth-js": "^4.0.0",
+    "@okta/configuration-validation": "^0.4.1",
+    "@okta/okta-auth-js": "^3.2.3",
     "tslib": "^1.9.0"
   },
   "devDependencies": {
@@ -109,7 +109,7 @@
       "jest-junit"
     ],
     "moduleNameMapper": {
-      "@okta/okta-auth-js": "<rootDir>/node_modules/@okta/okta-auth-js/dist/okta-auth-js.umd.js"
+      "@okta/okta-auth-js": "<rootDir>/node_modules/@okta/okta-auth-js/dist/okta-auth-js.min.js"
     },
     "restoreMocks": true,
     "transform": {

rollup.config.js

@@ -47,6 +47,12 @@ export default {
         }),
         commonjs({
             namedExports: {
+                '@okta/configuration-validation': [
+                    'assertIssuer',
+                    'assertClientId',
+                    'assertRedirectUri',
+                    'buildConfigObject'
+                ]
             }
         }),
         sourcemaps()

src/@types/okta__configuration-validation/index.d.ts

@@ -0,0 +1 @@
+declare module '@okta/configuration-validation';

src/@types/okta__okta-auth-js/index.d.ts

@@ -0,0 +1,22 @@
+declare module '@okta/okta-auth-js';
+
+declare interface TokenHash {
+  [key: string] : Token;
+}
+declare interface ParseFromUrlResponse {
+  tokens: TokenHash;
+  state: string;
+}
+
+declare interface TokenAPI {
+  getUserInfo(accessToken?: AccessToken, idToken?: IDToken): Promise;
+  getWithRedirect(params?: object): Promise;
+  parseFromUrl(): ParseFromUrlResponse;
+}
+
+declare class OktaAuth {
+  userAgent: string;
+  tokenManager: TokenManager;
+  token: TokenAPI;
+  signOut(options: object): Promise;
+}

src/okta-angular.ts

@@ -14,6 +14,7 @@ export { OktaAuthModule }  from './okta/okta.module';
 export { OktaAuthGuard }   from './okta/okta.guard';
 export { OktaAuthService } from './okta/services/okta.service';
 export { OktaConfig, OKTA_CONFIG }     from './okta/models/okta.config';
+export { UserClaims }     from './okta/models/user-claims';
 
 // Okta View Components
 export { OktaCallbackComponent } from './okta/components/callback.component';

src/okta/models/okta.config.ts

@@ -12,19 +12,35 @@
 
 import { InjectionToken, Injector } from '@angular/core';
 import { OktaAuthService } from '../services/okta.service';
-import { OktaAuthOptions } from '@okta/okta-auth-js';
 
 export type AuthRequiredFunction = (oktaAuth: OktaAuthService, injector: Injector) => void;
 export type IsAuthenticatedFunction = (oktaAuth: OktaAuthService) => Promise<boolean>;
+export type OnSessionExpiredFunction = () => void;
 
 export interface TestingObject {
   disableHttpsCheck: boolean;
 }
 
-export interface OktaConfig extends OktaAuthOptions {
+export interface TokenManagerConfig {
+  autoRenew?: boolean;
+  secure?: boolean;
+  storage?: string;
+}
+
+export interface OktaConfig {
+  issuer?: string;
+  redirectUri?: string;
+  clientId?: string;
+  scope?: string;
+  scopes?: string[];
+  responseType?: any; // can be string or array
+  pkce?: boolean;
   onAuthRequired?: AuthRequiredFunction;
   testing?: TestingObject;
+  tokenManager?: TokenManagerConfig;
+  postLogoutRedirectUri?: string;
   isAuthenticated?: IsAuthenticatedFunction;
+  onSessionExpired?: OnSessionExpiredFunction;
 }
 
 export const OKTA_CONFIG = new InjectionToken<OktaConfig>('okta.config.angular');

src/okta/models/token-manager.ts

@@ -0,0 +1,19 @@
+import { UserClaims } from './user-claims';
+
+export interface AccessToken {
+  accessToken: string;
+}
+
+export interface IDToken {
+  idToken: string;
+  claims: UserClaims;
+}
+
+export type Token = AccessToken | IDToken;
+
+export interface TokenManager {
+  get(key: string): Token;
+  add(key: string, token: Token): void;
+  on(event: string, handler: Function): void;
+  off(event: string, handler: Function): void;
+}

src/okta/models/user-claims.ts

@@ -0,0 +1,27 @@
+/**
+ *
+ * This interface represents the union of possible known claims that are in an
+ * ID Token or returned from the /userinfo response and depend on the
+ * response_type and scope parameters in the authorize request
+ */
+export interface UserClaims {
+  auth_time?: Number;
+  aud?: string;
+  email?: string;
+  email_verified?: Boolean;
+  exp?: Number;
+  family_name?: string;
+  given_name?: string;
+  iat?: Number;
+  iss?: string;
+  jti?: string;
+  locale?: string;
+  name?: string;
+  nonce?: string;
+  preferred_username?: string;
+  sub: string;
+  updated_at?: Number;
+  ver?: Number;
+  zoneinfo?: string;
+  [propName: string]: any;  // For custom claims that may be configured by the org admin
+}

src/okta/services/okta.service.ts

@@ -18,60 +18,52 @@ import {
 } from '@okta/configuration-validation';
 
 import { OKTA_CONFIG, OktaConfig, AuthRequiredFunction } from '../models/okta.config';
+import { UserClaims } from '../models/user-claims';
+import { TokenManager, AccessToken, IDToken } from '../models/token-manager';
 
 // eslint-disable-next-line node/no-unpublished-import
 import packageInfo from '../packageInfo';
 
 /**
  * Import the okta-auth-js library
  */
-import { OktaAuth, TokenManager, AccessToken, IDToken, UserClaims, SignoutOptions } from '@okta/okta-auth-js';
+import OktaAuth from '@okta/okta-auth-js';
 import { Observable, Observer } from 'rxjs';
 
-/**
- * Scrub scopes to ensure 'openid' is included
- * @param scopes
- */
-function scrubScopes(scopes: string[]): void {
-  if (scopes.indexOf('openid') >= 0) {
-    return;
-  }
-  scopes.unshift('openid');
-}
-
 @Injectable()
-export class OktaAuthService extends OktaAuth {
+export class OktaAuthService {
+    private oktaAuth: OktaAuth;
     private config: OktaConfig;
     private observers: Observer<boolean>[];
-    private injector: Injector;
-
     $authenticationState: Observable<boolean>;
 
-    constructor(@Inject(OKTA_CONFIG) config: OktaConfig, injector: Injector) {
-      config = Object.assign({}, config);
-      config.scopes = config.scopes || ['openid', 'email'];
+    constructor(@Inject(OKTA_CONFIG) config: OktaConfig, private injector: Injector) {
+      this.observers = [];
 
-      // Scrub scopes to ensure 'openid' is included
-      scrubScopes(config.scopes);
+      /**
+       * Cache the auth config.
+       */
+      this.config = Object.assign({}, config);
+      this.config.scopes = this.config.scopes || ['openid', 'email'];
 
-      // Assert Configuration
-      assertIssuer(config.issuer, config.testing);
-      assertClientId(config.clientId);
-      assertRedirectUri(config.redirectUri);
+      /**
+       * Scrub scopes to ensure 'openid' is included
+       */
 
-      super(config);
-      this.config = config;
-      this.injector = injector;
+      this.scrubScopes(this.config.scopes);
 
-      // Customize user agent
-      this.userAgent = `${packageInfo.name}/${packageInfo.version} ${this.userAgent}`;
+      // Assert Configuration
+      assertIssuer(this.config.issuer, this.config.testing);
+      assertClientId(this.config.clientId);
+      assertRedirectUri(this.config.redirectUri);
 
-      // Initialize observers
-      this.observers = [];
+      this.oktaAuth = new OktaAuth(this.config);
+      this.oktaAuth.userAgent = `${packageInfo.name}/${packageInfo.version} ${this.oktaAuth.userAgent}`;
       this.$authenticationState = new Observable((observer: Observer<boolean>) => { this.observers.push(observer); });
     }
 
-    async login(fromUri?: string, additionalParams?: Record<string, unknown>): Promise<unknown> {
+    // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
+    login(fromUri?: string, additionalParams?: Record<string, unknown>) {
       this.setFromUri(fromUri);
       const onAuthRequired: AuthRequiredFunction | undefined = this.config.onAuthRequired;
       if (onAuthRequired) {
@@ -81,7 +73,7 @@ export class OktaAuthService extends OktaAuth {
     }
 
     getTokenManager(): TokenManager {
-      return this.tokenManager;
+      return this.oktaAuth.tokenManager;
     }
 
     /**
@@ -108,7 +100,7 @@ export class OktaAuthService extends OktaAuth {
      */
     async getAccessToken(): Promise<string | undefined>  {
       try {
-        const accessToken: AccessToken = await this.tokenManager.get('accessToken') as AccessToken;
+        const accessToken: AccessToken = await this.oktaAuth.tokenManager.get('accessToken') as AccessToken;
         return accessToken.accessToken;
       } catch (err) {
         // The user no longer has an existing SSO session in the browser.
@@ -123,7 +115,7 @@ export class OktaAuthService extends OktaAuth {
      */
     async getIdToken(): Promise<string | undefined> {
       try {
-        const idToken: IDToken = await this.tokenManager.get('idToken') as IDToken;
+        const idToken: IDToken = await this.oktaAuth.tokenManager.get('idToken') as IDToken;
         return idToken.idToken;
       } catch (err) {
         // The user no longer has an existing SSO session in the browser.
@@ -137,7 +129,7 @@ export class OktaAuthService extends OktaAuth {
      * Returns user claims from the /userinfo endpoint.
      */
     async getUser(): Promise<UserClaims> {
-      return this.token.getUserInfo();
+      return this.oktaAuth.token.getUserInfo();
     }
 
     /**
@@ -152,7 +144,8 @@ export class OktaAuthService extends OktaAuth {
      * @param fromUri
      * @param additionalParams
      */
-    async loginRedirect(fromUri?: string, additionalParams?: Record<string, unknown>): Promise<void> {
+    // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types
+    loginRedirect(fromUri?: string, additionalParams?: Record<string, unknown>) {
       if (fromUri) {
         this.setFromUri(fromUri);
       }
@@ -162,7 +155,7 @@ export class OktaAuthService extends OktaAuth {
         responseType: this.config.responseType
       }, additionalParams);
 
-      return this.token.getWithRedirect(params); // can throw
+      return this.oktaAuth.token.getWithRedirect(params); // can throw
     }
 
     /**
@@ -193,13 +186,13 @@ export class OktaAuthService extends OktaAuth {
      * Parses the tokens from the callback URL.
      */
     async handleAuthentication(): Promise<void> {
-      const res = await this.token.parseFromUrl();
+      const res = await this.oktaAuth.token.parseFromUrl();
       const tokens = res.tokens;
       if (tokens.accessToken) {
-        this.tokenManager.add('accessToken', tokens.accessToken as AccessToken);
+        this.oktaAuth.tokenManager.add('accessToken', tokens.accessToken as AccessToken);
       }
       if (tokens.idToken) {
-        this.tokenManager.add('idToken', tokens.idToken as IDToken);
+        this.oktaAuth.tokenManager.add('idToken', tokens.idToken as IDToken);
       }
       if (await this.isAuthenticated()) {
         this.emitAuthenticationState(true);
@@ -211,7 +204,8 @@ export class OktaAuthService extends OktaAuth {
      * tokens stored in the tokenManager.
      * @param options
      */
-    async logout(options?: string | SignoutOptions): Promise<void> {
+    // eslint-disable-next-line @typescript-eslint/explicit-module-boundary-types,@typescript-eslint/no-explicit-any
+    async logout(options?: any): Promise<void> {
       let redirectUri = null;
       options = options || {};
       if (typeof options === 'string') {
@@ -224,9 +218,18 @@ export class OktaAuthService extends OktaAuth {
           postLogoutRedirectUri: redirectUri
         };
       }
-      await this.signOut(options);
+      await this.oktaAuth.signOut(options);
       this.emitAuthenticationState(false);
     }
 
-
+    /**
+     * Scrub scopes to ensure 'openid' is included
+     * @param scopes
+     */
+    scrubScopes(scopes: string[]): void {
+      if (scopes.indexOf('openid') >= 0) {
+        return;
+      }
+      scopes.unshift('openid');
+    }
 }

test/e2e/harness/src/app/sessionToken-login.component.ts

@@ -13,7 +13,7 @@
 import { Component } from '@angular/core';
 import { OktaAuthService } from '@okta/okta-angular';
 
-import { OktaAuth } from '@okta/okta-auth-js';
+import OktaAuth from '@okta/okta-auth-js';
 
 @Component({
   selector: 'app-session-login',