headers: defaultHeaders()

in src/server/lib/okta/api/authentication.ts [91:123]

• 12 lines of code
• 2 McCabe index (conditional complexity)

		headers: defaultHeaders(ip),
	}).then(handleAuthenticationResponse);
};

/**
 * @name resetPassword
 * @description Completes a password reset transaction
 *
 * https://developer.okta.com/docs/reference/api/authn/#reset-password
 *
 * This is used to set a new password for a user. For security reasons, this method also performs the breached password check,
 * with the pwned password API. This is tightly coupled to this method so that in all cases where a password is reset, the password
 * is checked against the pwned password API.
 *
 * The documentation for the pwned password API is here:
 * https://haveibeenpwned.com/API/v3#PwnedPasswords
 *
 * @param {string} body.stateToken State token for the current transaction. State tokens can be obtained by starting a forgotten
 * password flow or admin-initiated reset password flow or by passing an activation token into the /authn endpoint
 * @param {string} body.newPassword User's new password
 *
 * @returns Promise<AuthenticationTransaction>
 */
export const resetPassword = async (
	body: {
		stateToken: string;
		newPassword: string;
	},
	ip?: string,
): Promise<AuthenticationTransaction> => {
	const path = buildUrl('/api/v1/authn/credentials/reset_password');

	if (await isBreachedPassword(body.newPassword)) {