@alien_org/sso-sdk-core 1.0.21 → 1.0.22
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.cjs +1 -1
- package/dist/index.esm.js +27 -25
- package/dist/index.umd.js +1 -1
- package/package.json +1 -1
package/dist/index.cjs
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
"use strict";var h=(
|
|
1
|
+
"use strict";var h=(d,e,o)=>new Promise((s,r)=>{var a=l=>{try{c(o.next(l))}catch(S){r(S)}},n=l=>{try{c(o.throw(l))}catch(S){r(S)}},c=l=>l.done?s(l.value):Promise.resolve(l.value).then(a,n);c((o=o.apply(d,e)).next())});Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});const t=require("zod/v4-mini"),I=require("js-sha256"),y=t.z.object({deep_link:t.z.string(),polling_code:t.z.string(),expired_at:t.z.number()}),T=t.z.object({polling_code:t.z.string()}),j=["pending","authorized","rejected","expired"],x=t.z.enum(j),z=t.z.object({status:x,authorization_code:t.z.optional(t.z.string())}),m=t.z.object({access_token:t.z.string(),token_type:t.z.string(),expires_in:t.z.number(),id_token:t.z.optional(t.z.string()),refresh_token:t.z.string()}),A=t.z.object({sub:t.z.string()}),R=t.z.object({iss:t.z.string(),sub:t.z.string(),aud:t.z.union([t.z.string(),t.z.array(t.z.string())]),exp:t.z.number(),iat:t.z.number(),nonce:t.z.optional(t.z.string()),auth_time:t.z.optional(t.z.number())}),E=m;function _(d){return btoa(d).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function w(d){let e=d.replace(/-/g,"+").replace(/_/g,"/");for(;e.length%4;)e+="=";return atob(e)}const v="https://sso.alien.com",P=5e3,i="alien-sso_",g=i+"refresh_token",p=i+"token_expiry",f=(d,e)=>new URL(e,d).toString(),b=t.z.object({ssoBaseUrl:t.z.url(),providerAddress:t.z.string(),pollingInterval:t.z.optional(t.z.number())}),u=class u{constructor(e){this.config=b.parse(e),this.ssoBaseUrl=this.config.ssoBaseUrl||v,this.providerAddress=this.config.providerAddress,this.pollingInterval=this.config.pollingInterval||P}generateCodeVerifier(e=128){let o;const s=typeof window!="undefined"&&window.crypto;if(s&&s.getRandomValues)o=new Uint8Array(e),s.getRandomValues(o);else{o=new Uint8Array(e);for(let a=0;a<e;a++)o[a]=Math.floor(Math.random()*256)}let r="";for(let a=0;a<o.length;a++)r+=String.fromCharCode(o[a]);return _(r)}generateCodeChallenge(e){const o=I.sha256.array(e),s=String.fromCharCode(...o);return _(s)}generateDeeplink(){return h(this,null,function*(){const e=this.generateCodeVerifier(),o=this.generateCodeChallenge(e);sessionStorage.setItem(i+"code_verifier",e);const s=new URLSearchParams({response_type:"code",response_mode:"json",client_id:this.providerAddress,scope:"openid",code_challenge:o,code_challenge_method:"S256"}),r=`${this.config.ssoBaseUrl}/oauth/authorize?${s.toString()}`,a=yield fetch(r,{method:"GET"});if(!a.ok){const c=yield a.json().catch(()=>({error:a.statusText}));throw new Error(`Authorize failed: ${c.error_description||c.error||a.statusText}`)}const n=yield a.json();return y.parse(n)})}pollAuth(e){return h(this,null,function*(){const o={polling_code:e};T.parse(o);const s=yield fetch(f(this.config.ssoBaseUrl,"/oauth/poll"),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(o)});if(!s.ok)throw new Error(`Poll failed: ${s.statusText}`);const r=yield s.json();return z.parse(r)})}exchangeToken(e){return h(this,null,function*(){const o=sessionStorage.getItem(i+"code_verifier");if(!o)throw new Error("Missing code verifier.");const s=new URLSearchParams({grant_type:"authorization_code",code:e,client_id:this.providerAddress,code_verifier:o}),r=yield fetch(f(this.config.ssoBaseUrl,"/oauth/token"),{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:s.toString()});if(!r.ok){const l=yield r.json().catch(()=>({error:r.statusText}));throw new Error(`Token exchange failed: ${l.error_description||l.error||r.statusText}`)}const a=yield r.json(),n=m.parse(a);localStorage.setItem(i+"access_token",n.access_token),n.id_token&&localStorage.setItem(i+"id_token",n.id_token),localStorage.setItem(g,n.refresh_token);const c=Date.now()+n.expires_in*1e3;return localStorage.setItem(p,c.toString()),sessionStorage.removeItem(i+"code_verifier"),n})}verifyAuth(){return h(this,null,function*(){return this.withAutoRefresh(()=>h(this,null,function*(){const e=this.getAccessToken();if(!e)return null;const o=yield fetch(f(this.config.ssoBaseUrl,"/oauth/userinfo"),{method:"GET",headers:{Authorization:`Bearer ${e}`}});if(!o.ok){if(o.status===401){const r=new Error("Unauthorized");throw r.response={status:401},r}return null}const s=yield o.json();return A.parse(s)}))})}getAccessToken(){return localStorage.getItem(i+"access_token")}getIdToken(){return localStorage.getItem(i+"id_token")}getAuthData(){const e=this.getIdToken()||this.getAccessToken();if(!e)return null;const o=e.split(".");if(o.length!==3)return null;let s;try{const n=w(o[0]);s=JSON.parse(n)}catch(n){return null}if(s.alg!=="RS256"||s.typ!=="JWT")return null;let r;try{const n=JSON.parse(w(o[1]));r=R.parse(n)}catch(n){return null}return(Array.isArray(r.aud)?r.aud:[r.aud]).includes(this.providerAddress)?r:null}getSubject(){const e=this.getAuthData();return(e==null?void 0:e.sub)||null}isTokenExpired(){const e=this.getAuthData();return e?Date.now()/1e3>e.exp:!0}logout(){localStorage.removeItem(i+"access_token"),localStorage.removeItem(i+"id_token"),localStorage.removeItem(g),localStorage.removeItem(p),sessionStorage.removeItem(i+"code_verifier")}getRefreshToken(){return localStorage.getItem(g)}hasRefreshToken(){return!!this.getRefreshToken()}isAccessTokenExpired(){const e=localStorage.getItem(p);if(!e)return!0;const o=parseInt(e,10),s=Date.now(),r=300*1e3;return s>=o-r}refreshAccessToken(){return h(this,null,function*(){return u.refreshPromise||(u.refreshPromise=this.doRefreshAccessToken().finally(()=>{u.refreshPromise=null})),u.refreshPromise})}doRefreshAccessToken(){return h(this,null,function*(){const e=this.getRefreshToken();if(console.log("[AlienSsoClient] doRefreshAccessToken, hasRefreshToken:",!!e),!e)throw new Error("No refresh token available");const o=new URLSearchParams({grant_type:"refresh_token",refresh_token:e,client_id:this.providerAddress}),s=yield fetch(f(this.config.ssoBaseUrl,"/oauth/token"),{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:o.toString()});if(console.log("[AlienSsoClient] /oauth/token response status:",s.status),!s.ok){const c=yield s.json().catch(()=>({error:s.statusText}));throw console.log("[AlienSsoClient] /oauth/token error:",c),this.logout(),new Error(`Token refresh failed: ${c.error_description||c.error||s.statusText}`)}const r=yield s.json();console.log("[AlienSsoClient] /oauth/token json keys:",Object.keys(r));const a=m.parse(r);localStorage.setItem(i+"access_token",a.access_token),a.id_token&&localStorage.setItem(i+"id_token",a.id_token),localStorage.setItem(g,a.refresh_token);const n=Date.now()+a.expires_in*1e3;return localStorage.setItem(p,n.toString()),a})}withAutoRefresh(e,o=1){return h(this,null,function*(){var s,r,a;try{return yield e()}catch(n){if((((s=n==null?void 0:n.response)==null?void 0:s.status)===401||((r=n==null?void 0:n.message)==null?void 0:r.includes("401"))||((a=n==null?void 0:n.message)==null?void 0:a.includes("Unauthorized")))&&o>0&&this.hasRefreshToken())try{return yield this.refreshAccessToken(),yield e()}catch(l){throw n}throw n}})}};u.refreshPromise=null;let k=u;exports.AlienSsoClient=k;exports.AlienSsoClientSchema=b;exports.AuthorizeResponseSchema=y;exports.ExchangeCodeResponseSchema=E;exports.PollRequestSchema=T;exports.PollResponseSchema=z;exports.TokenInfoSchema=R;exports.TokenResponseSchema=m;exports.UserInfoResponseSchema=A;
|
package/dist/index.esm.js
CHANGED
|
@@ -20,10 +20,10 @@ const T = t.object({
|
|
|
20
20
|
deep_link: t.string(),
|
|
21
21
|
polling_code: t.string(),
|
|
22
22
|
expired_at: t.number()
|
|
23
|
-
}),
|
|
23
|
+
}), A = t.object({
|
|
24
24
|
polling_code: t.string()
|
|
25
|
-
}),
|
|
26
|
-
status:
|
|
25
|
+
}), b = ["pending", "authorized", "rejected", "expired"], R = t.enum(b), I = t.object({
|
|
26
|
+
status: R,
|
|
27
27
|
authorization_code: t.optional(t.string())
|
|
28
28
|
}), k = t.object({
|
|
29
29
|
access_token: t.string(),
|
|
@@ -32,9 +32,9 @@ const T = t.object({
|
|
|
32
32
|
id_token: t.optional(t.string()),
|
|
33
33
|
// Optional - not returned on refresh_token grant
|
|
34
34
|
refresh_token: t.string()
|
|
35
|
-
}), x = t.object({
|
|
36
|
-
sub: t.string()
|
|
37
35
|
}), j = t.object({
|
|
36
|
+
sub: t.string()
|
|
37
|
+
}), x = t.object({
|
|
38
38
|
iss: t.string(),
|
|
39
39
|
sub: t.string(),
|
|
40
40
|
aud: t.union([t.string(), t.array(t.string())]),
|
|
@@ -43,10 +43,10 @@ const T = t.object({
|
|
|
43
43
|
nonce: t.optional(t.string()),
|
|
44
44
|
auth_time: t.optional(t.number())
|
|
45
45
|
}), z = k;
|
|
46
|
-
function
|
|
46
|
+
function S(u) {
|
|
47
47
|
return btoa(u).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
|
|
48
48
|
}
|
|
49
|
-
function
|
|
49
|
+
function _(u) {
|
|
50
50
|
let e = u.replace(/-/g, "+").replace(/_/g, "/");
|
|
51
51
|
for (; e.length % 4; )
|
|
52
52
|
e += "=";
|
|
@@ -73,11 +73,11 @@ const E = "https://sso.alien.com", v = 5e3, i = "alien-sso_", g = i + "refresh_t
|
|
|
73
73
|
let s = "";
|
|
74
74
|
for (let a = 0; a < o.length; a++)
|
|
75
75
|
s += String.fromCharCode(o[a]);
|
|
76
|
-
return
|
|
76
|
+
return S(s);
|
|
77
77
|
}
|
|
78
78
|
generateCodeChallenge(e) {
|
|
79
79
|
const o = y.array(e), r = String.fromCharCode(...o);
|
|
80
|
-
return
|
|
80
|
+
return S(r);
|
|
81
81
|
}
|
|
82
82
|
/**
|
|
83
83
|
* Initiates OAuth2 authorization flow with response_mode=json for SPA
|
|
@@ -114,7 +114,7 @@ const E = "https://sso.alien.com", v = 5e3, i = "alien-sso_", g = i + "refresh_t
|
|
|
114
114
|
const o = {
|
|
115
115
|
polling_code: e
|
|
116
116
|
};
|
|
117
|
-
|
|
117
|
+
A.parse(o);
|
|
118
118
|
const r = yield fetch(f(this.config.ssoBaseUrl, "/oauth/poll"), {
|
|
119
119
|
method: "POST",
|
|
120
120
|
headers: {
|
|
@@ -125,7 +125,7 @@ const E = "https://sso.alien.com", v = 5e3, i = "alien-sso_", g = i + "refresh_t
|
|
|
125
125
|
if (!r.ok)
|
|
126
126
|
throw new Error(`Poll failed: ${r.statusText}`);
|
|
127
127
|
const s = yield r.json();
|
|
128
|
-
return
|
|
128
|
+
return I.parse(s);
|
|
129
129
|
});
|
|
130
130
|
}
|
|
131
131
|
/**
|
|
@@ -190,7 +190,7 @@ const E = "https://sso.alien.com", v = 5e3, i = "alien-sso_", g = i + "refresh_t
|
|
|
190
190
|
return null;
|
|
191
191
|
}
|
|
192
192
|
const r = yield o.json();
|
|
193
|
-
return
|
|
193
|
+
return j.parse(r);
|
|
194
194
|
}));
|
|
195
195
|
});
|
|
196
196
|
}
|
|
@@ -218,7 +218,7 @@ const E = "https://sso.alien.com", v = 5e3, i = "alien-sso_", g = i + "refresh_t
|
|
|
218
218
|
return null;
|
|
219
219
|
let r;
|
|
220
220
|
try {
|
|
221
|
-
const n =
|
|
221
|
+
const n = _(o[0]);
|
|
222
222
|
r = JSON.parse(n);
|
|
223
223
|
} catch (n) {
|
|
224
224
|
return null;
|
|
@@ -227,8 +227,8 @@ const E = "https://sso.alien.com", v = 5e3, i = "alien-sso_", g = i + "refresh_t
|
|
|
227
227
|
return null;
|
|
228
228
|
let s;
|
|
229
229
|
try {
|
|
230
|
-
const n = JSON.parse(
|
|
231
|
-
s =
|
|
230
|
+
const n = JSON.parse(_(o[1]));
|
|
231
|
+
s = x.parse(n);
|
|
232
232
|
} catch (n) {
|
|
233
233
|
return null;
|
|
234
234
|
}
|
|
@@ -293,7 +293,7 @@ const E = "https://sso.alien.com", v = 5e3, i = "alien-sso_", g = i + "refresh_t
|
|
|
293
293
|
doRefreshAccessToken() {
|
|
294
294
|
return h(this, null, function* () {
|
|
295
295
|
const e = this.getRefreshToken();
|
|
296
|
-
if (!e)
|
|
296
|
+
if (console.log("[AlienSsoClient] doRefreshAccessToken, hasRefreshToken:", !!e), !e)
|
|
297
297
|
throw new Error("No refresh token available");
|
|
298
298
|
const o = new URLSearchParams({
|
|
299
299
|
grant_type: "refresh_token",
|
|
@@ -309,11 +309,13 @@ const E = "https://sso.alien.com", v = 5e3, i = "alien-sso_", g = i + "refresh_t
|
|
|
309
309
|
body: o.toString()
|
|
310
310
|
}
|
|
311
311
|
);
|
|
312
|
-
if (!r.ok) {
|
|
312
|
+
if (console.log("[AlienSsoClient] /oauth/token response status:", r.status), !r.ok) {
|
|
313
313
|
const c = yield r.json().catch(() => ({ error: r.statusText }));
|
|
314
|
-
throw this.logout(), new Error(`Token refresh failed: ${c.error_description || c.error || r.statusText}`);
|
|
314
|
+
throw console.log("[AlienSsoClient] /oauth/token error:", c), this.logout(), new Error(`Token refresh failed: ${c.error_description || c.error || r.statusText}`);
|
|
315
315
|
}
|
|
316
|
-
const s = yield r.json()
|
|
316
|
+
const s = yield r.json();
|
|
317
|
+
console.log("[AlienSsoClient] /oauth/token json keys:", Object.keys(s));
|
|
318
|
+
const a = k.parse(s);
|
|
317
319
|
localStorage.setItem(i + "access_token", a.access_token), a.id_token && localStorage.setItem(i + "id_token", a.id_token), localStorage.setItem(g, a.refresh_token);
|
|
318
320
|
const n = Date.now() + a.expires_in * 1e3;
|
|
319
321
|
return localStorage.setItem(p, n.toString()), a;
|
|
@@ -341,15 +343,15 @@ const E = "https://sso.alien.com", v = 5e3, i = "alien-sso_", g = i + "refresh_t
|
|
|
341
343
|
}
|
|
342
344
|
};
|
|
343
345
|
d.refreshPromise = null;
|
|
344
|
-
let
|
|
346
|
+
let w = d;
|
|
345
347
|
export {
|
|
346
|
-
|
|
348
|
+
w as AlienSsoClient,
|
|
347
349
|
U as AlienSsoClientSchema,
|
|
348
350
|
T as AuthorizeResponseSchema,
|
|
349
351
|
z as ExchangeCodeResponseSchema,
|
|
350
|
-
|
|
351
|
-
|
|
352
|
-
|
|
352
|
+
A as PollRequestSchema,
|
|
353
|
+
I as PollResponseSchema,
|
|
354
|
+
x as TokenInfoSchema,
|
|
353
355
|
k as TokenResponseSchema,
|
|
354
|
-
|
|
356
|
+
j as UserInfoResponseSchema
|
|
355
357
|
};
|
package/dist/index.umd.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
(function(c,
|
|
1
|
+
(function(c,t){typeof exports=="object"&&typeof module!="undefined"?t(exports,require("zod/v4-mini"),require("js-sha256")):typeof define=="function"&&define.amd?define(["exports","zod/v4-mini","js-sha256"],t):(c=typeof globalThis!="undefined"?globalThis:c||self,t(c.AlienSsoCore={},c.Zod,c.jsSha256))})(this,(function(c,t,g){"use strict";var d=(c,t,g)=>new Promise((k,m)=>{var T=l=>{try{f(g.next(l))}catch(p){m(p)}},z=l=>{try{f(g.throw(l))}catch(p){m(p)}},f=l=>l.done?k(l.value):Promise.resolve(l.value).then(T,z);f((g=g.apply(c,t)).next())});const k=t.z.object({deep_link:t.z.string(),polling_code:t.z.string(),expired_at:t.z.number()}),m=t.z.object({polling_code:t.z.string()}),T=["pending","authorized","rejected","expired"],z=t.z.enum(T),f=t.z.object({status:z,authorization_code:t.z.optional(t.z.string())}),l=t.z.object({access_token:t.z.string(),token_type:t.z.string(),expires_in:t.z.number(),id_token:t.z.optional(t.z.string()),refresh_token:t.z.string()}),p=t.z.object({sub:t.z.string()}),b=t.z.object({iss:t.z.string(),sub:t.z.string(),aud:t.z.union([t.z.string(),t.z.array(t.z.string())]),exp:t.z.number(),iat:t.z.number(),nonce:t.z.optional(t.z.string()),auth_time:t.z.optional(t.z.number())}),C=l;function j(S){return btoa(S).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function I(S){let e=S.replace(/-/g,"+").replace(/_/g,"/");for(;e.length%4;)e+="=";return atob(e)}const P="https://sso.alien.com",x=5e3,i="alien-sso_",_=i+"refresh_token",w=i+"token_expiry",y=(S,e)=>new URL(e,S).toString(),E=t.z.object({ssoBaseUrl:t.z.url(),providerAddress:t.z.string(),pollingInterval:t.z.optional(t.z.number())}),u=class u{constructor(e){this.config=E.parse(e),this.ssoBaseUrl=this.config.ssoBaseUrl||P,this.providerAddress=this.config.providerAddress,this.pollingInterval=this.config.pollingInterval||x}generateCodeVerifier(e=128){let s;const o=typeof window!="undefined"&&window.crypto;if(o&&o.getRandomValues)s=new Uint8Array(e),o.getRandomValues(s);else{s=new Uint8Array(e);for(let a=0;a<e;a++)s[a]=Math.floor(Math.random()*256)}let r="";for(let a=0;a<s.length;a++)r+=String.fromCharCode(s[a]);return j(r)}generateCodeChallenge(e){const s=g.sha256.array(e),o=String.fromCharCode(...s);return j(o)}generateDeeplink(){return d(this,null,function*(){const e=this.generateCodeVerifier(),s=this.generateCodeChallenge(e);sessionStorage.setItem(i+"code_verifier",e);const o=new URLSearchParams({response_type:"code",response_mode:"json",client_id:this.providerAddress,scope:"openid",code_challenge:s,code_challenge_method:"S256"}),r=`${this.config.ssoBaseUrl}/oauth/authorize?${o.toString()}`,a=yield fetch(r,{method:"GET"});if(!a.ok){const h=yield a.json().catch(()=>({error:a.statusText}));throw new Error(`Authorize failed: ${h.error_description||h.error||a.statusText}`)}const n=yield a.json();return k.parse(n)})}pollAuth(e){return d(this,null,function*(){const s={polling_code:e};m.parse(s);const o=yield fetch(y(this.config.ssoBaseUrl,"/oauth/poll"),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(s)});if(!o.ok)throw new Error(`Poll failed: ${o.statusText}`);const r=yield o.json();return f.parse(r)})}exchangeToken(e){return d(this,null,function*(){const s=sessionStorage.getItem(i+"code_verifier");if(!s)throw new Error("Missing code verifier.");const o=new URLSearchParams({grant_type:"authorization_code",code:e,client_id:this.providerAddress,code_verifier:s}),r=yield fetch(y(this.config.ssoBaseUrl,"/oauth/token"),{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:o.toString()});if(!r.ok){const R=yield r.json().catch(()=>({error:r.statusText}));throw new Error(`Token exchange failed: ${R.error_description||R.error||r.statusText}`)}const a=yield r.json(),n=l.parse(a);localStorage.setItem(i+"access_token",n.access_token),n.id_token&&localStorage.setItem(i+"id_token",n.id_token),localStorage.setItem(_,n.refresh_token);const h=Date.now()+n.expires_in*1e3;return localStorage.setItem(w,h.toString()),sessionStorage.removeItem(i+"code_verifier"),n})}verifyAuth(){return d(this,null,function*(){return this.withAutoRefresh(()=>d(this,null,function*(){const e=this.getAccessToken();if(!e)return null;const s=yield fetch(y(this.config.ssoBaseUrl,"/oauth/userinfo"),{method:"GET",headers:{Authorization:`Bearer ${e}`}});if(!s.ok){if(s.status===401){const r=new Error("Unauthorized");throw r.response={status:401},r}return null}const o=yield s.json();return p.parse(o)}))})}getAccessToken(){return localStorage.getItem(i+"access_token")}getIdToken(){return localStorage.getItem(i+"id_token")}getAuthData(){const e=this.getIdToken()||this.getAccessToken();if(!e)return null;const s=e.split(".");if(s.length!==3)return null;let o;try{const n=I(s[0]);o=JSON.parse(n)}catch(n){return null}if(o.alg!=="RS256"||o.typ!=="JWT")return null;let r;try{const n=JSON.parse(I(s[1]));r=b.parse(n)}catch(n){return null}return(Array.isArray(r.aud)?r.aud:[r.aud]).includes(this.providerAddress)?r:null}getSubject(){const e=this.getAuthData();return(e==null?void 0:e.sub)||null}isTokenExpired(){const e=this.getAuthData();return e?Date.now()/1e3>e.exp:!0}logout(){localStorage.removeItem(i+"access_token"),localStorage.removeItem(i+"id_token"),localStorage.removeItem(_),localStorage.removeItem(w),sessionStorage.removeItem(i+"code_verifier")}getRefreshToken(){return localStorage.getItem(_)}hasRefreshToken(){return!!this.getRefreshToken()}isAccessTokenExpired(){const e=localStorage.getItem(w);if(!e)return!0;const s=parseInt(e,10),o=Date.now(),r=300*1e3;return o>=s-r}refreshAccessToken(){return d(this,null,function*(){return u.refreshPromise||(u.refreshPromise=this.doRefreshAccessToken().finally(()=>{u.refreshPromise=null})),u.refreshPromise})}doRefreshAccessToken(){return d(this,null,function*(){const e=this.getRefreshToken();if(console.log("[AlienSsoClient] doRefreshAccessToken, hasRefreshToken:",!!e),!e)throw new Error("No refresh token available");const s=new URLSearchParams({grant_type:"refresh_token",refresh_token:e,client_id:this.providerAddress}),o=yield fetch(y(this.config.ssoBaseUrl,"/oauth/token"),{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:s.toString()});if(console.log("[AlienSsoClient] /oauth/token response status:",o.status),!o.ok){const h=yield o.json().catch(()=>({error:o.statusText}));throw console.log("[AlienSsoClient] /oauth/token error:",h),this.logout(),new Error(`Token refresh failed: ${h.error_description||h.error||o.statusText}`)}const r=yield o.json();console.log("[AlienSsoClient] /oauth/token json keys:",Object.keys(r));const a=l.parse(r);localStorage.setItem(i+"access_token",a.access_token),a.id_token&&localStorage.setItem(i+"id_token",a.id_token),localStorage.setItem(_,a.refresh_token);const n=Date.now()+a.expires_in*1e3;return localStorage.setItem(w,n.toString()),a})}withAutoRefresh(e,s=1){return d(this,null,function*(){var o,r,a;try{return yield e()}catch(n){if((((o=n==null?void 0:n.response)==null?void 0:o.status)===401||((r=n==null?void 0:n.message)==null?void 0:r.includes("401"))||((a=n==null?void 0:n.message)==null?void 0:a.includes("Unauthorized")))&&s>0&&this.hasRefreshToken())try{return yield this.refreshAccessToken(),yield e()}catch(R){throw n}throw n}})}};u.refreshPromise=null;let A=u;c.AlienSsoClient=A,c.AlienSsoClientSchema=E,c.AuthorizeResponseSchema=k,c.ExchangeCodeResponseSchema=C,c.PollRequestSchema=m,c.PollResponseSchema=f,c.TokenInfoSchema=b,c.TokenResponseSchema=l,c.UserInfoResponseSchema=p,Object.defineProperty(c,Symbol.toStringTag,{value:"Module"})}));
|