@arkitektbedriftene/fe-lib 0.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.github/workflows/auto-publish.yaml +20 -0
- package/.github/workflows/publish.yaml +21 -0
- package/.github/workflows/tag-versions.yaml +16 -0
- package/README.md +23 -0
- package/dist/hooks.cjs.js +1 -0
- package/dist/hooks.d.ts +1 -0
- package/dist/hooks.es.js +5 -0
- package/dist/index.cjs.js +1 -0
- package/dist/index.d.ts +1 -0
- package/dist/index.es.js +4 -0
- package/dist/lib/hooks/hooks.d.ts +2 -0
- package/dist/lib/index.d.ts +1 -0
- package/dist/lib/oidc/impersonate.d.ts +30 -0
- package/dist/lib/oidc/oidc.d.ts +29 -0
- package/dist/oidc.cjs.js +27 -0
- package/dist/oidc.d.ts +1 -0
- package/dist/oidc.es.js +3431 -0
- package/dist/useLocalStorageState-b4fb2a60.js +100 -0
- package/dist/useLocalStorageState-f72b4add.cjs +1 -0
- package/index.html +13 -0
- package/package.json +64 -0
- package/src/App.css +42 -0
- package/src/App.tsx +35 -0
- package/src/assets/react.svg +1 -0
- package/src/index.css +69 -0
- package/src/lib/hooks/hooks.ts +3 -0
- package/src/lib/index.ts +1 -0
- package/src/lib/oidc/README.md +28 -0
- package/src/lib/oidc/impersonate.tsx +102 -0
- package/src/lib/oidc/oidc.tsx +248 -0
- package/src/main.tsx +10 -0
- package/src/vite-env.d.ts +1 -0
- package/tsconfig.json +21 -0
- package/tsconfig.node.json +9 -0
- package/vite.config.ts +33 -0
package/dist/oidc.es.js
ADDED
|
@@ -0,0 +1,3431 @@
|
|
|
1
|
+
import dt, { createContext as ht, useContext as gt, useMemo as ft, useEffect as pe, useState as Gt, useRef as _t, useCallback as it } from "react";
|
|
2
|
+
import { u as Xt } from "./useLocalStorageState-b4fb2a60.js";
|
|
3
|
+
var Q = typeof globalThis < "u" ? globalThis : typeof window < "u" ? window : typeof global < "u" ? global : typeof self < "u" ? self : {};
|
|
4
|
+
function Qt(e) {
|
|
5
|
+
if (e.__esModule)
|
|
6
|
+
return e;
|
|
7
|
+
var t = e.default;
|
|
8
|
+
if (typeof t == "function") {
|
|
9
|
+
var r = function s() {
|
|
10
|
+
if (this instanceof s) {
|
|
11
|
+
var n = [null];
|
|
12
|
+
n.push.apply(n, arguments);
|
|
13
|
+
var o = Function.bind.apply(t, n);
|
|
14
|
+
return new o();
|
|
15
|
+
}
|
|
16
|
+
return t.apply(this, arguments);
|
|
17
|
+
};
|
|
18
|
+
r.prototype = t.prototype;
|
|
19
|
+
} else
|
|
20
|
+
r = {};
|
|
21
|
+
return Object.defineProperty(r, "__esModule", { value: !0 }), Object.keys(e).forEach(function(s) {
|
|
22
|
+
var n = Object.getOwnPropertyDescriptor(e, s);
|
|
23
|
+
Object.defineProperty(r, s, n.get ? n : {
|
|
24
|
+
enumerable: !0,
|
|
25
|
+
get: function() {
|
|
26
|
+
return e[s];
|
|
27
|
+
}
|
|
28
|
+
});
|
|
29
|
+
}), r;
|
|
30
|
+
}
|
|
31
|
+
var ce = {}, Zt = {
|
|
32
|
+
get exports() {
|
|
33
|
+
return ce;
|
|
34
|
+
},
|
|
35
|
+
set exports(e) {
|
|
36
|
+
ce = e;
|
|
37
|
+
}
|
|
38
|
+
}, oe = {};
|
|
39
|
+
/**
|
|
40
|
+
* @license React
|
|
41
|
+
* react-jsx-runtime.production.min.js
|
|
42
|
+
*
|
|
43
|
+
* Copyright (c) Facebook, Inc. and its affiliates.
|
|
44
|
+
*
|
|
45
|
+
* This source code is licensed under the MIT license found in the
|
|
46
|
+
* LICENSE file in the root directory of this source tree.
|
|
47
|
+
*/
|
|
48
|
+
var nt;
|
|
49
|
+
function er() {
|
|
50
|
+
if (nt)
|
|
51
|
+
return oe;
|
|
52
|
+
nt = 1;
|
|
53
|
+
var e = dt, t = Symbol.for("react.element"), r = Symbol.for("react.fragment"), s = Object.prototype.hasOwnProperty, n = e.__SECRET_INTERNALS_DO_NOT_USE_OR_YOU_WILL_BE_FIRED.ReactCurrentOwner, o = { key: !0, ref: !0, __self: !0, __source: !0 };
|
|
54
|
+
function a(d, l, h) {
|
|
55
|
+
var p, _ = {}, y = null, w = null;
|
|
56
|
+
h !== void 0 && (y = "" + h), l.key !== void 0 && (y = "" + l.key), l.ref !== void 0 && (w = l.ref);
|
|
57
|
+
for (p in l)
|
|
58
|
+
s.call(l, p) && !o.hasOwnProperty(p) && (_[p] = l[p]);
|
|
59
|
+
if (d && d.defaultProps)
|
|
60
|
+
for (p in l = d.defaultProps, l)
|
|
61
|
+
_[p] === void 0 && (_[p] = l[p]);
|
|
62
|
+
return { $$typeof: t, type: d, key: y, ref: w, props: _, _owner: n.current };
|
|
63
|
+
}
|
|
64
|
+
return oe.Fragment = r, oe.jsx = a, oe.jsxs = a, oe;
|
|
65
|
+
}
|
|
66
|
+
var ae = {};
|
|
67
|
+
/**
|
|
68
|
+
* @license React
|
|
69
|
+
* react-jsx-runtime.development.js
|
|
70
|
+
*
|
|
71
|
+
* Copyright (c) Facebook, Inc. and its affiliates.
|
|
72
|
+
*
|
|
73
|
+
* This source code is licensed under the MIT license found in the
|
|
74
|
+
* LICENSE file in the root directory of this source tree.
|
|
75
|
+
*/
|
|
76
|
+
var ot;
|
|
77
|
+
function tr() {
|
|
78
|
+
return ot || (ot = 1, process.env.NODE_ENV !== "production" && function() {
|
|
79
|
+
var e = dt, t = Symbol.for("react.element"), r = Symbol.for("react.portal"), s = Symbol.for("react.fragment"), n = Symbol.for("react.strict_mode"), o = Symbol.for("react.profiler"), a = Symbol.for("react.provider"), d = Symbol.for("react.context"), l = Symbol.for("react.forward_ref"), h = Symbol.for("react.suspense"), p = Symbol.for("react.suspense_list"), _ = Symbol.for("react.memo"), y = Symbol.for("react.lazy"), w = Symbol.for("react.offscreen"), I = Symbol.iterator, v = "@@iterator";
|
|
80
|
+
function R(i) {
|
|
81
|
+
if (i === null || typeof i != "object")
|
|
82
|
+
return null;
|
|
83
|
+
var u = I && i[I] || i[v];
|
|
84
|
+
return typeof u == "function" ? u : null;
|
|
85
|
+
}
|
|
86
|
+
var k = e.__SECRET_INTERNALS_DO_NOT_USE_OR_YOU_WILL_BE_FIRED;
|
|
87
|
+
function c(i) {
|
|
88
|
+
{
|
|
89
|
+
for (var u = arguments.length, f = new Array(u > 1 ? u - 1 : 0), S = 1; S < u; S++)
|
|
90
|
+
f[S - 1] = arguments[S];
|
|
91
|
+
g("error", i, f);
|
|
92
|
+
}
|
|
93
|
+
}
|
|
94
|
+
function g(i, u, f) {
|
|
95
|
+
{
|
|
96
|
+
var S = k.ReactDebugCurrentFrame, C = S.getStackAddendum();
|
|
97
|
+
C !== "" && (u += "%s", f = f.concat([C]));
|
|
98
|
+
var U = f.map(function(x) {
|
|
99
|
+
return String(x);
|
|
100
|
+
});
|
|
101
|
+
U.unshift("Warning: " + u), Function.prototype.apply.call(console[i], console, U);
|
|
102
|
+
}
|
|
103
|
+
}
|
|
104
|
+
var m = !1, E = !1, P = !1, O = !1, A = !1, j;
|
|
105
|
+
j = Symbol.for("react.module.reference");
|
|
106
|
+
function B(i) {
|
|
107
|
+
return !!(typeof i == "string" || typeof i == "function" || i === s || i === o || A || i === n || i === h || i === p || O || i === w || m || E || P || typeof i == "object" && i !== null && (i.$$typeof === y || i.$$typeof === _ || i.$$typeof === a || i.$$typeof === d || i.$$typeof === l || // This needs to include all possible module reference object
|
|
108
|
+
// types supported by any Flight configuration anywhere since
|
|
109
|
+
// we don't know which Flight build this will end up being used
|
|
110
|
+
// with.
|
|
111
|
+
i.$$typeof === j || i.getModuleId !== void 0));
|
|
112
|
+
}
|
|
113
|
+
function F(i, u, f) {
|
|
114
|
+
var S = i.displayName;
|
|
115
|
+
if (S)
|
|
116
|
+
return S;
|
|
117
|
+
var C = u.displayName || u.name || "";
|
|
118
|
+
return C !== "" ? f + "(" + C + ")" : f;
|
|
119
|
+
}
|
|
120
|
+
function L(i) {
|
|
121
|
+
return i.displayName || "Context";
|
|
122
|
+
}
|
|
123
|
+
function W(i) {
|
|
124
|
+
if (i == null)
|
|
125
|
+
return null;
|
|
126
|
+
if (typeof i.tag == "number" && c("Received an unexpected object in getComponentNameFromType(). This is likely a bug in React. Please file an issue."), typeof i == "function")
|
|
127
|
+
return i.displayName || i.name || null;
|
|
128
|
+
if (typeof i == "string")
|
|
129
|
+
return i;
|
|
130
|
+
switch (i) {
|
|
131
|
+
case s:
|
|
132
|
+
return "Fragment";
|
|
133
|
+
case r:
|
|
134
|
+
return "Portal";
|
|
135
|
+
case o:
|
|
136
|
+
return "Profiler";
|
|
137
|
+
case n:
|
|
138
|
+
return "StrictMode";
|
|
139
|
+
case h:
|
|
140
|
+
return "Suspense";
|
|
141
|
+
case p:
|
|
142
|
+
return "SuspenseList";
|
|
143
|
+
}
|
|
144
|
+
if (typeof i == "object")
|
|
145
|
+
switch (i.$$typeof) {
|
|
146
|
+
case d:
|
|
147
|
+
var u = i;
|
|
148
|
+
return L(u) + ".Consumer";
|
|
149
|
+
case a:
|
|
150
|
+
var f = i;
|
|
151
|
+
return L(f._context) + ".Provider";
|
|
152
|
+
case l:
|
|
153
|
+
return F(i, i.render, "ForwardRef");
|
|
154
|
+
case _:
|
|
155
|
+
var S = i.displayName || null;
|
|
156
|
+
return S !== null ? S : W(i.type) || "Memo";
|
|
157
|
+
case y: {
|
|
158
|
+
var C = i, U = C._payload, x = C._init;
|
|
159
|
+
try {
|
|
160
|
+
return W(x(U));
|
|
161
|
+
} catch {
|
|
162
|
+
return null;
|
|
163
|
+
}
|
|
164
|
+
}
|
|
165
|
+
}
|
|
166
|
+
return null;
|
|
167
|
+
}
|
|
168
|
+
var $ = Object.assign, V = 0, ee, X, le, Fe, De, He, Be;
|
|
169
|
+
function $e() {
|
|
170
|
+
}
|
|
171
|
+
$e.__reactDisabledLog = !0;
|
|
172
|
+
function Rt() {
|
|
173
|
+
{
|
|
174
|
+
if (V === 0) {
|
|
175
|
+
ee = console.log, X = console.info, le = console.warn, Fe = console.error, De = console.group, He = console.groupCollapsed, Be = console.groupEnd;
|
|
176
|
+
var i = {
|
|
177
|
+
configurable: !0,
|
|
178
|
+
enumerable: !0,
|
|
179
|
+
value: $e,
|
|
180
|
+
writable: !0
|
|
181
|
+
};
|
|
182
|
+
Object.defineProperties(console, {
|
|
183
|
+
info: i,
|
|
184
|
+
log: i,
|
|
185
|
+
warn: i,
|
|
186
|
+
error: i,
|
|
187
|
+
group: i,
|
|
188
|
+
groupCollapsed: i,
|
|
189
|
+
groupEnd: i
|
|
190
|
+
});
|
|
191
|
+
}
|
|
192
|
+
V++;
|
|
193
|
+
}
|
|
194
|
+
}
|
|
195
|
+
function Tt() {
|
|
196
|
+
{
|
|
197
|
+
if (V--, V === 0) {
|
|
198
|
+
var i = {
|
|
199
|
+
configurable: !0,
|
|
200
|
+
enumerable: !0,
|
|
201
|
+
writable: !0
|
|
202
|
+
};
|
|
203
|
+
Object.defineProperties(console, {
|
|
204
|
+
log: $({}, i, {
|
|
205
|
+
value: ee
|
|
206
|
+
}),
|
|
207
|
+
info: $({}, i, {
|
|
208
|
+
value: X
|
|
209
|
+
}),
|
|
210
|
+
warn: $({}, i, {
|
|
211
|
+
value: le
|
|
212
|
+
}),
|
|
213
|
+
error: $({}, i, {
|
|
214
|
+
value: Fe
|
|
215
|
+
}),
|
|
216
|
+
group: $({}, i, {
|
|
217
|
+
value: De
|
|
218
|
+
}),
|
|
219
|
+
groupCollapsed: $({}, i, {
|
|
220
|
+
value: He
|
|
221
|
+
}),
|
|
222
|
+
groupEnd: $({}, i, {
|
|
223
|
+
value: Be
|
|
224
|
+
})
|
|
225
|
+
});
|
|
226
|
+
}
|
|
227
|
+
V < 0 && c("disabledDepth fell below zero. This is a bug in React. Please file an issue.");
|
|
228
|
+
}
|
|
229
|
+
}
|
|
230
|
+
var Se = k.ReactCurrentDispatcher, ye;
|
|
231
|
+
function ue(i, u, f) {
|
|
232
|
+
{
|
|
233
|
+
if (ye === void 0)
|
|
234
|
+
try {
|
|
235
|
+
throw Error();
|
|
236
|
+
} catch (C) {
|
|
237
|
+
var S = C.stack.trim().match(/\n( *(at )?)/);
|
|
238
|
+
ye = S && S[1] || "";
|
|
239
|
+
}
|
|
240
|
+
return `
|
|
241
|
+
` + ye + i;
|
|
242
|
+
}
|
|
243
|
+
}
|
|
244
|
+
var be = !1, de;
|
|
245
|
+
{
|
|
246
|
+
var xt = typeof WeakMap == "function" ? WeakMap : Map;
|
|
247
|
+
de = new xt();
|
|
248
|
+
}
|
|
249
|
+
function Le(i, u) {
|
|
250
|
+
if (!i || be)
|
|
251
|
+
return "";
|
|
252
|
+
{
|
|
253
|
+
var f = de.get(i);
|
|
254
|
+
if (f !== void 0)
|
|
255
|
+
return f;
|
|
256
|
+
}
|
|
257
|
+
var S;
|
|
258
|
+
be = !0;
|
|
259
|
+
var C = Error.prepareStackTrace;
|
|
260
|
+
Error.prepareStackTrace = void 0;
|
|
261
|
+
var U;
|
|
262
|
+
U = Se.current, Se.current = null, Rt();
|
|
263
|
+
try {
|
|
264
|
+
if (u) {
|
|
265
|
+
var x = function() {
|
|
266
|
+
throw Error();
|
|
267
|
+
};
|
|
268
|
+
if (Object.defineProperty(x.prototype, "props", {
|
|
269
|
+
set: function() {
|
|
270
|
+
throw Error();
|
|
271
|
+
}
|
|
272
|
+
}), typeof Reflect == "object" && Reflect.construct) {
|
|
273
|
+
try {
|
|
274
|
+
Reflect.construct(x, []);
|
|
275
|
+
} catch (Y) {
|
|
276
|
+
S = Y;
|
|
277
|
+
}
|
|
278
|
+
Reflect.construct(i, [], x);
|
|
279
|
+
} else {
|
|
280
|
+
try {
|
|
281
|
+
x.call();
|
|
282
|
+
} catch (Y) {
|
|
283
|
+
S = Y;
|
|
284
|
+
}
|
|
285
|
+
i.call(x.prototype);
|
|
286
|
+
}
|
|
287
|
+
} else {
|
|
288
|
+
try {
|
|
289
|
+
throw Error();
|
|
290
|
+
} catch (Y) {
|
|
291
|
+
S = Y;
|
|
292
|
+
}
|
|
293
|
+
i();
|
|
294
|
+
}
|
|
295
|
+
} catch (Y) {
|
|
296
|
+
if (Y && S && typeof Y.stack == "string") {
|
|
297
|
+
for (var T = Y.stack.split(`
|
|
298
|
+
`), M = S.stack.split(`
|
|
299
|
+
`), N = T.length - 1, q = M.length - 1; N >= 1 && q >= 0 && T[N] !== M[q]; )
|
|
300
|
+
q--;
|
|
301
|
+
for (; N >= 1 && q >= 0; N--, q--)
|
|
302
|
+
if (T[N] !== M[q]) {
|
|
303
|
+
if (N !== 1 || q !== 1)
|
|
304
|
+
do
|
|
305
|
+
if (N--, q--, q < 0 || T[N] !== M[q]) {
|
|
306
|
+
var D = `
|
|
307
|
+
` + T[N].replace(" at new ", " at ");
|
|
308
|
+
return i.displayName && D.includes("<anonymous>") && (D = D.replace("<anonymous>", i.displayName)), typeof i == "function" && de.set(i, D), D;
|
|
309
|
+
}
|
|
310
|
+
while (N >= 1 && q >= 0);
|
|
311
|
+
break;
|
|
312
|
+
}
|
|
313
|
+
}
|
|
314
|
+
} finally {
|
|
315
|
+
be = !1, Se.current = U, Tt(), Error.prepareStackTrace = C;
|
|
316
|
+
}
|
|
317
|
+
var re = i ? i.displayName || i.name : "", st = re ? ue(re) : "";
|
|
318
|
+
return typeof i == "function" && de.set(i, st), st;
|
|
319
|
+
}
|
|
320
|
+
function Ct(i, u, f) {
|
|
321
|
+
return Le(i, !1);
|
|
322
|
+
}
|
|
323
|
+
function It(i) {
|
|
324
|
+
var u = i.prototype;
|
|
325
|
+
return !!(u && u.isReactComponent);
|
|
326
|
+
}
|
|
327
|
+
function he(i, u, f) {
|
|
328
|
+
if (i == null)
|
|
329
|
+
return "";
|
|
330
|
+
if (typeof i == "function")
|
|
331
|
+
return Le(i, It(i));
|
|
332
|
+
if (typeof i == "string")
|
|
333
|
+
return ue(i);
|
|
334
|
+
switch (i) {
|
|
335
|
+
case h:
|
|
336
|
+
return ue("Suspense");
|
|
337
|
+
case p:
|
|
338
|
+
return ue("SuspenseList");
|
|
339
|
+
}
|
|
340
|
+
if (typeof i == "object")
|
|
341
|
+
switch (i.$$typeof) {
|
|
342
|
+
case l:
|
|
343
|
+
return Ct(i.render);
|
|
344
|
+
case _:
|
|
345
|
+
return he(i.type, u, f);
|
|
346
|
+
case y: {
|
|
347
|
+
var S = i, C = S._payload, U = S._init;
|
|
348
|
+
try {
|
|
349
|
+
return he(U(C), u, f);
|
|
350
|
+
} catch {
|
|
351
|
+
}
|
|
352
|
+
}
|
|
353
|
+
}
|
|
354
|
+
return "";
|
|
355
|
+
}
|
|
356
|
+
var ge = Object.prototype.hasOwnProperty, ze = {}, Je = k.ReactDebugCurrentFrame;
|
|
357
|
+
function fe(i) {
|
|
358
|
+
if (i) {
|
|
359
|
+
var u = i._owner, f = he(i.type, i._source, u ? u.type : null);
|
|
360
|
+
Je.setExtraStackFrame(f);
|
|
361
|
+
} else
|
|
362
|
+
Je.setExtraStackFrame(null);
|
|
363
|
+
}
|
|
364
|
+
function Pt(i, u, f, S, C) {
|
|
365
|
+
{
|
|
366
|
+
var U = Function.call.bind(ge);
|
|
367
|
+
for (var x in i)
|
|
368
|
+
if (U(i, x)) {
|
|
369
|
+
var T = void 0;
|
|
370
|
+
try {
|
|
371
|
+
if (typeof i[x] != "function") {
|
|
372
|
+
var M = Error((S || "React class") + ": " + f + " type `" + x + "` is invalid; it must be a function, usually from the `prop-types` package, but received `" + typeof i[x] + "`.This often happens because of typos such as `PropTypes.function` instead of `PropTypes.func`.");
|
|
373
|
+
throw M.name = "Invariant Violation", M;
|
|
374
|
+
}
|
|
375
|
+
T = i[x](u, x, S, f, null, "SECRET_DO_NOT_PASS_THIS_OR_YOU_WILL_BE_FIRED");
|
|
376
|
+
} catch (N) {
|
|
377
|
+
T = N;
|
|
378
|
+
}
|
|
379
|
+
T && !(T instanceof Error) && (fe(C), c("%s: type specification of %s `%s` is invalid; the type checker function must return `null` or an `Error` but returned a %s. You may have forgotten to pass an argument to the type checker creator (arrayOf, instanceOf, objectOf, oneOf, oneOfType, and shape all require an argument).", S || "React class", f, x, typeof T), fe(null)), T instanceof Error && !(T.message in ze) && (ze[T.message] = !0, fe(C), c("Failed %s type: %s", f, T.message), fe(null));
|
|
380
|
+
}
|
|
381
|
+
}
|
|
382
|
+
}
|
|
383
|
+
var Ot = Array.isArray;
|
|
384
|
+
function ke(i) {
|
|
385
|
+
return Ot(i);
|
|
386
|
+
}
|
|
387
|
+
function Ut(i) {
|
|
388
|
+
{
|
|
389
|
+
var u = typeof Symbol == "function" && Symbol.toStringTag, f = u && i[Symbol.toStringTag] || i.constructor.name || "Object";
|
|
390
|
+
return f;
|
|
391
|
+
}
|
|
392
|
+
}
|
|
393
|
+
function At(i) {
|
|
394
|
+
try {
|
|
395
|
+
return Ke(i), !1;
|
|
396
|
+
} catch {
|
|
397
|
+
return !0;
|
|
398
|
+
}
|
|
399
|
+
}
|
|
400
|
+
function Ke(i) {
|
|
401
|
+
return "" + i;
|
|
402
|
+
}
|
|
403
|
+
function Ve(i) {
|
|
404
|
+
if (At(i))
|
|
405
|
+
return c("The provided key is an unsupported type %s. This value must be coerced to a string before before using it here.", Ut(i)), Ke(i);
|
|
406
|
+
}
|
|
407
|
+
var ne = k.ReactCurrentOwner, jt = {
|
|
408
|
+
key: !0,
|
|
409
|
+
ref: !0,
|
|
410
|
+
__self: !0,
|
|
411
|
+
__source: !0
|
|
412
|
+
}, Ye, Ge, Ee;
|
|
413
|
+
Ee = {};
|
|
414
|
+
function Nt(i) {
|
|
415
|
+
if (ge.call(i, "ref")) {
|
|
416
|
+
var u = Object.getOwnPropertyDescriptor(i, "ref").get;
|
|
417
|
+
if (u && u.isReactWarning)
|
|
418
|
+
return !1;
|
|
419
|
+
}
|
|
420
|
+
return i.ref !== void 0;
|
|
421
|
+
}
|
|
422
|
+
function qt(i) {
|
|
423
|
+
if (ge.call(i, "key")) {
|
|
424
|
+
var u = Object.getOwnPropertyDescriptor(i, "key").get;
|
|
425
|
+
if (u && u.isReactWarning)
|
|
426
|
+
return !1;
|
|
427
|
+
}
|
|
428
|
+
return i.key !== void 0;
|
|
429
|
+
}
|
|
430
|
+
function Wt(i, u) {
|
|
431
|
+
if (typeof i.ref == "string" && ne.current && u && ne.current.stateNode !== u) {
|
|
432
|
+
var f = W(ne.current.type);
|
|
433
|
+
Ee[f] || (c('Component "%s" contains the string ref "%s". Support for string refs will be removed in a future major release. This case cannot be automatically converted to an arrow function. We ask you to manually fix this case by using useRef() or createRef() instead. Learn more about using refs safely here: https://reactjs.org/link/strict-mode-string-ref', W(ne.current.type), i.ref), Ee[f] = !0);
|
|
434
|
+
}
|
|
435
|
+
}
|
|
436
|
+
function Mt(i, u) {
|
|
437
|
+
{
|
|
438
|
+
var f = function() {
|
|
439
|
+
Ye || (Ye = !0, c("%s: `key` is not a prop. Trying to access it will result in `undefined` being returned. If you need to access the same value within the child component, you should pass it as a different prop. (https://reactjs.org/link/special-props)", u));
|
|
440
|
+
};
|
|
441
|
+
f.isReactWarning = !0, Object.defineProperty(i, "key", {
|
|
442
|
+
get: f,
|
|
443
|
+
configurable: !0
|
|
444
|
+
});
|
|
445
|
+
}
|
|
446
|
+
}
|
|
447
|
+
function Ft(i, u) {
|
|
448
|
+
{
|
|
449
|
+
var f = function() {
|
|
450
|
+
Ge || (Ge = !0, c("%s: `ref` is not a prop. Trying to access it will result in `undefined` being returned. If you need to access the same value within the child component, you should pass it as a different prop. (https://reactjs.org/link/special-props)", u));
|
|
451
|
+
};
|
|
452
|
+
f.isReactWarning = !0, Object.defineProperty(i, "ref", {
|
|
453
|
+
get: f,
|
|
454
|
+
configurable: !0
|
|
455
|
+
});
|
|
456
|
+
}
|
|
457
|
+
}
|
|
458
|
+
var Dt = function(i, u, f, S, C, U, x) {
|
|
459
|
+
var T = {
|
|
460
|
+
// This tag allows us to uniquely identify this as a React Element
|
|
461
|
+
$$typeof: t,
|
|
462
|
+
// Built-in properties that belong on the element
|
|
463
|
+
type: i,
|
|
464
|
+
key: u,
|
|
465
|
+
ref: f,
|
|
466
|
+
props: x,
|
|
467
|
+
// Record the component responsible for creating this element.
|
|
468
|
+
_owner: U
|
|
469
|
+
};
|
|
470
|
+
return T._store = {}, Object.defineProperty(T._store, "validated", {
|
|
471
|
+
configurable: !1,
|
|
472
|
+
enumerable: !1,
|
|
473
|
+
writable: !0,
|
|
474
|
+
value: !1
|
|
475
|
+
}), Object.defineProperty(T, "_self", {
|
|
476
|
+
configurable: !1,
|
|
477
|
+
enumerable: !1,
|
|
478
|
+
writable: !1,
|
|
479
|
+
value: S
|
|
480
|
+
}), Object.defineProperty(T, "_source", {
|
|
481
|
+
configurable: !1,
|
|
482
|
+
enumerable: !1,
|
|
483
|
+
writable: !1,
|
|
484
|
+
value: C
|
|
485
|
+
}), Object.freeze && (Object.freeze(T.props), Object.freeze(T)), T;
|
|
486
|
+
};
|
|
487
|
+
function Ht(i, u, f, S, C) {
|
|
488
|
+
{
|
|
489
|
+
var U, x = {}, T = null, M = null;
|
|
490
|
+
f !== void 0 && (Ve(f), T = "" + f), qt(u) && (Ve(u.key), T = "" + u.key), Nt(u) && (M = u.ref, Wt(u, C));
|
|
491
|
+
for (U in u)
|
|
492
|
+
ge.call(u, U) && !jt.hasOwnProperty(U) && (x[U] = u[U]);
|
|
493
|
+
if (i && i.defaultProps) {
|
|
494
|
+
var N = i.defaultProps;
|
|
495
|
+
for (U in N)
|
|
496
|
+
x[U] === void 0 && (x[U] = N[U]);
|
|
497
|
+
}
|
|
498
|
+
if (T || M) {
|
|
499
|
+
var q = typeof i == "function" ? i.displayName || i.name || "Unknown" : i;
|
|
500
|
+
T && Mt(x, q), M && Ft(x, q);
|
|
501
|
+
}
|
|
502
|
+
return Dt(i, T, M, C, S, ne.current, x);
|
|
503
|
+
}
|
|
504
|
+
}
|
|
505
|
+
var Re = k.ReactCurrentOwner, Xe = k.ReactDebugCurrentFrame;
|
|
506
|
+
function te(i) {
|
|
507
|
+
if (i) {
|
|
508
|
+
var u = i._owner, f = he(i.type, i._source, u ? u.type : null);
|
|
509
|
+
Xe.setExtraStackFrame(f);
|
|
510
|
+
} else
|
|
511
|
+
Xe.setExtraStackFrame(null);
|
|
512
|
+
}
|
|
513
|
+
var Te;
|
|
514
|
+
Te = !1;
|
|
515
|
+
function xe(i) {
|
|
516
|
+
return typeof i == "object" && i !== null && i.$$typeof === t;
|
|
517
|
+
}
|
|
518
|
+
function Qe() {
|
|
519
|
+
{
|
|
520
|
+
if (Re.current) {
|
|
521
|
+
var i = W(Re.current.type);
|
|
522
|
+
if (i)
|
|
523
|
+
return `
|
|
524
|
+
|
|
525
|
+
Check the render method of \`` + i + "`.";
|
|
526
|
+
}
|
|
527
|
+
return "";
|
|
528
|
+
}
|
|
529
|
+
}
|
|
530
|
+
function Bt(i) {
|
|
531
|
+
{
|
|
532
|
+
if (i !== void 0) {
|
|
533
|
+
var u = i.fileName.replace(/^.*[\\\/]/, ""), f = i.lineNumber;
|
|
534
|
+
return `
|
|
535
|
+
|
|
536
|
+
Check your code at ` + u + ":" + f + ".";
|
|
537
|
+
}
|
|
538
|
+
return "";
|
|
539
|
+
}
|
|
540
|
+
}
|
|
541
|
+
var Ze = {};
|
|
542
|
+
function $t(i) {
|
|
543
|
+
{
|
|
544
|
+
var u = Qe();
|
|
545
|
+
if (!u) {
|
|
546
|
+
var f = typeof i == "string" ? i : i.displayName || i.name;
|
|
547
|
+
f && (u = `
|
|
548
|
+
|
|
549
|
+
Check the top-level render call using <` + f + ">.");
|
|
550
|
+
}
|
|
551
|
+
return u;
|
|
552
|
+
}
|
|
553
|
+
}
|
|
554
|
+
function et(i, u) {
|
|
555
|
+
{
|
|
556
|
+
if (!i._store || i._store.validated || i.key != null)
|
|
557
|
+
return;
|
|
558
|
+
i._store.validated = !0;
|
|
559
|
+
var f = $t(u);
|
|
560
|
+
if (Ze[f])
|
|
561
|
+
return;
|
|
562
|
+
Ze[f] = !0;
|
|
563
|
+
var S = "";
|
|
564
|
+
i && i._owner && i._owner !== Re.current && (S = " It was passed a child from " + W(i._owner.type) + "."), te(i), c('Each child in a list should have a unique "key" prop.%s%s See https://reactjs.org/link/warning-keys for more information.', f, S), te(null);
|
|
565
|
+
}
|
|
566
|
+
}
|
|
567
|
+
function tt(i, u) {
|
|
568
|
+
{
|
|
569
|
+
if (typeof i != "object")
|
|
570
|
+
return;
|
|
571
|
+
if (ke(i))
|
|
572
|
+
for (var f = 0; f < i.length; f++) {
|
|
573
|
+
var S = i[f];
|
|
574
|
+
xe(S) && et(S, u);
|
|
575
|
+
}
|
|
576
|
+
else if (xe(i))
|
|
577
|
+
i._store && (i._store.validated = !0);
|
|
578
|
+
else if (i) {
|
|
579
|
+
var C = R(i);
|
|
580
|
+
if (typeof C == "function" && C !== i.entries)
|
|
581
|
+
for (var U = C.call(i), x; !(x = U.next()).done; )
|
|
582
|
+
xe(x.value) && et(x.value, u);
|
|
583
|
+
}
|
|
584
|
+
}
|
|
585
|
+
}
|
|
586
|
+
function Lt(i) {
|
|
587
|
+
{
|
|
588
|
+
var u = i.type;
|
|
589
|
+
if (u == null || typeof u == "string")
|
|
590
|
+
return;
|
|
591
|
+
var f;
|
|
592
|
+
if (typeof u == "function")
|
|
593
|
+
f = u.propTypes;
|
|
594
|
+
else if (typeof u == "object" && (u.$$typeof === l || // Note: Memo only checks outer props here.
|
|
595
|
+
// Inner props are checked in the reconciler.
|
|
596
|
+
u.$$typeof === _))
|
|
597
|
+
f = u.propTypes;
|
|
598
|
+
else
|
|
599
|
+
return;
|
|
600
|
+
if (f) {
|
|
601
|
+
var S = W(u);
|
|
602
|
+
Pt(f, i.props, "prop", S, i);
|
|
603
|
+
} else if (u.PropTypes !== void 0 && !Te) {
|
|
604
|
+
Te = !0;
|
|
605
|
+
var C = W(u);
|
|
606
|
+
c("Component %s declared `PropTypes` instead of `propTypes`. Did you misspell the property assignment?", C || "Unknown");
|
|
607
|
+
}
|
|
608
|
+
typeof u.getDefaultProps == "function" && !u.getDefaultProps.isReactClassApproved && c("getDefaultProps is only used on classic React.createClass definitions. Use a static property named `defaultProps` instead.");
|
|
609
|
+
}
|
|
610
|
+
}
|
|
611
|
+
function zt(i) {
|
|
612
|
+
{
|
|
613
|
+
for (var u = Object.keys(i.props), f = 0; f < u.length; f++) {
|
|
614
|
+
var S = u[f];
|
|
615
|
+
if (S !== "children" && S !== "key") {
|
|
616
|
+
te(i), c("Invalid prop `%s` supplied to `React.Fragment`. React.Fragment can only have `key` and `children` props.", S), te(null);
|
|
617
|
+
break;
|
|
618
|
+
}
|
|
619
|
+
}
|
|
620
|
+
i.ref !== null && (te(i), c("Invalid attribute `ref` supplied to `React.Fragment`."), te(null));
|
|
621
|
+
}
|
|
622
|
+
}
|
|
623
|
+
function rt(i, u, f, S, C, U) {
|
|
624
|
+
{
|
|
625
|
+
var x = B(i);
|
|
626
|
+
if (!x) {
|
|
627
|
+
var T = "";
|
|
628
|
+
(i === void 0 || typeof i == "object" && i !== null && Object.keys(i).length === 0) && (T += " You likely forgot to export your component from the file it's defined in, or you might have mixed up default and named imports.");
|
|
629
|
+
var M = Bt(C);
|
|
630
|
+
M ? T += M : T += Qe();
|
|
631
|
+
var N;
|
|
632
|
+
i === null ? N = "null" : ke(i) ? N = "array" : i !== void 0 && i.$$typeof === t ? (N = "<" + (W(i.type) || "Unknown") + " />", T = " Did you accidentally export a JSX literal instead of a component?") : N = typeof i, c("React.jsx: type is invalid -- expected a string (for built-in components) or a class/function (for composite components) but got: %s.%s", N, T);
|
|
633
|
+
}
|
|
634
|
+
var q = Ht(i, u, f, C, U);
|
|
635
|
+
if (q == null)
|
|
636
|
+
return q;
|
|
637
|
+
if (x) {
|
|
638
|
+
var D = u.children;
|
|
639
|
+
if (D !== void 0)
|
|
640
|
+
if (S)
|
|
641
|
+
if (ke(D)) {
|
|
642
|
+
for (var re = 0; re < D.length; re++)
|
|
643
|
+
tt(D[re], i);
|
|
644
|
+
Object.freeze && Object.freeze(D);
|
|
645
|
+
} else
|
|
646
|
+
c("React.jsx: Static children should always be an array. You are likely explicitly calling React.jsxs or React.jsxDEV. Use the Babel transform instead.");
|
|
647
|
+
else
|
|
648
|
+
tt(D, i);
|
|
649
|
+
}
|
|
650
|
+
return i === s ? zt(q) : Lt(q), q;
|
|
651
|
+
}
|
|
652
|
+
}
|
|
653
|
+
function Jt(i, u, f) {
|
|
654
|
+
return rt(i, u, f, !0);
|
|
655
|
+
}
|
|
656
|
+
function Kt(i, u, f) {
|
|
657
|
+
return rt(i, u, f, !1);
|
|
658
|
+
}
|
|
659
|
+
var Vt = Kt, Yt = Jt;
|
|
660
|
+
ae.Fragment = s, ae.jsx = Vt, ae.jsxs = Yt;
|
|
661
|
+
}()), ae;
|
|
662
|
+
}
|
|
663
|
+
(function(e) {
|
|
664
|
+
process.env.NODE_ENV === "production" ? e.exports = er() : e.exports = tr();
|
|
665
|
+
})(Zt);
|
|
666
|
+
function rr(e) {
|
|
667
|
+
throw new Error('Could not dynamically require "' + e + '". Please configure the dynamicRequireTargets or/and ignoreDynamicRequires option of @rollup/plugin-commonjs appropriately for this require call to work.');
|
|
668
|
+
}
|
|
669
|
+
var se = {}, sr = {
|
|
670
|
+
get exports() {
|
|
671
|
+
return se;
|
|
672
|
+
},
|
|
673
|
+
set exports(e) {
|
|
674
|
+
se = e;
|
|
675
|
+
}
|
|
676
|
+
};
|
|
677
|
+
const ir = {}, nr = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
|
|
678
|
+
__proto__: null,
|
|
679
|
+
default: ir
|
|
680
|
+
}, Symbol.toStringTag, { value: "Module" })), or = /* @__PURE__ */ Qt(nr);
|
|
681
|
+
(function(e, t) {
|
|
682
|
+
(function(r, s) {
|
|
683
|
+
e.exports = s();
|
|
684
|
+
})(Q, function() {
|
|
685
|
+
var r = r || function(s, n) {
|
|
686
|
+
var o;
|
|
687
|
+
if (typeof window < "u" && window.crypto && (o = window.crypto), typeof self < "u" && self.crypto && (o = self.crypto), typeof globalThis < "u" && globalThis.crypto && (o = globalThis.crypto), !o && typeof window < "u" && window.msCrypto && (o = window.msCrypto), !o && typeof Q < "u" && Q.crypto && (o = Q.crypto), !o && typeof rr == "function")
|
|
688
|
+
try {
|
|
689
|
+
o = or;
|
|
690
|
+
} catch {
|
|
691
|
+
}
|
|
692
|
+
var a = function() {
|
|
693
|
+
if (o) {
|
|
694
|
+
if (typeof o.getRandomValues == "function")
|
|
695
|
+
try {
|
|
696
|
+
return o.getRandomValues(new Uint32Array(1))[0];
|
|
697
|
+
} catch {
|
|
698
|
+
}
|
|
699
|
+
if (typeof o.randomBytes == "function")
|
|
700
|
+
try {
|
|
701
|
+
return o.randomBytes(4).readInt32LE();
|
|
702
|
+
} catch {
|
|
703
|
+
}
|
|
704
|
+
}
|
|
705
|
+
throw new Error("Native crypto module could not be used to get secure random number.");
|
|
706
|
+
}, d = Object.create || function() {
|
|
707
|
+
function c() {
|
|
708
|
+
}
|
|
709
|
+
return function(g) {
|
|
710
|
+
var m;
|
|
711
|
+
return c.prototype = g, m = new c(), c.prototype = null, m;
|
|
712
|
+
};
|
|
713
|
+
}(), l = {}, h = l.lib = {}, p = h.Base = function() {
|
|
714
|
+
return {
|
|
715
|
+
/**
|
|
716
|
+
* Creates a new object that inherits from this object.
|
|
717
|
+
*
|
|
718
|
+
* @param {Object} overrides Properties to copy into the new object.
|
|
719
|
+
*
|
|
720
|
+
* @return {Object} The new object.
|
|
721
|
+
*
|
|
722
|
+
* @static
|
|
723
|
+
*
|
|
724
|
+
* @example
|
|
725
|
+
*
|
|
726
|
+
* var MyType = CryptoJS.lib.Base.extend({
|
|
727
|
+
* field: 'value',
|
|
728
|
+
*
|
|
729
|
+
* method: function () {
|
|
730
|
+
* }
|
|
731
|
+
* });
|
|
732
|
+
*/
|
|
733
|
+
extend: function(c) {
|
|
734
|
+
var g = d(this);
|
|
735
|
+
return c && g.mixIn(c), (!g.hasOwnProperty("init") || this.init === g.init) && (g.init = function() {
|
|
736
|
+
g.$super.init.apply(this, arguments);
|
|
737
|
+
}), g.init.prototype = g, g.$super = this, g;
|
|
738
|
+
},
|
|
739
|
+
/**
|
|
740
|
+
* Extends this object and runs the init method.
|
|
741
|
+
* Arguments to create() will be passed to init().
|
|
742
|
+
*
|
|
743
|
+
* @return {Object} The new object.
|
|
744
|
+
*
|
|
745
|
+
* @static
|
|
746
|
+
*
|
|
747
|
+
* @example
|
|
748
|
+
*
|
|
749
|
+
* var instance = MyType.create();
|
|
750
|
+
*/
|
|
751
|
+
create: function() {
|
|
752
|
+
var c = this.extend();
|
|
753
|
+
return c.init.apply(c, arguments), c;
|
|
754
|
+
},
|
|
755
|
+
/**
|
|
756
|
+
* Initializes a newly created object.
|
|
757
|
+
* Override this method to add some logic when your objects are created.
|
|
758
|
+
*
|
|
759
|
+
* @example
|
|
760
|
+
*
|
|
761
|
+
* var MyType = CryptoJS.lib.Base.extend({
|
|
762
|
+
* init: function () {
|
|
763
|
+
* // ...
|
|
764
|
+
* }
|
|
765
|
+
* });
|
|
766
|
+
*/
|
|
767
|
+
init: function() {
|
|
768
|
+
},
|
|
769
|
+
/**
|
|
770
|
+
* Copies properties into this object.
|
|
771
|
+
*
|
|
772
|
+
* @param {Object} properties The properties to mix in.
|
|
773
|
+
*
|
|
774
|
+
* @example
|
|
775
|
+
*
|
|
776
|
+
* MyType.mixIn({
|
|
777
|
+
* field: 'value'
|
|
778
|
+
* });
|
|
779
|
+
*/
|
|
780
|
+
mixIn: function(c) {
|
|
781
|
+
for (var g in c)
|
|
782
|
+
c.hasOwnProperty(g) && (this[g] = c[g]);
|
|
783
|
+
c.hasOwnProperty("toString") && (this.toString = c.toString);
|
|
784
|
+
},
|
|
785
|
+
/**
|
|
786
|
+
* Creates a copy of this object.
|
|
787
|
+
*
|
|
788
|
+
* @return {Object} The clone.
|
|
789
|
+
*
|
|
790
|
+
* @example
|
|
791
|
+
*
|
|
792
|
+
* var clone = instance.clone();
|
|
793
|
+
*/
|
|
794
|
+
clone: function() {
|
|
795
|
+
return this.init.prototype.extend(this);
|
|
796
|
+
}
|
|
797
|
+
};
|
|
798
|
+
}(), _ = h.WordArray = p.extend({
|
|
799
|
+
/**
|
|
800
|
+
* Initializes a newly created word array.
|
|
801
|
+
*
|
|
802
|
+
* @param {Array} words (Optional) An array of 32-bit words.
|
|
803
|
+
* @param {number} sigBytes (Optional) The number of significant bytes in the words.
|
|
804
|
+
*
|
|
805
|
+
* @example
|
|
806
|
+
*
|
|
807
|
+
* var wordArray = CryptoJS.lib.WordArray.create();
|
|
808
|
+
* var wordArray = CryptoJS.lib.WordArray.create([0x00010203, 0x04050607]);
|
|
809
|
+
* var wordArray = CryptoJS.lib.WordArray.create([0x00010203, 0x04050607], 6);
|
|
810
|
+
*/
|
|
811
|
+
init: function(c, g) {
|
|
812
|
+
c = this.words = c || [], g != n ? this.sigBytes = g : this.sigBytes = c.length * 4;
|
|
813
|
+
},
|
|
814
|
+
/**
|
|
815
|
+
* Converts this word array to a string.
|
|
816
|
+
*
|
|
817
|
+
* @param {Encoder} encoder (Optional) The encoding strategy to use. Default: CryptoJS.enc.Hex
|
|
818
|
+
*
|
|
819
|
+
* @return {string} The stringified word array.
|
|
820
|
+
*
|
|
821
|
+
* @example
|
|
822
|
+
*
|
|
823
|
+
* var string = wordArray + '';
|
|
824
|
+
* var string = wordArray.toString();
|
|
825
|
+
* var string = wordArray.toString(CryptoJS.enc.Utf8);
|
|
826
|
+
*/
|
|
827
|
+
toString: function(c) {
|
|
828
|
+
return (c || w).stringify(this);
|
|
829
|
+
},
|
|
830
|
+
/**
|
|
831
|
+
* Concatenates a word array to this word array.
|
|
832
|
+
*
|
|
833
|
+
* @param {WordArray} wordArray The word array to append.
|
|
834
|
+
*
|
|
835
|
+
* @return {WordArray} This word array.
|
|
836
|
+
*
|
|
837
|
+
* @example
|
|
838
|
+
*
|
|
839
|
+
* wordArray1.concat(wordArray2);
|
|
840
|
+
*/
|
|
841
|
+
concat: function(c) {
|
|
842
|
+
var g = this.words, m = c.words, E = this.sigBytes, P = c.sigBytes;
|
|
843
|
+
if (this.clamp(), E % 4)
|
|
844
|
+
for (var O = 0; O < P; O++) {
|
|
845
|
+
var A = m[O >>> 2] >>> 24 - O % 4 * 8 & 255;
|
|
846
|
+
g[E + O >>> 2] |= A << 24 - (E + O) % 4 * 8;
|
|
847
|
+
}
|
|
848
|
+
else
|
|
849
|
+
for (var j = 0; j < P; j += 4)
|
|
850
|
+
g[E + j >>> 2] = m[j >>> 2];
|
|
851
|
+
return this.sigBytes += P, this;
|
|
852
|
+
},
|
|
853
|
+
/**
|
|
854
|
+
* Removes insignificant bits.
|
|
855
|
+
*
|
|
856
|
+
* @example
|
|
857
|
+
*
|
|
858
|
+
* wordArray.clamp();
|
|
859
|
+
*/
|
|
860
|
+
clamp: function() {
|
|
861
|
+
var c = this.words, g = this.sigBytes;
|
|
862
|
+
c[g >>> 2] &= 4294967295 << 32 - g % 4 * 8, c.length = s.ceil(g / 4);
|
|
863
|
+
},
|
|
864
|
+
/**
|
|
865
|
+
* Creates a copy of this word array.
|
|
866
|
+
*
|
|
867
|
+
* @return {WordArray} The clone.
|
|
868
|
+
*
|
|
869
|
+
* @example
|
|
870
|
+
*
|
|
871
|
+
* var clone = wordArray.clone();
|
|
872
|
+
*/
|
|
873
|
+
clone: function() {
|
|
874
|
+
var c = p.clone.call(this);
|
|
875
|
+
return c.words = this.words.slice(0), c;
|
|
876
|
+
},
|
|
877
|
+
/**
|
|
878
|
+
* Creates a word array filled with random bytes.
|
|
879
|
+
*
|
|
880
|
+
* @param {number} nBytes The number of random bytes to generate.
|
|
881
|
+
*
|
|
882
|
+
* @return {WordArray} The random word array.
|
|
883
|
+
*
|
|
884
|
+
* @static
|
|
885
|
+
*
|
|
886
|
+
* @example
|
|
887
|
+
*
|
|
888
|
+
* var wordArray = CryptoJS.lib.WordArray.random(16);
|
|
889
|
+
*/
|
|
890
|
+
random: function(c) {
|
|
891
|
+
for (var g = [], m = 0; m < c; m += 4)
|
|
892
|
+
g.push(a());
|
|
893
|
+
return new _.init(g, c);
|
|
894
|
+
}
|
|
895
|
+
}), y = l.enc = {}, w = y.Hex = {
|
|
896
|
+
/**
|
|
897
|
+
* Converts a word array to a hex string.
|
|
898
|
+
*
|
|
899
|
+
* @param {WordArray} wordArray The word array.
|
|
900
|
+
*
|
|
901
|
+
* @return {string} The hex string.
|
|
902
|
+
*
|
|
903
|
+
* @static
|
|
904
|
+
*
|
|
905
|
+
* @example
|
|
906
|
+
*
|
|
907
|
+
* var hexString = CryptoJS.enc.Hex.stringify(wordArray);
|
|
908
|
+
*/
|
|
909
|
+
stringify: function(c) {
|
|
910
|
+
for (var g = c.words, m = c.sigBytes, E = [], P = 0; P < m; P++) {
|
|
911
|
+
var O = g[P >>> 2] >>> 24 - P % 4 * 8 & 255;
|
|
912
|
+
E.push((O >>> 4).toString(16)), E.push((O & 15).toString(16));
|
|
913
|
+
}
|
|
914
|
+
return E.join("");
|
|
915
|
+
},
|
|
916
|
+
/**
|
|
917
|
+
* Converts a hex string to a word array.
|
|
918
|
+
*
|
|
919
|
+
* @param {string} hexStr The hex string.
|
|
920
|
+
*
|
|
921
|
+
* @return {WordArray} The word array.
|
|
922
|
+
*
|
|
923
|
+
* @static
|
|
924
|
+
*
|
|
925
|
+
* @example
|
|
926
|
+
*
|
|
927
|
+
* var wordArray = CryptoJS.enc.Hex.parse(hexString);
|
|
928
|
+
*/
|
|
929
|
+
parse: function(c) {
|
|
930
|
+
for (var g = c.length, m = [], E = 0; E < g; E += 2)
|
|
931
|
+
m[E >>> 3] |= parseInt(c.substr(E, 2), 16) << 24 - E % 8 * 4;
|
|
932
|
+
return new _.init(m, g / 2);
|
|
933
|
+
}
|
|
934
|
+
}, I = y.Latin1 = {
|
|
935
|
+
/**
|
|
936
|
+
* Converts a word array to a Latin1 string.
|
|
937
|
+
*
|
|
938
|
+
* @param {WordArray} wordArray The word array.
|
|
939
|
+
*
|
|
940
|
+
* @return {string} The Latin1 string.
|
|
941
|
+
*
|
|
942
|
+
* @static
|
|
943
|
+
*
|
|
944
|
+
* @example
|
|
945
|
+
*
|
|
946
|
+
* var latin1String = CryptoJS.enc.Latin1.stringify(wordArray);
|
|
947
|
+
*/
|
|
948
|
+
stringify: function(c) {
|
|
949
|
+
for (var g = c.words, m = c.sigBytes, E = [], P = 0; P < m; P++) {
|
|
950
|
+
var O = g[P >>> 2] >>> 24 - P % 4 * 8 & 255;
|
|
951
|
+
E.push(String.fromCharCode(O));
|
|
952
|
+
}
|
|
953
|
+
return E.join("");
|
|
954
|
+
},
|
|
955
|
+
/**
|
|
956
|
+
* Converts a Latin1 string to a word array.
|
|
957
|
+
*
|
|
958
|
+
* @param {string} latin1Str The Latin1 string.
|
|
959
|
+
*
|
|
960
|
+
* @return {WordArray} The word array.
|
|
961
|
+
*
|
|
962
|
+
* @static
|
|
963
|
+
*
|
|
964
|
+
* @example
|
|
965
|
+
*
|
|
966
|
+
* var wordArray = CryptoJS.enc.Latin1.parse(latin1String);
|
|
967
|
+
*/
|
|
968
|
+
parse: function(c) {
|
|
969
|
+
for (var g = c.length, m = [], E = 0; E < g; E++)
|
|
970
|
+
m[E >>> 2] |= (c.charCodeAt(E) & 255) << 24 - E % 4 * 8;
|
|
971
|
+
return new _.init(m, g);
|
|
972
|
+
}
|
|
973
|
+
}, v = y.Utf8 = {
|
|
974
|
+
/**
|
|
975
|
+
* Converts a word array to a UTF-8 string.
|
|
976
|
+
*
|
|
977
|
+
* @param {WordArray} wordArray The word array.
|
|
978
|
+
*
|
|
979
|
+
* @return {string} The UTF-8 string.
|
|
980
|
+
*
|
|
981
|
+
* @static
|
|
982
|
+
*
|
|
983
|
+
* @example
|
|
984
|
+
*
|
|
985
|
+
* var utf8String = CryptoJS.enc.Utf8.stringify(wordArray);
|
|
986
|
+
*/
|
|
987
|
+
stringify: function(c) {
|
|
988
|
+
try {
|
|
989
|
+
return decodeURIComponent(escape(I.stringify(c)));
|
|
990
|
+
} catch {
|
|
991
|
+
throw new Error("Malformed UTF-8 data");
|
|
992
|
+
}
|
|
993
|
+
},
|
|
994
|
+
/**
|
|
995
|
+
* Converts a UTF-8 string to a word array.
|
|
996
|
+
*
|
|
997
|
+
* @param {string} utf8Str The UTF-8 string.
|
|
998
|
+
*
|
|
999
|
+
* @return {WordArray} The word array.
|
|
1000
|
+
*
|
|
1001
|
+
* @static
|
|
1002
|
+
*
|
|
1003
|
+
* @example
|
|
1004
|
+
*
|
|
1005
|
+
* var wordArray = CryptoJS.enc.Utf8.parse(utf8String);
|
|
1006
|
+
*/
|
|
1007
|
+
parse: function(c) {
|
|
1008
|
+
return I.parse(unescape(encodeURIComponent(c)));
|
|
1009
|
+
}
|
|
1010
|
+
}, R = h.BufferedBlockAlgorithm = p.extend({
|
|
1011
|
+
/**
|
|
1012
|
+
* Resets this block algorithm's data buffer to its initial state.
|
|
1013
|
+
*
|
|
1014
|
+
* @example
|
|
1015
|
+
*
|
|
1016
|
+
* bufferedBlockAlgorithm.reset();
|
|
1017
|
+
*/
|
|
1018
|
+
reset: function() {
|
|
1019
|
+
this._data = new _.init(), this._nDataBytes = 0;
|
|
1020
|
+
},
|
|
1021
|
+
/**
|
|
1022
|
+
* Adds new data to this block algorithm's buffer.
|
|
1023
|
+
*
|
|
1024
|
+
* @param {WordArray|string} data The data to append. Strings are converted to a WordArray using UTF-8.
|
|
1025
|
+
*
|
|
1026
|
+
* @example
|
|
1027
|
+
*
|
|
1028
|
+
* bufferedBlockAlgorithm._append('data');
|
|
1029
|
+
* bufferedBlockAlgorithm._append(wordArray);
|
|
1030
|
+
*/
|
|
1031
|
+
_append: function(c) {
|
|
1032
|
+
typeof c == "string" && (c = v.parse(c)), this._data.concat(c), this._nDataBytes += c.sigBytes;
|
|
1033
|
+
},
|
|
1034
|
+
/**
|
|
1035
|
+
* Processes available data blocks.
|
|
1036
|
+
*
|
|
1037
|
+
* This method invokes _doProcessBlock(offset), which must be implemented by a concrete subtype.
|
|
1038
|
+
*
|
|
1039
|
+
* @param {boolean} doFlush Whether all blocks and partial blocks should be processed.
|
|
1040
|
+
*
|
|
1041
|
+
* @return {WordArray} The processed data.
|
|
1042
|
+
*
|
|
1043
|
+
* @example
|
|
1044
|
+
*
|
|
1045
|
+
* var processedData = bufferedBlockAlgorithm._process();
|
|
1046
|
+
* var processedData = bufferedBlockAlgorithm._process(!!'flush');
|
|
1047
|
+
*/
|
|
1048
|
+
_process: function(c) {
|
|
1049
|
+
var g, m = this._data, E = m.words, P = m.sigBytes, O = this.blockSize, A = O * 4, j = P / A;
|
|
1050
|
+
c ? j = s.ceil(j) : j = s.max((j | 0) - this._minBufferSize, 0);
|
|
1051
|
+
var B = j * O, F = s.min(B * 4, P);
|
|
1052
|
+
if (B) {
|
|
1053
|
+
for (var L = 0; L < B; L += O)
|
|
1054
|
+
this._doProcessBlock(E, L);
|
|
1055
|
+
g = E.splice(0, B), m.sigBytes -= F;
|
|
1056
|
+
}
|
|
1057
|
+
return new _.init(g, F);
|
|
1058
|
+
},
|
|
1059
|
+
/**
|
|
1060
|
+
* Creates a copy of this object.
|
|
1061
|
+
*
|
|
1062
|
+
* @return {Object} The clone.
|
|
1063
|
+
*
|
|
1064
|
+
* @example
|
|
1065
|
+
*
|
|
1066
|
+
* var clone = bufferedBlockAlgorithm.clone();
|
|
1067
|
+
*/
|
|
1068
|
+
clone: function() {
|
|
1069
|
+
var c = p.clone.call(this);
|
|
1070
|
+
return c._data = this._data.clone(), c;
|
|
1071
|
+
},
|
|
1072
|
+
_minBufferSize: 0
|
|
1073
|
+
});
|
|
1074
|
+
h.Hasher = R.extend({
|
|
1075
|
+
/**
|
|
1076
|
+
* Configuration options.
|
|
1077
|
+
*/
|
|
1078
|
+
cfg: p.extend(),
|
|
1079
|
+
/**
|
|
1080
|
+
* Initializes a newly created hasher.
|
|
1081
|
+
*
|
|
1082
|
+
* @param {Object} cfg (Optional) The configuration options to use for this hash computation.
|
|
1083
|
+
*
|
|
1084
|
+
* @example
|
|
1085
|
+
*
|
|
1086
|
+
* var hasher = CryptoJS.algo.SHA256.create();
|
|
1087
|
+
*/
|
|
1088
|
+
init: function(c) {
|
|
1089
|
+
this.cfg = this.cfg.extend(c), this.reset();
|
|
1090
|
+
},
|
|
1091
|
+
/**
|
|
1092
|
+
* Resets this hasher to its initial state.
|
|
1093
|
+
*
|
|
1094
|
+
* @example
|
|
1095
|
+
*
|
|
1096
|
+
* hasher.reset();
|
|
1097
|
+
*/
|
|
1098
|
+
reset: function() {
|
|
1099
|
+
R.reset.call(this), this._doReset();
|
|
1100
|
+
},
|
|
1101
|
+
/**
|
|
1102
|
+
* Updates this hasher with a message.
|
|
1103
|
+
*
|
|
1104
|
+
* @param {WordArray|string} messageUpdate The message to append.
|
|
1105
|
+
*
|
|
1106
|
+
* @return {Hasher} This hasher.
|
|
1107
|
+
*
|
|
1108
|
+
* @example
|
|
1109
|
+
*
|
|
1110
|
+
* hasher.update('message');
|
|
1111
|
+
* hasher.update(wordArray);
|
|
1112
|
+
*/
|
|
1113
|
+
update: function(c) {
|
|
1114
|
+
return this._append(c), this._process(), this;
|
|
1115
|
+
},
|
|
1116
|
+
/**
|
|
1117
|
+
* Finalizes the hash computation.
|
|
1118
|
+
* Note that the finalize operation is effectively a destructive, read-once operation.
|
|
1119
|
+
*
|
|
1120
|
+
* @param {WordArray|string} messageUpdate (Optional) A final message update.
|
|
1121
|
+
*
|
|
1122
|
+
* @return {WordArray} The hash.
|
|
1123
|
+
*
|
|
1124
|
+
* @example
|
|
1125
|
+
*
|
|
1126
|
+
* var hash = hasher.finalize();
|
|
1127
|
+
* var hash = hasher.finalize('message');
|
|
1128
|
+
* var hash = hasher.finalize(wordArray);
|
|
1129
|
+
*/
|
|
1130
|
+
finalize: function(c) {
|
|
1131
|
+
c && this._append(c);
|
|
1132
|
+
var g = this._doFinalize();
|
|
1133
|
+
return g;
|
|
1134
|
+
},
|
|
1135
|
+
blockSize: 16,
|
|
1136
|
+
/**
|
|
1137
|
+
* Creates a shortcut function to a hasher's object interface.
|
|
1138
|
+
*
|
|
1139
|
+
* @param {Hasher} hasher The hasher to create a helper for.
|
|
1140
|
+
*
|
|
1141
|
+
* @return {Function} The shortcut function.
|
|
1142
|
+
*
|
|
1143
|
+
* @static
|
|
1144
|
+
*
|
|
1145
|
+
* @example
|
|
1146
|
+
*
|
|
1147
|
+
* var SHA256 = CryptoJS.lib.Hasher._createHelper(CryptoJS.algo.SHA256);
|
|
1148
|
+
*/
|
|
1149
|
+
_createHelper: function(c) {
|
|
1150
|
+
return function(g, m) {
|
|
1151
|
+
return new c.init(m).finalize(g);
|
|
1152
|
+
};
|
|
1153
|
+
},
|
|
1154
|
+
/**
|
|
1155
|
+
* Creates a shortcut function to the HMAC's object interface.
|
|
1156
|
+
*
|
|
1157
|
+
* @param {Hasher} hasher The hasher to use in this HMAC helper.
|
|
1158
|
+
*
|
|
1159
|
+
* @return {Function} The shortcut function.
|
|
1160
|
+
*
|
|
1161
|
+
* @static
|
|
1162
|
+
*
|
|
1163
|
+
* @example
|
|
1164
|
+
*
|
|
1165
|
+
* var HmacSHA256 = CryptoJS.lib.Hasher._createHmacHelper(CryptoJS.algo.SHA256);
|
|
1166
|
+
*/
|
|
1167
|
+
_createHmacHelper: function(c) {
|
|
1168
|
+
return function(g, m) {
|
|
1169
|
+
return new k.HMAC.init(c, m).finalize(g);
|
|
1170
|
+
};
|
|
1171
|
+
}
|
|
1172
|
+
});
|
|
1173
|
+
var k = l.algo = {};
|
|
1174
|
+
return l;
|
|
1175
|
+
}(Math);
|
|
1176
|
+
return r;
|
|
1177
|
+
});
|
|
1178
|
+
})(sr);
|
|
1179
|
+
var Ie = {}, ar = {
|
|
1180
|
+
get exports() {
|
|
1181
|
+
return Ie;
|
|
1182
|
+
},
|
|
1183
|
+
set exports(e) {
|
|
1184
|
+
Ie = e;
|
|
1185
|
+
}
|
|
1186
|
+
};
|
|
1187
|
+
(function(e, t) {
|
|
1188
|
+
(function(r, s) {
|
|
1189
|
+
e.exports = s(se);
|
|
1190
|
+
})(Q, function(r) {
|
|
1191
|
+
return function(s) {
|
|
1192
|
+
var n = r, o = n.lib, a = o.WordArray, d = o.Hasher, l = n.algo, h = [], p = [];
|
|
1193
|
+
(function() {
|
|
1194
|
+
function w(k) {
|
|
1195
|
+
for (var c = s.sqrt(k), g = 2; g <= c; g++)
|
|
1196
|
+
if (!(k % g))
|
|
1197
|
+
return !1;
|
|
1198
|
+
return !0;
|
|
1199
|
+
}
|
|
1200
|
+
function I(k) {
|
|
1201
|
+
return (k - (k | 0)) * 4294967296 | 0;
|
|
1202
|
+
}
|
|
1203
|
+
for (var v = 2, R = 0; R < 64; )
|
|
1204
|
+
w(v) && (R < 8 && (h[R] = I(s.pow(v, 1 / 2))), p[R] = I(s.pow(v, 1 / 3)), R++), v++;
|
|
1205
|
+
})();
|
|
1206
|
+
var _ = [], y = l.SHA256 = d.extend({
|
|
1207
|
+
_doReset: function() {
|
|
1208
|
+
this._hash = new a.init(h.slice(0));
|
|
1209
|
+
},
|
|
1210
|
+
_doProcessBlock: function(w, I) {
|
|
1211
|
+
for (var v = this._hash.words, R = v[0], k = v[1], c = v[2], g = v[3], m = v[4], E = v[5], P = v[6], O = v[7], A = 0; A < 64; A++) {
|
|
1212
|
+
if (A < 16)
|
|
1213
|
+
_[A] = w[I + A] | 0;
|
|
1214
|
+
else {
|
|
1215
|
+
var j = _[A - 15], B = (j << 25 | j >>> 7) ^ (j << 14 | j >>> 18) ^ j >>> 3, F = _[A - 2], L = (F << 15 | F >>> 17) ^ (F << 13 | F >>> 19) ^ F >>> 10;
|
|
1216
|
+
_[A] = B + _[A - 7] + L + _[A - 16];
|
|
1217
|
+
}
|
|
1218
|
+
var W = m & E ^ ~m & P, $ = R & k ^ R & c ^ k & c, V = (R << 30 | R >>> 2) ^ (R << 19 | R >>> 13) ^ (R << 10 | R >>> 22), ee = (m << 26 | m >>> 6) ^ (m << 21 | m >>> 11) ^ (m << 7 | m >>> 25), X = O + ee + W + p[A] + _[A], le = V + $;
|
|
1219
|
+
O = P, P = E, E = m, m = g + X | 0, g = c, c = k, k = R, R = X + le | 0;
|
|
1220
|
+
}
|
|
1221
|
+
v[0] = v[0] + R | 0, v[1] = v[1] + k | 0, v[2] = v[2] + c | 0, v[3] = v[3] + g | 0, v[4] = v[4] + m | 0, v[5] = v[5] + E | 0, v[6] = v[6] + P | 0, v[7] = v[7] + O | 0;
|
|
1222
|
+
},
|
|
1223
|
+
_doFinalize: function() {
|
|
1224
|
+
var w = this._data, I = w.words, v = this._nDataBytes * 8, R = w.sigBytes * 8;
|
|
1225
|
+
return I[R >>> 5] |= 128 << 24 - R % 32, I[(R + 64 >>> 9 << 4) + 14] = s.floor(v / 4294967296), I[(R + 64 >>> 9 << 4) + 15] = v, w.sigBytes = I.length * 4, this._process(), this._hash;
|
|
1226
|
+
},
|
|
1227
|
+
clone: function() {
|
|
1228
|
+
var w = d.clone.call(this);
|
|
1229
|
+
return w._hash = this._hash.clone(), w;
|
|
1230
|
+
}
|
|
1231
|
+
});
|
|
1232
|
+
n.SHA256 = d._createHelper(y), n.HmacSHA256 = d._createHmacHelper(y);
|
|
1233
|
+
}(Math), r.SHA256;
|
|
1234
|
+
});
|
|
1235
|
+
})(ar);
|
|
1236
|
+
var ve = {}, cr = {
|
|
1237
|
+
get exports() {
|
|
1238
|
+
return ve;
|
|
1239
|
+
},
|
|
1240
|
+
set exports(e) {
|
|
1241
|
+
ve = e;
|
|
1242
|
+
}
|
|
1243
|
+
};
|
|
1244
|
+
(function(e, t) {
|
|
1245
|
+
(function(r, s) {
|
|
1246
|
+
e.exports = s(se);
|
|
1247
|
+
})(Q, function(r) {
|
|
1248
|
+
return function() {
|
|
1249
|
+
var s = r, n = s.lib, o = n.WordArray, a = s.enc;
|
|
1250
|
+
a.Base64 = {
|
|
1251
|
+
/**
|
|
1252
|
+
* Converts a word array to a Base64 string.
|
|
1253
|
+
*
|
|
1254
|
+
* @param {WordArray} wordArray The word array.
|
|
1255
|
+
*
|
|
1256
|
+
* @return {string} The Base64 string.
|
|
1257
|
+
*
|
|
1258
|
+
* @static
|
|
1259
|
+
*
|
|
1260
|
+
* @example
|
|
1261
|
+
*
|
|
1262
|
+
* var base64String = CryptoJS.enc.Base64.stringify(wordArray);
|
|
1263
|
+
*/
|
|
1264
|
+
stringify: function(l) {
|
|
1265
|
+
var h = l.words, p = l.sigBytes, _ = this._map;
|
|
1266
|
+
l.clamp();
|
|
1267
|
+
for (var y = [], w = 0; w < p; w += 3)
|
|
1268
|
+
for (var I = h[w >>> 2] >>> 24 - w % 4 * 8 & 255, v = h[w + 1 >>> 2] >>> 24 - (w + 1) % 4 * 8 & 255, R = h[w + 2 >>> 2] >>> 24 - (w + 2) % 4 * 8 & 255, k = I << 16 | v << 8 | R, c = 0; c < 4 && w + c * 0.75 < p; c++)
|
|
1269
|
+
y.push(_.charAt(k >>> 6 * (3 - c) & 63));
|
|
1270
|
+
var g = _.charAt(64);
|
|
1271
|
+
if (g)
|
|
1272
|
+
for (; y.length % 4; )
|
|
1273
|
+
y.push(g);
|
|
1274
|
+
return y.join("");
|
|
1275
|
+
},
|
|
1276
|
+
/**
|
|
1277
|
+
* Converts a Base64 string to a word array.
|
|
1278
|
+
*
|
|
1279
|
+
* @param {string} base64Str The Base64 string.
|
|
1280
|
+
*
|
|
1281
|
+
* @return {WordArray} The word array.
|
|
1282
|
+
*
|
|
1283
|
+
* @static
|
|
1284
|
+
*
|
|
1285
|
+
* @example
|
|
1286
|
+
*
|
|
1287
|
+
* var wordArray = CryptoJS.enc.Base64.parse(base64String);
|
|
1288
|
+
*/
|
|
1289
|
+
parse: function(l) {
|
|
1290
|
+
var h = l.length, p = this._map, _ = this._reverseMap;
|
|
1291
|
+
if (!_) {
|
|
1292
|
+
_ = this._reverseMap = [];
|
|
1293
|
+
for (var y = 0; y < p.length; y++)
|
|
1294
|
+
_[p.charCodeAt(y)] = y;
|
|
1295
|
+
}
|
|
1296
|
+
var w = p.charAt(64);
|
|
1297
|
+
if (w) {
|
|
1298
|
+
var I = l.indexOf(w);
|
|
1299
|
+
I !== -1 && (h = I);
|
|
1300
|
+
}
|
|
1301
|
+
return d(l, h, _);
|
|
1302
|
+
},
|
|
1303
|
+
_map: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="
|
|
1304
|
+
};
|
|
1305
|
+
function d(l, h, p) {
|
|
1306
|
+
for (var _ = [], y = 0, w = 0; w < h; w++)
|
|
1307
|
+
if (w % 4) {
|
|
1308
|
+
var I = p[l.charCodeAt(w - 1)] << w % 4 * 2, v = p[l.charCodeAt(w)] >>> 6 - w % 4 * 2, R = I | v;
|
|
1309
|
+
_[y >>> 2] |= R << 24 - y % 4 * 8, y++;
|
|
1310
|
+
}
|
|
1311
|
+
return o.create(_, y);
|
|
1312
|
+
}
|
|
1313
|
+
}(), r.enc.Base64;
|
|
1314
|
+
});
|
|
1315
|
+
})(cr);
|
|
1316
|
+
var Pe = {}, lr = {
|
|
1317
|
+
get exports() {
|
|
1318
|
+
return Pe;
|
|
1319
|
+
},
|
|
1320
|
+
set exports(e) {
|
|
1321
|
+
Pe = e;
|
|
1322
|
+
}
|
|
1323
|
+
};
|
|
1324
|
+
(function(e, t) {
|
|
1325
|
+
(function(r, s) {
|
|
1326
|
+
e.exports = s(se);
|
|
1327
|
+
})(Q, function(r) {
|
|
1328
|
+
return r.enc.Utf8;
|
|
1329
|
+
});
|
|
1330
|
+
})(lr);
|
|
1331
|
+
function Oe(e) {
|
|
1332
|
+
this.message = e;
|
|
1333
|
+
}
|
|
1334
|
+
Oe.prototype = new Error(), Oe.prototype.name = "InvalidCharacterError";
|
|
1335
|
+
var at = typeof window < "u" && window.atob && window.atob.bind(window) || function(e) {
|
|
1336
|
+
var t = String(e).replace(/=+$/, "");
|
|
1337
|
+
if (t.length % 4 == 1)
|
|
1338
|
+
throw new Oe("'atob' failed: The string to be decoded is not correctly encoded.");
|
|
1339
|
+
for (var r, s, n = 0, o = 0, a = ""; s = t.charAt(o++); ~s && (r = n % 4 ? 64 * r + s : s, n++ % 4) ? a += String.fromCharCode(255 & r >> (-2 * n & 6)) : 0)
|
|
1340
|
+
s = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=".indexOf(s);
|
|
1341
|
+
return a;
|
|
1342
|
+
};
|
|
1343
|
+
function ur(e) {
|
|
1344
|
+
var t = e.replace(/-/g, "+").replace(/_/g, "/");
|
|
1345
|
+
switch (t.length % 4) {
|
|
1346
|
+
case 0:
|
|
1347
|
+
break;
|
|
1348
|
+
case 2:
|
|
1349
|
+
t += "==";
|
|
1350
|
+
break;
|
|
1351
|
+
case 3:
|
|
1352
|
+
t += "=";
|
|
1353
|
+
break;
|
|
1354
|
+
default:
|
|
1355
|
+
throw "Illegal base64url string!";
|
|
1356
|
+
}
|
|
1357
|
+
try {
|
|
1358
|
+
return function(r) {
|
|
1359
|
+
return decodeURIComponent(at(r).replace(/(.)/g, function(s, n) {
|
|
1360
|
+
var o = n.charCodeAt(0).toString(16).toUpperCase();
|
|
1361
|
+
return o.length < 2 && (o = "0" + o), "%" + o;
|
|
1362
|
+
}));
|
|
1363
|
+
}(t);
|
|
1364
|
+
} catch {
|
|
1365
|
+
return at(t);
|
|
1366
|
+
}
|
|
1367
|
+
}
|
|
1368
|
+
function we(e) {
|
|
1369
|
+
this.message = e;
|
|
1370
|
+
}
|
|
1371
|
+
function dr(e, t) {
|
|
1372
|
+
if (typeof e != "string")
|
|
1373
|
+
throw new we("Invalid token specified");
|
|
1374
|
+
var r = (t = t || {}).header === !0 ? 0 : 1;
|
|
1375
|
+
try {
|
|
1376
|
+
return JSON.parse(ur(e.split(".")[r]));
|
|
1377
|
+
} catch (s) {
|
|
1378
|
+
throw new we("Invalid token specified: " + s.message);
|
|
1379
|
+
}
|
|
1380
|
+
}
|
|
1381
|
+
we.prototype = new Error(), we.prototype.name = "InvalidTokenError";
|
|
1382
|
+
var hr = {
|
|
1383
|
+
debug: () => {
|
|
1384
|
+
},
|
|
1385
|
+
info: () => {
|
|
1386
|
+
},
|
|
1387
|
+
warn: () => {
|
|
1388
|
+
},
|
|
1389
|
+
error: () => {
|
|
1390
|
+
}
|
|
1391
|
+
}, z, J, me = /* @__PURE__ */ ((e) => (e[e.NONE = 0] = "NONE", e[e.ERROR = 1] = "ERROR", e[e.WARN = 2] = "WARN", e[e.INFO = 3] = "INFO", e[e.DEBUG = 4] = "DEBUG", e))(me || {});
|
|
1392
|
+
((e) => {
|
|
1393
|
+
function t() {
|
|
1394
|
+
z = 3, J = hr;
|
|
1395
|
+
}
|
|
1396
|
+
e.reset = t;
|
|
1397
|
+
function r(n) {
|
|
1398
|
+
if (!(0 <= n && n <= 4))
|
|
1399
|
+
throw new Error("Invalid log level");
|
|
1400
|
+
z = n;
|
|
1401
|
+
}
|
|
1402
|
+
e.setLevel = r;
|
|
1403
|
+
function s(n) {
|
|
1404
|
+
J = n;
|
|
1405
|
+
}
|
|
1406
|
+
e.setLogger = s;
|
|
1407
|
+
})(me || (me = {}));
|
|
1408
|
+
var b = class {
|
|
1409
|
+
constructor(e) {
|
|
1410
|
+
this._name = e;
|
|
1411
|
+
}
|
|
1412
|
+
debug(...e) {
|
|
1413
|
+
z >= 4 && J.debug(b._format(this._name, this._method), ...e);
|
|
1414
|
+
}
|
|
1415
|
+
info(...e) {
|
|
1416
|
+
z >= 3 && J.info(b._format(this._name, this._method), ...e);
|
|
1417
|
+
}
|
|
1418
|
+
warn(...e) {
|
|
1419
|
+
z >= 2 && J.warn(b._format(this._name, this._method), ...e);
|
|
1420
|
+
}
|
|
1421
|
+
error(...e) {
|
|
1422
|
+
z >= 1 && J.error(b._format(this._name, this._method), ...e);
|
|
1423
|
+
}
|
|
1424
|
+
throw(e) {
|
|
1425
|
+
throw this.error(e), e;
|
|
1426
|
+
}
|
|
1427
|
+
create(e) {
|
|
1428
|
+
const t = Object.create(this);
|
|
1429
|
+
return t._method = e, t.debug("begin"), t;
|
|
1430
|
+
}
|
|
1431
|
+
static createStatic(e, t) {
|
|
1432
|
+
const r = new b(`${e}.${t}`);
|
|
1433
|
+
return r.debug("begin"), r;
|
|
1434
|
+
}
|
|
1435
|
+
static _format(e, t) {
|
|
1436
|
+
const r = `[${e}]`;
|
|
1437
|
+
return t ? `${r} ${t}:` : r;
|
|
1438
|
+
}
|
|
1439
|
+
// helpers for static class methods
|
|
1440
|
+
static debug(e, ...t) {
|
|
1441
|
+
z >= 4 && J.debug(b._format(e), ...t);
|
|
1442
|
+
}
|
|
1443
|
+
static info(e, ...t) {
|
|
1444
|
+
z >= 3 && J.info(b._format(e), ...t);
|
|
1445
|
+
}
|
|
1446
|
+
static warn(e, ...t) {
|
|
1447
|
+
z >= 2 && J.warn(b._format(e), ...t);
|
|
1448
|
+
}
|
|
1449
|
+
static error(e, ...t) {
|
|
1450
|
+
z >= 1 && J.error(b._format(e), ...t);
|
|
1451
|
+
}
|
|
1452
|
+
};
|
|
1453
|
+
me.reset();
|
|
1454
|
+
var gr = "10000000-1000-4000-8000-100000000000", K = class {
|
|
1455
|
+
static _randomWord() {
|
|
1456
|
+
return se.lib.WordArray.random(1).words[0];
|
|
1457
|
+
}
|
|
1458
|
+
/**
|
|
1459
|
+
* Generates RFC4122 version 4 guid
|
|
1460
|
+
*/
|
|
1461
|
+
static generateUUIDv4() {
|
|
1462
|
+
return gr.replace(
|
|
1463
|
+
/[018]/g,
|
|
1464
|
+
(t) => (+t ^ K._randomWord() & 15 >> +t / 4).toString(16)
|
|
1465
|
+
).replace(/-/g, "");
|
|
1466
|
+
}
|
|
1467
|
+
/**
|
|
1468
|
+
* PKCE: Generate a code verifier
|
|
1469
|
+
*/
|
|
1470
|
+
static generateCodeVerifier() {
|
|
1471
|
+
return K.generateUUIDv4() + K.generateUUIDv4() + K.generateUUIDv4();
|
|
1472
|
+
}
|
|
1473
|
+
/**
|
|
1474
|
+
* PKCE: Generate a code challenge
|
|
1475
|
+
*/
|
|
1476
|
+
static generateCodeChallenge(e) {
|
|
1477
|
+
try {
|
|
1478
|
+
const t = Ie(e);
|
|
1479
|
+
return ve.stringify(t).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
|
|
1480
|
+
} catch (t) {
|
|
1481
|
+
throw b.error("CryptoUtils.generateCodeChallenge", t), t;
|
|
1482
|
+
}
|
|
1483
|
+
}
|
|
1484
|
+
/**
|
|
1485
|
+
* Generates a base64-encoded string for a basic auth header
|
|
1486
|
+
*/
|
|
1487
|
+
static generateBasicAuth(e, t) {
|
|
1488
|
+
const r = Pe.parse([e, t].join(":"));
|
|
1489
|
+
return ve.stringify(r);
|
|
1490
|
+
}
|
|
1491
|
+
}, G = class {
|
|
1492
|
+
constructor(e) {
|
|
1493
|
+
this._name = e, this._logger = new b(`Event('${this._name}')`), this._callbacks = [];
|
|
1494
|
+
}
|
|
1495
|
+
addHandler(e) {
|
|
1496
|
+
return this._callbacks.push(e), () => this.removeHandler(e);
|
|
1497
|
+
}
|
|
1498
|
+
removeHandler(e) {
|
|
1499
|
+
const t = this._callbacks.lastIndexOf(e);
|
|
1500
|
+
t >= 0 && this._callbacks.splice(t, 1);
|
|
1501
|
+
}
|
|
1502
|
+
raise(...e) {
|
|
1503
|
+
this._logger.debug("raise:", ...e);
|
|
1504
|
+
for (const t of this._callbacks)
|
|
1505
|
+
t(...e);
|
|
1506
|
+
}
|
|
1507
|
+
}, Ue = class {
|
|
1508
|
+
// IMPORTANT: doesn't validate the token
|
|
1509
|
+
static decode(e) {
|
|
1510
|
+
try {
|
|
1511
|
+
return dr(e);
|
|
1512
|
+
} catch (t) {
|
|
1513
|
+
throw b.error("JwtUtils.decode", t), t;
|
|
1514
|
+
}
|
|
1515
|
+
}
|
|
1516
|
+
}, ct = class {
|
|
1517
|
+
/**
|
|
1518
|
+
* Populates a map of window features with a placement centered in front of
|
|
1519
|
+
* the current window. If no explicit width is given, a default value is
|
|
1520
|
+
* binned into [800, 720, 600, 480, 360] based on the current window's width.
|
|
1521
|
+
*/
|
|
1522
|
+
static center({ ...e }) {
|
|
1523
|
+
var t, r, s;
|
|
1524
|
+
return e.width == null && (e.width = (t = [800, 720, 600, 480].find((n) => n <= window.outerWidth / 1.618)) != null ? t : 360), (r = e.left) != null || (e.left = Math.max(0, Math.round(window.screenX + (window.outerWidth - e.width) / 2))), e.height != null && ((s = e.top) != null || (e.top = Math.max(0, Math.round(window.screenY + (window.outerHeight - e.height) / 2)))), e;
|
|
1525
|
+
}
|
|
1526
|
+
static serialize(e) {
|
|
1527
|
+
return Object.entries(e).filter(([, t]) => t != null).map(([t, r]) => `${t}=${typeof r != "boolean" ? r : r ? "yes" : "no"}`).join(",");
|
|
1528
|
+
}
|
|
1529
|
+
}, H = class extends G {
|
|
1530
|
+
constructor() {
|
|
1531
|
+
super(...arguments), this._logger = new b(`Timer('${this._name}')`), this._timerHandle = null, this._expiration = 0, this._callback = () => {
|
|
1532
|
+
const e = this._expiration - H.getEpochTime();
|
|
1533
|
+
this._logger.debug("timer completes in", e), this._expiration <= H.getEpochTime() && (this.cancel(), super.raise());
|
|
1534
|
+
};
|
|
1535
|
+
}
|
|
1536
|
+
// get the time
|
|
1537
|
+
static getEpochTime() {
|
|
1538
|
+
return Math.floor(Date.now() / 1e3);
|
|
1539
|
+
}
|
|
1540
|
+
init(e) {
|
|
1541
|
+
const t = this._logger.create("init");
|
|
1542
|
+
e = Math.max(Math.floor(e), 1);
|
|
1543
|
+
const r = H.getEpochTime() + e;
|
|
1544
|
+
if (this.expiration === r && this._timerHandle) {
|
|
1545
|
+
t.debug("skipping since already initialized for expiration at", this.expiration);
|
|
1546
|
+
return;
|
|
1547
|
+
}
|
|
1548
|
+
this.cancel(), t.debug("using duration", e), this._expiration = r;
|
|
1549
|
+
const s = Math.min(e, 5);
|
|
1550
|
+
this._timerHandle = setInterval(this._callback, s * 1e3);
|
|
1551
|
+
}
|
|
1552
|
+
get expiration() {
|
|
1553
|
+
return this._expiration;
|
|
1554
|
+
}
|
|
1555
|
+
cancel() {
|
|
1556
|
+
this._logger.create("cancel"), this._timerHandle && (clearInterval(this._timerHandle), this._timerHandle = null);
|
|
1557
|
+
}
|
|
1558
|
+
}, Ae = class {
|
|
1559
|
+
static readParams(e, t = "query") {
|
|
1560
|
+
if (!e)
|
|
1561
|
+
throw new TypeError("Invalid URL");
|
|
1562
|
+
const s = new URL(e, window.location.origin)[t === "fragment" ? "hash" : "search"];
|
|
1563
|
+
return new URLSearchParams(s.slice(1));
|
|
1564
|
+
}
|
|
1565
|
+
}, Z = class extends Error {
|
|
1566
|
+
constructor(e, t) {
|
|
1567
|
+
var r, s, n;
|
|
1568
|
+
if (super(e.error_description || e.error || ""), this.form = t, this.name = "ErrorResponse", !e.error)
|
|
1569
|
+
throw b.error("ErrorResponse", "No error passed"), new Error("No error passed");
|
|
1570
|
+
this.error = e.error, this.error_description = (r = e.error_description) != null ? r : null, this.error_uri = (s = e.error_uri) != null ? s : null, this.state = e.userState, this.session_state = (n = e.session_state) != null ? n : null;
|
|
1571
|
+
}
|
|
1572
|
+
}, Ne = class extends Error {
|
|
1573
|
+
constructor(e) {
|
|
1574
|
+
super(e), this.name = "ErrorTimeout";
|
|
1575
|
+
}
|
|
1576
|
+
}, fr = class {
|
|
1577
|
+
constructor(e) {
|
|
1578
|
+
this._logger = new b("AccessTokenEvents"), this._expiringTimer = new H("Access token expiring"), this._expiredTimer = new H("Access token expired"), this._expiringNotificationTimeInSeconds = e.expiringNotificationTimeInSeconds;
|
|
1579
|
+
}
|
|
1580
|
+
load(e) {
|
|
1581
|
+
const t = this._logger.create("load");
|
|
1582
|
+
if (e.access_token && e.expires_in !== void 0) {
|
|
1583
|
+
const r = e.expires_in;
|
|
1584
|
+
if (t.debug("access token present, remaining duration:", r), r > 0) {
|
|
1585
|
+
let n = r - this._expiringNotificationTimeInSeconds;
|
|
1586
|
+
n <= 0 && (n = 1), t.debug("registering expiring timer, raising in", n, "seconds"), this._expiringTimer.init(n);
|
|
1587
|
+
} else
|
|
1588
|
+
t.debug("canceling existing expiring timer because we're past expiration."), this._expiringTimer.cancel();
|
|
1589
|
+
const s = r + 1;
|
|
1590
|
+
t.debug("registering expired timer, raising in", s, "seconds"), this._expiredTimer.init(s);
|
|
1591
|
+
} else
|
|
1592
|
+
this._expiringTimer.cancel(), this._expiredTimer.cancel();
|
|
1593
|
+
}
|
|
1594
|
+
unload() {
|
|
1595
|
+
this._logger.debug("unload: canceling existing access token timers"), this._expiringTimer.cancel(), this._expiredTimer.cancel();
|
|
1596
|
+
}
|
|
1597
|
+
/**
|
|
1598
|
+
* Add callback: Raised prior to the access token expiring.
|
|
1599
|
+
*/
|
|
1600
|
+
addAccessTokenExpiring(e) {
|
|
1601
|
+
return this._expiringTimer.addHandler(e);
|
|
1602
|
+
}
|
|
1603
|
+
/**
|
|
1604
|
+
* Remove callback: Raised prior to the access token expiring.
|
|
1605
|
+
*/
|
|
1606
|
+
removeAccessTokenExpiring(e) {
|
|
1607
|
+
this._expiringTimer.removeHandler(e);
|
|
1608
|
+
}
|
|
1609
|
+
/**
|
|
1610
|
+
* Add callback: Raised after the access token has expired.
|
|
1611
|
+
*/
|
|
1612
|
+
addAccessTokenExpired(e) {
|
|
1613
|
+
return this._expiredTimer.addHandler(e);
|
|
1614
|
+
}
|
|
1615
|
+
/**
|
|
1616
|
+
* Remove callback: Raised after the access token has expired.
|
|
1617
|
+
*/
|
|
1618
|
+
removeAccessTokenExpired(e) {
|
|
1619
|
+
this._expiredTimer.removeHandler(e);
|
|
1620
|
+
}
|
|
1621
|
+
}, _r = class {
|
|
1622
|
+
constructor(e, t, r, s, n) {
|
|
1623
|
+
this._callback = e, this._client_id = t, this._intervalInSeconds = s, this._stopOnError = n, this._logger = new b("CheckSessionIFrame"), this._timer = null, this._session_state = null, this._message = (a) => {
|
|
1624
|
+
a.origin === this._frame_origin && a.source === this._frame.contentWindow && (a.data === "error" ? (this._logger.error("error message from check session op iframe"), this._stopOnError && this.stop()) : a.data === "changed" ? (this._logger.debug("changed message from check session op iframe"), this.stop(), this._callback()) : this._logger.debug(a.data + " message from check session op iframe"));
|
|
1625
|
+
};
|
|
1626
|
+
const o = new URL(r);
|
|
1627
|
+
this._frame_origin = o.origin, this._frame = window.document.createElement("iframe"), this._frame.style.visibility = "hidden", this._frame.style.position = "fixed", this._frame.style.left = "-1000px", this._frame.style.top = "0", this._frame.width = "0", this._frame.height = "0", this._frame.src = o.href;
|
|
1628
|
+
}
|
|
1629
|
+
load() {
|
|
1630
|
+
return new Promise((e) => {
|
|
1631
|
+
this._frame.onload = () => {
|
|
1632
|
+
e();
|
|
1633
|
+
}, window.document.body.appendChild(this._frame), window.addEventListener("message", this._message, !1);
|
|
1634
|
+
});
|
|
1635
|
+
}
|
|
1636
|
+
start(e) {
|
|
1637
|
+
if (this._session_state === e)
|
|
1638
|
+
return;
|
|
1639
|
+
this._logger.create("start"), this.stop(), this._session_state = e;
|
|
1640
|
+
const t = () => {
|
|
1641
|
+
!this._frame.contentWindow || !this._session_state || this._frame.contentWindow.postMessage(this._client_id + " " + this._session_state, this._frame_origin);
|
|
1642
|
+
};
|
|
1643
|
+
t(), this._timer = setInterval(t, this._intervalInSeconds * 1e3);
|
|
1644
|
+
}
|
|
1645
|
+
stop() {
|
|
1646
|
+
this._logger.create("stop"), this._session_state = null, this._timer && (clearInterval(this._timer), this._timer = null);
|
|
1647
|
+
}
|
|
1648
|
+
}, pt = class {
|
|
1649
|
+
constructor() {
|
|
1650
|
+
this._logger = new b("InMemoryWebStorage"), this._data = {};
|
|
1651
|
+
}
|
|
1652
|
+
clear() {
|
|
1653
|
+
this._logger.create("clear"), this._data = {};
|
|
1654
|
+
}
|
|
1655
|
+
getItem(e) {
|
|
1656
|
+
return this._logger.create(`getItem('${e}')`), this._data[e];
|
|
1657
|
+
}
|
|
1658
|
+
setItem(e, t) {
|
|
1659
|
+
this._logger.create(`setItem('${e}')`), this._data[e] = t;
|
|
1660
|
+
}
|
|
1661
|
+
removeItem(e) {
|
|
1662
|
+
this._logger.create(`removeItem('${e}')`), delete this._data[e];
|
|
1663
|
+
}
|
|
1664
|
+
get length() {
|
|
1665
|
+
return Object.getOwnPropertyNames(this._data).length;
|
|
1666
|
+
}
|
|
1667
|
+
key(e) {
|
|
1668
|
+
return Object.getOwnPropertyNames(this._data)[e];
|
|
1669
|
+
}
|
|
1670
|
+
}, qe = class {
|
|
1671
|
+
constructor(e = [], t = null) {
|
|
1672
|
+
this._jwtHandler = t, this._logger = new b("JsonService"), this._contentTypes = [], this._contentTypes.push(...e, "application/json"), t && this._contentTypes.push("application/jwt");
|
|
1673
|
+
}
|
|
1674
|
+
async fetchWithTimeout(e, t = {}) {
|
|
1675
|
+
const { timeoutInSeconds: r, ...s } = t;
|
|
1676
|
+
if (!r)
|
|
1677
|
+
return await fetch(e, s);
|
|
1678
|
+
const n = new AbortController(), o = setTimeout(() => n.abort(), r * 1e3);
|
|
1679
|
+
try {
|
|
1680
|
+
return await fetch(e, {
|
|
1681
|
+
...t,
|
|
1682
|
+
signal: n.signal
|
|
1683
|
+
});
|
|
1684
|
+
} catch (a) {
|
|
1685
|
+
throw a instanceof DOMException && a.name === "AbortError" ? new Ne("Network timed out") : a;
|
|
1686
|
+
} finally {
|
|
1687
|
+
clearTimeout(o);
|
|
1688
|
+
}
|
|
1689
|
+
}
|
|
1690
|
+
async getJson(e, {
|
|
1691
|
+
token: t,
|
|
1692
|
+
credentials: r
|
|
1693
|
+
} = {}) {
|
|
1694
|
+
const s = this._logger.create("getJson"), n = {
|
|
1695
|
+
Accept: this._contentTypes.join(", ")
|
|
1696
|
+
};
|
|
1697
|
+
t && (s.debug("token passed, setting Authorization header"), n.Authorization = "Bearer " + t);
|
|
1698
|
+
let o;
|
|
1699
|
+
try {
|
|
1700
|
+
s.debug("url:", e), o = await this.fetchWithTimeout(e, { method: "GET", headers: n, credentials: r });
|
|
1701
|
+
} catch (l) {
|
|
1702
|
+
throw s.error("Network Error"), l;
|
|
1703
|
+
}
|
|
1704
|
+
s.debug("HTTP response received, status", o.status);
|
|
1705
|
+
const a = o.headers.get("Content-Type");
|
|
1706
|
+
if (a && !this._contentTypes.find((l) => a.startsWith(l)) && s.throw(new Error(`Invalid response Content-Type: ${a ?? "undefined"}, from URL: ${e}`)), o.ok && this._jwtHandler && (a != null && a.startsWith("application/jwt")))
|
|
1707
|
+
return await this._jwtHandler(await o.text());
|
|
1708
|
+
let d;
|
|
1709
|
+
try {
|
|
1710
|
+
d = await o.json();
|
|
1711
|
+
} catch (l) {
|
|
1712
|
+
throw s.error("Error parsing JSON response", l), o.ok ? l : new Error(`${o.statusText} (${o.status})`);
|
|
1713
|
+
}
|
|
1714
|
+
if (!o.ok)
|
|
1715
|
+
throw s.error("Error from server:", d), d.error ? new Z(d) : new Error(`${o.statusText} (${o.status}): ${JSON.stringify(d)}`);
|
|
1716
|
+
return d;
|
|
1717
|
+
}
|
|
1718
|
+
async postForm(e, {
|
|
1719
|
+
body: t,
|
|
1720
|
+
basicAuth: r,
|
|
1721
|
+
timeoutInSeconds: s,
|
|
1722
|
+
initCredentials: n
|
|
1723
|
+
}) {
|
|
1724
|
+
const o = this._logger.create("postForm"), a = {
|
|
1725
|
+
Accept: this._contentTypes.join(", "),
|
|
1726
|
+
"Content-Type": "application/x-www-form-urlencoded"
|
|
1727
|
+
};
|
|
1728
|
+
r !== void 0 && (a.Authorization = "Basic " + r);
|
|
1729
|
+
let d;
|
|
1730
|
+
try {
|
|
1731
|
+
o.debug("url:", e), d = await this.fetchWithTimeout(e, { method: "POST", headers: a, body: t, timeoutInSeconds: s, credentials: n });
|
|
1732
|
+
} catch (_) {
|
|
1733
|
+
throw o.error("Network error"), _;
|
|
1734
|
+
}
|
|
1735
|
+
o.debug("HTTP response received, status", d.status);
|
|
1736
|
+
const l = d.headers.get("Content-Type");
|
|
1737
|
+
if (l && !this._contentTypes.find((_) => l.startsWith(_)))
|
|
1738
|
+
throw new Error(`Invalid response Content-Type: ${l ?? "undefined"}, from URL: ${e}`);
|
|
1739
|
+
const h = await d.text();
|
|
1740
|
+
let p = {};
|
|
1741
|
+
if (h)
|
|
1742
|
+
try {
|
|
1743
|
+
p = JSON.parse(h);
|
|
1744
|
+
} catch (_) {
|
|
1745
|
+
throw o.error("Error parsing JSON response", _), d.ok ? _ : new Error(`${d.statusText} (${d.status})`);
|
|
1746
|
+
}
|
|
1747
|
+
if (!d.ok)
|
|
1748
|
+
throw o.error("Error from server:", p), p.error ? new Z(p, t) : new Error(`${d.statusText} (${d.status}): ${JSON.stringify(p)}`);
|
|
1749
|
+
return p;
|
|
1750
|
+
}
|
|
1751
|
+
}, pr = class {
|
|
1752
|
+
constructor(e) {
|
|
1753
|
+
this._settings = e, this._logger = new b("MetadataService"), this._jsonService = new qe(["application/jwk-set+json"]), this._signingKeys = null, this._metadata = null, this._metadataUrl = this._settings.metadataUrl, this._settings.signingKeys && (this._logger.debug("using signingKeys from settings"), this._signingKeys = this._settings.signingKeys), this._settings.metadata && (this._logger.debug("using metadata from settings"), this._metadata = this._settings.metadata), this._settings.fetchRequestCredentials && (this._logger.debug("using fetchRequestCredentials from settings"), this._fetchRequestCredentials = this._settings.fetchRequestCredentials);
|
|
1754
|
+
}
|
|
1755
|
+
resetSigningKeys() {
|
|
1756
|
+
this._signingKeys = null;
|
|
1757
|
+
}
|
|
1758
|
+
async getMetadata() {
|
|
1759
|
+
const e = this._logger.create("getMetadata");
|
|
1760
|
+
if (this._metadata)
|
|
1761
|
+
return e.debug("using cached values"), this._metadata;
|
|
1762
|
+
if (!this._metadataUrl)
|
|
1763
|
+
throw e.throw(new Error("No authority or metadataUrl configured on settings")), null;
|
|
1764
|
+
e.debug("getting metadata from", this._metadataUrl);
|
|
1765
|
+
const t = await this._jsonService.getJson(this._metadataUrl, { credentials: this._fetchRequestCredentials });
|
|
1766
|
+
return e.debug("merging remote JSON with seed metadata"), this._metadata = Object.assign({}, this._settings.metadataSeed, t), this._metadata;
|
|
1767
|
+
}
|
|
1768
|
+
getIssuer() {
|
|
1769
|
+
return this._getMetadataProperty("issuer");
|
|
1770
|
+
}
|
|
1771
|
+
getAuthorizationEndpoint() {
|
|
1772
|
+
return this._getMetadataProperty("authorization_endpoint");
|
|
1773
|
+
}
|
|
1774
|
+
getUserInfoEndpoint() {
|
|
1775
|
+
return this._getMetadataProperty("userinfo_endpoint");
|
|
1776
|
+
}
|
|
1777
|
+
getTokenEndpoint(e = !0) {
|
|
1778
|
+
return this._getMetadataProperty("token_endpoint", e);
|
|
1779
|
+
}
|
|
1780
|
+
getCheckSessionIframe() {
|
|
1781
|
+
return this._getMetadataProperty("check_session_iframe", !0);
|
|
1782
|
+
}
|
|
1783
|
+
getEndSessionEndpoint() {
|
|
1784
|
+
return this._getMetadataProperty("end_session_endpoint", !0);
|
|
1785
|
+
}
|
|
1786
|
+
getRevocationEndpoint(e = !0) {
|
|
1787
|
+
return this._getMetadataProperty("revocation_endpoint", e);
|
|
1788
|
+
}
|
|
1789
|
+
getKeysEndpoint(e = !0) {
|
|
1790
|
+
return this._getMetadataProperty("jwks_uri", e);
|
|
1791
|
+
}
|
|
1792
|
+
async _getMetadataProperty(e, t = !1) {
|
|
1793
|
+
const r = this._logger.create(`_getMetadataProperty('${e}')`), s = await this.getMetadata();
|
|
1794
|
+
if (r.debug("resolved"), s[e] === void 0) {
|
|
1795
|
+
if (t === !0) {
|
|
1796
|
+
r.warn("Metadata does not contain optional property");
|
|
1797
|
+
return;
|
|
1798
|
+
}
|
|
1799
|
+
r.throw(new Error("Metadata does not contain property " + e));
|
|
1800
|
+
}
|
|
1801
|
+
return s[e];
|
|
1802
|
+
}
|
|
1803
|
+
async getSigningKeys() {
|
|
1804
|
+
const e = this._logger.create("getSigningKeys");
|
|
1805
|
+
if (this._signingKeys)
|
|
1806
|
+
return e.debug("returning signingKeys from cache"), this._signingKeys;
|
|
1807
|
+
const t = await this.getKeysEndpoint(!1);
|
|
1808
|
+
e.debug("got jwks_uri", t);
|
|
1809
|
+
const r = await this._jsonService.getJson(t);
|
|
1810
|
+
if (e.debug("got key set", r), !Array.isArray(r.keys))
|
|
1811
|
+
throw e.throw(new Error("Missing keys on keyset")), null;
|
|
1812
|
+
return this._signingKeys = r.keys, this._signingKeys;
|
|
1813
|
+
}
|
|
1814
|
+
}, vt = class {
|
|
1815
|
+
constructor({
|
|
1816
|
+
prefix: e = "oidc.",
|
|
1817
|
+
store: t = localStorage
|
|
1818
|
+
} = {}) {
|
|
1819
|
+
this._logger = new b("WebStorageStateStore"), this._store = t, this._prefix = e;
|
|
1820
|
+
}
|
|
1821
|
+
async set(e, t) {
|
|
1822
|
+
this._logger.create(`set('${e}')`), e = this._prefix + e, await this._store.setItem(e, t);
|
|
1823
|
+
}
|
|
1824
|
+
async get(e) {
|
|
1825
|
+
return this._logger.create(`get('${e}')`), e = this._prefix + e, await this._store.getItem(e);
|
|
1826
|
+
}
|
|
1827
|
+
async remove(e) {
|
|
1828
|
+
this._logger.create(`remove('${e}')`), e = this._prefix + e;
|
|
1829
|
+
const t = await this._store.getItem(e);
|
|
1830
|
+
return await this._store.removeItem(e), t;
|
|
1831
|
+
}
|
|
1832
|
+
async getAllKeys() {
|
|
1833
|
+
this._logger.create("getAllKeys");
|
|
1834
|
+
const e = await this._store.length, t = [];
|
|
1835
|
+
for (let r = 0; r < e; r++) {
|
|
1836
|
+
const s = await this._store.key(r);
|
|
1837
|
+
s && s.indexOf(this._prefix) === 0 && t.push(s.substr(this._prefix.length));
|
|
1838
|
+
}
|
|
1839
|
+
return t;
|
|
1840
|
+
}
|
|
1841
|
+
}, vr = "code", wr = "openid", mr = "client_secret_post", Sr = "query", yr = 60 * 15, br = 60 * 5, wt = class {
|
|
1842
|
+
constructor({
|
|
1843
|
+
// metadata related
|
|
1844
|
+
authority: e,
|
|
1845
|
+
metadataUrl: t,
|
|
1846
|
+
metadata: r,
|
|
1847
|
+
signingKeys: s,
|
|
1848
|
+
metadataSeed: n,
|
|
1849
|
+
// client related
|
|
1850
|
+
client_id: o,
|
|
1851
|
+
client_secret: a,
|
|
1852
|
+
response_type: d = vr,
|
|
1853
|
+
scope: l = wr,
|
|
1854
|
+
redirect_uri: h,
|
|
1855
|
+
post_logout_redirect_uri: p,
|
|
1856
|
+
client_authentication: _ = mr,
|
|
1857
|
+
// optional protocol
|
|
1858
|
+
prompt: y,
|
|
1859
|
+
display: w,
|
|
1860
|
+
max_age: I,
|
|
1861
|
+
ui_locales: v,
|
|
1862
|
+
acr_values: R,
|
|
1863
|
+
resource: k,
|
|
1864
|
+
response_mode: c = Sr,
|
|
1865
|
+
// behavior flags
|
|
1866
|
+
filterProtocolClaims: g = !0,
|
|
1867
|
+
loadUserInfo: m = !1,
|
|
1868
|
+
staleStateAgeInSeconds: E = yr,
|
|
1869
|
+
clockSkewInSeconds: P = br,
|
|
1870
|
+
userInfoJwtIssuer: O = "OP",
|
|
1871
|
+
mergeClaims: A = !1,
|
|
1872
|
+
disablePKCE: j = !1,
|
|
1873
|
+
// other behavior
|
|
1874
|
+
stateStore: B,
|
|
1875
|
+
refreshTokenCredentials: F,
|
|
1876
|
+
revokeTokenAdditionalContentTypes: L,
|
|
1877
|
+
fetchRequestCredentials: W,
|
|
1878
|
+
refreshTokenAllowedScope: $,
|
|
1879
|
+
// extra query params
|
|
1880
|
+
extraQueryParams: V = {},
|
|
1881
|
+
extraTokenParams: ee = {}
|
|
1882
|
+
}) {
|
|
1883
|
+
if (this.authority = e, t ? this.metadataUrl = t : (this.metadataUrl = e, e && (this.metadataUrl.endsWith("/") || (this.metadataUrl += "/"), this.metadataUrl += ".well-known/openid-configuration")), this.metadata = r, this.metadataSeed = n, this.signingKeys = s, this.client_id = o, this.client_secret = a, this.response_type = d, this.scope = l, this.redirect_uri = h, this.post_logout_redirect_uri = p, this.client_authentication = _, this.prompt = y, this.display = w, this.max_age = I, this.ui_locales = v, this.acr_values = R, this.resource = k, this.response_mode = c, this.filterProtocolClaims = g ?? !0, this.loadUserInfo = !!m, this.staleStateAgeInSeconds = E, this.clockSkewInSeconds = P, this.userInfoJwtIssuer = O, this.mergeClaims = !!A, this.disablePKCE = !!j, this.revokeTokenAdditionalContentTypes = L, W && F && console.warn("Both fetchRequestCredentials and refreshTokenCredentials is set. Only fetchRequestCredentials will be used."), this.fetchRequestCredentials = W || F || "same-origin", B)
|
|
1884
|
+
this.stateStore = B;
|
|
1885
|
+
else {
|
|
1886
|
+
const X = typeof window < "u" ? window.localStorage : new pt();
|
|
1887
|
+
this.stateStore = new vt({ store: X });
|
|
1888
|
+
}
|
|
1889
|
+
this.refreshTokenAllowedScope = $, this.extraQueryParams = V, this.extraTokenParams = ee;
|
|
1890
|
+
}
|
|
1891
|
+
}, kr = class {
|
|
1892
|
+
constructor(e, t) {
|
|
1893
|
+
this._settings = e, this._metadataService = t, this._logger = new b("UserInfoService"), this._getClaimsFromJwt = async (r) => {
|
|
1894
|
+
const s = this._logger.create("_getClaimsFromJwt");
|
|
1895
|
+
try {
|
|
1896
|
+
const n = Ue.decode(r);
|
|
1897
|
+
return s.debug("JWT decoding successful"), n;
|
|
1898
|
+
} catch (n) {
|
|
1899
|
+
throw s.error("Error parsing JWT response"), n;
|
|
1900
|
+
}
|
|
1901
|
+
}, this._jsonService = new qe(void 0, this._getClaimsFromJwt);
|
|
1902
|
+
}
|
|
1903
|
+
async getClaims(e) {
|
|
1904
|
+
const t = this._logger.create("getClaims");
|
|
1905
|
+
e || this._logger.throw(new Error("No token passed"));
|
|
1906
|
+
const r = await this._metadataService.getUserInfoEndpoint();
|
|
1907
|
+
t.debug("got userinfo url", r);
|
|
1908
|
+
const s = await this._jsonService.getJson(r, {
|
|
1909
|
+
token: e,
|
|
1910
|
+
credentials: this._settings.fetchRequestCredentials
|
|
1911
|
+
});
|
|
1912
|
+
return t.debug("got claims", s), s;
|
|
1913
|
+
}
|
|
1914
|
+
}, mt = class {
|
|
1915
|
+
constructor(e, t) {
|
|
1916
|
+
this._settings = e, this._metadataService = t, this._logger = new b("TokenClient"), this._jsonService = new qe(this._settings.revokeTokenAdditionalContentTypes);
|
|
1917
|
+
}
|
|
1918
|
+
async exchangeCode({
|
|
1919
|
+
grant_type: e = "authorization_code",
|
|
1920
|
+
redirect_uri: t = this._settings.redirect_uri,
|
|
1921
|
+
client_id: r = this._settings.client_id,
|
|
1922
|
+
client_secret: s = this._settings.client_secret,
|
|
1923
|
+
...n
|
|
1924
|
+
}) {
|
|
1925
|
+
const o = this._logger.create("exchangeCode");
|
|
1926
|
+
r || o.throw(new Error("A client_id is required")), t || o.throw(new Error("A redirect_uri is required")), n.code || o.throw(new Error("A code is required"));
|
|
1927
|
+
const a = new URLSearchParams({ grant_type: e, redirect_uri: t });
|
|
1928
|
+
for (const [p, _] of Object.entries(n))
|
|
1929
|
+
_ != null && a.set(p, _);
|
|
1930
|
+
let d;
|
|
1931
|
+
switch (this._settings.client_authentication) {
|
|
1932
|
+
case "client_secret_basic":
|
|
1933
|
+
if (!s)
|
|
1934
|
+
throw o.throw(new Error("A client_secret is required")), null;
|
|
1935
|
+
d = K.generateBasicAuth(r, s);
|
|
1936
|
+
break;
|
|
1937
|
+
case "client_secret_post":
|
|
1938
|
+
a.append("client_id", r), s && a.append("client_secret", s);
|
|
1939
|
+
break;
|
|
1940
|
+
}
|
|
1941
|
+
const l = await this._metadataService.getTokenEndpoint(!1);
|
|
1942
|
+
o.debug("got token endpoint");
|
|
1943
|
+
const h = await this._jsonService.postForm(l, { body: a, basicAuth: d, initCredentials: this._settings.fetchRequestCredentials });
|
|
1944
|
+
return o.debug("got response"), h;
|
|
1945
|
+
}
|
|
1946
|
+
async exchangeCredentials({
|
|
1947
|
+
grant_type: e = "password",
|
|
1948
|
+
client_id: t = this._settings.client_id,
|
|
1949
|
+
client_secret: r = this._settings.client_secret,
|
|
1950
|
+
scope: s = this._settings.scope,
|
|
1951
|
+
...n
|
|
1952
|
+
}) {
|
|
1953
|
+
const o = this._logger.create("exchangeCredentials");
|
|
1954
|
+
t || o.throw(new Error("A client_id is required"));
|
|
1955
|
+
const a = new URLSearchParams({ grant_type: e, scope: s });
|
|
1956
|
+
for (const [p, _] of Object.entries(n))
|
|
1957
|
+
_ != null && a.set(p, _);
|
|
1958
|
+
let d;
|
|
1959
|
+
switch (this._settings.client_authentication) {
|
|
1960
|
+
case "client_secret_basic":
|
|
1961
|
+
if (!r)
|
|
1962
|
+
throw o.throw(new Error("A client_secret is required")), null;
|
|
1963
|
+
d = K.generateBasicAuth(t, r);
|
|
1964
|
+
break;
|
|
1965
|
+
case "client_secret_post":
|
|
1966
|
+
a.append("client_id", t), r && a.append("client_secret", r);
|
|
1967
|
+
break;
|
|
1968
|
+
}
|
|
1969
|
+
const l = await this._metadataService.getTokenEndpoint(!1);
|
|
1970
|
+
o.debug("got token endpoint");
|
|
1971
|
+
const h = await this._jsonService.postForm(l, { body: a, basicAuth: d, initCredentials: this._settings.fetchRequestCredentials });
|
|
1972
|
+
return o.debug("got response"), h;
|
|
1973
|
+
}
|
|
1974
|
+
async exchangeRefreshToken({
|
|
1975
|
+
grant_type: e = "refresh_token",
|
|
1976
|
+
client_id: t = this._settings.client_id,
|
|
1977
|
+
client_secret: r = this._settings.client_secret,
|
|
1978
|
+
timeoutInSeconds: s,
|
|
1979
|
+
...n
|
|
1980
|
+
}) {
|
|
1981
|
+
const o = this._logger.create("exchangeRefreshToken");
|
|
1982
|
+
t || o.throw(new Error("A client_id is required")), n.refresh_token || o.throw(new Error("A refresh_token is required"));
|
|
1983
|
+
const a = new URLSearchParams({ grant_type: e });
|
|
1984
|
+
for (const [p, _] of Object.entries(n))
|
|
1985
|
+
_ != null && a.set(p, _);
|
|
1986
|
+
let d;
|
|
1987
|
+
switch (this._settings.client_authentication) {
|
|
1988
|
+
case "client_secret_basic":
|
|
1989
|
+
if (!r)
|
|
1990
|
+
throw o.throw(new Error("A client_secret is required")), null;
|
|
1991
|
+
d = K.generateBasicAuth(t, r);
|
|
1992
|
+
break;
|
|
1993
|
+
case "client_secret_post":
|
|
1994
|
+
a.append("client_id", t), r && a.append("client_secret", r);
|
|
1995
|
+
break;
|
|
1996
|
+
}
|
|
1997
|
+
const l = await this._metadataService.getTokenEndpoint(!1);
|
|
1998
|
+
o.debug("got token endpoint");
|
|
1999
|
+
const h = await this._jsonService.postForm(l, { body: a, basicAuth: d, timeoutInSeconds: s, initCredentials: this._settings.fetchRequestCredentials });
|
|
2000
|
+
return o.debug("got response"), h;
|
|
2001
|
+
}
|
|
2002
|
+
/**
|
|
2003
|
+
* Revoke an access or refresh token.
|
|
2004
|
+
*
|
|
2005
|
+
* @see https://datatracker.ietf.org/doc/html/rfc7009#section-2.1
|
|
2006
|
+
*/
|
|
2007
|
+
async revoke(e) {
|
|
2008
|
+
var t;
|
|
2009
|
+
const r = this._logger.create("revoke");
|
|
2010
|
+
e.token || r.throw(new Error("A token is required"));
|
|
2011
|
+
const s = await this._metadataService.getRevocationEndpoint(!1);
|
|
2012
|
+
r.debug(`got revocation endpoint, revoking ${(t = e.token_type_hint) != null ? t : "default token type"}`);
|
|
2013
|
+
const n = new URLSearchParams();
|
|
2014
|
+
for (const [o, a] of Object.entries(e))
|
|
2015
|
+
a != null && n.set(o, a);
|
|
2016
|
+
n.set("client_id", this._settings.client_id), this._settings.client_secret && n.set("client_secret", this._settings.client_secret), await this._jsonService.postForm(s, { body: n }), r.debug("got response");
|
|
2017
|
+
}
|
|
2018
|
+
}, Er = [
|
|
2019
|
+
"nbf",
|
|
2020
|
+
"jti",
|
|
2021
|
+
"auth_time",
|
|
2022
|
+
"nonce",
|
|
2023
|
+
"acr",
|
|
2024
|
+
"amr",
|
|
2025
|
+
"azp",
|
|
2026
|
+
"at_hash"
|
|
2027
|
+
// https://openid.net/specs/openid-connect-core-1_0.html#CodeIDToken
|
|
2028
|
+
], Rr = ["sub", "iss", "aud", "exp", "iat"], Tr = class {
|
|
2029
|
+
constructor(e, t) {
|
|
2030
|
+
this._settings = e, this._metadataService = t, this._logger = new b("ResponseValidator"), this._userInfoService = new kr(this._settings, this._metadataService), this._tokenClient = new mt(this._settings, this._metadataService);
|
|
2031
|
+
}
|
|
2032
|
+
async validateSigninResponse(e, t) {
|
|
2033
|
+
const r = this._logger.create("validateSigninResponse");
|
|
2034
|
+
this._processSigninState(e, t), r.debug("state processed"), await this._processCode(e, t), r.debug("code processed"), e.isOpenId && this._validateIdTokenAttributes(e), r.debug("tokens validated"), await this._processClaims(e, t == null ? void 0 : t.skipUserInfo, e.isOpenId), r.debug("claims processed");
|
|
2035
|
+
}
|
|
2036
|
+
async validateCredentialsResponse(e, t) {
|
|
2037
|
+
const r = this._logger.create("validateCredentialsResponse");
|
|
2038
|
+
e.isOpenId && this._validateIdTokenAttributes(e), r.debug("tokens validated"), await this._processClaims(e, t, e.isOpenId), r.debug("claims processed");
|
|
2039
|
+
}
|
|
2040
|
+
async validateRefreshResponse(e, t) {
|
|
2041
|
+
var r, s;
|
|
2042
|
+
const n = this._logger.create("validateRefreshResponse");
|
|
2043
|
+
e.userState = t.data, (r = e.session_state) != null || (e.session_state = t.session_state), (s = e.scope) != null || (e.scope = t.scope), e.isOpenId && e.id_token && (this._validateIdTokenAttributes(e, t.id_token), n.debug("ID Token validated")), e.id_token || (e.id_token = t.id_token, e.profile = t.profile);
|
|
2044
|
+
const o = e.isOpenId && !!e.id_token;
|
|
2045
|
+
await this._processClaims(e, !1, o), n.debug("claims processed");
|
|
2046
|
+
}
|
|
2047
|
+
validateSignoutResponse(e, t) {
|
|
2048
|
+
const r = this._logger.create("validateSignoutResponse");
|
|
2049
|
+
if (t.id !== e.state && r.throw(new Error("State does not match")), r.debug("state validated"), e.userState = t.data, e.error)
|
|
2050
|
+
throw r.warn("Response was error", e.error), new Z(e);
|
|
2051
|
+
}
|
|
2052
|
+
_processSigninState(e, t) {
|
|
2053
|
+
var r;
|
|
2054
|
+
const s = this._logger.create("_processSigninState");
|
|
2055
|
+
if (t.id !== e.state && s.throw(new Error("State does not match")), t.client_id || s.throw(new Error("No client_id on state")), t.authority || s.throw(new Error("No authority on state")), this._settings.authority !== t.authority && s.throw(new Error("authority mismatch on settings vs. signin state")), this._settings.client_id && this._settings.client_id !== t.client_id && s.throw(new Error("client_id mismatch on settings vs. signin state")), s.debug("state validated"), e.userState = t.data, (r = e.scope) != null || (e.scope = t.scope), e.error)
|
|
2056
|
+
throw s.warn("Response was error", e.error), new Z(e);
|
|
2057
|
+
t.code_verifier && !e.code && s.throw(new Error("Expected code in response"));
|
|
2058
|
+
}
|
|
2059
|
+
async _processClaims(e, t = !1, r = !0) {
|
|
2060
|
+
const s = this._logger.create("_processClaims");
|
|
2061
|
+
if (e.profile = this._filterProtocolClaims(e.profile), t || !this._settings.loadUserInfo || !e.access_token) {
|
|
2062
|
+
s.debug("not loading user info");
|
|
2063
|
+
return;
|
|
2064
|
+
}
|
|
2065
|
+
s.debug("loading user info");
|
|
2066
|
+
const n = await this._userInfoService.getClaims(e.access_token);
|
|
2067
|
+
s.debug("user info claims received from user info endpoint"), r && n.sub !== e.profile.sub && s.throw(new Error("subject from UserInfo response does not match subject in ID Token")), e.profile = this._mergeClaims(e.profile, this._filterProtocolClaims(n)), s.debug("user info claims received, updated profile:", e.profile);
|
|
2068
|
+
}
|
|
2069
|
+
_mergeClaims(e, t) {
|
|
2070
|
+
const r = { ...e };
|
|
2071
|
+
for (const [s, n] of Object.entries(t))
|
|
2072
|
+
for (const o of Array.isArray(n) ? n : [n]) {
|
|
2073
|
+
const a = r[s];
|
|
2074
|
+
a ? Array.isArray(a) ? a.includes(o) || a.push(o) : r[s] !== o && (typeof o == "object" && this._settings.mergeClaims ? r[s] = this._mergeClaims(a, o) : r[s] = [a, o]) : r[s] = o;
|
|
2075
|
+
}
|
|
2076
|
+
return r;
|
|
2077
|
+
}
|
|
2078
|
+
_filterProtocolClaims(e) {
|
|
2079
|
+
const t = { ...e };
|
|
2080
|
+
if (this._settings.filterProtocolClaims) {
|
|
2081
|
+
let r;
|
|
2082
|
+
Array.isArray(this._settings.filterProtocolClaims) ? r = this._settings.filterProtocolClaims : r = Er;
|
|
2083
|
+
for (const s of r)
|
|
2084
|
+
Rr.includes(s) || delete t[s];
|
|
2085
|
+
}
|
|
2086
|
+
return t;
|
|
2087
|
+
}
|
|
2088
|
+
async _processCode(e, t) {
|
|
2089
|
+
const r = this._logger.create("_processCode");
|
|
2090
|
+
if (e.code) {
|
|
2091
|
+
r.debug("Validating code");
|
|
2092
|
+
const s = await this._tokenClient.exchangeCode({
|
|
2093
|
+
client_id: t.client_id,
|
|
2094
|
+
client_secret: t.client_secret,
|
|
2095
|
+
code: e.code,
|
|
2096
|
+
redirect_uri: t.redirect_uri,
|
|
2097
|
+
code_verifier: t.code_verifier,
|
|
2098
|
+
...t.extraTokenParams
|
|
2099
|
+
});
|
|
2100
|
+
Object.assign(e, s);
|
|
2101
|
+
} else
|
|
2102
|
+
r.debug("No code to process");
|
|
2103
|
+
}
|
|
2104
|
+
_validateIdTokenAttributes(e, t) {
|
|
2105
|
+
var r;
|
|
2106
|
+
const s = this._logger.create("_validateIdTokenAttributes");
|
|
2107
|
+
s.debug("decoding ID Token JWT");
|
|
2108
|
+
const n = Ue.decode((r = e.id_token) != null ? r : "");
|
|
2109
|
+
if (n.sub || s.throw(new Error("ID Token is missing a subject claim")), t) {
|
|
2110
|
+
const o = Ue.decode(t);
|
|
2111
|
+
o.sub !== n.sub && s.throw(new Error("sub in id_token does not match current sub")), o.auth_time && o.auth_time !== n.auth_time && s.throw(new Error("auth_time in id_token does not match original auth_time")), o.azp && o.azp !== n.azp && s.throw(new Error("azp in id_token does not match original azp")), !o.azp && n.azp && s.throw(new Error("azp not in id_token, but present in original id_token"));
|
|
2112
|
+
}
|
|
2113
|
+
e.profile = n;
|
|
2114
|
+
}
|
|
2115
|
+
}, ie = class {
|
|
2116
|
+
constructor(e) {
|
|
2117
|
+
this.id = e.id || K.generateUUIDv4(), this.data = e.data, e.created && e.created > 0 ? this.created = e.created : this.created = H.getEpochTime(), this.request_type = e.request_type;
|
|
2118
|
+
}
|
|
2119
|
+
toStorageString() {
|
|
2120
|
+
return new b("State").create("toStorageString"), JSON.stringify({
|
|
2121
|
+
id: this.id,
|
|
2122
|
+
data: this.data,
|
|
2123
|
+
created: this.created,
|
|
2124
|
+
request_type: this.request_type
|
|
2125
|
+
});
|
|
2126
|
+
}
|
|
2127
|
+
static fromStorageString(e) {
|
|
2128
|
+
return b.createStatic("State", "fromStorageString"), new ie(JSON.parse(e));
|
|
2129
|
+
}
|
|
2130
|
+
static async clearStaleState(e, t) {
|
|
2131
|
+
const r = b.createStatic("State", "clearStaleState"), s = H.getEpochTime() - t, n = await e.getAllKeys();
|
|
2132
|
+
r.debug("got keys", n);
|
|
2133
|
+
for (let o = 0; o < n.length; o++) {
|
|
2134
|
+
const a = n[o], d = await e.get(a);
|
|
2135
|
+
let l = !1;
|
|
2136
|
+
if (d)
|
|
2137
|
+
try {
|
|
2138
|
+
const h = ie.fromStorageString(d);
|
|
2139
|
+
r.debug("got item from key:", a, h.created), h.created <= s && (l = !0);
|
|
2140
|
+
} catch (h) {
|
|
2141
|
+
r.error("Error parsing state for key:", a, h), l = !0;
|
|
2142
|
+
}
|
|
2143
|
+
else
|
|
2144
|
+
r.debug("no item in storage for key:", a), l = !0;
|
|
2145
|
+
l && (r.debug("removed item for key:", a), e.remove(a));
|
|
2146
|
+
}
|
|
2147
|
+
}
|
|
2148
|
+
}, We = class extends ie {
|
|
2149
|
+
constructor(e) {
|
|
2150
|
+
super(e), e.code_verifier === !0 ? this.code_verifier = K.generateCodeVerifier() : e.code_verifier && (this.code_verifier = e.code_verifier), this.code_verifier && (this.code_challenge = K.generateCodeChallenge(this.code_verifier)), this.authority = e.authority, this.client_id = e.client_id, this.redirect_uri = e.redirect_uri, this.scope = e.scope, this.client_secret = e.client_secret, this.extraTokenParams = e.extraTokenParams, this.response_mode = e.response_mode, this.skipUserInfo = e.skipUserInfo;
|
|
2151
|
+
}
|
|
2152
|
+
toStorageString() {
|
|
2153
|
+
return new b("SigninState").create("toStorageString"), JSON.stringify({
|
|
2154
|
+
id: this.id,
|
|
2155
|
+
data: this.data,
|
|
2156
|
+
created: this.created,
|
|
2157
|
+
request_type: this.request_type,
|
|
2158
|
+
code_verifier: this.code_verifier,
|
|
2159
|
+
authority: this.authority,
|
|
2160
|
+
client_id: this.client_id,
|
|
2161
|
+
redirect_uri: this.redirect_uri,
|
|
2162
|
+
scope: this.scope,
|
|
2163
|
+
client_secret: this.client_secret,
|
|
2164
|
+
extraTokenParams: this.extraTokenParams,
|
|
2165
|
+
response_mode: this.response_mode,
|
|
2166
|
+
skipUserInfo: this.skipUserInfo
|
|
2167
|
+
});
|
|
2168
|
+
}
|
|
2169
|
+
static fromStorageString(e) {
|
|
2170
|
+
b.createStatic("SigninState", "fromStorageString");
|
|
2171
|
+
const t = JSON.parse(e);
|
|
2172
|
+
return new We(t);
|
|
2173
|
+
}
|
|
2174
|
+
}, xr = class {
|
|
2175
|
+
constructor({
|
|
2176
|
+
// mandatory
|
|
2177
|
+
url: e,
|
|
2178
|
+
authority: t,
|
|
2179
|
+
client_id: r,
|
|
2180
|
+
redirect_uri: s,
|
|
2181
|
+
response_type: n,
|
|
2182
|
+
scope: o,
|
|
2183
|
+
// optional
|
|
2184
|
+
state_data: a,
|
|
2185
|
+
response_mode: d,
|
|
2186
|
+
request_type: l,
|
|
2187
|
+
client_secret: h,
|
|
2188
|
+
nonce: p,
|
|
2189
|
+
resource: _,
|
|
2190
|
+
skipUserInfo: y,
|
|
2191
|
+
extraQueryParams: w,
|
|
2192
|
+
extraTokenParams: I,
|
|
2193
|
+
disablePKCE: v,
|
|
2194
|
+
...R
|
|
2195
|
+
}) {
|
|
2196
|
+
if (this._logger = new b("SigninRequest"), !e)
|
|
2197
|
+
throw this._logger.error("ctor: No url passed"), new Error("url");
|
|
2198
|
+
if (!r)
|
|
2199
|
+
throw this._logger.error("ctor: No client_id passed"), new Error("client_id");
|
|
2200
|
+
if (!s)
|
|
2201
|
+
throw this._logger.error("ctor: No redirect_uri passed"), new Error("redirect_uri");
|
|
2202
|
+
if (!n)
|
|
2203
|
+
throw this._logger.error("ctor: No response_type passed"), new Error("response_type");
|
|
2204
|
+
if (!o)
|
|
2205
|
+
throw this._logger.error("ctor: No scope passed"), new Error("scope");
|
|
2206
|
+
if (!t)
|
|
2207
|
+
throw this._logger.error("ctor: No authority passed"), new Error("authority");
|
|
2208
|
+
this.state = new We({
|
|
2209
|
+
data: a,
|
|
2210
|
+
request_type: l,
|
|
2211
|
+
code_verifier: !v,
|
|
2212
|
+
client_id: r,
|
|
2213
|
+
authority: t,
|
|
2214
|
+
redirect_uri: s,
|
|
2215
|
+
response_mode: d,
|
|
2216
|
+
client_secret: h,
|
|
2217
|
+
scope: o,
|
|
2218
|
+
extraTokenParams: I,
|
|
2219
|
+
skipUserInfo: y
|
|
2220
|
+
});
|
|
2221
|
+
const k = new URL(e);
|
|
2222
|
+
k.searchParams.append("client_id", r), k.searchParams.append("redirect_uri", s), k.searchParams.append("response_type", n), k.searchParams.append("scope", o), p && k.searchParams.append("nonce", p), k.searchParams.append("state", this.state.id), this.state.code_challenge && (k.searchParams.append("code_challenge", this.state.code_challenge), k.searchParams.append("code_challenge_method", "S256")), _ && (Array.isArray(_) ? _ : [_]).forEach((g) => k.searchParams.append("resource", g));
|
|
2223
|
+
for (const [c, g] of Object.entries({ response_mode: d, ...R, ...w }))
|
|
2224
|
+
g != null && k.searchParams.append(c, g.toString());
|
|
2225
|
+
this.url = k.href;
|
|
2226
|
+
}
|
|
2227
|
+
}, Cr = "openid", Ce = class {
|
|
2228
|
+
constructor(e) {
|
|
2229
|
+
this.access_token = "", this.token_type = "", this.profile = {}, this.state = e.get("state"), this.session_state = e.get("session_state"), this.error = e.get("error"), this.error_description = e.get("error_description"), this.error_uri = e.get("error_uri"), this.code = e.get("code");
|
|
2230
|
+
}
|
|
2231
|
+
get expires_in() {
|
|
2232
|
+
if (this.expires_at !== void 0)
|
|
2233
|
+
return this.expires_at - H.getEpochTime();
|
|
2234
|
+
}
|
|
2235
|
+
set expires_in(e) {
|
|
2236
|
+
typeof e == "string" && (e = Number(e)), e !== void 0 && e >= 0 && (this.expires_at = Math.floor(e) + H.getEpochTime());
|
|
2237
|
+
}
|
|
2238
|
+
get isOpenId() {
|
|
2239
|
+
var e;
|
|
2240
|
+
return ((e = this.scope) == null ? void 0 : e.split(" ").includes(Cr)) || !!this.id_token;
|
|
2241
|
+
}
|
|
2242
|
+
}, Ir = class {
|
|
2243
|
+
constructor({
|
|
2244
|
+
url: e,
|
|
2245
|
+
state_data: t,
|
|
2246
|
+
id_token_hint: r,
|
|
2247
|
+
post_logout_redirect_uri: s,
|
|
2248
|
+
extraQueryParams: n,
|
|
2249
|
+
request_type: o
|
|
2250
|
+
}) {
|
|
2251
|
+
if (this._logger = new b("SignoutRequest"), !e)
|
|
2252
|
+
throw this._logger.error("ctor: No url passed"), new Error("url");
|
|
2253
|
+
const a = new URL(e);
|
|
2254
|
+
r && a.searchParams.append("id_token_hint", r), s && (a.searchParams.append("post_logout_redirect_uri", s), t && (this.state = new ie({ data: t, request_type: o }), a.searchParams.append("state", this.state.id)));
|
|
2255
|
+
for (const [d, l] of Object.entries({ ...n }))
|
|
2256
|
+
l != null && a.searchParams.append(d, l.toString());
|
|
2257
|
+
this.url = a.href;
|
|
2258
|
+
}
|
|
2259
|
+
}, Pr = class {
|
|
2260
|
+
constructor(e) {
|
|
2261
|
+
this.state = e.get("state"), this.error = e.get("error"), this.error_description = e.get("error_description"), this.error_uri = e.get("error_uri");
|
|
2262
|
+
}
|
|
2263
|
+
}, Or = class {
|
|
2264
|
+
constructor(e) {
|
|
2265
|
+
this._logger = new b("OidcClient"), this.settings = new wt(e), this.metadataService = new pr(this.settings), this._validator = new Tr(this.settings, this.metadataService), this._tokenClient = new mt(this.settings, this.metadataService);
|
|
2266
|
+
}
|
|
2267
|
+
async createSigninRequest({
|
|
2268
|
+
state: e,
|
|
2269
|
+
request: t,
|
|
2270
|
+
request_uri: r,
|
|
2271
|
+
request_type: s,
|
|
2272
|
+
id_token_hint: n,
|
|
2273
|
+
login_hint: o,
|
|
2274
|
+
skipUserInfo: a,
|
|
2275
|
+
nonce: d,
|
|
2276
|
+
response_type: l = this.settings.response_type,
|
|
2277
|
+
scope: h = this.settings.scope,
|
|
2278
|
+
redirect_uri: p = this.settings.redirect_uri,
|
|
2279
|
+
prompt: _ = this.settings.prompt,
|
|
2280
|
+
display: y = this.settings.display,
|
|
2281
|
+
max_age: w = this.settings.max_age,
|
|
2282
|
+
ui_locales: I = this.settings.ui_locales,
|
|
2283
|
+
acr_values: v = this.settings.acr_values,
|
|
2284
|
+
resource: R = this.settings.resource,
|
|
2285
|
+
response_mode: k = this.settings.response_mode,
|
|
2286
|
+
extraQueryParams: c = this.settings.extraQueryParams,
|
|
2287
|
+
extraTokenParams: g = this.settings.extraTokenParams
|
|
2288
|
+
}) {
|
|
2289
|
+
const m = this._logger.create("createSigninRequest");
|
|
2290
|
+
if (l !== "code")
|
|
2291
|
+
throw new Error("Only the Authorization Code flow (with PKCE) is supported");
|
|
2292
|
+
const E = await this.metadataService.getAuthorizationEndpoint();
|
|
2293
|
+
m.debug("Received authorization endpoint", E);
|
|
2294
|
+
const P = new xr({
|
|
2295
|
+
url: E,
|
|
2296
|
+
authority: this.settings.authority,
|
|
2297
|
+
client_id: this.settings.client_id,
|
|
2298
|
+
redirect_uri: p,
|
|
2299
|
+
response_type: l,
|
|
2300
|
+
scope: h,
|
|
2301
|
+
state_data: e,
|
|
2302
|
+
prompt: _,
|
|
2303
|
+
display: y,
|
|
2304
|
+
max_age: w,
|
|
2305
|
+
ui_locales: I,
|
|
2306
|
+
id_token_hint: n,
|
|
2307
|
+
login_hint: o,
|
|
2308
|
+
acr_values: v,
|
|
2309
|
+
resource: R,
|
|
2310
|
+
request: t,
|
|
2311
|
+
request_uri: r,
|
|
2312
|
+
extraQueryParams: c,
|
|
2313
|
+
extraTokenParams: g,
|
|
2314
|
+
request_type: s,
|
|
2315
|
+
response_mode: k,
|
|
2316
|
+
client_secret: this.settings.client_secret,
|
|
2317
|
+
skipUserInfo: a,
|
|
2318
|
+
nonce: d,
|
|
2319
|
+
disablePKCE: this.settings.disablePKCE
|
|
2320
|
+
});
|
|
2321
|
+
await this.clearStaleState();
|
|
2322
|
+
const O = P.state;
|
|
2323
|
+
return await this.settings.stateStore.set(O.id, O.toStorageString()), P;
|
|
2324
|
+
}
|
|
2325
|
+
async readSigninResponseState(e, t = !1) {
|
|
2326
|
+
const r = this._logger.create("readSigninResponseState"), s = new Ce(Ae.readParams(e, this.settings.response_mode));
|
|
2327
|
+
if (!s.state)
|
|
2328
|
+
throw r.throw(new Error("No state in response")), null;
|
|
2329
|
+
const n = await this.settings.stateStore[t ? "remove" : "get"](s.state);
|
|
2330
|
+
if (!n)
|
|
2331
|
+
throw r.throw(new Error("No matching state found in storage")), null;
|
|
2332
|
+
return { state: We.fromStorageString(n), response: s };
|
|
2333
|
+
}
|
|
2334
|
+
async processSigninResponse(e) {
|
|
2335
|
+
const t = this._logger.create("processSigninResponse"), { state: r, response: s } = await this.readSigninResponseState(e, !0);
|
|
2336
|
+
return t.debug("received state from storage; validating response"), await this._validator.validateSigninResponse(s, r), s;
|
|
2337
|
+
}
|
|
2338
|
+
async processResourceOwnerPasswordCredentials({
|
|
2339
|
+
username: e,
|
|
2340
|
+
password: t,
|
|
2341
|
+
skipUserInfo: r = !1,
|
|
2342
|
+
extraTokenParams: s = {}
|
|
2343
|
+
}) {
|
|
2344
|
+
const n = await this._tokenClient.exchangeCredentials({ username: e, password: t, ...s }), o = new Ce(new URLSearchParams());
|
|
2345
|
+
return Object.assign(o, n), await this._validator.validateCredentialsResponse(o, r), o;
|
|
2346
|
+
}
|
|
2347
|
+
async useRefreshToken({
|
|
2348
|
+
state: e,
|
|
2349
|
+
timeoutInSeconds: t
|
|
2350
|
+
}) {
|
|
2351
|
+
var r;
|
|
2352
|
+
const s = this._logger.create("useRefreshToken");
|
|
2353
|
+
let n;
|
|
2354
|
+
if (this.settings.refreshTokenAllowedScope === void 0)
|
|
2355
|
+
n = e.scope;
|
|
2356
|
+
else {
|
|
2357
|
+
const d = this.settings.refreshTokenAllowedScope.split(" ");
|
|
2358
|
+
n = (((r = e.scope) == null ? void 0 : r.split(" ")) || []).filter((h) => d.includes(h)).join(" ");
|
|
2359
|
+
}
|
|
2360
|
+
const o = await this._tokenClient.exchangeRefreshToken({
|
|
2361
|
+
refresh_token: e.refresh_token,
|
|
2362
|
+
// provide the (possible filtered) scope list
|
|
2363
|
+
scope: n,
|
|
2364
|
+
timeoutInSeconds: t
|
|
2365
|
+
}), a = new Ce(new URLSearchParams());
|
|
2366
|
+
return Object.assign(a, o), s.debug("validating response", a), await this._validator.validateRefreshResponse(a, {
|
|
2367
|
+
...e,
|
|
2368
|
+
// overide the scope in the state handed over to the validator
|
|
2369
|
+
// so it can set the granted scope to the requested scope in case none is included in the response
|
|
2370
|
+
scope: n
|
|
2371
|
+
}), a;
|
|
2372
|
+
}
|
|
2373
|
+
async createSignoutRequest({
|
|
2374
|
+
state: e,
|
|
2375
|
+
id_token_hint: t,
|
|
2376
|
+
request_type: r,
|
|
2377
|
+
post_logout_redirect_uri: s = this.settings.post_logout_redirect_uri,
|
|
2378
|
+
extraQueryParams: n = this.settings.extraQueryParams
|
|
2379
|
+
} = {}) {
|
|
2380
|
+
const o = this._logger.create("createSignoutRequest"), a = await this.metadataService.getEndSessionEndpoint();
|
|
2381
|
+
if (!a)
|
|
2382
|
+
throw o.throw(new Error("No end session endpoint")), null;
|
|
2383
|
+
o.debug("Received end session endpoint", a);
|
|
2384
|
+
const d = new Ir({
|
|
2385
|
+
url: a,
|
|
2386
|
+
id_token_hint: t,
|
|
2387
|
+
post_logout_redirect_uri: s,
|
|
2388
|
+
state_data: e,
|
|
2389
|
+
extraQueryParams: n,
|
|
2390
|
+
request_type: r
|
|
2391
|
+
});
|
|
2392
|
+
await this.clearStaleState();
|
|
2393
|
+
const l = d.state;
|
|
2394
|
+
return l && (o.debug("Signout request has state to persist"), await this.settings.stateStore.set(l.id, l.toStorageString())), d;
|
|
2395
|
+
}
|
|
2396
|
+
async readSignoutResponseState(e, t = !1) {
|
|
2397
|
+
const r = this._logger.create("readSignoutResponseState"), s = new Pr(Ae.readParams(e, this.settings.response_mode));
|
|
2398
|
+
if (!s.state) {
|
|
2399
|
+
if (r.debug("No state in response"), s.error)
|
|
2400
|
+
throw r.warn("Response was error:", s.error), new Z(s);
|
|
2401
|
+
return { state: void 0, response: s };
|
|
2402
|
+
}
|
|
2403
|
+
const n = await this.settings.stateStore[t ? "remove" : "get"](s.state);
|
|
2404
|
+
if (!n)
|
|
2405
|
+
throw r.throw(new Error("No matching state found in storage")), null;
|
|
2406
|
+
return { state: ie.fromStorageString(n), response: s };
|
|
2407
|
+
}
|
|
2408
|
+
async processSignoutResponse(e) {
|
|
2409
|
+
const t = this._logger.create("processSignoutResponse"), { state: r, response: s } = await this.readSignoutResponseState(e, !0);
|
|
2410
|
+
return r ? (t.debug("Received state from storage; validating response"), this._validator.validateSignoutResponse(s, r)) : t.debug("No state from storage; skipping response validation"), s;
|
|
2411
|
+
}
|
|
2412
|
+
clearStaleState() {
|
|
2413
|
+
return this._logger.create("clearStaleState"), ie.clearStaleState(this.settings.stateStore, this.settings.staleStateAgeInSeconds);
|
|
2414
|
+
}
|
|
2415
|
+
async revokeToken(e, t) {
|
|
2416
|
+
return this._logger.create("revokeToken"), await this._tokenClient.revoke({
|
|
2417
|
+
token: e,
|
|
2418
|
+
token_type_hint: t
|
|
2419
|
+
});
|
|
2420
|
+
}
|
|
2421
|
+
}, Ur = class {
|
|
2422
|
+
constructor(e) {
|
|
2423
|
+
this._userManager = e, this._logger = new b("SessionMonitor"), this._start = async (t) => {
|
|
2424
|
+
const r = t.session_state;
|
|
2425
|
+
if (!r)
|
|
2426
|
+
return;
|
|
2427
|
+
const s = this._logger.create("_start");
|
|
2428
|
+
if (t.profile ? (this._sub = t.profile.sub, this._sid = t.profile.sid, s.debug("session_state", r, ", sub", this._sub)) : (this._sub = void 0, this._sid = void 0, s.debug("session_state", r, ", anonymous user")), this._checkSessionIFrame) {
|
|
2429
|
+
this._checkSessionIFrame.start(r);
|
|
2430
|
+
return;
|
|
2431
|
+
}
|
|
2432
|
+
try {
|
|
2433
|
+
const n = await this._userManager.metadataService.getCheckSessionIframe();
|
|
2434
|
+
if (n) {
|
|
2435
|
+
s.debug("initializing check session iframe");
|
|
2436
|
+
const o = this._userManager.settings.client_id, a = this._userManager.settings.checkSessionIntervalInSeconds, d = this._userManager.settings.stopCheckSessionOnError, l = new _r(this._callback, o, n, a, d);
|
|
2437
|
+
await l.load(), this._checkSessionIFrame = l, l.start(r);
|
|
2438
|
+
} else
|
|
2439
|
+
s.warn("no check session iframe found in the metadata");
|
|
2440
|
+
} catch (n) {
|
|
2441
|
+
s.error("Error from getCheckSessionIframe:", n instanceof Error ? n.message : n);
|
|
2442
|
+
}
|
|
2443
|
+
}, this._stop = () => {
|
|
2444
|
+
const t = this._logger.create("_stop");
|
|
2445
|
+
if (this._sub = void 0, this._sid = void 0, this._checkSessionIFrame && this._checkSessionIFrame.stop(), this._userManager.settings.monitorAnonymousSession) {
|
|
2446
|
+
const r = setInterval(async () => {
|
|
2447
|
+
clearInterval(r);
|
|
2448
|
+
try {
|
|
2449
|
+
const s = await this._userManager.querySessionStatus();
|
|
2450
|
+
if (s) {
|
|
2451
|
+
const n = {
|
|
2452
|
+
session_state: s.session_state,
|
|
2453
|
+
profile: s.sub && s.sid ? {
|
|
2454
|
+
sub: s.sub,
|
|
2455
|
+
sid: s.sid
|
|
2456
|
+
} : null
|
|
2457
|
+
};
|
|
2458
|
+
this._start(n);
|
|
2459
|
+
}
|
|
2460
|
+
} catch (s) {
|
|
2461
|
+
t.error("error from querySessionStatus", s instanceof Error ? s.message : s);
|
|
2462
|
+
}
|
|
2463
|
+
}, 1e3);
|
|
2464
|
+
}
|
|
2465
|
+
}, this._callback = async () => {
|
|
2466
|
+
const t = this._logger.create("_callback");
|
|
2467
|
+
try {
|
|
2468
|
+
const r = await this._userManager.querySessionStatus();
|
|
2469
|
+
let s = !0;
|
|
2470
|
+
r && this._checkSessionIFrame ? r.sub === this._sub ? (s = !1, this._checkSessionIFrame.start(r.session_state), r.sid === this._sid ? t.debug("same sub still logged in at OP, restarting check session iframe; session_state", r.session_state) : (t.debug("same sub still logged in at OP, session state has changed, restarting check session iframe; session_state", r.session_state), this._userManager.events._raiseUserSessionChanged())) : t.debug("different subject signed into OP", r.sub) : t.debug("subject no longer signed into OP"), s ? this._sub ? this._userManager.events._raiseUserSignedOut() : this._userManager.events._raiseUserSignedIn() : t.debug("no change in session detected, no event to raise");
|
|
2471
|
+
} catch (r) {
|
|
2472
|
+
this._sub && (t.debug("Error calling queryCurrentSigninSession; raising signed out event", r), this._userManager.events._raiseUserSignedOut());
|
|
2473
|
+
}
|
|
2474
|
+
}, e || this._logger.throw(new Error("No user manager passed")), this._userManager.events.addUserLoaded(this._start), this._userManager.events.addUserUnloaded(this._stop), this._init().catch((t) => {
|
|
2475
|
+
this._logger.error(t);
|
|
2476
|
+
});
|
|
2477
|
+
}
|
|
2478
|
+
async _init() {
|
|
2479
|
+
this._logger.create("_init");
|
|
2480
|
+
const e = await this._userManager.getUser();
|
|
2481
|
+
if (e)
|
|
2482
|
+
this._start(e);
|
|
2483
|
+
else if (this._userManager.settings.monitorAnonymousSession) {
|
|
2484
|
+
const t = await this._userManager.querySessionStatus();
|
|
2485
|
+
if (t) {
|
|
2486
|
+
const r = {
|
|
2487
|
+
session_state: t.session_state,
|
|
2488
|
+
profile: t.sub && t.sid ? {
|
|
2489
|
+
sub: t.sub,
|
|
2490
|
+
sid: t.sid
|
|
2491
|
+
} : null
|
|
2492
|
+
};
|
|
2493
|
+
this._start(r);
|
|
2494
|
+
}
|
|
2495
|
+
}
|
|
2496
|
+
}
|
|
2497
|
+
}, _e = class {
|
|
2498
|
+
constructor(e) {
|
|
2499
|
+
var t;
|
|
2500
|
+
this.id_token = e.id_token, this.session_state = (t = e.session_state) != null ? t : null, this.access_token = e.access_token, this.refresh_token = e.refresh_token, this.token_type = e.token_type, this.scope = e.scope, this.profile = e.profile, this.expires_at = e.expires_at, this.state = e.userState;
|
|
2501
|
+
}
|
|
2502
|
+
/** Computed number of seconds the access token has remaining. */
|
|
2503
|
+
get expires_in() {
|
|
2504
|
+
if (this.expires_at !== void 0)
|
|
2505
|
+
return this.expires_at - H.getEpochTime();
|
|
2506
|
+
}
|
|
2507
|
+
set expires_in(e) {
|
|
2508
|
+
e !== void 0 && (this.expires_at = Math.floor(e) + H.getEpochTime());
|
|
2509
|
+
}
|
|
2510
|
+
/** Computed value indicating if the access token is expired. */
|
|
2511
|
+
get expired() {
|
|
2512
|
+
const e = this.expires_in;
|
|
2513
|
+
if (e !== void 0)
|
|
2514
|
+
return e <= 0;
|
|
2515
|
+
}
|
|
2516
|
+
/** Array representing the parsed values from the `scope`. */
|
|
2517
|
+
get scopes() {
|
|
2518
|
+
var e, t;
|
|
2519
|
+
return (t = (e = this.scope) == null ? void 0 : e.split(" ")) != null ? t : [];
|
|
2520
|
+
}
|
|
2521
|
+
toStorageString() {
|
|
2522
|
+
return new b("User").create("toStorageString"), JSON.stringify({
|
|
2523
|
+
id_token: this.id_token,
|
|
2524
|
+
session_state: this.session_state,
|
|
2525
|
+
access_token: this.access_token,
|
|
2526
|
+
refresh_token: this.refresh_token,
|
|
2527
|
+
token_type: this.token_type,
|
|
2528
|
+
scope: this.scope,
|
|
2529
|
+
profile: this.profile,
|
|
2530
|
+
expires_at: this.expires_at
|
|
2531
|
+
});
|
|
2532
|
+
}
|
|
2533
|
+
static fromStorageString(e) {
|
|
2534
|
+
return b.createStatic("User", "fromStorageString"), new _e(JSON.parse(e));
|
|
2535
|
+
}
|
|
2536
|
+
}, lt = "oidc-client", St = class {
|
|
2537
|
+
constructor() {
|
|
2538
|
+
this._abort = new G("Window navigation aborted"), this._disposeHandlers = /* @__PURE__ */ new Set(), this._window = null;
|
|
2539
|
+
}
|
|
2540
|
+
async navigate(e) {
|
|
2541
|
+
const t = this._logger.create("navigate");
|
|
2542
|
+
if (!this._window)
|
|
2543
|
+
throw new Error("Attempted to navigate on a disposed window");
|
|
2544
|
+
t.debug("setting URL in window"), this._window.location.replace(e.url);
|
|
2545
|
+
const { url: r, keepOpen: s } = await new Promise((n, o) => {
|
|
2546
|
+
const a = (d) => {
|
|
2547
|
+
var l;
|
|
2548
|
+
const h = d.data, p = (l = e.scriptOrigin) != null ? l : window.location.origin;
|
|
2549
|
+
if (!(d.origin !== p || (h == null ? void 0 : h.source) !== lt)) {
|
|
2550
|
+
try {
|
|
2551
|
+
const _ = Ae.readParams(h.url, e.response_mode).get("state");
|
|
2552
|
+
if (_ || t.warn("no state found in response url"), d.source !== this._window && _ !== e.state)
|
|
2553
|
+
return;
|
|
2554
|
+
} catch {
|
|
2555
|
+
this._dispose(), o(new Error("Invalid response from window"));
|
|
2556
|
+
}
|
|
2557
|
+
n(h);
|
|
2558
|
+
}
|
|
2559
|
+
};
|
|
2560
|
+
window.addEventListener("message", a, !1), this._disposeHandlers.add(() => window.removeEventListener("message", a, !1)), this._disposeHandlers.add(this._abort.addHandler((d) => {
|
|
2561
|
+
this._dispose(), o(d);
|
|
2562
|
+
}));
|
|
2563
|
+
});
|
|
2564
|
+
return t.debug("got response from window"), this._dispose(), s || this.close(), { url: r };
|
|
2565
|
+
}
|
|
2566
|
+
_dispose() {
|
|
2567
|
+
this._logger.create("_dispose");
|
|
2568
|
+
for (const e of this._disposeHandlers)
|
|
2569
|
+
e();
|
|
2570
|
+
this._disposeHandlers.clear();
|
|
2571
|
+
}
|
|
2572
|
+
static _notifyParent(e, t, r = !1, s = window.location.origin) {
|
|
2573
|
+
e.postMessage({
|
|
2574
|
+
source: lt,
|
|
2575
|
+
url: t,
|
|
2576
|
+
keepOpen: r
|
|
2577
|
+
}, s);
|
|
2578
|
+
}
|
|
2579
|
+
}, yt = {
|
|
2580
|
+
location: !1,
|
|
2581
|
+
toolbar: !1,
|
|
2582
|
+
height: 640
|
|
2583
|
+
}, bt = "_blank", Ar = 60, jr = 2, kt = 10, Nr = class extends wt {
|
|
2584
|
+
constructor(e) {
|
|
2585
|
+
const {
|
|
2586
|
+
popup_redirect_uri: t = e.redirect_uri,
|
|
2587
|
+
popup_post_logout_redirect_uri: r = e.post_logout_redirect_uri,
|
|
2588
|
+
popupWindowFeatures: s = yt,
|
|
2589
|
+
popupWindowTarget: n = bt,
|
|
2590
|
+
redirectMethod: o = "assign",
|
|
2591
|
+
redirectTarget: a = "self",
|
|
2592
|
+
iframeNotifyParentOrigin: d = e.iframeNotifyParentOrigin,
|
|
2593
|
+
iframeScriptOrigin: l = e.iframeScriptOrigin,
|
|
2594
|
+
silent_redirect_uri: h = e.redirect_uri,
|
|
2595
|
+
silentRequestTimeoutInSeconds: p = kt,
|
|
2596
|
+
automaticSilentRenew: _ = !0,
|
|
2597
|
+
validateSubOnSilentRenew: y = !0,
|
|
2598
|
+
includeIdTokenInSilentRenew: w = !1,
|
|
2599
|
+
monitorSession: I = !1,
|
|
2600
|
+
monitorAnonymousSession: v = !1,
|
|
2601
|
+
checkSessionIntervalInSeconds: R = jr,
|
|
2602
|
+
query_status_response_type: k = "code",
|
|
2603
|
+
stopCheckSessionOnError: c = !0,
|
|
2604
|
+
revokeTokenTypes: g = ["access_token", "refresh_token"],
|
|
2605
|
+
revokeTokensOnSignout: m = !1,
|
|
2606
|
+
includeIdTokenInSilentSignout: E = !1,
|
|
2607
|
+
accessTokenExpiringNotificationTimeInSeconds: P = Ar,
|
|
2608
|
+
userStore: O
|
|
2609
|
+
} = e;
|
|
2610
|
+
if (super(e), this.popup_redirect_uri = t, this.popup_post_logout_redirect_uri = r, this.popupWindowFeatures = s, this.popupWindowTarget = n, this.redirectMethod = o, this.redirectTarget = a, this.iframeNotifyParentOrigin = d, this.iframeScriptOrigin = l, this.silent_redirect_uri = h, this.silentRequestTimeoutInSeconds = p, this.automaticSilentRenew = _, this.validateSubOnSilentRenew = y, this.includeIdTokenInSilentRenew = w, this.monitorSession = I, this.monitorAnonymousSession = v, this.checkSessionIntervalInSeconds = R, this.stopCheckSessionOnError = c, this.query_status_response_type = k, this.revokeTokenTypes = g, this.revokeTokensOnSignout = m, this.includeIdTokenInSilentSignout = E, this.accessTokenExpiringNotificationTimeInSeconds = P, O)
|
|
2611
|
+
this.userStore = O;
|
|
2612
|
+
else {
|
|
2613
|
+
const A = typeof window < "u" ? window.sessionStorage : new pt();
|
|
2614
|
+
this.userStore = new vt({ store: A });
|
|
2615
|
+
}
|
|
2616
|
+
}
|
|
2617
|
+
}, je = class extends St {
|
|
2618
|
+
constructor({
|
|
2619
|
+
silentRequestTimeoutInSeconds: e = kt
|
|
2620
|
+
}) {
|
|
2621
|
+
super(), this._logger = new b("IFrameWindow"), this._timeoutInSeconds = e, this._frame = je.createHiddenIframe(), this._window = this._frame.contentWindow;
|
|
2622
|
+
}
|
|
2623
|
+
static createHiddenIframe() {
|
|
2624
|
+
const e = window.document.createElement("iframe");
|
|
2625
|
+
return e.style.visibility = "hidden", e.style.position = "fixed", e.style.left = "-1000px", e.style.top = "0", e.width = "0", e.height = "0", e.setAttribute("sandbox", "allow-scripts allow-same-origin allow-forms"), window.document.body.appendChild(e), e;
|
|
2626
|
+
}
|
|
2627
|
+
async navigate(e) {
|
|
2628
|
+
this._logger.debug("navigate: Using timeout of:", this._timeoutInSeconds);
|
|
2629
|
+
const t = setTimeout(() => this._abort.raise(new Ne("IFrame timed out without a response")), this._timeoutInSeconds * 1e3);
|
|
2630
|
+
return this._disposeHandlers.add(() => clearTimeout(t)), await super.navigate(e);
|
|
2631
|
+
}
|
|
2632
|
+
close() {
|
|
2633
|
+
var e;
|
|
2634
|
+
this._frame && (this._frame.parentNode && (this._frame.addEventListener("load", (t) => {
|
|
2635
|
+
var r;
|
|
2636
|
+
const s = t.target;
|
|
2637
|
+
(r = s.parentNode) == null || r.removeChild(s), this._abort.raise(new Error("IFrame removed from DOM"));
|
|
2638
|
+
}, !0), (e = this._frame.contentWindow) == null || e.location.replace("about:blank")), this._frame = null), this._window = null;
|
|
2639
|
+
}
|
|
2640
|
+
static notifyParent(e, t) {
|
|
2641
|
+
return super._notifyParent(window.parent, e, !1, t);
|
|
2642
|
+
}
|
|
2643
|
+
}, qr = class {
|
|
2644
|
+
constructor(e) {
|
|
2645
|
+
this._settings = e, this._logger = new b("IFrameNavigator");
|
|
2646
|
+
}
|
|
2647
|
+
async prepare({
|
|
2648
|
+
silentRequestTimeoutInSeconds: e = this._settings.silentRequestTimeoutInSeconds
|
|
2649
|
+
}) {
|
|
2650
|
+
return new je({ silentRequestTimeoutInSeconds: e });
|
|
2651
|
+
}
|
|
2652
|
+
async callback(e) {
|
|
2653
|
+
this._logger.create("callback"), je.notifyParent(e, this._settings.iframeNotifyParentOrigin);
|
|
2654
|
+
}
|
|
2655
|
+
}, Wr = 500, ut = class extends St {
|
|
2656
|
+
constructor({
|
|
2657
|
+
popupWindowTarget: e = bt,
|
|
2658
|
+
popupWindowFeatures: t = {}
|
|
2659
|
+
}) {
|
|
2660
|
+
super(), this._logger = new b("PopupWindow");
|
|
2661
|
+
const r = ct.center({ ...yt, ...t });
|
|
2662
|
+
this._window = window.open(void 0, e, ct.serialize(r));
|
|
2663
|
+
}
|
|
2664
|
+
async navigate(e) {
|
|
2665
|
+
var t;
|
|
2666
|
+
(t = this._window) == null || t.focus();
|
|
2667
|
+
const r = setInterval(() => {
|
|
2668
|
+
(!this._window || this._window.closed) && this._abort.raise(new Error("Popup closed by user"));
|
|
2669
|
+
}, Wr);
|
|
2670
|
+
return this._disposeHandlers.add(() => clearInterval(r)), await super.navigate(e);
|
|
2671
|
+
}
|
|
2672
|
+
close() {
|
|
2673
|
+
this._window && (this._window.closed || (this._window.close(), this._abort.raise(new Error("Popup closed")))), this._window = null;
|
|
2674
|
+
}
|
|
2675
|
+
static notifyOpener(e, t) {
|
|
2676
|
+
if (!window.opener)
|
|
2677
|
+
throw new Error("No window.opener. Can't complete notification.");
|
|
2678
|
+
return super._notifyParent(window.opener, e, t);
|
|
2679
|
+
}
|
|
2680
|
+
}, Mr = class {
|
|
2681
|
+
constructor(e) {
|
|
2682
|
+
this._settings = e, this._logger = new b("PopupNavigator");
|
|
2683
|
+
}
|
|
2684
|
+
async prepare({
|
|
2685
|
+
popupWindowFeatures: e = this._settings.popupWindowFeatures,
|
|
2686
|
+
popupWindowTarget: t = this._settings.popupWindowTarget
|
|
2687
|
+
}) {
|
|
2688
|
+
return new ut({ popupWindowFeatures: e, popupWindowTarget: t });
|
|
2689
|
+
}
|
|
2690
|
+
async callback(e, t = !1) {
|
|
2691
|
+
this._logger.create("callback"), ut.notifyOpener(e, t);
|
|
2692
|
+
}
|
|
2693
|
+
}, Fr = class {
|
|
2694
|
+
constructor(e) {
|
|
2695
|
+
this._settings = e, this._logger = new b("RedirectNavigator");
|
|
2696
|
+
}
|
|
2697
|
+
async prepare({
|
|
2698
|
+
redirectMethod: e = this._settings.redirectMethod,
|
|
2699
|
+
redirectTarget: t = this._settings.redirectTarget
|
|
2700
|
+
}) {
|
|
2701
|
+
var r;
|
|
2702
|
+
this._logger.create("prepare");
|
|
2703
|
+
let s = window.self;
|
|
2704
|
+
t === "top" && (s = (r = window.top) != null ? r : window.self);
|
|
2705
|
+
const n = s.location[e].bind(s.location);
|
|
2706
|
+
let o;
|
|
2707
|
+
return {
|
|
2708
|
+
navigate: async (a) => {
|
|
2709
|
+
this._logger.create("navigate");
|
|
2710
|
+
const d = new Promise((l, h) => {
|
|
2711
|
+
o = h;
|
|
2712
|
+
});
|
|
2713
|
+
return n(a.url), await d;
|
|
2714
|
+
},
|
|
2715
|
+
close: () => {
|
|
2716
|
+
this._logger.create("close"), o == null || o(new Error("Redirect aborted")), s.stop();
|
|
2717
|
+
}
|
|
2718
|
+
};
|
|
2719
|
+
}
|
|
2720
|
+
}, Dr = class extends fr {
|
|
2721
|
+
constructor(e) {
|
|
2722
|
+
super({ expiringNotificationTimeInSeconds: e.accessTokenExpiringNotificationTimeInSeconds }), this._logger = new b("UserManagerEvents"), this._userLoaded = new G("User loaded"), this._userUnloaded = new G("User unloaded"), this._silentRenewError = new G("Silent renew error"), this._userSignedIn = new G("User signed in"), this._userSignedOut = new G("User signed out"), this._userSessionChanged = new G("User session changed");
|
|
2723
|
+
}
|
|
2724
|
+
load(e, t = !0) {
|
|
2725
|
+
super.load(e), t && this._userLoaded.raise(e);
|
|
2726
|
+
}
|
|
2727
|
+
unload() {
|
|
2728
|
+
super.unload(), this._userUnloaded.raise();
|
|
2729
|
+
}
|
|
2730
|
+
/**
|
|
2731
|
+
* Add callback: Raised when a user session has been established (or re-established).
|
|
2732
|
+
*/
|
|
2733
|
+
addUserLoaded(e) {
|
|
2734
|
+
return this._userLoaded.addHandler(e);
|
|
2735
|
+
}
|
|
2736
|
+
/**
|
|
2737
|
+
* Remove callback: Raised when a user session has been established (or re-established).
|
|
2738
|
+
*/
|
|
2739
|
+
removeUserLoaded(e) {
|
|
2740
|
+
return this._userLoaded.removeHandler(e);
|
|
2741
|
+
}
|
|
2742
|
+
/**
|
|
2743
|
+
* Add callback: Raised when a user session has been terminated.
|
|
2744
|
+
*/
|
|
2745
|
+
addUserUnloaded(e) {
|
|
2746
|
+
return this._userUnloaded.addHandler(e);
|
|
2747
|
+
}
|
|
2748
|
+
/**
|
|
2749
|
+
* Remove callback: Raised when a user session has been terminated.
|
|
2750
|
+
*/
|
|
2751
|
+
removeUserUnloaded(e) {
|
|
2752
|
+
return this._userUnloaded.removeHandler(e);
|
|
2753
|
+
}
|
|
2754
|
+
/**
|
|
2755
|
+
* Add callback: Raised when the automatic silent renew has failed.
|
|
2756
|
+
*/
|
|
2757
|
+
addSilentRenewError(e) {
|
|
2758
|
+
return this._silentRenewError.addHandler(e);
|
|
2759
|
+
}
|
|
2760
|
+
/**
|
|
2761
|
+
* Remove callback: Raised when the automatic silent renew has failed.
|
|
2762
|
+
*/
|
|
2763
|
+
removeSilentRenewError(e) {
|
|
2764
|
+
return this._silentRenewError.removeHandler(e);
|
|
2765
|
+
}
|
|
2766
|
+
/**
|
|
2767
|
+
* @internal
|
|
2768
|
+
*/
|
|
2769
|
+
_raiseSilentRenewError(e) {
|
|
2770
|
+
this._silentRenewError.raise(e);
|
|
2771
|
+
}
|
|
2772
|
+
/**
|
|
2773
|
+
* Add callback: Raised when the user is signed in (when `monitorSession` is set).
|
|
2774
|
+
* @see {@link UserManagerSettings.monitorSession}
|
|
2775
|
+
*/
|
|
2776
|
+
addUserSignedIn(e) {
|
|
2777
|
+
return this._userSignedIn.addHandler(e);
|
|
2778
|
+
}
|
|
2779
|
+
/**
|
|
2780
|
+
* Remove callback: Raised when the user is signed in (when `monitorSession` is set).
|
|
2781
|
+
*/
|
|
2782
|
+
removeUserSignedIn(e) {
|
|
2783
|
+
this._userSignedIn.removeHandler(e);
|
|
2784
|
+
}
|
|
2785
|
+
/**
|
|
2786
|
+
* @internal
|
|
2787
|
+
*/
|
|
2788
|
+
_raiseUserSignedIn() {
|
|
2789
|
+
this._userSignedIn.raise();
|
|
2790
|
+
}
|
|
2791
|
+
/**
|
|
2792
|
+
* Add callback: Raised when the user's sign-in status at the OP has changed (when `monitorSession` is set).
|
|
2793
|
+
* @see {@link UserManagerSettings.monitorSession}
|
|
2794
|
+
*/
|
|
2795
|
+
addUserSignedOut(e) {
|
|
2796
|
+
return this._userSignedOut.addHandler(e);
|
|
2797
|
+
}
|
|
2798
|
+
/**
|
|
2799
|
+
* Remove callback: Raised when the user's sign-in status at the OP has changed (when `monitorSession` is set).
|
|
2800
|
+
*/
|
|
2801
|
+
removeUserSignedOut(e) {
|
|
2802
|
+
this._userSignedOut.removeHandler(e);
|
|
2803
|
+
}
|
|
2804
|
+
/**
|
|
2805
|
+
* @internal
|
|
2806
|
+
*/
|
|
2807
|
+
_raiseUserSignedOut() {
|
|
2808
|
+
this._userSignedOut.raise();
|
|
2809
|
+
}
|
|
2810
|
+
/**
|
|
2811
|
+
* Add callback: Raised when the user session changed (when `monitorSession` is set).
|
|
2812
|
+
* @see {@link UserManagerSettings.monitorSession}
|
|
2813
|
+
*/
|
|
2814
|
+
addUserSessionChanged(e) {
|
|
2815
|
+
return this._userSessionChanged.addHandler(e);
|
|
2816
|
+
}
|
|
2817
|
+
/**
|
|
2818
|
+
* Remove callback: Raised when the user session changed (when `monitorSession` is set).
|
|
2819
|
+
*/
|
|
2820
|
+
removeUserSessionChanged(e) {
|
|
2821
|
+
this._userSessionChanged.removeHandler(e);
|
|
2822
|
+
}
|
|
2823
|
+
/**
|
|
2824
|
+
* @internal
|
|
2825
|
+
*/
|
|
2826
|
+
_raiseUserSessionChanged() {
|
|
2827
|
+
this._userSessionChanged.raise();
|
|
2828
|
+
}
|
|
2829
|
+
}, Hr = class {
|
|
2830
|
+
constructor(e) {
|
|
2831
|
+
this._userManager = e, this._logger = new b("SilentRenewService"), this._isStarted = !1, this._retryTimer = new H("Retry Silent Renew"), this._tokenExpiring = async () => {
|
|
2832
|
+
const t = this._logger.create("_tokenExpiring");
|
|
2833
|
+
try {
|
|
2834
|
+
await this._userManager.signinSilent(), t.debug("silent token renewal successful");
|
|
2835
|
+
} catch (r) {
|
|
2836
|
+
if (r instanceof Ne) {
|
|
2837
|
+
t.warn("ErrorTimeout from signinSilent:", r, "retry in 5s"), this._retryTimer.init(5);
|
|
2838
|
+
return;
|
|
2839
|
+
}
|
|
2840
|
+
t.error("Error from signinSilent:", r), this._userManager.events._raiseSilentRenewError(r);
|
|
2841
|
+
}
|
|
2842
|
+
};
|
|
2843
|
+
}
|
|
2844
|
+
async start() {
|
|
2845
|
+
const e = this._logger.create("start");
|
|
2846
|
+
if (!this._isStarted) {
|
|
2847
|
+
this._isStarted = !0, this._userManager.events.addAccessTokenExpiring(this._tokenExpiring), this._retryTimer.addHandler(this._tokenExpiring);
|
|
2848
|
+
try {
|
|
2849
|
+
await this._userManager.getUser();
|
|
2850
|
+
} catch (t) {
|
|
2851
|
+
e.error("getUser error", t);
|
|
2852
|
+
}
|
|
2853
|
+
}
|
|
2854
|
+
}
|
|
2855
|
+
stop() {
|
|
2856
|
+
this._isStarted && (this._retryTimer.cancel(), this._retryTimer.removeHandler(this._tokenExpiring), this._userManager.events.removeAccessTokenExpiring(this._tokenExpiring), this._isStarted = !1);
|
|
2857
|
+
}
|
|
2858
|
+
}, Br = class {
|
|
2859
|
+
constructor(e) {
|
|
2860
|
+
this.refresh_token = e.refresh_token, this.id_token = e.id_token, this.session_state = e.session_state, this.scope = e.scope, this.profile = e.profile, this.data = e.state;
|
|
2861
|
+
}
|
|
2862
|
+
}, Xr = class {
|
|
2863
|
+
constructor(e) {
|
|
2864
|
+
this._logger = new b("UserManager"), this.settings = new Nr(e), this._client = new Or(e), this._redirectNavigator = new Fr(this.settings), this._popupNavigator = new Mr(this.settings), this._iframeNavigator = new qr(this.settings), this._events = new Dr(this.settings), this._silentRenewService = new Hr(this), this.settings.automaticSilentRenew && this.startSilentRenew(), this._sessionMonitor = null, this.settings.monitorSession && (this._sessionMonitor = new Ur(this));
|
|
2865
|
+
}
|
|
2866
|
+
/** Returns an object used to register for events raised by the `UserManager`. */
|
|
2867
|
+
get events() {
|
|
2868
|
+
return this._events;
|
|
2869
|
+
}
|
|
2870
|
+
/** Returns an object used to access the metadata configuration of the OIDC provider. */
|
|
2871
|
+
get metadataService() {
|
|
2872
|
+
return this._client.metadataService;
|
|
2873
|
+
}
|
|
2874
|
+
/**
|
|
2875
|
+
* Returns promise to load the `User` object for the currently authenticated user.
|
|
2876
|
+
*/
|
|
2877
|
+
async getUser() {
|
|
2878
|
+
const e = this._logger.create("getUser"), t = await this._loadUser();
|
|
2879
|
+
return t ? (e.info("user loaded"), this._events.load(t, !1), t) : (e.info("user not found in storage"), null);
|
|
2880
|
+
}
|
|
2881
|
+
/**
|
|
2882
|
+
* Returns promise to remove from any storage the currently authenticated user.
|
|
2883
|
+
*/
|
|
2884
|
+
async removeUser() {
|
|
2885
|
+
const e = this._logger.create("removeUser");
|
|
2886
|
+
await this.storeUser(null), e.info("user removed from storage"), this._events.unload();
|
|
2887
|
+
}
|
|
2888
|
+
/**
|
|
2889
|
+
* Returns promise to trigger a redirect of the current window to the authorization endpoint.
|
|
2890
|
+
*/
|
|
2891
|
+
async signinRedirect(e = {}) {
|
|
2892
|
+
this._logger.create("signinRedirect");
|
|
2893
|
+
const {
|
|
2894
|
+
redirectMethod: t,
|
|
2895
|
+
...r
|
|
2896
|
+
} = e, s = await this._redirectNavigator.prepare({ redirectMethod: t });
|
|
2897
|
+
await this._signinStart({
|
|
2898
|
+
request_type: "si:r",
|
|
2899
|
+
...r
|
|
2900
|
+
}, s);
|
|
2901
|
+
}
|
|
2902
|
+
/**
|
|
2903
|
+
* Returns promise to process response from the authorization endpoint. The result of the promise is the authenticated `User`.
|
|
2904
|
+
*/
|
|
2905
|
+
async signinRedirectCallback(e = window.location.href) {
|
|
2906
|
+
const t = this._logger.create("signinRedirectCallback"), r = await this._signinEnd(e);
|
|
2907
|
+
return r.profile && r.profile.sub ? t.info("success, signed in subject", r.profile.sub) : t.info("no subject"), r;
|
|
2908
|
+
}
|
|
2909
|
+
/**
|
|
2910
|
+
* Returns promise to process the signin with user/password. The result of the promise is the authenticated `User`.
|
|
2911
|
+
*
|
|
2912
|
+
* Throws an ErrorResponse in case of wrong authentication.
|
|
2913
|
+
*/
|
|
2914
|
+
async signinResourceOwnerCredentials({
|
|
2915
|
+
username: e,
|
|
2916
|
+
password: t,
|
|
2917
|
+
skipUserInfo: r = !1
|
|
2918
|
+
}) {
|
|
2919
|
+
const s = this._logger.create("signinResourceOwnerCredential"), n = await this._client.processResourceOwnerPasswordCredentials({ username: e, password: t, skipUserInfo: r, extraTokenParams: this.settings.extraTokenParams });
|
|
2920
|
+
s.debug("got signin response");
|
|
2921
|
+
const o = await this._buildUser(n);
|
|
2922
|
+
return o.profile && o.profile.sub ? s.info("success, signed in subject", o.profile.sub) : s.info("no subject"), o;
|
|
2923
|
+
}
|
|
2924
|
+
/**
|
|
2925
|
+
* Returns promise to trigger a request (via a popup window) to the authorization endpoint. The result of the promise is the authenticated `User`.
|
|
2926
|
+
*/
|
|
2927
|
+
async signinPopup(e = {}) {
|
|
2928
|
+
const t = this._logger.create("signinPopup"), {
|
|
2929
|
+
popupWindowFeatures: r,
|
|
2930
|
+
popupWindowTarget: s,
|
|
2931
|
+
...n
|
|
2932
|
+
} = e, o = this.settings.popup_redirect_uri;
|
|
2933
|
+
o || t.throw(new Error("No popup_redirect_uri configured"));
|
|
2934
|
+
const a = await this._popupNavigator.prepare({ popupWindowFeatures: r, popupWindowTarget: s }), d = await this._signin({
|
|
2935
|
+
request_type: "si:p",
|
|
2936
|
+
redirect_uri: o,
|
|
2937
|
+
display: "popup",
|
|
2938
|
+
...n
|
|
2939
|
+
}, a);
|
|
2940
|
+
return d && (d.profile && d.profile.sub ? t.info("success, signed in subject", d.profile.sub) : t.info("no subject")), d;
|
|
2941
|
+
}
|
|
2942
|
+
/**
|
|
2943
|
+
* Returns promise to notify the opening window of response from the authorization endpoint.
|
|
2944
|
+
*/
|
|
2945
|
+
async signinPopupCallback(e = window.location.href, t = !1) {
|
|
2946
|
+
const r = this._logger.create("signinPopupCallback");
|
|
2947
|
+
await this._popupNavigator.callback(e, t), r.info("success");
|
|
2948
|
+
}
|
|
2949
|
+
/**
|
|
2950
|
+
* Returns promise to trigger a silent request (via an iframe) to the authorization endpoint.
|
|
2951
|
+
* The result of the promise is the authenticated `User`.
|
|
2952
|
+
*/
|
|
2953
|
+
async signinSilent(e = {}) {
|
|
2954
|
+
var t;
|
|
2955
|
+
const r = this._logger.create("signinSilent"), {
|
|
2956
|
+
silentRequestTimeoutInSeconds: s,
|
|
2957
|
+
...n
|
|
2958
|
+
} = e;
|
|
2959
|
+
let o = await this._loadUser();
|
|
2960
|
+
if (o != null && o.refresh_token) {
|
|
2961
|
+
r.debug("using refresh token");
|
|
2962
|
+
const h = new Br(o);
|
|
2963
|
+
return await this._useRefreshToken(h);
|
|
2964
|
+
}
|
|
2965
|
+
const a = this.settings.silent_redirect_uri;
|
|
2966
|
+
a || r.throw(new Error("No silent_redirect_uri configured"));
|
|
2967
|
+
let d;
|
|
2968
|
+
o && this.settings.validateSubOnSilentRenew && (r.debug("subject prior to silent renew:", o.profile.sub), d = o.profile.sub);
|
|
2969
|
+
const l = await this._iframeNavigator.prepare({ silentRequestTimeoutInSeconds: s });
|
|
2970
|
+
return o = await this._signin({
|
|
2971
|
+
request_type: "si:s",
|
|
2972
|
+
redirect_uri: a,
|
|
2973
|
+
prompt: "none",
|
|
2974
|
+
id_token_hint: this.settings.includeIdTokenInSilentRenew ? o == null ? void 0 : o.id_token : void 0,
|
|
2975
|
+
...n
|
|
2976
|
+
}, l, d), o && ((t = o.profile) != null && t.sub ? r.info("success, signed in subject", o.profile.sub) : r.info("no subject")), o;
|
|
2977
|
+
}
|
|
2978
|
+
async _useRefreshToken(e) {
|
|
2979
|
+
const t = await this._client.useRefreshToken({
|
|
2980
|
+
state: e,
|
|
2981
|
+
timeoutInSeconds: this.settings.silentRequestTimeoutInSeconds
|
|
2982
|
+
}), r = new _e({ ...e, ...t });
|
|
2983
|
+
return await this.storeUser(r), this._events.load(r), r;
|
|
2984
|
+
}
|
|
2985
|
+
/**
|
|
2986
|
+
* Returns promise to notify the parent window of response from the authorization endpoint.
|
|
2987
|
+
*/
|
|
2988
|
+
async signinSilentCallback(e = window.location.href) {
|
|
2989
|
+
const t = this._logger.create("signinSilentCallback");
|
|
2990
|
+
await this._iframeNavigator.callback(e), t.info("success");
|
|
2991
|
+
}
|
|
2992
|
+
async signinCallback(e = window.location.href) {
|
|
2993
|
+
const { state: t } = await this._client.readSigninResponseState(e);
|
|
2994
|
+
switch (t.request_type) {
|
|
2995
|
+
case "si:r":
|
|
2996
|
+
return await this.signinRedirectCallback(e);
|
|
2997
|
+
case "si:p":
|
|
2998
|
+
return await this.signinPopupCallback(e);
|
|
2999
|
+
case "si:s":
|
|
3000
|
+
return await this.signinSilentCallback(e);
|
|
3001
|
+
default:
|
|
3002
|
+
throw new Error("invalid response_type in state");
|
|
3003
|
+
}
|
|
3004
|
+
}
|
|
3005
|
+
async signoutCallback(e = window.location.href, t = !1) {
|
|
3006
|
+
const { state: r } = await this._client.readSignoutResponseState(e);
|
|
3007
|
+
if (r)
|
|
3008
|
+
switch (r.request_type) {
|
|
3009
|
+
case "so:r":
|
|
3010
|
+
await this.signoutRedirectCallback(e);
|
|
3011
|
+
break;
|
|
3012
|
+
case "so:p":
|
|
3013
|
+
await this.signoutPopupCallback(e, t);
|
|
3014
|
+
break;
|
|
3015
|
+
case "so:s":
|
|
3016
|
+
await this.signoutSilentCallback(e);
|
|
3017
|
+
break;
|
|
3018
|
+
default:
|
|
3019
|
+
throw new Error("invalid response_type in state");
|
|
3020
|
+
}
|
|
3021
|
+
}
|
|
3022
|
+
/**
|
|
3023
|
+
* Returns promise to query OP for user's current signin status. Returns object with session_state and subject identifier.
|
|
3024
|
+
*/
|
|
3025
|
+
async querySessionStatus(e = {}) {
|
|
3026
|
+
const t = this._logger.create("querySessionStatus"), {
|
|
3027
|
+
silentRequestTimeoutInSeconds: r,
|
|
3028
|
+
...s
|
|
3029
|
+
} = e, n = this.settings.silent_redirect_uri;
|
|
3030
|
+
n || t.throw(new Error("No silent_redirect_uri configured"));
|
|
3031
|
+
const o = await this._loadUser(), a = await this._iframeNavigator.prepare({ silentRequestTimeoutInSeconds: r }), d = await this._signinStart({
|
|
3032
|
+
request_type: "si:s",
|
|
3033
|
+
// this acts like a signin silent
|
|
3034
|
+
redirect_uri: n,
|
|
3035
|
+
prompt: "none",
|
|
3036
|
+
id_token_hint: this.settings.includeIdTokenInSilentRenew ? o == null ? void 0 : o.id_token : void 0,
|
|
3037
|
+
response_type: this.settings.query_status_response_type,
|
|
3038
|
+
scope: "openid",
|
|
3039
|
+
skipUserInfo: !0,
|
|
3040
|
+
...s
|
|
3041
|
+
}, a);
|
|
3042
|
+
try {
|
|
3043
|
+
const l = await this._client.processSigninResponse(d.url);
|
|
3044
|
+
return t.debug("got signin response"), l.session_state && l.profile.sub ? (t.info("success for subject", l.profile.sub), {
|
|
3045
|
+
session_state: l.session_state,
|
|
3046
|
+
sub: l.profile.sub,
|
|
3047
|
+
sid: l.profile.sid
|
|
3048
|
+
}) : (t.info("success, user not authenticated"), null);
|
|
3049
|
+
} catch (l) {
|
|
3050
|
+
if (this.settings.monitorAnonymousSession && l instanceof Z)
|
|
3051
|
+
switch (l.error) {
|
|
3052
|
+
case "login_required":
|
|
3053
|
+
case "consent_required":
|
|
3054
|
+
case "interaction_required":
|
|
3055
|
+
case "account_selection_required":
|
|
3056
|
+
return t.info("success for anonymous user"), {
|
|
3057
|
+
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
|
|
3058
|
+
session_state: l.session_state
|
|
3059
|
+
};
|
|
3060
|
+
}
|
|
3061
|
+
throw l;
|
|
3062
|
+
}
|
|
3063
|
+
}
|
|
3064
|
+
async _signin(e, t, r) {
|
|
3065
|
+
const s = await this._signinStart(e, t);
|
|
3066
|
+
return await this._signinEnd(s.url, r);
|
|
3067
|
+
}
|
|
3068
|
+
async _signinStart(e, t) {
|
|
3069
|
+
const r = this._logger.create("_signinStart");
|
|
3070
|
+
try {
|
|
3071
|
+
const s = await this._client.createSigninRequest(e);
|
|
3072
|
+
return r.debug("got signin request"), await t.navigate({
|
|
3073
|
+
url: s.url,
|
|
3074
|
+
state: s.state.id,
|
|
3075
|
+
response_mode: s.state.response_mode,
|
|
3076
|
+
scriptOrigin: this.settings.iframeScriptOrigin
|
|
3077
|
+
});
|
|
3078
|
+
} catch (s) {
|
|
3079
|
+
throw r.debug("error after preparing navigator, closing navigator window"), t.close(), s;
|
|
3080
|
+
}
|
|
3081
|
+
}
|
|
3082
|
+
async _signinEnd(e, t) {
|
|
3083
|
+
const r = this._logger.create("_signinEnd"), s = await this._client.processSigninResponse(e);
|
|
3084
|
+
return r.debug("got signin response"), await this._buildUser(s, t);
|
|
3085
|
+
}
|
|
3086
|
+
async _buildUser(e, t) {
|
|
3087
|
+
const r = this._logger.create("_buildUser"), s = new _e(e);
|
|
3088
|
+
if (t) {
|
|
3089
|
+
if (t !== s.profile.sub)
|
|
3090
|
+
throw r.debug("current user does not match user returned from signin. sub from signin:", s.profile.sub), new Z({ ...e, error: "login_required" });
|
|
3091
|
+
r.debug("current user matches user returned from signin");
|
|
3092
|
+
}
|
|
3093
|
+
return await this.storeUser(s), r.debug("user stored"), this._events.load(s), s;
|
|
3094
|
+
}
|
|
3095
|
+
/**
|
|
3096
|
+
* Returns promise to trigger a redirect of the current window to the end session endpoint.
|
|
3097
|
+
*/
|
|
3098
|
+
async signoutRedirect(e = {}) {
|
|
3099
|
+
const t = this._logger.create("signoutRedirect"), {
|
|
3100
|
+
redirectMethod: r,
|
|
3101
|
+
...s
|
|
3102
|
+
} = e, n = await this._redirectNavigator.prepare({ redirectMethod: r });
|
|
3103
|
+
await this._signoutStart({
|
|
3104
|
+
request_type: "so:r",
|
|
3105
|
+
post_logout_redirect_uri: this.settings.post_logout_redirect_uri,
|
|
3106
|
+
...s
|
|
3107
|
+
}, n), t.info("success");
|
|
3108
|
+
}
|
|
3109
|
+
/**
|
|
3110
|
+
* Returns promise to process response from the end session endpoint.
|
|
3111
|
+
*/
|
|
3112
|
+
async signoutRedirectCallback(e = window.location.href) {
|
|
3113
|
+
const t = this._logger.create("signoutRedirectCallback"), r = await this._signoutEnd(e);
|
|
3114
|
+
return t.info("success"), r;
|
|
3115
|
+
}
|
|
3116
|
+
/**
|
|
3117
|
+
* Returns promise to trigger a redirect of a popup window window to the end session endpoint.
|
|
3118
|
+
*/
|
|
3119
|
+
async signoutPopup(e = {}) {
|
|
3120
|
+
const t = this._logger.create("signoutPopup"), {
|
|
3121
|
+
popupWindowFeatures: r,
|
|
3122
|
+
popupWindowTarget: s,
|
|
3123
|
+
...n
|
|
3124
|
+
} = e, o = this.settings.popup_post_logout_redirect_uri, a = await this._popupNavigator.prepare({ popupWindowFeatures: r, popupWindowTarget: s });
|
|
3125
|
+
await this._signout({
|
|
3126
|
+
request_type: "so:p",
|
|
3127
|
+
post_logout_redirect_uri: o,
|
|
3128
|
+
// we're putting a dummy entry in here because we
|
|
3129
|
+
// need a unique id from the state for notification
|
|
3130
|
+
// to the parent window, which is necessary if we
|
|
3131
|
+
// plan to return back to the client after signout
|
|
3132
|
+
// and so we can close the popup after signout
|
|
3133
|
+
state: o == null ? void 0 : {},
|
|
3134
|
+
...n
|
|
3135
|
+
}, a), t.info("success");
|
|
3136
|
+
}
|
|
3137
|
+
/**
|
|
3138
|
+
* Returns promise to process response from the end session endpoint from a popup window.
|
|
3139
|
+
*/
|
|
3140
|
+
async signoutPopupCallback(e = window.location.href, t = !1) {
|
|
3141
|
+
const r = this._logger.create("signoutPopupCallback");
|
|
3142
|
+
await this._popupNavigator.callback(e, t), r.info("success");
|
|
3143
|
+
}
|
|
3144
|
+
async _signout(e, t) {
|
|
3145
|
+
const r = await this._signoutStart(e, t);
|
|
3146
|
+
return await this._signoutEnd(r.url);
|
|
3147
|
+
}
|
|
3148
|
+
async _signoutStart(e = {}, t) {
|
|
3149
|
+
var r;
|
|
3150
|
+
const s = this._logger.create("_signoutStart");
|
|
3151
|
+
try {
|
|
3152
|
+
const n = await this._loadUser();
|
|
3153
|
+
s.debug("loaded current user from storage"), this.settings.revokeTokensOnSignout && await this._revokeInternal(n);
|
|
3154
|
+
const o = e.id_token_hint || n && n.id_token;
|
|
3155
|
+
o && (s.debug("setting id_token_hint in signout request"), e.id_token_hint = o), await this.removeUser(), s.debug("user removed, creating signout request");
|
|
3156
|
+
const a = await this._client.createSignoutRequest(e);
|
|
3157
|
+
return s.debug("got signout request"), await t.navigate({
|
|
3158
|
+
url: a.url,
|
|
3159
|
+
state: (r = a.state) == null ? void 0 : r.id
|
|
3160
|
+
});
|
|
3161
|
+
} catch (n) {
|
|
3162
|
+
throw s.debug("error after preparing navigator, closing navigator window"), t.close(), n;
|
|
3163
|
+
}
|
|
3164
|
+
}
|
|
3165
|
+
async _signoutEnd(e) {
|
|
3166
|
+
const t = this._logger.create("_signoutEnd"), r = await this._client.processSignoutResponse(e);
|
|
3167
|
+
return t.debug("got signout response"), r;
|
|
3168
|
+
}
|
|
3169
|
+
/**
|
|
3170
|
+
* Returns promise to trigger a silent request (via an iframe) to the end session endpoint.
|
|
3171
|
+
*/
|
|
3172
|
+
async signoutSilent(e = {}) {
|
|
3173
|
+
var t;
|
|
3174
|
+
const r = this._logger.create("signoutSilent"), {
|
|
3175
|
+
silentRequestTimeoutInSeconds: s,
|
|
3176
|
+
...n
|
|
3177
|
+
} = e, o = this.settings.includeIdTokenInSilentSignout ? (t = await this._loadUser()) == null ? void 0 : t.id_token : void 0, a = this.settings.popup_post_logout_redirect_uri, d = await this._iframeNavigator.prepare({ silentRequestTimeoutInSeconds: s });
|
|
3178
|
+
await this._signout({
|
|
3179
|
+
request_type: "so:s",
|
|
3180
|
+
post_logout_redirect_uri: a,
|
|
3181
|
+
id_token_hint: o,
|
|
3182
|
+
...n
|
|
3183
|
+
}, d), r.info("success");
|
|
3184
|
+
}
|
|
3185
|
+
/**
|
|
3186
|
+
* Returns promise to notify the parent window of response from the end session endpoint.
|
|
3187
|
+
*/
|
|
3188
|
+
async signoutSilentCallback(e = window.location.href) {
|
|
3189
|
+
const t = this._logger.create("signoutSilentCallback");
|
|
3190
|
+
await this._iframeNavigator.callback(e), t.info("success");
|
|
3191
|
+
}
|
|
3192
|
+
async revokeTokens(e) {
|
|
3193
|
+
const t = await this._loadUser();
|
|
3194
|
+
await this._revokeInternal(t, e);
|
|
3195
|
+
}
|
|
3196
|
+
async _revokeInternal(e, t = this.settings.revokeTokenTypes) {
|
|
3197
|
+
const r = this._logger.create("_revokeInternal");
|
|
3198
|
+
if (!e)
|
|
3199
|
+
return;
|
|
3200
|
+
const s = t.filter((n) => typeof e[n] == "string");
|
|
3201
|
+
if (!s.length) {
|
|
3202
|
+
r.debug("no need to revoke due to no token(s)");
|
|
3203
|
+
return;
|
|
3204
|
+
}
|
|
3205
|
+
for (const n of s)
|
|
3206
|
+
await this._client.revokeToken(
|
|
3207
|
+
e[n],
|
|
3208
|
+
// eslint-disable-line @typescript-eslint/no-non-null-assertion
|
|
3209
|
+
n
|
|
3210
|
+
), r.info(`${n} revoked successfully`), n !== "access_token" && (e[n] = null);
|
|
3211
|
+
await this.storeUser(e), r.debug("user stored"), this._events.load(e);
|
|
3212
|
+
}
|
|
3213
|
+
/**
|
|
3214
|
+
* Enables silent renew for the `UserManager`.
|
|
3215
|
+
*/
|
|
3216
|
+
startSilentRenew() {
|
|
3217
|
+
this._logger.create("startSilentRenew"), this._silentRenewService.start();
|
|
3218
|
+
}
|
|
3219
|
+
/**
|
|
3220
|
+
* Disables silent renew for the `UserManager`.
|
|
3221
|
+
*/
|
|
3222
|
+
stopSilentRenew() {
|
|
3223
|
+
this._silentRenewService.stop();
|
|
3224
|
+
}
|
|
3225
|
+
get _userStoreKey() {
|
|
3226
|
+
return `user:${this.settings.authority}:${this.settings.client_id}`;
|
|
3227
|
+
}
|
|
3228
|
+
async _loadUser() {
|
|
3229
|
+
const e = this._logger.create("_loadUser"), t = await this.settings.userStore.get(this._userStoreKey);
|
|
3230
|
+
return t ? (e.debug("user storageString loaded"), _e.fromStorageString(t)) : (e.debug("no user storageString"), null);
|
|
3231
|
+
}
|
|
3232
|
+
async storeUser(e) {
|
|
3233
|
+
const t = this._logger.create("storeUser");
|
|
3234
|
+
if (e) {
|
|
3235
|
+
t.debug("storing user");
|
|
3236
|
+
const r = e.toStorageString();
|
|
3237
|
+
await this.settings.userStore.set(this._userStoreKey, r);
|
|
3238
|
+
} else
|
|
3239
|
+
this._logger.debug("removing user"), await this.settings.userStore.remove(this._userStoreKey);
|
|
3240
|
+
}
|
|
3241
|
+
/**
|
|
3242
|
+
* Removes stale state entries in storage for incomplete authorize requests.
|
|
3243
|
+
*/
|
|
3244
|
+
async clearStaleState() {
|
|
3245
|
+
await this._client.clearStaleState();
|
|
3246
|
+
}
|
|
3247
|
+
}, $r = "2.2.2", Qr = $r;
|
|
3248
|
+
const Et = ht(
|
|
3249
|
+
null
|
|
3250
|
+
), Lr = () => {
|
|
3251
|
+
const e = gt(Et);
|
|
3252
|
+
if (!e)
|
|
3253
|
+
throw new Error(
|
|
3254
|
+
"useImpersonationContext must be used within a ImpersonationContextProvider"
|
|
3255
|
+
);
|
|
3256
|
+
return e;
|
|
3257
|
+
}, Zr = ({
|
|
3258
|
+
children: e
|
|
3259
|
+
}) => {
|
|
3260
|
+
const [t, r] = Xt("impersonationState", {
|
|
3261
|
+
defaultValue: {}
|
|
3262
|
+
}), s = ft(() => ({
|
|
3263
|
+
accessToken: t == null ? void 0 : t.accessToken,
|
|
3264
|
+
userInfo: t == null ? void 0 : t.userInfo,
|
|
3265
|
+
setImpersonation: (n, o) => {
|
|
3266
|
+
r({ accessToken: n, userInfo: o });
|
|
3267
|
+
}
|
|
3268
|
+
}), []);
|
|
3269
|
+
return /* @__PURE__ */ ce.jsx(Et.Provider, { value: s, children: e });
|
|
3270
|
+
}, zr = (e) => {
|
|
3271
|
+
const r = e.split(".")[1].replace(/-/g, "+").replace(/_/g, "/"), s = atob(r);
|
|
3272
|
+
return JSON.parse(s);
|
|
3273
|
+
}, es = (e) => {
|
|
3274
|
+
const { setImpersonation: t } = Lr();
|
|
3275
|
+
pe(() => {
|
|
3276
|
+
const { search: r } = window.location, s = new URLSearchParams(r).get(
|
|
3277
|
+
"impersonateAccessToken"
|
|
3278
|
+
);
|
|
3279
|
+
if (s && t) {
|
|
3280
|
+
const n = zr(s);
|
|
3281
|
+
t(s, n), e();
|
|
3282
|
+
}
|
|
3283
|
+
}, []);
|
|
3284
|
+
}, Jr = ({
|
|
3285
|
+
userManager: e,
|
|
3286
|
+
context: t,
|
|
3287
|
+
children: r
|
|
3288
|
+
}) => {
|
|
3289
|
+
const [s, n] = Gt({
|
|
3290
|
+
user: null,
|
|
3291
|
+
isLoading: !0,
|
|
3292
|
+
isAuthenticated: !1,
|
|
3293
|
+
isError: !1,
|
|
3294
|
+
error: null
|
|
3295
|
+
}), o = _t(!1);
|
|
3296
|
+
pe(() => {
|
|
3297
|
+
o.current || (o.current = !0, (async () => {
|
|
3298
|
+
try {
|
|
3299
|
+
const h = await e.getUser();
|
|
3300
|
+
n({
|
|
3301
|
+
user: h,
|
|
3302
|
+
isLoading: !1,
|
|
3303
|
+
isAuthenticated: h ? !h.expired : !1,
|
|
3304
|
+
isError: !1,
|
|
3305
|
+
error: null
|
|
3306
|
+
});
|
|
3307
|
+
} catch (h) {
|
|
3308
|
+
n({
|
|
3309
|
+
user: null,
|
|
3310
|
+
isLoading: !1,
|
|
3311
|
+
isAuthenticated: !1,
|
|
3312
|
+
isError: !0,
|
|
3313
|
+
error: h instanceof Error ? h : new Error("Unknown error during auth")
|
|
3314
|
+
});
|
|
3315
|
+
}
|
|
3316
|
+
})());
|
|
3317
|
+
}, [e]), pe(() => {
|
|
3318
|
+
const h = (y) => {
|
|
3319
|
+
n({
|
|
3320
|
+
user: y,
|
|
3321
|
+
isLoading: !1,
|
|
3322
|
+
isAuthenticated: !y.expired,
|
|
3323
|
+
isError: !1,
|
|
3324
|
+
error: null
|
|
3325
|
+
});
|
|
3326
|
+
};
|
|
3327
|
+
e.events.addUserLoaded(h);
|
|
3328
|
+
const p = () => {
|
|
3329
|
+
n({
|
|
3330
|
+
...s,
|
|
3331
|
+
user: null,
|
|
3332
|
+
isAuthenticated: !1
|
|
3333
|
+
});
|
|
3334
|
+
};
|
|
3335
|
+
e.events.addUserUnloaded(p);
|
|
3336
|
+
const _ = (y) => {
|
|
3337
|
+
n({
|
|
3338
|
+
...s,
|
|
3339
|
+
isLoading: !1,
|
|
3340
|
+
isError: !0,
|
|
3341
|
+
error: y
|
|
3342
|
+
});
|
|
3343
|
+
};
|
|
3344
|
+
return e.events.addSilentRenewError(_), () => {
|
|
3345
|
+
e.events.removeUserLoaded(h), e.events.removeUserUnloaded(p), e.events.removeSilentRenewError(_);
|
|
3346
|
+
};
|
|
3347
|
+
}, [e]);
|
|
3348
|
+
const a = it(async () => {
|
|
3349
|
+
const h = await e.signinCallback();
|
|
3350
|
+
return n({
|
|
3351
|
+
user: h ?? null,
|
|
3352
|
+
isLoading: !1,
|
|
3353
|
+
isAuthenticated: h ? !h.expired : !1,
|
|
3354
|
+
isError: !1,
|
|
3355
|
+
error: null
|
|
3356
|
+
}), h ?? void 0;
|
|
3357
|
+
}, [e]), d = it(
|
|
3358
|
+
async (h) => {
|
|
3359
|
+
try {
|
|
3360
|
+
await e.signinRedirect(h);
|
|
3361
|
+
} catch (p) {
|
|
3362
|
+
console.error(p);
|
|
3363
|
+
}
|
|
3364
|
+
},
|
|
3365
|
+
[e]
|
|
3366
|
+
), l = ft(
|
|
3367
|
+
() => ({
|
|
3368
|
+
state: s,
|
|
3369
|
+
handleSigninCallback: a,
|
|
3370
|
+
redirectToSignin: d
|
|
3371
|
+
}),
|
|
3372
|
+
[s, a, d]
|
|
3373
|
+
);
|
|
3374
|
+
return /* @__PURE__ */ ce.jsx(t.Provider, { value: l, children: r });
|
|
3375
|
+
}, Me = (e) => {
|
|
3376
|
+
const t = gt(e);
|
|
3377
|
+
if (!t)
|
|
3378
|
+
throw new Error("useAuthContext must be used within an AuthProvider");
|
|
3379
|
+
return t;
|
|
3380
|
+
}, Kr = (e) => {
|
|
3381
|
+
const { state: t } = Me(e);
|
|
3382
|
+
return t;
|
|
3383
|
+
}, Vr = (e, t) => {
|
|
3384
|
+
const { state: r, handleSigninCallback: s } = Me(e), n = _t(!1);
|
|
3385
|
+
return pe(() => {
|
|
3386
|
+
n.current || (n.current = !0, s().then(
|
|
3387
|
+
(o) => new Promise(
|
|
3388
|
+
(a) => setTimeout(() => a(o), 0)
|
|
3389
|
+
)
|
|
3390
|
+
).then((o) => t == null ? void 0 : t(o)));
|
|
3391
|
+
}, [s]), r;
|
|
3392
|
+
}, ts = (e) => {
|
|
3393
|
+
const t = ht(null);
|
|
3394
|
+
return {
|
|
3395
|
+
AuthContext: t,
|
|
3396
|
+
AuthProvider: ({ children: d }) => /* @__PURE__ */ ce.jsx(Jr, { userManager: e, context: t, children: d }),
|
|
3397
|
+
useAuthContext: () => Me(t),
|
|
3398
|
+
useAuthState: () => Kr(t),
|
|
3399
|
+
useSigninCallback: (d) => Vr(t, d),
|
|
3400
|
+
getAccessToken: async () => {
|
|
3401
|
+
const d = await e.getUser();
|
|
3402
|
+
return d ? d.access_token : null;
|
|
3403
|
+
}
|
|
3404
|
+
};
|
|
3405
|
+
};
|
|
3406
|
+
export {
|
|
3407
|
+
fr as AccessTokenEvents,
|
|
3408
|
+
_r as CheckSessionIFrame,
|
|
3409
|
+
Z as ErrorResponse,
|
|
3410
|
+
Ne as ErrorTimeout,
|
|
3411
|
+
Zr as ImpersonationContextProvider,
|
|
3412
|
+
pt as InMemoryWebStorage,
|
|
3413
|
+
me as Log,
|
|
3414
|
+
b as Logger,
|
|
3415
|
+
pr as MetadataService,
|
|
3416
|
+
Or as OidcClient,
|
|
3417
|
+
wt as OidcClientSettingsStore,
|
|
3418
|
+
Ur as SessionMonitor,
|
|
3419
|
+
Ce as SigninResponse,
|
|
3420
|
+
We as SigninState,
|
|
3421
|
+
Pr as SignoutResponse,
|
|
3422
|
+
ie as State,
|
|
3423
|
+
_e as User,
|
|
3424
|
+
Xr as UserManager,
|
|
3425
|
+
Nr as UserManagerSettingsStore,
|
|
3426
|
+
Qr as Version,
|
|
3427
|
+
vt as WebStorageStateStore,
|
|
3428
|
+
ts as createAuthContext,
|
|
3429
|
+
es as useImpersonationCallback,
|
|
3430
|
+
Lr as useImpersonationContext
|
|
3431
|
+
};
|