@arkitektbedriftene/fe-lib 0.4.35 → 0.4.37
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/elements/components/CompanyLogo.d.ts +7 -2
- package/dist/elements.es.js +35 -21
- package/dist/oidc/impersonate.d.ts +1 -1
- package/dist/oidc.es.js +494 -449
- package/package.json +2 -1
package/dist/oidc.es.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import { jsx as
|
|
2
|
-
import { createContext as
|
|
1
|
+
import { jsx as re } from "react/jsx-runtime";
|
|
2
|
+
import { createContext as ge, useContext as _e, useMemo as pe, useEffect as $, useState as Ie, useRef as fe, useCallback as ce } from "react";
|
|
3
3
|
import { u as Re } from "./useLocalStorageState-b4fb2a60.js";
|
|
4
4
|
var N = typeof globalThis < "u" ? globalThis : typeof window < "u" ? window : typeof global < "u" ? global : typeof self < "u" ? self : {};
|
|
5
5
|
function Te(e) {
|
|
@@ -9,10 +9,10 @@ function Te(e) {
|
|
|
9
9
|
if (typeof t == "function") {
|
|
10
10
|
var s = function r() {
|
|
11
11
|
if (this instanceof r) {
|
|
12
|
-
var
|
|
13
|
-
|
|
14
|
-
var
|
|
15
|
-
return new
|
|
12
|
+
var n = [null];
|
|
13
|
+
n.push.apply(n, arguments);
|
|
14
|
+
var i = Function.bind.apply(t, n);
|
|
15
|
+
return new i();
|
|
16
16
|
}
|
|
17
17
|
return t.apply(this, arguments);
|
|
18
18
|
};
|
|
@@ -20,8 +20,8 @@ function Te(e) {
|
|
|
20
20
|
} else
|
|
21
21
|
s = {};
|
|
22
22
|
return Object.defineProperty(s, "__esModule", { value: !0 }), Object.keys(e).forEach(function(r) {
|
|
23
|
-
var
|
|
24
|
-
Object.defineProperty(s, r,
|
|
23
|
+
var n = Object.getOwnPropertyDescriptor(e, r);
|
|
24
|
+
Object.defineProperty(s, r, n.get ? n : {
|
|
25
25
|
enumerable: !0,
|
|
26
26
|
get: function() {
|
|
27
27
|
return e[r];
|
|
@@ -29,10 +29,10 @@ function Te(e) {
|
|
|
29
29
|
});
|
|
30
30
|
}), s;
|
|
31
31
|
}
|
|
32
|
-
function
|
|
32
|
+
function Ue(e) {
|
|
33
33
|
throw new Error('Could not dynamically require "' + e + '". Please configure the dynamicRequireTargets or/and ignoreDynamicRequires option of @rollup/plugin-commonjs appropriately for this require call to work.');
|
|
34
34
|
}
|
|
35
|
-
var M = {},
|
|
35
|
+
var M = {}, Ae = {
|
|
36
36
|
get exports() {
|
|
37
37
|
return M;
|
|
38
38
|
},
|
|
@@ -40,31 +40,31 @@ var M = {}, Ue = {
|
|
|
40
40
|
M = e;
|
|
41
41
|
}
|
|
42
42
|
};
|
|
43
|
-
const
|
|
43
|
+
const Pe = {}, Oe = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
|
|
44
44
|
__proto__: null,
|
|
45
|
-
default:
|
|
46
|
-
}, Symbol.toStringTag, { value: "Module" })),
|
|
45
|
+
default: Pe
|
|
46
|
+
}, Symbol.toStringTag, { value: "Module" })), qe = /* @__PURE__ */ Te(Oe);
|
|
47
47
|
(function(e, t) {
|
|
48
48
|
(function(s, r) {
|
|
49
49
|
e.exports = r();
|
|
50
50
|
})(N, function() {
|
|
51
|
-
var s = s || function(r,
|
|
52
|
-
var
|
|
53
|
-
if (typeof window < "u" && window.crypto && (
|
|
51
|
+
var s = s || function(r, n) {
|
|
52
|
+
var i;
|
|
53
|
+
if (typeof window < "u" && window.crypto && (i = window.crypto), typeof self < "u" && self.crypto && (i = self.crypto), typeof globalThis < "u" && globalThis.crypto && (i = globalThis.crypto), !i && typeof window < "u" && window.msCrypto && (i = window.msCrypto), !i && typeof N < "u" && N.crypto && (i = N.crypto), !i && typeof Ue == "function")
|
|
54
54
|
try {
|
|
55
|
-
|
|
55
|
+
i = qe;
|
|
56
56
|
} catch {
|
|
57
57
|
}
|
|
58
58
|
var o = function() {
|
|
59
|
-
if (
|
|
60
|
-
if (typeof
|
|
59
|
+
if (i) {
|
|
60
|
+
if (typeof i.getRandomValues == "function")
|
|
61
61
|
try {
|
|
62
|
-
return
|
|
62
|
+
return i.getRandomValues(new Uint32Array(1))[0];
|
|
63
63
|
} catch {
|
|
64
64
|
}
|
|
65
|
-
if (typeof
|
|
65
|
+
if (typeof i.randomBytes == "function")
|
|
66
66
|
try {
|
|
67
|
-
return
|
|
67
|
+
return i.randomBytes(4).readInt32LE();
|
|
68
68
|
} catch {
|
|
69
69
|
}
|
|
70
70
|
}
|
|
@@ -175,7 +175,7 @@ const Ae = {}, Pe = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineP
|
|
|
175
175
|
* var wordArray = CryptoJS.lib.WordArray.create([0x00010203, 0x04050607], 6);
|
|
176
176
|
*/
|
|
177
177
|
init: function(a, d) {
|
|
178
|
-
a = this.words = a || [], d !=
|
|
178
|
+
a = this.words = a || [], d != n ? this.sigBytes = d : this.sigBytes = a.length * 4;
|
|
179
179
|
},
|
|
180
180
|
/**
|
|
181
181
|
* Converts this word array to a string.
|
|
@@ -414,13 +414,13 @@ const Ae = {}, Pe = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineP
|
|
|
414
414
|
_process: function(a) {
|
|
415
415
|
var d, p = this._data, m = p.words, b = p.sigBytes, E = this.blockSize, C = E * 4, x = b / C;
|
|
416
416
|
a ? x = r.ceil(x) : x = r.max((x | 0) - this._minBufferSize, 0);
|
|
417
|
-
var P = x * E,
|
|
417
|
+
var P = x * E, I = r.min(P * 4, b);
|
|
418
418
|
if (P) {
|
|
419
419
|
for (var q = 0; q < P; q += E)
|
|
420
420
|
this._doProcessBlock(m, q);
|
|
421
|
-
d = m.splice(0, P), p.sigBytes -=
|
|
421
|
+
d = m.splice(0, P), p.sigBytes -= I;
|
|
422
422
|
}
|
|
423
|
-
return new u.init(d,
|
|
423
|
+
return new u.init(d, I);
|
|
424
424
|
},
|
|
425
425
|
/**
|
|
426
426
|
* Creates a copy of this object.
|
|
@@ -541,13 +541,13 @@ const Ae = {}, Pe = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineP
|
|
|
541
541
|
}(Math);
|
|
542
542
|
return s;
|
|
543
543
|
});
|
|
544
|
-
})(
|
|
545
|
-
var
|
|
544
|
+
})(Ae);
|
|
545
|
+
var X = {}, Ne = {
|
|
546
546
|
get exports() {
|
|
547
|
-
return
|
|
547
|
+
return X;
|
|
548
548
|
},
|
|
549
549
|
set exports(e) {
|
|
550
|
-
|
|
550
|
+
X = e;
|
|
551
551
|
}
|
|
552
552
|
};
|
|
553
553
|
(function(e, t) {
|
|
@@ -555,7 +555,7 @@ var Q = {}, qe = {
|
|
|
555
555
|
e.exports = r(M);
|
|
556
556
|
})(N, function(s) {
|
|
557
557
|
return function(r) {
|
|
558
|
-
var
|
|
558
|
+
var n = s, i = n.lib, o = i.WordArray, c = i.Hasher, l = n.algo, h = [], g = [];
|
|
559
559
|
(function() {
|
|
560
560
|
function w(y) {
|
|
561
561
|
for (var a = r.sqrt(y), d = 2; d <= a; d++)
|
|
@@ -578,11 +578,11 @@ var Q = {}, qe = {
|
|
|
578
578
|
if (C < 16)
|
|
579
579
|
u[C] = w[k + C] | 0;
|
|
580
580
|
else {
|
|
581
|
-
var x = u[C - 15], P = (x << 25 | x >>> 7) ^ (x << 14 | x >>> 18) ^ x >>> 3,
|
|
581
|
+
var x = u[C - 15], P = (x << 25 | x >>> 7) ^ (x << 14 | x >>> 18) ^ x >>> 3, I = u[C - 2], q = (I << 15 | I >>> 17) ^ (I << 13 | I >>> 19) ^ I >>> 10;
|
|
582
582
|
u[C] = P + u[C - 7] + q + u[C - 16];
|
|
583
583
|
}
|
|
584
|
-
var W = p & m ^ ~p & b,
|
|
585
|
-
E = b, b = m, m = p, p = d +
|
|
584
|
+
var W = p & m ^ ~p & b, K = v & y ^ v & a ^ y & a, V = (v << 30 | v >>> 2) ^ (v << 19 | v >>> 13) ^ (v << 10 | v >>> 22), G = (p << 26 | p >>> 6) ^ (p << 21 | p >>> 11) ^ (p << 7 | p >>> 25), L = E + G + W + g[C] + u[C], xe = V + K;
|
|
585
|
+
E = b, b = m, m = p, p = d + L | 0, d = a, a = y, y = v, v = L + xe | 0;
|
|
586
586
|
}
|
|
587
587
|
_[0] = _[0] + v | 0, _[1] = _[1] + y | 0, _[2] = _[2] + a | 0, _[3] = _[3] + d | 0, _[4] = _[4] + p | 0, _[5] = _[5] + m | 0, _[6] = _[6] + b | 0, _[7] = _[7] + E | 0;
|
|
588
588
|
},
|
|
@@ -595,16 +595,16 @@ var Q = {}, qe = {
|
|
|
595
595
|
return w._hash = this._hash.clone(), w;
|
|
596
596
|
}
|
|
597
597
|
});
|
|
598
|
-
|
|
598
|
+
n.SHA256 = c._createHelper(S), n.HmacSHA256 = c._createHmacHelper(S);
|
|
599
599
|
}(Math), s.SHA256;
|
|
600
600
|
});
|
|
601
|
-
})(
|
|
602
|
-
var
|
|
601
|
+
})(Ne);
|
|
602
|
+
var z = {}, je = {
|
|
603
603
|
get exports() {
|
|
604
|
-
return
|
|
604
|
+
return z;
|
|
605
605
|
},
|
|
606
606
|
set exports(e) {
|
|
607
|
-
|
|
607
|
+
z = e;
|
|
608
608
|
}
|
|
609
609
|
};
|
|
610
610
|
(function(e, t) {
|
|
@@ -612,7 +612,7 @@ var $ = {}, Ne = {
|
|
|
612
612
|
e.exports = r(M);
|
|
613
613
|
})(N, function(s) {
|
|
614
614
|
return function() {
|
|
615
|
-
var r = s,
|
|
615
|
+
var r = s, n = r.lib, i = n.WordArray, o = r.enc;
|
|
616
616
|
o.Base64 = {
|
|
617
617
|
/**
|
|
618
618
|
* Converts a word array to a Base64 string.
|
|
@@ -674,17 +674,17 @@ var $ = {}, Ne = {
|
|
|
674
674
|
var k = g[l.charCodeAt(w - 1)] << w % 4 * 2, _ = g[l.charCodeAt(w)] >>> 6 - w % 4 * 2, v = k | _;
|
|
675
675
|
u[S >>> 2] |= v << 24 - S % 4 * 8, S++;
|
|
676
676
|
}
|
|
677
|
-
return
|
|
677
|
+
return i.create(u, S);
|
|
678
678
|
}
|
|
679
679
|
}(), s.enc.Base64;
|
|
680
680
|
});
|
|
681
|
-
})(
|
|
682
|
-
var
|
|
681
|
+
})(je);
|
|
682
|
+
var Y = {}, Me = {
|
|
683
683
|
get exports() {
|
|
684
|
-
return
|
|
684
|
+
return Y;
|
|
685
685
|
},
|
|
686
686
|
set exports(e) {
|
|
687
|
-
|
|
687
|
+
Y = e;
|
|
688
688
|
}
|
|
689
689
|
};
|
|
690
690
|
(function(e, t) {
|
|
@@ -693,20 +693,20 @@ var X = {}, je = {
|
|
|
693
693
|
})(N, function(s) {
|
|
694
694
|
return s.enc.Utf8;
|
|
695
695
|
});
|
|
696
|
-
})(
|
|
697
|
-
function
|
|
696
|
+
})(Me);
|
|
697
|
+
function Z(e) {
|
|
698
698
|
this.message = e;
|
|
699
699
|
}
|
|
700
|
-
|
|
701
|
-
var
|
|
700
|
+
Z.prototype = new Error(), Z.prototype.name = "InvalidCharacterError";
|
|
701
|
+
var le = typeof window < "u" && window.atob && window.atob.bind(window) || function(e) {
|
|
702
702
|
var t = String(e).replace(/=+$/, "");
|
|
703
703
|
if (t.length % 4 == 1)
|
|
704
|
-
throw new
|
|
705
|
-
for (var s, r,
|
|
704
|
+
throw new Z("'atob' failed: The string to be decoded is not correctly encoded.");
|
|
705
|
+
for (var s, r, n = 0, i = 0, o = ""; r = t.charAt(i++); ~r && (s = n % 4 ? 64 * s + r : r, n++ % 4) ? o += String.fromCharCode(255 & s >> (-2 * n & 6)) : 0)
|
|
706
706
|
r = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=".indexOf(r);
|
|
707
707
|
return o;
|
|
708
708
|
};
|
|
709
|
-
function
|
|
709
|
+
function He(e) {
|
|
710
710
|
var t = e.replace(/-/g, "+").replace(/_/g, "/");
|
|
711
711
|
switch (t.length % 4) {
|
|
712
712
|
case 0:
|
|
@@ -722,30 +722,30 @@ function Me(e) {
|
|
|
722
722
|
}
|
|
723
723
|
try {
|
|
724
724
|
return function(s) {
|
|
725
|
-
return decodeURIComponent(
|
|
726
|
-
var
|
|
727
|
-
return
|
|
725
|
+
return decodeURIComponent(le(s).replace(/(.)/g, function(r, n) {
|
|
726
|
+
var i = n.charCodeAt(0).toString(16).toUpperCase();
|
|
727
|
+
return i.length < 2 && (i = "0" + i), "%" + i;
|
|
728
728
|
}));
|
|
729
729
|
}(t);
|
|
730
730
|
} catch {
|
|
731
|
-
return
|
|
731
|
+
return le(t);
|
|
732
732
|
}
|
|
733
733
|
}
|
|
734
|
-
function
|
|
734
|
+
function D(e) {
|
|
735
735
|
this.message = e;
|
|
736
736
|
}
|
|
737
|
-
function
|
|
737
|
+
function We(e, t) {
|
|
738
738
|
if (typeof e != "string")
|
|
739
|
-
throw new
|
|
739
|
+
throw new D("Invalid token specified");
|
|
740
740
|
var s = (t = t || {}).header === !0 ? 0 : 1;
|
|
741
741
|
try {
|
|
742
|
-
return JSON.parse(
|
|
742
|
+
return JSON.parse(He(e.split(".")[s]));
|
|
743
743
|
} catch (r) {
|
|
744
|
-
throw new
|
|
744
|
+
throw new D("Invalid token specified: " + r.message);
|
|
745
745
|
}
|
|
746
746
|
}
|
|
747
|
-
|
|
748
|
-
var
|
|
747
|
+
D.prototype = new Error(), D.prototype.name = "InvalidTokenError";
|
|
748
|
+
var Be = {
|
|
749
749
|
debug: () => {
|
|
750
750
|
},
|
|
751
751
|
info: () => {
|
|
@@ -754,38 +754,38 @@ var We = {
|
|
|
754
754
|
},
|
|
755
755
|
error: () => {
|
|
756
756
|
}
|
|
757
|
-
},
|
|
757
|
+
}, T, U, J = /* @__PURE__ */ ((e) => (e[e.NONE = 0] = "NONE", e[e.ERROR = 1] = "ERROR", e[e.WARN = 2] = "WARN", e[e.INFO = 3] = "INFO", e[e.DEBUG = 4] = "DEBUG", e))(J || {});
|
|
758
758
|
((e) => {
|
|
759
759
|
function t() {
|
|
760
|
-
|
|
760
|
+
T = 3, U = Be;
|
|
761
761
|
}
|
|
762
762
|
e.reset = t;
|
|
763
|
-
function s(
|
|
764
|
-
if (!(0 <=
|
|
763
|
+
function s(n) {
|
|
764
|
+
if (!(0 <= n && n <= 4))
|
|
765
765
|
throw new Error("Invalid log level");
|
|
766
|
-
|
|
766
|
+
T = n;
|
|
767
767
|
}
|
|
768
768
|
e.setLevel = s;
|
|
769
|
-
function r(
|
|
770
|
-
U =
|
|
769
|
+
function r(n) {
|
|
770
|
+
U = n;
|
|
771
771
|
}
|
|
772
772
|
e.setLogger = r;
|
|
773
|
-
})(
|
|
773
|
+
})(J || (J = {}));
|
|
774
774
|
var f = class {
|
|
775
775
|
constructor(e) {
|
|
776
776
|
this._name = e;
|
|
777
777
|
}
|
|
778
778
|
debug(...e) {
|
|
779
|
-
|
|
779
|
+
T >= 4 && U.debug(f._format(this._name, this._method), ...e);
|
|
780
780
|
}
|
|
781
781
|
info(...e) {
|
|
782
|
-
|
|
782
|
+
T >= 3 && U.info(f._format(this._name, this._method), ...e);
|
|
783
783
|
}
|
|
784
784
|
warn(...e) {
|
|
785
|
-
|
|
785
|
+
T >= 2 && U.warn(f._format(this._name, this._method), ...e);
|
|
786
786
|
}
|
|
787
787
|
error(...e) {
|
|
788
|
-
|
|
788
|
+
T >= 1 && U.error(f._format(this._name, this._method), ...e);
|
|
789
789
|
}
|
|
790
790
|
throw(e) {
|
|
791
791
|
throw this.error(e), e;
|
|
@@ -804,20 +804,20 @@ var f = class {
|
|
|
804
804
|
}
|
|
805
805
|
// helpers for static class methods
|
|
806
806
|
static debug(e, ...t) {
|
|
807
|
-
|
|
807
|
+
T >= 4 && U.debug(f._format(e), ...t);
|
|
808
808
|
}
|
|
809
809
|
static info(e, ...t) {
|
|
810
|
-
|
|
810
|
+
T >= 3 && U.info(f._format(e), ...t);
|
|
811
811
|
}
|
|
812
812
|
static warn(e, ...t) {
|
|
813
|
-
|
|
813
|
+
T >= 2 && U.warn(f._format(e), ...t);
|
|
814
814
|
}
|
|
815
815
|
static error(e, ...t) {
|
|
816
|
-
|
|
816
|
+
T >= 1 && U.error(f._format(e), ...t);
|
|
817
817
|
}
|
|
818
818
|
};
|
|
819
|
-
|
|
820
|
-
var
|
|
819
|
+
J.reset();
|
|
820
|
+
var Le = "10000000-1000-4000-8000-100000000000", A = class {
|
|
821
821
|
static _randomWord() {
|
|
822
822
|
return M.lib.WordArray.random(1).words[0];
|
|
823
823
|
}
|
|
@@ -825,7 +825,7 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
825
825
|
* Generates RFC4122 version 4 guid
|
|
826
826
|
*/
|
|
827
827
|
static generateUUIDv4() {
|
|
828
|
-
return
|
|
828
|
+
return Le.replace(
|
|
829
829
|
/[018]/g,
|
|
830
830
|
(t) => (+t ^ A._randomWord() & 15 >> +t / 4).toString(16)
|
|
831
831
|
).replace(/-/g, "");
|
|
@@ -841,8 +841,8 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
841
841
|
*/
|
|
842
842
|
static generateCodeChallenge(e) {
|
|
843
843
|
try {
|
|
844
|
-
const t =
|
|
845
|
-
return
|
|
844
|
+
const t = X(e);
|
|
845
|
+
return z.stringify(t).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
|
|
846
846
|
} catch (t) {
|
|
847
847
|
throw f.error("CryptoUtils.generateCodeChallenge", t), t;
|
|
848
848
|
}
|
|
@@ -851,8 +851,8 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
851
851
|
* Generates a base64-encoded string for a basic auth header
|
|
852
852
|
*/
|
|
853
853
|
static generateBasicAuth(e, t) {
|
|
854
|
-
const s =
|
|
855
|
-
return
|
|
854
|
+
const s = Y.parse([e, t].join(":"));
|
|
855
|
+
return z.stringify(s);
|
|
856
856
|
}
|
|
857
857
|
}, O = class {
|
|
858
858
|
constructor(e) {
|
|
@@ -870,16 +870,16 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
870
870
|
for (const t of this._callbacks)
|
|
871
871
|
t(...e);
|
|
872
872
|
}
|
|
873
|
-
},
|
|
873
|
+
}, ee = class {
|
|
874
874
|
// IMPORTANT: doesn't validate the token
|
|
875
875
|
static decode(e) {
|
|
876
876
|
try {
|
|
877
|
-
return
|
|
877
|
+
return We(e);
|
|
878
878
|
} catch (t) {
|
|
879
879
|
throw f.error("JwtUtils.decode", t), t;
|
|
880
880
|
}
|
|
881
881
|
}
|
|
882
|
-
},
|
|
882
|
+
}, de = class {
|
|
883
883
|
/**
|
|
884
884
|
* Populates a map of window features with a placement centered in front of
|
|
885
885
|
* the current window. If no explicit width is given, a default value is
|
|
@@ -887,16 +887,16 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
887
887
|
*/
|
|
888
888
|
static center({ ...e }) {
|
|
889
889
|
var t, s, r;
|
|
890
|
-
return e.width == null && (e.width = (t = [800, 720, 600, 480].find((
|
|
890
|
+
return e.width == null && (e.width = (t = [800, 720, 600, 480].find((n) => n <= window.outerWidth / 1.618)) != null ? t : 360), (s = e.left) != null || (e.left = Math.max(0, Math.round(window.screenX + (window.outerWidth - e.width) / 2))), e.height != null && ((r = e.top) != null || (e.top = Math.max(0, Math.round(window.screenY + (window.outerHeight - e.height) / 2)))), e;
|
|
891
891
|
}
|
|
892
892
|
static serialize(e) {
|
|
893
893
|
return Object.entries(e).filter(([, t]) => t != null).map(([t, s]) => `${t}=${typeof s != "boolean" ? s : s ? "yes" : "no"}`).join(",");
|
|
894
894
|
}
|
|
895
|
-
},
|
|
895
|
+
}, R = class extends O {
|
|
896
896
|
constructor() {
|
|
897
897
|
super(...arguments), this._logger = new f(`Timer('${this._name}')`), this._timerHandle = null, this._expiration = 0, this._callback = () => {
|
|
898
|
-
const e = this._expiration -
|
|
899
|
-
this._logger.debug("timer completes in", e), this._expiration <=
|
|
898
|
+
const e = this._expiration - R.getEpochTime();
|
|
899
|
+
this._logger.debug("timer completes in", e), this._expiration <= R.getEpochTime() && (this.cancel(), super.raise());
|
|
900
900
|
};
|
|
901
901
|
}
|
|
902
902
|
// get the time
|
|
@@ -906,7 +906,7 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
906
906
|
init(e) {
|
|
907
907
|
const t = this._logger.create("init");
|
|
908
908
|
e = Math.max(Math.floor(e), 1);
|
|
909
|
-
const s =
|
|
909
|
+
const s = R.getEpochTime() + e;
|
|
910
910
|
if (this.expiration === s && this._timerHandle) {
|
|
911
911
|
t.debug("skipping since already initialized for expiration at", this.expiration);
|
|
912
912
|
return;
|
|
@@ -921,7 +921,7 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
921
921
|
cancel() {
|
|
922
922
|
this._logger.create("cancel"), this._timerHandle && (clearInterval(this._timerHandle), this._timerHandle = null);
|
|
923
923
|
}
|
|
924
|
-
},
|
|
924
|
+
}, te = class {
|
|
925
925
|
static readParams(e, t = "query") {
|
|
926
926
|
if (!e)
|
|
927
927
|
throw new TypeError("Invalid URL");
|
|
@@ -930,26 +930,26 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
930
930
|
}
|
|
931
931
|
}, j = class extends Error {
|
|
932
932
|
constructor(e, t) {
|
|
933
|
-
var s, r,
|
|
933
|
+
var s, r, n;
|
|
934
934
|
if (super(e.error_description || e.error || ""), this.form = t, this.name = "ErrorResponse", !e.error)
|
|
935
935
|
throw f.error("ErrorResponse", "No error passed"), new Error("No error passed");
|
|
936
|
-
this.error = e.error, this.error_description = (s = e.error_description) != null ? s : null, this.error_uri = (r = e.error_uri) != null ? r : null, this.state = e.userState, this.session_state = (
|
|
936
|
+
this.error = e.error, this.error_description = (s = e.error_description) != null ? s : null, this.error_uri = (r = e.error_uri) != null ? r : null, this.state = e.userState, this.session_state = (n = e.session_state) != null ? n : null;
|
|
937
937
|
}
|
|
938
|
-
},
|
|
938
|
+
}, ie = class extends Error {
|
|
939
939
|
constructor(e) {
|
|
940
940
|
super(e), this.name = "ErrorTimeout";
|
|
941
941
|
}
|
|
942
|
-
},
|
|
942
|
+
}, Fe = class {
|
|
943
943
|
constructor(e) {
|
|
944
|
-
this._logger = new f("AccessTokenEvents"), this._expiringTimer = new
|
|
944
|
+
this._logger = new f("AccessTokenEvents"), this._expiringTimer = new R("Access token expiring"), this._expiredTimer = new R("Access token expired"), this._expiringNotificationTimeInSeconds = e.expiringNotificationTimeInSeconds;
|
|
945
945
|
}
|
|
946
946
|
load(e) {
|
|
947
947
|
const t = this._logger.create("load");
|
|
948
948
|
if (e.access_token && e.expires_in !== void 0) {
|
|
949
949
|
const s = e.expires_in;
|
|
950
950
|
if (t.debug("access token present, remaining duration:", s), s > 0) {
|
|
951
|
-
let
|
|
952
|
-
|
|
951
|
+
let n = s - this._expiringNotificationTimeInSeconds;
|
|
952
|
+
n <= 0 && (n = 1), t.debug("registering expiring timer, raising in", n, "seconds"), this._expiringTimer.init(n);
|
|
953
953
|
} else
|
|
954
954
|
t.debug("canceling existing expiring timer because we're past expiration."), this._expiringTimer.cancel();
|
|
955
955
|
const r = s + 1;
|
|
@@ -984,13 +984,13 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
984
984
|
removeAccessTokenExpired(e) {
|
|
985
985
|
this._expiredTimer.removeHandler(e);
|
|
986
986
|
}
|
|
987
|
-
},
|
|
988
|
-
constructor(e, t, s, r,
|
|
989
|
-
this._callback = e, this._client_id = t, this._intervalInSeconds = r, this._stopOnError =
|
|
987
|
+
}, $e = class {
|
|
988
|
+
constructor(e, t, s, r, n) {
|
|
989
|
+
this._callback = e, this._client_id = t, this._intervalInSeconds = r, this._stopOnError = n, this._logger = new f("CheckSessionIFrame"), this._timer = null, this._session_state = null, this._message = (o) => {
|
|
990
990
|
o.origin === this._frame_origin && o.source === this._frame.contentWindow && (o.data === "error" ? (this._logger.error("error message from check session op iframe"), this._stopOnError && this.stop()) : o.data === "changed" ? (this._logger.debug("changed message from check session op iframe"), this.stop(), this._callback()) : this._logger.debug(o.data + " message from check session op iframe"));
|
|
991
991
|
};
|
|
992
|
-
const
|
|
993
|
-
this._frame_origin =
|
|
992
|
+
const i = new URL(s);
|
|
993
|
+
this._frame_origin = i.origin, this._frame = window.document.createElement("iframe"), this._frame.style.visibility = "hidden", this._frame.style.position = "fixed", this._frame.style.left = "-1000px", this._frame.style.top = "0", this._frame.width = "0", this._frame.height = "0", this._frame.src = i.href;
|
|
994
994
|
}
|
|
995
995
|
load() {
|
|
996
996
|
return new Promise((e) => {
|
|
@@ -1011,7 +1011,7 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1011
1011
|
stop() {
|
|
1012
1012
|
this._logger.create("stop"), this._session_state = null, this._timer && (clearInterval(this._timer), this._timer = null);
|
|
1013
1013
|
}
|
|
1014
|
-
},
|
|
1014
|
+
}, we = class {
|
|
1015
1015
|
constructor() {
|
|
1016
1016
|
this._logger = new f("InMemoryWebStorage"), this._data = {};
|
|
1017
1017
|
}
|
|
@@ -1033,7 +1033,7 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1033
1033
|
key(e) {
|
|
1034
1034
|
return Object.getOwnPropertyNames(this._data)[e];
|
|
1035
1035
|
}
|
|
1036
|
-
},
|
|
1036
|
+
}, ne = class {
|
|
1037
1037
|
constructor(e = [], t = null) {
|
|
1038
1038
|
this._jwtHandler = t, this._logger = new f("JsonService"), this._contentTypes = [], this._contentTypes.push(...e, "application/json"), t && this._contentTypes.push("application/jwt");
|
|
1039
1039
|
}
|
|
@@ -1041,64 +1041,64 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1041
1041
|
const { timeoutInSeconds: s, ...r } = t;
|
|
1042
1042
|
if (!s)
|
|
1043
1043
|
return await fetch(e, r);
|
|
1044
|
-
const
|
|
1044
|
+
const n = new AbortController(), i = setTimeout(() => n.abort(), s * 1e3);
|
|
1045
1045
|
try {
|
|
1046
1046
|
return await fetch(e, {
|
|
1047
1047
|
...t,
|
|
1048
|
-
signal:
|
|
1048
|
+
signal: n.signal
|
|
1049
1049
|
});
|
|
1050
1050
|
} catch (o) {
|
|
1051
|
-
throw o instanceof DOMException && o.name === "AbortError" ? new
|
|
1051
|
+
throw o instanceof DOMException && o.name === "AbortError" ? new ie("Network timed out") : o;
|
|
1052
1052
|
} finally {
|
|
1053
|
-
clearTimeout(
|
|
1053
|
+
clearTimeout(i);
|
|
1054
1054
|
}
|
|
1055
1055
|
}
|
|
1056
1056
|
async getJson(e, {
|
|
1057
1057
|
token: t,
|
|
1058
1058
|
credentials: s
|
|
1059
1059
|
} = {}) {
|
|
1060
|
-
const r = this._logger.create("getJson"),
|
|
1060
|
+
const r = this._logger.create("getJson"), n = {
|
|
1061
1061
|
Accept: this._contentTypes.join(", ")
|
|
1062
1062
|
};
|
|
1063
|
-
t && (r.debug("token passed, setting Authorization header"),
|
|
1064
|
-
let
|
|
1063
|
+
t && (r.debug("token passed, setting Authorization header"), n.Authorization = "Bearer " + t);
|
|
1064
|
+
let i;
|
|
1065
1065
|
try {
|
|
1066
|
-
r.debug("url:", e),
|
|
1066
|
+
r.debug("url:", e), i = await this.fetchWithTimeout(e, { method: "GET", headers: n, credentials: s });
|
|
1067
1067
|
} catch (l) {
|
|
1068
1068
|
throw r.error("Network Error"), l;
|
|
1069
1069
|
}
|
|
1070
|
-
r.debug("HTTP response received, status",
|
|
1071
|
-
const o =
|
|
1072
|
-
if (o && !this._contentTypes.find((l) => o.startsWith(l)) && r.throw(new Error(`Invalid response Content-Type: ${o ?? "undefined"}, from URL: ${e}`)),
|
|
1073
|
-
return await this._jwtHandler(await
|
|
1070
|
+
r.debug("HTTP response received, status", i.status);
|
|
1071
|
+
const o = i.headers.get("Content-Type");
|
|
1072
|
+
if (o && !this._contentTypes.find((l) => o.startsWith(l)) && r.throw(new Error(`Invalid response Content-Type: ${o ?? "undefined"}, from URL: ${e}`)), i.ok && this._jwtHandler && (o != null && o.startsWith("application/jwt")))
|
|
1073
|
+
return await this._jwtHandler(await i.text());
|
|
1074
1074
|
let c;
|
|
1075
1075
|
try {
|
|
1076
|
-
c = await
|
|
1076
|
+
c = await i.json();
|
|
1077
1077
|
} catch (l) {
|
|
1078
|
-
throw r.error("Error parsing JSON response", l),
|
|
1078
|
+
throw r.error("Error parsing JSON response", l), i.ok ? l : new Error(`${i.statusText} (${i.status})`);
|
|
1079
1079
|
}
|
|
1080
|
-
if (!
|
|
1081
|
-
throw r.error("Error from server:", c), c.error ? new j(c) : new Error(`${
|
|
1080
|
+
if (!i.ok)
|
|
1081
|
+
throw r.error("Error from server:", c), c.error ? new j(c) : new Error(`${i.statusText} (${i.status}): ${JSON.stringify(c)}`);
|
|
1082
1082
|
return c;
|
|
1083
1083
|
}
|
|
1084
1084
|
async postForm(e, {
|
|
1085
1085
|
body: t,
|
|
1086
1086
|
basicAuth: s,
|
|
1087
1087
|
timeoutInSeconds: r,
|
|
1088
|
-
initCredentials:
|
|
1088
|
+
initCredentials: n
|
|
1089
1089
|
}) {
|
|
1090
|
-
const
|
|
1090
|
+
const i = this._logger.create("postForm"), o = {
|
|
1091
1091
|
Accept: this._contentTypes.join(", "),
|
|
1092
1092
|
"Content-Type": "application/x-www-form-urlencoded"
|
|
1093
1093
|
};
|
|
1094
1094
|
s !== void 0 && (o.Authorization = "Basic " + s);
|
|
1095
1095
|
let c;
|
|
1096
1096
|
try {
|
|
1097
|
-
|
|
1097
|
+
i.debug("url:", e), c = await this.fetchWithTimeout(e, { method: "POST", headers: o, body: t, timeoutInSeconds: r, credentials: n });
|
|
1098
1098
|
} catch (u) {
|
|
1099
|
-
throw
|
|
1099
|
+
throw i.error("Network error"), u;
|
|
1100
1100
|
}
|
|
1101
|
-
|
|
1101
|
+
i.debug("HTTP response received, status", c.status);
|
|
1102
1102
|
const l = c.headers.get("Content-Type");
|
|
1103
1103
|
if (l && !this._contentTypes.find((u) => l.startsWith(u)))
|
|
1104
1104
|
throw new Error(`Invalid response Content-Type: ${l ?? "undefined"}, from URL: ${e}`);
|
|
@@ -1108,15 +1108,15 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1108
1108
|
try {
|
|
1109
1109
|
g = JSON.parse(h);
|
|
1110
1110
|
} catch (u) {
|
|
1111
|
-
throw
|
|
1111
|
+
throw i.error("Error parsing JSON response", u), c.ok ? u : new Error(`${c.statusText} (${c.status})`);
|
|
1112
1112
|
}
|
|
1113
1113
|
if (!c.ok)
|
|
1114
|
-
throw
|
|
1114
|
+
throw i.error("Error from server:", g), g.error ? new j(g, t) : new Error(`${c.statusText} (${c.status}): ${JSON.stringify(g)}`);
|
|
1115
1115
|
return g;
|
|
1116
1116
|
}
|
|
1117
|
-
},
|
|
1117
|
+
}, ze = class {
|
|
1118
1118
|
constructor(e) {
|
|
1119
|
-
this._settings = e, this._logger = new f("MetadataService"), this._jsonService = new
|
|
1119
|
+
this._settings = e, this._logger = new f("MetadataService"), this._jsonService = new ne(["application/jwk-set+json"]), this._signingKeys = null, this._metadata = null, this._metadataUrl = this._settings.metadataUrl, this._settings.signingKeys && (this._logger.debug("using signingKeys from settings"), this._signingKeys = this._settings.signingKeys), this._settings.metadata && (this._logger.debug("using metadata from settings"), this._metadata = this._settings.metadata), this._settings.fetchRequestCredentials && (this._logger.debug("using fetchRequestCredentials from settings"), this._fetchRequestCredentials = this._settings.fetchRequestCredentials);
|
|
1120
1120
|
}
|
|
1121
1121
|
resetSigningKeys() {
|
|
1122
1122
|
this._signingKeys = null;
|
|
@@ -1177,7 +1177,7 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1177
1177
|
throw e.throw(new Error("Missing keys on keyset")), null;
|
|
1178
1178
|
return this._signingKeys = s.keys, this._signingKeys;
|
|
1179
1179
|
}
|
|
1180
|
-
},
|
|
1180
|
+
}, me = class {
|
|
1181
1181
|
constructor({
|
|
1182
1182
|
prefix: e = "oidc.",
|
|
1183
1183
|
store: t = localStorage
|
|
@@ -1204,22 +1204,22 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1204
1204
|
}
|
|
1205
1205
|
return t;
|
|
1206
1206
|
}
|
|
1207
|
-
},
|
|
1207
|
+
}, De = "code", Je = "openid", Ke = "client_secret_post", Ve = "query", Ge = 60 * 15, Qe = 60 * 5, ve = class {
|
|
1208
1208
|
constructor({
|
|
1209
1209
|
// metadata related
|
|
1210
1210
|
authority: e,
|
|
1211
1211
|
metadataUrl: t,
|
|
1212
1212
|
metadata: s,
|
|
1213
1213
|
signingKeys: r,
|
|
1214
|
-
metadataSeed:
|
|
1214
|
+
metadataSeed: n,
|
|
1215
1215
|
// client related
|
|
1216
|
-
client_id:
|
|
1216
|
+
client_id: i,
|
|
1217
1217
|
client_secret: o,
|
|
1218
|
-
response_type: c =
|
|
1219
|
-
scope: l =
|
|
1218
|
+
response_type: c = De,
|
|
1219
|
+
scope: l = Je,
|
|
1220
1220
|
redirect_uri: h,
|
|
1221
1221
|
post_logout_redirect_uri: g,
|
|
1222
|
-
client_authentication: u =
|
|
1222
|
+
client_authentication: u = Ke,
|
|
1223
1223
|
// optional protocol
|
|
1224
1224
|
prompt: S,
|
|
1225
1225
|
display: w,
|
|
@@ -1227,44 +1227,44 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1227
1227
|
ui_locales: _,
|
|
1228
1228
|
acr_values: v,
|
|
1229
1229
|
resource: y,
|
|
1230
|
-
response_mode: a =
|
|
1230
|
+
response_mode: a = Ve,
|
|
1231
1231
|
// behavior flags
|
|
1232
1232
|
filterProtocolClaims: d = !0,
|
|
1233
1233
|
loadUserInfo: p = !1,
|
|
1234
|
-
staleStateAgeInSeconds: m =
|
|
1235
|
-
clockSkewInSeconds: b =
|
|
1234
|
+
staleStateAgeInSeconds: m = Ge,
|
|
1235
|
+
clockSkewInSeconds: b = Qe,
|
|
1236
1236
|
userInfoJwtIssuer: E = "OP",
|
|
1237
1237
|
mergeClaims: C = !1,
|
|
1238
1238
|
disablePKCE: x = !1,
|
|
1239
1239
|
// other behavior
|
|
1240
1240
|
stateStore: P,
|
|
1241
|
-
refreshTokenCredentials:
|
|
1241
|
+
refreshTokenCredentials: I,
|
|
1242
1242
|
revokeTokenAdditionalContentTypes: q,
|
|
1243
1243
|
fetchRequestCredentials: W,
|
|
1244
|
-
refreshTokenAllowedScope:
|
|
1244
|
+
refreshTokenAllowedScope: K,
|
|
1245
1245
|
// extra query params
|
|
1246
|
-
extraQueryParams:
|
|
1247
|
-
extraTokenParams:
|
|
1246
|
+
extraQueryParams: V = {},
|
|
1247
|
+
extraTokenParams: G = {}
|
|
1248
1248
|
}) {
|
|
1249
|
-
if (this.authority = e, t ? this.metadataUrl = t : (this.metadataUrl = e, e && (this.metadataUrl.endsWith("/") || (this.metadataUrl += "/"), this.metadataUrl += ".well-known/openid-configuration")), this.metadata = s, this.metadataSeed =
|
|
1249
|
+
if (this.authority = e, t ? this.metadataUrl = t : (this.metadataUrl = e, e && (this.metadataUrl.endsWith("/") || (this.metadataUrl += "/"), this.metadataUrl += ".well-known/openid-configuration")), this.metadata = s, this.metadataSeed = n, this.signingKeys = r, this.client_id = i, this.client_secret = o, this.response_type = c, this.scope = l, this.redirect_uri = h, this.post_logout_redirect_uri = g, this.client_authentication = u, this.prompt = S, this.display = w, this.max_age = k, this.ui_locales = _, this.acr_values = v, this.resource = y, this.response_mode = a, this.filterProtocolClaims = d ?? !0, this.loadUserInfo = !!p, this.staleStateAgeInSeconds = m, this.clockSkewInSeconds = b, this.userInfoJwtIssuer = E, this.mergeClaims = !!C, this.disablePKCE = !!x, this.revokeTokenAdditionalContentTypes = q, W && I && console.warn("Both fetchRequestCredentials and refreshTokenCredentials is set. Only fetchRequestCredentials will be used."), this.fetchRequestCredentials = W || I || "same-origin", P)
|
|
1250
1250
|
this.stateStore = P;
|
|
1251
1251
|
else {
|
|
1252
|
-
const
|
|
1253
|
-
this.stateStore = new
|
|
1252
|
+
const L = typeof window < "u" ? window.localStorage : new we();
|
|
1253
|
+
this.stateStore = new me({ store: L });
|
|
1254
1254
|
}
|
|
1255
|
-
this.refreshTokenAllowedScope =
|
|
1255
|
+
this.refreshTokenAllowedScope = K, this.extraQueryParams = V, this.extraTokenParams = G;
|
|
1256
1256
|
}
|
|
1257
|
-
},
|
|
1257
|
+
}, Xe = class {
|
|
1258
1258
|
constructor(e, t) {
|
|
1259
1259
|
this._settings = e, this._metadataService = t, this._logger = new f("UserInfoService"), this._getClaimsFromJwt = async (s) => {
|
|
1260
1260
|
const r = this._logger.create("_getClaimsFromJwt");
|
|
1261
1261
|
try {
|
|
1262
|
-
const
|
|
1263
|
-
return r.debug("JWT decoding successful"),
|
|
1264
|
-
} catch (
|
|
1265
|
-
throw r.error("Error parsing JWT response"),
|
|
1262
|
+
const n = ee.decode(s);
|
|
1263
|
+
return r.debug("JWT decoding successful"), n;
|
|
1264
|
+
} catch (n) {
|
|
1265
|
+
throw r.error("Error parsing JWT response"), n;
|
|
1266
1266
|
}
|
|
1267
|
-
}, this._jsonService = new
|
|
1267
|
+
}, this._jsonService = new ne(void 0, this._getClaimsFromJwt);
|
|
1268
1268
|
}
|
|
1269
1269
|
async getClaims(e) {
|
|
1270
1270
|
const t = this._logger.create("getClaims");
|
|
@@ -1277,27 +1277,27 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1277
1277
|
});
|
|
1278
1278
|
return t.debug("got claims", r), r;
|
|
1279
1279
|
}
|
|
1280
|
-
},
|
|
1280
|
+
}, Se = class {
|
|
1281
1281
|
constructor(e, t) {
|
|
1282
|
-
this._settings = e, this._metadataService = t, this._logger = new f("TokenClient"), this._jsonService = new
|
|
1282
|
+
this._settings = e, this._metadataService = t, this._logger = new f("TokenClient"), this._jsonService = new ne(this._settings.revokeTokenAdditionalContentTypes);
|
|
1283
1283
|
}
|
|
1284
1284
|
async exchangeCode({
|
|
1285
1285
|
grant_type: e = "authorization_code",
|
|
1286
1286
|
redirect_uri: t = this._settings.redirect_uri,
|
|
1287
1287
|
client_id: s = this._settings.client_id,
|
|
1288
1288
|
client_secret: r = this._settings.client_secret,
|
|
1289
|
-
...
|
|
1289
|
+
...n
|
|
1290
1290
|
}) {
|
|
1291
|
-
const
|
|
1292
|
-
s ||
|
|
1291
|
+
const i = this._logger.create("exchangeCode");
|
|
1292
|
+
s || i.throw(new Error("A client_id is required")), t || i.throw(new Error("A redirect_uri is required")), n.code || i.throw(new Error("A code is required"));
|
|
1293
1293
|
const o = new URLSearchParams({ grant_type: e, redirect_uri: t });
|
|
1294
|
-
for (const [g, u] of Object.entries(
|
|
1294
|
+
for (const [g, u] of Object.entries(n))
|
|
1295
1295
|
u != null && o.set(g, u);
|
|
1296
1296
|
let c;
|
|
1297
1297
|
switch (this._settings.client_authentication) {
|
|
1298
1298
|
case "client_secret_basic":
|
|
1299
1299
|
if (!r)
|
|
1300
|
-
throw
|
|
1300
|
+
throw i.throw(new Error("A client_secret is required")), null;
|
|
1301
1301
|
c = A.generateBasicAuth(s, r);
|
|
1302
1302
|
break;
|
|
1303
1303
|
case "client_secret_post":
|
|
@@ -1305,27 +1305,27 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1305
1305
|
break;
|
|
1306
1306
|
}
|
|
1307
1307
|
const l = await this._metadataService.getTokenEndpoint(!1);
|
|
1308
|
-
|
|
1308
|
+
i.debug("got token endpoint");
|
|
1309
1309
|
const h = await this._jsonService.postForm(l, { body: o, basicAuth: c, initCredentials: this._settings.fetchRequestCredentials });
|
|
1310
|
-
return
|
|
1310
|
+
return i.debug("got response"), h;
|
|
1311
1311
|
}
|
|
1312
1312
|
async exchangeCredentials({
|
|
1313
1313
|
grant_type: e = "password",
|
|
1314
1314
|
client_id: t = this._settings.client_id,
|
|
1315
1315
|
client_secret: s = this._settings.client_secret,
|
|
1316
1316
|
scope: r = this._settings.scope,
|
|
1317
|
-
...
|
|
1317
|
+
...n
|
|
1318
1318
|
}) {
|
|
1319
|
-
const
|
|
1320
|
-
t ||
|
|
1319
|
+
const i = this._logger.create("exchangeCredentials");
|
|
1320
|
+
t || i.throw(new Error("A client_id is required"));
|
|
1321
1321
|
const o = new URLSearchParams({ grant_type: e, scope: r });
|
|
1322
|
-
for (const [g, u] of Object.entries(
|
|
1322
|
+
for (const [g, u] of Object.entries(n))
|
|
1323
1323
|
u != null && o.set(g, u);
|
|
1324
1324
|
let c;
|
|
1325
1325
|
switch (this._settings.client_authentication) {
|
|
1326
1326
|
case "client_secret_basic":
|
|
1327
1327
|
if (!s)
|
|
1328
|
-
throw
|
|
1328
|
+
throw i.throw(new Error("A client_secret is required")), null;
|
|
1329
1329
|
c = A.generateBasicAuth(t, s);
|
|
1330
1330
|
break;
|
|
1331
1331
|
case "client_secret_post":
|
|
@@ -1333,27 +1333,27 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1333
1333
|
break;
|
|
1334
1334
|
}
|
|
1335
1335
|
const l = await this._metadataService.getTokenEndpoint(!1);
|
|
1336
|
-
|
|
1336
|
+
i.debug("got token endpoint");
|
|
1337
1337
|
const h = await this._jsonService.postForm(l, { body: o, basicAuth: c, initCredentials: this._settings.fetchRequestCredentials });
|
|
1338
|
-
return
|
|
1338
|
+
return i.debug("got response"), h;
|
|
1339
1339
|
}
|
|
1340
1340
|
async exchangeRefreshToken({
|
|
1341
1341
|
grant_type: e = "refresh_token",
|
|
1342
1342
|
client_id: t = this._settings.client_id,
|
|
1343
1343
|
client_secret: s = this._settings.client_secret,
|
|
1344
1344
|
timeoutInSeconds: r,
|
|
1345
|
-
...
|
|
1345
|
+
...n
|
|
1346
1346
|
}) {
|
|
1347
|
-
const
|
|
1348
|
-
t ||
|
|
1347
|
+
const i = this._logger.create("exchangeRefreshToken");
|
|
1348
|
+
t || i.throw(new Error("A client_id is required")), n.refresh_token || i.throw(new Error("A refresh_token is required"));
|
|
1349
1349
|
const o = new URLSearchParams({ grant_type: e });
|
|
1350
|
-
for (const [g, u] of Object.entries(
|
|
1350
|
+
for (const [g, u] of Object.entries(n))
|
|
1351
1351
|
u != null && o.set(g, u);
|
|
1352
1352
|
let c;
|
|
1353
1353
|
switch (this._settings.client_authentication) {
|
|
1354
1354
|
case "client_secret_basic":
|
|
1355
1355
|
if (!s)
|
|
1356
|
-
throw
|
|
1356
|
+
throw i.throw(new Error("A client_secret is required")), null;
|
|
1357
1357
|
c = A.generateBasicAuth(t, s);
|
|
1358
1358
|
break;
|
|
1359
1359
|
case "client_secret_post":
|
|
@@ -1361,9 +1361,9 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1361
1361
|
break;
|
|
1362
1362
|
}
|
|
1363
1363
|
const l = await this._metadataService.getTokenEndpoint(!1);
|
|
1364
|
-
|
|
1364
|
+
i.debug("got token endpoint");
|
|
1365
1365
|
const h = await this._jsonService.postForm(l, { body: o, basicAuth: c, timeoutInSeconds: r, initCredentials: this._settings.fetchRequestCredentials });
|
|
1366
|
-
return
|
|
1366
|
+
return i.debug("got response"), h;
|
|
1367
1367
|
}
|
|
1368
1368
|
/**
|
|
1369
1369
|
* Revoke an access or refresh token.
|
|
@@ -1376,12 +1376,12 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1376
1376
|
e.token || s.throw(new Error("A token is required"));
|
|
1377
1377
|
const r = await this._metadataService.getRevocationEndpoint(!1);
|
|
1378
1378
|
s.debug(`got revocation endpoint, revoking ${(t = e.token_type_hint) != null ? t : "default token type"}`);
|
|
1379
|
-
const
|
|
1380
|
-
for (const [
|
|
1381
|
-
o != null &&
|
|
1382
|
-
|
|
1379
|
+
const n = new URLSearchParams();
|
|
1380
|
+
for (const [i, o] of Object.entries(e))
|
|
1381
|
+
o != null && n.set(i, o);
|
|
1382
|
+
n.set("client_id", this._settings.client_id), this._settings.client_secret && n.set("client_secret", this._settings.client_secret), await this._jsonService.postForm(r, { body: n }), s.debug("got response");
|
|
1383
1383
|
}
|
|
1384
|
-
},
|
|
1384
|
+
}, Ye = [
|
|
1385
1385
|
"nbf",
|
|
1386
1386
|
"jti",
|
|
1387
1387
|
"auth_time",
|
|
@@ -1391,9 +1391,9 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1391
1391
|
"azp",
|
|
1392
1392
|
"at_hash"
|
|
1393
1393
|
// https://openid.net/specs/openid-connect-core-1_0.html#CodeIDToken
|
|
1394
|
-
],
|
|
1394
|
+
], Ze = ["sub", "iss", "aud", "exp", "iat"], et = class {
|
|
1395
1395
|
constructor(e, t) {
|
|
1396
|
-
this._settings = e, this._metadataService = t, this._logger = new f("ResponseValidator"), this._userInfoService = new
|
|
1396
|
+
this._settings = e, this._metadataService = t, this._logger = new f("ResponseValidator"), this._userInfoService = new Xe(this._settings, this._metadataService), this._tokenClient = new Se(this._settings, this._metadataService);
|
|
1397
1397
|
}
|
|
1398
1398
|
async validateSigninResponse(e, t) {
|
|
1399
1399
|
const s = this._logger.create("validateSigninResponse");
|
|
@@ -1405,10 +1405,10 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1405
1405
|
}
|
|
1406
1406
|
async validateRefreshResponse(e, t) {
|
|
1407
1407
|
var s, r;
|
|
1408
|
-
const
|
|
1409
|
-
e.userState = t.data, (s = e.session_state) != null || (e.session_state = t.session_state), (r = e.scope) != null || (e.scope = t.scope), e.isOpenId && e.id_token && (this._validateIdTokenAttributes(e, t.id_token),
|
|
1410
|
-
const
|
|
1411
|
-
await this._processClaims(e, !1,
|
|
1408
|
+
const n = this._logger.create("validateRefreshResponse");
|
|
1409
|
+
e.userState = t.data, (s = e.session_state) != null || (e.session_state = t.session_state), (r = e.scope) != null || (e.scope = t.scope), e.isOpenId && e.id_token && (this._validateIdTokenAttributes(e, t.id_token), n.debug("ID Token validated")), e.id_token || (e.id_token = t.id_token, e.profile = t.profile);
|
|
1410
|
+
const i = e.isOpenId && !!e.id_token;
|
|
1411
|
+
await this._processClaims(e, !1, i), n.debug("claims processed");
|
|
1412
1412
|
}
|
|
1413
1413
|
validateSignoutResponse(e, t) {
|
|
1414
1414
|
const s = this._logger.create("validateSignoutResponse");
|
|
@@ -1429,15 +1429,15 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1429
1429
|
return;
|
|
1430
1430
|
}
|
|
1431
1431
|
r.debug("loading user info");
|
|
1432
|
-
const
|
|
1433
|
-
r.debug("user info claims received from user info endpoint"), s &&
|
|
1432
|
+
const n = await this._userInfoService.getClaims(e.access_token);
|
|
1433
|
+
r.debug("user info claims received from user info endpoint"), s && n.sub !== e.profile.sub && r.throw(new Error("subject from UserInfo response does not match subject in ID Token")), e.profile = this._mergeClaims(e.profile, this._filterProtocolClaims(n)), r.debug("user info claims received, updated profile:", e.profile);
|
|
1434
1434
|
}
|
|
1435
1435
|
_mergeClaims(e, t) {
|
|
1436
1436
|
const s = { ...e };
|
|
1437
|
-
for (const [r,
|
|
1438
|
-
for (const
|
|
1437
|
+
for (const [r, n] of Object.entries(t))
|
|
1438
|
+
for (const i of Array.isArray(n) ? n : [n]) {
|
|
1439
1439
|
const o = s[r];
|
|
1440
|
-
o ? Array.isArray(o) ? o.includes(
|
|
1440
|
+
o ? Array.isArray(o) ? o.includes(i) || o.push(i) : s[r] !== i && (typeof i == "object" && this._settings.mergeClaims ? s[r] = this._mergeClaims(o, i) : s[r] = [o, i]) : s[r] = i;
|
|
1441
1441
|
}
|
|
1442
1442
|
return s;
|
|
1443
1443
|
}
|
|
@@ -1445,9 +1445,9 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1445
1445
|
const t = { ...e };
|
|
1446
1446
|
if (this._settings.filterProtocolClaims) {
|
|
1447
1447
|
let s;
|
|
1448
|
-
Array.isArray(this._settings.filterProtocolClaims) ? s = this._settings.filterProtocolClaims : s =
|
|
1448
|
+
Array.isArray(this._settings.filterProtocolClaims) ? s = this._settings.filterProtocolClaims : s = Ye;
|
|
1449
1449
|
for (const r of s)
|
|
1450
|
-
|
|
1450
|
+
Ze.includes(r) || delete t[r];
|
|
1451
1451
|
}
|
|
1452
1452
|
return t;
|
|
1453
1453
|
}
|
|
@@ -1471,16 +1471,16 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1471
1471
|
var s;
|
|
1472
1472
|
const r = this._logger.create("_validateIdTokenAttributes");
|
|
1473
1473
|
r.debug("decoding ID Token JWT");
|
|
1474
|
-
const
|
|
1475
|
-
if (
|
|
1476
|
-
const
|
|
1477
|
-
|
|
1474
|
+
const n = ee.decode((s = e.id_token) != null ? s : "");
|
|
1475
|
+
if (n.sub || r.throw(new Error("ID Token is missing a subject claim")), t) {
|
|
1476
|
+
const i = ee.decode(t);
|
|
1477
|
+
i.sub !== n.sub && r.throw(new Error("sub in id_token does not match current sub")), i.auth_time && i.auth_time !== n.auth_time && r.throw(new Error("auth_time in id_token does not match original auth_time")), i.azp && i.azp !== n.azp && r.throw(new Error("azp in id_token does not match original azp")), !i.azp && n.azp && r.throw(new Error("azp not in id_token, but present in original id_token"));
|
|
1478
1478
|
}
|
|
1479
|
-
e.profile =
|
|
1479
|
+
e.profile = n;
|
|
1480
1480
|
}
|
|
1481
1481
|
}, H = class {
|
|
1482
1482
|
constructor(e) {
|
|
1483
|
-
this.id = e.id || A.generateUUIDv4(), this.data = e.data, e.created && e.created > 0 ? this.created = e.created : this.created =
|
|
1483
|
+
this.id = e.id || A.generateUUIDv4(), this.data = e.data, e.created && e.created > 0 ? this.created = e.created : this.created = R.getEpochTime(), this.request_type = e.request_type;
|
|
1484
1484
|
}
|
|
1485
1485
|
toStorageString() {
|
|
1486
1486
|
return new f("State").create("toStorageString"), JSON.stringify({
|
|
@@ -1494,10 +1494,10 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1494
1494
|
return f.createStatic("State", "fromStorageString"), new H(JSON.parse(e));
|
|
1495
1495
|
}
|
|
1496
1496
|
static async clearStaleState(e, t) {
|
|
1497
|
-
const s = f.createStatic("State", "clearStaleState"), r =
|
|
1498
|
-
s.debug("got keys",
|
|
1499
|
-
for (let
|
|
1500
|
-
const o = i
|
|
1497
|
+
const s = f.createStatic("State", "clearStaleState"), r = R.getEpochTime() - t, n = await e.getAllKeys();
|
|
1498
|
+
s.debug("got keys", n);
|
|
1499
|
+
for (let i = 0; i < n.length; i++) {
|
|
1500
|
+
const o = n[i], c = await e.get(o);
|
|
1501
1501
|
let l = !1;
|
|
1502
1502
|
if (c)
|
|
1503
1503
|
try {
|
|
@@ -1511,7 +1511,7 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1511
1511
|
l && (s.debug("removed item for key:", o), e.remove(o));
|
|
1512
1512
|
}
|
|
1513
1513
|
}
|
|
1514
|
-
},
|
|
1514
|
+
}, oe = class extends H {
|
|
1515
1515
|
constructor(e) {
|
|
1516
1516
|
super(e), e.code_verifier === !0 ? this.code_verifier = A.generateCodeVerifier() : e.code_verifier && (this.code_verifier = e.code_verifier), this.code_verifier && (this.code_challenge = A.generateCodeChallenge(this.code_verifier)), this.authority = e.authority, this.client_id = e.client_id, this.redirect_uri = e.redirect_uri, this.scope = e.scope, this.client_secret = e.client_secret, this.extraTokenParams = e.extraTokenParams, this.response_mode = e.response_mode, this.skipUserInfo = e.skipUserInfo;
|
|
1517
1517
|
}
|
|
@@ -1535,17 +1535,17 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1535
1535
|
static fromStorageString(e) {
|
|
1536
1536
|
f.createStatic("SigninState", "fromStorageString");
|
|
1537
1537
|
const t = JSON.parse(e);
|
|
1538
|
-
return new
|
|
1538
|
+
return new oe(t);
|
|
1539
1539
|
}
|
|
1540
|
-
},
|
|
1540
|
+
}, tt = class {
|
|
1541
1541
|
constructor({
|
|
1542
1542
|
// mandatory
|
|
1543
1543
|
url: e,
|
|
1544
1544
|
authority: t,
|
|
1545
1545
|
client_id: s,
|
|
1546
1546
|
redirect_uri: r,
|
|
1547
|
-
response_type:
|
|
1548
|
-
scope:
|
|
1547
|
+
response_type: n,
|
|
1548
|
+
scope: i,
|
|
1549
1549
|
// optional
|
|
1550
1550
|
state_data: o,
|
|
1551
1551
|
response_mode: c,
|
|
@@ -1565,13 +1565,13 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1565
1565
|
throw this._logger.error("ctor: No client_id passed"), new Error("client_id");
|
|
1566
1566
|
if (!r)
|
|
1567
1567
|
throw this._logger.error("ctor: No redirect_uri passed"), new Error("redirect_uri");
|
|
1568
|
-
if (!i)
|
|
1569
|
-
throw this._logger.error("ctor: No response_type passed"), new Error("response_type");
|
|
1570
1568
|
if (!n)
|
|
1569
|
+
throw this._logger.error("ctor: No response_type passed"), new Error("response_type");
|
|
1570
|
+
if (!i)
|
|
1571
1571
|
throw this._logger.error("ctor: No scope passed"), new Error("scope");
|
|
1572
1572
|
if (!t)
|
|
1573
1573
|
throw this._logger.error("ctor: No authority passed"), new Error("authority");
|
|
1574
|
-
this.state = new
|
|
1574
|
+
this.state = new oe({
|
|
1575
1575
|
data: o,
|
|
1576
1576
|
request_type: l,
|
|
1577
1577
|
code_verifier: !_,
|
|
@@ -1580,63 +1580,63 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1580
1580
|
redirect_uri: r,
|
|
1581
1581
|
response_mode: c,
|
|
1582
1582
|
client_secret: h,
|
|
1583
|
-
scope:
|
|
1583
|
+
scope: i,
|
|
1584
1584
|
extraTokenParams: k,
|
|
1585
1585
|
skipUserInfo: S
|
|
1586
1586
|
});
|
|
1587
1587
|
const y = new URL(e);
|
|
1588
|
-
y.searchParams.append("client_id", s), y.searchParams.append("redirect_uri", r), y.searchParams.append("response_type",
|
|
1588
|
+
y.searchParams.append("client_id", s), y.searchParams.append("redirect_uri", r), y.searchParams.append("response_type", n), y.searchParams.append("scope", i), g && y.searchParams.append("nonce", g), y.searchParams.append("state", this.state.id), this.state.code_challenge && (y.searchParams.append("code_challenge", this.state.code_challenge), y.searchParams.append("code_challenge_method", "S256")), u && (Array.isArray(u) ? u : [u]).forEach((d) => y.searchParams.append("resource", d));
|
|
1589
1589
|
for (const [a, d] of Object.entries({ response_mode: c, ...v, ...w }))
|
|
1590
1590
|
d != null && y.searchParams.append(a, d.toString());
|
|
1591
1591
|
this.url = y.href;
|
|
1592
1592
|
}
|
|
1593
|
-
},
|
|
1593
|
+
}, st = "openid", Q = class {
|
|
1594
1594
|
constructor(e) {
|
|
1595
1595
|
this.access_token = "", this.token_type = "", this.profile = {}, this.state = e.get("state"), this.session_state = e.get("session_state"), this.error = e.get("error"), this.error_description = e.get("error_description"), this.error_uri = e.get("error_uri"), this.code = e.get("code");
|
|
1596
1596
|
}
|
|
1597
1597
|
get expires_in() {
|
|
1598
1598
|
if (this.expires_at !== void 0)
|
|
1599
|
-
return this.expires_at -
|
|
1599
|
+
return this.expires_at - R.getEpochTime();
|
|
1600
1600
|
}
|
|
1601
1601
|
set expires_in(e) {
|
|
1602
|
-
typeof e == "string" && (e = Number(e)), e !== void 0 && e >= 0 && (this.expires_at = Math.floor(e) +
|
|
1602
|
+
typeof e == "string" && (e = Number(e)), e !== void 0 && e >= 0 && (this.expires_at = Math.floor(e) + R.getEpochTime());
|
|
1603
1603
|
}
|
|
1604
1604
|
get isOpenId() {
|
|
1605
1605
|
var e;
|
|
1606
|
-
return ((e = this.scope) == null ? void 0 : e.split(" ").includes(
|
|
1606
|
+
return ((e = this.scope) == null ? void 0 : e.split(" ").includes(st)) || !!this.id_token;
|
|
1607
1607
|
}
|
|
1608
|
-
},
|
|
1608
|
+
}, rt = class {
|
|
1609
1609
|
constructor({
|
|
1610
1610
|
url: e,
|
|
1611
1611
|
state_data: t,
|
|
1612
1612
|
id_token_hint: s,
|
|
1613
1613
|
post_logout_redirect_uri: r,
|
|
1614
|
-
extraQueryParams:
|
|
1615
|
-
request_type:
|
|
1614
|
+
extraQueryParams: n,
|
|
1615
|
+
request_type: i
|
|
1616
1616
|
}) {
|
|
1617
1617
|
if (this._logger = new f("SignoutRequest"), !e)
|
|
1618
1618
|
throw this._logger.error("ctor: No url passed"), new Error("url");
|
|
1619
1619
|
const o = new URL(e);
|
|
1620
|
-
s && o.searchParams.append("id_token_hint", s), r && (o.searchParams.append("post_logout_redirect_uri", r), t && (this.state = new H({ data: t, request_type:
|
|
1621
|
-
for (const [c, l] of Object.entries({ ...
|
|
1620
|
+
s && o.searchParams.append("id_token_hint", s), r && (o.searchParams.append("post_logout_redirect_uri", r), t && (this.state = new H({ data: t, request_type: i }), o.searchParams.append("state", this.state.id)));
|
|
1621
|
+
for (const [c, l] of Object.entries({ ...n }))
|
|
1622
1622
|
l != null && o.searchParams.append(c, l.toString());
|
|
1623
1623
|
this.url = o.href;
|
|
1624
1624
|
}
|
|
1625
|
-
},
|
|
1625
|
+
}, it = class {
|
|
1626
1626
|
constructor(e) {
|
|
1627
1627
|
this.state = e.get("state"), this.error = e.get("error"), this.error_description = e.get("error_description"), this.error_uri = e.get("error_uri");
|
|
1628
1628
|
}
|
|
1629
|
-
},
|
|
1629
|
+
}, nt = class {
|
|
1630
1630
|
constructor(e) {
|
|
1631
|
-
this._logger = new f("OidcClient"), this.settings = new
|
|
1631
|
+
this._logger = new f("OidcClient"), this.settings = new ve(e), this.metadataService = new ze(this.settings), this._validator = new et(this.settings, this.metadataService), this._tokenClient = new Se(this.settings, this.metadataService);
|
|
1632
1632
|
}
|
|
1633
1633
|
async createSigninRequest({
|
|
1634
1634
|
state: e,
|
|
1635
1635
|
request: t,
|
|
1636
1636
|
request_uri: s,
|
|
1637
1637
|
request_type: r,
|
|
1638
|
-
id_token_hint:
|
|
1639
|
-
login_hint:
|
|
1638
|
+
id_token_hint: n,
|
|
1639
|
+
login_hint: i,
|
|
1640
1640
|
skipUserInfo: o,
|
|
1641
1641
|
nonce: c,
|
|
1642
1642
|
response_type: l = this.settings.response_type,
|
|
@@ -1657,7 +1657,7 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1657
1657
|
throw new Error("Only the Authorization Code flow (with PKCE) is supported");
|
|
1658
1658
|
const m = await this.metadataService.getAuthorizationEndpoint();
|
|
1659
1659
|
p.debug("Received authorization endpoint", m);
|
|
1660
|
-
const b = new
|
|
1660
|
+
const b = new tt({
|
|
1661
1661
|
url: m,
|
|
1662
1662
|
authority: this.settings.authority,
|
|
1663
1663
|
client_id: this.settings.client_id,
|
|
@@ -1669,8 +1669,8 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1669
1669
|
display: S,
|
|
1670
1670
|
max_age: w,
|
|
1671
1671
|
ui_locales: k,
|
|
1672
|
-
id_token_hint:
|
|
1673
|
-
login_hint:
|
|
1672
|
+
id_token_hint: n,
|
|
1673
|
+
login_hint: i,
|
|
1674
1674
|
acr_values: _,
|
|
1675
1675
|
resource: v,
|
|
1676
1676
|
request: t,
|
|
@@ -1689,13 +1689,13 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1689
1689
|
return await this.settings.stateStore.set(E.id, E.toStorageString()), b;
|
|
1690
1690
|
}
|
|
1691
1691
|
async readSigninResponseState(e, t = !1) {
|
|
1692
|
-
const s = this._logger.create("readSigninResponseState"), r = new
|
|
1692
|
+
const s = this._logger.create("readSigninResponseState"), r = new Q(te.readParams(e, this.settings.response_mode));
|
|
1693
1693
|
if (!r.state)
|
|
1694
1694
|
throw s.throw(new Error("No state in response")), null;
|
|
1695
|
-
const
|
|
1696
|
-
if (!
|
|
1695
|
+
const n = await this.settings.stateStore[t ? "remove" : "get"](r.state);
|
|
1696
|
+
if (!n)
|
|
1697
1697
|
throw s.throw(new Error("No matching state found in storage")), null;
|
|
1698
|
-
return { state:
|
|
1698
|
+
return { state: oe.fromStorageString(n), response: r };
|
|
1699
1699
|
}
|
|
1700
1700
|
async processSigninResponse(e) {
|
|
1701
1701
|
const t = this._logger.create("processSigninResponse"), { state: s, response: r } = await this.readSigninResponseState(e, !0);
|
|
@@ -1707,8 +1707,8 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1707
1707
|
skipUserInfo: s = !1,
|
|
1708
1708
|
extraTokenParams: r = {}
|
|
1709
1709
|
}) {
|
|
1710
|
-
const
|
|
1711
|
-
return Object.assign(
|
|
1710
|
+
const n = await this._tokenClient.exchangeCredentials({ username: e, password: t, ...r }), i = new Q(new URLSearchParams());
|
|
1711
|
+
return Object.assign(i, n), await this._validator.validateCredentialsResponse(i, s), i;
|
|
1712
1712
|
}
|
|
1713
1713
|
async useRefreshToken({
|
|
1714
1714
|
state: e,
|
|
@@ -1716,24 +1716,24 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1716
1716
|
}) {
|
|
1717
1717
|
var s;
|
|
1718
1718
|
const r = this._logger.create("useRefreshToken");
|
|
1719
|
-
let
|
|
1719
|
+
let n;
|
|
1720
1720
|
if (this.settings.refreshTokenAllowedScope === void 0)
|
|
1721
|
-
|
|
1721
|
+
n = e.scope;
|
|
1722
1722
|
else {
|
|
1723
1723
|
const c = this.settings.refreshTokenAllowedScope.split(" ");
|
|
1724
|
-
|
|
1724
|
+
n = (((s = e.scope) == null ? void 0 : s.split(" ")) || []).filter((h) => c.includes(h)).join(" ");
|
|
1725
1725
|
}
|
|
1726
|
-
const
|
|
1726
|
+
const i = await this._tokenClient.exchangeRefreshToken({
|
|
1727
1727
|
refresh_token: e.refresh_token,
|
|
1728
1728
|
// provide the (possible filtered) scope list
|
|
1729
|
-
scope:
|
|
1729
|
+
scope: n,
|
|
1730
1730
|
timeoutInSeconds: t
|
|
1731
|
-
}), o = new
|
|
1732
|
-
return Object.assign(o,
|
|
1731
|
+
}), o = new Q(new URLSearchParams());
|
|
1732
|
+
return Object.assign(o, i), r.debug("validating response", o), await this._validator.validateRefreshResponse(o, {
|
|
1733
1733
|
...e,
|
|
1734
1734
|
// overide the scope in the state handed over to the validator
|
|
1735
1735
|
// so it can set the granted scope to the requested scope in case none is included in the response
|
|
1736
|
-
scope:
|
|
1736
|
+
scope: n
|
|
1737
1737
|
}), o;
|
|
1738
1738
|
}
|
|
1739
1739
|
async createSignoutRequest({
|
|
@@ -1741,35 +1741,35 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1741
1741
|
id_token_hint: t,
|
|
1742
1742
|
request_type: s,
|
|
1743
1743
|
post_logout_redirect_uri: r = this.settings.post_logout_redirect_uri,
|
|
1744
|
-
extraQueryParams:
|
|
1744
|
+
extraQueryParams: n = this.settings.extraQueryParams
|
|
1745
1745
|
} = {}) {
|
|
1746
|
-
const
|
|
1746
|
+
const i = this._logger.create("createSignoutRequest"), o = await this.metadataService.getEndSessionEndpoint();
|
|
1747
1747
|
if (!o)
|
|
1748
|
-
throw
|
|
1749
|
-
|
|
1750
|
-
const c = new
|
|
1748
|
+
throw i.throw(new Error("No end session endpoint")), null;
|
|
1749
|
+
i.debug("Received end session endpoint", o);
|
|
1750
|
+
const c = new rt({
|
|
1751
1751
|
url: o,
|
|
1752
1752
|
id_token_hint: t,
|
|
1753
1753
|
post_logout_redirect_uri: r,
|
|
1754
1754
|
state_data: e,
|
|
1755
|
-
extraQueryParams:
|
|
1755
|
+
extraQueryParams: n,
|
|
1756
1756
|
request_type: s
|
|
1757
1757
|
});
|
|
1758
1758
|
await this.clearStaleState();
|
|
1759
1759
|
const l = c.state;
|
|
1760
|
-
return l && (
|
|
1760
|
+
return l && (i.debug("Signout request has state to persist"), await this.settings.stateStore.set(l.id, l.toStorageString())), c;
|
|
1761
1761
|
}
|
|
1762
1762
|
async readSignoutResponseState(e, t = !1) {
|
|
1763
|
-
const s = this._logger.create("readSignoutResponseState"), r = new
|
|
1763
|
+
const s = this._logger.create("readSignoutResponseState"), r = new it(te.readParams(e, this.settings.response_mode));
|
|
1764
1764
|
if (!r.state) {
|
|
1765
1765
|
if (s.debug("No state in response"), r.error)
|
|
1766
1766
|
throw s.warn("Response was error:", r.error), new j(r);
|
|
1767
1767
|
return { state: void 0, response: r };
|
|
1768
1768
|
}
|
|
1769
|
-
const
|
|
1770
|
-
if (!
|
|
1769
|
+
const n = await this.settings.stateStore[t ? "remove" : "get"](r.state);
|
|
1770
|
+
if (!n)
|
|
1771
1771
|
throw s.throw(new Error("No matching state found in storage")), null;
|
|
1772
|
-
return { state: H.fromStorageString(
|
|
1772
|
+
return { state: H.fromStorageString(n), response: r };
|
|
1773
1773
|
}
|
|
1774
1774
|
async processSignoutResponse(e) {
|
|
1775
1775
|
const t = this._logger.create("processSignoutResponse"), { state: s, response: r } = await this.readSignoutResponseState(e, !0);
|
|
@@ -1784,7 +1784,7 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1784
1784
|
token_type_hint: t
|
|
1785
1785
|
});
|
|
1786
1786
|
}
|
|
1787
|
-
},
|
|
1787
|
+
}, ot = class {
|
|
1788
1788
|
constructor(e) {
|
|
1789
1789
|
this._userManager = e, this._logger = new f("SessionMonitor"), this._start = async (t) => {
|
|
1790
1790
|
const s = t.session_state;
|
|
@@ -1796,15 +1796,15 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1796
1796
|
return;
|
|
1797
1797
|
}
|
|
1798
1798
|
try {
|
|
1799
|
-
const
|
|
1800
|
-
if (
|
|
1799
|
+
const n = await this._userManager.metadataService.getCheckSessionIframe();
|
|
1800
|
+
if (n) {
|
|
1801
1801
|
r.debug("initializing check session iframe");
|
|
1802
|
-
const
|
|
1802
|
+
const i = this._userManager.settings.client_id, o = this._userManager.settings.checkSessionIntervalInSeconds, c = this._userManager.settings.stopCheckSessionOnError, l = new $e(this._callback, i, n, o, c);
|
|
1803
1803
|
await l.load(), this._checkSessionIFrame = l, l.start(s);
|
|
1804
1804
|
} else
|
|
1805
1805
|
r.warn("no check session iframe found in the metadata");
|
|
1806
|
-
} catch (
|
|
1807
|
-
r.error("Error from getCheckSessionIframe:",
|
|
1806
|
+
} catch (n) {
|
|
1807
|
+
r.error("Error from getCheckSessionIframe:", n instanceof Error ? n.message : n);
|
|
1808
1808
|
}
|
|
1809
1809
|
}, this._stop = () => {
|
|
1810
1810
|
const t = this._logger.create("_stop");
|
|
@@ -1814,14 +1814,14 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1814
1814
|
try {
|
|
1815
1815
|
const r = await this._userManager.querySessionStatus();
|
|
1816
1816
|
if (r) {
|
|
1817
|
-
const
|
|
1817
|
+
const n = {
|
|
1818
1818
|
session_state: r.session_state,
|
|
1819
1819
|
profile: r.sub && r.sid ? {
|
|
1820
1820
|
sub: r.sub,
|
|
1821
1821
|
sid: r.sid
|
|
1822
1822
|
} : null
|
|
1823
1823
|
};
|
|
1824
|
-
this._start(
|
|
1824
|
+
this._start(n);
|
|
1825
1825
|
}
|
|
1826
1826
|
} catch (r) {
|
|
1827
1827
|
t.error("error from querySessionStatus", r instanceof Error ? r.message : r);
|
|
@@ -1860,7 +1860,7 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1860
1860
|
}
|
|
1861
1861
|
}
|
|
1862
1862
|
}
|
|
1863
|
-
},
|
|
1863
|
+
}, F = class {
|
|
1864
1864
|
constructor(e) {
|
|
1865
1865
|
var t;
|
|
1866
1866
|
this.id_token = e.id_token, this.session_state = (t = e.session_state) != null ? t : null, this.access_token = e.access_token, this.refresh_token = e.refresh_token, this.token_type = e.token_type, this.scope = e.scope, this.profile = e.profile, this.expires_at = e.expires_at, this.state = e.userState;
|
|
@@ -1868,10 +1868,10 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1868
1868
|
/** Computed number of seconds the access token has remaining. */
|
|
1869
1869
|
get expires_in() {
|
|
1870
1870
|
if (this.expires_at !== void 0)
|
|
1871
|
-
return this.expires_at -
|
|
1871
|
+
return this.expires_at - R.getEpochTime();
|
|
1872
1872
|
}
|
|
1873
1873
|
set expires_in(e) {
|
|
1874
|
-
e !== void 0 && (this.expires_at = Math.floor(e) +
|
|
1874
|
+
e !== void 0 && (this.expires_at = Math.floor(e) + R.getEpochTime());
|
|
1875
1875
|
}
|
|
1876
1876
|
/** Computed value indicating if the access token is expired. */
|
|
1877
1877
|
get expired() {
|
|
@@ -1897,9 +1897,9 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1897
1897
|
});
|
|
1898
1898
|
}
|
|
1899
1899
|
static fromStorageString(e) {
|
|
1900
|
-
return f.createStatic("User", "fromStorageString"), new
|
|
1900
|
+
return f.createStatic("User", "fromStorageString"), new F(JSON.parse(e));
|
|
1901
1901
|
}
|
|
1902
|
-
},
|
|
1902
|
+
}, he = "oidc-client", ye = class {
|
|
1903
1903
|
constructor() {
|
|
1904
1904
|
this._abort = new O("Window navigation aborted"), this._disposeHandlers = /* @__PURE__ */ new Set(), this._window = null;
|
|
1905
1905
|
}
|
|
@@ -1908,23 +1908,23 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1908
1908
|
if (!this._window)
|
|
1909
1909
|
throw new Error("Attempted to navigate on a disposed window");
|
|
1910
1910
|
t.debug("setting URL in window"), this._window.location.replace(e.url);
|
|
1911
|
-
const { url: s, keepOpen: r } = await new Promise((
|
|
1911
|
+
const { url: s, keepOpen: r } = await new Promise((n, i) => {
|
|
1912
1912
|
const o = (c) => {
|
|
1913
1913
|
var l;
|
|
1914
1914
|
const h = c.data, g = (l = e.scriptOrigin) != null ? l : window.location.origin;
|
|
1915
|
-
if (!(c.origin !== g || (h == null ? void 0 : h.source) !==
|
|
1915
|
+
if (!(c.origin !== g || (h == null ? void 0 : h.source) !== he)) {
|
|
1916
1916
|
try {
|
|
1917
|
-
const u =
|
|
1917
|
+
const u = te.readParams(h.url, e.response_mode).get("state");
|
|
1918
1918
|
if (u || t.warn("no state found in response url"), c.source !== this._window && u !== e.state)
|
|
1919
1919
|
return;
|
|
1920
1920
|
} catch {
|
|
1921
|
-
this._dispose(),
|
|
1921
|
+
this._dispose(), i(new Error("Invalid response from window"));
|
|
1922
1922
|
}
|
|
1923
|
-
|
|
1923
|
+
n(h);
|
|
1924
1924
|
}
|
|
1925
1925
|
};
|
|
1926
1926
|
window.addEventListener("message", o, !1), this._disposeHandlers.add(() => window.removeEventListener("message", o, !1)), this._disposeHandlers.add(this._abort.addHandler((c) => {
|
|
1927
|
-
this._dispose(),
|
|
1927
|
+
this._dispose(), i(c);
|
|
1928
1928
|
}));
|
|
1929
1929
|
});
|
|
1930
1930
|
return t.debug("got response from window"), this._dispose(), r || this.close(), { url: s };
|
|
@@ -1937,54 +1937,54 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1937
1937
|
}
|
|
1938
1938
|
static _notifyParent(e, t, s = !1, r = window.location.origin) {
|
|
1939
1939
|
e.postMessage({
|
|
1940
|
-
source:
|
|
1940
|
+
source: he,
|
|
1941
1941
|
url: t,
|
|
1942
1942
|
keepOpen: s
|
|
1943
1943
|
}, r);
|
|
1944
1944
|
}
|
|
1945
|
-
},
|
|
1945
|
+
}, be = {
|
|
1946
1946
|
location: !1,
|
|
1947
1947
|
toolbar: !1,
|
|
1948
1948
|
height: 640
|
|
1949
|
-
},
|
|
1949
|
+
}, ke = "_blank", at = 60, ct = 2, Ee = 10, lt = class extends ve {
|
|
1950
1950
|
constructor(e) {
|
|
1951
1951
|
const {
|
|
1952
1952
|
popup_redirect_uri: t = e.redirect_uri,
|
|
1953
1953
|
popup_post_logout_redirect_uri: s = e.post_logout_redirect_uri,
|
|
1954
|
-
popupWindowFeatures: r =
|
|
1955
|
-
popupWindowTarget:
|
|
1956
|
-
redirectMethod:
|
|
1954
|
+
popupWindowFeatures: r = be,
|
|
1955
|
+
popupWindowTarget: n = ke,
|
|
1956
|
+
redirectMethod: i = "assign",
|
|
1957
1957
|
redirectTarget: o = "self",
|
|
1958
1958
|
iframeNotifyParentOrigin: c = e.iframeNotifyParentOrigin,
|
|
1959
1959
|
iframeScriptOrigin: l = e.iframeScriptOrigin,
|
|
1960
1960
|
silent_redirect_uri: h = e.redirect_uri,
|
|
1961
|
-
silentRequestTimeoutInSeconds: g =
|
|
1961
|
+
silentRequestTimeoutInSeconds: g = Ee,
|
|
1962
1962
|
automaticSilentRenew: u = !0,
|
|
1963
1963
|
validateSubOnSilentRenew: S = !0,
|
|
1964
1964
|
includeIdTokenInSilentRenew: w = !1,
|
|
1965
1965
|
monitorSession: k = !1,
|
|
1966
1966
|
monitorAnonymousSession: _ = !1,
|
|
1967
|
-
checkSessionIntervalInSeconds: v =
|
|
1967
|
+
checkSessionIntervalInSeconds: v = ct,
|
|
1968
1968
|
query_status_response_type: y = "code",
|
|
1969
1969
|
stopCheckSessionOnError: a = !0,
|
|
1970
1970
|
revokeTokenTypes: d = ["access_token", "refresh_token"],
|
|
1971
1971
|
revokeTokensOnSignout: p = !1,
|
|
1972
1972
|
includeIdTokenInSilentSignout: m = !1,
|
|
1973
|
-
accessTokenExpiringNotificationTimeInSeconds: b =
|
|
1973
|
+
accessTokenExpiringNotificationTimeInSeconds: b = at,
|
|
1974
1974
|
userStore: E
|
|
1975
1975
|
} = e;
|
|
1976
|
-
if (super(e), this.popup_redirect_uri = t, this.popup_post_logout_redirect_uri = s, this.popupWindowFeatures = r, this.popupWindowTarget =
|
|
1976
|
+
if (super(e), this.popup_redirect_uri = t, this.popup_post_logout_redirect_uri = s, this.popupWindowFeatures = r, this.popupWindowTarget = n, this.redirectMethod = i, this.redirectTarget = o, this.iframeNotifyParentOrigin = c, this.iframeScriptOrigin = l, this.silent_redirect_uri = h, this.silentRequestTimeoutInSeconds = g, this.automaticSilentRenew = u, this.validateSubOnSilentRenew = S, this.includeIdTokenInSilentRenew = w, this.monitorSession = k, this.monitorAnonymousSession = _, this.checkSessionIntervalInSeconds = v, this.stopCheckSessionOnError = a, this.query_status_response_type = y, this.revokeTokenTypes = d, this.revokeTokensOnSignout = p, this.includeIdTokenInSilentSignout = m, this.accessTokenExpiringNotificationTimeInSeconds = b, E)
|
|
1977
1977
|
this.userStore = E;
|
|
1978
1978
|
else {
|
|
1979
|
-
const C = typeof window < "u" ? window.sessionStorage : new
|
|
1980
|
-
this.userStore = new
|
|
1979
|
+
const C = typeof window < "u" ? window.sessionStorage : new we();
|
|
1980
|
+
this.userStore = new me({ store: C });
|
|
1981
1981
|
}
|
|
1982
1982
|
}
|
|
1983
|
-
},
|
|
1983
|
+
}, se = class extends ye {
|
|
1984
1984
|
constructor({
|
|
1985
|
-
silentRequestTimeoutInSeconds: e =
|
|
1985
|
+
silentRequestTimeoutInSeconds: e = Ee
|
|
1986
1986
|
}) {
|
|
1987
|
-
super(), this._logger = new f("IFrameWindow"), this._timeoutInSeconds = e, this._frame =
|
|
1987
|
+
super(), this._logger = new f("IFrameWindow"), this._timeoutInSeconds = e, this._frame = se.createHiddenIframe(), this._window = this._frame.contentWindow;
|
|
1988
1988
|
}
|
|
1989
1989
|
static createHiddenIframe() {
|
|
1990
1990
|
const e = window.document.createElement("iframe");
|
|
@@ -1992,7 +1992,7 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
1992
1992
|
}
|
|
1993
1993
|
async navigate(e) {
|
|
1994
1994
|
this._logger.debug("navigate: Using timeout of:", this._timeoutInSeconds);
|
|
1995
|
-
const t = setTimeout(() => this._abort.raise(new
|
|
1995
|
+
const t = setTimeout(() => this._abort.raise(new ie("IFrame timed out without a response")), this._timeoutInSeconds * 1e3);
|
|
1996
1996
|
return this._disposeHandlers.add(() => clearTimeout(t)), await super.navigate(e);
|
|
1997
1997
|
}
|
|
1998
1998
|
close() {
|
|
@@ -2006,33 +2006,33 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2006
2006
|
static notifyParent(e, t) {
|
|
2007
2007
|
return super._notifyParent(window.parent, e, !1, t);
|
|
2008
2008
|
}
|
|
2009
|
-
},
|
|
2009
|
+
}, dt = class {
|
|
2010
2010
|
constructor(e) {
|
|
2011
2011
|
this._settings = e, this._logger = new f("IFrameNavigator");
|
|
2012
2012
|
}
|
|
2013
2013
|
async prepare({
|
|
2014
2014
|
silentRequestTimeoutInSeconds: e = this._settings.silentRequestTimeoutInSeconds
|
|
2015
2015
|
}) {
|
|
2016
|
-
return new
|
|
2016
|
+
return new se({ silentRequestTimeoutInSeconds: e });
|
|
2017
2017
|
}
|
|
2018
2018
|
async callback(e) {
|
|
2019
|
-
this._logger.create("callback"),
|
|
2019
|
+
this._logger.create("callback"), se.notifyParent(e, this._settings.iframeNotifyParentOrigin);
|
|
2020
2020
|
}
|
|
2021
|
-
},
|
|
2021
|
+
}, ht = 500, ue = class extends ye {
|
|
2022
2022
|
constructor({
|
|
2023
|
-
popupWindowTarget: e =
|
|
2023
|
+
popupWindowTarget: e = ke,
|
|
2024
2024
|
popupWindowFeatures: t = {}
|
|
2025
2025
|
}) {
|
|
2026
2026
|
super(), this._logger = new f("PopupWindow");
|
|
2027
|
-
const s =
|
|
2028
|
-
this._window = window.open(void 0, e,
|
|
2027
|
+
const s = de.center({ ...be, ...t });
|
|
2028
|
+
this._window = window.open(void 0, e, de.serialize(s));
|
|
2029
2029
|
}
|
|
2030
2030
|
async navigate(e) {
|
|
2031
2031
|
var t;
|
|
2032
2032
|
(t = this._window) == null || t.focus();
|
|
2033
2033
|
const s = setInterval(() => {
|
|
2034
2034
|
(!this._window || this._window.closed) && this._abort.raise(new Error("Popup closed by user"));
|
|
2035
|
-
},
|
|
2035
|
+
}, ht);
|
|
2036
2036
|
return this._disposeHandlers.add(() => clearInterval(s)), await super.navigate(e);
|
|
2037
2037
|
}
|
|
2038
2038
|
close() {
|
|
@@ -2043,7 +2043,7 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2043
2043
|
throw new Error("No window.opener. Can't complete notification.");
|
|
2044
2044
|
return super._notifyParent(window.opener, e, t);
|
|
2045
2045
|
}
|
|
2046
|
-
},
|
|
2046
|
+
}, ut = class {
|
|
2047
2047
|
constructor(e) {
|
|
2048
2048
|
this._settings = e, this._logger = new f("PopupNavigator");
|
|
2049
2049
|
}
|
|
@@ -2051,12 +2051,12 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2051
2051
|
popupWindowFeatures: e = this._settings.popupWindowFeatures,
|
|
2052
2052
|
popupWindowTarget: t = this._settings.popupWindowTarget
|
|
2053
2053
|
}) {
|
|
2054
|
-
return new
|
|
2054
|
+
return new ue({ popupWindowFeatures: e, popupWindowTarget: t });
|
|
2055
2055
|
}
|
|
2056
2056
|
async callback(e, t = !1) {
|
|
2057
|
-
this._logger.create("callback"),
|
|
2057
|
+
this._logger.create("callback"), ue.notifyOpener(e, t);
|
|
2058
2058
|
}
|
|
2059
|
-
},
|
|
2059
|
+
}, gt = class {
|
|
2060
2060
|
constructor(e) {
|
|
2061
2061
|
this._settings = e, this._logger = new f("RedirectNavigator");
|
|
2062
2062
|
}
|
|
@@ -2068,22 +2068,22 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2068
2068
|
this._logger.create("prepare");
|
|
2069
2069
|
let r = window.self;
|
|
2070
2070
|
t === "top" && (r = (s = window.top) != null ? s : window.self);
|
|
2071
|
-
const
|
|
2072
|
-
let
|
|
2071
|
+
const n = r.location[e].bind(r.location);
|
|
2072
|
+
let i;
|
|
2073
2073
|
return {
|
|
2074
2074
|
navigate: async (o) => {
|
|
2075
2075
|
this._logger.create("navigate");
|
|
2076
2076
|
const c = new Promise((l, h) => {
|
|
2077
|
-
|
|
2077
|
+
i = h;
|
|
2078
2078
|
});
|
|
2079
|
-
return
|
|
2079
|
+
return n(o.url), await c;
|
|
2080
2080
|
},
|
|
2081
2081
|
close: () => {
|
|
2082
|
-
this._logger.create("close"),
|
|
2082
|
+
this._logger.create("close"), i == null || i(new Error("Redirect aborted")), r.stop();
|
|
2083
2083
|
}
|
|
2084
2084
|
};
|
|
2085
2085
|
}
|
|
2086
|
-
},
|
|
2086
|
+
}, _t = class extends Fe {
|
|
2087
2087
|
constructor(e) {
|
|
2088
2088
|
super({ expiringNotificationTimeInSeconds: e.accessTokenExpiringNotificationTimeInSeconds }), this._logger = new f("UserManagerEvents"), this._userLoaded = new O("User loaded"), this._userUnloaded = new O("User unloaded"), this._silentRenewError = new O("Silent renew error"), this._userSignedIn = new O("User signed in"), this._userSignedOut = new O("User signed out"), this._userSessionChanged = new O("User session changed");
|
|
2089
2089
|
}
|
|
@@ -2192,14 +2192,14 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2192
2192
|
_raiseUserSessionChanged() {
|
|
2193
2193
|
this._userSessionChanged.raise();
|
|
2194
2194
|
}
|
|
2195
|
-
},
|
|
2195
|
+
}, pt = class {
|
|
2196
2196
|
constructor(e) {
|
|
2197
|
-
this._userManager = e, this._logger = new f("SilentRenewService"), this._isStarted = !1, this._retryTimer = new
|
|
2197
|
+
this._userManager = e, this._logger = new f("SilentRenewService"), this._isStarted = !1, this._retryTimer = new R("Retry Silent Renew"), this._tokenExpiring = async () => {
|
|
2198
2198
|
const t = this._logger.create("_tokenExpiring");
|
|
2199
2199
|
try {
|
|
2200
2200
|
await this._userManager.signinSilent(), t.debug("silent token renewal successful");
|
|
2201
2201
|
} catch (s) {
|
|
2202
|
-
if (s instanceof
|
|
2202
|
+
if (s instanceof ie) {
|
|
2203
2203
|
t.warn("ErrorTimeout from signinSilent:", s, "retry in 5s"), this._retryTimer.init(5);
|
|
2204
2204
|
return;
|
|
2205
2205
|
}
|
|
@@ -2221,13 +2221,13 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2221
2221
|
stop() {
|
|
2222
2222
|
this._isStarted && (this._retryTimer.cancel(), this._retryTimer.removeHandler(this._tokenExpiring), this._userManager.events.removeAccessTokenExpiring(this._tokenExpiring), this._isStarted = !1);
|
|
2223
2223
|
}
|
|
2224
|
-
},
|
|
2224
|
+
}, ft = class {
|
|
2225
2225
|
constructor(e) {
|
|
2226
2226
|
this.refresh_token = e.refresh_token, this.id_token = e.id_token, this.session_state = e.session_state, this.scope = e.scope, this.profile = e.profile, this.data = e.state;
|
|
2227
2227
|
}
|
|
2228
|
-
},
|
|
2228
|
+
}, Rt = class {
|
|
2229
2229
|
constructor(e) {
|
|
2230
|
-
this._logger = new f("UserManager"), this.settings = new
|
|
2230
|
+
this._logger = new f("UserManager"), this.settings = new lt(e), this._client = new nt(e), this._redirectNavigator = new gt(this.settings), this._popupNavigator = new ut(this.settings), this._iframeNavigator = new dt(this.settings), this._events = new _t(this.settings), this._silentRenewService = new pt(this), this.settings.automaticSilentRenew && this.startSilentRenew(), this._sessionMonitor = null, this.settings.monitorSession && (this._sessionMonitor = new ot(this));
|
|
2231
2231
|
}
|
|
2232
2232
|
/** Returns an object used to register for events raised by the `UserManager`. */
|
|
2233
2233
|
get events() {
|
|
@@ -2282,10 +2282,10 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2282
2282
|
password: t,
|
|
2283
2283
|
skipUserInfo: s = !1
|
|
2284
2284
|
}) {
|
|
2285
|
-
const r = this._logger.create("signinResourceOwnerCredential"),
|
|
2285
|
+
const r = this._logger.create("signinResourceOwnerCredential"), n = await this._client.processResourceOwnerPasswordCredentials({ username: e, password: t, skipUserInfo: s, extraTokenParams: this.settings.extraTokenParams });
|
|
2286
2286
|
r.debug("got signin response");
|
|
2287
|
-
const
|
|
2288
|
-
return
|
|
2287
|
+
const i = await this._buildUser(n);
|
|
2288
|
+
return i.profile && i.profile.sub ? r.info("success, signed in subject", i.profile.sub) : r.info("no subject"), i;
|
|
2289
2289
|
}
|
|
2290
2290
|
/**
|
|
2291
2291
|
* Returns promise to trigger a request (via a popup window) to the authorization endpoint. The result of the promise is the authenticated `User`.
|
|
@@ -2294,14 +2294,14 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2294
2294
|
const t = this._logger.create("signinPopup"), {
|
|
2295
2295
|
popupWindowFeatures: s,
|
|
2296
2296
|
popupWindowTarget: r,
|
|
2297
|
-
...
|
|
2298
|
-
} = e,
|
|
2299
|
-
|
|
2297
|
+
...n
|
|
2298
|
+
} = e, i = this.settings.popup_redirect_uri;
|
|
2299
|
+
i || t.throw(new Error("No popup_redirect_uri configured"));
|
|
2300
2300
|
const o = await this._popupNavigator.prepare({ popupWindowFeatures: s, popupWindowTarget: r }), c = await this._signin({
|
|
2301
2301
|
request_type: "si:p",
|
|
2302
|
-
redirect_uri:
|
|
2302
|
+
redirect_uri: i,
|
|
2303
2303
|
display: "popup",
|
|
2304
|
-
...
|
|
2304
|
+
...n
|
|
2305
2305
|
}, o);
|
|
2306
2306
|
return c && (c.profile && c.profile.sub ? t.info("success, signed in subject", c.profile.sub) : t.info("no subject")), c;
|
|
2307
2307
|
}
|
|
@@ -2320,32 +2320,32 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2320
2320
|
var t;
|
|
2321
2321
|
const s = this._logger.create("signinSilent"), {
|
|
2322
2322
|
silentRequestTimeoutInSeconds: r,
|
|
2323
|
-
...
|
|
2323
|
+
...n
|
|
2324
2324
|
} = e;
|
|
2325
|
-
let
|
|
2326
|
-
if (
|
|
2325
|
+
let i = await this._loadUser();
|
|
2326
|
+
if (i != null && i.refresh_token) {
|
|
2327
2327
|
s.debug("using refresh token");
|
|
2328
|
-
const h = new
|
|
2328
|
+
const h = new ft(i);
|
|
2329
2329
|
return await this._useRefreshToken(h);
|
|
2330
2330
|
}
|
|
2331
2331
|
const o = this.settings.silent_redirect_uri;
|
|
2332
2332
|
o || s.throw(new Error("No silent_redirect_uri configured"));
|
|
2333
2333
|
let c;
|
|
2334
|
-
|
|
2334
|
+
i && this.settings.validateSubOnSilentRenew && (s.debug("subject prior to silent renew:", i.profile.sub), c = i.profile.sub);
|
|
2335
2335
|
const l = await this._iframeNavigator.prepare({ silentRequestTimeoutInSeconds: r });
|
|
2336
|
-
return
|
|
2336
|
+
return i = await this._signin({
|
|
2337
2337
|
request_type: "si:s",
|
|
2338
2338
|
redirect_uri: o,
|
|
2339
2339
|
prompt: "none",
|
|
2340
|
-
id_token_hint: this.settings.includeIdTokenInSilentRenew ?
|
|
2341
|
-
...
|
|
2342
|
-
}, l, c),
|
|
2340
|
+
id_token_hint: this.settings.includeIdTokenInSilentRenew ? i == null ? void 0 : i.id_token : void 0,
|
|
2341
|
+
...n
|
|
2342
|
+
}, l, c), i && ((t = i.profile) != null && t.sub ? s.info("success, signed in subject", i.profile.sub) : s.info("no subject")), i;
|
|
2343
2343
|
}
|
|
2344
2344
|
async _useRefreshToken(e) {
|
|
2345
2345
|
const t = await this._client.useRefreshToken({
|
|
2346
2346
|
state: e,
|
|
2347
2347
|
timeoutInSeconds: this.settings.silentRequestTimeoutInSeconds
|
|
2348
|
-
}), s = new
|
|
2348
|
+
}), s = new F({ ...e, ...t });
|
|
2349
2349
|
return await this.storeUser(s), this._events.load(s), s;
|
|
2350
2350
|
}
|
|
2351
2351
|
/**
|
|
@@ -2392,14 +2392,14 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2392
2392
|
const t = this._logger.create("querySessionStatus"), {
|
|
2393
2393
|
silentRequestTimeoutInSeconds: s,
|
|
2394
2394
|
...r
|
|
2395
|
-
} = e,
|
|
2396
|
-
|
|
2397
|
-
const
|
|
2395
|
+
} = e, n = this.settings.silent_redirect_uri;
|
|
2396
|
+
n || t.throw(new Error("No silent_redirect_uri configured"));
|
|
2397
|
+
const i = await this._loadUser(), o = await this._iframeNavigator.prepare({ silentRequestTimeoutInSeconds: s }), c = await this._signinStart({
|
|
2398
2398
|
request_type: "si:s",
|
|
2399
2399
|
// this acts like a signin silent
|
|
2400
|
-
redirect_uri:
|
|
2400
|
+
redirect_uri: n,
|
|
2401
2401
|
prompt: "none",
|
|
2402
|
-
id_token_hint: this.settings.includeIdTokenInSilentRenew ?
|
|
2402
|
+
id_token_hint: this.settings.includeIdTokenInSilentRenew ? i == null ? void 0 : i.id_token : void 0,
|
|
2403
2403
|
response_type: this.settings.query_status_response_type,
|
|
2404
2404
|
scope: "openid",
|
|
2405
2405
|
skipUserInfo: !0,
|
|
@@ -2450,7 +2450,7 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2450
2450
|
return s.debug("got signin response"), await this._buildUser(r, t);
|
|
2451
2451
|
}
|
|
2452
2452
|
async _buildUser(e, t) {
|
|
2453
|
-
const s = this._logger.create("_buildUser"), r = new
|
|
2453
|
+
const s = this._logger.create("_buildUser"), r = new F(e);
|
|
2454
2454
|
if (t) {
|
|
2455
2455
|
if (t !== r.profile.sub)
|
|
2456
2456
|
throw s.debug("current user does not match user returned from signin. sub from signin:", r.profile.sub), new j({ ...e, error: "login_required" });
|
|
@@ -2465,12 +2465,12 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2465
2465
|
const t = this._logger.create("signoutRedirect"), {
|
|
2466
2466
|
redirectMethod: s,
|
|
2467
2467
|
...r
|
|
2468
|
-
} = e,
|
|
2468
|
+
} = e, n = await this._redirectNavigator.prepare({ redirectMethod: s });
|
|
2469
2469
|
await this._signoutStart({
|
|
2470
2470
|
request_type: "so:r",
|
|
2471
2471
|
post_logout_redirect_uri: this.settings.post_logout_redirect_uri,
|
|
2472
2472
|
...r
|
|
2473
|
-
},
|
|
2473
|
+
}, n), t.info("success");
|
|
2474
2474
|
}
|
|
2475
2475
|
/**
|
|
2476
2476
|
* Returns promise to process response from the end session endpoint.
|
|
@@ -2486,18 +2486,18 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2486
2486
|
const t = this._logger.create("signoutPopup"), {
|
|
2487
2487
|
popupWindowFeatures: s,
|
|
2488
2488
|
popupWindowTarget: r,
|
|
2489
|
-
...
|
|
2490
|
-
} = e,
|
|
2489
|
+
...n
|
|
2490
|
+
} = e, i = this.settings.popup_post_logout_redirect_uri, o = await this._popupNavigator.prepare({ popupWindowFeatures: s, popupWindowTarget: r });
|
|
2491
2491
|
await this._signout({
|
|
2492
2492
|
request_type: "so:p",
|
|
2493
|
-
post_logout_redirect_uri:
|
|
2493
|
+
post_logout_redirect_uri: i,
|
|
2494
2494
|
// we're putting a dummy entry in here because we
|
|
2495
2495
|
// need a unique id from the state for notification
|
|
2496
2496
|
// to the parent window, which is necessary if we
|
|
2497
2497
|
// plan to return back to the client after signout
|
|
2498
2498
|
// and so we can close the popup after signout
|
|
2499
|
-
state:
|
|
2500
|
-
...
|
|
2499
|
+
state: i == null ? void 0 : {},
|
|
2500
|
+
...n
|
|
2501
2501
|
}, o), t.info("success");
|
|
2502
2502
|
}
|
|
2503
2503
|
/**
|
|
@@ -2515,17 +2515,17 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2515
2515
|
var s;
|
|
2516
2516
|
const r = this._logger.create("_signoutStart");
|
|
2517
2517
|
try {
|
|
2518
|
-
const
|
|
2519
|
-
r.debug("loaded current user from storage"), this.settings.revokeTokensOnSignout && await this._revokeInternal(
|
|
2520
|
-
const
|
|
2521
|
-
|
|
2518
|
+
const n = await this._loadUser();
|
|
2519
|
+
r.debug("loaded current user from storage"), this.settings.revokeTokensOnSignout && await this._revokeInternal(n);
|
|
2520
|
+
const i = e.id_token_hint || n && n.id_token;
|
|
2521
|
+
i && (r.debug("setting id_token_hint in signout request"), e.id_token_hint = i), await this.removeUser(), r.debug("user removed, creating signout request");
|
|
2522
2522
|
const o = await this._client.createSignoutRequest(e);
|
|
2523
2523
|
return r.debug("got signout request"), await t.navigate({
|
|
2524
2524
|
url: o.url,
|
|
2525
2525
|
state: (s = o.state) == null ? void 0 : s.id
|
|
2526
2526
|
});
|
|
2527
|
-
} catch (
|
|
2528
|
-
throw r.debug("error after preparing navigator, closing navigator window"), t.close(),
|
|
2527
|
+
} catch (n) {
|
|
2528
|
+
throw r.debug("error after preparing navigator, closing navigator window"), t.close(), n;
|
|
2529
2529
|
}
|
|
2530
2530
|
}
|
|
2531
2531
|
async _signoutEnd(e) {
|
|
@@ -2539,13 +2539,13 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2539
2539
|
var t;
|
|
2540
2540
|
const s = this._logger.create("signoutSilent"), {
|
|
2541
2541
|
silentRequestTimeoutInSeconds: r,
|
|
2542
|
-
...
|
|
2543
|
-
} = e,
|
|
2542
|
+
...n
|
|
2543
|
+
} = e, i = this.settings.includeIdTokenInSilentSignout ? (t = await this._loadUser()) == null ? void 0 : t.id_token : void 0, o = this.settings.popup_post_logout_redirect_uri, c = await this._iframeNavigator.prepare({ silentRequestTimeoutInSeconds: r });
|
|
2544
2544
|
await this._signout({
|
|
2545
2545
|
request_type: "so:s",
|
|
2546
2546
|
post_logout_redirect_uri: o,
|
|
2547
|
-
id_token_hint:
|
|
2548
|
-
...
|
|
2547
|
+
id_token_hint: i,
|
|
2548
|
+
...n
|
|
2549
2549
|
}, c), s.info("success");
|
|
2550
2550
|
}
|
|
2551
2551
|
/**
|
|
@@ -2563,17 +2563,17 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2563
2563
|
const s = this._logger.create("_revokeInternal");
|
|
2564
2564
|
if (!e)
|
|
2565
2565
|
return;
|
|
2566
|
-
const r = t.filter((
|
|
2566
|
+
const r = t.filter((n) => typeof e[n] == "string");
|
|
2567
2567
|
if (!r.length) {
|
|
2568
2568
|
s.debug("no need to revoke due to no token(s)");
|
|
2569
2569
|
return;
|
|
2570
2570
|
}
|
|
2571
|
-
for (const
|
|
2571
|
+
for (const n of r)
|
|
2572
2572
|
await this._client.revokeToken(
|
|
2573
|
-
e[
|
|
2573
|
+
e[n],
|
|
2574
2574
|
// eslint-disable-line @typescript-eslint/no-non-null-assertion
|
|
2575
|
-
|
|
2576
|
-
), s.info(`${
|
|
2575
|
+
n
|
|
2576
|
+
), s.info(`${n} revoked successfully`), n !== "access_token" && (e[n] = null);
|
|
2577
2577
|
await this.storeUser(e), s.debug("user stored"), this._events.load(e);
|
|
2578
2578
|
}
|
|
2579
2579
|
/**
|
|
@@ -2593,7 +2593,7 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2593
2593
|
}
|
|
2594
2594
|
async _loadUser() {
|
|
2595
2595
|
const e = this._logger.create("_loadUser"), t = await this.settings.userStore.get(this._userStoreKey);
|
|
2596
|
-
return t ? (e.debug("user storageString loaded"),
|
|
2596
|
+
return t ? (e.debug("user storageString loaded"), F.fromStorageString(t)) : (e.debug("no user storageString"), null);
|
|
2597
2597
|
}
|
|
2598
2598
|
async storeUser(e) {
|
|
2599
2599
|
const t = this._logger.create("storeUser");
|
|
@@ -2610,88 +2610,133 @@ var Be = "10000000-1000-4000-8000-100000000000", A = class {
|
|
|
2610
2610
|
async clearStaleState() {
|
|
2611
2611
|
await this._client.clearStaleState();
|
|
2612
2612
|
}
|
|
2613
|
-
},
|
|
2614
|
-
|
|
2613
|
+
}, wt = "2.2.2", Tt = wt;
|
|
2614
|
+
class B extends Error {
|
|
2615
|
+
}
|
|
2616
|
+
B.prototype.name = "InvalidTokenError";
|
|
2617
|
+
function mt(e) {
|
|
2618
|
+
return decodeURIComponent(atob(e).replace(/(.)/g, (t, s) => {
|
|
2619
|
+
let r = s.charCodeAt(0).toString(16).toUpperCase();
|
|
2620
|
+
return r.length < 2 && (r = "0" + r), "%" + r;
|
|
2621
|
+
}));
|
|
2622
|
+
}
|
|
2623
|
+
function vt(e) {
|
|
2624
|
+
let t = e.replace(/-/g, "+").replace(/_/g, "/");
|
|
2625
|
+
switch (t.length % 4) {
|
|
2626
|
+
case 0:
|
|
2627
|
+
break;
|
|
2628
|
+
case 2:
|
|
2629
|
+
t += "==";
|
|
2630
|
+
break;
|
|
2631
|
+
case 3:
|
|
2632
|
+
t += "=";
|
|
2633
|
+
break;
|
|
2634
|
+
default:
|
|
2635
|
+
throw new Error("base64 string is not of the correct length");
|
|
2636
|
+
}
|
|
2637
|
+
try {
|
|
2638
|
+
return mt(t);
|
|
2639
|
+
} catch {
|
|
2640
|
+
return atob(t);
|
|
2641
|
+
}
|
|
2642
|
+
}
|
|
2643
|
+
function St(e, t) {
|
|
2644
|
+
if (typeof e != "string")
|
|
2645
|
+
throw new B("Invalid token specified: must be a string");
|
|
2646
|
+
t || (t = {});
|
|
2647
|
+
const s = t.header === !0 ? 0 : 1, r = e.split(".")[s];
|
|
2648
|
+
if (typeof r != "string")
|
|
2649
|
+
throw new B(`Invalid token specified: missing part #${s + 1}`);
|
|
2650
|
+
let n;
|
|
2651
|
+
try {
|
|
2652
|
+
n = vt(r);
|
|
2653
|
+
} catch (i) {
|
|
2654
|
+
throw new B(`Invalid token specified: invalid base64 for part #${s + 1} (${i.message})`);
|
|
2655
|
+
}
|
|
2656
|
+
try {
|
|
2657
|
+
return JSON.parse(n);
|
|
2658
|
+
} catch (i) {
|
|
2659
|
+
throw new B(`Invalid token specified: invalid json for part #${s + 1} (${i.message})`);
|
|
2660
|
+
}
|
|
2661
|
+
}
|
|
2662
|
+
const Ce = ge(
|
|
2615
2663
|
null
|
|
2616
|
-
),
|
|
2617
|
-
const e =
|
|
2664
|
+
), yt = () => {
|
|
2665
|
+
const e = _e(Ce);
|
|
2618
2666
|
if (!e)
|
|
2619
2667
|
throw new Error(
|
|
2620
2668
|
"useImpersonationContext must be used within a ImpersonationContextProvider"
|
|
2621
2669
|
);
|
|
2622
2670
|
return e;
|
|
2623
|
-
},
|
|
2671
|
+
}, Ut = ({
|
|
2624
2672
|
children: e
|
|
2625
2673
|
}) => {
|
|
2626
2674
|
const [t, s] = Re("impersonationState", {
|
|
2627
2675
|
defaultValue: {}
|
|
2628
|
-
}), r =
|
|
2676
|
+
}), r = pe(() => ({
|
|
2629
2677
|
accessToken: t == null ? void 0 : t.accessToken,
|
|
2630
2678
|
userInfo: t == null ? void 0 : t.userInfo,
|
|
2631
|
-
setImpersonation: (
|
|
2632
|
-
s({ accessToken:
|
|
2679
|
+
setImpersonation: (n, i) => {
|
|
2680
|
+
s({ accessToken: n, userInfo: i });
|
|
2633
2681
|
}
|
|
2634
2682
|
}), []);
|
|
2635
|
-
return /* @__PURE__ */
|
|
2636
|
-
},
|
|
2637
|
-
const
|
|
2638
|
-
|
|
2639
|
-
}, Tt = (e) => {
|
|
2640
|
-
const { setImpersonation: t } = wt();
|
|
2641
|
-
F(() => {
|
|
2683
|
+
return /* @__PURE__ */ re(Ce.Provider, { value: r, children: e });
|
|
2684
|
+
}, At = (e) => {
|
|
2685
|
+
const { setImpersonation: t } = yt();
|
|
2686
|
+
$(() => {
|
|
2642
2687
|
const { search: s } = window.location, r = new URLSearchParams(s).get(
|
|
2643
2688
|
"impersonateAccessToken"
|
|
2644
2689
|
);
|
|
2645
2690
|
if (r && t) {
|
|
2646
|
-
const
|
|
2647
|
-
t(r,
|
|
2691
|
+
const n = St(r);
|
|
2692
|
+
t(r, n), e();
|
|
2648
2693
|
}
|
|
2649
2694
|
}, []);
|
|
2650
2695
|
};
|
|
2651
|
-
function
|
|
2696
|
+
function Pt(e) {
|
|
2652
2697
|
return JSON.parse(e).map((r) => {
|
|
2653
2698
|
const [
|
|
2654
|
-
i,
|
|
2655
2699
|
n,
|
|
2700
|
+
i,
|
|
2656
2701
|
o,
|
|
2657
2702
|
c,
|
|
2658
2703
|
l
|
|
2659
2704
|
] = r.split("|"), h = c.split(",");
|
|
2660
2705
|
return {
|
|
2661
|
-
CustomerExternalId:
|
|
2662
|
-
CustomerFirmId:
|
|
2706
|
+
CustomerExternalId: n,
|
|
2707
|
+
CustomerFirmId: i,
|
|
2663
2708
|
CustomerFirmName: o,
|
|
2664
2709
|
CustomerUserRoles: h,
|
|
2665
2710
|
CustomerUserIsAdmin: l === "True"
|
|
2666
2711
|
};
|
|
2667
2712
|
});
|
|
2668
2713
|
}
|
|
2669
|
-
const
|
|
2714
|
+
const Ot = [
|
|
2670
2715
|
"97",
|
|
2671
2716
|
"131",
|
|
2672
2717
|
"132",
|
|
2673
2718
|
"141"
|
|
2674
|
-
],
|
|
2719
|
+
], qt = [
|
|
2675
2720
|
"3"
|
|
2676
|
-
],
|
|
2721
|
+
], Nt = [
|
|
2677
2722
|
"0"
|
|
2678
|
-
],
|
|
2723
|
+
], bt = ({
|
|
2679
2724
|
userManager: e,
|
|
2680
2725
|
context: t,
|
|
2681
2726
|
children: s
|
|
2682
2727
|
}) => {
|
|
2683
|
-
const [r,
|
|
2728
|
+
const [r, n] = Ie({
|
|
2684
2729
|
user: null,
|
|
2685
2730
|
isLoading: !0,
|
|
2686
2731
|
isAuthenticated: !1,
|
|
2687
2732
|
isError: !1,
|
|
2688
2733
|
error: null
|
|
2689
|
-
}),
|
|
2690
|
-
|
|
2691
|
-
|
|
2734
|
+
}), i = fe(!1);
|
|
2735
|
+
$(() => {
|
|
2736
|
+
i.current || (i.current = !0, (async () => {
|
|
2692
2737
|
try {
|
|
2693
2738
|
const h = await e.getUser();
|
|
2694
|
-
|
|
2739
|
+
n({
|
|
2695
2740
|
user: h,
|
|
2696
2741
|
isLoading: !1,
|
|
2697
2742
|
isAuthenticated: h ? !h.expired : !1,
|
|
@@ -2699,7 +2744,7 @@ const Ut = [
|
|
|
2699
2744
|
error: null
|
|
2700
2745
|
});
|
|
2701
2746
|
} catch (h) {
|
|
2702
|
-
|
|
2747
|
+
n({
|
|
2703
2748
|
user: null,
|
|
2704
2749
|
isLoading: !1,
|
|
2705
2750
|
isAuthenticated: !1,
|
|
@@ -2708,9 +2753,9 @@ const Ut = [
|
|
|
2708
2753
|
});
|
|
2709
2754
|
}
|
|
2710
2755
|
})());
|
|
2711
|
-
}, [e]),
|
|
2756
|
+
}, [e]), $(() => {
|
|
2712
2757
|
const h = (S) => {
|
|
2713
|
-
|
|
2758
|
+
n({
|
|
2714
2759
|
user: S,
|
|
2715
2760
|
isLoading: !1,
|
|
2716
2761
|
isAuthenticated: !S.expired,
|
|
@@ -2720,7 +2765,7 @@ const Ut = [
|
|
|
2720
2765
|
};
|
|
2721
2766
|
e.events.addUserLoaded(h);
|
|
2722
2767
|
const g = () => {
|
|
2723
|
-
|
|
2768
|
+
n({
|
|
2724
2769
|
...r,
|
|
2725
2770
|
user: null,
|
|
2726
2771
|
isAuthenticated: !1
|
|
@@ -2728,7 +2773,7 @@ const Ut = [
|
|
|
2728
2773
|
};
|
|
2729
2774
|
e.events.addUserUnloaded(g);
|
|
2730
2775
|
const u = (S) => {
|
|
2731
|
-
|
|
2776
|
+
n({
|
|
2732
2777
|
...r,
|
|
2733
2778
|
isLoading: !1,
|
|
2734
2779
|
isError: !0,
|
|
@@ -2739,16 +2784,16 @@ const Ut = [
|
|
|
2739
2784
|
e.events.removeUserLoaded(h), e.events.removeUserUnloaded(g), e.events.removeSilentRenewError(u);
|
|
2740
2785
|
};
|
|
2741
2786
|
}, [e]);
|
|
2742
|
-
const o =
|
|
2787
|
+
const o = ce(async () => {
|
|
2743
2788
|
const h = await e.signinCallback();
|
|
2744
|
-
return
|
|
2789
|
+
return n({
|
|
2745
2790
|
user: h ?? null,
|
|
2746
2791
|
isLoading: !1,
|
|
2747
2792
|
isAuthenticated: h ? !h.expired : !1,
|
|
2748
2793
|
isError: !1,
|
|
2749
2794
|
error: null
|
|
2750
2795
|
}), h ?? void 0;
|
|
2751
|
-
}, [e]), c =
|
|
2796
|
+
}, [e]), c = ce(
|
|
2752
2797
|
async (h) => {
|
|
2753
2798
|
try {
|
|
2754
2799
|
await e.signinRedirect(h);
|
|
@@ -2757,7 +2802,7 @@ const Ut = [
|
|
|
2757
2802
|
}
|
|
2758
2803
|
},
|
|
2759
2804
|
[e]
|
|
2760
|
-
), l =
|
|
2805
|
+
), l = pe(
|
|
2761
2806
|
() => ({
|
|
2762
2807
|
state: r,
|
|
2763
2808
|
handleSigninCallback: o,
|
|
@@ -2765,32 +2810,32 @@ const Ut = [
|
|
|
2765
2810
|
}),
|
|
2766
2811
|
[r, o, c]
|
|
2767
2812
|
);
|
|
2768
|
-
return /* @__PURE__ */
|
|
2769
|
-
},
|
|
2770
|
-
const t =
|
|
2813
|
+
return /* @__PURE__ */ re(t.Provider, { value: l, children: s });
|
|
2814
|
+
}, ae = (e) => {
|
|
2815
|
+
const t = _e(e);
|
|
2771
2816
|
if (!t)
|
|
2772
2817
|
throw new Error("useAuthContext must be used within an AuthProvider");
|
|
2773
2818
|
return t;
|
|
2774
|
-
},
|
|
2775
|
-
const { state: t } =
|
|
2819
|
+
}, kt = (e) => {
|
|
2820
|
+
const { state: t } = ae(e);
|
|
2776
2821
|
return t;
|
|
2777
|
-
},
|
|
2778
|
-
const { state: s, handleSigninCallback: r } =
|
|
2779
|
-
return
|
|
2780
|
-
|
|
2781
|
-
(
|
|
2782
|
-
(o) => setTimeout(() => o(
|
|
2822
|
+
}, Et = (e, t) => {
|
|
2823
|
+
const { state: s, handleSigninCallback: r } = ae(e), n = fe(!1);
|
|
2824
|
+
return $(() => {
|
|
2825
|
+
n.current || (n.current = !0, r().then(
|
|
2826
|
+
(i) => new Promise(
|
|
2827
|
+
(o) => setTimeout(() => o(i), 0)
|
|
2783
2828
|
)
|
|
2784
|
-
).then((
|
|
2829
|
+
).then((i) => t == null ? void 0 : t(i)));
|
|
2785
2830
|
}, [r]), s;
|
|
2786
|
-
},
|
|
2787
|
-
const t =
|
|
2831
|
+
}, jt = (e) => {
|
|
2832
|
+
const t = ge(null);
|
|
2788
2833
|
return {
|
|
2789
2834
|
AuthContext: t,
|
|
2790
|
-
AuthProvider: ({ children: c }) => /* @__PURE__ */
|
|
2791
|
-
useAuthContext: () =>
|
|
2792
|
-
useAuthState: () =>
|
|
2793
|
-
useSigninCallback: (c) =>
|
|
2835
|
+
AuthProvider: ({ children: c }) => /* @__PURE__ */ re(bt, { userManager: e, context: t, children: c }),
|
|
2836
|
+
useAuthContext: () => ae(t),
|
|
2837
|
+
useAuthState: () => kt(t),
|
|
2838
|
+
useSigninCallback: (c) => Et(t, c),
|
|
2794
2839
|
getAccessToken: async () => {
|
|
2795
2840
|
const c = await e.getUser();
|
|
2796
2841
|
return c ? c.access_token : null;
|
|
@@ -2798,32 +2843,32 @@ const Ut = [
|
|
|
2798
2843
|
};
|
|
2799
2844
|
};
|
|
2800
2845
|
export {
|
|
2801
|
-
|
|
2802
|
-
|
|
2846
|
+
Fe as AccessTokenEvents,
|
|
2847
|
+
$e as CheckSessionIFrame,
|
|
2803
2848
|
j as ErrorResponse,
|
|
2804
|
-
|
|
2805
|
-
|
|
2806
|
-
|
|
2807
|
-
|
|
2849
|
+
ie as ErrorTimeout,
|
|
2850
|
+
Ut as ImpersonationContextProvider,
|
|
2851
|
+
we as InMemoryWebStorage,
|
|
2852
|
+
J as Log,
|
|
2808
2853
|
f as Logger,
|
|
2809
|
-
|
|
2810
|
-
|
|
2811
|
-
|
|
2812
|
-
|
|
2813
|
-
|
|
2814
|
-
|
|
2815
|
-
|
|
2816
|
-
|
|
2817
|
-
|
|
2818
|
-
|
|
2854
|
+
ze as MetadataService,
|
|
2855
|
+
nt as OidcClient,
|
|
2856
|
+
ve as OidcClientSettingsStore,
|
|
2857
|
+
Ot as ROLESAdminInCompany,
|
|
2858
|
+
Nt as ROLESAnsatt,
|
|
2859
|
+
qt as ROLESMAKSAdministrator,
|
|
2860
|
+
ot as SessionMonitor,
|
|
2861
|
+
Q as SigninResponse,
|
|
2862
|
+
oe as SigninState,
|
|
2863
|
+
it as SignoutResponse,
|
|
2819
2864
|
H as State,
|
|
2820
|
-
|
|
2821
|
-
|
|
2822
|
-
|
|
2823
|
-
|
|
2824
|
-
|
|
2825
|
-
|
|
2826
|
-
|
|
2827
|
-
|
|
2828
|
-
|
|
2865
|
+
F as User,
|
|
2866
|
+
Rt as UserManager,
|
|
2867
|
+
lt as UserManagerSettingsStore,
|
|
2868
|
+
Tt as Version,
|
|
2869
|
+
me as WebStorageStateStore,
|
|
2870
|
+
jt as createAuthContext,
|
|
2871
|
+
Pt as parseUserProfileFCString,
|
|
2872
|
+
At as useImpersonationCallback,
|
|
2873
|
+
yt as useImpersonationContext
|
|
2829
2874
|
};
|