@arkitektbedriftene/fe-lib 0.4.36 → 0.4.38

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (12) hide show
  1. package/dist/hooks.es.js +2 -3
  2. package/dist/icons.es.js +2 -2
  3. package/dist/{index.esm-e4db0c1f.js → index.esm-67eba761.js} +5 -5
  4. package/dist/{index.esm-55efa2d1.js → index.esm-ab03d8db.js} +1 -1
  5. package/dist/oidc/impersonate.d.ts +1 -1
  6. package/dist/oidc.es.js +109 -2740
  7. package/dist/rich-text.es.js +2611 -645
  8. package/dist/stitches.config-00c23cdb.js +136 -0
  9. package/dist/ui.es.js +77 -76
  10. package/package.json +2 -1
  11. package/dist/stitches.config-543644f4.js +0 -2919
  12. package/dist/useLocalStorageState-b4fb2a60.js +0 -100
package/dist/oidc.es.js CHANGED
@@ -1,2829 +1,198 @@
1
- import { jsx as se } from "react/jsx-runtime";
2
- import { createContext as ue, useContext as ge, useMemo as _e, useEffect as F, useState as xe, useRef as pe, useCallback as ae } from "react";
3
- import { u as Re } from "./useLocalStorageState-b4fb2a60.js";
4
- var N = typeof globalThis < "u" ? globalThis : typeof window < "u" ? window : typeof global < "u" ? global : typeof self < "u" ? self : {};
5
- function Te(e) {
6
- if (e.__esModule)
7
- return e;
8
- var t = e.default;
9
- if (typeof t == "function") {
10
- var s = function r() {
11
- if (this instanceof r) {
12
- var i = [null];
13
- i.push.apply(i, arguments);
14
- var n = Function.bind.apply(t, i);
15
- return new n();
16
- }
17
- return t.apply(this, arguments);
18
- };
19
- s.prototype = t.prototype;
20
- } else
21
- s = {};
22
- return Object.defineProperty(s, "__esModule", { value: !0 }), Object.keys(e).forEach(function(r) {
23
- var i = Object.getOwnPropertyDescriptor(e, r);
24
- Object.defineProperty(s, r, i.get ? i : {
25
- enumerable: !0,
26
- get: function() {
27
- return e[r];
28
- }
29
- });
30
- }), s;
31
- }
32
- function Ie(e) {
33
- throw new Error('Could not dynamically require "' + e + '". Please configure the dynamicRequireTargets or/and ignoreDynamicRequires option of @rollup/plugin-commonjs appropriately for this require call to work.');
34
- }
35
- var M = {}, Ue = {
36
- get exports() {
37
- return M;
38
- },
39
- set exports(e) {
40
- M = e;
41
- }
42
- };
43
- const Ae = {}, Pe = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
44
- __proto__: null,
45
- default: Ae
46
- }, Symbol.toStringTag, { value: "Module" })), Oe = /* @__PURE__ */ Te(Pe);
47
- (function(e, t) {
48
- (function(s, r) {
49
- e.exports = r();
50
- })(N, function() {
51
- var s = s || function(r, i) {
52
- var n;
53
- if (typeof window < "u" && window.crypto && (n = window.crypto), typeof self < "u" && self.crypto && (n = self.crypto), typeof globalThis < "u" && globalThis.crypto && (n = globalThis.crypto), !n && typeof window < "u" && window.msCrypto && (n = window.msCrypto), !n && typeof N < "u" && N.crypto && (n = N.crypto), !n && typeof Ie == "function")
54
- try {
55
- n = Oe;
56
- } catch {
57
- }
58
- var o = function() {
59
- if (n) {
60
- if (typeof n.getRandomValues == "function")
61
- try {
62
- return n.getRandomValues(new Uint32Array(1))[0];
63
- } catch {
64
- }
65
- if (typeof n.randomBytes == "function")
66
- try {
67
- return n.randomBytes(4).readInt32LE();
68
- } catch {
69
- }
70
- }
71
- throw new Error("Native crypto module could not be used to get secure random number.");
72
- }, c = Object.create || function() {
73
- function a() {
74
- }
75
- return function(d) {
76
- var p;
77
- return a.prototype = d, p = new a(), a.prototype = null, p;
78
- };
79
- }(), l = {}, h = l.lib = {}, g = h.Base = function() {
80
- return {
81
- /**
82
- * Creates a new object that inherits from this object.
83
- *
84
- * @param {Object} overrides Properties to copy into the new object.
85
- *
86
- * @return {Object} The new object.
87
- *
88
- * @static
89
- *
90
- * @example
91
- *
92
- * var MyType = CryptoJS.lib.Base.extend({
93
- * field: 'value',
94
- *
95
- * method: function () {
96
- * }
97
- * });
98
- */
99
- extend: function(a) {
100
- var d = c(this);
101
- return a && d.mixIn(a), (!d.hasOwnProperty("init") || this.init === d.init) && (d.init = function() {
102
- d.$super.init.apply(this, arguments);
103
- }), d.init.prototype = d, d.$super = this, d;
104
- },
105
- /**
106
- * Extends this object and runs the init method.
107
- * Arguments to create() will be passed to init().
108
- *
109
- * @return {Object} The new object.
110
- *
111
- * @static
112
- *
113
- * @example
114
- *
115
- * var instance = MyType.create();
116
- */
117
- create: function() {
118
- var a = this.extend();
119
- return a.init.apply(a, arguments), a;
120
- },
121
- /**
122
- * Initializes a newly created object.
123
- * Override this method to add some logic when your objects are created.
124
- *
125
- * @example
126
- *
127
- * var MyType = CryptoJS.lib.Base.extend({
128
- * init: function () {
129
- * // ...
130
- * }
131
- * });
132
- */
133
- init: function() {
134
- },
135
- /**
136
- * Copies properties into this object.
137
- *
138
- * @param {Object} properties The properties to mix in.
139
- *
140
- * @example
141
- *
142
- * MyType.mixIn({
143
- * field: 'value'
144
- * });
145
- */
146
- mixIn: function(a) {
147
- for (var d in a)
148
- a.hasOwnProperty(d) && (this[d] = a[d]);
149
- a.hasOwnProperty("toString") && (this.toString = a.toString);
150
- },
151
- /**
152
- * Creates a copy of this object.
153
- *
154
- * @return {Object} The clone.
155
- *
156
- * @example
157
- *
158
- * var clone = instance.clone();
159
- */
160
- clone: function() {
161
- return this.init.prototype.extend(this);
162
- }
163
- };
164
- }(), u = h.WordArray = g.extend({
165
- /**
166
- * Initializes a newly created word array.
167
- *
168
- * @param {Array} words (Optional) An array of 32-bit words.
169
- * @param {number} sigBytes (Optional) The number of significant bytes in the words.
170
- *
171
- * @example
172
- *
173
- * var wordArray = CryptoJS.lib.WordArray.create();
174
- * var wordArray = CryptoJS.lib.WordArray.create([0x00010203, 0x04050607]);
175
- * var wordArray = CryptoJS.lib.WordArray.create([0x00010203, 0x04050607], 6);
176
- */
177
- init: function(a, d) {
178
- a = this.words = a || [], d != i ? this.sigBytes = d : this.sigBytes = a.length * 4;
179
- },
180
- /**
181
- * Converts this word array to a string.
182
- *
183
- * @param {Encoder} encoder (Optional) The encoding strategy to use. Default: CryptoJS.enc.Hex
184
- *
185
- * @return {string} The stringified word array.
186
- *
187
- * @example
188
- *
189
- * var string = wordArray + '';
190
- * var string = wordArray.toString();
191
- * var string = wordArray.toString(CryptoJS.enc.Utf8);
192
- */
193
- toString: function(a) {
194
- return (a || w).stringify(this);
195
- },
196
- /**
197
- * Concatenates a word array to this word array.
198
- *
199
- * @param {WordArray} wordArray The word array to append.
200
- *
201
- * @return {WordArray} This word array.
202
- *
203
- * @example
204
- *
205
- * wordArray1.concat(wordArray2);
206
- */
207
- concat: function(a) {
208
- var d = this.words, p = a.words, m = this.sigBytes, b = a.sigBytes;
209
- if (this.clamp(), m % 4)
210
- for (var E = 0; E < b; E++) {
211
- var C = p[E >>> 2] >>> 24 - E % 4 * 8 & 255;
212
- d[m + E >>> 2] |= C << 24 - (m + E) % 4 * 8;
213
- }
214
- else
215
- for (var x = 0; x < b; x += 4)
216
- d[m + x >>> 2] = p[x >>> 2];
217
- return this.sigBytes += b, this;
218
- },
219
- /**
220
- * Removes insignificant bits.
221
- *
222
- * @example
223
- *
224
- * wordArray.clamp();
225
- */
226
- clamp: function() {
227
- var a = this.words, d = this.sigBytes;
228
- a[d >>> 2] &= 4294967295 << 32 - d % 4 * 8, a.length = r.ceil(d / 4);
229
- },
230
- /**
231
- * Creates a copy of this word array.
232
- *
233
- * @return {WordArray} The clone.
234
- *
235
- * @example
236
- *
237
- * var clone = wordArray.clone();
238
- */
239
- clone: function() {
240
- var a = g.clone.call(this);
241
- return a.words = this.words.slice(0), a;
242
- },
243
- /**
244
- * Creates a word array filled with random bytes.
245
- *
246
- * @param {number} nBytes The number of random bytes to generate.
247
- *
248
- * @return {WordArray} The random word array.
249
- *
250
- * @static
251
- *
252
- * @example
253
- *
254
- * var wordArray = CryptoJS.lib.WordArray.random(16);
255
- */
256
- random: function(a) {
257
- for (var d = [], p = 0; p < a; p += 4)
258
- d.push(o());
259
- return new u.init(d, a);
260
- }
261
- }), S = l.enc = {}, w = S.Hex = {
262
- /**
263
- * Converts a word array to a hex string.
264
- *
265
- * @param {WordArray} wordArray The word array.
266
- *
267
- * @return {string} The hex string.
268
- *
269
- * @static
270
- *
271
- * @example
272
- *
273
- * var hexString = CryptoJS.enc.Hex.stringify(wordArray);
274
- */
275
- stringify: function(a) {
276
- for (var d = a.words, p = a.sigBytes, m = [], b = 0; b < p; b++) {
277
- var E = d[b >>> 2] >>> 24 - b % 4 * 8 & 255;
278
- m.push((E >>> 4).toString(16)), m.push((E & 15).toString(16));
279
- }
280
- return m.join("");
281
- },
282
- /**
283
- * Converts a hex string to a word array.
284
- *
285
- * @param {string} hexStr The hex string.
286
- *
287
- * @return {WordArray} The word array.
288
- *
289
- * @static
290
- *
291
- * @example
292
- *
293
- * var wordArray = CryptoJS.enc.Hex.parse(hexString);
294
- */
295
- parse: function(a) {
296
- for (var d = a.length, p = [], m = 0; m < d; m += 2)
297
- p[m >>> 3] |= parseInt(a.substr(m, 2), 16) << 24 - m % 8 * 4;
298
- return new u.init(p, d / 2);
299
- }
300
- }, k = S.Latin1 = {
301
- /**
302
- * Converts a word array to a Latin1 string.
303
- *
304
- * @param {WordArray} wordArray The word array.
305
- *
306
- * @return {string} The Latin1 string.
307
- *
308
- * @static
309
- *
310
- * @example
311
- *
312
- * var latin1String = CryptoJS.enc.Latin1.stringify(wordArray);
313
- */
314
- stringify: function(a) {
315
- for (var d = a.words, p = a.sigBytes, m = [], b = 0; b < p; b++) {
316
- var E = d[b >>> 2] >>> 24 - b % 4 * 8 & 255;
317
- m.push(String.fromCharCode(E));
318
- }
319
- return m.join("");
320
- },
321
- /**
322
- * Converts a Latin1 string to a word array.
323
- *
324
- * @param {string} latin1Str The Latin1 string.
325
- *
326
- * @return {WordArray} The word array.
327
- *
328
- * @static
329
- *
330
- * @example
331
- *
332
- * var wordArray = CryptoJS.enc.Latin1.parse(latin1String);
333
- */
334
- parse: function(a) {
335
- for (var d = a.length, p = [], m = 0; m < d; m++)
336
- p[m >>> 2] |= (a.charCodeAt(m) & 255) << 24 - m % 4 * 8;
337
- return new u.init(p, d);
338
- }
339
- }, _ = S.Utf8 = {
340
- /**
341
- * Converts a word array to a UTF-8 string.
342
- *
343
- * @param {WordArray} wordArray The word array.
344
- *
345
- * @return {string} The UTF-8 string.
346
- *
347
- * @static
348
- *
349
- * @example
350
- *
351
- * var utf8String = CryptoJS.enc.Utf8.stringify(wordArray);
352
- */
353
- stringify: function(a) {
354
- try {
355
- return decodeURIComponent(escape(k.stringify(a)));
356
- } catch {
357
- throw new Error("Malformed UTF-8 data");
358
- }
359
- },
360
- /**
361
- * Converts a UTF-8 string to a word array.
362
- *
363
- * @param {string} utf8Str The UTF-8 string.
364
- *
365
- * @return {WordArray} The word array.
366
- *
367
- * @static
368
- *
369
- * @example
370
- *
371
- * var wordArray = CryptoJS.enc.Utf8.parse(utf8String);
372
- */
373
- parse: function(a) {
374
- return k.parse(unescape(encodeURIComponent(a)));
375
- }
376
- }, v = h.BufferedBlockAlgorithm = g.extend({
377
- /**
378
- * Resets this block algorithm's data buffer to its initial state.
379
- *
380
- * @example
381
- *
382
- * bufferedBlockAlgorithm.reset();
383
- */
384
- reset: function() {
385
- this._data = new u.init(), this._nDataBytes = 0;
386
- },
387
- /**
388
- * Adds new data to this block algorithm's buffer.
389
- *
390
- * @param {WordArray|string} data The data to append. Strings are converted to a WordArray using UTF-8.
391
- *
392
- * @example
393
- *
394
- * bufferedBlockAlgorithm._append('data');
395
- * bufferedBlockAlgorithm._append(wordArray);
396
- */
397
- _append: function(a) {
398
- typeof a == "string" && (a = _.parse(a)), this._data.concat(a), this._nDataBytes += a.sigBytes;
399
- },
400
- /**
401
- * Processes available data blocks.
402
- *
403
- * This method invokes _doProcessBlock(offset), which must be implemented by a concrete subtype.
404
- *
405
- * @param {boolean} doFlush Whether all blocks and partial blocks should be processed.
406
- *
407
- * @return {WordArray} The processed data.
408
- *
409
- * @example
410
- *
411
- * var processedData = bufferedBlockAlgorithm._process();
412
- * var processedData = bufferedBlockAlgorithm._process(!!'flush');
413
- */
414
- _process: function(a) {
415
- var d, p = this._data, m = p.words, b = p.sigBytes, E = this.blockSize, C = E * 4, x = b / C;
416
- a ? x = r.ceil(x) : x = r.max((x | 0) - this._minBufferSize, 0);
417
- var P = x * E, R = r.min(P * 4, b);
418
- if (P) {
419
- for (var q = 0; q < P; q += E)
420
- this._doProcessBlock(m, q);
421
- d = m.splice(0, P), p.sigBytes -= R;
422
- }
423
- return new u.init(d, R);
424
- },
425
- /**
426
- * Creates a copy of this object.
427
- *
428
- * @return {Object} The clone.
429
- *
430
- * @example
431
- *
432
- * var clone = bufferedBlockAlgorithm.clone();
433
- */
434
- clone: function() {
435
- var a = g.clone.call(this);
436
- return a._data = this._data.clone(), a;
437
- },
438
- _minBufferSize: 0
439
- });
440
- h.Hasher = v.extend({
441
- /**
442
- * Configuration options.
443
- */
444
- cfg: g.extend(),
445
- /**
446
- * Initializes a newly created hasher.
447
- *
448
- * @param {Object} cfg (Optional) The configuration options to use for this hash computation.
449
- *
450
- * @example
451
- *
452
- * var hasher = CryptoJS.algo.SHA256.create();
453
- */
454
- init: function(a) {
455
- this.cfg = this.cfg.extend(a), this.reset();
456
- },
457
- /**
458
- * Resets this hasher to its initial state.
459
- *
460
- * @example
461
- *
462
- * hasher.reset();
463
- */
464
- reset: function() {
465
- v.reset.call(this), this._doReset();
466
- },
467
- /**
468
- * Updates this hasher with a message.
469
- *
470
- * @param {WordArray|string} messageUpdate The message to append.
471
- *
472
- * @return {Hasher} This hasher.
473
- *
474
- * @example
475
- *
476
- * hasher.update('message');
477
- * hasher.update(wordArray);
478
- */
479
- update: function(a) {
480
- return this._append(a), this._process(), this;
481
- },
482
- /**
483
- * Finalizes the hash computation.
484
- * Note that the finalize operation is effectively a destructive, read-once operation.
485
- *
486
- * @param {WordArray|string} messageUpdate (Optional) A final message update.
487
- *
488
- * @return {WordArray} The hash.
489
- *
490
- * @example
491
- *
492
- * var hash = hasher.finalize();
493
- * var hash = hasher.finalize('message');
494
- * var hash = hasher.finalize(wordArray);
495
- */
496
- finalize: function(a) {
497
- a && this._append(a);
498
- var d = this._doFinalize();
499
- return d;
500
- },
501
- blockSize: 16,
502
- /**
503
- * Creates a shortcut function to a hasher's object interface.
504
- *
505
- * @param {Hasher} hasher The hasher to create a helper for.
506
- *
507
- * @return {Function} The shortcut function.
508
- *
509
- * @static
510
- *
511
- * @example
512
- *
513
- * var SHA256 = CryptoJS.lib.Hasher._createHelper(CryptoJS.algo.SHA256);
514
- */
515
- _createHelper: function(a) {
516
- return function(d, p) {
517
- return new a.init(p).finalize(d);
518
- };
519
- },
520
- /**
521
- * Creates a shortcut function to the HMAC's object interface.
522
- *
523
- * @param {Hasher} hasher The hasher to use in this HMAC helper.
524
- *
525
- * @return {Function} The shortcut function.
526
- *
527
- * @static
528
- *
529
- * @example
530
- *
531
- * var HmacSHA256 = CryptoJS.lib.Hasher._createHmacHelper(CryptoJS.algo.SHA256);
532
- */
533
- _createHmacHelper: function(a) {
534
- return function(d, p) {
535
- return new y.HMAC.init(a, p).finalize(d);
536
- };
537
- }
538
- });
539
- var y = l.algo = {};
540
- return l;
541
- }(Math);
542
- return s;
543
- });
544
- })(Ue);
545
- var Q = {}, qe = {
546
- get exports() {
547
- return Q;
548
- },
549
- set exports(e) {
550
- Q = e;
551
- }
552
- };
553
- (function(e, t) {
554
- (function(s, r) {
555
- e.exports = r(M);
556
- })(N, function(s) {
557
- return function(r) {
558
- var i = s, n = i.lib, o = n.WordArray, c = n.Hasher, l = i.algo, h = [], g = [];
559
- (function() {
560
- function w(y) {
561
- for (var a = r.sqrt(y), d = 2; d <= a; d++)
562
- if (!(y % d))
563
- return !1;
564
- return !0;
565
- }
566
- function k(y) {
567
- return (y - (y | 0)) * 4294967296 | 0;
568
- }
569
- for (var _ = 2, v = 0; v < 64; )
570
- w(_) && (v < 8 && (h[v] = k(r.pow(_, 1 / 2))), g[v] = k(r.pow(_, 1 / 3)), v++), _++;
571
- })();
572
- var u = [], S = l.SHA256 = c.extend({
573
- _doReset: function() {
574
- this._hash = new o.init(h.slice(0));
575
- },
576
- _doProcessBlock: function(w, k) {
577
- for (var _ = this._hash.words, v = _[0], y = _[1], a = _[2], d = _[3], p = _[4], m = _[5], b = _[6], E = _[7], C = 0; C < 64; C++) {
578
- if (C < 16)
579
- u[C] = w[k + C] | 0;
580
- else {
581
- var x = u[C - 15], P = (x << 25 | x >>> 7) ^ (x << 14 | x >>> 18) ^ x >>> 3, R = u[C - 2], q = (R << 15 | R >>> 17) ^ (R << 13 | R >>> 19) ^ R >>> 10;
582
- u[C] = P + u[C - 7] + q + u[C - 16];
583
- }
584
- var W = p & m ^ ~p & b, J = v & y ^ v & a ^ y & a, K = (v << 30 | v >>> 2) ^ (v << 19 | v >>> 13) ^ (v << 10 | v >>> 22), V = (p << 26 | p >>> 6) ^ (p << 21 | p >>> 11) ^ (p << 7 | p >>> 25), B = E + V + W + g[C] + u[C], Ce = K + J;
585
- E = b, b = m, m = p, p = d + B | 0, d = a, a = y, y = v, v = B + Ce | 0;
586
- }
587
- _[0] = _[0] + v | 0, _[1] = _[1] + y | 0, _[2] = _[2] + a | 0, _[3] = _[3] + d | 0, _[4] = _[4] + p | 0, _[5] = _[5] + m | 0, _[6] = _[6] + b | 0, _[7] = _[7] + E | 0;
588
- },
589
- _doFinalize: function() {
590
- var w = this._data, k = w.words, _ = this._nDataBytes * 8, v = w.sigBytes * 8;
591
- return k[v >>> 5] |= 128 << 24 - v % 32, k[(v + 64 >>> 9 << 4) + 14] = r.floor(_ / 4294967296), k[(v + 64 >>> 9 << 4) + 15] = _, w.sigBytes = k.length * 4, this._process(), this._hash;
592
- },
593
- clone: function() {
594
- var w = c.clone.call(this);
595
- return w._hash = this._hash.clone(), w;
596
- }
597
- });
598
- i.SHA256 = c._createHelper(S), i.HmacSHA256 = c._createHmacHelper(S);
599
- }(Math), s.SHA256;
600
- });
601
- })(qe);
602
- var $ = {}, Ne = {
603
- get exports() {
604
- return $;
605
- },
606
- set exports(e) {
607
- $ = e;
608
- }
609
- };
610
- (function(e, t) {
611
- (function(s, r) {
612
- e.exports = r(M);
613
- })(N, function(s) {
614
- return function() {
615
- var r = s, i = r.lib, n = i.WordArray, o = r.enc;
616
- o.Base64 = {
617
- /**
618
- * Converts a word array to a Base64 string.
619
- *
620
- * @param {WordArray} wordArray The word array.
621
- *
622
- * @return {string} The Base64 string.
623
- *
624
- * @static
625
- *
626
- * @example
627
- *
628
- * var base64String = CryptoJS.enc.Base64.stringify(wordArray);
629
- */
630
- stringify: function(l) {
631
- var h = l.words, g = l.sigBytes, u = this._map;
632
- l.clamp();
633
- for (var S = [], w = 0; w < g; w += 3)
634
- for (var k = h[w >>> 2] >>> 24 - w % 4 * 8 & 255, _ = h[w + 1 >>> 2] >>> 24 - (w + 1) % 4 * 8 & 255, v = h[w + 2 >>> 2] >>> 24 - (w + 2) % 4 * 8 & 255, y = k << 16 | _ << 8 | v, a = 0; a < 4 && w + a * 0.75 < g; a++)
635
- S.push(u.charAt(y >>> 6 * (3 - a) & 63));
636
- var d = u.charAt(64);
637
- if (d)
638
- for (; S.length % 4; )
639
- S.push(d);
640
- return S.join("");
641
- },
642
- /**
643
- * Converts a Base64 string to a word array.
644
- *
645
- * @param {string} base64Str The Base64 string.
646
- *
647
- * @return {WordArray} The word array.
648
- *
649
- * @static
650
- *
651
- * @example
652
- *
653
- * var wordArray = CryptoJS.enc.Base64.parse(base64String);
654
- */
655
- parse: function(l) {
656
- var h = l.length, g = this._map, u = this._reverseMap;
657
- if (!u) {
658
- u = this._reverseMap = [];
659
- for (var S = 0; S < g.length; S++)
660
- u[g.charCodeAt(S)] = S;
661
- }
662
- var w = g.charAt(64);
663
- if (w) {
664
- var k = l.indexOf(w);
665
- k !== -1 && (h = k);
666
- }
667
- return c(l, h, u);
668
- },
669
- _map: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="
670
- };
671
- function c(l, h, g) {
672
- for (var u = [], S = 0, w = 0; w < h; w++)
673
- if (w % 4) {
674
- var k = g[l.charCodeAt(w - 1)] << w % 4 * 2, _ = g[l.charCodeAt(w)] >>> 6 - w % 4 * 2, v = k | _;
675
- u[S >>> 2] |= v << 24 - S % 4 * 8, S++;
676
- }
677
- return n.create(u, S);
678
- }
679
- }(), s.enc.Base64;
680
- });
681
- })(Ne);
682
- var X = {}, je = {
683
- get exports() {
684
- return X;
685
- },
686
- set exports(e) {
687
- X = e;
688
- }
689
- };
690
- (function(e, t) {
691
- (function(s, r) {
692
- e.exports = r(M);
693
- })(N, function(s) {
694
- return s.enc.Utf8;
695
- });
696
- })(je);
697
- function Y(e) {
698
- this.message = e;
699
- }
700
- Y.prototype = new Error(), Y.prototype.name = "InvalidCharacterError";
701
- var ce = typeof window < "u" && window.atob && window.atob.bind(window) || function(e) {
702
- var t = String(e).replace(/=+$/, "");
703
- if (t.length % 4 == 1)
704
- throw new Y("'atob' failed: The string to be decoded is not correctly encoded.");
705
- for (var s, r, i = 0, n = 0, o = ""; r = t.charAt(n++); ~r && (s = i % 4 ? 64 * s + r : r, i++ % 4) ? o += String.fromCharCode(255 & s >> (-2 * i & 6)) : 0)
706
- r = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=".indexOf(r);
707
- return o;
708
- };
709
- function Me(e) {
710
- var t = e.replace(/-/g, "+").replace(/_/g, "/");
711
- switch (t.length % 4) {
712
- case 0:
713
- break;
714
- case 2:
715
- t += "==";
716
- break;
717
- case 3:
718
- t += "=";
719
- break;
720
- default:
721
- throw "Illegal base64url string!";
722
- }
723
- try {
724
- return function(s) {
725
- return decodeURIComponent(ce(s).replace(/(.)/g, function(r, i) {
726
- var n = i.charCodeAt(0).toString(16).toUpperCase();
727
- return n.length < 2 && (n = "0" + n), "%" + n;
728
- }));
729
- }(t);
730
- } catch {
731
- return ce(t);
732
- }
733
- }
734
- function z(e) {
735
- this.message = e;
736
- }
737
- function He(e, t) {
738
- if (typeof e != "string")
739
- throw new z("Invalid token specified");
740
- var s = (t = t || {}).header === !0 ? 0 : 1;
741
- try {
742
- return JSON.parse(Me(e.split(".")[s]));
743
- } catch (r) {
744
- throw new z("Invalid token specified: " + r.message);
745
- }
746
- }
747
- z.prototype = new Error(), z.prototype.name = "InvalidTokenError";
748
- var We = {
749
- debug: () => {
750
- },
751
- info: () => {
752
- },
753
- warn: () => {
754
- },
755
- error: () => {
756
- }
757
- }, I, U, D = /* @__PURE__ */ ((e) => (e[e.NONE = 0] = "NONE", e[e.ERROR = 1] = "ERROR", e[e.WARN = 2] = "WARN", e[e.INFO = 3] = "INFO", e[e.DEBUG = 4] = "DEBUG", e))(D || {});
758
- ((e) => {
759
- function t() {
760
- I = 3, U = We;
761
- }
762
- e.reset = t;
763
- function s(i) {
764
- if (!(0 <= i && i <= 4))
765
- throw new Error("Invalid log level");
766
- I = i;
767
- }
768
- e.setLevel = s;
769
- function r(i) {
770
- U = i;
771
- }
772
- e.setLogger = r;
773
- })(D || (D = {}));
774
- var f = class {
775
- constructor(e) {
776
- this._name = e;
777
- }
778
- debug(...e) {
779
- I >= 4 && U.debug(f._format(this._name, this._method), ...e);
780
- }
781
- info(...e) {
782
- I >= 3 && U.info(f._format(this._name, this._method), ...e);
783
- }
784
- warn(...e) {
785
- I >= 2 && U.warn(f._format(this._name, this._method), ...e);
786
- }
787
- error(...e) {
788
- I >= 1 && U.error(f._format(this._name, this._method), ...e);
789
- }
790
- throw(e) {
791
- throw this.error(e), e;
792
- }
793
- create(e) {
794
- const t = Object.create(this);
795
- return t._method = e, t.debug("begin"), t;
796
- }
797
- static createStatic(e, t) {
798
- const s = new f(`${e}.${t}`);
799
- return s.debug("begin"), s;
800
- }
801
- static _format(e, t) {
802
- const s = `[${e}]`;
803
- return t ? `${s} ${t}:` : s;
804
- }
805
- // helpers for static class methods
806
- static debug(e, ...t) {
807
- I >= 4 && U.debug(f._format(e), ...t);
808
- }
809
- static info(e, ...t) {
810
- I >= 3 && U.info(f._format(e), ...t);
811
- }
812
- static warn(e, ...t) {
813
- I >= 2 && U.warn(f._format(e), ...t);
814
- }
815
- static error(e, ...t) {
816
- I >= 1 && U.error(f._format(e), ...t);
817
- }
818
- };
819
- D.reset();
820
- var Be = "10000000-1000-4000-8000-100000000000", A = class {
821
- static _randomWord() {
822
- return M.lib.WordArray.random(1).words[0];
823
- }
824
- /**
825
- * Generates RFC4122 version 4 guid
826
- */
827
- static generateUUIDv4() {
828
- return Be.replace(
829
- /[018]/g,
830
- (t) => (+t ^ A._randomWord() & 15 >> +t / 4).toString(16)
831
- ).replace(/-/g, "");
832
- }
833
- /**
834
- * PKCE: Generate a code verifier
835
- */
836
- static generateCodeVerifier() {
837
- return A.generateUUIDv4() + A.generateUUIDv4() + A.generateUUIDv4();
838
- }
839
- /**
840
- * PKCE: Generate a code challenge
841
- */
842
- static generateCodeChallenge(e) {
843
- try {
844
- const t = Q(e);
845
- return $.stringify(t).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
846
- } catch (t) {
847
- throw f.error("CryptoUtils.generateCodeChallenge", t), t;
848
- }
849
- }
850
- /**
851
- * Generates a base64-encoded string for a basic auth header
852
- */
853
- static generateBasicAuth(e, t) {
854
- const s = X.parse([e, t].join(":"));
855
- return $.stringify(s);
856
- }
857
- }, O = class {
858
- constructor(e) {
859
- this._name = e, this._logger = new f(`Event('${this._name}')`), this._callbacks = [];
860
- }
861
- addHandler(e) {
862
- return this._callbacks.push(e), () => this.removeHandler(e);
863
- }
864
- removeHandler(e) {
865
- const t = this._callbacks.lastIndexOf(e);
866
- t >= 0 && this._callbacks.splice(t, 1);
867
- }
868
- raise(...e) {
869
- this._logger.debug("raise:", ...e);
870
- for (const t of this._callbacks)
871
- t(...e);
872
- }
873
- }, Z = class {
874
- // IMPORTANT: doesn't validate the token
875
- static decode(e) {
876
- try {
877
- return He(e);
878
- } catch (t) {
879
- throw f.error("JwtUtils.decode", t), t;
880
- }
881
- }
882
- }, le = class {
883
- /**
884
- * Populates a map of window features with a placement centered in front of
885
- * the current window. If no explicit width is given, a default value is
886
- * binned into [800, 720, 600, 480, 360] based on the current window's width.
887
- */
888
- static center({ ...e }) {
889
- var t, s, r;
890
- return e.width == null && (e.width = (t = [800, 720, 600, 480].find((i) => i <= window.outerWidth / 1.618)) != null ? t : 360), (s = e.left) != null || (e.left = Math.max(0, Math.round(window.screenX + (window.outerWidth - e.width) / 2))), e.height != null && ((r = e.top) != null || (e.top = Math.max(0, Math.round(window.screenY + (window.outerHeight - e.height) / 2)))), e;
891
- }
892
- static serialize(e) {
893
- return Object.entries(e).filter(([, t]) => t != null).map(([t, s]) => `${t}=${typeof s != "boolean" ? s : s ? "yes" : "no"}`).join(",");
894
- }
895
- }, T = class extends O {
896
- constructor() {
897
- super(...arguments), this._logger = new f(`Timer('${this._name}')`), this._timerHandle = null, this._expiration = 0, this._callback = () => {
898
- const e = this._expiration - T.getEpochTime();
899
- this._logger.debug("timer completes in", e), this._expiration <= T.getEpochTime() && (this.cancel(), super.raise());
900
- };
901
- }
902
- // get the time
903
- static getEpochTime() {
904
- return Math.floor(Date.now() / 1e3);
905
- }
906
- init(e) {
907
- const t = this._logger.create("init");
908
- e = Math.max(Math.floor(e), 1);
909
- const s = T.getEpochTime() + e;
910
- if (this.expiration === s && this._timerHandle) {
911
- t.debug("skipping since already initialized for expiration at", this.expiration);
912
- return;
913
- }
914
- this.cancel(), t.debug("using duration", e), this._expiration = s;
915
- const r = Math.min(e, 5);
916
- this._timerHandle = setInterval(this._callback, r * 1e3);
917
- }
918
- get expiration() {
919
- return this._expiration;
920
- }
921
- cancel() {
922
- this._logger.create("cancel"), this._timerHandle && (clearInterval(this._timerHandle), this._timerHandle = null);
923
- }
924
- }, ee = class {
925
- static readParams(e, t = "query") {
926
- if (!e)
927
- throw new TypeError("Invalid URL");
928
- const r = new URL(e, window.location.origin)[t === "fragment" ? "hash" : "search"];
929
- return new URLSearchParams(r.slice(1));
930
- }
931
- }, j = class extends Error {
932
- constructor(e, t) {
933
- var s, r, i;
934
- if (super(e.error_description || e.error || ""), this.form = t, this.name = "ErrorResponse", !e.error)
935
- throw f.error("ErrorResponse", "No error passed"), new Error("No error passed");
936
- this.error = e.error, this.error_description = (s = e.error_description) != null ? s : null, this.error_uri = (r = e.error_uri) != null ? r : null, this.state = e.userState, this.session_state = (i = e.session_state) != null ? i : null;
937
- }
938
- }, re = class extends Error {
939
- constructor(e) {
940
- super(e), this.name = "ErrorTimeout";
941
- }
942
- }, Le = class {
943
- constructor(e) {
944
- this._logger = new f("AccessTokenEvents"), this._expiringTimer = new T("Access token expiring"), this._expiredTimer = new T("Access token expired"), this._expiringNotificationTimeInSeconds = e.expiringNotificationTimeInSeconds;
945
- }
946
- load(e) {
947
- const t = this._logger.create("load");
948
- if (e.access_token && e.expires_in !== void 0) {
949
- const s = e.expires_in;
950
- if (t.debug("access token present, remaining duration:", s), s > 0) {
951
- let i = s - this._expiringNotificationTimeInSeconds;
952
- i <= 0 && (i = 1), t.debug("registering expiring timer, raising in", i, "seconds"), this._expiringTimer.init(i);
953
- } else
954
- t.debug("canceling existing expiring timer because we're past expiration."), this._expiringTimer.cancel();
955
- const r = s + 1;
956
- t.debug("registering expired timer, raising in", r, "seconds"), this._expiredTimer.init(r);
957
- } else
958
- this._expiringTimer.cancel(), this._expiredTimer.cancel();
959
- }
960
- unload() {
961
- this._logger.debug("unload: canceling existing access token timers"), this._expiringTimer.cancel(), this._expiredTimer.cancel();
962
- }
963
- /**
964
- * Add callback: Raised prior to the access token expiring.
965
- */
966
- addAccessTokenExpiring(e) {
967
- return this._expiringTimer.addHandler(e);
968
- }
969
- /**
970
- * Remove callback: Raised prior to the access token expiring.
971
- */
972
- removeAccessTokenExpiring(e) {
973
- this._expiringTimer.removeHandler(e);
974
- }
975
- /**
976
- * Add callback: Raised after the access token has expired.
977
- */
978
- addAccessTokenExpired(e) {
979
- return this._expiredTimer.addHandler(e);
980
- }
981
- /**
982
- * Remove callback: Raised after the access token has expired.
983
- */
984
- removeAccessTokenExpired(e) {
985
- this._expiredTimer.removeHandler(e);
986
- }
987
- }, Fe = class {
988
- constructor(e, t, s, r, i) {
989
- this._callback = e, this._client_id = t, this._intervalInSeconds = r, this._stopOnError = i, this._logger = new f("CheckSessionIFrame"), this._timer = null, this._session_state = null, this._message = (o) => {
990
- o.origin === this._frame_origin && o.source === this._frame.contentWindow && (o.data === "error" ? (this._logger.error("error message from check session op iframe"), this._stopOnError && this.stop()) : o.data === "changed" ? (this._logger.debug("changed message from check session op iframe"), this.stop(), this._callback()) : this._logger.debug(o.data + " message from check session op iframe"));
991
- };
992
- const n = new URL(s);
993
- this._frame_origin = n.origin, this._frame = window.document.createElement("iframe"), this._frame.style.visibility = "hidden", this._frame.style.position = "fixed", this._frame.style.left = "-1000px", this._frame.style.top = "0", this._frame.width = "0", this._frame.height = "0", this._frame.src = n.href;
994
- }
995
- load() {
996
- return new Promise((e) => {
997
- this._frame.onload = () => {
998
- e();
999
- }, window.document.body.appendChild(this._frame), window.addEventListener("message", this._message, !1);
1000
- });
1001
- }
1002
- start(e) {
1003
- if (this._session_state === e)
1004
- return;
1005
- this._logger.create("start"), this.stop(), this._session_state = e;
1006
- const t = () => {
1007
- !this._frame.contentWindow || !this._session_state || this._frame.contentWindow.postMessage(this._client_id + " " + this._session_state, this._frame_origin);
1008
- };
1009
- t(), this._timer = setInterval(t, this._intervalInSeconds * 1e3);
1010
- }
1011
- stop() {
1012
- this._logger.create("stop"), this._session_state = null, this._timer && (clearInterval(this._timer), this._timer = null);
1013
- }
1014
- }, fe = class {
1015
- constructor() {
1016
- this._logger = new f("InMemoryWebStorage"), this._data = {};
1017
- }
1018
- clear() {
1019
- this._logger.create("clear"), this._data = {};
1020
- }
1021
- getItem(e) {
1022
- return this._logger.create(`getItem('${e}')`), this._data[e];
1023
- }
1024
- setItem(e, t) {
1025
- this._logger.create(`setItem('${e}')`), this._data[e] = t;
1026
- }
1027
- removeItem(e) {
1028
- this._logger.create(`removeItem('${e}')`), delete this._data[e];
1029
- }
1030
- get length() {
1031
- return Object.getOwnPropertyNames(this._data).length;
1032
- }
1033
- key(e) {
1034
- return Object.getOwnPropertyNames(this._data)[e];
1035
- }
1036
- }, ie = class {
1037
- constructor(e = [], t = null) {
1038
- this._jwtHandler = t, this._logger = new f("JsonService"), this._contentTypes = [], this._contentTypes.push(...e, "application/json"), t && this._contentTypes.push("application/jwt");
1039
- }
1040
- async fetchWithTimeout(e, t = {}) {
1041
- const { timeoutInSeconds: s, ...r } = t;
1042
- if (!s)
1043
- return await fetch(e, r);
1044
- const i = new AbortController(), n = setTimeout(() => i.abort(), s * 1e3);
1045
- try {
1046
- return await fetch(e, {
1047
- ...t,
1048
- signal: i.signal
1049
- });
1050
- } catch (o) {
1051
- throw o instanceof DOMException && o.name === "AbortError" ? new re("Network timed out") : o;
1052
- } finally {
1053
- clearTimeout(n);
1054
- }
1055
- }
1056
- async getJson(e, {
1057
- token: t,
1058
- credentials: s
1059
- } = {}) {
1060
- const r = this._logger.create("getJson"), i = {
1061
- Accept: this._contentTypes.join(", ")
1062
- };
1063
- t && (r.debug("token passed, setting Authorization header"), i.Authorization = "Bearer " + t);
1064
- let n;
1065
- try {
1066
- r.debug("url:", e), n = await this.fetchWithTimeout(e, { method: "GET", headers: i, credentials: s });
1067
- } catch (l) {
1068
- throw r.error("Network Error"), l;
1069
- }
1070
- r.debug("HTTP response received, status", n.status);
1071
- const o = n.headers.get("Content-Type");
1072
- if (o && !this._contentTypes.find((l) => o.startsWith(l)) && r.throw(new Error(`Invalid response Content-Type: ${o ?? "undefined"}, from URL: ${e}`)), n.ok && this._jwtHandler && (o != null && o.startsWith("application/jwt")))
1073
- return await this._jwtHandler(await n.text());
1074
- let c;
1075
- try {
1076
- c = await n.json();
1077
- } catch (l) {
1078
- throw r.error("Error parsing JSON response", l), n.ok ? l : new Error(`${n.statusText} (${n.status})`);
1079
- }
1080
- if (!n.ok)
1081
- throw r.error("Error from server:", c), c.error ? new j(c) : new Error(`${n.statusText} (${n.status}): ${JSON.stringify(c)}`);
1082
- return c;
1083
- }
1084
- async postForm(e, {
1085
- body: t,
1086
- basicAuth: s,
1087
- timeoutInSeconds: r,
1088
- initCredentials: i
1089
- }) {
1090
- const n = this._logger.create("postForm"), o = {
1091
- Accept: this._contentTypes.join(", "),
1092
- "Content-Type": "application/x-www-form-urlencoded"
1093
- };
1094
- s !== void 0 && (o.Authorization = "Basic " + s);
1095
- let c;
1096
- try {
1097
- n.debug("url:", e), c = await this.fetchWithTimeout(e, { method: "POST", headers: o, body: t, timeoutInSeconds: r, credentials: i });
1098
- } catch (u) {
1099
- throw n.error("Network error"), u;
1100
- }
1101
- n.debug("HTTP response received, status", c.status);
1102
- const l = c.headers.get("Content-Type");
1103
- if (l && !this._contentTypes.find((u) => l.startsWith(u)))
1104
- throw new Error(`Invalid response Content-Type: ${l ?? "undefined"}, from URL: ${e}`);
1105
- const h = await c.text();
1106
- let g = {};
1107
- if (h)
1108
- try {
1109
- g = JSON.parse(h);
1110
- } catch (u) {
1111
- throw n.error("Error parsing JSON response", u), c.ok ? u : new Error(`${c.statusText} (${c.status})`);
1112
- }
1113
- if (!c.ok)
1114
- throw n.error("Error from server:", g), g.error ? new j(g, t) : new Error(`${c.statusText} (${c.status}): ${JSON.stringify(g)}`);
1115
- return g;
1116
- }
1117
- }, $e = class {
1118
- constructor(e) {
1119
- this._settings = e, this._logger = new f("MetadataService"), this._jsonService = new ie(["application/jwk-set+json"]), this._signingKeys = null, this._metadata = null, this._metadataUrl = this._settings.metadataUrl, this._settings.signingKeys && (this._logger.debug("using signingKeys from settings"), this._signingKeys = this._settings.signingKeys), this._settings.metadata && (this._logger.debug("using metadata from settings"), this._metadata = this._settings.metadata), this._settings.fetchRequestCredentials && (this._logger.debug("using fetchRequestCredentials from settings"), this._fetchRequestCredentials = this._settings.fetchRequestCredentials);
1120
- }
1121
- resetSigningKeys() {
1122
- this._signingKeys = null;
1123
- }
1124
- async getMetadata() {
1125
- const e = this._logger.create("getMetadata");
1126
- if (this._metadata)
1127
- return e.debug("using cached values"), this._metadata;
1128
- if (!this._metadataUrl)
1129
- throw e.throw(new Error("No authority or metadataUrl configured on settings")), null;
1130
- e.debug("getting metadata from", this._metadataUrl);
1131
- const t = await this._jsonService.getJson(this._metadataUrl, { credentials: this._fetchRequestCredentials });
1132
- return e.debug("merging remote JSON with seed metadata"), this._metadata = Object.assign({}, this._settings.metadataSeed, t), this._metadata;
1133
- }
1134
- getIssuer() {
1135
- return this._getMetadataProperty("issuer");
1136
- }
1137
- getAuthorizationEndpoint() {
1138
- return this._getMetadataProperty("authorization_endpoint");
1139
- }
1140
- getUserInfoEndpoint() {
1141
- return this._getMetadataProperty("userinfo_endpoint");
1142
- }
1143
- getTokenEndpoint(e = !0) {
1144
- return this._getMetadataProperty("token_endpoint", e);
1145
- }
1146
- getCheckSessionIframe() {
1147
- return this._getMetadataProperty("check_session_iframe", !0);
1148
- }
1149
- getEndSessionEndpoint() {
1150
- return this._getMetadataProperty("end_session_endpoint", !0);
1151
- }
1152
- getRevocationEndpoint(e = !0) {
1153
- return this._getMetadataProperty("revocation_endpoint", e);
1154
- }
1155
- getKeysEndpoint(e = !0) {
1156
- return this._getMetadataProperty("jwks_uri", e);
1157
- }
1158
- async _getMetadataProperty(e, t = !1) {
1159
- const s = this._logger.create(`_getMetadataProperty('${e}')`), r = await this.getMetadata();
1160
- if (s.debug("resolved"), r[e] === void 0) {
1161
- if (t === !0) {
1162
- s.warn("Metadata does not contain optional property");
1163
- return;
1164
- }
1165
- s.throw(new Error("Metadata does not contain property " + e));
1166
- }
1167
- return r[e];
1168
- }
1169
- async getSigningKeys() {
1170
- const e = this._logger.create("getSigningKeys");
1171
- if (this._signingKeys)
1172
- return e.debug("returning signingKeys from cache"), this._signingKeys;
1173
- const t = await this.getKeysEndpoint(!1);
1174
- e.debug("got jwks_uri", t);
1175
- const s = await this._jsonService.getJson(t);
1176
- if (e.debug("got key set", s), !Array.isArray(s.keys))
1177
- throw e.throw(new Error("Missing keys on keyset")), null;
1178
- return this._signingKeys = s.keys, this._signingKeys;
1179
- }
1180
- }, we = class {
1181
- constructor({
1182
- prefix: e = "oidc.",
1183
- store: t = localStorage
1184
- } = {}) {
1185
- this._logger = new f("WebStorageStateStore"), this._store = t, this._prefix = e;
1186
- }
1187
- async set(e, t) {
1188
- this._logger.create(`set('${e}')`), e = this._prefix + e, await this._store.setItem(e, t);
1189
- }
1190
- async get(e) {
1191
- return this._logger.create(`get('${e}')`), e = this._prefix + e, await this._store.getItem(e);
1192
- }
1193
- async remove(e) {
1194
- this._logger.create(`remove('${e}')`), e = this._prefix + e;
1195
- const t = await this._store.getItem(e);
1196
- return await this._store.removeItem(e), t;
1197
- }
1198
- async getAllKeys() {
1199
- this._logger.create("getAllKeys");
1200
- const e = await this._store.length, t = [];
1201
- for (let s = 0; s < e; s++) {
1202
- const r = await this._store.key(s);
1203
- r && r.indexOf(this._prefix) === 0 && t.push(r.substr(this._prefix.length));
1204
- }
1205
- return t;
1206
- }
1207
- }, ze = "code", De = "openid", Je = "client_secret_post", Ke = "query", Ve = 60 * 15, Ge = 60 * 5, me = class {
1208
- constructor({
1209
- // metadata related
1210
- authority: e,
1211
- metadataUrl: t,
1212
- metadata: s,
1213
- signingKeys: r,
1214
- metadataSeed: i,
1215
- // client related
1216
- client_id: n,
1217
- client_secret: o,
1218
- response_type: c = ze,
1219
- scope: l = De,
1220
- redirect_uri: h,
1221
- post_logout_redirect_uri: g,
1222
- client_authentication: u = Je,
1223
- // optional protocol
1224
- prompt: S,
1225
- display: w,
1226
- max_age: k,
1227
- ui_locales: _,
1228
- acr_values: v,
1229
- resource: y,
1230
- response_mode: a = Ke,
1231
- // behavior flags
1232
- filterProtocolClaims: d = !0,
1233
- loadUserInfo: p = !1,
1234
- staleStateAgeInSeconds: m = Ve,
1235
- clockSkewInSeconds: b = Ge,
1236
- userInfoJwtIssuer: E = "OP",
1237
- mergeClaims: C = !1,
1238
- disablePKCE: x = !1,
1239
- // other behavior
1240
- stateStore: P,
1241
- refreshTokenCredentials: R,
1242
- revokeTokenAdditionalContentTypes: q,
1243
- fetchRequestCredentials: W,
1244
- refreshTokenAllowedScope: J,
1245
- // extra query params
1246
- extraQueryParams: K = {},
1247
- extraTokenParams: V = {}
1248
- }) {
1249
- if (this.authority = e, t ? this.metadataUrl = t : (this.metadataUrl = e, e && (this.metadataUrl.endsWith("/") || (this.metadataUrl += "/"), this.metadataUrl += ".well-known/openid-configuration")), this.metadata = s, this.metadataSeed = i, this.signingKeys = r, this.client_id = n, this.client_secret = o, this.response_type = c, this.scope = l, this.redirect_uri = h, this.post_logout_redirect_uri = g, this.client_authentication = u, this.prompt = S, this.display = w, this.max_age = k, this.ui_locales = _, this.acr_values = v, this.resource = y, this.response_mode = a, this.filterProtocolClaims = d ?? !0, this.loadUserInfo = !!p, this.staleStateAgeInSeconds = m, this.clockSkewInSeconds = b, this.userInfoJwtIssuer = E, this.mergeClaims = !!C, this.disablePKCE = !!x, this.revokeTokenAdditionalContentTypes = q, W && R && console.warn("Both fetchRequestCredentials and refreshTokenCredentials is set. Only fetchRequestCredentials will be used."), this.fetchRequestCredentials = W || R || "same-origin", P)
1250
- this.stateStore = P;
1251
- else {
1252
- const B = typeof window < "u" ? window.localStorage : new fe();
1253
- this.stateStore = new we({ store: B });
1254
- }
1255
- this.refreshTokenAllowedScope = J, this.extraQueryParams = K, this.extraTokenParams = V;
1256
- }
1257
- }, Qe = class {
1258
- constructor(e, t) {
1259
- this._settings = e, this._metadataService = t, this._logger = new f("UserInfoService"), this._getClaimsFromJwt = async (s) => {
1260
- const r = this._logger.create("_getClaimsFromJwt");
1261
- try {
1262
- const i = Z.decode(s);
1263
- return r.debug("JWT decoding successful"), i;
1264
- } catch (i) {
1265
- throw r.error("Error parsing JWT response"), i;
1266
- }
1267
- }, this._jsonService = new ie(void 0, this._getClaimsFromJwt);
1268
- }
1269
- async getClaims(e) {
1270
- const t = this._logger.create("getClaims");
1271
- e || this._logger.throw(new Error("No token passed"));
1272
- const s = await this._metadataService.getUserInfoEndpoint();
1273
- t.debug("got userinfo url", s);
1274
- const r = await this._jsonService.getJson(s, {
1275
- token: e,
1276
- credentials: this._settings.fetchRequestCredentials
1277
- });
1278
- return t.debug("got claims", r), r;
1279
- }
1280
- }, ve = class {
1281
- constructor(e, t) {
1282
- this._settings = e, this._metadataService = t, this._logger = new f("TokenClient"), this._jsonService = new ie(this._settings.revokeTokenAdditionalContentTypes);
1283
- }
1284
- async exchangeCode({
1285
- grant_type: e = "authorization_code",
1286
- redirect_uri: t = this._settings.redirect_uri,
1287
- client_id: s = this._settings.client_id,
1288
- client_secret: r = this._settings.client_secret,
1289
- ...i
1290
- }) {
1291
- const n = this._logger.create("exchangeCode");
1292
- s || n.throw(new Error("A client_id is required")), t || n.throw(new Error("A redirect_uri is required")), i.code || n.throw(new Error("A code is required"));
1293
- const o = new URLSearchParams({ grant_type: e, redirect_uri: t });
1294
- for (const [g, u] of Object.entries(i))
1295
- u != null && o.set(g, u);
1296
- let c;
1297
- switch (this._settings.client_authentication) {
1298
- case "client_secret_basic":
1299
- if (!r)
1300
- throw n.throw(new Error("A client_secret is required")), null;
1301
- c = A.generateBasicAuth(s, r);
1302
- break;
1303
- case "client_secret_post":
1304
- o.append("client_id", s), r && o.append("client_secret", r);
1305
- break;
1306
- }
1307
- const l = await this._metadataService.getTokenEndpoint(!1);
1308
- n.debug("got token endpoint");
1309
- const h = await this._jsonService.postForm(l, { body: o, basicAuth: c, initCredentials: this._settings.fetchRequestCredentials });
1310
- return n.debug("got response"), h;
1311
- }
1312
- async exchangeCredentials({
1313
- grant_type: e = "password",
1314
- client_id: t = this._settings.client_id,
1315
- client_secret: s = this._settings.client_secret,
1316
- scope: r = this._settings.scope,
1317
- ...i
1318
- }) {
1319
- const n = this._logger.create("exchangeCredentials");
1320
- t || n.throw(new Error("A client_id is required"));
1321
- const o = new URLSearchParams({ grant_type: e, scope: r });
1322
- for (const [g, u] of Object.entries(i))
1323
- u != null && o.set(g, u);
1324
- let c;
1325
- switch (this._settings.client_authentication) {
1326
- case "client_secret_basic":
1327
- if (!s)
1328
- throw n.throw(new Error("A client_secret is required")), null;
1329
- c = A.generateBasicAuth(t, s);
1330
- break;
1331
- case "client_secret_post":
1332
- o.append("client_id", t), s && o.append("client_secret", s);
1333
- break;
1334
- }
1335
- const l = await this._metadataService.getTokenEndpoint(!1);
1336
- n.debug("got token endpoint");
1337
- const h = await this._jsonService.postForm(l, { body: o, basicAuth: c, initCredentials: this._settings.fetchRequestCredentials });
1338
- return n.debug("got response"), h;
1339
- }
1340
- async exchangeRefreshToken({
1341
- grant_type: e = "refresh_token",
1342
- client_id: t = this._settings.client_id,
1343
- client_secret: s = this._settings.client_secret,
1344
- timeoutInSeconds: r,
1345
- ...i
1346
- }) {
1347
- const n = this._logger.create("exchangeRefreshToken");
1348
- t || n.throw(new Error("A client_id is required")), i.refresh_token || n.throw(new Error("A refresh_token is required"));
1349
- const o = new URLSearchParams({ grant_type: e });
1350
- for (const [g, u] of Object.entries(i))
1351
- u != null && o.set(g, u);
1352
- let c;
1353
- switch (this._settings.client_authentication) {
1354
- case "client_secret_basic":
1355
- if (!s)
1356
- throw n.throw(new Error("A client_secret is required")), null;
1357
- c = A.generateBasicAuth(t, s);
1358
- break;
1359
- case "client_secret_post":
1360
- o.append("client_id", t), s && o.append("client_secret", s);
1361
- break;
1362
- }
1363
- const l = await this._metadataService.getTokenEndpoint(!1);
1364
- n.debug("got token endpoint");
1365
- const h = await this._jsonService.postForm(l, { body: o, basicAuth: c, timeoutInSeconds: r, initCredentials: this._settings.fetchRequestCredentials });
1366
- return n.debug("got response"), h;
1367
- }
1368
- /**
1369
- * Revoke an access or refresh token.
1370
- *
1371
- * @see https://datatracker.ietf.org/doc/html/rfc7009#section-2.1
1372
- */
1373
- async revoke(e) {
1374
- var t;
1375
- const s = this._logger.create("revoke");
1376
- e.token || s.throw(new Error("A token is required"));
1377
- const r = await this._metadataService.getRevocationEndpoint(!1);
1378
- s.debug(`got revocation endpoint, revoking ${(t = e.token_type_hint) != null ? t : "default token type"}`);
1379
- const i = new URLSearchParams();
1380
- for (const [n, o] of Object.entries(e))
1381
- o != null && i.set(n, o);
1382
- i.set("client_id", this._settings.client_id), this._settings.client_secret && i.set("client_secret", this._settings.client_secret), await this._jsonService.postForm(r, { body: i }), s.debug("got response");
1383
- }
1384
- }, Xe = [
1385
- "nbf",
1386
- "jti",
1387
- "auth_time",
1388
- "nonce",
1389
- "acr",
1390
- "amr",
1391
- "azp",
1392
- "at_hash"
1393
- // https://openid.net/specs/openid-connect-core-1_0.html#CodeIDToken
1394
- ], Ye = ["sub", "iss", "aud", "exp", "iat"], Ze = class {
1395
- constructor(e, t) {
1396
- this._settings = e, this._metadataService = t, this._logger = new f("ResponseValidator"), this._userInfoService = new Qe(this._settings, this._metadataService), this._tokenClient = new ve(this._settings, this._metadataService);
1397
- }
1398
- async validateSigninResponse(e, t) {
1399
- const s = this._logger.create("validateSigninResponse");
1400
- this._processSigninState(e, t), s.debug("state processed"), await this._processCode(e, t), s.debug("code processed"), e.isOpenId && this._validateIdTokenAttributes(e), s.debug("tokens validated"), await this._processClaims(e, t == null ? void 0 : t.skipUserInfo, e.isOpenId), s.debug("claims processed");
1401
- }
1402
- async validateCredentialsResponse(e, t) {
1403
- const s = this._logger.create("validateCredentialsResponse");
1404
- e.isOpenId && this._validateIdTokenAttributes(e), s.debug("tokens validated"), await this._processClaims(e, t, e.isOpenId), s.debug("claims processed");
1405
- }
1406
- async validateRefreshResponse(e, t) {
1407
- var s, r;
1408
- const i = this._logger.create("validateRefreshResponse");
1409
- e.userState = t.data, (s = e.session_state) != null || (e.session_state = t.session_state), (r = e.scope) != null || (e.scope = t.scope), e.isOpenId && e.id_token && (this._validateIdTokenAttributes(e, t.id_token), i.debug("ID Token validated")), e.id_token || (e.id_token = t.id_token, e.profile = t.profile);
1410
- const n = e.isOpenId && !!e.id_token;
1411
- await this._processClaims(e, !1, n), i.debug("claims processed");
1412
- }
1413
- validateSignoutResponse(e, t) {
1414
- const s = this._logger.create("validateSignoutResponse");
1415
- if (t.id !== e.state && s.throw(new Error("State does not match")), s.debug("state validated"), e.userState = t.data, e.error)
1416
- throw s.warn("Response was error", e.error), new j(e);
1417
- }
1418
- _processSigninState(e, t) {
1419
- var s;
1420
- const r = this._logger.create("_processSigninState");
1421
- if (t.id !== e.state && r.throw(new Error("State does not match")), t.client_id || r.throw(new Error("No client_id on state")), t.authority || r.throw(new Error("No authority on state")), this._settings.authority !== t.authority && r.throw(new Error("authority mismatch on settings vs. signin state")), this._settings.client_id && this._settings.client_id !== t.client_id && r.throw(new Error("client_id mismatch on settings vs. signin state")), r.debug("state validated"), e.userState = t.data, (s = e.scope) != null || (e.scope = t.scope), e.error)
1422
- throw r.warn("Response was error", e.error), new j(e);
1423
- t.code_verifier && !e.code && r.throw(new Error("Expected code in response"));
1424
- }
1425
- async _processClaims(e, t = !1, s = !0) {
1426
- const r = this._logger.create("_processClaims");
1427
- if (e.profile = this._filterProtocolClaims(e.profile), t || !this._settings.loadUserInfo || !e.access_token) {
1428
- r.debug("not loading user info");
1429
- return;
1430
- }
1431
- r.debug("loading user info");
1432
- const i = await this._userInfoService.getClaims(e.access_token);
1433
- r.debug("user info claims received from user info endpoint"), s && i.sub !== e.profile.sub && r.throw(new Error("subject from UserInfo response does not match subject in ID Token")), e.profile = this._mergeClaims(e.profile, this._filterProtocolClaims(i)), r.debug("user info claims received, updated profile:", e.profile);
1434
- }
1435
- _mergeClaims(e, t) {
1436
- const s = { ...e };
1437
- for (const [r, i] of Object.entries(t))
1438
- for (const n of Array.isArray(i) ? i : [i]) {
1439
- const o = s[r];
1440
- o ? Array.isArray(o) ? o.includes(n) || o.push(n) : s[r] !== n && (typeof n == "object" && this._settings.mergeClaims ? s[r] = this._mergeClaims(o, n) : s[r] = [o, n]) : s[r] = n;
1441
- }
1442
- return s;
1443
- }
1444
- _filterProtocolClaims(e) {
1445
- const t = { ...e };
1446
- if (this._settings.filterProtocolClaims) {
1447
- let s;
1448
- Array.isArray(this._settings.filterProtocolClaims) ? s = this._settings.filterProtocolClaims : s = Xe;
1449
- for (const r of s)
1450
- Ye.includes(r) || delete t[r];
1451
- }
1452
- return t;
1453
- }
1454
- async _processCode(e, t) {
1455
- const s = this._logger.create("_processCode");
1456
- if (e.code) {
1457
- s.debug("Validating code");
1458
- const r = await this._tokenClient.exchangeCode({
1459
- client_id: t.client_id,
1460
- client_secret: t.client_secret,
1461
- code: e.code,
1462
- redirect_uri: t.redirect_uri,
1463
- code_verifier: t.code_verifier,
1464
- ...t.extraTokenParams
1465
- });
1466
- Object.assign(e, r);
1467
- } else
1468
- s.debug("No code to process");
1469
- }
1470
- _validateIdTokenAttributes(e, t) {
1471
- var s;
1472
- const r = this._logger.create("_validateIdTokenAttributes");
1473
- r.debug("decoding ID Token JWT");
1474
- const i = Z.decode((s = e.id_token) != null ? s : "");
1475
- if (i.sub || r.throw(new Error("ID Token is missing a subject claim")), t) {
1476
- const n = Z.decode(t);
1477
- n.sub !== i.sub && r.throw(new Error("sub in id_token does not match current sub")), n.auth_time && n.auth_time !== i.auth_time && r.throw(new Error("auth_time in id_token does not match original auth_time")), n.azp && n.azp !== i.azp && r.throw(new Error("azp in id_token does not match original azp")), !n.azp && i.azp && r.throw(new Error("azp not in id_token, but present in original id_token"));
1478
- }
1479
- e.profile = i;
1480
- }
1481
- }, H = class {
1482
- constructor(e) {
1483
- this.id = e.id || A.generateUUIDv4(), this.data = e.data, e.created && e.created > 0 ? this.created = e.created : this.created = T.getEpochTime(), this.request_type = e.request_type;
1484
- }
1485
- toStorageString() {
1486
- return new f("State").create("toStorageString"), JSON.stringify({
1487
- id: this.id,
1488
- data: this.data,
1489
- created: this.created,
1490
- request_type: this.request_type
1491
- });
1492
- }
1493
- static fromStorageString(e) {
1494
- return f.createStatic("State", "fromStorageString"), new H(JSON.parse(e));
1495
- }
1496
- static async clearStaleState(e, t) {
1497
- const s = f.createStatic("State", "clearStaleState"), r = T.getEpochTime() - t, i = await e.getAllKeys();
1498
- s.debug("got keys", i);
1499
- for (let n = 0; n < i.length; n++) {
1500
- const o = i[n], c = await e.get(o);
1501
- let l = !1;
1502
- if (c)
1503
- try {
1504
- const h = H.fromStorageString(c);
1505
- s.debug("got item from key:", o, h.created), h.created <= r && (l = !0);
1506
- } catch (h) {
1507
- s.error("Error parsing state for key:", o, h), l = !0;
1508
- }
1509
- else
1510
- s.debug("no item in storage for key:", o), l = !0;
1511
- l && (s.debug("removed item for key:", o), e.remove(o));
1512
- }
1513
- }
1514
- }, ne = class extends H {
1515
- constructor(e) {
1516
- super(e), e.code_verifier === !0 ? this.code_verifier = A.generateCodeVerifier() : e.code_verifier && (this.code_verifier = e.code_verifier), this.code_verifier && (this.code_challenge = A.generateCodeChallenge(this.code_verifier)), this.authority = e.authority, this.client_id = e.client_id, this.redirect_uri = e.redirect_uri, this.scope = e.scope, this.client_secret = e.client_secret, this.extraTokenParams = e.extraTokenParams, this.response_mode = e.response_mode, this.skipUserInfo = e.skipUserInfo;
1517
- }
1518
- toStorageString() {
1519
- return new f("SigninState").create("toStorageString"), JSON.stringify({
1520
- id: this.id,
1521
- data: this.data,
1522
- created: this.created,
1523
- request_type: this.request_type,
1524
- code_verifier: this.code_verifier,
1525
- authority: this.authority,
1526
- client_id: this.client_id,
1527
- redirect_uri: this.redirect_uri,
1528
- scope: this.scope,
1529
- client_secret: this.client_secret,
1530
- extraTokenParams: this.extraTokenParams,
1531
- response_mode: this.response_mode,
1532
- skipUserInfo: this.skipUserInfo
1533
- });
1534
- }
1535
- static fromStorageString(e) {
1536
- f.createStatic("SigninState", "fromStorageString");
1537
- const t = JSON.parse(e);
1538
- return new ne(t);
1539
- }
1540
- }, et = class {
1541
- constructor({
1542
- // mandatory
1543
- url: e,
1544
- authority: t,
1545
- client_id: s,
1546
- redirect_uri: r,
1547
- response_type: i,
1548
- scope: n,
1549
- // optional
1550
- state_data: o,
1551
- response_mode: c,
1552
- request_type: l,
1553
- client_secret: h,
1554
- nonce: g,
1555
- resource: u,
1556
- skipUserInfo: S,
1557
- extraQueryParams: w,
1558
- extraTokenParams: k,
1559
- disablePKCE: _,
1560
- ...v
1561
- }) {
1562
- if (this._logger = new f("SigninRequest"), !e)
1563
- throw this._logger.error("ctor: No url passed"), new Error("url");
1564
- if (!s)
1565
- throw this._logger.error("ctor: No client_id passed"), new Error("client_id");
1566
- if (!r)
1567
- throw this._logger.error("ctor: No redirect_uri passed"), new Error("redirect_uri");
1568
- if (!i)
1569
- throw this._logger.error("ctor: No response_type passed"), new Error("response_type");
1570
- if (!n)
1571
- throw this._logger.error("ctor: No scope passed"), new Error("scope");
1572
- if (!t)
1573
- throw this._logger.error("ctor: No authority passed"), new Error("authority");
1574
- this.state = new ne({
1575
- data: o,
1576
- request_type: l,
1577
- code_verifier: !_,
1578
- client_id: s,
1579
- authority: t,
1580
- redirect_uri: r,
1581
- response_mode: c,
1582
- client_secret: h,
1583
- scope: n,
1584
- extraTokenParams: k,
1585
- skipUserInfo: S
1586
- });
1587
- const y = new URL(e);
1588
- y.searchParams.append("client_id", s), y.searchParams.append("redirect_uri", r), y.searchParams.append("response_type", i), y.searchParams.append("scope", n), g && y.searchParams.append("nonce", g), y.searchParams.append("state", this.state.id), this.state.code_challenge && (y.searchParams.append("code_challenge", this.state.code_challenge), y.searchParams.append("code_challenge_method", "S256")), u && (Array.isArray(u) ? u : [u]).forEach((d) => y.searchParams.append("resource", d));
1589
- for (const [a, d] of Object.entries({ response_mode: c, ...v, ...w }))
1590
- d != null && y.searchParams.append(a, d.toString());
1591
- this.url = y.href;
1592
- }
1593
- }, tt = "openid", G = class {
1594
- constructor(e) {
1595
- this.access_token = "", this.token_type = "", this.profile = {}, this.state = e.get("state"), this.session_state = e.get("session_state"), this.error = e.get("error"), this.error_description = e.get("error_description"), this.error_uri = e.get("error_uri"), this.code = e.get("code");
1596
- }
1597
- get expires_in() {
1598
- if (this.expires_at !== void 0)
1599
- return this.expires_at - T.getEpochTime();
1600
- }
1601
- set expires_in(e) {
1602
- typeof e == "string" && (e = Number(e)), e !== void 0 && e >= 0 && (this.expires_at = Math.floor(e) + T.getEpochTime());
1603
- }
1604
- get isOpenId() {
1605
- var e;
1606
- return ((e = this.scope) == null ? void 0 : e.split(" ").includes(tt)) || !!this.id_token;
1607
- }
1608
- }, st = class {
1609
- constructor({
1610
- url: e,
1611
- state_data: t,
1612
- id_token_hint: s,
1613
- post_logout_redirect_uri: r,
1614
- extraQueryParams: i,
1615
- request_type: n
1616
- }) {
1617
- if (this._logger = new f("SignoutRequest"), !e)
1618
- throw this._logger.error("ctor: No url passed"), new Error("url");
1619
- const o = new URL(e);
1620
- s && o.searchParams.append("id_token_hint", s), r && (o.searchParams.append("post_logout_redirect_uri", r), t && (this.state = new H({ data: t, request_type: n }), o.searchParams.append("state", this.state.id)));
1621
- for (const [c, l] of Object.entries({ ...i }))
1622
- l != null && o.searchParams.append(c, l.toString());
1623
- this.url = o.href;
1624
- }
1625
- }, rt = class {
1626
- constructor(e) {
1627
- this.state = e.get("state"), this.error = e.get("error"), this.error_description = e.get("error_description"), this.error_uri = e.get("error_uri");
1628
- }
1629
- }, it = class {
1630
- constructor(e) {
1631
- this._logger = new f("OidcClient"), this.settings = new me(e), this.metadataService = new $e(this.settings), this._validator = new Ze(this.settings, this.metadataService), this._tokenClient = new ve(this.settings, this.metadataService);
1632
- }
1633
- async createSigninRequest({
1634
- state: e,
1635
- request: t,
1636
- request_uri: s,
1637
- request_type: r,
1638
- id_token_hint: i,
1639
- login_hint: n,
1640
- skipUserInfo: o,
1641
- nonce: c,
1642
- response_type: l = this.settings.response_type,
1643
- scope: h = this.settings.scope,
1644
- redirect_uri: g = this.settings.redirect_uri,
1645
- prompt: u = this.settings.prompt,
1646
- display: S = this.settings.display,
1647
- max_age: w = this.settings.max_age,
1648
- ui_locales: k = this.settings.ui_locales,
1649
- acr_values: _ = this.settings.acr_values,
1650
- resource: v = this.settings.resource,
1651
- response_mode: y = this.settings.response_mode,
1652
- extraQueryParams: a = this.settings.extraQueryParams,
1653
- extraTokenParams: d = this.settings.extraTokenParams
1654
- }) {
1655
- const p = this._logger.create("createSigninRequest");
1656
- if (l !== "code")
1657
- throw new Error("Only the Authorization Code flow (with PKCE) is supported");
1658
- const m = await this.metadataService.getAuthorizationEndpoint();
1659
- p.debug("Received authorization endpoint", m);
1660
- const b = new et({
1661
- url: m,
1662
- authority: this.settings.authority,
1663
- client_id: this.settings.client_id,
1664
- redirect_uri: g,
1665
- response_type: l,
1666
- scope: h,
1667
- state_data: e,
1668
- prompt: u,
1669
- display: S,
1670
- max_age: w,
1671
- ui_locales: k,
1672
- id_token_hint: i,
1673
- login_hint: n,
1674
- acr_values: _,
1675
- resource: v,
1676
- request: t,
1677
- request_uri: s,
1678
- extraQueryParams: a,
1679
- extraTokenParams: d,
1680
- request_type: r,
1681
- response_mode: y,
1682
- client_secret: this.settings.client_secret,
1683
- skipUserInfo: o,
1684
- nonce: c,
1685
- disablePKCE: this.settings.disablePKCE
1686
- });
1687
- await this.clearStaleState();
1688
- const E = b.state;
1689
- return await this.settings.stateStore.set(E.id, E.toStorageString()), b;
1690
- }
1691
- async readSigninResponseState(e, t = !1) {
1692
- const s = this._logger.create("readSigninResponseState"), r = new G(ee.readParams(e, this.settings.response_mode));
1693
- if (!r.state)
1694
- throw s.throw(new Error("No state in response")), null;
1695
- const i = await this.settings.stateStore[t ? "remove" : "get"](r.state);
1696
- if (!i)
1697
- throw s.throw(new Error("No matching state found in storage")), null;
1698
- return { state: ne.fromStorageString(i), response: r };
1699
- }
1700
- async processSigninResponse(e) {
1701
- const t = this._logger.create("processSigninResponse"), { state: s, response: r } = await this.readSigninResponseState(e, !0);
1702
- return t.debug("received state from storage; validating response"), await this._validator.validateSigninResponse(r, s), r;
1703
- }
1704
- async processResourceOwnerPasswordCredentials({
1705
- username: e,
1706
- password: t,
1707
- skipUserInfo: s = !1,
1708
- extraTokenParams: r = {}
1709
- }) {
1710
- const i = await this._tokenClient.exchangeCredentials({ username: e, password: t, ...r }), n = new G(new URLSearchParams());
1711
- return Object.assign(n, i), await this._validator.validateCredentialsResponse(n, s), n;
1712
- }
1713
- async useRefreshToken({
1714
- state: e,
1715
- timeoutInSeconds: t
1716
- }) {
1717
- var s;
1718
- const r = this._logger.create("useRefreshToken");
1719
- let i;
1720
- if (this.settings.refreshTokenAllowedScope === void 0)
1721
- i = e.scope;
1722
- else {
1723
- const c = this.settings.refreshTokenAllowedScope.split(" ");
1724
- i = (((s = e.scope) == null ? void 0 : s.split(" ")) || []).filter((h) => c.includes(h)).join(" ");
1725
- }
1726
- const n = await this._tokenClient.exchangeRefreshToken({
1727
- refresh_token: e.refresh_token,
1728
- // provide the (possible filtered) scope list
1729
- scope: i,
1730
- timeoutInSeconds: t
1731
- }), o = new G(new URLSearchParams());
1732
- return Object.assign(o, n), r.debug("validating response", o), await this._validator.validateRefreshResponse(o, {
1733
- ...e,
1734
- // overide the scope in the state handed over to the validator
1735
- // so it can set the granted scope to the requested scope in case none is included in the response
1736
- scope: i
1737
- }), o;
1738
- }
1739
- async createSignoutRequest({
1740
- state: e,
1741
- id_token_hint: t,
1742
- request_type: s,
1743
- post_logout_redirect_uri: r = this.settings.post_logout_redirect_uri,
1744
- extraQueryParams: i = this.settings.extraQueryParams
1745
- } = {}) {
1746
- const n = this._logger.create("createSignoutRequest"), o = await this.metadataService.getEndSessionEndpoint();
1747
- if (!o)
1748
- throw n.throw(new Error("No end session endpoint")), null;
1749
- n.debug("Received end session endpoint", o);
1750
- const c = new st({
1751
- url: o,
1752
- id_token_hint: t,
1753
- post_logout_redirect_uri: r,
1754
- state_data: e,
1755
- extraQueryParams: i,
1756
- request_type: s
1757
- });
1758
- await this.clearStaleState();
1759
- const l = c.state;
1760
- return l && (n.debug("Signout request has state to persist"), await this.settings.stateStore.set(l.id, l.toStorageString())), c;
1761
- }
1762
- async readSignoutResponseState(e, t = !1) {
1763
- const s = this._logger.create("readSignoutResponseState"), r = new rt(ee.readParams(e, this.settings.response_mode));
1764
- if (!r.state) {
1765
- if (s.debug("No state in response"), r.error)
1766
- throw s.warn("Response was error:", r.error), new j(r);
1767
- return { state: void 0, response: r };
1768
- }
1769
- const i = await this.settings.stateStore[t ? "remove" : "get"](r.state);
1770
- if (!i)
1771
- throw s.throw(new Error("No matching state found in storage")), null;
1772
- return { state: H.fromStorageString(i), response: r };
1773
- }
1774
- async processSignoutResponse(e) {
1775
- const t = this._logger.create("processSignoutResponse"), { state: s, response: r } = await this.readSignoutResponseState(e, !0);
1776
- return s ? (t.debug("Received state from storage; validating response"), this._validator.validateSignoutResponse(r, s)) : t.debug("No state from storage; skipping response validation"), r;
1777
- }
1778
- clearStaleState() {
1779
- return this._logger.create("clearStaleState"), H.clearStaleState(this.settings.stateStore, this.settings.staleStateAgeInSeconds);
1780
- }
1781
- async revokeToken(e, t) {
1782
- return this._logger.create("revokeToken"), await this._tokenClient.revoke({
1783
- token: e,
1784
- token_type_hint: t
1785
- });
1786
- }
1787
- }, nt = class {
1788
- constructor(e) {
1789
- this._userManager = e, this._logger = new f("SessionMonitor"), this._start = async (t) => {
1790
- const s = t.session_state;
1791
- if (!s)
1792
- return;
1793
- const r = this._logger.create("_start");
1794
- if (t.profile ? (this._sub = t.profile.sub, this._sid = t.profile.sid, r.debug("session_state", s, ", sub", this._sub)) : (this._sub = void 0, this._sid = void 0, r.debug("session_state", s, ", anonymous user")), this._checkSessionIFrame) {
1795
- this._checkSessionIFrame.start(s);
1796
- return;
1797
- }
1798
- try {
1799
- const i = await this._userManager.metadataService.getCheckSessionIframe();
1800
- if (i) {
1801
- r.debug("initializing check session iframe");
1802
- const n = this._userManager.settings.client_id, o = this._userManager.settings.checkSessionIntervalInSeconds, c = this._userManager.settings.stopCheckSessionOnError, l = new Fe(this._callback, n, i, o, c);
1803
- await l.load(), this._checkSessionIFrame = l, l.start(s);
1804
- } else
1805
- r.warn("no check session iframe found in the metadata");
1806
- } catch (i) {
1807
- r.error("Error from getCheckSessionIframe:", i instanceof Error ? i.message : i);
1808
- }
1809
- }, this._stop = () => {
1810
- const t = this._logger.create("_stop");
1811
- if (this._sub = void 0, this._sid = void 0, this._checkSessionIFrame && this._checkSessionIFrame.stop(), this._userManager.settings.monitorAnonymousSession) {
1812
- const s = setInterval(async () => {
1813
- clearInterval(s);
1814
- try {
1815
- const r = await this._userManager.querySessionStatus();
1816
- if (r) {
1817
- const i = {
1818
- session_state: r.session_state,
1819
- profile: r.sub && r.sid ? {
1820
- sub: r.sub,
1821
- sid: r.sid
1822
- } : null
1823
- };
1824
- this._start(i);
1825
- }
1826
- } catch (r) {
1827
- t.error("error from querySessionStatus", r instanceof Error ? r.message : r);
1828
- }
1829
- }, 1e3);
1830
- }
1831
- }, this._callback = async () => {
1832
- const t = this._logger.create("_callback");
1833
- try {
1834
- const s = await this._userManager.querySessionStatus();
1835
- let r = !0;
1836
- s && this._checkSessionIFrame ? s.sub === this._sub ? (r = !1, this._checkSessionIFrame.start(s.session_state), s.sid === this._sid ? t.debug("same sub still logged in at OP, restarting check session iframe; session_state", s.session_state) : (t.debug("same sub still logged in at OP, session state has changed, restarting check session iframe; session_state", s.session_state), this._userManager.events._raiseUserSessionChanged())) : t.debug("different subject signed into OP", s.sub) : t.debug("subject no longer signed into OP"), r ? this._sub ? this._userManager.events._raiseUserSignedOut() : this._userManager.events._raiseUserSignedIn() : t.debug("no change in session detected, no event to raise");
1837
- } catch (s) {
1838
- this._sub && (t.debug("Error calling queryCurrentSigninSession; raising signed out event", s), this._userManager.events._raiseUserSignedOut());
1839
- }
1840
- }, e || this._logger.throw(new Error("No user manager passed")), this._userManager.events.addUserLoaded(this._start), this._userManager.events.addUserUnloaded(this._stop), this._init().catch((t) => {
1841
- this._logger.error(t);
1842
- });
1843
- }
1844
- async _init() {
1845
- this._logger.create("_init");
1846
- const e = await this._userManager.getUser();
1847
- if (e)
1848
- this._start(e);
1849
- else if (this._userManager.settings.monitorAnonymousSession) {
1850
- const t = await this._userManager.querySessionStatus();
1851
- if (t) {
1852
- const s = {
1853
- session_state: t.session_state,
1854
- profile: t.sub && t.sid ? {
1855
- sub: t.sub,
1856
- sid: t.sid
1857
- } : null
1858
- };
1859
- this._start(s);
1860
- }
1861
- }
1862
- }
1863
- }, L = class {
1864
- constructor(e) {
1865
- var t;
1866
- this.id_token = e.id_token, this.session_state = (t = e.session_state) != null ? t : null, this.access_token = e.access_token, this.refresh_token = e.refresh_token, this.token_type = e.token_type, this.scope = e.scope, this.profile = e.profile, this.expires_at = e.expires_at, this.state = e.userState;
1867
- }
1868
- /** Computed number of seconds the access token has remaining. */
1869
- get expires_in() {
1870
- if (this.expires_at !== void 0)
1871
- return this.expires_at - T.getEpochTime();
1872
- }
1873
- set expires_in(e) {
1874
- e !== void 0 && (this.expires_at = Math.floor(e) + T.getEpochTime());
1875
- }
1876
- /** Computed value indicating if the access token is expired. */
1877
- get expired() {
1878
- const e = this.expires_in;
1879
- if (e !== void 0)
1880
- return e <= 0;
1881
- }
1882
- /** Array representing the parsed values from the `scope`. */
1883
- get scopes() {
1884
- var e, t;
1885
- return (t = (e = this.scope) == null ? void 0 : e.split(" ")) != null ? t : [];
1886
- }
1887
- toStorageString() {
1888
- return new f("User").create("toStorageString"), JSON.stringify({
1889
- id_token: this.id_token,
1890
- session_state: this.session_state,
1891
- access_token: this.access_token,
1892
- refresh_token: this.refresh_token,
1893
- token_type: this.token_type,
1894
- scope: this.scope,
1895
- profile: this.profile,
1896
- expires_at: this.expires_at
1897
- });
1898
- }
1899
- static fromStorageString(e) {
1900
- return f.createStatic("User", "fromStorageString"), new L(JSON.parse(e));
1901
- }
1902
- }, de = "oidc-client", Se = class {
1903
- constructor() {
1904
- this._abort = new O("Window navigation aborted"), this._disposeHandlers = /* @__PURE__ */ new Set(), this._window = null;
1905
- }
1906
- async navigate(e) {
1907
- const t = this._logger.create("navigate");
1908
- if (!this._window)
1909
- throw new Error("Attempted to navigate on a disposed window");
1910
- t.debug("setting URL in window"), this._window.location.replace(e.url);
1911
- const { url: s, keepOpen: r } = await new Promise((i, n) => {
1912
- const o = (c) => {
1913
- var l;
1914
- const h = c.data, g = (l = e.scriptOrigin) != null ? l : window.location.origin;
1915
- if (!(c.origin !== g || (h == null ? void 0 : h.source) !== de)) {
1916
- try {
1917
- const u = ee.readParams(h.url, e.response_mode).get("state");
1918
- if (u || t.warn("no state found in response url"), c.source !== this._window && u !== e.state)
1919
- return;
1920
- } catch {
1921
- this._dispose(), n(new Error("Invalid response from window"));
1922
- }
1923
- i(h);
1924
- }
1925
- };
1926
- window.addEventListener("message", o, !1), this._disposeHandlers.add(() => window.removeEventListener("message", o, !1)), this._disposeHandlers.add(this._abort.addHandler((c) => {
1927
- this._dispose(), n(c);
1928
- }));
1929
- });
1930
- return t.debug("got response from window"), this._dispose(), r || this.close(), { url: s };
1931
- }
1932
- _dispose() {
1933
- this._logger.create("_dispose");
1934
- for (const e of this._disposeHandlers)
1935
- e();
1936
- this._disposeHandlers.clear();
1937
- }
1938
- static _notifyParent(e, t, s = !1, r = window.location.origin) {
1939
- e.postMessage({
1940
- source: de,
1941
- url: t,
1942
- keepOpen: s
1943
- }, r);
1944
- }
1945
- }, ye = {
1946
- location: !1,
1947
- toolbar: !1,
1948
- height: 640
1949
- }, be = "_blank", ot = 60, at = 2, ke = 10, ct = class extends me {
1950
- constructor(e) {
1951
- const {
1952
- popup_redirect_uri: t = e.redirect_uri,
1953
- popup_post_logout_redirect_uri: s = e.post_logout_redirect_uri,
1954
- popupWindowFeatures: r = ye,
1955
- popupWindowTarget: i = be,
1956
- redirectMethod: n = "assign",
1957
- redirectTarget: o = "self",
1958
- iframeNotifyParentOrigin: c = e.iframeNotifyParentOrigin,
1959
- iframeScriptOrigin: l = e.iframeScriptOrigin,
1960
- silent_redirect_uri: h = e.redirect_uri,
1961
- silentRequestTimeoutInSeconds: g = ke,
1962
- automaticSilentRenew: u = !0,
1963
- validateSubOnSilentRenew: S = !0,
1964
- includeIdTokenInSilentRenew: w = !1,
1965
- monitorSession: k = !1,
1966
- monitorAnonymousSession: _ = !1,
1967
- checkSessionIntervalInSeconds: v = at,
1968
- query_status_response_type: y = "code",
1969
- stopCheckSessionOnError: a = !0,
1970
- revokeTokenTypes: d = ["access_token", "refresh_token"],
1971
- revokeTokensOnSignout: p = !1,
1972
- includeIdTokenInSilentSignout: m = !1,
1973
- accessTokenExpiringNotificationTimeInSeconds: b = ot,
1974
- userStore: E
1975
- } = e;
1976
- if (super(e), this.popup_redirect_uri = t, this.popup_post_logout_redirect_uri = s, this.popupWindowFeatures = r, this.popupWindowTarget = i, this.redirectMethod = n, this.redirectTarget = o, this.iframeNotifyParentOrigin = c, this.iframeScriptOrigin = l, this.silent_redirect_uri = h, this.silentRequestTimeoutInSeconds = g, this.automaticSilentRenew = u, this.validateSubOnSilentRenew = S, this.includeIdTokenInSilentRenew = w, this.monitorSession = k, this.monitorAnonymousSession = _, this.checkSessionIntervalInSeconds = v, this.stopCheckSessionOnError = a, this.query_status_response_type = y, this.revokeTokenTypes = d, this.revokeTokensOnSignout = p, this.includeIdTokenInSilentSignout = m, this.accessTokenExpiringNotificationTimeInSeconds = b, E)
1977
- this.userStore = E;
1978
- else {
1979
- const C = typeof window < "u" ? window.sessionStorage : new fe();
1980
- this.userStore = new we({ store: C });
1981
- }
1982
- }
1983
- }, te = class extends Se {
1984
- constructor({
1985
- silentRequestTimeoutInSeconds: e = ke
1986
- }) {
1987
- super(), this._logger = new f("IFrameWindow"), this._timeoutInSeconds = e, this._frame = te.createHiddenIframe(), this._window = this._frame.contentWindow;
1988
- }
1989
- static createHiddenIframe() {
1990
- const e = window.document.createElement("iframe");
1991
- return e.style.visibility = "hidden", e.style.position = "fixed", e.style.left = "-1000px", e.style.top = "0", e.width = "0", e.height = "0", e.setAttribute("sandbox", "allow-scripts allow-same-origin allow-forms"), window.document.body.appendChild(e), e;
1992
- }
1993
- async navigate(e) {
1994
- this._logger.debug("navigate: Using timeout of:", this._timeoutInSeconds);
1995
- const t = setTimeout(() => this._abort.raise(new re("IFrame timed out without a response")), this._timeoutInSeconds * 1e3);
1996
- return this._disposeHandlers.add(() => clearTimeout(t)), await super.navigate(e);
1997
- }
1998
- close() {
1999
- var e;
2000
- this._frame && (this._frame.parentNode && (this._frame.addEventListener("load", (t) => {
2001
- var s;
2002
- const r = t.target;
2003
- (s = r.parentNode) == null || s.removeChild(r), this._abort.raise(new Error("IFrame removed from DOM"));
2004
- }, !0), (e = this._frame.contentWindow) == null || e.location.replace("about:blank")), this._frame = null), this._window = null;
2005
- }
2006
- static notifyParent(e, t) {
2007
- return super._notifyParent(window.parent, e, !1, t);
2008
- }
2009
- }, lt = class {
2010
- constructor(e) {
2011
- this._settings = e, this._logger = new f("IFrameNavigator");
2012
- }
2013
- async prepare({
2014
- silentRequestTimeoutInSeconds: e = this._settings.silentRequestTimeoutInSeconds
2015
- }) {
2016
- return new te({ silentRequestTimeoutInSeconds: e });
2017
- }
2018
- async callback(e) {
2019
- this._logger.create("callback"), te.notifyParent(e, this._settings.iframeNotifyParentOrigin);
2020
- }
2021
- }, dt = 500, he = class extends Se {
2022
- constructor({
2023
- popupWindowTarget: e = be,
2024
- popupWindowFeatures: t = {}
2025
- }) {
2026
- super(), this._logger = new f("PopupWindow");
2027
- const s = le.center({ ...ye, ...t });
2028
- this._window = window.open(void 0, e, le.serialize(s));
2029
- }
2030
- async navigate(e) {
2031
- var t;
2032
- (t = this._window) == null || t.focus();
2033
- const s = setInterval(() => {
2034
- (!this._window || this._window.closed) && this._abort.raise(new Error("Popup closed by user"));
2035
- }, dt);
2036
- return this._disposeHandlers.add(() => clearInterval(s)), await super.navigate(e);
2037
- }
2038
- close() {
2039
- this._window && (this._window.closed || (this._window.close(), this._abort.raise(new Error("Popup closed")))), this._window = null;
2040
- }
2041
- static notifyOpener(e, t) {
2042
- if (!window.opener)
2043
- throw new Error("No window.opener. Can't complete notification.");
2044
- return super._notifyParent(window.opener, e, t);
2045
- }
2046
- }, ht = class {
2047
- constructor(e) {
2048
- this._settings = e, this._logger = new f("PopupNavigator");
2049
- }
2050
- async prepare({
2051
- popupWindowFeatures: e = this._settings.popupWindowFeatures,
2052
- popupWindowTarget: t = this._settings.popupWindowTarget
2053
- }) {
2054
- return new he({ popupWindowFeatures: e, popupWindowTarget: t });
2055
- }
2056
- async callback(e, t = !1) {
2057
- this._logger.create("callback"), he.notifyOpener(e, t);
2058
- }
2059
- }, ut = class {
2060
- constructor(e) {
2061
- this._settings = e, this._logger = new f("RedirectNavigator");
2062
- }
2063
- async prepare({
2064
- redirectMethod: e = this._settings.redirectMethod,
2065
- redirectTarget: t = this._settings.redirectTarget
2066
- }) {
2067
- var s;
2068
- this._logger.create("prepare");
2069
- let r = window.self;
2070
- t === "top" && (r = (s = window.top) != null ? s : window.self);
2071
- const i = r.location[e].bind(r.location);
2072
- let n;
2073
- return {
2074
- navigate: async (o) => {
2075
- this._logger.create("navigate");
2076
- const c = new Promise((l, h) => {
2077
- n = h;
2078
- });
2079
- return i(o.url), await c;
2080
- },
2081
- close: () => {
2082
- this._logger.create("close"), n == null || n(new Error("Redirect aborted")), r.stop();
2083
- }
2084
- };
2085
- }
2086
- }, gt = class extends Le {
2087
- constructor(e) {
2088
- super({ expiringNotificationTimeInSeconds: e.accessTokenExpiringNotificationTimeInSeconds }), this._logger = new f("UserManagerEvents"), this._userLoaded = new O("User loaded"), this._userUnloaded = new O("User unloaded"), this._silentRenewError = new O("Silent renew error"), this._userSignedIn = new O("User signed in"), this._userSignedOut = new O("User signed out"), this._userSessionChanged = new O("User session changed");
2089
- }
2090
- load(e, t = !0) {
2091
- super.load(e), t && this._userLoaded.raise(e);
2092
- }
2093
- unload() {
2094
- super.unload(), this._userUnloaded.raise();
2095
- }
2096
- /**
2097
- * Add callback: Raised when a user session has been established (or re-established).
2098
- */
2099
- addUserLoaded(e) {
2100
- return this._userLoaded.addHandler(e);
2101
- }
2102
- /**
2103
- * Remove callback: Raised when a user session has been established (or re-established).
2104
- */
2105
- removeUserLoaded(e) {
2106
- return this._userLoaded.removeHandler(e);
2107
- }
2108
- /**
2109
- * Add callback: Raised when a user session has been terminated.
2110
- */
2111
- addUserUnloaded(e) {
2112
- return this._userUnloaded.addHandler(e);
2113
- }
2114
- /**
2115
- * Remove callback: Raised when a user session has been terminated.
2116
- */
2117
- removeUserUnloaded(e) {
2118
- return this._userUnloaded.removeHandler(e);
2119
- }
2120
- /**
2121
- * Add callback: Raised when the automatic silent renew has failed.
2122
- */
2123
- addSilentRenewError(e) {
2124
- return this._silentRenewError.addHandler(e);
2125
- }
2126
- /**
2127
- * Remove callback: Raised when the automatic silent renew has failed.
2128
- */
2129
- removeSilentRenewError(e) {
2130
- return this._silentRenewError.removeHandler(e);
2131
- }
2132
- /**
2133
- * @internal
2134
- */
2135
- _raiseSilentRenewError(e) {
2136
- this._silentRenewError.raise(e);
2137
- }
2138
- /**
2139
- * Add callback: Raised when the user is signed in (when `monitorSession` is set).
2140
- * @see {@link UserManagerSettings.monitorSession}
2141
- */
2142
- addUserSignedIn(e) {
2143
- return this._userSignedIn.addHandler(e);
2144
- }
2145
- /**
2146
- * Remove callback: Raised when the user is signed in (when `monitorSession` is set).
2147
- */
2148
- removeUserSignedIn(e) {
2149
- this._userSignedIn.removeHandler(e);
2150
- }
2151
- /**
2152
- * @internal
2153
- */
2154
- _raiseUserSignedIn() {
2155
- this._userSignedIn.raise();
2156
- }
2157
- /**
2158
- * Add callback: Raised when the user's sign-in status at the OP has changed (when `monitorSession` is set).
2159
- * @see {@link UserManagerSettings.monitorSession}
2160
- */
2161
- addUserSignedOut(e) {
2162
- return this._userSignedOut.addHandler(e);
2163
- }
2164
- /**
2165
- * Remove callback: Raised when the user's sign-in status at the OP has changed (when `monitorSession` is set).
2166
- */
2167
- removeUserSignedOut(e) {
2168
- this._userSignedOut.removeHandler(e);
2169
- }
2170
- /**
2171
- * @internal
2172
- */
2173
- _raiseUserSignedOut() {
2174
- this._userSignedOut.raise();
2175
- }
2176
- /**
2177
- * Add callback: Raised when the user session changed (when `monitorSession` is set).
2178
- * @see {@link UserManagerSettings.monitorSession}
2179
- */
2180
- addUserSessionChanged(e) {
2181
- return this._userSessionChanged.addHandler(e);
2182
- }
2183
- /**
2184
- * Remove callback: Raised when the user session changed (when `monitorSession` is set).
2185
- */
2186
- removeUserSessionChanged(e) {
2187
- this._userSessionChanged.removeHandler(e);
2188
- }
2189
- /**
2190
- * @internal
2191
- */
2192
- _raiseUserSessionChanged() {
2193
- this._userSessionChanged.raise();
2194
- }
2195
- }, _t = class {
2196
- constructor(e) {
2197
- this._userManager = e, this._logger = new f("SilentRenewService"), this._isStarted = !1, this._retryTimer = new T("Retry Silent Renew"), this._tokenExpiring = async () => {
2198
- const t = this._logger.create("_tokenExpiring");
2199
- try {
2200
- await this._userManager.signinSilent(), t.debug("silent token renewal successful");
2201
- } catch (s) {
2202
- if (s instanceof re) {
2203
- t.warn("ErrorTimeout from signinSilent:", s, "retry in 5s"), this._retryTimer.init(5);
2204
- return;
2205
- }
2206
- t.error("Error from signinSilent:", s), this._userManager.events._raiseSilentRenewError(s);
2207
- }
2208
- };
2209
- }
2210
- async start() {
2211
- const e = this._logger.create("start");
2212
- if (!this._isStarted) {
2213
- this._isStarted = !0, this._userManager.events.addAccessTokenExpiring(this._tokenExpiring), this._retryTimer.addHandler(this._tokenExpiring);
2214
- try {
2215
- await this._userManager.getUser();
2216
- } catch (t) {
2217
- e.error("getUser error", t);
2218
- }
2219
- }
2220
- }
2221
- stop() {
2222
- this._isStarted && (this._retryTimer.cancel(), this._retryTimer.removeHandler(this._tokenExpiring), this._userManager.events.removeAccessTokenExpiring(this._tokenExpiring), this._isStarted = !1);
2223
- }
2224
- }, pt = class {
2225
- constructor(e) {
2226
- this.refresh_token = e.refresh_token, this.id_token = e.id_token, this.session_state = e.session_state, this.scope = e.scope, this.profile = e.profile, this.data = e.state;
2227
- }
2228
- }, Ct = class {
2229
- constructor(e) {
2230
- this._logger = new f("UserManager"), this.settings = new ct(e), this._client = new it(e), this._redirectNavigator = new ut(this.settings), this._popupNavigator = new ht(this.settings), this._iframeNavigator = new lt(this.settings), this._events = new gt(this.settings), this._silentRenewService = new _t(this), this.settings.automaticSilentRenew && this.startSilentRenew(), this._sessionMonitor = null, this.settings.monitorSession && (this._sessionMonitor = new nt(this));
2231
- }
2232
- /** Returns an object used to register for events raised by the `UserManager`. */
2233
- get events() {
2234
- return this._events;
2235
- }
2236
- /** Returns an object used to access the metadata configuration of the OIDC provider. */
2237
- get metadataService() {
2238
- return this._client.metadataService;
2239
- }
2240
- /**
2241
- * Returns promise to load the `User` object for the currently authenticated user.
2242
- */
2243
- async getUser() {
2244
- const e = this._logger.create("getUser"), t = await this._loadUser();
2245
- return t ? (e.info("user loaded"), this._events.load(t, !1), t) : (e.info("user not found in storage"), null);
2246
- }
2247
- /**
2248
- * Returns promise to remove from any storage the currently authenticated user.
2249
- */
2250
- async removeUser() {
2251
- const e = this._logger.create("removeUser");
2252
- await this.storeUser(null), e.info("user removed from storage"), this._events.unload();
2253
- }
2254
- /**
2255
- * Returns promise to trigger a redirect of the current window to the authorization endpoint.
2256
- */
2257
- async signinRedirect(e = {}) {
2258
- this._logger.create("signinRedirect");
2259
- const {
2260
- redirectMethod: t,
2261
- ...s
2262
- } = e, r = await this._redirectNavigator.prepare({ redirectMethod: t });
2263
- await this._signinStart({
2264
- request_type: "si:r",
2265
- ...s
2266
- }, r);
2267
- }
2268
- /**
2269
- * Returns promise to process response from the authorization endpoint. The result of the promise is the authenticated `User`.
2270
- */
2271
- async signinRedirectCallback(e = window.location.href) {
2272
- const t = this._logger.create("signinRedirectCallback"), s = await this._signinEnd(e);
2273
- return s.profile && s.profile.sub ? t.info("success, signed in subject", s.profile.sub) : t.info("no subject"), s;
2274
- }
2275
- /**
2276
- * Returns promise to process the signin with user/password. The result of the promise is the authenticated `User`.
2277
- *
2278
- * Throws an ErrorResponse in case of wrong authentication.
2279
- */
2280
- async signinResourceOwnerCredentials({
2281
- username: e,
2282
- password: t,
2283
- skipUserInfo: s = !1
2284
- }) {
2285
- const r = this._logger.create("signinResourceOwnerCredential"), i = await this._client.processResourceOwnerPasswordCredentials({ username: e, password: t, skipUserInfo: s, extraTokenParams: this.settings.extraTokenParams });
2286
- r.debug("got signin response");
2287
- const n = await this._buildUser(i);
2288
- return n.profile && n.profile.sub ? r.info("success, signed in subject", n.profile.sub) : r.info("no subject"), n;
2289
- }
2290
- /**
2291
- * Returns promise to trigger a request (via a popup window) to the authorization endpoint. The result of the promise is the authenticated `User`.
2292
- */
2293
- async signinPopup(e = {}) {
2294
- const t = this._logger.create("signinPopup"), {
2295
- popupWindowFeatures: s,
2296
- popupWindowTarget: r,
2297
- ...i
2298
- } = e, n = this.settings.popup_redirect_uri;
2299
- n || t.throw(new Error("No popup_redirect_uri configured"));
2300
- const o = await this._popupNavigator.prepare({ popupWindowFeatures: s, popupWindowTarget: r }), c = await this._signin({
2301
- request_type: "si:p",
2302
- redirect_uri: n,
2303
- display: "popup",
2304
- ...i
2305
- }, o);
2306
- return c && (c.profile && c.profile.sub ? t.info("success, signed in subject", c.profile.sub) : t.info("no subject")), c;
2307
- }
2308
- /**
2309
- * Returns promise to notify the opening window of response from the authorization endpoint.
2310
- */
2311
- async signinPopupCallback(e = window.location.href, t = !1) {
2312
- const s = this._logger.create("signinPopupCallback");
2313
- await this._popupNavigator.callback(e, t), s.info("success");
2314
- }
2315
- /**
2316
- * Returns promise to trigger a silent request (via an iframe) to the authorization endpoint.
2317
- * The result of the promise is the authenticated `User`.
2318
- */
2319
- async signinSilent(e = {}) {
2320
- var t;
2321
- const s = this._logger.create("signinSilent"), {
2322
- silentRequestTimeoutInSeconds: r,
2323
- ...i
2324
- } = e;
2325
- let n = await this._loadUser();
2326
- if (n != null && n.refresh_token) {
2327
- s.debug("using refresh token");
2328
- const h = new pt(n);
2329
- return await this._useRefreshToken(h);
2330
- }
2331
- const o = this.settings.silent_redirect_uri;
2332
- o || s.throw(new Error("No silent_redirect_uri configured"));
2333
- let c;
2334
- n && this.settings.validateSubOnSilentRenew && (s.debug("subject prior to silent renew:", n.profile.sub), c = n.profile.sub);
2335
- const l = await this._iframeNavigator.prepare({ silentRequestTimeoutInSeconds: r });
2336
- return n = await this._signin({
2337
- request_type: "si:s",
2338
- redirect_uri: o,
2339
- prompt: "none",
2340
- id_token_hint: this.settings.includeIdTokenInSilentRenew ? n == null ? void 0 : n.id_token : void 0,
2341
- ...i
2342
- }, l, c), n && ((t = n.profile) != null && t.sub ? s.info("success, signed in subject", n.profile.sub) : s.info("no subject")), n;
2343
- }
2344
- async _useRefreshToken(e) {
2345
- const t = await this._client.useRefreshToken({
2346
- state: e,
2347
- timeoutInSeconds: this.settings.silentRequestTimeoutInSeconds
2348
- }), s = new L({ ...e, ...t });
2349
- return await this.storeUser(s), this._events.load(s), s;
2350
- }
2351
- /**
2352
- * Returns promise to notify the parent window of response from the authorization endpoint.
2353
- */
2354
- async signinSilentCallback(e = window.location.href) {
2355
- const t = this._logger.create("signinSilentCallback");
2356
- await this._iframeNavigator.callback(e), t.info("success");
2357
- }
2358
- async signinCallback(e = window.location.href) {
2359
- const { state: t } = await this._client.readSigninResponseState(e);
2360
- switch (t.request_type) {
2361
- case "si:r":
2362
- return await this.signinRedirectCallback(e);
2363
- case "si:p":
2364
- return await this.signinPopupCallback(e);
2365
- case "si:s":
2366
- return await this.signinSilentCallback(e);
2367
- default:
2368
- throw new Error("invalid response_type in state");
2369
- }
2370
- }
2371
- async signoutCallback(e = window.location.href, t = !1) {
2372
- const { state: s } = await this._client.readSignoutResponseState(e);
2373
- if (s)
2374
- switch (s.request_type) {
2375
- case "so:r":
2376
- await this.signoutRedirectCallback(e);
2377
- break;
2378
- case "so:p":
2379
- await this.signoutPopupCallback(e, t);
2380
- break;
2381
- case "so:s":
2382
- await this.signoutSilentCallback(e);
2383
- break;
2384
- default:
2385
- throw new Error("invalid response_type in state");
2386
- }
2387
- }
2388
- /**
2389
- * Returns promise to query OP for user's current signin status. Returns object with session_state and subject identifier.
2390
- */
2391
- async querySessionStatus(e = {}) {
2392
- const t = this._logger.create("querySessionStatus"), {
2393
- silentRequestTimeoutInSeconds: s,
2394
- ...r
2395
- } = e, i = this.settings.silent_redirect_uri;
2396
- i || t.throw(new Error("No silent_redirect_uri configured"));
2397
- const n = await this._loadUser(), o = await this._iframeNavigator.prepare({ silentRequestTimeoutInSeconds: s }), c = await this._signinStart({
2398
- request_type: "si:s",
2399
- // this acts like a signin silent
2400
- redirect_uri: i,
2401
- prompt: "none",
2402
- id_token_hint: this.settings.includeIdTokenInSilentRenew ? n == null ? void 0 : n.id_token : void 0,
2403
- response_type: this.settings.query_status_response_type,
2404
- scope: "openid",
2405
- skipUserInfo: !0,
2406
- ...r
2407
- }, o);
2408
- try {
2409
- const l = await this._client.processSigninResponse(c.url);
2410
- return t.debug("got signin response"), l.session_state && l.profile.sub ? (t.info("success for subject", l.profile.sub), {
2411
- session_state: l.session_state,
2412
- sub: l.profile.sub,
2413
- sid: l.profile.sid
2414
- }) : (t.info("success, user not authenticated"), null);
2415
- } catch (l) {
2416
- if (this.settings.monitorAnonymousSession && l instanceof j)
2417
- switch (l.error) {
2418
- case "login_required":
2419
- case "consent_required":
2420
- case "interaction_required":
2421
- case "account_selection_required":
2422
- return t.info("success for anonymous user"), {
2423
- // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
2424
- session_state: l.session_state
2425
- };
2426
- }
2427
- throw l;
2428
- }
2429
- }
2430
- async _signin(e, t, s) {
2431
- const r = await this._signinStart(e, t);
2432
- return await this._signinEnd(r.url, s);
2433
- }
2434
- async _signinStart(e, t) {
2435
- const s = this._logger.create("_signinStart");
2436
- try {
2437
- const r = await this._client.createSigninRequest(e);
2438
- return s.debug("got signin request"), await t.navigate({
2439
- url: r.url,
2440
- state: r.state.id,
2441
- response_mode: r.state.response_mode,
2442
- scriptOrigin: this.settings.iframeScriptOrigin
2443
- });
2444
- } catch (r) {
2445
- throw s.debug("error after preparing navigator, closing navigator window"), t.close(), r;
2446
- }
2447
- }
2448
- async _signinEnd(e, t) {
2449
- const s = this._logger.create("_signinEnd"), r = await this._client.processSigninResponse(e);
2450
- return s.debug("got signin response"), await this._buildUser(r, t);
2451
- }
2452
- async _buildUser(e, t) {
2453
- const s = this._logger.create("_buildUser"), r = new L(e);
2454
- if (t) {
2455
- if (t !== r.profile.sub)
2456
- throw s.debug("current user does not match user returned from signin. sub from signin:", r.profile.sub), new j({ ...e, error: "login_required" });
2457
- s.debug("current user matches user returned from signin");
2458
- }
2459
- return await this.storeUser(r), s.debug("user stored"), this._events.load(r), r;
2460
- }
2461
- /**
2462
- * Returns promise to trigger a redirect of the current window to the end session endpoint.
2463
- */
2464
- async signoutRedirect(e = {}) {
2465
- const t = this._logger.create("signoutRedirect"), {
2466
- redirectMethod: s,
2467
- ...r
2468
- } = e, i = await this._redirectNavigator.prepare({ redirectMethod: s });
2469
- await this._signoutStart({
2470
- request_type: "so:r",
2471
- post_logout_redirect_uri: this.settings.post_logout_redirect_uri,
2472
- ...r
2473
- }, i), t.info("success");
2474
- }
2475
- /**
2476
- * Returns promise to process response from the end session endpoint.
2477
- */
2478
- async signoutRedirectCallback(e = window.location.href) {
2479
- const t = this._logger.create("signoutRedirectCallback"), s = await this._signoutEnd(e);
2480
- return t.info("success"), s;
2481
- }
2482
- /**
2483
- * Returns promise to trigger a redirect of a popup window window to the end session endpoint.
2484
- */
2485
- async signoutPopup(e = {}) {
2486
- const t = this._logger.create("signoutPopup"), {
2487
- popupWindowFeatures: s,
2488
- popupWindowTarget: r,
2489
- ...i
2490
- } = e, n = this.settings.popup_post_logout_redirect_uri, o = await this._popupNavigator.prepare({ popupWindowFeatures: s, popupWindowTarget: r });
2491
- await this._signout({
2492
- request_type: "so:p",
2493
- post_logout_redirect_uri: n,
2494
- // we're putting a dummy entry in here because we
2495
- // need a unique id from the state for notification
2496
- // to the parent window, which is necessary if we
2497
- // plan to return back to the client after signout
2498
- // and so we can close the popup after signout
2499
- state: n == null ? void 0 : {},
2500
- ...i
2501
- }, o), t.info("success");
2502
- }
2503
- /**
2504
- * Returns promise to process response from the end session endpoint from a popup window.
2505
- */
2506
- async signoutPopupCallback(e = window.location.href, t = !1) {
2507
- const s = this._logger.create("signoutPopupCallback");
2508
- await this._popupNavigator.callback(e, t), s.info("success");
2509
- }
2510
- async _signout(e, t) {
2511
- const s = await this._signoutStart(e, t);
2512
- return await this._signoutEnd(s.url);
2513
- }
2514
- async _signoutStart(e = {}, t) {
2515
- var s;
2516
- const r = this._logger.create("_signoutStart");
2517
- try {
2518
- const i = await this._loadUser();
2519
- r.debug("loaded current user from storage"), this.settings.revokeTokensOnSignout && await this._revokeInternal(i);
2520
- const n = e.id_token_hint || i && i.id_token;
2521
- n && (r.debug("setting id_token_hint in signout request"), e.id_token_hint = n), await this.removeUser(), r.debug("user removed, creating signout request");
2522
- const o = await this._client.createSignoutRequest(e);
2523
- return r.debug("got signout request"), await t.navigate({
2524
- url: o.url,
2525
- state: (s = o.state) == null ? void 0 : s.id
2526
- });
2527
- } catch (i) {
2528
- throw r.debug("error after preparing navigator, closing navigator window"), t.close(), i;
2529
- }
2530
- }
2531
- async _signoutEnd(e) {
2532
- const t = this._logger.create("_signoutEnd"), s = await this._client.processSignoutResponse(e);
2533
- return t.debug("got signout response"), s;
2534
- }
2535
- /**
2536
- * Returns promise to trigger a silent request (via an iframe) to the end session endpoint.
2537
- */
2538
- async signoutSilent(e = {}) {
2539
- var t;
2540
- const s = this._logger.create("signoutSilent"), {
2541
- silentRequestTimeoutInSeconds: r,
2542
- ...i
2543
- } = e, n = this.settings.includeIdTokenInSilentSignout ? (t = await this._loadUser()) == null ? void 0 : t.id_token : void 0, o = this.settings.popup_post_logout_redirect_uri, c = await this._iframeNavigator.prepare({ silentRequestTimeoutInSeconds: r });
2544
- await this._signout({
2545
- request_type: "so:s",
2546
- post_logout_redirect_uri: o,
2547
- id_token_hint: n,
2548
- ...i
2549
- }, c), s.info("success");
2550
- }
2551
- /**
2552
- * Returns promise to notify the parent window of response from the end session endpoint.
2553
- */
2554
- async signoutSilentCallback(e = window.location.href) {
2555
- const t = this._logger.create("signoutSilentCallback");
2556
- await this._iframeNavigator.callback(e), t.info("success");
2557
- }
2558
- async revokeTokens(e) {
2559
- const t = await this._loadUser();
2560
- await this._revokeInternal(t, e);
2561
- }
2562
- async _revokeInternal(e, t = this.settings.revokeTokenTypes) {
2563
- const s = this._logger.create("_revokeInternal");
2564
- if (!e)
2565
- return;
2566
- const r = t.filter((i) => typeof e[i] == "string");
2567
- if (!r.length) {
2568
- s.debug("no need to revoke due to no token(s)");
2569
- return;
2570
- }
2571
- for (const i of r)
2572
- await this._client.revokeToken(
2573
- e[i],
2574
- // eslint-disable-line @typescript-eslint/no-non-null-assertion
2575
- i
2576
- ), s.info(`${i} revoked successfully`), i !== "access_token" && (e[i] = null);
2577
- await this.storeUser(e), s.debug("user stored"), this._events.load(e);
2578
- }
2579
- /**
2580
- * Enables silent renew for the `UserManager`.
2581
- */
2582
- startSilentRenew() {
2583
- this._logger.create("startSilentRenew"), this._silentRenewService.start();
2584
- }
2585
- /**
2586
- * Disables silent renew for the `UserManager`.
2587
- */
2588
- stopSilentRenew() {
2589
- this._silentRenewService.stop();
2590
- }
2591
- get _userStoreKey() {
2592
- return `user:${this.settings.authority}:${this.settings.client_id}`;
2593
- }
2594
- async _loadUser() {
2595
- const e = this._logger.create("_loadUser"), t = await this.settings.userStore.get(this._userStoreKey);
2596
- return t ? (e.debug("user storageString loaded"), L.fromStorageString(t)) : (e.debug("no user storageString"), null);
2597
- }
2598
- async storeUser(e) {
2599
- const t = this._logger.create("storeUser");
2600
- if (e) {
2601
- t.debug("storing user");
2602
- const s = e.toStorageString();
2603
- await this.settings.userStore.set(this._userStoreKey, s);
2604
- } else
2605
- this._logger.debug("removing user"), await this.settings.userStore.remove(this._userStoreKey);
2606
- }
2607
- /**
2608
- * Removes stale state entries in storage for incomplete authorize requests.
2609
- */
2610
- async clearStaleState() {
2611
- await this._client.clearStaleState();
2612
- }
2613
- }, ft = "2.2.2", xt = ft;
2614
- const Ee = ue(
1
+ import { jsx as C } from "react/jsx-runtime";
2
+ import { createContext as S, useContext as p, useMemo as x, useEffect as d, useState as I, useRef as v, useCallback as h } from "react";
3
+ export * from "oidc-client-ts";
4
+ import U from "use-local-storage-state";
5
+ import { jwtDecode as E } from "jwt-decode";
6
+ const w = S(
2615
7
  null
2616
- ), wt = () => {
2617
- const e = ge(Ee);
8
+ ), k = () => {
9
+ const e = p(w);
2618
10
  if (!e)
2619
11
  throw new Error(
2620
12
  "useImpersonationContext must be used within a ImpersonationContextProvider"
2621
13
  );
2622
14
  return e;
2623
- }, Rt = ({
15
+ }, O = ({
2624
16
  children: e
2625
17
  }) => {
2626
- const [t, s] = Re("impersonationState", {
18
+ const [t, c] = U("impersonationState", {
2627
19
  defaultValue: {}
2628
- }), r = _e(() => ({
20
+ }), s = x(() => ({
2629
21
  accessToken: t == null ? void 0 : t.accessToken,
2630
22
  userInfo: t == null ? void 0 : t.userInfo,
2631
- setImpersonation: (i, n) => {
2632
- s({ accessToken: i, userInfo: n });
23
+ setImpersonation: (n, o) => {
24
+ c({ accessToken: n, userInfo: o });
2633
25
  }
2634
26
  }), []);
2635
- return /* @__PURE__ */ se(Ee.Provider, { value: r, children: e });
2636
- }, mt = (e) => {
2637
- const s = e.split(".")[1].replace(/-/g, "+").replace(/_/g, "/"), r = atob(s);
2638
- return JSON.parse(r);
2639
- }, Tt = (e) => {
2640
- const { setImpersonation: t } = wt();
2641
- F(() => {
2642
- const { search: s } = window.location, r = new URLSearchParams(s).get(
27
+ return /* @__PURE__ */ C(w.Provider, { value: s, children: e });
28
+ }, F = (e) => {
29
+ const { setImpersonation: t } = k();
30
+ d(() => {
31
+ const { search: c } = window.location, s = new URLSearchParams(c).get(
2643
32
  "impersonateAccessToken"
2644
33
  );
2645
- if (r && t) {
2646
- const i = mt(r);
2647
- t(r, i), e();
34
+ if (s && t) {
35
+ const n = E(s);
36
+ t(s, n), e();
2648
37
  }
2649
38
  }, []);
2650
39
  };
2651
- function It(e) {
2652
- return JSON.parse(e).map((r) => {
40
+ function j(e) {
41
+ return JSON.parse(e).map((s) => {
2653
42
  const [
2654
- i,
2655
43
  n,
2656
44
  o,
2657
- c,
2658
- l
2659
- ] = r.split("|"), h = c.split(",");
45
+ a,
46
+ i,
47
+ m
48
+ ] = s.split("|"), r = i.split(",");
2660
49
  return {
2661
- CustomerExternalId: i,
2662
- CustomerFirmId: n,
2663
- CustomerFirmName: o,
2664
- CustomerUserRoles: h,
2665
- CustomerUserIsAdmin: l === "True"
50
+ CustomerExternalId: n,
51
+ CustomerFirmId: o,
52
+ CustomerFirmName: a,
53
+ CustomerUserRoles: r,
54
+ CustomerUserIsAdmin: m === "True"
2666
55
  };
2667
56
  });
2668
57
  }
2669
- const Ut = [
58
+ const z = [
2670
59
  "97",
2671
60
  "131",
2672
61
  "132",
2673
62
  "141"
2674
- ], At = [
63
+ ], N = [
2675
64
  "3"
2676
- ], Pt = [
65
+ ], V = [
2677
66
  "0"
2678
- ], vt = ({
67
+ ], L = ({
2679
68
  userManager: e,
2680
69
  context: t,
2681
- children: s
70
+ children: c
2682
71
  }) => {
2683
- const [r, i] = xe({
72
+ const [s, n] = I({
2684
73
  user: null,
2685
74
  isLoading: !0,
2686
75
  isAuthenticated: !1,
2687
76
  isError: !1,
2688
77
  error: null
2689
- }), n = pe(!1);
2690
- F(() => {
2691
- n.current || (n.current = !0, (async () => {
78
+ }), o = v(!1);
79
+ d(() => {
80
+ o.current || (o.current = !0, (async () => {
2692
81
  try {
2693
- const h = await e.getUser();
2694
- i({
2695
- user: h,
82
+ const r = await e.getUser();
83
+ n({
84
+ user: r,
2696
85
  isLoading: !1,
2697
- isAuthenticated: h ? !h.expired : !1,
86
+ isAuthenticated: r ? !r.expired : !1,
2698
87
  isError: !1,
2699
88
  error: null
2700
89
  });
2701
- } catch (h) {
2702
- i({
90
+ } catch (r) {
91
+ n({
2703
92
  user: null,
2704
93
  isLoading: !1,
2705
94
  isAuthenticated: !1,
2706
95
  isError: !0,
2707
- error: h instanceof Error ? h : new Error("Unknown error during auth")
96
+ error: r instanceof Error ? r : new Error("Unknown error during auth")
2708
97
  });
2709
98
  }
2710
99
  })());
2711
- }, [e]), F(() => {
2712
- const h = (S) => {
2713
- i({
2714
- user: S,
100
+ }, [e]), d(() => {
101
+ const r = (l) => {
102
+ n({
103
+ user: l,
2715
104
  isLoading: !1,
2716
- isAuthenticated: !S.expired,
105
+ isAuthenticated: !l.expired,
2717
106
  isError: !1,
2718
107
  error: null
2719
108
  });
2720
109
  };
2721
- e.events.addUserLoaded(h);
2722
- const g = () => {
2723
- i({
2724
- ...r,
110
+ e.events.addUserLoaded(r);
111
+ const u = () => {
112
+ n({
113
+ ...s,
2725
114
  user: null,
2726
115
  isAuthenticated: !1
2727
116
  });
2728
117
  };
2729
- e.events.addUserUnloaded(g);
2730
- const u = (S) => {
2731
- i({
2732
- ...r,
118
+ e.events.addUserUnloaded(u);
119
+ const f = (l) => {
120
+ n({
121
+ ...s,
2733
122
  isLoading: !1,
2734
123
  isError: !0,
2735
- error: S
124
+ error: l
2736
125
  });
2737
126
  };
2738
- return e.events.addSilentRenewError(u), () => {
2739
- e.events.removeUserLoaded(h), e.events.removeUserUnloaded(g), e.events.removeSilentRenewError(u);
127
+ return e.events.addSilentRenewError(f), () => {
128
+ e.events.removeUserLoaded(r), e.events.removeUserUnloaded(u), e.events.removeSilentRenewError(f);
2740
129
  };
2741
130
  }, [e]);
2742
- const o = ae(async () => {
2743
- const h = await e.signinCallback();
2744
- return i({
2745
- user: h ?? null,
131
+ const a = h(async () => {
132
+ const r = await e.signinCallback();
133
+ return n({
134
+ user: r ?? null,
2746
135
  isLoading: !1,
2747
- isAuthenticated: h ? !h.expired : !1,
136
+ isAuthenticated: r ? !r.expired : !1,
2748
137
  isError: !1,
2749
138
  error: null
2750
- }), h ?? void 0;
2751
- }, [e]), c = ae(
2752
- async (h) => {
139
+ }), r ?? void 0;
140
+ }, [e]), i = h(
141
+ async (r) => {
2753
142
  try {
2754
- await e.signinRedirect(h);
2755
- } catch (g) {
2756
- console.error(g);
143
+ await e.signinRedirect(r);
144
+ } catch (u) {
145
+ console.error(u);
2757
146
  }
2758
147
  },
2759
148
  [e]
2760
- ), l = _e(
149
+ ), m = x(
2761
150
  () => ({
2762
- state: r,
2763
- handleSigninCallback: o,
2764
- redirectToSignin: c
151
+ state: s,
152
+ handleSigninCallback: a,
153
+ redirectToSignin: i
2765
154
  }),
2766
- [r, o, c]
155
+ [s, a, i]
2767
156
  );
2768
- return /* @__PURE__ */ se(t.Provider, { value: l, children: s });
2769
- }, oe = (e) => {
2770
- const t = ge(e);
157
+ return /* @__PURE__ */ C(t.Provider, { value: m, children: c });
158
+ }, A = (e) => {
159
+ const t = p(e);
2771
160
  if (!t)
2772
161
  throw new Error("useAuthContext must be used within an AuthProvider");
2773
162
  return t;
2774
- }, St = (e) => {
2775
- const { state: t } = oe(e);
163
+ }, P = (e) => {
164
+ const { state: t } = A(e);
2776
165
  return t;
2777
- }, yt = (e, t) => {
2778
- const { state: s, handleSigninCallback: r } = oe(e), i = pe(!1);
2779
- return F(() => {
2780
- i.current || (i.current = !0, r().then(
2781
- (n) => new Promise(
2782
- (o) => setTimeout(() => o(n), 0)
166
+ }, R = (e, t) => {
167
+ const { state: c, handleSigninCallback: s } = A(e), n = v(!1);
168
+ return d(() => {
169
+ n.current || (n.current = !0, s().then(
170
+ (o) => new Promise(
171
+ (a) => setTimeout(() => a(o), 0)
2783
172
  )
2784
- ).then((n) => t == null ? void 0 : t(n)));
2785
- }, [r]), s;
2786
- }, Ot = (e) => {
2787
- const t = ue(null);
173
+ ).then((o) => t == null ? void 0 : t(o)));
174
+ }, [s]), c;
175
+ }, J = (e) => {
176
+ const t = S(null);
2788
177
  return {
2789
178
  AuthContext: t,
2790
- AuthProvider: ({ children: c }) => /* @__PURE__ */ se(vt, { userManager: e, context: t, children: c }),
2791
- useAuthContext: () => oe(t),
2792
- useAuthState: () => St(t),
2793
- useSigninCallback: (c) => yt(t, c),
179
+ AuthProvider: ({ children: i }) => /* @__PURE__ */ C(L, { userManager: e, context: t, children: i }),
180
+ useAuthContext: () => A(t),
181
+ useAuthState: () => P(t),
182
+ useSigninCallback: (i) => R(t, i),
2794
183
  getAccessToken: async () => {
2795
- const c = await e.getUser();
2796
- return c ? c.access_token : null;
184
+ const i = await e.getUser();
185
+ return i ? i.access_token : null;
2797
186
  }
2798
187
  };
2799
188
  };
2800
189
  export {
2801
- Le as AccessTokenEvents,
2802
- Fe as CheckSessionIFrame,
2803
- j as ErrorResponse,
2804
- re as ErrorTimeout,
2805
- Rt as ImpersonationContextProvider,
2806
- fe as InMemoryWebStorage,
2807
- D as Log,
2808
- f as Logger,
2809
- $e as MetadataService,
2810
- it as OidcClient,
2811
- me as OidcClientSettingsStore,
2812
- Ut as ROLESAdminInCompany,
2813
- Pt as ROLESAnsatt,
2814
- At as ROLESMAKSAdministrator,
2815
- nt as SessionMonitor,
2816
- G as SigninResponse,
2817
- ne as SigninState,
2818
- rt as SignoutResponse,
2819
- H as State,
2820
- L as User,
2821
- Ct as UserManager,
2822
- ct as UserManagerSettingsStore,
2823
- xt as Version,
2824
- we as WebStorageStateStore,
2825
- Ot as createAuthContext,
2826
- It as parseUserProfileFCString,
2827
- Tt as useImpersonationCallback,
2828
- wt as useImpersonationContext
190
+ O as ImpersonationContextProvider,
191
+ z as ROLESAdminInCompany,
192
+ V as ROLESAnsatt,
193
+ N as ROLESMAKSAdministrator,
194
+ J as createAuthContext,
195
+ j as parseUserProfileFCString,
196
+ F as useImpersonationCallback,
197
+ k as useImpersonationContext
2829
198
  };