@arkitektbedriftene/fe-lib 0.4.37 → 0.4.38

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/hooks.es.js +2 -3
  2. package/dist/icons.es.js +2 -2
  3. package/dist/{index.esm-e4db0c1f.js → index.esm-67eba761.js} +5 -5
  4. package/dist/{index.esm-55efa2d1.js → index.esm-ab03d8db.js} +1 -1
  5. package/dist/oidc.es.js +102 -2778
  6. package/dist/rich-text.es.js +2611 -645
  7. package/dist/stitches.config-00c23cdb.js +136 -0
  8. package/dist/ui.es.js +77 -76
  9. package/package.json +1 -1
  10. package/dist/stitches.config-543644f4.js +0 -2919
  11. package/dist/useLocalStorageState-b4fb2a60.js +0 -100
package/dist/oidc.es.js CHANGED
@@ -1,2874 +1,198 @@
1
- import { jsx as re } from "react/jsx-runtime";
2
- import { createContext as ge, useContext as _e, useMemo as pe, useEffect as $, useState as Ie, useRef as fe, useCallback as ce } from "react";
3
- import { u as Re } from "./useLocalStorageState-b4fb2a60.js";
4
- var N = typeof globalThis < "u" ? globalThis : typeof window < "u" ? window : typeof global < "u" ? global : typeof self < "u" ? self : {};
5
- function Te(e) {
6
- if (e.__esModule)
7
- return e;
8
- var t = e.default;
9
- if (typeof t == "function") {
10
- var s = function r() {
11
- if (this instanceof r) {
12
- var n = [null];
13
- n.push.apply(n, arguments);
14
- var i = Function.bind.apply(t, n);
15
- return new i();
16
- }
17
- return t.apply(this, arguments);
18
- };
19
- s.prototype = t.prototype;
20
- } else
21
- s = {};
22
- return Object.defineProperty(s, "__esModule", { value: !0 }), Object.keys(e).forEach(function(r) {
23
- var n = Object.getOwnPropertyDescriptor(e, r);
24
- Object.defineProperty(s, r, n.get ? n : {
25
- enumerable: !0,
26
- get: function() {
27
- return e[r];
28
- }
29
- });
30
- }), s;
31
- }
32
- function Ue(e) {
33
- throw new Error('Could not dynamically require "' + e + '". Please configure the dynamicRequireTargets or/and ignoreDynamicRequires option of @rollup/plugin-commonjs appropriately for this require call to work.');
34
- }
35
- var M = {}, Ae = {
36
- get exports() {
37
- return M;
38
- },
39
- set exports(e) {
40
- M = e;
41
- }
42
- };
43
- const Pe = {}, Oe = /* @__PURE__ */ Object.freeze(/* @__PURE__ */ Object.defineProperty({
44
- __proto__: null,
45
- default: Pe
46
- }, Symbol.toStringTag, { value: "Module" })), qe = /* @__PURE__ */ Te(Oe);
47
- (function(e, t) {
48
- (function(s, r) {
49
- e.exports = r();
50
- })(N, function() {
51
- var s = s || function(r, n) {
52
- var i;
53
- if (typeof window < "u" && window.crypto && (i = window.crypto), typeof self < "u" && self.crypto && (i = self.crypto), typeof globalThis < "u" && globalThis.crypto && (i = globalThis.crypto), !i && typeof window < "u" && window.msCrypto && (i = window.msCrypto), !i && typeof N < "u" && N.crypto && (i = N.crypto), !i && typeof Ue == "function")
54
- try {
55
- i = qe;
56
- } catch {
57
- }
58
- var o = function() {
59
- if (i) {
60
- if (typeof i.getRandomValues == "function")
61
- try {
62
- return i.getRandomValues(new Uint32Array(1))[0];
63
- } catch {
64
- }
65
- if (typeof i.randomBytes == "function")
66
- try {
67
- return i.randomBytes(4).readInt32LE();
68
- } catch {
69
- }
70
- }
71
- throw new Error("Native crypto module could not be used to get secure random number.");
72
- }, c = Object.create || function() {
73
- function a() {
74
- }
75
- return function(d) {
76
- var p;
77
- return a.prototype = d, p = new a(), a.prototype = null, p;
78
- };
79
- }(), l = {}, h = l.lib = {}, g = h.Base = function() {
80
- return {
81
- /**
82
- * Creates a new object that inherits from this object.
83
- *
84
- * @param {Object} overrides Properties to copy into the new object.
85
- *
86
- * @return {Object} The new object.
87
- *
88
- * @static
89
- *
90
- * @example
91
- *
92
- * var MyType = CryptoJS.lib.Base.extend({
93
- * field: 'value',
94
- *
95
- * method: function () {
96
- * }
97
- * });
98
- */
99
- extend: function(a) {
100
- var d = c(this);
101
- return a && d.mixIn(a), (!d.hasOwnProperty("init") || this.init === d.init) && (d.init = function() {
102
- d.$super.init.apply(this, arguments);
103
- }), d.init.prototype = d, d.$super = this, d;
104
- },
105
- /**
106
- * Extends this object and runs the init method.
107
- * Arguments to create() will be passed to init().
108
- *
109
- * @return {Object} The new object.
110
- *
111
- * @static
112
- *
113
- * @example
114
- *
115
- * var instance = MyType.create();
116
- */
117
- create: function() {
118
- var a = this.extend();
119
- return a.init.apply(a, arguments), a;
120
- },
121
- /**
122
- * Initializes a newly created object.
123
- * Override this method to add some logic when your objects are created.
124
- *
125
- * @example
126
- *
127
- * var MyType = CryptoJS.lib.Base.extend({
128
- * init: function () {
129
- * // ...
130
- * }
131
- * });
132
- */
133
- init: function() {
134
- },
135
- /**
136
- * Copies properties into this object.
137
- *
138
- * @param {Object} properties The properties to mix in.
139
- *
140
- * @example
141
- *
142
- * MyType.mixIn({
143
- * field: 'value'
144
- * });
145
- */
146
- mixIn: function(a) {
147
- for (var d in a)
148
- a.hasOwnProperty(d) && (this[d] = a[d]);
149
- a.hasOwnProperty("toString") && (this.toString = a.toString);
150
- },
151
- /**
152
- * Creates a copy of this object.
153
- *
154
- * @return {Object} The clone.
155
- *
156
- * @example
157
- *
158
- * var clone = instance.clone();
159
- */
160
- clone: function() {
161
- return this.init.prototype.extend(this);
162
- }
163
- };
164
- }(), u = h.WordArray = g.extend({
165
- /**
166
- * Initializes a newly created word array.
167
- *
168
- * @param {Array} words (Optional) An array of 32-bit words.
169
- * @param {number} sigBytes (Optional) The number of significant bytes in the words.
170
- *
171
- * @example
172
- *
173
- * var wordArray = CryptoJS.lib.WordArray.create();
174
- * var wordArray = CryptoJS.lib.WordArray.create([0x00010203, 0x04050607]);
175
- * var wordArray = CryptoJS.lib.WordArray.create([0x00010203, 0x04050607], 6);
176
- */
177
- init: function(a, d) {
178
- a = this.words = a || [], d != n ? this.sigBytes = d : this.sigBytes = a.length * 4;
179
- },
180
- /**
181
- * Converts this word array to a string.
182
- *
183
- * @param {Encoder} encoder (Optional) The encoding strategy to use. Default: CryptoJS.enc.Hex
184
- *
185
- * @return {string} The stringified word array.
186
- *
187
- * @example
188
- *
189
- * var string = wordArray + '';
190
- * var string = wordArray.toString();
191
- * var string = wordArray.toString(CryptoJS.enc.Utf8);
192
- */
193
- toString: function(a) {
194
- return (a || w).stringify(this);
195
- },
196
- /**
197
- * Concatenates a word array to this word array.
198
- *
199
- * @param {WordArray} wordArray The word array to append.
200
- *
201
- * @return {WordArray} This word array.
202
- *
203
- * @example
204
- *
205
- * wordArray1.concat(wordArray2);
206
- */
207
- concat: function(a) {
208
- var d = this.words, p = a.words, m = this.sigBytes, b = a.sigBytes;
209
- if (this.clamp(), m % 4)
210
- for (var E = 0; E < b; E++) {
211
- var C = p[E >>> 2] >>> 24 - E % 4 * 8 & 255;
212
- d[m + E >>> 2] |= C << 24 - (m + E) % 4 * 8;
213
- }
214
- else
215
- for (var x = 0; x < b; x += 4)
216
- d[m + x >>> 2] = p[x >>> 2];
217
- return this.sigBytes += b, this;
218
- },
219
- /**
220
- * Removes insignificant bits.
221
- *
222
- * @example
223
- *
224
- * wordArray.clamp();
225
- */
226
- clamp: function() {
227
- var a = this.words, d = this.sigBytes;
228
- a[d >>> 2] &= 4294967295 << 32 - d % 4 * 8, a.length = r.ceil(d / 4);
229
- },
230
- /**
231
- * Creates a copy of this word array.
232
- *
233
- * @return {WordArray} The clone.
234
- *
235
- * @example
236
- *
237
- * var clone = wordArray.clone();
238
- */
239
- clone: function() {
240
- var a = g.clone.call(this);
241
- return a.words = this.words.slice(0), a;
242
- },
243
- /**
244
- * Creates a word array filled with random bytes.
245
- *
246
- * @param {number} nBytes The number of random bytes to generate.
247
- *
248
- * @return {WordArray} The random word array.
249
- *
250
- * @static
251
- *
252
- * @example
253
- *
254
- * var wordArray = CryptoJS.lib.WordArray.random(16);
255
- */
256
- random: function(a) {
257
- for (var d = [], p = 0; p < a; p += 4)
258
- d.push(o());
259
- return new u.init(d, a);
260
- }
261
- }), S = l.enc = {}, w = S.Hex = {
262
- /**
263
- * Converts a word array to a hex string.
264
- *
265
- * @param {WordArray} wordArray The word array.
266
- *
267
- * @return {string} The hex string.
268
- *
269
- * @static
270
- *
271
- * @example
272
- *
273
- * var hexString = CryptoJS.enc.Hex.stringify(wordArray);
274
- */
275
- stringify: function(a) {
276
- for (var d = a.words, p = a.sigBytes, m = [], b = 0; b < p; b++) {
277
- var E = d[b >>> 2] >>> 24 - b % 4 * 8 & 255;
278
- m.push((E >>> 4).toString(16)), m.push((E & 15).toString(16));
279
- }
280
- return m.join("");
281
- },
282
- /**
283
- * Converts a hex string to a word array.
284
- *
285
- * @param {string} hexStr The hex string.
286
- *
287
- * @return {WordArray} The word array.
288
- *
289
- * @static
290
- *
291
- * @example
292
- *
293
- * var wordArray = CryptoJS.enc.Hex.parse(hexString);
294
- */
295
- parse: function(a) {
296
- for (var d = a.length, p = [], m = 0; m < d; m += 2)
297
- p[m >>> 3] |= parseInt(a.substr(m, 2), 16) << 24 - m % 8 * 4;
298
- return new u.init(p, d / 2);
299
- }
300
- }, k = S.Latin1 = {
301
- /**
302
- * Converts a word array to a Latin1 string.
303
- *
304
- * @param {WordArray} wordArray The word array.
305
- *
306
- * @return {string} The Latin1 string.
307
- *
308
- * @static
309
- *
310
- * @example
311
- *
312
- * var latin1String = CryptoJS.enc.Latin1.stringify(wordArray);
313
- */
314
- stringify: function(a) {
315
- for (var d = a.words, p = a.sigBytes, m = [], b = 0; b < p; b++) {
316
- var E = d[b >>> 2] >>> 24 - b % 4 * 8 & 255;
317
- m.push(String.fromCharCode(E));
318
- }
319
- return m.join("");
320
- },
321
- /**
322
- * Converts a Latin1 string to a word array.
323
- *
324
- * @param {string} latin1Str The Latin1 string.
325
- *
326
- * @return {WordArray} The word array.
327
- *
328
- * @static
329
- *
330
- * @example
331
- *
332
- * var wordArray = CryptoJS.enc.Latin1.parse(latin1String);
333
- */
334
- parse: function(a) {
335
- for (var d = a.length, p = [], m = 0; m < d; m++)
336
- p[m >>> 2] |= (a.charCodeAt(m) & 255) << 24 - m % 4 * 8;
337
- return new u.init(p, d);
338
- }
339
- }, _ = S.Utf8 = {
340
- /**
341
- * Converts a word array to a UTF-8 string.
342
- *
343
- * @param {WordArray} wordArray The word array.
344
- *
345
- * @return {string} The UTF-8 string.
346
- *
347
- * @static
348
- *
349
- * @example
350
- *
351
- * var utf8String = CryptoJS.enc.Utf8.stringify(wordArray);
352
- */
353
- stringify: function(a) {
354
- try {
355
- return decodeURIComponent(escape(k.stringify(a)));
356
- } catch {
357
- throw new Error("Malformed UTF-8 data");
358
- }
359
- },
360
- /**
361
- * Converts a UTF-8 string to a word array.
362
- *
363
- * @param {string} utf8Str The UTF-8 string.
364
- *
365
- * @return {WordArray} The word array.
366
- *
367
- * @static
368
- *
369
- * @example
370
- *
371
- * var wordArray = CryptoJS.enc.Utf8.parse(utf8String);
372
- */
373
- parse: function(a) {
374
- return k.parse(unescape(encodeURIComponent(a)));
375
- }
376
- }, v = h.BufferedBlockAlgorithm = g.extend({
377
- /**
378
- * Resets this block algorithm's data buffer to its initial state.
379
- *
380
- * @example
381
- *
382
- * bufferedBlockAlgorithm.reset();
383
- */
384
- reset: function() {
385
- this._data = new u.init(), this._nDataBytes = 0;
386
- },
387
- /**
388
- * Adds new data to this block algorithm's buffer.
389
- *
390
- * @param {WordArray|string} data The data to append. Strings are converted to a WordArray using UTF-8.
391
- *
392
- * @example
393
- *
394
- * bufferedBlockAlgorithm._append('data');
395
- * bufferedBlockAlgorithm._append(wordArray);
396
- */
397
- _append: function(a) {
398
- typeof a == "string" && (a = _.parse(a)), this._data.concat(a), this._nDataBytes += a.sigBytes;
399
- },
400
- /**
401
- * Processes available data blocks.
402
- *
403
- * This method invokes _doProcessBlock(offset), which must be implemented by a concrete subtype.
404
- *
405
- * @param {boolean} doFlush Whether all blocks and partial blocks should be processed.
406
- *
407
- * @return {WordArray} The processed data.
408
- *
409
- * @example
410
- *
411
- * var processedData = bufferedBlockAlgorithm._process();
412
- * var processedData = bufferedBlockAlgorithm._process(!!'flush');
413
- */
414
- _process: function(a) {
415
- var d, p = this._data, m = p.words, b = p.sigBytes, E = this.blockSize, C = E * 4, x = b / C;
416
- a ? x = r.ceil(x) : x = r.max((x | 0) - this._minBufferSize, 0);
417
- var P = x * E, I = r.min(P * 4, b);
418
- if (P) {
419
- for (var q = 0; q < P; q += E)
420
- this._doProcessBlock(m, q);
421
- d = m.splice(0, P), p.sigBytes -= I;
422
- }
423
- return new u.init(d, I);
424
- },
425
- /**
426
- * Creates a copy of this object.
427
- *
428
- * @return {Object} The clone.
429
- *
430
- * @example
431
- *
432
- * var clone = bufferedBlockAlgorithm.clone();
433
- */
434
- clone: function() {
435
- var a = g.clone.call(this);
436
- return a._data = this._data.clone(), a;
437
- },
438
- _minBufferSize: 0
439
- });
440
- h.Hasher = v.extend({
441
- /**
442
- * Configuration options.
443
- */
444
- cfg: g.extend(),
445
- /**
446
- * Initializes a newly created hasher.
447
- *
448
- * @param {Object} cfg (Optional) The configuration options to use for this hash computation.
449
- *
450
- * @example
451
- *
452
- * var hasher = CryptoJS.algo.SHA256.create();
453
- */
454
- init: function(a) {
455
- this.cfg = this.cfg.extend(a), this.reset();
456
- },
457
- /**
458
- * Resets this hasher to its initial state.
459
- *
460
- * @example
461
- *
462
- * hasher.reset();
463
- */
464
- reset: function() {
465
- v.reset.call(this), this._doReset();
466
- },
467
- /**
468
- * Updates this hasher with a message.
469
- *
470
- * @param {WordArray|string} messageUpdate The message to append.
471
- *
472
- * @return {Hasher} This hasher.
473
- *
474
- * @example
475
- *
476
- * hasher.update('message');
477
- * hasher.update(wordArray);
478
- */
479
- update: function(a) {
480
- return this._append(a), this._process(), this;
481
- },
482
- /**
483
- * Finalizes the hash computation.
484
- * Note that the finalize operation is effectively a destructive, read-once operation.
485
- *
486
- * @param {WordArray|string} messageUpdate (Optional) A final message update.
487
- *
488
- * @return {WordArray} The hash.
489
- *
490
- * @example
491
- *
492
- * var hash = hasher.finalize();
493
- * var hash = hasher.finalize('message');
494
- * var hash = hasher.finalize(wordArray);
495
- */
496
- finalize: function(a) {
497
- a && this._append(a);
498
- var d = this._doFinalize();
499
- return d;
500
- },
501
- blockSize: 16,
502
- /**
503
- * Creates a shortcut function to a hasher's object interface.
504
- *
505
- * @param {Hasher} hasher The hasher to create a helper for.
506
- *
507
- * @return {Function} The shortcut function.
508
- *
509
- * @static
510
- *
511
- * @example
512
- *
513
- * var SHA256 = CryptoJS.lib.Hasher._createHelper(CryptoJS.algo.SHA256);
514
- */
515
- _createHelper: function(a) {
516
- return function(d, p) {
517
- return new a.init(p).finalize(d);
518
- };
519
- },
520
- /**
521
- * Creates a shortcut function to the HMAC's object interface.
522
- *
523
- * @param {Hasher} hasher The hasher to use in this HMAC helper.
524
- *
525
- * @return {Function} The shortcut function.
526
- *
527
- * @static
528
- *
529
- * @example
530
- *
531
- * var HmacSHA256 = CryptoJS.lib.Hasher._createHmacHelper(CryptoJS.algo.SHA256);
532
- */
533
- _createHmacHelper: function(a) {
534
- return function(d, p) {
535
- return new y.HMAC.init(a, p).finalize(d);
536
- };
537
- }
538
- });
539
- var y = l.algo = {};
540
- return l;
541
- }(Math);
542
- return s;
543
- });
544
- })(Ae);
545
- var X = {}, Ne = {
546
- get exports() {
547
- return X;
548
- },
549
- set exports(e) {
550
- X = e;
551
- }
552
- };
553
- (function(e, t) {
554
- (function(s, r) {
555
- e.exports = r(M);
556
- })(N, function(s) {
557
- return function(r) {
558
- var n = s, i = n.lib, o = i.WordArray, c = i.Hasher, l = n.algo, h = [], g = [];
559
- (function() {
560
- function w(y) {
561
- for (var a = r.sqrt(y), d = 2; d <= a; d++)
562
- if (!(y % d))
563
- return !1;
564
- return !0;
565
- }
566
- function k(y) {
567
- return (y - (y | 0)) * 4294967296 | 0;
568
- }
569
- for (var _ = 2, v = 0; v < 64; )
570
- w(_) && (v < 8 && (h[v] = k(r.pow(_, 1 / 2))), g[v] = k(r.pow(_, 1 / 3)), v++), _++;
571
- })();
572
- var u = [], S = l.SHA256 = c.extend({
573
- _doReset: function() {
574
- this._hash = new o.init(h.slice(0));
575
- },
576
- _doProcessBlock: function(w, k) {
577
- for (var _ = this._hash.words, v = _[0], y = _[1], a = _[2], d = _[3], p = _[4], m = _[5], b = _[6], E = _[7], C = 0; C < 64; C++) {
578
- if (C < 16)
579
- u[C] = w[k + C] | 0;
580
- else {
581
- var x = u[C - 15], P = (x << 25 | x >>> 7) ^ (x << 14 | x >>> 18) ^ x >>> 3, I = u[C - 2], q = (I << 15 | I >>> 17) ^ (I << 13 | I >>> 19) ^ I >>> 10;
582
- u[C] = P + u[C - 7] + q + u[C - 16];
583
- }
584
- var W = p & m ^ ~p & b, K = v & y ^ v & a ^ y & a, V = (v << 30 | v >>> 2) ^ (v << 19 | v >>> 13) ^ (v << 10 | v >>> 22), G = (p << 26 | p >>> 6) ^ (p << 21 | p >>> 11) ^ (p << 7 | p >>> 25), L = E + G + W + g[C] + u[C], xe = V + K;
585
- E = b, b = m, m = p, p = d + L | 0, d = a, a = y, y = v, v = L + xe | 0;
586
- }
587
- _[0] = _[0] + v | 0, _[1] = _[1] + y | 0, _[2] = _[2] + a | 0, _[3] = _[3] + d | 0, _[4] = _[4] + p | 0, _[5] = _[5] + m | 0, _[6] = _[6] + b | 0, _[7] = _[7] + E | 0;
588
- },
589
- _doFinalize: function() {
590
- var w = this._data, k = w.words, _ = this._nDataBytes * 8, v = w.sigBytes * 8;
591
- return k[v >>> 5] |= 128 << 24 - v % 32, k[(v + 64 >>> 9 << 4) + 14] = r.floor(_ / 4294967296), k[(v + 64 >>> 9 << 4) + 15] = _, w.sigBytes = k.length * 4, this._process(), this._hash;
592
- },
593
- clone: function() {
594
- var w = c.clone.call(this);
595
- return w._hash = this._hash.clone(), w;
596
- }
597
- });
598
- n.SHA256 = c._createHelper(S), n.HmacSHA256 = c._createHmacHelper(S);
599
- }(Math), s.SHA256;
600
- });
601
- })(Ne);
602
- var z = {}, je = {
603
- get exports() {
604
- return z;
605
- },
606
- set exports(e) {
607
- z = e;
608
- }
609
- };
610
- (function(e, t) {
611
- (function(s, r) {
612
- e.exports = r(M);
613
- })(N, function(s) {
614
- return function() {
615
- var r = s, n = r.lib, i = n.WordArray, o = r.enc;
616
- o.Base64 = {
617
- /**
618
- * Converts a word array to a Base64 string.
619
- *
620
- * @param {WordArray} wordArray The word array.
621
- *
622
- * @return {string} The Base64 string.
623
- *
624
- * @static
625
- *
626
- * @example
627
- *
628
- * var base64String = CryptoJS.enc.Base64.stringify(wordArray);
629
- */
630
- stringify: function(l) {
631
- var h = l.words, g = l.sigBytes, u = this._map;
632
- l.clamp();
633
- for (var S = [], w = 0; w < g; w += 3)
634
- for (var k = h[w >>> 2] >>> 24 - w % 4 * 8 & 255, _ = h[w + 1 >>> 2] >>> 24 - (w + 1) % 4 * 8 & 255, v = h[w + 2 >>> 2] >>> 24 - (w + 2) % 4 * 8 & 255, y = k << 16 | _ << 8 | v, a = 0; a < 4 && w + a * 0.75 < g; a++)
635
- S.push(u.charAt(y >>> 6 * (3 - a) & 63));
636
- var d = u.charAt(64);
637
- if (d)
638
- for (; S.length % 4; )
639
- S.push(d);
640
- return S.join("");
641
- },
642
- /**
643
- * Converts a Base64 string to a word array.
644
- *
645
- * @param {string} base64Str The Base64 string.
646
- *
647
- * @return {WordArray} The word array.
648
- *
649
- * @static
650
- *
651
- * @example
652
- *
653
- * var wordArray = CryptoJS.enc.Base64.parse(base64String);
654
- */
655
- parse: function(l) {
656
- var h = l.length, g = this._map, u = this._reverseMap;
657
- if (!u) {
658
- u = this._reverseMap = [];
659
- for (var S = 0; S < g.length; S++)
660
- u[g.charCodeAt(S)] = S;
661
- }
662
- var w = g.charAt(64);
663
- if (w) {
664
- var k = l.indexOf(w);
665
- k !== -1 && (h = k);
666
- }
667
- return c(l, h, u);
668
- },
669
- _map: "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="
670
- };
671
- function c(l, h, g) {
672
- for (var u = [], S = 0, w = 0; w < h; w++)
673
- if (w % 4) {
674
- var k = g[l.charCodeAt(w - 1)] << w % 4 * 2, _ = g[l.charCodeAt(w)] >>> 6 - w % 4 * 2, v = k | _;
675
- u[S >>> 2] |= v << 24 - S % 4 * 8, S++;
676
- }
677
- return i.create(u, S);
678
- }
679
- }(), s.enc.Base64;
680
- });
681
- })(je);
682
- var Y = {}, Me = {
683
- get exports() {
684
- return Y;
685
- },
686
- set exports(e) {
687
- Y = e;
688
- }
689
- };
690
- (function(e, t) {
691
- (function(s, r) {
692
- e.exports = r(M);
693
- })(N, function(s) {
694
- return s.enc.Utf8;
695
- });
696
- })(Me);
697
- function Z(e) {
698
- this.message = e;
699
- }
700
- Z.prototype = new Error(), Z.prototype.name = "InvalidCharacterError";
701
- var le = typeof window < "u" && window.atob && window.atob.bind(window) || function(e) {
702
- var t = String(e).replace(/=+$/, "");
703
- if (t.length % 4 == 1)
704
- throw new Z("'atob' failed: The string to be decoded is not correctly encoded.");
705
- for (var s, r, n = 0, i = 0, o = ""; r = t.charAt(i++); ~r && (s = n % 4 ? 64 * s + r : r, n++ % 4) ? o += String.fromCharCode(255 & s >> (-2 * n & 6)) : 0)
706
- r = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=".indexOf(r);
707
- return o;
708
- };
709
- function He(e) {
710
- var t = e.replace(/-/g, "+").replace(/_/g, "/");
711
- switch (t.length % 4) {
712
- case 0:
713
- break;
714
- case 2:
715
- t += "==";
716
- break;
717
- case 3:
718
- t += "=";
719
- break;
720
- default:
721
- throw "Illegal base64url string!";
722
- }
723
- try {
724
- return function(s) {
725
- return decodeURIComponent(le(s).replace(/(.)/g, function(r, n) {
726
- var i = n.charCodeAt(0).toString(16).toUpperCase();
727
- return i.length < 2 && (i = "0" + i), "%" + i;
728
- }));
729
- }(t);
730
- } catch {
731
- return le(t);
732
- }
733
- }
734
- function D(e) {
735
- this.message = e;
736
- }
737
- function We(e, t) {
738
- if (typeof e != "string")
739
- throw new D("Invalid token specified");
740
- var s = (t = t || {}).header === !0 ? 0 : 1;
741
- try {
742
- return JSON.parse(He(e.split(".")[s]));
743
- } catch (r) {
744
- throw new D("Invalid token specified: " + r.message);
745
- }
746
- }
747
- D.prototype = new Error(), D.prototype.name = "InvalidTokenError";
748
- var Be = {
749
- debug: () => {
750
- },
751
- info: () => {
752
- },
753
- warn: () => {
754
- },
755
- error: () => {
756
- }
757
- }, T, U, J = /* @__PURE__ */ ((e) => (e[e.NONE = 0] = "NONE", e[e.ERROR = 1] = "ERROR", e[e.WARN = 2] = "WARN", e[e.INFO = 3] = "INFO", e[e.DEBUG = 4] = "DEBUG", e))(J || {});
758
- ((e) => {
759
- function t() {
760
- T = 3, U = Be;
761
- }
762
- e.reset = t;
763
- function s(n) {
764
- if (!(0 <= n && n <= 4))
765
- throw new Error("Invalid log level");
766
- T = n;
767
- }
768
- e.setLevel = s;
769
- function r(n) {
770
- U = n;
771
- }
772
- e.setLogger = r;
773
- })(J || (J = {}));
774
- var f = class {
775
- constructor(e) {
776
- this._name = e;
777
- }
778
- debug(...e) {
779
- T >= 4 && U.debug(f._format(this._name, this._method), ...e);
780
- }
781
- info(...e) {
782
- T >= 3 && U.info(f._format(this._name, this._method), ...e);
783
- }
784
- warn(...e) {
785
- T >= 2 && U.warn(f._format(this._name, this._method), ...e);
786
- }
787
- error(...e) {
788
- T >= 1 && U.error(f._format(this._name, this._method), ...e);
789
- }
790
- throw(e) {
791
- throw this.error(e), e;
792
- }
793
- create(e) {
794
- const t = Object.create(this);
795
- return t._method = e, t.debug("begin"), t;
796
- }
797
- static createStatic(e, t) {
798
- const s = new f(`${e}.${t}`);
799
- return s.debug("begin"), s;
800
- }
801
- static _format(e, t) {
802
- const s = `[${e}]`;
803
- return t ? `${s} ${t}:` : s;
804
- }
805
- // helpers for static class methods
806
- static debug(e, ...t) {
807
- T >= 4 && U.debug(f._format(e), ...t);
808
- }
809
- static info(e, ...t) {
810
- T >= 3 && U.info(f._format(e), ...t);
811
- }
812
- static warn(e, ...t) {
813
- T >= 2 && U.warn(f._format(e), ...t);
814
- }
815
- static error(e, ...t) {
816
- T >= 1 && U.error(f._format(e), ...t);
817
- }
818
- };
819
- J.reset();
820
- var Le = "10000000-1000-4000-8000-100000000000", A = class {
821
- static _randomWord() {
822
- return M.lib.WordArray.random(1).words[0];
823
- }
824
- /**
825
- * Generates RFC4122 version 4 guid
826
- */
827
- static generateUUIDv4() {
828
- return Le.replace(
829
- /[018]/g,
830
- (t) => (+t ^ A._randomWord() & 15 >> +t / 4).toString(16)
831
- ).replace(/-/g, "");
832
- }
833
- /**
834
- * PKCE: Generate a code verifier
835
- */
836
- static generateCodeVerifier() {
837
- return A.generateUUIDv4() + A.generateUUIDv4() + A.generateUUIDv4();
838
- }
839
- /**
840
- * PKCE: Generate a code challenge
841
- */
842
- static generateCodeChallenge(e) {
843
- try {
844
- const t = X(e);
845
- return z.stringify(t).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
846
- } catch (t) {
847
- throw f.error("CryptoUtils.generateCodeChallenge", t), t;
848
- }
849
- }
850
- /**
851
- * Generates a base64-encoded string for a basic auth header
852
- */
853
- static generateBasicAuth(e, t) {
854
- const s = Y.parse([e, t].join(":"));
855
- return z.stringify(s);
856
- }
857
- }, O = class {
858
- constructor(e) {
859
- this._name = e, this._logger = new f(`Event('${this._name}')`), this._callbacks = [];
860
- }
861
- addHandler(e) {
862
- return this._callbacks.push(e), () => this.removeHandler(e);
863
- }
864
- removeHandler(e) {
865
- const t = this._callbacks.lastIndexOf(e);
866
- t >= 0 && this._callbacks.splice(t, 1);
867
- }
868
- raise(...e) {
869
- this._logger.debug("raise:", ...e);
870
- for (const t of this._callbacks)
871
- t(...e);
872
- }
873
- }, ee = class {
874
- // IMPORTANT: doesn't validate the token
875
- static decode(e) {
876
- try {
877
- return We(e);
878
- } catch (t) {
879
- throw f.error("JwtUtils.decode", t), t;
880
- }
881
- }
882
- }, de = class {
883
- /**
884
- * Populates a map of window features with a placement centered in front of
885
- * the current window. If no explicit width is given, a default value is
886
- * binned into [800, 720, 600, 480, 360] based on the current window's width.
887
- */
888
- static center({ ...e }) {
889
- var t, s, r;
890
- return e.width == null && (e.width = (t = [800, 720, 600, 480].find((n) => n <= window.outerWidth / 1.618)) != null ? t : 360), (s = e.left) != null || (e.left = Math.max(0, Math.round(window.screenX + (window.outerWidth - e.width) / 2))), e.height != null && ((r = e.top) != null || (e.top = Math.max(0, Math.round(window.screenY + (window.outerHeight - e.height) / 2)))), e;
891
- }
892
- static serialize(e) {
893
- return Object.entries(e).filter(([, t]) => t != null).map(([t, s]) => `${t}=${typeof s != "boolean" ? s : s ? "yes" : "no"}`).join(",");
894
- }
895
- }, R = class extends O {
896
- constructor() {
897
- super(...arguments), this._logger = new f(`Timer('${this._name}')`), this._timerHandle = null, this._expiration = 0, this._callback = () => {
898
- const e = this._expiration - R.getEpochTime();
899
- this._logger.debug("timer completes in", e), this._expiration <= R.getEpochTime() && (this.cancel(), super.raise());
900
- };
901
- }
902
- // get the time
903
- static getEpochTime() {
904
- return Math.floor(Date.now() / 1e3);
905
- }
906
- init(e) {
907
- const t = this._logger.create("init");
908
- e = Math.max(Math.floor(e), 1);
909
- const s = R.getEpochTime() + e;
910
- if (this.expiration === s && this._timerHandle) {
911
- t.debug("skipping since already initialized for expiration at", this.expiration);
912
- return;
913
- }
914
- this.cancel(), t.debug("using duration", e), this._expiration = s;
915
- const r = Math.min(e, 5);
916
- this._timerHandle = setInterval(this._callback, r * 1e3);
917
- }
918
- get expiration() {
919
- return this._expiration;
920
- }
921
- cancel() {
922
- this._logger.create("cancel"), this._timerHandle && (clearInterval(this._timerHandle), this._timerHandle = null);
923
- }
924
- }, te = class {
925
- static readParams(e, t = "query") {
926
- if (!e)
927
- throw new TypeError("Invalid URL");
928
- const r = new URL(e, window.location.origin)[t === "fragment" ? "hash" : "search"];
929
- return new URLSearchParams(r.slice(1));
930
- }
931
- }, j = class extends Error {
932
- constructor(e, t) {
933
- var s, r, n;
934
- if (super(e.error_description || e.error || ""), this.form = t, this.name = "ErrorResponse", !e.error)
935
- throw f.error("ErrorResponse", "No error passed"), new Error("No error passed");
936
- this.error = e.error, this.error_description = (s = e.error_description) != null ? s : null, this.error_uri = (r = e.error_uri) != null ? r : null, this.state = e.userState, this.session_state = (n = e.session_state) != null ? n : null;
937
- }
938
- }, ie = class extends Error {
939
- constructor(e) {
940
- super(e), this.name = "ErrorTimeout";
941
- }
942
- }, Fe = class {
943
- constructor(e) {
944
- this._logger = new f("AccessTokenEvents"), this._expiringTimer = new R("Access token expiring"), this._expiredTimer = new R("Access token expired"), this._expiringNotificationTimeInSeconds = e.expiringNotificationTimeInSeconds;
945
- }
946
- load(e) {
947
- const t = this._logger.create("load");
948
- if (e.access_token && e.expires_in !== void 0) {
949
- const s = e.expires_in;
950
- if (t.debug("access token present, remaining duration:", s), s > 0) {
951
- let n = s - this._expiringNotificationTimeInSeconds;
952
- n <= 0 && (n = 1), t.debug("registering expiring timer, raising in", n, "seconds"), this._expiringTimer.init(n);
953
- } else
954
- t.debug("canceling existing expiring timer because we're past expiration."), this._expiringTimer.cancel();
955
- const r = s + 1;
956
- t.debug("registering expired timer, raising in", r, "seconds"), this._expiredTimer.init(r);
957
- } else
958
- this._expiringTimer.cancel(), this._expiredTimer.cancel();
959
- }
960
- unload() {
961
- this._logger.debug("unload: canceling existing access token timers"), this._expiringTimer.cancel(), this._expiredTimer.cancel();
962
- }
963
- /**
964
- * Add callback: Raised prior to the access token expiring.
965
- */
966
- addAccessTokenExpiring(e) {
967
- return this._expiringTimer.addHandler(e);
968
- }
969
- /**
970
- * Remove callback: Raised prior to the access token expiring.
971
- */
972
- removeAccessTokenExpiring(e) {
973
- this._expiringTimer.removeHandler(e);
974
- }
975
- /**
976
- * Add callback: Raised after the access token has expired.
977
- */
978
- addAccessTokenExpired(e) {
979
- return this._expiredTimer.addHandler(e);
980
- }
981
- /**
982
- * Remove callback: Raised after the access token has expired.
983
- */
984
- removeAccessTokenExpired(e) {
985
- this._expiredTimer.removeHandler(e);
986
- }
987
- }, $e = class {
988
- constructor(e, t, s, r, n) {
989
- this._callback = e, this._client_id = t, this._intervalInSeconds = r, this._stopOnError = n, this._logger = new f("CheckSessionIFrame"), this._timer = null, this._session_state = null, this._message = (o) => {
990
- o.origin === this._frame_origin && o.source === this._frame.contentWindow && (o.data === "error" ? (this._logger.error("error message from check session op iframe"), this._stopOnError && this.stop()) : o.data === "changed" ? (this._logger.debug("changed message from check session op iframe"), this.stop(), this._callback()) : this._logger.debug(o.data + " message from check session op iframe"));
991
- };
992
- const i = new URL(s);
993
- this._frame_origin = i.origin, this._frame = window.document.createElement("iframe"), this._frame.style.visibility = "hidden", this._frame.style.position = "fixed", this._frame.style.left = "-1000px", this._frame.style.top = "0", this._frame.width = "0", this._frame.height = "0", this._frame.src = i.href;
994
- }
995
- load() {
996
- return new Promise((e) => {
997
- this._frame.onload = () => {
998
- e();
999
- }, window.document.body.appendChild(this._frame), window.addEventListener("message", this._message, !1);
1000
- });
1001
- }
1002
- start(e) {
1003
- if (this._session_state === e)
1004
- return;
1005
- this._logger.create("start"), this.stop(), this._session_state = e;
1006
- const t = () => {
1007
- !this._frame.contentWindow || !this._session_state || this._frame.contentWindow.postMessage(this._client_id + " " + this._session_state, this._frame_origin);
1008
- };
1009
- t(), this._timer = setInterval(t, this._intervalInSeconds * 1e3);
1010
- }
1011
- stop() {
1012
- this._logger.create("stop"), this._session_state = null, this._timer && (clearInterval(this._timer), this._timer = null);
1013
- }
1014
- }, we = class {
1015
- constructor() {
1016
- this._logger = new f("InMemoryWebStorage"), this._data = {};
1017
- }
1018
- clear() {
1019
- this._logger.create("clear"), this._data = {};
1020
- }
1021
- getItem(e) {
1022
- return this._logger.create(`getItem('${e}')`), this._data[e];
1023
- }
1024
- setItem(e, t) {
1025
- this._logger.create(`setItem('${e}')`), this._data[e] = t;
1026
- }
1027
- removeItem(e) {
1028
- this._logger.create(`removeItem('${e}')`), delete this._data[e];
1029
- }
1030
- get length() {
1031
- return Object.getOwnPropertyNames(this._data).length;
1032
- }
1033
- key(e) {
1034
- return Object.getOwnPropertyNames(this._data)[e];
1035
- }
1036
- }, ne = class {
1037
- constructor(e = [], t = null) {
1038
- this._jwtHandler = t, this._logger = new f("JsonService"), this._contentTypes = [], this._contentTypes.push(...e, "application/json"), t && this._contentTypes.push("application/jwt");
1039
- }
1040
- async fetchWithTimeout(e, t = {}) {
1041
- const { timeoutInSeconds: s, ...r } = t;
1042
- if (!s)
1043
- return await fetch(e, r);
1044
- const n = new AbortController(), i = setTimeout(() => n.abort(), s * 1e3);
1045
- try {
1046
- return await fetch(e, {
1047
- ...t,
1048
- signal: n.signal
1049
- });
1050
- } catch (o) {
1051
- throw o instanceof DOMException && o.name === "AbortError" ? new ie("Network timed out") : o;
1052
- } finally {
1053
- clearTimeout(i);
1054
- }
1055
- }
1056
- async getJson(e, {
1057
- token: t,
1058
- credentials: s
1059
- } = {}) {
1060
- const r = this._logger.create("getJson"), n = {
1061
- Accept: this._contentTypes.join(", ")
1062
- };
1063
- t && (r.debug("token passed, setting Authorization header"), n.Authorization = "Bearer " + t);
1064
- let i;
1065
- try {
1066
- r.debug("url:", e), i = await this.fetchWithTimeout(e, { method: "GET", headers: n, credentials: s });
1067
- } catch (l) {
1068
- throw r.error("Network Error"), l;
1069
- }
1070
- r.debug("HTTP response received, status", i.status);
1071
- const o = i.headers.get("Content-Type");
1072
- if (o && !this._contentTypes.find((l) => o.startsWith(l)) && r.throw(new Error(`Invalid response Content-Type: ${o ?? "undefined"}, from URL: ${e}`)), i.ok && this._jwtHandler && (o != null && o.startsWith("application/jwt")))
1073
- return await this._jwtHandler(await i.text());
1074
- let c;
1075
- try {
1076
- c = await i.json();
1077
- } catch (l) {
1078
- throw r.error("Error parsing JSON response", l), i.ok ? l : new Error(`${i.statusText} (${i.status})`);
1079
- }
1080
- if (!i.ok)
1081
- throw r.error("Error from server:", c), c.error ? new j(c) : new Error(`${i.statusText} (${i.status}): ${JSON.stringify(c)}`);
1082
- return c;
1083
- }
1084
- async postForm(e, {
1085
- body: t,
1086
- basicAuth: s,
1087
- timeoutInSeconds: r,
1088
- initCredentials: n
1089
- }) {
1090
- const i = this._logger.create("postForm"), o = {
1091
- Accept: this._contentTypes.join(", "),
1092
- "Content-Type": "application/x-www-form-urlencoded"
1093
- };
1094
- s !== void 0 && (o.Authorization = "Basic " + s);
1095
- let c;
1096
- try {
1097
- i.debug("url:", e), c = await this.fetchWithTimeout(e, { method: "POST", headers: o, body: t, timeoutInSeconds: r, credentials: n });
1098
- } catch (u) {
1099
- throw i.error("Network error"), u;
1100
- }
1101
- i.debug("HTTP response received, status", c.status);
1102
- const l = c.headers.get("Content-Type");
1103
- if (l && !this._contentTypes.find((u) => l.startsWith(u)))
1104
- throw new Error(`Invalid response Content-Type: ${l ?? "undefined"}, from URL: ${e}`);
1105
- const h = await c.text();
1106
- let g = {};
1107
- if (h)
1108
- try {
1109
- g = JSON.parse(h);
1110
- } catch (u) {
1111
- throw i.error("Error parsing JSON response", u), c.ok ? u : new Error(`${c.statusText} (${c.status})`);
1112
- }
1113
- if (!c.ok)
1114
- throw i.error("Error from server:", g), g.error ? new j(g, t) : new Error(`${c.statusText} (${c.status}): ${JSON.stringify(g)}`);
1115
- return g;
1116
- }
1117
- }, ze = class {
1118
- constructor(e) {
1119
- this._settings = e, this._logger = new f("MetadataService"), this._jsonService = new ne(["application/jwk-set+json"]), this._signingKeys = null, this._metadata = null, this._metadataUrl = this._settings.metadataUrl, this._settings.signingKeys && (this._logger.debug("using signingKeys from settings"), this._signingKeys = this._settings.signingKeys), this._settings.metadata && (this._logger.debug("using metadata from settings"), this._metadata = this._settings.metadata), this._settings.fetchRequestCredentials && (this._logger.debug("using fetchRequestCredentials from settings"), this._fetchRequestCredentials = this._settings.fetchRequestCredentials);
1120
- }
1121
- resetSigningKeys() {
1122
- this._signingKeys = null;
1123
- }
1124
- async getMetadata() {
1125
- const e = this._logger.create("getMetadata");
1126
- if (this._metadata)
1127
- return e.debug("using cached values"), this._metadata;
1128
- if (!this._metadataUrl)
1129
- throw e.throw(new Error("No authority or metadataUrl configured on settings")), null;
1130
- e.debug("getting metadata from", this._metadataUrl);
1131
- const t = await this._jsonService.getJson(this._metadataUrl, { credentials: this._fetchRequestCredentials });
1132
- return e.debug("merging remote JSON with seed metadata"), this._metadata = Object.assign({}, this._settings.metadataSeed, t), this._metadata;
1133
- }
1134
- getIssuer() {
1135
- return this._getMetadataProperty("issuer");
1136
- }
1137
- getAuthorizationEndpoint() {
1138
- return this._getMetadataProperty("authorization_endpoint");
1139
- }
1140
- getUserInfoEndpoint() {
1141
- return this._getMetadataProperty("userinfo_endpoint");
1142
- }
1143
- getTokenEndpoint(e = !0) {
1144
- return this._getMetadataProperty("token_endpoint", e);
1145
- }
1146
- getCheckSessionIframe() {
1147
- return this._getMetadataProperty("check_session_iframe", !0);
1148
- }
1149
- getEndSessionEndpoint() {
1150
- return this._getMetadataProperty("end_session_endpoint", !0);
1151
- }
1152
- getRevocationEndpoint(e = !0) {
1153
- return this._getMetadataProperty("revocation_endpoint", e);
1154
- }
1155
- getKeysEndpoint(e = !0) {
1156
- return this._getMetadataProperty("jwks_uri", e);
1157
- }
1158
- async _getMetadataProperty(e, t = !1) {
1159
- const s = this._logger.create(`_getMetadataProperty('${e}')`), r = await this.getMetadata();
1160
- if (s.debug("resolved"), r[e] === void 0) {
1161
- if (t === !0) {
1162
- s.warn("Metadata does not contain optional property");
1163
- return;
1164
- }
1165
- s.throw(new Error("Metadata does not contain property " + e));
1166
- }
1167
- return r[e];
1168
- }
1169
- async getSigningKeys() {
1170
- const e = this._logger.create("getSigningKeys");
1171
- if (this._signingKeys)
1172
- return e.debug("returning signingKeys from cache"), this._signingKeys;
1173
- const t = await this.getKeysEndpoint(!1);
1174
- e.debug("got jwks_uri", t);
1175
- const s = await this._jsonService.getJson(t);
1176
- if (e.debug("got key set", s), !Array.isArray(s.keys))
1177
- throw e.throw(new Error("Missing keys on keyset")), null;
1178
- return this._signingKeys = s.keys, this._signingKeys;
1179
- }
1180
- }, me = class {
1181
- constructor({
1182
- prefix: e = "oidc.",
1183
- store: t = localStorage
1184
- } = {}) {
1185
- this._logger = new f("WebStorageStateStore"), this._store = t, this._prefix = e;
1186
- }
1187
- async set(e, t) {
1188
- this._logger.create(`set('${e}')`), e = this._prefix + e, await this._store.setItem(e, t);
1189
- }
1190
- async get(e) {
1191
- return this._logger.create(`get('${e}')`), e = this._prefix + e, await this._store.getItem(e);
1192
- }
1193
- async remove(e) {
1194
- this._logger.create(`remove('${e}')`), e = this._prefix + e;
1195
- const t = await this._store.getItem(e);
1196
- return await this._store.removeItem(e), t;
1197
- }
1198
- async getAllKeys() {
1199
- this._logger.create("getAllKeys");
1200
- const e = await this._store.length, t = [];
1201
- for (let s = 0; s < e; s++) {
1202
- const r = await this._store.key(s);
1203
- r && r.indexOf(this._prefix) === 0 && t.push(r.substr(this._prefix.length));
1204
- }
1205
- return t;
1206
- }
1207
- }, De = "code", Je = "openid", Ke = "client_secret_post", Ve = "query", Ge = 60 * 15, Qe = 60 * 5, ve = class {
1208
- constructor({
1209
- // metadata related
1210
- authority: e,
1211
- metadataUrl: t,
1212
- metadata: s,
1213
- signingKeys: r,
1214
- metadataSeed: n,
1215
- // client related
1216
- client_id: i,
1217
- client_secret: o,
1218
- response_type: c = De,
1219
- scope: l = Je,
1220
- redirect_uri: h,
1221
- post_logout_redirect_uri: g,
1222
- client_authentication: u = Ke,
1223
- // optional protocol
1224
- prompt: S,
1225
- display: w,
1226
- max_age: k,
1227
- ui_locales: _,
1228
- acr_values: v,
1229
- resource: y,
1230
- response_mode: a = Ve,
1231
- // behavior flags
1232
- filterProtocolClaims: d = !0,
1233
- loadUserInfo: p = !1,
1234
- staleStateAgeInSeconds: m = Ge,
1235
- clockSkewInSeconds: b = Qe,
1236
- userInfoJwtIssuer: E = "OP",
1237
- mergeClaims: C = !1,
1238
- disablePKCE: x = !1,
1239
- // other behavior
1240
- stateStore: P,
1241
- refreshTokenCredentials: I,
1242
- revokeTokenAdditionalContentTypes: q,
1243
- fetchRequestCredentials: W,
1244
- refreshTokenAllowedScope: K,
1245
- // extra query params
1246
- extraQueryParams: V = {},
1247
- extraTokenParams: G = {}
1248
- }) {
1249
- if (this.authority = e, t ? this.metadataUrl = t : (this.metadataUrl = e, e && (this.metadataUrl.endsWith("/") || (this.metadataUrl += "/"), this.metadataUrl += ".well-known/openid-configuration")), this.metadata = s, this.metadataSeed = n, this.signingKeys = r, this.client_id = i, this.client_secret = o, this.response_type = c, this.scope = l, this.redirect_uri = h, this.post_logout_redirect_uri = g, this.client_authentication = u, this.prompt = S, this.display = w, this.max_age = k, this.ui_locales = _, this.acr_values = v, this.resource = y, this.response_mode = a, this.filterProtocolClaims = d ?? !0, this.loadUserInfo = !!p, this.staleStateAgeInSeconds = m, this.clockSkewInSeconds = b, this.userInfoJwtIssuer = E, this.mergeClaims = !!C, this.disablePKCE = !!x, this.revokeTokenAdditionalContentTypes = q, W && I && console.warn("Both fetchRequestCredentials and refreshTokenCredentials is set. Only fetchRequestCredentials will be used."), this.fetchRequestCredentials = W || I || "same-origin", P)
1250
- this.stateStore = P;
1251
- else {
1252
- const L = typeof window < "u" ? window.localStorage : new we();
1253
- this.stateStore = new me({ store: L });
1254
- }
1255
- this.refreshTokenAllowedScope = K, this.extraQueryParams = V, this.extraTokenParams = G;
1256
- }
1257
- }, Xe = class {
1258
- constructor(e, t) {
1259
- this._settings = e, this._metadataService = t, this._logger = new f("UserInfoService"), this._getClaimsFromJwt = async (s) => {
1260
- const r = this._logger.create("_getClaimsFromJwt");
1261
- try {
1262
- const n = ee.decode(s);
1263
- return r.debug("JWT decoding successful"), n;
1264
- } catch (n) {
1265
- throw r.error("Error parsing JWT response"), n;
1266
- }
1267
- }, this._jsonService = new ne(void 0, this._getClaimsFromJwt);
1268
- }
1269
- async getClaims(e) {
1270
- const t = this._logger.create("getClaims");
1271
- e || this._logger.throw(new Error("No token passed"));
1272
- const s = await this._metadataService.getUserInfoEndpoint();
1273
- t.debug("got userinfo url", s);
1274
- const r = await this._jsonService.getJson(s, {
1275
- token: e,
1276
- credentials: this._settings.fetchRequestCredentials
1277
- });
1278
- return t.debug("got claims", r), r;
1279
- }
1280
- }, Se = class {
1281
- constructor(e, t) {
1282
- this._settings = e, this._metadataService = t, this._logger = new f("TokenClient"), this._jsonService = new ne(this._settings.revokeTokenAdditionalContentTypes);
1283
- }
1284
- async exchangeCode({
1285
- grant_type: e = "authorization_code",
1286
- redirect_uri: t = this._settings.redirect_uri,
1287
- client_id: s = this._settings.client_id,
1288
- client_secret: r = this._settings.client_secret,
1289
- ...n
1290
- }) {
1291
- const i = this._logger.create("exchangeCode");
1292
- s || i.throw(new Error("A client_id is required")), t || i.throw(new Error("A redirect_uri is required")), n.code || i.throw(new Error("A code is required"));
1293
- const o = new URLSearchParams({ grant_type: e, redirect_uri: t });
1294
- for (const [g, u] of Object.entries(n))
1295
- u != null && o.set(g, u);
1296
- let c;
1297
- switch (this._settings.client_authentication) {
1298
- case "client_secret_basic":
1299
- if (!r)
1300
- throw i.throw(new Error("A client_secret is required")), null;
1301
- c = A.generateBasicAuth(s, r);
1302
- break;
1303
- case "client_secret_post":
1304
- o.append("client_id", s), r && o.append("client_secret", r);
1305
- break;
1306
- }
1307
- const l = await this._metadataService.getTokenEndpoint(!1);
1308
- i.debug("got token endpoint");
1309
- const h = await this._jsonService.postForm(l, { body: o, basicAuth: c, initCredentials: this._settings.fetchRequestCredentials });
1310
- return i.debug("got response"), h;
1311
- }
1312
- async exchangeCredentials({
1313
- grant_type: e = "password",
1314
- client_id: t = this._settings.client_id,
1315
- client_secret: s = this._settings.client_secret,
1316
- scope: r = this._settings.scope,
1317
- ...n
1318
- }) {
1319
- const i = this._logger.create("exchangeCredentials");
1320
- t || i.throw(new Error("A client_id is required"));
1321
- const o = new URLSearchParams({ grant_type: e, scope: r });
1322
- for (const [g, u] of Object.entries(n))
1323
- u != null && o.set(g, u);
1324
- let c;
1325
- switch (this._settings.client_authentication) {
1326
- case "client_secret_basic":
1327
- if (!s)
1328
- throw i.throw(new Error("A client_secret is required")), null;
1329
- c = A.generateBasicAuth(t, s);
1330
- break;
1331
- case "client_secret_post":
1332
- o.append("client_id", t), s && o.append("client_secret", s);
1333
- break;
1334
- }
1335
- const l = await this._metadataService.getTokenEndpoint(!1);
1336
- i.debug("got token endpoint");
1337
- const h = await this._jsonService.postForm(l, { body: o, basicAuth: c, initCredentials: this._settings.fetchRequestCredentials });
1338
- return i.debug("got response"), h;
1339
- }
1340
- async exchangeRefreshToken({
1341
- grant_type: e = "refresh_token",
1342
- client_id: t = this._settings.client_id,
1343
- client_secret: s = this._settings.client_secret,
1344
- timeoutInSeconds: r,
1345
- ...n
1346
- }) {
1347
- const i = this._logger.create("exchangeRefreshToken");
1348
- t || i.throw(new Error("A client_id is required")), n.refresh_token || i.throw(new Error("A refresh_token is required"));
1349
- const o = new URLSearchParams({ grant_type: e });
1350
- for (const [g, u] of Object.entries(n))
1351
- u != null && o.set(g, u);
1352
- let c;
1353
- switch (this._settings.client_authentication) {
1354
- case "client_secret_basic":
1355
- if (!s)
1356
- throw i.throw(new Error("A client_secret is required")), null;
1357
- c = A.generateBasicAuth(t, s);
1358
- break;
1359
- case "client_secret_post":
1360
- o.append("client_id", t), s && o.append("client_secret", s);
1361
- break;
1362
- }
1363
- const l = await this._metadataService.getTokenEndpoint(!1);
1364
- i.debug("got token endpoint");
1365
- const h = await this._jsonService.postForm(l, { body: o, basicAuth: c, timeoutInSeconds: r, initCredentials: this._settings.fetchRequestCredentials });
1366
- return i.debug("got response"), h;
1367
- }
1368
- /**
1369
- * Revoke an access or refresh token.
1370
- *
1371
- * @see https://datatracker.ietf.org/doc/html/rfc7009#section-2.1
1372
- */
1373
- async revoke(e) {
1374
- var t;
1375
- const s = this._logger.create("revoke");
1376
- e.token || s.throw(new Error("A token is required"));
1377
- const r = await this._metadataService.getRevocationEndpoint(!1);
1378
- s.debug(`got revocation endpoint, revoking ${(t = e.token_type_hint) != null ? t : "default token type"}`);
1379
- const n = new URLSearchParams();
1380
- for (const [i, o] of Object.entries(e))
1381
- o != null && n.set(i, o);
1382
- n.set("client_id", this._settings.client_id), this._settings.client_secret && n.set("client_secret", this._settings.client_secret), await this._jsonService.postForm(r, { body: n }), s.debug("got response");
1383
- }
1384
- }, Ye = [
1385
- "nbf",
1386
- "jti",
1387
- "auth_time",
1388
- "nonce",
1389
- "acr",
1390
- "amr",
1391
- "azp",
1392
- "at_hash"
1393
- // https://openid.net/specs/openid-connect-core-1_0.html#CodeIDToken
1394
- ], Ze = ["sub", "iss", "aud", "exp", "iat"], et = class {
1395
- constructor(e, t) {
1396
- this._settings = e, this._metadataService = t, this._logger = new f("ResponseValidator"), this._userInfoService = new Xe(this._settings, this._metadataService), this._tokenClient = new Se(this._settings, this._metadataService);
1397
- }
1398
- async validateSigninResponse(e, t) {
1399
- const s = this._logger.create("validateSigninResponse");
1400
- this._processSigninState(e, t), s.debug("state processed"), await this._processCode(e, t), s.debug("code processed"), e.isOpenId && this._validateIdTokenAttributes(e), s.debug("tokens validated"), await this._processClaims(e, t == null ? void 0 : t.skipUserInfo, e.isOpenId), s.debug("claims processed");
1401
- }
1402
- async validateCredentialsResponse(e, t) {
1403
- const s = this._logger.create("validateCredentialsResponse");
1404
- e.isOpenId && this._validateIdTokenAttributes(e), s.debug("tokens validated"), await this._processClaims(e, t, e.isOpenId), s.debug("claims processed");
1405
- }
1406
- async validateRefreshResponse(e, t) {
1407
- var s, r;
1408
- const n = this._logger.create("validateRefreshResponse");
1409
- e.userState = t.data, (s = e.session_state) != null || (e.session_state = t.session_state), (r = e.scope) != null || (e.scope = t.scope), e.isOpenId && e.id_token && (this._validateIdTokenAttributes(e, t.id_token), n.debug("ID Token validated")), e.id_token || (e.id_token = t.id_token, e.profile = t.profile);
1410
- const i = e.isOpenId && !!e.id_token;
1411
- await this._processClaims(e, !1, i), n.debug("claims processed");
1412
- }
1413
- validateSignoutResponse(e, t) {
1414
- const s = this._logger.create("validateSignoutResponse");
1415
- if (t.id !== e.state && s.throw(new Error("State does not match")), s.debug("state validated"), e.userState = t.data, e.error)
1416
- throw s.warn("Response was error", e.error), new j(e);
1417
- }
1418
- _processSigninState(e, t) {
1419
- var s;
1420
- const r = this._logger.create("_processSigninState");
1421
- if (t.id !== e.state && r.throw(new Error("State does not match")), t.client_id || r.throw(new Error("No client_id on state")), t.authority || r.throw(new Error("No authority on state")), this._settings.authority !== t.authority && r.throw(new Error("authority mismatch on settings vs. signin state")), this._settings.client_id && this._settings.client_id !== t.client_id && r.throw(new Error("client_id mismatch on settings vs. signin state")), r.debug("state validated"), e.userState = t.data, (s = e.scope) != null || (e.scope = t.scope), e.error)
1422
- throw r.warn("Response was error", e.error), new j(e);
1423
- t.code_verifier && !e.code && r.throw(new Error("Expected code in response"));
1424
- }
1425
- async _processClaims(e, t = !1, s = !0) {
1426
- const r = this._logger.create("_processClaims");
1427
- if (e.profile = this._filterProtocolClaims(e.profile), t || !this._settings.loadUserInfo || !e.access_token) {
1428
- r.debug("not loading user info");
1429
- return;
1430
- }
1431
- r.debug("loading user info");
1432
- const n = await this._userInfoService.getClaims(e.access_token);
1433
- r.debug("user info claims received from user info endpoint"), s && n.sub !== e.profile.sub && r.throw(new Error("subject from UserInfo response does not match subject in ID Token")), e.profile = this._mergeClaims(e.profile, this._filterProtocolClaims(n)), r.debug("user info claims received, updated profile:", e.profile);
1434
- }
1435
- _mergeClaims(e, t) {
1436
- const s = { ...e };
1437
- for (const [r, n] of Object.entries(t))
1438
- for (const i of Array.isArray(n) ? n : [n]) {
1439
- const o = s[r];
1440
- o ? Array.isArray(o) ? o.includes(i) || o.push(i) : s[r] !== i && (typeof i == "object" && this._settings.mergeClaims ? s[r] = this._mergeClaims(o, i) : s[r] = [o, i]) : s[r] = i;
1441
- }
1442
- return s;
1443
- }
1444
- _filterProtocolClaims(e) {
1445
- const t = { ...e };
1446
- if (this._settings.filterProtocolClaims) {
1447
- let s;
1448
- Array.isArray(this._settings.filterProtocolClaims) ? s = this._settings.filterProtocolClaims : s = Ye;
1449
- for (const r of s)
1450
- Ze.includes(r) || delete t[r];
1451
- }
1452
- return t;
1453
- }
1454
- async _processCode(e, t) {
1455
- const s = this._logger.create("_processCode");
1456
- if (e.code) {
1457
- s.debug("Validating code");
1458
- const r = await this._tokenClient.exchangeCode({
1459
- client_id: t.client_id,
1460
- client_secret: t.client_secret,
1461
- code: e.code,
1462
- redirect_uri: t.redirect_uri,
1463
- code_verifier: t.code_verifier,
1464
- ...t.extraTokenParams
1465
- });
1466
- Object.assign(e, r);
1467
- } else
1468
- s.debug("No code to process");
1469
- }
1470
- _validateIdTokenAttributes(e, t) {
1471
- var s;
1472
- const r = this._logger.create("_validateIdTokenAttributes");
1473
- r.debug("decoding ID Token JWT");
1474
- const n = ee.decode((s = e.id_token) != null ? s : "");
1475
- if (n.sub || r.throw(new Error("ID Token is missing a subject claim")), t) {
1476
- const i = ee.decode(t);
1477
- i.sub !== n.sub && r.throw(new Error("sub in id_token does not match current sub")), i.auth_time && i.auth_time !== n.auth_time && r.throw(new Error("auth_time in id_token does not match original auth_time")), i.azp && i.azp !== n.azp && r.throw(new Error("azp in id_token does not match original azp")), !i.azp && n.azp && r.throw(new Error("azp not in id_token, but present in original id_token"));
1478
- }
1479
- e.profile = n;
1480
- }
1481
- }, H = class {
1482
- constructor(e) {
1483
- this.id = e.id || A.generateUUIDv4(), this.data = e.data, e.created && e.created > 0 ? this.created = e.created : this.created = R.getEpochTime(), this.request_type = e.request_type;
1484
- }
1485
- toStorageString() {
1486
- return new f("State").create("toStorageString"), JSON.stringify({
1487
- id: this.id,
1488
- data: this.data,
1489
- created: this.created,
1490
- request_type: this.request_type
1491
- });
1492
- }
1493
- static fromStorageString(e) {
1494
- return f.createStatic("State", "fromStorageString"), new H(JSON.parse(e));
1495
- }
1496
- static async clearStaleState(e, t) {
1497
- const s = f.createStatic("State", "clearStaleState"), r = R.getEpochTime() - t, n = await e.getAllKeys();
1498
- s.debug("got keys", n);
1499
- for (let i = 0; i < n.length; i++) {
1500
- const o = n[i], c = await e.get(o);
1501
- let l = !1;
1502
- if (c)
1503
- try {
1504
- const h = H.fromStorageString(c);
1505
- s.debug("got item from key:", o, h.created), h.created <= r && (l = !0);
1506
- } catch (h) {
1507
- s.error("Error parsing state for key:", o, h), l = !0;
1508
- }
1509
- else
1510
- s.debug("no item in storage for key:", o), l = !0;
1511
- l && (s.debug("removed item for key:", o), e.remove(o));
1512
- }
1513
- }
1514
- }, oe = class extends H {
1515
- constructor(e) {
1516
- super(e), e.code_verifier === !0 ? this.code_verifier = A.generateCodeVerifier() : e.code_verifier && (this.code_verifier = e.code_verifier), this.code_verifier && (this.code_challenge = A.generateCodeChallenge(this.code_verifier)), this.authority = e.authority, this.client_id = e.client_id, this.redirect_uri = e.redirect_uri, this.scope = e.scope, this.client_secret = e.client_secret, this.extraTokenParams = e.extraTokenParams, this.response_mode = e.response_mode, this.skipUserInfo = e.skipUserInfo;
1517
- }
1518
- toStorageString() {
1519
- return new f("SigninState").create("toStorageString"), JSON.stringify({
1520
- id: this.id,
1521
- data: this.data,
1522
- created: this.created,
1523
- request_type: this.request_type,
1524
- code_verifier: this.code_verifier,
1525
- authority: this.authority,
1526
- client_id: this.client_id,
1527
- redirect_uri: this.redirect_uri,
1528
- scope: this.scope,
1529
- client_secret: this.client_secret,
1530
- extraTokenParams: this.extraTokenParams,
1531
- response_mode: this.response_mode,
1532
- skipUserInfo: this.skipUserInfo
1533
- });
1534
- }
1535
- static fromStorageString(e) {
1536
- f.createStatic("SigninState", "fromStorageString");
1537
- const t = JSON.parse(e);
1538
- return new oe(t);
1539
- }
1540
- }, tt = class {
1541
- constructor({
1542
- // mandatory
1543
- url: e,
1544
- authority: t,
1545
- client_id: s,
1546
- redirect_uri: r,
1547
- response_type: n,
1548
- scope: i,
1549
- // optional
1550
- state_data: o,
1551
- response_mode: c,
1552
- request_type: l,
1553
- client_secret: h,
1554
- nonce: g,
1555
- resource: u,
1556
- skipUserInfo: S,
1557
- extraQueryParams: w,
1558
- extraTokenParams: k,
1559
- disablePKCE: _,
1560
- ...v
1561
- }) {
1562
- if (this._logger = new f("SigninRequest"), !e)
1563
- throw this._logger.error("ctor: No url passed"), new Error("url");
1564
- if (!s)
1565
- throw this._logger.error("ctor: No client_id passed"), new Error("client_id");
1566
- if (!r)
1567
- throw this._logger.error("ctor: No redirect_uri passed"), new Error("redirect_uri");
1568
- if (!n)
1569
- throw this._logger.error("ctor: No response_type passed"), new Error("response_type");
1570
- if (!i)
1571
- throw this._logger.error("ctor: No scope passed"), new Error("scope");
1572
- if (!t)
1573
- throw this._logger.error("ctor: No authority passed"), new Error("authority");
1574
- this.state = new oe({
1575
- data: o,
1576
- request_type: l,
1577
- code_verifier: !_,
1578
- client_id: s,
1579
- authority: t,
1580
- redirect_uri: r,
1581
- response_mode: c,
1582
- client_secret: h,
1583
- scope: i,
1584
- extraTokenParams: k,
1585
- skipUserInfo: S
1586
- });
1587
- const y = new URL(e);
1588
- y.searchParams.append("client_id", s), y.searchParams.append("redirect_uri", r), y.searchParams.append("response_type", n), y.searchParams.append("scope", i), g && y.searchParams.append("nonce", g), y.searchParams.append("state", this.state.id), this.state.code_challenge && (y.searchParams.append("code_challenge", this.state.code_challenge), y.searchParams.append("code_challenge_method", "S256")), u && (Array.isArray(u) ? u : [u]).forEach((d) => y.searchParams.append("resource", d));
1589
- for (const [a, d] of Object.entries({ response_mode: c, ...v, ...w }))
1590
- d != null && y.searchParams.append(a, d.toString());
1591
- this.url = y.href;
1592
- }
1593
- }, st = "openid", Q = class {
1594
- constructor(e) {
1595
- this.access_token = "", this.token_type = "", this.profile = {}, this.state = e.get("state"), this.session_state = e.get("session_state"), this.error = e.get("error"), this.error_description = e.get("error_description"), this.error_uri = e.get("error_uri"), this.code = e.get("code");
1596
- }
1597
- get expires_in() {
1598
- if (this.expires_at !== void 0)
1599
- return this.expires_at - R.getEpochTime();
1600
- }
1601
- set expires_in(e) {
1602
- typeof e == "string" && (e = Number(e)), e !== void 0 && e >= 0 && (this.expires_at = Math.floor(e) + R.getEpochTime());
1603
- }
1604
- get isOpenId() {
1605
- var e;
1606
- return ((e = this.scope) == null ? void 0 : e.split(" ").includes(st)) || !!this.id_token;
1607
- }
1608
- }, rt = class {
1609
- constructor({
1610
- url: e,
1611
- state_data: t,
1612
- id_token_hint: s,
1613
- post_logout_redirect_uri: r,
1614
- extraQueryParams: n,
1615
- request_type: i
1616
- }) {
1617
- if (this._logger = new f("SignoutRequest"), !e)
1618
- throw this._logger.error("ctor: No url passed"), new Error("url");
1619
- const o = new URL(e);
1620
- s && o.searchParams.append("id_token_hint", s), r && (o.searchParams.append("post_logout_redirect_uri", r), t && (this.state = new H({ data: t, request_type: i }), o.searchParams.append("state", this.state.id)));
1621
- for (const [c, l] of Object.entries({ ...n }))
1622
- l != null && o.searchParams.append(c, l.toString());
1623
- this.url = o.href;
1624
- }
1625
- }, it = class {
1626
- constructor(e) {
1627
- this.state = e.get("state"), this.error = e.get("error"), this.error_description = e.get("error_description"), this.error_uri = e.get("error_uri");
1628
- }
1629
- }, nt = class {
1630
- constructor(e) {
1631
- this._logger = new f("OidcClient"), this.settings = new ve(e), this.metadataService = new ze(this.settings), this._validator = new et(this.settings, this.metadataService), this._tokenClient = new Se(this.settings, this.metadataService);
1632
- }
1633
- async createSigninRequest({
1634
- state: e,
1635
- request: t,
1636
- request_uri: s,
1637
- request_type: r,
1638
- id_token_hint: n,
1639
- login_hint: i,
1640
- skipUserInfo: o,
1641
- nonce: c,
1642
- response_type: l = this.settings.response_type,
1643
- scope: h = this.settings.scope,
1644
- redirect_uri: g = this.settings.redirect_uri,
1645
- prompt: u = this.settings.prompt,
1646
- display: S = this.settings.display,
1647
- max_age: w = this.settings.max_age,
1648
- ui_locales: k = this.settings.ui_locales,
1649
- acr_values: _ = this.settings.acr_values,
1650
- resource: v = this.settings.resource,
1651
- response_mode: y = this.settings.response_mode,
1652
- extraQueryParams: a = this.settings.extraQueryParams,
1653
- extraTokenParams: d = this.settings.extraTokenParams
1654
- }) {
1655
- const p = this._logger.create("createSigninRequest");
1656
- if (l !== "code")
1657
- throw new Error("Only the Authorization Code flow (with PKCE) is supported");
1658
- const m = await this.metadataService.getAuthorizationEndpoint();
1659
- p.debug("Received authorization endpoint", m);
1660
- const b = new tt({
1661
- url: m,
1662
- authority: this.settings.authority,
1663
- client_id: this.settings.client_id,
1664
- redirect_uri: g,
1665
- response_type: l,
1666
- scope: h,
1667
- state_data: e,
1668
- prompt: u,
1669
- display: S,
1670
- max_age: w,
1671
- ui_locales: k,
1672
- id_token_hint: n,
1673
- login_hint: i,
1674
- acr_values: _,
1675
- resource: v,
1676
- request: t,
1677
- request_uri: s,
1678
- extraQueryParams: a,
1679
- extraTokenParams: d,
1680
- request_type: r,
1681
- response_mode: y,
1682
- client_secret: this.settings.client_secret,
1683
- skipUserInfo: o,
1684
- nonce: c,
1685
- disablePKCE: this.settings.disablePKCE
1686
- });
1687
- await this.clearStaleState();
1688
- const E = b.state;
1689
- return await this.settings.stateStore.set(E.id, E.toStorageString()), b;
1690
- }
1691
- async readSigninResponseState(e, t = !1) {
1692
- const s = this._logger.create("readSigninResponseState"), r = new Q(te.readParams(e, this.settings.response_mode));
1693
- if (!r.state)
1694
- throw s.throw(new Error("No state in response")), null;
1695
- const n = await this.settings.stateStore[t ? "remove" : "get"](r.state);
1696
- if (!n)
1697
- throw s.throw(new Error("No matching state found in storage")), null;
1698
- return { state: oe.fromStorageString(n), response: r };
1699
- }
1700
- async processSigninResponse(e) {
1701
- const t = this._logger.create("processSigninResponse"), { state: s, response: r } = await this.readSigninResponseState(e, !0);
1702
- return t.debug("received state from storage; validating response"), await this._validator.validateSigninResponse(r, s), r;
1703
- }
1704
- async processResourceOwnerPasswordCredentials({
1705
- username: e,
1706
- password: t,
1707
- skipUserInfo: s = !1,
1708
- extraTokenParams: r = {}
1709
- }) {
1710
- const n = await this._tokenClient.exchangeCredentials({ username: e, password: t, ...r }), i = new Q(new URLSearchParams());
1711
- return Object.assign(i, n), await this._validator.validateCredentialsResponse(i, s), i;
1712
- }
1713
- async useRefreshToken({
1714
- state: e,
1715
- timeoutInSeconds: t
1716
- }) {
1717
- var s;
1718
- const r = this._logger.create("useRefreshToken");
1719
- let n;
1720
- if (this.settings.refreshTokenAllowedScope === void 0)
1721
- n = e.scope;
1722
- else {
1723
- const c = this.settings.refreshTokenAllowedScope.split(" ");
1724
- n = (((s = e.scope) == null ? void 0 : s.split(" ")) || []).filter((h) => c.includes(h)).join(" ");
1725
- }
1726
- const i = await this._tokenClient.exchangeRefreshToken({
1727
- refresh_token: e.refresh_token,
1728
- // provide the (possible filtered) scope list
1729
- scope: n,
1730
- timeoutInSeconds: t
1731
- }), o = new Q(new URLSearchParams());
1732
- return Object.assign(o, i), r.debug("validating response", o), await this._validator.validateRefreshResponse(o, {
1733
- ...e,
1734
- // overide the scope in the state handed over to the validator
1735
- // so it can set the granted scope to the requested scope in case none is included in the response
1736
- scope: n
1737
- }), o;
1738
- }
1739
- async createSignoutRequest({
1740
- state: e,
1741
- id_token_hint: t,
1742
- request_type: s,
1743
- post_logout_redirect_uri: r = this.settings.post_logout_redirect_uri,
1744
- extraQueryParams: n = this.settings.extraQueryParams
1745
- } = {}) {
1746
- const i = this._logger.create("createSignoutRequest"), o = await this.metadataService.getEndSessionEndpoint();
1747
- if (!o)
1748
- throw i.throw(new Error("No end session endpoint")), null;
1749
- i.debug("Received end session endpoint", o);
1750
- const c = new rt({
1751
- url: o,
1752
- id_token_hint: t,
1753
- post_logout_redirect_uri: r,
1754
- state_data: e,
1755
- extraQueryParams: n,
1756
- request_type: s
1757
- });
1758
- await this.clearStaleState();
1759
- const l = c.state;
1760
- return l && (i.debug("Signout request has state to persist"), await this.settings.stateStore.set(l.id, l.toStorageString())), c;
1761
- }
1762
- async readSignoutResponseState(e, t = !1) {
1763
- const s = this._logger.create("readSignoutResponseState"), r = new it(te.readParams(e, this.settings.response_mode));
1764
- if (!r.state) {
1765
- if (s.debug("No state in response"), r.error)
1766
- throw s.warn("Response was error:", r.error), new j(r);
1767
- return { state: void 0, response: r };
1768
- }
1769
- const n = await this.settings.stateStore[t ? "remove" : "get"](r.state);
1770
- if (!n)
1771
- throw s.throw(new Error("No matching state found in storage")), null;
1772
- return { state: H.fromStorageString(n), response: r };
1773
- }
1774
- async processSignoutResponse(e) {
1775
- const t = this._logger.create("processSignoutResponse"), { state: s, response: r } = await this.readSignoutResponseState(e, !0);
1776
- return s ? (t.debug("Received state from storage; validating response"), this._validator.validateSignoutResponse(r, s)) : t.debug("No state from storage; skipping response validation"), r;
1777
- }
1778
- clearStaleState() {
1779
- return this._logger.create("clearStaleState"), H.clearStaleState(this.settings.stateStore, this.settings.staleStateAgeInSeconds);
1780
- }
1781
- async revokeToken(e, t) {
1782
- return this._logger.create("revokeToken"), await this._tokenClient.revoke({
1783
- token: e,
1784
- token_type_hint: t
1785
- });
1786
- }
1787
- }, ot = class {
1788
- constructor(e) {
1789
- this._userManager = e, this._logger = new f("SessionMonitor"), this._start = async (t) => {
1790
- const s = t.session_state;
1791
- if (!s)
1792
- return;
1793
- const r = this._logger.create("_start");
1794
- if (t.profile ? (this._sub = t.profile.sub, this._sid = t.profile.sid, r.debug("session_state", s, ", sub", this._sub)) : (this._sub = void 0, this._sid = void 0, r.debug("session_state", s, ", anonymous user")), this._checkSessionIFrame) {
1795
- this._checkSessionIFrame.start(s);
1796
- return;
1797
- }
1798
- try {
1799
- const n = await this._userManager.metadataService.getCheckSessionIframe();
1800
- if (n) {
1801
- r.debug("initializing check session iframe");
1802
- const i = this._userManager.settings.client_id, o = this._userManager.settings.checkSessionIntervalInSeconds, c = this._userManager.settings.stopCheckSessionOnError, l = new $e(this._callback, i, n, o, c);
1803
- await l.load(), this._checkSessionIFrame = l, l.start(s);
1804
- } else
1805
- r.warn("no check session iframe found in the metadata");
1806
- } catch (n) {
1807
- r.error("Error from getCheckSessionIframe:", n instanceof Error ? n.message : n);
1808
- }
1809
- }, this._stop = () => {
1810
- const t = this._logger.create("_stop");
1811
- if (this._sub = void 0, this._sid = void 0, this._checkSessionIFrame && this._checkSessionIFrame.stop(), this._userManager.settings.monitorAnonymousSession) {
1812
- const s = setInterval(async () => {
1813
- clearInterval(s);
1814
- try {
1815
- const r = await this._userManager.querySessionStatus();
1816
- if (r) {
1817
- const n = {
1818
- session_state: r.session_state,
1819
- profile: r.sub && r.sid ? {
1820
- sub: r.sub,
1821
- sid: r.sid
1822
- } : null
1823
- };
1824
- this._start(n);
1825
- }
1826
- } catch (r) {
1827
- t.error("error from querySessionStatus", r instanceof Error ? r.message : r);
1828
- }
1829
- }, 1e3);
1830
- }
1831
- }, this._callback = async () => {
1832
- const t = this._logger.create("_callback");
1833
- try {
1834
- const s = await this._userManager.querySessionStatus();
1835
- let r = !0;
1836
- s && this._checkSessionIFrame ? s.sub === this._sub ? (r = !1, this._checkSessionIFrame.start(s.session_state), s.sid === this._sid ? t.debug("same sub still logged in at OP, restarting check session iframe; session_state", s.session_state) : (t.debug("same sub still logged in at OP, session state has changed, restarting check session iframe; session_state", s.session_state), this._userManager.events._raiseUserSessionChanged())) : t.debug("different subject signed into OP", s.sub) : t.debug("subject no longer signed into OP"), r ? this._sub ? this._userManager.events._raiseUserSignedOut() : this._userManager.events._raiseUserSignedIn() : t.debug("no change in session detected, no event to raise");
1837
- } catch (s) {
1838
- this._sub && (t.debug("Error calling queryCurrentSigninSession; raising signed out event", s), this._userManager.events._raiseUserSignedOut());
1839
- }
1840
- }, e || this._logger.throw(new Error("No user manager passed")), this._userManager.events.addUserLoaded(this._start), this._userManager.events.addUserUnloaded(this._stop), this._init().catch((t) => {
1841
- this._logger.error(t);
1842
- });
1843
- }
1844
- async _init() {
1845
- this._logger.create("_init");
1846
- const e = await this._userManager.getUser();
1847
- if (e)
1848
- this._start(e);
1849
- else if (this._userManager.settings.monitorAnonymousSession) {
1850
- const t = await this._userManager.querySessionStatus();
1851
- if (t) {
1852
- const s = {
1853
- session_state: t.session_state,
1854
- profile: t.sub && t.sid ? {
1855
- sub: t.sub,
1856
- sid: t.sid
1857
- } : null
1858
- };
1859
- this._start(s);
1860
- }
1861
- }
1862
- }
1863
- }, F = class {
1864
- constructor(e) {
1865
- var t;
1866
- this.id_token = e.id_token, this.session_state = (t = e.session_state) != null ? t : null, this.access_token = e.access_token, this.refresh_token = e.refresh_token, this.token_type = e.token_type, this.scope = e.scope, this.profile = e.profile, this.expires_at = e.expires_at, this.state = e.userState;
1867
- }
1868
- /** Computed number of seconds the access token has remaining. */
1869
- get expires_in() {
1870
- if (this.expires_at !== void 0)
1871
- return this.expires_at - R.getEpochTime();
1872
- }
1873
- set expires_in(e) {
1874
- e !== void 0 && (this.expires_at = Math.floor(e) + R.getEpochTime());
1875
- }
1876
- /** Computed value indicating if the access token is expired. */
1877
- get expired() {
1878
- const e = this.expires_in;
1879
- if (e !== void 0)
1880
- return e <= 0;
1881
- }
1882
- /** Array representing the parsed values from the `scope`. */
1883
- get scopes() {
1884
- var e, t;
1885
- return (t = (e = this.scope) == null ? void 0 : e.split(" ")) != null ? t : [];
1886
- }
1887
- toStorageString() {
1888
- return new f("User").create("toStorageString"), JSON.stringify({
1889
- id_token: this.id_token,
1890
- session_state: this.session_state,
1891
- access_token: this.access_token,
1892
- refresh_token: this.refresh_token,
1893
- token_type: this.token_type,
1894
- scope: this.scope,
1895
- profile: this.profile,
1896
- expires_at: this.expires_at
1897
- });
1898
- }
1899
- static fromStorageString(e) {
1900
- return f.createStatic("User", "fromStorageString"), new F(JSON.parse(e));
1901
- }
1902
- }, he = "oidc-client", ye = class {
1903
- constructor() {
1904
- this._abort = new O("Window navigation aborted"), this._disposeHandlers = /* @__PURE__ */ new Set(), this._window = null;
1905
- }
1906
- async navigate(e) {
1907
- const t = this._logger.create("navigate");
1908
- if (!this._window)
1909
- throw new Error("Attempted to navigate on a disposed window");
1910
- t.debug("setting URL in window"), this._window.location.replace(e.url);
1911
- const { url: s, keepOpen: r } = await new Promise((n, i) => {
1912
- const o = (c) => {
1913
- var l;
1914
- const h = c.data, g = (l = e.scriptOrigin) != null ? l : window.location.origin;
1915
- if (!(c.origin !== g || (h == null ? void 0 : h.source) !== he)) {
1916
- try {
1917
- const u = te.readParams(h.url, e.response_mode).get("state");
1918
- if (u || t.warn("no state found in response url"), c.source !== this._window && u !== e.state)
1919
- return;
1920
- } catch {
1921
- this._dispose(), i(new Error("Invalid response from window"));
1922
- }
1923
- n(h);
1924
- }
1925
- };
1926
- window.addEventListener("message", o, !1), this._disposeHandlers.add(() => window.removeEventListener("message", o, !1)), this._disposeHandlers.add(this._abort.addHandler((c) => {
1927
- this._dispose(), i(c);
1928
- }));
1929
- });
1930
- return t.debug("got response from window"), this._dispose(), r || this.close(), { url: s };
1931
- }
1932
- _dispose() {
1933
- this._logger.create("_dispose");
1934
- for (const e of this._disposeHandlers)
1935
- e();
1936
- this._disposeHandlers.clear();
1937
- }
1938
- static _notifyParent(e, t, s = !1, r = window.location.origin) {
1939
- e.postMessage({
1940
- source: he,
1941
- url: t,
1942
- keepOpen: s
1943
- }, r);
1944
- }
1945
- }, be = {
1946
- location: !1,
1947
- toolbar: !1,
1948
- height: 640
1949
- }, ke = "_blank", at = 60, ct = 2, Ee = 10, lt = class extends ve {
1950
- constructor(e) {
1951
- const {
1952
- popup_redirect_uri: t = e.redirect_uri,
1953
- popup_post_logout_redirect_uri: s = e.post_logout_redirect_uri,
1954
- popupWindowFeatures: r = be,
1955
- popupWindowTarget: n = ke,
1956
- redirectMethod: i = "assign",
1957
- redirectTarget: o = "self",
1958
- iframeNotifyParentOrigin: c = e.iframeNotifyParentOrigin,
1959
- iframeScriptOrigin: l = e.iframeScriptOrigin,
1960
- silent_redirect_uri: h = e.redirect_uri,
1961
- silentRequestTimeoutInSeconds: g = Ee,
1962
- automaticSilentRenew: u = !0,
1963
- validateSubOnSilentRenew: S = !0,
1964
- includeIdTokenInSilentRenew: w = !1,
1965
- monitorSession: k = !1,
1966
- monitorAnonymousSession: _ = !1,
1967
- checkSessionIntervalInSeconds: v = ct,
1968
- query_status_response_type: y = "code",
1969
- stopCheckSessionOnError: a = !0,
1970
- revokeTokenTypes: d = ["access_token", "refresh_token"],
1971
- revokeTokensOnSignout: p = !1,
1972
- includeIdTokenInSilentSignout: m = !1,
1973
- accessTokenExpiringNotificationTimeInSeconds: b = at,
1974
- userStore: E
1975
- } = e;
1976
- if (super(e), this.popup_redirect_uri = t, this.popup_post_logout_redirect_uri = s, this.popupWindowFeatures = r, this.popupWindowTarget = n, this.redirectMethod = i, this.redirectTarget = o, this.iframeNotifyParentOrigin = c, this.iframeScriptOrigin = l, this.silent_redirect_uri = h, this.silentRequestTimeoutInSeconds = g, this.automaticSilentRenew = u, this.validateSubOnSilentRenew = S, this.includeIdTokenInSilentRenew = w, this.monitorSession = k, this.monitorAnonymousSession = _, this.checkSessionIntervalInSeconds = v, this.stopCheckSessionOnError = a, this.query_status_response_type = y, this.revokeTokenTypes = d, this.revokeTokensOnSignout = p, this.includeIdTokenInSilentSignout = m, this.accessTokenExpiringNotificationTimeInSeconds = b, E)
1977
- this.userStore = E;
1978
- else {
1979
- const C = typeof window < "u" ? window.sessionStorage : new we();
1980
- this.userStore = new me({ store: C });
1981
- }
1982
- }
1983
- }, se = class extends ye {
1984
- constructor({
1985
- silentRequestTimeoutInSeconds: e = Ee
1986
- }) {
1987
- super(), this._logger = new f("IFrameWindow"), this._timeoutInSeconds = e, this._frame = se.createHiddenIframe(), this._window = this._frame.contentWindow;
1988
- }
1989
- static createHiddenIframe() {
1990
- const e = window.document.createElement("iframe");
1991
- return e.style.visibility = "hidden", e.style.position = "fixed", e.style.left = "-1000px", e.style.top = "0", e.width = "0", e.height = "0", e.setAttribute("sandbox", "allow-scripts allow-same-origin allow-forms"), window.document.body.appendChild(e), e;
1992
- }
1993
- async navigate(e) {
1994
- this._logger.debug("navigate: Using timeout of:", this._timeoutInSeconds);
1995
- const t = setTimeout(() => this._abort.raise(new ie("IFrame timed out without a response")), this._timeoutInSeconds * 1e3);
1996
- return this._disposeHandlers.add(() => clearTimeout(t)), await super.navigate(e);
1997
- }
1998
- close() {
1999
- var e;
2000
- this._frame && (this._frame.parentNode && (this._frame.addEventListener("load", (t) => {
2001
- var s;
2002
- const r = t.target;
2003
- (s = r.parentNode) == null || s.removeChild(r), this._abort.raise(new Error("IFrame removed from DOM"));
2004
- }, !0), (e = this._frame.contentWindow) == null || e.location.replace("about:blank")), this._frame = null), this._window = null;
2005
- }
2006
- static notifyParent(e, t) {
2007
- return super._notifyParent(window.parent, e, !1, t);
2008
- }
2009
- }, dt = class {
2010
- constructor(e) {
2011
- this._settings = e, this._logger = new f("IFrameNavigator");
2012
- }
2013
- async prepare({
2014
- silentRequestTimeoutInSeconds: e = this._settings.silentRequestTimeoutInSeconds
2015
- }) {
2016
- return new se({ silentRequestTimeoutInSeconds: e });
2017
- }
2018
- async callback(e) {
2019
- this._logger.create("callback"), se.notifyParent(e, this._settings.iframeNotifyParentOrigin);
2020
- }
2021
- }, ht = 500, ue = class extends ye {
2022
- constructor({
2023
- popupWindowTarget: e = ke,
2024
- popupWindowFeatures: t = {}
2025
- }) {
2026
- super(), this._logger = new f("PopupWindow");
2027
- const s = de.center({ ...be, ...t });
2028
- this._window = window.open(void 0, e, de.serialize(s));
2029
- }
2030
- async navigate(e) {
2031
- var t;
2032
- (t = this._window) == null || t.focus();
2033
- const s = setInterval(() => {
2034
- (!this._window || this._window.closed) && this._abort.raise(new Error("Popup closed by user"));
2035
- }, ht);
2036
- return this._disposeHandlers.add(() => clearInterval(s)), await super.navigate(e);
2037
- }
2038
- close() {
2039
- this._window && (this._window.closed || (this._window.close(), this._abort.raise(new Error("Popup closed")))), this._window = null;
2040
- }
2041
- static notifyOpener(e, t) {
2042
- if (!window.opener)
2043
- throw new Error("No window.opener. Can't complete notification.");
2044
- return super._notifyParent(window.opener, e, t);
2045
- }
2046
- }, ut = class {
2047
- constructor(e) {
2048
- this._settings = e, this._logger = new f("PopupNavigator");
2049
- }
2050
- async prepare({
2051
- popupWindowFeatures: e = this._settings.popupWindowFeatures,
2052
- popupWindowTarget: t = this._settings.popupWindowTarget
2053
- }) {
2054
- return new ue({ popupWindowFeatures: e, popupWindowTarget: t });
2055
- }
2056
- async callback(e, t = !1) {
2057
- this._logger.create("callback"), ue.notifyOpener(e, t);
2058
- }
2059
- }, gt = class {
2060
- constructor(e) {
2061
- this._settings = e, this._logger = new f("RedirectNavigator");
2062
- }
2063
- async prepare({
2064
- redirectMethod: e = this._settings.redirectMethod,
2065
- redirectTarget: t = this._settings.redirectTarget
2066
- }) {
2067
- var s;
2068
- this._logger.create("prepare");
2069
- let r = window.self;
2070
- t === "top" && (r = (s = window.top) != null ? s : window.self);
2071
- const n = r.location[e].bind(r.location);
2072
- let i;
2073
- return {
2074
- navigate: async (o) => {
2075
- this._logger.create("navigate");
2076
- const c = new Promise((l, h) => {
2077
- i = h;
2078
- });
2079
- return n(o.url), await c;
2080
- },
2081
- close: () => {
2082
- this._logger.create("close"), i == null || i(new Error("Redirect aborted")), r.stop();
2083
- }
2084
- };
2085
- }
2086
- }, _t = class extends Fe {
2087
- constructor(e) {
2088
- super({ expiringNotificationTimeInSeconds: e.accessTokenExpiringNotificationTimeInSeconds }), this._logger = new f("UserManagerEvents"), this._userLoaded = new O("User loaded"), this._userUnloaded = new O("User unloaded"), this._silentRenewError = new O("Silent renew error"), this._userSignedIn = new O("User signed in"), this._userSignedOut = new O("User signed out"), this._userSessionChanged = new O("User session changed");
2089
- }
2090
- load(e, t = !0) {
2091
- super.load(e), t && this._userLoaded.raise(e);
2092
- }
2093
- unload() {
2094
- super.unload(), this._userUnloaded.raise();
2095
- }
2096
- /**
2097
- * Add callback: Raised when a user session has been established (or re-established).
2098
- */
2099
- addUserLoaded(e) {
2100
- return this._userLoaded.addHandler(e);
2101
- }
2102
- /**
2103
- * Remove callback: Raised when a user session has been established (or re-established).
2104
- */
2105
- removeUserLoaded(e) {
2106
- return this._userLoaded.removeHandler(e);
2107
- }
2108
- /**
2109
- * Add callback: Raised when a user session has been terminated.
2110
- */
2111
- addUserUnloaded(e) {
2112
- return this._userUnloaded.addHandler(e);
2113
- }
2114
- /**
2115
- * Remove callback: Raised when a user session has been terminated.
2116
- */
2117
- removeUserUnloaded(e) {
2118
- return this._userUnloaded.removeHandler(e);
2119
- }
2120
- /**
2121
- * Add callback: Raised when the automatic silent renew has failed.
2122
- */
2123
- addSilentRenewError(e) {
2124
- return this._silentRenewError.addHandler(e);
2125
- }
2126
- /**
2127
- * Remove callback: Raised when the automatic silent renew has failed.
2128
- */
2129
- removeSilentRenewError(e) {
2130
- return this._silentRenewError.removeHandler(e);
2131
- }
2132
- /**
2133
- * @internal
2134
- */
2135
- _raiseSilentRenewError(e) {
2136
- this._silentRenewError.raise(e);
2137
- }
2138
- /**
2139
- * Add callback: Raised when the user is signed in (when `monitorSession` is set).
2140
- * @see {@link UserManagerSettings.monitorSession}
2141
- */
2142
- addUserSignedIn(e) {
2143
- return this._userSignedIn.addHandler(e);
2144
- }
2145
- /**
2146
- * Remove callback: Raised when the user is signed in (when `monitorSession` is set).
2147
- */
2148
- removeUserSignedIn(e) {
2149
- this._userSignedIn.removeHandler(e);
2150
- }
2151
- /**
2152
- * @internal
2153
- */
2154
- _raiseUserSignedIn() {
2155
- this._userSignedIn.raise();
2156
- }
2157
- /**
2158
- * Add callback: Raised when the user's sign-in status at the OP has changed (when `monitorSession` is set).
2159
- * @see {@link UserManagerSettings.monitorSession}
2160
- */
2161
- addUserSignedOut(e) {
2162
- return this._userSignedOut.addHandler(e);
2163
- }
2164
- /**
2165
- * Remove callback: Raised when the user's sign-in status at the OP has changed (when `monitorSession` is set).
2166
- */
2167
- removeUserSignedOut(e) {
2168
- this._userSignedOut.removeHandler(e);
2169
- }
2170
- /**
2171
- * @internal
2172
- */
2173
- _raiseUserSignedOut() {
2174
- this._userSignedOut.raise();
2175
- }
2176
- /**
2177
- * Add callback: Raised when the user session changed (when `monitorSession` is set).
2178
- * @see {@link UserManagerSettings.monitorSession}
2179
- */
2180
- addUserSessionChanged(e) {
2181
- return this._userSessionChanged.addHandler(e);
2182
- }
2183
- /**
2184
- * Remove callback: Raised when the user session changed (when `monitorSession` is set).
2185
- */
2186
- removeUserSessionChanged(e) {
2187
- this._userSessionChanged.removeHandler(e);
2188
- }
2189
- /**
2190
- * @internal
2191
- */
2192
- _raiseUserSessionChanged() {
2193
- this._userSessionChanged.raise();
2194
- }
2195
- }, pt = class {
2196
- constructor(e) {
2197
- this._userManager = e, this._logger = new f("SilentRenewService"), this._isStarted = !1, this._retryTimer = new R("Retry Silent Renew"), this._tokenExpiring = async () => {
2198
- const t = this._logger.create("_tokenExpiring");
2199
- try {
2200
- await this._userManager.signinSilent(), t.debug("silent token renewal successful");
2201
- } catch (s) {
2202
- if (s instanceof ie) {
2203
- t.warn("ErrorTimeout from signinSilent:", s, "retry in 5s"), this._retryTimer.init(5);
2204
- return;
2205
- }
2206
- t.error("Error from signinSilent:", s), this._userManager.events._raiseSilentRenewError(s);
2207
- }
2208
- };
2209
- }
2210
- async start() {
2211
- const e = this._logger.create("start");
2212
- if (!this._isStarted) {
2213
- this._isStarted = !0, this._userManager.events.addAccessTokenExpiring(this._tokenExpiring), this._retryTimer.addHandler(this._tokenExpiring);
2214
- try {
2215
- await this._userManager.getUser();
2216
- } catch (t) {
2217
- e.error("getUser error", t);
2218
- }
2219
- }
2220
- }
2221
- stop() {
2222
- this._isStarted && (this._retryTimer.cancel(), this._retryTimer.removeHandler(this._tokenExpiring), this._userManager.events.removeAccessTokenExpiring(this._tokenExpiring), this._isStarted = !1);
2223
- }
2224
- }, ft = class {
2225
- constructor(e) {
2226
- this.refresh_token = e.refresh_token, this.id_token = e.id_token, this.session_state = e.session_state, this.scope = e.scope, this.profile = e.profile, this.data = e.state;
2227
- }
2228
- }, Rt = class {
2229
- constructor(e) {
2230
- this._logger = new f("UserManager"), this.settings = new lt(e), this._client = new nt(e), this._redirectNavigator = new gt(this.settings), this._popupNavigator = new ut(this.settings), this._iframeNavigator = new dt(this.settings), this._events = new _t(this.settings), this._silentRenewService = new pt(this), this.settings.automaticSilentRenew && this.startSilentRenew(), this._sessionMonitor = null, this.settings.monitorSession && (this._sessionMonitor = new ot(this));
2231
- }
2232
- /** Returns an object used to register for events raised by the `UserManager`. */
2233
- get events() {
2234
- return this._events;
2235
- }
2236
- /** Returns an object used to access the metadata configuration of the OIDC provider. */
2237
- get metadataService() {
2238
- return this._client.metadataService;
2239
- }
2240
- /**
2241
- * Returns promise to load the `User` object for the currently authenticated user.
2242
- */
2243
- async getUser() {
2244
- const e = this._logger.create("getUser"), t = await this._loadUser();
2245
- return t ? (e.info("user loaded"), this._events.load(t, !1), t) : (e.info("user not found in storage"), null);
2246
- }
2247
- /**
2248
- * Returns promise to remove from any storage the currently authenticated user.
2249
- */
2250
- async removeUser() {
2251
- const e = this._logger.create("removeUser");
2252
- await this.storeUser(null), e.info("user removed from storage"), this._events.unload();
2253
- }
2254
- /**
2255
- * Returns promise to trigger a redirect of the current window to the authorization endpoint.
2256
- */
2257
- async signinRedirect(e = {}) {
2258
- this._logger.create("signinRedirect");
2259
- const {
2260
- redirectMethod: t,
2261
- ...s
2262
- } = e, r = await this._redirectNavigator.prepare({ redirectMethod: t });
2263
- await this._signinStart({
2264
- request_type: "si:r",
2265
- ...s
2266
- }, r);
2267
- }
2268
- /**
2269
- * Returns promise to process response from the authorization endpoint. The result of the promise is the authenticated `User`.
2270
- */
2271
- async signinRedirectCallback(e = window.location.href) {
2272
- const t = this._logger.create("signinRedirectCallback"), s = await this._signinEnd(e);
2273
- return s.profile && s.profile.sub ? t.info("success, signed in subject", s.profile.sub) : t.info("no subject"), s;
2274
- }
2275
- /**
2276
- * Returns promise to process the signin with user/password. The result of the promise is the authenticated `User`.
2277
- *
2278
- * Throws an ErrorResponse in case of wrong authentication.
2279
- */
2280
- async signinResourceOwnerCredentials({
2281
- username: e,
2282
- password: t,
2283
- skipUserInfo: s = !1
2284
- }) {
2285
- const r = this._logger.create("signinResourceOwnerCredential"), n = await this._client.processResourceOwnerPasswordCredentials({ username: e, password: t, skipUserInfo: s, extraTokenParams: this.settings.extraTokenParams });
2286
- r.debug("got signin response");
2287
- const i = await this._buildUser(n);
2288
- return i.profile && i.profile.sub ? r.info("success, signed in subject", i.profile.sub) : r.info("no subject"), i;
2289
- }
2290
- /**
2291
- * Returns promise to trigger a request (via a popup window) to the authorization endpoint. The result of the promise is the authenticated `User`.
2292
- */
2293
- async signinPopup(e = {}) {
2294
- const t = this._logger.create("signinPopup"), {
2295
- popupWindowFeatures: s,
2296
- popupWindowTarget: r,
2297
- ...n
2298
- } = e, i = this.settings.popup_redirect_uri;
2299
- i || t.throw(new Error("No popup_redirect_uri configured"));
2300
- const o = await this._popupNavigator.prepare({ popupWindowFeatures: s, popupWindowTarget: r }), c = await this._signin({
2301
- request_type: "si:p",
2302
- redirect_uri: i,
2303
- display: "popup",
2304
- ...n
2305
- }, o);
2306
- return c && (c.profile && c.profile.sub ? t.info("success, signed in subject", c.profile.sub) : t.info("no subject")), c;
2307
- }
2308
- /**
2309
- * Returns promise to notify the opening window of response from the authorization endpoint.
2310
- */
2311
- async signinPopupCallback(e = window.location.href, t = !1) {
2312
- const s = this._logger.create("signinPopupCallback");
2313
- await this._popupNavigator.callback(e, t), s.info("success");
2314
- }
2315
- /**
2316
- * Returns promise to trigger a silent request (via an iframe) to the authorization endpoint.
2317
- * The result of the promise is the authenticated `User`.
2318
- */
2319
- async signinSilent(e = {}) {
2320
- var t;
2321
- const s = this._logger.create("signinSilent"), {
2322
- silentRequestTimeoutInSeconds: r,
2323
- ...n
2324
- } = e;
2325
- let i = await this._loadUser();
2326
- if (i != null && i.refresh_token) {
2327
- s.debug("using refresh token");
2328
- const h = new ft(i);
2329
- return await this._useRefreshToken(h);
2330
- }
2331
- const o = this.settings.silent_redirect_uri;
2332
- o || s.throw(new Error("No silent_redirect_uri configured"));
2333
- let c;
2334
- i && this.settings.validateSubOnSilentRenew && (s.debug("subject prior to silent renew:", i.profile.sub), c = i.profile.sub);
2335
- const l = await this._iframeNavigator.prepare({ silentRequestTimeoutInSeconds: r });
2336
- return i = await this._signin({
2337
- request_type: "si:s",
2338
- redirect_uri: o,
2339
- prompt: "none",
2340
- id_token_hint: this.settings.includeIdTokenInSilentRenew ? i == null ? void 0 : i.id_token : void 0,
2341
- ...n
2342
- }, l, c), i && ((t = i.profile) != null && t.sub ? s.info("success, signed in subject", i.profile.sub) : s.info("no subject")), i;
2343
- }
2344
- async _useRefreshToken(e) {
2345
- const t = await this._client.useRefreshToken({
2346
- state: e,
2347
- timeoutInSeconds: this.settings.silentRequestTimeoutInSeconds
2348
- }), s = new F({ ...e, ...t });
2349
- return await this.storeUser(s), this._events.load(s), s;
2350
- }
2351
- /**
2352
- * Returns promise to notify the parent window of response from the authorization endpoint.
2353
- */
2354
- async signinSilentCallback(e = window.location.href) {
2355
- const t = this._logger.create("signinSilentCallback");
2356
- await this._iframeNavigator.callback(e), t.info("success");
2357
- }
2358
- async signinCallback(e = window.location.href) {
2359
- const { state: t } = await this._client.readSigninResponseState(e);
2360
- switch (t.request_type) {
2361
- case "si:r":
2362
- return await this.signinRedirectCallback(e);
2363
- case "si:p":
2364
- return await this.signinPopupCallback(e);
2365
- case "si:s":
2366
- return await this.signinSilentCallback(e);
2367
- default:
2368
- throw new Error("invalid response_type in state");
2369
- }
2370
- }
2371
- async signoutCallback(e = window.location.href, t = !1) {
2372
- const { state: s } = await this._client.readSignoutResponseState(e);
2373
- if (s)
2374
- switch (s.request_type) {
2375
- case "so:r":
2376
- await this.signoutRedirectCallback(e);
2377
- break;
2378
- case "so:p":
2379
- await this.signoutPopupCallback(e, t);
2380
- break;
2381
- case "so:s":
2382
- await this.signoutSilentCallback(e);
2383
- break;
2384
- default:
2385
- throw new Error("invalid response_type in state");
2386
- }
2387
- }
2388
- /**
2389
- * Returns promise to query OP for user's current signin status. Returns object with session_state and subject identifier.
2390
- */
2391
- async querySessionStatus(e = {}) {
2392
- const t = this._logger.create("querySessionStatus"), {
2393
- silentRequestTimeoutInSeconds: s,
2394
- ...r
2395
- } = e, n = this.settings.silent_redirect_uri;
2396
- n || t.throw(new Error("No silent_redirect_uri configured"));
2397
- const i = await this._loadUser(), o = await this._iframeNavigator.prepare({ silentRequestTimeoutInSeconds: s }), c = await this._signinStart({
2398
- request_type: "si:s",
2399
- // this acts like a signin silent
2400
- redirect_uri: n,
2401
- prompt: "none",
2402
- id_token_hint: this.settings.includeIdTokenInSilentRenew ? i == null ? void 0 : i.id_token : void 0,
2403
- response_type: this.settings.query_status_response_type,
2404
- scope: "openid",
2405
- skipUserInfo: !0,
2406
- ...r
2407
- }, o);
2408
- try {
2409
- const l = await this._client.processSigninResponse(c.url);
2410
- return t.debug("got signin response"), l.session_state && l.profile.sub ? (t.info("success for subject", l.profile.sub), {
2411
- session_state: l.session_state,
2412
- sub: l.profile.sub,
2413
- sid: l.profile.sid
2414
- }) : (t.info("success, user not authenticated"), null);
2415
- } catch (l) {
2416
- if (this.settings.monitorAnonymousSession && l instanceof j)
2417
- switch (l.error) {
2418
- case "login_required":
2419
- case "consent_required":
2420
- case "interaction_required":
2421
- case "account_selection_required":
2422
- return t.info("success for anonymous user"), {
2423
- // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
2424
- session_state: l.session_state
2425
- };
2426
- }
2427
- throw l;
2428
- }
2429
- }
2430
- async _signin(e, t, s) {
2431
- const r = await this._signinStart(e, t);
2432
- return await this._signinEnd(r.url, s);
2433
- }
2434
- async _signinStart(e, t) {
2435
- const s = this._logger.create("_signinStart");
2436
- try {
2437
- const r = await this._client.createSigninRequest(e);
2438
- return s.debug("got signin request"), await t.navigate({
2439
- url: r.url,
2440
- state: r.state.id,
2441
- response_mode: r.state.response_mode,
2442
- scriptOrigin: this.settings.iframeScriptOrigin
2443
- });
2444
- } catch (r) {
2445
- throw s.debug("error after preparing navigator, closing navigator window"), t.close(), r;
2446
- }
2447
- }
2448
- async _signinEnd(e, t) {
2449
- const s = this._logger.create("_signinEnd"), r = await this._client.processSigninResponse(e);
2450
- return s.debug("got signin response"), await this._buildUser(r, t);
2451
- }
2452
- async _buildUser(e, t) {
2453
- const s = this._logger.create("_buildUser"), r = new F(e);
2454
- if (t) {
2455
- if (t !== r.profile.sub)
2456
- throw s.debug("current user does not match user returned from signin. sub from signin:", r.profile.sub), new j({ ...e, error: "login_required" });
2457
- s.debug("current user matches user returned from signin");
2458
- }
2459
- return await this.storeUser(r), s.debug("user stored"), this._events.load(r), r;
2460
- }
2461
- /**
2462
- * Returns promise to trigger a redirect of the current window to the end session endpoint.
2463
- */
2464
- async signoutRedirect(e = {}) {
2465
- const t = this._logger.create("signoutRedirect"), {
2466
- redirectMethod: s,
2467
- ...r
2468
- } = e, n = await this._redirectNavigator.prepare({ redirectMethod: s });
2469
- await this._signoutStart({
2470
- request_type: "so:r",
2471
- post_logout_redirect_uri: this.settings.post_logout_redirect_uri,
2472
- ...r
2473
- }, n), t.info("success");
2474
- }
2475
- /**
2476
- * Returns promise to process response from the end session endpoint.
2477
- */
2478
- async signoutRedirectCallback(e = window.location.href) {
2479
- const t = this._logger.create("signoutRedirectCallback"), s = await this._signoutEnd(e);
2480
- return t.info("success"), s;
2481
- }
2482
- /**
2483
- * Returns promise to trigger a redirect of a popup window window to the end session endpoint.
2484
- */
2485
- async signoutPopup(e = {}) {
2486
- const t = this._logger.create("signoutPopup"), {
2487
- popupWindowFeatures: s,
2488
- popupWindowTarget: r,
2489
- ...n
2490
- } = e, i = this.settings.popup_post_logout_redirect_uri, o = await this._popupNavigator.prepare({ popupWindowFeatures: s, popupWindowTarget: r });
2491
- await this._signout({
2492
- request_type: "so:p",
2493
- post_logout_redirect_uri: i,
2494
- // we're putting a dummy entry in here because we
2495
- // need a unique id from the state for notification
2496
- // to the parent window, which is necessary if we
2497
- // plan to return back to the client after signout
2498
- // and so we can close the popup after signout
2499
- state: i == null ? void 0 : {},
2500
- ...n
2501
- }, o), t.info("success");
2502
- }
2503
- /**
2504
- * Returns promise to process response from the end session endpoint from a popup window.
2505
- */
2506
- async signoutPopupCallback(e = window.location.href, t = !1) {
2507
- const s = this._logger.create("signoutPopupCallback");
2508
- await this._popupNavigator.callback(e, t), s.info("success");
2509
- }
2510
- async _signout(e, t) {
2511
- const s = await this._signoutStart(e, t);
2512
- return await this._signoutEnd(s.url);
2513
- }
2514
- async _signoutStart(e = {}, t) {
2515
- var s;
2516
- const r = this._logger.create("_signoutStart");
2517
- try {
2518
- const n = await this._loadUser();
2519
- r.debug("loaded current user from storage"), this.settings.revokeTokensOnSignout && await this._revokeInternal(n);
2520
- const i = e.id_token_hint || n && n.id_token;
2521
- i && (r.debug("setting id_token_hint in signout request"), e.id_token_hint = i), await this.removeUser(), r.debug("user removed, creating signout request");
2522
- const o = await this._client.createSignoutRequest(e);
2523
- return r.debug("got signout request"), await t.navigate({
2524
- url: o.url,
2525
- state: (s = o.state) == null ? void 0 : s.id
2526
- });
2527
- } catch (n) {
2528
- throw r.debug("error after preparing navigator, closing navigator window"), t.close(), n;
2529
- }
2530
- }
2531
- async _signoutEnd(e) {
2532
- const t = this._logger.create("_signoutEnd"), s = await this._client.processSignoutResponse(e);
2533
- return t.debug("got signout response"), s;
2534
- }
2535
- /**
2536
- * Returns promise to trigger a silent request (via an iframe) to the end session endpoint.
2537
- */
2538
- async signoutSilent(e = {}) {
2539
- var t;
2540
- const s = this._logger.create("signoutSilent"), {
2541
- silentRequestTimeoutInSeconds: r,
2542
- ...n
2543
- } = e, i = this.settings.includeIdTokenInSilentSignout ? (t = await this._loadUser()) == null ? void 0 : t.id_token : void 0, o = this.settings.popup_post_logout_redirect_uri, c = await this._iframeNavigator.prepare({ silentRequestTimeoutInSeconds: r });
2544
- await this._signout({
2545
- request_type: "so:s",
2546
- post_logout_redirect_uri: o,
2547
- id_token_hint: i,
2548
- ...n
2549
- }, c), s.info("success");
2550
- }
2551
- /**
2552
- * Returns promise to notify the parent window of response from the end session endpoint.
2553
- */
2554
- async signoutSilentCallback(e = window.location.href) {
2555
- const t = this._logger.create("signoutSilentCallback");
2556
- await this._iframeNavigator.callback(e), t.info("success");
2557
- }
2558
- async revokeTokens(e) {
2559
- const t = await this._loadUser();
2560
- await this._revokeInternal(t, e);
2561
- }
2562
- async _revokeInternal(e, t = this.settings.revokeTokenTypes) {
2563
- const s = this._logger.create("_revokeInternal");
2564
- if (!e)
2565
- return;
2566
- const r = t.filter((n) => typeof e[n] == "string");
2567
- if (!r.length) {
2568
- s.debug("no need to revoke due to no token(s)");
2569
- return;
2570
- }
2571
- for (const n of r)
2572
- await this._client.revokeToken(
2573
- e[n],
2574
- // eslint-disable-line @typescript-eslint/no-non-null-assertion
2575
- n
2576
- ), s.info(`${n} revoked successfully`), n !== "access_token" && (e[n] = null);
2577
- await this.storeUser(e), s.debug("user stored"), this._events.load(e);
2578
- }
2579
- /**
2580
- * Enables silent renew for the `UserManager`.
2581
- */
2582
- startSilentRenew() {
2583
- this._logger.create("startSilentRenew"), this._silentRenewService.start();
2584
- }
2585
- /**
2586
- * Disables silent renew for the `UserManager`.
2587
- */
2588
- stopSilentRenew() {
2589
- this._silentRenewService.stop();
2590
- }
2591
- get _userStoreKey() {
2592
- return `user:${this.settings.authority}:${this.settings.client_id}`;
2593
- }
2594
- async _loadUser() {
2595
- const e = this._logger.create("_loadUser"), t = await this.settings.userStore.get(this._userStoreKey);
2596
- return t ? (e.debug("user storageString loaded"), F.fromStorageString(t)) : (e.debug("no user storageString"), null);
2597
- }
2598
- async storeUser(e) {
2599
- const t = this._logger.create("storeUser");
2600
- if (e) {
2601
- t.debug("storing user");
2602
- const s = e.toStorageString();
2603
- await this.settings.userStore.set(this._userStoreKey, s);
2604
- } else
2605
- this._logger.debug("removing user"), await this.settings.userStore.remove(this._userStoreKey);
2606
- }
2607
- /**
2608
- * Removes stale state entries in storage for incomplete authorize requests.
2609
- */
2610
- async clearStaleState() {
2611
- await this._client.clearStaleState();
2612
- }
2613
- }, wt = "2.2.2", Tt = wt;
2614
- class B extends Error {
2615
- }
2616
- B.prototype.name = "InvalidTokenError";
2617
- function mt(e) {
2618
- return decodeURIComponent(atob(e).replace(/(.)/g, (t, s) => {
2619
- let r = s.charCodeAt(0).toString(16).toUpperCase();
2620
- return r.length < 2 && (r = "0" + r), "%" + r;
2621
- }));
2622
- }
2623
- function vt(e) {
2624
- let t = e.replace(/-/g, "+").replace(/_/g, "/");
2625
- switch (t.length % 4) {
2626
- case 0:
2627
- break;
2628
- case 2:
2629
- t += "==";
2630
- break;
2631
- case 3:
2632
- t += "=";
2633
- break;
2634
- default:
2635
- throw new Error("base64 string is not of the correct length");
2636
- }
2637
- try {
2638
- return mt(t);
2639
- } catch {
2640
- return atob(t);
2641
- }
2642
- }
2643
- function St(e, t) {
2644
- if (typeof e != "string")
2645
- throw new B("Invalid token specified: must be a string");
2646
- t || (t = {});
2647
- const s = t.header === !0 ? 0 : 1, r = e.split(".")[s];
2648
- if (typeof r != "string")
2649
- throw new B(`Invalid token specified: missing part #${s + 1}`);
2650
- let n;
2651
- try {
2652
- n = vt(r);
2653
- } catch (i) {
2654
- throw new B(`Invalid token specified: invalid base64 for part #${s + 1} (${i.message})`);
2655
- }
2656
- try {
2657
- return JSON.parse(n);
2658
- } catch (i) {
2659
- throw new B(`Invalid token specified: invalid json for part #${s + 1} (${i.message})`);
2660
- }
2661
- }
2662
- const Ce = ge(
1
+ import { jsx as C } from "react/jsx-runtime";
2
+ import { createContext as S, useContext as p, useMemo as x, useEffect as d, useState as I, useRef as v, useCallback as h } from "react";
3
+ export * from "oidc-client-ts";
4
+ import U from "use-local-storage-state";
5
+ import { jwtDecode as E } from "jwt-decode";
6
+ const w = S(
2663
7
  null
2664
- ), yt = () => {
2665
- const e = _e(Ce);
8
+ ), k = () => {
9
+ const e = p(w);
2666
10
  if (!e)
2667
11
  throw new Error(
2668
12
  "useImpersonationContext must be used within a ImpersonationContextProvider"
2669
13
  );
2670
14
  return e;
2671
- }, Ut = ({
15
+ }, O = ({
2672
16
  children: e
2673
17
  }) => {
2674
- const [t, s] = Re("impersonationState", {
18
+ const [t, c] = U("impersonationState", {
2675
19
  defaultValue: {}
2676
- }), r = pe(() => ({
20
+ }), s = x(() => ({
2677
21
  accessToken: t == null ? void 0 : t.accessToken,
2678
22
  userInfo: t == null ? void 0 : t.userInfo,
2679
- setImpersonation: (n, i) => {
2680
- s({ accessToken: n, userInfo: i });
23
+ setImpersonation: (n, o) => {
24
+ c({ accessToken: n, userInfo: o });
2681
25
  }
2682
26
  }), []);
2683
- return /* @__PURE__ */ re(Ce.Provider, { value: r, children: e });
2684
- }, At = (e) => {
2685
- const { setImpersonation: t } = yt();
2686
- $(() => {
2687
- const { search: s } = window.location, r = new URLSearchParams(s).get(
27
+ return /* @__PURE__ */ C(w.Provider, { value: s, children: e });
28
+ }, F = (e) => {
29
+ const { setImpersonation: t } = k();
30
+ d(() => {
31
+ const { search: c } = window.location, s = new URLSearchParams(c).get(
2688
32
  "impersonateAccessToken"
2689
33
  );
2690
- if (r && t) {
2691
- const n = St(r);
2692
- t(r, n), e();
34
+ if (s && t) {
35
+ const n = E(s);
36
+ t(s, n), e();
2693
37
  }
2694
38
  }, []);
2695
39
  };
2696
- function Pt(e) {
2697
- return JSON.parse(e).map((r) => {
40
+ function j(e) {
41
+ return JSON.parse(e).map((s) => {
2698
42
  const [
2699
43
  n,
2700
- i,
2701
44
  o,
2702
- c,
2703
- l
2704
- ] = r.split("|"), h = c.split(",");
45
+ a,
46
+ i,
47
+ m
48
+ ] = s.split("|"), r = i.split(",");
2705
49
  return {
2706
50
  CustomerExternalId: n,
2707
- CustomerFirmId: i,
2708
- CustomerFirmName: o,
2709
- CustomerUserRoles: h,
2710
- CustomerUserIsAdmin: l === "True"
51
+ CustomerFirmId: o,
52
+ CustomerFirmName: a,
53
+ CustomerUserRoles: r,
54
+ CustomerUserIsAdmin: m === "True"
2711
55
  };
2712
56
  });
2713
57
  }
2714
- const Ot = [
58
+ const z = [
2715
59
  "97",
2716
60
  "131",
2717
61
  "132",
2718
62
  "141"
2719
- ], qt = [
63
+ ], N = [
2720
64
  "3"
2721
- ], Nt = [
65
+ ], V = [
2722
66
  "0"
2723
- ], bt = ({
67
+ ], L = ({
2724
68
  userManager: e,
2725
69
  context: t,
2726
- children: s
70
+ children: c
2727
71
  }) => {
2728
- const [r, n] = Ie({
72
+ const [s, n] = I({
2729
73
  user: null,
2730
74
  isLoading: !0,
2731
75
  isAuthenticated: !1,
2732
76
  isError: !1,
2733
77
  error: null
2734
- }), i = fe(!1);
2735
- $(() => {
2736
- i.current || (i.current = !0, (async () => {
78
+ }), o = v(!1);
79
+ d(() => {
80
+ o.current || (o.current = !0, (async () => {
2737
81
  try {
2738
- const h = await e.getUser();
82
+ const r = await e.getUser();
2739
83
  n({
2740
- user: h,
84
+ user: r,
2741
85
  isLoading: !1,
2742
- isAuthenticated: h ? !h.expired : !1,
86
+ isAuthenticated: r ? !r.expired : !1,
2743
87
  isError: !1,
2744
88
  error: null
2745
89
  });
2746
- } catch (h) {
90
+ } catch (r) {
2747
91
  n({
2748
92
  user: null,
2749
93
  isLoading: !1,
2750
94
  isAuthenticated: !1,
2751
95
  isError: !0,
2752
- error: h instanceof Error ? h : new Error("Unknown error during auth")
96
+ error: r instanceof Error ? r : new Error("Unknown error during auth")
2753
97
  });
2754
98
  }
2755
99
  })());
2756
- }, [e]), $(() => {
2757
- const h = (S) => {
100
+ }, [e]), d(() => {
101
+ const r = (l) => {
2758
102
  n({
2759
- user: S,
103
+ user: l,
2760
104
  isLoading: !1,
2761
- isAuthenticated: !S.expired,
105
+ isAuthenticated: !l.expired,
2762
106
  isError: !1,
2763
107
  error: null
2764
108
  });
2765
109
  };
2766
- e.events.addUserLoaded(h);
2767
- const g = () => {
110
+ e.events.addUserLoaded(r);
111
+ const u = () => {
2768
112
  n({
2769
- ...r,
113
+ ...s,
2770
114
  user: null,
2771
115
  isAuthenticated: !1
2772
116
  });
2773
117
  };
2774
- e.events.addUserUnloaded(g);
2775
- const u = (S) => {
118
+ e.events.addUserUnloaded(u);
119
+ const f = (l) => {
2776
120
  n({
2777
- ...r,
121
+ ...s,
2778
122
  isLoading: !1,
2779
123
  isError: !0,
2780
- error: S
124
+ error: l
2781
125
  });
2782
126
  };
2783
- return e.events.addSilentRenewError(u), () => {
2784
- e.events.removeUserLoaded(h), e.events.removeUserUnloaded(g), e.events.removeSilentRenewError(u);
127
+ return e.events.addSilentRenewError(f), () => {
128
+ e.events.removeUserLoaded(r), e.events.removeUserUnloaded(u), e.events.removeSilentRenewError(f);
2785
129
  };
2786
130
  }, [e]);
2787
- const o = ce(async () => {
2788
- const h = await e.signinCallback();
131
+ const a = h(async () => {
132
+ const r = await e.signinCallback();
2789
133
  return n({
2790
- user: h ?? null,
134
+ user: r ?? null,
2791
135
  isLoading: !1,
2792
- isAuthenticated: h ? !h.expired : !1,
136
+ isAuthenticated: r ? !r.expired : !1,
2793
137
  isError: !1,
2794
138
  error: null
2795
- }), h ?? void 0;
2796
- }, [e]), c = ce(
2797
- async (h) => {
139
+ }), r ?? void 0;
140
+ }, [e]), i = h(
141
+ async (r) => {
2798
142
  try {
2799
- await e.signinRedirect(h);
2800
- } catch (g) {
2801
- console.error(g);
143
+ await e.signinRedirect(r);
144
+ } catch (u) {
145
+ console.error(u);
2802
146
  }
2803
147
  },
2804
148
  [e]
2805
- ), l = pe(
149
+ ), m = x(
2806
150
  () => ({
2807
- state: r,
2808
- handleSigninCallback: o,
2809
- redirectToSignin: c
151
+ state: s,
152
+ handleSigninCallback: a,
153
+ redirectToSignin: i
2810
154
  }),
2811
- [r, o, c]
155
+ [s, a, i]
2812
156
  );
2813
- return /* @__PURE__ */ re(t.Provider, { value: l, children: s });
2814
- }, ae = (e) => {
2815
- const t = _e(e);
157
+ return /* @__PURE__ */ C(t.Provider, { value: m, children: c });
158
+ }, A = (e) => {
159
+ const t = p(e);
2816
160
  if (!t)
2817
161
  throw new Error("useAuthContext must be used within an AuthProvider");
2818
162
  return t;
2819
- }, kt = (e) => {
2820
- const { state: t } = ae(e);
163
+ }, P = (e) => {
164
+ const { state: t } = A(e);
2821
165
  return t;
2822
- }, Et = (e, t) => {
2823
- const { state: s, handleSigninCallback: r } = ae(e), n = fe(!1);
2824
- return $(() => {
2825
- n.current || (n.current = !0, r().then(
2826
- (i) => new Promise(
2827
- (o) => setTimeout(() => o(i), 0)
166
+ }, R = (e, t) => {
167
+ const { state: c, handleSigninCallback: s } = A(e), n = v(!1);
168
+ return d(() => {
169
+ n.current || (n.current = !0, s().then(
170
+ (o) => new Promise(
171
+ (a) => setTimeout(() => a(o), 0)
2828
172
  )
2829
- ).then((i) => t == null ? void 0 : t(i)));
2830
- }, [r]), s;
2831
- }, jt = (e) => {
2832
- const t = ge(null);
173
+ ).then((o) => t == null ? void 0 : t(o)));
174
+ }, [s]), c;
175
+ }, J = (e) => {
176
+ const t = S(null);
2833
177
  return {
2834
178
  AuthContext: t,
2835
- AuthProvider: ({ children: c }) => /* @__PURE__ */ re(bt, { userManager: e, context: t, children: c }),
2836
- useAuthContext: () => ae(t),
2837
- useAuthState: () => kt(t),
2838
- useSigninCallback: (c) => Et(t, c),
179
+ AuthProvider: ({ children: i }) => /* @__PURE__ */ C(L, { userManager: e, context: t, children: i }),
180
+ useAuthContext: () => A(t),
181
+ useAuthState: () => P(t),
182
+ useSigninCallback: (i) => R(t, i),
2839
183
  getAccessToken: async () => {
2840
- const c = await e.getUser();
2841
- return c ? c.access_token : null;
184
+ const i = await e.getUser();
185
+ return i ? i.access_token : null;
2842
186
  }
2843
187
  };
2844
188
  };
2845
189
  export {
2846
- Fe as AccessTokenEvents,
2847
- $e as CheckSessionIFrame,
2848
- j as ErrorResponse,
2849
- ie as ErrorTimeout,
2850
- Ut as ImpersonationContextProvider,
2851
- we as InMemoryWebStorage,
2852
- J as Log,
2853
- f as Logger,
2854
- ze as MetadataService,
2855
- nt as OidcClient,
2856
- ve as OidcClientSettingsStore,
2857
- Ot as ROLESAdminInCompany,
2858
- Nt as ROLESAnsatt,
2859
- qt as ROLESMAKSAdministrator,
2860
- ot as SessionMonitor,
2861
- Q as SigninResponse,
2862
- oe as SigninState,
2863
- it as SignoutResponse,
2864
- H as State,
2865
- F as User,
2866
- Rt as UserManager,
2867
- lt as UserManagerSettingsStore,
2868
- Tt as Version,
2869
- me as WebStorageStateStore,
2870
- jt as createAuthContext,
2871
- Pt as parseUserProfileFCString,
2872
- At as useImpersonationCallback,
2873
- yt as useImpersonationContext
190
+ O as ImpersonationContextProvider,
191
+ z as ROLESAdminInCompany,
192
+ V as ROLESAnsatt,
193
+ N as ROLESMAKSAdministrator,
194
+ J as createAuthContext,
195
+ j as parseUserProfileFCString,
196
+ F as useImpersonationCallback,
197
+ k as useImpersonationContext
2874
198
  };