@authress/login 2.3.282 → 2.3.285
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -1
- package/dist/authress.min.js +2 -2
- package/dist/authress.min.js.LICENSE.txt +1 -1
- package/dist/authress.min.js.LICENSE.txt.gz +0 -0
- package/dist/authress.min.js.gz +0 -0
- package/dist/eslint_report.html +129 -0
- package/package.json +1 -1
- package/src/extensionClient.js +8 -10
- package/src/httpClient.js +2 -1
- package/src/index.js +29 -36
- package/src/windowManager.js +32 -0
package/README.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
<p align="center">
|
|
2
|
-
|
|
2
|
+
<img height="300px" src="https://authress.io/static/images/media-banner.png" alt="Authress media banner">
|
|
3
3
|
</p>
|
|
4
4
|
|
|
5
5
|
# Authress Login SDK for UIs
|
package/dist/authress.min.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
/*! Authress Login SDK 2.3.
|
|
2
|
-
!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.authress=t():e.authress=t()}(this,(()=>(()=>{var e,t,r={219:e=>{function t(e){return String.fromCharCode(parseInt(e.slice(1),16))}function r(e){return`%${`00${e.charCodeAt(0).toString(16)}`.slice(-2)}`}e.exports.decode=function(e){return function(e){return decodeURIComponent(Array.from(atob(e),r).join(""))}(e.replace(/-/g,"+").replace(/_/g,"/"))},e.exports.encode=function(e){return e&&"object"==typeof e?btoa(String.fromCharCode(...new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,""):function(e){return btoa(encodeURIComponent(e).replace(/%[0-9A-F]{2}/g,t))}(e).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,"")}},99:(e,t,r)=>{const o=r(219),n=r(215),{sanitizeUrl:i}=r(825),a="ExtensionRequestNonce";let s=null;e.exports=class{constructor(e,t){if(this.extensionId=t,!e)throw Error('Missing required property "authressCustomDomain" in ExtensionClient constructor. The Custom Authress Domain Host is required.');if(!t)throw Error('Missing required property "extensionId" in ExtensionClient constructor. The extension is required for selecting the correct login method.');this.authressCustomDomain=i(e),this.accessToken=null,window.onload=async()=>{await this.requestToken({silent:!0})}}async getUserIdentity(){const e=this.accessToken&&await n.decode(this.accessToken);return e?1e3*e.exp<Date.now()?(this.accessToken=null,null):e:null}async getTokenResponse(){return await this.getUserIdentity()?{accessToken:this.accessToken}:null}requestToken(e={code:null,silent:!1}){if(s)return s=s.catch((()=>{})).then((()=>this.requestTokenContinuation(e)));const t=this.requestTokenContinuation(e);return t.catch((()=>{})),s=t}async requestTokenContinuation(e={code:null,silent:!1}){const t=e&&e.code||new URLSearchParams(window.location.search).get("code");if(!t){if(!e||!e.silent){const e=Error("OAuth Authorization code is required");throw e.code="InvalidAuthorizationCode",e}return this.getTokenResponse()}const r=new URL(this.authressCustomDomain);r.pathname="/api/authentication/oauth/tokens";const{codeVerifier:o,redirectUrl:n}=JSON.parse(localStorage.getItem(a)||"{}"),i=await fetch(r.toString(),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({code_verifier:o,code:t,grant_type:"authorization_code",client_id:this.extensionId,redirect_uri:n})}),s=await i.json();this.accessToken=s.access_token;const c=new URL(window.location);return c.searchParams.delete("code"),c.searchParams.delete("iss"),c.searchParams.delete("nonce"),c.searchParams.delete("expires_in"),c.searchParams.delete("access_token"),c.searchParams.delete("id_token"),history.replaceState({},void 0,c.toString()),this.getTokenResponse()}async login(e){const t=await this.getTokenResponse();if(t)return t;const r=await this.requestToken({silent:!0});if(r)return r;const n=new URL(this.authressCustomDomain),i=o.encode((window.crypto||window.msCrypto).getRandomValues(new Uint32Array(16)).toString()),s=await(window.crypto||window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(i)),c=o.encode(s),d=e||window.location.href;return localStorage.setItem(a,JSON.stringify({codeVerifier:i,redirectUrl:d})),n.searchParams.set("client_id",this.extensionId),n.searchParams.set("code_challenge",c),n.searchParams.set("code_challenge_method","S256"),n.searchParams.set("redirect_uri",d),window.location.assign(n.toString()),await new Promise((e=>setTimeout(e,5e3))),null}}},965:(e,t,r)=>{const{sanitizeUrl:o}=r(825),n={"Content-Type":"application/json"},i=new Set(["Failed to fetch","NetworkError when attempting to fetch resource.","The Internet connection appears to be offline.","Network request failed","fetch failed","<HTML DOCUMENT></HTML>"]);function a(e){return e&&e.message&&i.has(e.message)}async function s(e){let t=null;for(let r=0;r<5;r++)try{return await e()}catch(e){if(e.retryCount=r,t=e,a(e)||"Network Error"===e.message||"ERR_NETWORK"===e.code||!e.status||e.status>=500){t.isNetworkError=!0,await new Promise((e=>setTimeout(e,10*2**r)));continue}throw e}throw t}e.exports=class{constructor(e,t){if(!e)throw Error("Custom Authress Domain Host is required");const r=t||{debug(){},warn(){},critical(){}};this.logger=r;const n=new URL(o(e));this.loginUrl=`${n.origin}/api`}get(e,t,r,o){return s((()=>this.fetchWrapper("GET",e,null,r,t,o)))}delete(e,t,r,o){return s((()=>this.fetchWrapper("DELETE",e,null,r,t,o)))}post(e,t,r,o,n){return s((()=>this.fetchWrapper("POST",e,r,o,t,n)))}put(e,t,r,o,n){return s((()=>this.fetchWrapper("PUT",e,r,o,t,n)))}patch(e,t,r,o,n){return s((()=>this.fetchWrapper("PATCH",e,r,o,t,n)))}async fetchWrapper(e,t,r,o,i,a){const s=`${this.loginUrl}${t.toString()}`,c=e.toUpperCase(),d=Object.assign({},n,o);try{this.logger&&this.logger.debug&&this.logger.debug({title:"HttpClient Request",method:c,url:s});const e={method:c,headers:d};r&&(e.body=JSON.stringify(r)),"localhost"!==window.location.hostname&&i&&(e.credentials="include");const t=await fetch(s,e);if(!t.ok)throw t;let o={};try{o=await t.text(),o=JSON.parse(o)}catch(e){}return{url:s,headers:t.headers,status:t.status,data:o}}catch(e){let t=e;try{t=await e.text(),t=JSON.parse(t)}catch(e){}const o=t.stack&&t.stack.match(/chrome-extension:[/][/](\w+)[/]/);if(o){this.logger&&this.logger.debug&&this.logger.debug({title:`Fetch failed due to a browser extension - ${c} - ${s}`,method:c,url:s,data:r,headers:d,error:e,resolvedError:t,extensionErrorId:o});const n=new Error(`Extension Error ID: ${o}`);throw n.code="BROWSER_EXTENSION_ERROR",n}const n=e.status;let i="warn",l="HttpClient Response Error";e?401===n?(l="HttpClient Response Error due to invalid token",i="debug"):404===n?(l="HttpClient Response: Not Found",i="debug"):n<500&&a&&(i="debug"):l="HttpClient Response Error - Unknown error occurred",this.logger&&this.logger[i]&&this.logger[i]({title:l,online:navigator.onLine,method:c,url:s,status:n,data:r,headers:d,error:e,resolvedError:t});throw{url:s,status:n,data:t,headers:e.headers}}}}},125:(e,t,r)=>{const o=r(489),n=r(802),i=r(965),a=r(215),{sanitizeUrl:s}=r(825),c=r(429);let d,l=new Promise((e=>d=e)),u=null;const h="AuthenticationRequestNonce";const p=r(99);e.exports={LoginClient:class{constructor(e,t){this.settings=Object.assign({applicationId:"app_default"},e),this.logger=t||console;const r=this.settings.authressApiUrl||this.settings.authressLoginHostUrl||this.settings.authenticationServiceUrl||"";if(!r)throw Error('Missing required property "authressApiUrl" in LoginClient constructor. Custom Authress Domain Host is required.');this.hostUrl=s(r),this.httpClient=new i(this.hostUrl,this.logger),this.lastSessionCheck=0,this.enableCredentials=this.getMatchingDomainInfo(this.hostUrl,"undefined"!=typeof window?window:void 0),e.skipBackgroundCredentialsCheck||(window.onload=async()=>{await this.userSessionExists(!0)})}isLocalHost(){return"undefined"!=typeof window&&window.location&&("localhost"===window.location.hostname||"127.0.0.1"===window.location.hostname)}getMatchingDomainInfo(e,t){const r=new URL(e);if(this.isLocalHost())return!1;if(void 0===t)return!1;if("https:"!==t.location.protocol)return!1;const o=r.host.toLowerCase().split(".").reverse(),i=t.location.host.toLowerCase().split(".").reverse();let a=[];for(let e of o){const t=n(i,a.length+1).join(".");if(a.concat(e).join(".")!==t)break;a.push(e)}return a.length===o.length&&a.length===i.length||a.length>1}getUserIdentity(){const e=c.getUserCookie(),t=a.decodeOrParse(e);if(t){const r=t.exp?new Date(1e3*t.exp):new Date(Date.now()+864e5);return c.set(e,r),t.userId=t.sub,t}const r=c.get(),o=a.decodeOrParse(r);return o?this.hostUrl.startsWith(o.iss)?(o.userId=o.sub,o):(this.logger&&this.logger.log&&this.logger.log({title:"Token saved in browser is for a different issuer, discarding",currentHostUrl:this.hostUrl,savedUserData:o}),c.clear(),null):null}async getConnectionCredentials(){await this.waitForUserSession();try{const e=await this.ensureToken();return(await this.httpClient.get("/session/credentials",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data}catch(e){return null}}async getDevices(){try{const e=await this.ensureToken();return(await this.httpClient.get("/session/devices",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data.devices}catch(e){return[]}}async deleteDevice(e){try{const t=await this.ensureToken();await this.httpClient.delete(`/session/devices/${encodeURIComponent(e)}`,this.enableCredentials,{Authorization:t&&`Bearer ${t}`})}catch(e){throw this.logger&&this.logger.log({title:"Failed to delete device",error:e}),e}}async openUserConfigurationScreen(e={redirectUrl:null,startPage:"Profile"}){if(!await this.userSessionExists()){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const t=new URL("/settings",this.hostUrl);t.searchParams.set("client_id",this.settings.applicationId),t.searchParams.set("start_page",e&&e.startPage||"Profile"),t.searchParams.set("redirect_uri",e&&e.redirectUrl||window.location.href),window.location.assign(t.toString()),await Promise.resolve()}async registerDevice(e={name:""}){const t=await this.getUserIdentity();if(!t){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const r=t.sub,o={challenge:Uint8Array.from(r,(e=>e.charCodeAt(0))),rp:{id:this.hostUrl.split(".").slice(1).join("."),name:"WebAuthN Login"},user:{id:Uint8Array.from(r,(e=>e.charCodeAt(0))),name:r,displayName:`Generated User ID: ${r}`},pubKeyCredParams:[{type:"public-key",alg:-36},{type:"public-key",alg:-35},{type:"public-key",alg:-7},{type:"public-key",alg:-259},{type:"public-key",alg:-258},{type:"public-key",alg:-257}],authenticatorSelection:{residentKey:"discouraged",requireResidentKey:!1,userVerification:"discouraged"},timeout:6e4,attestation:"direct"},n=await navigator.credentials.create({publicKey:o}),i={authenticatorAttachment:n.authenticatorAttachment,credentialId:n.id,type:n.type,userId:r,attestation:btoa(String.fromCharCode(...new Uint8Array(n.response.attestationObject))),client:JSON.parse(new TextDecoder("utf-8").decode(n.response.clientDataJSON))},a={name:e&&e.name,code:i,type:"WebAuthN"};try{const e=await this.ensureToken();return(await this.httpClient.post("/session/devices",this.enableCredentials,a,{Authorization:e&&`Bearer ${e}`})).data}catch(e){throw this.logger&&this.logger.log({title:"Failed to register new device",error:e}),e}}async waitForUserSession(){try{return await l,!0}catch(e){return!1}}userSessionExists(e){return u?Date.now()-this.lastSessionCheck<50?u:(this.lastSessionCheck=Date.now(),u=u.catch((()=>{})).then((()=>this.userSessionContinuation(e)))):(this.lastSessionCheck=Date.now(),u=this.userSessionContinuation(e))}async userSessionContinuation(e){const t=new URLSearchParams(window.location.search),r=new URL(window.location);let n={};try{n=JSON.parse(localStorage.getItem(h)||"{}"),localStorage.removeItem(h),Object.hasOwnProperty.call(n,"enableCredentials")&&(this.enableCredentials=n.enableCredentials)}catch(e){this.logger&&this.logger.debug&&this.logger.debug({title:"LocalStorage failed in Browser",error:e})}if(t.get("state")&&"oauthLogin"===t.get("flow"))return!1;if(n.nonce&&t.get("code")&&(r.searchParams.delete("nonce"),r.searchParams.delete("iss"),r.searchParams.delete("code"),history.replaceState({},void 0,r.toString()),n.nonce===t.get("nonce"))){const e="cookie"===t.get("code")?o.parse(document.cookie)["auth-code"]:t.get("code"),r={grant_type:"authorization_code",redirect_uri:n.redirectUrl,client_id:this.settings.applicationId,code:e,code_verifier:n.codeVerifier};try{const e=await this.httpClient.post(`/authentication/${n.nonce}/tokens`,this.enableCredentials,r),t=a.decode(e.data.id_token),i=t.exp&&new Date(1e3*t.exp)||e.data.expires_in&&new Date(Date.now()+1e3*e.data.expires_in);return document.cookie=o.serialize("authorization",e.data.access_token||"",{expires:i,path:"/",sameSite:"strict"}),c.set(e.data.id_token,i),d(),!0}catch(e){if(this.logger&&this.logger.log({title:"Failed exchange authentication response for a token.",error:e}),e.data&&"invalid_request"===e.data.error)return!1;throw e.data||e}}if(this.isLocalHost()&&t.get("nonce")&&t.get("access_token")&&(r.searchParams.delete("iss"),r.searchParams.delete("nonce"),r.searchParams.delete("expires_in"),r.searchParams.delete("access_token"),r.searchParams.delete("id_token"),history.replaceState({},void 0,r.toString()),!n.nonce||n.nonce===t.get("nonce"))){const e=a.decode(t.get("id_token")),r=e.exp&&new Date(1e3*e.exp)||Number(t.get("expires_in"))&&new Date(Date.now()+1e3*Number(t.get("expires_in")));return document.cookie=o.serialize("authorization",t.get("access_token")||"",{expires:r,path:"/",sameSite:"strict"}),c.set(t.get("id_token"),r),d(),!0}if(this.getUserIdentity())return d(),!0;if(!this.isLocalHost()&&!e){try{const e=await this.httpClient.patch("/session",this.enableCredentials,{},null,!0);if(e.data.access_token){const t=a.decode(e.data.id_token),r=t.exp&&new Date(1e3*t.exp)||e.data.expires_in&&new Date(Date.now()+1e3*e.data.expires_in);document.cookie=o.serialize("authorization",e.data.access_token||"",{expires:r,path:"/",sameSite:"strict"}),c.set(e.data.id_token,r)}}catch(e){400!==e.status&&404!==e.status&&409!==e.status?this.logger&&this.logger.log&&this.logger.log({title:"User does not have an existing authentication session",error:e}):this.logger&&this.logger.log&&this.logger.log({title:"Failed attempting to check if the user has an existing authentication session",error:e})}if(this.getUserIdentity())return d(),!0}return!1}async updateExtensionAuthenticationRequest({state:e,connectionId:t,tenantLookupIdentifier:r,connectionProperties:o}){if(!t&&!r){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}const n=new URLSearchParams(window.location.search),i=e||n.get("state");if(!i){const e=Error("The `state` parameters must be specified to update this authentication request");throw e.code="InvalidAuthenticationRequest",e}try{const e=await this.httpClient.patch(`/authentication/${i}`,!0,{connectionId:t,tenantLookupIdentifier:r,connectionProperties:o});window.location.assign(e.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to update extension authentication request",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data||e}await new Promise((e=>setTimeout(e,5e3)))}async unlinkIdentity(e){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged in to unlink an account.");throw e.code="NotLoggedIn",e}let t;try{t=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const r=this.enableCredentials&&!this.isLocalHost()?{}:{Authorization:`Bearer ${t}`};try{await this.httpClient.delete(`/identities/${encodeURIComponent(e)}`,this.enableCredentials,r)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to unlink user identity",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data||e}}async linkIdentity({connectionId:e,tenantLookupIdentifier:t,redirectUrl:r,connectionProperties:o}){if(!e&&!t){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let n;try{n=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:i}=await a.getAuthCodes();try{const a=r&&new URL(r).toString()||window.location.href,s=this.enableCredentials&&!this.isLocalHost()?{}:{Authorization:`Bearer ${n}`},c=await this.httpClient.post("/authentication",this.enableCredentials,{linkIdentity:!0,redirectUrl:a,codeChallengeMethod:"S256",codeChallenge:i,connectionId:e,tenantLookupIdentifier:t,connectionProperties:o,applicationId:this.settings.applicationId},s);window.location.assign(c.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}await new Promise((e=>setTimeout(e,5e3)))}async authenticate(e={}){const{connectionId:t,tenantLookupIdentifier:r,inviteId:o,redirectUrl:n,force:i,responseLocation:s,flowType:d,connectionProperties:l,openType:u,multiAccount:p,clearUserDataBeforeLogin:f}=e||{};if(s&&"cookie"!==s&&"query"!==s&&"none"!==s){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!i&&!p&&await this.userSessionExists())return!0;const{codeVerifier:g,codeChallenge:w}=await a.getAuthCodes();try{const e=n&&new URL(n).toString()||window.location.href;!1!==f&&c.clear();const i=await this.httpClient.post("/authentication",!1,{redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:w,connectionId:t,tenantLookupIdentifier:r,inviteId:o,connectionProperties:l,applicationId:this.settings.applicationId,responseLocation:s,flowType:d,multiAccount:p});if(localStorage.setItem(h,JSON.stringify({nonce:i.data.authenticationRequestId,codeVerifier:g,lastConnectionId:t,tenantLookupIdentifier:r,redirectUrl:e,enableCredentials:i.data.enableCredentials,multiAccount:p})),"tab"===u){const e=window.open(i.data.authenticationUrl,"_blank");e&&!e.closed&&void 0!==e.closed||window.location.assign(i.data.authenticationUrl)}else window.location.assign(i.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data||e}return await new Promise((e=>setTimeout(e,5e3))),!1}async ensureToken(e){await this.userSessionExists();const t=Object.assign({timeoutInMillis:5e3},e||{}),r=this.waitForUserSession(),n=new Promise(((e,r)=>setTimeout(r,t.timeoutInMillis||0)));try{await Promise.race([r,n])}catch(e){const t=Error("No token retrieved after timeout");throw t.code="TokenTimeout",t}const i=o.parse(document.cookie);return"undefined"!==i.authorization&&i.authorization}async logout(e){if(c.clear(),l=new Promise((e=>d=e)),this.enableCredentials)try{return await this.httpClient.delete("/session",this.enableCredentials),void(e&&e!==window.location.href&&window.location.assign(e))}catch(e){}const t=new URL("/logout",this.hostUrl);t.searchParams.set("redirect_uri",e||window.location.href),t.searchParams.set("client_id",this.settings.applicationId),window.location.assign(t.toString())}},ExtensionClient:p,UserConfigurationScreen:{Profile:"Profile",MFA:"MFA"}}},215:(e,t,r)=>{const o=r(219);e.exports=new class{decode(e){if(!e)return null;try{const t=JSON.parse(o.decode(e.split(".")[1]));return t.exp&&(t.exp=t.exp-10),t}catch(e){return null}}decodeOrParse(e){if(!e)return null;if("object"==typeof e)return e;try{return JSON.parse(e)}catch(t){return this.decode(e)}}decodeFull(e){if(!e)return null;try{const t=JSON.parse(o.decode(e.split(".")[0])),r=JSON.parse(o.decode(e.split(".")[1]));return r.exp&&(r.exp=r.exp-10),{header:t,payload:r}}catch(e){return null}}async getAuthCodes(){const e=o.encode((window.crypto||window.msCrypto).getRandomValues(new Uint32Array(16)).toString()),t=await(window.crypto||window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(e));return{codeVerifier:e,codeChallenge:o.encode(t)}}}},429:(e,t,r)=>{const o=r(489),n="AuthenticationCredentialsStorage";e.exports=new class{getUserCookie(){return document.cookie.split(";").filter((e=>"user"===e.split("=")[0].trim())).map((e=>e.replace(/^user=/,""))).find((e=>e&&e.trim()))||null}set(e,t){try{const r=o.parse(document.cookie);localStorage.setItem(n,JSON.stringify({idToken:e,expiry:t&&t.getTime(),jsCookies:!!r.authorization})),this.clearCookies("user")}catch(e){console.debug("LocalStorage failed in Browser",e)}}get(){let e={};try{e=o.parse(document.cookie)}catch(e){console.debug("CookieManagement failed in Browser",e)}try{const{idToken:t,expiry:r,jsCookies:o}=JSON.parse(localStorage.getItem(n)||"{}");return t?r<Date.now()||o&&!e.authorization?null:t:this.getUserCookie()}catch(e){return console.debug("LocalStorage failed in Browser",e),this.getUserCookie()}}delete(){try{localStorage.removeItem(n)}catch(e){console.debug("LocalStorage failed in Browser",e)}try{this.clearCookies("user")}catch(e){console.debug("CookieManagement failed in Browser",e)}}clear(){this.clearCookies(),this.delete()}clearCookies(e){if("undefined"==typeof window)return;const t=document.cookie.split("; ");for(const r of t){if(!["user","authorization","auth-code"].includes(r.split("=")[0])||e&&r.split("=")[0]!==e)continue;const t=window.location.hostname.split("."),o=[...Array(t.length-1)].map(((e,r)=>t.reverse().slice(0,r+2).reverse().join("."))).map((e=>[e,`.${e}`])).flat(1).concat(null);"localhost"===window.location.hostname&&o.push("localhost");for(const e of o){const t=e?`domain=${e};`:"",o=`${encodeURIComponent(r.split(";")[0].split("=")[0])}=; expires=Thu, 01-Jan-1970 00:00:01 GMT; ${t} SameSite=Strict; path=`;document.cookie=`${o}/`;const n=location.pathname.split("/");for(;n.length>0;)document.cookie=o+n.join("/"),n.pop()}}}}},825:e=>{e.exports.sanitizeUrl=function(e){return e.startsWith("http")?e:`https://${e}`}},489:(e,t)=>{"use strict";t.parse=function(e,t){if("string"!=typeof e)throw new TypeError("argument str must be a string");var r={},o=(t||{}).decode||n,i=0;for(;i<e.length;){var s=e.indexOf("=",i);if(-1===s)break;var c=e.indexOf(";",i);if(-1===c)c=e.length;else if(c<s){i=e.lastIndexOf(";",s-1)+1;continue}var d=e.slice(i,s).trim();if(void 0===r[d]){var l=e.slice(s+1,c).trim();34===l.charCodeAt(0)&&(l=l.slice(1,-1)),r[d]=a(l,o)}i=c+1}return r},t.serialize=function(e,t,n){var a=n||{},s=a.encode||i;if("function"!=typeof s)throw new TypeError("option encode is invalid");if(!o.test(e))throw new TypeError("argument name is invalid");var c=s(t);if(c&&!o.test(c))throw new TypeError("argument val is invalid");var d=e+"="+c;if(null!=a.maxAge){var l=a.maxAge-0;if(isNaN(l)||!isFinite(l))throw new TypeError("option maxAge is invalid");d+="; Max-Age="+Math.floor(l)}if(a.domain){if(!o.test(a.domain))throw new TypeError("option domain is invalid");d+="; Domain="+a.domain}if(a.path){if(!o.test(a.path))throw new TypeError("option path is invalid");d+="; Path="+a.path}if(a.expires){var u=a.expires;if(!function(e){return"[object Date]"===r.call(e)||e instanceof Date}(u)||isNaN(u.valueOf()))throw new TypeError("option expires is invalid");d+="; Expires="+u.toUTCString()}a.httpOnly&&(d+="; HttpOnly");a.secure&&(d+="; Secure");if(a.priority){switch("string"==typeof a.priority?a.priority.toLowerCase():a.priority){case"low":d+="; Priority=Low";break;case"medium":d+="; Priority=Medium";break;case"high":d+="; Priority=High";break;default:throw new TypeError("option priority is invalid")}}if(a.sameSite){switch("string"==typeof a.sameSite?a.sameSite.toLowerCase():a.sameSite){case!0:d+="; SameSite=Strict";break;case"lax":d+="; SameSite=Lax";break;case"strict":d+="; SameSite=Strict";break;case"none":d+="; SameSite=None";break;default:throw new TypeError("option sameSite is invalid")}}return d};var r=Object.prototype.toString,o=/^[\u0009\u0020-\u007e\u0080-\u00ff]+$/;function n(e){return-1!==e.indexOf("%")?decodeURIComponent(e):e}function i(e){return encodeURIComponent(e)}function a(e,t){try{return t(e)}catch(t){return e}}},802:e=>{var t=1/0,r=17976931348623157e292,o=NaN,n="[object Symbol]",i=/^\s+|\s+$/g,a=/^[-+]0x[0-9a-f]+$/i,s=/^0b[01]+$/i,c=/^0o[0-7]+$/i,d=parseInt,l=Object.prototype.toString;function u(e){var t=typeof e;return!!e&&("object"==t||"function"==t)}e.exports=function(e,h,p){return e&&e.length?function(e,t,r){var o=-1,n=e.length;t<0&&(t=-t>n?0:n+t),(r=r>n?n:r)<0&&(r+=n),n=t>r?0:r-t>>>0,t>>>=0;for(var i=Array(n);++o<n;)i[o]=e[o+t];return i}(e,0,(h=p||void 0===h?1:(f=function(e){return e?(e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e||function(e){return!!e&&"object"==typeof e}(e)&&l.call(e)==n}(e))return o;if(u(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=u(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(i,"");var r=s.test(e);return r||c.test(e)?d(e.slice(2),r?2:8):a.test(e)?o:+e}(e))===t||e===-t?(e<0?-1:1)*r:e==e?e:0:0===e?e:0}(h),g=f%1,f==f?g?f-g:f:0))<0?0:h):[];var f,g}}},o={};function n(e){var t=o[e];if(void 0!==t){if(void 0!==t.error)throw t.error;return t.exports}var i=o[e]={exports:{}};try{var a={id:e,module:i,factory:r[e],require:n};n.i.forEach((function(e){e(a)})),i=a.module,a.factory.call(i.exports,i,i.exports,a.require)}catch(e){throw i.error=e,e}return i.exports}return n.m=r,n.c=o,n.i=[],n.hu=e=>e+"."+n.h()+".hot-update.js",n.hmrF=()=>"main."+n.h()+".hot-update.json",n.h=()=>"02f1548977b15afda72a",n.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="authress:",n.l=(r,o,i,a)=>{if(e[r])e[r].push(o);else{var s,c;if(void 0!==i)for(var d=document.getElementsByTagName("script"),l=0;l<d.length;l++){var u=d[l];if(u.getAttribute("src")==r||u.getAttribute("data-webpack")==t+i){s=u;break}}s||(c=!0,(s=document.createElement("script")).charset="utf-8",s.timeout=120,n.nc&&s.setAttribute("nonce",n.nc),s.setAttribute("data-webpack",t+i),s.src=r),e[r]=[o];var h=(t,o)=>{s.onerror=s.onload=null,clearTimeout(p);var n=e[r];if(delete e[r],s.parentNode&&s.parentNode.removeChild(s),n&&n.forEach((e=>e(o))),t)return t(o)},p=setTimeout(h.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=h.bind(null,s.onerror),s.onload=h.bind(null,s.onload),c&&document.head.appendChild(s)}},(()=>{var e,t,r,o={},i=n.c,a=[],s=[],c="idle",d=0,l=[];function u(e){c=e;for(var t=[],r=0;r<s.length;r++)t[r]=s[r].call(null,e);return Promise.all(t)}function h(){0==--d&&u("ready").then((function(){if(0===d){var e=l;l=[];for(var t=0;t<e.length;t++)e[t]()}}))}function p(e){if("idle"!==c)throw new Error("check() is only allowed in idle status");return u("check").then(n.hmrM).then((function(r){return r?u("prepare").then((function(){var o=[];return t=[],Promise.all(Object.keys(n.hmrC).reduce((function(e,i){return n.hmrC[i](r.c,r.r,r.m,e,t,o),e}),[])).then((function(){return t=function(){return e?g(e):u("ready").then((function(){return o}))},0===d?t():new Promise((function(e){l.push((function(){e(t())}))}));var t}))})):u(w()?"ready":"idle").then((function(){return null}))}))}function f(e){return"ready"!==c?Promise.resolve().then((function(){throw new Error("apply() is only allowed in ready status (state: "+c+")")})):g(e)}function g(e){e=e||{},w();var o=t.map((function(t){return t(e)}));t=void 0;var n=o.map((function(e){return e.error})).filter(Boolean);if(n.length>0)return u("abort").then((function(){throw n[0]}));var i=u("dispose");o.forEach((function(e){e.dispose&&e.dispose()}));var a,s=u("apply"),c=function(e){a||(a=e)},d=[];return o.forEach((function(e){if(e.apply){var t=e.apply(c);if(t)for(var r=0;r<t.length;r++)d.push(t[r])}})),Promise.all([i,s]).then((function(){return a?u("fail").then((function(){throw a})):r?g(e).then((function(e){return d.forEach((function(t){e.indexOf(t)<0&&e.push(t)})),e})):u("idle").then((function(){return d}))}))}function w(){if(r)return t||(t=[]),Object.keys(n.hmrI).forEach((function(e){r.forEach((function(r){n.hmrI[e](r,t)}))})),r=void 0,!0}n.hmrD=o,n.i.push((function(l){var g,w,m,y,v=l.module,k=function(t,r){var o=i[r];if(!o)return t;var n=function(n){if(o.hot.active){if(i[n]){var s=i[n].parents;-1===s.indexOf(r)&&s.push(r)}else a=[r],e=n;-1===o.children.indexOf(n)&&o.children.push(n)}else console.warn("[HMR] unexpected require("+n+") from disposed module "+r),a=[];return t(n)},s=function(e){return{configurable:!0,enumerable:!0,get:function(){return t[e]},set:function(r){t[e]=r}}};for(var l in t)Object.prototype.hasOwnProperty.call(t,l)&&"e"!==l&&Object.defineProperty(n,l,s(l));return n.e=function(e,r){return function(e){switch(c){case"ready":u("prepare");case"prepare":return d++,e.then(h,h),e;default:return e}}(t.e(e,r))},n}(l.require,l.id);v.hot=(g=l.id,w=v,y={_acceptedDependencies:{},_acceptedErrorHandlers:{},_declinedDependencies:{},_selfAccepted:!1,_selfDeclined:!1,_selfInvalidated:!1,_disposeHandlers:[],_main:m=e!==g,_requireSelf:function(){a=w.parents.slice(),e=m?void 0:g,n(g)},active:!0,accept:function(e,t,r){if(void 0===e)y._selfAccepted=!0;else if("function"==typeof e)y._selfAccepted=e;else if("object"==typeof e&&null!==e)for(var o=0;o<e.length;o++)y._acceptedDependencies[e[o]]=t||function(){},y._acceptedErrorHandlers[e[o]]=r;else y._acceptedDependencies[e]=t||function(){},y._acceptedErrorHandlers[e]=r},decline:function(e){if(void 0===e)y._selfDeclined=!0;else if("object"==typeof e&&null!==e)for(var t=0;t<e.length;t++)y._declinedDependencies[e[t]]=!0;else y._declinedDependencies[e]=!0},dispose:function(e){y._disposeHandlers.push(e)},addDisposeHandler:function(e){y._disposeHandlers.push(e)},removeDisposeHandler:function(e){var t=y._disposeHandlers.indexOf(e);t>=0&&y._disposeHandlers.splice(t,1)},invalidate:function(){switch(this._selfInvalidated=!0,c){case"idle":t=[],Object.keys(n.hmrI).forEach((function(e){n.hmrI[e](g,t)})),u("ready");break;case"ready":Object.keys(n.hmrI).forEach((function(e){n.hmrI[e](g,t)}));break;case"prepare":case"check":case"dispose":case"apply":(r=r||[]).push(g)}},check:p,apply:f,status:function(e){if(!e)return c;s.push(e)},addStatusHandler:function(e){s.push(e)},removeStatusHandler:function(e){var t=s.indexOf(e);t>=0&&s.splice(t,1)},data:o[g]},e=void 0,y),v.parents=a,v.children=[],a=[],l.require=k})),n.hmrC={},n.hmrI={}})(),n.p="",(()=>{var e,t,r,o,i,a=n.hmrS_jsonp=n.hmrS_jsonp||{179:0},s={};function c(t,r){return e=r,new Promise(((e,r)=>{s[t]=e;var o=n.p+n.hu(t),i=new Error;n.l(o,(e=>{if(s[t]){s[t]=void 0;var o=e&&("load"===e.type?"missing":e.type),n=e&&e.target&&e.target.src;i.message="Loading hot update chunk "+t+" failed.\n("+o+": "+n+")",i.name="ChunkLoadError",i.type=o,i.request=n,r(i)}}))}))}function d(e){function s(e){for(var t=[e],r={},o=t.map((function(e){return{chain:[e],id:e}}));o.length>0;){var i=o.pop(),a=i.id,s=i.chain,d=n.c[a];if(d&&(!d.hot._selfAccepted||d.hot._selfInvalidated)){if(d.hot._selfDeclined)return{type:"self-declined",chain:s,moduleId:a};if(d.hot._main)return{type:"unaccepted",chain:s,moduleId:a};for(var l=0;l<d.parents.length;l++){var u=d.parents[l],h=n.c[u];if(h){if(h.hot._declinedDependencies[a])return{type:"declined",chain:s.concat([u]),moduleId:a,parentId:u};-1===t.indexOf(u)&&(h.hot._acceptedDependencies[a]?(r[u]||(r[u]=[]),c(r[u],[a])):(delete r[u],t.push(u),o.push({chain:s.concat([u]),id:u})))}}}}return{type:"accepted",moduleId:e,outdatedModules:t,outdatedDependencies:r}}function c(e,t){for(var r=0;r<t.length;r++){var o=t[r];-1===e.indexOf(o)&&e.push(o)}}n.f&&delete n.f.jsonpHmr,t=void 0;var d={},l=[],u={},h=function(e){console.warn("[HMR] unexpected require("+e.id+") to disposed module")};for(var p in r)if(n.o(r,p)){var f,g=r[p],w=!1,m=!1,y=!1,v="";switch((f=g?s(p):{type:"disposed",moduleId:p}).chain&&(v="\nUpdate propagation: "+f.chain.join(" -> ")),f.type){case"self-declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined||(w=new Error("Aborted because of self decline: "+f.moduleId+v));break;case"declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined||(w=new Error("Aborted because of declined dependency: "+f.moduleId+" in "+f.parentId+v));break;case"unaccepted":e.onUnaccepted&&e.onUnaccepted(f),e.ignoreUnaccepted||(w=new Error("Aborted because "+p+" is not accepted"+v));break;case"accepted":e.onAccepted&&e.onAccepted(f),m=!0;break;case"disposed":e.onDisposed&&e.onDisposed(f),y=!0;break;default:throw new Error("Unexception type "+f.type)}if(w)return{error:w};if(m)for(p in u[p]=g,c(l,f.outdatedModules),f.outdatedDependencies)n.o(f.outdatedDependencies,p)&&(d[p]||(d[p]=[]),c(d[p],f.outdatedDependencies[p]));y&&(c(l,[f.moduleId]),u[p]=h)}r=void 0;for(var k,b=[],C=0;C<l.length;C++){var I=l[C],E=n.c[I];E&&(E.hot._selfAccepted||E.hot._main)&&u[I]!==h&&!E.hot._selfInvalidated&&b.push({module:I,require:E.hot._requireSelf,errorHandler:E.hot._selfAccepted})}return{dispose:function(){var e;o.forEach((function(e){delete a[e]})),o=void 0;for(var t,r=l.slice();r.length>0;){var i=r.pop(),s=n.c[i];if(s){var c={},u=s.hot._disposeHandlers;for(C=0;C<u.length;C++)u[C].call(null,c);for(n.hmrD[i]=c,s.hot.active=!1,delete n.c[i],delete d[i],C=0;C<s.children.length;C++){var h=n.c[s.children[C]];h&&((e=h.parents.indexOf(i))>=0&&h.parents.splice(e,1))}}}for(var p in d)if(n.o(d,p)&&(s=n.c[p]))for(k=d[p],C=0;C<k.length;C++)t=k[C],(e=s.children.indexOf(t))>=0&&s.children.splice(e,1)},apply:function(t){for(var r in u)n.o(u,r)&&(n.m[r]=u[r]);for(var o=0;o<i.length;o++)i[o](n);for(var a in d)if(n.o(d,a)){var s=n.c[a];if(s){k=d[a];for(var c=[],h=[],p=[],f=0;f<k.length;f++){var g=k[f],w=s.hot._acceptedDependencies[g],m=s.hot._acceptedErrorHandlers[g];if(w){if(-1!==c.indexOf(w))continue;c.push(w),h.push(m),p.push(g)}}for(var y=0;y<c.length;y++)try{c[y].call(null,k)}catch(r){if("function"==typeof h[y])try{h[y](r,{moduleId:a,dependencyId:p[y]})}catch(o){e.onErrored&&e.onErrored({type:"accept-error-handler-errored",moduleId:a,dependencyId:p[y],error:o,originalError:r}),e.ignoreErrored||(t(o),t(r))}else e.onErrored&&e.onErrored({type:"accept-errored",moduleId:a,dependencyId:p[y],error:r}),e.ignoreErrored||t(r)}}}for(var v=0;v<b.length;v++){var C=b[v],I=C.module;try{C.require(I)}catch(r){if("function"==typeof C.errorHandler)try{C.errorHandler(r,{moduleId:I,module:n.c[I]})}catch(o){e.onErrored&&e.onErrored({type:"self-accept-error-handler-errored",moduleId:I,error:o,originalError:r}),e.ignoreErrored||(t(o),t(r))}else e.onErrored&&e.onErrored({type:"self-accept-errored",moduleId:I,error:r}),e.ignoreErrored||t(r)}}return l}}}this.webpackHotUpdateauthress=(t,o,a)=>{for(var c in o)n.o(o,c)&&(r[c]=o[c],e&&e.push(c));a&&i.push(a),s[t]&&(s[t](),s[t]=void 0)},n.hmrI.jsonp=function(e,t){r||(r={},i=[],o=[],t.push(d)),n.o(r,e)||(r[e]=n.m[e])},n.hmrC.jsonp=function(e,s,l,u,h,p){h.push(d),t={},o=s,r=l.reduce((function(e,t){return e[t]=!1,e}),{}),i=[],e.forEach((function(e){n.o(a,e)&&void 0!==a[e]?(u.push(c(e,p)),t[e]=!0):t[e]=!1})),n.f&&(n.f.jsonpHmr=function(e,r){t&&n.o(t,e)&&!t[e]&&(r.push(c(e)),t[e]=!0)})},n.hmrM=()=>{if("undefined"==typeof fetch)throw new Error("No browser support: need fetch API");return fetch(n.p+n.hmrF()).then((e=>{if(404!==e.status){if(!e.ok)throw new Error("Failed to fetch update manifest "+e.statusText);return e.json()}}))}})(),n(125)})()));
|
|
1
|
+
/*! Authress Login SDK 2.3.285 | Author - Authress Developers | License information can be found at https://github.com/Authress/login-sdk.js */
|
|
2
|
+
!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.authress=t():e.authress=t()}(this,(()=>(()=>{var e,t,r={219:e=>{function t(e){return String.fromCharCode(parseInt(e.slice(1),16))}function r(e){return`%${`00${e.charCodeAt(0).toString(16)}`.slice(-2)}`}e.exports.decode=function(e){return function(e){return decodeURIComponent(Array.from(atob(e),r).join(""))}(e.replace(/-/g,"+").replace(/_/g,"/"))},e.exports.encode=function(e){return e&&"object"==typeof e?btoa(String.fromCharCode(...new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,""):function(e){return btoa(encodeURIComponent(e).replace(/%[0-9A-F]{2}/g,t))}(e).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,"")}},99:(e,t,r)=>{r(219);const n=r(215),{sanitizeUrl:o}=r(825),i=r(15),a="ExtensionRequestNonce";let s=null;e.exports=class{constructor(e,t){if(this.extensionId=t,!e)throw Error('Missing required property "authressCustomDomain" in ExtensionClient constructor. The Custom Authress Domain Host is required.');if(!t)throw Error('Missing required property "extensionId" in ExtensionClient constructor. The extension is required for selecting the correct login method.');this.authressCustomDomain=o(e),this.accessToken=null,i.onLoad((async()=>{await this.requestToken({silent:!0})}))}async getUserIdentity(){const e=this.accessToken&&await n.decode(this.accessToken);return e?1e3*e.exp<Date.now()?(this.accessToken=null,null):e:null}async getTokenResponse(){return await this.getUserIdentity()?{accessToken:this.accessToken}:null}requestToken(e={code:null,silent:!1}){if(s)return s=s.catch((()=>{})).then((()=>this.requestTokenContinuation(e)));const t=this.requestTokenContinuation(e);return t.catch((()=>{})),s=t}async requestTokenContinuation(e={code:null,silent:!1}){const t=e&&e.code||new URLSearchParams(i.getCurrentLocation().search).get("code");if(!t){if(!e||!e.silent){const e=Error("OAuth Authorization code is required");throw e.code="InvalidAuthorizationCode",e}return this.getTokenResponse()}const r=new URL(this.authressCustomDomain);r.pathname="/api/authentication/oauth/tokens";const{codeVerifier:n,redirectUrl:o}=JSON.parse(localStorage.getItem(a)||"{}"),s=await fetch(r.toString(),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({code_verifier:n,code:t,grant_type:"authorization_code",client_id:this.extensionId,redirect_uri:o})}),c=await s.json();this.accessToken=c.access_token;const d=new URL(i.getCurrentLocation());return d.searchParams.delete("code"),d.searchParams.delete("iss"),d.searchParams.delete("nonce"),d.searchParams.delete("expires_in"),d.searchParams.delete("access_token"),d.searchParams.delete("id_token"),history.replaceState({},void 0,d.toString()),this.getTokenResponse()}async login(e){const t=await this.getTokenResponse();if(t)return t;const r=await this.requestToken({silent:!0});if(r)return r;const o=new URL(this.authressCustomDomain),{codeVerifier:s,codeChallenge:c}=n.getAuthCodes(),d=e||i.getCurrentLocation().href;return localStorage.setItem(a,JSON.stringify({codeVerifier:s,redirectUrl:d})),o.searchParams.set("client_id",this.extensionId),o.searchParams.set("code_challenge",c),o.searchParams.set("code_challenge_method","S256"),o.searchParams.set("redirect_uri",d),i.assign(o.toString()),await new Promise((e=>setTimeout(e,5e3))),null}}},965:(e,t,r)=>{const{sanitizeUrl:n}=r(825),o=r(15),i={"Content-Type":"application/json"},a=new Set(["Failed to fetch","NetworkError when attempting to fetch resource.","The Internet connection appears to be offline.","Network request failed","fetch failed","<HTML DOCUMENT></HTML>"]);function s(e){return e&&e.message&&a.has(e.message)}async function c(e){let t=null;for(let r=0;r<5;r++)try{return await e()}catch(e){if(e.retryCount=r,t=e,s(e)||"Network Error"===e.message||"ERR_NETWORK"===e.code||!e.status||e.status>=500){t.isNetworkError=!0,await new Promise((e=>setTimeout(e,10*2**r)));continue}throw e}throw t}e.exports=class{constructor(e,t){if(!e)throw Error("Custom Authress Domain Host is required");const r=t||{debug(){},warn(){},critical(){}};this.logger=r;const o=new URL(n(e));this.loginUrl=`${o.origin}/api`}get(e,t,r,n){return c((()=>this.fetchWrapper("GET",e,null,r,t,n)))}delete(e,t,r,n){return c((()=>this.fetchWrapper("DELETE",e,null,r,t,n)))}post(e,t,r,n,o){return c((()=>this.fetchWrapper("POST",e,r,n,t,o)))}put(e,t,r,n,o){return c((()=>this.fetchWrapper("PUT",e,r,n,t,o)))}patch(e,t,r,n,o){return c((()=>this.fetchWrapper("PATCH",e,r,n,t,o)))}async fetchWrapper(e,t,r,n,a,s){const c=`${this.loginUrl}${t.toString()}`,d=e.toUpperCase(),l=Object.assign({},i,n);try{this.logger&&this.logger.debug&&this.logger.debug({title:"HttpClient Request",method:d,url:c});const e={method:d,headers:l};r&&(e.body=JSON.stringify(r)),!o.isLocalHost()&&a&&(e.credentials="include");const t=await fetch(c,e);if(!t.ok)throw t;let n={};try{n=await t.text(),n=JSON.parse(n)}catch(e){}return{url:c,headers:t.headers,status:t.status,data:n}}catch(e){let t=e;try{t=await e.text(),t=JSON.parse(t)}catch(e){}const n=t.stack&&t.stack.match(/chrome-extension:[/][/](\w+)[/]/);if(n){this.logger&&this.logger.debug&&this.logger.debug({title:`Fetch failed due to a browser extension - ${d} - ${c}`,method:d,url:c,data:r,headers:l,error:e,resolvedError:t,extensionErrorId:n});const o=new Error(`Extension Error ID: ${n}`);throw o.code="BROWSER_EXTENSION_ERROR",o}const o=e.status;let i="warn",a="HttpClient Response Error";e?401===o?(a="HttpClient Response Error due to invalid token",i="debug"):404===o?(a="HttpClient Response: Not Found",i="debug"):o<500&&s&&(i="debug"):a="HttpClient Response Error - Unknown error occurred",this.logger&&this.logger[i]&&this.logger[i]({title:a,online:navigator.onLine,method:d,url:c,status:o,data:r,headers:l,error:e,resolvedError:t});throw{url:c,status:o,data:t,headers:e.headers}}}}},125:(e,t,r)=>{const n=r(489),o=r(802),i=r(15),a=r(965),s=r(215),{sanitizeUrl:c}=r(825),d=r(429);let l,u=new Promise((e=>l=e)),h=null;const p="AuthenticationRequestNonce";const f=r(99);e.exports={LoginClient:class{constructor(e,t){this.settings=Object.assign({applicationId:"app_default"},e),this.logger=t||console;const r=this.settings.authressApiUrl||this.settings.authressLoginHostUrl||this.settings.authenticationServiceUrl||"";if(!r)throw Error('Missing required property "authressApiUrl" in LoginClient constructor. Custom Authress Domain Host is required.');this.hostUrl=c(r),this.httpClient=new a(this.hostUrl,this.logger),this.lastSessionCheck=0,this.enableCredentials=this.getMatchingDomainInfo(this.hostUrl),e.skipBackgroundCredentialsCheck||i.onLoad((async()=>{await this.userSessionExists(!0)}))}getMatchingDomainInfo(e){const t=new URL(e);if(i.isLocalHost())return!1;const r=i.getCurrentLocation();if("https:"!==r.protocol)return!1;const n=t.host.toLowerCase().split(".").reverse(),a=r.host.toLowerCase().split(".").reverse();let s=[];for(let e of n){const t=o(a,s.length+1).join(".");if(s.concat(e).join(".")!==t)break;s.push(e)}return s.length===n.length&&s.length===a.length||s.length>1}getUserIdentity(){const e=d.getUserCookie(),t=s.decodeOrParse(e);if(t){const r=t.exp?new Date(1e3*t.exp):new Date(Date.now()+864e5);return d.set(e,r),t.userId=t.sub,t}const r=d.get(),n=s.decodeOrParse(r);return n?this.hostUrl.startsWith(n.iss)?(n.userId=n.sub,n):(this.logger&&this.logger.log&&this.logger.log({title:"Token saved in browser is for a different issuer, discarding",currentHostUrl:this.hostUrl,savedUserData:n}),d.clear(),null):null}async getConnectionCredentials(){await this.waitForUserSession();try{const e=await this.ensureToken();return(await this.httpClient.get("/session/credentials",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data}catch(e){return null}}async getDevices(){try{const e=await this.ensureToken();return(await this.httpClient.get("/session/devices",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data.devices}catch(e){return[]}}async deleteDevice(e){try{const t=await this.ensureToken();await this.httpClient.delete(`/session/devices/${encodeURIComponent(e)}`,this.enableCredentials,{Authorization:t&&`Bearer ${t}`})}catch(e){throw this.logger&&this.logger.log({title:"Failed to delete device",error:e}),e}}async openUserConfigurationScreen(e={redirectUrl:null,startPage:"Profile"}){if(!await this.userSessionExists()){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const t=new URL("/settings",this.hostUrl);t.searchParams.set("client_id",this.settings.applicationId),t.searchParams.set("start_page",e&&e.startPage||"Profile"),t.searchParams.set("redirect_uri",e&&e.redirectUrl||i.getCurrentLocation().href),i.assign(t.toString()),await Promise.resolve()}async registerDevice(e={name:""}){const t=await this.getUserIdentity();if(!t){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const r=t.sub,n={challenge:Uint8Array.from(r,(e=>e.charCodeAt(0))),rp:{id:this.hostUrl.split(".").slice(1).join("."),name:"WebAuthN Login"},user:{id:Uint8Array.from(r,(e=>e.charCodeAt(0))),name:r,displayName:`Generated User ID: ${r}`},pubKeyCredParams:[{type:"public-key",alg:-36},{type:"public-key",alg:-35},{type:"public-key",alg:-7},{type:"public-key",alg:-259},{type:"public-key",alg:-258},{type:"public-key",alg:-257}],authenticatorSelection:{residentKey:"discouraged",requireResidentKey:!1,userVerification:"discouraged"},timeout:6e4,attestation:"direct"},o=await navigator.credentials.create({publicKey:n}),i={authenticatorAttachment:o.authenticatorAttachment,credentialId:o.id,type:o.type,userId:r,attestation:btoa(String.fromCharCode(...new Uint8Array(o.response.attestationObject))),client:JSON.parse(new TextDecoder("utf-8").decode(o.response.clientDataJSON))},a={name:e&&e.name,code:i,type:"WebAuthN"};try{const e=await this.ensureToken();return(await this.httpClient.post("/session/devices",this.enableCredentials,a,{Authorization:e&&`Bearer ${e}`})).data}catch(e){throw this.logger&&this.logger.log({title:"Failed to register new device",error:e}),e}}async waitForUserSession(){try{return await u,!0}catch(e){return!1}}userSessionExists(e){return h?Date.now()-this.lastSessionCheck<50?h:(this.lastSessionCheck=Date.now(),h=h.catch((()=>{})).then((()=>this.userSessionContinuation(e)))):(this.lastSessionCheck=Date.now(),h=this.userSessionContinuation(e))}async userSessionContinuation(e){const t=new URLSearchParams(i.getCurrentLocation().search),r=new URL(i.getCurrentLocation());let o={};try{o=JSON.parse(localStorage.getItem(p)||"{}"),localStorage.removeItem(p),Object.hasOwnProperty.call(o,"enableCredentials")&&(this.enableCredentials=o.enableCredentials)}catch(e){this.logger&&this.logger.debug&&this.logger.debug({title:"LocalStorage failed in Browser",error:e})}if(t.get("state")&&"oauthLogin"===t.get("flow"))return!1;if(o.nonce&&t.get("code")&&(r.searchParams.delete("nonce"),r.searchParams.delete("iss"),r.searchParams.delete("code"),history.replaceState({},void 0,r.toString()),o.nonce===t.get("nonce"))){const e="cookie"===t.get("code")?n.parse(document.cookie)["auth-code"]:t.get("code"),r={grant_type:"authorization_code",redirect_uri:o.redirectUrl,client_id:this.settings.applicationId,code:e,code_verifier:o.codeVerifier};try{const e=await this.httpClient.post(`/authentication/${o.nonce}/tokens`,this.enableCredentials,r),t=s.decode(e.data.id_token),i=t.exp&&new Date(1e3*t.exp)||e.data.expires_in&&new Date(Date.now()+1e3*e.data.expires_in);return document.cookie=n.serialize("authorization",e.data.access_token||"",{expires:i,path:"/",sameSite:"strict"}),d.set(e.data.id_token,i),l(),!0}catch(e){if(this.logger&&this.logger.log({title:"Failed exchange authentication response for a token.",error:e}),e.data&&"invalid_request"===e.data.error)return!1;throw e.data||e}}if(i.isLocalHost()&&t.get("nonce")&&t.get("access_token")&&(r.searchParams.delete("iss"),r.searchParams.delete("nonce"),r.searchParams.delete("expires_in"),r.searchParams.delete("access_token"),r.searchParams.delete("id_token"),history.replaceState({},void 0,r.toString()),!o.nonce||o.nonce===t.get("nonce"))){const e=s.decode(t.get("id_token")),r=e.exp&&new Date(1e3*e.exp)||Number(t.get("expires_in"))&&new Date(Date.now()+1e3*Number(t.get("expires_in")));return document.cookie=n.serialize("authorization",t.get("access_token")||"",{expires:r,path:"/",sameSite:"strict"}),d.set(t.get("id_token"),r),l(),!0}if(this.getUserIdentity())return l(),!0;if(!i.isLocalHost()&&!e){try{const e=await this.httpClient.patch("/session",this.enableCredentials,{},null,!0);if(e.data.access_token){const t=s.decode(e.data.id_token),r=t.exp&&new Date(1e3*t.exp)||e.data.expires_in&&new Date(Date.now()+1e3*e.data.expires_in);document.cookie=n.serialize("authorization",e.data.access_token||"",{expires:r,path:"/",sameSite:"strict"}),d.set(e.data.id_token,r)}}catch(e){400!==e.status&&404!==e.status&&409!==e.status?this.logger&&this.logger.log&&this.logger.log({title:"User does not have an existing authentication session",error:e}):this.logger&&this.logger.log&&this.logger.log({title:"Failed attempting to check if the user has an existing authentication session",error:e})}if(this.getUserIdentity())return l(),!0}return!1}async updateExtensionAuthenticationRequest({state:e,connectionId:t,tenantLookupIdentifier:r,connectionProperties:n}){if(!t&&!r){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}const o=new URLSearchParams(i.getCurrentLocation().search),a=e||o.get("state");if(!a){const e=Error("The `state` parameters must be specified to update this authentication request");throw e.code="InvalidAuthenticationRequest",e}try{const e=await this.httpClient.patch(`/authentication/${a}`,!0,{connectionId:t,tenantLookupIdentifier:r,connectionProperties:n});i.assign(e.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to update extension authentication request",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data||e}await new Promise((e=>setTimeout(e,5e3)))}async unlinkIdentity(e){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged in to unlink an account.");throw e.code="NotLoggedIn",e}let t;try{t=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const r=this.enableCredentials&&!i.isLocalHost()?{}:{Authorization:`Bearer ${t}`};try{await this.httpClient.delete(`/identities/${encodeURIComponent(e)}`,this.enableCredentials,r)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to unlink user identity",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data||e}}async linkIdentity({connectionId:e,tenantLookupIdentifier:t,redirectUrl:r,connectionProperties:n}){if(!e&&!t){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let o;try{o=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:a}=await s.getAuthCodes();try{const s=r&&new URL(r).toString()||i.getCurrentLocation().href,c=this.enableCredentials&&!i.isLocalHost()?{}:{Authorization:`Bearer ${o}`},d=await this.httpClient.post("/authentication",this.enableCredentials,{linkIdentity:!0,redirectUrl:s,codeChallengeMethod:"S256",codeChallenge:a,connectionId:e,tenantLookupIdentifier:t,connectionProperties:n,applicationId:this.settings.applicationId},c);i.assign(d.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}await new Promise((e=>setTimeout(e,5e3)))}async authenticate(e={}){const{connectionId:t,tenantLookupIdentifier:r,inviteId:n,redirectUrl:o,force:a,responseLocation:c,flowType:l,connectionProperties:u,openType:h,multiAccount:f,clearUserDataBeforeLogin:g}=e||{};if(c&&"cookie"!==c&&"query"!==c&&"none"!==c){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!a&&!f&&await this.userSessionExists())return!0;const{codeVerifier:m,codeChallenge:w}=await s.getAuthCodes();try{const e=o&&new URL(o).toString()||i.getCurrentLocation().href;!1!==g&&d.clear();const a=await this.httpClient.post("/authentication",!1,{redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:w,connectionId:t,tenantLookupIdentifier:r,inviteId:n,connectionProperties:u,applicationId:this.settings.applicationId,responseLocation:c,flowType:l,multiAccount:f});if(localStorage.setItem(p,JSON.stringify({nonce:a.data.authenticationRequestId,codeVerifier:m,lastConnectionId:t,tenantLookupIdentifier:r,redirectUrl:e,enableCredentials:a.data.enableCredentials,multiAccount:f})),"tab"===h){const e=i.open(a.data.authenticationUrl,"_blank");e&&!e.closed&&void 0!==e.closed||i.assign(a.data.authenticationUrl)}else i.assign(a.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data||e}return await new Promise((e=>setTimeout(e,5e3))),!1}async ensureToken(e){await this.userSessionExists();const t=Object.assign({timeoutInMillis:5e3},e||{}),r=this.waitForUserSession(),o=new Promise(((e,r)=>setTimeout(r,t.timeoutInMillis||0)));try{await Promise.race([r,o])}catch(e){const t=Error("No token retrieved after timeout");throw t.code="TokenTimeout",t}const i=n.parse(document.cookie);return"undefined"!==i.authorization&&i.authorization}async logout(e){if(d.clear(),u=new Promise((e=>l=e)),this.enableCredentials)try{return await this.httpClient.delete("/session",this.enableCredentials),void(e&&e!==i.getCurrentLocation().href&&i.assign(e))}catch(e){}const t=new URL("/logout",this.hostUrl);t.searchParams.set("redirect_uri",e||i.getCurrentLocation().href),t.searchParams.set("client_id",this.settings.applicationId),i.assign(t.toString())}},ExtensionClient:f,UserConfigurationScreen:{Profile:"Profile",MFA:"MFA"}}},215:(e,t,r)=>{const n=r(219);e.exports=new class{decode(e){if(!e)return null;try{const t=JSON.parse(n.decode(e.split(".")[1]));return t.exp&&(t.exp=t.exp-10),t}catch(e){return null}}decodeOrParse(e){if(!e)return null;if("object"==typeof e)return e;try{return JSON.parse(e)}catch(t){return this.decode(e)}}decodeFull(e){if(!e)return null;try{const t=JSON.parse(n.decode(e.split(".")[0])),r=JSON.parse(n.decode(e.split(".")[1]));return r.exp&&(r.exp=r.exp-10),{header:t,payload:r}}catch(e){return null}}async getAuthCodes(){const e=n.encode((window.crypto||window.msCrypto).getRandomValues(new Uint32Array(16)).toString()),t=await(window.crypto||window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(e));return{codeVerifier:e,codeChallenge:n.encode(t)}}}},429:(e,t,r)=>{const n=r(489),o="AuthenticationCredentialsStorage";e.exports=new class{getUserCookie(){return document.cookie.split(";").filter((e=>"user"===e.split("=")[0].trim())).map((e=>e.replace(/^user=/,""))).find((e=>e&&e.trim()))||null}set(e,t){try{const r=n.parse(document.cookie);localStorage.setItem(o,JSON.stringify({idToken:e,expiry:t&&t.getTime(),jsCookies:!!r.authorization})),this.clearCookies("user")}catch(e){console.debug("LocalStorage failed in Browser",e)}}get(){let e={};try{e=n.parse(document.cookie)}catch(e){console.debug("CookieManagement failed in Browser",e)}try{const{idToken:t,expiry:r,jsCookies:n}=JSON.parse(localStorage.getItem(o)||"{}");return t?r<Date.now()||n&&!e.authorization?null:t:this.getUserCookie()}catch(e){return console.debug("LocalStorage failed in Browser",e),this.getUserCookie()}}delete(){try{localStorage.removeItem(o)}catch(e){console.debug("LocalStorage failed in Browser",e)}try{this.clearCookies("user")}catch(e){console.debug("CookieManagement failed in Browser",e)}}clear(){this.clearCookies(),this.delete()}clearCookies(e){if("undefined"==typeof window)return;const t=document.cookie.split("; ");for(const r of t){if(!["user","authorization","auth-code"].includes(r.split("=")[0])||e&&r.split("=")[0]!==e)continue;const t=window.location.hostname.split("."),n=[...Array(t.length-1)].map(((e,r)=>t.reverse().slice(0,r+2).reverse().join("."))).map((e=>[e,`.${e}`])).flat(1).concat(null);"localhost"===window.location.hostname&&n.push("localhost");for(const e of n){const t=e?`domain=${e};`:"",n=`${encodeURIComponent(r.split(";")[0].split("=")[0])}=; expires=Thu, 01-Jan-1970 00:00:01 GMT; ${t} SameSite=Strict; path=`;document.cookie=`${n}/`;const o=location.pathname.split("/");for(;o.length>0;)document.cookie=n+o.join("/"),o.pop()}}}}},825:e=>{e.exports.sanitizeUrl=function(e){return e.startsWith("http")?e:`https://${e}`}},15:e=>{e.exports=new class{onLoad(e){"undefined"!=typeof window&&(window.onload=e)}isLocalHost(){return"undefined"!=typeof window&&window.location&&("localhost"===window.location.hostname||"127.0.0.1"===window.location.hostname)}getCurrentLocation(){return"undefined"!=typeof window&&new URL(window.location)||new URL("http://localhost:8080")}assign(e){return"undefined"==typeof window?null:window.location.assign(e.toString())}open(e){return"undefined"==typeof window?null:window.location.open(e.toString())}}},489:(e,t)=>{"use strict";t.parse=function(e,t){if("string"!=typeof e)throw new TypeError("argument str must be a string");var r={},n=(t||{}).decode||o,i=0;for(;i<e.length;){var s=e.indexOf("=",i);if(-1===s)break;var c=e.indexOf(";",i);if(-1===c)c=e.length;else if(c<s){i=e.lastIndexOf(";",s-1)+1;continue}var d=e.slice(i,s).trim();if(void 0===r[d]){var l=e.slice(s+1,c).trim();34===l.charCodeAt(0)&&(l=l.slice(1,-1)),r[d]=a(l,n)}i=c+1}return r},t.serialize=function(e,t,o){var a=o||{},s=a.encode||i;if("function"!=typeof s)throw new TypeError("option encode is invalid");if(!n.test(e))throw new TypeError("argument name is invalid");var c=s(t);if(c&&!n.test(c))throw new TypeError("argument val is invalid");var d=e+"="+c;if(null!=a.maxAge){var l=a.maxAge-0;if(isNaN(l)||!isFinite(l))throw new TypeError("option maxAge is invalid");d+="; Max-Age="+Math.floor(l)}if(a.domain){if(!n.test(a.domain))throw new TypeError("option domain is invalid");d+="; Domain="+a.domain}if(a.path){if(!n.test(a.path))throw new TypeError("option path is invalid");d+="; Path="+a.path}if(a.expires){var u=a.expires;if(!function(e){return"[object Date]"===r.call(e)||e instanceof Date}(u)||isNaN(u.valueOf()))throw new TypeError("option expires is invalid");d+="; Expires="+u.toUTCString()}a.httpOnly&&(d+="; HttpOnly");a.secure&&(d+="; Secure");if(a.priority){switch("string"==typeof a.priority?a.priority.toLowerCase():a.priority){case"low":d+="; Priority=Low";break;case"medium":d+="; Priority=Medium";break;case"high":d+="; Priority=High";break;default:throw new TypeError("option priority is invalid")}}if(a.sameSite){switch("string"==typeof a.sameSite?a.sameSite.toLowerCase():a.sameSite){case!0:d+="; SameSite=Strict";break;case"lax":d+="; SameSite=Lax";break;case"strict":d+="; SameSite=Strict";break;case"none":d+="; SameSite=None";break;default:throw new TypeError("option sameSite is invalid")}}return d};var r=Object.prototype.toString,n=/^[\u0009\u0020-\u007e\u0080-\u00ff]+$/;function o(e){return-1!==e.indexOf("%")?decodeURIComponent(e):e}function i(e){return encodeURIComponent(e)}function a(e,t){try{return t(e)}catch(t){return e}}},802:e=>{var t=1/0,r=17976931348623157e292,n=NaN,o="[object Symbol]",i=/^\s+|\s+$/g,a=/^[-+]0x[0-9a-f]+$/i,s=/^0b[01]+$/i,c=/^0o[0-7]+$/i,d=parseInt,l=Object.prototype.toString;function u(e){var t=typeof e;return!!e&&("object"==t||"function"==t)}e.exports=function(e,h,p){return e&&e.length?function(e,t,r){var n=-1,o=e.length;t<0&&(t=-t>o?0:o+t),(r=r>o?o:r)<0&&(r+=o),o=t>r?0:r-t>>>0,t>>>=0;for(var i=Array(o);++n<o;)i[n]=e[n+t];return i}(e,0,(h=p||void 0===h?1:(f=function(e){return e?(e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e||function(e){return!!e&&"object"==typeof e}(e)&&l.call(e)==o}(e))return n;if(u(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=u(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(i,"");var r=s.test(e);return r||c.test(e)?d(e.slice(2),r?2:8):a.test(e)?n:+e}(e))===t||e===-t?(e<0?-1:1)*r:e==e?e:0:0===e?e:0}(h),g=f%1,f==f?g?f-g:f:0))<0?0:h):[];var f,g}}},n={};function o(e){var t=n[e];if(void 0!==t){if(void 0!==t.error)throw t.error;return t.exports}var i=n[e]={exports:{}};try{var a={id:e,module:i,factory:r[e],require:o};o.i.forEach((function(e){e(a)})),i=a.module,a.factory.call(i.exports,i,i.exports,a.require)}catch(e){throw i.error=e,e}return i.exports}return o.m=r,o.c=n,o.i=[],o.hu=e=>e+"."+o.h()+".hot-update.js",o.hmrF=()=>"main."+o.h()+".hot-update.json",o.h=()=>"ea6e1f14d80bc8c4d6c1",o.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="authress:",o.l=(r,n,i,a)=>{if(e[r])e[r].push(n);else{var s,c;if(void 0!==i)for(var d=document.getElementsByTagName("script"),l=0;l<d.length;l++){var u=d[l];if(u.getAttribute("src")==r||u.getAttribute("data-webpack")==t+i){s=u;break}}s||(c=!0,(s=document.createElement("script")).charset="utf-8",s.timeout=120,o.nc&&s.setAttribute("nonce",o.nc),s.setAttribute("data-webpack",t+i),s.src=r),e[r]=[n];var h=(t,n)=>{s.onerror=s.onload=null,clearTimeout(p);var o=e[r];if(delete e[r],s.parentNode&&s.parentNode.removeChild(s),o&&o.forEach((e=>e(n))),t)return t(n)},p=setTimeout(h.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=h.bind(null,s.onerror),s.onload=h.bind(null,s.onload),c&&document.head.appendChild(s)}},(()=>{var e,t,r,n={},i=o.c,a=[],s=[],c="idle",d=0,l=[];function u(e){c=e;for(var t=[],r=0;r<s.length;r++)t[r]=s[r].call(null,e);return Promise.all(t)}function h(){0==--d&&u("ready").then((function(){if(0===d){var e=l;l=[];for(var t=0;t<e.length;t++)e[t]()}}))}function p(e){if("idle"!==c)throw new Error("check() is only allowed in idle status");return u("check").then(o.hmrM).then((function(r){return r?u("prepare").then((function(){var n=[];return t=[],Promise.all(Object.keys(o.hmrC).reduce((function(e,i){return o.hmrC[i](r.c,r.r,r.m,e,t,n),e}),[])).then((function(){return t=function(){return e?g(e):u("ready").then((function(){return n}))},0===d?t():new Promise((function(e){l.push((function(){e(t())}))}));var t}))})):u(m()?"ready":"idle").then((function(){return null}))}))}function f(e){return"ready"!==c?Promise.resolve().then((function(){throw new Error("apply() is only allowed in ready status (state: "+c+")")})):g(e)}function g(e){e=e||{},m();var n=t.map((function(t){return t(e)}));t=void 0;var o=n.map((function(e){return e.error})).filter(Boolean);if(o.length>0)return u("abort").then((function(){throw o[0]}));var i=u("dispose");n.forEach((function(e){e.dispose&&e.dispose()}));var a,s=u("apply"),c=function(e){a||(a=e)},d=[];return n.forEach((function(e){if(e.apply){var t=e.apply(c);if(t)for(var r=0;r<t.length;r++)d.push(t[r])}})),Promise.all([i,s]).then((function(){return a?u("fail").then((function(){throw a})):r?g(e).then((function(e){return d.forEach((function(t){e.indexOf(t)<0&&e.push(t)})),e})):u("idle").then((function(){return d}))}))}function m(){if(r)return t||(t=[]),Object.keys(o.hmrI).forEach((function(e){r.forEach((function(r){o.hmrI[e](r,t)}))})),r=void 0,!0}o.hmrD=n,o.i.push((function(l){var g,m,w,y,v=l.module,k=function(t,r){var n=i[r];if(!n)return t;var o=function(o){if(n.hot.active){if(i[o]){var s=i[o].parents;-1===s.indexOf(r)&&s.push(r)}else a=[r],e=o;-1===n.children.indexOf(o)&&n.children.push(o)}else console.warn("[HMR] unexpected require("+o+") from disposed module "+r),a=[];return t(o)},s=function(e){return{configurable:!0,enumerable:!0,get:function(){return t[e]},set:function(r){t[e]=r}}};for(var l in t)Object.prototype.hasOwnProperty.call(t,l)&&"e"!==l&&Object.defineProperty(o,l,s(l));return o.e=function(e,r){return function(e){switch(c){case"ready":u("prepare");case"prepare":return d++,e.then(h,h),e;default:return e}}(t.e(e,r))},o}(l.require,l.id);v.hot=(g=l.id,m=v,y={_acceptedDependencies:{},_acceptedErrorHandlers:{},_declinedDependencies:{},_selfAccepted:!1,_selfDeclined:!1,_selfInvalidated:!1,_disposeHandlers:[],_main:w=e!==g,_requireSelf:function(){a=m.parents.slice(),e=w?void 0:g,o(g)},active:!0,accept:function(e,t,r){if(void 0===e)y._selfAccepted=!0;else if("function"==typeof e)y._selfAccepted=e;else if("object"==typeof e&&null!==e)for(var n=0;n<e.length;n++)y._acceptedDependencies[e[n]]=t||function(){},y._acceptedErrorHandlers[e[n]]=r;else y._acceptedDependencies[e]=t||function(){},y._acceptedErrorHandlers[e]=r},decline:function(e){if(void 0===e)y._selfDeclined=!0;else if("object"==typeof e&&null!==e)for(var t=0;t<e.length;t++)y._declinedDependencies[e[t]]=!0;else y._declinedDependencies[e]=!0},dispose:function(e){y._disposeHandlers.push(e)},addDisposeHandler:function(e){y._disposeHandlers.push(e)},removeDisposeHandler:function(e){var t=y._disposeHandlers.indexOf(e);t>=0&&y._disposeHandlers.splice(t,1)},invalidate:function(){switch(this._selfInvalidated=!0,c){case"idle":t=[],Object.keys(o.hmrI).forEach((function(e){o.hmrI[e](g,t)})),u("ready");break;case"ready":Object.keys(o.hmrI).forEach((function(e){o.hmrI[e](g,t)}));break;case"prepare":case"check":case"dispose":case"apply":(r=r||[]).push(g)}},check:p,apply:f,status:function(e){if(!e)return c;s.push(e)},addStatusHandler:function(e){s.push(e)},removeStatusHandler:function(e){var t=s.indexOf(e);t>=0&&s.splice(t,1)},data:n[g]},e=void 0,y),v.parents=a,v.children=[],a=[],l.require=k})),o.hmrC={},o.hmrI={}})(),o.p="",(()=>{var e,t,r,n,i,a=o.hmrS_jsonp=o.hmrS_jsonp||{179:0},s={};function c(t,r){return e=r,new Promise(((e,r)=>{s[t]=e;var n=o.p+o.hu(t),i=new Error;o.l(n,(e=>{if(s[t]){s[t]=void 0;var n=e&&("load"===e.type?"missing":e.type),o=e&&e.target&&e.target.src;i.message="Loading hot update chunk "+t+" failed.\n("+n+": "+o+")",i.name="ChunkLoadError",i.type=n,i.request=o,r(i)}}))}))}function d(e){function s(e){for(var t=[e],r={},n=t.map((function(e){return{chain:[e],id:e}}));n.length>0;){var i=n.pop(),a=i.id,s=i.chain,d=o.c[a];if(d&&(!d.hot._selfAccepted||d.hot._selfInvalidated)){if(d.hot._selfDeclined)return{type:"self-declined",chain:s,moduleId:a};if(d.hot._main)return{type:"unaccepted",chain:s,moduleId:a};for(var l=0;l<d.parents.length;l++){var u=d.parents[l],h=o.c[u];if(h){if(h.hot._declinedDependencies[a])return{type:"declined",chain:s.concat([u]),moduleId:a,parentId:u};-1===t.indexOf(u)&&(h.hot._acceptedDependencies[a]?(r[u]||(r[u]=[]),c(r[u],[a])):(delete r[u],t.push(u),n.push({chain:s.concat([u]),id:u})))}}}}return{type:"accepted",moduleId:e,outdatedModules:t,outdatedDependencies:r}}function c(e,t){for(var r=0;r<t.length;r++){var n=t[r];-1===e.indexOf(n)&&e.push(n)}}o.f&&delete o.f.jsonpHmr,t=void 0;var d={},l=[],u={},h=function(e){console.warn("[HMR] unexpected require("+e.id+") to disposed module")};for(var p in r)if(o.o(r,p)){var f,g=r[p],m=!1,w=!1,y=!1,v="";switch((f=g?s(p):{type:"disposed",moduleId:p}).chain&&(v="\nUpdate propagation: "+f.chain.join(" -> ")),f.type){case"self-declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined||(m=new Error("Aborted because of self decline: "+f.moduleId+v));break;case"declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined||(m=new Error("Aborted because of declined dependency: "+f.moduleId+" in "+f.parentId+v));break;case"unaccepted":e.onUnaccepted&&e.onUnaccepted(f),e.ignoreUnaccepted||(m=new Error("Aborted because "+p+" is not accepted"+v));break;case"accepted":e.onAccepted&&e.onAccepted(f),w=!0;break;case"disposed":e.onDisposed&&e.onDisposed(f),y=!0;break;default:throw new Error("Unexception type "+f.type)}if(m)return{error:m};if(w)for(p in u[p]=g,c(l,f.outdatedModules),f.outdatedDependencies)o.o(f.outdatedDependencies,p)&&(d[p]||(d[p]=[]),c(d[p],f.outdatedDependencies[p]));y&&(c(l,[f.moduleId]),u[p]=h)}r=void 0;for(var k,C=[],b=0;b<l.length;b++){var I=l[b],S=o.c[I];S&&(S.hot._selfAccepted||S.hot._main)&&u[I]!==h&&!S.hot._selfInvalidated&&C.push({module:I,require:S.hot._requireSelf,errorHandler:S.hot._selfAccepted})}return{dispose:function(){var e;n.forEach((function(e){delete a[e]})),n=void 0;for(var t,r=l.slice();r.length>0;){var i=r.pop(),s=o.c[i];if(s){var c={},u=s.hot._disposeHandlers;for(b=0;b<u.length;b++)u[b].call(null,c);for(o.hmrD[i]=c,s.hot.active=!1,delete o.c[i],delete d[i],b=0;b<s.children.length;b++){var h=o.c[s.children[b]];h&&((e=h.parents.indexOf(i))>=0&&h.parents.splice(e,1))}}}for(var p in d)if(o.o(d,p)&&(s=o.c[p]))for(k=d[p],b=0;b<k.length;b++)t=k[b],(e=s.children.indexOf(t))>=0&&s.children.splice(e,1)},apply:function(t){for(var r in u)o.o(u,r)&&(o.m[r]=u[r]);for(var n=0;n<i.length;n++)i[n](o);for(var a in d)if(o.o(d,a)){var s=o.c[a];if(s){k=d[a];for(var c=[],h=[],p=[],f=0;f<k.length;f++){var g=k[f],m=s.hot._acceptedDependencies[g],w=s.hot._acceptedErrorHandlers[g];if(m){if(-1!==c.indexOf(m))continue;c.push(m),h.push(w),p.push(g)}}for(var y=0;y<c.length;y++)try{c[y].call(null,k)}catch(r){if("function"==typeof h[y])try{h[y](r,{moduleId:a,dependencyId:p[y]})}catch(n){e.onErrored&&e.onErrored({type:"accept-error-handler-errored",moduleId:a,dependencyId:p[y],error:n,originalError:r}),e.ignoreErrored||(t(n),t(r))}else e.onErrored&&e.onErrored({type:"accept-errored",moduleId:a,dependencyId:p[y],error:r}),e.ignoreErrored||t(r)}}}for(var v=0;v<C.length;v++){var b=C[v],I=b.module;try{b.require(I)}catch(r){if("function"==typeof b.errorHandler)try{b.errorHandler(r,{moduleId:I,module:o.c[I]})}catch(n){e.onErrored&&e.onErrored({type:"self-accept-error-handler-errored",moduleId:I,error:n,originalError:r}),e.ignoreErrored||(t(n),t(r))}else e.onErrored&&e.onErrored({type:"self-accept-errored",moduleId:I,error:r}),e.ignoreErrored||t(r)}}return l}}}this.webpackHotUpdateauthress=(t,n,a)=>{for(var c in n)o.o(n,c)&&(r[c]=n[c],e&&e.push(c));a&&i.push(a),s[t]&&(s[t](),s[t]=void 0)},o.hmrI.jsonp=function(e,t){r||(r={},i=[],n=[],t.push(d)),o.o(r,e)||(r[e]=o.m[e])},o.hmrC.jsonp=function(e,s,l,u,h,p){h.push(d),t={},n=s,r=l.reduce((function(e,t){return e[t]=!1,e}),{}),i=[],e.forEach((function(e){o.o(a,e)&&void 0!==a[e]?(u.push(c(e,p)),t[e]=!0):t[e]=!1})),o.f&&(o.f.jsonpHmr=function(e,r){t&&o.o(t,e)&&!t[e]&&(r.push(c(e)),t[e]=!0)})},o.hmrM=()=>{if("undefined"==typeof fetch)throw new Error("No browser support: need fetch API");return fetch(o.p+o.hmrF()).then((e=>{if(404!==e.status){if(!e.ok)throw new Error("Failed to fetch update manifest "+e.statusText);return e.json()}}))}})(),o(125)})()));
|
|
Binary file
|
package/dist/authress.min.js.gz
CHANGED
|
Binary file
|
|
@@ -0,0 +1,129 @@
|
|
|
1
|
+
<!DOCTYPE html>
|
|
2
|
+
<html>
|
|
3
|
+
<head>
|
|
4
|
+
<meta charset="UTF-8">
|
|
5
|
+
<title>ESLint Report</title>
|
|
6
|
+
<style>
|
|
7
|
+
body {
|
|
8
|
+
font-family:Arial, "Helvetica Neue", Helvetica, sans-serif;
|
|
9
|
+
font-size:16px;
|
|
10
|
+
font-weight:normal;
|
|
11
|
+
margin:0;
|
|
12
|
+
padding:0;
|
|
13
|
+
color:#333
|
|
14
|
+
}
|
|
15
|
+
#overview {
|
|
16
|
+
padding:20px 30px
|
|
17
|
+
}
|
|
18
|
+
td, th {
|
|
19
|
+
padding:5px 10px
|
|
20
|
+
}
|
|
21
|
+
h1 {
|
|
22
|
+
margin:0
|
|
23
|
+
}
|
|
24
|
+
table {
|
|
25
|
+
margin:30px;
|
|
26
|
+
width:calc(100% - 60px);
|
|
27
|
+
max-width:1000px;
|
|
28
|
+
border-radius:5px;
|
|
29
|
+
border:1px solid #ddd;
|
|
30
|
+
border-spacing:0px;
|
|
31
|
+
}
|
|
32
|
+
th {
|
|
33
|
+
font-weight:400;
|
|
34
|
+
font-size:medium;
|
|
35
|
+
text-align:left;
|
|
36
|
+
cursor:pointer
|
|
37
|
+
}
|
|
38
|
+
td.clr-1, td.clr-2, th span {
|
|
39
|
+
font-weight:700
|
|
40
|
+
}
|
|
41
|
+
th span {
|
|
42
|
+
float:right;
|
|
43
|
+
margin-left:20px
|
|
44
|
+
}
|
|
45
|
+
th span:after {
|
|
46
|
+
content:"";
|
|
47
|
+
clear:both;
|
|
48
|
+
display:block
|
|
49
|
+
}
|
|
50
|
+
tr:last-child td {
|
|
51
|
+
border-bottom:none
|
|
52
|
+
}
|
|
53
|
+
tr td:first-child, tr td:last-child {
|
|
54
|
+
color:#9da0a4
|
|
55
|
+
}
|
|
56
|
+
#overview.bg-0, tr.bg-0 th {
|
|
57
|
+
color:#468847;
|
|
58
|
+
background:#dff0d8;
|
|
59
|
+
border-bottom:1px solid #d6e9c6
|
|
60
|
+
}
|
|
61
|
+
#overview.bg-1, tr.bg-1 th {
|
|
62
|
+
color:#f0ad4e;
|
|
63
|
+
background:#fcf8e3;
|
|
64
|
+
border-bottom:1px solid #fbeed5
|
|
65
|
+
}
|
|
66
|
+
#overview.bg-2, tr.bg-2 th {
|
|
67
|
+
color:#b94a48;
|
|
68
|
+
background:#f2dede;
|
|
69
|
+
border-bottom:1px solid #eed3d7
|
|
70
|
+
}
|
|
71
|
+
td {
|
|
72
|
+
border-bottom:1px solid #ddd
|
|
73
|
+
}
|
|
74
|
+
td.clr-1 {
|
|
75
|
+
color:#f0ad4e
|
|
76
|
+
}
|
|
77
|
+
td.clr-2 {
|
|
78
|
+
color:#b94a48
|
|
79
|
+
}
|
|
80
|
+
td a {
|
|
81
|
+
color:#3a33d1;
|
|
82
|
+
text-decoration:none
|
|
83
|
+
}
|
|
84
|
+
td a:hover {
|
|
85
|
+
color:#272296;
|
|
86
|
+
text-decoration:underline
|
|
87
|
+
}
|
|
88
|
+
</style>
|
|
89
|
+
</head>
|
|
90
|
+
<body>
|
|
91
|
+
<div id="overview" class="bg-1">
|
|
92
|
+
<h1>ESLint Report</h1>
|
|
93
|
+
<div>
|
|
94
|
+
<span>1 problem (0 errors, 1 warning)</span> - Generated on Mon Jan 29 2024 19:41:34 GMT+0000 (Coordinated Universal Time)
|
|
95
|
+
</div>
|
|
96
|
+
</div>
|
|
97
|
+
<table>
|
|
98
|
+
<tbody>
|
|
99
|
+
<tr class="bg-1" data-group="f-0">
|
|
100
|
+
<th colspan="4">
|
|
101
|
+
[+] /home/runner/work/authress-login.js/authress-login.js/src/extensionClient.js
|
|
102
|
+
<span>1 problem (0 errors, 1 warning)</span>
|
|
103
|
+
</th>
|
|
104
|
+
</tr>
|
|
105
|
+
<tr style="display:none" class="f-0">
|
|
106
|
+
<td>1:7</td>
|
|
107
|
+
<td class="clr-1">Warning</td>
|
|
108
|
+
<td>'base64url' is assigned a value but never used.</td>
|
|
109
|
+
<td>
|
|
110
|
+
<a href="" target="_blank" rel="noopener noreferrer">@typescript-eslint/no-unused-vars</a>
|
|
111
|
+
</td>
|
|
112
|
+
</tr>
|
|
113
|
+
|
|
114
|
+
</tbody>
|
|
115
|
+
</table>
|
|
116
|
+
<script type="text/javascript">
|
|
117
|
+
var groups = document.querySelectorAll("tr[data-group]");
|
|
118
|
+
for (i = 0; i < groups.length; i++) {
|
|
119
|
+
groups[i].addEventListener("click", function() {
|
|
120
|
+
var inGroup = document.getElementsByClassName(this.getAttribute("data-group"));
|
|
121
|
+
this.innerHTML = (this.innerHTML.indexOf("+") > -1) ? this.innerHTML.replace("+", "-") : this.innerHTML.replace("-", "+");
|
|
122
|
+
for (var j = 0; j < inGroup.length; j++) {
|
|
123
|
+
inGroup[j].style.display = (inGroup[j].style.display !== "none") ? "none" : "table-row";
|
|
124
|
+
}
|
|
125
|
+
});
|
|
126
|
+
}
|
|
127
|
+
</script>
|
|
128
|
+
</body>
|
|
129
|
+
</html>
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@authress/login",
|
|
3
|
-
"version": "2.3.
|
|
3
|
+
"version": "2.3.285",
|
|
4
4
|
"description": "Universal login sdk for Authress authentication as a service. Provides managed authentication for user identity, authentication, and token verification.",
|
|
5
5
|
"main": "./src/index.js",
|
|
6
6
|
"types": "./index.d.ts",
|
package/src/extensionClient.js
CHANGED
|
@@ -2,6 +2,7 @@ const base64url = require('./base64url');
|
|
|
2
2
|
|
|
3
3
|
const jwtManager = require('./jwtManager');
|
|
4
4
|
const { sanitizeUrl } = require('./util');
|
|
5
|
+
const windowManager = require('./windowManager');
|
|
5
6
|
|
|
6
7
|
const AuthenticationRequestNonceKey = 'ExtensionRequestNonce';
|
|
7
8
|
|
|
@@ -27,9 +28,9 @@ class ExtensionClient {
|
|
|
27
28
|
this.authressCustomDomain = sanitizeUrl(authressCustomDomain);
|
|
28
29
|
this.accessToken = null;
|
|
29
30
|
|
|
30
|
-
|
|
31
|
+
windowManager.onLoad(async () => {
|
|
31
32
|
await this.requestToken({ silent: true });
|
|
32
|
-
};
|
|
33
|
+
});
|
|
33
34
|
}
|
|
34
35
|
|
|
35
36
|
/**
|
|
@@ -76,7 +77,7 @@ class ExtensionClient {
|
|
|
76
77
|
}
|
|
77
78
|
|
|
78
79
|
async requestTokenContinuation(options = { code: null, silent: false }) {
|
|
79
|
-
const code = options && options.code || new URLSearchParams(
|
|
80
|
+
const code = options && options.code || new URLSearchParams(windowManager.getCurrentLocation().search).get('code');
|
|
80
81
|
if (!code) {
|
|
81
82
|
if (!options || !options.silent) {
|
|
82
83
|
const e = Error('OAuth Authorization code is required');
|
|
@@ -104,7 +105,7 @@ class ExtensionClient {
|
|
|
104
105
|
const tokenResponse = await result.json();
|
|
105
106
|
this.accessToken = tokenResponse.access_token;
|
|
106
107
|
|
|
107
|
-
const newUrl = new URL(
|
|
108
|
+
const newUrl = new URL(windowManager.getCurrentLocation());
|
|
108
109
|
newUrl.searchParams.delete('code');
|
|
109
110
|
newUrl.searchParams.delete('iss');
|
|
110
111
|
newUrl.searchParams.delete('nonce');
|
|
@@ -132,18 +133,15 @@ class ExtensionClient {
|
|
|
132
133
|
}
|
|
133
134
|
const url = new URL(this.authressCustomDomain);
|
|
134
135
|
|
|
135
|
-
const codeVerifier
|
|
136
|
-
// https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest
|
|
137
|
-
const hashBuffer = await (window.crypto || window.msCrypto).subtle.digest('SHA-256', new TextEncoder().encode(codeVerifier));
|
|
138
|
-
const codeChallenge = base64url.encode(hashBuffer);
|
|
136
|
+
const { codeVerifier, codeChallenge } = jwtManager.getAuthCodes();
|
|
139
137
|
|
|
140
|
-
const redirectUrl = redirectUrlOverride ||
|
|
138
|
+
const redirectUrl = redirectUrlOverride || windowManager.getCurrentLocation().href;
|
|
141
139
|
localStorage.setItem(AuthenticationRequestNonceKey, JSON.stringify({ codeVerifier, redirectUrl }));
|
|
142
140
|
url.searchParams.set('client_id', this.extensionId);
|
|
143
141
|
url.searchParams.set('code_challenge', codeChallenge);
|
|
144
142
|
url.searchParams.set('code_challenge_method', 'S256');
|
|
145
143
|
url.searchParams.set('redirect_uri', redirectUrl);
|
|
146
|
-
|
|
144
|
+
windowManager.assign(url.toString());
|
|
147
145
|
|
|
148
146
|
// Prevent the current UI from taking any action once we decided we need to log in.
|
|
149
147
|
await new Promise(resolve => setTimeout(resolve, 5000));
|
package/src/httpClient.js
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
const { sanitizeUrl } = require('./util');
|
|
2
|
+
const windowManager = require('./windowManager');
|
|
2
3
|
|
|
3
4
|
const defaultHeaders = {
|
|
4
5
|
'Content-Type': 'application/json'
|
|
@@ -90,7 +91,7 @@ class HttpClient {
|
|
|
90
91
|
if (data) {
|
|
91
92
|
request.body = JSON.stringify(data);
|
|
92
93
|
}
|
|
93
|
-
if (
|
|
94
|
+
if (!windowManager.isLocalHost() && !!withCredentials) {
|
|
94
95
|
request.credentials = 'include';
|
|
95
96
|
}
|
|
96
97
|
const response = await fetch(url, request);
|
package/src/index.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
const cookieManager = require('cookie');
|
|
2
2
|
const take = require('lodash.take');
|
|
3
3
|
|
|
4
|
+
const windowManager = require('./windowManager');
|
|
4
5
|
const HttpClient = require('./httpClient');
|
|
5
6
|
const jwtManager = require('./jwtManager');
|
|
6
7
|
const { sanitizeUrl } = require('./util');
|
|
@@ -34,38 +35,30 @@ class LoginClient {
|
|
|
34
35
|
this.httpClient = new HttpClient(this.hostUrl, this.logger);
|
|
35
36
|
this.lastSessionCheck = 0;
|
|
36
37
|
|
|
37
|
-
this.enableCredentials = this.getMatchingDomainInfo(this.hostUrl
|
|
38
|
+
this.enableCredentials = this.getMatchingDomainInfo(this.hostUrl);
|
|
38
39
|
|
|
39
40
|
if (!settings.skipBackgroundCredentialsCheck) {
|
|
40
|
-
|
|
41
|
+
windowManager.onLoad(async () => {
|
|
41
42
|
await this.userSessionExists(true);
|
|
42
|
-
};
|
|
43
|
+
});
|
|
43
44
|
}
|
|
44
45
|
}
|
|
45
46
|
|
|
46
|
-
|
|
47
|
-
const isLocalHost = typeof window !== 'undefined' && window.location && (window.location.hostname === 'localhost' || window.location.hostname === '127.0.0.1');
|
|
48
|
-
return isLocalHost;
|
|
49
|
-
}
|
|
50
|
-
|
|
51
|
-
getMatchingDomainInfo(hostUrlString, webWindow) {
|
|
47
|
+
getMatchingDomainInfo(hostUrlString) {
|
|
52
48
|
const hostUrl = new URL(hostUrlString);
|
|
53
49
|
|
|
54
|
-
if (
|
|
55
|
-
return false;
|
|
56
|
-
}
|
|
57
|
-
|
|
58
|
-
if (typeof webWindow === 'undefined') {
|
|
50
|
+
if (windowManager.isLocalHost()) {
|
|
59
51
|
return false;
|
|
60
52
|
}
|
|
61
53
|
|
|
62
|
-
|
|
54
|
+
const currentLocation = windowManager.getCurrentLocation();
|
|
55
|
+
if (currentLocation.protocol !== 'https:') {
|
|
63
56
|
return false;
|
|
64
57
|
}
|
|
65
58
|
|
|
66
59
|
const tokenUrlList = hostUrl.host.toLowerCase().split('.').reverse();
|
|
67
60
|
// Login url may not be known all the time, in which case we will compare the token url to the appUrl
|
|
68
|
-
const appUrlList =
|
|
61
|
+
const appUrlList = currentLocation.host.toLowerCase().split('.').reverse();
|
|
69
62
|
|
|
70
63
|
let reversedMatchSegments = [];
|
|
71
64
|
for (let segment of tokenUrlList) {
|
|
@@ -170,8 +163,8 @@ class LoginClient {
|
|
|
170
163
|
const userConfigurationScreenUrl = new URL('/settings', this.hostUrl);
|
|
171
164
|
userConfigurationScreenUrl.searchParams.set('client_id', this.settings.applicationId);
|
|
172
165
|
userConfigurationScreenUrl.searchParams.set('start_page', options && options.startPage || 'Profile');
|
|
173
|
-
userConfigurationScreenUrl.searchParams.set('redirect_uri', options && options.redirectUrl ||
|
|
174
|
-
|
|
166
|
+
userConfigurationScreenUrl.searchParams.set('redirect_uri', options && options.redirectUrl || windowManager.getCurrentLocation().href);
|
|
167
|
+
windowManager.assign(userConfigurationScreenUrl.toString());
|
|
175
168
|
await Promise.resolve();
|
|
176
169
|
}
|
|
177
170
|
|
|
@@ -280,8 +273,8 @@ class LoginClient {
|
|
|
280
273
|
}
|
|
281
274
|
|
|
282
275
|
async userSessionContinuation(backgroundTrigger) {
|
|
283
|
-
const urlSearchParams = new URLSearchParams(
|
|
284
|
-
const newUrl = new URL(
|
|
276
|
+
const urlSearchParams = new URLSearchParams(windowManager.getCurrentLocation().search);
|
|
277
|
+
const newUrl = new URL(windowManager.getCurrentLocation());
|
|
285
278
|
|
|
286
279
|
let authRequest = {};
|
|
287
280
|
try {
|
|
@@ -330,7 +323,7 @@ class LoginClient {
|
|
|
330
323
|
}
|
|
331
324
|
}
|
|
332
325
|
|
|
333
|
-
if (
|
|
326
|
+
if (windowManager.isLocalHost()) {
|
|
334
327
|
if (urlSearchParams.get('nonce') && urlSearchParams.get('access_token')) {
|
|
335
328
|
newUrl.searchParams.delete('iss');
|
|
336
329
|
newUrl.searchParams.delete('nonce');
|
|
@@ -361,7 +354,7 @@ class LoginClient {
|
|
|
361
354
|
return true;
|
|
362
355
|
}
|
|
363
356
|
|
|
364
|
-
if (!
|
|
357
|
+
if (!windowManager.isLocalHost() && !backgroundTrigger) {
|
|
365
358
|
try {
|
|
366
359
|
const sessionResult = await this.httpClient.patch('/session', this.enableCredentials, {}, null, true);
|
|
367
360
|
// In the case that the session contains non cookie based data, store it back to the cookie for this domain
|
|
@@ -403,7 +396,7 @@ class LoginClient {
|
|
|
403
396
|
throw e;
|
|
404
397
|
}
|
|
405
398
|
|
|
406
|
-
const urlSearchParams = new URLSearchParams(
|
|
399
|
+
const urlSearchParams = new URLSearchParams(windowManager.getCurrentLocation().search);
|
|
407
400
|
const authenticationRequestId = state || urlSearchParams.get('state');
|
|
408
401
|
if (!authenticationRequestId) {
|
|
409
402
|
const e = Error('The `state` parameters must be specified to update this authentication request');
|
|
@@ -416,7 +409,7 @@ class LoginClient {
|
|
|
416
409
|
connectionId, tenantLookupIdentifier, connectionProperties
|
|
417
410
|
});
|
|
418
411
|
|
|
419
|
-
|
|
412
|
+
windowManager.assign(requestOptions.data.authenticationUrl);
|
|
420
413
|
} catch (error) {
|
|
421
414
|
this.logger && this.logger.log && this.logger.log({ title: 'Failed to update extension authentication request', error });
|
|
422
415
|
if (error.status && error.status >= 400 && error.status < 500) {
|
|
@@ -460,7 +453,7 @@ class LoginClient {
|
|
|
460
453
|
}
|
|
461
454
|
}
|
|
462
455
|
|
|
463
|
-
const headers = this.enableCredentials && !
|
|
456
|
+
const headers = this.enableCredentials && !windowManager.isLocalHost() ? {} : {
|
|
464
457
|
Authorization: `Bearer ${accessToken}`
|
|
465
458
|
};
|
|
466
459
|
|
|
@@ -513,8 +506,8 @@ class LoginClient {
|
|
|
513
506
|
|
|
514
507
|
try {
|
|
515
508
|
const normalizedRedirectUrl = redirectUrl && new URL(redirectUrl).toString();
|
|
516
|
-
const selectedRedirectUrl = normalizedRedirectUrl ||
|
|
517
|
-
const headers = this.enableCredentials && !
|
|
509
|
+
const selectedRedirectUrl = normalizedRedirectUrl || windowManager.getCurrentLocation().href;
|
|
510
|
+
const headers = this.enableCredentials && !windowManager.isLocalHost() ? {} : {
|
|
518
511
|
Authorization: `Bearer ${accessToken}`
|
|
519
512
|
};
|
|
520
513
|
const requestOptions = await this.httpClient.post('/authentication', this.enableCredentials, {
|
|
@@ -524,7 +517,7 @@ class LoginClient {
|
|
|
524
517
|
connectionProperties,
|
|
525
518
|
applicationId: this.settings.applicationId
|
|
526
519
|
}, headers);
|
|
527
|
-
|
|
520
|
+
windowManager.assign(requestOptions.data.authenticationUrl);
|
|
528
521
|
} catch (error) {
|
|
529
522
|
this.logger && this.logger.log && this.logger.log({ title: 'Failed to start user identity link', error });
|
|
530
523
|
if (error.status && error.status >= 400 && error.status < 500) {
|
|
@@ -569,7 +562,7 @@ class LoginClient {
|
|
|
569
562
|
|
|
570
563
|
try {
|
|
571
564
|
const normalizedRedirectUrl = redirectUrl && new URL(redirectUrl).toString();
|
|
572
|
-
const selectedRedirectUrl = normalizedRedirectUrl ||
|
|
565
|
+
const selectedRedirectUrl = normalizedRedirectUrl || windowManager.getCurrentLocation().href;
|
|
573
566
|
if (clearUserDataBeforeLogin !== false) {
|
|
574
567
|
userIdentityTokenStorageManager.clear();
|
|
575
568
|
}
|
|
@@ -586,12 +579,12 @@ class LoginClient {
|
|
|
586
579
|
enableCredentials: authResponse.data.enableCredentials, multiAccount
|
|
587
580
|
}));
|
|
588
581
|
if (openType === 'tab') {
|
|
589
|
-
const result =
|
|
582
|
+
const result = windowManager.open(authResponse.data.authenticationUrl, '_blank');
|
|
590
583
|
if (!result || result.closed || typeof result.closed === 'undefined') {
|
|
591
|
-
|
|
584
|
+
windowManager.assign(authResponse.data.authenticationUrl);
|
|
592
585
|
}
|
|
593
586
|
} else {
|
|
594
|
-
|
|
587
|
+
windowManager.assign(authResponse.data.authenticationUrl);
|
|
595
588
|
}
|
|
596
589
|
} catch (error) {
|
|
597
590
|
this.logger && this.logger.log && this.logger.log({ title: 'Failed to start authentication for user', error });
|
|
@@ -642,17 +635,17 @@ class LoginClient {
|
|
|
642
635
|
if (this.enableCredentials) {
|
|
643
636
|
try {
|
|
644
637
|
await this.httpClient.delete('/session', this.enableCredentials);
|
|
645
|
-
if (redirectUrl && redirectUrl !==
|
|
646
|
-
|
|
638
|
+
if (redirectUrl && redirectUrl !== windowManager.getCurrentLocation().href) {
|
|
639
|
+
windowManager.assign(redirectUrl);
|
|
647
640
|
}
|
|
648
641
|
return;
|
|
649
642
|
} catch (error) { /**/ }
|
|
650
643
|
}
|
|
651
644
|
|
|
652
645
|
const fullLogoutUrl = new URL('/logout', this.hostUrl);
|
|
653
|
-
fullLogoutUrl.searchParams.set('redirect_uri', redirectUrl ||
|
|
646
|
+
fullLogoutUrl.searchParams.set('redirect_uri', redirectUrl || windowManager.getCurrentLocation().href);
|
|
654
647
|
fullLogoutUrl.searchParams.set('client_id', this.settings.applicationId);
|
|
655
|
-
|
|
648
|
+
windowManager.assign(fullLogoutUrl.toString());
|
|
656
649
|
}
|
|
657
650
|
}
|
|
658
651
|
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
class WindowManager {
|
|
2
|
+
onLoad(callback) {
|
|
3
|
+
if (typeof window !== 'undefined') {
|
|
4
|
+
window.onload = callback;
|
|
5
|
+
}
|
|
6
|
+
}
|
|
7
|
+
|
|
8
|
+
isLocalHost() {
|
|
9
|
+
const isLocalHost = typeof window !== 'undefined' && window.location && (window.location.hostname === 'localhost' || window.location.hostname === '127.0.0.1');
|
|
10
|
+
return isLocalHost;
|
|
11
|
+
}
|
|
12
|
+
|
|
13
|
+
getCurrentLocation() {
|
|
14
|
+
return typeof window !== 'undefined' && new URL(window.location) || new URL('http://localhost:8080');
|
|
15
|
+
}
|
|
16
|
+
|
|
17
|
+
assign(newLocationUrl) {
|
|
18
|
+
if (typeof window === 'undefined') {
|
|
19
|
+
return null;
|
|
20
|
+
}
|
|
21
|
+
return window.location.assign(newLocationUrl.toString());
|
|
22
|
+
}
|
|
23
|
+
|
|
24
|
+
open(newLocationUrl) {
|
|
25
|
+
if (typeof window === 'undefined') {
|
|
26
|
+
return null;
|
|
27
|
+
}
|
|
28
|
+
return window.location.open(newLocationUrl.toString());
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
|
|
32
|
+
module.exports = new WindowManager();
|