@authress/login 2.3.298 → 2.3.301

package/README.md

@@ -1,5 +1,5 @@
 <p align="center">
-  <img height="300px" src="https://authress.io/static/images/media-banner.png" alt="Authress media banner">
+  <img src="https://authress.io/static/images/linkedin-banner.png" alt="Authress media banner">
 </p>
 
 # Authress Login SDK for UIs
@@ -121,4 +121,4 @@ Curious exactly how these methods work and when they should be used? We have som
 
 ## Contributing
 
-If you are interested in contributing to the @authress/login SDK, feel fere to read the [contribution.md](./docs/contibution.md) guide.
+If you are interested in contributing to the @authress/login SDK, feel fere to read the [contribution.md](./docs/contibution.md) guide.

package/dist/authress.min.js

@@ -1,2 +1,2 @@
-/*! Authress Login SDK 2.3.298 | Author - Authress Developers | License information can be found at https://github.com/Authress/login-sdk.js */
-!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.authress=t():e.authress=t()}(this,(()=>(()=>{var e,t,r={904:e=>{function t(e){return String.fromCharCode(parseInt(e.slice(1),16))}function r(e){return`%${`00${e.charCodeAt(0).toString(16)}`.slice(-2)}`}e.exports.decode=function(e){return function(e){return decodeURIComponent(Array.from(atob(e),r).join(""))}(e.replace(/-/g,"+").replace(/_/g,"/"))},e.exports.encode=function(e){return e&&"object"==typeof e?btoa(String.fromCharCode(...new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,""):function(e){return btoa(encodeURIComponent(e).replace(/%[0-9A-F]{2}/g,t))}(e).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,"")}},276:(e,t,r)=>{r(904);const n=r(292),{sanitizeUrl:o}=r(636),i=r(224),a="ExtensionRequestNonce";let s=null;e.exports=class{constructor(e,t){if(this.extensionId=t,!e)throw Error('Missing required property "authressCustomDomain" in ExtensionClient constructor. The Custom Authress Domain Host is required.');if(!t)throw Error('Missing required property "extensionId" in ExtensionClient constructor. The extension is required for selecting the correct login method.');this.authressCustomDomain=o(e),this.accessToken=null,i.onLoad((async()=>{await this.requestToken({silent:!0})}))}async getUserIdentity(){const e=this.accessToken&&await n.decode(this.accessToken);return e?1e3*e.exp<Date.now()?(this.accessToken=null,null):e:null}async getTokenResponse(){return await this.getUserIdentity()?{accessToken:this.accessToken}:null}requestToken(e={code:null,silent:!1}){if(s)return s=s.catch((()=>{})).then((()=>this.requestTokenContinuation(e)));const t=this.requestTokenContinuation(e);return t.catch((()=>{})),s=t}async requestTokenContinuation(e={code:null,silent:!1}){const t=e&&e.code||new URLSearchParams(i.getCurrentLocation().search).get("code");if(!t){if(!e||!e.silent){const e=Error("OAuth Authorization code is required");throw e.code="InvalidAuthorizationCode",e}return this.getTokenResponse()}const r=new URL(this.authressCustomDomain);r.pathname="/api/authentication/oauth/tokens";const{codeVerifier:n,redirectUrl:o}=JSON.parse(localStorage.getItem(a)||"{}"),s=await fetch(r.toString(),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({code_verifier:n,code:t,grant_type:"authorization_code",client_id:this.extensionId,redirect_uri:o})}),c=await s.json();this.accessToken=c.access_token;const d=new URL(i.getCurrentLocation());return d.searchParams.delete("code"),d.searchParams.delete("iss"),d.searchParams.delete("nonce"),d.searchParams.delete("expires_in"),d.searchParams.delete("access_token"),d.searchParams.delete("id_token"),history.replaceState({},void 0,d.toString()),this.getTokenResponse()}async login(e){const t=await this.getTokenResponse();if(t)return t;const r=await this.requestToken({silent:!0});if(r)return r;const o=new URL(this.authressCustomDomain),{codeVerifier:s,codeChallenge:c}=n.getAuthCodes(),d=e||i.getCurrentLocation().href;return localStorage.setItem(a,JSON.stringify({codeVerifier:s,redirectUrl:d})),o.searchParams.set("client_id",this.extensionId),o.searchParams.set("code_challenge",c),o.searchParams.set("code_challenge_method","S256"),o.searchParams.set("redirect_uri",d),i.assign(o.toString()),await new Promise((e=>setTimeout(e,5e3))),null}}},484:(e,t,r)=>{const{sanitizeUrl:n}=r(636),o=r(224),i={"Content-Type":"application/json"},a=new Set(["Failed to fetch","NetworkError when attempting to fetch resource.","The Internet connection appears to be offline.","Network request failed","fetch failed","<HTML DOCUMENT></HTML>"]);function s(e){return e&&e.message&&a.has(e.message)}async function c(e){let t=null;for(let r=0;r<5;r++)try{return await e()}catch(e){if(e.retryCount=r,t=e,s(e)||"Network Error"===e.message||"ERR_NETWORK"===e.code||!e.status||e.status>=500){t.isNetworkError=!0,await new Promise((e=>setTimeout(e,10*2**r)));continue}throw e}throw t}e.exports=class{constructor(e,t){if(!e)throw Error("Custom Authress Domain Host is required");const r=t||{debug(){},warn(){},critical(){}};this.logger=r;const o=new URL(n(e));this.loginUrl=`${o.origin}/api`}get(e,t,r,n){return c((()=>this.fetchWrapper("GET",e,null,r,t,n)))}delete(e,t,r,n){return c((()=>this.fetchWrapper("DELETE",e,null,r,t,n)))}post(e,t,r,n,o){return c((()=>this.fetchWrapper("POST",e,r,n,t,o)))}put(e,t,r,n,o){return c((()=>this.fetchWrapper("PUT",e,r,n,t,o)))}patch(e,t,r,n,o){return c((()=>this.fetchWrapper("PATCH",e,r,n,t,o)))}async fetchWrapper(e,t,r,n,a,s){const c=`${this.loginUrl}${t.toString()}`,d=e.toUpperCase(),l=Object.assign({},i,n);try{this.logger&&this.logger.debug&&this.logger.debug({title:"HttpClient Request",method:d,url:c});const e={method:d,headers:l};r&&(e.body=JSON.stringify(r)),!o.isLocalHost()&&a&&(e.credentials="include");const t=await fetch(c,e);if(!t.ok)throw t;let n={};try{n=await t.text(),n=JSON.parse(n)}catch(e){}return{url:c,headers:t.headers,status:t.status,data:n}}catch(e){let t=e;try{t=await e.text(),t=JSON.parse(t)}catch(e){}const n=t.stack&&t.stack.match(/chrome-extension:[/][/](\w+)[/]/);if(n){this.logger&&this.logger.debug&&this.logger.debug({title:`Fetch failed due to a browser extension - ${d} - ${c}`,method:d,url:c,data:r,headers:l,error:e,resolvedError:t,extensionErrorId:n});const o=new Error(`Extension Error ID: ${n}`);throw o.code="BROWSER_EXTENSION_ERROR",o}const o=e.status;let i="warn",a="HttpClient Response Error";e?401===o?(a="HttpClient Response Error due to invalid token",i="debug"):404===o?(a="HttpClient Response: Not Found",i="debug"):o<500&&s&&(i="debug"):a="HttpClient Response Error - Unknown error occurred",this.logger&&this.logger[i]&&this.logger[i]({title:a,online:"undefined"==typeof navigator||navigator.onLine,method:d,url:c,status:o,data:r,headers:l,error:e,resolvedError:t});throw{url:c,status:o,data:t,headers:e.headers}}}}},4:(e,t,r)=>{const n=r(916),o=r(184),i=r(224),a=r(484),s=r(292),{sanitizeUrl:c}=r(636),d=r(584);let l,u=new Promise((e=>l=e)),h=null;const p="AuthenticationRequestNonce";const f=r(276);e.exports={LoginClient:class{constructor(e,t){this.settings=Object.assign({applicationId:"app_default"},e),this.logger=t||console;const r=this.settings.authressApiUrl||this.settings.authressLoginHostUrl||this.settings.authenticationServiceUrl||"";if(!r)throw Error('Missing required property "authressApiUrl" in LoginClient constructor. Custom Authress Domain Host is required.');this.hostUrl=c(r),this.httpClient=new a(this.hostUrl,t),this.lastSessionCheck=0,this.enableCredentials=this.getMatchingDomainInfo(this.hostUrl),e.skipBackgroundCredentialsCheck||i.onLoad((async()=>{await this.userSessionExists(!0)}))}getMatchingDomainInfo(e){const t=new URL(e);if(i.isLocalHost())return!1;const r=i.getCurrentLocation();if("https:"!==r.protocol)return!1;const n=t.host.toLowerCase().split(".").reverse(),a=r.host.toLowerCase().split(".").reverse();let s=[];for(let e of n){const t=o(a,s.length+1).join(".");if(s.concat(e).join(".")!==t)break;s.push(e)}return s.length===n.length&&s.length===a.length||s.length>1}getUserIdentity(){const e=d.getUserCookie(),t=s.decodeOrParse(e);if(t){const r=t.exp?new Date(1e3*t.exp):new Date(Date.now()+864e5);return d.set(e,r),t.userId=t.sub,t}const r=d.get(),n=s.decodeOrParse(r);if(!n)return null;const o=new URL(n.iss).hostname,i=new URL(this.hostUrl).hostname;return o.endsWith(i)||i.endsWith(o)?(n.userId=n.sub,n):(this.logger&&this.logger.error&&this.logger.error({title:"Token saved in browser is for a different issuer, discarding",issuerOrigin:o,hostUrlOrigin:i,savedUserData:n}),d.clear(),null)}async getConnectionCredentials(){await this.waitForUserSession();try{const e=await this.ensureToken();return(await this.httpClient.get("/session/credentials",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data}catch(e){return null}}async getDevices(){try{const e=await this.ensureToken();return(await this.httpClient.get("/session/devices",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data.devices}catch(e){return[]}}async deleteDevice(e){try{const t=await this.ensureToken();await this.httpClient.delete(`/session/devices/${encodeURIComponent(e)}`,this.enableCredentials,{Authorization:t&&`Bearer ${t}`})}catch(e){throw this.logger&&this.logger.log({title:"Failed to delete device",error:e}),e}}async openUserConfigurationScreen(e={redirectUrl:null,startPage:"Profile"}){if(!await this.userSessionExists()){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const t=new URL("/settings",this.hostUrl);t.searchParams.set("client_id",this.settings.applicationId),t.searchParams.set("start_page",e&&e.startPage||"Profile"),t.searchParams.set("redirect_uri",e&&e.redirectUrl||i.getCurrentLocation().href),i.assign(t.toString()),await Promise.resolve()}async registerDevice(e={name:""}){const t=await this.getUserIdentity();if(!t){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const r=t.sub,n={challenge:Uint8Array.from(r,(e=>e.charCodeAt(0))),rp:{id:this.hostUrl.split(".").slice(1).join("."),name:"WebAuthN Login"},user:{id:Uint8Array.from(r,(e=>e.charCodeAt(0))),name:r,displayName:`Generated User ID: ${r}`},pubKeyCredParams:[{type:"public-key",alg:-36},{type:"public-key",alg:-35},{type:"public-key",alg:-7},{type:"public-key",alg:-259},{type:"public-key",alg:-258},{type:"public-key",alg:-257}],authenticatorSelection:{residentKey:"discouraged",requireResidentKey:!1,userVerification:"discouraged"},timeout:6e4,attestation:"direct"},o=await navigator.credentials.create({publicKey:n}),i={authenticatorAttachment:o.authenticatorAttachment,credentialId:o.id,type:o.type,userId:r,attestation:btoa(String.fromCharCode(...new Uint8Array(o.response.attestationObject))),client:JSON.parse(new TextDecoder("utf-8").decode(o.response.clientDataJSON))},a={name:e&&e.name,code:i,type:"WebAuthN"};try{const e=await this.ensureToken();return(await this.httpClient.post("/session/devices",this.enableCredentials,a,{Authorization:e&&`Bearer ${e}`})).data}catch(e){throw this.logger&&this.logger.log({title:"Failed to register new device",error:e}),e}}async waitForUserSession(){try{return await u,!0}catch(e){return!1}}userSessionExists(e){return h?Date.now()-this.lastSessionCheck<50?h:(this.lastSessionCheck=Date.now(),h=h.catch((()=>{})).then((()=>this.userSessionContinuation(e)))):(this.lastSessionCheck=Date.now(),h=this.userSessionContinuation(e))}async userSessionContinuation(e){const t=new URLSearchParams(i.getCurrentLocation().search),r=new URL(i.getCurrentLocation());let o={};if("undefined"!=typeof localStorage)try{o=JSON.parse(localStorage.getItem(p)||"{}"),localStorage.removeItem(p),Object.hasOwnProperty.call(o,"enableCredentials")&&(this.enableCredentials=o.enableCredentials)}catch(e){this.logger&&this.logger.debug&&this.logger.debug({title:"LocalStorage failed in Browser",error:e})}if(t.get("state")&&"oauthLogin"===t.get("flow"))return!1;if(o.nonce&&t.get("code")&&(r.searchParams.delete("nonce"),r.searchParams.delete("iss"),r.searchParams.delete("code"),history.replaceState({},void 0,r.toString()),o.nonce===t.get("nonce"))){const e="cookie"===t.get("code")?n.parse(document.cookie)["auth-code"]:t.get("code"),r={grant_type:"authorization_code",redirect_uri:o.redirectUrl,client_id:this.settings.applicationId,code:e,code_verifier:o.codeVerifier};try{const e=await this.httpClient.post(`/authentication/${o.nonce}/tokens`,this.enableCredentials,r),t=s.decode(e.data.id_token),i=t.exp&&new Date(1e3*t.exp)||e.data.expires_in&&new Date(Date.now()+1e3*e.data.expires_in);return document.cookie=n.serialize("authorization",e.data.access_token||"",{expires:i,path:"/",sameSite:"strict"}),d.set(e.data.id_token,i),l(),!0}catch(e){if(this.logger&&this.logger.log({title:"Failed exchange authentication response for a token.",error:e}),e.data&&"invalid_request"===e.data.error)return!1;throw e.data||e}}if(i.isLocalHost()&&t.get("nonce")&&t.get("access_token")&&(r.searchParams.delete("iss"),r.searchParams.delete("nonce"),r.searchParams.delete("expires_in"),r.searchParams.delete("access_token"),r.searchParams.delete("id_token"),history.replaceState({},void 0,r.toString()),!o.nonce||o.nonce===t.get("nonce"))){const e=s.decode(t.get("id_token")),r=e.exp&&new Date(1e3*e.exp)||Number(t.get("expires_in"))&&new Date(Date.now()+1e3*Number(t.get("expires_in")));return document.cookie=n.serialize("authorization",t.get("access_token")||"",{expires:r,path:"/",sameSite:"strict"}),d.set(t.get("id_token"),r),l(),!0}if(this.getUserIdentity())return l(),!0;if(!i.isLocalHost()&&!e){try{const e=await this.httpClient.patch("/session",this.enableCredentials,{},null,!0);if(e.data.access_token){const t=s.decode(e.data.id_token),r=t.exp&&new Date(1e3*t.exp)||e.data.expires_in&&new Date(Date.now()+1e3*e.data.expires_in);document.cookie=n.serialize("authorization",e.data.access_token||"",{expires:r,path:"/",sameSite:"strict"}),d.set(e.data.id_token,r)}}catch(e){400!==e.status&&404!==e.status&&409!==e.status?this.logger&&this.logger.log&&this.logger.log({title:"User does not have an existing authentication session",error:e}):this.logger&&this.logger.log&&this.logger.log({title:"Failed attempting to check if the user has an existing authentication session",error:e})}if(this.getUserIdentity())return l(),!0}return!1}async updateExtensionAuthenticationRequest({state:e,connectionId:t,tenantLookupIdentifier:r,connectionProperties:n}){if(!t&&!r){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}const o=new URLSearchParams(i.getCurrentLocation().search),a=e||o.get("state");if(!a){const e=Error("The `state` parameters must be specified to update this authentication request");throw e.code="InvalidAuthenticationRequest",e}try{const e=await this.httpClient.patch(`/authentication/${a}`,!0,{connectionId:t,tenantLookupIdentifier:r,connectionProperties:n});i.assign(e.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to update extension authentication request",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data||e}await new Promise((e=>setTimeout(e,5e3)))}async unlinkIdentity(e){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged in to unlink an account.");throw e.code="NotLoggedIn",e}let t;try{t=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const r=this.enableCredentials&&!i.isLocalHost()?{}:{Authorization:`Bearer ${t}`};try{await this.httpClient.delete(`/identities/${encodeURIComponent(e)}`,this.enableCredentials,r)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to unlink user identity",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data||e}}async linkIdentity({connectionId:e,tenantLookupIdentifier:t,redirectUrl:r,connectionProperties:n}){if(!e&&!t){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let o;try{o=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:a}=await s.getAuthCodes();try{const s=r&&new URL(r).toString()||i.getCurrentLocation().href,c=this.enableCredentials&&!i.isLocalHost()?{}:{Authorization:`Bearer ${o}`},d=await this.httpClient.post("/authentication",this.enableCredentials,{linkIdentity:!0,redirectUrl:s,codeChallengeMethod:"S256",codeChallenge:a,connectionId:e,tenantLookupIdentifier:t,connectionProperties:n,applicationId:this.settings.applicationId},c);i.assign(d.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}await new Promise((e=>setTimeout(e,5e3)))}async authenticate(e={}){const{connectionId:t,tenantLookupIdentifier:r,inviteId:n,redirectUrl:o,force:a,responseLocation:c,flowType:l,connectionProperties:u,openType:h,multiAccount:f,clearUserDataBeforeLogin:g}=e||{};if(c&&"cookie"!==c&&"query"!==c&&"none"!==c){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!a&&!f&&await this.userSessionExists())return!0;const{codeVerifier:m,codeChallenge:w}=await s.getAuthCodes();try{const e=o&&new URL(o).toString()||i.getCurrentLocation().href;!1!==g&&d.clear();const a=await this.httpClient.post("/authentication",!1,{redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:w,connectionId:t,tenantLookupIdentifier:r,inviteId:n,connectionProperties:u,applicationId:this.settings.applicationId,responseLocation:c,flowType:l,multiAccount:f});if(localStorage.setItem(p,JSON.stringify({nonce:a.data.authenticationRequestId,codeVerifier:m,lastConnectionId:t,tenantLookupIdentifier:r,redirectUrl:e,enableCredentials:a.data.enableCredentials,multiAccount:f})),"tab"===h){const e=i.open(a.data.authenticationUrl,"_blank");e&&!e.closed&&void 0!==e.closed||i.assign(a.data.authenticationUrl)}else i.assign(a.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data||e}return await new Promise((e=>setTimeout(e,5e3))),!1}async ensureToken(e){await this.userSessionExists();const t=Object.assign({timeoutInMillis:5e3},e||{}),r=this.waitForUserSession(),o=new Promise(((e,r)=>setTimeout(r,t.timeoutInMillis||0)));try{await Promise.race([r,o])}catch(e){const t=Error("No token retrieved after timeout");throw t.code="TokenTimeout",t}const i=n.parse(document.cookie);return"undefined"!==i.authorization&&i.authorization}async logout(e){if(d.clear(),u=new Promise((e=>l=e)),this.enableCredentials)try{return await this.httpClient.delete("/session",this.enableCredentials),void(e&&e!==i.getCurrentLocation().href&&i.assign(e))}catch(e){}const t=new URL("/logout",this.hostUrl);t.searchParams.set("redirect_uri",e||i.getCurrentLocation().href),t.searchParams.set("client_id",this.settings.applicationId),i.assign(t.toString())}},ExtensionClient:f,UserConfigurationScreen:{Profile:"Profile",MFA:"MFA"}}},292:(e,t,r)=>{const n=r(904);e.exports=new class{decode(e){if(!e)return null;try{const t=JSON.parse(n.decode(e.split(".")[1]));return t.exp&&(t.exp=t.exp-10),t}catch(e){return null}}decodeOrParse(e){if(!e)return null;if("object"==typeof e)return e;try{return JSON.parse(e)}catch(t){return this.decode(e)}}decodeFull(e){if(!e)return null;try{const t=JSON.parse(n.decode(e.split(".")[0])),r=JSON.parse(n.decode(e.split(".")[1]));return r.exp&&(r.exp=r.exp-10),{header:t,payload:r}}catch(e){return null}}async getAuthCodes(){const e=n.encode((window.crypto||window.msCrypto).getRandomValues(new Uint32Array(16)).toString()),t=await(window.crypto||window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(e));return{codeVerifier:e,codeChallenge:n.encode(t)}}}},584:(e,t,r)=>{const n=r(916),o="AuthenticationCredentialsStorage";e.exports=new class{getUserCookie(){if("undefined"==typeof window||"undefined"==typeof document)return null;return document.cookie.split(";").filter((e=>"user"===e.split("=")[0].trim())).map((e=>e.replace(/^user=/,""))).find((e=>e&&e.trim()))||null}set(e,t){if("undefined"!=typeof window&&"undefined"!=typeof document)try{const r=n.parse(document.cookie);localStorage.setItem(o,JSON.stringify({idToken:e,expiry:t&&t.getTime(),jsCookies:!!r.authorization})),this.clearCookies("user")}catch(e){console.debug("LocalStorage failed in Browser",e)}}get(){if("undefined"==typeof window||"undefined"==typeof document)return null;let e={};try{e=n.parse(document.cookie)}catch(e){console.debug("CookieManagement failed in Browser",e)}try{const{idToken:t,expiry:r,jsCookies:n}=JSON.parse(localStorage.getItem(o)||"{}");return t?r<Date.now()||n&&!e.authorization?null:t:this.getUserCookie()}catch(e){return console.debug("LocalStorage failed in Browser",e),this.getUserCookie()}}delete(){try{localStorage.removeItem(o)}catch(e){console.debug("LocalStorage failed in Browser",e)}try{this.clearCookies("user")}catch(e){console.debug("CookieManagement failed in Browser",e)}}clear(){this.clearCookies(),this.delete()}clearCookies(e){if("undefined"==typeof window||"undefined"==typeof document)return;const t=document.cookie.split("; ");for(const r of t){if(!["user","authorization","auth-code"].includes(r.split("=")[0])||e&&r.split("=")[0]!==e)continue;const t=window.location.hostname.split("."),n=[...Array(t.length-1)].map(((e,r)=>t.reverse().slice(0,r+2).reverse().join("."))).map((e=>[e,`.${e}`])).flat(1).concat(null);"localhost"===window.location.hostname&&n.push("localhost");for(const e of n){const t=e?`domain=${e};`:"",n=`${encodeURIComponent(r.split(";")[0].split("=")[0])}=; expires=Thu, 01-Jan-1970 00:00:01 GMT; ${t} SameSite=Strict; path=`;document.cookie=`${n}/`;const o=location.pathname.split("/");for(;o.length>0;)document.cookie=n+o.join("/"),o.pop()}}}}},636:e=>{e.exports.sanitizeUrl=function(e){return e.startsWith("http")?e:`https://${e}`}},224:e=>{e.exports=new class{onLoad(e){"undefined"!=typeof window&&(window.onload=e)}isLocalHost(){return"undefined"!=typeof window&&window.location&&("localhost"===window.location.hostname||"127.0.0.1"===window.location.hostname)}getCurrentLocation(){return"undefined"!=typeof window&&new URL(window.location)||new URL("http://localhost:8080")}assign(e){return"undefined"==typeof window?null:window.location.assign(e.toString())}open(e){return"undefined"==typeof window?null:window.open(e.toString())}}},916:(e,t)=>{"use strict";t.parse=function(e,t){if("string"!=typeof e)throw new TypeError("argument str must be a string");var r={},n=(t||{}).decode||o,i=0;for(;i<e.length;){var s=e.indexOf("=",i);if(-1===s)break;var c=e.indexOf(";",i);if(-1===c)c=e.length;else if(c<s){i=e.lastIndexOf(";",s-1)+1;continue}var d=e.slice(i,s).trim();if(void 0===r[d]){var l=e.slice(s+1,c).trim();34===l.charCodeAt(0)&&(l=l.slice(1,-1)),r[d]=a(l,n)}i=c+1}return r},t.serialize=function(e,t,o){var a=o||{},s=a.encode||i;if("function"!=typeof s)throw new TypeError("option encode is invalid");if(!n.test(e))throw new TypeError("argument name is invalid");var c=s(t);if(c&&!n.test(c))throw new TypeError("argument val is invalid");var d=e+"="+c;if(null!=a.maxAge){var l=a.maxAge-0;if(isNaN(l)||!isFinite(l))throw new TypeError("option maxAge is invalid");d+="; Max-Age="+Math.floor(l)}if(a.domain){if(!n.test(a.domain))throw new TypeError("option domain is invalid");d+="; Domain="+a.domain}if(a.path){if(!n.test(a.path))throw new TypeError("option path is invalid");d+="; Path="+a.path}if(a.expires){var u=a.expires;if(!function(e){return"[object Date]"===r.call(e)||e instanceof Date}(u)||isNaN(u.valueOf()))throw new TypeError("option expires is invalid");d+="; Expires="+u.toUTCString()}a.httpOnly&&(d+="; HttpOnly");a.secure&&(d+="; Secure");if(a.priority){switch("string"==typeof a.priority?a.priority.toLowerCase():a.priority){case"low":d+="; Priority=Low";break;case"medium":d+="; Priority=Medium";break;case"high":d+="; Priority=High";break;default:throw new TypeError("option priority is invalid")}}if(a.sameSite){switch("string"==typeof a.sameSite?a.sameSite.toLowerCase():a.sameSite){case!0:d+="; SameSite=Strict";break;case"lax":d+="; SameSite=Lax";break;case"strict":d+="; SameSite=Strict";break;case"none":d+="; SameSite=None";break;default:throw new TypeError("option sameSite is invalid")}}return d};var r=Object.prototype.toString,n=/^[\u0009\u0020-\u007e\u0080-\u00ff]+$/;function o(e){return-1!==e.indexOf("%")?decodeURIComponent(e):e}function i(e){return encodeURIComponent(e)}function a(e,t){try{return t(e)}catch(t){return e}}},184:e=>{var t=1/0,r=17976931348623157e292,n=NaN,o="[object Symbol]",i=/^\s+|\s+$/g,a=/^[-+]0x[0-9a-f]+$/i,s=/^0b[01]+$/i,c=/^0o[0-7]+$/i,d=parseInt,l=Object.prototype.toString;function u(e){var t=typeof e;return!!e&&("object"==t||"function"==t)}e.exports=function(e,h,p){return e&&e.length?function(e,t,r){var n=-1,o=e.length;t<0&&(t=-t>o?0:o+t),(r=r>o?o:r)<0&&(r+=o),o=t>r?0:r-t>>>0,t>>>=0;for(var i=Array(o);++n<o;)i[n]=e[n+t];return i}(e,0,(h=p||void 0===h?1:(f=function(e){return e?(e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e||function(e){return!!e&&"object"==typeof e}(e)&&l.call(e)==o}(e))return n;if(u(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=u(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(i,"");var r=s.test(e);return r||c.test(e)?d(e.slice(2),r?2:8):a.test(e)?n:+e}(e))===t||e===-t?(e<0?-1:1)*r:e==e?e:0:0===e?e:0}(h),g=f%1,f==f?g?f-g:f:0))<0?0:h):[];var f,g}}},n={};function o(e){var t=n[e];if(void 0!==t){if(void 0!==t.error)throw t.error;return t.exports}var i=n[e]={exports:{}};try{var a={id:e,module:i,factory:r[e],require:o};o.i.forEach((function(e){e(a)})),i=a.module,a.factory.call(i.exports,i,i.exports,a.require)}catch(e){throw i.error=e,e}return i.exports}return o.m=r,o.c=n,o.i=[],o.hu=e=>e+"."+o.h()+".hot-update.js",o.hmrF=()=>"main."+o.h()+".hot-update.json",o.h=()=>"feaa800328ccf8521e30",o.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="authress:",o.l=(r,n,i,a)=>{if(e[r])e[r].push(n);else{var s,c;if(void 0!==i)for(var d=document.getElementsByTagName("script"),l=0;l<d.length;l++){var u=d[l];if(u.getAttribute("src")==r||u.getAttribute("data-webpack")==t+i){s=u;break}}s||(c=!0,(s=document.createElement("script")).charset="utf-8",s.timeout=120,o.nc&&s.setAttribute("nonce",o.nc),s.setAttribute("data-webpack",t+i),s.src=r),e[r]=[n];var h=(t,n)=>{s.onerror=s.onload=null,clearTimeout(p);var o=e[r];if(delete e[r],s.parentNode&&s.parentNode.removeChild(s),o&&o.forEach((e=>e(n))),t)return t(n)},p=setTimeout(h.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=h.bind(null,s.onerror),s.onload=h.bind(null,s.onload),c&&document.head.appendChild(s)}},(()=>{var e,t,r,n={},i=o.c,a=[],s=[],c="idle",d=0,l=[];function u(e){c=e;for(var t=[],r=0;r<s.length;r++)t[r]=s[r].call(null,e);return Promise.all(t)}function h(){0==--d&&u("ready").then((function(){if(0===d){var e=l;l=[];for(var t=0;t<e.length;t++)e[t]()}}))}function p(e){if("idle"!==c)throw new Error("check() is only allowed in idle status");return u("check").then(o.hmrM).then((function(r){return r?u("prepare").then((function(){var n=[];return t=[],Promise.all(Object.keys(o.hmrC).reduce((function(e,i){return o.hmrC[i](r.c,r.r,r.m,e,t,n),e}),[])).then((function(){return t=function(){return e?g(e):u("ready").then((function(){return n}))},0===d?t():new Promise((function(e){l.push((function(){e(t())}))}));var t}))})):u(m()?"ready":"idle").then((function(){return null}))}))}function f(e){return"ready"!==c?Promise.resolve().then((function(){throw new Error("apply() is only allowed in ready status (state: "+c+")")})):g(e)}function g(e){e=e||{},m();var n=t.map((function(t){return t(e)}));t=void 0;var o=n.map((function(e){return e.error})).filter(Boolean);if(o.length>0)return u("abort").then((function(){throw o[0]}));var i=u("dispose");n.forEach((function(e){e.dispose&&e.dispose()}));var a,s=u("apply"),c=function(e){a||(a=e)},d=[];return n.forEach((function(e){if(e.apply){var t=e.apply(c);if(t)for(var r=0;r<t.length;r++)d.push(t[r])}})),Promise.all([i,s]).then((function(){return a?u("fail").then((function(){throw a})):r?g(e).then((function(e){return d.forEach((function(t){e.indexOf(t)<0&&e.push(t)})),e})):u("idle").then((function(){return d}))}))}function m(){if(r)return t||(t=[]),Object.keys(o.hmrI).forEach((function(e){r.forEach((function(r){o.hmrI[e](r,t)}))})),r=void 0,!0}o.hmrD=n,o.i.push((function(l){var g,m,w,y,v=l.module,k=function(t,r){var n=i[r];if(!n)return t;var o=function(o){if(n.hot.active){if(i[o]){var s=i[o].parents;-1===s.indexOf(r)&&s.push(r)}else a=[r],e=o;-1===n.children.indexOf(o)&&n.children.push(o)}else console.warn("[HMR] unexpected require("+o+") from disposed module "+r),a=[];return t(o)},s=function(e){return{configurable:!0,enumerable:!0,get:function(){return t[e]},set:function(r){t[e]=r}}};for(var l in t)Object.prototype.hasOwnProperty.call(t,l)&&"e"!==l&&Object.defineProperty(o,l,s(l));return o.e=function(e,r){return function(e){switch(c){case"ready":u("prepare");case"prepare":return d++,e.then(h,h),e;default:return e}}(t.e(e,r))},o}(l.require,l.id);v.hot=(g=l.id,m=v,y={_acceptedDependencies:{},_acceptedErrorHandlers:{},_declinedDependencies:{},_selfAccepted:!1,_selfDeclined:!1,_selfInvalidated:!1,_disposeHandlers:[],_main:w=e!==g,_requireSelf:function(){a=m.parents.slice(),e=w?void 0:g,o(g)},active:!0,accept:function(e,t,r){if(void 0===e)y._selfAccepted=!0;else if("function"==typeof e)y._selfAccepted=e;else if("object"==typeof e&&null!==e)for(var n=0;n<e.length;n++)y._acceptedDependencies[e[n]]=t||function(){},y._acceptedErrorHandlers[e[n]]=r;else y._acceptedDependencies[e]=t||function(){},y._acceptedErrorHandlers[e]=r},decline:function(e){if(void 0===e)y._selfDeclined=!0;else if("object"==typeof e&&null!==e)for(var t=0;t<e.length;t++)y._declinedDependencies[e[t]]=!0;else y._declinedDependencies[e]=!0},dispose:function(e){y._disposeHandlers.push(e)},addDisposeHandler:function(e){y._disposeHandlers.push(e)},removeDisposeHandler:function(e){var t=y._disposeHandlers.indexOf(e);t>=0&&y._disposeHandlers.splice(t,1)},invalidate:function(){switch(this._selfInvalidated=!0,c){case"idle":t=[],Object.keys(o.hmrI).forEach((function(e){o.hmrI[e](g,t)})),u("ready");break;case"ready":Object.keys(o.hmrI).forEach((function(e){o.hmrI[e](g,t)}));break;case"prepare":case"check":case"dispose":case"apply":(r=r||[]).push(g)}},check:p,apply:f,status:function(e){if(!e)return c;s.push(e)},addStatusHandler:function(e){s.push(e)},removeStatusHandler:function(e){var t=s.indexOf(e);t>=0&&s.splice(t,1)},data:n[g]},e=void 0,y),v.parents=a,v.children=[],a=[],l.require=k})),o.hmrC={},o.hmrI={}})(),o.p="",(()=>{var e,t,r,n,i,a=o.hmrS_jsonp=o.hmrS_jsonp||{590:0},s={};function c(t,r){return e=r,new Promise(((e,r)=>{s[t]=e;var n=o.p+o.hu(t),i=new Error;o.l(n,(e=>{if(s[t]){s[t]=void 0;var n=e&&("load"===e.type?"missing":e.type),o=e&&e.target&&e.target.src;i.message="Loading hot update chunk "+t+" failed.\n("+n+": "+o+")",i.name="ChunkLoadError",i.type=n,i.request=o,r(i)}}))}))}function d(e){function s(e){for(var t=[e],r={},n=t.map((function(e){return{chain:[e],id:e}}));n.length>0;){var i=n.pop(),a=i.id,s=i.chain,d=o.c[a];if(d&&(!d.hot._selfAccepted||d.hot._selfInvalidated)){if(d.hot._selfDeclined)return{type:"self-declined",chain:s,moduleId:a};if(d.hot._main)return{type:"unaccepted",chain:s,moduleId:a};for(var l=0;l<d.parents.length;l++){var u=d.parents[l],h=o.c[u];if(h){if(h.hot._declinedDependencies[a])return{type:"declined",chain:s.concat([u]),moduleId:a,parentId:u};-1===t.indexOf(u)&&(h.hot._acceptedDependencies[a]?(r[u]||(r[u]=[]),c(r[u],[a])):(delete r[u],t.push(u),n.push({chain:s.concat([u]),id:u})))}}}}return{type:"accepted",moduleId:e,outdatedModules:t,outdatedDependencies:r}}function c(e,t){for(var r=0;r<t.length;r++){var n=t[r];-1===e.indexOf(n)&&e.push(n)}}o.f&&delete o.f.jsonpHmr,t=void 0;var d={},l=[],u={},h=function(e){console.warn("[HMR] unexpected require("+e.id+") to disposed module")};for(var p in r)if(o.o(r,p)){var f,g=r[p],m=!1,w=!1,y=!1,v="";switch((f=g?s(p):{type:"disposed",moduleId:p}).chain&&(v="\nUpdate propagation: "+f.chain.join(" -> ")),f.type){case"self-declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined||(m=new Error("Aborted because of self decline: "+f.moduleId+v));break;case"declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined||(m=new Error("Aborted because of declined dependency: "+f.moduleId+" in "+f.parentId+v));break;case"unaccepted":e.onUnaccepted&&e.onUnaccepted(f),e.ignoreUnaccepted||(m=new Error("Aborted because "+p+" is not accepted"+v));break;case"accepted":e.onAccepted&&e.onAccepted(f),w=!0;break;case"disposed":e.onDisposed&&e.onDisposed(f),y=!0;break;default:throw new Error("Unexception type "+f.type)}if(m)return{error:m};if(w)for(p in u[p]=g,c(l,f.outdatedModules),f.outdatedDependencies)o.o(f.outdatedDependencies,p)&&(d[p]||(d[p]=[]),c(d[p],f.outdatedDependencies[p]));y&&(c(l,[f.moduleId]),u[p]=h)}r=void 0;for(var k,C=[],b=0;b<l.length;b++){var I=l[b],S=o.c[I];S&&(S.hot._selfAccepted||S.hot._main)&&u[I]!==h&&!S.hot._selfInvalidated&&C.push({module:I,require:S.hot._requireSelf,errorHandler:S.hot._selfAccepted})}return{dispose:function(){var e;n.forEach((function(e){delete a[e]})),n=void 0;for(var t,r=l.slice();r.length>0;){var i=r.pop(),s=o.c[i];if(s){var c={},u=s.hot._disposeHandlers;for(b=0;b<u.length;b++)u[b].call(null,c);for(o.hmrD[i]=c,s.hot.active=!1,delete o.c[i],delete d[i],b=0;b<s.children.length;b++){var h=o.c[s.children[b]];h&&((e=h.parents.indexOf(i))>=0&&h.parents.splice(e,1))}}}for(var p in d)if(o.o(d,p)&&(s=o.c[p]))for(k=d[p],b=0;b<k.length;b++)t=k[b],(e=s.children.indexOf(t))>=0&&s.children.splice(e,1)},apply:function(t){for(var r in u)o.o(u,r)&&(o.m[r]=u[r]);for(var n=0;n<i.length;n++)i[n](o);for(var a in d)if(o.o(d,a)){var s=o.c[a];if(s){k=d[a];for(var c=[],h=[],p=[],f=0;f<k.length;f++){var g=k[f],m=s.hot._acceptedDependencies[g],w=s.hot._acceptedErrorHandlers[g];if(m){if(-1!==c.indexOf(m))continue;c.push(m),h.push(w),p.push(g)}}for(var y=0;y<c.length;y++)try{c[y].call(null,k)}catch(r){if("function"==typeof h[y])try{h[y](r,{moduleId:a,dependencyId:p[y]})}catch(n){e.onErrored&&e.onErrored({type:"accept-error-handler-errored",moduleId:a,dependencyId:p[y],error:n,originalError:r}),e.ignoreErrored||(t(n),t(r))}else e.onErrored&&e.onErrored({type:"accept-errored",moduleId:a,dependencyId:p[y],error:r}),e.ignoreErrored||t(r)}}}for(var v=0;v<C.length;v++){var b=C[v],I=b.module;try{b.require(I)}catch(r){if("function"==typeof b.errorHandler)try{b.errorHandler(r,{moduleId:I,module:o.c[I]})}catch(n){e.onErrored&&e.onErrored({type:"self-accept-error-handler-errored",moduleId:I,error:n,originalError:r}),e.ignoreErrored||(t(n),t(r))}else e.onErrored&&e.onErrored({type:"self-accept-errored",moduleId:I,error:r}),e.ignoreErrored||t(r)}}return l}}}this.webpackHotUpdateauthress=(t,n,a)=>{for(var c in n)o.o(n,c)&&(r[c]=n[c],e&&e.push(c));a&&i.push(a),s[t]&&(s[t](),s[t]=void 0)},o.hmrI.jsonp=function(e,t){r||(r={},i=[],n=[],t.push(d)),o.o(r,e)||(r[e]=o.m[e])},o.hmrC.jsonp=function(e,s,l,u,h,p){h.push(d),t={},n=s,r=l.reduce((function(e,t){return e[t]=!1,e}),{}),i=[],e.forEach((function(e){o.o(a,e)&&void 0!==a[e]?(u.push(c(e,p)),t[e]=!0):t[e]=!1})),o.f&&(o.f.jsonpHmr=function(e,r){t&&o.o(t,e)&&!t[e]&&(r.push(c(e)),t[e]=!0)})},o.hmrM=()=>{if("undefined"==typeof fetch)throw new Error("No browser support: need fetch API");return fetch(o.p+o.hmrF()).then((e=>{if(404!==e.status){if(!e.ok)throw new Error("Failed to fetch update manifest "+e.statusText);return e.json()}}))}})(),o(4)})()));
+/*! Authress Login SDK 2.3.301 | Author - Authress Developers | License information can be found at https://github.com/Authress/login-sdk.js */
+!function(e,t){"object"==typeof exports&&"object"==typeof module?module.exports=t():"function"==typeof define&&define.amd?define([],t):"object"==typeof exports?exports.authress=t():e.authress=t()}(this,(()=>(()=>{var e,t,r={878:e=>{function t(e){return String.fromCharCode(parseInt(e.slice(1),16))}function r(e){return`%${`00${e.charCodeAt(0).toString(16)}`.slice(-2)}`}e.exports.decode=function(e){return function(e){return decodeURIComponent(Array.from(atob(e),r).join(""))}(e.replace(/-/g,"+").replace(/_/g,"/"))},e.exports.encode=function(e){return e&&"object"==typeof e?btoa(String.fromCharCode(...new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,""):function(e){return btoa(encodeURIComponent(e).replace(/%[0-9A-F]{2}/g,t))}(e).replace(/\//g,"_").replace(/\+/g,"-").replace(/=+$/,"")}},568:(e,t,r)=>{r(878);const n=r(836),{sanitizeUrl:o}=r(332),i=r(629),a="ExtensionRequestNonce";let s=null;e.exports=class{constructor(e,t){if(this.extensionId=t,!e)throw Error('Missing required property "authressCustomDomain" in ExtensionClient constructor. The Custom Authress Domain Host is required.');if(!t)throw Error('Missing required property "extensionId" in ExtensionClient constructor. The extension is required for selecting the correct login method.');this.authressCustomDomain=o(e),this.accessToken=null,i.onLoad((async()=>{await this.requestToken({silent:!0})}))}async getUserIdentity(){const e=this.accessToken&&await n.decode(this.accessToken);return e?1e3*e.exp<Date.now()?(this.accessToken=null,null):e:null}async getTokenResponse(){return await this.getUserIdentity()?{accessToken:this.accessToken}:null}requestToken(e={code:null,silent:!1}){if(s)return s=s.catch((()=>{})).then((()=>this.requestTokenContinuation(e)));const t=this.requestTokenContinuation(e);return t.catch((()=>{})),s=t}async requestTokenContinuation(e={code:null,silent:!1}){const t=e&&e.code||new URLSearchParams(i.getCurrentLocation().search).get("code");if(!t){if(!e||!e.silent){const e=Error("OAuth Authorization code is required");throw e.code="InvalidAuthorizationCode",e}return this.getTokenResponse()}const r=new URL(this.authressCustomDomain);r.pathname="/api/authentication/oauth/tokens";const{codeVerifier:n,redirectUrl:o}=JSON.parse(localStorage.getItem(a)||"{}"),s=await fetch(r.toString(),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({code_verifier:n,code:t,grant_type:"authorization_code",client_id:this.extensionId,redirect_uri:o})}),c=await s.json();this.accessToken=c.access_token;const d=new URL(i.getCurrentLocation());return d.searchParams.delete("code"),d.searchParams.delete("iss"),d.searchParams.delete("nonce"),d.searchParams.delete("expires_in"),d.searchParams.delete("access_token"),d.searchParams.delete("id_token"),history.replaceState({},void 0,d.toString()),this.getTokenResponse()}async login(e){const t=await this.getTokenResponse();if(t)return t;const r=await this.requestToken({silent:!0});if(r)return r;const o=new URL(this.authressCustomDomain),{codeVerifier:s,codeChallenge:c}=n.getAuthCodes(),d=e||i.getCurrentLocation().href;return localStorage.setItem(a,JSON.stringify({codeVerifier:s,redirectUrl:d})),o.searchParams.set("client_id",this.extensionId),o.searchParams.set("code_challenge",c),o.searchParams.set("code_challenge_method","S256"),o.searchParams.set("redirect_uri",d),i.assign(o.toString()),await new Promise((e=>setTimeout(e,5e3))),null}}},75:(e,t,r)=>{const{sanitizeUrl:n}=r(332),o=r(629),i={"Content-Type":"application/json"},a=new Set(["Failed to fetch","NetworkError when attempting to fetch resource.","The Internet connection appears to be offline.","Network request failed","fetch failed","<HTML DOCUMENT></HTML>"]);function s(e){return e&&e.message&&a.has(e.message)}async function c(e){let t=null;for(let r=0;r<5;r++)try{return await e()}catch(e){if(e.retryCount=r,t=e,s(e)||"Network Error"===e.message||"ERR_NETWORK"===e.code||!e.status||e.status>=500){t.isNetworkError=!0,await new Promise((e=>setTimeout(e,10*2**r)));continue}throw e}throw t}e.exports=class{constructor(e,t){if(!e)throw Error("Custom Authress Domain Host is required");const r=t||{debug(){},warn(){},critical(){}};this.logger=r;const o=new URL(n(e));this.loginUrl=`${o.origin}/api`}get(e,t,r,n){return c((()=>this.fetchWrapper("GET",e,null,r,t,n)))}delete(e,t,r,n){return c((()=>this.fetchWrapper("DELETE",e,null,r,t,n)))}post(e,t,r,n,o){return c((()=>this.fetchWrapper("POST",e,r,n,t,o)))}put(e,t,r,n,o){return c((()=>this.fetchWrapper("PUT",e,r,n,t,o)))}patch(e,t,r,n,o){return c((()=>this.fetchWrapper("PATCH",e,r,n,t,o)))}async fetchWrapper(e,t,r,n,a,s){const c=`${this.loginUrl}${t.toString()}`,d=e.toUpperCase(),l=Object.assign({},i,n);try{this.logger&&this.logger.debug&&this.logger.debug({title:"HttpClient Request",method:d,url:c});const e={method:d,headers:l};r&&(e.body=JSON.stringify(r)),!o.isLocalHost()&&a&&(e.credentials="include");const t=await fetch(c,e);if(!t.ok)throw t;let n={};try{n=await t.text(),n=JSON.parse(n)}catch(e){}return{url:c,headers:t.headers,status:t.status,data:n}}catch(e){let t=e;try{t=await e.text(),t=JSON.parse(t)}catch(e){}const n=t.stack&&t.stack.match(/chrome-extension:[/][/](\w+)[/]/);if(n){this.logger&&this.logger.debug&&this.logger.debug({title:`Fetch failed due to a browser extension - ${d} - ${c}`,method:d,url:c,data:r,headers:l,error:e,resolvedError:t,extensionErrorId:n});const o=new Error(`Extension Error ID: ${n}`);throw o.code="BROWSER_EXTENSION_ERROR",o}const o=e.status;let i="warn",a="HttpClient Response Error";e?401===o?(a="HttpClient Response Error due to invalid token",i="debug"):404===o?(a="HttpClient Response: Not Found",i="debug"):o<500&&s&&(i="debug"):a="HttpClient Response Error - Unknown error occurred",this.logger&&this.logger[i]&&this.logger[i]({title:a,online:"undefined"==typeof navigator||navigator.onLine,method:d,url:c,status:o,data:r,headers:l,error:e,resolvedError:t});throw{url:c,status:o,data:t,headers:e.headers}}}}},354:(e,t,r)=>{const n=r(427),o=r(321),i=r(629),a=r(75),s=r(836),{sanitizeUrl:c}=r(332),d=r(160);let l,u=new Promise((e=>l=e)),h=null;const p="AuthenticationRequestNonce";const f=r(568);e.exports={LoginClient:class{constructor(e,t){const r=Object.assign({applicationId:"app_default"},e);this.logger=t||console;const n=r.authressApiUrl||r.authressLoginHostUrl||r.authenticationServiceUrl||"";if(!n)throw Error('Missing required property "authressApiUrl" in LoginClient constructor. Custom Authress Domain Host is required.');this.applicationId=r.applicationId,this.hostUrl=c(n),this.httpClient=new a(this.hostUrl,t),this.lastSessionCheck=0,this.enableCredentials=this.getMatchingDomainInfo(this.hostUrl),r.skipBackgroundCredentialsCheck||i.onLoad((async()=>{await this.userSessionExists(!0)}))}getMatchingDomainInfo(e){const t=new URL(e);if(i.isLocalHost())return!1;const r=i.getCurrentLocation();if("https:"!==r.protocol)return!1;const n=t.host.toLowerCase().split(".").reverse(),a=r.host.toLowerCase().split(".").reverse();let s=[];for(let e of n){const t=o(a,s.length+1).join(".");if(s.concat(e).join(".")!==t)break;s.push(e)}return s.length===n.length&&s.length===a.length||s.length>1}getUserIdentity(){const e=d.getUserCookie(),t=s.decodeOrParse(e);if(t){const r=t.exp?new Date(1e3*t.exp):new Date(Date.now()+864e5);return d.set(e,r),t.userId=t.sub,t}const r=d.get(),n=s.decodeOrParse(r);if(!n)return null;const o=new URL(n.iss).hostname,i=new URL(this.hostUrl).hostname;return o.endsWith(i)||i.endsWith(o)?(n.userId=n.sub,n):(this.logger&&this.logger.error&&this.logger.error({title:"Token saved in browser is for a different issuer, discarding",issuerOrigin:o,hostUrlOrigin:i,savedUserData:n}),d.clear(),null)}async getConnectionCredentials(){await this.waitForUserSession();try{const e=await this.ensureToken();return(await this.httpClient.get("/session/credentials",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data}catch(e){return null}}async getDevices(){try{const e=await this.ensureToken();return(await this.httpClient.get("/session/devices",this.enableCredentials,{Authorization:e&&`Bearer ${e}`})).data.devices}catch(e){return[]}}async deleteDevice(e){try{const t=await this.ensureToken();await this.httpClient.delete(`/session/devices/${encodeURIComponent(e)}`,this.enableCredentials,{Authorization:t&&`Bearer ${t}`})}catch(e){throw this.logger&&this.logger.log({title:"Failed to delete device",error:e}),e}}async openUserConfigurationScreen(e={redirectUrl:null,startPage:"Profile"}){if(!await this.userSessionExists()){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const t=new URL("/settings",this.hostUrl);t.searchParams.set("client_id",this.applicationId),t.searchParams.set("start_page",e&&e.startPage||"Profile"),t.searchParams.set("redirect_uri",e&&e.redirectUrl||i.getCurrentLocation().href),i.assign(t.toString()),await Promise.resolve()}async registerDevice(e={name:""}){const t=await this.getUserIdentity();if(!t){const e=Error("User must be logged to configure user profile data.");throw e.code="NotLoggedIn",e}const r=t.sub,n={challenge:Uint8Array.from(r,(e=>e.charCodeAt(0))),rp:{id:this.hostUrl.split(".").slice(1).join("."),name:"WebAuthN Login"},user:{id:Uint8Array.from(r,(e=>e.charCodeAt(0))),name:r,displayName:`Generated User ID: ${r}`},pubKeyCredParams:[{type:"public-key",alg:-36},{type:"public-key",alg:-35},{type:"public-key",alg:-7},{type:"public-key",alg:-259},{type:"public-key",alg:-258},{type:"public-key",alg:-257}],authenticatorSelection:{residentKey:"discouraged",requireResidentKey:!1,userVerification:"discouraged"},timeout:6e4,attestation:"direct"},o=await navigator.credentials.create({publicKey:n}),i={authenticatorAttachment:o.authenticatorAttachment,credentialId:o.id,type:o.type,userId:r,attestation:btoa(String.fromCharCode(...new Uint8Array(o.response.attestationObject))),client:JSON.parse(new TextDecoder("utf-8").decode(o.response.clientDataJSON))},a={name:e&&e.name,code:i,type:"WebAuthN"};try{const e=await this.ensureToken();return(await this.httpClient.post("/session/devices",this.enableCredentials,a,{Authorization:e&&`Bearer ${e}`})).data}catch(e){throw this.logger&&this.logger.log({title:"Failed to register new device",error:e}),e}}async waitForUserSession(){try{return await u,!0}catch(e){return!1}}userSessionExists(e){return h?Date.now()-this.lastSessionCheck<50?h:(this.lastSessionCheck=Date.now(),h=h.catch((()=>{})).then((()=>this.userSessionContinuation(e)))):(this.lastSessionCheck=Date.now(),h=this.userSessionContinuation(e))}async userSessionContinuation(e){const t=new URLSearchParams(i.getCurrentLocation().search),r=new URL(i.getCurrentLocation());let o={};if("undefined"!=typeof localStorage)try{o=JSON.parse(localStorage.getItem(p)||"{}"),localStorage.removeItem(p),Object.hasOwnProperty.call(o,"enableCredentials")&&(this.enableCredentials=o.enableCredentials)}catch(e){this.logger&&this.logger.debug&&this.logger.debug({title:"LocalStorage failed in Browser",error:e})}if(t.get("state")&&"oauthLogin"===t.get("flow"))return!1;if(o.nonce&&t.get("code")&&(r.searchParams.delete("nonce"),r.searchParams.delete("iss"),r.searchParams.delete("code"),history.replaceState({},void 0,r.toString()),o.nonce===t.get("nonce"))){const e="cookie"===t.get("code")?n.parse(document.cookie)["auth-code"]:t.get("code"),r={grant_type:"authorization_code",redirect_uri:o.redirectUrl,client_id:this.applicationId,code:e,code_verifier:o.codeVerifier};try{const e=await this.httpClient.post(`/authentication/${o.nonce}/tokens`,this.enableCredentials,r),t=s.decode(e.data.id_token),i=t.exp&&new Date(1e3*t.exp)||e.data.expires_in&&new Date(Date.now()+1e3*e.data.expires_in);return document.cookie=n.serialize("authorization",e.data.access_token||"",{expires:i,path:"/",sameSite:"strict"}),d.set(e.data.id_token,i),l(),!0}catch(e){if(this.logger&&this.logger.log({title:"Failed exchange authentication response for a token.",error:e}),e.data&&"invalid_request"===e.data.error)return!1;throw e.data||e}}if(i.isLocalHost()&&t.get("nonce")&&t.get("access_token")&&(r.searchParams.delete("iss"),r.searchParams.delete("nonce"),r.searchParams.delete("expires_in"),r.searchParams.delete("access_token"),r.searchParams.delete("id_token"),history.replaceState({},void 0,r.toString()),!o.nonce||o.nonce===t.get("nonce"))){const e=s.decode(t.get("id_token")),r=e.exp&&new Date(1e3*e.exp)||Number(t.get("expires_in"))&&new Date(Date.now()+1e3*Number(t.get("expires_in")));return document.cookie=n.serialize("authorization",t.get("access_token")||"",{expires:r,path:"/",sameSite:"strict"}),d.set(t.get("id_token"),r),l(),!0}if(this.getUserIdentity())return l(),!0;if(!i.isLocalHost()&&!e){try{const e=await this.httpClient.patch("/session",this.enableCredentials,{},null,!0);if(e.data.access_token){const t=s.decode(e.data.id_token),r=t.exp&&new Date(1e3*t.exp)||e.data.expires_in&&new Date(Date.now()+1e3*e.data.expires_in);document.cookie=n.serialize("authorization",e.data.access_token||"",{expires:r,path:"/",sameSite:"strict"}),d.set(e.data.id_token,r)}}catch(e){400!==e.status&&404!==e.status&&409!==e.status?this.logger&&this.logger.log&&this.logger.log({title:"User does not have an existing authentication session",error:e}):this.logger&&this.logger.log&&this.logger.log({title:"Failed attempting to check if the user has an existing authentication session",error:e})}if(this.getUserIdentity())return l(),!0}return!1}async updateExtensionAuthenticationRequest({state:e,connectionId:t,tenantLookupIdentifier:r,connectionProperties:n}){if(!t&&!r){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}const o=new URLSearchParams(i.getCurrentLocation().search),a=e||o.get("state");if(!a){const e=Error("The `state` parameters must be specified to update this authentication request");throw e.code="InvalidAuthenticationRequest",e}try{const e=await this.httpClient.patch(`/authentication/${a}`,!0,{connectionId:t,tenantLookupIdentifier:r,connectionProperties:n});i.assign(e.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to update extension authentication request",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data||e}await new Promise((e=>setTimeout(e,5e3)))}async unlinkIdentity(e){if(!e){const e=Error("connectionId must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged in to unlink an account.");throw e.code="NotLoggedIn",e}let t;try{t=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const r=this.enableCredentials&&!i.isLocalHost()?{}:{Authorization:`Bearer ${t}`};try{await this.httpClient.delete(`/identities/${encodeURIComponent(e)}`,this.enableCredentials,r)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to unlink user identity",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data||e}}async linkIdentity({connectionId:e,tenantLookupIdentifier:t,redirectUrl:r,connectionProperties:n}){if(!e&&!t){const e=Error("connectionId or tenantLookupIdentifier must be specified");throw e.code="InvalidConnection",e}if(!this.getUserIdentity()){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}let o;try{o=await this.ensureToken({timeoutInMillis:100})}catch(e){if("TokenTimeout"===e.code){const e=Error("User must be logged into an existing account before linking a second account.");throw e.code="NotLoggedIn",e}}const{codeChallenge:a}=await s.getAuthCodes();try{const s=r&&new URL(r).toString()||i.getCurrentLocation().href,c=this.enableCredentials&&!i.isLocalHost()?{}:{Authorization:`Bearer ${o}`},d=await this.httpClient.post("/authentication",this.enableCredentials,{linkIdentity:!0,redirectUrl:s,codeChallengeMethod:"S256",codeChallenge:a,connectionId:e,tenantLookupIdentifier:t,connectionProperties:n,applicationId:this.applicationId},c);i.assign(d.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to start user identity link",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e}await new Promise((e=>setTimeout(e,5e3)))}async authenticate(e={}){const{connectionId:t,tenantLookupIdentifier:r,inviteId:n,redirectUrl:o,force:a,responseLocation:c,flowType:l,connectionProperties:u,openType:h,multiAccount:f,clearUserDataBeforeLogin:g}=e||{};if(c&&"cookie"!==c&&"query"!==c&&"none"!==c){const e=Error("Authentication response location is not valid");throw e.code="InvalidResponseLocation",e}if(!a&&!f&&await this.userSessionExists())return!0;const{codeVerifier:m,codeChallenge:w}=await s.getAuthCodes();try{const e=o&&new URL(o).toString()||i.getCurrentLocation().href;!1!==g&&d.clear();const a=await this.httpClient.post("/authentication",!1,{redirectUrl:e,codeChallengeMethod:"S256",codeChallenge:w,connectionId:t,tenantLookupIdentifier:r,inviteId:n,connectionProperties:u,applicationId:this.applicationId,responseLocation:c,flowType:l,multiAccount:f});if(localStorage.setItem(p,JSON.stringify({nonce:a.data.authenticationRequestId,codeVerifier:m,lastConnectionId:t,tenantLookupIdentifier:r,redirectUrl:e,enableCredentials:a.data.enableCredentials,multiAccount:f})),"tab"===h){const e=i.open(a.data.authenticationUrl,"_blank");e&&!e.closed&&void 0!==e.closed||i.assign(a.data.authenticationUrl)}else i.assign(a.data.authenticationUrl)}catch(e){if(this.logger&&this.logger.log&&this.logger.log({title:"Failed to start authentication for user",error:e}),e.status&&e.status>=400&&e.status<500){const t=Error(e.data&&(e.data.title||e.data.errorCode)||e.data||"Unknown Error");throw t.code=e.data&&e.data.errorCode,t}throw e.data||e}return await new Promise((e=>setTimeout(e,5e3))),!1}async ensureToken(e){await this.userSessionExists();const t=Object.assign({timeoutInMillis:5e3},e||{}),r=this.waitForUserSession(),o=new Promise(((e,r)=>setTimeout(r,t.timeoutInMillis||0)));try{await Promise.race([r,o])}catch(e){const t=Error("No token retrieved after timeout");throw t.code="TokenTimeout",t}const i=n.parse(document.cookie);return"undefined"!==i.authorization&&i.authorization}async logout(e){if(d.clear(),u=new Promise((e=>l=e)),this.enableCredentials)try{return await this.httpClient.delete("/session",this.enableCredentials),void(e&&e!==i.getCurrentLocation().href&&i.assign(e))}catch(e){}const t=new URL("/logout",this.hostUrl);t.searchParams.set("redirect_uri",e||i.getCurrentLocation().href),t.searchParams.set("client_id",this.applicationId),i.assign(t.toString())}},ExtensionClient:f,UserConfigurationScreen:{Profile:"Profile",MFA:"MFA"}}},836:(e,t,r)=>{const n=r(878);e.exports=new class{decode(e){if(!e)return null;try{const t=JSON.parse(n.decode(e.split(".")[1]));return t.exp&&(t.exp=t.exp-10),t}catch(e){return null}}decodeOrParse(e){if(!e)return null;if("object"==typeof e)return e;try{return JSON.parse(e)}catch(t){return this.decode(e)}}decodeFull(e){if(!e)return null;try{const t=JSON.parse(n.decode(e.split(".")[0])),r=JSON.parse(n.decode(e.split(".")[1]));return r.exp&&(r.exp=r.exp-10),{header:t,payload:r}}catch(e){return null}}async getAuthCodes(){const e=n.encode((window.crypto||window.msCrypto).getRandomValues(new Uint32Array(16)).toString()),t=await(window.crypto||window.msCrypto).subtle.digest("SHA-256",(new TextEncoder).encode(e));return{codeVerifier:e,codeChallenge:n.encode(t)}}}},160:(e,t,r)=>{const n=r(427),o="AuthenticationCredentialsStorage";e.exports=new class{getUserCookie(){if("undefined"==typeof window||"undefined"==typeof document)return null;return document.cookie.split(";").filter((e=>"user"===e.split("=")[0].trim())).map((e=>e.replace(/^user=/,""))).find((e=>e&&e.trim()))||null}set(e,t){if("undefined"!=typeof window&&"undefined"!=typeof document)try{const r=n.parse(document.cookie);localStorage.setItem(o,JSON.stringify({idToken:e,expiry:t&&t.getTime(),jsCookies:!!r.authorization})),this.clearCookies("user")}catch(e){console.debug("LocalStorage failed in Browser",e)}}get(){if("undefined"==typeof window||"undefined"==typeof document)return null;let e={};try{e=n.parse(document.cookie)}catch(e){console.debug("CookieManagement failed in Browser",e)}try{const{idToken:t,expiry:r,jsCookies:n}=JSON.parse(localStorage.getItem(o)||"{}");return t?r<Date.now()||n&&!e.authorization?null:t:this.getUserCookie()}catch(e){return console.debug("LocalStorage failed in Browser",e),this.getUserCookie()}}delete(){try{localStorage.removeItem(o)}catch(e){console.debug("LocalStorage failed in Browser",e)}try{this.clearCookies("user")}catch(e){console.debug("CookieManagement failed in Browser",e)}}clear(){this.clearCookies(),this.delete()}clearCookies(e){if("undefined"==typeof window||"undefined"==typeof document)return;const t=document.cookie.split("; ");for(const r of t){if(!["user","authorization","auth-code"].includes(r.split("=")[0])||e&&r.split("=")[0]!==e)continue;const t=window.location.hostname.split("."),n=[...Array(t.length-1)].map(((e,r)=>t.reverse().slice(0,r+2).reverse().join("."))).map((e=>[e,`.${e}`])).flat(1).concat(null);"localhost"===window.location.hostname&&n.push("localhost");for(const e of n){const t=e?`domain=${e};`:"",n=`${encodeURIComponent(r.split(";")[0].split("=")[0])}=; expires=Thu, 01-Jan-1970 00:00:01 GMT; ${t} SameSite=Strict; path=`;document.cookie=`${n}/`;const o=location.pathname.split("/");for(;o.length>0;)document.cookie=n+o.join("/"),o.pop()}}}}},332:e=>{e.exports.sanitizeUrl=function(e){let t=e;t.startsWith("http")||(t=`https://${t}`);const r=new URL(t),n=r.host.match(/^([a-z0-9-]+)[.][a-z0-9-]+[.]authress[.]io$/);return n&&(r.host=`${n[1]}.login.authress.io`,t=r.toString()),t.replace(/[/]+$/,"")}},629:e=>{e.exports=new class{onLoad(e){"undefined"!=typeof window&&(window.onload=e)}isLocalHost(){return"undefined"!=typeof window&&window.location&&("localhost"===window.location.hostname||"127.0.0.1"===window.location.hostname)}getCurrentLocation(){return"undefined"!=typeof window&&new URL(window.location)||new URL("http://localhost:8080")}assign(e){return"undefined"==typeof window?null:window.location.assign(e.toString())}open(e){return"undefined"==typeof window?null:window.open(e.toString())}}},427:(e,t)=>{"use strict";t.parse=function(e,t){if("string"!=typeof e)throw new TypeError("argument str must be a string");var r={},n=(t||{}).decode||o,i=0;for(;i<e.length;){var s=e.indexOf("=",i);if(-1===s)break;var c=e.indexOf(";",i);if(-1===c)c=e.length;else if(c<s){i=e.lastIndexOf(";",s-1)+1;continue}var d=e.slice(i,s).trim();if(void 0===r[d]){var l=e.slice(s+1,c).trim();34===l.charCodeAt(0)&&(l=l.slice(1,-1)),r[d]=a(l,n)}i=c+1}return r},t.serialize=function(e,t,o){var a=o||{},s=a.encode||i;if("function"!=typeof s)throw new TypeError("option encode is invalid");if(!n.test(e))throw new TypeError("argument name is invalid");var c=s(t);if(c&&!n.test(c))throw new TypeError("argument val is invalid");var d=e+"="+c;if(null!=a.maxAge){var l=a.maxAge-0;if(isNaN(l)||!isFinite(l))throw new TypeError("option maxAge is invalid");d+="; Max-Age="+Math.floor(l)}if(a.domain){if(!n.test(a.domain))throw new TypeError("option domain is invalid");d+="; Domain="+a.domain}if(a.path){if(!n.test(a.path))throw new TypeError("option path is invalid");d+="; Path="+a.path}if(a.expires){var u=a.expires;if(!function(e){return"[object Date]"===r.call(e)||e instanceof Date}(u)||isNaN(u.valueOf()))throw new TypeError("option expires is invalid");d+="; Expires="+u.toUTCString()}a.httpOnly&&(d+="; HttpOnly");a.secure&&(d+="; Secure");if(a.priority){switch("string"==typeof a.priority?a.priority.toLowerCase():a.priority){case"low":d+="; Priority=Low";break;case"medium":d+="; Priority=Medium";break;case"high":d+="; Priority=High";break;default:throw new TypeError("option priority is invalid")}}if(a.sameSite){switch("string"==typeof a.sameSite?a.sameSite.toLowerCase():a.sameSite){case!0:d+="; SameSite=Strict";break;case"lax":d+="; SameSite=Lax";break;case"strict":d+="; SameSite=Strict";break;case"none":d+="; SameSite=None";break;default:throw new TypeError("option sameSite is invalid")}}return d};var r=Object.prototype.toString,n=/^[\u0009\u0020-\u007e\u0080-\u00ff]+$/;function o(e){return-1!==e.indexOf("%")?decodeURIComponent(e):e}function i(e){return encodeURIComponent(e)}function a(e,t){try{return t(e)}catch(t){return e}}},321:e=>{var t=1/0,r=17976931348623157e292,n=NaN,o="[object Symbol]",i=/^\s+|\s+$/g,a=/^[-+]0x[0-9a-f]+$/i,s=/^0b[01]+$/i,c=/^0o[0-7]+$/i,d=parseInt,l=Object.prototype.toString;function u(e){var t=typeof e;return!!e&&("object"==t||"function"==t)}e.exports=function(e,h,p){return e&&e.length?function(e,t,r){var n=-1,o=e.length;t<0&&(t=-t>o?0:o+t),(r=r>o?o:r)<0&&(r+=o),o=t>r?0:r-t>>>0,t>>>=0;for(var i=Array(o);++n<o;)i[n]=e[n+t];return i}(e,0,(h=p||void 0===h?1:(f=function(e){return e?(e=function(e){if("number"==typeof e)return e;if(function(e){return"symbol"==typeof e||function(e){return!!e&&"object"==typeof e}(e)&&l.call(e)==o}(e))return n;if(u(e)){var t="function"==typeof e.valueOf?e.valueOf():e;e=u(t)?t+"":t}if("string"!=typeof e)return 0===e?e:+e;e=e.replace(i,"");var r=s.test(e);return r||c.test(e)?d(e.slice(2),r?2:8):a.test(e)?n:+e}(e))===t||e===-t?(e<0?-1:1)*r:e==e?e:0:0===e?e:0}(h),g=f%1,f==f?g?f-g:f:0))<0?0:h):[];var f,g}}},n={};function o(e){var t=n[e];if(void 0!==t){if(void 0!==t.error)throw t.error;return t.exports}var i=n[e]={exports:{}};try{var a={id:e,module:i,factory:r[e],require:o};o.i.forEach((function(e){e(a)})),i=a.module,a.factory.call(i.exports,i,i.exports,a.require)}catch(e){throw i.error=e,e}return i.exports}return o.m=r,o.c=n,o.i=[],o.hu=e=>e+"."+o.h()+".hot-update.js",o.hmrF=()=>"main."+o.h()+".hot-update.json",o.h=()=>"7eba354859dda25518fc",o.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),e={},t="authress:",o.l=(r,n,i,a)=>{if(e[r])e[r].push(n);else{var s,c;if(void 0!==i)for(var d=document.getElementsByTagName("script"),l=0;l<d.length;l++){var u=d[l];if(u.getAttribute("src")==r||u.getAttribute("data-webpack")==t+i){s=u;break}}s||(c=!0,(s=document.createElement("script")).charset="utf-8",s.timeout=120,o.nc&&s.setAttribute("nonce",o.nc),s.setAttribute("data-webpack",t+i),s.src=r),e[r]=[n];var h=(t,n)=>{s.onerror=s.onload=null,clearTimeout(p);var o=e[r];if(delete e[r],s.parentNode&&s.parentNode.removeChild(s),o&&o.forEach((e=>e(n))),t)return t(n)},p=setTimeout(h.bind(null,void 0,{type:"timeout",target:s}),12e4);s.onerror=h.bind(null,s.onerror),s.onload=h.bind(null,s.onload),c&&document.head.appendChild(s)}},(()=>{var e,t,r,n={},i=o.c,a=[],s=[],c="idle",d=0,l=[];function u(e){c=e;for(var t=[],r=0;r<s.length;r++)t[r]=s[r].call(null,e);return Promise.all(t).then((function(){}))}function h(){0==--d&&u("ready").then((function(){if(0===d){var e=l;l=[];for(var t=0;t<e.length;t++)e[t]()}}))}function p(e){if("idle"!==c)throw new Error("check() is only allowed in idle status");return u("check").then(o.hmrM).then((function(r){return r?u("prepare").then((function(){var n=[];return t=[],Promise.all(Object.keys(o.hmrC).reduce((function(e,i){return o.hmrC[i](r.c,r.r,r.m,e,t,n),e}),[])).then((function(){return t=function(){return e?g(e):u("ready").then((function(){return n}))},0===d?t():new Promise((function(e){l.push((function(){e(t())}))}));var t}))})):u(m()?"ready":"idle").then((function(){return null}))}))}function f(e){return"ready"!==c?Promise.resolve().then((function(){throw new Error("apply() is only allowed in ready status (state: "+c+")")})):g(e)}function g(e){e=e||{},m();var n=t.map((function(t){return t(e)}));t=void 0;var o=n.map((function(e){return e.error})).filter(Boolean);if(o.length>0)return u("abort").then((function(){throw o[0]}));var i=u("dispose");n.forEach((function(e){e.dispose&&e.dispose()}));var a,s=u("apply"),c=function(e){a||(a=e)},d=[];return n.forEach((function(e){if(e.apply){var t=e.apply(c);if(t)for(var r=0;r<t.length;r++)d.push(t[r])}})),Promise.all([i,s]).then((function(){return a?u("fail").then((function(){throw a})):r?g(e).then((function(e){return d.forEach((function(t){e.indexOf(t)<0&&e.push(t)})),e})):u("idle").then((function(){return d}))}))}function m(){if(r)return t||(t=[]),Object.keys(o.hmrI).forEach((function(e){r.forEach((function(r){o.hmrI[e](r,t)}))})),r=void 0,!0}o.hmrD=n,o.i.push((function(l){var g,m,w,y,v=l.module,k=function(t,r){var n=i[r];if(!n)return t;var o=function(o){if(n.hot.active){if(i[o]){var s=i[o].parents;-1===s.indexOf(r)&&s.push(r)}else a=[r],e=o;-1===n.children.indexOf(o)&&n.children.push(o)}else console.warn("[HMR] unexpected require("+o+") from disposed module "+r),a=[];return t(o)},s=function(e){return{configurable:!0,enumerable:!0,get:function(){return t[e]},set:function(r){t[e]=r}}};for(var l in t)Object.prototype.hasOwnProperty.call(t,l)&&"e"!==l&&Object.defineProperty(o,l,s(l));return o.e=function(e,r){return function(e){switch(c){case"ready":u("prepare");case"prepare":return d++,e.then(h,h),e;default:return e}}(t.e(e,r))},o}(l.require,l.id);v.hot=(g=l.id,m=v,y={_acceptedDependencies:{},_acceptedErrorHandlers:{},_declinedDependencies:{},_selfAccepted:!1,_selfDeclined:!1,_selfInvalidated:!1,_disposeHandlers:[],_main:w=e!==g,_requireSelf:function(){a=m.parents.slice(),e=w?void 0:g,o(g)},active:!0,accept:function(e,t,r){if(void 0===e)y._selfAccepted=!0;else if("function"==typeof e)y._selfAccepted=e;else if("object"==typeof e&&null!==e)for(var n=0;n<e.length;n++)y._acceptedDependencies[e[n]]=t||function(){},y._acceptedErrorHandlers[e[n]]=r;else y._acceptedDependencies[e]=t||function(){},y._acceptedErrorHandlers[e]=r},decline:function(e){if(void 0===e)y._selfDeclined=!0;else if("object"==typeof e&&null!==e)for(var t=0;t<e.length;t++)y._declinedDependencies[e[t]]=!0;else y._declinedDependencies[e]=!0},dispose:function(e){y._disposeHandlers.push(e)},addDisposeHandler:function(e){y._disposeHandlers.push(e)},removeDisposeHandler:function(e){var t=y._disposeHandlers.indexOf(e);t>=0&&y._disposeHandlers.splice(t,1)},invalidate:function(){switch(this._selfInvalidated=!0,c){case"idle":t=[],Object.keys(o.hmrI).forEach((function(e){o.hmrI[e](g,t)})),u("ready");break;case"ready":Object.keys(o.hmrI).forEach((function(e){o.hmrI[e](g,t)}));break;case"prepare":case"check":case"dispose":case"apply":(r=r||[]).push(g)}},check:p,apply:f,status:function(e){if(!e)return c;s.push(e)},addStatusHandler:function(e){s.push(e)},removeStatusHandler:function(e){var t=s.indexOf(e);t>=0&&s.splice(t,1)},data:n[g]},e=void 0,y),v.parents=a,v.children=[],a=[],l.require=k})),o.hmrC={},o.hmrI={}})(),o.p="",(()=>{var e,t,r,n,i,a=o.hmrS_jsonp=o.hmrS_jsonp||{792:0},s={};function c(t,r){return e=r,new Promise(((e,r)=>{s[t]=e;var n=o.p+o.hu(t),i=new Error;o.l(n,(e=>{if(s[t]){s[t]=void 0;var n=e&&("load"===e.type?"missing":e.type),o=e&&e.target&&e.target.src;i.message="Loading hot update chunk "+t+" failed.\n("+n+": "+o+")",i.name="ChunkLoadError",i.type=n,i.request=o,r(i)}}))}))}function d(e){function s(e){for(var t=[e],r={},n=t.map((function(e){return{chain:[e],id:e}}));n.length>0;){var i=n.pop(),a=i.id,s=i.chain,d=o.c[a];if(d&&(!d.hot._selfAccepted||d.hot._selfInvalidated)){if(d.hot._selfDeclined)return{type:"self-declined",chain:s,moduleId:a};if(d.hot._main)return{type:"unaccepted",chain:s,moduleId:a};for(var l=0;l<d.parents.length;l++){var u=d.parents[l],h=o.c[u];if(h){if(h.hot._declinedDependencies[a])return{type:"declined",chain:s.concat([u]),moduleId:a,parentId:u};-1===t.indexOf(u)&&(h.hot._acceptedDependencies[a]?(r[u]||(r[u]=[]),c(r[u],[a])):(delete r[u],t.push(u),n.push({chain:s.concat([u]),id:u})))}}}}return{type:"accepted",moduleId:e,outdatedModules:t,outdatedDependencies:r}}function c(e,t){for(var r=0;r<t.length;r++){var n=t[r];-1===e.indexOf(n)&&e.push(n)}}o.f&&delete o.f.jsonpHmr,t=void 0;var d={},l=[],u={},h=function(e){console.warn("[HMR] unexpected require("+e.id+") to disposed module")};for(var p in r)if(o.o(r,p)){var f,g=r[p],m=!1,w=!1,y=!1,v="";switch((f=g?s(p):{type:"disposed",moduleId:p}).chain&&(v="\nUpdate propagation: "+f.chain.join(" -> ")),f.type){case"self-declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined||(m=new Error("Aborted because of self decline: "+f.moduleId+v));break;case"declined":e.onDeclined&&e.onDeclined(f),e.ignoreDeclined||(m=new Error("Aborted because of declined dependency: "+f.moduleId+" in "+f.parentId+v));break;case"unaccepted":e.onUnaccepted&&e.onUnaccepted(f),e.ignoreUnaccepted||(m=new Error("Aborted because "+p+" is not accepted"+v));break;case"accepted":e.onAccepted&&e.onAccepted(f),w=!0;break;case"disposed":e.onDisposed&&e.onDisposed(f),y=!0;break;default:throw new Error("Unexception type "+f.type)}if(m)return{error:m};if(w)for(p in u[p]=g,c(l,f.outdatedModules),f.outdatedDependencies)o.o(f.outdatedDependencies,p)&&(d[p]||(d[p]=[]),c(d[p],f.outdatedDependencies[p]));y&&(c(l,[f.moduleId]),u[p]=h)}r=void 0;for(var k,C=[],b=0;b<l.length;b++){var I=l[b],S=o.c[I];S&&(S.hot._selfAccepted||S.hot._main)&&u[I]!==h&&!S.hot._selfInvalidated&&C.push({module:I,require:S.hot._requireSelf,errorHandler:S.hot._selfAccepted})}return{dispose:function(){var e;n.forEach((function(e){delete a[e]})),n=void 0;for(var t,r=l.slice();r.length>0;){var i=r.pop(),s=o.c[i];if(s){var c={},u=s.hot._disposeHandlers;for(b=0;b<u.length;b++)u[b].call(null,c);for(o.hmrD[i]=c,s.hot.active=!1,delete o.c[i],delete d[i],b=0;b<s.children.length;b++){var h=o.c[s.children[b]];h&&((e=h.parents.indexOf(i))>=0&&h.parents.splice(e,1))}}}for(var p in d)if(o.o(d,p)&&(s=o.c[p]))for(k=d[p],b=0;b<k.length;b++)t=k[b],(e=s.children.indexOf(t))>=0&&s.children.splice(e,1)},apply:function(t){for(var r in u)o.o(u,r)&&(o.m[r]=u[r]);for(var n=0;n<i.length;n++)i[n](o);for(var a in d)if(o.o(d,a)){var s=o.c[a];if(s){k=d[a];for(var c=[],h=[],p=[],f=0;f<k.length;f++){var g=k[f],m=s.hot._acceptedDependencies[g],w=s.hot._acceptedErrorHandlers[g];if(m){if(-1!==c.indexOf(m))continue;c.push(m),h.push(w),p.push(g)}}for(var y=0;y<c.length;y++)try{c[y].call(null,k)}catch(r){if("function"==typeof h[y])try{h[y](r,{moduleId:a,dependencyId:p[y]})}catch(n){e.onErrored&&e.onErrored({type:"accept-error-handler-errored",moduleId:a,dependencyId:p[y],error:n,originalError:r}),e.ignoreErrored||(t(n),t(r))}else e.onErrored&&e.onErrored({type:"accept-errored",moduleId:a,dependencyId:p[y],error:r}),e.ignoreErrored||t(r)}}}for(var v=0;v<C.length;v++){var b=C[v],I=b.module;try{b.require(I)}catch(r){if("function"==typeof b.errorHandler)try{b.errorHandler(r,{moduleId:I,module:o.c[I]})}catch(n){e.onErrored&&e.onErrored({type:"self-accept-error-handler-errored",moduleId:I,error:n,originalError:r}),e.ignoreErrored||(t(n),t(r))}else e.onErrored&&e.onErrored({type:"self-accept-errored",moduleId:I,error:r}),e.ignoreErrored||t(r)}}return l}}}this.webpackHotUpdateauthress=(t,n,a)=>{for(var c in n)o.o(n,c)&&(r[c]=n[c],e&&e.push(c));a&&i.push(a),s[t]&&(s[t](),s[t]=void 0)},o.hmrI.jsonp=function(e,t){r||(r={},i=[],n=[],t.push(d)),o.o(r,e)||(r[e]=o.m[e])},o.hmrC.jsonp=function(e,s,l,u,h,p){h.push(d),t={},n=s,r=l.reduce((function(e,t){return e[t]=!1,e}),{}),i=[],e.forEach((function(e){o.o(a,e)&&void 0!==a[e]?(u.push(c(e,p)),t[e]=!0):t[e]=!1})),o.f&&(o.f.jsonpHmr=function(e,r){t&&o.o(t,e)&&!t[e]&&(r.push(c(e)),t[e]=!0)})},o.hmrM=()=>{if("undefined"==typeof fetch)throw new Error("No browser support: need fetch API");return fetch(o.p+o.hmrF()).then((e=>{if(404!==e.status){if(!e.ok)throw new Error("Failed to fetch update manifest "+e.statusText);return e.json()}}))}})(),o(354)})()));

package/dist/authress.min.js.LICENSE.txt

@@ -7,7 +7,7 @@
 
 /**
 * @preserve
-* Authress Login SDK 2.3.298
+* Authress Login SDK 2.3.301
 * License: Apache-2.0
 * Repo   : https://github.com/Authress/login-sdk.js
 * Author : Authress Developers

package/dist/eslint_report.html

@@ -91,7 +91,7 @@
         <div id="overview" class="bg-1">
             <h1>ESLint Report</h1>
             <div>
-                <span>1 problem (0 errors, 1 warning)</span> - Generated on Wed Feb 07 2024 20:29:23 GMT+0000 (Coordinated Universal Time)
+                <span>1 problem (0 errors, 1 warning)</span> - Generated on Fri Feb 23 2024 20:39:18 GMT+0000 (Coordinated Universal Time)
             </div>
         </div>
         <table>

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@authress/login",
-  "version": "2.3.298",
+  "version": "2.3.301",
   "description": "Universal login sdk for Authress authentication as a service. Provides managed authentication for user identity, authentication, and token verification.",
   "main": "./src/index.js",
   "types": "./index.d.ts",

package/src/index.js

@@ -23,21 +23,22 @@ class LoginClient {
    * @param {Object} [logger] a configured logger object, optionally `console`, which can used to display debug and warning messages.
    */
   constructor(settings, logger) {
-    this.settings = Object.assign({ applicationId: 'app_default' }, settings);
+    const settingsWithDefault = Object.assign({ applicationId: 'app_default' }, settings);
     this.logger = logger || console;
-    const hostUrl = this.settings.authressApiUrl || this.settings.authressLoginHostUrl || this.settings.authenticationServiceUrl || '';
+    const hostUrl = settingsWithDefault.authressApiUrl || settingsWithDefault.authressLoginHostUrl || settingsWithDefault.authenticationServiceUrl || '';
 
     if (!hostUrl) {
       throw Error('Missing required property "authressApiUrl" in LoginClient constructor. Custom Authress Domain Host is required.');
     }
 
+    this.applicationId = settingsWithDefault.applicationId;
     this.hostUrl = sanitizeUrl(hostUrl);
     this.httpClient = new HttpClient(this.hostUrl, logger);
     this.lastSessionCheck = 0;
 
     this.enableCredentials = this.getMatchingDomainInfo(this.hostUrl);
 
-    if (!settings.skipBackgroundCredentialsCheck) {
+    if (!settingsWithDefault.skipBackgroundCredentialsCheck) {
       windowManager.onLoad(async () => {
         await this.userSessionExists(true);
       });
@@ -166,7 +167,7 @@ class LoginClient {
     }
 
     const userConfigurationScreenUrl = new URL('/settings', this.hostUrl);
-    userConfigurationScreenUrl.searchParams.set('client_id', this.settings.applicationId);
+    userConfigurationScreenUrl.searchParams.set('client_id', this.applicationId);
     userConfigurationScreenUrl.searchParams.set('start_page', options && options.startPage || 'Profile');
     userConfigurationScreenUrl.searchParams.set('redirect_uri', options && options.redirectUrl || windowManager.getCurrentLocation().href);
     windowManager.assign(userConfigurationScreenUrl.toString());
@@ -309,7 +310,7 @@ class LoginClient {
       // * This prevents canonical replay attacks, and fall through. If the user is already logged in, then the new log in attempt is ignored.
       if (authRequest.nonce === urlSearchParams.get('nonce')) {
         const code = urlSearchParams.get('code') === 'cookie' ? cookieManager.parse(document.cookie)['auth-code'] : urlSearchParams.get('code');
-        const request = { grant_type: 'authorization_code', redirect_uri: authRequest.redirectUrl, client_id: this.settings.applicationId, code, code_verifier: authRequest.codeVerifier };
+        const request = { grant_type: 'authorization_code', redirect_uri: authRequest.redirectUrl, client_id: this.applicationId, code, code_verifier: authRequest.codeVerifier };
         try {
           const tokenResult = await this.httpClient.post(`/authentication/${authRequest.nonce}/tokens`, this.enableCredentials, request);
           const idToken = jwtManager.decode(tokenResult.data.id_token);
@@ -522,7 +523,7 @@ class LoginClient {
         redirectUrl: selectedRedirectUrl, codeChallengeMethod: 'S256', codeChallenge,
         connectionId, tenantLookupIdentifier,
         connectionProperties,
-        applicationId: this.settings.applicationId
+        applicationId: this.applicationId
       }, headers);
       windowManager.assign(requestOptions.data.authenticationUrl);
     } catch (error) {
@@ -578,7 +579,7 @@ class LoginClient {
         redirectUrl: selectedRedirectUrl, codeChallengeMethod: 'S256', codeChallenge,
         connectionId, tenantLookupIdentifier, inviteId,
         connectionProperties,
-        applicationId: this.settings.applicationId,
+        applicationId: this.applicationId,
         responseLocation, flowType, multiAccount
       });
       localStorage.setItem(AuthenticationRequestNonceKey, JSON.stringify({
@@ -651,7 +652,7 @@ class LoginClient {
 
     const fullLogoutUrl = new URL('/logout', this.hostUrl);
     fullLogoutUrl.searchParams.set('redirect_uri', redirectUrl || windowManager.getCurrentLocation().href);
-    fullLogoutUrl.searchParams.set('client_id', this.settings.applicationId);
+    fullLogoutUrl.searchParams.set('client_id', this.applicationId);
     windowManager.assign(fullLogoutUrl.toString());
   }
 }

package/src/util.js

@@ -1,7 +1,15 @@
-module.exports.sanitizeUrl = function sanitizeUrl(url) {
-  if (url.startsWith('http')) {
-    return url;
+module.exports.sanitizeUrl = function sanitizeUrl(rawUrlStrng) {
+  let sanitizedUrl = rawUrlStrng;
+  if (!sanitizedUrl.startsWith('http')) {
+    sanitizedUrl = `https://${sanitizedUrl}`;
   }
 
-  return `https://${url}`;
+  const url = new URL(sanitizedUrl);
+  const domainBaseUrlMatch = url.host.match(/^([a-z0-9-]+)[.][a-z0-9-]+[.]authress[.]io$/);
+  if (domainBaseUrlMatch) {
+    url.host = `${domainBaseUrlMatch[1]}.login.authress.io`;
+    sanitizedUrl = url.toString();
+  }
+
+  return sanitizedUrl.replace(/[/]+$/, '');
 };