@axa-fr/oidc-client-service-worker 7.22.18 → 7.22.19

package/dist/OidcServiceWorker.js

@@ -12,6 +12,196 @@ const TokenRenewMode = {
   id_token_invalid: "id_token_invalid"
 };
 const openidWellknownUrlEndWith = "/.well-known/openid-configuration";
+function strToUint8(str) {
+  return new TextEncoder().encode(str);
+}
+function binToUrlBase64(bin) {
+  return btoa(bin).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+/g, "");
+}
+function utf8ToBinaryString(str) {
+  const escstr = encodeURIComponent(str);
+  return escstr.replace(/%([0-9A-F]{2})/g, function(match, p1) {
+    return String.fromCharCode(parseInt(p1, 16));
+  });
+}
+const uint8ToUrlBase64 = (uint8) => {
+  let bin = "";
+  uint8.forEach(function(code) {
+    bin += String.fromCharCode(code);
+  });
+  return binToUrlBase64(bin);
+};
+function strToUrlBase64(str) {
+  return binToUrlBase64(utf8ToBinaryString(str));
+}
+const defaultDemonstratingProofOfPossessionConfiguration = {
+  importKeyAlgorithm: {
+    name: "ECDSA",
+    namedCurve: "P-256",
+    hash: { name: "ES256" }
+  },
+  signAlgorithm: { name: "ECDSA", hash: { name: "SHA-256" } },
+  generateKeyAlgorithm: {
+    name: "ECDSA",
+    namedCurve: "P-256"
+  },
+  digestAlgorithm: { name: "SHA-256" },
+  jwtHeaderAlgorithm: "ES256"
+};
+const sign = (w) => async (jwk, headers, claims, demonstratingProofOfPossessionConfiguration, jwtHeaderType = "dpop+jwt") => {
+  jwk = Object.assign({}, jwk);
+  headers.typ = jwtHeaderType;
+  headers.alg = demonstratingProofOfPossessionConfiguration.jwtHeaderAlgorithm;
+  switch (headers.alg) {
+    case "ES256":
+      headers.jwk = { kty: jwk.kty, crv: jwk.crv, x: jwk.x, y: jwk.y };
+      break;
+    case "RS256":
+      headers.jwk = { kty: jwk.kty, n: jwk.n, e: jwk.e, kid: headers.kid };
+      break;
+    default:
+      throw new Error("Unknown or not implemented JWS algorithm");
+  }
+  const jws = {
+    // @ts-ignore
+    // JWT "headers" really means JWS "protected headers"
+    protected: strToUrlBase64(JSON.stringify(headers)),
+    // @ts-ignore
+    // JWT "claims" are really a JSON-defined JWS "payload"
+    payload: strToUrlBase64(JSON.stringify(claims))
+  };
+  const keyType = demonstratingProofOfPossessionConfiguration.importKeyAlgorithm;
+  const exportable = true;
+  const privileges = ["sign"];
+  const privateKey = await w.crypto.subtle.importKey("jwk", jwk, keyType, exportable, privileges);
+  const data = strToUint8(`${jws.protected}.${jws.payload}`);
+  const signatureType = demonstratingProofOfPossessionConfiguration.signAlgorithm;
+  const signature = await w.crypto.subtle.sign(signatureType, privateKey, data);
+  jws.signature = uint8ToUrlBase64(new Uint8Array(signature));
+  return `${jws.protected}.${jws.payload}.${jws.signature}`;
+};
+const JWT = { sign };
+const generate = (w) => async (generateKeyAlgorithm) => {
+  const keyType = generateKeyAlgorithm;
+  const exportable = true;
+  const privileges = ["sign", "verify"];
+  const key = await w.crypto.subtle.generateKey(keyType, exportable, privileges);
+  return await w.crypto.subtle.exportKey("jwk", key.privateKey);
+};
+const neuter = (jwk) => {
+  const copy = Object.assign({}, jwk);
+  delete copy.d;
+  copy.key_ops = ["verify"];
+  return copy;
+};
+const EC = {
+  generate,
+  neuter
+};
+const thumbprint = (w) => async (jwk, digestAlgorithm) => {
+  let sortedPub;
+  switch (jwk.kty) {
+    case "EC":
+      sortedPub = '{"crv":"CRV","kty":"EC","x":"X","y":"Y"}'.replace("CRV", jwk.crv).replace("X", jwk.x).replace("Y", jwk.y);
+      break;
+    case "RSA":
+      sortedPub = '{"e":"E","kty":"RSA","n":"N"}'.replace("E", jwk.e).replace("N", jwk.n);
+      break;
+    default:
+      throw new Error("Unknown or not implemented JWK type");
+  }
+  const hash = await w.crypto.subtle.digest(digestAlgorithm, strToUint8(sortedPub));
+  return uint8ToUrlBase64(new Uint8Array(hash));
+};
+const JWK = { thumbprint };
+const generateJwkAsync = (w) => async (generateKeyAlgorithm) => {
+  const jwk = await EC.generate(w)(generateKeyAlgorithm);
+  return jwk;
+};
+const generateJwtDemonstratingProofOfPossessionAsync = (w) => (demonstratingProofOfPossessionConfiguration) => async (jwk, method = "POST", url, extrasClaims = {}) => {
+  const claims = {
+    // https://www.rfc-editor.org/rfc/rfc9449.html#name-concept
+    jti: btoa(guid()),
+    htm: method,
+    htu: url,
+    iat: Math.round(Date.now() / 1e3),
+    ...extrasClaims
+  };
+  const kid = await JWK.thumbprint(w)(
+    jwk,
+    demonstratingProofOfPossessionConfiguration.digestAlgorithm
+  );
+  const jwt = await JWT.sign(w)(
+    jwk,
+    { kid },
+    claims,
+    demonstratingProofOfPossessionConfiguration
+  );
+  return jwt;
+};
+const guid = () => {
+  const guidHolder = "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx";
+  const hex = "0123456789abcdef";
+  let r = 0;
+  let guidResponse = "";
+  for (let i = 0; i < 36; i++) {
+    if (guidHolder[i] !== "-" && guidHolder[i] !== "4") {
+      r = Math.random() * 16 | 0;
+    }
+    if (guidHolder[i] === "x") {
+      guidResponse += hex[r];
+    } else if (guidHolder[i] === "y") {
+      r &= 3;
+      r |= 8;
+      guidResponse += hex[r];
+    } else {
+      guidResponse += guidHolder[i];
+    }
+  }
+  return guidResponse;
+};
+function textEncodeLite(str) {
+  const buf = new ArrayBuffer(str.length);
+  const bufView = new Uint8Array(buf);
+  for (let i = 0; i < str.length; i++) {
+    bufView[i] = str.charCodeAt(i);
+  }
+  return bufView;
+}
+function base64urlOfHashOfASCIIEncodingAsync(code) {
+  return new Promise((resolve, reject) => {
+    crypto.subtle.digest("SHA-256", textEncodeLite(code)).then(
+      (buffer) => {
+        return resolve(uint8ToUrlBase64(new Uint8Array(buffer)));
+      },
+      (error) => reject(error)
+    );
+  });
+}
+const isDpop = (trustedDomain) => {
+  if (Array.isArray(trustedDomain)) {
+    return false;
+  }
+  return trustedDomain.demonstratingProofOfPossession ?? false;
+};
+const getDpopConfiguration = (trustedDomain) => {
+  if (!isDpop(trustedDomain)) {
+    return null;
+  }
+  if (Array.isArray(trustedDomain)) {
+    return null;
+  }
+  return trustedDomain.demonstratingProofOfPossessionConfiguration ?? defaultDemonstratingProofOfPossessionConfiguration;
+};
+const getDpopOnlyWhenDpopHeaderPresent = (trustedDomain) => {
+  if (!isDpop(trustedDomain)) {
+    return null;
+  }
+  if (Array.isArray(trustedDomain)) {
+    return null;
+  }
+  return trustedDomain.demonstratingProofOfPossessionOnlyWhenDpopHeaderPresent ?? true;
+};
 function normalizeUrl(url) {
   try {
     return new URL(url).toString();
@@ -103,23 +293,16 @@ function countLetter(str, find) {
   return str.split(find).length - 1;
 }
 const parseJwt = (payload) => {
-  return JSON.parse(
-    b64DecodeUnicode(payload.replaceAll(/-/g, "+").replaceAll(/_/g, "/"))
-  );
+  return JSON.parse(b64DecodeUnicode(payload.replaceAll(/-/g, "+").replaceAll(/_/g, "/")));
 };
 function b64DecodeUnicode(str) {
   return decodeURIComponent(
-    Array.prototype.map.call(
-      atob(str),
-      (c) => "%" + ("00" + c.charCodeAt(0).toString(16)).slice(-2)
-    ).join("")
+    Array.prototype.map.call(atob(str), (c) => "%" + ("00" + c.charCodeAt(0).toString(16)).slice(-2)).join("")
   );
 }
 function computeTimeLeft(refreshTimeBeforeTokensExpirationInSecond, expiresAt) {
   const currentTimeUnixSecond = (/* @__PURE__ */ new Date()).getTime() / 1e3;
-  return Math.round(
-    expiresAt - refreshTimeBeforeTokensExpirationInSecond - currentTimeUnixSecond
-  );
+  return Math.round(expiresAt - refreshTimeBeforeTokensExpirationInSecond - currentTimeUnixSecond);
 }
 function isTokensValid(tokens) {
   if (!tokens) {
@@ -146,18 +329,30 @@ const isTokensOidcValid = (tokens, nonce, oidcServerConfiguration) => {
   if (tokens.idTokenPayload) {
     const idTokenPayload = tokens.idTokenPayload;
     if (idTokenPayload && oidcServerConfiguration.issuer !== idTokenPayload.iss) {
-      return { isValid: false, reason: `Issuer does not match (oidcServerConfiguration issuer) ${oidcServerConfiguration.issuer} !== (idTokenPayload issuer) ${idTokenPayload.iss}` };
+      return {
+        isValid: false,
+        reason: `Issuer does not match (oidcServerConfiguration issuer) ${oidcServerConfiguration.issuer} !== (idTokenPayload issuer) ${idTokenPayload.iss}`
+      };
     }
     const currentTimeUnixSecond = (/* @__PURE__ */ new Date()).getTime() / 1e3;
     if (idTokenPayload && idTokenPayload.exp && idTokenPayload.exp < currentTimeUnixSecond) {
-      return { isValid: false, reason: `Token expired at (idTokenPayload exp) ${idTokenPayload.exp} < (currentTimeUnixSecond) ${currentTimeUnixSecond}` };
+      return {
+        isValid: false,
+        reason: `Token expired at (idTokenPayload exp) ${idTokenPayload.exp} < (currentTimeUnixSecond) ${currentTimeUnixSecond}`
+      };
     }
     const timeInSevenDays = 60 * 60 * 24 * 7;
     if (idTokenPayload && idTokenPayload.iat && idTokenPayload.iat + timeInSevenDays < currentTimeUnixSecond) {
-      return { isValid: false, reason: `Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${idTokenPayload.iat + timeInSevenDays} < (currentTimeUnixSecond) ${currentTimeUnixSecond}` };
+      return {
+        isValid: false,
+        reason: `Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${idTokenPayload.iat + timeInSevenDays} < (currentTimeUnixSecond) ${currentTimeUnixSecond}`
+      };
     }
     if (idTokenPayload && nonce && idTokenPayload.nonce && idTokenPayload.nonce !== nonce) {
-      return { isValid: false, reason: `Nonce does not match (nonce) ${nonce} !== (idTokenPayload nonce) ${idTokenPayload.nonce}` };
+      return {
+        isValid: false,
+        reason: `Nonce does not match (nonce) ${nonce} !== (idTokenPayload nonce) ${idTokenPayload.nonce}`
+      };
     }
   }
   return { isValid: true, reason: "" };
@@ -260,11 +455,18 @@ function hideTokens(currentDatabaseElement, currentTabId) {
     }
     const newHeaders = new Headers(response.headers);
     if (response.headers.has(demonstratingProofOfPossessionNonceResponseHeader)) {
-      currentDatabaseElement.demonstratingProofOfPossessionNonce = response.headers.get(demonstratingProofOfPossessionNonceResponseHeader);
+      currentDatabaseElement.demonstratingProofOfPossessionNonce = response.headers.get(
+        demonstratingProofOfPossessionNonceResponseHeader
+      );
       newHeaders.delete(demonstratingProofOfPossessionNonceResponseHeader);
     }
     return response.json().then((tokens) => {
-      const secureTokens = _hideTokens(tokens, currentDatabaseElement, configurationName, currentTabId);
+      const secureTokens = _hideTokens(
+        tokens,
+        currentDatabaseElement,
+        configurationName,
+        currentTabId
+      );
       const body = JSON.stringify(secureTokens);
       return new Response(body, {
         status: response.status,
@@ -274,6 +476,14 @@ function hideTokens(currentDatabaseElement, currentTabId) {
     });
   };
 }
+const getMatchingOidcConfigurations = (database2, url) => {
+  return Object.values(database2).filter((config) => {
+    const { oidcServerConfiguration } = config || {};
+    const { tokenEndpoint, revocationEndpoint } = oidcServerConfiguration || {};
+    const normalizedUrl = normalizeUrl(url);
+    return tokenEndpoint && normalizedUrl.startsWith(normalizeUrl(tokenEndpoint)) || revocationEndpoint && normalizedUrl.startsWith(normalizeUrl(revocationEndpoint));
+  });
+};
 function replaceCodeVerifier(codeVerifier, newCodeVerifier) {
   const regex = /code_verifier=[A-Za-z0-9_-]+/i;
   return codeVerifier.replace(regex, `code_verifier=${newCodeVerifier}`);
@@ -287,194 +497,7 @@ const extractConfigurationNameFromCodeVerifier = (chaine) => {
     return null;
   }
 };
-const version = "7.22.18";
-function strToUint8(str) {
-  return new TextEncoder().encode(str);
-}
-function binToUrlBase64(bin) {
-  return btoa(bin).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+/g, "");
-}
-function utf8ToBinaryString(str) {
-  const escstr = encodeURIComponent(str);
-  return escstr.replace(/%([0-9A-F]{2})/g, function(match, p1) {
-    return String.fromCharCode(parseInt(p1, 16));
-  });
-}
-const uint8ToUrlBase64 = (uint8) => {
-  let bin = "";
-  uint8.forEach(function(code) {
-    bin += String.fromCharCode(code);
-  });
-  return binToUrlBase64(bin);
-};
-function strToUrlBase64(str) {
-  return binToUrlBase64(utf8ToBinaryString(str));
-}
-const defaultDemonstratingProofOfPossessionConfiguration = {
-  importKeyAlgorithm: {
-    name: "ECDSA",
-    namedCurve: "P-256",
-    hash: { name: "ES256" }
-  },
-  signAlgorithm: { name: "ECDSA", hash: { name: "SHA-256" } },
-  generateKeyAlgorithm: {
-    name: "ECDSA",
-    namedCurve: "P-256"
-  },
-  digestAlgorithm: { name: "SHA-256" },
-  jwtHeaderAlgorithm: "ES256"
-};
-const sign = (w) => async (jwk, headers, claims, demonstratingProofOfPossessionConfiguration, jwtHeaderType = "dpop+jwt") => {
-  jwk = Object.assign({}, jwk);
-  headers.typ = jwtHeaderType;
-  headers.alg = demonstratingProofOfPossessionConfiguration.jwtHeaderAlgorithm;
-  switch (headers.alg) {
-    case "ES256":
-      headers.jwk = { kty: jwk.kty, crv: jwk.crv, x: jwk.x, y: jwk.y };
-      break;
-    case "RS256":
-      headers.jwk = { kty: jwk.kty, n: jwk.n, e: jwk.e, kid: headers.kid };
-      break;
-    default:
-      throw new Error("Unknown or not implemented JWS algorithm");
-  }
-  const jws = {
-    // @ts-ignore
-    // JWT "headers" really means JWS "protected headers"
-    protected: strToUrlBase64(JSON.stringify(headers)),
-    // @ts-ignore
-    // JWT "claims" are really a JSON-defined JWS "payload"
-    payload: strToUrlBase64(JSON.stringify(claims))
-  };
-  const keyType = demonstratingProofOfPossessionConfiguration.importKeyAlgorithm;
-  const exportable = true;
-  const privileges = ["sign"];
-  const privateKey = await w.crypto.subtle.importKey("jwk", jwk, keyType, exportable, privileges);
-  const data = strToUint8(`${jws.protected}.${jws.payload}`);
-  const signatureType = demonstratingProofOfPossessionConfiguration.signAlgorithm;
-  const signature = await w.crypto.subtle.sign(signatureType, privateKey, data);
-  jws.signature = uint8ToUrlBase64(new Uint8Array(signature));
-  return `${jws.protected}.${jws.payload}.${jws.signature}`;
-};
-var JWT = { sign };
-const generate = (w) => async (generateKeyAlgorithm) => {
-  const keyType = generateKeyAlgorithm;
-  const exportable = true;
-  const privileges = ["sign", "verify"];
-  const key = await w.crypto.subtle.generateKey(keyType, exportable, privileges);
-  return await w.crypto.subtle.exportKey("jwk", key.privateKey);
-};
-const neuter = (jwk) => {
-  const copy = Object.assign({}, jwk);
-  delete copy.d;
-  copy.key_ops = ["verify"];
-  return copy;
-};
-const EC = {
-  generate,
-  neuter
-};
-const thumbprint = (w) => async (jwk, digestAlgorithm) => {
-  let sortedPub;
-  switch (jwk.kty) {
-    case "EC":
-      sortedPub = '{"crv":"CRV","kty":"EC","x":"X","y":"Y"}'.replace("CRV", jwk.crv).replace("X", jwk.x).replace("Y", jwk.y);
-      break;
-    case "RSA":
-      sortedPub = '{"e":"E","kty":"RSA","n":"N"}'.replace("E", jwk.e).replace("N", jwk.n);
-      break;
-    default:
-      throw new Error("Unknown or not implemented JWK type");
-  }
-  const hash = await w.crypto.subtle.digest(digestAlgorithm, strToUint8(sortedPub));
-  return uint8ToUrlBase64(new Uint8Array(hash));
-};
-var JWK = { thumbprint };
-const generateJwkAsync = (w) => async (generateKeyAlgorithm) => {
-  const jwk = await EC.generate(w)(generateKeyAlgorithm);
-  return jwk;
-};
-const generateJwtDemonstratingProofOfPossessionAsync = (w) => (demonstratingProofOfPossessionConfiguration) => async (jwk, method = "POST", url, extrasClaims = {}) => {
-  const claims = {
-    // https://www.rfc-editor.org/rfc/rfc9449.html#name-concept
-    jti: btoa(guid()),
-    htm: method,
-    htu: url,
-    iat: Math.round(Date.now() / 1e3),
-    ...extrasClaims
-  };
-  const kid = await JWK.thumbprint(w)(jwk, demonstratingProofOfPossessionConfiguration.digestAlgorithm);
-  const jwt = await JWT.sign(w)(jwk, { kid }, claims, demonstratingProofOfPossessionConfiguration);
-  return jwt;
-};
-const guid = () => {
-  const guidHolder = "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx";
-  const hex = "0123456789abcdef";
-  let r = 0;
-  let guidResponse = "";
-  for (let i = 0; i < 36; i++) {
-    if (guidHolder[i] !== "-" && guidHolder[i] !== "4") {
-      r = Math.random() * 16 | 0;
-    }
-    if (guidHolder[i] === "x") {
-      guidResponse += hex[r];
-    } else if (guidHolder[i] === "y") {
-      r &= 3;
-      r |= 8;
-      guidResponse += hex[r];
-    } else {
-      guidResponse += guidHolder[i];
-    }
-  }
-  return guidResponse;
-};
-const isDpop = (trustedDomain) => {
-  if (Array.isArray(trustedDomain)) {
-    return false;
-  }
-  return trustedDomain.demonstratingProofOfPossession ?? false;
-};
-const getDpopConfiguration = (trustedDomain) => {
-  if (!isDpop(trustedDomain)) {
-    return null;
-  }
-  if (Array.isArray(trustedDomain)) {
-    return null;
-  }
-  return trustedDomain.demonstratingProofOfPossessionConfiguration ?? defaultDemonstratingProofOfPossessionConfiguration;
-};
-const getDpopOnlyWhenDpopHeaderPresent = (trustedDomain) => {
-  if (!isDpop(trustedDomain)) {
-    return null;
-  }
-  if (Array.isArray(trustedDomain)) {
-    return null;
-  }
-  return trustedDomain.demonstratingProofOfPossessionOnlyWhenDpopHeaderPresent ?? true;
-};
-function textEncodeLite(str) {
-  const buf = new ArrayBuffer(str.length);
-  const bufView = new Uint8Array(buf);
-  for (let i = 0; i < str.length; i++) {
-    bufView[i] = str.charCodeAt(i);
-  }
-  return bufView;
-}
-function base64urlOfHashOfASCIIEncodingAsync(code) {
-  return new Promise((resolve, reject) => {
-    crypto.subtle.digest("SHA-256", textEncodeLite(code)).then((buffer) => {
-      return resolve(uint8ToUrlBase64(new Uint8Array(buffer)));
-    }, (error) => reject(error));
-  });
-}
-const getMatchingOidcConfigurations = (database2, url) => {
-  return Object.values(database2).filter((config) => {
-    const { oidcServerConfiguration } = config || {};
-    const { tokenEndpoint, revocationEndpoint } = oidcServerConfiguration || {};
-    const normalizedUrl = normalizeUrl(url);
-    return tokenEndpoint && normalizedUrl.startsWith(normalizeUrl(tokenEndpoint)) || revocationEndpoint && normalizedUrl.startsWith(normalizeUrl(revocationEndpoint));
-  });
-};
+const version = "7.22.19";
 if (typeof trustedTypes !== "undefined" && typeof trustedTypes.createPolicy == "function") {
   trustedTypes.createPolicy("default", {
     createScriptURL: function(url) {
@@ -520,7 +543,9 @@ async function generateDpopAsync(originalRequest, currentDatabase, url, extrasCl
   if ((currentDatabase == null ? void 0 : currentDatabase.demonstratingProofOfPossessionConfiguration) && currentDatabase.demonstratingProofOfPossessionJwkJson && (!currentDatabase.demonstratingProofOfPossessionOnlyWhenDpopHeaderPresent || currentDatabase.demonstratingProofOfPossessionOnlyWhenDpopHeaderPresent && headersExtras["dpop"])) {
     const dpopConfiguration = currentDatabase.demonstratingProofOfPossessionConfiguration;
     const jwk = currentDatabase.demonstratingProofOfPossessionJwkJson;
-    headersExtras["dpop"] = await generateJwtDemonstratingProofOfPossessionAsync(self)(dpopConfiguration)(jwk, "POST", url, extrasClaims);
+    headersExtras["dpop"] = await generateJwtDemonstratingProofOfPossessionAsync(self)(
+      dpopConfiguration
+    )(jwk, "POST", url, extrasClaims);
     if (currentDatabase.demonstratingProofOfPossessionNonce != null) {
       headersExtras["nonce"] = currentDatabase.demonstratingProofOfPossessionNonce;
     }
@@ -598,7 +623,9 @@ const handleFetch = async (event) => {
             const currentDb = currentDatabases[i];
             const currentDbTabs = Object.keys(currentDb.state);
             if ((currentDb == null ? void 0 : currentDb.tokens) != null) {
-              const claimsExtras = { ath: await base64urlOfHashOfASCIIEncodingAsync(currentDb.tokens.access_token) };
+              const claimsExtras = {
+                ath: await base64urlOfHashOfASCIIEncodingAsync(currentDb.tokens.access_token)
+              };
               headers = await generateDpopAsync(originalRequest, currentDb, url, claimsExtras);
               for (let j = 0; j < currentDbTabs.length; j++) {
                 const keyRefreshToken = TOKEN.REFRESH_TOKEN + "_" + currentDb.configurationName + "_" + currentDbTabs[j];
@@ -640,29 +667,22 @@ const handleFetch = async (event) => {
             credentials: clonedRequest.credentials,
             integrity: clonedRequest.integrity
           });
-          if (((_a2 = currentDatabase == null ? void 0 : currentDatabase.oidcServerConfiguration) == null ? void 0 : _a2.revocationEndpoint) && url.startsWith(
-            normalizeUrl(
-              currentDatabase.oidcServerConfiguration.revocationEndpoint
-            )
-          )) {
+          if (((_a2 = currentDatabase == null ? void 0 : currentDatabase.oidcServerConfiguration) == null ? void 0 : _a2.revocationEndpoint) && url.startsWith(normalizeUrl(currentDatabase.oidcServerConfiguration.revocationEndpoint))) {
             return fetchPromise.then(async (response2) => {
               const text = await response2.text();
               return new Response(text, response2);
             });
           }
-          return fetchPromise.then(hideTokens(currentDatabase, currentTabId));
+          return fetchPromise.then(
+            hideTokens(currentDatabase, currentTabId)
+          );
         } else if (actualBody.includes("code_verifier=") && extractConfigurationNameFromCodeVerifier(actualBody) != null) {
-          const [currentLoginCallbackConfigurationName, currentLoginCallbackTabId] = extractConfigurationNameFromCodeVerifier(
-            actualBody
-          ) ?? [];
+          const [currentLoginCallbackConfigurationName, currentLoginCallbackTabId] = extractConfigurationNameFromCodeVerifier(actualBody) ?? [];
           currentDatabase = database[currentLoginCallbackConfigurationName];
           let newBody = actualBody;
           const codeVerifier = currentDatabase.codeVerifier[currentLoginCallbackTabId];
           if (codeVerifier != null) {
-            newBody = replaceCodeVerifier(
-              newBody,
-              codeVerifier
-            );
+            newBody = replaceCodeVerifier(newBody, codeVerifier);
           }
           const headersExtras = await generateDpopAsync(originalRequest, currentDatabase, url);
           return fetch(originalRequest, {
@@ -774,13 +794,19 @@ const handleMessage = async (event) => {
       currentDatabase.oidcServerConfiguration = oidcServerConfiguration;
       currentDatabase.oidcConfiguration = data.data.oidcConfiguration;
       if (currentDatabase.demonstratingProofOfPossessionConfiguration == null) {
-        const demonstratingProofOfPossessionConfiguration = getDpopConfiguration(trustedDomains[configurationName]);
+        const demonstratingProofOfPossessionConfiguration = getDpopConfiguration(
+          trustedDomains[configurationName]
+        );
         if (demonstratingProofOfPossessionConfiguration != null) {
           if (currentDatabase.oidcConfiguration.demonstrating_proof_of_possession) {
-            console.warn("In service worker, demonstrating_proof_of_possession must be configured from trustedDomains file");
+            console.warn(
+              "In service worker, demonstrating_proof_of_possession must be configured from trustedDomains file"
+            );
           }
           currentDatabase.demonstratingProofOfPossessionConfiguration = demonstratingProofOfPossessionConfiguration;
-          currentDatabase.demonstratingProofOfPossessionJwkJson = await generateJwkAsync(self)(demonstratingProofOfPossessionConfiguration.generateKeyAlgorithm);
+          currentDatabase.demonstratingProofOfPossessionJwkJson = await generateJwkAsync(self)(
+            demonstratingProofOfPossessionConfiguration.generateKeyAlgorithm
+          );
           currentDatabase.demonstratingProofOfPossessionOnlyWhenDpopHeaderPresent = getDpopOnlyWhenDpopHeaderPresent(trustedDomains[configurationName]) ?? false;
         }
       }