@axa-fr/oidc-client 7.13.7-alpha.1239 → 7.13.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/dist/index.js +69 -59
  2. package/dist/index.umd.cjs +2 -2
  3. package/dist/oidc.d.ts.map +1 -1
  4. package/dist/renewTokens.d.ts.map +1 -1
  5. package/dist/version.d.ts +1 -1
  6. package/dist/version.d.ts.map +1 -1
  7. package/package.json +2 -2
  8. package/src/oidc.ts +0 -1
  9. package/src/renewTokens.ts +13 -4
  10. package/src/version.ts +1 -1
package/dist/index.js CHANGED
@@ -1,4 +1,4 @@
1
- const L = console;
1
+ const D = console;
2
2
  class Ie {
3
3
  constructor(e, n, t, o = 2e3, i = !0) {
4
4
  this._callback = e, this._client_id = n, this._url = t, this._interval = o || 2e3, this._stopOnError = i;
@@ -13,17 +13,17 @@ class Ie {
13
13
  });
14
14
  }
15
15
  _message(e) {
16
- e.origin === this._frame_origin && e.source === this._frame.contentWindow && (e.data === "error" ? (L.error("CheckSessionIFrame: error message from check session op iframe"), this._stopOnError && this.stop()) : e.data === "changed" ? (L.debug(e), L.debug("CheckSessionIFrame: changed message from check session op iframe"), this.stop(), this._callback()) : L.debug("CheckSessionIFrame: " + e.data + " message from check session op iframe"));
16
+ e.origin === this._frame_origin && e.source === this._frame.contentWindow && (e.data === "error" ? (D.error("CheckSessionIFrame: error message from check session op iframe"), this._stopOnError && this.stop()) : e.data === "changed" ? (D.debug(e), D.debug("CheckSessionIFrame: changed message from check session op iframe"), this.stop(), this._callback()) : D.debug("CheckSessionIFrame: " + e.data + " message from check session op iframe"));
17
17
  }
18
18
  start(e) {
19
- L.debug("CheckSessionIFrame.start :" + e), this.stop();
19
+ D.debug("CheckSessionIFrame.start :" + e), this.stop();
20
20
  const n = () => {
21
21
  this._frame.contentWindow.postMessage(this._client_id + " " + e, this._frame_origin);
22
22
  };
23
23
  n(), this._timer = window.setInterval(n, this._interval);
24
24
  }
25
25
  stop() {
26
- this._timer && (L.debug("CheckSessionIFrame.stop"), window.clearInterval(this._timer), this._timer = null);
26
+ this._timer && (D.debug("CheckSessionIFrame.stop"), window.clearInterval(this._timer), this._timer = null);
27
27
  }
28
28
  }
29
29
  const m = {
@@ -152,15 +152,15 @@ const ye = (s, e = null, n) => {
152
152
  issuedAt: s.issued_at
153
153
  };
154
154
  return "refresh_token" in s && (t.refreshToken = s.refresh_token), s.accessTokenPayload !== void 0 && (t.accessTokenPayload = s.accessTokenPayload), s.idTokenPayload !== void 0 && (t.idTokenPayload = s.idTokenPayload), ye(t, e, n);
155
- }, U = (s, e) => {
155
+ }, V = (s, e) => {
156
156
  const n = (/* @__PURE__ */ new Date()).getTime() / 1e3, t = e - n;
157
157
  return Math.round(t - s);
158
- }, z = (s) => s ? U(0, s.expiresAt) > 0 : !1, Le = async (s, e = 200, n = 50) => {
158
+ }, z = (s) => s ? V(0, s.expiresAt) > 0 : !1, Le = async (s, e = 200, n = 50) => {
159
159
  let t = n;
160
160
  if (!s.tokens)
161
161
  return null;
162
162
  for (; !z(s.tokens) && t > 0; )
163
- await $({ milliseconds: e }), t = t - 1;
163
+ await R({ milliseconds: e }), t = t - 1;
164
164
  return {
165
165
  isTokensValid: z(s.tokens),
166
166
  tokens: s.tokens,
@@ -181,7 +181,7 @@ const ye = (s, e = null, n) => {
181
181
  return { isValid: !1, reason: `Nonce does not match (idTokenPayload nonce) ${t.nonce} !== (nonce) ${e}` };
182
182
  }
183
183
  return { isValid: !0, reason: "" };
184
- }, K = function() {
184
+ }, W = function() {
185
185
  const s = function() {
186
186
  let a, u;
187
187
  const f = (function() {
@@ -281,13 +281,13 @@ const ye = (s, e = null, n) => {
281
281
  setInterval: r,
282
282
  clearInterval: c
283
283
  };
284
- }(), ce = "7.13.7-alpha.1239";
284
+ }(), ce = "7.13.7";
285
285
  let le = null, q;
286
- const $ = ({ milliseconds: s }) => new Promise((e) => K.setTimeout(e, s)), ke = (s = "/") => {
286
+ const R = ({ milliseconds: s }) => new Promise((e) => W.setTimeout(e, s)), ke = (s = "/") => {
287
287
  try {
288
288
  q = new AbortController(), fetch(`${s}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`, { signal: q.signal }).catch((t) => {
289
289
  console.log(t);
290
- }), $({ milliseconds: 150 * 1e3 }).then(ke);
290
+ }), R({ milliseconds: 150 * 1e3 }).then(ke);
291
291
  } catch (e) {
292
292
  console.log(e);
293
293
  }
@@ -302,7 +302,7 @@ const $ = ({ milliseconds: s }) => new Promise((e) => K.setTimeout(e, s)), ke =
302
302
  }), Re = (s) => async (e, n) => {
303
303
  n(), await e.update();
304
304
  const t = await e.unregister();
305
- console.log(`Service worker unregistering ${t}`), await $({ milliseconds: 2e3 }), s.reload();
305
+ console.log(`Service worker unregistering ${t}`), await R({ milliseconds: 2e3 }), s.reload();
306
306
  }, b = (s) => (e) => new Promise(function(n, t) {
307
307
  const o = new MessageChannel();
308
308
  o.port1.onmessage = function(i) {
@@ -390,12 +390,23 @@ async function me(s, e, n = !1, t = null) {
390
390
  const o = s.configuration, i = `${o.client_id}_${s.configurationName}_${o.authority}`;
391
391
  let r = null;
392
392
  const c = await E(s.configuration, s.configurationName);
393
- return o.storage === window.sessionStorage && !c ? r = await ue(s, e, n, t) : r = await navigator.locks.request(i, { ifAvailable: !0 }, async (a) => (s.publishEvent("Lock executed", a), await ue(s, e, n, t))), r ? (s.timeoutId && (s.timeoutId = V(s, r.refreshToken, s.tokens.expiresAt, t)), s.tokens) : null;
393
+ if ((o == null ? void 0 : o.storage) === (window == null ? void 0 : window.sessionStorage) && !c)
394
+ r = await ue(s, e, n, t);
395
+ else {
396
+ const a = new AbortController(), u = Math.max(o.token_request_timeout ?? 0, o.silent_login_timeout ?? 0, 2e4), f = W.setTimeout(() => {
397
+ a.abort();
398
+ }, u);
399
+ r = await navigator.locks.request(i, { signal: a.signal }, async () => {
400
+ const d = await ue(s, e, n, t);
401
+ return W.clearTimeout(f), d;
402
+ });
403
+ }
404
+ return r ? (s.timeoutId && (s.timeoutId = M(s, r.refreshToken, s.tokens.expiresAt, t)), s.tokens) : null;
394
405
  }
395
- const V = (s, e, n, t = null) => {
406
+ const M = (s, e, n, t = null) => {
396
407
  const o = s.configuration.refresh_time_before_tokens_expiration_in_second;
397
- return K.setTimeout(async () => {
398
- const r = { timeLeft: U(o, n) };
408
+ return W.setTimeout(async () => {
409
+ const r = { timeLeft: V(o, n) };
399
410
  s.publishEvent(J.eventNames.token_timer, r), await me(s, e, !1, t);
400
411
  }, 1e3);
401
412
  }, te = (s, e, n) => (t = null, o = null, i = null) => {
@@ -440,7 +451,7 @@ const V = (s, e, n, t = null) => {
440
451
  i = { ...i };
441
452
  const c = (u, f, d) => te(e, n, t.bind(o))(u, f, d);
442
453
  return (async () => {
443
- o.timeoutId && K.clearTimeout(o.timeoutId);
454
+ o.timeoutId && W.clearTimeout(o.timeoutId);
444
455
  let u;
445
456
  i && "state" in i && (u = i.state, delete i.state);
446
457
  try {
@@ -449,7 +460,7 @@ const V = (s, e, n, t = null) => {
449
460
  prompt: "none"
450
461
  }, u, r);
451
462
  if (d)
452
- return o.tokens = d.tokens, t(m.token_aquired, {}), o.timeoutId = V(o, o.tokens.refreshToken, o.tokens.expiresAt, i), {};
463
+ return o.tokens = d.tokens, t(m.token_aquired, {}), o.timeoutId = M(o, o.tokens.refreshToken, o.tokens.expiresAt, i), {};
453
464
  } catch (f) {
454
465
  return f;
455
466
  }
@@ -491,14 +502,14 @@ const V = (s, e, n, t = null) => {
491
502
  });
492
503
  };
493
504
  var Ve = Be, C = [], de = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
494
- for (var B = 0, Ke = de.length; B < Ke; ++B)
505
+ for (var B = 0, Me = de.length; B < Me; ++B)
495
506
  C[B] = de[B];
496
- function Me(s) {
507
+ function Ke(s) {
497
508
  return C[s >> 18 & 63] + C[s >> 12 & 63] + C[s >> 6 & 63] + C[s & 63];
498
509
  }
499
510
  function Je(s, e, n) {
500
511
  for (var t, o = [], i = e; i < n; i += 3)
501
- t = (s[i] << 16 & 16711680) + (s[i + 1] << 8 & 65280) + (s[i + 2] & 255), o.push(Me(t));
512
+ t = (s[i] << 16 & 16711680) + (s[i + 1] << 8 & 65280) + (s[i + 2] & 255), o.push(Ke(t));
502
513
  return o.join("");
503
514
  }
504
515
  function Be(s) {
@@ -545,26 +556,26 @@ const Ge = (s) => {
545
556
  return Promise.reject(new Error("Invalid code length."));
546
557
  const { hasSubtleCrypto: e } = pe();
547
558
  return e ? we(s) : Promise.reject(new Error("window.crypto.subtle is unavailable."));
548
- }, D = {}, Xe = (s, e = window.sessionStorage, n) => {
549
- if (!D[s] && e) {
559
+ }, $ = {}, Xe = (s, e = window.sessionStorage, n) => {
560
+ if (!$[s] && e) {
550
561
  const o = e.getItem(s);
551
- o && (D[s] = JSON.parse(o));
562
+ o && ($[s] = JSON.parse(o));
552
563
  }
553
564
  const t = 1e3 * n;
554
- return D[s] && D[s].timestamp + t > Date.now() ? D[s].result : null;
565
+ return $[s] && $[s].timestamp + t > Date.now() ? $[s].result : null;
555
566
  }, Ye = (s, e, n = window.sessionStorage) => {
556
567
  const t = Date.now();
557
- D[s] = { result: e, timestamp: t }, n && n.setItem(s, JSON.stringify({ result: e, timestamp: t }));
568
+ $[s] = { result: e, timestamp: t }, n && n.setItem(s, JSON.stringify({ result: e, timestamp: t }));
558
569
  }, ze = 60 * 60, Qe = (s) => async (e, n = ze, t = window.sessionStorage, o = 1e4) => {
559
570
  const i = `${e}/.well-known/openid-configuration`, r = `oidc.server:${e}`, c = Xe(r, t, n);
560
571
  if (c)
561
572
  return new se(c);
562
- const a = await M(s)(i, {}, o);
573
+ const a = await K(s)(i, {}, o);
563
574
  if (a.status !== 200)
564
575
  return null;
565
576
  const u = await a.json();
566
577
  return Ye(r, u, t), new se(u);
567
- }, M = (s) => async (e, n = {}, t = 1e4, o = 0) => {
578
+ }, K = (s) => async (e, n = {}, t = 1e4, o = 0) => {
568
579
  let i;
569
580
  try {
570
581
  const r = new AbortController();
@@ -572,7 +583,7 @@ const Ge = (s) => {
572
583
  } catch (r) {
573
584
  if (r.name === "AbortError" || r.message === "Network request failed") {
574
585
  if (o <= 1)
575
- return await M(s)(e, n, t, o + 1);
586
+ return await K(s)(e, n, t, o + 1);
576
587
  throw r;
577
588
  } else
578
589
  throw console.error(r.message), r;
@@ -592,7 +603,7 @@ const Ge = (s) => {
592
603
  c.push(`${d}=${l}`);
593
604
  }
594
605
  const a = c.join("&");
595
- return (await M(s)(e, {
606
+ return (await K(s)(e, {
596
607
  method: "POST",
597
608
  headers: {
598
609
  "Content-Type": "application/x-www-form-urlencoded;charset=UTF-8"
@@ -609,7 +620,7 @@ const Ge = (s) => {
609
620
  const y = encodeURIComponent(h), _ = encodeURIComponent(n[h]);
610
621
  a.push(`${y}=${_}`);
611
622
  }
612
- const u = a.join("&"), f = await M(s)(e, {
623
+ const u = a.join("&"), f = await K(s)(e, {
613
624
  method: "POST",
614
625
  headers: {
615
626
  "Content-Type": "application/x-www-form-urlencoded;charset=UTF-8",
@@ -642,7 +653,7 @@ const Ge = (s) => {
642
653
  const l = encodeURIComponent(d), h = encodeURIComponent(n[d]);
643
654
  r.push(`${l}=${h}`);
644
655
  }
645
- const c = r.join("&"), a = await M(fetch)(e, {
656
+ const c = r.join("&"), a = await K(fetch)(e, {
646
657
  method: "POST",
647
658
  headers: {
648
659
  "Content-Type": "application/x-www-form-urlencoded;charset=UTF-8",
@@ -844,20 +855,20 @@ const os = function() {
844
855
  redirect_uri: o
845
856
  }, S = {};
846
857
  if (n.token_request_extras)
847
- for (const [v, W] of Object.entries(n.token_request_extras))
848
- S[v] = W;
858
+ for (const [v, L] of Object.entries(n.token_request_extras))
859
+ S[v] = L;
849
860
  if (y && y.extras)
850
- for (const [v, W] of Object.entries(y.extras))
851
- v.endsWith(":token_request") && (S[v.replace(":token_request", "")] = W);
852
- const T = c.tokenEndpoint, R = {};
861
+ for (const [v, L] of Object.entries(y.extras))
862
+ v.endsWith(":token_request") && (S[v.replace(":token_request", "")] = L);
863
+ const T = c.tokenEndpoint, F = {};
853
864
  if (n.demonstrating_proof_of_possession) {
854
865
  const v = await is();
855
- d ? await d.setDemonstratingProofOfPossessionJwkAsync(v) : await I(s.configurationName, n.storage).setDemonstratingProofOfPossessionJwkAsync(v), R.DPoP = await Oe(v, "POST", T);
866
+ d ? await d.setDemonstratingProofOfPossessionJwkAsync(v) : await I(s.configurationName, n.storage).setDemonstratingProofOfPossessionJwkAsync(v), F.DPoP = await Oe(v, "POST", T);
856
867
  }
857
868
  const p = await ss(l)(
858
869
  T,
859
870
  { ...w, ...S },
860
- R,
871
+ F,
861
872
  s.configuration.token_renew_mode,
862
873
  r
863
874
  );
@@ -894,7 +905,7 @@ const os = function() {
894
905
  access_token: "access_token",
895
906
  refresh_token: "refresh_token"
896
907
  }, cs = (s) => async (e) => {
897
- K.clearTimeout(s.timeoutId), s.timeoutId = null, s.checkSessionIFrame && s.checkSessionIFrame.stop();
908
+ W.clearTimeout(s.timeoutId), s.timeoutId = null, s.checkSessionIFrame && s.checkSessionIFrame.stop();
898
909
  const n = await E(s.configuration, s.configurationName);
899
910
  n ? await n.clearAsync(e) : await I(s.configurationName, s.configuration.storage).clearAsync(e), s.tokens = null, s.userInfo = null;
900
911
  }, ls = (s, e, n, t, o) => async (i = void 0, r = null) => {
@@ -941,7 +952,7 @@ const os = function() {
941
952
  if (s.userInfo != null && !e)
942
953
  return s.userInfo;
943
954
  for (; s.tokens && !z(s.tokens); )
944
- await $({ milliseconds: 200 });
955
+ await R({ milliseconds: 200 });
945
956
  if (!s.tokens)
946
957
  return null;
947
958
  const n = s.tokens.accessToken;
@@ -1064,8 +1075,8 @@ class se {
1064
1075
  }
1065
1076
  const N = {}, gs = (s, e = new G()) => (n, t = "default") => (N[t] || (N[t] = new J(n, t, s, e)), N[t]), ks = async (s) => {
1066
1077
  const { parsedTokens: e, callbackPath: n } = await s.loginCallbackAsync();
1067
- return s.timeoutId = V(s, e.refreshToken, e.expiresAt), { callbackPath: n };
1068
- }, ms = (s) => Math.floor(Math.random() * s), ie = class F {
1078
+ return s.timeoutId = M(s, e.refreshToken, e.expiresAt), { callbackPath: n };
1079
+ }, ms = (s) => Math.floor(Math.random() * s), ie = class U {
1069
1080
  constructor(e, n = "default", t, o = new G()) {
1070
1081
  this.initPromise = null, this.tryKeepExistingSessionPromise = null, this.loginPromise = null, this.loginCallbackPromise = null, this.loginCallbackWithAutoTokensRenewPromise = null, this.userInfoPromise = null, this.renewTokensPromise = null, this.logoutPromise = null;
1071
1082
  let i = e.silent_login_uri;
@@ -1084,8 +1095,7 @@ const N = {}, gs = (s, e = new G()) => (n, t = "default") => (N[t] || (N[t] = ne
1084
1095
  authority_timeout_wellknowurl_in_millisecond: e.authority_timeout_wellknowurl_in_millisecond ?? 1e4,
1085
1096
  logout_tokens_to_invalidate: e.logout_tokens_to_invalidate ?? ["access_token", "refresh_token"],
1086
1097
  service_worker_update_require_callback: c,
1087
- service_worker_activate: e.service_worker_activate ?? _s,
1088
- storage: e.storage ?? sessionStorage
1098
+ service_worker_activate: e.service_worker_activate ?? _s
1089
1099
  }, this.getFetch = t ?? ys, this.configurationName = n, this.tokens = null, this.userInfo = null, this.events = [], this.timeoutId = null, this.synchroniseTokensAsync.bind(this), this.loginCallbackWithAutoTokensRenewAsync.bind(this), this.initAsync.bind(this), this.loginCallbackAsync.bind(this), this.subscribeEvents.bind(this), this.removeEventSubscription.bind(this), this.publishEvent.bind(this), this.destroyAsync.bind(this), this.logoutAsync.bind(this), this.renewTokensAsync.bind(this), this.initAsync(this.configuration.authority, this.configuration.authority_configuration);
1090
1100
  }
1091
1101
  subscribeEvents(e) {
@@ -1161,7 +1171,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1161
1171
  if (i) {
1162
1172
  n.startKeepAliveServiceWorker(), this.tokens = i;
1163
1173
  const r = n.getLoginParams(this.configurationName);
1164
- this.timeoutId = V(this, this.tokens.refreshToken, this.tokens.expiresAt, r.extras);
1174
+ this.timeoutId = M(this, this.tokens.refreshToken, this.tokens.expiresAt, r.extras);
1165
1175
  const c = await n.getSessionStateAsync();
1166
1176
  return await this.startCheckSessionAsync(o.check_session_iframe, t.client_id, c), this.publishEvent(m.tryKeepExistingSessionAsync_end, {
1167
1177
  success: !0,
@@ -1180,7 +1190,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1180
1190
  if (r) {
1181
1191
  this.tokens = ye(r, null, t.token_renew_mode);
1182
1192
  const c = i.getLoginParams();
1183
- this.timeoutId = V(this, r.refreshToken, this.tokens.expiresAt, c.extras);
1193
+ this.timeoutId = M(this, r.refreshToken, this.tokens.expiresAt, c.extras);
1184
1194
  const a = await i.getSessionStateAsync();
1185
1195
  return await this.startCheckSessionAsync(o.check_session_iframe, t.client_id, a), this.publishEvent(m.tryKeepExistingSessionAsync_end, {
1186
1196
  success: !0,
@@ -1209,16 +1219,16 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1209
1219
  return this.loginCallbackPromise;
1210
1220
  const n = async () => {
1211
1221
  const t = await as(this)(e), o = t.tokens;
1212
- return this.tokens = o, await E(this.configuration, this.configurationName) || I(this.configurationName, this.configuration.storage).setTokens(o), this.publishEvent(F.eventNames.token_aquired, o), { parsedTokens: o, state: t.state, callbackPath: t.callbackPath };
1222
+ return this.tokens = o, await E(this.configuration, this.configurationName) || I(this.configurationName, this.configuration.storage).setTokens(o), this.publishEvent(U.eventNames.token_aquired, o), { parsedTokens: o, state: t.state, callbackPath: t.callbackPath };
1213
1223
  };
1214
1224
  return this.loginCallbackPromise = n(), this.loginCallbackPromise.then((t) => (this.loginCallbackPromise = null, t));
1215
1225
  }
1216
1226
  async synchroniseTokensAsync(e, n = 0, t = !1, o = null, i) {
1217
1227
  for (; !navigator.onLine && document.hidden; )
1218
- await $({ milliseconds: 1e3 }), this.publishEvent(m.refreshTokensAsync, { message: "wait because navigator is offline and hidden" });
1228
+ await R({ milliseconds: 1e3 }), this.publishEvent(m.refreshTokensAsync, { message: "wait because navigator is offline and hidden" });
1219
1229
  let r = 6;
1220
1230
  for (; !navigator.onLine && r > 0; )
1221
- await $({ milliseconds: 1e3 }), r--, this.publishEvent(m.refreshTokensAsync, { message: `wait because navigator is offline try ${r}` });
1231
+ await R({ milliseconds: 1e3 }), r--, this.publishEvent(m.refreshTokensAsync, { message: `wait because navigator is offline try ${r}` });
1222
1232
  const a = document.hidden ? n : n + 1;
1223
1233
  o || (o = {});
1224
1234
  const u = this.configuration, f = (l, h, y = null) => te(this.configurationName, this.configuration, this.publishEvent.bind(this))(l, h, y), d = async () => {
@@ -1232,7 +1242,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1232
1242
  prompt: "none"
1233
1243
  }, l.state);
1234
1244
  if (y)
1235
- return i(y.tokens), this.publishEvent(F.eventNames.token_renewed, {}), { tokens: y.tokens, status: "LOGGED" };
1245
+ return i(y.tokens), this.publishEvent(U.eventNames.token_renewed, {}), { tokens: y.tokens, status: "LOGGED" };
1236
1246
  } catch (l) {
1237
1247
  if (console.error(l), this.publishEvent(m.refreshTokensAsync_silent_error, { message: "exceptionSilent", exception: l.message }), l && l.message && l.message.startsWith("oidc"))
1238
1248
  return i(null), this.publishEvent(m.refreshTokensAsync_error, { message: "refresh token silent" }), { tokens: null, status: "SESSION_LOST" };
@@ -1251,7 +1261,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1251
1261
  case "TOKENS_VALID":
1252
1262
  return i(h), { tokens: h, status: "LOGGED_IN" };
1253
1263
  case "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":
1254
- return i(h), this.publishEvent(F.eventNames.token_renewed, { reason: "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" }), { tokens: h, status: "LOGGED_IN" };
1264
+ return i(h), this.publishEvent(U.eventNames.token_renewed, { reason: "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" }), { tokens: h, status: "LOGGED_IN" };
1255
1265
  case "LOGOUT_FROM_ANOTHER_TAB":
1256
1266
  return i(null), this.publishEvent(m.logout_from_another_tab, { status: "session syncTokensAsync" }), { tokens: null, status: "LOGGED_OUT" };
1257
1267
  case "REQUIRE_SYNC_TOKENS":
@@ -1280,14 +1290,14 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1280
1290
  A
1281
1291
  );
1282
1292
  if (P.success) {
1283
- const { isValid: v, reason: W } = ge(P.data, y.nonce, k);
1293
+ const { isValid: v, reason: L } = ge(P.data, y.nonce, k);
1284
1294
  if (!v)
1285
- return i(null), this.publishEvent(m.refreshTokensAsync_error, { message: `refresh token return not valid tokens, reason: ${W}` }), { tokens: null, status: "SESSION_LOST" };
1295
+ return i(null), this.publishEvent(m.refreshTokensAsync_error, { message: `refresh token return not valid tokens, reason: ${L}` }), { tokens: null, status: "SESSION_LOST" };
1286
1296
  if (i(P.data), P.demonstratingProofOfPossessionNonce) {
1287
1297
  const re = await E(u, this.configurationName);
1288
1298
  re ? await re.setDemonstratingProofOfPossessionNonce(P.demonstratingProofOfPossessionNonce) : await I(this.configurationName, u.storage).setDemonstratingProofOfPossessionNonce(P.demonstratingProofOfPossessionNonce);
1289
1299
  }
1290
- return this.publishEvent(m.refreshTokensAsync_end, { success: P.success }), this.publishEvent(F.eventNames.token_renewed, { reason: "REFRESH_TOKEN" }), { tokens: P.data, status: "LOGGED_IN" };
1300
+ return this.publishEvent(m.refreshTokensAsync_end, { success: P.success }), this.publishEvent(U.eventNames.token_renewed, { reason: "REFRESH_TOKEN" }), { tokens: P.data, status: "LOGGED_IN" };
1291
1301
  } else
1292
1302
  return this.publishEvent(m.refreshTokensAsync_silent_error, {
1293
1303
  message: "bad request",
@@ -1326,7 +1336,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1326
1336
  if (!d || !l)
1327
1337
  return { tokens: null, status: "REQUIRE_SYNC_TOKENS", nonce: i };
1328
1338
  if (l.issuedAt !== t.issuedAt) {
1329
- const y = U(e.refresh_time_before_tokens_expiration_in_second, l.expiresAt) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", _ = await a.getNonceAsync();
1339
+ const y = V(e.refresh_time_before_tokens_expiration_in_second, l.expiresAt) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", _ = await a.getNonceAsync();
1330
1340
  return { tokens: l, status: y, nonce: _ };
1331
1341
  }
1332
1342
  r = await a.getNonceAsync();
@@ -1336,14 +1346,14 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1336
1346
  if (h === "SESSIONS_LOST")
1337
1347
  return { tokens: null, status: "SESSIONS_LOST", nonce: i };
1338
1348
  if (l.issuedAt !== t.issuedAt) {
1339
- const _ = U(e.refresh_time_before_tokens_expiration_in_second, l.expiresAt) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", g = await d.getNonceAsync();
1349
+ const _ = V(e.refresh_time_before_tokens_expiration_in_second, l.expiresAt) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", g = await d.getNonceAsync();
1340
1350
  return { tokens: l, status: _, nonce: g };
1341
1351
  }
1342
1352
  } else
1343
1353
  return { tokens: null, status: "LOGOUT_FROM_ANOTHER_TAB", nonce: i };
1344
1354
  r = await d.getNonceAsync();
1345
1355
  }
1346
- const f = U(e.refresh_time_before_tokens_expiration_in_second, t.expiresAt) > 0 ? "TOKENS_VALID" : "TOKENS_INVALID";
1356
+ const f = V(e.refresh_time_before_tokens_expiration_in_second, t.expiresAt) > 0 ? "TOKENS_VALID" : "TOKENS_INVALID";
1347
1357
  return o ? { tokens: t, status: "FORCE_REFRESH", nonce: r } : { tokens: t, status: f, nonce: r };
1348
1358
  }
1349
1359
  loginCallbackWithAutoTokensRenewAsync() {
@@ -1356,7 +1366,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1356
1366
  if (this.renewTokensPromise !== null)
1357
1367
  return this.renewTokensPromise;
1358
1368
  if (this.timeoutId)
1359
- return K.clearTimeout(this.timeoutId), this.renewTokensPromise = me(this, this.tokens.refreshToken, !0, e), this.renewTokensPromise.then((n) => (this.renewTokensPromise = null, n));
1369
+ return W.clearTimeout(this.timeoutId), this.renewTokensPromise = me(this, this.tokens.refreshToken, !0, e), this.renewTokensPromise.then((n) => (this.renewTokensPromise = null, n));
1360
1370
  }
1361
1371
  async destroyAsync(e) {
1362
1372
  return await cs(this)(e);
package/dist/index.umd.cjs CHANGED
@@ -1,2 +1,2 @@
1
- (function(C,H){typeof exports=="object"&&typeof module<"u"?H(exports):typeof define=="function"&&define.amd?define(["exports"],H):(C=typeof globalThis<"u"?globalThis:C||self,H(C["oidc-client"]={}))})(this,function(C){"use strict";const L=console;class Ne{constructor(e,s,t,o=2e3,i=!0){this._callback=e,this._client_id=s,this._url=t,this._interval=o||2e3,this._stopOnError=i;const r=t.indexOf("/",t.indexOf("//")+2);this._frame_origin=t.substr(0,r),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.style.display="none",this._frame.width=0,this._frame.height=0,this._frame.src=t}load(){return new Promise(e=>{this._frame.onload=()=>{e()},window.document.body.appendChild(this._frame),this._boundMessageEvent=this._message.bind(this),window.addEventListener("message",this._boundMessageEvent,!1)})}_message(e){e.origin===this._frame_origin&&e.source===this._frame.contentWindow&&(e.data==="error"?(L.error("CheckSessionIFrame: error message from check session op iframe"),this._stopOnError&&this.stop()):e.data==="changed"?(L.debug(e),L.debug("CheckSessionIFrame: changed message from check session op iframe"),this.stop(),this._callback()):L.debug("CheckSessionIFrame: "+e.data+" message from check session op iframe"))}start(e){L.debug("CheckSessionIFrame.start :"+e),this.stop();const s=()=>{this._frame.contentWindow.postMessage(this._client_id+" "+e,this._frame_origin)};s(),this._timer=window.setInterval(s,this._interval)}stop(){this._timer&&(L.debug("CheckSessionIFrame.stop"),window.clearInterval(this._timer),this._timer=null)}}const m={service_worker_not_supported_by_browser:"service_worker_not_supported_by_browser",token_aquired:"token_aquired",logout_from_another_tab:"logout_from_another_tab",logout_from_same_tab:"logout_from_same_tab",token_renewed:"token_renewed",token_timer:"token_timer",loginAsync_begin:"loginAsync_begin",loginAsync_error:"loginAsync_error",loginCallbackAsync_begin:"loginCallbackAsync_begin",loginCallbackAsync_end:"loginCallbackAsync_end",loginCallbackAsync_error:"loginCallbackAsync_error",refreshTokensAsync_begin:"refreshTokensAsync_begin",refreshTokensAsync:"refreshTokensAsync",refreshTokensAsync_end:"refreshTokensAsync_end",refreshTokensAsync_error:"refreshTokensAsync_error",refreshTokensAsync_silent_error:"refreshTokensAsync_silent_error",tryKeepExistingSessionAsync_begin:"tryKeepExistingSessionAsync_begin",tryKeepExistingSessionAsync_end:"tryKeepExistingSessionAsync_end",tryKeepExistingSessionAsync_error:"tryKeepExistingSessionAsync_error",silentLoginAsync_begin:"silentLoginAsync_begin",silentLoginAsync:"silentLoginAsync",silentLoginAsync_end:"silentLoginAsync_end",silentLoginAsync_error:"silentLoginAsync_error",syncTokensAsync_begin:"syncTokensAsync_begin",syncTokensAsync_end:"syncTokensAsync_end",syncTokensAsync_error:"syncTokensAsync_error"},E=(n,e=sessionStorage)=>{const s=p=>(e[`oidc.${n}`]=JSON.stringify({tokens:null,status:p}),Promise.resolve()),t=async()=>{if(!e[`oidc.${n}`])return e[`oidc.${n}`]=JSON.stringify({tokens:null,status:null}),{tokens:null,status:null};const p=JSON.parse(e[`oidc.${n}`]);return Promise.resolve({tokens:p.tokens,status:p.status})},o=p=>{e[`oidc.${n}`]=JSON.stringify({tokens:p})},i=async p=>{e[`oidc.session_state.${n}`]=p},r=async()=>e[`oidc.session_state.${n}`],c=p=>{e[`oidc.nonce.${n}`]=p.nonce},a=p=>{e[`oidc.jwk.${n}`]=JSON.stringify(p)},u=()=>JSON.parse(e[`oidc.jwk.${n}`]),f=async()=>({nonce:e[`oidc.nonce.${n}`]}),d=async p=>{e[`oidc.dpop_nonce.${n}`]=p},l=()=>e[`oidc.dpop_nonce.${n}`],h=()=>e[`oidc.${n}`]?JSON.stringify({tokens:JSON.parse(e[`oidc.${n}`]).tokens}):null;let y={};return{clearAsync:s,initAsync:t,setTokens:o,getTokens:h,setSessionStateAsync:i,getSessionStateAsync:r,setNonceAsync:c,getNonceAsync:f,setLoginParams:p=>{y[n]=p,e[`oidc.login.${n}`]=JSON.stringify(p)},getLoginParams:()=>{const p=e[`oidc.login.${n}`];return y[n]||(y[n]=JSON.parse(p)),y[n]},getStateAsync:async()=>e[`oidc.state.${n}`],setStateAsync:async p=>{e[`oidc.state.${n}`]=p},getCodeVerifierAsync:async()=>e[`oidc.code_verifier.${n}`],setCodeVerifierAsync:async p=>{e[`oidc.code_verifier.${n}`]=p},setDemonstratingProofOfPossessionNonce:d,getDemonstratingProofOfPossessionNonce:l,setDemonstratingProofOfPossessionJwkAsync:a,getDemonstratingProofOfPossessionJwkAsync:u}},We=n=>decodeURIComponent(Array.prototype.map.call(atob(n),e=>"%"+("00"+e.charCodeAt(0).toString(16)).slice(-2)).join("")),Le=n=>JSON.parse(We(n.split(".")[1].replace("-","+").replace("_","/"))),ce=n=>{try{return n&&De(n,".")===2?Le(n):null}catch(e){console.warn(e)}return null},De=(n,e)=>n.split(e).length-1,G={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"};function $e(n,e,s){if(n.issuedAt){if(typeof n.issuedAt=="string")return parseInt(n.issuedAt,10)}else return e&&e.iat?e.iat:s&&s.iat?s.iat:new Date().getTime()/1e3;return n.issuedAt}const le=(n,e=null,s)=>{if(!n)return null;let t;const o=typeof n.expiresIn=="string"?parseInt(n.expiresIn,10):n.expiresIn;n.accessTokenPayload!==void 0?t=n.accessTokenPayload:t=ce(n.accessToken);const i=n.idTokenPayload?n.idTokenPayload:ce(n.idToken),r=i&&i.exp?i.exp:Number.MAX_VALUE,c=t&&t.exp?t.exp:n.issuedAt+o;n.issuedAt=$e(n,t,i);let a;n.expiresAt?a=n.expiresAt:s===G.access_token_invalid?a=c:s===G.id_token_invalid?a=r:a=r<c?r:c;const u={...n,idTokenPayload:i,accessTokenPayload:t,expiresAt:a};if(e!=null&&"refreshToken"in e&&!("refreshToken"in n)){const f=e.refreshToken;return{...u,refreshToken:f}}return u},Z=(n,e,s)=>{if(!n)return null;if(!n.issued_at){const o=new Date().getTime()/1e3;n.issued_at=o}const t={accessToken:n.access_token,expiresIn:n.expires_in,idToken:n.id_token,scope:n.scope,tokenType:n.token_type,issuedAt:n.issued_at};return"refresh_token"in n&&(t.refreshToken=n.refresh_token),n.accessTokenPayload!==void 0&&(t.accessTokenPayload=n.accessTokenPayload),n.idTokenPayload!==void 0&&(t.idTokenPayload=n.idTokenPayload),le(t,e,s)},F=(n,e)=>{const s=new Date().getTime()/1e3,t=e-s;return Math.round(t-n)},ee=n=>n?F(0,n.expiresAt)>0:!1,Re=async(n,e=200,s=50)=>{let t=s;if(!n.tokens)return null;for(;!ee(n.tokens)&&t>0;)await D({milliseconds:e}),t=t-1;return{isTokensValid:ee(n.tokens),tokens:n.tokens,numberWaited:t-s}},ue=(n,e,s)=>{if(n.idTokenPayload){const t=n.idTokenPayload;if(s.issuer!==t.iss)return{isValid:!1,reason:`Issuer does not match (oidcServerConfiguration issuer) ${s.issuer} !== (idTokenPayload issuer) ${t.iss}`};const o=new Date().getTime()/1e3;if(t.exp&&t.exp<o)return{isValid:!1,reason:`Token expired (idTokenPayload exp) ${t.exp} < (currentTimeUnixSecond) ${o}`};const i=60*60*24*7;if(t.iat&&t.iat+i<o)return{isValid:!1,reason:`Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${t.iat+i} < (currentTimeUnixSecond) ${o}`};if(t.nonce&&t.nonce!==e)return{isValid:!1,reason:`Nonce does not match (idTokenPayload nonce) ${t.nonce} !== (nonce) ${e}`}}return{isValid:!0,reason:""}},U=function(){const n=function(){let a,u;const f=(function(){const l={},h={setTimeout:function(_,g,w){l[g]=setTimeout(function(){_.postMessage(g),l[g]=null},w)},setInterval:function(_,g,w){l[g]=setInterval(function(){_.postMessage(g)},w)},clearTimeout:function(_,g){clearTimeout(l[g]),l[g]=null},clearInterval:function(_,g){clearInterval(l[g]),l[g]=null}};function y(_,g){const w=g.data[0],S=g.data[1],T=g.data[2];h[w]&&h[w](_,S,T)}this.onmessage=function(_){y(self,_)},this.onconnect=function(_){const g=_.ports[0];g.onmessage=function(w){y(g,w)}}}).toString();try{const l=new Blob(["(",f,")()"],{type:"application/javascript"});u=URL.createObjectURL(l)}catch{return null}const d=typeof process>"u";try{if(SharedWorker)return a=new SharedWorker(u),a.port}catch{d&&console.warn("SharedWorker not available")}try{if(Worker)return a=new Worker(u),a}catch{d&&console.warn("Worker not available")}return null}();if(!n){const a=typeof window>"u"?global:window;return{setTimeout:setTimeout.bind(a),clearTimeout:clearTimeout.bind(a),setInterval:setInterval.bind(a),clearInterval:clearInterval.bind(a)}}const e=function(){let a=0;return function(){return a++,a}}(),s={},t={};n.onmessage=function(a){const u=a.data,f=s[u];if(f){f(),s[u]=null;return}const d=t[u];d&&d()};function o(a,u){const f=e();return n.postMessage(["setTimeout",f,u]),s[f]=a,f}function i(a){n.postMessage(["clearTimeout",a]),s[a]=null}function r(a,u){const f=e();return n.postMessage(["setInterval",f,u]),t[f]=a,f}function c(a){n.postMessage(["clearInterval",a]),t[a]=null}return{setTimeout:o,clearTimeout:i,setInterval:r,clearInterval:c}}(),de="7.13.7-alpha.1239";let fe=null,X;const D=({milliseconds:n})=>new Promise(e=>U.setTimeout(e,n)),he=(n="/")=>{try{X=new AbortController,fetch(`${n}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`,{signal:X.signal}).catch(t=>{console.log(t)}),D({milliseconds:150*1e3}).then(he)}catch(e){console.log(e)}},Fe=()=>{X&&X.abort()},Ue=(n="/")=>fetch(`${n}OidcKeepAliveServiceWorker.json`,{headers:{"oidc-vanilla":"true"}}).then(e=>e.statusText==="oidc-service-worker").catch(e=>{console.log(e)}),Ve=n=>async(e,s)=>{s(),await e.update();const t=await e.unregister();console.log(`Service worker unregistering ${t}`),await D({milliseconds:2e3}),n.reload()},b=n=>e=>new Promise(function(s,t){const o=new MessageChannel;o.port1.onmessage=function(i){i.data&&i.data.error?t(i.data.error):s(i.data)},n.active.postMessage(e,[o.port2])}),I=async(n,e)=>{const s=n.service_worker_relative_url;if(typeof window>"u"||typeof navigator>"u"||!navigator.serviceWorker||!s||n.service_worker_activate()===!1)return null;let t=null;n.register?t=await n.service_worker_register(s):t=await navigator.serviceWorker.register(s);try{await navigator.serviceWorker.ready,navigator.serviceWorker.controller||await b(t)({type:"claim"})}catch{return null}const o=async k=>b(t)({type:"clear",data:{status:k},configurationName:e}),i=async(k,A,O)=>{const W=await b(t)({type:"init",data:{oidcServerConfiguration:k,where:A,oidcConfiguration:{token_renew_mode:O.token_renew_mode,service_worker_convert_all_requests_to_cors:O.service_worker_convert_all_requests_to_cors}},configurationName:e}),P=W.version;return P!==de&&(console.warn(`Service worker ${P} version mismatch with js client version ${de}, unregistering and reloading`),await O.service_worker_update_require_callback(t,Fe)),{tokens:Z(W.tokens,null,O.token_renew_mode),status:W.status}},r=(k="/")=>{fe==null&&(fe="not_null",he(k))},c=k=>b(t)({type:"setSessionState",data:{sessionState:k},configurationName:e}),a=async()=>(await b(t)({type:"getSessionState",data:null,configurationName:e})).sessionState,u=k=>(sessionStorage[`oidc.nonce.${e}`]=k.nonce,b(t)({type:"setNonce",data:{nonce:k},configurationName:e})),f=async()=>{let A=(await b(t)({type:"getNonce",data:null,configurationName:e})).nonce;return A||(A=sessionStorage[`oidc.nonce.${e}`],console.warn("nonce not found in service worker, using sessionStorage")),{nonce:A}};let d={};return{clearAsync:o,initAsync:i,startKeepAliveServiceWorker:()=>r(n.service_worker_keep_alive_path),isServiceWorkerProxyActiveAsync:()=>Ue(n.service_worker_keep_alive_path),setSessionStateAsync:c,getSessionStateAsync:a,setNonceAsync:u,getNonceAsync:f,setLoginParams:k=>{d[e]=k,localStorage[`oidc.login.${e}`]=JSON.stringify(k)},getLoginParams:()=>{const k=localStorage[`oidc.login.${e}`];return d[e]||(d[e]=JSON.parse(k)),d[e]},getStateAsync:async()=>{let A=(await b(t)({type:"getState",data:null,configurationName:e})).state;return A||(A=sessionStorage[`oidc.state.${e}`],console.warn("state not found in service worker, using sessionStorage")),A},setStateAsync:async k=>(sessionStorage[`oidc.state.${e}`]=k,b(t)({type:"setState",data:{state:k},configurationName:e})),getCodeVerifierAsync:async()=>{let A=(await b(t)({type:"getCodeVerifier",data:null,configurationName:e})).codeVerifier;return A||(A=sessionStorage[`oidc.code_verifier.${e}`],console.warn("codeVerifier not found in service worker, using sessionStorage")),A},setCodeVerifierAsync:async k=>(sessionStorage[`oidc.code_verifier.${e}`]=k,b(t)({type:"setCodeVerifier",data:{codeVerifier:k},configurationName:e})),setDemonstratingProofOfPossessionNonce:async k=>{await b(t)({type:"setDemonstratingProofOfPossessionNonce",data:{demonstratingProofOfPossessionNonce:k},configurationName:e})},getDemonstratingProofOfPossessionNonce:async()=>(await b(t)({type:"getDemonstratingProofOfPossessionNonce",data:null,configurationName:e})).demonstratingProofOfPossessionNonce,setDemonstratingProofOfPossessionJwkAsync:async k=>{const A=JSON.stringify(k);b(t)({type:"setDemonstratingProofOfPossessionJwk",data:{demonstratingProofOfPossessionJwkJson:A},configurationName:e})},getDemonstratingProofOfPossessionJwkAsync:async()=>{const k=await b(t)({type:"getDemonstratingProofOfPossessionJwk",data:null,configurationName:e});return k.demonstratingProofOfPossessionJwkJson?JSON.parse(k.demonstratingProofOfPossessionJwkJson):null}}};async function _e(n,e,s,t){const o=a=>{n.tokens=a},{tokens:i,status:r}=await n.synchroniseTokensAsync(e,0,s,t,o);return await I(n.configuration,n.configurationName)||await E(n.configurationName,n.configuration.storage).setTokens(n.tokens),n.tokens?i:(await n.destroyAsync(r),null)}async function ye(n,e,s=!1,t=null){const o=n.configuration,i=`${o.client_id}_${n.configurationName}_${o.authority}`;let r=null;const c=await I(n.configuration,n.configurationName);return o.storage===window.sessionStorage&&!c?r=await _e(n,e,s,t):r=await navigator.locks.request(i,{ifAvailable:!0},async a=>(n.publishEvent("Lock executed",a),await _e(n,e,s,t))),r?(n.timeoutId&&(n.timeoutId=V(n,r.refreshToken,n.tokens.expiresAt,t)),n.tokens):null}const V=(n,e,s,t=null)=>{const o=n.configuration.refresh_time_before_tokens_expiration_in_second;return U.setTimeout(async()=>{const r={timeLeft:F(o,s)};n.publishEvent(B.eventNames.token_timer,r),await ye(n,e,!1,t)},1e3)},ne=(n,e,s)=>(t=null,o=null,i=null)=>{if(!e.silent_redirect_uri||!e.silent_login_uri)return Promise.resolve(null);try{s(m.silentLoginAsync_begin,{});let r="";if(o&&(t==null&&(t={}),t.state=o),i&&(t==null&&(t={}),t.scope=i),t!=null)for(const[d,l]of Object.entries(t))r===""?r=`?${encodeURIComponent(d)}=${encodeURIComponent(l)}`:r+=`&${encodeURIComponent(d)}=${encodeURIComponent(l)}`;const c=e.silent_login_uri+r,a=c.indexOf("/",c.indexOf("//")+2),u=c.substr(0,a),f=document.createElement("iframe");return f.width="0px",f.height="0px",f.id=`${n}_oidc_iframe`,f.setAttribute("src",c),document.body.appendChild(f),new Promise((d,l)=>{try{let h=!1;window.onmessage=_=>{if(_.origin===u&&_.source===f.contentWindow){const g=`${n}_oidc_tokens:`,w=`${n}_oidc_error:`,S=_.data;if(S&&typeof S=="string"&&!h){if(S.startsWith(g)){const T=JSON.parse(_.data.replace(g,""));s(m.silentLoginAsync_end,{}),f.remove(),h=!0,d(T)}else if(S.startsWith(w)){const T=JSON.parse(_.data.replace(w,""));s(m.silentLoginAsync_error,T),f.remove(),h=!0,l(new Error("oidc_"+T.error))}}}};const y=e.silent_login_timeout;setTimeout(()=>{h||(s(m.silentLoginAsync_error,{reason:"timeout"}),f.remove(),h=!0,l(new Error("timeout")))},y)}catch(h){f.remove(),s(m.silentLoginAsync_error,h),l(h)}})}catch(r){throw s(m.silentLoginAsync_error,r),r}},Me=(n,e,s,t,o)=>(i=null,r=void 0)=>{i={...i};const c=(u,f,d)=>ne(e,s,t.bind(o))(u,f,d);return(async()=>{o.timeoutId&&U.clearTimeout(o.timeoutId);let u;i&&"state"in i&&(u=i.state,delete i.state);try{const f=s.extras?{...s.extras,...i}:i,d=await c({...f,prompt:"none"},u,r);if(d)return o.tokens=d.tokens,t(m.token_aquired,{}),o.timeoutId=V(o,o.tokens.refreshToken,o.tokens.expiresAt,i),{}}catch(f){return f}})()},Ke=(n,e,s)=>(t,o,i,r=!1)=>{const c=(a,u=void 0,f=void 0)=>ne(n.configurationName,s,n.publishEvent.bind(n))(a,u,f);return new Promise((a,u)=>{if(s.silent_login_uri&&s.silent_redirect_uri&&s.monitor_session&&t&&i&&!r){const f=()=>{n.checkSessionIFrame.stop();const d=n.tokens;if(d===null)return;const l=d.idToken,h=d.idTokenPayload;return c({prompt:"none",id_token_hint:l,scope:s.scope||"openid"}).then(y=>{const _=y.tokens.idTokenPayload;if(h.sub===_.sub){const g=y.sessionState;n.checkSessionIFrame.start(y.sessionState),h.sid===_.sid?console.debug("SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",g):console.debug("SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:",g)}else console.debug("SessionMonitor._callback: Different subject signed into OP:",_.sub)}).catch(async y=>{console.warn("SessionMonitor._callback: Silent login failed, logging out other tabs:",y);for(const[_,g]of Object.entries(e))await g.logoutOtherTabAsync(s.client_id,h.sub)})};n.checkSessionIFrame=new Ne(f,o,t),n.checkSessionIFrame.load().then(()=>{n.checkSessionIFrame.start(i),a(n.checkSessionIFrame)}).catch(d=>{u(d)})}else a(null)})};for(var Je=He,x=[],ge="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",Y=0,Be=ge.length;Y<Be;++Y)x[Y]=ge[Y];function je(n){return x[n>>18&63]+x[n>>12&63]+x[n>>6&63]+x[n&63]}function qe(n,e,s){for(var t,o=[],i=e;i<s;i+=3)t=(n[i]<<16&16711680)+(n[i+1]<<8&65280)+(n[i+2]&255),o.push(je(t));return o.join("")}function He(n){for(var e,s=n.length,t=s%3,o=[],i=16383,r=0,c=s-t;r<c;r+=i)o.push(qe(n,r,r+i>c?c:r+i));return t===1?(e=n[s-1],o.push(x[e>>2]+x[e<<4&63]+"==")):t===2&&(e=(n[s-2]<<8)+n[s-1],o.push(x[e>>10]+x[e>>4&63]+x[e<<2&63]+"=")),o.join("")}const ke=()=>{const n=typeof window<"u"&&!!window.crypto,e=n&&!!window.crypto.subtle;return{hasCrypto:n,hasSubtleCrypto:e}},se="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",Ge=n=>{const e=[];for(let s=0;s<n.byteLength;s+=1){const t=n[s]%se.length;e.push(se[t])}return e.join("")},Xe=n=>Je(new Uint8Array(n)).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,""),te=n=>{const e=new Uint8Array(n),{hasCrypto:s}=ke();if(s)window.crypto.getRandomValues(e);else for(let t=0;t<n;t+=1)e[t]=Math.random()*se.length|0;return Ge(e)};function Ye(n){const e=new ArrayBuffer(n.length),s=new Uint8Array(e);for(let t=0;t<n.length;t++)s[t]=n.charCodeAt(t);return s}function me(n){return new Promise((e,s)=>{crypto.subtle.digest("SHA-256",Ye(n)).then(t=>e(Xe(new Uint8Array(t))),t=>s(t))})}const ze=n=>{if(n.length<43||n.length>128)return Promise.reject(new Error("Invalid code length."));const{hasSubtleCrypto:e}=ke();return e?me(n):Promise.reject(new Error("window.crypto.subtle is unavailable."))},$={},Qe=(n,e=window.sessionStorage,s)=>{if(!$[n]&&e){const o=e.getItem(n);o&&($[n]=JSON.parse(o))}const t=1e3*s;return $[n]&&$[n].timestamp+t>Date.now()?$[n].result:null},Ze=(n,e,s=window.sessionStorage)=>{const t=Date.now();$[n]={result:e,timestamp:t},s&&s.setItem(n,JSON.stringify({result:e,timestamp:t}))},en=60*60,nn=n=>async(e,s=en,t=window.sessionStorage,o=1e4)=>{const i=`${e}/.well-known/openid-configuration`,r=`oidc.server:${e}`,c=Qe(r,t,s);if(c)return new re(c);const a=await M(n)(i,{},o);if(a.status!==200)return null;const u=await a.json();return Ze(r,u,t),new re(u)},M=n=>async(e,s={},t=1e4,o=0)=>{let i;try{const r=new AbortController;setTimeout(()=>r.abort(),t),i=await n(e,{...s,signal:r.signal})}catch(r){if(r.name==="AbortError"||r.message==="Network request failed"){if(o<=1)return await M(n)(e,s,t,o+1);throw r}else throw console.error(r.message),r}return i},oe={refresh_token:"refresh_token",access_token:"access_token"},pe=n=>async(e,s,t=oe.refresh_token,o,i=1e4)=>{const r={token:s,token_type_hint:t,client_id:o},c=[];for(const f in r){const d=encodeURIComponent(f),l=encodeURIComponent(r[f]);c.push(`${d}=${l}`)}const a=c.join("&");return(await M(n)(e,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:a},i)).status!==200?{success:!1}:{success:!0}},sn=n=>async(e,s,t,o,i={},r,c=1e4)=>{for(const[h,y]of Object.entries(t))s[h]===void 0&&(s[h]=y);const a=[];for(const h in s){const y=encodeURIComponent(h),_=encodeURIComponent(s[h]);a.push(`${y}=${_}`)}const u=a.join("&"),f=await M(n)(e,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...i},body:u},c);if(f.status!==200)return{success:!1,status:f.status,demonstratingProofOfPossessionNonce:null};const d=await f.json();let l=null;return f.headers.has(z)&&(l=f.headers.get(z)),{success:!0,data:Z(d,o,r),demonstratingProofOfPossessionNonce:l}},tn=(n,e)=>async(s,t)=>{t=t?{...t}:{};const o=te(128),i=await ze(o);await n.setCodeVerifierAsync(o),await n.setStateAsync(t.state),t.code_challenge=i,t.code_challenge_method="S256";let r="";if(t)for(const[c,a]of Object.entries(t))r===""?r+="?":r+="&",r+=`${c}=${encodeURIComponent(a)}`;e.open(`${s}${r}`)},z="DPoP-Nonce",on=n=>async(e,s,t,o,i=1e4)=>{s=s?{...s}:{},s.code_verifier=await n.getCodeVerifierAsync();const r=[];for(const d in s){const l=encodeURIComponent(d),h=encodeURIComponent(s[d]);r.push(`${l}=${h}`)}const c=r.join("&"),a=await M(fetch)(e,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...t},body:c},i);if(await Promise.all([n.setCodeVerifierAsync(null),n.setStateAsync(null)]),a.status!==200)return{success:!1,status:a.status};let u=null;a.headers.has(z)&&(u=a.headers.get(z));const f=await a.json();return{success:!0,data:{state:s.state,tokens:Z(f,null,o),demonstratingProofOfPossessionNonce:u}}},we=n=>{const e=n.match(/^([a-z][\w-]+\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/);if(!e)throw new Error("Invalid URL");let s=e[6],t=e[7];if(t){const o=t.split("?");o.length===2&&(t=o[0],s=o[1])}return s.startsWith("?")&&(s=s.slice(1)),e&&{href:n,protocol:e[1],host:e[2],hostname:e[3],port:e[4],path:e[5],search:s,hash:t}},rn=n=>{const e=we(n);let{path:s}=e;s.endsWith("/")&&(s=s.slice(0,-1));let{hash:t}=e;return t==="#_=_"&&(t=""),t&&(s+=t),s},K=n=>{const e=we(n),{search:s}=e;return an(s)},an=n=>{const e={};let s,t,o;const i=n.split("&");for(t=0,o=i.length;t<o;t++)s=i[t].split("="),e[decodeURIComponent(s[0])]=decodeURIComponent(s[1]);return e};function Ae(n){return new TextEncoder().encode(n)}function Se(n){return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+/g,"")}function cn(n){return encodeURIComponent(n).replace(/%([0-9A-F]{2})/g,function(t,o){return String.fromCharCode(parseInt(o,16))})}function ve(n){let e="";return n.forEach(function(s){e+=String.fromCharCode(s)}),Se(e)}function Te(n){return Se(cn(n))}var be={};be.sign=(n,e,s,t="dpop+jwt")=>{n=Object.assign({},n),e.typ=t,e.alg="ES256",e.kid||(e.jwk={kty:n.kty,crv:n.crv,x:n.x,y:n.y});const o={protected:Te(JSON.stringify(e)),payload:Te(JSON.stringify(s))},i={name:"ECDSA",namedCurve:"P-256",hash:{name:"ES256"}},r=!0,c=["sign"];return window.crypto.subtle.importKey("jwk",n,i,r,c).then(function(a){const u=Ae(o.protected+"."+o.payload),f={name:"ECDSA",hash:{name:"SHA-256"}};return window.crypto.subtle.sign(f,a,u).then(function(d){return o.signature=ve(new Uint8Array(d)),o.protected+"."+o.payload+"."+o.signature})})};const ie={};ie.generate=function(){const n={name:"ECDSA",namedCurve:"P-256"},e=!0,s=["sign","verify"];return window.crypto.subtle.generateKey(n,e,s).then(function(t){return window.crypto.subtle.exportKey("jwk",t.privateKey)})},ie.neuter=function(n){const e=Object.assign({},n);return delete e.d,e.key_ops=["verify"],e};var Pe={};Pe.thumbprint=function(n){const e='{"crv":"CRV","kty":"EC","x":"X","y":"Y"}'.replace("CRV",n.crv).replace("X",n.x).replace("Y",n.y);return window.crypto.subtle.digest({name:"SHA-256"},Ae(e)).then(function(s){return ve(new Uint8Array(s))})};const ln=function(){const n="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx",e="0123456789abcdef";let s=0,t="";for(let o=0;o<36;o++)n[o]!=="-"&&n[o]!=="4"&&(s=Math.random()*16|0),n[o]==="x"?t+=e[s]:n[o]==="y"?(s&=3,s|=8,t+=e[s]):t+=n[o];return t},un=()=>ie.generate().then(function(n){return n}),Oe=(n,e="POST",s,t={})=>{const o={jit:btoa(ln()),htm:e,htu:s,iat:Math.round(Date.now()/1e3),...t};return Pe.thumbprint(n).then(function(i){return be.sign(n,{},o).then(function(r){return r})})},dn=(n,e,s,t,o)=>(i=void 0,r=null,c=!1,a=void 0)=>{const u=r;return r={...r},(async()=>{const d=i||o.getPath();if("state"in r||(r.state=te(16)),s(m.loginAsync_begin,{}),r)for(const l of Object.keys(r))l.endsWith(":token_request")&&delete r[l];try{const l=c?e.silent_redirect_uri:e.redirect_uri;a||(a=e.scope);const h=e.extras?{...e.extras,...r}:r;h.nonce||(h.nonce=te(12));const y={nonce:h.nonce},_=await I(e,n),g=await t(e.authority,e.authority_configuration);let w;if(_)_.setLoginParams({callbackPath:d,extras:u}),await _.initAsync(g,"loginAsync",e),await _.setNonceAsync(y),_.startKeepAliveServiceWorker(),w=_;else{const T=E(n,e.storage??sessionStorage);T.setLoginParams({callbackPath:d,extras:u}),await T.setNonceAsync(y),w=T}const S={client_id:e.client_id,redirect_uri:l,scope:a,response_type:"code",...h};await tn(w,o)(g.authorizationEndpoint,S)}catch(l){throw s(m.loginAsync_error,l),l}})()},fn=n=>async(e=!1)=>{try{n.publishEvent(m.loginCallbackAsync_begin,{});const s=n.configuration,t=s.client_id,o=e?s.silent_redirect_uri:s.redirect_uri,i=s.authority,r=s.token_request_timeout,c=await n.initAsync(i,s.authority_configuration),a=n.location.getCurrentHref(),f=K(a).session_state,d=await I(s,n.configurationName);let l,h,y,_;if(d)await d.initAsync(c,"loginCallbackAsync",s),await d.setSessionStateAsync(f),h=await d.getNonceAsync(),y=d.getLoginParams(),_=await d.getStateAsync(),d.startKeepAliveServiceWorker(),l=d;else{const v=E(n.configurationName,s.storage??sessionStorage);await v.setSessionStateAsync(f),h=await v.getNonceAsync(),y=v.getLoginParams(),_=await v.getStateAsync(),l=v}const g=K(a);if(g.iss&&g.iss!==c.issuer)throw console.error(),new Error(`issuer not valid (expected: ${c.issuer}, received: ${g.iss})`);if(g.state&&g.state!==_)throw new Error(`state not valid (expected: ${_}, received: ${g.state})`);const w={code:g.code,grant_type:"authorization_code",client_id:s.client_id,redirect_uri:o},S={};if(s.token_request_extras)for(const[v,R]of Object.entries(s.token_request_extras))S[v]=R;if(y&&y.extras)for(const[v,R]of Object.entries(y.extras))v.endsWith(":token_request")&&(S[v.replace(":token_request","")]=R);const T=c.tokenEndpoint,j={};if(s.demonstrating_proof_of_possession){const v=await un();d?await d.setDemonstratingProofOfPossessionJwkAsync(v):await E(n.configurationName,s.storage).setDemonstratingProofOfPossessionJwkAsync(v),j.DPoP=await Oe(v,"POST",T)}const p=await on(l)(T,{...w,...S},j,n.configuration.token_renew_mode,r);if(!p.success)throw new Error("Token request failed");let k;const A=p.data.tokens,O=p.data.demonstratingProofOfPossessionNonce;if(p.data.state!==S.state)throw new Error("state is not valid");const{isValid:W,reason:P}=ue(A,h.nonce,c);if(!W)throw new Error(`Tokens are not OpenID valid, reason: ${P}`);if(d){if(A.refreshToken&&!A.refreshToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Refresh token should be hidden by service worker");if(O&&A.accessToken&&A.accessToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Demonstration of proof of possession require Access token not hidden by service worker")}if(d)await d.initAsync(o,"syncTokensAsync",s),k=d.getLoginParams(),O&&await d.setDemonstratingProofOfPossessionNonce(O);else{const v=E(n.configurationName,s.storage);k=v.getLoginParams(),O&&await v.setDemonstratingProofOfPossessionNonce(O)}return await n.startCheckSessionAsync(c.checkSessionIframe,t,f,e),n.publishEvent(m.loginCallbackAsync_end,{}),{tokens:A,state:"request.state",callbackPath:k.callbackPath}}catch(s){throw console.error(s),n.publishEvent(m.loginCallbackAsync_error,s),s}},Ee={access_token:"access_token",refresh_token:"refresh_token"},hn=n=>async e=>{U.clearTimeout(n.timeoutId),n.timeoutId=null,n.checkSessionIFrame&&n.checkSessionIFrame.stop();const s=await I(n.configuration,n.configurationName);s?await s.clearAsync(e):await E(n.configurationName,n.configuration.storage).clearAsync(e),n.tokens=null,n.userInfo=null},_n=(n,e,s,t,o)=>async(i=void 0,r=null)=>{const c=n.configuration,a=await n.initAsync(c.authority,c.authority_configuration);i&&typeof i!="string"&&(i=void 0,t.warn("callbackPathOrUrl path is not a string"));const u=i??o.getPath();let f=!1;i&&(f=i.includes("https://")||i.includes("http://"));const d=f?i:o.getOrigin()+u,l=n.tokens?n.tokens.idToken:"";try{const y=a.revocationEndpoint;if(y){const _=[],g=n.tokens?n.tokens.accessToken:null;if(g&&c.logout_tokens_to_invalidate.includes(Ee.access_token)){const S=pe(s)(y,g,oe.access_token,c.client_id);_.push(S)}const w=n.tokens?n.tokens.refreshToken:null;if(w&&c.logout_tokens_to_invalidate.includes(Ee.refresh_token)){const S=pe(s)(y,w,oe.refresh_token,c.client_id);_.push(S)}_.length>0&&await Promise.all(_)}}catch(y){t.warn("logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error"),t.warn(y)}const h=n.tokens&&n.tokens.idTokenPayload?n.tokens.idTokenPayload.sub:null;await n.destroyAsync("LOGGED_OUT");for(const[y,_]of Object.entries(e))_!==n&&await n.logoutSameTabAsync(n.configuration.client_id,h);if(a.endSessionEndpoint){r||(r={id_token_hint:l},i!==null&&(r.post_logout_redirect_uri=d));let y="";if(r)for(const[_,g]of Object.entries(r))y===""?y+="?":y+="&",y+=`${_}=${encodeURIComponent(g)}`;o.open(`${a.endSessionEndpoint}${y}`)}else o.reload()},yn=n=>async(e=!1)=>{if(n.userInfo!=null&&!e)return n.userInfo;for(;n.tokens&&!ee(n.tokens);)await D({milliseconds:200});if(!n.tokens)return null;const s=n.tokens.accessToken;if(!s)return null;const t=n.configuration,i=(await n.initAsync(t.authority,t.authority_configuration)).userInfoEndpoint,c=await(async a=>{const u=await fetch(i,{headers:{authorization:`Bearer ${a}`}});return u.status!==200?null:u.json()})(s);return n.userInfo=c,c};class J{open(e){window.open(e,"_self")}reload(){window.location.reload()}getCurrentHref(){return window.location.href}getPath(){const e=window.location;return e.pathname+(e.search||"")+(e.hash||"")}getOrigin(){return window.origin}}const gn=n=>!!(n.os==="iOS"&&n.osVersion.startsWith("12")||n.os==="Mac OS X"&&n.osVersion.startsWith("10_15_6")),kn=n=>{const e=n.appVersion,s=n.userAgent,t="-";let o=t;const i=[{s:"Windows 10",r:/(Windows 10.0|Windows NT 10.0)/},{s:"Windows 8.1",r:/(Windows 8.1|Windows NT 6.3)/},{s:"Windows 8",r:/(Windows 8|Windows NT 6.2)/},{s:"Windows 7",r:/(Windows 7|Windows NT 6.1)/},{s:"Windows Vista",r:/Windows NT 6.0/},{s:"Windows Server 2003",r:/Windows NT 5.2/},{s:"Windows XP",r:/(Windows NT 5.1|Windows XP)/},{s:"Windows 2000",r:/(Windows NT 5.0|Windows 2000)/},{s:"Windows ME",r:/(Win 9x 4.90|Windows ME)/},{s:"Windows 98",r:/(Windows 98|Win98)/},{s:"Windows 95",r:/(Windows 95|Win95|Windows_95)/},{s:"Windows NT 4.0",r:/(Windows NT 4.0|WinNT4.0|WinNT|Windows NT)/},{s:"Windows CE",r:/Windows CE/},{s:"Windows 3.11",r:/Win16/},{s:"Android",r:/Android/},{s:"Open BSD",r:/OpenBSD/},{s:"Sun OS",r:/SunOS/},{s:"Chrome OS",r:/CrOS/},{s:"Linux",r:/(Linux|X11(?!.*CrOS))/},{s:"iOS",r:/(iPhone|iPad|iPod)/},{s:"Mac OS X",r:/Mac OS X/},{s:"Mac OS",r:/(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/},{s:"QNX",r:/QNX/},{s:"UNIX",r:/UNIX/},{s:"BeOS",r:/BeOS/},{s:"OS/2",r:/OS\/2/},{s:"Search Bot",r:/(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/}];for(const c in i){const a=i[c];if(a.r.test(s)){o=a.s;break}}let r=t;switch(/Windows/.test(o)&&(r=/Windows (.*)/.exec(o)[1],o="Windows"),o){case"Mac OS":case"Mac OS X":case"Android":r=/(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(s)[1];break;case"iOS":{const c=/OS (\d+)_(\d+)_?(\d+)?/.exec(e);r=c[1]+"."+c[2]+"."+(parseInt(c[3])|0);break}}return{os:o,osVersion:r}};function mn(){const n=navigator.userAgent;let e,s=n.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i)||[];if(/trident/i.test(s[1]))return e=/\brv[ :]+(\d+)/g.exec(n)||[],{name:"ie",version:e[1]||""};if(s[1]==="Chrome"&&(e=n.match(/\bOPR|Edge\/(\d+)/),e!=null)){let t=e[1];if(!t){const o=n.split(e[0]+"/");o.length>1&&(t=o[1])}return{name:"opera",version:t}}return s=s[2]?[s[1],s[2]]:[navigator.appName,navigator.appVersion,"-?"],(e=n.match(/version\/(\d+)/i))!=null&&s.splice(1,1,e[1]),{name:s[0].toLowerCase(),version:s[1]}}const pn=()=>{const{name:n,version:e}=mn();if(n==="chrome"&&parseInt(e)<=70||n==="opera"&&(!e||parseInt(e.split(".")[0])<80)||n==="ie")return!1;const s=kn(navigator);return!gn(s)},Ie=()=>fetch;class re{constructor(e){this.authorizationEndpoint=e.authorization_endpoint,this.tokenEndpoint=e.token_endpoint,this.revocationEndpoint=e.revocation_endpoint,this.userInfoEndpoint=e.userinfo_endpoint,this.checkSessionIframe=e.check_session_iframe,this.issuer=e.issuer,this.endSessionEndpoint=e.end_session_endpoint}}const N={},wn=(n,e=new J)=>(s,t="default")=>(N[t]||(N[t]=new B(s,t,n,e)),N[t]),An=async n=>{const{parsedTokens:e,callbackPath:s}=await n.loginCallbackAsync();return n.timeoutId=V(n,e.refreshToken,e.expiresAt),{callbackPath:s}},Sn=n=>Math.floor(Math.random()*n),ae=class q{constructor(e,s="default",t,o=new J){this.initPromise=null,this.tryKeepExistingSessionPromise=null,this.loginPromise=null,this.loginCallbackPromise=null,this.loginCallbackWithAutoTokensRenewPromise=null,this.userInfoPromise=null,this.renewTokensPromise=null,this.logoutPromise=null;let i=e.silent_login_uri;e.silent_redirect_uri&&!e.silent_login_uri&&(i=`${e.silent_redirect_uri.replace("-callback","").replace("callback","")}-login`);let r=e.refresh_time_before_tokens_expiration_in_second??120;r>60&&(r=r-Math.floor(Math.random()*40)),this.location=o??new J;const c=e.service_worker_update_require_callback??Ve(this.location);this.configuration={...e,silent_login_uri:i,monitor_session:e.monitor_session??!1,refresh_time_before_tokens_expiration_in_second:r,silent_login_timeout:e.silent_login_timeout??12e3,token_renew_mode:e.token_renew_mode??G.access_token_or_id_token_invalid,demonstrating_proof_of_possession:e.demonstrating_proof_of_possession??!1,authority_timeout_wellknowurl_in_millisecond:e.authority_timeout_wellknowurl_in_millisecond??1e4,logout_tokens_to_invalidate:e.logout_tokens_to_invalidate??["access_token","refresh_token"],service_worker_update_require_callback:c,service_worker_activate:e.service_worker_activate??pn,storage:e.storage??sessionStorage},this.getFetch=t??Ie,this.configurationName=s,this.tokens=null,this.userInfo=null,this.events=[],this.timeoutId=null,this.synchroniseTokensAsync.bind(this),this.loginCallbackWithAutoTokensRenewAsync.bind(this),this.initAsync.bind(this),this.loginCallbackAsync.bind(this),this.subscribeEvents.bind(this),this.removeEventSubscription.bind(this),this.publishEvent.bind(this),this.destroyAsync.bind(this),this.logoutAsync.bind(this),this.renewTokensAsync.bind(this),this.initAsync(this.configuration.authority,this.configuration.authority_configuration)}subscribeEvents(e){const s=Sn(9999999999999).toString();return this.events.push({id:s,func:e}),s}removeEventSubscription(e){const s=this.events.filter(t=>t.id!==e);this.events=s}publishEvent(e,s){this.events.forEach(t=>{t.func(e,s)})}static get(e="default"){const s=typeof process>"u";if(!Object.prototype.hasOwnProperty.call(N,e)&&s)throw Error(`OIDC library does seem initialized.
2
- Please checkout that you are using OIDC hook inside a <OidcProvider configurationName="${e}"></OidcProvider> compoment.`);return N[e]}_silentLoginCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const e=this.location,s=K(e.getCurrentHref());window.parent.postMessage(`${this.configurationName}_oidc_tokens:${JSON.stringify({tokens:this.tokens,sessionState:s.session_state})}`,e.getOrigin())}}_silentLoginErrorCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const e=this.location,s=K(e.getCurrentHref());window.parent.postMessage(`${this.configurationName}_oidc_error:${JSON.stringify({error:s.error})}`,e.getOrigin())}}async silentLoginCallbackAsync(){try{await this.loginCallbackAsync(!0),this._silentLoginCallbackFromIFrame()}catch(e){console.error(e),this._silentLoginErrorCallbackFromIFrame()}}async initAsync(e,s){if(this.initPromise!==null)return this.initPromise;const t=async()=>{if(s!=null)return new re({authorization_endpoint:s.authorization_endpoint,end_session_endpoint:s.end_session_endpoint,revocation_endpoint:s.revocation_endpoint,token_endpoint:s.token_endpoint,userinfo_endpoint:s.userinfo_endpoint,check_session_iframe:s.check_session_iframe,issuer:s.issuer});const i=await I(this.configuration,this.configurationName)?window.localStorage:null;return await nn(this.getFetch())(e,this.configuration.authority_time_cache_wellknowurl_in_second??60*60,i,this.configuration.authority_timeout_wellknowurl_in_millisecond)};return this.initPromise=t(),this.initPromise.then(o=>(this.initPromise=null,o))}async tryKeepExistingSessionAsync(){if(this.tryKeepExistingSessionPromise!==null)return this.tryKeepExistingSessionPromise;const e=async()=>{let s;if(this.tokens!=null)return!1;this.publishEvent(m.tryKeepExistingSessionAsync_begin,{});try{const t=this.configuration,o=await this.initAsync(t.authority,t.authority_configuration);if(s=await I(t,this.configurationName),s){const{tokens:i}=await s.initAsync(o,"tryKeepExistingSessionAsync",t);if(i){s.startKeepAliveServiceWorker(),this.tokens=i;const r=s.getLoginParams(this.configurationName);this.timeoutId=V(this,this.tokens.refreshToken,this.tokens.expiresAt,r.extras);const c=await s.getSessionStateAsync();return await this.startCheckSessionAsync(o.check_session_iframe,t.client_id,c),this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside ServiceWorker are valid"}),!0}this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:"no exiting session found"})}else{t.service_worker_relative_url&&this.publishEvent(m.service_worker_not_supported_by_browser,{message:"service worker is not supported by this browser"});const i=E(this.configurationName,t.storage??sessionStorage),{tokens:r}=await i.initAsync();if(r){this.tokens=le(r,null,t.token_renew_mode);const c=i.getLoginParams();this.timeoutId=V(this,r.refreshToken,this.tokens.expiresAt,c.extras);const a=await i.getSessionStateAsync();return await this.startCheckSessionAsync(o.check_session_iframe,t.client_id,a),this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside storage are valid"}),!0}}return this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:s?"service worker sessions not retrieved":"session storage sessions not retrieved"}),!1}catch(t){return console.error(t),s&&await s.clearAsync(),this.publishEvent(m.tryKeepExistingSessionAsync_error,"tokens inside ServiceWorker are invalid"),!1}};return this.tryKeepExistingSessionPromise=e(),this.tryKeepExistingSessionPromise.then(s=>(this.tryKeepExistingSessionPromise=null,s))}async startCheckSessionAsync(e,s,t,o=!1){await Ke(this,N,this.configuration)(e,s,t,o)}async loginAsync(e=void 0,s=null,t=!1,o=void 0,i=!1){return this.loginPromise!==null?this.loginPromise:i?Me(window,this.configurationName,this.configuration,this.publishEvent.bind(this),this)(s,o):(this.loginPromise=dn(this.configurationName,this.configuration,this.publishEvent.bind(this),this.initAsync.bind(this),this.location)(e,s,t,o),this.loginPromise.then(r=>(this.loginPromise=null,r)))}async loginCallbackAsync(e=!1){if(this.loginCallbackPromise!==null)return this.loginCallbackPromise;const s=async()=>{const t=await fn(this)(e),o=t.tokens;return this.tokens=o,await I(this.configuration,this.configurationName)||E(this.configurationName,this.configuration.storage).setTokens(o),this.publishEvent(q.eventNames.token_aquired,o),{parsedTokens:o,state:t.state,callbackPath:t.callbackPath}};return this.loginCallbackPromise=s(),this.loginCallbackPromise.then(t=>(this.loginCallbackPromise=null,t))}async synchroniseTokensAsync(e,s=0,t=!1,o=null,i){for(;!navigator.onLine&&document.hidden;)await D({milliseconds:1e3}),this.publishEvent(m.refreshTokensAsync,{message:"wait because navigator is offline and hidden"});let r=6;for(;!navigator.onLine&&r>0;)await D({milliseconds:1e3}),r--,this.publishEvent(m.refreshTokensAsync,{message:`wait because navigator is offline try ${r}`});const a=document.hidden?s:s+1;o||(o={});const u=this.configuration,f=(l,h,y=null)=>ne(this.configurationName,this.configuration,this.publishEvent.bind(this))(l,h,y),d=async()=>{try{let l;const h=await I(u,this.configurationName);h?l=h.getLoginParams():l=E(this.configurationName,u.storage).getLoginParams();const y=await f({...l.extras,...o,prompt:"none"},l.state);if(y)return i(y.tokens),this.publishEvent(q.eventNames.token_renewed,{}),{tokens:y.tokens,status:"LOGGED"}}catch(l){if(console.error(l),this.publishEvent(m.refreshTokensAsync_silent_error,{message:"exceptionSilent",exception:l.message}),l&&l.message&&l.message.startsWith("oidc"))return i(null),this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent"}),{tokens:null,status:"SESSION_LOST"}}return this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent return"}),await this.synchroniseTokensAsync(null,a,t,o,i)};if(s>4)return i(null),this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token"}),{tokens:null,status:"SESSION_LOST"};try{const{status:l,tokens:h,nonce:y}=await this.syncTokensInfoAsync(u,this.configurationName,this.tokens,t);switch(l){case"SESSION_LOST":return i(null),this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token session lost"}),{tokens:null,status:"SESSION_LOST"};case"NOT_CONNECTED":return i(null),{tokens:null,status:null};case"TOKENS_VALID":return i(h),{tokens:h,status:"LOGGED_IN"};case"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":return i(h),this.publishEvent(q.eventNames.token_renewed,{reason:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID"}),{tokens:h,status:"LOGGED_IN"};case"LOGOUT_FROM_ANOTHER_TAB":return i(null),this.publishEvent(m.logout_from_another_tab,{status:"session syncTokensAsync"}),{tokens:null,status:"LOGGED_OUT"};case"REQUIRE_SYNC_TOKENS":return this.publishEvent(m.refreshTokensAsync_begin,{refreshToken:e,status:l,tryNumber:s}),await d();default:{if(this.publishEvent(m.refreshTokensAsync_begin,{refreshToken:e,status:l,tryNumber:s}),!e)return await d();const _=u.client_id,g=u.redirect_uri,w=u.authority,T={...u.token_request_extras?u.token_request_extras:{}};for(const[p,k]of Object.entries(o))p.endsWith(":token_request")&&(T[p.replace(":token_request","")]=k);return await(async()=>{const p={client_id:_,redirect_uri:g,grant_type:"refresh_token",refresh_token:h.refreshToken},k=await this.initAsync(w,u.authority_configuration),A=document.hidden?1e4:3e4*10,O=k.tokenEndpoint,W={};u.demonstrating_proof_of_possession&&(W.DPoP=await this.generateDemonstrationOfProofOfPossessionAsync(h.accessToken,O,"POST"));const P=await sn(this.getFetch())(O,p,T,h,W,u.token_renew_mode,A);if(P.success){const{isValid:v,reason:R}=ue(P.data,y.nonce,k);if(!v)return i(null),this.publishEvent(m.refreshTokensAsync_error,{message:`refresh token return not valid tokens, reason: ${R}`}),{tokens:null,status:"SESSION_LOST"};if(i(P.data),P.demonstratingProofOfPossessionNonce){const Ce=await I(u,this.configurationName);Ce?await Ce.setDemonstratingProofOfPossessionNonce(P.demonstratingProofOfPossessionNonce):await E(this.configurationName,u.storage).setDemonstratingProofOfPossessionNonce(P.demonstratingProofOfPossessionNonce)}return this.publishEvent(m.refreshTokensAsync_end,{success:P.success}),this.publishEvent(q.eventNames.token_renewed,{reason:"REFRESH_TOKEN"}),{tokens:P.data,status:"LOGGED_IN"}}else return this.publishEvent(m.refreshTokensAsync_silent_error,{message:"bad request",tokenResponse:P}),await this.synchroniseTokensAsync(e,a,t,o,i)})()}}}catch(l){return console.error(l),this.publishEvent(m.refreshTokensAsync_silent_error,{message:"exception",exception:l.message}),this.synchroniseTokensAsync(e,a,t,o,i)}}async generateDemonstrationOfProofOfPossessionAsync(e,s,t){const o=this.configuration,i={ath:await me(e)},r=await I(o,this.configurationName);let c=null,a;if(r)c=await r.getDemonstratingProofOfPossessionNonce(),a=await r.getDemonstratingProofOfPossessionJwkAsync();else{const u=E(this.configurationName,o.storage);a=await u.getDemonstratingProofOfPossessionJwkAsync(),c=await u.getDemonstratingProofOfPossessionNonce()}return c&&(i.nonce=c),await Oe(a,t,s,i)}async syncTokensInfoAsync(e,s,t,o=!1){const i={nonce:null};if(!t)return{tokens:null,status:"NOT_CONNECTED",nonce:i};let r=i;const c=await this.initAsync(e.authority,e.authority_configuration),a=await I(e,s);if(a){const{status:d,tokens:l}=await a.initAsync(c,"syncTokensAsync",e);if(d==="LOGGED_OUT")return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};if(d==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(!d||!l)return{tokens:null,status:"REQUIRE_SYNC_TOKENS",nonce:i};if(l.issuedAt!==t.issuedAt){const y=F(e.refresh_time_before_tokens_expiration_in_second,l.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",_=await a.getNonceAsync();return{tokens:l,status:y,nonce:_}}r=await a.getNonceAsync()}else{const d=E(s,e.storage??sessionStorage),{tokens:l,status:h}=await d.initAsync();if(l){if(h==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(l.issuedAt!==t.issuedAt){const _=F(e.refresh_time_before_tokens_expiration_in_second,l.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",g=await d.getNonceAsync();return{tokens:l,status:_,nonce:g}}}else return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};r=await d.getNonceAsync()}const f=F(e.refresh_time_before_tokens_expiration_in_second,t.expiresAt)>0?"TOKENS_VALID":"TOKENS_INVALID";return o?{tokens:t,status:"FORCE_REFRESH",nonce:r}:{tokens:t,status:f,nonce:r}}loginCallbackWithAutoTokensRenewAsync(){return this.loginCallbackWithAutoTokensRenewPromise!==null?this.loginCallbackWithAutoTokensRenewPromise:(this.loginCallbackWithAutoTokensRenewPromise=An(this),this.loginCallbackWithAutoTokensRenewPromise.then(e=>(this.loginCallbackWithAutoTokensRenewPromise=null,e)))}userInfoAsync(e=!1){return this.userInfoPromise!==null?this.userInfoPromise:(this.userInfoPromise=yn(this)(e),this.userInfoPromise.then(s=>(this.userInfoPromise=null,s)))}async renewTokensAsync(e=null){if(this.renewTokensPromise!==null)return this.renewTokensPromise;if(this.timeoutId)return U.clearTimeout(this.timeoutId),this.renewTokensPromise=ye(this,this.tokens.refreshToken,!0,e),this.renewTokensPromise.then(s=>(this.renewTokensPromise=null,s))}async destroyAsync(e){return await hn(this)(e)}async logoutSameTabAsync(e,s){this.configuration.monitor_session&&this.configuration.client_id===e&&s&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===s&&(this.publishEvent(m.logout_from_same_tab,{message:s}),await this.destroyAsync("LOGGED_OUT"))}async logoutOtherTabAsync(e,s){this.configuration.monitor_session&&this.configuration.client_id===e&&s&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===s&&(await this.destroyAsync("LOGGED_OUT"),this.publishEvent(m.logout_from_another_tab,{message:"SessionMonitor",sub:s}))}async logoutAsync(e=void 0,s=null){return this.logoutPromise?this.logoutPromise:(this.logoutPromise=_n(this,N,this.getFetch(),console,this.location)(e,s),this.logoutPromise.then(t=>(this.logoutPromise=null,t)))}};ae.getOrCreate=(n,e)=>(s,t="default")=>wn(n,e)(s,t),ae.eventNames=m;let B=ae;const vn=(n,e)=>async(...s)=>{var l;const[t,o,...i]=s,r=o?{...o}:{method:"GET"};let c=new Headers;r.headers&&(c=r.headers instanceof Headers?r.headers:new Headers(r.headers));const a=e,u=await a.getValidTokenAsync(),f=(l=u==null?void 0:u.tokens)==null?void 0:l.accessToken;if(c.has("Accept")||c.set("Accept","application/json"),f){if(a.configuration.demonstrating_proof_of_possession){const h=await a.generateDemonstrationOfProofOfPossessionAsync(f,t.toString(),r.method);c.set("Authorization",`PoP ${f}`),c.set("DPoP",h)}else c.set("Authorization",`Bearer ${f}`);r.credentials||(r.credentials="same-origin")}const d={...r,headers:c};return await n(t,d,...i)},Q=class xe{constructor(e){this._oidc=e}subscribeEvents(e){return this._oidc.subscribeEvents(e)}removeEventSubscription(e){this._oidc.removeEventSubscription(e)}publishEvent(e,s){this._oidc.publishEvent(e,s)}static get(e="default"){return new xe(B.get(e))}tryKeepExistingSessionAsync(){return this._oidc.tryKeepExistingSessionAsync()}loginAsync(e=void 0,s=null,t=!1,o=void 0,i=!1){return this._oidc.loginAsync(e,s,t,o,i)}logoutAsync(e=void 0,s=null){return this._oidc.logoutAsync(e,s)}silentLoginCallbackAsync(){return this._oidc.silentLoginCallbackAsync()}renewTokensAsync(e=null){return this._oidc.renewTokensAsync(e)}loginCallbackAsync(){return this._oidc.loginCallbackWithAutoTokensRenewAsync()}get tokens(){return this._oidc.tokens}get configuration(){return this._oidc.configuration}async generateDemonstrationOfProofOfPossessionAsync(e,s,t){return this._oidc.generateDemonstrationOfProofOfPossessionAsync(e,s,t)}async getValidTokenAsync(e=200,s=50){return Re(this._oidc,e,s)}fetchWithTokens(e){return vn(e,this)}async userInfoAsync(e=!1){return this._oidc.userInfoAsync(e)}};Q.getOrCreate=(n,e=new J)=>(s,t="default")=>new Q(B.getOrCreate(n,e)(s,t)),Q.eventNames=B.eventNames;let Tn=Q;C.OidcClient=Tn,C.OidcLocation=J,C.TokenRenewMode=G,C.getFetchDefault=Ie,C.getParseQueryStringFromLocation=K,C.getPath=rn,Object.defineProperty(C,Symbol.toStringTag,{value:"Module"})});
1
+ (function(C,H){typeof exports=="object"&&typeof module<"u"?H(exports):typeof define=="function"&&define.amd?define(["exports"],H):(C=typeof globalThis<"u"?globalThis:C||self,H(C["oidc-client"]={}))})(this,function(C){"use strict";const D=console;class Ne{constructor(e,s,t,o=2e3,i=!0){this._callback=e,this._client_id=s,this._url=t,this._interval=o||2e3,this._stopOnError=i;const r=t.indexOf("/",t.indexOf("//")+2);this._frame_origin=t.substr(0,r),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.style.display="none",this._frame.width=0,this._frame.height=0,this._frame.src=t}load(){return new Promise(e=>{this._frame.onload=()=>{e()},window.document.body.appendChild(this._frame),this._boundMessageEvent=this._message.bind(this),window.addEventListener("message",this._boundMessageEvent,!1)})}_message(e){e.origin===this._frame_origin&&e.source===this._frame.contentWindow&&(e.data==="error"?(D.error("CheckSessionIFrame: error message from check session op iframe"),this._stopOnError&&this.stop()):e.data==="changed"?(D.debug(e),D.debug("CheckSessionIFrame: changed message from check session op iframe"),this.stop(),this._callback()):D.debug("CheckSessionIFrame: "+e.data+" message from check session op iframe"))}start(e){D.debug("CheckSessionIFrame.start :"+e),this.stop();const s=()=>{this._frame.contentWindow.postMessage(this._client_id+" "+e,this._frame_origin)};s(),this._timer=window.setInterval(s,this._interval)}stop(){this._timer&&(D.debug("CheckSessionIFrame.stop"),window.clearInterval(this._timer),this._timer=null)}}const m={service_worker_not_supported_by_browser:"service_worker_not_supported_by_browser",token_aquired:"token_aquired",logout_from_another_tab:"logout_from_another_tab",logout_from_same_tab:"logout_from_same_tab",token_renewed:"token_renewed",token_timer:"token_timer",loginAsync_begin:"loginAsync_begin",loginAsync_error:"loginAsync_error",loginCallbackAsync_begin:"loginCallbackAsync_begin",loginCallbackAsync_end:"loginCallbackAsync_end",loginCallbackAsync_error:"loginCallbackAsync_error",refreshTokensAsync_begin:"refreshTokensAsync_begin",refreshTokensAsync:"refreshTokensAsync",refreshTokensAsync_end:"refreshTokensAsync_end",refreshTokensAsync_error:"refreshTokensAsync_error",refreshTokensAsync_silent_error:"refreshTokensAsync_silent_error",tryKeepExistingSessionAsync_begin:"tryKeepExistingSessionAsync_begin",tryKeepExistingSessionAsync_end:"tryKeepExistingSessionAsync_end",tryKeepExistingSessionAsync_error:"tryKeepExistingSessionAsync_error",silentLoginAsync_begin:"silentLoginAsync_begin",silentLoginAsync:"silentLoginAsync",silentLoginAsync_end:"silentLoginAsync_end",silentLoginAsync_error:"silentLoginAsync_error",syncTokensAsync_begin:"syncTokensAsync_begin",syncTokensAsync_end:"syncTokensAsync_end",syncTokensAsync_error:"syncTokensAsync_error"},E=(n,e=sessionStorage)=>{const s=p=>(e[`oidc.${n}`]=JSON.stringify({tokens:null,status:p}),Promise.resolve()),t=async()=>{if(!e[`oidc.${n}`])return e[`oidc.${n}`]=JSON.stringify({tokens:null,status:null}),{tokens:null,status:null};const p=JSON.parse(e[`oidc.${n}`]);return Promise.resolve({tokens:p.tokens,status:p.status})},o=p=>{e[`oidc.${n}`]=JSON.stringify({tokens:p})},i=async p=>{e[`oidc.session_state.${n}`]=p},r=async()=>e[`oidc.session_state.${n}`],c=p=>{e[`oidc.nonce.${n}`]=p.nonce},a=p=>{e[`oidc.jwk.${n}`]=JSON.stringify(p)},u=()=>JSON.parse(e[`oidc.jwk.${n}`]),f=async()=>({nonce:e[`oidc.nonce.${n}`]}),d=async p=>{e[`oidc.dpop_nonce.${n}`]=p},l=()=>e[`oidc.dpop_nonce.${n}`],h=()=>e[`oidc.${n}`]?JSON.stringify({tokens:JSON.parse(e[`oidc.${n}`]).tokens}):null;let y={};return{clearAsync:s,initAsync:t,setTokens:o,getTokens:h,setSessionStateAsync:i,getSessionStateAsync:r,setNonceAsync:c,getNonceAsync:f,setLoginParams:p=>{y[n]=p,e[`oidc.login.${n}`]=JSON.stringify(p)},getLoginParams:()=>{const p=e[`oidc.login.${n}`];return y[n]||(y[n]=JSON.parse(p)),y[n]},getStateAsync:async()=>e[`oidc.state.${n}`],setStateAsync:async p=>{e[`oidc.state.${n}`]=p},getCodeVerifierAsync:async()=>e[`oidc.code_verifier.${n}`],setCodeVerifierAsync:async p=>{e[`oidc.code_verifier.${n}`]=p},setDemonstratingProofOfPossessionNonce:d,getDemonstratingProofOfPossessionNonce:l,setDemonstratingProofOfPossessionJwkAsync:a,getDemonstratingProofOfPossessionJwkAsync:u}},We=n=>decodeURIComponent(Array.prototype.map.call(atob(n),e=>"%"+("00"+e.charCodeAt(0).toString(16)).slice(-2)).join("")),Le=n=>JSON.parse(We(n.split(".")[1].replace("-","+").replace("_","/"))),ce=n=>{try{return n&&De(n,".")===2?Le(n):null}catch(e){console.warn(e)}return null},De=(n,e)=>n.split(e).length-1,G={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"};function $e(n,e,s){if(n.issuedAt){if(typeof n.issuedAt=="string")return parseInt(n.issuedAt,10)}else return e&&e.iat?e.iat:s&&s.iat?s.iat:new Date().getTime()/1e3;return n.issuedAt}const le=(n,e=null,s)=>{if(!n)return null;let t;const o=typeof n.expiresIn=="string"?parseInt(n.expiresIn,10):n.expiresIn;n.accessTokenPayload!==void 0?t=n.accessTokenPayload:t=ce(n.accessToken);const i=n.idTokenPayload?n.idTokenPayload:ce(n.idToken),r=i&&i.exp?i.exp:Number.MAX_VALUE,c=t&&t.exp?t.exp:n.issuedAt+o;n.issuedAt=$e(n,t,i);let a;n.expiresAt?a=n.expiresAt:s===G.access_token_invalid?a=c:s===G.id_token_invalid?a=r:a=r<c?r:c;const u={...n,idTokenPayload:i,accessTokenPayload:t,expiresAt:a};if(e!=null&&"refreshToken"in e&&!("refreshToken"in n)){const f=e.refreshToken;return{...u,refreshToken:f}}return u},Z=(n,e,s)=>{if(!n)return null;if(!n.issued_at){const o=new Date().getTime()/1e3;n.issued_at=o}const t={accessToken:n.access_token,expiresIn:n.expires_in,idToken:n.id_token,scope:n.scope,tokenType:n.token_type,issuedAt:n.issued_at};return"refresh_token"in n&&(t.refreshToken=n.refresh_token),n.accessTokenPayload!==void 0&&(t.accessTokenPayload=n.accessTokenPayload),n.idTokenPayload!==void 0&&(t.idTokenPayload=n.idTokenPayload),le(t,e,s)},U=(n,e)=>{const s=new Date().getTime()/1e3,t=e-s;return Math.round(t-n)},ee=n=>n?U(0,n.expiresAt)>0:!1,Re=async(n,e=200,s=50)=>{let t=s;if(!n.tokens)return null;for(;!ee(n.tokens)&&t>0;)await $({milliseconds:e}),t=t-1;return{isTokensValid:ee(n.tokens),tokens:n.tokens,numberWaited:t-s}},ue=(n,e,s)=>{if(n.idTokenPayload){const t=n.idTokenPayload;if(s.issuer!==t.iss)return{isValid:!1,reason:`Issuer does not match (oidcServerConfiguration issuer) ${s.issuer} !== (idTokenPayload issuer) ${t.iss}`};const o=new Date().getTime()/1e3;if(t.exp&&t.exp<o)return{isValid:!1,reason:`Token expired (idTokenPayload exp) ${t.exp} < (currentTimeUnixSecond) ${o}`};const i=60*60*24*7;if(t.iat&&t.iat+i<o)return{isValid:!1,reason:`Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${t.iat+i} < (currentTimeUnixSecond) ${o}`};if(t.nonce&&t.nonce!==e)return{isValid:!1,reason:`Nonce does not match (idTokenPayload nonce) ${t.nonce} !== (nonce) ${e}`}}return{isValid:!0,reason:""}},L=function(){const n=function(){let a,u;const f=(function(){const l={},h={setTimeout:function(_,g,w){l[g]=setTimeout(function(){_.postMessage(g),l[g]=null},w)},setInterval:function(_,g,w){l[g]=setInterval(function(){_.postMessage(g)},w)},clearTimeout:function(_,g){clearTimeout(l[g]),l[g]=null},clearInterval:function(_,g){clearInterval(l[g]),l[g]=null}};function y(_,g){const w=g.data[0],S=g.data[1],T=g.data[2];h[w]&&h[w](_,S,T)}this.onmessage=function(_){y(self,_)},this.onconnect=function(_){const g=_.ports[0];g.onmessage=function(w){y(g,w)}}}).toString();try{const l=new Blob(["(",f,")()"],{type:"application/javascript"});u=URL.createObjectURL(l)}catch{return null}const d=typeof process>"u";try{if(SharedWorker)return a=new SharedWorker(u),a.port}catch{d&&console.warn("SharedWorker not available")}try{if(Worker)return a=new Worker(u),a}catch{d&&console.warn("Worker not available")}return null}();if(!n){const a=typeof window>"u"?global:window;return{setTimeout:setTimeout.bind(a),clearTimeout:clearTimeout.bind(a),setInterval:setInterval.bind(a),clearInterval:clearInterval.bind(a)}}const e=function(){let a=0;return function(){return a++,a}}(),s={},t={};n.onmessage=function(a){const u=a.data,f=s[u];if(f){f(),s[u]=null;return}const d=t[u];d&&d()};function o(a,u){const f=e();return n.postMessage(["setTimeout",f,u]),s[f]=a,f}function i(a){n.postMessage(["clearTimeout",a]),s[a]=null}function r(a,u){const f=e();return n.postMessage(["setInterval",f,u]),t[f]=a,f}function c(a){n.postMessage(["clearInterval",a]),t[a]=null}return{setTimeout:o,clearTimeout:i,setInterval:r,clearInterval:c}}(),de="7.13.7";let fe=null,X;const $=({milliseconds:n})=>new Promise(e=>L.setTimeout(e,n)),he=(n="/")=>{try{X=new AbortController,fetch(`${n}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`,{signal:X.signal}).catch(t=>{console.log(t)}),$({milliseconds:150*1e3}).then(he)}catch(e){console.log(e)}},Fe=()=>{X&&X.abort()},Ue=(n="/")=>fetch(`${n}OidcKeepAliveServiceWorker.json`,{headers:{"oidc-vanilla":"true"}}).then(e=>e.statusText==="oidc-service-worker").catch(e=>{console.log(e)}),Ve=n=>async(e,s)=>{s(),await e.update();const t=await e.unregister();console.log(`Service worker unregistering ${t}`),await $({milliseconds:2e3}),n.reload()},b=n=>e=>new Promise(function(s,t){const o=new MessageChannel;o.port1.onmessage=function(i){i.data&&i.data.error?t(i.data.error):s(i.data)},n.active.postMessage(e,[o.port2])}),I=async(n,e)=>{const s=n.service_worker_relative_url;if(typeof window>"u"||typeof navigator>"u"||!navigator.serviceWorker||!s||n.service_worker_activate()===!1)return null;let t=null;n.register?t=await n.service_worker_register(s):t=await navigator.serviceWorker.register(s);try{await navigator.serviceWorker.ready,navigator.serviceWorker.controller||await b(t)({type:"claim"})}catch{return null}const o=async k=>b(t)({type:"clear",data:{status:k},configurationName:e}),i=async(k,A,O)=>{const W=await b(t)({type:"init",data:{oidcServerConfiguration:k,where:A,oidcConfiguration:{token_renew_mode:O.token_renew_mode,service_worker_convert_all_requests_to_cors:O.service_worker_convert_all_requests_to_cors}},configurationName:e}),P=W.version;return P!==de&&(console.warn(`Service worker ${P} version mismatch with js client version ${de}, unregistering and reloading`),await O.service_worker_update_require_callback(t,Fe)),{tokens:Z(W.tokens,null,O.token_renew_mode),status:W.status}},r=(k="/")=>{fe==null&&(fe="not_null",he(k))},c=k=>b(t)({type:"setSessionState",data:{sessionState:k},configurationName:e}),a=async()=>(await b(t)({type:"getSessionState",data:null,configurationName:e})).sessionState,u=k=>(sessionStorage[`oidc.nonce.${e}`]=k.nonce,b(t)({type:"setNonce",data:{nonce:k},configurationName:e})),f=async()=>{let A=(await b(t)({type:"getNonce",data:null,configurationName:e})).nonce;return A||(A=sessionStorage[`oidc.nonce.${e}`],console.warn("nonce not found in service worker, using sessionStorage")),{nonce:A}};let d={};return{clearAsync:o,initAsync:i,startKeepAliveServiceWorker:()=>r(n.service_worker_keep_alive_path),isServiceWorkerProxyActiveAsync:()=>Ue(n.service_worker_keep_alive_path),setSessionStateAsync:c,getSessionStateAsync:a,setNonceAsync:u,getNonceAsync:f,setLoginParams:k=>{d[e]=k,localStorage[`oidc.login.${e}`]=JSON.stringify(k)},getLoginParams:()=>{const k=localStorage[`oidc.login.${e}`];return d[e]||(d[e]=JSON.parse(k)),d[e]},getStateAsync:async()=>{let A=(await b(t)({type:"getState",data:null,configurationName:e})).state;return A||(A=sessionStorage[`oidc.state.${e}`],console.warn("state not found in service worker, using sessionStorage")),A},setStateAsync:async k=>(sessionStorage[`oidc.state.${e}`]=k,b(t)({type:"setState",data:{state:k},configurationName:e})),getCodeVerifierAsync:async()=>{let A=(await b(t)({type:"getCodeVerifier",data:null,configurationName:e})).codeVerifier;return A||(A=sessionStorage[`oidc.code_verifier.${e}`],console.warn("codeVerifier not found in service worker, using sessionStorage")),A},setCodeVerifierAsync:async k=>(sessionStorage[`oidc.code_verifier.${e}`]=k,b(t)({type:"setCodeVerifier",data:{codeVerifier:k},configurationName:e})),setDemonstratingProofOfPossessionNonce:async k=>{await b(t)({type:"setDemonstratingProofOfPossessionNonce",data:{demonstratingProofOfPossessionNonce:k},configurationName:e})},getDemonstratingProofOfPossessionNonce:async()=>(await b(t)({type:"getDemonstratingProofOfPossessionNonce",data:null,configurationName:e})).demonstratingProofOfPossessionNonce,setDemonstratingProofOfPossessionJwkAsync:async k=>{const A=JSON.stringify(k);b(t)({type:"setDemonstratingProofOfPossessionJwk",data:{demonstratingProofOfPossessionJwkJson:A},configurationName:e})},getDemonstratingProofOfPossessionJwkAsync:async()=>{const k=await b(t)({type:"getDemonstratingProofOfPossessionJwk",data:null,configurationName:e});return k.demonstratingProofOfPossessionJwkJson?JSON.parse(k.demonstratingProofOfPossessionJwkJson):null}}};async function _e(n,e,s,t){const o=a=>{n.tokens=a},{tokens:i,status:r}=await n.synchroniseTokensAsync(e,0,s,t,o);return await I(n.configuration,n.configurationName)||await E(n.configurationName,n.configuration.storage).setTokens(n.tokens),n.tokens?i:(await n.destroyAsync(r),null)}async function ye(n,e,s=!1,t=null){const o=n.configuration,i=`${o.client_id}_${n.configurationName}_${o.authority}`;let r=null;const c=await I(n.configuration,n.configurationName);if((o==null?void 0:o.storage)===(window==null?void 0:window.sessionStorage)&&!c)r=await _e(n,e,s,t);else{const a=new AbortController,u=Math.max(o.token_request_timeout??0,o.silent_login_timeout??0,2e4),f=L.setTimeout(()=>{a.abort()},u);r=await navigator.locks.request(i,{signal:a.signal},async()=>{const d=await _e(n,e,s,t);return L.clearTimeout(f),d})}return r?(n.timeoutId&&(n.timeoutId=V(n,r.refreshToken,n.tokens.expiresAt,t)),n.tokens):null}const V=(n,e,s,t=null)=>{const o=n.configuration.refresh_time_before_tokens_expiration_in_second;return L.setTimeout(async()=>{const r={timeLeft:U(o,s)};n.publishEvent(B.eventNames.token_timer,r),await ye(n,e,!1,t)},1e3)},ne=(n,e,s)=>(t=null,o=null,i=null)=>{if(!e.silent_redirect_uri||!e.silent_login_uri)return Promise.resolve(null);try{s(m.silentLoginAsync_begin,{});let r="";if(o&&(t==null&&(t={}),t.state=o),i&&(t==null&&(t={}),t.scope=i),t!=null)for(const[d,l]of Object.entries(t))r===""?r=`?${encodeURIComponent(d)}=${encodeURIComponent(l)}`:r+=`&${encodeURIComponent(d)}=${encodeURIComponent(l)}`;const c=e.silent_login_uri+r,a=c.indexOf("/",c.indexOf("//")+2),u=c.substr(0,a),f=document.createElement("iframe");return f.width="0px",f.height="0px",f.id=`${n}_oidc_iframe`,f.setAttribute("src",c),document.body.appendChild(f),new Promise((d,l)=>{try{let h=!1;window.onmessage=_=>{if(_.origin===u&&_.source===f.contentWindow){const g=`${n}_oidc_tokens:`,w=`${n}_oidc_error:`,S=_.data;if(S&&typeof S=="string"&&!h){if(S.startsWith(g)){const T=JSON.parse(_.data.replace(g,""));s(m.silentLoginAsync_end,{}),f.remove(),h=!0,d(T)}else if(S.startsWith(w)){const T=JSON.parse(_.data.replace(w,""));s(m.silentLoginAsync_error,T),f.remove(),h=!0,l(new Error("oidc_"+T.error))}}}};const y=e.silent_login_timeout;setTimeout(()=>{h||(s(m.silentLoginAsync_error,{reason:"timeout"}),f.remove(),h=!0,l(new Error("timeout")))},y)}catch(h){f.remove(),s(m.silentLoginAsync_error,h),l(h)}})}catch(r){throw s(m.silentLoginAsync_error,r),r}},Me=(n,e,s,t,o)=>(i=null,r=void 0)=>{i={...i};const c=(u,f,d)=>ne(e,s,t.bind(o))(u,f,d);return(async()=>{o.timeoutId&&L.clearTimeout(o.timeoutId);let u;i&&"state"in i&&(u=i.state,delete i.state);try{const f=s.extras?{...s.extras,...i}:i,d=await c({...f,prompt:"none"},u,r);if(d)return o.tokens=d.tokens,t(m.token_aquired,{}),o.timeoutId=V(o,o.tokens.refreshToken,o.tokens.expiresAt,i),{}}catch(f){return f}})()},Ke=(n,e,s)=>(t,o,i,r=!1)=>{const c=(a,u=void 0,f=void 0)=>ne(n.configurationName,s,n.publishEvent.bind(n))(a,u,f);return new Promise((a,u)=>{if(s.silent_login_uri&&s.silent_redirect_uri&&s.monitor_session&&t&&i&&!r){const f=()=>{n.checkSessionIFrame.stop();const d=n.tokens;if(d===null)return;const l=d.idToken,h=d.idTokenPayload;return c({prompt:"none",id_token_hint:l,scope:s.scope||"openid"}).then(y=>{const _=y.tokens.idTokenPayload;if(h.sub===_.sub){const g=y.sessionState;n.checkSessionIFrame.start(y.sessionState),h.sid===_.sid?console.debug("SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",g):console.debug("SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:",g)}else console.debug("SessionMonitor._callback: Different subject signed into OP:",_.sub)}).catch(async y=>{console.warn("SessionMonitor._callback: Silent login failed, logging out other tabs:",y);for(const[_,g]of Object.entries(e))await g.logoutOtherTabAsync(s.client_id,h.sub)})};n.checkSessionIFrame=new Ne(f,o,t),n.checkSessionIFrame.load().then(()=>{n.checkSessionIFrame.start(i),a(n.checkSessionIFrame)}).catch(d=>{u(d)})}else a(null)})};for(var Je=He,x=[],ge="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",Y=0,Be=ge.length;Y<Be;++Y)x[Y]=ge[Y];function je(n){return x[n>>18&63]+x[n>>12&63]+x[n>>6&63]+x[n&63]}function qe(n,e,s){for(var t,o=[],i=e;i<s;i+=3)t=(n[i]<<16&16711680)+(n[i+1]<<8&65280)+(n[i+2]&255),o.push(je(t));return o.join("")}function He(n){for(var e,s=n.length,t=s%3,o=[],i=16383,r=0,c=s-t;r<c;r+=i)o.push(qe(n,r,r+i>c?c:r+i));return t===1?(e=n[s-1],o.push(x[e>>2]+x[e<<4&63]+"==")):t===2&&(e=(n[s-2]<<8)+n[s-1],o.push(x[e>>10]+x[e>>4&63]+x[e<<2&63]+"=")),o.join("")}const ke=()=>{const n=typeof window<"u"&&!!window.crypto,e=n&&!!window.crypto.subtle;return{hasCrypto:n,hasSubtleCrypto:e}},se="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",Ge=n=>{const e=[];for(let s=0;s<n.byteLength;s+=1){const t=n[s]%se.length;e.push(se[t])}return e.join("")},Xe=n=>Je(new Uint8Array(n)).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,""),te=n=>{const e=new Uint8Array(n),{hasCrypto:s}=ke();if(s)window.crypto.getRandomValues(e);else for(let t=0;t<n;t+=1)e[t]=Math.random()*se.length|0;return Ge(e)};function Ye(n){const e=new ArrayBuffer(n.length),s=new Uint8Array(e);for(let t=0;t<n.length;t++)s[t]=n.charCodeAt(t);return s}function me(n){return new Promise((e,s)=>{crypto.subtle.digest("SHA-256",Ye(n)).then(t=>e(Xe(new Uint8Array(t))),t=>s(t))})}const ze=n=>{if(n.length<43||n.length>128)return Promise.reject(new Error("Invalid code length."));const{hasSubtleCrypto:e}=ke();return e?me(n):Promise.reject(new Error("window.crypto.subtle is unavailable."))},R={},Qe=(n,e=window.sessionStorage,s)=>{if(!R[n]&&e){const o=e.getItem(n);o&&(R[n]=JSON.parse(o))}const t=1e3*s;return R[n]&&R[n].timestamp+t>Date.now()?R[n].result:null},Ze=(n,e,s=window.sessionStorage)=>{const t=Date.now();R[n]={result:e,timestamp:t},s&&s.setItem(n,JSON.stringify({result:e,timestamp:t}))},en=60*60,nn=n=>async(e,s=en,t=window.sessionStorage,o=1e4)=>{const i=`${e}/.well-known/openid-configuration`,r=`oidc.server:${e}`,c=Qe(r,t,s);if(c)return new re(c);const a=await M(n)(i,{},o);if(a.status!==200)return null;const u=await a.json();return Ze(r,u,t),new re(u)},M=n=>async(e,s={},t=1e4,o=0)=>{let i;try{const r=new AbortController;setTimeout(()=>r.abort(),t),i=await n(e,{...s,signal:r.signal})}catch(r){if(r.name==="AbortError"||r.message==="Network request failed"){if(o<=1)return await M(n)(e,s,t,o+1);throw r}else throw console.error(r.message),r}return i},oe={refresh_token:"refresh_token",access_token:"access_token"},pe=n=>async(e,s,t=oe.refresh_token,o,i=1e4)=>{const r={token:s,token_type_hint:t,client_id:o},c=[];for(const f in r){const d=encodeURIComponent(f),l=encodeURIComponent(r[f]);c.push(`${d}=${l}`)}const a=c.join("&");return(await M(n)(e,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:a},i)).status!==200?{success:!1}:{success:!0}},sn=n=>async(e,s,t,o,i={},r,c=1e4)=>{for(const[h,y]of Object.entries(t))s[h]===void 0&&(s[h]=y);const a=[];for(const h in s){const y=encodeURIComponent(h),_=encodeURIComponent(s[h]);a.push(`${y}=${_}`)}const u=a.join("&"),f=await M(n)(e,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...i},body:u},c);if(f.status!==200)return{success:!1,status:f.status,demonstratingProofOfPossessionNonce:null};const d=await f.json();let l=null;return f.headers.has(z)&&(l=f.headers.get(z)),{success:!0,data:Z(d,o,r),demonstratingProofOfPossessionNonce:l}},tn=(n,e)=>async(s,t)=>{t=t?{...t}:{};const o=te(128),i=await ze(o);await n.setCodeVerifierAsync(o),await n.setStateAsync(t.state),t.code_challenge=i,t.code_challenge_method="S256";let r="";if(t)for(const[c,a]of Object.entries(t))r===""?r+="?":r+="&",r+=`${c}=${encodeURIComponent(a)}`;e.open(`${s}${r}`)},z="DPoP-Nonce",on=n=>async(e,s,t,o,i=1e4)=>{s=s?{...s}:{},s.code_verifier=await n.getCodeVerifierAsync();const r=[];for(const d in s){const l=encodeURIComponent(d),h=encodeURIComponent(s[d]);r.push(`${l}=${h}`)}const c=r.join("&"),a=await M(fetch)(e,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...t},body:c},i);if(await Promise.all([n.setCodeVerifierAsync(null),n.setStateAsync(null)]),a.status!==200)return{success:!1,status:a.status};let u=null;a.headers.has(z)&&(u=a.headers.get(z));const f=await a.json();return{success:!0,data:{state:s.state,tokens:Z(f,null,o),demonstratingProofOfPossessionNonce:u}}},we=n=>{const e=n.match(/^([a-z][\w-]+\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/);if(!e)throw new Error("Invalid URL");let s=e[6],t=e[7];if(t){const o=t.split("?");o.length===2&&(t=o[0],s=o[1])}return s.startsWith("?")&&(s=s.slice(1)),e&&{href:n,protocol:e[1],host:e[2],hostname:e[3],port:e[4],path:e[5],search:s,hash:t}},rn=n=>{const e=we(n);let{path:s}=e;s.endsWith("/")&&(s=s.slice(0,-1));let{hash:t}=e;return t==="#_=_"&&(t=""),t&&(s+=t),s},K=n=>{const e=we(n),{search:s}=e;return an(s)},an=n=>{const e={};let s,t,o;const i=n.split("&");for(t=0,o=i.length;t<o;t++)s=i[t].split("="),e[decodeURIComponent(s[0])]=decodeURIComponent(s[1]);return e};function Ae(n){return new TextEncoder().encode(n)}function Se(n){return btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+/g,"")}function cn(n){return encodeURIComponent(n).replace(/%([0-9A-F]{2})/g,function(t,o){return String.fromCharCode(parseInt(o,16))})}function ve(n){let e="";return n.forEach(function(s){e+=String.fromCharCode(s)}),Se(e)}function Te(n){return Se(cn(n))}var be={};be.sign=(n,e,s,t="dpop+jwt")=>{n=Object.assign({},n),e.typ=t,e.alg="ES256",e.kid||(e.jwk={kty:n.kty,crv:n.crv,x:n.x,y:n.y});const o={protected:Te(JSON.stringify(e)),payload:Te(JSON.stringify(s))},i={name:"ECDSA",namedCurve:"P-256",hash:{name:"ES256"}},r=!0,c=["sign"];return window.crypto.subtle.importKey("jwk",n,i,r,c).then(function(a){const u=Ae(o.protected+"."+o.payload),f={name:"ECDSA",hash:{name:"SHA-256"}};return window.crypto.subtle.sign(f,a,u).then(function(d){return o.signature=ve(new Uint8Array(d)),o.protected+"."+o.payload+"."+o.signature})})};const ie={};ie.generate=function(){const n={name:"ECDSA",namedCurve:"P-256"},e=!0,s=["sign","verify"];return window.crypto.subtle.generateKey(n,e,s).then(function(t){return window.crypto.subtle.exportKey("jwk",t.privateKey)})},ie.neuter=function(n){const e=Object.assign({},n);return delete e.d,e.key_ops=["verify"],e};var Pe={};Pe.thumbprint=function(n){const e='{"crv":"CRV","kty":"EC","x":"X","y":"Y"}'.replace("CRV",n.crv).replace("X",n.x).replace("Y",n.y);return window.crypto.subtle.digest({name:"SHA-256"},Ae(e)).then(function(s){return ve(new Uint8Array(s))})};const ln=function(){const n="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx",e="0123456789abcdef";let s=0,t="";for(let o=0;o<36;o++)n[o]!=="-"&&n[o]!=="4"&&(s=Math.random()*16|0),n[o]==="x"?t+=e[s]:n[o]==="y"?(s&=3,s|=8,t+=e[s]):t+=n[o];return t},un=()=>ie.generate().then(function(n){return n}),Oe=(n,e="POST",s,t={})=>{const o={jit:btoa(ln()),htm:e,htu:s,iat:Math.round(Date.now()/1e3),...t};return Pe.thumbprint(n).then(function(i){return be.sign(n,{},o).then(function(r){return r})})},dn=(n,e,s,t,o)=>(i=void 0,r=null,c=!1,a=void 0)=>{const u=r;return r={...r},(async()=>{const d=i||o.getPath();if("state"in r||(r.state=te(16)),s(m.loginAsync_begin,{}),r)for(const l of Object.keys(r))l.endsWith(":token_request")&&delete r[l];try{const l=c?e.silent_redirect_uri:e.redirect_uri;a||(a=e.scope);const h=e.extras?{...e.extras,...r}:r;h.nonce||(h.nonce=te(12));const y={nonce:h.nonce},_=await I(e,n),g=await t(e.authority,e.authority_configuration);let w;if(_)_.setLoginParams({callbackPath:d,extras:u}),await _.initAsync(g,"loginAsync",e),await _.setNonceAsync(y),_.startKeepAliveServiceWorker(),w=_;else{const T=E(n,e.storage??sessionStorage);T.setLoginParams({callbackPath:d,extras:u}),await T.setNonceAsync(y),w=T}const S={client_id:e.client_id,redirect_uri:l,scope:a,response_type:"code",...h};await tn(w,o)(g.authorizationEndpoint,S)}catch(l){throw s(m.loginAsync_error,l),l}})()},fn=n=>async(e=!1)=>{try{n.publishEvent(m.loginCallbackAsync_begin,{});const s=n.configuration,t=s.client_id,o=e?s.silent_redirect_uri:s.redirect_uri,i=s.authority,r=s.token_request_timeout,c=await n.initAsync(i,s.authority_configuration),a=n.location.getCurrentHref(),f=K(a).session_state,d=await I(s,n.configurationName);let l,h,y,_;if(d)await d.initAsync(c,"loginCallbackAsync",s),await d.setSessionStateAsync(f),h=await d.getNonceAsync(),y=d.getLoginParams(),_=await d.getStateAsync(),d.startKeepAliveServiceWorker(),l=d;else{const v=E(n.configurationName,s.storage??sessionStorage);await v.setSessionStateAsync(f),h=await v.getNonceAsync(),y=v.getLoginParams(),_=await v.getStateAsync(),l=v}const g=K(a);if(g.iss&&g.iss!==c.issuer)throw console.error(),new Error(`issuer not valid (expected: ${c.issuer}, received: ${g.iss})`);if(g.state&&g.state!==_)throw new Error(`state not valid (expected: ${_}, received: ${g.state})`);const w={code:g.code,grant_type:"authorization_code",client_id:s.client_id,redirect_uri:o},S={};if(s.token_request_extras)for(const[v,F]of Object.entries(s.token_request_extras))S[v]=F;if(y&&y.extras)for(const[v,F]of Object.entries(y.extras))v.endsWith(":token_request")&&(S[v.replace(":token_request","")]=F);const T=c.tokenEndpoint,j={};if(s.demonstrating_proof_of_possession){const v=await un();d?await d.setDemonstratingProofOfPossessionJwkAsync(v):await E(n.configurationName,s.storage).setDemonstratingProofOfPossessionJwkAsync(v),j.DPoP=await Oe(v,"POST",T)}const p=await on(l)(T,{...w,...S},j,n.configuration.token_renew_mode,r);if(!p.success)throw new Error("Token request failed");let k;const A=p.data.tokens,O=p.data.demonstratingProofOfPossessionNonce;if(p.data.state!==S.state)throw new Error("state is not valid");const{isValid:W,reason:P}=ue(A,h.nonce,c);if(!W)throw new Error(`Tokens are not OpenID valid, reason: ${P}`);if(d){if(A.refreshToken&&!A.refreshToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Refresh token should be hidden by service worker");if(O&&A.accessToken&&A.accessToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Demonstration of proof of possession require Access token not hidden by service worker")}if(d)await d.initAsync(o,"syncTokensAsync",s),k=d.getLoginParams(),O&&await d.setDemonstratingProofOfPossessionNonce(O);else{const v=E(n.configurationName,s.storage);k=v.getLoginParams(),O&&await v.setDemonstratingProofOfPossessionNonce(O)}return await n.startCheckSessionAsync(c.checkSessionIframe,t,f,e),n.publishEvent(m.loginCallbackAsync_end,{}),{tokens:A,state:"request.state",callbackPath:k.callbackPath}}catch(s){throw console.error(s),n.publishEvent(m.loginCallbackAsync_error,s),s}},Ee={access_token:"access_token",refresh_token:"refresh_token"},hn=n=>async e=>{L.clearTimeout(n.timeoutId),n.timeoutId=null,n.checkSessionIFrame&&n.checkSessionIFrame.stop();const s=await I(n.configuration,n.configurationName);s?await s.clearAsync(e):await E(n.configurationName,n.configuration.storage).clearAsync(e),n.tokens=null,n.userInfo=null},_n=(n,e,s,t,o)=>async(i=void 0,r=null)=>{const c=n.configuration,a=await n.initAsync(c.authority,c.authority_configuration);i&&typeof i!="string"&&(i=void 0,t.warn("callbackPathOrUrl path is not a string"));const u=i??o.getPath();let f=!1;i&&(f=i.includes("https://")||i.includes("http://"));const d=f?i:o.getOrigin()+u,l=n.tokens?n.tokens.idToken:"";try{const y=a.revocationEndpoint;if(y){const _=[],g=n.tokens?n.tokens.accessToken:null;if(g&&c.logout_tokens_to_invalidate.includes(Ee.access_token)){const S=pe(s)(y,g,oe.access_token,c.client_id);_.push(S)}const w=n.tokens?n.tokens.refreshToken:null;if(w&&c.logout_tokens_to_invalidate.includes(Ee.refresh_token)){const S=pe(s)(y,w,oe.refresh_token,c.client_id);_.push(S)}_.length>0&&await Promise.all(_)}}catch(y){t.warn("logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error"),t.warn(y)}const h=n.tokens&&n.tokens.idTokenPayload?n.tokens.idTokenPayload.sub:null;await n.destroyAsync("LOGGED_OUT");for(const[y,_]of Object.entries(e))_!==n&&await n.logoutSameTabAsync(n.configuration.client_id,h);if(a.endSessionEndpoint){r||(r={id_token_hint:l},i!==null&&(r.post_logout_redirect_uri=d));let y="";if(r)for(const[_,g]of Object.entries(r))y===""?y+="?":y+="&",y+=`${_}=${encodeURIComponent(g)}`;o.open(`${a.endSessionEndpoint}${y}`)}else o.reload()},yn=n=>async(e=!1)=>{if(n.userInfo!=null&&!e)return n.userInfo;for(;n.tokens&&!ee(n.tokens);)await $({milliseconds:200});if(!n.tokens)return null;const s=n.tokens.accessToken;if(!s)return null;const t=n.configuration,i=(await n.initAsync(t.authority,t.authority_configuration)).userInfoEndpoint,c=await(async a=>{const u=await fetch(i,{headers:{authorization:`Bearer ${a}`}});return u.status!==200?null:u.json()})(s);return n.userInfo=c,c};class J{open(e){window.open(e,"_self")}reload(){window.location.reload()}getCurrentHref(){return window.location.href}getPath(){const e=window.location;return e.pathname+(e.search||"")+(e.hash||"")}getOrigin(){return window.origin}}const gn=n=>!!(n.os==="iOS"&&n.osVersion.startsWith("12")||n.os==="Mac OS X"&&n.osVersion.startsWith("10_15_6")),kn=n=>{const e=n.appVersion,s=n.userAgent,t="-";let o=t;const i=[{s:"Windows 10",r:/(Windows 10.0|Windows NT 10.0)/},{s:"Windows 8.1",r:/(Windows 8.1|Windows NT 6.3)/},{s:"Windows 8",r:/(Windows 8|Windows NT 6.2)/},{s:"Windows 7",r:/(Windows 7|Windows NT 6.1)/},{s:"Windows Vista",r:/Windows NT 6.0/},{s:"Windows Server 2003",r:/Windows NT 5.2/},{s:"Windows XP",r:/(Windows NT 5.1|Windows XP)/},{s:"Windows 2000",r:/(Windows NT 5.0|Windows 2000)/},{s:"Windows ME",r:/(Win 9x 4.90|Windows ME)/},{s:"Windows 98",r:/(Windows 98|Win98)/},{s:"Windows 95",r:/(Windows 95|Win95|Windows_95)/},{s:"Windows NT 4.0",r:/(Windows NT 4.0|WinNT4.0|WinNT|Windows NT)/},{s:"Windows CE",r:/Windows CE/},{s:"Windows 3.11",r:/Win16/},{s:"Android",r:/Android/},{s:"Open BSD",r:/OpenBSD/},{s:"Sun OS",r:/SunOS/},{s:"Chrome OS",r:/CrOS/},{s:"Linux",r:/(Linux|X11(?!.*CrOS))/},{s:"iOS",r:/(iPhone|iPad|iPod)/},{s:"Mac OS X",r:/Mac OS X/},{s:"Mac OS",r:/(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/},{s:"QNX",r:/QNX/},{s:"UNIX",r:/UNIX/},{s:"BeOS",r:/BeOS/},{s:"OS/2",r:/OS\/2/},{s:"Search Bot",r:/(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/}];for(const c in i){const a=i[c];if(a.r.test(s)){o=a.s;break}}let r=t;switch(/Windows/.test(o)&&(r=/Windows (.*)/.exec(o)[1],o="Windows"),o){case"Mac OS":case"Mac OS X":case"Android":r=/(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(s)[1];break;case"iOS":{const c=/OS (\d+)_(\d+)_?(\d+)?/.exec(e);r=c[1]+"."+c[2]+"."+(parseInt(c[3])|0);break}}return{os:o,osVersion:r}};function mn(){const n=navigator.userAgent;let e,s=n.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i)||[];if(/trident/i.test(s[1]))return e=/\brv[ :]+(\d+)/g.exec(n)||[],{name:"ie",version:e[1]||""};if(s[1]==="Chrome"&&(e=n.match(/\bOPR|Edge\/(\d+)/),e!=null)){let t=e[1];if(!t){const o=n.split(e[0]+"/");o.length>1&&(t=o[1])}return{name:"opera",version:t}}return s=s[2]?[s[1],s[2]]:[navigator.appName,navigator.appVersion,"-?"],(e=n.match(/version\/(\d+)/i))!=null&&s.splice(1,1,e[1]),{name:s[0].toLowerCase(),version:s[1]}}const pn=()=>{const{name:n,version:e}=mn();if(n==="chrome"&&parseInt(e)<=70||n==="opera"&&(!e||parseInt(e.split(".")[0])<80)||n==="ie")return!1;const s=kn(navigator);return!gn(s)},Ie=()=>fetch;class re{constructor(e){this.authorizationEndpoint=e.authorization_endpoint,this.tokenEndpoint=e.token_endpoint,this.revocationEndpoint=e.revocation_endpoint,this.userInfoEndpoint=e.userinfo_endpoint,this.checkSessionIframe=e.check_session_iframe,this.issuer=e.issuer,this.endSessionEndpoint=e.end_session_endpoint}}const N={},wn=(n,e=new J)=>(s,t="default")=>(N[t]||(N[t]=new B(s,t,n,e)),N[t]),An=async n=>{const{parsedTokens:e,callbackPath:s}=await n.loginCallbackAsync();return n.timeoutId=V(n,e.refreshToken,e.expiresAt),{callbackPath:s}},Sn=n=>Math.floor(Math.random()*n),ae=class q{constructor(e,s="default",t,o=new J){this.initPromise=null,this.tryKeepExistingSessionPromise=null,this.loginPromise=null,this.loginCallbackPromise=null,this.loginCallbackWithAutoTokensRenewPromise=null,this.userInfoPromise=null,this.renewTokensPromise=null,this.logoutPromise=null;let i=e.silent_login_uri;e.silent_redirect_uri&&!e.silent_login_uri&&(i=`${e.silent_redirect_uri.replace("-callback","").replace("callback","")}-login`);let r=e.refresh_time_before_tokens_expiration_in_second??120;r>60&&(r=r-Math.floor(Math.random()*40)),this.location=o??new J;const c=e.service_worker_update_require_callback??Ve(this.location);this.configuration={...e,silent_login_uri:i,monitor_session:e.monitor_session??!1,refresh_time_before_tokens_expiration_in_second:r,silent_login_timeout:e.silent_login_timeout??12e3,token_renew_mode:e.token_renew_mode??G.access_token_or_id_token_invalid,demonstrating_proof_of_possession:e.demonstrating_proof_of_possession??!1,authority_timeout_wellknowurl_in_millisecond:e.authority_timeout_wellknowurl_in_millisecond??1e4,logout_tokens_to_invalidate:e.logout_tokens_to_invalidate??["access_token","refresh_token"],service_worker_update_require_callback:c,service_worker_activate:e.service_worker_activate??pn},this.getFetch=t??Ie,this.configurationName=s,this.tokens=null,this.userInfo=null,this.events=[],this.timeoutId=null,this.synchroniseTokensAsync.bind(this),this.loginCallbackWithAutoTokensRenewAsync.bind(this),this.initAsync.bind(this),this.loginCallbackAsync.bind(this),this.subscribeEvents.bind(this),this.removeEventSubscription.bind(this),this.publishEvent.bind(this),this.destroyAsync.bind(this),this.logoutAsync.bind(this),this.renewTokensAsync.bind(this),this.initAsync(this.configuration.authority,this.configuration.authority_configuration)}subscribeEvents(e){const s=Sn(9999999999999).toString();return this.events.push({id:s,func:e}),s}removeEventSubscription(e){const s=this.events.filter(t=>t.id!==e);this.events=s}publishEvent(e,s){this.events.forEach(t=>{t.func(e,s)})}static get(e="default"){const s=typeof process>"u";if(!Object.prototype.hasOwnProperty.call(N,e)&&s)throw Error(`OIDC library does seem initialized.
2
+ Please checkout that you are using OIDC hook inside a <OidcProvider configurationName="${e}"></OidcProvider> compoment.`);return N[e]}_silentLoginCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const e=this.location,s=K(e.getCurrentHref());window.parent.postMessage(`${this.configurationName}_oidc_tokens:${JSON.stringify({tokens:this.tokens,sessionState:s.session_state})}`,e.getOrigin())}}_silentLoginErrorCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const e=this.location,s=K(e.getCurrentHref());window.parent.postMessage(`${this.configurationName}_oidc_error:${JSON.stringify({error:s.error})}`,e.getOrigin())}}async silentLoginCallbackAsync(){try{await this.loginCallbackAsync(!0),this._silentLoginCallbackFromIFrame()}catch(e){console.error(e),this._silentLoginErrorCallbackFromIFrame()}}async initAsync(e,s){if(this.initPromise!==null)return this.initPromise;const t=async()=>{if(s!=null)return new re({authorization_endpoint:s.authorization_endpoint,end_session_endpoint:s.end_session_endpoint,revocation_endpoint:s.revocation_endpoint,token_endpoint:s.token_endpoint,userinfo_endpoint:s.userinfo_endpoint,check_session_iframe:s.check_session_iframe,issuer:s.issuer});const i=await I(this.configuration,this.configurationName)?window.localStorage:null;return await nn(this.getFetch())(e,this.configuration.authority_time_cache_wellknowurl_in_second??60*60,i,this.configuration.authority_timeout_wellknowurl_in_millisecond)};return this.initPromise=t(),this.initPromise.then(o=>(this.initPromise=null,o))}async tryKeepExistingSessionAsync(){if(this.tryKeepExistingSessionPromise!==null)return this.tryKeepExistingSessionPromise;const e=async()=>{let s;if(this.tokens!=null)return!1;this.publishEvent(m.tryKeepExistingSessionAsync_begin,{});try{const t=this.configuration,o=await this.initAsync(t.authority,t.authority_configuration);if(s=await I(t,this.configurationName),s){const{tokens:i}=await s.initAsync(o,"tryKeepExistingSessionAsync",t);if(i){s.startKeepAliveServiceWorker(),this.tokens=i;const r=s.getLoginParams(this.configurationName);this.timeoutId=V(this,this.tokens.refreshToken,this.tokens.expiresAt,r.extras);const c=await s.getSessionStateAsync();return await this.startCheckSessionAsync(o.check_session_iframe,t.client_id,c),this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside ServiceWorker are valid"}),!0}this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:"no exiting session found"})}else{t.service_worker_relative_url&&this.publishEvent(m.service_worker_not_supported_by_browser,{message:"service worker is not supported by this browser"});const i=E(this.configurationName,t.storage??sessionStorage),{tokens:r}=await i.initAsync();if(r){this.tokens=le(r,null,t.token_renew_mode);const c=i.getLoginParams();this.timeoutId=V(this,r.refreshToken,this.tokens.expiresAt,c.extras);const a=await i.getSessionStateAsync();return await this.startCheckSessionAsync(o.check_session_iframe,t.client_id,a),this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside storage are valid"}),!0}}return this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:s?"service worker sessions not retrieved":"session storage sessions not retrieved"}),!1}catch(t){return console.error(t),s&&await s.clearAsync(),this.publishEvent(m.tryKeepExistingSessionAsync_error,"tokens inside ServiceWorker are invalid"),!1}};return this.tryKeepExistingSessionPromise=e(),this.tryKeepExistingSessionPromise.then(s=>(this.tryKeepExistingSessionPromise=null,s))}async startCheckSessionAsync(e,s,t,o=!1){await Ke(this,N,this.configuration)(e,s,t,o)}async loginAsync(e=void 0,s=null,t=!1,o=void 0,i=!1){return this.loginPromise!==null?this.loginPromise:i?Me(window,this.configurationName,this.configuration,this.publishEvent.bind(this),this)(s,o):(this.loginPromise=dn(this.configurationName,this.configuration,this.publishEvent.bind(this),this.initAsync.bind(this),this.location)(e,s,t,o),this.loginPromise.then(r=>(this.loginPromise=null,r)))}async loginCallbackAsync(e=!1){if(this.loginCallbackPromise!==null)return this.loginCallbackPromise;const s=async()=>{const t=await fn(this)(e),o=t.tokens;return this.tokens=o,await I(this.configuration,this.configurationName)||E(this.configurationName,this.configuration.storage).setTokens(o),this.publishEvent(q.eventNames.token_aquired,o),{parsedTokens:o,state:t.state,callbackPath:t.callbackPath}};return this.loginCallbackPromise=s(),this.loginCallbackPromise.then(t=>(this.loginCallbackPromise=null,t))}async synchroniseTokensAsync(e,s=0,t=!1,o=null,i){for(;!navigator.onLine&&document.hidden;)await $({milliseconds:1e3}),this.publishEvent(m.refreshTokensAsync,{message:"wait because navigator is offline and hidden"});let r=6;for(;!navigator.onLine&&r>0;)await $({milliseconds:1e3}),r--,this.publishEvent(m.refreshTokensAsync,{message:`wait because navigator is offline try ${r}`});const a=document.hidden?s:s+1;o||(o={});const u=this.configuration,f=(l,h,y=null)=>ne(this.configurationName,this.configuration,this.publishEvent.bind(this))(l,h,y),d=async()=>{try{let l;const h=await I(u,this.configurationName);h?l=h.getLoginParams():l=E(this.configurationName,u.storage).getLoginParams();const y=await f({...l.extras,...o,prompt:"none"},l.state);if(y)return i(y.tokens),this.publishEvent(q.eventNames.token_renewed,{}),{tokens:y.tokens,status:"LOGGED"}}catch(l){if(console.error(l),this.publishEvent(m.refreshTokensAsync_silent_error,{message:"exceptionSilent",exception:l.message}),l&&l.message&&l.message.startsWith("oidc"))return i(null),this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent"}),{tokens:null,status:"SESSION_LOST"}}return this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent return"}),await this.synchroniseTokensAsync(null,a,t,o,i)};if(s>4)return i(null),this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token"}),{tokens:null,status:"SESSION_LOST"};try{const{status:l,tokens:h,nonce:y}=await this.syncTokensInfoAsync(u,this.configurationName,this.tokens,t);switch(l){case"SESSION_LOST":return i(null),this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token session lost"}),{tokens:null,status:"SESSION_LOST"};case"NOT_CONNECTED":return i(null),{tokens:null,status:null};case"TOKENS_VALID":return i(h),{tokens:h,status:"LOGGED_IN"};case"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":return i(h),this.publishEvent(q.eventNames.token_renewed,{reason:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID"}),{tokens:h,status:"LOGGED_IN"};case"LOGOUT_FROM_ANOTHER_TAB":return i(null),this.publishEvent(m.logout_from_another_tab,{status:"session syncTokensAsync"}),{tokens:null,status:"LOGGED_OUT"};case"REQUIRE_SYNC_TOKENS":return this.publishEvent(m.refreshTokensAsync_begin,{refreshToken:e,status:l,tryNumber:s}),await d();default:{if(this.publishEvent(m.refreshTokensAsync_begin,{refreshToken:e,status:l,tryNumber:s}),!e)return await d();const _=u.client_id,g=u.redirect_uri,w=u.authority,T={...u.token_request_extras?u.token_request_extras:{}};for(const[p,k]of Object.entries(o))p.endsWith(":token_request")&&(T[p.replace(":token_request","")]=k);return await(async()=>{const p={client_id:_,redirect_uri:g,grant_type:"refresh_token",refresh_token:h.refreshToken},k=await this.initAsync(w,u.authority_configuration),A=document.hidden?1e4:3e4*10,O=k.tokenEndpoint,W={};u.demonstrating_proof_of_possession&&(W.DPoP=await this.generateDemonstrationOfProofOfPossessionAsync(h.accessToken,O,"POST"));const P=await sn(this.getFetch())(O,p,T,h,W,u.token_renew_mode,A);if(P.success){const{isValid:v,reason:F}=ue(P.data,y.nonce,k);if(!v)return i(null),this.publishEvent(m.refreshTokensAsync_error,{message:`refresh token return not valid tokens, reason: ${F}`}),{tokens:null,status:"SESSION_LOST"};if(i(P.data),P.demonstratingProofOfPossessionNonce){const Ce=await I(u,this.configurationName);Ce?await Ce.setDemonstratingProofOfPossessionNonce(P.demonstratingProofOfPossessionNonce):await E(this.configurationName,u.storage).setDemonstratingProofOfPossessionNonce(P.demonstratingProofOfPossessionNonce)}return this.publishEvent(m.refreshTokensAsync_end,{success:P.success}),this.publishEvent(q.eventNames.token_renewed,{reason:"REFRESH_TOKEN"}),{tokens:P.data,status:"LOGGED_IN"}}else return this.publishEvent(m.refreshTokensAsync_silent_error,{message:"bad request",tokenResponse:P}),await this.synchroniseTokensAsync(e,a,t,o,i)})()}}}catch(l){return console.error(l),this.publishEvent(m.refreshTokensAsync_silent_error,{message:"exception",exception:l.message}),this.synchroniseTokensAsync(e,a,t,o,i)}}async generateDemonstrationOfProofOfPossessionAsync(e,s,t){const o=this.configuration,i={ath:await me(e)},r=await I(o,this.configurationName);let c=null,a;if(r)c=await r.getDemonstratingProofOfPossessionNonce(),a=await r.getDemonstratingProofOfPossessionJwkAsync();else{const u=E(this.configurationName,o.storage);a=await u.getDemonstratingProofOfPossessionJwkAsync(),c=await u.getDemonstratingProofOfPossessionNonce()}return c&&(i.nonce=c),await Oe(a,t,s,i)}async syncTokensInfoAsync(e,s,t,o=!1){const i={nonce:null};if(!t)return{tokens:null,status:"NOT_CONNECTED",nonce:i};let r=i;const c=await this.initAsync(e.authority,e.authority_configuration),a=await I(e,s);if(a){const{status:d,tokens:l}=await a.initAsync(c,"syncTokensAsync",e);if(d==="LOGGED_OUT")return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};if(d==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(!d||!l)return{tokens:null,status:"REQUIRE_SYNC_TOKENS",nonce:i};if(l.issuedAt!==t.issuedAt){const y=U(e.refresh_time_before_tokens_expiration_in_second,l.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",_=await a.getNonceAsync();return{tokens:l,status:y,nonce:_}}r=await a.getNonceAsync()}else{const d=E(s,e.storage??sessionStorage),{tokens:l,status:h}=await d.initAsync();if(l){if(h==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(l.issuedAt!==t.issuedAt){const _=U(e.refresh_time_before_tokens_expiration_in_second,l.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",g=await d.getNonceAsync();return{tokens:l,status:_,nonce:g}}}else return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};r=await d.getNonceAsync()}const f=U(e.refresh_time_before_tokens_expiration_in_second,t.expiresAt)>0?"TOKENS_VALID":"TOKENS_INVALID";return o?{tokens:t,status:"FORCE_REFRESH",nonce:r}:{tokens:t,status:f,nonce:r}}loginCallbackWithAutoTokensRenewAsync(){return this.loginCallbackWithAutoTokensRenewPromise!==null?this.loginCallbackWithAutoTokensRenewPromise:(this.loginCallbackWithAutoTokensRenewPromise=An(this),this.loginCallbackWithAutoTokensRenewPromise.then(e=>(this.loginCallbackWithAutoTokensRenewPromise=null,e)))}userInfoAsync(e=!1){return this.userInfoPromise!==null?this.userInfoPromise:(this.userInfoPromise=yn(this)(e),this.userInfoPromise.then(s=>(this.userInfoPromise=null,s)))}async renewTokensAsync(e=null){if(this.renewTokensPromise!==null)return this.renewTokensPromise;if(this.timeoutId)return L.clearTimeout(this.timeoutId),this.renewTokensPromise=ye(this,this.tokens.refreshToken,!0,e),this.renewTokensPromise.then(s=>(this.renewTokensPromise=null,s))}async destroyAsync(e){return await hn(this)(e)}async logoutSameTabAsync(e,s){this.configuration.monitor_session&&this.configuration.client_id===e&&s&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===s&&(this.publishEvent(m.logout_from_same_tab,{message:s}),await this.destroyAsync("LOGGED_OUT"))}async logoutOtherTabAsync(e,s){this.configuration.monitor_session&&this.configuration.client_id===e&&s&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===s&&(await this.destroyAsync("LOGGED_OUT"),this.publishEvent(m.logout_from_another_tab,{message:"SessionMonitor",sub:s}))}async logoutAsync(e=void 0,s=null){return this.logoutPromise?this.logoutPromise:(this.logoutPromise=_n(this,N,this.getFetch(),console,this.location)(e,s),this.logoutPromise.then(t=>(this.logoutPromise=null,t)))}};ae.getOrCreate=(n,e)=>(s,t="default")=>wn(n,e)(s,t),ae.eventNames=m;let B=ae;const vn=(n,e)=>async(...s)=>{var l;const[t,o,...i]=s,r=o?{...o}:{method:"GET"};let c=new Headers;r.headers&&(c=r.headers instanceof Headers?r.headers:new Headers(r.headers));const a=e,u=await a.getValidTokenAsync(),f=(l=u==null?void 0:u.tokens)==null?void 0:l.accessToken;if(c.has("Accept")||c.set("Accept","application/json"),f){if(a.configuration.demonstrating_proof_of_possession){const h=await a.generateDemonstrationOfProofOfPossessionAsync(f,t.toString(),r.method);c.set("Authorization",`PoP ${f}`),c.set("DPoP",h)}else c.set("Authorization",`Bearer ${f}`);r.credentials||(r.credentials="same-origin")}const d={...r,headers:c};return await n(t,d,...i)},Q=class xe{constructor(e){this._oidc=e}subscribeEvents(e){return this._oidc.subscribeEvents(e)}removeEventSubscription(e){this._oidc.removeEventSubscription(e)}publishEvent(e,s){this._oidc.publishEvent(e,s)}static get(e="default"){return new xe(B.get(e))}tryKeepExistingSessionAsync(){return this._oidc.tryKeepExistingSessionAsync()}loginAsync(e=void 0,s=null,t=!1,o=void 0,i=!1){return this._oidc.loginAsync(e,s,t,o,i)}logoutAsync(e=void 0,s=null){return this._oidc.logoutAsync(e,s)}silentLoginCallbackAsync(){return this._oidc.silentLoginCallbackAsync()}renewTokensAsync(e=null){return this._oidc.renewTokensAsync(e)}loginCallbackAsync(){return this._oidc.loginCallbackWithAutoTokensRenewAsync()}get tokens(){return this._oidc.tokens}get configuration(){return this._oidc.configuration}async generateDemonstrationOfProofOfPossessionAsync(e,s,t){return this._oidc.generateDemonstrationOfProofOfPossessionAsync(e,s,t)}async getValidTokenAsync(e=200,s=50){return Re(this._oidc,e,s)}fetchWithTokens(e){return vn(e,this)}async userInfoAsync(e=!1){return this._oidc.userInfoAsync(e)}};Q.getOrCreate=(n,e=new J)=>(s,t="default")=>new Q(B.getOrCreate(n,e)(s,t)),Q.eventNames=B.eventNames;let Tn=Q;C.OidcClient=Tn,C.OidcLocation=J,C.TokenRenewMode=G,C.getFetchDefault=Ie,C.getParseQueryStringFromLocation=K,C.getPath=rn,Object.defineProperty(C,Symbol.toStringTag,{value:"Module"})});
package/dist/oidc.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["../src/oidc.ts"],"names":[],"mappings":"AAOA,OAAO,EAAgE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAMxG,OAAO,EAAC,sBAAsB,EAAE,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAC,MAAM,YAAY,CAAC;AAIvF,OAAO,EAAC,cAAc,EAAe,MAAM,YAAY,CAAC;AAKxD,eAAO,MAAM,eAAe,oBAE3B,CAAC;AAEF,MAAM,WAAW,yCAAyC;IACtD,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,MAAM,EAAC,MAAM,CAAC;CACjB;AAID,qBAAa,qCAAqC;IAC9C,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,qBAAqB,CAAS;IACtC,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,kBAAkB,CAAS;gBAEvB,OAAO,EAAE,GAAG;CAS3B;AAUD,MAAM,MAAM,aAAa,GAAG;IACxB,YAAY,EAAC,MAAM,CAAC;CACvB,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAChC,YAAY,EAAC,MAAM,CAAC;IACpB,YAAY,EAAC,MAAM,CAAC;CACvB,CAAA;AAYD,qBAAa,IAAI;IACN,aAAa,EAAE,iBAAiB,CAAC;IACjC,QAAQ,EAAE,IAAI,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,CAAC,SAAS,CAAiB;IAC3B,iBAAiB,EAAE,MAAM,CAAC;IACjC,OAAO,CAAC,kBAAkB,CAAqB;IAC/C,OAAO,CAAC,QAAQ,CAAc;IAC9B,OAAO,CAAC,QAAQ,CAAiB;gBACrB,aAAa,EAAC,iBAAiB,EAAE,iBAAiB,QAAY,EAAE,QAAQ,EAAG,MAAM,KAAK,EAAE,QAAQ,GAAE,cAAmC;IA8CjJ,eAAe,CAAC,IAAI,KAAA,GAAE,MAAM;IAM5B,uBAAuB,CAAC,EAAE,KAAA,GAAG,IAAI;IAKjC,YAAY,CAAC,SAAS,KAAA,EAAE,IAAI,KAAA;IAM5B,MAAM,CAAC,WAAW,aAAe,MAAM,KAAK,YAAW,cAAc,gDAEnE;IAEF,MAAM,CAAC,GAAG,CAAC,IAAI,SAAY;IAS3B,MAAM,CAAC,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;MAAc;IAE/B,8BAA8B;IAQ9B,mCAAmC;IAQ7B,wBAAwB;IAU9B,WAAW,MAAQ;IACb,SAAS,CAAC,SAAS,EAAC,MAAM,EAAE,sBAAsB,EAAC,sBAAsB;IA4B/E,6BAA6B,MAAQ;IAC/B,2BAA2B,IAAI,OAAO,CAAC,OAAO,CAAC;IAkF/C,sBAAsB,CAAC,qBAAqB,KAAA,EAAE,QAAQ,KAAA,EAAE,YAAY,KAAA,EAAE,cAAc,UAAQ;IAIlG,YAAY,EAAE,OAAO,CAAC,IAAI,CAAC,CAAQ;IAC7B,UAAU,CAAC,YAAY,GAAC,MAAkB,EAAE,MAAM,GAAC,SAAgB,EAAE,cAAc,UAAQ,EAAE,KAAK,GAAC,MAAkB,EAAE,eAAe,UAAQ;IAcpJ,oBAAoB,EAAG,OAAO,CAAC,GAAG,CAAC,CAAQ;IACrC,kBAAkB,CAAC,aAAa,UAAQ;IA2BxC,sBAAsB,CAAC,YAAY,KAAA,EAAE,KAAK,QAAI,EAAE,YAAY,SAAQ,EAAE,MAAM,EAAC,SAAgB,EAAE,YAAY,KAAA;IAgK3G,6CAA6C,CAAC,WAAW,EAAC,MAAM,EAAE,GAAG,EAAC,MAAM,EAAE,MAAM,EAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAwB7G,mBAAmB,CAAC,aAAa,KAAA,EAAE,iBAAiB,KAAA,EAAE,aAAa,KAAA,EAAE,YAAY,UAAQ;;;;;;;IAiD/F,uCAAuC,EAAC,OAAO,CAAC,aAAa,CAAC,CAAQ;IACrE,qCAAqC,IAAG,OAAO,CAAC,aAAa,CAAC;IAW/D,eAAe,EAAC,OAAO,CAAC,GAAG,CAAC,CAAQ;IACnC,aAAa,CAAC,OAAO,UAAQ;IAW9B,kBAAkB,EAAC,OAAO,CAAC,GAAG,CAAC,CAAQ;IAEhC,gBAAgB,CAAE,MAAM,GAAC,SAAgB;IAgBzC,YAAY,CAAC,MAAM,KAAA;IAInB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAQ9C,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAQpD,aAAa,EAAC,OAAO,CAAC,IAAI,CAAC,CAAQ;IAC7B,WAAW,CAAC,iBAAiB,GAAE,MAAM,GAAG,IAAI,GAAG,SAAqB,EAAE,MAAM,GAAE,SAAgB;CAUrG;AAED,eAAe,IAAI,CAAC"}
1
+ {"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["../src/oidc.ts"],"names":[],"mappings":"AAOA,OAAO,EAAgE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAMxG,OAAO,EAAC,sBAAsB,EAAE,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAC,MAAM,YAAY,CAAC;AAIvF,OAAO,EAAC,cAAc,EAAe,MAAM,YAAY,CAAC;AAKxD,eAAO,MAAM,eAAe,oBAE3B,CAAC;AAEF,MAAM,WAAW,yCAAyC;IACtD,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,MAAM,EAAC,MAAM,CAAC;CACjB;AAID,qBAAa,qCAAqC;IAC9C,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,qBAAqB,CAAS;IACtC,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,kBAAkB,CAAS;gBAEvB,OAAO,EAAE,GAAG;CAS3B;AAUD,MAAM,MAAM,aAAa,GAAG;IACxB,YAAY,EAAC,MAAM,CAAC;CACvB,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAChC,YAAY,EAAC,MAAM,CAAC;IACpB,YAAY,EAAC,MAAM,CAAC;CACvB,CAAA;AAYD,qBAAa,IAAI;IACN,aAAa,EAAE,iBAAiB,CAAC;IACjC,QAAQ,EAAE,IAAI,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;IAC1B,OAAO,CAAC,SAAS,CAAiB;IAC3B,iBAAiB,EAAE,MAAM,CAAC;IACjC,OAAO,CAAC,kBAAkB,CAAqB;IAC/C,OAAO,CAAC,QAAQ,CAAc;IAC9B,OAAO,CAAC,QAAQ,CAAiB;gBACrB,aAAa,EAAC,iBAAiB,EAAE,iBAAiB,QAAY,EAAE,QAAQ,EAAG,MAAM,KAAK,EAAE,QAAQ,GAAE,cAAmC;IA6CjJ,eAAe,CAAC,IAAI,KAAA,GAAE,MAAM;IAM5B,uBAAuB,CAAC,EAAE,KAAA,GAAG,IAAI;IAKjC,YAAY,CAAC,SAAS,KAAA,EAAE,IAAI,KAAA;IAM5B,MAAM,CAAC,WAAW,aAAe,MAAM,KAAK,YAAW,cAAc,gDAEnE;IAEF,MAAM,CAAC,GAAG,CAAC,IAAI,SAAY;IAS3B,MAAM,CAAC,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;MAAc;IAE/B,8BAA8B;IAQ9B,mCAAmC;IAQ7B,wBAAwB;IAU9B,WAAW,MAAQ;IACb,SAAS,CAAC,SAAS,EAAC,MAAM,EAAE,sBAAsB,EAAC,sBAAsB;IA4B/E,6BAA6B,MAAQ;IAC/B,2BAA2B,IAAI,OAAO,CAAC,OAAO,CAAC;IAkF/C,sBAAsB,CAAC,qBAAqB,KAAA,EAAE,QAAQ,KAAA,EAAE,YAAY,KAAA,EAAE,cAAc,UAAQ;IAIlG,YAAY,EAAE,OAAO,CAAC,IAAI,CAAC,CAAQ;IAC7B,UAAU,CAAC,YAAY,GAAC,MAAkB,EAAE,MAAM,GAAC,SAAgB,EAAE,cAAc,UAAQ,EAAE,KAAK,GAAC,MAAkB,EAAE,eAAe,UAAQ;IAcpJ,oBAAoB,EAAG,OAAO,CAAC,GAAG,CAAC,CAAQ;IACrC,kBAAkB,CAAC,aAAa,UAAQ;IA2BxC,sBAAsB,CAAC,YAAY,KAAA,EAAE,KAAK,QAAI,EAAE,YAAY,SAAQ,EAAE,MAAM,EAAC,SAAgB,EAAE,YAAY,KAAA;IAgK3G,6CAA6C,CAAC,WAAW,EAAC,MAAM,EAAE,GAAG,EAAC,MAAM,EAAE,MAAM,EAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAwB7G,mBAAmB,CAAC,aAAa,KAAA,EAAE,iBAAiB,KAAA,EAAE,aAAa,KAAA,EAAE,YAAY,UAAQ;;;;;;;IAiD/F,uCAAuC,EAAC,OAAO,CAAC,aAAa,CAAC,CAAQ;IACrE,qCAAqC,IAAG,OAAO,CAAC,aAAa,CAAC;IAW/D,eAAe,EAAC,OAAO,CAAC,GAAG,CAAC,CAAQ;IACnC,aAAa,CAAC,OAAO,UAAQ;IAW9B,kBAAkB,EAAC,OAAO,CAAC,GAAG,CAAC,CAAQ;IAEhC,gBAAgB,CAAE,MAAM,GAAC,SAAgB;IAgBzC,YAAY,CAAC,MAAM,KAAA;IAInB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAQ9C,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAQpD,aAAa,EAAC,OAAO,CAAC,IAAI,CAAC,CAAQ;IAC7B,WAAW,CAAC,iBAAiB,GAAE,MAAM,GAAG,IAAI,GAAG,SAAqB,EAAE,MAAM,GAAE,SAAgB;CAUrG;AAED,eAAe,IAAI,CAAC"}
package/dist/renewTokens.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"renewTokens.d.ts","sourceRoot":"","sources":["../src/renewTokens.ts"],"names":[],"mappings":";AAKA,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAqBvC,wBAAsB,6BAA6B,CAAC,IAAI,KAAA,EAAE,YAAY,KAAA,EAAE,YAAY,UAAQ,EAAE,MAAM,GAAC,SAAgB,gBAsBpH;AAED,eAAO,MAAM,eAAe,0DAA0C,SAAS,4BAQ9E,CAAC"}
1
+ {"version":3,"file":"renewTokens.d.ts","sourceRoot":"","sources":["../src/renewTokens.ts"],"names":[],"mappings":";AAKA,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAqBvC,wBAAsB,6BAA6B,CAAC,IAAI,KAAA,EAAE,YAAY,KAAA,EAAE,YAAY,UAAQ,EAAE,MAAM,GAAC,SAAgB,gBA+BpH;AAED,eAAO,MAAM,eAAe,0DAA0C,SAAS,4BAQ9E,CAAC"}
package/dist/version.d.ts CHANGED
@@ -1,3 +1,3 @@
1
- declare const _default: "7.13.7-alpha.1239";
1
+ declare const _default: "7.13.7";
2
2
  export default _default;
3
3
  //# sourceMappingURL=version.d.ts.map
package/dist/version.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../src/version.ts"],"names":[],"mappings":";AAAA,wBAAmC"}
1
+ {"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../src/version.ts"],"names":[],"mappings":";AAAA,wBAAwB"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@axa-fr/oidc-client",
3
- "version": "7.13.7-alpha.1239",
3
+ "version": "7.13.7",
4
4
  "private": false,
5
5
  "type": "module",
6
6
  "main": "./dist/index.umd.cjs",
@@ -20,7 +20,7 @@
20
20
  "url": "https://github.com/AxaFrance/oidc-client.git"
21
21
  },
22
22
  "dependencies": {
23
- "@axa-fr/oidc-client-service-worker": "7.13.7-alpha.1239"
23
+ "@axa-fr/oidc-client-service-worker": "7.13.7"
24
24
  },
25
25
  "devDependencies": {
26
26
  "@testing-library/dom": "^9.3.3",
package/src/oidc.ts CHANGED
@@ -112,7 +112,6 @@ export class Oidc {
112
112
  logout_tokens_to_invalidate: configuration.logout_tokens_to_invalidate ?? ['access_token', 'refresh_token'],
113
113
  service_worker_update_require_callback,
114
114
  service_worker_activate: configuration.service_worker_activate ?? activateServiceWorker,
115
- storage: configuration.storage ?? sessionStorage,
116
115
  };
117
116
 
118
117
  this.getFetch = getFetch ?? getFetchDefault;
package/src/renewTokens.ts CHANGED
@@ -31,20 +31,29 @@ export async function renewTokensAndStartTimerAsync(oidc, refreshToken, forceRef
31
31
 
32
32
  let tokens = null;
33
33
  const serviceWorker = await initWorkerAsync(oidc.configuration, oidc.configurationName);
34
- if(configuration.storage === window.sessionStorage && !serviceWorker) {
34
+ if(configuration?.storage === window?.sessionStorage && !serviceWorker) {
35
35
  tokens = await syncTokens(oidc, refreshToken, forceRefresh, extras);
36
36
  } else {
37
- tokens = await navigator.locks.request(lockResourcesName, { ifAvailable: true }, async (lock) => {
38
- oidc.publishEvent('Lock executed', lock);
39
- return await syncTokens(oidc, refreshToken, forceRefresh, extras);
37
+ const controller = new AbortController();
38
+ const timeout = Math.max(configuration.token_request_timeout??0, configuration.silent_login_timeout??0, 20000);
39
+ const timeoutId = timer.setTimeout(() => {
40
+ controller.abort();
41
+ }, timeout);
42
+ tokens = await navigator.locks.request(lockResourcesName, { signal: controller.signal }, async () => {
43
+ const tokens = await syncTokens(oidc, refreshToken, forceRefresh, extras);
44
+ timer.clearTimeout(timeoutId);
45
+ return tokens;
40
46
  });
41
47
  }
48
+
42
49
  if(!tokens){
43
50
  return null;
44
51
  }
52
+
45
53
  if (oidc.timeoutId) {
46
54
  oidc.timeoutId = autoRenewTokens(oidc, tokens.refreshToken, oidc.tokens.expiresAt, extras);
47
55
  }
56
+
48
57
  return oidc.tokens;
49
58
  }
50
59
 
package/src/version.ts CHANGED
@@ -1 +1 @@
1
- export default '7.13.7-alpha.1239';
1
+ export default '7.13.7';