@axa-fr/oidc-client 7.13.7 → 7.13.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/events.d.ts +1 -0
- package/dist/events.d.ts.map +1 -1
- package/dist/index.js +179 -178
- package/dist/index.umd.cjs +2 -2
- package/dist/oidc.d.ts +1 -0
- package/dist/oidc.d.ts.map +1 -1
- package/dist/oidcClient.d.ts +1 -0
- package/dist/oidcClient.d.ts.map +1 -1
- package/dist/renewTokens.d.ts.map +1 -1
- package/dist/requests.d.ts.map +1 -1
- package/dist/version.d.ts +1 -1
- package/package.json +2 -2
- package/src/events.ts +1 -0
- package/src/renewTokens.ts +29 -14
- package/src/requests.ts +0 -1
- package/src/version.ts +1 -1
package/dist/index.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
const
|
|
1
|
+
const L = console;
|
|
2
2
|
class Ie {
|
|
3
3
|
constructor(e, n, t, o = 2e3, i = !0) {
|
|
4
4
|
this._callback = e, this._client_id = n, this._url = t, this._interval = o || 2e3, this._stopOnError = i;
|
|
@@ -13,17 +13,17 @@ class Ie {
|
|
|
13
13
|
});
|
|
14
14
|
}
|
|
15
15
|
_message(e) {
|
|
16
|
-
e.origin === this._frame_origin && e.source === this._frame.contentWindow && (e.data === "error" ? (
|
|
16
|
+
e.origin === this._frame_origin && e.source === this._frame.contentWindow && (e.data === "error" ? (L.error("CheckSessionIFrame: error message from check session op iframe"), this._stopOnError && this.stop()) : e.data === "changed" ? (L.debug(e), L.debug("CheckSessionIFrame: changed message from check session op iframe"), this.stop(), this._callback()) : L.debug("CheckSessionIFrame: " + e.data + " message from check session op iframe"));
|
|
17
17
|
}
|
|
18
18
|
start(e) {
|
|
19
|
-
|
|
19
|
+
L.debug("CheckSessionIFrame.start :" + e), this.stop();
|
|
20
20
|
const n = () => {
|
|
21
21
|
this._frame.contentWindow.postMessage(this._client_id + " " + e, this._frame_origin);
|
|
22
22
|
};
|
|
23
23
|
n(), this._timer = window.setInterval(n, this._interval);
|
|
24
24
|
}
|
|
25
25
|
stop() {
|
|
26
|
-
this._timer && (
|
|
26
|
+
this._timer && (L.debug("CheckSessionIFrame.stop"), window.clearInterval(this._timer), this._timer = null);
|
|
27
27
|
}
|
|
28
28
|
}
|
|
29
29
|
const m = {
|
|
@@ -51,6 +51,7 @@ const m = {
|
|
|
51
51
|
silentLoginAsync_end: "silentLoginAsync_end",
|
|
52
52
|
silentLoginAsync_error: "silentLoginAsync_error",
|
|
53
53
|
syncTokensAsync_begin: "syncTokensAsync_begin",
|
|
54
|
+
syncTokensAsync_lock_not_available: "syncTokensAsync_lock_not_available",
|
|
54
55
|
syncTokensAsync_end: "syncTokensAsync_end",
|
|
55
56
|
syncTokensAsync_error: "syncTokensAsync_error"
|
|
56
57
|
}, I = (s, e = sessionStorage) => {
|
|
@@ -100,7 +101,7 @@ const m = {
|
|
|
100
101
|
setDemonstratingProofOfPossessionJwkAsync: a,
|
|
101
102
|
getDemonstratingProofOfPossessionJwkAsync: u
|
|
102
103
|
};
|
|
103
|
-
}, Ce = (s) => decodeURIComponent(Array.prototype.map.call(atob(s), (e) => "%" + ("00" + e.charCodeAt(0).toString(16)).slice(-2)).join("")), xe = (s) => JSON.parse(Ce(s.split(".")[1].replace("-", "+").replace("_", "/"))),
|
|
104
|
+
}, Ce = (s) => decodeURIComponent(Array.prototype.map.call(atob(s), (e) => "%" + ("00" + e.charCodeAt(0).toString(16)).slice(-2)).join("")), xe = (s) => JSON.parse(Ce(s.split(".")[1].replace("-", "+").replace("_", "/"))), ce = (s) => {
|
|
104
105
|
try {
|
|
105
106
|
return s && Ne(s, ".") === 2 ? xe(s) : null;
|
|
106
107
|
} catch (e) {
|
|
@@ -120,13 +121,13 @@ function We(s, e, n) {
|
|
|
120
121
|
return e && e.iat ? e.iat : n && n.iat ? n.iat : (/* @__PURE__ */ new Date()).getTime() / 1e3;
|
|
121
122
|
return s.issuedAt;
|
|
122
123
|
}
|
|
123
|
-
const
|
|
124
|
+
const ne = (s, e = null, n) => {
|
|
124
125
|
if (!s)
|
|
125
126
|
return null;
|
|
126
127
|
let t;
|
|
127
128
|
const o = typeof s.expiresIn == "string" ? parseInt(s.expiresIn, 10) : s.expiresIn;
|
|
128
|
-
s.accessTokenPayload !== void 0 ? t = s.accessTokenPayload : t =
|
|
129
|
-
const i = s.idTokenPayload ? s.idTokenPayload :
|
|
129
|
+
s.accessTokenPayload !== void 0 ? t = s.accessTokenPayload : t = ce(s.accessToken);
|
|
130
|
+
const i = s.idTokenPayload ? s.idTokenPayload : ce(s.idToken), r = i && i.exp ? i.exp : Number.MAX_VALUE, c = t && t.exp ? t.exp : s.issuedAt + o;
|
|
130
131
|
s.issuedAt = We(s, t, i);
|
|
131
132
|
let a;
|
|
132
133
|
s.expiresAt ? a = s.expiresAt : n === Y.access_token_invalid ? a = c : n === Y.id_token_invalid ? a = r : a = r < c ? r : c;
|
|
@@ -136,7 +137,7 @@ const ye = (s, e = null, n) => {
|
|
|
136
137
|
return { ...u, refreshToken: f };
|
|
137
138
|
}
|
|
138
139
|
return u;
|
|
139
|
-
},
|
|
140
|
+
}, te = (s, e, n) => {
|
|
140
141
|
if (!s)
|
|
141
142
|
return null;
|
|
142
143
|
if (!s.issued_at) {
|
|
@@ -151,7 +152,7 @@ const ye = (s, e = null, n) => {
|
|
|
151
152
|
tokenType: s.token_type,
|
|
152
153
|
issuedAt: s.issued_at
|
|
153
154
|
};
|
|
154
|
-
return "refresh_token" in s && (t.refreshToken = s.refresh_token), s.accessTokenPayload !== void 0 && (t.accessTokenPayload = s.accessTokenPayload), s.idTokenPayload !== void 0 && (t.idTokenPayload = s.idTokenPayload),
|
|
155
|
+
return "refresh_token" in s && (t.refreshToken = s.refresh_token), s.accessTokenPayload !== void 0 && (t.accessTokenPayload = s.accessTokenPayload), s.idTokenPayload !== void 0 && (t.idTokenPayload = s.idTokenPayload), ne(t, e, n);
|
|
155
156
|
}, V = (s, e) => {
|
|
156
157
|
const n = (/* @__PURE__ */ new Date()).getTime() / 1e3, t = e - n;
|
|
157
158
|
return Math.round(t - s);
|
|
@@ -160,7 +161,7 @@ const ye = (s, e = null, n) => {
|
|
|
160
161
|
if (!s.tokens)
|
|
161
162
|
return null;
|
|
162
163
|
for (; !z(s.tokens) && t > 0; )
|
|
163
|
-
await
|
|
164
|
+
await $({ milliseconds: e }), t = t - 1;
|
|
164
165
|
return {
|
|
165
166
|
isTokensValid: z(s.tokens),
|
|
166
167
|
tokens: s.tokens,
|
|
@@ -181,7 +182,7 @@ const ye = (s, e = null, n) => {
|
|
|
181
182
|
return { isValid: !1, reason: `Nonce does not match (idTokenPayload nonce) ${t.nonce} !== (nonce) ${e}` };
|
|
182
183
|
}
|
|
183
184
|
return { isValid: !0, reason: "" };
|
|
184
|
-
},
|
|
185
|
+
}, M = function() {
|
|
185
186
|
const s = function() {
|
|
186
187
|
let a, u;
|
|
187
188
|
const f = (function() {
|
|
@@ -204,8 +205,8 @@ const ye = (s, e = null, n) => {
|
|
|
204
205
|
}
|
|
205
206
|
};
|
|
206
207
|
function y(_, g) {
|
|
207
|
-
const w = g.data[0],
|
|
208
|
-
h[w] && h[w](_,
|
|
208
|
+
const w = g.data[0], v = g.data[1], T = g.data[2];
|
|
209
|
+
h[w] && h[w](_, v, T);
|
|
209
210
|
}
|
|
210
211
|
this.onmessage = function(_) {
|
|
211
212
|
y(self, _);
|
|
@@ -281,13 +282,13 @@ const ye = (s, e = null, n) => {
|
|
|
281
282
|
setInterval: r,
|
|
282
283
|
clearInterval: c
|
|
283
284
|
};
|
|
284
|
-
}(),
|
|
285
|
-
let
|
|
286
|
-
const
|
|
285
|
+
}(), le = "7.13.9";
|
|
286
|
+
let ue = null, q;
|
|
287
|
+
const $ = ({ milliseconds: s }) => new Promise((e) => M.setTimeout(e, s)), ke = (s = "/") => {
|
|
287
288
|
try {
|
|
288
289
|
q = new AbortController(), fetch(`${s}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`, { signal: q.signal }).catch((t) => {
|
|
289
290
|
console.log(t);
|
|
290
|
-
}),
|
|
291
|
+
}), $({ milliseconds: 150 * 1e3 }).then(ke);
|
|
291
292
|
} catch (e) {
|
|
292
293
|
console.log(e);
|
|
293
294
|
}
|
|
@@ -302,7 +303,7 @@ const R = ({ milliseconds: s }) => new Promise((e) => W.setTimeout(e, s)), ke =
|
|
|
302
303
|
}), Re = (s) => async (e, n) => {
|
|
303
304
|
n(), await e.update();
|
|
304
305
|
const t = await e.unregister();
|
|
305
|
-
console.log(`Service worker unregistering ${t}`), await
|
|
306
|
+
console.log(`Service worker unregistering ${t}`), await $({ milliseconds: 2e3 }), s.reload();
|
|
306
307
|
}, b = (s) => (e) => new Promise(function(n, t) {
|
|
307
308
|
const o = new MessageChannel();
|
|
308
309
|
o.port1.onmessage = function(i) {
|
|
@@ -332,9 +333,9 @@ const R = ({ milliseconds: s }) => new Promise((e) => W.setTimeout(e, s)), ke =
|
|
|
332
333
|
},
|
|
333
334
|
configurationName: e
|
|
334
335
|
}), P = x.version;
|
|
335
|
-
return P !==
|
|
336
|
+
return P !== le && (console.warn(`Service worker ${P} version mismatch with js client version ${le}, unregistering and reloading`), await O.service_worker_update_require_callback(t, De)), { tokens: te(x.tokens, null, O.token_renew_mode), status: x.status };
|
|
336
337
|
}, r = (k = "/") => {
|
|
337
|
-
|
|
338
|
+
ue == null && (ue = "not_null", ke(k));
|
|
338
339
|
}, c = (k) => b(t)({ type: "setSessionState", data: { sessionState: k }, configurationName: e }), a = async () => (await b(t)({ type: "getSessionState", data: null, configurationName: e })).sessionState, u = (k) => (sessionStorage[`oidc.nonce.${e}`] = k.nonce, b(t)({ type: "setNonce", data: { nonce: k }, configurationName: e })), f = async () => {
|
|
339
340
|
let A = (await b(t)({ type: "getNonce", data: null, configurationName: e })).nonce;
|
|
340
341
|
return A || (A = sessionStorage[`oidc.nonce.${e}`], console.warn("nonce not found in service worker, using sessionStorage")), { nonce: A };
|
|
@@ -380,36 +381,36 @@ const R = ({ milliseconds: s }) => new Promise((e) => W.setTimeout(e, s)), ke =
|
|
|
380
381
|
}
|
|
381
382
|
};
|
|
382
383
|
};
|
|
383
|
-
async function
|
|
384
|
+
async function de(s, e, n, t) {
|
|
384
385
|
const o = (a) => {
|
|
385
386
|
s.tokens = a;
|
|
386
387
|
}, { tokens: i, status: r } = await s.synchroniseTokensAsync(e, 0, n, t, o);
|
|
387
388
|
return await E(s.configuration, s.configurationName) || await I(s.configurationName, s.configuration.storage).setTokens(s.tokens), s.tokens ? i : (await s.destroyAsync(r), null);
|
|
388
389
|
}
|
|
390
|
+
async function Fe(s, e) {
|
|
391
|
+
const n = await E(e, s.configurationName);
|
|
392
|
+
if (n) {
|
|
393
|
+
const t = await s.initAsync(e.authority, e.authority_configuration), { tokens: o } = await n.initAsync(t, "tryKeepExistingSessionAsync", e);
|
|
394
|
+
return o;
|
|
395
|
+
} else {
|
|
396
|
+
const t = I(s.configurationName, e.storage ?? sessionStorage);
|
|
397
|
+
let { tokens: o } = await t.initAsync();
|
|
398
|
+
return o = ne(o, s.tokens, e.token_renew_mode), o;
|
|
399
|
+
}
|
|
400
|
+
}
|
|
389
401
|
async function me(s, e, n = !1, t = null) {
|
|
390
402
|
const o = s.configuration, i = `${o.client_id}_${s.configurationName}_${o.authority}`;
|
|
391
|
-
let r
|
|
403
|
+
let r;
|
|
392
404
|
const c = await E(s.configuration, s.configurationName);
|
|
393
|
-
|
|
394
|
-
r = await ue(s, e, n, t);
|
|
395
|
-
else {
|
|
396
|
-
const a = new AbortController(), u = Math.max(o.token_request_timeout ?? 0, o.silent_login_timeout ?? 0, 2e4), f = W.setTimeout(() => {
|
|
397
|
-
a.abort();
|
|
398
|
-
}, u);
|
|
399
|
-
r = await navigator.locks.request(i, { signal: a.signal }, async () => {
|
|
400
|
-
const d = await ue(s, e, n, t);
|
|
401
|
-
return W.clearTimeout(f), d;
|
|
402
|
-
});
|
|
403
|
-
}
|
|
404
|
-
return r ? (s.timeoutId && (s.timeoutId = M(s, r.refreshToken, s.tokens.expiresAt, t)), s.tokens) : null;
|
|
405
|
+
return (o == null ? void 0 : o.storage) === (window == null ? void 0 : window.sessionStorage) && !c ? r = await de(s, e, n, t) : r = await navigator.locks.request(i, { ifAvailable: !0 }, async (a) => a ? await de(s, e, n, t) : (s.publishEvent(R.eventNames.syncTokensAsync_lock_not_available, { lock: "lock not available" }), await Fe(s, o))), r ? (s.timeoutId && (s.timeoutId = K(s, r.refreshToken, s.tokens.expiresAt, t)), s.tokens) : null;
|
|
405
406
|
}
|
|
406
|
-
const
|
|
407
|
+
const K = (s, e, n, t = null) => {
|
|
407
408
|
const o = s.configuration.refresh_time_before_tokens_expiration_in_second;
|
|
408
|
-
return
|
|
409
|
+
return M.setTimeout(async () => {
|
|
409
410
|
const r = { timeLeft: V(o, n) };
|
|
410
|
-
s.publishEvent(
|
|
411
|
+
s.publishEvent(R.eventNames.token_timer, r), await me(s, e, !1, t);
|
|
411
412
|
}, 1e3);
|
|
412
|
-
},
|
|
413
|
+
}, oe = (s, e, n) => (t = null, o = null, i = null) => {
|
|
413
414
|
if (!e.silent_redirect_uri || !e.silent_login_uri)
|
|
414
415
|
return Promise.resolve(null);
|
|
415
416
|
try {
|
|
@@ -424,12 +425,12 @@ const M = (s, e, n, t = null) => {
|
|
|
424
425
|
let h = !1;
|
|
425
426
|
window.onmessage = (_) => {
|
|
426
427
|
if (_.origin === u && _.source === f.contentWindow) {
|
|
427
|
-
const g = `${s}_oidc_tokens:`, w = `${s}_oidc_error:`,
|
|
428
|
-
if (
|
|
429
|
-
if (
|
|
428
|
+
const g = `${s}_oidc_tokens:`, w = `${s}_oidc_error:`, v = _.data;
|
|
429
|
+
if (v && typeof v == "string" && !h) {
|
|
430
|
+
if (v.startsWith(g)) {
|
|
430
431
|
const T = JSON.parse(_.data.replace(g, ""));
|
|
431
432
|
n(m.silentLoginAsync_end, {}), f.remove(), h = !0, d(T);
|
|
432
|
-
} else if (
|
|
433
|
+
} else if (v.startsWith(w)) {
|
|
433
434
|
const T = JSON.parse(_.data.replace(w, ""));
|
|
434
435
|
n(m.silentLoginAsync_error, T), f.remove(), h = !0, l(new Error("oidc_" + T.error));
|
|
435
436
|
}
|
|
@@ -447,11 +448,11 @@ const M = (s, e, n, t = null) => {
|
|
|
447
448
|
} catch (r) {
|
|
448
449
|
throw n(m.silentLoginAsync_error, r), r;
|
|
449
450
|
}
|
|
450
|
-
},
|
|
451
|
+
}, Ue = (s, e, n, t, o) => (i = null, r = void 0) => {
|
|
451
452
|
i = { ...i };
|
|
452
|
-
const c = (u, f, d) =>
|
|
453
|
+
const c = (u, f, d) => oe(e, n, t.bind(o))(u, f, d);
|
|
453
454
|
return (async () => {
|
|
454
|
-
o.timeoutId &&
|
|
455
|
+
o.timeoutId && M.clearTimeout(o.timeoutId);
|
|
455
456
|
let u;
|
|
456
457
|
i && "state" in i && (u = i.state, delete i.state);
|
|
457
458
|
try {
|
|
@@ -460,13 +461,13 @@ const M = (s, e, n, t = null) => {
|
|
|
460
461
|
prompt: "none"
|
|
461
462
|
}, u, r);
|
|
462
463
|
if (d)
|
|
463
|
-
return o.tokens = d.tokens, t(m.token_aquired, {}), o.timeoutId =
|
|
464
|
+
return o.tokens = d.tokens, t(m.token_aquired, {}), o.timeoutId = K(o, o.tokens.refreshToken, o.tokens.expiresAt, i), {};
|
|
464
465
|
} catch (f) {
|
|
465
466
|
return f;
|
|
466
467
|
}
|
|
467
468
|
})();
|
|
468
|
-
},
|
|
469
|
-
const c = (a, u = void 0, f = void 0) =>
|
|
469
|
+
}, Ve = (s, e, n) => (t, o, i, r = !1) => {
|
|
470
|
+
const c = (a, u = void 0, f = void 0) => oe(s.configurationName, n, s.publishEvent.bind(s))(a, u, f);
|
|
470
471
|
return new Promise((a, u) => {
|
|
471
472
|
if (n.silent_login_uri && n.silent_redirect_uri && n.monitor_session && t && i && !r) {
|
|
472
473
|
const f = () => {
|
|
@@ -501,20 +502,20 @@ const M = (s, e, n, t = null) => {
|
|
|
501
502
|
a(null);
|
|
502
503
|
});
|
|
503
504
|
};
|
|
504
|
-
var
|
|
505
|
-
for (var B = 0, Me =
|
|
506
|
-
C[B] =
|
|
507
|
-
function
|
|
505
|
+
var Ke = qe, C = [], fe = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
|
|
506
|
+
for (var B = 0, Me = fe.length; B < Me; ++B)
|
|
507
|
+
C[B] = fe[B];
|
|
508
|
+
function Je(s) {
|
|
508
509
|
return C[s >> 18 & 63] + C[s >> 12 & 63] + C[s >> 6 & 63] + C[s & 63];
|
|
509
510
|
}
|
|
510
|
-
function
|
|
511
|
+
function Be(s, e, n) {
|
|
511
512
|
for (var t, o = [], i = e; i < n; i += 3)
|
|
512
|
-
t = (s[i] << 16 & 16711680) + (s[i + 1] << 8 & 65280) + (s[i + 2] & 255), o.push(
|
|
513
|
+
t = (s[i] << 16 & 16711680) + (s[i + 1] << 8 & 65280) + (s[i + 2] & 255), o.push(Je(t));
|
|
513
514
|
return o.join("");
|
|
514
515
|
}
|
|
515
|
-
function
|
|
516
|
+
function qe(s) {
|
|
516
517
|
for (var e, n = s.length, t = n % 3, o = [], i = 16383, r = 0, c = n - t; r < c; r += i)
|
|
517
|
-
o.push(
|
|
518
|
+
o.push(Be(s, r, r + i > c ? c : r + i));
|
|
518
519
|
return t === 1 ? (e = s[n - 1], o.push(
|
|
519
520
|
C[e >> 2] + C[e << 4 & 63] + "=="
|
|
520
521
|
)) : t === 2 && (e = (s[n - 2] << 8) + s[n - 1], o.push(
|
|
@@ -524,23 +525,23 @@ function Be(s) {
|
|
|
524
525
|
const pe = () => {
|
|
525
526
|
const s = typeof window < "u" && !!window.crypto, e = s && !!window.crypto.subtle;
|
|
526
527
|
return { hasCrypto: s, hasSubtleCrypto: e };
|
|
527
|
-
}, Q = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
|
|
528
|
+
}, Q = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", je = (s) => {
|
|
528
529
|
const e = [];
|
|
529
530
|
for (let n = 0; n < s.byteLength; n += 1) {
|
|
530
531
|
const t = s[n] % Q.length;
|
|
531
532
|
e.push(Q[t]);
|
|
532
533
|
}
|
|
533
534
|
return e.join("");
|
|
534
|
-
},
|
|
535
|
+
}, He = (s) => Ke(new Uint8Array(s)).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, ""), Z = (s) => {
|
|
535
536
|
const e = new Uint8Array(s), { hasCrypto: n } = pe();
|
|
536
537
|
if (n)
|
|
537
538
|
window.crypto.getRandomValues(e);
|
|
538
539
|
else
|
|
539
540
|
for (let t = 0; t < s; t += 1)
|
|
540
541
|
e[t] = Math.random() * Q.length | 0;
|
|
541
|
-
return
|
|
542
|
+
return je(e);
|
|
542
543
|
};
|
|
543
|
-
function
|
|
544
|
+
function Ge(s) {
|
|
544
545
|
const e = new ArrayBuffer(s.length), n = new Uint8Array(e);
|
|
545
546
|
for (let t = 0; t < s.length; t++)
|
|
546
547
|
n[t] = s.charCodeAt(t);
|
|
@@ -548,34 +549,34 @@ function He(s) {
|
|
|
548
549
|
}
|
|
549
550
|
function we(s) {
|
|
550
551
|
return new Promise((e, n) => {
|
|
551
|
-
crypto.subtle.digest("SHA-256",
|
|
552
|
+
crypto.subtle.digest("SHA-256", Ge(s)).then((t) => e(He(new Uint8Array(t))), (t) => n(t));
|
|
552
553
|
});
|
|
553
554
|
}
|
|
554
|
-
const
|
|
555
|
+
const Xe = (s) => {
|
|
555
556
|
if (s.length < 43 || s.length > 128)
|
|
556
557
|
return Promise.reject(new Error("Invalid code length."));
|
|
557
558
|
const { hasSubtleCrypto: e } = pe();
|
|
558
559
|
return e ? we(s) : Promise.reject(new Error("window.crypto.subtle is unavailable."));
|
|
559
|
-
},
|
|
560
|
-
if (
|
|
560
|
+
}, D = {}, Ye = (s, e = window.sessionStorage, n) => {
|
|
561
|
+
if (!D[s] && e) {
|
|
561
562
|
const o = e.getItem(s);
|
|
562
|
-
o && (
|
|
563
|
+
o && (D[s] = JSON.parse(o));
|
|
563
564
|
}
|
|
564
565
|
const t = 1e3 * n;
|
|
565
|
-
return
|
|
566
|
-
},
|
|
566
|
+
return D[s] && D[s].timestamp + t > Date.now() ? D[s].result : null;
|
|
567
|
+
}, ze = (s, e, n = window.sessionStorage) => {
|
|
567
568
|
const t = Date.now();
|
|
568
|
-
|
|
569
|
-
},
|
|
570
|
-
const i = `${e}/.well-known/openid-configuration`, r = `oidc.server:${e}`, c =
|
|
569
|
+
D[s] = { result: e, timestamp: t }, n && n.setItem(s, JSON.stringify({ result: e, timestamp: t }));
|
|
570
|
+
}, Qe = 60 * 60, Ze = (s) => async (e, n = Qe, t = window.sessionStorage, o = 1e4) => {
|
|
571
|
+
const i = `${e}/.well-known/openid-configuration`, r = `oidc.server:${e}`, c = Ye(r, t, n);
|
|
571
572
|
if (c)
|
|
572
573
|
return new se(c);
|
|
573
|
-
const a = await
|
|
574
|
+
const a = await J(s)(i, {}, o);
|
|
574
575
|
if (a.status !== 200)
|
|
575
576
|
return null;
|
|
576
577
|
const u = await a.json();
|
|
577
|
-
return
|
|
578
|
-
},
|
|
578
|
+
return ze(r, u, t), new se(u);
|
|
579
|
+
}, J = (s) => async (e, n = {}, t = 1e4, o = 0) => {
|
|
579
580
|
let i;
|
|
580
581
|
try {
|
|
581
582
|
const r = new AbortController();
|
|
@@ -583,7 +584,7 @@ const Ge = (s) => {
|
|
|
583
584
|
} catch (r) {
|
|
584
585
|
if (r.name === "AbortError" || r.message === "Network request failed") {
|
|
585
586
|
if (o <= 1)
|
|
586
|
-
return await
|
|
587
|
+
return await J(s)(e, n, t, o + 1);
|
|
587
588
|
throw r;
|
|
588
589
|
} else
|
|
589
590
|
throw console.error(r.message), r;
|
|
@@ -592,7 +593,7 @@ const Ge = (s) => {
|
|
|
592
593
|
}, ee = {
|
|
593
594
|
refresh_token: "refresh_token",
|
|
594
595
|
access_token: "access_token"
|
|
595
|
-
},
|
|
596
|
+
}, he = (s) => async (e, n, t = ee.refresh_token, o, i = 1e4) => {
|
|
596
597
|
const r = {
|
|
597
598
|
token: n,
|
|
598
599
|
token_type_hint: t,
|
|
@@ -603,7 +604,7 @@ const Ge = (s) => {
|
|
|
603
604
|
c.push(`${d}=${l}`);
|
|
604
605
|
}
|
|
605
606
|
const a = c.join("&");
|
|
606
|
-
return (await
|
|
607
|
+
return (await J(s)(e, {
|
|
607
608
|
method: "POST",
|
|
608
609
|
headers: {
|
|
609
610
|
"Content-Type": "application/x-www-form-urlencoded;charset=UTF-8"
|
|
@@ -612,7 +613,7 @@ const Ge = (s) => {
|
|
|
612
613
|
}, i)).status !== 200 ? { success: !1 } : {
|
|
613
614
|
success: !0
|
|
614
615
|
};
|
|
615
|
-
},
|
|
616
|
+
}, es = (s) => async (e, n, t, o, i = {}, r, c = 1e4) => {
|
|
616
617
|
for (const [h, y] of Object.entries(t))
|
|
617
618
|
n[h] === void 0 && (n[h] = y);
|
|
618
619
|
const a = [];
|
|
@@ -620,7 +621,7 @@ const Ge = (s) => {
|
|
|
620
621
|
const y = encodeURIComponent(h), _ = encodeURIComponent(n[h]);
|
|
621
622
|
a.push(`${y}=${_}`);
|
|
622
623
|
}
|
|
623
|
-
const u = a.join("&"), f = await
|
|
624
|
+
const u = a.join("&"), f = await J(s)(e, {
|
|
624
625
|
method: "POST",
|
|
625
626
|
headers: {
|
|
626
627
|
"Content-Type": "application/x-www-form-urlencoded;charset=UTF-8",
|
|
@@ -634,26 +635,26 @@ const Ge = (s) => {
|
|
|
634
635
|
let l = null;
|
|
635
636
|
return f.headers.has(j) && (l = f.headers.get(j)), {
|
|
636
637
|
success: !0,
|
|
637
|
-
data:
|
|
638
|
+
data: te(d, o, r),
|
|
638
639
|
demonstratingProofOfPossessionNonce: l
|
|
639
640
|
};
|
|
640
|
-
},
|
|
641
|
+
}, ss = (s, e) => async (n, t) => {
|
|
641
642
|
t = t ? { ...t } : {};
|
|
642
|
-
const o = Z(128), i = await
|
|
643
|
+
const o = Z(128), i = await Xe(o);
|
|
643
644
|
await s.setCodeVerifierAsync(o), await s.setStateAsync(t.state), t.code_challenge = i, t.code_challenge_method = "S256";
|
|
644
645
|
let r = "";
|
|
645
646
|
if (t)
|
|
646
647
|
for (const [c, a] of Object.entries(t))
|
|
647
648
|
r === "" ? r += "?" : r += "&", r += `${c}=${encodeURIComponent(a)}`;
|
|
648
649
|
e.open(`${n}${r}`);
|
|
649
|
-
}, j = "DPoP-Nonce",
|
|
650
|
+
}, j = "DPoP-Nonce", ns = (s) => async (e, n, t, o, i = 1e4) => {
|
|
650
651
|
n = n ? { ...n } : {}, n.code_verifier = await s.getCodeVerifierAsync();
|
|
651
652
|
const r = [];
|
|
652
653
|
for (const d in n) {
|
|
653
654
|
const l = encodeURIComponent(d), h = encodeURIComponent(n[d]);
|
|
654
655
|
r.push(`${l}=${h}`);
|
|
655
656
|
}
|
|
656
|
-
const c = r.join("&"), a = await
|
|
657
|
+
const c = r.join("&"), a = await J(fetch)(e, {
|
|
657
658
|
method: "POST",
|
|
658
659
|
headers: {
|
|
659
660
|
"Content-Type": "application/x-www-form-urlencoded;charset=UTF-8",
|
|
@@ -670,7 +671,7 @@ const Ge = (s) => {
|
|
|
670
671
|
success: !0,
|
|
671
672
|
data: {
|
|
672
673
|
state: n.state,
|
|
673
|
-
tokens:
|
|
674
|
+
tokens: te(f, null, o),
|
|
674
675
|
demonstratingProofOfPossessionNonce: u
|
|
675
676
|
}
|
|
676
677
|
};
|
|
@@ -696,7 +697,7 @@ const Ge = (s) => {
|
|
|
696
697
|
search: n,
|
|
697
698
|
hash: t
|
|
698
699
|
};
|
|
699
|
-
},
|
|
700
|
+
}, vs = (s) => {
|
|
700
701
|
const e = Ae(s);
|
|
701
702
|
let { path: n } = e;
|
|
702
703
|
n.endsWith("/") && (n = n.slice(0, -1));
|
|
@@ -704,8 +705,8 @@ const Ge = (s) => {
|
|
|
704
705
|
return t === "#_=_" && (t = ""), t && (n += t), n;
|
|
705
706
|
}, H = (s) => {
|
|
706
707
|
const e = Ae(s), { search: n } = e;
|
|
707
|
-
return
|
|
708
|
-
},
|
|
708
|
+
return ts(n);
|
|
709
|
+
}, ts = (s) => {
|
|
709
710
|
const e = {};
|
|
710
711
|
let n, t, o;
|
|
711
712
|
const i = s.split("&");
|
|
@@ -713,13 +714,13 @@ const Ge = (s) => {
|
|
|
713
714
|
n = i[t].split("="), e[decodeURIComponent(n[0])] = decodeURIComponent(n[1]);
|
|
714
715
|
return e;
|
|
715
716
|
};
|
|
716
|
-
function
|
|
717
|
+
function ve(s) {
|
|
717
718
|
return new TextEncoder().encode(s);
|
|
718
719
|
}
|
|
719
|
-
function
|
|
720
|
+
function Se(s) {
|
|
720
721
|
return btoa(s).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+/g, "");
|
|
721
722
|
}
|
|
722
|
-
function
|
|
723
|
+
function os(s) {
|
|
723
724
|
return encodeURIComponent(s).replace(/%([0-9A-F]{2})/g, function(t, o) {
|
|
724
725
|
return String.fromCharCode(parseInt(o, 16));
|
|
725
726
|
});
|
|
@@ -728,10 +729,10 @@ function Te(s) {
|
|
|
728
729
|
let e = "";
|
|
729
730
|
return s.forEach(function(n) {
|
|
730
731
|
e += String.fromCharCode(n);
|
|
731
|
-
}),
|
|
732
|
+
}), Se(e);
|
|
732
733
|
}
|
|
733
|
-
function
|
|
734
|
-
return
|
|
734
|
+
function _e(s) {
|
|
735
|
+
return Se(os(s));
|
|
735
736
|
}
|
|
736
737
|
var be = {};
|
|
737
738
|
be.sign = (s, e, n, t = "dpop+jwt") => {
|
|
@@ -739,24 +740,24 @@ be.sign = (s, e, n, t = "dpop+jwt") => {
|
|
|
739
740
|
const o = {
|
|
740
741
|
// @ts-ignore
|
|
741
742
|
// JWT "headers" really means JWS "protected headers"
|
|
742
|
-
protected:
|
|
743
|
+
protected: _e(JSON.stringify(e)),
|
|
743
744
|
// @ts-ignore
|
|
744
745
|
// JWT "claims" are really a JSON-defined JWS "payload"
|
|
745
|
-
payload:
|
|
746
|
+
payload: _e(JSON.stringify(n))
|
|
746
747
|
}, i = {
|
|
747
748
|
name: "ECDSA",
|
|
748
749
|
namedCurve: "P-256",
|
|
749
750
|
hash: { name: "ES256" }
|
|
750
751
|
}, r = !0, c = ["sign"];
|
|
751
752
|
return window.crypto.subtle.importKey("jwk", s, i, r, c).then(function(a) {
|
|
752
|
-
const u =
|
|
753
|
+
const u = ve(o.protected + "." + o.payload), f = { name: "ECDSA", hash: { name: "SHA-256" } };
|
|
753
754
|
return window.crypto.subtle.sign(f, a, u).then(function(d) {
|
|
754
755
|
return o.signature = Te(new Uint8Array(d)), o.protected + "." + o.payload + "." + o.signature;
|
|
755
756
|
});
|
|
756
757
|
});
|
|
757
758
|
};
|
|
758
|
-
const
|
|
759
|
-
|
|
759
|
+
const ie = {};
|
|
760
|
+
ie.generate = function() {
|
|
760
761
|
const s = {
|
|
761
762
|
name: "ECDSA",
|
|
762
763
|
namedCurve: "P-256"
|
|
@@ -765,29 +766,29 @@ oe.generate = function() {
|
|
|
765
766
|
return window.crypto.subtle.exportKey("jwk", t.privateKey);
|
|
766
767
|
});
|
|
767
768
|
};
|
|
768
|
-
|
|
769
|
+
ie.neuter = function(s) {
|
|
769
770
|
const e = Object.assign({}, s);
|
|
770
771
|
return delete e.d, e.key_ops = ["verify"], e;
|
|
771
772
|
};
|
|
772
773
|
var Pe = {};
|
|
773
774
|
Pe.thumbprint = function(s) {
|
|
774
775
|
const e = '{"crv":"CRV","kty":"EC","x":"X","y":"Y"}'.replace("CRV", s.crv).replace("X", s.x).replace("Y", s.y);
|
|
775
|
-
return window.crypto.subtle.digest({ name: "SHA-256" },
|
|
776
|
+
return window.crypto.subtle.digest({ name: "SHA-256" }, ve(e)).then(function(n) {
|
|
776
777
|
return Te(new Uint8Array(n));
|
|
777
778
|
});
|
|
778
779
|
};
|
|
779
|
-
const
|
|
780
|
+
const is = function() {
|
|
780
781
|
const s = "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx", e = "0123456789abcdef";
|
|
781
782
|
let n = 0, t = "";
|
|
782
783
|
for (let o = 0; o < 36; o++)
|
|
783
784
|
s[o] !== "-" && s[o] !== "4" && (n = Math.random() * 16 | 0), s[o] === "x" ? t += e[n] : s[o] === "y" ? (n &= 3, n |= 8, t += e[n]) : t += s[o];
|
|
784
785
|
return t;
|
|
785
|
-
},
|
|
786
|
+
}, rs = () => ie.generate().then(function(s) {
|
|
786
787
|
return s;
|
|
787
788
|
}), Oe = (s, e = "POST", n, t = {}) => {
|
|
788
789
|
const o = {
|
|
789
790
|
// https://www.rfc-editor.org/rfc/rfc9449.html#name-concept
|
|
790
|
-
jit: btoa(
|
|
791
|
+
jit: btoa(is()),
|
|
791
792
|
htm: e,
|
|
792
793
|
htu: n,
|
|
793
794
|
iat: Math.round(Date.now() / 1e3),
|
|
@@ -800,7 +801,7 @@ const os = function() {
|
|
|
800
801
|
return r;
|
|
801
802
|
});
|
|
802
803
|
});
|
|
803
|
-
},
|
|
804
|
+
}, as = (s, e, n, t, o) => (i = void 0, r = null, c = !1, a = void 0) => {
|
|
804
805
|
const u = r;
|
|
805
806
|
return r = { ...r }, (async () => {
|
|
806
807
|
const d = i || o.getPath();
|
|
@@ -820,19 +821,19 @@ const os = function() {
|
|
|
820
821
|
const T = I(s, e.storage ?? sessionStorage);
|
|
821
822
|
T.setLoginParams({ callbackPath: d, extras: u }), await T.setNonceAsync(y), w = T;
|
|
822
823
|
}
|
|
823
|
-
const
|
|
824
|
+
const v = {
|
|
824
825
|
client_id: e.client_id,
|
|
825
826
|
redirect_uri: l,
|
|
826
827
|
scope: a,
|
|
827
828
|
response_type: "code",
|
|
828
829
|
...h
|
|
829
830
|
};
|
|
830
|
-
await
|
|
831
|
+
await ss(w, o)(g.authorizationEndpoint, v);
|
|
831
832
|
} catch (l) {
|
|
832
833
|
throw n(m.loginAsync_error, l), l;
|
|
833
834
|
}
|
|
834
835
|
})();
|
|
835
|
-
},
|
|
836
|
+
}, cs = (s) => async (e = !1) => {
|
|
836
837
|
try {
|
|
837
838
|
s.publishEvent(m.loginCallbackAsync_begin, {});
|
|
838
839
|
const n = s.configuration, t = n.client_id, o = e ? n.silent_redirect_uri : n.redirect_uri, i = n.authority, r = n.token_request_timeout, c = await s.initAsync(i, n.authority_configuration), a = s.location.getCurrentHref(), f = H(a).session_state, d = await E(n, s.configurationName);
|
|
@@ -840,8 +841,8 @@ const os = function() {
|
|
|
840
841
|
if (d)
|
|
841
842
|
await d.initAsync(c, "loginCallbackAsync", n), await d.setSessionStateAsync(f), h = await d.getNonceAsync(), y = d.getLoginParams(), _ = await d.getStateAsync(), d.startKeepAliveServiceWorker(), l = d;
|
|
842
843
|
else {
|
|
843
|
-
const
|
|
844
|
-
await
|
|
844
|
+
const S = I(s.configurationName, n.storage ?? sessionStorage);
|
|
845
|
+
await S.setSessionStateAsync(f), h = await S.getNonceAsync(), y = S.getLoginParams(), _ = await S.getStateAsync(), l = S;
|
|
845
846
|
}
|
|
846
847
|
const g = H(a);
|
|
847
848
|
if (g.iss && g.iss !== c.issuer)
|
|
@@ -853,21 +854,21 @@ const os = function() {
|
|
|
853
854
|
grant_type: "authorization_code",
|
|
854
855
|
client_id: n.client_id,
|
|
855
856
|
redirect_uri: o
|
|
856
|
-
},
|
|
857
|
+
}, v = {};
|
|
857
858
|
if (n.token_request_extras)
|
|
858
|
-
for (const [
|
|
859
|
-
S
|
|
859
|
+
for (const [S, W] of Object.entries(n.token_request_extras))
|
|
860
|
+
v[S] = W;
|
|
860
861
|
if (y && y.extras)
|
|
861
|
-
for (const [
|
|
862
|
-
|
|
862
|
+
for (const [S, W] of Object.entries(y.extras))
|
|
863
|
+
S.endsWith(":token_request") && (v[S.replace(":token_request", "")] = W);
|
|
863
864
|
const T = c.tokenEndpoint, F = {};
|
|
864
865
|
if (n.demonstrating_proof_of_possession) {
|
|
865
|
-
const
|
|
866
|
-
d ? await d.setDemonstratingProofOfPossessionJwkAsync(
|
|
866
|
+
const S = await rs();
|
|
867
|
+
d ? await d.setDemonstratingProofOfPossessionJwkAsync(S) : await I(s.configurationName, n.storage).setDemonstratingProofOfPossessionJwkAsync(S), F.DPoP = await Oe(S, "POST", T);
|
|
867
868
|
}
|
|
868
|
-
const p = await
|
|
869
|
+
const p = await ns(l)(
|
|
869
870
|
T,
|
|
870
|
-
{ ...w, ...
|
|
871
|
+
{ ...w, ...v },
|
|
871
872
|
F,
|
|
872
873
|
s.configuration.token_renew_mode,
|
|
873
874
|
r
|
|
@@ -876,7 +877,7 @@ const os = function() {
|
|
|
876
877
|
throw new Error("Token request failed");
|
|
877
878
|
let k;
|
|
878
879
|
const A = p.data.tokens, O = p.data.demonstratingProofOfPossessionNonce;
|
|
879
|
-
if (p.data.state !==
|
|
880
|
+
if (p.data.state !== v.state)
|
|
880
881
|
throw new Error("state is not valid");
|
|
881
882
|
const { isValid: x, reason: P } = ge(A, h.nonce, c);
|
|
882
883
|
if (!x)
|
|
@@ -890,8 +891,8 @@ const os = function() {
|
|
|
890
891
|
if (d)
|
|
891
892
|
await d.initAsync(o, "syncTokensAsync", n), k = d.getLoginParams(), O && await d.setDemonstratingProofOfPossessionNonce(O);
|
|
892
893
|
else {
|
|
893
|
-
const
|
|
894
|
-
k =
|
|
894
|
+
const S = I(s.configurationName, n.storage);
|
|
895
|
+
k = S.getLoginParams(), O && await S.setDemonstratingProofOfPossessionNonce(O);
|
|
895
896
|
}
|
|
896
897
|
return await s.startCheckSessionAsync(c.checkSessionIframe, t, f, e), s.publishEvent(m.loginCallbackAsync_end, {}), {
|
|
897
898
|
tokens: A,
|
|
@@ -901,14 +902,14 @@ const os = function() {
|
|
|
901
902
|
} catch (n) {
|
|
902
903
|
throw console.error(n), s.publishEvent(m.loginCallbackAsync_error, n), n;
|
|
903
904
|
}
|
|
904
|
-
},
|
|
905
|
+
}, ye = {
|
|
905
906
|
access_token: "access_token",
|
|
906
907
|
refresh_token: "refresh_token"
|
|
907
|
-
},
|
|
908
|
-
|
|
908
|
+
}, ls = (s) => async (e) => {
|
|
909
|
+
M.clearTimeout(s.timeoutId), s.timeoutId = null, s.checkSessionIFrame && s.checkSessionIFrame.stop();
|
|
909
910
|
const n = await E(s.configuration, s.configurationName);
|
|
910
911
|
n ? await n.clearAsync(e) : await I(s.configurationName, s.configuration.storage).clearAsync(e), s.tokens = null, s.userInfo = null;
|
|
911
|
-
},
|
|
912
|
+
}, us = (s, e, n, t, o) => async (i = void 0, r = null) => {
|
|
912
913
|
const c = s.configuration, a = await s.initAsync(c.authority, c.authority_configuration);
|
|
913
914
|
i && typeof i != "string" && (i = void 0, t.warn("callbackPathOrUrl path is not a string"));
|
|
914
915
|
const u = i ?? o.getPath();
|
|
@@ -919,14 +920,14 @@ const os = function() {
|
|
|
919
920
|
const y = a.revocationEndpoint;
|
|
920
921
|
if (y) {
|
|
921
922
|
const _ = [], g = s.tokens ? s.tokens.accessToken : null;
|
|
922
|
-
if (g && c.logout_tokens_to_invalidate.includes(
|
|
923
|
-
const
|
|
924
|
-
_.push(
|
|
923
|
+
if (g && c.logout_tokens_to_invalidate.includes(ye.access_token)) {
|
|
924
|
+
const v = he(n)(y, g, ee.access_token, c.client_id);
|
|
925
|
+
_.push(v);
|
|
925
926
|
}
|
|
926
927
|
const w = s.tokens ? s.tokens.refreshToken : null;
|
|
927
|
-
if (w && c.logout_tokens_to_invalidate.includes(
|
|
928
|
-
const
|
|
929
|
-
_.push(
|
|
928
|
+
if (w && c.logout_tokens_to_invalidate.includes(ye.refresh_token)) {
|
|
929
|
+
const v = he(n)(y, w, ee.refresh_token, c.client_id);
|
|
930
|
+
_.push(v);
|
|
930
931
|
}
|
|
931
932
|
_.length > 0 && await Promise.all(_);
|
|
932
933
|
}
|
|
@@ -948,11 +949,11 @@ const os = function() {
|
|
|
948
949
|
o.open(`${a.endSessionEndpoint}${y}`);
|
|
949
950
|
} else
|
|
950
951
|
o.reload();
|
|
951
|
-
},
|
|
952
|
+
}, ds = (s) => async (e = !1) => {
|
|
952
953
|
if (s.userInfo != null && !e)
|
|
953
954
|
return s.userInfo;
|
|
954
955
|
for (; s.tokens && !z(s.tokens); )
|
|
955
|
-
await
|
|
956
|
+
await $({ milliseconds: 200 });
|
|
956
957
|
if (!s.tokens)
|
|
957
958
|
return null;
|
|
958
959
|
const n = s.tokens.accessToken;
|
|
@@ -986,7 +987,7 @@ class G {
|
|
|
986
987
|
return window.origin;
|
|
987
988
|
}
|
|
988
989
|
}
|
|
989
|
-
const
|
|
990
|
+
const fs = (s) => !!(s.os === "iOS" && s.osVersion.startsWith("12") || s.os === "Mac OS X" && s.osVersion.startsWith("10_15_6")), hs = (s) => {
|
|
990
991
|
const e = s.appVersion, n = s.userAgent, t = "-";
|
|
991
992
|
let o = t;
|
|
992
993
|
const i = [
|
|
@@ -1043,7 +1044,7 @@ const ds = (s) => !!(s.os === "iOS" && s.osVersion.startsWith("12") || s.os ===
|
|
|
1043
1044
|
osVersion: r
|
|
1044
1045
|
};
|
|
1045
1046
|
};
|
|
1046
|
-
function
|
|
1047
|
+
function _s() {
|
|
1047
1048
|
const s = navigator.userAgent;
|
|
1048
1049
|
let e, n = s.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i) || [];
|
|
1049
1050
|
if (/trident/i.test(n[1]))
|
|
@@ -1061,22 +1062,22 @@ function hs() {
|
|
|
1061
1062
|
version: n[1]
|
|
1062
1063
|
};
|
|
1063
1064
|
}
|
|
1064
|
-
const
|
|
1065
|
-
const { name: s, version: e } =
|
|
1065
|
+
const ys = () => {
|
|
1066
|
+
const { name: s, version: e } = _s();
|
|
1066
1067
|
if (s === "chrome" && parseInt(e) <= 70 || s === "opera" && (!e || parseInt(e.split(".")[0]) < 80) || s === "ie")
|
|
1067
1068
|
return !1;
|
|
1068
|
-
const n =
|
|
1069
|
-
return !
|
|
1070
|
-
},
|
|
1069
|
+
const n = hs(navigator);
|
|
1070
|
+
return !fs(n);
|
|
1071
|
+
}, gs = () => fetch;
|
|
1071
1072
|
class se {
|
|
1072
1073
|
constructor(e) {
|
|
1073
1074
|
this.authorizationEndpoint = e.authorization_endpoint, this.tokenEndpoint = e.token_endpoint, this.revocationEndpoint = e.revocation_endpoint, this.userInfoEndpoint = e.userinfo_endpoint, this.checkSessionIframe = e.check_session_iframe, this.issuer = e.issuer, this.endSessionEndpoint = e.end_session_endpoint;
|
|
1074
1075
|
}
|
|
1075
1076
|
}
|
|
1076
|
-
const N = {},
|
|
1077
|
+
const N = {}, ks = (s, e = new G()) => (n, t = "default") => (N[t] || (N[t] = new R(n, t, s, e)), N[t]), ms = async (s) => {
|
|
1077
1078
|
const { parsedTokens: e, callbackPath: n } = await s.loginCallbackAsync();
|
|
1078
|
-
return s.timeoutId =
|
|
1079
|
-
},
|
|
1079
|
+
return s.timeoutId = K(s, e.refreshToken, e.expiresAt), { callbackPath: n };
|
|
1080
|
+
}, ps = (s) => Math.floor(Math.random() * s), re = class U {
|
|
1080
1081
|
constructor(e, n = "default", t, o = new G()) {
|
|
1081
1082
|
this.initPromise = null, this.tryKeepExistingSessionPromise = null, this.loginPromise = null, this.loginCallbackPromise = null, this.loginCallbackWithAutoTokensRenewPromise = null, this.userInfoPromise = null, this.renewTokensPromise = null, this.logoutPromise = null;
|
|
1082
1083
|
let i = e.silent_login_uri;
|
|
@@ -1095,11 +1096,11 @@ const N = {}, gs = (s, e = new G()) => (n, t = "default") => (N[t] || (N[t] = ne
|
|
|
1095
1096
|
authority_timeout_wellknowurl_in_millisecond: e.authority_timeout_wellknowurl_in_millisecond ?? 1e4,
|
|
1096
1097
|
logout_tokens_to_invalidate: e.logout_tokens_to_invalidate ?? ["access_token", "refresh_token"],
|
|
1097
1098
|
service_worker_update_require_callback: c,
|
|
1098
|
-
service_worker_activate: e.service_worker_activate ??
|
|
1099
|
-
}, this.getFetch = t ??
|
|
1099
|
+
service_worker_activate: e.service_worker_activate ?? ys
|
|
1100
|
+
}, this.getFetch = t ?? gs, this.configurationName = n, this.tokens = null, this.userInfo = null, this.events = [], this.timeoutId = null, this.synchroniseTokensAsync.bind(this), this.loginCallbackWithAutoTokensRenewAsync.bind(this), this.initAsync.bind(this), this.loginCallbackAsync.bind(this), this.subscribeEvents.bind(this), this.removeEventSubscription.bind(this), this.publishEvent.bind(this), this.destroyAsync.bind(this), this.logoutAsync.bind(this), this.renewTokensAsync.bind(this), this.initAsync(this.configuration.authority, this.configuration.authority_configuration);
|
|
1100
1101
|
}
|
|
1101
1102
|
subscribeEvents(e) {
|
|
1102
|
-
const n =
|
|
1103
|
+
const n = ps(9999999999999).toString();
|
|
1103
1104
|
return this.events.push({ id: n, func: e }), n;
|
|
1104
1105
|
}
|
|
1105
1106
|
removeEventSubscription(e) {
|
|
@@ -1152,7 +1153,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1152
1153
|
issuer: n.issuer
|
|
1153
1154
|
});
|
|
1154
1155
|
const i = await E(this.configuration, this.configurationName) ? window.localStorage : null;
|
|
1155
|
-
return await
|
|
1156
|
+
return await Ze(this.getFetch())(e, this.configuration.authority_time_cache_wellknowurl_in_second ?? 60 * 60, i, this.configuration.authority_timeout_wellknowurl_in_millisecond);
|
|
1156
1157
|
};
|
|
1157
1158
|
return this.initPromise = t(), this.initPromise.then((o) => (this.initPromise = null, o));
|
|
1158
1159
|
}
|
|
@@ -1171,7 +1172,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1171
1172
|
if (i) {
|
|
1172
1173
|
n.startKeepAliveServiceWorker(), this.tokens = i;
|
|
1173
1174
|
const r = n.getLoginParams(this.configurationName);
|
|
1174
|
-
this.timeoutId =
|
|
1175
|
+
this.timeoutId = K(this, this.tokens.refreshToken, this.tokens.expiresAt, r.extras);
|
|
1175
1176
|
const c = await n.getSessionStateAsync();
|
|
1176
1177
|
return await this.startCheckSessionAsync(o.check_session_iframe, t.client_id, c), this.publishEvent(m.tryKeepExistingSessionAsync_end, {
|
|
1177
1178
|
success: !0,
|
|
@@ -1188,9 +1189,9 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1188
1189
|
});
|
|
1189
1190
|
const i = I(this.configurationName, t.storage ?? sessionStorage), { tokens: r } = await i.initAsync();
|
|
1190
1191
|
if (r) {
|
|
1191
|
-
this.tokens =
|
|
1192
|
+
this.tokens = ne(r, null, t.token_renew_mode);
|
|
1192
1193
|
const c = i.getLoginParams();
|
|
1193
|
-
this.timeoutId =
|
|
1194
|
+
this.timeoutId = K(this, r.refreshToken, this.tokens.expiresAt, c.extras);
|
|
1194
1195
|
const a = await i.getSessionStateAsync();
|
|
1195
1196
|
return await this.startCheckSessionAsync(o.check_session_iframe, t.client_id, a), this.publishEvent(m.tryKeepExistingSessionAsync_end, {
|
|
1196
1197
|
success: !0,
|
|
@@ -1209,29 +1210,29 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1209
1210
|
return this.tryKeepExistingSessionPromise = e(), this.tryKeepExistingSessionPromise.then((n) => (this.tryKeepExistingSessionPromise = null, n));
|
|
1210
1211
|
}
|
|
1211
1212
|
async startCheckSessionAsync(e, n, t, o = !1) {
|
|
1212
|
-
await
|
|
1213
|
+
await Ve(this, N, this.configuration)(e, n, t, o);
|
|
1213
1214
|
}
|
|
1214
1215
|
async loginAsync(e = void 0, n = null, t = !1, o = void 0, i = !1) {
|
|
1215
|
-
return this.loginPromise !== null ? this.loginPromise : i ?
|
|
1216
|
+
return this.loginPromise !== null ? this.loginPromise : i ? Ue(window, this.configurationName, this.configuration, this.publishEvent.bind(this), this)(n, o) : (this.loginPromise = as(this.configurationName, this.configuration, this.publishEvent.bind(this), this.initAsync.bind(this), this.location)(e, n, t, o), this.loginPromise.then((r) => (this.loginPromise = null, r)));
|
|
1216
1217
|
}
|
|
1217
1218
|
async loginCallbackAsync(e = !1) {
|
|
1218
1219
|
if (this.loginCallbackPromise !== null)
|
|
1219
1220
|
return this.loginCallbackPromise;
|
|
1220
1221
|
const n = async () => {
|
|
1221
|
-
const t = await
|
|
1222
|
+
const t = await cs(this)(e), o = t.tokens;
|
|
1222
1223
|
return this.tokens = o, await E(this.configuration, this.configurationName) || I(this.configurationName, this.configuration.storage).setTokens(o), this.publishEvent(U.eventNames.token_aquired, o), { parsedTokens: o, state: t.state, callbackPath: t.callbackPath };
|
|
1223
1224
|
};
|
|
1224
1225
|
return this.loginCallbackPromise = n(), this.loginCallbackPromise.then((t) => (this.loginCallbackPromise = null, t));
|
|
1225
1226
|
}
|
|
1226
1227
|
async synchroniseTokensAsync(e, n = 0, t = !1, o = null, i) {
|
|
1227
1228
|
for (; !navigator.onLine && document.hidden; )
|
|
1228
|
-
await
|
|
1229
|
+
await $({ milliseconds: 1e3 }), this.publishEvent(m.refreshTokensAsync, { message: "wait because navigator is offline and hidden" });
|
|
1229
1230
|
let r = 6;
|
|
1230
1231
|
for (; !navigator.onLine && r > 0; )
|
|
1231
|
-
await
|
|
1232
|
+
await $({ milliseconds: 1e3 }), r--, this.publishEvent(m.refreshTokensAsync, { message: `wait because navigator is offline try ${r}` });
|
|
1232
1233
|
const a = document.hidden ? n : n + 1;
|
|
1233
1234
|
o || (o = {});
|
|
1234
|
-
const u = this.configuration, f = (l, h, y = null) =>
|
|
1235
|
+
const u = this.configuration, f = (l, h, y = null) => oe(this.configurationName, this.configuration, this.publishEvent.bind(this))(l, h, y), d = async () => {
|
|
1235
1236
|
try {
|
|
1236
1237
|
let l;
|
|
1237
1238
|
const h = await E(u, this.configurationName);
|
|
@@ -1280,7 +1281,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1280
1281
|
refresh_token: h.refreshToken
|
|
1281
1282
|
}, k = await this.initAsync(w, u.authority_configuration), A = document.hidden ? 1e4 : 3e4 * 10, O = k.tokenEndpoint, x = {};
|
|
1282
1283
|
u.demonstrating_proof_of_possession && (x.DPoP = await this.generateDemonstrationOfProofOfPossessionAsync(h.accessToken, O, "POST"));
|
|
1283
|
-
const P = await
|
|
1284
|
+
const P = await es(this.getFetch())(
|
|
1284
1285
|
O,
|
|
1285
1286
|
p,
|
|
1286
1287
|
T,
|
|
@@ -1290,12 +1291,12 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1290
1291
|
A
|
|
1291
1292
|
);
|
|
1292
1293
|
if (P.success) {
|
|
1293
|
-
const { isValid:
|
|
1294
|
-
if (!
|
|
1295
|
-
return i(null), this.publishEvent(m.refreshTokensAsync_error, { message: `refresh token return not valid tokens, reason: ${
|
|
1294
|
+
const { isValid: S, reason: W } = ge(P.data, y.nonce, k);
|
|
1295
|
+
if (!S)
|
|
1296
|
+
return i(null), this.publishEvent(m.refreshTokensAsync_error, { message: `refresh token return not valid tokens, reason: ${W}` }), { tokens: null, status: "SESSION_LOST" };
|
|
1296
1297
|
if (i(P.data), P.demonstratingProofOfPossessionNonce) {
|
|
1297
|
-
const
|
|
1298
|
-
|
|
1298
|
+
const ae = await E(u, this.configurationName);
|
|
1299
|
+
ae ? await ae.setDemonstratingProofOfPossessionNonce(P.demonstratingProofOfPossessionNonce) : await I(this.configurationName, u.storage).setDemonstratingProofOfPossessionNonce(P.demonstratingProofOfPossessionNonce);
|
|
1299
1300
|
}
|
|
1300
1301
|
return this.publishEvent(m.refreshTokensAsync_end, { success: P.success }), this.publishEvent(U.eventNames.token_renewed, { reason: "REFRESH_TOKEN" }), { tokens: P.data, status: "LOGGED_IN" };
|
|
1301
1302
|
} else
|
|
@@ -1357,19 +1358,19 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1357
1358
|
return o ? { tokens: t, status: "FORCE_REFRESH", nonce: r } : { tokens: t, status: f, nonce: r };
|
|
1358
1359
|
}
|
|
1359
1360
|
loginCallbackWithAutoTokensRenewAsync() {
|
|
1360
|
-
return this.loginCallbackWithAutoTokensRenewPromise !== null ? this.loginCallbackWithAutoTokensRenewPromise : (this.loginCallbackWithAutoTokensRenewPromise =
|
|
1361
|
+
return this.loginCallbackWithAutoTokensRenewPromise !== null ? this.loginCallbackWithAutoTokensRenewPromise : (this.loginCallbackWithAutoTokensRenewPromise = ms(this), this.loginCallbackWithAutoTokensRenewPromise.then((e) => (this.loginCallbackWithAutoTokensRenewPromise = null, e)));
|
|
1361
1362
|
}
|
|
1362
1363
|
userInfoAsync(e = !1) {
|
|
1363
|
-
return this.userInfoPromise !== null ? this.userInfoPromise : (this.userInfoPromise =
|
|
1364
|
+
return this.userInfoPromise !== null ? this.userInfoPromise : (this.userInfoPromise = ds(this)(e), this.userInfoPromise.then((n) => (this.userInfoPromise = null, n)));
|
|
1364
1365
|
}
|
|
1365
1366
|
async renewTokensAsync(e = null) {
|
|
1366
1367
|
if (this.renewTokensPromise !== null)
|
|
1367
1368
|
return this.renewTokensPromise;
|
|
1368
1369
|
if (this.timeoutId)
|
|
1369
|
-
return
|
|
1370
|
+
return M.clearTimeout(this.timeoutId), this.renewTokensPromise = me(this, this.tokens.refreshToken, !0, e), this.renewTokensPromise.then((n) => (this.renewTokensPromise = null, n));
|
|
1370
1371
|
}
|
|
1371
1372
|
async destroyAsync(e) {
|
|
1372
|
-
return await
|
|
1373
|
+
return await ls(this)(e);
|
|
1373
1374
|
}
|
|
1374
1375
|
async logoutSameTabAsync(e, n) {
|
|
1375
1376
|
this.configuration.monitor_session && this.configuration.client_id === e && n && this.tokens && this.tokens.idTokenPayload && this.tokens.idTokenPayload.sub === n && (this.publishEvent(m.logout_from_same_tab, { message: n }), await this.destroyAsync("LOGGED_OUT"));
|
|
@@ -1378,13 +1379,13 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1378
1379
|
this.configuration.monitor_session && this.configuration.client_id === e && n && this.tokens && this.tokens.idTokenPayload && this.tokens.idTokenPayload.sub === n && (await this.destroyAsync("LOGGED_OUT"), this.publishEvent(m.logout_from_another_tab, { message: "SessionMonitor", sub: n }));
|
|
1379
1380
|
}
|
|
1380
1381
|
async logoutAsync(e = void 0, n = null) {
|
|
1381
|
-
return this.logoutPromise ? this.logoutPromise : (this.logoutPromise =
|
|
1382
|
+
return this.logoutPromise ? this.logoutPromise : (this.logoutPromise = us(this, N, this.getFetch(), console, this.location)(e, n), this.logoutPromise.then((t) => (this.logoutPromise = null, t)));
|
|
1382
1383
|
}
|
|
1383
1384
|
};
|
|
1384
|
-
|
|
1385
|
-
|
|
1386
|
-
let
|
|
1387
|
-
const
|
|
1385
|
+
re.getOrCreate = (s, e) => (n, t = "default") => ks(s, e)(n, t);
|
|
1386
|
+
re.eventNames = m;
|
|
1387
|
+
let R = re;
|
|
1388
|
+
const ws = (s, e) => async (...n) => {
|
|
1388
1389
|
var l;
|
|
1389
1390
|
const [t, o, ...i] = n, r = o ? { ...o } : { method: "GET" };
|
|
1390
1391
|
let c = new Headers();
|
|
@@ -1414,7 +1415,7 @@ const ps = (s, e) => async (...n) => {
|
|
|
1414
1415
|
this._oidc.publishEvent(e, n);
|
|
1415
1416
|
}
|
|
1416
1417
|
static get(e = "default") {
|
|
1417
|
-
return new Ee(
|
|
1418
|
+
return new Ee(R.get(e));
|
|
1418
1419
|
}
|
|
1419
1420
|
tryKeepExistingSessionAsync() {
|
|
1420
1421
|
return this._oidc.tryKeepExistingSessionAsync();
|
|
@@ -1447,20 +1448,20 @@ const ps = (s, e) => async (...n) => {
|
|
|
1447
1448
|
return Le(this._oidc, e, n);
|
|
1448
1449
|
}
|
|
1449
1450
|
fetchWithTokens(e) {
|
|
1450
|
-
return
|
|
1451
|
+
return ws(e, this);
|
|
1451
1452
|
}
|
|
1452
1453
|
async userInfoAsync(e = !1) {
|
|
1453
1454
|
return this._oidc.userInfoAsync(e);
|
|
1454
1455
|
}
|
|
1455
1456
|
};
|
|
1456
|
-
X.getOrCreate = (s, e = new G()) => (n, t = "default") => new X(
|
|
1457
|
-
X.eventNames =
|
|
1457
|
+
X.getOrCreate = (s, e = new G()) => (n, t = "default") => new X(R.getOrCreate(s, e)(n, t));
|
|
1458
|
+
X.eventNames = R.eventNames;
|
|
1458
1459
|
let Ss = X;
|
|
1459
1460
|
export {
|
|
1460
1461
|
Ss as OidcClient,
|
|
1461
1462
|
G as OidcLocation,
|
|
1462
1463
|
Y as TokenRenewMode,
|
|
1463
|
-
|
|
1464
|
+
gs as getFetchDefault,
|
|
1464
1465
|
H as getParseQueryStringFromLocation,
|
|
1465
|
-
|
|
1466
|
+
vs as getPath
|
|
1466
1467
|
};
|