@axa-fr/oidc-client 7.19.1-alpha.1372 → 7.19.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist/index.js +45 -45
  2. package/dist/index.umd.cjs +2 -2
  3. package/dist/initWorker.d.ts.map +1 -1
  4. package/dist/version.d.ts +1 -1
  5. package/dist/version.d.ts.map +1 -1
  6. package/package.json +3 -3
  7. package/src/initWorker.ts +1 -2
  8. package/src/version.ts +1 -1
package/dist/index.js CHANGED
@@ -101,14 +101,14 @@ const p = {
101
101
  setDemonstratingProofOfPossessionJwkAsync: a,
102
102
  getDemonstratingProofOfPossessionJwkAsync: d
103
103
  };
104
- }, be = (e) => decodeURIComponent(Array.prototype.map.call(atob(e), (n) => "%" + ("00" + n.charCodeAt(0).toString(16)).slice(-2)).join("")), Pe = (e) => JSON.parse(be(e.replaceAll(/-/g, "+").replaceAll(/_/g, "/"))), ce = (e) => {
104
+ }, be = (e) => decodeURIComponent(Array.prototype.map.call(atob(e), (n) => "%" + ("00" + n.charCodeAt(0).toString(16)).slice(-2)).join("")), Pe = (e) => JSON.parse(be(e.replaceAll(/-/g, "+").replaceAll(/_/g, "/"))), ae = (e) => {
105
105
  try {
106
106
  return e && Oe(e, ".") === 2 ? Pe(e.split(".")[1]) : null;
107
107
  } catch (n) {
108
108
  console.warn(n);
109
109
  }
110
110
  return null;
111
- }, Oe = (e, n) => e.split(n).length - 1, Z = {
111
+ }, Oe = (e, n) => e.split(n).length - 1, Q = {
112
112
  access_token_or_id_token_invalid: "access_token_or_id_token_invalid",
113
113
  access_token_invalid: "access_token_invalid",
114
114
  id_token_invalid: "id_token_invalid"
@@ -126,20 +126,20 @@ const X = (e, n = null, s) => {
126
126
  return null;
127
127
  let t;
128
128
  const o = typeof e.expiresIn == "string" ? parseInt(e.expiresIn, 10) : e.expiresIn;
129
- e.accessTokenPayload !== void 0 ? t = e.accessTokenPayload : t = ce(e.accessToken);
129
+ e.accessTokenPayload !== void 0 ? t = e.accessTokenPayload : t = ae(e.accessToken);
130
130
  let r;
131
131
  n != null && "idToken" in n && !("idToken" in e) ? r = n.idToken : r = e.idToken;
132
- const i = e.idTokenPayload ? e.idTokenPayload : ce(r), c = i && i.exp ? i.exp : Number.MAX_VALUE, a = t && t.exp ? t.exp : e.issuedAt + o;
132
+ const i = e.idTokenPayload ? e.idTokenPayload : ae(r), c = i && i.exp ? i.exp : Number.MAX_VALUE, a = t && t.exp ? t.exp : e.issuedAt + o;
133
133
  e.issuedAt = Ee(e, t, i);
134
134
  let d;
135
- e.expiresAt ? d = e.expiresAt : s === Z.access_token_invalid ? d = a : s === Z.id_token_invalid ? d = c : d = c < a ? c : a;
135
+ e.expiresAt ? d = e.expiresAt : s === Q.access_token_invalid ? d = a : s === Q.id_token_invalid ? d = c : d = c < a ? c : a;
136
136
  const f = { ...e, idTokenPayload: i, accessTokenPayload: t, expiresAt: d, idToken: r };
137
137
  if (n != null && "refreshToken" in n && !("refreshToken" in e)) {
138
138
  const l = n.refreshToken;
139
139
  return { ...f, refreshToken: l };
140
140
  }
141
141
  return f;
142
- }, re = (e, n, s) => {
142
+ }, oe = (e, n, s) => {
143
143
  if (!e)
144
144
  return null;
145
145
  if (!e.issued_at) {
@@ -158,14 +158,14 @@ const X = (e, n = null, s) => {
158
158
  }, V = (e, n) => {
159
159
  const s = (/* @__PURE__ */ new Date()).getTime() / 1e3, t = n - s;
160
160
  return Math.round(t - e);
161
- }, ee = (e) => e ? V(0, e.expiresAt) > 0 : !1, Ie = async (e, n = 200, s = 50) => {
161
+ }, Z = (e) => e ? V(0, e.expiresAt) > 0 : !1, Ie = async (e, n = 200, s = 50) => {
162
162
  let t = s;
163
163
  if (!e.tokens)
164
164
  return null;
165
- for (; !ee(e.tokens) && t > 0; )
165
+ for (; !Z(e.tokens) && t > 0; )
166
166
  await U({ milliseconds: n }), t = t - 1;
167
167
  return {
168
- isTokensValid: ee(e.tokens),
168
+ isTokensValid: Z(e.tokens),
169
169
  tokens: e.tokens,
170
170
  numberWaited: t - s
171
171
  };
@@ -284,7 +284,7 @@ const X = (e, n = null, s) => {
284
284
  setInterval: i,
285
285
  clearInterval: c
286
286
  };
287
- }(), z = "7.19.1-alpha.1372";
287
+ }(), ce = "7.19.2";
288
288
  let le = null, q;
289
289
  const U = ({ milliseconds: e }) => new Promise((n) => J.setTimeout(n, e)), ge = (e = "/") => {
290
290
  try {
@@ -316,7 +316,7 @@ const U = ({ milliseconds: e }) => new Promise((n) => J.setTimeout(n, e)), ge =
316
316
  if (typeof window > "u" || typeof navigator > "u" || !navigator.serviceWorker || !s || e.service_worker_activate() === !1)
317
317
  return null;
318
318
  let t = null;
319
- e.register ? t = await e.service_worker_register(s) : t = await navigator.serviceWorker.register(s + "?v=" + z);
319
+ e.register ? t = await e.service_worker_register(s) : t = await navigator.serviceWorker.register(s);
320
320
  try {
321
321
  await navigator.serviceWorker.ready, navigator.serviceWorker.controller || await O(t)({ type: "claim" });
322
322
  } catch {
@@ -335,7 +335,7 @@ const U = ({ milliseconds: e }) => new Promise((n) => J.setTimeout(n, e)), ge =
335
335
  },
336
336
  configurationName: n
337
337
  }), L = b.version;
338
- return L !== z && (console.warn(`Service worker ${L} version mismatch with js client version ${z}, unregistering and reloading`), await E.service_worker_update_require_callback(t, Ce)), { tokens: re(b.tokens, null, E.token_renew_mode), status: b.status };
338
+ return L !== ce && (console.warn(`Service worker ${L} version mismatch with js client version ${ce}, unregistering and reloading`), await E.service_worker_update_require_callback(t, Ce)), { tokens: oe(b.tokens, null, E.token_renew_mode), status: b.status };
339
339
  }, i = (k = "/") => {
340
340
  le == null && (le = "not_null", ge(k));
341
341
  }, c = (k) => O(t)({ type: "setSessionState", data: { sessionState: k }, configurationName: n }), a = async () => (await O(t)({ type: "getSessionState", data: null, configurationName: n })).sessionState, d = (k) => (sessionStorage[`oidc.nonce.${n}`] = k.nonce, O(t)({ type: "setNonce", data: { nonce: k }, configurationName: n })), f = async () => {
@@ -404,7 +404,7 @@ function De(e) {
404
404
  return String.fromCharCode(parseInt(t, 16));
405
405
  });
406
406
  }
407
- const ie = (e) => {
407
+ const re = (e) => {
408
408
  let n = "";
409
409
  return e.forEach(function(s) {
410
410
  n += String.fromCharCode(s);
@@ -445,7 +445,7 @@ const $e = {
445
445
  // JWT "claims" are really a JSON-defined JWS "payload"
446
446
  payload: ue(JSON.stringify(t))
447
447
  }, c = o.importKeyAlgorithm, a = !0, d = ["sign"], f = await e.crypto.subtle.importKey("jwk", n, c, a, d), l = ke(`${i.protected}.${i.payload}`), u = o.signAlgorithm, h = await e.crypto.subtle.sign(u, f, l);
448
- return i.signature = ie(new Uint8Array(h)), `${i.protected}.${i.payload}.${i.signature}`;
448
+ return i.signature = re(new Uint8Array(h)), `${i.protected}.${i.payload}.${i.signature}`;
449
449
  };
450
450
  var Ke = { sign: Re };
451
451
  const Ue = (e) => async (n) => {
@@ -470,7 +470,7 @@ const Ue = (e) => async (n) => {
470
470
  throw new Error("Unknown or not implemented JWK type");
471
471
  }
472
472
  const o = await e.crypto.subtle.digest(s, ke(t));
473
- return ie(new Uint8Array(o));
473
+ return re(new Uint8Array(o));
474
474
  };
475
475
  var Je = { thumbprint: Fe };
476
476
  const Be = (e) => async (n) => await Me.generate(e)(n), pe = (e) => (n) => async (s, t = "POST", o, r = {}) => {
@@ -492,20 +492,20 @@ const Be = (e) => async (n) => await Me.generate(e)(n), pe = (e) => (n) => async
492
492
  }, we = () => {
493
493
  const e = typeof window < "u" && !!window.crypto, n = e && !!window.crypto.subtle;
494
494
  return { hasCrypto: e, hasSubtleCrypto: n };
495
- }, ne = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", qe = (e) => {
495
+ }, ee = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", qe = (e) => {
496
496
  const n = [];
497
497
  for (let s = 0; s < e.byteLength; s += 1) {
498
- const t = e[s] % ne.length;
499
- n.push(ne[t]);
498
+ const t = e[s] % ee.length;
499
+ n.push(ee[t]);
500
500
  }
501
501
  return n.join("");
502
- }, se = (e) => {
502
+ }, ne = (e) => {
503
503
  const n = new Uint8Array(e), { hasCrypto: s } = we();
504
504
  if (s)
505
505
  window.crypto.getRandomValues(n);
506
506
  else
507
507
  for (let t = 0; t < e; t += 1)
508
- n[t] = Math.random() * ne.length | 0;
508
+ n[t] = Math.random() * ee.length | 0;
509
509
  return qe(n);
510
510
  };
511
511
  function He(e) {
@@ -516,7 +516,7 @@ function He(e) {
516
516
  }
517
517
  function Ae(e) {
518
518
  return new Promise((n, s) => {
519
- crypto.subtle.digest("SHA-256", He(e)).then((t) => n(ie(new Uint8Array(t))), (t) => s(t));
519
+ crypto.subtle.digest("SHA-256", He(e)).then((t) => n(re(new Uint8Array(t))), (t) => s(t));
520
520
  });
521
521
  }
522
522
  const Ge = (e) => {
@@ -527,12 +527,12 @@ const Ge = (e) => {
527
527
  }, Ye = 60 * 60, Xe = (e) => async (n, s = Ye, t = window.sessionStorage, o = 1e4) => {
528
528
  const r = `${n}/.well-known/openid-configuration`, i = `oidc.server:${n}`, c = We(i, t, s);
529
529
  if (c)
530
- return new oe(c);
530
+ return new te(c);
531
531
  const a = await B(e)(r, {}, o);
532
532
  if (a.status !== 200)
533
533
  return null;
534
534
  const d = await a.json();
535
- return Le(i, d, t), new oe(d);
535
+ return Le(i, d, t), new te(d);
536
536
  }, B = (e) => async (n, s = {}, t = 1e4, o = 0) => {
537
537
  let r;
538
538
  try {
@@ -547,10 +547,10 @@ const Ge = (e) => {
547
547
  throw console.error(i.message), i;
548
548
  }
549
549
  return r;
550
- }, te = {
550
+ }, se = {
551
551
  refresh_token: "refresh_token",
552
552
  access_token: "access_token"
553
- }, fe = (e) => async (n, s, t = te.refresh_token, o, r = {}, i = 1e4) => {
553
+ }, fe = (e) => async (n, s, t = se.refresh_token, o, r = {}, i = 1e4) => {
554
554
  const c = {
555
555
  token: s,
556
556
  token_type_hint: t,
@@ -600,12 +600,12 @@ const Ge = (e) => {
600
600
  return f.headers.has(H) && (u = f.headers.get(H)), {
601
601
  success: !0,
602
602
  status: f.status,
603
- data: re(l, o, i),
603
+ data: oe(l, o, i),
604
604
  demonstratingProofOfPossessionNonce: u
605
605
  };
606
606
  }, Qe = (e, n) => async (s, t) => {
607
607
  t = t ? { ...t } : {};
608
- const o = se(128), r = await Ge(o);
608
+ const o = ne(128), r = await Ge(o);
609
609
  await e.setCodeVerifierAsync(o), await e.setStateAsync(t.state), t.code_challenge = r, t.code_challenge_method = "S256";
610
610
  let i = "";
611
611
  if (t)
@@ -636,7 +636,7 @@ const Ge = (e) => {
636
636
  success: !0,
637
637
  data: {
638
638
  state: s.state,
639
- tokens: re(f, null, o),
639
+ tokens: oe(f, null, o),
640
640
  demonstratingProofOfPossessionNonce: d
641
641
  }
642
642
  };
@@ -720,7 +720,7 @@ const F = (e, n, s = null) => {
720
720
  await U({ milliseconds: 1e3 }), r--, e.publishEvent(p.refreshTokensAsync, { message: `wait because navigator is offline try ${r}` });
721
721
  const i = document.hidden, c = n + 1;
722
722
  t || (t = {});
723
- const a = e.configuration, d = (l, u = null, h = null) => ae(e.configurationName, e.configuration, e.publishEvent.bind(e))(l, u, h), f = async () => {
723
+ const a = e.configuration, d = (l, u = null, h = null) => ie(e.configurationName, e.configuration, e.publishEvent.bind(e))(l, u, h), f = async () => {
724
724
  try {
725
725
  let l;
726
726
  const u = await C(a, e.configurationName);
@@ -795,7 +795,7 @@ const F = (e, n, s = null) => {
795
795
  } catch (l) {
796
796
  return console.error(l), e.publishEvent(p.refreshTokensAsync_silent_error, { message: "exception", exception: l.message }), j(e)(c, s, t, o);
797
797
  }
798
- }, ae = (e, n, s) => (t = null, o = null, r = null) => {
798
+ }, ie = (e, n, s) => (t = null, o = null, r = null) => {
799
799
  if (!n.silent_redirect_uri || !n.silent_login_uri)
800
800
  return Promise.resolve(null);
801
801
  try {
@@ -841,7 +841,7 @@ const F = (e, n, s = null) => {
841
841
  }
842
842
  }, sn = (e, n, s, t, o) => (r = null, i = void 0) => {
843
843
  r = { ...r };
844
- const c = (d, f, l) => ae(n, s, t.bind(o))(d, f, l);
844
+ const c = (d, f, l) => ie(n, s, t.bind(o))(d, f, l);
845
845
  return (async () => {
846
846
  o.timeoutId && J.clearTimeout(o.timeoutId);
847
847
  let d;
@@ -858,7 +858,7 @@ const F = (e, n, s = null) => {
858
858
  }
859
859
  })();
860
860
  }, tn = (e, n, s) => (t, o, r, i = !1) => {
861
- const c = (a, d = void 0, f = void 0) => ae(e.configurationName, s, e.publishEvent.bind(e))(a, d, f);
861
+ const c = (a, d = void 0, f = void 0) => ie(e.configurationName, s, e.publishEvent.bind(e))(a, d, f);
862
862
  return new Promise((a, d) => {
863
863
  if (s.silent_login_uri && s.silent_redirect_uri && s.monitor_session && t && r && !i) {
864
864
  const f = () => {
@@ -936,14 +936,14 @@ const F = (e, n, s = null) => {
936
936
  const d = i;
937
937
  return i = { ...i }, (async () => {
938
938
  const l = r || o.getPath();
939
- if ("state" in i || (i.state = se(16)), s(p.loginAsync_begin, {}), i)
939
+ if ("state" in i || (i.state = ne(16)), s(p.loginAsync_begin, {}), i)
940
940
  for (const u of Object.keys(i))
941
941
  u.endsWith(":token_request") && delete i[u];
942
942
  try {
943
943
  const u = c ? n.silent_redirect_uri : n.redirect_uri;
944
944
  a || (a = n.scope);
945
945
  const h = n.extras ? { ...n.extras, ...i } : i;
946
- h.nonce || (h.nonce = se(12));
946
+ h.nonce || (h.nonce = ne(12));
947
947
  const g = { nonce: h.nonce }, m = await C(n, e), _ = await t(n.authority, n.authority_configuration);
948
948
  let w;
949
949
  if (m)
@@ -1041,7 +1041,7 @@ const F = (e, n, s = null) => {
1041
1041
  }, de = {
1042
1042
  access_token: "access_token",
1043
1043
  refresh_token: "refresh_token"
1044
- }, Q = (e, n) => {
1044
+ }, z = (e, n) => {
1045
1045
  const s = {};
1046
1046
  if (e) {
1047
1047
  for (const [t, o] of Object.entries(e))
@@ -1076,10 +1076,10 @@ const F = (e, n, s = null) => {
1076
1076
  if (w) {
1077
1077
  const A = [], v = e.tokens ? e.tokens.accessToken : null;
1078
1078
  if (v && c.logout_tokens_to_invalidate.includes(de.access_token)) {
1079
- const y = Q(i, ":revoke_access_token"), k = fe(s)(
1079
+ const y = z(i, ":revoke_access_token"), k = fe(s)(
1080
1080
  w,
1081
1081
  v,
1082
- te.access_token,
1082
+ se.access_token,
1083
1083
  c.client_id,
1084
1084
  y
1085
1085
  );
@@ -1087,10 +1087,10 @@ const F = (e, n, s = null) => {
1087
1087
  }
1088
1088
  const T = e.tokens ? e.tokens.refreshToken : null;
1089
1089
  if (T && c.logout_tokens_to_invalidate.includes(de.refresh_token)) {
1090
- const y = Q(i, ":revoke_refresh_token"), k = fe(s)(
1090
+ const y = z(i, ":revoke_refresh_token"), k = fe(s)(
1091
1091
  w,
1092
1092
  T,
1093
- te.refresh_token,
1093
+ se.refresh_token,
1094
1094
  c.client_id,
1095
1095
  y
1096
1096
  );
@@ -1105,7 +1105,7 @@ const F = (e, n, s = null) => {
1105
1105
  await e.destroyAsync("LOGGED_OUT");
1106
1106
  for (const [w, A] of Object.entries(n))
1107
1107
  A !== e ? await e.logoutSameTabAsync(e.configuration.client_id, h) : e.publishEvent(p.logout_from_same_tab, {});
1108
- const g = Q(i, ":oidc");
1108
+ const g = z(i, ":oidc");
1109
1109
  if (g && g.no_reload === "true")
1110
1110
  return;
1111
1111
  const _ = cn(i);
@@ -1120,7 +1120,7 @@ const F = (e, n, s = null) => {
1120
1120
  }, fn = (e) => async (n = !1) => {
1121
1121
  if (e.userInfo != null && !n)
1122
1122
  return e.userInfo;
1123
- for (; e.tokens && !ee(e.tokens); )
1123
+ for (; e.tokens && !Z(e.tokens); )
1124
1124
  await U({ milliseconds: 200 });
1125
1125
  if (!e.tokens)
1126
1126
  return null;
@@ -1283,7 +1283,7 @@ const yn = () => {
1283
1283
  return console.error(s), n && await n.clearAsync(), e.publishEvent(p.tryKeepExistingSessionAsync_error, "tokens inside ServiceWorker are invalid"), !1;
1284
1284
  }
1285
1285
  }, kn = () => fetch;
1286
- class oe {
1286
+ class te {
1287
1287
  constructor(n) {
1288
1288
  this.authorizationEndpoint = n.authorization_endpoint, this.tokenEndpoint = n.token_endpoint, this.revocationEndpoint = n.revocation_endpoint, this.userInfoEndpoint = n.userinfo_endpoint, this.checkSessionIframe = n.check_session_iframe, this.issuer = n.issuer, this.endSessionEndpoint = n.end_session_endpoint;
1289
1289
  }
@@ -1305,7 +1305,7 @@ const x = {}, mn = (e, n = new Y()) => (s, t = "default") => (x[t] || (x[t] = ne
1305
1305
  monitor_session: n.monitor_session ?? !1,
1306
1306
  refresh_time_before_tokens_expiration_in_second: i,
1307
1307
  silent_login_timeout: n.silent_login_timeout ?? 12e3,
1308
- token_renew_mode: n.token_renew_mode ?? Z.access_token_or_id_token_invalid,
1308
+ token_renew_mode: n.token_renew_mode ?? Q.access_token_or_id_token_invalid,
1309
1309
  demonstrating_proof_of_possession: n.demonstrating_proof_of_possession ?? !1,
1310
1310
  authority_timeout_wellknowurl_in_millisecond: n.authority_timeout_wellknowurl_in_millisecond ?? 1e4,
1311
1311
  logout_tokens_to_invalidate: n.logout_tokens_to_invalidate ?? ["access_token", "refresh_token"],
@@ -1358,7 +1358,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1358
1358
  return this.initPromise;
1359
1359
  const t = async () => {
1360
1360
  if (s != null)
1361
- return new oe({
1361
+ return new te({
1362
1362
  authorization_endpoint: s.authorization_endpoint,
1363
1363
  end_session_endpoint: s.end_session_endpoint,
1364
1364
  revocation_endpoint: s.revocation_endpoint,
@@ -1500,7 +1500,7 @@ let he = K;
1500
1500
  export {
1501
1501
  he as OidcClient,
1502
1502
  Y as OidcLocation,
1503
- Z as TokenRenewMode,
1503
+ Q as TokenRenewMode,
1504
1504
  kn as getFetchDefault,
1505
1505
  G as getParseQueryStringFromLocation,
1506
1506
  vn as getPath
package/dist/index.umd.cjs CHANGED
@@ -1,2 +1,2 @@
1
- (function(N,G){typeof exports=="object"&&typeof module<"u"?G(exports):typeof define=="function"&&define.amd?define(["exports"],G):(N=typeof globalThis<"u"?globalThis:N||self,G(N["oidc-client"]={}))})(this,function(N){"use strict";const D=console;class Oe{constructor(n,s,t,o=2e3,r=!0){this._callback=n,this._client_id=s,this._url=t,this._interval=o||2e3,this._stopOnError=r;const i=t.indexOf("/",t.indexOf("//")+2);this._frame_origin=t.substr(0,i),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.style.display="none",this._frame.width=0,this._frame.height=0,this._frame.src=t}load(){return new Promise(n=>{this._frame.onload=()=>{n()},window.document.body.appendChild(this._frame),this._boundMessageEvent=this._message.bind(this),window.addEventListener("message",this._boundMessageEvent,!1)})}_message(n){n.origin===this._frame_origin&&n.source===this._frame.contentWindow&&(n.data==="error"?(D.error("CheckSessionIFrame: error message from check session op iframe"),this._stopOnError&&this.stop()):n.data==="changed"?(D.debug(n),D.debug("CheckSessionIFrame: changed message from check session op iframe"),this.stop(),this._callback()):D.debug("CheckSessionIFrame: "+n.data+" message from check session op iframe"))}start(n){D.debug("CheckSessionIFrame.start :"+n),this.stop();const s=()=>{this._frame.contentWindow.postMessage(this._client_id+" "+n,this._frame_origin)};s(),this._timer=window.setInterval(s,this._interval)}stop(){this._timer&&(D.debug("CheckSessionIFrame.stop"),window.clearInterval(this._timer),this._timer=null)}}const p={service_worker_not_supported_by_browser:"service_worker_not_supported_by_browser",token_aquired:"token_aquired",logout_from_another_tab:"logout_from_another_tab",logout_from_same_tab:"logout_from_same_tab",token_renewed:"token_renewed",token_timer:"token_timer",loginAsync_begin:"loginAsync_begin",loginAsync_error:"loginAsync_error",loginCallbackAsync_begin:"loginCallbackAsync_begin",loginCallbackAsync_end:"loginCallbackAsync_end",loginCallbackAsync_error:"loginCallbackAsync_error",refreshTokensAsync_begin:"refreshTokensAsync_begin",refreshTokensAsync:"refreshTokensAsync",refreshTokensAsync_end:"refreshTokensAsync_end",refreshTokensAsync_error:"refreshTokensAsync_error",refreshTokensAsync_silent_error:"refreshTokensAsync_silent_error",tryKeepExistingSessionAsync_begin:"tryKeepExistingSessionAsync_begin",tryKeepExistingSessionAsync_end:"tryKeepExistingSessionAsync_end",tryKeepExistingSessionAsync_error:"tryKeepExistingSessionAsync_error",silentLoginAsync_begin:"silentLoginAsync_begin",silentLoginAsync:"silentLoginAsync",silentLoginAsync_end:"silentLoginAsync_end",silentLoginAsync_error:"silentLoginAsync_error",syncTokensAsync_begin:"syncTokensAsync_begin",syncTokensAsync_lock_not_available:"syncTokensAsync_lock_not_available",syncTokensAsync_end:"syncTokensAsync_end",syncTokensAsync_error:"syncTokensAsync_error"},E=(e,n=sessionStorage)=>{const s=y=>(n[`oidc.${e}`]=JSON.stringify({tokens:null,status:y}),Promise.resolve()),t=async()=>{if(!n[`oidc.${e}`])return n[`oidc.${e}`]=JSON.stringify({tokens:null,status:null}),{tokens:null,status:null};const y=JSON.parse(n[`oidc.${e}`]);return Promise.resolve({tokens:y.tokens,status:y.status})},o=y=>{n[`oidc.${e}`]=JSON.stringify({tokens:y})},r=async y=>{n[`oidc.session_state.${e}`]=y},i=async()=>n[`oidc.session_state.${e}`],c=y=>{n[`oidc.nonce.${e}`]=y.nonce},a=y=>{n[`oidc.jwk.${e}`]=JSON.stringify(y)},_=()=>JSON.parse(n[`oidc.jwk.${e}`]),f=async()=>({nonce:n[`oidc.nonce.${e}`]}),l=async y=>{n[`oidc.dpop_nonce.${e}`]=y},u=()=>n[`oidc.dpop_nonce.${e}`],h=()=>n[`oidc.${e}`]?JSON.stringify({tokens:JSON.parse(n[`oidc.${e}`]).tokens}):null;let g={};return{clearAsync:s,initAsync:t,setTokens:o,getTokens:h,setSessionStateAsync:r,getSessionStateAsync:i,setNonceAsync:c,getNonceAsync:f,setLoginParams:y=>{g[e]=y,n[`oidc.login.${e}`]=JSON.stringify(y)},getLoginParams:()=>{const y=n[`oidc.login.${e}`];return y?(g[e]||(g[e]=JSON.parse(y)),g[e]):(console.warn(`storage[oidc.login.${e}] is empty, you should have an bad OIDC or code configuration somewhere.`),null)},getStateAsync:async()=>n[`oidc.state.${e}`],setStateAsync:async y=>{n[`oidc.state.${e}`]=y},getCodeVerifierAsync:async()=>n[`oidc.code_verifier.${e}`],setCodeVerifierAsync:async y=>{n[`oidc.code_verifier.${e}`]=y},setDemonstratingProofOfPossessionNonce:l,getDemonstratingProofOfPossessionNonce:u,setDemonstratingProofOfPossessionJwkAsync:a,getDemonstratingProofOfPossessionJwkAsync:_}},Ee=e=>decodeURIComponent(Array.prototype.map.call(atob(e),n=>"%"+("00"+n.charCodeAt(0).toString(16)).slice(-2)).join("")),Ie=e=>JSON.parse(Ee(e.replaceAll(/-/g,"+").replaceAll(/_/g,"/"))),fe=e=>{try{return e&&Ce(e,".")===2?Ie(e.split(".")[1]):null}catch(n){console.warn(n)}return null},Ce=(e,n)=>e.split(n).length-1,Y={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"};function Ne(e,n,s){if(e.issuedAt){if(typeof e.issuedAt=="string")return parseInt(e.issuedAt,10)}else return n&&n.iat?n.iat:s&&s.iat?s.iat:new Date().getTime()/1e3;return e.issuedAt}const X=(e,n=null,s)=>{if(!e)return null;let t;const o=typeof e.expiresIn=="string"?parseInt(e.expiresIn,10):e.expiresIn;e.accessTokenPayload!==void 0?t=e.accessTokenPayload:t=fe(e.accessToken);let r;n!=null&&"idToken"in n&&!("idToken"in e)?r=n.idToken:r=e.idToken;const i=e.idTokenPayload?e.idTokenPayload:fe(r),c=i&&i.exp?i.exp:Number.MAX_VALUE,a=t&&t.exp?t.exp:e.issuedAt+o;e.issuedAt=Ne(e,t,i);let _;e.expiresAt?_=e.expiresAt:s===Y.access_token_invalid?_=a:s===Y.id_token_invalid?_=c:_=c<a?c:a;const f={...e,idTokenPayload:i,accessTokenPayload:t,expiresAt:_,idToken:r};if(n!=null&&"refreshToken"in n&&!("refreshToken"in e)){const l=n.refreshToken;return{...f,refreshToken:l}}return f},ee=(e,n,s)=>{if(!e)return null;if(!e.issued_at){const o=new Date().getTime()/1e3;e.issued_at=o}const t={accessToken:e.access_token,expiresIn:e.expires_in,idToken:e.id_token,scope:e.scope,tokenType:e.token_type,issuedAt:e.issued_at};return"refresh_token"in e&&(t.refreshToken=e.refresh_token),e.accessTokenPayload!==void 0&&(t.accessTokenPayload=e.accessTokenPayload),e.idTokenPayload!==void 0&&(t.idTokenPayload=e.idTokenPayload),X(t,n,s)},M=(e,n)=>{const s=new Date().getTime()/1e3,t=n-s;return Math.round(t-e)},ne=e=>e?M(0,e.expiresAt)>0:!1,xe=async(e,n=200,s=50)=>{let t=s;if(!e.tokens)return null;for(;!ne(e.tokens)&&t>0;)await $({milliseconds:n}),t=t-1;return{isTokensValid:ne(e.tokens),tokens:e.tokens,numberWaited:t-s}},de=(e,n,s)=>{if(e.idTokenPayload){const t=e.idTokenPayload;if(s.issuer!==t.iss)return{isValid:!1,reason:`Issuer does not match (oidcServerConfiguration issuer) ${s.issuer} !== (idTokenPayload issuer) ${t.iss}`};const o=new Date().getTime()/1e3;if(t.exp&&t.exp<o)return{isValid:!1,reason:`Token expired (idTokenPayload exp) ${t.exp} < (currentTimeUnixSecond) ${o}`};const r=60*60*24*7;if(t.iat&&t.iat+r<o)return{isValid:!1,reason:`Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${t.iat+r} < (currentTimeUnixSecond) ${o}`};if(t.nonce&&t.nonce!==n)return{isValid:!1,reason:`Nonce does not match (idTokenPayload nonce) ${t.nonce} !== (nonce) ${n}`}}return{isValid:!0,reason:""}},F=function(){const e=function(){let a,_;const f=(function(){const u={},h={setTimeout:function(m,d,w){u[d]=setTimeout(function(){m.postMessage(d),u[d]=null},w)},setInterval:function(m,d,w){u[d]=setInterval(function(){m.postMessage(d)},w)},clearTimeout:function(m,d){clearTimeout(u[d]),u[d]=null},clearInterval:function(m,d){clearInterval(u[d]),u[d]=null}};function g(m,d){const w=d.data[0],A=d.data[1],v=d.data[2];h[w]&&h[w](m,A,v)}this.onmessage=function(m){g(self,m)},this.onconnect=function(m){const d=m.ports[0];d.onmessage=function(w){g(d,w)}}}).toString();try{const u=new Blob(["(",f,")()"],{type:"application/javascript"});_=URL.createObjectURL(u)}catch{return null}const l=typeof process>"u";try{if(SharedWorker)return a=new SharedWorker(_),a.port}catch{l&&console.warn("SharedWorker not available")}try{if(Worker)return a=new Worker(_),a}catch{l&&console.warn("Worker not available")}return null}();if(!e){const a=typeof window>"u"?global:window;return{setTimeout:setTimeout.bind(a),clearTimeout:clearTimeout.bind(a),setInterval:setInterval.bind(a),clearInterval:clearInterval.bind(a)}}const n=function(){let a=0;return function(){return a++,a}}(),s={},t={};e.onmessage=function(a){const _=a.data,f=s[_];if(f){f(),s[_]=null;return}const l=t[_];l&&l()};function o(a,_){const f=n();return e.postMessage(["setTimeout",f,_]),s[f]=a,f}function r(a){e.postMessage(["clearTimeout",a]),s[a]=null}function i(a,_){const f=n();return e.postMessage(["setInterval",f,_]),t[f]=a,f}function c(a){e.postMessage(["clearInterval",a]),t[a]=null}return{setTimeout:o,clearTimeout:r,setInterval:i,clearInterval:c}}(),se="7.19.1-alpha.1372";let _e=null,z;const $=({milliseconds:e})=>new Promise(n=>F.setTimeout(n,e)),he=(e="/")=>{try{z=new AbortController,fetch(`${e}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`,{signal:z.signal}).catch(t=>{console.log(t)}),$({milliseconds:150*1e3}).then(he)}catch(n){console.log(n)}},Le=()=>{z&&z.abort()},We=(e="/")=>fetch(`${e}OidcKeepAliveServiceWorker.json`,{headers:{"oidc-vanilla":"true"}}).then(n=>n.statusText==="oidc-service-worker").catch(n=>{console.log(n)}),De=e=>async(n,s)=>{s(),await n.update();const t=await n.unregister();console.log(`Service worker unregistering ${t}`),await $({milliseconds:2e3}),e.reload()},O=e=>n=>new Promise(function(s,t){const o=new MessageChannel;o.port1.onmessage=function(r){r.data&&r.data.error?t(r.data.error):s(r.data)},e.active.postMessage(n,[o.port2])}),I=async(e,n)=>{const s=e.service_worker_relative_url;if(typeof window>"u"||typeof navigator>"u"||!navigator.serviceWorker||!s||e.service_worker_activate()===!1)return null;let t=null;e.register?t=await e.service_worker_register(s):t=await navigator.serviceWorker.register(s+"?v="+se);try{await navigator.serviceWorker.ready,navigator.serviceWorker.controller||await O(t)({type:"claim"})}catch{return null}const o=async k=>O(t)({type:"clear",data:{status:k},configurationName:n}),r=async(k,S,C)=>{const b=await O(t)({type:"init",data:{oidcServerConfiguration:k,where:S,oidcConfiguration:{token_renew_mode:C.token_renew_mode,service_worker_convert_all_requests_to_cors:C.service_worker_convert_all_requests_to_cors}},configurationName:n}),V=b.version;return V!==se&&(console.warn(`Service worker ${V} version mismatch with js client version ${se}, unregistering and reloading`),await C.service_worker_update_require_callback(t,Le)),{tokens:ee(b.tokens,null,C.token_renew_mode),status:b.status}},i=(k="/")=>{_e==null&&(_e="not_null",he(k))},c=k=>O(t)({type:"setSessionState",data:{sessionState:k},configurationName:n}),a=async()=>(await O(t)({type:"getSessionState",data:null,configurationName:n})).sessionState,_=k=>(sessionStorage[`oidc.nonce.${n}`]=k.nonce,O(t)({type:"setNonce",data:{nonce:k},configurationName:n})),f=async()=>{let S=(await O(t)({type:"getNonce",data:null,configurationName:n})).nonce;return S||(S=sessionStorage[`oidc.nonce.${n}`],console.warn("nonce not found in service worker, using sessionStorage")),{nonce:S}};let l={};return{clearAsync:o,initAsync:r,startKeepAliveServiceWorker:()=>i(e.service_worker_keep_alive_path),isServiceWorkerProxyActiveAsync:()=>We(e.service_worker_keep_alive_path),setSessionStateAsync:c,getSessionStateAsync:a,setNonceAsync:_,getNonceAsync:f,setLoginParams:k=>{l[n]=k,localStorage[`oidc.login.${n}`]=JSON.stringify(k)},getLoginParams:()=>{const k=localStorage[`oidc.login.${n}`];return l[n]||(l[n]=JSON.parse(k)),l[n]},getStateAsync:async()=>{let S=(await O(t)({type:"getState",data:null,configurationName:n})).state;return S||(S=sessionStorage[`oidc.state.${n}`],console.warn("state not found in service worker, using sessionStorage")),S},setStateAsync:async k=>(sessionStorage[`oidc.state.${n}`]=k,O(t)({type:"setState",data:{state:k},configurationName:n})),getCodeVerifierAsync:async()=>{let S=(await O(t)({type:"getCodeVerifier",data:null,configurationName:n})).codeVerifier;return S||(S=sessionStorage[`oidc.code_verifier.${n}`],console.warn("codeVerifier not found in service worker, using sessionStorage")),S},setCodeVerifierAsync:async k=>(sessionStorage[`oidc.code_verifier.${n}`]=k,O(t)({type:"setCodeVerifier",data:{codeVerifier:k},configurationName:n})),setDemonstratingProofOfPossessionNonce:async k=>{await O(t)({type:"setDemonstratingProofOfPossessionNonce",data:{demonstratingProofOfPossessionNonce:k},configurationName:n})},getDemonstratingProofOfPossessionNonce:async()=>(await O(t)({type:"getDemonstratingProofOfPossessionNonce",data:null,configurationName:n})).demonstratingProofOfPossessionNonce,setDemonstratingProofOfPossessionJwkAsync:async k=>{const S=JSON.stringify(k);await O(t)({type:"setDemonstratingProofOfPossessionJwk",data:{demonstratingProofOfPossessionJwkJson:S},configurationName:n})},getDemonstratingProofOfPossessionJwkAsync:async()=>{const k=await O(t)({type:"getDemonstratingProofOfPossessionJwk",data:null,configurationName:n});return k.demonstratingProofOfPossessionJwkJson?JSON.parse(k.demonstratingProofOfPossessionJwkJson):null}}},R={},$e=(e,n=window.sessionStorage,s)=>{if(!R[e]&&n){const o=n.getItem(e);o&&(R[e]=JSON.parse(o))}const t=1e3*s;return R[e]&&R[e].timestamp+t>Date.now()?R[e].result:null},Re=(e,n,s=window.sessionStorage)=>{const t=Date.now();R[e]={result:n,timestamp:t},s&&s.setItem(e,JSON.stringify({result:n,timestamp:t}))};function ye(e){return new TextEncoder().encode(e)}function ge(e){return btoa(e).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+/g,"")}function Ke(e){return encodeURIComponent(e).replace(/%([0-9A-F]{2})/g,function(s,t){return String.fromCharCode(parseInt(t,16))})}const te=e=>{let n="";return e.forEach(function(s){n+=String.fromCharCode(s)}),ge(n)};function ke(e){return ge(Ke(e))}const Ue={importKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256",hash:{name:"ES256"}},signAlgorithm:{name:"ECDSA",hash:{name:"SHA-256"}},generateKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256"},digestAlgorithm:{name:"SHA-256"},jwtHeaderAlgorithm:"ES256"};var Ve={sign:e=>async(n,s,t,o,r="dpop+jwt")=>{switch(n=Object.assign({},n),s.typ=r,s.alg=o.jwtHeaderAlgorithm,s.alg){case"ES256":s.jwk={kty:n.kty,crv:n.crv,x:n.x,y:n.y};break;case"RS256":s.jwk={kty:n.kty,n:n.n,e:n.e,kid:s.kid};break;default:throw new Error("Unknown or not implemented JWS algorithm")}const i={protected:ke(JSON.stringify(s)),payload:ke(JSON.stringify(t))},c=o.importKeyAlgorithm,a=!0,_=["sign"],f=await e.crypto.subtle.importKey("jwk",n,c,a,_),l=ye(`${i.protected}.${i.payload}`),u=o.signAlgorithm,h=await e.crypto.subtle.sign(u,f,l);return i.signature=te(new Uint8Array(h)),`${i.protected}.${i.payload}.${i.signature}`}};const Me={generate:e=>async n=>{const s=n,t=!0,o=["sign","verify"],r=await e.crypto.subtle.generateKey(s,t,o);return await e.crypto.subtle.exportKey("jwk",r.privateKey)},neuter:e=>{const n=Object.assign({},e);return delete n.d,n.key_ops=["verify"],n}};var Fe={thumbprint:e=>async(n,s)=>{let t;switch(n.kty){case"EC":t='{"crv":"CRV","kty":"EC","x":"X","y":"Y"}'.replace("CRV",n.crv).replace("X",n.x).replace("Y",n.y);break;case"RSA":t='{"e":"E","kty":"RSA","n":"N"}'.replace("E",n.e).replace("N",n.n);break;default:throw new Error("Unknown or not implemented JWK type")}const o=await e.crypto.subtle.digest(s,ye(t));return te(new Uint8Array(o))}};const Je=e=>async n=>await Me.generate(e)(n),me=e=>n=>async(s,t="POST",o,r={})=>{const i={jti:btoa(Be()),htm:t,htu:o,iat:Math.round(Date.now()/1e3),...r},c=await Fe.thumbprint(e)(s,n.digestAlgorithm);return await Ve.sign(e)(s,{kid:c},i,n)},Be=()=>{const e="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx",n="0123456789abcdef";let s=0,t="";for(let o=0;o<36;o++)e[o]!=="-"&&e[o]!=="4"&&(s=Math.random()*16|0),e[o]==="x"?t+=n[s]:e[o]==="y"?(s&=3,s|=8,t+=n[s]):t+=e[o];return t},pe=()=>{const e=typeof window<"u"&&!!window.crypto,n=e&&!!window.crypto.subtle;return{hasCrypto:e,hasSubtleCrypto:n}},oe="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",je=e=>{const n=[];for(let s=0;s<e.byteLength;s+=1){const t=e[s]%oe.length;n.push(oe[t])}return n.join("")},re=e=>{const n=new Uint8Array(e),{hasCrypto:s}=pe();if(s)window.crypto.getRandomValues(n);else for(let t=0;t<e;t+=1)n[t]=Math.random()*oe.length|0;return je(n)};function qe(e){const n=new ArrayBuffer(e.length),s=new Uint8Array(n);for(let t=0;t<e.length;t++)s[t]=e.charCodeAt(t);return s}function we(e){return new Promise((n,s)=>{crypto.subtle.digest("SHA-256",qe(e)).then(t=>n(te(new Uint8Array(t))),t=>s(t))})}const He=e=>{if(e.length<43||e.length>128)return Promise.reject(new Error("Invalid code length."));const{hasSubtleCrypto:n}=pe();return n?we(e):Promise.reject(new Error("window.crypto.subtle is unavailable."))},Ge=60*60,Ye=e=>async(n,s=Ge,t=window.sessionStorage,o=1e4)=>{const r=`${n}/.well-known/openid-configuration`,i=`oidc.server:${n}`,c=$e(i,t,s);if(c)return new le(c);const a=await J(e)(r,{},o);if(a.status!==200)return null;const _=await a.json();return Re(i,_,t),new le(_)},J=e=>async(n,s={},t=1e4,o=0)=>{let r;try{const i=new AbortController;setTimeout(()=>i.abort(),t),r=await e(n,{...s,signal:i.signal})}catch(i){if(i.name==="AbortError"||i.message==="Network request failed"){if(o<=1)return await J(e)(n,s,t,o+1);throw i}else throw console.error(i.message),i}return r},ie={refresh_token:"refresh_token",access_token:"access_token"},Ae=e=>async(n,s,t=ie.refresh_token,o,r={},i=1e4)=>{const c={token:s,token_type_hint:t,client_id:o};for(const[l,u]of Object.entries(r))c[l]===void 0&&(c[l]=u);const a=[];for(const l in c){const u=encodeURIComponent(l),h=encodeURIComponent(c[l]);a.push(`${u}=${h}`)}const _=a.join("&");return(await J(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:_},i)).status!==200?{success:!1}:{success:!0}},Xe=e=>async(n,s,t,o,r={},i,c=1e4)=>{for(const[h,g]of Object.entries(t))s[h]===void 0&&(s[h]=g);const a=[];for(const h in s){const g=encodeURIComponent(h),m=encodeURIComponent(s[h]);a.push(`${g}=${m}`)}const _=a.join("&"),f=await J(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...r},body:_},c);if(f.status!==200)return{success:!1,status:f.status,demonstratingProofOfPossessionNonce:null};const l=await f.json();let u=null;return f.headers.has(Q)&&(u=f.headers.get(Q)),{success:!0,status:f.status,data:ee(l,o,i),demonstratingProofOfPossessionNonce:u}},ze=(e,n)=>async(s,t)=>{t=t?{...t}:{};const o=re(128),r=await He(o);await e.setCodeVerifierAsync(o),await e.setStateAsync(t.state),t.code_challenge=r,t.code_challenge_method="S256";let i="";if(t)for(const[c,a]of Object.entries(t))i===""?i+="?":i+="&",i+=`${c}=${encodeURIComponent(a)}`;n.open(`${s}${i}`)},Q="DPoP-Nonce",Qe=e=>async(n,s,t,o,r=1e4)=>{s=s?{...s}:{},s.code_verifier=await e.getCodeVerifierAsync();const i=[];for(const l in s){const u=encodeURIComponent(l),h=encodeURIComponent(s[l]);i.push(`${u}=${h}`)}const c=i.join("&"),a=await J(fetch)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...t},body:c},r);if(await Promise.all([e.setCodeVerifierAsync(null),e.setStateAsync(null)]),a.status!==200)return{success:!1,status:a.status};let _=null;a.headers.has(Q)&&(_=a.headers.get(Q));const f=await a.json();return{success:!0,data:{state:s.state,tokens:ee(f,null,o),demonstratingProofOfPossessionNonce:_}}};async function Se(e,n,s){const t=c=>{e.tokens=c},{tokens:o,status:r}=await Z(e)(0,n,s,t);return await I(e.configuration,e.configurationName)||await E(e.configurationName,e.configuration.storage).setTokens(e.tokens),e.tokens?o:(await e.destroyAsync(r),null)}const Ze=async(e,n)=>{const s=await I(n,e.configurationName);if(s){const t=await e.initAsync(n.authority,n.authority_configuration),{tokens:o}=await s.initAsync(t,"tryKeepExistingSessionAsync",n);return o}else{const t=E(e.configurationName,n.storage??sessionStorage);let{tokens:o}=await t.initAsync();return o=X(o,e.tokens,n.token_renew_mode),o}};async function ve(e,n=!1,s=null){const t=e.configuration,o=`${t.client_id}_${e.configurationName}_${t.authority}`;let r;const i=await I(e.configuration,e.configurationName);return(t==null?void 0:t.storage)===(window==null?void 0:window.sessionStorage)&&!i?r=await Se(e,n,s):r=await navigator.locks.request(o,{ifAvailable:!0},async c=>c?await Se(e,n,s):(e.publishEvent(x.eventNames.syncTokensAsync_lock_not_available,{lock:"lock not available"}),await Ze(e,t))),r?(e.timeoutId&&(e.timeoutId=B(e,e.tokens.expiresAt,s)),e.tokens):null}const B=(e,n,s=null)=>{const t=e.configuration.refresh_time_before_tokens_expiration_in_second;return F.setTimeout(async()=>{const r={timeLeft:M(t,n)};e.publishEvent(x.eventNames.token_timer,r),await ve(e,!1,s)},1e3)},K={SESSION_LOST:"SESSION_LOST",NOT_CONNECTED:"NOT_CONNECTED",TOKENS_VALID:"TOKENS_VALID",TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID",LOGOUT_FROM_ANOTHER_TAB:"LOGOUT_FROM_ANOTHER_TAB",REQUIRE_SYNC_TOKENS:"REQUIRE_SYNC_TOKENS"},en=e=>async(n,s,t,o=!1)=>{const r={nonce:null};if(!t)return{tokens:null,status:"NOT_CONNECTED",nonce:r};let i=r;const c=await e.initAsync(n.authority,n.authority_configuration),a=await I(n,s);if(a){const{status:l,tokens:u}=await a.initAsync(c,"syncTokensAsync",n);if(l==="LOGGED_OUT")return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:r};if(l==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:r};if(!l||!u)return{tokens:null,status:"REQUIRE_SYNC_TOKENS",nonce:r};if(u.issuedAt!==t.issuedAt){const g=M(n.refresh_time_before_tokens_expiration_in_second,u.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",m=await a.getNonceAsync();return{tokens:u,status:g,nonce:m}}i=await a.getNonceAsync()}else{const l=E(s,n.storage??sessionStorage);let{tokens:u,status:h}=await l.initAsync();if(u&&(u=X(u,e.tokens,n.token_renew_mode)),u){if(h==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:r};if(u.issuedAt!==t.issuedAt){const m=M(n.refresh_time_before_tokens_expiration_in_second,u.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",d=await l.getNonceAsync();return{tokens:u,status:m,nonce:d}}}else return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:r};i=await l.getNonceAsync()}const f=M(n.refresh_time_before_tokens_expiration_in_second,t.expiresAt)>0?"TOKENS_VALID":"TOKENS_INVALID";return o?{tokens:t,status:"FORCE_REFRESH",nonce:i}:{tokens:t,status:f,nonce:i}},Z=e=>async(n=0,s=!1,t=null,o)=>{for(;!navigator.onLine&&document.hidden;)await $({milliseconds:1e3}),e.publishEvent(p.refreshTokensAsync,{message:"wait because navigator is offline and hidden"});let r=6;for(;!navigator.onLine&&r>0;)await $({milliseconds:1e3}),r--,e.publishEvent(p.refreshTokensAsync,{message:`wait because navigator is offline try ${r}`});const i=document.hidden,c=n+1;t||(t={});const a=e.configuration,_=(l,u=null,h=null)=>ae(e.configurationName,e.configuration,e.publishEvent.bind(e))(l,u,h),f=async()=>{try{let l;const u=await I(a,e.configurationName);u?l=u.getLoginParams():l=E(e.configurationName,a.storage).getLoginParams();const h=await _({...l.extras,...t,prompt:"none"});return h?h.error?(o(null),e.publishEvent(p.refreshTokensAsync_error,{message:"refresh token silent"}),{tokens:null,status:"SESSION_LOST"}):(o(h.tokens),e.publishEvent(x.eventNames.token_renewed,{}),{tokens:h.tokens,status:"LOGGED"}):(o(null),e.publishEvent(p.refreshTokensAsync_error,{message:"refresh token silent not active"}),{tokens:null,status:"SESSION_LOST"})}catch(l){return console.error(l),e.publishEvent(p.refreshTokensAsync_silent_error,{message:"exceptionSilent",exception:l.message}),await Z(e)(c,s,t,o)}};if(n>4)return i?{tokens:e.tokens,status:"GIVE_UP"}:(o(null),e.publishEvent(p.refreshTokensAsync_error,{message:"refresh token"}),{tokens:null,status:"SESSION_LOST"});try{const{status:l,tokens:u,nonce:h}=await en(e)(a,e.configurationName,e.tokens,s);switch(l){case K.SESSION_LOST:return o(null),e.publishEvent(p.refreshTokensAsync_error,{message:"refresh token session lost"}),{tokens:null,status:"SESSION_LOST"};case K.NOT_CONNECTED:return o(null),{tokens:null,status:null};case K.TOKENS_VALID:return o(u),{tokens:u,status:"LOGGED_IN"};case K.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:return o(u),e.publishEvent(x.eventNames.token_renewed,{reason:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID"}),{tokens:u,status:"LOGGED_IN"};case K.LOGOUT_FROM_ANOTHER_TAB:return o(null),e.publishEvent(p.logout_from_another_tab,{status:"session syncTokensAsync"}),{tokens:null,status:"LOGGED_OUT"};case K.REQUIRE_SYNC_TOKENS:return e.publishEvent(p.refreshTokensAsync_begin,{tryNumber:n}),await f();default:{if(e.publishEvent(p.refreshTokensAsync_begin,{refreshToken:u.refreshToken,status:l,tryNumber:n}),!u.refreshToken)return await f();const g=a.client_id,m=a.redirect_uri,d=a.authority,A={...a.token_request_extras?a.token_request_extras:{}};for(const[T,y]of Object.entries(t))T.endsWith(":token_request")&&(A[T.replace(":token_request","")]=y);return await(async()=>{const T={client_id:g,redirect_uri:m,grant_type:"refresh_token",refresh_token:u.refreshToken},y=await e.initAsync(d,a.authority_configuration),k=document.hidden?1e4:3e4*10,S=y.tokenEndpoint,C={};a.demonstrating_proof_of_possession&&(C.DPoP=await e.generateDemonstrationOfProofOfPossessionAsync(u.accessToken,S,"POST"));const b=await Xe(e.getFetch())(S,T,A,u,C,a.token_renew_mode,k);if(b.success){const{isValid:V,reason:P}=de(b.data,h.nonce,y);if(!V)return o(null),e.publishEvent(p.refreshTokensAsync_error,{message:`refresh token return not valid tokens, reason: ${P}`}),{tokens:null,status:"SESSION_LOST"};if(o(b.data),b.demonstratingProofOfPossessionNonce){const W=await I(a,e.configurationName);W?await W.setDemonstratingProofOfPossessionNonce(b.demonstratingProofOfPossessionNonce):await E(e.configurationName,a.storage).setDemonstratingProofOfPossessionNonce(b.demonstratingProofOfPossessionNonce)}return e.publishEvent(p.refreshTokensAsync_end,{success:b.success}),e.publishEvent(x.eventNames.token_renewed,{reason:"REFRESH_TOKEN"}),{tokens:b.data,status:"LOGGED_IN"}}else return e.publishEvent(p.refreshTokensAsync_silent_error,{message:"bad request",tokenResponse:b}),b.status>=400&&b.status<500?(o(null),e.publishEvent(p.refreshTokensAsync_error,{message:`session lost: ${b.status}`}),{tokens:null,status:"SESSION_LOST"}):await Z(e)(c,s,t,o)})()}}}catch(l){return console.error(l),e.publishEvent(p.refreshTokensAsync_silent_error,{message:"exception",exception:l.message}),Z(e)(c,s,t,o)}},ae=(e,n,s)=>(t=null,o=null,r=null)=>{if(!n.silent_redirect_uri||!n.silent_login_uri)return Promise.resolve(null);try{s(p.silentLoginAsync_begin,{});let i="";if(o&&(t==null&&(t={}),t.state=o),r&&(t==null&&(t={}),t.scope=r),t!=null)for(const[l,u]of Object.entries(t))i===""?i=`?${encodeURIComponent(l)}=${encodeURIComponent(u)}`:i+=`&${encodeURIComponent(l)}=${encodeURIComponent(u)}`;const c=n.silent_login_uri+i,a=c.indexOf("/",c.indexOf("//")+2),_=c.substring(0,a),f=document.createElement("iframe");return f.width="0px",f.height="0px",f.id=`${e}_oidc_iframe`,f.setAttribute("src",c),document.body.appendChild(f),new Promise((l,u)=>{let h=!1;const g=()=>{window.removeEventListener("message",m),f.remove(),h=!0},m=d=>{if(d.origin===_&&d.source===f.contentWindow){const w=`${e}_oidc_tokens:`,A=`${e}_oidc_error:`,v=`${e}_oidc_exception:`,T=d.data;if(T&&typeof T=="string"&&!h){if(T.startsWith(w)){const y=JSON.parse(d.data.replace(w,""));s(p.silentLoginAsync_end,{}),l(y),g()}else if(T.startsWith(A)){const y=JSON.parse(d.data.replace(A,""));s(p.silentLoginAsync_error,y),l({error:"oidc_"+y.error,tokens:null,sessionState:null}),g()}else if(T.startsWith(v)){const y=JSON.parse(d.data.replace(v,""));s(p.silentLoginAsync_error,y),u(new Error(y.error)),g()}}}};try{window.addEventListener("message",m);const d=n.silent_login_timeout;setTimeout(()=>{h||(g(),s(p.silentLoginAsync_error,{reason:"timeout"}),u(new Error("timeout")))},d)}catch(d){g(),s(p.silentLoginAsync_error,d),u(d)}})}catch(i){throw s(p.silentLoginAsync_error,i),i}},nn=(e,n,s,t,o)=>(r=null,i=void 0)=>{r={...r};const c=(_,f,l)=>ae(n,s,t.bind(o))(_,f,l);return(async()=>{o.timeoutId&&F.clearTimeout(o.timeoutId);let _;r&&"state"in r&&(_=r.state,delete r.state);try{const f=s.extras?{...s.extras,...r}:r,l=await c({...f,prompt:"none"},_,i);if(l)return o.tokens=l.tokens,t(p.token_aquired,{}),o.timeoutId=B(o,o.tokens.expiresAt,r),{}}catch(f){return f}})()},sn=(e,n,s)=>(t,o,r,i=!1)=>{const c=(a,_=void 0,f=void 0)=>ae(e.configurationName,s,e.publishEvent.bind(e))(a,_,f);return new Promise((a,_)=>{if(s.silent_login_uri&&s.silent_redirect_uri&&s.monitor_session&&t&&r&&!i){const f=()=>{e.checkSessionIFrame.stop();const l=e.tokens;if(l===null)return;const u=l.idToken,h=l.idTokenPayload;return c({prompt:"none",id_token_hint:u,scope:s.scope||"openid"}).then(g=>{if(g.error)throw new Error(g.error);const m=g.tokens.idTokenPayload;if(h.sub===m.sub){const d=g.sessionState;e.checkSessionIFrame.start(g.sessionState),h.sid===m.sid?console.debug("SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",d):console.debug("SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:",d)}else console.debug("SessionMonitor._callback: Different subject signed into OP:",m.sub)}).catch(async g=>{console.warn("SessionMonitor._callback: Silent login failed, logging out other tabs:",g);for(const[m,d]of Object.entries(n))await d.logoutOtherTabAsync(s.client_id,h.sub)})};e.checkSessionIFrame=new Oe(f,o,t),e.checkSessionIFrame.load().then(()=>{e.checkSessionIFrame.start(r),a(e.checkSessionIFrame)}).catch(l=>{_(l)})}else a(null)})},Te=e=>{const n=e.match(/^([a-z][\w-]+\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/);if(!n)throw new Error("Invalid URL");let s=n[6],t=n[7];if(t){const o=t.split("?");o.length===2&&(t=o[0],s=o[1])}return s.startsWith("?")&&(s=s.slice(1)),n&&{href:e,protocol:n[1],host:n[2],hostname:n[3],port:n[4],path:n[5],search:s,hash:t}},tn=e=>{const n=Te(e);let{path:s}=n;s.endsWith("/")&&(s=s.slice(0,-1));let{hash:t}=n;return t==="#_=_"&&(t=""),t&&(s+=t),s},j=e=>{const n=Te(e),{search:s}=n;return on(s)},on=e=>{const n={};let s,t,o;const r=e.split("&");for(t=0,o=r.length;t<o;t++)s=r[t].split("="),n[decodeURIComponent(s[0])]=decodeURIComponent(s[1]);return n},rn=(e,n,s,t,o)=>(r=void 0,i=null,c=!1,a=void 0)=>{const _=i;return i={...i},(async()=>{const l=r||o.getPath();if("state"in i||(i.state=re(16)),s(p.loginAsync_begin,{}),i)for(const u of Object.keys(i))u.endsWith(":token_request")&&delete i[u];try{const u=c?n.silent_redirect_uri:n.redirect_uri;a||(a=n.scope);const h=n.extras?{...n.extras,...i}:i;h.nonce||(h.nonce=re(12));const g={nonce:h.nonce},m=await I(n,e),d=await t(n.authority,n.authority_configuration);let w;if(m)m.setLoginParams({callbackPath:l,extras:_}),await m.initAsync(d,"loginAsync",n),await m.setNonceAsync(g),m.startKeepAliveServiceWorker(),w=m;else{const v=E(e,n.storage??sessionStorage);v.setLoginParams({callbackPath:l,extras:_}),await v.setNonceAsync(g),w=v}const A={client_id:n.client_id,redirect_uri:u,scope:a,response_type:"code",...h};await ze(w,o)(d.authorizationEndpoint,A)}catch(u){throw s(p.loginAsync_error,u),u}})()},an=e=>async(n=!1)=>{try{e.publishEvent(p.loginCallbackAsync_begin,{});const s=e.configuration,t=s.client_id,o=n?s.silent_redirect_uri:s.redirect_uri,r=s.authority,i=s.token_request_timeout,c=await e.initAsync(r,s.authority_configuration),a=e.location.getCurrentHref(),f=j(a).session_state,l=await I(s,e.configurationName);let u,h,g,m;if(l)await l.initAsync(c,"loginCallbackAsync",s),await l.setSessionStateAsync(f),h=await l.getNonceAsync(),g=l.getLoginParams(),m=await l.getStateAsync(),l.startKeepAliveServiceWorker(),u=l;else{const P=E(e.configurationName,s.storage??sessionStorage);await P.setSessionStateAsync(f),h=await P.getNonceAsync(),g=P.getLoginParams(),m=await P.getStateAsync(),u=P}const d=j(a);if(d.error||d.error_description)throw new Error(`Error from OIDC server: ${d.error} - ${d.error_description}`);if(d.iss&&d.iss!==c.issuer)throw console.error(),new Error(`Issuer not valid (expected: ${c.issuer}, received: ${d.iss})`);if(d.state&&d.state!==m)throw new Error(`State not valid (expected: ${m}, received: ${d.state})`);const w={code:d.code,grant_type:"authorization_code",client_id:s.client_id,redirect_uri:o},A={};if(s.token_request_extras)for(const[P,W]of Object.entries(s.token_request_extras))A[P]=W;if(g&&g.extras)for(const[P,W]of Object.entries(g.extras))P.endsWith(":token_request")&&(A[P.replace(":token_request","")]=W);const v=c.tokenEndpoint,T={};if(s.demonstrating_proof_of_possession)if(l)T.DPoP=`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;else{const P=await Je(window)(s.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm);await E(e.configurationName,s.storage).setDemonstratingProofOfPossessionJwkAsync(P),T.DPoP=await me(window)(s.demonstrating_proof_of_possession_configuration)(P,"POST",v)}const y=await Qe(u)(v,{...w,...A},T,e.configuration.token_renew_mode,i);if(!y.success)throw new Error("Token request failed");let k;const S=y.data.tokens,C=y.data.demonstratingProofOfPossessionNonce;if(y.data.state!==A.state)throw new Error("state is not valid");const{isValid:b,reason:V}=de(S,h.nonce,c);if(!b)throw new Error(`Tokens are not OpenID valid, reason: ${V}`);if(l){if(S.refreshToken&&!S.refreshToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Refresh token should be hidden by service worker");if(C&&S.accessToken&&S.accessToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Demonstration of proof of possession require Access token not hidden by service worker")}if(l)await l.initAsync(o,"syncTokensAsync",s),k=l.getLoginParams(),C&&await l.setDemonstratingProofOfPossessionNonce(C);else{const P=E(e.configurationName,s.storage);k=P.getLoginParams(),C&&await P.setDemonstratingProofOfPossessionNonce(C)}return await e.startCheckSessionAsync(c.checkSessionIframe,t,f,n),e.publishEvent(p.loginCallbackAsync_end,{}),{tokens:S,state:"request.state",callbackPath:k.callbackPath}}catch(s){throw console.error(s),e.publishEvent(p.loginCallbackAsync_error,s),s}},be={access_token:"access_token",refresh_token:"refresh_token"},ce=(e,n)=>{const s={};if(e){for(const[t,o]of Object.entries(e))if(t.endsWith(n)){const r=t.replace(n,"");s[r]=o}return s}return s},cn=e=>{const n={};if(e){for(const[s,t]of Object.entries(e))s.includes(":")||(n[s]=t);return n}return n},ln=e=>async n=>{F.clearTimeout(e.timeoutId),e.timeoutId=null,e.checkSessionIFrame&&e.checkSessionIFrame.stop();const s=await I(e.configuration,e.configurationName);s?await s.clearAsync(n):await E(e.configurationName,e.configuration.storage).clearAsync(n),e.tokens=null,e.userInfo=null},un=(e,n,s,t,o)=>async(r=void 0,i=null)=>{const c=e.configuration,a=await e.initAsync(c.authority,c.authority_configuration);r&&typeof r!="string"&&(r=void 0,t.warn("callbackPathOrUrl path is not a string"));const _=r??o.getPath();let f=!1;r&&(f=r.includes("https://")||r.includes("http://"));const l=f?r:o.getOrigin()+_,u=e.tokens?e.tokens.idToken:"";try{const w=a.revocationEndpoint;if(w){const A=[],v=e.tokens?e.tokens.accessToken:null;if(v&&c.logout_tokens_to_invalidate.includes(be.access_token)){const y=ce(i,":revoke_access_token"),k=Ae(s)(w,v,ie.access_token,c.client_id,y);A.push(k)}const T=e.tokens?e.tokens.refreshToken:null;if(T&&c.logout_tokens_to_invalidate.includes(be.refresh_token)){const y=ce(i,":revoke_refresh_token"),k=Ae(s)(w,T,ie.refresh_token,c.client_id,y);A.push(k)}A.length>0&&await Promise.all(A)}}catch(w){t.warn("logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error"),t.warn(w)}const h=e.tokens&&e.tokens.idTokenPayload?e.tokens.idTokenPayload.sub:null;await e.destroyAsync("LOGGED_OUT");for(const[w,A]of Object.entries(n))A!==e?await e.logoutSameTabAsync(e.configuration.client_id,h):e.publishEvent(p.logout_from_same_tab,{});const g=ce(i,":oidc");if(g&&g.no_reload==="true")return;const d=cn(i);if(a.endSessionEndpoint){"id_token_hint"in d||(d.id_token_hint=u),!("post_logout_redirect_uri"in d)&&r!==null&&(d.post_logout_redirect_uri=l);let w="";for(const[A,v]of Object.entries(d))v!=null&&(w===""?w+="?":w+="&",w+=`${A}=${encodeURIComponent(v)}`);o.open(`${a.endSessionEndpoint}${w}`)}else o.reload()},fn=e=>async(n=!1)=>{if(e.userInfo!=null&&!n)return e.userInfo;for(;e.tokens&&!ne(e.tokens);)await $({milliseconds:200});if(!e.tokens)return null;const s=e.tokens.accessToken;if(!s)return null;const t=e.configuration,r=(await e.initAsync(t.authority,t.authority_configuration)).userInfoEndpoint,c=await(async a=>{const _=await fetch(r,{headers:{authorization:`Bearer ${a}`}});return _.status!==200?null:_.json()})(s);return e.userInfo=c,c};class q{open(n){window.location.href=n}reload(){window.location.reload()}getCurrentHref(){return window.location.href}getPath(){const n=window.location;return n.pathname+(n.search||"")+(n.hash||"")}getOrigin(){return window.origin}}const dn=e=>!!(e.os==="iOS"&&e.osVersion.startsWith("12")||e.os==="Mac OS X"&&e.osVersion.startsWith("10_15_6")),_n=e=>{const n=e.appVersion,s=e.userAgent,t="-";let o=t;const r=[{s:"Windows 10",r:/(Windows 10.0|Windows NT 10.0)/},{s:"Windows 8.1",r:/(Windows 8.1|Windows NT 6.3)/},{s:"Windows 8",r:/(Windows 8|Windows NT 6.2)/},{s:"Windows 7",r:/(Windows 7|Windows NT 6.1)/},{s:"Windows Vista",r:/Windows NT 6.0/},{s:"Windows Server 2003",r:/Windows NT 5.2/},{s:"Windows XP",r:/(Windows NT 5.1|Windows XP)/},{s:"Windows 2000",r:/(Windows NT 5.0|Windows 2000)/},{s:"Windows ME",r:/(Win 9x 4.90|Windows ME)/},{s:"Windows 98",r:/(Windows 98|Win98)/},{s:"Windows 95",r:/(Windows 95|Win95|Windows_95)/},{s:"Windows NT 4.0",r:/(Windows NT 4.0|WinNT4.0|WinNT|Windows NT)/},{s:"Windows CE",r:/Windows CE/},{s:"Windows 3.11",r:/Win16/},{s:"Android",r:/Android/},{s:"Open BSD",r:/OpenBSD/},{s:"Sun OS",r:/SunOS/},{s:"Chrome OS",r:/CrOS/},{s:"Linux",r:/(Linux|X11(?!.*CrOS))/},{s:"iOS",r:/(iPhone|iPad|iPod)/},{s:"Mac OS X",r:/Mac OS X/},{s:"Mac OS",r:/(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/},{s:"QNX",r:/QNX/},{s:"UNIX",r:/UNIX/},{s:"BeOS",r:/BeOS/},{s:"OS/2",r:/OS\/2/},{s:"Search Bot",r:/(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/}];for(const c in r){const a=r[c];if(a.r.test(s)){o=a.s;break}}let i=t;switch(/Windows/.test(o)&&(i=/Windows (.*)/.exec(o)[1],o="Windows"),o){case"Mac OS":case"Mac OS X":case"Android":i=/(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(s)[1];break;case"iOS":{const c=/OS (\d+)_(\d+)_?(\d+)?/.exec(n);c!=null&&c.length>2&&(i=c[1]+"."+c[2]+"."+(parseInt(c[3])|0));break}}return{os:o,osVersion:i}};function hn(){const e=navigator.userAgent;let n,s=e.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i)||[];if(/trident/i.test(s[1]))return n=/\brv[ :]+(\d+)/g.exec(e)||[],{name:"ie",version:n[1]||""};if(s[1]==="Chrome"&&(n=e.match(/\bOPR|Edge\/(\d+)/),n!=null)){let t=n[1];if(!t){const o=e.split(n[0]+"/");o.length>1&&(t=o[1])}return{name:"opera",version:t}}return s=s[2]?[s[1],s[2]]:[navigator.appName,navigator.appVersion,"-?"],(n=e.match(/version\/(\d+)/i))!=null&&s.splice(1,1,n[1]),{name:s[0].toLowerCase(),version:s[1]}}const yn=()=>{const{name:e,version:n}=hn();if(e==="chrome"&&parseInt(n)<=70||e==="opera"&&(!n||parseInt(n.split(".")[0])<80)||e==="ie")return!1;const s=_n(navigator);return!dn(s)},gn=async e=>{let n;if(e.tokens!=null)return!1;e.publishEvent(p.tryKeepExistingSessionAsync_begin,{});try{const s=e.configuration,t=await e.initAsync(s.authority,s.authority_configuration);if(n=await I(s,e.configurationName),n){const{tokens:o}=await n.initAsync(t,"tryKeepExistingSessionAsync",s);if(o){n.startKeepAliveServiceWorker(),e.tokens=o;const r=n.getLoginParams(e.configurationName);e.timeoutId=B(e,e.tokens.expiresAt,r.extras);const i=await n.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,i),e.publishEvent(p.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside ServiceWorker are valid"}),!0}e.publishEvent(p.tryKeepExistingSessionAsync_end,{success:!1,message:"no exiting session found"})}else{s.service_worker_relative_url&&e.publishEvent(p.service_worker_not_supported_by_browser,{message:"service worker is not supported by this browser"});const o=E(e.configurationName,s.storage??sessionStorage),{tokens:r}=await o.initAsync();if(r){e.tokens=X(r,null,s.token_renew_mode);const i=o.getLoginParams();e.timeoutId=B(e,e.tokens.expiresAt,i.extras);const c=await o.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,c),e.publishEvent(p.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside storage are valid"}),!0}}return e.publishEvent(p.tryKeepExistingSessionAsync_end,{success:!1,message:n?"service worker sessions not retrieved":"session storage sessions not retrieved"}),!1}catch(s){return console.error(s),n&&await n.clearAsync(),e.publishEvent(p.tryKeepExistingSessionAsync_error,"tokens inside ServiceWorker are invalid"),!1}},Pe=()=>fetch;class le{constructor(n){this.authorizationEndpoint=n.authorization_endpoint,this.tokenEndpoint=n.token_endpoint,this.revocationEndpoint=n.revocation_endpoint,this.userInfoEndpoint=n.userinfo_endpoint,this.checkSessionIframe=n.check_session_iframe,this.issuer=n.issuer,this.endSessionEndpoint=n.end_session_endpoint}}const L={},kn=(e,n=new q)=>(s,t="default")=>(L[t]||(L[t]=new x(s,t,e,n)),L[t]),mn=async e=>{const{parsedTokens:n,callbackPath:s}=await e.loginCallbackAsync();return e.timeoutId=B(e,n.expiresAt),{callbackPath:s}},pn=e=>Math.floor(Math.random()*e),H=class H{constructor(n,s="default",t,o=new q){this.initPromise=null,this.tryKeepExistingSessionPromise=null,this.loginPromise=null,this.loginCallbackPromise=null,this.loginCallbackWithAutoTokensRenewPromise=null,this.userInfoPromise=null,this.renewTokensPromise=null,this.logoutPromise=null;let r=n.silent_login_uri;n.silent_redirect_uri&&!n.silent_login_uri&&(r=`${n.silent_redirect_uri.replace("-callback","").replace("callback","")}-login`);let i=n.refresh_time_before_tokens_expiration_in_second??120;i>60&&(i=i-Math.floor(Math.random()*40)),this.location=o??new q;const c=n.service_worker_update_require_callback??De(this.location);this.configuration={...n,silent_login_uri:r,monitor_session:n.monitor_session??!1,refresh_time_before_tokens_expiration_in_second:i,silent_login_timeout:n.silent_login_timeout??12e3,token_renew_mode:n.token_renew_mode??Y.access_token_or_id_token_invalid,demonstrating_proof_of_possession:n.demonstrating_proof_of_possession??!1,authority_timeout_wellknowurl_in_millisecond:n.authority_timeout_wellknowurl_in_millisecond??1e4,logout_tokens_to_invalidate:n.logout_tokens_to_invalidate??["access_token","refresh_token"],service_worker_update_require_callback:c,service_worker_activate:n.service_worker_activate??yn,demonstrating_proof_of_possession_configuration:n.demonstrating_proof_of_possession_configuration??Ue},this.getFetch=t??Pe,this.configurationName=s,this.tokens=null,this.userInfo=null,this.events=[],this.timeoutId=null,this.loginCallbackWithAutoTokensRenewAsync.bind(this),this.initAsync.bind(this),this.loginCallbackAsync.bind(this),this.subscribeEvents.bind(this),this.removeEventSubscription.bind(this),this.publishEvent.bind(this),this.destroyAsync.bind(this),this.logoutAsync.bind(this),this.renewTokensAsync.bind(this),this.initAsync(this.configuration.authority,this.configuration.authority_configuration)}subscribeEvents(n){const s=pn(9999999999999).toString();return this.events.push({id:s,func:n}),s}removeEventSubscription(n){const s=this.events.filter(t=>t.id!==n);this.events=s}publishEvent(n,s){this.events.forEach(t=>{t.func(n,s)})}static get(n="default"){const s=typeof process>"u";if(!Object.prototype.hasOwnProperty.call(L,n)&&s)throw Error(`OIDC library does seem initialized.
2
- Please checkout that you are using OIDC hook inside a <OidcProvider configurationName="${n}"></OidcProvider> component.`);return L[n]}_silentLoginCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const n=this.location,s=j(n.getCurrentHref());window.parent.postMessage(`${this.configurationName}_oidc_tokens:${JSON.stringify({tokens:this.tokens,sessionState:s.session_state})}`,n.getOrigin())}}_silentLoginErrorCallbackFromIFrame(n=null){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const s=this.location,t=j(s.getCurrentHref());t.error?window.parent.postMessage(`${this.configurationName}_oidc_error:${JSON.stringify({error:t.error})}`,s.getOrigin()):window.parent.postMessage(`${this.configurationName}_oidc_exception:${JSON.stringify({error:n==null?"":n.toString()})}`,s.getOrigin())}}async silentLoginCallbackAsync(){try{await this.loginCallbackAsync(!0),this._silentLoginCallbackFromIFrame()}catch(n){console.error(n),this._silentLoginErrorCallbackFromIFrame(n)}}async initAsync(n,s){if(this.initPromise!==null)return this.initPromise;const t=async()=>{if(s!=null)return new le({authorization_endpoint:s.authorization_endpoint,end_session_endpoint:s.end_session_endpoint,revocation_endpoint:s.revocation_endpoint,token_endpoint:s.token_endpoint,userinfo_endpoint:s.userinfo_endpoint,check_session_iframe:s.check_session_iframe,issuer:s.issuer});const r=await I(this.configuration,this.configurationName)?window.localStorage:null;return await Ye(this.getFetch())(n,this.configuration.authority_time_cache_wellknowurl_in_second??60*60,r,this.configuration.authority_timeout_wellknowurl_in_millisecond)};return this.initPromise=t(),this.initPromise.then(o=>(this.initPromise=null,o))}async tryKeepExistingSessionAsync(){return this.tryKeepExistingSessionPromise!==null?this.tryKeepExistingSessionPromise:(this.tryKeepExistingSessionPromise=gn(this),this.tryKeepExistingSessionPromise.then(n=>(this.tryKeepExistingSessionPromise=null,n)))}async startCheckSessionAsync(n,s,t,o=!1){await sn(this,L,this.configuration)(n,s,t,o)}async loginAsync(n=void 0,s=null,t=!1,o=void 0,r=!1){return this.loginPromise!==null?this.loginPromise:r?nn(window,this.configurationName,this.configuration,this.publishEvent.bind(this),this)(s,o):(this.loginPromise=rn(this.configurationName,this.configuration,this.publishEvent.bind(this),this.initAsync.bind(this),this.location)(n,s,t,o),this.loginPromise.then(i=>(this.loginPromise=null,i)))}async loginCallbackAsync(n=!1){if(this.loginCallbackPromise!==null)return this.loginCallbackPromise;const s=async()=>{const t=await an(this)(n),o=t.tokens;return this.tokens=o,await I(this.configuration,this.configurationName)||E(this.configurationName,this.configuration.storage).setTokens(o),this.publishEvent(H.eventNames.token_aquired,o),{parsedTokens:o,state:t.state,callbackPath:t.callbackPath}};return this.loginCallbackPromise=s(),this.loginCallbackPromise.then(t=>(this.loginCallbackPromise=null,t))}async generateDemonstrationOfProofOfPossessionAsync(n,s,t){const o=this.configuration,r={ath:await we(n)},i=await I(o,this.configurationName);let c;if(i)return`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${this.configurationName}`;const a=E(this.configurationName,o.storage);let _=await a.getDemonstratingProofOfPossessionJwkAsync();return c=await a.getDemonstratingProofOfPossessionNonce(),c&&(r.nonce=c),await me(window)(o.demonstrating_proof_of_possession_configuration)(_,t,s,r)}loginCallbackWithAutoTokensRenewAsync(){return this.loginCallbackWithAutoTokensRenewPromise!==null?this.loginCallbackWithAutoTokensRenewPromise:(this.loginCallbackWithAutoTokensRenewPromise=mn(this),this.loginCallbackWithAutoTokensRenewPromise.then(n=>(this.loginCallbackWithAutoTokensRenewPromise=null,n)))}userInfoAsync(n=!1){return this.userInfoPromise!==null?this.userInfoPromise:(this.userInfoPromise=fn(this)(n),this.userInfoPromise.then(s=>(this.userInfoPromise=null,s)))}async renewTokensAsync(n=null){if(this.renewTokensPromise!==null)return this.renewTokensPromise;if(this.timeoutId)return F.clearTimeout(this.timeoutId),this.renewTokensPromise=ve(this,!0,n),this.renewTokensPromise.then(s=>(this.renewTokensPromise=null,s))}async destroyAsync(n){return await ln(this)(n)}async logoutSameTabAsync(n,s){this.configuration.monitor_session&&this.configuration.client_id===n&&s&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===s&&(await this.destroyAsync("LOGGED_OUT"),this.publishEvent(p.logout_from_same_tab,{mmessage:"SessionMonitor",sub:s}))}async logoutOtherTabAsync(n,s){this.configuration.monitor_session&&this.configuration.client_id===n&&s&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===s&&(await this.destroyAsync("LOGGED_OUT"),this.publishEvent(p.logout_from_another_tab,{message:"SessionMonitor",sub:s}))}async logoutAsync(n=void 0,s=null){return this.logoutPromise?this.logoutPromise:(this.logoutPromise=un(this,L,this.getFetch(),console,this.location)(n,s),this.logoutPromise.then(t=>(this.logoutPromise=null,t)))}};H.getOrCreate=(n,s)=>(t,o="default")=>kn(n,s)(t,o),H.eventNames=p;let x=H;const wn=(e,n)=>async(...s)=>{var u;const[t,o,...r]=s,i=o?{...o}:{method:"GET"};let c=new Headers;i.headers&&(c=i.headers instanceof Headers?i.headers:new Headers(i.headers));const a=n,_=await a.getValidTokenAsync(),f=(u=_==null?void 0:_.tokens)==null?void 0:u.accessToken;if(c.has("Accept")||c.set("Accept","application/json"),f){if(a.configuration.demonstrating_proof_of_possession){const h=await a.generateDemonstrationOfProofOfPossessionAsync(f,t.toString(),i.method);c.set("Authorization",`PoP ${f}`),c.set("DPoP",h)}else c.set("Authorization",`Bearer ${f}`);i.credentials||(i.credentials="same-origin")}const l={...i,headers:c};return await e(t,l,...r)},U=class U{constructor(n){this._oidc=n}subscribeEvents(n){return this._oidc.subscribeEvents(n)}removeEventSubscription(n){this._oidc.removeEventSubscription(n)}publishEvent(n,s){this._oidc.publishEvent(n,s)}static get(n="default"){return new U(x.get(n))}tryKeepExistingSessionAsync(){return this._oidc.tryKeepExistingSessionAsync()}loginAsync(n=void 0,s=null,t=!1,o=void 0,r=!1){return this._oidc.loginAsync(n,s,t,o,r)}logoutAsync(n=void 0,s=null){return this._oidc.logoutAsync(n,s)}silentLoginCallbackAsync(){return this._oidc.silentLoginCallbackAsync()}renewTokensAsync(n=null){return this._oidc.renewTokensAsync(n)}loginCallbackAsync(){return this._oidc.loginCallbackWithAutoTokensRenewAsync()}get tokens(){return this._oidc.tokens}get configuration(){return this._oidc.configuration}async generateDemonstrationOfProofOfPossessionAsync(n,s,t){return this._oidc.generateDemonstrationOfProofOfPossessionAsync(n,s,t)}async getValidTokenAsync(n=200,s=50){return xe(this._oidc,n,s)}fetchWithTokens(n){return wn(n,this)}async userInfoAsync(n=!1){return this._oidc.userInfoAsync(n)}};U.getOrCreate=(n,s=new q)=>(t,o="default")=>new U(x.getOrCreate(n,s)(t,o)),U.eventNames=x.eventNames;let ue=U;N.OidcClient=ue,N.OidcLocation=q,N.TokenRenewMode=Y,N.getFetchDefault=Pe,N.getParseQueryStringFromLocation=j,N.getPath=tn,Object.defineProperty(N,Symbol.toStringTag,{value:"Module"})});
1
+ (function(N,G){typeof exports=="object"&&typeof module<"u"?G(exports):typeof define=="function"&&define.amd?define(["exports"],G):(N=typeof globalThis<"u"?globalThis:N||self,G(N["oidc-client"]={}))})(this,function(N){"use strict";const D=console;class Oe{constructor(n,s,t,o=2e3,r=!0){this._callback=n,this._client_id=s,this._url=t,this._interval=o||2e3,this._stopOnError=r;const i=t.indexOf("/",t.indexOf("//")+2);this._frame_origin=t.substr(0,i),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.style.display="none",this._frame.width=0,this._frame.height=0,this._frame.src=t}load(){return new Promise(n=>{this._frame.onload=()=>{n()},window.document.body.appendChild(this._frame),this._boundMessageEvent=this._message.bind(this),window.addEventListener("message",this._boundMessageEvent,!1)})}_message(n){n.origin===this._frame_origin&&n.source===this._frame.contentWindow&&(n.data==="error"?(D.error("CheckSessionIFrame: error message from check session op iframe"),this._stopOnError&&this.stop()):n.data==="changed"?(D.debug(n),D.debug("CheckSessionIFrame: changed message from check session op iframe"),this.stop(),this._callback()):D.debug("CheckSessionIFrame: "+n.data+" message from check session op iframe"))}start(n){D.debug("CheckSessionIFrame.start :"+n),this.stop();const s=()=>{this._frame.contentWindow.postMessage(this._client_id+" "+n,this._frame_origin)};s(),this._timer=window.setInterval(s,this._interval)}stop(){this._timer&&(D.debug("CheckSessionIFrame.stop"),window.clearInterval(this._timer),this._timer=null)}}const p={service_worker_not_supported_by_browser:"service_worker_not_supported_by_browser",token_aquired:"token_aquired",logout_from_another_tab:"logout_from_another_tab",logout_from_same_tab:"logout_from_same_tab",token_renewed:"token_renewed",token_timer:"token_timer",loginAsync_begin:"loginAsync_begin",loginAsync_error:"loginAsync_error",loginCallbackAsync_begin:"loginCallbackAsync_begin",loginCallbackAsync_end:"loginCallbackAsync_end",loginCallbackAsync_error:"loginCallbackAsync_error",refreshTokensAsync_begin:"refreshTokensAsync_begin",refreshTokensAsync:"refreshTokensAsync",refreshTokensAsync_end:"refreshTokensAsync_end",refreshTokensAsync_error:"refreshTokensAsync_error",refreshTokensAsync_silent_error:"refreshTokensAsync_silent_error",tryKeepExistingSessionAsync_begin:"tryKeepExistingSessionAsync_begin",tryKeepExistingSessionAsync_end:"tryKeepExistingSessionAsync_end",tryKeepExistingSessionAsync_error:"tryKeepExistingSessionAsync_error",silentLoginAsync_begin:"silentLoginAsync_begin",silentLoginAsync:"silentLoginAsync",silentLoginAsync_end:"silentLoginAsync_end",silentLoginAsync_error:"silentLoginAsync_error",syncTokensAsync_begin:"syncTokensAsync_begin",syncTokensAsync_lock_not_available:"syncTokensAsync_lock_not_available",syncTokensAsync_end:"syncTokensAsync_end",syncTokensAsync_error:"syncTokensAsync_error"},E=(e,n=sessionStorage)=>{const s=y=>(n[`oidc.${e}`]=JSON.stringify({tokens:null,status:y}),Promise.resolve()),t=async()=>{if(!n[`oidc.${e}`])return n[`oidc.${e}`]=JSON.stringify({tokens:null,status:null}),{tokens:null,status:null};const y=JSON.parse(n[`oidc.${e}`]);return Promise.resolve({tokens:y.tokens,status:y.status})},o=y=>{n[`oidc.${e}`]=JSON.stringify({tokens:y})},r=async y=>{n[`oidc.session_state.${e}`]=y},i=async()=>n[`oidc.session_state.${e}`],c=y=>{n[`oidc.nonce.${e}`]=y.nonce},a=y=>{n[`oidc.jwk.${e}`]=JSON.stringify(y)},_=()=>JSON.parse(n[`oidc.jwk.${e}`]),f=async()=>({nonce:n[`oidc.nonce.${e}`]}),l=async y=>{n[`oidc.dpop_nonce.${e}`]=y},u=()=>n[`oidc.dpop_nonce.${e}`],h=()=>n[`oidc.${e}`]?JSON.stringify({tokens:JSON.parse(n[`oidc.${e}`]).tokens}):null;let g={};return{clearAsync:s,initAsync:t,setTokens:o,getTokens:h,setSessionStateAsync:r,getSessionStateAsync:i,setNonceAsync:c,getNonceAsync:f,setLoginParams:y=>{g[e]=y,n[`oidc.login.${e}`]=JSON.stringify(y)},getLoginParams:()=>{const y=n[`oidc.login.${e}`];return y?(g[e]||(g[e]=JSON.parse(y)),g[e]):(console.warn(`storage[oidc.login.${e}] is empty, you should have an bad OIDC or code configuration somewhere.`),null)},getStateAsync:async()=>n[`oidc.state.${e}`],setStateAsync:async y=>{n[`oidc.state.${e}`]=y},getCodeVerifierAsync:async()=>n[`oidc.code_verifier.${e}`],setCodeVerifierAsync:async y=>{n[`oidc.code_verifier.${e}`]=y},setDemonstratingProofOfPossessionNonce:l,getDemonstratingProofOfPossessionNonce:u,setDemonstratingProofOfPossessionJwkAsync:a,getDemonstratingProofOfPossessionJwkAsync:_}},Ee=e=>decodeURIComponent(Array.prototype.map.call(atob(e),n=>"%"+("00"+n.charCodeAt(0).toString(16)).slice(-2)).join("")),Ie=e=>JSON.parse(Ee(e.replaceAll(/-/g,"+").replaceAll(/_/g,"/"))),ue=e=>{try{return e&&Ce(e,".")===2?Ie(e.split(".")[1]):null}catch(n){console.warn(n)}return null},Ce=(e,n)=>e.split(n).length-1,Y={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"};function Ne(e,n,s){if(e.issuedAt){if(typeof e.issuedAt=="string")return parseInt(e.issuedAt,10)}else return n&&n.iat?n.iat:s&&s.iat?s.iat:new Date().getTime()/1e3;return e.issuedAt}const X=(e,n=null,s)=>{if(!e)return null;let t;const o=typeof e.expiresIn=="string"?parseInt(e.expiresIn,10):e.expiresIn;e.accessTokenPayload!==void 0?t=e.accessTokenPayload:t=ue(e.accessToken);let r;n!=null&&"idToken"in n&&!("idToken"in e)?r=n.idToken:r=e.idToken;const i=e.idTokenPayload?e.idTokenPayload:ue(r),c=i&&i.exp?i.exp:Number.MAX_VALUE,a=t&&t.exp?t.exp:e.issuedAt+o;e.issuedAt=Ne(e,t,i);let _;e.expiresAt?_=e.expiresAt:s===Y.access_token_invalid?_=a:s===Y.id_token_invalid?_=c:_=c<a?c:a;const f={...e,idTokenPayload:i,accessTokenPayload:t,expiresAt:_,idToken:r};if(n!=null&&"refreshToken"in n&&!("refreshToken"in e)){const l=n.refreshToken;return{...f,refreshToken:l}}return f},ee=(e,n,s)=>{if(!e)return null;if(!e.issued_at){const o=new Date().getTime()/1e3;e.issued_at=o}const t={accessToken:e.access_token,expiresIn:e.expires_in,idToken:e.id_token,scope:e.scope,tokenType:e.token_type,issuedAt:e.issued_at};return"refresh_token"in e&&(t.refreshToken=e.refresh_token),e.accessTokenPayload!==void 0&&(t.accessTokenPayload=e.accessTokenPayload),e.idTokenPayload!==void 0&&(t.idTokenPayload=e.idTokenPayload),X(t,n,s)},M=(e,n)=>{const s=new Date().getTime()/1e3,t=n-s;return Math.round(t-e)},ne=e=>e?M(0,e.expiresAt)>0:!1,xe=async(e,n=200,s=50)=>{let t=s;if(!e.tokens)return null;for(;!ne(e.tokens)&&t>0;)await $({milliseconds:n}),t=t-1;return{isTokensValid:ne(e.tokens),tokens:e.tokens,numberWaited:t-s}},fe=(e,n,s)=>{if(e.idTokenPayload){const t=e.idTokenPayload;if(s.issuer!==t.iss)return{isValid:!1,reason:`Issuer does not match (oidcServerConfiguration issuer) ${s.issuer} !== (idTokenPayload issuer) ${t.iss}`};const o=new Date().getTime()/1e3;if(t.exp&&t.exp<o)return{isValid:!1,reason:`Token expired (idTokenPayload exp) ${t.exp} < (currentTimeUnixSecond) ${o}`};const r=60*60*24*7;if(t.iat&&t.iat+r<o)return{isValid:!1,reason:`Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${t.iat+r} < (currentTimeUnixSecond) ${o}`};if(t.nonce&&t.nonce!==n)return{isValid:!1,reason:`Nonce does not match (idTokenPayload nonce) ${t.nonce} !== (nonce) ${n}`}}return{isValid:!0,reason:""}},F=function(){const e=function(){let a,_;const f=(function(){const u={},h={setTimeout:function(m,d,w){u[d]=setTimeout(function(){m.postMessage(d),u[d]=null},w)},setInterval:function(m,d,w){u[d]=setInterval(function(){m.postMessage(d)},w)},clearTimeout:function(m,d){clearTimeout(u[d]),u[d]=null},clearInterval:function(m,d){clearInterval(u[d]),u[d]=null}};function g(m,d){const w=d.data[0],A=d.data[1],v=d.data[2];h[w]&&h[w](m,A,v)}this.onmessage=function(m){g(self,m)},this.onconnect=function(m){const d=m.ports[0];d.onmessage=function(w){g(d,w)}}}).toString();try{const u=new Blob(["(",f,")()"],{type:"application/javascript"});_=URL.createObjectURL(u)}catch{return null}const l=typeof process>"u";try{if(SharedWorker)return a=new SharedWorker(_),a.port}catch{l&&console.warn("SharedWorker not available")}try{if(Worker)return a=new Worker(_),a}catch{l&&console.warn("Worker not available")}return null}();if(!e){const a=typeof window>"u"?global:window;return{setTimeout:setTimeout.bind(a),clearTimeout:clearTimeout.bind(a),setInterval:setInterval.bind(a),clearInterval:clearInterval.bind(a)}}const n=function(){let a=0;return function(){return a++,a}}(),s={},t={};e.onmessage=function(a){const _=a.data,f=s[_];if(f){f(),s[_]=null;return}const l=t[_];l&&l()};function o(a,_){const f=n();return e.postMessage(["setTimeout",f,_]),s[f]=a,f}function r(a){e.postMessage(["clearTimeout",a]),s[a]=null}function i(a,_){const f=n();return e.postMessage(["setInterval",f,_]),t[f]=a,f}function c(a){e.postMessage(["clearInterval",a]),t[a]=null}return{setTimeout:o,clearTimeout:r,setInterval:i,clearInterval:c}}(),de="7.19.2";let _e=null,z;const $=({milliseconds:e})=>new Promise(n=>F.setTimeout(n,e)),he=(e="/")=>{try{z=new AbortController,fetch(`${e}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`,{signal:z.signal}).catch(t=>{console.log(t)}),$({milliseconds:150*1e3}).then(he)}catch(n){console.log(n)}},Le=()=>{z&&z.abort()},We=(e="/")=>fetch(`${e}OidcKeepAliveServiceWorker.json`,{headers:{"oidc-vanilla":"true"}}).then(n=>n.statusText==="oidc-service-worker").catch(n=>{console.log(n)}),De=e=>async(n,s)=>{s(),await n.update();const t=await n.unregister();console.log(`Service worker unregistering ${t}`),await $({milliseconds:2e3}),e.reload()},O=e=>n=>new Promise(function(s,t){const o=new MessageChannel;o.port1.onmessage=function(r){r.data&&r.data.error?t(r.data.error):s(r.data)},e.active.postMessage(n,[o.port2])}),I=async(e,n)=>{const s=e.service_worker_relative_url;if(typeof window>"u"||typeof navigator>"u"||!navigator.serviceWorker||!s||e.service_worker_activate()===!1)return null;let t=null;e.register?t=await e.service_worker_register(s):t=await navigator.serviceWorker.register(s);try{await navigator.serviceWorker.ready,navigator.serviceWorker.controller||await O(t)({type:"claim"})}catch{return null}const o=async k=>O(t)({type:"clear",data:{status:k},configurationName:n}),r=async(k,S,C)=>{const b=await O(t)({type:"init",data:{oidcServerConfiguration:k,where:S,oidcConfiguration:{token_renew_mode:C.token_renew_mode,service_worker_convert_all_requests_to_cors:C.service_worker_convert_all_requests_to_cors}},configurationName:n}),V=b.version;return V!==de&&(console.warn(`Service worker ${V} version mismatch with js client version ${de}, unregistering and reloading`),await C.service_worker_update_require_callback(t,Le)),{tokens:ee(b.tokens,null,C.token_renew_mode),status:b.status}},i=(k="/")=>{_e==null&&(_e="not_null",he(k))},c=k=>O(t)({type:"setSessionState",data:{sessionState:k},configurationName:n}),a=async()=>(await O(t)({type:"getSessionState",data:null,configurationName:n})).sessionState,_=k=>(sessionStorage[`oidc.nonce.${n}`]=k.nonce,O(t)({type:"setNonce",data:{nonce:k},configurationName:n})),f=async()=>{let S=(await O(t)({type:"getNonce",data:null,configurationName:n})).nonce;return S||(S=sessionStorage[`oidc.nonce.${n}`],console.warn("nonce not found in service worker, using sessionStorage")),{nonce:S}};let l={};return{clearAsync:o,initAsync:r,startKeepAliveServiceWorker:()=>i(e.service_worker_keep_alive_path),isServiceWorkerProxyActiveAsync:()=>We(e.service_worker_keep_alive_path),setSessionStateAsync:c,getSessionStateAsync:a,setNonceAsync:_,getNonceAsync:f,setLoginParams:k=>{l[n]=k,localStorage[`oidc.login.${n}`]=JSON.stringify(k)},getLoginParams:()=>{const k=localStorage[`oidc.login.${n}`];return l[n]||(l[n]=JSON.parse(k)),l[n]},getStateAsync:async()=>{let S=(await O(t)({type:"getState",data:null,configurationName:n})).state;return S||(S=sessionStorage[`oidc.state.${n}`],console.warn("state not found in service worker, using sessionStorage")),S},setStateAsync:async k=>(sessionStorage[`oidc.state.${n}`]=k,O(t)({type:"setState",data:{state:k},configurationName:n})),getCodeVerifierAsync:async()=>{let S=(await O(t)({type:"getCodeVerifier",data:null,configurationName:n})).codeVerifier;return S||(S=sessionStorage[`oidc.code_verifier.${n}`],console.warn("codeVerifier not found in service worker, using sessionStorage")),S},setCodeVerifierAsync:async k=>(sessionStorage[`oidc.code_verifier.${n}`]=k,O(t)({type:"setCodeVerifier",data:{codeVerifier:k},configurationName:n})),setDemonstratingProofOfPossessionNonce:async k=>{await O(t)({type:"setDemonstratingProofOfPossessionNonce",data:{demonstratingProofOfPossessionNonce:k},configurationName:n})},getDemonstratingProofOfPossessionNonce:async()=>(await O(t)({type:"getDemonstratingProofOfPossessionNonce",data:null,configurationName:n})).demonstratingProofOfPossessionNonce,setDemonstratingProofOfPossessionJwkAsync:async k=>{const S=JSON.stringify(k);await O(t)({type:"setDemonstratingProofOfPossessionJwk",data:{demonstratingProofOfPossessionJwkJson:S},configurationName:n})},getDemonstratingProofOfPossessionJwkAsync:async()=>{const k=await O(t)({type:"getDemonstratingProofOfPossessionJwk",data:null,configurationName:n});return k.demonstratingProofOfPossessionJwkJson?JSON.parse(k.demonstratingProofOfPossessionJwkJson):null}}},R={},$e=(e,n=window.sessionStorage,s)=>{if(!R[e]&&n){const o=n.getItem(e);o&&(R[e]=JSON.parse(o))}const t=1e3*s;return R[e]&&R[e].timestamp+t>Date.now()?R[e].result:null},Re=(e,n,s=window.sessionStorage)=>{const t=Date.now();R[e]={result:n,timestamp:t},s&&s.setItem(e,JSON.stringify({result:n,timestamp:t}))};function ye(e){return new TextEncoder().encode(e)}function ge(e){return btoa(e).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+/g,"")}function Ke(e){return encodeURIComponent(e).replace(/%([0-9A-F]{2})/g,function(s,t){return String.fromCharCode(parseInt(t,16))})}const se=e=>{let n="";return e.forEach(function(s){n+=String.fromCharCode(s)}),ge(n)};function ke(e){return ge(Ke(e))}const Ue={importKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256",hash:{name:"ES256"}},signAlgorithm:{name:"ECDSA",hash:{name:"SHA-256"}},generateKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256"},digestAlgorithm:{name:"SHA-256"},jwtHeaderAlgorithm:"ES256"};var Ve={sign:e=>async(n,s,t,o,r="dpop+jwt")=>{switch(n=Object.assign({},n),s.typ=r,s.alg=o.jwtHeaderAlgorithm,s.alg){case"ES256":s.jwk={kty:n.kty,crv:n.crv,x:n.x,y:n.y};break;case"RS256":s.jwk={kty:n.kty,n:n.n,e:n.e,kid:s.kid};break;default:throw new Error("Unknown or not implemented JWS algorithm")}const i={protected:ke(JSON.stringify(s)),payload:ke(JSON.stringify(t))},c=o.importKeyAlgorithm,a=!0,_=["sign"],f=await e.crypto.subtle.importKey("jwk",n,c,a,_),l=ye(`${i.protected}.${i.payload}`),u=o.signAlgorithm,h=await e.crypto.subtle.sign(u,f,l);return i.signature=se(new Uint8Array(h)),`${i.protected}.${i.payload}.${i.signature}`}};const Me={generate:e=>async n=>{const s=n,t=!0,o=["sign","verify"],r=await e.crypto.subtle.generateKey(s,t,o);return await e.crypto.subtle.exportKey("jwk",r.privateKey)},neuter:e=>{const n=Object.assign({},e);return delete n.d,n.key_ops=["verify"],n}};var Fe={thumbprint:e=>async(n,s)=>{let t;switch(n.kty){case"EC":t='{"crv":"CRV","kty":"EC","x":"X","y":"Y"}'.replace("CRV",n.crv).replace("X",n.x).replace("Y",n.y);break;case"RSA":t='{"e":"E","kty":"RSA","n":"N"}'.replace("E",n.e).replace("N",n.n);break;default:throw new Error("Unknown or not implemented JWK type")}const o=await e.crypto.subtle.digest(s,ye(t));return se(new Uint8Array(o))}};const Je=e=>async n=>await Me.generate(e)(n),me=e=>n=>async(s,t="POST",o,r={})=>{const i={jti:btoa(Be()),htm:t,htu:o,iat:Math.round(Date.now()/1e3),...r},c=await Fe.thumbprint(e)(s,n.digestAlgorithm);return await Ve.sign(e)(s,{kid:c},i,n)},Be=()=>{const e="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx",n="0123456789abcdef";let s=0,t="";for(let o=0;o<36;o++)e[o]!=="-"&&e[o]!=="4"&&(s=Math.random()*16|0),e[o]==="x"?t+=n[s]:e[o]==="y"?(s&=3,s|=8,t+=n[s]):t+=e[o];return t},pe=()=>{const e=typeof window<"u"&&!!window.crypto,n=e&&!!window.crypto.subtle;return{hasCrypto:e,hasSubtleCrypto:n}},te="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",je=e=>{const n=[];for(let s=0;s<e.byteLength;s+=1){const t=e[s]%te.length;n.push(te[t])}return n.join("")},oe=e=>{const n=new Uint8Array(e),{hasCrypto:s}=pe();if(s)window.crypto.getRandomValues(n);else for(let t=0;t<e;t+=1)n[t]=Math.random()*te.length|0;return je(n)};function qe(e){const n=new ArrayBuffer(e.length),s=new Uint8Array(n);for(let t=0;t<e.length;t++)s[t]=e.charCodeAt(t);return s}function we(e){return new Promise((n,s)=>{crypto.subtle.digest("SHA-256",qe(e)).then(t=>n(se(new Uint8Array(t))),t=>s(t))})}const He=e=>{if(e.length<43||e.length>128)return Promise.reject(new Error("Invalid code length."));const{hasSubtleCrypto:n}=pe();return n?we(e):Promise.reject(new Error("window.crypto.subtle is unavailable."))},Ge=60*60,Ye=e=>async(n,s=Ge,t=window.sessionStorage,o=1e4)=>{const r=`${n}/.well-known/openid-configuration`,i=`oidc.server:${n}`,c=$e(i,t,s);if(c)return new ce(c);const a=await J(e)(r,{},o);if(a.status!==200)return null;const _=await a.json();return Re(i,_,t),new ce(_)},J=e=>async(n,s={},t=1e4,o=0)=>{let r;try{const i=new AbortController;setTimeout(()=>i.abort(),t),r=await e(n,{...s,signal:i.signal})}catch(i){if(i.name==="AbortError"||i.message==="Network request failed"){if(o<=1)return await J(e)(n,s,t,o+1);throw i}else throw console.error(i.message),i}return r},re={refresh_token:"refresh_token",access_token:"access_token"},Ae=e=>async(n,s,t=re.refresh_token,o,r={},i=1e4)=>{const c={token:s,token_type_hint:t,client_id:o};for(const[l,u]of Object.entries(r))c[l]===void 0&&(c[l]=u);const a=[];for(const l in c){const u=encodeURIComponent(l),h=encodeURIComponent(c[l]);a.push(`${u}=${h}`)}const _=a.join("&");return(await J(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:_},i)).status!==200?{success:!1}:{success:!0}},Xe=e=>async(n,s,t,o,r={},i,c=1e4)=>{for(const[h,g]of Object.entries(t))s[h]===void 0&&(s[h]=g);const a=[];for(const h in s){const g=encodeURIComponent(h),m=encodeURIComponent(s[h]);a.push(`${g}=${m}`)}const _=a.join("&"),f=await J(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...r},body:_},c);if(f.status!==200)return{success:!1,status:f.status,demonstratingProofOfPossessionNonce:null};const l=await f.json();let u=null;return f.headers.has(Q)&&(u=f.headers.get(Q)),{success:!0,status:f.status,data:ee(l,o,i),demonstratingProofOfPossessionNonce:u}},ze=(e,n)=>async(s,t)=>{t=t?{...t}:{};const o=oe(128),r=await He(o);await e.setCodeVerifierAsync(o),await e.setStateAsync(t.state),t.code_challenge=r,t.code_challenge_method="S256";let i="";if(t)for(const[c,a]of Object.entries(t))i===""?i+="?":i+="&",i+=`${c}=${encodeURIComponent(a)}`;n.open(`${s}${i}`)},Q="DPoP-Nonce",Qe=e=>async(n,s,t,o,r=1e4)=>{s=s?{...s}:{},s.code_verifier=await e.getCodeVerifierAsync();const i=[];for(const l in s){const u=encodeURIComponent(l),h=encodeURIComponent(s[l]);i.push(`${u}=${h}`)}const c=i.join("&"),a=await J(fetch)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...t},body:c},r);if(await Promise.all([e.setCodeVerifierAsync(null),e.setStateAsync(null)]),a.status!==200)return{success:!1,status:a.status};let _=null;a.headers.has(Q)&&(_=a.headers.get(Q));const f=await a.json();return{success:!0,data:{state:s.state,tokens:ee(f,null,o),demonstratingProofOfPossessionNonce:_}}};async function Se(e,n,s){const t=c=>{e.tokens=c},{tokens:o,status:r}=await Z(e)(0,n,s,t);return await I(e.configuration,e.configurationName)||await E(e.configurationName,e.configuration.storage).setTokens(e.tokens),e.tokens?o:(await e.destroyAsync(r),null)}const Ze=async(e,n)=>{const s=await I(n,e.configurationName);if(s){const t=await e.initAsync(n.authority,n.authority_configuration),{tokens:o}=await s.initAsync(t,"tryKeepExistingSessionAsync",n);return o}else{const t=E(e.configurationName,n.storage??sessionStorage);let{tokens:o}=await t.initAsync();return o=X(o,e.tokens,n.token_renew_mode),o}};async function ve(e,n=!1,s=null){const t=e.configuration,o=`${t.client_id}_${e.configurationName}_${t.authority}`;let r;const i=await I(e.configuration,e.configurationName);return(t==null?void 0:t.storage)===(window==null?void 0:window.sessionStorage)&&!i?r=await Se(e,n,s):r=await navigator.locks.request(o,{ifAvailable:!0},async c=>c?await Se(e,n,s):(e.publishEvent(x.eventNames.syncTokensAsync_lock_not_available,{lock:"lock not available"}),await Ze(e,t))),r?(e.timeoutId&&(e.timeoutId=B(e,e.tokens.expiresAt,s)),e.tokens):null}const B=(e,n,s=null)=>{const t=e.configuration.refresh_time_before_tokens_expiration_in_second;return F.setTimeout(async()=>{const r={timeLeft:M(t,n)};e.publishEvent(x.eventNames.token_timer,r),await ve(e,!1,s)},1e3)},K={SESSION_LOST:"SESSION_LOST",NOT_CONNECTED:"NOT_CONNECTED",TOKENS_VALID:"TOKENS_VALID",TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID",LOGOUT_FROM_ANOTHER_TAB:"LOGOUT_FROM_ANOTHER_TAB",REQUIRE_SYNC_TOKENS:"REQUIRE_SYNC_TOKENS"},en=e=>async(n,s,t,o=!1)=>{const r={nonce:null};if(!t)return{tokens:null,status:"NOT_CONNECTED",nonce:r};let i=r;const c=await e.initAsync(n.authority,n.authority_configuration),a=await I(n,s);if(a){const{status:l,tokens:u}=await a.initAsync(c,"syncTokensAsync",n);if(l==="LOGGED_OUT")return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:r};if(l==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:r};if(!l||!u)return{tokens:null,status:"REQUIRE_SYNC_TOKENS",nonce:r};if(u.issuedAt!==t.issuedAt){const g=M(n.refresh_time_before_tokens_expiration_in_second,u.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",m=await a.getNonceAsync();return{tokens:u,status:g,nonce:m}}i=await a.getNonceAsync()}else{const l=E(s,n.storage??sessionStorage);let{tokens:u,status:h}=await l.initAsync();if(u&&(u=X(u,e.tokens,n.token_renew_mode)),u){if(h==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:r};if(u.issuedAt!==t.issuedAt){const m=M(n.refresh_time_before_tokens_expiration_in_second,u.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",d=await l.getNonceAsync();return{tokens:u,status:m,nonce:d}}}else return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:r};i=await l.getNonceAsync()}const f=M(n.refresh_time_before_tokens_expiration_in_second,t.expiresAt)>0?"TOKENS_VALID":"TOKENS_INVALID";return o?{tokens:t,status:"FORCE_REFRESH",nonce:i}:{tokens:t,status:f,nonce:i}},Z=e=>async(n=0,s=!1,t=null,o)=>{for(;!navigator.onLine&&document.hidden;)await $({milliseconds:1e3}),e.publishEvent(p.refreshTokensAsync,{message:"wait because navigator is offline and hidden"});let r=6;for(;!navigator.onLine&&r>0;)await $({milliseconds:1e3}),r--,e.publishEvent(p.refreshTokensAsync,{message:`wait because navigator is offline try ${r}`});const i=document.hidden,c=n+1;t||(t={});const a=e.configuration,_=(l,u=null,h=null)=>ie(e.configurationName,e.configuration,e.publishEvent.bind(e))(l,u,h),f=async()=>{try{let l;const u=await I(a,e.configurationName);u?l=u.getLoginParams():l=E(e.configurationName,a.storage).getLoginParams();const h=await _({...l.extras,...t,prompt:"none"});return h?h.error?(o(null),e.publishEvent(p.refreshTokensAsync_error,{message:"refresh token silent"}),{tokens:null,status:"SESSION_LOST"}):(o(h.tokens),e.publishEvent(x.eventNames.token_renewed,{}),{tokens:h.tokens,status:"LOGGED"}):(o(null),e.publishEvent(p.refreshTokensAsync_error,{message:"refresh token silent not active"}),{tokens:null,status:"SESSION_LOST"})}catch(l){return console.error(l),e.publishEvent(p.refreshTokensAsync_silent_error,{message:"exceptionSilent",exception:l.message}),await Z(e)(c,s,t,o)}};if(n>4)return i?{tokens:e.tokens,status:"GIVE_UP"}:(o(null),e.publishEvent(p.refreshTokensAsync_error,{message:"refresh token"}),{tokens:null,status:"SESSION_LOST"});try{const{status:l,tokens:u,nonce:h}=await en(e)(a,e.configurationName,e.tokens,s);switch(l){case K.SESSION_LOST:return o(null),e.publishEvent(p.refreshTokensAsync_error,{message:"refresh token session lost"}),{tokens:null,status:"SESSION_LOST"};case K.NOT_CONNECTED:return o(null),{tokens:null,status:null};case K.TOKENS_VALID:return o(u),{tokens:u,status:"LOGGED_IN"};case K.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:return o(u),e.publishEvent(x.eventNames.token_renewed,{reason:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID"}),{tokens:u,status:"LOGGED_IN"};case K.LOGOUT_FROM_ANOTHER_TAB:return o(null),e.publishEvent(p.logout_from_another_tab,{status:"session syncTokensAsync"}),{tokens:null,status:"LOGGED_OUT"};case K.REQUIRE_SYNC_TOKENS:return e.publishEvent(p.refreshTokensAsync_begin,{tryNumber:n}),await f();default:{if(e.publishEvent(p.refreshTokensAsync_begin,{refreshToken:u.refreshToken,status:l,tryNumber:n}),!u.refreshToken)return await f();const g=a.client_id,m=a.redirect_uri,d=a.authority,A={...a.token_request_extras?a.token_request_extras:{}};for(const[T,y]of Object.entries(t))T.endsWith(":token_request")&&(A[T.replace(":token_request","")]=y);return await(async()=>{const T={client_id:g,redirect_uri:m,grant_type:"refresh_token",refresh_token:u.refreshToken},y=await e.initAsync(d,a.authority_configuration),k=document.hidden?1e4:3e4*10,S=y.tokenEndpoint,C={};a.demonstrating_proof_of_possession&&(C.DPoP=await e.generateDemonstrationOfProofOfPossessionAsync(u.accessToken,S,"POST"));const b=await Xe(e.getFetch())(S,T,A,u,C,a.token_renew_mode,k);if(b.success){const{isValid:V,reason:P}=fe(b.data,h.nonce,y);if(!V)return o(null),e.publishEvent(p.refreshTokensAsync_error,{message:`refresh token return not valid tokens, reason: ${P}`}),{tokens:null,status:"SESSION_LOST"};if(o(b.data),b.demonstratingProofOfPossessionNonce){const W=await I(a,e.configurationName);W?await W.setDemonstratingProofOfPossessionNonce(b.demonstratingProofOfPossessionNonce):await E(e.configurationName,a.storage).setDemonstratingProofOfPossessionNonce(b.demonstratingProofOfPossessionNonce)}return e.publishEvent(p.refreshTokensAsync_end,{success:b.success}),e.publishEvent(x.eventNames.token_renewed,{reason:"REFRESH_TOKEN"}),{tokens:b.data,status:"LOGGED_IN"}}else return e.publishEvent(p.refreshTokensAsync_silent_error,{message:"bad request",tokenResponse:b}),b.status>=400&&b.status<500?(o(null),e.publishEvent(p.refreshTokensAsync_error,{message:`session lost: ${b.status}`}),{tokens:null,status:"SESSION_LOST"}):await Z(e)(c,s,t,o)})()}}}catch(l){return console.error(l),e.publishEvent(p.refreshTokensAsync_silent_error,{message:"exception",exception:l.message}),Z(e)(c,s,t,o)}},ie=(e,n,s)=>(t=null,o=null,r=null)=>{if(!n.silent_redirect_uri||!n.silent_login_uri)return Promise.resolve(null);try{s(p.silentLoginAsync_begin,{});let i="";if(o&&(t==null&&(t={}),t.state=o),r&&(t==null&&(t={}),t.scope=r),t!=null)for(const[l,u]of Object.entries(t))i===""?i=`?${encodeURIComponent(l)}=${encodeURIComponent(u)}`:i+=`&${encodeURIComponent(l)}=${encodeURIComponent(u)}`;const c=n.silent_login_uri+i,a=c.indexOf("/",c.indexOf("//")+2),_=c.substring(0,a),f=document.createElement("iframe");return f.width="0px",f.height="0px",f.id=`${e}_oidc_iframe`,f.setAttribute("src",c),document.body.appendChild(f),new Promise((l,u)=>{let h=!1;const g=()=>{window.removeEventListener("message",m),f.remove(),h=!0},m=d=>{if(d.origin===_&&d.source===f.contentWindow){const w=`${e}_oidc_tokens:`,A=`${e}_oidc_error:`,v=`${e}_oidc_exception:`,T=d.data;if(T&&typeof T=="string"&&!h){if(T.startsWith(w)){const y=JSON.parse(d.data.replace(w,""));s(p.silentLoginAsync_end,{}),l(y),g()}else if(T.startsWith(A)){const y=JSON.parse(d.data.replace(A,""));s(p.silentLoginAsync_error,y),l({error:"oidc_"+y.error,tokens:null,sessionState:null}),g()}else if(T.startsWith(v)){const y=JSON.parse(d.data.replace(v,""));s(p.silentLoginAsync_error,y),u(new Error(y.error)),g()}}}};try{window.addEventListener("message",m);const d=n.silent_login_timeout;setTimeout(()=>{h||(g(),s(p.silentLoginAsync_error,{reason:"timeout"}),u(new Error("timeout")))},d)}catch(d){g(),s(p.silentLoginAsync_error,d),u(d)}})}catch(i){throw s(p.silentLoginAsync_error,i),i}},nn=(e,n,s,t,o)=>(r=null,i=void 0)=>{r={...r};const c=(_,f,l)=>ie(n,s,t.bind(o))(_,f,l);return(async()=>{o.timeoutId&&F.clearTimeout(o.timeoutId);let _;r&&"state"in r&&(_=r.state,delete r.state);try{const f=s.extras?{...s.extras,...r}:r,l=await c({...f,prompt:"none"},_,i);if(l)return o.tokens=l.tokens,t(p.token_aquired,{}),o.timeoutId=B(o,o.tokens.expiresAt,r),{}}catch(f){return f}})()},sn=(e,n,s)=>(t,o,r,i=!1)=>{const c=(a,_=void 0,f=void 0)=>ie(e.configurationName,s,e.publishEvent.bind(e))(a,_,f);return new Promise((a,_)=>{if(s.silent_login_uri&&s.silent_redirect_uri&&s.monitor_session&&t&&r&&!i){const f=()=>{e.checkSessionIFrame.stop();const l=e.tokens;if(l===null)return;const u=l.idToken,h=l.idTokenPayload;return c({prompt:"none",id_token_hint:u,scope:s.scope||"openid"}).then(g=>{if(g.error)throw new Error(g.error);const m=g.tokens.idTokenPayload;if(h.sub===m.sub){const d=g.sessionState;e.checkSessionIFrame.start(g.sessionState),h.sid===m.sid?console.debug("SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",d):console.debug("SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:",d)}else console.debug("SessionMonitor._callback: Different subject signed into OP:",m.sub)}).catch(async g=>{console.warn("SessionMonitor._callback: Silent login failed, logging out other tabs:",g);for(const[m,d]of Object.entries(n))await d.logoutOtherTabAsync(s.client_id,h.sub)})};e.checkSessionIFrame=new Oe(f,o,t),e.checkSessionIFrame.load().then(()=>{e.checkSessionIFrame.start(r),a(e.checkSessionIFrame)}).catch(l=>{_(l)})}else a(null)})},Te=e=>{const n=e.match(/^([a-z][\w-]+\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/);if(!n)throw new Error("Invalid URL");let s=n[6],t=n[7];if(t){const o=t.split("?");o.length===2&&(t=o[0],s=o[1])}return s.startsWith("?")&&(s=s.slice(1)),n&&{href:e,protocol:n[1],host:n[2],hostname:n[3],port:n[4],path:n[5],search:s,hash:t}},tn=e=>{const n=Te(e);let{path:s}=n;s.endsWith("/")&&(s=s.slice(0,-1));let{hash:t}=n;return t==="#_=_"&&(t=""),t&&(s+=t),s},j=e=>{const n=Te(e),{search:s}=n;return on(s)},on=e=>{const n={};let s,t,o;const r=e.split("&");for(t=0,o=r.length;t<o;t++)s=r[t].split("="),n[decodeURIComponent(s[0])]=decodeURIComponent(s[1]);return n},rn=(e,n,s,t,o)=>(r=void 0,i=null,c=!1,a=void 0)=>{const _=i;return i={...i},(async()=>{const l=r||o.getPath();if("state"in i||(i.state=oe(16)),s(p.loginAsync_begin,{}),i)for(const u of Object.keys(i))u.endsWith(":token_request")&&delete i[u];try{const u=c?n.silent_redirect_uri:n.redirect_uri;a||(a=n.scope);const h=n.extras?{...n.extras,...i}:i;h.nonce||(h.nonce=oe(12));const g={nonce:h.nonce},m=await I(n,e),d=await t(n.authority,n.authority_configuration);let w;if(m)m.setLoginParams({callbackPath:l,extras:_}),await m.initAsync(d,"loginAsync",n),await m.setNonceAsync(g),m.startKeepAliveServiceWorker(),w=m;else{const v=E(e,n.storage??sessionStorage);v.setLoginParams({callbackPath:l,extras:_}),await v.setNonceAsync(g),w=v}const A={client_id:n.client_id,redirect_uri:u,scope:a,response_type:"code",...h};await ze(w,o)(d.authorizationEndpoint,A)}catch(u){throw s(p.loginAsync_error,u),u}})()},an=e=>async(n=!1)=>{try{e.publishEvent(p.loginCallbackAsync_begin,{});const s=e.configuration,t=s.client_id,o=n?s.silent_redirect_uri:s.redirect_uri,r=s.authority,i=s.token_request_timeout,c=await e.initAsync(r,s.authority_configuration),a=e.location.getCurrentHref(),f=j(a).session_state,l=await I(s,e.configurationName);let u,h,g,m;if(l)await l.initAsync(c,"loginCallbackAsync",s),await l.setSessionStateAsync(f),h=await l.getNonceAsync(),g=l.getLoginParams(),m=await l.getStateAsync(),l.startKeepAliveServiceWorker(),u=l;else{const P=E(e.configurationName,s.storage??sessionStorage);await P.setSessionStateAsync(f),h=await P.getNonceAsync(),g=P.getLoginParams(),m=await P.getStateAsync(),u=P}const d=j(a);if(d.error||d.error_description)throw new Error(`Error from OIDC server: ${d.error} - ${d.error_description}`);if(d.iss&&d.iss!==c.issuer)throw console.error(),new Error(`Issuer not valid (expected: ${c.issuer}, received: ${d.iss})`);if(d.state&&d.state!==m)throw new Error(`State not valid (expected: ${m}, received: ${d.state})`);const w={code:d.code,grant_type:"authorization_code",client_id:s.client_id,redirect_uri:o},A={};if(s.token_request_extras)for(const[P,W]of Object.entries(s.token_request_extras))A[P]=W;if(g&&g.extras)for(const[P,W]of Object.entries(g.extras))P.endsWith(":token_request")&&(A[P.replace(":token_request","")]=W);const v=c.tokenEndpoint,T={};if(s.demonstrating_proof_of_possession)if(l)T.DPoP=`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;else{const P=await Je(window)(s.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm);await E(e.configurationName,s.storage).setDemonstratingProofOfPossessionJwkAsync(P),T.DPoP=await me(window)(s.demonstrating_proof_of_possession_configuration)(P,"POST",v)}const y=await Qe(u)(v,{...w,...A},T,e.configuration.token_renew_mode,i);if(!y.success)throw new Error("Token request failed");let k;const S=y.data.tokens,C=y.data.demonstratingProofOfPossessionNonce;if(y.data.state!==A.state)throw new Error("state is not valid");const{isValid:b,reason:V}=fe(S,h.nonce,c);if(!b)throw new Error(`Tokens are not OpenID valid, reason: ${V}`);if(l){if(S.refreshToken&&!S.refreshToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Refresh token should be hidden by service worker");if(C&&S.accessToken&&S.accessToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Demonstration of proof of possession require Access token not hidden by service worker")}if(l)await l.initAsync(o,"syncTokensAsync",s),k=l.getLoginParams(),C&&await l.setDemonstratingProofOfPossessionNonce(C);else{const P=E(e.configurationName,s.storage);k=P.getLoginParams(),C&&await P.setDemonstratingProofOfPossessionNonce(C)}return await e.startCheckSessionAsync(c.checkSessionIframe,t,f,n),e.publishEvent(p.loginCallbackAsync_end,{}),{tokens:S,state:"request.state",callbackPath:k.callbackPath}}catch(s){throw console.error(s),e.publishEvent(p.loginCallbackAsync_error,s),s}},be={access_token:"access_token",refresh_token:"refresh_token"},ae=(e,n)=>{const s={};if(e){for(const[t,o]of Object.entries(e))if(t.endsWith(n)){const r=t.replace(n,"");s[r]=o}return s}return s},cn=e=>{const n={};if(e){for(const[s,t]of Object.entries(e))s.includes(":")||(n[s]=t);return n}return n},ln=e=>async n=>{F.clearTimeout(e.timeoutId),e.timeoutId=null,e.checkSessionIFrame&&e.checkSessionIFrame.stop();const s=await I(e.configuration,e.configurationName);s?await s.clearAsync(n):await E(e.configurationName,e.configuration.storage).clearAsync(n),e.tokens=null,e.userInfo=null},un=(e,n,s,t,o)=>async(r=void 0,i=null)=>{const c=e.configuration,a=await e.initAsync(c.authority,c.authority_configuration);r&&typeof r!="string"&&(r=void 0,t.warn("callbackPathOrUrl path is not a string"));const _=r??o.getPath();let f=!1;r&&(f=r.includes("https://")||r.includes("http://"));const l=f?r:o.getOrigin()+_,u=e.tokens?e.tokens.idToken:"";try{const w=a.revocationEndpoint;if(w){const A=[],v=e.tokens?e.tokens.accessToken:null;if(v&&c.logout_tokens_to_invalidate.includes(be.access_token)){const y=ae(i,":revoke_access_token"),k=Ae(s)(w,v,re.access_token,c.client_id,y);A.push(k)}const T=e.tokens?e.tokens.refreshToken:null;if(T&&c.logout_tokens_to_invalidate.includes(be.refresh_token)){const y=ae(i,":revoke_refresh_token"),k=Ae(s)(w,T,re.refresh_token,c.client_id,y);A.push(k)}A.length>0&&await Promise.all(A)}}catch(w){t.warn("logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error"),t.warn(w)}const h=e.tokens&&e.tokens.idTokenPayload?e.tokens.idTokenPayload.sub:null;await e.destroyAsync("LOGGED_OUT");for(const[w,A]of Object.entries(n))A!==e?await e.logoutSameTabAsync(e.configuration.client_id,h):e.publishEvent(p.logout_from_same_tab,{});const g=ae(i,":oidc");if(g&&g.no_reload==="true")return;const d=cn(i);if(a.endSessionEndpoint){"id_token_hint"in d||(d.id_token_hint=u),!("post_logout_redirect_uri"in d)&&r!==null&&(d.post_logout_redirect_uri=l);let w="";for(const[A,v]of Object.entries(d))v!=null&&(w===""?w+="?":w+="&",w+=`${A}=${encodeURIComponent(v)}`);o.open(`${a.endSessionEndpoint}${w}`)}else o.reload()},fn=e=>async(n=!1)=>{if(e.userInfo!=null&&!n)return e.userInfo;for(;e.tokens&&!ne(e.tokens);)await $({milliseconds:200});if(!e.tokens)return null;const s=e.tokens.accessToken;if(!s)return null;const t=e.configuration,r=(await e.initAsync(t.authority,t.authority_configuration)).userInfoEndpoint,c=await(async a=>{const _=await fetch(r,{headers:{authorization:`Bearer ${a}`}});return _.status!==200?null:_.json()})(s);return e.userInfo=c,c};class q{open(n){window.location.href=n}reload(){window.location.reload()}getCurrentHref(){return window.location.href}getPath(){const n=window.location;return n.pathname+(n.search||"")+(n.hash||"")}getOrigin(){return window.origin}}const dn=e=>!!(e.os==="iOS"&&e.osVersion.startsWith("12")||e.os==="Mac OS X"&&e.osVersion.startsWith("10_15_6")),_n=e=>{const n=e.appVersion,s=e.userAgent,t="-";let o=t;const r=[{s:"Windows 10",r:/(Windows 10.0|Windows NT 10.0)/},{s:"Windows 8.1",r:/(Windows 8.1|Windows NT 6.3)/},{s:"Windows 8",r:/(Windows 8|Windows NT 6.2)/},{s:"Windows 7",r:/(Windows 7|Windows NT 6.1)/},{s:"Windows Vista",r:/Windows NT 6.0/},{s:"Windows Server 2003",r:/Windows NT 5.2/},{s:"Windows XP",r:/(Windows NT 5.1|Windows XP)/},{s:"Windows 2000",r:/(Windows NT 5.0|Windows 2000)/},{s:"Windows ME",r:/(Win 9x 4.90|Windows ME)/},{s:"Windows 98",r:/(Windows 98|Win98)/},{s:"Windows 95",r:/(Windows 95|Win95|Windows_95)/},{s:"Windows NT 4.0",r:/(Windows NT 4.0|WinNT4.0|WinNT|Windows NT)/},{s:"Windows CE",r:/Windows CE/},{s:"Windows 3.11",r:/Win16/},{s:"Android",r:/Android/},{s:"Open BSD",r:/OpenBSD/},{s:"Sun OS",r:/SunOS/},{s:"Chrome OS",r:/CrOS/},{s:"Linux",r:/(Linux|X11(?!.*CrOS))/},{s:"iOS",r:/(iPhone|iPad|iPod)/},{s:"Mac OS X",r:/Mac OS X/},{s:"Mac OS",r:/(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/},{s:"QNX",r:/QNX/},{s:"UNIX",r:/UNIX/},{s:"BeOS",r:/BeOS/},{s:"OS/2",r:/OS\/2/},{s:"Search Bot",r:/(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/}];for(const c in r){const a=r[c];if(a.r.test(s)){o=a.s;break}}let i=t;switch(/Windows/.test(o)&&(i=/Windows (.*)/.exec(o)[1],o="Windows"),o){case"Mac OS":case"Mac OS X":case"Android":i=/(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(s)[1];break;case"iOS":{const c=/OS (\d+)_(\d+)_?(\d+)?/.exec(n);c!=null&&c.length>2&&(i=c[1]+"."+c[2]+"."+(parseInt(c[3])|0));break}}return{os:o,osVersion:i}};function hn(){const e=navigator.userAgent;let n,s=e.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i)||[];if(/trident/i.test(s[1]))return n=/\brv[ :]+(\d+)/g.exec(e)||[],{name:"ie",version:n[1]||""};if(s[1]==="Chrome"&&(n=e.match(/\bOPR|Edge\/(\d+)/),n!=null)){let t=n[1];if(!t){const o=e.split(n[0]+"/");o.length>1&&(t=o[1])}return{name:"opera",version:t}}return s=s[2]?[s[1],s[2]]:[navigator.appName,navigator.appVersion,"-?"],(n=e.match(/version\/(\d+)/i))!=null&&s.splice(1,1,n[1]),{name:s[0].toLowerCase(),version:s[1]}}const yn=()=>{const{name:e,version:n}=hn();if(e==="chrome"&&parseInt(n)<=70||e==="opera"&&(!n||parseInt(n.split(".")[0])<80)||e==="ie")return!1;const s=_n(navigator);return!dn(s)},gn=async e=>{let n;if(e.tokens!=null)return!1;e.publishEvent(p.tryKeepExistingSessionAsync_begin,{});try{const s=e.configuration,t=await e.initAsync(s.authority,s.authority_configuration);if(n=await I(s,e.configurationName),n){const{tokens:o}=await n.initAsync(t,"tryKeepExistingSessionAsync",s);if(o){n.startKeepAliveServiceWorker(),e.tokens=o;const r=n.getLoginParams(e.configurationName);e.timeoutId=B(e,e.tokens.expiresAt,r.extras);const i=await n.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,i),e.publishEvent(p.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside ServiceWorker are valid"}),!0}e.publishEvent(p.tryKeepExistingSessionAsync_end,{success:!1,message:"no exiting session found"})}else{s.service_worker_relative_url&&e.publishEvent(p.service_worker_not_supported_by_browser,{message:"service worker is not supported by this browser"});const o=E(e.configurationName,s.storage??sessionStorage),{tokens:r}=await o.initAsync();if(r){e.tokens=X(r,null,s.token_renew_mode);const i=o.getLoginParams();e.timeoutId=B(e,e.tokens.expiresAt,i.extras);const c=await o.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,c),e.publishEvent(p.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside storage are valid"}),!0}}return e.publishEvent(p.tryKeepExistingSessionAsync_end,{success:!1,message:n?"service worker sessions not retrieved":"session storage sessions not retrieved"}),!1}catch(s){return console.error(s),n&&await n.clearAsync(),e.publishEvent(p.tryKeepExistingSessionAsync_error,"tokens inside ServiceWorker are invalid"),!1}},Pe=()=>fetch;class ce{constructor(n){this.authorizationEndpoint=n.authorization_endpoint,this.tokenEndpoint=n.token_endpoint,this.revocationEndpoint=n.revocation_endpoint,this.userInfoEndpoint=n.userinfo_endpoint,this.checkSessionIframe=n.check_session_iframe,this.issuer=n.issuer,this.endSessionEndpoint=n.end_session_endpoint}}const L={},kn=(e,n=new q)=>(s,t="default")=>(L[t]||(L[t]=new x(s,t,e,n)),L[t]),mn=async e=>{const{parsedTokens:n,callbackPath:s}=await e.loginCallbackAsync();return e.timeoutId=B(e,n.expiresAt),{callbackPath:s}},pn=e=>Math.floor(Math.random()*e),H=class H{constructor(n,s="default",t,o=new q){this.initPromise=null,this.tryKeepExistingSessionPromise=null,this.loginPromise=null,this.loginCallbackPromise=null,this.loginCallbackWithAutoTokensRenewPromise=null,this.userInfoPromise=null,this.renewTokensPromise=null,this.logoutPromise=null;let r=n.silent_login_uri;n.silent_redirect_uri&&!n.silent_login_uri&&(r=`${n.silent_redirect_uri.replace("-callback","").replace("callback","")}-login`);let i=n.refresh_time_before_tokens_expiration_in_second??120;i>60&&(i=i-Math.floor(Math.random()*40)),this.location=o??new q;const c=n.service_worker_update_require_callback??De(this.location);this.configuration={...n,silent_login_uri:r,monitor_session:n.monitor_session??!1,refresh_time_before_tokens_expiration_in_second:i,silent_login_timeout:n.silent_login_timeout??12e3,token_renew_mode:n.token_renew_mode??Y.access_token_or_id_token_invalid,demonstrating_proof_of_possession:n.demonstrating_proof_of_possession??!1,authority_timeout_wellknowurl_in_millisecond:n.authority_timeout_wellknowurl_in_millisecond??1e4,logout_tokens_to_invalidate:n.logout_tokens_to_invalidate??["access_token","refresh_token"],service_worker_update_require_callback:c,service_worker_activate:n.service_worker_activate??yn,demonstrating_proof_of_possession_configuration:n.demonstrating_proof_of_possession_configuration??Ue},this.getFetch=t??Pe,this.configurationName=s,this.tokens=null,this.userInfo=null,this.events=[],this.timeoutId=null,this.loginCallbackWithAutoTokensRenewAsync.bind(this),this.initAsync.bind(this),this.loginCallbackAsync.bind(this),this.subscribeEvents.bind(this),this.removeEventSubscription.bind(this),this.publishEvent.bind(this),this.destroyAsync.bind(this),this.logoutAsync.bind(this),this.renewTokensAsync.bind(this),this.initAsync(this.configuration.authority,this.configuration.authority_configuration)}subscribeEvents(n){const s=pn(9999999999999).toString();return this.events.push({id:s,func:n}),s}removeEventSubscription(n){const s=this.events.filter(t=>t.id!==n);this.events=s}publishEvent(n,s){this.events.forEach(t=>{t.func(n,s)})}static get(n="default"){const s=typeof process>"u";if(!Object.prototype.hasOwnProperty.call(L,n)&&s)throw Error(`OIDC library does seem initialized.
2
+ Please checkout that you are using OIDC hook inside a <OidcProvider configurationName="${n}"></OidcProvider> component.`);return L[n]}_silentLoginCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const n=this.location,s=j(n.getCurrentHref());window.parent.postMessage(`${this.configurationName}_oidc_tokens:${JSON.stringify({tokens:this.tokens,sessionState:s.session_state})}`,n.getOrigin())}}_silentLoginErrorCallbackFromIFrame(n=null){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const s=this.location,t=j(s.getCurrentHref());t.error?window.parent.postMessage(`${this.configurationName}_oidc_error:${JSON.stringify({error:t.error})}`,s.getOrigin()):window.parent.postMessage(`${this.configurationName}_oidc_exception:${JSON.stringify({error:n==null?"":n.toString()})}`,s.getOrigin())}}async silentLoginCallbackAsync(){try{await this.loginCallbackAsync(!0),this._silentLoginCallbackFromIFrame()}catch(n){console.error(n),this._silentLoginErrorCallbackFromIFrame(n)}}async initAsync(n,s){if(this.initPromise!==null)return this.initPromise;const t=async()=>{if(s!=null)return new ce({authorization_endpoint:s.authorization_endpoint,end_session_endpoint:s.end_session_endpoint,revocation_endpoint:s.revocation_endpoint,token_endpoint:s.token_endpoint,userinfo_endpoint:s.userinfo_endpoint,check_session_iframe:s.check_session_iframe,issuer:s.issuer});const r=await I(this.configuration,this.configurationName)?window.localStorage:null;return await Ye(this.getFetch())(n,this.configuration.authority_time_cache_wellknowurl_in_second??60*60,r,this.configuration.authority_timeout_wellknowurl_in_millisecond)};return this.initPromise=t(),this.initPromise.then(o=>(this.initPromise=null,o))}async tryKeepExistingSessionAsync(){return this.tryKeepExistingSessionPromise!==null?this.tryKeepExistingSessionPromise:(this.tryKeepExistingSessionPromise=gn(this),this.tryKeepExistingSessionPromise.then(n=>(this.tryKeepExistingSessionPromise=null,n)))}async startCheckSessionAsync(n,s,t,o=!1){await sn(this,L,this.configuration)(n,s,t,o)}async loginAsync(n=void 0,s=null,t=!1,o=void 0,r=!1){return this.loginPromise!==null?this.loginPromise:r?nn(window,this.configurationName,this.configuration,this.publishEvent.bind(this),this)(s,o):(this.loginPromise=rn(this.configurationName,this.configuration,this.publishEvent.bind(this),this.initAsync.bind(this),this.location)(n,s,t,o),this.loginPromise.then(i=>(this.loginPromise=null,i)))}async loginCallbackAsync(n=!1){if(this.loginCallbackPromise!==null)return this.loginCallbackPromise;const s=async()=>{const t=await an(this)(n),o=t.tokens;return this.tokens=o,await I(this.configuration,this.configurationName)||E(this.configurationName,this.configuration.storage).setTokens(o),this.publishEvent(H.eventNames.token_aquired,o),{parsedTokens:o,state:t.state,callbackPath:t.callbackPath}};return this.loginCallbackPromise=s(),this.loginCallbackPromise.then(t=>(this.loginCallbackPromise=null,t))}async generateDemonstrationOfProofOfPossessionAsync(n,s,t){const o=this.configuration,r={ath:await we(n)},i=await I(o,this.configurationName);let c;if(i)return`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${this.configurationName}`;const a=E(this.configurationName,o.storage);let _=await a.getDemonstratingProofOfPossessionJwkAsync();return c=await a.getDemonstratingProofOfPossessionNonce(),c&&(r.nonce=c),await me(window)(o.demonstrating_proof_of_possession_configuration)(_,t,s,r)}loginCallbackWithAutoTokensRenewAsync(){return this.loginCallbackWithAutoTokensRenewPromise!==null?this.loginCallbackWithAutoTokensRenewPromise:(this.loginCallbackWithAutoTokensRenewPromise=mn(this),this.loginCallbackWithAutoTokensRenewPromise.then(n=>(this.loginCallbackWithAutoTokensRenewPromise=null,n)))}userInfoAsync(n=!1){return this.userInfoPromise!==null?this.userInfoPromise:(this.userInfoPromise=fn(this)(n),this.userInfoPromise.then(s=>(this.userInfoPromise=null,s)))}async renewTokensAsync(n=null){if(this.renewTokensPromise!==null)return this.renewTokensPromise;if(this.timeoutId)return F.clearTimeout(this.timeoutId),this.renewTokensPromise=ve(this,!0,n),this.renewTokensPromise.then(s=>(this.renewTokensPromise=null,s))}async destroyAsync(n){return await ln(this)(n)}async logoutSameTabAsync(n,s){this.configuration.monitor_session&&this.configuration.client_id===n&&s&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===s&&(await this.destroyAsync("LOGGED_OUT"),this.publishEvent(p.logout_from_same_tab,{mmessage:"SessionMonitor",sub:s}))}async logoutOtherTabAsync(n,s){this.configuration.monitor_session&&this.configuration.client_id===n&&s&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===s&&(await this.destroyAsync("LOGGED_OUT"),this.publishEvent(p.logout_from_another_tab,{message:"SessionMonitor",sub:s}))}async logoutAsync(n=void 0,s=null){return this.logoutPromise?this.logoutPromise:(this.logoutPromise=un(this,L,this.getFetch(),console,this.location)(n,s),this.logoutPromise.then(t=>(this.logoutPromise=null,t)))}};H.getOrCreate=(n,s)=>(t,o="default")=>kn(n,s)(t,o),H.eventNames=p;let x=H;const wn=(e,n)=>async(...s)=>{var u;const[t,o,...r]=s,i=o?{...o}:{method:"GET"};let c=new Headers;i.headers&&(c=i.headers instanceof Headers?i.headers:new Headers(i.headers));const a=n,_=await a.getValidTokenAsync(),f=(u=_==null?void 0:_.tokens)==null?void 0:u.accessToken;if(c.has("Accept")||c.set("Accept","application/json"),f){if(a.configuration.demonstrating_proof_of_possession){const h=await a.generateDemonstrationOfProofOfPossessionAsync(f,t.toString(),i.method);c.set("Authorization",`PoP ${f}`),c.set("DPoP",h)}else c.set("Authorization",`Bearer ${f}`);i.credentials||(i.credentials="same-origin")}const l={...i,headers:c};return await e(t,l,...r)},U=class U{constructor(n){this._oidc=n}subscribeEvents(n){return this._oidc.subscribeEvents(n)}removeEventSubscription(n){this._oidc.removeEventSubscription(n)}publishEvent(n,s){this._oidc.publishEvent(n,s)}static get(n="default"){return new U(x.get(n))}tryKeepExistingSessionAsync(){return this._oidc.tryKeepExistingSessionAsync()}loginAsync(n=void 0,s=null,t=!1,o=void 0,r=!1){return this._oidc.loginAsync(n,s,t,o,r)}logoutAsync(n=void 0,s=null){return this._oidc.logoutAsync(n,s)}silentLoginCallbackAsync(){return this._oidc.silentLoginCallbackAsync()}renewTokensAsync(n=null){return this._oidc.renewTokensAsync(n)}loginCallbackAsync(){return this._oidc.loginCallbackWithAutoTokensRenewAsync()}get tokens(){return this._oidc.tokens}get configuration(){return this._oidc.configuration}async generateDemonstrationOfProofOfPossessionAsync(n,s,t){return this._oidc.generateDemonstrationOfProofOfPossessionAsync(n,s,t)}async getValidTokenAsync(n=200,s=50){return xe(this._oidc,n,s)}fetchWithTokens(n){return wn(n,this)}async userInfoAsync(n=!1){return this._oidc.userInfoAsync(n)}};U.getOrCreate=(n,s=new q)=>(t,o="default")=>new U(x.getOrCreate(n,s)(t,o)),U.eventNames=x.eventNames;let le=U;N.OidcClient=le,N.OidcLocation=q,N.TokenRenewMode=Y,N.getFetchDefault=Pe,N.getParseQueryStringFromLocation=j,N.getPath=tn,Object.defineProperty(N,Symbol.toStringTag,{value:"Module"})});
package/dist/initWorker.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"initWorker.d.ts","sourceRoot":"","sources":["../src/initWorker.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAE/C,OAAO,EAAC,cAAc,EAAC,MAAM,YAAY,CAAC;AAI1C,eAAO,MAAM,UAAU;kBAAoC,GAAG;sBAE7D,CAAC;AA4BF,eAAO,MAAM,yCAAyC,aAAa,cAAc,oBAA0B,GAAG,iBAAiB,QAAQ,kBAOtI,CAAA;AAkBD,eAAO,MAAM,eAAe;;6EA8BmD,iBAAiB;;;;;;yCAgCjD,MAAM;;;;;;;;;2BAyEd,MAAM;;yCAgBQ,MAAM;kFAjDoC,MAAM;;mFASN,UAAU;;EAiExG,CAAC"}
1
+ {"version":3,"file":"initWorker.d.ts","sourceRoot":"","sources":["../src/initWorker.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAE/C,OAAO,EAAC,cAAc,EAAC,MAAM,YAAY,CAAC;AAI1C,eAAO,MAAM,UAAU;kBAAoC,GAAG;sBAE7D,CAAC;AA4BF,eAAO,MAAM,yCAAyC,aAAa,cAAc,oBAA0B,GAAG,iBAAiB,QAAQ,kBAOtI,CAAA;AAkBD,eAAO,MAAM,eAAe;;6EA6BmD,iBAAiB;;;;;;yCAgCjD,MAAM;;;;;;;;;2BAyEd,MAAM;;yCAgBQ,MAAM;kFAjDoC,MAAM;;mFASN,UAAU;;EAiExG,CAAC"}
package/dist/version.d.ts CHANGED
@@ -1,3 +1,3 @@
1
- declare const _default: "7.19.1-alpha.1372";
1
+ declare const _default: "7.19.2";
2
2
  export default _default;
3
3
  //# sourceMappingURL=version.d.ts.map
package/dist/version.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../src/version.ts"],"names":[],"mappings":";AAAA,wBAAmC"}
1
+ {"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../src/version.ts"],"names":[],"mappings":";AAAA,wBAAwB"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@axa-fr/oidc-client",
3
- "version": "7.19.1-alpha.1372",
3
+ "version": "7.19.2",
4
4
  "private": false,
5
5
  "type": "module",
6
6
  "main": "./dist/index.umd.cjs",
@@ -20,7 +20,7 @@
20
20
  "url": "https://github.com/AxaFrance/oidc-client.git"
21
21
  },
22
22
  "dependencies": {
23
- "@axa-fr/oidc-client-service-worker": "7.19.1-alpha.1372"
23
+ "@axa-fr/oidc-client-service-worker": "7.19.2"
24
24
  },
25
25
  "devDependencies": {
26
26
  "@testing-library/dom": "9.3.4",
@@ -33,7 +33,7 @@
33
33
  "typescript": "5.3.3",
34
34
  "vite": "5.0.12",
35
35
  "vite-plugin-dts": "3.7.2",
36
- "vitest": "1.2.2"
36
+ "vitest": "1.3.1"
37
37
  },
38
38
  "keywords": [
39
39
  "oidc",
package/src/initWorker.ts CHANGED
@@ -76,8 +76,7 @@ export const initWorkerAsync = async(configuration, configurationName) => {
76
76
  if(configuration.register) {
77
77
  registration = await configuration.service_worker_register(serviceWorkerRelativeUrl);
78
78
  } else {
79
- // TODO better
80
- registration = await navigator.serviceWorker.register(serviceWorkerRelativeUrl + "?v=" + codeVersion);
79
+ registration = await navigator.serviceWorker.register(serviceWorkerRelativeUrl);
81
80
  }
82
81
 
83
82
  try {
package/src/version.ts CHANGED
@@ -1 +1 @@
1
- export default '7.19.1-alpha.1372';
1
+ export default '7.19.2';