@axa-fr/oidc-client 7.22.18 → 7.22.19
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +31 -39
- package/bin/copy-service-worker-files.mjs +24 -17
- package/dist/OidcTrustedDomains.js +14 -12
- package/dist/cache.d.ts.map +1 -1
- package/dist/checkSession.d.ts +1 -1
- package/dist/checkSession.d.ts.map +1 -1
- package/dist/checkSessionIFrame.d.ts.map +1 -1
- package/dist/crypto.d.ts.map +1 -1
- package/dist/fetch.d.ts +2 -1
- package/dist/fetch.d.ts.map +1 -1
- package/dist/index.d.ts +5 -5
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +935 -601
- package/dist/index.umd.cjs +2 -2
- package/dist/initSession.d.ts +1 -1
- package/dist/initSession.d.ts.map +1 -1
- package/dist/initWorker.d.ts +2 -2
- package/dist/initWorker.d.ts.map +1 -1
- package/dist/initWorkerOption.d.ts.map +1 -1
- package/dist/jwt.d.ts +2 -2
- package/dist/jwt.d.ts.map +1 -1
- package/dist/keepSession.d.ts.map +1 -1
- package/dist/location.d.ts.map +1 -1
- package/dist/login.d.ts +1 -1
- package/dist/login.d.ts.map +1 -1
- package/dist/logout.d.ts +1 -1
- package/dist/logout.d.ts.map +1 -1
- package/dist/oidc.d.ts +1 -1
- package/dist/oidc.d.ts.map +1 -1
- package/dist/oidcClient.d.ts +2 -2
- package/dist/oidcClient.d.ts.map +1 -1
- package/dist/parseTokens.d.ts.map +1 -1
- package/dist/renewTokens.d.ts.map +1 -1
- package/dist/requests.d.ts +1 -1
- package/dist/requests.d.ts.map +1 -1
- package/dist/silentLogin.d.ts.map +1 -1
- package/dist/timer.d.ts.map +1 -1
- package/dist/types.d.ts +1 -1
- package/dist/types.d.ts.map +1 -1
- package/dist/user.d.ts.map +1 -1
- package/dist/version.d.ts +1 -1
- package/package.json +2 -2
- package/src/cache.ts +21 -18
- package/src/checkSession.ts +89 -54
- package/src/checkSessionIFrame.ts +70 -69
- package/src/crypto.ts +27 -25
- package/src/events.ts +28 -28
- package/src/fetch.ts +40 -21
- package/src/index.ts +6 -17
- package/src/iniWorker.spec.ts +26 -16
- package/src/initSession.ts +115 -113
- package/src/initWorker.ts +299 -212
- package/src/initWorkerOption.ts +121 -114
- package/src/jwt.ts +150 -136
- package/src/keepSession.ts +100 -81
- package/src/location.ts +24 -26
- package/src/login.ts +246 -189
- package/src/logout.spec.ts +131 -76
- package/src/logout.ts +130 -115
- package/src/oidc.ts +426 -337
- package/src/oidcClient.ts +129 -105
- package/src/parseTokens.spec.ts +198 -179
- package/src/parseTokens.ts +221 -186
- package/src/renewTokens.ts +397 -284
- package/src/requests.spec.ts +5 -7
- package/src/requests.ts +142 -114
- package/src/route-utils.spec.ts +17 -19
- package/src/route-utils.ts +29 -26
- package/src/silentLogin.ts +145 -127
- package/src/timer.ts +10 -11
- package/src/types.ts +56 -46
- package/src/user.ts +17 -12
- package/src/version.ts +1 -1
package/dist/index.umd.cjs
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
(function(C,G){typeof exports=="object"&&typeof module<"u"?G(exports):typeof define=="function"&&define.amd?define(["exports"],G):(C=typeof globalThis<"u"?globalThis:C||self,G(C["oidc-client"]={}))})(this,function(C){"use strict";const R=console;class Ce{constructor(n,s,t,o=2e3,i=!0){this._callback=n,this._client_id=s,this._url=t,this._interval=o||2e3,this._stopOnError=i;const r=t.indexOf("/",t.indexOf("//")+2);this._frame_origin=t.substr(0,r),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.style.display="none",this._frame.width=0,this._frame.height=0,this._frame.src=t}load(){return new Promise(n=>{this._frame.onload=()=>{n()},window.document.body.appendChild(this._frame),this._boundMessageEvent=this._message.bind(this),window.addEventListener("message",this._boundMessageEvent,!1)})}_message(n){n.origin===this._frame_origin&&n.source===this._frame.contentWindow&&(n.data==="error"?(R.error("CheckSessionIFrame: error message from check session op iframe"),this._stopOnError&&this.stop()):n.data==="changed"?(R.debug(n),R.debug("CheckSessionIFrame: changed message from check session op iframe"),this.stop(),this._callback()):R.debug("CheckSessionIFrame: "+n.data+" message from check session op iframe"))}start(n){R.debug("CheckSessionIFrame.start :"+n),this.stop();const s=()=>{this._frame.contentWindow.postMessage(this._client_id+" "+n,this._frame_origin)};s(),this._timer=window.setInterval(s,this._interval)}stop(){this._timer&&(R.debug("CheckSessionIFrame.stop"),window.clearInterval(this._timer),this._timer=null)}}const m={service_worker_not_supported_by_browser:"service_worker_not_supported_by_browser",token_aquired:"token_aquired",logout_from_another_tab:"logout_from_another_tab",logout_from_same_tab:"logout_from_same_tab",token_renewed:"token_renewed",token_timer:"token_timer",loginAsync_begin:"loginAsync_begin",loginAsync_error:"loginAsync_error",loginCallbackAsync_begin:"loginCallbackAsync_begin",loginCallbackAsync_end:"loginCallbackAsync_end",loginCallbackAsync_error:"loginCallbackAsync_error",refreshTokensAsync_begin:"refreshTokensAsync_begin",refreshTokensAsync:"refreshTokensAsync",refreshTokensAsync_end:"refreshTokensAsync_end",refreshTokensAsync_error:"refreshTokensAsync_error",refreshTokensAsync_silent_error:"refreshTokensAsync_silent_error",tryKeepExistingSessionAsync_begin:"tryKeepExistingSessionAsync_begin",tryKeepExistingSessionAsync_end:"tryKeepExistingSessionAsync_end",tryKeepExistingSessionAsync_error:"tryKeepExistingSessionAsync_error",silentLoginAsync_begin:"silentLoginAsync_begin",silentLoginAsync:"silentLoginAsync",silentLoginAsync_end:"silentLoginAsync_end",silentLoginAsync_error:"silentLoginAsync_error",syncTokensAsync_begin:"syncTokensAsync_begin",syncTokensAsync_lock_not_available:"syncTokensAsync_lock_not_available",syncTokensAsync_end:"syncTokensAsync_end",syncTokensAsync_error:"syncTokensAsync_error",tokensInvalidAndWaitingActionsToRefresh:"tokensInvalidAndWaitingActionsToRefresh"},O=(e,n=sessionStorage)=>{const s=h=>(n[`oidc.${e}`]=JSON.stringify({tokens:null,status:h}),Promise.resolve()),t=async()=>{if(!n[`oidc.${e}`])return n[`oidc.${e}`]=JSON.stringify({tokens:null,status:null}),{tokens:null,status:null};const h=JSON.parse(n[`oidc.${e}`]);return Promise.resolve({tokens:h.tokens,status:h.status})},o=h=>{n[`oidc.${e}`]=JSON.stringify({tokens:h})},i=async h=>{n[`oidc.session_state.${e}`]=h},r=async()=>n[`oidc.session_state.${e}`],a=h=>{n[`oidc.nonce.${e}`]=h.nonce},l=h=>{n[`oidc.jwk.${e}`]=JSON.stringify(h)},f=()=>JSON.parse(n[`oidc.jwk.${e}`]),u=async()=>({nonce:n[`oidc.nonce.${e}`]}),c=async h=>{n[`oidc.dpop_nonce.${e}`]=h},_=()=>n[`oidc.dpop_nonce.${e}`],y=()=>n[`oidc.${e}`]?JSON.stringify({tokens:JSON.parse(n[`oidc.${e}`]).tokens}):null;let g={};return{clearAsync:s,initAsync:t,setTokens:o,getTokens:y,setSessionStateAsync:i,getSessionStateAsync:r,setNonceAsync:a,getNonceAsync:u,setLoginParams:h=>{g[e]=h,n[`oidc.login.${e}`]=JSON.stringify(h)},getLoginParams:()=>{const h=n[`oidc.login.${e}`];return h?(g[e]||(g[e]=JSON.parse(h)),g[e]):(console.warn(`storage[oidc.login.${e}] is empty, you should have an bad OIDC or code configuration somewhere.`),null)},getStateAsync:async()=>n[`oidc.state.${e}`],setStateAsync:async h=>{n[`oidc.state.${e}`]=h},getCodeVerifierAsync:async()=>n[`oidc.code_verifier.${e}`],setCodeVerifierAsync:async h=>{n[`oidc.code_verifier.${e}`]=h},setDemonstratingProofOfPossessionNonce:c,getDemonstratingProofOfPossessionNonce:_,setDemonstratingProofOfPossessionJwkAsync:l,getDemonstratingProofOfPossessionJwkAsync:f}};var $=(e=>(e.AutomaticBeforeTokenExpiration="AutomaticBeforeTokensExpiration",e.AutomaticOnlyWhenFetchExecuted="AutomaticOnlyWhenFetchExecuted",e))($||{});const Ne=e=>decodeURIComponent(Array.prototype.map.call(atob(e),n=>"%"+("00"+n.charCodeAt(0).toString(16)).slice(-2)).join("")),xe=e=>JSON.parse(Ne(e.replaceAll(/-/g,"+").replaceAll(/_/g,"/"))),ue=e=>{try{return e&&We(e,".")===2?xe(e.split(".")[1]):null}catch(n){console.warn(n)}return null},We=(e,n)=>e.split(n).length-1,Y={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"};function Le(e,n,s){if(e.issuedAt){if(typeof e.issuedAt=="string")return parseInt(e.issuedAt,10)}else return n&&n.iat?n.iat:s&&s.iat?s.iat:new Date().getTime()/1e3;return e.issuedAt}const X=(e,n=null,s)=>{if(!e)return null;let t;const o=typeof e.expiresIn=="string"?parseInt(e.expiresIn,10):e.expiresIn;e.accessTokenPayload!==void 0?t=e.accessTokenPayload:t=ue(e.accessToken);let i;n!=null&&"idToken"in n&&!("idToken"in e)?i=n.idToken:i=e.idToken;const r=e.idTokenPayload?e.idTokenPayload:ue(i),a=r&&r.exp?r.exp:Number.MAX_VALUE,l=t&&t.exp?t.exp:e.issuedAt+o;e.issuedAt=Le(e,t,r);let f;e.expiresAt?f=e.expiresAt:s===Y.access_token_invalid?f=l:s===Y.id_token_invalid?f=a:f=a<l?a:l;const u={...e,idTokenPayload:r,accessTokenPayload:t,expiresAt:f,idToken:i};if(n!=null&&"refreshToken"in n&&!("refreshToken"in e)){const c=n.refreshToken;return{...u,refreshToken:c}}return u},ne=(e,n,s)=>{if(!e)return null;if(!e.issued_at){const o=new Date().getTime()/1e3;e.issued_at=o}const t={accessToken:e.access_token,expiresIn:e.expires_in,idToken:e.id_token,scope:e.scope,tokenType:e.token_type,issuedAt:e.issued_at};return"refresh_token"in e&&(t.refreshToken=e.refresh_token),e.accessTokenPayload!==void 0&&(t.accessTokenPayload=e.accessTokenPayload),e.idTokenPayload!==void 0&&(t.idTokenPayload=e.idTokenPayload),X(t,n,s)},F=(e,n)=>{const s=new Date().getTime()/1e3,t=n-s;return Math.round(t-e)},_e=e=>e?F(0,e.expiresAt)>0:!1,fe=async(e,n=200,s=50)=>{let t=s;if(!e.tokens)return null;for(;!_e(e.tokens)&&t>0;){if(e.configuration.token_automatic_renew_mode==$.AutomaticOnlyWhenFetchExecuted){await e.renewTokensAsync({});break}else await Q({milliseconds:n});t=t-1}return{isTokensValid:_e(e.tokens),tokens:e.tokens,numberWaited:t-s}},de=(e,n,s)=>{if(e.idTokenPayload){const t=e.idTokenPayload;if(s.issuer!==t.iss)return{isValid:!1,reason:`Issuer does not match (oidcServerConfiguration issuer) ${s.issuer} !== (idTokenPayload issuer) ${t.iss}`};const o=new Date().getTime()/1e3;if(t.exp&&t.exp<o)return{isValid:!1,reason:`Token expired (idTokenPayload exp) ${t.exp} < (currentTimeUnixSecond) ${o}`};const i=60*60*24*7;if(t.iat&&t.iat+i<o)return{isValid:!1,reason:`Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${t.iat+i} < (currentTimeUnixSecond) ${o}`};if(t.nonce&&t.nonce!==n)return{isValid:!1,reason:`Nonce does not match (idTokenPayload nonce) ${t.nonce} !== (nonce) ${n}`}}return{isValid:!0,reason:""}},V=function(){const e=typeof window>"u"?global:window;return{setTimeout:setTimeout.bind(e),clearTimeout:clearTimeout.bind(e),setInterval:setInterval.bind(e),clearInterval:clearInterval.bind(e)}}(),he="7.22.18";let ye=null,z;const Q=({milliseconds:e})=>new Promise(n=>V.setTimeout(n,e)),ge=(e="/")=>{try{z=new AbortController,fetch(`${e}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`,{signal:z.signal}).catch(t=>{console.log(t)}),Q({milliseconds:150*1e3}).then(ge)}catch(n){console.log(n)}},De=()=>{z&&z.abort()},Re=(e="/")=>fetch(`${e}OidcKeepAliveServiceWorker.json`,{headers:{"oidc-vanilla":"true"}}).then(n=>n.statusText==="oidc-service-worker").catch(n=>{console.log(n)}),$e=e=>async(n,s)=>{s(),await n.update();const t=await n.unregister();console.log(`Service worker unregistering ${t}`),await Q({milliseconds:2e3}),e.reload()},P=e=>n=>new Promise(function(s,t){const o=new MessageChannel;o.port1.onmessage=function(i){i.data&&i.data.error?t(i.data.error):s(i.data),o.port1.close(),o.port2.close()},e.active.postMessage(n,[o.port2])}),I=async(e,n)=>{const s=()=>{const d=sessionStorage.getItem(`oidc.tabId.${n}`);if(d)return d;const p=globalThis.crypto.randomUUID();return sessionStorage.setItem(`oidc.tabId.${n}`,p),p},t=e.service_worker_relative_url;if(typeof window>"u"||typeof navigator>"u"||!navigator.serviceWorker||!t||e.service_worker_activate()===!1)return null;let o=null;e.register?o=await e.service_worker_register(t):o=await navigator.serviceWorker.register(t);try{await navigator.serviceWorker.ready,navigator.serviceWorker.controller||await P(o)({type:"claim"})}catch{return null}const i=async d=>P(o)({type:"clear",data:{status:d},configurationName:n}),r=async(d,p,b)=>{const D=await P(o)({type:"init",data:{oidcServerConfiguration:d,where:p,oidcConfiguration:{token_renew_mode:b.token_renew_mode,service_worker_convert_all_requests_to_cors:b.service_worker_convert_all_requests_to_cors}},configurationName:n,tabId:s()}),v=D.version;return v!==he&&(console.warn(`Service worker ${v} version mismatch with js client version ${he}, unregistering and reloading`),await b.service_worker_update_require_callback(o,De)),{tokens:ne(D.tokens,null,b.token_renew_mode),status:D.status}},a=(d="/")=>{ye==null&&(ye="not_null",ge(d))},l=d=>P(o)({type:"setSessionState",data:{sessionState:d},configurationName:n}),f=async()=>(await P(o)({type:"getSessionState",data:null,configurationName:n})).sessionState,u=d=>{const p=s();return sessionStorage[`oidc.nonce.${n}`]=d.nonce,P(o)({type:"setNonce",data:{nonce:d},configurationName:n,tabId:p})},c=async()=>{const d=s();let b=(await P(o)({type:"getNonce",data:null,configurationName:n,tabId:d})).nonce;return b||(b=sessionStorage[`oidc.nonce.${n}`],console.warn("nonce not found in service worker, using sessionStorage")),{nonce:b}};let _={};return{clearAsync:i,initAsync:r,startKeepAliveServiceWorker:()=>a(e.service_worker_keep_alive_path),isServiceWorkerProxyActiveAsync:()=>Re(e.service_worker_keep_alive_path),setSessionStateAsync:l,getSessionStateAsync:f,setNonceAsync:u,getNonceAsync:c,setLoginParams:d=>{_[n]=d,localStorage[`oidc.login.${n}`]=JSON.stringify(d)},getLoginParams:()=>{const d=localStorage[`oidc.login.${n}`];return _[n]||(_[n]=JSON.parse(d)),_[n]},getStateAsync:async()=>{const d=s();let b=(await P(o)({type:"getState",data:null,configurationName:n,tabId:d})).state;return b||(b=sessionStorage[`oidc.state.${n}`],console.warn("state not found in service worker, using sessionStorage")),b},setStateAsync:async d=>{const p=s();return sessionStorage[`oidc.state.${n}`]=d,P(o)({type:"setState",data:{state:d},configurationName:n,tabId:p})},getCodeVerifierAsync:async()=>{const d=s();let b=(await P(o)({type:"getCodeVerifier",data:null,configurationName:n,tabId:d})).codeVerifier;return b||(b=sessionStorage[`oidc.code_verifier.${n}`],console.warn("codeVerifier not found in service worker, using sessionStorage")),b},setCodeVerifierAsync:async d=>{const p=s();return sessionStorage[`oidc.code_verifier.${n}`]=d,P(o)({type:"setCodeVerifier",data:{codeVerifier:d},configurationName:n,tabId:p})},setDemonstratingProofOfPossessionNonce:async d=>{await P(o)({type:"setDemonstratingProofOfPossessionNonce",data:{demonstratingProofOfPossessionNonce:d},configurationName:n})},getDemonstratingProofOfPossessionNonce:async()=>(await P(o)({type:"getDemonstratingProofOfPossessionNonce",data:null,configurationName:n})).demonstratingProofOfPossessionNonce,setDemonstratingProofOfPossessionJwkAsync:async d=>{const p=JSON.stringify(d);await P(o)({type:"setDemonstratingProofOfPossessionJwk",data:{demonstratingProofOfPossessionJwkJson:p},configurationName:n})},getDemonstratingProofOfPossessionJwkAsync:async()=>{const d=await P(o)({type:"getDemonstratingProofOfPossessionJwk",data:null,configurationName:n});return d.demonstratingProofOfPossessionJwkJson?JSON.parse(d.demonstratingProofOfPossessionJwkJson):null}}},K={},Ke=(e,n=window.sessionStorage,s)=>{if(!K[e]&&n){const o=n.getItem(e);o&&(K[e]=JSON.parse(o))}const t=1e3*s;return K[e]&&K[e].timestamp+t>Date.now()?K[e].result:null},Ue=(e,n,s=window.sessionStorage)=>{const t=Date.now();K[e]={result:n,timestamp:t},s&&s.setItem(e,JSON.stringify({result:n,timestamp:t}))};function ke(e){return new TextEncoder().encode(e)}function me(e){return btoa(e).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+/g,"")}function Fe(e){return encodeURIComponent(e).replace(/%([0-9A-F]{2})/g,function(s,t){return String.fromCharCode(parseInt(t,16))})}const se=e=>{let n="";return e.forEach(function(s){n+=String.fromCharCode(s)}),me(n)};function pe(e){return me(Fe(e))}const Ve={importKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256",hash:{name:"ES256"}},signAlgorithm:{name:"ECDSA",hash:{name:"SHA-256"}},generateKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256"},digestAlgorithm:{name:"SHA-256"},jwtHeaderAlgorithm:"ES256"};var Me={sign:e=>async(n,s,t,o,i="dpop+jwt")=>{switch(n=Object.assign({},n),s.typ=i,s.alg=o.jwtHeaderAlgorithm,s.alg){case"ES256":s.jwk={kty:n.kty,crv:n.crv,x:n.x,y:n.y};break;case"RS256":s.jwk={kty:n.kty,n:n.n,e:n.e,kid:s.kid};break;default:throw new Error("Unknown or not implemented JWS algorithm")}const r={protected:pe(JSON.stringify(s)),payload:pe(JSON.stringify(t))},a=o.importKeyAlgorithm,l=!0,f=["sign"],u=await e.crypto.subtle.importKey("jwk",n,a,l,f),c=ke(`${r.protected}.${r.payload}`),_=o.signAlgorithm,y=await e.crypto.subtle.sign(_,u,c);return r.signature=se(new Uint8Array(y)),`${r.protected}.${r.payload}.${r.signature}`}};const Je={generate:e=>async n=>{const s=n,t=!0,o=["sign","verify"],i=await e.crypto.subtle.generateKey(s,t,o);return await e.crypto.subtle.exportKey("jwk",i.privateKey)},neuter:e=>{const n=Object.assign({},e);return delete n.d,n.key_ops=["verify"],n}};var Be={thumbprint:e=>async(n,s)=>{let t;switch(n.kty){case"EC":t='{"crv":"CRV","kty":"EC","x":"X","y":"Y"}'.replace("CRV",n.crv).replace("X",n.x).replace("Y",n.y);break;case"RSA":t='{"e":"E","kty":"RSA","n":"N"}'.replace("E",n.e).replace("N",n.n);break;default:throw new Error("Unknown or not implemented JWK type")}const o=await e.crypto.subtle.digest(s,ke(t));return se(new Uint8Array(o))}};const He=e=>async n=>await Je.generate(e)(n),we=e=>n=>async(s,t="POST",o,i={})=>{const r={jti:btoa(je()),htm:t,htu:o,iat:Math.round(Date.now()/1e3),...i},a=await Be.thumbprint(e)(s,n.digestAlgorithm);return await Me.sign(e)(s,{kid:a},r,n)},je=()=>{const e="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx",n="0123456789abcdef";let s=0,t="";for(let o=0;o<36;o++)e[o]!=="-"&&e[o]!=="4"&&(s=Math.random()*16|0),e[o]==="x"?t+=n[s]:e[o]==="y"?(s&=3,s|=8,t+=n[s]):t+=e[o];return t},Ae=()=>{const e=typeof window<"u"&&!!window.crypto,n=e&&!!window.crypto.subtle;return{hasCrypto:e,hasSubtleCrypto:n}},te="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",qe=e=>{const n=[];for(let s=0;s<e.byteLength;s+=1){const t=e[s]%te.length;n.push(te[t])}return n.join("")},oe=e=>{const n=new Uint8Array(e),{hasCrypto:s}=Ae();if(s)window.crypto.getRandomValues(n);else for(let t=0;t<e;t+=1)n[t]=Math.random()*te.length|0;return qe(n)};function Ge(e){const n=new ArrayBuffer(e.length),s=new Uint8Array(n);for(let t=0;t<e.length;t++)s[t]=e.charCodeAt(t);return s}function Se(e){return new Promise((n,s)=>{crypto.subtle.digest("SHA-256",Ge(e)).then(t=>n(se(new Uint8Array(t))),t=>s(t))})}const Ye=e=>{if(e.length<43||e.length>128)return Promise.reject(new Error("Invalid code length."));const{hasSubtleCrypto:n}=Ae();return n?Se(e):Promise.reject(new Error("window.crypto.subtle is unavailable."))},Xe=60*60,ze=e=>async(n,s=Xe,t=window.sessionStorage,o=1e4)=>{const i=`${n}/.well-known/openid-configuration`,r=`oidc.server:${n}`,a=Ke(r,t,s);if(a)return new ce(a);const l=await M(e)(i,{},o);if(l.status!==200)return null;const f=await l.json();return Ue(r,f,t),new ce(f)},M=e=>async(n,s={},t=1e4,o=0)=>{let i;try{const r=new AbortController;setTimeout(()=>r.abort(),t),i=await e(n,{...s,signal:r.signal})}catch(r){if(r.name==="AbortError"||r.message==="Network request failed"){if(o<=1)return await M(e)(n,s,t,o+1);throw r}else throw console.error(r.message),r}return i},ie={refresh_token:"refresh_token",access_token:"access_token"},ve=e=>async(n,s,t=ie.refresh_token,o,i={},r=1e4)=>{const a={token:s,token_type_hint:t,client_id:o};for(const[c,_]of Object.entries(i))a[c]===void 0&&(a[c]=_);const l=[];for(const c in a){const _=encodeURIComponent(c),y=encodeURIComponent(a[c]);l.push(`${_}=${y}`)}const f=l.join("&");return(await M(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:f},r)).status!==200?{success:!1}:{success:!0}},Qe=e=>async(n,s,t,o,i={},r,a=1e4)=>{for(const[y,g]of Object.entries(t))s[y]===void 0&&(s[y]=g);const l=[];for(const y in s){const g=encodeURIComponent(y),w=encodeURIComponent(s[y]);l.push(`${g}=${w}`)}const f=l.join("&"),u=await M(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...i},body:f},a);if(u.status!==200)return{success:!1,status:u.status,demonstratingProofOfPossessionNonce:null};const c=await u.json();let _=null;return u.headers.has(Z)&&(_=u.headers.get(Z)),{success:!0,status:u.status,data:ne(c,o,r),demonstratingProofOfPossessionNonce:_}},Ze=(e,n)=>async(s,t)=>{t=t?{...t}:{};const o=oe(128),i=await Ye(o);await e.setCodeVerifierAsync(o),await e.setStateAsync(t.state),t.code_challenge=i,t.code_challenge_method="S256";let r="";if(t)for(const[a,l]of Object.entries(t))r===""?r+="?":r+="&",r+=`${a}=${encodeURIComponent(l)}`;n.open(`${s}${r}`)},Z="DPoP-Nonce",en=e=>async(n,s,t,o,i=1e4)=>{s=s?{...s}:{},s.code_verifier=await e.getCodeVerifierAsync();const r=[];for(const c in s){const _=encodeURIComponent(c),y=encodeURIComponent(s[c]);r.push(`${_}=${y}`)}const a=r.join("&"),l=await M(fetch)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...t},body:a},i);if(await Promise.all([e.setCodeVerifierAsync(null),e.setStateAsync(null)]),l.status!==200)return{success:!1,status:l.status};let f=null;l.headers.has(Z)&&(f=l.headers.get(Z));const u=await l.json();return{success:!0,data:{state:s.state,tokens:ne(u,null,o),demonstratingProofOfPossessionNonce:f}}};async function Te(e,n,s){const t=a=>{e.tokens=a},{tokens:o,status:i}=await ee(e)(0,n,s,t);return await I(e.configuration,e.configurationName)||await O(e.configurationName,e.configuration.storage).setTokens(e.tokens),e.tokens?o:(await e.destroyAsync(i),null)}const nn=async(e,n)=>{const s=await I(n,e.configurationName);if(s){const t=await e.initAsync(n.authority,n.authority_configuration),{tokens:o}=await s.initAsync(t,"tryKeepExistingSessionAsync",n);return o}else{const t=O(e.configurationName,n.storage??sessionStorage);let{tokens:o}=await t.initAsync();return o=X(o,e.tokens,n.token_renew_mode),o}};async function be(e,n=!1,s=null){const t=e.configuration,o=`${t.client_id}_${e.configurationName}_${t.authority}`;let i;const r=await I(e.configuration,e.configurationName);return(t==null?void 0:t.storage)===(window==null?void 0:window.sessionStorage)&&!r?i=await Te(e,n,s):i=await navigator.locks.request(o,{ifAvailable:!0},async a=>a?await Te(e,n,s):(e.publishEvent(N.eventNames.syncTokensAsync_lock_not_available,{lock:"lock not available"}),await nn(e,t))),i?(e.timeoutId&&(e.timeoutId=J(e,e.tokens.expiresAt,s)),e.tokens):null}const J=(e,n,s=null)=>{const t=e.configuration.refresh_time_before_tokens_expiration_in_second;return V.setTimeout(async()=>{const i={timeLeft:F(t,n)};e.publishEvent(N.eventNames.token_timer,i),await be(e,!1,s)},1e3)},W={FORCE_REFRESH:"FORCE_REFRESH",SESSION_LOST:"SESSION_LOST",NOT_CONNECTED:"NOT_CONNECTED",TOKENS_VALID:"TOKENS_VALID",TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID",LOGOUT_FROM_ANOTHER_TAB:"LOGOUT_FROM_ANOTHER_TAB",REQUIRE_SYNC_TOKENS:"REQUIRE_SYNC_TOKENS"},sn=e=>async(n,s,t,o=!1)=>{const i={nonce:null};if(!t)return{tokens:null,status:"NOT_CONNECTED",nonce:i};let r=i;const a=await e.initAsync(n.authority,n.authority_configuration),l=await I(n,s);if(l){const{status:c,tokens:_}=await l.initAsync(a,"syncTokensAsync",n);if(c==="LOGGED_OUT")return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};if(c==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(!c||!_)return{tokens:null,status:"REQUIRE_SYNC_TOKENS",nonce:i};if(_.issuedAt!==t.issuedAt){const g=F(n.refresh_time_before_tokens_expiration_in_second,_.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",w=await l.getNonceAsync();return{tokens:_,status:g,nonce:w}}r=await l.getNonceAsync()}else{const c=O(s,n.storage??sessionStorage);let{tokens:_,status:y}=await c.initAsync();if(_&&(_=X(_,e.tokens,n.token_renew_mode)),_){if(y==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(_.issuedAt!==t.issuedAt){const w=F(n.refresh_time_before_tokens_expiration_in_second,_.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",k=await c.getNonceAsync();return{tokens:_,status:w,nonce:k}}}else return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};r=await c.getNonceAsync()}const u=F(n.refresh_time_before_tokens_expiration_in_second,t.expiresAt)>0?"TOKENS_VALID":"TOKENS_INVALID";return o?{tokens:t,status:"FORCE_REFRESH",nonce:r}:{tokens:t,status:u,nonce:r}},ee=e=>async(n=0,s=!1,t=null,o)=>{if(!navigator.onLine&&document.hidden)return{tokens:e.tokens,status:"GIVE_UP"};let i=6;for(;!navigator.onLine&&i>0;)await Q({milliseconds:1e3}),i--,e.publishEvent(m.refreshTokensAsync,{message:`wait because navigator is offline try ${i}`});const r=n+1;t||(t={});const a=e.configuration,l=(u,c=null,_=null)=>re(e.configurationName,e.configuration,e.publishEvent.bind(e))(u,c,_),f=async()=>{try{let u;const c=await I(a,e.configurationName);c?u=c.getLoginParams():u=O(e.configurationName,a.storage).getLoginParams();const _=await l({...u.extras,...t,prompt:"none"});return _?_.error?(o(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent"}),{tokens:null,status:"SESSION_LOST"}):(o(_.tokens),e.publishEvent(N.eventNames.token_renewed,{}),{tokens:_.tokens,status:"LOGGED"}):(o(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent not active"}),{tokens:null,status:"SESSION_LOST"})}catch(u){return console.error(u),e.publishEvent(m.refreshTokensAsync_silent_error,{message:"exceptionSilent",exception:u.message}),await ee(e)(r,s,t,o)}};try{const{status:u,tokens:c,nonce:_}=await sn(e)(a,e.configurationName,e.tokens,s);switch(u){case W.SESSION_LOST:return o(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token session lost"}),{tokens:null,status:"SESSION_LOST"};case W.NOT_CONNECTED:return o(null),{tokens:null,status:null};case W.TOKENS_VALID:return o(c),{tokens:c,status:"LOGGED_IN"};case W.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:return o(c),e.publishEvent(N.eventNames.token_renewed,{reason:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID"}),{tokens:c,status:"LOGGED_IN"};case W.LOGOUT_FROM_ANOTHER_TAB:return o(null),e.publishEvent(m.logout_from_another_tab,{status:"session syncTokensAsync"}),{tokens:null,status:"LOGGED_OUT"};case W.REQUIRE_SYNC_TOKENS:return a.token_automatic_renew_mode==$.AutomaticOnlyWhenFetchExecuted&&W.FORCE_REFRESH!==u?(e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:"GIVE_UP"}):(e.publishEvent(m.refreshTokensAsync_begin,{tryNumber:n}),await f());default:{if(a.token_automatic_renew_mode==$.AutomaticOnlyWhenFetchExecuted&&W.FORCE_REFRESH!==u)return e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:"GIVE_UP"};if(e.publishEvent(m.refreshTokensAsync_begin,{refreshToken:c.refreshToken,status:u,tryNumber:n}),!c.refreshToken)return await f();const y=a.client_id,g=a.redirect_uri,w=a.authority,A={...a.token_request_extras?a.token_request_extras:{}};for(const[S,E]of Object.entries(t))S.endsWith(":token_request")&&(A[S.replace(":token_request","")]=E);return await(async()=>{const S={client_id:y,redirect_uri:g,grant_type:"refresh_token",refresh_token:c.refreshToken},E=await e.initAsync(w,a.authority_configuration),h=document.hidden?1e4:3e4*10,x=E.tokenEndpoint,d={};a.demonstrating_proof_of_possession&&(d.DPoP=await e.generateDemonstrationOfProofOfPossessionAsync(c.accessToken,x,"POST"));const p=await Qe(e.getFetch())(x,S,A,c,d,a.token_renew_mode,h);if(p.success){const{isValid:b,reason:D}=de(p.data,_.nonce,E);if(!b)return o(null),e.publishEvent(m.refreshTokensAsync_error,{message:`refresh token return not valid tokens, reason: ${D}`}),{tokens:null,status:"SESSION_LOST"};if(o(p.data),p.demonstratingProofOfPossessionNonce){const v=await I(a,e.configurationName);v?await v.setDemonstratingProofOfPossessionNonce(p.demonstratingProofOfPossessionNonce):await O(e.configurationName,a.storage).setDemonstratingProofOfPossessionNonce(p.demonstratingProofOfPossessionNonce)}return e.publishEvent(m.refreshTokensAsync_end,{success:p.success}),e.publishEvent(N.eventNames.token_renewed,{reason:"REFRESH_TOKEN"}),{tokens:p.data,status:"LOGGED_IN"}}else return e.publishEvent(m.refreshTokensAsync_silent_error,{message:"bad request",tokenResponse:p}),p.status>=400&&p.status<500?(o(null),e.publishEvent(m.refreshTokensAsync_error,{message:`session lost: ${p.status}`}),{tokens:null,status:"SESSION_LOST"}):await ee(e)(r,s,t,o)})()}}}catch(u){return console.error(u),e.publishEvent(m.refreshTokensAsync_silent_error,{message:"exception",exception:u.message}),new Promise((c,_)=>{setTimeout(()=>{ee(e)(r,s,t,o).then(c).catch(_)},1e3)})}},re=(e,n,s)=>(t=null,o=null,i=null)=>{if(!n.silent_redirect_uri||!n.silent_login_uri)return Promise.resolve(null);try{s(m.silentLoginAsync_begin,{});let r="";if(o&&(t==null&&(t={}),t.state=o),i&&(t==null&&(t={}),t.scope=i),t!=null)for(const[c,_]of Object.entries(t))r===""?r=`?${encodeURIComponent(c)}=${encodeURIComponent(_)}`:r+=`&${encodeURIComponent(c)}=${encodeURIComponent(_)}`;const a=n.silent_login_uri+r,l=a.indexOf("/",a.indexOf("//")+2),f=a.substring(0,l),u=document.createElement("iframe");return u.width="0px",u.height="0px",u.id=`${e}_oidc_iframe`,u.setAttribute("src",a),document.body.appendChild(u),new Promise((c,_)=>{let y=!1;const g=()=>{window.removeEventListener("message",w),u.remove(),y=!0},w=k=>{if(k.origin===f&&k.source===u.contentWindow){const A=`${e}_oidc_tokens:`,T=`${e}_oidc_error:`,S=`${e}_oidc_exception:`,E=k.data;if(E&&typeof E=="string"&&!y){if(E.startsWith(A)){const h=JSON.parse(k.data.replace(A,""));s(m.silentLoginAsync_end,{}),c(h),g()}else if(E.startsWith(T)){const h=JSON.parse(k.data.replace(T,""));s(m.silentLoginAsync_error,h),c({error:"oidc_"+h.error,tokens:null,sessionState:null}),g()}else if(E.startsWith(S)){const h=JSON.parse(k.data.replace(S,""));s(m.silentLoginAsync_error,h),_(new Error(h.error)),g()}}}};try{window.addEventListener("message",w);const k=n.silent_login_timeout;setTimeout(()=>{y||(g(),s(m.silentLoginAsync_error,{reason:"timeout"}),_(new Error("timeout")))},k)}catch(k){g(),s(m.silentLoginAsync_error,k),_(k)}})}catch(r){throw s(m.silentLoginAsync_error,r),r}},tn=(e,n,s,t,o)=>(i=null,r=void 0)=>{i={...i};const a=(f,u,c)=>re(n,s,t.bind(o))(f,u,c);return(async()=>{o.timeoutId&&V.clearTimeout(o.timeoutId);let f;i&&"state"in i&&(f=i.state,delete i.state);try{const u=s.extras?{...s.extras,...i}:i,c=await a({...u,prompt:"none"},f,r);if(c)return o.tokens=c.tokens,t(m.token_aquired,{}),o.timeoutId=J(o,o.tokens.expiresAt,i),{}}catch(u){return u}})()},on=(e,n,s)=>(t,o,i,r=!1)=>{const a=(l,f=void 0,u=void 0)=>re(e.configurationName,s,e.publishEvent.bind(e))(l,f,u);return new Promise((l,f)=>{if(s.silent_login_uri&&s.silent_redirect_uri&&s.monitor_session&&t&&i&&!r){const u=()=>{e.checkSessionIFrame.stop();const c=e.tokens;if(c===null)return;const _=c.idToken,y=c.idTokenPayload;return a({prompt:"none",id_token_hint:_,scope:s.scope||"openid"}).then(g=>{if(g.error)throw new Error(g.error);const w=g.tokens.idTokenPayload;if(y.sub===w.sub){const k=g.sessionState;e.checkSessionIFrame.start(g.sessionState),y.sid===w.sid?console.debug("SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",k):console.debug("SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:",k)}else console.debug("SessionMonitor._callback: Different subject signed into OP:",w.sub)}).catch(async g=>{console.warn("SessionMonitor._callback: Silent login failed, logging out other tabs:",g);for(const[w,k]of Object.entries(n))await k.logoutOtherTabAsync(s.client_id,y.sub)})};e.checkSessionIFrame=new Ce(u,o,t),e.checkSessionIFrame.load().then(()=>{e.checkSessionIFrame.start(i),l(e.checkSessionIFrame)}).catch(c=>{f(c)})}else l(null)})},Ee=e=>{const n=e.match(/^([a-z][\w-]+\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/);if(!n)throw new Error("Invalid URL");let s=n[6],t=n[7];if(t){const o=t.split("?");o.length===2&&(t=o[0],s=o[1])}return s.startsWith("?")&&(s=s.slice(1)),n&&{href:e,protocol:n[1],host:n[2],hostname:n[3],port:n[4],path:n[5],search:s,hash:t}},rn=e=>{const n=Ee(e);let{path:s}=n;s.endsWith("/")&&(s=s.slice(0,-1));let{hash:t}=n;return t==="#_=_"&&(t=""),t&&(s+=t),s},B=e=>{const n=Ee(e),{search:s}=n;return an(s)},an=e=>{const n={};let s,t,o;const i=e.split("&");for(t=0,o=i.length;t<o;t++)s=i[t].split("="),n[decodeURIComponent(s[0])]=decodeURIComponent(s[1]);return n},cn=(e,n,s,t,o)=>(i=void 0,r=null,a=!1,l=void 0)=>{const f=r;return r={...r},(async()=>{const c=i||o.getPath();if("state"in r||(r.state=oe(16)),s(m.loginAsync_begin,{}),r)for(const _ of Object.keys(r))_.endsWith(":token_request")&&delete r[_];try{const _=a?n.silent_redirect_uri:n.redirect_uri;l||(l=n.scope);const y=n.extras?{...n.extras,...r}:r;y.nonce||(y.nonce=oe(12));const g={nonce:y.nonce},w=await I(n,e),k=await t(n.authority,n.authority_configuration);let A;if(w)w.setLoginParams({callbackPath:c,extras:f}),await w.initAsync(k,"loginAsync",n),await w.setNonceAsync(g),w.startKeepAliveServiceWorker(),A=w;else{const S=O(e,n.storage??sessionStorage);S.setLoginParams({callbackPath:c,extras:f}),await S.setNonceAsync(g),A=S}const T={client_id:n.client_id,redirect_uri:_,scope:l,response_type:"code",...y};await Ze(A,o)(k.authorizationEndpoint,T)}catch(_){throw s(m.loginAsync_error,_),_}})()},ln=e=>async(n=!1)=>{try{e.publishEvent(m.loginCallbackAsync_begin,{});const s=e.configuration,t=s.client_id,o=n?s.silent_redirect_uri:s.redirect_uri,i=s.authority,r=s.token_request_timeout,a=await e.initAsync(i,s.authority_configuration),l=e.location.getCurrentHref(),u=B(l).session_state,c=await I(s,e.configurationName);let _,y,g,w;if(c)await c.initAsync(a,"loginCallbackAsync",s),await c.setSessionStateAsync(u),y=await c.getNonceAsync(),g=c.getLoginParams(),w=await c.getStateAsync(),c.startKeepAliveServiceWorker(),_=c;else{const v=O(e.configurationName,s.storage??sessionStorage);await v.setSessionStateAsync(u),y=await v.getNonceAsync(),g=v.getLoginParams(),w=await v.getStateAsync(),_=v}const k=B(l);if(k.error||k.error_description)throw new Error(`Error from OIDC server: ${k.error} - ${k.error_description}`);if(k.iss&&k.iss!==a.issuer)throw console.error(),new Error(`Issuer not valid (expected: ${a.issuer}, received: ${k.iss})`);if(k.state&&k.state!==w)throw new Error(`State not valid (expected: ${w}, received: ${k.state})`);const A={code:k.code,grant_type:"authorization_code",client_id:s.client_id,redirect_uri:o},T={};if(s.token_request_extras)for(const[v,q]of Object.entries(s.token_request_extras))T[v]=q;if(g&&g.extras)for(const[v,q]of Object.entries(g.extras))v.endsWith(":token_request")&&(T[v.replace(":token_request","")]=q);const S=a.tokenEndpoint,E={};if(s.demonstrating_proof_of_possession)if(c)E.DPoP=`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;else{const v=await He(window)(s.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm);await O(e.configurationName,s.storage).setDemonstratingProofOfPossessionJwkAsync(v),E.DPoP=await we(window)(s.demonstrating_proof_of_possession_configuration)(v,"POST",S)}const h=await en(_)(S,{...A,...T},E,e.configuration.token_renew_mode,r);if(!h.success)throw new Error("Token request failed");let x;const d=h.data.tokens,p=h.data.demonstratingProofOfPossessionNonce;if(h.data.state!==T.state)throw new Error("state is not valid");const{isValid:b,reason:D}=de(d,y.nonce,a);if(!b)throw new Error(`Tokens are not OpenID valid, reason: ${D}`);if(c){if(d.refreshToken&&!d.refreshToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Refresh token should be hidden by service worker");if(p&&d.accessToken&&d.accessToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Demonstration of proof of possession require Access token not hidden by service worker")}if(c)await c.initAsync(a,"syncTokensAsync",s),x=c.getLoginParams(),p&&await c.setDemonstratingProofOfPossessionNonce(p);else{const v=O(e.configurationName,s.storage);x=v.getLoginParams(),p&&await v.setDemonstratingProofOfPossessionNonce(p)}return await e.startCheckSessionAsync(a.checkSessionIframe,t,u,n),e.publishEvent(m.loginCallbackAsync_end,{}),{tokens:d,state:"request.state",callbackPath:x.callbackPath}}catch(s){throw console.error(s),e.publishEvent(m.loginCallbackAsync_error,s),s}},Pe={access_token:"access_token",refresh_token:"refresh_token"},ae=(e,n)=>{const s={};if(e){for(const[t,o]of Object.entries(e))if(t.endsWith(n)){const i=t.replace(n,"");s[i]=o}return s}return s},un=e=>{const n={};if(e){for(const[s,t]of Object.entries(e))s.includes(":")||(n[s]=t);return n}return n},_n=e=>async n=>{V.clearTimeout(e.timeoutId),e.timeoutId=null,e.checkSessionIFrame&&e.checkSessionIFrame.stop();const s=await I(e.configuration,e.configurationName);s?await s.clearAsync(n):await O(e.configurationName,e.configuration.storage).clearAsync(n),e.tokens=null,e.userInfo=null},fn=(e,n,s,t,o)=>async(i=void 0,r=null)=>{const a=e.configuration,l=await e.initAsync(a.authority,a.authority_configuration);i&&typeof i!="string"&&(i=void 0,t.warn("callbackPathOrUrl path is not a string"));const f=i??o.getPath();let u=!1;i&&(u=i.includes("https://")||i.includes("http://"));const c=u?i:o.getOrigin()+f,_=e.tokens?e.tokens.idToken:"";try{const A=l.revocationEndpoint;if(A){const T=[],S=e.tokens?e.tokens.accessToken:null;if(S&&a.logout_tokens_to_invalidate.includes(Pe.access_token)){const h=ae(r,":revoke_access_token"),x=ve(s)(A,S,ie.access_token,a.client_id,h);T.push(x)}const E=e.tokens?e.tokens.refreshToken:null;if(E&&a.logout_tokens_to_invalidate.includes(Pe.refresh_token)){const h=ae(r,":revoke_refresh_token"),x=ve(s)(A,E,ie.refresh_token,a.client_id,h);T.push(x)}T.length>0&&await Promise.all(T)}}catch(A){t.warn("logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error"),t.warn(A)}const y=e.tokens&&e.tokens.idTokenPayload?e.tokens.idTokenPayload.sub:null;await e.destroyAsync("LOGGED_OUT");for(const[A,T]of Object.entries(n))T!==e?await e.logoutSameTabAsync(e.configuration.client_id,y):e.publishEvent(m.logout_from_same_tab,{});const g=ae(r,":oidc");if(g&&g.no_reload==="true")return;const k=un(r);if(l.endSessionEndpoint){"id_token_hint"in k||(k.id_token_hint=_),!("post_logout_redirect_uri"in k)&&i!==null&&(k.post_logout_redirect_uri=c);let A="";for(const[T,S]of Object.entries(k))S!=null&&(A===""?A+="?":A+="&",A+=`${T}=${encodeURIComponent(S)}`);o.open(`${l.endSessionEndpoint}${A}`)}else o.reload()},Oe=(e,n,s=!1)=>async(...t)=>{var y;const[o,i,...r]=t,a=i?{...i}:{method:"GET"};let l=new Headers;a.headers&&(l=a.headers instanceof Headers?a.headers:new Headers(a.headers));const f=n,u=await fe(f),c=(y=u==null?void 0:u.tokens)==null?void 0:y.accessToken;if(l.has("Accept")||l.set("Accept","application/json"),c){if(f.configuration.demonstrating_proof_of_possession&&s){const g=await f.generateDemonstrationOfProofOfPossessionAsync(c,o.toString(),a.method);l.set("Authorization",`PoP ${c}`),l.set("DPoP",g)}else l.set("Authorization",`Bearer ${c}`);a.credentials||(a.credentials="same-origin")}const _={...a,headers:l};return await e(o,_,...r)},dn=e=>async(n=!1,s=!1)=>{if(e.userInfo!=null&&!n)return e.userInfo;const t=e.configuration,i=(await e.initAsync(t.authority,t.authority_configuration)).userInfoEndpoint,a=await(async()=>{const f=await Oe(fetch,e,s)(i);return f.status!==200?null:f.json()})();return e.userInfo=a,a};class H{open(n){window.location.href=n}reload(){window.location.reload()}getCurrentHref(){return window.location.href}getPath(){const n=window.location;return n.pathname+(n.search||"")+(n.hash||"")}getOrigin(){return window.origin}}const hn=e=>!!(e.os==="iOS"&&e.osVersion.startsWith("12")||e.os==="Mac OS X"&&e.osVersion.startsWith("10_15_6")),yn=e=>{const n=e.appVersion,s=e.userAgent,t="-";let o=t;const i=[{s:"Windows 10",r:/(Windows 10.0|Windows NT 10.0)/},{s:"Windows 8.1",r:/(Windows 8.1|Windows NT 6.3)/},{s:"Windows 8",r:/(Windows 8|Windows NT 6.2)/},{s:"Windows 7",r:/(Windows 7|Windows NT 6.1)/},{s:"Windows Vista",r:/Windows NT 6.0/},{s:"Windows Server 2003",r:/Windows NT 5.2/},{s:"Windows XP",r:/(Windows NT 5.1|Windows XP)/},{s:"Windows 2000",r:/(Windows NT 5.0|Windows 2000)/},{s:"Windows ME",r:/(Win 9x 4.90|Windows ME)/},{s:"Windows 98",r:/(Windows 98|Win98)/},{s:"Windows 95",r:/(Windows 95|Win95|Windows_95)/},{s:"Windows NT 4.0",r:/(Windows NT 4.0|WinNT4.0|WinNT|Windows NT)/},{s:"Windows CE",r:/Windows CE/},{s:"Windows 3.11",r:/Win16/},{s:"Android",r:/Android/},{s:"Open BSD",r:/OpenBSD/},{s:"Sun OS",r:/SunOS/},{s:"Chrome OS",r:/CrOS/},{s:"Linux",r:/(Linux|X11(?!.*CrOS))/},{s:"iOS",r:/(iPhone|iPad|iPod)/},{s:"Mac OS X",r:/Mac OS X/},{s:"Mac OS",r:/(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/},{s:"QNX",r:/QNX/},{s:"UNIX",r:/UNIX/},{s:"BeOS",r:/BeOS/},{s:"OS/2",r:/OS\/2/},{s:"Search Bot",r:/(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/}];for(const a in i){const l=i[a];if(l.r.test(s)){o=l.s;break}}let r=t;switch(/Windows/.test(o)&&(r=/Windows (.*)/.exec(o)[1],o="Windows"),o){case"Mac OS":case"Mac OS X":case"Android":r=/(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(s)[1];break;case"iOS":{const a=/OS (\d+)_(\d+)_?(\d+)?/.exec(n);a!=null&&a.length>2&&(r=a[1]+"."+a[2]+"."+(parseInt(a[3])|0));break}}return{os:o,osVersion:r}};function gn(){const e=navigator.userAgent;let n,s=e.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i)||[];if(/trident/i.test(s[1]))return n=/\brv[ :]+(\d+)/g.exec(e)||[],{name:"ie",version:n[1]||""};if(s[1]==="Chrome"&&(n=e.match(/\bOPR|Edge\/(\d+)/),n!=null)){let t=n[1];if(!t){const o=e.split(n[0]+"/");o.length>1&&(t=o[1])}return{name:"opera",version:t}}return s=s[2]?[s[1],s[2]]:[navigator.appName,navigator.appVersion,"-?"],(n=e.match(/version\/(\d+)/i))!=null&&s.splice(1,1,n[1]),{name:s[0].toLowerCase(),version:s[1]}}const kn=()=>{const{name:e,version:n}=gn();if(e==="chrome"&&parseInt(n)<=70||e==="opera"&&(!n||parseInt(n.split(".")[0])<80)||e==="ie")return!1;const s=yn(navigator);return!hn(s)},mn=async e=>{let n;if(e.tokens!=null)return!1;e.publishEvent(m.tryKeepExistingSessionAsync_begin,{});try{const s=e.configuration,t=await e.initAsync(s.authority,s.authority_configuration);if(n=await I(s,e.configurationName),n){const{tokens:o}=await n.initAsync(t,"tryKeepExistingSessionAsync",s);if(o){n.startKeepAliveServiceWorker(),e.tokens=o;const i=n.getLoginParams(e.configurationName);e.timeoutId=J(e,e.tokens.expiresAt,i.extras);const r=await n.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,r),s.preload_user_info&&await e.userInfoAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside ServiceWorker are valid"}),!0}e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:"no exiting session found"})}else{s.service_worker_relative_url&&e.publishEvent(m.service_worker_not_supported_by_browser,{message:"service worker is not supported by this browser"});const o=O(e.configurationName,s.storage??sessionStorage),{tokens:i}=await o.initAsync();if(i){e.tokens=X(i,null,s.token_renew_mode);const r=o.getLoginParams();e.timeoutId=J(e,e.tokens.expiresAt,r.extras);const a=await o.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,a),s.preload_user_info&&await e.userInfoAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside storage are valid"}),!0}}return e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:n?"service worker sessions not retrieved":"session storage sessions not retrieved"}),!1}catch(s){return console.error(s),n&&await n.clearAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_error,"tokens inside ServiceWorker are invalid"),!1}},Ie=()=>fetch;class ce{constructor(n){this.authorizationEndpoint=n.authorization_endpoint,this.tokenEndpoint=n.token_endpoint,this.revocationEndpoint=n.revocation_endpoint,this.userInfoEndpoint=n.userinfo_endpoint,this.checkSessionIframe=n.check_session_iframe,this.issuer=n.issuer,this.endSessionEndpoint=n.end_session_endpoint}}const L={},pn=(e,n=new H)=>(s,t="default")=>(L[t]||(L[t]=new N(s,t,e,n)),L[t]),wn=async e=>{const{parsedTokens:n,callbackPath:s}=await e.loginCallbackAsync();return e.timeoutId=J(e,n.expiresAt),{callbackPath:s}},An=e=>Math.floor(Math.random()*e),j=class j{constructor(n,s="default",t,o=new H){this.initPromise=null,this.tryKeepExistingSessionPromise=null,this.loginPromise=null,this.loginCallbackPromise=null,this.loginCallbackWithAutoTokensRenewPromise=null,this.userInfoPromise=null,this.renewTokensPromise=null,this.logoutPromise=null;let i=n.silent_login_uri;n.silent_redirect_uri&&!n.silent_login_uri&&(i=`${n.silent_redirect_uri.replace("-callback","").replace("callback","")}-login`);let r=n.refresh_time_before_tokens_expiration_in_second??120;r>60&&(r=r-Math.floor(Math.random()*40)),this.location=o??new H;const a=n.service_worker_update_require_callback??$e(this.location);this.configuration={...n,silent_login_uri:i,token_automatic_renew_mode:n.token_automatic_renew_mode??$.AutomaticBeforeTokenExpiration,monitor_session:n.monitor_session??!1,refresh_time_before_tokens_expiration_in_second:r,silent_login_timeout:n.silent_login_timeout??12e3,token_renew_mode:n.token_renew_mode??Y.access_token_or_id_token_invalid,demonstrating_proof_of_possession:n.demonstrating_proof_of_possession??!1,authority_timeout_wellknowurl_in_millisecond:n.authority_timeout_wellknowurl_in_millisecond??1e4,logout_tokens_to_invalidate:n.logout_tokens_to_invalidate??["access_token","refresh_token"],service_worker_update_require_callback:a,service_worker_activate:n.service_worker_activate??kn,demonstrating_proof_of_possession_configuration:n.demonstrating_proof_of_possession_configuration??Ve,preload_user_info:n.preload_user_info??!1},this.getFetch=t??Ie,this.configurationName=s,this.tokens=null,this.userInfo=null,this.events=[],this.timeoutId=null,this.loginCallbackWithAutoTokensRenewAsync.bind(this),this.initAsync.bind(this),this.loginCallbackAsync.bind(this),this.subscribeEvents.bind(this),this.removeEventSubscription.bind(this),this.publishEvent.bind(this),this.destroyAsync.bind(this),this.logoutAsync.bind(this),this.renewTokensAsync.bind(this),this.initAsync(this.configuration.authority,this.configuration.authority_configuration)}subscribeEvents(n){const s=An(9999999999999).toString();return this.events.push({id:s,func:n}),s}removeEventSubscription(n){const s=this.events.filter(t=>t.id!==n);this.events=s}publishEvent(n,s){this.events.forEach(t=>{t.func(n,s)})}static get(n="default"){const s=typeof process>"u";if(!Object.prototype.hasOwnProperty.call(L,n)&&s)throw Error(`OIDC library does seem initialized.
|
|
2
|
-
Please checkout that you are using OIDC hook inside a <OidcProvider configurationName="${n}"></OidcProvider> component.`);return
|
|
1
|
+
(function(C,W){typeof exports=="object"&&typeof module<"u"?W(exports):typeof define=="function"&&define.amd?define(["exports"],W):(C=typeof globalThis<"u"?globalThis:C||self,W(C["oidc-client"]={}))})(this,function(C){"use strict";class W{open(n){window.location.href=n}reload(){window.location.reload()}getCurrentHref(){return window.location.href}getPath(){const n=window.location;return n.pathname+(n.search||"")+(n.hash||"")}getOrigin(){return window.origin}}const le=2e3,$=console;class Ce{constructor(n,s,t,o=le,i=!0){this._callback=n,this._client_id=s,this._url=t,this._interval=o||le,this._stopOnError=i;const r=t.indexOf("/",t.indexOf("//")+2);this._frame_origin=t.substring(0,r),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.style.display="none",this._frame.width=0,this._frame.height=0,this._frame.src=t}load(){return new Promise(n=>{this._frame.onload=()=>{n()},window.document.body.appendChild(this._frame),this._boundMessageEvent=this._message.bind(this),window.addEventListener("message",this._boundMessageEvent,!1)})}_message(n){n.origin===this._frame_origin&&n.source===this._frame.contentWindow&&(n.data==="error"?($.error("CheckSessionIFrame: error message from check session op iframe"),this._stopOnError&&this.stop()):n.data==="changed"?($.debug(n),$.debug("CheckSessionIFrame: changed message from check session op iframe"),this.stop(),this._callback()):$.debug("CheckSessionIFrame: "+n.data+" message from check session op iframe"))}start(n){$.debug("CheckSessionIFrame.start :"+n),this.stop();const s=()=>{this._frame.contentWindow.postMessage(this._client_id+" "+n,this._frame_origin)};s(),this._timer=window.setInterval(s,this._interval)}stop(){this._timer&&($.debug("CheckSessionIFrame.stop"),window.clearInterval(this._timer),this._timer=null)}}const m={service_worker_not_supported_by_browser:"service_worker_not_supported_by_browser",token_aquired:"token_aquired",logout_from_another_tab:"logout_from_another_tab",logout_from_same_tab:"logout_from_same_tab",token_renewed:"token_renewed",token_timer:"token_timer",loginAsync_begin:"loginAsync_begin",loginAsync_error:"loginAsync_error",loginCallbackAsync_begin:"loginCallbackAsync_begin",loginCallbackAsync_end:"loginCallbackAsync_end",loginCallbackAsync_error:"loginCallbackAsync_error",refreshTokensAsync_begin:"refreshTokensAsync_begin",refreshTokensAsync:"refreshTokensAsync",refreshTokensAsync_end:"refreshTokensAsync_end",refreshTokensAsync_error:"refreshTokensAsync_error",refreshTokensAsync_silent_error:"refreshTokensAsync_silent_error",tryKeepExistingSessionAsync_begin:"tryKeepExistingSessionAsync_begin",tryKeepExistingSessionAsync_end:"tryKeepExistingSessionAsync_end",tryKeepExistingSessionAsync_error:"tryKeepExistingSessionAsync_error",silentLoginAsync_begin:"silentLoginAsync_begin",silentLoginAsync:"silentLoginAsync",silentLoginAsync_end:"silentLoginAsync_end",silentLoginAsync_error:"silentLoginAsync_error",syncTokensAsync_begin:"syncTokensAsync_begin",syncTokensAsync_lock_not_available:"syncTokensAsync_lock_not_available",syncTokensAsync_end:"syncTokensAsync_end",syncTokensAsync_error:"syncTokensAsync_error",tokensInvalidAndWaitingActionsToRefresh:"tokensInvalidAndWaitingActionsToRefresh"},O=(e,n=sessionStorage)=>{const s=y=>(n[`oidc.${e}`]=JSON.stringify({tokens:null,status:y}),Promise.resolve()),t=async()=>{if(!n[`oidc.${e}`])return n[`oidc.${e}`]=JSON.stringify({tokens:null,status:null}),{tokens:null,status:null};const y=JSON.parse(n[`oidc.${e}`]);return Promise.resolve({tokens:y.tokens,status:y.status})},o=y=>{n[`oidc.${e}`]=JSON.stringify({tokens:y})},i=async y=>{n[`oidc.session_state.${e}`]=y},r=async()=>n[`oidc.session_state.${e}`],a=y=>{n[`oidc.nonce.${e}`]=y.nonce},u=y=>{n[`oidc.jwk.${e}`]=JSON.stringify(y)},d=()=>JSON.parse(n[`oidc.jwk.${e}`]),l=async()=>({nonce:n[`oidc.nonce.${e}`]}),c=async y=>{n[`oidc.dpop_nonce.${e}`]=y},_=()=>n[`oidc.dpop_nonce.${e}`],h=()=>n[`oidc.${e}`]?JSON.stringify({tokens:JSON.parse(n[`oidc.${e}`]).tokens}):null,g={};return{clearAsync:s,initAsync:t,setTokens:o,getTokens:h,setSessionStateAsync:i,getSessionStateAsync:r,setNonceAsync:a,getNonceAsync:l,setLoginParams:y=>{g[e]=y,n[`oidc.login.${e}`]=JSON.stringify(y)},getLoginParams:()=>{const y=n[`oidc.login.${e}`];return y?(g[e]||(g[e]=JSON.parse(y)),g[e]):(console.warn(`storage[oidc.login.${e}] is empty, you should have an bad OIDC or code configuration somewhere.`),null)},getStateAsync:async()=>n[`oidc.state.${e}`],setStateAsync:async y=>{n[`oidc.state.${e}`]=y},getCodeVerifierAsync:async()=>n[`oidc.code_verifier.${e}`],setCodeVerifierAsync:async y=>{n[`oidc.code_verifier.${e}`]=y},setDemonstratingProofOfPossessionNonce:c,getDemonstratingProofOfPossessionNonce:_,setDemonstratingProofOfPossessionJwkAsync:u,getDemonstratingProofOfPossessionJwkAsync:d}};var K=(e=>(e.AutomaticBeforeTokenExpiration="AutomaticBeforeTokensExpiration",e.AutomaticOnlyWhenFetchExecuted="AutomaticOnlyWhenFetchExecuted",e))(K||{});const Ne=e=>decodeURIComponent(Array.prototype.map.call(atob(e),n=>"%"+("00"+n.charCodeAt(0).toString(16)).slice(-2)).join("")),xe=e=>JSON.parse(Ne(e.replaceAll(/-/g,"+").replaceAll(/_/g,"/"))),ue=e=>{try{return e&&We(e,".")===2?xe(e.split(".")[1]):null}catch(n){console.warn(n)}return null},We=(e,n)=>e.split(n).length-1,G={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"};function Le(e,n,s){if(e.issuedAt){if(typeof e.issuedAt=="string")return parseInt(e.issuedAt,10)}else return n&&n.iat?n.iat:s&&s.iat?s.iat:new Date().getTime()/1e3;return e.issuedAt}const Y=(e,n=null,s)=>{if(!e)return null;let t;const o=typeof e.expiresIn=="string"?parseInt(e.expiresIn,10):e.expiresIn;e.accessTokenPayload!==void 0?t=e.accessTokenPayload:t=ue(e.accessToken);let i;n!=null&&"idToken"in n&&!("idToken"in e)?i=n.idToken:i=e.idToken;const r=e.idTokenPayload?e.idTokenPayload:ue(i),a=r&&r.exp?r.exp:Number.MAX_VALUE,u=t&&t.exp?t.exp:e.issuedAt+o;e.issuedAt=Le(e,t,r);let d;e.expiresAt?d=e.expiresAt:s===G.access_token_invalid?d=u:s===G.id_token_invalid?d=a:d=a<u?a:u;const l={...e,idTokenPayload:r,accessTokenPayload:t,expiresAt:d,idToken:i};if(n!=null&&"refreshToken"in n&&!("refreshToken"in e)){const c=n.refreshToken;return{...l,refreshToken:c}}return l},ee=(e,n,s)=>{if(!e)return null;if(!e.issued_at){const o=new Date().getTime()/1e3;e.issued_at=o}const t={accessToken:e.access_token,expiresIn:e.expires_in,idToken:e.id_token,scope:e.scope,tokenType:e.token_type,issuedAt:e.issued_at};return"refresh_token"in e&&(t.refreshToken=e.refresh_token),e.accessTokenPayload!==void 0&&(t.accessTokenPayload=e.accessTokenPayload),e.idTokenPayload!==void 0&&(t.idTokenPayload=e.idTokenPayload),Y(t,n,s)},V=(e,n)=>{const s=new Date().getTime()/1e3,t=n-s;return Math.round(t-e)},_e=e=>e?V(0,e.expiresAt)>0:!1,fe=async(e,n=200,s=50)=>{let t=s;if(!e.tokens)return null;for(;!_e(e.tokens)&&t>0;){if(e.configuration.token_automatic_renew_mode==K.AutomaticOnlyWhenFetchExecuted){await e.renewTokensAsync({});break}else await z({milliseconds:n});t=t-1}return{isTokensValid:_e(e.tokens),tokens:e.tokens,numberWaited:t-s}},de=(e,n,s)=>{if(e.idTokenPayload){const t=e.idTokenPayload;if(s.issuer!==t.iss)return{isValid:!1,reason:`Issuer does not match (oidcServerConfiguration issuer) ${s.issuer} !== (idTokenPayload issuer) ${t.iss}`};const o=new Date().getTime()/1e3;if(t.exp&&t.exp<o)return{isValid:!1,reason:`Token expired (idTokenPayload exp) ${t.exp} < (currentTimeUnixSecond) ${o}`};const i=60*60*24*7;if(t.iat&&t.iat+i<o)return{isValid:!1,reason:`Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${t.iat+i} < (currentTimeUnixSecond) ${o}`};if(t.nonce&&t.nonce!==n)return{isValid:!1,reason:`Nonce does not match (idTokenPayload nonce) ${t.nonce} !== (nonce) ${n}`}}return{isValid:!0,reason:""}},M=function(){const e=typeof window>"u"?global:window;return{setTimeout:setTimeout.bind(e),clearTimeout:clearTimeout.bind(e),setInterval:setInterval.bind(e),clearInterval:clearInterval.bind(e)}}(),he="7.22.19";let ye=null,X;const z=({milliseconds:e})=>new Promise(n=>M.setTimeout(n,e)),ge=(e="/")=>{try{X=new AbortController,fetch(`${e}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`,{signal:X.signal}).catch(t=>{console.log(t)}),z({milliseconds:150*1e3}).then(ge)}catch(n){console.log(n)}},De=()=>{X&&X.abort()},Re=(e="/")=>fetch(`${e}OidcKeepAliveServiceWorker.json`,{headers:{"oidc-vanilla":"true"}}).then(n=>n.statusText==="oidc-service-worker").catch(n=>{console.log(n)}),$e=e=>async(n,s)=>{s(),await n.update();const t=await n.unregister();console.log(`Service worker unregistration ${t?"successful":"failed"}`),await z({milliseconds:2e3}),e.reload()},E=e=>n=>new Promise(function(s,t){const o=new MessageChannel;o.port1.onmessage=function(i){i.data&&i.data.error?t(i.data.error):s(i.data),o.port1.close(),o.port2.close()},e.active.postMessage(n,[o.port2])}),I=async(e,n)=>{const s=()=>{const f=sessionStorage.getItem(`oidc.tabId.${n}`);if(f)return f;const p=globalThis.crypto.randomUUID();return sessionStorage.setItem(`oidc.tabId.${n}`,p),p},t=e.service_worker_relative_url;if(typeof window>"u"||typeof navigator>"u"||!navigator.serviceWorker||!t||e.service_worker_activate()===!1)return null;let o=null;e.register?o=await e.service_worker_register(t):o=await navigator.serviceWorker.register(t);try{await navigator.serviceWorker.ready,navigator.serviceWorker.controller||await E(o)({type:"claim"})}catch{return null}const i=async f=>E(o)({type:"clear",data:{status:f},configurationName:n}),r=async(f,p,v)=>{const R=await E(o)({type:"init",data:{oidcServerConfiguration:f,where:p,oidcConfiguration:{token_renew_mode:v.token_renew_mode,service_worker_convert_all_requests_to_cors:v.service_worker_convert_all_requests_to_cors}},configurationName:n,tabId:s()}),T=R.version;return T!==he&&(console.warn(`Service worker ${T} version mismatch with js client version ${he}, unregistering and reloading`),await v.service_worker_update_require_callback(o,De)),{tokens:ee(R.tokens,null,v.token_renew_mode),status:R.status}},a=(f="/")=>{ye==null&&(ye="not_null",ge(f))},u=f=>E(o)({type:"setSessionState",data:{sessionState:f},configurationName:n}),d=async()=>(await E(o)({type:"getSessionState",data:null,configurationName:n})).sessionState,l=f=>{const p=s();return sessionStorage[`oidc.nonce.${n}`]=f.nonce,E(o)({type:"setNonce",data:{nonce:f},configurationName:n,tabId:p})},c=async()=>{const f=s();let v=(await E(o)({type:"getNonce",data:null,configurationName:n,tabId:f})).nonce;return v||(v=sessionStorage[`oidc.nonce.${n}`],console.warn("nonce not found in service worker, using sessionStorage")),{nonce:v}},_={};return{clearAsync:i,initAsync:r,startKeepAliveServiceWorker:()=>a(e.service_worker_keep_alive_path),isServiceWorkerProxyActiveAsync:()=>Re(e.service_worker_keep_alive_path),setSessionStateAsync:u,getSessionStateAsync:d,setNonceAsync:l,getNonceAsync:c,setLoginParams:f=>{_[n]=f,localStorage[`oidc.login.${n}`]=JSON.stringify(f)},getLoginParams:()=>{const f=localStorage[`oidc.login.${n}`];return _[n]||(_[n]=JSON.parse(f)),_[n]},getStateAsync:async()=>{const f=s();let v=(await E(o)({type:"getState",data:null,configurationName:n,tabId:f})).state;return v||(v=sessionStorage[`oidc.state.${n}`],console.warn("state not found in service worker, using sessionStorage")),v},setStateAsync:async f=>{const p=s();return sessionStorage[`oidc.state.${n}`]=f,E(o)({type:"setState",data:{state:f},configurationName:n,tabId:p})},getCodeVerifierAsync:async()=>{const f=s();let v=(await E(o)({type:"getCodeVerifier",data:null,configurationName:n,tabId:f})).codeVerifier;return v||(v=sessionStorage[`oidc.code_verifier.${n}`],console.warn("codeVerifier not found in service worker, using sessionStorage")),v},setCodeVerifierAsync:async f=>{const p=s();return sessionStorage[`oidc.code_verifier.${n}`]=f,E(o)({type:"setCodeVerifier",data:{codeVerifier:f},configurationName:n,tabId:p})},setDemonstratingProofOfPossessionNonce:async f=>{await E(o)({type:"setDemonstratingProofOfPossessionNonce",data:{demonstratingProofOfPossessionNonce:f},configurationName:n})},getDemonstratingProofOfPossessionNonce:async()=>(await E(o)({type:"getDemonstratingProofOfPossessionNonce",data:null,configurationName:n})).demonstratingProofOfPossessionNonce,setDemonstratingProofOfPossessionJwkAsync:async f=>{const p=JSON.stringify(f);await E(o)({type:"setDemonstratingProofOfPossessionJwk",data:{demonstratingProofOfPossessionJwkJson:p},configurationName:n})},getDemonstratingProofOfPossessionJwkAsync:async()=>{const f=await E(o)({type:"getDemonstratingProofOfPossessionJwk",data:null,configurationName:n});return f.demonstratingProofOfPossessionJwkJson?JSON.parse(f.demonstratingProofOfPossessionJwkJson):null}}},U={},Ke=(e,n=window.sessionStorage,s)=>{if(!U[e]&&n){const o=n.getItem(e);o&&(U[e]=JSON.parse(o))}const t=1e3*s;return U[e]&&U[e].timestamp+t>Date.now()?U[e].result:null},Ue=(e,n,s=window.sessionStorage)=>{const t=Date.now();U[e]={result:n,timestamp:t},s&&s.setItem(e,JSON.stringify({result:n,timestamp:t}))};function ke(e){return new TextEncoder().encode(e)}function me(e){return btoa(e).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+/g,"")}function Fe(e){return encodeURIComponent(e).replace(/%([0-9A-F]{2})/g,function(s,t){return String.fromCharCode(parseInt(t,16))})}const ne=e=>{let n="";return e.forEach(function(s){n+=String.fromCharCode(s)}),me(n)};function pe(e){return me(Fe(e))}const Ve={importKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256",hash:{name:"ES256"}},signAlgorithm:{name:"ECDSA",hash:{name:"SHA-256"}},generateKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256"},digestAlgorithm:{name:"SHA-256"},jwtHeaderAlgorithm:"ES256"},Me={sign:e=>async(n,s,t,o,i="dpop+jwt")=>{switch(n=Object.assign({},n),s.typ=i,s.alg=o.jwtHeaderAlgorithm,s.alg){case"ES256":s.jwk={kty:n.kty,crv:n.crv,x:n.x,y:n.y};break;case"RS256":s.jwk={kty:n.kty,n:n.n,e:n.e,kid:s.kid};break;default:throw new Error("Unknown or not implemented JWS algorithm")}const r={protected:pe(JSON.stringify(s)),payload:pe(JSON.stringify(t))},a=o.importKeyAlgorithm,u=!0,d=["sign"],l=await e.crypto.subtle.importKey("jwk",n,a,u,d),c=ke(`${r.protected}.${r.payload}`),_=o.signAlgorithm,h=await e.crypto.subtle.sign(_,l,c);return r.signature=ne(new Uint8Array(h)),`${r.protected}.${r.payload}.${r.signature}`}},Je={generate:e=>async n=>{const s=n,t=!0,o=["sign","verify"],i=await e.crypto.subtle.generateKey(s,t,o);return await e.crypto.subtle.exportKey("jwk",i.privateKey)},neuter:e=>{const n=Object.assign({},e);return delete n.d,n.key_ops=["verify"],n}},Be={thumbprint:e=>async(n,s)=>{let t;switch(n.kty){case"EC":t='{"crv":"CRV","kty":"EC","x":"X","y":"Y"}'.replace("CRV",n.crv).replace("X",n.x).replace("Y",n.y);break;case"RSA":t='{"e":"E","kty":"RSA","n":"N"}'.replace("E",n.e).replace("N",n.n);break;default:throw new Error("Unknown or not implemented JWK type")}const o=await e.crypto.subtle.digest(s,ke(t));return ne(new Uint8Array(o))}},He=e=>async n=>await Je.generate(e)(n),we=e=>n=>async(s,t="POST",o,i={})=>{const r={jti:btoa(je()),htm:t,htu:o,iat:Math.round(Date.now()/1e3),...i},a=await Be.thumbprint(e)(s,n.digestAlgorithm);return await Me.sign(e)(s,{kid:a},r,n)},je=()=>{const e="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx",n="0123456789abcdef";let s=0,t="";for(let o=0;o<36;o++)e[o]!=="-"&&e[o]!=="4"&&(s=Math.random()*16|0),e[o]==="x"?t+=n[s]:e[o]==="y"?(s&=3,s|=8,t+=n[s]):t+=e[o];return t},Ae=()=>{const e=typeof window<"u"&&!!window.crypto,n=e&&!!window.crypto.subtle;return{hasCrypto:e,hasSubtleCrypto:n}},se="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",qe=e=>{const n=[];for(let s=0;s<e.byteLength;s+=1){const t=e[s]%se.length;n.push(se[t])}return n.join("")},te=e=>{const n=new Uint8Array(e),{hasCrypto:s}=Ae();if(s)window.crypto.getRandomValues(n);else for(let t=0;t<e;t+=1)n[t]=Math.random()*se.length|0;return qe(n)};function Ge(e){const n=new ArrayBuffer(e.length),s=new Uint8Array(n);for(let t=0;t<e.length;t++)s[t]=e.charCodeAt(t);return s}function Se(e){return new Promise((n,s)=>{crypto.subtle.digest("SHA-256",Ge(e)).then(t=>n(ne(new Uint8Array(t))),t=>s(t))})}const Ye=e=>{if(e.length<43||e.length>128)return Promise.reject(new Error("Invalid code length."));const{hasSubtleCrypto:n}=Ae();return n?Se(e):Promise.reject(new Error("window.crypto.subtle is unavailable."))},Xe=60*60,ze=e=>async(n,s=Xe,t=window.sessionStorage,o=1e4)=>{const i=`${n}/.well-known/openid-configuration`,r=`oidc.server:${n}`,a=Ke(r,t,s);if(a)return new ae(a);const u=await J(e)(i,{},o);if(u.status!==200)return null;const d=await u.json();return Ue(r,d,t),new ae(d)},J=e=>async(n,s={},t=1e4,o=0)=>{let i;try{const r=new AbortController;setTimeout(()=>r.abort(),t),i=await e(n,{...s,signal:r.signal})}catch(r){if(r.name==="AbortError"||r.message==="Network request failed"){if(o<=1)return await J(e)(n,s,t,o+1);throw r}else throw console.error(r.message),r}return i},oe={refresh_token:"refresh_token",access_token:"access_token"},Te=e=>async(n,s,t=oe.refresh_token,o,i={},r=1e4)=>{const a={token:s,token_type_hint:t,client_id:o};for(const[c,_]of Object.entries(i))a[c]===void 0&&(a[c]=_);const u=[];for(const c in a){const _=encodeURIComponent(c),h=encodeURIComponent(a[c]);u.push(`${_}=${h}`)}const d=u.join("&");return(await J(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:d},r)).status!==200?{success:!1}:{success:!0}},Qe=e=>async(n,s,t,o,i={},r,a=1e4)=>{for(const[h,g]of Object.entries(t))s[h]===void 0&&(s[h]=g);const u=[];for(const h in s){const g=encodeURIComponent(h),w=encodeURIComponent(s[h]);u.push(`${g}=${w}`)}const d=u.join("&"),l=await J(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...i},body:d},a);if(l.status!==200)return{success:!1,status:l.status,demonstratingProofOfPossessionNonce:null};const c=await l.json();let _=null;return l.headers.has(Q)&&(_=l.headers.get(Q)),{success:!0,status:l.status,data:ee(c,o,r),demonstratingProofOfPossessionNonce:_}},Ze=(e,n)=>async(s,t)=>{t=t?{...t}:{};const o=te(128),i=await Ye(o);await e.setCodeVerifierAsync(o),await e.setStateAsync(t.state),t.code_challenge=i,t.code_challenge_method="S256";let r="";if(t)for(const[a,u]of Object.entries(t))r===""?r+="?":r+="&",r+=`${a}=${encodeURIComponent(u)}`;n.open(`${s}${r}`)},Q="DPoP-Nonce",en=e=>async(n,s,t,o,i=1e4)=>{s=s?{...s}:{},s.code_verifier=await e.getCodeVerifierAsync();const r=[];for(const c in s){const _=encodeURIComponent(c),h=encodeURIComponent(s[c]);r.push(`${_}=${h}`)}const a=r.join("&"),u=await J(fetch)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...t},body:a},i);if(await Promise.all([e.setCodeVerifierAsync(null),e.setStateAsync(null)]),u.status!==200)return{success:!1,status:u.status};let d=null;u.headers.has(Q)&&(d=u.headers.get(Q));const l=await u.json();return{success:!0,data:{state:s.state,tokens:ee(l,null,o),demonstratingProofOfPossessionNonce:d}}};async function ve(e,n,s){const t=a=>{e.tokens=a},{tokens:o,status:i}=await Z(e)(0,n,s,t);return await I(e.configuration,e.configurationName)||await O(e.configurationName,e.configuration.storage).setTokens(e.tokens),e.tokens?o:(await e.destroyAsync(i),null)}const nn=async(e,n)=>{const s=await I(n,e.configurationName);if(s){const t=await e.initAsync(n.authority,n.authority_configuration),{tokens:o}=await s.initAsync(t,"tryKeepExistingSessionAsync",n);return o}else{const t=O(e.configurationName,n.storage??sessionStorage);let{tokens:o}=await t.initAsync();return o=Y(o,e.tokens,n.token_renew_mode),o}};async function be(e,n=!1,s=null){const t=e.configuration,o=`${t.client_id}_${e.configurationName}_${t.authority}`;let i;const r=await I(e.configuration,e.configurationName);return(t==null?void 0:t.storage)===(window==null?void 0:window.sessionStorage)&&!r?i=await ve(e,n,s):i=await navigator.locks.request(o,{ifAvailable:!0},async a=>a?await ve(e,n,s):(e.publishEvent(N.eventNames.syncTokensAsync_lock_not_available,{lock:"lock not available"}),await nn(e,t))),i?(e.timeoutId&&(e.timeoutId=B(e,e.tokens.expiresAt,s)),e.tokens):null}const B=(e,n,s=null)=>{const t=e.configuration.refresh_time_before_tokens_expiration_in_second;return M.setTimeout(async()=>{const i={timeLeft:V(t,n)};e.publishEvent(N.eventNames.token_timer,i),await be(e,!1,s)},1e3)},L={FORCE_REFRESH:"FORCE_REFRESH",SESSION_LOST:"SESSION_LOST",NOT_CONNECTED:"NOT_CONNECTED",TOKENS_VALID:"TOKENS_VALID",TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID",LOGOUT_FROM_ANOTHER_TAB:"LOGOUT_FROM_ANOTHER_TAB",REQUIRE_SYNC_TOKENS:"REQUIRE_SYNC_TOKENS"},sn=e=>async(n,s,t,o=!1)=>{const i={nonce:null};if(!t)return{tokens:null,status:"NOT_CONNECTED",nonce:i};let r=i;const a=await e.initAsync(n.authority,n.authority_configuration),u=await I(n,s);if(u){const{status:c,tokens:_}=await u.initAsync(a,"syncTokensAsync",n);if(c==="LOGGED_OUT")return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};if(c==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(!c||!_)return{tokens:null,status:"REQUIRE_SYNC_TOKENS",nonce:i};if(_.issuedAt!==t.issuedAt){const g=V(n.refresh_time_before_tokens_expiration_in_second,_.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",w=await u.getNonceAsync();return{tokens:_,status:g,nonce:w}}r=await u.getNonceAsync()}else{const c=O(s,n.storage??sessionStorage),_=await c.initAsync();let{tokens:h}=_;const{status:g}=_;if(h&&(h=Y(h,e.tokens,n.token_renew_mode)),h){if(g==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(h.issuedAt!==t.issuedAt){const k=V(n.refresh_time_before_tokens_expiration_in_second,h.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",b=await c.getNonceAsync();return{tokens:h,status:k,nonce:b}}}else return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};r=await c.getNonceAsync()}const l=V(n.refresh_time_before_tokens_expiration_in_second,t.expiresAt)>0?"TOKENS_VALID":"TOKENS_INVALID";return o?{tokens:t,status:"FORCE_REFRESH",nonce:r}:{tokens:t,status:l,nonce:r}},Z=e=>async(n=0,s=!1,t=null,o)=>{if(!navigator.onLine&&document.hidden)return{tokens:e.tokens,status:"GIVE_UP"};let i=6;for(;!navigator.onLine&&i>0;)await z({milliseconds:1e3}),i--,e.publishEvent(m.refreshTokensAsync,{message:`wait because navigator is offline try ${i}`});const r=n+1;t||(t={});const a=e.configuration,u=(l,c=null,_=null)=>ie(e.configurationName,e.configuration,e.publishEvent.bind(e))(l,c,_),d=async()=>{try{let l;const c=await I(a,e.configurationName);c?l=c.getLoginParams():l=O(e.configurationName,a.storage).getLoginParams();const _=await u({...l.extras,...t,prompt:"none"});return _?_.error?(o(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent"}),{tokens:null,status:"SESSION_LOST"}):(o(_.tokens),e.publishEvent(N.eventNames.token_renewed,{}),{tokens:_.tokens,status:"LOGGED"}):(o(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent not active"}),{tokens:null,status:"SESSION_LOST"})}catch(l){return console.error(l),e.publishEvent(m.refreshTokensAsync_silent_error,{message:"exceptionSilent",exception:l.message}),await Z(e)(r,s,t,o)}};try{const{status:l,tokens:c,nonce:_}=await sn(e)(a,e.configurationName,e.tokens,s);switch(l){case L.SESSION_LOST:return o(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token session lost"}),{tokens:null,status:"SESSION_LOST"};case L.NOT_CONNECTED:return o(null),{tokens:null,status:null};case L.TOKENS_VALID:return o(c),{tokens:c,status:"LOGGED_IN"};case L.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:return o(c),e.publishEvent(N.eventNames.token_renewed,{reason:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID"}),{tokens:c,status:"LOGGED_IN"};case L.LOGOUT_FROM_ANOTHER_TAB:return o(null),e.publishEvent(m.logout_from_another_tab,{status:"session syncTokensAsync"}),{tokens:null,status:"LOGGED_OUT"};case L.REQUIRE_SYNC_TOKENS:return a.token_automatic_renew_mode==K.AutomaticOnlyWhenFetchExecuted&&L.FORCE_REFRESH!==l?(e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:"GIVE_UP"}):(e.publishEvent(m.refreshTokensAsync_begin,{tryNumber:n}),await d());default:{if(a.token_automatic_renew_mode==K.AutomaticOnlyWhenFetchExecuted&&L.FORCE_REFRESH!==l)return e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:"GIVE_UP"};if(e.publishEvent(m.refreshTokensAsync_begin,{refreshToken:c.refreshToken,status:l,tryNumber:n}),!c.refreshToken)return await d();const h=a.client_id,g=a.redirect_uri,w=a.authority,b={...a.token_request_extras?a.token_request_extras:{}};for(const[A,S]of Object.entries(t))A.endsWith(":token_request")&&(b[A.replace(":token_request","")]=S);return await(async()=>{const A={client_id:h,redirect_uri:g,grant_type:"refresh_token",refresh_token:c.refreshToken},S=await e.initAsync(w,a.authority_configuration),y=document.hidden?1e4:3e4*10,x=S.tokenEndpoint,f={};a.demonstrating_proof_of_possession&&(f.DPoP=await e.generateDemonstrationOfProofOfPossessionAsync(c.accessToken,x,"POST"));const p=await Qe(e.getFetch())(x,A,b,c,f,a.token_renew_mode,y);if(p.success){const{isValid:v,reason:R}=de(p.data,_.nonce,S);if(!v)return o(null),e.publishEvent(m.refreshTokensAsync_error,{message:`refresh token return not valid tokens, reason: ${R}`}),{tokens:null,status:"SESSION_LOST"};if(o(p.data),p.demonstratingProofOfPossessionNonce){const T=await I(a,e.configurationName);T?await T.setDemonstratingProofOfPossessionNonce(p.demonstratingProofOfPossessionNonce):await O(e.configurationName,a.storage).setDemonstratingProofOfPossessionNonce(p.demonstratingProofOfPossessionNonce)}return e.publishEvent(m.refreshTokensAsync_end,{success:p.success}),e.publishEvent(N.eventNames.token_renewed,{reason:"REFRESH_TOKEN"}),{tokens:p.data,status:"LOGGED_IN"}}else return e.publishEvent(m.refreshTokensAsync_silent_error,{message:"bad request",tokenResponse:p}),p.status>=400&&p.status<500?(o(null),e.publishEvent(m.refreshTokensAsync_error,{message:`session lost: ${p.status}`}),{tokens:null,status:"SESSION_LOST"}):await Z(e)(r,s,t,o)})()}}}catch(l){return console.error(l),e.publishEvent(m.refreshTokensAsync_silent_error,{message:"exception",exception:l.message}),new Promise((c,_)=>{setTimeout(()=>{Z(e)(r,s,t,o).then(c).catch(_)},1e3)})}},ie=(e,n,s)=>(t=null,o=null,i=null)=>{if(!n.silent_redirect_uri||!n.silent_login_uri)return Promise.resolve(null);try{s(m.silentLoginAsync_begin,{});let r="";if(o&&(t==null&&(t={}),t.state=o),i&&(t==null&&(t={}),t.scope=i),t!=null)for(const[c,_]of Object.entries(t))r===""?r=`?${encodeURIComponent(c)}=${encodeURIComponent(_)}`:r+=`&${encodeURIComponent(c)}=${encodeURIComponent(_)}`;const a=n.silent_login_uri+r,u=a.indexOf("/",a.indexOf("//")+2),d=a.substring(0,u),l=document.createElement("iframe");return l.width="0px",l.height="0px",l.id=`${e}_oidc_iframe`,l.setAttribute("src",a),document.body.appendChild(l),new Promise((c,_)=>{let h=!1;const g=()=>{window.removeEventListener("message",w),l.remove(),h=!0},w=k=>{if(k.origin===d&&k.source===l.contentWindow){const b=`${e}_oidc_tokens:`,P=`${e}_oidc_error:`,A=`${e}_oidc_exception:`,S=k.data;if(S&&typeof S=="string"&&!h){if(S.startsWith(b)){const y=JSON.parse(k.data.replace(b,""));s(m.silentLoginAsync_end,{}),c(y),g()}else if(S.startsWith(P)){const y=JSON.parse(k.data.replace(P,""));s(m.silentLoginAsync_error,y),c({error:"oidc_"+y.error,tokens:null,sessionState:null}),g()}else if(S.startsWith(A)){const y=JSON.parse(k.data.replace(A,""));s(m.silentLoginAsync_error,y),_(new Error(y.error)),g()}}}};try{window.addEventListener("message",w);const k=n.silent_login_timeout;setTimeout(()=>{h||(g(),s(m.silentLoginAsync_error,{reason:"timeout"}),_(new Error("timeout")))},k)}catch(k){g(),s(m.silentLoginAsync_error,k),_(k)}})}catch(r){throw s(m.silentLoginAsync_error,r),r}},tn=(e,n,s,t,o)=>(i=null,r=void 0)=>{i={...i};const a=(d,l,c)=>ie(n,s,t.bind(o))(d,l,c);return(async()=>{o.timeoutId&&M.clearTimeout(o.timeoutId);let d;i&&"state"in i&&(d=i.state,delete i.state);try{const l=s.extras?{...s.extras,...i}:i,c=await a({...l,prompt:"none"},d,r);if(c)return o.tokens=c.tokens,t(m.token_aquired,{}),o.timeoutId=B(o,o.tokens.expiresAt,i),{}}catch(l){return l}})()},on=(e,n,s)=>(t,o,i,r=!1)=>{const a=(u,d=void 0,l=void 0)=>ie(e.configurationName,s,e.publishEvent.bind(e))(u,d,l);return new Promise((u,d)=>{if(s.silent_login_uri&&s.silent_redirect_uri&&s.monitor_session&&t&&i&&!r){const l=()=>{e.checkSessionIFrame.stop();const c=e.tokens;if(c===null)return;const _=c.idToken,h=c.idTokenPayload;return a({prompt:"none",id_token_hint:_,scope:s.scope||"openid"}).then(g=>{if(g.error)throw new Error(g.error);const w=g.tokens.idTokenPayload;if(h.sub===w.sub){const k=g.sessionState;e.checkSessionIFrame.start(g.sessionState),h.sid===w.sid?console.debug("SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",k):console.debug("SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:",k)}else console.debug("SessionMonitor._callback: Different subject signed into OP:",w.sub)}).catch(async g=>{console.warn("SessionMonitor._callback: Silent login failed, logging out other tabs:",g);for(const[,w]of Object.entries(n))await w.logoutOtherTabAsync(s.client_id,h.sub)})};e.checkSessionIFrame=new Ce(l,o,t),e.checkSessionIFrame.load().then(()=>{e.checkSessionIFrame.start(i),u(e.checkSessionIFrame)}).catch(c=>{d(c)})}else u(null)})},rn=e=>!!(e.os==="iOS"&&e.osVersion.startsWith("12")||e.os==="Mac OS X"&&e.osVersion.startsWith("10_15_6")),an=e=>{const n=e.appVersion,s=e.userAgent,t="-";let o=t;const i=[{s:"Windows 10",r:/(Windows 10.0|Windows NT 10.0)/},{s:"Windows 8.1",r:/(Windows 8.1|Windows NT 6.3)/},{s:"Windows 8",r:/(Windows 8|Windows NT 6.2)/},{s:"Windows 7",r:/(Windows 7|Windows NT 6.1)/},{s:"Windows Vista",r:/Windows NT 6.0/},{s:"Windows Server 2003",r:/Windows NT 5.2/},{s:"Windows XP",r:/(Windows NT 5.1|Windows XP)/},{s:"Windows 2000",r:/(Windows NT 5.0|Windows 2000)/},{s:"Windows ME",r:/(Win 9x 4.90|Windows ME)/},{s:"Windows 98",r:/(Windows 98|Win98)/},{s:"Windows 95",r:/(Windows 95|Win95|Windows_95)/},{s:"Windows NT 4.0",r:/(Windows NT 4.0|WinNT4.0|WinNT|Windows NT)/},{s:"Windows CE",r:/Windows CE/},{s:"Windows 3.11",r:/Win16/},{s:"Android",r:/Android/},{s:"Open BSD",r:/OpenBSD/},{s:"Sun OS",r:/SunOS/},{s:"Chrome OS",r:/CrOS/},{s:"Linux",r:/(Linux|X11(?!.*CrOS))/},{s:"iOS",r:/(iPhone|iPad|iPod)/},{s:"Mac OS X",r:/Mac OS X/},{s:"Mac OS",r:/(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/},{s:"QNX",r:/QNX/},{s:"UNIX",r:/UNIX/},{s:"BeOS",r:/BeOS/},{s:"OS/2",r:/OS\/2/},{s:"Search Bot",r:/(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/}];for(const a in i){const u=i[a];if(u.r.test(s)){o=u.s;break}}let r=t;switch(/Windows/.test(o)&&(r=/Windows (.*)/.exec(o)[1],o="Windows"),o){case"Mac OS":case"Mac OS X":case"Android":r=/(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(s)[1];break;case"iOS":{const a=/OS (\d+)_(\d+)_?(\d+)?/.exec(n);a!=null&&a.length>2&&(r=a[1]+"."+a[2]+"."+(parseInt(a[3])|0));break}}return{os:o,osVersion:r}};function cn(){const e=navigator.userAgent;let n,s=e.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i)||[];if(/trident/i.test(s[1]))return n=/\brv[ :]+(\d+)/g.exec(e)||[],{name:"ie",version:n[1]||""};if(s[1]==="Chrome"&&(n=e.match(/\bOPR|Edge\/(\d+)/),n!=null)){let t=n[1];if(!t){const o=e.split(n[0]+"/");o.length>1&&(t=o[1])}return{name:"opera",version:t}}return s=s[2]?[s[1],s[2]]:[navigator.appName,navigator.appVersion,"-?"],(n=e.match(/version\/(\d+)/i))!=null&&s.splice(1,1,n[1]),{name:s[0].toLowerCase(),version:s[1]}}const ln=()=>{const{name:e,version:n}=cn();if(e==="chrome"&&parseInt(n)<=70||e==="opera"&&(!n||parseInt(n.split(".")[0])<80)||e==="ie")return!1;const s=an(navigator);return!rn(s)},un=async e=>{let n;if(e.tokens!=null)return!1;e.publishEvent(m.tryKeepExistingSessionAsync_begin,{});try{const s=e.configuration,t=await e.initAsync(s.authority,s.authority_configuration);if(n=await I(s,e.configurationName),n){const{tokens:o}=await n.initAsync(t,"tryKeepExistingSessionAsync",s);if(o){n.startKeepAliveServiceWorker(),e.tokens=o;const i=n.getLoginParams(e.configurationName);e.timeoutId=B(e,e.tokens.expiresAt,i.extras);const r=await n.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,r),s.preload_user_info&&await e.userInfoAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside ServiceWorker are valid"}),!0}e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:"no exiting session found"})}else{s.service_worker_relative_url&&e.publishEvent(m.service_worker_not_supported_by_browser,{message:"service worker is not supported by this browser"});const o=O(e.configurationName,s.storage??sessionStorage),{tokens:i}=await o.initAsync();if(i){e.tokens=Y(i,null,s.token_renew_mode);const r=o.getLoginParams();e.timeoutId=B(e,e.tokens.expiresAt,r.extras);const a=await o.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,a),s.preload_user_info&&await e.userInfoAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside storage are valid"}),!0}}return e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:n?"service worker sessions not retrieved":"session storage sessions not retrieved"}),!1}catch(s){return console.error(s),n&&await n.clearAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_error,"tokens inside ServiceWorker are invalid"),!1}},Ee=e=>{const n=e.match(/^([a-z][\w-]+\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/);if(!n)throw new Error("Invalid URL");let s=n[6],t=n[7];if(t){const o=t.split("?");o.length===2&&(t=o[0],s=o[1])}return s.startsWith("?")&&(s=s.slice(1)),n&&{href:e,protocol:n[1],host:n[2],hostname:n[3],port:n[4],path:n[5],search:s,hash:t}},_n=e=>{const n=Ee(e);let{path:s}=n;s.endsWith("/")&&(s=s.slice(0,-1));let{hash:t}=n;return t==="#_=_"&&(t=""),t&&(s+=t),s},H=e=>{const n=Ee(e),{search:s}=n;return fn(s)},fn=e=>{const n={};let s,t,o;const i=e.split("&");for(t=0,o=i.length;t<o;t++)s=i[t].split("="),n[decodeURIComponent(s[0])]=decodeURIComponent(s[1]);return n},dn=(e,n,s,t,o)=>(i=void 0,r=null,a=!1,u=void 0)=>{const d=r;return r={...r},(async()=>{const c=i||o.getPath();if("state"in r||(r.state=te(16)),s(m.loginAsync_begin,{}),r)for(const _ of Object.keys(r))_.endsWith(":token_request")&&delete r[_];try{const _=a?n.silent_redirect_uri:n.redirect_uri;u||(u=n.scope);const h=n.extras?{...n.extras,...r}:r;h.nonce||(h.nonce=te(12));const g={nonce:h.nonce},w=await I(n,e),k=await t(n.authority,n.authority_configuration);let b;if(w)w.setLoginParams({callbackPath:c,extras:d}),await w.initAsync(k,"loginAsync",n),await w.setNonceAsync(g),w.startKeepAliveServiceWorker(),b=w;else{const A=O(e,n.storage??sessionStorage);A.setLoginParams({callbackPath:c,extras:d}),await A.setNonceAsync(g),b=A}const P={client_id:n.client_id,redirect_uri:_,scope:u,response_type:"code",...h};await Ze(b,o)(k.authorizationEndpoint,P)}catch(_){throw s(m.loginAsync_error,_),_}})()},hn=e=>async(n=!1)=>{try{e.publishEvent(m.loginCallbackAsync_begin,{});const s=e.configuration,t=s.client_id,o=n?s.silent_redirect_uri:s.redirect_uri,i=s.authority,r=s.token_request_timeout,a=await e.initAsync(i,s.authority_configuration),u=e.location.getCurrentHref(),l=H(u).session_state,c=await I(s,e.configurationName);let _,h,g,w;if(c)await c.initAsync(a,"loginCallbackAsync",s),await c.setSessionStateAsync(l),h=await c.getNonceAsync(),g=c.getLoginParams(),w=await c.getStateAsync(),c.startKeepAliveServiceWorker(),_=c;else{const T=O(e.configurationName,s.storage??sessionStorage);await T.setSessionStateAsync(l),h=await T.getNonceAsync(),g=T.getLoginParams(),w=await T.getStateAsync(),_=T}const k=H(u);if(k.error||k.error_description)throw new Error(`Error from OIDC server: ${k.error} - ${k.error_description}`);if(k.iss&&k.iss!==a.issuer)throw console.error(),new Error(`Issuer not valid (expected: ${a.issuer}, received: ${k.iss})`);if(k.state&&k.state!==w)throw new Error(`State not valid (expected: ${w}, received: ${k.state})`);const b={code:k.code,grant_type:"authorization_code",client_id:s.client_id,redirect_uri:o},P={};if(s.token_request_extras)for(const[T,q]of Object.entries(s.token_request_extras))P[T]=q;if(g&&g.extras)for(const[T,q]of Object.entries(g.extras))T.endsWith(":token_request")&&(P[T.replace(":token_request","")]=q);const A=a.tokenEndpoint,S={};if(s.demonstrating_proof_of_possession)if(c)S.DPoP=`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;else{const T=await He(window)(s.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm);await O(e.configurationName,s.storage).setDemonstratingProofOfPossessionJwkAsync(T),S.DPoP=await we(window)(s.demonstrating_proof_of_possession_configuration)(T,"POST",A)}const y=await en(_)(A,{...b,...P},S,e.configuration.token_renew_mode,r);if(!y.success)throw new Error("Token request failed");let x;const f=y.data.tokens,p=y.data.demonstratingProofOfPossessionNonce;if(y.data.state!==P.state)throw new Error("state is not valid");const{isValid:v,reason:R}=de(f,h.nonce,a);if(!v)throw new Error(`Tokens are not OpenID valid, reason: ${R}`);if(c){if(f.refreshToken&&!f.refreshToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Refresh token should be hidden by service worker");if(p&&f.accessToken&&f.accessToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Demonstration of proof of possession require Access token not hidden by service worker")}if(c)await c.initAsync(a,"syncTokensAsync",s),x=c.getLoginParams(),p&&await c.setDemonstratingProofOfPossessionNonce(p);else{const T=O(e.configurationName,s.storage);x=T.getLoginParams(),p&&await T.setDemonstratingProofOfPossessionNonce(p)}return await e.startCheckSessionAsync(a.checkSessionIframe,t,l,n),e.publishEvent(m.loginCallbackAsync_end,{}),{tokens:f,state:"request.state",callbackPath:x.callbackPath}}catch(s){throw console.error(s),e.publishEvent(m.loginCallbackAsync_error,s),s}},Pe={access_token:"access_token",refresh_token:"refresh_token"},re=(e,n)=>{const s={};if(e){for(const[t,o]of Object.entries(e))if(t.endsWith(n)){const i=t.replace(n,"");s[i]=o}return s}return s},yn=e=>{const n={};if(e){for(const[s,t]of Object.entries(e))s.includes(":")||(n[s]=t);return n}return n},gn=e=>async n=>{M.clearTimeout(e.timeoutId),e.timeoutId=null,e.checkSessionIFrame&&e.checkSessionIFrame.stop();const s=await I(e.configuration,e.configurationName);s?await s.clearAsync(n):await O(e.configurationName,e.configuration.storage).clearAsync(n),e.tokens=null,e.userInfo=null},kn=(e,n,s,t,o)=>async(i=void 0,r=null)=>{var b,P;const a=e.configuration,u=await e.initAsync(a.authority,a.authority_configuration);i&&typeof i!="string"&&(i=void 0,t.warn("callbackPathOrUrl path is not a string"));const d=i??o.getPath();let l=!1;i&&(l=i.includes("https://")||i.includes("http://"));const c=l?i:o.getOrigin()+d,_=e.tokens?e.tokens.idToken:"";try{const A=u.revocationEndpoint;if(A){const S=[],y=e.tokens?e.tokens.accessToken:null;if(y&&a.logout_tokens_to_invalidate.includes(Pe.access_token)){const f=re(r,":revoke_access_token"),p=Te(s)(A,y,oe.access_token,a.client_id,f);S.push(p)}const x=e.tokens?e.tokens.refreshToken:null;if(x&&a.logout_tokens_to_invalidate.includes(Pe.refresh_token)){const f=re(r,":revoke_refresh_token"),p=Te(s)(A,x,oe.refresh_token,a.client_id,f);S.push(p)}S.length>0&&await Promise.all(S)}}catch(A){t.warn("logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error"),t.warn(A)}const h=((P=(b=e.tokens)==null?void 0:b.idTokenPayload)==null?void 0:P.sub)??null;await e.destroyAsync("LOGGED_OUT");for(const[,A]of Object.entries(n))A!==e?await e.logoutSameTabAsync(e.configuration.client_id,h):e.publishEvent(m.logout_from_same_tab,{});const g=re(r,":oidc");if(g&&g.no_reload==="true")return;const k=yn(r);if(u.endSessionEndpoint){"id_token_hint"in k||(k.id_token_hint=_),!("post_logout_redirect_uri"in k)&&i!==null&&(k.post_logout_redirect_uri=c);let A="";for(const[S,y]of Object.entries(k))y!=null&&(A===""?A+="?":A+="&",A+=`${S}=${encodeURIComponent(y)}`);o.open(`${u.endSessionEndpoint}${A}`)}else o.reload()},Oe=(e,n,s=!1)=>async(...t)=>{var h;const[o,i,...r]=t,a=i?{...i}:{method:"GET"};let u=new Headers;a.headers&&(u=a.headers instanceof Headers?a.headers:new Headers(a.headers));const d={tokens:n.tokens,configuration:{token_automatic_renew_mode:n.configuration.token_automatic_renew_mode},renewTokensAsync:n.renewTokensAsync.bind(n)},l=await fe(d),c=(h=l==null?void 0:l.tokens)==null?void 0:h.accessToken;if(u.has("Accept")||u.set("Accept","application/json"),c){if(n.configuration.demonstrating_proof_of_possession&&s){const g=await n.generateDemonstrationOfProofOfPossessionAsync(c,o.toString(),a.method);u.set("Authorization",`PoP ${c}`),u.set("DPoP",g)}else u.set("Authorization",`Bearer ${c}`);a.credentials||(a.credentials="same-origin")}const _={...a,headers:u};return await e(o,_,...r)},mn=e=>async(n=!1,s=!1)=>{if(e.userInfo!=null&&!n)return e.userInfo;const t=e.configuration,i=(await e.initAsync(t.authority,t.authority_configuration)).userInfoEndpoint,a=await(async()=>{const d=await Oe(fetch,e,s)(i);return d.status!==200?null:d.json()})();return e.userInfo=a,a},Ie=()=>fetch;class ae{constructor(n){this.authorizationEndpoint=n.authorization_endpoint,this.tokenEndpoint=n.token_endpoint,this.revocationEndpoint=n.revocation_endpoint,this.userInfoEndpoint=n.userinfo_endpoint,this.checkSessionIframe=n.check_session_iframe,this.issuer=n.issuer,this.endSessionEndpoint=n.end_session_endpoint}}const D={},pn=(e,n=new W)=>(s,t="default")=>(D[t]||(D[t]=new N(s,t,e,n)),D[t]),wn=async e=>{const{parsedTokens:n,callbackPath:s}=await e.loginCallbackAsync();return e.timeoutId=B(e,n.expiresAt),{callbackPath:s}},An=e=>Math.floor(Math.random()*e),j=class j{constructor(n,s="default",t,o=new W){this.initPromise=null,this.tryKeepExistingSessionPromise=null,this.loginPromise=null,this.loginCallbackPromise=null,this.loginCallbackWithAutoTokensRenewPromise=null,this.userInfoPromise=null,this.renewTokensPromise=null,this.logoutPromise=null;let i=n.silent_login_uri;n.silent_redirect_uri&&!n.silent_login_uri&&(i=`${n.silent_redirect_uri.replace("-callback","").replace("callback","")}-login`);let r=n.refresh_time_before_tokens_expiration_in_second??120;r>60&&(r=r-Math.floor(Math.random()*40)),this.location=o??new W;const a=n.service_worker_update_require_callback??$e(this.location);this.configuration={...n,silent_login_uri:i,token_automatic_renew_mode:n.token_automatic_renew_mode??K.AutomaticBeforeTokenExpiration,monitor_session:n.monitor_session??!1,refresh_time_before_tokens_expiration_in_second:r,silent_login_timeout:n.silent_login_timeout??12e3,token_renew_mode:n.token_renew_mode??G.access_token_or_id_token_invalid,demonstrating_proof_of_possession:n.demonstrating_proof_of_possession??!1,authority_timeout_wellknowurl_in_millisecond:n.authority_timeout_wellknowurl_in_millisecond??1e4,logout_tokens_to_invalidate:n.logout_tokens_to_invalidate??["access_token","refresh_token"],service_worker_update_require_callback:a,service_worker_activate:n.service_worker_activate??ln,demonstrating_proof_of_possession_configuration:n.demonstrating_proof_of_possession_configuration??Ve,preload_user_info:n.preload_user_info??!1},this.getFetch=t??Ie,this.configurationName=s,this.tokens=null,this.userInfo=null,this.events=[],this.timeoutId=null,this.loginCallbackWithAutoTokensRenewAsync.bind(this),this.initAsync.bind(this),this.loginCallbackAsync.bind(this),this.subscribeEvents.bind(this),this.removeEventSubscription.bind(this),this.publishEvent.bind(this),this.destroyAsync.bind(this),this.logoutAsync.bind(this),this.renewTokensAsync.bind(this),this.initAsync(this.configuration.authority,this.configuration.authority_configuration)}subscribeEvents(n){const s=An(9999999999999).toString();return this.events.push({id:s,func:n}),s}removeEventSubscription(n){const s=this.events.filter(t=>t.id!==n);this.events=s}publishEvent(n,s){this.events.forEach(t=>{t.func(n,s)})}static get(n="default"){const s=typeof process>"u";if(!Object.prototype.hasOwnProperty.call(D,n)&&s)throw Error(`OIDC library does seem initialized.
|
|
2
|
+
Please checkout that you are using OIDC hook inside a <OidcProvider configurationName="${n}"></OidcProvider> component.`);return D[n]}_silentLoginCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const n=this.location,s=H(n.getCurrentHref());window.parent.postMessage(`${this.configurationName}_oidc_tokens:${JSON.stringify({tokens:this.tokens,sessionState:s.session_state})}`,n.getOrigin())}}_silentLoginErrorCallbackFromIFrame(n=null){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const s=this.location,t=H(s.getCurrentHref());t.error?window.parent.postMessage(`${this.configurationName}_oidc_error:${JSON.stringify({error:t.error})}`,s.getOrigin()):window.parent.postMessage(`${this.configurationName}_oidc_exception:${JSON.stringify({error:n==null?"":n.toString()})}`,s.getOrigin())}}async silentLoginCallbackAsync(){try{await this.loginCallbackAsync(!0),this._silentLoginCallbackFromIFrame()}catch(n){console.error(n),this._silentLoginErrorCallbackFromIFrame(n)}}async initAsync(n,s){if(this.initPromise!==null)return this.initPromise;const t=async()=>{if(s!=null)return new ae({authorization_endpoint:s.authorization_endpoint,end_session_endpoint:s.end_session_endpoint,revocation_endpoint:s.revocation_endpoint,token_endpoint:s.token_endpoint,userinfo_endpoint:s.userinfo_endpoint,check_session_iframe:s.check_session_iframe,issuer:s.issuer});const i=await I(this.configuration,this.configurationName)?window.localStorage:null;return await ze(this.getFetch())(n,this.configuration.authority_time_cache_wellknowurl_in_second??60*60,i,this.configuration.authority_timeout_wellknowurl_in_millisecond)};return this.initPromise=t(),this.initPromise.finally(()=>{this.initPromise=null})}async tryKeepExistingSessionAsync(){return this.tryKeepExistingSessionPromise!==null?this.tryKeepExistingSessionPromise:(this.tryKeepExistingSessionPromise=un(this),this.tryKeepExistingSessionPromise.finally(()=>{this.tryKeepExistingSessionPromise=null}))}async startCheckSessionAsync(n,s,t,o=!1){await on(this,D,this.configuration)(n,s,t,o)}async loginAsync(n=void 0,s=null,t=!1,o=void 0,i=!1){return this.logoutPromise&&await this.logoutPromise,this.loginPromise!==null?this.loginPromise:i?tn(window,this.configurationName,this.configuration,this.publishEvent.bind(this),this)(s,o):(this.loginPromise=dn(this.configurationName,this.configuration,this.publishEvent.bind(this),this.initAsync.bind(this),this.location)(n,s,t,o),this.loginPromise.finally(()=>{this.loginPromise=null}))}async loginCallbackAsync(n=!1){if(this.loginCallbackPromise!==null)return this.loginCallbackPromise;const s=async()=>{const t=await hn(this)(n),o=t.tokens;return this.tokens=o,await I(this.configuration,this.configurationName)||O(this.configurationName,this.configuration.storage).setTokens(o),this.publishEvent(j.eventNames.token_aquired,o),this.configuration.preload_user_info&&await this.userInfoAsync(),{parsedTokens:o,state:t.state,callbackPath:t.callbackPath}};return this.loginCallbackPromise=s(),this.loginCallbackPromise.finally(()=>{this.loginCallbackPromise=null})}async generateDemonstrationOfProofOfPossessionAsync(n,s,t,o={}){const i=this.configuration,r={ath:await Se(n),...o};if(await I(i,this.configurationName))return`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${this.configurationName}`;const u=O(this.configurationName,i.storage),d=await u.getDemonstratingProofOfPossessionJwkAsync(),l=u.getDemonstratingProofOfPossessionNonce();return l&&(r.nonce=l),await we(window)(i.demonstrating_proof_of_possession_configuration)(d,t,s,r)}loginCallbackWithAutoTokensRenewAsync(){return this.loginCallbackWithAutoTokensRenewPromise!==null?this.loginCallbackWithAutoTokensRenewPromise:(this.loginCallbackWithAutoTokensRenewPromise=wn(this),this.loginCallbackWithAutoTokensRenewPromise.finally(()=>{this.loginCallbackWithAutoTokensRenewPromise=null}))}userInfoAsync(n=!1,s=!1){return this.userInfoPromise!==null?this.userInfoPromise:(this.userInfoPromise=mn(this)(n,s),this.userInfoPromise.finally(()=>{this.userInfoPromise=null}))}async renewTokensAsync(n=null){if(this.renewTokensPromise!==null)return this.renewTokensPromise;if(this.timeoutId)return M.clearTimeout(this.timeoutId),this.renewTokensPromise=be(this,!0,n),this.renewTokensPromise.finally(()=>{this.renewTokensPromise=null})}async destroyAsync(n){return await gn(this)(n)}async logoutSameTabAsync(n,s){this.configuration.monitor_session&&this.configuration.client_id===n&&s&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===s&&(await this.destroyAsync("LOGGED_OUT"),this.publishEvent(m.logout_from_same_tab,{mmessage:"SessionMonitor",sub:s}))}async logoutOtherTabAsync(n,s){this.configuration.monitor_session&&this.configuration.client_id===n&&s&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===s&&(await this.destroyAsync("LOGGED_OUT"),this.publishEvent(m.logout_from_another_tab,{message:"SessionMonitor",sub:s}))}async logoutAsync(n=void 0,s=null){return this.logoutPromise?this.logoutPromise:(this.logoutPromise=kn(this,D,this.getFetch(),console,this.location)(n,s),this.logoutPromise.finally(()=>{this.logoutPromise=null}))}};j.getOrCreate=(n,s)=>(t,o="default")=>pn(n,s)(t,o),j.eventNames=m;let N=j;const F=class F{constructor(n){this._oidc=n}subscribeEvents(n){return this._oidc.subscribeEvents(n)}removeEventSubscription(n){this._oidc.removeEventSubscription(n)}publishEvent(n,s){this._oidc.publishEvent(n,s)}static get(n="default"){return new F(N.get(n))}tryKeepExistingSessionAsync(){return this._oidc.tryKeepExistingSessionAsync()}loginAsync(n=void 0,s=null,t=!1,o=void 0,i=!1){return this._oidc.loginAsync(n,s,t,o,i)}logoutAsync(n=void 0,s=null){return this._oidc.logoutAsync(n,s)}silentLoginCallbackAsync(){return this._oidc.silentLoginCallbackAsync()}renewTokensAsync(n=null){return this._oidc.renewTokensAsync(n)}loginCallbackAsync(){return this._oidc.loginCallbackWithAutoTokensRenewAsync()}get tokens(){return this._oidc.tokens}get configuration(){return this._oidc.configuration}async generateDemonstrationOfProofOfPossessionAsync(n,s,t,o={}){return this._oidc.generateDemonstrationOfProofOfPossessionAsync(n,s,t,o)}async getValidTokenAsync(n=200,s=50){return fe(this._oidc,n,s)}fetchWithTokens(n,s=!1){return Oe(n,this._oidc,s)}async userInfoAsync(n=!1,s=!1){return this._oidc.userInfoAsync(n,s)}userInfo(){return this._oidc.userInfo}};F.getOrCreate=(n,s=new W)=>(t,o="default")=>new F(N.getOrCreate(n,s)(t,o)),F.eventNames=N.eventNames;let ce=F;C.OidcClient=ce,C.OidcLocation=W,C.TokenAutomaticRenewMode=K,C.TokenRenewMode=G,C.getFetchDefault=Ie,C.getParseQueryStringFromLocation=H,C.getPath=_n,Object.defineProperty(C,Symbol.toStringTag,{value:"Module"})});
|
package/dist/initSession.d.ts
CHANGED
|
@@ -19,7 +19,7 @@ export declare const initSession: (configurationName: any, storage?: Storage) =>
|
|
|
19
19
|
getCodeVerifierAsync: () => Promise<any>;
|
|
20
20
|
setCodeVerifierAsync: (codeVerifier: any) => Promise<void>;
|
|
21
21
|
setDemonstratingProofOfPossessionNonce: (dpopNonce: string) => Promise<void>;
|
|
22
|
-
getDemonstratingProofOfPossessionNonce: () =>
|
|
22
|
+
getDemonstratingProofOfPossessionNonce: () => string;
|
|
23
23
|
setDemonstratingProofOfPossessionJwkAsync: (jwk: JsonWebKey) => void;
|
|
24
24
|
getDemonstratingProofOfPossessionJwkAsync: () => any;
|
|
25
25
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"initSession.d.ts","sourceRoot":"","sources":["../src/initSession.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,WAAW;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"initSession.d.ts","sourceRoot":"","sources":["../src/initSession.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,WAAW;;;;;;;;;;;;;;;;;2BAoFc,MAAM;;;wDAxCuB,MAAM;kDAIpB,MAAM;qDAjBD,UAAU;;CAqFnE,CAAC"}
|
package/dist/initWorker.d.ts
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
|
-
import { OidcConfiguration } from './types.js';
|
|
2
1
|
import { ILOidcLocation } from './location';
|
|
2
|
+
import { OidcConfiguration } from './types.js';
|
|
3
3
|
|
|
4
4
|
export declare const sleepAsync: ({ milliseconds }: {
|
|
5
5
|
milliseconds: any;
|
|
6
6
|
}) => Promise<unknown>;
|
|
7
|
-
export declare const defaultServiceWorkerUpdateRequireCallback: (location: ILOidcLocation) => (registration: any, stopKeepAlive:
|
|
7
|
+
export declare const defaultServiceWorkerUpdateRequireCallback: (location: ILOidcLocation) => (registration: any, stopKeepAlive: () => void) => Promise<void>;
|
|
8
8
|
export declare const initWorkerAsync: (configuration: any, configurationName: any) => Promise<{
|
|
9
9
|
clearAsync: (status: any) => Promise<any>;
|
|
10
10
|
initAsync: (oidcServerConfiguration: any, where: any, oidcConfiguration: OidcConfiguration) => Promise<{
|
package/dist/initWorker.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"initWorker.d.ts","sourceRoot":"","sources":["../src/initWorker.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"initWorker.d.ts","sourceRoot":"","sources":["../src/initWorker.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAG5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAK/C,eAAO,MAAM,UAAU,qBAAsB;IAAE,YAAY,EAAE,GAAG,CAAA;CAAE,qBAEjE,CAAC;AAuCF,eAAO,MAAM,yCAAyC,aACzC,cAAc,oBAA0B,GAAG,iBAAiB,MAAM,IAAI,kBAOhF,CAAC;AAqBJ,eAAO,MAAM,eAAe;;6EAgDL,iBAAiB;;;;;;yCAwCM,MAAM;;;;;;;;;2BAuHd,MAAM;;yCA4BQ,MAAM;kFAtFjB,MAAM;;mFAmBR,UAAU;;EAoGhD,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"initWorkerOption.d.ts","sourceRoot":"","sources":["../src/initWorkerOption.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"initWorkerOption.d.ts","sourceRoot":"","sources":["../src/initWorkerOption.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,qBAAqB,EAAE,MAAM,SAAS,CAAC;AAEhD,eAAO,MAAM,SAAS,mCAQrB,CAAC;AACF,eAAO,MAAM,kBAAkB;;;CA0E9B,CAAC;AAmCF,eAAO,MAAM,qBAAqB,EAAE,qBAmBnC,CAAC"}
|
package/dist/jwt.d.ts
CHANGED
|
@@ -2,10 +2,10 @@ import { DemonstratingProofOfPossessionConfiguration } from './types';
|
|
|
2
2
|
|
|
3
3
|
export declare const uint8ToUrlBase64: (uint8: Uint8Array) => string;
|
|
4
4
|
export declare const defaultDemonstratingProofOfPossessionConfiguration: DemonstratingProofOfPossessionConfiguration;
|
|
5
|
-
export declare
|
|
5
|
+
export declare const JWT: {
|
|
6
6
|
sign: (w: any) => (jwk: any, headers: any, claims: any, demonstratingProofOfPossessionConfiguration: DemonstratingProofOfPossessionConfiguration, jwtHeaderType?: string) => Promise<string>;
|
|
7
7
|
};
|
|
8
|
-
export declare
|
|
8
|
+
export declare const JWK: {
|
|
9
9
|
thumbprint: (w: any) => (jwk: any, digestAlgorithm: AlgorithmIdentifier) => Promise<string>;
|
|
10
10
|
};
|
|
11
11
|
export declare const generateJwkAsync: (w: any) => (generateKeyAlgorithm: RsaHashedKeyGenParams | EcKeyGenParams) => Promise<any>;
|
package/dist/jwt.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../src/jwt.ts"],"names":[],"mappings":"AAMA,OAAO,
|
|
1
|
+
{"version":3,"file":"jwt.d.ts","sourceRoot":"","sources":["../src/jwt.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,2CAA2C,EAAE,MAAM,SAAS,CAAC;AAgCtE,eAAO,MAAM,gBAAgB,UAAW,UAAU,WAOjD,CAAC;AAUF,eAAO,MAAM,kDAAkD,EAAE,2CAc9D,CAAC;AAuEJ,eAAO,MAAM,GAAG;cAnEV,GAAG,wFAKwC,2CAA2C;CA8DjE,CAAC;AAqD5B,eAAO,MAAM,GAAG;oBAtBO,GAAG,iCAAkC,mBAAmB;CAsB9C,CAAC;AAElC,eAAO,MAAM,gBAAgB,MACvB,GAAG,4BAAkC,qBAAqB,GAAG,cAAc,iBAO9E,CAAC;AAEJ,eAAO,MAAM,8CAA8C,MACrD,GAAG,mDACuC,2CAA2C,qCACvD,MAAM,uCAuBvC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"keepSession.d.ts","sourceRoot":"","sources":["../src/keepSession.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"keepSession.d.ts","sourceRoot":"","sources":["../src/keepSession.ts"],"names":[],"mappings":"AAGA,OAAO,IAAI,MAAM,QAAQ,CAAC;AAI1B,eAAO,MAAM,mBAAmB,SAAgB,IAAI,qBA+FnD,CAAC"}
|
package/dist/location.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"location.d.ts","sourceRoot":"","sources":["../src/location.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"location.d.ts","sourceRoot":"","sources":["../src/location.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,cAAc;IAC7B,IAAI,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,MAAM,IAAI,IAAI,CAAC;IACf,cAAc,IAAI,MAAM,CAAC;IACzB,OAAO,IAAI,MAAM,CAAC;IAClB,SAAS,IAAI,MAAM,CAAC;CACrB;AAED,qBAAa,YAAa,YAAW,cAAc;IACjD,IAAI,CAAC,GAAG,EAAE,MAAM;IAIhB,MAAM;IAIN,cAAc;IAId,OAAO;IAKP,SAAS,IAAI,MAAM;CAGpB"}
|
package/dist/login.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
-
import { OidcConfiguration, StringMap } from './types.js';
|
|
2
1
|
import { ILOidcLocation } from './location';
|
|
3
2
|
import { default as Oidc } from './oidc';
|
|
3
|
+
import { OidcConfiguration, StringMap } from './types.js';
|
|
4
4
|
|
|
5
5
|
export declare const defaultLoginAsync: (configurationName: string, configuration: OidcConfiguration, publishEvent: (string, any) => void, initAsync: Function, oidcLocation: ILOidcLocation) => (callbackPath?: string, extras?: StringMap, isSilentSignin?: boolean, scope?: string) => Promise<void>;
|
|
6
6
|
export declare const loginCallbackAsync: (oidc: Oidc) => (isSilentSignin?: boolean) => Promise<{
|
package/dist/login.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../src/login.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../src/login.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAC5C,OAAO,IAAI,MAAM,QAAQ,CAAC;AAI1B,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAG1D,eAAO,MAAM,iBAAiB,sBAEP,MAAM,iBACV,iBAAiB,gBAClB,CAAC,MAAM,EAAE,GAAG,KAAK,IAAI,aACxB,QAAQ,gBACL,cAAc,qBAGd,MAAM,WACZ,SAAS,oCAEV,MAAM,kBAqEd,CAAC;AAEJ,eAAO,MAAM,kBAAkB,SACtB,IAAI;;;;EAoLV,CAAC"}
|
package/dist/logout.d.ts
CHANGED
package/dist/logout.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"logout.d.ts","sourceRoot":"","sources":["../src/logout.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"logout.d.ts","sourceRoot":"","sources":["../src/logout.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAG5C,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEvC,eAAO,MAAM,gBAAgB;;;CAG5B,CAAC;AA6BF,eAAO,MAAM,YAAY,+CAexB,CAAC;AAEF,eAAO,MAAM,WAAW,wEAC4B,cAAc,0BACtC,MAAM,GAAG,IAAI,GAAG,SAAS,WAAsB,SAAS,kBA4GjF,CAAC"}
|
package/dist/oidc.d.ts
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { CheckSessionIFrame } from './checkSessionIFrame.js';
|
|
2
|
+
import { ILOidcLocation } from './location';
|
|
2
3
|
import { Tokens } from './parseTokens.js';
|
|
3
4
|
import { AuthorityConfiguration, Fetch, OidcConfiguration, StringMap } from './types.js';
|
|
4
|
-
import { ILOidcLocation } from './location';
|
|
5
5
|
|
|
6
6
|
export declare const getFetchDefault: () => typeof fetch;
|
|
7
7
|
export interface OidcAuthorizationServiceConfigurationJson {
|
package/dist/oidc.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["../src/oidc.ts"],"names":[],"mappings":";AACA,OAAO,
|
|
1
|
+
{"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["../src/oidc.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAW7D,OAAO,EAAE,cAAc,EAAgB,MAAM,YAAY,CAAC;AAG1D,OAAO,EAAkB,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAM1D,OAAO,EACL,sBAAsB,EACtB,KAAK,EACL,iBAAiB,EACjB,SAAS,EAEV,MAAM,YAAY,CAAC;AAGpB,eAAO,MAAM,eAAe,oBAE3B,CAAC;AAEF,MAAM,WAAW,yCAAyC;IACxD,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,qBAAa,qCAAqC;IAChD,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,qBAAqB,CAAS;IACtC,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,kBAAkB,CAAS;gBAEvB,OAAO,EAAE,GAAG;CASzB;AAYD,MAAM,MAAM,aAAa,GAAG;IAC1B,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAYF,qBAAa,IAAI;IACR,aAAa,EAAE,iBAAiB,CAAC;IACjC,QAAQ,EAAE,IAAI,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,QAAQ,EAAE,MAAM,KAAK,CAAC;IACtB,QAAQ,EAAE,cAAc,CAAC;gBAE9B,aAAa,EAAE,iBAAiB,EAChC,iBAAiB,QAAY,EAC7B,QAAQ,EAAE,MAAM,KAAK,EACrB,QAAQ,GAAE,cAAmC;IA6D/C,eAAe,CAAC,IAAI,KAAA,GAAG,MAAM;IAM7B,uBAAuB,CAAC,EAAE,KAAA,GAAG,IAAI;IAKjC,YAAY,CAAC,SAAS,KAAA,EAAE,IAAI,KAAA;IAM5B,MAAM,CAAC,WAAW,aACL,MAAM,KAAK,YAAY,cAAc,gDAG9C;IAEJ,MAAM,CAAC,GAAG,CAAC,IAAI,SAAY;IAS3B,MAAM,CAAC,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAAc;IAE/B,8BAA8B;IAW9B,mCAAmC,CAAC,SAAS,MAAO;IAkB9C,wBAAwB;IAU9B,WAAW,MAAQ;IACb,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,sBAAsB,EAAE,sBAAsB;IAoCjF,6BAA6B,MAAQ;IAC/B,2BAA2B,IAAI,OAAO,CAAC,OAAO,CAAC;IAU/C,sBAAsB,CAC1B,qBAAqB,KAAA,EACrB,QAAQ,KAAA,EACR,YAAY,KAAA,EACZ,cAAc,UAAQ;IAUxB,YAAY,EAAE,OAAO,CAAC,IAAI,CAAC,CAAQ;IAC7B,UAAU,CACd,YAAY,GAAE,MAAkB,EAChC,MAAM,GAAE,SAAgB,EACxB,cAAc,UAAQ,EACtB,KAAK,GAAE,MAAkB,EACzB,eAAe,UAAQ;IA8BzB,oBAAoB,EAAE,OAAO,CAAC,GAAG,CAAC,CAAQ;IACpC,kBAAkB,CAAC,aAAa,UAAQ;IA6BxC,6CAA6C,CACjD,WAAW,EAAE,MAAM,EACnB,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,MAAM,EACd,MAAM,GAAE,SAAc,GACrB,OAAO,CAAC,MAAM,CAAC;IA0BlB,uCAAuC,EAAE,OAAO,CAAC,aAAa,CAAC,CAAQ;IACvE,qCAAqC,IAAI,OAAO,CAAC,aAAa,CAAC;IAU/D,eAAe,EAAE,OAAO,CAAC,GAAG,CAAC,CAAQ;IACrC,aAAa,CAAC,OAAO,UAAQ,EAAE,iCAAiC,UAAQ;IAUxE,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,CAAQ;IAElC,gBAAgB,CAAC,MAAM,GAAE,SAAgB;IAezC,YAAY,CAAC,MAAM,KAAA;IAInB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAe7C,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAepD,aAAa,EAAE,OAAO,CAAC,IAAI,CAAC,CAAQ;IAC9B,WAAW,CACf,iBAAiB,GAAE,MAAM,GAAG,IAAI,GAAG,SAAqB,EACxD,MAAM,GAAE,SAAgB;CAgB3B;AAED,eAAe,IAAI,CAAC"}
|
package/dist/oidcClient.d.ts
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
|
+
import { ILOidcLocation } from './location';
|
|
1
2
|
import { LoginCallback, Oidc } from './oidc.js';
|
|
2
3
|
import { Tokens, ValidToken } from './parseTokens.js';
|
|
3
4
|
import { Fetch, OidcConfiguration, StringMap } from './types.js';
|
|
4
|
-
import { ILOidcLocation } from './location';
|
|
5
5
|
|
|
6
6
|
export interface EventSubscriber {
|
|
7
7
|
(name: string, data: any): any;
|
|
8
8
|
}
|
|
9
9
|
export declare class OidcClient {
|
|
10
|
-
private _oidc;
|
|
10
|
+
private readonly _oidc;
|
|
11
11
|
constructor(oidc: Oidc);
|
|
12
12
|
subscribeEvents(func: EventSubscriber): string;
|
|
13
13
|
removeEventSubscription(id: string): void;
|
package/dist/oidcClient.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidcClient.d.ts","sourceRoot":"","sources":["../src/oidcClient.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"oidcClient.d.ts","sourceRoot":"","sources":["../src/oidcClient.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAgB,MAAM,YAAY,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAChD,OAAO,EAAsB,MAAM,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC1E,OAAO,EAAE,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEjE,MAAM,WAAW,eAAe;IAC9B,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAE;CAC3B;AAED,qBAAa,UAAU;IACrB,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAO;gBACjB,IAAI,EAAE,IAAI;IAItB,eAAe,CAAC,IAAI,EAAE,eAAe,GAAG,MAAM;IAI9C,uBAAuB,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI;IAIzC,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,IAAI;IAIhD,MAAM,CAAC,WAAW,aACL,MAAM,KAAK,aAAY,cAAc,qBAChC,iBAAiB,oBAAqB,UAAU,CAE9D;IAEJ,MAAM,CAAC,GAAG,CAAC,IAAI,SAAY,GAAG,UAAU;IAIxC,MAAM,CAAC,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAAmB;IACpC,2BAA2B,IAAI,OAAO,CAAC,OAAO,CAAC;IAI/C,UAAU,CACR,YAAY,GAAE,MAAkB,EAChC,MAAM,GAAE,SAAgB,EACxB,cAAc,UAAQ,EACtB,KAAK,GAAE,MAAkB,EACzB,eAAe,UAAQ,GACtB,OAAO,CAAC,OAAO,CAAC;IAInB,WAAW,CACT,iBAAiB,GAAE,MAAM,GAAG,IAAI,GAAG,SAAqB,EACxD,MAAM,GAAE,SAAgB,GACvB,OAAO,CAAC,IAAI,CAAC;IAIhB,wBAAwB,IAAI,OAAO,CAAC,IAAI,CAAC;IAIzC,gBAAgB,CAAC,MAAM,GAAE,SAAgB,GAAG,OAAO,CAAC,IAAI,CAAC;IAIzD,kBAAkB,IAAI,OAAO,CAAC,aAAa,CAAC;IAI5C,IAAI,MAAM,IAAI,MAAM,CAEnB;IAED,IAAI,aAAa,IAAI,iBAAiB,CAErC;IAEK,6CAA6C,CACjD,WAAW,EAAE,MAAM,EACnB,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,MAAM,EACd,MAAM,GAAE,SAAc,GACrB,OAAO,CAAC,MAAM,CAAC;IASZ,kBAAkB,CAAC,MAAM,SAAM,EAAE,UAAU,SAAK,GAAG,OAAO,CAAC,UAAU,CAAC;IAI5E,eAAe,CAAC,KAAK,EAAE,KAAK,EAAE,iCAAiC,GAAE,OAAe,GAAG,KAAK;IAIlF,aAAa,CAAC,CAAC,SAAS,YAAY,GAAG,YAAY,EACvD,OAAO,UAAQ,EACf,iCAAiC,GAAE,OAAe,GACjD,OAAO,CAAC,CAAC,CAAC;IAIb,QAAQ,CAAC,CAAC,SAAS,YAAY,GAAG,YAAY,KAAK,CAAC;CAGrD;AAED,MAAM,WAAW,YAAY;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC,OAAO,CAAC,EAAE,gBAAgB,CAAC;IAC3B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parseTokens.d.ts","sourceRoot":"","sources":["../src/parseTokens.ts"],"names":[],"mappings":"AACA,OAAO,
|
|
1
|
+
{"version":3,"file":"parseTokens.d.ts","sourceRoot":"","sources":["../src/parseTokens.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,uBAAuB,EAAE,MAAM,SAAS,CAAC;AAQ7D,eAAO,MAAM,QAAQ,YAAa,MAAM,QAC2C,CAAC;AAsBpF,MAAM,MAAM,MAAM,GAAG;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,GAAG,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,kBAAkB,EAAE,GAAG,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,gCAAgC,EAAE,MAAM,CAAC;IACzC,oBAAoB,EAAE,MAAM,CAAC;IAC7B,gBAAgB,EAAE,MAAM,CAAC;CAC1B,CAAC;AAEF,eAAO,MAAM,cAAc;;;;CAI1B,CAAC;AAkBF,eAAO,MAAM,SAAS,gDAA8C,MAAM,KAAG,MA8D5E,CAAC;AAEF,eAAO,MAAM,mBAAmB,gDAAuC,MAAM,WAkC5E,CAAC;AAEF,eAAO,MAAM,eAAe,4EAM3B,CAAC;AAEF,eAAO,MAAM,aAAa,0BAKzB,CAAC;AAEF,MAAM,MAAM,UAAU,GAAG;IACvB,aAAa,EAAE,OAAO,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,WAAW,SAAS;IACxB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE;QAAE,0BAA0B,CAAC,EAAE,uBAAuB,CAAA;KAAE,CAAC;IACxE,gBAAgB,EAAE,CAAC,MAAM,EAAE,SAAS,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACxD;AAED,eAAO,MAAM,kBAAkB,SACvB,SAAS,2CAGd,QAAQ,UAAU,CAuBpB,CAAC;AAIF,eAAO,MAAM,iBAAiB;;;CAuC7B,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"renewTokens.d.ts","sourceRoot":"","sources":["../src/renewTokens.ts"],"names":[],"mappings":";
|
|
1
|
+
{"version":3,"file":"renewTokens.d.ts","sourceRoot":"","sources":["../src/renewTokens.ts"],"names":[],"mappings":";AAGA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAiD,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAIzF,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAA2B,MAAM,YAAY,CAAC;AAmDnF,wBAAsB,6BAA6B,CACjD,IAAI,KAAA,EACJ,YAAY,UAAQ,EACpB,MAAM,GAAE,SAAgB,gBAgCzB;AAED,eAAO,MAAM,eAAe,SAAU,IAAI,2BAAqB,SAAS,mBASvE,CAAC;AAEF,eAAO,MAAM,uBAAuB;;;;;;;;CAQnC,CAAC;AAEF,eAAO,MAAM,mBAAmB,SACvB,IAAI,qBAEM,iBAAiB,qBACb,MAAM,iBACV,MAAM;;;;;;EA4EtB,CAAC"}
|
package/dist/requests.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
|
+
import { ILOidcLocation } from './location';
|
|
1
2
|
import { OidcAuthorizationServiceConfiguration } from './oidc.js';
|
|
2
3
|
import { Fetch, StringMap } from './types.js';
|
|
3
|
-
import { ILOidcLocation } from './location';
|
|
4
4
|
|
|
5
5
|
export declare const fetchFromIssuer: (fetch: any) => (openIdIssuerUrl: string, timeCacheSecond?: number, storage?: Storage, timeoutMs?: number) => Promise<OidcAuthorizationServiceConfiguration>;
|
|
6
6
|
export declare const TOKEN_TYPE: {
|
package/dist/requests.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"requests.d.ts","sourceRoot":"","sources":["../src/requests.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"requests.d.ts","sourceRoot":"","sources":["../src/requests.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAC5C,OAAO,EAAE,qCAAqC,EAAE,MAAM,WAAW,CAAC;AAElE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAG9C,eAAO,MAAM,eAAe,oCAGP,MAAM,sEAItB,QAAQ,qCAAqC,CAkB/C,CAAC;AAyBJ,eAAO,MAAM,UAAU;;;CAGtB,CAAC;AAEF,eAAO,MAAM,6BAA6B,sFAO9B,SAAS;;EAuClB,CAAC;AAEJ,KAAK,2BAA2B,GAAG;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,GAAG,CAAC;IACX,mCAAmC,CAAC,EAAE,MAAM,CAAC;CAC9C,CAAC;AAEF,eAAO,MAAM,wBAAwB,UAC3B,KAAK,WAEN,MAAM,gFAKK,MAAM,yBAErB,QAAQ,2BAA2B,CAgDrC,CAAC;AAEJ,eAAO,MAAM,gCAAgC,YACjC,GAAG,gBAAgB,cAAc,wBAAyB,SAAS,kBAoB5E,CAAC;AAGJ,eAAO,MAAM,6BAA6B,YAC9B,GAAG,yEAC8C,MAAM;;;;;;;;;;;;EAyChE,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"silentLogin.d.ts","sourceRoot":"","sources":["../src/silentLogin.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAG1C,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAC1D,MAAM,MAAM,mBAAmB,GAAG;
|
|
1
|
+
{"version":3,"file":"silentLogin.d.ts","sourceRoot":"","sources":["../src/silentLogin.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAG1C,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAC1D,MAAM,MAAM,mBAAmB,GAAG;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAGF,eAAO,MAAM,iBAAiB,sBACR,MAAM,iBAAiB,iBAAiB,gBAAgB,QAAQ,eAE1E,SAAS,UACV,MAAM,UACN,MAAM,KACZ,QAAQ,mBAAmB,CAsG7B,CAAC;AAEJ,eAAO,MAAM,uBAAuB,uDAIjB,iBAAiB,gBAClB,CAAC,MAAM,EAAE,GAAG,KAAK,IAAI,QAC7B,GAAG,eAEF,SAAS,UAAgB,MAAM,qBA6CvC,CAAC;AAEJ,eAAe,uBAAuB,CAAC"}
|
package/dist/timer.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"timer.d.ts","sourceRoot":"","sources":["../src/timer.ts"],"names":[],"mappings":"AAAA,QAAA,MAAM,KAAK;;;;;
|
|
1
|
+
{"version":3,"file":"timer.d.ts","sourceRoot":"","sources":["../src/timer.ts"],"names":[],"mappings":"AAAA,QAAA,MAAM,KAAK;;;;;CAUP,CAAC;AAEL,eAAe,KAAK,CAAC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
export type Fetch = typeof window.fetch;
|
|
2
2
|
export type LogoutToken = 'access_token' | 'refresh_token';
|
|
3
|
-
export type ServiceWorkerUpdateRequireCallback = (registration: any, stopKeepAlive:
|
|
3
|
+
export type ServiceWorkerUpdateRequireCallback = (registration: any, stopKeepAlive: () => void) => Promise<void>;
|
|
4
4
|
export type ServiceWorkerRegister = (serviceWorkerRelativeUrl: string) => Promise<ServiceWorkerRegistration>;
|
|
5
5
|
export type ServiceWorkerActivate = () => boolean;
|
|
6
6
|
export declare enum TokenAutomaticRenewMode {
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,KAAK,GAAG,OAAO,MAAM,CAAC,KAAK,CAAC;AAExC,MAAM,MAAM,WAAW,GAAG,cAAc,GAAG,eAAe,CAAC;AAE3D,MAAM,MAAM,kCAAkC,GAAG,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,KAAK,GAAG,OAAO,MAAM,CAAC,KAAK,CAAC;AAExC,MAAM,MAAM,WAAW,GAAG,cAAc,GAAG,eAAe,CAAC;AAE3D,MAAM,MAAM,kCAAkC,GAAG,CAC/C,YAAY,EAAE,GAAG,EACjB,aAAa,EAAE,MAAM,IAAI,KACtB,OAAO,CAAC,IAAI,CAAC,CAAC;AACnB,MAAM,MAAM,qBAAqB,GAAG,CAClC,wBAAwB,EAAE,MAAM,KAC7B,OAAO,CAAC,yBAAyB,CAAC,CAAC;AACxC,MAAM,MAAM,qBAAqB,GAAG,MAAM,OAAO,CAAC;AAElD,oBAAY,uBAAuB;IACjC,8BAA8B,oCAAoC;IAClE,8BAA8B,mCAAmC;CAClE;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,0CAA0C,CAAC,EAAE,MAAM,CAAC;IACpD,4CAA4C,CAAC,EAAE,MAAM,CAAC;IACtD,uBAAuB,CAAC,EAAE,sBAAsB,CAAC;IACjD,+CAA+C,CAAC,EAAE,MAAM,CAAC;IACzD,0BAA0B,CAAC,EAAE,uBAAuB,CAAC;IACrD,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,2BAA2B,CAAC,EAAE,MAAM,CAAC;IACrC,uBAAuB,CAAC,EAAE,qBAAqB,CAAC;IAChD,8BAA8B,CAAC,EAAE,MAAM,CAAC;IACxC,uBAAuB,CAAC,EAAE,qBAAqB,CAAC;IAChD,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,2CAA2C,CAAC,EAAE,OAAO,CAAC;IACtD,sCAAsC,CAAC,EAAE,kCAAkC,CAAC;IAC5E,MAAM,CAAC,EAAE,SAAS,CAAC;IACnB,oBAAoB,CAAC,EAAE,SAAS,CAAC;IACjC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,2BAA2B,CAAC,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;IACjD,iCAAiC,CAAC,EAAE,OAAO,CAAC;IAC5C,+CAA+C,CAAC,EAAE,2CAA2C,CAAC;IAC9F,iBAAiB,CAAC,EAAE,OAAO,CAAC;CAC7B,CAAC;AAEF,MAAM,WAAW,2CAA2C;IAC1D,oBAAoB,EAAE,qBAAqB,GAAG,cAAc,CAAC;IAC7D,eAAe,EAAE,mBAAmB,CAAC;IACrC,kBAAkB,EACd,mBAAmB,GACnB,qBAAqB,GACrB,iBAAiB,GACjB,gBAAgB,GAChB,eAAe,CAAC;IACpB,aAAa,EAAE,mBAAmB,GAAG,YAAY,GAAG,WAAW,CAAC;IAChE,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,SAAS;IACxB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,sBAAsB;IACrC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,cAAc,EAAE,MAAM,CAAC;IACvB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;CAChB"}
|
package/dist/user.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"user.d.ts","sourceRoot":"","sources":["../src/user.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"user.d.ts","sourceRoot":"","sources":["../src/user.ts"],"names":[],"mappings":"AACA,OAAO,IAAI,MAAM,QAAQ,CAAC;AAE1B,eAAO,MAAM,aAAa,SACjB,IAAI,qFAsBV,CAAC"}
|
package/dist/version.d.ts
CHANGED
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@axa-fr/oidc-client",
|
|
3
|
-
"version": "7.22.
|
|
3
|
+
"version": "7.22.19",
|
|
4
4
|
"private": false,
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.umd.cjs",
|
|
@@ -20,7 +20,7 @@
|
|
|
20
20
|
"url": "https://github.com/AxaFrance/oidc-client.git"
|
|
21
21
|
},
|
|
22
22
|
"dependencies": {
|
|
23
|
-
"@axa-fr/oidc-client-service-worker": "7.22.
|
|
23
|
+
"@axa-fr/oidc-client-service-worker": "7.22.19"
|
|
24
24
|
},
|
|
25
25
|
"devDependencies": {
|
|
26
26
|
"@testing-library/dom": "10.1.0",
|