@axa-fr/oidc-client 7.22.22 → 7.22.24

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (29) hide show
  1. package/dist/checkSession.d.ts +0 -1
  2. package/dist/crypto.d.ts.map +1 -1
  3. package/dist/fetch.d.ts +0 -1
  4. package/dist/index.js +4 -6
  5. package/dist/index.umd.cjs +1 -1
  6. package/dist/initWorker.d.ts +1 -2
  7. package/dist/initWorker.d.ts.map +1 -1
  8. package/dist/initWorkerOption.d.ts +0 -1
  9. package/dist/jwt.d.ts +0 -1
  10. package/dist/keepSession.d.ts +0 -1
  11. package/dist/login.d.ts +1 -2
  12. package/dist/login.d.ts.map +1 -1
  13. package/dist/logout.d.ts +0 -1
  14. package/dist/oidc.d.ts +0 -1
  15. package/dist/oidc.d.ts.map +1 -1
  16. package/dist/oidcClient.d.ts +0 -1
  17. package/dist/parseTokens.d.ts +0 -1
  18. package/dist/parseTokens.d.ts.map +1 -1
  19. package/dist/renewTokens.d.ts +0 -1
  20. package/dist/renewTokens.d.ts.map +1 -1
  21. package/dist/requests.d.ts +0 -1
  22. package/dist/requests.d.ts.map +1 -1
  23. package/dist/silentLogin.d.ts +1 -2
  24. package/dist/silentLogin.d.ts.map +1 -1
  25. package/dist/user.d.ts +0 -1
  26. package/dist/version.d.ts +1 -1
  27. package/package.json +12 -12
  28. package/src/initWorker.ts +5 -2
  29. package/src/version.ts +1 -1
package/dist/checkSession.d.ts CHANGED
@@ -1,6 +1,5 @@
1
1
  import { CheckSessionIFrame } from './checkSessionIFrame.js';
2
2
  import { default as Oidc } from './oidc';
3
3
  import { OidcConfiguration } from './types.js';
4
-
5
4
  export declare const startCheckSessionAsync: (oidc: Oidc, oidcDatabase: any, configuration: OidcConfiguration) => (checkSessionIFrameUri: any, clientId: any, sessionState: any, isSilentSignin?: boolean) => Promise<CheckSessionIFrame>;
6
5
  //# sourceMappingURL=checkSession.d.ts.map
package/dist/crypto.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":"AAkBA,eAAO,MAAM,cAAc,SAAU,MAAM,WAY1C,CAAC;AAEF,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,cAQzC;AAED,wBAAgB,mCAAmC,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CASjF;AAED,eAAO,MAAM,oBAAoB,SAAU,MAAM,KAAG,QAAQ,MAAM,CAUjE,CAAC"}
1
+ {"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../src/crypto.ts"],"names":[],"mappings":"AAkBA,eAAO,MAAM,cAAc,SAAU,MAAM,WAY1C,CAAC;AAEF,wBAAgB,cAAc,CAAC,GAAG,EAAE,MAAM,cAQzC;AAED,wBAAgB,mCAAmC,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CASjF;AAED,eAAO,MAAM,oBAAoB,SAAU,MAAM,KAAG,OAAO,CAAC,MAAM,CAUjE,CAAC"}
package/dist/fetch.d.ts CHANGED
@@ -1,5 +1,4 @@
1
1
  import { default as Oidc } from './oidc';
2
2
  import { Fetch } from './types';
3
-
4
3
  export declare const fetchWithTokens: (fetch: Fetch, oidc: Oidc | null, demonstrating_proof_of_possession?: boolean) => Fetch;
5
4
  //# sourceMappingURL=fetch.d.ts.map
package/dist/index.js CHANGED
@@ -144,8 +144,7 @@ function xe(e, s, n) {
144
144
  if (e.issuedAt) {
145
145
  if (typeof e.issuedAt == "string")
146
146
  return parseInt(e.issuedAt, 10);
147
- } else
148
- return s && s.iat ? s.iat : n && n.iat ? n.iat : (/* @__PURE__ */ new Date()).getTime() / 1e3;
147
+ } else return s && s.iat ? s.iat : n && n.iat ? n.iat : (/* @__PURE__ */ new Date()).getTime() / 1e3;
149
148
  return e.issuedAt;
150
149
  }
151
150
  const X = (e, s = null, n) => {
@@ -243,7 +242,7 @@ const X = (e, s = null, n) => {
243
242
  setInterval: setInterval.bind(e),
244
243
  clearInterval: clearInterval.bind(e)
245
244
  };
246
- }(), ue = "7.22.22";
245
+ }(), ue = "7.22.24";
247
246
  let _e = null, j;
248
247
  const z = ({ milliseconds: e }) => new Promise((s) => M.setTimeout(s, e)), pe = (e = "/") => {
249
248
  try {
@@ -286,7 +285,7 @@ const z = ({ milliseconds: e }) => new Promise((s) => M.setTimeout(s, e)), pe =
286
285
  if (typeof window > "u" || typeof navigator > "u" || !navigator.serviceWorker || !n || e.service_worker_activate() === !1)
287
286
  return null;
288
287
  let t = null;
289
- e.register ? t = await e.service_worker_register(n) : t = await navigator.serviceWorker.register(n);
288
+ e.service_worker_register ? t = await e.service_worker_register(n) : t = await navigator.serviceWorker.register(n);
290
289
  try {
291
290
  await navigator.serviceWorker.ready, navigator.serviceWorker.controller || await O(t)({ type: "claim" });
292
291
  } catch {
@@ -780,8 +779,7 @@ const J = (e, s, n = null) => {
780
779
  ) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", b = await c.getNonceAsync();
781
780
  return { tokens: d, status: k, nonce: b };
782
781
  }
783
- } else
784
- return { tokens: null, status: "LOGOUT_FROM_ANOTHER_TAB", nonce: i };
782
+ } else return { tokens: null, status: "LOGOUT_FROM_ANOTHER_TAB", nonce: i };
785
783
  r = await c.getNonceAsync();
786
784
  }
787
785
  const l = U(
package/dist/index.umd.cjs CHANGED
@@ -1,2 +1,2 @@
1
- (function(C,x){typeof exports=="object"&&typeof module<"u"?x(exports):typeof define=="function"&&define.amd?define(["exports"],x):(C=typeof globalThis<"u"?globalThis:C||self,x(C["oidc-client"]={}))})(this,function(C){"use strict";class x{open(n){window.location.href=n}reload(){window.location.reload()}getCurrentHref(){return window.location.href}getPath(){const n=window.location;return n.pathname+(n.search||"")+(n.hash||"")}getOrigin(){return window.origin}}const le=2e3,R=console;class Ce{constructor(n,s,t,o=le,i=!0){this._callback=n,this._client_id=s,this._url=t,this._interval=o||le,this._stopOnError=i;const r=t.indexOf("/",t.indexOf("//")+2);this._frame_origin=t.substring(0,r),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.style.display="none",this._frame.width=0,this._frame.height=0,this._frame.src=t}load(){return new Promise(n=>{this._frame.onload=()=>{n()},window.document.body.appendChild(this._frame),this._boundMessageEvent=this._message.bind(this),window.addEventListener("message",this._boundMessageEvent,!1)})}_message(n){n.origin===this._frame_origin&&n.source===this._frame.contentWindow&&(n.data==="error"?(R.error("CheckSessionIFrame: error message from check session op iframe"),this._stopOnError&&this.stop()):n.data==="changed"?(R.debug(n),R.debug("CheckSessionIFrame: changed message from check session op iframe"),this.stop(),this._callback()):R.debug("CheckSessionIFrame: "+n.data+" message from check session op iframe"))}start(n){R.debug("CheckSessionIFrame.start :"+n),this.stop();const s=()=>{this._frame.contentWindow.postMessage(this._client_id+" "+n,this._frame_origin)};s(),this._timer=window.setInterval(s,this._interval)}stop(){this._timer&&(R.debug("CheckSessionIFrame.stop"),window.clearInterval(this._timer),this._timer=null)}}const m={service_worker_not_supported_by_browser:"service_worker_not_supported_by_browser",token_acquired:"token_acquired",logout_from_another_tab:"logout_from_another_tab",logout_from_same_tab:"logout_from_same_tab",token_renewed:"token_renewed",token_timer:"token_timer",loginAsync_begin:"loginAsync_begin",loginAsync_error:"loginAsync_error",loginCallbackAsync_begin:"loginCallbackAsync_begin",loginCallbackAsync_end:"loginCallbackAsync_end",loginCallbackAsync_error:"loginCallbackAsync_error",refreshTokensAsync_begin:"refreshTokensAsync_begin",refreshTokensAsync:"refreshTokensAsync",refreshTokensAsync_end:"refreshTokensAsync_end",refreshTokensAsync_error:"refreshTokensAsync_error",refreshTokensAsync_silent_error:"refreshTokensAsync_silent_error",tryKeepExistingSessionAsync_begin:"tryKeepExistingSessionAsync_begin",tryKeepExistingSessionAsync_end:"tryKeepExistingSessionAsync_end",tryKeepExistingSessionAsync_error:"tryKeepExistingSessionAsync_error",silentLoginAsync_begin:"silentLoginAsync_begin",silentLoginAsync:"silentLoginAsync",silentLoginAsync_end:"silentLoginAsync_end",silentLoginAsync_error:"silentLoginAsync_error",syncTokensAsync_begin:"syncTokensAsync_begin",syncTokensAsync_lock_not_available:"syncTokensAsync_lock_not_available",syncTokensAsync_end:"syncTokensAsync_end",syncTokensAsync_error:"syncTokensAsync_error",tokensInvalidAndWaitingActionsToRefresh:"tokensInvalidAndWaitingActionsToRefresh"},P=(e,n=sessionStorage)=>{const s=h=>(n[`oidc.${e}`]=JSON.stringify({tokens:null,status:h}),Promise.resolve()),t=async()=>{if(!n[`oidc.${e}`])return n[`oidc.${e}`]=JSON.stringify({tokens:null,status:null}),{tokens:null,status:null};const h=JSON.parse(n[`oidc.${e}`]);return Promise.resolve({tokens:h.tokens,status:h.status})},o=h=>{n[`oidc.${e}`]=JSON.stringify({tokens:h})},i=async h=>{n[`oidc.session_state.${e}`]=h},r=async()=>n[`oidc.session_state.${e}`],a=h=>{n[`oidc.nonce.${e}`]=h.nonce},u=h=>{n[`oidc.jwk.${e}`]=JSON.stringify(h)},f=()=>JSON.parse(n[`oidc.jwk.${e}`]),l=async()=>({nonce:n[`oidc.nonce.${e}`]}),c=async h=>{n[`oidc.dpop_nonce.${e}`]=h},_=()=>n[`oidc.dpop_nonce.${e}`],d=()=>n[`oidc.${e}`]?JSON.stringify({tokens:JSON.parse(n[`oidc.${e}`]).tokens}):null,y={};return{clearAsync:s,initAsync:t,setTokens:o,getTokens:d,setSessionStateAsync:i,getSessionStateAsync:r,setNonceAsync:a,getNonceAsync:l,setLoginParams:h=>{y[e]=h,n[`oidc.login.${e}`]=JSON.stringify(h)},getLoginParams:()=>{const h=n[`oidc.login.${e}`];return h?(y[e]||(y[e]=JSON.parse(h)),y[e]):(console.warn(`storage[oidc.login.${e}] is empty, you should have an bad OIDC or code configuration somewhere.`),null)},getStateAsync:async()=>n[`oidc.state.${e}`],setStateAsync:async h=>{n[`oidc.state.${e}`]=h},getCodeVerifierAsync:async()=>n[`oidc.code_verifier.${e}`],setCodeVerifierAsync:async h=>{n[`oidc.code_verifier.${e}`]=h},setDemonstratingProofOfPossessionNonce:c,getDemonstratingProofOfPossessionNonce:_,setDemonstratingProofOfPossessionJwkAsync:u,getDemonstratingProofOfPossessionJwkAsync:f}};var $=(e=>(e.AutomaticBeforeTokenExpiration="AutomaticBeforeTokensExpiration",e.AutomaticOnlyWhenFetchExecuted="AutomaticOnlyWhenFetchExecuted",e))($||{});const Ne=e=>decodeURIComponent(Array.prototype.map.call(atob(e),n=>"%"+("00"+n.charCodeAt(0).toString(16)).slice(-2)).join("")),xe=e=>JSON.parse(Ne(e.replaceAll(/-/g,"+").replaceAll(/_/g,"/"))),ue=e=>{try{return e&&We(e,".")===2?xe(e.split(".")[1]):null}catch(n){console.warn(n)}return null},We=(e,n)=>e.split(n).length-1,G={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"};function Le(e,n,s){if(e.issuedAt){if(typeof e.issuedAt=="string")return parseInt(e.issuedAt,10)}else return n&&n.iat?n.iat:s&&s.iat?s.iat:new Date().getTime()/1e3;return e.issuedAt}const Y=(e,n=null,s)=>{if(!e)return null;let t;const o=typeof e.expiresIn=="string"?parseInt(e.expiresIn,10):e.expiresIn;e.accessTokenPayload!==void 0?t=e.accessTokenPayload:t=ue(e.accessToken);let i;n!=null&&"idToken"in n&&!("idToken"in e)?i=n.idToken:i=e.idToken;const r=e.idTokenPayload?e.idTokenPayload:ue(i),a=r&&r.exp?r.exp:Number.MAX_VALUE,u=t&&t.exp?t.exp:e.issuedAt+o;e.issuedAt=Le(e,t,r);let f;e.expiresAt?f=e.expiresAt:s===G.access_token_invalid?f=u:s===G.id_token_invalid?f=a:f=a<u?a:u;const l={...e,idTokenPayload:r,accessTokenPayload:t,expiresAt:f,idToken:i};if(n!=null&&"refreshToken"in n&&!("refreshToken"in e)){const c=n.refreshToken;return{...l,refreshToken:c}}return l},ee=(e,n,s)=>{if(!e)return null;if(!e.issued_at){const o=new Date().getTime()/1e3;e.issued_at=o}const t={accessToken:e.access_token,expiresIn:e.expires_in,idToken:e.id_token,scope:e.scope,tokenType:e.token_type,issuedAt:e.issued_at};return"refresh_token"in e&&(t.refreshToken=e.refresh_token),e.accessTokenPayload!==void 0&&(t.accessTokenPayload=e.accessTokenPayload),e.idTokenPayload!==void 0&&(t.idTokenPayload=e.idTokenPayload),Y(t,n,s)},V=(e,n)=>{const s=new Date().getTime()/1e3,t=n-s;return Math.round(t-e)},_e=e=>e?V(0,e.expiresAt)>0:!1,fe=async(e,n=200,s=50)=>{let t=s;if(!e.tokens)return null;for(;!_e(e.tokens)&&t>0;){if(e.configuration.token_automatic_renew_mode==$.AutomaticOnlyWhenFetchExecuted){await e.renewTokensAsync({});break}else await z({milliseconds:n});t=t-1}return{isTokensValid:_e(e.tokens),tokens:e.tokens,numberWaited:t-s}},de=(e,n,s)=>{if(e.idTokenPayload){const t=e.idTokenPayload;if(s.issuer!==t.iss)return{isValid:!1,reason:`Issuer does not match (oidcServerConfiguration issuer) ${s.issuer} !== (idTokenPayload issuer) ${t.iss}`};const o=new Date().getTime()/1e3;if(t.exp&&t.exp<o)return{isValid:!1,reason:`Token expired (idTokenPayload exp) ${t.exp} < (currentTimeUnixSecond) ${o}`};const i=60*60*24*7;if(t.iat&&t.iat+i<o)return{isValid:!1,reason:`Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${t.iat+i} < (currentTimeUnixSecond) ${o}`};if(t.nonce&&t.nonce!==n)return{isValid:!1,reason:`Nonce does not match (idTokenPayload nonce) ${t.nonce} !== (nonce) ${n}`}}return{isValid:!0,reason:""}},M=function(){const e=typeof window>"u"?global:window;return{setTimeout:setTimeout.bind(e),clearTimeout:clearTimeout.bind(e),setInterval:setInterval.bind(e),clearInterval:clearInterval.bind(e)}}(),he="7.22.22";let ye=null,X;const z=({milliseconds:e})=>new Promise(n=>M.setTimeout(n,e)),ge=(e="/")=>{try{X=new AbortController,fetch(`${e}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`,{signal:X.signal}).catch(t=>{console.log(t)}),z({milliseconds:150*1e3}).then(ge)}catch(n){console.log(n)}},De=()=>{X&&X.abort()},Re=(e="/")=>fetch(`${e}OidcKeepAliveServiceWorker.json`,{headers:{"oidc-vanilla":"true"}}).then(n=>n.statusText==="oidc-service-worker").catch(n=>{console.log(n)}),$e=e=>async(n,s)=>{s(),await n.update();const t=await n.unregister();console.log(`Service worker unregistration ${t?"successful":"failed"}`),await z({milliseconds:2e3}),e.reload()},Ke=e=>{const n=sessionStorage.getItem(`oidc.tabId.${e}`);if(n)return n;const s=globalThis.crypto.randomUUID();return sessionStorage.setItem(`oidc.tabId.${e}`,s),s},E=e=>n=>new Promise(function(s,t){const o=new MessageChannel;o.port1.onmessage=function(i){i!=null&&i.data.error?t(i.data.error):s(i.data),o.port1.close(),o.port2.close()},e.active.postMessage({...n,tabId:Ke(n.configurationName)},[o.port2])}),I=async(e,n)=>{const s=e.service_worker_relative_url;if(typeof window>"u"||typeof navigator>"u"||!navigator.serviceWorker||!s||e.service_worker_activate()===!1)return null;let t=null;e.register?t=await e.service_worker_register(s):t=await navigator.serviceWorker.register(s);try{await navigator.serviceWorker.ready,navigator.serviceWorker.controller||await E(t)({type:"claim"})}catch{return null}const o=async g=>E(t)({type:"clear",data:{status:g},configurationName:n}),i=async(g,A,S)=>{const D=await E(t)({type:"init",data:{oidcServerConfiguration:g,where:A,oidcConfiguration:{token_renew_mode:S.token_renew_mode,service_worker_convert_all_requests_to_cors:S.service_worker_convert_all_requests_to_cors}},configurationName:n}),F=D.version;return F!==he&&(console.warn(`Service worker ${F} version mismatch with js client version ${he}, unregistering and reloading`),await S.service_worker_update_require_callback(t,De)),{tokens:ee(D.tokens,null,S.token_renew_mode),status:D.status}},r=(g="/")=>{ye==null&&(ye="not_null",ge(g))},a=g=>E(t)({type:"setSessionState",data:{sessionState:g},configurationName:n}),u=async()=>(await E(t)({type:"getSessionState",data:null,configurationName:n})).sessionState,f=g=>(sessionStorage[`oidc.nonce.${n}`]=g.nonce,E(t)({type:"setNonce",data:{nonce:g},configurationName:n})),l=async()=>{let A=(await E(t)({type:"getNonce",data:null,configurationName:n})).nonce;return A||(A=sessionStorage[`oidc.nonce.${n}`],console.warn("nonce not found in service worker, using sessionStorage")),{nonce:A}},c={};return{clearAsync:o,initAsync:i,startKeepAliveServiceWorker:()=>r(e.service_worker_keep_alive_path),isServiceWorkerProxyActiveAsync:()=>Re(e.service_worker_keep_alive_path),setSessionStateAsync:a,getSessionStateAsync:u,setNonceAsync:f,getNonceAsync:l,setLoginParams:g=>{c[n]=g,localStorage[`oidc.login.${n}`]=JSON.stringify(g)},getLoginParams:()=>{const g=localStorage[`oidc.login.${n}`];return c[n]||(c[n]=JSON.parse(g)),c[n]},getStateAsync:async()=>{let A=(await E(t)({type:"getState",data:null,configurationName:n})).state;return A||(A=sessionStorage[`oidc.state.${n}`],console.warn("state not found in service worker, using sessionStorage")),A},setStateAsync:async g=>(sessionStorage[`oidc.state.${n}`]=g,E(t)({type:"setState",data:{state:g},configurationName:n})),getCodeVerifierAsync:async()=>{let A=(await E(t)({type:"getCodeVerifier",data:null,configurationName:n})).codeVerifier;return A||(A=sessionStorage[`oidc.code_verifier.${n}`],console.warn("codeVerifier not found in service worker, using sessionStorage")),A},setCodeVerifierAsync:async g=>(sessionStorage[`oidc.code_verifier.${n}`]=g,E(t)({type:"setCodeVerifier",data:{codeVerifier:g},configurationName:n})),setDemonstratingProofOfPossessionNonce:async g=>{await E(t)({type:"setDemonstratingProofOfPossessionNonce",data:{demonstratingProofOfPossessionNonce:g},configurationName:n})},getDemonstratingProofOfPossessionNonce:async()=>(await E(t)({type:"getDemonstratingProofOfPossessionNonce",data:null,configurationName:n})).demonstratingProofOfPossessionNonce,setDemonstratingProofOfPossessionJwkAsync:async g=>{const A=JSON.stringify(g);await E(t)({type:"setDemonstratingProofOfPossessionJwk",data:{demonstratingProofOfPossessionJwkJson:A},configurationName:n})},getDemonstratingProofOfPossessionJwkAsync:async()=>{const g=await E(t)({type:"getDemonstratingProofOfPossessionJwk",data:null,configurationName:n});return g.demonstratingProofOfPossessionJwkJson?JSON.parse(g.demonstratingProofOfPossessionJwkJson):null}}},K={},Ue=(e,n=window.sessionStorage,s)=>{if(!K[e]&&n){const o=n.getItem(e);o&&(K[e]=JSON.parse(o))}const t=1e3*s;return K[e]&&K[e].timestamp+t>Date.now()?K[e].result:null},Fe=(e,n,s=window.sessionStorage)=>{const t=Date.now();K[e]={result:n,timestamp:t},s&&s.setItem(e,JSON.stringify({result:n,timestamp:t}))};function ke(e){return new TextEncoder().encode(e)}function me(e){return btoa(e).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+/g,"")}function Ve(e){return encodeURIComponent(e).replace(/%([0-9A-F]{2})/g,function(s,t){return String.fromCharCode(parseInt(t,16))})}const ne=e=>{let n="";return e.forEach(function(s){n+=String.fromCharCode(s)}),me(n)};function pe(e){return me(Ve(e))}const Me={importKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256",hash:{name:"ES256"}},signAlgorithm:{name:"ECDSA",hash:{name:"SHA-256"}},generateKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256"},digestAlgorithm:{name:"SHA-256"},jwtHeaderAlgorithm:"ES256"},Je={sign:e=>async(n,s,t,o,i="dpop+jwt")=>{switch(n=Object.assign({},n),s.typ=i,s.alg=o.jwtHeaderAlgorithm,s.alg){case"ES256":s.jwk={kty:n.kty,crv:n.crv,x:n.x,y:n.y};break;case"RS256":s.jwk={kty:n.kty,n:n.n,e:n.e,kid:s.kid};break;default:throw new Error("Unknown or not implemented JWS algorithm")}const r={protected:pe(JSON.stringify(s)),payload:pe(JSON.stringify(t))},a=o.importKeyAlgorithm,u=!0,f=["sign"],l=await e.crypto.subtle.importKey("jwk",n,a,u,f),c=ke(`${r.protected}.${r.payload}`),_=o.signAlgorithm,d=await e.crypto.subtle.sign(_,l,c);return r.signature=ne(new Uint8Array(d)),`${r.protected}.${r.payload}.${r.signature}`}},Be={generate:e=>async n=>{const s=n,t=!0,o=["sign","verify"],i=await e.crypto.subtle.generateKey(s,t,o);return await e.crypto.subtle.exportKey("jwk",i.privateKey)},neuter:e=>{const n=Object.assign({},e);return delete n.d,n.key_ops=["verify"],n}},He={thumbprint:e=>async(n,s)=>{let t;switch(n.kty){case"EC":t='{"crv":"CRV","kty":"EC","x":"X","y":"Y"}'.replace("CRV",n.crv).replace("X",n.x).replace("Y",n.y);break;case"RSA":t='{"e":"E","kty":"RSA","n":"N"}'.replace("E",n.e).replace("N",n.n);break;default:throw new Error("Unknown or not implemented JWK type")}const o=await e.crypto.subtle.digest(s,ke(t));return ne(new Uint8Array(o))}},je=e=>async n=>await Be.generate(e)(n),we=e=>n=>async(s,t="POST",o,i={})=>{const r={jti:btoa(qe()),htm:t,htu:o,iat:Math.round(Date.now()/1e3),...i},a=await He.thumbprint(e)(s,n.digestAlgorithm);return await Je.sign(e)(s,{kid:a},r,n)},qe=()=>{const e="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx",n="0123456789abcdef";let s=0,t="";for(let o=0;o<36;o++)e[o]!=="-"&&e[o]!=="4"&&(s=Math.random()*16|0),e[o]==="x"?t+=n[s]:e[o]==="y"?(s&=3,s|=8,t+=n[s]):t+=e[o];return t},Ae=()=>{const e=typeof window<"u"&&!!window.crypto,n=e&&!!window.crypto.subtle;return{hasCrypto:e,hasSubtleCrypto:n}},se="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",Ge=e=>{const n=[];for(let s=0;s<e.byteLength;s+=1){const t=e[s]%se.length;n.push(se[t])}return n.join("")},te=e=>{const n=new Uint8Array(e),{hasCrypto:s}=Ae();if(s)window.crypto.getRandomValues(n);else for(let t=0;t<e;t+=1)n[t]=Math.random()*se.length|0;return Ge(n)};function Ye(e){const n=new ArrayBuffer(e.length),s=new Uint8Array(n);for(let t=0;t<e.length;t++)s[t]=e.charCodeAt(t);return s}function Se(e){return new Promise((n,s)=>{crypto.subtle.digest("SHA-256",Ye(e)).then(t=>n(ne(new Uint8Array(t))),t=>s(t))})}const Xe=e=>{if(e.length<43||e.length>128)return Promise.reject(new Error("Invalid code length."));const{hasSubtleCrypto:n}=Ae();return n?Se(e):Promise.reject(new Error("window.crypto.subtle is unavailable."))},ze=60*60,Qe=e=>async(n,s=ze,t=window.sessionStorage,o=1e4)=>{const i=`${n}/.well-known/openid-configuration`,r=`oidc.server:${n}`,a=Ue(r,t,s);if(a)return new ae(a);const u=await J(e)(i,{},o);if(u.status!==200)return null;const f=await u.json();return Fe(r,f,t),new ae(f)},J=e=>async(n,s={},t=1e4,o=0)=>{let i;try{const r=new AbortController;setTimeout(()=>r.abort(),t),i=await e(n,{...s,signal:r.signal})}catch(r){if(r.name==="AbortError"||r.message==="Network request failed"){if(o<=1)return await J(e)(n,s,t,o+1);throw r}else throw console.error(r.message),r}return i},oe={refresh_token:"refresh_token",access_token:"access_token"},Te=e=>async(n,s,t=oe.refresh_token,o,i={},r=1e4)=>{const a={token:s,token_type_hint:t,client_id:o};for(const[c,_]of Object.entries(i))a[c]===void 0&&(a[c]=_);const u=[];for(const c in a){const _=encodeURIComponent(c),d=encodeURIComponent(a[c]);u.push(`${_}=${d}`)}const f=u.join("&");return(await J(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:f},r)).status!==200?{success:!1}:{success:!0}},Ze=e=>async(n,s,t,o,i={},r,a=1e4)=>{for(const[d,y]of Object.entries(t))s[d]===void 0&&(s[d]=y);const u=[];for(const d in s){const y=encodeURIComponent(d),p=encodeURIComponent(s[d]);u.push(`${y}=${p}`)}const f=u.join("&"),l=await J(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...i},body:f},a);if(l.status!==200)return{success:!1,status:l.status,demonstratingProofOfPossessionNonce:null};const c=await l.json();let _=null;return l.headers.has(Q)&&(_=l.headers.get(Q)),{success:!0,status:l.status,data:ee(c,o,r),demonstratingProofOfPossessionNonce:_}},en=(e,n)=>async(s,t)=>{t=t?{...t}:{};const o=te(128),i=await Xe(o);await e.setCodeVerifierAsync(o),await e.setStateAsync(t.state),t.code_challenge=i,t.code_challenge_method="S256";let r="";if(t)for(const[a,u]of Object.entries(t))r===""?r+="?":r+="&",r+=`${a}=${encodeURIComponent(u)}`;n.open(`${s}${r}`)},Q="DPoP-Nonce",nn=e=>async(n,s,t,o,i=1e4)=>{s=s?{...s}:{},s.code_verifier=await e.getCodeVerifierAsync();const r=[];for(const c in s){const _=encodeURIComponent(c),d=encodeURIComponent(s[c]);r.push(`${_}=${d}`)}const a=r.join("&"),u=await J(fetch)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...t},body:a},i);if(await Promise.all([e.setCodeVerifierAsync(null),e.setStateAsync(null)]),u.status!==200)return{success:!1,status:u.status};let f=null;u.headers.has(Q)&&(f=u.headers.get(Q));const l=await u.json();return{success:!0,data:{state:s.state,tokens:ee(l,null,o),demonstratingProofOfPossessionNonce:f}}};async function ve(e,n,s){const t=a=>{e.tokens=a},{tokens:o,status:i}=await Z(e)(t,0,n,s);return await I(e.configuration,e.configurationName)||await P(e.configurationName,e.configuration.storage).setTokens(e.tokens),e.tokens?o:(await e.destroyAsync(i),null)}const sn=async(e,n)=>{const s=await I(n,e.configurationName);if(s){const t=await e.initAsync(n.authority,n.authority_configuration),{tokens:o}=await s.initAsync(t,"tryKeepExistingSessionAsync",n);return o}else{const t=P(e.configurationName,n.storage??sessionStorage);let{tokens:o}=await t.initAsync();return o=Y(o,e.tokens,n.token_renew_mode),o}};async function be(e,n=!1,s=null){const t=e.configuration,o=`${t.client_id}_${e.configurationName}_${t.authority}`;let i;const r=await I(e.configuration,e.configurationName);return(t==null?void 0:t.storage)===(window==null?void 0:window.sessionStorage)&&!r?i=await ve(e,n,s):i=await navigator.locks.request(o,{ifAvailable:!0},async a=>a?await ve(e,n,s):(e.publishEvent(N.eventNames.syncTokensAsync_lock_not_available,{lock:"lock not available"}),await sn(e,t))),i?(e.timeoutId&&(e.timeoutId=B(e,e.tokens.expiresAt,s)),e.tokens):null}const B=(e,n,s=null)=>{const t=e.configuration.refresh_time_before_tokens_expiration_in_second;return M.setTimeout(async()=>{const i={timeLeft:V(t,n)};e.publishEvent(N.eventNames.token_timer,i),await be(e,!1,s)},1e3)},W={FORCE_REFRESH:"FORCE_REFRESH",SESSION_LOST:"SESSION_LOST",NOT_CONNECTED:"NOT_CONNECTED",TOKENS_VALID:"TOKENS_VALID",TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID",LOGOUT_FROM_ANOTHER_TAB:"LOGOUT_FROM_ANOTHER_TAB",REQUIRE_SYNC_TOKENS:"REQUIRE_SYNC_TOKENS"},tn=e=>async(n,s,t,o=!1)=>{const i={nonce:null};if(!t)return{tokens:null,status:"NOT_CONNECTED",nonce:i};let r=i;const a=await e.initAsync(n.authority,n.authority_configuration),u=await I(n,s);if(u){const{status:c,tokens:_}=await u.initAsync(a,"syncTokensAsync",n);if(c==="LOGGED_OUT")return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};if(c==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(!c||!_)return{tokens:null,status:"REQUIRE_SYNC_TOKENS",nonce:i};if(_.issuedAt!==t.issuedAt){const y=V(n.refresh_time_before_tokens_expiration_in_second,_.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",p=await u.getNonceAsync();return{tokens:_,status:y,nonce:p}}r=await u.getNonceAsync()}else{const c=P(s,n.storage??sessionStorage),_=await c.initAsync();let{tokens:d}=_;const{status:y}=_;if(d&&(d=Y(d,e.tokens,n.token_renew_mode)),d){if(y==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(d.issuedAt!==t.issuedAt){const k=V(n.refresh_time_before_tokens_expiration_in_second,d.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",b=await c.getNonceAsync();return{tokens:d,status:k,nonce:b}}}else return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};r=await c.getNonceAsync()}const l=V(n.refresh_time_before_tokens_expiration_in_second,t.expiresAt)>0?"TOKENS_VALID":"TOKENS_INVALID";return o?{tokens:t,status:"FORCE_REFRESH",nonce:r}:{tokens:t,status:l,nonce:r}},Z=e=>async(n,s=0,t=!1,o=null)=>{if(!navigator.onLine&&document.hidden)return{tokens:e.tokens,status:"GIVE_UP"};let i=6;for(;!navigator.onLine&&i>0;)await z({milliseconds:1e3}),i--,e.publishEvent(m.refreshTokensAsync,{message:`wait because navigator is offline try ${i}`});const r=s+1;o||(o={});const a=e.configuration,u=(l,c=null,_=null)=>ie(e.configurationName,e.configuration,e.publishEvent.bind(e))(l,c,_),f=async()=>{try{let l;const c=await I(a,e.configurationName);c?l=c.getLoginParams():l=P(e.configurationName,a.storage).getLoginParams();const _=await u({...l.extras,...o,prompt:"none"});return _?_.error?(n(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent"}),{tokens:null,status:"SESSION_LOST"}):(n(_.tokens),e.publishEvent(N.eventNames.token_renewed,{}),{tokens:_.tokens,status:"LOGGED"}):(n(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent not active"}),{tokens:null,status:"SESSION_LOST"})}catch(l){return console.error(l),e.publishEvent(m.refreshTokensAsync_silent_error,{message:"exceptionSilent",exception:l.message}),await Z(e)(n,r,t,o)}};try{const{status:l,tokens:c,nonce:_}=await tn(e)(a,e.configurationName,e.tokens,t);switch(l){case W.SESSION_LOST:return n(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token session lost"}),{tokens:null,status:"SESSION_LOST"};case W.NOT_CONNECTED:return n(null),{tokens:null,status:null};case W.TOKENS_VALID:return n(c),{tokens:c,status:"LOGGED_IN"};case W.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:return n(c),e.publishEvent(N.eventNames.token_renewed,{reason:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID"}),{tokens:c,status:"LOGGED_IN"};case W.LOGOUT_FROM_ANOTHER_TAB:return n(null),e.publishEvent(m.logout_from_another_tab,{status:"session syncTokensAsync"}),{tokens:null,status:"LOGGED_OUT"};case W.REQUIRE_SYNC_TOKENS:return a.token_automatic_renew_mode==$.AutomaticOnlyWhenFetchExecuted&&W.FORCE_REFRESH!==l?(e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:"GIVE_UP"}):(e.publishEvent(m.refreshTokensAsync_begin,{tryNumber:s}),await f());default:{if(a.token_automatic_renew_mode==$.AutomaticOnlyWhenFetchExecuted&&W.FORCE_REFRESH!==l)return e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:"GIVE_UP"};if(e.publishEvent(m.refreshTokensAsync_begin,{refreshToken:c.refreshToken,status:l,tryNumber:s}),!c.refreshToken)return await f();const d=a.client_id,y=a.redirect_uri,p=a.authority,b={...a.token_request_extras?a.token_request_extras:{}};for(const[w,T]of Object.entries(o))w.endsWith(":token_request")&&(b[w.replace(":token_request","")]=T);return await(async()=>{const w={client_id:d,redirect_uri:y,grant_type:"refresh_token",refresh_token:c.refreshToken},T=await e.initAsync(p,a.authority_configuration),h=document.hidden?1e4:3e4*10,g=T.tokenEndpoint,A={};a.demonstrating_proof_of_possession&&(A.DPoP=await e.generateDemonstrationOfProofOfPossessionAsync(c.accessToken,g,"POST"));const S=await Ze(e.getFetch())(g,w,b,c,A,a.token_renew_mode,h);if(S.success){const{isValid:D,reason:F}=de(S.data,_.nonce,T);if(!D)return n(null),e.publishEvent(m.refreshTokensAsync_error,{message:`refresh token return not valid tokens, reason: ${F}`}),{tokens:null,status:"SESSION_LOST"};if(n(S.data),S.demonstratingProofOfPossessionNonce){const v=await I(a,e.configurationName);v?await v.setDemonstratingProofOfPossessionNonce(S.demonstratingProofOfPossessionNonce):await P(e.configurationName,a.storage).setDemonstratingProofOfPossessionNonce(S.demonstratingProofOfPossessionNonce)}return e.publishEvent(m.refreshTokensAsync_end,{success:S.success}),e.publishEvent(N.eventNames.token_renewed,{reason:"REFRESH_TOKEN"}),{tokens:S.data,status:"LOGGED_IN"}}else return e.publishEvent(m.refreshTokensAsync_silent_error,{message:"bad request",tokenResponse:S}),S.status>=400&&S.status<500?(n(null),e.publishEvent(m.refreshTokensAsync_error,{message:`session lost: ${S.status}`}),{tokens:null,status:"SESSION_LOST"}):await Z(e)(n,r,t,o)})()}}}catch(l){return console.error(l),e.publishEvent(m.refreshTokensAsync_silent_error,{message:"exception",exception:l.message}),new Promise((c,_)=>{setTimeout(()=>{Z(e)(n,r,t,o).then(c).catch(_)},1e3)})}},ie=(e,n,s)=>(t=null,o=null,i=null)=>{if(!n.silent_redirect_uri||!n.silent_login_uri)return Promise.resolve(null);try{s(m.silentLoginAsync_begin,{});let r="";if(o&&(t==null&&(t={}),t.state=o),i&&(t==null&&(t={}),t.scope=i),t!=null)for(const[c,_]of Object.entries(t))r===""?r=`?${encodeURIComponent(c)}=${encodeURIComponent(_)}`:r+=`&${encodeURIComponent(c)}=${encodeURIComponent(_)}`;const a=n.silent_login_uri+r,u=a.indexOf("/",a.indexOf("//")+2),f=a.substring(0,u),l=document.createElement("iframe");return l.width="0px",l.height="0px",l.id=`${e}_oidc_iframe`,l.setAttribute("src",a),document.body.appendChild(l),new Promise((c,_)=>{let d=!1;const y=()=>{window.removeEventListener("message",p),l.remove(),d=!0},p=k=>{if(k.origin===f&&k.source===l.contentWindow){const b=`${e}_oidc_tokens:`,O=`${e}_oidc_error:`,w=`${e}_oidc_exception:`,T=k.data;if(T&&typeof T=="string"&&!d){if(T.startsWith(b)){const h=JSON.parse(k.data.replace(b,""));s(m.silentLoginAsync_end,{}),c(h),y()}else if(T.startsWith(O)){const h=JSON.parse(k.data.replace(O,""));s(m.silentLoginAsync_error,h),c({error:"oidc_"+h.error,tokens:null,sessionState:null}),y()}else if(T.startsWith(w)){const h=JSON.parse(k.data.replace(w,""));s(m.silentLoginAsync_error,h),_(new Error(h.error)),y()}}}};try{window.addEventListener("message",p);const k=n.silent_login_timeout;setTimeout(()=>{d||(y(),s(m.silentLoginAsync_error,{reason:"timeout"}),_(new Error("timeout")))},k)}catch(k){y(),s(m.silentLoginAsync_error,k),_(k)}})}catch(r){throw s(m.silentLoginAsync_error,r),r}},on=(e,n,s,t,o)=>(i=null,r=void 0)=>{i={...i};const a=(f,l,c)=>ie(n,s,t.bind(o))(f,l,c);return(async()=>{o.timeoutId&&M.clearTimeout(o.timeoutId);let f;i&&"state"in i&&(f=i.state,delete i.state);try{const l=s.extras?{...s.extras,...i}:i,c=await a({...l,prompt:"none"},f,r);if(c)return o.tokens=c.tokens,t(m.token_acquired,{}),o.timeoutId=B(o,o.tokens.expiresAt,i),{}}catch(l){return l}})()},rn=(e,n,s)=>(t,o,i,r=!1)=>{const a=(u,f=void 0,l=void 0)=>ie(e.configurationName,s,e.publishEvent.bind(e))(u,f,l);return new Promise((u,f)=>{if(s.silent_login_uri&&s.silent_redirect_uri&&s.monitor_session&&t&&i&&!r){const l=()=>{e.checkSessionIFrame.stop();const c=e.tokens;if(c===null)return;const _=c.idToken,d=c.idTokenPayload;return a({prompt:"none",id_token_hint:_,scope:s.scope||"openid"}).then(y=>{if(y.error)throw new Error(y.error);const p=y.tokens.idTokenPayload;if(d.sub===p.sub){const k=y.sessionState;e.checkSessionIFrame.start(y.sessionState),d.sid===p.sid?console.debug("SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",k):console.debug("SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:",k)}else console.debug("SessionMonitor._callback: Different subject signed into OP:",p.sub)}).catch(async y=>{console.warn("SessionMonitor._callback: Silent login failed, logging out other tabs:",y);for(const[,p]of Object.entries(n))await p.logoutOtherTabAsync(s.client_id,d.sub)})};e.checkSessionIFrame=new Ce(l,o,t),e.checkSessionIFrame.load().then(()=>{e.checkSessionIFrame.start(i),u(e.checkSessionIFrame)}).catch(c=>{f(c)})}else u(null)})},an=e=>!!(e.os==="iOS"&&e.osVersion.startsWith("12")||e.os==="Mac OS X"&&e.osVersion.startsWith("10_15_6")),cn=e=>{const n=e.appVersion,s=e.userAgent,t="-";let o=t;const i=[{s:"Windows 10",r:/(Windows 10.0|Windows NT 10.0)/},{s:"Windows 8.1",r:/(Windows 8.1|Windows NT 6.3)/},{s:"Windows 8",r:/(Windows 8|Windows NT 6.2)/},{s:"Windows 7",r:/(Windows 7|Windows NT 6.1)/},{s:"Windows Vista",r:/Windows NT 6.0/},{s:"Windows Server 2003",r:/Windows NT 5.2/},{s:"Windows XP",r:/(Windows NT 5.1|Windows XP)/},{s:"Windows 2000",r:/(Windows NT 5.0|Windows 2000)/},{s:"Windows ME",r:/(Win 9x 4.90|Windows ME)/},{s:"Windows 98",r:/(Windows 98|Win98)/},{s:"Windows 95",r:/(Windows 95|Win95|Windows_95)/},{s:"Windows NT 4.0",r:/(Windows NT 4.0|WinNT4.0|WinNT|Windows NT)/},{s:"Windows CE",r:/Windows CE/},{s:"Windows 3.11",r:/Win16/},{s:"Android",r:/Android/},{s:"Open BSD",r:/OpenBSD/},{s:"Sun OS",r:/SunOS/},{s:"Chrome OS",r:/CrOS/},{s:"Linux",r:/(Linux|X11(?!.*CrOS))/},{s:"iOS",r:/(iPhone|iPad|iPod)/},{s:"Mac OS X",r:/Mac OS X/},{s:"Mac OS",r:/(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/},{s:"QNX",r:/QNX/},{s:"UNIX",r:/UNIX/},{s:"BeOS",r:/BeOS/},{s:"OS/2",r:/OS\/2/},{s:"Search Bot",r:/(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/}];for(const a in i){const u=i[a];if(u.r.test(s)){o=u.s;break}}let r=t;switch(/Windows/.test(o)&&(r=/Windows (.*)/.exec(o)[1],o="Windows"),o){case"Mac OS":case"Mac OS X":case"Android":r=/(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(s)[1];break;case"iOS":{const a=/OS (\d+)_(\d+)_?(\d+)?/.exec(n);a!=null&&a.length>2&&(r=a[1]+"."+a[2]+"."+(parseInt(a[3])|0));break}}return{os:o,osVersion:r}};function ln(){const e=navigator.userAgent;let n,s=e.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i)||[];if(/trident/i.test(s[1]))return n=/\brv[ :]+(\d+)/g.exec(e)||[],{name:"ie",version:n[1]||""};if(s[1]==="Chrome"&&(n=e.match(/\bOPR|Edge\/(\d+)/),n!=null)){let t=n[1];if(!t){const o=e.split(n[0]+"/");o.length>1&&(t=o[1])}return{name:"opera",version:t}}return s=s[2]?[s[1],s[2]]:[navigator.appName,navigator.appVersion,"-?"],(n=e.match(/version\/(\d+)/i))!=null&&s.splice(1,1,n[1]),{name:s[0].toLowerCase(),version:s[1]}}const un=()=>{const{name:e,version:n}=ln();if(e==="chrome"&&parseInt(n)<=70||e==="opera"&&(!n||parseInt(n.split(".")[0])<80)||e==="ie")return!1;const s=cn(navigator);return!an(s)},_n=async e=>{let n;if(e.tokens!=null)return!1;e.publishEvent(m.tryKeepExistingSessionAsync_begin,{});try{const s=e.configuration,t=await e.initAsync(s.authority,s.authority_configuration);if(n=await I(s,e.configurationName),n){const{tokens:o}=await n.initAsync(t,"tryKeepExistingSessionAsync",s);if(o){n.startKeepAliveServiceWorker(),e.tokens=o;const i=n.getLoginParams(e.configurationName);e.timeoutId=B(e,e.tokens.expiresAt,i.extras);const r=await n.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,r),s.preload_user_info&&await e.userInfoAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside ServiceWorker are valid"}),!0}e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:"no exiting session found"})}else{s.service_worker_relative_url&&e.publishEvent(m.service_worker_not_supported_by_browser,{message:"service worker is not supported by this browser"});const o=P(e.configurationName,s.storage??sessionStorage),{tokens:i}=await o.initAsync();if(i){e.tokens=Y(i,null,s.token_renew_mode);const r=o.getLoginParams();e.timeoutId=B(e,e.tokens.expiresAt,r.extras);const a=await o.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,a),s.preload_user_info&&await e.userInfoAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside storage are valid"}),!0}}return e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:n?"service worker sessions not retrieved":"session storage sessions not retrieved"}),!1}catch(s){return console.error(s),n&&await n.clearAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_error,"tokens inside ServiceWorker are invalid"),!1}},Ee=e=>{const n=e.match(/^([a-z][\w-]+\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/);if(!n)throw new Error("Invalid URL");let s=n[6],t=n[7];if(t){const o=t.split("?");o.length===2&&(t=o[0],s=o[1])}return s.startsWith("?")&&(s=s.slice(1)),n&&{href:e,protocol:n[1],host:n[2],hostname:n[3],port:n[4],path:n[5],search:s,hash:t}},fn=e=>{const n=Ee(e);let{path:s}=n;s.endsWith("/")&&(s=s.slice(0,-1));let{hash:t}=n;return t==="#_=_"&&(t=""),t&&(s+=t),s},H=e=>{const n=Ee(e),{search:s}=n;return dn(s)},dn=e=>{const n={};let s,t,o;const i=e.split("&");for(t=0,o=i.length;t<o;t++)s=i[t].split("="),n[decodeURIComponent(s[0])]=decodeURIComponent(s[1]);return n},hn=(e,n,s,t,o)=>(i=void 0,r=null,a=!1,u=void 0)=>{const f=r;return r={...r},(async()=>{const c=i||o.getPath();if("state"in r||(r.state=te(16)),s(m.loginAsync_begin,{}),r)for(const _ of Object.keys(r))_.endsWith(":token_request")&&delete r[_];try{const _=a?n.silent_redirect_uri:n.redirect_uri;u||(u=n.scope);const d=n.extras?{...n.extras,...r}:r;d.nonce||(d.nonce=te(12));const y={nonce:d.nonce},p=await I(n,e),k=await t(n.authority,n.authority_configuration);let b;if(p)p.setLoginParams({callbackPath:c,extras:f}),await p.initAsync(k,"loginAsync",n),await p.setNonceAsync(y),p.startKeepAliveServiceWorker(),b=p;else{const w=P(e,n.storage??sessionStorage);w.setLoginParams({callbackPath:c,extras:f}),await w.setNonceAsync(y),b=w}const O={client_id:n.client_id,redirect_uri:_,scope:u,response_type:"code",...d};await en(b,o)(k.authorizationEndpoint,O)}catch(_){throw s(m.loginAsync_error,_),_}})()},yn=e=>async(n=!1)=>{try{e.publishEvent(m.loginCallbackAsync_begin,{});const s=e.configuration,t=s.client_id,o=n?s.silent_redirect_uri:s.redirect_uri,i=s.authority,r=s.token_request_timeout,a=await e.initAsync(i,s.authority_configuration),u=e.location.getCurrentHref(),l=H(u).session_state,c=await I(s,e.configurationName);let _,d,y,p;if(c)await c.initAsync(a,"loginCallbackAsync",s),await c.setSessionStateAsync(l),d=await c.getNonceAsync(),y=c.getLoginParams(),p=await c.getStateAsync(),c.startKeepAliveServiceWorker(),_=c;else{const v=P(e.configurationName,s.storage??sessionStorage);await v.setSessionStateAsync(l),d=await v.getNonceAsync(),y=v.getLoginParams(),p=await v.getStateAsync(),_=v}const k=H(u);if(k.error||k.error_description)throw new Error(`Error from OIDC server: ${k.error} - ${k.error_description}`);if(k.iss&&k.iss!==a.issuer)throw console.error(),new Error(`Issuer not valid (expected: ${a.issuer}, received: ${k.iss})`);if(k.state&&k.state!==p)throw new Error(`State not valid (expected: ${p}, received: ${k.state})`);const b={code:k.code,grant_type:"authorization_code",client_id:s.client_id,redirect_uri:o},O={};if(s.token_request_extras)for(const[v,q]of Object.entries(s.token_request_extras))O[v]=q;if(y!=null&&y.extras)for(const[v,q]of Object.entries(y.extras))v.endsWith(":token_request")&&(O[v.replace(":token_request","")]=q);const w=a.tokenEndpoint,T={};if(s.demonstrating_proof_of_possession)if(c)T.DPoP=`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;else{const v=await je(window)(s.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm);await P(e.configurationName,s.storage).setDemonstratingProofOfPossessionJwkAsync(v),T.DPoP=await we(window)(s.demonstrating_proof_of_possession_configuration)(v,"POST",w)}const h=await nn(_)(w,{...b,...O},T,e.configuration.token_renew_mode,r);if(!h.success)throw new Error("Token request failed");let g;const A=h.data.tokens,S=h.data.demonstratingProofOfPossessionNonce;if(h.data.state!==O.state)throw new Error("state is not valid");const{isValid:D,reason:F}=de(A,d.nonce,a);if(!D)throw new Error(`Tokens are not OpenID valid, reason: ${F}`);if(c){if(A.refreshToken&&!A.refreshToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Refresh token should be hidden by service worker");if(S&&(A!=null&&A.accessToken.includes("SECURED_BY_OIDC_SERVICE_WORKER")))throw new Error("Demonstration of proof of possession require Access token not hidden by service worker")}if(c)await c.initAsync(a,"syncTokensAsync",s),g=c.getLoginParams(),S&&await c.setDemonstratingProofOfPossessionNonce(S);else{const v=P(e.configurationName,s.storage);g=v.getLoginParams(),S&&await v.setDemonstratingProofOfPossessionNonce(S)}return await e.startCheckSessionAsync(a.checkSessionIframe,t,l,n),e.publishEvent(m.loginCallbackAsync_end,{}),{tokens:A,state:"request.state",callbackPath:g.callbackPath}}catch(s){throw console.error(s),e.publishEvent(m.loginCallbackAsync_error,s),s}},Oe={access_token:"access_token",refresh_token:"refresh_token"},re=(e,n)=>{const s={};if(e){for(const[t,o]of Object.entries(e))if(t.endsWith(n)){const i=t.replace(n,"");s[i]=o}return s}return s},gn=e=>{const n={};if(e){for(const[s,t]of Object.entries(e))s.includes(":")||(n[s]=t);return n}return n},kn=e=>async n=>{M.clearTimeout(e.timeoutId),e.timeoutId=null,e.checkSessionIFrame&&e.checkSessionIFrame.stop();const s=await I(e.configuration,e.configurationName);s?await s.clearAsync(n):await P(e.configurationName,e.configuration.storage).clearAsync(n),e.tokens=null,e.userInfo=null},mn=(e,n,s,t,o)=>async(i=void 0,r=null)=>{var b,O;const a=e.configuration,u=await e.initAsync(a.authority,a.authority_configuration);i&&typeof i!="string"&&(i=void 0,t.warn("callbackPathOrUrl path is not a string"));const f=i??o.getPath();let l=!1;i&&(l=i.includes("https://")||i.includes("http://"));const c=l?i:o.getOrigin()+f,_=e.tokens?e.tokens.idToken:"";try{const w=u.revocationEndpoint;if(w){const T=[],h=e.tokens?e.tokens.accessToken:null;if(h&&a.logout_tokens_to_invalidate.includes(Oe.access_token)){const A=re(r,":revoke_access_token"),S=Te(s)(w,h,oe.access_token,a.client_id,A);T.push(S)}const g=e.tokens?e.tokens.refreshToken:null;if(g&&a.logout_tokens_to_invalidate.includes(Oe.refresh_token)){const A=re(r,":revoke_refresh_token"),S=Te(s)(w,g,oe.refresh_token,a.client_id,A);T.push(S)}T.length>0&&await Promise.all(T)}}catch(w){t.warn("logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error"),t.warn(w)}const d=((O=(b=e.tokens)==null?void 0:b.idTokenPayload)==null?void 0:O.sub)??null;await e.destroyAsync("LOGGED_OUT");for(const[,w]of Object.entries(n))w!==e?await e.logoutSameTabAsync(e.configuration.client_id,d):e.publishEvent(m.logout_from_same_tab,{});const y=re(r,":oidc");if(y&&y.no_reload==="true")return;const k=gn(r);if(u.endSessionEndpoint){"id_token_hint"in k||(k.id_token_hint=_),!("post_logout_redirect_uri"in k)&&i!==null&&(k.post_logout_redirect_uri=c);let w="";for(const[T,h]of Object.entries(k))h!=null&&(w===""?w+="?":w+="&",w+=`${T}=${encodeURIComponent(h)}`);o.open(`${u.endSessionEndpoint}${w}`)}else o.reload()},Pe=(e,n,s=!1)=>async(...t)=>{var d;const[o,i,...r]=t,a=i?{...i}:{method:"GET"};let u=new Headers;a.headers&&(u=a.headers instanceof Headers?a.headers:new Headers(a.headers));const f={tokens:n.tokens,configuration:{token_automatic_renew_mode:n.configuration.token_automatic_renew_mode},renewTokensAsync:n.renewTokensAsync.bind(n)},l=await fe(f),c=(d=l==null?void 0:l.tokens)==null?void 0:d.accessToken;if(u.has("Accept")||u.set("Accept","application/json"),c){if(n.configuration.demonstrating_proof_of_possession&&s){const y=await n.generateDemonstrationOfProofOfPossessionAsync(c,o.toString(),a.method);u.set("Authorization",`PoP ${c}`),u.set("DPoP",y)}else u.set("Authorization",`Bearer ${c}`);a.credentials||(a.credentials="same-origin")}const _={...a,headers:u};return await e(o,_,...r)},pn=e=>async(n=!1,s=!1)=>{if(e.userInfo!=null&&!n)return e.userInfo;const t=e.configuration,i=(await e.initAsync(t.authority,t.authority_configuration)).userInfoEndpoint,a=await(async()=>{const f=await Pe(fetch,e,s)(i);return f.status!==200?null:f.json()})();return e.userInfo=a,a},Ie=()=>fetch;class ae{constructor(n){this.authorizationEndpoint=n.authorization_endpoint,this.tokenEndpoint=n.token_endpoint,this.revocationEndpoint=n.revocation_endpoint,this.userInfoEndpoint=n.userinfo_endpoint,this.checkSessionIframe=n.check_session_iframe,this.issuer=n.issuer,this.endSessionEndpoint=n.end_session_endpoint}}const L={},wn=(e,n=new x)=>(s,t="default")=>(L[t]||(L[t]=new N(s,t,e,n)),L[t]),An=async e=>{const{parsedTokens:n,callbackPath:s}=await e.loginCallbackAsync();return e.timeoutId=B(e,n.expiresAt),{callbackPath:s}},Sn=e=>Math.floor(Math.random()*e),j=class j{constructor(n,s="default",t,o=new x){this.initPromise=null,this.tryKeepExistingSessionPromise=null,this.loginPromise=null,this.loginCallbackPromise=null,this.loginCallbackWithAutoTokensRenewPromise=null,this.userInfoPromise=null,this.renewTokensPromise=null,this.logoutPromise=null;let i=n.silent_login_uri;n.silent_redirect_uri&&!n.silent_login_uri&&(i=`${n.silent_redirect_uri.replace("-callback","").replace("callback","")}-login`);let r=n.refresh_time_before_tokens_expiration_in_second??120;r>60&&(r=r-Math.floor(Math.random()*40)),this.location=o??new x;const a=n.service_worker_update_require_callback??$e(this.location);this.configuration={...n,silent_login_uri:i,token_automatic_renew_mode:n.token_automatic_renew_mode??$.AutomaticBeforeTokenExpiration,monitor_session:n.monitor_session??!1,refresh_time_before_tokens_expiration_in_second:r,silent_login_timeout:n.silent_login_timeout??12e3,token_renew_mode:n.token_renew_mode??G.access_token_or_id_token_invalid,demonstrating_proof_of_possession:n.demonstrating_proof_of_possession??!1,authority_timeout_wellknowurl_in_millisecond:n.authority_timeout_wellknowurl_in_millisecond??1e4,logout_tokens_to_invalidate:n.logout_tokens_to_invalidate??["access_token","refresh_token"],service_worker_update_require_callback:a,service_worker_activate:n.service_worker_activate??un,demonstrating_proof_of_possession_configuration:n.demonstrating_proof_of_possession_configuration??Me,preload_user_info:n.preload_user_info??!1},this.getFetch=t??Ie,this.configurationName=s,this.tokens=null,this.userInfo=null,this.events=[],this.timeoutId=null,this.loginCallbackWithAutoTokensRenewAsync.bind(this),this.initAsync.bind(this),this.loginCallbackAsync.bind(this),this.subscribeEvents.bind(this),this.removeEventSubscription.bind(this),this.publishEvent.bind(this),this.destroyAsync.bind(this),this.logoutAsync.bind(this),this.renewTokensAsync.bind(this),this.initAsync(this.configuration.authority,this.configuration.authority_configuration)}subscribeEvents(n){const s=Sn(9999999999999).toString();return this.events.push({id:s,func:n}),s}removeEventSubscription(n){const s=this.events.filter(t=>t.id!==n);this.events=s}publishEvent(n,s){this.events.forEach(t=>{t.func(n,s)})}static get(n="default"){const s=typeof process>"u";if(!Object.prototype.hasOwnProperty.call(L,n)&&s)throw Error(`OIDC library does seem initialized.
1
+ (function(C,x){typeof exports=="object"&&typeof module<"u"?x(exports):typeof define=="function"&&define.amd?define(["exports"],x):(C=typeof globalThis<"u"?globalThis:C||self,x(C["oidc-client"]={}))})(this,function(C){"use strict";class x{open(n){window.location.href=n}reload(){window.location.reload()}getCurrentHref(){return window.location.href}getPath(){const n=window.location;return n.pathname+(n.search||"")+(n.hash||"")}getOrigin(){return window.origin}}const le=2e3,R=console;class Ce{constructor(n,s,t,o=le,i=!0){this._callback=n,this._client_id=s,this._url=t,this._interval=o||le,this._stopOnError=i;const r=t.indexOf("/",t.indexOf("//")+2);this._frame_origin=t.substring(0,r),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.style.display="none",this._frame.width=0,this._frame.height=0,this._frame.src=t}load(){return new Promise(n=>{this._frame.onload=()=>{n()},window.document.body.appendChild(this._frame),this._boundMessageEvent=this._message.bind(this),window.addEventListener("message",this._boundMessageEvent,!1)})}_message(n){n.origin===this._frame_origin&&n.source===this._frame.contentWindow&&(n.data==="error"?(R.error("CheckSessionIFrame: error message from check session op iframe"),this._stopOnError&&this.stop()):n.data==="changed"?(R.debug(n),R.debug("CheckSessionIFrame: changed message from check session op iframe"),this.stop(),this._callback()):R.debug("CheckSessionIFrame: "+n.data+" message from check session op iframe"))}start(n){R.debug("CheckSessionIFrame.start :"+n),this.stop();const s=()=>{this._frame.contentWindow.postMessage(this._client_id+" "+n,this._frame_origin)};s(),this._timer=window.setInterval(s,this._interval)}stop(){this._timer&&(R.debug("CheckSessionIFrame.stop"),window.clearInterval(this._timer),this._timer=null)}}const m={service_worker_not_supported_by_browser:"service_worker_not_supported_by_browser",token_acquired:"token_acquired",logout_from_another_tab:"logout_from_another_tab",logout_from_same_tab:"logout_from_same_tab",token_renewed:"token_renewed",token_timer:"token_timer",loginAsync_begin:"loginAsync_begin",loginAsync_error:"loginAsync_error",loginCallbackAsync_begin:"loginCallbackAsync_begin",loginCallbackAsync_end:"loginCallbackAsync_end",loginCallbackAsync_error:"loginCallbackAsync_error",refreshTokensAsync_begin:"refreshTokensAsync_begin",refreshTokensAsync:"refreshTokensAsync",refreshTokensAsync_end:"refreshTokensAsync_end",refreshTokensAsync_error:"refreshTokensAsync_error",refreshTokensAsync_silent_error:"refreshTokensAsync_silent_error",tryKeepExistingSessionAsync_begin:"tryKeepExistingSessionAsync_begin",tryKeepExistingSessionAsync_end:"tryKeepExistingSessionAsync_end",tryKeepExistingSessionAsync_error:"tryKeepExistingSessionAsync_error",silentLoginAsync_begin:"silentLoginAsync_begin",silentLoginAsync:"silentLoginAsync",silentLoginAsync_end:"silentLoginAsync_end",silentLoginAsync_error:"silentLoginAsync_error",syncTokensAsync_begin:"syncTokensAsync_begin",syncTokensAsync_lock_not_available:"syncTokensAsync_lock_not_available",syncTokensAsync_end:"syncTokensAsync_end",syncTokensAsync_error:"syncTokensAsync_error",tokensInvalidAndWaitingActionsToRefresh:"tokensInvalidAndWaitingActionsToRefresh"},P=(e,n=sessionStorage)=>{const s=h=>(n[`oidc.${e}`]=JSON.stringify({tokens:null,status:h}),Promise.resolve()),t=async()=>{if(!n[`oidc.${e}`])return n[`oidc.${e}`]=JSON.stringify({tokens:null,status:null}),{tokens:null,status:null};const h=JSON.parse(n[`oidc.${e}`]);return Promise.resolve({tokens:h.tokens,status:h.status})},o=h=>{n[`oidc.${e}`]=JSON.stringify({tokens:h})},i=async h=>{n[`oidc.session_state.${e}`]=h},r=async()=>n[`oidc.session_state.${e}`],a=h=>{n[`oidc.nonce.${e}`]=h.nonce},u=h=>{n[`oidc.jwk.${e}`]=JSON.stringify(h)},f=()=>JSON.parse(n[`oidc.jwk.${e}`]),l=async()=>({nonce:n[`oidc.nonce.${e}`]}),c=async h=>{n[`oidc.dpop_nonce.${e}`]=h},_=()=>n[`oidc.dpop_nonce.${e}`],d=()=>n[`oidc.${e}`]?JSON.stringify({tokens:JSON.parse(n[`oidc.${e}`]).tokens}):null,y={};return{clearAsync:s,initAsync:t,setTokens:o,getTokens:d,setSessionStateAsync:i,getSessionStateAsync:r,setNonceAsync:a,getNonceAsync:l,setLoginParams:h=>{y[e]=h,n[`oidc.login.${e}`]=JSON.stringify(h)},getLoginParams:()=>{const h=n[`oidc.login.${e}`];return h?(y[e]||(y[e]=JSON.parse(h)),y[e]):(console.warn(`storage[oidc.login.${e}] is empty, you should have an bad OIDC or code configuration somewhere.`),null)},getStateAsync:async()=>n[`oidc.state.${e}`],setStateAsync:async h=>{n[`oidc.state.${e}`]=h},getCodeVerifierAsync:async()=>n[`oidc.code_verifier.${e}`],setCodeVerifierAsync:async h=>{n[`oidc.code_verifier.${e}`]=h},setDemonstratingProofOfPossessionNonce:c,getDemonstratingProofOfPossessionNonce:_,setDemonstratingProofOfPossessionJwkAsync:u,getDemonstratingProofOfPossessionJwkAsync:f}};var $=(e=>(e.AutomaticBeforeTokenExpiration="AutomaticBeforeTokensExpiration",e.AutomaticOnlyWhenFetchExecuted="AutomaticOnlyWhenFetchExecuted",e))($||{});const Ne=e=>decodeURIComponent(Array.prototype.map.call(atob(e),n=>"%"+("00"+n.charCodeAt(0).toString(16)).slice(-2)).join("")),xe=e=>JSON.parse(Ne(e.replaceAll(/-/g,"+").replaceAll(/_/g,"/"))),ue=e=>{try{return e&&We(e,".")===2?xe(e.split(".")[1]):null}catch(n){console.warn(n)}return null},We=(e,n)=>e.split(n).length-1,G={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"};function Le(e,n,s){if(e.issuedAt){if(typeof e.issuedAt=="string")return parseInt(e.issuedAt,10)}else return n&&n.iat?n.iat:s&&s.iat?s.iat:new Date().getTime()/1e3;return e.issuedAt}const Y=(e,n=null,s)=>{if(!e)return null;let t;const o=typeof e.expiresIn=="string"?parseInt(e.expiresIn,10):e.expiresIn;e.accessTokenPayload!==void 0?t=e.accessTokenPayload:t=ue(e.accessToken);let i;n!=null&&"idToken"in n&&!("idToken"in e)?i=n.idToken:i=e.idToken;const r=e.idTokenPayload?e.idTokenPayload:ue(i),a=r&&r.exp?r.exp:Number.MAX_VALUE,u=t&&t.exp?t.exp:e.issuedAt+o;e.issuedAt=Le(e,t,r);let f;e.expiresAt?f=e.expiresAt:s===G.access_token_invalid?f=u:s===G.id_token_invalid?f=a:f=a<u?a:u;const l={...e,idTokenPayload:r,accessTokenPayload:t,expiresAt:f,idToken:i};if(n!=null&&"refreshToken"in n&&!("refreshToken"in e)){const c=n.refreshToken;return{...l,refreshToken:c}}return l},ee=(e,n,s)=>{if(!e)return null;if(!e.issued_at){const o=new Date().getTime()/1e3;e.issued_at=o}const t={accessToken:e.access_token,expiresIn:e.expires_in,idToken:e.id_token,scope:e.scope,tokenType:e.token_type,issuedAt:e.issued_at};return"refresh_token"in e&&(t.refreshToken=e.refresh_token),e.accessTokenPayload!==void 0&&(t.accessTokenPayload=e.accessTokenPayload),e.idTokenPayload!==void 0&&(t.idTokenPayload=e.idTokenPayload),Y(t,n,s)},V=(e,n)=>{const s=new Date().getTime()/1e3,t=n-s;return Math.round(t-e)},_e=e=>e?V(0,e.expiresAt)>0:!1,fe=async(e,n=200,s=50)=>{let t=s;if(!e.tokens)return null;for(;!_e(e.tokens)&&t>0;){if(e.configuration.token_automatic_renew_mode==$.AutomaticOnlyWhenFetchExecuted){await e.renewTokensAsync({});break}else await z({milliseconds:n});t=t-1}return{isTokensValid:_e(e.tokens),tokens:e.tokens,numberWaited:t-s}},de=(e,n,s)=>{if(e.idTokenPayload){const t=e.idTokenPayload;if(s.issuer!==t.iss)return{isValid:!1,reason:`Issuer does not match (oidcServerConfiguration issuer) ${s.issuer} !== (idTokenPayload issuer) ${t.iss}`};const o=new Date().getTime()/1e3;if(t.exp&&t.exp<o)return{isValid:!1,reason:`Token expired (idTokenPayload exp) ${t.exp} < (currentTimeUnixSecond) ${o}`};const i=60*60*24*7;if(t.iat&&t.iat+i<o)return{isValid:!1,reason:`Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${t.iat+i} < (currentTimeUnixSecond) ${o}`};if(t.nonce&&t.nonce!==n)return{isValid:!1,reason:`Nonce does not match (idTokenPayload nonce) ${t.nonce} !== (nonce) ${n}`}}return{isValid:!0,reason:""}},M=function(){const e=typeof window>"u"?global:window;return{setTimeout:setTimeout.bind(e),clearTimeout:clearTimeout.bind(e),setInterval:setInterval.bind(e),clearInterval:clearInterval.bind(e)}}(),he="7.22.24";let ye=null,X;const z=({milliseconds:e})=>new Promise(n=>M.setTimeout(n,e)),ge=(e="/")=>{try{X=new AbortController,fetch(`${e}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`,{signal:X.signal}).catch(t=>{console.log(t)}),z({milliseconds:150*1e3}).then(ge)}catch(n){console.log(n)}},De=()=>{X&&X.abort()},Re=(e="/")=>fetch(`${e}OidcKeepAliveServiceWorker.json`,{headers:{"oidc-vanilla":"true"}}).then(n=>n.statusText==="oidc-service-worker").catch(n=>{console.log(n)}),$e=e=>async(n,s)=>{s(),await n.update();const t=await n.unregister();console.log(`Service worker unregistration ${t?"successful":"failed"}`),await z({milliseconds:2e3}),e.reload()},Ke=e=>{const n=sessionStorage.getItem(`oidc.tabId.${e}`);if(n)return n;const s=globalThis.crypto.randomUUID();return sessionStorage.setItem(`oidc.tabId.${e}`,s),s},E=e=>n=>new Promise(function(s,t){const o=new MessageChannel;o.port1.onmessage=function(i){i!=null&&i.data.error?t(i.data.error):s(i.data),o.port1.close(),o.port2.close()},e.active.postMessage({...n,tabId:Ke(n.configurationName)},[o.port2])}),I=async(e,n)=>{const s=e.service_worker_relative_url;if(typeof window>"u"||typeof navigator>"u"||!navigator.serviceWorker||!s||e.service_worker_activate()===!1)return null;let t=null;e.service_worker_register?t=await e.service_worker_register(s):t=await navigator.serviceWorker.register(s);try{await navigator.serviceWorker.ready,navigator.serviceWorker.controller||await E(t)({type:"claim"})}catch{return null}const o=async g=>E(t)({type:"clear",data:{status:g},configurationName:n}),i=async(g,A,S)=>{const D=await E(t)({type:"init",data:{oidcServerConfiguration:g,where:A,oidcConfiguration:{token_renew_mode:S.token_renew_mode,service_worker_convert_all_requests_to_cors:S.service_worker_convert_all_requests_to_cors}},configurationName:n}),F=D.version;return F!==he&&(console.warn(`Service worker ${F} version mismatch with js client version ${he}, unregistering and reloading`),await S.service_worker_update_require_callback(t,De)),{tokens:ee(D.tokens,null,S.token_renew_mode),status:D.status}},r=(g="/")=>{ye==null&&(ye="not_null",ge(g))},a=g=>E(t)({type:"setSessionState",data:{sessionState:g},configurationName:n}),u=async()=>(await E(t)({type:"getSessionState",data:null,configurationName:n})).sessionState,f=g=>(sessionStorage[`oidc.nonce.${n}`]=g.nonce,E(t)({type:"setNonce",data:{nonce:g},configurationName:n})),l=async()=>{let A=(await E(t)({type:"getNonce",data:null,configurationName:n})).nonce;return A||(A=sessionStorage[`oidc.nonce.${n}`],console.warn("nonce not found in service worker, using sessionStorage")),{nonce:A}},c={};return{clearAsync:o,initAsync:i,startKeepAliveServiceWorker:()=>r(e.service_worker_keep_alive_path),isServiceWorkerProxyActiveAsync:()=>Re(e.service_worker_keep_alive_path),setSessionStateAsync:a,getSessionStateAsync:u,setNonceAsync:f,getNonceAsync:l,setLoginParams:g=>{c[n]=g,localStorage[`oidc.login.${n}`]=JSON.stringify(g)},getLoginParams:()=>{const g=localStorage[`oidc.login.${n}`];return c[n]||(c[n]=JSON.parse(g)),c[n]},getStateAsync:async()=>{let A=(await E(t)({type:"getState",data:null,configurationName:n})).state;return A||(A=sessionStorage[`oidc.state.${n}`],console.warn("state not found in service worker, using sessionStorage")),A},setStateAsync:async g=>(sessionStorage[`oidc.state.${n}`]=g,E(t)({type:"setState",data:{state:g},configurationName:n})),getCodeVerifierAsync:async()=>{let A=(await E(t)({type:"getCodeVerifier",data:null,configurationName:n})).codeVerifier;return A||(A=sessionStorage[`oidc.code_verifier.${n}`],console.warn("codeVerifier not found in service worker, using sessionStorage")),A},setCodeVerifierAsync:async g=>(sessionStorage[`oidc.code_verifier.${n}`]=g,E(t)({type:"setCodeVerifier",data:{codeVerifier:g},configurationName:n})),setDemonstratingProofOfPossessionNonce:async g=>{await E(t)({type:"setDemonstratingProofOfPossessionNonce",data:{demonstratingProofOfPossessionNonce:g},configurationName:n})},getDemonstratingProofOfPossessionNonce:async()=>(await E(t)({type:"getDemonstratingProofOfPossessionNonce",data:null,configurationName:n})).demonstratingProofOfPossessionNonce,setDemonstratingProofOfPossessionJwkAsync:async g=>{const A=JSON.stringify(g);await E(t)({type:"setDemonstratingProofOfPossessionJwk",data:{demonstratingProofOfPossessionJwkJson:A},configurationName:n})},getDemonstratingProofOfPossessionJwkAsync:async()=>{const g=await E(t)({type:"getDemonstratingProofOfPossessionJwk",data:null,configurationName:n});return g.demonstratingProofOfPossessionJwkJson?JSON.parse(g.demonstratingProofOfPossessionJwkJson):null}}},K={},Ue=(e,n=window.sessionStorage,s)=>{if(!K[e]&&n){const o=n.getItem(e);o&&(K[e]=JSON.parse(o))}const t=1e3*s;return K[e]&&K[e].timestamp+t>Date.now()?K[e].result:null},Fe=(e,n,s=window.sessionStorage)=>{const t=Date.now();K[e]={result:n,timestamp:t},s&&s.setItem(e,JSON.stringify({result:n,timestamp:t}))};function ke(e){return new TextEncoder().encode(e)}function me(e){return btoa(e).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+/g,"")}function Ve(e){return encodeURIComponent(e).replace(/%([0-9A-F]{2})/g,function(s,t){return String.fromCharCode(parseInt(t,16))})}const ne=e=>{let n="";return e.forEach(function(s){n+=String.fromCharCode(s)}),me(n)};function pe(e){return me(Ve(e))}const Me={importKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256",hash:{name:"ES256"}},signAlgorithm:{name:"ECDSA",hash:{name:"SHA-256"}},generateKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256"},digestAlgorithm:{name:"SHA-256"},jwtHeaderAlgorithm:"ES256"},Je={sign:e=>async(n,s,t,o,i="dpop+jwt")=>{switch(n=Object.assign({},n),s.typ=i,s.alg=o.jwtHeaderAlgorithm,s.alg){case"ES256":s.jwk={kty:n.kty,crv:n.crv,x:n.x,y:n.y};break;case"RS256":s.jwk={kty:n.kty,n:n.n,e:n.e,kid:s.kid};break;default:throw new Error("Unknown or not implemented JWS algorithm")}const r={protected:pe(JSON.stringify(s)),payload:pe(JSON.stringify(t))},a=o.importKeyAlgorithm,u=!0,f=["sign"],l=await e.crypto.subtle.importKey("jwk",n,a,u,f),c=ke(`${r.protected}.${r.payload}`),_=o.signAlgorithm,d=await e.crypto.subtle.sign(_,l,c);return r.signature=ne(new Uint8Array(d)),`${r.protected}.${r.payload}.${r.signature}`}},Be={generate:e=>async n=>{const s=n,t=!0,o=["sign","verify"],i=await e.crypto.subtle.generateKey(s,t,o);return await e.crypto.subtle.exportKey("jwk",i.privateKey)},neuter:e=>{const n=Object.assign({},e);return delete n.d,n.key_ops=["verify"],n}},He={thumbprint:e=>async(n,s)=>{let t;switch(n.kty){case"EC":t='{"crv":"CRV","kty":"EC","x":"X","y":"Y"}'.replace("CRV",n.crv).replace("X",n.x).replace("Y",n.y);break;case"RSA":t='{"e":"E","kty":"RSA","n":"N"}'.replace("E",n.e).replace("N",n.n);break;default:throw new Error("Unknown or not implemented JWK type")}const o=await e.crypto.subtle.digest(s,ke(t));return ne(new Uint8Array(o))}},je=e=>async n=>await Be.generate(e)(n),we=e=>n=>async(s,t="POST",o,i={})=>{const r={jti:btoa(qe()),htm:t,htu:o,iat:Math.round(Date.now()/1e3),...i},a=await He.thumbprint(e)(s,n.digestAlgorithm);return await Je.sign(e)(s,{kid:a},r,n)},qe=()=>{const e="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx",n="0123456789abcdef";let s=0,t="";for(let o=0;o<36;o++)e[o]!=="-"&&e[o]!=="4"&&(s=Math.random()*16|0),e[o]==="x"?t+=n[s]:e[o]==="y"?(s&=3,s|=8,t+=n[s]):t+=e[o];return t},Ae=()=>{const e=typeof window<"u"&&!!window.crypto,n=e&&!!window.crypto.subtle;return{hasCrypto:e,hasSubtleCrypto:n}},se="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",Ge=e=>{const n=[];for(let s=0;s<e.byteLength;s+=1){const t=e[s]%se.length;n.push(se[t])}return n.join("")},te=e=>{const n=new Uint8Array(e),{hasCrypto:s}=Ae();if(s)window.crypto.getRandomValues(n);else for(let t=0;t<e;t+=1)n[t]=Math.random()*se.length|0;return Ge(n)};function Ye(e){const n=new ArrayBuffer(e.length),s=new Uint8Array(n);for(let t=0;t<e.length;t++)s[t]=e.charCodeAt(t);return s}function Se(e){return new Promise((n,s)=>{crypto.subtle.digest("SHA-256",Ye(e)).then(t=>n(ne(new Uint8Array(t))),t=>s(t))})}const Xe=e=>{if(e.length<43||e.length>128)return Promise.reject(new Error("Invalid code length."));const{hasSubtleCrypto:n}=Ae();return n?Se(e):Promise.reject(new Error("window.crypto.subtle is unavailable."))},ze=60*60,Qe=e=>async(n,s=ze,t=window.sessionStorage,o=1e4)=>{const i=`${n}/.well-known/openid-configuration`,r=`oidc.server:${n}`,a=Ue(r,t,s);if(a)return new ae(a);const u=await J(e)(i,{},o);if(u.status!==200)return null;const f=await u.json();return Fe(r,f,t),new ae(f)},J=e=>async(n,s={},t=1e4,o=0)=>{let i;try{const r=new AbortController;setTimeout(()=>r.abort(),t),i=await e(n,{...s,signal:r.signal})}catch(r){if(r.name==="AbortError"||r.message==="Network request failed"){if(o<=1)return await J(e)(n,s,t,o+1);throw r}else throw console.error(r.message),r}return i},oe={refresh_token:"refresh_token",access_token:"access_token"},Te=e=>async(n,s,t=oe.refresh_token,o,i={},r=1e4)=>{const a={token:s,token_type_hint:t,client_id:o};for(const[c,_]of Object.entries(i))a[c]===void 0&&(a[c]=_);const u=[];for(const c in a){const _=encodeURIComponent(c),d=encodeURIComponent(a[c]);u.push(`${_}=${d}`)}const f=u.join("&");return(await J(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:f},r)).status!==200?{success:!1}:{success:!0}},Ze=e=>async(n,s,t,o,i={},r,a=1e4)=>{for(const[d,y]of Object.entries(t))s[d]===void 0&&(s[d]=y);const u=[];for(const d in s){const y=encodeURIComponent(d),p=encodeURIComponent(s[d]);u.push(`${y}=${p}`)}const f=u.join("&"),l=await J(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...i},body:f},a);if(l.status!==200)return{success:!1,status:l.status,demonstratingProofOfPossessionNonce:null};const c=await l.json();let _=null;return l.headers.has(Q)&&(_=l.headers.get(Q)),{success:!0,status:l.status,data:ee(c,o,r),demonstratingProofOfPossessionNonce:_}},en=(e,n)=>async(s,t)=>{t=t?{...t}:{};const o=te(128),i=await Xe(o);await e.setCodeVerifierAsync(o),await e.setStateAsync(t.state),t.code_challenge=i,t.code_challenge_method="S256";let r="";if(t)for(const[a,u]of Object.entries(t))r===""?r+="?":r+="&",r+=`${a}=${encodeURIComponent(u)}`;n.open(`${s}${r}`)},Q="DPoP-Nonce",nn=e=>async(n,s,t,o,i=1e4)=>{s=s?{...s}:{},s.code_verifier=await e.getCodeVerifierAsync();const r=[];for(const c in s){const _=encodeURIComponent(c),d=encodeURIComponent(s[c]);r.push(`${_}=${d}`)}const a=r.join("&"),u=await J(fetch)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...t},body:a},i);if(await Promise.all([e.setCodeVerifierAsync(null),e.setStateAsync(null)]),u.status!==200)return{success:!1,status:u.status};let f=null;u.headers.has(Q)&&(f=u.headers.get(Q));const l=await u.json();return{success:!0,data:{state:s.state,tokens:ee(l,null,o),demonstratingProofOfPossessionNonce:f}}};async function ve(e,n,s){const t=a=>{e.tokens=a},{tokens:o,status:i}=await Z(e)(t,0,n,s);return await I(e.configuration,e.configurationName)||await P(e.configurationName,e.configuration.storage).setTokens(e.tokens),e.tokens?o:(await e.destroyAsync(i),null)}const sn=async(e,n)=>{const s=await I(n,e.configurationName);if(s){const t=await e.initAsync(n.authority,n.authority_configuration),{tokens:o}=await s.initAsync(t,"tryKeepExistingSessionAsync",n);return o}else{const t=P(e.configurationName,n.storage??sessionStorage);let{tokens:o}=await t.initAsync();return o=Y(o,e.tokens,n.token_renew_mode),o}};async function be(e,n=!1,s=null){const t=e.configuration,o=`${t.client_id}_${e.configurationName}_${t.authority}`;let i;const r=await I(e.configuration,e.configurationName);return(t==null?void 0:t.storage)===(window==null?void 0:window.sessionStorage)&&!r?i=await ve(e,n,s):i=await navigator.locks.request(o,{ifAvailable:!0},async a=>a?await ve(e,n,s):(e.publishEvent(N.eventNames.syncTokensAsync_lock_not_available,{lock:"lock not available"}),await sn(e,t))),i?(e.timeoutId&&(e.timeoutId=B(e,e.tokens.expiresAt,s)),e.tokens):null}const B=(e,n,s=null)=>{const t=e.configuration.refresh_time_before_tokens_expiration_in_second;return M.setTimeout(async()=>{const i={timeLeft:V(t,n)};e.publishEvent(N.eventNames.token_timer,i),await be(e,!1,s)},1e3)},W={FORCE_REFRESH:"FORCE_REFRESH",SESSION_LOST:"SESSION_LOST",NOT_CONNECTED:"NOT_CONNECTED",TOKENS_VALID:"TOKENS_VALID",TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID",LOGOUT_FROM_ANOTHER_TAB:"LOGOUT_FROM_ANOTHER_TAB",REQUIRE_SYNC_TOKENS:"REQUIRE_SYNC_TOKENS"},tn=e=>async(n,s,t,o=!1)=>{const i={nonce:null};if(!t)return{tokens:null,status:"NOT_CONNECTED",nonce:i};let r=i;const a=await e.initAsync(n.authority,n.authority_configuration),u=await I(n,s);if(u){const{status:c,tokens:_}=await u.initAsync(a,"syncTokensAsync",n);if(c==="LOGGED_OUT")return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};if(c==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(!c||!_)return{tokens:null,status:"REQUIRE_SYNC_TOKENS",nonce:i};if(_.issuedAt!==t.issuedAt){const y=V(n.refresh_time_before_tokens_expiration_in_second,_.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",p=await u.getNonceAsync();return{tokens:_,status:y,nonce:p}}r=await u.getNonceAsync()}else{const c=P(s,n.storage??sessionStorage),_=await c.initAsync();let{tokens:d}=_;const{status:y}=_;if(d&&(d=Y(d,e.tokens,n.token_renew_mode)),d){if(y==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(d.issuedAt!==t.issuedAt){const k=V(n.refresh_time_before_tokens_expiration_in_second,d.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",b=await c.getNonceAsync();return{tokens:d,status:k,nonce:b}}}else return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};r=await c.getNonceAsync()}const l=V(n.refresh_time_before_tokens_expiration_in_second,t.expiresAt)>0?"TOKENS_VALID":"TOKENS_INVALID";return o?{tokens:t,status:"FORCE_REFRESH",nonce:r}:{tokens:t,status:l,nonce:r}},Z=e=>async(n,s=0,t=!1,o=null)=>{if(!navigator.onLine&&document.hidden)return{tokens:e.tokens,status:"GIVE_UP"};let i=6;for(;!navigator.onLine&&i>0;)await z({milliseconds:1e3}),i--,e.publishEvent(m.refreshTokensAsync,{message:`wait because navigator is offline try ${i}`});const r=s+1;o||(o={});const a=e.configuration,u=(l,c=null,_=null)=>ie(e.configurationName,e.configuration,e.publishEvent.bind(e))(l,c,_),f=async()=>{try{let l;const c=await I(a,e.configurationName);c?l=c.getLoginParams():l=P(e.configurationName,a.storage).getLoginParams();const _=await u({...l.extras,...o,prompt:"none"});return _?_.error?(n(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent"}),{tokens:null,status:"SESSION_LOST"}):(n(_.tokens),e.publishEvent(N.eventNames.token_renewed,{}),{tokens:_.tokens,status:"LOGGED"}):(n(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent not active"}),{tokens:null,status:"SESSION_LOST"})}catch(l){return console.error(l),e.publishEvent(m.refreshTokensAsync_silent_error,{message:"exceptionSilent",exception:l.message}),await Z(e)(n,r,t,o)}};try{const{status:l,tokens:c,nonce:_}=await tn(e)(a,e.configurationName,e.tokens,t);switch(l){case W.SESSION_LOST:return n(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token session lost"}),{tokens:null,status:"SESSION_LOST"};case W.NOT_CONNECTED:return n(null),{tokens:null,status:null};case W.TOKENS_VALID:return n(c),{tokens:c,status:"LOGGED_IN"};case W.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:return n(c),e.publishEvent(N.eventNames.token_renewed,{reason:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID"}),{tokens:c,status:"LOGGED_IN"};case W.LOGOUT_FROM_ANOTHER_TAB:return n(null),e.publishEvent(m.logout_from_another_tab,{status:"session syncTokensAsync"}),{tokens:null,status:"LOGGED_OUT"};case W.REQUIRE_SYNC_TOKENS:return a.token_automatic_renew_mode==$.AutomaticOnlyWhenFetchExecuted&&W.FORCE_REFRESH!==l?(e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:"GIVE_UP"}):(e.publishEvent(m.refreshTokensAsync_begin,{tryNumber:s}),await f());default:{if(a.token_automatic_renew_mode==$.AutomaticOnlyWhenFetchExecuted&&W.FORCE_REFRESH!==l)return e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:"GIVE_UP"};if(e.publishEvent(m.refreshTokensAsync_begin,{refreshToken:c.refreshToken,status:l,tryNumber:s}),!c.refreshToken)return await f();const d=a.client_id,y=a.redirect_uri,p=a.authority,b={...a.token_request_extras?a.token_request_extras:{}};for(const[w,T]of Object.entries(o))w.endsWith(":token_request")&&(b[w.replace(":token_request","")]=T);return await(async()=>{const w={client_id:d,redirect_uri:y,grant_type:"refresh_token",refresh_token:c.refreshToken},T=await e.initAsync(p,a.authority_configuration),h=document.hidden?1e4:3e4*10,g=T.tokenEndpoint,A={};a.demonstrating_proof_of_possession&&(A.DPoP=await e.generateDemonstrationOfProofOfPossessionAsync(c.accessToken,g,"POST"));const S=await Ze(e.getFetch())(g,w,b,c,A,a.token_renew_mode,h);if(S.success){const{isValid:D,reason:F}=de(S.data,_.nonce,T);if(!D)return n(null),e.publishEvent(m.refreshTokensAsync_error,{message:`refresh token return not valid tokens, reason: ${F}`}),{tokens:null,status:"SESSION_LOST"};if(n(S.data),S.demonstratingProofOfPossessionNonce){const v=await I(a,e.configurationName);v?await v.setDemonstratingProofOfPossessionNonce(S.demonstratingProofOfPossessionNonce):await P(e.configurationName,a.storage).setDemonstratingProofOfPossessionNonce(S.demonstratingProofOfPossessionNonce)}return e.publishEvent(m.refreshTokensAsync_end,{success:S.success}),e.publishEvent(N.eventNames.token_renewed,{reason:"REFRESH_TOKEN"}),{tokens:S.data,status:"LOGGED_IN"}}else return e.publishEvent(m.refreshTokensAsync_silent_error,{message:"bad request",tokenResponse:S}),S.status>=400&&S.status<500?(n(null),e.publishEvent(m.refreshTokensAsync_error,{message:`session lost: ${S.status}`}),{tokens:null,status:"SESSION_LOST"}):await Z(e)(n,r,t,o)})()}}}catch(l){return console.error(l),e.publishEvent(m.refreshTokensAsync_silent_error,{message:"exception",exception:l.message}),new Promise((c,_)=>{setTimeout(()=>{Z(e)(n,r,t,o).then(c).catch(_)},1e3)})}},ie=(e,n,s)=>(t=null,o=null,i=null)=>{if(!n.silent_redirect_uri||!n.silent_login_uri)return Promise.resolve(null);try{s(m.silentLoginAsync_begin,{});let r="";if(o&&(t==null&&(t={}),t.state=o),i&&(t==null&&(t={}),t.scope=i),t!=null)for(const[c,_]of Object.entries(t))r===""?r=`?${encodeURIComponent(c)}=${encodeURIComponent(_)}`:r+=`&${encodeURIComponent(c)}=${encodeURIComponent(_)}`;const a=n.silent_login_uri+r,u=a.indexOf("/",a.indexOf("//")+2),f=a.substring(0,u),l=document.createElement("iframe");return l.width="0px",l.height="0px",l.id=`${e}_oidc_iframe`,l.setAttribute("src",a),document.body.appendChild(l),new Promise((c,_)=>{let d=!1;const y=()=>{window.removeEventListener("message",p),l.remove(),d=!0},p=k=>{if(k.origin===f&&k.source===l.contentWindow){const b=`${e}_oidc_tokens:`,O=`${e}_oidc_error:`,w=`${e}_oidc_exception:`,T=k.data;if(T&&typeof T=="string"&&!d){if(T.startsWith(b)){const h=JSON.parse(k.data.replace(b,""));s(m.silentLoginAsync_end,{}),c(h),y()}else if(T.startsWith(O)){const h=JSON.parse(k.data.replace(O,""));s(m.silentLoginAsync_error,h),c({error:"oidc_"+h.error,tokens:null,sessionState:null}),y()}else if(T.startsWith(w)){const h=JSON.parse(k.data.replace(w,""));s(m.silentLoginAsync_error,h),_(new Error(h.error)),y()}}}};try{window.addEventListener("message",p);const k=n.silent_login_timeout;setTimeout(()=>{d||(y(),s(m.silentLoginAsync_error,{reason:"timeout"}),_(new Error("timeout")))},k)}catch(k){y(),s(m.silentLoginAsync_error,k),_(k)}})}catch(r){throw s(m.silentLoginAsync_error,r),r}},on=(e,n,s,t,o)=>(i=null,r=void 0)=>{i={...i};const a=(f,l,c)=>ie(n,s,t.bind(o))(f,l,c);return(async()=>{o.timeoutId&&M.clearTimeout(o.timeoutId);let f;i&&"state"in i&&(f=i.state,delete i.state);try{const l=s.extras?{...s.extras,...i}:i,c=await a({...l,prompt:"none"},f,r);if(c)return o.tokens=c.tokens,t(m.token_acquired,{}),o.timeoutId=B(o,o.tokens.expiresAt,i),{}}catch(l){return l}})()},rn=(e,n,s)=>(t,o,i,r=!1)=>{const a=(u,f=void 0,l=void 0)=>ie(e.configurationName,s,e.publishEvent.bind(e))(u,f,l);return new Promise((u,f)=>{if(s.silent_login_uri&&s.silent_redirect_uri&&s.monitor_session&&t&&i&&!r){const l=()=>{e.checkSessionIFrame.stop();const c=e.tokens;if(c===null)return;const _=c.idToken,d=c.idTokenPayload;return a({prompt:"none",id_token_hint:_,scope:s.scope||"openid"}).then(y=>{if(y.error)throw new Error(y.error);const p=y.tokens.idTokenPayload;if(d.sub===p.sub){const k=y.sessionState;e.checkSessionIFrame.start(y.sessionState),d.sid===p.sid?console.debug("SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",k):console.debug("SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:",k)}else console.debug("SessionMonitor._callback: Different subject signed into OP:",p.sub)}).catch(async y=>{console.warn("SessionMonitor._callback: Silent login failed, logging out other tabs:",y);for(const[,p]of Object.entries(n))await p.logoutOtherTabAsync(s.client_id,d.sub)})};e.checkSessionIFrame=new Ce(l,o,t),e.checkSessionIFrame.load().then(()=>{e.checkSessionIFrame.start(i),u(e.checkSessionIFrame)}).catch(c=>{f(c)})}else u(null)})},an=e=>!!(e.os==="iOS"&&e.osVersion.startsWith("12")||e.os==="Mac OS X"&&e.osVersion.startsWith("10_15_6")),cn=e=>{const n=e.appVersion,s=e.userAgent,t="-";let o=t;const i=[{s:"Windows 10",r:/(Windows 10.0|Windows NT 10.0)/},{s:"Windows 8.1",r:/(Windows 8.1|Windows NT 6.3)/},{s:"Windows 8",r:/(Windows 8|Windows NT 6.2)/},{s:"Windows 7",r:/(Windows 7|Windows NT 6.1)/},{s:"Windows Vista",r:/Windows NT 6.0/},{s:"Windows Server 2003",r:/Windows NT 5.2/},{s:"Windows XP",r:/(Windows NT 5.1|Windows XP)/},{s:"Windows 2000",r:/(Windows NT 5.0|Windows 2000)/},{s:"Windows ME",r:/(Win 9x 4.90|Windows ME)/},{s:"Windows 98",r:/(Windows 98|Win98)/},{s:"Windows 95",r:/(Windows 95|Win95|Windows_95)/},{s:"Windows NT 4.0",r:/(Windows NT 4.0|WinNT4.0|WinNT|Windows NT)/},{s:"Windows CE",r:/Windows CE/},{s:"Windows 3.11",r:/Win16/},{s:"Android",r:/Android/},{s:"Open BSD",r:/OpenBSD/},{s:"Sun OS",r:/SunOS/},{s:"Chrome OS",r:/CrOS/},{s:"Linux",r:/(Linux|X11(?!.*CrOS))/},{s:"iOS",r:/(iPhone|iPad|iPod)/},{s:"Mac OS X",r:/Mac OS X/},{s:"Mac OS",r:/(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/},{s:"QNX",r:/QNX/},{s:"UNIX",r:/UNIX/},{s:"BeOS",r:/BeOS/},{s:"OS/2",r:/OS\/2/},{s:"Search Bot",r:/(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/}];for(const a in i){const u=i[a];if(u.r.test(s)){o=u.s;break}}let r=t;switch(/Windows/.test(o)&&(r=/Windows (.*)/.exec(o)[1],o="Windows"),o){case"Mac OS":case"Mac OS X":case"Android":r=/(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(s)[1];break;case"iOS":{const a=/OS (\d+)_(\d+)_?(\d+)?/.exec(n);a!=null&&a.length>2&&(r=a[1]+"."+a[2]+"."+(parseInt(a[3])|0));break}}return{os:o,osVersion:r}};function ln(){const e=navigator.userAgent;let n,s=e.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i)||[];if(/trident/i.test(s[1]))return n=/\brv[ :]+(\d+)/g.exec(e)||[],{name:"ie",version:n[1]||""};if(s[1]==="Chrome"&&(n=e.match(/\bOPR|Edge\/(\d+)/),n!=null)){let t=n[1];if(!t){const o=e.split(n[0]+"/");o.length>1&&(t=o[1])}return{name:"opera",version:t}}return s=s[2]?[s[1],s[2]]:[navigator.appName,navigator.appVersion,"-?"],(n=e.match(/version\/(\d+)/i))!=null&&s.splice(1,1,n[1]),{name:s[0].toLowerCase(),version:s[1]}}const un=()=>{const{name:e,version:n}=ln();if(e==="chrome"&&parseInt(n)<=70||e==="opera"&&(!n||parseInt(n.split(".")[0])<80)||e==="ie")return!1;const s=cn(navigator);return!an(s)},_n=async e=>{let n;if(e.tokens!=null)return!1;e.publishEvent(m.tryKeepExistingSessionAsync_begin,{});try{const s=e.configuration,t=await e.initAsync(s.authority,s.authority_configuration);if(n=await I(s,e.configurationName),n){const{tokens:o}=await n.initAsync(t,"tryKeepExistingSessionAsync",s);if(o){n.startKeepAliveServiceWorker(),e.tokens=o;const i=n.getLoginParams(e.configurationName);e.timeoutId=B(e,e.tokens.expiresAt,i.extras);const r=await n.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,r),s.preload_user_info&&await e.userInfoAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside ServiceWorker are valid"}),!0}e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:"no exiting session found"})}else{s.service_worker_relative_url&&e.publishEvent(m.service_worker_not_supported_by_browser,{message:"service worker is not supported by this browser"});const o=P(e.configurationName,s.storage??sessionStorage),{tokens:i}=await o.initAsync();if(i){e.tokens=Y(i,null,s.token_renew_mode);const r=o.getLoginParams();e.timeoutId=B(e,e.tokens.expiresAt,r.extras);const a=await o.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,a),s.preload_user_info&&await e.userInfoAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside storage are valid"}),!0}}return e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:n?"service worker sessions not retrieved":"session storage sessions not retrieved"}),!1}catch(s){return console.error(s),n&&await n.clearAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_error,"tokens inside ServiceWorker are invalid"),!1}},Ee=e=>{const n=e.match(/^([a-z][\w-]+\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/);if(!n)throw new Error("Invalid URL");let s=n[6],t=n[7];if(t){const o=t.split("?");o.length===2&&(t=o[0],s=o[1])}return s.startsWith("?")&&(s=s.slice(1)),n&&{href:e,protocol:n[1],host:n[2],hostname:n[3],port:n[4],path:n[5],search:s,hash:t}},fn=e=>{const n=Ee(e);let{path:s}=n;s.endsWith("/")&&(s=s.slice(0,-1));let{hash:t}=n;return t==="#_=_"&&(t=""),t&&(s+=t),s},H=e=>{const n=Ee(e),{search:s}=n;return dn(s)},dn=e=>{const n={};let s,t,o;const i=e.split("&");for(t=0,o=i.length;t<o;t++)s=i[t].split("="),n[decodeURIComponent(s[0])]=decodeURIComponent(s[1]);return n},hn=(e,n,s,t,o)=>(i=void 0,r=null,a=!1,u=void 0)=>{const f=r;return r={...r},(async()=>{const c=i||o.getPath();if("state"in r||(r.state=te(16)),s(m.loginAsync_begin,{}),r)for(const _ of Object.keys(r))_.endsWith(":token_request")&&delete r[_];try{const _=a?n.silent_redirect_uri:n.redirect_uri;u||(u=n.scope);const d=n.extras?{...n.extras,...r}:r;d.nonce||(d.nonce=te(12));const y={nonce:d.nonce},p=await I(n,e),k=await t(n.authority,n.authority_configuration);let b;if(p)p.setLoginParams({callbackPath:c,extras:f}),await p.initAsync(k,"loginAsync",n),await p.setNonceAsync(y),p.startKeepAliveServiceWorker(),b=p;else{const w=P(e,n.storage??sessionStorage);w.setLoginParams({callbackPath:c,extras:f}),await w.setNonceAsync(y),b=w}const O={client_id:n.client_id,redirect_uri:_,scope:u,response_type:"code",...d};await en(b,o)(k.authorizationEndpoint,O)}catch(_){throw s(m.loginAsync_error,_),_}})()},yn=e=>async(n=!1)=>{try{e.publishEvent(m.loginCallbackAsync_begin,{});const s=e.configuration,t=s.client_id,o=n?s.silent_redirect_uri:s.redirect_uri,i=s.authority,r=s.token_request_timeout,a=await e.initAsync(i,s.authority_configuration),u=e.location.getCurrentHref(),l=H(u).session_state,c=await I(s,e.configurationName);let _,d,y,p;if(c)await c.initAsync(a,"loginCallbackAsync",s),await c.setSessionStateAsync(l),d=await c.getNonceAsync(),y=c.getLoginParams(),p=await c.getStateAsync(),c.startKeepAliveServiceWorker(),_=c;else{const v=P(e.configurationName,s.storage??sessionStorage);await v.setSessionStateAsync(l),d=await v.getNonceAsync(),y=v.getLoginParams(),p=await v.getStateAsync(),_=v}const k=H(u);if(k.error||k.error_description)throw new Error(`Error from OIDC server: ${k.error} - ${k.error_description}`);if(k.iss&&k.iss!==a.issuer)throw console.error(),new Error(`Issuer not valid (expected: ${a.issuer}, received: ${k.iss})`);if(k.state&&k.state!==p)throw new Error(`State not valid (expected: ${p}, received: ${k.state})`);const b={code:k.code,grant_type:"authorization_code",client_id:s.client_id,redirect_uri:o},O={};if(s.token_request_extras)for(const[v,q]of Object.entries(s.token_request_extras))O[v]=q;if(y!=null&&y.extras)for(const[v,q]of Object.entries(y.extras))v.endsWith(":token_request")&&(O[v.replace(":token_request","")]=q);const w=a.tokenEndpoint,T={};if(s.demonstrating_proof_of_possession)if(c)T.DPoP=`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;else{const v=await je(window)(s.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm);await P(e.configurationName,s.storage).setDemonstratingProofOfPossessionJwkAsync(v),T.DPoP=await we(window)(s.demonstrating_proof_of_possession_configuration)(v,"POST",w)}const h=await nn(_)(w,{...b,...O},T,e.configuration.token_renew_mode,r);if(!h.success)throw new Error("Token request failed");let g;const A=h.data.tokens,S=h.data.demonstratingProofOfPossessionNonce;if(h.data.state!==O.state)throw new Error("state is not valid");const{isValid:D,reason:F}=de(A,d.nonce,a);if(!D)throw new Error(`Tokens are not OpenID valid, reason: ${F}`);if(c){if(A.refreshToken&&!A.refreshToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Refresh token should be hidden by service worker");if(S&&(A!=null&&A.accessToken.includes("SECURED_BY_OIDC_SERVICE_WORKER")))throw new Error("Demonstration of proof of possession require Access token not hidden by service worker")}if(c)await c.initAsync(a,"syncTokensAsync",s),g=c.getLoginParams(),S&&await c.setDemonstratingProofOfPossessionNonce(S);else{const v=P(e.configurationName,s.storage);g=v.getLoginParams(),S&&await v.setDemonstratingProofOfPossessionNonce(S)}return await e.startCheckSessionAsync(a.checkSessionIframe,t,l,n),e.publishEvent(m.loginCallbackAsync_end,{}),{tokens:A,state:"request.state",callbackPath:g.callbackPath}}catch(s){throw console.error(s),e.publishEvent(m.loginCallbackAsync_error,s),s}},Oe={access_token:"access_token",refresh_token:"refresh_token"},re=(e,n)=>{const s={};if(e){for(const[t,o]of Object.entries(e))if(t.endsWith(n)){const i=t.replace(n,"");s[i]=o}return s}return s},gn=e=>{const n={};if(e){for(const[s,t]of Object.entries(e))s.includes(":")||(n[s]=t);return n}return n},kn=e=>async n=>{M.clearTimeout(e.timeoutId),e.timeoutId=null,e.checkSessionIFrame&&e.checkSessionIFrame.stop();const s=await I(e.configuration,e.configurationName);s?await s.clearAsync(n):await P(e.configurationName,e.configuration.storage).clearAsync(n),e.tokens=null,e.userInfo=null},mn=(e,n,s,t,o)=>async(i=void 0,r=null)=>{var b,O;const a=e.configuration,u=await e.initAsync(a.authority,a.authority_configuration);i&&typeof i!="string"&&(i=void 0,t.warn("callbackPathOrUrl path is not a string"));const f=i??o.getPath();let l=!1;i&&(l=i.includes("https://")||i.includes("http://"));const c=l?i:o.getOrigin()+f,_=e.tokens?e.tokens.idToken:"";try{const w=u.revocationEndpoint;if(w){const T=[],h=e.tokens?e.tokens.accessToken:null;if(h&&a.logout_tokens_to_invalidate.includes(Oe.access_token)){const A=re(r,":revoke_access_token"),S=Te(s)(w,h,oe.access_token,a.client_id,A);T.push(S)}const g=e.tokens?e.tokens.refreshToken:null;if(g&&a.logout_tokens_to_invalidate.includes(Oe.refresh_token)){const A=re(r,":revoke_refresh_token"),S=Te(s)(w,g,oe.refresh_token,a.client_id,A);T.push(S)}T.length>0&&await Promise.all(T)}}catch(w){t.warn("logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error"),t.warn(w)}const d=((O=(b=e.tokens)==null?void 0:b.idTokenPayload)==null?void 0:O.sub)??null;await e.destroyAsync("LOGGED_OUT");for(const[,w]of Object.entries(n))w!==e?await e.logoutSameTabAsync(e.configuration.client_id,d):e.publishEvent(m.logout_from_same_tab,{});const y=re(r,":oidc");if(y&&y.no_reload==="true")return;const k=gn(r);if(u.endSessionEndpoint){"id_token_hint"in k||(k.id_token_hint=_),!("post_logout_redirect_uri"in k)&&i!==null&&(k.post_logout_redirect_uri=c);let w="";for(const[T,h]of Object.entries(k))h!=null&&(w===""?w+="?":w+="&",w+=`${T}=${encodeURIComponent(h)}`);o.open(`${u.endSessionEndpoint}${w}`)}else o.reload()},Pe=(e,n,s=!1)=>async(...t)=>{var d;const[o,i,...r]=t,a=i?{...i}:{method:"GET"};let u=new Headers;a.headers&&(u=a.headers instanceof Headers?a.headers:new Headers(a.headers));const f={tokens:n.tokens,configuration:{token_automatic_renew_mode:n.configuration.token_automatic_renew_mode},renewTokensAsync:n.renewTokensAsync.bind(n)},l=await fe(f),c=(d=l==null?void 0:l.tokens)==null?void 0:d.accessToken;if(u.has("Accept")||u.set("Accept","application/json"),c){if(n.configuration.demonstrating_proof_of_possession&&s){const y=await n.generateDemonstrationOfProofOfPossessionAsync(c,o.toString(),a.method);u.set("Authorization",`PoP ${c}`),u.set("DPoP",y)}else u.set("Authorization",`Bearer ${c}`);a.credentials||(a.credentials="same-origin")}const _={...a,headers:u};return await e(o,_,...r)},pn=e=>async(n=!1,s=!1)=>{if(e.userInfo!=null&&!n)return e.userInfo;const t=e.configuration,i=(await e.initAsync(t.authority,t.authority_configuration)).userInfoEndpoint,a=await(async()=>{const f=await Pe(fetch,e,s)(i);return f.status!==200?null:f.json()})();return e.userInfo=a,a},Ie=()=>fetch;class ae{constructor(n){this.authorizationEndpoint=n.authorization_endpoint,this.tokenEndpoint=n.token_endpoint,this.revocationEndpoint=n.revocation_endpoint,this.userInfoEndpoint=n.userinfo_endpoint,this.checkSessionIframe=n.check_session_iframe,this.issuer=n.issuer,this.endSessionEndpoint=n.end_session_endpoint}}const L={},wn=(e,n=new x)=>(s,t="default")=>(L[t]||(L[t]=new N(s,t,e,n)),L[t]),An=async e=>{const{parsedTokens:n,callbackPath:s}=await e.loginCallbackAsync();return e.timeoutId=B(e,n.expiresAt),{callbackPath:s}},Sn=e=>Math.floor(Math.random()*e),j=class j{constructor(n,s="default",t,o=new x){this.initPromise=null,this.tryKeepExistingSessionPromise=null,this.loginPromise=null,this.loginCallbackPromise=null,this.loginCallbackWithAutoTokensRenewPromise=null,this.userInfoPromise=null,this.renewTokensPromise=null,this.logoutPromise=null;let i=n.silent_login_uri;n.silent_redirect_uri&&!n.silent_login_uri&&(i=`${n.silent_redirect_uri.replace("-callback","").replace("callback","")}-login`);let r=n.refresh_time_before_tokens_expiration_in_second??120;r>60&&(r=r-Math.floor(Math.random()*40)),this.location=o??new x;const a=n.service_worker_update_require_callback??$e(this.location);this.configuration={...n,silent_login_uri:i,token_automatic_renew_mode:n.token_automatic_renew_mode??$.AutomaticBeforeTokenExpiration,monitor_session:n.monitor_session??!1,refresh_time_before_tokens_expiration_in_second:r,silent_login_timeout:n.silent_login_timeout??12e3,token_renew_mode:n.token_renew_mode??G.access_token_or_id_token_invalid,demonstrating_proof_of_possession:n.demonstrating_proof_of_possession??!1,authority_timeout_wellknowurl_in_millisecond:n.authority_timeout_wellknowurl_in_millisecond??1e4,logout_tokens_to_invalidate:n.logout_tokens_to_invalidate??["access_token","refresh_token"],service_worker_update_require_callback:a,service_worker_activate:n.service_worker_activate??un,demonstrating_proof_of_possession_configuration:n.demonstrating_proof_of_possession_configuration??Me,preload_user_info:n.preload_user_info??!1},this.getFetch=t??Ie,this.configurationName=s,this.tokens=null,this.userInfo=null,this.events=[],this.timeoutId=null,this.loginCallbackWithAutoTokensRenewAsync.bind(this),this.initAsync.bind(this),this.loginCallbackAsync.bind(this),this.subscribeEvents.bind(this),this.removeEventSubscription.bind(this),this.publishEvent.bind(this),this.destroyAsync.bind(this),this.logoutAsync.bind(this),this.renewTokensAsync.bind(this),this.initAsync(this.configuration.authority,this.configuration.authority_configuration)}subscribeEvents(n){const s=Sn(9999999999999).toString();return this.events.push({id:s,func:n}),s}removeEventSubscription(n){const s=this.events.filter(t=>t.id!==n);this.events=s}publishEvent(n,s){this.events.forEach(t=>{t.func(n,s)})}static get(n="default"){const s=typeof process>"u";if(!Object.prototype.hasOwnProperty.call(L,n)&&s)throw Error(`OIDC library does seem initialized.
2
2
  Please checkout that you are using OIDC hook inside a <OidcProvider configurationName="${n}"></OidcProvider> component.`);return L[n]}_silentLoginCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const n=this.location,s=H(n.getCurrentHref());window.parent.postMessage(`${this.configurationName}_oidc_tokens:${JSON.stringify({tokens:this.tokens,sessionState:s.session_state})}`,n.getOrigin())}}_silentLoginErrorCallbackFromIFrame(n=null){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const s=this.location,t=H(s.getCurrentHref());t.error?window.parent.postMessage(`${this.configurationName}_oidc_error:${JSON.stringify({error:t.error})}`,s.getOrigin()):window.parent.postMessage(`${this.configurationName}_oidc_exception:${JSON.stringify({error:n==null?"":n.toString()})}`,s.getOrigin())}}async silentLoginCallbackAsync(){try{await this.loginCallbackAsync(!0),this._silentLoginCallbackFromIFrame()}catch(n){console.error(n),this._silentLoginErrorCallbackFromIFrame(n)}}async initAsync(n,s){if(this.initPromise!==null)return this.initPromise;const t=async()=>{if(s!=null)return new ae({authorization_endpoint:s.authorization_endpoint,end_session_endpoint:s.end_session_endpoint,revocation_endpoint:s.revocation_endpoint,token_endpoint:s.token_endpoint,userinfo_endpoint:s.userinfo_endpoint,check_session_iframe:s.check_session_iframe,issuer:s.issuer});const i=await I(this.configuration,this.configurationName)?window.localStorage:null;return await Qe(this.getFetch())(n,this.configuration.authority_time_cache_wellknowurl_in_second??60*60,i,this.configuration.authority_timeout_wellknowurl_in_millisecond)};return this.initPromise=t(),this.initPromise.finally(()=>{this.initPromise=null})}async tryKeepExistingSessionAsync(){return this.tryKeepExistingSessionPromise!==null?this.tryKeepExistingSessionPromise:(this.tryKeepExistingSessionPromise=_n(this),this.tryKeepExistingSessionPromise.finally(()=>{this.tryKeepExistingSessionPromise=null}))}async startCheckSessionAsync(n,s,t,o=!1){await rn(this,L,this.configuration)(n,s,t,o)}async loginAsync(n=void 0,s=null,t=!1,o=void 0,i=!1){return this.logoutPromise&&await this.logoutPromise,this.loginPromise!==null?this.loginPromise:i?on(window,this.configurationName,this.configuration,this.publishEvent.bind(this),this)(s,o):(this.loginPromise=hn(this.configurationName,this.configuration,this.publishEvent.bind(this),this.initAsync.bind(this),this.location)(n,s,t,o),this.loginPromise.finally(()=>{this.loginPromise=null}))}async loginCallbackAsync(n=!1){if(this.loginCallbackPromise!==null)return this.loginCallbackPromise;const s=async()=>{const t=await yn(this)(n),o=t.tokens;return this.tokens=o,await I(this.configuration,this.configurationName)||P(this.configurationName,this.configuration.storage).setTokens(o),this.publishEvent(j.eventNames.token_acquired,o),this.configuration.preload_user_info&&await this.userInfoAsync(),{parsedTokens:o,state:t.state,callbackPath:t.callbackPath}};return this.loginCallbackPromise=s(),this.loginCallbackPromise.finally(()=>{this.loginCallbackPromise=null})}async generateDemonstrationOfProofOfPossessionAsync(n,s,t,o={}){const i=this.configuration,r={ath:await Se(n),...o};if(await I(i,this.configurationName))return`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${this.configurationName}`;const u=P(this.configurationName,i.storage),f=await u.getDemonstratingProofOfPossessionJwkAsync(),l=u.getDemonstratingProofOfPossessionNonce();return l&&(r.nonce=l),await we(window)(i.demonstrating_proof_of_possession_configuration)(f,t,s,r)}loginCallbackWithAutoTokensRenewAsync(){return this.loginCallbackWithAutoTokensRenewPromise!==null?this.loginCallbackWithAutoTokensRenewPromise:(this.loginCallbackWithAutoTokensRenewPromise=An(this),this.loginCallbackWithAutoTokensRenewPromise.finally(()=>{this.loginCallbackWithAutoTokensRenewPromise=null}))}userInfoAsync(n=!1,s=!1){return this.userInfoPromise!==null?this.userInfoPromise:(this.userInfoPromise=pn(this)(n,s),this.userInfoPromise.finally(()=>{this.userInfoPromise=null}))}async renewTokensAsync(n=null){if(this.renewTokensPromise!==null)return this.renewTokensPromise;if(this.timeoutId)return M.clearTimeout(this.timeoutId),this.renewTokensPromise=be(this,!0,n),this.renewTokensPromise.finally(()=>{this.renewTokensPromise=null})}async destroyAsync(n){return await kn(this)(n)}async logoutSameTabAsync(n,s){this.configuration.monitor_session&&this.configuration.client_id===n&&s&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===s&&(await this.destroyAsync("LOGGED_OUT"),this.publishEvent(m.logout_from_same_tab,{mmessage:"SessionMonitor",sub:s}))}async logoutOtherTabAsync(n,s){this.configuration.monitor_session&&this.configuration.client_id===n&&s&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===s&&(await this.destroyAsync("LOGGED_OUT"),this.publishEvent(m.logout_from_another_tab,{message:"SessionMonitor",sub:s}))}async logoutAsync(n=void 0,s=null){return this.logoutPromise?this.logoutPromise:(this.logoutPromise=mn(this,L,this.getFetch(),console,this.location)(n,s),this.logoutPromise.finally(()=>{this.logoutPromise=null}))}};j.getOrCreate=(n,s)=>(t,o="default")=>wn(n,s)(t,o),j.eventNames=m;let N=j;const U=class U{constructor(n){this._oidc=n}subscribeEvents(n){return this._oidc.subscribeEvents(n)}removeEventSubscription(n){this._oidc.removeEventSubscription(n)}publishEvent(n,s){this._oidc.publishEvent(n,s)}static get(n="default"){return new U(N.get(n))}tryKeepExistingSessionAsync(){return this._oidc.tryKeepExistingSessionAsync()}loginAsync(n=void 0,s=null,t=!1,o=void 0,i=!1){return this._oidc.loginAsync(n,s,t,o,i)}logoutAsync(n=void 0,s=null){return this._oidc.logoutAsync(n,s)}silentLoginCallbackAsync(){return this._oidc.silentLoginCallbackAsync()}renewTokensAsync(n=null){return this._oidc.renewTokensAsync(n)}loginCallbackAsync(){return this._oidc.loginCallbackWithAutoTokensRenewAsync()}get tokens(){return this._oidc.tokens}get configuration(){return this._oidc.configuration}async generateDemonstrationOfProofOfPossessionAsync(n,s,t,o={}){return this._oidc.generateDemonstrationOfProofOfPossessionAsync(n,s,t,o)}async getValidTokenAsync(n=200,s=50){return fe(this._oidc,n,s)}fetchWithTokens(n,s=!1){return Pe(n,this._oidc,s)}async userInfoAsync(n=!1,s=!1){return this._oidc.userInfoAsync(n,s)}userInfo(){return this._oidc.userInfo}};U.getOrCreate=(n,s=new x)=>(t,o="default")=>new U(N.getOrCreate(n,s)(t,o)),U.eventNames=N.eventNames;let ce=U;C.OidcClient=ce,C.OidcLocation=x,C.TokenAutomaticRenewMode=$,C.TokenRenewMode=G,C.getFetchDefault=Ie,C.getParseQueryStringFromLocation=H,C.getPath=fn,Object.defineProperty(C,Symbol.toStringTag,{value:"Module"})});
package/dist/initWorker.d.ts CHANGED
@@ -1,11 +1,10 @@
1
1
  import { ILOidcLocation } from './location';
2
2
  import { OidcConfiguration } from './types.js';
3
-
4
3
  export declare const sleepAsync: ({ milliseconds }: {
5
4
  milliseconds: any;
6
5
  }) => Promise<unknown>;
7
6
  export declare const defaultServiceWorkerUpdateRequireCallback: (location: ILOidcLocation) => (registration: any, stopKeepAlive: () => void) => Promise<void>;
8
- export declare const initWorkerAsync: (configuration: any, configurationName: any) => Promise<{
7
+ export declare const initWorkerAsync: (configuration: OidcConfiguration, configurationName: string) => Promise<{
9
8
  clearAsync: (status: any) => Promise<any>;
10
9
  initAsync: (oidcServerConfiguration: any, where: any, oidcConfiguration: OidcConfiguration) => Promise<{
11
10
  tokens: import('./parseTokens.js').Tokens;
package/dist/initWorker.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"initWorker.d.ts","sourceRoot":"","sources":["../src/initWorker.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAG5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAK/C,eAAO,MAAM,UAAU,qBAAsB;IAAE,YAAY,EAAE,GAAG,CAAA;CAAE,qBAEjE,CAAC;AAuCF,eAAO,MAAM,yCAAyC,aACzC,cAAc,oBAA0B,GAAG,iBAAiB,MAAM,IAAI,kBAOhF,CAAC;AAmCJ,eAAO,MAAM,eAAe;;6EAoCL,iBAAiB;;;;;;yCAuCM,MAAM;;;;;;;;;2BAiHd,MAAM;;yCAwBQ,MAAM;kFAhFjB,MAAM;;mFAmBR,UAAU;;EA4FhD,CAAC"}
1
+ {"version":3,"file":"initWorker.d.ts","sourceRoot":"","sources":["../src/initWorker.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAG5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAK/C,eAAO,MAAM,UAAU,qBAAsB;IAAE,YAAY,EAAE,GAAG,CAAA;CAAE,qBAEjE,CAAC;AAuCF,eAAO,MAAM,yCAAyC,aACzC,cAAc,oBAA0B,GAAG,iBAAiB,MAAM,IAAI,kBAOhF,CAAC;AAmCJ,eAAO,MAAM,eAAe,kBACX,iBAAiB,qBACb,MAAM;;6EAqCJ,iBAAiB;;;;;;yCAuCM,MAAM;;;;;;;;;2BAiHd,MAAM;;yCAwBQ,MAAM;kFAhFjB,MAAM;;mFAmBR,UAAU;;EA4FhD,CAAC"}
package/dist/initWorkerOption.d.ts CHANGED
@@ -1,5 +1,4 @@
1
1
  import { ServiceWorkerActivate } from './types';
2
-
3
2
  export declare const excludeOs: (operatingSystem: any) => boolean;
4
3
  export declare const getOperatingSystem: (navigator: any) => {
5
4
  os: string;
package/dist/jwt.d.ts CHANGED
@@ -1,5 +1,4 @@
1
1
  import { DemonstratingProofOfPossessionConfiguration } from './types';
2
-
3
2
  export declare const uint8ToUrlBase64: (uint8: Uint8Array) => string;
4
3
  export declare const defaultDemonstratingProofOfPossessionConfiguration: DemonstratingProofOfPossessionConfiguration;
5
4
  export declare const JWT: {
package/dist/keepSession.d.ts CHANGED
@@ -1,4 +1,3 @@
1
1
  import { default as Oidc } from './oidc';
2
-
3
2
  export declare const tryKeepSessionAsync: (oidc: Oidc) => Promise<boolean>;
4
3
  //# sourceMappingURL=keepSession.d.ts.map
package/dist/login.d.ts CHANGED
@@ -1,9 +1,8 @@
1
1
  import { ILOidcLocation } from './location';
2
2
  import { default as Oidc } from './oidc';
3
3
  import { OidcConfiguration, StringMap } from './types.js';
4
-
5
4
  export type InitAsyncFunction = (authority: string, authorityConfiguration: any) => Promise<any>;
6
- export declare const defaultLoginAsync: (configurationName: string, configuration: OidcConfiguration, publishEvent: (string, any) => void, initAsync: InitAsyncFunction, oidcLocation: ILOidcLocation) => (callbackPath?: string, extras?: StringMap, isSilentSignin?: boolean, scope?: string) => Promise<void>;
5
+ export declare const defaultLoginAsync: (configurationName: string, configuration: OidcConfiguration, publishEvent: (string: any, any: any) => void, initAsync: InitAsyncFunction, oidcLocation: ILOidcLocation) => (callbackPath?: string, extras?: StringMap, isSilentSignin?: boolean, scope?: string) => Promise<void>;
7
6
  export declare const loginCallbackAsync: (oidc: Oidc) => (isSilentSignin?: boolean) => Promise<{
8
7
  tokens: import('./parseTokens.js').Tokens;
9
8
  state: string;
package/dist/login.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../src/login.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAC5C,OAAO,IAAI,MAAM,QAAQ,CAAC;AAI1B,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAE1D,MAAM,MAAM,iBAAiB,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,sBAAsB,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;AAEjG,eAAO,MAAM,iBAAiB,sBAEP,MAAM,iBACV,iBAAiB,gBAClB,CAAC,MAAM,EAAE,GAAG,KAAK,IAAI,aACxB,iBAAiB,gBACd,cAAc,qBAGd,MAAM,WACZ,SAAS,oCAEV,MAAM,kBAqEd,CAAC;AAEJ,eAAO,MAAM,kBAAkB,SACtB,IAAI;;;;EAmLV,CAAC"}
1
+ {"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../src/login.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAC5C,OAAO,IAAI,MAAM,QAAQ,CAAC;AAI1B,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAE1D,MAAM,MAAM,iBAAiB,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,sBAAsB,EAAE,GAAG,KAAK,OAAO,CAAC,GAAG,CAAC,CAAC;AAEjG,eAAO,MAAM,iBAAiB,sBAEP,MAAM,iBACV,iBAAiB,gBAClB,CAAC,MAAM,KAAA,EAAE,GAAG,KAAA,KAAK,IAAI,aACxB,iBAAiB,gBACd,cAAc,qBAGd,MAAM,WACZ,SAAS,oCAEV,MAAM,kBAqEd,CAAC;AAEJ,eAAO,MAAM,kBAAkB,SACtB,IAAI;;;;EAmLV,CAAC"}
package/dist/logout.d.ts CHANGED
@@ -1,6 +1,5 @@
1
1
  import { ILOidcLocation } from './location';
2
2
  import { StringMap } from './types.js';
3
-
4
3
  export declare const oidcLogoutTokens: {
5
4
  access_token: string;
6
5
  refresh_token: string;
package/dist/oidc.d.ts CHANGED
@@ -2,7 +2,6 @@ import { CheckSessionIFrame } from './checkSessionIFrame.js';
2
2
  import { ILOidcLocation } from './location';
3
3
  import { Tokens } from './parseTokens.js';
4
4
  import { AuthorityConfiguration, Fetch, OidcConfiguration, StringMap } from './types.js';
5
-
6
5
  export declare const getFetchDefault: () => typeof fetch;
7
6
  export interface OidcAuthorizationServiceConfigurationJson {
8
7
  check_session_iframe?: string;
package/dist/oidc.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["../src/oidc.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAW7D,OAAO,EAAE,cAAc,EAAgB,MAAM,YAAY,CAAC;AAG1D,OAAO,EAAkB,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAM1D,OAAO,EACL,sBAAsB,EACtB,KAAK,EACL,iBAAiB,EACjB,SAAS,EAEV,MAAM,YAAY,CAAC;AAGpB,eAAO,MAAM,eAAe,oBAE3B,CAAC;AAEF,MAAM,WAAW,yCAAyC;IACxD,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,qBAAa,qCAAqC;IAChD,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,qBAAqB,CAAS;IACtC,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,kBAAkB,CAAS;gBAEvB,OAAO,EAAE,GAAG;CASzB;AAYD,MAAM,MAAM,aAAa,GAAG;IAC1B,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAYF,qBAAa,IAAI;IACR,aAAa,EAAE,iBAAiB,CAAC;IACjC,QAAQ,EAAE,IAAI,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,QAAQ,EAAE,MAAM,KAAK,CAAC;IACtB,QAAQ,EAAE,cAAc,CAAC;gBAE9B,aAAa,EAAE,iBAAiB,EAChC,iBAAiB,QAAY,EAC7B,QAAQ,EAAE,MAAM,KAAK,EACrB,QAAQ,GAAE,cAAmC;IA6D/C,eAAe,CAAC,IAAI,KAAA,GAAG,MAAM;IAM7B,uBAAuB,CAAC,EAAE,KAAA,GAAG,IAAI;IAKjC,YAAY,CAAC,SAAS,KAAA,EAAE,IAAI,KAAA;IAM5B,MAAM,CAAC,WAAW,aACL,MAAM,KAAK,YAAY,cAAc,gDAG9C;IAEJ,MAAM,CAAC,GAAG,CAAC,IAAI,SAAY;IAS3B,MAAM,CAAC,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAAc;IAE/B,8BAA8B;IAW9B,mCAAmC,CAAC,SAAS,MAAO;IAkB9C,wBAAwB;IAU9B,WAAW,MAAQ;IACb,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,sBAAsB,EAAE,sBAAsB;IAoCjF,6BAA6B,MAAQ;IAC/B,2BAA2B,IAAI,OAAO,CAAC,OAAO,CAAC;IAU/C,sBAAsB,CAC1B,qBAAqB,KAAA,EACrB,QAAQ,KAAA,EACR,YAAY,KAAA,EACZ,cAAc,UAAQ;IAUxB,YAAY,EAAE,OAAO,CAAC,IAAI,CAAC,CAAQ;IAC7B,UAAU,CACd,YAAY,GAAE,MAAkB,EAChC,MAAM,GAAE,SAAgB,EACxB,cAAc,UAAQ,EACtB,KAAK,GAAE,MAAkB,EACzB,eAAe,UAAQ;IA8BzB,oBAAoB,EAAE,OAAO,CAAC,GAAG,CAAC,CAAQ;IACpC,kBAAkB,CAAC,aAAa,UAAQ;IA6BxC,6CAA6C,CACjD,WAAW,EAAE,MAAM,EACnB,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,MAAM,EACd,MAAM,GAAE,SAAc,GACrB,OAAO,CAAC,MAAM,CAAC;IA0BlB,uCAAuC,EAAE,OAAO,CAAC,aAAa,CAAC,CAAQ;IACvE,qCAAqC,IAAI,OAAO,CAAC,aAAa,CAAC;IAU/D,eAAe,EAAE,OAAO,CAAC,GAAG,CAAC,CAAQ;IACrC,aAAa,CAAC,OAAO,UAAQ,EAAE,iCAAiC,UAAQ;IAUxE,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,CAAQ;IAElC,gBAAgB,CAAC,MAAM,GAAE,SAAgB;IAezC,YAAY,CAAC,MAAM,KAAA;IAInB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAe7C,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAepD,aAAa,EAAE,OAAO,CAAC,IAAI,CAAC,CAAQ;IAC9B,WAAW,CACf,iBAAiB,GAAE,MAAM,GAAG,IAAI,GAAG,SAAqB,EACxD,MAAM,GAAE,SAAgB;CAgB3B;AAED,eAAe,IAAI,CAAC"}
1
+ {"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["../src/oidc.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAW7D,OAAO,EAAE,cAAc,EAAgB,MAAM,YAAY,CAAC;AAG1D,OAAO,EAAkB,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAM1D,OAAO,EACL,sBAAsB,EACtB,KAAK,EACL,iBAAiB,EACjB,SAAS,EAEV,MAAM,YAAY,CAAC;AAGpB,eAAO,MAAM,eAAe,oBAE3B,CAAC;AAEF,MAAM,WAAW,yCAAyC;IACxD,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,qBAAa,qCAAqC;IAChD,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,qBAAqB,CAAS;IACtC,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,kBAAkB,CAAS;gBAEvB,OAAO,EAAE,GAAG;CASzB;AAYD,MAAM,MAAM,aAAa,GAAG;IAC1B,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAYF,qBAAa,IAAI;IACR,aAAa,EAAE,iBAAiB,CAAC;IACjC,QAAQ,EAAE,IAAI,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,QAAQ,EAAE,MAAM,KAAK,CAAC;IACtB,QAAQ,EAAE,cAAc,CAAC;gBAE9B,aAAa,EAAE,iBAAiB,EAChC,iBAAiB,QAAY,EAC7B,QAAQ,EAAE,MAAM,KAAK,EACrB,QAAQ,GAAE,cAAmC;IA6D/C,eAAe,CAAC,IAAI,KAAA,GAAG,MAAM;IAM7B,uBAAuB,CAAC,EAAE,KAAA,GAAG,IAAI;IAKjC,YAAY,CAAC,SAAS,KAAA,EAAE,IAAI,KAAA;IAM5B,MAAM,CAAC,WAAW,aACL,MAAM,KAAK,YAAY,cAAc,gDAG9C;IAEJ,MAAM,CAAC,GAAG,CAAC,IAAI,SAAY;IAS3B,MAAM,CAAC,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAAc;IAE/B,8BAA8B;IAW9B,mCAAmC,CAAC,SAAS,MAAO;IAkB9C,wBAAwB;IAU9B,WAAW,MAAQ;IACb,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,sBAAsB,EAAE,sBAAsB;IAoCjF,6BAA6B,MAAQ;IAC/B,2BAA2B,IAAI,OAAO,CAAC,OAAO,CAAC;IAU/C,sBAAsB,CAC1B,qBAAqB,KAAA,EACrB,QAAQ,KAAA,EACR,YAAY,KAAA,EACZ,cAAc,UAAQ;IAUxB,YAAY,EAAE,OAAO,CAAC,IAAI,CAAC,CAAQ;IAC7B,UAAU,CACd,YAAY,GAAE,MAAkB,EAChC,MAAM,GAAE,SAAgB,EACxB,cAAc,UAAQ,EACtB,KAAK,GAAE,MAAkB,EACzB,eAAe,UAAQ;IA8BzB,oBAAoB,EAAE,OAAO,CAAC,GAAG,CAAC,CAAQ;IACpC,kBAAkB,CAAC,aAAa,UAAQ;IA6BxC,6CAA6C,CACjD,WAAW,EAAE,MAAM,EACnB,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,MAAM,EACd,MAAM,GAAE,SAAc,GACrB,OAAO,CAAC,MAAM,CAAC;IA0BlB,uCAAuC,EAAE,OAAO,CAAC,aAAa,CAAC,CAAQ;IACvE,qCAAqC,IAAI,OAAO,CAAC,aAAa,CAAC;IAU/D,eAAe,EAAE,OAAO,CAAC,GAAG,CAAC,CAAQ;IACrC,aAAa,CAAC,OAAO,UAAQ,EAAE,iCAAiC,UAAQ;IAUxE,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,CAAQ;IAElC,gBAAgB,CAAC,MAAM,GAAE,SAAgB;IAezC,YAAY,CAAC,MAAM,KAAA;IAInB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAe7C,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAepD,aAAa,EAAE,OAAO,CAAC,IAAI,CAAC,CAAQ;IAC9B,WAAW,CACf,iBAAiB,GAAE,MAAM,GAAG,IAAI,GAAG,SAAqB,EACxD,MAAM,GAAE,SAAgB;CAgB3B;AAED,eAAe,IAAI,CAAC"}
package/dist/oidcClient.d.ts CHANGED
@@ -2,7 +2,6 @@ import { ILOidcLocation } from './location';
2
2
  import { LoginCallback, Oidc } from './oidc.js';
3
3
  import { Tokens, ValidToken } from './parseTokens.js';
4
4
  import { Fetch, OidcConfiguration, StringMap } from './types.js';
5
-
6
5
  export interface EventSubscriber {
7
6
  (name: string, data: any): any;
8
7
  }
package/dist/parseTokens.d.ts CHANGED
@@ -1,5 +1,4 @@
1
1
  import { StringMap, TokenAutomaticRenewMode } from './types';
2
-
3
2
  export declare const parseJwt: (payload: string) => any;
4
3
  export type Tokens = {
5
4
  refreshToken: string;
package/dist/parseTokens.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"parseTokens.d.ts","sourceRoot":"","sources":["../src/parseTokens.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,uBAAuB,EAAE,MAAM,SAAS,CAAC;AAQ7D,eAAO,MAAM,QAAQ,YAAa,MAAM,QAC2C,CAAC;AAsBpF,MAAM,MAAM,MAAM,GAAG;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,GAAG,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,kBAAkB,EAAE,GAAG,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,gCAAgC,EAAE,MAAM,CAAC;IACzC,oBAAoB,EAAE,MAAM,CAAC;IAC7B,gBAAgB,EAAE,MAAM,CAAC;CAC1B,CAAC;AAEF,eAAO,MAAM,cAAc;;;;CAI1B,CAAC;AAkBF,eAAO,MAAM,SAAS,gDAA8C,MAAM,KAAG,MA8D5E,CAAC;AAEF,eAAO,MAAM,mBAAmB,gDAAuC,MAAM,WAkC5E,CAAC;AAEF,eAAO,MAAM,eAAe,4EAM3B,CAAC;AAEF,eAAO,MAAM,aAAa,0BAKzB,CAAC;AAEF,MAAM,MAAM,UAAU,GAAG;IACvB,aAAa,EAAE,OAAO,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,WAAW,SAAS;IACxB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE;QAAE,0BAA0B,CAAC,EAAE,uBAAuB,CAAA;KAAE,CAAC;IACxE,gBAAgB,EAAE,CAAC,MAAM,EAAE,SAAS,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACxD;AAED,eAAO,MAAM,kBAAkB,SACvB,SAAS,2CAGd,QAAQ,UAAU,CAuBpB,CAAC;AAIF,eAAO,MAAM,iBAAiB;;;CAuC7B,CAAC"}
1
+ {"version":3,"file":"parseTokens.d.ts","sourceRoot":"","sources":["../src/parseTokens.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,uBAAuB,EAAE,MAAM,SAAS,CAAC;AAQ7D,eAAO,MAAM,QAAQ,YAAa,MAAM,QAC2C,CAAC;AAsBpF,MAAM,MAAM,MAAM,GAAG;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,GAAG,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,kBAAkB,EAAE,GAAG,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;CAClB,CAAC;AAEF,MAAM,MAAM,kBAAkB,GAAG;IAC/B,gCAAgC,EAAE,MAAM,CAAC;IACzC,oBAAoB,EAAE,MAAM,CAAC;IAC7B,gBAAgB,EAAE,MAAM,CAAC;CAC1B,CAAC;AAEF,eAAO,MAAM,cAAc;;;;CAI1B,CAAC;AAkBF,eAAO,MAAM,SAAS,gDAA8C,MAAM,KAAG,MA8D5E,CAAC;AAEF,eAAO,MAAM,mBAAmB,gDAAuC,MAAM,WAkC5E,CAAC;AAEF,eAAO,MAAM,eAAe,4EAM3B,CAAC;AAEF,eAAO,MAAM,aAAa,0BAKzB,CAAC;AAEF,MAAM,MAAM,UAAU,GAAG;IACvB,aAAa,EAAE,OAAO,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,WAAW,SAAS;IACxB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,aAAa,EAAE;QAAE,0BAA0B,CAAC,EAAE,uBAAuB,CAAA;KAAE,CAAC;IACxE,gBAAgB,EAAE,CAAC,MAAM,EAAE,SAAS,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACxD;AAED,eAAO,MAAM,kBAAkB,SACvB,SAAS,2CAGd,OAAO,CAAC,UAAU,CAuBpB,CAAC;AAIF,eAAO,MAAM,iBAAiB;;;CAuC7B,CAAC"}
package/dist/renewTokens.d.ts CHANGED
@@ -1,7 +1,6 @@
1
1
  import { default as Oidc } from './oidc.js';
2
2
  import { Tokens } from './parseTokens.js';
3
3
  import { OidcConfiguration, StringMap } from './types.js';
4
-
5
4
  export declare function renewTokensAndStartTimerAsync(oidc: any, forceRefresh?: boolean, extras?: StringMap): Promise<any>;
6
5
  export declare const autoRenewTokens: (oidc: Oidc, expiresAt: any, extras?: StringMap) => NodeJS.Timeout;
7
6
  export declare const synchroniseTokensStatus: {
package/dist/renewTokens.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"renewTokens.d.ts","sourceRoot":"","sources":["../src/renewTokens.ts"],"names":[],"mappings":";AAGA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAiD,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAIzF,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAA2B,MAAM,YAAY,CAAC;AAmDnF,wBAAsB,6BAA6B,CACjD,IAAI,KAAA,EACJ,YAAY,UAAQ,EACpB,MAAM,GAAE,SAAgB,gBAgCzB;AAED,eAAO,MAAM,eAAe,SAAU,IAAI,2BAAqB,SAAS,mBASvE,CAAC;AAEF,eAAO,MAAM,uBAAuB;;;;;;;;CAQnC,CAAC;AAEF,eAAO,MAAM,mBAAmB,SACvB,IAAI,qBAEM,iBAAiB,qBACb,MAAM,iBACV,MAAM;;;;;;EA4EtB,CAAC"}
1
+ {"version":3,"file":"renewTokens.d.ts","sourceRoot":"","sources":["../src/renewTokens.ts"],"names":[],"mappings":"AAGA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAiD,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAIzF,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAA2B,MAAM,YAAY,CAAC;AAmDnF,wBAAsB,6BAA6B,CACjD,IAAI,KAAA,EACJ,YAAY,UAAQ,EACpB,MAAM,GAAE,SAAgB,gBAgCzB;AAED,eAAO,MAAM,eAAe,SAAU,IAAI,2BAAqB,SAAS,mBASvE,CAAC;AAEF,eAAO,MAAM,uBAAuB;;;;;;;;CAQnC,CAAC;AAEF,eAAO,MAAM,mBAAmB,SACvB,IAAI,qBAEM,iBAAiB,qBACb,MAAM,iBACV,MAAM;;;;;;EA4EtB,CAAC"}
package/dist/requests.d.ts CHANGED
@@ -1,7 +1,6 @@
1
1
  import { ILOidcLocation } from './location';
2
2
  import { OidcAuthorizationServiceConfiguration } from './oidc.js';
3
3
  import { Fetch, StringMap } from './types.js';
4
-
5
4
  export declare const fetchFromIssuer: (fetch: any) => (openIdIssuerUrl: string, timeCacheSecond?: number, storage?: Storage, timeoutMs?: number) => Promise<OidcAuthorizationServiceConfiguration>;
6
5
  export declare const TOKEN_TYPE: {
7
6
  refresh_token: string;
package/dist/requests.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"requests.d.ts","sourceRoot":"","sources":["../src/requests.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAC5C,OAAO,EAAE,qCAAqC,EAAE,MAAM,WAAW,CAAC;AAElE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAG9C,eAAO,MAAM,eAAe,oCAGP,MAAM,sEAItB,QAAQ,qCAAqC,CAkB/C,CAAC;AAyBJ,eAAO,MAAM,UAAU;;;CAGtB,CAAC;AAEF,eAAO,MAAM,6BAA6B,sFAO9B,SAAS;;EAuClB,CAAC;AAEJ,KAAK,2BAA2B,GAAG;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,GAAG,CAAC;IACX,mCAAmC,CAAC,EAAE,MAAM,CAAC;CAC9C,CAAC;AAEF,eAAO,MAAM,wBAAwB,UAC3B,KAAK,WAEN,MAAM,gFAKK,MAAM,yBAErB,QAAQ,2BAA2B,CAgDrC,CAAC;AAEJ,eAAO,MAAM,gCAAgC,YACjC,GAAG,gBAAgB,cAAc,wBAAyB,SAAS,kBAoB5E,CAAC;AAGJ,eAAO,MAAM,6BAA6B,YAC9B,GAAG,yEAC8C,MAAM;;;;;;;;;;;;EAyChE,CAAC"}
1
+ {"version":3,"file":"requests.d.ts","sourceRoot":"","sources":["../src/requests.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAC5C,OAAO,EAAE,qCAAqC,EAAE,MAAM,WAAW,CAAC;AAElE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAG9C,eAAO,MAAM,eAAe,oCAGP,MAAM,sEAItB,OAAO,CAAC,qCAAqC,CAkB/C,CAAC;AAyBJ,eAAO,MAAM,UAAU;;;CAGtB,CAAC;AAEF,eAAO,MAAM,6BAA6B,sFAO9B,SAAS;;EAuClB,CAAC;AAEJ,KAAK,2BAA2B,GAAG;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,GAAG,CAAC;IACX,mCAAmC,CAAC,EAAE,MAAM,CAAC;CAC9C,CAAC;AAEF,eAAO,MAAM,wBAAwB,UAC3B,KAAK,WAEN,MAAM,gFAKK,MAAM,yBAErB,OAAO,CAAC,2BAA2B,CAgDrC,CAAC;AAEJ,eAAO,MAAM,gCAAgC,YACjC,GAAG,gBAAgB,cAAc,wBAAyB,SAAS,kBAoB5E,CAAC;AAGJ,eAAO,MAAM,6BAA6B,YAC9B,GAAG,yEAC8C,MAAM;;;;;;;;;;;;EAyChE,CAAC"}
package/dist/silentLogin.d.ts CHANGED
@@ -1,6 +1,5 @@
1
1
  import { Tokens } from './parseTokens.js';
2
2
  import { OidcConfiguration, StringMap } from './types.js';
3
-
4
3
  export type SilentLoginResponse = {
5
4
  tokens: Tokens;
6
5
  sessionState: string;
@@ -8,6 +7,6 @@ export type SilentLoginResponse = {
8
7
  };
9
8
  export type PublishEventFunction = (eventName: string, eventData: any) => void;
10
9
  export declare const _silentLoginAsync: (configurationName: string, configuration: OidcConfiguration, publishEvent: PublishEventFunction) => (extras?: StringMap, state?: string, scope?: string) => Promise<SilentLoginResponse>;
11
- export declare const defaultSilentLoginAsync: (window: any, configurationName: any, configuration: OidcConfiguration, publishEvent: (string, any) => void, oidc: any) => (extras?: StringMap, scope?: string) => Promise<unknown>;
10
+ export declare const defaultSilentLoginAsync: (window: any, configurationName: any, configuration: OidcConfiguration, publishEvent: (string: any, any: any) => void, oidc: any) => (extras?: StringMap, scope?: string) => Promise<unknown>;
12
11
  export default defaultSilentLoginAsync;
13
12
  //# sourceMappingURL=silentLogin.d.ts.map
package/dist/silentLogin.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"silentLogin.d.ts","sourceRoot":"","sources":["../src/silentLogin.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAG1C,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAC1D,MAAM,MAAM,mBAAmB,GAAG;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,IAAI,CAAC;AAE/E,eAAO,MAAM,iBAAiB,sBAEP,MAAM,iBACV,iBAAiB,gBAClB,oBAAoB,eAG1B,SAAS,UACV,MAAM,UACN,MAAM,KACZ,QAAQ,mBAAmB,CAsG7B,CAAC;AAEJ,eAAO,MAAM,uBAAuB,uDAIjB,iBAAiB,gBAClB,CAAC,MAAM,EAAE,GAAG,KAAK,IAAI,QAC7B,GAAG,eAEF,SAAS,UAAgB,MAAM,qBA6CvC,CAAC;AAEJ,eAAe,uBAAuB,CAAC"}
1
+ {"version":3,"file":"silentLogin.d.ts","sourceRoot":"","sources":["../src/silentLogin.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAG1C,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAC1D,MAAM,MAAM,mBAAmB,GAAG;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;CACf,CAAC;AAEF,MAAM,MAAM,oBAAoB,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,KAAK,IAAI,CAAC;AAE/E,eAAO,MAAM,iBAAiB,sBAEP,MAAM,iBACV,iBAAiB,gBAClB,oBAAoB,eAG1B,SAAS,UACV,MAAM,UACN,MAAM,KACZ,OAAO,CAAC,mBAAmB,CAsG7B,CAAC;AAEJ,eAAO,MAAM,uBAAuB,uDAIjB,iBAAiB,gBAClB,CAAC,MAAM,KAAA,EAAE,GAAG,KAAA,KAAK,IAAI,QAC7B,GAAG,eAEF,SAAS,UAAgB,MAAM,qBA6CvC,CAAC;AAEJ,eAAe,uBAAuB,CAAC"}
package/dist/user.d.ts CHANGED
@@ -1,4 +1,3 @@
1
1
  import { default as Oidc } from './oidc';
2
-
3
2
  export declare const userInfoAsync: (oidc: Oidc) => (noCache?: boolean, demonstrating_proof_of_possession?: boolean) => Promise<any>;
4
3
  //# sourceMappingURL=user.d.ts.map
package/dist/version.d.ts CHANGED
@@ -1,3 +1,3 @@
1
- declare const _default: "7.22.22";
1
+ declare const _default: "7.22.24";
2
2
  export default _default;
3
3
  //# sourceMappingURL=version.d.ts.map
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@axa-fr/oidc-client",
3
- "version": "7.22.22",
3
+ "version": "7.22.24",
4
4
  "private": false,
5
5
  "type": "module",
6
6
  "main": "./dist/index.umd.cjs",
@@ -20,20 +20,20 @@
20
20
  "url": "https://github.com/AxaFrance/oidc-client.git"
21
21
  },
22
22
  "dependencies": {
23
- "@axa-fr/oidc-client-service-worker": "7.22.22"
23
+ "@axa-fr/oidc-client-service-worker": "7.22.24"
24
24
  },
25
25
  "devDependencies": {
26
- "@testing-library/dom": "10.1.0",
27
- "@testing-library/jest-dom": "6.4.5",
28
- "@testing-library/react": "15.0.7",
29
- "@vitest/coverage-v8": "1.6.0",
30
- "cpy": "11.0.1",
26
+ "@testing-library/dom": "10.4.0",
27
+ "@testing-library/jest-dom": "6.5.0",
28
+ "@testing-library/react": "16.0.1",
29
+ "@vitest/coverage-v8": "2.0.5",
30
+ "cpy": "11.1.0",
31
31
  "cpy-cli": "^5.0.0",
32
- "rimraf": "5.0.7",
33
- "typescript": "5.4.5",
34
- "vite": "5.2.11",
35
- "vite-plugin-dts": "3.9.1",
36
- "vitest": "1.6.0"
32
+ "rimraf": "6.0.1",
33
+ "typescript": "5.5.4",
34
+ "vite": "5.4.2",
35
+ "vite-plugin-dts": "4.1.0",
36
+ "vitest": "2.0.5"
37
37
  },
38
38
  "keywords": [
39
39
  "oidc",
package/src/initWorker.ts CHANGED
@@ -90,7 +90,10 @@ const sendMessageAsync =
90
90
  });
91
91
  };
92
92
 
93
- export const initWorkerAsync = async (configuration, configurationName) => {
93
+ export const initWorkerAsync = async (
94
+ configuration: OidcConfiguration,
95
+ configurationName: string,
96
+ ) => {
94
97
  const serviceWorkerRelativeUrl = configuration.service_worker_relative_url;
95
98
  if (
96
99
  typeof window === 'undefined' ||
@@ -106,7 +109,7 @@ export const initWorkerAsync = async (configuration, configurationName) => {
106
109
  }
107
110
 
108
111
  let registration = null;
109
- if (configuration.register) {
112
+ if (configuration.service_worker_register) {
110
113
  registration = await configuration.service_worker_register(serviceWorkerRelativeUrl);
111
114
  } else {
112
115
  registration = await navigator.serviceWorker.register(serviceWorkerRelativeUrl);
package/src/version.ts CHANGED
@@ -1 +1 @@
1
- export default '7.22.22';
1
+ export default '7.22.24';