@axa-fr/oidc-client 7.22.27 → 7.22.28
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/fetch.d.ts.map +1 -1
- package/dist/index.js +177 -167
- package/dist/index.umd.cjs +2 -2
- package/dist/oidcClient.d.ts.map +1 -1
- package/dist/parseTokens.d.ts +1 -1
- package/dist/parseTokens.d.ts.map +1 -1
- package/dist/version.d.ts +1 -1
- package/package.json +2 -2
- package/src/fetch.ts +5 -1
- package/src/oidcClient.ts +12 -2
- package/src/parseTokens.spec.ts +10 -8
- package/src/parseTokens.ts +7 -5
- package/src/version.ts +1 -1
package/dist/index.js
CHANGED
|
@@ -88,9 +88,9 @@ const m = {
|
|
|
88
88
|
n[`oidc.session_state.${e}`] = h;
|
|
89
89
|
}, r = async () => n[`oidc.session_state.${e}`], a = (h) => {
|
|
90
90
|
n[`oidc.nonce.${e}`] = h.nonce;
|
|
91
|
-
},
|
|
91
|
+
}, u = (h) => {
|
|
92
92
|
n[`oidc.jwk.${e}`] = JSON.stringify(h);
|
|
93
|
-
}, f = () => JSON.parse(n[`oidc.jwk.${e}`]),
|
|
93
|
+
}, f = () => JSON.parse(n[`oidc.jwk.${e}`]), l = async () => ({ nonce: n[`oidc.nonce.${e}`] }), c = async (h) => {
|
|
94
94
|
n[`oidc.dpop_nonce.${e}`] = h;
|
|
95
95
|
}, _ = () => n[`oidc.dpop_nonce.${e}`], d = () => n[`oidc.${e}`] ? JSON.stringify({ tokens: JSON.parse(n[`oidc.${e}`]).tokens }) : null, y = {};
|
|
96
96
|
return {
|
|
@@ -101,7 +101,7 @@ const m = {
|
|
|
101
101
|
setSessionStateAsync: i,
|
|
102
102
|
getSessionStateAsync: r,
|
|
103
103
|
setNonceAsync: a,
|
|
104
|
-
getNonceAsync:
|
|
104
|
+
getNonceAsync: l,
|
|
105
105
|
setLoginParams: (h) => {
|
|
106
106
|
y[e] = h, n[`oidc.login.${e}`] = JSON.stringify(h);
|
|
107
107
|
},
|
|
@@ -121,7 +121,7 @@ const m = {
|
|
|
121
121
|
},
|
|
122
122
|
setDemonstratingProofOfPossessionNonce: c,
|
|
123
123
|
getDemonstratingProofOfPossessionNonce: _,
|
|
124
|
-
setDemonstratingProofOfPossessionJwkAsync:
|
|
124
|
+
setDemonstratingProofOfPossessionJwkAsync: u,
|
|
125
125
|
getDemonstratingProofOfPossessionJwkAsync: f
|
|
126
126
|
};
|
|
127
127
|
};
|
|
@@ -155,11 +155,11 @@ const te = (e, n = null, s) => {
|
|
|
155
155
|
e.accessTokenPayload !== void 0 ? t = e.accessTokenPayload : t = ce(e.accessToken);
|
|
156
156
|
let i;
|
|
157
157
|
n != null && "idToken" in n && !("idToken" in e) ? i = n.idToken : i = e.idToken;
|
|
158
|
-
const r = e.idTokenPayload ? e.idTokenPayload : ce(i), a = r && r.exp ? r.exp : Number.MAX_VALUE,
|
|
158
|
+
const r = e.idTokenPayload ? e.idTokenPayload : ce(i), a = r && r.exp ? r.exp : Number.MAX_VALUE, u = t && t.exp ? t.exp : e.issuedAt + o;
|
|
159
159
|
e.issuedAt = xe(e, t, r);
|
|
160
160
|
let f;
|
|
161
|
-
e.expiresAt ? f = e.expiresAt : s === Q.access_token_invalid ? f =
|
|
162
|
-
const
|
|
161
|
+
e.expiresAt ? f = e.expiresAt : s === Q.access_token_invalid ? f = u : s === Q.id_token_invalid ? f = a : f = a < u ? a : u;
|
|
162
|
+
const l = {
|
|
163
163
|
...e,
|
|
164
164
|
idTokenPayload: r,
|
|
165
165
|
accessTokenPayload: t,
|
|
@@ -168,9 +168,9 @@ const te = (e, n = null, s) => {
|
|
|
168
168
|
};
|
|
169
169
|
if (n != null && "refreshToken" in n && !("refreshToken" in e)) {
|
|
170
170
|
const c = n.refreshToken;
|
|
171
|
-
return { ...
|
|
171
|
+
return { ...l, refreshToken: c };
|
|
172
172
|
}
|
|
173
|
-
return
|
|
173
|
+
return l;
|
|
174
174
|
}, oe = (e, n, s) => {
|
|
175
175
|
if (!e)
|
|
176
176
|
return null;
|
|
@@ -187,18 +187,18 @@ const te = (e, n = null, s) => {
|
|
|
187
187
|
issuedAt: e.issued_at
|
|
188
188
|
};
|
|
189
189
|
return "refresh_token" in e && (t.refreshToken = e.refresh_token), e.accessTokenPayload !== void 0 && (t.accessTokenPayload = e.accessTokenPayload), e.idTokenPayload !== void 0 && (t.idTokenPayload = e.idTokenPayload), te(t, n, s);
|
|
190
|
-
},
|
|
190
|
+
}, V = (e, n) => {
|
|
191
191
|
const s = (/* @__PURE__ */ new Date()).getTime() / 1e3, t = n - s;
|
|
192
192
|
return Math.round(t - e);
|
|
193
|
-
}, le = (e, n = 0) => e ?
|
|
193
|
+
}, le = (e, n = 0) => e ? V(n, e.expiresAt) > 0 : !1, ke = async (e, n = 200, s = 50) => {
|
|
194
194
|
let t = s;
|
|
195
|
-
if (!e.
|
|
195
|
+
if (!e.getTokens())
|
|
196
196
|
return null;
|
|
197
197
|
for (; !le(
|
|
198
|
-
e.
|
|
198
|
+
e.getTokens(),
|
|
199
199
|
e.configuration.refresh_time_before_tokens_expiration_in_second
|
|
200
200
|
) && t > 0; ) {
|
|
201
|
-
if (e.configuration.token_automatic_renew_mode == J.AutomaticOnlyWhenFetchExecuted) {
|
|
201
|
+
if (console.log("getValidTokenAsync wait and return value"), console.log(e.getTokens()), e.configuration.token_automatic_renew_mode == J.AutomaticOnlyWhenFetchExecuted) {
|
|
202
202
|
await e.renewTokensAsync({});
|
|
203
203
|
break;
|
|
204
204
|
} else
|
|
@@ -206,8 +206,8 @@ const te = (e, n = null, s) => {
|
|
|
206
206
|
t = t - 1;
|
|
207
207
|
}
|
|
208
208
|
return {
|
|
209
|
-
isTokensValid: le(e.
|
|
210
|
-
tokens: e.
|
|
209
|
+
isTokensValid: le(e.getTokens()),
|
|
210
|
+
tokens: e.getTokens(),
|
|
211
211
|
numberWaited: t - s
|
|
212
212
|
};
|
|
213
213
|
}, me = (e, n, s) => {
|
|
@@ -245,7 +245,7 @@ const te = (e, n = null, s) => {
|
|
|
245
245
|
setInterval: setInterval.bind(e),
|
|
246
246
|
clearInterval: clearInterval.bind(e)
|
|
247
247
|
};
|
|
248
|
-
}(), ue = "7.22.
|
|
248
|
+
}(), ue = "7.22.28";
|
|
249
249
|
let _e = null, j;
|
|
250
250
|
const X = ({ milliseconds: e }) => new Promise((n) => K.setTimeout(n, e)), pe = (e = "/") => {
|
|
251
251
|
try {
|
|
@@ -319,7 +319,7 @@ const X = ({ milliseconds: e }) => new Promise((n) => K.setTimeout(n, e)), pe =
|
|
|
319
319
|
type: "setSessionState",
|
|
320
320
|
data: { sessionState: g },
|
|
321
321
|
configurationName: n
|
|
322
|
-
}),
|
|
322
|
+
}), u = async () => (await O(t)({
|
|
323
323
|
type: "getSessionState",
|
|
324
324
|
data: null,
|
|
325
325
|
configurationName: n
|
|
@@ -327,7 +327,7 @@ const X = ({ milliseconds: e }) => new Promise((n) => K.setTimeout(n, e)), pe =
|
|
|
327
327
|
type: "setNonce",
|
|
328
328
|
data: { nonce: g },
|
|
329
329
|
configurationName: n
|
|
330
|
-
})),
|
|
330
|
+
})), l = async () => {
|
|
331
331
|
let A = (await O(t)({
|
|
332
332
|
type: "getNonce",
|
|
333
333
|
data: null,
|
|
@@ -341,9 +341,9 @@ const X = ({ milliseconds: e }) => new Promise((n) => K.setTimeout(n, e)), pe =
|
|
|
341
341
|
startKeepAliveServiceWorker: () => r(e.service_worker_keep_alive_path),
|
|
342
342
|
isServiceWorkerProxyActiveAsync: () => Le(e.service_worker_keep_alive_path),
|
|
343
343
|
setSessionStateAsync: a,
|
|
344
|
-
getSessionStateAsync:
|
|
344
|
+
getSessionStateAsync: u,
|
|
345
345
|
setNonceAsync: f,
|
|
346
|
-
getNonceAsync:
|
|
346
|
+
getNonceAsync: l,
|
|
347
347
|
setLoginParams: (g) => {
|
|
348
348
|
c[n] = g, localStorage[`oidc.login.${n}`] = JSON.stringify(g);
|
|
349
349
|
},
|
|
@@ -437,7 +437,7 @@ const ie = (e) => {
|
|
|
437
437
|
function fe(e) {
|
|
438
438
|
return Ae(Ue(e));
|
|
439
439
|
}
|
|
440
|
-
const
|
|
440
|
+
const Ve = {
|
|
441
441
|
importKeyAlgorithm: {
|
|
442
442
|
name: "ECDSA",
|
|
443
443
|
namedCurve: "P-256",
|
|
@@ -450,7 +450,7 @@ const Fe = {
|
|
|
450
450
|
},
|
|
451
451
|
digestAlgorithm: { name: "SHA-256" },
|
|
452
452
|
jwtHeaderAlgorithm: "ES256"
|
|
453
|
-
},
|
|
453
|
+
}, Fe = (e) => async (n, s, t, o, i = "dpop+jwt") => {
|
|
454
454
|
switch (n = Object.assign({}, n), s.typ = i, s.alg = o.jwtHeaderAlgorithm, s.alg) {
|
|
455
455
|
case "ES256":
|
|
456
456
|
s.jwk = { kty: n.kty, crv: n.crv, x: n.x, y: n.y };
|
|
@@ -468,9 +468,9 @@ const Fe = {
|
|
|
468
468
|
// @ts-ignore
|
|
469
469
|
// JWT "claims" are really a JSON-defined JWS "payload"
|
|
470
470
|
payload: fe(JSON.stringify(t))
|
|
471
|
-
}, a = o.importKeyAlgorithm,
|
|
471
|
+
}, a = o.importKeyAlgorithm, u = !0, f = ["sign"], l = await e.crypto.subtle.importKey("jwk", n, a, u, f), c = we(`${r.protected}.${r.payload}`), _ = o.signAlgorithm, d = await e.crypto.subtle.sign(_, l, c);
|
|
472
472
|
return r.signature = ie(new Uint8Array(d)), `${r.protected}.${r.payload}.${r.signature}`;
|
|
473
|
-
}, Je = { sign:
|
|
473
|
+
}, Je = { sign: Fe }, Me = (e) => async (n) => {
|
|
474
474
|
const s = n, t = !0, o = ["sign", "verify"], i = await e.crypto.subtle.generateKey(s, t, o);
|
|
475
475
|
return await e.crypto.subtle.exportKey("jwk", i.privateKey);
|
|
476
476
|
}, Be = (e) => {
|
|
@@ -517,7 +517,7 @@ const Fe = {
|
|
|
517
517
|
for (let o = 0; o < 36; o++)
|
|
518
518
|
e[o] !== "-" && e[o] !== "4" && (s = Math.random() * 16 | 0), e[o] === "x" ? t += n[s] : e[o] === "y" ? (s &= 3, s |= 8, t += n[s]) : t += e[o];
|
|
519
519
|
return t;
|
|
520
|
-
},
|
|
520
|
+
}, Te = () => {
|
|
521
521
|
const e = typeof window < "u" && !!window.crypto, n = e && !!window.crypto.subtle;
|
|
522
522
|
return { hasCrypto: e, hasSubtleCrypto: n };
|
|
523
523
|
}, Z = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", Xe = (e) => {
|
|
@@ -528,7 +528,7 @@ const Fe = {
|
|
|
528
528
|
}
|
|
529
529
|
return n.join("");
|
|
530
530
|
}, ee = (e) => {
|
|
531
|
-
const n = new Uint8Array(e), { hasCrypto: s } =
|
|
531
|
+
const n = new Uint8Array(e), { hasCrypto: s } = Te();
|
|
532
532
|
if (s)
|
|
533
533
|
window.crypto.getRandomValues(n);
|
|
534
534
|
else
|
|
@@ -542,7 +542,7 @@ function ze(e) {
|
|
|
542
542
|
s[t] = e.charCodeAt(t);
|
|
543
543
|
return s;
|
|
544
544
|
}
|
|
545
|
-
function
|
|
545
|
+
function ve(e) {
|
|
546
546
|
return new Promise((n, s) => {
|
|
547
547
|
crypto.subtle.digest("SHA-256", ze(e)).then(
|
|
548
548
|
(t) => n(ie(new Uint8Array(t))),
|
|
@@ -553,16 +553,16 @@ function Te(e) {
|
|
|
553
553
|
const Qe = (e) => {
|
|
554
554
|
if (e.length < 43 || e.length > 128)
|
|
555
555
|
return Promise.reject(new Error("Invalid code length."));
|
|
556
|
-
const { hasSubtleCrypto: n } =
|
|
557
|
-
return n ?
|
|
556
|
+
const { hasSubtleCrypto: n } = Te();
|
|
557
|
+
return n ? ve(e) : Promise.reject(new Error("window.crypto.subtle is unavailable."));
|
|
558
558
|
}, Ze = 60 * 60, en = (e) => async (n, s = Ze, t = window.sessionStorage, o = 1e4) => {
|
|
559
559
|
const i = `${n}/.well-known/openid-configuration`, r = `oidc.server:${n}`, a = $e(r, t, s);
|
|
560
560
|
if (a)
|
|
561
561
|
return new se(a);
|
|
562
|
-
const
|
|
563
|
-
if (
|
|
562
|
+
const u = await B(e)(i, {}, o);
|
|
563
|
+
if (u.status !== 200)
|
|
564
564
|
return null;
|
|
565
|
-
const f = await
|
|
565
|
+
const f = await u.json();
|
|
566
566
|
return Ke(r, f, t), new se(f);
|
|
567
567
|
}, B = (e) => async (n, s = {}, t = 1e4, o = 0) => {
|
|
568
568
|
let i;
|
|
@@ -589,12 +589,12 @@ const Qe = (e) => {
|
|
|
589
589
|
};
|
|
590
590
|
for (const [c, _] of Object.entries(i))
|
|
591
591
|
a[c] === void 0 && (a[c] = _);
|
|
592
|
-
const
|
|
592
|
+
const u = [];
|
|
593
593
|
for (const c in a) {
|
|
594
594
|
const _ = encodeURIComponent(c), d = encodeURIComponent(a[c]);
|
|
595
|
-
|
|
595
|
+
u.push(`${_}=${d}`);
|
|
596
596
|
}
|
|
597
|
-
const f =
|
|
597
|
+
const f = u.join("&");
|
|
598
598
|
return (await B(e)(
|
|
599
599
|
n,
|
|
600
600
|
{
|
|
@@ -611,12 +611,12 @@ const Qe = (e) => {
|
|
|
611
611
|
}, nn = (e) => async (n, s, t, o, i = {}, r, a = 1e4) => {
|
|
612
612
|
for (const [d, y] of Object.entries(t))
|
|
613
613
|
s[d] === void 0 && (s[d] = y);
|
|
614
|
-
const
|
|
614
|
+
const u = [];
|
|
615
615
|
for (const d in s) {
|
|
616
616
|
const y = encodeURIComponent(d), p = encodeURIComponent(s[d]);
|
|
617
|
-
|
|
617
|
+
u.push(`${y}=${p}`);
|
|
618
618
|
}
|
|
619
|
-
const f =
|
|
619
|
+
const f = u.join("&"), l = await B(e)(
|
|
620
620
|
n,
|
|
621
621
|
{
|
|
622
622
|
method: "POST",
|
|
@@ -628,19 +628,19 @@ const Qe = (e) => {
|
|
|
628
628
|
},
|
|
629
629
|
a
|
|
630
630
|
);
|
|
631
|
-
if (
|
|
631
|
+
if (l.status !== 200)
|
|
632
632
|
return {
|
|
633
633
|
success: !1,
|
|
634
|
-
status:
|
|
634
|
+
status: l.status,
|
|
635
635
|
demonstratingProofOfPossessionNonce: null
|
|
636
636
|
};
|
|
637
|
-
const c = await
|
|
637
|
+
const c = await l.json();
|
|
638
638
|
let _ = null;
|
|
639
|
-
return
|
|
639
|
+
return l.headers.has(G) && (_ = l.headers.get(
|
|
640
640
|
G
|
|
641
641
|
)), {
|
|
642
642
|
success: !0,
|
|
643
|
-
status:
|
|
643
|
+
status: l.status,
|
|
644
644
|
data: oe(c, o, r),
|
|
645
645
|
demonstratingProofOfPossessionNonce: _
|
|
646
646
|
};
|
|
@@ -650,8 +650,8 @@ const Qe = (e) => {
|
|
|
650
650
|
await e.setCodeVerifierAsync(o), await e.setStateAsync(t.state), t.code_challenge = i, t.code_challenge_method = "S256";
|
|
651
651
|
let r = "";
|
|
652
652
|
if (t)
|
|
653
|
-
for (const [a,
|
|
654
|
-
r === "" ? r += "?" : r += "&", r += `${a}=${encodeURIComponent(
|
|
653
|
+
for (const [a, u] of Object.entries(t))
|
|
654
|
+
r === "" ? r += "?" : r += "&", r += `${a}=${encodeURIComponent(u)}`;
|
|
655
655
|
n.open(`${s}${r}`);
|
|
656
656
|
}, G = "DPoP-Nonce", tn = (e) => async (n, s, t, o, i = 1e4) => {
|
|
657
657
|
s = s ? { ...s } : {}, s.code_verifier = await e.getCodeVerifierAsync();
|
|
@@ -660,7 +660,7 @@ const Qe = (e) => {
|
|
|
660
660
|
const _ = encodeURIComponent(c), d = encodeURIComponent(s[c]);
|
|
661
661
|
r.push(`${_}=${d}`);
|
|
662
662
|
}
|
|
663
|
-
const a = r.join("&"),
|
|
663
|
+
const a = r.join("&"), u = await B(fetch)(
|
|
664
664
|
n,
|
|
665
665
|
{
|
|
666
666
|
method: "POST",
|
|
@@ -672,18 +672,18 @@ const Qe = (e) => {
|
|
|
672
672
|
},
|
|
673
673
|
i
|
|
674
674
|
);
|
|
675
|
-
if (await Promise.all([e.setCodeVerifierAsync(null), e.setStateAsync(null)]),
|
|
676
|
-
return { success: !1, status:
|
|
675
|
+
if (await Promise.all([e.setCodeVerifierAsync(null), e.setStateAsync(null)]), u.status !== 200)
|
|
676
|
+
return { success: !1, status: u.status };
|
|
677
677
|
let f = null;
|
|
678
|
-
|
|
678
|
+
u.headers.has(G) && (f = u.headers.get(
|
|
679
679
|
G
|
|
680
680
|
));
|
|
681
|
-
const
|
|
681
|
+
const l = await u.json();
|
|
682
682
|
return {
|
|
683
683
|
success: !0,
|
|
684
684
|
data: {
|
|
685
685
|
state: s.state,
|
|
686
|
-
tokens: oe(
|
|
686
|
+
tokens: oe(l, null, o),
|
|
687
687
|
demonstratingProofOfPossessionNonce: f
|
|
688
688
|
}
|
|
689
689
|
};
|
|
@@ -711,7 +711,7 @@ async function be(e, n = !1, s = null) {
|
|
|
711
711
|
a = await navigator.locks.request(
|
|
712
712
|
o,
|
|
713
713
|
{ ifAvailable: !0 },
|
|
714
|
-
async (
|
|
714
|
+
async (u) => u ? await he(e, n, s) : (e.publishEvent(C.eventNames.syncTokensAsync_lock_not_available, {
|
|
715
715
|
lock: "lock not available"
|
|
716
716
|
}), "retry")
|
|
717
717
|
);
|
|
@@ -722,7 +722,7 @@ async function be(e, n = !1, s = null) {
|
|
|
722
722
|
const M = (e, n, s = null) => {
|
|
723
723
|
const t = e.configuration.refresh_time_before_tokens_expiration_in_second;
|
|
724
724
|
return e.timeoutId && K.clearTimeout(e.timeoutId), K.setTimeout(async () => {
|
|
725
|
-
const i = { timeLeft:
|
|
725
|
+
const i = { timeLeft: V(t, n) };
|
|
726
726
|
e.publishEvent(C.eventNames.token_timer, i), await be(e, !1, s);
|
|
727
727
|
}, 1e3);
|
|
728
728
|
}, N = {
|
|
@@ -741,9 +741,9 @@ const M = (e, n, s = null) => {
|
|
|
741
741
|
const a = await e.initAsync(
|
|
742
742
|
n.authority,
|
|
743
743
|
n.authority_configuration
|
|
744
|
-
),
|
|
745
|
-
if (
|
|
746
|
-
const { status: c, tokens: _ } = await
|
|
744
|
+
), u = await I(n, s);
|
|
745
|
+
if (u) {
|
|
746
|
+
const { status: c, tokens: _ } = await u.initAsync(
|
|
747
747
|
a,
|
|
748
748
|
"syncTokensAsync",
|
|
749
749
|
n
|
|
@@ -755,13 +755,13 @@ const M = (e, n, s = null) => {
|
|
|
755
755
|
if (!c || !_)
|
|
756
756
|
return { tokens: null, status: "REQUIRE_SYNC_TOKENS", nonce: i };
|
|
757
757
|
if (_.issuedAt !== t.issuedAt) {
|
|
758
|
-
const y =
|
|
758
|
+
const y = V(
|
|
759
759
|
n.refresh_time_before_tokens_expiration_in_second,
|
|
760
760
|
_.expiresAt
|
|
761
|
-
) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", p = await
|
|
761
|
+
) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", p = await u.getNonceAsync();
|
|
762
762
|
return { tokens: _, status: y, nonce: p };
|
|
763
763
|
}
|
|
764
|
-
r = await
|
|
764
|
+
r = await u.getNonceAsync();
|
|
765
765
|
} else {
|
|
766
766
|
const c = P(s, n.storage ?? sessionStorage), _ = await c.initAsync();
|
|
767
767
|
let { tokens: d } = _;
|
|
@@ -770,7 +770,7 @@ const M = (e, n, s = null) => {
|
|
|
770
770
|
if (y === "SESSIONS_LOST")
|
|
771
771
|
return { tokens: null, status: "SESSIONS_LOST", nonce: i };
|
|
772
772
|
if (d.issuedAt !== t.issuedAt) {
|
|
773
|
-
const k =
|
|
773
|
+
const k = V(
|
|
774
774
|
n.refresh_time_before_tokens_expiration_in_second,
|
|
775
775
|
d.expiresAt
|
|
776
776
|
) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", b = await c.getNonceAsync();
|
|
@@ -779,11 +779,11 @@ const M = (e, n, s = null) => {
|
|
|
779
779
|
} else return { tokens: null, status: "LOGOUT_FROM_ANOTHER_TAB", nonce: i };
|
|
780
780
|
r = await c.getNonceAsync();
|
|
781
781
|
}
|
|
782
|
-
const
|
|
782
|
+
const l = V(
|
|
783
783
|
n.refresh_time_before_tokens_expiration_in_second,
|
|
784
784
|
t.expiresAt
|
|
785
785
|
) > 0 ? "TOKENS_VALID" : "TOKENS_INVALID";
|
|
786
|
-
return o ? { tokens: t, status: "FORCE_REFRESH", nonce: r } : { tokens: t, status:
|
|
786
|
+
return o ? { tokens: t, status: "FORCE_REFRESH", nonce: r } : { tokens: t, status: l, nonce: r };
|
|
787
787
|
}, H = (e) => async (n, s = 0, t = !1, o = null) => {
|
|
788
788
|
if (!navigator.onLine && document.hidden)
|
|
789
789
|
return { tokens: e.tokens, status: "GIVE_UP" };
|
|
@@ -794,17 +794,17 @@ const M = (e, n, s = null) => {
|
|
|
794
794
|
});
|
|
795
795
|
const r = s + 1;
|
|
796
796
|
o || (o = {});
|
|
797
|
-
const a = e.configuration,
|
|
797
|
+
const a = e.configuration, u = (l, c = null, _ = null) => re(
|
|
798
798
|
e.configurationName,
|
|
799
799
|
e.configuration,
|
|
800
800
|
e.publishEvent.bind(e)
|
|
801
|
-
)(
|
|
801
|
+
)(l, c, _), f = async () => {
|
|
802
802
|
try {
|
|
803
|
-
let
|
|
803
|
+
let l;
|
|
804
804
|
const c = await I(a, e.configurationName);
|
|
805
|
-
c ?
|
|
806
|
-
const _ = await
|
|
807
|
-
...
|
|
805
|
+
c ? l = c.getLoginParams() : l = P(e.configurationName, a.storage).getLoginParams();
|
|
806
|
+
const _ = await u({
|
|
807
|
+
...l.extras,
|
|
808
808
|
...o,
|
|
809
809
|
prompt: "none"
|
|
810
810
|
});
|
|
@@ -813,21 +813,21 @@ const M = (e, n, s = null) => {
|
|
|
813
813
|
}), { tokens: null, status: "SESSION_LOST" }) : (n(_.tokens), e.publishEvent(C.eventNames.token_renewed, {}), { tokens: _.tokens, status: "LOGGED" }) : (n(null), e.publishEvent(m.refreshTokensAsync_error, {
|
|
814
814
|
message: "refresh token silent not active"
|
|
815
815
|
}), { tokens: null, status: "SESSION_LOST" });
|
|
816
|
-
} catch (
|
|
817
|
-
return console.error(
|
|
816
|
+
} catch (l) {
|
|
817
|
+
return console.error(l), e.publishEvent(m.refreshTokensAsync_silent_error, {
|
|
818
818
|
message: "exceptionSilent",
|
|
819
|
-
exception:
|
|
819
|
+
exception: l.message
|
|
820
820
|
}), await H(e)(n, r, t, o);
|
|
821
821
|
}
|
|
822
822
|
};
|
|
823
823
|
try {
|
|
824
|
-
const { status:
|
|
824
|
+
const { status: l, tokens: c, nonce: _ } = await on(e)(
|
|
825
825
|
a,
|
|
826
826
|
e.configurationName,
|
|
827
827
|
e.tokens,
|
|
828
828
|
t
|
|
829
829
|
);
|
|
830
|
-
switch (
|
|
830
|
+
switch (l) {
|
|
831
831
|
case N.SESSION_LOST:
|
|
832
832
|
return n(null), e.publishEvent(m.refreshTokensAsync_error, {
|
|
833
833
|
message: "refresh token session lost"
|
|
@@ -845,29 +845,29 @@ const M = (e, n, s = null) => {
|
|
|
845
845
|
status: "session syncTokensAsync"
|
|
846
846
|
}), { tokens: null, status: "LOGGED_OUT" };
|
|
847
847
|
case N.REQUIRE_SYNC_TOKENS:
|
|
848
|
-
return a.token_automatic_renew_mode == J.AutomaticOnlyWhenFetchExecuted && N.FORCE_REFRESH !==
|
|
848
|
+
return a.token_automatic_renew_mode == J.AutomaticOnlyWhenFetchExecuted && N.FORCE_REFRESH !== l ? (e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh, {}), { tokens: e.tokens, status: "GIVE_UP" }) : (e.publishEvent(m.refreshTokensAsync_begin, { tryNumber: s }), await f());
|
|
849
849
|
default: {
|
|
850
|
-
if (a.token_automatic_renew_mode == J.AutomaticOnlyWhenFetchExecuted && N.FORCE_REFRESH !==
|
|
850
|
+
if (a.token_automatic_renew_mode == J.AutomaticOnlyWhenFetchExecuted && N.FORCE_REFRESH !== l)
|
|
851
851
|
return e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh, {}), { tokens: e.tokens, status: "GIVE_UP" };
|
|
852
852
|
if (e.publishEvent(m.refreshTokensAsync_begin, {
|
|
853
853
|
refreshToken: c.refreshToken,
|
|
854
|
-
status:
|
|
854
|
+
status: l,
|
|
855
855
|
tryNumber: s
|
|
856
856
|
}), !c.refreshToken)
|
|
857
857
|
return await f();
|
|
858
858
|
const d = a.client_id, y = a.redirect_uri, p = a.authority, b = { ...a.token_request_extras ? a.token_request_extras : {} };
|
|
859
|
-
for (const [w,
|
|
860
|
-
w.endsWith(":token_request") && (b[w.replace(":token_request", "")] =
|
|
859
|
+
for (const [w, T] of Object.entries(o))
|
|
860
|
+
w.endsWith(":token_request") && (b[w.replace(":token_request", "")] = T);
|
|
861
861
|
return await (async () => {
|
|
862
862
|
const w = {
|
|
863
863
|
client_id: d,
|
|
864
864
|
redirect_uri: y,
|
|
865
865
|
grant_type: "refresh_token",
|
|
866
866
|
refresh_token: c.refreshToken
|
|
867
|
-
},
|
|
867
|
+
}, T = await e.initAsync(
|
|
868
868
|
p,
|
|
869
869
|
a.authority_configuration
|
|
870
|
-
), h = document.hidden ? 1e4 : 3e4 * 10, g =
|
|
870
|
+
), h = document.hidden ? 1e4 : 3e4 * 10, g = T.tokenEndpoint, A = {};
|
|
871
871
|
a.demonstrating_proof_of_possession && (A.DPoP = await e.generateDemonstrationOfProofOfPossessionAsync(
|
|
872
872
|
c.accessToken,
|
|
873
873
|
g,
|
|
@@ -886,15 +886,15 @@ const M = (e, n, s = null) => {
|
|
|
886
886
|
const { isValid: W, reason: L } = me(
|
|
887
887
|
S.data,
|
|
888
888
|
_.nonce,
|
|
889
|
-
|
|
889
|
+
T
|
|
890
890
|
);
|
|
891
891
|
if (!W)
|
|
892
892
|
return n(null), e.publishEvent(m.refreshTokensAsync_error, {
|
|
893
893
|
message: `refresh token return not valid tokens, reason: ${L}`
|
|
894
894
|
}), { tokens: null, status: "SESSION_LOST" };
|
|
895
895
|
if (n(S.data), S.demonstratingProofOfPossessionNonce) {
|
|
896
|
-
const
|
|
897
|
-
|
|
896
|
+
const v = await I(a, e.configurationName);
|
|
897
|
+
v ? await v.setDemonstratingProofOfPossessionNonce(
|
|
898
898
|
S.demonstratingProofOfPossessionNonce
|
|
899
899
|
) : await P(e.configurationName, a.storage).setDemonstratingProofOfPossessionNonce(
|
|
900
900
|
S.demonstratingProofOfPossessionNonce
|
|
@@ -918,10 +918,10 @@ const M = (e, n, s = null) => {
|
|
|
918
918
|
})();
|
|
919
919
|
}
|
|
920
920
|
}
|
|
921
|
-
} catch (
|
|
922
|
-
return console.error(
|
|
921
|
+
} catch (l) {
|
|
922
|
+
return console.error(l), e.publishEvent(m.refreshTokensAsync_silent_error, {
|
|
923
923
|
message: "exception",
|
|
924
|
-
exception:
|
|
924
|
+
exception: l.message
|
|
925
925
|
}), new Promise((c, _) => {
|
|
926
926
|
setTimeout(() => {
|
|
927
927
|
H(e)(n, r, t, o).then(c).catch(_);
|
|
@@ -937,22 +937,22 @@ const M = (e, n, s = null) => {
|
|
|
937
937
|
if (o && (t == null && (t = {}), t.state = o), i && (t == null && (t = {}), t.scope = i), t != null)
|
|
938
938
|
for (const [c, _] of Object.entries(t))
|
|
939
939
|
r === "" ? r = `?${encodeURIComponent(c)}=${encodeURIComponent(_)}` : r += `&${encodeURIComponent(c)}=${encodeURIComponent(_)}`;
|
|
940
|
-
const a = n.silent_login_uri + r,
|
|
941
|
-
return
|
|
940
|
+
const a = n.silent_login_uri + r, u = a.indexOf("/", a.indexOf("//") + 2), f = a.substring(0, u), l = document.createElement("iframe");
|
|
941
|
+
return l.width = "0px", l.height = "0px", l.id = `${e}_oidc_iframe`, l.setAttribute("src", a), document.body.appendChild(l), new Promise((c, _) => {
|
|
942
942
|
let d = !1;
|
|
943
943
|
const y = () => {
|
|
944
|
-
window.removeEventListener("message", p),
|
|
944
|
+
window.removeEventListener("message", p), l.remove(), d = !0;
|
|
945
945
|
}, p = (k) => {
|
|
946
|
-
if (k.origin === f && k.source ===
|
|
947
|
-
const b = `${e}_oidc_tokens:`, E = `${e}_oidc_error:`, w = `${e}_oidc_exception:`,
|
|
948
|
-
if (
|
|
949
|
-
if (
|
|
946
|
+
if (k.origin === f && k.source === l.contentWindow) {
|
|
947
|
+
const b = `${e}_oidc_tokens:`, E = `${e}_oidc_error:`, w = `${e}_oidc_exception:`, T = k.data;
|
|
948
|
+
if (T && typeof T == "string" && !d) {
|
|
949
|
+
if (T.startsWith(b)) {
|
|
950
950
|
const h = JSON.parse(k.data.replace(b, ""));
|
|
951
951
|
s(m.silentLoginAsync_end, {}), c(h), y();
|
|
952
|
-
} else if (
|
|
952
|
+
} else if (T.startsWith(E)) {
|
|
953
953
|
const h = JSON.parse(k.data.replace(E, ""));
|
|
954
954
|
s(m.silentLoginAsync_error, h), c({ error: "oidc_" + h.error, tokens: null, sessionState: null }), y();
|
|
955
|
-
} else if (
|
|
955
|
+
} else if (T.startsWith(w)) {
|
|
956
956
|
const h = JSON.parse(k.data.replace(w, ""));
|
|
957
957
|
s(m.silentLoginAsync_error, h), _(new Error(h.error)), y();
|
|
958
958
|
}
|
|
@@ -974,9 +974,9 @@ const M = (e, n, s = null) => {
|
|
|
974
974
|
}
|
|
975
975
|
}, rn = (e, n, s, t, o) => (i = null, r = void 0) => {
|
|
976
976
|
i = { ...i };
|
|
977
|
-
const a = (f,
|
|
977
|
+
const a = (f, l, c) => re(n, s, t.bind(o))(
|
|
978
978
|
f,
|
|
979
|
-
|
|
979
|
+
l,
|
|
980
980
|
c
|
|
981
981
|
);
|
|
982
982
|
return (async () => {
|
|
@@ -984,9 +984,9 @@ const M = (e, n, s = null) => {
|
|
|
984
984
|
let f;
|
|
985
985
|
i && "state" in i && (f = i.state, delete i.state);
|
|
986
986
|
try {
|
|
987
|
-
const
|
|
987
|
+
const l = s.extras ? { ...s.extras, ...i } : i, c = await a(
|
|
988
988
|
{
|
|
989
|
-
...
|
|
989
|
+
...l,
|
|
990
990
|
prompt: "none"
|
|
991
991
|
},
|
|
992
992
|
f,
|
|
@@ -994,19 +994,19 @@ const M = (e, n, s = null) => {
|
|
|
994
994
|
);
|
|
995
995
|
if (c)
|
|
996
996
|
return o.tokens = c.tokens, t(m.token_acquired, {}), o.timeoutId = M(o, o.tokens.expiresAt, i), {};
|
|
997
|
-
} catch (
|
|
998
|
-
return
|
|
997
|
+
} catch (l) {
|
|
998
|
+
return l;
|
|
999
999
|
}
|
|
1000
1000
|
})();
|
|
1001
1001
|
}, an = (e, n, s) => (t, o, i, r = !1) => {
|
|
1002
|
-
const a = (
|
|
1003
|
-
|
|
1002
|
+
const a = (u, f = void 0, l = void 0) => re(e.configurationName, s, e.publishEvent.bind(e))(
|
|
1003
|
+
u,
|
|
1004
1004
|
f,
|
|
1005
|
-
|
|
1005
|
+
l
|
|
1006
1006
|
);
|
|
1007
|
-
return new Promise((
|
|
1007
|
+
return new Promise((u, f) => {
|
|
1008
1008
|
if (s.silent_login_uri && s.silent_redirect_uri && s.monitor_session && t && i && !r) {
|
|
1009
|
-
const
|
|
1009
|
+
const l = () => {
|
|
1010
1010
|
e.checkSessionIFrame.stop();
|
|
1011
1011
|
const c = e.tokens;
|
|
1012
1012
|
if (c === null)
|
|
@@ -1044,16 +1044,16 @@ const M = (e, n, s = null) => {
|
|
|
1044
1044
|
});
|
|
1045
1045
|
};
|
|
1046
1046
|
e.checkSessionIFrame = new Pe(
|
|
1047
|
-
|
|
1047
|
+
l,
|
|
1048
1048
|
o,
|
|
1049
1049
|
t
|
|
1050
1050
|
), e.checkSessionIFrame.load().then(() => {
|
|
1051
|
-
e.checkSessionIFrame.start(i),
|
|
1051
|
+
e.checkSessionIFrame.start(i), u(e.checkSessionIFrame);
|
|
1052
1052
|
}).catch((c) => {
|
|
1053
1053
|
f(c);
|
|
1054
1054
|
});
|
|
1055
1055
|
} else
|
|
1056
|
-
|
|
1056
|
+
u(null);
|
|
1057
1057
|
});
|
|
1058
1058
|
}, cn = (e) => !!(e.os === "iOS" && e.osVersion.startsWith("12") || e.os === "Mac OS X" && e.osVersion.startsWith("10_15_6")), ln = (e) => {
|
|
1059
1059
|
const n = e.appVersion, s = e.userAgent, t = "-";
|
|
@@ -1091,9 +1091,9 @@ const M = (e, n, s = null) => {
|
|
|
1091
1091
|
}
|
|
1092
1092
|
];
|
|
1093
1093
|
for (const a in i) {
|
|
1094
|
-
const
|
|
1095
|
-
if (
|
|
1096
|
-
o =
|
|
1094
|
+
const u = i[a];
|
|
1095
|
+
if (u.r.test(s)) {
|
|
1096
|
+
o = u.s;
|
|
1097
1097
|
break;
|
|
1098
1098
|
}
|
|
1099
1099
|
}
|
|
@@ -1225,7 +1225,7 @@ const _n = () => {
|
|
|
1225
1225
|
search: s,
|
|
1226
1226
|
hash: t
|
|
1227
1227
|
};
|
|
1228
|
-
},
|
|
1228
|
+
}, vn = (e) => {
|
|
1229
1229
|
const n = Ee(e);
|
|
1230
1230
|
let { path: s } = n;
|
|
1231
1231
|
s.endsWith("/") && (s = s.slice(0, -1));
|
|
@@ -1241,7 +1241,7 @@ const _n = () => {
|
|
|
1241
1241
|
for (t = 0, o = i.length; t < o; t++)
|
|
1242
1242
|
s = i[t].split("="), n[decodeURIComponent(s[0])] = decodeURIComponent(s[1]);
|
|
1243
1243
|
return n;
|
|
1244
|
-
}, hn = (e, n, s, t, o) => (i = void 0, r = null, a = !1,
|
|
1244
|
+
}, hn = (e, n, s, t, o) => (i = void 0, r = null, a = !1, u = void 0) => {
|
|
1245
1245
|
const f = r;
|
|
1246
1246
|
return r = { ...r }, (async () => {
|
|
1247
1247
|
const c = i || o.getPath();
|
|
@@ -1250,7 +1250,7 @@ const _n = () => {
|
|
|
1250
1250
|
_.endsWith(":token_request") && delete r[_];
|
|
1251
1251
|
try {
|
|
1252
1252
|
const _ = a ? n.silent_redirect_uri : n.redirect_uri;
|
|
1253
|
-
|
|
1253
|
+
u || (u = n.scope);
|
|
1254
1254
|
const d = n.extras ? { ...n.extras, ...r } : r;
|
|
1255
1255
|
d.nonce || (d.nonce = ee(12));
|
|
1256
1256
|
const y = { nonce: d.nonce }, p = await I(n, e), k = await t(
|
|
@@ -1267,7 +1267,7 @@ const _n = () => {
|
|
|
1267
1267
|
const E = {
|
|
1268
1268
|
client_id: n.client_id,
|
|
1269
1269
|
redirect_uri: _,
|
|
1270
|
-
scope:
|
|
1270
|
+
scope: u,
|
|
1271
1271
|
response_type: "code",
|
|
1272
1272
|
...d
|
|
1273
1273
|
};
|
|
@@ -1285,18 +1285,18 @@ const _n = () => {
|
|
|
1285
1285
|
const s = e.configuration, t = s.client_id, o = n ? s.silent_redirect_uri : s.redirect_uri, i = s.authority, r = s.token_request_timeout, a = await e.initAsync(
|
|
1286
1286
|
i,
|
|
1287
1287
|
s.authority_configuration
|
|
1288
|
-
),
|
|
1288
|
+
), u = e.location.getCurrentHref(), l = Y(u).session_state, c = await I(s, e.configurationName);
|
|
1289
1289
|
let _, d, y, p;
|
|
1290
1290
|
if (c)
|
|
1291
|
-
await c.initAsync(a, "loginCallbackAsync", s), await c.setSessionStateAsync(
|
|
1291
|
+
await c.initAsync(a, "loginCallbackAsync", s), await c.setSessionStateAsync(l), d = await c.getNonceAsync(), y = c.getLoginParams(), p = await c.getStateAsync(), c.startKeepAliveServiceWorker(), _ = c;
|
|
1292
1292
|
else {
|
|
1293
|
-
const
|
|
1293
|
+
const v = P(
|
|
1294
1294
|
e.configurationName,
|
|
1295
1295
|
s.storage ?? sessionStorage
|
|
1296
1296
|
);
|
|
1297
|
-
await
|
|
1297
|
+
await v.setSessionStateAsync(l), d = await v.getNonceAsync(), y = v.getLoginParams(), p = await v.getStateAsync(), _ = v;
|
|
1298
1298
|
}
|
|
1299
|
-
const k = Y(
|
|
1299
|
+
const k = Y(u);
|
|
1300
1300
|
if (k.error || k.error_description)
|
|
1301
1301
|
throw new Error(`Error from OIDC server: ${k.error} - ${k.error_description}`);
|
|
1302
1302
|
if (k.iss && k.iss !== a.issuer)
|
|
@@ -1312,27 +1312,27 @@ const _n = () => {
|
|
|
1312
1312
|
redirect_uri: o
|
|
1313
1313
|
}, E = {};
|
|
1314
1314
|
if (s.token_request_extras)
|
|
1315
|
-
for (const [
|
|
1316
|
-
E[
|
|
1315
|
+
for (const [v, U] of Object.entries(s.token_request_extras))
|
|
1316
|
+
E[v] = U;
|
|
1317
1317
|
if (y != null && y.extras)
|
|
1318
|
-
for (const [
|
|
1319
|
-
|
|
1320
|
-
const w = a.tokenEndpoint,
|
|
1318
|
+
for (const [v, U] of Object.entries(y.extras))
|
|
1319
|
+
v.endsWith(":token_request") && (E[v.replace(":token_request", "")] = U);
|
|
1320
|
+
const w = a.tokenEndpoint, T = {};
|
|
1321
1321
|
if (s.demonstrating_proof_of_possession)
|
|
1322
1322
|
if (c)
|
|
1323
|
-
|
|
1323
|
+
T.DPoP = `DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;
|
|
1324
1324
|
else {
|
|
1325
|
-
const
|
|
1325
|
+
const v = await Ge(window)(
|
|
1326
1326
|
s.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm
|
|
1327
1327
|
);
|
|
1328
|
-
await P(e.configurationName, s.storage).setDemonstratingProofOfPossessionJwkAsync(
|
|
1328
|
+
await P(e.configurationName, s.storage).setDemonstratingProofOfPossessionJwkAsync(v), T.DPoP = await Se(window)(
|
|
1329
1329
|
s.demonstrating_proof_of_possession_configuration
|
|
1330
|
-
)(
|
|
1330
|
+
)(v, "POST", w);
|
|
1331
1331
|
}
|
|
1332
1332
|
const h = await tn(_)(
|
|
1333
1333
|
w,
|
|
1334
1334
|
{ ...b, ...E },
|
|
1335
|
-
|
|
1335
|
+
T,
|
|
1336
1336
|
e.configuration.token_renew_mode,
|
|
1337
1337
|
r
|
|
1338
1338
|
);
|
|
@@ -1362,13 +1362,13 @@ const _n = () => {
|
|
|
1362
1362
|
S
|
|
1363
1363
|
);
|
|
1364
1364
|
else {
|
|
1365
|
-
const
|
|
1366
|
-
g =
|
|
1365
|
+
const v = P(e.configurationName, s.storage);
|
|
1366
|
+
g = v.getLoginParams(), S && await v.setDemonstratingProofOfPossessionNonce(S);
|
|
1367
1367
|
}
|
|
1368
1368
|
return await e.startCheckSessionAsync(
|
|
1369
1369
|
a.checkSessionIframe,
|
|
1370
1370
|
t,
|
|
1371
|
-
|
|
1371
|
+
l,
|
|
1372
1372
|
n
|
|
1373
1373
|
), e.publishEvent(m.loginCallbackAsync_end, {}), {
|
|
1374
1374
|
tokens: A,
|
|
@@ -1406,19 +1406,19 @@ const _n = () => {
|
|
|
1406
1406
|
s ? await s.clearAsync(n) : await P(e.configurationName, e.configuration.storage).clearAsync(n), e.tokens = null, e.userInfo = null;
|
|
1407
1407
|
}, mn = (e, n, s, t, o) => async (i = void 0, r = null) => {
|
|
1408
1408
|
var b, E;
|
|
1409
|
-
const a = e.configuration,
|
|
1409
|
+
const a = e.configuration, u = await e.initAsync(
|
|
1410
1410
|
a.authority,
|
|
1411
1411
|
a.authority_configuration
|
|
1412
1412
|
);
|
|
1413
1413
|
i && typeof i != "string" && (i = void 0, t.warn("callbackPathOrUrl path is not a string"));
|
|
1414
1414
|
const f = i ?? o.getPath();
|
|
1415
|
-
let
|
|
1416
|
-
i && (
|
|
1417
|
-
const c =
|
|
1415
|
+
let l = !1;
|
|
1416
|
+
i && (l = i.includes("https://") || i.includes("http://"));
|
|
1417
|
+
const c = l ? i : o.getOrigin() + f, _ = e.tokens ? e.tokens.idToken : "";
|
|
1418
1418
|
try {
|
|
1419
|
-
const w =
|
|
1419
|
+
const w = u.revocationEndpoint;
|
|
1420
1420
|
if (w) {
|
|
1421
|
-
const
|
|
1421
|
+
const T = [], h = e.tokens ? e.tokens.accessToken : null;
|
|
1422
1422
|
if (h && a.logout_tokens_to_invalidate.includes(ye.access_token)) {
|
|
1423
1423
|
const A = z(r, ":revoke_access_token"), S = de(s)(
|
|
1424
1424
|
w,
|
|
@@ -1427,7 +1427,7 @@ const _n = () => {
|
|
|
1427
1427
|
a.client_id,
|
|
1428
1428
|
A
|
|
1429
1429
|
);
|
|
1430
|
-
|
|
1430
|
+
T.push(S);
|
|
1431
1431
|
}
|
|
1432
1432
|
const g = e.tokens ? e.tokens.refreshToken : null;
|
|
1433
1433
|
if (g && a.logout_tokens_to_invalidate.includes(ye.refresh_token)) {
|
|
@@ -1438,9 +1438,9 @@ const _n = () => {
|
|
|
1438
1438
|
a.client_id,
|
|
1439
1439
|
A
|
|
1440
1440
|
);
|
|
1441
|
-
|
|
1441
|
+
T.push(S);
|
|
1442
1442
|
}
|
|
1443
|
-
|
|
1443
|
+
T.length > 0 && await Promise.all(T);
|
|
1444
1444
|
}
|
|
1445
1445
|
} catch (w) {
|
|
1446
1446
|
t.warn(
|
|
@@ -1455,40 +1455,42 @@ const _n = () => {
|
|
|
1455
1455
|
if (y && y.no_reload === "true")
|
|
1456
1456
|
return;
|
|
1457
1457
|
const k = gn(r);
|
|
1458
|
-
if (
|
|
1458
|
+
if (u.endSessionEndpoint) {
|
|
1459
1459
|
"id_token_hint" in k || (k.id_token_hint = _), !("post_logout_redirect_uri" in k) && i !== null && (k.post_logout_redirect_uri = c);
|
|
1460
1460
|
let w = "";
|
|
1461
|
-
for (const [
|
|
1462
|
-
h != null && (w === "" ? w += "?" : w += "&", w += `${
|
|
1463
|
-
o.open(`${
|
|
1461
|
+
for (const [T, h] of Object.entries(k))
|
|
1462
|
+
h != null && (w === "" ? w += "?" : w += "&", w += `${T}=${encodeURIComponent(h)}`);
|
|
1463
|
+
o.open(`${u.endSessionEndpoint}${w}`);
|
|
1464
1464
|
} else
|
|
1465
1465
|
o.reload();
|
|
1466
1466
|
}, Oe = (e, n, s = !1) => async (...t) => {
|
|
1467
1467
|
var d;
|
|
1468
1468
|
const [o, i, ...r] = t, a = i ? { ...i } : { method: "GET" };
|
|
1469
|
-
let
|
|
1470
|
-
a.headers && (
|
|
1469
|
+
let u = new Headers();
|
|
1470
|
+
a.headers && (u = a.headers instanceof Headers ? a.headers : new Headers(a.headers));
|
|
1471
1471
|
const f = {
|
|
1472
|
-
|
|
1472
|
+
getTokens: () => n.tokens,
|
|
1473
1473
|
configuration: {
|
|
1474
1474
|
token_automatic_renew_mode: n.configuration.token_automatic_renew_mode,
|
|
1475
1475
|
refresh_time_before_tokens_expiration_in_second: n.configuration.refresh_time_before_tokens_expiration_in_second
|
|
1476
1476
|
},
|
|
1477
1477
|
renewTokensAsync: n.renewTokensAsync.bind(n)
|
|
1478
|
-
},
|
|
1479
|
-
|
|
1478
|
+
}, l = await ke(f);
|
|
1479
|
+
console.log("getValidTokenAsync"), console.log(l);
|
|
1480
|
+
const c = (d = l == null ? void 0 : l.tokens) == null ? void 0 : d.accessToken;
|
|
1481
|
+
if (u.has("Accept") || u.set("Accept", "application/json"), c) {
|
|
1480
1482
|
if (n.configuration.demonstrating_proof_of_possession && s) {
|
|
1481
1483
|
const y = await n.generateDemonstrationOfProofOfPossessionAsync(
|
|
1482
1484
|
c,
|
|
1483
1485
|
o.toString(),
|
|
1484
1486
|
a.method
|
|
1485
1487
|
);
|
|
1486
|
-
|
|
1488
|
+
u.set("Authorization", `PoP ${c}`), u.set("DPoP", y);
|
|
1487
1489
|
} else
|
|
1488
|
-
|
|
1490
|
+
u.set("Authorization", `Bearer ${c}`);
|
|
1489
1491
|
a.credentials || (a.credentials = "same-origin");
|
|
1490
1492
|
}
|
|
1491
|
-
const _ = { ...a, headers:
|
|
1493
|
+
const _ = { ...a, headers: u };
|
|
1492
1494
|
return await e(o, _, ...r);
|
|
1493
1495
|
}, pn = (e) => async (n = !1, s = !1) => {
|
|
1494
1496
|
if (e.userInfo != null && !n)
|
|
@@ -1510,7 +1512,7 @@ class se {
|
|
|
1510
1512
|
const x = {}, An = (e, n = new q()) => (s, t = "default") => (x[t] || (x[t] = new C(s, t, e, n)), x[t]), Sn = async (e) => {
|
|
1511
1513
|
const { parsedTokens: n, callbackPath: s } = await e.loginCallbackAsync();
|
|
1512
1514
|
return e.timeoutId = M(e, n.expiresAt), { callbackPath: s };
|
|
1513
|
-
},
|
|
1515
|
+
}, Tn = (e) => Math.floor(Math.random() * e), F = class F {
|
|
1514
1516
|
constructor(n, s = "default", t, o = new q()) {
|
|
1515
1517
|
this.initPromise = null, this.tryKeepExistingSessionPromise = null, this.loginPromise = null, this.loginCallbackPromise = null, this.loginCallbackWithAutoTokensRenewPromise = null, this.userInfoPromise = null, this.renewTokensPromise = null, this.logoutPromise = null;
|
|
1516
1518
|
let i = n.silent_login_uri;
|
|
@@ -1534,12 +1536,12 @@ const x = {}, An = (e, n = new q()) => (s, t = "default") => (x[t] || (x[t] = ne
|
|
|
1534
1536
|
],
|
|
1535
1537
|
service_worker_update_require_callback: a,
|
|
1536
1538
|
service_worker_activate: n.service_worker_activate ?? _n,
|
|
1537
|
-
demonstrating_proof_of_possession_configuration: n.demonstrating_proof_of_possession_configuration ??
|
|
1539
|
+
demonstrating_proof_of_possession_configuration: n.demonstrating_proof_of_possession_configuration ?? Ve,
|
|
1538
1540
|
preload_user_info: n.preload_user_info ?? !1
|
|
1539
1541
|
}, this.getFetch = t ?? wn, this.configurationName = s, this.tokens = null, this.userInfo = null, this.events = [], this.timeoutId = null, this.loginCallbackWithAutoTokensRenewAsync.bind(this), this.initAsync.bind(this), this.loginCallbackAsync.bind(this), this.subscribeEvents.bind(this), this.removeEventSubscription.bind(this), this.publishEvent.bind(this), this.destroyAsync.bind(this), this.logoutAsync.bind(this), this.renewTokensAsync.bind(this), this.initAsync(this.configuration.authority, this.configuration.authority_configuration);
|
|
1540
1542
|
}
|
|
1541
1543
|
subscribeEvents(n) {
|
|
1542
|
-
const s =
|
|
1544
|
+
const s = Tn(9999999999999).toString();
|
|
1543
1545
|
return this.events.push({ id: s, func: n }), s;
|
|
1544
1546
|
}
|
|
1545
1547
|
removeEventSubscription(n) {
|
|
@@ -1647,7 +1649,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1647
1649
|
return this.loginCallbackPromise;
|
|
1648
1650
|
const s = async () => {
|
|
1649
1651
|
const t = await yn(this)(n), o = t.tokens;
|
|
1650
|
-
return this.tokens = o, await I(this.configuration, this.configurationName) || P(this.configurationName, this.configuration.storage).setTokens(o), this.publishEvent(
|
|
1652
|
+
return this.tokens = o, await I(this.configuration, this.configurationName) || P(this.configurationName, this.configuration.storage).setTokens(o), this.publishEvent(F.eventNames.token_acquired, o), this.configuration.preload_user_info && await this.userInfoAsync(), { parsedTokens: o, state: t.state, callbackPath: t.callbackPath };
|
|
1651
1653
|
};
|
|
1652
1654
|
return this.loginCallbackPromise = s(), this.loginCallbackPromise.finally(() => {
|
|
1653
1655
|
this.loginCallbackPromise = null;
|
|
@@ -1655,13 +1657,13 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1655
1657
|
}
|
|
1656
1658
|
async generateDemonstrationOfProofOfPossessionAsync(n, s, t, o = {}) {
|
|
1657
1659
|
const i = this.configuration, r = {
|
|
1658
|
-
ath: await
|
|
1660
|
+
ath: await ve(n),
|
|
1659
1661
|
...o
|
|
1660
1662
|
};
|
|
1661
1663
|
if (await I(i, this.configurationName))
|
|
1662
1664
|
return `DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${this.configurationName}`;
|
|
1663
|
-
const
|
|
1664
|
-
return
|
|
1665
|
+
const u = P(this.configurationName, i.storage), f = await u.getDemonstratingProofOfPossessionJwkAsync(), l = u.getDemonstratingProofOfPossessionNonce();
|
|
1666
|
+
return l && (r.nonce = l), await Se(window)(
|
|
1665
1667
|
i.demonstrating_proof_of_possession_configuration
|
|
1666
1668
|
)(f, t, s, r);
|
|
1667
1669
|
}
|
|
@@ -1704,8 +1706,8 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1704
1706
|
}));
|
|
1705
1707
|
}
|
|
1706
1708
|
};
|
|
1707
|
-
|
|
1708
|
-
let C =
|
|
1709
|
+
F.getOrCreate = (n, s) => (t, o = "default") => An(n, s)(t, o), F.eventNames = m;
|
|
1710
|
+
let C = F;
|
|
1709
1711
|
const $ = class $ {
|
|
1710
1712
|
constructor(n) {
|
|
1711
1713
|
this._oidc = n;
|
|
@@ -1755,7 +1757,15 @@ const $ = class $ {
|
|
|
1755
1757
|
);
|
|
1756
1758
|
}
|
|
1757
1759
|
async getValidTokenAsync(n = 200, s = 50) {
|
|
1758
|
-
|
|
1760
|
+
const t = this._oidc, o = {
|
|
1761
|
+
getTokens: () => t.tokens,
|
|
1762
|
+
configuration: {
|
|
1763
|
+
token_automatic_renew_mode: t.configuration.token_automatic_renew_mode,
|
|
1764
|
+
refresh_time_before_tokens_expiration_in_second: t.configuration.refresh_time_before_tokens_expiration_in_second
|
|
1765
|
+
},
|
|
1766
|
+
renewTokensAsync: t.renewTokensAsync.bind(t)
|
|
1767
|
+
};
|
|
1768
|
+
return ke(o, n, s);
|
|
1759
1769
|
}
|
|
1760
1770
|
fetchWithTokens(n, s = !1) {
|
|
1761
1771
|
return Oe(n, this._oidc, s);
|
|
@@ -1776,5 +1786,5 @@ export {
|
|
|
1776
1786
|
Q as TokenRenewMode,
|
|
1777
1787
|
wn as getFetchDefault,
|
|
1778
1788
|
Y as getParseQueryStringFromLocation,
|
|
1779
|
-
|
|
1789
|
+
vn as getPath
|
|
1780
1790
|
};
|