@axa-fr/oidc-client 7.22.9 → 7.22.14
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +33 -33
- package/dist/index.umd.cjs +2 -2
- package/dist/oidc.d.ts.map +1 -1
- package/dist/version.d.ts +1 -1
- package/dist/version.d.ts.map +1 -1
- package/package.json +2 -2
- package/src/oidc.ts +4 -0
- package/src/version.ts +1 -1
package/dist/index.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
const D = console;
|
|
2
|
-
class
|
|
2
|
+
class Pe {
|
|
3
3
|
constructor(n, s, t, o = 2e3, i = !0) {
|
|
4
4
|
this._callback = n, this._client_id = s, this._url = t, this._interval = o || 2e3, this._stopOnError = i;
|
|
5
5
|
const r = t.indexOf("/", t.indexOf("//") + 2);
|
|
@@ -55,7 +55,7 @@ const m = {
|
|
|
55
55
|
syncTokensAsync_end: "syncTokensAsync_end",
|
|
56
56
|
syncTokensAsync_error: "syncTokensAsync_error",
|
|
57
57
|
tokensInvalidAndWaitingActionsToRefresh: "tokensInvalidAndWaitingActionsToRefresh"
|
|
58
|
-
},
|
|
58
|
+
}, O = (e, n = sessionStorage) => {
|
|
59
59
|
const s = (h) => (n[`oidc.${e}`] = JSON.stringify({ tokens: null, status: h }), Promise.resolve()), t = async () => {
|
|
60
60
|
if (!n[`oidc.${e}`])
|
|
61
61
|
return n[`oidc.${e}`] = JSON.stringify({ tokens: null, status: null }), { tokens: null, status: null };
|
|
@@ -104,7 +104,7 @@ const m = {
|
|
|
104
104
|
};
|
|
105
105
|
};
|
|
106
106
|
var V = /* @__PURE__ */ ((e) => (e.AutomaticBeforeTokenExpiration = "AutomaticBeforeTokensExpiration", e.AutomaticOnlyWhenFetchExecuted = "AutomaticOnlyWhenFetchExecuted", e))(V || {});
|
|
107
|
-
const
|
|
107
|
+
const Oe = (e) => decodeURIComponent(Array.prototype.map.call(atob(e), (n) => "%" + ("00" + n.charCodeAt(0).toString(16)).slice(-2)).join("")), Ie = (e) => JSON.parse(Oe(e.replaceAll(/-/g, "+").replaceAll(/_/g, "/"))), ae = (e) => {
|
|
108
108
|
try {
|
|
109
109
|
return e && Ce(e, ".") === 2 ? Ie(e.split(".")[1]) : null;
|
|
110
110
|
} catch (n) {
|
|
@@ -201,7 +201,7 @@ const X = (e, n = null, s) => {
|
|
|
201
201
|
setInterval: setInterval.bind(e),
|
|
202
202
|
clearInterval: clearInterval.bind(e)
|
|
203
203
|
};
|
|
204
|
-
}(), le = "7.22.
|
|
204
|
+
}(), le = "7.22.14";
|
|
205
205
|
let ue = null, q;
|
|
206
206
|
const z = ({ milliseconds: e }) => new Promise((n) => M.setTimeout(n, e)), me = (e = "/") => {
|
|
207
207
|
try {
|
|
@@ -223,7 +223,7 @@ const z = ({ milliseconds: e }) => new Promise((n) => M.setTimeout(n, e)), me =
|
|
|
223
223
|
s(), await n.update();
|
|
224
224
|
const t = await n.unregister();
|
|
225
225
|
console.log(`Service worker unregistering ${t}`), await z({ milliseconds: 2e3 }), e.reload();
|
|
226
|
-
},
|
|
226
|
+
}, P = (e) => (n) => new Promise(function(s, t) {
|
|
227
227
|
const o = new MessageChannel();
|
|
228
228
|
o.port1.onmessage = function(i) {
|
|
229
229
|
i.data && i.data.error ? t(i.data.error) : s(i.data), o.port1.close(), o.port2.close();
|
|
@@ -235,12 +235,12 @@ const z = ({ milliseconds: e }) => new Promise((n) => M.setTimeout(n, e)), me =
|
|
|
235
235
|
let t = null;
|
|
236
236
|
e.register ? t = await e.service_worker_register(s) : t = await navigator.serviceWorker.register(s);
|
|
237
237
|
try {
|
|
238
|
-
await navigator.serviceWorker.ready, navigator.serviceWorker.controller || await
|
|
238
|
+
await navigator.serviceWorker.ready, navigator.serviceWorker.controller || await P(t)({ type: "claim" });
|
|
239
239
|
} catch {
|
|
240
240
|
return null;
|
|
241
241
|
}
|
|
242
|
-
const o = async (d) =>
|
|
243
|
-
const W = await
|
|
242
|
+
const o = async (d) => P(t)({ type: "clear", data: { status: d }, configurationName: n }), i = async (d, A, v) => {
|
|
243
|
+
const W = await P(t)({
|
|
244
244
|
type: "init",
|
|
245
245
|
data: {
|
|
246
246
|
oidcServerConfiguration: d,
|
|
@@ -255,8 +255,8 @@ const z = ({ milliseconds: e }) => new Promise((n) => M.setTimeout(n, e)), me =
|
|
|
255
255
|
return L !== le && (console.warn(`Service worker ${L} version mismatch with js client version ${le}, unregistering and reloading`), await v.service_worker_update_require_callback(t, xe)), { tokens: oe(W.tokens, null, v.token_renew_mode), status: W.status };
|
|
256
256
|
}, r = (d = "/") => {
|
|
257
257
|
ue == null && (ue = "not_null", me(d));
|
|
258
|
-
}, a = (d) =>
|
|
259
|
-
let A = (await
|
|
258
|
+
}, a = (d) => P(t)({ type: "setSessionState", data: { sessionState: d }, configurationName: n }), l = async () => (await P(t)({ type: "getSessionState", data: null, configurationName: n })).sessionState, f = (d) => (sessionStorage[`oidc.nonce.${n}`] = d.nonce, P(t)({ type: "setNonce", data: { nonce: d }, configurationName: n })), u = async () => {
|
|
259
|
+
let A = (await P(t)({ type: "getNonce", data: null, configurationName: n })).nonce;
|
|
260
260
|
return A || (A = sessionStorage[`oidc.nonce.${n}`], console.warn("nonce not found in service worker, using sessionStorage")), { nonce: A };
|
|
261
261
|
};
|
|
262
262
|
let c = {};
|
|
@@ -277,25 +277,25 @@ const z = ({ milliseconds: e }) => new Promise((n) => M.setTimeout(n, e)), me =
|
|
|
277
277
|
return c[n] || (c[n] = JSON.parse(d)), c[n];
|
|
278
278
|
},
|
|
279
279
|
getStateAsync: async () => {
|
|
280
|
-
let A = (await
|
|
280
|
+
let A = (await P(t)({ type: "getState", data: null, configurationName: n })).state;
|
|
281
281
|
return A || (A = sessionStorage[`oidc.state.${n}`], console.warn("state not found in service worker, using sessionStorage")), A;
|
|
282
282
|
},
|
|
283
|
-
setStateAsync: async (d) => (sessionStorage[`oidc.state.${n}`] = d,
|
|
283
|
+
setStateAsync: async (d) => (sessionStorage[`oidc.state.${n}`] = d, P(t)({ type: "setState", data: { state: d }, configurationName: n })),
|
|
284
284
|
getCodeVerifierAsync: async () => {
|
|
285
|
-
let A = (await
|
|
285
|
+
let A = (await P(t)({ type: "getCodeVerifier", data: null, configurationName: n })).codeVerifier;
|
|
286
286
|
return A || (A = sessionStorage[`oidc.code_verifier.${n}`], console.warn("codeVerifier not found in service worker, using sessionStorage")), A;
|
|
287
287
|
},
|
|
288
|
-
setCodeVerifierAsync: async (d) => (sessionStorage[`oidc.code_verifier.${n}`] = d,
|
|
288
|
+
setCodeVerifierAsync: async (d) => (sessionStorage[`oidc.code_verifier.${n}`] = d, P(t)({ type: "setCodeVerifier", data: { codeVerifier: d }, configurationName: n })),
|
|
289
289
|
setDemonstratingProofOfPossessionNonce: async (d) => {
|
|
290
|
-
await
|
|
290
|
+
await P(t)({ type: "setDemonstratingProofOfPossessionNonce", data: { demonstratingProofOfPossessionNonce: d }, configurationName: n });
|
|
291
291
|
},
|
|
292
|
-
getDemonstratingProofOfPossessionNonce: async () => (await
|
|
292
|
+
getDemonstratingProofOfPossessionNonce: async () => (await P(t)({ type: "getDemonstratingProofOfPossessionNonce", data: null, configurationName: n })).demonstratingProofOfPossessionNonce,
|
|
293
293
|
setDemonstratingProofOfPossessionJwkAsync: async (d) => {
|
|
294
294
|
const A = JSON.stringify(d);
|
|
295
|
-
await
|
|
295
|
+
await P(t)({ type: "setDemonstratingProofOfPossessionJwk", data: { demonstratingProofOfPossessionJwkJson: A }, configurationName: n });
|
|
296
296
|
},
|
|
297
297
|
getDemonstratingProofOfPossessionJwkAsync: async () => {
|
|
298
|
-
const d = await
|
|
298
|
+
const d = await P(t)({ type: "getDemonstratingProofOfPossessionJwk", data: null, configurationName: n });
|
|
299
299
|
return d.demonstratingProofOfPossessionJwkJson ? JSON.parse(d.demonstratingProofOfPossessionJwkJson) : null;
|
|
300
300
|
}
|
|
301
301
|
};
|
|
@@ -562,7 +562,7 @@ async function de(e, n, s) {
|
|
|
562
562
|
const t = (a) => {
|
|
563
563
|
e.tokens = a;
|
|
564
564
|
}, { tokens: o, status: i } = await H(e)(0, n, s, t);
|
|
565
|
-
return await I(e.configuration, e.configurationName) || await
|
|
565
|
+
return await I(e.configuration, e.configurationName) || await O(e.configurationName, e.configuration.storage).setTokens(e.tokens), e.tokens ? o : (await e.destroyAsync(i), null);
|
|
566
566
|
}
|
|
567
567
|
const sn = async (e, n) => {
|
|
568
568
|
const s = await I(n, e.configurationName);
|
|
@@ -570,7 +570,7 @@ const sn = async (e, n) => {
|
|
|
570
570
|
const t = await e.initAsync(n.authority, n.authority_configuration), { tokens: o } = await s.initAsync(t, "tryKeepExistingSessionAsync", n);
|
|
571
571
|
return o;
|
|
572
572
|
} else {
|
|
573
|
-
const t =
|
|
573
|
+
const t = O(e.configurationName, n.storage ?? sessionStorage);
|
|
574
574
|
let { tokens: o } = await t.initAsync();
|
|
575
575
|
return o = X(o, e.tokens, n.token_renew_mode), o;
|
|
576
576
|
}
|
|
@@ -615,7 +615,7 @@ const J = (e, n, s = null) => {
|
|
|
615
615
|
}
|
|
616
616
|
r = await l.getNonceAsync();
|
|
617
617
|
} else {
|
|
618
|
-
const c =
|
|
618
|
+
const c = O(s, n.storage ?? sessionStorage);
|
|
619
619
|
let { tokens: _, status: y } = await c.initAsync();
|
|
620
620
|
if (_ && (_ = X(_, e.tokens, n.token_renew_mode)), _) {
|
|
621
621
|
if (y === "SESSIONS_LOST")
|
|
@@ -642,7 +642,7 @@ const J = (e, n, s = null) => {
|
|
|
642
642
|
try {
|
|
643
643
|
let u;
|
|
644
644
|
const c = await I(a, e.configurationName);
|
|
645
|
-
c ? u = c.getLoginParams() : u =
|
|
645
|
+
c ? u = c.getLoginParams() : u = O(e.configurationName, a.storage).getLoginParams();
|
|
646
646
|
const _ = await l({
|
|
647
647
|
...u.extras,
|
|
648
648
|
...t,
|
|
@@ -699,7 +699,7 @@ const J = (e, n, s = null) => {
|
|
|
699
699
|
return o(null), e.publishEvent(m.refreshTokensAsync_error, { message: `refresh token return not valid tokens, reason: ${L}` }), { tokens: null, status: "SESSION_LOST" };
|
|
700
700
|
if (o(v.data), v.demonstratingProofOfPossessionNonce) {
|
|
701
701
|
const b = await I(a, e.configurationName);
|
|
702
|
-
b ? await b.setDemonstratingProofOfPossessionNonce(v.demonstratingProofOfPossessionNonce) : await
|
|
702
|
+
b ? await b.setDemonstratingProofOfPossessionNonce(v.demonstratingProofOfPossessionNonce) : await O(e.configurationName, a.storage).setDemonstratingProofOfPossessionNonce(v.demonstratingProofOfPossessionNonce);
|
|
703
703
|
}
|
|
704
704
|
return e.publishEvent(m.refreshTokensAsync_end, { success: v.success }), e.publishEvent(C.eventNames.token_renewed, { reason: "REFRESH_TOKEN" }), { tokens: v.data, status: "LOGGED_IN" };
|
|
705
705
|
} else
|
|
@@ -804,7 +804,7 @@ const J = (e, n, s = null) => {
|
|
|
804
804
|
await k.logoutOtherTabAsync(s.client_id, y.sub);
|
|
805
805
|
});
|
|
806
806
|
};
|
|
807
|
-
e.checkSessionIFrame = new
|
|
807
|
+
e.checkSessionIFrame = new Pe(u, o, t), e.checkSessionIFrame.load().then(() => {
|
|
808
808
|
e.checkSessionIFrame.start(i), l(e.checkSessionIFrame);
|
|
809
809
|
}).catch((c) => {
|
|
810
810
|
f(c);
|
|
@@ -867,7 +867,7 @@ const J = (e, n, s = null) => {
|
|
|
867
867
|
if (p)
|
|
868
868
|
p.setLoginParams({ callbackPath: c, extras: f }), await p.initAsync(k, "loginAsync", n), await p.setNonceAsync(g), p.startKeepAliveServiceWorker(), w = p;
|
|
869
869
|
else {
|
|
870
|
-
const S =
|
|
870
|
+
const S = O(e, n.storage ?? sessionStorage);
|
|
871
871
|
S.setLoginParams({ callbackPath: c, extras: f }), await S.setNonceAsync(g), w = S;
|
|
872
872
|
}
|
|
873
873
|
const T = {
|
|
@@ -890,7 +890,7 @@ const J = (e, n, s = null) => {
|
|
|
890
890
|
if (c)
|
|
891
891
|
await c.initAsync(a, "loginCallbackAsync", s), await c.setSessionStateAsync(u), y = await c.getNonceAsync(), g = c.getLoginParams(), p = await c.getStateAsync(), c.startKeepAliveServiceWorker(), _ = c;
|
|
892
892
|
else {
|
|
893
|
-
const b =
|
|
893
|
+
const b = O(e.configurationName, s.storage ?? sessionStorage);
|
|
894
894
|
await b.setSessionStateAsync(u), y = await b.getNonceAsync(), g = b.getLoginParams(), p = await b.getStateAsync(), _ = b;
|
|
895
895
|
}
|
|
896
896
|
const k = G(l);
|
|
@@ -918,7 +918,7 @@ const J = (e, n, s = null) => {
|
|
|
918
918
|
E.DPoP = `DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;
|
|
919
919
|
else {
|
|
920
920
|
const b = await qe(window)(s.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm);
|
|
921
|
-
await
|
|
921
|
+
await O(e.configurationName, s.storage).setDemonstratingProofOfPossessionJwkAsync(b), E.DPoP = await Ae(window)(s.demonstrating_proof_of_possession_configuration)(b, "POST", S);
|
|
922
922
|
}
|
|
923
923
|
const h = await nn(_)(
|
|
924
924
|
S,
|
|
@@ -945,7 +945,7 @@ const J = (e, n, s = null) => {
|
|
|
945
945
|
if (c)
|
|
946
946
|
await c.initAsync(a, "syncTokensAsync", s), d = c.getLoginParams(), v && await c.setDemonstratingProofOfPossessionNonce(v);
|
|
947
947
|
else {
|
|
948
|
-
const b =
|
|
948
|
+
const b = O(e.configurationName, s.storage);
|
|
949
949
|
d = b.getLoginParams(), v && await b.setDemonstratingProofOfPossessionNonce(v);
|
|
950
950
|
}
|
|
951
951
|
return await e.startCheckSessionAsync(a.checkSessionIframe, t, u, n), e.publishEvent(m.loginCallbackAsync_end, {}), {
|
|
@@ -981,7 +981,7 @@ const J = (e, n, s = null) => {
|
|
|
981
981
|
}, _n = (e) => async (n) => {
|
|
982
982
|
M.clearTimeout(e.timeoutId), e.timeoutId = null, e.checkSessionIFrame && e.checkSessionIFrame.stop();
|
|
983
983
|
const s = await I(e.configuration, e.configurationName);
|
|
984
|
-
s ? await s.clearAsync(n) : await
|
|
984
|
+
s ? await s.clearAsync(n) : await O(e.configurationName, e.configuration.storage).clearAsync(n), e.tokens = null, e.userInfo = null;
|
|
985
985
|
}, fn = (e, n, s, t, o) => async (i = void 0, r = null) => {
|
|
986
986
|
const a = e.configuration, l = await e.initAsync(a.authority, a.authority_configuration);
|
|
987
987
|
i && typeof i != "string" && (i = void 0, t.warn("callbackPathOrUrl path is not a string"));
|
|
@@ -1186,7 +1186,7 @@ const kn = () => {
|
|
|
1186
1186
|
s.service_worker_relative_url && e.publishEvent(m.service_worker_not_supported_by_browser, {
|
|
1187
1187
|
message: "service worker is not supported by this browser"
|
|
1188
1188
|
});
|
|
1189
|
-
const o =
|
|
1189
|
+
const o = O(e.configurationName, s.storage ?? sessionStorage), { tokens: i } = await o.initAsync();
|
|
1190
1190
|
if (i) {
|
|
1191
1191
|
e.tokens = X(i, null, s.token_renew_mode);
|
|
1192
1192
|
const r = o.getLoginParams();
|
|
@@ -1304,14 +1304,14 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1304
1304
|
await rn(this, x, this.configuration)(n, s, t, o);
|
|
1305
1305
|
}
|
|
1306
1306
|
async loginAsync(n = void 0, s = null, t = !1, o = void 0, i = !1) {
|
|
1307
|
-
return this.loginPromise !== null ? this.loginPromise : i ? on(window, this.configurationName, this.configuration, this.publishEvent.bind(this), this)(s, o) : (this.loginPromise = cn(this.configurationName, this.configuration, this.publishEvent.bind(this), this.initAsync.bind(this), this.location)(n, s, t, o), this.loginPromise.then((r) => (this.loginPromise = null, r)));
|
|
1307
|
+
return this.logoutPromise && await this.logoutPromise, this.loginPromise !== null ? this.loginPromise : i ? on(window, this.configurationName, this.configuration, this.publishEvent.bind(this), this)(s, o) : (this.loginPromise = cn(this.configurationName, this.configuration, this.publishEvent.bind(this), this.initAsync.bind(this), this.location)(n, s, t, o), this.loginPromise.then((r) => (this.loginPromise = null, r)));
|
|
1308
1308
|
}
|
|
1309
1309
|
async loginCallbackAsync(n = !1) {
|
|
1310
1310
|
if (this.loginCallbackPromise !== null)
|
|
1311
1311
|
return this.loginCallbackPromise;
|
|
1312
1312
|
const s = async () => {
|
|
1313
1313
|
const t = await ln(this)(n), o = t.tokens;
|
|
1314
|
-
return this.tokens = o, await I(this.configuration, this.configurationName) ||
|
|
1314
|
+
return this.tokens = o, await I(this.configuration, this.configurationName) || O(this.configurationName, this.configuration.storage).setTokens(o), this.publishEvent(F.eventNames.token_aquired, o), this.configuration.preload_user_info && await this.userInfoAsync(), { parsedTokens: o, state: t.state, callbackPath: t.callbackPath };
|
|
1315
1315
|
};
|
|
1316
1316
|
return this.loginCallbackPromise = s(), this.loginCallbackPromise.then((t) => (this.loginCallbackPromise = null, t));
|
|
1317
1317
|
}
|
|
@@ -1323,7 +1323,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1323
1323
|
let l;
|
|
1324
1324
|
if (a)
|
|
1325
1325
|
return `DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${this.configurationName}`;
|
|
1326
|
-
const f =
|
|
1326
|
+
const f = O(this.configurationName, i.storage);
|
|
1327
1327
|
let u = await f.getDemonstratingProofOfPossessionJwkAsync();
|
|
1328
1328
|
return l = await f.getDemonstratingProofOfPossessionNonce(), l && (r.nonce = l), await Ae(window)(i.demonstrating_proof_of_possession_configuration)(u, t, s, r);
|
|
1329
1329
|
}
|
package/dist/index.umd.cjs
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
(function(C,G){typeof exports=="object"&&typeof module<"u"?G(exports):typeof define=="function"&&define.amd?define(["exports"],G):(C=typeof globalThis<"u"?globalThis:C||self,G(C["oidc-client"]={}))})(this,function(C){"use strict";const D=console;class Ce{constructor(n,s,t,o=2e3,i=!0){this._callback=n,this._client_id=s,this._url=t,this._interval=o||2e3,this._stopOnError=i;const r=t.indexOf("/",t.indexOf("//")+2);this._frame_origin=t.substr(0,r),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.style.display="none",this._frame.width=0,this._frame.height=0,this._frame.src=t}load(){return new Promise(n=>{this._frame.onload=()=>{n()},window.document.body.appendChild(this._frame),this._boundMessageEvent=this._message.bind(this),window.addEventListener("message",this._boundMessageEvent,!1)})}_message(n){n.origin===this._frame_origin&&n.source===this._frame.contentWindow&&(n.data==="error"?(D.error("CheckSessionIFrame: error message from check session op iframe"),this._stopOnError&&this.stop()):n.data==="changed"?(D.debug(n),D.debug("CheckSessionIFrame: changed message from check session op iframe"),this.stop(),this._callback()):D.debug("CheckSessionIFrame: "+n.data+" message from check session op iframe"))}start(n){D.debug("CheckSessionIFrame.start :"+n),this.stop();const s=()=>{this._frame.contentWindow.postMessage(this._client_id+" "+n,this._frame_origin)};s(),this._timer=window.setInterval(s,this._interval)}stop(){this._timer&&(D.debug("CheckSessionIFrame.stop"),window.clearInterval(this._timer),this._timer=null)}}const m={service_worker_not_supported_by_browser:"service_worker_not_supported_by_browser",token_aquired:"token_aquired",logout_from_another_tab:"logout_from_another_tab",logout_from_same_tab:"logout_from_same_tab",token_renewed:"token_renewed",token_timer:"token_timer",loginAsync_begin:"loginAsync_begin",loginAsync_error:"loginAsync_error",loginCallbackAsync_begin:"loginCallbackAsync_begin",loginCallbackAsync_end:"loginCallbackAsync_end",loginCallbackAsync_error:"loginCallbackAsync_error",refreshTokensAsync_begin:"refreshTokensAsync_begin",refreshTokensAsync:"refreshTokensAsync",refreshTokensAsync_end:"refreshTokensAsync_end",refreshTokensAsync_error:"refreshTokensAsync_error",refreshTokensAsync_silent_error:"refreshTokensAsync_silent_error",tryKeepExistingSessionAsync_begin:"tryKeepExistingSessionAsync_begin",tryKeepExistingSessionAsync_end:"tryKeepExistingSessionAsync_end",tryKeepExistingSessionAsync_error:"tryKeepExistingSessionAsync_error",silentLoginAsync_begin:"silentLoginAsync_begin",silentLoginAsync:"silentLoginAsync",silentLoginAsync_end:"silentLoginAsync_end",silentLoginAsync_error:"silentLoginAsync_error",syncTokensAsync_begin:"syncTokensAsync_begin",syncTokensAsync_lock_not_available:"syncTokensAsync_lock_not_available",syncTokensAsync_end:"syncTokensAsync_end",syncTokensAsync_error:"syncTokensAsync_error",tokensInvalidAndWaitingActionsToRefresh:"tokensInvalidAndWaitingActionsToRefresh"},P=(e,n=sessionStorage)=>{const s=h=>(n[`oidc.${e}`]=JSON.stringify({tokens:null,status:h}),Promise.resolve()),t=async()=>{if(!n[`oidc.${e}`])return n[`oidc.${e}`]=JSON.stringify({tokens:null,status:null}),{tokens:null,status:null};const h=JSON.parse(n[`oidc.${e}`]);return Promise.resolve({tokens:h.tokens,status:h.status})},o=h=>{n[`oidc.${e}`]=JSON.stringify({tokens:h})},i=async h=>{n[`oidc.session_state.${e}`]=h},r=async()=>n[`oidc.session_state.${e}`],a=h=>{n[`oidc.nonce.${e}`]=h.nonce},l=h=>{n[`oidc.jwk.${e}`]=JSON.stringify(h)},f=()=>JSON.parse(n[`oidc.jwk.${e}`]),u=async()=>({nonce:n[`oidc.nonce.${e}`]}),c=async h=>{n[`oidc.dpop_nonce.${e}`]=h},_=()=>n[`oidc.dpop_nonce.${e}`],y=()=>n[`oidc.${e}`]?JSON.stringify({tokens:JSON.parse(n[`oidc.${e}`]).tokens}):null;let g={};return{clearAsync:s,initAsync:t,setTokens:o,getTokens:y,setSessionStateAsync:i,getSessionStateAsync:r,setNonceAsync:a,getNonceAsync:u,setLoginParams:h=>{g[e]=h,n[`oidc.login.${e}`]=JSON.stringify(h)},getLoginParams:()=>{const h=n[`oidc.login.${e}`];return h?(g[e]||(g[e]=JSON.parse(h)),g[e]):(console.warn(`storage[oidc.login.${e}] is empty, you should have an bad OIDC or code configuration somewhere.`),null)},getStateAsync:async()=>n[`oidc.state.${e}`],setStateAsync:async h=>{n[`oidc.state.${e}`]=h},getCodeVerifierAsync:async()=>n[`oidc.code_verifier.${e}`],setCodeVerifierAsync:async h=>{n[`oidc.code_verifier.${e}`]=h},setDemonstratingProofOfPossessionNonce:c,getDemonstratingProofOfPossessionNonce:_,setDemonstratingProofOfPossessionJwkAsync:l,getDemonstratingProofOfPossessionJwkAsync:f}};var R=(e=>(e.AutomaticBeforeTokenExpiration="AutomaticBeforeTokensExpiration",e.AutomaticOnlyWhenFetchExecuted="AutomaticOnlyWhenFetchExecuted",e))(R||{});const Ne=e=>decodeURIComponent(Array.prototype.map.call(atob(e),n=>"%"+("00"+n.charCodeAt(0).toString(16)).slice(-2)).join("")),xe=e=>JSON.parse(Ne(e.replaceAll(/-/g,"+").replaceAll(/_/g,"/"))),ue=e=>{try{return e&&We(e,".")===2?xe(e.split(".")[1]):null}catch(n){console.warn(n)}return null},We=(e,n)=>e.split(n).length-1,Y={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"};function Le(e,n,s){if(e.issuedAt){if(typeof e.issuedAt=="string")return parseInt(e.issuedAt,10)}else return n&&n.iat?n.iat:s&&s.iat?s.iat:new Date().getTime()/1e3;return e.issuedAt}const X=(e,n=null,s)=>{if(!e)return null;let t;const o=typeof e.expiresIn=="string"?parseInt(e.expiresIn,10):e.expiresIn;e.accessTokenPayload!==void 0?t=e.accessTokenPayload:t=ue(e.accessToken);let i;n!=null&&"idToken"in n&&!("idToken"in e)?i=n.idToken:i=e.idToken;const r=e.idTokenPayload?e.idTokenPayload:ue(i),a=r&&r.exp?r.exp:Number.MAX_VALUE,l=t&&t.exp?t.exp:e.issuedAt+o;e.issuedAt=Le(e,t,r);let f;e.expiresAt?f=e.expiresAt:s===Y.access_token_invalid?f=l:s===Y.id_token_invalid?f=a:f=a<l?a:l;const u={...e,idTokenPayload:r,accessTokenPayload:t,expiresAt:f,idToken:i};if(n!=null&&"refreshToken"in n&&!("refreshToken"in e)){const c=n.refreshToken;return{...u,refreshToken:c}}return u},ne=(e,n,s)=>{if(!e)return null;if(!e.issued_at){const o=new Date().getTime()/1e3;e.issued_at=o}const t={accessToken:e.access_token,expiresIn:e.expires_in,idToken:e.id_token,scope:e.scope,tokenType:e.token_type,issuedAt:e.issued_at};return"refresh_token"in e&&(t.refreshToken=e.refresh_token),e.accessTokenPayload!==void 0&&(t.accessTokenPayload=e.accessTokenPayload),e.idTokenPayload!==void 0&&(t.idTokenPayload=e.idTokenPayload),X(t,n,s)},U=(e,n)=>{const s=new Date().getTime()/1e3,t=n-s;return Math.round(t-e)},_e=e=>e?U(0,e.expiresAt)>0:!1,fe=async(e,n=200,s=50)=>{let t=s;if(!e.tokens)return null;for(;!_e(e.tokens)&&t>0;){if(e.configuration.token_automatic_renew_mode==R.AutomaticOnlyWhenFetchExecuted){await e.renewTokensAsync({});break}else await Q({milliseconds:n});t=t-1}return{isTokensValid:_e(e.tokens),tokens:e.tokens,numberWaited:t-s}},de=(e,n,s)=>{if(e.idTokenPayload){const t=e.idTokenPayload;if(s.issuer!==t.iss)return{isValid:!1,reason:`Issuer does not match (oidcServerConfiguration issuer) ${s.issuer} !== (idTokenPayload issuer) ${t.iss}`};const o=new Date().getTime()/1e3;if(t.exp&&t.exp<o)return{isValid:!1,reason:`Token expired (idTokenPayload exp) ${t.exp} < (currentTimeUnixSecond) ${o}`};const i=60*60*24*7;if(t.iat&&t.iat+i<o)return{isValid:!1,reason:`Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${t.iat+i} < (currentTimeUnixSecond) ${o}`};if(t.nonce&&t.nonce!==n)return{isValid:!1,reason:`Nonce does not match (idTokenPayload nonce) ${t.nonce} !== (nonce) ${n}`}}return{isValid:!0,reason:""}},V=function(){const e=typeof window>"u"?global:window;return{setTimeout:setTimeout.bind(e),clearTimeout:clearTimeout.bind(e),setInterval:setInterval.bind(e),clearInterval:clearInterval.bind(e)}}(),he="7.22.9";let ye=null,z;const Q=({milliseconds:e})=>new Promise(n=>V.setTimeout(n,e)),ge=(e="/")=>{try{z=new AbortController,fetch(`${e}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`,{signal:z.signal}).catch(t=>{console.log(t)}),Q({milliseconds:150*1e3}).then(ge)}catch(n){console.log(n)}},De=()=>{z&&z.abort()},Re=(e="/")=>fetch(`${e}OidcKeepAliveServiceWorker.json`,{headers:{"oidc-vanilla":"true"}}).then(n=>n.statusText==="oidc-service-worker").catch(n=>{console.log(n)}),$e=e=>async(n,s)=>{s(),await n.update();const t=await n.unregister();console.log(`Service worker unregistering ${t}`),await Q({milliseconds:2e3}),e.reload()},O=e=>n=>new Promise(function(s,t){const o=new MessageChannel;o.port1.onmessage=function(i){i.data&&i.data.error?t(i.data.error):s(i.data),o.port1.close(),o.port2.close()},e.active.postMessage(n,[o.port2])}),I=async(e,n)=>{const s=e.service_worker_relative_url;if(typeof window>"u"||typeof navigator>"u"||!navigator.serviceWorker||!s||e.service_worker_activate()===!1)return null;let t=null;e.register?t=await e.service_worker_register(s):t=await navigator.serviceWorker.register(s);try{await navigator.serviceWorker.ready,navigator.serviceWorker.controller||await O(t)({type:"claim"})}catch{return null}const o=async d=>O(t)({type:"clear",data:{status:d},configurationName:n}),i=async(d,A,v)=>{const L=await O(t)({type:"init",data:{oidcServerConfiguration:d,where:A,oidcConfiguration:{token_renew_mode:v.token_renew_mode,service_worker_convert_all_requests_to_cors:v.service_worker_convert_all_requests_to_cors}},configurationName:n}),F=L.version;return F!==he&&(console.warn(`Service worker ${F} version mismatch with js client version ${he}, unregistering and reloading`),await v.service_worker_update_require_callback(t,De)),{tokens:ne(L.tokens,null,v.token_renew_mode),status:L.status}},r=(d="/")=>{ye==null&&(ye="not_null",ge(d))},a=d=>O(t)({type:"setSessionState",data:{sessionState:d},configurationName:n}),l=async()=>(await O(t)({type:"getSessionState",data:null,configurationName:n})).sessionState,f=d=>(sessionStorage[`oidc.nonce.${n}`]=d.nonce,O(t)({type:"setNonce",data:{nonce:d},configurationName:n})),u=async()=>{let A=(await O(t)({type:"getNonce",data:null,configurationName:n})).nonce;return A||(A=sessionStorage[`oidc.nonce.${n}`],console.warn("nonce not found in service worker, using sessionStorage")),{nonce:A}};let c={};return{clearAsync:o,initAsync:i,startKeepAliveServiceWorker:()=>r(e.service_worker_keep_alive_path),isServiceWorkerProxyActiveAsync:()=>Re(e.service_worker_keep_alive_path),setSessionStateAsync:a,getSessionStateAsync:l,setNonceAsync:f,getNonceAsync:u,setLoginParams:d=>{c[n]=d,localStorage[`oidc.login.${n}`]=JSON.stringify(d)},getLoginParams:()=>{const d=localStorage[`oidc.login.${n}`];return c[n]||(c[n]=JSON.parse(d)),c[n]},getStateAsync:async()=>{let A=(await O(t)({type:"getState",data:null,configurationName:n})).state;return A||(A=sessionStorage[`oidc.state.${n}`],console.warn("state not found in service worker, using sessionStorage")),A},setStateAsync:async d=>(sessionStorage[`oidc.state.${n}`]=d,O(t)({type:"setState",data:{state:d},configurationName:n})),getCodeVerifierAsync:async()=>{let A=(await O(t)({type:"getCodeVerifier",data:null,configurationName:n})).codeVerifier;return A||(A=sessionStorage[`oidc.code_verifier.${n}`],console.warn("codeVerifier not found in service worker, using sessionStorage")),A},setCodeVerifierAsync:async d=>(sessionStorage[`oidc.code_verifier.${n}`]=d,O(t)({type:"setCodeVerifier",data:{codeVerifier:d},configurationName:n})),setDemonstratingProofOfPossessionNonce:async d=>{await O(t)({type:"setDemonstratingProofOfPossessionNonce",data:{demonstratingProofOfPossessionNonce:d},configurationName:n})},getDemonstratingProofOfPossessionNonce:async()=>(await O(t)({type:"getDemonstratingProofOfPossessionNonce",data:null,configurationName:n})).demonstratingProofOfPossessionNonce,setDemonstratingProofOfPossessionJwkAsync:async d=>{const A=JSON.stringify(d);await O(t)({type:"setDemonstratingProofOfPossessionJwk",data:{demonstratingProofOfPossessionJwkJson:A},configurationName:n})},getDemonstratingProofOfPossessionJwkAsync:async()=>{const d=await O(t)({type:"getDemonstratingProofOfPossessionJwk",data:null,configurationName:n});return d.demonstratingProofOfPossessionJwkJson?JSON.parse(d.demonstratingProofOfPossessionJwkJson):null}}},$={},Ke=(e,n=window.sessionStorage,s)=>{if(!$[e]&&n){const o=n.getItem(e);o&&($[e]=JSON.parse(o))}const t=1e3*s;return $[e]&&$[e].timestamp+t>Date.now()?$[e].result:null},Fe=(e,n,s=window.sessionStorage)=>{const t=Date.now();$[e]={result:n,timestamp:t},s&&s.setItem(e,JSON.stringify({result:n,timestamp:t}))};function ke(e){return new TextEncoder().encode(e)}function me(e){return btoa(e).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+/g,"")}function Ue(e){return encodeURIComponent(e).replace(/%([0-9A-F]{2})/g,function(s,t){return String.fromCharCode(parseInt(t,16))})}const se=e=>{let n="";return e.forEach(function(s){n+=String.fromCharCode(s)}),me(n)};function pe(e){return me(Ue(e))}const Ve={importKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256",hash:{name:"ES256"}},signAlgorithm:{name:"ECDSA",hash:{name:"SHA-256"}},generateKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256"},digestAlgorithm:{name:"SHA-256"},jwtHeaderAlgorithm:"ES256"};var Me={sign:e=>async(n,s,t,o,i="dpop+jwt")=>{switch(n=Object.assign({},n),s.typ=i,s.alg=o.jwtHeaderAlgorithm,s.alg){case"ES256":s.jwk={kty:n.kty,crv:n.crv,x:n.x,y:n.y};break;case"RS256":s.jwk={kty:n.kty,n:n.n,e:n.e,kid:s.kid};break;default:throw new Error("Unknown or not implemented JWS algorithm")}const r={protected:pe(JSON.stringify(s)),payload:pe(JSON.stringify(t))},a=o.importKeyAlgorithm,l=!0,f=["sign"],u=await e.crypto.subtle.importKey("jwk",n,a,l,f),c=ke(`${r.protected}.${r.payload}`),_=o.signAlgorithm,y=await e.crypto.subtle.sign(_,u,c);return r.signature=se(new Uint8Array(y)),`${r.protected}.${r.payload}.${r.signature}`}};const Je={generate:e=>async n=>{const s=n,t=!0,o=["sign","verify"],i=await e.crypto.subtle.generateKey(s,t,o);return await e.crypto.subtle.exportKey("jwk",i.privateKey)},neuter:e=>{const n=Object.assign({},e);return delete n.d,n.key_ops=["verify"],n}};var Be={thumbprint:e=>async(n,s)=>{let t;switch(n.kty){case"EC":t='{"crv":"CRV","kty":"EC","x":"X","y":"Y"}'.replace("CRV",n.crv).replace("X",n.x).replace("Y",n.y);break;case"RSA":t='{"e":"E","kty":"RSA","n":"N"}'.replace("E",n.e).replace("N",n.n);break;default:throw new Error("Unknown or not implemented JWK type")}const o=await e.crypto.subtle.digest(s,ke(t));return se(new Uint8Array(o))}};const He=e=>async n=>await Je.generate(e)(n),we=e=>n=>async(s,t="POST",o,i={})=>{const r={jti:btoa(je()),htm:t,htu:o,iat:Math.round(Date.now()/1e3),...i},a=await Be.thumbprint(e)(s,n.digestAlgorithm);return await Me.sign(e)(s,{kid:a},r,n)},je=()=>{const e="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx",n="0123456789abcdef";let s=0,t="";for(let o=0;o<36;o++)e[o]!=="-"&&e[o]!=="4"&&(s=Math.random()*16|0),e[o]==="x"?t+=n[s]:e[o]==="y"?(s&=3,s|=8,t+=n[s]):t+=e[o];return t},Ae=()=>{const e=typeof window<"u"&&!!window.crypto,n=e&&!!window.crypto.subtle;return{hasCrypto:e,hasSubtleCrypto:n}},te="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",qe=e=>{const n=[];for(let s=0;s<e.byteLength;s+=1){const t=e[s]%te.length;n.push(te[t])}return n.join("")},oe=e=>{const n=new Uint8Array(e),{hasCrypto:s}=Ae();if(s)window.crypto.getRandomValues(n);else for(let t=0;t<e;t+=1)n[t]=Math.random()*te.length|0;return qe(n)};function Ge(e){const n=new ArrayBuffer(e.length),s=new Uint8Array(n);for(let t=0;t<e.length;t++)s[t]=e.charCodeAt(t);return s}function Se(e){return new Promise((n,s)=>{crypto.subtle.digest("SHA-256",Ge(e)).then(t=>n(se(new Uint8Array(t))),t=>s(t))})}const Ye=e=>{if(e.length<43||e.length>128)return Promise.reject(new Error("Invalid code length."));const{hasSubtleCrypto:n}=Ae();return n?Se(e):Promise.reject(new Error("window.crypto.subtle is unavailable."))},Xe=60*60,ze=e=>async(n,s=Xe,t=window.sessionStorage,o=1e4)=>{const i=`${n}/.well-known/openid-configuration`,r=`oidc.server:${n}`,a=Ke(r,t,s);if(a)return new ce(a);const l=await M(e)(i,{},o);if(l.status!==200)return null;const f=await l.json();return Fe(r,f,t),new ce(f)},M=e=>async(n,s={},t=1e4,o=0)=>{let i;try{const r=new AbortController;setTimeout(()=>r.abort(),t),i=await e(n,{...s,signal:r.signal})}catch(r){if(r.name==="AbortError"||r.message==="Network request failed"){if(o<=1)return await M(e)(n,s,t,o+1);throw r}else throw console.error(r.message),r}return i},ie={refresh_token:"refresh_token",access_token:"access_token"},ve=e=>async(n,s,t=ie.refresh_token,o,i={},r=1e4)=>{const a={token:s,token_type_hint:t,client_id:o};for(const[c,_]of Object.entries(i))a[c]===void 0&&(a[c]=_);const l=[];for(const c in a){const _=encodeURIComponent(c),y=encodeURIComponent(a[c]);l.push(`${_}=${y}`)}const f=l.join("&");return(await M(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:f},r)).status!==200?{success:!1}:{success:!0}},Qe=e=>async(n,s,t,o,i={},r,a=1e4)=>{for(const[y,g]of Object.entries(t))s[y]===void 0&&(s[y]=g);const l=[];for(const y in s){const g=encodeURIComponent(y),p=encodeURIComponent(s[y]);l.push(`${g}=${p}`)}const f=l.join("&"),u=await M(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...i},body:f},a);if(u.status!==200)return{success:!1,status:u.status,demonstratingProofOfPossessionNonce:null};const c=await u.json();let _=null;return u.headers.has(Z)&&(_=u.headers.get(Z)),{success:!0,status:u.status,data:ne(c,o,r),demonstratingProofOfPossessionNonce:_}},Ze=(e,n)=>async(s,t)=>{t=t?{...t}:{};const o=oe(128),i=await Ye(o);await e.setCodeVerifierAsync(o),await e.setStateAsync(t.state),t.code_challenge=i,t.code_challenge_method="S256";let r="";if(t)for(const[a,l]of Object.entries(t))r===""?r+="?":r+="&",r+=`${a}=${encodeURIComponent(l)}`;n.open(`${s}${r}`)},Z="DPoP-Nonce",en=e=>async(n,s,t,o,i=1e4)=>{s=s?{...s}:{},s.code_verifier=await e.getCodeVerifierAsync();const r=[];for(const c in s){const _=encodeURIComponent(c),y=encodeURIComponent(s[c]);r.push(`${_}=${y}`)}const a=r.join("&"),l=await M(fetch)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...t},body:a},i);if(await Promise.all([e.setCodeVerifierAsync(null),e.setStateAsync(null)]),l.status!==200)return{success:!1,status:l.status};let f=null;l.headers.has(Z)&&(f=l.headers.get(Z));const u=await l.json();return{success:!0,data:{state:s.state,tokens:ne(u,null,o),demonstratingProofOfPossessionNonce:f}}};async function Te(e,n,s){const t=a=>{e.tokens=a},{tokens:o,status:i}=await ee(e)(0,n,s,t);return await I(e.configuration,e.configurationName)||await P(e.configurationName,e.configuration.storage).setTokens(e.tokens),e.tokens?o:(await e.destroyAsync(i),null)}const nn=async(e,n)=>{const s=await I(n,e.configurationName);if(s){const t=await e.initAsync(n.authority,n.authority_configuration),{tokens:o}=await s.initAsync(t,"tryKeepExistingSessionAsync",n);return o}else{const t=P(e.configurationName,n.storage??sessionStorage);let{tokens:o}=await t.initAsync();return o=X(o,e.tokens,n.token_renew_mode),o}};async function Ee(e,n=!1,s=null){const t=e.configuration,o=`${t.client_id}_${e.configurationName}_${t.authority}`;let i;const r=await I(e.configuration,e.configurationName);return(t==null?void 0:t.storage)===(window==null?void 0:window.sessionStorage)&&!r?i=await Te(e,n,s):i=await navigator.locks.request(o,{ifAvailable:!0},async a=>a?await Te(e,n,s):(e.publishEvent(N.eventNames.syncTokensAsync_lock_not_available,{lock:"lock not available"}),await nn(e,t))),i?(e.timeoutId&&(e.timeoutId=J(e,e.tokens.expiresAt,s)),e.tokens):null}const J=(e,n,s=null)=>{const t=e.configuration.refresh_time_before_tokens_expiration_in_second;return V.setTimeout(async()=>{const i={timeLeft:U(t,n)};e.publishEvent(N.eventNames.token_timer,i),await Ee(e,!1,s)},1e3)},x={FORCE_REFRESH:"FORCE_REFRESH",SESSION_LOST:"SESSION_LOST",NOT_CONNECTED:"NOT_CONNECTED",TOKENS_VALID:"TOKENS_VALID",TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID",LOGOUT_FROM_ANOTHER_TAB:"LOGOUT_FROM_ANOTHER_TAB",REQUIRE_SYNC_TOKENS:"REQUIRE_SYNC_TOKENS"},sn=e=>async(n,s,t,o=!1)=>{const i={nonce:null};if(!t)return{tokens:null,status:"NOT_CONNECTED",nonce:i};let r=i;const a=await e.initAsync(n.authority,n.authority_configuration),l=await I(n,s);if(l){const{status:c,tokens:_}=await l.initAsync(a,"syncTokensAsync",n);if(c==="LOGGED_OUT")return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};if(c==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(!c||!_)return{tokens:null,status:"REQUIRE_SYNC_TOKENS",nonce:i};if(_.issuedAt!==t.issuedAt){const g=U(n.refresh_time_before_tokens_expiration_in_second,_.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",p=await l.getNonceAsync();return{tokens:_,status:g,nonce:p}}r=await l.getNonceAsync()}else{const c=P(s,n.storage??sessionStorage);let{tokens:_,status:y}=await c.initAsync();if(_&&(_=X(_,e.tokens,n.token_renew_mode)),_){if(y==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(_.issuedAt!==t.issuedAt){const p=U(n.refresh_time_before_tokens_expiration_in_second,_.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",k=await c.getNonceAsync();return{tokens:_,status:p,nonce:k}}}else return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};r=await c.getNonceAsync()}const u=U(n.refresh_time_before_tokens_expiration_in_second,t.expiresAt)>0?"TOKENS_VALID":"TOKENS_INVALID";return o?{tokens:t,status:"FORCE_REFRESH",nonce:r}:{tokens:t,status:u,nonce:r}},ee=e=>async(n=0,s=!1,t=null,o)=>{if(!navigator.onLine&&document.hidden)return{tokens:e.tokens,status:"GIVE_UP"};let i=6;for(;!navigator.onLine&&i>0;)await Q({milliseconds:1e3}),i--,e.publishEvent(m.refreshTokensAsync,{message:`wait because navigator is offline try ${i}`});const r=n+1;t||(t={});const a=e.configuration,l=(u,c=null,_=null)=>re(e.configurationName,e.configuration,e.publishEvent.bind(e))(u,c,_),f=async()=>{try{let u;const c=await I(a,e.configurationName);c?u=c.getLoginParams():u=P(e.configurationName,a.storage).getLoginParams();const _=await l({...u.extras,...t,prompt:"none"});return _?_.error?(o(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent"}),{tokens:null,status:"SESSION_LOST"}):(o(_.tokens),e.publishEvent(N.eventNames.token_renewed,{}),{tokens:_.tokens,status:"LOGGED"}):(o(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent not active"}),{tokens:null,status:"SESSION_LOST"})}catch(u){return console.error(u),e.publishEvent(m.refreshTokensAsync_silent_error,{message:"exceptionSilent",exception:u.message}),await ee(e)(r,s,t,o)}};try{const{status:u,tokens:c,nonce:_}=await sn(e)(a,e.configurationName,e.tokens,s);switch(u){case x.SESSION_LOST:return o(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token session lost"}),{tokens:null,status:"SESSION_LOST"};case x.NOT_CONNECTED:return o(null),{tokens:null,status:null};case x.TOKENS_VALID:return o(c),{tokens:c,status:"LOGGED_IN"};case x.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:return o(c),e.publishEvent(N.eventNames.token_renewed,{reason:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID"}),{tokens:c,status:"LOGGED_IN"};case x.LOGOUT_FROM_ANOTHER_TAB:return o(null),e.publishEvent(m.logout_from_another_tab,{status:"session syncTokensAsync"}),{tokens:null,status:"LOGGED_OUT"};case x.REQUIRE_SYNC_TOKENS:return a.token_automatic_renew_mode==R.AutomaticOnlyWhenFetchExecuted&&x.FORCE_REFRESH!==u?(e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:"GIVE_UP"}):(e.publishEvent(m.refreshTokensAsync_begin,{tryNumber:n}),await f());default:{if(a.token_automatic_renew_mode==R.AutomaticOnlyWhenFetchExecuted&&x.FORCE_REFRESH!==u)return e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:"GIVE_UP"};if(e.publishEvent(m.refreshTokensAsync_begin,{refreshToken:c.refreshToken,status:u,tryNumber:n}),!c.refreshToken)return await f();const y=a.client_id,g=a.redirect_uri,p=a.authority,w={...a.token_request_extras?a.token_request_extras:{}};for(const[S,E]of Object.entries(t))S.endsWith(":token_request")&&(w[S.replace(":token_request","")]=E);return await(async()=>{const S={client_id:y,redirect_uri:g,grant_type:"refresh_token",refresh_token:c.refreshToken},E=await e.initAsync(p,a.authority_configuration),h=document.hidden?1e4:3e4*10,d=E.tokenEndpoint,A={};a.demonstrating_proof_of_possession&&(A.DPoP=await e.generateDemonstrationOfProofOfPossessionAsync(c.accessToken,d,"POST"));const v=await Qe(e.getFetch())(d,S,w,c,A,a.token_renew_mode,h);if(v.success){const{isValid:L,reason:F}=de(v.data,_.nonce,E);if(!L)return o(null),e.publishEvent(m.refreshTokensAsync_error,{message:`refresh token return not valid tokens, reason: ${F}`}),{tokens:null,status:"SESSION_LOST"};if(o(v.data),v.demonstratingProofOfPossessionNonce){const b=await I(a,e.configurationName);b?await b.setDemonstratingProofOfPossessionNonce(v.demonstratingProofOfPossessionNonce):await P(e.configurationName,a.storage).setDemonstratingProofOfPossessionNonce(v.demonstratingProofOfPossessionNonce)}return e.publishEvent(m.refreshTokensAsync_end,{success:v.success}),e.publishEvent(N.eventNames.token_renewed,{reason:"REFRESH_TOKEN"}),{tokens:v.data,status:"LOGGED_IN"}}else return e.publishEvent(m.refreshTokensAsync_silent_error,{message:"bad request",tokenResponse:v}),v.status>=400&&v.status<500?(o(null),e.publishEvent(m.refreshTokensAsync_error,{message:`session lost: ${v.status}`}),{tokens:null,status:"SESSION_LOST"}):await ee(e)(r,s,t,o)})()}}}catch(u){return console.error(u),e.publishEvent(m.refreshTokensAsync_silent_error,{message:"exception",exception:u.message}),ee(e)(r,s,t,o)}},re=(e,n,s)=>(t=null,o=null,i=null)=>{if(!n.silent_redirect_uri||!n.silent_login_uri)return Promise.resolve(null);try{s(m.silentLoginAsync_begin,{});let r="";if(o&&(t==null&&(t={}),t.state=o),i&&(t==null&&(t={}),t.scope=i),t!=null)for(const[c,_]of Object.entries(t))r===""?r=`?${encodeURIComponent(c)}=${encodeURIComponent(_)}`:r+=`&${encodeURIComponent(c)}=${encodeURIComponent(_)}`;const a=n.silent_login_uri+r,l=a.indexOf("/",a.indexOf("//")+2),f=a.substring(0,l),u=document.createElement("iframe");return u.width="0px",u.height="0px",u.id=`${e}_oidc_iframe`,u.setAttribute("src",a),document.body.appendChild(u),new Promise((c,_)=>{let y=!1;const g=()=>{window.removeEventListener("message",p),u.remove(),y=!0},p=k=>{if(k.origin===f&&k.source===u.contentWindow){const w=`${e}_oidc_tokens:`,T=`${e}_oidc_error:`,S=`${e}_oidc_exception:`,E=k.data;if(E&&typeof E=="string"&&!y){if(E.startsWith(w)){const h=JSON.parse(k.data.replace(w,""));s(m.silentLoginAsync_end,{}),c(h),g()}else if(E.startsWith(T)){const h=JSON.parse(k.data.replace(T,""));s(m.silentLoginAsync_error,h),c({error:"oidc_"+h.error,tokens:null,sessionState:null}),g()}else if(E.startsWith(S)){const h=JSON.parse(k.data.replace(S,""));s(m.silentLoginAsync_error,h),_(new Error(h.error)),g()}}}};try{window.addEventListener("message",p);const k=n.silent_login_timeout;setTimeout(()=>{y||(g(),s(m.silentLoginAsync_error,{reason:"timeout"}),_(new Error("timeout")))},k)}catch(k){g(),s(m.silentLoginAsync_error,k),_(k)}})}catch(r){throw s(m.silentLoginAsync_error,r),r}},tn=(e,n,s,t,o)=>(i=null,r=void 0)=>{i={...i};const a=(f,u,c)=>re(n,s,t.bind(o))(f,u,c);return(async()=>{o.timeoutId&&V.clearTimeout(o.timeoutId);let f;i&&"state"in i&&(f=i.state,delete i.state);try{const u=s.extras?{...s.extras,...i}:i,c=await a({...u,prompt:"none"},f,r);if(c)return o.tokens=c.tokens,t(m.token_aquired,{}),o.timeoutId=J(o,o.tokens.expiresAt,i),{}}catch(u){return u}})()},on=(e,n,s)=>(t,o,i,r=!1)=>{const a=(l,f=void 0,u=void 0)=>re(e.configurationName,s,e.publishEvent.bind(e))(l,f,u);return new Promise((l,f)=>{if(s.silent_login_uri&&s.silent_redirect_uri&&s.monitor_session&&t&&i&&!r){const u=()=>{e.checkSessionIFrame.stop();const c=e.tokens;if(c===null)return;const _=c.idToken,y=c.idTokenPayload;return a({prompt:"none",id_token_hint:_,scope:s.scope||"openid"}).then(g=>{if(g.error)throw new Error(g.error);const p=g.tokens.idTokenPayload;if(y.sub===p.sub){const k=g.sessionState;e.checkSessionIFrame.start(g.sessionState),y.sid===p.sid?console.debug("SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",k):console.debug("SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:",k)}else console.debug("SessionMonitor._callback: Different subject signed into OP:",p.sub)}).catch(async g=>{console.warn("SessionMonitor._callback: Silent login failed, logging out other tabs:",g);for(const[p,k]of Object.entries(n))await k.logoutOtherTabAsync(s.client_id,y.sub)})};e.checkSessionIFrame=new Ce(u,o,t),e.checkSessionIFrame.load().then(()=>{e.checkSessionIFrame.start(i),l(e.checkSessionIFrame)}).catch(c=>{f(c)})}else l(null)})},be=e=>{const n=e.match(/^([a-z][\w-]+\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/);if(!n)throw new Error("Invalid URL");let s=n[6],t=n[7];if(t){const o=t.split("?");o.length===2&&(t=o[0],s=o[1])}return s.startsWith("?")&&(s=s.slice(1)),n&&{href:e,protocol:n[1],host:n[2],hostname:n[3],port:n[4],path:n[5],search:s,hash:t}},rn=e=>{const n=be(e);let{path:s}=n;s.endsWith("/")&&(s=s.slice(0,-1));let{hash:t}=n;return t==="#_=_"&&(t=""),t&&(s+=t),s},B=e=>{const n=be(e),{search:s}=n;return an(s)},an=e=>{const n={};let s,t,o;const i=e.split("&");for(t=0,o=i.length;t<o;t++)s=i[t].split("="),n[decodeURIComponent(s[0])]=decodeURIComponent(s[1]);return n},cn=(e,n,s,t,o)=>(i=void 0,r=null,a=!1,l=void 0)=>{const f=r;return r={...r},(async()=>{const c=i||o.getPath();if("state"in r||(r.state=oe(16)),s(m.loginAsync_begin,{}),r)for(const _ of Object.keys(r))_.endsWith(":token_request")&&delete r[_];try{const _=a?n.silent_redirect_uri:n.redirect_uri;l||(l=n.scope);const y=n.extras?{...n.extras,...r}:r;y.nonce||(y.nonce=oe(12));const g={nonce:y.nonce},p=await I(n,e),k=await t(n.authority,n.authority_configuration);let w;if(p)p.setLoginParams({callbackPath:c,extras:f}),await p.initAsync(k,"loginAsync",n),await p.setNonceAsync(g),p.startKeepAliveServiceWorker(),w=p;else{const S=P(e,n.storage??sessionStorage);S.setLoginParams({callbackPath:c,extras:f}),await S.setNonceAsync(g),w=S}const T={client_id:n.client_id,redirect_uri:_,scope:l,response_type:"code",...y};await Ze(w,o)(k.authorizationEndpoint,T)}catch(_){throw s(m.loginAsync_error,_),_}})()},ln=e=>async(n=!1)=>{try{e.publishEvent(m.loginCallbackAsync_begin,{});const s=e.configuration,t=s.client_id,o=n?s.silent_redirect_uri:s.redirect_uri,i=s.authority,r=s.token_request_timeout,a=await e.initAsync(i,s.authority_configuration),l=e.location.getCurrentHref(),u=B(l).session_state,c=await I(s,e.configurationName);let _,y,g,p;if(c)await c.initAsync(a,"loginCallbackAsync",s),await c.setSessionStateAsync(u),y=await c.getNonceAsync(),g=c.getLoginParams(),p=await c.getStateAsync(),c.startKeepAliveServiceWorker(),_=c;else{const b=P(e.configurationName,s.storage??sessionStorage);await b.setSessionStateAsync(u),y=await b.getNonceAsync(),g=b.getLoginParams(),p=await b.getStateAsync(),_=b}const k=B(l);if(k.error||k.error_description)throw new Error(`Error from OIDC server: ${k.error} - ${k.error_description}`);if(k.iss&&k.iss!==a.issuer)throw console.error(),new Error(`Issuer not valid (expected: ${a.issuer}, received: ${k.iss})`);if(k.state&&k.state!==p)throw new Error(`State not valid (expected: ${p}, received: ${k.state})`);const w={code:k.code,grant_type:"authorization_code",client_id:s.client_id,redirect_uri:o},T={};if(s.token_request_extras)for(const[b,q]of Object.entries(s.token_request_extras))T[b]=q;if(g&&g.extras)for(const[b,q]of Object.entries(g.extras))b.endsWith(":token_request")&&(T[b.replace(":token_request","")]=q);const S=a.tokenEndpoint,E={};if(s.demonstrating_proof_of_possession)if(c)E.DPoP=`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;else{const b=await He(window)(s.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm);await P(e.configurationName,s.storage).setDemonstratingProofOfPossessionJwkAsync(b),E.DPoP=await we(window)(s.demonstrating_proof_of_possession_configuration)(b,"POST",S)}const h=await en(_)(S,{...w,...T},E,e.configuration.token_renew_mode,r);if(!h.success)throw new Error("Token request failed");let d;const A=h.data.tokens,v=h.data.demonstratingProofOfPossessionNonce;if(h.data.state!==T.state)throw new Error("state is not valid");const{isValid:L,reason:F}=de(A,y.nonce,a);if(!L)throw new Error(`Tokens are not OpenID valid, reason: ${F}`);if(c){if(A.refreshToken&&!A.refreshToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Refresh token should be hidden by service worker");if(v&&A.accessToken&&A.accessToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Demonstration of proof of possession require Access token not hidden by service worker")}if(c)await c.initAsync(a,"syncTokensAsync",s),d=c.getLoginParams(),v&&await c.setDemonstratingProofOfPossessionNonce(v);else{const b=P(e.configurationName,s.storage);d=b.getLoginParams(),v&&await b.setDemonstratingProofOfPossessionNonce(v)}return await e.startCheckSessionAsync(a.checkSessionIframe,t,u,n),e.publishEvent(m.loginCallbackAsync_end,{}),{tokens:A,state:"request.state",callbackPath:d.callbackPath}}catch(s){throw console.error(s),e.publishEvent(m.loginCallbackAsync_error,s),s}},Oe={access_token:"access_token",refresh_token:"refresh_token"},ae=(e,n)=>{const s={};if(e){for(const[t,o]of Object.entries(e))if(t.endsWith(n)){const i=t.replace(n,"");s[i]=o}return s}return s},un=e=>{const n={};if(e){for(const[s,t]of Object.entries(e))s.includes(":")||(n[s]=t);return n}return n},_n=e=>async n=>{V.clearTimeout(e.timeoutId),e.timeoutId=null,e.checkSessionIFrame&&e.checkSessionIFrame.stop();const s=await I(e.configuration,e.configurationName);s?await s.clearAsync(n):await P(e.configurationName,e.configuration.storage).clearAsync(n),e.tokens=null,e.userInfo=null},fn=(e,n,s,t,o)=>async(i=void 0,r=null)=>{const a=e.configuration,l=await e.initAsync(a.authority,a.authority_configuration);i&&typeof i!="string"&&(i=void 0,t.warn("callbackPathOrUrl path is not a string"));const f=i??o.getPath();let u=!1;i&&(u=i.includes("https://")||i.includes("http://"));const c=u?i:o.getOrigin()+f,_=e.tokens?e.tokens.idToken:"";try{const w=l.revocationEndpoint;if(w){const T=[],S=e.tokens?e.tokens.accessToken:null;if(S&&a.logout_tokens_to_invalidate.includes(Oe.access_token)){const h=ae(r,":revoke_access_token"),d=ve(s)(w,S,ie.access_token,a.client_id,h);T.push(d)}const E=e.tokens?e.tokens.refreshToken:null;if(E&&a.logout_tokens_to_invalidate.includes(Oe.refresh_token)){const h=ae(r,":revoke_refresh_token"),d=ve(s)(w,E,ie.refresh_token,a.client_id,h);T.push(d)}T.length>0&&await Promise.all(T)}}catch(w){t.warn("logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error"),t.warn(w)}const y=e.tokens&&e.tokens.idTokenPayload?e.tokens.idTokenPayload.sub:null;await e.destroyAsync("LOGGED_OUT");for(const[w,T]of Object.entries(n))T!==e?await e.logoutSameTabAsync(e.configuration.client_id,y):e.publishEvent(m.logout_from_same_tab,{});const g=ae(r,":oidc");if(g&&g.no_reload==="true")return;const k=un(r);if(l.endSessionEndpoint){"id_token_hint"in k||(k.id_token_hint=_),!("post_logout_redirect_uri"in k)&&i!==null&&(k.post_logout_redirect_uri=c);let w="";for(const[T,S]of Object.entries(k))S!=null&&(w===""?w+="?":w+="&",w+=`${T}=${encodeURIComponent(S)}`);o.open(`${l.endSessionEndpoint}${w}`)}else o.reload()},Pe=(e,n,s=!1)=>async(...t)=>{var y;const[o,i,...r]=t,a=i?{...i}:{method:"GET"};let l=new Headers;a.headers&&(l=a.headers instanceof Headers?a.headers:new Headers(a.headers));const f=n,u=await fe(f),c=(y=u==null?void 0:u.tokens)==null?void 0:y.accessToken;if(l.has("Accept")||l.set("Accept","application/json"),c){if(f.configuration.demonstrating_proof_of_possession&&s){const g=await f.generateDemonstrationOfProofOfPossessionAsync(c,o.toString(),a.method);l.set("Authorization",`PoP ${c}`),l.set("DPoP",g)}else l.set("Authorization",`Bearer ${c}`);a.credentials||(a.credentials="same-origin")}const _={...a,headers:l};return await e(o,_,...r)},dn=e=>async(n=!1,s=!1)=>{if(e.userInfo!=null&&!n)return e.userInfo;const t=e.configuration,i=(await e.initAsync(t.authority,t.authority_configuration)).userInfoEndpoint,a=await(async()=>{const f=await Pe(fetch,e,s)(i);return f.status!==200?null:f.json()})();return e.userInfo=a,a};class H{open(n){window.location.href=n}reload(){window.location.reload()}getCurrentHref(){return window.location.href}getPath(){const n=window.location;return n.pathname+(n.search||"")+(n.hash||"")}getOrigin(){return window.origin}}const hn=e=>!!(e.os==="iOS"&&e.osVersion.startsWith("12")||e.os==="Mac OS X"&&e.osVersion.startsWith("10_15_6")),yn=e=>{const n=e.appVersion,s=e.userAgent,t="-";let o=t;const i=[{s:"Windows 10",r:/(Windows 10.0|Windows NT 10.0)/},{s:"Windows 8.1",r:/(Windows 8.1|Windows NT 6.3)/},{s:"Windows 8",r:/(Windows 8|Windows NT 6.2)/},{s:"Windows 7",r:/(Windows 7|Windows NT 6.1)/},{s:"Windows Vista",r:/Windows NT 6.0/},{s:"Windows Server 2003",r:/Windows NT 5.2/},{s:"Windows XP",r:/(Windows NT 5.1|Windows XP)/},{s:"Windows 2000",r:/(Windows NT 5.0|Windows 2000)/},{s:"Windows ME",r:/(Win 9x 4.90|Windows ME)/},{s:"Windows 98",r:/(Windows 98|Win98)/},{s:"Windows 95",r:/(Windows 95|Win95|Windows_95)/},{s:"Windows NT 4.0",r:/(Windows NT 4.0|WinNT4.0|WinNT|Windows NT)/},{s:"Windows CE",r:/Windows CE/},{s:"Windows 3.11",r:/Win16/},{s:"Android",r:/Android/},{s:"Open BSD",r:/OpenBSD/},{s:"Sun OS",r:/SunOS/},{s:"Chrome OS",r:/CrOS/},{s:"Linux",r:/(Linux|X11(?!.*CrOS))/},{s:"iOS",r:/(iPhone|iPad|iPod)/},{s:"Mac OS X",r:/Mac OS X/},{s:"Mac OS",r:/(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/},{s:"QNX",r:/QNX/},{s:"UNIX",r:/UNIX/},{s:"BeOS",r:/BeOS/},{s:"OS/2",r:/OS\/2/},{s:"Search Bot",r:/(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/}];for(const a in i){const l=i[a];if(l.r.test(s)){o=l.s;break}}let r=t;switch(/Windows/.test(o)&&(r=/Windows (.*)/.exec(o)[1],o="Windows"),o){case"Mac OS":case"Mac OS X":case"Android":r=/(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(s)[1];break;case"iOS":{const a=/OS (\d+)_(\d+)_?(\d+)?/.exec(n);a!=null&&a.length>2&&(r=a[1]+"."+a[2]+"."+(parseInt(a[3])|0));break}}return{os:o,osVersion:r}};function gn(){const e=navigator.userAgent;let n,s=e.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i)||[];if(/trident/i.test(s[1]))return n=/\brv[ :]+(\d+)/g.exec(e)||[],{name:"ie",version:n[1]||""};if(s[1]==="Chrome"&&(n=e.match(/\bOPR|Edge\/(\d+)/),n!=null)){let t=n[1];if(!t){const o=e.split(n[0]+"/");o.length>1&&(t=o[1])}return{name:"opera",version:t}}return s=s[2]?[s[1],s[2]]:[navigator.appName,navigator.appVersion,"-?"],(n=e.match(/version\/(\d+)/i))!=null&&s.splice(1,1,n[1]),{name:s[0].toLowerCase(),version:s[1]}}const kn=()=>{const{name:e,version:n}=gn();if(e==="chrome"&&parseInt(n)<=70||e==="opera"&&(!n||parseInt(n.split(".")[0])<80)||e==="ie")return!1;const s=yn(navigator);return!hn(s)},mn=async e=>{let n;if(e.tokens!=null)return!1;e.publishEvent(m.tryKeepExistingSessionAsync_begin,{});try{const s=e.configuration,t=await e.initAsync(s.authority,s.authority_configuration);if(n=await I(s,e.configurationName),n){const{tokens:o}=await n.initAsync(t,"tryKeepExistingSessionAsync",s);if(o){n.startKeepAliveServiceWorker(),e.tokens=o;const i=n.getLoginParams(e.configurationName);e.timeoutId=J(e,e.tokens.expiresAt,i.extras);const r=await n.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,r),s.preload_user_info&&await e.userInfoAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside ServiceWorker are valid"}),!0}e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:"no exiting session found"})}else{s.service_worker_relative_url&&e.publishEvent(m.service_worker_not_supported_by_browser,{message:"service worker is not supported by this browser"});const o=P(e.configurationName,s.storage??sessionStorage),{tokens:i}=await o.initAsync();if(i){e.tokens=X(i,null,s.token_renew_mode);const r=o.getLoginParams();e.timeoutId=J(e,e.tokens.expiresAt,r.extras);const a=await o.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,a),s.preload_user_info&&await e.userInfoAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside storage are valid"}),!0}}return e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:n?"service worker sessions not retrieved":"session storage sessions not retrieved"}),!1}catch(s){return console.error(s),n&&await n.clearAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_error,"tokens inside ServiceWorker are invalid"),!1}},Ie=()=>fetch;class ce{constructor(n){this.authorizationEndpoint=n.authorization_endpoint,this.tokenEndpoint=n.token_endpoint,this.revocationEndpoint=n.revocation_endpoint,this.userInfoEndpoint=n.userinfo_endpoint,this.checkSessionIframe=n.check_session_iframe,this.issuer=n.issuer,this.endSessionEndpoint=n.end_session_endpoint}}const W={},pn=(e,n=new H)=>(s,t="default")=>(W[t]||(W[t]=new N(s,t,e,n)),W[t]),wn=async e=>{const{parsedTokens:n,callbackPath:s}=await e.loginCallbackAsync();return e.timeoutId=J(e,n.expiresAt),{callbackPath:s}},An=e=>Math.floor(Math.random()*e),j=class j{constructor(n,s="default",t,o=new H){this.initPromise=null,this.tryKeepExistingSessionPromise=null,this.loginPromise=null,this.loginCallbackPromise=null,this.loginCallbackWithAutoTokensRenewPromise=null,this.userInfoPromise=null,this.renewTokensPromise=null,this.logoutPromise=null;let i=n.silent_login_uri;n.silent_redirect_uri&&!n.silent_login_uri&&(i=`${n.silent_redirect_uri.replace("-callback","").replace("callback","")}-login`);let r=n.refresh_time_before_tokens_expiration_in_second??120;r>60&&(r=r-Math.floor(Math.random()*40)),this.location=o??new H;const a=n.service_worker_update_require_callback??$e(this.location);this.configuration={...n,silent_login_uri:i,token_automatic_renew_mode:n.token_automatic_renew_mode??R.AutomaticBeforeTokenExpiration,monitor_session:n.monitor_session??!1,refresh_time_before_tokens_expiration_in_second:r,silent_login_timeout:n.silent_login_timeout??12e3,token_renew_mode:n.token_renew_mode??Y.access_token_or_id_token_invalid,demonstrating_proof_of_possession:n.demonstrating_proof_of_possession??!1,authority_timeout_wellknowurl_in_millisecond:n.authority_timeout_wellknowurl_in_millisecond??1e4,logout_tokens_to_invalidate:n.logout_tokens_to_invalidate??["access_token","refresh_token"],service_worker_update_require_callback:a,service_worker_activate:n.service_worker_activate??kn,demonstrating_proof_of_possession_configuration:n.demonstrating_proof_of_possession_configuration??Ve,preload_user_info:n.preload_user_info??!1},this.getFetch=t??Ie,this.configurationName=s,this.tokens=null,this.userInfo=null,this.events=[],this.timeoutId=null,this.loginCallbackWithAutoTokensRenewAsync.bind(this),this.initAsync.bind(this),this.loginCallbackAsync.bind(this),this.subscribeEvents.bind(this),this.removeEventSubscription.bind(this),this.publishEvent.bind(this),this.destroyAsync.bind(this),this.logoutAsync.bind(this),this.renewTokensAsync.bind(this),this.initAsync(this.configuration.authority,this.configuration.authority_configuration)}subscribeEvents(n){const s=An(9999999999999).toString();return this.events.push({id:s,func:n}),s}removeEventSubscription(n){const s=this.events.filter(t=>t.id!==n);this.events=s}publishEvent(n,s){this.events.forEach(t=>{t.func(n,s)})}static get(n="default"){const s=typeof process>"u";if(!Object.prototype.hasOwnProperty.call(W,n)&&s)throw Error(`OIDC library does seem initialized.
|
|
2
|
-
Please checkout that you are using OIDC hook inside a <OidcProvider configurationName="${n}"></OidcProvider> component.`);return W[n]}_silentLoginCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const n=this.location,s=B(n.getCurrentHref());window.parent.postMessage(`${this.configurationName}_oidc_tokens:${JSON.stringify({tokens:this.tokens,sessionState:s.session_state})}`,n.getOrigin())}}_silentLoginErrorCallbackFromIFrame(n=null){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const s=this.location,t=B(s.getCurrentHref());t.error?window.parent.postMessage(`${this.configurationName}_oidc_error:${JSON.stringify({error:t.error})}`,s.getOrigin()):window.parent.postMessage(`${this.configurationName}_oidc_exception:${JSON.stringify({error:n==null?"":n.toString()})}`,s.getOrigin())}}async silentLoginCallbackAsync(){try{await this.loginCallbackAsync(!0),this._silentLoginCallbackFromIFrame()}catch(n){console.error(n),this._silentLoginErrorCallbackFromIFrame(n)}}async initAsync(n,s){if(this.initPromise!==null)return this.initPromise;const t=async()=>{if(s!=null)return new ce({authorization_endpoint:s.authorization_endpoint,end_session_endpoint:s.end_session_endpoint,revocation_endpoint:s.revocation_endpoint,token_endpoint:s.token_endpoint,userinfo_endpoint:s.userinfo_endpoint,check_session_iframe:s.check_session_iframe,issuer:s.issuer});const i=await I(this.configuration,this.configurationName)?window.localStorage:null;return await ze(this.getFetch())(n,this.configuration.authority_time_cache_wellknowurl_in_second??60*60,i,this.configuration.authority_timeout_wellknowurl_in_millisecond)};return this.initPromise=t(),this.initPromise.then(o=>(this.initPromise=null,o))}async tryKeepExistingSessionAsync(){return this.tryKeepExistingSessionPromise!==null?this.tryKeepExistingSessionPromise:(this.tryKeepExistingSessionPromise=mn(this),this.tryKeepExistingSessionPromise.then(n=>(this.tryKeepExistingSessionPromise=null,n)))}async startCheckSessionAsync(n,s,t,o=!1){await on(this,W,this.configuration)(n,s,t,o)}async loginAsync(n=void 0,s=null,t=!1,o=void 0,i=!1){return this.loginPromise!==null?this.loginPromise:i?tn(window,this.configurationName,this.configuration,this.publishEvent.bind(this),this)(s,o):(this.loginPromise=cn(this.configurationName,this.configuration,this.publishEvent.bind(this),this.initAsync.bind(this),this.location)(n,s,t,o),this.loginPromise.then(r=>(this.loginPromise=null,r)))}async loginCallbackAsync(n=!1){if(this.loginCallbackPromise!==null)return this.loginCallbackPromise;const s=async()=>{const t=await ln(this)(n),o=t.tokens;return this.tokens=o,await I(this.configuration,this.configurationName)||
|
|
1
|
+
(function(C,G){typeof exports=="object"&&typeof module<"u"?G(exports):typeof define=="function"&&define.amd?define(["exports"],G):(C=typeof globalThis<"u"?globalThis:C||self,G(C["oidc-client"]={}))})(this,function(C){"use strict";const D=console;class Ce{constructor(n,s,t,o=2e3,i=!0){this._callback=n,this._client_id=s,this._url=t,this._interval=o||2e3,this._stopOnError=i;const r=t.indexOf("/",t.indexOf("//")+2);this._frame_origin=t.substr(0,r),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.style.display="none",this._frame.width=0,this._frame.height=0,this._frame.src=t}load(){return new Promise(n=>{this._frame.onload=()=>{n()},window.document.body.appendChild(this._frame),this._boundMessageEvent=this._message.bind(this),window.addEventListener("message",this._boundMessageEvent,!1)})}_message(n){n.origin===this._frame_origin&&n.source===this._frame.contentWindow&&(n.data==="error"?(D.error("CheckSessionIFrame: error message from check session op iframe"),this._stopOnError&&this.stop()):n.data==="changed"?(D.debug(n),D.debug("CheckSessionIFrame: changed message from check session op iframe"),this.stop(),this._callback()):D.debug("CheckSessionIFrame: "+n.data+" message from check session op iframe"))}start(n){D.debug("CheckSessionIFrame.start :"+n),this.stop();const s=()=>{this._frame.contentWindow.postMessage(this._client_id+" "+n,this._frame_origin)};s(),this._timer=window.setInterval(s,this._interval)}stop(){this._timer&&(D.debug("CheckSessionIFrame.stop"),window.clearInterval(this._timer),this._timer=null)}}const m={service_worker_not_supported_by_browser:"service_worker_not_supported_by_browser",token_aquired:"token_aquired",logout_from_another_tab:"logout_from_another_tab",logout_from_same_tab:"logout_from_same_tab",token_renewed:"token_renewed",token_timer:"token_timer",loginAsync_begin:"loginAsync_begin",loginAsync_error:"loginAsync_error",loginCallbackAsync_begin:"loginCallbackAsync_begin",loginCallbackAsync_end:"loginCallbackAsync_end",loginCallbackAsync_error:"loginCallbackAsync_error",refreshTokensAsync_begin:"refreshTokensAsync_begin",refreshTokensAsync:"refreshTokensAsync",refreshTokensAsync_end:"refreshTokensAsync_end",refreshTokensAsync_error:"refreshTokensAsync_error",refreshTokensAsync_silent_error:"refreshTokensAsync_silent_error",tryKeepExistingSessionAsync_begin:"tryKeepExistingSessionAsync_begin",tryKeepExistingSessionAsync_end:"tryKeepExistingSessionAsync_end",tryKeepExistingSessionAsync_error:"tryKeepExistingSessionAsync_error",silentLoginAsync_begin:"silentLoginAsync_begin",silentLoginAsync:"silentLoginAsync",silentLoginAsync_end:"silentLoginAsync_end",silentLoginAsync_error:"silentLoginAsync_error",syncTokensAsync_begin:"syncTokensAsync_begin",syncTokensAsync_lock_not_available:"syncTokensAsync_lock_not_available",syncTokensAsync_end:"syncTokensAsync_end",syncTokensAsync_error:"syncTokensAsync_error",tokensInvalidAndWaitingActionsToRefresh:"tokensInvalidAndWaitingActionsToRefresh"},O=(e,n=sessionStorage)=>{const s=h=>(n[`oidc.${e}`]=JSON.stringify({tokens:null,status:h}),Promise.resolve()),t=async()=>{if(!n[`oidc.${e}`])return n[`oidc.${e}`]=JSON.stringify({tokens:null,status:null}),{tokens:null,status:null};const h=JSON.parse(n[`oidc.${e}`]);return Promise.resolve({tokens:h.tokens,status:h.status})},o=h=>{n[`oidc.${e}`]=JSON.stringify({tokens:h})},i=async h=>{n[`oidc.session_state.${e}`]=h},r=async()=>n[`oidc.session_state.${e}`],a=h=>{n[`oidc.nonce.${e}`]=h.nonce},l=h=>{n[`oidc.jwk.${e}`]=JSON.stringify(h)},f=()=>JSON.parse(n[`oidc.jwk.${e}`]),u=async()=>({nonce:n[`oidc.nonce.${e}`]}),c=async h=>{n[`oidc.dpop_nonce.${e}`]=h},_=()=>n[`oidc.dpop_nonce.${e}`],y=()=>n[`oidc.${e}`]?JSON.stringify({tokens:JSON.parse(n[`oidc.${e}`]).tokens}):null;let g={};return{clearAsync:s,initAsync:t,setTokens:o,getTokens:y,setSessionStateAsync:i,getSessionStateAsync:r,setNonceAsync:a,getNonceAsync:u,setLoginParams:h=>{g[e]=h,n[`oidc.login.${e}`]=JSON.stringify(h)},getLoginParams:()=>{const h=n[`oidc.login.${e}`];return h?(g[e]||(g[e]=JSON.parse(h)),g[e]):(console.warn(`storage[oidc.login.${e}] is empty, you should have an bad OIDC or code configuration somewhere.`),null)},getStateAsync:async()=>n[`oidc.state.${e}`],setStateAsync:async h=>{n[`oidc.state.${e}`]=h},getCodeVerifierAsync:async()=>n[`oidc.code_verifier.${e}`],setCodeVerifierAsync:async h=>{n[`oidc.code_verifier.${e}`]=h},setDemonstratingProofOfPossessionNonce:c,getDemonstratingProofOfPossessionNonce:_,setDemonstratingProofOfPossessionJwkAsync:l,getDemonstratingProofOfPossessionJwkAsync:f}};var R=(e=>(e.AutomaticBeforeTokenExpiration="AutomaticBeforeTokensExpiration",e.AutomaticOnlyWhenFetchExecuted="AutomaticOnlyWhenFetchExecuted",e))(R||{});const Ne=e=>decodeURIComponent(Array.prototype.map.call(atob(e),n=>"%"+("00"+n.charCodeAt(0).toString(16)).slice(-2)).join("")),xe=e=>JSON.parse(Ne(e.replaceAll(/-/g,"+").replaceAll(/_/g,"/"))),ue=e=>{try{return e&&We(e,".")===2?xe(e.split(".")[1]):null}catch(n){console.warn(n)}return null},We=(e,n)=>e.split(n).length-1,Y={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"};function Le(e,n,s){if(e.issuedAt){if(typeof e.issuedAt=="string")return parseInt(e.issuedAt,10)}else return n&&n.iat?n.iat:s&&s.iat?s.iat:new Date().getTime()/1e3;return e.issuedAt}const X=(e,n=null,s)=>{if(!e)return null;let t;const o=typeof e.expiresIn=="string"?parseInt(e.expiresIn,10):e.expiresIn;e.accessTokenPayload!==void 0?t=e.accessTokenPayload:t=ue(e.accessToken);let i;n!=null&&"idToken"in n&&!("idToken"in e)?i=n.idToken:i=e.idToken;const r=e.idTokenPayload?e.idTokenPayload:ue(i),a=r&&r.exp?r.exp:Number.MAX_VALUE,l=t&&t.exp?t.exp:e.issuedAt+o;e.issuedAt=Le(e,t,r);let f;e.expiresAt?f=e.expiresAt:s===Y.access_token_invalid?f=l:s===Y.id_token_invalid?f=a:f=a<l?a:l;const u={...e,idTokenPayload:r,accessTokenPayload:t,expiresAt:f,idToken:i};if(n!=null&&"refreshToken"in n&&!("refreshToken"in e)){const c=n.refreshToken;return{...u,refreshToken:c}}return u},ne=(e,n,s)=>{if(!e)return null;if(!e.issued_at){const o=new Date().getTime()/1e3;e.issued_at=o}const t={accessToken:e.access_token,expiresIn:e.expires_in,idToken:e.id_token,scope:e.scope,tokenType:e.token_type,issuedAt:e.issued_at};return"refresh_token"in e&&(t.refreshToken=e.refresh_token),e.accessTokenPayload!==void 0&&(t.accessTokenPayload=e.accessTokenPayload),e.idTokenPayload!==void 0&&(t.idTokenPayload=e.idTokenPayload),X(t,n,s)},U=(e,n)=>{const s=new Date().getTime()/1e3,t=n-s;return Math.round(t-e)},_e=e=>e?U(0,e.expiresAt)>0:!1,fe=async(e,n=200,s=50)=>{let t=s;if(!e.tokens)return null;for(;!_e(e.tokens)&&t>0;){if(e.configuration.token_automatic_renew_mode==R.AutomaticOnlyWhenFetchExecuted){await e.renewTokensAsync({});break}else await Q({milliseconds:n});t=t-1}return{isTokensValid:_e(e.tokens),tokens:e.tokens,numberWaited:t-s}},de=(e,n,s)=>{if(e.idTokenPayload){const t=e.idTokenPayload;if(s.issuer!==t.iss)return{isValid:!1,reason:`Issuer does not match (oidcServerConfiguration issuer) ${s.issuer} !== (idTokenPayload issuer) ${t.iss}`};const o=new Date().getTime()/1e3;if(t.exp&&t.exp<o)return{isValid:!1,reason:`Token expired (idTokenPayload exp) ${t.exp} < (currentTimeUnixSecond) ${o}`};const i=60*60*24*7;if(t.iat&&t.iat+i<o)return{isValid:!1,reason:`Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${t.iat+i} < (currentTimeUnixSecond) ${o}`};if(t.nonce&&t.nonce!==n)return{isValid:!1,reason:`Nonce does not match (idTokenPayload nonce) ${t.nonce} !== (nonce) ${n}`}}return{isValid:!0,reason:""}},V=function(){const e=typeof window>"u"?global:window;return{setTimeout:setTimeout.bind(e),clearTimeout:clearTimeout.bind(e),setInterval:setInterval.bind(e),clearInterval:clearInterval.bind(e)}}(),he="7.22.14";let ye=null,z;const Q=({milliseconds:e})=>new Promise(n=>V.setTimeout(n,e)),ge=(e="/")=>{try{z=new AbortController,fetch(`${e}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`,{signal:z.signal}).catch(t=>{console.log(t)}),Q({milliseconds:150*1e3}).then(ge)}catch(n){console.log(n)}},De=()=>{z&&z.abort()},Re=(e="/")=>fetch(`${e}OidcKeepAliveServiceWorker.json`,{headers:{"oidc-vanilla":"true"}}).then(n=>n.statusText==="oidc-service-worker").catch(n=>{console.log(n)}),$e=e=>async(n,s)=>{s(),await n.update();const t=await n.unregister();console.log(`Service worker unregistering ${t}`),await Q({milliseconds:2e3}),e.reload()},P=e=>n=>new Promise(function(s,t){const o=new MessageChannel;o.port1.onmessage=function(i){i.data&&i.data.error?t(i.data.error):s(i.data),o.port1.close(),o.port2.close()},e.active.postMessage(n,[o.port2])}),I=async(e,n)=>{const s=e.service_worker_relative_url;if(typeof window>"u"||typeof navigator>"u"||!navigator.serviceWorker||!s||e.service_worker_activate()===!1)return null;let t=null;e.register?t=await e.service_worker_register(s):t=await navigator.serviceWorker.register(s);try{await navigator.serviceWorker.ready,navigator.serviceWorker.controller||await P(t)({type:"claim"})}catch{return null}const o=async d=>P(t)({type:"clear",data:{status:d},configurationName:n}),i=async(d,A,v)=>{const L=await P(t)({type:"init",data:{oidcServerConfiguration:d,where:A,oidcConfiguration:{token_renew_mode:v.token_renew_mode,service_worker_convert_all_requests_to_cors:v.service_worker_convert_all_requests_to_cors}},configurationName:n}),F=L.version;return F!==he&&(console.warn(`Service worker ${F} version mismatch with js client version ${he}, unregistering and reloading`),await v.service_worker_update_require_callback(t,De)),{tokens:ne(L.tokens,null,v.token_renew_mode),status:L.status}},r=(d="/")=>{ye==null&&(ye="not_null",ge(d))},a=d=>P(t)({type:"setSessionState",data:{sessionState:d},configurationName:n}),l=async()=>(await P(t)({type:"getSessionState",data:null,configurationName:n})).sessionState,f=d=>(sessionStorage[`oidc.nonce.${n}`]=d.nonce,P(t)({type:"setNonce",data:{nonce:d},configurationName:n})),u=async()=>{let A=(await P(t)({type:"getNonce",data:null,configurationName:n})).nonce;return A||(A=sessionStorage[`oidc.nonce.${n}`],console.warn("nonce not found in service worker, using sessionStorage")),{nonce:A}};let c={};return{clearAsync:o,initAsync:i,startKeepAliveServiceWorker:()=>r(e.service_worker_keep_alive_path),isServiceWorkerProxyActiveAsync:()=>Re(e.service_worker_keep_alive_path),setSessionStateAsync:a,getSessionStateAsync:l,setNonceAsync:f,getNonceAsync:u,setLoginParams:d=>{c[n]=d,localStorage[`oidc.login.${n}`]=JSON.stringify(d)},getLoginParams:()=>{const d=localStorage[`oidc.login.${n}`];return c[n]||(c[n]=JSON.parse(d)),c[n]},getStateAsync:async()=>{let A=(await P(t)({type:"getState",data:null,configurationName:n})).state;return A||(A=sessionStorage[`oidc.state.${n}`],console.warn("state not found in service worker, using sessionStorage")),A},setStateAsync:async d=>(sessionStorage[`oidc.state.${n}`]=d,P(t)({type:"setState",data:{state:d},configurationName:n})),getCodeVerifierAsync:async()=>{let A=(await P(t)({type:"getCodeVerifier",data:null,configurationName:n})).codeVerifier;return A||(A=sessionStorage[`oidc.code_verifier.${n}`],console.warn("codeVerifier not found in service worker, using sessionStorage")),A},setCodeVerifierAsync:async d=>(sessionStorage[`oidc.code_verifier.${n}`]=d,P(t)({type:"setCodeVerifier",data:{codeVerifier:d},configurationName:n})),setDemonstratingProofOfPossessionNonce:async d=>{await P(t)({type:"setDemonstratingProofOfPossessionNonce",data:{demonstratingProofOfPossessionNonce:d},configurationName:n})},getDemonstratingProofOfPossessionNonce:async()=>(await P(t)({type:"getDemonstratingProofOfPossessionNonce",data:null,configurationName:n})).demonstratingProofOfPossessionNonce,setDemonstratingProofOfPossessionJwkAsync:async d=>{const A=JSON.stringify(d);await P(t)({type:"setDemonstratingProofOfPossessionJwk",data:{demonstratingProofOfPossessionJwkJson:A},configurationName:n})},getDemonstratingProofOfPossessionJwkAsync:async()=>{const d=await P(t)({type:"getDemonstratingProofOfPossessionJwk",data:null,configurationName:n});return d.demonstratingProofOfPossessionJwkJson?JSON.parse(d.demonstratingProofOfPossessionJwkJson):null}}},$={},Ke=(e,n=window.sessionStorage,s)=>{if(!$[e]&&n){const o=n.getItem(e);o&&($[e]=JSON.parse(o))}const t=1e3*s;return $[e]&&$[e].timestamp+t>Date.now()?$[e].result:null},Fe=(e,n,s=window.sessionStorage)=>{const t=Date.now();$[e]={result:n,timestamp:t},s&&s.setItem(e,JSON.stringify({result:n,timestamp:t}))};function ke(e){return new TextEncoder().encode(e)}function me(e){return btoa(e).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+/g,"")}function Ue(e){return encodeURIComponent(e).replace(/%([0-9A-F]{2})/g,function(s,t){return String.fromCharCode(parseInt(t,16))})}const se=e=>{let n="";return e.forEach(function(s){n+=String.fromCharCode(s)}),me(n)};function pe(e){return me(Ue(e))}const Ve={importKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256",hash:{name:"ES256"}},signAlgorithm:{name:"ECDSA",hash:{name:"SHA-256"}},generateKeyAlgorithm:{name:"ECDSA",namedCurve:"P-256"},digestAlgorithm:{name:"SHA-256"},jwtHeaderAlgorithm:"ES256"};var Me={sign:e=>async(n,s,t,o,i="dpop+jwt")=>{switch(n=Object.assign({},n),s.typ=i,s.alg=o.jwtHeaderAlgorithm,s.alg){case"ES256":s.jwk={kty:n.kty,crv:n.crv,x:n.x,y:n.y};break;case"RS256":s.jwk={kty:n.kty,n:n.n,e:n.e,kid:s.kid};break;default:throw new Error("Unknown or not implemented JWS algorithm")}const r={protected:pe(JSON.stringify(s)),payload:pe(JSON.stringify(t))},a=o.importKeyAlgorithm,l=!0,f=["sign"],u=await e.crypto.subtle.importKey("jwk",n,a,l,f),c=ke(`${r.protected}.${r.payload}`),_=o.signAlgorithm,y=await e.crypto.subtle.sign(_,u,c);return r.signature=se(new Uint8Array(y)),`${r.protected}.${r.payload}.${r.signature}`}};const Je={generate:e=>async n=>{const s=n,t=!0,o=["sign","verify"],i=await e.crypto.subtle.generateKey(s,t,o);return await e.crypto.subtle.exportKey("jwk",i.privateKey)},neuter:e=>{const n=Object.assign({},e);return delete n.d,n.key_ops=["verify"],n}};var Be={thumbprint:e=>async(n,s)=>{let t;switch(n.kty){case"EC":t='{"crv":"CRV","kty":"EC","x":"X","y":"Y"}'.replace("CRV",n.crv).replace("X",n.x).replace("Y",n.y);break;case"RSA":t='{"e":"E","kty":"RSA","n":"N"}'.replace("E",n.e).replace("N",n.n);break;default:throw new Error("Unknown or not implemented JWK type")}const o=await e.crypto.subtle.digest(s,ke(t));return se(new Uint8Array(o))}};const He=e=>async n=>await Je.generate(e)(n),we=e=>n=>async(s,t="POST",o,i={})=>{const r={jti:btoa(je()),htm:t,htu:o,iat:Math.round(Date.now()/1e3),...i},a=await Be.thumbprint(e)(s,n.digestAlgorithm);return await Me.sign(e)(s,{kid:a},r,n)},je=()=>{const e="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx",n="0123456789abcdef";let s=0,t="";for(let o=0;o<36;o++)e[o]!=="-"&&e[o]!=="4"&&(s=Math.random()*16|0),e[o]==="x"?t+=n[s]:e[o]==="y"?(s&=3,s|=8,t+=n[s]):t+=e[o];return t},Ae=()=>{const e=typeof window<"u"&&!!window.crypto,n=e&&!!window.crypto.subtle;return{hasCrypto:e,hasSubtleCrypto:n}},te="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",qe=e=>{const n=[];for(let s=0;s<e.byteLength;s+=1){const t=e[s]%te.length;n.push(te[t])}return n.join("")},oe=e=>{const n=new Uint8Array(e),{hasCrypto:s}=Ae();if(s)window.crypto.getRandomValues(n);else for(let t=0;t<e;t+=1)n[t]=Math.random()*te.length|0;return qe(n)};function Ge(e){const n=new ArrayBuffer(e.length),s=new Uint8Array(n);for(let t=0;t<e.length;t++)s[t]=e.charCodeAt(t);return s}function Se(e){return new Promise((n,s)=>{crypto.subtle.digest("SHA-256",Ge(e)).then(t=>n(se(new Uint8Array(t))),t=>s(t))})}const Ye=e=>{if(e.length<43||e.length>128)return Promise.reject(new Error("Invalid code length."));const{hasSubtleCrypto:n}=Ae();return n?Se(e):Promise.reject(new Error("window.crypto.subtle is unavailable."))},Xe=60*60,ze=e=>async(n,s=Xe,t=window.sessionStorage,o=1e4)=>{const i=`${n}/.well-known/openid-configuration`,r=`oidc.server:${n}`,a=Ke(r,t,s);if(a)return new ce(a);const l=await M(e)(i,{},o);if(l.status!==200)return null;const f=await l.json();return Fe(r,f,t),new ce(f)},M=e=>async(n,s={},t=1e4,o=0)=>{let i;try{const r=new AbortController;setTimeout(()=>r.abort(),t),i=await e(n,{...s,signal:r.signal})}catch(r){if(r.name==="AbortError"||r.message==="Network request failed"){if(o<=1)return await M(e)(n,s,t,o+1);throw r}else throw console.error(r.message),r}return i},ie={refresh_token:"refresh_token",access_token:"access_token"},ve=e=>async(n,s,t=ie.refresh_token,o,i={},r=1e4)=>{const a={token:s,token_type_hint:t,client_id:o};for(const[c,_]of Object.entries(i))a[c]===void 0&&(a[c]=_);const l=[];for(const c in a){const _=encodeURIComponent(c),y=encodeURIComponent(a[c]);l.push(`${_}=${y}`)}const f=l.join("&");return(await M(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:f},r)).status!==200?{success:!1}:{success:!0}},Qe=e=>async(n,s,t,o,i={},r,a=1e4)=>{for(const[y,g]of Object.entries(t))s[y]===void 0&&(s[y]=g);const l=[];for(const y in s){const g=encodeURIComponent(y),p=encodeURIComponent(s[y]);l.push(`${g}=${p}`)}const f=l.join("&"),u=await M(e)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...i},body:f},a);if(u.status!==200)return{success:!1,status:u.status,demonstratingProofOfPossessionNonce:null};const c=await u.json();let _=null;return u.headers.has(Z)&&(_=u.headers.get(Z)),{success:!0,status:u.status,data:ne(c,o,r),demonstratingProofOfPossessionNonce:_}},Ze=(e,n)=>async(s,t)=>{t=t?{...t}:{};const o=oe(128),i=await Ye(o);await e.setCodeVerifierAsync(o),await e.setStateAsync(t.state),t.code_challenge=i,t.code_challenge_method="S256";let r="";if(t)for(const[a,l]of Object.entries(t))r===""?r+="?":r+="&",r+=`${a}=${encodeURIComponent(l)}`;n.open(`${s}${r}`)},Z="DPoP-Nonce",en=e=>async(n,s,t,o,i=1e4)=>{s=s?{...s}:{},s.code_verifier=await e.getCodeVerifierAsync();const r=[];for(const c in s){const _=encodeURIComponent(c),y=encodeURIComponent(s[c]);r.push(`${_}=${y}`)}const a=r.join("&"),l=await M(fetch)(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8",...t},body:a},i);if(await Promise.all([e.setCodeVerifierAsync(null),e.setStateAsync(null)]),l.status!==200)return{success:!1,status:l.status};let f=null;l.headers.has(Z)&&(f=l.headers.get(Z));const u=await l.json();return{success:!0,data:{state:s.state,tokens:ne(u,null,o),demonstratingProofOfPossessionNonce:f}}};async function Te(e,n,s){const t=a=>{e.tokens=a},{tokens:o,status:i}=await ee(e)(0,n,s,t);return await I(e.configuration,e.configurationName)||await O(e.configurationName,e.configuration.storage).setTokens(e.tokens),e.tokens?o:(await e.destroyAsync(i),null)}const nn=async(e,n)=>{const s=await I(n,e.configurationName);if(s){const t=await e.initAsync(n.authority,n.authority_configuration),{tokens:o}=await s.initAsync(t,"tryKeepExistingSessionAsync",n);return o}else{const t=O(e.configurationName,n.storage??sessionStorage);let{tokens:o}=await t.initAsync();return o=X(o,e.tokens,n.token_renew_mode),o}};async function Ee(e,n=!1,s=null){const t=e.configuration,o=`${t.client_id}_${e.configurationName}_${t.authority}`;let i;const r=await I(e.configuration,e.configurationName);return(t==null?void 0:t.storage)===(window==null?void 0:window.sessionStorage)&&!r?i=await Te(e,n,s):i=await navigator.locks.request(o,{ifAvailable:!0},async a=>a?await Te(e,n,s):(e.publishEvent(N.eventNames.syncTokensAsync_lock_not_available,{lock:"lock not available"}),await nn(e,t))),i?(e.timeoutId&&(e.timeoutId=J(e,e.tokens.expiresAt,s)),e.tokens):null}const J=(e,n,s=null)=>{const t=e.configuration.refresh_time_before_tokens_expiration_in_second;return V.setTimeout(async()=>{const i={timeLeft:U(t,n)};e.publishEvent(N.eventNames.token_timer,i),await Ee(e,!1,s)},1e3)},x={FORCE_REFRESH:"FORCE_REFRESH",SESSION_LOST:"SESSION_LOST",NOT_CONNECTED:"NOT_CONNECTED",TOKENS_VALID:"TOKENS_VALID",TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID",LOGOUT_FROM_ANOTHER_TAB:"LOGOUT_FROM_ANOTHER_TAB",REQUIRE_SYNC_TOKENS:"REQUIRE_SYNC_TOKENS"},sn=e=>async(n,s,t,o=!1)=>{const i={nonce:null};if(!t)return{tokens:null,status:"NOT_CONNECTED",nonce:i};let r=i;const a=await e.initAsync(n.authority,n.authority_configuration),l=await I(n,s);if(l){const{status:c,tokens:_}=await l.initAsync(a,"syncTokensAsync",n);if(c==="LOGGED_OUT")return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};if(c==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(!c||!_)return{tokens:null,status:"REQUIRE_SYNC_TOKENS",nonce:i};if(_.issuedAt!==t.issuedAt){const g=U(n.refresh_time_before_tokens_expiration_in_second,_.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",p=await l.getNonceAsync();return{tokens:_,status:g,nonce:p}}r=await l.getNonceAsync()}else{const c=O(s,n.storage??sessionStorage);let{tokens:_,status:y}=await c.initAsync();if(_&&(_=X(_,e.tokens,n.token_renew_mode)),_){if(y==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:i};if(_.issuedAt!==t.issuedAt){const p=U(n.refresh_time_before_tokens_expiration_in_second,_.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",k=await c.getNonceAsync();return{tokens:_,status:p,nonce:k}}}else return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:i};r=await c.getNonceAsync()}const u=U(n.refresh_time_before_tokens_expiration_in_second,t.expiresAt)>0?"TOKENS_VALID":"TOKENS_INVALID";return o?{tokens:t,status:"FORCE_REFRESH",nonce:r}:{tokens:t,status:u,nonce:r}},ee=e=>async(n=0,s=!1,t=null,o)=>{if(!navigator.onLine&&document.hidden)return{tokens:e.tokens,status:"GIVE_UP"};let i=6;for(;!navigator.onLine&&i>0;)await Q({milliseconds:1e3}),i--,e.publishEvent(m.refreshTokensAsync,{message:`wait because navigator is offline try ${i}`});const r=n+1;t||(t={});const a=e.configuration,l=(u,c=null,_=null)=>re(e.configurationName,e.configuration,e.publishEvent.bind(e))(u,c,_),f=async()=>{try{let u;const c=await I(a,e.configurationName);c?u=c.getLoginParams():u=O(e.configurationName,a.storage).getLoginParams();const _=await l({...u.extras,...t,prompt:"none"});return _?_.error?(o(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent"}),{tokens:null,status:"SESSION_LOST"}):(o(_.tokens),e.publishEvent(N.eventNames.token_renewed,{}),{tokens:_.tokens,status:"LOGGED"}):(o(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent not active"}),{tokens:null,status:"SESSION_LOST"})}catch(u){return console.error(u),e.publishEvent(m.refreshTokensAsync_silent_error,{message:"exceptionSilent",exception:u.message}),await ee(e)(r,s,t,o)}};try{const{status:u,tokens:c,nonce:_}=await sn(e)(a,e.configurationName,e.tokens,s);switch(u){case x.SESSION_LOST:return o(null),e.publishEvent(m.refreshTokensAsync_error,{message:"refresh token session lost"}),{tokens:null,status:"SESSION_LOST"};case x.NOT_CONNECTED:return o(null),{tokens:null,status:null};case x.TOKENS_VALID:return o(c),{tokens:c,status:"LOGGED_IN"};case x.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:return o(c),e.publishEvent(N.eventNames.token_renewed,{reason:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID"}),{tokens:c,status:"LOGGED_IN"};case x.LOGOUT_FROM_ANOTHER_TAB:return o(null),e.publishEvent(m.logout_from_another_tab,{status:"session syncTokensAsync"}),{tokens:null,status:"LOGGED_OUT"};case x.REQUIRE_SYNC_TOKENS:return a.token_automatic_renew_mode==R.AutomaticOnlyWhenFetchExecuted&&x.FORCE_REFRESH!==u?(e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:"GIVE_UP"}):(e.publishEvent(m.refreshTokensAsync_begin,{tryNumber:n}),await f());default:{if(a.token_automatic_renew_mode==R.AutomaticOnlyWhenFetchExecuted&&x.FORCE_REFRESH!==u)return e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:"GIVE_UP"};if(e.publishEvent(m.refreshTokensAsync_begin,{refreshToken:c.refreshToken,status:u,tryNumber:n}),!c.refreshToken)return await f();const y=a.client_id,g=a.redirect_uri,p=a.authority,w={...a.token_request_extras?a.token_request_extras:{}};for(const[S,E]of Object.entries(t))S.endsWith(":token_request")&&(w[S.replace(":token_request","")]=E);return await(async()=>{const S={client_id:y,redirect_uri:g,grant_type:"refresh_token",refresh_token:c.refreshToken},E=await e.initAsync(p,a.authority_configuration),h=document.hidden?1e4:3e4*10,d=E.tokenEndpoint,A={};a.demonstrating_proof_of_possession&&(A.DPoP=await e.generateDemonstrationOfProofOfPossessionAsync(c.accessToken,d,"POST"));const v=await Qe(e.getFetch())(d,S,w,c,A,a.token_renew_mode,h);if(v.success){const{isValid:L,reason:F}=de(v.data,_.nonce,E);if(!L)return o(null),e.publishEvent(m.refreshTokensAsync_error,{message:`refresh token return not valid tokens, reason: ${F}`}),{tokens:null,status:"SESSION_LOST"};if(o(v.data),v.demonstratingProofOfPossessionNonce){const b=await I(a,e.configurationName);b?await b.setDemonstratingProofOfPossessionNonce(v.demonstratingProofOfPossessionNonce):await O(e.configurationName,a.storage).setDemonstratingProofOfPossessionNonce(v.demonstratingProofOfPossessionNonce)}return e.publishEvent(m.refreshTokensAsync_end,{success:v.success}),e.publishEvent(N.eventNames.token_renewed,{reason:"REFRESH_TOKEN"}),{tokens:v.data,status:"LOGGED_IN"}}else return e.publishEvent(m.refreshTokensAsync_silent_error,{message:"bad request",tokenResponse:v}),v.status>=400&&v.status<500?(o(null),e.publishEvent(m.refreshTokensAsync_error,{message:`session lost: ${v.status}`}),{tokens:null,status:"SESSION_LOST"}):await ee(e)(r,s,t,o)})()}}}catch(u){return console.error(u),e.publishEvent(m.refreshTokensAsync_silent_error,{message:"exception",exception:u.message}),ee(e)(r,s,t,o)}},re=(e,n,s)=>(t=null,o=null,i=null)=>{if(!n.silent_redirect_uri||!n.silent_login_uri)return Promise.resolve(null);try{s(m.silentLoginAsync_begin,{});let r="";if(o&&(t==null&&(t={}),t.state=o),i&&(t==null&&(t={}),t.scope=i),t!=null)for(const[c,_]of Object.entries(t))r===""?r=`?${encodeURIComponent(c)}=${encodeURIComponent(_)}`:r+=`&${encodeURIComponent(c)}=${encodeURIComponent(_)}`;const a=n.silent_login_uri+r,l=a.indexOf("/",a.indexOf("//")+2),f=a.substring(0,l),u=document.createElement("iframe");return u.width="0px",u.height="0px",u.id=`${e}_oidc_iframe`,u.setAttribute("src",a),document.body.appendChild(u),new Promise((c,_)=>{let y=!1;const g=()=>{window.removeEventListener("message",p),u.remove(),y=!0},p=k=>{if(k.origin===f&&k.source===u.contentWindow){const w=`${e}_oidc_tokens:`,T=`${e}_oidc_error:`,S=`${e}_oidc_exception:`,E=k.data;if(E&&typeof E=="string"&&!y){if(E.startsWith(w)){const h=JSON.parse(k.data.replace(w,""));s(m.silentLoginAsync_end,{}),c(h),g()}else if(E.startsWith(T)){const h=JSON.parse(k.data.replace(T,""));s(m.silentLoginAsync_error,h),c({error:"oidc_"+h.error,tokens:null,sessionState:null}),g()}else if(E.startsWith(S)){const h=JSON.parse(k.data.replace(S,""));s(m.silentLoginAsync_error,h),_(new Error(h.error)),g()}}}};try{window.addEventListener("message",p);const k=n.silent_login_timeout;setTimeout(()=>{y||(g(),s(m.silentLoginAsync_error,{reason:"timeout"}),_(new Error("timeout")))},k)}catch(k){g(),s(m.silentLoginAsync_error,k),_(k)}})}catch(r){throw s(m.silentLoginAsync_error,r),r}},tn=(e,n,s,t,o)=>(i=null,r=void 0)=>{i={...i};const a=(f,u,c)=>re(n,s,t.bind(o))(f,u,c);return(async()=>{o.timeoutId&&V.clearTimeout(o.timeoutId);let f;i&&"state"in i&&(f=i.state,delete i.state);try{const u=s.extras?{...s.extras,...i}:i,c=await a({...u,prompt:"none"},f,r);if(c)return o.tokens=c.tokens,t(m.token_aquired,{}),o.timeoutId=J(o,o.tokens.expiresAt,i),{}}catch(u){return u}})()},on=(e,n,s)=>(t,o,i,r=!1)=>{const a=(l,f=void 0,u=void 0)=>re(e.configurationName,s,e.publishEvent.bind(e))(l,f,u);return new Promise((l,f)=>{if(s.silent_login_uri&&s.silent_redirect_uri&&s.monitor_session&&t&&i&&!r){const u=()=>{e.checkSessionIFrame.stop();const c=e.tokens;if(c===null)return;const _=c.idToken,y=c.idTokenPayload;return a({prompt:"none",id_token_hint:_,scope:s.scope||"openid"}).then(g=>{if(g.error)throw new Error(g.error);const p=g.tokens.idTokenPayload;if(y.sub===p.sub){const k=g.sessionState;e.checkSessionIFrame.start(g.sessionState),y.sid===p.sid?console.debug("SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",k):console.debug("SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:",k)}else console.debug("SessionMonitor._callback: Different subject signed into OP:",p.sub)}).catch(async g=>{console.warn("SessionMonitor._callback: Silent login failed, logging out other tabs:",g);for(const[p,k]of Object.entries(n))await k.logoutOtherTabAsync(s.client_id,y.sub)})};e.checkSessionIFrame=new Ce(u,o,t),e.checkSessionIFrame.load().then(()=>{e.checkSessionIFrame.start(i),l(e.checkSessionIFrame)}).catch(c=>{f(c)})}else l(null)})},be=e=>{const n=e.match(/^([a-z][\w-]+\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/);if(!n)throw new Error("Invalid URL");let s=n[6],t=n[7];if(t){const o=t.split("?");o.length===2&&(t=o[0],s=o[1])}return s.startsWith("?")&&(s=s.slice(1)),n&&{href:e,protocol:n[1],host:n[2],hostname:n[3],port:n[4],path:n[5],search:s,hash:t}},rn=e=>{const n=be(e);let{path:s}=n;s.endsWith("/")&&(s=s.slice(0,-1));let{hash:t}=n;return t==="#_=_"&&(t=""),t&&(s+=t),s},B=e=>{const n=be(e),{search:s}=n;return an(s)},an=e=>{const n={};let s,t,o;const i=e.split("&");for(t=0,o=i.length;t<o;t++)s=i[t].split("="),n[decodeURIComponent(s[0])]=decodeURIComponent(s[1]);return n},cn=(e,n,s,t,o)=>(i=void 0,r=null,a=!1,l=void 0)=>{const f=r;return r={...r},(async()=>{const c=i||o.getPath();if("state"in r||(r.state=oe(16)),s(m.loginAsync_begin,{}),r)for(const _ of Object.keys(r))_.endsWith(":token_request")&&delete r[_];try{const _=a?n.silent_redirect_uri:n.redirect_uri;l||(l=n.scope);const y=n.extras?{...n.extras,...r}:r;y.nonce||(y.nonce=oe(12));const g={nonce:y.nonce},p=await I(n,e),k=await t(n.authority,n.authority_configuration);let w;if(p)p.setLoginParams({callbackPath:c,extras:f}),await p.initAsync(k,"loginAsync",n),await p.setNonceAsync(g),p.startKeepAliveServiceWorker(),w=p;else{const S=O(e,n.storage??sessionStorage);S.setLoginParams({callbackPath:c,extras:f}),await S.setNonceAsync(g),w=S}const T={client_id:n.client_id,redirect_uri:_,scope:l,response_type:"code",...y};await Ze(w,o)(k.authorizationEndpoint,T)}catch(_){throw s(m.loginAsync_error,_),_}})()},ln=e=>async(n=!1)=>{try{e.publishEvent(m.loginCallbackAsync_begin,{});const s=e.configuration,t=s.client_id,o=n?s.silent_redirect_uri:s.redirect_uri,i=s.authority,r=s.token_request_timeout,a=await e.initAsync(i,s.authority_configuration),l=e.location.getCurrentHref(),u=B(l).session_state,c=await I(s,e.configurationName);let _,y,g,p;if(c)await c.initAsync(a,"loginCallbackAsync",s),await c.setSessionStateAsync(u),y=await c.getNonceAsync(),g=c.getLoginParams(),p=await c.getStateAsync(),c.startKeepAliveServiceWorker(),_=c;else{const b=O(e.configurationName,s.storage??sessionStorage);await b.setSessionStateAsync(u),y=await b.getNonceAsync(),g=b.getLoginParams(),p=await b.getStateAsync(),_=b}const k=B(l);if(k.error||k.error_description)throw new Error(`Error from OIDC server: ${k.error} - ${k.error_description}`);if(k.iss&&k.iss!==a.issuer)throw console.error(),new Error(`Issuer not valid (expected: ${a.issuer}, received: ${k.iss})`);if(k.state&&k.state!==p)throw new Error(`State not valid (expected: ${p}, received: ${k.state})`);const w={code:k.code,grant_type:"authorization_code",client_id:s.client_id,redirect_uri:o},T={};if(s.token_request_extras)for(const[b,q]of Object.entries(s.token_request_extras))T[b]=q;if(g&&g.extras)for(const[b,q]of Object.entries(g.extras))b.endsWith(":token_request")&&(T[b.replace(":token_request","")]=q);const S=a.tokenEndpoint,E={};if(s.demonstrating_proof_of_possession)if(c)E.DPoP=`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;else{const b=await He(window)(s.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm);await O(e.configurationName,s.storage).setDemonstratingProofOfPossessionJwkAsync(b),E.DPoP=await we(window)(s.demonstrating_proof_of_possession_configuration)(b,"POST",S)}const h=await en(_)(S,{...w,...T},E,e.configuration.token_renew_mode,r);if(!h.success)throw new Error("Token request failed");let d;const A=h.data.tokens,v=h.data.demonstratingProofOfPossessionNonce;if(h.data.state!==T.state)throw new Error("state is not valid");const{isValid:L,reason:F}=de(A,y.nonce,a);if(!L)throw new Error(`Tokens are not OpenID valid, reason: ${F}`);if(c){if(A.refreshToken&&!A.refreshToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Refresh token should be hidden by service worker");if(v&&A.accessToken&&A.accessToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))throw new Error("Demonstration of proof of possession require Access token not hidden by service worker")}if(c)await c.initAsync(a,"syncTokensAsync",s),d=c.getLoginParams(),v&&await c.setDemonstratingProofOfPossessionNonce(v);else{const b=O(e.configurationName,s.storage);d=b.getLoginParams(),v&&await b.setDemonstratingProofOfPossessionNonce(v)}return await e.startCheckSessionAsync(a.checkSessionIframe,t,u,n),e.publishEvent(m.loginCallbackAsync_end,{}),{tokens:A,state:"request.state",callbackPath:d.callbackPath}}catch(s){throw console.error(s),e.publishEvent(m.loginCallbackAsync_error,s),s}},Pe={access_token:"access_token",refresh_token:"refresh_token"},ae=(e,n)=>{const s={};if(e){for(const[t,o]of Object.entries(e))if(t.endsWith(n)){const i=t.replace(n,"");s[i]=o}return s}return s},un=e=>{const n={};if(e){for(const[s,t]of Object.entries(e))s.includes(":")||(n[s]=t);return n}return n},_n=e=>async n=>{V.clearTimeout(e.timeoutId),e.timeoutId=null,e.checkSessionIFrame&&e.checkSessionIFrame.stop();const s=await I(e.configuration,e.configurationName);s?await s.clearAsync(n):await O(e.configurationName,e.configuration.storage).clearAsync(n),e.tokens=null,e.userInfo=null},fn=(e,n,s,t,o)=>async(i=void 0,r=null)=>{const a=e.configuration,l=await e.initAsync(a.authority,a.authority_configuration);i&&typeof i!="string"&&(i=void 0,t.warn("callbackPathOrUrl path is not a string"));const f=i??o.getPath();let u=!1;i&&(u=i.includes("https://")||i.includes("http://"));const c=u?i:o.getOrigin()+f,_=e.tokens?e.tokens.idToken:"";try{const w=l.revocationEndpoint;if(w){const T=[],S=e.tokens?e.tokens.accessToken:null;if(S&&a.logout_tokens_to_invalidate.includes(Pe.access_token)){const h=ae(r,":revoke_access_token"),d=ve(s)(w,S,ie.access_token,a.client_id,h);T.push(d)}const E=e.tokens?e.tokens.refreshToken:null;if(E&&a.logout_tokens_to_invalidate.includes(Pe.refresh_token)){const h=ae(r,":revoke_refresh_token"),d=ve(s)(w,E,ie.refresh_token,a.client_id,h);T.push(d)}T.length>0&&await Promise.all(T)}}catch(w){t.warn("logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error"),t.warn(w)}const y=e.tokens&&e.tokens.idTokenPayload?e.tokens.idTokenPayload.sub:null;await e.destroyAsync("LOGGED_OUT");for(const[w,T]of Object.entries(n))T!==e?await e.logoutSameTabAsync(e.configuration.client_id,y):e.publishEvent(m.logout_from_same_tab,{});const g=ae(r,":oidc");if(g&&g.no_reload==="true")return;const k=un(r);if(l.endSessionEndpoint){"id_token_hint"in k||(k.id_token_hint=_),!("post_logout_redirect_uri"in k)&&i!==null&&(k.post_logout_redirect_uri=c);let w="";for(const[T,S]of Object.entries(k))S!=null&&(w===""?w+="?":w+="&",w+=`${T}=${encodeURIComponent(S)}`);o.open(`${l.endSessionEndpoint}${w}`)}else o.reload()},Oe=(e,n,s=!1)=>async(...t)=>{var y;const[o,i,...r]=t,a=i?{...i}:{method:"GET"};let l=new Headers;a.headers&&(l=a.headers instanceof Headers?a.headers:new Headers(a.headers));const f=n,u=await fe(f),c=(y=u==null?void 0:u.tokens)==null?void 0:y.accessToken;if(l.has("Accept")||l.set("Accept","application/json"),c){if(f.configuration.demonstrating_proof_of_possession&&s){const g=await f.generateDemonstrationOfProofOfPossessionAsync(c,o.toString(),a.method);l.set("Authorization",`PoP ${c}`),l.set("DPoP",g)}else l.set("Authorization",`Bearer ${c}`);a.credentials||(a.credentials="same-origin")}const _={...a,headers:l};return await e(o,_,...r)},dn=e=>async(n=!1,s=!1)=>{if(e.userInfo!=null&&!n)return e.userInfo;const t=e.configuration,i=(await e.initAsync(t.authority,t.authority_configuration)).userInfoEndpoint,a=await(async()=>{const f=await Oe(fetch,e,s)(i);return f.status!==200?null:f.json()})();return e.userInfo=a,a};class H{open(n){window.location.href=n}reload(){window.location.reload()}getCurrentHref(){return window.location.href}getPath(){const n=window.location;return n.pathname+(n.search||"")+(n.hash||"")}getOrigin(){return window.origin}}const hn=e=>!!(e.os==="iOS"&&e.osVersion.startsWith("12")||e.os==="Mac OS X"&&e.osVersion.startsWith("10_15_6")),yn=e=>{const n=e.appVersion,s=e.userAgent,t="-";let o=t;const i=[{s:"Windows 10",r:/(Windows 10.0|Windows NT 10.0)/},{s:"Windows 8.1",r:/(Windows 8.1|Windows NT 6.3)/},{s:"Windows 8",r:/(Windows 8|Windows NT 6.2)/},{s:"Windows 7",r:/(Windows 7|Windows NT 6.1)/},{s:"Windows Vista",r:/Windows NT 6.0/},{s:"Windows Server 2003",r:/Windows NT 5.2/},{s:"Windows XP",r:/(Windows NT 5.1|Windows XP)/},{s:"Windows 2000",r:/(Windows NT 5.0|Windows 2000)/},{s:"Windows ME",r:/(Win 9x 4.90|Windows ME)/},{s:"Windows 98",r:/(Windows 98|Win98)/},{s:"Windows 95",r:/(Windows 95|Win95|Windows_95)/},{s:"Windows NT 4.0",r:/(Windows NT 4.0|WinNT4.0|WinNT|Windows NT)/},{s:"Windows CE",r:/Windows CE/},{s:"Windows 3.11",r:/Win16/},{s:"Android",r:/Android/},{s:"Open BSD",r:/OpenBSD/},{s:"Sun OS",r:/SunOS/},{s:"Chrome OS",r:/CrOS/},{s:"Linux",r:/(Linux|X11(?!.*CrOS))/},{s:"iOS",r:/(iPhone|iPad|iPod)/},{s:"Mac OS X",r:/Mac OS X/},{s:"Mac OS",r:/(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/},{s:"QNX",r:/QNX/},{s:"UNIX",r:/UNIX/},{s:"BeOS",r:/BeOS/},{s:"OS/2",r:/OS\/2/},{s:"Search Bot",r:/(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/}];for(const a in i){const l=i[a];if(l.r.test(s)){o=l.s;break}}let r=t;switch(/Windows/.test(o)&&(r=/Windows (.*)/.exec(o)[1],o="Windows"),o){case"Mac OS":case"Mac OS X":case"Android":r=/(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(s)[1];break;case"iOS":{const a=/OS (\d+)_(\d+)_?(\d+)?/.exec(n);a!=null&&a.length>2&&(r=a[1]+"."+a[2]+"."+(parseInt(a[3])|0));break}}return{os:o,osVersion:r}};function gn(){const e=navigator.userAgent;let n,s=e.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i)||[];if(/trident/i.test(s[1]))return n=/\brv[ :]+(\d+)/g.exec(e)||[],{name:"ie",version:n[1]||""};if(s[1]==="Chrome"&&(n=e.match(/\bOPR|Edge\/(\d+)/),n!=null)){let t=n[1];if(!t){const o=e.split(n[0]+"/");o.length>1&&(t=o[1])}return{name:"opera",version:t}}return s=s[2]?[s[1],s[2]]:[navigator.appName,navigator.appVersion,"-?"],(n=e.match(/version\/(\d+)/i))!=null&&s.splice(1,1,n[1]),{name:s[0].toLowerCase(),version:s[1]}}const kn=()=>{const{name:e,version:n}=gn();if(e==="chrome"&&parseInt(n)<=70||e==="opera"&&(!n||parseInt(n.split(".")[0])<80)||e==="ie")return!1;const s=yn(navigator);return!hn(s)},mn=async e=>{let n;if(e.tokens!=null)return!1;e.publishEvent(m.tryKeepExistingSessionAsync_begin,{});try{const s=e.configuration,t=await e.initAsync(s.authority,s.authority_configuration);if(n=await I(s,e.configurationName),n){const{tokens:o}=await n.initAsync(t,"tryKeepExistingSessionAsync",s);if(o){n.startKeepAliveServiceWorker(),e.tokens=o;const i=n.getLoginParams(e.configurationName);e.timeoutId=J(e,e.tokens.expiresAt,i.extras);const r=await n.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,r),s.preload_user_info&&await e.userInfoAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside ServiceWorker are valid"}),!0}e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:"no exiting session found"})}else{s.service_worker_relative_url&&e.publishEvent(m.service_worker_not_supported_by_browser,{message:"service worker is not supported by this browser"});const o=O(e.configurationName,s.storage??sessionStorage),{tokens:i}=await o.initAsync();if(i){e.tokens=X(i,null,s.token_renew_mode);const r=o.getLoginParams();e.timeoutId=J(e,e.tokens.expiresAt,r.extras);const a=await o.getSessionStateAsync();return await e.startCheckSessionAsync(t.check_session_iframe,s.client_id,a),s.preload_user_info&&await e.userInfoAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside storage are valid"}),!0}}return e.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:n?"service worker sessions not retrieved":"session storage sessions not retrieved"}),!1}catch(s){return console.error(s),n&&await n.clearAsync(),e.publishEvent(m.tryKeepExistingSessionAsync_error,"tokens inside ServiceWorker are invalid"),!1}},Ie=()=>fetch;class ce{constructor(n){this.authorizationEndpoint=n.authorization_endpoint,this.tokenEndpoint=n.token_endpoint,this.revocationEndpoint=n.revocation_endpoint,this.userInfoEndpoint=n.userinfo_endpoint,this.checkSessionIframe=n.check_session_iframe,this.issuer=n.issuer,this.endSessionEndpoint=n.end_session_endpoint}}const W={},pn=(e,n=new H)=>(s,t="default")=>(W[t]||(W[t]=new N(s,t,e,n)),W[t]),wn=async e=>{const{parsedTokens:n,callbackPath:s}=await e.loginCallbackAsync();return e.timeoutId=J(e,n.expiresAt),{callbackPath:s}},An=e=>Math.floor(Math.random()*e),j=class j{constructor(n,s="default",t,o=new H){this.initPromise=null,this.tryKeepExistingSessionPromise=null,this.loginPromise=null,this.loginCallbackPromise=null,this.loginCallbackWithAutoTokensRenewPromise=null,this.userInfoPromise=null,this.renewTokensPromise=null,this.logoutPromise=null;let i=n.silent_login_uri;n.silent_redirect_uri&&!n.silent_login_uri&&(i=`${n.silent_redirect_uri.replace("-callback","").replace("callback","")}-login`);let r=n.refresh_time_before_tokens_expiration_in_second??120;r>60&&(r=r-Math.floor(Math.random()*40)),this.location=o??new H;const a=n.service_worker_update_require_callback??$e(this.location);this.configuration={...n,silent_login_uri:i,token_automatic_renew_mode:n.token_automatic_renew_mode??R.AutomaticBeforeTokenExpiration,monitor_session:n.monitor_session??!1,refresh_time_before_tokens_expiration_in_second:r,silent_login_timeout:n.silent_login_timeout??12e3,token_renew_mode:n.token_renew_mode??Y.access_token_or_id_token_invalid,demonstrating_proof_of_possession:n.demonstrating_proof_of_possession??!1,authority_timeout_wellknowurl_in_millisecond:n.authority_timeout_wellknowurl_in_millisecond??1e4,logout_tokens_to_invalidate:n.logout_tokens_to_invalidate??["access_token","refresh_token"],service_worker_update_require_callback:a,service_worker_activate:n.service_worker_activate??kn,demonstrating_proof_of_possession_configuration:n.demonstrating_proof_of_possession_configuration??Ve,preload_user_info:n.preload_user_info??!1},this.getFetch=t??Ie,this.configurationName=s,this.tokens=null,this.userInfo=null,this.events=[],this.timeoutId=null,this.loginCallbackWithAutoTokensRenewAsync.bind(this),this.initAsync.bind(this),this.loginCallbackAsync.bind(this),this.subscribeEvents.bind(this),this.removeEventSubscription.bind(this),this.publishEvent.bind(this),this.destroyAsync.bind(this),this.logoutAsync.bind(this),this.renewTokensAsync.bind(this),this.initAsync(this.configuration.authority,this.configuration.authority_configuration)}subscribeEvents(n){const s=An(9999999999999).toString();return this.events.push({id:s,func:n}),s}removeEventSubscription(n){const s=this.events.filter(t=>t.id!==n);this.events=s}publishEvent(n,s){this.events.forEach(t=>{t.func(n,s)})}static get(n="default"){const s=typeof process>"u";if(!Object.prototype.hasOwnProperty.call(W,n)&&s)throw Error(`OIDC library does seem initialized.
|
|
2
|
+
Please checkout that you are using OIDC hook inside a <OidcProvider configurationName="${n}"></OidcProvider> component.`);return W[n]}_silentLoginCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const n=this.location,s=B(n.getCurrentHref());window.parent.postMessage(`${this.configurationName}_oidc_tokens:${JSON.stringify({tokens:this.tokens,sessionState:s.session_state})}`,n.getOrigin())}}_silentLoginErrorCallbackFromIFrame(n=null){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const s=this.location,t=B(s.getCurrentHref());t.error?window.parent.postMessage(`${this.configurationName}_oidc_error:${JSON.stringify({error:t.error})}`,s.getOrigin()):window.parent.postMessage(`${this.configurationName}_oidc_exception:${JSON.stringify({error:n==null?"":n.toString()})}`,s.getOrigin())}}async silentLoginCallbackAsync(){try{await this.loginCallbackAsync(!0),this._silentLoginCallbackFromIFrame()}catch(n){console.error(n),this._silentLoginErrorCallbackFromIFrame(n)}}async initAsync(n,s){if(this.initPromise!==null)return this.initPromise;const t=async()=>{if(s!=null)return new ce({authorization_endpoint:s.authorization_endpoint,end_session_endpoint:s.end_session_endpoint,revocation_endpoint:s.revocation_endpoint,token_endpoint:s.token_endpoint,userinfo_endpoint:s.userinfo_endpoint,check_session_iframe:s.check_session_iframe,issuer:s.issuer});const i=await I(this.configuration,this.configurationName)?window.localStorage:null;return await ze(this.getFetch())(n,this.configuration.authority_time_cache_wellknowurl_in_second??60*60,i,this.configuration.authority_timeout_wellknowurl_in_millisecond)};return this.initPromise=t(),this.initPromise.then(o=>(this.initPromise=null,o))}async tryKeepExistingSessionAsync(){return this.tryKeepExistingSessionPromise!==null?this.tryKeepExistingSessionPromise:(this.tryKeepExistingSessionPromise=mn(this),this.tryKeepExistingSessionPromise.then(n=>(this.tryKeepExistingSessionPromise=null,n)))}async startCheckSessionAsync(n,s,t,o=!1){await on(this,W,this.configuration)(n,s,t,o)}async loginAsync(n=void 0,s=null,t=!1,o=void 0,i=!1){return this.logoutPromise&&await this.logoutPromise,this.loginPromise!==null?this.loginPromise:i?tn(window,this.configurationName,this.configuration,this.publishEvent.bind(this),this)(s,o):(this.loginPromise=cn(this.configurationName,this.configuration,this.publishEvent.bind(this),this.initAsync.bind(this),this.location)(n,s,t,o),this.loginPromise.then(r=>(this.loginPromise=null,r)))}async loginCallbackAsync(n=!1){if(this.loginCallbackPromise!==null)return this.loginCallbackPromise;const s=async()=>{const t=await ln(this)(n),o=t.tokens;return this.tokens=o,await I(this.configuration,this.configurationName)||O(this.configurationName,this.configuration.storage).setTokens(o),this.publishEvent(j.eventNames.token_aquired,o),this.configuration.preload_user_info&&await this.userInfoAsync(),{parsedTokens:o,state:t.state,callbackPath:t.callbackPath}};return this.loginCallbackPromise=s(),this.loginCallbackPromise.then(t=>(this.loginCallbackPromise=null,t))}async generateDemonstrationOfProofOfPossessionAsync(n,s,t,o={}){const i=this.configuration,r={ath:await Se(n),...o},a=await I(i,this.configurationName);let l;if(a)return`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${this.configurationName}`;const f=O(this.configurationName,i.storage);let u=await f.getDemonstratingProofOfPossessionJwkAsync();return l=await f.getDemonstratingProofOfPossessionNonce(),l&&(r.nonce=l),await we(window)(i.demonstrating_proof_of_possession_configuration)(u,t,s,r)}loginCallbackWithAutoTokensRenewAsync(){return this.loginCallbackWithAutoTokensRenewPromise!==null?this.loginCallbackWithAutoTokensRenewPromise:(this.loginCallbackWithAutoTokensRenewPromise=wn(this),this.loginCallbackWithAutoTokensRenewPromise.then(n=>(this.loginCallbackWithAutoTokensRenewPromise=null,n)))}userInfoAsync(n=!1,s=!1){return this.userInfoPromise!==null?this.userInfoPromise:(this.userInfoPromise=dn(this)(n,s),this.userInfoPromise.then(t=>(this.userInfoPromise=null,t)))}async renewTokensAsync(n=null){if(this.renewTokensPromise!==null)return this.renewTokensPromise;if(this.timeoutId)return V.clearTimeout(this.timeoutId),this.renewTokensPromise=Ee(this,!0,n),this.renewTokensPromise.then(s=>(this.renewTokensPromise=null,s))}async destroyAsync(n){return await _n(this)(n)}async logoutSameTabAsync(n,s){this.configuration.monitor_session&&this.configuration.client_id===n&&s&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===s&&(await this.destroyAsync("LOGGED_OUT"),this.publishEvent(m.logout_from_same_tab,{mmessage:"SessionMonitor",sub:s}))}async logoutOtherTabAsync(n,s){this.configuration.monitor_session&&this.configuration.client_id===n&&s&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===s&&(await this.destroyAsync("LOGGED_OUT"),this.publishEvent(m.logout_from_another_tab,{message:"SessionMonitor",sub:s}))}async logoutAsync(n=void 0,s=null){return this.logoutPromise?this.logoutPromise:(this.logoutPromise=fn(this,W,this.getFetch(),console,this.location)(n,s),this.logoutPromise.then(t=>(this.logoutPromise=null,t)))}};j.getOrCreate=(n,s)=>(t,o="default")=>pn(n,s)(t,o),j.eventNames=m;let N=j;const K=class K{constructor(n){this._oidc=n}subscribeEvents(n){return this._oidc.subscribeEvents(n)}removeEventSubscription(n){this._oidc.removeEventSubscription(n)}publishEvent(n,s){this._oidc.publishEvent(n,s)}static get(n="default"){return new K(N.get(n))}tryKeepExistingSessionAsync(){return this._oidc.tryKeepExistingSessionAsync()}loginAsync(n=void 0,s=null,t=!1,o=void 0,i=!1){return this._oidc.loginAsync(n,s,t,o,i)}logoutAsync(n=void 0,s=null){return this._oidc.logoutAsync(n,s)}silentLoginCallbackAsync(){return this._oidc.silentLoginCallbackAsync()}renewTokensAsync(n=null){return this._oidc.renewTokensAsync(n)}loginCallbackAsync(){return this._oidc.loginCallbackWithAutoTokensRenewAsync()}get tokens(){return this._oidc.tokens}get configuration(){return this._oidc.configuration}async generateDemonstrationOfProofOfPossessionAsync(n,s,t,o={}){return this._oidc.generateDemonstrationOfProofOfPossessionAsync(n,s,t,o)}async getValidTokenAsync(n=200,s=50){return fe(this._oidc,n,s)}fetchWithTokens(n,s){return Oe(n,this,s)}async userInfoAsync(n=!1,s=!1){return this._oidc.userInfoAsync(n,s)}userInfo(){return this._oidc.userInfo}};K.getOrCreate=(n,s=new H)=>(t,o="default")=>new K(N.getOrCreate(n,s)(t,o)),K.eventNames=N.eventNames;let le=K;C.OidcClient=le,C.OidcLocation=H,C.TokenAutomaticRenewMode=R,C.TokenRenewMode=Y,C.getFetchDefault=Ie,C.getParseQueryStringFromLocation=B,C.getPath=rn,Object.defineProperty(C,Symbol.toStringTag,{value:"Module"})});
|
package/dist/oidc.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["../src/oidc.ts"],"names":[],"mappings":";AACA,OAAO,EAAC,kBAAkB,EAAC,MAAM,yBAAyB,CAAC;AAM3D,OAAO,EAAiB,MAAM,EAAE,MAAM,kBAAkB,CAAC;AASzD,OAAO,EAAC,sBAAsB,EAAE,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAA0B,MAAM,YAAY,CAAC;AAOhH,OAAO,EAAC,cAAc,EAAe,MAAM,YAAY,CAAC;AAMxD,eAAO,MAAM,eAAe,oBAE3B,CAAC;AAEF,MAAM,WAAW,yCAAyC;IACtD,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,MAAM,EAAC,MAAM,CAAC;CACjB;AAID,qBAAa,qCAAqC;IAC9C,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,qBAAqB,CAAS;IACtC,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,kBAAkB,CAAS;gBAEvB,OAAO,EAAE,GAAG;CAS3B;AAUD,MAAM,MAAM,aAAa,GAAG;IACxB,YAAY,EAAC,MAAM,CAAC;CACvB,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAChC,YAAY,EAAC,MAAM,CAAC;IACpB,YAAY,EAAC,MAAM,CAAC;CACvB,CAAA;AAYD,qBAAa,IAAI;IACN,aAAa,EAAE,iBAAiB,CAAC;IACjC,QAAQ,EAAE,IAAI,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,QAAQ,EAAE,MAAM,KAAK,CAAC;IACtB,QAAQ,EAAE,cAAc,CAAC;gBACpB,aAAa,EAAC,iBAAiB,EAAE,iBAAiB,QAAY,EAAE,QAAQ,EAAG,MAAM,KAAK,EAAE,QAAQ,GAAE,cAAmC;IA+CjJ,eAAe,CAAC,IAAI,KAAA,GAAE,MAAM;IAM5B,uBAAuB,CAAC,EAAE,KAAA,GAAG,IAAI;IAKjC,YAAY,CAAC,SAAS,KAAA,EAAE,IAAI,KAAA;IAM5B,MAAM,CAAC,WAAW,aAAe,MAAM,KAAK,YAAW,cAAc,gDAEnE;IAEF,MAAM,CAAC,GAAG,CAAC,IAAI,SAAY;IAS3B,MAAM,CAAC,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAAc;IAE/B,8BAA8B;IAQ9B,mCAAmC,CAAC,SAAS,MAAK;IAa5C,wBAAwB;IAU9B,WAAW,MAAQ;IACb,SAAS,CAAC,SAAS,EAAC,MAAM,EAAE,sBAAsB,EAAC,sBAAsB;IA4B/E,6BAA6B,MAAQ;IAC/B,2BAA2B,IAAI,OAAO,CAAC,OAAO,CAAC;IAW/C,sBAAsB,CAAC,qBAAqB,KAAA,EAAE,QAAQ,KAAA,EAAE,YAAY,KAAA,EAAE,cAAc,UAAQ;IAIlG,YAAY,EAAE,OAAO,CAAC,IAAI,CAAC,CAAQ;IAC7B,UAAU,CAAC,YAAY,GAAC,MAAkB,EAAE,MAAM,GAAC,SAAgB,EAAE,cAAc,UAAQ,EAAE,KAAK,GAAC,MAAkB,EAAE,eAAe,UAAQ;
|
|
1
|
+
{"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["../src/oidc.ts"],"names":[],"mappings":";AACA,OAAO,EAAC,kBAAkB,EAAC,MAAM,yBAAyB,CAAC;AAM3D,OAAO,EAAiB,MAAM,EAAE,MAAM,kBAAkB,CAAC;AASzD,OAAO,EAAC,sBAAsB,EAAE,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAA0B,MAAM,YAAY,CAAC;AAOhH,OAAO,EAAC,cAAc,EAAe,MAAM,YAAY,CAAC;AAMxD,eAAO,MAAM,eAAe,oBAE3B,CAAC;AAEF,MAAM,WAAW,yCAAyC;IACtD,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,MAAM,EAAC,MAAM,CAAC;CACjB;AAID,qBAAa,qCAAqC;IAC9C,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,qBAAqB,CAAS;IACtC,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,kBAAkB,CAAS;gBAEvB,OAAO,EAAE,GAAG;CAS3B;AAUD,MAAM,MAAM,aAAa,GAAG;IACxB,YAAY,EAAC,MAAM,CAAC;CACvB,CAAA;AAED,MAAM,MAAM,qBAAqB,GAAG;IAChC,YAAY,EAAC,MAAM,CAAC;IACpB,YAAY,EAAC,MAAM,CAAC;CACvB,CAAA;AAYD,qBAAa,IAAI;IACN,aAAa,EAAE,iBAAiB,CAAC;IACjC,QAAQ,EAAE,IAAI,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,QAAQ,EAAE,MAAM,KAAK,CAAC;IACtB,QAAQ,EAAE,cAAc,CAAC;gBACpB,aAAa,EAAC,iBAAiB,EAAE,iBAAiB,QAAY,EAAE,QAAQ,EAAG,MAAM,KAAK,EAAE,QAAQ,GAAE,cAAmC;IA+CjJ,eAAe,CAAC,IAAI,KAAA,GAAE,MAAM;IAM5B,uBAAuB,CAAC,EAAE,KAAA,GAAG,IAAI;IAKjC,YAAY,CAAC,SAAS,KAAA,EAAE,IAAI,KAAA;IAM5B,MAAM,CAAC,WAAW,aAAe,MAAM,KAAK,YAAW,cAAc,gDAEnE;IAEF,MAAM,CAAC,GAAG,CAAC,IAAI,SAAY;IAS3B,MAAM,CAAC,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAAc;IAE/B,8BAA8B;IAQ9B,mCAAmC,CAAC,SAAS,MAAK;IAa5C,wBAAwB;IAU9B,WAAW,MAAQ;IACb,SAAS,CAAC,SAAS,EAAC,MAAM,EAAE,sBAAsB,EAAC,sBAAsB;IA4B/E,6BAA6B,MAAQ;IAC/B,2BAA2B,IAAI,OAAO,CAAC,OAAO,CAAC;IAW/C,sBAAsB,CAAC,qBAAqB,KAAA,EAAE,QAAQ,KAAA,EAAE,YAAY,KAAA,EAAE,cAAc,UAAQ;IAIlG,YAAY,EAAE,OAAO,CAAC,IAAI,CAAC,CAAQ;IAC7B,UAAU,CAAC,YAAY,GAAC,MAAkB,EAAE,MAAM,GAAC,SAAgB,EAAE,cAAc,UAAQ,EAAE,KAAK,GAAC,MAAkB,EAAE,eAAe,UAAQ;IAkBpJ,oBAAoB,EAAG,OAAO,CAAC,GAAG,CAAC,CAAQ;IACrC,kBAAkB,CAAC,aAAa,UAAQ;IA8BxC,6CAA6C,CAAC,WAAW,EAAC,MAAM,EAAE,GAAG,EAAC,MAAM,EAAE,MAAM,EAAC,MAAM,EAAE,MAAM,GAAC,SAAa,GAAG,OAAO,CAAC,MAAM,CAAC;IA2BzI,uCAAuC,EAAC,OAAO,CAAC,aAAa,CAAC,CAAQ;IACrE,qCAAqC,IAAG,OAAO,CAAC,aAAa,CAAC;IAW/D,eAAe,EAAC,OAAO,CAAC,GAAG,CAAC,CAAQ;IACnC,aAAa,CAAC,OAAO,UAAQ,EAAE,iCAAiC,UAAM;IAWvE,kBAAkB,EAAC,OAAO,CAAC,GAAG,CAAC,CAAQ;IAEhC,gBAAgB,CAAE,MAAM,GAAC,SAAgB;IAgBzC,YAAY,CAAC,MAAM,KAAA;IAInB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAQ9C,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAQpD,aAAa,EAAC,OAAO,CAAC,IAAI,CAAC,CAAQ;IAC7B,WAAW,CAAC,iBAAiB,GAAE,MAAM,GAAG,IAAI,GAAG,SAAqB,EAAE,MAAM,GAAE,SAAgB;CAUrG;AAED,eAAe,IAAI,CAAC"}
|
package/dist/version.d.ts
CHANGED
package/dist/version.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../src/version.ts"],"names":[],"mappings":";AAAA,
|
|
1
|
+
{"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../src/version.ts"],"names":[],"mappings":";AAAA,wBAAyB"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@axa-fr/oidc-client",
|
|
3
|
-
"version": "7.22.
|
|
3
|
+
"version": "7.22.14",
|
|
4
4
|
"private": false,
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.umd.cjs",
|
|
@@ -20,7 +20,7 @@
|
|
|
20
20
|
"url": "https://github.com/AxaFrance/oidc-client.git"
|
|
21
21
|
},
|
|
22
22
|
"dependencies": {
|
|
23
|
-
"@axa-fr/oidc-client-service-worker": "7.22.
|
|
23
|
+
"@axa-fr/oidc-client-service-worker": "7.22.14"
|
|
24
24
|
},
|
|
25
25
|
"devDependencies": {
|
|
26
26
|
"@testing-library/dom": "10.1.0",
|
package/src/oidc.ts
CHANGED
|
@@ -252,6 +252,10 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
252
252
|
|
|
253
253
|
loginPromise: Promise<void> = null;
|
|
254
254
|
async loginAsync(callbackPath:string = undefined, extras:StringMap = null, isSilentSignin = false, scope:string = undefined, silentLoginOnly = false) {
|
|
255
|
+
if (this.logoutPromise) {
|
|
256
|
+
await this.logoutPromise;
|
|
257
|
+
}
|
|
258
|
+
|
|
255
259
|
if (this.loginPromise !== null) {
|
|
256
260
|
return this.loginPromise;
|
|
257
261
|
}
|
package/src/version.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
export default '7.22.
|
|
1
|
+
export default '7.22.14';
|