@axa-fr/oidc-client 7.23.0 → 7.24.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (18) hide show
  1. package/dist/index.js +447 -438
  2. package/dist/index.umd.cjs +2 -2
  3. package/dist/login.d.ts +1 -1
  4. package/dist/login.d.ts.map +1 -1
  5. package/dist/oidc.d.ts +2 -2
  6. package/dist/oidc.d.ts.map +1 -1
  7. package/dist/oidcClient.d.ts +1 -1
  8. package/dist/oidcClient.d.ts.map +1 -1
  9. package/dist/renewTokens.d.ts +2 -2
  10. package/dist/renewTokens.d.ts.map +1 -1
  11. package/dist/version.d.ts +1 -1
  12. package/package.json +2 -2
  13. package/src/login.ts +1 -1
  14. package/src/oidc.ts +12 -11
  15. package/src/oidcClient.ts +2 -2
  16. package/src/renewTokens.ts +38 -12
  17. package/src/silentLogin.ts +4 -4
  18. package/src/version.ts +1 -1
package/dist/index.js CHANGED
@@ -77,52 +77,52 @@ const m = {
77
77
  syncTokensAsync_error: "syncTokensAsync_error",
78
78
  tokensInvalidAndWaitingActionsToRefresh: "tokensInvalidAndWaitingActionsToRefresh"
79
79
  }, P = (e, n = sessionStorage) => {
80
- const s = (y) => (n[`oidc.${e}`] = JSON.stringify({ tokens: null, status: y }), Promise.resolve()), t = async () => {
80
+ const s = (h) => (n[`oidc.${e}`] = JSON.stringify({ tokens: null, status: h }), Promise.resolve()), t = async () => {
81
81
  if (!n[`oidc.${e}`])
82
82
  return n[`oidc.${e}`] = JSON.stringify({ tokens: null, status: null }), { tokens: null, status: null };
83
- const y = JSON.parse(n[`oidc.${e}`]);
84
- return Promise.resolve({ tokens: y.tokens, status: y.status });
85
- }, o = (y) => {
86
- n[`oidc.${e}`] = JSON.stringify({ tokens: y });
87
- }, i = async (y) => {
88
- n[`oidc.session_state.${e}`] = y;
89
- }, r = async () => n[`oidc.session_state.${e}`], a = (y) => {
90
- n[`oidc.nonce.${e}`] = y.nonce;
91
- }, l = (y) => {
92
- n[`oidc.jwk.${e}`] = JSON.stringify(y);
93
- }, f = () => JSON.parse(n[`oidc.jwk.${e}`]), u = async () => ({ nonce: n[`oidc.nonce.${e}`] }), c = async (y) => {
94
- n[`oidc.dpop_nonce.${e}`] = y;
95
- }, _ = () => n[`oidc.dpop_nonce.${e}`], h = () => n[`oidc.${e}`] ? JSON.stringify({ tokens: JSON.parse(n[`oidc.${e}`]).tokens }) : null, g = {};
83
+ const h = JSON.parse(n[`oidc.${e}`]);
84
+ return Promise.resolve({ tokens: h.tokens, status: h.status });
85
+ }, o = (h) => {
86
+ n[`oidc.${e}`] = JSON.stringify({ tokens: h });
87
+ }, i = async (h) => {
88
+ n[`oidc.session_state.${e}`] = h;
89
+ }, r = async () => n[`oidc.session_state.${e}`], l = (h) => {
90
+ n[`oidc.nonce.${e}`] = h.nonce;
91
+ }, a = (h) => {
92
+ n[`oidc.jwk.${e}`] = JSON.stringify(h);
93
+ }, d = () => JSON.parse(n[`oidc.jwk.${e}`]), _ = async () => ({ nonce: n[`oidc.nonce.${e}`] }), c = async (h) => {
94
+ n[`oidc.dpop_nonce.${e}`] = h;
95
+ }, u = () => n[`oidc.dpop_nonce.${e}`], f = () => n[`oidc.${e}`] ? JSON.stringify({ tokens: JSON.parse(n[`oidc.${e}`]).tokens }) : null, g = {};
96
96
  return {
97
97
  clearAsync: s,
98
98
  initAsync: t,
99
99
  setTokens: o,
100
- getTokens: h,
100
+ getTokens: f,
101
101
  setSessionStateAsync: i,
102
102
  getSessionStateAsync: r,
103
- setNonceAsync: a,
104
- getNonceAsync: u,
105
- setLoginParams: (y) => {
106
- g[e] = y, n[`oidc.login.${e}`] = JSON.stringify(y);
103
+ setNonceAsync: l,
104
+ getNonceAsync: _,
105
+ setLoginParams: (h) => {
106
+ g[e] = h, n[`oidc.login.${e}`] = JSON.stringify(h);
107
107
  },
108
108
  getLoginParams: () => {
109
- const y = n[`oidc.login.${e}`];
110
- return y ? (g[e] || (g[e] = JSON.parse(y)), g[e]) : (console.warn(
109
+ const h = n[`oidc.login.${e}`];
110
+ return h ? (g[e] || (g[e] = JSON.parse(h)), g[e]) : (console.warn(
111
111
  `storage[oidc.login.${e}] is empty, you should have an bad OIDC or code configuration somewhere.`
112
112
  ), null);
113
113
  },
114
114
  getStateAsync: async () => n[`oidc.state.${e}`],
115
- setStateAsync: async (y) => {
116
- n[`oidc.state.${e}`] = y;
115
+ setStateAsync: async (h) => {
116
+ n[`oidc.state.${e}`] = h;
117
117
  },
118
118
  getCodeVerifierAsync: async () => n[`oidc.code_verifier.${e}`],
119
- setCodeVerifierAsync: async (y) => {
120
- n[`oidc.code_verifier.${e}`] = y;
119
+ setCodeVerifierAsync: async (h) => {
120
+ n[`oidc.code_verifier.${e}`] = h;
121
121
  },
122
122
  setDemonstratingProofOfPossessionNonce: c,
123
- getDemonstratingProofOfPossessionNonce: _,
124
- setDemonstratingProofOfPossessionJwkAsync: l,
125
- getDemonstratingProofOfPossessionJwkAsync: f
123
+ getDemonstratingProofOfPossessionNonce: u,
124
+ setDemonstratingProofOfPossessionJwkAsync: a,
125
+ getDemonstratingProofOfPossessionJwkAsync: d
126
126
  };
127
127
  };
128
128
  var J = /* @__PURE__ */ ((e) => (e.AutomaticBeforeTokenExpiration = "AutomaticBeforeTokensExpiration", e.AutomaticOnlyWhenFetchExecuted = "AutomaticOnlyWhenFetchExecuted", e))(J || {});
@@ -155,22 +155,22 @@ const te = (e, n = null, s) => {
155
155
  e.accessTokenPayload !== void 0 ? t = e.accessTokenPayload : t = ce(e.accessToken);
156
156
  let i;
157
157
  n != null && "idToken" in n && !("idToken" in e) ? i = n.idToken : i = e.idToken;
158
- const r = e.idTokenPayload ? e.idTokenPayload : ce(i), a = r && r.exp ? r.exp : Number.MAX_VALUE, l = t && t.exp ? t.exp : e.issuedAt + o;
158
+ const r = e.idTokenPayload ? e.idTokenPayload : ce(i), l = r && r.exp ? r.exp : Number.MAX_VALUE, a = t && t.exp ? t.exp : e.issuedAt + o;
159
159
  e.issuedAt = We(e, t, r);
160
- let f;
161
- e.expiresAt ? f = e.expiresAt : s === Q.access_token_invalid ? f = l : s === Q.id_token_invalid ? f = a : f = a < l ? a : l;
162
- const u = {
160
+ let d;
161
+ e.expiresAt ? d = e.expiresAt : s === Q.access_token_invalid ? d = a : s === Q.id_token_invalid ? d = l : d = l < a ? l : a;
162
+ const _ = {
163
163
  ...e,
164
164
  idTokenPayload: r,
165
165
  accessTokenPayload: t,
166
- expiresAt: f,
166
+ expiresAt: d,
167
167
  idToken: i
168
168
  };
169
169
  if (n != null && "refreshToken" in n && !("refreshToken" in e)) {
170
170
  const c = n.refreshToken;
171
- return { ...u, refreshToken: c };
171
+ return { ..._, refreshToken: c };
172
172
  }
173
- return u;
173
+ return _;
174
174
  }, oe = (e, n, s) => {
175
175
  if (!e)
176
176
  return null;
@@ -245,7 +245,7 @@ const te = (e, n = null, s) => {
245
245
  setInterval: setInterval.bind(e),
246
246
  clearInterval: clearInterval.bind(e)
247
247
  };
248
- }(), ue = "7.23.0";
248
+ }(), ue = "7.24.0";
249
249
  let _e = null, j;
250
250
  const X = ({ milliseconds: e }) => new Promise((n) => U.setTimeout(n, e)), we = (e = "/") => {
251
251
  try {
@@ -276,7 +276,7 @@ const X = ({ milliseconds: e }) => new Promise((n) => U.setTimeout(n, e)), we =
276
276
  return n;
277
277
  const s = globalThis.crypto.randomUUID();
278
278
  return sessionStorage.setItem(`oidc.tabId.${e}`, s), s;
279
- }, E = (e) => (n) => new Promise(function(s, t) {
279
+ }, O = (e) => (n) => new Promise(function(s, t) {
280
280
  const o = new MessageChannel();
281
281
  o.port1.onmessage = function(i) {
282
282
  i != null && i.data.error ? t(i.data.error) : s(i.data), o.port1.close(), o.port2.close();
@@ -284,128 +284,128 @@ const X = ({ milliseconds: e }) => new Promise((n) => U.setTimeout(n, e)), we =
284
284
  o.port2
285
285
  ]);
286
286
  }), I = async (e, n) => {
287
- var O;
287
+ var C;
288
288
  const s = e.service_worker_relative_url;
289
289
  if (typeof window > "u" || typeof navigator > "u" || !navigator.serviceWorker || !s || e.service_worker_activate() === !1)
290
290
  return null;
291
291
  let t = null;
292
- e.service_worker_register ? t = await e.service_worker_register(s) : (t = await navigator.serviceWorker.register(s), t.active && t.waiting && (console.log("Detected new service worker waiting, unregistering and reloading"), await ((O = e.service_worker_update_require_callback) == null ? void 0 : O.call(e, t, fe))));
292
+ e.service_worker_register ? t = await e.service_worker_register(s) : (t = await navigator.serviceWorker.register(s), t.active && t.waiting && (console.log("Detected new service worker waiting, unregistering and reloading"), await ((C = e.service_worker_update_require_callback) == null ? void 0 : C.call(e, t, fe))));
293
293
  try {
294
- await navigator.serviceWorker.ready, navigator.serviceWorker.controller || await E(t)({ type: "claim" });
294
+ await navigator.serviceWorker.ready, navigator.serviceWorker.controller || await O(t)({ type: "claim" });
295
295
  } catch {
296
296
  return null;
297
297
  }
298
- const o = async (d) => E(t)({ type: "clear", data: { status: d }, configurationName: n }), i = async (d, p, N) => {
298
+ const o = async (y) => O(t)({ type: "clear", data: { status: y }, configurationName: n }), i = async (y, w, T) => {
299
299
  var x;
300
- const D = await E(t)({
300
+ const D = await O(t)({
301
301
  type: "init",
302
302
  data: {
303
- oidcServerConfiguration: d,
304
- where: p,
303
+ oidcServerConfiguration: y,
304
+ where: w,
305
305
  oidcConfiguration: {
306
- token_renew_mode: N.token_renew_mode,
307
- service_worker_convert_all_requests_to_cors: N.service_worker_convert_all_requests_to_cors
306
+ token_renew_mode: T.token_renew_mode,
307
+ service_worker_convert_all_requests_to_cors: T.service_worker_convert_all_requests_to_cors
308
308
  }
309
309
  },
310
310
  configurationName: n
311
- }), T = D.version;
312
- return T !== ue && (console.warn(
313
- `Service worker ${T} version mismatch with js client version ${ue}, unregistering and reloading`
314
- ), await ((x = N.service_worker_update_require_callback) == null ? void 0 : x.call(N, t, fe))), {
315
- tokens: oe(D.tokens, null, N.token_renew_mode),
311
+ }), v = D.version;
312
+ return v !== ue && (console.warn(
313
+ `Service worker ${v} version mismatch with js client version ${ue}, unregistering and reloading`
314
+ ), await ((x = T.service_worker_update_require_callback) == null ? void 0 : x.call(T, t, fe))), {
315
+ tokens: oe(D.tokens, null, T.token_renew_mode),
316
316
  status: D.status
317
317
  };
318
- }, r = (d = "/") => {
319
- _e == null && (_e = "not_null", we(d));
320
- }, a = (d) => E(t)({
318
+ }, r = (y = "/") => {
319
+ _e == null && (_e = "not_null", we(y));
320
+ }, l = (y) => O(t)({
321
321
  type: "setSessionState",
322
- data: { sessionState: d },
322
+ data: { sessionState: y },
323
323
  configurationName: n
324
- }), l = async () => (await E(t)({
324
+ }), a = async () => (await O(t)({
325
325
  type: "getSessionState",
326
326
  data: null,
327
327
  configurationName: n
328
- })).sessionState, f = (d) => (sessionStorage[`oidc.nonce.${n}`] = d.nonce, E(t)({
328
+ })).sessionState, d = (y) => (sessionStorage[`oidc.nonce.${n}`] = y.nonce, O(t)({
329
329
  type: "setNonce",
330
- data: { nonce: d },
330
+ data: { nonce: y },
331
331
  configurationName: n
332
- })), u = async () => {
333
- let p = (await E(t)({
332
+ })), _ = async () => {
333
+ let w = (await O(t)({
334
334
  type: "getNonce",
335
335
  data: null,
336
336
  configurationName: n
337
337
  })).nonce;
338
- return p || (p = sessionStorage[`oidc.nonce.${n}`], console.warn("nonce not found in service worker, using sessionStorage")), { nonce: p };
338
+ return w || (w = sessionStorage[`oidc.nonce.${n}`], console.warn("nonce not found in service worker, using sessionStorage")), { nonce: w };
339
339
  }, c = {};
340
340
  return {
341
341
  clearAsync: o,
342
342
  initAsync: i,
343
343
  startKeepAliveServiceWorker: () => r(e.service_worker_keep_alive_path),
344
344
  isServiceWorkerProxyActiveAsync: () => Le(e.service_worker_keep_alive_path),
345
- setSessionStateAsync: a,
346
- getSessionStateAsync: l,
347
- setNonceAsync: f,
348
- getNonceAsync: u,
349
- setLoginParams: (d) => {
350
- c[n] = d, localStorage[`oidc.login.${n}`] = JSON.stringify(d);
345
+ setSessionStateAsync: l,
346
+ getSessionStateAsync: a,
347
+ setNonceAsync: d,
348
+ getNonceAsync: _,
349
+ setLoginParams: (y) => {
350
+ c[n] = y, localStorage[`oidc.login.${n}`] = JSON.stringify(y);
351
351
  },
352
352
  getLoginParams: () => {
353
- const d = localStorage[`oidc.login.${n}`];
354
- return c[n] || (c[n] = JSON.parse(d)), c[n];
353
+ const y = localStorage[`oidc.login.${n}`];
354
+ return c[n] || (c[n] = JSON.parse(y)), c[n];
355
355
  },
356
356
  getStateAsync: async () => {
357
- let p = (await E(t)({
357
+ let w = (await O(t)({
358
358
  type: "getState",
359
359
  data: null,
360
360
  configurationName: n
361
361
  })).state;
362
- return p || (p = sessionStorage[`oidc.state.${n}`], console.warn("state not found in service worker, using sessionStorage")), p;
362
+ return w || (w = sessionStorage[`oidc.state.${n}`], console.warn("state not found in service worker, using sessionStorage")), w;
363
363
  },
364
- setStateAsync: async (d) => (sessionStorage[`oidc.state.${n}`] = d, E(t)({
364
+ setStateAsync: async (y) => (sessionStorage[`oidc.state.${n}`] = y, O(t)({
365
365
  type: "setState",
366
- data: { state: d },
366
+ data: { state: y },
367
367
  configurationName: n
368
368
  })),
369
369
  getCodeVerifierAsync: async () => {
370
- let p = (await E(t)({
370
+ let w = (await O(t)({
371
371
  type: "getCodeVerifier",
372
372
  data: null,
373
373
  configurationName: n
374
374
  })).codeVerifier;
375
- return p || (p = sessionStorage[`oidc.code_verifier.${n}`], console.warn("codeVerifier not found in service worker, using sessionStorage")), p;
375
+ return w || (w = sessionStorage[`oidc.code_verifier.${n}`], console.warn("codeVerifier not found in service worker, using sessionStorage")), w;
376
376
  },
377
- setCodeVerifierAsync: async (d) => (sessionStorage[`oidc.code_verifier.${n}`] = d, E(t)({
377
+ setCodeVerifierAsync: async (y) => (sessionStorage[`oidc.code_verifier.${n}`] = y, O(t)({
378
378
  type: "setCodeVerifier",
379
- data: { codeVerifier: d },
379
+ data: { codeVerifier: y },
380
380
  configurationName: n
381
381
  })),
382
- setDemonstratingProofOfPossessionNonce: async (d) => {
383
- await E(t)({
382
+ setDemonstratingProofOfPossessionNonce: async (y) => {
383
+ await O(t)({
384
384
  type: "setDemonstratingProofOfPossessionNonce",
385
- data: { demonstratingProofOfPossessionNonce: d },
385
+ data: { demonstratingProofOfPossessionNonce: y },
386
386
  configurationName: n
387
387
  });
388
388
  },
389
- getDemonstratingProofOfPossessionNonce: async () => (await E(t)({
389
+ getDemonstratingProofOfPossessionNonce: async () => (await O(t)({
390
390
  type: "getDemonstratingProofOfPossessionNonce",
391
391
  data: null,
392
392
  configurationName: n
393
393
  })).demonstratingProofOfPossessionNonce,
394
- setDemonstratingProofOfPossessionJwkAsync: async (d) => {
395
- const p = JSON.stringify(d);
396
- await E(t)({
394
+ setDemonstratingProofOfPossessionJwkAsync: async (y) => {
395
+ const w = JSON.stringify(y);
396
+ await O(t)({
397
397
  type: "setDemonstratingProofOfPossessionJwk",
398
- data: { demonstratingProofOfPossessionJwkJson: p },
398
+ data: { demonstratingProofOfPossessionJwkJson: w },
399
399
  configurationName: n
400
400
  });
401
401
  },
402
402
  getDemonstratingProofOfPossessionJwkAsync: async () => {
403
- const d = await E(t)({
403
+ const y = await O(t)({
404
404
  type: "getDemonstratingProofOfPossessionJwk",
405
405
  data: null,
406
406
  configurationName: n
407
407
  });
408
- return d.demonstratingProofOfPossessionJwkJson ? JSON.parse(d.demonstratingProofOfPossessionJwkJson) : null;
408
+ return y.demonstratingProofOfPossessionJwkJson ? JSON.parse(y.demonstratingProofOfPossessionJwkJson) : null;
409
409
  }
410
410
  };
411
411
  }, $ = {}, $e = (e, n = window.sessionStorage, s) => {
@@ -470,8 +470,8 @@ const Fe = {
470
470
  // @ts-ignore
471
471
  // JWT "claims" are really a JSON-defined JWS "payload"
472
472
  payload: de(JSON.stringify(t))
473
- }, a = o.importKeyAlgorithm, l = !0, f = ["sign"], u = await e.crypto.subtle.importKey("jwk", n, a, l, f), c = Ae(`${r.protected}.${r.payload}`), _ = o.signAlgorithm, h = await e.crypto.subtle.sign(_, u, c);
474
- return r.signature = ie(new Uint8Array(h)), `${r.protected}.${r.payload}.${r.signature}`;
473
+ }, l = o.importKeyAlgorithm, a = !0, d = ["sign"], _ = await e.crypto.subtle.importKey("jwk", n, l, a, d), c = Ae(`${r.protected}.${r.payload}`), u = o.signAlgorithm, f = await e.crypto.subtle.sign(u, _, c);
474
+ return r.signature = ie(new Uint8Array(f)), `${r.protected}.${r.payload}.${r.signature}`;
475
475
  }, Je = { sign: Ve }, Me = (e) => async (n) => {
476
476
  const s = n, t = !0, o = ["sign", "verify"], i = await e.crypto.subtle.generateKey(s, t, o);
477
477
  return await e.crypto.subtle.exportKey("jwk", i.privateKey);
@@ -503,13 +503,13 @@ const Fe = {
503
503
  htu: o,
504
504
  iat: Math.round(Date.now() / 1e3),
505
505
  ...i
506
- }, a = await je.thumbprint(e)(
506
+ }, l = await je.thumbprint(e)(
507
507
  s,
508
508
  n.digestAlgorithm
509
509
  );
510
510
  return await Je.sign(e)(
511
511
  s,
512
- { kid: a },
512
+ { kid: l },
513
513
  r,
514
514
  n
515
515
  );
@@ -558,14 +558,14 @@ const Qe = (e) => {
558
558
  const { hasSubtleCrypto: n } = ve();
559
559
  return n ? be(e) : Promise.reject(new Error("window.crypto.subtle is unavailable."));
560
560
  }, Ze = 60 * 60, en = (e) => async (n, s = Ze, t = window.sessionStorage, o = 1e4) => {
561
- const i = `${n}/.well-known/openid-configuration`, r = `oidc.server:${n}`, a = $e(r, t, s);
562
- if (a)
563
- return new se(a);
564
- const l = await B(e)(i, {}, o);
565
- if (l.status !== 200)
561
+ const i = `${n}/.well-known/openid-configuration`, r = `oidc.server:${n}`, l = $e(r, t, s);
562
+ if (l)
563
+ return new se(l);
564
+ const a = await B(e)(i, {}, o);
565
+ if (a.status !== 200)
566
566
  return null;
567
- const f = await l.json();
568
- return Ke(r, f, t), new se(f);
567
+ const d = await a.json();
568
+ return Ke(r, d, t), new se(d);
569
569
  }, B = (e) => async (n, s = {}, t = 1e4, o = 0) => {
570
570
  let i;
571
571
  try {
@@ -584,19 +584,19 @@ const Qe = (e) => {
584
584
  refresh_token: "refresh_token",
585
585
  access_token: "access_token"
586
586
  }, he = (e) => async (n, s, t = ne.refresh_token, o, i = {}, r = 1e4) => {
587
- const a = {
587
+ const l = {
588
588
  token: s,
589
589
  token_type_hint: t,
590
590
  client_id: o
591
591
  };
592
- for (const [c, _] of Object.entries(i))
593
- a[c] === void 0 && (a[c] = _);
594
- const l = [];
595
- for (const c in a) {
596
- const _ = encodeURIComponent(c), h = encodeURIComponent(a[c]);
597
- l.push(`${_}=${h}`);
598
- }
599
- const f = l.join("&");
592
+ for (const [c, u] of Object.entries(i))
593
+ l[c] === void 0 && (l[c] = u);
594
+ const a = [];
595
+ for (const c in l) {
596
+ const u = encodeURIComponent(c), f = encodeURIComponent(l[c]);
597
+ a.push(`${u}=${f}`);
598
+ }
599
+ const d = a.join("&");
600
600
  return (await B(e)(
601
601
  n,
602
602
  {
@@ -604,21 +604,21 @@ const Qe = (e) => {
604
604
  headers: {
605
605
  "Content-Type": "application/x-www-form-urlencoded;charset=UTF-8"
606
606
  },
607
- body: f
607
+ body: d
608
608
  },
609
609
  r
610
610
  )).status !== 200 ? { success: !1 } : {
611
611
  success: !0
612
612
  };
613
- }, nn = (e) => async (n, s, t, o, i = {}, r, a = 1e4) => {
614
- for (const [h, g] of Object.entries(t))
615
- s[h] === void 0 && (s[h] = g);
616
- const l = [];
617
- for (const h in s) {
618
- const g = encodeURIComponent(h), w = encodeURIComponent(s[h]);
619
- l.push(`${g}=${w}`);
620
- }
621
- const f = l.join("&"), u = await B(e)(
613
+ }, nn = (e) => async (n, s, t, o, i = {}, r, l = 1e4) => {
614
+ for (const [f, g] of Object.entries(t))
615
+ s[f] === void 0 && (s[f] = g);
616
+ const a = [];
617
+ for (const f in s) {
618
+ const g = encodeURIComponent(f), p = encodeURIComponent(s[f]);
619
+ a.push(`${g}=${p}`);
620
+ }
621
+ const d = a.join("&"), _ = await B(e)(
622
622
  n,
623
623
  {
624
624
  method: "POST",
@@ -626,25 +626,25 @@ const Qe = (e) => {
626
626
  "Content-Type": "application/x-www-form-urlencoded;charset=UTF-8",
627
627
  ...i
628
628
  },
629
- body: f
629
+ body: d
630
630
  },
631
- a
631
+ l
632
632
  );
633
- if (u.status !== 200)
633
+ if (_.status !== 200)
634
634
  return {
635
635
  success: !1,
636
- status: u.status,
636
+ status: _.status,
637
637
  demonstratingProofOfPossessionNonce: null
638
638
  };
639
- const c = await u.json();
640
- let _ = null;
641
- return u.headers.has(G) && (_ = u.headers.get(
639
+ const c = await _.json();
640
+ let u = null;
641
+ return _.headers.has(G) && (u = _.headers.get(
642
642
  G
643
643
  )), {
644
644
  success: !0,
645
- status: u.status,
645
+ status: _.status,
646
646
  data: oe(c, o, r),
647
- demonstratingProofOfPossessionNonce: _
647
+ demonstratingProofOfPossessionNonce: u
648
648
  };
649
649
  }, sn = (e, n) => async (s, t) => {
650
650
  t = t ? { ...t } : {};
@@ -652,17 +652,17 @@ const Qe = (e) => {
652
652
  await e.setCodeVerifierAsync(o), await e.setStateAsync(t.state), t.code_challenge = i, t.code_challenge_method = "S256";
653
653
  let r = "";
654
654
  if (t)
655
- for (const [a, l] of Object.entries(t))
656
- r === "" ? r += "?" : r += "&", r += `${a}=${encodeURIComponent(l)}`;
655
+ for (const [l, a] of Object.entries(t))
656
+ r === "" ? r += "?" : r += "&", r += `${l}=${encodeURIComponent(a)}`;
657
657
  n.open(`${s}${r}`);
658
658
  }, G = "DPoP-Nonce", tn = (e) => async (n, s, t, o, i = 1e4) => {
659
659
  s = s ? { ...s } : {}, s.code_verifier = await e.getCodeVerifierAsync();
660
660
  const r = [];
661
661
  for (const c in s) {
662
- const _ = encodeURIComponent(c), h = encodeURIComponent(s[c]);
663
- r.push(`${_}=${h}`);
662
+ const u = encodeURIComponent(c), f = encodeURIComponent(s[c]);
663
+ r.push(`${u}=${f}`);
664
664
  }
665
- const a = r.join("&"), l = await B(fetch)(
665
+ const l = r.join("&"), a = await B(fetch)(
666
666
  n,
667
667
  {
668
668
  method: "POST",
@@ -670,62 +670,63 @@ const Qe = (e) => {
670
670
  "Content-Type": "application/x-www-form-urlencoded;charset=UTF-8",
671
671
  ...t
672
672
  },
673
- body: a
673
+ body: l
674
674
  },
675
675
  i
676
676
  );
677
- if (await Promise.all([e.setCodeVerifierAsync(null), e.setStateAsync(null)]), l.status !== 200)
678
- return { success: !1, status: l.status };
679
- let f = null;
680
- l.headers.has(G) && (f = l.headers.get(
677
+ if (await Promise.all([e.setCodeVerifierAsync(null), e.setStateAsync(null)]), a.status !== 200)
678
+ return { success: !1, status: a.status };
679
+ let d = null;
680
+ a.headers.has(G) && (d = a.headers.get(
681
681
  G
682
682
  ));
683
- const u = await l.json();
683
+ const _ = await a.json();
684
684
  return {
685
685
  success: !0,
686
686
  data: {
687
687
  state: s.state,
688
- tokens: oe(u, null, o),
689
- demonstratingProofOfPossessionNonce: f
688
+ tokens: oe(_, null, o),
689
+ demonstratingProofOfPossessionNonce: d
690
690
  }
691
691
  };
692
692
  };
693
- async function ye(e, n, s) {
694
- const t = (a) => {
693
+ async function ye(e, n, s, t = null) {
694
+ const o = (a) => {
695
695
  e.tokens = a;
696
- }, { tokens: o, status: i } = await H(e)(
697
- t,
696
+ }, { tokens: i, status: r } = await H(e)(
697
+ o,
698
698
  0,
699
699
  n,
700
- s
700
+ s,
701
+ t
701
702
  );
702
- return await I(e.configuration, e.configurationName) || await P(e.configurationName, e.configuration.storage).setTokens(e.tokens), e.tokens ? o : (await e.destroyAsync(i), null);
703
+ return await I(e.configuration, e.configurationName) || await P(e.configurationName, e.configuration.storage).setTokens(e.tokens), e.tokens ? i : (await e.destroyAsync(r), null);
703
704
  }
704
- async function Ee(e, n = !1, s = null) {
705
- const t = e.configuration, o = `${t.client_id}_${e.configurationName}_${t.authority}`;
706
- let i;
707
- const r = await I(e.configuration, e.configurationName);
708
- if ((t == null ? void 0 : t.storage) === (window == null ? void 0 : window.sessionStorage) && !r || !navigator.locks)
709
- i = await ye(e, n, s);
705
+ async function Ee(e, n = !1, s = null, t = null) {
706
+ const o = e.configuration, i = `${o.client_id}_${e.configurationName}_${o.authority}`;
707
+ let r;
708
+ const l = await I(e.configuration, e.configurationName);
709
+ if ((o == null ? void 0 : o.storage) === (window == null ? void 0 : window.sessionStorage) && !l || !navigator.locks)
710
+ r = await ye(e, n, s, t);
710
711
  else {
711
712
  let a = "retry";
712
713
  for (; a === "retry"; )
713
714
  a = await navigator.locks.request(
714
- o,
715
+ i,
715
716
  { ifAvailable: !0 },
716
- async (l) => l ? await ye(e, n, s) : (e.publishEvent(C.eventNames.syncTokensAsync_lock_not_available, {
717
+ async (d) => d ? await ye(e, n, s, t) : (e.publishEvent(N.eventNames.syncTokensAsync_lock_not_available, {
717
718
  lock: "lock not available"
718
719
  }), "retry")
719
720
  );
720
- i = a;
721
+ r = a;
721
722
  }
722
- return i ? (e.timeoutId && (e.timeoutId = M(e, e.tokens.expiresAt, s)), e.tokens) : null;
723
+ return r ? (e.timeoutId && (e.timeoutId = M(e, e.tokens.expiresAt, s, t)), e.tokens) : null;
723
724
  }
724
- const M = (e, n, s = null) => {
725
- const t = e.configuration.refresh_time_before_tokens_expiration_in_second;
725
+ const M = (e, n, s = null, t = null) => {
726
+ const o = e.configuration.refresh_time_before_tokens_expiration_in_second;
726
727
  return e.timeoutId && U.clearTimeout(e.timeoutId), U.setTimeout(async () => {
727
- const i = { timeLeft: F(t, n) };
728
- e.publishEvent(C.eventNames.token_timer, i), await Ee(e, !1, s);
728
+ const r = { timeLeft: F(o, n) };
729
+ e.publishEvent(N.eventNames.token_timer, r), await Ee(e, !1, s, t);
729
730
  }, 1e3);
730
731
  }, W = {
731
732
  FORCE_REFRESH: "FORCE_REFRESH",
@@ -740,13 +741,13 @@ const M = (e, n, s = null) => {
740
741
  if (!t)
741
742
  return { tokens: null, status: "NOT_CONNECTED", nonce: i };
742
743
  let r = i;
743
- const a = await e.initAsync(
744
+ const l = await e.initAsync(
744
745
  n.authority,
745
746
  n.authority_configuration
746
- ), l = await I(n, s);
747
- if (l) {
748
- const { status: c, tokens: _ } = await l.initAsync(
749
- a,
747
+ ), a = await I(n, s);
748
+ if (a) {
749
+ const { status: c, tokens: u } = await a.initAsync(
750
+ l,
750
751
  "syncTokensAsync",
751
752
  n
752
753
  );
@@ -754,82 +755,89 @@ const M = (e, n, s = null) => {
754
755
  return { tokens: null, status: "LOGOUT_FROM_ANOTHER_TAB", nonce: i };
755
756
  if (c === "SESSIONS_LOST")
756
757
  return { tokens: null, status: "SESSIONS_LOST", nonce: i };
757
- if (!c || !_)
758
+ if (!c || !u)
758
759
  return { tokens: null, status: "REQUIRE_SYNC_TOKENS", nonce: i };
759
- if (_.issuedAt !== t.issuedAt) {
760
+ if (u.issuedAt !== t.issuedAt) {
760
761
  const g = F(
761
762
  n.refresh_time_before_tokens_expiration_in_second,
762
- _.expiresAt
763
- ) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", w = await l.getNonceAsync();
764
- return { tokens: _, status: g, nonce: w };
763
+ u.expiresAt
764
+ ) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", p = await a.getNonceAsync();
765
+ return { tokens: u, status: g, nonce: p };
765
766
  }
766
- r = await l.getNonceAsync();
767
+ r = await a.getNonceAsync();
767
768
  } else {
768
- const c = P(s, n.storage ?? sessionStorage), _ = await c.initAsync();
769
- let { tokens: h } = _;
770
- const { status: g } = _;
771
- if (h && (h = te(h, e.tokens, n.token_renew_mode)), h) {
769
+ const c = P(s, n.storage ?? sessionStorage), u = await c.initAsync();
770
+ let { tokens: f } = u;
771
+ const { status: g } = u;
772
+ if (f && (f = te(f, e.tokens, n.token_renew_mode)), f) {
772
773
  if (g === "SESSIONS_LOST")
773
774
  return { tokens: null, status: "SESSIONS_LOST", nonce: i };
774
- if (h.issuedAt !== t.issuedAt) {
775
+ if (f.issuedAt !== t.issuedAt) {
775
776
  const k = F(
776
777
  n.refresh_time_before_tokens_expiration_in_second,
777
- h.expiresAt
778
- ) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", v = await c.getNonceAsync();
779
- return { tokens: h, status: k, nonce: v };
778
+ f.expiresAt
779
+ ) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", E = await c.getNonceAsync();
780
+ return { tokens: f, status: k, nonce: E };
780
781
  }
781
782
  } else return { tokens: null, status: "LOGOUT_FROM_ANOTHER_TAB", nonce: i };
782
783
  r = await c.getNonceAsync();
783
784
  }
784
- const u = F(
785
+ const _ = F(
785
786
  n.refresh_time_before_tokens_expiration_in_second,
786
787
  t.expiresAt
787
788
  ) > 0 ? "TOKENS_VALID" : "TOKENS_INVALID";
788
- return o ? { tokens: t, status: "FORCE_REFRESH", nonce: r } : { tokens: t, status: u, nonce: r };
789
- }, H = (e) => async (n, s = 0, t = !1, o = null) => {
789
+ return o ? { tokens: t, status: "FORCE_REFRESH", nonce: r } : { tokens: t, status: _, nonce: r };
790
+ }, H = (e) => async (n, s = 0, t = !1, o = null, i = null) => {
790
791
  if (!navigator.onLine && document.hidden)
791
792
  return { tokens: e.tokens, status: "GIVE_UP" };
792
- let i = 6;
793
- for (; !navigator.onLine && i > 0; )
794
- await X({ milliseconds: 1e3 }), i--, e.publishEvent(m.refreshTokensAsync, {
795
- message: `wait because navigator is offline try ${i}`
793
+ let r = 6;
794
+ for (; !navigator.onLine && r > 0; )
795
+ await X({ milliseconds: 1e3 }), r--, e.publishEvent(m.refreshTokensAsync, {
796
+ message: `wait because navigator is offline try ${r}`
796
797
  });
797
- const r = s + 1;
798
+ const l = s + 1;
798
799
  o || (o = {});
799
- const a = e.configuration, l = (u, c = null, _ = null) => re(
800
+ const a = e.configuration, d = (c, u = null, f = null) => re(
800
801
  e.configurationName,
801
802
  e.configuration,
802
803
  e.publishEvent.bind(e)
803
- )(u, c, _), f = async () => {
804
+ )(c, u, f), _ = async () => {
804
805
  try {
805
- let u;
806
- const c = await I(a, e.configurationName);
807
- c ? u = c.getLoginParams() : u = P(e.configurationName, a.storage).getLoginParams();
808
- const _ = await l({
809
- ...u.extras,
806
+ let c;
807
+ const u = await I(a, e.configurationName);
808
+ u ? c = u.getLoginParams() : c = P(e.configurationName, a.storage).getLoginParams();
809
+ const f = await d({
810
+ ...c.extras,
810
811
  ...o,
811
- prompt: "none"
812
+ prompt: "none",
813
+ scope: i
812
814
  });
813
- return _ ? _.error ? (n(null), e.publishEvent(m.refreshTokensAsync_error, {
815
+ return f ? f.error ? (n(null), e.publishEvent(m.refreshTokensAsync_error, {
814
816
  message: "refresh token silent"
815
- }), { tokens: null, status: "SESSION_LOST" }) : (n(_.tokens), e.publishEvent(C.eventNames.token_renewed, {}), { tokens: _.tokens, status: "LOGGED" }) : (n(null), e.publishEvent(m.refreshTokensAsync_error, {
817
+ }), { tokens: null, status: "SESSION_LOST" }) : (n(f.tokens), e.publishEvent(N.eventNames.token_renewed, {}), { tokens: f.tokens, status: "LOGGED" }) : (n(null), e.publishEvent(m.refreshTokensAsync_error, {
816
818
  message: "refresh token silent not active"
817
819
  }), { tokens: null, status: "SESSION_LOST" });
818
- } catch (u) {
819
- return console.error(u), e.publishEvent(m.refreshTokensAsync_silent_error, {
820
+ } catch (c) {
821
+ return console.error(c), e.publishEvent(m.refreshTokensAsync_silent_error, {
820
822
  message: "exceptionSilent",
821
- exception: u.message
822
- }), await H(e)(n, r, t, o);
823
+ exception: c.message
824
+ }), await H(e)(
825
+ n,
826
+ l,
827
+ t,
828
+ o,
829
+ i
830
+ );
823
831
  }
824
832
  };
825
833
  try {
826
- const { status: u, tokens: c, nonce: _ } = await on(e)(
834
+ const { status: c, tokens: u, nonce: f } = await on(e)(
827
835
  a,
828
836
  e.configurationName,
829
837
  e.tokens,
830
838
  t
831
839
  );
832
- switch (u) {
840
+ switch (c) {
833
841
  case W.SESSION_LOST:
834
842
  return n(null), e.publishEvent(m.refreshTokensAsync_error, {
835
843
  message: "refresh token session lost"
@@ -837,96 +845,97 @@ const M = (e, n, s = null) => {
837
845
  case W.NOT_CONNECTED:
838
846
  return n(null), { tokens: null, status: null };
839
847
  case W.TOKENS_VALID:
840
- return n(c), { tokens: c, status: "LOGGED_IN" };
848
+ return n(u), { tokens: u, status: "LOGGED_IN" };
841
849
  case W.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:
842
- return n(c), e.publishEvent(C.eventNames.token_renewed, {
850
+ return n(u), e.publishEvent(N.eventNames.token_renewed, {
843
851
  reason: "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID"
844
- }), { tokens: c, status: "LOGGED_IN" };
852
+ }), { tokens: u, status: "LOGGED_IN" };
845
853
  case W.LOGOUT_FROM_ANOTHER_TAB:
846
854
  return n(null), e.publishEvent(m.logout_from_another_tab, {
847
855
  status: "session syncTokensAsync"
848
856
  }), { tokens: null, status: "LOGGED_OUT" };
849
857
  case W.REQUIRE_SYNC_TOKENS:
850
- return a.token_automatic_renew_mode == J.AutomaticOnlyWhenFetchExecuted && W.FORCE_REFRESH !== u ? (e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh, {}), { tokens: e.tokens, status: "GIVE_UP" }) : (e.publishEvent(m.refreshTokensAsync_begin, { tryNumber: s }), await f());
858
+ return a.token_automatic_renew_mode == J.AutomaticOnlyWhenFetchExecuted && W.FORCE_REFRESH !== c ? (e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh, {}), { tokens: e.tokens, status: "GIVE_UP" }) : (e.publishEvent(m.refreshTokensAsync_begin, { tryNumber: s }), await _());
851
859
  default: {
852
- if (a.token_automatic_renew_mode == J.AutomaticOnlyWhenFetchExecuted && W.FORCE_REFRESH !== u)
860
+ if (a.token_automatic_renew_mode == J.AutomaticOnlyWhenFetchExecuted && W.FORCE_REFRESH !== c)
853
861
  return e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh, {}), { tokens: e.tokens, status: "GIVE_UP" };
854
862
  if (e.publishEvent(m.refreshTokensAsync_begin, {
855
- refreshToken: c.refreshToken,
856
- status: u,
863
+ refreshToken: u.refreshToken,
864
+ status: c,
857
865
  tryNumber: s
858
- }), !c.refreshToken)
859
- return await f();
860
- const h = a.client_id, g = a.redirect_uri, w = a.authority, v = { ...a.token_request_extras ? a.token_request_extras : {} };
861
- for (const [A, S] of Object.entries(o))
862
- A.endsWith(":token_request") && (v[A.replace(":token_request", "")] = S);
866
+ }), !u.refreshToken)
867
+ return await _();
868
+ const g = a.client_id, p = a.redirect_uri, k = a.authority, b = { ...a.token_request_extras ? a.token_request_extras : {} };
869
+ for (const [S, h] of Object.entries(o))
870
+ S.endsWith(":token_request") && (b[S.replace(":token_request", "")] = h);
863
871
  return await (async () => {
864
- const A = {
865
- client_id: h,
866
- redirect_uri: g,
872
+ const S = {
873
+ client_id: g,
874
+ redirect_uri: p,
867
875
  grant_type: "refresh_token",
868
- refresh_token: c.refreshToken
869
- }, S = await e.initAsync(
870
- w,
876
+ refresh_token: u.refreshToken
877
+ }, h = await e.initAsync(
878
+ k,
871
879
  a.authority_configuration
872
- ), y = document.hidden ? 1e4 : 3e4 * 10, O = S.tokenEndpoint, d = {};
873
- a.demonstrating_proof_of_possession && (d.DPoP = await e.generateDemonstrationOfProofOfPossessionAsync(
874
- c.accessToken,
875
- O,
880
+ ), C = document.hidden ? 1e4 : 3e4 * 10, y = h.tokenEndpoint, w = {};
881
+ a.demonstrating_proof_of_possession && (w.DPoP = await e.generateDemonstrationOfProofOfPossessionAsync(
882
+ u.accessToken,
883
+ y,
876
884
  "POST"
877
885
  ));
878
- const p = await nn(e.getFetch())(
879
- O,
880
- A,
881
- v,
882
- c,
883
- d,
886
+ const T = await nn(e.getFetch())(
887
+ y,
888
+ S,
889
+ b,
890
+ u,
891
+ w,
884
892
  a.token_renew_mode,
885
- y
893
+ C
886
894
  );
887
- if (p.success) {
888
- const { isValid: N, reason: D } = pe(
889
- p.data,
890
- _.nonce,
891
- S
895
+ if (T.success) {
896
+ const { isValid: D, reason: v } = pe(
897
+ T.data,
898
+ f.nonce,
899
+ h
892
900
  );
893
- if (!N)
901
+ if (!D)
894
902
  return n(null), e.publishEvent(m.refreshTokensAsync_error, {
895
- message: `refresh token return not valid tokens, reason: ${D}`
903
+ message: `refresh token return not valid tokens, reason: ${v}`
896
904
  }), { tokens: null, status: "SESSION_LOST" };
897
- if (n(p.data), p.demonstratingProofOfPossessionNonce) {
898
- const T = await I(a, e.configurationName);
899
- T ? await T.setDemonstratingProofOfPossessionNonce(
900
- p.demonstratingProofOfPossessionNonce
905
+ if (n(T.data), T.demonstratingProofOfPossessionNonce) {
906
+ const x = await I(a, e.configurationName);
907
+ x ? await x.setDemonstratingProofOfPossessionNonce(
908
+ T.demonstratingProofOfPossessionNonce
901
909
  ) : await P(e.configurationName, a.storage).setDemonstratingProofOfPossessionNonce(
902
- p.demonstratingProofOfPossessionNonce
910
+ T.demonstratingProofOfPossessionNonce
903
911
  );
904
912
  }
905
913
  return e.publishEvent(m.refreshTokensAsync_end, {
906
- success: p.success
907
- }), e.publishEvent(C.eventNames.token_renewed, { reason: "REFRESH_TOKEN" }), { tokens: p.data, status: "LOGGED_IN" };
914
+ success: T.success
915
+ }), e.publishEvent(N.eventNames.token_renewed, { reason: "REFRESH_TOKEN" }), { tokens: T.data, status: "LOGGED_IN" };
908
916
  } else
909
917
  return e.publishEvent(m.refreshTokensAsync_silent_error, {
910
918
  message: "bad request",
911
- tokenResponse: p
912
- }), p.status >= 400 && p.status < 500 ? (n(null), e.publishEvent(m.refreshTokensAsync_error, {
913
- message: `session lost: ${p.status}`
919
+ tokenResponse: T
920
+ }), T.status >= 400 && T.status < 500 ? (n(null), e.publishEvent(m.refreshTokensAsync_error, {
921
+ message: `session lost: ${T.status}`
914
922
  }), { tokens: null, status: "SESSION_LOST" }) : await H(e)(
915
923
  n,
916
- r,
924
+ l,
917
925
  t,
918
- o
926
+ o,
927
+ i
919
928
  );
920
929
  })();
921
930
  }
922
931
  }
923
- } catch (u) {
924
- return console.error(u), e.publishEvent(m.refreshTokensAsync_silent_error, {
932
+ } catch (c) {
933
+ return console.error(c), e.publishEvent(m.refreshTokensAsync_silent_error, {
925
934
  message: "exception",
926
- exception: u.message
927
- }), new Promise((c, _) => {
935
+ exception: c.message
936
+ }), new Promise((u, f) => {
928
937
  setTimeout(() => {
929
- H(e)(n, r, t, o).then(c).catch(_);
938
+ H(e)(n, l, t, o, i).then(u).catch(f);
930
939
  }, 1e3);
931
940
  });
932
941
  }
@@ -936,39 +945,39 @@ const M = (e, n, s = null) => {
936
945
  try {
937
946
  s(m.silentLoginAsync_begin, {});
938
947
  let r = "";
939
- if (o && (t == null && (t = {}), t.state = o), i && (t == null && (t = {}), t.scope = i), t != null)
940
- for (const [c, _] of Object.entries(t))
941
- r === "" ? r = `?${encodeURIComponent(c)}=${encodeURIComponent(_)}` : r += `&${encodeURIComponent(c)}=${encodeURIComponent(_)}`;
942
- const a = n.silent_login_uri + r, l = a.indexOf("/", a.indexOf("//") + 2), f = a.substring(0, l), u = document.createElement("iframe");
943
- return u.width = "0px", u.height = "0px", u.id = `${e}_oidc_iframe`, u.setAttribute("src", a), document.body.appendChild(u), new Promise((c, _) => {
944
- let h = !1;
948
+ if (o && (t == null && (t = {}), t.state = o), i != null && (t == null && (t = {}), t.scope = i), t != null)
949
+ for (const [c, u] of Object.entries(t))
950
+ r === "" ? r = `?${encodeURIComponent(c)}=${encodeURIComponent(u)}` : r += `&${encodeURIComponent(c)}=${encodeURIComponent(u)}`;
951
+ const l = n.silent_login_uri + r, a = l.indexOf("/", l.indexOf("//") + 2), d = l.substring(0, a), _ = document.createElement("iframe");
952
+ return _.width = "0px", _.height = "0px", _.id = `${e}_oidc_iframe`, _.setAttribute("src", l), document.body.appendChild(_), new Promise((c, u) => {
953
+ let f = !1;
945
954
  const g = () => {
946
- window.removeEventListener("message", w), u.remove(), h = !0;
947
- }, w = (k) => {
948
- if (k.origin === f && k.source === u.contentWindow) {
949
- const v = `${e}_oidc_tokens:`, b = `${e}_oidc_error:`, A = `${e}_oidc_exception:`, S = k.data;
950
- if (S && typeof S == "string" && !h) {
951
- if (S.startsWith(v)) {
952
- const y = JSON.parse(k.data.replace(v, ""));
953
- s(m.silentLoginAsync_end, {}), c(y), g();
955
+ window.removeEventListener("message", p), _.remove(), f = !0;
956
+ }, p = (k) => {
957
+ if (k.origin === d && k.source === _.contentWindow) {
958
+ const E = `${e}_oidc_tokens:`, b = `${e}_oidc_error:`, A = `${e}_oidc_exception:`, S = k.data;
959
+ if (S && typeof S == "string" && !f) {
960
+ if (S.startsWith(E)) {
961
+ const h = JSON.parse(k.data.replace(E, ""));
962
+ s(m.silentLoginAsync_end, {}), c(h), g();
954
963
  } else if (S.startsWith(b)) {
955
- const y = JSON.parse(k.data.replace(b, ""));
956
- s(m.silentLoginAsync_error, y), c({ error: "oidc_" + y.error, tokens: null, sessionState: null }), g();
964
+ const h = JSON.parse(k.data.replace(b, ""));
965
+ s(m.silentLoginAsync_error, h), c({ error: "oidc_" + h.error, tokens: null, sessionState: null }), g();
957
966
  } else if (S.startsWith(A)) {
958
- const y = JSON.parse(k.data.replace(A, ""));
959
- s(m.silentLoginAsync_error, y), _(new Error(y.error)), g();
967
+ const h = JSON.parse(k.data.replace(A, ""));
968
+ s(m.silentLoginAsync_error, h), u(new Error(h.error)), g();
960
969
  }
961
970
  }
962
971
  }
963
972
  };
964
973
  try {
965
- window.addEventListener("message", w);
974
+ window.addEventListener("message", p);
966
975
  const k = n.silent_login_timeout;
967
976
  setTimeout(() => {
968
- h || (g(), s(m.silentLoginAsync_error, { reason: "timeout" }), _(new Error("timeout")));
977
+ f || (g(), s(m.silentLoginAsync_error, { reason: "timeout" }), u(new Error("timeout")));
969
978
  }, k);
970
979
  } catch (k) {
971
- g(), s(m.silentLoginAsync_error, k), _(k);
980
+ g(), s(m.silentLoginAsync_error, k), u(k);
972
981
  }
973
982
  });
974
983
  } catch (r) {
@@ -976,55 +985,55 @@ const M = (e, n, s = null) => {
976
985
  }
977
986
  }, rn = (e, n, s, t, o) => (i = null, r = void 0) => {
978
987
  i = { ...i };
979
- const a = (f, u, c) => re(n, s, t.bind(o))(
980
- f,
981
- u,
988
+ const l = (d, _, c) => re(n, s, t.bind(o))(
989
+ d,
990
+ _,
982
991
  c
983
992
  );
984
993
  return (async () => {
985
994
  o.timeoutId && U.clearTimeout(o.timeoutId);
986
- let f;
987
- i && "state" in i && (f = i.state, delete i.state);
995
+ let d;
996
+ i && "state" in i && (d = i.state, delete i.state);
988
997
  try {
989
- const u = s.extras ? { ...s.extras, ...i } : i, c = await a(
998
+ const _ = s.extras ? { ...s.extras, ...i } : i, c = await l(
990
999
  {
991
- ...u,
1000
+ ..._,
992
1001
  prompt: "none"
993
1002
  },
994
- f,
1003
+ d,
995
1004
  r
996
1005
  );
997
1006
  if (c)
998
- return o.tokens = c.tokens, t(m.token_acquired, {}), o.timeoutId = M(o, o.tokens.expiresAt, i), {};
999
- } catch (u) {
1000
- return u;
1007
+ return o.tokens = c.tokens, t(m.token_acquired, {}), o.timeoutId = M(o, o.tokens.expiresAt, i, r), {};
1008
+ } catch (_) {
1009
+ return _;
1001
1010
  }
1002
1011
  })();
1003
1012
  }, an = (e, n, s) => (t, o, i, r = !1) => {
1004
- const a = (l, f = void 0, u = void 0) => re(e.configurationName, s, e.publishEvent.bind(e))(
1005
- l,
1006
- f,
1007
- u
1013
+ const l = (a, d = void 0, _ = void 0) => re(e.configurationName, s, e.publishEvent.bind(e))(
1014
+ a,
1015
+ d,
1016
+ _
1008
1017
  );
1009
- return new Promise((l, f) => {
1018
+ return new Promise((a, d) => {
1010
1019
  if (s.silent_login_uri && s.silent_redirect_uri && s.monitor_session && t && i && !r) {
1011
- const u = () => {
1020
+ const _ = () => {
1012
1021
  e.checkSessionIFrame.stop();
1013
1022
  const c = e.tokens;
1014
1023
  if (c === null)
1015
1024
  return;
1016
- const _ = c.idToken, h = c.idTokenPayload;
1017
- return a({
1025
+ const u = c.idToken, f = c.idTokenPayload;
1026
+ return l({
1018
1027
  prompt: "none",
1019
- id_token_hint: _,
1028
+ id_token_hint: u,
1020
1029
  scope: s.scope || "openid"
1021
1030
  }).then((g) => {
1022
1031
  if (g.error)
1023
1032
  throw new Error(g.error);
1024
- const w = g.tokens.idTokenPayload;
1025
- if (h.sub === w.sub) {
1033
+ const p = g.tokens.idTokenPayload;
1034
+ if (f.sub === p.sub) {
1026
1035
  const k = g.sessionState;
1027
- e.checkSessionIFrame.start(g.sessionState), h.sid === w.sid ? console.debug(
1036
+ e.checkSessionIFrame.start(g.sessionState), f.sid === p.sid ? console.debug(
1028
1037
  "SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",
1029
1038
  k
1030
1039
  ) : console.debug(
@@ -1034,28 +1043,28 @@ const M = (e, n, s = null) => {
1034
1043
  } else
1035
1044
  console.debug(
1036
1045
  "SessionMonitor._callback: Different subject signed into OP:",
1037
- w.sub
1046
+ p.sub
1038
1047
  );
1039
1048
  }).catch(async (g) => {
1040
1049
  console.warn(
1041
1050
  "SessionMonitor._callback: Silent login failed, logging out other tabs:",
1042
1051
  g
1043
1052
  );
1044
- for (const [, w] of Object.entries(n))
1045
- await w.logoutOtherTabAsync(s.client_id, h.sub);
1053
+ for (const [, p] of Object.entries(n))
1054
+ await p.logoutOtherTabAsync(s.client_id, f.sub);
1046
1055
  });
1047
1056
  };
1048
1057
  e.checkSessionIFrame = new Ie(
1049
- u,
1058
+ _,
1050
1059
  o,
1051
1060
  t
1052
1061
  ), e.checkSessionIFrame.load().then(() => {
1053
- e.checkSessionIFrame.start(i), l(e.checkSessionIFrame);
1062
+ e.checkSessionIFrame.start(i), a(e.checkSessionIFrame);
1054
1063
  }).catch((c) => {
1055
- f(c);
1064
+ d(c);
1056
1065
  });
1057
1066
  } else
1058
- l(null);
1067
+ a(null);
1059
1068
  });
1060
1069
  }, cn = (e) => !!(e.os === "iOS" && e.osVersion.startsWith("12") || e.os === "Mac OS X" && e.osVersion.startsWith("10_15_6")), ln = (e) => {
1061
1070
  const n = e.appVersion, s = e.userAgent, t = "-";
@@ -1092,10 +1101,10 @@ const M = (e, n, s = null) => {
1092
1101
  r: /(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/
1093
1102
  }
1094
1103
  ];
1095
- for (const a in i) {
1096
- const l = i[a];
1097
- if (l.r.test(s)) {
1098
- o = l.s;
1104
+ for (const l in i) {
1105
+ const a = i[l];
1106
+ if (a.r.test(s)) {
1107
+ o = a.s;
1099
1108
  break;
1100
1109
  }
1101
1110
  }
@@ -1107,8 +1116,8 @@ const M = (e, n, s = null) => {
1107
1116
  r = /(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(s)[1];
1108
1117
  break;
1109
1118
  case "iOS": {
1110
- const a = /OS (\d+)_(\d+)_?(\d+)?/.exec(n);
1111
- a != null && a.length > 2 && (r = a[1] + "." + a[2] + "." + (parseInt(a[3]) | 0));
1119
+ const l = /OS (\d+)_(\d+)_?(\d+)?/.exec(n);
1120
+ l != null && l.length > 2 && (r = l[1] + "." + l[2] + "." + (parseInt(l[3]) | 0));
1112
1121
  break;
1113
1122
  }
1114
1123
  }
@@ -1184,11 +1193,11 @@ const _n = () => {
1184
1193
  e.tokens = te(i, null, s.token_renew_mode);
1185
1194
  const r = o.getLoginParams();
1186
1195
  e.timeoutId = M(e, e.tokens.expiresAt, r.extras);
1187
- const a = await o.getSessionStateAsync();
1196
+ const l = await o.getSessionStateAsync();
1188
1197
  return await e.startCheckSessionAsync(
1189
1198
  t.check_session_iframe,
1190
1199
  s.client_id,
1191
- a
1200
+ l
1192
1201
  ), s.preload_user_info && await e.userInfoAsync(), e.publishEvent(m.tryKeepExistingSessionAsync_end, {
1193
1202
  success: !0,
1194
1203
  message: "tokens inside storage are valid"
@@ -1227,7 +1236,7 @@ const _n = () => {
1227
1236
  search: s,
1228
1237
  hash: t
1229
1238
  };
1230
- }, vn = (e) => {
1239
+ }, bn = (e) => {
1231
1240
  const n = Oe(e);
1232
1241
  let { path: s } = n;
1233
1242
  s.endsWith("/") && (s = s.slice(0, -1));
@@ -1243,139 +1252,139 @@ const _n = () => {
1243
1252
  for (t = 0, o = i.length; t < o; t++)
1244
1253
  s = i[t].split("="), n[decodeURIComponent(s[0])] = decodeURIComponent(s[1]);
1245
1254
  return n;
1246
- }, hn = (e, n, s, t, o) => (i = void 0, r = null, a = !1, l = void 0) => {
1247
- const f = r;
1255
+ }, hn = (e, n, s, t, o) => (i = void 0, r = null, l = !1, a = void 0) => {
1256
+ const d = r;
1248
1257
  return r = { ...r }, (async () => {
1249
1258
  const c = i || o.getPath();
1250
1259
  if ("state" in r || (r.state = ee(16)), s(m.loginAsync_begin, {}), r)
1251
- for (const _ of Object.keys(r))
1252
- _.endsWith(":token_request") && delete r[_];
1260
+ for (const u of Object.keys(r))
1261
+ u.endsWith(":token_request") && delete r[u];
1253
1262
  try {
1254
- const _ = a ? n.silent_redirect_uri : n.redirect_uri;
1255
- l || (l = n.scope);
1256
- const h = n.extras ? { ...n.extras, ...r } : r;
1257
- h.nonce || (h.nonce = ee(12));
1258
- const g = { nonce: h.nonce }, w = await I(n, e), k = await t(
1263
+ const u = l ? n.silent_redirect_uri : n.redirect_uri;
1264
+ a || (a = n.scope);
1265
+ const f = n.extras ? { ...n.extras, ...r } : r;
1266
+ f.nonce || (f.nonce = ee(12));
1267
+ const g = { nonce: f.nonce }, p = await I(n, e), k = await t(
1259
1268
  n.authority,
1260
1269
  n.authority_configuration
1261
1270
  );
1262
- let v;
1263
- if (w)
1264
- w.setLoginParams({ callbackPath: c, extras: f }), await w.initAsync(k, "loginAsync", n), await w.setNonceAsync(g), w.startKeepAliveServiceWorker(), v = w;
1271
+ let E;
1272
+ if (p)
1273
+ p.setLoginParams({ callbackPath: c, extras: d }), await p.initAsync(k, "loginAsync", n), await p.setNonceAsync(g), p.startKeepAliveServiceWorker(), E = p;
1265
1274
  else {
1266
1275
  const A = P(e, n.storage ?? sessionStorage);
1267
- A.setLoginParams({ callbackPath: c, extras: f }), await A.setNonceAsync(g), v = A;
1276
+ A.setLoginParams({ callbackPath: c, extras: d }), await A.setNonceAsync(g), E = A;
1268
1277
  }
1269
1278
  const b = {
1270
1279
  client_id: n.client_id,
1271
- redirect_uri: _,
1272
- scope: l,
1280
+ redirect_uri: u,
1281
+ scope: a,
1273
1282
  response_type: "code",
1274
- ...h
1283
+ ...f
1275
1284
  };
1276
- await sn(v, o)(
1285
+ await sn(E, o)(
1277
1286
  k.authorizationEndpoint,
1278
1287
  b
1279
1288
  );
1280
- } catch (_) {
1281
- throw s(m.loginAsync_error, _), _;
1289
+ } catch (u) {
1290
+ throw s(m.loginAsync_error, u), u;
1282
1291
  }
1283
1292
  })();
1284
1293
  }, yn = (e) => async (n = !1) => {
1285
1294
  try {
1286
1295
  e.publishEvent(m.loginCallbackAsync_begin, {});
1287
- const s = e.configuration, t = s.client_id, o = n ? s.silent_redirect_uri : s.redirect_uri, i = s.authority, r = s.token_request_timeout, a = await e.initAsync(
1296
+ const s = e.configuration, t = s.client_id, o = n ? s.silent_redirect_uri : s.redirect_uri, i = s.authority, r = s.token_request_timeout, l = await e.initAsync(
1288
1297
  i,
1289
1298
  s.authority_configuration
1290
- ), l = e.location.getCurrentHref(), u = Y(l).session_state, c = await I(s, e.configurationName);
1291
- let _, h, g, w;
1299
+ ), a = e.location.getCurrentHref(), _ = Y(a).session_state, c = await I(s, e.configurationName);
1300
+ let u, f, g, p;
1292
1301
  if (c)
1293
- await c.initAsync(a, "loginCallbackAsync", s), await c.setSessionStateAsync(u), h = await c.getNonceAsync(), g = c.getLoginParams(), w = await c.getStateAsync(), c.startKeepAliveServiceWorker(), _ = c;
1302
+ await c.initAsync(l, "loginCallbackAsync", s), await c.setSessionStateAsync(_), f = await c.getNonceAsync(), g = c.getLoginParams(), p = await c.getStateAsync(), c.startKeepAliveServiceWorker(), u = c;
1294
1303
  else {
1295
- const T = P(
1304
+ const v = P(
1296
1305
  e.configurationName,
1297
1306
  s.storage ?? sessionStorage
1298
1307
  );
1299
- await T.setSessionStateAsync(u), h = await T.getNonceAsync(), g = T.getLoginParams(), w = await T.getStateAsync(), _ = T;
1308
+ await v.setSessionStateAsync(_), f = await v.getNonceAsync(), g = v.getLoginParams(), p = await v.getStateAsync(), u = v;
1300
1309
  }
1301
- const k = Y(l);
1310
+ const k = Y(a);
1302
1311
  if (k.error || k.error_description)
1303
1312
  throw new Error(`Error from OIDC server: ${k.error} - ${k.error_description}`);
1304
- if (k.iss && k.iss !== a.issuer)
1313
+ if (k.iss && k.iss !== l.issuer)
1305
1314
  throw console.error(), new Error(
1306
- `Issuer not valid (expected: ${a.issuer}, received: ${k.iss})`
1315
+ `Issuer not valid (expected: ${l.issuer}, received: ${k.iss})`
1307
1316
  );
1308
- if (k.state && k.state !== w)
1309
- throw new Error(`State not valid (expected: ${w}, received: ${k.state})`);
1310
- const v = {
1317
+ if (k.state && k.state !== p)
1318
+ throw new Error(`State not valid (expected: ${p}, received: ${k.state})`);
1319
+ const E = {
1311
1320
  code: k.code,
1312
1321
  grant_type: "authorization_code",
1313
1322
  client_id: s.client_id,
1314
1323
  redirect_uri: o
1315
1324
  }, b = {};
1316
1325
  if (s.token_request_extras)
1317
- for (const [T, x] of Object.entries(s.token_request_extras))
1318
- b[T] = x;
1326
+ for (const [v, x] of Object.entries(s.token_request_extras))
1327
+ b[v] = x;
1319
1328
  if (g != null && g.extras)
1320
- for (const [T, x] of Object.entries(g.extras))
1321
- T.endsWith(":token_request") && (b[T.replace(":token_request", "")] = x);
1322
- const A = a.tokenEndpoint, S = {};
1329
+ for (const [v, x] of Object.entries(g.extras))
1330
+ v.endsWith(":token_request") && (b[v.replace(":token_request", "")] = x);
1331
+ const A = l.tokenEndpoint, S = {};
1323
1332
  if (s.demonstrating_proof_of_possession)
1324
1333
  if (c)
1325
1334
  S.DPoP = `DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;
1326
1335
  else {
1327
- const T = await Ge(window)(
1336
+ const v = await Ge(window)(
1328
1337
  s.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm
1329
1338
  );
1330
- await P(e.configurationName, s.storage).setDemonstratingProofOfPossessionJwkAsync(T), S.DPoP = await Te(window)(
1339
+ await P(e.configurationName, s.storage).setDemonstratingProofOfPossessionJwkAsync(v), S.DPoP = await Te(window)(
1331
1340
  s.demonstrating_proof_of_possession_configuration
1332
- )(T, "POST", A);
1341
+ )(v, "POST", A);
1333
1342
  }
1334
- const y = await tn(_)(
1343
+ const h = await tn(u)(
1335
1344
  A,
1336
- { ...v, ...b },
1345
+ { ...E, ...b },
1337
1346
  S,
1338
1347
  e.configuration.token_renew_mode,
1339
1348
  r
1340
1349
  );
1341
- if (!y.success)
1350
+ if (!h.success)
1342
1351
  throw new Error("Token request failed");
1343
- let O;
1344
- const d = y.data.tokens, p = y.data.demonstratingProofOfPossessionNonce;
1345
- if (y.data.state !== b.state)
1352
+ let C;
1353
+ const y = h.data.tokens, w = h.data.demonstratingProofOfPossessionNonce;
1354
+ if (h.data.state !== b.state)
1346
1355
  throw new Error("state is not valid");
1347
- const { isValid: N, reason: D } = pe(
1348
- d,
1349
- h.nonce,
1350
- a
1356
+ const { isValid: T, reason: D } = pe(
1357
+ y,
1358
+ f.nonce,
1359
+ l
1351
1360
  );
1352
- if (!N)
1361
+ if (!T)
1353
1362
  throw new Error(`Tokens are not OpenID valid, reason: ${D}`);
1354
1363
  if (c) {
1355
- if (d.refreshToken && !d.refreshToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))
1364
+ if (y.refreshToken && !y.refreshToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))
1356
1365
  throw new Error("Refresh token should be hidden by service worker");
1357
- if (p && (d != null && d.accessToken.includes("SECURED_BY_OIDC_SERVICE_WORKER")))
1366
+ if (w && (y != null && y.accessToken.includes("SECURED_BY_OIDC_SERVICE_WORKER")))
1358
1367
  throw new Error(
1359
1368
  "Demonstration of proof of possession require Access token not hidden by service worker"
1360
1369
  );
1361
1370
  }
1362
1371
  if (c)
1363
- await c.initAsync(a, "syncTokensAsync", s), O = c.getLoginParams(), p && await c.setDemonstratingProofOfPossessionNonce(
1364
- p
1372
+ await c.initAsync(l, "syncTokensAsync", s), C = c.getLoginParams(), w && await c.setDemonstratingProofOfPossessionNonce(
1373
+ w
1365
1374
  );
1366
1375
  else {
1367
- const T = P(e.configurationName, s.storage);
1368
- O = T.getLoginParams(), p && await T.setDemonstratingProofOfPossessionNonce(p);
1376
+ const v = P(e.configurationName, s.storage);
1377
+ C = v.getLoginParams(), w && await v.setDemonstratingProofOfPossessionNonce(w);
1369
1378
  }
1370
1379
  return await e.startCheckSessionAsync(
1371
- a.checkSessionIframe,
1380
+ l.checkSessionIframe,
1372
1381
  t,
1373
- u,
1382
+ _,
1374
1383
  n
1375
1384
  ), e.publishEvent(m.loginCallbackAsync_end, {}), {
1376
- tokens: d,
1385
+ tokens: y,
1377
1386
  state: "request.state",
1378
- callbackPath: O.callbackPath
1387
+ callbackPath: C.callbackPath
1379
1388
  };
1380
1389
  } catch (s) {
1381
1390
  throw console.error(s), e.publishEvent(m.loginCallbackAsync_error, s), s;
@@ -1407,40 +1416,40 @@ const _n = () => {
1407
1416
  const s = await I(e.configuration, e.configurationName);
1408
1417
  s ? await s.clearAsync(n) : await P(e.configurationName, e.configuration.storage).clearAsync(n), e.tokens = null, e.userInfo = null;
1409
1418
  }, mn = (e, n, s, t, o) => async (i = void 0, r = null) => {
1410
- var v, b;
1411
- const a = e.configuration, l = await e.initAsync(
1412
- a.authority,
1413
- a.authority_configuration
1419
+ var E, b;
1420
+ const l = e.configuration, a = await e.initAsync(
1421
+ l.authority,
1422
+ l.authority_configuration
1414
1423
  );
1415
1424
  i && typeof i != "string" && (i = void 0, t.warn("callbackPathOrUrl path is not a string"));
1416
- const f = i ?? o.getPath();
1417
- let u = !1;
1418
- i && (u = i.includes("https://") || i.includes("http://"));
1419
- const c = u ? i : o.getOrigin() + f, _ = e.tokens ? e.tokens.idToken : "";
1425
+ const d = i ?? o.getPath();
1426
+ let _ = !1;
1427
+ i && (_ = i.includes("https://") || i.includes("http://"));
1428
+ const c = _ ? i : o.getOrigin() + d, u = e.tokens ? e.tokens.idToken : "";
1420
1429
  try {
1421
- const A = l.revocationEndpoint;
1430
+ const A = a.revocationEndpoint;
1422
1431
  if (A) {
1423
- const S = [], y = e.tokens ? e.tokens.accessToken : null;
1424
- if (y && a.logout_tokens_to_invalidate.includes(ge.access_token)) {
1425
- const d = z(r, ":revoke_access_token"), p = he(s)(
1432
+ const S = [], h = e.tokens ? e.tokens.accessToken : null;
1433
+ if (h && l.logout_tokens_to_invalidate.includes(ge.access_token)) {
1434
+ const y = z(r, ":revoke_access_token"), w = he(s)(
1426
1435
  A,
1427
- y,
1436
+ h,
1428
1437
  ne.access_token,
1429
- a.client_id,
1430
- d
1438
+ l.client_id,
1439
+ y
1431
1440
  );
1432
- S.push(p);
1441
+ S.push(w);
1433
1442
  }
1434
- const O = e.tokens ? e.tokens.refreshToken : null;
1435
- if (O && a.logout_tokens_to_invalidate.includes(ge.refresh_token)) {
1436
- const d = z(r, ":revoke_refresh_token"), p = he(s)(
1443
+ const C = e.tokens ? e.tokens.refreshToken : null;
1444
+ if (C && l.logout_tokens_to_invalidate.includes(ge.refresh_token)) {
1445
+ const y = z(r, ":revoke_refresh_token"), w = he(s)(
1437
1446
  A,
1438
- O,
1447
+ C,
1439
1448
  ne.refresh_token,
1440
- a.client_id,
1441
- d
1449
+ l.client_id,
1450
+ y
1442
1451
  );
1443
- S.push(p);
1452
+ S.push(w);
1444
1453
  }
1445
1454
  S.length > 0 && await Promise.all(S);
1446
1455
  }
@@ -1449,67 +1458,67 @@ const _n = () => {
1449
1458
  "logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error"
1450
1459
  ), t.warn(A);
1451
1460
  }
1452
- const h = ((b = (v = e.tokens) == null ? void 0 : v.idTokenPayload) == null ? void 0 : b.sub) ?? null;
1461
+ const f = ((b = (E = e.tokens) == null ? void 0 : E.idTokenPayload) == null ? void 0 : b.sub) ?? null;
1453
1462
  await e.destroyAsync("LOGGED_OUT");
1454
1463
  for (const [, A] of Object.entries(n))
1455
- A !== e ? await e.logoutSameTabAsync(e.configuration.client_id, h) : e.publishEvent(m.logout_from_same_tab, {});
1464
+ A !== e ? await e.logoutSameTabAsync(e.configuration.client_id, f) : e.publishEvent(m.logout_from_same_tab, {});
1456
1465
  const g = z(r, ":oidc");
1457
1466
  if (g && g.no_reload === "true")
1458
1467
  return;
1459
1468
  const k = gn(r);
1460
- if (l.endSessionEndpoint) {
1461
- "id_token_hint" in k || (k.id_token_hint = _), !("post_logout_redirect_uri" in k) && i !== null && (k.post_logout_redirect_uri = c);
1469
+ if (a.endSessionEndpoint) {
1470
+ "id_token_hint" in k || (k.id_token_hint = u), !("post_logout_redirect_uri" in k) && i !== null && (k.post_logout_redirect_uri = c);
1462
1471
  let A = "";
1463
- for (const [S, y] of Object.entries(k))
1464
- y != null && (A === "" ? A += "?" : A += "&", A += `${S}=${encodeURIComponent(y)}`);
1465
- o.open(`${l.endSessionEndpoint}${A}`);
1472
+ for (const [S, h] of Object.entries(k))
1473
+ h != null && (A === "" ? A += "?" : A += "&", A += `${S}=${encodeURIComponent(h)}`);
1474
+ o.open(`${a.endSessionEndpoint}${A}`);
1466
1475
  } else
1467
1476
  o.reload();
1468
1477
  }, Pe = (e, n, s = !1) => async (...t) => {
1469
- var h;
1470
- const [o, i, ...r] = t, a = i ? { ...i } : { method: "GET" };
1471
- let l = new Headers();
1472
- a.headers && (l = a.headers instanceof Headers ? a.headers : new Headers(a.headers));
1473
- const f = {
1478
+ var f;
1479
+ const [o, i, ...r] = t, l = i ? { ...i } : { method: "GET" };
1480
+ let a = new Headers();
1481
+ l.headers && (a = l.headers instanceof Headers ? l.headers : new Headers(l.headers));
1482
+ const d = {
1474
1483
  getTokens: () => n.tokens,
1475
1484
  configuration: {
1476
1485
  token_automatic_renew_mode: n.configuration.token_automatic_renew_mode,
1477
1486
  refresh_time_before_tokens_expiration_in_second: n.configuration.refresh_time_before_tokens_expiration_in_second
1478
1487
  },
1479
1488
  renewTokensAsync: n.renewTokensAsync.bind(n)
1480
- }, u = await me(f), c = (h = u == null ? void 0 : u.tokens) == null ? void 0 : h.accessToken;
1481
- if (l.has("Accept") || l.set("Accept", "application/json"), c) {
1489
+ }, _ = await me(d), c = (f = _ == null ? void 0 : _.tokens) == null ? void 0 : f.accessToken;
1490
+ if (a.has("Accept") || a.set("Accept", "application/json"), c) {
1482
1491
  if (n.configuration.demonstrating_proof_of_possession && s) {
1483
1492
  const g = await n.generateDemonstrationOfProofOfPossessionAsync(
1484
1493
  c,
1485
1494
  o.toString(),
1486
- a.method
1495
+ l.method
1487
1496
  );
1488
- l.set("Authorization", `DPoP ${c}`), l.set("DPoP", g);
1497
+ a.set("Authorization", `DPoP ${c}`), a.set("DPoP", g);
1489
1498
  } else
1490
- l.set("Authorization", `Bearer ${c}`);
1491
- a.credentials || (a.credentials = "same-origin");
1499
+ a.set("Authorization", `Bearer ${c}`);
1500
+ l.credentials || (l.credentials = "same-origin");
1492
1501
  }
1493
- const _ = { ...a, headers: l };
1494
- return await e(o, _, ...r);
1502
+ const u = { ...l, headers: a };
1503
+ return await e(o, u, ...r);
1495
1504
  }, pn = (e) => async (n = !1, s = !1) => {
1496
1505
  if (e.userInfo != null && !n)
1497
1506
  return e.userInfo;
1498
1507
  const t = e.configuration, i = (await e.initAsync(
1499
1508
  t.authority,
1500
1509
  t.authority_configuration
1501
- )).userInfoEndpoint, a = await (async () => {
1502
- const f = await Pe(fetch, e, s)(i);
1503
- return f.status !== 200 ? null : f.json();
1510
+ )).userInfoEndpoint, l = await (async () => {
1511
+ const d = await Pe(fetch, e, s)(i);
1512
+ return d.status !== 200 ? null : d.json();
1504
1513
  })();
1505
- return e.userInfo = a, a;
1514
+ return e.userInfo = l, l;
1506
1515
  }, wn = () => fetch;
1507
1516
  class se {
1508
1517
  constructor(n) {
1509
1518
  this.authorizationEndpoint = n.authorization_endpoint, this.tokenEndpoint = n.token_endpoint, this.revocationEndpoint = n.revocation_endpoint, this.userInfoEndpoint = n.userinfo_endpoint, this.checkSessionIframe = n.check_session_iframe, this.issuer = n.issuer, this.endSessionEndpoint = n.end_session_endpoint;
1510
1519
  }
1511
1520
  }
1512
- const L = {}, An = (e, n = new q()) => (s, t = "default") => (L[t] || (L[t] = new C(s, t, e, n)), L[t]), Sn = async (e) => {
1521
+ const L = {}, An = (e, n = new q()) => (s, t = "default") => (L[t] || (L[t] = new N(s, t, e, n)), L[t]), Sn = async (e) => {
1513
1522
  const { parsedTokens: n, callbackPath: s } = await e.loginCallbackAsync();
1514
1523
  return e.timeoutId = M(e, n.expiresAt), { callbackPath: s };
1515
1524
  }, Tn = (e) => Math.floor(Math.random() * e), V = class V {
@@ -1519,7 +1528,7 @@ const L = {}, An = (e, n = new q()) => (s, t = "default") => (L[t] || (L[t] = ne
1519
1528
  n.silent_redirect_uri && !n.silent_login_uri && (i = `${n.silent_redirect_uri.replace("-callback", "").replace("callback", "")}-login`);
1520
1529
  let r = n.refresh_time_before_tokens_expiration_in_second ?? 120;
1521
1530
  r > 60 && (r = r - Math.floor(Math.random() * 40)), this.location = o ?? new q();
1522
- const a = n.service_worker_update_require_callback ?? De(this.location);
1531
+ const l = n.service_worker_update_require_callback ?? De(this.location);
1523
1532
  this.configuration = {
1524
1533
  ...n,
1525
1534
  silent_login_uri: i,
@@ -1534,7 +1543,7 @@ const L = {}, An = (e, n = new q()) => (s, t = "default") => (L[t] || (L[t] = ne
1534
1543
  "access_token",
1535
1544
  "refresh_token"
1536
1545
  ],
1537
- service_worker_update_require_callback: a,
1546
+ service_worker_update_require_callback: l,
1538
1547
  service_worker_activate: n.service_worker_activate ?? _n,
1539
1548
  demonstrating_proof_of_possession_configuration: n.demonstrating_proof_of_possession_configuration ?? Fe,
1540
1549
  preload_user_info: n.preload_user_info ?? !1
@@ -1628,13 +1637,13 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1628
1637
  );
1629
1638
  }
1630
1639
  async loginAsync(n = void 0, s = null, t = !1, o = void 0, i = !1) {
1631
- return this.logoutPromise && await this.logoutPromise, this.loginPromise !== null ? this.loginPromise : i ? rn(
1640
+ return this.logoutPromise && await this.logoutPromise, this.loginPromise !== null ? this.loginPromise : (i ? this.loginPromise = rn(
1632
1641
  window,
1633
1642
  this.configurationName,
1634
1643
  this.configuration,
1635
1644
  this.publishEvent.bind(this),
1636
1645
  this
1637
- )(s, o) : (this.loginPromise = hn(
1646
+ )(s, o) : this.loginPromise = hn(
1638
1647
  this.configurationName,
1639
1648
  this.configuration,
1640
1649
  this.publishEvent.bind(this),
@@ -1662,10 +1671,10 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1662
1671
  };
1663
1672
  if (await I(i, this.configurationName))
1664
1673
  return `DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${this.configurationName}`;
1665
- const l = P(this.configurationName, i.storage), f = await l.getDemonstratingProofOfPossessionJwkAsync(), u = l.getDemonstratingProofOfPossessionNonce();
1666
- return u && (r.nonce = u), await Te(window)(
1674
+ const a = P(this.configurationName, i.storage), d = await a.getDemonstratingProofOfPossessionJwkAsync(), _ = a.getDemonstratingProofOfPossessionNonce();
1675
+ return _ && (r.nonce = _), await Te(window)(
1667
1676
  i.demonstrating_proof_of_possession_configuration
1668
- )(f, t, s, r);
1677
+ )(d, t, s, r);
1669
1678
  }
1670
1679
  loginCallbackWithAutoTokensRenewAsync() {
1671
1680
  return this.loginCallbackWithAutoTokensRenewPromise !== null ? this.loginCallbackWithAutoTokensRenewPromise : (this.loginCallbackWithAutoTokensRenewPromise = Sn(this), this.loginCallbackWithAutoTokensRenewPromise.finally(() => {
@@ -1677,11 +1686,11 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1677
1686
  this.userInfoPromise = null;
1678
1687
  }));
1679
1688
  }
1680
- async renewTokensAsync(n = null) {
1689
+ async renewTokensAsync(n = null, s = null) {
1681
1690
  if (this.renewTokensPromise !== null)
1682
1691
  return this.renewTokensPromise;
1683
1692
  if (this.timeoutId)
1684
- return U.clearTimeout(this.timeoutId), this.renewTokensPromise = Ee(this, !0, n), this.renewTokensPromise.finally(() => {
1693
+ return U.clearTimeout(this.timeoutId), this.renewTokensPromise = Ee(this, !0, n, s), this.renewTokensPromise.finally(() => {
1685
1694
  this.renewTokensPromise = null;
1686
1695
  });
1687
1696
  }
@@ -1707,7 +1716,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1707
1716
  }
1708
1717
  };
1709
1718
  V.getOrCreate = (n, s) => (t, o = "default") => An(n, s)(t, o), V.eventNames = m;
1710
- let C = V;
1719
+ let N = V;
1711
1720
  const K = class K {
1712
1721
  constructor(n) {
1713
1722
  this._oidc = n;
@@ -1722,7 +1731,7 @@ const K = class K {
1722
1731
  this._oidc.publishEvent(n, s);
1723
1732
  }
1724
1733
  static get(n = "default") {
1725
- return new K(C.get(n));
1734
+ return new K(N.get(n));
1726
1735
  }
1727
1736
  tryKeepExistingSessionAsync() {
1728
1737
  return this._oidc.tryKeepExistingSessionAsync();
@@ -1736,8 +1745,8 @@ const K = class K {
1736
1745
  silentLoginCallbackAsync() {
1737
1746
  return this._oidc.silentLoginCallbackAsync();
1738
1747
  }
1739
- renewTokensAsync(n = null) {
1740
- return this._oidc.renewTokensAsync(n);
1748
+ renewTokensAsync(n = null, s = null) {
1749
+ return this._oidc.renewTokensAsync(n, s);
1741
1750
  }
1742
1751
  loginCallbackAsync() {
1743
1752
  return this._oidc.loginCallbackWithAutoTokensRenewAsync();
@@ -1777,7 +1786,7 @@ const K = class K {
1777
1786
  return this._oidc.userInfo;
1778
1787
  }
1779
1788
  };
1780
- K.getOrCreate = (n, s = new q()) => (t, o = "default") => new K(C.getOrCreate(n, s)(t, o)), K.eventNames = C.eventNames;
1789
+ K.getOrCreate = (n, s = new q()) => (t, o = "default") => new K(N.getOrCreate(n, s)(t, o)), K.eventNames = N.eventNames;
1781
1790
  let ke = K;
1782
1791
  export {
1783
1792
  ke as OidcClient,
@@ -1786,5 +1795,5 @@ export {
1786
1795
  Q as TokenRenewMode,
1787
1796
  wn as getFetchDefault,
1788
1797
  Y as getParseQueryStringFromLocation,
1789
- vn as getPath
1798
+ bn as getPath
1790
1799
  };