@axa-fr/oidc-client 7.24.0 → 7.25.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (20) hide show
  1. package/dist/crypto.d.ts +1 -1
  2. package/dist/crypto.d.ts.map +1 -1
  3. package/dist/index.js +402 -383
  4. package/dist/index.umd.cjs +2 -2
  5. package/dist/initWorker.d.ts.map +1 -1
  6. package/dist/keepSession.d.ts.map +1 -1
  7. package/dist/login.d.ts +2 -0
  8. package/dist/login.d.ts.map +1 -1
  9. package/dist/oidc.d.ts +3 -0
  10. package/dist/oidc.d.ts.map +1 -1
  11. package/dist/silentLogin.d.ts.map +1 -1
  12. package/dist/version.d.ts +1 -1
  13. package/dist/version.d.ts.map +1 -1
  14. package/package.json +9 -9
  15. package/src/initWorker.ts +1 -0
  16. package/src/keepSession.ts +12 -2
  17. package/src/login.ts +13 -11
  18. package/src/oidc.ts +13 -3
  19. package/src/silentLogin.ts +0 -1
  20. package/src/version.ts +1 -1
package/dist/index.js CHANGED
@@ -16,7 +16,7 @@ class q {
16
16
  return window.origin;
17
17
  }
18
18
  }
19
- const ae = 2e3, R = console;
19
+ const ae = 2e3, D = console;
20
20
  class Ie {
21
21
  constructor(n, s, t, o = ae, i = !0) {
22
22
  this._callback = n, this._client_id = s, this._url = t, this._interval = o || ae, this._stopOnError = i;
@@ -31,10 +31,10 @@ class Ie {
31
31
  });
32
32
  }
33
33
  _message(n) {
34
- n.origin === this._frame_origin && n.source === this._frame.contentWindow && (n.data === "error" ? (R.error("CheckSessionIFrame: error message from check session op iframe"), this._stopOnError && this.stop()) : n.data === "changed" ? (R.debug(n), R.debug("CheckSessionIFrame: changed message from check session op iframe"), this.stop(), this._callback()) : R.debug("CheckSessionIFrame: " + n.data + " message from check session op iframe"));
34
+ n.origin === this._frame_origin && n.source === this._frame.contentWindow && (n.data === "error" ? (D.error("CheckSessionIFrame: error message from check session op iframe"), this._stopOnError && this.stop()) : n.data === "changed" ? (D.debug(n), D.debug("CheckSessionIFrame: changed message from check session op iframe"), this.stop(), this._callback()) : D.debug("CheckSessionIFrame: " + n.data + " message from check session op iframe"));
35
35
  }
36
36
  start(n) {
37
- R.debug("CheckSessionIFrame.start :" + n), this.stop();
37
+ D.debug("CheckSessionIFrame.start :" + n), this.stop();
38
38
  const s = () => {
39
39
  this._frame.contentWindow.postMessage(
40
40
  this._client_id + " " + n,
@@ -44,10 +44,10 @@ class Ie {
44
44
  s(), this._timer = window.setInterval(s, this._interval);
45
45
  }
46
46
  stop() {
47
- this._timer && (R.debug("CheckSessionIFrame.stop"), window.clearInterval(this._timer), this._timer = null);
47
+ this._timer && (D.debug("CheckSessionIFrame.stop"), window.clearInterval(this._timer), this._timer = null);
48
48
  }
49
49
  }
50
- const m = {
50
+ const k = {
51
51
  service_worker_not_supported_by_browser: "service_worker_not_supported_by_browser",
52
52
  token_acquired: "token_acquired",
53
53
  logout_from_another_tab: "logout_from_another_tab",
@@ -76,7 +76,7 @@ const m = {
76
76
  syncTokensAsync_end: "syncTokensAsync_end",
77
77
  syncTokensAsync_error: "syncTokensAsync_error",
78
78
  tokensInvalidAndWaitingActionsToRefresh: "tokensInvalidAndWaitingActionsToRefresh"
79
- }, P = (e, n = sessionStorage) => {
79
+ }, I = (e, n = sessionStorage) => {
80
80
  const s = (h) => (n[`oidc.${e}`] = JSON.stringify({ tokens: null, status: h }), Promise.resolve()), t = async () => {
81
81
  if (!n[`oidc.${e}`])
82
82
  return n[`oidc.${e}`] = JSON.stringify({ tokens: null, status: null }), { tokens: null, status: null };
@@ -90,18 +90,18 @@ const m = {
90
90
  n[`oidc.nonce.${e}`] = h.nonce;
91
91
  }, a = (h) => {
92
92
  n[`oidc.jwk.${e}`] = JSON.stringify(h);
93
- }, d = () => JSON.parse(n[`oidc.jwk.${e}`]), _ = async () => ({ nonce: n[`oidc.nonce.${e}`] }), c = async (h) => {
93
+ }, u = () => JSON.parse(n[`oidc.jwk.${e}`]), f = async () => ({ nonce: n[`oidc.nonce.${e}`] }), c = async (h) => {
94
94
  n[`oidc.dpop_nonce.${e}`] = h;
95
- }, u = () => n[`oidc.dpop_nonce.${e}`], f = () => n[`oidc.${e}`] ? JSON.stringify({ tokens: JSON.parse(n[`oidc.${e}`]).tokens }) : null, g = {};
95
+ }, _ = () => n[`oidc.dpop_nonce.${e}`], d = () => n[`oidc.${e}`] ? JSON.stringify({ tokens: JSON.parse(n[`oidc.${e}`]).tokens }) : null, g = {};
96
96
  return {
97
97
  clearAsync: s,
98
98
  initAsync: t,
99
99
  setTokens: o,
100
- getTokens: f,
100
+ getTokens: d,
101
101
  setSessionStateAsync: i,
102
102
  getSessionStateAsync: r,
103
103
  setNonceAsync: l,
104
- getNonceAsync: _,
104
+ getNonceAsync: f,
105
105
  setLoginParams: (h) => {
106
106
  g[e] = h, n[`oidc.login.${e}`] = JSON.stringify(h);
107
107
  },
@@ -120,9 +120,9 @@ const m = {
120
120
  n[`oidc.code_verifier.${e}`] = h;
121
121
  },
122
122
  setDemonstratingProofOfPossessionNonce: c,
123
- getDemonstratingProofOfPossessionNonce: u,
123
+ getDemonstratingProofOfPossessionNonce: _,
124
124
  setDemonstratingProofOfPossessionJwkAsync: a,
125
- getDemonstratingProofOfPossessionJwkAsync: d
125
+ getDemonstratingProofOfPossessionJwkAsync: u
126
126
  };
127
127
  };
128
128
  var J = /* @__PURE__ */ ((e) => (e.AutomaticBeforeTokenExpiration = "AutomaticBeforeTokensExpiration", e.AutomaticOnlyWhenFetchExecuted = "AutomaticOnlyWhenFetchExecuted", e))(J || {});
@@ -135,7 +135,7 @@ const Ce = (e) => decodeURIComponent(
135
135
  console.warn(n);
136
136
  }
137
137
  return null;
138
- }, xe = (e, n) => e.split(n).length - 1, Q = {
138
+ }, xe = (e, n) => e.split(n).length - 1, z = {
139
139
  access_token_or_id_token_invalid: "access_token_or_id_token_invalid",
140
140
  access_token_invalid: "access_token_invalid",
141
141
  id_token_invalid: "id_token_invalid"
@@ -157,20 +157,20 @@ const te = (e, n = null, s) => {
157
157
  n != null && "idToken" in n && !("idToken" in e) ? i = n.idToken : i = e.idToken;
158
158
  const r = e.idTokenPayload ? e.idTokenPayload : ce(i), l = r && r.exp ? r.exp : Number.MAX_VALUE, a = t && t.exp ? t.exp : e.issuedAt + o;
159
159
  e.issuedAt = We(e, t, r);
160
- let d;
161
- e.expiresAt ? d = e.expiresAt : s === Q.access_token_invalid ? d = a : s === Q.id_token_invalid ? d = l : d = l < a ? l : a;
162
- const _ = {
160
+ let u;
161
+ e.expiresAt ? u = e.expiresAt : s === z.access_token_invalid ? u = a : s === z.id_token_invalid ? u = l : u = l < a ? l : a;
162
+ const f = {
163
163
  ...e,
164
164
  idTokenPayload: r,
165
165
  accessTokenPayload: t,
166
- expiresAt: d,
166
+ expiresAt: u,
167
167
  idToken: i
168
168
  };
169
169
  if (n != null && "refreshToken" in n && !("refreshToken" in e)) {
170
170
  const c = n.refreshToken;
171
- return { ..._, refreshToken: c };
171
+ return { ...f, refreshToken: c };
172
172
  }
173
- return _;
173
+ return f;
174
174
  }, oe = (e, n, s) => {
175
175
  if (!e)
176
176
  return null;
@@ -202,7 +202,7 @@ const te = (e, n = null, s) => {
202
202
  await e.renewTokensAsync({});
203
203
  break;
204
204
  } else
205
- await X({ milliseconds: n });
205
+ await Y({ milliseconds: n });
206
206
  t = t - 1;
207
207
  }
208
208
  return {
@@ -237,7 +237,7 @@ const te = (e, n = null, s) => {
237
237
  };
238
238
  }
239
239
  return { isValid: !0, reason: "" };
240
- }, U = function() {
240
+ }, K = function() {
241
241
  const e = typeof window > "u" ? global : window;
242
242
  return {
243
243
  setTimeout: setTimeout.bind(e),
@@ -245,16 +245,16 @@ const te = (e, n = null, s) => {
245
245
  setInterval: setInterval.bind(e),
246
246
  clearInterval: clearInterval.bind(e)
247
247
  };
248
- }(), ue = "7.24.0";
248
+ }(), ue = "7.25.0";
249
249
  let _e = null, j;
250
- const X = ({ milliseconds: e }) => new Promise((n) => U.setTimeout(n, e)), we = (e = "/") => {
250
+ const Y = ({ milliseconds: e }) => new Promise((n) => K.setTimeout(n, e)), we = (e = "/") => {
251
251
  try {
252
252
  j = new AbortController(), fetch(
253
253
  `${e}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`,
254
254
  { signal: j.signal }
255
255
  ).catch((t) => {
256
256
  console.log(t);
257
- }), X({ milliseconds: 150 * 1e3 }).then(we);
257
+ }), Y({ milliseconds: 150 * 1e3 }).then(we);
258
258
  } catch (n) {
259
259
  console.log(n);
260
260
  }
@@ -269,73 +269,73 @@ const X = ({ milliseconds: e }) => new Promise((n) => U.setTimeout(n, e)), we =
269
269
  }), De = (e) => async (n, s) => {
270
270
  s(), await n.update();
271
271
  const t = await n.unregister();
272
- console.log(`Service worker unregistration ${t ? "successful" : "failed"}`), await X({ milliseconds: 2e3 }), e.reload();
272
+ console.log(`Service worker unregistration ${t ? "successful" : "failed"}`), await Y({ milliseconds: 2e3 }), e.reload();
273
273
  }, Re = (e) => {
274
274
  const n = sessionStorage.getItem(`oidc.tabId.${e}`);
275
275
  if (n)
276
276
  return n;
277
277
  const s = globalThis.crypto.randomUUID();
278
278
  return sessionStorage.setItem(`oidc.tabId.${e}`, s), s;
279
- }, O = (e) => (n) => new Promise(function(s, t) {
279
+ }, P = (e) => (n) => new Promise(function(s, t) {
280
280
  const o = new MessageChannel();
281
281
  o.port1.onmessage = function(i) {
282
282
  i != null && i.data.error ? t(i.data.error) : s(i.data), o.port1.close(), o.port2.close();
283
283
  }, e.active.postMessage({ ...n, tabId: Re(n.configurationName) }, [
284
284
  o.port2
285
285
  ]);
286
- }), I = async (e, n) => {
287
- var C;
286
+ }), C = async (e, n) => {
287
+ var O;
288
288
  const s = e.service_worker_relative_url;
289
289
  if (typeof window > "u" || typeof navigator > "u" || !navigator.serviceWorker || !s || e.service_worker_activate() === !1)
290
290
  return null;
291
291
  let t = null;
292
- e.service_worker_register ? t = await e.service_worker_register(s) : (t = await navigator.serviceWorker.register(s), t.active && t.waiting && (console.log("Detected new service worker waiting, unregistering and reloading"), await ((C = e.service_worker_update_require_callback) == null ? void 0 : C.call(e, t, fe))));
292
+ e.service_worker_register ? t = await e.service_worker_register(s) : (t = await navigator.serviceWorker.register(s), t.active && t.waiting && (console.log("Detected new service worker waiting, unregistering and reloading"), await ((O = e.service_worker_update_require_callback) == null ? void 0 : O.call(e, t, fe))));
293
293
  try {
294
- await navigator.serviceWorker.ready, navigator.serviceWorker.controller || await O(t)({ type: "claim" });
295
- } catch {
296
- return null;
294
+ await navigator.serviceWorker.ready, navigator.serviceWorker.controller || await P(t)({ type: "claim" });
295
+ } catch (y) {
296
+ return console.warn(`Failed init ServiceWorker ${y.toString()}`), null;
297
297
  }
298
- const o = async (y) => O(t)({ type: "clear", data: { status: y }, configurationName: n }), i = async (y, w, T) => {
299
- var x;
300
- const D = await O(t)({
298
+ const o = async (y) => P(t)({ type: "clear", data: { status: y }, configurationName: n }), i = async (y, S, v) => {
299
+ var U;
300
+ const T = await P(t)({
301
301
  type: "init",
302
302
  data: {
303
303
  oidcServerConfiguration: y,
304
- where: w,
304
+ where: S,
305
305
  oidcConfiguration: {
306
- token_renew_mode: T.token_renew_mode,
307
- service_worker_convert_all_requests_to_cors: T.service_worker_convert_all_requests_to_cors
306
+ token_renew_mode: v.token_renew_mode,
307
+ service_worker_convert_all_requests_to_cors: v.service_worker_convert_all_requests_to_cors
308
308
  }
309
309
  },
310
310
  configurationName: n
311
- }), v = D.version;
312
- return v !== ue && (console.warn(
313
- `Service worker ${v} version mismatch with js client version ${ue}, unregistering and reloading`
314
- ), await ((x = T.service_worker_update_require_callback) == null ? void 0 : x.call(T, t, fe))), {
315
- tokens: oe(D.tokens, null, T.token_renew_mode),
316
- status: D.status
311
+ }), x = T.version;
312
+ return x !== ue && (console.warn(
313
+ `Service worker ${x} version mismatch with js client version ${ue}, unregistering and reloading`
314
+ ), await ((U = v.service_worker_update_require_callback) == null ? void 0 : U.call(v, t, fe))), {
315
+ tokens: oe(T.tokens, null, v.token_renew_mode),
316
+ status: T.status
317
317
  };
318
318
  }, r = (y = "/") => {
319
319
  _e == null && (_e = "not_null", we(y));
320
- }, l = (y) => O(t)({
320
+ }, l = (y) => P(t)({
321
321
  type: "setSessionState",
322
322
  data: { sessionState: y },
323
323
  configurationName: n
324
- }), a = async () => (await O(t)({
324
+ }), a = async () => (await P(t)({
325
325
  type: "getSessionState",
326
326
  data: null,
327
327
  configurationName: n
328
- })).sessionState, d = (y) => (sessionStorage[`oidc.nonce.${n}`] = y.nonce, O(t)({
328
+ })).sessionState, u = (y) => (sessionStorage[`oidc.nonce.${n}`] = y.nonce, P(t)({
329
329
  type: "setNonce",
330
330
  data: { nonce: y },
331
331
  configurationName: n
332
- })), _ = async () => {
333
- let w = (await O(t)({
332
+ })), f = async () => {
333
+ let S = (await P(t)({
334
334
  type: "getNonce",
335
335
  data: null,
336
336
  configurationName: n
337
337
  })).nonce;
338
- return w || (w = sessionStorage[`oidc.nonce.${n}`], console.warn("nonce not found in service worker, using sessionStorage")), { nonce: w };
338
+ return S || (S = sessionStorage[`oidc.nonce.${n}`], console.warn("nonce not found in service worker, using sessionStorage")), { nonce: S };
339
339
  }, c = {};
340
340
  return {
341
341
  clearAsync: o,
@@ -344,8 +344,8 @@ const X = ({ milliseconds: e }) => new Promise((n) => U.setTimeout(n, e)), we =
344
344
  isServiceWorkerProxyActiveAsync: () => Le(e.service_worker_keep_alive_path),
345
345
  setSessionStateAsync: l,
346
346
  getSessionStateAsync: a,
347
- setNonceAsync: d,
348
- getNonceAsync: _,
347
+ setNonceAsync: u,
348
+ getNonceAsync: f,
349
349
  setLoginParams: (y) => {
350
350
  c[n] = y, localStorage[`oidc.login.${n}`] = JSON.stringify(y);
351
351
  },
@@ -354,53 +354,53 @@ const X = ({ milliseconds: e }) => new Promise((n) => U.setTimeout(n, e)), we =
354
354
  return c[n] || (c[n] = JSON.parse(y)), c[n];
355
355
  },
356
356
  getStateAsync: async () => {
357
- let w = (await O(t)({
357
+ let S = (await P(t)({
358
358
  type: "getState",
359
359
  data: null,
360
360
  configurationName: n
361
361
  })).state;
362
- return w || (w = sessionStorage[`oidc.state.${n}`], console.warn("state not found in service worker, using sessionStorage")), w;
362
+ return S || (S = sessionStorage[`oidc.state.${n}`], console.warn("state not found in service worker, using sessionStorage")), S;
363
363
  },
364
- setStateAsync: async (y) => (sessionStorage[`oidc.state.${n}`] = y, O(t)({
364
+ setStateAsync: async (y) => (sessionStorage[`oidc.state.${n}`] = y, P(t)({
365
365
  type: "setState",
366
366
  data: { state: y },
367
367
  configurationName: n
368
368
  })),
369
369
  getCodeVerifierAsync: async () => {
370
- let w = (await O(t)({
370
+ let S = (await P(t)({
371
371
  type: "getCodeVerifier",
372
372
  data: null,
373
373
  configurationName: n
374
374
  })).codeVerifier;
375
- return w || (w = sessionStorage[`oidc.code_verifier.${n}`], console.warn("codeVerifier not found in service worker, using sessionStorage")), w;
375
+ return S || (S = sessionStorage[`oidc.code_verifier.${n}`], console.warn("codeVerifier not found in service worker, using sessionStorage")), S;
376
376
  },
377
- setCodeVerifierAsync: async (y) => (sessionStorage[`oidc.code_verifier.${n}`] = y, O(t)({
377
+ setCodeVerifierAsync: async (y) => (sessionStorage[`oidc.code_verifier.${n}`] = y, P(t)({
378
378
  type: "setCodeVerifier",
379
379
  data: { codeVerifier: y },
380
380
  configurationName: n
381
381
  })),
382
382
  setDemonstratingProofOfPossessionNonce: async (y) => {
383
- await O(t)({
383
+ await P(t)({
384
384
  type: "setDemonstratingProofOfPossessionNonce",
385
385
  data: { demonstratingProofOfPossessionNonce: y },
386
386
  configurationName: n
387
387
  });
388
388
  },
389
- getDemonstratingProofOfPossessionNonce: async () => (await O(t)({
389
+ getDemonstratingProofOfPossessionNonce: async () => (await P(t)({
390
390
  type: "getDemonstratingProofOfPossessionNonce",
391
391
  data: null,
392
392
  configurationName: n
393
393
  })).demonstratingProofOfPossessionNonce,
394
394
  setDemonstratingProofOfPossessionJwkAsync: async (y) => {
395
- const w = JSON.stringify(y);
396
- await O(t)({
395
+ const S = JSON.stringify(y);
396
+ await P(t)({
397
397
  type: "setDemonstratingProofOfPossessionJwk",
398
- data: { demonstratingProofOfPossessionJwkJson: w },
398
+ data: { demonstratingProofOfPossessionJwkJson: S },
399
399
  configurationName: n
400
400
  });
401
401
  },
402
402
  getDemonstratingProofOfPossessionJwkAsync: async () => {
403
- const y = await O(t)({
403
+ const y = await P(t)({
404
404
  type: "getDemonstratingProofOfPossessionJwk",
405
405
  data: null,
406
406
  configurationName: n
@@ -408,16 +408,16 @@ const X = ({ milliseconds: e }) => new Promise((n) => U.setTimeout(n, e)), we =
408
408
  return y.demonstratingProofOfPossessionJwkJson ? JSON.parse(y.demonstratingProofOfPossessionJwkJson) : null;
409
409
  }
410
410
  };
411
- }, $ = {}, $e = (e, n = window.sessionStorage, s) => {
412
- if (!$[e] && n) {
411
+ }, R = {}, $e = (e, n = window.sessionStorage, s) => {
412
+ if (!R[e] && n) {
413
413
  const o = n.getItem(e);
414
- o && ($[e] = JSON.parse(o));
414
+ o && (R[e] = JSON.parse(o));
415
415
  }
416
416
  const t = 1e3 * s;
417
- return $[e] && $[e].timestamp + t > Date.now() ? $[e].result : null;
417
+ return R[e] && R[e].timestamp + t > Date.now() ? R[e].result : null;
418
418
  }, Ke = (e, n, s = window.sessionStorage) => {
419
419
  const t = Date.now();
420
- $[e] = { result: n, timestamp: t }, s && s.setItem(e, JSON.stringify({ result: n, timestamp: t }));
420
+ R[e] = { result: n, timestamp: t }, s && s.setItem(e, JSON.stringify({ result: n, timestamp: t }));
421
421
  };
422
422
  function Ae(e) {
423
423
  return new TextEncoder().encode(e);
@@ -470,8 +470,8 @@ const Fe = {
470
470
  // @ts-ignore
471
471
  // JWT "claims" are really a JSON-defined JWS "payload"
472
472
  payload: de(JSON.stringify(t))
473
- }, l = o.importKeyAlgorithm, a = !0, d = ["sign"], _ = await e.crypto.subtle.importKey("jwk", n, l, a, d), c = Ae(`${r.protected}.${r.payload}`), u = o.signAlgorithm, f = await e.crypto.subtle.sign(u, _, c);
474
- return r.signature = ie(new Uint8Array(f)), `${r.protected}.${r.payload}.${r.signature}`;
473
+ }, l = o.importKeyAlgorithm, a = !0, u = ["sign"], f = await e.crypto.subtle.importKey("jwk", n, l, a, u), c = Ae(`${r.protected}.${r.payload}`), _ = o.signAlgorithm, d = await e.crypto.subtle.sign(_, f, c);
474
+ return r.signature = ie(new Uint8Array(d)), `${r.protected}.${r.payload}.${r.signature}`;
475
475
  }, Je = { sign: Ve }, Me = (e) => async (n) => {
476
476
  const s = n, t = !0, o = ["sign", "verify"], i = await e.crypto.subtle.generateKey(s, t, o);
477
477
  return await e.crypto.subtle.exportKey("jwk", i.privateKey);
@@ -522,20 +522,20 @@ const Fe = {
522
522
  }, ve = () => {
523
523
  const e = typeof window < "u" && !!window.crypto, n = e && !!window.crypto.subtle;
524
524
  return { hasCrypto: e, hasSubtleCrypto: n };
525
- }, Z = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", Xe = (e) => {
525
+ }, Q = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", Xe = (e) => {
526
526
  const n = [];
527
527
  for (let s = 0; s < e.byteLength; s += 1) {
528
- const t = e[s] % Z.length;
529
- n.push(Z[t]);
528
+ const t = e[s] % Q.length;
529
+ n.push(Q[t]);
530
530
  }
531
531
  return n.join("");
532
- }, ee = (e) => {
532
+ }, Z = (e) => {
533
533
  const n = new Uint8Array(e), { hasCrypto: s } = ve();
534
534
  if (s)
535
535
  window.crypto.getRandomValues(n);
536
536
  else
537
537
  for (let t = 0; t < e; t += 1)
538
- n[t] = Math.random() * Z.length | 0;
538
+ n[t] = Math.random() * Q.length | 0;
539
539
  return Xe(n);
540
540
  };
541
541
  function ze(e) {
@@ -564,8 +564,8 @@ const Qe = (e) => {
564
564
  const a = await B(e)(i, {}, o);
565
565
  if (a.status !== 200)
566
566
  return null;
567
- const d = await a.json();
568
- return Ke(r, d, t), new se(d);
567
+ const u = await a.json();
568
+ return Ke(r, u, t), new se(u);
569
569
  }, B = (e) => async (n, s = {}, t = 1e4, o = 0) => {
570
570
  let i;
571
571
  try {
@@ -580,23 +580,23 @@ const Qe = (e) => {
580
580
  throw console.error(r.message), r;
581
581
  }
582
582
  return i;
583
- }, ne = {
583
+ }, ee = {
584
584
  refresh_token: "refresh_token",
585
585
  access_token: "access_token"
586
- }, he = (e) => async (n, s, t = ne.refresh_token, o, i = {}, r = 1e4) => {
586
+ }, he = (e) => async (n, s, t = ee.refresh_token, o, i = {}, r = 1e4) => {
587
587
  const l = {
588
588
  token: s,
589
589
  token_type_hint: t,
590
590
  client_id: o
591
591
  };
592
- for (const [c, u] of Object.entries(i))
593
- l[c] === void 0 && (l[c] = u);
592
+ for (const [c, _] of Object.entries(i))
593
+ l[c] === void 0 && (l[c] = _);
594
594
  const a = [];
595
595
  for (const c in l) {
596
- const u = encodeURIComponent(c), f = encodeURIComponent(l[c]);
597
- a.push(`${u}=${f}`);
596
+ const _ = encodeURIComponent(c), d = encodeURIComponent(l[c]);
597
+ a.push(`${_}=${d}`);
598
598
  }
599
- const d = a.join("&");
599
+ const u = a.join("&");
600
600
  return (await B(e)(
601
601
  n,
602
602
  {
@@ -604,21 +604,21 @@ const Qe = (e) => {
604
604
  headers: {
605
605
  "Content-Type": "application/x-www-form-urlencoded;charset=UTF-8"
606
606
  },
607
- body: d
607
+ body: u
608
608
  },
609
609
  r
610
610
  )).status !== 200 ? { success: !1 } : {
611
611
  success: !0
612
612
  };
613
613
  }, nn = (e) => async (n, s, t, o, i = {}, r, l = 1e4) => {
614
- for (const [f, g] of Object.entries(t))
615
- s[f] === void 0 && (s[f] = g);
614
+ for (const [d, g] of Object.entries(t))
615
+ s[d] === void 0 && (s[d] = g);
616
616
  const a = [];
617
- for (const f in s) {
618
- const g = encodeURIComponent(f), p = encodeURIComponent(s[f]);
617
+ for (const d in s) {
618
+ const g = encodeURIComponent(d), p = encodeURIComponent(s[d]);
619
619
  a.push(`${g}=${p}`);
620
620
  }
621
- const d = a.join("&"), _ = await B(e)(
621
+ const u = a.join("&"), f = await B(e)(
622
622
  n,
623
623
  {
624
624
  method: "POST",
@@ -626,29 +626,29 @@ const Qe = (e) => {
626
626
  "Content-Type": "application/x-www-form-urlencoded;charset=UTF-8",
627
627
  ...i
628
628
  },
629
- body: d
629
+ body: u
630
630
  },
631
631
  l
632
632
  );
633
- if (_.status !== 200)
633
+ if (f.status !== 200)
634
634
  return {
635
635
  success: !1,
636
- status: _.status,
636
+ status: f.status,
637
637
  demonstratingProofOfPossessionNonce: null
638
638
  };
639
- const c = await _.json();
640
- let u = null;
641
- return _.headers.has(G) && (u = _.headers.get(
639
+ const c = await f.json();
640
+ let _ = null;
641
+ return f.headers.has(G) && (_ = f.headers.get(
642
642
  G
643
643
  )), {
644
644
  success: !0,
645
- status: _.status,
645
+ status: f.status,
646
646
  data: oe(c, o, r),
647
- demonstratingProofOfPossessionNonce: u
647
+ demonstratingProofOfPossessionNonce: _
648
648
  };
649
649
  }, sn = (e, n) => async (s, t) => {
650
650
  t = t ? { ...t } : {};
651
- const o = ee(128), i = await Qe(o);
651
+ const o = Z(128), i = await Qe(o);
652
652
  await e.setCodeVerifierAsync(o), await e.setStateAsync(t.state), t.code_challenge = i, t.code_challenge_method = "S256";
653
653
  let r = "";
654
654
  if (t)
@@ -659,8 +659,8 @@ const Qe = (e) => {
659
659
  s = s ? { ...s } : {}, s.code_verifier = await e.getCodeVerifierAsync();
660
660
  const r = [];
661
661
  for (const c in s) {
662
- const u = encodeURIComponent(c), f = encodeURIComponent(s[c]);
663
- r.push(`${u}=${f}`);
662
+ const _ = encodeURIComponent(c), d = encodeURIComponent(s[c]);
663
+ r.push(`${_}=${d}`);
664
664
  }
665
665
  const l = r.join("&"), a = await B(fetch)(
666
666
  n,
@@ -676,17 +676,17 @@ const Qe = (e) => {
676
676
  );
677
677
  if (await Promise.all([e.setCodeVerifierAsync(null), e.setStateAsync(null)]), a.status !== 200)
678
678
  return { success: !1, status: a.status };
679
- let d = null;
680
- a.headers.has(G) && (d = a.headers.get(
679
+ let u = null;
680
+ a.headers.has(G) && (u = a.headers.get(
681
681
  G
682
682
  ));
683
- const _ = await a.json();
683
+ const f = await a.json();
684
684
  return {
685
685
  success: !0,
686
686
  data: {
687
687
  state: s.state,
688
- tokens: oe(_, null, o),
689
- demonstratingProofOfPossessionNonce: d
688
+ tokens: oe(f, null, o),
689
+ demonstratingProofOfPossessionNonce: u
690
690
  }
691
691
  };
692
692
  };
@@ -700,12 +700,12 @@ async function ye(e, n, s, t = null) {
700
700
  s,
701
701
  t
702
702
  );
703
- return await I(e.configuration, e.configurationName) || await P(e.configurationName, e.configuration.storage).setTokens(e.tokens), e.tokens ? i : (await e.destroyAsync(r), null);
703
+ return await C(e.configuration, e.configurationName) || await I(e.configurationName, e.configuration.storage).setTokens(e.tokens), e.tokens ? i : (await e.destroyAsync(r), null);
704
704
  }
705
705
  async function Ee(e, n = !1, s = null, t = null) {
706
706
  const o = e.configuration, i = `${o.client_id}_${e.configurationName}_${o.authority}`;
707
707
  let r;
708
- const l = await I(e.configuration, e.configurationName);
708
+ const l = await C(e.configuration, e.configurationName);
709
709
  if ((o == null ? void 0 : o.storage) === (window == null ? void 0 : window.sessionStorage) && !l || !navigator.locks)
710
710
  r = await ye(e, n, s, t);
711
711
  else {
@@ -714,7 +714,7 @@ async function Ee(e, n = !1, s = null, t = null) {
714
714
  a = await navigator.locks.request(
715
715
  i,
716
716
  { ifAvailable: !0 },
717
- async (d) => d ? await ye(e, n, s, t) : (e.publishEvent(N.eventNames.syncTokensAsync_lock_not_available, {
717
+ async (u) => u ? await ye(e, n, s, t) : (e.publishEvent(N.eventNames.syncTokensAsync_lock_not_available, {
718
718
  lock: "lock not available"
719
719
  }), "retry")
720
720
  );
@@ -724,7 +724,7 @@ async function Ee(e, n = !1, s = null, t = null) {
724
724
  }
725
725
  const M = (e, n, s = null, t = null) => {
726
726
  const o = e.configuration.refresh_time_before_tokens_expiration_in_second;
727
- return e.timeoutId && U.clearTimeout(e.timeoutId), U.setTimeout(async () => {
727
+ return e.timeoutId && K.clearTimeout(e.timeoutId), K.setTimeout(async () => {
728
728
  const r = { timeLeft: F(o, n) };
729
729
  e.publishEvent(N.eventNames.token_timer, r), await Ee(e, !1, s, t);
730
730
  }, 1e3);
@@ -744,9 +744,9 @@ const M = (e, n, s = null, t = null) => {
744
744
  const l = await e.initAsync(
745
745
  n.authority,
746
746
  n.authority_configuration
747
- ), a = await I(n, s);
747
+ ), a = await C(n, s);
748
748
  if (a) {
749
- const { status: c, tokens: u } = await a.initAsync(
749
+ const { status: c, tokens: _ } = await a.initAsync(
750
750
  l,
751
751
  "syncTokensAsync",
752
752
  n
@@ -755,70 +755,70 @@ const M = (e, n, s = null, t = null) => {
755
755
  return { tokens: null, status: "LOGOUT_FROM_ANOTHER_TAB", nonce: i };
756
756
  if (c === "SESSIONS_LOST")
757
757
  return { tokens: null, status: "SESSIONS_LOST", nonce: i };
758
- if (!c || !u)
758
+ if (!c || !_)
759
759
  return { tokens: null, status: "REQUIRE_SYNC_TOKENS", nonce: i };
760
- if (u.issuedAt !== t.issuedAt) {
760
+ if (_.issuedAt !== t.issuedAt) {
761
761
  const g = F(
762
762
  n.refresh_time_before_tokens_expiration_in_second,
763
- u.expiresAt
763
+ _.expiresAt
764
764
  ) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", p = await a.getNonceAsync();
765
- return { tokens: u, status: g, nonce: p };
765
+ return { tokens: _, status: g, nonce: p };
766
766
  }
767
767
  r = await a.getNonceAsync();
768
768
  } else {
769
- const c = P(s, n.storage ?? sessionStorage), u = await c.initAsync();
770
- let { tokens: f } = u;
771
- const { status: g } = u;
772
- if (f && (f = te(f, e.tokens, n.token_renew_mode)), f) {
769
+ const c = I(s, n.storage ?? sessionStorage), _ = await c.initAsync();
770
+ let { tokens: d } = _;
771
+ const { status: g } = _;
772
+ if (d && (d = te(d, e.tokens, n.token_renew_mode)), d) {
773
773
  if (g === "SESSIONS_LOST")
774
774
  return { tokens: null, status: "SESSIONS_LOST", nonce: i };
775
- if (f.issuedAt !== t.issuedAt) {
776
- const k = F(
775
+ if (d.issuedAt !== t.issuedAt) {
776
+ const m = F(
777
777
  n.refresh_time_before_tokens_expiration_in_second,
778
- f.expiresAt
779
- ) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", E = await c.getNonceAsync();
780
- return { tokens: f, status: k, nonce: E };
778
+ d.expiresAt
779
+ ) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", b = await c.getNonceAsync();
780
+ return { tokens: d, status: m, nonce: b };
781
781
  }
782
782
  } else return { tokens: null, status: "LOGOUT_FROM_ANOTHER_TAB", nonce: i };
783
783
  r = await c.getNonceAsync();
784
784
  }
785
- const _ = F(
785
+ const f = F(
786
786
  n.refresh_time_before_tokens_expiration_in_second,
787
787
  t.expiresAt
788
788
  ) > 0 ? "TOKENS_VALID" : "TOKENS_INVALID";
789
- return o ? { tokens: t, status: "FORCE_REFRESH", nonce: r } : { tokens: t, status: _, nonce: r };
789
+ return o ? { tokens: t, status: "FORCE_REFRESH", nonce: r } : { tokens: t, status: f, nonce: r };
790
790
  }, H = (e) => async (n, s = 0, t = !1, o = null, i = null) => {
791
791
  if (!navigator.onLine && document.hidden)
792
792
  return { tokens: e.tokens, status: "GIVE_UP" };
793
793
  let r = 6;
794
794
  for (; !navigator.onLine && r > 0; )
795
- await X({ milliseconds: 1e3 }), r--, e.publishEvent(m.refreshTokensAsync, {
795
+ await Y({ milliseconds: 1e3 }), r--, e.publishEvent(k.refreshTokensAsync, {
796
796
  message: `wait because navigator is offline try ${r}`
797
797
  });
798
798
  const l = s + 1;
799
799
  o || (o = {});
800
- const a = e.configuration, d = (c, u = null, f = null) => re(
800
+ const a = e.configuration, u = (c, _ = null, d = null) => re(
801
801
  e.configurationName,
802
802
  e.configuration,
803
803
  e.publishEvent.bind(e)
804
- )(c, u, f), _ = async () => {
804
+ )(c, _, d), f = async () => {
805
805
  try {
806
806
  let c;
807
- const u = await I(a, e.configurationName);
808
- u ? c = u.getLoginParams() : c = P(e.configurationName, a.storage).getLoginParams();
809
- const f = await d({
807
+ const _ = await C(a, e.configurationName);
808
+ _ ? c = _.getLoginParams() : c = I(e.configurationName, a.storage).getLoginParams();
809
+ const d = await u({
810
810
  ...c.extras,
811
811
  ...o,
812
812
  prompt: "none",
813
813
  scope: i
814
814
  });
815
- return f ? f.error ? (n(null), e.publishEvent(m.refreshTokensAsync_error, {
815
+ return d ? d.error ? (n(null), e.publishEvent(k.refreshTokensAsync_error, {
816
816
  message: "refresh token silent"
817
- }), { tokens: null, status: "SESSION_LOST" }) : (n(f.tokens), e.publishEvent(N.eventNames.token_renewed, {}), { tokens: f.tokens, status: "LOGGED" }) : (n(null), e.publishEvent(m.refreshTokensAsync_error, {
817
+ }), { tokens: null, status: "SESSION_LOST" }) : (n(d.tokens), e.publishEvent(N.eventNames.token_renewed, {}), { tokens: d.tokens, status: "LOGGED" }) : (n(null), e.publishEvent(k.refreshTokensAsync_error, {
818
818
  message: "refresh token silent not active"
819
819
  }), { tokens: null, status: "SESSION_LOST" });
820
820
  } catch (c) {
821
- return console.error(c), e.publishEvent(m.refreshTokensAsync_silent_error, {
821
+ return console.error(c), e.publishEvent(k.refreshTokensAsync_silent_error, {
822
822
  message: "exceptionSilent",
823
823
  exception: c.message
824
824
  }), await H(e)(
@@ -831,7 +831,7 @@ const M = (e, n, s = null, t = null) => {
831
831
  }
832
832
  };
833
833
  try {
834
- const { status: c, tokens: u, nonce: f } = await on(e)(
834
+ const { status: c, tokens: _, nonce: d } = await on(e)(
835
835
  a,
836
836
  e.configurationName,
837
837
  e.tokens,
@@ -839,86 +839,86 @@ const M = (e, n, s = null, t = null) => {
839
839
  );
840
840
  switch (c) {
841
841
  case W.SESSION_LOST:
842
- return n(null), e.publishEvent(m.refreshTokensAsync_error, {
842
+ return n(null), e.publishEvent(k.refreshTokensAsync_error, {
843
843
  message: "refresh token session lost"
844
844
  }), { tokens: null, status: "SESSION_LOST" };
845
845
  case W.NOT_CONNECTED:
846
846
  return n(null), { tokens: null, status: null };
847
847
  case W.TOKENS_VALID:
848
- return n(u), { tokens: u, status: "LOGGED_IN" };
848
+ return n(_), { tokens: _, status: "LOGGED_IN" };
849
849
  case W.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:
850
- return n(u), e.publishEvent(N.eventNames.token_renewed, {
850
+ return n(_), e.publishEvent(N.eventNames.token_renewed, {
851
851
  reason: "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID"
852
- }), { tokens: u, status: "LOGGED_IN" };
852
+ }), { tokens: _, status: "LOGGED_IN" };
853
853
  case W.LOGOUT_FROM_ANOTHER_TAB:
854
- return n(null), e.publishEvent(m.logout_from_another_tab, {
854
+ return n(null), e.publishEvent(k.logout_from_another_tab, {
855
855
  status: "session syncTokensAsync"
856
856
  }), { tokens: null, status: "LOGGED_OUT" };
857
857
  case W.REQUIRE_SYNC_TOKENS:
858
- return a.token_automatic_renew_mode == J.AutomaticOnlyWhenFetchExecuted && W.FORCE_REFRESH !== c ? (e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh, {}), { tokens: e.tokens, status: "GIVE_UP" }) : (e.publishEvent(m.refreshTokensAsync_begin, { tryNumber: s }), await _());
858
+ return a.token_automatic_renew_mode == J.AutomaticOnlyWhenFetchExecuted && W.FORCE_REFRESH !== c ? (e.publishEvent(k.tokensInvalidAndWaitingActionsToRefresh, {}), { tokens: e.tokens, status: "GIVE_UP" }) : (e.publishEvent(k.refreshTokensAsync_begin, { tryNumber: s }), await f());
859
859
  default: {
860
860
  if (a.token_automatic_renew_mode == J.AutomaticOnlyWhenFetchExecuted && W.FORCE_REFRESH !== c)
861
- return e.publishEvent(m.tokensInvalidAndWaitingActionsToRefresh, {}), { tokens: e.tokens, status: "GIVE_UP" };
862
- if (e.publishEvent(m.refreshTokensAsync_begin, {
863
- refreshToken: u.refreshToken,
861
+ return e.publishEvent(k.tokensInvalidAndWaitingActionsToRefresh, {}), { tokens: e.tokens, status: "GIVE_UP" };
862
+ if (e.publishEvent(k.refreshTokensAsync_begin, {
863
+ refreshToken: _.refreshToken,
864
864
  status: c,
865
865
  tryNumber: s
866
- }), !u.refreshToken)
867
- return await _();
868
- const g = a.client_id, p = a.redirect_uri, k = a.authority, b = { ...a.token_request_extras ? a.token_request_extras : {} };
869
- for (const [S, h] of Object.entries(o))
870
- S.endsWith(":token_request") && (b[S.replace(":token_request", "")] = h);
866
+ }), !_.refreshToken)
867
+ return await f();
868
+ const g = a.client_id, p = a.redirect_uri, m = a.authority, E = { ...a.token_request_extras ? a.token_request_extras : {} };
869
+ for (const [A, h] of Object.entries(o))
870
+ A.endsWith(":token_request") && (E[A.replace(":token_request", "")] = h);
871
871
  return await (async () => {
872
- const S = {
872
+ const A = {
873
873
  client_id: g,
874
874
  redirect_uri: p,
875
875
  grant_type: "refresh_token",
876
- refresh_token: u.refreshToken
876
+ refresh_token: _.refreshToken
877
877
  }, h = await e.initAsync(
878
- k,
878
+ m,
879
879
  a.authority_configuration
880
- ), C = document.hidden ? 1e4 : 3e4 * 10, y = h.tokenEndpoint, w = {};
881
- a.demonstrating_proof_of_possession && (w.DPoP = await e.generateDemonstrationOfProofOfPossessionAsync(
882
- u.accessToken,
880
+ ), O = document.hidden ? 1e4 : 3e4 * 10, y = h.tokenEndpoint, S = {};
881
+ a.demonstrating_proof_of_possession && (S.DPoP = await e.generateDemonstrationOfProofOfPossessionAsync(
882
+ _.accessToken,
883
883
  y,
884
884
  "POST"
885
885
  ));
886
- const T = await nn(e.getFetch())(
886
+ const v = await nn(e.getFetch())(
887
887
  y,
888
+ A,
889
+ E,
890
+ _,
888
891
  S,
889
- b,
890
- u,
891
- w,
892
892
  a.token_renew_mode,
893
- C
893
+ O
894
894
  );
895
- if (T.success) {
896
- const { isValid: D, reason: v } = pe(
897
- T.data,
898
- f.nonce,
895
+ if (v.success) {
896
+ const { isValid: T, reason: x } = pe(
897
+ v.data,
898
+ d.nonce,
899
899
  h
900
900
  );
901
- if (!D)
902
- return n(null), e.publishEvent(m.refreshTokensAsync_error, {
903
- message: `refresh token return not valid tokens, reason: ${v}`
901
+ if (!T)
902
+ return n(null), e.publishEvent(k.refreshTokensAsync_error, {
903
+ message: `refresh token return not valid tokens, reason: ${x}`
904
904
  }), { tokens: null, status: "SESSION_LOST" };
905
- if (n(T.data), T.demonstratingProofOfPossessionNonce) {
906
- const x = await I(a, e.configurationName);
907
- x ? await x.setDemonstratingProofOfPossessionNonce(
908
- T.demonstratingProofOfPossessionNonce
909
- ) : await P(e.configurationName, a.storage).setDemonstratingProofOfPossessionNonce(
910
- T.demonstratingProofOfPossessionNonce
905
+ if (n(v.data), v.demonstratingProofOfPossessionNonce) {
906
+ const U = await C(a, e.configurationName);
907
+ U ? await U.setDemonstratingProofOfPossessionNonce(
908
+ v.demonstratingProofOfPossessionNonce
909
+ ) : await I(e.configurationName, a.storage).setDemonstratingProofOfPossessionNonce(
910
+ v.demonstratingProofOfPossessionNonce
911
911
  );
912
912
  }
913
- return e.publishEvent(m.refreshTokensAsync_end, {
914
- success: T.success
915
- }), e.publishEvent(N.eventNames.token_renewed, { reason: "REFRESH_TOKEN" }), { tokens: T.data, status: "LOGGED_IN" };
913
+ return e.publishEvent(k.refreshTokensAsync_end, {
914
+ success: v.success
915
+ }), e.publishEvent(N.eventNames.token_renewed, { reason: "REFRESH_TOKEN" }), { tokens: v.data, status: "LOGGED_IN" };
916
916
  } else
917
- return e.publishEvent(m.refreshTokensAsync_silent_error, {
917
+ return e.publishEvent(k.refreshTokensAsync_silent_error, {
918
918
  message: "bad request",
919
- tokenResponse: T
920
- }), T.status >= 400 && T.status < 500 ? (n(null), e.publishEvent(m.refreshTokensAsync_error, {
921
- message: `session lost: ${T.status}`
919
+ tokenResponse: v
920
+ }), v.status >= 400 && v.status < 500 ? (n(null), e.publishEvent(k.refreshTokensAsync_error, {
921
+ message: `session lost: ${v.status}`
922
922
  }), { tokens: null, status: "SESSION_LOST" }) : await H(e)(
923
923
  n,
924
924
  l,
@@ -930,12 +930,12 @@ const M = (e, n, s = null, t = null) => {
930
930
  }
931
931
  }
932
932
  } catch (c) {
933
- return console.error(c), e.publishEvent(m.refreshTokensAsync_silent_error, {
933
+ return console.error(c), e.publishEvent(k.refreshTokensAsync_silent_error, {
934
934
  message: "exception",
935
935
  exception: c.message
936
- }), new Promise((u, f) => {
936
+ }), new Promise((_, d) => {
937
937
  setTimeout(() => {
938
- H(e)(n, l, t, o, i).then(u).catch(f);
938
+ H(e)(n, l, t, o, i).then(_).catch(d);
939
939
  }, 1e3);
940
940
  });
941
941
  }
@@ -943,102 +943,102 @@ const M = (e, n, s = null, t = null) => {
943
943
  if (!n.silent_redirect_uri || !n.silent_login_uri)
944
944
  return Promise.resolve(null);
945
945
  try {
946
- s(m.silentLoginAsync_begin, {});
946
+ s(k.silentLoginAsync_begin, {});
947
947
  let r = "";
948
948
  if (o && (t == null && (t = {}), t.state = o), i != null && (t == null && (t = {}), t.scope = i), t != null)
949
- for (const [c, u] of Object.entries(t))
950
- r === "" ? r = `?${encodeURIComponent(c)}=${encodeURIComponent(u)}` : r += `&${encodeURIComponent(c)}=${encodeURIComponent(u)}`;
951
- const l = n.silent_login_uri + r, a = l.indexOf("/", l.indexOf("//") + 2), d = l.substring(0, a), _ = document.createElement("iframe");
952
- return _.width = "0px", _.height = "0px", _.id = `${e}_oidc_iframe`, _.setAttribute("src", l), document.body.appendChild(_), new Promise((c, u) => {
953
- let f = !1;
949
+ for (const [c, _] of Object.entries(t))
950
+ r === "" ? r = `?${encodeURIComponent(c)}=${encodeURIComponent(_)}` : r += `&${encodeURIComponent(c)}=${encodeURIComponent(_)}`;
951
+ const l = n.silent_login_uri + r, a = l.indexOf("/", l.indexOf("//") + 2), u = l.substring(0, a), f = document.createElement("iframe");
952
+ return f.width = "0px", f.height = "0px", f.id = `${e}_oidc_iframe`, f.setAttribute("src", l), document.body.appendChild(f), new Promise((c, _) => {
953
+ let d = !1;
954
954
  const g = () => {
955
- window.removeEventListener("message", p), _.remove(), f = !0;
956
- }, p = (k) => {
957
- if (k.origin === d && k.source === _.contentWindow) {
958
- const E = `${e}_oidc_tokens:`, b = `${e}_oidc_error:`, A = `${e}_oidc_exception:`, S = k.data;
959
- if (S && typeof S == "string" && !f) {
960
- if (S.startsWith(E)) {
961
- const h = JSON.parse(k.data.replace(E, ""));
962
- s(m.silentLoginAsync_end, {}), c(h), g();
963
- } else if (S.startsWith(b)) {
964
- const h = JSON.parse(k.data.replace(b, ""));
965
- s(m.silentLoginAsync_error, h), c({ error: "oidc_" + h.error, tokens: null, sessionState: null }), g();
966
- } else if (S.startsWith(A)) {
967
- const h = JSON.parse(k.data.replace(A, ""));
968
- s(m.silentLoginAsync_error, h), u(new Error(h.error)), g();
955
+ window.removeEventListener("message", p), f.remove(), d = !0;
956
+ }, p = (m) => {
957
+ if (m.origin === u && m.source === f.contentWindow) {
958
+ const b = `${e}_oidc_tokens:`, E = `${e}_oidc_error:`, w = `${e}_oidc_exception:`, A = m.data;
959
+ if (A && typeof A == "string" && !d) {
960
+ if (A.startsWith(b)) {
961
+ const h = JSON.parse(m.data.replace(b, ""));
962
+ s(k.silentLoginAsync_end, {}), c(h), g();
963
+ } else if (A.startsWith(E)) {
964
+ const h = JSON.parse(m.data.replace(E, ""));
965
+ s(k.silentLoginAsync_error, h), c({ error: "oidc_" + h.error, tokens: null, sessionState: null }), g();
966
+ } else if (A.startsWith(w)) {
967
+ const h = JSON.parse(m.data.replace(w, ""));
968
+ s(k.silentLoginAsync_error, h), _(new Error(h.error)), g();
969
969
  }
970
970
  }
971
971
  }
972
972
  };
973
973
  try {
974
974
  window.addEventListener("message", p);
975
- const k = n.silent_login_timeout;
975
+ const m = n.silent_login_timeout;
976
976
  setTimeout(() => {
977
- f || (g(), s(m.silentLoginAsync_error, { reason: "timeout" }), u(new Error("timeout")));
978
- }, k);
979
- } catch (k) {
980
- g(), s(m.silentLoginAsync_error, k), u(k);
977
+ d || (g(), s(k.silentLoginAsync_error, { reason: "timeout" }), _(new Error("timeout")));
978
+ }, m);
979
+ } catch (m) {
980
+ g(), s(k.silentLoginAsync_error, m), _(m);
981
981
  }
982
982
  });
983
983
  } catch (r) {
984
- throw s(m.silentLoginAsync_error, r), r;
984
+ throw s(k.silentLoginAsync_error, r), r;
985
985
  }
986
986
  }, rn = (e, n, s, t, o) => (i = null, r = void 0) => {
987
987
  i = { ...i };
988
- const l = (d, _, c) => re(n, s, t.bind(o))(
989
- d,
990
- _,
988
+ const l = (u, f, c) => re(n, s, t.bind(o))(
989
+ u,
990
+ f,
991
991
  c
992
992
  );
993
993
  return (async () => {
994
- o.timeoutId && U.clearTimeout(o.timeoutId);
995
- let d;
996
- i && "state" in i && (d = i.state, delete i.state);
994
+ o.timeoutId && K.clearTimeout(o.timeoutId);
995
+ let u;
996
+ i && "state" in i && (u = i.state, delete i.state);
997
997
  try {
998
- const _ = s.extras ? { ...s.extras, ...i } : i, c = await l(
998
+ const f = s.extras ? { ...s.extras, ...i } : i, c = await l(
999
999
  {
1000
- ..._,
1000
+ ...f,
1001
1001
  prompt: "none"
1002
1002
  },
1003
- d,
1003
+ u,
1004
1004
  r
1005
1005
  );
1006
1006
  if (c)
1007
- return o.tokens = c.tokens, t(m.token_acquired, {}), o.timeoutId = M(o, o.tokens.expiresAt, i, r), {};
1008
- } catch (_) {
1009
- return _;
1007
+ return o.tokens = c.tokens, t(k.token_acquired, {}), o.timeoutId = M(o, o.tokens.expiresAt, i, r), {};
1008
+ } catch (f) {
1009
+ return f;
1010
1010
  }
1011
1011
  })();
1012
1012
  }, an = (e, n, s) => (t, o, i, r = !1) => {
1013
- const l = (a, d = void 0, _ = void 0) => re(e.configurationName, s, e.publishEvent.bind(e))(
1013
+ const l = (a, u = void 0, f = void 0) => re(e.configurationName, s, e.publishEvent.bind(e))(
1014
1014
  a,
1015
- d,
1016
- _
1015
+ u,
1016
+ f
1017
1017
  );
1018
- return new Promise((a, d) => {
1018
+ return new Promise((a, u) => {
1019
1019
  if (s.silent_login_uri && s.silent_redirect_uri && s.monitor_session && t && i && !r) {
1020
- const _ = () => {
1020
+ const f = () => {
1021
1021
  e.checkSessionIFrame.stop();
1022
1022
  const c = e.tokens;
1023
1023
  if (c === null)
1024
1024
  return;
1025
- const u = c.idToken, f = c.idTokenPayload;
1025
+ const _ = c.idToken, d = c.idTokenPayload;
1026
1026
  return l({
1027
1027
  prompt: "none",
1028
- id_token_hint: u,
1028
+ id_token_hint: _,
1029
1029
  scope: s.scope || "openid"
1030
1030
  }).then((g) => {
1031
1031
  if (g.error)
1032
1032
  throw new Error(g.error);
1033
1033
  const p = g.tokens.idTokenPayload;
1034
- if (f.sub === p.sub) {
1035
- const k = g.sessionState;
1036
- e.checkSessionIFrame.start(g.sessionState), f.sid === p.sid ? console.debug(
1034
+ if (d.sub === p.sub) {
1035
+ const m = g.sessionState;
1036
+ e.checkSessionIFrame.start(g.sessionState), d.sid === p.sid ? console.debug(
1037
1037
  "SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",
1038
- k
1038
+ m
1039
1039
  ) : console.debug(
1040
1040
  "SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:",
1041
- k
1041
+ m
1042
1042
  );
1043
1043
  } else
1044
1044
  console.debug(
@@ -1051,17 +1051,17 @@ const M = (e, n, s = null, t = null) => {
1051
1051
  g
1052
1052
  );
1053
1053
  for (const [, p] of Object.entries(n))
1054
- await p.logoutOtherTabAsync(s.client_id, f.sub);
1054
+ await p.logoutOtherTabAsync(s.client_id, d.sub);
1055
1055
  });
1056
1056
  };
1057
1057
  e.checkSessionIFrame = new Ie(
1058
- _,
1058
+ f,
1059
1059
  o,
1060
1060
  t
1061
1061
  ), e.checkSessionIFrame.load().then(() => {
1062
1062
  e.checkSessionIFrame.start(i), a(e.checkSessionIFrame);
1063
1063
  }).catch((c) => {
1064
- d(c);
1064
+ u(c);
1065
1065
  });
1066
1066
  } else
1067
1067
  a(null);
@@ -1154,13 +1154,13 @@ const _n = () => {
1154
1154
  let n;
1155
1155
  if (e.tokens != null)
1156
1156
  return !1;
1157
- e.publishEvent(m.tryKeepExistingSessionAsync_begin, {});
1157
+ e.publishEvent(k.tryKeepExistingSessionAsync_begin, {});
1158
1158
  try {
1159
1159
  const s = e.configuration, t = await e.initAsync(
1160
1160
  s.authority,
1161
1161
  s.authority_configuration
1162
1162
  );
1163
- if (n = await I(s, e.configurationName), n) {
1163
+ if (n = await C(s, e.configurationName), n) {
1164
1164
  const { tokens: o } = await n.initAsync(
1165
1165
  t,
1166
1166
  "tryKeepExistingSessionAsync",
@@ -1169,48 +1169,58 @@ const _n = () => {
1169
1169
  if (o) {
1170
1170
  n.startKeepAliveServiceWorker(), e.tokens = o;
1171
1171
  const i = n.getLoginParams(e.configurationName);
1172
- e.timeoutId = M(e, e.tokens.expiresAt, i.extras);
1172
+ e.timeoutId = M(
1173
+ e,
1174
+ e.tokens.expiresAt,
1175
+ i.extras,
1176
+ i.scope
1177
+ );
1173
1178
  const r = await n.getSessionStateAsync();
1174
1179
  return await e.startCheckSessionAsync(
1175
1180
  t.check_session_iframe,
1176
1181
  s.client_id,
1177
1182
  r
1178
- ), s.preload_user_info && await e.userInfoAsync(), e.publishEvent(m.tryKeepExistingSessionAsync_end, {
1183
+ ), s.preload_user_info && await e.userInfoAsync(), e.publishEvent(k.tryKeepExistingSessionAsync_end, {
1179
1184
  success: !0,
1180
1185
  message: "tokens inside ServiceWorker are valid"
1181
1186
  }), !0;
1182
1187
  }
1183
- e.publishEvent(m.tryKeepExistingSessionAsync_end, {
1188
+ e.publishEvent(k.tryKeepExistingSessionAsync_end, {
1184
1189
  success: !1,
1185
1190
  message: "no exiting session found"
1186
1191
  });
1187
1192
  } else {
1188
- s.service_worker_relative_url && e.publishEvent(m.service_worker_not_supported_by_browser, {
1193
+ s.service_worker_relative_url && e.publishEvent(k.service_worker_not_supported_by_browser, {
1189
1194
  message: "service worker is not supported by this browser"
1190
1195
  });
1191
- const o = P(e.configurationName, s.storage ?? sessionStorage), { tokens: i } = await o.initAsync();
1196
+ const o = I(e.configurationName, s.storage ?? sessionStorage), { tokens: i } = await o.initAsync();
1192
1197
  if (i) {
1193
1198
  e.tokens = te(i, null, s.token_renew_mode);
1194
1199
  const r = o.getLoginParams();
1195
- e.timeoutId = M(e, e.tokens.expiresAt, r.extras);
1200
+ e.timeoutId = M(
1201
+ e,
1202
+ e.tokens.expiresAt,
1203
+ r.extras,
1204
+ r.scope
1205
+ );
1196
1206
  const l = await o.getSessionStateAsync();
1197
1207
  return await e.startCheckSessionAsync(
1198
1208
  t.check_session_iframe,
1199
1209
  s.client_id,
1200
1210
  l
1201
- ), s.preload_user_info && await e.userInfoAsync(), e.publishEvent(m.tryKeepExistingSessionAsync_end, {
1211
+ ), s.preload_user_info && await e.userInfoAsync(), e.publishEvent(k.tryKeepExistingSessionAsync_end, {
1202
1212
  success: !0,
1203
1213
  message: "tokens inside storage are valid"
1204
1214
  }), !0;
1205
1215
  }
1206
1216
  }
1207
- return e.publishEvent(m.tryKeepExistingSessionAsync_end, {
1217
+ return e.publishEvent(k.tryKeepExistingSessionAsync_end, {
1208
1218
  success: !1,
1209
1219
  message: n ? "service worker sessions not retrieved" : "session storage sessions not retrieved"
1210
1220
  }), !1;
1211
1221
  } catch (s) {
1212
1222
  return console.error(s), n && await n.clearAsync(), e.publishEvent(
1213
- m.tryKeepExistingSessionAsync_error,
1223
+ k.tryKeepExistingSessionAsync_error,
1214
1224
  "tokens inside ServiceWorker are invalid"
1215
1225
  ), !1;
1216
1226
  }
@@ -1242,7 +1252,7 @@ const _n = () => {
1242
1252
  s.endsWith("/") && (s = s.slice(0, -1));
1243
1253
  let { hash: t } = n;
1244
1254
  return t === "#_=_" && (t = ""), t && (s += t), s;
1245
- }, Y = (e) => {
1255
+ }, ne = (e) => {
1246
1256
  const n = Oe(e), { search: s } = n;
1247
1257
  return dn(s);
1248
1258
  }, dn = (e) => {
@@ -1253,146 +1263,149 @@ const _n = () => {
1253
1263
  s = i[t].split("="), n[decodeURIComponent(s[0])] = decodeURIComponent(s[1]);
1254
1264
  return n;
1255
1265
  }, hn = (e, n, s, t, o) => (i = void 0, r = null, l = !1, a = void 0) => {
1256
- const d = r;
1266
+ const u = r;
1257
1267
  return r = { ...r }, (async () => {
1258
1268
  const c = i || o.getPath();
1259
- if ("state" in r || (r.state = ee(16)), s(m.loginAsync_begin, {}), r)
1260
- for (const u of Object.keys(r))
1261
- u.endsWith(":token_request") && delete r[u];
1269
+ if ("state" in r || (r.state = Z(16)), s(k.loginAsync_begin, {}), r)
1270
+ for (const _ of Object.keys(r))
1271
+ _.endsWith(":token_request") && delete r[_];
1262
1272
  try {
1263
- const u = l ? n.silent_redirect_uri : n.redirect_uri;
1273
+ const _ = l ? n.silent_redirect_uri : n.redirect_uri;
1264
1274
  a || (a = n.scope);
1265
- const f = n.extras ? { ...n.extras, ...r } : r;
1266
- f.nonce || (f.nonce = ee(12));
1267
- const g = { nonce: f.nonce }, p = await I(n, e), k = await t(
1275
+ const d = n.extras ? { ...n.extras, ...r } : r;
1276
+ d.nonce || (d.nonce = Z(12));
1277
+ const g = { nonce: d.nonce }, p = await C(n, e), m = await t(
1268
1278
  n.authority,
1269
1279
  n.authority_configuration
1270
1280
  );
1271
- let E;
1281
+ let b;
1272
1282
  if (p)
1273
- p.setLoginParams({ callbackPath: c, extras: d }), await p.initAsync(k, "loginAsync", n), await p.setNonceAsync(g), p.startKeepAliveServiceWorker(), E = p;
1283
+ p.setLoginParams({ callbackPath: c, extras: u, scope: a }), await p.initAsync(m, "loginAsync", n), await p.setNonceAsync(g), p.startKeepAliveServiceWorker(), b = p;
1274
1284
  else {
1275
- const A = P(e, n.storage ?? sessionStorage);
1276
- A.setLoginParams({ callbackPath: c, extras: d }), await A.setNonceAsync(g), E = A;
1285
+ const w = I(e, n.storage ?? sessionStorage);
1286
+ w.setLoginParams({ callbackPath: c, extras: u, scope: a }), await w.setNonceAsync(g), b = w;
1277
1287
  }
1278
- const b = {
1288
+ const E = {
1279
1289
  client_id: n.client_id,
1280
- redirect_uri: u,
1290
+ redirect_uri: _,
1281
1291
  scope: a,
1282
1292
  response_type: "code",
1283
- ...f
1293
+ ...d
1284
1294
  };
1285
- await sn(E, o)(
1286
- k.authorizationEndpoint,
1287
- b
1295
+ await sn(b, o)(
1296
+ m.authorizationEndpoint,
1297
+ E
1288
1298
  );
1289
- } catch (u) {
1290
- throw s(m.loginAsync_error, u), u;
1299
+ } catch (_) {
1300
+ throw s(k.loginAsync_error, _), _;
1291
1301
  }
1292
1302
  })();
1293
1303
  }, yn = (e) => async (n = !1) => {
1294
1304
  try {
1295
- e.publishEvent(m.loginCallbackAsync_begin, {});
1305
+ e.publishEvent(k.loginCallbackAsync_begin, {});
1296
1306
  const s = e.configuration, t = s.client_id, o = n ? s.silent_redirect_uri : s.redirect_uri, i = s.authority, r = s.token_request_timeout, l = await e.initAsync(
1297
1307
  i,
1298
1308
  s.authority_configuration
1299
- ), a = e.location.getCurrentHref(), _ = Y(a).session_state, c = await I(s, e.configurationName);
1300
- let u, f, g, p;
1309
+ ), a = e.location.getCurrentHref(), u = ne(a), f = u.session_state, c = await C(s, e.configurationName);
1310
+ let _, d, g, p;
1301
1311
  if (c)
1302
- await c.initAsync(l, "loginCallbackAsync", s), await c.setSessionStateAsync(_), f = await c.getNonceAsync(), g = c.getLoginParams(), p = await c.getStateAsync(), c.startKeepAliveServiceWorker(), u = c;
1312
+ await c.initAsync(l, "loginCallbackAsync", s), await c.setSessionStateAsync(f), d = await c.getNonceAsync(), g = c.getLoginParams(), p = await c.getStateAsync(), c.startKeepAliveServiceWorker(), _ = c;
1303
1313
  else {
1304
- const v = P(
1314
+ const T = I(
1305
1315
  e.configurationName,
1306
1316
  s.storage ?? sessionStorage
1307
1317
  );
1308
- await v.setSessionStateAsync(_), f = await v.getNonceAsync(), g = v.getLoginParams(), p = await v.getStateAsync(), u = v;
1318
+ await T.setSessionStateAsync(f), d = await T.getNonceAsync(), g = T.getLoginParams(), p = await T.getStateAsync(), _ = T;
1309
1319
  }
1310
- const k = Y(a);
1311
- if (k.error || k.error_description)
1312
- throw new Error(`Error from OIDC server: ${k.error} - ${k.error_description}`);
1313
- if (k.iss && k.iss !== l.issuer)
1320
+ if (u.error || u.error_description)
1321
+ throw new Error(
1322
+ `Error from OIDC server: ${u.error} - ${u.error_description}`
1323
+ );
1324
+ if (u.iss && u.iss !== l.issuer)
1314
1325
  throw console.error(), new Error(
1315
- `Issuer not valid (expected: ${l.issuer}, received: ${k.iss})`
1326
+ `Issuer not valid (expected: ${l.issuer}, received: ${u.iss})`
1316
1327
  );
1317
- if (k.state && k.state !== p)
1318
- throw new Error(`State not valid (expected: ${p}, received: ${k.state})`);
1319
- const E = {
1320
- code: k.code,
1328
+ if (u.state && u.state !== p)
1329
+ throw new Error(`State not valid (expected: ${p}, received: ${u.state})`);
1330
+ const m = {
1331
+ code: u.code,
1321
1332
  grant_type: "authorization_code",
1322
1333
  client_id: s.client_id,
1323
1334
  redirect_uri: o
1324
1335
  }, b = {};
1325
1336
  if (s.token_request_extras)
1326
- for (const [v, x] of Object.entries(s.token_request_extras))
1327
- b[v] = x;
1337
+ for (const [T, x] of Object.entries(s.token_request_extras))
1338
+ b[T] = x;
1328
1339
  if (g != null && g.extras)
1329
- for (const [v, x] of Object.entries(g.extras))
1330
- v.endsWith(":token_request") && (b[v.replace(":token_request", "")] = x);
1331
- const A = l.tokenEndpoint, S = {};
1340
+ for (const [T, x] of Object.entries(g.extras))
1341
+ T.endsWith(":token_request") && (b[T.replace(":token_request", "")] = x);
1342
+ const E = l.tokenEndpoint, w = {};
1332
1343
  if (s.demonstrating_proof_of_possession)
1333
1344
  if (c)
1334
- S.DPoP = `DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;
1345
+ w.DPoP = `DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;
1335
1346
  else {
1336
- const v = await Ge(window)(
1347
+ const T = await Ge(window)(
1337
1348
  s.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm
1338
1349
  );
1339
- await P(e.configurationName, s.storage).setDemonstratingProofOfPossessionJwkAsync(v), S.DPoP = await Te(window)(
1350
+ await I(e.configurationName, s.storage).setDemonstratingProofOfPossessionJwkAsync(T), w.DPoP = await Te(window)(
1340
1351
  s.demonstrating_proof_of_possession_configuration
1341
- )(v, "POST", A);
1352
+ )(T, "POST", E);
1342
1353
  }
1343
- const h = await tn(u)(
1344
- A,
1345
- { ...E, ...b },
1346
- S,
1354
+ const A = await tn(_)(
1355
+ E,
1356
+ { ...m, ...b },
1357
+ w,
1347
1358
  e.configuration.token_renew_mode,
1348
1359
  r
1349
1360
  );
1350
- if (!h.success)
1361
+ if (!A.success)
1351
1362
  throw new Error("Token request failed");
1352
- let C;
1353
- const y = h.data.tokens, w = h.data.demonstratingProofOfPossessionNonce;
1354
- if (h.data.state !== b.state)
1363
+ let h;
1364
+ const O = A.data.tokens, y = A.data.demonstratingProofOfPossessionNonce;
1365
+ if (A.data.state !== b.state)
1355
1366
  throw new Error("state is not valid");
1356
- const { isValid: T, reason: D } = pe(
1357
- y,
1358
- f.nonce,
1367
+ const { isValid: S, reason: v } = pe(
1368
+ O,
1369
+ d.nonce,
1359
1370
  l
1360
1371
  );
1361
- if (!T)
1362
- throw new Error(`Tokens are not OpenID valid, reason: ${D}`);
1372
+ if (!S)
1373
+ throw new Error(`Tokens are not OpenID valid, reason: ${v}`);
1363
1374
  if (c) {
1364
- if (y.refreshToken && !y.refreshToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))
1375
+ if (O.refreshToken && !O.refreshToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))
1365
1376
  throw new Error("Refresh token should be hidden by service worker");
1366
- if (w && (y != null && y.accessToken.includes("SECURED_BY_OIDC_SERVICE_WORKER")))
1377
+ if (y && (O != null && O.accessToken.includes("SECURED_BY_OIDC_SERVICE_WORKER")))
1367
1378
  throw new Error(
1368
1379
  "Demonstration of proof of possession require Access token not hidden by service worker"
1369
1380
  );
1370
1381
  }
1371
1382
  if (c)
1372
- await c.initAsync(l, "syncTokensAsync", s), C = c.getLoginParams(), w && await c.setDemonstratingProofOfPossessionNonce(
1373
- w
1383
+ await c.initAsync(l, "syncTokensAsync", s), h = c.getLoginParams(), y && await c.setDemonstratingProofOfPossessionNonce(
1384
+ y
1374
1385
  );
1375
1386
  else {
1376
- const v = P(e.configurationName, s.storage);
1377
- C = v.getLoginParams(), w && await v.setDemonstratingProofOfPossessionNonce(w);
1387
+ const T = I(e.configurationName, s.storage);
1388
+ h = T.getLoginParams(), y && await T.setDemonstratingProofOfPossessionNonce(y);
1378
1389
  }
1379
1390
  return await e.startCheckSessionAsync(
1380
1391
  l.checkSessionIframe,
1381
1392
  t,
1382
- _,
1393
+ f,
1383
1394
  n
1384
- ), e.publishEvent(m.loginCallbackAsync_end, {}), {
1385
- tokens: y,
1395
+ ), e.publishEvent(k.loginCallbackAsync_end, {}), {
1396
+ tokens: O,
1386
1397
  state: "request.state",
1387
- callbackPath: C.callbackPath
1398
+ callbackPath: h.callbackPath,
1399
+ scope: u.scope,
1400
+ extras: h.extras
1388
1401
  };
1389
1402
  } catch (s) {
1390
- throw console.error(s), e.publishEvent(m.loginCallbackAsync_error, s), s;
1403
+ throw console.error(s), e.publishEvent(k.loginCallbackAsync_error, s), s;
1391
1404
  }
1392
1405
  }, ge = {
1393
1406
  access_token: "access_token",
1394
1407
  refresh_token: "refresh_token"
1395
- }, z = (e, n) => {
1408
+ }, X = (e, n) => {
1396
1409
  const s = {};
1397
1410
  if (e) {
1398
1411
  for (const [t, o] of Object.entries(e))
@@ -1412,81 +1425,81 @@ const _n = () => {
1412
1425
  }
1413
1426
  return n;
1414
1427
  }, kn = (e) => async (n) => {
1415
- U.clearTimeout(e.timeoutId), e.timeoutId = null, e.checkSessionIFrame && e.checkSessionIFrame.stop();
1416
- const s = await I(e.configuration, e.configurationName);
1417
- s ? await s.clearAsync(n) : await P(e.configurationName, e.configuration.storage).clearAsync(n), e.tokens = null, e.userInfo = null;
1428
+ K.clearTimeout(e.timeoutId), e.timeoutId = null, e.checkSessionIFrame && e.checkSessionIFrame.stop();
1429
+ const s = await C(e.configuration, e.configurationName);
1430
+ s ? await s.clearAsync(n) : await I(e.configurationName, e.configuration.storage).clearAsync(n), e.tokens = null, e.userInfo = null;
1418
1431
  }, mn = (e, n, s, t, o) => async (i = void 0, r = null) => {
1419
- var E, b;
1432
+ var b, E;
1420
1433
  const l = e.configuration, a = await e.initAsync(
1421
1434
  l.authority,
1422
1435
  l.authority_configuration
1423
1436
  );
1424
1437
  i && typeof i != "string" && (i = void 0, t.warn("callbackPathOrUrl path is not a string"));
1425
- const d = i ?? o.getPath();
1426
- let _ = !1;
1427
- i && (_ = i.includes("https://") || i.includes("http://"));
1428
- const c = _ ? i : o.getOrigin() + d, u = e.tokens ? e.tokens.idToken : "";
1438
+ const u = i ?? o.getPath();
1439
+ let f = !1;
1440
+ i && (f = i.includes("https://") || i.includes("http://"));
1441
+ const c = f ? i : o.getOrigin() + u, _ = e.tokens ? e.tokens.idToken : "";
1429
1442
  try {
1430
- const A = a.revocationEndpoint;
1431
- if (A) {
1432
- const S = [], h = e.tokens ? e.tokens.accessToken : null;
1443
+ const w = a.revocationEndpoint;
1444
+ if (w) {
1445
+ const A = [], h = e.tokens ? e.tokens.accessToken : null;
1433
1446
  if (h && l.logout_tokens_to_invalidate.includes(ge.access_token)) {
1434
- const y = z(r, ":revoke_access_token"), w = he(s)(
1435
- A,
1447
+ const y = X(r, ":revoke_access_token"), S = he(s)(
1448
+ w,
1436
1449
  h,
1437
- ne.access_token,
1450
+ ee.access_token,
1438
1451
  l.client_id,
1439
1452
  y
1440
1453
  );
1441
- S.push(w);
1454
+ A.push(S);
1442
1455
  }
1443
- const C = e.tokens ? e.tokens.refreshToken : null;
1444
- if (C && l.logout_tokens_to_invalidate.includes(ge.refresh_token)) {
1445
- const y = z(r, ":revoke_refresh_token"), w = he(s)(
1446
- A,
1447
- C,
1448
- ne.refresh_token,
1456
+ const O = e.tokens ? e.tokens.refreshToken : null;
1457
+ if (O && l.logout_tokens_to_invalidate.includes(ge.refresh_token)) {
1458
+ const y = X(r, ":revoke_refresh_token"), S = he(s)(
1459
+ w,
1460
+ O,
1461
+ ee.refresh_token,
1449
1462
  l.client_id,
1450
1463
  y
1451
1464
  );
1452
- S.push(w);
1465
+ A.push(S);
1453
1466
  }
1454
- S.length > 0 && await Promise.all(S);
1467
+ A.length > 0 && await Promise.all(A);
1455
1468
  }
1456
- } catch (A) {
1469
+ } catch (w) {
1457
1470
  t.warn(
1458
1471
  "logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error"
1459
- ), t.warn(A);
1472
+ ), t.warn(w);
1460
1473
  }
1461
- const f = ((b = (E = e.tokens) == null ? void 0 : E.idTokenPayload) == null ? void 0 : b.sub) ?? null;
1474
+ const d = ((E = (b = e.tokens) == null ? void 0 : b.idTokenPayload) == null ? void 0 : E.sub) ?? null;
1462
1475
  await e.destroyAsync("LOGGED_OUT");
1463
- for (const [, A] of Object.entries(n))
1464
- A !== e ? await e.logoutSameTabAsync(e.configuration.client_id, f) : e.publishEvent(m.logout_from_same_tab, {});
1465
- const g = z(r, ":oidc");
1476
+ for (const [, w] of Object.entries(n))
1477
+ w !== e ? await e.logoutSameTabAsync(e.configuration.client_id, d) : e.publishEvent(k.logout_from_same_tab, {});
1478
+ const g = X(r, ":oidc");
1466
1479
  if (g && g.no_reload === "true")
1467
1480
  return;
1468
- const k = gn(r);
1481
+ const m = gn(r);
1469
1482
  if (a.endSessionEndpoint) {
1470
- "id_token_hint" in k || (k.id_token_hint = u), !("post_logout_redirect_uri" in k) && i !== null && (k.post_logout_redirect_uri = c);
1471
- let A = "";
1472
- for (const [S, h] of Object.entries(k))
1473
- h != null && (A === "" ? A += "?" : A += "&", A += `${S}=${encodeURIComponent(h)}`);
1474
- o.open(`${a.endSessionEndpoint}${A}`);
1483
+ "id_token_hint" in m || (m.id_token_hint = _), !("post_logout_redirect_uri" in m) && i !== null && (m.post_logout_redirect_uri = c);
1484
+ let w = "";
1485
+ for (const [A, h] of Object.entries(m))
1486
+ h != null && (w === "" ? w += "?" : w += "&", w += `${A}=${encodeURIComponent(h)}`);
1487
+ o.open(`${a.endSessionEndpoint}${w}`);
1475
1488
  } else
1476
1489
  o.reload();
1477
1490
  }, Pe = (e, n, s = !1) => async (...t) => {
1478
- var f;
1491
+ var d;
1479
1492
  const [o, i, ...r] = t, l = i ? { ...i } : { method: "GET" };
1480
1493
  let a = new Headers();
1481
1494
  l.headers && (a = l.headers instanceof Headers ? l.headers : new Headers(l.headers));
1482
- const d = {
1495
+ const u = {
1483
1496
  getTokens: () => n.tokens,
1484
1497
  configuration: {
1485
1498
  token_automatic_renew_mode: n.configuration.token_automatic_renew_mode,
1486
1499
  refresh_time_before_tokens_expiration_in_second: n.configuration.refresh_time_before_tokens_expiration_in_second
1487
1500
  },
1488
1501
  renewTokensAsync: n.renewTokensAsync.bind(n)
1489
- }, _ = await me(d), c = (f = _ == null ? void 0 : _.tokens) == null ? void 0 : f.accessToken;
1502
+ }, f = await me(u), c = (d = f == null ? void 0 : f.tokens) == null ? void 0 : d.accessToken;
1490
1503
  if (a.has("Accept") || a.set("Accept", "application/json"), c) {
1491
1504
  if (n.configuration.demonstrating_proof_of_possession && s) {
1492
1505
  const g = await n.generateDemonstrationOfProofOfPossessionAsync(
@@ -1499,8 +1512,8 @@ const _n = () => {
1499
1512
  a.set("Authorization", `Bearer ${c}`);
1500
1513
  l.credentials || (l.credentials = "same-origin");
1501
1514
  }
1502
- const u = { ...l, headers: a };
1503
- return await e(o, u, ...r);
1515
+ const _ = { ...l, headers: a };
1516
+ return await e(o, _, ...r);
1504
1517
  }, pn = (e) => async (n = !1, s = !1) => {
1505
1518
  if (e.userInfo != null && !n)
1506
1519
  return e.userInfo;
@@ -1508,8 +1521,8 @@ const _n = () => {
1508
1521
  t.authority,
1509
1522
  t.authority_configuration
1510
1523
  )).userInfoEndpoint, l = await (async () => {
1511
- const d = await Pe(fetch, e, s)(i);
1512
- return d.status !== 200 ? null : d.json();
1524
+ const u = await Pe(fetch, e, s)(i);
1525
+ return u.status !== 200 ? null : u.json();
1513
1526
  })();
1514
1527
  return e.userInfo = l, l;
1515
1528
  }, wn = () => fetch;
@@ -1519,8 +1532,8 @@ class se {
1519
1532
  }
1520
1533
  }
1521
1534
  const L = {}, An = (e, n = new q()) => (s, t = "default") => (L[t] || (L[t] = new N(s, t, e, n)), L[t]), Sn = async (e) => {
1522
- const { parsedTokens: n, callbackPath: s } = await e.loginCallbackAsync();
1523
- return e.timeoutId = M(e, n.expiresAt), { callbackPath: s };
1535
+ const { parsedTokens: n, callbackPath: s, extras: t, scope: o } = await e.loginCallbackAsync();
1536
+ return e.timeoutId = M(e, n.expiresAt, t, o), { callbackPath: s };
1524
1537
  }, Tn = (e) => Math.floor(Math.random() * e), V = class V {
1525
1538
  constructor(n, s = "default", t, o = new q()) {
1526
1539
  this.initPromise = null, this.tryKeepExistingSessionPromise = null, this.loginPromise = null, this.loginCallbackPromise = null, this.loginCallbackWithAutoTokensRenewPromise = null, this.userInfoPromise = null, this.renewTokensPromise = null, this.logoutPromise = null;
@@ -1536,7 +1549,7 @@ const L = {}, An = (e, n = new q()) => (s, t = "default") => (L[t] || (L[t] = ne
1536
1549
  monitor_session: n.monitor_session ?? !1,
1537
1550
  refresh_time_before_tokens_expiration_in_second: r,
1538
1551
  silent_login_timeout: n.silent_login_timeout ?? 12e3,
1539
- token_renew_mode: n.token_renew_mode ?? Q.access_token_or_id_token_invalid,
1552
+ token_renew_mode: n.token_renew_mode ?? z.access_token_or_id_token_invalid,
1540
1553
  demonstrating_proof_of_possession: n.demonstrating_proof_of_possession ?? !1,
1541
1554
  authority_timeout_wellknowurl_in_millisecond: n.authority_timeout_wellknowurl_in_millisecond ?? 1e4,
1542
1555
  logout_tokens_to_invalidate: n.logout_tokens_to_invalidate ?? [
@@ -1571,7 +1584,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1571
1584
  }
1572
1585
  _silentLoginCallbackFromIFrame() {
1573
1586
  if (this.configuration.silent_redirect_uri && this.configuration.silent_login_uri) {
1574
- const n = this.location, s = Y(n.getCurrentHref());
1587
+ const n = this.location, s = ne(n.getCurrentHref());
1575
1588
  window.parent.postMessage(
1576
1589
  `${this.configurationName}_oidc_tokens:${JSON.stringify({ tokens: this.tokens, sessionState: s.session_state })}`,
1577
1590
  n.getOrigin()
@@ -1580,7 +1593,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1580
1593
  }
1581
1594
  _silentLoginErrorCallbackFromIFrame(n = null) {
1582
1595
  if (this.configuration.silent_redirect_uri && this.configuration.silent_login_uri) {
1583
- const s = this.location, t = Y(s.getCurrentHref());
1596
+ const s = this.location, t = ne(s.getCurrentHref());
1584
1597
  t.error ? window.parent.postMessage(
1585
1598
  `${this.configurationName}_oidc_error:${JSON.stringify({ error: t.error })}`,
1586
1599
  s.getOrigin()
@@ -1611,7 +1624,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1611
1624
  check_session_iframe: s.check_session_iframe,
1612
1625
  issuer: s.issuer
1613
1626
  });
1614
- const i = await I(this.configuration, this.configurationName) ? window.localStorage : null;
1627
+ const i = await C(this.configuration, this.configurationName) ? window.localStorage : null;
1615
1628
  return await en(this.getFetch())(
1616
1629
  n,
1617
1630
  this.configuration.authority_time_cache_wellknowurl_in_second ?? 60 * 60,
@@ -1658,7 +1671,13 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1658
1671
  return this.loginCallbackPromise;
1659
1672
  const s = async () => {
1660
1673
  const t = await yn(this)(n), o = t.tokens;
1661
- return this.tokens = o, await I(this.configuration, this.configurationName) || P(this.configurationName, this.configuration.storage).setTokens(o), this.publishEvent(V.eventNames.token_acquired, o), this.configuration.preload_user_info && await this.userInfoAsync(), { parsedTokens: o, state: t.state, callbackPath: t.callbackPath };
1674
+ return this.tokens = o, await C(this.configuration, this.configurationName) || I(this.configurationName, this.configuration.storage).setTokens(o), this.publishEvent(V.eventNames.token_acquired, o), this.configuration.preload_user_info && await this.userInfoAsync(), {
1675
+ parsedTokens: o,
1676
+ state: t.state,
1677
+ callbackPath: t.callbackPath,
1678
+ scope: t.scope,
1679
+ extras: t.extras
1680
+ };
1662
1681
  };
1663
1682
  return this.loginCallbackPromise = s(), this.loginCallbackPromise.finally(() => {
1664
1683
  this.loginCallbackPromise = null;
@@ -1669,12 +1688,12 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1669
1688
  ath: await be(n),
1670
1689
  ...o
1671
1690
  };
1672
- if (await I(i, this.configurationName))
1691
+ if (await C(i, this.configurationName))
1673
1692
  return `DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${this.configurationName}`;
1674
- const a = P(this.configurationName, i.storage), d = await a.getDemonstratingProofOfPossessionJwkAsync(), _ = a.getDemonstratingProofOfPossessionNonce();
1675
- return _ && (r.nonce = _), await Te(window)(
1693
+ const a = I(this.configurationName, i.storage), u = await a.getDemonstratingProofOfPossessionJwkAsync(), f = a.getDemonstratingProofOfPossessionNonce();
1694
+ return f && (r.nonce = f), await Te(window)(
1676
1695
  i.demonstrating_proof_of_possession_configuration
1677
- )(d, t, s, r);
1696
+ )(u, t, s, r);
1678
1697
  }
1679
1698
  loginCallbackWithAutoTokensRenewAsync() {
1680
1699
  return this.loginCallbackWithAutoTokensRenewPromise !== null ? this.loginCallbackWithAutoTokensRenewPromise : (this.loginCallbackWithAutoTokensRenewPromise = Sn(this), this.loginCallbackWithAutoTokensRenewPromise.finally(() => {
@@ -1690,7 +1709,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1690
1709
  if (this.renewTokensPromise !== null)
1691
1710
  return this.renewTokensPromise;
1692
1711
  if (this.timeoutId)
1693
- return U.clearTimeout(this.timeoutId), this.renewTokensPromise = Ee(this, !0, n, s), this.renewTokensPromise.finally(() => {
1712
+ return K.clearTimeout(this.timeoutId), this.renewTokensPromise = Ee(this, !0, n, s), this.renewTokensPromise.finally(() => {
1694
1713
  this.renewTokensPromise = null;
1695
1714
  });
1696
1715
  }
@@ -1698,10 +1717,10 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1698
1717
  return await kn(this)(n);
1699
1718
  }
1700
1719
  async logoutSameTabAsync(n, s) {
1701
- this.configuration.monitor_session && this.configuration.client_id === n && s && this.tokens && this.tokens.idTokenPayload && this.tokens.idTokenPayload.sub === s && (await this.destroyAsync("LOGGED_OUT"), this.publishEvent(m.logout_from_same_tab, { mmessage: "SessionMonitor", sub: s }));
1720
+ this.configuration.monitor_session && this.configuration.client_id === n && s && this.tokens && this.tokens.idTokenPayload && this.tokens.idTokenPayload.sub === s && (await this.destroyAsync("LOGGED_OUT"), this.publishEvent(k.logout_from_same_tab, { mmessage: "SessionMonitor", sub: s }));
1702
1721
  }
1703
1722
  async logoutOtherTabAsync(n, s) {
1704
- this.configuration.monitor_session && this.configuration.client_id === n && s && this.tokens && this.tokens.idTokenPayload && this.tokens.idTokenPayload.sub === s && (await this.destroyAsync("LOGGED_OUT"), this.publishEvent(m.logout_from_another_tab, { message: "SessionMonitor", sub: s }));
1723
+ this.configuration.monitor_session && this.configuration.client_id === n && s && this.tokens && this.tokens.idTokenPayload && this.tokens.idTokenPayload.sub === s && (await this.destroyAsync("LOGGED_OUT"), this.publishEvent(k.logout_from_another_tab, { message: "SessionMonitor", sub: s }));
1705
1724
  }
1706
1725
  async logoutAsync(n = void 0, s = null) {
1707
1726
  return this.logoutPromise ? this.logoutPromise : (this.logoutPromise = mn(
@@ -1715,9 +1734,9 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
1715
1734
  }));
1716
1735
  }
1717
1736
  };
1718
- V.getOrCreate = (n, s) => (t, o = "default") => An(n, s)(t, o), V.eventNames = m;
1737
+ V.getOrCreate = (n, s) => (t, o = "default") => An(n, s)(t, o), V.eventNames = k;
1719
1738
  let N = V;
1720
- const K = class K {
1739
+ const $ = class $ {
1721
1740
  constructor(n) {
1722
1741
  this._oidc = n;
1723
1742
  }
@@ -1731,7 +1750,7 @@ const K = class K {
1731
1750
  this._oidc.publishEvent(n, s);
1732
1751
  }
1733
1752
  static get(n = "default") {
1734
- return new K(N.get(n));
1753
+ return new $(N.get(n));
1735
1754
  }
1736
1755
  tryKeepExistingSessionAsync() {
1737
1756
  return this._oidc.tryKeepExistingSessionAsync();
@@ -1786,14 +1805,14 @@ const K = class K {
1786
1805
  return this._oidc.userInfo;
1787
1806
  }
1788
1807
  };
1789
- K.getOrCreate = (n, s = new q()) => (t, o = "default") => new K(N.getOrCreate(n, s)(t, o)), K.eventNames = N.eventNames;
1790
- let ke = K;
1808
+ $.getOrCreate = (n, s = new q()) => (t, o = "default") => new $(N.getOrCreate(n, s)(t, o)), $.eventNames = N.eventNames;
1809
+ let ke = $;
1791
1810
  export {
1792
1811
  ke as OidcClient,
1793
1812
  q as OidcLocation,
1794
1813
  J as TokenAutomaticRenewMode,
1795
- Q as TokenRenewMode,
1814
+ z as TokenRenewMode,
1796
1815
  wn as getFetchDefault,
1797
- Y as getParseQueryStringFromLocation,
1816
+ ne as getParseQueryStringFromLocation,
1798
1817
  bn as getPath
1799
1818
  };