@axa-fr/oidc-client 7.25.2 → 7.25.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +599 -597
- package/dist/index.umd.cjs +2 -2
- package/dist/version.d.ts +1 -1
- package/package.json +2 -2
- package/src/renewTokens.ts +11 -1
- package/src/version.ts +1 -1
package/dist/index.js
CHANGED
|
@@ -16,10 +16,10 @@ class q {
|
|
|
16
16
|
return window.origin;
|
|
17
17
|
}
|
|
18
18
|
}
|
|
19
|
-
const
|
|
20
|
-
class
|
|
21
|
-
constructor(n, s, t, o =
|
|
22
|
-
this._callback = n, this._client_id = s, this._url = t, this._interval = o ||
|
|
19
|
+
const ce = 2e3, D = console;
|
|
20
|
+
class Ce {
|
|
21
|
+
constructor(n, s, t, o = ce, i = !0) {
|
|
22
|
+
this._callback = n, this._client_id = s, this._url = t, this._interval = o || ce, this._stopOnError = i;
|
|
23
23
|
const r = t.indexOf("/", t.indexOf("//") + 2);
|
|
24
24
|
this._frame_origin = t.substring(0, r), this._frame = window.document.createElement("iframe"), this._frame.style.visibility = "hidden", this._frame.style.position = "absolute", this._frame.style.display = "none", this._frame.width = 0, this._frame.height = 0, this._frame.src = t;
|
|
25
25
|
}
|
|
@@ -76,71 +76,71 @@ const k = {
|
|
|
76
76
|
syncTokensAsync_end: "syncTokensAsync_end",
|
|
77
77
|
syncTokensAsync_error: "syncTokensAsync_error",
|
|
78
78
|
tokensInvalidAndWaitingActionsToRefresh: "tokensInvalidAndWaitingActionsToRefresh"
|
|
79
|
-
},
|
|
80
|
-
const s = (
|
|
79
|
+
}, P = (e, n = sessionStorage) => {
|
|
80
|
+
const s = (y) => (n[`oidc.${e}`] = JSON.stringify({ tokens: null, status: y }), Promise.resolve()), t = async () => {
|
|
81
81
|
if (!n[`oidc.${e}`])
|
|
82
82
|
return n[`oidc.${e}`] = JSON.stringify({ tokens: null, status: null }), { tokens: null, status: null };
|
|
83
|
-
const
|
|
84
|
-
return Promise.resolve({ tokens:
|
|
85
|
-
}, o = (
|
|
86
|
-
n[`oidc.${e}`] = JSON.stringify({ tokens:
|
|
87
|
-
}, i = async (
|
|
88
|
-
n[`oidc.session_state.${e}`] =
|
|
89
|
-
}, r = async () => n[`oidc.session_state.${e}`],
|
|
90
|
-
n[`oidc.nonce.${e}`] =
|
|
91
|
-
},
|
|
92
|
-
n[`oidc.jwk.${e}`] = JSON.stringify(
|
|
93
|
-
},
|
|
94
|
-
n[`oidc.dpop_nonce.${e}`] =
|
|
95
|
-
}, _ = () => n[`oidc.dpop_nonce.${e}`],
|
|
83
|
+
const y = JSON.parse(n[`oidc.${e}`]);
|
|
84
|
+
return Promise.resolve({ tokens: y.tokens, status: y.status });
|
|
85
|
+
}, o = (y) => {
|
|
86
|
+
n[`oidc.${e}`] = JSON.stringify({ tokens: y });
|
|
87
|
+
}, i = async (y) => {
|
|
88
|
+
n[`oidc.session_state.${e}`] = y;
|
|
89
|
+
}, r = async () => n[`oidc.session_state.${e}`], a = (y) => {
|
|
90
|
+
n[`oidc.nonce.${e}`] = y.nonce;
|
|
91
|
+
}, c = (y) => {
|
|
92
|
+
n[`oidc.jwk.${e}`] = JSON.stringify(y);
|
|
93
|
+
}, l = () => JSON.parse(n[`oidc.jwk.${e}`]), d = async () => ({ nonce: n[`oidc.nonce.${e}`] }), u = async (y) => {
|
|
94
|
+
n[`oidc.dpop_nonce.${e}`] = y;
|
|
95
|
+
}, _ = () => n[`oidc.dpop_nonce.${e}`], f = () => n[`oidc.${e}`] ? JSON.stringify({ tokens: JSON.parse(n[`oidc.${e}`]).tokens }) : null, h = {};
|
|
96
96
|
return {
|
|
97
97
|
clearAsync: s,
|
|
98
98
|
initAsync: t,
|
|
99
99
|
setTokens: o,
|
|
100
|
-
getTokens:
|
|
100
|
+
getTokens: f,
|
|
101
101
|
setSessionStateAsync: i,
|
|
102
102
|
getSessionStateAsync: r,
|
|
103
|
-
setNonceAsync:
|
|
104
|
-
getNonceAsync:
|
|
105
|
-
setLoginParams: (
|
|
106
|
-
|
|
103
|
+
setNonceAsync: a,
|
|
104
|
+
getNonceAsync: d,
|
|
105
|
+
setLoginParams: (y) => {
|
|
106
|
+
h[e] = y, n[`oidc.login.${e}`] = JSON.stringify(y);
|
|
107
107
|
},
|
|
108
108
|
getLoginParams: () => {
|
|
109
|
-
const
|
|
110
|
-
return
|
|
109
|
+
const y = n[`oidc.login.${e}`];
|
|
110
|
+
return y ? (h[e] || (h[e] = JSON.parse(y)), h[e]) : (console.warn(
|
|
111
111
|
`storage[oidc.login.${e}] is empty, you should have an bad OIDC or code configuration somewhere.`
|
|
112
112
|
), null);
|
|
113
113
|
},
|
|
114
114
|
getStateAsync: async () => n[`oidc.state.${e}`],
|
|
115
|
-
setStateAsync: async (
|
|
116
|
-
n[`oidc.state.${e}`] =
|
|
115
|
+
setStateAsync: async (y) => {
|
|
116
|
+
n[`oidc.state.${e}`] = y;
|
|
117
117
|
},
|
|
118
118
|
getCodeVerifierAsync: async () => n[`oidc.code_verifier.${e}`],
|
|
119
|
-
setCodeVerifierAsync: async (
|
|
120
|
-
n[`oidc.code_verifier.${e}`] =
|
|
119
|
+
setCodeVerifierAsync: async (y) => {
|
|
120
|
+
n[`oidc.code_verifier.${e}`] = y;
|
|
121
121
|
},
|
|
122
|
-
setDemonstratingProofOfPossessionNonce:
|
|
122
|
+
setDemonstratingProofOfPossessionNonce: u,
|
|
123
123
|
getDemonstratingProofOfPossessionNonce: _,
|
|
124
|
-
setDemonstratingProofOfPossessionJwkAsync:
|
|
125
|
-
getDemonstratingProofOfPossessionJwkAsync:
|
|
124
|
+
setDemonstratingProofOfPossessionJwkAsync: c,
|
|
125
|
+
getDemonstratingProofOfPossessionJwkAsync: l
|
|
126
126
|
};
|
|
127
127
|
};
|
|
128
|
-
var
|
|
129
|
-
const
|
|
128
|
+
var V = /* @__PURE__ */ ((e) => (e.AutomaticBeforeTokenExpiration = "AutomaticBeforeTokensExpiration", e.AutomaticOnlyWhenFetchExecuted = "AutomaticOnlyWhenFetchExecuted", e))(V || {});
|
|
129
|
+
const Ne = (e) => decodeURIComponent(
|
|
130
130
|
Array.prototype.map.call(atob(e), (n) => "%" + ("00" + n.charCodeAt(0).toString(16)).slice(-2)).join("")
|
|
131
|
-
),
|
|
131
|
+
), xe = (e) => JSON.parse(Ne(e.replaceAll(/-/g, "+").replaceAll(/_/g, "/"))), le = (e) => {
|
|
132
132
|
try {
|
|
133
|
-
return e &&
|
|
133
|
+
return e && We(e, ".") === 2 ? xe(e.split(".")[1]) : null;
|
|
134
134
|
} catch (n) {
|
|
135
135
|
console.warn(n);
|
|
136
136
|
}
|
|
137
137
|
return null;
|
|
138
|
-
},
|
|
138
|
+
}, We = (e, n) => e.split(n).length - 1, z = {
|
|
139
139
|
access_token_or_id_token_invalid: "access_token_or_id_token_invalid",
|
|
140
140
|
access_token_invalid: "access_token_invalid",
|
|
141
141
|
id_token_invalid: "id_token_invalid"
|
|
142
142
|
};
|
|
143
|
-
function
|
|
143
|
+
function Le(e, n, s) {
|
|
144
144
|
if (e.issuedAt) {
|
|
145
145
|
if (typeof e.issuedAt == "string")
|
|
146
146
|
return parseInt(e.issuedAt, 10);
|
|
@@ -152,25 +152,25 @@ const te = (e, n = null, s) => {
|
|
|
152
152
|
return null;
|
|
153
153
|
let t;
|
|
154
154
|
const o = typeof e.expiresIn == "string" ? parseInt(e.expiresIn, 10) : e.expiresIn;
|
|
155
|
-
e.accessTokenPayload !== void 0 ? t = e.accessTokenPayload : t =
|
|
155
|
+
e.accessTokenPayload !== void 0 ? t = e.accessTokenPayload : t = le(e.accessToken);
|
|
156
156
|
let i;
|
|
157
157
|
n != null && "idToken" in n && !("idToken" in e) ? i = n.idToken : i = e.idToken;
|
|
158
|
-
const r = e.idTokenPayload ? e.idTokenPayload :
|
|
159
|
-
e.issuedAt =
|
|
160
|
-
let
|
|
161
|
-
e.expiresAt ?
|
|
162
|
-
const
|
|
158
|
+
const r = e.idTokenPayload ? e.idTokenPayload : le(i), a = r && r.exp ? r.exp : Number.MAX_VALUE, c = t && t.exp ? t.exp : e.issuedAt + o;
|
|
159
|
+
e.issuedAt = Le(e, t, r);
|
|
160
|
+
let l;
|
|
161
|
+
e.expiresAt ? l = e.expiresAt : s === z.access_token_invalid ? l = c : s === z.id_token_invalid ? l = a : l = a < c ? a : c;
|
|
162
|
+
const d = {
|
|
163
163
|
...e,
|
|
164
164
|
idTokenPayload: r,
|
|
165
165
|
accessTokenPayload: t,
|
|
166
|
-
expiresAt:
|
|
166
|
+
expiresAt: l,
|
|
167
167
|
idToken: i
|
|
168
168
|
};
|
|
169
169
|
if (n != null && "refreshToken" in n && !("refreshToken" in e)) {
|
|
170
|
-
const
|
|
171
|
-
return { ...
|
|
170
|
+
const u = n.refreshToken;
|
|
171
|
+
return { ...d, refreshToken: u };
|
|
172
172
|
}
|
|
173
|
-
return
|
|
173
|
+
return d;
|
|
174
174
|
}, oe = (e, n, s) => {
|
|
175
175
|
if (!e)
|
|
176
176
|
return null;
|
|
@@ -187,18 +187,18 @@ const te = (e, n = null, s) => {
|
|
|
187
187
|
issuedAt: e.issued_at
|
|
188
188
|
};
|
|
189
189
|
return "refresh_token" in e && (t.refreshToken = e.refresh_token), e.accessTokenPayload !== void 0 && (t.accessTokenPayload = e.accessTokenPayload), e.idTokenPayload !== void 0 && (t.idTokenPayload = e.idTokenPayload), te(t, n, s);
|
|
190
|
-
},
|
|
190
|
+
}, K = (e, n) => {
|
|
191
191
|
const s = (/* @__PURE__ */ new Date()).getTime() / 1e3, t = n - s;
|
|
192
192
|
return Math.round(t - e);
|
|
193
|
-
},
|
|
193
|
+
}, ue = (e, n = 0) => e ? K(n, e.expiresAt) > 0 : !1, pe = async (e, n = 200, s = 50) => {
|
|
194
194
|
let t = s;
|
|
195
195
|
if (!e.getTokens())
|
|
196
196
|
return null;
|
|
197
|
-
for (; !
|
|
197
|
+
for (; !ue(
|
|
198
198
|
e.getTokens(),
|
|
199
199
|
e.configuration.refresh_time_before_tokens_expiration_in_second
|
|
200
200
|
) && t > 0; ) {
|
|
201
|
-
if (e.configuration.token_automatic_renew_mode ==
|
|
201
|
+
if (e.configuration.token_automatic_renew_mode == V.AutomaticOnlyWhenFetchExecuted) {
|
|
202
202
|
await e.renewTokensAsync({});
|
|
203
203
|
break;
|
|
204
204
|
} else
|
|
@@ -206,11 +206,11 @@ const te = (e, n = null, s) => {
|
|
|
206
206
|
t = t - 1;
|
|
207
207
|
}
|
|
208
208
|
return {
|
|
209
|
-
isTokensValid:
|
|
209
|
+
isTokensValid: ue(e.getTokens()),
|
|
210
210
|
tokens: e.getTokens(),
|
|
211
211
|
numberWaited: t - s
|
|
212
212
|
};
|
|
213
|
-
},
|
|
213
|
+
}, we = (e, n, s) => {
|
|
214
214
|
if (e.idTokenPayload) {
|
|
215
215
|
const t = e.idTokenPayload;
|
|
216
216
|
if (s.issuer !== t.iss)
|
|
@@ -237,7 +237,7 @@ const te = (e, n = null, s) => {
|
|
|
237
237
|
};
|
|
238
238
|
}
|
|
239
239
|
return { isValid: !0, reason: "" };
|
|
240
|
-
},
|
|
240
|
+
}, U = function() {
|
|
241
241
|
const e = typeof window > "u" ? global : window;
|
|
242
242
|
return {
|
|
243
243
|
setTimeout: setTimeout.bind(e),
|
|
@@ -245,170 +245,170 @@ const te = (e, n = null, s) => {
|
|
|
245
245
|
setInterval: setInterval.bind(e),
|
|
246
246
|
clearInterval: clearInterval.bind(e)
|
|
247
247
|
};
|
|
248
|
-
}(),
|
|
249
|
-
let
|
|
250
|
-
const Y = ({ milliseconds: e }) => new Promise((n) =>
|
|
248
|
+
}(), _e = "7.25.3";
|
|
249
|
+
let fe = null, j;
|
|
250
|
+
const Y = ({ milliseconds: e }) => new Promise((n) => U.setTimeout(n, e)), Ae = (e = "/") => {
|
|
251
251
|
try {
|
|
252
252
|
j = new AbortController(), fetch(
|
|
253
253
|
`${e}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`,
|
|
254
254
|
{ signal: j.signal }
|
|
255
255
|
).catch((t) => {
|
|
256
256
|
console.log(t);
|
|
257
|
-
}), Y({ milliseconds: 150 * 1e3 }).then(
|
|
257
|
+
}), Y({ milliseconds: 150 * 1e3 }).then(Ae);
|
|
258
258
|
} catch (n) {
|
|
259
259
|
console.log(n);
|
|
260
260
|
}
|
|
261
|
-
},
|
|
261
|
+
}, de = () => {
|
|
262
262
|
j && j.abort();
|
|
263
|
-
},
|
|
263
|
+
}, De = (e = "/") => fetch(`${e}OidcKeepAliveServiceWorker.json`, {
|
|
264
264
|
headers: {
|
|
265
265
|
"oidc-vanilla": "true"
|
|
266
266
|
}
|
|
267
267
|
}).then((n) => n.statusText === "oidc-service-worker").catch((n) => {
|
|
268
268
|
console.log(n);
|
|
269
|
-
}),
|
|
269
|
+
}), Re = (e) => async (n, s) => {
|
|
270
270
|
s(), await n.update();
|
|
271
271
|
const t = await n.unregister();
|
|
272
272
|
console.log(`Service worker unregistration ${t ? "successful" : "failed"}`), await Y({ milliseconds: 2e3 }), e.reload();
|
|
273
|
-
},
|
|
273
|
+
}, $e = (e) => {
|
|
274
274
|
const n = sessionStorage.getItem(`oidc.tabId.${e}`);
|
|
275
275
|
if (n)
|
|
276
276
|
return n;
|
|
277
277
|
const s = globalThis.crypto.randomUUID();
|
|
278
278
|
return sessionStorage.setItem(`oidc.tabId.${e}`, s), s;
|
|
279
|
-
},
|
|
279
|
+
}, E = (e) => (n) => new Promise(function(s, t) {
|
|
280
280
|
const o = new MessageChannel();
|
|
281
281
|
o.port1.onmessage = function(i) {
|
|
282
282
|
i != null && i.data.error ? t(i.data.error) : s(i.data), o.port1.close(), o.port2.close();
|
|
283
|
-
}, e.active.postMessage({ ...n, tabId:
|
|
283
|
+
}, e.active.postMessage({ ...n, tabId: $e(n.configurationName) }, [
|
|
284
284
|
o.port2
|
|
285
285
|
]);
|
|
286
|
-
}),
|
|
287
|
-
var
|
|
286
|
+
}), I = async (e, n) => {
|
|
287
|
+
var b;
|
|
288
288
|
const s = e.service_worker_relative_url;
|
|
289
289
|
if (typeof window > "u" || typeof navigator > "u" || !navigator.serviceWorker || !s || e.service_worker_activate() === !1)
|
|
290
290
|
return null;
|
|
291
291
|
let t = null;
|
|
292
|
-
e.service_worker_register ? t = await e.service_worker_register(s) : (t = await navigator.serviceWorker.register(s), t.active && t.waiting && (console.log("Detected new service worker waiting, unregistering and reloading"), await ((
|
|
292
|
+
e.service_worker_register ? t = await e.service_worker_register(s) : (t = await navigator.serviceWorker.register(s), t.active && t.waiting && (console.log("Detected new service worker waiting, unregistering and reloading"), await ((b = e.service_worker_update_require_callback) == null ? void 0 : b.call(e, t, de))));
|
|
293
293
|
try {
|
|
294
|
-
await navigator.serviceWorker.ready, navigator.serviceWorker.controller || await
|
|
295
|
-
} catch (
|
|
296
|
-
return console.warn(`Failed init ServiceWorker ${
|
|
294
|
+
await navigator.serviceWorker.ready, navigator.serviceWorker.controller || await E(t)({ type: "claim" });
|
|
295
|
+
} catch (g) {
|
|
296
|
+
return console.warn(`Failed init ServiceWorker ${g.toString()}`), null;
|
|
297
297
|
}
|
|
298
|
-
const o = async (
|
|
299
|
-
var
|
|
300
|
-
const
|
|
298
|
+
const o = async (g) => E(t)({ type: "clear", data: { status: g }, configurationName: n }), i = async (g, S, C) => {
|
|
299
|
+
var B;
|
|
300
|
+
const m = await E(t)({
|
|
301
301
|
type: "init",
|
|
302
302
|
data: {
|
|
303
|
-
oidcServerConfiguration:
|
|
303
|
+
oidcServerConfiguration: g,
|
|
304
304
|
where: S,
|
|
305
305
|
oidcConfiguration: {
|
|
306
|
-
token_renew_mode:
|
|
307
|
-
service_worker_convert_all_requests_to_cors:
|
|
306
|
+
token_renew_mode: C.token_renew_mode,
|
|
307
|
+
service_worker_convert_all_requests_to_cors: C.service_worker_convert_all_requests_to_cors
|
|
308
308
|
}
|
|
309
309
|
},
|
|
310
310
|
configurationName: n
|
|
311
|
-
}), x =
|
|
312
|
-
return x !==
|
|
313
|
-
`Service worker ${x} version mismatch with js client version ${
|
|
314
|
-
), await ((
|
|
315
|
-
tokens: oe(
|
|
316
|
-
status:
|
|
311
|
+
}), x = m.version;
|
|
312
|
+
return x !== _e && (console.warn(
|
|
313
|
+
`Service worker ${x} version mismatch with js client version ${_e}, unregistering and reloading`
|
|
314
|
+
), await ((B = C.service_worker_update_require_callback) == null ? void 0 : B.call(C, t, de))), {
|
|
315
|
+
tokens: oe(m.tokens, null, C.token_renew_mode),
|
|
316
|
+
status: m.status
|
|
317
317
|
};
|
|
318
|
-
}, r = (
|
|
319
|
-
|
|
320
|
-
},
|
|
318
|
+
}, r = (g = "/") => {
|
|
319
|
+
fe == null && (fe = "not_null", Ae(g));
|
|
320
|
+
}, a = (g) => E(t)({
|
|
321
321
|
type: "setSessionState",
|
|
322
|
-
data: { sessionState:
|
|
322
|
+
data: { sessionState: g },
|
|
323
323
|
configurationName: n
|
|
324
|
-
}),
|
|
324
|
+
}), c = async () => (await E(t)({
|
|
325
325
|
type: "getSessionState",
|
|
326
326
|
data: null,
|
|
327
327
|
configurationName: n
|
|
328
|
-
})).sessionState,
|
|
328
|
+
})).sessionState, l = (g) => (sessionStorage[`oidc.nonce.${n}`] = g.nonce, E(t)({
|
|
329
329
|
type: "setNonce",
|
|
330
|
-
data: { nonce:
|
|
330
|
+
data: { nonce: g },
|
|
331
331
|
configurationName: n
|
|
332
|
-
})),
|
|
333
|
-
let S = (await
|
|
332
|
+
})), d = async () => {
|
|
333
|
+
let S = (await E(t)({
|
|
334
334
|
type: "getNonce",
|
|
335
335
|
data: null,
|
|
336
336
|
configurationName: n
|
|
337
337
|
})).nonce;
|
|
338
338
|
return S || (S = sessionStorage[`oidc.nonce.${n}`], console.warn("nonce not found in service worker, using sessionStorage")), { nonce: S };
|
|
339
|
-
},
|
|
339
|
+
}, u = {};
|
|
340
340
|
return {
|
|
341
341
|
clearAsync: o,
|
|
342
342
|
initAsync: i,
|
|
343
343
|
startKeepAliveServiceWorker: () => r(e.service_worker_keep_alive_path),
|
|
344
|
-
isServiceWorkerProxyActiveAsync: () =>
|
|
345
|
-
setSessionStateAsync:
|
|
346
|
-
getSessionStateAsync:
|
|
347
|
-
setNonceAsync:
|
|
348
|
-
getNonceAsync:
|
|
349
|
-
setLoginParams: (
|
|
350
|
-
|
|
344
|
+
isServiceWorkerProxyActiveAsync: () => De(e.service_worker_keep_alive_path),
|
|
345
|
+
setSessionStateAsync: a,
|
|
346
|
+
getSessionStateAsync: c,
|
|
347
|
+
setNonceAsync: l,
|
|
348
|
+
getNonceAsync: d,
|
|
349
|
+
setLoginParams: (g) => {
|
|
350
|
+
u[n] = g, localStorage[`oidc.login.${n}`] = JSON.stringify(g);
|
|
351
351
|
},
|
|
352
352
|
getLoginParams: () => {
|
|
353
|
-
const
|
|
354
|
-
return
|
|
353
|
+
const g = localStorage[`oidc.login.${n}`];
|
|
354
|
+
return u[n] || (u[n] = JSON.parse(g)), u[n];
|
|
355
355
|
},
|
|
356
356
|
getStateAsync: async () => {
|
|
357
|
-
let S = (await
|
|
357
|
+
let S = (await E(t)({
|
|
358
358
|
type: "getState",
|
|
359
359
|
data: null,
|
|
360
360
|
configurationName: n
|
|
361
361
|
})).state;
|
|
362
362
|
return S || (S = sessionStorage[`oidc.state.${n}`], console.warn("state not found in service worker, using sessionStorage")), S;
|
|
363
363
|
},
|
|
364
|
-
setStateAsync: async (
|
|
364
|
+
setStateAsync: async (g) => (sessionStorage[`oidc.state.${n}`] = g, E(t)({
|
|
365
365
|
type: "setState",
|
|
366
|
-
data: { state:
|
|
366
|
+
data: { state: g },
|
|
367
367
|
configurationName: n
|
|
368
368
|
})),
|
|
369
369
|
getCodeVerifierAsync: async () => {
|
|
370
|
-
let S = (await
|
|
370
|
+
let S = (await E(t)({
|
|
371
371
|
type: "getCodeVerifier",
|
|
372
372
|
data: null,
|
|
373
373
|
configurationName: n
|
|
374
374
|
})).codeVerifier;
|
|
375
375
|
return S || (S = sessionStorage[`oidc.code_verifier.${n}`], console.warn("codeVerifier not found in service worker, using sessionStorage")), S;
|
|
376
376
|
},
|
|
377
|
-
setCodeVerifierAsync: async (
|
|
377
|
+
setCodeVerifierAsync: async (g) => (sessionStorage[`oidc.code_verifier.${n}`] = g, E(t)({
|
|
378
378
|
type: "setCodeVerifier",
|
|
379
|
-
data: { codeVerifier:
|
|
379
|
+
data: { codeVerifier: g },
|
|
380
380
|
configurationName: n
|
|
381
381
|
})),
|
|
382
|
-
setDemonstratingProofOfPossessionNonce: async (
|
|
383
|
-
await
|
|
382
|
+
setDemonstratingProofOfPossessionNonce: async (g) => {
|
|
383
|
+
await E(t)({
|
|
384
384
|
type: "setDemonstratingProofOfPossessionNonce",
|
|
385
|
-
data: { demonstratingProofOfPossessionNonce:
|
|
385
|
+
data: { demonstratingProofOfPossessionNonce: g },
|
|
386
386
|
configurationName: n
|
|
387
387
|
});
|
|
388
388
|
},
|
|
389
|
-
getDemonstratingProofOfPossessionNonce: async () => (await
|
|
389
|
+
getDemonstratingProofOfPossessionNonce: async () => (await E(t)({
|
|
390
390
|
type: "getDemonstratingProofOfPossessionNonce",
|
|
391
391
|
data: null,
|
|
392
392
|
configurationName: n
|
|
393
393
|
})).demonstratingProofOfPossessionNonce,
|
|
394
|
-
setDemonstratingProofOfPossessionJwkAsync: async (
|
|
395
|
-
const S = JSON.stringify(
|
|
396
|
-
await
|
|
394
|
+
setDemonstratingProofOfPossessionJwkAsync: async (g) => {
|
|
395
|
+
const S = JSON.stringify(g);
|
|
396
|
+
await E(t)({
|
|
397
397
|
type: "setDemonstratingProofOfPossessionJwk",
|
|
398
398
|
data: { demonstratingProofOfPossessionJwkJson: S },
|
|
399
399
|
configurationName: n
|
|
400
400
|
});
|
|
401
401
|
},
|
|
402
402
|
getDemonstratingProofOfPossessionJwkAsync: async () => {
|
|
403
|
-
const
|
|
403
|
+
const g = await E(t)({
|
|
404
404
|
type: "getDemonstratingProofOfPossessionJwk",
|
|
405
405
|
data: null,
|
|
406
406
|
configurationName: n
|
|
407
407
|
});
|
|
408
|
-
return
|
|
408
|
+
return g.demonstratingProofOfPossessionJwkJson ? JSON.parse(g.demonstratingProofOfPossessionJwkJson) : null;
|
|
409
409
|
}
|
|
410
410
|
};
|
|
411
|
-
}, R = {},
|
|
411
|
+
}, R = {}, Ue = (e, n = window.sessionStorage, s) => {
|
|
412
412
|
if (!R[e] && n) {
|
|
413
413
|
const o = n.getItem(e);
|
|
414
414
|
o && (R[e] = JSON.parse(o));
|
|
@@ -419,13 +419,13 @@ const Y = ({ milliseconds: e }) => new Promise((n) => K.setTimeout(n, e)), we =
|
|
|
419
419
|
const t = Date.now();
|
|
420
420
|
R[e] = { result: n, timestamp: t }, s && s.setItem(e, JSON.stringify({ result: n, timestamp: t }));
|
|
421
421
|
};
|
|
422
|
-
function
|
|
422
|
+
function Se(e) {
|
|
423
423
|
return new TextEncoder().encode(e);
|
|
424
424
|
}
|
|
425
|
-
function
|
|
425
|
+
function Te(e) {
|
|
426
426
|
return btoa(e).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+/g, "");
|
|
427
427
|
}
|
|
428
|
-
function
|
|
428
|
+
function Fe(e) {
|
|
429
429
|
return encodeURIComponent(e).replace(/%([0-9A-F]{2})/g, function(s, t) {
|
|
430
430
|
return String.fromCharCode(parseInt(t, 16));
|
|
431
431
|
});
|
|
@@ -434,12 +434,12 @@ const ie = (e) => {
|
|
|
434
434
|
let n = "";
|
|
435
435
|
return e.forEach(function(s) {
|
|
436
436
|
n += String.fromCharCode(s);
|
|
437
|
-
}),
|
|
437
|
+
}), Te(n);
|
|
438
438
|
};
|
|
439
|
-
function
|
|
440
|
-
return
|
|
439
|
+
function he(e) {
|
|
440
|
+
return Te(Fe(e));
|
|
441
441
|
}
|
|
442
|
-
const
|
|
442
|
+
const Ve = {
|
|
443
443
|
importKeyAlgorithm: {
|
|
444
444
|
name: "ECDSA",
|
|
445
445
|
namedCurve: "P-256",
|
|
@@ -452,7 +452,7 @@ const Fe = {
|
|
|
452
452
|
},
|
|
453
453
|
digestAlgorithm: { name: "SHA-256" },
|
|
454
454
|
jwtHeaderAlgorithm: "ES256"
|
|
455
|
-
},
|
|
455
|
+
}, Je = (e) => async (n, s, t, o, i = "dpop+jwt") => {
|
|
456
456
|
switch (n = Object.assign({}, n), s.typ = i, s.alg = o.jwtHeaderAlgorithm, s.alg) {
|
|
457
457
|
case "ES256":
|
|
458
458
|
s.jwk = { kty: n.kty, crv: n.crv, x: n.x, y: n.y };
|
|
@@ -466,22 +466,22 @@ const Fe = {
|
|
|
466
466
|
const r = {
|
|
467
467
|
// @ts-ignore
|
|
468
468
|
// JWT "headers" really means JWS "protected headers"
|
|
469
|
-
protected:
|
|
469
|
+
protected: he(JSON.stringify(s)),
|
|
470
470
|
// @ts-ignore
|
|
471
471
|
// JWT "claims" are really a JSON-defined JWS "payload"
|
|
472
|
-
payload:
|
|
473
|
-
},
|
|
474
|
-
return r.signature = ie(new Uint8Array(
|
|
475
|
-
},
|
|
472
|
+
payload: he(JSON.stringify(t))
|
|
473
|
+
}, a = o.importKeyAlgorithm, c = !0, l = ["sign"], d = await e.crypto.subtle.importKey("jwk", n, a, c, l), u = Se(`${r.protected}.${r.payload}`), _ = o.signAlgorithm, f = await e.crypto.subtle.sign(_, d, u);
|
|
474
|
+
return r.signature = ie(new Uint8Array(f)), `${r.protected}.${r.payload}.${r.signature}`;
|
|
475
|
+
}, Me = { sign: Je }, Be = (e) => async (n) => {
|
|
476
476
|
const s = n, t = !0, o = ["sign", "verify"], i = await e.crypto.subtle.generateKey(s, t, o);
|
|
477
477
|
return await e.crypto.subtle.exportKey("jwk", i.privateKey);
|
|
478
|
-
},
|
|
478
|
+
}, He = (e) => {
|
|
479
479
|
const n = Object.assign({}, e);
|
|
480
480
|
return delete n.d, n.key_ops = ["verify"], n;
|
|
481
|
-
},
|
|
482
|
-
generate:
|
|
483
|
-
neuter:
|
|
484
|
-
},
|
|
481
|
+
}, qe = {
|
|
482
|
+
generate: Be,
|
|
483
|
+
neuter: He
|
|
484
|
+
}, je = (e) => async (n, s) => {
|
|
485
485
|
let t;
|
|
486
486
|
switch (n.kty) {
|
|
487
487
|
case "EC":
|
|
@@ -493,36 +493,36 @@ const Fe = {
|
|
|
493
493
|
default:
|
|
494
494
|
throw new Error("Unknown or not implemented JWK type");
|
|
495
495
|
}
|
|
496
|
-
const o = await e.crypto.subtle.digest(s,
|
|
496
|
+
const o = await e.crypto.subtle.digest(s, Se(t));
|
|
497
497
|
return ie(new Uint8Array(o));
|
|
498
|
-
},
|
|
498
|
+
}, Ge = { thumbprint: je }, Ye = (e) => async (n) => await qe.generate(e)(n), ve = (e) => (n) => async (s, t = "POST", o, i = {}) => {
|
|
499
499
|
const r = {
|
|
500
500
|
// https://www.rfc-editor.org/rfc/rfc9449.html#name-concept
|
|
501
|
-
jti: btoa(
|
|
501
|
+
jti: btoa(Xe()),
|
|
502
502
|
htm: t,
|
|
503
503
|
htu: o,
|
|
504
504
|
iat: Math.round(Date.now() / 1e3),
|
|
505
505
|
...i
|
|
506
|
-
},
|
|
506
|
+
}, a = await Ge.thumbprint(e)(
|
|
507
507
|
s,
|
|
508
508
|
n.digestAlgorithm
|
|
509
509
|
);
|
|
510
|
-
return await
|
|
510
|
+
return await Me.sign(e)(
|
|
511
511
|
s,
|
|
512
|
-
{ kid:
|
|
512
|
+
{ kid: a },
|
|
513
513
|
r,
|
|
514
514
|
n
|
|
515
515
|
);
|
|
516
|
-
},
|
|
516
|
+
}, Xe = () => {
|
|
517
517
|
const e = "xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx", n = "0123456789abcdef";
|
|
518
518
|
let s = 0, t = "";
|
|
519
519
|
for (let o = 0; o < 36; o++)
|
|
520
520
|
e[o] !== "-" && e[o] !== "4" && (s = Math.random() * 16 | 0), e[o] === "x" ? t += n[s] : e[o] === "y" ? (s &= 3, s |= 8, t += n[s]) : t += e[o];
|
|
521
521
|
return t;
|
|
522
|
-
},
|
|
522
|
+
}, be = () => {
|
|
523
523
|
const e = typeof window < "u" && !!window.crypto, n = e && !!window.crypto.subtle;
|
|
524
524
|
return { hasCrypto: e, hasSubtleCrypto: n };
|
|
525
|
-
}, Q = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
|
|
525
|
+
}, Q = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", ze = (e) => {
|
|
526
526
|
const n = [];
|
|
527
527
|
for (let s = 0; s < e.byteLength; s += 1) {
|
|
528
528
|
const t = e[s] % Q.length;
|
|
@@ -530,43 +530,43 @@ const Fe = {
|
|
|
530
530
|
}
|
|
531
531
|
return n.join("");
|
|
532
532
|
}, Z = (e) => {
|
|
533
|
-
const n = new Uint8Array(e), { hasCrypto: s } =
|
|
533
|
+
const n = new Uint8Array(e), { hasCrypto: s } = be();
|
|
534
534
|
if (s)
|
|
535
535
|
window.crypto.getRandomValues(n);
|
|
536
536
|
else
|
|
537
537
|
for (let t = 0; t < e; t += 1)
|
|
538
538
|
n[t] = Math.random() * Q.length | 0;
|
|
539
|
-
return
|
|
539
|
+
return ze(n);
|
|
540
540
|
};
|
|
541
|
-
function
|
|
541
|
+
function Qe(e) {
|
|
542
542
|
const n = new ArrayBuffer(e.length), s = new Uint8Array(n);
|
|
543
543
|
for (let t = 0; t < e.length; t++)
|
|
544
544
|
s[t] = e.charCodeAt(t);
|
|
545
545
|
return s;
|
|
546
546
|
}
|
|
547
|
-
function
|
|
547
|
+
function Ee(e) {
|
|
548
548
|
return new Promise((n, s) => {
|
|
549
|
-
crypto.subtle.digest("SHA-256",
|
|
549
|
+
crypto.subtle.digest("SHA-256", Qe(e)).then(
|
|
550
550
|
(t) => n(ie(new Uint8Array(t))),
|
|
551
551
|
(t) => s(t)
|
|
552
552
|
);
|
|
553
553
|
});
|
|
554
554
|
}
|
|
555
|
-
const
|
|
555
|
+
const Ze = (e) => {
|
|
556
556
|
if (e.length < 43 || e.length > 128)
|
|
557
557
|
return Promise.reject(new Error("Invalid code length."));
|
|
558
|
-
const { hasSubtleCrypto: n } =
|
|
559
|
-
return n ?
|
|
560
|
-
},
|
|
561
|
-
const i = `${n}/.well-known/openid-configuration`, r = `oidc.server:${n}`,
|
|
562
|
-
if (
|
|
563
|
-
return new se(
|
|
564
|
-
const
|
|
565
|
-
if (
|
|
558
|
+
const { hasSubtleCrypto: n } = be();
|
|
559
|
+
return n ? Ee(e) : Promise.reject(new Error("window.crypto.subtle is unavailable."));
|
|
560
|
+
}, en = 60 * 60, nn = (e) => async (n, s = en, t = window.sessionStorage, o = 1e4) => {
|
|
561
|
+
const i = `${n}/.well-known/openid-configuration`, r = `oidc.server:${n}`, a = Ue(r, t, s);
|
|
562
|
+
if (a)
|
|
563
|
+
return new se(a);
|
|
564
|
+
const c = await M(e)(i, {}, o);
|
|
565
|
+
if (c.status !== 200)
|
|
566
566
|
return null;
|
|
567
|
-
const
|
|
568
|
-
return Ke(r,
|
|
569
|
-
},
|
|
567
|
+
const l = await c.json();
|
|
568
|
+
return Ke(r, l, t), new se(l);
|
|
569
|
+
}, M = (e) => async (n, s = {}, t = 1e4, o = 0) => {
|
|
570
570
|
let i;
|
|
571
571
|
try {
|
|
572
572
|
const r = new AbortController();
|
|
@@ -574,7 +574,7 @@ const Qe = (e) => {
|
|
|
574
574
|
} catch (r) {
|
|
575
575
|
if (r.name === "AbortError" || r.message === "Network request failed") {
|
|
576
576
|
if (o <= 1)
|
|
577
|
-
return await
|
|
577
|
+
return await M(e)(n, s, t, o + 1);
|
|
578
578
|
throw r;
|
|
579
579
|
} else
|
|
580
580
|
throw console.error(r.message), r;
|
|
@@ -583,42 +583,42 @@ const Qe = (e) => {
|
|
|
583
583
|
}, ee = {
|
|
584
584
|
refresh_token: "refresh_token",
|
|
585
585
|
access_token: "access_token"
|
|
586
|
-
},
|
|
587
|
-
const
|
|
586
|
+
}, ye = (e) => async (n, s, t = ee.refresh_token, o, i = {}, r = 1e4) => {
|
|
587
|
+
const a = {
|
|
588
588
|
token: s,
|
|
589
589
|
token_type_hint: t,
|
|
590
590
|
client_id: o
|
|
591
591
|
};
|
|
592
|
-
for (const [
|
|
593
|
-
|
|
594
|
-
const
|
|
595
|
-
for (const
|
|
596
|
-
const _ = encodeURIComponent(
|
|
597
|
-
|
|
598
|
-
}
|
|
599
|
-
const
|
|
600
|
-
return (await
|
|
592
|
+
for (const [u, _] of Object.entries(i))
|
|
593
|
+
a[u] === void 0 && (a[u] = _);
|
|
594
|
+
const c = [];
|
|
595
|
+
for (const u in a) {
|
|
596
|
+
const _ = encodeURIComponent(u), f = encodeURIComponent(a[u]);
|
|
597
|
+
c.push(`${_}=${f}`);
|
|
598
|
+
}
|
|
599
|
+
const l = c.join("&");
|
|
600
|
+
return (await M(e)(
|
|
601
601
|
n,
|
|
602
602
|
{
|
|
603
603
|
method: "POST",
|
|
604
604
|
headers: {
|
|
605
605
|
"Content-Type": "application/x-www-form-urlencoded;charset=UTF-8"
|
|
606
606
|
},
|
|
607
|
-
body:
|
|
607
|
+
body: l
|
|
608
608
|
},
|
|
609
609
|
r
|
|
610
610
|
)).status !== 200 ? { success: !1 } : {
|
|
611
611
|
success: !0
|
|
612
612
|
};
|
|
613
|
-
},
|
|
614
|
-
for (const [
|
|
615
|
-
s[
|
|
616
|
-
const
|
|
617
|
-
for (const
|
|
618
|
-
const
|
|
619
|
-
|
|
620
|
-
}
|
|
621
|
-
const
|
|
613
|
+
}, sn = (e) => async (n, s, t, o, i = {}, r, a = 1e4) => {
|
|
614
|
+
for (const [f, h] of Object.entries(t))
|
|
615
|
+
s[f] === void 0 && (s[f] = h);
|
|
616
|
+
const c = [];
|
|
617
|
+
for (const f in s) {
|
|
618
|
+
const h = encodeURIComponent(f), p = encodeURIComponent(s[f]);
|
|
619
|
+
c.push(`${h}=${p}`);
|
|
620
|
+
}
|
|
621
|
+
const l = c.join("&"), d = await M(e)(
|
|
622
622
|
n,
|
|
623
623
|
{
|
|
624
624
|
method: "POST",
|
|
@@ -626,43 +626,43 @@ const Qe = (e) => {
|
|
|
626
626
|
"Content-Type": "application/x-www-form-urlencoded;charset=UTF-8",
|
|
627
627
|
...i
|
|
628
628
|
},
|
|
629
|
-
body:
|
|
629
|
+
body: l
|
|
630
630
|
},
|
|
631
|
-
|
|
631
|
+
a
|
|
632
632
|
);
|
|
633
|
-
if (
|
|
633
|
+
if (d.status !== 200)
|
|
634
634
|
return {
|
|
635
635
|
success: !1,
|
|
636
|
-
status:
|
|
636
|
+
status: d.status,
|
|
637
637
|
demonstratingProofOfPossessionNonce: null
|
|
638
638
|
};
|
|
639
|
-
const
|
|
639
|
+
const u = await d.json();
|
|
640
640
|
let _ = null;
|
|
641
|
-
return
|
|
641
|
+
return d.headers.has(G) && (_ = d.headers.get(
|
|
642
642
|
G
|
|
643
643
|
)), {
|
|
644
644
|
success: !0,
|
|
645
|
-
status:
|
|
646
|
-
data: oe(
|
|
645
|
+
status: d.status,
|
|
646
|
+
data: oe(u, o, r),
|
|
647
647
|
demonstratingProofOfPossessionNonce: _
|
|
648
648
|
};
|
|
649
|
-
},
|
|
649
|
+
}, tn = (e, n) => async (s, t) => {
|
|
650
650
|
t = t ? { ...t } : {};
|
|
651
|
-
const o = Z(128), i = await
|
|
651
|
+
const o = Z(128), i = await Ze(o);
|
|
652
652
|
await e.setCodeVerifierAsync(o), await e.setStateAsync(t.state), t.code_challenge = i, t.code_challenge_method = "S256";
|
|
653
653
|
let r = "";
|
|
654
654
|
if (t)
|
|
655
|
-
for (const [
|
|
656
|
-
r === "" ? r += "?" : r += "&", r += `${
|
|
655
|
+
for (const [a, c] of Object.entries(t))
|
|
656
|
+
r === "" ? r += "?" : r += "&", r += `${a}=${encodeURIComponent(c)}`;
|
|
657
657
|
n.open(`${s}${r}`);
|
|
658
|
-
}, G = "DPoP-Nonce",
|
|
658
|
+
}, G = "DPoP-Nonce", on = (e) => async (n, s, t, o, i = 1e4) => {
|
|
659
659
|
s = s ? { ...s } : {}, s.code_verifier = await e.getCodeVerifierAsync();
|
|
660
660
|
const r = [];
|
|
661
|
-
for (const
|
|
662
|
-
const _ = encodeURIComponent(
|
|
663
|
-
r.push(`${_}=${
|
|
661
|
+
for (const u in s) {
|
|
662
|
+
const _ = encodeURIComponent(u), f = encodeURIComponent(s[u]);
|
|
663
|
+
r.push(`${_}=${f}`);
|
|
664
664
|
}
|
|
665
|
-
const
|
|
665
|
+
const a = r.join("&"), c = await M(fetch)(
|
|
666
666
|
n,
|
|
667
667
|
{
|
|
668
668
|
method: "POST",
|
|
@@ -670,29 +670,29 @@ const Qe = (e) => {
|
|
|
670
670
|
"Content-Type": "application/x-www-form-urlencoded;charset=UTF-8",
|
|
671
671
|
...t
|
|
672
672
|
},
|
|
673
|
-
body:
|
|
673
|
+
body: a
|
|
674
674
|
},
|
|
675
675
|
i
|
|
676
676
|
);
|
|
677
|
-
if (await Promise.all([e.setCodeVerifierAsync(null), e.setStateAsync(null)]),
|
|
678
|
-
return { success: !1, status:
|
|
679
|
-
let
|
|
680
|
-
|
|
677
|
+
if (await Promise.all([e.setCodeVerifierAsync(null), e.setStateAsync(null)]), c.status !== 200)
|
|
678
|
+
return { success: !1, status: c.status };
|
|
679
|
+
let l = null;
|
|
680
|
+
c.headers.has(G) && (l = c.headers.get(
|
|
681
681
|
G
|
|
682
682
|
));
|
|
683
|
-
const
|
|
683
|
+
const d = await c.json();
|
|
684
684
|
return {
|
|
685
685
|
success: !0,
|
|
686
686
|
data: {
|
|
687
687
|
state: s.state,
|
|
688
|
-
tokens: oe(
|
|
689
|
-
demonstratingProofOfPossessionNonce:
|
|
688
|
+
tokens: oe(d, null, o),
|
|
689
|
+
demonstratingProofOfPossessionNonce: l
|
|
690
690
|
}
|
|
691
691
|
};
|
|
692
692
|
};
|
|
693
|
-
async function
|
|
694
|
-
const o = (
|
|
695
|
-
e.tokens =
|
|
693
|
+
async function ge(e, n, s, t = null) {
|
|
694
|
+
const o = (c) => {
|
|
695
|
+
e.tokens = c;
|
|
696
696
|
}, { tokens: i, status: r } = await H(e)(
|
|
697
697
|
o,
|
|
698
698
|
0,
|
|
@@ -700,33 +700,33 @@ async function ye(e, n, s, t = null) {
|
|
|
700
700
|
s,
|
|
701
701
|
t
|
|
702
702
|
);
|
|
703
|
-
return await
|
|
703
|
+
return await I(e.configuration, e.configurationName) || await P(e.configurationName, e.configuration.storage).setTokens(e.tokens), e.tokens ? i : (await e.destroyAsync(r), null);
|
|
704
704
|
}
|
|
705
|
-
async function
|
|
705
|
+
async function Oe(e, n = !1, s = null, t = null) {
|
|
706
706
|
const o = e.configuration, i = `${o.client_id}_${e.configurationName}_${o.authority}`;
|
|
707
707
|
let r;
|
|
708
|
-
const
|
|
709
|
-
if ((o == null ? void 0 : o.storage) === (window == null ? void 0 : window.sessionStorage) && !
|
|
710
|
-
r = await
|
|
708
|
+
const a = await I(e.configuration, e.configurationName);
|
|
709
|
+
if ((o == null ? void 0 : o.storage) === (window == null ? void 0 : window.sessionStorage) && !a || !navigator.locks)
|
|
710
|
+
r = await ge(e, n, s, t);
|
|
711
711
|
else {
|
|
712
|
-
let
|
|
713
|
-
for (;
|
|
714
|
-
|
|
712
|
+
let c = "retry";
|
|
713
|
+
for (; c === "retry"; )
|
|
714
|
+
c = await navigator.locks.request(
|
|
715
715
|
i,
|
|
716
716
|
{ ifAvailable: !0 },
|
|
717
|
-
async (
|
|
717
|
+
async (l) => l ? await ge(e, n, s, t) : (e.publishEvent(N.eventNames.syncTokensAsync_lock_not_available, {
|
|
718
718
|
lock: "lock not available"
|
|
719
719
|
}), "retry")
|
|
720
720
|
);
|
|
721
|
-
r =
|
|
721
|
+
r = c;
|
|
722
722
|
}
|
|
723
|
-
return r ? (e.timeoutId && (e.timeoutId =
|
|
723
|
+
return r ? (e.timeoutId && (e.timeoutId = J(e, e.tokens.expiresAt, s, t)), e.tokens) : null;
|
|
724
724
|
}
|
|
725
|
-
const
|
|
725
|
+
const J = (e, n, s = null, t = null) => {
|
|
726
726
|
const o = e.configuration.refresh_time_before_tokens_expiration_in_second;
|
|
727
|
-
return e.timeoutId &&
|
|
728
|
-
const r = { timeLeft:
|
|
729
|
-
e.publishEvent(N.eventNames.token_timer, r), await
|
|
727
|
+
return e.timeoutId && U.clearTimeout(e.timeoutId), U.setTimeout(async () => {
|
|
728
|
+
const r = { timeLeft: K(o, n) };
|
|
729
|
+
e.publishEvent(N.eventNames.token_timer, r), await Oe(e, !1, s, t);
|
|
730
730
|
}, 1e3);
|
|
731
731
|
}, W = {
|
|
732
732
|
FORCE_REFRESH: "FORCE_REFRESH",
|
|
@@ -736,57 +736,57 @@ const M = (e, n, s = null, t = null) => {
|
|
|
736
736
|
TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID: "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID",
|
|
737
737
|
LOGOUT_FROM_ANOTHER_TAB: "LOGOUT_FROM_ANOTHER_TAB",
|
|
738
738
|
REQUIRE_SYNC_TOKENS: "REQUIRE_SYNC_TOKENS"
|
|
739
|
-
},
|
|
739
|
+
}, rn = (e) => async (n, s, t, o = !1) => {
|
|
740
740
|
const i = { nonce: null };
|
|
741
741
|
if (!t)
|
|
742
742
|
return { tokens: null, status: "NOT_CONNECTED", nonce: i };
|
|
743
743
|
let r = i;
|
|
744
|
-
const
|
|
744
|
+
const a = await e.initAsync(
|
|
745
745
|
n.authority,
|
|
746
746
|
n.authority_configuration
|
|
747
|
-
),
|
|
748
|
-
if (
|
|
749
|
-
const { status:
|
|
750
|
-
|
|
747
|
+
), c = await I(n, s);
|
|
748
|
+
if (c) {
|
|
749
|
+
const { status: u, tokens: _ } = await c.initAsync(
|
|
750
|
+
a,
|
|
751
751
|
"syncTokensAsync",
|
|
752
752
|
n
|
|
753
753
|
);
|
|
754
|
-
if (
|
|
754
|
+
if (u === "LOGGED_OUT")
|
|
755
755
|
return { tokens: null, status: "LOGOUT_FROM_ANOTHER_TAB", nonce: i };
|
|
756
|
-
if (
|
|
756
|
+
if (u === "SESSIONS_LOST")
|
|
757
757
|
return { tokens: null, status: "SESSIONS_LOST", nonce: i };
|
|
758
|
-
if (!
|
|
758
|
+
if (!u || !_)
|
|
759
759
|
return { tokens: null, status: "REQUIRE_SYNC_TOKENS", nonce: i };
|
|
760
760
|
if (_.issuedAt !== t.issuedAt) {
|
|
761
|
-
const
|
|
761
|
+
const h = K(
|
|
762
762
|
n.refresh_time_before_tokens_expiration_in_second,
|
|
763
763
|
_.expiresAt
|
|
764
|
-
) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", p = await
|
|
765
|
-
return { tokens: _, status:
|
|
764
|
+
) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", p = await c.getNonceAsync();
|
|
765
|
+
return { tokens: _, status: h, nonce: p };
|
|
766
766
|
}
|
|
767
|
-
r = await
|
|
767
|
+
r = await c.getNonceAsync();
|
|
768
768
|
} else {
|
|
769
|
-
const
|
|
770
|
-
let { tokens:
|
|
771
|
-
const { status:
|
|
772
|
-
if (
|
|
773
|
-
if (
|
|
769
|
+
const u = P(s, n.storage ?? sessionStorage), _ = await u.initAsync();
|
|
770
|
+
let { tokens: f } = _;
|
|
771
|
+
const { status: h } = _;
|
|
772
|
+
if (f && (f = te(f, e.tokens, n.token_renew_mode)), f) {
|
|
773
|
+
if (h === "SESSIONS_LOST")
|
|
774
774
|
return { tokens: null, status: "SESSIONS_LOST", nonce: i };
|
|
775
|
-
if (
|
|
776
|
-
const
|
|
775
|
+
if (f.issuedAt !== t.issuedAt) {
|
|
776
|
+
const w = K(
|
|
777
777
|
n.refresh_time_before_tokens_expiration_in_second,
|
|
778
|
-
|
|
779
|
-
) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",
|
|
780
|
-
return { tokens:
|
|
778
|
+
f.expiresAt
|
|
779
|
+
) > 0 ? "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID" : "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID", T = await u.getNonceAsync();
|
|
780
|
+
return { tokens: f, status: w, nonce: T };
|
|
781
781
|
}
|
|
782
782
|
} else return { tokens: null, status: "LOGOUT_FROM_ANOTHER_TAB", nonce: i };
|
|
783
|
-
r = await
|
|
783
|
+
r = await u.getNonceAsync();
|
|
784
784
|
}
|
|
785
|
-
const
|
|
785
|
+
const d = K(
|
|
786
786
|
n.refresh_time_before_tokens_expiration_in_second,
|
|
787
787
|
t.expiresAt
|
|
788
788
|
) > 0 ? "TOKENS_VALID" : "TOKENS_INVALID";
|
|
789
|
-
return o ? { tokens: t, status: "FORCE_REFRESH", nonce: r } : { tokens: t, status:
|
|
789
|
+
return o ? { tokens: t, status: "FORCE_REFRESH", nonce: r } : { tokens: t, status: d, nonce: r };
|
|
790
790
|
}, H = (e) => async (n, s = 0, t = !1, o = null, i = null) => {
|
|
791
791
|
if (!navigator.onLine && document.hidden)
|
|
792
792
|
return { tokens: e.tokens, status: "GIVE_UP" };
|
|
@@ -795,35 +795,37 @@ const M = (e, n, s = null, t = null) => {
|
|
|
795
795
|
await Y({ milliseconds: 1e3 }), r--, e.publishEvent(k.refreshTokensAsync, {
|
|
796
796
|
message: `wait because navigator is offline try ${r}`
|
|
797
797
|
});
|
|
798
|
-
const
|
|
798
|
+
const a = document.hidden, c = a ? s : s + 1;
|
|
799
|
+
if (s > 4)
|
|
800
|
+
return a ? { tokens: e.tokens, status: "GIVE_UP" } : (n(null), e.publishEvent(k.refreshTokensAsync_error, { message: "refresh token" }), { tokens: null, status: "SESSION_LOST" });
|
|
799
801
|
o || (o = {});
|
|
800
|
-
const
|
|
802
|
+
const l = e.configuration, d = (_, f = null, h = null) => re(
|
|
801
803
|
e.configurationName,
|
|
802
804
|
e.configuration,
|
|
803
805
|
e.publishEvent.bind(e)
|
|
804
|
-
)(
|
|
806
|
+
)(_, f, h), u = async () => {
|
|
805
807
|
try {
|
|
806
|
-
let
|
|
807
|
-
const
|
|
808
|
-
|
|
809
|
-
const
|
|
810
|
-
...
|
|
808
|
+
let _;
|
|
809
|
+
const f = await I(l, e.configurationName);
|
|
810
|
+
f ? _ = f.getLoginParams() : _ = P(e.configurationName, l.storage).getLoginParams();
|
|
811
|
+
const h = await d({
|
|
812
|
+
..._.extras,
|
|
811
813
|
...o,
|
|
812
814
|
prompt: "none",
|
|
813
815
|
scope: i
|
|
814
816
|
});
|
|
815
|
-
return
|
|
817
|
+
return h ? h.error ? (n(null), e.publishEvent(k.refreshTokensAsync_error, {
|
|
816
818
|
message: "refresh token silent"
|
|
817
|
-
}), { tokens: null, status: "SESSION_LOST" }) : (n(
|
|
819
|
+
}), { tokens: null, status: "SESSION_LOST" }) : (n(h.tokens), e.publishEvent(N.eventNames.token_renewed, {}), { tokens: h.tokens, status: "LOGGED" }) : (n(null), e.publishEvent(k.refreshTokensAsync_error, {
|
|
818
820
|
message: "refresh token silent not active"
|
|
819
821
|
}), { tokens: null, status: "SESSION_LOST" });
|
|
820
|
-
} catch (
|
|
821
|
-
return console.error(
|
|
822
|
+
} catch (_) {
|
|
823
|
+
return console.error(_), e.publishEvent(k.refreshTokensAsync_silent_error, {
|
|
822
824
|
message: "exceptionSilent",
|
|
823
|
-
exception:
|
|
825
|
+
exception: _.message
|
|
824
826
|
}), await H(e)(
|
|
825
827
|
n,
|
|
826
|
-
|
|
828
|
+
c,
|
|
827
829
|
t,
|
|
828
830
|
o,
|
|
829
831
|
i
|
|
@@ -831,13 +833,13 @@ const M = (e, n, s = null, t = null) => {
|
|
|
831
833
|
}
|
|
832
834
|
};
|
|
833
835
|
try {
|
|
834
|
-
const { status:
|
|
835
|
-
|
|
836
|
+
const { status: _, tokens: f, nonce: h } = await rn(e)(
|
|
837
|
+
l,
|
|
836
838
|
e.configurationName,
|
|
837
839
|
e.tokens,
|
|
838
840
|
t
|
|
839
841
|
);
|
|
840
|
-
switch (
|
|
842
|
+
switch (_) {
|
|
841
843
|
case W.SESSION_LOST:
|
|
842
844
|
return n(null), e.publishEvent(k.refreshTokensAsync_error, {
|
|
843
845
|
message: "refresh token session lost"
|
|
@@ -845,83 +847,83 @@ const M = (e, n, s = null, t = null) => {
|
|
|
845
847
|
case W.NOT_CONNECTED:
|
|
846
848
|
return n(null), { tokens: null, status: null };
|
|
847
849
|
case W.TOKENS_VALID:
|
|
848
|
-
return n(
|
|
850
|
+
return n(f), { tokens: f, status: "LOGGED_IN" };
|
|
849
851
|
case W.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:
|
|
850
|
-
return n(
|
|
852
|
+
return n(f), e.publishEvent(N.eventNames.token_renewed, {
|
|
851
853
|
reason: "TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID"
|
|
852
|
-
}), { tokens:
|
|
854
|
+
}), { tokens: f, status: "LOGGED_IN" };
|
|
853
855
|
case W.LOGOUT_FROM_ANOTHER_TAB:
|
|
854
856
|
return n(null), e.publishEvent(k.logout_from_another_tab, {
|
|
855
857
|
status: "session syncTokensAsync"
|
|
856
858
|
}), { tokens: null, status: "LOGGED_OUT" };
|
|
857
859
|
case W.REQUIRE_SYNC_TOKENS:
|
|
858
|
-
return
|
|
860
|
+
return l.token_automatic_renew_mode == V.AutomaticOnlyWhenFetchExecuted && W.FORCE_REFRESH !== _ ? (e.publishEvent(k.tokensInvalidAndWaitingActionsToRefresh, {}), { tokens: e.tokens, status: "GIVE_UP" }) : (e.publishEvent(k.refreshTokensAsync_begin, { tryNumber: s }), await u());
|
|
859
861
|
default: {
|
|
860
|
-
if (
|
|
862
|
+
if (l.token_automatic_renew_mode == V.AutomaticOnlyWhenFetchExecuted && W.FORCE_REFRESH !== _)
|
|
861
863
|
return e.publishEvent(k.tokensInvalidAndWaitingActionsToRefresh, {}), { tokens: e.tokens, status: "GIVE_UP" };
|
|
862
864
|
if (e.publishEvent(k.refreshTokensAsync_begin, {
|
|
863
|
-
refreshToken:
|
|
864
|
-
status:
|
|
865
|
+
refreshToken: f.refreshToken,
|
|
866
|
+
status: _,
|
|
865
867
|
tryNumber: s
|
|
866
|
-
}), !
|
|
867
|
-
return await
|
|
868
|
-
const
|
|
869
|
-
for (const [
|
|
870
|
-
|
|
868
|
+
}), !f.refreshToken)
|
|
869
|
+
return await u();
|
|
870
|
+
const p = l.client_id, w = l.redirect_uri, T = l.authority, A = { ...l.token_request_extras ? l.token_request_extras : {} };
|
|
871
|
+
for (const [y, b] of Object.entries(o))
|
|
872
|
+
y.endsWith(":token_request") && (A[y.replace(":token_request", "")] = b);
|
|
871
873
|
return await (async () => {
|
|
872
|
-
const
|
|
873
|
-
client_id:
|
|
874
|
-
redirect_uri:
|
|
874
|
+
const y = {
|
|
875
|
+
client_id: p,
|
|
876
|
+
redirect_uri: w,
|
|
875
877
|
grant_type: "refresh_token",
|
|
876
|
-
refresh_token:
|
|
877
|
-
},
|
|
878
|
-
|
|
879
|
-
|
|
880
|
-
),
|
|
881
|
-
|
|
882
|
-
|
|
883
|
-
|
|
878
|
+
refresh_token: f.refreshToken
|
|
879
|
+
}, b = await e.initAsync(
|
|
880
|
+
T,
|
|
881
|
+
l.authority_configuration
|
|
882
|
+
), g = document.hidden ? 1e4 : 3e4 * 10, S = b.tokenEndpoint, C = {};
|
|
883
|
+
l.demonstrating_proof_of_possession && (C.DPoP = await e.generateDemonstrationOfProofOfPossessionAsync(
|
|
884
|
+
f.accessToken,
|
|
885
|
+
S,
|
|
884
886
|
"POST"
|
|
885
887
|
));
|
|
886
|
-
const
|
|
888
|
+
const m = await sn(e.getFetch())(
|
|
889
|
+
S,
|
|
887
890
|
y,
|
|
888
891
|
A,
|
|
889
|
-
|
|
890
|
-
|
|
891
|
-
|
|
892
|
-
|
|
893
|
-
O
|
|
892
|
+
f,
|
|
893
|
+
C,
|
|
894
|
+
l.token_renew_mode,
|
|
895
|
+
g
|
|
894
896
|
);
|
|
895
|
-
if (
|
|
896
|
-
const { isValid:
|
|
897
|
-
|
|
898
|
-
|
|
899
|
-
|
|
897
|
+
if (m.success) {
|
|
898
|
+
const { isValid: x, reason: B } = we(
|
|
899
|
+
m.data,
|
|
900
|
+
h.nonce,
|
|
901
|
+
b
|
|
900
902
|
);
|
|
901
|
-
if (!
|
|
903
|
+
if (!x)
|
|
902
904
|
return n(null), e.publishEvent(k.refreshTokensAsync_error, {
|
|
903
|
-
message: `refresh token return not valid tokens, reason: ${
|
|
905
|
+
message: `refresh token return not valid tokens, reason: ${B}`
|
|
904
906
|
}), { tokens: null, status: "SESSION_LOST" };
|
|
905
|
-
if (n(
|
|
906
|
-
const
|
|
907
|
-
|
|
908
|
-
|
|
909
|
-
) : await
|
|
910
|
-
|
|
907
|
+
if (n(m.data), m.demonstratingProofOfPossessionNonce) {
|
|
908
|
+
const ae = await I(l, e.configurationName);
|
|
909
|
+
ae ? await ae.setDemonstratingProofOfPossessionNonce(
|
|
910
|
+
m.demonstratingProofOfPossessionNonce
|
|
911
|
+
) : await P(e.configurationName, l.storage).setDemonstratingProofOfPossessionNonce(
|
|
912
|
+
m.demonstratingProofOfPossessionNonce
|
|
911
913
|
);
|
|
912
914
|
}
|
|
913
915
|
return e.publishEvent(k.refreshTokensAsync_end, {
|
|
914
|
-
success:
|
|
915
|
-
}), e.publishEvent(N.eventNames.token_renewed, { reason: "REFRESH_TOKEN" }), { tokens:
|
|
916
|
+
success: m.success
|
|
917
|
+
}), e.publishEvent(N.eventNames.token_renewed, { reason: "REFRESH_TOKEN" }), { tokens: m.data, status: "LOGGED_IN" };
|
|
916
918
|
} else
|
|
917
919
|
return e.publishEvent(k.refreshTokensAsync_silent_error, {
|
|
918
920
|
message: "bad request",
|
|
919
|
-
tokenResponse:
|
|
920
|
-
}),
|
|
921
|
-
message: `session lost: ${
|
|
921
|
+
tokenResponse: m
|
|
922
|
+
}), m.status >= 400 && m.status < 500 ? (n(null), e.publishEvent(k.refreshTokensAsync_error, {
|
|
923
|
+
message: `session lost: ${m.status}`
|
|
922
924
|
}), { tokens: null, status: "SESSION_LOST" }) : await H(e)(
|
|
923
925
|
n,
|
|
924
|
-
|
|
926
|
+
c,
|
|
925
927
|
t,
|
|
926
928
|
o,
|
|
927
929
|
i
|
|
@@ -929,13 +931,13 @@ const M = (e, n, s = null, t = null) => {
|
|
|
929
931
|
})();
|
|
930
932
|
}
|
|
931
933
|
}
|
|
932
|
-
} catch (
|
|
933
|
-
return console.error(
|
|
934
|
+
} catch (_) {
|
|
935
|
+
return console.error(_), e.publishEvent(k.refreshTokensAsync_silent_error, {
|
|
934
936
|
message: "exception",
|
|
935
|
-
exception:
|
|
936
|
-
}), new Promise((
|
|
937
|
+
exception: _.message
|
|
938
|
+
}), new Promise((f, h) => {
|
|
937
939
|
setTimeout(() => {
|
|
938
|
-
H(e)(n,
|
|
940
|
+
H(e)(n, c, t, o, i).then(f).catch(h);
|
|
939
941
|
}, 1e3);
|
|
940
942
|
});
|
|
941
943
|
}
|
|
@@ -946,127 +948,127 @@ const M = (e, n, s = null, t = null) => {
|
|
|
946
948
|
s(k.silentLoginAsync_begin, {});
|
|
947
949
|
let r = "";
|
|
948
950
|
if (o && (t == null && (t = {}), t.state = o), i != null && (t == null && (t = {}), t.scope = i), t != null)
|
|
949
|
-
for (const [
|
|
950
|
-
r === "" ? r = `?${encodeURIComponent(
|
|
951
|
-
const
|
|
952
|
-
return
|
|
953
|
-
let
|
|
954
|
-
const
|
|
955
|
-
window.removeEventListener("message", p),
|
|
956
|
-
}, p = (
|
|
957
|
-
if (
|
|
958
|
-
const
|
|
959
|
-
if (
|
|
960
|
-
if (
|
|
961
|
-
const
|
|
962
|
-
s(k.silentLoginAsync_end, {}),
|
|
963
|
-
} else if (
|
|
964
|
-
const
|
|
965
|
-
s(k.silentLoginAsync_error,
|
|
966
|
-
} else if (
|
|
967
|
-
const
|
|
968
|
-
s(k.silentLoginAsync_error,
|
|
951
|
+
for (const [u, _] of Object.entries(t))
|
|
952
|
+
r === "" ? r = `?${encodeURIComponent(u)}=${encodeURIComponent(_)}` : r += `&${encodeURIComponent(u)}=${encodeURIComponent(_)}`;
|
|
953
|
+
const a = n.silent_login_uri + r, c = a.indexOf("/", a.indexOf("//") + 2), l = a.substring(0, c), d = document.createElement("iframe");
|
|
954
|
+
return d.width = "0px", d.height = "0px", d.id = `${e}_oidc_iframe`, d.setAttribute("src", a), document.body.appendChild(d), new Promise((u, _) => {
|
|
955
|
+
let f = !1;
|
|
956
|
+
const h = () => {
|
|
957
|
+
window.removeEventListener("message", p), d.remove(), f = !0;
|
|
958
|
+
}, p = (w) => {
|
|
959
|
+
if (w.origin === l && w.source === d.contentWindow) {
|
|
960
|
+
const T = `${e}_oidc_tokens:`, O = `${e}_oidc_error:`, A = `${e}_oidc_exception:`, v = w.data;
|
|
961
|
+
if (v && typeof v == "string" && !f) {
|
|
962
|
+
if (v.startsWith(T)) {
|
|
963
|
+
const y = JSON.parse(w.data.replace(T, ""));
|
|
964
|
+
s(k.silentLoginAsync_end, {}), u(y), h();
|
|
965
|
+
} else if (v.startsWith(O)) {
|
|
966
|
+
const y = JSON.parse(w.data.replace(O, ""));
|
|
967
|
+
s(k.silentLoginAsync_error, y), u({ error: "oidc_" + y.error, tokens: null, sessionState: null }), h();
|
|
968
|
+
} else if (v.startsWith(A)) {
|
|
969
|
+
const y = JSON.parse(w.data.replace(A, ""));
|
|
970
|
+
s(k.silentLoginAsync_error, y), _(new Error(y.error)), h();
|
|
969
971
|
}
|
|
970
972
|
}
|
|
971
973
|
}
|
|
972
974
|
};
|
|
973
975
|
try {
|
|
974
976
|
window.addEventListener("message", p);
|
|
975
|
-
const
|
|
977
|
+
const w = n.silent_login_timeout;
|
|
976
978
|
setTimeout(() => {
|
|
977
|
-
|
|
978
|
-
},
|
|
979
|
-
} catch (
|
|
980
|
-
|
|
979
|
+
f || (h(), s(k.silentLoginAsync_error, { reason: "timeout" }), _(new Error("timeout")));
|
|
980
|
+
}, w);
|
|
981
|
+
} catch (w) {
|
|
982
|
+
h(), s(k.silentLoginAsync_error, w), _(w);
|
|
981
983
|
}
|
|
982
984
|
});
|
|
983
985
|
} catch (r) {
|
|
984
986
|
throw s(k.silentLoginAsync_error, r), r;
|
|
985
987
|
}
|
|
986
|
-
},
|
|
988
|
+
}, an = (e, n, s, t, o) => (i = null, r = void 0) => {
|
|
987
989
|
i = { ...i };
|
|
988
|
-
const
|
|
989
|
-
|
|
990
|
-
|
|
991
|
-
|
|
990
|
+
const a = (l, d, u) => re(n, s, t.bind(o))(
|
|
991
|
+
l,
|
|
992
|
+
d,
|
|
993
|
+
u
|
|
992
994
|
);
|
|
993
995
|
return (async () => {
|
|
994
|
-
o.timeoutId &&
|
|
995
|
-
let
|
|
996
|
-
i && "state" in i && (
|
|
996
|
+
o.timeoutId && U.clearTimeout(o.timeoutId);
|
|
997
|
+
let l;
|
|
998
|
+
i && "state" in i && (l = i.state, delete i.state);
|
|
997
999
|
try {
|
|
998
|
-
const
|
|
1000
|
+
const d = s.extras ? { ...s.extras, ...i } : i, u = await a(
|
|
999
1001
|
{
|
|
1000
|
-
...
|
|
1002
|
+
...d,
|
|
1001
1003
|
prompt: "none"
|
|
1002
1004
|
},
|
|
1003
|
-
|
|
1005
|
+
l,
|
|
1004
1006
|
r
|
|
1005
1007
|
);
|
|
1006
|
-
if (
|
|
1007
|
-
return o.tokens =
|
|
1008
|
-
} catch (
|
|
1009
|
-
return
|
|
1008
|
+
if (u)
|
|
1009
|
+
return o.tokens = u.tokens, t(k.token_acquired, {}), o.timeoutId = J(o, o.tokens.expiresAt, i, r), {};
|
|
1010
|
+
} catch (d) {
|
|
1011
|
+
return d;
|
|
1010
1012
|
}
|
|
1011
1013
|
})();
|
|
1012
|
-
},
|
|
1013
|
-
const
|
|
1014
|
-
|
|
1015
|
-
|
|
1016
|
-
|
|
1014
|
+
}, cn = (e, n, s) => (t, o, i, r = !1) => {
|
|
1015
|
+
const a = (c, l = void 0, d = void 0) => re(e.configurationName, s, e.publishEvent.bind(e))(
|
|
1016
|
+
c,
|
|
1017
|
+
l,
|
|
1018
|
+
d
|
|
1017
1019
|
);
|
|
1018
|
-
return new Promise((
|
|
1020
|
+
return new Promise((c, l) => {
|
|
1019
1021
|
if (s.silent_login_uri && s.silent_redirect_uri && s.monitor_session && t && i && !r) {
|
|
1020
|
-
const
|
|
1022
|
+
const d = () => {
|
|
1021
1023
|
e.checkSessionIFrame.stop();
|
|
1022
|
-
const
|
|
1023
|
-
if (
|
|
1024
|
+
const u = e.tokens;
|
|
1025
|
+
if (u === null)
|
|
1024
1026
|
return;
|
|
1025
|
-
const _ =
|
|
1026
|
-
return
|
|
1027
|
+
const _ = u.idToken, f = u.idTokenPayload;
|
|
1028
|
+
return a({
|
|
1027
1029
|
prompt: "none",
|
|
1028
1030
|
id_token_hint: _,
|
|
1029
1031
|
scope: s.scope || "openid"
|
|
1030
|
-
}).then((
|
|
1031
|
-
if (
|
|
1032
|
-
throw new Error(
|
|
1033
|
-
const p =
|
|
1034
|
-
if (
|
|
1035
|
-
const
|
|
1036
|
-
e.checkSessionIFrame.start(
|
|
1032
|
+
}).then((h) => {
|
|
1033
|
+
if (h.error)
|
|
1034
|
+
throw new Error(h.error);
|
|
1035
|
+
const p = h.tokens.idTokenPayload;
|
|
1036
|
+
if (f.sub === p.sub) {
|
|
1037
|
+
const w = h.sessionState;
|
|
1038
|
+
e.checkSessionIFrame.start(h.sessionState), f.sid === p.sid ? console.debug(
|
|
1037
1039
|
"SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",
|
|
1038
|
-
|
|
1040
|
+
w
|
|
1039
1041
|
) : console.debug(
|
|
1040
1042
|
"SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:",
|
|
1041
|
-
|
|
1043
|
+
w
|
|
1042
1044
|
);
|
|
1043
1045
|
} else
|
|
1044
1046
|
console.debug(
|
|
1045
1047
|
"SessionMonitor._callback: Different subject signed into OP:",
|
|
1046
1048
|
p.sub
|
|
1047
1049
|
);
|
|
1048
|
-
}).catch(async (
|
|
1050
|
+
}).catch(async (h) => {
|
|
1049
1051
|
console.warn(
|
|
1050
1052
|
"SessionMonitor._callback: Silent login failed, logging out other tabs:",
|
|
1051
|
-
|
|
1053
|
+
h
|
|
1052
1054
|
);
|
|
1053
1055
|
for (const [, p] of Object.entries(n))
|
|
1054
|
-
await p.logoutOtherTabAsync(s.client_id,
|
|
1056
|
+
await p.logoutOtherTabAsync(s.client_id, f.sub);
|
|
1055
1057
|
});
|
|
1056
1058
|
};
|
|
1057
|
-
e.checkSessionIFrame = new
|
|
1058
|
-
|
|
1059
|
+
e.checkSessionIFrame = new Ce(
|
|
1060
|
+
d,
|
|
1059
1061
|
o,
|
|
1060
1062
|
t
|
|
1061
1063
|
), e.checkSessionIFrame.load().then(() => {
|
|
1062
|
-
e.checkSessionIFrame.start(i),
|
|
1063
|
-
}).catch((
|
|
1064
|
-
u
|
|
1064
|
+
e.checkSessionIFrame.start(i), c(e.checkSessionIFrame);
|
|
1065
|
+
}).catch((u) => {
|
|
1066
|
+
l(u);
|
|
1065
1067
|
});
|
|
1066
1068
|
} else
|
|
1067
|
-
|
|
1069
|
+
c(null);
|
|
1068
1070
|
});
|
|
1069
|
-
},
|
|
1071
|
+
}, ln = (e) => !!(e.os === "iOS" && e.osVersion.startsWith("12") || e.os === "Mac OS X" && e.osVersion.startsWith("10_15_6")), un = (e) => {
|
|
1070
1072
|
const n = e.appVersion, s = e.userAgent, t = "-";
|
|
1071
1073
|
let o = t;
|
|
1072
1074
|
const i = [
|
|
@@ -1101,10 +1103,10 @@ const M = (e, n, s = null, t = null) => {
|
|
|
1101
1103
|
r: /(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/
|
|
1102
1104
|
}
|
|
1103
1105
|
];
|
|
1104
|
-
for (const
|
|
1105
|
-
const
|
|
1106
|
-
if (
|
|
1107
|
-
o =
|
|
1106
|
+
for (const a in i) {
|
|
1107
|
+
const c = i[a];
|
|
1108
|
+
if (c.r.test(s)) {
|
|
1109
|
+
o = c.s;
|
|
1108
1110
|
break;
|
|
1109
1111
|
}
|
|
1110
1112
|
}
|
|
@@ -1116,8 +1118,8 @@ const M = (e, n, s = null, t = null) => {
|
|
|
1116
1118
|
r = /(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(s)[1];
|
|
1117
1119
|
break;
|
|
1118
1120
|
case "iOS": {
|
|
1119
|
-
const
|
|
1120
|
-
|
|
1121
|
+
const a = /OS (\d+)_(\d+)_?(\d+)?/.exec(n);
|
|
1122
|
+
a != null && a.length > 2 && (r = a[1] + "." + a[2] + "." + (parseInt(a[3]) | 0));
|
|
1121
1123
|
break;
|
|
1122
1124
|
}
|
|
1123
1125
|
}
|
|
@@ -1126,7 +1128,7 @@ const M = (e, n, s = null, t = null) => {
|
|
|
1126
1128
|
osVersion: r
|
|
1127
1129
|
};
|
|
1128
1130
|
};
|
|
1129
|
-
function
|
|
1131
|
+
function _n() {
|
|
1130
1132
|
const e = navigator.userAgent;
|
|
1131
1133
|
let n, s = e.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i) || [];
|
|
1132
1134
|
if (/trident/i.test(s[1]))
|
|
@@ -1144,13 +1146,13 @@ function un() {
|
|
|
1144
1146
|
version: s[1]
|
|
1145
1147
|
};
|
|
1146
1148
|
}
|
|
1147
|
-
const
|
|
1148
|
-
const { name: e, version: n } =
|
|
1149
|
+
const fn = () => {
|
|
1150
|
+
const { name: e, version: n } = _n();
|
|
1149
1151
|
if (e === "chrome" && parseInt(n) <= 70 || e === "opera" && (!n || parseInt(n.split(".")[0]) < 80) || e === "ie")
|
|
1150
1152
|
return !1;
|
|
1151
|
-
const s =
|
|
1152
|
-
return !
|
|
1153
|
-
},
|
|
1153
|
+
const s = un(navigator);
|
|
1154
|
+
return !ln(s);
|
|
1155
|
+
}, dn = async (e) => {
|
|
1154
1156
|
let n;
|
|
1155
1157
|
if (e.tokens != null)
|
|
1156
1158
|
return !1;
|
|
@@ -1160,7 +1162,7 @@ const _n = () => {
|
|
|
1160
1162
|
s.authority,
|
|
1161
1163
|
s.authority_configuration
|
|
1162
1164
|
);
|
|
1163
|
-
if (n = await
|
|
1165
|
+
if (n = await I(s, e.configurationName), n) {
|
|
1164
1166
|
const { tokens: o } = await n.initAsync(
|
|
1165
1167
|
t,
|
|
1166
1168
|
"tryKeepExistingSessionAsync",
|
|
@@ -1169,7 +1171,7 @@ const _n = () => {
|
|
|
1169
1171
|
if (o) {
|
|
1170
1172
|
n.startKeepAliveServiceWorker(), e.tokens = o;
|
|
1171
1173
|
const i = n.getLoginParams(e.configurationName);
|
|
1172
|
-
e.timeoutId =
|
|
1174
|
+
e.timeoutId = J(
|
|
1173
1175
|
e,
|
|
1174
1176
|
e.tokens.expiresAt,
|
|
1175
1177
|
i.extras,
|
|
@@ -1193,21 +1195,21 @@ const _n = () => {
|
|
|
1193
1195
|
s.service_worker_relative_url && e.publishEvent(k.service_worker_not_supported_by_browser, {
|
|
1194
1196
|
message: "service worker is not supported by this browser"
|
|
1195
1197
|
});
|
|
1196
|
-
const o =
|
|
1198
|
+
const o = P(e.configurationName, s.storage ?? sessionStorage), { tokens: i } = await o.initAsync();
|
|
1197
1199
|
if (i) {
|
|
1198
1200
|
e.tokens = te(i, null, s.token_renew_mode);
|
|
1199
1201
|
const r = o.getLoginParams();
|
|
1200
|
-
e.timeoutId =
|
|
1202
|
+
e.timeoutId = J(
|
|
1201
1203
|
e,
|
|
1202
1204
|
e.tokens.expiresAt,
|
|
1203
1205
|
r.extras,
|
|
1204
1206
|
r.scope
|
|
1205
1207
|
);
|
|
1206
|
-
const
|
|
1208
|
+
const a = await o.getSessionStateAsync();
|
|
1207
1209
|
return await e.startCheckSessionAsync(
|
|
1208
1210
|
t.checkSessionIframe,
|
|
1209
1211
|
s.client_id,
|
|
1210
|
-
|
|
1212
|
+
a
|
|
1211
1213
|
), s.preload_user_info && await e.userInfoAsync(), e.publishEvent(k.tryKeepExistingSessionAsync_end, {
|
|
1212
1214
|
success: !0,
|
|
1213
1215
|
message: "tokens inside storage are valid"
|
|
@@ -1224,7 +1226,7 @@ const _n = () => {
|
|
|
1224
1226
|
"tokens inside ServiceWorker are invalid"
|
|
1225
1227
|
), !1;
|
|
1226
1228
|
}
|
|
1227
|
-
},
|
|
1229
|
+
}, Pe = (e) => {
|
|
1228
1230
|
const n = e.match(
|
|
1229
1231
|
// eslint-disable-next-line no-useless-escape
|
|
1230
1232
|
/^([a-z][\w-]+\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/
|
|
@@ -1246,163 +1248,163 @@ const _n = () => {
|
|
|
1246
1248
|
search: s,
|
|
1247
1249
|
hash: t
|
|
1248
1250
|
};
|
|
1249
|
-
},
|
|
1250
|
-
const n =
|
|
1251
|
+
}, En = (e) => {
|
|
1252
|
+
const n = Pe(e);
|
|
1251
1253
|
let { path: s } = n;
|
|
1252
1254
|
s.endsWith("/") && (s = s.slice(0, -1));
|
|
1253
1255
|
let { hash: t } = n;
|
|
1254
1256
|
return t === "#_=_" && (t = ""), t && (s += t), s;
|
|
1255
1257
|
}, ne = (e) => {
|
|
1256
|
-
const n =
|
|
1257
|
-
return
|
|
1258
|
-
},
|
|
1258
|
+
const n = Pe(e), { search: s } = n;
|
|
1259
|
+
return hn(s);
|
|
1260
|
+
}, hn = (e) => {
|
|
1259
1261
|
const n = {};
|
|
1260
1262
|
let s, t, o;
|
|
1261
1263
|
const i = e.split("&");
|
|
1262
1264
|
for (t = 0, o = i.length; t < o; t++)
|
|
1263
1265
|
s = i[t].split("="), n[decodeURIComponent(s[0])] = decodeURIComponent(s[1]);
|
|
1264
1266
|
return n;
|
|
1265
|
-
},
|
|
1266
|
-
const
|
|
1267
|
+
}, yn = (e, n, s, t, o) => (i = void 0, r = null, a = !1, c = void 0) => {
|
|
1268
|
+
const l = r;
|
|
1267
1269
|
return r = { ...r }, (async () => {
|
|
1268
|
-
const
|
|
1270
|
+
const u = i || o.getPath();
|
|
1269
1271
|
if ("state" in r || (r.state = Z(16)), s(k.loginAsync_begin, {}), r)
|
|
1270
1272
|
for (const _ of Object.keys(r))
|
|
1271
1273
|
_.endsWith(":token_request") && delete r[_];
|
|
1272
1274
|
try {
|
|
1273
|
-
const _ =
|
|
1274
|
-
|
|
1275
|
-
const
|
|
1276
|
-
|
|
1277
|
-
const
|
|
1275
|
+
const _ = a ? n.silent_redirect_uri : n.redirect_uri;
|
|
1276
|
+
c || (c = n.scope);
|
|
1277
|
+
const f = n.extras ? { ...n.extras, ...r } : r;
|
|
1278
|
+
f.nonce || (f.nonce = Z(12));
|
|
1279
|
+
const h = { nonce: f.nonce }, p = await I(n, e), w = await t(
|
|
1278
1280
|
n.authority,
|
|
1279
1281
|
n.authority_configuration
|
|
1280
1282
|
);
|
|
1281
|
-
let
|
|
1283
|
+
let T;
|
|
1282
1284
|
if (p)
|
|
1283
|
-
p.setLoginParams({ callbackPath:
|
|
1285
|
+
p.setLoginParams({ callbackPath: u, extras: l, scope: c }), await p.initAsync(w, "loginAsync", n), await p.setNonceAsync(h), p.startKeepAliveServiceWorker(), T = p;
|
|
1284
1286
|
else {
|
|
1285
|
-
const
|
|
1286
|
-
|
|
1287
|
+
const A = P(e, n.storage ?? sessionStorage);
|
|
1288
|
+
A.setLoginParams({ callbackPath: u, extras: l, scope: c }), await A.setNonceAsync(h), T = A;
|
|
1287
1289
|
}
|
|
1288
|
-
const
|
|
1290
|
+
const O = {
|
|
1289
1291
|
client_id: n.client_id,
|
|
1290
1292
|
redirect_uri: _,
|
|
1291
|
-
scope:
|
|
1293
|
+
scope: c,
|
|
1292
1294
|
response_type: "code",
|
|
1293
|
-
...
|
|
1295
|
+
...f
|
|
1294
1296
|
};
|
|
1295
|
-
await
|
|
1296
|
-
|
|
1297
|
-
|
|
1297
|
+
await tn(T, o)(
|
|
1298
|
+
w.authorizationEndpoint,
|
|
1299
|
+
O
|
|
1298
1300
|
);
|
|
1299
1301
|
} catch (_) {
|
|
1300
1302
|
throw s(k.loginAsync_error, _), _;
|
|
1301
1303
|
}
|
|
1302
1304
|
})();
|
|
1303
|
-
},
|
|
1305
|
+
}, gn = (e) => async (n = !1) => {
|
|
1304
1306
|
try {
|
|
1305
1307
|
e.publishEvent(k.loginCallbackAsync_begin, {});
|
|
1306
|
-
const s = e.configuration, t = s.client_id, o = n ? s.silent_redirect_uri : s.redirect_uri, i = s.authority, r = s.token_request_timeout,
|
|
1308
|
+
const s = e.configuration, t = s.client_id, o = n ? s.silent_redirect_uri : s.redirect_uri, i = s.authority, r = s.token_request_timeout, a = await e.initAsync(
|
|
1307
1309
|
i,
|
|
1308
1310
|
s.authority_configuration
|
|
1309
|
-
),
|
|
1310
|
-
let _,
|
|
1311
|
-
if (
|
|
1312
|
-
await
|
|
1311
|
+
), c = e.location.getCurrentHref(), l = ne(c), d = l.session_state, u = await I(s, e.configurationName);
|
|
1312
|
+
let _, f, h, p;
|
|
1313
|
+
if (u)
|
|
1314
|
+
await u.initAsync(a, "loginCallbackAsync", s), await u.setSessionStateAsync(d), f = await u.getNonceAsync(), h = u.getLoginParams(), p = await u.getStateAsync(), u.startKeepAliveServiceWorker(), _ = u;
|
|
1313
1315
|
else {
|
|
1314
|
-
const
|
|
1316
|
+
const m = P(
|
|
1315
1317
|
e.configurationName,
|
|
1316
1318
|
s.storage ?? sessionStorage
|
|
1317
1319
|
);
|
|
1318
|
-
await
|
|
1320
|
+
await m.setSessionStateAsync(d), f = await m.getNonceAsync(), h = m.getLoginParams(), p = await m.getStateAsync(), _ = m;
|
|
1319
1321
|
}
|
|
1320
|
-
if (
|
|
1322
|
+
if (l.error || l.error_description)
|
|
1321
1323
|
throw new Error(
|
|
1322
|
-
`Error from OIDC server: ${
|
|
1324
|
+
`Error from OIDC server: ${l.error} - ${l.error_description}`
|
|
1323
1325
|
);
|
|
1324
|
-
if (
|
|
1326
|
+
if (l.iss && l.iss !== a.issuer)
|
|
1325
1327
|
throw console.error(), new Error(
|
|
1326
|
-
`Issuer not valid (expected: ${
|
|
1328
|
+
`Issuer not valid (expected: ${a.issuer}, received: ${l.iss})`
|
|
1327
1329
|
);
|
|
1328
|
-
if (
|
|
1329
|
-
throw new Error(`State not valid (expected: ${p}, received: ${
|
|
1330
|
-
const
|
|
1331
|
-
code:
|
|
1330
|
+
if (l.state && l.state !== p)
|
|
1331
|
+
throw new Error(`State not valid (expected: ${p}, received: ${l.state})`);
|
|
1332
|
+
const w = {
|
|
1333
|
+
code: l.code,
|
|
1332
1334
|
grant_type: "authorization_code",
|
|
1333
1335
|
client_id: s.client_id,
|
|
1334
1336
|
redirect_uri: o
|
|
1335
|
-
},
|
|
1337
|
+
}, T = {};
|
|
1336
1338
|
if (s.token_request_extras)
|
|
1337
|
-
for (const [
|
|
1338
|
-
|
|
1339
|
-
if (
|
|
1340
|
-
for (const [
|
|
1341
|
-
|
|
1342
|
-
const
|
|
1339
|
+
for (const [m, x] of Object.entries(s.token_request_extras))
|
|
1340
|
+
T[m] = x;
|
|
1341
|
+
if (h != null && h.extras)
|
|
1342
|
+
for (const [m, x] of Object.entries(h.extras))
|
|
1343
|
+
m.endsWith(":token_request") && (T[m.replace(":token_request", "")] = x);
|
|
1344
|
+
const O = a.tokenEndpoint, A = {};
|
|
1343
1345
|
if (s.demonstrating_proof_of_possession)
|
|
1344
|
-
if (
|
|
1345
|
-
|
|
1346
|
+
if (u)
|
|
1347
|
+
A.DPoP = `DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;
|
|
1346
1348
|
else {
|
|
1347
|
-
const
|
|
1349
|
+
const m = await Ye(window)(
|
|
1348
1350
|
s.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm
|
|
1349
1351
|
);
|
|
1350
|
-
await
|
|
1352
|
+
await P(e.configurationName, s.storage).setDemonstratingProofOfPossessionJwkAsync(m), A.DPoP = await ve(window)(
|
|
1351
1353
|
s.demonstrating_proof_of_possession_configuration
|
|
1352
|
-
)(
|
|
1354
|
+
)(m, "POST", O);
|
|
1353
1355
|
}
|
|
1354
|
-
const
|
|
1355
|
-
|
|
1356
|
-
{ ...
|
|
1357
|
-
|
|
1356
|
+
const v = await on(_)(
|
|
1357
|
+
O,
|
|
1358
|
+
{ ...w, ...T },
|
|
1359
|
+
A,
|
|
1358
1360
|
e.configuration.token_renew_mode,
|
|
1359
1361
|
r
|
|
1360
1362
|
);
|
|
1361
|
-
if (!
|
|
1363
|
+
if (!v.success)
|
|
1362
1364
|
throw new Error("Token request failed");
|
|
1363
|
-
let
|
|
1364
|
-
const
|
|
1365
|
-
if (
|
|
1365
|
+
let y;
|
|
1366
|
+
const b = v.data.tokens, g = v.data.demonstratingProofOfPossessionNonce;
|
|
1367
|
+
if (v.data.state !== T.state)
|
|
1366
1368
|
throw new Error("state is not valid");
|
|
1367
|
-
const { isValid: S, reason:
|
|
1368
|
-
|
|
1369
|
-
|
|
1370
|
-
|
|
1369
|
+
const { isValid: S, reason: C } = we(
|
|
1370
|
+
b,
|
|
1371
|
+
f.nonce,
|
|
1372
|
+
a
|
|
1371
1373
|
);
|
|
1372
1374
|
if (!S)
|
|
1373
|
-
throw new Error(`Tokens are not OpenID valid, reason: ${
|
|
1374
|
-
if (
|
|
1375
|
-
if (
|
|
1375
|
+
throw new Error(`Tokens are not OpenID valid, reason: ${C}`);
|
|
1376
|
+
if (u) {
|
|
1377
|
+
if (b.refreshToken && !b.refreshToken.includes("SECURED_BY_OIDC_SERVICE_WORKER"))
|
|
1376
1378
|
throw new Error("Refresh token should be hidden by service worker");
|
|
1377
|
-
if (
|
|
1379
|
+
if (g && (b != null && b.accessToken.includes("SECURED_BY_OIDC_SERVICE_WORKER")))
|
|
1378
1380
|
throw new Error(
|
|
1379
1381
|
"Demonstration of proof of possession require Access token not hidden by service worker"
|
|
1380
1382
|
);
|
|
1381
1383
|
}
|
|
1382
|
-
if (
|
|
1383
|
-
await
|
|
1384
|
-
|
|
1384
|
+
if (u)
|
|
1385
|
+
await u.initAsync(a, "syncTokensAsync", s), y = u.getLoginParams(), g && await u.setDemonstratingProofOfPossessionNonce(
|
|
1386
|
+
g
|
|
1385
1387
|
);
|
|
1386
1388
|
else {
|
|
1387
|
-
const
|
|
1388
|
-
|
|
1389
|
+
const m = P(e.configurationName, s.storage);
|
|
1390
|
+
y = m.getLoginParams(), g && await m.setDemonstratingProofOfPossessionNonce(g);
|
|
1389
1391
|
}
|
|
1390
1392
|
return await e.startCheckSessionAsync(
|
|
1391
|
-
|
|
1393
|
+
a.checkSessionIframe,
|
|
1392
1394
|
t,
|
|
1393
|
-
|
|
1395
|
+
d,
|
|
1394
1396
|
n
|
|
1395
1397
|
), e.publishEvent(k.loginCallbackAsync_end, {}), {
|
|
1396
|
-
tokens:
|
|
1398
|
+
tokens: b,
|
|
1397
1399
|
state: "request.state",
|
|
1398
|
-
callbackPath:
|
|
1399
|
-
scope:
|
|
1400
|
-
extras:
|
|
1400
|
+
callbackPath: y.callbackPath,
|
|
1401
|
+
scope: l.scope,
|
|
1402
|
+
extras: y.extras
|
|
1401
1403
|
};
|
|
1402
1404
|
} catch (s) {
|
|
1403
1405
|
throw console.error(s), e.publishEvent(k.loginCallbackAsync_error, s), s;
|
|
1404
1406
|
}
|
|
1405
|
-
},
|
|
1407
|
+
}, ke = {
|
|
1406
1408
|
access_token: "access_token",
|
|
1407
1409
|
refresh_token: "refresh_token"
|
|
1408
1410
|
}, X = (e, n) => {
|
|
@@ -1416,7 +1418,7 @@ const _n = () => {
|
|
|
1416
1418
|
return s;
|
|
1417
1419
|
}
|
|
1418
1420
|
return s;
|
|
1419
|
-
},
|
|
1421
|
+
}, kn = (e) => {
|
|
1420
1422
|
const n = {};
|
|
1421
1423
|
if (e) {
|
|
1422
1424
|
for (const [s, t] of Object.entries(e))
|
|
@@ -1424,128 +1426,128 @@ const _n = () => {
|
|
|
1424
1426
|
return n;
|
|
1425
1427
|
}
|
|
1426
1428
|
return n;
|
|
1427
|
-
},
|
|
1428
|
-
|
|
1429
|
-
const s = await
|
|
1430
|
-
s ? await s.clearAsync(n) : await
|
|
1431
|
-
},
|
|
1432
|
-
var
|
|
1433
|
-
const
|
|
1434
|
-
|
|
1435
|
-
|
|
1429
|
+
}, mn = (e) => async (n) => {
|
|
1430
|
+
U.clearTimeout(e.timeoutId), e.timeoutId = null, e.checkSessionIFrame && e.checkSessionIFrame.stop();
|
|
1431
|
+
const s = await I(e.configuration, e.configurationName);
|
|
1432
|
+
s ? await s.clearAsync(n) : await P(e.configurationName, e.configuration.storage).clearAsync(n), e.tokens = null, e.userInfo = null;
|
|
1433
|
+
}, pn = (e, n, s, t, o) => async (i = void 0, r = null) => {
|
|
1434
|
+
var T, O;
|
|
1435
|
+
const a = e.configuration, c = await e.initAsync(
|
|
1436
|
+
a.authority,
|
|
1437
|
+
a.authority_configuration
|
|
1436
1438
|
);
|
|
1437
1439
|
i && typeof i != "string" && (i = void 0, t.warn("callbackPathOrUrl path is not a string"));
|
|
1438
|
-
const
|
|
1439
|
-
let
|
|
1440
|
-
i && (
|
|
1441
|
-
const
|
|
1440
|
+
const l = i ?? o.getPath();
|
|
1441
|
+
let d = !1;
|
|
1442
|
+
i && (d = i.includes("https://") || i.includes("http://"));
|
|
1443
|
+
const u = d ? i : o.getOrigin() + l, _ = e.tokens ? e.tokens.idToken : "";
|
|
1442
1444
|
try {
|
|
1443
|
-
const
|
|
1444
|
-
if (
|
|
1445
|
-
const
|
|
1446
|
-
if (
|
|
1447
|
-
const
|
|
1448
|
-
|
|
1449
|
-
|
|
1445
|
+
const A = c.revocationEndpoint;
|
|
1446
|
+
if (A) {
|
|
1447
|
+
const v = [], y = e.tokens ? e.tokens.accessToken : null;
|
|
1448
|
+
if (y && a.logout_tokens_to_invalidate.includes(ke.access_token)) {
|
|
1449
|
+
const g = X(r, ":revoke_access_token"), S = ye(s)(
|
|
1450
|
+
A,
|
|
1451
|
+
y,
|
|
1450
1452
|
ee.access_token,
|
|
1451
|
-
|
|
1452
|
-
|
|
1453
|
+
a.client_id,
|
|
1454
|
+
g
|
|
1453
1455
|
);
|
|
1454
|
-
|
|
1456
|
+
v.push(S);
|
|
1455
1457
|
}
|
|
1456
|
-
const
|
|
1457
|
-
if (
|
|
1458
|
-
const
|
|
1459
|
-
|
|
1460
|
-
|
|
1458
|
+
const b = e.tokens ? e.tokens.refreshToken : null;
|
|
1459
|
+
if (b && a.logout_tokens_to_invalidate.includes(ke.refresh_token)) {
|
|
1460
|
+
const g = X(r, ":revoke_refresh_token"), S = ye(s)(
|
|
1461
|
+
A,
|
|
1462
|
+
b,
|
|
1461
1463
|
ee.refresh_token,
|
|
1462
|
-
|
|
1463
|
-
|
|
1464
|
+
a.client_id,
|
|
1465
|
+
g
|
|
1464
1466
|
);
|
|
1465
|
-
|
|
1467
|
+
v.push(S);
|
|
1466
1468
|
}
|
|
1467
|
-
|
|
1469
|
+
v.length > 0 && await Promise.all(v);
|
|
1468
1470
|
}
|
|
1469
|
-
} catch (
|
|
1471
|
+
} catch (A) {
|
|
1470
1472
|
t.warn(
|
|
1471
1473
|
"logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error"
|
|
1472
|
-
), t.warn(
|
|
1474
|
+
), t.warn(A);
|
|
1473
1475
|
}
|
|
1474
|
-
const
|
|
1476
|
+
const f = ((O = (T = e.tokens) == null ? void 0 : T.idTokenPayload) == null ? void 0 : O.sub) ?? null;
|
|
1475
1477
|
await e.destroyAsync("LOGGED_OUT");
|
|
1476
|
-
for (const [,
|
|
1477
|
-
|
|
1478
|
-
const
|
|
1479
|
-
if (
|
|
1478
|
+
for (const [, A] of Object.entries(n))
|
|
1479
|
+
A !== e ? await e.logoutSameTabAsync(e.configuration.client_id, f) : e.publishEvent(k.logout_from_same_tab, {});
|
|
1480
|
+
const h = X(r, ":oidc");
|
|
1481
|
+
if (h && h.no_reload === "true")
|
|
1480
1482
|
return;
|
|
1481
|
-
const
|
|
1482
|
-
if (
|
|
1483
|
-
"id_token_hint" in
|
|
1484
|
-
let
|
|
1485
|
-
for (const [
|
|
1486
|
-
|
|
1487
|
-
o.open(`${
|
|
1483
|
+
const w = kn(r);
|
|
1484
|
+
if (c.endSessionEndpoint) {
|
|
1485
|
+
"id_token_hint" in w || (w.id_token_hint = _), !("post_logout_redirect_uri" in w) && i !== null && (w.post_logout_redirect_uri = u);
|
|
1486
|
+
let A = "";
|
|
1487
|
+
for (const [v, y] of Object.entries(w))
|
|
1488
|
+
y != null && (A === "" ? A += "?" : A += "&", A += `${v}=${encodeURIComponent(y)}`);
|
|
1489
|
+
o.open(`${c.endSessionEndpoint}${A}`);
|
|
1488
1490
|
} else
|
|
1489
1491
|
o.reload();
|
|
1490
|
-
},
|
|
1491
|
-
var
|
|
1492
|
-
const [o, i, ...r] = t,
|
|
1493
|
-
let
|
|
1494
|
-
|
|
1495
|
-
const
|
|
1492
|
+
}, Ie = (e, n, s = !1) => async (...t) => {
|
|
1493
|
+
var f;
|
|
1494
|
+
const [o, i, ...r] = t, a = i ? { ...i } : { method: "GET" };
|
|
1495
|
+
let c = new Headers();
|
|
1496
|
+
a.headers && (c = a.headers instanceof Headers ? a.headers : new Headers(a.headers));
|
|
1497
|
+
const l = {
|
|
1496
1498
|
getTokens: () => n.tokens,
|
|
1497
1499
|
configuration: {
|
|
1498
1500
|
token_automatic_renew_mode: n.configuration.token_automatic_renew_mode,
|
|
1499
1501
|
refresh_time_before_tokens_expiration_in_second: n.configuration.refresh_time_before_tokens_expiration_in_second
|
|
1500
1502
|
},
|
|
1501
1503
|
renewTokensAsync: n.renewTokensAsync.bind(n)
|
|
1502
|
-
},
|
|
1503
|
-
if (
|
|
1504
|
+
}, d = await pe(l), u = (f = d == null ? void 0 : d.tokens) == null ? void 0 : f.accessToken;
|
|
1505
|
+
if (c.has("Accept") || c.set("Accept", "application/json"), u) {
|
|
1504
1506
|
if (n.configuration.demonstrating_proof_of_possession && s) {
|
|
1505
|
-
const
|
|
1506
|
-
|
|
1507
|
+
const h = await n.generateDemonstrationOfProofOfPossessionAsync(
|
|
1508
|
+
u,
|
|
1507
1509
|
o.toString(),
|
|
1508
|
-
|
|
1510
|
+
a.method
|
|
1509
1511
|
);
|
|
1510
|
-
|
|
1512
|
+
c.set("Authorization", `DPoP ${u}`), c.set("DPoP", h);
|
|
1511
1513
|
} else
|
|
1512
|
-
|
|
1513
|
-
|
|
1514
|
+
c.set("Authorization", `Bearer ${u}`);
|
|
1515
|
+
a.credentials || (a.credentials = "same-origin");
|
|
1514
1516
|
}
|
|
1515
|
-
const _ = { ...
|
|
1517
|
+
const _ = { ...a, headers: c };
|
|
1516
1518
|
return await e(o, _, ...r);
|
|
1517
|
-
},
|
|
1519
|
+
}, wn = (e) => async (n = !1, s = !1) => {
|
|
1518
1520
|
if (e.userInfo != null && !n)
|
|
1519
1521
|
return e.userInfo;
|
|
1520
1522
|
const t = e.configuration, i = (await e.initAsync(
|
|
1521
1523
|
t.authority,
|
|
1522
1524
|
t.authority_configuration
|
|
1523
|
-
)).userInfoEndpoint,
|
|
1524
|
-
const
|
|
1525
|
-
return
|
|
1525
|
+
)).userInfoEndpoint, a = await (async () => {
|
|
1526
|
+
const l = await Ie(fetch, e, s)(i);
|
|
1527
|
+
return l.status !== 200 ? null : l.json();
|
|
1526
1528
|
})();
|
|
1527
|
-
return e.userInfo =
|
|
1528
|
-
},
|
|
1529
|
+
return e.userInfo = a, a;
|
|
1530
|
+
}, An = () => fetch;
|
|
1529
1531
|
class se {
|
|
1530
1532
|
constructor(n) {
|
|
1531
1533
|
this.authorizationEndpoint = n.authorization_endpoint, this.tokenEndpoint = n.token_endpoint, this.revocationEndpoint = n.revocation_endpoint, this.userInfoEndpoint = n.userinfo_endpoint, this.checkSessionIframe = n.check_session_iframe, this.issuer = n.issuer, this.endSessionEndpoint = n.end_session_endpoint;
|
|
1532
1534
|
}
|
|
1533
1535
|
}
|
|
1534
|
-
const L = {},
|
|
1536
|
+
const L = {}, Sn = (e, n = new q()) => (s, t = "default") => (L[t] || (L[t] = new N(s, t, e, n)), L[t]), Tn = async (e) => {
|
|
1535
1537
|
const { parsedTokens: n, callbackPath: s, extras: t, scope: o } = await e.loginCallbackAsync();
|
|
1536
|
-
return e.timeoutId =
|
|
1537
|
-
},
|
|
1538
|
+
return e.timeoutId = J(e, n.expiresAt, t, o), { callbackPath: s };
|
|
1539
|
+
}, vn = (e) => Math.floor(Math.random() * e), F = class F {
|
|
1538
1540
|
constructor(n, s = "default", t, o = new q()) {
|
|
1539
1541
|
this.initPromise = null, this.tryKeepExistingSessionPromise = null, this.loginPromise = null, this.loginCallbackPromise = null, this.loginCallbackWithAutoTokensRenewPromise = null, this.userInfoPromise = null, this.renewTokensPromise = null, this.logoutPromise = null;
|
|
1540
1542
|
let i = n.silent_login_uri;
|
|
1541
1543
|
n.silent_redirect_uri && !n.silent_login_uri && (i = `${n.silent_redirect_uri.replace("-callback", "").replace("callback", "")}-login`);
|
|
1542
1544
|
let r = n.refresh_time_before_tokens_expiration_in_second ?? 120;
|
|
1543
1545
|
r > 60 && (r = r - Math.floor(Math.random() * 40)), this.location = o ?? new q();
|
|
1544
|
-
const
|
|
1546
|
+
const a = n.service_worker_update_require_callback ?? Re(this.location);
|
|
1545
1547
|
this.configuration = {
|
|
1546
1548
|
...n,
|
|
1547
1549
|
silent_login_uri: i,
|
|
1548
|
-
token_automatic_renew_mode: n.token_automatic_renew_mode ??
|
|
1550
|
+
token_automatic_renew_mode: n.token_automatic_renew_mode ?? V.AutomaticBeforeTokenExpiration,
|
|
1549
1551
|
monitor_session: n.monitor_session ?? !1,
|
|
1550
1552
|
refresh_time_before_tokens_expiration_in_second: r,
|
|
1551
1553
|
silent_login_timeout: n.silent_login_timeout ?? 12e3,
|
|
@@ -1556,14 +1558,14 @@ const L = {}, An = (e, n = new q()) => (s, t = "default") => (L[t] || (L[t] = ne
|
|
|
1556
1558
|
"access_token",
|
|
1557
1559
|
"refresh_token"
|
|
1558
1560
|
],
|
|
1559
|
-
service_worker_update_require_callback:
|
|
1560
|
-
service_worker_activate: n.service_worker_activate ??
|
|
1561
|
-
demonstrating_proof_of_possession_configuration: n.demonstrating_proof_of_possession_configuration ??
|
|
1561
|
+
service_worker_update_require_callback: a,
|
|
1562
|
+
service_worker_activate: n.service_worker_activate ?? fn,
|
|
1563
|
+
demonstrating_proof_of_possession_configuration: n.demonstrating_proof_of_possession_configuration ?? Ve,
|
|
1562
1564
|
preload_user_info: n.preload_user_info ?? !1
|
|
1563
|
-
}, this.getFetch = t ??
|
|
1565
|
+
}, this.getFetch = t ?? An, this.configurationName = s, this.tokens = null, this.userInfo = null, this.events = [], this.timeoutId = null, this.loginCallbackWithAutoTokensRenewAsync.bind(this), this.initAsync.bind(this), this.loginCallbackAsync.bind(this), this.subscribeEvents.bind(this), this.removeEventSubscription.bind(this), this.publishEvent.bind(this), this.destroyAsync.bind(this), this.logoutAsync.bind(this), this.renewTokensAsync.bind(this), this.initAsync(this.configuration.authority, this.configuration.authority_configuration);
|
|
1564
1566
|
}
|
|
1565
1567
|
subscribeEvents(n) {
|
|
1566
|
-
const s =
|
|
1568
|
+
const s = vn(9999999999999).toString();
|
|
1567
1569
|
return this.events.push({ id: s, func: n }), s;
|
|
1568
1570
|
}
|
|
1569
1571
|
removeEventSubscription(n) {
|
|
@@ -1624,8 +1626,8 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1624
1626
|
check_session_iframe: s.check_session_iframe,
|
|
1625
1627
|
issuer: s.issuer
|
|
1626
1628
|
});
|
|
1627
|
-
const i = await
|
|
1628
|
-
return await
|
|
1629
|
+
const i = await I(this.configuration, this.configurationName) ? window.sessionStorage : null;
|
|
1630
|
+
return await nn(this.getFetch())(
|
|
1629
1631
|
n,
|
|
1630
1632
|
this.configuration.authority_time_cache_wellknowurl_in_second ?? 60 * 60,
|
|
1631
1633
|
i,
|
|
@@ -1637,12 +1639,12 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1637
1639
|
});
|
|
1638
1640
|
}
|
|
1639
1641
|
async tryKeepExistingSessionAsync() {
|
|
1640
|
-
return this.tryKeepExistingSessionPromise !== null ? this.tryKeepExistingSessionPromise : (this.tryKeepExistingSessionPromise =
|
|
1642
|
+
return this.tryKeepExistingSessionPromise !== null ? this.tryKeepExistingSessionPromise : (this.tryKeepExistingSessionPromise = dn(this), this.tryKeepExistingSessionPromise.finally(() => {
|
|
1641
1643
|
this.tryKeepExistingSessionPromise = null;
|
|
1642
1644
|
}));
|
|
1643
1645
|
}
|
|
1644
1646
|
async startCheckSessionAsync(n, s, t, o = !1) {
|
|
1645
|
-
await
|
|
1647
|
+
await cn(this, L, this.configuration)(
|
|
1646
1648
|
n,
|
|
1647
1649
|
s,
|
|
1648
1650
|
t,
|
|
@@ -1650,13 +1652,13 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1650
1652
|
);
|
|
1651
1653
|
}
|
|
1652
1654
|
async loginAsync(n = void 0, s = null, t = !1, o = void 0, i = !1) {
|
|
1653
|
-
return this.logoutPromise && await this.logoutPromise, this.loginPromise !== null ? this.loginPromise : (i ? this.loginPromise =
|
|
1655
|
+
return this.logoutPromise && await this.logoutPromise, this.loginPromise !== null ? this.loginPromise : (i ? this.loginPromise = an(
|
|
1654
1656
|
window,
|
|
1655
1657
|
this.configurationName,
|
|
1656
1658
|
this.configuration,
|
|
1657
1659
|
this.publishEvent.bind(this),
|
|
1658
1660
|
this
|
|
1659
|
-
)(s, o) : this.loginPromise =
|
|
1661
|
+
)(s, o) : this.loginPromise = yn(
|
|
1660
1662
|
this.configurationName,
|
|
1661
1663
|
this.configuration,
|
|
1662
1664
|
this.publishEvent.bind(this),
|
|
@@ -1670,8 +1672,8 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1670
1672
|
if (this.loginCallbackPromise !== null)
|
|
1671
1673
|
return this.loginCallbackPromise;
|
|
1672
1674
|
const s = async () => {
|
|
1673
|
-
const t = await
|
|
1674
|
-
return this.tokens = o, await
|
|
1675
|
+
const t = await gn(this)(n), o = t.tokens;
|
|
1676
|
+
return this.tokens = o, await I(this.configuration, this.configurationName) || P(this.configurationName, this.configuration.storage).setTokens(o), this.publishEvent(F.eventNames.token_acquired, o), this.configuration.preload_user_info && await this.userInfoAsync(), {
|
|
1675
1677
|
parsedTokens: o,
|
|
1676
1678
|
state: t.state,
|
|
1677
1679
|
callbackPath: t.callbackPath,
|
|
@@ -1685,23 +1687,23 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1685
1687
|
}
|
|
1686
1688
|
async generateDemonstrationOfProofOfPossessionAsync(n, s, t, o = {}) {
|
|
1687
1689
|
const i = this.configuration, r = {
|
|
1688
|
-
ath: await
|
|
1690
|
+
ath: await Ee(n),
|
|
1689
1691
|
...o
|
|
1690
1692
|
};
|
|
1691
|
-
if (await
|
|
1693
|
+
if (await I(i, this.configurationName))
|
|
1692
1694
|
return `DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${this.configurationName}`;
|
|
1693
|
-
const
|
|
1694
|
-
return
|
|
1695
|
+
const c = P(this.configurationName, i.storage), l = await c.getDemonstratingProofOfPossessionJwkAsync(), d = c.getDemonstratingProofOfPossessionNonce();
|
|
1696
|
+
return d && (r.nonce = d), await ve(window)(
|
|
1695
1697
|
i.demonstrating_proof_of_possession_configuration
|
|
1696
|
-
)(
|
|
1698
|
+
)(l, t, s, r);
|
|
1697
1699
|
}
|
|
1698
1700
|
loginCallbackWithAutoTokensRenewAsync() {
|
|
1699
|
-
return this.loginCallbackWithAutoTokensRenewPromise !== null ? this.loginCallbackWithAutoTokensRenewPromise : (this.loginCallbackWithAutoTokensRenewPromise =
|
|
1701
|
+
return this.loginCallbackWithAutoTokensRenewPromise !== null ? this.loginCallbackWithAutoTokensRenewPromise : (this.loginCallbackWithAutoTokensRenewPromise = Tn(this), this.loginCallbackWithAutoTokensRenewPromise.finally(() => {
|
|
1700
1702
|
this.loginCallbackWithAutoTokensRenewPromise = null;
|
|
1701
1703
|
}));
|
|
1702
1704
|
}
|
|
1703
1705
|
userInfoAsync(n = !1, s = !1) {
|
|
1704
|
-
return this.userInfoPromise !== null ? this.userInfoPromise : (this.userInfoPromise =
|
|
1706
|
+
return this.userInfoPromise !== null ? this.userInfoPromise : (this.userInfoPromise = wn(this)(n, s), this.userInfoPromise.finally(() => {
|
|
1705
1707
|
this.userInfoPromise = null;
|
|
1706
1708
|
}));
|
|
1707
1709
|
}
|
|
@@ -1709,12 +1711,12 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1709
1711
|
if (this.renewTokensPromise !== null)
|
|
1710
1712
|
return this.renewTokensPromise;
|
|
1711
1713
|
if (this.timeoutId)
|
|
1712
|
-
return
|
|
1714
|
+
return U.clearTimeout(this.timeoutId), this.renewTokensPromise = Oe(this, !0, n, s), this.renewTokensPromise.finally(() => {
|
|
1713
1715
|
this.renewTokensPromise = null;
|
|
1714
1716
|
});
|
|
1715
1717
|
}
|
|
1716
1718
|
async destroyAsync(n) {
|
|
1717
|
-
return await
|
|
1719
|
+
return await mn(this)(n);
|
|
1718
1720
|
}
|
|
1719
1721
|
async logoutSameTabAsync(n, s) {
|
|
1720
1722
|
this.configuration.monitor_session && this.configuration.client_id === n && s && this.tokens && this.tokens.idTokenPayload && this.tokens.idTokenPayload.sub === s && (await this.destroyAsync("LOGGED_OUT"), this.publishEvent(k.logout_from_same_tab, { mmessage: "SessionMonitor", sub: s }));
|
|
@@ -1723,7 +1725,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1723
1725
|
this.configuration.monitor_session && this.configuration.client_id === n && s && this.tokens && this.tokens.idTokenPayload && this.tokens.idTokenPayload.sub === s && (await this.destroyAsync("LOGGED_OUT"), this.publishEvent(k.logout_from_another_tab, { message: "SessionMonitor", sub: s }));
|
|
1724
1726
|
}
|
|
1725
1727
|
async logoutAsync(n = void 0, s = null) {
|
|
1726
|
-
return this.logoutPromise ? this.logoutPromise : (this.logoutPromise =
|
|
1728
|
+
return this.logoutPromise ? this.logoutPromise : (this.logoutPromise = pn(
|
|
1727
1729
|
this,
|
|
1728
1730
|
L,
|
|
1729
1731
|
this.getFetch(),
|
|
@@ -1734,8 +1736,8 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1734
1736
|
}));
|
|
1735
1737
|
}
|
|
1736
1738
|
};
|
|
1737
|
-
|
|
1738
|
-
let N =
|
|
1739
|
+
F.getOrCreate = (n, s) => (t, o = "default") => Sn(n, s)(t, o), F.eventNames = k;
|
|
1740
|
+
let N = F;
|
|
1739
1741
|
const $ = class $ {
|
|
1740
1742
|
constructor(n) {
|
|
1741
1743
|
this._oidc = n;
|
|
@@ -1793,10 +1795,10 @@ const $ = class $ {
|
|
|
1793
1795
|
},
|
|
1794
1796
|
renewTokensAsync: t.renewTokensAsync.bind(t)
|
|
1795
1797
|
};
|
|
1796
|
-
return
|
|
1798
|
+
return pe(o, n, s);
|
|
1797
1799
|
}
|
|
1798
1800
|
fetchWithTokens(n, s = !1) {
|
|
1799
|
-
return
|
|
1801
|
+
return Ie(n, this._oidc, s);
|
|
1800
1802
|
}
|
|
1801
1803
|
async userInfoAsync(n = !1, s = !1) {
|
|
1802
1804
|
return this._oidc.userInfoAsync(n, s);
|
|
@@ -1806,13 +1808,13 @@ const $ = class $ {
|
|
|
1806
1808
|
}
|
|
1807
1809
|
};
|
|
1808
1810
|
$.getOrCreate = (n, s = new q()) => (t, o = "default") => new $(N.getOrCreate(n, s)(t, o)), $.eventNames = N.eventNames;
|
|
1809
|
-
let
|
|
1811
|
+
let me = $;
|
|
1810
1812
|
export {
|
|
1811
|
-
|
|
1813
|
+
me as OidcClient,
|
|
1812
1814
|
q as OidcLocation,
|
|
1813
|
-
|
|
1815
|
+
V as TokenAutomaticRenewMode,
|
|
1814
1816
|
z as TokenRenewMode,
|
|
1815
|
-
|
|
1817
|
+
An as getFetchDefault,
|
|
1816
1818
|
ne as getParseQueryStringFromLocation,
|
|
1817
|
-
|
|
1819
|
+
En as getPath
|
|
1818
1820
|
};
|