npm - @axa-fr/oidc-client - Versions diffs - 7.27.11 → 7.27.13 - Mend

@axa-fr/oidc-client 7.27.11 → 7.27.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (32) hide show

package/README.md +30 -0
package/dist/events.d.ts +1 -0
package/dist/events.d.ts.map +1 -1
package/dist/index.d.ts +4 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +1164 -1123
package/dist/index.umd.cjs +2 -2
package/dist/initWorker.d.ts +22 -0
package/dist/initWorker.d.ts.map +1 -1
package/dist/oidc.d.ts +1 -0
package/dist/oidc.d.ts.map +1 -1
package/dist/oidcClient.d.ts +15 -0
package/dist/oidcClient.d.ts.map +1 -1
package/dist/protocol.d.ts +75 -0
package/dist/protocol.d.ts.map +1 -0
package/dist/protocol.spec.d.ts +2 -0
package/dist/protocol.spec.d.ts.map +1 -0
package/dist/signalServiceWorker.spec.d.ts +2 -0
package/dist/signalServiceWorker.spec.d.ts.map +1 -0
package/dist/types.d.ts +1 -0
package/dist/types.d.ts.map +1 -1
package/dist/version.d.ts +1 -1
package/package.json +2 -2
package/src/events.ts +1 -0
package/src/index.ts +20 -0
package/src/initWorker.ts +51 -2
package/src/oidcClient.ts +29 -0
package/src/protocol.spec.ts +96 -0
package/src/protocol.ts +106 -0
package/src/signalServiceWorker.spec.ts +77 -0
package/src/types.ts +1 -0
package/src/version.ts +1 -1

package/dist/index.umd.cjs CHANGED Viewed

@@ -1,2 +1,2 @@
-(function(e,t){typeof exports==`object`&&typeof module<`u`?t(exports):typeof define==`function`&&define.amd?define([`exports`],t):(e=typeof globalThis<`u`?globalThis:e||self,t(e[`oidc-client`]={}))})(this,function(e){Object.defineProperty(e,Symbol.toStringTag,{value:`Module`});var t=class{open(e){window.location.href=e}reload(){window.location.reload()}getCurrentHref(){return window.location.href}getPath(){let e=window.location;return e.pathname+(e.search||``)+(e.hash||``)}getOrigin(){return window.origin}},n=2e3,r=console,i=class{constructor(e,t,r,i=n,a=!0){this._callback=e,this._client_id=t,this._url=r,this._interval=i||n,this._stopOnError=a;let o=r.indexOf(`/`,r.indexOf(`//`)+2);this._frame_origin=r.substring(0,o),this._frame=window.document.createElement(`iframe`),this._frame.style.visibility=`hidden`,this._frame.style.position=`absolute`,this._frame.style.display=`none`,this._frame.width=0,this._frame.height=0,this._frame.src=r}load(){return new Promise(e=>{this._frame.onload=()=>{e()},window.document.body.appendChild(this._frame),this._boundMessageEvent=this._message.bind(this),window.addEventListener(`message`,this._boundMessageEvent,!1)})}_message(e){e.origin===this._frame_origin&&e.source===this._frame.contentWindow&&(e.data===`error`?(r.error(`CheckSessionIFrame: error message from check session op iframe`),this._stopOnError&&this.stop()):e.data===`changed`?(r.debug(e),r.debug(`CheckSessionIFrame: changed message from check session op iframe`),this.stop(),this._callback()):r.debug(`CheckSessionIFrame: `+e.data+` message from check session op iframe`))}start(e){r.debug(`CheckSessionIFrame.start :`+e),this.stop();let t=()=>{this._frame.contentWindow.postMessage(this._client_id+` `+e,this._frame_origin)};t(),this._timer=window.setInterval(t,this._interval)}stop(){this._timer&&=(r.debug(`CheckSessionIFrame.stop`),window.clearInterval(this._timer),null)}},a={service_worker_not_supported_by_browser:`service_worker_not_supported_by_browser`,token_acquired:`token_acquired`,logout_from_another_tab:`logout_from_another_tab`,logout_from_same_tab:`logout_from_same_tab`,token_renewed:`token_renewed`,token_timer:`token_timer`,loginAsync_begin:`loginAsync_begin`,loginAsync_error:`loginAsync_error`,loginCallbackAsync_begin:`loginCallbackAsync_begin`,loginCallbackAsync_end:`loginCallbackAsync_end`,loginCallbackAsync_error:`loginCallbackAsync_error`,refreshTokensAsync_begin:`refreshTokensAsync_begin`,refreshTokensAsync:`refreshTokensAsync`,refreshTokensAsync_end:`refreshTokensAsync_end`,refreshTokensAsync_error:`refreshTokensAsync_error`,refreshTokensAsync_silent_error:`refreshTokensAsync_silent_error`,tryKeepExistingSessionAsync_begin:`tryKeepExistingSessionAsync_begin`,tryKeepExistingSessionAsync_end:`tryKeepExistingSessionAsync_end`,tryKeepExistingSessionAsync_error:`tryKeepExistingSessionAsync_error`,silentLoginAsync_begin:`silentLoginAsync_begin`,silentLoginAsync:`silentLoginAsync`,silentLoginAsync_end:`silentLoginAsync_end`,silentLoginAsync_error:`silentLoginAsync_error`,syncTokensAsync_begin:`syncTokensAsync_begin`,syncTokensAsync_lock_not_available:`syncTokensAsync_lock_not_available`,syncTokensAsync_end:`syncTokensAsync_end`,syncTokensAsync_error:`syncTokensAsync_error`,tokensInvalidAndWaitingActionsToRefresh:`tokensInvalidAndWaitingActionsToRefresh`},o=(e,t,n)=>{if(n==null){delete e[t];return}e[t]=JSON.stringify(n)},s=(e,t,n)=>{if(n==null){delete e[t];return}e[t]=n},c=e=>{if(typeof e!=`string`||e===`undefined`||e===`null`||e===``)return null;try{return JSON.parse(e)}catch{return null}},l=(e,t=sessionStorage,n)=>{let r=n??t,i=i=>(o(t,`oidc.${e}`,{tokens:null,status:i}),delete t[`oidc.${e}.userInfo`],n&&n!==t&&(delete r[`oidc.login.${e}`],delete r[`oidc.state.${e}`],delete r[`oidc.code_verifier.${e}`],delete r[`oidc.nonce.${e}`]),Promise.resolve()),a=async()=>{let n=c(t[`oidc.${e}`]);return n?Promise.resolve({tokens:n.tokens,status:n.status}):(o(t,`oidc.${e}`,{tokens:null,status:null}),{tokens:null,status:null})},l=n=>{o(t,`oidc.${e}`,{tokens:n})},u=async n=>{s(t,`oidc.session_state.${e}`,n)},d=async()=>t[`oidc.session_state.${e}`],f=t=>{s(r,`oidc.nonce.${e}`,t?.nonce)},p=n=>{o(t,`oidc.jwk.${e}`,n)},m=()=>c(t[`oidc.jwk.${e}`]),h=async()=>({nonce:r[`oidc.nonce.${e}`]}),g=async n=>{s(t,`oidc.dpop_nonce.${e}`,n)},_=()=>t[`oidc.dpop_nonce.${e}`],v=()=>{let n=c(t[`oidc.${e}`]);return n?JSON.stringify({tokens:n.tokens}):null},y={};return{clearAsync:i,initAsync:a,setTokens:l,getTokens:v,setSessionStateAsync:u,getSessionStateAsync:d,setNonceAsync:f,getNonceAsync:h,setLoginParams:t=>{if(t==null){delete y[e],delete r[`oidc.login.${e}`];return}y[e]=t,o(r,`oidc.login.${e}`,t)},getLoginParams:()=>{if(y[e])return y[e];let t=c(r[`oidc.login.${e}`]);return t===null?(console.warn(`storage[oidc.login.${e}] is empty, you should have an bad OIDC or code configuration somewhere.`),null):(y[e]=t,t)},getStateAsync:async()=>r[`oidc.state.${e}`],setStateAsync:async t=>{s(r,`oidc.state.${e}`,t)},getCodeVerifierAsync:async()=>r[`oidc.code_verifier.${e}`],setCodeVerifierAsync:async t=>{s(r,`oidc.code_verifier.${e}`,t)},setDemonstratingProofOfPossessionNonce:g,getDemonstratingProofOfPossessionNonce:_,setDemonstratingProofOfPossessionJwkAsync:p,getDemonstratingProofOfPossessionJwkAsync:m}},u=function(e){return e.AutomaticBeforeTokenExpiration=`AutomaticBeforeTokensExpiration`,e.AutomaticOnlyWhenFetchExecuted=`AutomaticOnlyWhenFetchExecuted`,e}({}),d=e=>decodeURIComponent(Array.prototype.map.call(atob(e),e=>`%`+(`00`+e.charCodeAt(0).toString(16)).slice(-2)).join(``)),f=e=>JSON.parse(d(e.replaceAll(/-/g,`+`).replaceAll(/_/g,`/`))),p=e=>{try{return e&&m(e,`.`)===2?f(e.split(`.`)[1]):null}catch(e){console.warn(e)}return null},m=(e,t)=>e.split(t).length-1,h={access_token_or_id_token_invalid:`access_token_or_id_token_invalid`,access_token_invalid:`access_token_invalid`,id_token_invalid:`id_token_invalid`};function g(e,t,n){return e.issuedAt?typeof e.issuedAt==`string`?parseInt(e.issuedAt,10):e.issuedAt:t&&t.iat?t.iat:n&&n.iat?n.iat:new Date().getTime()/1e3}var _=(e,t=null,n)=>{if(!e)return null;let r,i=typeof e.expiresIn==`string`?parseInt(e.expiresIn,10):e.expiresIn;r=e.accessTokenPayload===void 0?p(e.accessToken):e.accessTokenPayload;let a;a=t!=null&&`idToken`in t&&!(`idToken`in e)?t.idToken:e.idToken;let o=e.idTokenPayload?e.idTokenPayload:p(a),s=o&&o.exp?o.exp:Number.MAX_VALUE,c=r&&r.exp?r.exp:e.issuedAt+i;e.issuedAt=g(e,r,o);let l;l=e.expiresAt?e.expiresAt:n===h.access_token_invalid?c:n===h.id_token_invalid||s<c?s:c;let u={...e,idTokenPayload:o,accessTokenPayload:r,expiresAt:l,idToken:a};if(t!=null&&`refreshToken`in t&&!(`refreshToken`in e)){let e=t.refreshToken;return{...u,refreshToken:e}}return u},v=(e,t,n)=>{if(!e)return null;e.issued_at||=new Date().getTime()/1e3;let r={accessToken:e.access_token,expiresIn:e.expires_in,idToken:e.id_token,scope:e.scope,tokenType:e.token_type,issuedAt:e.issued_at};return`refresh_token`in e&&(r.refreshToken=e.refresh_token),e.accessTokenPayload!==void 0&&(r.accessTokenPayload=e.accessTokenPayload),e.idTokenPayload!==void 0&&(r.idTokenPayload=e.idTokenPayload),_(r,t,n)},y=(e,t)=>{let n=t-new Date().getTime()/1e3;return Math.round(n-e)},b=(e,t=0)=>e?y(t,e.expiresAt)>0:!1,x=async(e,t=200,n=50)=>{let r=n,i=await e.syncTokensInfoAsync();for(;[K.REQUIRE_SYNC_TOKENS,K.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID,K.TOKENS_INVALID].includes(i)&&r>0;){if(e.configuration.token_automatic_renew_mode==u.AutomaticOnlyWhenFetchExecuted){await e.renewTokensAsync({});break}else await D({milliseconds:t});--r,i=await e.syncTokensInfoAsync()}return{isTokensValid:b(e.getTokens()),tokens:e.getTokens(),numberWaited:r-n}},S=(e,t,n)=>{if(e.idTokenPayload){let r=e.idTokenPayload;if(n.issuer!==r.iss)return{isValid:!1,reason:`Issuer does not match (oidcServerConfiguration issuer) ${n.issuer} !== (idTokenPayload issuer) ${r.iss}`};let i=new Date().getTime()/1e3;if(r.exp&&r.exp<i)return{isValid:!1,reason:`Token expired (idTokenPayload exp) ${r.exp} < (currentTimeUnixSecond) ${i}`};let a=3600*24*7;if(r.iat&&r.iat+a<i)return{isValid:!1,reason:`Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${r.iat+a} < (currentTimeUnixSecond) ${i}`};if(r.nonce&&r.nonce!==t)return{isValid:!1,reason:`Nonce does not match (idTokenPayload nonce) ${r.nonce} !== (nonce) ${t}`}}return{isValid:!0,reason:``}},C=(function(){let e=typeof window>`u`?global:window;return{setTimeout:setTimeout.bind(e),clearTimeout:clearTimeout.bind(e),setInterval:setInterval.bind(e),clearInterval:clearInterval.bind(e)}})(),w=`7.27.11`,T=null,E,D=({milliseconds:e})=>new Promise(t=>C.setTimeout(t,e)),ee=(e=`/`)=>{try{E=new AbortController,fetch(`${e}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`,{signal:E.signal}).catch(e=>{console.log(e)}),D({milliseconds:150*1e3}).then(()=>ee(e))}catch(e){console.log(e)}},O=()=>{E&&E.abort()},k=e=>{let t=`oidc.tabId.${e}`,n=sessionStorage.getItem(t);if(n)return n;let r=globalThis.crypto.randomUUID();return sessionStorage.setItem(t,r),r},A=5e3,j=e=>navigator.serviceWorker.controller??e.active??e.waiting??e.installing??null,M=(e,t)=>n=>{let r=t?.timeoutMs??A;return new Promise((t,i)=>{let a=j(e);if(!a){i(Error(`Service worker target not available (controller/active/waiting/installing missing)`));return}let o=new MessageChannel,s=null,c=()=>{try{s!=null&&(C.clearTimeout(s),s=null),o.port1.onmessage=null,o.port1.close(),o.port2.close()}catch(e){console.error(e)}};s=C.setTimeout(()=>{c(),i(Error(`Service worker did not respond within ${r}ms (type=${n?.type})`))},r),o.port1.onmessage=e=>{c(),e?.data?.error?i(e.data.error):t(e.data)};try{let e=n?.configurationName;a.postMessage({...n,tabId:k(e??`default`)},[o.port2])}catch(e){c(),i(e)}})},te=async e=>navigator.serviceWorker.controller?navigator.serviceWorker.controller:new Promise(t=>{let n=!1,r=()=>{n||(n=!0,navigator.serviceWorker.removeEventListener(`controllerchange`,r),t(navigator.serviceWorker.controller??null))};navigator.serviceWorker.addEventListener(`controllerchange`,r),C.setTimeout(()=>{n||(n=!0,navigator.serviceWorker.removeEventListener(`controllerchange`,r),t(navigator.serviceWorker.controller??null))},e)}),ne=!1,N=!1,P=new Map,F=`oidc.sw.controllerchange_reload_count`,I=3,L=()=>{try{return parseInt(sessionStorage.getItem(F)??`0`,10)}catch{return 0}},re=()=>{let e=L()+1;try{sessionStorage.setItem(F,String(e))}catch{}return e},ie=()=>{try{sessionStorage.removeItem(F)}catch{}},R=async(e,t)=>{let n=e.service_worker_relative_url;if(typeof window>`u`||typeof navigator>`u`||!navigator.serviceWorker||!n||e.service_worker_activate()===!1)return null;let r=`${n}?v=${w}`,i=null;e.service_worker_register?(P.has(n)||P.set(n,e.service_worker_register(n)),i=await P.get(n)):(P.has(r)||P.set(r,navigator.serviceWorker.register(r,{updateViaCache:`none`})),i=await P.get(r));let a=`oidc.sw.version_mismatch_reload.${t}`,o=async e=>{O(),console.log(`New SW waiting – SKIP_WAITING`);try{await new Promise((n,r)=>{let i=new MessageChannel,a=null,o=()=>{try{a!=null&&(C.clearTimeout(a),a=null),i.port1.onmessage=null,i.port1.close(),i.port2.close()}catch(e){console.error(e)}};a=C.setTimeout(()=>{o(),r(Error(`SKIP_WAITING did not respond within 8000ms`))},8e3),i.port1.onmessage=e=>{o(),e?.data?.error?r(e.data.error):n()};try{e.postMessage({type:`SKIP_WAITING`,configurationName:t,data:null,tabId:k(t??`default`)},[i.port2])}catch(e){o(),r(e)}})}catch(e){console.warn(`SKIP_WAITING failed`,e)}},s=async()=>{let e=i.waiting;e?await o(e):console.warn(`sendSkipWaiting called but no waiting service worker found`)},c=e=>{O(),e.addEventListener(`statechange`,async()=>{if(e.state===`installed`&&navigator.serviceWorker.controller){if(L()>=I){console.warn(`SW trackInstallingWorker: skipping SKIP_WAITING because the reload budget is exhausted`);return}await o(e)}})};i.addEventListener(`updatefound`,()=>{let e=i.installing;e&&c(e)}),i.installing?c(i.installing):i.waiting&&navigator.serviceWorker.controller&&(L()<I?s():console.warn(`SW: a waiting worker exists but reload budget is exhausted – skipping activation`)),i.update().catch(e=>{console.error(e)});try{await navigator.serviceWorker.ready,navigator.serviceWorker.controller||(await M(i,{timeoutMs:8e3})({type:`claim`,configurationName:t,data:null}),await te(2e3))}catch(e){return console.warn(`Failed init ServiceWorker ${e?.toString?.()??String(e)}`),null}ne||(ne=!0,navigator.serviceWorker.addEventListener(`controllerchange`,()=>{if(N)return;let e=re();if(e>I){console.warn(`SW controllerchange: reload budget exhausted (${e-1} reloads). Skipping reload to avoid infinite loop.`);return}N=!0,console.log(`SW controller changed – reloading page`),O(),window.location.reload()}));let l=async e=>M(i)({type:`clear`,data:{status:e},configurationName:t}),u=async(e,n,r)=>{let o=await M(i)({type:`init`,data:{oidcServerConfiguration:e,where:n,oidcConfiguration:{token_renew_mode:r.token_renew_mode,service_worker_convert_all_requests_to_cors:r.service_worker_convert_all_requests_to_cors}},configurationName:t}),c=o.version;if(c!==`7.27.11`){console.warn(`Service worker ${c} version mismatch with js client version ${w}, unregistering and reloading`);let e=parseInt(sessionStorage.getItem(a)??`0`,10);if(e<3){if(sessionStorage.setItem(a,String(e+1)),i.waiting)return await s(),await D({milliseconds:500}),N||(N=!0,window.location.reload()),new Promise(()=>{});{O();try{await i.update()}catch(e){console.error(e)}let e=await i.unregister();return console.log(`Service worker unregistering ${e}`),await D({milliseconds:500}),N||(N=!0,window.location.reload()),new Promise(()=>{})}}else console.error(`Service worker version mismatch persists after ${e} attempt(s). Continuing with mismatched version.`)}else sessionStorage.removeItem(a),ie();return{tokens:v(o.tokens,null,r.token_renew_mode),status:o.status}},d=(e=`/`)=>{T??(T=`not_null`,ee(e))},f=e=>M(i)({type:`setSessionState`,data:{sessionState:e},configurationName:t}),p=async()=>(await M(i)({type:`getSessionState`,data:null,configurationName:t})).sessionState,m=e=>(sessionStorage[`oidc.nonce.${t}`]=e.nonce,M(i)({type:`setNonce`,data:{nonce:e},configurationName:t})),h=async(e=!0)=>{let n=(await M(i)({type:`getNonce`,data:null,configurationName:t})).nonce;return n||(n=sessionStorage[`oidc.nonce.${t}`],console.warn(`nonce not found in service worker, using sessionStorage`),e&&(await m(n),n=(await h(!1)).nonce)),{nonce:n}},g={},_=e=>{if(e==null){delete g[t],delete localStorage[`oidc.login.${t}`];return}g[t]=e,localStorage[`oidc.login.${t}`]=JSON.stringify(e)},y=()=>{if(g[t])return g[t];let e=localStorage[`oidc.login.${t}`];if(typeof e!=`string`||e===``||e===`undefined`||e===`null`)return null;try{g[t]=JSON.parse(e)}catch{return null}return g[t]},b=async e=>{await M(i)({type:`setDemonstratingProofOfPossessionNonce`,data:{demonstratingProofOfPossessionNonce:e},configurationName:t})},x=async()=>(await M(i)({type:`getDemonstratingProofOfPossessionNonce`,data:null,configurationName:t})).demonstratingProofOfPossessionNonce,S=async e=>{let n=JSON.stringify(e);await M(i)({type:`setDemonstratingProofOfPossessionJwk`,data:{demonstratingProofOfPossessionJwkJson:n},configurationName:t})},E=async()=>{let e=await M(i)({type:`getDemonstratingProofOfPossessionJwk`,data:null,configurationName:t});return e.demonstratingProofOfPossessionJwkJson?JSON.parse(e.demonstratingProofOfPossessionJwkJson):null},A=async(e=!0)=>{let n=(await M(i)({type:`getState`,data:null,configurationName:t})).state;return n||(n=sessionStorage[`oidc.state.${t}`],console.warn(`state not found in service worker, using sessionStorage`),e&&(await j(n),n=await A(!1))),n},j=async e=>(sessionStorage[`oidc.state.${t}`]=e,M(i)({type:`setState`,data:{state:e},configurationName:t})),F=async(e=!0)=>{let n=(await M(i)({type:`getCodeVerifier`,data:null,configurationName:t})).codeVerifier;return n||(n=sessionStorage[`oidc.code_verifier.${t}`],console.warn(`codeVerifier not found in service worker, using sessionStorage`),e&&(await R(n),n=await F(!1))),n},R=async e=>(sessionStorage[`oidc.code_verifier.${t}`]=e,M(i)({type:`setCodeVerifier`,data:{codeVerifier:e},configurationName:t}));return{clearAsync:l,initAsync:u,startKeepAliveServiceWorker:()=>d(e.service_worker_keep_alive_path),setSessionStateAsync:f,getSessionStateAsync:p,setNonceAsync:m,getNonceAsync:h,setLoginParams:_,getLoginParams:y,getStateAsync:A,setStateAsync:j,getCodeVerifierAsync:F,setCodeVerifierAsync:R,setDemonstratingProofOfPossessionNonce:b,getDemonstratingProofOfPossessionNonce:x,setDemonstratingProofOfPossessionJwkAsync:S,getDemonstratingProofOfPossessionJwkAsync:E}},z={},ae=(e,t=window.sessionStorage,n)=>{if(!z[e]&&t){let n=t.getItem(e);n&&(z[e]=JSON.parse(n))}let r=1e3*n;return z[e]&&z[e].timestamp+r>Date.now()?z[e].result:null},oe=(e,t,n=window.sessionStorage)=>{let r=Date.now();z[e]={result:t,timestamp:r},n&&n.setItem(e,JSON.stringify({result:t,timestamp:r}))};function se(e){return new TextEncoder().encode(e)}function ce(e){return btoa(e).replace(/\+/g,`-`).replace(/\//g,`_`).replace(/=+/g,``)}function le(e){return encodeURIComponent(e).replace(/%([0-9A-F]{2})/g,function(e,t){return String.fromCharCode(parseInt(t,16))})}var B=e=>{let t=``;return e.forEach(function(e){t+=String.fromCharCode(e)}),ce(t)};function ue(e){return ce(le(e))}var de={importKeyAlgorithm:{name:`ECDSA`,namedCurve:`P-256`,hash:{name:`ES256`}},signAlgorithm:{name:`ECDSA`,hash:{name:`SHA-256`}},generateKeyAlgorithm:{name:`ECDSA`,namedCurve:`P-256`},digestAlgorithm:{name:`SHA-256`},jwtHeaderAlgorithm:`ES256`},fe={sign:e=>async(t,n,r,i,a=`dpop+jwt`)=>{switch(t=Object.assign({},t),n.typ=a,n.alg=i.jwtHeaderAlgorithm,n.alg){case`ES256`:n.jwk={kty:t.kty,crv:t.crv,x:t.x,y:t.y};break;case`RS256`:n.jwk={kty:t.kty,n:t.n,e:t.e,kid:n.kid};break;default:throw Error(`Unknown or not implemented JWS algorithm`)}let o={protected:ue(JSON.stringify(n)),payload:ue(JSON.stringify(r))},s=i.importKeyAlgorithm,c=await e.crypto.subtle.importKey(`jwk`,t,s,!0,[`sign`]),l=se(`${o.protected}.${o.payload}`),u=i.signAlgorithm,d=await e.crypto.subtle.sign(u,c,l);return o.signature=B(new Uint8Array(d)),`${o.protected}.${o.payload}.${o.signature}`}},pe={generate:e=>async t=>{let n=t,r=await e.crypto.subtle.generateKey(n,!0,[`sign`,`verify`]);return await e.crypto.subtle.exportKey(`jwk`,r.privateKey)},neuter:e=>{let t=Object.assign({},e);return delete t.d,t.key_ops=[`verify`],t}},me={thumbprint:e=>async(t,n)=>{let r;switch(t.kty){case`EC`:r=`{"crv":"CRV","kty":"EC","x":"X","y":"Y"}`.replace(`CRV`,t.crv).replace(`X`,t.x).replace(`Y`,t.y);break;case`RSA`:r=`{"e":"E","kty":"RSA","n":"N"}`.replace(`E`,t.e).replace(`N`,t.n);break;default:throw Error(`Unknown or not implemented JWK type`)}let i=await e.crypto.subtle.digest(n,se(r));return B(new Uint8Array(i))}},he=e=>async t=>await pe.generate(e)(t),ge=e=>t=>async(n,r=`POST`,i,a={})=>{let o={jti:btoa(_e()),htm:r,htu:i,iat:Math.round(Date.now()/1e3),...a},s=await me.thumbprint(e)(n,t.digestAlgorithm);return await fe.sign(e)(n,{kid:s},o,t)},_e=()=>{let e=`xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx`,t=`0123456789abcdef`,n=0,r=``;for(let i=0;i<36;i++)e[i]!==`-`&&e[i]!==`4`&&(n=Math.random()*16|0),e[i]===`x`?r+=t[n]:e[i]===`y`?(n&=3,n|=8,r+=t[n]):r+=e[i];return r},ve=()=>{let e=typeof window<`u`&&!!window.crypto;return{hasCrypto:e,hasSubtleCrypto:e&&!!window.crypto.subtle}},ye=`ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789`,be=e=>{let t=[];for(let n=0;n<e.byteLength;n+=1){let r=e[n]%62;t.push(ye[r])}return t.join(``)},V=e=>{let t=new Uint8Array(e),{hasCrypto:n}=ve();if(n)window.crypto.getRandomValues(t);else for(let n=0;n<e;n+=1)t[n]=Math.random()*62|0;return be(t)};function xe(e){let t=new ArrayBuffer(e.length),n=new Uint8Array(t);for(let t=0;t<e.length;t++)n[t]=e.charCodeAt(t);return n}function Se(e){return new Promise((t,n)=>{crypto.subtle.digest(`SHA-256`,xe(e)).then(e=>t(B(new Uint8Array(e))),e=>n(e))})}var Ce=e=>{if(e.length<43||e.length>128)return Promise.reject(Error(`Invalid code length.`));let{hasSubtleCrypto:t}=ve();return t?Se(e):Promise.reject(Error(`window.crypto.subtle is unavailable.`))},we=3600,Te=e=>async(t,n=we,r=window.sessionStorage,i=1e4)=>{let a=`${t}/.well-known/openid-configuration`,o=`oidc.server:${t}`,s=ae(o,r,n);if(s)return new Ze(s);let c=await H(e)(a,{},i);if(c.status!==200)return null;let l=await c.json();return oe(o,l,r),new Ze(l)},H=e=>async(t,n={},r=1e4,i=0)=>{let a;try{let i=new AbortController;setTimeout(()=>i.abort(),r),a=await e(t,{...n,signal:i.signal})}catch(a){if(a.name===`AbortError`||a.message===`Network request failed`){if(i<=1)return await H(e)(t,n,r,i+1);throw a}else throw console.error(a.message),a}return a},U={refresh_token:`refresh_token`,access_token:`access_token`},Ee=e=>async(t,n,r=U.refresh_token,i,a={},o=1e4)=>{let s={token:n,token_type_hint:r,client_id:i};for(let[e,t]of Object.entries(a))s[e]===void 0&&(s[e]=t);let c=[];for(let e in s){let t=encodeURIComponent(e),n=encodeURIComponent(s[e]);c.push(`${t}=${n}`)}let l=c.join(`&`);return(await H(e)(t,{method:`POST`,headers:{"Content-Type":`application/x-www-form-urlencoded;charset=UTF-8`},body:l},o)).status===200?{success:!0}:{success:!1}},De=e=>async(t,n,r,i,a={},o,s=1e4)=>{for(let[e,t]of Object.entries(r))n[e]===void 0&&(n[e]=t);let c=[];for(let e in n){let t=encodeURIComponent(e),r=encodeURIComponent(n[e]);c.push(`${t}=${r}`)}let l=c.join(`&`),u=await H(e)(t,{method:`POST`,headers:{"Content-Type":`application/x-www-form-urlencoded;charset=UTF-8`,...a},body:l},s);if(u.status!==200)return{success:!1,status:u.status,demonstratingProofOfPossessionNonce:null};let d=await u.json(),f=null;return u.headers.has(W)&&(f=u.headers.get(W)),{success:!0,status:u.status,data:v(d,i,o),demonstratingProofOfPossessionNonce:f}},Oe=(e,t)=>async(n,r)=>{r=r?{...r}:{};let i=V(128),a=await Ce(i);await e.setCodeVerifierAsync(i),await e.setStateAsync(r.state),r.code_challenge=a,r.code_challenge_method=`S256`;let o=``;if(r)for(let[e,t]of Object.entries(r))o===``?o+=`?`:o+=`&`,o+=`${e}=${encodeURIComponent(t)}`;t.open(`${n}${o}`)},W=`DPoP-Nonce`,ke=e=>async(t,n,r,i,a=1e4)=>{n=n?{...n}:{},n.code_verifier=await e.getCodeVerifierAsync();let o=[];for(let e in n){let t=encodeURIComponent(e),r=encodeURIComponent(n[e]);o.push(`${t}=${r}`)}let s=o.join(`&`),c=await H(fetch)(t,{method:`POST`,headers:{"Content-Type":`application/x-www-form-urlencoded;charset=UTF-8`,...r},body:s},a);if(await Promise.all([e.setCodeVerifierAsync(null),e.setStateAsync(null)]),c.status!==200)return{success:!1,status:c.status};let l=null;c.headers.has(W)&&(l=c.headers.get(W));let u=await c.json();return{success:!0,data:{state:n.state,tokens:v(u,null,i),demonstratingProofOfPossessionNonce:l}}};async function Ae(e,t,n,r=null){let{tokens:i,status:a}=await J(e)(t=>{e.tokens=t},0,0,t,n,r);return await R(e.configuration,e.configurationName)||l(e.configurationName,e.configuration.storage,e.configuration.login_state_storage??e.configuration.storage).setTokens(e.tokens),e.tokens?i:(await e.destroyAsync(a),null)}async function je(e,t=!1,n=null,r=null){let i=e.configuration,a=`${i.client_id}_${e.configurationName}_${i.authority}`,o,s=await R(e.configuration,e.configurationName);if(i?.storage===window?.sessionStorage&&!s||!navigator.locks)o=await Ae(e,t,n,r);else{let i=`retry`;for(;i===`retry`;)i=await navigator.locks.request(a,{ifAvailable:!0},async i=>i?await Ae(e,t,n,r):(e.publishEvent($.eventNames.syncTokensAsync_lock_not_available,{lock:`lock not available`}),`retry`));o=i}return o?(e.timeoutId&&=G(e,e.tokens.expiresAt,n,r),e.tokens):null}var G=(e,t,n=null,r=null)=>{let i=e.configuration.refresh_time_before_tokens_expiration_in_second;return e.timeoutId&&C.clearTimeout(e.timeoutId),C.setTimeout(async()=>{let a={timeLeft:y(i,t)};e.publishEvent($.eventNames.token_timer,a),await je(e,!1,n,r)},1e3)},K={FORCE_REFRESH:`FORCE_REFRESH`,SESSION_LOST:`SESSION_LOST`,NOT_CONNECTED:`NOT_CONNECTED`,TOKENS_VALID:`TOKENS_VALID`,TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:`TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID`,TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID:`TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID`,LOGOUT_FROM_ANOTHER_TAB:`LOGOUT_FROM_ANOTHER_TAB`,REQUIRE_SYNC_TOKENS:`REQUIRE_SYNC_TOKENS`,TOKENS_INVALID:`TOKENS_INVALID`},q=e=>async(t,n,r,i=!1)=>{let a={nonce:null};if(!r)return{tokens:null,status:K.NOT_CONNECTED,nonce:a};let o,s=await e.initAsync(t.authority,t.authority_configuration),c=await R(t,n);if(c){let{status:e,tokens:n}=await c.initAsync(s,`syncTokensAsync`,t);if(e===`LOGGED_OUT`)return{tokens:null,status:K.LOGOUT_FROM_ANOTHER_TAB,nonce:a};if(e===`SESSIONS_LOST`)return{tokens:null,status:K.SESSION_LOST,nonce:a};if(!e||!n)return{tokens:null,status:K.REQUIRE_SYNC_TOKENS,nonce:a};if(n.issuedAt!==r.issuedAt)return{tokens:n,status:y(t.refresh_time_before_tokens_expiration_in_second,n.expiresAt)>0?K.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:K.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID,nonce:await c.getNonceAsync()};o=await c.getNonceAsync()}else{let i=l(n,t.storage??sessionStorage,t.login_state_storage??t.storage??sessionStorage),s=await i.initAsync(),{tokens:c}=s,{status:u}=s;if(c&&=_(c,e.tokens,t.token_renew_mode),!c)return{tokens:null,status:K.LOGOUT_FROM_ANOTHER_TAB,nonce:a};if(u===`SESSIONS_LOST`)return{tokens:null,status:K.SESSION_LOST,nonce:a};if(c.issuedAt!==r.issuedAt){let e=y(t.refresh_time_before_tokens_expiration_in_second,c.expiresAt)>0?K.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:K.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID,n=await i.getNonceAsync();return{tokens:c,status:e,nonce:n}}o=await i.getNonceAsync()}let u=y(t.refresh_time_before_tokens_expiration_in_second,r.expiresAt)>0?`TOKENS_VALID`:`TOKENS_INVALID`;return i?{tokens:r,status:`FORCE_REFRESH`,nonce:o}:{tokens:r,status:u,nonce:o}},J=e=>async(t,n=0,r=0,i=!1,o=null,s=null)=>{if(!navigator.onLine&&document.hidden)return{tokens:e.tokens,status:`GIVE_UP`};let c=6,d=i?2:5;for(;!navigator.onLine&&c>0;)await D({milliseconds:1e3}),c--,e.publishEvent(a.refreshTokensAsync,{message:`wait because navigator is offline try ${c}`});let f=document.hidden,p=f?n:n+1,m=f?r+1:r;if(n>=d||r>=5)return t(null),e.publishEvent(a.refreshTokensAsync_error,{message:`refresh token`}),{tokens:null,status:`SESSION_LOST`};o||={};let h=e.configuration,g=(t,n=null,r=null)=>Y(e.configurationName,e.configuration,e.publishEvent.bind(e))(t,n,r),_=async()=>{try{let n,r=await R(h,e.configurationName);n=r?r.getLoginParams():l(e.configurationName,h.storage,h.login_state_storage??h.storage).getLoginParams();let i={};if(n&&n.extras)for(let[e,t]of Object.entries(n.extras))t!=null&&(i[e]=t);if(o)for(let[e,t]of Object.entries(o))t!=null&&(i[e]=t);i.prompt=`none`,s&&(i.scope=s);let c=await g(i);return c?c.error?(t(null),e.publishEvent(a.refreshTokensAsync_error,{message:`refresh token silent`}),{tokens:null,status:`SESSION_LOST`}):(t(c.tokens),e.publishEvent($.eventNames.token_renewed,{}),{tokens:c.tokens,status:`LOGGED`}):(t(null),e.publishEvent(a.refreshTokensAsync_error,{message:`refresh token silent not active`}),{tokens:null,status:`SESSION_LOST`})}catch(n){return console.error(n),e.publishEvent(a.refreshTokensAsync_silent_error,{message:`exceptionSilent`,exception:n.message}),await J(e)(t,p,m,i,o,s)}};try{let{status:c,tokens:d,nonce:f}=await q(e)(h,e.configurationName,e.tokens,i);switch(c){case K.SESSION_LOST:return t(null),e.publishEvent(a.refreshTokensAsync_error,{message:`refresh token session lost`}),{tokens:null,status:`SESSION_LOST`};case K.NOT_CONNECTED:return t(null),{tokens:null,status:null};case K.TOKENS_VALID:return t(d),{tokens:d,status:`LOGGED_IN`};case K.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:return t(d),e.publishEvent($.eventNames.token_renewed,{reason:`TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID`}),{tokens:d,status:`LOGGED_IN`};case K.LOGOUT_FROM_ANOTHER_TAB:return t(null),e.publishEvent(a.logout_from_another_tab,{status:`session syncTokensAsync`}),{tokens:null,status:`LOGGED_OUT`};case K.REQUIRE_SYNC_TOKENS:return h.token_automatic_renew_mode==u.AutomaticOnlyWhenFetchExecuted&&!i?(e.publishEvent(a.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:`GIVE_UP`}):(e.publishEvent(a.refreshTokensAsync_begin,{tryNumber:n}),await _());default:{if(h.token_automatic_renew_mode==u.AutomaticOnlyWhenFetchExecuted&&K.FORCE_REFRESH!==c)return e.publishEvent(a.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:`GIVE_UP`};if(e.publishEvent(a.refreshTokensAsync_begin,{refreshToken:d.refreshToken,status:c,tryNumber:n,backgroundTry:r}),!d.refreshToken)return await _();let g=h.client_id,v=h.redirect_uri,y=h.authority,b={...h.token_request_extras?h.token_request_extras:{}};for(let[e,t]of Object.entries(o))e.endsWith(`:token_request`)&&(b[e.replace(`:token_request`,``)]=t);return await(async()=>{let n={client_id:g,redirect_uri:v,grant_type:`refresh_token`,refresh_token:d.refreshToken},r=await e.initAsync(y,h.authority_configuration),c=document.hidden?1e4:3e4*10,u=r.tokenEndpoint,_={};h.demonstrating_proof_of_possession&&(_.DPoP=await e.generateDemonstrationOfProofOfPossessionAsync(d.accessToken,u,`POST`));let x=await De(e.getFetch())(u,n,b,d,_,h.token_renew_mode,c);if(x.success){let{isValid:n,reason:i}=S(x.data,f.nonce,r);if(!n)return t(null),e.publishEvent(a.refreshTokensAsync_error,{message:`refresh token return not valid tokens, reason: ${i}`}),{tokens:null,status:`SESSION_LOST`};if(t(x.data),x.demonstratingProofOfPossessionNonce){let t=await R(h,e.configurationName);t?await t.setDemonstratingProofOfPossessionNonce(x.demonstratingProofOfPossessionNonce):await l(e.configurationName,h.storage,h.login_state_storage??h.storage).setDemonstratingProofOfPossessionNonce(x.demonstratingProofOfPossessionNonce)}return e.publishEvent(a.refreshTokensAsync_end,{success:x.success}),e.publishEvent($.eventNames.token_renewed,{reason:`REFRESH_TOKEN`}),{tokens:x.data,status:`LOGGED_IN`}}else return e.publishEvent(a.refreshTokensAsync_silent_error,{message:`bad request`,tokenResponse:x}),x.status>=400&&x.status<500?(t(null),e.publishEvent(a.refreshTokensAsync_error,{message:`session lost: ${x.status}`}),{tokens:null,status:`SESSION_LOST`}):await J(e)(t,p,m,i,o,s)})()}}}catch(n){return console.error(n),e.publishEvent(a.refreshTokensAsync_silent_error,{message:`exception`,exception:n.message}),new Promise((n,r)=>{setTimeout(()=>{J(e)(t,p,m,i,o,s).then(n).catch(r)},1e3)})}},Y=(e,t,n)=>(r=null,i=null,o=null)=>{if(!t.silent_redirect_uri||!t.silent_login_uri)return Promise.resolve(null);try{n(a.silentLoginAsync_begin,{});let s=``;if(i&&(r??={},r.state=i),o!=null&&(r??={},r.scope=o),r!=null)for(let[e,t]of Object.entries(r))t!=null&&(s===``?s=`?${encodeURIComponent(e)}=${encodeURIComponent(t)}`:s+=`&${encodeURIComponent(e)}=${encodeURIComponent(t)}`);let c=t.silent_login_uri+s,l=c.indexOf(`/`,c.indexOf(`//`)+2),u=c.substring(0,l),d=document.createElement(`iframe`);return d.width=`0px`,d.height=`0px`,d.id=`${e}_oidc_iframe`,d.setAttribute(`src`,c),d.style.display=`none`,document.body.appendChild(d),new Promise((r,i)=>{let o=!1,s=()=>{window.removeEventListener(`message`,c),d.remove(),o=!0},c=t=>{if(t.origin===u&&t.source===d.contentWindow){let c=`${e}_oidc_tokens:`,l=`${e}_oidc_error:`,u=`${e}_oidc_exception:`,d=t.data;if(d&&typeof d==`string`&&!o){if(d.startsWith(c)){let e=JSON.parse(t.data.replace(c,``));n(a.silentLoginAsync_end,{}),r(e),s()}else if(d.startsWith(l)){let e=JSON.parse(t.data.replace(l,``));n(a.silentLoginAsync_error,e),r({error:`oidc_`+e.error,tokens:null,sessionState:null}),s()}else if(d.startsWith(u)){let e=JSON.parse(t.data.replace(u,``));n(a.silentLoginAsync_error,e),i(Error(e.error)),s()}}}};try{window.addEventListener(`message`,c);let e=t.silent_login_timeout;setTimeout(()=>{o||(s(),n(a.silentLoginAsync_error,{reason:`timeout`}),i(Error(`timeout`)))},e)}catch(e){s(),n(a.silentLoginAsync_error,e),i(e)}})}catch(e){throw n(a.silentLoginAsync_error,e),e}},Me=(e,t,n,r,i)=>(e=null,o=void 0)=>{e={...e};let s=(e,a,o)=>Y(t,n,r.bind(i))(e,a,o);return(async()=>{i.timeoutId&&C.clearTimeout(i.timeoutId);let t;e&&`state`in e&&(t=e.state,delete e.state);try{let c=await s({...n.extras?{...n.extras,...e}:e,prompt:`none`},t,o);if(c)return i.tokens=c.tokens,r(a.token_acquired,{}),i.timeoutId=G(i,i.tokens.expiresAt,e,o),{}}catch(e){return e}})()},Ne=(e,t,n)=>(r,a,o,s=!1)=>{let c=(t,r=void 0,i=void 0)=>Y(e.configurationName,n,e.publishEvent.bind(e))(t,r,i);return new Promise((l,u)=>{n.silent_login_uri&&n.silent_redirect_uri&&n.monitor_session&&r&&o&&!s?(e.checkSessionIFrame=new i(()=>{e.checkSessionIFrame.stop();let r=e.tokens;if(r===null)return;let i=r.idToken,a=r.idTokenPayload;return c({prompt:`none`,id_token_hint:i,scope:n.scope||`openid`}).then(t=>{if(t.error)throw Error(t.error);let n=t.tokens.idTokenPayload;if(a.sub===n.sub){let r=t.sessionState;e.checkSessionIFrame.start(t.sessionState),a.sid===n.sid?console.debug(`SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:`,r):console.debug(`SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:`,r)}else console.debug(`SessionMonitor._callback: Different subject signed into OP:`,n.sub)}).catch(async e=>{console.warn(`SessionMonitor._callback: Silent login failed, logging out other tabs:`,e);for(let[,e]of Object.entries(t))await e.logoutOtherTabAsync(n.client_id,a.sub)})},a,r),e.checkSessionIFrame.load().then(()=>{e.checkSessionIFrame.start(o),l(e.checkSessionIFrame)}).catch(e=>{u(e)})):l(null)})},Pe=e=>!!(e.os===`iOS`&&e.osVersion.startsWith(`12`)||e.os===`Mac OS X`&&e.osVersion.startsWith(`10_15_6`)),Fe=e=>{let t=e.appVersion,n=e.userAgent,r=`-`,i=[{s:`Windows 10`,r:/(Windows 10.0|Windows NT 10.0)/},{s:`Windows 8.1`,r:/(Windows 8.1|Windows NT 6.3)/},{s:`Windows 8`,r:/(Windows 8|Windows NT 6.2)/},{s:`Windows 7`,r:/(Windows 7|Windows NT 6.1)/},{s:`Windows Vista`,r:/Windows NT 6.0/},{s:`Windows Server 2003`,r:/Windows NT 5.2/},{s:`Windows XP`,r:/(Windows NT 5.1|Windows XP)/},{s:`Windows 2000`,r:/(Windows NT 5.0|Windows 2000)/},{s:`Windows ME`,r:/(Win 9x 4.90|Windows ME)/},{s:`Windows 98`,r:/(Windows 98|Win98)/},{s:`Windows 95`,r:/(Windows 95|Win95|Windows_95)/},{s:`Windows NT 4.0`,r:/(Windows NT 4.0|WinNT4.0|WinNT|Windows NT)/},{s:`Windows CE`,r:/Windows CE/},{s:`Windows 3.11`,r:/Win16/},{s:`Android`,r:/Android/},{s:`Open BSD`,r:/OpenBSD/},{s:`Sun OS`,r:/SunOS/},{s:`Chrome OS`,r:/CrOS/},{s:`Linux`,r:/(Linux|X11(?!.*CrOS))/},{s:`iOS`,r:/(iPhone|iPad|iPod)/},{s:`Mac OS X`,r:/Mac OS X/},{s:`Mac OS`,r:/(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/},{s:`QNX`,r:/QNX/},{s:`UNIX`,r:/UNIX/},{s:`BeOS`,r:/BeOS/},{s:`OS/2`,r:/OS\/2/},{s:`Search Bot`,r:/(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/}];for(let e in i){let t=i[e];if(t.r.test(n)){r=t.s;break}}let a=`-`;switch(/Windows/.test(r)&&(a=/Windows (.*)/.exec(r)[1],r=`Windows`),r){case`Mac OS`:case`Mac OS X`:case`Android`:a=/(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(n)[1];break;case`iOS`:{let e=/OS (\d+)_(\d+)_?(\d+)?/.exec(t);e!=null&&e.length>2&&(a=e[1]+`.`+e[2]+`.`+(parseInt(e[3])|0));break}}return{os:r,osVersion:a}};function Ie(){let e=navigator.userAgent,t,n=e.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i)||[];if(/trident/i.test(n[1]))return t=/\brv[ :]+(\d+)/g.exec(e)||[],{name:`ie`,version:t[1]||``};if(n[1]===`Chrome`&&(t=e.match(/\bOPR|Edge\/(\d+)/),t!=null)){let n=t[1];if(!n){let r=e.split(t[0]+`/`);r.length>1&&(n=r[1])}return{name:`opera`,version:n}}return n=n[2]?[n[1],n[2]]:[navigator.appName,navigator.appVersion,`-?`],(t=e.match(/version\/(\d+)/i))!=null&&n.splice(1,1,t[1]),{name:n[0].toLowerCase(),version:n[1]}}var Le=()=>{let{name:e,version:t}=Ie();return e===`chrome`&&parseInt(t)<=70||e===`opera`&&(!t||parseInt(t.split(`.`)[0])<80)||e===`ie`?!1:!Pe(Fe(navigator))},Re=async e=>{let t;if(e.tokens!=null)return!1;e.publishEvent(a.tryKeepExistingSessionAsync_begin,{});try{let n=e.configuration,r=await e.initAsync(n.authority,n.authority_configuration);if(t=await R(n,e.configurationName),t){let{tokens:i}=await t.initAsync(r,`tryKeepExistingSessionAsync`,n);if(i){t.startKeepAliveServiceWorker(),e.tokens=i;let o=t.getLoginParams(e.configurationName);e.timeoutId=G(e,e.tokens.expiresAt,o.extras,o.scope);let s=await t.getSessionStateAsync();return await e.startCheckSessionAsync(r.checkSessionIframe,n.client_id,s),n.preload_user_info&&await e.userInfoAsync(),e.publishEvent(a.tryKeepExistingSessionAsync_end,{success:!0,message:`tokens inside ServiceWorker are valid`}),!0}e.publishEvent(a.tryKeepExistingSessionAsync_end,{success:!1,message:`no exiting session found`})}else{n.service_worker_relative_url&&e.publishEvent(a.service_worker_not_supported_by_browser,{message:`service worker is not supported by this browser`});let t=l(e.configurationName,n.storage??sessionStorage,n.login_state_storage??n.storage??sessionStorage),{tokens:i}=await t.initAsync();if(i){e.tokens=_(i,null,n.token_renew_mode);let o=t.getLoginParams();e.timeoutId=G(e,e.tokens.expiresAt,o.extras,o.scope);let s=await t.getSessionStateAsync();return await e.startCheckSessionAsync(r.checkSessionIframe,n.client_id,s),n.preload_user_info&&await e.userInfoAsync(),e.publishEvent(a.tryKeepExistingSessionAsync_end,{success:!0,message:`tokens inside storage are valid`}),!0}}return e.publishEvent(a.tryKeepExistingSessionAsync_end,{success:!1,message:t?`service worker sessions not retrieved`:`session storage sessions not retrieved`}),!1}catch(n){return console.error(n),t&&await t.clearAsync(),e.publishEvent(a.tryKeepExistingSessionAsync_error,`tokens inside ServiceWorker are invalid`),!1}},ze=e=>{let t=e.match(/^([a-z][\w-]+\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/);if(!t)throw Error(`Invalid URL`);let n=t[6],r=t[7];if(r){let e=r.split(`?`);e.length===2&&(r=e[0],n=e[1])}return n.startsWith(`?`)&&(n=n.slice(1)),t&&{href:e,protocol:t[1],host:t[2],hostname:t[3],port:t[4],path:t[5],search:n,hash:r}},Be=e=>{let t=ze(e),{path:n}=t;n.endsWith(`/`)&&(n=n.slice(0,-1));let{hash:r}=t;return r===`#_=_`&&(r=``),r&&(n+=r),n},X=e=>{let{search:t}=ze(e);return Ve(t)},Ve=e=>{let t={},n,r,i,a=e.split(`&`);for(r=0,i=a.length;r<i;r++)n=a[r].split(`=`),t[decodeURIComponent(n[0])]=decodeURIComponent(n[1]);return t},He=(e,t,n,r,i)=>(o=void 0,s=null,c=!1,u=void 0)=>{let d=s;return s={...s},(async()=>{let f=o||i.getPath();if(`state`in s||(s.state=V(16)),n(a.loginAsync_begin,{}),s)for(let e of Object.keys(s))e.endsWith(`:token_request`)&&delete s[e];try{let n=c?t.silent_redirect_uri:t.redirect_uri;u||=t.scope;let a=t.extras?{...t.extras,...s}:s;a.nonce||=V(12);let o={nonce:a.nonce},p=await R(t,e),m=await r(t.authority,t.authority_configuration),h;if(p)p.setLoginParams({callbackPath:f,extras:d,scope:u}),await p.initAsync(m,`loginAsync`,t),await p.setNonceAsync(o),p.startKeepAliveServiceWorker(),h=p;else{let n=l(e,t.storage??sessionStorage,t.login_state_storage??t.storage??sessionStorage);n.setLoginParams({callbackPath:f,extras:d,scope:u}),await n.setNonceAsync(o),h=n}let g={client_id:t.client_id,redirect_uri:n,scope:u,response_type:`code`,...a};await Oe(h,i)(m.authorizationEndpoint,g)}catch(e){throw n(a.loginAsync_error,e),e}})()},Ue=e=>async(t=!1)=>{try{e.publishEvent(a.loginCallbackAsync_begin,{});let n=e.configuration,r=n.client_id,i=t?n.silent_redirect_uri:n.redirect_uri,o=n.authority,s=n.token_request_timeout,c=await e.initAsync(o,n.authority_configuration),u=X(e.location.getCurrentHref()),d=u.session_state,f=await R(n,e.configurationName),p,m,h,g;if(f)await f.initAsync(c,`loginCallbackAsync`,n),await f.setSessionStateAsync(d),m=await f.getNonceAsync(),h=f.getLoginParams(),g=await f.getStateAsync(),f.startKeepAliveServiceWorker(),p=f;else{let t=l(e.configurationName,n.storage??sessionStorage,n.login_state_storage??n.storage??sessionStorage);await t.setSessionStateAsync(d),m=await t.getNonceAsync(),h=t.getLoginParams(),g=await t.getStateAsync(),p=t}if(u.error||u.error_description)throw Error(`Error from OIDC server: ${u.error} - ${u.error_description}`);if(u.iss&&u.iss!==c.issuer)throw console.error(),Error(`Issuer not valid (expected: ${c.issuer}, received: ${u.iss})`);if(u.state&&u.state!==g)throw Error(`State not valid (expected: ${g}, received: ${u.state})`);let _={code:u.code,grant_type:`authorization_code`,client_id:n.client_id,redirect_uri:i},v={};if(n.token_request_extras)for(let[e,t]of Object.entries(n.token_request_extras))v[e]=t;if(h?.extras)for(let[e,t]of Object.entries(h.extras))e.endsWith(`:token_request`)&&(v[e.replace(`:token_request`,``)]=t);let y=c.tokenEndpoint,b={};if(n.demonstrating_proof_of_possession)if(f)b.DPoP=`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;else{let t=await he(window)(n.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm);await l(e.configurationName,n.storage,n.login_state_storage??n.storage).setDemonstratingProofOfPossessionJwkAsync(t),b.DPoP=await ge(window)(n.demonstrating_proof_of_possession_configuration)(t,`POST`,y)}let x=await ke(p)(y,{..._,...v},b,e.configuration.token_renew_mode,s);if(!x.success)throw Error(`Token request failed`);let C,w=x.data.tokens,T=x.data.demonstratingProofOfPossessionNonce;if(x.data.state!==v.state)throw Error(`state is not valid`);let{isValid:E,reason:D}=S(w,m.nonce,c);if(!E)throw Error(`Tokens are not OpenID valid, reason: ${D}`);if(f){if(w.refreshToken&&!w.refreshToken.includes(`SECURED_BY_OIDC_SERVICE_WORKER`))throw Error(`Refresh token should be hidden by service worker`);if(T&&w?.accessToken.includes(`SECURED_BY_OIDC_SERVICE_WORKER`))throw Error(`Demonstration of proof of possession require Access token not hidden by service worker`)}if(f)await f.initAsync(c,`syncTokensAsync`,n),C=f.getLoginParams(),T&&await f.setDemonstratingProofOfPossessionNonce(T);else{let t=l(e.configurationName,n.storage,n.login_state_storage??n.storage);C=t.getLoginParams(),T&&await t.setDemonstratingProofOfPossessionNonce(T)}return await e.startCheckSessionAsync(c.checkSessionIframe,r,d,t),e.publishEvent(a.loginCallbackAsync_end,{}),{tokens:w,state:`request.state`,callbackPath:C.callbackPath,scope:u.scope,extras:C.extras}}catch(t){throw console.error(t),e.publishEvent(a.loginCallbackAsync_error,t),t}},We={access_token:`access_token`,refresh_token:`refresh_token`},Z=(e,t)=>{let n={};if(e){for(let[r,i]of Object.entries(e))if(r.endsWith(t)){let e=r.replace(t,``);n[e]=i}return n}return n},Ge=e=>{let t={};if(e){for(let[n,r]of Object.entries(e))n.includes(`:`)||(t[n]=r);return t}return t},Ke=e=>async t=>{C.clearTimeout(e.timeoutId),e.timeoutId=null,e.checkSessionIFrame&&e.checkSessionIFrame.stop();let n=await R(e.configuration,e.configurationName);n?await n.clearAsync(t):await l(e.configurationName,e.configuration.storage,e.configuration.login_state_storage??e.configuration.storage).clearAsync(t),e.tokens=null,e.userInfo=null},qe=(e,t,n,r,i)=>async(o=void 0,s=null)=>{let c=e.configuration,l=await e.initAsync(c.authority,c.authority_configuration);o&&typeof o!=`string`&&(o=void 0,r.warn(`callbackPathOrUrl path is not a string`));let u=o??i.getPath(),d=!1;o&&(d=o.includes(`https://`)||o.includes(`http://`));let f=d?o:i.getOrigin()+u,p=e.tokens?e.tokens.idToken:``;try{let t=l.revocationEndpoint;if(t){let r=[],i=e.tokens?e.tokens.accessToken:null;if(i&&c.logout_tokens_to_invalidate.includes(We.access_token)){let e=Z(s,`:revoke_access_token`),a=Ee(n)(t,i,U.access_token,c.client_id,e);r.push(a)}let a=e.tokens?e.tokens.refreshToken:null;if(a&&c.logout_tokens_to_invalidate.includes(We.refresh_token)){let e=Z(s,`:revoke_refresh_token`),i=Ee(n)(t,a,U.refresh_token,c.client_id,e);r.push(i)}r.length>0&&await Promise.all(r)}}catch(e){r.warn(`logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error`),r.warn(e)}let m=e.tokens?.idTokenPayload?.sub??null;await e.destroyAsync(`LOGGED_OUT`);for(let[,n]of Object.entries(t))n===e?e.publishEvent(a.logout_from_same_tab,{}):await e.logoutSameTabAsync(e.configuration.client_id,m);let h=Z(s,`:oidc`);if(h&&h.no_reload===`true`)return;let g=Ge(s);if(l.endSessionEndpoint){`id_token_hint`in g||(g.id_token_hint=p),!(`post_logout_redirect_uri`in g)&&o!==null&&(g.post_logout_redirect_uri=f);let e=``;for(let[t,n]of Object.entries(g))n!=null&&(e===``?e+=`?`:e+=`&`,e+=`${t}=${encodeURIComponent(n)}`);i.open(`${l.endSessionEndpoint}${e}`)}else i.reload()},Je=(e,t,n=!1)=>async(...r)=>{let[i,a,...o]=r,s=a?{...a}:{method:`GET`},c=new Headers;s.headers&&(c=s.headers instanceof Headers?s.headers:new Headers(s.headers));let l=(await x({getTokens:()=>t.tokens,configuration:{token_automatic_renew_mode:t.configuration.token_automatic_renew_mode,refresh_time_before_tokens_expiration_in_second:t.configuration.refresh_time_before_tokens_expiration_in_second},syncTokensInfoAsync:async()=>{let{status:e}=await q(t)(t.configuration,t.configurationName,t.tokens,!1);return e},renewTokensAsync:t.renewTokensAsync.bind(t)}))?.tokens?.accessToken;if(c.has(`Accept`)||c.set(`Accept`,`application/json`),l){if(t.configuration.demonstrating_proof_of_possession&&n){let e=await t.generateDemonstrationOfProofOfPossessionAsync(l,i.toString(),s.method);c.set(`Authorization`,`DPoP ${l}`),c.set(`DPoP`,e)}else c.set(`Authorization`,`Bearer ${l}`);s.credentials||=`same-origin`}return await e(i,{...s,headers:c},...o)},Ye=e=>async(t=!1,n=!1)=>{if(e.userInfo!=null&&!t)return e.userInfo;let r=!t&&e.configuration.storage?.getItem(`oidc.${e.configurationName}.userInfo`);if(r)return e.userInfo=JSON.parse(r),e.userInfo;let i=e.configuration,a=(await e.initAsync(i.authority,i.authority_configuration)).userInfoEndpoint,o=await(async()=>{let t=await Je(fetch,e,n)(a);return t.status===200?t.json():null})();return e.userInfo=o,o&&e.configuration.storage?.setItem(`oidc.${e.configurationName}.userInfo`,JSON.stringify(o)),o},Xe=()=>fetch,Ze=class{constructor(e){this.authorizationEndpoint=e.authorization_endpoint,this.tokenEndpoint=e.token_endpoint,this.revocationEndpoint=e.revocation_endpoint,this.userInfoEndpoint=e.userinfo_endpoint,this.checkSessionIframe=e.check_session_iframe,this.issuer=e.issuer,this.endSessionEndpoint=e.end_session_endpoint}},Q={},Qe=(e,n=new t)=>(t,r=`default`)=>(Q[r]||(Q[r]=new $(t,r,e,n)),Q[r]),$e=async e=>{let{parsedTokens:t,callbackPath:n,extras:r,scope:i}=await e.loginCallbackAsync();return e.timeoutId=G(e,t.expiresAt,r,i),{callbackPath:n}},et=e=>Math.floor(Math.random()*e),$=class e{constructor(e,n=`default`,r,i=new t){this.initPromise=null,this.tryKeepExistingSessionPromise=null,this.loginPromise=null,this.loginCallbackPromise=null,this.loginCallbackWithAutoTokensRenewPromise=null,this.userInfoPromise=null,this.renewTokensPromise=null,this.logoutPromise=null;let a=e.silent_login_uri;e.silent_redirect_uri&&!e.silent_login_uri&&(a=`${e.silent_redirect_uri.replace(`-callback`,``).replace(`callback`,``)}-login`);let o=e.refresh_time_before_tokens_expiration_in_second??120;o>60&&(o-=Math.floor(Math.random()*40)),this.location=i??new t,this.configuration={...e,silent_login_uri:a,token_automatic_renew_mode:e.token_automatic_renew_mode??u.AutomaticBeforeTokenExpiration,monitor_session:e.monitor_session??!1,refresh_time_before_tokens_expiration_in_second:o,silent_login_timeout:e.silent_login_timeout??12e3,token_renew_mode:e.token_renew_mode??h.access_token_or_id_token_invalid,demonstrating_proof_of_possession:e.demonstrating_proof_of_possession??!1,authority_timeout_wellknowurl_in_millisecond:e.authority_timeout_wellknowurl_in_millisecond??1e4,logout_tokens_to_invalidate:e.logout_tokens_to_invalidate??[`access_token`,`refresh_token`],service_worker_activate:e.service_worker_activate??Le,demonstrating_proof_of_possession_configuration:e.demonstrating_proof_of_possession_configuration??de,preload_user_info:e.preload_user_info??!1},this.getFetch=r??Xe,this.configurationName=n,this.tokens=null,this.userInfo=null,this.events=[],this.timeoutId=null,this.loginCallbackWithAutoTokensRenewAsync.bind(this),this.initAsync.bind(this),this.loginCallbackAsync.bind(this),this.subscribeEvents.bind(this),this.removeEventSubscription.bind(this),this.publishEvent.bind(this),this.destroyAsync.bind(this),this.logoutAsync.bind(this),this.renewTokensAsync.bind(this),this.initAsync(this.configuration.authority,this.configuration.authority_configuration)}subscribeEvents(e){let t=et(9999999999999).toString();return this.events.push({id:t,func:e}),t}removeEventSubscription(e){let t=this.events.filter(t=>t.id!==e);this.events=t}publishEvent(e,t){this.events.forEach(n=>{n.func(e,t)})}static{this.getOrCreate=(e,t)=>(n,r=`default`)=>Qe(e,t)(n,r)}static get(e=`default`){let t=typeof process>`u`;if(!Object.prototype.hasOwnProperty.call(Q,e)&&t)throw Error(`OIDC library does seem initialized.
-Please checkout that you are using OIDC hook inside a <OidcProvider configurationName="${e}"></OidcProvider> component.`);return Q[e]}static{this.eventNames=a}_silentLoginCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){let e=this.location,t=X(e.getCurrentHref());window.parent.postMessage(`${this.configurationName}_oidc_tokens:${JSON.stringify({tokens:this.tokens,sessionState:t.session_state})}`,e.getOrigin())}}_silentLoginErrorCallbackFromIFrame(e=null){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){let t=this.location,n=X(t.getCurrentHref());n.error?window.parent.postMessage(`${this.configurationName}_oidc_error:${JSON.stringify({error:n.error})}`,t.getOrigin()):window.parent.postMessage(`${this.configurationName}_oidc_exception:${JSON.stringify({error:e==null?``:e.toString()})}`,t.getOrigin())}}async silentLoginCallbackAsync(){try{await this.loginCallbackAsync(!0),this._silentLoginCallbackFromIFrame()}catch(e){console.error(e),this._silentLoginErrorCallbackFromIFrame(e)}}async initAsync(e,t){if(this.initPromise!==null)return this.initPromise;let n=async()=>{if(t!=null)return new Ze({authorization_endpoint:t.authorization_endpoint,end_session_endpoint:t.end_session_endpoint,revocation_endpoint:t.revocation_endpoint,token_endpoint:t.token_endpoint,userinfo_endpoint:t.userinfo_endpoint,check_session_iframe:t.check_session_iframe,issuer:t.issuer});let n=await R(this.configuration,this.configurationName)?this.configuration.storage||window.sessionStorage:this.configuration.storage;return await Te(this.getFetch())(e,this.configuration.authority_time_cache_wellknowurl_in_second??3600,n,this.configuration.authority_timeout_wellknowurl_in_millisecond)};return this.initPromise=n(),this.initPromise.finally(()=>{this.initPromise=null})}async tryKeepExistingSessionAsync(){return this.tryKeepExistingSessionPromise===null?(this.tryKeepExistingSessionPromise=Re(this),this.tryKeepExistingSessionPromise.finally(()=>{this.tryKeepExistingSessionPromise=null})):this.tryKeepExistingSessionPromise}async startCheckSessionAsync(e,t,n,r=!1){await Ne(this,Q,this.configuration)(e,t,n,r)}async loginAsync(e=void 0,t=null,n=!1,r=void 0,i=!1){return this.logoutPromise&&await this.logoutPromise,this.loginPromise===null?(i?this.loginPromise=Me(window,this.configurationName,this.configuration,this.publishEvent.bind(this),this)(t,r):this.loginPromise=He(this.configurationName,this.configuration,this.publishEvent.bind(this),this.initAsync.bind(this),this.location)(e,t,n,r),this.loginPromise.finally(()=>{this.loginPromise=null})):this.loginPromise}async loginCallbackAsync(t=!1){if(this.loginCallbackPromise!==null)return this.loginCallbackPromise;let n=async()=>{let n=await Ue(this)(t),r=n.tokens;return this.tokens=r,await R(this.configuration,this.configurationName)||l(this.configurationName,this.configuration.storage,this.configuration.login_state_storage??this.configuration.storage).setTokens(r),this.publishEvent(e.eventNames.token_acquired,r),this.configuration.preload_user_info&&await this.userInfoAsync(),{parsedTokens:r,state:n.state,callbackPath:n.callbackPath,scope:n.scope,extras:n.extras}};return this.loginCallbackPromise=n(),this.loginCallbackPromise.finally(()=>{this.loginCallbackPromise=null})}async generateDemonstrationOfProofOfPossessionAsync(e,t,n,r={}){let i=this.configuration,a={ath:await Se(e),...r};if(await R(i,this.configurationName))return`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${this.configurationName}#tabId=${k(this.configurationName)}`;let o=l(this.configurationName,i.storage,i.login_state_storage??i.storage),s=await o.getDemonstratingProofOfPossessionJwkAsync(),c=o.getDemonstratingProofOfPossessionNonce();return c&&(a.nonce=c),await ge(window)(i.demonstrating_proof_of_possession_configuration)(s,n,t,a)}loginCallbackWithAutoTokensRenewAsync(){return this.loginCallbackWithAutoTokensRenewPromise===null?(this.loginCallbackWithAutoTokensRenewPromise=$e(this),this.loginCallbackWithAutoTokensRenewPromise.finally(()=>{this.loginCallbackWithAutoTokensRenewPromise=null})):this.loginCallbackWithAutoTokensRenewPromise}userInfoAsync(e=!1,t=!1){return this.userInfoPromise===null?(this.userInfoPromise=Ye(this)(e,t),this.userInfoPromise.finally(()=>{this.userInfoPromise=null})):this.userInfoPromise}async renewTokensAsync(e=null,t=null){if(this.renewTokensPromise!==null)return this.renewTokensPromise;if(this.timeoutId)return C.clearTimeout(this.timeoutId),this.renewTokensPromise=je(this,!0,e,t),this.renewTokensPromise.finally(()=>{this.renewTokensPromise=null})}async destroyAsync(e){return await Ke(this)(e)}async logoutSameTabAsync(e,t){this.configuration.monitor_session&&this.configuration.client_id===e&&t&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===t&&(await this.destroyAsync(`LOGGED_OUT`),this.publishEvent(a.logout_from_same_tab,{mmessage:`SessionMonitor`,sub:t}))}async logoutOtherTabAsync(e,t){this.configuration.monitor_session&&this.configuration.client_id===e&&t&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===t&&(await this.destroyAsync(`LOGGED_OUT`),this.publishEvent(a.logout_from_another_tab,{message:`SessionMonitor`,sub:t}))}async logoutAsync(e=void 0,t=null){return this.logoutPromise?this.logoutPromise:(this.logoutPromise=qe(this,Q,this.getFetch(),console,this.location)(e,t),this.logoutPromise.finally(()=>{this.logoutPromise=null}))}};e.OidcClient=class e{constructor(e){this._oidc=e}subscribeEvents(e){return this._oidc.subscribeEvents(e)}removeEventSubscription(e){this._oidc.removeEventSubscription(e)}publishEvent(e,t){this._oidc.publishEvent(e,t)}static{this.getOrCreate=(n,r=new t)=>(t,i=`default`)=>new e($.getOrCreate(n,r)(t,i))}static get(t=`default`){return new e($.get(t))}static{this.eventNames=$.eventNames}tryKeepExistingSessionAsync(){return this._oidc.tryKeepExistingSessionAsync()}loginAsync(e=void 0,t=null,n=!1,r=void 0,i=!1){return this._oidc.loginAsync(e,t,n,r,i)}logoutAsync(e=void 0,t=null){return this._oidc.logoutAsync(e,t)}silentLoginCallbackAsync(){return this._oidc.silentLoginCallbackAsync()}renewTokensAsync(e=null,t=null){return this._oidc.renewTokensAsync(e,t)}loginCallbackAsync(){return this._oidc.loginCallbackWithAutoTokensRenewAsync()}get tokens(){return this._oidc.tokens}get configuration(){return this._oidc.configuration}async generateDemonstrationOfProofOfPossessionAsync(e,t,n,r={}){return this._oidc.generateDemonstrationOfProofOfPossessionAsync(e,t,n,r)}async getValidTokenAsync(e=200,t=50){let n=this._oidc;return x({getTokens:()=>n.tokens,configuration:{token_automatic_renew_mode:n.configuration.token_automatic_renew_mode,refresh_time_before_tokens_expiration_in_second:n.configuration.refresh_time_before_tokens_expiration_in_second},syncTokensInfoAsync:async()=>{let{status:e}=await q(n)(n.configuration,n.configurationName,n.tokens,!1);return e},renewTokensAsync:n.renewTokensAsync.bind(n)},e,t)}fetchWithTokens(e,t=!1){return Je(e,this._oidc,t)}async userInfoAsync(e=!1,t=!1){return this._oidc.userInfoAsync(e,t)}userInfo(){return this._oidc.userInfo}},e.OidcLocation=t,e.TokenAutomaticRenewMode=u,e.TokenRenewMode=h,e.getFetchDefault=Xe,e.getParseQueryStringFromLocation=X,e.getPath=Be});
+(function(e,t){typeof exports==`object`&&typeof module<`u`?t(exports):typeof define==`function`&&define.amd?define([`exports`],t):(e=typeof globalThis<`u`?globalThis:e||self,t(e[`oidc-client`]={}))})(this,function(e){Object.defineProperty(e,Symbol.toStringTag,{value:`Module`});var t={service_worker_not_supported_by_browser:`service_worker_not_supported_by_browser`,token_acquired:`token_acquired`,logout_from_another_tab:`logout_from_another_tab`,logout_from_same_tab:`logout_from_same_tab`,token_renewed:`token_renewed`,token_timer:`token_timer`,loginAsync_begin:`loginAsync_begin`,loginAsync_error:`loginAsync_error`,loginCallbackAsync_begin:`loginCallbackAsync_begin`,loginCallbackAsync_end:`loginCallbackAsync_end`,loginCallbackAsync_error:`loginCallbackAsync_error`,refreshTokensAsync_begin:`refreshTokensAsync_begin`,refreshTokensAsync:`refreshTokensAsync`,refreshTokensAsync_end:`refreshTokensAsync_end`,refreshTokensAsync_error:`refreshTokensAsync_error`,refreshTokensAsync_silent_error:`refreshTokensAsync_silent_error`,tryKeepExistingSessionAsync_begin:`tryKeepExistingSessionAsync_begin`,tryKeepExistingSessionAsync_end:`tryKeepExistingSessionAsync_end`,tryKeepExistingSessionAsync_error:`tryKeepExistingSessionAsync_error`,silentLoginAsync_begin:`silentLoginAsync_begin`,silentLoginAsync:`silentLoginAsync`,silentLoginAsync_end:`silentLoginAsync_end`,silentLoginAsync_error:`silentLoginAsync_error`,syncTokensAsync_begin:`syncTokensAsync_begin`,syncTokensAsync_lock_not_available:`syncTokensAsync_lock_not_available`,syncTokensAsync_end:`syncTokensAsync_end`,syncTokensAsync_error:`syncTokensAsync_error`,tokensInvalidAndWaitingActionsToRefresh:`tokensInvalidAndWaitingActionsToRefresh`,loadingTimeout_error:`loadingTimeout_error`},n=(e,t,n)=>{if(n==null){delete e[t];return}e[t]=JSON.stringify(n)},r=(e,t,n)=>{if(n==null){delete e[t];return}e[t]=n},i=e=>{if(typeof e!=`string`||e===`undefined`||e===`null`||e===``)return null;try{return JSON.parse(e)}catch{return null}},a=(e,t=sessionStorage,a)=>{let o=a??t,s=r=>(n(t,`oidc.${e}`,{tokens:null,status:r}),delete t[`oidc.${e}.userInfo`],a&&a!==t&&(delete o[`oidc.login.${e}`],delete o[`oidc.state.${e}`],delete o[`oidc.code_verifier.${e}`],delete o[`oidc.nonce.${e}`]),Promise.resolve()),c=async()=>{let r=i(t[`oidc.${e}`]);return r?Promise.resolve({tokens:r.tokens,status:r.status}):(n(t,`oidc.${e}`,{tokens:null,status:null}),{tokens:null,status:null})},l=r=>{n(t,`oidc.${e}`,{tokens:r})},u=async n=>{r(t,`oidc.session_state.${e}`,n)},d=async()=>t[`oidc.session_state.${e}`],f=t=>{r(o,`oidc.nonce.${e}`,t?.nonce)},p=r=>{n(t,`oidc.jwk.${e}`,r)},m=()=>i(t[`oidc.jwk.${e}`]),h=async()=>({nonce:o[`oidc.nonce.${e}`]}),g=async n=>{r(t,`oidc.dpop_nonce.${e}`,n)},_=()=>t[`oidc.dpop_nonce.${e}`],v=()=>{let n=i(t[`oidc.${e}`]);return n?JSON.stringify({tokens:n.tokens}):null},y={};return{clearAsync:s,initAsync:c,setTokens:l,getTokens:v,setSessionStateAsync:u,getSessionStateAsync:d,setNonceAsync:f,getNonceAsync:h,setLoginParams:t=>{if(t==null){delete y[e],delete o[`oidc.login.${e}`];return}y[e]=t,n(o,`oidc.login.${e}`,t)},getLoginParams:()=>{if(y[e])return y[e];let t=i(o[`oidc.login.${e}`]);return t===null?(console.warn(`storage[oidc.login.${e}] is empty, you should have an bad OIDC or code configuration somewhere.`),null):(y[e]=t,t)},getStateAsync:async()=>o[`oidc.state.${e}`],setStateAsync:async t=>{r(o,`oidc.state.${e}`,t)},getCodeVerifierAsync:async()=>o[`oidc.code_verifier.${e}`],setCodeVerifierAsync:async t=>{r(o,`oidc.code_verifier.${e}`,t)},setDemonstratingProofOfPossessionNonce:g,getDemonstratingProofOfPossessionNonce:_,setDemonstratingProofOfPossessionJwkAsync:p,getDemonstratingProofOfPossessionJwkAsync:m}},o=2e3,s=console,c=class{constructor(e,t,n,r=o,i=!0){this._callback=e,this._client_id=t,this._url=n,this._interval=r||o,this._stopOnError=i;let a=n.indexOf(`/`,n.indexOf(`//`)+2);this._frame_origin=n.substring(0,a),this._frame=window.document.createElement(`iframe`),this._frame.style.visibility=`hidden`,this._frame.style.position=`absolute`,this._frame.style.display=`none`,this._frame.width=0,this._frame.height=0,this._frame.src=n}load(){return new Promise(e=>{this._frame.onload=()=>{e()},window.document.body.appendChild(this._frame),this._boundMessageEvent=this._message.bind(this),window.addEventListener(`message`,this._boundMessageEvent,!1)})}_message(e){e.origin===this._frame_origin&&e.source===this._frame.contentWindow&&(e.data===`error`?(s.error(`CheckSessionIFrame: error message from check session op iframe`),this._stopOnError&&this.stop()):e.data===`changed`?(s.debug(e),s.debug(`CheckSessionIFrame: changed message from check session op iframe`),this.stop(),this._callback()):s.debug(`CheckSessionIFrame: `+e.data+` message from check session op iframe`))}start(e){s.debug(`CheckSessionIFrame.start :`+e),this.stop();let t=()=>{this._frame.contentWindow.postMessage(this._client_id+` `+e,this._frame_origin)};t(),this._timer=window.setInterval(t,this._interval)}stop(){this._timer&&=(s.debug(`CheckSessionIFrame.stop`),window.clearInterval(this._timer),null)}},l=(function(){let e=typeof window>`u`?global:window;return{setTimeout:setTimeout.bind(e),clearTimeout:clearTimeout.bind(e),setInterval:setInterval.bind(e),clearInterval:clearInterval.bind(e)}})(),u=(e,n,r)=>(i=null,a=null,o=null)=>{if(!n.silent_redirect_uri||!n.silent_login_uri)return Promise.resolve(null);try{r(t.silentLoginAsync_begin,{});let s=``;if(a&&(i??={},i.state=a),o!=null&&(i??={},i.scope=o),i!=null)for(let[e,t]of Object.entries(i))t!=null&&(s===``?s=`?${encodeURIComponent(e)}=${encodeURIComponent(t)}`:s+=`&${encodeURIComponent(e)}=${encodeURIComponent(t)}`);let c=n.silent_login_uri+s,l=c.indexOf(`/`,c.indexOf(`//`)+2),u=c.substring(0,l),d=document.createElement(`iframe`);return d.width=`0px`,d.height=`0px`,d.id=`${e}_oidc_iframe`,d.setAttribute(`src`,c),d.style.display=`none`,document.body.appendChild(d),new Promise((i,a)=>{let o=!1,s=()=>{window.removeEventListener(`message`,c),d.remove(),o=!0},c=n=>{if(n.origin===u&&n.source===d.contentWindow){let c=`${e}_oidc_tokens:`,l=`${e}_oidc_error:`,u=`${e}_oidc_exception:`,d=n.data;if(d&&typeof d==`string`&&!o){if(d.startsWith(c)){let e=JSON.parse(n.data.replace(c,``));r(t.silentLoginAsync_end,{}),i(e),s()}else if(d.startsWith(l)){let e=JSON.parse(n.data.replace(l,``));r(t.silentLoginAsync_error,e),i({error:`oidc_`+e.error,tokens:null,sessionState:null}),s()}else if(d.startsWith(u)){let e=JSON.parse(n.data.replace(u,``));r(t.silentLoginAsync_error,e),a(Error(e.error)),s()}}}};try{window.addEventListener(`message`,c);let e=n.silent_login_timeout;setTimeout(()=>{o||(s(),r(t.silentLoginAsync_error,{reason:`timeout`}),a(Error(`timeout`)))},e)}catch(e){s(),r(t.silentLoginAsync_error,e),a(e)}})}catch(e){throw r(t.silentLoginAsync_error,e),e}},d=(e,n,r,i,a)=>(e=null,o=void 0)=>{e={...e};let s=(e,t,o)=>u(n,r,i.bind(a))(e,t,o);return(async()=>{a.timeoutId&&l.clearTimeout(a.timeoutId);let n;e&&`state`in e&&(n=e.state,delete e.state);try{let c=await s({...r.extras?{...r.extras,...e}:e,prompt:`none`},n,o);if(c)return a.tokens=c.tokens,i(t.token_acquired,{}),a.timeoutId=R(a,a.tokens.expiresAt,e,o),{}}catch(e){return e}})()},f=(e,t,n)=>(r,i,a,o=!1)=>{let s=(t,r=void 0,i=void 0)=>u(e.configurationName,n,e.publishEvent.bind(e))(t,r,i);return new Promise((l,u)=>{n.silent_login_uri&&n.silent_redirect_uri&&n.monitor_session&&r&&a&&!o?(e.checkSessionIFrame=new c(()=>{e.checkSessionIFrame.stop();let r=e.tokens;if(r===null)return;let i=r.idToken,a=r.idTokenPayload;return s({prompt:`none`,id_token_hint:i,scope:n.scope||`openid`}).then(t=>{if(t.error)throw Error(t.error);let n=t.tokens.idTokenPayload;if(a.sub===n.sub){let r=t.sessionState;e.checkSessionIFrame.start(t.sessionState),a.sid===n.sid?console.debug(`SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:`,r):console.debug(`SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:`,r)}else console.debug(`SessionMonitor._callback: Different subject signed into OP:`,n.sub)}).catch(async e=>{console.warn(`SessionMonitor._callback: Silent login failed, logging out other tabs:`,e);for(let[,e]of Object.entries(t))await e.logoutOtherTabAsync(n.client_id,a.sub)})},i,r),e.checkSessionIFrame.load().then(()=>{e.checkSessionIFrame.start(a),l(e.checkSessionIFrame)}).catch(e=>{u(e)})):l(null)})};function p(e){return new TextEncoder().encode(e)}function m(e){return btoa(e).replace(/\+/g,`-`).replace(/\//g,`_`).replace(/=+/g,``)}function h(e){return encodeURIComponent(e).replace(/%([0-9A-F]{2})/g,function(e,t){return String.fromCharCode(parseInt(t,16))})}var g=e=>{let t=``;return e.forEach(function(e){t+=String.fromCharCode(e)}),m(t)};function _(e){return m(h(e))}var v={importKeyAlgorithm:{name:`ECDSA`,namedCurve:`P-256`,hash:{name:`ES256`}},signAlgorithm:{name:`ECDSA`,hash:{name:`SHA-256`}},generateKeyAlgorithm:{name:`ECDSA`,namedCurve:`P-256`},digestAlgorithm:{name:`SHA-256`},jwtHeaderAlgorithm:`ES256`},y={sign:e=>async(t,n,r,i,a=`dpop+jwt`)=>{switch(t=Object.assign({},t),n.typ=a,n.alg=i.jwtHeaderAlgorithm,n.alg){case`ES256`:n.jwk={kty:t.kty,crv:t.crv,x:t.x,y:t.y};break;case`RS256`:n.jwk={kty:t.kty,n:t.n,e:t.e,kid:n.kid};break;default:throw Error(`Unknown or not implemented JWS algorithm`)}let o={protected:_(JSON.stringify(n)),payload:_(JSON.stringify(r))},s=i.importKeyAlgorithm,c=await e.crypto.subtle.importKey(`jwk`,t,s,!0,[`sign`]),l=p(`${o.protected}.${o.payload}`),u=i.signAlgorithm,d=await e.crypto.subtle.sign(u,c,l);return o.signature=g(new Uint8Array(d)),`${o.protected}.${o.payload}.${o.signature}`}},b={generate:e=>async t=>{let n=t,r=await e.crypto.subtle.generateKey(n,!0,[`sign`,`verify`]);return await e.crypto.subtle.exportKey(`jwk`,r.privateKey)},neuter:e=>{let t=Object.assign({},e);return delete t.d,t.key_ops=[`verify`],t}},x={thumbprint:e=>async(t,n)=>{let r;switch(t.kty){case`EC`:r=`{"crv":"CRV","kty":"EC","x":"X","y":"Y"}`.replace(`CRV`,t.crv).replace(`X`,t.x).replace(`Y`,t.y);break;case`RSA`:r=`{"e":"E","kty":"RSA","n":"N"}`.replace(`E`,t.e).replace(`N`,t.n);break;default:throw Error(`Unknown or not implemented JWK type`)}let i=await e.crypto.subtle.digest(n,p(r));return g(new Uint8Array(i))}},ee=e=>async t=>await b.generate(e)(t),S=e=>t=>async(n,r=`POST`,i,a={})=>{let o={jti:btoa(C()),htm:r,htu:i,iat:Math.round(Date.now()/1e3),...a},s=await x.thumbprint(e)(n,t.digestAlgorithm);return await y.sign(e)(n,{kid:s},o,t)},C=()=>{let e=`xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx`,t=`0123456789abcdef`,n=0,r=``;for(let i=0;i<36;i++)e[i]!==`-`&&e[i]!==`4`&&(n=Math.random()*16|0),e[i]===`x`?r+=t[n]:e[i]===`y`?(n&=3,n|=8,r+=t[n]):r+=e[i];return r},w=()=>{let e=typeof window<`u`&&!!window.crypto;return{hasCrypto:e,hasSubtleCrypto:e&&!!window.crypto.subtle}},T=`ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789`,E=e=>{let t=[];for(let n=0;n<e.byteLength;n+=1){let r=e[n]%62;t.push(T[r])}return t.join(``)},D=e=>{let t=new Uint8Array(e),{hasCrypto:n}=w();if(n)window.crypto.getRandomValues(t);else for(let n=0;n<e;n+=1)t[n]=Math.random()*62|0;return E(t)};function te(e){let t=new ArrayBuffer(e.length),n=new Uint8Array(t);for(let t=0;t<e.length;t++)n[t]=e.charCodeAt(t);return n}function ne(e){return new Promise((t,n)=>{crypto.subtle.digest(`SHA-256`,te(e)).then(e=>t(g(new Uint8Array(e))),e=>n(e))})}var re=e=>{if(e.length<43||e.length>128)return Promise.reject(Error(`Invalid code length.`));let{hasSubtleCrypto:t}=w();return t?ne(e):Promise.reject(Error(`window.crypto.subtle is unavailable.`))},ie=e=>!!(e.os===`iOS`&&e.osVersion.startsWith(`12`)||e.os===`Mac OS X`&&e.osVersion.startsWith(`10_15_6`)),ae=e=>{let t=e.appVersion,n=e.userAgent,r=`-`,i=[{s:`Windows 10`,r:/(Windows 10.0|Windows NT 10.0)/},{s:`Windows 8.1`,r:/(Windows 8.1|Windows NT 6.3)/},{s:`Windows 8`,r:/(Windows 8|Windows NT 6.2)/},{s:`Windows 7`,r:/(Windows 7|Windows NT 6.1)/},{s:`Windows Vista`,r:/Windows NT 6.0/},{s:`Windows Server 2003`,r:/Windows NT 5.2/},{s:`Windows XP`,r:/(Windows NT 5.1|Windows XP)/},{s:`Windows 2000`,r:/(Windows NT 5.0|Windows 2000)/},{s:`Windows ME`,r:/(Win 9x 4.90|Windows ME)/},{s:`Windows 98`,r:/(Windows 98|Win98)/},{s:`Windows 95`,r:/(Windows 95|Win95|Windows_95)/},{s:`Windows NT 4.0`,r:/(Windows NT 4.0|WinNT4.0|WinNT|Windows NT)/},{s:`Windows CE`,r:/Windows CE/},{s:`Windows 3.11`,r:/Win16/},{s:`Android`,r:/Android/},{s:`Open BSD`,r:/OpenBSD/},{s:`Sun OS`,r:/SunOS/},{s:`Chrome OS`,r:/CrOS/},{s:`Linux`,r:/(Linux|X11(?!.*CrOS))/},{s:`iOS`,r:/(iPhone|iPad|iPod)/},{s:`Mac OS X`,r:/Mac OS X/},{s:`Mac OS`,r:/(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/},{s:`QNX`,r:/QNX/},{s:`UNIX`,r:/UNIX/},{s:`BeOS`,r:/BeOS/},{s:`OS/2`,r:/OS\/2/},{s:`Search Bot`,r:/(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/}];for(let e in i){let t=i[e];if(t.r.test(n)){r=t.s;break}}let a=`-`;switch(/Windows/.test(r)&&(a=/Windows (.*)/.exec(r)[1],r=`Windows`),r){case`Mac OS`:case`Mac OS X`:case`Android`:a=/(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(n)[1];break;case`iOS`:{let e=/OS (\d+)_(\d+)_?(\d+)?/.exec(t);e!=null&&e.length>2&&(a=e[1]+`.`+e[2]+`.`+(parseInt(e[3])|0));break}}return{os:r,osVersion:a}};function oe(){let e=navigator.userAgent,t,n=e.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i)||[];if(/trident/i.test(n[1]))return t=/\brv[ :]+(\d+)/g.exec(e)||[],{name:`ie`,version:t[1]||``};if(n[1]===`Chrome`&&(t=e.match(/\bOPR|Edge\/(\d+)/),t!=null)){let n=t[1];if(!n){let r=e.split(t[0]+`/`);r.length>1&&(n=r[1])}return{name:`opera`,version:n}}return n=n[2]?[n[1],n[2]]:[navigator.appName,navigator.appVersion,`-?`],(t=e.match(/version\/(\d+)/i))!=null&&n.splice(1,1,t[1]),{name:n[0].toLowerCase(),version:n[1]}}var se=()=>{let{name:e,version:t}=oe();return e===`chrome`&&parseInt(t)<=70||e===`opera`&&(!t||parseInt(t.split(`.`)[0])<80)||e===`ie`?!1:!ie(ae(navigator))},ce=async e=>{let n;if(e.tokens!=null)return!1;e.publishEvent(t.tryKeepExistingSessionAsync_begin,{});try{let r=e.configuration,i=await e.initAsync(r.authority,r.authority_configuration);if(n=await $(r,e.configurationName),n){let{tokens:a}=await n.initAsync(i,`tryKeepExistingSessionAsync`,r);if(a){n.startKeepAliveServiceWorker(),e.tokens=a;let o=n.getLoginParams(e.configurationName);e.timeoutId=R(e,e.tokens.expiresAt,o.extras,o.scope);let s=await n.getSessionStateAsync();return await e.startCheckSessionAsync(i.checkSessionIframe,r.client_id,s),r.preload_user_info&&await e.userInfoAsync(),e.publishEvent(t.tryKeepExistingSessionAsync_end,{success:!0,message:`tokens inside ServiceWorker are valid`}),!0}e.publishEvent(t.tryKeepExistingSessionAsync_end,{success:!1,message:`no exiting session found`})}else{r.service_worker_relative_url&&e.publishEvent(t.service_worker_not_supported_by_browser,{message:`service worker is not supported by this browser`});let n=a(e.configurationName,r.storage??sessionStorage,r.login_state_storage??r.storage??sessionStorage),{tokens:o}=await n.initAsync();if(o){e.tokens=U(o,null,r.token_renew_mode);let a=n.getLoginParams();e.timeoutId=R(e,e.tokens.expiresAt,a.extras,a.scope);let s=await n.getSessionStateAsync();return await e.startCheckSessionAsync(i.checkSessionIframe,r.client_id,s),r.preload_user_info&&await e.userInfoAsync(),e.publishEvent(t.tryKeepExistingSessionAsync_end,{success:!0,message:`tokens inside storage are valid`}),!0}}return e.publishEvent(t.tryKeepExistingSessionAsync_end,{success:!1,message:n?`service worker sessions not retrieved`:`session storage sessions not retrieved`}),!1}catch(r){return console.error(r),n&&await n.clearAsync(),e.publishEvent(t.tryKeepExistingSessionAsync_error,`tokens inside ServiceWorker are invalid`),!1}},O=class{open(e){window.location.href=e}reload(){window.location.reload()}getCurrentHref(){return window.location.href}getPath(){let e=window.location;return e.pathname+(e.search||``)+(e.hash||``)}getOrigin(){return window.origin}},k={},le=(e,t=window.sessionStorage,n)=>{if(!k[e]&&t){let n=t.getItem(e);n&&(k[e]=JSON.parse(n))}let r=1e3*n;return k[e]&&k[e].timestamp+r>Date.now()?k[e].result:null},ue=(e,t,n=window.sessionStorage)=>{let r=Date.now();k[e]={result:t,timestamp:r},n&&n.setItem(e,JSON.stringify({result:t,timestamp:r}))},de=3600,fe=e=>async(t,n=de,r=window.sessionStorage,i=1e4)=>{let a=`${t}/.well-known/openid-configuration`,o=`oidc.server:${t}`,s=le(o,r,n);if(s)return new F(s);let c=await A(e)(a,{},i);if(c.status!==200)return null;let l=await c.json();return ue(o,l,r),new F(l)},A=e=>async(t,n={},r=1e4,i=0)=>{let a;try{let i=new AbortController;setTimeout(()=>i.abort(),r),a=await e(t,{...n,signal:i.signal})}catch(a){if(a.name===`AbortError`||a.message===`Network request failed`){if(i<=1)return await A(e)(t,n,r,i+1);throw a}else throw console.error(a.message),a}return a},j={refresh_token:`refresh_token`,access_token:`access_token`},pe=e=>async(t,n,r=j.refresh_token,i,a={},o=1e4)=>{let s={token:n,token_type_hint:r,client_id:i};for(let[e,t]of Object.entries(a))s[e]===void 0&&(s[e]=t);let c=[];for(let e in s){let t=encodeURIComponent(e),n=encodeURIComponent(s[e]);c.push(`${t}=${n}`)}let l=c.join(`&`);return(await A(e)(t,{method:`POST`,headers:{"Content-Type":`application/x-www-form-urlencoded;charset=UTF-8`},body:l},o)).status===200?{success:!0}:{success:!1}},me=e=>async(t,n,r,i,a={},o,s=1e4)=>{for(let[e,t]of Object.entries(r))n[e]===void 0&&(n[e]=t);let c=[];for(let e in n){let t=encodeURIComponent(e),r=encodeURIComponent(n[e]);c.push(`${t}=${r}`)}let l=c.join(`&`),u=await A(e)(t,{method:`POST`,headers:{"Content-Type":`application/x-www-form-urlencoded;charset=UTF-8`,...a},body:l},s);if(u.status!==200)return{success:!1,status:u.status,demonstratingProofOfPossessionNonce:null};let d=await u.json(),f=null;return u.headers.has(M)&&(f=u.headers.get(M)),{success:!0,status:u.status,data:W(d,i,o),demonstratingProofOfPossessionNonce:f}},he=(e,t)=>async(n,r)=>{r=r?{...r}:{};let i=D(128),a=await re(i);await e.setCodeVerifierAsync(i),await e.setStateAsync(r.state),r.code_challenge=a,r.code_challenge_method=`S256`;let o=``;if(r)for(let[e,t]of Object.entries(r))o===``?o+=`?`:o+=`&`,o+=`${e}=${encodeURIComponent(t)}`;t.open(`${n}${o}`)},M=`DPoP-Nonce`,ge=e=>async(t,n,r,i,a=1e4)=>{n=n?{...n}:{},n.code_verifier=await e.getCodeVerifierAsync();let o=[];for(let e in n){let t=encodeURIComponent(e),r=encodeURIComponent(n[e]);o.push(`${t}=${r}`)}let s=o.join(`&`),c=await A(fetch)(t,{method:`POST`,headers:{"Content-Type":`application/x-www-form-urlencoded;charset=UTF-8`,...r},body:s},a);if(await Promise.all([e.setCodeVerifierAsync(null),e.setStateAsync(null)]),c.status!==200)return{success:!1,status:c.status};let l=null;c.headers.has(M)&&(l=c.headers.get(M));let u=await c.json();return{success:!0,data:{state:n.state,tokens:W(u,null,i),demonstratingProofOfPossessionNonce:l}}},_e=e=>{let t=e.match(/^([a-z][\w-]+\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/);if(!t)throw Error(`Invalid URL`);let n=t[6],r=t[7];if(r){let e=r.split(`?`);e.length===2&&(r=e[0],n=e[1])}return n.startsWith(`?`)&&(n=n.slice(1)),t&&{href:e,protocol:t[1],host:t[2],hostname:t[3],port:t[4],path:t[5],search:n,hash:r}},ve=e=>{let t=_e(e),{path:n}=t;n.endsWith(`/`)&&(n=n.slice(0,-1));let{hash:r}=t;return r===`#_=_`&&(r=``),r&&(n+=r),n},N=e=>{let{search:t}=_e(e);return ye(t)},ye=e=>{let t={},n,r,i,a=e.split(`&`);for(r=0,i=a.length;r<i;r++)n=a[r].split(`=`),t[decodeURIComponent(n[0])]=decodeURIComponent(n[1]);return t},be=(e,n,r,i,o)=>(s=void 0,c=null,l=!1,u=void 0)=>{let d=c;return c={...c},(async()=>{let f=s||o.getPath();if(`state`in c||(c.state=D(16)),r(t.loginAsync_begin,{}),c)for(let e of Object.keys(c))e.endsWith(`:token_request`)&&delete c[e];try{let t=l?n.silent_redirect_uri:n.redirect_uri;u||=n.scope;let r=n.extras?{...n.extras,...c}:c;r.nonce||=D(12);let s={nonce:r.nonce},p=await $(n,e),m=await i(n.authority,n.authority_configuration),h;if(p)p.setLoginParams({callbackPath:f,extras:d,scope:u}),await p.initAsync(m,`loginAsync`,n),await p.setNonceAsync(s),p.startKeepAliveServiceWorker(),h=p;else{let t=a(e,n.storage??sessionStorage,n.login_state_storage??n.storage??sessionStorage);t.setLoginParams({callbackPath:f,extras:d,scope:u}),await t.setNonceAsync(s),h=t}let g={client_id:n.client_id,redirect_uri:t,scope:u,response_type:`code`,...r};await he(h,o)(m.authorizationEndpoint,g)}catch(e){throw r(t.loginAsync_error,e),e}})()},xe=e=>async(n=!1)=>{try{e.publishEvent(t.loginCallbackAsync_begin,{});let r=e.configuration,i=r.client_id,o=n?r.silent_redirect_uri:r.redirect_uri,s=r.authority,c=r.token_request_timeout,l=await e.initAsync(s,r.authority_configuration),u=N(e.location.getCurrentHref()),d=u.session_state,f=await $(r,e.configurationName),p,m,h,g;if(f)await f.initAsync(l,`loginCallbackAsync`,r),await f.setSessionStateAsync(d),m=await f.getNonceAsync(),h=f.getLoginParams(),g=await f.getStateAsync(),f.startKeepAliveServiceWorker(),p=f;else{let t=a(e.configurationName,r.storage??sessionStorage,r.login_state_storage??r.storage??sessionStorage);await t.setSessionStateAsync(d),m=await t.getNonceAsync(),h=t.getLoginParams(),g=await t.getStateAsync(),p=t}if(u.error||u.error_description)throw Error(`Error from OIDC server: ${u.error} - ${u.error_description}`);if(u.iss&&u.iss!==l.issuer)throw console.error(),Error(`Issuer not valid (expected: ${l.issuer}, received: ${u.iss})`);if(u.state&&u.state!==g)throw Error(`State not valid (expected: ${g}, received: ${u.state})`);let _={code:u.code,grant_type:`authorization_code`,client_id:r.client_id,redirect_uri:o},v={};if(r.token_request_extras)for(let[e,t]of Object.entries(r.token_request_extras))v[e]=t;if(h?.extras)for(let[e,t]of Object.entries(h.extras))e.endsWith(`:token_request`)&&(v[e.replace(`:token_request`,``)]=t);let y=l.tokenEndpoint,b={};if(r.demonstrating_proof_of_possession)if(f)b.DPoP=`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${e.configurationName}`;else{let t=await ee(window)(r.demonstrating_proof_of_possession_configuration.generateKeyAlgorithm);await a(e.configurationName,r.storage,r.login_state_storage??r.storage).setDemonstratingProofOfPossessionJwkAsync(t),b.DPoP=await S(window)(r.demonstrating_proof_of_possession_configuration)(t,`POST`,y)}let x=await ge(p)(y,{..._,...v},b,e.configuration.token_renew_mode,c);if(!x.success)throw Error(`Token request failed`);let C,w=x.data.tokens,T=x.data.demonstratingProofOfPossessionNonce;if(x.data.state!==v.state)throw Error(`state is not valid`);let{isValid:E,reason:D}=He(w,m.nonce,l);if(!E)throw Error(`Tokens are not OpenID valid, reason: ${D}`);if(f){if(w.refreshToken&&!w.refreshToken.includes(`SECURED_BY_OIDC_SERVICE_WORKER`))throw Error(`Refresh token should be hidden by service worker`);if(T&&w?.accessToken.includes(`SECURED_BY_OIDC_SERVICE_WORKER`))throw Error(`Demonstration of proof of possession require Access token not hidden by service worker`)}if(f)await f.initAsync(l,`syncTokensAsync`,r),C=f.getLoginParams(),T&&await f.setDemonstratingProofOfPossessionNonce(T);else{let t=a(e.configurationName,r.storage,r.login_state_storage??r.storage);C=t.getLoginParams(),T&&await t.setDemonstratingProofOfPossessionNonce(T)}return await e.startCheckSessionAsync(l.checkSessionIframe,i,d,n),e.publishEvent(t.loginCallbackAsync_end,{}),{tokens:w,state:`request.state`,callbackPath:C.callbackPath,scope:u.scope,extras:C.extras}}catch(n){throw console.error(n),e.publishEvent(t.loginCallbackAsync_error,n),n}},Se={access_token:`access_token`,refresh_token:`refresh_token`},Ce=(e,t)=>{let n={};if(e){for(let[r,i]of Object.entries(e))if(r.endsWith(t)){let e=r.replace(t,``);n[e]=i}return n}return n},we=e=>{let t={};if(e){for(let[n,r]of Object.entries(e))n.includes(`:`)||(t[n]=r);return t}return t},Te=e=>async t=>{l.clearTimeout(e.timeoutId),e.timeoutId=null,e.checkSessionIFrame&&e.checkSessionIFrame.stop();let n=await $(e.configuration,e.configurationName);n?await n.clearAsync(t):await a(e.configurationName,e.configuration.storage,e.configuration.login_state_storage??e.configuration.storage).clearAsync(t),e.tokens=null,e.userInfo=null},Ee=(e,n,r,i,a)=>async(o=void 0,s=null)=>{let c=e.configuration,l=await e.initAsync(c.authority,c.authority_configuration);o&&typeof o!=`string`&&(o=void 0,i.warn(`callbackPathOrUrl path is not a string`));let u=o??a.getPath(),d=!1;o&&(d=o.includes(`https://`)||o.includes(`http://`));let f=d?o:a.getOrigin()+u,p=e.tokens?e.tokens.idToken:``;try{let t=l.revocationEndpoint;if(t){let n=[],i=e.tokens?e.tokens.accessToken:null;if(i&&c.logout_tokens_to_invalidate.includes(Se.access_token)){let e=Ce(s,`:revoke_access_token`),a=pe(r)(t,i,j.access_token,c.client_id,e);n.push(a)}let a=e.tokens?e.tokens.refreshToken:null;if(a&&c.logout_tokens_to_invalidate.includes(Se.refresh_token)){let e=Ce(s,`:revoke_refresh_token`),i=pe(r)(t,a,j.refresh_token,c.client_id,e);n.push(i)}n.length>0&&await Promise.all(n)}}catch(e){i.warn(`logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error`),i.warn(e)}let m=e.tokens?.idTokenPayload?.sub??null;await e.destroyAsync(`LOGGED_OUT`);for(let[,r]of Object.entries(n))r===e?e.publishEvent(t.logout_from_same_tab,{}):await e.logoutSameTabAsync(e.configuration.client_id,m);let h=Ce(s,`:oidc`);if(h&&h.no_reload===`true`)return;let g=we(s);if(l.endSessionEndpoint){`id_token_hint`in g||(g.id_token_hint=p),!(`post_logout_redirect_uri`in g)&&o!==null&&(g.post_logout_redirect_uri=f);let e=``;for(let[t,n]of Object.entries(g))n!=null&&(e===``?e+=`?`:e+=`&`,e+=`${t}=${encodeURIComponent(n)}`);a.open(`${l.endSessionEndpoint}${e}`)}else a.reload()},P=function(e){return e.AutomaticBeforeTokenExpiration=`AutomaticBeforeTokensExpiration`,e.AutomaticOnlyWhenFetchExecuted=`AutomaticOnlyWhenFetchExecuted`,e}({}),De=(e,t,n=!1)=>async(...r)=>{let[i,a,...o]=r,s=a?{...a}:{method:`GET`},c=new Headers;s.headers&&(c=s.headers instanceof Headers?s.headers:new Headers(s.headers));let l=(await Ve({getTokens:()=>t.tokens,configuration:{token_automatic_renew_mode:t.configuration.token_automatic_renew_mode,refresh_time_before_tokens_expiration_in_second:t.configuration.refresh_time_before_tokens_expiration_in_second},syncTokensInfoAsync:async()=>{let{status:e}=await B(t)(t.configuration,t.configurationName,t.tokens,!1);return e},renewTokensAsync:t.renewTokensAsync.bind(t)}))?.tokens?.accessToken;if(c.has(`Accept`)||c.set(`Accept`,`application/json`),l){if(t.configuration.demonstrating_proof_of_possession&&n){let e=await t.generateDemonstrationOfProofOfPossessionAsync(l,i.toString(),s.method);c.set(`Authorization`,`DPoP ${l}`),c.set(`DPoP`,e)}else c.set(`Authorization`,`Bearer ${l}`);s.credentials||=`same-origin`}return await e(i,{...s,headers:c},...o)},Oe=e=>async(t=!1,n=!1)=>{if(e.userInfo!=null&&!t)return e.userInfo;let r=!t&&e.configuration.storage?.getItem(`oidc.${e.configurationName}.userInfo`);if(r)return e.userInfo=JSON.parse(r),e.userInfo;let i=e.configuration,a=(await e.initAsync(i.authority,i.authority_configuration)).userInfoEndpoint,o=await(async()=>{let t=await De(fetch,e,n)(a);return t.status===200?t.json():null})();return e.userInfo=o,o&&e.configuration.storage?.setItem(`oidc.${e.configurationName}.userInfo`,JSON.stringify(o)),o},ke=()=>fetch,F=class{constructor(e){this.authorizationEndpoint=e.authorization_endpoint,this.tokenEndpoint=e.token_endpoint,this.revocationEndpoint=e.revocation_endpoint,this.userInfoEndpoint=e.userinfo_endpoint,this.checkSessionIframe=e.check_session_iframe,this.issuer=e.issuer,this.endSessionEndpoint=e.end_session_endpoint}},I={},Ae=(e,t=new O)=>(n,r=`default`)=>(I[r]||(I[r]=new L(n,r,e,t)),I[r]),je=async e=>{let{parsedTokens:t,callbackPath:n,extras:r,scope:i}=await e.loginCallbackAsync();return e.timeoutId=R(e,t.expiresAt,r,i),{callbackPath:n}},Me=e=>Math.floor(Math.random()*e),L=class e{constructor(e,t=`default`,n,r=new O){this.initPromise=null,this.tryKeepExistingSessionPromise=null,this.loginPromise=null,this.loginCallbackPromise=null,this.loginCallbackWithAutoTokensRenewPromise=null,this.userInfoPromise=null,this.renewTokensPromise=null,this.logoutPromise=null;let i=e.silent_login_uri;e.silent_redirect_uri&&!e.silent_login_uri&&(i=`${e.silent_redirect_uri.replace(`-callback`,``).replace(`callback`,``)}-login`);let a=e.refresh_time_before_tokens_expiration_in_second??120;a>60&&(a-=Math.floor(Math.random()*40)),this.location=r??new O,this.configuration={...e,silent_login_uri:i,token_automatic_renew_mode:e.token_automatic_renew_mode??P.AutomaticBeforeTokenExpiration,monitor_session:e.monitor_session??!1,refresh_time_before_tokens_expiration_in_second:a,silent_login_timeout:e.silent_login_timeout??12e3,token_renew_mode:e.token_renew_mode??H.access_token_or_id_token_invalid,demonstrating_proof_of_possession:e.demonstrating_proof_of_possession??!1,authority_timeout_wellknowurl_in_millisecond:e.authority_timeout_wellknowurl_in_millisecond??1e4,logout_tokens_to_invalidate:e.logout_tokens_to_invalidate??[`access_token`,`refresh_token`],service_worker_activate:e.service_worker_activate??se,demonstrating_proof_of_possession_configuration:e.demonstrating_proof_of_possession_configuration??v,preload_user_info:e.preload_user_info??!1},this.getFetch=n??ke,this.configurationName=t,this.tokens=null,this.userInfo=null,this.events=[],this.timeoutId=null,this.loginCallbackWithAutoTokensRenewAsync.bind(this),this.initAsync.bind(this),this.loginCallbackAsync.bind(this),this.subscribeEvents.bind(this),this.removeEventSubscription.bind(this),this.publishEvent.bind(this),this.destroyAsync.bind(this),this.logoutAsync.bind(this),this.renewTokensAsync.bind(this),this.initAsync(this.configuration.authority,this.configuration.authority_configuration)}subscribeEvents(e){let t=Me(9999999999999).toString();return this.events.push({id:t,func:e}),t}removeEventSubscription(e){let t=this.events.filter(t=>t.id!==e);this.events=t}publishEvent(e,t){this.events.forEach(n=>{n.func(e,t)})}static{this.getOrCreate=(e,t)=>(n,r=`default`)=>Ae(e,t)(n,r)}static get(e=`default`){let t=typeof process>`u`;if(!Object.prototype.hasOwnProperty.call(I,e)&&t)throw Error(`OIDC library does seem initialized.
+Please checkout that you are using OIDC hook inside a <OidcProvider configurationName="${e}"></OidcProvider> component.`);return I[e]}static{this.eventNames=t}_silentLoginCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){let e=this.location,t=N(e.getCurrentHref());window.parent.postMessage(`${this.configurationName}_oidc_tokens:${JSON.stringify({tokens:this.tokens,sessionState:t.session_state})}`,e.getOrigin())}}_silentLoginErrorCallbackFromIFrame(e=null){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){let t=this.location,n=N(t.getCurrentHref());n.error?window.parent.postMessage(`${this.configurationName}_oidc_error:${JSON.stringify({error:n.error})}`,t.getOrigin()):window.parent.postMessage(`${this.configurationName}_oidc_exception:${JSON.stringify({error:e==null?``:e.toString()})}`,t.getOrigin())}}async silentLoginCallbackAsync(){try{await this.loginCallbackAsync(!0),this._silentLoginCallbackFromIFrame()}catch(e){console.error(e),this._silentLoginErrorCallbackFromIFrame(e)}}async initAsync(e,t){if(this.initPromise!==null)return this.initPromise;let n=async()=>{if(t!=null)return new F({authorization_endpoint:t.authorization_endpoint,end_session_endpoint:t.end_session_endpoint,revocation_endpoint:t.revocation_endpoint,token_endpoint:t.token_endpoint,userinfo_endpoint:t.userinfo_endpoint,check_session_iframe:t.check_session_iframe,issuer:t.issuer});let n=await $(this.configuration,this.configurationName)?this.configuration.storage||window.sessionStorage:this.configuration.storage;return await fe(this.getFetch())(e,this.configuration.authority_time_cache_wellknowurl_in_second??3600,n,this.configuration.authority_timeout_wellknowurl_in_millisecond)};return this.initPromise=n(),this.initPromise.finally(()=>{this.initPromise=null})}async tryKeepExistingSessionAsync(){return this.tryKeepExistingSessionPromise===null?(this.tryKeepExistingSessionPromise=ce(this),this.tryKeepExistingSessionPromise.finally(()=>{this.tryKeepExistingSessionPromise=null})):this.tryKeepExistingSessionPromise}async startCheckSessionAsync(e,t,n,r=!1){await f(this,I,this.configuration)(e,t,n,r)}async loginAsync(e=void 0,t=null,n=!1,r=void 0,i=!1){return this.logoutPromise&&await this.logoutPromise,this.loginPromise===null?(i?this.loginPromise=d(window,this.configurationName,this.configuration,this.publishEvent.bind(this),this)(t,r):this.loginPromise=be(this.configurationName,this.configuration,this.publishEvent.bind(this),this.initAsync.bind(this),this.location)(e,t,n,r),this.loginPromise.finally(()=>{this.loginPromise=null})):this.loginPromise}async loginCallbackAsync(t=!1){if(this.loginCallbackPromise!==null)return this.loginCallbackPromise;let n=async()=>{let n=await xe(this)(t),r=n.tokens;return this.tokens=r,await $(this.configuration,this.configurationName)||a(this.configurationName,this.configuration.storage,this.configuration.login_state_storage??this.configuration.storage).setTokens(r),this.publishEvent(e.eventNames.token_acquired,r),this.configuration.preload_user_info&&await this.userInfoAsync(),{parsedTokens:r,state:n.state,callbackPath:n.callbackPath,scope:n.scope,extras:n.extras}};return this.loginCallbackPromise=n(),this.loginCallbackPromise.finally(()=>{this.loginCallbackPromise=null})}async generateDemonstrationOfProofOfPossessionAsync(e,t,n,r={}){let i=this.configuration,o={ath:await ne(e),...r};if(await $(i,this.configurationName))return`DPOP_SECURED_BY_OIDC_SERVICE_WORKER_${this.configurationName}#tabId=${Y(this.configurationName)}`;let s=a(this.configurationName,i.storage,i.login_state_storage??i.storage),c=await s.getDemonstratingProofOfPossessionJwkAsync(),l=s.getDemonstratingProofOfPossessionNonce();return l&&(o.nonce=l),await S(window)(i.demonstrating_proof_of_possession_configuration)(c,n,t,o)}loginCallbackWithAutoTokensRenewAsync(){return this.loginCallbackWithAutoTokensRenewPromise===null?(this.loginCallbackWithAutoTokensRenewPromise=je(this),this.loginCallbackWithAutoTokensRenewPromise.finally(()=>{this.loginCallbackWithAutoTokensRenewPromise=null})):this.loginCallbackWithAutoTokensRenewPromise}userInfoAsync(e=!1,t=!1){return this.userInfoPromise===null?(this.userInfoPromise=Oe(this)(e,t),this.userInfoPromise.finally(()=>{this.userInfoPromise=null})):this.userInfoPromise}async renewTokensAsync(e=null,t=null){if(this.renewTokensPromise!==null)return this.renewTokensPromise;if(this.timeoutId)return l.clearTimeout(this.timeoutId),this.renewTokensPromise=Pe(this,!0,e,t),this.renewTokensPromise.finally(()=>{this.renewTokensPromise=null})}async destroyAsync(e){return await Te(this)(e)}async logoutSameTabAsync(e,n){this.configuration.monitor_session&&this.configuration.client_id===e&&n&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===n&&(await this.destroyAsync(`LOGGED_OUT`),this.publishEvent(t.logout_from_same_tab,{mmessage:`SessionMonitor`,sub:n}))}async logoutOtherTabAsync(e,n){this.configuration.monitor_session&&this.configuration.client_id===e&&n&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===n&&(await this.destroyAsync(`LOGGED_OUT`),this.publishEvent(t.logout_from_another_tab,{message:`SessionMonitor`,sub:n}))}async logoutAsync(e=void 0,t=null){return this.logoutPromise?this.logoutPromise:(this.logoutPromise=Ee(this,I,this.getFetch(),console,this.location)(e,t),this.logoutPromise.finally(()=>{this.logoutPromise=null}))}};async function Ne(e,t,n,r=null){let{tokens:i,status:o}=await V(e)(t=>{e.tokens=t},0,0,t,n,r);return await $(e.configuration,e.configurationName)||a(e.configurationName,e.configuration.storage,e.configuration.login_state_storage??e.configuration.storage).setTokens(e.tokens),e.tokens?i:(await e.destroyAsync(o),null)}async function Pe(e,t=!1,n=null,r=null){let i=e.configuration,a=`${i.client_id}_${e.configurationName}_${i.authority}`,o,s=await $(e.configuration,e.configurationName);if(i?.storage===window?.sessionStorage&&!s||!navigator.locks)o=await Ne(e,t,n,r);else{let i=`retry`;for(;i===`retry`;)i=await navigator.locks.request(a,{ifAvailable:!0},async i=>i?await Ne(e,t,n,r):(e.publishEvent(L.eventNames.syncTokensAsync_lock_not_available,{lock:`lock not available`}),`retry`));o=i}return o?(e.timeoutId&&=R(e,e.tokens.expiresAt,n,r),e.tokens):null}var R=(e,t,n=null,r=null)=>{let i=e.configuration.refresh_time_before_tokens_expiration_in_second;return e.timeoutId&&l.clearTimeout(e.timeoutId),l.setTimeout(async()=>{let a={timeLeft:G(i,t)};e.publishEvent(L.eventNames.token_timer,a),await Pe(e,!1,n,r)},1e3)},z={FORCE_REFRESH:`FORCE_REFRESH`,SESSION_LOST:`SESSION_LOST`,NOT_CONNECTED:`NOT_CONNECTED`,TOKENS_VALID:`TOKENS_VALID`,TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:`TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID`,TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID:`TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID`,LOGOUT_FROM_ANOTHER_TAB:`LOGOUT_FROM_ANOTHER_TAB`,REQUIRE_SYNC_TOKENS:`REQUIRE_SYNC_TOKENS`,TOKENS_INVALID:`TOKENS_INVALID`},B=e=>async(t,n,r,i=!1)=>{let o={nonce:null};if(!r)return{tokens:null,status:z.NOT_CONNECTED,nonce:o};let s,c=await e.initAsync(t.authority,t.authority_configuration),l=await $(t,n);if(l){let{status:e,tokens:n}=await l.initAsync(c,`syncTokensAsync`,t);if(e===`LOGGED_OUT`)return{tokens:null,status:z.LOGOUT_FROM_ANOTHER_TAB,nonce:o};if(e===`SESSIONS_LOST`)return{tokens:null,status:z.SESSION_LOST,nonce:o};if(!e||!n)return{tokens:null,status:z.REQUIRE_SYNC_TOKENS,nonce:o};if(n.issuedAt!==r.issuedAt)return{tokens:n,status:G(t.refresh_time_before_tokens_expiration_in_second,n.expiresAt)>0?z.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:z.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID,nonce:await l.getNonceAsync()};s=await l.getNonceAsync()}else{let i=a(n,t.storage??sessionStorage,t.login_state_storage??t.storage??sessionStorage),c=await i.initAsync(),{tokens:l}=c,{status:u}=c;if(l&&=U(l,e.tokens,t.token_renew_mode),!l)return{tokens:null,status:z.LOGOUT_FROM_ANOTHER_TAB,nonce:o};if(u===`SESSIONS_LOST`)return{tokens:null,status:z.SESSION_LOST,nonce:o};if(l.issuedAt!==r.issuedAt){let e=G(t.refresh_time_before_tokens_expiration_in_second,l.expiresAt)>0?z.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:z.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID,n=await i.getNonceAsync();return{tokens:l,status:e,nonce:n}}s=await i.getNonceAsync()}let u=G(t.refresh_time_before_tokens_expiration_in_second,r.expiresAt)>0?`TOKENS_VALID`:`TOKENS_INVALID`;return i?{tokens:r,status:`FORCE_REFRESH`,nonce:s}:{tokens:r,status:u,nonce:s}},V=e=>async(n,r=0,i=0,o=!1,s=null,c=null)=>{if(!navigator.onLine&&document.hidden)return{tokens:e.tokens,status:`GIVE_UP`};let l=6,d=o?2:5;for(;!navigator.onLine&&l>0;)await q({milliseconds:1e3}),l--,e.publishEvent(t.refreshTokensAsync,{message:`wait because navigator is offline try ${l}`});let f=document.hidden,p=f?r:r+1,m=f?i+1:i;if(r>=d||i>=5)return n(null),e.publishEvent(t.refreshTokensAsync_error,{message:`refresh token`}),{tokens:null,status:`SESSION_LOST`};s||={};let h=e.configuration,g=(t,n=null,r=null)=>u(e.configurationName,e.configuration,e.publishEvent.bind(e))(t,n,r),_=async()=>{try{let r,i=await $(h,e.configurationName);r=i?i.getLoginParams():a(e.configurationName,h.storage,h.login_state_storage??h.storage).getLoginParams();let o={};if(r&&r.extras)for(let[e,t]of Object.entries(r.extras))t!=null&&(o[e]=t);if(s)for(let[e,t]of Object.entries(s))t!=null&&(o[e]=t);o.prompt=`none`,c&&(o.scope=c);let l=await g(o);return l?l.error?(n(null),e.publishEvent(t.refreshTokensAsync_error,{message:`refresh token silent`}),{tokens:null,status:`SESSION_LOST`}):(n(l.tokens),e.publishEvent(L.eventNames.token_renewed,{}),{tokens:l.tokens,status:`LOGGED`}):(n(null),e.publishEvent(t.refreshTokensAsync_error,{message:`refresh token silent not active`}),{tokens:null,status:`SESSION_LOST`})}catch(r){return console.error(r),e.publishEvent(t.refreshTokensAsync_silent_error,{message:`exceptionSilent`,exception:r.message}),await V(e)(n,p,m,o,s,c)}};try{let{status:l,tokens:u,nonce:d}=await B(e)(h,e.configurationName,e.tokens,o);switch(l){case z.SESSION_LOST:return n(null),e.publishEvent(t.refreshTokensAsync_error,{message:`refresh token session lost`}),{tokens:null,status:`SESSION_LOST`};case z.NOT_CONNECTED:return n(null),{tokens:null,status:null};case z.TOKENS_VALID:return n(u),{tokens:u,status:`LOGGED_IN`};case z.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID:return n(u),e.publishEvent(L.eventNames.token_renewed,{reason:`TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID`}),{tokens:u,status:`LOGGED_IN`};case z.LOGOUT_FROM_ANOTHER_TAB:return n(null),e.publishEvent(t.logout_from_another_tab,{status:`session syncTokensAsync`}),{tokens:null,status:`LOGGED_OUT`};case z.REQUIRE_SYNC_TOKENS:return h.token_automatic_renew_mode==P.AutomaticOnlyWhenFetchExecuted&&!o?(e.publishEvent(t.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:`GIVE_UP`}):(e.publishEvent(t.refreshTokensAsync_begin,{tryNumber:r}),await _());default:{if(h.token_automatic_renew_mode==P.AutomaticOnlyWhenFetchExecuted&&z.FORCE_REFRESH!==l)return e.publishEvent(t.tokensInvalidAndWaitingActionsToRefresh,{}),{tokens:e.tokens,status:`GIVE_UP`};if(e.publishEvent(t.refreshTokensAsync_begin,{refreshToken:u.refreshToken,status:l,tryNumber:r,backgroundTry:i}),!u.refreshToken)return await _();let f=h.client_id,g=h.redirect_uri,v=h.authority,y={...h.token_request_extras?h.token_request_extras:{}};for(let[e,t]of Object.entries(s))e.endsWith(`:token_request`)&&(y[e.replace(`:token_request`,``)]=t);return await(async()=>{let r={client_id:f,redirect_uri:g,grant_type:`refresh_token`,refresh_token:u.refreshToken},i=await e.initAsync(v,h.authority_configuration),l=document.hidden?1e4:3e4*10,_=i.tokenEndpoint,b={};h.demonstrating_proof_of_possession&&(b.DPoP=await e.generateDemonstrationOfProofOfPossessionAsync(u.accessToken,_,`POST`));let x=await me(e.getFetch())(_,r,y,u,b,h.token_renew_mode,l);if(x.success){let{isValid:r,reason:o}=He(x.data,d.nonce,i);if(!r)return n(null),e.publishEvent(t.refreshTokensAsync_error,{message:`refresh token return not valid tokens, reason: ${o}`}),{tokens:null,status:`SESSION_LOST`};if(n(x.data),x.demonstratingProofOfPossessionNonce){let t=await $(h,e.configurationName);t?await t.setDemonstratingProofOfPossessionNonce(x.demonstratingProofOfPossessionNonce):await a(e.configurationName,h.storage,h.login_state_storage??h.storage).setDemonstratingProofOfPossessionNonce(x.demonstratingProofOfPossessionNonce)}return e.publishEvent(t.refreshTokensAsync_end,{success:x.success}),e.publishEvent(L.eventNames.token_renewed,{reason:`REFRESH_TOKEN`}),{tokens:x.data,status:`LOGGED_IN`}}else return e.publishEvent(t.refreshTokensAsync_silent_error,{message:`bad request`,tokenResponse:x}),x.status>=400&&x.status<500?(n(null),e.publishEvent(t.refreshTokensAsync_error,{message:`session lost: ${x.status}`}),{tokens:null,status:`SESSION_LOST`}):await V(e)(n,p,m,o,s,c)})()}}}catch(r){return console.error(r),e.publishEvent(t.refreshTokensAsync_silent_error,{message:`exception`,exception:r.message}),new Promise((t,r)=>{setTimeout(()=>{V(e)(n,p,m,o,s,c).then(t).catch(r)},1e3)})}},Fe=e=>decodeURIComponent(Array.prototype.map.call(atob(e),e=>`%`+(`00`+e.charCodeAt(0).toString(16)).slice(-2)).join(``)),Ie=e=>JSON.parse(Fe(e.replaceAll(/-/g,`+`).replaceAll(/_/g,`/`))),Le=e=>{try{return e&&Re(e,`.`)===2?Ie(e.split(`.`)[1]):null}catch(e){console.warn(e)}return null},Re=(e,t)=>e.split(t).length-1,H={access_token_or_id_token_invalid:`access_token_or_id_token_invalid`,access_token_invalid:`access_token_invalid`,id_token_invalid:`id_token_invalid`};function ze(e,t,n){return e.issuedAt?typeof e.issuedAt==`string`?parseInt(e.issuedAt,10):e.issuedAt:t&&t.iat?t.iat:n&&n.iat?n.iat:new Date().getTime()/1e3}var U=(e,t=null,n)=>{if(!e)return null;let r,i=typeof e.expiresIn==`string`?parseInt(e.expiresIn,10):e.expiresIn;r=e.accessTokenPayload===void 0?Le(e.accessToken):e.accessTokenPayload;let a;a=t!=null&&`idToken`in t&&!(`idToken`in e)?t.idToken:e.idToken;let o=e.idTokenPayload?e.idTokenPayload:Le(a),s=o&&o.exp?o.exp:Number.MAX_VALUE,c=r&&r.exp?r.exp:e.issuedAt+i;e.issuedAt=ze(e,r,o);let l;l=e.expiresAt?e.expiresAt:n===H.access_token_invalid?c:n===H.id_token_invalid||s<c?s:c;let u={...e,idTokenPayload:o,accessTokenPayload:r,expiresAt:l,idToken:a};if(t!=null&&`refreshToken`in t&&!(`refreshToken`in e)){let e=t.refreshToken;return{...u,refreshToken:e}}return u},W=(e,t,n)=>{if(!e)return null;e.issued_at||=new Date().getTime()/1e3;let r={accessToken:e.access_token,expiresIn:e.expires_in,idToken:e.id_token,scope:e.scope,tokenType:e.token_type,issuedAt:e.issued_at};return`refresh_token`in e&&(r.refreshToken=e.refresh_token),e.accessTokenPayload!==void 0&&(r.accessTokenPayload=e.accessTokenPayload),e.idTokenPayload!==void 0&&(r.idTokenPayload=e.idTokenPayload),U(r,t,n)},G=(e,t)=>{let n=t-new Date().getTime()/1e3;return Math.round(n-e)},Be=(e,t=0)=>e?G(t,e.expiresAt)>0:!1,Ve=async(e,t=200,n=50)=>{let r=n,i=await e.syncTokensInfoAsync();for(;[z.REQUIRE_SYNC_TOKENS,z.TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID,z.TOKENS_INVALID].includes(i)&&r>0;){if(e.configuration.token_automatic_renew_mode==P.AutomaticOnlyWhenFetchExecuted){await e.renewTokensAsync({});break}else await q({milliseconds:t});--r,i=await e.syncTokensInfoAsync()}return{isTokensValid:Be(e.getTokens()),tokens:e.getTokens(),numberWaited:r-n}},He=(e,t,n)=>{if(e.idTokenPayload){let r=e.idTokenPayload;if(n.issuer!==r.iss)return{isValid:!1,reason:`Issuer does not match (oidcServerConfiguration issuer) ${n.issuer} !== (idTokenPayload issuer) ${r.iss}`};let i=new Date().getTime()/1e3;if(r.exp&&r.exp<i)return{isValid:!1,reason:`Token expired (idTokenPayload exp) ${r.exp} < (currentTimeUnixSecond) ${i}`};let a=3600*24*7;if(r.iat&&r.iat+a<i)return{isValid:!1,reason:`Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${r.iat+a} < (currentTimeUnixSecond) ${i}`};if(r.nonce&&r.nonce!==t)return{isValid:!1,reason:`Nonce does not match (idTokenPayload nonce) ${r.nonce} !== (nonce) ${t}`}}return{isValid:!0,reason:``}},Ue=`7.27.13`,We=null,K,q=({milliseconds:e})=>new Promise(t=>l.setTimeout(t,e)),Ge=(e=`/`)=>{try{K=new AbortController,fetch(`${e}OidcKeepAliveServiceWorker.json?minSleepSeconds=150`,{signal:K.signal}).catch(e=>{console.log(e)}),q({milliseconds:150*1e3}).then(()=>Ge(e))}catch(e){console.log(e)}},J=()=>{K&&K.abort()},Y=e=>{let t=`oidc.tabId.${e}`,n=sessionStorage.getItem(t);if(n)return n;let r=globalThis.crypto.randomUUID();return sessionStorage.setItem(t,r),r},Ke=e=>navigator.serviceWorker.controller??e.active??e.waiting??e.installing??null,X=(e,t)=>n=>{let r=t?.timeoutMs??5e3;return new Promise((t,i)=>{let a=Ke(e);if(!a){i(Error(`Service worker target not available (controller/active/waiting/installing missing)`));return}let o=new MessageChannel,s=null,c=()=>{try{s!=null&&(l.clearTimeout(s),s=null),o.port1.onmessage=null,o.port1.close(),o.port2.close()}catch(e){console.error(e)}};s=l.setTimeout(()=>{c(),i(Error(`Service worker did not respond within ${r}ms (type=${n?.type})`))},r),o.port1.onmessage=e=>{c(),e?.data?.error?i(e.data.error):t(e.data)};try{let e=n?.configurationName;a.postMessage({...n,tabId:Y(e??`default`)},[o.port2])}catch(e){c(),i(e)}})},qe=async e=>navigator.serviceWorker.controller?navigator.serviceWorker.controller:new Promise(t=>{let n=!1,r=()=>{n||(n=!0,navigator.serviceWorker.removeEventListener(`controllerchange`,r),t(navigator.serviceWorker.controller??null))};navigator.serviceWorker.addEventListener(`controllerchange`,r),l.setTimeout(()=>{n||(n=!0,navigator.serviceWorker.removeEventListener(`controllerchange`,r),t(navigator.serviceWorker.controller??null))},e)}),Je=!1,Z=!1,Q=new Map,Ye=`oidc.sw.controllerchange_reload_count`,Xe=3,Ze=()=>{try{return parseInt(sessionStorage.getItem(Ye)??`0`,10)}catch{return 0}},Qe=()=>{let e=Ze()+1;try{sessionStorage.setItem(Ye,String(e))}catch{}return e},$e=()=>{try{sessionStorage.removeItem(Ye)}catch{}},$=async(e,t)=>{let n=e.service_worker_relative_url;if(typeof window>`u`||typeof navigator>`u`||!navigator.serviceWorker||!n||e.service_worker_activate()===!1)return null;let r=`${n}?v=${Ue}`,i=null;e.service_worker_register?(Q.has(n)||Q.set(n,e.service_worker_register(n)),i=await Q.get(n)):(Q.has(r)||Q.set(r,navigator.serviceWorker.register(r,{updateViaCache:`none`})),i=await Q.get(r));let a=`oidc.sw.version_mismatch_reload.${t}`,o=async e=>{J(),console.log(`New SW waiting – SKIP_WAITING`);try{await new Promise((n,r)=>{let i=new MessageChannel,a=null,o=()=>{try{a!=null&&(l.clearTimeout(a),a=null),i.port1.onmessage=null,i.port1.close(),i.port2.close()}catch(e){console.error(e)}};a=l.setTimeout(()=>{o(),r(Error(`SKIP_WAITING did not respond within 8000ms`))},8e3),i.port1.onmessage=e=>{o(),e?.data?.error?r(e.data.error):n()};try{e.postMessage({type:`SKIP_WAITING`,configurationName:t,data:null,tabId:Y(t??`default`)},[i.port2])}catch(e){o(),r(e)}})}catch(e){console.warn(`SKIP_WAITING failed`,e)}},s=async()=>{let e=i.waiting;e?await o(e):console.warn(`sendSkipWaiting called but no waiting service worker found`)},c=e=>{J(),e.addEventListener(`statechange`,async()=>{if(e.state===`installed`&&navigator.serviceWorker.controller){if(Ze()>=Xe){console.warn(`SW trackInstallingWorker: skipping SKIP_WAITING because the reload budget is exhausted`);return}await o(e)}})};i.addEventListener(`updatefound`,()=>{let e=i.installing;e&&c(e)}),i.installing?c(i.installing):i.waiting&&navigator.serviceWorker.controller&&(Ze()<Xe?s():console.warn(`SW: a waiting worker exists but reload budget is exhausted – skipping activation`)),i.update().catch(e=>{console.error(e)});try{await navigator.serviceWorker.ready,navigator.serviceWorker.controller||(await X(i,{timeoutMs:8e3})({type:`claim`,configurationName:t,data:null}),await qe(2e3))}catch(e){return console.warn(`Failed init ServiceWorker ${e?.toString?.()??String(e)}`),null}Je||(Je=!0,navigator.serviceWorker.addEventListener(`controllerchange`,()=>{if(Z)return;let e=Qe();if(e>Xe){console.warn(`SW controllerchange: reload budget exhausted (${e-1} reloads). Skipping reload to avoid infinite loop.`);return}Z=!0,console.log(`SW controller changed – reloading page`),J(),window.location.reload()}));let u=async e=>X(i)({type:`clear`,data:{status:e},configurationName:t}),d=async(e,n,r)=>{let o=await X(i)({type:`init`,data:{oidcServerConfiguration:e,where:n,oidcConfiguration:{token_renew_mode:r.token_renew_mode,service_worker_convert_all_requests_to_cors:r.service_worker_convert_all_requests_to_cors}},configurationName:t}),c=o.version;if(c!==`7.27.13`){console.warn(`Service worker ${c} version mismatch with js client version ${Ue}, unregistering and reloading`);let e=parseInt(sessionStorage.getItem(a)??`0`,10);if(e<3){if(sessionStorage.setItem(a,String(e+1)),i.waiting)return await s(),await q({milliseconds:500}),Z||(Z=!0,window.location.reload()),new Promise(()=>{});{J();try{await i.update()}catch(e){console.error(e)}let e=await i.unregister();return console.log(`Service worker unregistering ${e}`),await q({milliseconds:500}),Z||(Z=!0,window.location.reload()),new Promise(()=>{})}}else console.error(`Service worker version mismatch persists after ${e} attempt(s). Continuing with mismatched version.`)}else sessionStorage.removeItem(a),$e();return{tokens:W(o.tokens,null,r.token_renew_mode),status:o.status}},f=(e=`/`)=>{We??(We=`not_null`,Ge(e))},p=e=>X(i)({type:`setSessionState`,data:{sessionState:e},configurationName:t}),m=async()=>(await X(i)({type:`getSessionState`,data:null,configurationName:t})).sessionState,h=e=>(sessionStorage[`oidc.nonce.${t}`]=e.nonce,X(i)({type:`setNonce`,data:{nonce:e},configurationName:t})),g=async(e=!0)=>{let n=(await X(i)({type:`getNonce`,data:null,configurationName:t})).nonce;return n||(n=sessionStorage[`oidc.nonce.${t}`],console.warn(`nonce not found in service worker, using sessionStorage`),e&&(await h(n),n=(await g(!1)).nonce)),{nonce:n}},_={},v=e=>{if(e==null){delete _[t],delete localStorage[`oidc.login.${t}`];return}_[t]=e,localStorage[`oidc.login.${t}`]=JSON.stringify(e)},y=()=>{if(_[t])return _[t];let e=localStorage[`oidc.login.${t}`];if(typeof e!=`string`||e===``||e===`undefined`||e===`null`)return null;try{_[t]=JSON.parse(e)}catch{return null}return _[t]},b=async e=>{await X(i)({type:`setDemonstratingProofOfPossessionNonce`,data:{demonstratingProofOfPossessionNonce:e},configurationName:t})},x=async()=>(await X(i)({type:`getDemonstratingProofOfPossessionNonce`,data:null,configurationName:t})).demonstratingProofOfPossessionNonce,ee=async e=>{let n=JSON.stringify(e);await X(i)({type:`setDemonstratingProofOfPossessionJwk`,data:{demonstratingProofOfPossessionJwkJson:n},configurationName:t})},S=async()=>{let e=await X(i)({type:`getDemonstratingProofOfPossessionJwk`,data:null,configurationName:t});return e.demonstratingProofOfPossessionJwkJson?JSON.parse(e.demonstratingProofOfPossessionJwkJson):null},C=async(e=!0)=>{let n=(await X(i)({type:`getState`,data:null,configurationName:t})).state;return n||(n=sessionStorage[`oidc.state.${t}`],console.warn(`state not found in service worker, using sessionStorage`),e&&(await w(n),n=await C(!1))),n},w=async e=>(sessionStorage[`oidc.state.${t}`]=e,X(i)({type:`setState`,data:{state:e},configurationName:t})),T=async(e=!0)=>{let n=(await X(i)({type:`getCodeVerifier`,data:null,configurationName:t})).codeVerifier;return n||(n=sessionStorage[`oidc.code_verifier.${t}`],console.warn(`codeVerifier not found in service worker, using sessionStorage`),e&&(await E(n),n=await T(!1))),n},E=async e=>(sessionStorage[`oidc.code_verifier.${t}`]=e,X(i)({type:`setCodeVerifier`,data:{codeVerifier:e},configurationName:t}));return{clearAsync:u,initAsync:d,startKeepAliveServiceWorker:()=>f(e.service_worker_keep_alive_path),setSessionStateAsync:p,getSessionStateAsync:m,setNonceAsync:h,getNonceAsync:g,setLoginParams:v,getLoginParams:y,getStateAsync:C,setStateAsync:w,getCodeVerifierAsync:T,setCodeVerifierAsync:E,setDemonstratingProofOfPossessionNonce:b,getDemonstratingProofOfPossessionNonce:x,setDemonstratingProofOfPossessionJwkAsync:ee,getDemonstratingProofOfPossessionJwkAsync:S,signalAsync:(e,n)=>X(i,n)({...e,configurationName:e.configurationName??t})}},et=async(e,t,n,r)=>{let i=await $(e,t);if(!i)throw Error(`signalServiceWorkerAsync: no service worker registered for configuration "${t}"`);return i.signalAsync(n,r)},tt=class e{constructor(e){this._oidc=e}subscribeEvents(e){return this._oidc.subscribeEvents(e)}removeEventSubscription(e){this._oidc.removeEventSubscription(e)}publishEvent(e,t){this._oidc.publishEvent(e,t)}static{this.getOrCreate=(t,n=new O)=>(r,i=`default`)=>new e(L.getOrCreate(t,n)(r,i))}static get(t=`default`){return new e(L.get(t))}static{this.eventNames=L.eventNames}tryKeepExistingSessionAsync(){return this._oidc.tryKeepExistingSessionAsync()}loginAsync(e=void 0,t=null,n=!1,r=void 0,i=!1){return this._oidc.loginAsync(e,t,n,r,i)}logoutAsync(e=void 0,t=null){return this._oidc.logoutAsync(e,t)}silentLoginCallbackAsync(){return this._oidc.silentLoginCallbackAsync()}renewTokensAsync(e=null,t=null){return this._oidc.renewTokensAsync(e,t)}loginCallbackAsync(){return this._oidc.loginCallbackWithAutoTokensRenewAsync()}get tokens(){return this._oidc.tokens}get configuration(){return this._oidc.configuration}async generateDemonstrationOfProofOfPossessionAsync(e,t,n,r={}){return this._oidc.generateDemonstrationOfProofOfPossessionAsync(e,t,n,r)}async getValidTokenAsync(e=200,t=50){let n=this._oidc;return Ve({getTokens:()=>n.tokens,configuration:{token_automatic_renew_mode:n.configuration.token_automatic_renew_mode,refresh_time_before_tokens_expiration_in_second:n.configuration.refresh_time_before_tokens_expiration_in_second},syncTokensInfoAsync:async()=>{let{status:e}=await B(n)(n.configuration,n.configurationName,n.tokens,!1);return e},renewTokensAsync:n.renewTokensAsync.bind(n)},e,t)}fetchWithTokens(e,t=!1){return De(e,this._oidc,t)}async userInfoAsync(e=!1,t=!1){return this._oidc.userInfoAsync(e,t)}userInfo(){return this._oidc.userInfo}async signalServiceWorker(e,t){return et(this._oidc.configuration,this._oidc.configurationName,e,t)}},nt=`1.0.0`,rt={SKIP_WAITING:`SKIP_WAITING`,CLAIM:`claim`,CLEAR:`clear`,INIT:`init`,SET_STATE:`setState`,GET_STATE:`getState`,SET_CODE_VERIFIER:`setCodeVerifier`,GET_CODE_VERIFIER:`getCodeVerifier`,SET_SESSION_STATE:`setSessionState`,GET_SESSION_STATE:`getSessionState`,SET_NONCE:`setNonce`,GET_NONCE:`getNonce`,SET_DPOP_NONCE:`setDemonstratingProofOfPossessionNonce`,GET_DPOP_NONCE:`getDemonstratingProofOfPossessionNonce`,SET_DPOP_JWK:`setDemonstratingProofOfPossessionJwk`,GET_DPOP_JWK:`getDemonstratingProofOfPossessionJwk`},it={ACCESS_TOKEN:`ACCESS_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER`,REFRESH_TOKEN:`REFRESH_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER`,NONCE_TOKEN:`NONCE_SECURED_BY_OIDC_SERVICE_WORKER`,CODE_VERIFIER:`CODE_VERIFIER_SECURED_BY_OIDC_SERVICE_WORKER`},at=`DPOP_SECURED_BY_OIDC_SERVICE_WORKER`;e.DPOP_TOKEN_PLACEHOLDER_PREFIX=at,e.OidcClient=tt,e.OidcLocation=O,e.PROTOCOL_VERSION=nt,e.STORAGE_KEY_PREFIX={TAB_ID:`oidc.tabId.`,STATE:`oidc.state.`,NONCE:`oidc.nonce.`,CODE_VERIFIER:`oidc.code_verifier.`,LOGIN_PARAMS:`oidc.login.`,SW_VERSION_MISMATCH_RELOAD:`oidc.sw.version_mismatch_reload.`},e.SW_CONTROLLER_CHANGE_RELOAD_COUNT_KEY=`oidc.sw.controllerchange_reload_count`,e.ServiceWorkerMessageType=rt,e.TOKEN_PLACEHOLDERS=it,e.TokenAutomaticRenewMode=P,e.TokenRenewMode=H,e.buildDpopSecuredPlaceholder=(e,t=`default`)=>`${at}_${e}#tabId=${t}`,e.buildSecuredTokenPlaceholder=(e,t,n=`default`)=>`${e}_${t}#tabId=${n}`,e.buildStorageKey=(e,t)=>`${e}${t}`,e.getFetchDefault=ke,e.getParseQueryStringFromLocation=N,e.getPath=ve,e.isServiceWorkerMessageType=e=>typeof e==`string`?Object.values(rt).includes(e):!1,e.signalServiceWorkerAsync=et});

package/dist/initWorker.d.ts CHANGED Viewed

@@ -1,5 +1,16 @@
 import { ILOidcLocation } from './location';
 import { OidcConfiguration } from './types.js';
+export declare const DEFAULT_SW_MESSAGE_TIMEOUT_MS = 5000;
+export interface ServiceWorkerSignalMessage {
+    type: string;
+    configurationName?: string;
+    data?: unknown;
+    tabId?: string;
+    [key: string]: unknown;
+}
+export interface ServiceWorkerSignalOptions {
+    timeoutMs?: number;
+}
 export declare const sleepAsync: ({ milliseconds }: {
     milliseconds: any;
 }) => Promise<unknown>;
@@ -28,5 +39,16 @@ export declare const initWorkerAsync: (configuration: OidcConfiguration, configu
     getDemonstratingProofOfPossessionNonce: () => Promise<any>;
     setDemonstratingProofOfPossessionJwkAsync: (demonstratingProofOfPossessionJwk: JsonWebKey) => Promise<void>;
     getDemonstratingProofOfPossessionJwkAsync: () => Promise<any>;
+    signalAsync: (message: ServiceWorkerSignalMessage, options?: ServiceWorkerSignalOptions) => Promise<any>;
 }>;
+/**
+ * Sends a typed message to the OIDC service worker for the given
+ * configuration. Wraps `MessageChannel` setup, request/response correlation
+ * and timeouts.
+ *
+ * Resolves with the SW response, rejects on timeout or when no SW is
+ * registered for the configuration. The provided `configurationName` is
+ * used when the message itself does not carry one.
+ */
+export declare const signalServiceWorkerAsync: (configuration: OidcConfiguration, configurationName: string, message: ServiceWorkerSignalMessage, options?: ServiceWorkerSignalOptions) => Promise<any>;
 //# sourceMappingURL=initWorker.d.ts.map

package/dist/initWorker.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"initWorker.d.ts","sourceRoot":"","sources":["../src/initWorker.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAG5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;~~AAM~~/C,eAAO,MAAM,UAAU,GAAI,kBAAkB;IAAE,YAAY,EAAE,GAAG,CAAA;CAAE,qBAEjE,CAAC;AA4BF,eAAO,MAAM,yCAAyC,GACnD,UAAU,cAAc,MAAY,cAAc,GAAG,EAAE,eAAe,MAAM,IAAI,kBAOhF,CAAC;AAEJ,eAAO,MAAM,QAAQ,GAAI,mBAAmB,MAAM,WAQjD,CAAC;~~AA6IF~~,eAAO,MAAM,eAAe,GAC1B,eAAe,iBAAiB,EAChC,mBAAmB,MAAM;;6EAkNJ,iBAAiB;;;;;yCAkFM,MAAM;;;+BA2BX,OAAO;;;;;+BAkGP,OAAO;2BAoBV,MAAM;sCASI,OAAO;yCAoBH,MAAM;kFA1FjB,MAAM;;mFAmBR,UAAU;;~~EAoGhD~~,CAAC"}
1	+ {"version":3,"file":"initWorker.d.ts","sourceRoot":"","sources":["../src/initWorker.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAG5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAG/C,eAAO,MAAM,6BAA6B,OAAO,CAAC;AAElD,MAAM,WAAW,0BAA0B;IACzC,IAAI,EAAE,MAAM,CAAC;IACb,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,0BAA0B;IACzC,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAKD,eAAO,MAAM,UAAU,GAAI,kBAAkB;IAAE,YAAY,EAAE,GAAG,CAAA;CAAE,qBAEjE,CAAC;AA4BF,eAAO,MAAM,yCAAyC,GACnD,UAAU,cAAc,MAAY,cAAc,GAAG,EAAE,eAAe,MAAM,IAAI,kBAOhF,CAAC;AAEJ,eAAO,MAAM,QAAQ,GAAI,mBAAmB,MAAM,WAQjD,CAAC;AA2IF,eAAO,MAAM,eAAe,GAC1B,eAAe,iBAAiB,EAChC,mBAAmB,MAAM;;6EAkNJ,iBAAiB;;;;;yCAkFM,MAAM;;;+BA2BX,OAAO;;;;;+BAkGP,OAAO;2BAoBV,MAAM;sCASI,OAAO;yCAoBH,MAAM;kFA1FjB,MAAM;;mFAmBR,UAAU;;2BAiFpC,0BAA0B,YACzB,0BAA0B,KACnC,OAAO,CAAC,GAAG,CAAC;EA8BhB,CAAC;AAEF;;;;;;;;GAQG;AACH,eAAO,MAAM,wBAAwB,GACnC,eAAe,iBAAiB,EAChC,mBAAmB,MAAM,EACzB,SAAS,0BAA0B,EACnC,UAAU,0BAA0B,KACnC,OAAO,CAAC,GAAG,CAQb,CAAC"}

package/dist/oidc.d.ts CHANGED Viewed

@@ -72,6 +72,7 @@ export declare class Oidc {
         syncTokensAsync_end: string;
         syncTokensAsync_error: string;
         tokensInvalidAndWaitingActionsToRefresh: string;
+        loadingTimeout_error: string;
     };
     _silentLoginCallbackFromIFrame(): void;
     _silentLoginErrorCallbackFromIFrame(exception?: any): void;

package/dist/oidc.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["../src/oidc.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAW7D,OAAO,EAAE,cAAc,EAAgB,MAAM,YAAY,CAAC;AAG1D,OAAO,EAAkB,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAM1D,OAAO,EACL,sBAAsB,EACtB,KAAK,EACL,iBAAiB,EACjB,SAAS,EAEV,MAAM,YAAY,CAAC;AAGpB,eAAO,MAAM,eAAe,oBAE3B,CAAC;AAEF,MAAM,WAAW,yCAAyC;IACxD,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,qBAAa,qCAAqC;IAChD,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,qBAAqB,CAAS;IACtC,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,kBAAkB,CAAS;gBAEvB,OAAO,EAAE,GAAG;CASzB;AAYD,MAAM,MAAM,aAAa,GAAG;IAC1B,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,SAAS,CAAC;CACnB,CAAC;AAYF,qBAAa,IAAI;IACR,aAAa,EAAE,iBAAiB,CAAC;IACjC,QAAQ,EAAE,IAAI,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,QAAQ,EAAE,MAAM,KAAK,CAAC;IACtB,QAAQ,EAAE,cAAc,CAAC;gBAE9B,aAAa,EAAE,iBAAiB,EAChC,iBAAiB,QAAY,EAC7B,QAAQ,EAAE,MAAM,KAAK,EACrB,QAAQ,GAAE,cAAmC;IAyD/C,eAAe,CAAC,IAAI,KAAA,GAAG,MAAM;IAM7B,uBAAuB,CAAC,EAAE,KAAA,GAAG,IAAI;IAKjC,YAAY,CAAC,SAAS,KAAA,EAAE,IAAI,KAAA;IAM5B,MAAM,CAAC,WAAW,GACf,UAAU,MAAM,KAAK,EAAE,UAAU,cAAc,MAC/C,kBAAa,EAAE,aAAgB,SAE9B;IAEJ,MAAM,CAAC,GAAG,CAAC,IAAI,SAAY;IAS3B,MAAM,CAAC,UAAU~~;;;;;;;;;;;;;;;;;;;;;;;;;;;;;~~MAAc;IAE/B,8BAA8B;IAW9B,mCAAmC,CAAC,SAAS,MAAO;IAkB9C,wBAAwB;IAU9B,WAAW,MAAQ;IACb,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,sBAAsB,EAAE,sBAAsB;IAsCjF,6BAA6B,MAAQ;IAC/B,2BAA2B,IAAI,OAAO,CAAC,OAAO,CAAC;IAU/C,sBAAsB,CAC1B,qBAAqB,KAAA,EACrB,QAAQ,KAAA,EACR,YAAY,KAAA,EACZ,cAAc,UAAQ;IAUxB,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC,CAAQ;IAChC,UAAU,CACd,YAAY,GAAE,MAAkB,EAChC,MAAM,GAAE,SAAgB,EACxB,cAAc,UAAQ,EACtB,KAAK,GAAE,MAAkB,EACzB,eAAe,UAAQ;IA+BzB,oBAAoB,EAAE,OAAO,CAAC,GAAG,CAAC,CAAQ;IACpC,kBAAkB,CAAC,aAAa,UAAQ;IAuCxC,6CAA6C,CACjD,WAAW,EAAE,MAAM,EACnB,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,MAAM,EACd,MAAM,GAAE,SAAc,GACrB,OAAO,CAAC,MAAM,CAAC;IA8BlB,uCAAuC,EAAE,OAAO,CAAC,aAAa,CAAC,CAAQ;IACvE,qCAAqC,IAAI,OAAO,CAAC,aAAa,CAAC;IAU/D,eAAe,EAAE,OAAO,CAAC,GAAG,CAAC,CAAQ;IACrC,aAAa,CAAC,OAAO,UAAQ,EAAE,iCAAiC,UAAQ;IAUxE,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,CAAQ;IAElC,gBAAgB,CAAC,MAAM,GAAE,SAAgB,EAAE,KAAK,GAAE,MAAa;IAe/D,YAAY,CAAC,MAAM,KAAA;IAInB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAe7C,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAepD,aAAa,EAAE,OAAO,CAAC,IAAI,CAAC,CAAQ;IAC9B,WAAW,CACf,iBAAiB,GAAE,MAAM,GAAG,IAAI,GAAG,SAAqB,EACxD,MAAM,GAAE,SAAgB;CAgB3B;AAED,eAAe,IAAI,CAAC"}
1	+ {"version":3,"file":"oidc.d.ts","sourceRoot":"","sources":["../src/oidc.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAW7D,OAAO,EAAE,cAAc,EAAgB,MAAM,YAAY,CAAC;AAG1D,OAAO,EAAkB,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAM1D,OAAO,EACL,sBAAsB,EACtB,KAAK,EACL,iBAAiB,EACjB,SAAS,EAEV,MAAM,YAAY,CAAC;AAGpB,eAAO,MAAM,eAAe,oBAE3B,CAAC;AAEF,MAAM,WAAW,yCAAyC;IACxD,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,qBAAa,qCAAqC;IAChD,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,qBAAqB,CAAS;IACtC,OAAO,CAAC,aAAa,CAAS;IAC9B,OAAO,CAAC,kBAAkB,CAAS;IACnC,OAAO,CAAC,gBAAgB,CAAS;IACjC,OAAO,CAAC,kBAAkB,CAAS;gBAEvB,OAAO,EAAE,GAAG;CASzB;AAYD,MAAM,MAAM,aAAa,GAAG;IAC1B,YAAY,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,qBAAqB,GAAG;IAClC,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,SAAS,CAAC;CACnB,CAAC;AAYF,qBAAa,IAAI;IACR,aAAa,EAAE,iBAAiB,CAAC;IACjC,QAAQ,EAAE,IAAI,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC;IACnC,iBAAiB,EAAE,MAAM,CAAC;IAC1B,kBAAkB,EAAE,kBAAkB,CAAC;IACvC,QAAQ,EAAE,MAAM,KAAK,CAAC;IACtB,QAAQ,EAAE,cAAc,CAAC;gBAE9B,aAAa,EAAE,iBAAiB,EAChC,iBAAiB,QAAY,EAC7B,QAAQ,EAAE,MAAM,KAAK,EACrB,QAAQ,GAAE,cAAmC;IAyD/C,eAAe,CAAC,IAAI,KAAA,GAAG,MAAM;IAM7B,uBAAuB,CAAC,EAAE,KAAA,GAAG,IAAI;IAKjC,YAAY,CAAC,SAAS,KAAA,EAAE,IAAI,KAAA;IAM5B,MAAM,CAAC,WAAW,GACf,UAAU,MAAM,KAAK,EAAE,UAAU,cAAc,MAC/C,kBAAa,EAAE,aAAgB,SAE9B;IAEJ,MAAM,CAAC,GAAG,CAAC,IAAI,SAAY;IAS3B,MAAM,CAAC,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAAc;IAE/B,8BAA8B;IAW9B,mCAAmC,CAAC,SAAS,MAAO;IAkB9C,wBAAwB;IAU9B,WAAW,MAAQ;IACb,SAAS,CAAC,SAAS,EAAE,MAAM,EAAE,sBAAsB,EAAE,sBAAsB;IAsCjF,6BAA6B,MAAQ;IAC/B,2BAA2B,IAAI,OAAO,CAAC,OAAO,CAAC;IAU/C,sBAAsB,CAC1B,qBAAqB,KAAA,EACrB,QAAQ,KAAA,EACR,YAAY,KAAA,EACZ,cAAc,UAAQ;IAUxB,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC,CAAQ;IAChC,UAAU,CACd,YAAY,GAAE,MAAkB,EAChC,MAAM,GAAE,SAAgB,EACxB,cAAc,UAAQ,EACtB,KAAK,GAAE,MAAkB,EACzB,eAAe,UAAQ;IA+BzB,oBAAoB,EAAE,OAAO,CAAC,GAAG,CAAC,CAAQ;IACpC,kBAAkB,CAAC,aAAa,UAAQ;IAuCxC,6CAA6C,CACjD,WAAW,EAAE,MAAM,EACnB,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,MAAM,EACd,MAAM,GAAE,SAAc,GACrB,OAAO,CAAC,MAAM,CAAC;IA8BlB,uCAAuC,EAAE,OAAO,CAAC,aAAa,CAAC,CAAQ;IACvE,qCAAqC,IAAI,OAAO,CAAC,aAAa,CAAC;IAU/D,eAAe,EAAE,OAAO,CAAC,GAAG,CAAC,CAAQ;IACrC,aAAa,CAAC,OAAO,UAAQ,EAAE,iCAAiC,UAAQ;IAUxE,kBAAkB,EAAE,OAAO,CAAC,GAAG,CAAC,CAAQ;IAElC,gBAAgB,CAAC,MAAM,GAAE,SAAgB,EAAE,KAAK,GAAE,MAAa;IAe/D,YAAY,CAAC,MAAM,KAAA;IAInB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAe7C,mBAAmB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG;IAepD,aAAa,EAAE,OAAO,CAAC,IAAI,CAAC,CAAQ;IAC9B,WAAW,CACf,iBAAiB,GAAE,MAAM,GAAG,IAAI,GAAG,SAAqB,EACxD,MAAM,GAAE,SAAgB;CAgB3B;AAED,eAAe,IAAI,CAAC"}

package/dist/oidcClient.d.ts CHANGED Viewed

@@ -1,3 +1,4 @@
+import { ServiceWorkerSignalMessage, ServiceWorkerSignalOptions } from './initWorker.js';
 import { ILOidcLocation } from './location';
 import { LoginCallback, Oidc } from './oidc.js';
 import { Tokens, ValidToken } from './parseTokens.js';
@@ -42,6 +43,7 @@ export declare class OidcClient {
         syncTokensAsync_end: string;
         syncTokensAsync_error: string;
         tokensInvalidAndWaitingActionsToRefresh: string;
+        loadingTimeout_error: string;
     };
     tryKeepExistingSessionAsync(): Promise<boolean>;
     loginAsync(callbackPath?: string, extras?: StringMap, isSilentSignin?: boolean, scope?: string, silentLoginOnly?: boolean): Promise<unknown>;
@@ -56,6 +58,19 @@ export declare class OidcClient {
     fetchWithTokens(fetch: Fetch, demonstratingProofOfPossession?: boolean): Fetch;
     userInfoAsync<T extends OidcUserInfo = OidcUserInfo>(noCache?: boolean, demonstratingProofOfPossession?: boolean): Promise<T>;
     userInfo<T extends OidcUserInfo = OidcUserInfo>(): T;
+    /**
+     * High-level helper to send a message to the OIDC service worker.
+     *
+     * Wraps the low-level `postMessage` + `MessageChannel` plumbing and
+     * returns the response posted back by the worker. Use the typed message
+     * symbols exported from `@axa-fr/oidc-client-service-worker/protocol`
+     * (`ServiceWorkerMessageType`) to build messages.
+     *
+     * @throws if no service worker is registered for the current
+     * configuration, or if the worker does not respond before the timeout
+     * elapses.
+     */
+    signalServiceWorker<TResponse = unknown>(message: ServiceWorkerSignalMessage, options?: ServiceWorkerSignalOptions): Promise<TResponse>;
 }
 export interface OidcUserInfo {
     sub: string;

package/dist/oidcClient.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"oidcClient.d.ts","sourceRoot":"","sources":["../src/oidcClient.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAgB,MAAM,YAAY,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAChD,OAAO,EAAiC,MAAM,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAErF,OAAO,EAAE,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEjE,MAAM,WAAW,eAAe;IAC9B,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAE;CAC3B;AAED,qBAAa,UAAU;IACrB,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAO;gBACjB,IAAI,EAAE,IAAI;IAItB,eAAe,CAAC,IAAI,EAAE,eAAe,GAAG,MAAM;IAI9C,uBAAuB,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI;IAIzC,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,IAAI;IAIhD,MAAM,CAAC,WAAW,GACf,UAAU,MAAM,KAAK,EAAE,WAAU,cAAmC,MACpE,eAAe,iBAAiB,EAAE,aAAgB,KAAG,UAAU,CAE9D;IAEJ,MAAM,CAAC,GAAG,CAAC,IAAI,SAAY,GAAG,UAAU;IAIxC,MAAM,CAAC,UAAU~~;;;;;;;;;;;;;;;;;;;;;;;;;;;;;~~MAAmB;IACpC,2BAA2B,IAAI,OAAO,CAAC,OAAO,CAAC;IAI/C,UAAU,CACR,YAAY,GAAE,MAAkB,EAChC,MAAM,GAAE,SAAgB,EACxB,cAAc,UAAQ,EACtB,KAAK,GAAE,MAAkB,EACzB,eAAe,UAAQ,GACtB,OAAO,CAAC,OAAO,CAAC;IAInB,WAAW,CACT,iBAAiB,GAAE,MAAM,GAAG,IAAI,GAAG,SAAqB,EACxD,MAAM,GAAE,SAAgB,GACvB,OAAO,CAAC,IAAI,CAAC;IAIhB,wBAAwB,IAAI,OAAO,CAAC,IAAI,CAAC;IAIzC,gBAAgB,CAAC,MAAM,GAAE,SAAgB,EAAE,KAAK,GAAE,MAAa,GAAG,OAAO,CAAC,IAAI,CAAC;IAI/E,kBAAkB,IAAI,OAAO,CAAC,aAAa,CAAC;IAI5C,IAAI,MAAM,IAAI,MAAM,CAEnB;IAED,IAAI,aAAa,IAAI,iBAAiB,CAErC;IAEK,6CAA6C,CACjD,WAAW,EAAE,MAAM,EACnB,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,MAAM,EACd,MAAM,GAAE,SAAc,GACrB,OAAO,CAAC,MAAM,CAAC;IASZ,kBAAkB,CAAC,MAAM,SAAM,EAAE,UAAU,SAAK,GAAG,OAAO,CAAC,UAAU,CAAC;IAuB5E,eAAe,CAAC,KAAK,EAAE,KAAK,EAAE,8BAA8B,GAAE,OAAe,GAAG,KAAK;IAI/E,aAAa,CAAC,CAAC,SAAS,YAAY,GAAG,YAAY,EACvD,OAAO,UAAQ,EACf,8BAA8B,GAAE,OAAe,GAC9C,OAAO,CAAC,CAAC,CAAC;IAIb,QAAQ,CAAC,CAAC,SAAS,YAAY,GAAG,YAAY,KAAK,CAAC;~~CAGrD~~;AAED,MAAM,WAAW,YAAY;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC,OAAO,CAAC,EAAE,gBAAgB,CAAC;IAC3B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB"}
1	+ {"version":3,"file":"oidcClient.d.ts","sourceRoot":"","sources":["../src/oidcClient.ts"],"names":[],"mappings":"AACA,OAAO,EACL,0BAA0B,EAC1B,0BAA0B,EAE3B,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,cAAc,EAAgB,MAAM,YAAY,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAChD,OAAO,EAAiC,MAAM,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAErF,OAAO,EAAE,KAAK,EAAE,iBAAiB,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAEjE,MAAM,WAAW,eAAe;IAC9B,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAE;CAC3B;AAED,qBAAa,UAAU;IACrB,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAO;gBACjB,IAAI,EAAE,IAAI;IAItB,eAAe,CAAC,IAAI,EAAE,eAAe,GAAG,MAAM;IAI9C,uBAAuB,CAAC,EAAE,EAAE,MAAM,GAAG,IAAI;IAIzC,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,GAAG,IAAI;IAIhD,MAAM,CAAC,WAAW,GACf,UAAU,MAAM,KAAK,EAAE,WAAU,cAAmC,MACpE,eAAe,iBAAiB,EAAE,aAAgB,KAAG,UAAU,CAE9D;IAEJ,MAAM,CAAC,GAAG,CAAC,IAAI,SAAY,GAAG,UAAU;IAIxC,MAAM,CAAC,UAAU;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;MAAmB;IACpC,2BAA2B,IAAI,OAAO,CAAC,OAAO,CAAC;IAI/C,UAAU,CACR,YAAY,GAAE,MAAkB,EAChC,MAAM,GAAE,SAAgB,EACxB,cAAc,UAAQ,EACtB,KAAK,GAAE,MAAkB,EACzB,eAAe,UAAQ,GACtB,OAAO,CAAC,OAAO,CAAC;IAInB,WAAW,CACT,iBAAiB,GAAE,MAAM,GAAG,IAAI,GAAG,SAAqB,EACxD,MAAM,GAAE,SAAgB,GACvB,OAAO,CAAC,IAAI,CAAC;IAIhB,wBAAwB,IAAI,OAAO,CAAC,IAAI,CAAC;IAIzC,gBAAgB,CAAC,MAAM,GAAE,SAAgB,EAAE,KAAK,GAAE,MAAa,GAAG,OAAO,CAAC,IAAI,CAAC;IAI/E,kBAAkB,IAAI,OAAO,CAAC,aAAa,CAAC;IAI5C,IAAI,MAAM,IAAI,MAAM,CAEnB;IAED,IAAI,aAAa,IAAI,iBAAiB,CAErC;IAEK,6CAA6C,CACjD,WAAW,EAAE,MAAM,EACnB,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,MAAM,EACd,MAAM,GAAE,SAAc,GACrB,OAAO,CAAC,MAAM,CAAC;IASZ,kBAAkB,CAAC,MAAM,SAAM,EAAE,UAAU,SAAK,GAAG,OAAO,CAAC,UAAU,CAAC;IAuB5E,eAAe,CAAC,KAAK,EAAE,KAAK,EAAE,8BAA8B,GAAE,OAAe,GAAG,KAAK;IAI/E,aAAa,CAAC,CAAC,SAAS,YAAY,GAAG,YAAY,EACvD,OAAO,UAAQ,EACf,8BAA8B,GAAE,OAAe,GAC9C,OAAO,CAAC,CAAC,CAAC;IAIb,QAAQ,CAAC,CAAC,SAAS,YAAY,GAAG,YAAY,KAAK,CAAC;IAIpD;;;;;;;;;;;OAWG;IACG,mBAAmB,CAAC,SAAS,GAAG,OAAO,EAC3C,OAAO,EAAE,0BAA0B,EACnC,OAAO,CAAC,EAAE,0BAA0B,GACnC,OAAO,CAAC,SAAS,CAAC;CAQtB;AAED,MAAM,WAAW,YAAY;IAC3B,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC,OAAO,CAAC,EAAE,gBAAgB,CAAC;IAC3B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB"}

package/dist/protocol.d.ts ADDED Viewed

@@ -0,0 +1,75 @@
+/**
+ * Public, supported entry point for the OIDC service worker `postMessage`
+ * protocol, available directly from `@axa-fr/oidc-client`.
+ *
+ * The same exports are also published from
+ * `@axa-fr/oidc-client-service-worker/protocol`. The two modules are kept
+ * deliberately in sync (and verified by a unit test) so applications that
+ * depend only on `@axa-fr/oidc-client` can interact with the service worker
+ * without adding a transitive dependency.
+ *
+ * See `packages/oidc-client-service-worker/PROTOCOL.md` for the full
+ * specification.
+ */
+/**
+ * Semver-protected version of the service worker `postMessage` protocol.
+ */
+export declare const PROTOCOL_VERSION: "1.0.0";
+/**
+ * Every supported service worker message type. The values are also the
+ * literal strings used on the wire as `MessageEventData.type` and must
+ * remain stable across patch and minor versions of the protocol.
+ */
+export declare const ServiceWorkerMessageType: {
+    readonly SKIP_WAITING: "SKIP_WAITING";
+    readonly CLAIM: "claim";
+    readonly CLEAR: "clear";
+    readonly INIT: "init";
+    readonly SET_STATE: "setState";
+    readonly GET_STATE: "getState";
+    readonly SET_CODE_VERIFIER: "setCodeVerifier";
+    readonly GET_CODE_VERIFIER: "getCodeVerifier";
+    readonly SET_SESSION_STATE: "setSessionState";
+    readonly GET_SESSION_STATE: "getSessionState";
+    readonly SET_NONCE: "setNonce";
+    readonly GET_NONCE: "getNonce";
+    readonly SET_DPOP_NONCE: "setDemonstratingProofOfPossessionNonce";
+    readonly GET_DPOP_NONCE: "getDemonstratingProofOfPossessionNonce";
+    readonly SET_DPOP_JWK: "setDemonstratingProofOfPossessionJwk";
+    readonly GET_DPOP_JWK: "getDemonstratingProofOfPossessionJwk";
+};
+export type ServiceWorkerMessageTypeKey = keyof typeof ServiceWorkerMessageType;
+export type ServiceWorkerMessageTypeValue = (typeof ServiceWorkerMessageType)[ServiceWorkerMessageTypeKey];
+export interface ServiceWorkerMessage<TData = unknown> {
+    type: ServiceWorkerMessageTypeValue | 'SKIP_WAITING' | 'claim';
+    configurationName: string;
+    data: TData;
+    tabId?: string;
+}
+export interface ServiceWorkerResponse {
+    configurationName?: string;
+    error?: unknown;
+    [key: string]: unknown;
+}
+/** Stable internal token placeholders – matched by the SW request handler. */
+export declare const TOKEN_PLACEHOLDERS: {
+    readonly ACCESS_TOKEN: "ACCESS_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER";
+    readonly REFRESH_TOKEN: "REFRESH_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER";
+    readonly NONCE_TOKEN: "NONCE_SECURED_BY_OIDC_SERVICE_WORKER";
+    readonly CODE_VERIFIER: "CODE_VERIFIER_SECURED_BY_OIDC_SERVICE_WORKER";
+};
+export declare const DPOP_TOKEN_PLACEHOLDER_PREFIX: "DPOP_SECURED_BY_OIDC_SERVICE_WORKER";
+export declare const STORAGE_KEY_PREFIX: {
+    readonly TAB_ID: "oidc.tabId.";
+    readonly STATE: "oidc.state.";
+    readonly NONCE: "oidc.nonce.";
+    readonly CODE_VERIFIER: "oidc.code_verifier.";
+    readonly LOGIN_PARAMS: "oidc.login.";
+    readonly SW_VERSION_MISMATCH_RELOAD: "oidc.sw.version_mismatch_reload.";
+};
+export declare const SW_CONTROLLER_CHANGE_RELOAD_COUNT_KEY: "oidc.sw.controllerchange_reload_count";
+export declare const buildStorageKey: (prefix: (typeof STORAGE_KEY_PREFIX)[keyof typeof STORAGE_KEY_PREFIX], configurationName: string) => string;
+export declare const buildSecuredTokenPlaceholder: (placeholder: (typeof TOKEN_PLACEHOLDERS)[keyof typeof TOKEN_PLACEHOLDERS], configurationName: string, tabId?: string) => string;
+export declare const buildDpopSecuredPlaceholder: (configurationName: string, tabId?: string) => string;
+export declare const isServiceWorkerMessageType: (value: unknown) => value is ServiceWorkerMessageTypeValue;
+//# sourceMappingURL=protocol.d.ts.map

package/dist/protocol.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"protocol.d.ts","sourceRoot":"","sources":["../src/protocol.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH;;GAEG;AACH,eAAO,MAAM,gBAAgB,EAAG,OAAgB,CAAC;AAEjD;;;;GAIG;AACH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;CAiB3B,CAAC;AAEX,MAAM,MAAM,2BAA2B,GAAG,MAAM,OAAO,wBAAwB,CAAC;AAChF,MAAM,MAAM,6BAA6B,GACvC,CAAC,OAAO,wBAAwB,CAAC,CAAC,2BAA2B,CAAC,CAAC;AAEjE,MAAM,WAAW,oBAAoB,CAAC,KAAK,GAAG,OAAO;IACnD,IAAI,EAAE,6BAA6B,GAAG,cAAc,GAAG,OAAO,CAAC;IAC/D,iBAAiB,EAAE,MAAM,CAAC;IAC1B,IAAI,EAAE,KAAK,CAAC;IACZ,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,qBAAqB;IACpC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED,8EAA8E;AAC9E,eAAO,MAAM,kBAAkB;;;;;CAKrB,CAAC;AAEX,eAAO,MAAM,6BAA6B,EAAG,qCAA8C,CAAC;AAE5F,eAAO,MAAM,kBAAkB;;;;;;;CAOrB,CAAC;AAEX,eAAO,MAAM,qCAAqC,EAChD,uCAAgD,CAAC;AAEnD,eAAO,MAAM,eAAe,GAC1B,QAAQ,CAAC,OAAO,kBAAkB,EAAE,MAAM,OAAO,kBAAkB,CAAC,EACpE,mBAAmB,MAAM,KACxB,MAAyC,CAAC;AAE7C,eAAO,MAAM,4BAA4B,GACvC,aAAa,CAAC,OAAO,kBAAkB,EAAE,MAAM,OAAO,kBAAkB,CAAC,EACzE,mBAAmB,MAAM,EACzB,QAAO,MAAkB,KACxB,MAA8D,CAAC;AAElE,eAAO,MAAM,2BAA2B,GACtC,mBAAmB,MAAM,EACzB,QAAO,MAAkB,KACxB,MAAgF,CAAC;AAEpF,eAAO,MAAM,0BAA0B,GACrC,OAAO,OAAO,KACb,KAAK,IAAI,6BAKX,CAAC"}

package/dist/protocol.spec.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=protocol.spec.d.ts.map

package/dist/protocol.spec.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"protocol.spec.d.ts","sourceRoot":"","sources":["../src/protocol.spec.ts"],"names":[],"mappings":""}

package/dist/signalServiceWorker.spec.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ export {};
2	+ //# sourceMappingURL=signalServiceWorker.spec.d.ts.map

package/dist/signalServiceWorker.spec.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"signalServiceWorker.spec.d.ts","sourceRoot":"","sources":["../src/signalServiceWorker.spec.ts"],"names":[],"mappings":""}

package/dist/types.d.ts CHANGED Viewed

@@ -37,6 +37,7 @@ export type OidcConfiguration = {
     demonstrating_proof_of_possession?: boolean;
     demonstrating_proof_of_possession_configuration?: DemonstratingProofOfPossessionConfiguration;
     preload_user_info?: boolean;
+    loading_timeout_ms?: number;
 };
 export interface DemonstratingProofOfPossessionConfiguration {
     generateKeyAlgorithm: RsaHashedKeyGenParams | EcKeyGenParams;

package/dist/types.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,KAAK,GAAG,OAAO,MAAM,CAAC,KAAK,CAAC;AAExC,MAAM,MAAM,WAAW,GAAG,cAAc,GAAG,eAAe,CAAC;AAE3D,MAAM,MAAM,kCAAkC,GAAG,CAC/C,YAAY,EAAE,GAAG,EACjB,aAAa,EAAE,MAAM,IAAI,KACtB,OAAO,CAAC,IAAI,CAAC,CAAC;AACnB,MAAM,MAAM,qBAAqB,GAAG,CAClC,wBAAwB,EAAE,MAAM,KAC7B,OAAO,CAAC,yBAAyB,CAAC,CAAC;AACxC,MAAM,MAAM,qBAAqB,GAAG,MAAM,OAAO,CAAC;AAElD,oBAAY,uBAAuB;IACjC,8BAA8B,oCAAoC;IAClE,8BAA8B,mCAAmC;CAClE;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,0CAA0C,CAAC,EAAE,MAAM,CAAC;IACpD,4CAA4C,CAAC,EAAE,MAAM,CAAC;IACtD,uBAAuB,CAAC,EAAE,sBAAsB,CAAC;IACjD,+CAA+C,CAAC,EAAE,MAAM,CAAC;IACzD,0BAA0B,CAAC,EAAE,uBAAuB,CAAC;IACrD,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,2BAA2B,CAAC,EAAE,MAAM,CAAC;IACrC,uBAAuB,CAAC,EAAE,qBAAqB,CAAC;IAChD,8BAA8B,CAAC,EAAE,MAAM,CAAC;IACxC,uBAAuB,CAAC,EAAE,qBAAqB,CAAC;IAChD,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,2CAA2C,CAAC,EAAE,OAAO,CAAC;IACtD,MAAM,CAAC,EAAE,SAAS,CAAC;IACnB,oBAAoB,CAAC,EAAE,SAAS,CAAC;IACjC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,2BAA2B,CAAC,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;IACjD,iCAAiC,CAAC,EAAE,OAAO,CAAC;IAC5C,+CAA+C,CAAC,EAAE,2CAA2C,CAAC;IAC9F,iBAAiB,CAAC,EAAE,OAAO,CAAC;CAC7B,CAAC;AAEF,MAAM,WAAW,2CAA2C;IAC1D,oBAAoB,EAAE,qBAAqB,GAAG,cAAc,CAAC;IAC7D,eAAe,EAAE,mBAAmB,CAAC;IACrC,kBAAkB,EACd,mBAAmB,GACnB,qBAAqB,GACrB,iBAAiB,GACjB,gBAAgB,GAChB,eAAe,CAAC;IACpB,aAAa,EAAE,mBAAmB,GAAG,YAAY,GAAG,WAAW,CAAC;IAChE,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,SAAS;IACxB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,sBAAsB;IACrC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,cAAc,EAAE,MAAM,CAAC;IACvB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;CAChB"}
1	+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,KAAK,GAAG,OAAO,MAAM,CAAC,KAAK,CAAC;AAExC,MAAM,MAAM,WAAW,GAAG,cAAc,GAAG,eAAe,CAAC;AAE3D,MAAM,MAAM,kCAAkC,GAAG,CAC/C,YAAY,EAAE,GAAG,EACjB,aAAa,EAAE,MAAM,IAAI,KACtB,OAAO,CAAC,IAAI,CAAC,CAAC;AACnB,MAAM,MAAM,qBAAqB,GAAG,CAClC,wBAAwB,EAAE,MAAM,KAC7B,OAAO,CAAC,yBAAyB,CAAC,CAAC;AACxC,MAAM,MAAM,qBAAqB,GAAG,MAAM,OAAO,CAAC;AAElD,oBAAY,uBAAuB;IACjC,8BAA8B,oCAAoC;IAClE,8BAA8B,mCAAmC;CAClE;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,SAAS,EAAE,MAAM,CAAC;IAClB,0CAA0C,CAAC,EAAE,MAAM,CAAC;IACpD,4CAA4C,CAAC,EAAE,MAAM,CAAC;IACtD,uBAAuB,CAAC,EAAE,sBAAsB,CAAC;IACjD,+CAA+C,CAAC,EAAE,MAAM,CAAC;IACzD,0BAA0B,CAAC,EAAE,uBAAuB,CAAC;IACrD,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,2BAA2B,CAAC,EAAE,MAAM,CAAC;IACrC,uBAAuB,CAAC,EAAE,qBAAqB,CAAC;IAChD,8BAA8B,CAAC,EAAE,MAAM,CAAC;IACxC,uBAAuB,CAAC,EAAE,qBAAqB,CAAC;IAChD,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,2CAA2C,CAAC,EAAE,OAAO,CAAC;IACtD,MAAM,CAAC,EAAE,SAAS,CAAC;IACnB,oBAAoB,CAAC,EAAE,SAAS,CAAC;IACjC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,2BAA2B,CAAC,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC;IACjD,iCAAiC,CAAC,EAAE,OAAO,CAAC;IAC5C,+CAA+C,CAAC,EAAE,2CAA2C,CAAC;IAC9F,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,kBAAkB,CAAC,EAAE,MAAM,CAAC;CAC7B,CAAC;AAEF,MAAM,WAAW,2CAA2C;IAC1D,oBAAoB,EAAE,qBAAqB,GAAG,cAAc,CAAC;IAC7D,eAAe,EAAE,mBAAmB,CAAC;IACrC,kBAAkB,EACd,mBAAmB,GACnB,qBAAqB,GACrB,iBAAiB,GACjB,gBAAgB,GAChB,eAAe,CAAC;IACpB,aAAa,EAAE,mBAAmB,GAAG,YAAY,GAAG,WAAW,CAAC;IAChE,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,SAAS;IACxB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,sBAAsB;IACrC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,cAAc,EAAE,MAAM,CAAC;IACvB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,MAAM,EAAE,MAAM,CAAC;CAChB"}

package/dist/version.d.ts CHANGED Viewed

@@ -1,3 +1,3 @@
-declare const _default: "7.27.11";
+declare const _default: "7.27.13";
 export default _default;
 //# sourceMappingURL=version.d.ts.map

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@axa-fr/oidc-client",
-  "version": "7.27.11",
+  "version": "7.27.13",
   "private": false,
   "type": "module",
   "main": "./dist/index.umd.cjs",
@@ -20,7 +20,7 @@
     "url": "https://github.com/AxaFrance/oidc-client.git"
   },
   "dependencies": {
-    "@axa-fr/oidc-client-service-worker": "7.27.11"
+    "@axa-fr/oidc-client-service-worker": "7.27.13"
   },
   "devDependencies": {
     "@testing-library/dom": "10.4.1",

package/src/events.ts CHANGED Viewed

@@ -27,4 +27,5 @@ export const eventNames = {
   syncTokensAsync_end: 'syncTokensAsync_end',
   syncTokensAsync_error: 'syncTokensAsync_error',
   tokensInvalidAndWaitingActionsToRefresh: 'tokensInvalidAndWaitingActionsToRefresh',
+  loadingTimeout_error: 'loadingTimeout_error',
 };

package/src/index.ts CHANGED Viewed

@@ -1,3 +1,5 @@
+export type { ServiceWorkerSignalMessage, ServiceWorkerSignalOptions } from './initWorker.js';
+export { signalServiceWorkerAsync } from './initWorker.js';
 export type { ILOidcLocation } from './location.js';
 export { OidcLocation } from './location.js';
 export { getFetchDefault } from './oidc.js';
@@ -5,6 +7,24 @@ export type { OidcUserInfo } from './oidcClient.js';
 export { OidcClient } from './oidcClient.js';
 export type { Tokens } from './parseTokens.js';
 export { TokenRenewMode } from './parseTokens.js';
+export type {
+  ServiceWorkerMessage,
+  ServiceWorkerMessageTypeKey,
+  ServiceWorkerMessageTypeValue,
+  ServiceWorkerResponse,
+} from './protocol.js';
+export {
+  buildDpopSecuredPlaceholder,
+  buildSecuredTokenPlaceholder,
+  buildStorageKey,
+  DPOP_TOKEN_PLACEHOLDER_PREFIX,
+  isServiceWorkerMessageType,
+  PROTOCOL_VERSION,
+  ServiceWorkerMessageType,
+  STORAGE_KEY_PREFIX,
+  SW_CONTROLLER_CHANGE_RELOAD_COUNT_KEY,
+  TOKEN_PLACEHOLDERS,
+} from './protocol.js';
 export { getParseQueryStringFromLocation, getPath } from './route-utils';
 export type { AuthorityConfiguration, Fetch, OidcConfiguration, StringMap } from './types.js';
 export { TokenAutomaticRenewMode } from './types.js';