@axa-fr/oidc-client 7.4.0 → 7.4.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +75 -75
- package/dist/index.umd.cjs +2 -2
- package/dist/version.d.ts +1 -1
- package/package.json +2 -2
- package/src/oidc.ts +0 -5
- package/src/parseTokens.ts +24 -15
- package/src/version.ts +1 -1
package/dist/index.js
CHANGED
|
@@ -103,19 +103,23 @@ const m = {
|
|
|
103
103
|
access_token_or_id_token_invalid: "access_token_or_id_token_invalid",
|
|
104
104
|
access_token_invalid: "access_token_invalid",
|
|
105
105
|
id_token_invalid: "id_token_invalid"
|
|
106
|
-
}
|
|
106
|
+
};
|
|
107
|
+
function we(n, e, t) {
|
|
108
|
+
if (n.issuedAt) {
|
|
109
|
+
if (typeof n.issuedAt == "string")
|
|
110
|
+
return parseInt(n.issuedAt, 10);
|
|
111
|
+
} else
|
|
112
|
+
return e && e.iat ? e.iat : t && t.iat ? t.iat : (/* @__PURE__ */ new Date()).getTime() / 1e3;
|
|
113
|
+
return n.issuedAt;
|
|
114
|
+
}
|
|
115
|
+
const ae = (n, e = null, t) => {
|
|
107
116
|
if (!n)
|
|
108
117
|
return null;
|
|
109
118
|
let s;
|
|
110
119
|
const i = typeof n.expiresIn == "string" ? parseInt(n.expiresIn, 10) : n.expiresIn;
|
|
111
|
-
if (n.issuedAt)
|
|
112
|
-
typeof n.issuedAt == "string" && (n.issuedAt = parseInt(n.issuedAt, 10));
|
|
113
|
-
else {
|
|
114
|
-
const a = (/* @__PURE__ */ new Date()).getTime() / 1e3;
|
|
115
|
-
n.issuedAt = a;
|
|
116
|
-
}
|
|
117
120
|
n.accessTokenPayload !== void 0 ? s = n.accessTokenPayload : s = Z(n.accessToken);
|
|
118
121
|
const o = n.idTokenPayload ? n.idTokenPayload : Z(n.idToken), r = o && o.exp ? o.exp : Number.MAX_VALUE, l = s && s.exp ? s.exp : n.issuedAt + i;
|
|
122
|
+
n.issuedAt = we(n, s, o);
|
|
119
123
|
let c;
|
|
120
124
|
n.expiresAt ? c = n.expiresAt : t === j.access_token_invalid ? c = l : t === j.id_token_invalid ? c = r : c = r < l ? r : l;
|
|
121
125
|
const h = { ...n, idTokenPayload: o, accessTokenPayload: s, expiresAt: c };
|
|
@@ -139,11 +143,11 @@ const m = {
|
|
|
139
143
|
tokenType: n.token_type,
|
|
140
144
|
issuedAt: n.issued_at
|
|
141
145
|
};
|
|
142
|
-
return "refresh_token" in n && (s.refreshToken = n.refresh_token), n.accessTokenPayload !== void 0 && (s.accessTokenPayload = n.accessTokenPayload), n.idTokenPayload !== void 0 && (s.idTokenPayload = n.idTokenPayload),
|
|
146
|
+
return "refresh_token" in n && (s.refreshToken = n.refresh_token), n.accessTokenPayload !== void 0 && (s.accessTokenPayload = n.accessTokenPayload), n.idTokenPayload !== void 0 && (s.idTokenPayload = n.idTokenPayload), ae(s, e, t);
|
|
143
147
|
}, D = (n, e) => {
|
|
144
|
-
const t = (/* @__PURE__ */ new Date()).getTime() / 1e3;
|
|
145
|
-
return Math.round(
|
|
146
|
-
}, G = (n) => n ? D(0, n.expiresAt) > 0 : !1,
|
|
148
|
+
const t = (/* @__PURE__ */ new Date()).getTime() / 1e3, s = e - t;
|
|
149
|
+
return Math.round(s - n);
|
|
150
|
+
}, G = (n) => n ? D(0, n.expiresAt) > 0 : !1, Ae = async (n, e = 200, t = 50) => {
|
|
147
151
|
let s = t;
|
|
148
152
|
if (!n.tokens)
|
|
149
153
|
return null;
|
|
@@ -269,7 +273,7 @@ const m = {
|
|
|
269
273
|
setInterval: r,
|
|
270
274
|
clearInterval: l
|
|
271
275
|
};
|
|
272
|
-
}(), ee = "7.4.
|
|
276
|
+
}(), ee = "7.4.1", le = (n) => {
|
|
273
277
|
const e = n.appVersion, t = n.userAgent, s = "-";
|
|
274
278
|
let i = s;
|
|
275
279
|
const o = [
|
|
@@ -326,7 +330,7 @@ const m = {
|
|
|
326
330
|
osVersion: r
|
|
327
331
|
};
|
|
328
332
|
};
|
|
329
|
-
function
|
|
333
|
+
function ve() {
|
|
330
334
|
const n = navigator.userAgent;
|
|
331
335
|
let e, t = n.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i) || [];
|
|
332
336
|
if (/trident/i.test(t[1]))
|
|
@@ -358,13 +362,13 @@ const ue = () => {
|
|
|
358
362
|
}
|
|
359
363
|
}, te = () => {
|
|
360
364
|
B && B.abort();
|
|
361
|
-
},
|
|
365
|
+
}, Se = () => fetch("/OidcKeepAliveServiceWorker.json", {
|
|
362
366
|
headers: {
|
|
363
367
|
"oidc-vanilla": "true"
|
|
364
368
|
}
|
|
365
369
|
}).then((n) => n.statusText === "oidc-service-worker").catch((n) => {
|
|
366
370
|
console.log(n);
|
|
367
|
-
}),
|
|
371
|
+
}), Te = (n) => !!(n.os === "iOS" && n.osVersion.startsWith("12") || n.os === "Mac OS X" && n.osVersion.startsWith("10_15_6")), b = (n) => (e) => new Promise(function(t, s) {
|
|
368
372
|
const i = new MessageChannel();
|
|
369
373
|
i.port1.onmessage = function(o) {
|
|
370
374
|
o.data && o.data.error ? s(o.data.error) : t(o.data);
|
|
@@ -372,11 +376,11 @@ const ue = () => {
|
|
|
372
376
|
}), I = async (n, e) => {
|
|
373
377
|
if (typeof window > "u" || typeof navigator > "u" || !navigator.serviceWorker || !n)
|
|
374
378
|
return null;
|
|
375
|
-
const { name: t, version: s } =
|
|
379
|
+
const { name: t, version: s } = ve();
|
|
376
380
|
if (t === "chrome" && parseInt(s) <= 70 || t === "opera" && (!s || parseInt(s.split(".")[0]) < 80) || t === "ie")
|
|
377
381
|
return null;
|
|
378
382
|
const i = le(navigator);
|
|
379
|
-
if (
|
|
383
|
+
if (Te(i))
|
|
380
384
|
return null;
|
|
381
385
|
const o = await navigator.serviceWorker.register(n);
|
|
382
386
|
try {
|
|
@@ -417,7 +421,7 @@ const ue = () => {
|
|
|
417
421
|
clearAsync: r,
|
|
418
422
|
initAsync: l,
|
|
419
423
|
startKeepAliveServiceWorker: c,
|
|
420
|
-
isServiceWorkerProxyActiveAsync:
|
|
424
|
+
isServiceWorkerProxyActiveAsync: Se,
|
|
421
425
|
setSessionStateAsync: h,
|
|
422
426
|
getSessionStateAsync: a,
|
|
423
427
|
setNonceAsync: _,
|
|
@@ -495,7 +499,7 @@ const V = (n, e, t, s = null) => {
|
|
|
495
499
|
} catch (r) {
|
|
496
500
|
throw t(m.silentLoginAsync_error, r), r;
|
|
497
501
|
}
|
|
498
|
-
},
|
|
502
|
+
}, be = (n, e, t, s, i) => (o = null, r = void 0) => {
|
|
499
503
|
o = { ...o };
|
|
500
504
|
const l = (h, a, _) => Q(e, t, s.bind(i))(h, a, _);
|
|
501
505
|
return (async () => {
|
|
@@ -513,7 +517,7 @@ const V = (n, e, t, s = null) => {
|
|
|
513
517
|
return a;
|
|
514
518
|
}
|
|
515
519
|
})();
|
|
516
|
-
},
|
|
520
|
+
}, Ee = (n, e, t) => (s, i, o, r = !1) => {
|
|
517
521
|
const l = (c, h = void 0, a = void 0) => Q(n.configurationName, t, n.publishEvent.bind(n))(c, h, a);
|
|
518
522
|
return new Promise((c, h) => {
|
|
519
523
|
if (t.silent_login_uri && t.silent_redirect_uri && t.monitor_session && s && o && !r) {
|
|
@@ -549,20 +553,20 @@ const V = (n, e, t, s = null) => {
|
|
|
549
553
|
c(null);
|
|
550
554
|
});
|
|
551
555
|
};
|
|
552
|
-
var
|
|
553
|
-
for (var K = 0,
|
|
556
|
+
var Ie = Le, E = [], se = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
|
|
557
|
+
for (var K = 0, Pe = se.length; K < Pe; ++K)
|
|
554
558
|
E[K] = se[K];
|
|
555
|
-
function
|
|
559
|
+
function Oe(n) {
|
|
556
560
|
return E[n >> 18 & 63] + E[n >> 12 & 63] + E[n >> 6 & 63] + E[n & 63];
|
|
557
561
|
}
|
|
558
|
-
function
|
|
562
|
+
function Ce(n, e, t) {
|
|
559
563
|
for (var s, i = [], o = e; o < t; o += 3)
|
|
560
|
-
s = (n[o] << 16 & 16711680) + (n[o + 1] << 8 & 65280) + (n[o + 2] & 255), i.push(
|
|
564
|
+
s = (n[o] << 16 & 16711680) + (n[o + 1] << 8 & 65280) + (n[o + 2] & 255), i.push(Oe(s));
|
|
561
565
|
return i.join("");
|
|
562
566
|
}
|
|
563
|
-
function
|
|
567
|
+
function Le(n) {
|
|
564
568
|
for (var e, t = n.length, s = t % 3, i = [], o = 16383, r = 0, l = t - s; r < l; r += o)
|
|
565
|
-
i.push(
|
|
569
|
+
i.push(Ce(n, r, r + o > l ? l : r + o));
|
|
566
570
|
return s === 1 ? (e = n[t - 1], i.push(
|
|
567
571
|
E[e >> 2] + E[e << 4 & 63] + "=="
|
|
568
572
|
)) : s === 2 && (e = (n[t - 2] << 8) + n[t - 1], i.push(
|
|
@@ -572,54 +576,54 @@ function Ce(n) {
|
|
|
572
576
|
const he = () => {
|
|
573
577
|
const n = typeof window < "u" && !!window.crypto, e = n && !!window.crypto.subtle;
|
|
574
578
|
return { hasCrypto: n, hasSubtleCrypto: e };
|
|
575
|
-
}, J = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
|
|
579
|
+
}, J = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", Ne = (n) => {
|
|
576
580
|
const e = [];
|
|
577
581
|
for (let t = 0; t < n.byteLength; t += 1) {
|
|
578
582
|
const s = n[t] % J.length;
|
|
579
583
|
e.push(J[s]);
|
|
580
584
|
}
|
|
581
585
|
return e.join("");
|
|
582
|
-
},
|
|
586
|
+
}, We = (n) => Ie(new Uint8Array(n)).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, ""), H = (n) => {
|
|
583
587
|
const e = new Uint8Array(n), { hasCrypto: t } = he();
|
|
584
588
|
if (t)
|
|
585
589
|
window.crypto.getRandomValues(e);
|
|
586
590
|
else
|
|
587
591
|
for (let s = 0; s < n; s += 1)
|
|
588
592
|
e[s] = Math.random() * J.length | 0;
|
|
589
|
-
return
|
|
593
|
+
return Ne(e);
|
|
590
594
|
};
|
|
591
|
-
function
|
|
595
|
+
function xe(n) {
|
|
592
596
|
const e = new ArrayBuffer(n.length), t = new Uint8Array(e);
|
|
593
597
|
for (let s = 0; s < n.length; s++)
|
|
594
598
|
t[s] = n.charCodeAt(s);
|
|
595
599
|
return t;
|
|
596
600
|
}
|
|
597
|
-
const
|
|
601
|
+
const $e = (n) => {
|
|
598
602
|
if (n.length < 43 || n.length > 128)
|
|
599
603
|
return Promise.reject(new Error("Invalid code length."));
|
|
600
604
|
const { hasSubtleCrypto: e } = he();
|
|
601
605
|
return e ? new Promise((t, s) => {
|
|
602
|
-
crypto.subtle.digest("SHA-256",
|
|
606
|
+
crypto.subtle.digest("SHA-256", xe(n)).then((i) => t(We(new Uint8Array(i))), (i) => s(i));
|
|
603
607
|
}) : Promise.reject(new Error("window.crypto.subtle is unavailable."));
|
|
604
|
-
}, F = {},
|
|
608
|
+
}, F = {}, Fe = (n, e = window.sessionStorage, t) => {
|
|
605
609
|
if (!F[n] && e) {
|
|
606
610
|
const i = e.getItem(n);
|
|
607
611
|
i && (F[n] = JSON.parse(i));
|
|
608
612
|
}
|
|
609
613
|
const s = 1e3 * t;
|
|
610
614
|
return F[n] && F[n].timestamp + s > Date.now() ? F[n].result : null;
|
|
611
|
-
},
|
|
615
|
+
}, Re = (n, e, t = window.sessionStorage) => {
|
|
612
616
|
const s = Date.now();
|
|
613
617
|
F[n] = { result: e, timestamp: s }, t && t.setItem(n, JSON.stringify({ result: e, timestamp: s }));
|
|
614
|
-
},
|
|
615
|
-
const o = `${e}/.well-known/openid-configuration`, r = `oidc.server:${e}`, l =
|
|
618
|
+
}, De = 60 * 60, Ve = (n) => async (e, t = De, s = window.sessionStorage, i = 1e4) => {
|
|
619
|
+
const o = `${e}/.well-known/openid-configuration`, r = `oidc.server:${e}`, l = Fe(r, s, t);
|
|
616
620
|
if (l)
|
|
617
621
|
return new z(l);
|
|
618
622
|
const c = await U(n)(o, {}, i);
|
|
619
623
|
if (c.status !== 200)
|
|
620
624
|
return null;
|
|
621
625
|
const h = await c.json();
|
|
622
|
-
return
|
|
626
|
+
return Re(r, h, s), new z(h);
|
|
623
627
|
}, U = (n) => async (e, t = {}, s = 1e4, i = 0) => {
|
|
624
628
|
let o;
|
|
625
629
|
try {
|
|
@@ -657,7 +661,7 @@ const xe = (n) => {
|
|
|
657
661
|
}, o)).status !== 200 ? { success: !1 } : {
|
|
658
662
|
success: !0
|
|
659
663
|
};
|
|
660
|
-
},
|
|
664
|
+
}, Me = (n) => async (e, t, s, i, o, r = 1e4) => {
|
|
661
665
|
for (const [_, f] of Object.entries(s))
|
|
662
666
|
t[_] === void 0 && (t[_] = f);
|
|
663
667
|
const l = [];
|
|
@@ -679,16 +683,16 @@ const xe = (n) => {
|
|
|
679
683
|
success: !0,
|
|
680
684
|
data: Y(a, i, o)
|
|
681
685
|
};
|
|
682
|
-
},
|
|
686
|
+
}, Ue = (n) => async (e, t) => {
|
|
683
687
|
t = t ? { ...t } : {};
|
|
684
|
-
const s = H(128), i = await
|
|
688
|
+
const s = H(128), i = await $e(s);
|
|
685
689
|
await n.setCodeVerifierAsync(s), await n.setStateAsync(t.state), t.code_challenge = i, t.code_challenge_method = "S256";
|
|
686
690
|
let o = "";
|
|
687
691
|
if (t)
|
|
688
692
|
for (const [r, l] of Object.entries(t))
|
|
689
693
|
o === "" ? o += "?" : o += "&", o += `${r}=${encodeURIComponent(l)}`;
|
|
690
694
|
window.location.href = `${e}${o}`;
|
|
691
|
-
},
|
|
695
|
+
}, Ke = (n) => async (e, t, s, i = 1e4) => {
|
|
692
696
|
t = t ? { ...t } : {}, t.code_verifier = await n.getCodeVerifierAsync();
|
|
693
697
|
const o = [];
|
|
694
698
|
for (const h in t) {
|
|
@@ -734,7 +738,7 @@ const xe = (n) => {
|
|
|
734
738
|
search: t,
|
|
735
739
|
hash: s
|
|
736
740
|
};
|
|
737
|
-
},
|
|
741
|
+
}, Ze = (n) => {
|
|
738
742
|
const e = _e(n);
|
|
739
743
|
let { path: t } = e;
|
|
740
744
|
t.endsWith("/") && (t = t.slice(0, -1));
|
|
@@ -742,15 +746,15 @@ const xe = (n) => {
|
|
|
742
746
|
return s === "#_=_" && (s = ""), s && (t += s), t;
|
|
743
747
|
}, q = (n) => {
|
|
744
748
|
const e = _e(n), { search: t } = e;
|
|
745
|
-
return
|
|
746
|
-
},
|
|
749
|
+
return Be(t);
|
|
750
|
+
}, Be = (n) => {
|
|
747
751
|
const e = {};
|
|
748
752
|
let t, s, i;
|
|
749
753
|
const o = n.split("&");
|
|
750
754
|
for (s = 0, i = o.length; s < i; s++)
|
|
751
755
|
t = o[s].split("="), e[decodeURIComponent(t[0])] = decodeURIComponent(t[1]);
|
|
752
756
|
return e;
|
|
753
|
-
},
|
|
757
|
+
}, qe = (n, e, t, s, i) => (o = void 0, r = null, l = !1, c = void 0) => {
|
|
754
758
|
const h = r;
|
|
755
759
|
return r = { ...r }, (async () => {
|
|
756
760
|
const _ = n.location, f = o || _.pathname + (_.search || "") + (_.hash || "");
|
|
@@ -777,12 +781,12 @@ const xe = (n) => {
|
|
|
777
781
|
response_type: "code",
|
|
778
782
|
...y
|
|
779
783
|
};
|
|
780
|
-
await
|
|
784
|
+
await Ue(w)(k.authorizationEndpoint, S);
|
|
781
785
|
} catch (u) {
|
|
782
786
|
throw s(m.loginAsync_error, u), u;
|
|
783
787
|
}
|
|
784
788
|
})();
|
|
785
|
-
},
|
|
789
|
+
}, je = (n) => async (e = !1) => {
|
|
786
790
|
try {
|
|
787
791
|
n.publishEvent(m.loginCallbackAsync_begin, {});
|
|
788
792
|
const t = n.configuration, s = t.client_id, i = e ? t.silent_redirect_uri : t.redirect_uri, o = t.authority, r = t.token_request_timeout, l = await n.initAsync(o, t.authority_configuration), h = q(window.location.href).session_state, a = await I(t.service_worker_relative_url, n.configurationName);
|
|
@@ -810,7 +814,7 @@ const xe = (n) => {
|
|
|
810
814
|
if (u && u.extras)
|
|
811
815
|
for (const [v, O] of Object.entries(u.extras))
|
|
812
816
|
v.endsWith(":token_request") && (k[v.replace(":token_request", "")] = O);
|
|
813
|
-
const w = await
|
|
817
|
+
const w = await Ke(_)(l.tokenEndpoint, { ...g, ...k }, n.configuration.token_renew_mode, r);
|
|
814
818
|
if (!w.success)
|
|
815
819
|
throw new Error("Token request failed");
|
|
816
820
|
let S;
|
|
@@ -831,11 +835,11 @@ const xe = (n) => {
|
|
|
831
835
|
}, ie = {
|
|
832
836
|
access_token: "access_token",
|
|
833
837
|
refresh_token: "refresh_token"
|
|
834
|
-
},
|
|
838
|
+
}, Ge = (n) => async (e) => {
|
|
835
839
|
M.clearTimeout(n.timeoutId), n.timeoutId = null, n.checkSessionIFrame && n.checkSessionIFrame.stop();
|
|
836
840
|
const t = await I(n.configuration.service_worker_relative_url, n.configurationName);
|
|
837
841
|
t ? await t.clearAsync(e) : await P(n.configurationName, n.configuration.storage).clearAsync(e), n.tokens = null, n.userInfo = null;
|
|
838
|
-
},
|
|
842
|
+
}, Je = (n, e, t, s, i) => async (o = void 0, r = null) => {
|
|
839
843
|
const l = n.configuration, c = await n.initAsync(l.authority, l.authority_configuration);
|
|
840
844
|
o && typeof o != "string" && (o = void 0, i.warn("callbackPathOrUrl path is not a string"));
|
|
841
845
|
const h = o ?? location.pathname + (location.search || "") + (location.hash || "");
|
|
@@ -875,7 +879,7 @@ const xe = (n) => {
|
|
|
875
879
|
s.location.href = `${c.endSessionEndpoint}${y}`;
|
|
876
880
|
} else
|
|
877
881
|
s.location.reload();
|
|
878
|
-
},
|
|
882
|
+
}, He = (n) => async (e = !1) => {
|
|
879
883
|
if (n.userInfo != null && !e)
|
|
880
884
|
return n.userInfo;
|
|
881
885
|
for (; n.tokens && !G(n.tokens); )
|
|
@@ -894,16 +898,16 @@ const xe = (n) => {
|
|
|
894
898
|
return c.status !== 200 ? null : c.json();
|
|
895
899
|
})(t);
|
|
896
900
|
return n.userInfo = r, r;
|
|
897
|
-
},
|
|
901
|
+
}, Xe = () => fetch;
|
|
898
902
|
class z {
|
|
899
903
|
constructor(e) {
|
|
900
904
|
this.authorizationEndpoint = e.authorization_endpoint, this.tokenEndpoint = e.token_endpoint, this.revocationEndpoint = e.revocation_endpoint, this.userInfoEndpoint = e.userinfo_endpoint, this.checkSessionIframe = e.check_session_iframe, this.issuer = e.issuer, this.endSessionEndpoint = e.end_session_endpoint;
|
|
901
905
|
}
|
|
902
906
|
}
|
|
903
|
-
const N = {},
|
|
907
|
+
const N = {}, ze = (n) => (e, t = "default") => (N[t] || (N[t] = new x(e, t, n)), N[t]), Ye = async (n) => {
|
|
904
908
|
const { parsedTokens: e, callbackPath: t } = await n.loginCallbackAsync();
|
|
905
909
|
return n.timeoutId = V(n, e.refreshToken, e.expiresAt), { callbackPath: t };
|
|
906
|
-
},
|
|
910
|
+
}, Qe = (n) => Math.floor(Math.random() * n), L = class L {
|
|
907
911
|
constructor(e, t = "default", s) {
|
|
908
912
|
this.initPromise = null, this.tryKeepExistingSessionPromise = null, this.loginPromise = null, this.loginCallbackPromise = null, this.loginCallbackWithAutoTokensRenewPromise = null, this.userInfoPromise = null, this.renewTokensPromise = null, this.logoutPromise = null;
|
|
909
913
|
let i = e.silent_login_uri;
|
|
@@ -916,10 +920,10 @@ const N = {}, Xe = (n) => (e, t = "default") => (N[t] || (N[t] = new x(e, t, n))
|
|
|
916
920
|
refresh_time_before_tokens_expiration_in_second: o,
|
|
917
921
|
silent_login_timeout: e.silent_login_timeout ?? 12e3,
|
|
918
922
|
token_renew_mode: e.token_renew_mode ?? j.access_token_or_id_token_invalid
|
|
919
|
-
}, this.getFetch = s ??
|
|
923
|
+
}, this.getFetch = s ?? Xe, this.configurationName = t, this.tokens = null, this.userInfo = null, this.events = [], this.timeoutId = null, this.synchroniseTokensAsync.bind(this), this.loginCallbackWithAutoTokensRenewAsync.bind(this), this.initAsync.bind(this), this.loginCallbackAsync.bind(this), this.subscribeEvents.bind(this), this.removeEventSubscription.bind(this), this.publishEvent.bind(this), this.destroyAsync.bind(this), this.logoutAsync.bind(this), this.renewTokensAsync.bind(this), this.initAsync(this.configuration.authority, this.configuration.authority_configuration);
|
|
920
924
|
}
|
|
921
925
|
subscribeEvents(e) {
|
|
922
|
-
const t =
|
|
926
|
+
const t = Qe(9999999999999).toString();
|
|
923
927
|
return this.events.push({ id: t, func: e }), t;
|
|
924
928
|
}
|
|
925
929
|
removeEventSubscription(e) {
|
|
@@ -972,7 +976,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
972
976
|
issuer: t.issuer
|
|
973
977
|
});
|
|
974
978
|
const o = await I(this.configuration.service_worker_relative_url, this.configurationName) ? window.localStorage : null;
|
|
975
|
-
return await
|
|
979
|
+
return await Ve(this.getFetch())(e, this.configuration.authority_time_cache_wellknowurl_in_second ?? 60 * 60, o, this.configuration.authority_timeout_wellknowurl_in_millisecond);
|
|
976
980
|
};
|
|
977
981
|
return this.initPromise = s(), this.initPromise.then((i) => (this.initPromise = null, i));
|
|
978
982
|
}
|
|
@@ -1029,21 +1033,17 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1029
1033
|
return this.tryKeepExistingSessionPromise = e(), this.tryKeepExistingSessionPromise.then((t) => (this.tryKeepExistingSessionPromise = null, t));
|
|
1030
1034
|
}
|
|
1031
1035
|
async startCheckSessionAsync(e, t, s, i = !1) {
|
|
1032
|
-
await
|
|
1036
|
+
await Ee(this, N, this.configuration)(e, t, s, i);
|
|
1033
1037
|
}
|
|
1034
1038
|
async loginAsync(e = void 0, t = null, s = !1, i = void 0, o = !1) {
|
|
1035
|
-
return this.loginPromise !== null ? this.loginPromise : o ?
|
|
1039
|
+
return this.loginPromise !== null ? this.loginPromise : o ? be(window, this.configurationName, this.configuration, this.publishEvent.bind(this), this)(t, i) : (this.loginPromise = qe(window, this.configurationName, this.configuration, this.publishEvent.bind(this), this.initAsync.bind(this))(e, t, s, i), this.loginPromise.then((r) => (this.loginPromise = null, r)));
|
|
1036
1040
|
}
|
|
1037
1041
|
async loginCallbackAsync(e = !1) {
|
|
1038
1042
|
if (this.loginCallbackPromise !== null)
|
|
1039
1043
|
return this.loginCallbackPromise;
|
|
1040
1044
|
const t = async () => {
|
|
1041
|
-
const s = await
|
|
1042
|
-
|
|
1043
|
-
P(this.configurationName, this.configuration.storage).setTokens(i);
|
|
1044
|
-
else if (!i.fromServiceWorker)
|
|
1045
|
-
throw Error("security issue, parsedTokens.fromServiceWorker is not defined");
|
|
1046
|
-
return this.publishEvent(L.eventNames.token_aquired, i), { parsedTokens: i, state: s.state, callbackPath: s.callbackPath };
|
|
1045
|
+
const s = await je(this)(e), i = s.tokens;
|
|
1046
|
+
return this.tokens = i, await I(this.configuration.service_worker_relative_url, this.configurationName) || P(this.configurationName, this.configuration.storage).setTokens(i), this.publishEvent(L.eventNames.token_aquired, i), { parsedTokens: i, state: s.state, callbackPath: s.callbackPath };
|
|
1047
1047
|
};
|
|
1048
1048
|
return this.loginCallbackPromise = t(), this.loginCallbackPromise.then((s) => (this.loginCallbackPromise = null, s));
|
|
1049
1049
|
}
|
|
@@ -1105,7 +1105,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1105
1105
|
redirect_uri: k,
|
|
1106
1106
|
grant_type: "refresh_token",
|
|
1107
1107
|
refresh_token: y.refreshToken
|
|
1108
|
-
}, v = await this.initAsync(w, a.authority_configuration), O = document.hidden ? 1e4 : 3e4 * 10, C = await
|
|
1108
|
+
}, v = await this.initAsync(w, a.authority_configuration), O = document.hidden ? 1e4 : 3e4 * 10, C = await Me(this.getFetch())(v.tokenEndpoint, T, p, y, a.token_renew_mode, O);
|
|
1109
1109
|
if (C.success) {
|
|
1110
1110
|
const { isValid: fe, reason: ye } = ce(C.data, d.nonce, v);
|
|
1111
1111
|
return fe ? (o(C.data), this.publishEvent(m.refreshTokensAsync_end, { success: C.success }), this.publishEvent(L.eventNames.token_renewed, { reason: "REFRESH_TOKEN" }), { tokens: C.data, status: "LOGGED_IN" }) : (o(null), this.publishEvent(m.refreshTokensAsync_error, { message: `refresh token return not valid tokens, reason: ${ye}` }), { tokens: null, status: "SESSION_LOST" });
|
|
@@ -1157,10 +1157,10 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1157
1157
|
return i ? { tokens: s, status: "FORCE_REFRESH", nonce: r } : { tokens: s, status: a, nonce: r };
|
|
1158
1158
|
}
|
|
1159
1159
|
loginCallbackWithAutoTokensRenewAsync() {
|
|
1160
|
-
return this.loginCallbackWithAutoTokensRenewPromise !== null ? this.loginCallbackWithAutoTokensRenewPromise : (this.loginCallbackWithAutoTokensRenewPromise =
|
|
1160
|
+
return this.loginCallbackWithAutoTokensRenewPromise !== null ? this.loginCallbackWithAutoTokensRenewPromise : (this.loginCallbackWithAutoTokensRenewPromise = Ye(this), this.loginCallbackWithAutoTokensRenewPromise.then((e) => (this.loginCallbackWithAutoTokensRenewPromise = null, e)));
|
|
1161
1161
|
}
|
|
1162
1162
|
userInfoAsync(e = !1) {
|
|
1163
|
-
return this.userInfoPromise !== null ? this.userInfoPromise : (this.userInfoPromise =
|
|
1163
|
+
return this.userInfoPromise !== null ? this.userInfoPromise : (this.userInfoPromise = He(this)(e), this.userInfoPromise.then((t) => (this.userInfoPromise = null, t)));
|
|
1164
1164
|
}
|
|
1165
1165
|
async renewTokensAsync(e = null) {
|
|
1166
1166
|
if (this.renewTokensPromise !== null)
|
|
@@ -1169,7 +1169,7 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1169
1169
|
return M.clearTimeout(this.timeoutId), this.renewTokensPromise = de(this, this.tokens.refreshToken, !0, e), this.renewTokensPromise.then((t) => (this.renewTokensPromise = null, t));
|
|
1170
1170
|
}
|
|
1171
1171
|
async destroyAsync(e) {
|
|
1172
|
-
return await
|
|
1172
|
+
return await Ge(this)(e);
|
|
1173
1173
|
}
|
|
1174
1174
|
async logoutSameTabAsync(e, t) {
|
|
1175
1175
|
this.configuration.monitor_session && this.configuration.client_id === e && t && this.tokens && this.tokens.idTokenPayload && this.tokens.idTokenPayload.sub === t && (this.publishEvent(m.logout_from_same_tab, { message: t }), await this.destroyAsync("LOGGED_OUT"));
|
|
@@ -1178,10 +1178,10 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
1178
1178
|
this.configuration.monitor_session && this.configuration.client_id === e && t && this.tokens && this.tokens.idTokenPayload && this.tokens.idTokenPayload.sub === t && (await this.destroyAsync("LOGGED_OUT"), this.publishEvent(m.logout_from_another_tab, { message: "SessionMonitor", sub: t }));
|
|
1179
1179
|
}
|
|
1180
1180
|
async logoutAsync(e = void 0, t = null) {
|
|
1181
|
-
return this.logoutPromise ? this.logoutPromise : (this.logoutPromise =
|
|
1181
|
+
return this.logoutPromise ? this.logoutPromise : (this.logoutPromise = Je(this, N, this.getFetch(), window, console)(e, t), this.logoutPromise.then((s) => (this.logoutPromise = null, s)));
|
|
1182
1182
|
}
|
|
1183
1183
|
};
|
|
1184
|
-
L.getOrCreate = (e) => (t, s = "default") =>
|
|
1184
|
+
L.getOrCreate = (e) => (t, s = "default") => ze(e)(t, s), L.eventNames = m;
|
|
1185
1185
|
let x = L;
|
|
1186
1186
|
const R = class R {
|
|
1187
1187
|
constructor(e) {
|
|
@@ -1224,7 +1224,7 @@ const R = class R {
|
|
|
1224
1224
|
return this._oidc.configuration;
|
|
1225
1225
|
}
|
|
1226
1226
|
async getValidTokenAsync(e = 200, t = 50) {
|
|
1227
|
-
return
|
|
1227
|
+
return Ae(this._oidc, e, t);
|
|
1228
1228
|
}
|
|
1229
1229
|
async userInfoAsync(e = !1) {
|
|
1230
1230
|
return this._oidc.userInfoAsync(e);
|
|
@@ -1235,7 +1235,7 @@ let re = R;
|
|
|
1235
1235
|
export {
|
|
1236
1236
|
re as OidcClient,
|
|
1237
1237
|
j as TokenRenewMode,
|
|
1238
|
-
|
|
1238
|
+
Xe as getFetchDefault,
|
|
1239
1239
|
q as getParseQueryStringFromLocation,
|
|
1240
|
-
|
|
1240
|
+
Ze as getPath
|
|
1241
1241
|
};
|
package/dist/index.umd.cjs
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
(function(b,j){typeof exports=="object"&&typeof module<"u"?j(exports):typeof define=="function"&&define.amd?define(["exports"],j):(b=typeof globalThis<"u"?globalThis:b||self,j(b["oidc-client"]={}))})(this,function(b){"use strict";const F=console;class ke{constructor(e,t,s,i=2e3,o=!0){this._callback=e,this._client_id=t,this._url=s,this._interval=i||2e3,this._stopOnError=o;const r=s.indexOf("/",s.indexOf("//")+2);this._frame_origin=s.substr(0,r),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.style.display="none",this._frame.width=0,this._frame.height=0,this._frame.src=s}load(){return new Promise(e=>{this._frame.onload=()=>{e()},window.document.body.appendChild(this._frame),this._boundMessageEvent=this._message.bind(this),window.addEventListener("message",this._boundMessageEvent,!1)})}_message(e){e.origin===this._frame_origin&&e.source===this._frame.contentWindow&&(e.data==="error"?(F.error("CheckSessionIFrame: error message from check session op iframe"),this._stopOnError&&this.stop()):e.data==="changed"?(F.debug(e),F.debug("CheckSessionIFrame: changed message from check session op iframe"),this.stop(),this._callback()):F.debug("CheckSessionIFrame: "+e.data+" message from check session op iframe"))}start(e){F.debug("CheckSessionIFrame.start :"+e),this.stop();const t=()=>{this._frame.contentWindow.postMessage(this._client_id+" "+e,this._frame_origin)};t(),this._timer=window.setInterval(t,this._interval)}stop(){this._timer&&(F.debug("CheckSessionIFrame.stop"),window.clearInterval(this._timer),this._timer=null)}}const m={service_worker_not_supported_by_browser:"service_worker_not_supported_by_browser",token_aquired:"token_aquired",logout_from_another_tab:"logout_from_another_tab",logout_from_same_tab:"logout_from_same_tab",token_renewed:"token_renewed",token_timer:"token_timer",loginAsync_begin:"loginAsync_begin",loginAsync_error:"loginAsync_error",loginCallbackAsync_begin:"loginCallbackAsync_begin",loginCallbackAsync_end:"loginCallbackAsync_end",loginCallbackAsync_error:"loginCallbackAsync_error",refreshTokensAsync_begin:"refreshTokensAsync_begin",refreshTokensAsync:"refreshTokensAsync",refreshTokensAsync_end:"refreshTokensAsync_end",refreshTokensAsync_error:"refreshTokensAsync_error",refreshTokensAsync_silent_error:"refreshTokensAsync_silent_error",tryKeepExistingSessionAsync_begin:"tryKeepExistingSessionAsync_begin",tryKeepExistingSessionAsync_end:"tryKeepExistingSessionAsync_end",tryKeepExistingSessionAsync_error:"tryKeepExistingSessionAsync_error",silentLoginAsync_begin:"silentLoginAsync_begin",silentLoginAsync:"silentLoginAsync",silentLoginAsync_end:"silentLoginAsync_end",silentLoginAsync_error:"silentLoginAsync_error",syncTokensAsync_begin:"syncTokensAsync_begin",syncTokensAsync_end:"syncTokensAsync_end",syncTokensAsync_error:"syncTokensAsync_error"},I=(n,e=sessionStorage)=>{const t=k=>(e[`oidc.${n}`]=JSON.stringify({tokens:null,status:k}),Promise.resolve()),s=async()=>{if(!e[`oidc.${n}`])return e[`oidc.${n}`]=JSON.stringify({tokens:null,status:null}),{tokens:null,status:null};const k=JSON.parse(e[`oidc.${n}`]);return Promise.resolve({tokens:k.tokens,status:k.status})},i=k=>{e[`oidc.${n}`]=JSON.stringify({tokens:k})},o=async k=>{e[`oidc.session_state.${n}`]=k},r=async()=>e[`oidc.session_state.${n}`],l=k=>{localStorage[`oidc.nonce.${n}`]=k.nonce},c=async()=>({nonce:localStorage[`oidc.nonce.${n}`]}),h=()=>e[`oidc.${n}`]?JSON.stringify({tokens:JSON.parse(e[`oidc.${n}`]).tokens}):null;let a=null;return{clearAsync:t,initAsync:s,setTokens:i,getTokens:h,setSessionStateAsync:o,getSessionStateAsync:r,setNonceAsync:l,getNonceAsync:c,setLoginParams:(k,w)=>{a=w,e[`oidc.login.${k}`]=JSON.stringify(w)},getLoginParams:k=>{const w=e[`oidc.login.${k}`];return a||(a=JSON.parse(w)),a},getStateAsync:async()=>e[`oidc.state.${n}`],setStateAsync:async k=>{e[`oidc.state.${n}`]=k},getCodeVerifierAsync:async()=>e[`oidc.code_verifier.${n}`],setCodeVerifierAsync:async k=>{e[`oidc.code_verifier.${n}`]=k}}},me=n=>decodeURIComponent(Array.prototype.map.call(atob(n),e=>"%"+("00"+e.charCodeAt(0).toString(16)).slice(-2)).join("")),pe=n=>JSON.parse(me(n.split(".")[1].replace("-","+").replace("_","/"))),te=n=>{try{return n&&we(n,".")===2?pe(n):null}catch(e){console.warn(e)}return null},we=(n,e)=>n.split(e).length-1,q={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"},se=(n,e=null,t)=>{if(!n)return null;let s;const i=typeof n.expiresIn=="string"?parseInt(n.expiresIn,10):n.expiresIn;if(n.issuedAt)typeof n.issuedAt=="string"&&(n.issuedAt=parseInt(n.issuedAt,10));else{const a=new Date().getTime()/1e3;n.issuedAt=a}n.accessTokenPayload!==void 0?s=n.accessTokenPayload:s=te(n.accessToken);const o=n.idTokenPayload?n.idTokenPayload:te(n.idToken),r=o&&o.exp?o.exp:Number.MAX_VALUE,l=s&&s.exp?s.exp:n.issuedAt+i;let c;n.expiresAt?c=n.expiresAt:t===q.access_token_invalid?c=l:t===q.id_token_invalid?c=r:c=r<l?r:l;const h={...n,idTokenPayload:o,accessTokenPayload:s,expiresAt:c};if(e!=null&&"refreshToken"in e&&!("refreshToken"in n)){const a=e.refreshToken;return{...h,refreshToken:a}}return h},H=(n,e,t)=>{if(!n)return null;if(!n.issued_at){const i=new Date().getTime()/1e3;n.issued_at=i}const s={accessToken:n.access_token,expiresIn:n.expires_in,idToken:n.id_token,scope:n.scope,tokenType:n.token_type,issuedAt:n.issued_at};return"refresh_token"in n&&(s.refreshToken=n.refresh_token),n.accessTokenPayload!==void 0&&(s.accessTokenPayload=n.accessTokenPayload),n.idTokenPayload!==void 0&&(s.idTokenPayload=n.idTokenPayload),n.fromServiceWorker!==void 0&&(s.fromServiceWorker=n.fromServiceWorker),se(s,e,t)},M=(n,e)=>{const t=new Date().getTime()/1e3;return Math.round(e-n-t)},X=n=>n?M(0,n.expiresAt)>0:!1,Ae=async(n,e=200,t=50)=>{let s=t;if(!n.tokens)return null;for(;!X(n.tokens)&&s>0;)await x(e),s=s-1;return{isTokensValid:X(n.tokens),tokens:n.tokens,numberWaited:s-t}},oe=(n,e,t)=>{if(n.idTokenPayload){const s=n.idTokenPayload;if(t.issuer!==s.iss)return{isValid:!1,reason:`Issuer does not match (oidcServerConfiguration issuer) ${t.issuer} !== (idTokenPayload issuer) ${s.iss}`};const i=new Date().getTime()/1e3;if(s.exp&&s.exp<i)return{isValid:!1,reason:`Token expired (idTokenPayload exp) ${s.exp} < (currentTimeUnixSecond) ${i}`};const o=60*60*24*7;if(s.iat&&s.iat+o<i)return{isValid:!1,reason:`Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${s.iat+o} < (currentTimeUnixSecond) ${i}`};if(s.nonce&&s.nonce!==e)return{isValid:!1,reason:`Nonce does not match (idTokenPayload nonce) ${s.nonce} !== (nonce) ${e}`}}return{isValid:!0,reason:""}},V=function(){const n=function(){let c,h;const a=(function(){const f={},u={setTimeout:function(d,g,k){f[g]=setTimeout(function(){d.postMessage(g),f[g]=null},k)},setInterval:function(d,g,k){f[g]=setInterval(function(){d.postMessage(g)},k)},clearTimeout:function(d,g){clearTimeout(f[g]),f[g]=null},clearInterval:function(d,g){clearInterval(f[g]),f[g]=null}};function y(d,g){const k=g.data[0],w=g.data[1],S=g.data[2];u[k]&&u[k](d,w,S)}this.onmessage=function(d){y(self,d)},this.onconnect=function(d){const g=d.ports[0];g.onmessage=function(k){y(g,k)}}}).toString();try{const f=new Blob(["(",a,")()"],{type:"application/javascript"});h=URL.createObjectURL(f)}catch{return null}const _=typeof process>"u";try{if(SharedWorker)return c=new SharedWorker(h),c.port}catch{_&&console.warn("SharedWorker not available")}try{if(Worker)return c=new Worker(h),c}catch{_&&console.warn("Worker not available")}return null}();if(!n){const c=typeof window>"u"?global:window;return{setTimeout:setTimeout.bind(c),clearTimeout:clearTimeout.bind(c),setInterval:setInterval.bind(c),clearInterval:clearInterval.bind(c)}}const e=function(){let c=0;return function(){return c++,c}}(),t={},s={};n.onmessage=function(c){const h=c.data,a=t[h];if(a){a(),t[h]=null;return}const _=s[h];_&&_()};function i(c,h){const a=e();return n.postMessage(["setTimeout",a,h]),t[a]=c,a}function o(c){n.postMessage(["clearTimeout",c]),t[c]=null}function r(c,h){const a=e();return n.postMessage(["setInterval",a,h]),s[a]=c,a}function l(c){n.postMessage(["clearInterval",c]),s[c]=null}return{setTimeout:i,clearTimeout:o,setInterval:r,clearInterval:l}}(),ie="7.4.0",re=n=>{const e=n.appVersion,t=n.userAgent,s="-";let i=s;const o=[{s:"Windows 10",r:/(Windows 10.0|Windows NT 10.0)/},{s:"Windows 8.1",r:/(Windows 8.1|Windows NT 6.3)/},{s:"Windows 8",r:/(Windows 8|Windows NT 6.2)/},{s:"Windows 7",r:/(Windows 7|Windows NT 6.1)/},{s:"Windows Vista",r:/Windows NT 6.0/},{s:"Windows Server 2003",r:/Windows NT 5.2/},{s:"Windows XP",r:/(Windows NT 5.1|Windows XP)/},{s:"Windows 2000",r:/(Windows NT 5.0|Windows 2000)/},{s:"Windows ME",r:/(Win 9x 4.90|Windows ME)/},{s:"Windows 98",r:/(Windows 98|Win98)/},{s:"Windows 95",r:/(Windows 95|Win95|Windows_95)/},{s:"Windows NT 4.0",r:/(Windows NT 4.0|WinNT4.0|WinNT|Windows NT)/},{s:"Windows CE",r:/Windows CE/},{s:"Windows 3.11",r:/Win16/},{s:"Android",r:/Android/},{s:"Open BSD",r:/OpenBSD/},{s:"Sun OS",r:/SunOS/},{s:"Chrome OS",r:/CrOS/},{s:"Linux",r:/(Linux|X11(?!.*CrOS))/},{s:"iOS",r:/(iPhone|iPad|iPod)/},{s:"Mac OS X",r:/Mac OS X/},{s:"Mac OS",r:/(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/},{s:"QNX",r:/QNX/},{s:"UNIX",r:/UNIX/},{s:"BeOS",r:/BeOS/},{s:"OS/2",r:/OS\/2/},{s:"Search Bot",r:/(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/}];for(const l in o){const c=o[l];if(c.r.test(t)){i=c.s;break}}let r=s;switch(/Windows/.test(i)&&(r=/Windows (.*)/.exec(i)[1],i="Windows"),i){case"Mac OS":case"Mac OS X":case"Android":r=/(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(t)[1];break;case"iOS":{const l=/OS (\d+)_(\d+)_?(\d+)?/.exec(e);r=l[1]+"."+l[2]+"."+(parseInt(l[3])|0);break}}return{os:i,osVersion:r}};function ve(){const n=navigator.userAgent;let e,t=n.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i)||[];if(/trident/i.test(t[1]))return e=/\brv[ :]+(\d+)/g.exec(n)||[],{name:"ie",version:e[1]||""};if(t[1]==="Chrome"&&(e=n.match(/\bOPR|Edge\/(\d+)/),e!=null)){let s=e[1];if(!s){const i=n.split(e[0]+"/");i.length>1&&(s=i[1])}return{name:"opera",version:s}}return t=t[2]?[t[1],t[2]]:[navigator.appName,navigator.appVersion,"-?"],(e=n.match(/version\/(\d+)/i))!=null&&t.splice(1,1,e[1]),{name:t[0].toLowerCase(),version:t[1]}}let ae=null;const x=n=>new Promise(e=>V.setTimeout(e,n));let G;const ce=()=>{try{const e=re(navigator).os==="Android"?240:150;G=new AbortController,fetch(`/OidcKeepAliveServiceWorker.json?minSleepSeconds=${e}`,{signal:G.signal}).catch(s=>{console.log(s)}),x(e*1e3).then(ce)}catch(n){console.log(n)}},le=()=>{G&&G.abort()},Se=()=>fetch("/OidcKeepAliveServiceWorker.json",{headers:{"oidc-vanilla":"true"}}).then(n=>n.statusText==="oidc-service-worker").catch(n=>{console.log(n)}),Te=n=>!!(n.os==="iOS"&&n.osVersion.startsWith("12")||n.os==="Mac OS X"&&n.osVersion.startsWith("10_15_6")),E=n=>e=>new Promise(function(t,s){const i=new MessageChannel;i.port1.onmessage=function(o){o.data&&o.data.error?s(o.data.error):t(o.data)},n.active.postMessage(e,[i.port2])}),O=async(n,e)=>{if(typeof window>"u"||typeof navigator>"u"||!navigator.serviceWorker||!n)return null;const{name:t,version:s}=ve();if(t==="chrome"&&parseInt(s)<=70||t==="opera"&&(!s||parseInt(s.split(".")[0])<80)||t==="ie")return null;const i=re(navigator);if(Te(i))return null;const o=await navigator.serviceWorker.register(n);try{await navigator.serviceWorker.ready}catch{return null}const r=async p=>E(o)({type:"clear",data:{status:p},configurationName:e}),l=async(p,A,T)=>{const v=await E(o)({type:"init",data:{oidcServerConfiguration:p,where:A,oidcConfiguration:{token_renew_mode:T.token_renew_mode,service_worker_convert_all_requests_to_cors:T.service_worker_convert_all_requests_to_cors}},configurationName:e}),N=v.version;if(N!==ie)if(console.warn(`Service worker ${N} version mismatch with js client version ${ie}, unregistering and reloading`),T.service_worker_update_require_callback)await T.service_worker_update_require_callback(o,le);else{le(),await o.update();const W=await o.unregister();console.log(`Service worker unregistering ${W}`),await x(2e3),window.location.reload()}return{tokens:H(v.tokens,null,T.token_renew_mode),status:v.status}},c=()=>{ae==null&&(ae="not_null",ce())},h=p=>E(o)({type:"setSessionState",data:{sessionState:p},configurationName:e}),a=async()=>(await E(o)({type:"getSessionState",data:null,configurationName:e})).sessionState,_=p=>(sessionStorage["oidc.nonce"]=p.nonce,E(o)({type:"setNonce",data:{nonce:p},configurationName:e})),f=async()=>{let A=(await E(o)({type:"getNonce",data:null,configurationName:e})).nonce;return A||(A=sessionStorage["oidc.nonce"],console.warn("nonce not found in service worker, using sessionStorage")),{nonce:A}};let u=null;return{clearAsync:r,initAsync:l,startKeepAliveServiceWorker:c,isServiceWorkerProxyActiveAsync:Se,setSessionStateAsync:h,getSessionStateAsync:a,setNonceAsync:_,getNonceAsync:f,setLoginParams:(p,A)=>{u=A,localStorage[`oidc.login.${p}`]=JSON.stringify(A)},getLoginParams:p=>{const A=localStorage[`oidc.login.${p}`];return u||(u=JSON.parse(A)),u},getStateAsync:async()=>{let A=(await E(o)({type:"getState",data:null,configurationName:e})).state;return A||(A=sessionStorage[`oidc.state.${e}`],console.warn("state not found in service worker, using sessionStorage")),A},setStateAsync:async p=>(sessionStorage[`oidc.state.${e}`]=p,E(o)({type:"setState",data:{state:p},configurationName:e})),getCodeVerifierAsync:async()=>{let A=(await E(o)({type:"getCodeVerifier",data:null,configurationName:e})).codeVerifier;return A||(A=sessionStorage[`oidc.code_verifier.${e}`],console.warn("codeVerifier not found in service worker, using sessionStorage")),A},setCodeVerifierAsync:async p=>(sessionStorage[`oidc.code_verifier.${e}`]=p,E(o)({type:"setCodeVerifier",data:{codeVerifier:p},configurationName:e}))}};async function ue(n,e,t=!1,s=null){const i=c=>{n.tokens=c},{tokens:o,status:r}=await n.synchroniseTokensAsync(e,0,t,s,i);if(await O(n.configuration.service_worker_relative_url,n.configurationName)||await I(n.configurationName,n.configuration.storage).setTokens(n.tokens),!n.tokens){await n.destroyAsync(r);return}return n.timeoutId&&(n.timeoutId=U(n,o.refreshToken,n.tokens.expiresAt,s)),n.tokens}const U=(n,e,t,s=null)=>{const i=n.configuration.refresh_time_before_tokens_expiration_in_second;return V.setTimeout(async()=>{const r={timeLeft:M(i,t)};n.publishEvent($.eventNames.token_timer,r),await ue(n,e,!1,s)},1e3)},z=(n,e,t)=>(s=null,i=null,o=null)=>{if(!e.silent_redirect_uri||!e.silent_login_uri)return Promise.resolve(null);try{t(m.silentLoginAsync_begin,{});let r="";if(i&&(s==null&&(s={}),s.state=i),o&&(s==null&&(s={}),s.scope=o),s!=null)for(const[_,f]of Object.entries(s))r===""?r=`?${encodeURIComponent(_)}=${encodeURIComponent(f)}`:r+=`&${encodeURIComponent(_)}=${encodeURIComponent(f)}`;const l=e.silent_login_uri+r,c=l.indexOf("/",l.indexOf("//")+2),h=l.substr(0,c),a=document.createElement("iframe");return a.width="0px",a.height="0px",a.id=`${n}_oidc_iframe`,a.setAttribute("src",l),document.body.appendChild(a),new Promise((_,f)=>{try{let u=!1;window.onmessage=d=>{if(d.origin===h&&d.source===a.contentWindow){const g=`${n}_oidc_tokens:`,k=`${n}_oidc_error:`,w=d.data;if(w&&typeof w=="string"&&!u){if(w.startsWith(g)){const S=JSON.parse(d.data.replace(g,""));t(m.silentLoginAsync_end,{}),a.remove(),u=!0,_(S)}else if(w.startsWith(k)){const S=JSON.parse(d.data.replace(k,""));t(m.silentLoginAsync_error,S),a.remove(),u=!0,f(new Error("oidc_"+S.error))}}}};const y=e.silent_login_timeout;setTimeout(()=>{u||(t(m.silentLoginAsync_error,{reason:"timeout"}),a.remove(),u=!0,f(new Error("timeout")))},y)}catch(u){a.remove(),t(m.silentLoginAsync_error,u),f(u)}})}catch(r){throw t(m.silentLoginAsync_error,r),r}},be=(n,e,t,s,i)=>(o=null,r=void 0)=>{o={...o};const l=(h,a,_)=>z(e,t,s.bind(i))(h,a,_);return(async()=>{i.timeoutId&&V.clearTimeout(i.timeoutId);let h;o&&"state"in o&&(h=o.state,delete o.state);try{const a=t.extras?{...t.extras,...o}:o,_=await l({...a,prompt:"none"},h,r);if(_)return i.tokens=_.tokens,s(m.token_aquired,{}),i.timeoutId=U(i,i.tokens.refreshToken,i.tokens.expiresAt,o),{}}catch(a){return a}})()},Ee=(n,e,t)=>(s,i,o,r=!1)=>{const l=(c,h=void 0,a=void 0)=>z(n.configurationName,t,n.publishEvent.bind(n))(c,h,a);return new Promise((c,h)=>{if(t.silent_login_uri&&t.silent_redirect_uri&&t.monitor_session&&s&&o&&!r){const a=()=>{n.checkSessionIFrame.stop();const _=n.tokens;if(_===null)return;const f=_.idToken,u=_.idTokenPayload;return l({prompt:"none",id_token_hint:f,scope:t.scope||"openid"}).then(y=>{const d=y.tokens.idTokenPayload;if(u.sub===d.sub){const g=y.sessionState;n.checkSessionIFrame.start(y.sessionState),u.sid===d.sid?console.debug("SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",g):console.debug("SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:",g)}else console.debug("SessionMonitor._callback: Different subject signed into OP:",d.sub)}).catch(async y=>{console.warn("SessionMonitor._callback: Silent login failed, logging out other tabs:",y);for(const[d,g]of Object.entries(e))await g.logoutOtherTabAsync(t.client_id,u.sub)})};n.checkSessionIFrame=new ke(a,i,s),n.checkSessionIFrame.load().then(()=>{n.checkSessionIFrame.start(o),c(n.checkSessionIFrame)}).catch(_=>{h(_)})}else c(null)})};for(var Pe=Le,P=[],de="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",J=0,Ie=de.length;J<Ie;++J)P[J]=de[J];function Oe(n){return P[n>>18&63]+P[n>>12&63]+P[n>>6&63]+P[n&63]}function Ce(n,e,t){for(var s,i=[],o=e;o<t;o+=3)s=(n[o]<<16&16711680)+(n[o+1]<<8&65280)+(n[o+2]&255),i.push(Oe(s));return i.join("")}function Le(n){for(var e,t=n.length,s=t%3,i=[],o=16383,r=0,l=t-s;r<l;r+=o)i.push(Ce(n,r,r+o>l?l:r+o));return s===1?(e=n[t-1],i.push(P[e>>2]+P[e<<4&63]+"==")):s===2&&(e=(n[t-2]<<8)+n[t-1],i.push(P[e>>10]+P[e>>4&63]+P[e<<2&63]+"=")),i.join("")}const he=()=>{const n=typeof window<"u"&&!!window.crypto,e=n&&!!window.crypto.subtle;return{hasCrypto:n,hasSubtleCrypto:e}},Y="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",Ne=n=>{const e=[];for(let t=0;t<n.byteLength;t+=1){const s=n[t]%Y.length;e.push(Y[s])}return e.join("")},We=n=>Pe(new Uint8Array(n)).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,""),Q=n=>{const e=new Uint8Array(n),{hasCrypto:t}=he();if(t)window.crypto.getRandomValues(e);else for(let s=0;s<n;s+=1)e[s]=Math.random()*Y.length|0;return Ne(e)};function xe(n){const e=new ArrayBuffer(n.length),t=new Uint8Array(e);for(let s=0;s<n.length;s++)t[s]=n.charCodeAt(s);return t}const $e=n=>{if(n.length<43||n.length>128)return Promise.reject(new Error("Invalid code length."));const{hasSubtleCrypto:e}=he();return e?new Promise((t,s)=>{crypto.subtle.digest("SHA-256",xe(n)).then(i=>t(We(new Uint8Array(i))),i=>s(i))}):Promise.reject(new Error("window.crypto.subtle is unavailable."))},R={},Fe=(n,e=window.sessionStorage,t)=>{if(!R[n]&&e){const i=e.getItem(n);i&&(R[n]=JSON.parse(i))}const s=1e3*t;return R[n]&&R[n].timestamp+s>Date.now()?R[n].result:null},Re=(n,e,t=window.sessionStorage)=>{const s=Date.now();R[n]={result:e,timestamp:s},t&&t.setItem(n,JSON.stringify({result:e,timestamp:s}))},De=60*60,Me=n=>async(e,t=De,s=window.sessionStorage,i=1e4)=>{const o=`${e}/.well-known/openid-configuration`,r=`oidc.server:${e}`,l=Fe(r,s,t);if(l)return new ee(l);const c=await K(n)(o,{},i);if(c.status!==200)return null;const h=await c.json();return Re(r,h,s),new ee(h)},K=n=>async(e,t={},s=1e4,i=0)=>{let o;try{const r=new AbortController;setTimeout(()=>r.abort(),s),o=await n(e,{...t,signal:r.signal})}catch(r){if(r.name==="AbortError"||r.message==="Network request failed"){if(i<=1)return await K(n)(e,t,s,i+1);throw r}else throw console.error(r.message),r}return o},Z={refresh_token:"refresh_token",access_token:"access_token"},_e=n=>async(e,t,s=Z.refresh_token,i,o=1e4)=>{const r={token:t,token_type_hint:s,client_id:i},l=[];for(const a in r){const _=encodeURIComponent(a),f=encodeURIComponent(r[a]);l.push(`${_}=${f}`)}const c=l.join("&");return(await K(n)(e,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:c},o)).status!==200?{success:!1}:{success:!0}},Ve=n=>async(e,t,s,i,o,r=1e4)=>{for(const[_,f]of Object.entries(s))t[_]===void 0&&(t[_]=f);const l=[];for(const _ in t){const f=encodeURIComponent(_),u=encodeURIComponent(t[_]);l.push(`${f}=${u}`)}const c=l.join("&"),h=await K(n)(e,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:c},r);if(h.status!==200)return{success:!1,status:h.status};const a=await h.json();return{success:!0,data:H(a,i,o)}},Ue=n=>async(e,t)=>{t=t?{...t}:{};const s=Q(128),i=await $e(s);await n.setCodeVerifierAsync(s),await n.setStateAsync(t.state),t.code_challenge=i,t.code_challenge_method="S256";let o="";if(t)for(const[r,l]of Object.entries(t))o===""?o+="?":o+="&",o+=`${r}=${encodeURIComponent(l)}`;window.location.href=`${e}${o}`},Ke=n=>async(e,t,s,i=1e4)=>{t=t?{...t}:{},t.code_verifier=await n.getCodeVerifierAsync();const o=[];for(const h in t){const a=encodeURIComponent(h),_=encodeURIComponent(t[h]);o.push(`${a}=${_}`)}const r=o.join("&"),l=await K(fetch)(e,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:r},i);if(await Promise.all([n.setCodeVerifierAsync(null),n.setStateAsync(null)]),l.status!==200)return{success:!1,status:l.status};const c=await l.json();return{success:!0,data:{state:t.state,tokens:H(c,null,s)}}},fe=n=>{const e=n.match(/^([a-z][\w-]+\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/);if(!e)throw new Error("Invalid URL");let t=e[6],s=e[7];if(s){const i=s.split("?");i.length===2&&(s=i[0],t=i[1])}return t.startsWith("?")&&(t=t.slice(1)),e&&{href:n,protocol:e[1],host:e[2],hostname:e[3],port:e[4],path:e[5],search:t,hash:s}},Be=n=>{const e=fe(n);let{path:t}=e;t.endsWith("/")&&(t=t.slice(0,-1));let{hash:s}=e;return s==="#_=_"&&(s=""),s&&(t+=s),t},B=n=>{const e=fe(n),{search:t}=e;return je(t)},je=n=>{const e={};let t,s,i;const o=n.split("&");for(s=0,i=o.length;s<i;s++)t=o[s].split("="),e[decodeURIComponent(t[0])]=decodeURIComponent(t[1]);return e},qe=(n,e,t,s,i)=>(o=void 0,r=null,l=!1,c=void 0)=>{const h=r;return r={...r},(async()=>{const _=n.location,f=o||_.pathname+(_.search||"")+(_.hash||"");if("state"in r||(r.state=Q(16)),s(m.loginAsync_begin,{}),r)for(const u of Object.keys(r))u.endsWith(":token_request")&&delete r[u];try{const u=l?t.silent_redirect_uri:t.redirect_uri;c||(c=t.scope);const y=t.extras?{...t.extras,...r}:r;y.nonce||(y.nonce=Q(12));const d={nonce:y.nonce},g=await O(t.service_worker_relative_url,e),k=await i(t.authority,t.authority_configuration);let w;if(g)g.setLoginParams(e,{callbackPath:f,extras:h}),await g.initAsync(k,"loginAsync",t),await g.setNonceAsync(d),g.startKeepAliveServiceWorker(),w=g;else{const p=I(e,t.storage??sessionStorage);p.setLoginParams(e,{callbackPath:f,extras:h}),await p.setNonceAsync(d),w=p}const S={client_id:t.client_id,redirect_uri:u,scope:c,response_type:"code",...y};await Ue(w)(k.authorizationEndpoint,S)}catch(u){throw s(m.loginAsync_error,u),u}})()},Ge=n=>async(e=!1)=>{try{n.publishEvent(m.loginCallbackAsync_begin,{});const t=n.configuration,s=t.client_id,i=e?t.silent_redirect_uri:t.redirect_uri,o=t.authority,r=t.token_request_timeout,l=await n.initAsync(o,t.authority_configuration),h=B(window.location.href).session_state,a=await O(t.service_worker_relative_url,n.configurationName);let _,f,u,y;if(a)await a.initAsync(l,"loginCallbackAsync",t),await a.setSessionStateAsync(h),f=await a.getNonceAsync(),u=a.getLoginParams(n.configurationName),y=await a.getStateAsync(),a.startKeepAliveServiceWorker(),_=a;else{const v=I(n.configurationName,t.storage??sessionStorage);await v.setSessionStateAsync(h),f=await v.getNonceAsync(),u=v.getLoginParams(n.configurationName),y=await v.getStateAsync(),_=v}const d=B(window.location.toString());if(d.iss&&d.iss!==l.issuer)throw console.error(),new Error(`issuer not valid (expected: ${l.issuer}, received: ${d.iss})`);if(d.state&&d.state!==y)throw new Error(`state not valid (expected: ${y}, received: ${d.state})`);const g={code:d.code,grant_type:"authorization_code",client_id:t.client_id,redirect_uri:i},k={};if(t.token_request_extras)for(const[v,N]of Object.entries(t.token_request_extras))k[v]=N;if(u&&u.extras)for(const[v,N]of Object.entries(u.extras))v.endsWith(":token_request")&&(k[v.replace(":token_request","")]=N);const w=await Ke(_)(l.tokenEndpoint,{...g,...k},n.configuration.token_renew_mode,r);if(!w.success)throw new Error("Token request failed");let S;const p=w.data.tokens;if(a?(await a.initAsync(i,"syncTokensAsync",t),S=a.getLoginParams(n.configurationName)):S=I(n.configurationName,t.storage).getLoginParams(n.configurationName),w.data.state!==k.state)throw new Error("state is not valid");const{isValid:A,reason:T}=oe(p,f.nonce,l);if(!A)throw new Error(`Tokens are not OpenID valid, reason: ${T}`);return await n.startCheckSessionAsync(l.checkSessionIframe,s,h,e),n.publishEvent(m.loginCallbackAsync_end,{}),{tokens:p,state:"request.state",callbackPath:S.callbackPath}}catch(t){throw console.error(t),n.publishEvent(m.loginCallbackAsync_error,t),t}},ye={access_token:"access_token",refresh_token:"refresh_token"},Je=n=>async e=>{V.clearTimeout(n.timeoutId),n.timeoutId=null,n.checkSessionIFrame&&n.checkSessionIFrame.stop();const t=await O(n.configuration.service_worker_relative_url,n.configurationName);t?await t.clearAsync(e):await I(n.configurationName,n.configuration.storage).clearAsync(e),n.tokens=null,n.userInfo=null},He=(n,e,t,s,i)=>async(o=void 0,r=null)=>{const l=n.configuration,c=await n.initAsync(l.authority,l.authority_configuration);o&&typeof o!="string"&&(o=void 0,i.warn("callbackPathOrUrl path is not a string"));const h=o??location.pathname+(location.search||"")+(location.hash||"");let a=!1;o&&(a=o.includes("https://")||o.includes("http://"));const _=a?o:s.location.origin+h,f=n.tokens?n.tokens.idToken:"";try{const y=c.revocationEndpoint;if(y){const d=[],g=n.tokens.accessToken;if(g&&l.logout_tokens_to_invalidate.includes(ye.access_token)){const w=_e(t)(y,g,Z.access_token,l.client_id);d.push(w)}const k=n.tokens.refreshToken;if(k&&l.logout_tokens_to_invalidate.includes(ye.refresh_token)){const w=_e(t)(y,k,Z.refresh_token,l.client_id);d.push(w)}d.length>0&&await Promise.all(d)}}catch(y){i.warn("logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error"),i.warn(y)}const u=n.tokens&&n.tokens.idTokenPayload?n.tokens.idTokenPayload.sub:null;await n.destroyAsync("LOGGED_OUT");for(const[y,d]of Object.entries(e))d!==n&&await n.logoutSameTabAsync(n.configuration.client_id,u);if(c.endSessionEndpoint){r||(r={id_token_hint:f},o!==null&&(r.post_logout_redirect_uri=_));let y="";if(r)for(const[d,g]of Object.entries(r))y===""?y+="?":y+="&",y+=`${d}=${encodeURIComponent(g)}`;s.location.href=`${c.endSessionEndpoint}${y}`}else s.location.reload()},Xe=n=>async(e=!1)=>{if(n.userInfo!=null&&!e)return n.userInfo;for(;n.tokens&&!X(n.tokens);)await x(200);if(!n.tokens)return null;const t=n.tokens.accessToken;if(!t)return null;const i=(await n.initAsync(n.configuration.authority,n.configuration.authority_configuration)).userInfoEndpoint,r=await(async l=>{const c=await fetch(i,{headers:{authorization:`Bearer ${l}`}});return c.status!==200?null:c.json()})(t);return n.userInfo=r,r},ge=()=>fetch;class ee{constructor(e){this.authorizationEndpoint=e.authorization_endpoint,this.tokenEndpoint=e.token_endpoint,this.revocationEndpoint=e.revocation_endpoint,this.userInfoEndpoint=e.userinfo_endpoint,this.checkSessionIframe=e.check_session_iframe,this.issuer=e.issuer,this.endSessionEndpoint=e.end_session_endpoint}}const C={},ze=n=>(e,t="default")=>(C[t]||(C[t]=new $(e,t,n)),C[t]),Ye=async n=>{const{parsedTokens:e,callbackPath:t}=await n.loginCallbackAsync();return n.timeoutId=U(n,e.refreshToken,e.expiresAt),{callbackPath:t}},Qe=n=>Math.floor(Math.random()*n),L=class L{constructor(e,t="default",s){this.initPromise=null,this.tryKeepExistingSessionPromise=null,this.loginPromise=null,this.loginCallbackPromise=null,this.loginCallbackWithAutoTokensRenewPromise=null,this.userInfoPromise=null,this.renewTokensPromise=null,this.logoutPromise=null;let i=e.silent_login_uri;e.silent_redirect_uri&&!e.silent_login_uri&&(i=`${e.silent_redirect_uri.replace("-callback","").replace("callback","")}-login`);let o=e.refresh_time_before_tokens_expiration_in_second??120;o>60&&(o=o-Math.floor(Math.random()*40)),e.logout_tokens_to_invalidate||(e.logout_tokens_to_invalidate=["access_token","refresh_token"]),e.authority_timeout_wellknowurl_in_millisecond||(e.authority_timeout_wellknowurl_in_millisecond=1e4),this.configuration={...e,silent_login_uri:i,monitor_session:e.monitor_session??!1,refresh_time_before_tokens_expiration_in_second:o,silent_login_timeout:e.silent_login_timeout??12e3,token_renew_mode:e.token_renew_mode??q.access_token_or_id_token_invalid},this.getFetch=s??ge,this.configurationName=t,this.tokens=null,this.userInfo=null,this.events=[],this.timeoutId=null,this.synchroniseTokensAsync.bind(this),this.loginCallbackWithAutoTokensRenewAsync.bind(this),this.initAsync.bind(this),this.loginCallbackAsync.bind(this),this.subscribeEvents.bind(this),this.removeEventSubscription.bind(this),this.publishEvent.bind(this),this.destroyAsync.bind(this),this.logoutAsync.bind(this),this.renewTokensAsync.bind(this),this.initAsync(this.configuration.authority,this.configuration.authority_configuration)}subscribeEvents(e){const t=Qe(9999999999999).toString();return this.events.push({id:t,func:e}),t}removeEventSubscription(e){const t=this.events.filter(s=>s.id!==e);this.events=t}publishEvent(e,t){this.events.forEach(s=>{s.func(e,t)})}static get(e="default"){const t=typeof process>"u";if(!Object.prototype.hasOwnProperty.call(C,e)&&t)throw Error(`OIDC library does seem initialized.
|
|
2
|
-
Please checkout that you are using OIDC hook inside a <OidcProvider configurationName="${e}"></OidcProvider> compoment.`);return C[e]}_silentLoginCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const e=B(window.location.href);window.parent.postMessage(`${this.configurationName}_oidc_tokens:${JSON.stringify({tokens:this.tokens,sessionState:e.session_state})}`,window.location.origin)}}_silentLoginErrorCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const e=B(window.location.href);window.parent.postMessage(`${this.configurationName}_oidc_error:${JSON.stringify({error:e.error})}`,window.location.origin)}}async silentLoginCallbackAsync(){try{await this.loginCallbackAsync(!0),this._silentLoginCallbackFromIFrame()}catch(e){console.error(e),this._silentLoginErrorCallbackFromIFrame()}}async initAsync(e,t){if(this.initPromise!==null)return this.initPromise;const s=async()=>{if(t!=null)return new ee({authorization_endpoint:t.authorization_endpoint,end_session_endpoint:t.end_session_endpoint,revocation_endpoint:t.revocation_endpoint,token_endpoint:t.token_endpoint,userinfo_endpoint:t.userinfo_endpoint,check_session_iframe:t.check_session_iframe,issuer:t.issuer});const o=await O(this.configuration.service_worker_relative_url,this.configurationName)?window.localStorage:null;return await Me(this.getFetch())(e,this.configuration.authority_time_cache_wellknowurl_in_second??60*60,o,this.configuration.authority_timeout_wellknowurl_in_millisecond)};return this.initPromise=s(),this.initPromise.then(i=>(this.initPromise=null,i))}async tryKeepExistingSessionAsync(){if(this.tryKeepExistingSessionPromise!==null)return this.tryKeepExistingSessionPromise;const e=async()=>{let t;if(this.tokens!=null)return!1;this.publishEvent(m.tryKeepExistingSessionAsync_begin,{});try{const s=this.configuration,i=await this.initAsync(s.authority,s.authority_configuration);if(t=await O(s.service_worker_relative_url,this.configurationName),t){const{tokens:o}=await t.initAsync(i,"tryKeepExistingSessionAsync",s);if(o){t.startKeepAliveServiceWorker(),this.tokens=o;const r=t.getLoginParams(this.configurationName);this.timeoutId=U(this,this.tokens.refreshToken,this.tokens.expiresAt,r.extras);const l=await t.getSessionStateAsync();return await this.startCheckSessionAsync(i.check_session_iframe,s.client_id,l),this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside ServiceWorker are valid"}),!0}this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:"no exiting session found"})}else{s.service_worker_relative_url&&this.publishEvent(m.service_worker_not_supported_by_browser,{message:"service worker is not supported by this browser"});const o=I(this.configurationName,s.storage??sessionStorage),{tokens:r}=await o.initAsync();if(r){this.tokens=se(r,null,s.token_renew_mode);const l=o.getLoginParams(this.configurationName);this.timeoutId=U(this,r.refreshToken,this.tokens.expiresAt,l.extras);const c=await o.getSessionStateAsync();return await this.startCheckSessionAsync(i.check_session_iframe,s.client_id,c),this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside storage are valid"}),!0}}return this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:t?"service worker sessions not retrieved":"session storage sessions not retrieved"}),!1}catch(s){return console.error(s),t&&await t.clearAsync(),this.publishEvent(m.tryKeepExistingSessionAsync_error,"tokens inside ServiceWorker are invalid"),!1}};return this.tryKeepExistingSessionPromise=e(),this.tryKeepExistingSessionPromise.then(t=>(this.tryKeepExistingSessionPromise=null,t))}async startCheckSessionAsync(e,t,s,i=!1){await Ee(this,C,this.configuration)(e,t,s,i)}async loginAsync(e=void 0,t=null,s=!1,i=void 0,o=!1){return this.loginPromise!==null?this.loginPromise:o?be(window,this.configurationName,this.configuration,this.publishEvent.bind(this),this)(t,i):(this.loginPromise=qe(window,this.configurationName,this.configuration,this.publishEvent.bind(this),this.initAsync.bind(this))(e,t,s,i),this.loginPromise.then(r=>(this.loginPromise=null,r)))}async loginCallbackAsync(e=!1){if(this.loginCallbackPromise!==null)return this.loginCallbackPromise;const t=async()=>{const s=await Ge(this)(e),i=s.tokens;if(this.tokens=i,!await O(this.configuration.service_worker_relative_url,this.configurationName))I(this.configurationName,this.configuration.storage).setTokens(i);else if(!i.fromServiceWorker)throw Error("security issue, parsedTokens.fromServiceWorker is not defined");return this.publishEvent(L.eventNames.token_aquired,i),{parsedTokens:i,state:s.state,callbackPath:s.callbackPath}};return this.loginCallbackPromise=t(),this.loginCallbackPromise.then(s=>(this.loginCallbackPromise=null,s))}async synchroniseTokensAsync(e,t=0,s=!1,i=null,o){for(;!navigator.onLine&&document.hidden;)await x(1e3),this.publishEvent(m.refreshTokensAsync,{message:"wait because navigator is offline and hidden"});let r=6;for(;!navigator.onLine&&r>0;)await x(1e3),r--,this.publishEvent(m.refreshTokensAsync,{message:`wait because navigator is offline try ${r}`});let l=Math.floor(Math.random()*15)+10;for(;document.hidden&&l>0;)await x(1e3),l--,this.publishEvent(m.refreshTokensAsync,{message:`wait because navigator is hidden try ${l}`});const h=document.hidden?t:t+1;i||(i={});const a=this.configuration,_=(u,y,d=null)=>z(this.configurationName,this.configuration,this.publishEvent.bind(this))(u,y,d),f=async()=>{try{let u;const y=await O(a.service_worker_relative_url,this.configurationName);y?u=y.getLoginParams(this.configurationName):u=I(this.configurationName,a.storage).getLoginParams(this.configurationName);const d=await _({...u.extras,...i,prompt:"none"},u.state);if(d)return o(d.tokens),this.publishEvent(L.eventNames.token_renewed,{}),{tokens:d.tokens,status:"LOGGED"}}catch(u){if(console.error(u),this.publishEvent(m.refreshTokensAsync_silent_error,{message:"exceptionSilent",exception:u.message}),u&&u.message&&u.message.startsWith("oidc"))return o(null),this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent"}),{tokens:null,status:"SESSION_LOST"}}return this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent return"}),await this.synchroniseTokensAsync(null,h,s,i,o)};if(t>4)return o(null),this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token"}),{tokens:null,status:"SESSION_LOST"};try{const{status:u,tokens:y,nonce:d}=await this.syncTokensInfoAsync(a,this.configurationName,this.tokens,s);switch(u){case"SESSION_LOST":return o(null),this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token session lost"}),{tokens:null,status:"SESSION_LOST"};case"NOT_CONNECTED":return o(null),{tokens:null,status:null};case"TOKENS_VALID":return o(y),{tokens:y,status:"LOGGED_IN"};case"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":return o(y),this.publishEvent(L.eventNames.token_renewed,{reason:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID"}),{tokens:y,status:"LOGGED_IN"};case"LOGOUT_FROM_ANOTHER_TAB":return o(null),this.publishEvent(m.logout_from_another_tab,{status:"session syncTokensAsync"}),{tokens:null,status:"LOGGED_OUT"};case"REQUIRE_SYNC_TOKENS":return this.publishEvent(m.refreshTokensAsync_begin,{refreshToken:e,status:u,tryNumber:t}),await f();default:{if(this.publishEvent(m.refreshTokensAsync_begin,{refreshToken:e,status:u,tryNumber:t}),!e)return await f();const g=a.client_id,k=a.redirect_uri,w=a.authority,p={...a.token_request_extras?a.token_request_extras:{}};for(const[T,v]of Object.entries(i))T.endsWith(":token_request")&&(p[T.replace(":token_request","")]=v);return await(async()=>{const T={client_id:g,redirect_uri:k,grant_type:"refresh_token",refresh_token:y.refreshToken},v=await this.initAsync(w,a.authority_configuration),N=document.hidden?1e4:3e4*10,W=await Ve(this.getFetch())(v.tokenEndpoint,T,p,y,a.token_renew_mode,N);if(W.success){const{isValid:Ze,reason:en}=oe(W.data,d.nonce,v);return Ze?(o(W.data),this.publishEvent(m.refreshTokensAsync_end,{success:W.success}),this.publishEvent(L.eventNames.token_renewed,{reason:"REFRESH_TOKEN"}),{tokens:W.data,status:"LOGGED_IN"}):(o(null),this.publishEvent(m.refreshTokensAsync_error,{message:`refresh token return not valid tokens, reason: ${en}`}),{tokens:null,status:"SESSION_LOST"})}else return this.publishEvent(m.refreshTokensAsync_silent_error,{message:"bad request",tokenResponse:W}),await this.synchroniseTokensAsync(e,h,s,i,o)})()}}}catch(u){return console.error(u),this.publishEvent(m.refreshTokensAsync_silent_error,{message:"exception",exception:u.message}),this.synchroniseTokensAsync(e,h,s,i,o)}}async syncTokensInfoAsync(e,t,s,i=!1){const o={nonce:null};if(!s)return{tokens:null,status:"NOT_CONNECTED",nonce:o};let r=o;const l=await this.initAsync(e.authority,e.authority_configuration),c=await O(e.service_worker_relative_url,t);if(c){const{status:_,tokens:f}=await c.initAsync(l,"syncTokensAsync",e);if(_==="LOGGED_OUT")return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:o};if(_==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:o};if(!_||!f)return{tokens:null,status:"REQUIRE_SYNC_TOKENS",nonce:o};if(f.issuedAt!==s.issuedAt){const y=M(e.refresh_time_before_tokens_expiration_in_second,f.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",d=await c.getNonceAsync();return{tokens:f,status:y,nonce:d}}r=await c.getNonceAsync()}else{const _=I(t,e.storage??sessionStorage),{tokens:f,status:u}=await _.initAsync();if(f){if(u==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:o};if(f.issuedAt!==s.issuedAt){const d=M(e.refresh_time_before_tokens_expiration_in_second,f.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",g=await _.getNonceAsync();return{tokens:f,status:d,nonce:g}}}else return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:o};r=await _.getNonceAsync()}const a=M(e.refresh_time_before_tokens_expiration_in_second,s.expiresAt)>0?"TOKENS_VALID":"TOKENS_INVALID";return i?{tokens:s,status:"FORCE_REFRESH",nonce:r}:{tokens:s,status:a,nonce:r}}loginCallbackWithAutoTokensRenewAsync(){return this.loginCallbackWithAutoTokensRenewPromise!==null?this.loginCallbackWithAutoTokensRenewPromise:(this.loginCallbackWithAutoTokensRenewPromise=Ye(this),this.loginCallbackWithAutoTokensRenewPromise.then(e=>(this.loginCallbackWithAutoTokensRenewPromise=null,e)))}userInfoAsync(e=!1){return this.userInfoPromise!==null?this.userInfoPromise:(this.userInfoPromise=Xe(this)(e),this.userInfoPromise.then(t=>(this.userInfoPromise=null,t)))}async renewTokensAsync(e=null){if(this.renewTokensPromise!==null)return this.renewTokensPromise;if(this.timeoutId)return V.clearTimeout(this.timeoutId),this.renewTokensPromise=ue(this,this.tokens.refreshToken,!0,e),this.renewTokensPromise.then(t=>(this.renewTokensPromise=null,t))}async destroyAsync(e){return await Je(this)(e)}async logoutSameTabAsync(e,t){this.configuration.monitor_session&&this.configuration.client_id===e&&t&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===t&&(this.publishEvent(m.logout_from_same_tab,{message:t}),await this.destroyAsync("LOGGED_OUT"))}async logoutOtherTabAsync(e,t){this.configuration.monitor_session&&this.configuration.client_id===e&&t&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===t&&(await this.destroyAsync("LOGGED_OUT"),this.publishEvent(m.logout_from_another_tab,{message:"SessionMonitor",sub:t}))}async logoutAsync(e=void 0,t=null){return this.logoutPromise?this.logoutPromise:(this.logoutPromise=He(this,C,this.getFetch(),window,console)(e,t),this.logoutPromise.then(s=>(this.logoutPromise=null,s)))}};L.getOrCreate=e=>(t,s="default")=>ze(e)(t,s),L.eventNames=m;let $=L;const D=class D{constructor(e){this._oidc=e}subscribeEvents(e){return this._oidc.subscribeEvents(e)}removeEventSubscription(e){this._oidc.removeEventSubscription(e)}publishEvent(e,t){this._oidc.publishEvent(e,t)}static get(e="default"){return new D($.get(e))}tryKeepExistingSessionAsync(){return this._oidc.tryKeepExistingSessionAsync()}loginAsync(e=void 0,t=null,s=!1,i=void 0,o=!1){return this._oidc.loginAsync(e,t,s,i,o)}logoutAsync(e=void 0,t=null){return this._oidc.logoutAsync(e,t)}silentLoginCallbackAsync(){return this._oidc.silentLoginCallbackAsync()}renewTokensAsync(e=null){return this._oidc.renewTokensAsync(e)}loginCallbackAsync(){return this._oidc.loginCallbackWithAutoTokensRenewAsync()}get tokens(){return this._oidc.tokens}get configuration(){return this._oidc.configuration}async getValidTokenAsync(e=200,t=50){return Ae(this._oidc,e,t)}async userInfoAsync(e=!1){return this._oidc.userInfoAsync(e)}};D.getOrCreate=e=>(t,s="default")=>new D($.getOrCreate(e)(t,s)),D.eventNames=$.eventNames;let ne=D;b.OidcClient=ne,b.TokenRenewMode=q,b.getFetchDefault=ge,b.getParseQueryStringFromLocation=B,b.getPath=Be,Object.defineProperty(b,Symbol.toStringTag,{value:"Module"})});
|
|
1
|
+
(function(b,j){typeof exports=="object"&&typeof module<"u"?j(exports):typeof define=="function"&&define.amd?define(["exports"],j):(b=typeof globalThis<"u"?globalThis:b||self,j(b["oidc-client"]={}))})(this,function(b){"use strict";const F=console;class ke{constructor(e,t,s,i=2e3,o=!0){this._callback=e,this._client_id=t,this._url=s,this._interval=i||2e3,this._stopOnError=o;const r=s.indexOf("/",s.indexOf("//")+2);this._frame_origin=s.substr(0,r),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.style.display="none",this._frame.width=0,this._frame.height=0,this._frame.src=s}load(){return new Promise(e=>{this._frame.onload=()=>{e()},window.document.body.appendChild(this._frame),this._boundMessageEvent=this._message.bind(this),window.addEventListener("message",this._boundMessageEvent,!1)})}_message(e){e.origin===this._frame_origin&&e.source===this._frame.contentWindow&&(e.data==="error"?(F.error("CheckSessionIFrame: error message from check session op iframe"),this._stopOnError&&this.stop()):e.data==="changed"?(F.debug(e),F.debug("CheckSessionIFrame: changed message from check session op iframe"),this.stop(),this._callback()):F.debug("CheckSessionIFrame: "+e.data+" message from check session op iframe"))}start(e){F.debug("CheckSessionIFrame.start :"+e),this.stop();const t=()=>{this._frame.contentWindow.postMessage(this._client_id+" "+e,this._frame_origin)};t(),this._timer=window.setInterval(t,this._interval)}stop(){this._timer&&(F.debug("CheckSessionIFrame.stop"),window.clearInterval(this._timer),this._timer=null)}}const m={service_worker_not_supported_by_browser:"service_worker_not_supported_by_browser",token_aquired:"token_aquired",logout_from_another_tab:"logout_from_another_tab",logout_from_same_tab:"logout_from_same_tab",token_renewed:"token_renewed",token_timer:"token_timer",loginAsync_begin:"loginAsync_begin",loginAsync_error:"loginAsync_error",loginCallbackAsync_begin:"loginCallbackAsync_begin",loginCallbackAsync_end:"loginCallbackAsync_end",loginCallbackAsync_error:"loginCallbackAsync_error",refreshTokensAsync_begin:"refreshTokensAsync_begin",refreshTokensAsync:"refreshTokensAsync",refreshTokensAsync_end:"refreshTokensAsync_end",refreshTokensAsync_error:"refreshTokensAsync_error",refreshTokensAsync_silent_error:"refreshTokensAsync_silent_error",tryKeepExistingSessionAsync_begin:"tryKeepExistingSessionAsync_begin",tryKeepExistingSessionAsync_end:"tryKeepExistingSessionAsync_end",tryKeepExistingSessionAsync_error:"tryKeepExistingSessionAsync_error",silentLoginAsync_begin:"silentLoginAsync_begin",silentLoginAsync:"silentLoginAsync",silentLoginAsync_end:"silentLoginAsync_end",silentLoginAsync_error:"silentLoginAsync_error",syncTokensAsync_begin:"syncTokensAsync_begin",syncTokensAsync_end:"syncTokensAsync_end",syncTokensAsync_error:"syncTokensAsync_error"},P=(n,e=sessionStorage)=>{const t=k=>(e[`oidc.${n}`]=JSON.stringify({tokens:null,status:k}),Promise.resolve()),s=async()=>{if(!e[`oidc.${n}`])return e[`oidc.${n}`]=JSON.stringify({tokens:null,status:null}),{tokens:null,status:null};const k=JSON.parse(e[`oidc.${n}`]);return Promise.resolve({tokens:k.tokens,status:k.status})},i=k=>{e[`oidc.${n}`]=JSON.stringify({tokens:k})},o=async k=>{e[`oidc.session_state.${n}`]=k},r=async()=>e[`oidc.session_state.${n}`],l=k=>{localStorage[`oidc.nonce.${n}`]=k.nonce},c=async()=>({nonce:localStorage[`oidc.nonce.${n}`]}),h=()=>e[`oidc.${n}`]?JSON.stringify({tokens:JSON.parse(e[`oidc.${n}`]).tokens}):null;let a=null;return{clearAsync:t,initAsync:s,setTokens:i,getTokens:h,setSessionStateAsync:o,getSessionStateAsync:r,setNonceAsync:l,getNonceAsync:c,setLoginParams:(k,w)=>{a=w,e[`oidc.login.${k}`]=JSON.stringify(w)},getLoginParams:k=>{const w=e[`oidc.login.${k}`];return a||(a=JSON.parse(w)),a},getStateAsync:async()=>e[`oidc.state.${n}`],setStateAsync:async k=>{e[`oidc.state.${n}`]=k},getCodeVerifierAsync:async()=>e[`oidc.code_verifier.${n}`],setCodeVerifierAsync:async k=>{e[`oidc.code_verifier.${n}`]=k}}},me=n=>decodeURIComponent(Array.prototype.map.call(atob(n),e=>"%"+("00"+e.charCodeAt(0).toString(16)).slice(-2)).join("")),pe=n=>JSON.parse(me(n.split(".")[1].replace("-","+").replace("_","/"))),te=n=>{try{return n&&we(n,".")===2?pe(n):null}catch(e){console.warn(e)}return null},we=(n,e)=>n.split(e).length-1,q={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"};function Ae(n,e,t){if(n.issuedAt){if(typeof n.issuedAt=="string")return parseInt(n.issuedAt,10)}else return e&&e.iat?e.iat:t&&t.iat?t.iat:new Date().getTime()/1e3;return n.issuedAt}const se=(n,e=null,t)=>{if(!n)return null;let s;const i=typeof n.expiresIn=="string"?parseInt(n.expiresIn,10):n.expiresIn;n.accessTokenPayload!==void 0?s=n.accessTokenPayload:s=te(n.accessToken);const o=n.idTokenPayload?n.idTokenPayload:te(n.idToken),r=o&&o.exp?o.exp:Number.MAX_VALUE,l=s&&s.exp?s.exp:n.issuedAt+i;n.issuedAt=Ae(n,s,o);let c;n.expiresAt?c=n.expiresAt:t===q.access_token_invalid?c=l:t===q.id_token_invalid?c=r:c=r<l?r:l;const h={...n,idTokenPayload:o,accessTokenPayload:s,expiresAt:c};if(e!=null&&"refreshToken"in e&&!("refreshToken"in n)){const a=e.refreshToken;return{...h,refreshToken:a}}return h},H=(n,e,t)=>{if(!n)return null;if(!n.issued_at){const i=new Date().getTime()/1e3;n.issued_at=i}const s={accessToken:n.access_token,expiresIn:n.expires_in,idToken:n.id_token,scope:n.scope,tokenType:n.token_type,issuedAt:n.issued_at};return"refresh_token"in n&&(s.refreshToken=n.refresh_token),n.accessTokenPayload!==void 0&&(s.accessTokenPayload=n.accessTokenPayload),n.idTokenPayload!==void 0&&(s.idTokenPayload=n.idTokenPayload),se(s,e,t)},M=(n,e)=>{const t=new Date().getTime()/1e3,s=e-t;return Math.round(s-n)},X=n=>n?M(0,n.expiresAt)>0:!1,ve=async(n,e=200,t=50)=>{let s=t;if(!n.tokens)return null;for(;!X(n.tokens)&&s>0;)await x(e),s=s-1;return{isTokensValid:X(n.tokens),tokens:n.tokens,numberWaited:s-t}},oe=(n,e,t)=>{if(n.idTokenPayload){const s=n.idTokenPayload;if(t.issuer!==s.iss)return{isValid:!1,reason:`Issuer does not match (oidcServerConfiguration issuer) ${t.issuer} !== (idTokenPayload issuer) ${s.iss}`};const i=new Date().getTime()/1e3;if(s.exp&&s.exp<i)return{isValid:!1,reason:`Token expired (idTokenPayload exp) ${s.exp} < (currentTimeUnixSecond) ${i}`};const o=60*60*24*7;if(s.iat&&s.iat+o<i)return{isValid:!1,reason:`Token is used from too long time (idTokenPayload iat + timeInSevenDays) ${s.iat+o} < (currentTimeUnixSecond) ${i}`};if(s.nonce&&s.nonce!==e)return{isValid:!1,reason:`Nonce does not match (idTokenPayload nonce) ${s.nonce} !== (nonce) ${e}`}}return{isValid:!0,reason:""}},V=function(){const n=function(){let c,h;const a=(function(){const f={},u={setTimeout:function(d,g,k){f[g]=setTimeout(function(){d.postMessage(g),f[g]=null},k)},setInterval:function(d,g,k){f[g]=setInterval(function(){d.postMessage(g)},k)},clearTimeout:function(d,g){clearTimeout(f[g]),f[g]=null},clearInterval:function(d,g){clearInterval(f[g]),f[g]=null}};function y(d,g){const k=g.data[0],w=g.data[1],S=g.data[2];u[k]&&u[k](d,w,S)}this.onmessage=function(d){y(self,d)},this.onconnect=function(d){const g=d.ports[0];g.onmessage=function(k){y(g,k)}}}).toString();try{const f=new Blob(["(",a,")()"],{type:"application/javascript"});h=URL.createObjectURL(f)}catch{return null}const _=typeof process>"u";try{if(SharedWorker)return c=new SharedWorker(h),c.port}catch{_&&console.warn("SharedWorker not available")}try{if(Worker)return c=new Worker(h),c}catch{_&&console.warn("Worker not available")}return null}();if(!n){const c=typeof window>"u"?global:window;return{setTimeout:setTimeout.bind(c),clearTimeout:clearTimeout.bind(c),setInterval:setInterval.bind(c),clearInterval:clearInterval.bind(c)}}const e=function(){let c=0;return function(){return c++,c}}(),t={},s={};n.onmessage=function(c){const h=c.data,a=t[h];if(a){a(),t[h]=null;return}const _=s[h];_&&_()};function i(c,h){const a=e();return n.postMessage(["setTimeout",a,h]),t[a]=c,a}function o(c){n.postMessage(["clearTimeout",c]),t[c]=null}function r(c,h){const a=e();return n.postMessage(["setInterval",a,h]),s[a]=c,a}function l(c){n.postMessage(["clearInterval",c]),s[c]=null}return{setTimeout:i,clearTimeout:o,setInterval:r,clearInterval:l}}(),ie="7.4.1",re=n=>{const e=n.appVersion,t=n.userAgent,s="-";let i=s;const o=[{s:"Windows 10",r:/(Windows 10.0|Windows NT 10.0)/},{s:"Windows 8.1",r:/(Windows 8.1|Windows NT 6.3)/},{s:"Windows 8",r:/(Windows 8|Windows NT 6.2)/},{s:"Windows 7",r:/(Windows 7|Windows NT 6.1)/},{s:"Windows Vista",r:/Windows NT 6.0/},{s:"Windows Server 2003",r:/Windows NT 5.2/},{s:"Windows XP",r:/(Windows NT 5.1|Windows XP)/},{s:"Windows 2000",r:/(Windows NT 5.0|Windows 2000)/},{s:"Windows ME",r:/(Win 9x 4.90|Windows ME)/},{s:"Windows 98",r:/(Windows 98|Win98)/},{s:"Windows 95",r:/(Windows 95|Win95|Windows_95)/},{s:"Windows NT 4.0",r:/(Windows NT 4.0|WinNT4.0|WinNT|Windows NT)/},{s:"Windows CE",r:/Windows CE/},{s:"Windows 3.11",r:/Win16/},{s:"Android",r:/Android/},{s:"Open BSD",r:/OpenBSD/},{s:"Sun OS",r:/SunOS/},{s:"Chrome OS",r:/CrOS/},{s:"Linux",r:/(Linux|X11(?!.*CrOS))/},{s:"iOS",r:/(iPhone|iPad|iPod)/},{s:"Mac OS X",r:/Mac OS X/},{s:"Mac OS",r:/(Mac OS|MacPPC|MacIntel|Mac_PowerPC|Macintosh)/},{s:"QNX",r:/QNX/},{s:"UNIX",r:/UNIX/},{s:"BeOS",r:/BeOS/},{s:"OS/2",r:/OS\/2/},{s:"Search Bot",r:/(nuhk|Googlebot|Yammybot|Openbot|Slurp|MSNBot|Ask Jeeves\/Teoma|ia_archiver)/}];for(const l in o){const c=o[l];if(c.r.test(t)){i=c.s;break}}let r=s;switch(/Windows/.test(i)&&(r=/Windows (.*)/.exec(i)[1],i="Windows"),i){case"Mac OS":case"Mac OS X":case"Android":r=/(?:Android|Mac OS|Mac OS X|MacPPC|MacIntel|Mac_PowerPC|Macintosh) ([._\d]+)/.exec(t)[1];break;case"iOS":{const l=/OS (\d+)_(\d+)_?(\d+)?/.exec(e);r=l[1]+"."+l[2]+"."+(parseInt(l[3])|0);break}}return{os:i,osVersion:r}};function Se(){const n=navigator.userAgent;let e,t=n.match(/(opera|chrome|safari|firefox|msie|trident(?=\/))\/?\s*(\d+)/i)||[];if(/trident/i.test(t[1]))return e=/\brv[ :]+(\d+)/g.exec(n)||[],{name:"ie",version:e[1]||""};if(t[1]==="Chrome"&&(e=n.match(/\bOPR|Edge\/(\d+)/),e!=null)){let s=e[1];if(!s){const i=n.split(e[0]+"/");i.length>1&&(s=i[1])}return{name:"opera",version:s}}return t=t[2]?[t[1],t[2]]:[navigator.appName,navigator.appVersion,"-?"],(e=n.match(/version\/(\d+)/i))!=null&&t.splice(1,1,e[1]),{name:t[0].toLowerCase(),version:t[1]}}let ae=null;const x=n=>new Promise(e=>V.setTimeout(e,n));let G;const ce=()=>{try{const e=re(navigator).os==="Android"?240:150;G=new AbortController,fetch(`/OidcKeepAliveServiceWorker.json?minSleepSeconds=${e}`,{signal:G.signal}).catch(s=>{console.log(s)}),x(e*1e3).then(ce)}catch(n){console.log(n)}},le=()=>{G&&G.abort()},Te=()=>fetch("/OidcKeepAliveServiceWorker.json",{headers:{"oidc-vanilla":"true"}}).then(n=>n.statusText==="oidc-service-worker").catch(n=>{console.log(n)}),be=n=>!!(n.os==="iOS"&&n.osVersion.startsWith("12")||n.os==="Mac OS X"&&n.osVersion.startsWith("10_15_6")),E=n=>e=>new Promise(function(t,s){const i=new MessageChannel;i.port1.onmessage=function(o){o.data&&o.data.error?s(o.data.error):t(o.data)},n.active.postMessage(e,[i.port2])}),O=async(n,e)=>{if(typeof window>"u"||typeof navigator>"u"||!navigator.serviceWorker||!n)return null;const{name:t,version:s}=Se();if(t==="chrome"&&parseInt(s)<=70||t==="opera"&&(!s||parseInt(s.split(".")[0])<80)||t==="ie")return null;const i=re(navigator);if(be(i))return null;const o=await navigator.serviceWorker.register(n);try{await navigator.serviceWorker.ready}catch{return null}const r=async p=>E(o)({type:"clear",data:{status:p},configurationName:e}),l=async(p,A,T)=>{const v=await E(o)({type:"init",data:{oidcServerConfiguration:p,where:A,oidcConfiguration:{token_renew_mode:T.token_renew_mode,service_worker_convert_all_requests_to_cors:T.service_worker_convert_all_requests_to_cors}},configurationName:e}),N=v.version;if(N!==ie)if(console.warn(`Service worker ${N} version mismatch with js client version ${ie}, unregistering and reloading`),T.service_worker_update_require_callback)await T.service_worker_update_require_callback(o,le);else{le(),await o.update();const W=await o.unregister();console.log(`Service worker unregistering ${W}`),await x(2e3),window.location.reload()}return{tokens:H(v.tokens,null,T.token_renew_mode),status:v.status}},c=()=>{ae==null&&(ae="not_null",ce())},h=p=>E(o)({type:"setSessionState",data:{sessionState:p},configurationName:e}),a=async()=>(await E(o)({type:"getSessionState",data:null,configurationName:e})).sessionState,_=p=>(sessionStorage["oidc.nonce"]=p.nonce,E(o)({type:"setNonce",data:{nonce:p},configurationName:e})),f=async()=>{let A=(await E(o)({type:"getNonce",data:null,configurationName:e})).nonce;return A||(A=sessionStorage["oidc.nonce"],console.warn("nonce not found in service worker, using sessionStorage")),{nonce:A}};let u=null;return{clearAsync:r,initAsync:l,startKeepAliveServiceWorker:c,isServiceWorkerProxyActiveAsync:Te,setSessionStateAsync:h,getSessionStateAsync:a,setNonceAsync:_,getNonceAsync:f,setLoginParams:(p,A)=>{u=A,localStorage[`oidc.login.${p}`]=JSON.stringify(A)},getLoginParams:p=>{const A=localStorage[`oidc.login.${p}`];return u||(u=JSON.parse(A)),u},getStateAsync:async()=>{let A=(await E(o)({type:"getState",data:null,configurationName:e})).state;return A||(A=sessionStorage[`oidc.state.${e}`],console.warn("state not found in service worker, using sessionStorage")),A},setStateAsync:async p=>(sessionStorage[`oidc.state.${e}`]=p,E(o)({type:"setState",data:{state:p},configurationName:e})),getCodeVerifierAsync:async()=>{let A=(await E(o)({type:"getCodeVerifier",data:null,configurationName:e})).codeVerifier;return A||(A=sessionStorage[`oidc.code_verifier.${e}`],console.warn("codeVerifier not found in service worker, using sessionStorage")),A},setCodeVerifierAsync:async p=>(sessionStorage[`oidc.code_verifier.${e}`]=p,E(o)({type:"setCodeVerifier",data:{codeVerifier:p},configurationName:e}))}};async function ue(n,e,t=!1,s=null){const i=c=>{n.tokens=c},{tokens:o,status:r}=await n.synchroniseTokensAsync(e,0,t,s,i);if(await O(n.configuration.service_worker_relative_url,n.configurationName)||await P(n.configurationName,n.configuration.storage).setTokens(n.tokens),!n.tokens){await n.destroyAsync(r);return}return n.timeoutId&&(n.timeoutId=U(n,o.refreshToken,n.tokens.expiresAt,s)),n.tokens}const U=(n,e,t,s=null)=>{const i=n.configuration.refresh_time_before_tokens_expiration_in_second;return V.setTimeout(async()=>{const r={timeLeft:M(i,t)};n.publishEvent($.eventNames.token_timer,r),await ue(n,e,!1,s)},1e3)},z=(n,e,t)=>(s=null,i=null,o=null)=>{if(!e.silent_redirect_uri||!e.silent_login_uri)return Promise.resolve(null);try{t(m.silentLoginAsync_begin,{});let r="";if(i&&(s==null&&(s={}),s.state=i),o&&(s==null&&(s={}),s.scope=o),s!=null)for(const[_,f]of Object.entries(s))r===""?r=`?${encodeURIComponent(_)}=${encodeURIComponent(f)}`:r+=`&${encodeURIComponent(_)}=${encodeURIComponent(f)}`;const l=e.silent_login_uri+r,c=l.indexOf("/",l.indexOf("//")+2),h=l.substr(0,c),a=document.createElement("iframe");return a.width="0px",a.height="0px",a.id=`${n}_oidc_iframe`,a.setAttribute("src",l),document.body.appendChild(a),new Promise((_,f)=>{try{let u=!1;window.onmessage=d=>{if(d.origin===h&&d.source===a.contentWindow){const g=`${n}_oidc_tokens:`,k=`${n}_oidc_error:`,w=d.data;if(w&&typeof w=="string"&&!u){if(w.startsWith(g)){const S=JSON.parse(d.data.replace(g,""));t(m.silentLoginAsync_end,{}),a.remove(),u=!0,_(S)}else if(w.startsWith(k)){const S=JSON.parse(d.data.replace(k,""));t(m.silentLoginAsync_error,S),a.remove(),u=!0,f(new Error("oidc_"+S.error))}}}};const y=e.silent_login_timeout;setTimeout(()=>{u||(t(m.silentLoginAsync_error,{reason:"timeout"}),a.remove(),u=!0,f(new Error("timeout")))},y)}catch(u){a.remove(),t(m.silentLoginAsync_error,u),f(u)}})}catch(r){throw t(m.silentLoginAsync_error,r),r}},Ee=(n,e,t,s,i)=>(o=null,r=void 0)=>{o={...o};const l=(h,a,_)=>z(e,t,s.bind(i))(h,a,_);return(async()=>{i.timeoutId&&V.clearTimeout(i.timeoutId);let h;o&&"state"in o&&(h=o.state,delete o.state);try{const a=t.extras?{...t.extras,...o}:o,_=await l({...a,prompt:"none"},h,r);if(_)return i.tokens=_.tokens,s(m.token_aquired,{}),i.timeoutId=U(i,i.tokens.refreshToken,i.tokens.expiresAt,o),{}}catch(a){return a}})()},Ie=(n,e,t)=>(s,i,o,r=!1)=>{const l=(c,h=void 0,a=void 0)=>z(n.configurationName,t,n.publishEvent.bind(n))(c,h,a);return new Promise((c,h)=>{if(t.silent_login_uri&&t.silent_redirect_uri&&t.monitor_session&&s&&o&&!r){const a=()=>{n.checkSessionIFrame.stop();const _=n.tokens;if(_===null)return;const f=_.idToken,u=_.idTokenPayload;return l({prompt:"none",id_token_hint:f,scope:t.scope||"openid"}).then(y=>{const d=y.tokens.idTokenPayload;if(u.sub===d.sub){const g=y.sessionState;n.checkSessionIFrame.start(y.sessionState),u.sid===d.sid?console.debug("SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",g):console.debug("SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:",g)}else console.debug("SessionMonitor._callback: Different subject signed into OP:",d.sub)}).catch(async y=>{console.warn("SessionMonitor._callback: Silent login failed, logging out other tabs:",y);for(const[d,g]of Object.entries(e))await g.logoutOtherTabAsync(t.client_id,u.sub)})};n.checkSessionIFrame=new ke(a,i,s),n.checkSessionIFrame.load().then(()=>{n.checkSessionIFrame.start(o),c(n.checkSessionIFrame)}).catch(_=>{h(_)})}else c(null)})};for(var Pe=Ne,I=[],de="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",J=0,Oe=de.length;J<Oe;++J)I[J]=de[J];function Ce(n){return I[n>>18&63]+I[n>>12&63]+I[n>>6&63]+I[n&63]}function Le(n,e,t){for(var s,i=[],o=e;o<t;o+=3)s=(n[o]<<16&16711680)+(n[o+1]<<8&65280)+(n[o+2]&255),i.push(Ce(s));return i.join("")}function Ne(n){for(var e,t=n.length,s=t%3,i=[],o=16383,r=0,l=t-s;r<l;r+=o)i.push(Le(n,r,r+o>l?l:r+o));return s===1?(e=n[t-1],i.push(I[e>>2]+I[e<<4&63]+"==")):s===2&&(e=(n[t-2]<<8)+n[t-1],i.push(I[e>>10]+I[e>>4&63]+I[e<<2&63]+"=")),i.join("")}const he=()=>{const n=typeof window<"u"&&!!window.crypto,e=n&&!!window.crypto.subtle;return{hasCrypto:n,hasSubtleCrypto:e}},Y="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",We=n=>{const e=[];for(let t=0;t<n.byteLength;t+=1){const s=n[t]%Y.length;e.push(Y[s])}return e.join("")},xe=n=>Pe(new Uint8Array(n)).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,""),Q=n=>{const e=new Uint8Array(n),{hasCrypto:t}=he();if(t)window.crypto.getRandomValues(e);else for(let s=0;s<n;s+=1)e[s]=Math.random()*Y.length|0;return We(e)};function $e(n){const e=new ArrayBuffer(n.length),t=new Uint8Array(e);for(let s=0;s<n.length;s++)t[s]=n.charCodeAt(s);return t}const Fe=n=>{if(n.length<43||n.length>128)return Promise.reject(new Error("Invalid code length."));const{hasSubtleCrypto:e}=he();return e?new Promise((t,s)=>{crypto.subtle.digest("SHA-256",$e(n)).then(i=>t(xe(new Uint8Array(i))),i=>s(i))}):Promise.reject(new Error("window.crypto.subtle is unavailable."))},R={},Re=(n,e=window.sessionStorage,t)=>{if(!R[n]&&e){const i=e.getItem(n);i&&(R[n]=JSON.parse(i))}const s=1e3*t;return R[n]&&R[n].timestamp+s>Date.now()?R[n].result:null},De=(n,e,t=window.sessionStorage)=>{const s=Date.now();R[n]={result:e,timestamp:s},t&&t.setItem(n,JSON.stringify({result:e,timestamp:s}))},Me=60*60,Ve=n=>async(e,t=Me,s=window.sessionStorage,i=1e4)=>{const o=`${e}/.well-known/openid-configuration`,r=`oidc.server:${e}`,l=Re(r,s,t);if(l)return new ee(l);const c=await K(n)(o,{},i);if(c.status!==200)return null;const h=await c.json();return De(r,h,s),new ee(h)},K=n=>async(e,t={},s=1e4,i=0)=>{let o;try{const r=new AbortController;setTimeout(()=>r.abort(),s),o=await n(e,{...t,signal:r.signal})}catch(r){if(r.name==="AbortError"||r.message==="Network request failed"){if(i<=1)return await K(n)(e,t,s,i+1);throw r}else throw console.error(r.message),r}return o},Z={refresh_token:"refresh_token",access_token:"access_token"},_e=n=>async(e,t,s=Z.refresh_token,i,o=1e4)=>{const r={token:t,token_type_hint:s,client_id:i},l=[];for(const a in r){const _=encodeURIComponent(a),f=encodeURIComponent(r[a]);l.push(`${_}=${f}`)}const c=l.join("&");return(await K(n)(e,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:c},o)).status!==200?{success:!1}:{success:!0}},Ue=n=>async(e,t,s,i,o,r=1e4)=>{for(const[_,f]of Object.entries(s))t[_]===void 0&&(t[_]=f);const l=[];for(const _ in t){const f=encodeURIComponent(_),u=encodeURIComponent(t[_]);l.push(`${f}=${u}`)}const c=l.join("&"),h=await K(n)(e,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:c},r);if(h.status!==200)return{success:!1,status:h.status};const a=await h.json();return{success:!0,data:H(a,i,o)}},Ke=n=>async(e,t)=>{t=t?{...t}:{};const s=Q(128),i=await Fe(s);await n.setCodeVerifierAsync(s),await n.setStateAsync(t.state),t.code_challenge=i,t.code_challenge_method="S256";let o="";if(t)for(const[r,l]of Object.entries(t))o===""?o+="?":o+="&",o+=`${r}=${encodeURIComponent(l)}`;window.location.href=`${e}${o}`},Be=n=>async(e,t,s,i=1e4)=>{t=t?{...t}:{},t.code_verifier=await n.getCodeVerifierAsync();const o=[];for(const h in t){const a=encodeURIComponent(h),_=encodeURIComponent(t[h]);o.push(`${a}=${_}`)}const r=o.join("&"),l=await K(fetch)(e,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded;charset=UTF-8"},body:r},i);if(await Promise.all([n.setCodeVerifierAsync(null),n.setStateAsync(null)]),l.status!==200)return{success:!1,status:l.status};const c=await l.json();return{success:!0,data:{state:t.state,tokens:H(c,null,s)}}},fe=n=>{const e=n.match(/^([a-z][\w-]+\:)\/\/(([^:\/?#]*)(?:\:([0-9]+))?)([\/]{0,1}[^?#]*)(\?[^#]*|)(#.*|)$/);if(!e)throw new Error("Invalid URL");let t=e[6],s=e[7];if(s){const i=s.split("?");i.length===2&&(s=i[0],t=i[1])}return t.startsWith("?")&&(t=t.slice(1)),e&&{href:n,protocol:e[1],host:e[2],hostname:e[3],port:e[4],path:e[5],search:t,hash:s}},je=n=>{const e=fe(n);let{path:t}=e;t.endsWith("/")&&(t=t.slice(0,-1));let{hash:s}=e;return s==="#_=_"&&(s=""),s&&(t+=s),t},B=n=>{const e=fe(n),{search:t}=e;return qe(t)},qe=n=>{const e={};let t,s,i;const o=n.split("&");for(s=0,i=o.length;s<i;s++)t=o[s].split("="),e[decodeURIComponent(t[0])]=decodeURIComponent(t[1]);return e},Ge=(n,e,t,s,i)=>(o=void 0,r=null,l=!1,c=void 0)=>{const h=r;return r={...r},(async()=>{const _=n.location,f=o||_.pathname+(_.search||"")+(_.hash||"");if("state"in r||(r.state=Q(16)),s(m.loginAsync_begin,{}),r)for(const u of Object.keys(r))u.endsWith(":token_request")&&delete r[u];try{const u=l?t.silent_redirect_uri:t.redirect_uri;c||(c=t.scope);const y=t.extras?{...t.extras,...r}:r;y.nonce||(y.nonce=Q(12));const d={nonce:y.nonce},g=await O(t.service_worker_relative_url,e),k=await i(t.authority,t.authority_configuration);let w;if(g)g.setLoginParams(e,{callbackPath:f,extras:h}),await g.initAsync(k,"loginAsync",t),await g.setNonceAsync(d),g.startKeepAliveServiceWorker(),w=g;else{const p=P(e,t.storage??sessionStorage);p.setLoginParams(e,{callbackPath:f,extras:h}),await p.setNonceAsync(d),w=p}const S={client_id:t.client_id,redirect_uri:u,scope:c,response_type:"code",...y};await Ke(w)(k.authorizationEndpoint,S)}catch(u){throw s(m.loginAsync_error,u),u}})()},Je=n=>async(e=!1)=>{try{n.publishEvent(m.loginCallbackAsync_begin,{});const t=n.configuration,s=t.client_id,i=e?t.silent_redirect_uri:t.redirect_uri,o=t.authority,r=t.token_request_timeout,l=await n.initAsync(o,t.authority_configuration),h=B(window.location.href).session_state,a=await O(t.service_worker_relative_url,n.configurationName);let _,f,u,y;if(a)await a.initAsync(l,"loginCallbackAsync",t),await a.setSessionStateAsync(h),f=await a.getNonceAsync(),u=a.getLoginParams(n.configurationName),y=await a.getStateAsync(),a.startKeepAliveServiceWorker(),_=a;else{const v=P(n.configurationName,t.storage??sessionStorage);await v.setSessionStateAsync(h),f=await v.getNonceAsync(),u=v.getLoginParams(n.configurationName),y=await v.getStateAsync(),_=v}const d=B(window.location.toString());if(d.iss&&d.iss!==l.issuer)throw console.error(),new Error(`issuer not valid (expected: ${l.issuer}, received: ${d.iss})`);if(d.state&&d.state!==y)throw new Error(`state not valid (expected: ${y}, received: ${d.state})`);const g={code:d.code,grant_type:"authorization_code",client_id:t.client_id,redirect_uri:i},k={};if(t.token_request_extras)for(const[v,N]of Object.entries(t.token_request_extras))k[v]=N;if(u&&u.extras)for(const[v,N]of Object.entries(u.extras))v.endsWith(":token_request")&&(k[v.replace(":token_request","")]=N);const w=await Be(_)(l.tokenEndpoint,{...g,...k},n.configuration.token_renew_mode,r);if(!w.success)throw new Error("Token request failed");let S;const p=w.data.tokens;if(a?(await a.initAsync(i,"syncTokensAsync",t),S=a.getLoginParams(n.configurationName)):S=P(n.configurationName,t.storage).getLoginParams(n.configurationName),w.data.state!==k.state)throw new Error("state is not valid");const{isValid:A,reason:T}=oe(p,f.nonce,l);if(!A)throw new Error(`Tokens are not OpenID valid, reason: ${T}`);return await n.startCheckSessionAsync(l.checkSessionIframe,s,h,e),n.publishEvent(m.loginCallbackAsync_end,{}),{tokens:p,state:"request.state",callbackPath:S.callbackPath}}catch(t){throw console.error(t),n.publishEvent(m.loginCallbackAsync_error,t),t}},ye={access_token:"access_token",refresh_token:"refresh_token"},He=n=>async e=>{V.clearTimeout(n.timeoutId),n.timeoutId=null,n.checkSessionIFrame&&n.checkSessionIFrame.stop();const t=await O(n.configuration.service_worker_relative_url,n.configurationName);t?await t.clearAsync(e):await P(n.configurationName,n.configuration.storage).clearAsync(e),n.tokens=null,n.userInfo=null},Xe=(n,e,t,s,i)=>async(o=void 0,r=null)=>{const l=n.configuration,c=await n.initAsync(l.authority,l.authority_configuration);o&&typeof o!="string"&&(o=void 0,i.warn("callbackPathOrUrl path is not a string"));const h=o??location.pathname+(location.search||"")+(location.hash||"");let a=!1;o&&(a=o.includes("https://")||o.includes("http://"));const _=a?o:s.location.origin+h,f=n.tokens?n.tokens.idToken:"";try{const y=c.revocationEndpoint;if(y){const d=[],g=n.tokens.accessToken;if(g&&l.logout_tokens_to_invalidate.includes(ye.access_token)){const w=_e(t)(y,g,Z.access_token,l.client_id);d.push(w)}const k=n.tokens.refreshToken;if(k&&l.logout_tokens_to_invalidate.includes(ye.refresh_token)){const w=_e(t)(y,k,Z.refresh_token,l.client_id);d.push(w)}d.length>0&&await Promise.all(d)}}catch(y){i.warn("logoutAsync: error when revoking tokens, if the error persist, you ay configure property logout_tokens_to_invalidate from configuration to avoid this error"),i.warn(y)}const u=n.tokens&&n.tokens.idTokenPayload?n.tokens.idTokenPayload.sub:null;await n.destroyAsync("LOGGED_OUT");for(const[y,d]of Object.entries(e))d!==n&&await n.logoutSameTabAsync(n.configuration.client_id,u);if(c.endSessionEndpoint){r||(r={id_token_hint:f},o!==null&&(r.post_logout_redirect_uri=_));let y="";if(r)for(const[d,g]of Object.entries(r))y===""?y+="?":y+="&",y+=`${d}=${encodeURIComponent(g)}`;s.location.href=`${c.endSessionEndpoint}${y}`}else s.location.reload()},ze=n=>async(e=!1)=>{if(n.userInfo!=null&&!e)return n.userInfo;for(;n.tokens&&!X(n.tokens);)await x(200);if(!n.tokens)return null;const t=n.tokens.accessToken;if(!t)return null;const i=(await n.initAsync(n.configuration.authority,n.configuration.authority_configuration)).userInfoEndpoint,r=await(async l=>{const c=await fetch(i,{headers:{authorization:`Bearer ${l}`}});return c.status!==200?null:c.json()})(t);return n.userInfo=r,r},ge=()=>fetch;class ee{constructor(e){this.authorizationEndpoint=e.authorization_endpoint,this.tokenEndpoint=e.token_endpoint,this.revocationEndpoint=e.revocation_endpoint,this.userInfoEndpoint=e.userinfo_endpoint,this.checkSessionIframe=e.check_session_iframe,this.issuer=e.issuer,this.endSessionEndpoint=e.end_session_endpoint}}const C={},Ye=n=>(e,t="default")=>(C[t]||(C[t]=new $(e,t,n)),C[t]),Qe=async n=>{const{parsedTokens:e,callbackPath:t}=await n.loginCallbackAsync();return n.timeoutId=U(n,e.refreshToken,e.expiresAt),{callbackPath:t}},Ze=n=>Math.floor(Math.random()*n),L=class L{constructor(e,t="default",s){this.initPromise=null,this.tryKeepExistingSessionPromise=null,this.loginPromise=null,this.loginCallbackPromise=null,this.loginCallbackWithAutoTokensRenewPromise=null,this.userInfoPromise=null,this.renewTokensPromise=null,this.logoutPromise=null;let i=e.silent_login_uri;e.silent_redirect_uri&&!e.silent_login_uri&&(i=`${e.silent_redirect_uri.replace("-callback","").replace("callback","")}-login`);let o=e.refresh_time_before_tokens_expiration_in_second??120;o>60&&(o=o-Math.floor(Math.random()*40)),e.logout_tokens_to_invalidate||(e.logout_tokens_to_invalidate=["access_token","refresh_token"]),e.authority_timeout_wellknowurl_in_millisecond||(e.authority_timeout_wellknowurl_in_millisecond=1e4),this.configuration={...e,silent_login_uri:i,monitor_session:e.monitor_session??!1,refresh_time_before_tokens_expiration_in_second:o,silent_login_timeout:e.silent_login_timeout??12e3,token_renew_mode:e.token_renew_mode??q.access_token_or_id_token_invalid},this.getFetch=s??ge,this.configurationName=t,this.tokens=null,this.userInfo=null,this.events=[],this.timeoutId=null,this.synchroniseTokensAsync.bind(this),this.loginCallbackWithAutoTokensRenewAsync.bind(this),this.initAsync.bind(this),this.loginCallbackAsync.bind(this),this.subscribeEvents.bind(this),this.removeEventSubscription.bind(this),this.publishEvent.bind(this),this.destroyAsync.bind(this),this.logoutAsync.bind(this),this.renewTokensAsync.bind(this),this.initAsync(this.configuration.authority,this.configuration.authority_configuration)}subscribeEvents(e){const t=Ze(9999999999999).toString();return this.events.push({id:t,func:e}),t}removeEventSubscription(e){const t=this.events.filter(s=>s.id!==e);this.events=t}publishEvent(e,t){this.events.forEach(s=>{s.func(e,t)})}static get(e="default"){const t=typeof process>"u";if(!Object.prototype.hasOwnProperty.call(C,e)&&t)throw Error(`OIDC library does seem initialized.
|
|
2
|
+
Please checkout that you are using OIDC hook inside a <OidcProvider configurationName="${e}"></OidcProvider> compoment.`);return C[e]}_silentLoginCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const e=B(window.location.href);window.parent.postMessage(`${this.configurationName}_oidc_tokens:${JSON.stringify({tokens:this.tokens,sessionState:e.session_state})}`,window.location.origin)}}_silentLoginErrorCallbackFromIFrame(){if(this.configuration.silent_redirect_uri&&this.configuration.silent_login_uri){const e=B(window.location.href);window.parent.postMessage(`${this.configurationName}_oidc_error:${JSON.stringify({error:e.error})}`,window.location.origin)}}async silentLoginCallbackAsync(){try{await this.loginCallbackAsync(!0),this._silentLoginCallbackFromIFrame()}catch(e){console.error(e),this._silentLoginErrorCallbackFromIFrame()}}async initAsync(e,t){if(this.initPromise!==null)return this.initPromise;const s=async()=>{if(t!=null)return new ee({authorization_endpoint:t.authorization_endpoint,end_session_endpoint:t.end_session_endpoint,revocation_endpoint:t.revocation_endpoint,token_endpoint:t.token_endpoint,userinfo_endpoint:t.userinfo_endpoint,check_session_iframe:t.check_session_iframe,issuer:t.issuer});const o=await O(this.configuration.service_worker_relative_url,this.configurationName)?window.localStorage:null;return await Ve(this.getFetch())(e,this.configuration.authority_time_cache_wellknowurl_in_second??60*60,o,this.configuration.authority_timeout_wellknowurl_in_millisecond)};return this.initPromise=s(),this.initPromise.then(i=>(this.initPromise=null,i))}async tryKeepExistingSessionAsync(){if(this.tryKeepExistingSessionPromise!==null)return this.tryKeepExistingSessionPromise;const e=async()=>{let t;if(this.tokens!=null)return!1;this.publishEvent(m.tryKeepExistingSessionAsync_begin,{});try{const s=this.configuration,i=await this.initAsync(s.authority,s.authority_configuration);if(t=await O(s.service_worker_relative_url,this.configurationName),t){const{tokens:o}=await t.initAsync(i,"tryKeepExistingSessionAsync",s);if(o){t.startKeepAliveServiceWorker(),this.tokens=o;const r=t.getLoginParams(this.configurationName);this.timeoutId=U(this,this.tokens.refreshToken,this.tokens.expiresAt,r.extras);const l=await t.getSessionStateAsync();return await this.startCheckSessionAsync(i.check_session_iframe,s.client_id,l),this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside ServiceWorker are valid"}),!0}this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:"no exiting session found"})}else{s.service_worker_relative_url&&this.publishEvent(m.service_worker_not_supported_by_browser,{message:"service worker is not supported by this browser"});const o=P(this.configurationName,s.storage??sessionStorage),{tokens:r}=await o.initAsync();if(r){this.tokens=se(r,null,s.token_renew_mode);const l=o.getLoginParams(this.configurationName);this.timeoutId=U(this,r.refreshToken,this.tokens.expiresAt,l.extras);const c=await o.getSessionStateAsync();return await this.startCheckSessionAsync(i.check_session_iframe,s.client_id,c),this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!0,message:"tokens inside storage are valid"}),!0}}return this.publishEvent(m.tryKeepExistingSessionAsync_end,{success:!1,message:t?"service worker sessions not retrieved":"session storage sessions not retrieved"}),!1}catch(s){return console.error(s),t&&await t.clearAsync(),this.publishEvent(m.tryKeepExistingSessionAsync_error,"tokens inside ServiceWorker are invalid"),!1}};return this.tryKeepExistingSessionPromise=e(),this.tryKeepExistingSessionPromise.then(t=>(this.tryKeepExistingSessionPromise=null,t))}async startCheckSessionAsync(e,t,s,i=!1){await Ie(this,C,this.configuration)(e,t,s,i)}async loginAsync(e=void 0,t=null,s=!1,i=void 0,o=!1){return this.loginPromise!==null?this.loginPromise:o?Ee(window,this.configurationName,this.configuration,this.publishEvent.bind(this),this)(t,i):(this.loginPromise=Ge(window,this.configurationName,this.configuration,this.publishEvent.bind(this),this.initAsync.bind(this))(e,t,s,i),this.loginPromise.then(r=>(this.loginPromise=null,r)))}async loginCallbackAsync(e=!1){if(this.loginCallbackPromise!==null)return this.loginCallbackPromise;const t=async()=>{const s=await Je(this)(e),i=s.tokens;return this.tokens=i,await O(this.configuration.service_worker_relative_url,this.configurationName)||P(this.configurationName,this.configuration.storage).setTokens(i),this.publishEvent(L.eventNames.token_aquired,i),{parsedTokens:i,state:s.state,callbackPath:s.callbackPath}};return this.loginCallbackPromise=t(),this.loginCallbackPromise.then(s=>(this.loginCallbackPromise=null,s))}async synchroniseTokensAsync(e,t=0,s=!1,i=null,o){for(;!navigator.onLine&&document.hidden;)await x(1e3),this.publishEvent(m.refreshTokensAsync,{message:"wait because navigator is offline and hidden"});let r=6;for(;!navigator.onLine&&r>0;)await x(1e3),r--,this.publishEvent(m.refreshTokensAsync,{message:`wait because navigator is offline try ${r}`});let l=Math.floor(Math.random()*15)+10;for(;document.hidden&&l>0;)await x(1e3),l--,this.publishEvent(m.refreshTokensAsync,{message:`wait because navigator is hidden try ${l}`});const h=document.hidden?t:t+1;i||(i={});const a=this.configuration,_=(u,y,d=null)=>z(this.configurationName,this.configuration,this.publishEvent.bind(this))(u,y,d),f=async()=>{try{let u;const y=await O(a.service_worker_relative_url,this.configurationName);y?u=y.getLoginParams(this.configurationName):u=P(this.configurationName,a.storage).getLoginParams(this.configurationName);const d=await _({...u.extras,...i,prompt:"none"},u.state);if(d)return o(d.tokens),this.publishEvent(L.eventNames.token_renewed,{}),{tokens:d.tokens,status:"LOGGED"}}catch(u){if(console.error(u),this.publishEvent(m.refreshTokensAsync_silent_error,{message:"exceptionSilent",exception:u.message}),u&&u.message&&u.message.startsWith("oidc"))return o(null),this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent"}),{tokens:null,status:"SESSION_LOST"}}return this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token silent return"}),await this.synchroniseTokensAsync(null,h,s,i,o)};if(t>4)return o(null),this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token"}),{tokens:null,status:"SESSION_LOST"};try{const{status:u,tokens:y,nonce:d}=await this.syncTokensInfoAsync(a,this.configurationName,this.tokens,s);switch(u){case"SESSION_LOST":return o(null),this.publishEvent(m.refreshTokensAsync_error,{message:"refresh token session lost"}),{tokens:null,status:"SESSION_LOST"};case"NOT_CONNECTED":return o(null),{tokens:null,status:null};case"TOKENS_VALID":return o(y),{tokens:y,status:"LOGGED_IN"};case"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":return o(y),this.publishEvent(L.eventNames.token_renewed,{reason:"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID"}),{tokens:y,status:"LOGGED_IN"};case"LOGOUT_FROM_ANOTHER_TAB":return o(null),this.publishEvent(m.logout_from_another_tab,{status:"session syncTokensAsync"}),{tokens:null,status:"LOGGED_OUT"};case"REQUIRE_SYNC_TOKENS":return this.publishEvent(m.refreshTokensAsync_begin,{refreshToken:e,status:u,tryNumber:t}),await f();default:{if(this.publishEvent(m.refreshTokensAsync_begin,{refreshToken:e,status:u,tryNumber:t}),!e)return await f();const g=a.client_id,k=a.redirect_uri,w=a.authority,p={...a.token_request_extras?a.token_request_extras:{}};for(const[T,v]of Object.entries(i))T.endsWith(":token_request")&&(p[T.replace(":token_request","")]=v);return await(async()=>{const T={client_id:g,redirect_uri:k,grant_type:"refresh_token",refresh_token:y.refreshToken},v=await this.initAsync(w,a.authority_configuration),N=document.hidden?1e4:3e4*10,W=await Ue(this.getFetch())(v.tokenEndpoint,T,p,y,a.token_renew_mode,N);if(W.success){const{isValid:en,reason:nn}=oe(W.data,d.nonce,v);return en?(o(W.data),this.publishEvent(m.refreshTokensAsync_end,{success:W.success}),this.publishEvent(L.eventNames.token_renewed,{reason:"REFRESH_TOKEN"}),{tokens:W.data,status:"LOGGED_IN"}):(o(null),this.publishEvent(m.refreshTokensAsync_error,{message:`refresh token return not valid tokens, reason: ${nn}`}),{tokens:null,status:"SESSION_LOST"})}else return this.publishEvent(m.refreshTokensAsync_silent_error,{message:"bad request",tokenResponse:W}),await this.synchroniseTokensAsync(e,h,s,i,o)})()}}}catch(u){return console.error(u),this.publishEvent(m.refreshTokensAsync_silent_error,{message:"exception",exception:u.message}),this.synchroniseTokensAsync(e,h,s,i,o)}}async syncTokensInfoAsync(e,t,s,i=!1){const o={nonce:null};if(!s)return{tokens:null,status:"NOT_CONNECTED",nonce:o};let r=o;const l=await this.initAsync(e.authority,e.authority_configuration),c=await O(e.service_worker_relative_url,t);if(c){const{status:_,tokens:f}=await c.initAsync(l,"syncTokensAsync",e);if(_==="LOGGED_OUT")return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:o};if(_==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:o};if(!_||!f)return{tokens:null,status:"REQUIRE_SYNC_TOKENS",nonce:o};if(f.issuedAt!==s.issuedAt){const y=M(e.refresh_time_before_tokens_expiration_in_second,f.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",d=await c.getNonceAsync();return{tokens:f,status:y,nonce:d}}r=await c.getNonceAsync()}else{const _=P(t,e.storage??sessionStorage),{tokens:f,status:u}=await _.initAsync();if(f){if(u==="SESSIONS_LOST")return{tokens:null,status:"SESSIONS_LOST",nonce:o};if(f.issuedAt!==s.issuedAt){const d=M(e.refresh_time_before_tokens_expiration_in_second,f.expiresAt)>0?"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_VALID":"TOKEN_UPDATED_BY_ANOTHER_TAB_TOKENS_INVALID",g=await _.getNonceAsync();return{tokens:f,status:d,nonce:g}}}else return{tokens:null,status:"LOGOUT_FROM_ANOTHER_TAB",nonce:o};r=await _.getNonceAsync()}const a=M(e.refresh_time_before_tokens_expiration_in_second,s.expiresAt)>0?"TOKENS_VALID":"TOKENS_INVALID";return i?{tokens:s,status:"FORCE_REFRESH",nonce:r}:{tokens:s,status:a,nonce:r}}loginCallbackWithAutoTokensRenewAsync(){return this.loginCallbackWithAutoTokensRenewPromise!==null?this.loginCallbackWithAutoTokensRenewPromise:(this.loginCallbackWithAutoTokensRenewPromise=Qe(this),this.loginCallbackWithAutoTokensRenewPromise.then(e=>(this.loginCallbackWithAutoTokensRenewPromise=null,e)))}userInfoAsync(e=!1){return this.userInfoPromise!==null?this.userInfoPromise:(this.userInfoPromise=ze(this)(e),this.userInfoPromise.then(t=>(this.userInfoPromise=null,t)))}async renewTokensAsync(e=null){if(this.renewTokensPromise!==null)return this.renewTokensPromise;if(this.timeoutId)return V.clearTimeout(this.timeoutId),this.renewTokensPromise=ue(this,this.tokens.refreshToken,!0,e),this.renewTokensPromise.then(t=>(this.renewTokensPromise=null,t))}async destroyAsync(e){return await He(this)(e)}async logoutSameTabAsync(e,t){this.configuration.monitor_session&&this.configuration.client_id===e&&t&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===t&&(this.publishEvent(m.logout_from_same_tab,{message:t}),await this.destroyAsync("LOGGED_OUT"))}async logoutOtherTabAsync(e,t){this.configuration.monitor_session&&this.configuration.client_id===e&&t&&this.tokens&&this.tokens.idTokenPayload&&this.tokens.idTokenPayload.sub===t&&(await this.destroyAsync("LOGGED_OUT"),this.publishEvent(m.logout_from_another_tab,{message:"SessionMonitor",sub:t}))}async logoutAsync(e=void 0,t=null){return this.logoutPromise?this.logoutPromise:(this.logoutPromise=Xe(this,C,this.getFetch(),window,console)(e,t),this.logoutPromise.then(s=>(this.logoutPromise=null,s)))}};L.getOrCreate=e=>(t,s="default")=>Ye(e)(t,s),L.eventNames=m;let $=L;const D=class D{constructor(e){this._oidc=e}subscribeEvents(e){return this._oidc.subscribeEvents(e)}removeEventSubscription(e){this._oidc.removeEventSubscription(e)}publishEvent(e,t){this._oidc.publishEvent(e,t)}static get(e="default"){return new D($.get(e))}tryKeepExistingSessionAsync(){return this._oidc.tryKeepExistingSessionAsync()}loginAsync(e=void 0,t=null,s=!1,i=void 0,o=!1){return this._oidc.loginAsync(e,t,s,i,o)}logoutAsync(e=void 0,t=null){return this._oidc.logoutAsync(e,t)}silentLoginCallbackAsync(){return this._oidc.silentLoginCallbackAsync()}renewTokensAsync(e=null){return this._oidc.renewTokensAsync(e)}loginCallbackAsync(){return this._oidc.loginCallbackWithAutoTokensRenewAsync()}get tokens(){return this._oidc.tokens}get configuration(){return this._oidc.configuration}async getValidTokenAsync(e=200,t=50){return ve(this._oidc,e,t)}async userInfoAsync(e=!1){return this._oidc.userInfoAsync(e)}};D.getOrCreate=e=>(t,s="default")=>new D($.getOrCreate(e)(t,s)),D.eventNames=$.eventNames;let ne=D;b.OidcClient=ne,b.TokenRenewMode=q,b.getFetchDefault=ge,b.getParseQueryStringFromLocation=B,b.getPath=je,Object.defineProperty(b,Symbol.toStringTag,{value:"Module"})});
|
package/dist/version.d.ts
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
declare const _default: "7.4.
|
|
1
|
+
declare const _default: "7.4.1";
|
|
2
2
|
export default _default;
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@axa-fr/oidc-client",
|
|
3
|
-
"version": "7.4.
|
|
3
|
+
"version": "7.4.1",
|
|
4
4
|
"private": false,
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "./dist/index.umd.cjs",
|
|
@@ -20,7 +20,7 @@
|
|
|
20
20
|
"url": "https://github.com/AxaFrance/oidc-client.git"
|
|
21
21
|
},
|
|
22
22
|
"dependencies": {
|
|
23
|
-
"@axa-fr/oidc-client-service-worker": "7.4.
|
|
23
|
+
"@axa-fr/oidc-client-service-worker": "7.4.1"
|
|
24
24
|
},
|
|
25
25
|
"devDependencies": {
|
|
26
26
|
"@testing-library/dom": "^9.3.1",
|
package/src/oidc.ts
CHANGED
|
@@ -329,11 +329,6 @@ Please checkout that you are using OIDC hook inside a <OidcProvider configuratio
|
|
|
329
329
|
if (!serviceWorker) {
|
|
330
330
|
const session = initSession(this.configurationName, this.configuration.storage);
|
|
331
331
|
session.setTokens(parsedTokens);
|
|
332
|
-
} else {
|
|
333
|
-
// @ts-ignore
|
|
334
|
-
if(!parsedTokens.fromServiceWorker){
|
|
335
|
-
throw Error('security issue, parsedTokens.fromServiceWorker is not defined');
|
|
336
|
-
}
|
|
337
332
|
}
|
|
338
333
|
this.publishEvent(Oidc.eventNames.token_aquired, parsedTokens);
|
|
339
334
|
// @ts-ignore
|
package/src/parseTokens.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import {sleepAsync} from './initWorker.js';
|
|
2
2
|
|
|
3
3
|
const b64DecodeUnicode = (str) =>
|
|
4
4
|
decodeURIComponent(Array.prototype.map.call(atob(str), (c) => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2)).join(''));
|
|
@@ -46,20 +46,29 @@ export const TokenRenewMode = {
|
|
|
46
46
|
id_token_invalid: 'id_token_invalid',
|
|
47
47
|
};
|
|
48
48
|
|
|
49
|
+
function extractedIssueAt(tokens, accessTokenPayload, _idTokenPayload) {
|
|
50
|
+
if (!tokens.issuedAt) {
|
|
51
|
+
if (accessTokenPayload && accessTokenPayload.iat) {
|
|
52
|
+
return accessTokenPayload.iat;
|
|
53
|
+
} else if (_idTokenPayload && _idTokenPayload.iat) {
|
|
54
|
+
return _idTokenPayload.iat;
|
|
55
|
+
} else {
|
|
56
|
+
const currentTimeUnixSecond = new Date().getTime() / 1000;
|
|
57
|
+
return currentTimeUnixSecond;
|
|
58
|
+
}
|
|
59
|
+
} else if (typeof tokens.issuedAt == "string") {
|
|
60
|
+
return parseInt(tokens.issuedAt, 10);
|
|
61
|
+
}
|
|
62
|
+
return tokens.issuedAt;
|
|
63
|
+
}
|
|
64
|
+
|
|
49
65
|
export const setTokens = (tokens, oldTokens = null, tokenRenewMode: string):Tokens => {
|
|
50
66
|
if (!tokens) {
|
|
51
67
|
return null;
|
|
52
68
|
}
|
|
53
69
|
let accessTokenPayload;
|
|
54
70
|
const expireIn = typeof tokens.expiresIn == "string" ? parseInt(tokens.expiresIn, 10) : tokens.expiresIn;
|
|
55
|
-
|
|
56
|
-
if (!tokens.issuedAt) {
|
|
57
|
-
const currentTimeUnixSecond = new Date().getTime() / 1000;
|
|
58
|
-
tokens.issuedAt = currentTimeUnixSecond;
|
|
59
|
-
} else if (typeof tokens.issuedAt == "string") {
|
|
60
|
-
tokens.issuedAt = parseInt(tokens.issuedAt, 10);
|
|
61
|
-
}
|
|
62
|
-
|
|
71
|
+
|
|
63
72
|
if (tokens.accessTokenPayload !== undefined) {
|
|
64
73
|
accessTokenPayload = tokens.accessTokenPayload;
|
|
65
74
|
} else {
|
|
@@ -70,6 +79,8 @@ export const setTokens = (tokens, oldTokens = null, tokenRenewMode: string):Toke
|
|
|
70
79
|
const idTokenExpireAt = (_idTokenPayload && _idTokenPayload.exp) ? _idTokenPayload.exp : Number.MAX_VALUE;
|
|
71
80
|
const accessTokenExpiresAt = (accessTokenPayload && accessTokenPayload.exp) ? accessTokenPayload.exp : tokens.issuedAt + expireIn;
|
|
72
81
|
|
|
82
|
+
tokens.issuedAt = extractedIssueAt(tokens, accessTokenPayload, _idTokenPayload);
|
|
83
|
+
|
|
73
84
|
let expiresAt;
|
|
74
85
|
if(tokens.expiresAt)
|
|
75
86
|
{
|
|
@@ -127,18 +138,16 @@ export const parseOriginalTokens = (tokens, oldTokens, tokenRenewMode: string) =
|
|
|
127
138
|
// @ts-ignore
|
|
128
139
|
data.idTokenPayload = tokens.idTokenPayload;
|
|
129
140
|
}
|
|
130
|
-
|
|
131
|
-
if(tokens.fromServiceWorker !== undefined) {
|
|
132
|
-
// @ts-ignore
|
|
133
|
-
data.fromServiceWorker = tokens.fromServiceWorker;
|
|
134
|
-
}
|
|
135
141
|
|
|
136
142
|
return setTokens(data, oldTokens, tokenRenewMode);
|
|
137
143
|
};
|
|
138
144
|
|
|
139
145
|
export const computeTimeLeft = (refreshTimeBeforeTokensExpirationInSecond, expiresAt) => {
|
|
140
146
|
const currentTimeUnixSecond = new Date().getTime() / 1000;
|
|
141
|
-
|
|
147
|
+
|
|
148
|
+
const timeLeftSecond = expiresAt - currentTimeUnixSecond;
|
|
149
|
+
|
|
150
|
+
return Math.round(timeLeftSecond - refreshTimeBeforeTokensExpirationInSecond);
|
|
142
151
|
};
|
|
143
152
|
|
|
144
153
|
export const isTokensValid = (tokens) => {
|
package/src/version.ts
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
export default '7.4.
|
|
1
|
+
export default '7.4.1';
|