@axa-fr/react-oidc 6.21.0 → 6.22.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (19) hide show
  1. package/dist/service_worker/OidcServiceWorker.js +1 -1
  2. package/dist/service_worker/OidcServiceWorker.js.map +1 -1
  3. package/dist/service_worker/types.d.ts +3 -1
  4. package/dist/service_worker/types.d.ts.map +1 -1
  5. package/dist/service_worker/utils/domains.d.ts +2 -1
  6. package/dist/service_worker/utils/domains.d.ts.map +1 -1
  7. package/dist/tsconfig.tsbuildinfo +1 -1
  8. package/package.json +1 -1
  9. package/service_worker/OidcServiceWorker.ts +2 -2
  10. package/service_worker/OidcTrustedDomains.js +8 -1
  11. package/service_worker/dist/OidcServiceWorker.js +1 -1
  12. package/service_worker/dist/OidcServiceWorker.js.map +1 -1
  13. package/service_worker/dist/types.d.ts +3 -1
  14. package/service_worker/dist/types.d.ts.map +1 -1
  15. package/service_worker/dist/utils/domains.d.ts +2 -1
  16. package/service_worker/dist/utils/domains.d.ts.map +1 -1
  17. package/service_worker/types.ts +3 -1
  18. package/service_worker/utils/__tests__/domains.spec.ts +39 -13
  19. package/service_worker/utils/domains.ts +11 -2
package/dist/service_worker/OidcServiceWorker.js CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";const N="OidcTrustedDomains.js",A="*",_={REFRESH_TOKEN:"REFRESH_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER",ACCESS_TOKEN:"ACCESS_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER",NONCE_TOKEN:"NONCE_SECURED_BY_OIDC_SERVICE_WORKER",CODE_VERIFIER:"CODE_VERIFIER_SECURED_BY_OIDC_SERVICE_WORKER"},w={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"},I="/.well-known/openid-configuration";function x(t,e){if(!e)return;if(!t.find(n=>{var i;let o;return typeof n=="string"?o=new RegExp(`^${n}`):o=n,(i=o.test)==null?void 0:i.call(o,e)}))throw new Error("Domain "+e+" is not trusted, please add domain in "+N)}const K=(t,e,s)=>{var n;if(e.endsWith(I))return null;for(const[o,i]of Object.entries(t)){const d=i.oidcServerConfiguration;if(!d||d.tokenEndpoint&&e===d.tokenEndpoint||d.revocationEndpoint&&e===d.revocationEndpoint)continue;const l=s==null?[]:s[o],f=Array.isArray(l)?l:l.domains,a=d.userInfoEndpoint?[d.userInfoEndpoint,...f]:[...f];let c=!1;if(a.find(h=>h===A))c=!0;else for(let h=0;h<a.length;h++){let r=a[h];if(typeof r=="string"&&(r=new RegExp(`^${r}`)),(n=r.test)!=null&&n.call(r,e)){c=!0;break}}if(c)return i.tokens?i:null}return null};function M(t,e){return t.split(e).length-1}function U(t){return JSON.parse(P(t.split(".")[1].replace("-","+").replace("_","/")))}function P(t){return decodeURIComponent(Array.prototype.map.call(atob(t),e=>"%"+("00"+e.charCodeAt(0).toString(16)).slice(-2)).join(""))}function W(t,e){const s=new Date().getTime()/1e3;return Math.round(e-t-s)}function F(t){return t?W(0,t.expiresAt)>0:!1}const O=t=>{try{return t&&M(t,".")===2?U(t):null}catch(e){console.warn(e)}return null},b=(t,e,s)=>{if(t.idTokenPayload){const n=t.idTokenPayload;if(s.issuer!==n.iss)return{isValid:!1,reason:"Issuer does not match"};const o=new Date().getTime()/1e3;if(n.exp&&n.exp<o)return{isValid:!1,reason:"Token expired"};const i=60*60*24*7;if(n.iat&&n.iat+i<o)return{isValid:!1,reason:"Token is used from too long time"};if(n.nonce&&n.nonce!==e)return{isValid:!1,reason:"Nonce does not match"}}return{isValid:!0,reason:""}};function q(t,e,s){if(!t.issued_at){const u=new Date().getTime()/1e3;t.issued_at=u}const n=O(t.access_token),o={...t,accessTokenPayload:n};e.hideAccessToken&&(o.access_token=_.ACCESS_TOKEN+"_"+s),t.accessTokenPayload=n;let i=null;if(t.id_token){if(i=O(t.id_token),t.idTokenPayload={...i},i.nonce&&e.nonce!=null){const u=_.NONCE_TOKEN+"_"+e.configurationName;i.nonce=u}o.idTokenPayload=i}t.refresh_token&&(o.refresh_token=_.REFRESH_TOKEN+"_"+s);const d=i&&i.exp?i.exp:Number.MAX_VALUE,l=n&&n.exp?n.exp:t.issued_at+t.expires_in;let f;const a=e.oidcConfiguration.token_renew_mode;a===w.access_token_invalid?f=l:a===w.id_token_invalid?f=d:f=d<l?d:l,o.expiresAt=f,t.expiresAt=f;const c=e.nonce?e.nonce.nonce:null,{isValid:h,reason:r}=b(t,c,e.oidcServerConfiguration);if(!h)throw Error(`Tokens are not OpenID valid, reason: ${r}`);if(e.tokens!=null&&"refresh_token"in e.tokens&&!("refresh_token"in t)){const u=e.tokens.refresh_token;e.tokens={...t,refresh_token:u}}else e.tokens=t;return e.status="LOGGED_IN",o}function y(t){const e=t.configurationName;return s=>s.status!==200?s:s.json().then(n=>{const o=q(n,t,e),i=JSON.stringify(o);return new Response(i,s)})}function T(t){const e={};for(const s of t.keys())t.has(s)&&(e[s]=t.get(s));return e}const D=t=>new Promise(e=>setTimeout(e,t)),E=self;E.importScripts(N);const V=Math.round(new Date().getTime()/1e3).toString(),L="OidcKeepAliveServiceWorker.json",H=t=>{console.log("[OidcServiceWorker] service worker installed "+V),t.waitUntil(E.skipWaiting())},j=t=>{console.log("[OidcServiceWorker] service worker activated "+V),t.waitUntil(E.clients.claim())};let m=null;const g={default:{configurationName:"default",tokens:null,status:null,state:null,codeVerifier:null,nonce:null,oidcServerConfiguration:null,hideAccessToken:!0}},J=(t,e)=>{const s=[];for(const[,n]of Object.entries(t))(n.oidcServerConfiguration!=null&&e.startsWith(n.oidcServerConfiguration.tokenEndpoint)||n.oidcServerConfiguration!=null&&n.oidcServerConfiguration.revocationEndpoint&&e.startsWith(n.oidcServerConfiguration.revocationEndpoint))&&s.push(n);return s},Y=async t=>{const e=t.request,s=e.headers.has("oidc-vanilla"),n={status:200,statusText:"oidc-service-worker"},o=new Response("{}",n);if(!s){const i=new URL(e.url),d=Number(i.searchParams.get("minSleepSeconds"))||240;for(let l=0;l<d;l++)await D(1e3+Math.floor(Math.random()*1e3)),await(await caches.open("oidc_dummy_cache")).put(t.request,o.clone())}return o},z=async t=>{const e=t.request,s=e.url;if(e.url.includes(L)){t.respondWith(Y(t));return}const n=K(g,e.url,trustedDomains);if(n&&n.tokens&&n.tokens.access_token){for(;n.tokens&&!F(n.tokens);)await D(200);const l=e.mode=="navigate"?new Request(e,{headers:{...T(e.headers),authorization:"Bearer "+n.tokens.access_token}}):new Request(e,{headers:{...T(e.headers),authorization:"Bearer "+n.tokens.access_token},mode:n.oidcConfiguration.service_worker_convert_all_requests_to_cors?"cors":e.mode});t.waitUntil(t.respondWith(fetch(l)));return}if(t.request.method!=="POST")return;let o=null;const i=J(g,e.url),d=i.length;if(d>0){const l=new Promise((f,a)=>{const c=e.clone();c.text().then(r=>{if(r.includes(_.REFRESH_TOKEN)||r.includes(_.ACCESS_TOKEN)){let u=r;for(let p=0;p<d;p++){const k=i[p];if(k&&k.tokens!=null){const R=_.REFRESH_TOKEN+"_"+k.configurationName;if(r.includes(R)){u=u.replace(R,encodeURIComponent(k.tokens.refresh_token)),o=k;break}const v=_.ACCESS_TOKEN+"_"+k.configurationName;if(r.includes(v)){u=u.replace(v,encodeURIComponent(k.tokens.access_token)),o=k;break}}}const S=fetch(e,{body:u,method:c.method,headers:{...T(e.headers)},mode:c.mode,cache:c.cache,redirect:c.redirect,referrer:c.referrer,credentials:c.credentials,integrity:c.integrity});return o&&o.oidcServerConfiguration!=null&&o.oidcServerConfiguration.revocationEndpoint&&s.startsWith(o.oidcServerConfiguration.revocationEndpoint)?S.then(async p=>{const k=await p.text();return new Response(k,p)}):S.then(y(o))}else if(r.includes("code_verifier=")&&m){o=g[m],m=null;let u=r;if(o&&o.codeVerifier!=null){const S=_.CODE_VERIFIER+"_"+o.configurationName;r.includes(S)&&(u=u.replace(S,o.codeVerifier))}return fetch(e,{body:u,method:c.method,headers:{...T(e.headers)},mode:c.mode,cache:c.cache,redirect:c.redirect,referrer:c.referrer,credentials:c.credentials,integrity:c.integrity}).then(y(o))}}).then(r=>{r!==void 0?f(r):(console.log("success undefined"),a(new Error("Response is undefined inside a success")))}).catch(r=>{r!==void 0?a(r):(console.log("error undefined"),a(new Error("Response is undefined inside a error")))})});t.waitUntil(t.respondWith(l))}},C={},$=t=>{const e=t.ports[0],s=t.data,n=s.configurationName;let o=g[n];if(trustedDomains==null&&(trustedDomains={}),!o){if(C[n]===void 0){let i=trustedDomains[n];C[n]=Array.isArray(i)?!1:i.showAccessToken}g[n]={tokens:null,state:null,codeVerifier:null,oidcServerConfiguration:null,oidcConfiguration:void 0,nonce:null,status:null,configurationName:n,hideAccessToken:!C[n]},o=g[n],trustedDomains[n]||(trustedDomains[n]=[])}switch(s.type){case"clear":o.tokens=null,o.state=null,o.codeVerifier=null,o.status=s.data.status,e.postMessage({configurationName:n});return;case"init":{const i=s.data.oidcServerConfiguration;let d=trustedDomains[n];const l=Array.isArray(d)?d:d.domains;l.find(a=>a===A)||[i.tokenEndpoint,i.revocationEndpoint,i.userInfoEndpoint,i.issuer].forEach(a=>{x(l,a)}),o.oidcServerConfiguration=i,o.oidcConfiguration=s.data.oidcConfiguration;const f=s.data.where;if(f==="loginCallbackAsync"||f==="tryKeepExistingSessionAsync"?m=n:m=null,!o.tokens)e.postMessage({tokens:null,status:o.status,configurationName:n});else{const a={...o.tokens};o.hideAccessToken&&(a.access_token=_.ACCESS_TOKEN+"_"+n),a.refresh_token&&(a.refresh_token=_.REFRESH_TOKEN+"_"+n),a.idTokenPayload&&a.idTokenPayload.nonce&&o.nonce!=null&&(a.idTokenPayload.nonce=_.NONCE_TOKEN+"_"+n),e.postMessage({tokens:a,status:o.status,configurationName:n})}return}case"setState":o.state=s.data.state,e.postMessage({configurationName:n});return;case"getState":{const i=o.state;e.postMessage({configurationName:n,state:i});return}case"setCodeVerifier":o.codeVerifier=s.data.codeVerifier,e.postMessage({configurationName:n});return;case"getCodeVerifier":{e.postMessage({configurationName:n,codeVerifier:_.CODE_VERIFIER+"_"+n});return}case"setSessionState":o.sessionState=s.data.sessionState,e.postMessage({configurationName:n});return;case"getSessionState":{const i=o.sessionState;e.postMessage({configurationName:n,sessionState:i});return}case"setNonce":o.nonce=s.data.nonce,e.postMessage({configurationName:n});return;default:o.items={...s.data},e.postMessage({configurationName:n})}};E.addEventListener("install",H);E.addEventListener("activate",j);E.addEventListener("fetch",z);E.addEventListener("message",$);
1
+ "use strict";const N="OidcTrustedDomains.js",A="*",_={REFRESH_TOKEN:"REFRESH_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER",ACCESS_TOKEN:"ACCESS_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER",NONCE_TOKEN:"NONCE_SECURED_BY_OIDC_SERVICE_WORKER",CODE_VERIFIER:"CODE_VERIFIER_SECURED_BY_OIDC_SERVICE_WORKER"},w={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"},x="/.well-known/openid-configuration";function K(n,e){if(!e)return;if(!n.find(o=>{var i;let t;return typeof o=="string"?t=new RegExp(`^${o}`):t=o,(i=t.test)==null?void 0:i.call(t,e)}))throw new Error("Domain "+e+" is not trusted, please add domain in "+N)}const D=(n,e)=>Array.isArray(n)?n:n[`${e}Domains`]??n.domains??[],M=(n,e,s)=>{var o;if(e.endsWith(x))return null;for(const[t,i]of Object.entries(n)){const d=i.oidcServerConfiguration;if(!d||d.tokenEndpoint&&e===d.tokenEndpoint||d.revocationEndpoint&&e===d.revocationEndpoint)continue;const l=s==null?[]:s[t],f=D(l,"accessToken"),a=d.userInfoEndpoint?[d.userInfoEndpoint,...f]:[...f];let c=!1;if(a.find(h=>h===A))c=!0;else for(let h=0;h<a.length;h++){let r=a[h];if(typeof r=="string"&&(r=new RegExp(`^${r}`)),(o=r.test)!=null&&o.call(r,e)){c=!0;break}}if(c)return i.tokens?i:null}return null};function U(n,e){return n.split(e).length-1}function P(n){return JSON.parse(W(n.split(".")[1].replace("-","+").replace("_","/")))}function W(n){return decodeURIComponent(Array.prototype.map.call(atob(n),e=>"%"+("00"+e.charCodeAt(0).toString(16)).slice(-2)).join(""))}function F(n,e){const s=new Date().getTime()/1e3;return Math.round(e-n-s)}function b(n){return n?F(0,n.expiresAt)>0:!1}const O=n=>{try{return n&&U(n,".")===2?P(n):null}catch(e){console.warn(e)}return null},q=(n,e,s)=>{if(n.idTokenPayload){const o=n.idTokenPayload;if(s.issuer!==o.iss)return{isValid:!1,reason:"Issuer does not match"};const t=new Date().getTime()/1e3;if(o.exp&&o.exp<t)return{isValid:!1,reason:"Token expired"};const i=60*60*24*7;if(o.iat&&o.iat+i<t)return{isValid:!1,reason:"Token is used from too long time"};if(o.nonce&&o.nonce!==e)return{isValid:!1,reason:"Nonce does not match"}}return{isValid:!0,reason:""}};function L(n,e,s){if(!n.issued_at){const u=new Date().getTime()/1e3;n.issued_at=u}const o=O(n.access_token),t={...n,accessTokenPayload:o};e.hideAccessToken&&(t.access_token=_.ACCESS_TOKEN+"_"+s),n.accessTokenPayload=o;let i=null;if(n.id_token){if(i=O(n.id_token),n.idTokenPayload={...i},i.nonce&&e.nonce!=null){const u=_.NONCE_TOKEN+"_"+e.configurationName;i.nonce=u}t.idTokenPayload=i}n.refresh_token&&(t.refresh_token=_.REFRESH_TOKEN+"_"+s);const d=i&&i.exp?i.exp:Number.MAX_VALUE,l=o&&o.exp?o.exp:n.issued_at+n.expires_in;let f;const a=e.oidcConfiguration.token_renew_mode;a===w.access_token_invalid?f=l:a===w.id_token_invalid?f=d:f=d<l?d:l,t.expiresAt=f,n.expiresAt=f;const c=e.nonce?e.nonce.nonce:null,{isValid:h,reason:r}=q(n,c,e.oidcServerConfiguration);if(!h)throw Error(`Tokens are not OpenID valid, reason: ${r}`);if(e.tokens!=null&&"refresh_token"in e.tokens&&!("refresh_token"in n)){const u=e.tokens.refresh_token;e.tokens={...n,refresh_token:u}}else e.tokens=n;return e.status="LOGGED_IN",t}function y(n){const e=n.configurationName;return s=>s.status!==200?s:s.json().then(o=>{const t=L(o,n,e),i=JSON.stringify(t);return new Response(i,s)})}function m(n){const e={};for(const s of n.keys())n.has(s)&&(e[s]=n.get(s));return e}const V=n=>new Promise(e=>setTimeout(e,n)),E=self;E.importScripts(N);const I=Math.round(new Date().getTime()/1e3).toString(),H="OidcKeepAliveServiceWorker.json",j=n=>{console.log("[OidcServiceWorker] service worker installed "+I),n.waitUntil(E.skipWaiting())},J=n=>{console.log("[OidcServiceWorker] service worker activated "+I),n.waitUntil(E.clients.claim())};let T=null;const g={default:{configurationName:"default",tokens:null,status:null,state:null,codeVerifier:null,nonce:null,oidcServerConfiguration:null,hideAccessToken:!0}},Y=(n,e)=>{const s=[];for(const[,o]of Object.entries(n))(o.oidcServerConfiguration!=null&&e.startsWith(o.oidcServerConfiguration.tokenEndpoint)||o.oidcServerConfiguration!=null&&o.oidcServerConfiguration.revocationEndpoint&&e.startsWith(o.oidcServerConfiguration.revocationEndpoint))&&s.push(o);return s},$=async n=>{const e=n.request,s=e.headers.has("oidc-vanilla"),o={status:200,statusText:"oidc-service-worker"},t=new Response("{}",o);if(!s){const i=new URL(e.url),d=Number(i.searchParams.get("minSleepSeconds"))||240;for(let l=0;l<d;l++)await V(1e3+Math.floor(Math.random()*1e3)),await(await caches.open("oidc_dummy_cache")).put(n.request,t.clone())}return t},z=async n=>{const e=n.request,s=e.url;if(e.url.includes(H)){n.respondWith($(n));return}const o=M(g,e.url,trustedDomains);if(o&&o.tokens&&o.tokens.access_token){for(;o.tokens&&!b(o.tokens);)await V(200);const l=e.mode=="navigate"?new Request(e,{headers:{...m(e.headers),authorization:"Bearer "+o.tokens.access_token}}):new Request(e,{headers:{...m(e.headers),authorization:"Bearer "+o.tokens.access_token},mode:o.oidcConfiguration.service_worker_convert_all_requests_to_cors?"cors":e.mode});n.waitUntil(n.respondWith(fetch(l)));return}if(n.request.method!=="POST")return;let t=null;const i=Y(g,e.url),d=i.length;if(d>0){const l=new Promise((f,a)=>{const c=e.clone();c.text().then(r=>{if(r.includes(_.REFRESH_TOKEN)||r.includes(_.ACCESS_TOKEN)){let u=r;for(let p=0;p<d;p++){const k=i[p];if(k&&k.tokens!=null){const R=_.REFRESH_TOKEN+"_"+k.configurationName;if(r.includes(R)){u=u.replace(R,encodeURIComponent(k.tokens.refresh_token)),t=k;break}const v=_.ACCESS_TOKEN+"_"+k.configurationName;if(r.includes(v)){u=u.replace(v,encodeURIComponent(k.tokens.access_token)),t=k;break}}}const S=fetch(e,{body:u,method:c.method,headers:{...m(e.headers)},mode:c.mode,cache:c.cache,redirect:c.redirect,referrer:c.referrer,credentials:c.credentials,integrity:c.integrity});return t&&t.oidcServerConfiguration!=null&&t.oidcServerConfiguration.revocationEndpoint&&s.startsWith(t.oidcServerConfiguration.revocationEndpoint)?S.then(async p=>{const k=await p.text();return new Response(k,p)}):S.then(y(t))}else if(r.includes("code_verifier=")&&T){t=g[T],T=null;let u=r;if(t&&t.codeVerifier!=null){const S=_.CODE_VERIFIER+"_"+t.configurationName;r.includes(S)&&(u=u.replace(S,t.codeVerifier))}return fetch(e,{body:u,method:c.method,headers:{...m(e.headers)},mode:c.mode,cache:c.cache,redirect:c.redirect,referrer:c.referrer,credentials:c.credentials,integrity:c.integrity}).then(y(t))}}).then(r=>{r!==void 0?f(r):(console.log("success undefined"),a(new Error("Response is undefined inside a success")))}).catch(r=>{r!==void 0?a(r):(console.log("error undefined"),a(new Error("Response is undefined inside a error")))})});n.waitUntil(n.respondWith(l))}},C={},G=n=>{const e=n.ports[0],s=n.data,o=s.configurationName;let t=g[o];if(trustedDomains==null&&(trustedDomains={}),!t){if(C[o]===void 0){let i=trustedDomains[o];C[o]=Array.isArray(i)?!1:i.showAccessToken}g[o]={tokens:null,state:null,codeVerifier:null,oidcServerConfiguration:null,oidcConfiguration:void 0,nonce:null,status:null,configurationName:o,hideAccessToken:!C[o]},t=g[o],trustedDomains[o]||(trustedDomains[o]=[])}switch(s.type){case"clear":t.tokens=null,t.state=null,t.codeVerifier=null,t.status=s.data.status,e.postMessage({configurationName:o});return;case"init":{const i=s.data.oidcServerConfiguration;let d=trustedDomains[o];const l=D(d,"oidc");l.find(a=>a===A)||[i.tokenEndpoint,i.revocationEndpoint,i.userInfoEndpoint,i.issuer].forEach(a=>{K(l,a)}),t.oidcServerConfiguration=i,t.oidcConfiguration=s.data.oidcConfiguration;const f=s.data.where;if(f==="loginCallbackAsync"||f==="tryKeepExistingSessionAsync"?T=o:T=null,!t.tokens)e.postMessage({tokens:null,status:t.status,configurationName:o});else{const a={...t.tokens};t.hideAccessToken&&(a.access_token=_.ACCESS_TOKEN+"_"+o),a.refresh_token&&(a.refresh_token=_.REFRESH_TOKEN+"_"+o),a.idTokenPayload&&a.idTokenPayload.nonce&&t.nonce!=null&&(a.idTokenPayload.nonce=_.NONCE_TOKEN+"_"+o),e.postMessage({tokens:a,status:t.status,configurationName:o})}return}case"setState":t.state=s.data.state,e.postMessage({configurationName:o});return;case"getState":{const i=t.state;e.postMessage({configurationName:o,state:i});return}case"setCodeVerifier":t.codeVerifier=s.data.codeVerifier,e.postMessage({configurationName:o});return;case"getCodeVerifier":{e.postMessage({configurationName:o,codeVerifier:_.CODE_VERIFIER+"_"+o});return}case"setSessionState":t.sessionState=s.data.sessionState,e.postMessage({configurationName:o});return;case"getSessionState":{const i=t.sessionState;e.postMessage({configurationName:o,sessionState:i});return}case"setNonce":t.nonce=s.data.nonce,e.postMessage({configurationName:o});return;default:t.items={...s.data},e.postMessage({configurationName:o})}};E.addEventListener("install",j);E.addEventListener("activate",J);E.addEventListener("fetch",z);E.addEventListener("message",G);
2
2
  //# sourceMappingURL=OidcServiceWorker.js.map
package/dist/service_worker/OidcServiceWorker.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"OidcServiceWorker.js","sources":["../constants.ts","../utils/domains.ts","../utils/strings.ts","../utils/tokens.ts","../utils/serializeHeaders.ts","../utils/sleep.ts","../OidcServiceWorker.ts"],"sourcesContent":["const scriptFilename = 'OidcTrustedDomains.js'; /* global trustedDomains */\nconst acceptAnyDomainToken = '*';\n\ntype TokenType = {\n readonly REFRESH_TOKEN: string;\n readonly ACCESS_TOKEN: string;\n readonly NONCE_TOKEN: string;\n readonly CODE_VERIFIER: string;\n};\n\nconst TOKEN: TokenType = {\n REFRESH_TOKEN: 'REFRESH_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER',\n ACCESS_TOKEN: 'ACCESS_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER',\n NONCE_TOKEN: 'NONCE_SECURED_BY_OIDC_SERVICE_WORKER',\n CODE_VERIFIER: 'CODE_VERIFIER_SECURED_BY_OIDC_SERVICE_WORKER',\n};\n\ntype TokenRenewModeType = {\n readonly access_token_or_id_token_invalid: string;\n readonly access_token_invalid: string;\n readonly id_token_invalid: string;\n};\n\nconst TokenRenewMode: TokenRenewModeType = {\n access_token_or_id_token_invalid: 'access_token_or_id_token_invalid',\n access_token_invalid: 'access_token_invalid',\n id_token_invalid: 'id_token_invalid',\n};\n\nconst openidWellknownUrlEndWith = '/.well-known/openid-configuration';\n\nexport { scriptFilename, acceptAnyDomainToken, TOKEN, TokenRenewMode, openidWellknownUrlEndWith };\n","import { TrustedDomains } from './../types';\nimport {\n acceptAnyDomainToken,\n openidWellknownUrlEndWith,\n scriptFilename,\n} from '../constants';\nimport { Database, Domain, OidcConfig } from '../types';\n\nfunction checkDomain(domains: Domain[], endpoint: string) {\n if (!endpoint) {\n return;\n }\n\n const domain = domains.find((domain) => {\n let testable: RegExp;\n\n if (typeof domain === 'string') {\n testable = new RegExp(`^${domain}`);\n } else {\n testable = domain;\n }\n\n return testable.test?.(endpoint);\n });\n if (!domain) {\n throw new Error(\n 'Domain ' +\n endpoint +\n ' is not trusted, please add domain in ' +\n scriptFilename\n );\n }\n}\n\nconst getCurrentDatabaseDomain = (\n database: Database,\n url: string,\n trustedDomains: TrustedDomains\n) => {\n if (url.endsWith(openidWellknownUrlEndWith)) {\n return null;\n }\n for (const [key, currentDatabase] of Object.entries<OidcConfig>(database)) {\n const oidcServerConfiguration = currentDatabase.oidcServerConfiguration;\n\n if (!oidcServerConfiguration) {\n continue;\n }\n\n if (\n oidcServerConfiguration.tokenEndpoint &&\n url === oidcServerConfiguration.tokenEndpoint\n ) {\n continue;\n }\n if (\n oidcServerConfiguration.revocationEndpoint &&\n url === oidcServerConfiguration.revocationEndpoint\n ) {\n continue;\n }\n const trustedDomain = trustedDomains == null ? [] : trustedDomains[key];\n const domains = Array.isArray(trustedDomain) ? trustedDomain : trustedDomain.domains;\n const domainsToSendTokens = oidcServerConfiguration.userInfoEndpoint\n ? [oidcServerConfiguration.userInfoEndpoint, ...domains]\n : [...domains];\n\n let hasToSendToken = false;\n if (domainsToSendTokens.find((f) => f === acceptAnyDomainToken)) {\n hasToSendToken = true;\n } else {\n for (let i = 0; i < domainsToSendTokens.length; i++) {\n let domain = domainsToSendTokens[i];\n\n if (typeof domain === 'string') {\n domain = new RegExp(`^${domain}`);\n }\n\n if (domain.test?.(url)) {\n hasToSendToken = true;\n break;\n }\n }\n }\n\n if (hasToSendToken) {\n if (!currentDatabase.tokens) {\n return null;\n }\n return currentDatabase;\n }\n }\n return null;\n};\n\nexport { checkDomain, getCurrentDatabaseDomain };\n","/**\n * Count occurances of letter in string\n * @param str\n * @param find\n * @returns\n */\nexport function countLetter(str: string, find: string) {\n return str.split(find).length - 1;\n}\n","import { TOKEN, TokenRenewMode } from '../constants';\nimport { OidcConfig, OidcConfiguration, OidcServerConfiguration, Tokens } from '../types';\nimport { countLetter } from './strings';\n\nfunction parseJwt(token: string) {\n return JSON.parse(\n b64DecodeUnicode(token.split('.')[1].replace('-', '+').replace('_', '/'))\n );\n}\nfunction b64DecodeUnicode(str: string) {\n return decodeURIComponent(\n Array.prototype.map\n .call(\n atob(str),\n (c) => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2)\n )\n .join('')\n );\n}\n\nfunction computeTimeLeft(\n refreshTimeBeforeTokensExpirationInSecond: number,\n expiresAt: number\n) {\n const currentTimeUnixSecond = new Date().getTime() / 1000;\n return Math.round(\n expiresAt -\n refreshTimeBeforeTokensExpirationInSecond -\n currentTimeUnixSecond\n );\n}\n\nfunction isTokensValid(tokens: Tokens | null) {\n if (!tokens) {\n return false;\n }\n return computeTimeLeft(0, tokens.expiresAt) > 0;\n}\n\nconst extractTokenPayload = (token?: string) => {\n try {\n if (!token) {\n return null;\n }\n if (countLetter(token, '.') === 2) {\n return parseJwt(token);\n } else {\n return null;\n }\n } catch (e) {\n console.warn(e);\n }\n return null;\n};\n\n// https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation (excluding rules #1, #4, #5, #7, #8, #12, and #13 which did not apply).\n// https://github.com/openid/AppAuth-JS/issues/65\nconst isTokensOidcValid = (\n tokens: Tokens,\n nonce: string | null,\n oidcServerConfiguration: OidcServerConfiguration\n): { isValid: boolean; reason: string } => {\n if (tokens.idTokenPayload) {\n const idTokenPayload = tokens.idTokenPayload;\n // 2: The Issuer Identifier for the OpenID Provider (which is typically obtained during Discovery) MUST exactly match the value of the iss (issuer) Claim.\n if (oidcServerConfiguration.issuer !== idTokenPayload.iss) {\n return { isValid: false, reason: 'Issuer does not match' };\n }\n // 3: The Client MUST validate that the aud (audience) Claim contains its client_id value registered at the Issuer identified by the iss (issuer) Claim as an audience. The aud (audience) Claim MAY contain an array with more than one element. The ID Token MUST be rejected if the ID Token does not list the Client as a valid audience, or if it contains additional audiences not trusted by the Client.\n\n // 6: If the ID Token is received via direct communication between the Client and the Token Endpoint (which it is in this flow), the TLS server validation MAY be used to validate the issuer in place of checking the token signature. The Client MUST validate the signature of all other ID Tokens according to JWS [JWS] using the algorithm specified in the JWT alg Header Parameter. The Client MUST use the keys provided by the Issuer.\n\n // 9: The current time MUST be before the time represented by the exp Claim.\n const currentTimeUnixSecond = new Date().getTime() / 1000;\n if (idTokenPayload.exp && idTokenPayload.exp < currentTimeUnixSecond) {\n return { isValid: false, reason: 'Token expired' };\n }\n // 10: The iat Claim can be used to reject tokens that were issued too far away from the current time, limiting the amount of time that nonces need to be stored to prevent attacks. The acceptable range is Client specific.\n const timeInSevenDays = 60 * 60 * 24 * 7;\n if (\n idTokenPayload.iat &&\n idTokenPayload.iat + timeInSevenDays < currentTimeUnixSecond\n ) {\n return { isValid: false, reason: 'Token is used from too long time' };\n }\n // 11: If a nonce value was sent in the Authentication Request, a nonce Claim MUST be present and its value checked to verify that it is the same value as the one that was sent in the Authentication Request. The Client SHOULD check the nonce value for replay attacks. The precise method for detecting replay attacks is Client specific.\n if (idTokenPayload.nonce && idTokenPayload.nonce !== nonce) {\n return { isValid: false, reason: 'Nonce does not match' };\n }\n }\n return { isValid: true, reason: '' };\n};\n\nfunction _hideTokens(tokens: Tokens, currentDatabaseElement: OidcConfig, configurationName: string) {\n if (!tokens.issued_at) {\n const currentTimeUnixSecond = new Date().getTime() / 1000;\n tokens.issued_at = currentTimeUnixSecond;\n }\n\n const accessTokenPayload = extractTokenPayload(tokens.access_token);\n const secureTokens = {\n ...tokens,\n accessTokenPayload,\n };\n if (currentDatabaseElement.hideAccessToken) {\n secureTokens.access_token = TOKEN.ACCESS_TOKEN + '_' + configurationName;\n }\n tokens.accessTokenPayload = accessTokenPayload;\n\n let _idTokenPayload = null;\n if (tokens.id_token) {\n _idTokenPayload = extractTokenPayload(tokens.id_token);\n tokens.idTokenPayload = {..._idTokenPayload};\n if (_idTokenPayload.nonce && currentDatabaseElement.nonce != null) {\n const keyNonce =\n TOKEN.NONCE_TOKEN + '_' + currentDatabaseElement.configurationName;\n _idTokenPayload.nonce = keyNonce;\n }\n secureTokens.idTokenPayload = _idTokenPayload;\n }\n if (tokens.refresh_token) {\n secureTokens.refresh_token =\n TOKEN.REFRESH_TOKEN + '_' + configurationName;\n }\n\n const idTokenExpiresAt =\n _idTokenPayload && _idTokenPayload.exp\n ? _idTokenPayload.exp\n : Number.MAX_VALUE;\n const accessTokenExpiresAt =\n accessTokenPayload && accessTokenPayload.exp\n ? accessTokenPayload.exp\n : tokens.issued_at + tokens.expires_in;\n\n let expiresAt: number;\n const tokenRenewMode = (\n currentDatabaseElement.oidcConfiguration as OidcConfiguration\n ).token_renew_mode;\n if (tokenRenewMode === TokenRenewMode.access_token_invalid) {\n expiresAt = accessTokenExpiresAt;\n } else if (tokenRenewMode === TokenRenewMode.id_token_invalid) {\n expiresAt = idTokenExpiresAt;\n } else {\n expiresAt =\n idTokenExpiresAt < accessTokenExpiresAt\n ? idTokenExpiresAt\n : accessTokenExpiresAt;\n }\n secureTokens.expiresAt = expiresAt;\n\n tokens.expiresAt = expiresAt;\n const nonce = currentDatabaseElement.nonce\n ? currentDatabaseElement.nonce.nonce\n : null;\n const {isValid, reason} = isTokensOidcValid(\n tokens,\n nonce,\n currentDatabaseElement.oidcServerConfiguration as OidcServerConfiguration\n ); //TODO: Type assertion, could be null.\n if (!isValid) {\n throw Error(`Tokens are not OpenID valid, reason: ${reason}`);\n }\n\n // When refresh_token is not rotated we reuse ald refresh_token\n if (\n currentDatabaseElement.tokens != null &&\n 'refresh_token' in currentDatabaseElement.tokens &&\n !('refresh_token' in tokens)\n ) {\n const refreshToken = currentDatabaseElement.tokens.refresh_token;\n\n currentDatabaseElement.tokens = {\n ...tokens,\n refresh_token: refreshToken,\n };\n } else {\n currentDatabaseElement.tokens = tokens;\n }\n\n currentDatabaseElement.status = 'LOGGED_IN';\n return secureTokens;\n}\n\nfunction hideTokens(currentDatabaseElement: OidcConfig) {\n const configurationName = currentDatabaseElement.configurationName;\n return (response: Response) => {\n if (response.status !== 200) {\n return response;\n }\n return response.json().then<Response>((tokens: Tokens) => {\n const secureTokens = _hideTokens(tokens, currentDatabaseElement, configurationName);\n const body = JSON.stringify(secureTokens);\n return new Response(body, response);\n });\n };\n}\n\nexport {\n b64DecodeUnicode,\n computeTimeLeft,\n isTokensValid,\n extractTokenPayload,\n isTokensOidcValid,\n hideTokens,\n _hideTokens\n};\n","import { FetchHeaders } from '../types';\n\nfunction serializeHeaders(headers: Headers) {\n const headersObj: Record<string, string> = {};\n for (const key of (headers as FetchHeaders).keys()) {\n if (headers.has(key)) {\n headersObj[key] = headers.get(key) as string;\n }\n }\n return headersObj;\n}\nexport {serializeHeaders};","const sleep = (ms: number) => new Promise((resolve) => setTimeout(resolve, ms));\nexport { sleep };\n","import { acceptAnyDomainToken, TOKEN, scriptFilename } from './constants';\nimport {\n TrustedDomains,\n Database,\n OidcConfig,\n OidcConfiguration,\n MessageEventData,\n // TrustedDomainsShowAccessToken,\n} from './types';\nimport {\n checkDomain,\n getCurrentDatabaseDomain,\n hideTokens,\n isTokensValid,\n serializeHeaders,\n sleep,\n} from './utils';\n\nconst _self = self as ServiceWorkerGlobalScope & typeof globalThis;\n\ndeclare let trustedDomains: TrustedDomains;\n\n_self.importScripts(scriptFilename);\n\nconst id = Math.round(new Date().getTime() / 1000).toString();\n\nconst keepAliveJsonFilename = 'OidcKeepAliveServiceWorker.json';\nconst handleInstall = (event: ExtendableEvent) => {\n console.log('[OidcServiceWorker] service worker installed ' + id);\n event.waitUntil(_self.skipWaiting());\n};\n\nconst handleActivate = (event: ExtendableEvent) => {\n console.log('[OidcServiceWorker] service worker activated ' + id);\n event.waitUntil(_self.clients.claim());\n};\n\nlet currentLoginCallbackConfigurationName: string | null = null;\nconst database: Database = {\n default: {\n configurationName: 'default',\n tokens: null,\n status: null,\n state: null,\n codeVerifier: null,\n nonce: null,\n oidcServerConfiguration: null,\n hideAccessToken: true,\n },\n};\n\nconst getCurrentDatabasesTokenEndpoint = (database: Database, url: string) => {\n const databases: OidcConfig[] = [];\n for (const [, value] of Object.entries<OidcConfig>(database)) {\n if (\n value.oidcServerConfiguration != null &&\n url.startsWith(value.oidcServerConfiguration.tokenEndpoint)\n ) {\n databases.push(value);\n } else if (\n value.oidcServerConfiguration != null &&\n value.oidcServerConfiguration.revocationEndpoint &&\n url.startsWith(value.oidcServerConfiguration.revocationEndpoint)\n ) {\n databases.push(value);\n }\n }\n return databases;\n};\n\nconst keepAliveAsync = async (event: FetchEvent) => {\n const originalRequest = event.request;\n const isFromVanilla = originalRequest.headers.has('oidc-vanilla');\n const init = { status: 200, statusText: 'oidc-service-worker' };\n const response = new Response('{}', init);\n if (!isFromVanilla) {\n const originalRequestUrl = new URL(originalRequest.url);\n const minSleepSeconds = Number(originalRequestUrl.searchParams.get('minSleepSeconds')) || 240;\n for (let i = 0; i < minSleepSeconds; i++) {\n await sleep(1000 + Math.floor(Math.random() * 1000));\n const cache = await caches.open('oidc_dummy_cache');\n await cache.put(event.request, response.clone());\n }\n }\n return response;\n};\n\nconst handleFetch = async (event: FetchEvent) => {\n const originalRequest = event.request;\n const url = originalRequest.url;\n if (originalRequest.url.includes(keepAliveJsonFilename)) {\n event.respondWith(keepAliveAsync(event));\n return;\n }\n\n const currentDatabaseForRequestAccessToken = getCurrentDatabaseDomain(\n database,\n originalRequest.url,\n trustedDomains\n );\n if (\n currentDatabaseForRequestAccessToken &&\n currentDatabaseForRequestAccessToken.tokens &&\n currentDatabaseForRequestAccessToken.tokens.access_token\n ) {\n while (\n currentDatabaseForRequestAccessToken.tokens &&\n !isTokensValid(currentDatabaseForRequestAccessToken.tokens)\n ) {\n await sleep(200);\n }\n const newRequest =\n originalRequest.mode == 'navigate'\n ? new Request(originalRequest, {\n headers: {\n ...serializeHeaders(originalRequest.headers),\n authorization:\n 'Bearer ' +\n currentDatabaseForRequestAccessToken.tokens.access_token,\n },\n })\n : new Request(originalRequest, {\n headers: {\n ...serializeHeaders(originalRequest.headers),\n authorization:\n 'Bearer ' +\n currentDatabaseForRequestAccessToken.tokens.access_token,\n },\n mode: (\n currentDatabaseForRequestAccessToken.oidcConfiguration as OidcConfiguration\n ).service_worker_convert_all_requests_to_cors\n ? 'cors'\n : originalRequest.mode,\n });\n\n //@ts-ignore -- TODO: review, waitUntil takes a promise, this returns a void\n event.waitUntil(event.respondWith(fetch(newRequest)));\n\n return;\n }\n\n if (event.request.method !== 'POST') {\n return;\n }\n\n let currentDatabase: OidcConfig | null = null;\n const currentDatabases = getCurrentDatabasesTokenEndpoint(\n database,\n originalRequest.url\n );\n const numberDatabase = currentDatabases.length;\n if (numberDatabase > 0) {\n const maPromesse = new Promise<Response>((resolve, reject) => {\n const clonedRequest = originalRequest.clone();\n const response = clonedRequest.text().then((actualBody) => {\n if (\n actualBody.includes(TOKEN.REFRESH_TOKEN) ||\n actualBody.includes(TOKEN.ACCESS_TOKEN)\n ) {\n let newBody = actualBody;\n for (let i = 0; i < numberDatabase; i++) {\n const currentDb = currentDatabases[i];\n\n if (currentDb && currentDb.tokens != null) {\n const keyRefreshToken =\n TOKEN.REFRESH_TOKEN + '_' + currentDb.configurationName;\n if (actualBody.includes(keyRefreshToken)) {\n newBody = newBody.replace(\n keyRefreshToken,\n encodeURIComponent(currentDb.tokens.refresh_token as string)\n );\n currentDatabase = currentDb;\n break;\n }\n const keyAccessToken =\n TOKEN.ACCESS_TOKEN + '_' + currentDb.configurationName;\n if (actualBody.includes(keyAccessToken)) {\n newBody = newBody.replace(\n keyAccessToken,\n encodeURIComponent(currentDb.tokens.access_token)\n );\n currentDatabase = currentDb;\n break;\n }\n }\n }\n const fetchPromise = fetch(originalRequest, {\n body: newBody,\n method: clonedRequest.method,\n headers: {\n ...serializeHeaders(originalRequest.headers),\n },\n mode: clonedRequest.mode,\n cache: clonedRequest.cache,\n redirect: clonedRequest.redirect,\n referrer: clonedRequest.referrer,\n credentials: clonedRequest.credentials,\n integrity: clonedRequest.integrity,\n });\n\n if (\n currentDatabase &&\n currentDatabase.oidcServerConfiguration != null &&\n currentDatabase.oidcServerConfiguration.revocationEndpoint &&\n url.startsWith(\n currentDatabase.oidcServerConfiguration.revocationEndpoint\n )\n ) {\n return fetchPromise.then(async (response) => {\n const text = await response.text();\n return new Response(text, response);\n });\n }\n return fetchPromise.then(hideTokens(currentDatabase as OidcConfig)); //todo type assertion to OidcConfig but could be null, NEEDS REVIEW\n } else if (\n actualBody.includes('code_verifier=') &&\n currentLoginCallbackConfigurationName\n ) {\n currentDatabase = database[currentLoginCallbackConfigurationName];\n currentLoginCallbackConfigurationName = null;\n let newBody = actualBody;\n if (currentDatabase && currentDatabase.codeVerifier != null) {\n const keyCodeVerifier =\n TOKEN.CODE_VERIFIER + '_' + currentDatabase.configurationName;\n if (actualBody.includes(keyCodeVerifier)) {\n newBody = newBody.replace(\n keyCodeVerifier,\n currentDatabase.codeVerifier\n );\n }\n }\n\n return fetch(originalRequest, {\n body: newBody,\n method: clonedRequest.method,\n headers: {\n ...serializeHeaders(originalRequest.headers),\n },\n mode: clonedRequest.mode,\n cache: clonedRequest.cache,\n redirect: clonedRequest.redirect,\n referrer: clonedRequest.referrer,\n credentials: clonedRequest.credentials,\n integrity: clonedRequest.integrity,\n }).then(hideTokens(currentDatabase));\n }\n return undefined;\n });\n response\n .then((r) => {\n if (r !== undefined) {\n resolve(r);\n } else {\n console.log('success undefined');\n reject(new Error('Response is undefined inside a success'));\n }\n })\n .catch((err) => {\n if (err !== undefined) {\n reject(err);\n } else {\n console.log('error undefined');\n reject(new Error('Response is undefined inside a error'));\n }\n });\n });\n\n //@ts-ignore -- TODO: review, waitUntil takes a promise, this returns a void\n event.waitUntil(event.respondWith(maPromesse));\n }\n};\n\ntype TrustedDomainsShowAccessToken = {\n [key: string]: boolean\n}\n\nconst trustedDomainsShowAccessToken: TrustedDomainsShowAccessToken = {};\n\nconst handleMessage = (event: ExtendableMessageEvent) => {\n const port = event.ports[0];\n const data = event.data as MessageEventData;\n const configurationName = data.configurationName;\n let currentDatabase = database[configurationName];\n if(trustedDomains== null){\n trustedDomains = {};\n }\n if (!currentDatabase) {\n \n if (trustedDomainsShowAccessToken[configurationName] === undefined) {\n let trustedDomain = trustedDomains[configurationName];\n trustedDomainsShowAccessToken[configurationName] = Array.isArray(trustedDomain) ? false : trustedDomain.showAccessToken;\n }\n database[configurationName] = {\n tokens: null,\n state: null,\n codeVerifier: null,\n oidcServerConfiguration: null,\n oidcConfiguration: undefined,\n nonce: null,\n status: null,\n configurationName,\n hideAccessToken: !trustedDomainsShowAccessToken[configurationName],\n };\n currentDatabase = database[configurationName];\n \n if (!trustedDomains[configurationName]) {\n trustedDomains[configurationName] = [];\n }\n }\n\n switch (data.type) {\n case 'clear':\n currentDatabase.tokens = null;\n currentDatabase.state = null;\n currentDatabase.codeVerifier = null;\n currentDatabase.status = data.data.status;\n port.postMessage({ configurationName });\n return;\n case 'init': {\n const oidcServerConfiguration = data.data.oidcServerConfiguration;\n let trustedDomain = trustedDomains[configurationName];\n \n const domains = Array.isArray(trustedDomain) ? trustedDomain : trustedDomain.domains;\n if (!domains.find((f) => f === acceptAnyDomainToken)) {\n [\n oidcServerConfiguration.tokenEndpoint,\n oidcServerConfiguration.revocationEndpoint,\n oidcServerConfiguration.userInfoEndpoint,\n oidcServerConfiguration.issuer,\n ].forEach((url) => {\n checkDomain(domains, url);\n });\n }\n currentDatabase.oidcServerConfiguration = oidcServerConfiguration;\n currentDatabase.oidcConfiguration = data.data.oidcConfiguration;\n const where = data.data.where;\n if (\n where === 'loginCallbackAsync' ||\n where === 'tryKeepExistingSessionAsync'\n ) {\n currentLoginCallbackConfigurationName = configurationName;\n } else {\n currentLoginCallbackConfigurationName = null;\n }\n\n if (!currentDatabase.tokens) {\n port.postMessage({\n tokens: null,\n status: currentDatabase.status,\n configurationName,\n });\n } else {\n const tokens = {\n ...currentDatabase.tokens,\n };\n if(currentDatabase.hideAccessToken) {\n tokens.access_token = TOKEN.ACCESS_TOKEN + '_' + configurationName;\n }\n if (tokens.refresh_token) {\n tokens.refresh_token = TOKEN.REFRESH_TOKEN + '_' + configurationName;\n }\n if (\n tokens.idTokenPayload &&\n tokens.idTokenPayload.nonce &&\n currentDatabase.nonce != null\n ) {\n tokens.idTokenPayload.nonce =\n TOKEN.NONCE_TOKEN + '_' + configurationName;\n }\n port.postMessage({\n tokens,\n status: currentDatabase.status,\n configurationName,\n });\n }\n return;\n }\n case 'setState':\n currentDatabase.state = data.data.state;\n port.postMessage({ configurationName });\n return;\n case 'getState': {\n const state = currentDatabase.state;\n port.postMessage({ configurationName, state });\n return;\n }\n case 'setCodeVerifier':\n currentDatabase.codeVerifier = data.data.codeVerifier;\n port.postMessage({ configurationName });\n return;\n case 'getCodeVerifier': {\n port.postMessage({\n configurationName,\n codeVerifier: TOKEN.CODE_VERIFIER + '_' + configurationName,\n });\n return;\n }\n case 'setSessionState':\n currentDatabase.sessionState = data.data.sessionState;\n port.postMessage({ configurationName });\n return;\n case 'getSessionState': {\n const sessionState = currentDatabase.sessionState;\n port.postMessage({ configurationName, sessionState });\n return;\n }\n case 'setNonce':\n currentDatabase.nonce = data.data.nonce;\n port.postMessage({ configurationName });\n return;\n default:\n currentDatabase.items = { ...data.data };\n port.postMessage({ configurationName });\n }\n};\n\n_self.addEventListener('install', handleInstall);\n_self.addEventListener('activate', handleActivate);\n_self.addEventListener('fetch', handleFetch);\n_self.addEventListener('message', handleMessage);\n"],"names":["scriptFilename","acceptAnyDomainToken","TOKEN","TokenRenewMode","openidWellknownUrlEndWith","checkDomain","domains","endpoint","domain","testable","_a","getCurrentDatabaseDomain","database","url","trustedDomains","key","currentDatabase","oidcServerConfiguration","trustedDomain","domainsToSendTokens","hasToSendToken","f","i","countLetter","str","find","parseJwt","token","b64DecodeUnicode","c","computeTimeLeft","refreshTimeBeforeTokensExpirationInSecond","expiresAt","currentTimeUnixSecond","isTokensValid","tokens","extractTokenPayload","isTokensOidcValid","nonce","idTokenPayload","timeInSevenDays","_hideTokens","currentDatabaseElement","configurationName","accessTokenPayload","secureTokens","_idTokenPayload","keyNonce","idTokenExpiresAt","accessTokenExpiresAt","tokenRenewMode","isValid","reason","refreshToken","hideTokens","response","body","serializeHeaders","headers","headersObj","sleep","ms","resolve","_self","id","keepAliveJsonFilename","handleInstall","event","handleActivate","currentLoginCallbackConfigurationName","getCurrentDatabasesTokenEndpoint","databases","value","keepAliveAsync","originalRequest","isFromVanilla","init","originalRequestUrl","minSleepSeconds","handleFetch","currentDatabaseForRequestAccessToken","newRequest","currentDatabases","numberDatabase","maPromesse","reject","clonedRequest","actualBody","newBody","currentDb","keyRefreshToken","keyAccessToken","fetchPromise","text","keyCodeVerifier","err","trustedDomainsShowAccessToken","handleMessage","port","data","where","state","sessionState"],"mappings":"aAAA,MAAMA,EAAiB,wBACjBC,EAAuB,IASvBC,EAAmB,CACvB,cAAe,+CACf,aAAc,8CACd,YAAa,uCACb,cAAe,8CACjB,EAQMC,EAAqC,CACzC,iCAAkC,mCAClC,qBAAsB,uBACtB,iBAAkB,kBACpB,EAEMC,EAA4B,oCCrBlC,SAASC,EAAYC,EAAmBC,EAAkB,CACxD,GAAI,CAACA,EACH,OAcF,GAAI,CAXWD,EAAQ,KAAME,GAAW,OAClC,IAAAC,EAEA,OAAA,OAAOD,GAAW,SACTC,EAAA,IAAI,OAAO,IAAID,GAAQ,EAEvBA,EAAAA,GAGNE,EAAAD,EAAS,OAAT,YAAAC,EAAA,KAAAD,EAAgBF,EAAQ,CAChC,EAEC,MAAM,IAAI,MACR,UACEA,EACA,yCACAP,CAAA,CAGR,CAEA,MAAMW,EAA2B,CAC/BC,EACAC,EACAC,IACG,OACC,GAAAD,EAAI,SAAST,CAAyB,EACjC,OAAA,KAET,SAAW,CAACW,EAAKC,CAAe,IAAK,OAAO,QAAoBJ,CAAQ,EAAG,CACzE,MAAMK,EAA0BD,EAAgB,wBAYhD,GAVI,CAACC,GAKHA,EAAwB,eACxBJ,IAAQI,EAAwB,eAKhCA,EAAwB,oBACxBJ,IAAQI,EAAwB,mBAEhC,SAEF,MAAMC,EAAgBJ,GAAkB,KAAO,CAAA,EAAKA,EAAeC,CAAG,EAChET,EAAU,MAAM,QAAQY,CAAa,EAAIA,EAAgBA,EAAc,QACvEC,EAAsBF,EAAwB,iBAChD,CAACA,EAAwB,iBAAkB,GAAGX,CAAO,EACrD,CAAC,GAAGA,CAAO,EAEf,IAAIc,EAAiB,GACrB,GAAID,EAAoB,KAAME,GAAMA,IAAMpB,CAAoB,EAC3CmB,EAAA,OAEjB,SAASE,EAAI,EAAGA,EAAIH,EAAoB,OAAQG,IAAK,CAC/C,IAAAd,EAASW,EAAoBG,CAAC,EAM9B,GAJA,OAAOd,GAAW,WACXA,EAAA,IAAI,OAAO,IAAIA,GAAQ,IAG9BE,EAAAF,EAAO,OAAP,MAAAE,EAAA,KAAAF,EAAcK,GAAM,CACLO,EAAA,GACjB,OAKN,GAAIA,EACE,OAACJ,EAAgB,OAGdA,EAFE,KAKN,OAAA,IACT,ECvFgB,SAAAO,EAAYC,EAAaC,EAAc,CACrD,OAAOD,EAAI,MAAMC,CAAI,EAAE,OAAS,CAClC,CCJA,SAASC,EAASC,EAAe,CAC/B,OAAO,KAAK,MACVC,EAAiBD,EAAM,MAAM,GAAG,EAAE,CAAC,EAAE,QAAQ,IAAK,GAAG,EAAE,QAAQ,IAAK,GAAG,CAAC,CAAA,CAE5E,CACA,SAASC,EAAiBJ,EAAa,CAC9B,OAAA,mBACL,MAAM,UAAU,IACb,KACC,KAAKA,CAAG,EACPK,GAAM,KAAO,KAAOA,EAAE,WAAW,CAAC,EAAE,SAAS,EAAE,GAAG,MAAM,EAAE,CAAA,EAE5D,KAAK,EAAE,CAAA,CAEd,CAEA,SAASC,EACPC,EACAC,EACA,CACA,MAAMC,EAAwB,IAAI,KAAK,EAAE,UAAY,IACrD,OAAO,KAAK,MACVD,EACED,EACAE,CAAA,CAEN,CAEA,SAASC,EAAcC,EAAuB,CAC5C,OAAKA,EAGEL,EAAgB,EAAGK,EAAO,SAAS,EAAI,EAFrC,EAGX,CAEA,MAAMC,EAAuBT,GAAmB,CAC1C,GAAA,CACF,OAAKA,GAGDJ,EAAYI,EAAO,GAAG,IAAM,EACvBD,EAASC,CAAK,EAHd,WAOF,GACP,QAAQ,KAAK,CAAC,CAChB,CACO,OAAA,IACT,EAIMU,EAAoB,CACxBF,EACAG,EACArB,IACyC,CACzC,GAAIkB,EAAO,eAAgB,CACzB,MAAMI,EAAiBJ,EAAO,eAE1B,GAAAlB,EAAwB,SAAWsB,EAAe,IACpD,MAAO,CAAE,QAAS,GAAO,OAAQ,uBAAwB,EAO3D,MAAMN,EAAwB,IAAI,KAAK,EAAE,UAAY,IACrD,GAAIM,EAAe,KAAOA,EAAe,IAAMN,EAC7C,MAAO,CAAE,QAAS,GAAO,OAAQ,eAAgB,EAG7C,MAAAO,EAAkB,GAAK,GAAK,GAAK,EACvC,GACED,EAAe,KACfA,EAAe,IAAMC,EAAkBP,EAEvC,MAAO,CAAE,QAAS,GAAO,OAAQ,kCAAmC,EAGtE,GAAIM,EAAe,OAASA,EAAe,QAAUD,EACnD,MAAO,CAAE,QAAS,GAAO,OAAQ,sBAAuB,EAG5D,MAAO,CAAE,QAAS,GAAM,OAAQ,EAAG,CACrC,EAEA,SAASG,EAAYN,EAAgBO,EAAoCC,EAA2B,CAC9F,GAAA,CAACR,EAAO,UAAW,CACrB,MAAMF,EAAwB,IAAI,KAAK,EAAE,UAAY,IACrDE,EAAO,UAAYF,EAGf,MAAAW,EAAqBR,EAAoBD,EAAO,YAAY,EAC5DU,EAAe,CACnB,GAAGV,EACH,mBAAAS,CAAA,EAEEF,EAAuB,kBACZG,EAAA,aAAe3C,EAAM,aAAe,IAAMyC,GAEzDR,EAAO,mBAAqBS,EAE5B,IAAIE,EAAkB,KACtB,GAAIX,EAAO,SAAU,CAGnB,GAFkBW,EAAAV,EAAoBD,EAAO,QAAQ,EAC9CA,EAAA,eAAiB,CAAC,GAAGW,GACxBA,EAAgB,OAASJ,EAAuB,OAAS,KAAM,CACjE,MAAMK,EACF7C,EAAM,YAAc,IAAMwC,EAAuB,kBACrDI,EAAgB,MAAQC,EAE1BF,EAAa,eAAiBC,EAE5BX,EAAO,gBACIU,EAAA,cACT3C,EAAM,cAAgB,IAAMyC,GAGlC,MAAMK,EACFF,GAAmBA,EAAgB,IAC7BA,EAAgB,IAChB,OAAO,UACXG,EACFL,GAAsBA,EAAmB,IACnCA,EAAmB,IACnBT,EAAO,UAAYA,EAAO,WAEhC,IAAAH,EACE,MAAAkB,EACFR,EAAuB,kBACzB,iBACEQ,IAAmB/C,EAAe,qBACxB6B,EAAAiB,EACHC,IAAmB/C,EAAe,iBAC/B6B,EAAAgB,EAGRhB,EAAAgB,EAAmBC,EACbD,EACAC,EAEZJ,EAAa,UAAYb,EAEzBG,EAAO,UAAYH,EACnB,MAAMM,EAAQI,EAAuB,MAC/BA,EAAuB,MAAM,MAC7B,KACA,CAAC,QAAAS,EAAS,OAAAC,CAAA,EAAUf,EACtBF,EACAG,EACAI,EAAuB,uBAAA,EAE3B,GAAI,CAACS,EACG,MAAA,MAAM,wCAAwCC,GAAQ,EAK1D,GAAAV,EAAuB,QAAU,MACjC,kBAAmBA,EAAuB,QAC1C,EAAE,kBAAmBP,GACvB,CACM,MAAAkB,EAAeX,EAAuB,OAAO,cAEnDA,EAAuB,OAAS,CAC9B,GAAGP,EACH,cAAekB,CAAA,OAGjBX,EAAuB,OAASP,EAGlC,OAAAO,EAAuB,OAAS,YACzBG,CACT,CAEA,SAASS,EAAWZ,EAAoC,CACtD,MAAMC,EAAoBD,EAAuB,kBACjD,OAAQa,GACFA,EAAS,SAAW,IACfA,EAEFA,EAAS,KAAA,EAAO,KAAgBpB,GAAmB,CACxD,MAAMU,EAAeJ,EAAYN,EAAQO,EAAwBC,CAAiB,EAC5Ea,EAAO,KAAK,UAAUX,CAAY,EACjC,OAAA,IAAI,SAASW,EAAMD,CAAQ,CAAA,CACnC,CAEL,CCjMA,SAASE,EAAiBC,EAAkB,CAC1C,MAAMC,EAAqC,CAAA,EAChC,UAAA5C,KAAQ2C,EAAyB,OACtCA,EAAQ,IAAI3C,CAAG,IACjB4C,EAAW5C,CAAG,EAAI2C,EAAQ,IAAI3C,CAAG,GAG9B,OAAA4C,CACT,CCVA,MAAMC,EAASC,GAAe,IAAI,QAASC,GAAY,WAAWA,EAASD,CAAE,CAAC,ECkBxEE,EAAQ,KAIdA,EAAM,cAAc/D,CAAc,EAElC,MAAMgE,EAAK,KAAK,MAAU,IAAA,OAAO,UAAY,GAAI,EAAE,WAE7CC,EAAwB,kCACxBC,EAAiBC,GAA2B,CACxC,QAAA,IAAI,gDAAkDH,CAAE,EAC1DG,EAAA,UAAUJ,EAAM,YAAa,CAAA,CACrC,EAEMK,EAAkBD,GAA2B,CACzC,QAAA,IAAI,gDAAkDH,CAAE,EAChEG,EAAM,UAAUJ,EAAM,QAAQ,MAAO,CAAA,CACvC,EAEA,IAAIM,EAAuD,KAC3D,MAAMzD,EAAqB,CACzB,QAAS,CACP,kBAAmB,UACnB,OAAQ,KACR,OAAQ,KACR,MAAO,KACP,aAAc,KACd,MAAO,KACP,wBAAyB,KACzB,gBAAiB,EACnB,CACF,EAEM0D,EAAmC,CAAC1D,EAAoBC,IAAgB,CAC5E,MAAM0D,EAA0B,CAAA,EAChC,SAAW,CAAG,CAAAC,CAAK,IAAK,OAAO,QAAoB5D,CAAQ,GAEvD4D,EAAM,yBAA2B,MACjC3D,EAAI,WAAW2D,EAAM,wBAAwB,aAAa,GAI1DA,EAAM,yBAA2B,MACjCA,EAAM,wBAAwB,oBAC9B3D,EAAI,WAAW2D,EAAM,wBAAwB,kBAAkB,IAE/DD,EAAU,KAAKC,CAAK,EAGjB,OAAAD,CACT,EAEME,EAAiB,MAAON,GAAsB,CAClD,MAAMO,EAAkBP,EAAM,QACxBQ,EAAgBD,EAAgB,QAAQ,IAAI,cAAc,EAC1DE,EAAO,CAAE,OAAQ,IAAK,WAAY,qBAAsB,EACxDrB,EAAW,IAAI,SAAS,KAAMqB,CAAI,EACxC,GAAI,CAACD,EAAe,CAClB,MAAME,EAAqB,IAAI,IAAIH,EAAgB,GAAG,EAChDI,EAAkB,OAAOD,EAAmB,aAAa,IAAI,iBAAiB,CAAC,GAAK,IAC1F,QAASvD,EAAI,EAAGA,EAAIwD,EAAiBxD,IAC7B,MAAAsC,EAAM,IAAO,KAAK,MAAM,KAAK,OAAO,EAAI,GAAI,CAAC,EAEnD,MADc,MAAM,OAAO,KAAK,kBAAkB,GACtC,IAAIO,EAAM,QAASZ,EAAS,OAAO,EAG5C,OAAAA,CACT,EAEMwB,EAAc,MAAOZ,GAAsB,CAC/C,MAAMO,EAAkBP,EAAM,QACxBtD,EAAM6D,EAAgB,IAC5B,GAAIA,EAAgB,IAAI,SAAST,CAAqB,EAAG,CACjDE,EAAA,YAAYM,EAAeN,CAAK,CAAC,EACvC,OAGF,MAAMa,EAAuCrE,EAC3CC,EACA8D,EAAgB,IAChB,cAAA,EAEF,GACEM,GACAA,EAAqC,QACrCA,EAAqC,OAAO,aAC5C,CACA,KACEA,EAAqC,QACrC,CAAC9C,EAAc8C,EAAqC,MAAM,GAE1D,MAAMpB,EAAM,GAAG,EAEjB,MAAMqB,EACJP,EAAgB,MAAQ,WACpB,IAAI,QAAQA,EAAiB,CAC3B,QAAS,CACP,GAAGjB,EAAiBiB,EAAgB,OAAO,EAC3C,cACE,UACAM,EAAqC,OAAO,YAChD,CAAA,CACD,EACD,IAAI,QAAQN,EAAiB,CAC3B,QAAS,CACP,GAAGjB,EAAiBiB,EAAgB,OAAO,EAC3C,cACE,UACAM,EAAqC,OAAO,YAChD,EACA,KACEA,EAAqC,kBACrC,4CACE,OACAN,EAAgB,IAAA,CACrB,EAGPP,EAAM,UAAUA,EAAM,YAAY,MAAMc,CAAU,CAAC,CAAC,EAEpD,OAGE,GAAAd,EAAM,QAAQ,SAAW,OAC3B,OAGF,IAAInD,EAAqC,KACzC,MAAMkE,EAAmBZ,EACvB1D,EACA8D,EAAgB,GAAA,EAEZS,EAAiBD,EAAiB,OACxC,GAAIC,EAAiB,EAAG,CACtB,MAAMC,EAAa,IAAI,QAAkB,CAACtB,EAASuB,IAAW,CACtD,MAAAC,EAAgBZ,EAAgB,QACrBY,EAAc,KAAO,EAAA,KAAMC,GAAe,CAEvD,GAAAA,EAAW,SAASrF,EAAM,aAAa,GACvCqF,EAAW,SAASrF,EAAM,YAAY,EACtC,CACA,IAAIsF,EAAUD,EACd,QAASjE,EAAI,EAAGA,EAAI6D,EAAgB7D,IAAK,CACjC,MAAAmE,EAAYP,EAAiB5D,CAAC,EAEhC,GAAAmE,GAAaA,EAAU,QAAU,KAAM,CACzC,MAAMC,EACJxF,EAAM,cAAgB,IAAMuF,EAAU,kBACpC,GAAAF,EAAW,SAASG,CAAe,EAAG,CACxCF,EAAUA,EAAQ,QAChBE,EACA,mBAAmBD,EAAU,OAAO,aAAuB,CAAA,EAE3CzE,EAAAyE,EAClB,MAEF,MAAME,EACJzF,EAAM,aAAe,IAAMuF,EAAU,kBACnC,GAAAF,EAAW,SAASI,CAAc,EAAG,CACvCH,EAAUA,EAAQ,QAChBG,EACA,mBAAmBF,EAAU,OAAO,YAAY,CAAA,EAEhCzE,EAAAyE,EAClB,QAIA,MAAAG,EAAe,MAAMlB,EAAiB,CAC1C,KAAMc,EACN,OAAQF,EAAc,OACtB,QAAS,CACP,GAAG7B,EAAiBiB,EAAgB,OAAO,CAC7C,EACA,KAAMY,EAAc,KACpB,MAAOA,EAAc,MACrB,SAAUA,EAAc,SACxB,SAAUA,EAAc,SACxB,YAAaA,EAAc,YAC3B,UAAWA,EAAc,SAAA,CAC1B,EAED,OACEtE,GACAA,EAAgB,yBAA2B,MAC3CA,EAAgB,wBAAwB,oBACxCH,EAAI,WACFG,EAAgB,wBAAwB,kBAAA,EAGnC4E,EAAa,KAAK,MAAOrC,GAAa,CACrC,MAAAsC,EAAO,MAAMtC,EAAS,OACrB,OAAA,IAAI,SAASsC,EAAMtC,CAAQ,CAAA,CACnC,EAEIqC,EAAa,KAAKtC,EAAWtC,CAA6B,CAAC,UAElEuE,EAAW,SAAS,gBAAgB,GACpClB,EACA,CACArD,EAAkBJ,EAASyD,CAAqC,EACxBA,EAAA,KACxC,IAAImB,EAAUD,EACV,GAAAvE,GAAmBA,EAAgB,cAAgB,KAAM,CAC3D,MAAM8E,EACJ5F,EAAM,cAAgB,IAAMc,EAAgB,kBAC1CuE,EAAW,SAASO,CAAe,IACrCN,EAAUA,EAAQ,QAChBM,EACA9E,EAAgB,YAAA,GAKtB,OAAO,MAAM0D,EAAiB,CAC5B,KAAMc,EACN,OAAQF,EAAc,OACtB,QAAS,CACP,GAAG7B,EAAiBiB,EAAgB,OAAO,CAC7C,EACA,KAAMY,EAAc,KACpB,MAAOA,EAAc,MACrB,SAAUA,EAAc,SACxB,SAAUA,EAAc,SACxB,YAAaA,EAAc,YAC3B,UAAWA,EAAc,SAC1B,CAAA,EAAE,KAAKhC,EAAWtC,CAAe,CAAC,EAE9B,CACR,EAEE,KAAM,GAAM,CACP,IAAM,OACR8C,EAAQ,CAAC,GAET,QAAQ,IAAI,mBAAmB,EACxBuB,EAAA,IAAI,MAAM,wCAAwC,CAAC,EAC5D,CACD,EACA,MAAOU,GAAQ,CACVA,IAAQ,OACVV,EAAOU,CAAG,GAEV,QAAQ,IAAI,iBAAiB,EACtBV,EAAA,IAAI,MAAM,sCAAsC,CAAC,EAC1D,CACD,CAAA,CACJ,EAGDlB,EAAM,UAAUA,EAAM,YAAYiB,CAAU,CAAC,EAEjD,EAMMY,EAA+D,CAAA,EAE/DC,EAAiB9B,GAAkC,CACjD,MAAA+B,EAAO/B,EAAM,MAAM,CAAC,EACpBgC,EAAOhC,EAAM,KACbxB,EAAoBwD,EAAK,kBAC3B,IAAAnF,EAAkBJ,EAAS+B,CAAiB,EAIhD,GAHG,gBAAiB,OAClB,eAAiB,CAAA,GAEf,CAAC3B,EAAiB,CAEhB,GAAAgF,EAA8BrD,CAAiB,IAAM,OAAW,CAC9D,IAAAzB,EAAgB,eAAeyB,CAAiB,EACpDqD,EAA8BrD,CAAiB,EAAI,MAAM,QAAQzB,CAAa,EAAI,GAAQA,EAAc,gBAE1GN,EAAS+B,CAAiB,EAAI,CAC5B,OAAQ,KACR,MAAO,KACP,aAAc,KACd,wBAAyB,KACzB,kBAAmB,OACnB,MAAO,KACP,OAAQ,KACR,kBAAAA,EACA,gBAAiB,CAACqD,EAA8BrD,CAAiB,CAAA,EAEnE3B,EAAkBJ,EAAS+B,CAAiB,EAEvC,eAAeA,CAAiB,IACpB,eAAAA,CAAiB,EAAI,IAIxC,OAAQwD,EAAK,KAAM,CACjB,IAAK,QACHnF,EAAgB,OAAS,KACzBA,EAAgB,MAAQ,KACxBA,EAAgB,aAAe,KACfA,EAAA,OAASmF,EAAK,KAAK,OAC9BD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,OAAQ,CACL,MAAA1B,EAA0BkF,EAAK,KAAK,wBACtC,IAAAjF,EAAgB,eAAeyB,CAAiB,EAEpD,MAAMrC,EAAU,MAAM,QAAQY,CAAa,EAAIA,EAAgBA,EAAc,QACxEZ,EAAQ,KAAMe,GAAMA,IAAMpB,CAAoB,GACjD,CACEgB,EAAwB,cACxBA,EAAwB,mBACxBA,EAAwB,iBACxBA,EAAwB,MAAA,EACxB,QAASJ,GAAQ,CACjBR,EAAYC,EAASO,CAAG,CAAA,CACzB,EAELG,EAAgB,wBAA0BC,EACxBD,EAAA,kBAAoBmF,EAAK,KAAK,kBACxC,MAAAC,EAAQD,EAAK,KAAK,MAUpB,GARFC,IAAU,sBACVA,IAAU,8BAE8B/B,EAAA1B,EAEA0B,EAAA,KAGtC,CAACrD,EAAgB,OACnBkF,EAAK,YAAY,CACf,OAAQ,KACR,OAAQlF,EAAgB,OACxB,kBAAA2B,CAAA,CACD,MACI,CACL,MAAMR,EAAS,CACb,GAAGnB,EAAgB,MAAA,EAElBA,EAAgB,kBACVmB,EAAA,aAAejC,EAAM,aAAe,IAAMyC,GAE/CR,EAAO,gBACFA,EAAA,cAAgBjC,EAAM,cAAgB,IAAMyC,GAGnDR,EAAO,gBACPA,EAAO,eAAe,OACtBnB,EAAgB,OAAS,OAEzBmB,EAAO,eAAe,MACpBjC,EAAM,YAAc,IAAMyC,GAE9BuD,EAAK,YAAY,CACf,OAAA/D,EACA,OAAQnB,EAAgB,OACxB,kBAAA2B,CAAA,CACD,EAEH,MACF,CACA,IAAK,WACa3B,EAAA,MAAQmF,EAAK,KAAK,MAC7BD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,WAAY,CACf,MAAM0D,EAAQrF,EAAgB,MAC9BkF,EAAK,YAAY,CAAE,kBAAAvD,EAAmB,MAAA0D,CAAO,CAAA,EAC7C,MACF,CACA,IAAK,kBACarF,EAAA,aAAemF,EAAK,KAAK,aACpCD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,kBAAmB,CACtBuD,EAAK,YAAY,CACf,kBAAAvD,EACA,aAAczC,EAAM,cAAgB,IAAMyC,CAAA,CAC3C,EACD,MACF,CACA,IAAK,kBACa3B,EAAA,aAAemF,EAAK,KAAK,aACpCD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,kBAAmB,CACtB,MAAM2D,EAAetF,EAAgB,aACrCkF,EAAK,YAAY,CAAE,kBAAAvD,EAAmB,aAAA2D,CAAc,CAAA,EACpD,MACF,CACA,IAAK,WACatF,EAAA,MAAQmF,EAAK,KAAK,MAC7BD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,QACE3B,EAAgB,MAAQ,CAAE,GAAGmF,EAAK,IAAK,EAClCD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,CAC1C,CACF,EAEAoB,EAAM,iBAAiB,UAAWG,CAAa,EAC/CH,EAAM,iBAAiB,WAAYK,CAAc,EACjDL,EAAM,iBAAiB,QAASgB,CAAW,EAC3ChB,EAAM,iBAAiB,UAAWkC,CAAa"}
1
+ {"version":3,"file":"OidcServiceWorker.js","sources":["../constants.ts","../utils/domains.ts","../utils/strings.ts","../utils/tokens.ts","../utils/serializeHeaders.ts","../utils/sleep.ts","../OidcServiceWorker.ts"],"sourcesContent":["const scriptFilename = 'OidcTrustedDomains.js'; /* global trustedDomains */\nconst acceptAnyDomainToken = '*';\n\ntype TokenType = {\n readonly REFRESH_TOKEN: string;\n readonly ACCESS_TOKEN: string;\n readonly NONCE_TOKEN: string;\n readonly CODE_VERIFIER: string;\n};\n\nconst TOKEN: TokenType = {\n REFRESH_TOKEN: 'REFRESH_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER',\n ACCESS_TOKEN: 'ACCESS_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER',\n NONCE_TOKEN: 'NONCE_SECURED_BY_OIDC_SERVICE_WORKER',\n CODE_VERIFIER: 'CODE_VERIFIER_SECURED_BY_OIDC_SERVICE_WORKER',\n};\n\ntype TokenRenewModeType = {\n readonly access_token_or_id_token_invalid: string;\n readonly access_token_invalid: string;\n readonly id_token_invalid: string;\n};\n\nconst TokenRenewMode: TokenRenewModeType = {\n access_token_or_id_token_invalid: 'access_token_or_id_token_invalid',\n access_token_invalid: 'access_token_invalid',\n id_token_invalid: 'id_token_invalid',\n};\n\nconst openidWellknownUrlEndWith = '/.well-known/openid-configuration';\n\nexport { scriptFilename, acceptAnyDomainToken, TOKEN, TokenRenewMode, openidWellknownUrlEndWith };\n","import { DomainDetails, TrustedDomains } from './../types';\nimport {\n acceptAnyDomainToken,\n openidWellknownUrlEndWith,\n scriptFilename,\n} from '../constants';\nimport { Database, Domain, OidcConfig } from '../types';\n\nfunction checkDomain(domains: Domain[], endpoint: string) {\n if (!endpoint) {\n return;\n }\n\n const domain = domains.find((domain) => {\n let testable: RegExp;\n\n if (typeof domain === 'string') {\n testable = new RegExp(`^${domain}`);\n } else {\n testable = domain;\n }\n\n return testable.test?.(endpoint);\n });\n if (!domain) {\n throw new Error(\n 'Domain ' +\n endpoint +\n ' is not trusted, please add domain in ' +\n scriptFilename\n );\n }\n}\n\nexport const getDomains = (trustedDomain: Domain[] | DomainDetails, type: 'oidc' | 'accessToken') => {\n if(Array.isArray(trustedDomain)) {\n return trustedDomain;\n }\n\n return trustedDomain[`${type}Domains`] ?? trustedDomain.domains ?? [];\n}\n\nconst getCurrentDatabaseDomain = (\n database: Database,\n url: string,\n trustedDomains: TrustedDomains\n) => {\n if (url.endsWith(openidWellknownUrlEndWith)) {\n return null;\n }\n for (const [key, currentDatabase] of Object.entries<OidcConfig>(database)) {\n const oidcServerConfiguration = currentDatabase.oidcServerConfiguration;\n\n if (!oidcServerConfiguration) {\n continue;\n }\n\n if (\n oidcServerConfiguration.tokenEndpoint &&\n url === oidcServerConfiguration.tokenEndpoint\n ) {\n continue;\n }\n if (\n oidcServerConfiguration.revocationEndpoint &&\n url === oidcServerConfiguration.revocationEndpoint\n ) {\n continue;\n }\n const trustedDomain = trustedDomains == null ? [] : trustedDomains[key];\n\n const domains = getDomains(trustedDomain, 'accessToken');\n const domainsToSendTokens = oidcServerConfiguration.userInfoEndpoint\n ? [oidcServerConfiguration.userInfoEndpoint, ...domains]\n : [...domains];\n\n let hasToSendToken = false;\n if (domainsToSendTokens.find((f) => f === acceptAnyDomainToken)) {\n hasToSendToken = true;\n } else {\n for (let i = 0; i < domainsToSendTokens.length; i++) {\n let domain = domainsToSendTokens[i];\n\n if (typeof domain === 'string') {\n domain = new RegExp(`^${domain}`);\n }\n\n if (domain.test?.(url)) {\n hasToSendToken = true;\n break;\n }\n }\n }\n\n if (hasToSendToken) {\n if (!currentDatabase.tokens) {\n return null;\n }\n return currentDatabase;\n }\n }\n return null;\n};\n\nexport { checkDomain, getCurrentDatabaseDomain };\n","/**\n * Count occurances of letter in string\n * @param str\n * @param find\n * @returns\n */\nexport function countLetter(str: string, find: string) {\n return str.split(find).length - 1;\n}\n","import { TOKEN, TokenRenewMode } from '../constants';\nimport { OidcConfig, OidcConfiguration, OidcServerConfiguration, Tokens } from '../types';\nimport { countLetter } from './strings';\n\nfunction parseJwt(token: string) {\n return JSON.parse(\n b64DecodeUnicode(token.split('.')[1].replace('-', '+').replace('_', '/'))\n );\n}\nfunction b64DecodeUnicode(str: string) {\n return decodeURIComponent(\n Array.prototype.map\n .call(\n atob(str),\n (c) => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2)\n )\n .join('')\n );\n}\n\nfunction computeTimeLeft(\n refreshTimeBeforeTokensExpirationInSecond: number,\n expiresAt: number\n) {\n const currentTimeUnixSecond = new Date().getTime() / 1000;\n return Math.round(\n expiresAt -\n refreshTimeBeforeTokensExpirationInSecond -\n currentTimeUnixSecond\n );\n}\n\nfunction isTokensValid(tokens: Tokens | null) {\n if (!tokens) {\n return false;\n }\n return computeTimeLeft(0, tokens.expiresAt) > 0;\n}\n\nconst extractTokenPayload = (token?: string) => {\n try {\n if (!token) {\n return null;\n }\n if (countLetter(token, '.') === 2) {\n return parseJwt(token);\n } else {\n return null;\n }\n } catch (e) {\n console.warn(e);\n }\n return null;\n};\n\n// https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation (excluding rules #1, #4, #5, #7, #8, #12, and #13 which did not apply).\n// https://github.com/openid/AppAuth-JS/issues/65\nconst isTokensOidcValid = (\n tokens: Tokens,\n nonce: string | null,\n oidcServerConfiguration: OidcServerConfiguration\n): { isValid: boolean; reason: string } => {\n if (tokens.idTokenPayload) {\n const idTokenPayload = tokens.idTokenPayload;\n // 2: The Issuer Identifier for the OpenID Provider (which is typically obtained during Discovery) MUST exactly match the value of the iss (issuer) Claim.\n if (oidcServerConfiguration.issuer !== idTokenPayload.iss) {\n return { isValid: false, reason: 'Issuer does not match' };\n }\n // 3: The Client MUST validate that the aud (audience) Claim contains its client_id value registered at the Issuer identified by the iss (issuer) Claim as an audience. The aud (audience) Claim MAY contain an array with more than one element. The ID Token MUST be rejected if the ID Token does not list the Client as a valid audience, or if it contains additional audiences not trusted by the Client.\n\n // 6: If the ID Token is received via direct communication between the Client and the Token Endpoint (which it is in this flow), the TLS server validation MAY be used to validate the issuer in place of checking the token signature. The Client MUST validate the signature of all other ID Tokens according to JWS [JWS] using the algorithm specified in the JWT alg Header Parameter. The Client MUST use the keys provided by the Issuer.\n\n // 9: The current time MUST be before the time represented by the exp Claim.\n const currentTimeUnixSecond = new Date().getTime() / 1000;\n if (idTokenPayload.exp && idTokenPayload.exp < currentTimeUnixSecond) {\n return { isValid: false, reason: 'Token expired' };\n }\n // 10: The iat Claim can be used to reject tokens that were issued too far away from the current time, limiting the amount of time that nonces need to be stored to prevent attacks. The acceptable range is Client specific.\n const timeInSevenDays = 60 * 60 * 24 * 7;\n if (\n idTokenPayload.iat &&\n idTokenPayload.iat + timeInSevenDays < currentTimeUnixSecond\n ) {\n return { isValid: false, reason: 'Token is used from too long time' };\n }\n // 11: If a nonce value was sent in the Authentication Request, a nonce Claim MUST be present and its value checked to verify that it is the same value as the one that was sent in the Authentication Request. The Client SHOULD check the nonce value for replay attacks. The precise method for detecting replay attacks is Client specific.\n if (idTokenPayload.nonce && idTokenPayload.nonce !== nonce) {\n return { isValid: false, reason: 'Nonce does not match' };\n }\n }\n return { isValid: true, reason: '' };\n};\n\nfunction _hideTokens(tokens: Tokens, currentDatabaseElement: OidcConfig, configurationName: string) {\n if (!tokens.issued_at) {\n const currentTimeUnixSecond = new Date().getTime() / 1000;\n tokens.issued_at = currentTimeUnixSecond;\n }\n\n const accessTokenPayload = extractTokenPayload(tokens.access_token);\n const secureTokens = {\n ...tokens,\n accessTokenPayload,\n };\n if (currentDatabaseElement.hideAccessToken) {\n secureTokens.access_token = TOKEN.ACCESS_TOKEN + '_' + configurationName;\n }\n tokens.accessTokenPayload = accessTokenPayload;\n\n let _idTokenPayload = null;\n if (tokens.id_token) {\n _idTokenPayload = extractTokenPayload(tokens.id_token);\n tokens.idTokenPayload = {..._idTokenPayload};\n if (_idTokenPayload.nonce && currentDatabaseElement.nonce != null) {\n const keyNonce =\n TOKEN.NONCE_TOKEN + '_' + currentDatabaseElement.configurationName;\n _idTokenPayload.nonce = keyNonce;\n }\n secureTokens.idTokenPayload = _idTokenPayload;\n }\n if (tokens.refresh_token) {\n secureTokens.refresh_token =\n TOKEN.REFRESH_TOKEN + '_' + configurationName;\n }\n\n const idTokenExpiresAt =\n _idTokenPayload && _idTokenPayload.exp\n ? _idTokenPayload.exp\n : Number.MAX_VALUE;\n const accessTokenExpiresAt =\n accessTokenPayload && accessTokenPayload.exp\n ? accessTokenPayload.exp\n : tokens.issued_at + tokens.expires_in;\n\n let expiresAt: number;\n const tokenRenewMode = (\n currentDatabaseElement.oidcConfiguration as OidcConfiguration\n ).token_renew_mode;\n if (tokenRenewMode === TokenRenewMode.access_token_invalid) {\n expiresAt = accessTokenExpiresAt;\n } else if (tokenRenewMode === TokenRenewMode.id_token_invalid) {\n expiresAt = idTokenExpiresAt;\n } else {\n expiresAt =\n idTokenExpiresAt < accessTokenExpiresAt\n ? idTokenExpiresAt\n : accessTokenExpiresAt;\n }\n secureTokens.expiresAt = expiresAt;\n\n tokens.expiresAt = expiresAt;\n const nonce = currentDatabaseElement.nonce\n ? currentDatabaseElement.nonce.nonce\n : null;\n const {isValid, reason} = isTokensOidcValid(\n tokens,\n nonce,\n currentDatabaseElement.oidcServerConfiguration as OidcServerConfiguration\n ); //TODO: Type assertion, could be null.\n if (!isValid) {\n throw Error(`Tokens are not OpenID valid, reason: ${reason}`);\n }\n\n // When refresh_token is not rotated we reuse ald refresh_token\n if (\n currentDatabaseElement.tokens != null &&\n 'refresh_token' in currentDatabaseElement.tokens &&\n !('refresh_token' in tokens)\n ) {\n const refreshToken = currentDatabaseElement.tokens.refresh_token;\n\n currentDatabaseElement.tokens = {\n ...tokens,\n refresh_token: refreshToken,\n };\n } else {\n currentDatabaseElement.tokens = tokens;\n }\n\n currentDatabaseElement.status = 'LOGGED_IN';\n return secureTokens;\n}\n\nfunction hideTokens(currentDatabaseElement: OidcConfig) {\n const configurationName = currentDatabaseElement.configurationName;\n return (response: Response) => {\n if (response.status !== 200) {\n return response;\n }\n return response.json().then<Response>((tokens: Tokens) => {\n const secureTokens = _hideTokens(tokens, currentDatabaseElement, configurationName);\n const body = JSON.stringify(secureTokens);\n return new Response(body, response);\n });\n };\n}\n\nexport {\n b64DecodeUnicode,\n computeTimeLeft,\n isTokensValid,\n extractTokenPayload,\n isTokensOidcValid,\n hideTokens,\n _hideTokens\n};\n","import { FetchHeaders } from '../types';\n\nfunction serializeHeaders(headers: Headers) {\n const headersObj: Record<string, string> = {};\n for (const key of (headers as FetchHeaders).keys()) {\n if (headers.has(key)) {\n headersObj[key] = headers.get(key) as string;\n }\n }\n return headersObj;\n}\nexport {serializeHeaders};","const sleep = (ms: number) => new Promise((resolve) => setTimeout(resolve, ms));\nexport { sleep };\n","import { acceptAnyDomainToken, TOKEN, scriptFilename } from './constants';\nimport {\n TrustedDomains,\n Database,\n OidcConfig,\n OidcConfiguration,\n MessageEventData,\n // TrustedDomainsShowAccessToken,\n} from './types';\nimport {\n checkDomain,\n getCurrentDatabaseDomain,\n hideTokens,\n isTokensValid,\n serializeHeaders,\n sleep,\n getDomains,\n} from './utils';\n\nconst _self = self as ServiceWorkerGlobalScope & typeof globalThis;\n\ndeclare let trustedDomains: TrustedDomains;\n\n_self.importScripts(scriptFilename);\n\nconst id = Math.round(new Date().getTime() / 1000).toString();\n\nconst keepAliveJsonFilename = 'OidcKeepAliveServiceWorker.json';\nconst handleInstall = (event: ExtendableEvent) => {\n console.log('[OidcServiceWorker] service worker installed ' + id);\n event.waitUntil(_self.skipWaiting());\n};\n\nconst handleActivate = (event: ExtendableEvent) => {\n console.log('[OidcServiceWorker] service worker activated ' + id);\n event.waitUntil(_self.clients.claim());\n};\n\nlet currentLoginCallbackConfigurationName: string | null = null;\nconst database: Database = {\n default: {\n configurationName: 'default',\n tokens: null,\n status: null,\n state: null,\n codeVerifier: null,\n nonce: null,\n oidcServerConfiguration: null,\n hideAccessToken: true,\n },\n};\n\nconst getCurrentDatabasesTokenEndpoint = (database: Database, url: string) => {\n const databases: OidcConfig[] = [];\n for (const [, value] of Object.entries<OidcConfig>(database)) {\n if (\n value.oidcServerConfiguration != null &&\n url.startsWith(value.oidcServerConfiguration.tokenEndpoint)\n ) {\n databases.push(value);\n } else if (\n value.oidcServerConfiguration != null &&\n value.oidcServerConfiguration.revocationEndpoint &&\n url.startsWith(value.oidcServerConfiguration.revocationEndpoint)\n ) {\n databases.push(value);\n }\n }\n return databases;\n};\n\nconst keepAliveAsync = async (event: FetchEvent) => {\n const originalRequest = event.request;\n const isFromVanilla = originalRequest.headers.has('oidc-vanilla');\n const init = { status: 200, statusText: 'oidc-service-worker' };\n const response = new Response('{}', init);\n if (!isFromVanilla) {\n const originalRequestUrl = new URL(originalRequest.url);\n const minSleepSeconds = Number(originalRequestUrl.searchParams.get('minSleepSeconds')) || 240;\n for (let i = 0; i < minSleepSeconds; i++) {\n await sleep(1000 + Math.floor(Math.random() * 1000));\n const cache = await caches.open('oidc_dummy_cache');\n await cache.put(event.request, response.clone());\n }\n }\n return response;\n};\n\nconst handleFetch = async (event: FetchEvent) => {\n const originalRequest = event.request;\n const url = originalRequest.url;\n if (originalRequest.url.includes(keepAliveJsonFilename)) {\n event.respondWith(keepAliveAsync(event));\n return;\n }\n\n const currentDatabaseForRequestAccessToken = getCurrentDatabaseDomain(\n database,\n originalRequest.url,\n trustedDomains\n );\n if (\n currentDatabaseForRequestAccessToken &&\n currentDatabaseForRequestAccessToken.tokens &&\n currentDatabaseForRequestAccessToken.tokens.access_token\n ) {\n while (\n currentDatabaseForRequestAccessToken.tokens &&\n !isTokensValid(currentDatabaseForRequestAccessToken.tokens)\n ) {\n await sleep(200);\n }\n const newRequest =\n originalRequest.mode == 'navigate'\n ? new Request(originalRequest, {\n headers: {\n ...serializeHeaders(originalRequest.headers),\n authorization:\n 'Bearer ' +\n currentDatabaseForRequestAccessToken.tokens.access_token,\n },\n })\n : new Request(originalRequest, {\n headers: {\n ...serializeHeaders(originalRequest.headers),\n authorization:\n 'Bearer ' +\n currentDatabaseForRequestAccessToken.tokens.access_token,\n },\n mode: (\n currentDatabaseForRequestAccessToken.oidcConfiguration as OidcConfiguration\n ).service_worker_convert_all_requests_to_cors\n ? 'cors'\n : originalRequest.mode,\n });\n\n //@ts-ignore -- TODO: review, waitUntil takes a promise, this returns a void\n event.waitUntil(event.respondWith(fetch(newRequest)));\n\n return;\n }\n\n if (event.request.method !== 'POST') {\n return;\n }\n\n let currentDatabase: OidcConfig | null = null;\n const currentDatabases = getCurrentDatabasesTokenEndpoint(\n database,\n originalRequest.url\n );\n const numberDatabase = currentDatabases.length;\n if (numberDatabase > 0) {\n const maPromesse = new Promise<Response>((resolve, reject) => {\n const clonedRequest = originalRequest.clone();\n const response = clonedRequest.text().then((actualBody) => {\n if (\n actualBody.includes(TOKEN.REFRESH_TOKEN) ||\n actualBody.includes(TOKEN.ACCESS_TOKEN)\n ) {\n let newBody = actualBody;\n for (let i = 0; i < numberDatabase; i++) {\n const currentDb = currentDatabases[i];\n\n if (currentDb && currentDb.tokens != null) {\n const keyRefreshToken =\n TOKEN.REFRESH_TOKEN + '_' + currentDb.configurationName;\n if (actualBody.includes(keyRefreshToken)) {\n newBody = newBody.replace(\n keyRefreshToken,\n encodeURIComponent(currentDb.tokens.refresh_token as string)\n );\n currentDatabase = currentDb;\n break;\n }\n const keyAccessToken =\n TOKEN.ACCESS_TOKEN + '_' + currentDb.configurationName;\n if (actualBody.includes(keyAccessToken)) {\n newBody = newBody.replace(\n keyAccessToken,\n encodeURIComponent(currentDb.tokens.access_token)\n );\n currentDatabase = currentDb;\n break;\n }\n }\n }\n const fetchPromise = fetch(originalRequest, {\n body: newBody,\n method: clonedRequest.method,\n headers: {\n ...serializeHeaders(originalRequest.headers),\n },\n mode: clonedRequest.mode,\n cache: clonedRequest.cache,\n redirect: clonedRequest.redirect,\n referrer: clonedRequest.referrer,\n credentials: clonedRequest.credentials,\n integrity: clonedRequest.integrity,\n });\n\n if (\n currentDatabase &&\n currentDatabase.oidcServerConfiguration != null &&\n currentDatabase.oidcServerConfiguration.revocationEndpoint &&\n url.startsWith(\n currentDatabase.oidcServerConfiguration.revocationEndpoint\n )\n ) {\n return fetchPromise.then(async (response) => {\n const text = await response.text();\n return new Response(text, response);\n });\n }\n return fetchPromise.then(hideTokens(currentDatabase as OidcConfig)); //todo type assertion to OidcConfig but could be null, NEEDS REVIEW\n } else if (\n actualBody.includes('code_verifier=') &&\n currentLoginCallbackConfigurationName\n ) {\n currentDatabase = database[currentLoginCallbackConfigurationName];\n currentLoginCallbackConfigurationName = null;\n let newBody = actualBody;\n if (currentDatabase && currentDatabase.codeVerifier != null) {\n const keyCodeVerifier =\n TOKEN.CODE_VERIFIER + '_' + currentDatabase.configurationName;\n if (actualBody.includes(keyCodeVerifier)) {\n newBody = newBody.replace(\n keyCodeVerifier,\n currentDatabase.codeVerifier\n );\n }\n }\n\n return fetch(originalRequest, {\n body: newBody,\n method: clonedRequest.method,\n headers: {\n ...serializeHeaders(originalRequest.headers),\n },\n mode: clonedRequest.mode,\n cache: clonedRequest.cache,\n redirect: clonedRequest.redirect,\n referrer: clonedRequest.referrer,\n credentials: clonedRequest.credentials,\n integrity: clonedRequest.integrity,\n }).then(hideTokens(currentDatabase));\n }\n return undefined;\n });\n response\n .then((r) => {\n if (r !== undefined) {\n resolve(r);\n } else {\n console.log('success undefined');\n reject(new Error('Response is undefined inside a success'));\n }\n })\n .catch((err) => {\n if (err !== undefined) {\n reject(err);\n } else {\n console.log('error undefined');\n reject(new Error('Response is undefined inside a error'));\n }\n });\n });\n\n //@ts-ignore -- TODO: review, waitUntil takes a promise, this returns a void\n event.waitUntil(event.respondWith(maPromesse));\n }\n};\n\ntype TrustedDomainsShowAccessToken = {\n [key: string]: boolean\n}\n\nconst trustedDomainsShowAccessToken: TrustedDomainsShowAccessToken = {};\n\nconst handleMessage = (event: ExtendableMessageEvent) => {\n const port = event.ports[0];\n const data = event.data as MessageEventData;\n const configurationName = data.configurationName;\n let currentDatabase = database[configurationName];\n if(trustedDomains== null){\n trustedDomains = {};\n }\n if (!currentDatabase) {\n \n if (trustedDomainsShowAccessToken[configurationName] === undefined) {\n let trustedDomain = trustedDomains[configurationName];\n trustedDomainsShowAccessToken[configurationName] = Array.isArray(trustedDomain) ? false : trustedDomain.showAccessToken;\n }\n database[configurationName] = {\n tokens: null,\n state: null,\n codeVerifier: null,\n oidcServerConfiguration: null,\n oidcConfiguration: undefined,\n nonce: null,\n status: null,\n configurationName,\n hideAccessToken: !trustedDomainsShowAccessToken[configurationName],\n };\n currentDatabase = database[configurationName];\n \n if (!trustedDomains[configurationName]) {\n trustedDomains[configurationName] = [];\n }\n }\n\n switch (data.type) {\n case 'clear':\n currentDatabase.tokens = null;\n currentDatabase.state = null;\n currentDatabase.codeVerifier = null;\n currentDatabase.status = data.data.status;\n port.postMessage({ configurationName });\n return;\n case 'init': {\n const oidcServerConfiguration = data.data.oidcServerConfiguration;\n let trustedDomain = trustedDomains[configurationName];\n const domains = getDomains(trustedDomain, 'oidc');\n if (!domains.find((f) => f === acceptAnyDomainToken)) {\n [\n oidcServerConfiguration.tokenEndpoint,\n oidcServerConfiguration.revocationEndpoint,\n oidcServerConfiguration.userInfoEndpoint,\n oidcServerConfiguration.issuer,\n ].forEach((url) => {\n checkDomain(domains, url);\n });\n }\n currentDatabase.oidcServerConfiguration = oidcServerConfiguration;\n currentDatabase.oidcConfiguration = data.data.oidcConfiguration;\n const where = data.data.where;\n if (\n where === 'loginCallbackAsync' ||\n where === 'tryKeepExistingSessionAsync'\n ) {\n currentLoginCallbackConfigurationName = configurationName;\n } else {\n currentLoginCallbackConfigurationName = null;\n }\n\n if (!currentDatabase.tokens) {\n port.postMessage({\n tokens: null,\n status: currentDatabase.status,\n configurationName,\n });\n } else {\n const tokens = {\n ...currentDatabase.tokens,\n };\n if(currentDatabase.hideAccessToken) {\n tokens.access_token = TOKEN.ACCESS_TOKEN + '_' + configurationName;\n }\n if (tokens.refresh_token) {\n tokens.refresh_token = TOKEN.REFRESH_TOKEN + '_' + configurationName;\n }\n if (\n tokens.idTokenPayload &&\n tokens.idTokenPayload.nonce &&\n currentDatabase.nonce != null\n ) {\n tokens.idTokenPayload.nonce =\n TOKEN.NONCE_TOKEN + '_' + configurationName;\n }\n port.postMessage({\n tokens,\n status: currentDatabase.status,\n configurationName,\n });\n }\n return;\n }\n case 'setState':\n currentDatabase.state = data.data.state;\n port.postMessage({ configurationName });\n return;\n case 'getState': {\n const state = currentDatabase.state;\n port.postMessage({ configurationName, state });\n return;\n }\n case 'setCodeVerifier':\n currentDatabase.codeVerifier = data.data.codeVerifier;\n port.postMessage({ configurationName });\n return;\n case 'getCodeVerifier': {\n port.postMessage({\n configurationName,\n codeVerifier: TOKEN.CODE_VERIFIER + '_' + configurationName,\n });\n return;\n }\n case 'setSessionState':\n currentDatabase.sessionState = data.data.sessionState;\n port.postMessage({ configurationName });\n return;\n case 'getSessionState': {\n const sessionState = currentDatabase.sessionState;\n port.postMessage({ configurationName, sessionState });\n return;\n }\n case 'setNonce':\n currentDatabase.nonce = data.data.nonce;\n port.postMessage({ configurationName });\n return;\n default:\n currentDatabase.items = { ...data.data };\n port.postMessage({ configurationName });\n }\n};\n\n_self.addEventListener('install', handleInstall);\n_self.addEventListener('activate', handleActivate);\n_self.addEventListener('fetch', handleFetch);\n_self.addEventListener('message', handleMessage);\n"],"names":["scriptFilename","acceptAnyDomainToken","TOKEN","TokenRenewMode","openidWellknownUrlEndWith","checkDomain","domains","endpoint","domain","testable","_a","getDomains","trustedDomain","type","getCurrentDatabaseDomain","database","url","trustedDomains","key","currentDatabase","oidcServerConfiguration","domainsToSendTokens","hasToSendToken","f","i","countLetter","str","find","parseJwt","token","b64DecodeUnicode","c","computeTimeLeft","refreshTimeBeforeTokensExpirationInSecond","expiresAt","currentTimeUnixSecond","isTokensValid","tokens","extractTokenPayload","isTokensOidcValid","nonce","idTokenPayload","timeInSevenDays","_hideTokens","currentDatabaseElement","configurationName","accessTokenPayload","secureTokens","_idTokenPayload","keyNonce","idTokenExpiresAt","accessTokenExpiresAt","tokenRenewMode","isValid","reason","refreshToken","hideTokens","response","body","serializeHeaders","headers","headersObj","sleep","ms","resolve","_self","id","keepAliveJsonFilename","handleInstall","event","handleActivate","currentLoginCallbackConfigurationName","getCurrentDatabasesTokenEndpoint","databases","value","keepAliveAsync","originalRequest","isFromVanilla","init","originalRequestUrl","minSleepSeconds","handleFetch","currentDatabaseForRequestAccessToken","newRequest","currentDatabases","numberDatabase","maPromesse","reject","clonedRequest","actualBody","newBody","currentDb","keyRefreshToken","keyAccessToken","fetchPromise","text","keyCodeVerifier","err","trustedDomainsShowAccessToken","handleMessage","port","data","where","state","sessionState"],"mappings":"aAAA,MAAMA,EAAiB,wBACjBC,EAAuB,IASvBC,EAAmB,CACvB,cAAe,+CACf,aAAc,8CACd,YAAa,uCACb,cAAe,8CACjB,EAQMC,EAAqC,CACzC,iCAAkC,mCAClC,qBAAsB,uBACtB,iBAAkB,kBACpB,EAEMC,EAA4B,oCCrBlC,SAASC,EAAYC,EAAmBC,EAAkB,CACxD,GAAI,CAACA,EACH,OAcF,GAAI,CAXWD,EAAQ,KAAME,GAAW,OAClC,IAAAC,EAEA,OAAA,OAAOD,GAAW,SACTC,EAAA,IAAI,OAAO,IAAID,GAAQ,EAEvBA,EAAAA,GAGNE,EAAAD,EAAS,OAAT,YAAAC,EAAA,KAAAD,EAAgBF,EAAQ,CAChC,EAEC,MAAM,IAAI,MACR,UACEA,EACA,yCACAP,CAAA,CAGR,CAEa,MAAAW,EAAa,CAACC,EAAyCC,IAC/D,MAAM,QAAQD,CAAa,EACrBA,EAGFA,EAAc,GAAGC,UAAa,GAAKD,EAAc,SAAW,GAG/DE,EAA2B,CAC/BC,EACAC,EACAC,IACG,OACC,GAAAD,EAAI,SAASZ,CAAyB,EACjC,OAAA,KAET,SAAW,CAACc,EAAKC,CAAe,IAAK,OAAO,QAAoBJ,CAAQ,EAAG,CACzE,MAAMK,EAA0BD,EAAgB,wBAYhD,GAVI,CAACC,GAKHA,EAAwB,eACxBJ,IAAQI,EAAwB,eAKhCA,EAAwB,oBACxBJ,IAAQI,EAAwB,mBAEhC,SAEF,MAAMR,EAAgBK,GAAkB,KAAO,CAAA,EAAKA,EAAeC,CAAG,EAEhEZ,EAAUK,EAAWC,EAAe,aAAa,EACjDS,EAAsBD,EAAwB,iBAChD,CAACA,EAAwB,iBAAkB,GAAGd,CAAO,EACrD,CAAC,GAAGA,CAAO,EAEf,IAAIgB,EAAiB,GACrB,GAAID,EAAoB,KAAME,GAAMA,IAAMtB,CAAoB,EAC3CqB,EAAA,OAEjB,SAASE,EAAI,EAAGA,EAAIH,EAAoB,OAAQG,IAAK,CAC/C,IAAAhB,EAASa,EAAoBG,CAAC,EAM9B,GAJA,OAAOhB,GAAW,WACXA,EAAA,IAAI,OAAO,IAAIA,GAAQ,IAG9BE,EAAAF,EAAO,OAAP,MAAAE,EAAA,KAAAF,EAAcQ,GAAM,CACLM,EAAA,GACjB,OAKN,GAAIA,EACE,OAACH,EAAgB,OAGdA,EAFE,KAKN,OAAA,IACT,EChGgB,SAAAM,EAAYC,EAAaC,EAAc,CACrD,OAAOD,EAAI,MAAMC,CAAI,EAAE,OAAS,CAClC,CCJA,SAASC,EAASC,EAAe,CAC/B,OAAO,KAAK,MACVC,EAAiBD,EAAM,MAAM,GAAG,EAAE,CAAC,EAAE,QAAQ,IAAK,GAAG,EAAE,QAAQ,IAAK,GAAG,CAAC,CAAA,CAE5E,CACA,SAASC,EAAiBJ,EAAa,CAC9B,OAAA,mBACL,MAAM,UAAU,IACb,KACC,KAAKA,CAAG,EACPK,GAAM,KAAO,KAAOA,EAAE,WAAW,CAAC,EAAE,SAAS,EAAE,GAAG,MAAM,EAAE,CAAA,EAE5D,KAAK,EAAE,CAAA,CAEd,CAEA,SAASC,EACPC,EACAC,EACA,CACA,MAAMC,EAAwB,IAAI,KAAK,EAAE,UAAY,IACrD,OAAO,KAAK,MACVD,EACED,EACAE,CAAA,CAEN,CAEA,SAASC,EAAcC,EAAuB,CAC5C,OAAKA,EAGEL,EAAgB,EAAGK,EAAO,SAAS,EAAI,EAFrC,EAGX,CAEA,MAAMC,EAAuBT,GAAmB,CAC1C,GAAA,CACF,OAAKA,GAGDJ,EAAYI,EAAO,GAAG,IAAM,EACvBD,EAASC,CAAK,EAHd,WAOF,GACP,QAAQ,KAAK,CAAC,CAChB,CACO,OAAA,IACT,EAIMU,EAAoB,CACxBF,EACAG,EACApB,IACyC,CACzC,GAAIiB,EAAO,eAAgB,CACzB,MAAMI,EAAiBJ,EAAO,eAE1B,GAAAjB,EAAwB,SAAWqB,EAAe,IACpD,MAAO,CAAE,QAAS,GAAO,OAAQ,uBAAwB,EAO3D,MAAMN,EAAwB,IAAI,KAAK,EAAE,UAAY,IACrD,GAAIM,EAAe,KAAOA,EAAe,IAAMN,EAC7C,MAAO,CAAE,QAAS,GAAO,OAAQ,eAAgB,EAG7C,MAAAO,EAAkB,GAAK,GAAK,GAAK,EACvC,GACED,EAAe,KACfA,EAAe,IAAMC,EAAkBP,EAEvC,MAAO,CAAE,QAAS,GAAO,OAAQ,kCAAmC,EAGtE,GAAIM,EAAe,OAASA,EAAe,QAAUD,EACnD,MAAO,CAAE,QAAS,GAAO,OAAQ,sBAAuB,EAG5D,MAAO,CAAE,QAAS,GAAM,OAAQ,EAAG,CACrC,EAEA,SAASG,EAAYN,EAAgBO,EAAoCC,EAA2B,CAC9F,GAAA,CAACR,EAAO,UAAW,CACrB,MAAMF,EAAwB,IAAI,KAAK,EAAE,UAAY,IACrDE,EAAO,UAAYF,EAGf,MAAAW,EAAqBR,EAAoBD,EAAO,YAAY,EAC5DU,EAAe,CACnB,GAAGV,EACH,mBAAAS,CAAA,EAEEF,EAAuB,kBACZG,EAAA,aAAe7C,EAAM,aAAe,IAAM2C,GAEzDR,EAAO,mBAAqBS,EAE5B,IAAIE,EAAkB,KACtB,GAAIX,EAAO,SAAU,CAGnB,GAFkBW,EAAAV,EAAoBD,EAAO,QAAQ,EAC9CA,EAAA,eAAiB,CAAC,GAAGW,GACxBA,EAAgB,OAASJ,EAAuB,OAAS,KAAM,CACjE,MAAMK,EACF/C,EAAM,YAAc,IAAM0C,EAAuB,kBACrDI,EAAgB,MAAQC,EAE1BF,EAAa,eAAiBC,EAE5BX,EAAO,gBACIU,EAAA,cACT7C,EAAM,cAAgB,IAAM2C,GAGlC,MAAMK,EACFF,GAAmBA,EAAgB,IAC7BA,EAAgB,IAChB,OAAO,UACXG,EACFL,GAAsBA,EAAmB,IACnCA,EAAmB,IACnBT,EAAO,UAAYA,EAAO,WAEhC,IAAAH,EACE,MAAAkB,EACFR,EAAuB,kBACzB,iBACEQ,IAAmBjD,EAAe,qBACxB+B,EAAAiB,EACHC,IAAmBjD,EAAe,iBAC/B+B,EAAAgB,EAGRhB,EAAAgB,EAAmBC,EACbD,EACAC,EAEZJ,EAAa,UAAYb,EAEzBG,EAAO,UAAYH,EACnB,MAAMM,EAAQI,EAAuB,MAC/BA,EAAuB,MAAM,MAC7B,KACA,CAAC,QAAAS,EAAS,OAAAC,CAAA,EAAUf,EACtBF,EACAG,EACAI,EAAuB,uBAAA,EAE3B,GAAI,CAACS,EACG,MAAA,MAAM,wCAAwCC,GAAQ,EAK1D,GAAAV,EAAuB,QAAU,MACjC,kBAAmBA,EAAuB,QAC1C,EAAE,kBAAmBP,GACvB,CACM,MAAAkB,EAAeX,EAAuB,OAAO,cAEnDA,EAAuB,OAAS,CAC9B,GAAGP,EACH,cAAekB,CAAA,OAGjBX,EAAuB,OAASP,EAGlC,OAAAO,EAAuB,OAAS,YACzBG,CACT,CAEA,SAASS,EAAWZ,EAAoC,CACtD,MAAMC,EAAoBD,EAAuB,kBACjD,OAAQa,GACFA,EAAS,SAAW,IACfA,EAEFA,EAAS,KAAA,EAAO,KAAgBpB,GAAmB,CACxD,MAAMU,EAAeJ,EAAYN,EAAQO,EAAwBC,CAAiB,EAC5Ea,EAAO,KAAK,UAAUX,CAAY,EACjC,OAAA,IAAI,SAASW,EAAMD,CAAQ,CAAA,CACnC,CAEL,CCjMA,SAASE,EAAiBC,EAAkB,CAC1C,MAAMC,EAAqC,CAAA,EAChC,UAAA3C,KAAQ0C,EAAyB,OACtCA,EAAQ,IAAI1C,CAAG,IACjB2C,EAAW3C,CAAG,EAAI0C,EAAQ,IAAI1C,CAAG,GAG9B,OAAA2C,CACT,CCVA,MAAMC,EAASC,GAAe,IAAI,QAASC,GAAY,WAAWA,EAASD,CAAE,CAAC,ECmBxEE,EAAQ,KAIdA,EAAM,cAAcjE,CAAc,EAElC,MAAMkE,EAAK,KAAK,MAAU,IAAA,OAAO,UAAY,GAAI,EAAE,WAE7CC,EAAwB,kCACxBC,EAAiBC,GAA2B,CACxC,QAAA,IAAI,gDAAkDH,CAAE,EAC1DG,EAAA,UAAUJ,EAAM,YAAa,CAAA,CACrC,EAEMK,EAAkBD,GAA2B,CACzC,QAAA,IAAI,gDAAkDH,CAAE,EAChEG,EAAM,UAAUJ,EAAM,QAAQ,MAAO,CAAA,CACvC,EAEA,IAAIM,EAAuD,KAC3D,MAAMxD,EAAqB,CACzB,QAAS,CACP,kBAAmB,UACnB,OAAQ,KACR,OAAQ,KACR,MAAO,KACP,aAAc,KACd,MAAO,KACP,wBAAyB,KACzB,gBAAiB,EACnB,CACF,EAEMyD,EAAmC,CAACzD,EAAoBC,IAAgB,CAC5E,MAAMyD,EAA0B,CAAA,EAChC,SAAW,CAAG,CAAAC,CAAK,IAAK,OAAO,QAAoB3D,CAAQ,GAEvD2D,EAAM,yBAA2B,MACjC1D,EAAI,WAAW0D,EAAM,wBAAwB,aAAa,GAI1DA,EAAM,yBAA2B,MACjCA,EAAM,wBAAwB,oBAC9B1D,EAAI,WAAW0D,EAAM,wBAAwB,kBAAkB,IAE/DD,EAAU,KAAKC,CAAK,EAGjB,OAAAD,CACT,EAEME,EAAiB,MAAON,GAAsB,CAClD,MAAMO,EAAkBP,EAAM,QACxBQ,EAAgBD,EAAgB,QAAQ,IAAI,cAAc,EAC1DE,EAAO,CAAE,OAAQ,IAAK,WAAY,qBAAsB,EACxDrB,EAAW,IAAI,SAAS,KAAMqB,CAAI,EACxC,GAAI,CAACD,EAAe,CAClB,MAAME,EAAqB,IAAI,IAAIH,EAAgB,GAAG,EAChDI,EAAkB,OAAOD,EAAmB,aAAa,IAAI,iBAAiB,CAAC,GAAK,IAC1F,QAASvD,EAAI,EAAGA,EAAIwD,EAAiBxD,IAC7B,MAAAsC,EAAM,IAAO,KAAK,MAAM,KAAK,OAAO,EAAI,GAAI,CAAC,EAEnD,MADc,MAAM,OAAO,KAAK,kBAAkB,GACtC,IAAIO,EAAM,QAASZ,EAAS,OAAO,EAG5C,OAAAA,CACT,EAEMwB,EAAc,MAAOZ,GAAsB,CAC/C,MAAMO,EAAkBP,EAAM,QACxBrD,EAAM4D,EAAgB,IAC5B,GAAIA,EAAgB,IAAI,SAAST,CAAqB,EAAG,CACjDE,EAAA,YAAYM,EAAeN,CAAK,CAAC,EACvC,OAGF,MAAMa,EAAuCpE,EAC3CC,EACA6D,EAAgB,IAChB,cAAA,EAEF,GACEM,GACAA,EAAqC,QACrCA,EAAqC,OAAO,aAC5C,CACA,KACEA,EAAqC,QACrC,CAAC9C,EAAc8C,EAAqC,MAAM,GAE1D,MAAMpB,EAAM,GAAG,EAEjB,MAAMqB,EACJP,EAAgB,MAAQ,WACpB,IAAI,QAAQA,EAAiB,CAC3B,QAAS,CACP,GAAGjB,EAAiBiB,EAAgB,OAAO,EAC3C,cACE,UACAM,EAAqC,OAAO,YAChD,CAAA,CACD,EACD,IAAI,QAAQN,EAAiB,CAC3B,QAAS,CACP,GAAGjB,EAAiBiB,EAAgB,OAAO,EAC3C,cACE,UACAM,EAAqC,OAAO,YAChD,EACA,KACEA,EAAqC,kBACrC,4CACE,OACAN,EAAgB,IAAA,CACrB,EAGPP,EAAM,UAAUA,EAAM,YAAY,MAAMc,CAAU,CAAC,CAAC,EAEpD,OAGE,GAAAd,EAAM,QAAQ,SAAW,OAC3B,OAGF,IAAIlD,EAAqC,KACzC,MAAMiE,EAAmBZ,EACvBzD,EACA6D,EAAgB,GAAA,EAEZS,EAAiBD,EAAiB,OACxC,GAAIC,EAAiB,EAAG,CACtB,MAAMC,EAAa,IAAI,QAAkB,CAACtB,EAASuB,IAAW,CACtD,MAAAC,EAAgBZ,EAAgB,QACrBY,EAAc,KAAO,EAAA,KAAMC,GAAe,CAEvD,GAAAA,EAAW,SAASvF,EAAM,aAAa,GACvCuF,EAAW,SAASvF,EAAM,YAAY,EACtC,CACA,IAAIwF,EAAUD,EACd,QAASjE,EAAI,EAAGA,EAAI6D,EAAgB7D,IAAK,CACjC,MAAAmE,EAAYP,EAAiB5D,CAAC,EAEhC,GAAAmE,GAAaA,EAAU,QAAU,KAAM,CACzC,MAAMC,EACJ1F,EAAM,cAAgB,IAAMyF,EAAU,kBACpC,GAAAF,EAAW,SAASG,CAAe,EAAG,CACxCF,EAAUA,EAAQ,QAChBE,EACA,mBAAmBD,EAAU,OAAO,aAAuB,CAAA,EAE3CxE,EAAAwE,EAClB,MAEF,MAAME,EACJ3F,EAAM,aAAe,IAAMyF,EAAU,kBACnC,GAAAF,EAAW,SAASI,CAAc,EAAG,CACvCH,EAAUA,EAAQ,QAChBG,EACA,mBAAmBF,EAAU,OAAO,YAAY,CAAA,EAEhCxE,EAAAwE,EAClB,QAIA,MAAAG,EAAe,MAAMlB,EAAiB,CAC1C,KAAMc,EACN,OAAQF,EAAc,OACtB,QAAS,CACP,GAAG7B,EAAiBiB,EAAgB,OAAO,CAC7C,EACA,KAAMY,EAAc,KACpB,MAAOA,EAAc,MACrB,SAAUA,EAAc,SACxB,SAAUA,EAAc,SACxB,YAAaA,EAAc,YAC3B,UAAWA,EAAc,SAAA,CAC1B,EAED,OACErE,GACAA,EAAgB,yBAA2B,MAC3CA,EAAgB,wBAAwB,oBACxCH,EAAI,WACFG,EAAgB,wBAAwB,kBAAA,EAGnC2E,EAAa,KAAK,MAAOrC,GAAa,CACrC,MAAAsC,EAAO,MAAMtC,EAAS,OACrB,OAAA,IAAI,SAASsC,EAAMtC,CAAQ,CAAA,CACnC,EAEIqC,EAAa,KAAKtC,EAAWrC,CAA6B,CAAC,UAElEsE,EAAW,SAAS,gBAAgB,GACpClB,EACA,CACApD,EAAkBJ,EAASwD,CAAqC,EACxBA,EAAA,KACxC,IAAImB,EAAUD,EACV,GAAAtE,GAAmBA,EAAgB,cAAgB,KAAM,CAC3D,MAAM6E,EACJ9F,EAAM,cAAgB,IAAMiB,EAAgB,kBAC1CsE,EAAW,SAASO,CAAe,IACrCN,EAAUA,EAAQ,QAChBM,EACA7E,EAAgB,YAAA,GAKtB,OAAO,MAAMyD,EAAiB,CAC5B,KAAMc,EACN,OAAQF,EAAc,OACtB,QAAS,CACP,GAAG7B,EAAiBiB,EAAgB,OAAO,CAC7C,EACA,KAAMY,EAAc,KACpB,MAAOA,EAAc,MACrB,SAAUA,EAAc,SACxB,SAAUA,EAAc,SACxB,YAAaA,EAAc,YAC3B,UAAWA,EAAc,SAC1B,CAAA,EAAE,KAAKhC,EAAWrC,CAAe,CAAC,EAE9B,CACR,EAEE,KAAM,GAAM,CACP,IAAM,OACR6C,EAAQ,CAAC,GAET,QAAQ,IAAI,mBAAmB,EACxBuB,EAAA,IAAI,MAAM,wCAAwC,CAAC,EAC5D,CACD,EACA,MAAOU,GAAQ,CACVA,IAAQ,OACVV,EAAOU,CAAG,GAEV,QAAQ,IAAI,iBAAiB,EACtBV,EAAA,IAAI,MAAM,sCAAsC,CAAC,EAC1D,CACD,CAAA,CACJ,EAGDlB,EAAM,UAAUA,EAAM,YAAYiB,CAAU,CAAC,EAEjD,EAMMY,EAA+D,CAAA,EAE/DC,EAAiB9B,GAAkC,CACjD,MAAA+B,EAAO/B,EAAM,MAAM,CAAC,EACpBgC,EAAOhC,EAAM,KACbxB,EAAoBwD,EAAK,kBAC3B,IAAAlF,EAAkBJ,EAAS8B,CAAiB,EAIhD,GAHG,gBAAiB,OAClB,eAAiB,CAAA,GAEf,CAAC1B,EAAiB,CAEhB,GAAA+E,EAA8BrD,CAAiB,IAAM,OAAW,CAC9D,IAAAjC,EAAgB,eAAeiC,CAAiB,EACpDqD,EAA8BrD,CAAiB,EAAI,MAAM,QAAQjC,CAAa,EAAI,GAAQA,EAAc,gBAE1GG,EAAS8B,CAAiB,EAAI,CAC5B,OAAQ,KACR,MAAO,KACP,aAAc,KACd,wBAAyB,KACzB,kBAAmB,OACnB,MAAO,KACP,OAAQ,KACR,kBAAAA,EACA,gBAAiB,CAACqD,EAA8BrD,CAAiB,CAAA,EAEnE1B,EAAkBJ,EAAS8B,CAAiB,EAEvC,eAAeA,CAAiB,IACpB,eAAAA,CAAiB,EAAI,IAIxC,OAAQwD,EAAK,KAAM,CACjB,IAAK,QACHlF,EAAgB,OAAS,KACzBA,EAAgB,MAAQ,KACxBA,EAAgB,aAAe,KACfA,EAAA,OAASkF,EAAK,KAAK,OAC9BD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,OAAQ,CACL,MAAAzB,EAA0BiF,EAAK,KAAK,wBACtC,IAAAzF,EAAgB,eAAeiC,CAAiB,EAC9C,MAAAvC,EAAUK,EAAWC,EAAe,MAAM,EAC3CN,EAAQ,KAAMiB,GAAMA,IAAMtB,CAAoB,GACjD,CACEmB,EAAwB,cACxBA,EAAwB,mBACxBA,EAAwB,iBACxBA,EAAwB,MAAA,EACxB,QAASJ,GAAQ,CACjBX,EAAYC,EAASU,CAAG,CAAA,CACzB,EAELG,EAAgB,wBAA0BC,EACxBD,EAAA,kBAAoBkF,EAAK,KAAK,kBACxC,MAAAC,EAAQD,EAAK,KAAK,MAUpB,GARFC,IAAU,sBACVA,IAAU,8BAE8B/B,EAAA1B,EAEA0B,EAAA,KAGtC,CAACpD,EAAgB,OACnBiF,EAAK,YAAY,CACf,OAAQ,KACR,OAAQjF,EAAgB,OACxB,kBAAA0B,CAAA,CACD,MACI,CACL,MAAMR,EAAS,CACb,GAAGlB,EAAgB,MAAA,EAElBA,EAAgB,kBACVkB,EAAA,aAAenC,EAAM,aAAe,IAAM2C,GAE/CR,EAAO,gBACFA,EAAA,cAAgBnC,EAAM,cAAgB,IAAM2C,GAGnDR,EAAO,gBACPA,EAAO,eAAe,OACtBlB,EAAgB,OAAS,OAEzBkB,EAAO,eAAe,MACpBnC,EAAM,YAAc,IAAM2C,GAE9BuD,EAAK,YAAY,CACf,OAAA/D,EACA,OAAQlB,EAAgB,OACxB,kBAAA0B,CAAA,CACD,EAEH,MACF,CACA,IAAK,WACa1B,EAAA,MAAQkF,EAAK,KAAK,MAC7BD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,WAAY,CACf,MAAM0D,EAAQpF,EAAgB,MAC9BiF,EAAK,YAAY,CAAE,kBAAAvD,EAAmB,MAAA0D,CAAO,CAAA,EAC7C,MACF,CACA,IAAK,kBACapF,EAAA,aAAekF,EAAK,KAAK,aACpCD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,kBAAmB,CACtBuD,EAAK,YAAY,CACf,kBAAAvD,EACA,aAAc3C,EAAM,cAAgB,IAAM2C,CAAA,CAC3C,EACD,MACF,CACA,IAAK,kBACa1B,EAAA,aAAekF,EAAK,KAAK,aACpCD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,kBAAmB,CACtB,MAAM2D,EAAerF,EAAgB,aACrCiF,EAAK,YAAY,CAAE,kBAAAvD,EAAmB,aAAA2D,CAAc,CAAA,EACpD,MACF,CACA,IAAK,WACarF,EAAA,MAAQkF,EAAK,KAAK,MAC7BD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,QACE1B,EAAgB,MAAQ,CAAE,GAAGkF,EAAK,IAAK,EAClCD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,CAC1C,CACF,EAEAoB,EAAM,iBAAiB,UAAWG,CAAa,EAC/CH,EAAM,iBAAiB,WAAYK,CAAc,EACjDL,EAAM,iBAAiB,QAASgB,CAAW,EAC3ChB,EAAM,iBAAiB,UAAWkC,CAAa"}
package/dist/service_worker/types.d.ts CHANGED
@@ -1,5 +1,7 @@
1
1
  export type DomainDetails = {
2
- domains: Domain[];
2
+ domains?: Domain[];
3
+ oidcDomains?: Domain[];
4
+ accessTokenDomains?: Domain[];
3
5
  showAccessToken: boolean;
4
6
  };
5
7
  export type Domain = string | RegExp;
package/dist/service_worker/types.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../types.ts"],"names":[],"mappings":"AACA,MAAM,MAAM,aAAa,GAAG;IACxB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,eAAe,EAAE,OAAO,CAAC;CAC5B,CAAA;AAED,MAAM,MAAM,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;AAErC,MAAM,MAAM,cAAc,GAAG;IACzB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,aAAa,CAAC;CAC3C,GAAI,IAAI,CAAC;AAEV,MAAM,MAAM,uBAAuB,GAAG;IAClC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,qBAAqB,EAAE,MAAM,CAAC;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,EAAE,MAAM,CAAC;CAC5B,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC5B,gBAAgB,EAAE,MAAM,CAAC;IACzB,2CAA2C,EAAE,OAAO,CAAC;CACxD,CAAA;AAID,MAAM,WAAW,YAAa,SAAQ,OAAO;IACzC,IAAI,IAAI,MAAM,EAAE,CAAC;CACpB;AAED,MAAM,MAAM,MAAM,GAAG,QAAQ,GAAG,WAAW,GAAG,YAAY,GAAG,eAAe,GAAG,yBAAyB,GAAG,cAAc,GAAG,qBAAqB,GAAG,eAAe,GAAG,IAAI,CAAC;AAC3K,MAAM,MAAM,gBAAgB,GAAG,OAAO,GAAG,MAAM,GAAG,UAAU,GAAG,UAAU,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,UAAU,CAAC;AAEvK,MAAM,MAAM,WAAW,GAAG;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,uBAAuB,EAAE,uBAAuB,CAAC;IACjD,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,KAAK,CAAC;CAChB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC3B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,IAAI,EAAE,gBAAgB,CAAC;IACvB,IAAI,EAAE,WAAW,CAAC;CACrB,CAAA;AAED,MAAM,MAAM,KAAK,GAAG;IAChB,KAAK,EAAE,MAAM,CAAC;CACjB,GAAG,IAAI,CAAC;AAET,MAAM,MAAM,UAAU,GAAG;IACrB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,KAAK,EAAE,KAAK,CAAC;IACb,uBAAuB,EAAE,uBAAuB,GAAG,IAAI,CAAC;IACxD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,KAAK,CAAC,EAAE,WAAW,CAAC;IACpB,eAAe,EAAE,OAAO,CAAC;CAC5B,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IACZ;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACxB,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACf,CAAA;AAED,MAAM,MAAM,MAAM,GAAG;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,kBAAkB,EAAE,kBAAkB,GAAG,IAAI,CAAC;IAC9C,QAAQ,EAAE,IAAI,GAAG,MAAM,CAAC;IACxB,cAAc,EAAE,cAAc,CAAC;IAC/B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,QAAQ,GAAG;IACnB,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAAA;CAC5B,CAAA"}
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../types.ts"],"names":[],"mappings":"AACA,MAAM,MAAM,aAAa,GAAG;IACxB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,eAAe,EAAE,OAAO,CAAC;CAC5B,CAAA;AAED,MAAM,MAAM,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;AAErC,MAAM,MAAM,cAAc,GAAG;IACzB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,aAAa,CAAC;CAC3C,GAAI,IAAI,CAAC;AAEV,MAAM,MAAM,uBAAuB,GAAG;IAClC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,qBAAqB,EAAE,MAAM,CAAC;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,EAAE,MAAM,CAAC;CAC5B,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC5B,gBAAgB,EAAE,MAAM,CAAC;IACzB,2CAA2C,EAAE,OAAO,CAAC;CACxD,CAAA;AAID,MAAM,WAAW,YAAa,SAAQ,OAAO;IACzC,IAAI,IAAI,MAAM,EAAE,CAAC;CACpB;AAED,MAAM,MAAM,MAAM,GAAG,QAAQ,GAAG,WAAW,GAAG,YAAY,GAAG,eAAe,GAAG,yBAAyB,GAAG,cAAc,GAAG,qBAAqB,GAAG,eAAe,GAAG,IAAI,CAAC;AAC3K,MAAM,MAAM,gBAAgB,GAAG,OAAO,GAAG,MAAM,GAAG,UAAU,GAAG,UAAU,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,UAAU,CAAC;AAEvK,MAAM,MAAM,WAAW,GAAG;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,uBAAuB,EAAE,uBAAuB,CAAC;IACjD,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,KAAK,CAAC;CAChB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC3B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,IAAI,EAAE,gBAAgB,CAAC;IACvB,IAAI,EAAE,WAAW,CAAC;CACrB,CAAA;AAED,MAAM,MAAM,KAAK,GAAG;IAChB,KAAK,EAAE,MAAM,CAAC;CACjB,GAAG,IAAI,CAAC;AAET,MAAM,MAAM,UAAU,GAAG;IACrB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,KAAK,EAAE,KAAK,CAAC;IACb,uBAAuB,EAAE,uBAAuB,GAAG,IAAI,CAAC;IACxD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,KAAK,CAAC,EAAE,WAAW,CAAC;IACpB,eAAe,EAAE,OAAO,CAAC;CAC5B,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IACZ;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACxB,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACf,CAAA;AAED,MAAM,MAAM,MAAM,GAAG;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,kBAAkB,EAAE,kBAAkB,GAAG,IAAI,CAAC;IAC9C,QAAQ,EAAE,IAAI,GAAG,MAAM,CAAC;IACxB,cAAc,EAAE,cAAc,CAAC;IAC/B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,QAAQ,GAAG;IACnB,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAAA;CAC5B,CAAA"}
package/dist/service_worker/utils/domains.d.ts CHANGED
@@ -1,6 +1,7 @@
1
- import { TrustedDomains } from './../types';
1
+ import { DomainDetails, TrustedDomains } from './../types';
2
2
  import { Database, Domain, OidcConfig } from '../types';
3
3
  declare function checkDomain(domains: Domain[], endpoint: string): void;
4
+ export declare const getDomains: (trustedDomain: Domain[] | DomainDetails, type: 'oidc' | 'accessToken') => Domain[];
4
5
  declare const getCurrentDatabaseDomain: (database: Database, url: string, trustedDomains: TrustedDomains) => OidcConfig | null;
5
6
  export { checkDomain, getCurrentDatabaseDomain };
6
7
  //# sourceMappingURL=domains.d.ts.map
package/dist/service_worker/utils/domains.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"domains.d.ts","sourceRoot":"","sources":["../../utils/domains.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAM5C,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAExD,iBAAS,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE,QAAQ,EAAE,MAAM,QAwBvD;AAED,QAAA,MAAM,wBAAwB,aAClB,QAAQ,OACb,MAAM,kBACK,cAAc,sBAwD/B,CAAC;AAEF,OAAO,EAAE,WAAW,EAAE,wBAAwB,EAAE,CAAC"}
1
+ {"version":3,"file":"domains.d.ts","sourceRoot":"","sources":["../../utils/domains.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAM3D,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAExD,iBAAS,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE,QAAQ,EAAE,MAAM,QAwBvD;AAED,eAAO,MAAM,UAAU,kBAAmB,MAAM,EAAE,GAAG,aAAa,QAAQ,MAAM,GAAG,aAAa,aAM/F,CAAA;AAED,QAAA,MAAM,wBAAwB,aAClB,QAAQ,OACb,MAAM,kBACK,cAAc,sBAyD/B,CAAC;AAEF,OAAO,EAAE,WAAW,EAAE,wBAAwB,EAAE,CAAC"}
package/dist/tsconfig.tsbuildinfo CHANGED
@@ -1 +1 @@
1
- {"program":{"fileNames":["../node_modules/typescript/lib/lib.es5.d.ts","../node_modules/typescript/lib/lib.es2015.d.ts","../node_modules/typescript/lib/lib.es2016.d.ts","../node_modules/typescript/lib/lib.es2017.d.ts","../node_modules/typescript/lib/lib.es2018.d.ts","../node_modules/typescript/lib/lib.es2019.d.ts","../node_modules/typescript/lib/lib.es2020.d.ts","../node_modules/typescript/lib/lib.es2021.d.ts","../node_modules/typescript/lib/lib.es2022.d.ts","../node_modules/typescript/lib/lib.esnext.d.ts","../node_modules/typescript/lib/lib.webworker.d.ts","../node_modules/typescript/lib/lib.es2015.core.d.ts","../node_modules/typescript/lib/lib.es2015.collection.d.ts","../node_modules/typescript/lib/lib.es2015.generator.d.ts","../node_modules/typescript/lib/lib.es2015.iterable.d.ts","../node_modules/typescript/lib/lib.es2015.promise.d.ts","../node_modules/typescript/lib/lib.es2015.proxy.d.ts","../node_modules/typescript/lib/lib.es2015.reflect.d.ts","../node_modules/typescript/lib/lib.es2015.symbol.d.ts","../node_modules/typescript/lib/lib.es2015.symbol.wellknown.d.ts","../node_modules/typescript/lib/lib.es2016.array.include.d.ts","../node_modules/typescript/lib/lib.es2017.object.d.ts","../node_modules/typescript/lib/lib.es2017.sharedmemory.d.ts","../node_modules/typescript/lib/lib.es2017.string.d.ts","../node_modules/typescript/lib/lib.es2017.intl.d.ts","../node_modules/typescript/lib/lib.es2017.typedarrays.d.ts","../node_modules/typescript/lib/lib.es2018.asyncgenerator.d.ts","../node_modules/typescript/lib/lib.es2018.asynciterable.d.ts","../node_modules/typescript/lib/lib.es2018.intl.d.ts","../node_modules/typescript/lib/lib.es2018.promise.d.ts","../node_modules/typescript/lib/lib.es2018.regexp.d.ts","../node_modules/typescript/lib/lib.es2019.array.d.ts","../node_modules/typescript/lib/lib.es2019.object.d.ts","../node_modules/typescript/lib/lib.es2019.string.d.ts","../node_modules/typescript/lib/lib.es2019.symbol.d.ts","../node_modules/typescript/lib/lib.es2020.bigint.d.ts","../node_modules/typescript/lib/lib.es2020.date.d.ts","../node_modules/typescript/lib/lib.es2020.promise.d.ts","../node_modules/typescript/lib/lib.es2020.sharedmemory.d.ts","../node_modules/typescript/lib/lib.es2020.string.d.ts","../node_modules/typescript/lib/lib.es2020.symbol.wellknown.d.ts","../node_modules/typescript/lib/lib.es2020.intl.d.ts","../node_modules/typescript/lib/lib.es2020.number.d.ts","../node_modules/typescript/lib/lib.es2021.promise.d.ts","../node_modules/typescript/lib/lib.es2021.string.d.ts","../node_modules/typescript/lib/lib.es2021.weakref.d.ts","../node_modules/typescript/lib/lib.es2021.intl.d.ts","../node_modules/typescript/lib/lib.es2022.array.d.ts","../node_modules/typescript/lib/lib.es2022.error.d.ts","../node_modules/typescript/lib/lib.es2022.intl.d.ts","../node_modules/typescript/lib/lib.es2022.object.d.ts","../node_modules/typescript/lib/lib.es2022.sharedmemory.d.ts","../node_modules/typescript/lib/lib.es2022.string.d.ts","../node_modules/typescript/lib/lib.esnext.intl.d.ts","../service_worker/constants.ts","../service_worker/types.ts","../service_worker/utils/domains.ts","../service_worker/utils/strings.ts","../service_worker/utils/tokens.ts","../service_worker/utils/serializeHeaders.ts","../service_worker/utils/sleep.ts","../service_worker/utils/index.ts","../service_worker/OidcServiceWorker.ts","../node_modules/@vitest/utils/dist/types.d.ts","../node_modules/@vitest/utils/dist/helpers.d.ts","../node_modules/pretty-format/build/types.d.ts","../node_modules/pretty-format/build/index.d.ts","../node_modules/picocolors/types.ts","../node_modules/picocolors/picocolors.d.ts","../node_modules/@vitest/utils/dist/index.d.ts","../node_modules/@vitest/runner/dist/tasks-e1fc71d1.d.ts","../node_modules/@vitest/runner/dist/runner-4c50f8a9.d.ts","../node_modules/@vitest/runner/dist/index.d.ts","../node_modules/@types/chai/index.d.ts","../node_modules/@vitest/expect/dist/index.d.ts","../node_modules/@types/node/assert.d.ts","../node_modules/@types/node/assert/strict.d.ts","../node_modules/@types/node/globals.d.ts","../node_modules/@types/node/async_hooks.d.ts","../node_modules/@types/node/buffer.d.ts","../node_modules/@types/node/child_process.d.ts","../node_modules/@types/node/cluster.d.ts","../node_modules/@types/node/console.d.ts","../node_modules/@types/node/constants.d.ts","../node_modules/@types/node/crypto.d.ts","../node_modules/@types/node/dgram.d.ts","../node_modules/@types/node/diagnostics_channel.d.ts","../node_modules/@types/node/dns.d.ts","../node_modules/@types/node/dns/promises.d.ts","../node_modules/@types/node/domain.d.ts","../node_modules/@types/node/events.d.ts","../node_modules/@types/node/fs.d.ts","../node_modules/@types/node/fs/promises.d.ts","../node_modules/@types/node/http.d.ts","../node_modules/@types/node/http2.d.ts","../node_modules/@types/node/https.d.ts","../node_modules/@types/node/inspector.d.ts","../node_modules/@types/node/module.d.ts","../node_modules/@types/node/net.d.ts","../node_modules/@types/node/os.d.ts","../node_modules/@types/node/path.d.ts","../node_modules/@types/node/perf_hooks.d.ts","../node_modules/@types/node/process.d.ts","../node_modules/@types/node/punycode.d.ts","../node_modules/@types/node/querystring.d.ts","../node_modules/@types/node/readline.d.ts","../node_modules/@types/node/repl.d.ts","../node_modules/@types/node/stream.d.ts","../node_modules/@types/node/stream/promises.d.ts","../node_modules/@types/node/stream/consumers.d.ts","../node_modules/@types/node/stream/web.d.ts","../node_modules/@types/node/string_decoder.d.ts","../node_modules/@types/node/timers.d.ts","../node_modules/@types/node/timers/promises.d.ts","../node_modules/@types/node/tls.d.ts","../node_modules/@types/node/trace_events.d.ts","../node_modules/@types/node/tty.d.ts","../node_modules/@types/node/url.d.ts","../node_modules/@types/node/util.d.ts","../node_modules/@types/node/v8.d.ts","../node_modules/@types/node/vm.d.ts","../node_modules/@types/node/wasi.d.ts","../node_modules/@types/node/worker_threads.d.ts","../node_modules/@types/node/zlib.d.ts","../node_modules/@types/node/globals.global.d.ts","../node_modules/@types/node/index.d.ts","../node_modules/esbuild/lib/main.d.ts","../node_modules/vite/types/metadata.d.ts","../node_modules/vite/types/hmrPayload.d.ts","../node_modules/vite/types/customEvent.d.ts","../node_modules/vite/node_modules/rollup/dist/rollup.d.ts","../node_modules/vite/types/importGlob.d.ts","../node_modules/source-map-js/source-map.d.ts","../node_modules/postcss/lib/comment.d.ts","../node_modules/postcss/lib/at-rule.d.ts","../node_modules/postcss/lib/rule.d.ts","../node_modules/postcss/lib/container.d.ts","../node_modules/postcss/lib/declaration.d.ts","../node_modules/postcss/lib/previous-map.d.ts","../node_modules/postcss/lib/input.d.ts","../node_modules/postcss/lib/css-syntax-error.d.ts","../node_modules/postcss/lib/warning.d.ts","../node_modules/postcss/lib/document.d.ts","../node_modules/postcss/lib/root.d.ts","../node_modules/postcss/lib/lazy-result.d.ts","../node_modules/postcss/lib/no-work-result.d.ts","../node_modules/postcss/lib/processor.d.ts","../node_modules/postcss/lib/result.d.ts","../node_modules/postcss/lib/node.d.ts","../node_modules/postcss/lib/list.d.ts","../node_modules/postcss/lib/postcss.d.ts","../node_modules/vite/dist/node/index.d.ts","../node_modules/@vitest/runner/dist/types.d.ts","../node_modules/@vitest/runner/types.d.ts","../node_modules/@vitest/runner/dist/utils.d.ts","../node_modules/@vitest/runner/utils.d.ts","../node_modules/tinybench/dist/index.d.ts","../node_modules/vite-node/dist/types.d-1e7e3fdf.d.ts","../node_modules/vite-node/dist/types-e288fc62.d.ts","../node_modules/vite-node/dist/client.d.ts","../node_modules/vite-node/dist/server.d.ts","../node_modules/vite-node/dist/index.d.ts","../node_modules/source-map/source-map.d.ts","../node_modules/vitest/dist/types-7cd96283.d.ts","../node_modules/tinyspy/dist/index.d.ts","../node_modules/@vitest/spy/dist/index.d.ts","../node_modules/vitest/dist/env-afee91f0.d.ts","../node_modules/vitest/dist/index.d.ts","../service_worker/utils/__tests__/domains.spec.ts","../service_worker/utils/__tests__/serializeHeaders.spec.ts","../service_worker/utils/__tests__/strings.spec.ts","../service_worker/utils/__tests__/testHelper.ts","../service_worker/utils/__tests__/tokens.spec.ts"],"fileInfos":[{"version":"f20c05dbfe50a208301d2a1da37b9931bce0466eb5a1f4fe240971b4ecc82b67","affectsGlobalScope":true},"dc47c4fa66b9b9890cf076304de2a9c5201e94b740cffdf09f87296d877d71f6","7a387c58583dfca701b6c85e0adaf43fb17d590fb16d5b2dc0a2fbd89f35c467","8a12173c586e95f4433e0c6dc446bc88346be73ffe9ca6eec7aa63c8f3dca7f9","5f4e733ced4e129482ae2186aae29fde948ab7182844c3a5a51dd346182c7b06","e6b724280c694a9f588847f754198fb96c43d805f065c3a5b28bbc9594541c84","1fc5ab7a764205c68fa10d381b08417795fc73111d6dd16b5b1ed36badb743d9","746d62152361558ea6d6115cf0da4dd10ede041d14882ede3568bce5dc4b4f1f","d11a03592451da2d1065e09e61f4e2a9bf68f780f4f6623c18b57816a9679d17","aea179452def8a6152f98f63b191b84e7cbd69b0e248c91e61fb2e52328abe8c",{"version":"adb09ec0a64fc17dbbc4a228b3b18aa5f01db3440a6b0cbb02354df58674d584","affectsGlobalScope":true},{"version":"adb996790133eb33b33aadb9c09f15c2c575e71fb57a62de8bf74dbf59ec7dfb","affectsGlobalScope":true},{"version":"8cc8c5a3bac513368b0157f3d8b31cfdcfe78b56d3724f30f80ed9715e404af8","affectsGlobalScope":true},{"version":"cdccba9a388c2ee3fd6ad4018c640a471a6c060e96f1232062223063b0a5ac6a","affectsGlobalScope":true},{"version":"c5c05907c02476e4bde6b7e76a79ffcd948aedd14b6a8f56e4674221b0417398","affectsGlobalScope":true},{"version":"0d5f52b3174bee6edb81260ebcd792692c32c81fd55499d69531496f3f2b25e7","affectsGlobalScope":true},{"version":"55f400eec64d17e888e278f4def2f254b41b89515d3b88ad75d5e05f019daddd","affectsGlobalScope":true},{"version":"181f1784c6c10b751631b24ce60c7f78b20665db4550b335be179217bacc0d5f","affectsGlobalScope":true},{"version":"3013574108c36fd3aaca79764002b3717da09725a36a6fc02eac386593110f93","affectsGlobalScope":true},{"version":"75ec0bdd727d887f1b79ed6619412ea72ba3c81d92d0787ccb64bab18d261f14","affectsGlobalScope":true},{"version":"3be5a1453daa63e031d266bf342f3943603873d890ab8b9ada95e22389389006","affectsGlobalScope":true},{"version":"17bb1fc99591b00515502d264fa55dc8370c45c5298f4a5c2083557dccba5a2a","affectsGlobalScope":true},{"version":"7ce9f0bde3307ca1f944119f6365f2d776d281a393b576a18a2f2893a2d75c98","affectsGlobalScope":true},{"version":"6a6b173e739a6a99629a8594bfb294cc7329bfb7b227f12e1f7c11bc163b8577","affectsGlobalScope":true},{"version":"81cac4cbc92c0c839c70f8ffb94eb61e2d32dc1c3cf6d95844ca099463cf37ea","affectsGlobalScope":true},{"version":"b0124885ef82641903d232172577f2ceb5d3e60aed4da1153bab4221e1f6dd4e","affectsGlobalScope":true},{"version":"0eb85d6c590b0d577919a79e0084fa1744c1beba6fd0d4e951432fa1ede5510a","affectsGlobalScope":true},{"version":"da233fc1c8a377ba9e0bed690a73c290d843c2c3d23a7bd7ec5cd3d7d73ba1e0","affectsGlobalScope":true},{"version":"d154ea5bb7f7f9001ed9153e876b2d5b8f5c2bb9ec02b3ae0d239ec769f1f2ae","affectsGlobalScope":true},{"version":"bb2d3fb05a1d2ffbca947cc7cbc95d23e1d053d6595391bd325deb265a18d36c","affectsGlobalScope":true},{"version":"c80df75850fea5caa2afe43b9949338ce4e2de086f91713e9af1a06f973872b8","affectsGlobalScope":true},{"version":"9d57b2b5d15838ed094aa9ff1299eecef40b190722eb619bac4616657a05f951","affectsGlobalScope":true},{"version":"6c51b5dd26a2c31dbf37f00cfc32b2aa6a92e19c995aefb5b97a3a64f1ac99de","affectsGlobalScope":true},{"version":"6e7997ef61de3132e4d4b2250e75343f487903ddf5370e7ce33cf1b9db9a63ed","affectsGlobalScope":true},{"version":"2ad234885a4240522efccd77de6c7d99eecf9b4de0914adb9a35c0c22433f993","affectsGlobalScope":true},{"version":"09aa50414b80c023553090e2f53827f007a301bc34b0495bfb2c3c08ab9ad1eb","affectsGlobalScope":true},{"version":"d7f680a43f8cd12a6b6122c07c54ba40952b0c8aa140dcfcf32eb9e6cb028596","affectsGlobalScope":true},{"version":"3787b83e297de7c315d55d4a7c546ae28e5f6c0a361b7a1dcec1f1f50a54ef11","affectsGlobalScope":true},{"version":"e7e8e1d368290e9295ef18ca23f405cf40d5456fa9f20db6373a61ca45f75f40","affectsGlobalScope":true},{"version":"faf0221ae0465363c842ce6aa8a0cbda5d9296940a8e26c86e04cc4081eea21e","affectsGlobalScope":true},{"version":"06393d13ea207a1bfe08ec8d7be562549c5e2da8983f2ee074e00002629d1871","affectsGlobalScope":true},{"version":"775d9c9fd150d5de79e0450f35bc8b8f94ae64e3eb5da12725ff2a649dccc777","affectsGlobalScope":true},{"version":"b248e32ca52e8f5571390a4142558ae4f203ae2f94d5bac38a3084d529ef4e58","affectsGlobalScope":true},{"version":"6c55633c733c8378db65ac3da7a767c3cf2cf3057f0565a9124a16a3a2019e87","affectsGlobalScope":true},{"version":"fb4416144c1bf0323ccbc9afb0ab289c07312214e8820ad17d709498c865a3fe","affectsGlobalScope":true},{"version":"5b0ca94ec819d68d33da516306c15297acec88efeb0ae9e2b39f71dbd9685ef7","affectsGlobalScope":true},{"version":"34c839eaaa6d78c8674ae2c37af2236dee6831b13db7b4ef4df3ec889a04d4f2","affectsGlobalScope":true},{"version":"34478567f8a80171f88f2f30808beb7da15eac0538ae91282dd33dce928d98ed","affectsGlobalScope":true},{"version":"ab7d58e6161a550ff92e5aff755dc37fe896245348332cd5f1e1203479fe0ed1","affectsGlobalScope":true},{"version":"6bda95ea27a59a276e46043b7065b55bd4b316c25e70e29b572958fa77565d43","affectsGlobalScope":true},{"version":"aedb8de1abb2ff1095c153854a6df7deae4a5709c37297f9d6e9948b6806fa66","affectsGlobalScope":true},{"version":"a4da0551fd39b90ca7ce5f68fb55d4dc0c1396d589b612e1902f68ee090aaada","affectsGlobalScope":true},{"version":"11ffe3c281f375fff9ffdde8bbec7669b4dd671905509079f866f2354a788064","affectsGlobalScope":true},{"version":"52d1bb7ab7a3306fd0375c8bff560feed26ed676a5b0457fa8027b563aecb9a4","affectsGlobalScope":true},"ee453f8d91ef4dac435de2004557bda0db36aee22682da75815b54387434951e","897985d34a8acb7b318ad106456f27f025745f6fcc9bcf04484163006646b78e","b3cb692b1972fb4b6401e0df527f896dd49ed6f4db15ffac210e75555de37df9","c086955af3f274c82dc16949e595ec7e47f626a951977a3a425e04f6fd382cdb","30382859f68f8bc25d1ab6b77118a9348e23fedce1b5a43171714936c9ed50c1","e51725fa106f4f8b38c013eb89fcac2f97cdd31b693568f2b83ff5891cedf562","28cd0fe4d33474764a94966cd9410ceadd84d3b7a0932d12dd34dfe5ef2fb1e8","e12ad12e64da906e9b463b23c8650c7dbd47a879413f60f7f26dfbb265703d8d","d5cc33e2319640b27b9ab2dbc7602ab04b7be0e61e5b87affa5f1cd42a474e37","9c54a5d94a1ca20e52912f67f5d4d7dbdd53d73fe7ab647f1b1e2037e0fff754","bda0f515b6bf7e0559674024b72e23b58e6edf32814ce490309028957827bedb","462bccdf75fcafc1ae8c30400c9425e1a4681db5d605d1a0edb4f990a54d8094","5923d8facbac6ecf7c84739a5c701a57af94a6f6648d6229a6c768cf28f0f8cb","576d63ef3a0408e9044ab3855ea0877b5f0c674752d4a339d79b8ed6bb88b02a","8c5f0739f00f89f89b03a1fe6658c6d78000d7ebd7f556f0f8d6908fa679de35","25c92362f402669778f77769afabbf97cae0fb827e389e3c5a86a6538988a1f2","9e0c12c479e7592677b3b1c271dc40ed937cd3732bb25894c956630a61e191cd","32e87e95d14ce71a7afa390b190c81401cb1e67afc6c59708ed7b439cbd663da","d63d901954a2859d9581931dbf3335753ae01836eb331ad666a58dcfe70c27c2",{"version":"b9734142a4b241cfb505be4a2eb0261d211647df7c73043f817f4fdd8d96c846","affectsGlobalScope":true},"119fb97015a7336ef0ebc3de8471b70fba14772558940c65ccadf2b4de1428d7","0cba3a5d7b81356222594442753cf90dd2892e5ccfe1d262aaca6896ba6c1380","a69c09dbea52352f479d3e7ac949fde3d17b195abe90b045d619f747b38d6d1a",{"version":"c2ab70bbc7a24c42a790890739dd8a0ba9d2e15038b40dff8163a97a5d148c00","affectsGlobalScope":true},"422dbb183fdced59425ca072c8bd09efaa77ce4e2ab928ec0d8a1ce062d2a45a",{"version":"2a801b0322994c3dd7f0ef30265d19b3dd3bae6d793596879166ed6219c3da68","affectsGlobalScope":true},"1dab5ab6bcf11de47ab9db295df8c4f1d92ffa750e8f095e88c71ce4c3299628","f71f46ccd5a90566f0a37b25b23bc4684381ab2180bdf6733f4e6624474e1894",{"version":"54e65985a3ee3cec182e6a555e20974ea936fc8b8d1738c14e8ed8a42bd921d4","affectsGlobalScope":true},"82408ed3e959ddc60d3e9904481b5a8dc16469928257af22a3f7d1a3bc7fd8c4","98a3ebfa494b46265634a73459050befba5da8fdc6ca0ef9b7269421780f4ff3","34e5de87d983bc6aefef8b17658556e3157003e8d9555d3cb098c6bef0b5fbc8","cc0b61316c4f37393f1f9595e93b673f4184e9d07f4c127165a490ec4a928668","f27371653aded82b2b160f7a7033fb4a5b1534b6f6081ef7be1468f0f15327d3","c762cd6754b13a461c54b59d0ae0ab7aeef3c292c6cf889873f786ee4d8e75c9","f4ea7d5df644785bd9fbf419930cbaec118f0d8b4160037d2339b8e23c059e79",{"version":"bfea28e6162ed21a0aeed181b623dcf250aa79abf49e24a6b7e012655af36d81","affectsGlobalScope":true},"7a5459efa09ea82088234e6533a203d528c594b01787fb90fba148885a36e8b6","ae97e20f2e10dbeec193d6a2f9cd9a367a1e293e7d6b33b68bacea166afd7792","10d4796a130577d57003a77b95d8723530bbec84718e364aa2129fa8ffba0378","ad41bb744149e92adb06eb953da195115620a3f2ad48e7d3ae04d10762dae197","bf73c576885408d4a176f44a9035d798827cc5020d58284cb18d7573430d9022","7ae078ca42a670445ae0c6a97c029cb83d143d62abd1730efb33f68f0b2c0e82",{"version":"e8b18c6385ff784228a6f369694fcf1a6b475355ba89090a88de13587a9391d5","affectsGlobalScope":true},"5d0a9ea09d990b5788f867f1c79d4878f86f7384cb7dab38eecbf22f9efd063d","12eea70b5e11e924bb0543aea5eadc16ced318aa26001b453b0d561c2fd0bd1e","08777cd9318d294646b121838574e1dd7acbb22c21a03df84e1f2c87b1ad47f2","08a90bcdc717df3d50a2ce178d966a8c353fd23e5c392fd3594a6e39d9bb6304",{"version":"8207e7e6db9aa5fc7e61c8f17ba74cf9c115d26f51f91ee93f790815a7ea9dfb","affectsGlobalScope":true},"2a12d2da5ac4c4979401a3f6eaafa874747a37c365e4bc18aa2b171ae134d21b","002b837927b53f3714308ecd96f72ee8a053b8aeb28213d8ec6de23ed1608b66","1dc9c847473bb47279e398b22c740c83ea37a5c88bf66629666e3cf4c5b9f99c","a9e4a5a24bf2c44de4c98274975a1a705a0abbaad04df3557c2d3cd8b1727949","00fa7ce8bc8acc560dc341bbfdf37840a8c59e6a67c9bfa3fa5f36254df35db2","1b952304137851e45bc009785de89ada562d9376177c97e37702e39e60c2f1ff",{"version":"806ef4cac3b3d9fa4a48d849c8e084d7c72fcd7b16d76e06049a9ed742ff79c0","affectsGlobalScope":true},"cfe724f7c694aab65a9bdd1acb05997848c504548c9d4c71645c187a091cfa2a","5f0ed51db151c2cdc4fa3bb0f44ce6066912ad001b607a34e65a96c52eb76248",{"version":"3345c276cab0e76dda86c0fb79104ff915a4580ba0f3e440870e183b1baec476","affectsGlobalScope":true},"664d8f2d59164f2e08c543981453893bc7e003e4dfd29651ce09db13e9457980","e383ff72aabf294913f8c346f5da1445ae6ad525836d28efd52cbadc01a361a6","f52fbf64c7e480271a9096763c4882d356b05cab05bf56a64e68a95313cd2ce2","59bdb65f28d7ce52ccfc906e9aaf422f8b8534b2d21c32a27d7819be5ad81df7",{"version":"0c5004386ed814334d2d4abd1d8f2f0b63ea2134d5717d8fb2fb8aabc05288ef","affectsGlobalScope":true},"28a2e7383fd898c386ffdcacedf0ec0845e5d1a86b5a43f25b86bc315f556b79","3aff9c8c36192e46a84afe7b926136d520487155154ab9ba982a8b544ea8fc95","a880cf8d85af2e4189c709b0fea613741649c0e40fffb4360ec70762563d5de0","85bbf436a15bbeda4db888be3062d47f99c66fd05d7c50f0f6473a9151b6a070","9f9c49c95ecd25e0cb2587751925976cf64fd184714cb11e213749c80cf0f927","f0c75c08a71f9212c93a719a25fb0320d53f2e50ca89a812640e08f8ad8c408c",{"version":"ab9b9a36e5284fd8d3bf2f7d5fcbc60052f25f27e4d20954782099282c60d23e","affectsGlobalScope":true},"0b3eba6dca8c6e534d16ef7b7d76cb546cd3cbab616c8f71daa0a151b5412b9e","99d951629f7096dcd79adbaa83a85e3be57613005533bd23029b3aba4ce9383e","8f07f2b6514744ac96e51d7cb8518c0f4de319471237ea10cf688b8d0e9d0225","bcb6ea18f23dae2c48459d7b86d3adccd6898f824fcbf9da08b935f559896580","0aa7220845f5f3902fe043f646f9d9218bd7dd6c4046e8471580866ea6b03aa2","65570ad7e2ac88e024dd1f50844db3b9106e044871529e71d377967e3b590ed7","739c2c46edc112421fc023c24b4898b1f413f792bb6a02b40ba182c648e56c2f","858d0d831826c6eb563df02f7db71c90e26deadd0938652096bea3cc14899700","d1c89db652113258e4ba4bbdf5cc7a2a3a600403d4d864a2087b95186253cd5b","11a90d2cb2eaf7fdf931a63b58279e8161f1477a1bd1e914ae026c1bbf9afed3","af18e30f3ba06e9870b61dfa4a109215caabdaa337590c51b4a044a9f338ce96","ace603f7b60599f2dcdbd71c07137b60a747dd33be540f4a294b890f9e0b89dc","7658fbdd425c656fb1849b44932ae7431e8c3198d22c65ce1490deb582743b52","7786c75c1b46e93b33c63dccf689143a5f47ff451a6b3bd9b10e4801cdeadcc2","dbef2851e33a4c2fd2f3164fec70e45df647eb0e87f250de784500a3037e2c37","31491a01ed7466e0b3b0ef8407f2524683055eceb955b1d5ccf7096129468b39","f4b12f7dde4fc0e386648318481bdcfe861b566be246bebf0e8a11ebd909adf9","e8966f7c424780bb0b9d411ebe13eda8555ca15aa675603316c2952bc027b0e3","df0e5f3c4a518111d160cf3bebc9a3ac7d39c6e3bfb7a21d43c304896c3015e2","df4e2f161f74870708c2cc5e1036a6405b878496408fda1ee50d5b10e50d6601","bf791da347fb1c0ffc1e2fcd35867e64bb8355270ae26278198c521bdcf94569","e0e0e3c068e145fbb322120979299ff130ffdd39f0dcd0d5aeaa9f3f8a0d01d9","fde91356172e35b9ea68bbdf33721f7c80307a4ce65b82105eac800e9e744995","9bd5e5a4a1e66b35efe3c48ddac1116537ef86e041717f3a9b9f1e060c74efa6","d7e4a5f4ccfb749c3033fafc233073b4d1dcca0249785186c589602a81f9d86f","68161b6f3004fc10f8bb47a4986cef13c3b0728fb1ca3e1dc7316227d09b2c8d","3fcb7c753af79d2b17b79268bbcace7d957baa234fb12b662e7445aea45be54d","9330dd1414fe87001a61064208c588087bd96c61f91e7cdd8d3ecbe805f10351","1c53e1884dc6550ce179c68e9e3086f54af258fff39eb70274ea9294eb7ce6df","bfcb462146d6d962e5e81691db71da6eafc7a21f65ded1a27620153d780932ed","e666e31d323fef5642f87db0da48a83e58f0aaf9e3823e87eabd8ec7e0441a36","fbdd4ba3bdd2b138debf86f8ea4ac13a16574e9925d62be28a97f4da282feaeb","d12ab69ace581804d4f264eabc71094ca8dadfa70ae2bf5ccd54a8d6105ab84b","08c9b4a63139715b2403190e7b2a0152cd69ea488077a9311261511fcd20d3cf","54a5a83039166ea55e9b9fefe068d22c46e22c4e1318483a26ce21397f05e381","4895ac81e40fdf2b92bdde94f982cff38cebd1374d69ac7773c1a225f4532893","4d221cbdbf1f7e63ffa53674aaea5e77431264ec4e0eb7fea070230a0d5b400e","2887592574fcdfd087647c539dcb0fbe5af2521270dad4a37f9d17c16190d579",{"version":"04924c19cb47975ac071bdeb4d62f9c3e51816954dcfd536f15aab0b8cb61aa6","affectsGlobalScope":true},"9bb2968ad5c75dc49dfebd740d0f57ebc81c865e3d034af6a40a8a2ca9d13c2b","0a1416d477a9a58ec1ea05f053d7d2ea47a1f84768745536ef59d278e792195b","691ca3cb7591aba2cfc1fe25cd028e18f3752a3b9635f4e02a29e47c47698a4b","e669214fe6c7ad91b44ce6dbeed23d264d2af1221bf520d0bb300a2f4fe89f6f","23b7e4bd196c24783810fc2ccf120685b4e96a15041589b6581c7d5885731e17","2ec1ce60484ba69d734f60cafc5d74067607705414bbc417d4ce6db2058f25b8","1674d1fa07c46f4940024898114375e867f6812815bdbaadd18599098a697d5a","0823741a699067705964b4f7f8c07002c3ab9dfdd1ea0295aa125ae8b38bf044","4936b019fe9bbba3de9860c45aa6dfa2829bab075aff75fe41999a2d07b29256"],"options":{"composite":true,"declarationMap":true,"esModuleInterop":true,"module":99,"noImplicitReturns":true,"noUnusedLocals":true,"noUnusedParameters":true,"outDir":"./","skipLibCheck":true,"sourceMap":true,"strict":true,"target":99,"useDefineForClassFields":true},"fileIdsList":[[119],[76,119],[79,119],[80,85,119],[81,91,92,99,108,118,119],[81,82,91,99,119],[83,119],[84,85,92,100,119],[85,108,115,119],[86,88,91,99,119],[87,119],[88,89,119],[90,91,119],[91,119],[91,92,93,108,118,119],[91,92,93,108,119],[94,99,108,118,119],[91,92,94,95,99,108,115,118,119],[94,96,108,115,118,119],[76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125],[91,97,119],[98,118,119],[88,91,99,108,119],[100,119],[101,119],[79,102,119],[103,117,119,123],[104,119],[105,119],[91,106,119],[106,107,119,121],[91,108,109,110,119],[108,110,119],[108,109,119],[111,119],[112,119],[91,113,114,119],[113,114,119],[85,99,108,115,119],[116,119],[99,117,119],[80,94,105,118,119],[85,119],[108,119,120],[119,121],[119,122],[80,85,91,93,102,108,118,119,121,123],[108,119,124],[70,74,119],[70,71,72,119],[71,119],[70,119],[70,71,119],[119,153],[119,155],[119,165],[64,119],[64,65,67,69,119],[68,119],[119,137],[119,137,149],[119,134,135,136,138,149],[119,140],[119,137,144,148,151],[119,139,151],[119,142,144,147,148,151],[119,142,144,145,147,148,151],[119,134,135,136,137,138,140,141,142,143,144,148,151],[119,133,134,135,136,137,138,140,141,142,143,144,145,147,148,149,150],[119,133,151],[119,144,145,146,148,151],[119,147,151],[119,137,143,148,151],[119,141,149],[66,119],[119,133],[119,158,159],[119,152,158,159,164],[119,158],[91,92,94,96,99,108,115,118,119,124,126,127,128,129,130,131,132,151],[119,129],[119,131],[70,73,74,75,92,119,123,152,154,156,157,160,161,162,163,164,166,167],[70,73,75,92,119,123,152,154,156,157,160,161,162,163,164],[55,56,62,119],[55,56,62,119,168],[62,119,168],[56,119,168],[56,62,119,168,172],[55,56,119],[57,58,59,60,61,119],[56,119],[55,56,58,119]],"referencedMap":[[74,1],[76,2],[77,2],[79,3],[80,4],[81,5],[82,6],[83,7],[84,8],[85,9],[86,10],[87,11],[88,12],[89,12],[90,13],[91,14],[92,15],[93,16],[78,1],[125,1],[94,17],[95,18],[96,19],[126,20],[97,21],[98,22],[99,23],[100,24],[101,25],[102,26],[103,27],[104,28],[105,29],[106,30],[107,31],[108,32],[110,33],[109,34],[111,35],[112,36],[113,37],[114,38],[115,39],[116,40],[117,41],[118,42],[119,43],[120,44],[121,45],[122,46],[123,47],[124,48],[75,49],[73,50],[72,51],[71,52],[153,50],[155,53],[154,54],[156,55],[166,56],[65,57],[70,58],[64,1],[127,1],[69,59],[68,1],[135,60],[134,61],[137,62],[141,63],[138,61],[143,64],[140,65],[145,66],[150,1],[146,67],[149,68],[151,69],[139,70],[147,71],[148,72],[144,73],[136,60],[142,74],[67,75],[66,1],[133,76],[163,1],[157,1],[165,1],[13,1],[12,1],[2,1],[14,1],[15,1],[16,1],[17,1],[18,1],[19,1],[20,1],[21,1],[3,1],[4,1],[25,1],[22,1],[23,1],[24,1],[26,1],[27,1],[28,1],[5,1],[29,1],[30,1],[31,1],[32,1],[6,1],[33,1],[34,1],[35,1],[36,1],[7,1],[37,1],[42,1],[43,1],[38,1],[39,1],[40,1],[41,1],[8,1],[47,1],[44,1],[45,1],[46,1],[48,1],[9,1],[49,1],[50,1],[51,1],[52,1],[53,1],[1,1],[10,1],[54,1],[11,1],[160,77],[162,77],[161,78],[159,79],[158,1],[152,80],[131,1],[130,81],[129,1],[132,1],[128,82],[167,1],[168,83],[164,84],[63,85],[55,1],[56,1],[169,86],[170,87],[171,87],[172,88],[173,89],[57,90],[62,91],[60,92],[61,1],[58,1],[59,93]],"exportedModulesMap":[[74,1],[76,2],[77,2],[79,3],[80,4],[81,5],[82,6],[83,7],[84,8],[85,9],[86,10],[87,11],[88,12],[89,12],[90,13],[91,14],[92,15],[93,16],[78,1],[125,1],[94,17],[95,18],[96,19],[126,20],[97,21],[98,22],[99,23],[100,24],[101,25],[102,26],[103,27],[104,28],[105,29],[106,30],[107,31],[108,32],[110,33],[109,34],[111,35],[112,36],[113,37],[114,38],[115,39],[116,40],[117,41],[118,42],[119,43],[120,44],[121,45],[122,46],[123,47],[124,48],[75,49],[73,50],[72,51],[71,52],[153,50],[155,53],[154,54],[156,55],[166,56],[65,57],[70,58],[64,1],[127,1],[69,59],[68,1],[135,60],[134,61],[137,62],[141,63],[138,61],[143,64],[140,65],[145,66],[150,1],[146,67],[149,68],[151,69],[139,70],[147,71],[148,72],[144,73],[136,60],[142,74],[67,75],[66,1],[133,76],[163,1],[157,1],[165,1],[13,1],[12,1],[2,1],[14,1],[15,1],[16,1],[17,1],[18,1],[19,1],[20,1],[21,1],[3,1],[4,1],[25,1],[22,1],[23,1],[24,1],[26,1],[27,1],[28,1],[5,1],[29,1],[30,1],[31,1],[32,1],[6,1],[33,1],[34,1],[35,1],[36,1],[7,1],[37,1],[42,1],[43,1],[38,1],[39,1],[40,1],[41,1],[8,1],[47,1],[44,1],[45,1],[46,1],[48,1],[9,1],[49,1],[50,1],[51,1],[52,1],[53,1],[1,1],[10,1],[54,1],[11,1],[160,77],[162,77],[161,78],[159,79],[158,1],[152,80],[131,1],[130,81],[129,1],[132,1],[128,82],[167,1],[168,83],[164,84],[63,85],[55,1],[56,1],[169,86],[170,87],[171,87],[172,88],[173,89],[57,90],[62,91],[60,92],[61,1],[58,1],[59,93]],"semanticDiagnosticsPerFile":[74,76,77,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,78,125,94,95,96,126,97,98,99,100,101,102,103,104,105,106,107,108,110,109,111,112,113,114,115,116,117,118,119,120,121,122,123,124,75,73,72,71,153,155,154,156,166,65,70,64,127,69,68,135,134,137,141,138,143,140,145,150,146,149,151,139,147,148,144,136,142,67,66,133,163,157,165,13,12,2,14,15,16,17,18,19,20,21,3,4,25,22,23,24,26,27,28,5,29,30,31,32,6,33,34,35,36,7,37,42,43,38,39,40,41,8,47,44,45,46,48,9,49,50,51,52,53,1,10,54,11,160,162,161,159,158,152,131,130,129,132,128,167,168,164,63,55,56,169,170,171,172,173,57,62,60,61,58,59],"affectedFilesPendingEmit":[[74,1],[76,1],[77,1],[79,1],[80,1],[81,1],[82,1],[83,1],[84,1],[85,1],[86,1],[87,1],[88,1],[89,1],[90,1],[91,1],[92,1],[93,1],[78,1],[125,1],[94,1],[95,1],[96,1],[126,1],[97,1],[98,1],[99,1],[100,1],[101,1],[102,1],[103,1],[104,1],[105,1],[106,1],[107,1],[108,1],[110,1],[109,1],[111,1],[112,1],[113,1],[114,1],[115,1],[116,1],[117,1],[118,1],[119,1],[120,1],[121,1],[122,1],[123,1],[124,1],[75,1],[73,1],[72,1],[71,1],[153,1],[155,1],[154,1],[156,1],[166,1],[65,1],[70,1],[64,1],[127,1],[69,1],[68,1],[135,1],[134,1],[137,1],[141,1],[138,1],[143,1],[140,1],[145,1],[150,1],[146,1],[149,1],[151,1],[139,1],[147,1],[148,1],[144,1],[136,1],[142,1],[67,1],[66,1],[133,1],[163,1],[157,1],[165,1],[2,1],[3,1],[4,1],[5,1],[6,1],[7,1],[8,1],[9,1],[10,1],[160,1],[162,1],[161,1],[159,1],[158,1],[152,1],[131,1],[130,1],[129,1],[132,1],[128,1],[167,1],[168,1],[164,1],[63,1],[55,1],[56,1],[169,1],[170,1],[171,1],[172,1],[173,1],[57,1],[62,1],[60,1],[61,1],[58,1],[59,1]],"emitSignatures":[55,56,57,58,59,60,61,62,63,169,170,171,172,173]},"version":"4.8.2"}
1
+ {"program":{"fileNames":["../node_modules/typescript/lib/lib.es5.d.ts","../node_modules/typescript/lib/lib.es2015.d.ts","../node_modules/typescript/lib/lib.es2016.d.ts","../node_modules/typescript/lib/lib.es2017.d.ts","../node_modules/typescript/lib/lib.es2018.d.ts","../node_modules/typescript/lib/lib.es2019.d.ts","../node_modules/typescript/lib/lib.es2020.d.ts","../node_modules/typescript/lib/lib.es2021.d.ts","../node_modules/typescript/lib/lib.es2022.d.ts","../node_modules/typescript/lib/lib.esnext.d.ts","../node_modules/typescript/lib/lib.webworker.d.ts","../node_modules/typescript/lib/lib.es2015.core.d.ts","../node_modules/typescript/lib/lib.es2015.collection.d.ts","../node_modules/typescript/lib/lib.es2015.generator.d.ts","../node_modules/typescript/lib/lib.es2015.iterable.d.ts","../node_modules/typescript/lib/lib.es2015.promise.d.ts","../node_modules/typescript/lib/lib.es2015.proxy.d.ts","../node_modules/typescript/lib/lib.es2015.reflect.d.ts","../node_modules/typescript/lib/lib.es2015.symbol.d.ts","../node_modules/typescript/lib/lib.es2015.symbol.wellknown.d.ts","../node_modules/typescript/lib/lib.es2016.array.include.d.ts","../node_modules/typescript/lib/lib.es2017.object.d.ts","../node_modules/typescript/lib/lib.es2017.sharedmemory.d.ts","../node_modules/typescript/lib/lib.es2017.string.d.ts","../node_modules/typescript/lib/lib.es2017.intl.d.ts","../node_modules/typescript/lib/lib.es2017.typedarrays.d.ts","../node_modules/typescript/lib/lib.es2018.asyncgenerator.d.ts","../node_modules/typescript/lib/lib.es2018.asynciterable.d.ts","../node_modules/typescript/lib/lib.es2018.intl.d.ts","../node_modules/typescript/lib/lib.es2018.promise.d.ts","../node_modules/typescript/lib/lib.es2018.regexp.d.ts","../node_modules/typescript/lib/lib.es2019.array.d.ts","../node_modules/typescript/lib/lib.es2019.object.d.ts","../node_modules/typescript/lib/lib.es2019.string.d.ts","../node_modules/typescript/lib/lib.es2019.symbol.d.ts","../node_modules/typescript/lib/lib.es2020.bigint.d.ts","../node_modules/typescript/lib/lib.es2020.date.d.ts","../node_modules/typescript/lib/lib.es2020.promise.d.ts","../node_modules/typescript/lib/lib.es2020.sharedmemory.d.ts","../node_modules/typescript/lib/lib.es2020.string.d.ts","../node_modules/typescript/lib/lib.es2020.symbol.wellknown.d.ts","../node_modules/typescript/lib/lib.es2020.intl.d.ts","../node_modules/typescript/lib/lib.es2020.number.d.ts","../node_modules/typescript/lib/lib.es2021.promise.d.ts","../node_modules/typescript/lib/lib.es2021.string.d.ts","../node_modules/typescript/lib/lib.es2021.weakref.d.ts","../node_modules/typescript/lib/lib.es2021.intl.d.ts","../node_modules/typescript/lib/lib.es2022.array.d.ts","../node_modules/typescript/lib/lib.es2022.error.d.ts","../node_modules/typescript/lib/lib.es2022.intl.d.ts","../node_modules/typescript/lib/lib.es2022.object.d.ts","../node_modules/typescript/lib/lib.es2022.sharedmemory.d.ts","../node_modules/typescript/lib/lib.es2022.string.d.ts","../node_modules/typescript/lib/lib.esnext.intl.d.ts","../service_worker/constants.ts","../service_worker/types.ts","../service_worker/utils/domains.ts","../service_worker/utils/strings.ts","../service_worker/utils/tokens.ts","../service_worker/utils/serializeHeaders.ts","../service_worker/utils/sleep.ts","../service_worker/utils/index.ts","../service_worker/OidcServiceWorker.ts","../node_modules/@vitest/utils/dist/types.d.ts","../node_modules/@vitest/utils/dist/helpers.d.ts","../node_modules/pretty-format/build/types.d.ts","../node_modules/pretty-format/build/index.d.ts","../node_modules/picocolors/types.ts","../node_modules/picocolors/picocolors.d.ts","../node_modules/@vitest/utils/dist/index.d.ts","../node_modules/@vitest/runner/dist/tasks-e1fc71d1.d.ts","../node_modules/@vitest/runner/dist/runner-4c50f8a9.d.ts","../node_modules/@vitest/runner/dist/index.d.ts","../node_modules/@types/chai/index.d.ts","../node_modules/@vitest/expect/dist/index.d.ts","../node_modules/@types/node/assert.d.ts","../node_modules/@types/node/assert/strict.d.ts","../node_modules/@types/node/globals.d.ts","../node_modules/@types/node/async_hooks.d.ts","../node_modules/@types/node/buffer.d.ts","../node_modules/@types/node/child_process.d.ts","../node_modules/@types/node/cluster.d.ts","../node_modules/@types/node/console.d.ts","../node_modules/@types/node/constants.d.ts","../node_modules/@types/node/crypto.d.ts","../node_modules/@types/node/dgram.d.ts","../node_modules/@types/node/diagnostics_channel.d.ts","../node_modules/@types/node/dns.d.ts","../node_modules/@types/node/dns/promises.d.ts","../node_modules/@types/node/domain.d.ts","../node_modules/@types/node/events.d.ts","../node_modules/@types/node/fs.d.ts","../node_modules/@types/node/fs/promises.d.ts","../node_modules/@types/node/http.d.ts","../node_modules/@types/node/http2.d.ts","../node_modules/@types/node/https.d.ts","../node_modules/@types/node/inspector.d.ts","../node_modules/@types/node/module.d.ts","../node_modules/@types/node/net.d.ts","../node_modules/@types/node/os.d.ts","../node_modules/@types/node/path.d.ts","../node_modules/@types/node/perf_hooks.d.ts","../node_modules/@types/node/process.d.ts","../node_modules/@types/node/punycode.d.ts","../node_modules/@types/node/querystring.d.ts","../node_modules/@types/node/readline.d.ts","../node_modules/@types/node/repl.d.ts","../node_modules/@types/node/stream.d.ts","../node_modules/@types/node/stream/promises.d.ts","../node_modules/@types/node/stream/consumers.d.ts","../node_modules/@types/node/stream/web.d.ts","../node_modules/@types/node/string_decoder.d.ts","../node_modules/@types/node/timers.d.ts","../node_modules/@types/node/timers/promises.d.ts","../node_modules/@types/node/tls.d.ts","../node_modules/@types/node/trace_events.d.ts","../node_modules/@types/node/tty.d.ts","../node_modules/@types/node/url.d.ts","../node_modules/@types/node/util.d.ts","../node_modules/@types/node/v8.d.ts","../node_modules/@types/node/vm.d.ts","../node_modules/@types/node/wasi.d.ts","../node_modules/@types/node/worker_threads.d.ts","../node_modules/@types/node/zlib.d.ts","../node_modules/@types/node/globals.global.d.ts","../node_modules/@types/node/index.d.ts","../node_modules/esbuild/lib/main.d.ts","../node_modules/vite/types/metadata.d.ts","../node_modules/vite/types/hmrPayload.d.ts","../node_modules/vite/types/customEvent.d.ts","../node_modules/vite/node_modules/rollup/dist/rollup.d.ts","../node_modules/vite/types/importGlob.d.ts","../node_modules/source-map-js/source-map.d.ts","../node_modules/postcss/lib/comment.d.ts","../node_modules/postcss/lib/at-rule.d.ts","../node_modules/postcss/lib/rule.d.ts","../node_modules/postcss/lib/container.d.ts","../node_modules/postcss/lib/declaration.d.ts","../node_modules/postcss/lib/previous-map.d.ts","../node_modules/postcss/lib/input.d.ts","../node_modules/postcss/lib/css-syntax-error.d.ts","../node_modules/postcss/lib/warning.d.ts","../node_modules/postcss/lib/document.d.ts","../node_modules/postcss/lib/root.d.ts","../node_modules/postcss/lib/lazy-result.d.ts","../node_modules/postcss/lib/no-work-result.d.ts","../node_modules/postcss/lib/processor.d.ts","../node_modules/postcss/lib/result.d.ts","../node_modules/postcss/lib/node.d.ts","../node_modules/postcss/lib/list.d.ts","../node_modules/postcss/lib/postcss.d.ts","../node_modules/vite/dist/node/index.d.ts","../node_modules/@vitest/runner/dist/types.d.ts","../node_modules/@vitest/runner/types.d.ts","../node_modules/@vitest/runner/dist/utils.d.ts","../node_modules/@vitest/runner/utils.d.ts","../node_modules/tinybench/dist/index.d.ts","../node_modules/vite-node/dist/types.d-1e7e3fdf.d.ts","../node_modules/vite-node/dist/types-e288fc62.d.ts","../node_modules/vite-node/dist/client.d.ts","../node_modules/vite-node/dist/server.d.ts","../node_modules/vite-node/dist/index.d.ts","../node_modules/source-map/source-map.d.ts","../node_modules/vitest/dist/types-7cd96283.d.ts","../node_modules/tinyspy/dist/index.d.ts","../node_modules/@vitest/spy/dist/index.d.ts","../node_modules/vitest/dist/env-afee91f0.d.ts","../node_modules/vitest/dist/index.d.ts","../service_worker/utils/__tests__/domains.spec.ts","../service_worker/utils/__tests__/serializeHeaders.spec.ts","../service_worker/utils/__tests__/strings.spec.ts","../service_worker/utils/__tests__/testHelper.ts","../service_worker/utils/__tests__/tokens.spec.ts"],"fileInfos":[{"version":"f20c05dbfe50a208301d2a1da37b9931bce0466eb5a1f4fe240971b4ecc82b67","affectsGlobalScope":true},"dc47c4fa66b9b9890cf076304de2a9c5201e94b740cffdf09f87296d877d71f6","7a387c58583dfca701b6c85e0adaf43fb17d590fb16d5b2dc0a2fbd89f35c467","8a12173c586e95f4433e0c6dc446bc88346be73ffe9ca6eec7aa63c8f3dca7f9","5f4e733ced4e129482ae2186aae29fde948ab7182844c3a5a51dd346182c7b06","e6b724280c694a9f588847f754198fb96c43d805f065c3a5b28bbc9594541c84","1fc5ab7a764205c68fa10d381b08417795fc73111d6dd16b5b1ed36badb743d9","746d62152361558ea6d6115cf0da4dd10ede041d14882ede3568bce5dc4b4f1f","d11a03592451da2d1065e09e61f4e2a9bf68f780f4f6623c18b57816a9679d17","aea179452def8a6152f98f63b191b84e7cbd69b0e248c91e61fb2e52328abe8c",{"version":"adb09ec0a64fc17dbbc4a228b3b18aa5f01db3440a6b0cbb02354df58674d584","affectsGlobalScope":true},{"version":"adb996790133eb33b33aadb9c09f15c2c575e71fb57a62de8bf74dbf59ec7dfb","affectsGlobalScope":true},{"version":"8cc8c5a3bac513368b0157f3d8b31cfdcfe78b56d3724f30f80ed9715e404af8","affectsGlobalScope":true},{"version":"cdccba9a388c2ee3fd6ad4018c640a471a6c060e96f1232062223063b0a5ac6a","affectsGlobalScope":true},{"version":"c5c05907c02476e4bde6b7e76a79ffcd948aedd14b6a8f56e4674221b0417398","affectsGlobalScope":true},{"version":"0d5f52b3174bee6edb81260ebcd792692c32c81fd55499d69531496f3f2b25e7","affectsGlobalScope":true},{"version":"55f400eec64d17e888e278f4def2f254b41b89515d3b88ad75d5e05f019daddd","affectsGlobalScope":true},{"version":"181f1784c6c10b751631b24ce60c7f78b20665db4550b335be179217bacc0d5f","affectsGlobalScope":true},{"version":"3013574108c36fd3aaca79764002b3717da09725a36a6fc02eac386593110f93","affectsGlobalScope":true},{"version":"75ec0bdd727d887f1b79ed6619412ea72ba3c81d92d0787ccb64bab18d261f14","affectsGlobalScope":true},{"version":"3be5a1453daa63e031d266bf342f3943603873d890ab8b9ada95e22389389006","affectsGlobalScope":true},{"version":"17bb1fc99591b00515502d264fa55dc8370c45c5298f4a5c2083557dccba5a2a","affectsGlobalScope":true},{"version":"7ce9f0bde3307ca1f944119f6365f2d776d281a393b576a18a2f2893a2d75c98","affectsGlobalScope":true},{"version":"6a6b173e739a6a99629a8594bfb294cc7329bfb7b227f12e1f7c11bc163b8577","affectsGlobalScope":true},{"version":"81cac4cbc92c0c839c70f8ffb94eb61e2d32dc1c3cf6d95844ca099463cf37ea","affectsGlobalScope":true},{"version":"b0124885ef82641903d232172577f2ceb5d3e60aed4da1153bab4221e1f6dd4e","affectsGlobalScope":true},{"version":"0eb85d6c590b0d577919a79e0084fa1744c1beba6fd0d4e951432fa1ede5510a","affectsGlobalScope":true},{"version":"da233fc1c8a377ba9e0bed690a73c290d843c2c3d23a7bd7ec5cd3d7d73ba1e0","affectsGlobalScope":true},{"version":"d154ea5bb7f7f9001ed9153e876b2d5b8f5c2bb9ec02b3ae0d239ec769f1f2ae","affectsGlobalScope":true},{"version":"bb2d3fb05a1d2ffbca947cc7cbc95d23e1d053d6595391bd325deb265a18d36c","affectsGlobalScope":true},{"version":"c80df75850fea5caa2afe43b9949338ce4e2de086f91713e9af1a06f973872b8","affectsGlobalScope":true},{"version":"9d57b2b5d15838ed094aa9ff1299eecef40b190722eb619bac4616657a05f951","affectsGlobalScope":true},{"version":"6c51b5dd26a2c31dbf37f00cfc32b2aa6a92e19c995aefb5b97a3a64f1ac99de","affectsGlobalScope":true},{"version":"6e7997ef61de3132e4d4b2250e75343f487903ddf5370e7ce33cf1b9db9a63ed","affectsGlobalScope":true},{"version":"2ad234885a4240522efccd77de6c7d99eecf9b4de0914adb9a35c0c22433f993","affectsGlobalScope":true},{"version":"09aa50414b80c023553090e2f53827f007a301bc34b0495bfb2c3c08ab9ad1eb","affectsGlobalScope":true},{"version":"d7f680a43f8cd12a6b6122c07c54ba40952b0c8aa140dcfcf32eb9e6cb028596","affectsGlobalScope":true},{"version":"3787b83e297de7c315d55d4a7c546ae28e5f6c0a361b7a1dcec1f1f50a54ef11","affectsGlobalScope":true},{"version":"e7e8e1d368290e9295ef18ca23f405cf40d5456fa9f20db6373a61ca45f75f40","affectsGlobalScope":true},{"version":"faf0221ae0465363c842ce6aa8a0cbda5d9296940a8e26c86e04cc4081eea21e","affectsGlobalScope":true},{"version":"06393d13ea207a1bfe08ec8d7be562549c5e2da8983f2ee074e00002629d1871","affectsGlobalScope":true},{"version":"775d9c9fd150d5de79e0450f35bc8b8f94ae64e3eb5da12725ff2a649dccc777","affectsGlobalScope":true},{"version":"b248e32ca52e8f5571390a4142558ae4f203ae2f94d5bac38a3084d529ef4e58","affectsGlobalScope":true},{"version":"6c55633c733c8378db65ac3da7a767c3cf2cf3057f0565a9124a16a3a2019e87","affectsGlobalScope":true},{"version":"fb4416144c1bf0323ccbc9afb0ab289c07312214e8820ad17d709498c865a3fe","affectsGlobalScope":true},{"version":"5b0ca94ec819d68d33da516306c15297acec88efeb0ae9e2b39f71dbd9685ef7","affectsGlobalScope":true},{"version":"34c839eaaa6d78c8674ae2c37af2236dee6831b13db7b4ef4df3ec889a04d4f2","affectsGlobalScope":true},{"version":"34478567f8a80171f88f2f30808beb7da15eac0538ae91282dd33dce928d98ed","affectsGlobalScope":true},{"version":"ab7d58e6161a550ff92e5aff755dc37fe896245348332cd5f1e1203479fe0ed1","affectsGlobalScope":true},{"version":"6bda95ea27a59a276e46043b7065b55bd4b316c25e70e29b572958fa77565d43","affectsGlobalScope":true},{"version":"aedb8de1abb2ff1095c153854a6df7deae4a5709c37297f9d6e9948b6806fa66","affectsGlobalScope":true},{"version":"a4da0551fd39b90ca7ce5f68fb55d4dc0c1396d589b612e1902f68ee090aaada","affectsGlobalScope":true},{"version":"11ffe3c281f375fff9ffdde8bbec7669b4dd671905509079f866f2354a788064","affectsGlobalScope":true},{"version":"52d1bb7ab7a3306fd0375c8bff560feed26ed676a5b0457fa8027b563aecb9a4","affectsGlobalScope":true},"ee453f8d91ef4dac435de2004557bda0db36aee22682da75815b54387434951e","8b0f4d2468a0382779a1b07d19b57acb268da7f991be01dd7604ff17a9b38787","17a7ed929f2c6eea6c9a87f9e7a60716209675dd15415b6d9a1b6f57380d4cd5","c086955af3f274c82dc16949e595ec7e47f626a951977a3a425e04f6fd382cdb","30382859f68f8bc25d1ab6b77118a9348e23fedce1b5a43171714936c9ed50c1","e51725fa106f4f8b38c013eb89fcac2f97cdd31b693568f2b83ff5891cedf562","28cd0fe4d33474764a94966cd9410ceadd84d3b7a0932d12dd34dfe5ef2fb1e8","e12ad12e64da906e9b463b23c8650c7dbd47a879413f60f7f26dfbb265703d8d","cfbf50c5475c9437fc85ffbba10b8c10d947105ac27087a7aece6db8f041f286","9c54a5d94a1ca20e52912f67f5d4d7dbdd53d73fe7ab647f1b1e2037e0fff754","bda0f515b6bf7e0559674024b72e23b58e6edf32814ce490309028957827bedb","462bccdf75fcafc1ae8c30400c9425e1a4681db5d605d1a0edb4f990a54d8094","5923d8facbac6ecf7c84739a5c701a57af94a6f6648d6229a6c768cf28f0f8cb","576d63ef3a0408e9044ab3855ea0877b5f0c674752d4a339d79b8ed6bb88b02a","8c5f0739f00f89f89b03a1fe6658c6d78000d7ebd7f556f0f8d6908fa679de35","25c92362f402669778f77769afabbf97cae0fb827e389e3c5a86a6538988a1f2","9e0c12c479e7592677b3b1c271dc40ed937cd3732bb25894c956630a61e191cd","32e87e95d14ce71a7afa390b190c81401cb1e67afc6c59708ed7b439cbd663da","d63d901954a2859d9581931dbf3335753ae01836eb331ad666a58dcfe70c27c2",{"version":"b9734142a4b241cfb505be4a2eb0261d211647df7c73043f817f4fdd8d96c846","affectsGlobalScope":true},"119fb97015a7336ef0ebc3de8471b70fba14772558940c65ccadf2b4de1428d7","0cba3a5d7b81356222594442753cf90dd2892e5ccfe1d262aaca6896ba6c1380","a69c09dbea52352f479d3e7ac949fde3d17b195abe90b045d619f747b38d6d1a",{"version":"c2ab70bbc7a24c42a790890739dd8a0ba9d2e15038b40dff8163a97a5d148c00","affectsGlobalScope":true},"422dbb183fdced59425ca072c8bd09efaa77ce4e2ab928ec0d8a1ce062d2a45a",{"version":"2a801b0322994c3dd7f0ef30265d19b3dd3bae6d793596879166ed6219c3da68","affectsGlobalScope":true},"1dab5ab6bcf11de47ab9db295df8c4f1d92ffa750e8f095e88c71ce4c3299628","f71f46ccd5a90566f0a37b25b23bc4684381ab2180bdf6733f4e6624474e1894",{"version":"54e65985a3ee3cec182e6a555e20974ea936fc8b8d1738c14e8ed8a42bd921d4","affectsGlobalScope":true},"82408ed3e959ddc60d3e9904481b5a8dc16469928257af22a3f7d1a3bc7fd8c4","98a3ebfa494b46265634a73459050befba5da8fdc6ca0ef9b7269421780f4ff3","34e5de87d983bc6aefef8b17658556e3157003e8d9555d3cb098c6bef0b5fbc8","cc0b61316c4f37393f1f9595e93b673f4184e9d07f4c127165a490ec4a928668","f27371653aded82b2b160f7a7033fb4a5b1534b6f6081ef7be1468f0f15327d3","c762cd6754b13a461c54b59d0ae0ab7aeef3c292c6cf889873f786ee4d8e75c9","f4ea7d5df644785bd9fbf419930cbaec118f0d8b4160037d2339b8e23c059e79",{"version":"bfea28e6162ed21a0aeed181b623dcf250aa79abf49e24a6b7e012655af36d81","affectsGlobalScope":true},"7a5459efa09ea82088234e6533a203d528c594b01787fb90fba148885a36e8b6","ae97e20f2e10dbeec193d6a2f9cd9a367a1e293e7d6b33b68bacea166afd7792","10d4796a130577d57003a77b95d8723530bbec84718e364aa2129fa8ffba0378","ad41bb744149e92adb06eb953da195115620a3f2ad48e7d3ae04d10762dae197","bf73c576885408d4a176f44a9035d798827cc5020d58284cb18d7573430d9022","7ae078ca42a670445ae0c6a97c029cb83d143d62abd1730efb33f68f0b2c0e82",{"version":"e8b18c6385ff784228a6f369694fcf1a6b475355ba89090a88de13587a9391d5","affectsGlobalScope":true},"5d0a9ea09d990b5788f867f1c79d4878f86f7384cb7dab38eecbf22f9efd063d","12eea70b5e11e924bb0543aea5eadc16ced318aa26001b453b0d561c2fd0bd1e","08777cd9318d294646b121838574e1dd7acbb22c21a03df84e1f2c87b1ad47f2","08a90bcdc717df3d50a2ce178d966a8c353fd23e5c392fd3594a6e39d9bb6304",{"version":"8207e7e6db9aa5fc7e61c8f17ba74cf9c115d26f51f91ee93f790815a7ea9dfb","affectsGlobalScope":true},"2a12d2da5ac4c4979401a3f6eaafa874747a37c365e4bc18aa2b171ae134d21b","002b837927b53f3714308ecd96f72ee8a053b8aeb28213d8ec6de23ed1608b66","1dc9c847473bb47279e398b22c740c83ea37a5c88bf66629666e3cf4c5b9f99c","a9e4a5a24bf2c44de4c98274975a1a705a0abbaad04df3557c2d3cd8b1727949","00fa7ce8bc8acc560dc341bbfdf37840a8c59e6a67c9bfa3fa5f36254df35db2","1b952304137851e45bc009785de89ada562d9376177c97e37702e39e60c2f1ff",{"version":"806ef4cac3b3d9fa4a48d849c8e084d7c72fcd7b16d76e06049a9ed742ff79c0","affectsGlobalScope":true},"cfe724f7c694aab65a9bdd1acb05997848c504548c9d4c71645c187a091cfa2a","5f0ed51db151c2cdc4fa3bb0f44ce6066912ad001b607a34e65a96c52eb76248",{"version":"3345c276cab0e76dda86c0fb79104ff915a4580ba0f3e440870e183b1baec476","affectsGlobalScope":true},"664d8f2d59164f2e08c543981453893bc7e003e4dfd29651ce09db13e9457980","e383ff72aabf294913f8c346f5da1445ae6ad525836d28efd52cbadc01a361a6","f52fbf64c7e480271a9096763c4882d356b05cab05bf56a64e68a95313cd2ce2","59bdb65f28d7ce52ccfc906e9aaf422f8b8534b2d21c32a27d7819be5ad81df7",{"version":"0c5004386ed814334d2d4abd1d8f2f0b63ea2134d5717d8fb2fb8aabc05288ef","affectsGlobalScope":true},"28a2e7383fd898c386ffdcacedf0ec0845e5d1a86b5a43f25b86bc315f556b79","3aff9c8c36192e46a84afe7b926136d520487155154ab9ba982a8b544ea8fc95","a880cf8d85af2e4189c709b0fea613741649c0e40fffb4360ec70762563d5de0","85bbf436a15bbeda4db888be3062d47f99c66fd05d7c50f0f6473a9151b6a070","9f9c49c95ecd25e0cb2587751925976cf64fd184714cb11e213749c80cf0f927","f0c75c08a71f9212c93a719a25fb0320d53f2e50ca89a812640e08f8ad8c408c",{"version":"ab9b9a36e5284fd8d3bf2f7d5fcbc60052f25f27e4d20954782099282c60d23e","affectsGlobalScope":true},"0b3eba6dca8c6e534d16ef7b7d76cb546cd3cbab616c8f71daa0a151b5412b9e","99d951629f7096dcd79adbaa83a85e3be57613005533bd23029b3aba4ce9383e","8f07f2b6514744ac96e51d7cb8518c0f4de319471237ea10cf688b8d0e9d0225","bcb6ea18f23dae2c48459d7b86d3adccd6898f824fcbf9da08b935f559896580","0aa7220845f5f3902fe043f646f9d9218bd7dd6c4046e8471580866ea6b03aa2","65570ad7e2ac88e024dd1f50844db3b9106e044871529e71d377967e3b590ed7","739c2c46edc112421fc023c24b4898b1f413f792bb6a02b40ba182c648e56c2f","858d0d831826c6eb563df02f7db71c90e26deadd0938652096bea3cc14899700","d1c89db652113258e4ba4bbdf5cc7a2a3a600403d4d864a2087b95186253cd5b","11a90d2cb2eaf7fdf931a63b58279e8161f1477a1bd1e914ae026c1bbf9afed3","af18e30f3ba06e9870b61dfa4a109215caabdaa337590c51b4a044a9f338ce96","ace603f7b60599f2dcdbd71c07137b60a747dd33be540f4a294b890f9e0b89dc","7658fbdd425c656fb1849b44932ae7431e8c3198d22c65ce1490deb582743b52","7786c75c1b46e93b33c63dccf689143a5f47ff451a6b3bd9b10e4801cdeadcc2","dbef2851e33a4c2fd2f3164fec70e45df647eb0e87f250de784500a3037e2c37","31491a01ed7466e0b3b0ef8407f2524683055eceb955b1d5ccf7096129468b39","f4b12f7dde4fc0e386648318481bdcfe861b566be246bebf0e8a11ebd909adf9","e8966f7c424780bb0b9d411ebe13eda8555ca15aa675603316c2952bc027b0e3","df0e5f3c4a518111d160cf3bebc9a3ac7d39c6e3bfb7a21d43c304896c3015e2","df4e2f161f74870708c2cc5e1036a6405b878496408fda1ee50d5b10e50d6601","bf791da347fb1c0ffc1e2fcd35867e64bb8355270ae26278198c521bdcf94569","e0e0e3c068e145fbb322120979299ff130ffdd39f0dcd0d5aeaa9f3f8a0d01d9","fde91356172e35b9ea68bbdf33721f7c80307a4ce65b82105eac800e9e744995","9bd5e5a4a1e66b35efe3c48ddac1116537ef86e041717f3a9b9f1e060c74efa6","d7e4a5f4ccfb749c3033fafc233073b4d1dcca0249785186c589602a81f9d86f","68161b6f3004fc10f8bb47a4986cef13c3b0728fb1ca3e1dc7316227d09b2c8d","3fcb7c753af79d2b17b79268bbcace7d957baa234fb12b662e7445aea45be54d","9330dd1414fe87001a61064208c588087bd96c61f91e7cdd8d3ecbe805f10351","1c53e1884dc6550ce179c68e9e3086f54af258fff39eb70274ea9294eb7ce6df","bfcb462146d6d962e5e81691db71da6eafc7a21f65ded1a27620153d780932ed","e666e31d323fef5642f87db0da48a83e58f0aaf9e3823e87eabd8ec7e0441a36","fbdd4ba3bdd2b138debf86f8ea4ac13a16574e9925d62be28a97f4da282feaeb","d12ab69ace581804d4f264eabc71094ca8dadfa70ae2bf5ccd54a8d6105ab84b","08c9b4a63139715b2403190e7b2a0152cd69ea488077a9311261511fcd20d3cf","54a5a83039166ea55e9b9fefe068d22c46e22c4e1318483a26ce21397f05e381","4895ac81e40fdf2b92bdde94f982cff38cebd1374d69ac7773c1a225f4532893","4d221cbdbf1f7e63ffa53674aaea5e77431264ec4e0eb7fea070230a0d5b400e","2887592574fcdfd087647c539dcb0fbe5af2521270dad4a37f9d17c16190d579",{"version":"04924c19cb47975ac071bdeb4d62f9c3e51816954dcfd536f15aab0b8cb61aa6","affectsGlobalScope":true},"9bb2968ad5c75dc49dfebd740d0f57ebc81c865e3d034af6a40a8a2ca9d13c2b","0a1416d477a9a58ec1ea05f053d7d2ea47a1f84768745536ef59d278e792195b","691ca3cb7591aba2cfc1fe25cd028e18f3752a3b9635f4e02a29e47c47698a4b","e669214fe6c7ad91b44ce6dbeed23d264d2af1221bf520d0bb300a2f4fe89f6f","d95c3e5140affd86d6d63094d5ed627271cd7f3ca9e8a5ed77631841c056bfd8","2ec1ce60484ba69d734f60cafc5d74067607705414bbc417d4ce6db2058f25b8","1674d1fa07c46f4940024898114375e867f6812815bdbaadd18599098a697d5a","0823741a699067705964b4f7f8c07002c3ab9dfdd1ea0295aa125ae8b38bf044","4936b019fe9bbba3de9860c45aa6dfa2829bab075aff75fe41999a2d07b29256"],"options":{"composite":true,"declarationMap":true,"esModuleInterop":true,"module":99,"noImplicitReturns":true,"noUnusedLocals":true,"noUnusedParameters":true,"outDir":"./","skipLibCheck":true,"sourceMap":true,"strict":true,"target":99,"useDefineForClassFields":true},"fileIdsList":[[119],[76,119],[79,119],[80,85,119],[81,91,92,99,108,118,119],[81,82,91,99,119],[83,119],[84,85,92,100,119],[85,108,115,119],[86,88,91,99,119],[87,119],[88,89,119],[90,91,119],[91,119],[91,92,93,108,118,119],[91,92,93,108,119],[94,99,108,118,119],[91,92,94,95,99,108,115,118,119],[94,96,108,115,118,119],[76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95,96,97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116,117,118,119,120,121,122,123,124,125],[91,97,119],[98,118,119],[88,91,99,108,119],[100,119],[101,119],[79,102,119],[103,117,119,123],[104,119],[105,119],[91,106,119],[106,107,119,121],[91,108,109,110,119],[108,110,119],[108,109,119],[111,119],[112,119],[91,113,114,119],[113,114,119],[85,99,108,115,119],[116,119],[99,117,119],[80,94,105,118,119],[85,119],[108,119,120],[119,121],[119,122],[80,85,91,93,102,108,118,119,121,123],[108,119,124],[70,74,119],[70,71,72,119],[71,119],[70,119],[70,71,119],[119,153],[119,155],[119,165],[64,119],[64,65,67,69,119],[68,119],[119,137],[119,137,149],[119,134,135,136,138,149],[119,140],[119,137,144,148,151],[119,139,151],[119,142,144,147,148,151],[119,142,144,145,147,148,151],[119,134,135,136,137,138,140,141,142,143,144,148,151],[119,133,134,135,136,137,138,140,141,142,143,144,145,147,148,149,150],[119,133,151],[119,144,145,146,148,151],[119,147,151],[119,137,143,148,151],[119,141,149],[66,119],[119,133],[119,158,159],[119,152,158,159,164],[119,158],[91,92,94,96,99,108,115,118,119,124,126,127,128,129,130,131,132,151],[119,129],[119,131],[70,73,74,75,92,119,123,152,154,156,157,160,161,162,163,164,166,167],[70,73,75,92,119,123,152,154,156,157,160,161,162,163,164],[55,56,62,119],[55,56,62,119,168],[62,119,168],[56,119,168],[56,62,119,168,172],[55,56,119],[57,58,59,60,61,119],[56,119],[55,56,58,119]],"referencedMap":[[74,1],[76,2],[77,2],[79,3],[80,4],[81,5],[82,6],[83,7],[84,8],[85,9],[86,10],[87,11],[88,12],[89,12],[90,13],[91,14],[92,15],[93,16],[78,1],[125,1],[94,17],[95,18],[96,19],[126,20],[97,21],[98,22],[99,23],[100,24],[101,25],[102,26],[103,27],[104,28],[105,29],[106,30],[107,31],[108,32],[110,33],[109,34],[111,35],[112,36],[113,37],[114,38],[115,39],[116,40],[117,41],[118,42],[119,43],[120,44],[121,45],[122,46],[123,47],[124,48],[75,49],[73,50],[72,51],[71,52],[153,50],[155,53],[154,54],[156,55],[166,56],[65,57],[70,58],[64,1],[127,1],[69,59],[68,1],[135,60],[134,61],[137,62],[141,63],[138,61],[143,64],[140,65],[145,66],[150,1],[146,67],[149,68],[151,69],[139,70],[147,71],[148,72],[144,73],[136,60],[142,74],[67,75],[66,1],[133,76],[163,1],[157,1],[165,1],[13,1],[12,1],[2,1],[14,1],[15,1],[16,1],[17,1],[18,1],[19,1],[20,1],[21,1],[3,1],[4,1],[25,1],[22,1],[23,1],[24,1],[26,1],[27,1],[28,1],[5,1],[29,1],[30,1],[31,1],[32,1],[6,1],[33,1],[34,1],[35,1],[36,1],[7,1],[37,1],[42,1],[43,1],[38,1],[39,1],[40,1],[41,1],[8,1],[47,1],[44,1],[45,1],[46,1],[48,1],[9,1],[49,1],[50,1],[51,1],[52,1],[53,1],[1,1],[10,1],[54,1],[11,1],[160,77],[162,77],[161,78],[159,79],[158,1],[152,80],[131,1],[130,81],[129,1],[132,1],[128,82],[167,1],[168,83],[164,84],[63,85],[55,1],[56,1],[169,86],[170,87],[171,87],[172,88],[173,89],[57,90],[62,91],[60,92],[61,1],[58,1],[59,93]],"exportedModulesMap":[[74,1],[76,2],[77,2],[79,3],[80,4],[81,5],[82,6],[83,7],[84,8],[85,9],[86,10],[87,11],[88,12],[89,12],[90,13],[91,14],[92,15],[93,16],[78,1],[125,1],[94,17],[95,18],[96,19],[126,20],[97,21],[98,22],[99,23],[100,24],[101,25],[102,26],[103,27],[104,28],[105,29],[106,30],[107,31],[108,32],[110,33],[109,34],[111,35],[112,36],[113,37],[114,38],[115,39],[116,40],[117,41],[118,42],[119,43],[120,44],[121,45],[122,46],[123,47],[124,48],[75,49],[73,50],[72,51],[71,52],[153,50],[155,53],[154,54],[156,55],[166,56],[65,57],[70,58],[64,1],[127,1],[69,59],[68,1],[135,60],[134,61],[137,62],[141,63],[138,61],[143,64],[140,65],[145,66],[150,1],[146,67],[149,68],[151,69],[139,70],[147,71],[148,72],[144,73],[136,60],[142,74],[67,75],[66,1],[133,76],[163,1],[157,1],[165,1],[13,1],[12,1],[2,1],[14,1],[15,1],[16,1],[17,1],[18,1],[19,1],[20,1],[21,1],[3,1],[4,1],[25,1],[22,1],[23,1],[24,1],[26,1],[27,1],[28,1],[5,1],[29,1],[30,1],[31,1],[32,1],[6,1],[33,1],[34,1],[35,1],[36,1],[7,1],[37,1],[42,1],[43,1],[38,1],[39,1],[40,1],[41,1],[8,1],[47,1],[44,1],[45,1],[46,1],[48,1],[9,1],[49,1],[50,1],[51,1],[52,1],[53,1],[1,1],[10,1],[54,1],[11,1],[160,77],[162,77],[161,78],[159,79],[158,1],[152,80],[131,1],[130,81],[129,1],[132,1],[128,82],[167,1],[168,83],[164,84],[63,85],[55,1],[56,1],[169,86],[170,87],[171,87],[172,88],[173,89],[57,90],[62,91],[60,92],[61,1],[58,1],[59,93]],"semanticDiagnosticsPerFile":[74,76,77,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,78,125,94,95,96,126,97,98,99,100,101,102,103,104,105,106,107,108,110,109,111,112,113,114,115,116,117,118,119,120,121,122,123,124,75,73,72,71,153,155,154,156,166,65,70,64,127,69,68,135,134,137,141,138,143,140,145,150,146,149,151,139,147,148,144,136,142,67,66,133,163,157,165,13,12,2,14,15,16,17,18,19,20,21,3,4,25,22,23,24,26,27,28,5,29,30,31,32,6,33,34,35,36,7,37,42,43,38,39,40,41,8,47,44,45,46,48,9,49,50,51,52,53,1,10,54,11,160,162,161,159,158,152,131,130,129,132,128,167,168,164,63,55,56,169,170,171,172,173,57,62,60,61,58,59],"affectedFilesPendingEmit":[[74,1],[76,1],[77,1],[79,1],[80,1],[81,1],[82,1],[83,1],[84,1],[85,1],[86,1],[87,1],[88,1],[89,1],[90,1],[91,1],[92,1],[93,1],[78,1],[125,1],[94,1],[95,1],[96,1],[126,1],[97,1],[98,1],[99,1],[100,1],[101,1],[102,1],[103,1],[104,1],[105,1],[106,1],[107,1],[108,1],[110,1],[109,1],[111,1],[112,1],[113,1],[114,1],[115,1],[116,1],[117,1],[118,1],[119,1],[120,1],[121,1],[122,1],[123,1],[124,1],[75,1],[73,1],[72,1],[71,1],[153,1],[155,1],[154,1],[156,1],[166,1],[65,1],[70,1],[64,1],[127,1],[69,1],[68,1],[135,1],[134,1],[137,1],[141,1],[138,1],[143,1],[140,1],[145,1],[150,1],[146,1],[149,1],[151,1],[139,1],[147,1],[148,1],[144,1],[136,1],[142,1],[67,1],[66,1],[133,1],[163,1],[157,1],[165,1],[2,1],[3,1],[4,1],[5,1],[6,1],[7,1],[8,1],[9,1],[10,1],[160,1],[162,1],[161,1],[159,1],[158,1],[152,1],[131,1],[130,1],[129,1],[132,1],[128,1],[167,1],[168,1],[164,1],[63,1],[55,1],[56,1],[169,1],[170,1],[171,1],[172,1],[173,1],[57,1],[62,1],[60,1],[61,1],[58,1],[59,1]],"emitSignatures":[55,56,57,58,59,60,61,62,63,169,170,171,172,173]},"version":"4.8.2"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@axa-fr/react-oidc",
3
- "version": "6.21.0",
3
+ "version": "6.22.0",
4
4
  "private": false,
5
5
  "main": "dist/index.js",
6
6
  "jsnext:main": "dist/index.js",
package/service_worker/OidcServiceWorker.ts CHANGED
@@ -14,6 +14,7 @@ import {
14
14
  isTokensValid,
15
15
  serializeHeaders,
16
16
  sleep,
17
+ getDomains,
17
18
  } from './utils';
18
19
 
19
20
  const _self = self as ServiceWorkerGlobalScope & typeof globalThis;
@@ -319,8 +320,7 @@ const handleMessage = (event: ExtendableMessageEvent) => {
319
320
  case 'init': {
320
321
  const oidcServerConfiguration = data.data.oidcServerConfiguration;
321
322
  let trustedDomain = trustedDomains[configurationName];
322
-
323
- const domains = Array.isArray(trustedDomain) ? trustedDomain : trustedDomain.domains;
323
+ const domains = getDomains(trustedDomain, 'oidc');
324
324
  if (!domains.find((f) => f === acceptAnyDomainToken)) {
325
325
  [
326
326
  oidcServerConfiguration.tokenEndpoint,
package/service_worker/OidcTrustedDomains.js CHANGED
@@ -17,4 +17,11 @@ const trustedDomains = {
17
17
  // Service worker will continue to give access token to the JavaScript client
18
18
  // Ideal to hide refresh token from client JavaScript, but to retrieve access_token for some
19
19
  // scenarios which require it. For example, to send it via websocket connection.
20
- trustedDomains.config_show_access_token = { domains : ["https://demo.duendesoftware.com"], showAccessToken: true };
20
+ trustedDomains.config_show_access_token = { domains : ["https://demo.duendesoftware.com"], showAccessToken: true };
21
+
22
+
23
+ // This example defines domains used by OIDC server separately from domains to which access tokens will be injected.
24
+ trustedDomains.config_separate_oidc_access_token_domains = {
25
+ oidcDomains: ["https://demo.duendesoftware.com"],
26
+ accessTokenDomains: ["https://myapi"]
27
+ };
package/service_worker/dist/OidcServiceWorker.js CHANGED
@@ -1,2 +1,2 @@
1
- "use strict";const N="OidcTrustedDomains.js",A="*",_={REFRESH_TOKEN:"REFRESH_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER",ACCESS_TOKEN:"ACCESS_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER",NONCE_TOKEN:"NONCE_SECURED_BY_OIDC_SERVICE_WORKER",CODE_VERIFIER:"CODE_VERIFIER_SECURED_BY_OIDC_SERVICE_WORKER"},w={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"},I="/.well-known/openid-configuration";function x(t,e){if(!e)return;if(!t.find(n=>{var i;let o;return typeof n=="string"?o=new RegExp(`^${n}`):o=n,(i=o.test)==null?void 0:i.call(o,e)}))throw new Error("Domain "+e+" is not trusted, please add domain in "+N)}const K=(t,e,s)=>{var n;if(e.endsWith(I))return null;for(const[o,i]of Object.entries(t)){const d=i.oidcServerConfiguration;if(!d||d.tokenEndpoint&&e===d.tokenEndpoint||d.revocationEndpoint&&e===d.revocationEndpoint)continue;const l=s==null?[]:s[o],f=Array.isArray(l)?l:l.domains,a=d.userInfoEndpoint?[d.userInfoEndpoint,...f]:[...f];let c=!1;if(a.find(h=>h===A))c=!0;else for(let h=0;h<a.length;h++){let r=a[h];if(typeof r=="string"&&(r=new RegExp(`^${r}`)),(n=r.test)!=null&&n.call(r,e)){c=!0;break}}if(c)return i.tokens?i:null}return null};function M(t,e){return t.split(e).length-1}function U(t){return JSON.parse(P(t.split(".")[1].replace("-","+").replace("_","/")))}function P(t){return decodeURIComponent(Array.prototype.map.call(atob(t),e=>"%"+("00"+e.charCodeAt(0).toString(16)).slice(-2)).join(""))}function W(t,e){const s=new Date().getTime()/1e3;return Math.round(e-t-s)}function F(t){return t?W(0,t.expiresAt)>0:!1}const O=t=>{try{return t&&M(t,".")===2?U(t):null}catch(e){console.warn(e)}return null},b=(t,e,s)=>{if(t.idTokenPayload){const n=t.idTokenPayload;if(s.issuer!==n.iss)return{isValid:!1,reason:"Issuer does not match"};const o=new Date().getTime()/1e3;if(n.exp&&n.exp<o)return{isValid:!1,reason:"Token expired"};const i=60*60*24*7;if(n.iat&&n.iat+i<o)return{isValid:!1,reason:"Token is used from too long time"};if(n.nonce&&n.nonce!==e)return{isValid:!1,reason:"Nonce does not match"}}return{isValid:!0,reason:""}};function q(t,e,s){if(!t.issued_at){const u=new Date().getTime()/1e3;t.issued_at=u}const n=O(t.access_token),o={...t,accessTokenPayload:n};e.hideAccessToken&&(o.access_token=_.ACCESS_TOKEN+"_"+s),t.accessTokenPayload=n;let i=null;if(t.id_token){if(i=O(t.id_token),t.idTokenPayload={...i},i.nonce&&e.nonce!=null){const u=_.NONCE_TOKEN+"_"+e.configurationName;i.nonce=u}o.idTokenPayload=i}t.refresh_token&&(o.refresh_token=_.REFRESH_TOKEN+"_"+s);const d=i&&i.exp?i.exp:Number.MAX_VALUE,l=n&&n.exp?n.exp:t.issued_at+t.expires_in;let f;const a=e.oidcConfiguration.token_renew_mode;a===w.access_token_invalid?f=l:a===w.id_token_invalid?f=d:f=d<l?d:l,o.expiresAt=f,t.expiresAt=f;const c=e.nonce?e.nonce.nonce:null,{isValid:h,reason:r}=b(t,c,e.oidcServerConfiguration);if(!h)throw Error(`Tokens are not OpenID valid, reason: ${r}`);if(e.tokens!=null&&"refresh_token"in e.tokens&&!("refresh_token"in t)){const u=e.tokens.refresh_token;e.tokens={...t,refresh_token:u}}else e.tokens=t;return e.status="LOGGED_IN",o}function y(t){const e=t.configurationName;return s=>s.status!==200?s:s.json().then(n=>{const o=q(n,t,e),i=JSON.stringify(o);return new Response(i,s)})}function T(t){const e={};for(const s of t.keys())t.has(s)&&(e[s]=t.get(s));return e}const D=t=>new Promise(e=>setTimeout(e,t)),E=self;E.importScripts(N);const V=Math.round(new Date().getTime()/1e3).toString(),L="OidcKeepAliveServiceWorker.json",H=t=>{console.log("[OidcServiceWorker] service worker installed "+V),t.waitUntil(E.skipWaiting())},j=t=>{console.log("[OidcServiceWorker] service worker activated "+V),t.waitUntil(E.clients.claim())};let m=null;const g={default:{configurationName:"default",tokens:null,status:null,state:null,codeVerifier:null,nonce:null,oidcServerConfiguration:null,hideAccessToken:!0}},J=(t,e)=>{const s=[];for(const[,n]of Object.entries(t))(n.oidcServerConfiguration!=null&&e.startsWith(n.oidcServerConfiguration.tokenEndpoint)||n.oidcServerConfiguration!=null&&n.oidcServerConfiguration.revocationEndpoint&&e.startsWith(n.oidcServerConfiguration.revocationEndpoint))&&s.push(n);return s},Y=async t=>{const e=t.request,s=e.headers.has("oidc-vanilla"),n={status:200,statusText:"oidc-service-worker"},o=new Response("{}",n);if(!s){const i=new URL(e.url),d=Number(i.searchParams.get("minSleepSeconds"))||240;for(let l=0;l<d;l++)await D(1e3+Math.floor(Math.random()*1e3)),await(await caches.open("oidc_dummy_cache")).put(t.request,o.clone())}return o},z=async t=>{const e=t.request,s=e.url;if(e.url.includes(L)){t.respondWith(Y(t));return}const n=K(g,e.url,trustedDomains);if(n&&n.tokens&&n.tokens.access_token){for(;n.tokens&&!F(n.tokens);)await D(200);const l=e.mode=="navigate"?new Request(e,{headers:{...T(e.headers),authorization:"Bearer "+n.tokens.access_token}}):new Request(e,{headers:{...T(e.headers),authorization:"Bearer "+n.tokens.access_token},mode:n.oidcConfiguration.service_worker_convert_all_requests_to_cors?"cors":e.mode});t.waitUntil(t.respondWith(fetch(l)));return}if(t.request.method!=="POST")return;let o=null;const i=J(g,e.url),d=i.length;if(d>0){const l=new Promise((f,a)=>{const c=e.clone();c.text().then(r=>{if(r.includes(_.REFRESH_TOKEN)||r.includes(_.ACCESS_TOKEN)){let u=r;for(let p=0;p<d;p++){const k=i[p];if(k&&k.tokens!=null){const R=_.REFRESH_TOKEN+"_"+k.configurationName;if(r.includes(R)){u=u.replace(R,encodeURIComponent(k.tokens.refresh_token)),o=k;break}const v=_.ACCESS_TOKEN+"_"+k.configurationName;if(r.includes(v)){u=u.replace(v,encodeURIComponent(k.tokens.access_token)),o=k;break}}}const S=fetch(e,{body:u,method:c.method,headers:{...T(e.headers)},mode:c.mode,cache:c.cache,redirect:c.redirect,referrer:c.referrer,credentials:c.credentials,integrity:c.integrity});return o&&o.oidcServerConfiguration!=null&&o.oidcServerConfiguration.revocationEndpoint&&s.startsWith(o.oidcServerConfiguration.revocationEndpoint)?S.then(async p=>{const k=await p.text();return new Response(k,p)}):S.then(y(o))}else if(r.includes("code_verifier=")&&m){o=g[m],m=null;let u=r;if(o&&o.codeVerifier!=null){const S=_.CODE_VERIFIER+"_"+o.configurationName;r.includes(S)&&(u=u.replace(S,o.codeVerifier))}return fetch(e,{body:u,method:c.method,headers:{...T(e.headers)},mode:c.mode,cache:c.cache,redirect:c.redirect,referrer:c.referrer,credentials:c.credentials,integrity:c.integrity}).then(y(o))}}).then(r=>{r!==void 0?f(r):(console.log("success undefined"),a(new Error("Response is undefined inside a success")))}).catch(r=>{r!==void 0?a(r):(console.log("error undefined"),a(new Error("Response is undefined inside a error")))})});t.waitUntil(t.respondWith(l))}},C={},$=t=>{const e=t.ports[0],s=t.data,n=s.configurationName;let o=g[n];if(trustedDomains==null&&(trustedDomains={}),!o){if(C[n]===void 0){let i=trustedDomains[n];C[n]=Array.isArray(i)?!1:i.showAccessToken}g[n]={tokens:null,state:null,codeVerifier:null,oidcServerConfiguration:null,oidcConfiguration:void 0,nonce:null,status:null,configurationName:n,hideAccessToken:!C[n]},o=g[n],trustedDomains[n]||(trustedDomains[n]=[])}switch(s.type){case"clear":o.tokens=null,o.state=null,o.codeVerifier=null,o.status=s.data.status,e.postMessage({configurationName:n});return;case"init":{const i=s.data.oidcServerConfiguration;let d=trustedDomains[n];const l=Array.isArray(d)?d:d.domains;l.find(a=>a===A)||[i.tokenEndpoint,i.revocationEndpoint,i.userInfoEndpoint,i.issuer].forEach(a=>{x(l,a)}),o.oidcServerConfiguration=i,o.oidcConfiguration=s.data.oidcConfiguration;const f=s.data.where;if(f==="loginCallbackAsync"||f==="tryKeepExistingSessionAsync"?m=n:m=null,!o.tokens)e.postMessage({tokens:null,status:o.status,configurationName:n});else{const a={...o.tokens};o.hideAccessToken&&(a.access_token=_.ACCESS_TOKEN+"_"+n),a.refresh_token&&(a.refresh_token=_.REFRESH_TOKEN+"_"+n),a.idTokenPayload&&a.idTokenPayload.nonce&&o.nonce!=null&&(a.idTokenPayload.nonce=_.NONCE_TOKEN+"_"+n),e.postMessage({tokens:a,status:o.status,configurationName:n})}return}case"setState":o.state=s.data.state,e.postMessage({configurationName:n});return;case"getState":{const i=o.state;e.postMessage({configurationName:n,state:i});return}case"setCodeVerifier":o.codeVerifier=s.data.codeVerifier,e.postMessage({configurationName:n});return;case"getCodeVerifier":{e.postMessage({configurationName:n,codeVerifier:_.CODE_VERIFIER+"_"+n});return}case"setSessionState":o.sessionState=s.data.sessionState,e.postMessage({configurationName:n});return;case"getSessionState":{const i=o.sessionState;e.postMessage({configurationName:n,sessionState:i});return}case"setNonce":o.nonce=s.data.nonce,e.postMessage({configurationName:n});return;default:o.items={...s.data},e.postMessage({configurationName:n})}};E.addEventListener("install",H);E.addEventListener("activate",j);E.addEventListener("fetch",z);E.addEventListener("message",$);
1
+ "use strict";const N="OidcTrustedDomains.js",A="*",_={REFRESH_TOKEN:"REFRESH_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER",ACCESS_TOKEN:"ACCESS_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER",NONCE_TOKEN:"NONCE_SECURED_BY_OIDC_SERVICE_WORKER",CODE_VERIFIER:"CODE_VERIFIER_SECURED_BY_OIDC_SERVICE_WORKER"},w={access_token_or_id_token_invalid:"access_token_or_id_token_invalid",access_token_invalid:"access_token_invalid",id_token_invalid:"id_token_invalid"},x="/.well-known/openid-configuration";function K(n,e){if(!e)return;if(!n.find(o=>{var i;let t;return typeof o=="string"?t=new RegExp(`^${o}`):t=o,(i=t.test)==null?void 0:i.call(t,e)}))throw new Error("Domain "+e+" is not trusted, please add domain in "+N)}const D=(n,e)=>Array.isArray(n)?n:n[`${e}Domains`]??n.domains??[],M=(n,e,s)=>{var o;if(e.endsWith(x))return null;for(const[t,i]of Object.entries(n)){const d=i.oidcServerConfiguration;if(!d||d.tokenEndpoint&&e===d.tokenEndpoint||d.revocationEndpoint&&e===d.revocationEndpoint)continue;const l=s==null?[]:s[t],f=D(l,"accessToken"),a=d.userInfoEndpoint?[d.userInfoEndpoint,...f]:[...f];let c=!1;if(a.find(h=>h===A))c=!0;else for(let h=0;h<a.length;h++){let r=a[h];if(typeof r=="string"&&(r=new RegExp(`^${r}`)),(o=r.test)!=null&&o.call(r,e)){c=!0;break}}if(c)return i.tokens?i:null}return null};function U(n,e){return n.split(e).length-1}function P(n){return JSON.parse(W(n.split(".")[1].replace("-","+").replace("_","/")))}function W(n){return decodeURIComponent(Array.prototype.map.call(atob(n),e=>"%"+("00"+e.charCodeAt(0).toString(16)).slice(-2)).join(""))}function F(n,e){const s=new Date().getTime()/1e3;return Math.round(e-n-s)}function b(n){return n?F(0,n.expiresAt)>0:!1}const O=n=>{try{return n&&U(n,".")===2?P(n):null}catch(e){console.warn(e)}return null},q=(n,e,s)=>{if(n.idTokenPayload){const o=n.idTokenPayload;if(s.issuer!==o.iss)return{isValid:!1,reason:"Issuer does not match"};const t=new Date().getTime()/1e3;if(o.exp&&o.exp<t)return{isValid:!1,reason:"Token expired"};const i=60*60*24*7;if(o.iat&&o.iat+i<t)return{isValid:!1,reason:"Token is used from too long time"};if(o.nonce&&o.nonce!==e)return{isValid:!1,reason:"Nonce does not match"}}return{isValid:!0,reason:""}};function L(n,e,s){if(!n.issued_at){const u=new Date().getTime()/1e3;n.issued_at=u}const o=O(n.access_token),t={...n,accessTokenPayload:o};e.hideAccessToken&&(t.access_token=_.ACCESS_TOKEN+"_"+s),n.accessTokenPayload=o;let i=null;if(n.id_token){if(i=O(n.id_token),n.idTokenPayload={...i},i.nonce&&e.nonce!=null){const u=_.NONCE_TOKEN+"_"+e.configurationName;i.nonce=u}t.idTokenPayload=i}n.refresh_token&&(t.refresh_token=_.REFRESH_TOKEN+"_"+s);const d=i&&i.exp?i.exp:Number.MAX_VALUE,l=o&&o.exp?o.exp:n.issued_at+n.expires_in;let f;const a=e.oidcConfiguration.token_renew_mode;a===w.access_token_invalid?f=l:a===w.id_token_invalid?f=d:f=d<l?d:l,t.expiresAt=f,n.expiresAt=f;const c=e.nonce?e.nonce.nonce:null,{isValid:h,reason:r}=q(n,c,e.oidcServerConfiguration);if(!h)throw Error(`Tokens are not OpenID valid, reason: ${r}`);if(e.tokens!=null&&"refresh_token"in e.tokens&&!("refresh_token"in n)){const u=e.tokens.refresh_token;e.tokens={...n,refresh_token:u}}else e.tokens=n;return e.status="LOGGED_IN",t}function y(n){const e=n.configurationName;return s=>s.status!==200?s:s.json().then(o=>{const t=L(o,n,e),i=JSON.stringify(t);return new Response(i,s)})}function m(n){const e={};for(const s of n.keys())n.has(s)&&(e[s]=n.get(s));return e}const V=n=>new Promise(e=>setTimeout(e,n)),E=self;E.importScripts(N);const I=Math.round(new Date().getTime()/1e3).toString(),H="OidcKeepAliveServiceWorker.json",j=n=>{console.log("[OidcServiceWorker] service worker installed "+I),n.waitUntil(E.skipWaiting())},J=n=>{console.log("[OidcServiceWorker] service worker activated "+I),n.waitUntil(E.clients.claim())};let T=null;const g={default:{configurationName:"default",tokens:null,status:null,state:null,codeVerifier:null,nonce:null,oidcServerConfiguration:null,hideAccessToken:!0}},Y=(n,e)=>{const s=[];for(const[,o]of Object.entries(n))(o.oidcServerConfiguration!=null&&e.startsWith(o.oidcServerConfiguration.tokenEndpoint)||o.oidcServerConfiguration!=null&&o.oidcServerConfiguration.revocationEndpoint&&e.startsWith(o.oidcServerConfiguration.revocationEndpoint))&&s.push(o);return s},$=async n=>{const e=n.request,s=e.headers.has("oidc-vanilla"),o={status:200,statusText:"oidc-service-worker"},t=new Response("{}",o);if(!s){const i=new URL(e.url),d=Number(i.searchParams.get("minSleepSeconds"))||240;for(let l=0;l<d;l++)await V(1e3+Math.floor(Math.random()*1e3)),await(await caches.open("oidc_dummy_cache")).put(n.request,t.clone())}return t},z=async n=>{const e=n.request,s=e.url;if(e.url.includes(H)){n.respondWith($(n));return}const o=M(g,e.url,trustedDomains);if(o&&o.tokens&&o.tokens.access_token){for(;o.tokens&&!b(o.tokens);)await V(200);const l=e.mode=="navigate"?new Request(e,{headers:{...m(e.headers),authorization:"Bearer "+o.tokens.access_token}}):new Request(e,{headers:{...m(e.headers),authorization:"Bearer "+o.tokens.access_token},mode:o.oidcConfiguration.service_worker_convert_all_requests_to_cors?"cors":e.mode});n.waitUntil(n.respondWith(fetch(l)));return}if(n.request.method!=="POST")return;let t=null;const i=Y(g,e.url),d=i.length;if(d>0){const l=new Promise((f,a)=>{const c=e.clone();c.text().then(r=>{if(r.includes(_.REFRESH_TOKEN)||r.includes(_.ACCESS_TOKEN)){let u=r;for(let p=0;p<d;p++){const k=i[p];if(k&&k.tokens!=null){const R=_.REFRESH_TOKEN+"_"+k.configurationName;if(r.includes(R)){u=u.replace(R,encodeURIComponent(k.tokens.refresh_token)),t=k;break}const v=_.ACCESS_TOKEN+"_"+k.configurationName;if(r.includes(v)){u=u.replace(v,encodeURIComponent(k.tokens.access_token)),t=k;break}}}const S=fetch(e,{body:u,method:c.method,headers:{...m(e.headers)},mode:c.mode,cache:c.cache,redirect:c.redirect,referrer:c.referrer,credentials:c.credentials,integrity:c.integrity});return t&&t.oidcServerConfiguration!=null&&t.oidcServerConfiguration.revocationEndpoint&&s.startsWith(t.oidcServerConfiguration.revocationEndpoint)?S.then(async p=>{const k=await p.text();return new Response(k,p)}):S.then(y(t))}else if(r.includes("code_verifier=")&&T){t=g[T],T=null;let u=r;if(t&&t.codeVerifier!=null){const S=_.CODE_VERIFIER+"_"+t.configurationName;r.includes(S)&&(u=u.replace(S,t.codeVerifier))}return fetch(e,{body:u,method:c.method,headers:{...m(e.headers)},mode:c.mode,cache:c.cache,redirect:c.redirect,referrer:c.referrer,credentials:c.credentials,integrity:c.integrity}).then(y(t))}}).then(r=>{r!==void 0?f(r):(console.log("success undefined"),a(new Error("Response is undefined inside a success")))}).catch(r=>{r!==void 0?a(r):(console.log("error undefined"),a(new Error("Response is undefined inside a error")))})});n.waitUntil(n.respondWith(l))}},C={},G=n=>{const e=n.ports[0],s=n.data,o=s.configurationName;let t=g[o];if(trustedDomains==null&&(trustedDomains={}),!t){if(C[o]===void 0){let i=trustedDomains[o];C[o]=Array.isArray(i)?!1:i.showAccessToken}g[o]={tokens:null,state:null,codeVerifier:null,oidcServerConfiguration:null,oidcConfiguration:void 0,nonce:null,status:null,configurationName:o,hideAccessToken:!C[o]},t=g[o],trustedDomains[o]||(trustedDomains[o]=[])}switch(s.type){case"clear":t.tokens=null,t.state=null,t.codeVerifier=null,t.status=s.data.status,e.postMessage({configurationName:o});return;case"init":{const i=s.data.oidcServerConfiguration;let d=trustedDomains[o];const l=D(d,"oidc");l.find(a=>a===A)||[i.tokenEndpoint,i.revocationEndpoint,i.userInfoEndpoint,i.issuer].forEach(a=>{K(l,a)}),t.oidcServerConfiguration=i,t.oidcConfiguration=s.data.oidcConfiguration;const f=s.data.where;if(f==="loginCallbackAsync"||f==="tryKeepExistingSessionAsync"?T=o:T=null,!t.tokens)e.postMessage({tokens:null,status:t.status,configurationName:o});else{const a={...t.tokens};t.hideAccessToken&&(a.access_token=_.ACCESS_TOKEN+"_"+o),a.refresh_token&&(a.refresh_token=_.REFRESH_TOKEN+"_"+o),a.idTokenPayload&&a.idTokenPayload.nonce&&t.nonce!=null&&(a.idTokenPayload.nonce=_.NONCE_TOKEN+"_"+o),e.postMessage({tokens:a,status:t.status,configurationName:o})}return}case"setState":t.state=s.data.state,e.postMessage({configurationName:o});return;case"getState":{const i=t.state;e.postMessage({configurationName:o,state:i});return}case"setCodeVerifier":t.codeVerifier=s.data.codeVerifier,e.postMessage({configurationName:o});return;case"getCodeVerifier":{e.postMessage({configurationName:o,codeVerifier:_.CODE_VERIFIER+"_"+o});return}case"setSessionState":t.sessionState=s.data.sessionState,e.postMessage({configurationName:o});return;case"getSessionState":{const i=t.sessionState;e.postMessage({configurationName:o,sessionState:i});return}case"setNonce":t.nonce=s.data.nonce,e.postMessage({configurationName:o});return;default:t.items={...s.data},e.postMessage({configurationName:o})}};E.addEventListener("install",j);E.addEventListener("activate",J);E.addEventListener("fetch",z);E.addEventListener("message",G);
2
2
  //# sourceMappingURL=OidcServiceWorker.js.map
package/service_worker/dist/OidcServiceWorker.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"OidcServiceWorker.js","sources":["../constants.ts","../utils/domains.ts","../utils/strings.ts","../utils/tokens.ts","../utils/serializeHeaders.ts","../utils/sleep.ts","../OidcServiceWorker.ts"],"sourcesContent":["const scriptFilename = 'OidcTrustedDomains.js'; /* global trustedDomains */\nconst acceptAnyDomainToken = '*';\n\ntype TokenType = {\n readonly REFRESH_TOKEN: string;\n readonly ACCESS_TOKEN: string;\n readonly NONCE_TOKEN: string;\n readonly CODE_VERIFIER: string;\n};\n\nconst TOKEN: TokenType = {\n REFRESH_TOKEN: 'REFRESH_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER',\n ACCESS_TOKEN: 'ACCESS_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER',\n NONCE_TOKEN: 'NONCE_SECURED_BY_OIDC_SERVICE_WORKER',\n CODE_VERIFIER: 'CODE_VERIFIER_SECURED_BY_OIDC_SERVICE_WORKER',\n};\n\ntype TokenRenewModeType = {\n readonly access_token_or_id_token_invalid: string;\n readonly access_token_invalid: string;\n readonly id_token_invalid: string;\n};\n\nconst TokenRenewMode: TokenRenewModeType = {\n access_token_or_id_token_invalid: 'access_token_or_id_token_invalid',\n access_token_invalid: 'access_token_invalid',\n id_token_invalid: 'id_token_invalid',\n};\n\nconst openidWellknownUrlEndWith = '/.well-known/openid-configuration';\n\nexport { scriptFilename, acceptAnyDomainToken, TOKEN, TokenRenewMode, openidWellknownUrlEndWith };\n","import { TrustedDomains } from './../types';\nimport {\n acceptAnyDomainToken,\n openidWellknownUrlEndWith,\n scriptFilename,\n} from '../constants';\nimport { Database, Domain, OidcConfig } from '../types';\n\nfunction checkDomain(domains: Domain[], endpoint: string) {\n if (!endpoint) {\n return;\n }\n\n const domain = domains.find((domain) => {\n let testable: RegExp;\n\n if (typeof domain === 'string') {\n testable = new RegExp(`^${domain}`);\n } else {\n testable = domain;\n }\n\n return testable.test?.(endpoint);\n });\n if (!domain) {\n throw new Error(\n 'Domain ' +\n endpoint +\n ' is not trusted, please add domain in ' +\n scriptFilename\n );\n }\n}\n\nconst getCurrentDatabaseDomain = (\n database: Database,\n url: string,\n trustedDomains: TrustedDomains\n) => {\n if (url.endsWith(openidWellknownUrlEndWith)) {\n return null;\n }\n for (const [key, currentDatabase] of Object.entries<OidcConfig>(database)) {\n const oidcServerConfiguration = currentDatabase.oidcServerConfiguration;\n\n if (!oidcServerConfiguration) {\n continue;\n }\n\n if (\n oidcServerConfiguration.tokenEndpoint &&\n url === oidcServerConfiguration.tokenEndpoint\n ) {\n continue;\n }\n if (\n oidcServerConfiguration.revocationEndpoint &&\n url === oidcServerConfiguration.revocationEndpoint\n ) {\n continue;\n }\n const trustedDomain = trustedDomains == null ? [] : trustedDomains[key];\n const domains = Array.isArray(trustedDomain) ? trustedDomain : trustedDomain.domains;\n const domainsToSendTokens = oidcServerConfiguration.userInfoEndpoint\n ? [oidcServerConfiguration.userInfoEndpoint, ...domains]\n : [...domains];\n\n let hasToSendToken = false;\n if (domainsToSendTokens.find((f) => f === acceptAnyDomainToken)) {\n hasToSendToken = true;\n } else {\n for (let i = 0; i < domainsToSendTokens.length; i++) {\n let domain = domainsToSendTokens[i];\n\n if (typeof domain === 'string') {\n domain = new RegExp(`^${domain}`);\n }\n\n if (domain.test?.(url)) {\n hasToSendToken = true;\n break;\n }\n }\n }\n\n if (hasToSendToken) {\n if (!currentDatabase.tokens) {\n return null;\n }\n return currentDatabase;\n }\n }\n return null;\n};\n\nexport { checkDomain, getCurrentDatabaseDomain };\n","/**\n * Count occurances of letter in string\n * @param str\n * @param find\n * @returns\n */\nexport function countLetter(str: string, find: string) {\n return str.split(find).length - 1;\n}\n","import { TOKEN, TokenRenewMode } from '../constants';\nimport { OidcConfig, OidcConfiguration, OidcServerConfiguration, Tokens } from '../types';\nimport { countLetter } from './strings';\n\nfunction parseJwt(token: string) {\n return JSON.parse(\n b64DecodeUnicode(token.split('.')[1].replace('-', '+').replace('_', '/'))\n );\n}\nfunction b64DecodeUnicode(str: string) {\n return decodeURIComponent(\n Array.prototype.map\n .call(\n atob(str),\n (c) => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2)\n )\n .join('')\n );\n}\n\nfunction computeTimeLeft(\n refreshTimeBeforeTokensExpirationInSecond: number,\n expiresAt: number\n) {\n const currentTimeUnixSecond = new Date().getTime() / 1000;\n return Math.round(\n expiresAt -\n refreshTimeBeforeTokensExpirationInSecond -\n currentTimeUnixSecond\n );\n}\n\nfunction isTokensValid(tokens: Tokens | null) {\n if (!tokens) {\n return false;\n }\n return computeTimeLeft(0, tokens.expiresAt) > 0;\n}\n\nconst extractTokenPayload = (token?: string) => {\n try {\n if (!token) {\n return null;\n }\n if (countLetter(token, '.') === 2) {\n return parseJwt(token);\n } else {\n return null;\n }\n } catch (e) {\n console.warn(e);\n }\n return null;\n};\n\n// https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation (excluding rules #1, #4, #5, #7, #8, #12, and #13 which did not apply).\n// https://github.com/openid/AppAuth-JS/issues/65\nconst isTokensOidcValid = (\n tokens: Tokens,\n nonce: string | null,\n oidcServerConfiguration: OidcServerConfiguration\n): { isValid: boolean; reason: string } => {\n if (tokens.idTokenPayload) {\n const idTokenPayload = tokens.idTokenPayload;\n // 2: The Issuer Identifier for the OpenID Provider (which is typically obtained during Discovery) MUST exactly match the value of the iss (issuer) Claim.\n if (oidcServerConfiguration.issuer !== idTokenPayload.iss) {\n return { isValid: false, reason: 'Issuer does not match' };\n }\n // 3: The Client MUST validate that the aud (audience) Claim contains its client_id value registered at the Issuer identified by the iss (issuer) Claim as an audience. The aud (audience) Claim MAY contain an array with more than one element. The ID Token MUST be rejected if the ID Token does not list the Client as a valid audience, or if it contains additional audiences not trusted by the Client.\n\n // 6: If the ID Token is received via direct communication between the Client and the Token Endpoint (which it is in this flow), the TLS server validation MAY be used to validate the issuer in place of checking the token signature. The Client MUST validate the signature of all other ID Tokens according to JWS [JWS] using the algorithm specified in the JWT alg Header Parameter. The Client MUST use the keys provided by the Issuer.\n\n // 9: The current time MUST be before the time represented by the exp Claim.\n const currentTimeUnixSecond = new Date().getTime() / 1000;\n if (idTokenPayload.exp && idTokenPayload.exp < currentTimeUnixSecond) {\n return { isValid: false, reason: 'Token expired' };\n }\n // 10: The iat Claim can be used to reject tokens that were issued too far away from the current time, limiting the amount of time that nonces need to be stored to prevent attacks. The acceptable range is Client specific.\n const timeInSevenDays = 60 * 60 * 24 * 7;\n if (\n idTokenPayload.iat &&\n idTokenPayload.iat + timeInSevenDays < currentTimeUnixSecond\n ) {\n return { isValid: false, reason: 'Token is used from too long time' };\n }\n // 11: If a nonce value was sent in the Authentication Request, a nonce Claim MUST be present and its value checked to verify that it is the same value as the one that was sent in the Authentication Request. The Client SHOULD check the nonce value for replay attacks. The precise method for detecting replay attacks is Client specific.\n if (idTokenPayload.nonce && idTokenPayload.nonce !== nonce) {\n return { isValid: false, reason: 'Nonce does not match' };\n }\n }\n return { isValid: true, reason: '' };\n};\n\nfunction _hideTokens(tokens: Tokens, currentDatabaseElement: OidcConfig, configurationName: string) {\n if (!tokens.issued_at) {\n const currentTimeUnixSecond = new Date().getTime() / 1000;\n tokens.issued_at = currentTimeUnixSecond;\n }\n\n const accessTokenPayload = extractTokenPayload(tokens.access_token);\n const secureTokens = {\n ...tokens,\n accessTokenPayload,\n };\n if (currentDatabaseElement.hideAccessToken) {\n secureTokens.access_token = TOKEN.ACCESS_TOKEN + '_' + configurationName;\n }\n tokens.accessTokenPayload = accessTokenPayload;\n\n let _idTokenPayload = null;\n if (tokens.id_token) {\n _idTokenPayload = extractTokenPayload(tokens.id_token);\n tokens.idTokenPayload = {..._idTokenPayload};\n if (_idTokenPayload.nonce && currentDatabaseElement.nonce != null) {\n const keyNonce =\n TOKEN.NONCE_TOKEN + '_' + currentDatabaseElement.configurationName;\n _idTokenPayload.nonce = keyNonce;\n }\n secureTokens.idTokenPayload = _idTokenPayload;\n }\n if (tokens.refresh_token) {\n secureTokens.refresh_token =\n TOKEN.REFRESH_TOKEN + '_' + configurationName;\n }\n\n const idTokenExpiresAt =\n _idTokenPayload && _idTokenPayload.exp\n ? _idTokenPayload.exp\n : Number.MAX_VALUE;\n const accessTokenExpiresAt =\n accessTokenPayload && accessTokenPayload.exp\n ? accessTokenPayload.exp\n : tokens.issued_at + tokens.expires_in;\n\n let expiresAt: number;\n const tokenRenewMode = (\n currentDatabaseElement.oidcConfiguration as OidcConfiguration\n ).token_renew_mode;\n if (tokenRenewMode === TokenRenewMode.access_token_invalid) {\n expiresAt = accessTokenExpiresAt;\n } else if (tokenRenewMode === TokenRenewMode.id_token_invalid) {\n expiresAt = idTokenExpiresAt;\n } else {\n expiresAt =\n idTokenExpiresAt < accessTokenExpiresAt\n ? idTokenExpiresAt\n : accessTokenExpiresAt;\n }\n secureTokens.expiresAt = expiresAt;\n\n tokens.expiresAt = expiresAt;\n const nonce = currentDatabaseElement.nonce\n ? currentDatabaseElement.nonce.nonce\n : null;\n const {isValid, reason} = isTokensOidcValid(\n tokens,\n nonce,\n currentDatabaseElement.oidcServerConfiguration as OidcServerConfiguration\n ); //TODO: Type assertion, could be null.\n if (!isValid) {\n throw Error(`Tokens are not OpenID valid, reason: ${reason}`);\n }\n\n // When refresh_token is not rotated we reuse ald refresh_token\n if (\n currentDatabaseElement.tokens != null &&\n 'refresh_token' in currentDatabaseElement.tokens &&\n !('refresh_token' in tokens)\n ) {\n const refreshToken = currentDatabaseElement.tokens.refresh_token;\n\n currentDatabaseElement.tokens = {\n ...tokens,\n refresh_token: refreshToken,\n };\n } else {\n currentDatabaseElement.tokens = tokens;\n }\n\n currentDatabaseElement.status = 'LOGGED_IN';\n return secureTokens;\n}\n\nfunction hideTokens(currentDatabaseElement: OidcConfig) {\n const configurationName = currentDatabaseElement.configurationName;\n return (response: Response) => {\n if (response.status !== 200) {\n return response;\n }\n return response.json().then<Response>((tokens: Tokens) => {\n const secureTokens = _hideTokens(tokens, currentDatabaseElement, configurationName);\n const body = JSON.stringify(secureTokens);\n return new Response(body, response);\n });\n };\n}\n\nexport {\n b64DecodeUnicode,\n computeTimeLeft,\n isTokensValid,\n extractTokenPayload,\n isTokensOidcValid,\n hideTokens,\n _hideTokens\n};\n","import { FetchHeaders } from '../types';\n\nfunction serializeHeaders(headers: Headers) {\n const headersObj: Record<string, string> = {};\n for (const key of (headers as FetchHeaders).keys()) {\n if (headers.has(key)) {\n headersObj[key] = headers.get(key) as string;\n }\n }\n return headersObj;\n}\nexport {serializeHeaders};","const sleep = (ms: number) => new Promise((resolve) => setTimeout(resolve, ms));\nexport { sleep };\n","import { acceptAnyDomainToken, TOKEN, scriptFilename } from './constants';\nimport {\n TrustedDomains,\n Database,\n OidcConfig,\n OidcConfiguration,\n MessageEventData,\n // TrustedDomainsShowAccessToken,\n} from './types';\nimport {\n checkDomain,\n getCurrentDatabaseDomain,\n hideTokens,\n isTokensValid,\n serializeHeaders,\n sleep,\n} from './utils';\n\nconst _self = self as ServiceWorkerGlobalScope & typeof globalThis;\n\ndeclare let trustedDomains: TrustedDomains;\n\n_self.importScripts(scriptFilename);\n\nconst id = Math.round(new Date().getTime() / 1000).toString();\n\nconst keepAliveJsonFilename = 'OidcKeepAliveServiceWorker.json';\nconst handleInstall = (event: ExtendableEvent) => {\n console.log('[OidcServiceWorker] service worker installed ' + id);\n event.waitUntil(_self.skipWaiting());\n};\n\nconst handleActivate = (event: ExtendableEvent) => {\n console.log('[OidcServiceWorker] service worker activated ' + id);\n event.waitUntil(_self.clients.claim());\n};\n\nlet currentLoginCallbackConfigurationName: string | null = null;\nconst database: Database = {\n default: {\n configurationName: 'default',\n tokens: null,\n status: null,\n state: null,\n codeVerifier: null,\n nonce: null,\n oidcServerConfiguration: null,\n hideAccessToken: true,\n },\n};\n\nconst getCurrentDatabasesTokenEndpoint = (database: Database, url: string) => {\n const databases: OidcConfig[] = [];\n for (const [, value] of Object.entries<OidcConfig>(database)) {\n if (\n value.oidcServerConfiguration != null &&\n url.startsWith(value.oidcServerConfiguration.tokenEndpoint)\n ) {\n databases.push(value);\n } else if (\n value.oidcServerConfiguration != null &&\n value.oidcServerConfiguration.revocationEndpoint &&\n url.startsWith(value.oidcServerConfiguration.revocationEndpoint)\n ) {\n databases.push(value);\n }\n }\n return databases;\n};\n\nconst keepAliveAsync = async (event: FetchEvent) => {\n const originalRequest = event.request;\n const isFromVanilla = originalRequest.headers.has('oidc-vanilla');\n const init = { status: 200, statusText: 'oidc-service-worker' };\n const response = new Response('{}', init);\n if (!isFromVanilla) {\n const originalRequestUrl = new URL(originalRequest.url);\n const minSleepSeconds = Number(originalRequestUrl.searchParams.get('minSleepSeconds')) || 240;\n for (let i = 0; i < minSleepSeconds; i++) {\n await sleep(1000 + Math.floor(Math.random() * 1000));\n const cache = await caches.open('oidc_dummy_cache');\n await cache.put(event.request, response.clone());\n }\n }\n return response;\n};\n\nconst handleFetch = async (event: FetchEvent) => {\n const originalRequest = event.request;\n const url = originalRequest.url;\n if (originalRequest.url.includes(keepAliveJsonFilename)) {\n event.respondWith(keepAliveAsync(event));\n return;\n }\n\n const currentDatabaseForRequestAccessToken = getCurrentDatabaseDomain(\n database,\n originalRequest.url,\n trustedDomains\n );\n if (\n currentDatabaseForRequestAccessToken &&\n currentDatabaseForRequestAccessToken.tokens &&\n currentDatabaseForRequestAccessToken.tokens.access_token\n ) {\n while (\n currentDatabaseForRequestAccessToken.tokens &&\n !isTokensValid(currentDatabaseForRequestAccessToken.tokens)\n ) {\n await sleep(200);\n }\n const newRequest =\n originalRequest.mode == 'navigate'\n ? new Request(originalRequest, {\n headers: {\n ...serializeHeaders(originalRequest.headers),\n authorization:\n 'Bearer ' +\n currentDatabaseForRequestAccessToken.tokens.access_token,\n },\n })\n : new Request(originalRequest, {\n headers: {\n ...serializeHeaders(originalRequest.headers),\n authorization:\n 'Bearer ' +\n currentDatabaseForRequestAccessToken.tokens.access_token,\n },\n mode: (\n currentDatabaseForRequestAccessToken.oidcConfiguration as OidcConfiguration\n ).service_worker_convert_all_requests_to_cors\n ? 'cors'\n : originalRequest.mode,\n });\n\n //@ts-ignore -- TODO: review, waitUntil takes a promise, this returns a void\n event.waitUntil(event.respondWith(fetch(newRequest)));\n\n return;\n }\n\n if (event.request.method !== 'POST') {\n return;\n }\n\n let currentDatabase: OidcConfig | null = null;\n const currentDatabases = getCurrentDatabasesTokenEndpoint(\n database,\n originalRequest.url\n );\n const numberDatabase = currentDatabases.length;\n if (numberDatabase > 0) {\n const maPromesse = new Promise<Response>((resolve, reject) => {\n const clonedRequest = originalRequest.clone();\n const response = clonedRequest.text().then((actualBody) => {\n if (\n actualBody.includes(TOKEN.REFRESH_TOKEN) ||\n actualBody.includes(TOKEN.ACCESS_TOKEN)\n ) {\n let newBody = actualBody;\n for (let i = 0; i < numberDatabase; i++) {\n const currentDb = currentDatabases[i];\n\n if (currentDb && currentDb.tokens != null) {\n const keyRefreshToken =\n TOKEN.REFRESH_TOKEN + '_' + currentDb.configurationName;\n if (actualBody.includes(keyRefreshToken)) {\n newBody = newBody.replace(\n keyRefreshToken,\n encodeURIComponent(currentDb.tokens.refresh_token as string)\n );\n currentDatabase = currentDb;\n break;\n }\n const keyAccessToken =\n TOKEN.ACCESS_TOKEN + '_' + currentDb.configurationName;\n if (actualBody.includes(keyAccessToken)) {\n newBody = newBody.replace(\n keyAccessToken,\n encodeURIComponent(currentDb.tokens.access_token)\n );\n currentDatabase = currentDb;\n break;\n }\n }\n }\n const fetchPromise = fetch(originalRequest, {\n body: newBody,\n method: clonedRequest.method,\n headers: {\n ...serializeHeaders(originalRequest.headers),\n },\n mode: clonedRequest.mode,\n cache: clonedRequest.cache,\n redirect: clonedRequest.redirect,\n referrer: clonedRequest.referrer,\n credentials: clonedRequest.credentials,\n integrity: clonedRequest.integrity,\n });\n\n if (\n currentDatabase &&\n currentDatabase.oidcServerConfiguration != null &&\n currentDatabase.oidcServerConfiguration.revocationEndpoint &&\n url.startsWith(\n currentDatabase.oidcServerConfiguration.revocationEndpoint\n )\n ) {\n return fetchPromise.then(async (response) => {\n const text = await response.text();\n return new Response(text, response);\n });\n }\n return fetchPromise.then(hideTokens(currentDatabase as OidcConfig)); //todo type assertion to OidcConfig but could be null, NEEDS REVIEW\n } else if (\n actualBody.includes('code_verifier=') &&\n currentLoginCallbackConfigurationName\n ) {\n currentDatabase = database[currentLoginCallbackConfigurationName];\n currentLoginCallbackConfigurationName = null;\n let newBody = actualBody;\n if (currentDatabase && currentDatabase.codeVerifier != null) {\n const keyCodeVerifier =\n TOKEN.CODE_VERIFIER + '_' + currentDatabase.configurationName;\n if (actualBody.includes(keyCodeVerifier)) {\n newBody = newBody.replace(\n keyCodeVerifier,\n currentDatabase.codeVerifier\n );\n }\n }\n\n return fetch(originalRequest, {\n body: newBody,\n method: clonedRequest.method,\n headers: {\n ...serializeHeaders(originalRequest.headers),\n },\n mode: clonedRequest.mode,\n cache: clonedRequest.cache,\n redirect: clonedRequest.redirect,\n referrer: clonedRequest.referrer,\n credentials: clonedRequest.credentials,\n integrity: clonedRequest.integrity,\n }).then(hideTokens(currentDatabase));\n }\n return undefined;\n });\n response\n .then((r) => {\n if (r !== undefined) {\n resolve(r);\n } else {\n console.log('success undefined');\n reject(new Error('Response is undefined inside a success'));\n }\n })\n .catch((err) => {\n if (err !== undefined) {\n reject(err);\n } else {\n console.log('error undefined');\n reject(new Error('Response is undefined inside a error'));\n }\n });\n });\n\n //@ts-ignore -- TODO: review, waitUntil takes a promise, this returns a void\n event.waitUntil(event.respondWith(maPromesse));\n }\n};\n\ntype TrustedDomainsShowAccessToken = {\n [key: string]: boolean\n}\n\nconst trustedDomainsShowAccessToken: TrustedDomainsShowAccessToken = {};\n\nconst handleMessage = (event: ExtendableMessageEvent) => {\n const port = event.ports[0];\n const data = event.data as MessageEventData;\n const configurationName = data.configurationName;\n let currentDatabase = database[configurationName];\n if(trustedDomains== null){\n trustedDomains = {};\n }\n if (!currentDatabase) {\n \n if (trustedDomainsShowAccessToken[configurationName] === undefined) {\n let trustedDomain = trustedDomains[configurationName];\n trustedDomainsShowAccessToken[configurationName] = Array.isArray(trustedDomain) ? false : trustedDomain.showAccessToken;\n }\n database[configurationName] = {\n tokens: null,\n state: null,\n codeVerifier: null,\n oidcServerConfiguration: null,\n oidcConfiguration: undefined,\n nonce: null,\n status: null,\n configurationName,\n hideAccessToken: !trustedDomainsShowAccessToken[configurationName],\n };\n currentDatabase = database[configurationName];\n \n if (!trustedDomains[configurationName]) {\n trustedDomains[configurationName] = [];\n }\n }\n\n switch (data.type) {\n case 'clear':\n currentDatabase.tokens = null;\n currentDatabase.state = null;\n currentDatabase.codeVerifier = null;\n currentDatabase.status = data.data.status;\n port.postMessage({ configurationName });\n return;\n case 'init': {\n const oidcServerConfiguration = data.data.oidcServerConfiguration;\n let trustedDomain = trustedDomains[configurationName];\n \n const domains = Array.isArray(trustedDomain) ? trustedDomain : trustedDomain.domains;\n if (!domains.find((f) => f === acceptAnyDomainToken)) {\n [\n oidcServerConfiguration.tokenEndpoint,\n oidcServerConfiguration.revocationEndpoint,\n oidcServerConfiguration.userInfoEndpoint,\n oidcServerConfiguration.issuer,\n ].forEach((url) => {\n checkDomain(domains, url);\n });\n }\n currentDatabase.oidcServerConfiguration = oidcServerConfiguration;\n currentDatabase.oidcConfiguration = data.data.oidcConfiguration;\n const where = data.data.where;\n if (\n where === 'loginCallbackAsync' ||\n where === 'tryKeepExistingSessionAsync'\n ) {\n currentLoginCallbackConfigurationName = configurationName;\n } else {\n currentLoginCallbackConfigurationName = null;\n }\n\n if (!currentDatabase.tokens) {\n port.postMessage({\n tokens: null,\n status: currentDatabase.status,\n configurationName,\n });\n } else {\n const tokens = {\n ...currentDatabase.tokens,\n };\n if(currentDatabase.hideAccessToken) {\n tokens.access_token = TOKEN.ACCESS_TOKEN + '_' + configurationName;\n }\n if (tokens.refresh_token) {\n tokens.refresh_token = TOKEN.REFRESH_TOKEN + '_' + configurationName;\n }\n if (\n tokens.idTokenPayload &&\n tokens.idTokenPayload.nonce &&\n currentDatabase.nonce != null\n ) {\n tokens.idTokenPayload.nonce =\n TOKEN.NONCE_TOKEN + '_' + configurationName;\n }\n port.postMessage({\n tokens,\n status: currentDatabase.status,\n configurationName,\n });\n }\n return;\n }\n case 'setState':\n currentDatabase.state = data.data.state;\n port.postMessage({ configurationName });\n return;\n case 'getState': {\n const state = currentDatabase.state;\n port.postMessage({ configurationName, state });\n return;\n }\n case 'setCodeVerifier':\n currentDatabase.codeVerifier = data.data.codeVerifier;\n port.postMessage({ configurationName });\n return;\n case 'getCodeVerifier': {\n port.postMessage({\n configurationName,\n codeVerifier: TOKEN.CODE_VERIFIER + '_' + configurationName,\n });\n return;\n }\n case 'setSessionState':\n currentDatabase.sessionState = data.data.sessionState;\n port.postMessage({ configurationName });\n return;\n case 'getSessionState': {\n const sessionState = currentDatabase.sessionState;\n port.postMessage({ configurationName, sessionState });\n return;\n }\n case 'setNonce':\n currentDatabase.nonce = data.data.nonce;\n port.postMessage({ configurationName });\n return;\n default:\n currentDatabase.items = { ...data.data };\n port.postMessage({ configurationName });\n }\n};\n\n_self.addEventListener('install', handleInstall);\n_self.addEventListener('activate', handleActivate);\n_self.addEventListener('fetch', handleFetch);\n_self.addEventListener('message', handleMessage);\n"],"names":["scriptFilename","acceptAnyDomainToken","TOKEN","TokenRenewMode","openidWellknownUrlEndWith","checkDomain","domains","endpoint","domain","testable","_a","getCurrentDatabaseDomain","database","url","trustedDomains","key","currentDatabase","oidcServerConfiguration","trustedDomain","domainsToSendTokens","hasToSendToken","f","i","countLetter","str","find","parseJwt","token","b64DecodeUnicode","c","computeTimeLeft","refreshTimeBeforeTokensExpirationInSecond","expiresAt","currentTimeUnixSecond","isTokensValid","tokens","extractTokenPayload","isTokensOidcValid","nonce","idTokenPayload","timeInSevenDays","_hideTokens","currentDatabaseElement","configurationName","accessTokenPayload","secureTokens","_idTokenPayload","keyNonce","idTokenExpiresAt","accessTokenExpiresAt","tokenRenewMode","isValid","reason","refreshToken","hideTokens","response","body","serializeHeaders","headers","headersObj","sleep","ms","resolve","_self","id","keepAliveJsonFilename","handleInstall","event","handleActivate","currentLoginCallbackConfigurationName","getCurrentDatabasesTokenEndpoint","databases","value","keepAliveAsync","originalRequest","isFromVanilla","init","originalRequestUrl","minSleepSeconds","handleFetch","currentDatabaseForRequestAccessToken","newRequest","currentDatabases","numberDatabase","maPromesse","reject","clonedRequest","actualBody","newBody","currentDb","keyRefreshToken","keyAccessToken","fetchPromise","text","keyCodeVerifier","err","trustedDomainsShowAccessToken","handleMessage","port","data","where","state","sessionState"],"mappings":"aAAA,MAAMA,EAAiB,wBACjBC,EAAuB,IASvBC,EAAmB,CACvB,cAAe,+CACf,aAAc,8CACd,YAAa,uCACb,cAAe,8CACjB,EAQMC,EAAqC,CACzC,iCAAkC,mCAClC,qBAAsB,uBACtB,iBAAkB,kBACpB,EAEMC,EAA4B,oCCrBlC,SAASC,EAAYC,EAAmBC,EAAkB,CACxD,GAAI,CAACA,EACH,OAcF,GAAI,CAXWD,EAAQ,KAAME,GAAW,OAClC,IAAAC,EAEA,OAAA,OAAOD,GAAW,SACTC,EAAA,IAAI,OAAO,IAAID,GAAQ,EAEvBA,EAAAA,GAGNE,EAAAD,EAAS,OAAT,YAAAC,EAAA,KAAAD,EAAgBF,EAAQ,CAChC,EAEC,MAAM,IAAI,MACR,UACEA,EACA,yCACAP,CAAA,CAGR,CAEA,MAAMW,EAA2B,CAC/BC,EACAC,EACAC,IACG,OACC,GAAAD,EAAI,SAAST,CAAyB,EACjC,OAAA,KAET,SAAW,CAACW,EAAKC,CAAe,IAAK,OAAO,QAAoBJ,CAAQ,EAAG,CACzE,MAAMK,EAA0BD,EAAgB,wBAYhD,GAVI,CAACC,GAKHA,EAAwB,eACxBJ,IAAQI,EAAwB,eAKhCA,EAAwB,oBACxBJ,IAAQI,EAAwB,mBAEhC,SAEF,MAAMC,EAAgBJ,GAAkB,KAAO,CAAA,EAAKA,EAAeC,CAAG,EAChET,EAAU,MAAM,QAAQY,CAAa,EAAIA,EAAgBA,EAAc,QACvEC,EAAsBF,EAAwB,iBAChD,CAACA,EAAwB,iBAAkB,GAAGX,CAAO,EACrD,CAAC,GAAGA,CAAO,EAEf,IAAIc,EAAiB,GACrB,GAAID,EAAoB,KAAME,GAAMA,IAAMpB,CAAoB,EAC3CmB,EAAA,OAEjB,SAASE,EAAI,EAAGA,EAAIH,EAAoB,OAAQG,IAAK,CAC/C,IAAAd,EAASW,EAAoBG,CAAC,EAM9B,GAJA,OAAOd,GAAW,WACXA,EAAA,IAAI,OAAO,IAAIA,GAAQ,IAG9BE,EAAAF,EAAO,OAAP,MAAAE,EAAA,KAAAF,EAAcK,GAAM,CACLO,EAAA,GACjB,OAKN,GAAIA,EACE,OAACJ,EAAgB,OAGdA,EAFE,KAKN,OAAA,IACT,ECvFgB,SAAAO,EAAYC,EAAaC,EAAc,CACrD,OAAOD,EAAI,MAAMC,CAAI,EAAE,OAAS,CAClC,CCJA,SAASC,EAASC,EAAe,CAC/B,OAAO,KAAK,MACVC,EAAiBD,EAAM,MAAM,GAAG,EAAE,CAAC,EAAE,QAAQ,IAAK,GAAG,EAAE,QAAQ,IAAK,GAAG,CAAC,CAAA,CAE5E,CACA,SAASC,EAAiBJ,EAAa,CAC9B,OAAA,mBACL,MAAM,UAAU,IACb,KACC,KAAKA,CAAG,EACPK,GAAM,KAAO,KAAOA,EAAE,WAAW,CAAC,EAAE,SAAS,EAAE,GAAG,MAAM,EAAE,CAAA,EAE5D,KAAK,EAAE,CAAA,CAEd,CAEA,SAASC,EACPC,EACAC,EACA,CACA,MAAMC,EAAwB,IAAI,KAAK,EAAE,UAAY,IACrD,OAAO,KAAK,MACVD,EACED,EACAE,CAAA,CAEN,CAEA,SAASC,EAAcC,EAAuB,CAC5C,OAAKA,EAGEL,EAAgB,EAAGK,EAAO,SAAS,EAAI,EAFrC,EAGX,CAEA,MAAMC,EAAuBT,GAAmB,CAC1C,GAAA,CACF,OAAKA,GAGDJ,EAAYI,EAAO,GAAG,IAAM,EACvBD,EAASC,CAAK,EAHd,WAOF,GACP,QAAQ,KAAK,CAAC,CAChB,CACO,OAAA,IACT,EAIMU,EAAoB,CACxBF,EACAG,EACArB,IACyC,CACzC,GAAIkB,EAAO,eAAgB,CACzB,MAAMI,EAAiBJ,EAAO,eAE1B,GAAAlB,EAAwB,SAAWsB,EAAe,IACpD,MAAO,CAAE,QAAS,GAAO,OAAQ,uBAAwB,EAO3D,MAAMN,EAAwB,IAAI,KAAK,EAAE,UAAY,IACrD,GAAIM,EAAe,KAAOA,EAAe,IAAMN,EAC7C,MAAO,CAAE,QAAS,GAAO,OAAQ,eAAgB,EAG7C,MAAAO,EAAkB,GAAK,GAAK,GAAK,EACvC,GACED,EAAe,KACfA,EAAe,IAAMC,EAAkBP,EAEvC,MAAO,CAAE,QAAS,GAAO,OAAQ,kCAAmC,EAGtE,GAAIM,EAAe,OAASA,EAAe,QAAUD,EACnD,MAAO,CAAE,QAAS,GAAO,OAAQ,sBAAuB,EAG5D,MAAO,CAAE,QAAS,GAAM,OAAQ,EAAG,CACrC,EAEA,SAASG,EAAYN,EAAgBO,EAAoCC,EAA2B,CAC9F,GAAA,CAACR,EAAO,UAAW,CACrB,MAAMF,EAAwB,IAAI,KAAK,EAAE,UAAY,IACrDE,EAAO,UAAYF,EAGf,MAAAW,EAAqBR,EAAoBD,EAAO,YAAY,EAC5DU,EAAe,CACnB,GAAGV,EACH,mBAAAS,CAAA,EAEEF,EAAuB,kBACZG,EAAA,aAAe3C,EAAM,aAAe,IAAMyC,GAEzDR,EAAO,mBAAqBS,EAE5B,IAAIE,EAAkB,KACtB,GAAIX,EAAO,SAAU,CAGnB,GAFkBW,EAAAV,EAAoBD,EAAO,QAAQ,EAC9CA,EAAA,eAAiB,CAAC,GAAGW,GACxBA,EAAgB,OAASJ,EAAuB,OAAS,KAAM,CACjE,MAAMK,EACF7C,EAAM,YAAc,IAAMwC,EAAuB,kBACrDI,EAAgB,MAAQC,EAE1BF,EAAa,eAAiBC,EAE5BX,EAAO,gBACIU,EAAA,cACT3C,EAAM,cAAgB,IAAMyC,GAGlC,MAAMK,EACFF,GAAmBA,EAAgB,IAC7BA,EAAgB,IAChB,OAAO,UACXG,EACFL,GAAsBA,EAAmB,IACnCA,EAAmB,IACnBT,EAAO,UAAYA,EAAO,WAEhC,IAAAH,EACE,MAAAkB,EACFR,EAAuB,kBACzB,iBACEQ,IAAmB/C,EAAe,qBACxB6B,EAAAiB,EACHC,IAAmB/C,EAAe,iBAC/B6B,EAAAgB,EAGRhB,EAAAgB,EAAmBC,EACbD,EACAC,EAEZJ,EAAa,UAAYb,EAEzBG,EAAO,UAAYH,EACnB,MAAMM,EAAQI,EAAuB,MAC/BA,EAAuB,MAAM,MAC7B,KACA,CAAC,QAAAS,EAAS,OAAAC,CAAA,EAAUf,EACtBF,EACAG,EACAI,EAAuB,uBAAA,EAE3B,GAAI,CAACS,EACG,MAAA,MAAM,wCAAwCC,GAAQ,EAK1D,GAAAV,EAAuB,QAAU,MACjC,kBAAmBA,EAAuB,QAC1C,EAAE,kBAAmBP,GACvB,CACM,MAAAkB,EAAeX,EAAuB,OAAO,cAEnDA,EAAuB,OAAS,CAC9B,GAAGP,EACH,cAAekB,CAAA,OAGjBX,EAAuB,OAASP,EAGlC,OAAAO,EAAuB,OAAS,YACzBG,CACT,CAEA,SAASS,EAAWZ,EAAoC,CACtD,MAAMC,EAAoBD,EAAuB,kBACjD,OAAQa,GACFA,EAAS,SAAW,IACfA,EAEFA,EAAS,KAAA,EAAO,KAAgBpB,GAAmB,CACxD,MAAMU,EAAeJ,EAAYN,EAAQO,EAAwBC,CAAiB,EAC5Ea,EAAO,KAAK,UAAUX,CAAY,EACjC,OAAA,IAAI,SAASW,EAAMD,CAAQ,CAAA,CACnC,CAEL,CCjMA,SAASE,EAAiBC,EAAkB,CAC1C,MAAMC,EAAqC,CAAA,EAChC,UAAA5C,KAAQ2C,EAAyB,OACtCA,EAAQ,IAAI3C,CAAG,IACjB4C,EAAW5C,CAAG,EAAI2C,EAAQ,IAAI3C,CAAG,GAG9B,OAAA4C,CACT,CCVA,MAAMC,EAASC,GAAe,IAAI,QAASC,GAAY,WAAWA,EAASD,CAAE,CAAC,ECkBxEE,EAAQ,KAIdA,EAAM,cAAc/D,CAAc,EAElC,MAAMgE,EAAK,KAAK,MAAU,IAAA,OAAO,UAAY,GAAI,EAAE,WAE7CC,EAAwB,kCACxBC,EAAiBC,GAA2B,CACxC,QAAA,IAAI,gDAAkDH,CAAE,EAC1DG,EAAA,UAAUJ,EAAM,YAAa,CAAA,CACrC,EAEMK,EAAkBD,GAA2B,CACzC,QAAA,IAAI,gDAAkDH,CAAE,EAChEG,EAAM,UAAUJ,EAAM,QAAQ,MAAO,CAAA,CACvC,EAEA,IAAIM,EAAuD,KAC3D,MAAMzD,EAAqB,CACzB,QAAS,CACP,kBAAmB,UACnB,OAAQ,KACR,OAAQ,KACR,MAAO,KACP,aAAc,KACd,MAAO,KACP,wBAAyB,KACzB,gBAAiB,EACnB,CACF,EAEM0D,EAAmC,CAAC1D,EAAoBC,IAAgB,CAC5E,MAAM0D,EAA0B,CAAA,EAChC,SAAW,CAAG,CAAAC,CAAK,IAAK,OAAO,QAAoB5D,CAAQ,GAEvD4D,EAAM,yBAA2B,MACjC3D,EAAI,WAAW2D,EAAM,wBAAwB,aAAa,GAI1DA,EAAM,yBAA2B,MACjCA,EAAM,wBAAwB,oBAC9B3D,EAAI,WAAW2D,EAAM,wBAAwB,kBAAkB,IAE/DD,EAAU,KAAKC,CAAK,EAGjB,OAAAD,CACT,EAEME,EAAiB,MAAON,GAAsB,CAClD,MAAMO,EAAkBP,EAAM,QACxBQ,EAAgBD,EAAgB,QAAQ,IAAI,cAAc,EAC1DE,EAAO,CAAE,OAAQ,IAAK,WAAY,qBAAsB,EACxDrB,EAAW,IAAI,SAAS,KAAMqB,CAAI,EACxC,GAAI,CAACD,EAAe,CAClB,MAAME,EAAqB,IAAI,IAAIH,EAAgB,GAAG,EAChDI,EAAkB,OAAOD,EAAmB,aAAa,IAAI,iBAAiB,CAAC,GAAK,IAC1F,QAASvD,EAAI,EAAGA,EAAIwD,EAAiBxD,IAC7B,MAAAsC,EAAM,IAAO,KAAK,MAAM,KAAK,OAAO,EAAI,GAAI,CAAC,EAEnD,MADc,MAAM,OAAO,KAAK,kBAAkB,GACtC,IAAIO,EAAM,QAASZ,EAAS,OAAO,EAG5C,OAAAA,CACT,EAEMwB,EAAc,MAAOZ,GAAsB,CAC/C,MAAMO,EAAkBP,EAAM,QACxBtD,EAAM6D,EAAgB,IAC5B,GAAIA,EAAgB,IAAI,SAAST,CAAqB,EAAG,CACjDE,EAAA,YAAYM,EAAeN,CAAK,CAAC,EACvC,OAGF,MAAMa,EAAuCrE,EAC3CC,EACA8D,EAAgB,IAChB,cAAA,EAEF,GACEM,GACAA,EAAqC,QACrCA,EAAqC,OAAO,aAC5C,CACA,KACEA,EAAqC,QACrC,CAAC9C,EAAc8C,EAAqC,MAAM,GAE1D,MAAMpB,EAAM,GAAG,EAEjB,MAAMqB,EACJP,EAAgB,MAAQ,WACpB,IAAI,QAAQA,EAAiB,CAC3B,QAAS,CACP,GAAGjB,EAAiBiB,EAAgB,OAAO,EAC3C,cACE,UACAM,EAAqC,OAAO,YAChD,CAAA,CACD,EACD,IAAI,QAAQN,EAAiB,CAC3B,QAAS,CACP,GAAGjB,EAAiBiB,EAAgB,OAAO,EAC3C,cACE,UACAM,EAAqC,OAAO,YAChD,EACA,KACEA,EAAqC,kBACrC,4CACE,OACAN,EAAgB,IAAA,CACrB,EAGPP,EAAM,UAAUA,EAAM,YAAY,MAAMc,CAAU,CAAC,CAAC,EAEpD,OAGE,GAAAd,EAAM,QAAQ,SAAW,OAC3B,OAGF,IAAInD,EAAqC,KACzC,MAAMkE,EAAmBZ,EACvB1D,EACA8D,EAAgB,GAAA,EAEZS,EAAiBD,EAAiB,OACxC,GAAIC,EAAiB,EAAG,CACtB,MAAMC,EAAa,IAAI,QAAkB,CAACtB,EAASuB,IAAW,CACtD,MAAAC,EAAgBZ,EAAgB,QACrBY,EAAc,KAAO,EAAA,KAAMC,GAAe,CAEvD,GAAAA,EAAW,SAASrF,EAAM,aAAa,GACvCqF,EAAW,SAASrF,EAAM,YAAY,EACtC,CACA,IAAIsF,EAAUD,EACd,QAASjE,EAAI,EAAGA,EAAI6D,EAAgB7D,IAAK,CACjC,MAAAmE,EAAYP,EAAiB5D,CAAC,EAEhC,GAAAmE,GAAaA,EAAU,QAAU,KAAM,CACzC,MAAMC,EACJxF,EAAM,cAAgB,IAAMuF,EAAU,kBACpC,GAAAF,EAAW,SAASG,CAAe,EAAG,CACxCF,EAAUA,EAAQ,QAChBE,EACA,mBAAmBD,EAAU,OAAO,aAAuB,CAAA,EAE3CzE,EAAAyE,EAClB,MAEF,MAAME,EACJzF,EAAM,aAAe,IAAMuF,EAAU,kBACnC,GAAAF,EAAW,SAASI,CAAc,EAAG,CACvCH,EAAUA,EAAQ,QAChBG,EACA,mBAAmBF,EAAU,OAAO,YAAY,CAAA,EAEhCzE,EAAAyE,EAClB,QAIA,MAAAG,EAAe,MAAMlB,EAAiB,CAC1C,KAAMc,EACN,OAAQF,EAAc,OACtB,QAAS,CACP,GAAG7B,EAAiBiB,EAAgB,OAAO,CAC7C,EACA,KAAMY,EAAc,KACpB,MAAOA,EAAc,MACrB,SAAUA,EAAc,SACxB,SAAUA,EAAc,SACxB,YAAaA,EAAc,YAC3B,UAAWA,EAAc,SAAA,CAC1B,EAED,OACEtE,GACAA,EAAgB,yBAA2B,MAC3CA,EAAgB,wBAAwB,oBACxCH,EAAI,WACFG,EAAgB,wBAAwB,kBAAA,EAGnC4E,EAAa,KAAK,MAAOrC,GAAa,CACrC,MAAAsC,EAAO,MAAMtC,EAAS,OACrB,OAAA,IAAI,SAASsC,EAAMtC,CAAQ,CAAA,CACnC,EAEIqC,EAAa,KAAKtC,EAAWtC,CAA6B,CAAC,UAElEuE,EAAW,SAAS,gBAAgB,GACpClB,EACA,CACArD,EAAkBJ,EAASyD,CAAqC,EACxBA,EAAA,KACxC,IAAImB,EAAUD,EACV,GAAAvE,GAAmBA,EAAgB,cAAgB,KAAM,CAC3D,MAAM8E,EACJ5F,EAAM,cAAgB,IAAMc,EAAgB,kBAC1CuE,EAAW,SAASO,CAAe,IACrCN,EAAUA,EAAQ,QAChBM,EACA9E,EAAgB,YAAA,GAKtB,OAAO,MAAM0D,EAAiB,CAC5B,KAAMc,EACN,OAAQF,EAAc,OACtB,QAAS,CACP,GAAG7B,EAAiBiB,EAAgB,OAAO,CAC7C,EACA,KAAMY,EAAc,KACpB,MAAOA,EAAc,MACrB,SAAUA,EAAc,SACxB,SAAUA,EAAc,SACxB,YAAaA,EAAc,YAC3B,UAAWA,EAAc,SAC1B,CAAA,EAAE,KAAKhC,EAAWtC,CAAe,CAAC,EAE9B,CACR,EAEE,KAAM,GAAM,CACP,IAAM,OACR8C,EAAQ,CAAC,GAET,QAAQ,IAAI,mBAAmB,EACxBuB,EAAA,IAAI,MAAM,wCAAwC,CAAC,EAC5D,CACD,EACA,MAAOU,GAAQ,CACVA,IAAQ,OACVV,EAAOU,CAAG,GAEV,QAAQ,IAAI,iBAAiB,EACtBV,EAAA,IAAI,MAAM,sCAAsC,CAAC,EAC1D,CACD,CAAA,CACJ,EAGDlB,EAAM,UAAUA,EAAM,YAAYiB,CAAU,CAAC,EAEjD,EAMMY,EAA+D,CAAA,EAE/DC,EAAiB9B,GAAkC,CACjD,MAAA+B,EAAO/B,EAAM,MAAM,CAAC,EACpBgC,EAAOhC,EAAM,KACbxB,EAAoBwD,EAAK,kBAC3B,IAAAnF,EAAkBJ,EAAS+B,CAAiB,EAIhD,GAHG,gBAAiB,OAClB,eAAiB,CAAA,GAEf,CAAC3B,EAAiB,CAEhB,GAAAgF,EAA8BrD,CAAiB,IAAM,OAAW,CAC9D,IAAAzB,EAAgB,eAAeyB,CAAiB,EACpDqD,EAA8BrD,CAAiB,EAAI,MAAM,QAAQzB,CAAa,EAAI,GAAQA,EAAc,gBAE1GN,EAAS+B,CAAiB,EAAI,CAC5B,OAAQ,KACR,MAAO,KACP,aAAc,KACd,wBAAyB,KACzB,kBAAmB,OACnB,MAAO,KACP,OAAQ,KACR,kBAAAA,EACA,gBAAiB,CAACqD,EAA8BrD,CAAiB,CAAA,EAEnE3B,EAAkBJ,EAAS+B,CAAiB,EAEvC,eAAeA,CAAiB,IACpB,eAAAA,CAAiB,EAAI,IAIxC,OAAQwD,EAAK,KAAM,CACjB,IAAK,QACHnF,EAAgB,OAAS,KACzBA,EAAgB,MAAQ,KACxBA,EAAgB,aAAe,KACfA,EAAA,OAASmF,EAAK,KAAK,OAC9BD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,OAAQ,CACL,MAAA1B,EAA0BkF,EAAK,KAAK,wBACtC,IAAAjF,EAAgB,eAAeyB,CAAiB,EAEpD,MAAMrC,EAAU,MAAM,QAAQY,CAAa,EAAIA,EAAgBA,EAAc,QACxEZ,EAAQ,KAAMe,GAAMA,IAAMpB,CAAoB,GACjD,CACEgB,EAAwB,cACxBA,EAAwB,mBACxBA,EAAwB,iBACxBA,EAAwB,MAAA,EACxB,QAASJ,GAAQ,CACjBR,EAAYC,EAASO,CAAG,CAAA,CACzB,EAELG,EAAgB,wBAA0BC,EACxBD,EAAA,kBAAoBmF,EAAK,KAAK,kBACxC,MAAAC,EAAQD,EAAK,KAAK,MAUpB,GARFC,IAAU,sBACVA,IAAU,8BAE8B/B,EAAA1B,EAEA0B,EAAA,KAGtC,CAACrD,EAAgB,OACnBkF,EAAK,YAAY,CACf,OAAQ,KACR,OAAQlF,EAAgB,OACxB,kBAAA2B,CAAA,CACD,MACI,CACL,MAAMR,EAAS,CACb,GAAGnB,EAAgB,MAAA,EAElBA,EAAgB,kBACVmB,EAAA,aAAejC,EAAM,aAAe,IAAMyC,GAE/CR,EAAO,gBACFA,EAAA,cAAgBjC,EAAM,cAAgB,IAAMyC,GAGnDR,EAAO,gBACPA,EAAO,eAAe,OACtBnB,EAAgB,OAAS,OAEzBmB,EAAO,eAAe,MACpBjC,EAAM,YAAc,IAAMyC,GAE9BuD,EAAK,YAAY,CACf,OAAA/D,EACA,OAAQnB,EAAgB,OACxB,kBAAA2B,CAAA,CACD,EAEH,MACF,CACA,IAAK,WACa3B,EAAA,MAAQmF,EAAK,KAAK,MAC7BD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,WAAY,CACf,MAAM0D,EAAQrF,EAAgB,MAC9BkF,EAAK,YAAY,CAAE,kBAAAvD,EAAmB,MAAA0D,CAAO,CAAA,EAC7C,MACF,CACA,IAAK,kBACarF,EAAA,aAAemF,EAAK,KAAK,aACpCD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,kBAAmB,CACtBuD,EAAK,YAAY,CACf,kBAAAvD,EACA,aAAczC,EAAM,cAAgB,IAAMyC,CAAA,CAC3C,EACD,MACF,CACA,IAAK,kBACa3B,EAAA,aAAemF,EAAK,KAAK,aACpCD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,kBAAmB,CACtB,MAAM2D,EAAetF,EAAgB,aACrCkF,EAAK,YAAY,CAAE,kBAAAvD,EAAmB,aAAA2D,CAAc,CAAA,EACpD,MACF,CACA,IAAK,WACatF,EAAA,MAAQmF,EAAK,KAAK,MAC7BD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,QACE3B,EAAgB,MAAQ,CAAE,GAAGmF,EAAK,IAAK,EAClCD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,CAC1C,CACF,EAEAoB,EAAM,iBAAiB,UAAWG,CAAa,EAC/CH,EAAM,iBAAiB,WAAYK,CAAc,EACjDL,EAAM,iBAAiB,QAASgB,CAAW,EAC3ChB,EAAM,iBAAiB,UAAWkC,CAAa"}
1
+ {"version":3,"file":"OidcServiceWorker.js","sources":["../constants.ts","../utils/domains.ts","../utils/strings.ts","../utils/tokens.ts","../utils/serializeHeaders.ts","../utils/sleep.ts","../OidcServiceWorker.ts"],"sourcesContent":["const scriptFilename = 'OidcTrustedDomains.js'; /* global trustedDomains */\nconst acceptAnyDomainToken = '*';\n\ntype TokenType = {\n readonly REFRESH_TOKEN: string;\n readonly ACCESS_TOKEN: string;\n readonly NONCE_TOKEN: string;\n readonly CODE_VERIFIER: string;\n};\n\nconst TOKEN: TokenType = {\n REFRESH_TOKEN: 'REFRESH_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER',\n ACCESS_TOKEN: 'ACCESS_TOKEN_SECURED_BY_OIDC_SERVICE_WORKER',\n NONCE_TOKEN: 'NONCE_SECURED_BY_OIDC_SERVICE_WORKER',\n CODE_VERIFIER: 'CODE_VERIFIER_SECURED_BY_OIDC_SERVICE_WORKER',\n};\n\ntype TokenRenewModeType = {\n readonly access_token_or_id_token_invalid: string;\n readonly access_token_invalid: string;\n readonly id_token_invalid: string;\n};\n\nconst TokenRenewMode: TokenRenewModeType = {\n access_token_or_id_token_invalid: 'access_token_or_id_token_invalid',\n access_token_invalid: 'access_token_invalid',\n id_token_invalid: 'id_token_invalid',\n};\n\nconst openidWellknownUrlEndWith = '/.well-known/openid-configuration';\n\nexport { scriptFilename, acceptAnyDomainToken, TOKEN, TokenRenewMode, openidWellknownUrlEndWith };\n","import { DomainDetails, TrustedDomains } from './../types';\nimport {\n acceptAnyDomainToken,\n openidWellknownUrlEndWith,\n scriptFilename,\n} from '../constants';\nimport { Database, Domain, OidcConfig } from '../types';\n\nfunction checkDomain(domains: Domain[], endpoint: string) {\n if (!endpoint) {\n return;\n }\n\n const domain = domains.find((domain) => {\n let testable: RegExp;\n\n if (typeof domain === 'string') {\n testable = new RegExp(`^${domain}`);\n } else {\n testable = domain;\n }\n\n return testable.test?.(endpoint);\n });\n if (!domain) {\n throw new Error(\n 'Domain ' +\n endpoint +\n ' is not trusted, please add domain in ' +\n scriptFilename\n );\n }\n}\n\nexport const getDomains = (trustedDomain: Domain[] | DomainDetails, type: 'oidc' | 'accessToken') => {\n if(Array.isArray(trustedDomain)) {\n return trustedDomain;\n }\n\n return trustedDomain[`${type}Domains`] ?? trustedDomain.domains ?? [];\n}\n\nconst getCurrentDatabaseDomain = (\n database: Database,\n url: string,\n trustedDomains: TrustedDomains\n) => {\n if (url.endsWith(openidWellknownUrlEndWith)) {\n return null;\n }\n for (const [key, currentDatabase] of Object.entries<OidcConfig>(database)) {\n const oidcServerConfiguration = currentDatabase.oidcServerConfiguration;\n\n if (!oidcServerConfiguration) {\n continue;\n }\n\n if (\n oidcServerConfiguration.tokenEndpoint &&\n url === oidcServerConfiguration.tokenEndpoint\n ) {\n continue;\n }\n if (\n oidcServerConfiguration.revocationEndpoint &&\n url === oidcServerConfiguration.revocationEndpoint\n ) {\n continue;\n }\n const trustedDomain = trustedDomains == null ? [] : trustedDomains[key];\n\n const domains = getDomains(trustedDomain, 'accessToken');\n const domainsToSendTokens = oidcServerConfiguration.userInfoEndpoint\n ? [oidcServerConfiguration.userInfoEndpoint, ...domains]\n : [...domains];\n\n let hasToSendToken = false;\n if (domainsToSendTokens.find((f) => f === acceptAnyDomainToken)) {\n hasToSendToken = true;\n } else {\n for (let i = 0; i < domainsToSendTokens.length; i++) {\n let domain = domainsToSendTokens[i];\n\n if (typeof domain === 'string') {\n domain = new RegExp(`^${domain}`);\n }\n\n if (domain.test?.(url)) {\n hasToSendToken = true;\n break;\n }\n }\n }\n\n if (hasToSendToken) {\n if (!currentDatabase.tokens) {\n return null;\n }\n return currentDatabase;\n }\n }\n return null;\n};\n\nexport { checkDomain, getCurrentDatabaseDomain };\n","/**\n * Count occurances of letter in string\n * @param str\n * @param find\n * @returns\n */\nexport function countLetter(str: string, find: string) {\n return str.split(find).length - 1;\n}\n","import { TOKEN, TokenRenewMode } from '../constants';\nimport { OidcConfig, OidcConfiguration, OidcServerConfiguration, Tokens } from '../types';\nimport { countLetter } from './strings';\n\nfunction parseJwt(token: string) {\n return JSON.parse(\n b64DecodeUnicode(token.split('.')[1].replace('-', '+').replace('_', '/'))\n );\n}\nfunction b64DecodeUnicode(str: string) {\n return decodeURIComponent(\n Array.prototype.map\n .call(\n atob(str),\n (c) => '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2)\n )\n .join('')\n );\n}\n\nfunction computeTimeLeft(\n refreshTimeBeforeTokensExpirationInSecond: number,\n expiresAt: number\n) {\n const currentTimeUnixSecond = new Date().getTime() / 1000;\n return Math.round(\n expiresAt -\n refreshTimeBeforeTokensExpirationInSecond -\n currentTimeUnixSecond\n );\n}\n\nfunction isTokensValid(tokens: Tokens | null) {\n if (!tokens) {\n return false;\n }\n return computeTimeLeft(0, tokens.expiresAt) > 0;\n}\n\nconst extractTokenPayload = (token?: string) => {\n try {\n if (!token) {\n return null;\n }\n if (countLetter(token, '.') === 2) {\n return parseJwt(token);\n } else {\n return null;\n }\n } catch (e) {\n console.warn(e);\n }\n return null;\n};\n\n// https://openid.net/specs/openid-connect-core-1_0.html#IDTokenValidation (excluding rules #1, #4, #5, #7, #8, #12, and #13 which did not apply).\n// https://github.com/openid/AppAuth-JS/issues/65\nconst isTokensOidcValid = (\n tokens: Tokens,\n nonce: string | null,\n oidcServerConfiguration: OidcServerConfiguration\n): { isValid: boolean; reason: string } => {\n if (tokens.idTokenPayload) {\n const idTokenPayload = tokens.idTokenPayload;\n // 2: The Issuer Identifier for the OpenID Provider (which is typically obtained during Discovery) MUST exactly match the value of the iss (issuer) Claim.\n if (oidcServerConfiguration.issuer !== idTokenPayload.iss) {\n return { isValid: false, reason: 'Issuer does not match' };\n }\n // 3: The Client MUST validate that the aud (audience) Claim contains its client_id value registered at the Issuer identified by the iss (issuer) Claim as an audience. The aud (audience) Claim MAY contain an array with more than one element. The ID Token MUST be rejected if the ID Token does not list the Client as a valid audience, or if it contains additional audiences not trusted by the Client.\n\n // 6: If the ID Token is received via direct communication between the Client and the Token Endpoint (which it is in this flow), the TLS server validation MAY be used to validate the issuer in place of checking the token signature. The Client MUST validate the signature of all other ID Tokens according to JWS [JWS] using the algorithm specified in the JWT alg Header Parameter. The Client MUST use the keys provided by the Issuer.\n\n // 9: The current time MUST be before the time represented by the exp Claim.\n const currentTimeUnixSecond = new Date().getTime() / 1000;\n if (idTokenPayload.exp && idTokenPayload.exp < currentTimeUnixSecond) {\n return { isValid: false, reason: 'Token expired' };\n }\n // 10: The iat Claim can be used to reject tokens that were issued too far away from the current time, limiting the amount of time that nonces need to be stored to prevent attacks. The acceptable range is Client specific.\n const timeInSevenDays = 60 * 60 * 24 * 7;\n if (\n idTokenPayload.iat &&\n idTokenPayload.iat + timeInSevenDays < currentTimeUnixSecond\n ) {\n return { isValid: false, reason: 'Token is used from too long time' };\n }\n // 11: If a nonce value was sent in the Authentication Request, a nonce Claim MUST be present and its value checked to verify that it is the same value as the one that was sent in the Authentication Request. The Client SHOULD check the nonce value for replay attacks. The precise method for detecting replay attacks is Client specific.\n if (idTokenPayload.nonce && idTokenPayload.nonce !== nonce) {\n return { isValid: false, reason: 'Nonce does not match' };\n }\n }\n return { isValid: true, reason: '' };\n};\n\nfunction _hideTokens(tokens: Tokens, currentDatabaseElement: OidcConfig, configurationName: string) {\n if (!tokens.issued_at) {\n const currentTimeUnixSecond = new Date().getTime() / 1000;\n tokens.issued_at = currentTimeUnixSecond;\n }\n\n const accessTokenPayload = extractTokenPayload(tokens.access_token);\n const secureTokens = {\n ...tokens,\n accessTokenPayload,\n };\n if (currentDatabaseElement.hideAccessToken) {\n secureTokens.access_token = TOKEN.ACCESS_TOKEN + '_' + configurationName;\n }\n tokens.accessTokenPayload = accessTokenPayload;\n\n let _idTokenPayload = null;\n if (tokens.id_token) {\n _idTokenPayload = extractTokenPayload(tokens.id_token);\n tokens.idTokenPayload = {..._idTokenPayload};\n if (_idTokenPayload.nonce && currentDatabaseElement.nonce != null) {\n const keyNonce =\n TOKEN.NONCE_TOKEN + '_' + currentDatabaseElement.configurationName;\n _idTokenPayload.nonce = keyNonce;\n }\n secureTokens.idTokenPayload = _idTokenPayload;\n }\n if (tokens.refresh_token) {\n secureTokens.refresh_token =\n TOKEN.REFRESH_TOKEN + '_' + configurationName;\n }\n\n const idTokenExpiresAt =\n _idTokenPayload && _idTokenPayload.exp\n ? _idTokenPayload.exp\n : Number.MAX_VALUE;\n const accessTokenExpiresAt =\n accessTokenPayload && accessTokenPayload.exp\n ? accessTokenPayload.exp\n : tokens.issued_at + tokens.expires_in;\n\n let expiresAt: number;\n const tokenRenewMode = (\n currentDatabaseElement.oidcConfiguration as OidcConfiguration\n ).token_renew_mode;\n if (tokenRenewMode === TokenRenewMode.access_token_invalid) {\n expiresAt = accessTokenExpiresAt;\n } else if (tokenRenewMode === TokenRenewMode.id_token_invalid) {\n expiresAt = idTokenExpiresAt;\n } else {\n expiresAt =\n idTokenExpiresAt < accessTokenExpiresAt\n ? idTokenExpiresAt\n : accessTokenExpiresAt;\n }\n secureTokens.expiresAt = expiresAt;\n\n tokens.expiresAt = expiresAt;\n const nonce = currentDatabaseElement.nonce\n ? currentDatabaseElement.nonce.nonce\n : null;\n const {isValid, reason} = isTokensOidcValid(\n tokens,\n nonce,\n currentDatabaseElement.oidcServerConfiguration as OidcServerConfiguration\n ); //TODO: Type assertion, could be null.\n if (!isValid) {\n throw Error(`Tokens are not OpenID valid, reason: ${reason}`);\n }\n\n // When refresh_token is not rotated we reuse ald refresh_token\n if (\n currentDatabaseElement.tokens != null &&\n 'refresh_token' in currentDatabaseElement.tokens &&\n !('refresh_token' in tokens)\n ) {\n const refreshToken = currentDatabaseElement.tokens.refresh_token;\n\n currentDatabaseElement.tokens = {\n ...tokens,\n refresh_token: refreshToken,\n };\n } else {\n currentDatabaseElement.tokens = tokens;\n }\n\n currentDatabaseElement.status = 'LOGGED_IN';\n return secureTokens;\n}\n\nfunction hideTokens(currentDatabaseElement: OidcConfig) {\n const configurationName = currentDatabaseElement.configurationName;\n return (response: Response) => {\n if (response.status !== 200) {\n return response;\n }\n return response.json().then<Response>((tokens: Tokens) => {\n const secureTokens = _hideTokens(tokens, currentDatabaseElement, configurationName);\n const body = JSON.stringify(secureTokens);\n return new Response(body, response);\n });\n };\n}\n\nexport {\n b64DecodeUnicode,\n computeTimeLeft,\n isTokensValid,\n extractTokenPayload,\n isTokensOidcValid,\n hideTokens,\n _hideTokens\n};\n","import { FetchHeaders } from '../types';\n\nfunction serializeHeaders(headers: Headers) {\n const headersObj: Record<string, string> = {};\n for (const key of (headers as FetchHeaders).keys()) {\n if (headers.has(key)) {\n headersObj[key] = headers.get(key) as string;\n }\n }\n return headersObj;\n}\nexport {serializeHeaders};","const sleep = (ms: number) => new Promise((resolve) => setTimeout(resolve, ms));\nexport { sleep };\n","import { acceptAnyDomainToken, TOKEN, scriptFilename } from './constants';\nimport {\n TrustedDomains,\n Database,\n OidcConfig,\n OidcConfiguration,\n MessageEventData,\n // TrustedDomainsShowAccessToken,\n} from './types';\nimport {\n checkDomain,\n getCurrentDatabaseDomain,\n hideTokens,\n isTokensValid,\n serializeHeaders,\n sleep,\n getDomains,\n} from './utils';\n\nconst _self = self as ServiceWorkerGlobalScope & typeof globalThis;\n\ndeclare let trustedDomains: TrustedDomains;\n\n_self.importScripts(scriptFilename);\n\nconst id = Math.round(new Date().getTime() / 1000).toString();\n\nconst keepAliveJsonFilename = 'OidcKeepAliveServiceWorker.json';\nconst handleInstall = (event: ExtendableEvent) => {\n console.log('[OidcServiceWorker] service worker installed ' + id);\n event.waitUntil(_self.skipWaiting());\n};\n\nconst handleActivate = (event: ExtendableEvent) => {\n console.log('[OidcServiceWorker] service worker activated ' + id);\n event.waitUntil(_self.clients.claim());\n};\n\nlet currentLoginCallbackConfigurationName: string | null = null;\nconst database: Database = {\n default: {\n configurationName: 'default',\n tokens: null,\n status: null,\n state: null,\n codeVerifier: null,\n nonce: null,\n oidcServerConfiguration: null,\n hideAccessToken: true,\n },\n};\n\nconst getCurrentDatabasesTokenEndpoint = (database: Database, url: string) => {\n const databases: OidcConfig[] = [];\n for (const [, value] of Object.entries<OidcConfig>(database)) {\n if (\n value.oidcServerConfiguration != null &&\n url.startsWith(value.oidcServerConfiguration.tokenEndpoint)\n ) {\n databases.push(value);\n } else if (\n value.oidcServerConfiguration != null &&\n value.oidcServerConfiguration.revocationEndpoint &&\n url.startsWith(value.oidcServerConfiguration.revocationEndpoint)\n ) {\n databases.push(value);\n }\n }\n return databases;\n};\n\nconst keepAliveAsync = async (event: FetchEvent) => {\n const originalRequest = event.request;\n const isFromVanilla = originalRequest.headers.has('oidc-vanilla');\n const init = { status: 200, statusText: 'oidc-service-worker' };\n const response = new Response('{}', init);\n if (!isFromVanilla) {\n const originalRequestUrl = new URL(originalRequest.url);\n const minSleepSeconds = Number(originalRequestUrl.searchParams.get('minSleepSeconds')) || 240;\n for (let i = 0; i < minSleepSeconds; i++) {\n await sleep(1000 + Math.floor(Math.random() * 1000));\n const cache = await caches.open('oidc_dummy_cache');\n await cache.put(event.request, response.clone());\n }\n }\n return response;\n};\n\nconst handleFetch = async (event: FetchEvent) => {\n const originalRequest = event.request;\n const url = originalRequest.url;\n if (originalRequest.url.includes(keepAliveJsonFilename)) {\n event.respondWith(keepAliveAsync(event));\n return;\n }\n\n const currentDatabaseForRequestAccessToken = getCurrentDatabaseDomain(\n database,\n originalRequest.url,\n trustedDomains\n );\n if (\n currentDatabaseForRequestAccessToken &&\n currentDatabaseForRequestAccessToken.tokens &&\n currentDatabaseForRequestAccessToken.tokens.access_token\n ) {\n while (\n currentDatabaseForRequestAccessToken.tokens &&\n !isTokensValid(currentDatabaseForRequestAccessToken.tokens)\n ) {\n await sleep(200);\n }\n const newRequest =\n originalRequest.mode == 'navigate'\n ? new Request(originalRequest, {\n headers: {\n ...serializeHeaders(originalRequest.headers),\n authorization:\n 'Bearer ' +\n currentDatabaseForRequestAccessToken.tokens.access_token,\n },\n })\n : new Request(originalRequest, {\n headers: {\n ...serializeHeaders(originalRequest.headers),\n authorization:\n 'Bearer ' +\n currentDatabaseForRequestAccessToken.tokens.access_token,\n },\n mode: (\n currentDatabaseForRequestAccessToken.oidcConfiguration as OidcConfiguration\n ).service_worker_convert_all_requests_to_cors\n ? 'cors'\n : originalRequest.mode,\n });\n\n //@ts-ignore -- TODO: review, waitUntil takes a promise, this returns a void\n event.waitUntil(event.respondWith(fetch(newRequest)));\n\n return;\n }\n\n if (event.request.method !== 'POST') {\n return;\n }\n\n let currentDatabase: OidcConfig | null = null;\n const currentDatabases = getCurrentDatabasesTokenEndpoint(\n database,\n originalRequest.url\n );\n const numberDatabase = currentDatabases.length;\n if (numberDatabase > 0) {\n const maPromesse = new Promise<Response>((resolve, reject) => {\n const clonedRequest = originalRequest.clone();\n const response = clonedRequest.text().then((actualBody) => {\n if (\n actualBody.includes(TOKEN.REFRESH_TOKEN) ||\n actualBody.includes(TOKEN.ACCESS_TOKEN)\n ) {\n let newBody = actualBody;\n for (let i = 0; i < numberDatabase; i++) {\n const currentDb = currentDatabases[i];\n\n if (currentDb && currentDb.tokens != null) {\n const keyRefreshToken =\n TOKEN.REFRESH_TOKEN + '_' + currentDb.configurationName;\n if (actualBody.includes(keyRefreshToken)) {\n newBody = newBody.replace(\n keyRefreshToken,\n encodeURIComponent(currentDb.tokens.refresh_token as string)\n );\n currentDatabase = currentDb;\n break;\n }\n const keyAccessToken =\n TOKEN.ACCESS_TOKEN + '_' + currentDb.configurationName;\n if (actualBody.includes(keyAccessToken)) {\n newBody = newBody.replace(\n keyAccessToken,\n encodeURIComponent(currentDb.tokens.access_token)\n );\n currentDatabase = currentDb;\n break;\n }\n }\n }\n const fetchPromise = fetch(originalRequest, {\n body: newBody,\n method: clonedRequest.method,\n headers: {\n ...serializeHeaders(originalRequest.headers),\n },\n mode: clonedRequest.mode,\n cache: clonedRequest.cache,\n redirect: clonedRequest.redirect,\n referrer: clonedRequest.referrer,\n credentials: clonedRequest.credentials,\n integrity: clonedRequest.integrity,\n });\n\n if (\n currentDatabase &&\n currentDatabase.oidcServerConfiguration != null &&\n currentDatabase.oidcServerConfiguration.revocationEndpoint &&\n url.startsWith(\n currentDatabase.oidcServerConfiguration.revocationEndpoint\n )\n ) {\n return fetchPromise.then(async (response) => {\n const text = await response.text();\n return new Response(text, response);\n });\n }\n return fetchPromise.then(hideTokens(currentDatabase as OidcConfig)); //todo type assertion to OidcConfig but could be null, NEEDS REVIEW\n } else if (\n actualBody.includes('code_verifier=') &&\n currentLoginCallbackConfigurationName\n ) {\n currentDatabase = database[currentLoginCallbackConfigurationName];\n currentLoginCallbackConfigurationName = null;\n let newBody = actualBody;\n if (currentDatabase && currentDatabase.codeVerifier != null) {\n const keyCodeVerifier =\n TOKEN.CODE_VERIFIER + '_' + currentDatabase.configurationName;\n if (actualBody.includes(keyCodeVerifier)) {\n newBody = newBody.replace(\n keyCodeVerifier,\n currentDatabase.codeVerifier\n );\n }\n }\n\n return fetch(originalRequest, {\n body: newBody,\n method: clonedRequest.method,\n headers: {\n ...serializeHeaders(originalRequest.headers),\n },\n mode: clonedRequest.mode,\n cache: clonedRequest.cache,\n redirect: clonedRequest.redirect,\n referrer: clonedRequest.referrer,\n credentials: clonedRequest.credentials,\n integrity: clonedRequest.integrity,\n }).then(hideTokens(currentDatabase));\n }\n return undefined;\n });\n response\n .then((r) => {\n if (r !== undefined) {\n resolve(r);\n } else {\n console.log('success undefined');\n reject(new Error('Response is undefined inside a success'));\n }\n })\n .catch((err) => {\n if (err !== undefined) {\n reject(err);\n } else {\n console.log('error undefined');\n reject(new Error('Response is undefined inside a error'));\n }\n });\n });\n\n //@ts-ignore -- TODO: review, waitUntil takes a promise, this returns a void\n event.waitUntil(event.respondWith(maPromesse));\n }\n};\n\ntype TrustedDomainsShowAccessToken = {\n [key: string]: boolean\n}\n\nconst trustedDomainsShowAccessToken: TrustedDomainsShowAccessToken = {};\n\nconst handleMessage = (event: ExtendableMessageEvent) => {\n const port = event.ports[0];\n const data = event.data as MessageEventData;\n const configurationName = data.configurationName;\n let currentDatabase = database[configurationName];\n if(trustedDomains== null){\n trustedDomains = {};\n }\n if (!currentDatabase) {\n \n if (trustedDomainsShowAccessToken[configurationName] === undefined) {\n let trustedDomain = trustedDomains[configurationName];\n trustedDomainsShowAccessToken[configurationName] = Array.isArray(trustedDomain) ? false : trustedDomain.showAccessToken;\n }\n database[configurationName] = {\n tokens: null,\n state: null,\n codeVerifier: null,\n oidcServerConfiguration: null,\n oidcConfiguration: undefined,\n nonce: null,\n status: null,\n configurationName,\n hideAccessToken: !trustedDomainsShowAccessToken[configurationName],\n };\n currentDatabase = database[configurationName];\n \n if (!trustedDomains[configurationName]) {\n trustedDomains[configurationName] = [];\n }\n }\n\n switch (data.type) {\n case 'clear':\n currentDatabase.tokens = null;\n currentDatabase.state = null;\n currentDatabase.codeVerifier = null;\n currentDatabase.status = data.data.status;\n port.postMessage({ configurationName });\n return;\n case 'init': {\n const oidcServerConfiguration = data.data.oidcServerConfiguration;\n let trustedDomain = trustedDomains[configurationName];\n const domains = getDomains(trustedDomain, 'oidc');\n if (!domains.find((f) => f === acceptAnyDomainToken)) {\n [\n oidcServerConfiguration.tokenEndpoint,\n oidcServerConfiguration.revocationEndpoint,\n oidcServerConfiguration.userInfoEndpoint,\n oidcServerConfiguration.issuer,\n ].forEach((url) => {\n checkDomain(domains, url);\n });\n }\n currentDatabase.oidcServerConfiguration = oidcServerConfiguration;\n currentDatabase.oidcConfiguration = data.data.oidcConfiguration;\n const where = data.data.where;\n if (\n where === 'loginCallbackAsync' ||\n where === 'tryKeepExistingSessionAsync'\n ) {\n currentLoginCallbackConfigurationName = configurationName;\n } else {\n currentLoginCallbackConfigurationName = null;\n }\n\n if (!currentDatabase.tokens) {\n port.postMessage({\n tokens: null,\n status: currentDatabase.status,\n configurationName,\n });\n } else {\n const tokens = {\n ...currentDatabase.tokens,\n };\n if(currentDatabase.hideAccessToken) {\n tokens.access_token = TOKEN.ACCESS_TOKEN + '_' + configurationName;\n }\n if (tokens.refresh_token) {\n tokens.refresh_token = TOKEN.REFRESH_TOKEN + '_' + configurationName;\n }\n if (\n tokens.idTokenPayload &&\n tokens.idTokenPayload.nonce &&\n currentDatabase.nonce != null\n ) {\n tokens.idTokenPayload.nonce =\n TOKEN.NONCE_TOKEN + '_' + configurationName;\n }\n port.postMessage({\n tokens,\n status: currentDatabase.status,\n configurationName,\n });\n }\n return;\n }\n case 'setState':\n currentDatabase.state = data.data.state;\n port.postMessage({ configurationName });\n return;\n case 'getState': {\n const state = currentDatabase.state;\n port.postMessage({ configurationName, state });\n return;\n }\n case 'setCodeVerifier':\n currentDatabase.codeVerifier = data.data.codeVerifier;\n port.postMessage({ configurationName });\n return;\n case 'getCodeVerifier': {\n port.postMessage({\n configurationName,\n codeVerifier: TOKEN.CODE_VERIFIER + '_' + configurationName,\n });\n return;\n }\n case 'setSessionState':\n currentDatabase.sessionState = data.data.sessionState;\n port.postMessage({ configurationName });\n return;\n case 'getSessionState': {\n const sessionState = currentDatabase.sessionState;\n port.postMessage({ configurationName, sessionState });\n return;\n }\n case 'setNonce':\n currentDatabase.nonce = data.data.nonce;\n port.postMessage({ configurationName });\n return;\n default:\n currentDatabase.items = { ...data.data };\n port.postMessage({ configurationName });\n }\n};\n\n_self.addEventListener('install', handleInstall);\n_self.addEventListener('activate', handleActivate);\n_self.addEventListener('fetch', handleFetch);\n_self.addEventListener('message', handleMessage);\n"],"names":["scriptFilename","acceptAnyDomainToken","TOKEN","TokenRenewMode","openidWellknownUrlEndWith","checkDomain","domains","endpoint","domain","testable","_a","getDomains","trustedDomain","type","getCurrentDatabaseDomain","database","url","trustedDomains","key","currentDatabase","oidcServerConfiguration","domainsToSendTokens","hasToSendToken","f","i","countLetter","str","find","parseJwt","token","b64DecodeUnicode","c","computeTimeLeft","refreshTimeBeforeTokensExpirationInSecond","expiresAt","currentTimeUnixSecond","isTokensValid","tokens","extractTokenPayload","isTokensOidcValid","nonce","idTokenPayload","timeInSevenDays","_hideTokens","currentDatabaseElement","configurationName","accessTokenPayload","secureTokens","_idTokenPayload","keyNonce","idTokenExpiresAt","accessTokenExpiresAt","tokenRenewMode","isValid","reason","refreshToken","hideTokens","response","body","serializeHeaders","headers","headersObj","sleep","ms","resolve","_self","id","keepAliveJsonFilename","handleInstall","event","handleActivate","currentLoginCallbackConfigurationName","getCurrentDatabasesTokenEndpoint","databases","value","keepAliveAsync","originalRequest","isFromVanilla","init","originalRequestUrl","minSleepSeconds","handleFetch","currentDatabaseForRequestAccessToken","newRequest","currentDatabases","numberDatabase","maPromesse","reject","clonedRequest","actualBody","newBody","currentDb","keyRefreshToken","keyAccessToken","fetchPromise","text","keyCodeVerifier","err","trustedDomainsShowAccessToken","handleMessage","port","data","where","state","sessionState"],"mappings":"aAAA,MAAMA,EAAiB,wBACjBC,EAAuB,IASvBC,EAAmB,CACvB,cAAe,+CACf,aAAc,8CACd,YAAa,uCACb,cAAe,8CACjB,EAQMC,EAAqC,CACzC,iCAAkC,mCAClC,qBAAsB,uBACtB,iBAAkB,kBACpB,EAEMC,EAA4B,oCCrBlC,SAASC,EAAYC,EAAmBC,EAAkB,CACxD,GAAI,CAACA,EACH,OAcF,GAAI,CAXWD,EAAQ,KAAME,GAAW,OAClC,IAAAC,EAEA,OAAA,OAAOD,GAAW,SACTC,EAAA,IAAI,OAAO,IAAID,GAAQ,EAEvBA,EAAAA,GAGNE,EAAAD,EAAS,OAAT,YAAAC,EAAA,KAAAD,EAAgBF,EAAQ,CAChC,EAEC,MAAM,IAAI,MACR,UACEA,EACA,yCACAP,CAAA,CAGR,CAEa,MAAAW,EAAa,CAACC,EAAyCC,IAC/D,MAAM,QAAQD,CAAa,EACrBA,EAGFA,EAAc,GAAGC,UAAa,GAAKD,EAAc,SAAW,GAG/DE,EAA2B,CAC/BC,EACAC,EACAC,IACG,OACC,GAAAD,EAAI,SAASZ,CAAyB,EACjC,OAAA,KAET,SAAW,CAACc,EAAKC,CAAe,IAAK,OAAO,QAAoBJ,CAAQ,EAAG,CACzE,MAAMK,EAA0BD,EAAgB,wBAYhD,GAVI,CAACC,GAKHA,EAAwB,eACxBJ,IAAQI,EAAwB,eAKhCA,EAAwB,oBACxBJ,IAAQI,EAAwB,mBAEhC,SAEF,MAAMR,EAAgBK,GAAkB,KAAO,CAAA,EAAKA,EAAeC,CAAG,EAEhEZ,EAAUK,EAAWC,EAAe,aAAa,EACjDS,EAAsBD,EAAwB,iBAChD,CAACA,EAAwB,iBAAkB,GAAGd,CAAO,EACrD,CAAC,GAAGA,CAAO,EAEf,IAAIgB,EAAiB,GACrB,GAAID,EAAoB,KAAME,GAAMA,IAAMtB,CAAoB,EAC3CqB,EAAA,OAEjB,SAASE,EAAI,EAAGA,EAAIH,EAAoB,OAAQG,IAAK,CAC/C,IAAAhB,EAASa,EAAoBG,CAAC,EAM9B,GAJA,OAAOhB,GAAW,WACXA,EAAA,IAAI,OAAO,IAAIA,GAAQ,IAG9BE,EAAAF,EAAO,OAAP,MAAAE,EAAA,KAAAF,EAAcQ,GAAM,CACLM,EAAA,GACjB,OAKN,GAAIA,EACE,OAACH,EAAgB,OAGdA,EAFE,KAKN,OAAA,IACT,EChGgB,SAAAM,EAAYC,EAAaC,EAAc,CACrD,OAAOD,EAAI,MAAMC,CAAI,EAAE,OAAS,CAClC,CCJA,SAASC,EAASC,EAAe,CAC/B,OAAO,KAAK,MACVC,EAAiBD,EAAM,MAAM,GAAG,EAAE,CAAC,EAAE,QAAQ,IAAK,GAAG,EAAE,QAAQ,IAAK,GAAG,CAAC,CAAA,CAE5E,CACA,SAASC,EAAiBJ,EAAa,CAC9B,OAAA,mBACL,MAAM,UAAU,IACb,KACC,KAAKA,CAAG,EACPK,GAAM,KAAO,KAAOA,EAAE,WAAW,CAAC,EAAE,SAAS,EAAE,GAAG,MAAM,EAAE,CAAA,EAE5D,KAAK,EAAE,CAAA,CAEd,CAEA,SAASC,EACPC,EACAC,EACA,CACA,MAAMC,EAAwB,IAAI,KAAK,EAAE,UAAY,IACrD,OAAO,KAAK,MACVD,EACED,EACAE,CAAA,CAEN,CAEA,SAASC,EAAcC,EAAuB,CAC5C,OAAKA,EAGEL,EAAgB,EAAGK,EAAO,SAAS,EAAI,EAFrC,EAGX,CAEA,MAAMC,EAAuBT,GAAmB,CAC1C,GAAA,CACF,OAAKA,GAGDJ,EAAYI,EAAO,GAAG,IAAM,EACvBD,EAASC,CAAK,EAHd,WAOF,GACP,QAAQ,KAAK,CAAC,CAChB,CACO,OAAA,IACT,EAIMU,EAAoB,CACxBF,EACAG,EACApB,IACyC,CACzC,GAAIiB,EAAO,eAAgB,CACzB,MAAMI,EAAiBJ,EAAO,eAE1B,GAAAjB,EAAwB,SAAWqB,EAAe,IACpD,MAAO,CAAE,QAAS,GAAO,OAAQ,uBAAwB,EAO3D,MAAMN,EAAwB,IAAI,KAAK,EAAE,UAAY,IACrD,GAAIM,EAAe,KAAOA,EAAe,IAAMN,EAC7C,MAAO,CAAE,QAAS,GAAO,OAAQ,eAAgB,EAG7C,MAAAO,EAAkB,GAAK,GAAK,GAAK,EACvC,GACED,EAAe,KACfA,EAAe,IAAMC,EAAkBP,EAEvC,MAAO,CAAE,QAAS,GAAO,OAAQ,kCAAmC,EAGtE,GAAIM,EAAe,OAASA,EAAe,QAAUD,EACnD,MAAO,CAAE,QAAS,GAAO,OAAQ,sBAAuB,EAG5D,MAAO,CAAE,QAAS,GAAM,OAAQ,EAAG,CACrC,EAEA,SAASG,EAAYN,EAAgBO,EAAoCC,EAA2B,CAC9F,GAAA,CAACR,EAAO,UAAW,CACrB,MAAMF,EAAwB,IAAI,KAAK,EAAE,UAAY,IACrDE,EAAO,UAAYF,EAGf,MAAAW,EAAqBR,EAAoBD,EAAO,YAAY,EAC5DU,EAAe,CACnB,GAAGV,EACH,mBAAAS,CAAA,EAEEF,EAAuB,kBACZG,EAAA,aAAe7C,EAAM,aAAe,IAAM2C,GAEzDR,EAAO,mBAAqBS,EAE5B,IAAIE,EAAkB,KACtB,GAAIX,EAAO,SAAU,CAGnB,GAFkBW,EAAAV,EAAoBD,EAAO,QAAQ,EAC9CA,EAAA,eAAiB,CAAC,GAAGW,GACxBA,EAAgB,OAASJ,EAAuB,OAAS,KAAM,CACjE,MAAMK,EACF/C,EAAM,YAAc,IAAM0C,EAAuB,kBACrDI,EAAgB,MAAQC,EAE1BF,EAAa,eAAiBC,EAE5BX,EAAO,gBACIU,EAAA,cACT7C,EAAM,cAAgB,IAAM2C,GAGlC,MAAMK,EACFF,GAAmBA,EAAgB,IAC7BA,EAAgB,IAChB,OAAO,UACXG,EACFL,GAAsBA,EAAmB,IACnCA,EAAmB,IACnBT,EAAO,UAAYA,EAAO,WAEhC,IAAAH,EACE,MAAAkB,EACFR,EAAuB,kBACzB,iBACEQ,IAAmBjD,EAAe,qBACxB+B,EAAAiB,EACHC,IAAmBjD,EAAe,iBAC/B+B,EAAAgB,EAGRhB,EAAAgB,EAAmBC,EACbD,EACAC,EAEZJ,EAAa,UAAYb,EAEzBG,EAAO,UAAYH,EACnB,MAAMM,EAAQI,EAAuB,MAC/BA,EAAuB,MAAM,MAC7B,KACA,CAAC,QAAAS,EAAS,OAAAC,CAAA,EAAUf,EACtBF,EACAG,EACAI,EAAuB,uBAAA,EAE3B,GAAI,CAACS,EACG,MAAA,MAAM,wCAAwCC,GAAQ,EAK1D,GAAAV,EAAuB,QAAU,MACjC,kBAAmBA,EAAuB,QAC1C,EAAE,kBAAmBP,GACvB,CACM,MAAAkB,EAAeX,EAAuB,OAAO,cAEnDA,EAAuB,OAAS,CAC9B,GAAGP,EACH,cAAekB,CAAA,OAGjBX,EAAuB,OAASP,EAGlC,OAAAO,EAAuB,OAAS,YACzBG,CACT,CAEA,SAASS,EAAWZ,EAAoC,CACtD,MAAMC,EAAoBD,EAAuB,kBACjD,OAAQa,GACFA,EAAS,SAAW,IACfA,EAEFA,EAAS,KAAA,EAAO,KAAgBpB,GAAmB,CACxD,MAAMU,EAAeJ,EAAYN,EAAQO,EAAwBC,CAAiB,EAC5Ea,EAAO,KAAK,UAAUX,CAAY,EACjC,OAAA,IAAI,SAASW,EAAMD,CAAQ,CAAA,CACnC,CAEL,CCjMA,SAASE,EAAiBC,EAAkB,CAC1C,MAAMC,EAAqC,CAAA,EAChC,UAAA3C,KAAQ0C,EAAyB,OACtCA,EAAQ,IAAI1C,CAAG,IACjB2C,EAAW3C,CAAG,EAAI0C,EAAQ,IAAI1C,CAAG,GAG9B,OAAA2C,CACT,CCVA,MAAMC,EAASC,GAAe,IAAI,QAASC,GAAY,WAAWA,EAASD,CAAE,CAAC,ECmBxEE,EAAQ,KAIdA,EAAM,cAAcjE,CAAc,EAElC,MAAMkE,EAAK,KAAK,MAAU,IAAA,OAAO,UAAY,GAAI,EAAE,WAE7CC,EAAwB,kCACxBC,EAAiBC,GAA2B,CACxC,QAAA,IAAI,gDAAkDH,CAAE,EAC1DG,EAAA,UAAUJ,EAAM,YAAa,CAAA,CACrC,EAEMK,EAAkBD,GAA2B,CACzC,QAAA,IAAI,gDAAkDH,CAAE,EAChEG,EAAM,UAAUJ,EAAM,QAAQ,MAAO,CAAA,CACvC,EAEA,IAAIM,EAAuD,KAC3D,MAAMxD,EAAqB,CACzB,QAAS,CACP,kBAAmB,UACnB,OAAQ,KACR,OAAQ,KACR,MAAO,KACP,aAAc,KACd,MAAO,KACP,wBAAyB,KACzB,gBAAiB,EACnB,CACF,EAEMyD,EAAmC,CAACzD,EAAoBC,IAAgB,CAC5E,MAAMyD,EAA0B,CAAA,EAChC,SAAW,CAAG,CAAAC,CAAK,IAAK,OAAO,QAAoB3D,CAAQ,GAEvD2D,EAAM,yBAA2B,MACjC1D,EAAI,WAAW0D,EAAM,wBAAwB,aAAa,GAI1DA,EAAM,yBAA2B,MACjCA,EAAM,wBAAwB,oBAC9B1D,EAAI,WAAW0D,EAAM,wBAAwB,kBAAkB,IAE/DD,EAAU,KAAKC,CAAK,EAGjB,OAAAD,CACT,EAEME,EAAiB,MAAON,GAAsB,CAClD,MAAMO,EAAkBP,EAAM,QACxBQ,EAAgBD,EAAgB,QAAQ,IAAI,cAAc,EAC1DE,EAAO,CAAE,OAAQ,IAAK,WAAY,qBAAsB,EACxDrB,EAAW,IAAI,SAAS,KAAMqB,CAAI,EACxC,GAAI,CAACD,EAAe,CAClB,MAAME,EAAqB,IAAI,IAAIH,EAAgB,GAAG,EAChDI,EAAkB,OAAOD,EAAmB,aAAa,IAAI,iBAAiB,CAAC,GAAK,IAC1F,QAASvD,EAAI,EAAGA,EAAIwD,EAAiBxD,IAC7B,MAAAsC,EAAM,IAAO,KAAK,MAAM,KAAK,OAAO,EAAI,GAAI,CAAC,EAEnD,MADc,MAAM,OAAO,KAAK,kBAAkB,GACtC,IAAIO,EAAM,QAASZ,EAAS,OAAO,EAG5C,OAAAA,CACT,EAEMwB,EAAc,MAAOZ,GAAsB,CAC/C,MAAMO,EAAkBP,EAAM,QACxBrD,EAAM4D,EAAgB,IAC5B,GAAIA,EAAgB,IAAI,SAAST,CAAqB,EAAG,CACjDE,EAAA,YAAYM,EAAeN,CAAK,CAAC,EACvC,OAGF,MAAMa,EAAuCpE,EAC3CC,EACA6D,EAAgB,IAChB,cAAA,EAEF,GACEM,GACAA,EAAqC,QACrCA,EAAqC,OAAO,aAC5C,CACA,KACEA,EAAqC,QACrC,CAAC9C,EAAc8C,EAAqC,MAAM,GAE1D,MAAMpB,EAAM,GAAG,EAEjB,MAAMqB,EACJP,EAAgB,MAAQ,WACpB,IAAI,QAAQA,EAAiB,CAC3B,QAAS,CACP,GAAGjB,EAAiBiB,EAAgB,OAAO,EAC3C,cACE,UACAM,EAAqC,OAAO,YAChD,CAAA,CACD,EACD,IAAI,QAAQN,EAAiB,CAC3B,QAAS,CACP,GAAGjB,EAAiBiB,EAAgB,OAAO,EAC3C,cACE,UACAM,EAAqC,OAAO,YAChD,EACA,KACEA,EAAqC,kBACrC,4CACE,OACAN,EAAgB,IAAA,CACrB,EAGPP,EAAM,UAAUA,EAAM,YAAY,MAAMc,CAAU,CAAC,CAAC,EAEpD,OAGE,GAAAd,EAAM,QAAQ,SAAW,OAC3B,OAGF,IAAIlD,EAAqC,KACzC,MAAMiE,EAAmBZ,EACvBzD,EACA6D,EAAgB,GAAA,EAEZS,EAAiBD,EAAiB,OACxC,GAAIC,EAAiB,EAAG,CACtB,MAAMC,EAAa,IAAI,QAAkB,CAACtB,EAASuB,IAAW,CACtD,MAAAC,EAAgBZ,EAAgB,QACrBY,EAAc,KAAO,EAAA,KAAMC,GAAe,CAEvD,GAAAA,EAAW,SAASvF,EAAM,aAAa,GACvCuF,EAAW,SAASvF,EAAM,YAAY,EACtC,CACA,IAAIwF,EAAUD,EACd,QAASjE,EAAI,EAAGA,EAAI6D,EAAgB7D,IAAK,CACjC,MAAAmE,EAAYP,EAAiB5D,CAAC,EAEhC,GAAAmE,GAAaA,EAAU,QAAU,KAAM,CACzC,MAAMC,EACJ1F,EAAM,cAAgB,IAAMyF,EAAU,kBACpC,GAAAF,EAAW,SAASG,CAAe,EAAG,CACxCF,EAAUA,EAAQ,QAChBE,EACA,mBAAmBD,EAAU,OAAO,aAAuB,CAAA,EAE3CxE,EAAAwE,EAClB,MAEF,MAAME,EACJ3F,EAAM,aAAe,IAAMyF,EAAU,kBACnC,GAAAF,EAAW,SAASI,CAAc,EAAG,CACvCH,EAAUA,EAAQ,QAChBG,EACA,mBAAmBF,EAAU,OAAO,YAAY,CAAA,EAEhCxE,EAAAwE,EAClB,QAIA,MAAAG,EAAe,MAAMlB,EAAiB,CAC1C,KAAMc,EACN,OAAQF,EAAc,OACtB,QAAS,CACP,GAAG7B,EAAiBiB,EAAgB,OAAO,CAC7C,EACA,KAAMY,EAAc,KACpB,MAAOA,EAAc,MACrB,SAAUA,EAAc,SACxB,SAAUA,EAAc,SACxB,YAAaA,EAAc,YAC3B,UAAWA,EAAc,SAAA,CAC1B,EAED,OACErE,GACAA,EAAgB,yBAA2B,MAC3CA,EAAgB,wBAAwB,oBACxCH,EAAI,WACFG,EAAgB,wBAAwB,kBAAA,EAGnC2E,EAAa,KAAK,MAAOrC,GAAa,CACrC,MAAAsC,EAAO,MAAMtC,EAAS,OACrB,OAAA,IAAI,SAASsC,EAAMtC,CAAQ,CAAA,CACnC,EAEIqC,EAAa,KAAKtC,EAAWrC,CAA6B,CAAC,UAElEsE,EAAW,SAAS,gBAAgB,GACpClB,EACA,CACApD,EAAkBJ,EAASwD,CAAqC,EACxBA,EAAA,KACxC,IAAImB,EAAUD,EACV,GAAAtE,GAAmBA,EAAgB,cAAgB,KAAM,CAC3D,MAAM6E,EACJ9F,EAAM,cAAgB,IAAMiB,EAAgB,kBAC1CsE,EAAW,SAASO,CAAe,IACrCN,EAAUA,EAAQ,QAChBM,EACA7E,EAAgB,YAAA,GAKtB,OAAO,MAAMyD,EAAiB,CAC5B,KAAMc,EACN,OAAQF,EAAc,OACtB,QAAS,CACP,GAAG7B,EAAiBiB,EAAgB,OAAO,CAC7C,EACA,KAAMY,EAAc,KACpB,MAAOA,EAAc,MACrB,SAAUA,EAAc,SACxB,SAAUA,EAAc,SACxB,YAAaA,EAAc,YAC3B,UAAWA,EAAc,SAC1B,CAAA,EAAE,KAAKhC,EAAWrC,CAAe,CAAC,EAE9B,CACR,EAEE,KAAM,GAAM,CACP,IAAM,OACR6C,EAAQ,CAAC,GAET,QAAQ,IAAI,mBAAmB,EACxBuB,EAAA,IAAI,MAAM,wCAAwC,CAAC,EAC5D,CACD,EACA,MAAOU,GAAQ,CACVA,IAAQ,OACVV,EAAOU,CAAG,GAEV,QAAQ,IAAI,iBAAiB,EACtBV,EAAA,IAAI,MAAM,sCAAsC,CAAC,EAC1D,CACD,CAAA,CACJ,EAGDlB,EAAM,UAAUA,EAAM,YAAYiB,CAAU,CAAC,EAEjD,EAMMY,EAA+D,CAAA,EAE/DC,EAAiB9B,GAAkC,CACjD,MAAA+B,EAAO/B,EAAM,MAAM,CAAC,EACpBgC,EAAOhC,EAAM,KACbxB,EAAoBwD,EAAK,kBAC3B,IAAAlF,EAAkBJ,EAAS8B,CAAiB,EAIhD,GAHG,gBAAiB,OAClB,eAAiB,CAAA,GAEf,CAAC1B,EAAiB,CAEhB,GAAA+E,EAA8BrD,CAAiB,IAAM,OAAW,CAC9D,IAAAjC,EAAgB,eAAeiC,CAAiB,EACpDqD,EAA8BrD,CAAiB,EAAI,MAAM,QAAQjC,CAAa,EAAI,GAAQA,EAAc,gBAE1GG,EAAS8B,CAAiB,EAAI,CAC5B,OAAQ,KACR,MAAO,KACP,aAAc,KACd,wBAAyB,KACzB,kBAAmB,OACnB,MAAO,KACP,OAAQ,KACR,kBAAAA,EACA,gBAAiB,CAACqD,EAA8BrD,CAAiB,CAAA,EAEnE1B,EAAkBJ,EAAS8B,CAAiB,EAEvC,eAAeA,CAAiB,IACpB,eAAAA,CAAiB,EAAI,IAIxC,OAAQwD,EAAK,KAAM,CACjB,IAAK,QACHlF,EAAgB,OAAS,KACzBA,EAAgB,MAAQ,KACxBA,EAAgB,aAAe,KACfA,EAAA,OAASkF,EAAK,KAAK,OAC9BD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,OAAQ,CACL,MAAAzB,EAA0BiF,EAAK,KAAK,wBACtC,IAAAzF,EAAgB,eAAeiC,CAAiB,EAC9C,MAAAvC,EAAUK,EAAWC,EAAe,MAAM,EAC3CN,EAAQ,KAAMiB,GAAMA,IAAMtB,CAAoB,GACjD,CACEmB,EAAwB,cACxBA,EAAwB,mBACxBA,EAAwB,iBACxBA,EAAwB,MAAA,EACxB,QAASJ,GAAQ,CACjBX,EAAYC,EAASU,CAAG,CAAA,CACzB,EAELG,EAAgB,wBAA0BC,EACxBD,EAAA,kBAAoBkF,EAAK,KAAK,kBACxC,MAAAC,EAAQD,EAAK,KAAK,MAUpB,GARFC,IAAU,sBACVA,IAAU,8BAE8B/B,EAAA1B,EAEA0B,EAAA,KAGtC,CAACpD,EAAgB,OACnBiF,EAAK,YAAY,CACf,OAAQ,KACR,OAAQjF,EAAgB,OACxB,kBAAA0B,CAAA,CACD,MACI,CACL,MAAMR,EAAS,CACb,GAAGlB,EAAgB,MAAA,EAElBA,EAAgB,kBACVkB,EAAA,aAAenC,EAAM,aAAe,IAAM2C,GAE/CR,EAAO,gBACFA,EAAA,cAAgBnC,EAAM,cAAgB,IAAM2C,GAGnDR,EAAO,gBACPA,EAAO,eAAe,OACtBlB,EAAgB,OAAS,OAEzBkB,EAAO,eAAe,MACpBnC,EAAM,YAAc,IAAM2C,GAE9BuD,EAAK,YAAY,CACf,OAAA/D,EACA,OAAQlB,EAAgB,OACxB,kBAAA0B,CAAA,CACD,EAEH,MACF,CACA,IAAK,WACa1B,EAAA,MAAQkF,EAAK,KAAK,MAC7BD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,WAAY,CACf,MAAM0D,EAAQpF,EAAgB,MAC9BiF,EAAK,YAAY,CAAE,kBAAAvD,EAAmB,MAAA0D,CAAO,CAAA,EAC7C,MACF,CACA,IAAK,kBACapF,EAAA,aAAekF,EAAK,KAAK,aACpCD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,kBAAmB,CACtBuD,EAAK,YAAY,CACf,kBAAAvD,EACA,aAAc3C,EAAM,cAAgB,IAAM2C,CAAA,CAC3C,EACD,MACF,CACA,IAAK,kBACa1B,EAAA,aAAekF,EAAK,KAAK,aACpCD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,IAAK,kBAAmB,CACtB,MAAM2D,EAAerF,EAAgB,aACrCiF,EAAK,YAAY,CAAE,kBAAAvD,EAAmB,aAAA2D,CAAc,CAAA,EACpD,MACF,CACA,IAAK,WACarF,EAAA,MAAQkF,EAAK,KAAK,MAC7BD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,EACtC,OACF,QACE1B,EAAgB,MAAQ,CAAE,GAAGkF,EAAK,IAAK,EAClCD,EAAA,YAAY,CAAE,kBAAAvD,CAAA,CAAmB,CAC1C,CACF,EAEAoB,EAAM,iBAAiB,UAAWG,CAAa,EAC/CH,EAAM,iBAAiB,WAAYK,CAAc,EACjDL,EAAM,iBAAiB,QAASgB,CAAW,EAC3ChB,EAAM,iBAAiB,UAAWkC,CAAa"}
package/service_worker/dist/types.d.ts CHANGED
@@ -1,5 +1,7 @@
1
1
  export type DomainDetails = {
2
- domains: Domain[];
2
+ domains?: Domain[];
3
+ oidcDomains?: Domain[];
4
+ accessTokenDomains?: Domain[];
3
5
  showAccessToken: boolean;
4
6
  };
5
7
  export type Domain = string | RegExp;
package/service_worker/dist/types.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../types.ts"],"names":[],"mappings":"AACA,MAAM,MAAM,aAAa,GAAG;IACxB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,eAAe,EAAE,OAAO,CAAC;CAC5B,CAAA;AAED,MAAM,MAAM,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;AAErC,MAAM,MAAM,cAAc,GAAG;IACzB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,aAAa,CAAC;CAC3C,GAAI,IAAI,CAAC;AAEV,MAAM,MAAM,uBAAuB,GAAG;IAClC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,qBAAqB,EAAE,MAAM,CAAC;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,EAAE,MAAM,CAAC;CAC5B,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC5B,gBAAgB,EAAE,MAAM,CAAC;IACzB,2CAA2C,EAAE,OAAO,CAAC;CACxD,CAAA;AAID,MAAM,WAAW,YAAa,SAAQ,OAAO;IACzC,IAAI,IAAI,MAAM,EAAE,CAAC;CACpB;AAED,MAAM,MAAM,MAAM,GAAG,QAAQ,GAAG,WAAW,GAAG,YAAY,GAAG,eAAe,GAAG,yBAAyB,GAAG,cAAc,GAAG,qBAAqB,GAAG,eAAe,GAAG,IAAI,CAAC;AAC3K,MAAM,MAAM,gBAAgB,GAAG,OAAO,GAAG,MAAM,GAAG,UAAU,GAAG,UAAU,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,UAAU,CAAC;AAEvK,MAAM,MAAM,WAAW,GAAG;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,uBAAuB,EAAE,uBAAuB,CAAC;IACjD,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,KAAK,CAAC;CAChB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC3B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,IAAI,EAAE,gBAAgB,CAAC;IACvB,IAAI,EAAE,WAAW,CAAC;CACrB,CAAA;AAED,MAAM,MAAM,KAAK,GAAG;IAChB,KAAK,EAAE,MAAM,CAAC;CACjB,GAAG,IAAI,CAAC;AAET,MAAM,MAAM,UAAU,GAAG;IACrB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,KAAK,EAAE,KAAK,CAAC;IACb,uBAAuB,EAAE,uBAAuB,GAAG,IAAI,CAAC;IACxD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,KAAK,CAAC,EAAE,WAAW,CAAC;IACpB,eAAe,EAAE,OAAO,CAAC;CAC5B,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IACZ;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACxB,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACf,CAAA;AAED,MAAM,MAAM,MAAM,GAAG;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,kBAAkB,EAAE,kBAAkB,GAAG,IAAI,CAAC;IAC9C,QAAQ,EAAE,IAAI,GAAG,MAAM,CAAC;IACxB,cAAc,EAAE,cAAc,CAAC;IAC/B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,QAAQ,GAAG;IACnB,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAAA;CAC5B,CAAA"}
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../types.ts"],"names":[],"mappings":"AACA,MAAM,MAAM,aAAa,GAAG;IACxB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,eAAe,EAAE,OAAO,CAAC;CAC5B,CAAA;AAED,MAAM,MAAM,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;AAErC,MAAM,MAAM,cAAc,GAAG;IACzB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,aAAa,CAAC;CAC3C,GAAI,IAAI,CAAC;AAEV,MAAM,MAAM,uBAAuB,GAAG;IAClC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,MAAM,EAAE,MAAM,CAAC;IACf,qBAAqB,EAAE,MAAM,CAAC;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,EAAE,MAAM,CAAC;CAC5B,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG;IAC5B,gBAAgB,EAAE,MAAM,CAAC;IACzB,2CAA2C,EAAE,OAAO,CAAC;CACxD,CAAA;AAID,MAAM,WAAW,YAAa,SAAQ,OAAO;IACzC,IAAI,IAAI,MAAM,EAAE,CAAC;CACpB;AAED,MAAM,MAAM,MAAM,GAAG,QAAQ,GAAG,WAAW,GAAG,YAAY,GAAG,eAAe,GAAG,yBAAyB,GAAG,cAAc,GAAG,qBAAqB,GAAG,eAAe,GAAG,IAAI,CAAC;AAC3K,MAAM,MAAM,gBAAgB,GAAG,OAAO,GAAG,MAAM,GAAG,UAAU,GAAG,UAAU,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,iBAAiB,GAAG,UAAU,CAAC;AAEvK,MAAM,MAAM,WAAW,GAAG;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,uBAAuB,EAAE,uBAAuB,CAAC;IACjD,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,KAAK,CAAC;CAChB,CAAA;AAED,MAAM,MAAM,gBAAgB,GAAG;IAC3B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,IAAI,EAAE,gBAAgB,CAAC;IACvB,IAAI,EAAE,WAAW,CAAC;CACrB,CAAA;AAED,MAAM,MAAM,KAAK,GAAG;IAChB,KAAK,EAAE,MAAM,CAAC;CACjB,GAAG,IAAI,CAAC;AAET,MAAM,MAAM,UAAU,GAAG;IACrB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,MAAM,EAAE,MAAM,GAAG,IAAI,CAAC;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,KAAK,EAAE,KAAK,CAAC;IACb,uBAAuB,EAAE,uBAAuB,GAAG,IAAI,CAAC;IACxD,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,KAAK,CAAC,EAAE,WAAW,CAAC;IACpB,eAAe,EAAE,OAAO,CAAC;CAC5B,CAAA;AAED,MAAM,MAAM,cAAc,GAAG;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IACZ;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;CACxB,CAAA;AAED,MAAM,MAAM,kBAAkB,GAAG;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;CACf,CAAA;AAED,MAAM,MAAM,MAAM,GAAG;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,kBAAkB,EAAE,kBAAkB,GAAG,IAAI,CAAC;IAC9C,QAAQ,EAAE,IAAI,GAAG,MAAM,CAAC;IACxB,cAAc,EAAE,cAAc,CAAC;IAC/B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;CACtB,CAAC;AAEF,MAAM,MAAM,QAAQ,GAAG;IACnB,CAAC,GAAG,EAAE,MAAM,GAAG,UAAU,CAAA;CAC5B,CAAA"}
package/service_worker/dist/utils/domains.d.ts CHANGED
@@ -1,6 +1,7 @@
1
- import { TrustedDomains } from './../types';
1
+ import { DomainDetails, TrustedDomains } from './../types';
2
2
  import { Database, Domain, OidcConfig } from '../types';
3
3
  declare function checkDomain(domains: Domain[], endpoint: string): void;
4
+ export declare const getDomains: (trustedDomain: Domain[] | DomainDetails, type: 'oidc' | 'accessToken') => Domain[];
4
5
  declare const getCurrentDatabaseDomain: (database: Database, url: string, trustedDomains: TrustedDomains) => OidcConfig | null;
5
6
  export { checkDomain, getCurrentDatabaseDomain };
6
7
  //# sourceMappingURL=domains.d.ts.map
package/service_worker/dist/utils/domains.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"domains.d.ts","sourceRoot":"","sources":["../../utils/domains.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAM5C,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAExD,iBAAS,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE,QAAQ,EAAE,MAAM,QAwBvD;AAED,QAAA,MAAM,wBAAwB,aAClB,QAAQ,OACb,MAAM,kBACK,cAAc,sBAwD/B,CAAC;AAEF,OAAO,EAAE,WAAW,EAAE,wBAAwB,EAAE,CAAC"}
1
+ {"version":3,"file":"domains.d.ts","sourceRoot":"","sources":["../../utils/domains.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAM3D,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAExD,iBAAS,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE,QAAQ,EAAE,MAAM,QAwBvD;AAED,eAAO,MAAM,UAAU,kBAAmB,MAAM,EAAE,GAAG,aAAa,QAAQ,MAAM,GAAG,aAAa,aAM/F,CAAA;AAED,QAAA,MAAM,wBAAwB,aAClB,QAAQ,OACb,MAAM,kBACK,cAAc,sBAyD/B,CAAC;AAEF,OAAO,EAAE,WAAW,EAAE,wBAAwB,EAAE,CAAC"}
package/service_worker/types.ts CHANGED
@@ -1,6 +1,8 @@
1
1
 
2
2
  export type DomainDetails = {
3
- domains: Domain[];
3
+ domains?: Domain[];
4
+ oidcDomains?: Domain[];
5
+ accessTokenDomains?: Domain[];
4
6
  showAccessToken: boolean;
5
7
  }
6
8
 
package/service_worker/utils/__tests__/domains.spec.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { TrustedDomains, Database } from './../../types';
1
+ import { TrustedDomains, Database, OidcServerConfiguration, Tokens } from './../../types';
2
2
  import { describe, it, expect } from 'vitest';
3
3
  import { checkDomain, getCurrentDatabaseDomain } from '..';
4
4
  import { openidWellknownUrlEndWith } from '../../constants';
@@ -38,6 +38,19 @@ describe('domains', () => {
38
38
  });
39
39
  });
40
40
  describe('getCurrentDatabaseDomain', () => {
41
+ const db: Database = {
42
+ default: {
43
+ configurationName: 'config',
44
+ tokens: {} as Tokens,
45
+ status: 'NOT_CONNECTED',
46
+ state: null,
47
+ codeVerifier: null,
48
+ nonce: null,
49
+ oidcServerConfiguration: {} as OidcServerConfiguration,
50
+ hideAccessToken: true,
51
+ },
52
+ };
53
+
41
54
  it('will return null when url ends with openidWellknownUrlEndWith', () => {
42
55
  const trustedDomains: TrustedDomains = {
43
56
  default: [
@@ -45,20 +58,33 @@ describe('domains', () => {
45
58
  'https://kdhttps.auth0.com',
46
59
  ],
47
60
  };
48
- const db: Database = {
61
+ const url = 'http://url' + openidWellknownUrlEndWith;
62
+ expect(getCurrentDatabaseDomain(db, url, trustedDomains)).toBeNull();
63
+ });
64
+
65
+ it('will test urls against domains list if accessTokenDomains list is not present', () => {
66
+ const trustedDomains: TrustedDomains = {
49
67
  default: {
50
- configurationName: 'config',
51
- tokens: null,
52
- status: 'NOT_CONNECTED',
53
- state: null,
54
- codeVerifier: null,
55
- nonce: null,
56
- oidcServerConfiguration: null,
57
- hideAccessToken: true,
58
- },
68
+ domains: ['https://domain'],
69
+ showAccessToken: false,
70
+ }
59
71
  };
60
- const url = 'http://url' + openidWellknownUrlEndWith;
61
- getCurrentDatabaseDomain(db, url, trustedDomains);
72
+
73
+ expect(getCurrentDatabaseDomain(db, 'https://domain/test', trustedDomains)).toBe(db.default);
74
+
75
+ });
76
+
77
+ it('will test urls against accessTokenDomains list if it is present and ignore domains list', () => {
78
+ const trustedDomains: TrustedDomains = {
79
+ default: {
80
+ domains: ['https://domain'],
81
+ accessTokenDomains: ['https://myapi'],
82
+ showAccessToken: false,
83
+ }
84
+ };
85
+
86
+ expect(getCurrentDatabaseDomain(db, 'https://myapi/test', trustedDomains)).toBe(db.default);
87
+ expect(getCurrentDatabaseDomain(db, 'https://domain/test', trustedDomains)).toBeNull();
62
88
  });
63
89
  });
64
90
  });
package/service_worker/utils/domains.ts CHANGED
@@ -1,4 +1,4 @@
1
- import { TrustedDomains } from './../types';
1
+ import { DomainDetails, TrustedDomains } from './../types';
2
2
  import {
3
3
  acceptAnyDomainToken,
4
4
  openidWellknownUrlEndWith,
@@ -32,6 +32,14 @@ function checkDomain(domains: Domain[], endpoint: string) {
32
32
  }
33
33
  }
34
34
 
35
+ export const getDomains = (trustedDomain: Domain[] | DomainDetails, type: 'oidc' | 'accessToken') => {
36
+ if(Array.isArray(trustedDomain)) {
37
+ return trustedDomain;
38
+ }
39
+
40
+ return trustedDomain[`${type}Domains`] ?? trustedDomain.domains ?? [];
41
+ }
42
+
35
43
  const getCurrentDatabaseDomain = (
36
44
  database: Database,
37
45
  url: string,
@@ -60,7 +68,8 @@ const getCurrentDatabaseDomain = (
60
68
  continue;
61
69
  }
62
70
  const trustedDomain = trustedDomains == null ? [] : trustedDomains[key];
63
- const domains = Array.isArray(trustedDomain) ? trustedDomain : trustedDomain.domains;
71
+
72
+ const domains = getDomains(trustedDomain, 'accessToken');
64
73
  const domainsToSendTokens = oidcServerConfiguration.userInfoEndpoint
65
74
  ? [oidcServerConfiguration.userInfoEndpoint, ...domains]
66
75
  : [...domains];