@deephaven/js-plugin-auth-keycloak 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/LICENSE +176 -0
  2. package/README.md +16 -0
  3. package/dist/index.js +2218 -0
  4. package/package.json +56 -0
package/dist/index.js ADDED
@@ -0,0 +1,2218 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, Symbol.toStringTag, { value: "Module" });
3
+ const require$$1 = require("react");
4
+ const authPlugins = require("@deephaven/auth-plugins");
5
+ const jsapiComponents = require("@deephaven/jsapi-components");
6
+ const log$1 = require("@deephaven/log");
7
+ var commonjsGlobal = typeof globalThis !== "undefined" ? globalThis : typeof window !== "undefined" ? window : typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : {};
8
+ var jsxRuntimeExports = {};
9
+ var jsxRuntime = {
10
+ get exports() {
11
+ return jsxRuntimeExports;
12
+ },
13
+ set exports(v) {
14
+ jsxRuntimeExports = v;
15
+ }
16
+ };
17
+ var reactJsxRuntime_production_min = {};
18
+ /*
19
+ object-assign
20
+ (c) Sindre Sorhus
21
+ @license MIT
22
+ */
23
+ var getOwnPropertySymbols = Object.getOwnPropertySymbols;
24
+ var hasOwnProperty = Object.prototype.hasOwnProperty;
25
+ var propIsEnumerable = Object.prototype.propertyIsEnumerable;
26
+ function toObject(val) {
27
+ if (val === null || val === void 0) {
28
+ throw new TypeError("Object.assign cannot be called with null or undefined");
29
+ }
30
+ return Object(val);
31
+ }
32
+ function shouldUseNative() {
33
+ try {
34
+ if (!Object.assign) {
35
+ return false;
36
+ }
37
+ var test1 = new String("abc");
38
+ test1[5] = "de";
39
+ if (Object.getOwnPropertyNames(test1)[0] === "5") {
40
+ return false;
41
+ }
42
+ var test2 = {};
43
+ for (var i2 = 0; i2 < 10; i2++) {
44
+ test2["_" + String.fromCharCode(i2)] = i2;
45
+ }
46
+ var order2 = Object.getOwnPropertyNames(test2).map(function(n2) {
47
+ return test2[n2];
48
+ });
49
+ if (order2.join("") !== "0123456789") {
50
+ return false;
51
+ }
52
+ var test3 = {};
53
+ "abcdefghijklmnopqrst".split("").forEach(function(letter) {
54
+ test3[letter] = letter;
55
+ });
56
+ if (Object.keys(Object.assign({}, test3)).join("") !== "abcdefghijklmnopqrst") {
57
+ return false;
58
+ }
59
+ return true;
60
+ } catch (err) {
61
+ return false;
62
+ }
63
+ }
64
+ shouldUseNative() ? Object.assign : function(target, source) {
65
+ var from;
66
+ var to = toObject(target);
67
+ var symbols;
68
+ for (var s = 1; s < arguments.length; s++) {
69
+ from = Object(arguments[s]);
70
+ for (var key in from) {
71
+ if (hasOwnProperty.call(from, key)) {
72
+ to[key] = from[key];
73
+ }
74
+ }
75
+ if (getOwnPropertySymbols) {
76
+ symbols = getOwnPropertySymbols(from);
77
+ for (var i2 = 0; i2 < symbols.length; i2++) {
78
+ if (propIsEnumerable.call(from, symbols[i2])) {
79
+ to[symbols[i2]] = from[symbols[i2]];
80
+ }
81
+ }
82
+ }
83
+ }
84
+ return to;
85
+ };
86
+ /** @license React v17.0.2
87
+ * react-jsx-runtime.production.min.js
88
+ *
89
+ * Copyright (c) Facebook, Inc. and its affiliates.
90
+ *
91
+ * This source code is licensed under the MIT license found in the
92
+ * LICENSE file in the root directory of this source tree.
93
+ */
94
+ var f = require$$1, g = 60103;
95
+ reactJsxRuntime_production_min.Fragment = 60107;
96
+ if ("function" === typeof Symbol && Symbol.for) {
97
+ var h = Symbol.for;
98
+ g = h("react.element");
99
+ reactJsxRuntime_production_min.Fragment = h("react.fragment");
100
+ }
101
+ var m = f.__SECRET_INTERNALS_DO_NOT_USE_OR_YOU_WILL_BE_FIRED.ReactCurrentOwner, n = Object.prototype.hasOwnProperty, p = { key: true, ref: true, __self: true, __source: true };
102
+ function q(c, a, k) {
103
+ var b, d = {}, e = null, l = null;
104
+ void 0 !== k && (e = "" + k);
105
+ void 0 !== a.key && (e = "" + a.key);
106
+ void 0 !== a.ref && (l = a.ref);
107
+ for (b in a)
108
+ n.call(a, b) && !p.hasOwnProperty(b) && (d[b] = a[b]);
109
+ if (c && c.defaultProps)
110
+ for (b in a = c.defaultProps, a)
111
+ void 0 === d[b] && (d[b] = a[b]);
112
+ return { $$typeof: g, type: c, key: e, ref: l, props: d, _owner: m.current };
113
+ }
114
+ reactJsxRuntime_production_min.jsx = q;
115
+ reactJsxRuntime_production_min.jsxs = q;
116
+ (function(module2) {
117
+ {
118
+ module2.exports = reactJsxRuntime_production_min;
119
+ }
120
+ })(jsxRuntime);
121
+ var base64Js = {};
122
+ base64Js.byteLength = byteLength;
123
+ base64Js.toByteArray = toByteArray;
124
+ base64Js.fromByteArray = fromByteArray;
125
+ var lookup = [];
126
+ var revLookup = [];
127
+ var Arr = typeof Uint8Array !== "undefined" ? Uint8Array : Array;
128
+ var code = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
129
+ for (var i = 0, len = code.length; i < len; ++i) {
130
+ lookup[i] = code[i];
131
+ revLookup[code.charCodeAt(i)] = i;
132
+ }
133
+ revLookup["-".charCodeAt(0)] = 62;
134
+ revLookup["_".charCodeAt(0)] = 63;
135
+ function getLens(b64) {
136
+ var len2 = b64.length;
137
+ if (len2 % 4 > 0) {
138
+ throw new Error("Invalid string. Length must be a multiple of 4");
139
+ }
140
+ var validLen = b64.indexOf("=");
141
+ if (validLen === -1)
142
+ validLen = len2;
143
+ var placeHoldersLen = validLen === len2 ? 0 : 4 - validLen % 4;
144
+ return [validLen, placeHoldersLen];
145
+ }
146
+ function byteLength(b64) {
147
+ var lens = getLens(b64);
148
+ var validLen = lens[0];
149
+ var placeHoldersLen = lens[1];
150
+ return (validLen + placeHoldersLen) * 3 / 4 - placeHoldersLen;
151
+ }
152
+ function _byteLength(b64, validLen, placeHoldersLen) {
153
+ return (validLen + placeHoldersLen) * 3 / 4 - placeHoldersLen;
154
+ }
155
+ function toByteArray(b64) {
156
+ var tmp;
157
+ var lens = getLens(b64);
158
+ var validLen = lens[0];
159
+ var placeHoldersLen = lens[1];
160
+ var arr = new Arr(_byteLength(b64, validLen, placeHoldersLen));
161
+ var curByte = 0;
162
+ var len2 = placeHoldersLen > 0 ? validLen - 4 : validLen;
163
+ var i2;
164
+ for (i2 = 0; i2 < len2; i2 += 4) {
165
+ tmp = revLookup[b64.charCodeAt(i2)] << 18 | revLookup[b64.charCodeAt(i2 + 1)] << 12 | revLookup[b64.charCodeAt(i2 + 2)] << 6 | revLookup[b64.charCodeAt(i2 + 3)];
166
+ arr[curByte++] = tmp >> 16 & 255;
167
+ arr[curByte++] = tmp >> 8 & 255;
168
+ arr[curByte++] = tmp & 255;
169
+ }
170
+ if (placeHoldersLen === 2) {
171
+ tmp = revLookup[b64.charCodeAt(i2)] << 2 | revLookup[b64.charCodeAt(i2 + 1)] >> 4;
172
+ arr[curByte++] = tmp & 255;
173
+ }
174
+ if (placeHoldersLen === 1) {
175
+ tmp = revLookup[b64.charCodeAt(i2)] << 10 | revLookup[b64.charCodeAt(i2 + 1)] << 4 | revLookup[b64.charCodeAt(i2 + 2)] >> 2;
176
+ arr[curByte++] = tmp >> 8 & 255;
177
+ arr[curByte++] = tmp & 255;
178
+ }
179
+ return arr;
180
+ }
181
+ function tripletToBase64(num) {
182
+ return lookup[num >> 18 & 63] + lookup[num >> 12 & 63] + lookup[num >> 6 & 63] + lookup[num & 63];
183
+ }
184
+ function encodeChunk(uint8, start, end) {
185
+ var tmp;
186
+ var output = [];
187
+ for (var i2 = start; i2 < end; i2 += 3) {
188
+ tmp = (uint8[i2] << 16 & 16711680) + (uint8[i2 + 1] << 8 & 65280) + (uint8[i2 + 2] & 255);
189
+ output.push(tripletToBase64(tmp));
190
+ }
191
+ return output.join("");
192
+ }
193
+ function fromByteArray(uint8) {
194
+ var tmp;
195
+ var len2 = uint8.length;
196
+ var extraBytes = len2 % 3;
197
+ var parts = [];
198
+ var maxChunkLength = 16383;
199
+ for (var i2 = 0, len22 = len2 - extraBytes; i2 < len22; i2 += maxChunkLength) {
200
+ parts.push(encodeChunk(uint8, i2, i2 + maxChunkLength > len22 ? len22 : i2 + maxChunkLength));
201
+ }
202
+ if (extraBytes === 1) {
203
+ tmp = uint8[len2 - 1];
204
+ parts.push(
205
+ lookup[tmp >> 2] + lookup[tmp << 4 & 63] + "=="
206
+ );
207
+ } else if (extraBytes === 2) {
208
+ tmp = (uint8[len2 - 2] << 8) + uint8[len2 - 1];
209
+ parts.push(
210
+ lookup[tmp >> 10] + lookup[tmp >> 4 & 63] + lookup[tmp << 2 & 63] + "="
211
+ );
212
+ }
213
+ return parts.join("");
214
+ }
215
+ var sha256Exports = {};
216
+ var sha256$1 = {
217
+ get exports() {
218
+ return sha256Exports;
219
+ },
220
+ set exports(v) {
221
+ sha256Exports = v;
222
+ }
223
+ };
224
+ /**
225
+ * [js-sha256]{@link https://github.com/emn178/js-sha256}
226
+ *
227
+ * @version 0.9.0
228
+ * @author Chen, Yi-Cyuan [emn178@gmail.com]
229
+ * @copyright Chen, Yi-Cyuan 2014-2017
230
+ * @license MIT
231
+ */
232
+ (function(module) {
233
+ (function() {
234
+ var ERROR = "input is invalid type";
235
+ var WINDOW = typeof window === "object";
236
+ var root = WINDOW ? window : {};
237
+ if (root.JS_SHA256_NO_WINDOW) {
238
+ WINDOW = false;
239
+ }
240
+ var WEB_WORKER = !WINDOW && typeof self === "object";
241
+ var NODE_JS = !root.JS_SHA256_NO_NODE_JS && typeof process === "object" && process.versions && process.versions.node;
242
+ if (NODE_JS) {
243
+ root = commonjsGlobal;
244
+ } else if (WEB_WORKER) {
245
+ root = self;
246
+ }
247
+ var COMMON_JS = !root.JS_SHA256_NO_COMMON_JS && true && module.exports;
248
+ var ARRAY_BUFFER = !root.JS_SHA256_NO_ARRAY_BUFFER && typeof ArrayBuffer !== "undefined";
249
+ var HEX_CHARS = "0123456789abcdef".split("");
250
+ var EXTRA = [-2147483648, 8388608, 32768, 128];
251
+ var SHIFT = [24, 16, 8, 0];
252
+ var K = [
253
+ 1116352408,
254
+ 1899447441,
255
+ 3049323471,
256
+ 3921009573,
257
+ 961987163,
258
+ 1508970993,
259
+ 2453635748,
260
+ 2870763221,
261
+ 3624381080,
262
+ 310598401,
263
+ 607225278,
264
+ 1426881987,
265
+ 1925078388,
266
+ 2162078206,
267
+ 2614888103,
268
+ 3248222580,
269
+ 3835390401,
270
+ 4022224774,
271
+ 264347078,
272
+ 604807628,
273
+ 770255983,
274
+ 1249150122,
275
+ 1555081692,
276
+ 1996064986,
277
+ 2554220882,
278
+ 2821834349,
279
+ 2952996808,
280
+ 3210313671,
281
+ 3336571891,
282
+ 3584528711,
283
+ 113926993,
284
+ 338241895,
285
+ 666307205,
286
+ 773529912,
287
+ 1294757372,
288
+ 1396182291,
289
+ 1695183700,
290
+ 1986661051,
291
+ 2177026350,
292
+ 2456956037,
293
+ 2730485921,
294
+ 2820302411,
295
+ 3259730800,
296
+ 3345764771,
297
+ 3516065817,
298
+ 3600352804,
299
+ 4094571909,
300
+ 275423344,
301
+ 430227734,
302
+ 506948616,
303
+ 659060556,
304
+ 883997877,
305
+ 958139571,
306
+ 1322822218,
307
+ 1537002063,
308
+ 1747873779,
309
+ 1955562222,
310
+ 2024104815,
311
+ 2227730452,
312
+ 2361852424,
313
+ 2428436474,
314
+ 2756734187,
315
+ 3204031479,
316
+ 3329325298
317
+ ];
318
+ var OUTPUT_TYPES = ["hex", "array", "digest", "arrayBuffer"];
319
+ var blocks = [];
320
+ if (root.JS_SHA256_NO_NODE_JS || !Array.isArray) {
321
+ Array.isArray = function(obj) {
322
+ return Object.prototype.toString.call(obj) === "[object Array]";
323
+ };
324
+ }
325
+ if (ARRAY_BUFFER && (root.JS_SHA256_NO_ARRAY_BUFFER_IS_VIEW || !ArrayBuffer.isView)) {
326
+ ArrayBuffer.isView = function(obj) {
327
+ return typeof obj === "object" && obj.buffer && obj.buffer.constructor === ArrayBuffer;
328
+ };
329
+ }
330
+ var createOutputMethod = function(outputType, is2242) {
331
+ return function(message) {
332
+ return new Sha256(is2242, true).update(message)[outputType]();
333
+ };
334
+ };
335
+ var createMethod = function(is2242) {
336
+ var method2 = createOutputMethod("hex", is2242);
337
+ if (NODE_JS) {
338
+ method2 = nodeWrap(method2, is2242);
339
+ }
340
+ method2.create = function() {
341
+ return new Sha256(is2242);
342
+ };
343
+ method2.update = function(message) {
344
+ return method2.create().update(message);
345
+ };
346
+ for (var i2 = 0; i2 < OUTPUT_TYPES.length; ++i2) {
347
+ var type = OUTPUT_TYPES[i2];
348
+ method2[type] = createOutputMethod(type, is2242);
349
+ }
350
+ return method2;
351
+ };
352
+ var nodeWrap = function(method, is224) {
353
+ var crypto = eval("require('crypto')");
354
+ var Buffer = eval("require('buffer').Buffer");
355
+ var algorithm = is224 ? "sha224" : "sha256";
356
+ var nodeMethod = function(message) {
357
+ if (typeof message === "string") {
358
+ return crypto.createHash(algorithm).update(message, "utf8").digest("hex");
359
+ } else {
360
+ if (message === null || message === void 0) {
361
+ throw new Error(ERROR);
362
+ } else if (message.constructor === ArrayBuffer) {
363
+ message = new Uint8Array(message);
364
+ }
365
+ }
366
+ if (Array.isArray(message) || ArrayBuffer.isView(message) || message.constructor === Buffer) {
367
+ return crypto.createHash(algorithm).update(new Buffer(message)).digest("hex");
368
+ } else {
369
+ return method(message);
370
+ }
371
+ };
372
+ return nodeMethod;
373
+ };
374
+ var createHmacOutputMethod = function(outputType, is2242) {
375
+ return function(key, message) {
376
+ return new HmacSha256(key, is2242, true).update(message)[outputType]();
377
+ };
378
+ };
379
+ var createHmacMethod = function(is2242) {
380
+ var method2 = createHmacOutputMethod("hex", is2242);
381
+ method2.create = function(key) {
382
+ return new HmacSha256(key, is2242);
383
+ };
384
+ method2.update = function(key, message) {
385
+ return method2.create(key).update(message);
386
+ };
387
+ for (var i2 = 0; i2 < OUTPUT_TYPES.length; ++i2) {
388
+ var type = OUTPUT_TYPES[i2];
389
+ method2[type] = createHmacOutputMethod(type, is2242);
390
+ }
391
+ return method2;
392
+ };
393
+ function Sha256(is2242, sharedMemory) {
394
+ if (sharedMemory) {
395
+ blocks[0] = blocks[16] = blocks[1] = blocks[2] = blocks[3] = blocks[4] = blocks[5] = blocks[6] = blocks[7] = blocks[8] = blocks[9] = blocks[10] = blocks[11] = blocks[12] = blocks[13] = blocks[14] = blocks[15] = 0;
396
+ this.blocks = blocks;
397
+ } else {
398
+ this.blocks = [0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0];
399
+ }
400
+ if (is2242) {
401
+ this.h0 = 3238371032;
402
+ this.h1 = 914150663;
403
+ this.h2 = 812702999;
404
+ this.h3 = 4144912697;
405
+ this.h4 = 4290775857;
406
+ this.h5 = 1750603025;
407
+ this.h6 = 1694076839;
408
+ this.h7 = 3204075428;
409
+ } else {
410
+ this.h0 = 1779033703;
411
+ this.h1 = 3144134277;
412
+ this.h2 = 1013904242;
413
+ this.h3 = 2773480762;
414
+ this.h4 = 1359893119;
415
+ this.h5 = 2600822924;
416
+ this.h6 = 528734635;
417
+ this.h7 = 1541459225;
418
+ }
419
+ this.block = this.start = this.bytes = this.hBytes = 0;
420
+ this.finalized = this.hashed = false;
421
+ this.first = true;
422
+ this.is224 = is2242;
423
+ }
424
+ Sha256.prototype.update = function(message) {
425
+ if (this.finalized) {
426
+ return;
427
+ }
428
+ var notString, type = typeof message;
429
+ if (type !== "string") {
430
+ if (type === "object") {
431
+ if (message === null) {
432
+ throw new Error(ERROR);
433
+ } else if (ARRAY_BUFFER && message.constructor === ArrayBuffer) {
434
+ message = new Uint8Array(message);
435
+ } else if (!Array.isArray(message)) {
436
+ if (!ARRAY_BUFFER || !ArrayBuffer.isView(message)) {
437
+ throw new Error(ERROR);
438
+ }
439
+ }
440
+ } else {
441
+ throw new Error(ERROR);
442
+ }
443
+ notString = true;
444
+ }
445
+ var code2, index = 0, i2, length = message.length, blocks2 = this.blocks;
446
+ while (index < length) {
447
+ if (this.hashed) {
448
+ this.hashed = false;
449
+ blocks2[0] = this.block;
450
+ blocks2[16] = blocks2[1] = blocks2[2] = blocks2[3] = blocks2[4] = blocks2[5] = blocks2[6] = blocks2[7] = blocks2[8] = blocks2[9] = blocks2[10] = blocks2[11] = blocks2[12] = blocks2[13] = blocks2[14] = blocks2[15] = 0;
451
+ }
452
+ if (notString) {
453
+ for (i2 = this.start; index < length && i2 < 64; ++index) {
454
+ blocks2[i2 >> 2] |= message[index] << SHIFT[i2++ & 3];
455
+ }
456
+ } else {
457
+ for (i2 = this.start; index < length && i2 < 64; ++index) {
458
+ code2 = message.charCodeAt(index);
459
+ if (code2 < 128) {
460
+ blocks2[i2 >> 2] |= code2 << SHIFT[i2++ & 3];
461
+ } else if (code2 < 2048) {
462
+ blocks2[i2 >> 2] |= (192 | code2 >> 6) << SHIFT[i2++ & 3];
463
+ blocks2[i2 >> 2] |= (128 | code2 & 63) << SHIFT[i2++ & 3];
464
+ } else if (code2 < 55296 || code2 >= 57344) {
465
+ blocks2[i2 >> 2] |= (224 | code2 >> 12) << SHIFT[i2++ & 3];
466
+ blocks2[i2 >> 2] |= (128 | code2 >> 6 & 63) << SHIFT[i2++ & 3];
467
+ blocks2[i2 >> 2] |= (128 | code2 & 63) << SHIFT[i2++ & 3];
468
+ } else {
469
+ code2 = 65536 + ((code2 & 1023) << 10 | message.charCodeAt(++index) & 1023);
470
+ blocks2[i2 >> 2] |= (240 | code2 >> 18) << SHIFT[i2++ & 3];
471
+ blocks2[i2 >> 2] |= (128 | code2 >> 12 & 63) << SHIFT[i2++ & 3];
472
+ blocks2[i2 >> 2] |= (128 | code2 >> 6 & 63) << SHIFT[i2++ & 3];
473
+ blocks2[i2 >> 2] |= (128 | code2 & 63) << SHIFT[i2++ & 3];
474
+ }
475
+ }
476
+ }
477
+ this.lastByteIndex = i2;
478
+ this.bytes += i2 - this.start;
479
+ if (i2 >= 64) {
480
+ this.block = blocks2[16];
481
+ this.start = i2 - 64;
482
+ this.hash();
483
+ this.hashed = true;
484
+ } else {
485
+ this.start = i2;
486
+ }
487
+ }
488
+ if (this.bytes > 4294967295) {
489
+ this.hBytes += this.bytes / 4294967296 << 0;
490
+ this.bytes = this.bytes % 4294967296;
491
+ }
492
+ return this;
493
+ };
494
+ Sha256.prototype.finalize = function() {
495
+ if (this.finalized) {
496
+ return;
497
+ }
498
+ this.finalized = true;
499
+ var blocks2 = this.blocks, i2 = this.lastByteIndex;
500
+ blocks2[16] = this.block;
501
+ blocks2[i2 >> 2] |= EXTRA[i2 & 3];
502
+ this.block = blocks2[16];
503
+ if (i2 >= 56) {
504
+ if (!this.hashed) {
505
+ this.hash();
506
+ }
507
+ blocks2[0] = this.block;
508
+ blocks2[16] = blocks2[1] = blocks2[2] = blocks2[3] = blocks2[4] = blocks2[5] = blocks2[6] = blocks2[7] = blocks2[8] = blocks2[9] = blocks2[10] = blocks2[11] = blocks2[12] = blocks2[13] = blocks2[14] = blocks2[15] = 0;
509
+ }
510
+ blocks2[14] = this.hBytes << 3 | this.bytes >>> 29;
511
+ blocks2[15] = this.bytes << 3;
512
+ this.hash();
513
+ };
514
+ Sha256.prototype.hash = function() {
515
+ var a = this.h0, b = this.h1, c = this.h2, d = this.h3, e = this.h4, f2 = this.h5, g2 = this.h6, h2 = this.h7, blocks2 = this.blocks, j, s0, s1, maj, t1, t2, ch, ab, da, cd, bc;
516
+ for (j = 16; j < 64; ++j) {
517
+ t1 = blocks2[j - 15];
518
+ s0 = (t1 >>> 7 | t1 << 25) ^ (t1 >>> 18 | t1 << 14) ^ t1 >>> 3;
519
+ t1 = blocks2[j - 2];
520
+ s1 = (t1 >>> 17 | t1 << 15) ^ (t1 >>> 19 | t1 << 13) ^ t1 >>> 10;
521
+ blocks2[j] = blocks2[j - 16] + s0 + blocks2[j - 7] + s1 << 0;
522
+ }
523
+ bc = b & c;
524
+ for (j = 0; j < 64; j += 4) {
525
+ if (this.first) {
526
+ if (this.is224) {
527
+ ab = 300032;
528
+ t1 = blocks2[0] - 1413257819;
529
+ h2 = t1 - 150054599 << 0;
530
+ d = t1 + 24177077 << 0;
531
+ } else {
532
+ ab = 704751109;
533
+ t1 = blocks2[0] - 210244248;
534
+ h2 = t1 - 1521486534 << 0;
535
+ d = t1 + 143694565 << 0;
536
+ }
537
+ this.first = false;
538
+ } else {
539
+ s0 = (a >>> 2 | a << 30) ^ (a >>> 13 | a << 19) ^ (a >>> 22 | a << 10);
540
+ s1 = (e >>> 6 | e << 26) ^ (e >>> 11 | e << 21) ^ (e >>> 25 | e << 7);
541
+ ab = a & b;
542
+ maj = ab ^ a & c ^ bc;
543
+ ch = e & f2 ^ ~e & g2;
544
+ t1 = h2 + s1 + ch + K[j] + blocks2[j];
545
+ t2 = s0 + maj;
546
+ h2 = d + t1 << 0;
547
+ d = t1 + t2 << 0;
548
+ }
549
+ s0 = (d >>> 2 | d << 30) ^ (d >>> 13 | d << 19) ^ (d >>> 22 | d << 10);
550
+ s1 = (h2 >>> 6 | h2 << 26) ^ (h2 >>> 11 | h2 << 21) ^ (h2 >>> 25 | h2 << 7);
551
+ da = d & a;
552
+ maj = da ^ d & b ^ ab;
553
+ ch = h2 & e ^ ~h2 & f2;
554
+ t1 = g2 + s1 + ch + K[j + 1] + blocks2[j + 1];
555
+ t2 = s0 + maj;
556
+ g2 = c + t1 << 0;
557
+ c = t1 + t2 << 0;
558
+ s0 = (c >>> 2 | c << 30) ^ (c >>> 13 | c << 19) ^ (c >>> 22 | c << 10);
559
+ s1 = (g2 >>> 6 | g2 << 26) ^ (g2 >>> 11 | g2 << 21) ^ (g2 >>> 25 | g2 << 7);
560
+ cd = c & d;
561
+ maj = cd ^ c & a ^ da;
562
+ ch = g2 & h2 ^ ~g2 & e;
563
+ t1 = f2 + s1 + ch + K[j + 2] + blocks2[j + 2];
564
+ t2 = s0 + maj;
565
+ f2 = b + t1 << 0;
566
+ b = t1 + t2 << 0;
567
+ s0 = (b >>> 2 | b << 30) ^ (b >>> 13 | b << 19) ^ (b >>> 22 | b << 10);
568
+ s1 = (f2 >>> 6 | f2 << 26) ^ (f2 >>> 11 | f2 << 21) ^ (f2 >>> 25 | f2 << 7);
569
+ bc = b & c;
570
+ maj = bc ^ b & d ^ cd;
571
+ ch = f2 & g2 ^ ~f2 & h2;
572
+ t1 = e + s1 + ch + K[j + 3] + blocks2[j + 3];
573
+ t2 = s0 + maj;
574
+ e = a + t1 << 0;
575
+ a = t1 + t2 << 0;
576
+ }
577
+ this.h0 = this.h0 + a << 0;
578
+ this.h1 = this.h1 + b << 0;
579
+ this.h2 = this.h2 + c << 0;
580
+ this.h3 = this.h3 + d << 0;
581
+ this.h4 = this.h4 + e << 0;
582
+ this.h5 = this.h5 + f2 << 0;
583
+ this.h6 = this.h6 + g2 << 0;
584
+ this.h7 = this.h7 + h2 << 0;
585
+ };
586
+ Sha256.prototype.hex = function() {
587
+ this.finalize();
588
+ var h0 = this.h0, h1 = this.h1, h2 = this.h2, h3 = this.h3, h4 = this.h4, h5 = this.h5, h6 = this.h6, h7 = this.h7;
589
+ var hex = HEX_CHARS[h0 >> 28 & 15] + HEX_CHARS[h0 >> 24 & 15] + HEX_CHARS[h0 >> 20 & 15] + HEX_CHARS[h0 >> 16 & 15] + HEX_CHARS[h0 >> 12 & 15] + HEX_CHARS[h0 >> 8 & 15] + HEX_CHARS[h0 >> 4 & 15] + HEX_CHARS[h0 & 15] + HEX_CHARS[h1 >> 28 & 15] + HEX_CHARS[h1 >> 24 & 15] + HEX_CHARS[h1 >> 20 & 15] + HEX_CHARS[h1 >> 16 & 15] + HEX_CHARS[h1 >> 12 & 15] + HEX_CHARS[h1 >> 8 & 15] + HEX_CHARS[h1 >> 4 & 15] + HEX_CHARS[h1 & 15] + HEX_CHARS[h2 >> 28 & 15] + HEX_CHARS[h2 >> 24 & 15] + HEX_CHARS[h2 >> 20 & 15] + HEX_CHARS[h2 >> 16 & 15] + HEX_CHARS[h2 >> 12 & 15] + HEX_CHARS[h2 >> 8 & 15] + HEX_CHARS[h2 >> 4 & 15] + HEX_CHARS[h2 & 15] + HEX_CHARS[h3 >> 28 & 15] + HEX_CHARS[h3 >> 24 & 15] + HEX_CHARS[h3 >> 20 & 15] + HEX_CHARS[h3 >> 16 & 15] + HEX_CHARS[h3 >> 12 & 15] + HEX_CHARS[h3 >> 8 & 15] + HEX_CHARS[h3 >> 4 & 15] + HEX_CHARS[h3 & 15] + HEX_CHARS[h4 >> 28 & 15] + HEX_CHARS[h4 >> 24 & 15] + HEX_CHARS[h4 >> 20 & 15] + HEX_CHARS[h4 >> 16 & 15] + HEX_CHARS[h4 >> 12 & 15] + HEX_CHARS[h4 >> 8 & 15] + HEX_CHARS[h4 >> 4 & 15] + HEX_CHARS[h4 & 15] + HEX_CHARS[h5 >> 28 & 15] + HEX_CHARS[h5 >> 24 & 15] + HEX_CHARS[h5 >> 20 & 15] + HEX_CHARS[h5 >> 16 & 15] + HEX_CHARS[h5 >> 12 & 15] + HEX_CHARS[h5 >> 8 & 15] + HEX_CHARS[h5 >> 4 & 15] + HEX_CHARS[h5 & 15] + HEX_CHARS[h6 >> 28 & 15] + HEX_CHARS[h6 >> 24 & 15] + HEX_CHARS[h6 >> 20 & 15] + HEX_CHARS[h6 >> 16 & 15] + HEX_CHARS[h6 >> 12 & 15] + HEX_CHARS[h6 >> 8 & 15] + HEX_CHARS[h6 >> 4 & 15] + HEX_CHARS[h6 & 15];
590
+ if (!this.is224) {
591
+ hex += HEX_CHARS[h7 >> 28 & 15] + HEX_CHARS[h7 >> 24 & 15] + HEX_CHARS[h7 >> 20 & 15] + HEX_CHARS[h7 >> 16 & 15] + HEX_CHARS[h7 >> 12 & 15] + HEX_CHARS[h7 >> 8 & 15] + HEX_CHARS[h7 >> 4 & 15] + HEX_CHARS[h7 & 15];
592
+ }
593
+ return hex;
594
+ };
595
+ Sha256.prototype.toString = Sha256.prototype.hex;
596
+ Sha256.prototype.digest = function() {
597
+ this.finalize();
598
+ var h0 = this.h0, h1 = this.h1, h2 = this.h2, h3 = this.h3, h4 = this.h4, h5 = this.h5, h6 = this.h6, h7 = this.h7;
599
+ var arr = [
600
+ h0 >> 24 & 255,
601
+ h0 >> 16 & 255,
602
+ h0 >> 8 & 255,
603
+ h0 & 255,
604
+ h1 >> 24 & 255,
605
+ h1 >> 16 & 255,
606
+ h1 >> 8 & 255,
607
+ h1 & 255,
608
+ h2 >> 24 & 255,
609
+ h2 >> 16 & 255,
610
+ h2 >> 8 & 255,
611
+ h2 & 255,
612
+ h3 >> 24 & 255,
613
+ h3 >> 16 & 255,
614
+ h3 >> 8 & 255,
615
+ h3 & 255,
616
+ h4 >> 24 & 255,
617
+ h4 >> 16 & 255,
618
+ h4 >> 8 & 255,
619
+ h4 & 255,
620
+ h5 >> 24 & 255,
621
+ h5 >> 16 & 255,
622
+ h5 >> 8 & 255,
623
+ h5 & 255,
624
+ h6 >> 24 & 255,
625
+ h6 >> 16 & 255,
626
+ h6 >> 8 & 255,
627
+ h6 & 255
628
+ ];
629
+ if (!this.is224) {
630
+ arr.push(h7 >> 24 & 255, h7 >> 16 & 255, h7 >> 8 & 255, h7 & 255);
631
+ }
632
+ return arr;
633
+ };
634
+ Sha256.prototype.array = Sha256.prototype.digest;
635
+ Sha256.prototype.arrayBuffer = function() {
636
+ this.finalize();
637
+ var buffer = new ArrayBuffer(this.is224 ? 28 : 32);
638
+ var dataView = new DataView(buffer);
639
+ dataView.setUint32(0, this.h0);
640
+ dataView.setUint32(4, this.h1);
641
+ dataView.setUint32(8, this.h2);
642
+ dataView.setUint32(12, this.h3);
643
+ dataView.setUint32(16, this.h4);
644
+ dataView.setUint32(20, this.h5);
645
+ dataView.setUint32(24, this.h6);
646
+ if (!this.is224) {
647
+ dataView.setUint32(28, this.h7);
648
+ }
649
+ return buffer;
650
+ };
651
+ function HmacSha256(key, is2242, sharedMemory) {
652
+ var i2, type = typeof key;
653
+ if (type === "string") {
654
+ var bytes = [], length = key.length, index = 0, code2;
655
+ for (i2 = 0; i2 < length; ++i2) {
656
+ code2 = key.charCodeAt(i2);
657
+ if (code2 < 128) {
658
+ bytes[index++] = code2;
659
+ } else if (code2 < 2048) {
660
+ bytes[index++] = 192 | code2 >> 6;
661
+ bytes[index++] = 128 | code2 & 63;
662
+ } else if (code2 < 55296 || code2 >= 57344) {
663
+ bytes[index++] = 224 | code2 >> 12;
664
+ bytes[index++] = 128 | code2 >> 6 & 63;
665
+ bytes[index++] = 128 | code2 & 63;
666
+ } else {
667
+ code2 = 65536 + ((code2 & 1023) << 10 | key.charCodeAt(++i2) & 1023);
668
+ bytes[index++] = 240 | code2 >> 18;
669
+ bytes[index++] = 128 | code2 >> 12 & 63;
670
+ bytes[index++] = 128 | code2 >> 6 & 63;
671
+ bytes[index++] = 128 | code2 & 63;
672
+ }
673
+ }
674
+ key = bytes;
675
+ } else {
676
+ if (type === "object") {
677
+ if (key === null) {
678
+ throw new Error(ERROR);
679
+ } else if (ARRAY_BUFFER && key.constructor === ArrayBuffer) {
680
+ key = new Uint8Array(key);
681
+ } else if (!Array.isArray(key)) {
682
+ if (!ARRAY_BUFFER || !ArrayBuffer.isView(key)) {
683
+ throw new Error(ERROR);
684
+ }
685
+ }
686
+ } else {
687
+ throw new Error(ERROR);
688
+ }
689
+ }
690
+ if (key.length > 64) {
691
+ key = new Sha256(is2242, true).update(key).array();
692
+ }
693
+ var oKeyPad = [], iKeyPad = [];
694
+ for (i2 = 0; i2 < 64; ++i2) {
695
+ var b = key[i2] || 0;
696
+ oKeyPad[i2] = 92 ^ b;
697
+ iKeyPad[i2] = 54 ^ b;
698
+ }
699
+ Sha256.call(this, is2242, sharedMemory);
700
+ this.update(iKeyPad);
701
+ this.oKeyPad = oKeyPad;
702
+ this.inner = true;
703
+ this.sharedMemory = sharedMemory;
704
+ }
705
+ HmacSha256.prototype = new Sha256();
706
+ HmacSha256.prototype.finalize = function() {
707
+ Sha256.prototype.finalize.call(this);
708
+ if (this.inner) {
709
+ this.inner = false;
710
+ var innerHash = this.array();
711
+ Sha256.call(this, this.is224, this.sharedMemory);
712
+ this.update(this.oKeyPad);
713
+ this.update(innerHash);
714
+ Sha256.prototype.finalize.call(this);
715
+ }
716
+ };
717
+ var exports = createMethod();
718
+ exports.sha256 = exports;
719
+ exports.sha224 = createMethod(true);
720
+ exports.sha256.hmac = createHmacMethod();
721
+ exports.sha224.hmac = createHmacMethod(true);
722
+ if (COMMON_JS) {
723
+ module.exports = exports;
724
+ } else {
725
+ root.sha256 = exports.sha256;
726
+ root.sha224 = exports.sha224;
727
+ }
728
+ })();
729
+ })(sha256$1);
730
+ const sha256 = sha256Exports;
731
+ if (typeof Promise === "undefined") {
732
+ throw Error("Keycloak requires an environment that supports Promises. Make sure that you include the appropriate polyfill.");
733
+ }
734
+ var loggedConstructorDeprecation = false;
735
+ function logConstructorDeprecation() {
736
+ if (!loggedConstructorDeprecation) {
737
+ loggedConstructorDeprecation = true;
738
+ console.warn("[KEYCLOAK] Instantiation using the `Keycloak` function has been deprecated and support will be removed in future versions. Use the `new` operator to create an instance instead.");
739
+ }
740
+ }
741
+ var loggedPromiseDeprecation = false;
742
+ function logPromiseDeprecation() {
743
+ if (!loggedPromiseDeprecation) {
744
+ loggedPromiseDeprecation = true;
745
+ console.warn("[KEYCLOAK] Usage of legacy style promise methods such as `.error()` and `.success()` has been deprecated and support will be removed in future versions. Use standard style promise methods such as `.then() and `.catch()` instead.");
746
+ }
747
+ }
748
+ function Keycloak(config) {
749
+ if (!(this instanceof Keycloak)) {
750
+ logConstructorDeprecation();
751
+ return new Keycloak(config);
752
+ }
753
+ var kc = this;
754
+ var adapter;
755
+ var refreshQueue = [];
756
+ var callbackStorage;
757
+ var loginIframe = {
758
+ enable: true,
759
+ callbackList: [],
760
+ interval: 5
761
+ };
762
+ var scripts = document.getElementsByTagName("script");
763
+ for (var i2 = 0; i2 < scripts.length; i2++) {
764
+ if ((scripts[i2].src.indexOf("keycloak.js") !== -1 || scripts[i2].src.indexOf("keycloak.min.js") !== -1) && scripts[i2].src.indexOf("version=") !== -1) {
765
+ kc.iframeVersion = scripts[i2].src.substring(scripts[i2].src.indexOf("version=") + 8).split("&")[0];
766
+ }
767
+ }
768
+ var useNonce = true;
769
+ var logInfo = createLogger(console.info);
770
+ var logWarn = createLogger(console.warn);
771
+ kc.init = function(initOptions) {
772
+ kc.authenticated = false;
773
+ callbackStorage = createCallbackStorage();
774
+ var adapters = ["default", "cordova", "cordova-native"];
775
+ if (initOptions && adapters.indexOf(initOptions.adapter) > -1) {
776
+ adapter = loadAdapter(initOptions.adapter);
777
+ } else if (initOptions && typeof initOptions.adapter === "object") {
778
+ adapter = initOptions.adapter;
779
+ } else {
780
+ if (window.Cordova || window.cordova) {
781
+ adapter = loadAdapter("cordova");
782
+ } else {
783
+ adapter = loadAdapter();
784
+ }
785
+ }
786
+ if (initOptions) {
787
+ if (typeof initOptions.useNonce !== "undefined") {
788
+ useNonce = initOptions.useNonce;
789
+ }
790
+ if (typeof initOptions.checkLoginIframe !== "undefined") {
791
+ loginIframe.enable = initOptions.checkLoginIframe;
792
+ }
793
+ if (initOptions.checkLoginIframeInterval) {
794
+ loginIframe.interval = initOptions.checkLoginIframeInterval;
795
+ }
796
+ if (initOptions.onLoad === "login-required") {
797
+ kc.loginRequired = true;
798
+ }
799
+ if (initOptions.responseMode) {
800
+ if (initOptions.responseMode === "query" || initOptions.responseMode === "fragment") {
801
+ kc.responseMode = initOptions.responseMode;
802
+ } else {
803
+ throw "Invalid value for responseMode";
804
+ }
805
+ }
806
+ if (initOptions.flow) {
807
+ switch (initOptions.flow) {
808
+ case "standard":
809
+ kc.responseType = "code";
810
+ break;
811
+ case "implicit":
812
+ kc.responseType = "id_token token";
813
+ break;
814
+ case "hybrid":
815
+ kc.responseType = "code id_token token";
816
+ break;
817
+ default:
818
+ throw "Invalid value for flow";
819
+ }
820
+ kc.flow = initOptions.flow;
821
+ }
822
+ if (initOptions.timeSkew != null) {
823
+ kc.timeSkew = initOptions.timeSkew;
824
+ }
825
+ if (initOptions.redirectUri) {
826
+ kc.redirectUri = initOptions.redirectUri;
827
+ }
828
+ if (initOptions.silentCheckSsoRedirectUri) {
829
+ kc.silentCheckSsoRedirectUri = initOptions.silentCheckSsoRedirectUri;
830
+ }
831
+ if (typeof initOptions.silentCheckSsoFallback === "boolean") {
832
+ kc.silentCheckSsoFallback = initOptions.silentCheckSsoFallback;
833
+ } else {
834
+ kc.silentCheckSsoFallback = true;
835
+ }
836
+ if (initOptions.pkceMethod) {
837
+ if (initOptions.pkceMethod !== "S256") {
838
+ throw "Invalid value for pkceMethod";
839
+ }
840
+ kc.pkceMethod = initOptions.pkceMethod;
841
+ }
842
+ if (typeof initOptions.enableLogging === "boolean") {
843
+ kc.enableLogging = initOptions.enableLogging;
844
+ } else {
845
+ kc.enableLogging = false;
846
+ }
847
+ if (typeof initOptions.scope === "string") {
848
+ kc.scope = initOptions.scope;
849
+ }
850
+ if (typeof initOptions.messageReceiveTimeout === "number" && initOptions.messageReceiveTimeout > 0) {
851
+ kc.messageReceiveTimeout = initOptions.messageReceiveTimeout;
852
+ } else {
853
+ kc.messageReceiveTimeout = 1e4;
854
+ }
855
+ }
856
+ if (!kc.responseMode) {
857
+ kc.responseMode = "fragment";
858
+ }
859
+ if (!kc.responseType) {
860
+ kc.responseType = "code";
861
+ kc.flow = "standard";
862
+ }
863
+ var promise = createPromise();
864
+ var initPromise = createPromise();
865
+ initPromise.promise.then(function() {
866
+ kc.onReady && kc.onReady(kc.authenticated);
867
+ promise.setSuccess(kc.authenticated);
868
+ }).catch(function(error) {
869
+ promise.setError(error);
870
+ });
871
+ var configPromise = loadConfig();
872
+ function onLoad() {
873
+ var doLogin = function(prompt) {
874
+ if (!prompt) {
875
+ options.prompt = "none";
876
+ }
877
+ kc.login(options).then(function() {
878
+ initPromise.setSuccess();
879
+ }).catch(function(error) {
880
+ initPromise.setError(error);
881
+ });
882
+ };
883
+ var checkSsoSilently = function() {
884
+ var ifrm = document.createElement("iframe");
885
+ var src = kc.createLoginUrl({ prompt: "none", redirectUri: kc.silentCheckSsoRedirectUri });
886
+ ifrm.setAttribute("src", src);
887
+ ifrm.setAttribute("title", "keycloak-silent-check-sso");
888
+ ifrm.style.display = "none";
889
+ document.body.appendChild(ifrm);
890
+ var messageCallback = function(event) {
891
+ if (event.origin !== window.location.origin || ifrm.contentWindow !== event.source) {
892
+ return;
893
+ }
894
+ var oauth = parseCallback(event.data);
895
+ processCallback(oauth, initPromise);
896
+ document.body.removeChild(ifrm);
897
+ window.removeEventListener("message", messageCallback);
898
+ };
899
+ window.addEventListener("message", messageCallback);
900
+ };
901
+ var options = {};
902
+ switch (initOptions.onLoad) {
903
+ case "check-sso":
904
+ if (loginIframe.enable) {
905
+ setupCheckLoginIframe().then(function() {
906
+ checkLoginIframe().then(function(unchanged) {
907
+ if (!unchanged) {
908
+ kc.silentCheckSsoRedirectUri ? checkSsoSilently() : doLogin(false);
909
+ } else {
910
+ initPromise.setSuccess();
911
+ }
912
+ }).catch(function(error) {
913
+ initPromise.setError(error);
914
+ });
915
+ });
916
+ } else {
917
+ kc.silentCheckSsoRedirectUri ? checkSsoSilently() : doLogin(false);
918
+ }
919
+ break;
920
+ case "login-required":
921
+ doLogin(true);
922
+ break;
923
+ default:
924
+ throw "Invalid value for onLoad";
925
+ }
926
+ }
927
+ function processInit() {
928
+ var callback = parseCallback(window.location.href);
929
+ if (callback) {
930
+ window.history.replaceState(window.history.state, null, callback.newUrl);
931
+ }
932
+ if (callback && callback.valid) {
933
+ return setupCheckLoginIframe().then(function() {
934
+ processCallback(callback, initPromise);
935
+ }).catch(function(error) {
936
+ initPromise.setError(error);
937
+ });
938
+ } else if (initOptions) {
939
+ if (initOptions.token && initOptions.refreshToken) {
940
+ setToken(initOptions.token, initOptions.refreshToken, initOptions.idToken);
941
+ if (loginIframe.enable) {
942
+ setupCheckLoginIframe().then(function() {
943
+ checkLoginIframe().then(function(unchanged) {
944
+ if (unchanged) {
945
+ kc.onAuthSuccess && kc.onAuthSuccess();
946
+ initPromise.setSuccess();
947
+ scheduleCheckIframe();
948
+ } else {
949
+ initPromise.setSuccess();
950
+ }
951
+ }).catch(function(error) {
952
+ initPromise.setError(error);
953
+ });
954
+ });
955
+ } else {
956
+ kc.updateToken(-1).then(function() {
957
+ kc.onAuthSuccess && kc.onAuthSuccess();
958
+ initPromise.setSuccess();
959
+ }).catch(function(error) {
960
+ kc.onAuthError && kc.onAuthError();
961
+ if (initOptions.onLoad) {
962
+ onLoad();
963
+ } else {
964
+ initPromise.setError(error);
965
+ }
966
+ });
967
+ }
968
+ } else if (initOptions.onLoad) {
969
+ onLoad();
970
+ } else {
971
+ initPromise.setSuccess();
972
+ }
973
+ } else {
974
+ initPromise.setSuccess();
975
+ }
976
+ }
977
+ function domReady() {
978
+ var promise2 = createPromise();
979
+ var checkReadyState = function() {
980
+ if (document.readyState === "interactive" || document.readyState === "complete") {
981
+ document.removeEventListener("readystatechange", checkReadyState);
982
+ promise2.setSuccess();
983
+ }
984
+ };
985
+ document.addEventListener("readystatechange", checkReadyState);
986
+ checkReadyState();
987
+ return promise2.promise;
988
+ }
989
+ configPromise.then(function() {
990
+ domReady().then(check3pCookiesSupported).then(processInit).catch(function(error) {
991
+ promise.setError(error);
992
+ });
993
+ });
994
+ configPromise.catch(function(error) {
995
+ promise.setError(error);
996
+ });
997
+ return promise.promise;
998
+ };
999
+ kc.login = function(options) {
1000
+ return adapter.login(options);
1001
+ };
1002
+ function generateRandomData(len2) {
1003
+ var array = null;
1004
+ var crypto2 = window.crypto || window.msCrypto;
1005
+ if (crypto2 && crypto2.getRandomValues && window.Uint8Array) {
1006
+ array = new Uint8Array(len2);
1007
+ crypto2.getRandomValues(array);
1008
+ return array;
1009
+ }
1010
+ array = new Array(len2);
1011
+ for (var j = 0; j < array.length; j++) {
1012
+ array[j] = Math.floor(256 * Math.random());
1013
+ }
1014
+ return array;
1015
+ }
1016
+ function generateCodeVerifier(len2) {
1017
+ return generateRandomString(len2, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789");
1018
+ }
1019
+ function generateRandomString(len2, alphabet) {
1020
+ var randomData = generateRandomData(len2);
1021
+ var chars = new Array(len2);
1022
+ for (var i3 = 0; i3 < len2; i3++) {
1023
+ chars[i3] = alphabet.charCodeAt(randomData[i3] % alphabet.length);
1024
+ }
1025
+ return String.fromCharCode.apply(null, chars);
1026
+ }
1027
+ function generatePkceChallenge(pkceMethod, codeVerifier) {
1028
+ switch (pkceMethod) {
1029
+ case "S256":
1030
+ var hashBytes = new Uint8Array(sha256.arrayBuffer(codeVerifier));
1031
+ var encodedHash = base64Js.fromByteArray(hashBytes).replace(/\+/g, "-").replace(/\//g, "_").replace(/\=/g, "");
1032
+ return encodedHash;
1033
+ default:
1034
+ throw "Invalid value for pkceMethod";
1035
+ }
1036
+ }
1037
+ function buildClaimsParameter(requestedAcr) {
1038
+ var claims = {
1039
+ id_token: {
1040
+ acr: requestedAcr
1041
+ }
1042
+ };
1043
+ return JSON.stringify(claims);
1044
+ }
1045
+ kc.createLoginUrl = function(options) {
1046
+ var state = createUUID();
1047
+ var nonce = createUUID();
1048
+ var redirectUri = adapter.redirectUri(options);
1049
+ var callbackState = {
1050
+ state,
1051
+ nonce,
1052
+ redirectUri: encodeURIComponent(redirectUri)
1053
+ };
1054
+ if (options && options.prompt) {
1055
+ callbackState.prompt = options.prompt;
1056
+ }
1057
+ var baseUrl;
1058
+ if (options && options.action == "register") {
1059
+ baseUrl = kc.endpoints.register();
1060
+ } else {
1061
+ baseUrl = kc.endpoints.authorize();
1062
+ }
1063
+ var scope = options && options.scope || kc.scope;
1064
+ if (!scope) {
1065
+ scope = "openid";
1066
+ } else if (scope.indexOf("openid") === -1) {
1067
+ scope = "openid " + scope;
1068
+ }
1069
+ var url = baseUrl + "?client_id=" + encodeURIComponent(kc.clientId) + "&redirect_uri=" + encodeURIComponent(redirectUri) + "&state=" + encodeURIComponent(state) + "&response_mode=" + encodeURIComponent(kc.responseMode) + "&response_type=" + encodeURIComponent(kc.responseType) + "&scope=" + encodeURIComponent(scope);
1070
+ if (useNonce) {
1071
+ url = url + "&nonce=" + encodeURIComponent(nonce);
1072
+ }
1073
+ if (options && options.prompt) {
1074
+ url += "&prompt=" + encodeURIComponent(options.prompt);
1075
+ }
1076
+ if (options && options.maxAge) {
1077
+ url += "&max_age=" + encodeURIComponent(options.maxAge);
1078
+ }
1079
+ if (options && options.loginHint) {
1080
+ url += "&login_hint=" + encodeURIComponent(options.loginHint);
1081
+ }
1082
+ if (options && options.idpHint) {
1083
+ url += "&kc_idp_hint=" + encodeURIComponent(options.idpHint);
1084
+ }
1085
+ if (options && options.action && options.action != "register") {
1086
+ url += "&kc_action=" + encodeURIComponent(options.action);
1087
+ }
1088
+ if (options && options.locale) {
1089
+ url += "&ui_locales=" + encodeURIComponent(options.locale);
1090
+ }
1091
+ if (options && options.acr) {
1092
+ var claimsParameter = buildClaimsParameter(options.acr);
1093
+ url += "&claims=" + encodeURIComponent(claimsParameter);
1094
+ }
1095
+ if (kc.pkceMethod) {
1096
+ var codeVerifier = generateCodeVerifier(96);
1097
+ callbackState.pkceCodeVerifier = codeVerifier;
1098
+ var pkceChallenge = generatePkceChallenge(kc.pkceMethod, codeVerifier);
1099
+ url += "&code_challenge=" + pkceChallenge;
1100
+ url += "&code_challenge_method=" + kc.pkceMethod;
1101
+ }
1102
+ callbackStorage.add(callbackState);
1103
+ return url;
1104
+ };
1105
+ kc.logout = function(options) {
1106
+ return adapter.logout(options);
1107
+ };
1108
+ kc.createLogoutUrl = function(options) {
1109
+ var url = kc.endpoints.logout() + "?client_id=" + encodeURIComponent(kc.clientId) + "&post_logout_redirect_uri=" + encodeURIComponent(adapter.redirectUri(options, false));
1110
+ if (kc.idToken) {
1111
+ url += "&id_token_hint=" + encodeURIComponent(kc.idToken);
1112
+ }
1113
+ return url;
1114
+ };
1115
+ kc.register = function(options) {
1116
+ return adapter.register(options);
1117
+ };
1118
+ kc.createRegisterUrl = function(options) {
1119
+ if (!options) {
1120
+ options = {};
1121
+ }
1122
+ options.action = "register";
1123
+ return kc.createLoginUrl(options);
1124
+ };
1125
+ kc.createAccountUrl = function(options) {
1126
+ var realm = getRealmUrl();
1127
+ var url = void 0;
1128
+ if (typeof realm !== "undefined") {
1129
+ url = realm + "/account?referrer=" + encodeURIComponent(kc.clientId) + "&referrer_uri=" + encodeURIComponent(adapter.redirectUri(options));
1130
+ }
1131
+ return url;
1132
+ };
1133
+ kc.accountManagement = function() {
1134
+ return adapter.accountManagement();
1135
+ };
1136
+ kc.hasRealmRole = function(role) {
1137
+ var access = kc.realmAccess;
1138
+ return !!access && access.roles.indexOf(role) >= 0;
1139
+ };
1140
+ kc.hasResourceRole = function(role, resource) {
1141
+ if (!kc.resourceAccess) {
1142
+ return false;
1143
+ }
1144
+ var access = kc.resourceAccess[resource || kc.clientId];
1145
+ return !!access && access.roles.indexOf(role) >= 0;
1146
+ };
1147
+ kc.loadUserProfile = function() {
1148
+ var url = getRealmUrl() + "/account";
1149
+ var req = new XMLHttpRequest();
1150
+ req.open("GET", url, true);
1151
+ req.setRequestHeader("Accept", "application/json");
1152
+ req.setRequestHeader("Authorization", "bearer " + kc.token);
1153
+ var promise = createPromise();
1154
+ req.onreadystatechange = function() {
1155
+ if (req.readyState == 4) {
1156
+ if (req.status == 200) {
1157
+ kc.profile = JSON.parse(req.responseText);
1158
+ promise.setSuccess(kc.profile);
1159
+ } else {
1160
+ promise.setError();
1161
+ }
1162
+ }
1163
+ };
1164
+ req.send();
1165
+ return promise.promise;
1166
+ };
1167
+ kc.loadUserInfo = function() {
1168
+ var url = kc.endpoints.userinfo();
1169
+ var req = new XMLHttpRequest();
1170
+ req.open("GET", url, true);
1171
+ req.setRequestHeader("Accept", "application/json");
1172
+ req.setRequestHeader("Authorization", "bearer " + kc.token);
1173
+ var promise = createPromise();
1174
+ req.onreadystatechange = function() {
1175
+ if (req.readyState == 4) {
1176
+ if (req.status == 200) {
1177
+ kc.userInfo = JSON.parse(req.responseText);
1178
+ promise.setSuccess(kc.userInfo);
1179
+ } else {
1180
+ promise.setError();
1181
+ }
1182
+ }
1183
+ };
1184
+ req.send();
1185
+ return promise.promise;
1186
+ };
1187
+ kc.isTokenExpired = function(minValidity) {
1188
+ if (!kc.tokenParsed || !kc.refreshToken && kc.flow != "implicit") {
1189
+ throw "Not authenticated";
1190
+ }
1191
+ if (kc.timeSkew == null) {
1192
+ logInfo("[KEYCLOAK] Unable to determine if token is expired as timeskew is not set");
1193
+ return true;
1194
+ }
1195
+ var expiresIn = kc.tokenParsed["exp"] - Math.ceil(new Date().getTime() / 1e3) + kc.timeSkew;
1196
+ if (minValidity) {
1197
+ if (isNaN(minValidity)) {
1198
+ throw "Invalid minValidity";
1199
+ }
1200
+ expiresIn -= minValidity;
1201
+ }
1202
+ return expiresIn < 0;
1203
+ };
1204
+ kc.updateToken = function(minValidity) {
1205
+ var promise = createPromise();
1206
+ if (!kc.refreshToken) {
1207
+ promise.setError();
1208
+ return promise.promise;
1209
+ }
1210
+ minValidity = minValidity || 5;
1211
+ var exec = function() {
1212
+ var refreshToken = false;
1213
+ if (minValidity == -1) {
1214
+ refreshToken = true;
1215
+ logInfo("[KEYCLOAK] Refreshing token: forced refresh");
1216
+ } else if (!kc.tokenParsed || kc.isTokenExpired(minValidity)) {
1217
+ refreshToken = true;
1218
+ logInfo("[KEYCLOAK] Refreshing token: token expired");
1219
+ }
1220
+ if (!refreshToken) {
1221
+ promise.setSuccess(false);
1222
+ } else {
1223
+ var params = "grant_type=refresh_token&refresh_token=" + kc.refreshToken;
1224
+ var url = kc.endpoints.token();
1225
+ refreshQueue.push(promise);
1226
+ if (refreshQueue.length == 1) {
1227
+ var req = new XMLHttpRequest();
1228
+ req.open("POST", url, true);
1229
+ req.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
1230
+ req.withCredentials = true;
1231
+ params += "&client_id=" + encodeURIComponent(kc.clientId);
1232
+ var timeLocal = new Date().getTime();
1233
+ req.onreadystatechange = function() {
1234
+ if (req.readyState == 4) {
1235
+ if (req.status == 200) {
1236
+ logInfo("[KEYCLOAK] Token refreshed");
1237
+ timeLocal = (timeLocal + new Date().getTime()) / 2;
1238
+ var tokenResponse = JSON.parse(req.responseText);
1239
+ setToken(tokenResponse["access_token"], tokenResponse["refresh_token"], tokenResponse["id_token"], timeLocal);
1240
+ kc.onAuthRefreshSuccess && kc.onAuthRefreshSuccess();
1241
+ for (var p2 = refreshQueue.pop(); p2 != null; p2 = refreshQueue.pop()) {
1242
+ p2.setSuccess(true);
1243
+ }
1244
+ } else {
1245
+ logWarn("[KEYCLOAK] Failed to refresh token");
1246
+ if (req.status == 400) {
1247
+ kc.clearToken();
1248
+ }
1249
+ kc.onAuthRefreshError && kc.onAuthRefreshError();
1250
+ for (var p2 = refreshQueue.pop(); p2 != null; p2 = refreshQueue.pop()) {
1251
+ p2.setError(true);
1252
+ }
1253
+ }
1254
+ }
1255
+ };
1256
+ req.send(params);
1257
+ }
1258
+ }
1259
+ };
1260
+ if (loginIframe.enable) {
1261
+ var iframePromise = checkLoginIframe();
1262
+ iframePromise.then(function() {
1263
+ exec();
1264
+ }).catch(function(error) {
1265
+ promise.setError(error);
1266
+ });
1267
+ } else {
1268
+ exec();
1269
+ }
1270
+ return promise.promise;
1271
+ };
1272
+ kc.clearToken = function() {
1273
+ if (kc.token) {
1274
+ setToken(null, null, null);
1275
+ kc.onAuthLogout && kc.onAuthLogout();
1276
+ if (kc.loginRequired) {
1277
+ kc.login();
1278
+ }
1279
+ }
1280
+ };
1281
+ function getRealmUrl() {
1282
+ if (typeof kc.authServerUrl !== "undefined") {
1283
+ if (kc.authServerUrl.charAt(kc.authServerUrl.length - 1) == "/") {
1284
+ return kc.authServerUrl + "realms/" + encodeURIComponent(kc.realm);
1285
+ } else {
1286
+ return kc.authServerUrl + "/realms/" + encodeURIComponent(kc.realm);
1287
+ }
1288
+ } else {
1289
+ return void 0;
1290
+ }
1291
+ }
1292
+ function getOrigin() {
1293
+ if (!window.location.origin) {
1294
+ return window.location.protocol + "//" + window.location.hostname + (window.location.port ? ":" + window.location.port : "");
1295
+ } else {
1296
+ return window.location.origin;
1297
+ }
1298
+ }
1299
+ function processCallback(oauth, promise) {
1300
+ var code2 = oauth.code;
1301
+ var error = oauth.error;
1302
+ var prompt = oauth.prompt;
1303
+ var timeLocal = new Date().getTime();
1304
+ if (oauth["kc_action_status"]) {
1305
+ kc.onActionUpdate && kc.onActionUpdate(oauth["kc_action_status"]);
1306
+ }
1307
+ if (error) {
1308
+ if (prompt != "none") {
1309
+ var errorData = { error, error_description: oauth.error_description };
1310
+ kc.onAuthError && kc.onAuthError(errorData);
1311
+ promise && promise.setError(errorData);
1312
+ } else {
1313
+ promise && promise.setSuccess();
1314
+ }
1315
+ return;
1316
+ } else if (kc.flow != "standard" && (oauth.access_token || oauth.id_token)) {
1317
+ authSuccess(oauth.access_token, null, oauth.id_token, true);
1318
+ }
1319
+ if (kc.flow != "implicit" && code2) {
1320
+ var params = "code=" + code2 + "&grant_type=authorization_code";
1321
+ var url = kc.endpoints.token();
1322
+ var req = new XMLHttpRequest();
1323
+ req.open("POST", url, true);
1324
+ req.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
1325
+ params += "&client_id=" + encodeURIComponent(kc.clientId);
1326
+ params += "&redirect_uri=" + oauth.redirectUri;
1327
+ if (oauth.pkceCodeVerifier) {
1328
+ params += "&code_verifier=" + oauth.pkceCodeVerifier;
1329
+ }
1330
+ req.withCredentials = true;
1331
+ req.onreadystatechange = function() {
1332
+ if (req.readyState == 4) {
1333
+ if (req.status == 200) {
1334
+ var tokenResponse = JSON.parse(req.responseText);
1335
+ authSuccess(tokenResponse["access_token"], tokenResponse["refresh_token"], tokenResponse["id_token"], kc.flow === "standard");
1336
+ scheduleCheckIframe();
1337
+ } else {
1338
+ kc.onAuthError && kc.onAuthError();
1339
+ promise && promise.setError();
1340
+ }
1341
+ }
1342
+ };
1343
+ req.send(params);
1344
+ }
1345
+ function authSuccess(accessToken, refreshToken, idToken, fulfillPromise) {
1346
+ timeLocal = (timeLocal + new Date().getTime()) / 2;
1347
+ setToken(accessToken, refreshToken, idToken, timeLocal);
1348
+ if (useNonce && (kc.tokenParsed && kc.tokenParsed.nonce != oauth.storedNonce || kc.refreshTokenParsed && kc.refreshTokenParsed.nonce != oauth.storedNonce || kc.idTokenParsed && kc.idTokenParsed.nonce != oauth.storedNonce)) {
1349
+ logInfo("[KEYCLOAK] Invalid nonce, clearing token");
1350
+ kc.clearToken();
1351
+ promise && promise.setError();
1352
+ } else {
1353
+ if (fulfillPromise) {
1354
+ kc.onAuthSuccess && kc.onAuthSuccess();
1355
+ promise && promise.setSuccess();
1356
+ }
1357
+ }
1358
+ }
1359
+ }
1360
+ function loadConfig(url) {
1361
+ var promise = createPromise();
1362
+ var configUrl;
1363
+ if (!config) {
1364
+ configUrl = "keycloak.json";
1365
+ } else if (typeof config === "string") {
1366
+ configUrl = config;
1367
+ }
1368
+ function setupOidcEndoints(oidcConfiguration) {
1369
+ if (!oidcConfiguration) {
1370
+ kc.endpoints = {
1371
+ authorize: function() {
1372
+ return getRealmUrl() + "/protocol/openid-connect/auth";
1373
+ },
1374
+ token: function() {
1375
+ return getRealmUrl() + "/protocol/openid-connect/token";
1376
+ },
1377
+ logout: function() {
1378
+ return getRealmUrl() + "/protocol/openid-connect/logout";
1379
+ },
1380
+ checkSessionIframe: function() {
1381
+ var src = getRealmUrl() + "/protocol/openid-connect/login-status-iframe.html";
1382
+ if (kc.iframeVersion) {
1383
+ src = src + "?version=" + kc.iframeVersion;
1384
+ }
1385
+ return src;
1386
+ },
1387
+ thirdPartyCookiesIframe: function() {
1388
+ var src = getRealmUrl() + "/protocol/openid-connect/3p-cookies/step1.html";
1389
+ if (kc.iframeVersion) {
1390
+ src = src + "?version=" + kc.iframeVersion;
1391
+ }
1392
+ return src;
1393
+ },
1394
+ register: function() {
1395
+ return getRealmUrl() + "/protocol/openid-connect/registrations";
1396
+ },
1397
+ userinfo: function() {
1398
+ return getRealmUrl() + "/protocol/openid-connect/userinfo";
1399
+ }
1400
+ };
1401
+ } else {
1402
+ kc.endpoints = {
1403
+ authorize: function() {
1404
+ return oidcConfiguration.authorization_endpoint;
1405
+ },
1406
+ token: function() {
1407
+ return oidcConfiguration.token_endpoint;
1408
+ },
1409
+ logout: function() {
1410
+ if (!oidcConfiguration.end_session_endpoint) {
1411
+ throw "Not supported by the OIDC server";
1412
+ }
1413
+ return oidcConfiguration.end_session_endpoint;
1414
+ },
1415
+ checkSessionIframe: function() {
1416
+ if (!oidcConfiguration.check_session_iframe) {
1417
+ throw "Not supported by the OIDC server";
1418
+ }
1419
+ return oidcConfiguration.check_session_iframe;
1420
+ },
1421
+ register: function() {
1422
+ throw 'Redirection to "Register user" page not supported in standard OIDC mode';
1423
+ },
1424
+ userinfo: function() {
1425
+ if (!oidcConfiguration.userinfo_endpoint) {
1426
+ throw "Not supported by the OIDC server";
1427
+ }
1428
+ return oidcConfiguration.userinfo_endpoint;
1429
+ }
1430
+ };
1431
+ }
1432
+ }
1433
+ if (configUrl) {
1434
+ var req = new XMLHttpRequest();
1435
+ req.open("GET", configUrl, true);
1436
+ req.setRequestHeader("Accept", "application/json");
1437
+ req.onreadystatechange = function() {
1438
+ if (req.readyState == 4) {
1439
+ if (req.status == 200 || fileLoaded(req)) {
1440
+ var config2 = JSON.parse(req.responseText);
1441
+ kc.authServerUrl = config2["auth-server-url"];
1442
+ kc.realm = config2["realm"];
1443
+ kc.clientId = config2["resource"];
1444
+ setupOidcEndoints(null);
1445
+ promise.setSuccess();
1446
+ } else {
1447
+ promise.setError();
1448
+ }
1449
+ }
1450
+ };
1451
+ req.send();
1452
+ } else {
1453
+ if (!config.clientId) {
1454
+ throw "clientId missing";
1455
+ }
1456
+ kc.clientId = config.clientId;
1457
+ var oidcProvider = config["oidcProvider"];
1458
+ if (!oidcProvider) {
1459
+ if (!config["url"]) {
1460
+ var scripts2 = document.getElementsByTagName("script");
1461
+ for (var i3 = 0; i3 < scripts2.length; i3++) {
1462
+ if (scripts2[i3].src.match(/.*keycloak\.js/)) {
1463
+ config.url = scripts2[i3].src.substr(0, scripts2[i3].src.indexOf("/js/keycloak.js"));
1464
+ break;
1465
+ }
1466
+ }
1467
+ }
1468
+ if (!config.realm) {
1469
+ throw "realm missing";
1470
+ }
1471
+ kc.authServerUrl = config.url;
1472
+ kc.realm = config.realm;
1473
+ setupOidcEndoints(null);
1474
+ promise.setSuccess();
1475
+ } else {
1476
+ if (typeof oidcProvider === "string") {
1477
+ var oidcProviderConfigUrl;
1478
+ if (oidcProvider.charAt(oidcProvider.length - 1) == "/") {
1479
+ oidcProviderConfigUrl = oidcProvider + ".well-known/openid-configuration";
1480
+ } else {
1481
+ oidcProviderConfigUrl = oidcProvider + "/.well-known/openid-configuration";
1482
+ }
1483
+ var req = new XMLHttpRequest();
1484
+ req.open("GET", oidcProviderConfigUrl, true);
1485
+ req.setRequestHeader("Accept", "application/json");
1486
+ req.onreadystatechange = function() {
1487
+ if (req.readyState == 4) {
1488
+ if (req.status == 200 || fileLoaded(req)) {
1489
+ var oidcProviderConfig = JSON.parse(req.responseText);
1490
+ setupOidcEndoints(oidcProviderConfig);
1491
+ promise.setSuccess();
1492
+ } else {
1493
+ promise.setError();
1494
+ }
1495
+ }
1496
+ };
1497
+ req.send();
1498
+ } else {
1499
+ setupOidcEndoints(oidcProvider);
1500
+ promise.setSuccess();
1501
+ }
1502
+ }
1503
+ }
1504
+ return promise.promise;
1505
+ }
1506
+ function fileLoaded(xhr) {
1507
+ return xhr.status == 0 && xhr.responseText && xhr.responseURL.startsWith("file:");
1508
+ }
1509
+ function setToken(token, refreshToken, idToken, timeLocal) {
1510
+ if (kc.tokenTimeoutHandle) {
1511
+ clearTimeout(kc.tokenTimeoutHandle);
1512
+ kc.tokenTimeoutHandle = null;
1513
+ }
1514
+ if (refreshToken) {
1515
+ kc.refreshToken = refreshToken;
1516
+ kc.refreshTokenParsed = decodeToken(refreshToken);
1517
+ } else {
1518
+ delete kc.refreshToken;
1519
+ delete kc.refreshTokenParsed;
1520
+ }
1521
+ if (idToken) {
1522
+ kc.idToken = idToken;
1523
+ kc.idTokenParsed = decodeToken(idToken);
1524
+ } else {
1525
+ delete kc.idToken;
1526
+ delete kc.idTokenParsed;
1527
+ }
1528
+ if (token) {
1529
+ kc.token = token;
1530
+ kc.tokenParsed = decodeToken(token);
1531
+ kc.sessionId = kc.tokenParsed.session_state;
1532
+ kc.authenticated = true;
1533
+ kc.subject = kc.tokenParsed.sub;
1534
+ kc.realmAccess = kc.tokenParsed.realm_access;
1535
+ kc.resourceAccess = kc.tokenParsed.resource_access;
1536
+ if (timeLocal) {
1537
+ kc.timeSkew = Math.floor(timeLocal / 1e3) - kc.tokenParsed.iat;
1538
+ }
1539
+ if (kc.timeSkew != null) {
1540
+ logInfo("[KEYCLOAK] Estimated time difference between browser and server is " + kc.timeSkew + " seconds");
1541
+ if (kc.onTokenExpired) {
1542
+ var expiresIn = (kc.tokenParsed["exp"] - new Date().getTime() / 1e3 + kc.timeSkew) * 1e3;
1543
+ logInfo("[KEYCLOAK] Token expires in " + Math.round(expiresIn / 1e3) + " s");
1544
+ if (expiresIn <= 0) {
1545
+ kc.onTokenExpired();
1546
+ } else {
1547
+ kc.tokenTimeoutHandle = setTimeout(kc.onTokenExpired, expiresIn);
1548
+ }
1549
+ }
1550
+ }
1551
+ } else {
1552
+ delete kc.token;
1553
+ delete kc.tokenParsed;
1554
+ delete kc.subject;
1555
+ delete kc.realmAccess;
1556
+ delete kc.resourceAccess;
1557
+ kc.authenticated = false;
1558
+ }
1559
+ }
1560
+ function decodeToken(str) {
1561
+ str = str.split(".")[1];
1562
+ str = str.replace(/-/g, "+");
1563
+ str = str.replace(/_/g, "/");
1564
+ switch (str.length % 4) {
1565
+ case 0:
1566
+ break;
1567
+ case 2:
1568
+ str += "==";
1569
+ break;
1570
+ case 3:
1571
+ str += "=";
1572
+ break;
1573
+ default:
1574
+ throw "Invalid token";
1575
+ }
1576
+ str = decodeURIComponent(escape(atob(str)));
1577
+ str = JSON.parse(str);
1578
+ return str;
1579
+ }
1580
+ function createUUID() {
1581
+ var hexDigits = "0123456789abcdef";
1582
+ var s = generateRandomString(36, hexDigits).split("");
1583
+ s[14] = "4";
1584
+ s[19] = hexDigits.substr(s[19] & 3 | 8, 1);
1585
+ s[8] = s[13] = s[18] = s[23] = "-";
1586
+ var uuid = s.join("");
1587
+ return uuid;
1588
+ }
1589
+ function parseCallback(url) {
1590
+ var oauth = parseCallbackUrl(url);
1591
+ if (!oauth) {
1592
+ return;
1593
+ }
1594
+ var oauthState = callbackStorage.get(oauth.state);
1595
+ if (oauthState) {
1596
+ oauth.valid = true;
1597
+ oauth.redirectUri = oauthState.redirectUri;
1598
+ oauth.storedNonce = oauthState.nonce;
1599
+ oauth.prompt = oauthState.prompt;
1600
+ oauth.pkceCodeVerifier = oauthState.pkceCodeVerifier;
1601
+ }
1602
+ return oauth;
1603
+ }
1604
+ function parseCallbackUrl(url) {
1605
+ var supportedParams;
1606
+ switch (kc.flow) {
1607
+ case "standard":
1608
+ supportedParams = ["code", "state", "session_state", "kc_action_status"];
1609
+ break;
1610
+ case "implicit":
1611
+ supportedParams = ["access_token", "token_type", "id_token", "state", "session_state", "expires_in", "kc_action_status"];
1612
+ break;
1613
+ case "hybrid":
1614
+ supportedParams = ["access_token", "token_type", "id_token", "code", "state", "session_state", "expires_in", "kc_action_status"];
1615
+ break;
1616
+ }
1617
+ supportedParams.push("error");
1618
+ supportedParams.push("error_description");
1619
+ supportedParams.push("error_uri");
1620
+ var queryIndex = url.indexOf("?");
1621
+ var fragmentIndex = url.indexOf("#");
1622
+ var newUrl;
1623
+ var parsed;
1624
+ if (kc.responseMode === "query" && queryIndex !== -1) {
1625
+ newUrl = url.substring(0, queryIndex);
1626
+ parsed = parseCallbackParams(url.substring(queryIndex + 1, fragmentIndex !== -1 ? fragmentIndex : url.length), supportedParams);
1627
+ if (parsed.paramsString !== "") {
1628
+ newUrl += "?" + parsed.paramsString;
1629
+ }
1630
+ if (fragmentIndex !== -1) {
1631
+ newUrl += url.substring(fragmentIndex);
1632
+ }
1633
+ } else if (kc.responseMode === "fragment" && fragmentIndex !== -1) {
1634
+ newUrl = url.substring(0, fragmentIndex);
1635
+ parsed = parseCallbackParams(url.substring(fragmentIndex + 1), supportedParams);
1636
+ if (parsed.paramsString !== "") {
1637
+ newUrl += "#" + parsed.paramsString;
1638
+ }
1639
+ }
1640
+ if (parsed && parsed.oauthParams) {
1641
+ if (kc.flow === "standard" || kc.flow === "hybrid") {
1642
+ if ((parsed.oauthParams.code || parsed.oauthParams.error) && parsed.oauthParams.state) {
1643
+ parsed.oauthParams.newUrl = newUrl;
1644
+ return parsed.oauthParams;
1645
+ }
1646
+ } else if (kc.flow === "implicit") {
1647
+ if ((parsed.oauthParams.access_token || parsed.oauthParams.error) && parsed.oauthParams.state) {
1648
+ parsed.oauthParams.newUrl = newUrl;
1649
+ return parsed.oauthParams;
1650
+ }
1651
+ }
1652
+ }
1653
+ }
1654
+ function parseCallbackParams(paramsString, supportedParams) {
1655
+ var p2 = paramsString.split("&");
1656
+ var result = {
1657
+ paramsString: "",
1658
+ oauthParams: {}
1659
+ };
1660
+ for (var i3 = 0; i3 < p2.length; i3++) {
1661
+ var split = p2[i3].indexOf("=");
1662
+ var key = p2[i3].slice(0, split);
1663
+ if (supportedParams.indexOf(key) !== -1) {
1664
+ result.oauthParams[key] = p2[i3].slice(split + 1);
1665
+ } else {
1666
+ if (result.paramsString !== "") {
1667
+ result.paramsString += "&";
1668
+ }
1669
+ result.paramsString += p2[i3];
1670
+ }
1671
+ }
1672
+ return result;
1673
+ }
1674
+ function createPromise() {
1675
+ var p2 = {
1676
+ setSuccess: function(result) {
1677
+ p2.resolve(result);
1678
+ },
1679
+ setError: function(result) {
1680
+ p2.reject(result);
1681
+ }
1682
+ };
1683
+ p2.promise = new Promise(function(resolve, reject) {
1684
+ p2.resolve = resolve;
1685
+ p2.reject = reject;
1686
+ });
1687
+ p2.promise.success = function(callback) {
1688
+ logPromiseDeprecation();
1689
+ this.then(function handleSuccess(value) {
1690
+ callback(value);
1691
+ });
1692
+ return this;
1693
+ };
1694
+ p2.promise.error = function(callback) {
1695
+ logPromiseDeprecation();
1696
+ this.catch(function handleError(error) {
1697
+ callback(error);
1698
+ });
1699
+ return this;
1700
+ };
1701
+ return p2;
1702
+ }
1703
+ function applyTimeoutToPromise(promise, timeout, errorMessage) {
1704
+ var timeoutHandle = null;
1705
+ var timeoutPromise = new Promise(function(resolve, reject) {
1706
+ timeoutHandle = setTimeout(function() {
1707
+ reject({ "error": errorMessage || "Promise is not settled within timeout of " + timeout + "ms" });
1708
+ }, timeout);
1709
+ });
1710
+ return Promise.race([promise, timeoutPromise]).finally(function() {
1711
+ clearTimeout(timeoutHandle);
1712
+ });
1713
+ }
1714
+ function setupCheckLoginIframe() {
1715
+ var promise = createPromise();
1716
+ if (!loginIframe.enable) {
1717
+ promise.setSuccess();
1718
+ return promise.promise;
1719
+ }
1720
+ if (loginIframe.iframe) {
1721
+ promise.setSuccess();
1722
+ return promise.promise;
1723
+ }
1724
+ var iframe = document.createElement("iframe");
1725
+ loginIframe.iframe = iframe;
1726
+ iframe.onload = function() {
1727
+ var authUrl = kc.endpoints.authorize();
1728
+ if (authUrl.charAt(0) === "/") {
1729
+ loginIframe.iframeOrigin = getOrigin();
1730
+ } else {
1731
+ loginIframe.iframeOrigin = authUrl.substring(0, authUrl.indexOf("/", 8));
1732
+ }
1733
+ promise.setSuccess();
1734
+ };
1735
+ var src = kc.endpoints.checkSessionIframe();
1736
+ iframe.setAttribute("src", src);
1737
+ iframe.setAttribute("title", "keycloak-session-iframe");
1738
+ iframe.style.display = "none";
1739
+ document.body.appendChild(iframe);
1740
+ var messageCallback = function(event) {
1741
+ if (event.origin !== loginIframe.iframeOrigin || loginIframe.iframe.contentWindow !== event.source) {
1742
+ return;
1743
+ }
1744
+ if (!(event.data == "unchanged" || event.data == "changed" || event.data == "error")) {
1745
+ return;
1746
+ }
1747
+ if (event.data != "unchanged") {
1748
+ kc.clearToken();
1749
+ }
1750
+ var callbacks = loginIframe.callbackList.splice(0, loginIframe.callbackList.length);
1751
+ for (var i3 = callbacks.length - 1; i3 >= 0; --i3) {
1752
+ var promise2 = callbacks[i3];
1753
+ if (event.data == "error") {
1754
+ promise2.setError();
1755
+ } else {
1756
+ promise2.setSuccess(event.data == "unchanged");
1757
+ }
1758
+ }
1759
+ };
1760
+ window.addEventListener("message", messageCallback, false);
1761
+ return promise.promise;
1762
+ }
1763
+ function scheduleCheckIframe() {
1764
+ if (loginIframe.enable) {
1765
+ if (kc.token) {
1766
+ setTimeout(function() {
1767
+ checkLoginIframe().then(function(unchanged) {
1768
+ if (unchanged) {
1769
+ scheduleCheckIframe();
1770
+ }
1771
+ });
1772
+ }, loginIframe.interval * 1e3);
1773
+ }
1774
+ }
1775
+ }
1776
+ function checkLoginIframe() {
1777
+ var promise = createPromise();
1778
+ if (loginIframe.iframe && loginIframe.iframeOrigin) {
1779
+ var msg = kc.clientId + " " + (kc.sessionId ? kc.sessionId : "");
1780
+ loginIframe.callbackList.push(promise);
1781
+ var origin = loginIframe.iframeOrigin;
1782
+ if (loginIframe.callbackList.length == 1) {
1783
+ loginIframe.iframe.contentWindow.postMessage(msg, origin);
1784
+ }
1785
+ } else {
1786
+ promise.setSuccess();
1787
+ }
1788
+ return promise.promise;
1789
+ }
1790
+ function check3pCookiesSupported() {
1791
+ var promise = createPromise();
1792
+ if (loginIframe.enable || kc.silentCheckSsoRedirectUri) {
1793
+ var iframe = document.createElement("iframe");
1794
+ iframe.setAttribute("src", kc.endpoints.thirdPartyCookiesIframe());
1795
+ iframe.setAttribute("title", "keycloak-3p-check-iframe");
1796
+ iframe.style.display = "none";
1797
+ document.body.appendChild(iframe);
1798
+ var messageCallback = function(event) {
1799
+ if (iframe.contentWindow !== event.source) {
1800
+ return;
1801
+ }
1802
+ if (event.data !== "supported" && event.data !== "unsupported") {
1803
+ return;
1804
+ } else if (event.data === "unsupported") {
1805
+ loginIframe.enable = false;
1806
+ if (kc.silentCheckSsoFallback) {
1807
+ kc.silentCheckSsoRedirectUri = false;
1808
+ }
1809
+ logWarn("[KEYCLOAK] 3rd party cookies aren't supported by this browser. checkLoginIframe and silent check-sso are not available.");
1810
+ }
1811
+ document.body.removeChild(iframe);
1812
+ window.removeEventListener("message", messageCallback);
1813
+ promise.setSuccess();
1814
+ };
1815
+ window.addEventListener("message", messageCallback, false);
1816
+ } else {
1817
+ promise.setSuccess();
1818
+ }
1819
+ return applyTimeoutToPromise(promise.promise, kc.messageReceiveTimeout, "Timeout when waiting for 3rd party check iframe message.");
1820
+ }
1821
+ function loadAdapter(type) {
1822
+ if (!type || type == "default") {
1823
+ return {
1824
+ login: function(options) {
1825
+ window.location.assign(kc.createLoginUrl(options));
1826
+ return createPromise().promise;
1827
+ },
1828
+ logout: function(options) {
1829
+ window.location.replace(kc.createLogoutUrl(options));
1830
+ return createPromise().promise;
1831
+ },
1832
+ register: function(options) {
1833
+ window.location.assign(kc.createRegisterUrl(options));
1834
+ return createPromise().promise;
1835
+ },
1836
+ accountManagement: function() {
1837
+ var accountUrl = kc.createAccountUrl();
1838
+ if (typeof accountUrl !== "undefined") {
1839
+ window.location.href = accountUrl;
1840
+ } else {
1841
+ throw "Not supported by the OIDC server";
1842
+ }
1843
+ return createPromise().promise;
1844
+ },
1845
+ redirectUri: function(options, encodeHash) {
1846
+ if (options && options.redirectUri) {
1847
+ return options.redirectUri;
1848
+ } else if (kc.redirectUri) {
1849
+ return kc.redirectUri;
1850
+ } else {
1851
+ return location.href;
1852
+ }
1853
+ }
1854
+ };
1855
+ }
1856
+ if (type == "cordova") {
1857
+ loginIframe.enable = false;
1858
+ var cordovaOpenWindowWrapper = function(loginUrl, target, options) {
1859
+ if (window.cordova && window.cordova.InAppBrowser) {
1860
+ return window.cordova.InAppBrowser.open(loginUrl, target, options);
1861
+ } else {
1862
+ return window.open(loginUrl, target, options);
1863
+ }
1864
+ };
1865
+ var shallowCloneCordovaOptions = function(userOptions) {
1866
+ if (userOptions && userOptions.cordovaOptions) {
1867
+ return Object.keys(userOptions.cordovaOptions).reduce(function(options, optionName) {
1868
+ options[optionName] = userOptions.cordovaOptions[optionName];
1869
+ return options;
1870
+ }, {});
1871
+ } else {
1872
+ return {};
1873
+ }
1874
+ };
1875
+ var formatCordovaOptions = function(cordovaOptions) {
1876
+ return Object.keys(cordovaOptions).reduce(function(options, optionName) {
1877
+ options.push(optionName + "=" + cordovaOptions[optionName]);
1878
+ return options;
1879
+ }, []).join(",");
1880
+ };
1881
+ var createCordovaOptions = function(userOptions) {
1882
+ var cordovaOptions = shallowCloneCordovaOptions(userOptions);
1883
+ cordovaOptions.location = "no";
1884
+ if (userOptions && userOptions.prompt == "none") {
1885
+ cordovaOptions.hidden = "yes";
1886
+ }
1887
+ return formatCordovaOptions(cordovaOptions);
1888
+ };
1889
+ var cordovaRedirectUri = kc.redirectUri || "http://localhost";
1890
+ return {
1891
+ login: function(options) {
1892
+ var promise = createPromise();
1893
+ var cordovaOptions = createCordovaOptions(options);
1894
+ var loginUrl = kc.createLoginUrl(options);
1895
+ var ref = cordovaOpenWindowWrapper(loginUrl, "_blank", cordovaOptions);
1896
+ var completed = false;
1897
+ var closed = false;
1898
+ var closeBrowser = function() {
1899
+ closed = true;
1900
+ ref.close();
1901
+ };
1902
+ ref.addEventListener("loadstart", function(event) {
1903
+ if (event.url.indexOf(cordovaRedirectUri) == 0) {
1904
+ var callback = parseCallback(event.url);
1905
+ processCallback(callback, promise);
1906
+ closeBrowser();
1907
+ completed = true;
1908
+ }
1909
+ });
1910
+ ref.addEventListener("loaderror", function(event) {
1911
+ if (!completed) {
1912
+ if (event.url.indexOf(cordovaRedirectUri) == 0) {
1913
+ var callback = parseCallback(event.url);
1914
+ processCallback(callback, promise);
1915
+ closeBrowser();
1916
+ completed = true;
1917
+ } else {
1918
+ promise.setError();
1919
+ closeBrowser();
1920
+ }
1921
+ }
1922
+ });
1923
+ ref.addEventListener("exit", function(event) {
1924
+ if (!closed) {
1925
+ promise.setError({
1926
+ reason: "closed_by_user"
1927
+ });
1928
+ }
1929
+ });
1930
+ return promise.promise;
1931
+ },
1932
+ logout: function(options) {
1933
+ var promise = createPromise();
1934
+ var logoutUrl = kc.createLogoutUrl(options);
1935
+ var ref = cordovaOpenWindowWrapper(logoutUrl, "_blank", "location=no,hidden=yes,clearcache=yes");
1936
+ var error;
1937
+ ref.addEventListener("loadstart", function(event) {
1938
+ if (event.url.indexOf(cordovaRedirectUri) == 0) {
1939
+ ref.close();
1940
+ }
1941
+ });
1942
+ ref.addEventListener("loaderror", function(event) {
1943
+ if (event.url.indexOf(cordovaRedirectUri) == 0) {
1944
+ ref.close();
1945
+ } else {
1946
+ error = true;
1947
+ ref.close();
1948
+ }
1949
+ });
1950
+ ref.addEventListener("exit", function(event) {
1951
+ if (error) {
1952
+ promise.setError();
1953
+ } else {
1954
+ kc.clearToken();
1955
+ promise.setSuccess();
1956
+ }
1957
+ });
1958
+ return promise.promise;
1959
+ },
1960
+ register: function(options) {
1961
+ var promise = createPromise();
1962
+ var registerUrl = kc.createRegisterUrl();
1963
+ var cordovaOptions = createCordovaOptions(options);
1964
+ var ref = cordovaOpenWindowWrapper(registerUrl, "_blank", cordovaOptions);
1965
+ ref.addEventListener("loadstart", function(event) {
1966
+ if (event.url.indexOf(cordovaRedirectUri) == 0) {
1967
+ ref.close();
1968
+ var oauth = parseCallback(event.url);
1969
+ processCallback(oauth, promise);
1970
+ }
1971
+ });
1972
+ return promise.promise;
1973
+ },
1974
+ accountManagement: function() {
1975
+ var accountUrl = kc.createAccountUrl();
1976
+ if (typeof accountUrl !== "undefined") {
1977
+ var ref = cordovaOpenWindowWrapper(accountUrl, "_blank", "location=no");
1978
+ ref.addEventListener("loadstart", function(event) {
1979
+ if (event.url.indexOf(cordovaRedirectUri) == 0) {
1980
+ ref.close();
1981
+ }
1982
+ });
1983
+ } else {
1984
+ throw "Not supported by the OIDC server";
1985
+ }
1986
+ },
1987
+ redirectUri: function(options) {
1988
+ return cordovaRedirectUri;
1989
+ }
1990
+ };
1991
+ }
1992
+ if (type == "cordova-native") {
1993
+ loginIframe.enable = false;
1994
+ return {
1995
+ login: function(options) {
1996
+ var promise = createPromise();
1997
+ var loginUrl = kc.createLoginUrl(options);
1998
+ universalLinks.subscribe("keycloak", function(event) {
1999
+ universalLinks.unsubscribe("keycloak");
2000
+ window.cordova.plugins.browsertab.close();
2001
+ var oauth = parseCallback(event.url);
2002
+ processCallback(oauth, promise);
2003
+ });
2004
+ window.cordova.plugins.browsertab.openUrl(loginUrl);
2005
+ return promise.promise;
2006
+ },
2007
+ logout: function(options) {
2008
+ var promise = createPromise();
2009
+ var logoutUrl = kc.createLogoutUrl(options);
2010
+ universalLinks.subscribe("keycloak", function(event) {
2011
+ universalLinks.unsubscribe("keycloak");
2012
+ window.cordova.plugins.browsertab.close();
2013
+ kc.clearToken();
2014
+ promise.setSuccess();
2015
+ });
2016
+ window.cordova.plugins.browsertab.openUrl(logoutUrl);
2017
+ return promise.promise;
2018
+ },
2019
+ register: function(options) {
2020
+ var promise = createPromise();
2021
+ var registerUrl = kc.createRegisterUrl(options);
2022
+ universalLinks.subscribe("keycloak", function(event) {
2023
+ universalLinks.unsubscribe("keycloak");
2024
+ window.cordova.plugins.browsertab.close();
2025
+ var oauth = parseCallback(event.url);
2026
+ processCallback(oauth, promise);
2027
+ });
2028
+ window.cordova.plugins.browsertab.openUrl(registerUrl);
2029
+ return promise.promise;
2030
+ },
2031
+ accountManagement: function() {
2032
+ var accountUrl = kc.createAccountUrl();
2033
+ if (typeof accountUrl !== "undefined") {
2034
+ window.cordova.plugins.browsertab.openUrl(accountUrl);
2035
+ } else {
2036
+ throw "Not supported by the OIDC server";
2037
+ }
2038
+ },
2039
+ redirectUri: function(options) {
2040
+ if (options && options.redirectUri) {
2041
+ return options.redirectUri;
2042
+ } else if (kc.redirectUri) {
2043
+ return kc.redirectUri;
2044
+ } else {
2045
+ return "http://localhost";
2046
+ }
2047
+ }
2048
+ };
2049
+ }
2050
+ throw "invalid adapter type: " + type;
2051
+ }
2052
+ var LocalStorage = function() {
2053
+ if (!(this instanceof LocalStorage)) {
2054
+ return new LocalStorage();
2055
+ }
2056
+ localStorage.setItem("kc-test", "test");
2057
+ localStorage.removeItem("kc-test");
2058
+ var cs = this;
2059
+ function clearExpired() {
2060
+ var time = new Date().getTime();
2061
+ for (var i3 = 0; i3 < localStorage.length; i3++) {
2062
+ var key = localStorage.key(i3);
2063
+ if (key && key.indexOf("kc-callback-") == 0) {
2064
+ var value = localStorage.getItem(key);
2065
+ if (value) {
2066
+ try {
2067
+ var expires = JSON.parse(value).expires;
2068
+ if (!expires || expires < time) {
2069
+ localStorage.removeItem(key);
2070
+ }
2071
+ } catch (err) {
2072
+ localStorage.removeItem(key);
2073
+ }
2074
+ }
2075
+ }
2076
+ }
2077
+ }
2078
+ cs.get = function(state) {
2079
+ if (!state) {
2080
+ return;
2081
+ }
2082
+ var key = "kc-callback-" + state;
2083
+ var value = localStorage.getItem(key);
2084
+ if (value) {
2085
+ localStorage.removeItem(key);
2086
+ value = JSON.parse(value);
2087
+ }
2088
+ clearExpired();
2089
+ return value;
2090
+ };
2091
+ cs.add = function(state) {
2092
+ clearExpired();
2093
+ var key = "kc-callback-" + state.state;
2094
+ state.expires = new Date().getTime() + 60 * 60 * 1e3;
2095
+ localStorage.setItem(key, JSON.stringify(state));
2096
+ };
2097
+ };
2098
+ var CookieStorage = function() {
2099
+ if (!(this instanceof CookieStorage)) {
2100
+ return new CookieStorage();
2101
+ }
2102
+ var cs = this;
2103
+ cs.get = function(state) {
2104
+ if (!state) {
2105
+ return;
2106
+ }
2107
+ var value = getCookie("kc-callback-" + state);
2108
+ setCookie("kc-callback-" + state, "", cookieExpiration(-100));
2109
+ if (value) {
2110
+ return JSON.parse(value);
2111
+ }
2112
+ };
2113
+ cs.add = function(state) {
2114
+ setCookie("kc-callback-" + state.state, JSON.stringify(state), cookieExpiration(60));
2115
+ };
2116
+ cs.removeItem = function(key) {
2117
+ setCookie(key, "", cookieExpiration(-100));
2118
+ };
2119
+ var cookieExpiration = function(minutes) {
2120
+ var exp = new Date();
2121
+ exp.setTime(exp.getTime() + minutes * 60 * 1e3);
2122
+ return exp;
2123
+ };
2124
+ var getCookie = function(key) {
2125
+ var name = key + "=";
2126
+ var ca = document.cookie.split(";");
2127
+ for (var i3 = 0; i3 < ca.length; i3++) {
2128
+ var c = ca[i3];
2129
+ while (c.charAt(0) == " ") {
2130
+ c = c.substring(1);
2131
+ }
2132
+ if (c.indexOf(name) == 0) {
2133
+ return c.substring(name.length, c.length);
2134
+ }
2135
+ }
2136
+ return "";
2137
+ };
2138
+ var setCookie = function(key, value, expirationDate) {
2139
+ var cookie = key + "=" + value + "; expires=" + expirationDate.toUTCString() + "; ";
2140
+ document.cookie = cookie;
2141
+ };
2142
+ };
2143
+ function createCallbackStorage() {
2144
+ try {
2145
+ return new LocalStorage();
2146
+ } catch (err) {
2147
+ }
2148
+ return new CookieStorage();
2149
+ }
2150
+ function createLogger(fn) {
2151
+ return function() {
2152
+ if (kc.enableLogging) {
2153
+ fn.apply(console, Array.prototype.slice.call(arguments));
2154
+ }
2155
+ };
2156
+ }
2157
+ }
2158
+ const log = log$1.Log.module("@deephaven/js-plugin-auth-keycloak.AuthPluginKeycloak");
2159
+ const OIDC_AUTH_TYPE = "io.deephaven.authentication.oidc.OidcAuthenticationHandler";
2160
+ const BASE_URL_PROPERTY = "authentication.oidc.keycloak.url";
2161
+ const REALM_PROPERTY = "authentication.oidc.keycloak.realm";
2162
+ const CLIENT_ID_PROPERTY = "authentication.oidc.keycloak.clientId";
2163
+ function Component({
2164
+ authConfigValues,
2165
+ children
2166
+ }) {
2167
+ const getConfig = require$$1.useCallback(
2168
+ (key) => {
2169
+ const value = authConfigValues.get(key);
2170
+ if (value == null) {
2171
+ throw new Error(
2172
+ `Keycloak config value ${key} not specified by the server`
2173
+ );
2174
+ }
2175
+ return value;
2176
+ },
2177
+ [authConfigValues]
2178
+ );
2179
+ const keycloak = require$$1.useMemo(() => {
2180
+ const url = getConfig(BASE_URL_PROPERTY);
2181
+ const realm = getConfig(REALM_PROPERTY);
2182
+ const clientId = getConfig(CLIENT_ID_PROPERTY);
2183
+ return new Keycloak({ realm, url, clientId });
2184
+ }, [getConfig]);
2185
+ const getLoginOptions = require$$1.useCallback(async () => {
2186
+ const authenticated = await keycloak.init({
2187
+ pkceMethod: "S256",
2188
+ checkLoginIframe: false
2189
+ });
2190
+ if (!authenticated) {
2191
+ log.info(
2192
+ "User isn't logged in, redirecting to IDP for authentication..."
2193
+ );
2194
+ await keycloak.login({});
2195
+ }
2196
+ log.info("Authenticated with Keycloak API. Logging into Deephaven...");
2197
+ return { type: OIDC_AUTH_TYPE, token: keycloak.token };
2198
+ }, [keycloak]);
2199
+ const onLogin = require$$1.useCallback(() => {
2200
+ log.debug("Received login event");
2201
+ }, []);
2202
+ const onLogout = require$$1.useCallback(async () => {
2203
+ log.info("onLogout received");
2204
+ try {
2205
+ await keycloak.logout({});
2206
+ log.info("logged out");
2207
+ } catch (e) {
2208
+ log.error("Unable to logout of keycloak:", e);
2209
+ }
2210
+ }, [keycloak]);
2211
+ jsapiComponents.useBroadcastLoginListener(onLogin, onLogout);
2212
+ return /* @__PURE__ */ jsxRuntimeExports.jsx(authPlugins.AuthPluginBase, { getLoginOptions, children });
2213
+ }
2214
+ const AuthPluginKeycloak = {
2215
+ Component,
2216
+ isAvailable: (authHandlers) => authHandlers.includes(OIDC_AUTH_TYPE)
2217
+ };
2218
+ exports.AuthPlugin = AuthPluginKeycloak;