@descope/web-js-sdk 1.39.0 → 1.40.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/index.cjs.js +1 -1
- package/dist/cjs/index.cjs.js.map +1 -1
- package/dist/index.d.ts +12 -12
- package/dist/index.esm.js +1 -1
- package/dist/index.esm.js.map +1 -1
- package/dist/index.umd.js +2 -2
- package/dist/index.umd.js.map +1 -1
- package/package.json +2 -2
package/dist/index.d.ts
CHANGED
|
@@ -199,10 +199,10 @@ declare const decoratedCreateSdk: <A extends CookieConfig>({ persistTokens: isPe
|
|
|
199
199
|
}, "loginId" | "name">;
|
|
200
200
|
}, conditionInteractionId?: string, interactionId?: string, componentsVersion?: string, flowVersions?: Record<string, number>, input?: {
|
|
201
201
|
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
|
|
202
|
-
}) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
202
|
+
}, isCustomScreen?: any) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
203
203
|
next: (executionId: string, stepId: string, interactionId: string, version?: number, componentsVersion?: string, input?: {
|
|
204
204
|
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
|
|
205
|
-
}) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
205
|
+
}, isCustomScreen?: any) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
206
206
|
};
|
|
207
207
|
webauthn: {
|
|
208
208
|
signUp: ((identifier: string, name: string, passkeyOptions?: _descope_core_js_sdk.PasskeyOptions) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.JWTResponse>>) & {
|
|
@@ -845,10 +845,10 @@ declare const decoratedCreateSdk: <A extends CookieConfig>({ persistTokens: isPe
|
|
|
845
845
|
}, "loginId" | "name">;
|
|
846
846
|
}, conditionInteractionId?: string, interactionId?: string, componentsVersion?: string, flowVersions?: Record<string, number>, input?: {
|
|
847
847
|
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
|
|
848
|
-
}) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
848
|
+
}, isCustomScreen?: any) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
849
849
|
next: (executionId: string, stepId: string, interactionId: string, version?: number, componentsVersion?: string, input?: {
|
|
850
850
|
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
|
|
851
|
-
}) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
851
|
+
}, isCustomScreen?: any) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
852
852
|
};
|
|
853
853
|
webauthn: {
|
|
854
854
|
signUp: ((identifier: string, name: string, passkeyOptions?: _descope_core_js_sdk.PasskeyOptions) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.JWTResponse>>) & {
|
|
@@ -1491,10 +1491,10 @@ declare const decoratedCreateSdk: <A extends CookieConfig>({ persistTokens: isPe
|
|
|
1491
1491
|
}, "loginId" | "name">;
|
|
1492
1492
|
}, conditionInteractionId?: string, interactionId?: string, componentsVersion?: string, flowVersions?: Record<string, number>, input?: {
|
|
1493
1493
|
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
|
|
1494
|
-
}) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
1494
|
+
}, isCustomScreen?: any) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
1495
1495
|
next: (executionId: string, stepId: string, interactionId: string, version?: number, componentsVersion?: string, input?: {
|
|
1496
1496
|
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
|
|
1497
|
-
}) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
1497
|
+
}, isCustomScreen?: any) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
1498
1498
|
};
|
|
1499
1499
|
webauthn: {
|
|
1500
1500
|
signUp: ((identifier: string, name: string, passkeyOptions?: _descope_core_js_sdk.PasskeyOptions) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.JWTResponse>>) & {
|
|
@@ -2145,10 +2145,10 @@ declare const decoratedCreateSdk: <A extends CookieConfig>({ persistTokens: isPe
|
|
|
2145
2145
|
}, "loginId" | "name">;
|
|
2146
2146
|
}, conditionInteractionId?: string, interactionId?: string, componentsVersion?: string, flowVersions?: Record<string, number>, input?: {
|
|
2147
2147
|
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
|
|
2148
|
-
}) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
2148
|
+
}, isCustomScreen?: any) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
2149
2149
|
next: (executionId: string, stepId: string, interactionId: string, version?: number, componentsVersion?: string, input?: {
|
|
2150
2150
|
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
|
|
2151
|
-
}) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
2151
|
+
}, isCustomScreen?: any) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
2152
2152
|
};
|
|
2153
2153
|
webauthn: {
|
|
2154
2154
|
signUp: ((identifier: string, name: string, passkeyOptions?: _descope_core_js_sdk.PasskeyOptions) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.JWTResponse>>) & {
|
|
@@ -2791,10 +2791,10 @@ declare const decoratedCreateSdk: <A extends CookieConfig>({ persistTokens: isPe
|
|
|
2791
2791
|
}, "loginId" | "name">;
|
|
2792
2792
|
}, conditionInteractionId?: string, interactionId?: string, componentsVersion?: string, flowVersions?: Record<string, number>, input?: {
|
|
2793
2793
|
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
|
|
2794
|
-
}) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
2794
|
+
}, isCustomScreen?: any) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
2795
2795
|
next: (executionId: string, stepId: string, interactionId: string, version?: number, componentsVersion?: string, input?: {
|
|
2796
2796
|
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
|
|
2797
|
-
}) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
2797
|
+
}, isCustomScreen?: any) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
2798
2798
|
};
|
|
2799
2799
|
webauthn: {
|
|
2800
2800
|
signUp: ((identifier: string, name: string, passkeyOptions?: _descope_core_js_sdk.PasskeyOptions) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.JWTResponse>>) & {
|
|
@@ -3437,10 +3437,10 @@ declare const decoratedCreateSdk: <A extends CookieConfig>({ persistTokens: isPe
|
|
|
3437
3437
|
}, "loginId" | "name">;
|
|
3438
3438
|
}, conditionInteractionId?: string, interactionId?: string, componentsVersion?: string, flowVersions?: Record<string, number>, input?: {
|
|
3439
3439
|
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
|
|
3440
|
-
}) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
3440
|
+
}, isCustomScreen?: any) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
3441
3441
|
next: (executionId: string, stepId: string, interactionId: string, version?: number, componentsVersion?: string, input?: {
|
|
3442
3442
|
[x: string]: string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | (string | number | boolean | any)[])[])[])[])[])[])[])[])[])[])[];
|
|
3443
|
-
}) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
3443
|
+
}, isCustomScreen?: any) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.FlowResponse>>;
|
|
3444
3444
|
};
|
|
3445
3445
|
webauthn: {
|
|
3446
3446
|
signUp: ((identifier: string, name: string, passkeyOptions?: _descope_core_js_sdk.PasskeyOptions) => Promise<_descope_core_js_sdk.SdkResponse<_descope_core_js_sdk.JWTResponse>>) & {
|
package/dist/index.esm.js
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
import{__rest as e}from"tslib";import{jwtDecode as t}from"jwt-decode";import n,{wrapWith as o}from"@descope/core-js-sdk";import i from"js-cookie";import{load as r,defaultEndpoint as a,defaultScriptUrlPattern as s}from"@fingerprintjs/fingerprintjs-pro";let l;const c=e=>{try{return t(e).exp}catch(e){return null}},d=e=>{const{refresh_expire_in:t,refresh_token:n}=e;return t?Math.floor(Date.now()/1e3)+t:c(n)},u=e=>{const{expires_in:t,expires_at:n,access_token:o}=e;return n||(t?Math.floor(Date.now()/1e3)+t:o?c(o):void 0)},p=t=>{const{access_token:n,id_token:o,refresh_token:i,refresh_expire_in:r}=t,a=e(t,["access_token","id_token","refresh_token","refresh_expire_in"]);return Object.assign({sessionJwt:t.sessionJwt||n,idToken:o,refreshJwt:t.refreshJwt||i,sessionExpiration:t.sessionExpiration||u(t),cookieExpiration:t.cookieExpiration||d(t)},a)},g=(e,t)=>{var n;return["beforeRequest","afterRequest"].reduce(((n,o)=>{var i;return n[o]=[].concat((null===(i=e.hooks)||void 0===i?void 0:i[o])||[]).concat((null==t?void 0:t[o])||[]),n}),null!==(n=e.hooks)&&void 0!==n?n:e.hooks={}),e},f=async e=>{if(!(null==e?void 0:e.ok))return{};const t=await(null==e?void 0:e.clone().json()),n=(null==t?void 0:t.authInfo)||t||{};return p(n)},w=()=>"undefined"!=typeof window&&!!window.descopeBridge,v=void 0!==l||"undefined"!=typeof localStorage,h=(e,t)=>{var n,o;return null===(o=null===(n=l||localStorage)||void 0===n?void 0:n.setItem)||void 0===o?void 0:o.call(n,e,t)},y=e=>{var t,n;return null===(n=null===(t=l||localStorage)||void 0===t?void 0:t.getItem)||void 0===n?void 0:n.call(t,e)},m=e=>{var t,n;return null===(n=null===(t=l||localStorage)||void 0===t?void 0:t.removeItem)||void 0===n?void 0:n.call(t,e)},b=e=>{var t,n,o,i;return null!==(i=null!==(n=null===(t=null==l?void 0:l.key)||void 0===t?void 0:t.call(l,e))&&void 0!==n?n:null===(o=null===localStorage||void 0===localStorage?void 0:localStorage.key)||void 0===o?void 0:o.call(localStorage,e))&&void 0!==i?i:null},k=(...e)=>{console.debug(...e)},S="3.2.0",I="undefined"!=typeof window,_=Math.pow(2,31)-1,O=`https://descopecdn.com/npm/oidc-client-ts@${S}/dist/browser/oidc-client-ts.min.js`,x=`https://cdn.jsdelivr.net/npm/oidc-client-ts@${S}/dist/browser/oidc-client-ts.min.js`,U=e=>{let t=((n=e)?n.getTime()-(new Date).getTime():0)-2e4;var n;return t>_&&(k(`Timeout is too large (${t}ms), setting it to ${_}ms`),t=_),t},C="DS",j="DSR",D="DSI";function R(e,t,n){if(t){const{cookieDomain:o,cookiePath:r,cookieSameSite:a,cookieExpiration:s,cookieSecure:l}=n,c=new Date(1e3*s),d=function(e){const t=window.location.hostname.split("."),n=e.split(".");return t.slice(-n.length).join(".")===e}(o);i.set(e,t,{path:r,domain:d?o:void 0,expires:c,sameSite:a,secure:l})}}const T=e=>(null==e?void 0:e.cookieName)||C;function A(e=""){return y(`${e}${j}`)||""}function E(e="",t){return i.get(T(t))||y(`${e}${C}`)||""}function $(e=""){return y(`${e}${D}`)||""}function J(e="",t){m(`${e}${j}`),m(`${e}${C}`),m(`${e}${D}`);const n=T(t);i.remove(n)}const L=I&&(null===localStorage||void 0===localStorage?void 0:localStorage.getItem("fingerprint.endpoint.url"))||"https://api.descope.com",N="vsid",P="vrid",q="fp",K=(e=!1)=>{const t=y(q);if(!t)return null;const n=JSON.parse(t);return(new Date).getTime()>n.expiry&&!e?null:n.value},F=async(e,t=L)=>{try{if(K())return;const n=(Date.now().toString(36)+Math.random().toString(36).substring(2)+Math.random().toString(36).substring(2)).substring(0,27),o=new URL(t);o.pathname="/fXj8gt3x8VulJBna/x96Emn69oZwcd7I6";const i=new URL(t);i.pathname="/fXj8gt3x8VulJBna/w78aRZnnDZ3Aqw0I";const l=i.toString()+"?apiKey=<apiKey>&version=<version>&loaderVersion=<loaderVersion>",c=r({apiKey:e,endpoint:[o.toString(),a],scriptUrlPattern:[l,s]}),d=await c,{requestId:u}=await d.get({linkedId:n}),p=((e,t)=>({[N]:e,[P]:t}))(n,u);(e=>{const t={value:e,expiry:(new Date).getTime()+864e5};h(q,JSON.stringify(t))})(p)}catch(e){console.warn("Could not load fingerprint",e)}},V=()=>{m(q)},M=e=>{const t=K(!0);return t&&e.body&&(e.body.fpData=t),e},B="descopeFlowNonce",H="X-Descope-Flow-Nonce",G="/v1/flow/start",W="/v1/flow/next",X=(e,t=B)=>`${t}${e}`,Z=(e,t=B)=>{try{const n=X(e,t);m(n)}catch(e){console.error("Error removing flow nonce:",e)}},z=e=>{var t;return(null===(t=/.*\|#\|(.*)/.exec(e))||void 0===t?void 0:t[1])||null},Q=e=>{var t;return e.path===W&&(null===(t=e.body)||void 0===t?void 0:t.executionId)?z(e.body.executionId):null},Y="dls_last_user_login_id",ee="dls_last_user_display_name",te=e=>h(Y,e),ne=()=>y(Y),oe=()=>y(ee),ie=e=>async(...t)=>{var n;t[1]=t[1]||{};const[,o={}]=t,i=ne(),r=oe();i&&(null!==(n=o.lastAuth)&&void 0!==n||(o.lastAuth={}),o.lastAuth.loginId=i,o.lastAuth.name=r);return await e(...t)},re=e=>t=>async(...n)=>{const o=await t(...n);return e||(m(Y),m(ee)),o};function ae(){const e=[];return{pub:t=>{e.forEach((e=>e(t)))},sub:t=>{const n=e.push(t)-1;return()=>e.splice(n,1)}}}const se=(e,t)=>n=>async(...o)=>{const i=await n(...o);return J(e,t),i};async function le(e){const t=function(e){var t;const n=JSON.parse(e);return n.publicKey.challenge=fe(n.publicKey.challenge),n.publicKey.user.id=fe(n.publicKey.user.id),null===(t=n.publicKey.excludeCredentials)||void 0===t||t.forEach((e=>{e.id=fe(e.id)})),n}(e),n=await navigator.credentials.create(t);return o=n,JSON.stringify({id:o.id,rawId:we(o.rawId),type:o.type,response:{attestationObject:we(o.response.attestationObject),clientDataJSON:we(o.response.clientDataJSON)}});var o}async function ce(e){const t=pe(e);return ge(await navigator.credentials.get(t))}async function de(e,t){const n=pe(e);n.signal=t.signal,n.mediation="conditional";return ge(await navigator.credentials.get(n))}async function ue(e=!1){var t,n;if(!I)return Promise.resolve(!1);if(w()){const e=null===(n=null===(t=window.descopeBridge)||void 0===t?void 0:t.hostInfo)||void 0===n?void 0:n.webauthn;if("boolean"==typeof e)return e}const o=!!(window.PublicKeyCredential&&navigator.credentials&&navigator.credentials.create&&navigator.credentials.get);return o&&e&&PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable?PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable():o}function pe(e){var t;const n=JSON.parse(e);return n.publicKey.challenge=fe(n.publicKey.challenge),null===(t=n.publicKey.allowCredentials)||void 0===t||t.forEach((e=>{e.id=fe(e.id)})),n}function ge(e){return JSON.stringify({id:e.id,rawId:we(e.rawId),type:e.type,response:{authenticatorData:we(e.response.authenticatorData),clientDataJSON:we(e.response.clientDataJSON),signature:we(e.response.signature),userHandle:e.response.userHandle?we(e.response.userHandle):void 0}})}function fe(e){const t=e.replace(/_/g,"/").replace(/-/g,"+");return Uint8Array.from(atob(t),(e=>e.charCodeAt(0))).buffer}function we(e){return btoa(String.fromCharCode.apply(null,new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=/g,"")}var ve,he=(ve=e=>({async signUp(t,n,o){const i=await e.webauthn.signUp.start(t,window.location.origin,n,o);if(!i.ok)return i;const r=await le(i.data.options);return await e.webauthn.signUp.finish(i.data.transactionId,r)},async signIn(t,n){const o=await e.webauthn.signIn.start(t,window.location.origin,void 0,void 0,n);if(!o.ok)return o;const i=await ce(o.data.options);return await e.webauthn.signIn.finish(o.data.transactionId,i)},async signUpOrIn(t,n){var o;const i=await e.webauthn.signUpOrIn.start(t,window.location.origin,n);if(!i.ok)return i;if(null===(o=i.data)||void 0===o?void 0:o.create){const t=await le(i.data.options);return await e.webauthn.signUp.finish(i.data.transactionId,t)}{const t=await ce(i.data.options);return await e.webauthn.signIn.finish(i.data.transactionId,t)}},async update(t,n,o){const i=await e.webauthn.update.start(t,window.location.origin,n,o);if(!i.ok)return i;const r=await le(i.data.options);return await e.webauthn.update.finish(i.data.transactionId,r)},helpers:{create:le,get:ce,isSupported:ue,conditional:de}}),(...e)=>{const t=ve(...e);return Object.assign(t.signUp,e[0].webauthn.signUp),Object.assign(t.signIn,e[0].webauthn.signIn),Object.assign(t.signUpOrIn,e[0].webauthn.signUpOrIn),Object.assign(t.update,e[0].webauthn.update),t});const ye={config:"/fedcm/config"},me=()=>{if(window.crypto&&window.crypto.getRandomValues){const e=new Uint8Array(16);return window.crypto.getRandomValues(e),Array.from(e,(e=>e.toString(16).padStart(2,"0"))).join("")}return Math.random().toString(36).substring(2)};async function be(e,t){var n;try{await ke(e,t)}catch(e){null===(n=null==t?void 0:t.onFailed)||void 0===n||n.call(t,e)}}async function ke(e,t){var n,o;const i=await async function(e,t="google",n,o,i){const r=me(),a=await async function(){return new Promise(((e,t)=>{if(window.google)return void e(window.google.accounts.id);let n=document.getElementById("google-gsi-client-script");n||(n=document.createElement("script"),document.head.appendChild(n),n.async=!0,n.defer=!0,n.id="google-gsi-client-script",n.src="https://accounts.google.com/gsi/client"),n.onload=function(){window.google?e(window.google.accounts.id):t("Failed to load Google GSI client script - not loaded properly")},n.onerror=function(){t("Failed to load Google GSI client script - failed to load")}}))}(),s=await e.oauth.getOneTapClientId(t);if(!s.ok)throw new Error("Failed to get OneTap client ID for provider "+t);const l=s.data.clientId;return new Promise((e=>{var s,c;const d=n=>{e({provider:t,nonce:r,credential:null==n?void 0:n.credential})};a.initialize(Object.assign(Object.assign({},n),{itp_support:null===(s=null==n?void 0:n.itp_support)||void 0===s||s,use_fedcm_for_prompt:null===(c=null==n?void 0:n.use_fedcm_for_prompt)||void 0===c||c,client_id:l,callback:d,nonce:r})),a.prompt((e=>{var t,n;if(i&&(null==e?void 0:e.isDismissedMoment())){const n=null===(t=e.getDismissedReason)||void 0===t?void 0:t.call(e);return null==i||i(n),void d()}if(o&&(null==e?void 0:e.isSkippedMoment())){const t=null===(n=e.getSkippedReason)||void 0===n?void 0:n.call(e);return null==o||o(t),void d()}}))}))}(e,t.provider,t.oneTapConfig,t.onSkipped,t.onDismissed);if(!i.credential)return null;if(null==t?void 0:t.onCodeReceived){const o=await e.oauth.verifyOneTapIDToken(i.provider,i.credential,i.nonce,null==t?void 0:t.loginOptions);if(!o.ok||!o.data)throw new Error("Failed to verify OneTap client ID for provider "+i.provider);null===(n=null==t?void 0:t.onCodeReceived)||void 0===n||n.call(t,o.data.code)}else{const n=await e.oauth.exchangeOneTapIDToken(i.provider,i.credential,i.nonce,null==t?void 0:t.loginOptions);if(!n.ok||!n.data)throw new Error("Failed to exchange OneTap client ID for provider "+i.provider);null===(o=null==t?void 0:t.onAuthenticated)||void 0===o||o.call(t,n.data)}}var Se=e=>Object.assign(Object.assign({},e.flow),{start:async(...t)=>{const n=await ue(),o=Object.assign(Object.assign({location:window.location.href},t[1]),{deviceInfo:{webAuthnSupport:n},startOptionsVersion:1});return t[1]=o,e.flow.start(...t)}});const Ie=()=>window.location.search.includes("code")&&window.location.search.includes("state");let _e;const Oe=(e,t)=>new Promise(((n,o)=>{if(!e.length)return o(new Error("No URLs provided to loadScriptWithFallback"));const i=t();if(i)return n(i);const r=e.shift(),a=document.createElement("script");a.src=r,a.id=(e=>{let t=0;for(let n=0;n<e.length;n++)t=(t<<5)-t+e.charCodeAt(n),t|=0;return Math.abs(t).toString(16)})(r),a.onload=()=>{const e=t();if(e)return n(e);throw new Error("Could not get entry after loading script from URL")},a.addEventListener("error",(()=>{Oe(e,t),a.setAttribute("data-error","true")})),document.body.appendChild(a)}));const xe=async(e,t,n)=>{_e||(_e=(async()=>{try{return require("oidc-client-ts")}catch(e){return Oe([O,x],(()=>window.oidc))}})());const{OidcClient:o,WebStorageStateStore:i}=await _e;if(!o)throw new Error("oidc-client-ts is not installed. Please install it by running `npm install oidc-client-ts`");const r=(null==n?void 0:n.redirectUri)||window.location.href;let a,s,l,c;if(null==n?void 0:n.issuer){if(!n.clientId)throw new Error("clientId is required when providing a custom issuer/authority");a=n.issuer,s=n.clientId,l=`${s}_user`,c="openid"}else(null==n?void 0:n.applicationId)?(a=e.httpClient.buildUrl(t),a=`${a}/${n.applicationId}`,s=t,l=`${s}_user`,c="openid email roles descope.custom_claims offline_access"):(a=e.httpClient.buildUrl(t),s=t,l=`${s}_user`,c="openid email roles descope.custom_claims offline_access");const d={authority:a,client_id:s,redirect_uri:r,response_type:"code",scope:(null==n?void 0:n.scope)||c,stateStore:new i({store:window.localStorage,prefix:s}),loadUserInfo:!0,fetchRequestCredentials:"same-origin"};return(null==n?void 0:n.redirectUri)&&(d.redirect_uri=n.redirectUri),{client:new o(d),stateUserKey:l}},Ue=(e,t,n)=>{const o=async()=>{let o,i;return o&&i||({client:o,stateUserKey:i}=await xe(e,t,n)),{client:o,stateUserKey:i}},i=async(t="")=>{var n;const{client:i,stateUserKey:r}=await o(),a=await i.processSigninResponse(t||window.location.href);var s;return await(null===(n=e.httpClient.hooks)||void 0===n?void 0:n.afterRequest({},new Response(JSON.stringify(a)))),h(r,JSON.stringify({id_token:(s=a).id_token,session_state:s.session_state,profile:s.profile})),(()=>{const e=new URL(window.location.href);e.searchParams.delete("code"),e.searchParams.delete("state"),window.history.replaceState({},document.title,e.toString())})(),a};return{loginWithRedirect:async(e={},t=!1)=>{const{client:n}=await o(),i=await n.createSigninRequest(e),{url:r}=i;return t||(window.location.href=r),{ok:!0,data:i}},finishLogin:i,finishLoginIfNeed:async(e="")=>{if(Ie())return await i(e)},refreshToken:async t=>{var n;const{client:i,stateUserKey:r}=await o(),a=(e=>{const t=y(e);return t?JSON.parse(t):null})(r);if(!a)throw new Error("User not found in storage to refresh token");let s=t;if(!s){const t={};e.httpClient.hooks.beforeRequest(t),s=t.token}const l=await i.useRefreshToken({state:{refresh_token:s,session_state:a.session_state,profile:a.profile}});return await(null===(n=e.httpClient.hooks)||void 0===n?void 0:n.afterRequest({},new Response(JSON.stringify(l)))),l},logout:async(e,t=!1)=>{const{client:n,stateUserKey:i}=await o();e||(e={}),e.id_token_hint=e.id_token_hint||$(),e.post_logout_redirect_uri=e.post_logout_redirect_uri||window.location.href;const r=await n.createSignoutRequest(e),{url:a}=r;return m(i),t||window.location.replace(a),r}}},Ce=function(...e){return t=>e.reduce(((e,t)=>t(e)),t)}((e=>t=>{var n;return n=t.customStorage,l=n,e(t)}),(t=>n=>{var{fpKey:o,fpLoad:i}=n,r=e(n,["fpKey","fpLoad"]);return I?(o&&i&&F(o).catch((()=>null)),t(g(r,{beforeRequest:M}))):t(r)}),(n=>i=>{var{autoRefresh:r}=i,a=e(i,["autoRefresh"]);if(!r||w())return n(a);const{clearAllTimers:s,setTimer:l}=(()=>{const e=[];return{clearAllTimers:()=>{for(;e.length;)clearTimeout(e.pop())},setTimer:(t,n)=>{e.push(setTimeout(t,n))}}})();let c,d;I&&document.addEventListener("visibilitychange",(()=>{"visible"===document.visibilityState&&c&&new Date>c&&(k("Expiration time passed, refreshing session"),u.refresh(A()||d))}));const u=n(g(a,{afterRequest:async(e,n)=>{const{sessionJwt:o,refreshJwt:i,sessionExpiration:r}=await f(n);if(401===(null==n?void 0:n.status))k("Received 401, canceling all timers"),s();else if(o||r){if(c=((e,n)=>{if(n)return new Date(1e3*n);k("Could not extract expiration time from session token, trying to decode the token");try{const n=t(e);if(n.exp)return new Date(1e3*n.exp)}catch(e){return null}})(o,r),!c)return void k("Could not extract expiration time from session token");d=i;const e=U(c);if(s(),e<=2e4)return void k("Session is too close to expiration, not setting refresh timer");const n=new Date(Date.now()+e).toLocaleTimeString("en-US",{hour12:!1});k(`Setting refresh timer for ${n}. (${e}ms)`),l((()=>{k("Refreshing session due to timer"),u.refresh(A()||i)}),e)}}}));return o(u,["logout","logoutAll","oidc.logout"],(e=>async(...t)=>{const n=await e(...t);return k("Clearing all timers"),s(),n}))}),(e=>t=>e(Object.assign(Object.assign({},t),{baseHeaders:Object.assign({"x-descope-sdk-name":"web-js","x-descope-sdk-version":"1.39.0"},t.baseHeaders)}))),(e=>t=>{const n=ae(),i=ae(),r=ae(),a=ae(),s=e(g(t,{afterRequest:async(e,t)=>{if(401===(null==t?void 0:t.status))i.pub(null),r.pub(null),n.pub(null),a.pub(null);else{const e=await(async e=>{const t=await f(e);return(null==t?void 0:t.user)||((null==t?void 0:t.hasOwnProperty("userId"))?t:void 0)})(t);e&&r.pub(e);const{sessionJwt:o,sessionExpiration:s,claims:l}=await f(t);o&&i.pub(o),l&&a.pub(l),(s||o)&&n.pub(s||42)}}})),l=o(s,["logout","logoutAll","oidc.logout"],(e=>async(...t)=>{const o=await e(...t);return i.pub(null),r.pub(null),n.pub(null),a.pub(null),o}));return Object.assign(l,{onSessionTokenChange:i.sub,onUserChange:r.sub,onClaimsChange:a.sub,onIsAuthenticatedChange:e=>n.sub((t=>{e(!!t)}))})}),(t=>n=>{const{enableFlowNonce:o=!0,nonceStoragePrefix:i=B}=n,r=e(n,["enableFlowNonce","nonceStoragePrefix"]);if(!o)return t(r);((e=B)=>{try{if(!v)return;for(let o=0;o<(t=void 0,n=void 0,null!==(n=null!==(t=null==l?void 0:l.length)&&void 0!==t?t:null===localStorage||void 0===localStorage?void 0:localStorage.length)&&void 0!==n?n:0);o++){const t=b(o);if(t&&t.startsWith(e)){const e=y(t);if(e)try{JSON.parse(e).expiry<Date.now()&&m(t)}catch(e){m(t)}}}}catch(e){console.error("Error cleaning up expired nonces:",e)}var t,n})(i);return t(g(r,{afterRequest:async(e,t)=>{if(e.path!==G&&e.path!==W)return;const{nonce:n,executionId:o}=await(async(e,t)=>{try{const n=t.headers.get(H);let o=await t.clone().json().then((e=>(null==e?void 0:e.executionId)||null)).catch((()=>null));return o||(o=Q(e)),{nonce:n,executionId:z(o)}}catch(e){return{nonce:null,executionId:null}}})(e,t);if(n&&o){((e,t,n,o=B)=>{try{const i=X(e,o),r=n?172800:10800,a={value:t,expiry:Date.now()+1e3*r,isStart:n};h(i,JSON.stringify(a))}catch(e){console.error("Error setting flow nonce:",e)}})(o,n,e.path===G,i)}},beforeRequest:e=>{if(e.path===W){const t=Q(e);if(t){const n=((e,t=B)=>{try{const n=X(e,t),o=y(n);if(!o)return null;const i=JSON.parse(o);return i.expiry<Date.now()?(Z(e,t),null):i.value}catch(e){return console.error("Error getting flow nonce:",e),null}})(t,i);n&&(e.headers=e.headers||{},e.headers[H]=n)}}return e}}))}),(t=>n=>{var{storeLastAuthenticatedUser:i=!0,keepLastAuthenticatedUserAfterLogout:r=!1}=n,a=e(n,["storeLastAuthenticatedUser","keepLastAuthenticatedUserAfterLogout"]);if(!i)return Object.assign(t(a),{getLastUserLoginId:ne,getLastUserDisplayName:oe});const s=t(g(a,{afterRequest:async(e,t)=>{var n;const{userInfo:o,lastAuth:i}=await(async e=>{if(!(null==e?void 0:e.ok))return{userInfo:void 0,lastAuth:void 0};const t=await(null==e?void 0:e.clone().json()),n=p((null==t?void 0:t.authInfo)||t||{});return{userInfo:(null==n?void 0:n.user)||((null==n?void 0:n.hasOwnProperty("userId"))?n:void 0),lastAuth:t.lastAuth}})(t),r=null===(n=null==o?void 0:o.loginIds)||void 0===n?void 0:n[0],a=null==o?void 0:o.name;r?(te(r),(e=>{h(ee,e)})(a)):(null==i?void 0:i.loginId)&&te(i.loginId)}}));let l=o(s,["flow.start"],ie);return l=o(l,["logout","logoutAll"],re(r)),Object.assign(l,{getLastUserLoginId:ne,getLastUserDisplayName:oe})}),(t=>n=>{var{persistTokens:i,sessionTokenViaCookie:r,storagePrefix:a}=n,s=e(n,["persistTokens","sessionTokenViaCookie","storagePrefix"]);if(!i||!I)return t(s);const l=t(g(s,{beforeRequest:(c=a,e=>Object.assign(e,{token:e.token||A(c)})),afterRequest:async(e,t)=>{const n=/^\/v\d+\/mgmt\//.test(e.path);401===(null==t?void 0:t.status)?n||J(a,r):((e={},t=!1,n="")=>{var o,i;const{sessionJwt:r,refreshJwt:a}=e;if(a&&h(`${n}${j}`,a),r)if(t){const n=t.sameSite||"Strict",a=null===(o=t.secure)||void 0===o||o,s=null!==(i=t.domain)&&void 0!==i?i:e.cookieDomain;R(T(t),r,Object.assign(Object.assign({},e),{cookieSameSite:n,cookieSecure:a,cookieDomain:s}))}else h(`${n}${C}`,r);e.idToken&&h(`${n}${D}`,e.idToken)})(await f(t),r,a)}}));var c;const d=o(l,["logout","logoutAll","oidc.logout"],se(a,r));return Object.assign(d,{getRefreshToken:()=>A(a),getSessionToken:()=>E(a),getIdToken:()=>$(a)})}))((e=>{const t=n(e),o=Ue(t,e.projectId,e.oidcConfig);return Object.assign(Object.assign({},t),{refresh:async(n,i)=>{var r;if(e.oidcConfig)try{return await o.refreshToken(n),Promise.resolve({ok:!0})}catch(e){return Promise.resolve({ok:!1,error:{errorCode:"J161001",errorDescription:e.toString()}})}const a=E(),s=A();let l="";if(e.getExternalToken)try{l=await(null===(r=e.getExternalToken)||void 0===r?void 0:r.call(e))}catch(e){k("Error getting external token while refreshing",e)}return t.refresh(n,{dcs:a?"t":"f",dcr:s?"t":"f"},l,i)},logout:async n=>{if(e.oidcConfig)try{return await o.logout({id_token_hint:n}),Promise.resolve({ok:!0})}catch(e){return Promise.resolve({ok:!1,error:{errorCode:"J161000",errorDescription:e.toString()}})}return t.logout(n)},flow:Se(t),webauthn:he(t),fedcm:(i=t,r=e.projectId,{onetap:{requestExchangeCode(e){be(i,e)},requestAuthentication(e){be(i,e)}},async oneTap(e,t,n,o,r){await ke(i,{provider:e,oneTapConfig:t,loginOptions:n,onSkipped:o,onDismissed:r})},async launch(e){var t;const n={identity:{context:e||"signin",providers:[{configURL:i.httpClient.buildUrl(r+ye.config),clientId:r}]}},o=await(null===(t=navigator.credentials)||void 0===t?void 0:t.get(n));return i.refresh(o.token)},isSupported:()=>I&&"IdentityCredential"in window,async isLoggedIn(e){var t;const n=i.httpClient.buildUrl(r+ye.config);try{const o={identity:{context:e||"signin",providers:[{configURL:n,clientId:r}]}},i=await(null===(t=navigator.credentials)||void 0===t?void 0:t.get(o));return!!i&&!!i.token}catch(e){return!1}}}),oidc:o});var i,r}));export{j as REFRESH_TOKEN_KEY,C as SESSION_TOKEN_KEY,V as clearFingerprintData,Ce as createSdk,Ce as default,F as ensureFingerprintIds,Ie as hasOidcParamsInUrl};
|
|
1
|
+
import{__rest as e}from"tslib";import{jwtDecode as t}from"jwt-decode";import n,{wrapWith as o}from"@descope/core-js-sdk";import i from"js-cookie";import{load as r,defaultEndpoint as a,defaultScriptUrlPattern as s}from"@fingerprintjs/fingerprintjs-pro";let l;const c=e=>{try{return t(e).exp}catch(e){return null}},d=e=>{const{refresh_expire_in:t,refresh_token:n}=e;return t?Math.floor(Date.now()/1e3)+t:c(n)},u=e=>{const{expires_in:t,expires_at:n,access_token:o}=e;return n||(t?Math.floor(Date.now()/1e3)+t:o?c(o):void 0)},p=t=>{const{access_token:n,id_token:o,refresh_token:i,refresh_expire_in:r}=t,a=e(t,["access_token","id_token","refresh_token","refresh_expire_in"]);return Object.assign({sessionJwt:t.sessionJwt||n,idToken:o,refreshJwt:t.refreshJwt||i,sessionExpiration:t.sessionExpiration||u(t),cookieExpiration:t.cookieExpiration||d(t)},a)},g=(e,t)=>{var n;return["beforeRequest","afterRequest"].reduce(((n,o)=>{var i;return n[o]=[].concat((null===(i=e.hooks)||void 0===i?void 0:i[o])||[]).concat((null==t?void 0:t[o])||[]),n}),null!==(n=e.hooks)&&void 0!==n?n:e.hooks={}),e},f=async e=>{if(!(null==e?void 0:e.ok))return{};const t=await(null==e?void 0:e.clone().json()),n=(null==t?void 0:t.authInfo)||t||{};return p(n)},w=()=>"undefined"!=typeof window&&!!window.descopeBridge,v=void 0!==l||"undefined"!=typeof localStorage,h=(e,t)=>{var n,o;return null===(o=null===(n=l||localStorage)||void 0===n?void 0:n.setItem)||void 0===o?void 0:o.call(n,e,t)},y=e=>{var t,n;return null===(n=null===(t=l||localStorage)||void 0===t?void 0:t.getItem)||void 0===n?void 0:n.call(t,e)},m=e=>{var t,n;return null===(n=null===(t=l||localStorage)||void 0===t?void 0:t.removeItem)||void 0===n?void 0:n.call(t,e)},b=e=>{var t,n,o,i;return null!==(i=null!==(n=null===(t=null==l?void 0:l.key)||void 0===t?void 0:t.call(l,e))&&void 0!==n?n:null===(o=null===localStorage||void 0===localStorage?void 0:localStorage.key)||void 0===o?void 0:o.call(localStorage,e))&&void 0!==i?i:null},k=(...e)=>{console.debug(...e)},S="3.2.0",I="undefined"!=typeof window,_=Math.pow(2,31)-1,O=`https://descopecdn.com/npm/oidc-client-ts@${S}/dist/browser/oidc-client-ts.min.js`,x=`https://cdn.jsdelivr.net/npm/oidc-client-ts@${S}/dist/browser/oidc-client-ts.min.js`,U=e=>{let t=((n=e)?n.getTime()-(new Date).getTime():0)-2e4;var n;return t>_&&(k(`Timeout is too large (${t}ms), setting it to ${_}ms`),t=_),t},C="DS",j="DSR",D="DSI";function R(e,t,n){if(t){const{cookieDomain:o,cookiePath:r,cookieSameSite:a,cookieExpiration:s,cookieSecure:l}=n,c=new Date(1e3*s),d=function(e){const t=window.location.hostname.split("."),n=e.split(".");return t.slice(-n.length).join(".")===e}(o);i.set(e,t,{path:r,domain:d?o:void 0,expires:c,sameSite:a,secure:l})}}const T=e=>(null==e?void 0:e.cookieName)||C;function A(e=""){return y(`${e}${j}`)||""}function E(e="",t){return i.get(T(t))||y(`${e}${C}`)||""}function $(e=""){return y(`${e}${D}`)||""}function J(e="",t){m(`${e}${j}`),m(`${e}${C}`),m(`${e}${D}`);const n=T(t);i.remove(n)}const L=I&&(null===localStorage||void 0===localStorage?void 0:localStorage.getItem("fingerprint.endpoint.url"))||"https://api.descope.com",N="vsid",P="vrid",q="fp",K=(e=!1)=>{const t=y(q);if(!t)return null;const n=JSON.parse(t);return(new Date).getTime()>n.expiry&&!e?null:n.value},F=async(e,t=L)=>{try{if(K())return;const n=(Date.now().toString(36)+Math.random().toString(36).substring(2)+Math.random().toString(36).substring(2)).substring(0,27),o=new URL(t);o.pathname="/fXj8gt3x8VulJBna/x96Emn69oZwcd7I6";const i=new URL(t);i.pathname="/fXj8gt3x8VulJBna/w78aRZnnDZ3Aqw0I";const l=i.toString()+"?apiKey=<apiKey>&version=<version>&loaderVersion=<loaderVersion>",c=r({apiKey:e,endpoint:[o.toString(),a],scriptUrlPattern:[l,s]}),d=await c,{requestId:u}=await d.get({linkedId:n}),p=((e,t)=>({[N]:e,[P]:t}))(n,u);(e=>{const t={value:e,expiry:(new Date).getTime()+864e5};h(q,JSON.stringify(t))})(p)}catch(e){console.warn("Could not load fingerprint",e)}},V=()=>{m(q)},M=e=>{const t=K(!0);return t&&e.body&&(e.body.fpData=t),e},B="descopeFlowNonce",H="X-Descope-Flow-Nonce",G="/v1/flow/start",W="/v1/flow/next",X=(e,t=B)=>`${t}${e}`,Z=(e,t=B)=>{try{const n=X(e,t);m(n)}catch(e){console.error("Error removing flow nonce:",e)}},z=e=>{var t;return(null===(t=/.*\|#\|(.*)/.exec(e))||void 0===t?void 0:t[1])||null},Q=e=>{var t;return e.path===W&&(null===(t=e.body)||void 0===t?void 0:t.executionId)?z(e.body.executionId):null},Y="dls_last_user_login_id",ee="dls_last_user_display_name",te=e=>h(Y,e),ne=()=>y(Y),oe=()=>y(ee),ie=e=>async(...t)=>{var n;t[1]=t[1]||{};const[,o={}]=t,i=ne(),r=oe();i&&(null!==(n=o.lastAuth)&&void 0!==n||(o.lastAuth={}),o.lastAuth.loginId=i,o.lastAuth.name=r);return await e(...t)},re=e=>t=>async(...n)=>{const o=await t(...n);return e||(m(Y),m(ee)),o};function ae(){const e=[];return{pub:t=>{e.forEach((e=>e(t)))},sub:t=>{const n=e.push(t)-1;return()=>e.splice(n,1)}}}const se=(e,t)=>n=>async(...o)=>{const i=await n(...o);return J(e,t),i};async function le(e){const t=function(e){var t;const n=JSON.parse(e);return n.publicKey.challenge=fe(n.publicKey.challenge),n.publicKey.user.id=fe(n.publicKey.user.id),null===(t=n.publicKey.excludeCredentials)||void 0===t||t.forEach((e=>{e.id=fe(e.id)})),n}(e),n=await navigator.credentials.create(t);return o=n,JSON.stringify({id:o.id,rawId:we(o.rawId),type:o.type,response:{attestationObject:we(o.response.attestationObject),clientDataJSON:we(o.response.clientDataJSON)}});var o}async function ce(e){const t=pe(e);return ge(await navigator.credentials.get(t))}async function de(e,t){const n=pe(e);n.signal=t.signal,n.mediation="conditional";return ge(await navigator.credentials.get(n))}async function ue(e=!1){var t,n;if(!I)return Promise.resolve(!1);if(w()){const e=null===(n=null===(t=window.descopeBridge)||void 0===t?void 0:t.hostInfo)||void 0===n?void 0:n.webauthn;if("boolean"==typeof e)return e}const o=!!(window.PublicKeyCredential&&navigator.credentials&&navigator.credentials.create&&navigator.credentials.get);return o&&e&&PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable?PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable():o}function pe(e){var t;const n=JSON.parse(e);return n.publicKey.challenge=fe(n.publicKey.challenge),null===(t=n.publicKey.allowCredentials)||void 0===t||t.forEach((e=>{e.id=fe(e.id)})),n}function ge(e){return JSON.stringify({id:e.id,rawId:we(e.rawId),type:e.type,response:{authenticatorData:we(e.response.authenticatorData),clientDataJSON:we(e.response.clientDataJSON),signature:we(e.response.signature),userHandle:e.response.userHandle?we(e.response.userHandle):void 0}})}function fe(e){const t=e.replace(/_/g,"/").replace(/-/g,"+");return Uint8Array.from(atob(t),(e=>e.charCodeAt(0))).buffer}function we(e){return btoa(String.fromCharCode.apply(null,new Uint8Array(e))).replace(/\//g,"_").replace(/\+/g,"-").replace(/=/g,"")}var ve,he=(ve=e=>({async signUp(t,n,o){const i=await e.webauthn.signUp.start(t,window.location.origin,n,o);if(!i.ok)return i;const r=await le(i.data.options);return await e.webauthn.signUp.finish(i.data.transactionId,r)},async signIn(t,n){const o=await e.webauthn.signIn.start(t,window.location.origin,void 0,void 0,n);if(!o.ok)return o;const i=await ce(o.data.options);return await e.webauthn.signIn.finish(o.data.transactionId,i)},async signUpOrIn(t,n){var o;const i=await e.webauthn.signUpOrIn.start(t,window.location.origin,n);if(!i.ok)return i;if(null===(o=i.data)||void 0===o?void 0:o.create){const t=await le(i.data.options);return await e.webauthn.signUp.finish(i.data.transactionId,t)}{const t=await ce(i.data.options);return await e.webauthn.signIn.finish(i.data.transactionId,t)}},async update(t,n,o){const i=await e.webauthn.update.start(t,window.location.origin,n,o);if(!i.ok)return i;const r=await le(i.data.options);return await e.webauthn.update.finish(i.data.transactionId,r)},helpers:{create:le,get:ce,isSupported:ue,conditional:de}}),(...e)=>{const t=ve(...e);return Object.assign(t.signUp,e[0].webauthn.signUp),Object.assign(t.signIn,e[0].webauthn.signIn),Object.assign(t.signUpOrIn,e[0].webauthn.signUpOrIn),Object.assign(t.update,e[0].webauthn.update),t});const ye={config:"/fedcm/config"},me=()=>{if(window.crypto&&window.crypto.getRandomValues){const e=new Uint8Array(16);return window.crypto.getRandomValues(e),Array.from(e,(e=>e.toString(16).padStart(2,"0"))).join("")}return Math.random().toString(36).substring(2)};async function be(e,t){var n;try{await ke(e,t)}catch(e){null===(n=null==t?void 0:t.onFailed)||void 0===n||n.call(t,e)}}async function ke(e,t){var n,o;const i=await async function(e,t="google",n,o,i){const r=me(),a=await async function(){return new Promise(((e,t)=>{if(window.google)return void e(window.google.accounts.id);let n=document.getElementById("google-gsi-client-script");n||(n=document.createElement("script"),document.head.appendChild(n),n.async=!0,n.defer=!0,n.id="google-gsi-client-script",n.src="https://accounts.google.com/gsi/client"),n.onload=function(){window.google?e(window.google.accounts.id):t("Failed to load Google GSI client script - not loaded properly")},n.onerror=function(){t("Failed to load Google GSI client script - failed to load")}}))}(),s=await e.oauth.getOneTapClientId(t);if(!s.ok)throw new Error("Failed to get OneTap client ID for provider "+t);const l=s.data.clientId;return new Promise((e=>{var s,c;const d=n=>{e({provider:t,nonce:r,credential:null==n?void 0:n.credential})};a.initialize(Object.assign(Object.assign({},n),{itp_support:null===(s=null==n?void 0:n.itp_support)||void 0===s||s,use_fedcm_for_prompt:null===(c=null==n?void 0:n.use_fedcm_for_prompt)||void 0===c||c,client_id:l,callback:d,nonce:r})),a.prompt((e=>{var t,n;if(i&&(null==e?void 0:e.isDismissedMoment())){const n=null===(t=e.getDismissedReason)||void 0===t?void 0:t.call(e);return null==i||i(n),void d()}if(o&&(null==e?void 0:e.isSkippedMoment())){const t=null===(n=e.getSkippedReason)||void 0===n?void 0:n.call(e);return null==o||o(t),void d()}}))}))}(e,t.provider,t.oneTapConfig,t.onSkipped,t.onDismissed);if(!i.credential)return null;if(null==t?void 0:t.onCodeReceived){const o=await e.oauth.verifyOneTapIDToken(i.provider,i.credential,i.nonce,null==t?void 0:t.loginOptions);if(!o.ok||!o.data)throw new Error("Failed to verify OneTap client ID for provider "+i.provider);null===(n=null==t?void 0:t.onCodeReceived)||void 0===n||n.call(t,o.data.code)}else{const n=await e.oauth.exchangeOneTapIDToken(i.provider,i.credential,i.nonce,null==t?void 0:t.loginOptions);if(!n.ok||!n.data)throw new Error("Failed to exchange OneTap client ID for provider "+i.provider);null===(o=null==t?void 0:t.onAuthenticated)||void 0===o||o.call(t,n.data)}}var Se=e=>Object.assign(Object.assign({},e.flow),{start:async(...t)=>{const n=await ue(),o=Object.assign(Object.assign({location:window.location.href},t[1]),{deviceInfo:{webAuthnSupport:n},startOptionsVersion:1});return t[1]=o,e.flow.start(...t)}});const Ie=()=>window.location.search.includes("code")&&window.location.search.includes("state");let _e;const Oe=(e,t)=>new Promise(((n,o)=>{if(!e.length)return o(new Error("No URLs provided to loadScriptWithFallback"));const i=t();if(i)return n(i);const r=e.shift(),a=document.createElement("script");a.src=r,a.id=(e=>{let t=0;for(let n=0;n<e.length;n++)t=(t<<5)-t+e.charCodeAt(n),t|=0;return Math.abs(t).toString(16)})(r),a.onload=()=>{const e=t();if(e)return n(e);throw new Error("Could not get entry after loading script from URL")},a.addEventListener("error",(()=>{Oe(e,t),a.setAttribute("data-error","true")})),document.body.appendChild(a)}));const xe=async(e,t,n)=>{_e||(_e=(async()=>{try{return require("oidc-client-ts")}catch(e){return Oe([O,x],(()=>window.oidc))}})());const{OidcClient:o,WebStorageStateStore:i}=await _e;if(!o)throw new Error("oidc-client-ts is not installed. Please install it by running `npm install oidc-client-ts`");const r=(null==n?void 0:n.redirectUri)||window.location.href;let a,s,l,c;if(null==n?void 0:n.issuer){if(!n.clientId)throw new Error("clientId is required when providing a custom issuer/authority");a=n.issuer,s=n.clientId,l=`${s}_user`,c="openid"}else(null==n?void 0:n.applicationId)?(a=e.httpClient.buildUrl(t),a=`${a}/${n.applicationId}`,s=t,l=`${s}_user`,c="openid email roles descope.custom_claims offline_access"):(a=e.httpClient.buildUrl(t),s=t,l=`${s}_user`,c="openid email roles descope.custom_claims offline_access");const d={authority:a,client_id:s,redirect_uri:r,response_type:"code",scope:(null==n?void 0:n.scope)||c,stateStore:new i({store:window.localStorage,prefix:s}),loadUserInfo:!0,fetchRequestCredentials:"same-origin"};return(null==n?void 0:n.redirectUri)&&(d.redirect_uri=n.redirectUri),{client:new o(d),stateUserKey:l}},Ue=(e,t,n)=>{const o=async()=>{let o,i;return o&&i||({client:o,stateUserKey:i}=await xe(e,t,n)),{client:o,stateUserKey:i}},i=async(t="")=>{var n;const{client:i,stateUserKey:r}=await o(),a=await i.processSigninResponse(t||window.location.href);var s;return await(null===(n=e.httpClient.hooks)||void 0===n?void 0:n.afterRequest({},new Response(JSON.stringify(a)))),h(r,JSON.stringify({id_token:(s=a).id_token,session_state:s.session_state,profile:s.profile})),(()=>{const e=new URL(window.location.href);e.searchParams.delete("code"),e.searchParams.delete("state"),window.history.replaceState({},document.title,e.toString())})(),a};return{loginWithRedirect:async(e={},t=!1)=>{const{client:n}=await o(),i=await n.createSigninRequest(e),{url:r}=i;return t||(window.location.href=r),{ok:!0,data:i}},finishLogin:i,finishLoginIfNeed:async(e="")=>{if(Ie())return await i(e)},refreshToken:async t=>{var n;const{client:i,stateUserKey:r}=await o(),a=(e=>{const t=y(e);return t?JSON.parse(t):null})(r);if(!a)throw new Error("User not found in storage to refresh token");let s=t;if(!s){const t={};e.httpClient.hooks.beforeRequest(t),s=t.token}const l=await i.useRefreshToken({state:{refresh_token:s,session_state:a.session_state,profile:a.profile}});return await(null===(n=e.httpClient.hooks)||void 0===n?void 0:n.afterRequest({},new Response(JSON.stringify(l)))),l},logout:async(e,t=!1)=>{const{client:n,stateUserKey:i}=await o();e||(e={}),e.id_token_hint=e.id_token_hint||$(),e.post_logout_redirect_uri=e.post_logout_redirect_uri||window.location.href;const r=await n.createSignoutRequest(e),{url:a}=r;return m(i),t||window.location.replace(a),r}}},Ce=function(...e){return t=>e.reduce(((e,t)=>t(e)),t)}((e=>t=>{var n;return n=t.customStorage,l=n,e(t)}),(t=>n=>{var{fpKey:o,fpLoad:i}=n,r=e(n,["fpKey","fpLoad"]);return I?(o&&i&&F(o).catch((()=>null)),t(g(r,{beforeRequest:M}))):t(r)}),(n=>i=>{var{autoRefresh:r}=i,a=e(i,["autoRefresh"]);if(!r||w())return n(a);const{clearAllTimers:s,setTimer:l}=(()=>{const e=[];return{clearAllTimers:()=>{for(;e.length;)clearTimeout(e.pop())},setTimer:(t,n)=>{e.push(setTimeout(t,n))}}})();let c,d;I&&document.addEventListener("visibilitychange",(()=>{"visible"===document.visibilityState&&c&&new Date>c&&(k("Expiration time passed, refreshing session"),u.refresh(A()||d))}));const u=n(g(a,{afterRequest:async(e,n)=>{const{sessionJwt:o,refreshJwt:i,sessionExpiration:r}=await f(n);if(401===(null==n?void 0:n.status))k("Received 401, canceling all timers"),s();else if(o||r){if(c=((e,n)=>{if(n)return new Date(1e3*n);k("Could not extract expiration time from session token, trying to decode the token");try{const n=t(e);if(n.exp)return new Date(1e3*n.exp)}catch(e){return null}})(o,r),!c)return void k("Could not extract expiration time from session token");d=i;const e=U(c);if(s(),e<=2e4)return void k("Session is too close to expiration, not setting refresh timer");const n=new Date(Date.now()+e).toLocaleTimeString("en-US",{hour12:!1});k(`Setting refresh timer for ${n}. (${e}ms)`),l((()=>{k("Refreshing session due to timer"),u.refresh(A()||i)}),e)}}}));return o(u,["logout","logoutAll","oidc.logout"],(e=>async(...t)=>{const n=await e(...t);return k("Clearing all timers"),s(),n}))}),(e=>t=>e(Object.assign(Object.assign({},t),{baseHeaders:Object.assign({"x-descope-sdk-name":"web-js","x-descope-sdk-version":"1.40.0"},t.baseHeaders)}))),(e=>t=>{const n=ae(),i=ae(),r=ae(),a=ae(),s=e(g(t,{afterRequest:async(e,t)=>{if(401===(null==t?void 0:t.status))i.pub(null),r.pub(null),n.pub(null),a.pub(null);else{const e=await(async e=>{const t=await f(e);return(null==t?void 0:t.user)||((null==t?void 0:t.hasOwnProperty("userId"))?t:void 0)})(t);e&&r.pub(e);const{sessionJwt:o,sessionExpiration:s,claims:l}=await f(t);o&&i.pub(o),l&&a.pub(l),(s||o)&&n.pub(s||42)}}})),l=o(s,["logout","logoutAll","oidc.logout"],(e=>async(...t)=>{const o=await e(...t);return i.pub(null),r.pub(null),n.pub(null),a.pub(null),o}));return Object.assign(l,{onSessionTokenChange:i.sub,onUserChange:r.sub,onClaimsChange:a.sub,onIsAuthenticatedChange:e=>n.sub((t=>{e(!!t)}))})}),(t=>n=>{const{enableFlowNonce:o=!0,nonceStoragePrefix:i=B}=n,r=e(n,["enableFlowNonce","nonceStoragePrefix"]);if(!o)return t(r);((e=B)=>{try{if(!v)return;for(let o=0;o<(t=void 0,n=void 0,null!==(n=null!==(t=null==l?void 0:l.length)&&void 0!==t?t:null===localStorage||void 0===localStorage?void 0:localStorage.length)&&void 0!==n?n:0);o++){const t=b(o);if(t&&t.startsWith(e)){const e=y(t);if(e)try{JSON.parse(e).expiry<Date.now()&&m(t)}catch(e){m(t)}}}}catch(e){console.error("Error cleaning up expired nonces:",e)}var t,n})(i);return t(g(r,{afterRequest:async(e,t)=>{if(e.path!==G&&e.path!==W)return;const{nonce:n,executionId:o}=await(async(e,t)=>{try{const n=t.headers.get(H);let o=await t.clone().json().then((e=>(null==e?void 0:e.executionId)||null)).catch((()=>null));return o||(o=Q(e)),{nonce:n,executionId:z(o)}}catch(e){return{nonce:null,executionId:null}}})(e,t);if(n&&o){((e,t,n,o=B)=>{try{const i=X(e,o),r=n?172800:10800,a={value:t,expiry:Date.now()+1e3*r,isStart:n};h(i,JSON.stringify(a))}catch(e){console.error("Error setting flow nonce:",e)}})(o,n,e.path===G,i)}},beforeRequest:e=>{if(e.path===W){const t=Q(e);if(t){const n=((e,t=B)=>{try{const n=X(e,t),o=y(n);if(!o)return null;const i=JSON.parse(o);return i.expiry<Date.now()?(Z(e,t),null):i.value}catch(e){return console.error("Error getting flow nonce:",e),null}})(t,i);n&&(e.headers=e.headers||{},e.headers[H]=n)}}return e}}))}),(t=>n=>{var{storeLastAuthenticatedUser:i=!0,keepLastAuthenticatedUserAfterLogout:r=!1}=n,a=e(n,["storeLastAuthenticatedUser","keepLastAuthenticatedUserAfterLogout"]);if(!i)return Object.assign(t(a),{getLastUserLoginId:ne,getLastUserDisplayName:oe});const s=t(g(a,{afterRequest:async(e,t)=>{var n;const{userInfo:o,lastAuth:i}=await(async e=>{if(!(null==e?void 0:e.ok))return{userInfo:void 0,lastAuth:void 0};const t=await(null==e?void 0:e.clone().json()),n=p((null==t?void 0:t.authInfo)||t||{});return{userInfo:(null==n?void 0:n.user)||((null==n?void 0:n.hasOwnProperty("userId"))?n:void 0),lastAuth:t.lastAuth}})(t),r=null===(n=null==o?void 0:o.loginIds)||void 0===n?void 0:n[0],a=null==o?void 0:o.name;r?(te(r),(e=>{h(ee,e)})(a)):(null==i?void 0:i.loginId)&&te(i.loginId)}}));let l=o(s,["flow.start"],ie);return l=o(l,["logout","logoutAll"],re(r)),Object.assign(l,{getLastUserLoginId:ne,getLastUserDisplayName:oe})}),(t=>n=>{var{persistTokens:i,sessionTokenViaCookie:r,storagePrefix:a}=n,s=e(n,["persistTokens","sessionTokenViaCookie","storagePrefix"]);if(!i||!I)return t(s);const l=t(g(s,{beforeRequest:(c=a,e=>Object.assign(e,{token:e.token||A(c)})),afterRequest:async(e,t)=>{const n=/^\/v\d+\/mgmt\//.test(e.path);401===(null==t?void 0:t.status)?n||J(a,r):((e={},t=!1,n="")=>{var o,i;const{sessionJwt:r,refreshJwt:a}=e;if(a&&h(`${n}${j}`,a),r)if(t){const n=t.sameSite||"Strict",a=null===(o=t.secure)||void 0===o||o,s=null!==(i=t.domain)&&void 0!==i?i:e.cookieDomain;R(T(t),r,Object.assign(Object.assign({},e),{cookieSameSite:n,cookieSecure:a,cookieDomain:s}))}else h(`${n}${C}`,r);e.idToken&&h(`${n}${D}`,e.idToken)})(await f(t),r,a)}}));var c;const d=o(l,["logout","logoutAll","oidc.logout"],se(a,r));return Object.assign(d,{getRefreshToken:()=>A(a),getSessionToken:()=>E(a),getIdToken:()=>$(a)})}))((e=>{const t=n(e),o=Ue(t,e.projectId,e.oidcConfig);return Object.assign(Object.assign({},t),{refresh:async(n,i)=>{var r;if(e.oidcConfig)try{return await o.refreshToken(n),Promise.resolve({ok:!0})}catch(e){return Promise.resolve({ok:!1,error:{errorCode:"J161001",errorDescription:e.toString()}})}const a=E(),s=A();let l="";if(e.getExternalToken)try{l=await(null===(r=e.getExternalToken)||void 0===r?void 0:r.call(e))}catch(e){k("Error getting external token while refreshing",e)}return t.refresh(n,{dcs:a?"t":"f",dcr:s?"t":"f"},l,i)},logout:async n=>{if(e.oidcConfig)try{return await o.logout({id_token_hint:n}),Promise.resolve({ok:!0})}catch(e){return Promise.resolve({ok:!1,error:{errorCode:"J161000",errorDescription:e.toString()}})}return t.logout(n)},flow:Se(t),webauthn:he(t),fedcm:(i=t,r=e.projectId,{onetap:{requestExchangeCode(e){be(i,e)},requestAuthentication(e){be(i,e)}},async oneTap(e,t,n,o,r){await ke(i,{provider:e,oneTapConfig:t,loginOptions:n,onSkipped:o,onDismissed:r})},async launch(e){var t;const n={identity:{context:e||"signin",providers:[{configURL:i.httpClient.buildUrl(r+ye.config),clientId:r}]}},o=await(null===(t=navigator.credentials)||void 0===t?void 0:t.get(n));return i.refresh(o.token)},isSupported:()=>I&&"IdentityCredential"in window,async isLoggedIn(e){var t;const n=i.httpClient.buildUrl(r+ye.config);try{const o={identity:{context:e||"signin",providers:[{configURL:n,clientId:r}]}},i=await(null===(t=navigator.credentials)||void 0===t?void 0:t.get(o));return!!i&&!!i.token}catch(e){return!1}}}),oidc:o});var i,r}));export{j as REFRESH_TOKEN_KEY,C as SESSION_TOKEN_KEY,V as clearFingerprintData,Ce as createSdk,Ce as default,F as ensureFingerprintIds,Ie as hasOidcParamsInUrl};
|
|
2
2
|
//# sourceMappingURL=index.esm.js.map
|