@kolektor/nucleus-identity 0.0.8-pre.5352 → 0.0.9-pre.5702

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (32) hide show
  1. package/{esm2015/kolektor-nucleus-identity.js → esm2020/kolektor-nucleus-identity.mjs} +0 -0
  2. package/{esm2015/lib/models/client-registration.js → esm2020/lib/models/client-registration.mjs} +0 -0
  3. package/{esm2015/lib/models/device-code.js → esm2020/lib/models/device-code.mjs} +0 -0
  4. package/{esm2015/lib/models/identity.js → esm2020/lib/models/identity.mjs} +0 -0
  5. package/{esm2015/lib/models/otp.js → esm2020/lib/models/otp.mjs} +0 -0
  6. package/{esm2015/lib/models/service-principal.js → esm2020/lib/models/service-principal.mjs} +0 -0
  7. package/{esm2015/lib/nucleus-identity-config.js → esm2020/lib/nucleus-identity-config.mjs} +0 -0
  8. package/{esm2015/lib/nucleus-identity.module.js → esm2020/lib/nucleus-identity.module.mjs} +4 -4
  9. package/esm2020/lib/nucleus-identity.service.mjs +343 -0
  10. package/esm2020/lib/nucleus-token-interceptor.service.mjs +64 -0
  11. package/{esm2015/lib/utils/angular-requestor.js → esm2020/lib/utils/angular-requestor.mjs} +5 -6
  12. package/{esm2015/lib/utils/authorization-service-configuration.js → esm2020/lib/utils/authorization-service-configuration.mjs} +0 -0
  13. package/{esm2015/lib/utils/location.service.js → esm2020/lib/utils/location.service.mjs} +3 -3
  14. package/{esm2015/lib/utils/nucleus-authorization-notifier.js → esm2020/lib/utils/nucleus-authorization-notifier.mjs} +0 -0
  15. package/{esm2015/lib/utils/nucleus-crypto.js → esm2020/lib/utils/nucleus-crypto.mjs} +0 -0
  16. package/esm2020/lib/utils/oidc-configuration.service.mjs +90 -0
  17. package/esm2020/lib/utils/secrets-store.mjs +100 -0
  18. package/esm2020/lib/utils/token-client.mjs +140 -0
  19. package/{esm2015/public-api.js → esm2020/public-api.mjs} +0 -0
  20. package/fesm2015/{kolektor-nucleus-identity.js → kolektor-nucleus-identity.mjs} +132 -133
  21. package/fesm2015/kolektor-nucleus-identity.mjs.map +1 -0
  22. package/fesm2020/kolektor-nucleus-identity.mjs +1042 -0
  23. package/fesm2020/kolektor-nucleus-identity.mjs.map +1 -0
  24. package/package.json +22 -9
  25. package/bundles/kolektor-nucleus-identity.umd.js +0 -1910
  26. package/bundles/kolektor-nucleus-identity.umd.js.map +0 -1
  27. package/esm2015/lib/nucleus-identity.service.js +0 -385
  28. package/esm2015/lib/nucleus-token-interceptor.service.js +0 -66
  29. package/esm2015/lib/utils/oidc-configuration.service.js +0 -95
  30. package/esm2015/lib/utils/secrets-store.js +0 -113
  31. package/esm2015/lib/utils/token-client.js +0 -159
  32. package/fesm2015/kolektor-nucleus-identity.js.map +0 -1
package/bundles/kolektor-nucleus-identity.umd.js DELETED
@@ -1,1910 +0,0 @@
1
- (function (global, factory) {
2
- typeof exports === 'object' && typeof module !== 'undefined' ? factory(exports, require('@angular/core'), require('@angular/common/http'), require('rxjs'), require('rxjs/operators'), require('@openid/appauth'), require('@capacitor/app'), require('@capacitor/browser'), require('@capacitor/device'), require('base64-js'), require('capacitor-secure-storage-plugin'), require('@kolektor/nucleus-common')) :
3
- typeof define === 'function' && define.amd ? define('@kolektor/nucleus-identity', ['exports', '@angular/core', '@angular/common/http', 'rxjs', 'rxjs/operators', '@openid/appauth', '@capacitor/app', '@capacitor/browser', '@capacitor/device', 'base64-js', 'capacitor-secure-storage-plugin', '@kolektor/nucleus-common'], factory) :
4
- (global = typeof globalThis !== 'undefined' ? globalThis : global || self, factory((global.kolektor = global.kolektor || {}, global.kolektor['nucleus-identity'] = {}), global.ng.core, global.ng.common.http, global.rxjs, global.rxjs.operators, global.appauth, global.app, global.browser, global.device, global.base64, global.capacitorSecureStoragePlugin, global.i1));
5
- }(this, (function (exports, i0, i1$1, rxjs, operators, appauth, app, browser, device, base64, capacitorSecureStoragePlugin, i1) { 'use strict';
6
-
7
- function _interopNamespace(e) {
8
- if (e && e.__esModule) return e;
9
- var n = Object.create(null);
10
- if (e) {
11
- Object.keys(e).forEach(function (k) {
12
- if (k !== 'default') {
13
- var d = Object.getOwnPropertyDescriptor(e, k);
14
- Object.defineProperty(n, k, d.get ? d : {
15
- enumerable: true,
16
- get: function () {
17
- return e[k];
18
- }
19
- });
20
- }
21
- });
22
- }
23
- n['default'] = e;
24
- return Object.freeze(n);
25
- }
26
-
27
- var i0__namespace = /*#__PURE__*/_interopNamespace(i0);
28
- var i1__namespace$1 = /*#__PURE__*/_interopNamespace(i1$1);
29
- var base64__namespace = /*#__PURE__*/_interopNamespace(base64);
30
- var i1__namespace = /*#__PURE__*/_interopNamespace(i1);
31
-
32
- /*! *****************************************************************************
33
- Copyright (c) Microsoft Corporation.
34
-
35
- Permission to use, copy, modify, and/or distribute this software for any
36
- purpose with or without fee is hereby granted.
37
-
38
- THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
39
- REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
40
- AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
41
- INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
42
- LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
43
- OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
44
- PERFORMANCE OF THIS SOFTWARE.
45
- ***************************************************************************** */
46
- /* global Reflect, Promise */
47
- var extendStatics = function (d, b) {
48
- extendStatics = Object.setPrototypeOf ||
49
- ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
50
- function (d, b) { for (var p in b)
51
- if (Object.prototype.hasOwnProperty.call(b, p))
52
- d[p] = b[p]; };
53
- return extendStatics(d, b);
54
- };
55
- function __extends(d, b) {
56
- if (typeof b !== "function" && b !== null)
57
- throw new TypeError("Class extends value " + String(b) + " is not a constructor or null");
58
- extendStatics(d, b);
59
- function __() { this.constructor = d; }
60
- d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
61
- }
62
- var __assign = function () {
63
- __assign = Object.assign || function __assign(t) {
64
- for (var s, i = 1, n = arguments.length; i < n; i++) {
65
- s = arguments[i];
66
- for (var p in s)
67
- if (Object.prototype.hasOwnProperty.call(s, p))
68
- t[p] = s[p];
69
- }
70
- return t;
71
- };
72
- return __assign.apply(this, arguments);
73
- };
74
- function __rest(s, e) {
75
- var t = {};
76
- for (var p in s)
77
- if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)
78
- t[p] = s[p];
79
- if (s != null && typeof Object.getOwnPropertySymbols === "function")
80
- for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
81
- if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))
82
- t[p[i]] = s[p[i]];
83
- }
84
- return t;
85
- }
86
- function __decorate(decorators, target, key, desc) {
87
- var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
88
- if (typeof Reflect === "object" && typeof Reflect.decorate === "function")
89
- r = Reflect.decorate(decorators, target, key, desc);
90
- else
91
- for (var i = decorators.length - 1; i >= 0; i--)
92
- if (d = decorators[i])
93
- r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
94
- return c > 3 && r && Object.defineProperty(target, key, r), r;
95
- }
96
- function __param(paramIndex, decorator) {
97
- return function (target, key) { decorator(target, key, paramIndex); };
98
- }
99
- function __metadata(metadataKey, metadataValue) {
100
- if (typeof Reflect === "object" && typeof Reflect.metadata === "function")
101
- return Reflect.metadata(metadataKey, metadataValue);
102
- }
103
- function __awaiter(thisArg, _arguments, P, generator) {
104
- function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
105
- return new (P || (P = Promise))(function (resolve, reject) {
106
- function fulfilled(value) { try {
107
- step(generator.next(value));
108
- }
109
- catch (e) {
110
- reject(e);
111
- } }
112
- function rejected(value) { try {
113
- step(generator["throw"](value));
114
- }
115
- catch (e) {
116
- reject(e);
117
- } }
118
- function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
119
- step((generator = generator.apply(thisArg, _arguments || [])).next());
120
- });
121
- }
122
- function __generator(thisArg, body) {
123
- var _ = { label: 0, sent: function () { if (t[0] & 1)
124
- throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g;
125
- return g = { next: verb(0), "throw": verb(1), "return": verb(2) }, typeof Symbol === "function" && (g[Symbol.iterator] = function () { return this; }), g;
126
- function verb(n) { return function (v) { return step([n, v]); }; }
127
- function step(op) {
128
- if (f)
129
- throw new TypeError("Generator is already executing.");
130
- while (_)
131
- try {
132
- if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done)
133
- return t;
134
- if (y = 0, t)
135
- op = [op[0] & 2, t.value];
136
- switch (op[0]) {
137
- case 0:
138
- case 1:
139
- t = op;
140
- break;
141
- case 4:
142
- _.label++;
143
- return { value: op[1], done: false };
144
- case 5:
145
- _.label++;
146
- y = op[1];
147
- op = [0];
148
- continue;
149
- case 7:
150
- op = _.ops.pop();
151
- _.trys.pop();
152
- continue;
153
- default:
154
- if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
155
- _ = 0;
156
- continue;
157
- }
158
- if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) {
159
- _.label = op[1];
160
- break;
161
- }
162
- if (op[0] === 6 && _.label < t[1]) {
163
- _.label = t[1];
164
- t = op;
165
- break;
166
- }
167
- if (t && _.label < t[2]) {
168
- _.label = t[2];
169
- _.ops.push(op);
170
- break;
171
- }
172
- if (t[2])
173
- _.ops.pop();
174
- _.trys.pop();
175
- continue;
176
- }
177
- op = body.call(thisArg, _);
178
- }
179
- catch (e) {
180
- op = [6, e];
181
- y = 0;
182
- }
183
- finally {
184
- f = t = 0;
185
- }
186
- if (op[0] & 5)
187
- throw op[1];
188
- return { value: op[0] ? op[1] : void 0, done: true };
189
- }
190
- }
191
- var __createBinding = Object.create ? (function (o, m, k, k2) {
192
- if (k2 === undefined)
193
- k2 = k;
194
- Object.defineProperty(o, k2, { enumerable: true, get: function () { return m[k]; } });
195
- }) : (function (o, m, k, k2) {
196
- if (k2 === undefined)
197
- k2 = k;
198
- o[k2] = m[k];
199
- });
200
- function __exportStar(m, o) {
201
- for (var p in m)
202
- if (p !== "default" && !Object.prototype.hasOwnProperty.call(o, p))
203
- __createBinding(o, m, p);
204
- }
205
- function __values(o) {
206
- var s = typeof Symbol === "function" && Symbol.iterator, m = s && o[s], i = 0;
207
- if (m)
208
- return m.call(o);
209
- if (o && typeof o.length === "number")
210
- return {
211
- next: function () {
212
- if (o && i >= o.length)
213
- o = void 0;
214
- return { value: o && o[i++], done: !o };
215
- }
216
- };
217
- throw new TypeError(s ? "Object is not iterable." : "Symbol.iterator is not defined.");
218
- }
219
- function __read(o, n) {
220
- var m = typeof Symbol === "function" && o[Symbol.iterator];
221
- if (!m)
222
- return o;
223
- var i = m.call(o), r, ar = [], e;
224
- try {
225
- while ((n === void 0 || n-- > 0) && !(r = i.next()).done)
226
- ar.push(r.value);
227
- }
228
- catch (error) {
229
- e = { error: error };
230
- }
231
- finally {
232
- try {
233
- if (r && !r.done && (m = i["return"]))
234
- m.call(i);
235
- }
236
- finally {
237
- if (e)
238
- throw e.error;
239
- }
240
- }
241
- return ar;
242
- }
243
- /** @deprecated */
244
- function __spread() {
245
- for (var ar = [], i = 0; i < arguments.length; i++)
246
- ar = ar.concat(__read(arguments[i]));
247
- return ar;
248
- }
249
- /** @deprecated */
250
- function __spreadArrays() {
251
- for (var s = 0, i = 0, il = arguments.length; i < il; i++)
252
- s += arguments[i].length;
253
- for (var r = Array(s), k = 0, i = 0; i < il; i++)
254
- for (var a = arguments[i], j = 0, jl = a.length; j < jl; j++, k++)
255
- r[k] = a[j];
256
- return r;
257
- }
258
- function __spreadArray(to, from, pack) {
259
- if (pack || arguments.length === 2)
260
- for (var i = 0, l = from.length, ar; i < l; i++) {
261
- if (ar || !(i in from)) {
262
- if (!ar)
263
- ar = Array.prototype.slice.call(from, 0, i);
264
- ar[i] = from[i];
265
- }
266
- }
267
- return to.concat(ar || Array.prototype.slice.call(from));
268
- }
269
- function __await(v) {
270
- return this instanceof __await ? (this.v = v, this) : new __await(v);
271
- }
272
- function __asyncGenerator(thisArg, _arguments, generator) {
273
- if (!Symbol.asyncIterator)
274
- throw new TypeError("Symbol.asyncIterator is not defined.");
275
- var g = generator.apply(thisArg, _arguments || []), i, q = [];
276
- return i = {}, verb("next"), verb("throw"), verb("return"), i[Symbol.asyncIterator] = function () { return this; }, i;
277
- function verb(n) { if (g[n])
278
- i[n] = function (v) { return new Promise(function (a, b) { q.push([n, v, a, b]) > 1 || resume(n, v); }); }; }
279
- function resume(n, v) { try {
280
- step(g[n](v));
281
- }
282
- catch (e) {
283
- settle(q[0][3], e);
284
- } }
285
- function step(r) { r.value instanceof __await ? Promise.resolve(r.value.v).then(fulfill, reject) : settle(q[0][2], r); }
286
- function fulfill(value) { resume("next", value); }
287
- function reject(value) { resume("throw", value); }
288
- function settle(f, v) { if (f(v), q.shift(), q.length)
289
- resume(q[0][0], q[0][1]); }
290
- }
291
- function __asyncDelegator(o) {
292
- var i, p;
293
- return i = {}, verb("next"), verb("throw", function (e) { throw e; }), verb("return"), i[Symbol.iterator] = function () { return this; }, i;
294
- function verb(n, f) { i[n] = o[n] ? function (v) { return (p = !p) ? { value: __await(o[n](v)), done: n === "return" } : f ? f(v) : v; } : f; }
295
- }
296
- function __asyncValues(o) {
297
- if (!Symbol.asyncIterator)
298
- throw new TypeError("Symbol.asyncIterator is not defined.");
299
- var m = o[Symbol.asyncIterator], i;
300
- return m ? m.call(o) : (o = typeof __values === "function" ? __values(o) : o[Symbol.iterator](), i = {}, verb("next"), verb("throw"), verb("return"), i[Symbol.asyncIterator] = function () { return this; }, i);
301
- function verb(n) { i[n] = o[n] && function (v) { return new Promise(function (resolve, reject) { v = o[n](v), settle(resolve, reject, v.done, v.value); }); }; }
302
- function settle(resolve, reject, d, v) { Promise.resolve(v).then(function (v) { resolve({ value: v, done: d }); }, reject); }
303
- }
304
- function __makeTemplateObject(cooked, raw) {
305
- if (Object.defineProperty) {
306
- Object.defineProperty(cooked, "raw", { value: raw });
307
- }
308
- else {
309
- cooked.raw = raw;
310
- }
311
- return cooked;
312
- }
313
- ;
314
- var __setModuleDefault = Object.create ? (function (o, v) {
315
- Object.defineProperty(o, "default", { enumerable: true, value: v });
316
- }) : function (o, v) {
317
- o["default"] = v;
318
- };
319
- function __importStar(mod) {
320
- if (mod && mod.__esModule)
321
- return mod;
322
- var result = {};
323
- if (mod != null)
324
- for (var k in mod)
325
- if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k))
326
- __createBinding(result, mod, k);
327
- __setModuleDefault(result, mod);
328
- return result;
329
- }
330
- function __importDefault(mod) {
331
- return (mod && mod.__esModule) ? mod : { default: mod };
332
- }
333
- function __classPrivateFieldGet(receiver, state, kind, f) {
334
- if (kind === "a" && !f)
335
- throw new TypeError("Private accessor was defined without a getter");
336
- if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
337
- throw new TypeError("Cannot read private member from an object whose class did not declare it");
338
- return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
339
- }
340
- function __classPrivateFieldSet(receiver, state, value, kind, f) {
341
- if (kind === "m")
342
- throw new TypeError("Private method is not writable");
343
- if (kind === "a" && !f)
344
- throw new TypeError("Private accessor was defined without a setter");
345
- if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver))
346
- throw new TypeError("Cannot write private member to an object whose class did not declare it");
347
- return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
348
- }
349
-
350
- var CHARSET = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
351
- var NucleusCrypto = /** @class */ (function () {
352
- function NucleusCrypto() {
353
- this.browserCrypto = window.crypto || window.msCrypto;
354
- }
355
- NucleusCrypto.prototype.generateRandom = function (size) {
356
- var buffer = new Uint8Array(size);
357
- if (this.browserCrypto) {
358
- this.browserCrypto.getRandomValues(buffer);
359
- }
360
- else {
361
- // fall back to Math.random() if nothing else is available
362
- for (var i = 0; i < size; i += 1) {
363
- buffer[i] = Math.random();
364
- }
365
- }
366
- return this.bufferToString(buffer);
367
- };
368
- NucleusCrypto.prototype.deriveChallenge = function (code) {
369
- var _this = this;
370
- if (code.length < 43 || code.length > 128) {
371
- return Promise.reject(new appauth.AppAuthError('Invalid code length.'));
372
- }
373
- if (!this.browserCrypto.subtle) {
374
- return Promise.reject(new appauth.AppAuthError('window.crypto.subtle is unavailable.'));
375
- }
376
- var ecode = this.textEncodeLite(code);
377
- var op = this.browserCrypto.subtle.digest('SHA-256', ecode);
378
- return new Promise(function (resolve, reject) {
379
- // if operation contains algorithm it means it is not a promise which means it is CryptoOperation from IE.
380
- // We just return result as promise
381
- if (op.algorithm) {
382
- console.log('we have a CryptoOperation');
383
- op.addEventListener('complete', function () {
384
- resolve(_this.urlSafe(op.result));
385
- });
386
- op.addEventListener('error', function () {
387
- reject(op.result);
388
- });
389
- }
390
- else { // the result is promise
391
- op.then(function (buffer) { return resolve(_this.urlSafe(buffer)); }, function (error) { return reject(error); });
392
- }
393
- });
394
- };
395
- NucleusCrypto.prototype.urlSafe = function (buffer) {
396
- var encoded = base64__namespace.fromByteArray(new Uint8Array(buffer));
397
- return encoded.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, '');
398
- };
399
- NucleusCrypto.prototype.textEncodeLite = function (str) {
400
- var buf = new ArrayBuffer(str.length);
401
- var bufView = new Uint8Array(buf);
402
- for (var i = 0; i < str.length; i++) {
403
- bufView[i] = str.charCodeAt(i);
404
- }
405
- return bufView;
406
- };
407
- NucleusCrypto.prototype.bufferToString = function (buffer) {
408
- var state = [];
409
- for (var i = 0; i < buffer.byteLength; i += 1) {
410
- var index = buffer[i] % CHARSET.length;
411
- state.push(CHARSET[index]);
412
- }
413
- return state.join('');
414
- };
415
- return NucleusCrypto;
416
- }());
417
-
418
- var NucleusAuthorizationNotifier = /** @class */ (function (_super) {
419
- __extends(NucleusAuthorizationNotifier, _super);
420
- function NucleusAuthorizationNotifier() {
421
- var _this = _super.call(this) || this;
422
- _this.setAuthorizationListener(function (request, response, error) {
423
- console.log('Authorization request complete ', request, response, error);
424
- _this.response = response;
425
- _this.request = request;
426
- _this.error = error;
427
- });
428
- return _this;
429
- }
430
- return NucleusAuthorizationNotifier;
431
- }(appauth.AuthorizationNotifier));
432
-
433
- var Claim = /** @class */ (function () {
434
- function Claim(name, values) {
435
- this.name = name;
436
- this.values = values;
437
- }
438
- return Claim;
439
- }());
440
- var Identity = /** @class */ (function () {
441
- function Identity() {
442
- this.claims = [];
443
- }
444
- Identity.createFromResponse = function (res) {
445
- var token = this.decodeToken(res.idToken);
446
- var id = new Identity();
447
- id.name = token.name;
448
- id.subject = token.sub;
449
- for (var key in token) {
450
- if ({}.hasOwnProperty.call(token, key)) {
451
- var vals = token[key];
452
- if (!Array.isArray(vals)) {
453
- vals = [vals];
454
- }
455
- var claim = new Claim(key, vals);
456
- id.claims.push(claim);
457
- }
458
- }
459
- return id;
460
- };
461
- Identity.decodeToken = function (jwt) {
462
- if (!jwt) {
463
- throw new Error('NucleusIdentity: There was no identity token in the response!');
464
- }
465
- try {
466
- var arr = jwt.split('.');
467
- // var header = arr[0];
468
- var payload = this.b64DecodeUnicode(arr[1]);
469
- // var signature = arr[2];
470
- return JSON.parse(payload);
471
- }
472
- catch (error) {
473
- console.error('Error while decoding identity token', error);
474
- console.error('Error while decoding identity token JWT', jwt);
475
- }
476
- };
477
- Identity.b64DecodeUnicode = function (str) {
478
- str = str.replace(/-/g, '+').replace(/_/g, '/'); // Qlector fix :)
479
- return decodeURIComponent(atob(str).split('').map(function (c) { return '%' + ('00' + c.charCodeAt(0).toString(16)).slice(-2); }).join(''));
480
- };
481
- return Identity;
482
- }());
483
-
484
- var SecretsStore = /** @class */ (function () {
485
- function SecretsStore(clientId) {
486
- this._tokens = {};
487
- this._identities = {};
488
- this._tokenStorageKeyPrefix = "Nucleus.Identity." + clientId; // do not change this or login fith existing refresh tokens will fail
489
- this._servicePrincipalKey = "Nucleus.Identity." + clientId + ".SvcP";
490
- }
491
- SecretsStore.prototype.removeServicePrincipal = function () {
492
- this._servicePrincipal = null;
493
- return this.clear(this._servicePrincipalKey);
494
- };
495
- SecretsStore.prototype.setServicePrincipal = function (servicePrincipal) {
496
- return __awaiter(this, void 0, void 0, function () {
497
- return __generator(this, function (_b) {
498
- switch (_b.label) {
499
- case 0:
500
- this._servicePrincipal = servicePrincipal;
501
- return [4 /*yield*/, this.save(this._servicePrincipalKey, servicePrincipal)];
502
- case 1:
503
- _b.sent();
504
- return [2 /*return*/];
505
- }
506
- });
507
- });
508
- };
509
- SecretsStore.prototype.getServicePrincipal = function () {
510
- return __awaiter(this, void 0, void 0, function () {
511
- var _b;
512
- return __generator(this, function (_c) {
513
- switch (_c.label) {
514
- case 0:
515
- if (!!this._servicePrincipal) return [3 /*break*/, 2];
516
- _b = this;
517
- return [4 /*yield*/, this.load(this._servicePrincipalKey)];
518
- case 1:
519
- _b._servicePrincipal = _c.sent();
520
- _c.label = 2;
521
- case 2: return [2 /*return*/, this._servicePrincipal];
522
- }
523
- });
524
- });
525
- };
526
- SecretsStore.prototype.setToken = function (token, id) {
527
- if (id === void 0) { id = null; }
528
- return this.setTokenInternal(token, true, id);
529
- };
530
- SecretsStore.prototype.getIdentity = function (id) {
531
- if (id === void 0) { id = null; }
532
- var key = this.getTokenKey(id);
533
- return this._identities[key];
534
- };
535
- SecretsStore.prototype.getToken = function (id) {
536
- if (id === void 0) { id = null; }
537
- return __awaiter(this, void 0, void 0, function () {
538
- var key;
539
- return __generator(this, function (_b) {
540
- switch (_b.label) {
541
- case 0:
542
- key = this.getTokenKey(id);
543
- if (!(!this._tokens[key] || !this._tokens[key].isValid())) return [3 /*break*/, 2];
544
- return [4 /*yield*/, this.reloadTokenFromStorage(id)];
545
- case 1:
546
- _b.sent();
547
- _b.label = 2;
548
- case 2: return [2 /*return*/, this._tokens[key]];
549
- }
550
- });
551
- });
552
- };
553
- SecretsStore.prototype.removeToken = function (id) {
554
- if (id === void 0) { id = null; }
555
- var key = this.getTokenKey(id);
556
- delete this._tokens[key];
557
- delete this._identities[key];
558
- return this.clear(key);
559
- };
560
- SecretsStore.prototype.reloadTokenFromStorage = function (id) {
561
- return __awaiter(this, void 0, void 0, function () {
562
- var key, storedToken, res;
563
- return __generator(this, function (_b) {
564
- switch (_b.label) {
565
- case 0:
566
- key = this.getTokenKey(id);
567
- return [4 /*yield*/, this.load(key)];
568
- case 1:
569
- storedToken = _b.sent();
570
- if (!storedToken) return [3 /*break*/, 3];
571
- res = new appauth.TokenResponse(storedToken);
572
- if (!((res === null || res === void 0 ? void 0 : res.accessToken) || (res === null || res === void 0 ? void 0 : res.idToken))) return [3 /*break*/, 3];
573
- return [4 /*yield*/, this.setTokenInternal(res, false, id)];
574
- case 2:
575
- _b.sent();
576
- _b.label = 3;
577
- case 3: return [2 /*return*/, null];
578
- }
579
- });
580
- });
581
- };
582
- SecretsStore.prototype.setTokenInternal = function (token, save, id) {
583
- if (id === void 0) { id = null; }
584
- return __awaiter(this, void 0, void 0, function () {
585
- var key, e_1;
586
- return __generator(this, function (_b) {
587
- switch (_b.label) {
588
- case 0:
589
- key = this.getTokenKey(id);
590
- if (!(token == null)) return [3 /*break*/, 2];
591
- return [4 /*yield*/, this.removeToken(id)];
592
- case 1:
593
- _b.sent();
594
- return [3 /*break*/, 6];
595
- case 2:
596
- this._tokens[key] = token;
597
- this._identities[key] = Identity.createFromResponse(token);
598
- if (!save) return [3 /*break*/, 6];
599
- _b.label = 3;
600
- case 3:
601
- _b.trys.push([3, 5, , 6]);
602
- return [4 /*yield*/, this.save(key, token.toJson())];
603
- case 4:
604
- _b.sent();
605
- return [3 /*break*/, 6];
606
- case 5:
607
- e_1 = _b.sent();
608
- console.warn('Nucleus.Identity: Could not save to SecureStorage.');
609
- return [3 /*break*/, 6];
610
- case 6: return [2 /*return*/];
611
- }
612
- });
613
- });
614
- };
615
- SecretsStore.prototype.getTokenKey = function (id) {
616
- if (id === void 0) { id = null; }
617
- return id ? this._tokenStorageKeyPrefix + "." + id : this._tokenStorageKeyPrefix;
618
- };
619
- SecretsStore.prototype.clear = function (key) {
620
- return capacitorSecureStoragePlugin.SecureStoragePlugin.remove({ key: key });
621
- };
622
- SecretsStore.prototype.save = function (key, value) {
623
- return capacitorSecureStoragePlugin.SecureStoragePlugin.set({ key: key, value: JSON.stringify(value) });
624
- };
625
- SecretsStore.prototype.load = function (key) {
626
- return __awaiter(this, void 0, void 0, function () {
627
- var x, _a_1;
628
- return __generator(this, function (_b) {
629
- switch (_b.label) {
630
- case 0:
631
- _b.trys.push([0, 2, , 3]);
632
- return [4 /*yield*/, capacitorSecureStoragePlugin.SecureStoragePlugin.get({ key: key })];
633
- case 1:
634
- x = _b.sent();
635
- if (x === null || x === void 0 ? void 0 : x.value) {
636
- return [2 /*return*/, JSON.parse(x.value)];
637
- }
638
- else {
639
- return [2 /*return*/, null];
640
- }
641
- return [3 /*break*/, 3];
642
- case 2:
643
- _a_1 = _b.sent();
644
- return [2 /*return*/, null];
645
- case 3: return [2 /*return*/];
646
- }
647
- });
648
- });
649
- };
650
- return SecretsStore;
651
- }());
652
-
653
- var ServicePrincipal = /** @class */ (function () {
654
- function ServicePrincipal() {
655
- }
656
- return ServicePrincipal;
657
- }());
658
- var ServicePrincipalRegistrationStatus = /** @class */ (function () {
659
- function ServicePrincipalRegistrationStatus(servicePrincipal) {
660
- this.isRegistered = false;
661
- if (servicePrincipal) {
662
- this.isRegistered = true;
663
- this.id = servicePrincipal.id;
664
- this.expiresAt = servicePrincipal.expiresAt;
665
- }
666
- }
667
- Object.defineProperty(ServicePrincipalRegistrationStatus.prototype, "isExpired", {
668
- get: function () {
669
- return false;
670
- },
671
- enumerable: false,
672
- configurable: true
673
- });
674
- return ServicePrincipalRegistrationStatus;
675
- }());
676
-
677
- var LocationService = /** @class */ (function () {
678
- function LocationService(appService) {
679
- this.appService = appService;
680
- }
681
- Object.defineProperty(LocationService.prototype, "hash", {
682
- get: function () {
683
- return window.location.hash;
684
- },
685
- set: function (v) {
686
- window.location.hash = v;
687
- },
688
- enumerable: false,
689
- configurable: true
690
- });
691
- Object.defineProperty(LocationService.prototype, "host", {
692
- get: function () {
693
- return window.location.host;
694
- },
695
- set: function (v) {
696
- window.location.host = v;
697
- },
698
- enumerable: false,
699
- configurable: true
700
- });
701
- Object.defineProperty(LocationService.prototype, "origin", {
702
- get: function () {
703
- return window.location.origin;
704
- },
705
- enumerable: false,
706
- configurable: true
707
- });
708
- Object.defineProperty(LocationService.prototype, "hostname", {
709
- get: function () {
710
- return window.location.hostname;
711
- },
712
- set: function (v) {
713
- window.location.hostname = v;
714
- },
715
- enumerable: false,
716
- configurable: true
717
- });
718
- Object.defineProperty(LocationService.prototype, "pathname", {
719
- get: function () {
720
- return window.location.pathname;
721
- },
722
- set: function (v) {
723
- window.location.pathname = v;
724
- },
725
- enumerable: false,
726
- configurable: true
727
- });
728
- Object.defineProperty(LocationService.prototype, "port", {
729
- get: function () {
730
- return window.location.port;
731
- },
732
- set: function (v) {
733
- window.location.port = v;
734
- },
735
- enumerable: false,
736
- configurable: true
737
- });
738
- Object.defineProperty(LocationService.prototype, "protocol", {
739
- get: function () {
740
- return window.location.protocol;
741
- },
742
- set: function (v) {
743
- window.location.protocol = v;
744
- },
745
- enumerable: false,
746
- configurable: true
747
- });
748
- Object.defineProperty(LocationService.prototype, "search", {
749
- get: function () {
750
- return window.location.search;
751
- },
752
- set: function (v) {
753
- window.location.search = v;
754
- },
755
- enumerable: false,
756
- configurable: true
757
- });
758
- LocationService.prototype.assign = function (url) {
759
- if (this.appService.isNative) {
760
- browser.Browser.open({ url: url });
761
- }
762
- else {
763
- window.location.assign(url);
764
- }
765
- };
766
- return LocationService;
767
- }());
768
- LocationService.ɵfac = i0__namespace.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: LocationService, deps: [{ token: i1__namespace.NucleusAppService }], target: i0__namespace.ɵɵFactoryTarget.Injectable });
769
- LocationService.ɵprov = i0__namespace.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: LocationService, providedIn: 'root' });
770
- i0__namespace.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: LocationService, decorators: [{
771
- type: i0.Injectable,
772
- args: [{
773
- providedIn: 'root'
774
- }]
775
- }], ctorParameters: function () { return [{ type: i1__namespace.NucleusAppService }]; } });
776
-
777
- var WELL_KNOWN_PATH = '.well-known';
778
- var OPENID_CONFIGURATION = 'openid-configuration';
779
- var NucleusAuthorizationServiceConfiguration = /** @class */ (function (_super) {
780
- __extends(NucleusAuthorizationServiceConfiguration, _super);
781
- function NucleusAuthorizationServiceConfiguration(request) {
782
- var _this = _super.call(this, request) || this;
783
- _this.deviceAuthorizationEndpoint = request.device_authorization_endpoint;
784
- _this.registrationEndpoint = request.registration_endpoint;
785
- return _this;
786
- }
787
- NucleusAuthorizationServiceConfiguration.fetchFromIssuer = function (openIdIssuerUrl, requestor) {
788
- var fullUrl = openIdIssuerUrl + "/" + WELL_KNOWN_PATH + "/" + OPENID_CONFIGURATION;
789
- var requestorToUse = requestor || new appauth.JQueryRequestor();
790
- return requestorToUse
791
- .xhr({ url: fullUrl, dataType: 'json', method: 'GET' })
792
- .then(function (json) { return new NucleusAuthorizationServiceConfiguration(json); });
793
- };
794
- NucleusAuthorizationServiceConfiguration.prototype.toJson = function () {
795
- var res = _super.prototype.toJson.call(this);
796
- res.device_authorization_endpoint = this.deviceAuthorizationEndpoint;
797
- return res;
798
- };
799
- return NucleusAuthorizationServiceConfiguration;
800
- }(appauth.AuthorizationServiceConfiguration));
801
-
802
- var AngularRequestor = /** @class */ (function (_super) {
803
- __extends(AngularRequestor, _super);
804
- function AngularRequestor(http) {
805
- var _this = _super.call(this) || this;
806
- _this.http = http;
807
- return _this;
808
- }
809
- // eslint-disable-next-line no-undef
810
- AngularRequestor.prototype.xhr = function (settings) {
811
- var _this = this;
812
- if (settings.method === undefined) {
813
- settings.method = 'GET';
814
- }
815
- return new Promise(function (resolve, reject) {
816
- _this.http.request(settings.method, settings.url, {
817
- body: settings.data,
818
- headers: settings.headers,
819
- }).subscribe(function (res) { return resolve(res); }, function (err) {
820
- var _a;
821
- var e = new appauth.AppAuthError(err);
822
- if (err instanceof i1$1.HttpErrorResponse) {
823
- e = new appauth.AppAuthError(((_a = err.error) === null || _a === void 0 ? void 0 : _a.error) || err.statusText);
824
- }
825
- reject(e);
826
- });
827
- });
828
- };
829
- return AngularRequestor;
830
- }(appauth.Requestor));
831
- AngularRequestor.ɵfac = i0__namespace.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: AngularRequestor, deps: [{ token: i1__namespace$1.HttpClient }], target: i0__namespace.ɵɵFactoryTarget.Injectable });
832
- AngularRequestor.ɵprov = i0__namespace.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: AngularRequestor, providedIn: 'root' });
833
- i0__namespace.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: AngularRequestor, decorators: [{
834
- type: i0.Injectable,
835
- args: [{
836
- providedIn: 'root'
837
- }]
838
- }], ctorParameters: function () { return [{ type: i1__namespace$1.HttpClient }]; } });
839
-
840
- var NucleusIdentityConfig = /** @class */ (function () {
841
- function NucleusIdentityConfig() {
842
- this.authority = null;
843
- this.httpInterceptorUrls = [];
844
- this.automaticLoginOnHttp401 = false;
845
- }
846
- return NucleusIdentityConfig;
847
- }());
848
-
849
- var OidcConfigurationService = /** @class */ (function () {
850
- function OidcConfigurationService(requestor, config, appService) {
851
- this.requestor = requestor;
852
- this.config = config;
853
- this.appService = appService;
854
- this._configuration = null;
855
- }
856
- OidcConfigurationService.prototype.getConfiguration = function () {
857
- return __awaiter(this, void 0, void 0, function () {
858
- return __generator(this, function (_a) {
859
- switch (_a.label) {
860
- case 0: return [4 /*yield*/, this.assureConfiguration()];
861
- case 1:
862
- _a.sent();
863
- return [2 /*return*/, this._configuration];
864
- }
865
- });
866
- });
867
- };
868
- Object.defineProperty(OidcConfigurationService.prototype, "clientId", {
869
- get: function () {
870
- return this.config.clientId;
871
- },
872
- enumerable: false,
873
- configurable: true
874
- });
875
- Object.defineProperty(OidcConfigurationService.prototype, "requestedScopes", {
876
- get: function () {
877
- return this.config.requestedScopes;
878
- },
879
- enumerable: false,
880
- configurable: true
881
- });
882
- Object.defineProperty(OidcConfigurationService.prototype, "servicePrincipalRequestedScopes", {
883
- get: function () {
884
- return this.config.servicePrincipalRequestedScopes;
885
- },
886
- enumerable: false,
887
- configurable: true
888
- });
889
- Object.defineProperty(OidcConfigurationService.prototype, "authProviderHint", {
890
- get: function () {
891
- return this.config.authProviderHint;
892
- },
893
- enumerable: false,
894
- configurable: true
895
- });
896
- Object.defineProperty(OidcConfigurationService.prototype, "redirectUrl", {
897
- get: function () {
898
- var uri = window.location.href;
899
- var platform = this.appService.platform;
900
- if (platform === 'android' && this.config.androidRedirectUri) {
901
- uri = this.config.androidRedirectUri;
902
- }
903
- else if (platform === 'ios' && this.config.iOSRedirectUri) {
904
- uri = this.config.iOSRedirectUri;
905
- }
906
- else if (this.config.redirectUri) {
907
- uri = this.config.redirectUri;
908
- }
909
- return this.NormalizeRedirectUri(uri);
910
- },
911
- enumerable: false,
912
- configurable: true
913
- });
914
- OidcConfigurationService.prototype.getServerUrl = function (relativeUri) {
915
- if (relativeUri === void 0) { relativeUri = null; }
916
- var authority = this.config.authority;
917
- if (!authority || authority === 'origin') {
918
- authority = window.origin;
919
- }
920
- var url = new URL(authority);
921
- if (relativeUri) {
922
- url = new URL(relativeUri, url);
923
- }
924
- return url.href;
925
- };
926
- OidcConfigurationService.prototype.NormalizeRedirectUri = function (uri) {
927
- var i = uri.indexOf('#');
928
- if (i > 0) {
929
- uri = uri.substring(0, i);
930
- }
931
- return uri;
932
- };
933
- OidcConfigurationService.prototype.assureConfiguration = function () {
934
- return __awaiter(this, void 0, void 0, function () {
935
- var authority, _a, e_1;
936
- return __generator(this, function (_b) {
937
- switch (_b.label) {
938
- case 0:
939
- if (this._configuration != null) {
940
- return [2 /*return*/];
941
- }
942
- authority = this.getServerUrl();
943
- if (authority[authority.length - 1] === '/') {
944
- authority = authority.slice(0, -1);
945
- }
946
- _b.label = 1;
947
- case 1:
948
- _b.trys.push([1, 3, , 4]);
949
- _a = this;
950
- return [4 /*yield*/, NucleusAuthorizationServiceConfiguration.fetchFromIssuer(authority, this.requestor)];
951
- case 2:
952
- _a._configuration = _b.sent();
953
- return [3 /*break*/, 4];
954
- case 3:
955
- e_1 = _b.sent();
956
- console.error('Nucleus.Identity: Cannot load OIDC configuration: ' + e_1.message);
957
- throw e_1;
958
- case 4: return [2 /*return*/];
959
- }
960
- });
961
- });
962
- };
963
- return OidcConfigurationService;
964
- }());
965
- OidcConfigurationService.ɵfac = i0__namespace.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: OidcConfigurationService, deps: [{ token: AngularRequestor }, { token: NucleusIdentityConfig }, { token: i1__namespace.NucleusAppService }], target: i0__namespace.ɵɵFactoryTarget.Injectable });
966
- OidcConfigurationService.ɵprov = i0__namespace.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: OidcConfigurationService, providedIn: 'root' });
967
- i0__namespace.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: OidcConfigurationService, decorators: [{
968
- type: i0.Injectable,
969
- args: [{
970
- providedIn: 'root'
971
- }]
972
- }], ctorParameters: function () { return [{ type: AngularRequestor }, { type: NucleusIdentityConfig }, { type: i1__namespace.NucleusAppService }]; } });
973
-
974
- var DeviceCode = /** @class */ (function () {
975
- function DeviceCode(response) {
976
- this.deviceCode = response.device_code;
977
- this.userCode = response.user_code;
978
- this.verificationUrl = response.verification_uri;
979
- this.verificationUrlComplete = response.verification_uri_complete;
980
- this.expiresIn = parseInt(response.expires_in, 10);
981
- this.issuedAt = appauth.nowInSeconds();
982
- }
983
- DeviceCode.prototype.isExpired = function (buffer) {
984
- if (buffer === void 0) { buffer = 60; }
985
- return this.secondsLeft(buffer) <= 0;
986
- };
987
- DeviceCode.prototype.secondsLeft = function (buffer) {
988
- if (buffer === void 0) { buffer = 60; }
989
- var now = appauth.nowInSeconds();
990
- return (this.issuedAt + this.expiresIn - buffer) - now;
991
- };
992
- return DeviceCode;
993
- }());
994
-
995
- var ClientRegistrationResponse = /** @class */ (function () {
996
- function ClientRegistrationResponse(response) {
997
- this.clientId = response.client_id;
998
- this.clientSecret = response.client_secret;
999
- this.secretExpirationDate = new Date(response.client_secret_expires_at * 1000);
1000
- }
1001
- return ClientRegistrationResponse;
1002
- }());
1003
-
1004
- var TokenClient = /** @class */ (function () {
1005
- function TokenClient(requestor, config) {
1006
- this.requestor = requestor;
1007
- this.config = config;
1008
- this._tokenHandler = new appauth.BaseTokenRequestHandler(requestor);
1009
- this._utils = new appauth.BasicQueryStringUtils();
1010
- }
1011
- TokenClient.prototype.getByAuthorizationCode = function (redirectUrl, code, codeVerifier) {
1012
- return __awaiter(this, void 0, void 0, function () {
1013
- var config, redirectUri, req;
1014
- return __generator(this, function (_a) {
1015
- switch (_a.label) {
1016
- case 0: return [4 /*yield*/, this.config.getConfiguration()];
1017
- case 1:
1018
- config = _a.sent();
1019
- redirectUri = redirectUrl;
1020
- req = new appauth.TokenRequest({
1021
- client_id: this.config.clientId,
1022
- redirect_uri: redirectUri,
1023
- grant_type: appauth.GRANT_TYPE_AUTHORIZATION_CODE,
1024
- code: code,
1025
- extras: { code_verifier: codeVerifier }
1026
- });
1027
- return [4 /*yield*/, this._tokenHandler.performTokenRequest(config, req)];
1028
- case 2: return [2 /*return*/, _a.sent()];
1029
- }
1030
- });
1031
- });
1032
- };
1033
- TokenClient.prototype.getByRefreshToken = function (refreshToken) {
1034
- return __awaiter(this, void 0, void 0, function () {
1035
- var config, redirectUri, req;
1036
- return __generator(this, function (_a) {
1037
- switch (_a.label) {
1038
- case 0: return [4 /*yield*/, this.config.getConfiguration()];
1039
- case 1:
1040
- config = _a.sent();
1041
- redirectUri = this.config.redirectUrl;
1042
- req = new appauth.TokenRequest({
1043
- client_id: this.config.clientId,
1044
- redirect_uri: redirectUri,
1045
- grant_type: appauth.GRANT_TYPE_REFRESH_TOKEN,
1046
- refresh_token: refreshToken
1047
- });
1048
- return [4 /*yield*/, this._tokenHandler.performTokenRequest(config, req)];
1049
- case 2: return [2 /*return*/, _a.sent()];
1050
- }
1051
- });
1052
- });
1053
- };
1054
- TokenClient.prototype.getByClientCredentials = function (clientId, clientSecret, scope) {
1055
- return __awaiter(this, void 0, void 0, function () {
1056
- var config, req;
1057
- return __generator(this, function (_a) {
1058
- switch (_a.label) {
1059
- case 0: return [4 /*yield*/, this.config.getConfiguration()];
1060
- case 1:
1061
- config = _a.sent();
1062
- req = new appauth.TokenRequest({
1063
- client_id: clientId,
1064
- redirect_uri: null,
1065
- grant_type: 'client_credentials',
1066
- extras: {
1067
- client_secret: clientSecret,
1068
- scope: scope,
1069
- }
1070
- });
1071
- return [4 /*yield*/, this._tokenHandler.performTokenRequest(config, req)];
1072
- case 2: return [2 /*return*/, _a.sent()];
1073
- }
1074
- });
1075
- });
1076
- };
1077
- TokenClient.prototype.getBySecret = function (provider, secret, assertionToken, scope) {
1078
- return __awaiter(this, void 0, void 0, function () {
1079
- var config, req;
1080
- return __generator(this, function (_a) {
1081
- switch (_a.label) {
1082
- case 0: return [4 /*yield*/, this.config.getConfiguration()];
1083
- case 1:
1084
- config = _a.sent();
1085
- req = new appauth.TokenRequest({
1086
- client_id: this.config.clientId,
1087
- redirect_uri: null,
1088
- grant_type: 'urn:kolektor:nucleus:secret',
1089
- extras: {
1090
- secret_provider: provider,
1091
- secret_value: secret,
1092
- client_assertion_type: 'urn:ietf:params:oauth:client-assertion-type:jwt-bearer',
1093
- client_assertion: assertionToken,
1094
- scope: scope,
1095
- }
1096
- });
1097
- return [4 /*yield*/, this._tokenHandler.performTokenRequest(config, req)];
1098
- case 2: return [2 /*return*/, _a.sent()];
1099
- }
1100
- });
1101
- });
1102
- };
1103
- TokenClient.prototype.getByDeviceCode = function (deviceCode) {
1104
- return __awaiter(this, void 0, void 0, function () {
1105
- var config, req;
1106
- return __generator(this, function (_a) {
1107
- switch (_a.label) {
1108
- case 0: return [4 /*yield*/, this.config.getConfiguration()];
1109
- case 1:
1110
- config = _a.sent();
1111
- req = new appauth.TokenRequest({
1112
- client_id: this.config.clientId,
1113
- redirect_uri: null,
1114
- grant_type: 'urn:ietf:params:oauth:grant-type:device_code',
1115
- extras: {
1116
- device_code: deviceCode
1117
- }
1118
- });
1119
- return [4 /*yield*/, this._tokenHandler.performTokenRequest(config, req)];
1120
- case 2: return [2 /*return*/, _a.sent()];
1121
- }
1122
- });
1123
- });
1124
- };
1125
- TokenClient.prototype.registerServicePrincipal = function (token) {
1126
- return __awaiter(this, void 0, void 0, function () {
1127
- var config, response;
1128
- return __generator(this, function (_a) {
1129
- switch (_a.label) {
1130
- case 0: return [4 /*yield*/, this.config.getConfiguration()];
1131
- case 1:
1132
- config = _a.sent();
1133
- return [4 /*yield*/, this.requestor.xhr({
1134
- url: config.registrationEndpoint,
1135
- method: 'POST',
1136
- dataType: 'json',
1137
- headers: {
1138
- 'Content-Type': 'application/json',
1139
- Authorization: "Bearer " + token
1140
- }
1141
- // data: this._utils.stringify(map)
1142
- })];
1143
- case 2:
1144
- response = _a.sent();
1145
- if (response.error === undefined) {
1146
- return [2 /*return*/, new ClientRegistrationResponse(response)];
1147
- }
1148
- else {
1149
- throw new appauth.AppAuthError(response.error);
1150
- }
1151
- return [2 /*return*/];
1152
- }
1153
- });
1154
- });
1155
- };
1156
- TokenClient.prototype.getRegistrationCode = function (existingServicePrincipalId) {
1157
- if (existingServicePrincipalId === void 0) { existingServicePrincipalId = null; }
1158
- return __awaiter(this, void 0, void 0, function () {
1159
- var params;
1160
- return __generator(this, function (_a) {
1161
- params = {
1162
- custom_action: 'sp_register',
1163
- service_principal_id: existingServicePrincipalId
1164
- };
1165
- return [2 /*return*/, this.getDeviceCodeInternal(params)];
1166
- });
1167
- });
1168
- };
1169
- TokenClient.prototype.getDeviceCode = function (scope) {
1170
- return __awaiter(this, void 0, void 0, function () {
1171
- var params;
1172
- return __generator(this, function (_a) {
1173
- params = {
1174
- scope: scope,
1175
- };
1176
- return [2 /*return*/, this.getDeviceCodeInternal(params)];
1177
- });
1178
- });
1179
- };
1180
- TokenClient.prototype.getDeviceCodeInternal = function (params) {
1181
- return __awaiter(this, void 0, void 0, function () {
1182
- var config, map, response;
1183
- return __generator(this, function (_a) {
1184
- switch (_a.label) {
1185
- case 0: return [4 /*yield*/, this.config.getConfiguration()];
1186
- case 1:
1187
- config = _a.sent();
1188
- params['client_id'] = this.config.clientId;
1189
- map = params;
1190
- return [4 /*yield*/, this.requestor.xhr({
1191
- url: config.deviceAuthorizationEndpoint,
1192
- method: 'POST',
1193
- dataType: 'json',
1194
- headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
1195
- data: this._utils.stringify(map)
1196
- })];
1197
- case 2:
1198
- response = _a.sent();
1199
- if (response.error === undefined) {
1200
- return [2 /*return*/, new DeviceCode(response)];
1201
- }
1202
- else {
1203
- throw new appauth.AppAuthError(response.error);
1204
- }
1205
- return [2 /*return*/];
1206
- }
1207
- });
1208
- });
1209
- };
1210
- return TokenClient;
1211
- }());
1212
- TokenClient.ɵfac = i0__namespace.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: TokenClient, deps: [{ token: AngularRequestor }, { token: OidcConfigurationService }], target: i0__namespace.ɵɵFactoryTarget.Injectable });
1213
- TokenClient.ɵprov = i0__namespace.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: TokenClient, providedIn: 'root' });
1214
- i0__namespace.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: TokenClient, decorators: [{
1215
- type: i0.Injectable,
1216
- args: [{
1217
- providedIn: 'root'
1218
- }]
1219
- }], ctorParameters: function () { return [{ type: AngularRequestor }, { type: OidcConfigurationService }]; } });
1220
-
1221
- var NucleusIdentityService = /** @class */ (function () {
1222
- function NucleusIdentityService(appService, location, http, config, tokenClient) {
1223
- this.appService = appService;
1224
- this.http = http;
1225
- this.config = config;
1226
- this.tokenClient = tokenClient;
1227
- this._authorizationNotifier = new NucleusAuthorizationNotifier();
1228
- this._initStarted = false;
1229
- this._initialized = false;
1230
- this._servicePrincipalTokenId = '_svcp';
1231
- var storage = new appauth.LocalStorageBackend();
1232
- this._crypto = new NucleusCrypto();
1233
- this._authorizationHandler = new appauth.RedirectRequestHandler(storage, new appauth.BasicQueryStringUtils(), location, this._crypto);
1234
- this._authorizationHandler.setAuthorizationNotifier(this._authorizationNotifier);
1235
- this._store = new SecretsStore(config.clientId);
1236
- }
1237
- Object.defineProperty(NucleusIdentityService.prototype, "identity", {
1238
- get: function () {
1239
- return this._store.getIdentity();
1240
- },
1241
- enumerable: false,
1242
- configurable: true
1243
- });
1244
- Object.defineProperty(NucleusIdentityService.prototype, "isAuthenticated", {
1245
- get: function () {
1246
- return this.identity != null;
1247
- },
1248
- enumerable: false,
1249
- configurable: true
1250
- });
1251
- Object.defineProperty(NucleusIdentityService.prototype, "servicePrincipalIdentity", {
1252
- get: function () {
1253
- return this._store.getIdentity(this._servicePrincipalTokenId);
1254
- },
1255
- enumerable: false,
1256
- configurable: true
1257
- });
1258
- Object.defineProperty(NucleusIdentityService.prototype, "isServicePrincipalAuthenticated", {
1259
- get: function () {
1260
- return this.servicePrincipalIdentity != null;
1261
- },
1262
- enumerable: false,
1263
- configurable: true
1264
- });
1265
- NucleusIdentityService.prototype.init = function (startLogin) {
1266
- if (startLogin === void 0) { startLogin = false; }
1267
- return __awaiter(this, void 0, void 0, function () {
1268
- var authErr, request, response, res, res;
1269
- return __generator(this, function (_b) {
1270
- switch (_b.label) {
1271
- case 0:
1272
- if (this._initStarted || this._initialized) {
1273
- console.warn('Nucleus.Identity: Auth initialization was already started. Don\'t call init() multiple times!');
1274
- return [2 /*return*/];
1275
- }
1276
- this._initStarted = true;
1277
- this.handleLaunchCodeHash();
1278
- return [4 /*yield*/, this._authorizationHandler.completeAuthorizationRequestIfPossible()];
1279
- case 1:
1280
- _b.sent();
1281
- authErr = this._authorizationNotifier.error;
1282
- if (!authErr) return [3 /*break*/, 2];
1283
- throw new Error('Authorization err: ' + authErr.error + ': ' + authErr.errorDescription);
1284
- case 2:
1285
- if (!this._authorizationNotifier.response) return [3 /*break*/, 5];
1286
- window.location.hash = '';
1287
- request = this._authorizationNotifier.request;
1288
- response = this._authorizationNotifier.response;
1289
- return [4 /*yield*/, this.tokenClient.getByAuthorizationCode(request.redirectUri, response.code, request.internal['code_verifier'])];
1290
- case 3:
1291
- res = _b.sent();
1292
- return [4 /*yield*/, this._store.setToken(res)];
1293
- case 4:
1294
- _b.sent();
1295
- return [3 /*break*/, 8];
1296
- case 5: return [4 /*yield*/, this._store.getToken()];
1297
- case 6:
1298
- res = _b.sent();
1299
- if (!(!res && startLogin)) return [3 /*break*/, 8];
1300
- return [4 /*yield*/, this.login()];
1301
- case 7:
1302
- _b.sent();
1303
- _b.label = 8;
1304
- case 8:
1305
- this._initialized = true;
1306
- return [2 /*return*/];
1307
- }
1308
- });
1309
- });
1310
- };
1311
- NucleusIdentityService.prototype.loginWithSecret = function (provider, secret) {
1312
- var _a;
1313
- return __awaiter(this, void 0, void 0, function () {
1314
- var assertionToken, scope, res;
1315
- return __generator(this, function (_b) {
1316
- switch (_b.label) {
1317
- case 0:
1318
- this._store.removeToken();
1319
- return [4 /*yield*/, this.getServicePrincipalAccessToken()];
1320
- case 1:
1321
- assertionToken = _b.sent();
1322
- scope = this.prepareScope(true, (_a = this.config) === null || _a === void 0 ? void 0 : _a.requestedScopes);
1323
- return [4 /*yield*/, this.tokenClient.getBySecret(provider, secret, assertionToken, scope)];
1324
- case 2:
1325
- res = _b.sent();
1326
- return [4 /*yield*/, this._store.setToken(res)];
1327
- case 3:
1328
- _b.sent();
1329
- return [2 /*return*/];
1330
- }
1331
- });
1332
- });
1333
- };
1334
- NucleusIdentityService.prototype.login = function () {
1335
- return __awaiter(this, void 0, void 0, function () {
1336
- var config, request, listener_1;
1337
- var _this = this;
1338
- return __generator(this, function (_b) {
1339
- switch (_b.label) {
1340
- case 0:
1341
- this._store.removeToken();
1342
- return [4 /*yield*/, this.config.getConfiguration()];
1343
- case 1:
1344
- config = _b.sent();
1345
- request = this.prepareAuthorizationRequest();
1346
- if (this.appService.isNative) {
1347
- listener_1 = app.App.addListener('appUrlOpen', function (data) {
1348
- if (_this.appService.platform === 'ios') {
1349
- browser.Browser.close();
1350
- }
1351
- listener_1.remove();
1352
- var hash = _this.getCodeHash(data.url);
1353
- if (hash) {
1354
- var targetUrl = window.location.origin + window.location.pathname + '#' + hash;
1355
- window.location.assign(targetUrl);
1356
- window.location.reload();
1357
- }
1358
- else {
1359
- console.warn('Nucleus.Identity: Redirect url did not contain authorization code!', data);
1360
- }
1361
- });
1362
- }
1363
- this._authorizationHandler.performAuthorizationRequest(config, request);
1364
- return [2 /*return*/];
1365
- }
1366
- });
1367
- });
1368
- };
1369
- NucleusIdentityService.prototype.logout = function () {
1370
- return __awaiter(this, void 0, void 0, function () {
1371
- var config, redirectUrl, logoutUrl, listener_2;
1372
- return __generator(this, function (_b) {
1373
- switch (_b.label) {
1374
- case 0:
1375
- this._store.removeToken();
1376
- return [4 /*yield*/, this.config.getConfiguration()];
1377
- case 1:
1378
- config = _b.sent();
1379
- redirectUrl = this.config.redirectUrl;
1380
- logoutUrl = config.endSessionEndpoint + '?post_logout_redirect_uri=' + encodeURI(redirectUrl);
1381
- if (this.appService.isNative) {
1382
- listener_2 = app.App.addListener('appUrlOpen', function () {
1383
- device.Device.getInfo().then(function (info) {
1384
- if (info.platform === 'ios') {
1385
- browser.Browser.close();
1386
- }
1387
- });
1388
- listener_2.remove();
1389
- });
1390
- browser.Browser.open({ url: logoutUrl });
1391
- }
1392
- else {
1393
- window.location.assign(logoutUrl);
1394
- }
1395
- return [2 /*return*/];
1396
- }
1397
- });
1398
- });
1399
- };
1400
- NucleusIdentityService.prototype.getAccessToken = function () {
1401
- return __awaiter(this, void 0, void 0, function () {
1402
- return __generator(this, function (_b) {
1403
- switch (_b.label) {
1404
- case 0:
1405
- if (!this._getTokenPromise) {
1406
- this._getTokenPromise = this.getAccessTokenInternal();
1407
- }
1408
- _b.label = 1;
1409
- case 1:
1410
- _b.trys.push([1, , 3, 4]);
1411
- return [4 /*yield*/, this._getTokenPromise];
1412
- case 2: return [2 /*return*/, _b.sent()];
1413
- case 3:
1414
- this._getTokenPromise = null;
1415
- return [7 /*endfinally*/];
1416
- case 4: return [2 /*return*/];
1417
- }
1418
- });
1419
- });
1420
- };
1421
- NucleusIdentityService.prototype.getServicePrincipalAccessToken = function () {
1422
- return __awaiter(this, void 0, void 0, function () {
1423
- return __generator(this, function (_b) {
1424
- switch (_b.label) {
1425
- case 0:
1426
- if (!this._getServicePrincipalTokenPromise) {
1427
- this._getServicePrincipalTokenPromise = this.getServicePrincipalAccessTokenInternal();
1428
- }
1429
- _b.label = 1;
1430
- case 1:
1431
- _b.trys.push([1, , 3, 4]);
1432
- return [4 /*yield*/, this._getServicePrincipalTokenPromise];
1433
- case 2: return [2 /*return*/, _b.sent()];
1434
- case 3:
1435
- this._getServicePrincipalTokenPromise = null;
1436
- return [7 /*endfinally*/];
1437
- case 4: return [2 /*return*/];
1438
- }
1439
- });
1440
- });
1441
- };
1442
- NucleusIdentityService.prototype.loginServicePrincipal = function () {
1443
- return __awaiter(this, void 0, void 0, function () {
1444
- return __generator(this, function (_b) {
1445
- switch (_b.label) {
1446
- case 0: return [4 /*yield*/, this.loginServicePrincipalInternal()];
1447
- case 1:
1448
- _b.sent();
1449
- return [2 /*return*/];
1450
- }
1451
- });
1452
- });
1453
- };
1454
- /*
1455
- public async loginAsServicePrincipal() {
1456
- let token = await this._store.getToken(this._servicePrincipalTokenId);
1457
- if (!token) {
1458
- await this.loginServicePrincipal();
1459
- }
1460
- token = await this._store.getToken(this._servicePrincipalTokenId);
1461
- // TODO: we have to distinguished that token is service principal so refresh token stuff is handled correctly.
1462
- // We have to implement universal getAccessToken function that can handle all cases
1463
- await this._store.setToken(token);
1464
- }
1465
- */
1466
- NucleusIdentityService.prototype.getOtp = function (type, expiresIn) {
1467
- if (expiresIn === void 0) { expiresIn = -1; }
1468
- return __awaiter(this, void 0, void 0, function () {
1469
- var url;
1470
- return __generator(this, function (_b) {
1471
- url = this.config.getServerUrl("/otp/create?type=" + type);
1472
- if (expiresIn > 0) {
1473
- url += "&expiresIn=" + expiresIn;
1474
- }
1475
- return [2 /*return*/, this.http.get(url).toPromise()];
1476
- });
1477
- });
1478
- };
1479
- NucleusIdentityService.prototype.getOtpStatus = function (id) {
1480
- return __awaiter(this, void 0, void 0, function () {
1481
- var url;
1482
- return __generator(this, function (_b) {
1483
- url = this.config.getServerUrl("/otp/status/" + id);
1484
- return [2 /*return*/, this.http.get(url).toPromise()];
1485
- });
1486
- });
1487
- };
1488
- NucleusIdentityService.prototype.getOtpUrl = function (redirectUrl, password) {
1489
- var encoded = encodeURIComponent(redirectUrl);
1490
- var url = "/otp/auth?otpValue=" + password + "&returnUrl=" + encoded;
1491
- return this.config.getServerUrl(url);
1492
- };
1493
- NucleusIdentityService.prototype.startServicePrincipalRegistration = function () {
1494
- return __awaiter(this, void 0, void 0, function () {
1495
- var sp;
1496
- return __generator(this, function (_b) {
1497
- switch (_b.label) {
1498
- case 0: return [4 /*yield*/, this._store.getServicePrincipal()];
1499
- case 1:
1500
- sp = _b.sent();
1501
- return [4 /*yield*/, this.tokenClient.getRegistrationCode(sp === null || sp === void 0 ? void 0 : sp.id)];
1502
- case 2: return [2 /*return*/, _b.sent()];
1503
- }
1504
- });
1505
- });
1506
- };
1507
- NucleusIdentityService.prototype.completeServicePrincipalRegistration = function (deviceCode) {
1508
- return __awaiter(this, void 0, void 0, function () {
1509
- var tokenRes, regRes;
1510
- return __generator(this, function (_b) {
1511
- switch (_b.label) {
1512
- case 0: return [4 /*yield*/, this.waitForDeviceToken(deviceCode)];
1513
- case 1:
1514
- tokenRes = _b.sent();
1515
- return [4 /*yield*/, this.tokenClient.registerServicePrincipal(tokenRes.accessToken)];
1516
- case 2:
1517
- regRes = _b.sent();
1518
- return [4 /*yield*/, this._store.setServicePrincipal({
1519
- id: regRes.clientId,
1520
- secret: regRes.clientSecret,
1521
- expiresAt: regRes.secretExpirationDate
1522
- })];
1523
- case 3:
1524
- _b.sent();
1525
- return [2 /*return*/];
1526
- }
1527
- });
1528
- });
1529
- };
1530
- NucleusIdentityService.prototype.removeServicePrincipalRegistration = function () {
1531
- return this._store.removeServicePrincipal();
1532
- };
1533
- NucleusIdentityService.prototype.getServicePrincipalRegistrationStatus = function () {
1534
- return __awaiter(this, void 0, void 0, function () {
1535
- var sp;
1536
- return __generator(this, function (_b) {
1537
- switch (_b.label) {
1538
- case 0: return [4 /*yield*/, this._store.getServicePrincipal()];
1539
- case 1:
1540
- sp = _b.sent();
1541
- return [2 /*return*/, new ServicePrincipalRegistrationStatus(sp)];
1542
- }
1543
- });
1544
- });
1545
- };
1546
- NucleusIdentityService.prototype.startDeviceCodeLogin = function () {
1547
- return __awaiter(this, void 0, void 0, function () {
1548
- var scope;
1549
- return __generator(this, function (_b) {
1550
- switch (_b.label) {
1551
- case 0:
1552
- scope = this.prepareScope(true, this.config.requestedScopes);
1553
- return [4 /*yield*/, this.tokenClient.getDeviceCode(scope)];
1554
- case 1: return [2 /*return*/, _b.sent()];
1555
- }
1556
- });
1557
- });
1558
- };
1559
- NucleusIdentityService.prototype.completeDeviceCodeLogin = function (deviceCode) {
1560
- return __awaiter(this, void 0, void 0, function () {
1561
- var res;
1562
- return __generator(this, function (_b) {
1563
- switch (_b.label) {
1564
- case 0: return [4 /*yield*/, this.waitForDeviceToken(deviceCode)];
1565
- case 1:
1566
- res = _b.sent();
1567
- return [4 /*yield*/, this._store.setToken(res)];
1568
- case 2:
1569
- _b.sent();
1570
- return [2 /*return*/];
1571
- }
1572
- });
1573
- });
1574
- };
1575
- NucleusIdentityService.prototype.waitForDeviceToken = function (deviceCode) {
1576
- return __awaiter(this, void 0, void 0, function () {
1577
- var res, error_1;
1578
- return __generator(this, function (_b) {
1579
- switch (_b.label) {
1580
- case 0:
1581
- res = null;
1582
- _b.label = 1;
1583
- case 1:
1584
- if (deviceCode.isExpired()) {
1585
- throw Error('Device code is expired!');
1586
- }
1587
- _b.label = 2;
1588
- case 2:
1589
- _b.trys.push([2, 4, , 8]);
1590
- return [4 /*yield*/, this.tokenClient.getByDeviceCode(deviceCode.deviceCode)];
1591
- case 3:
1592
- res = _b.sent();
1593
- return [3 /*break*/, 8];
1594
- case 4:
1595
- error_1 = _b.sent();
1596
- if (!(error_1 instanceof appauth.AppAuthError && error_1.message === 'authorization_pending')) return [3 /*break*/, 6];
1597
- return [4 /*yield*/, this.delay(2000)];
1598
- case 5:
1599
- _b.sent();
1600
- return [3 /*break*/, 7];
1601
- case 6: throw error_1;
1602
- case 7: return [3 /*break*/, 8];
1603
- case 8:
1604
- if (!res) return [3 /*break*/, 1];
1605
- _b.label = 9;
1606
- case 9: return [2 /*return*/, res];
1607
- }
1608
- });
1609
- });
1610
- };
1611
- NucleusIdentityService.prototype.prepareAuthorizationRequest = function () {
1612
- var redirectUri = this.config.redirectUrl;
1613
- var params = {
1614
- response_mode: 'fragment',
1615
- prompt: 'consent',
1616
- access_type: 'offline',
1617
- auth_provider_hint: this.config.authProviderHint
1618
- };
1619
- return new appauth.AuthorizationRequest({
1620
- client_id: this.config.clientId,
1621
- redirect_uri: redirectUri,
1622
- response_type: appauth.AuthorizationRequest.RESPONSE_TYPE_CODE,
1623
- scope: this.prepareScope(true, this.config.requestedScopes),
1624
- extras: params,
1625
- }, this._crypto, true);
1626
- };
1627
- NucleusIdentityService.prototype.loginServicePrincipalInternal = function () {
1628
- return __awaiter(this, void 0, void 0, function () {
1629
- var sp, scope, res;
1630
- return __generator(this, function (_b) {
1631
- switch (_b.label) {
1632
- case 0: return [4 /*yield*/, this._store.getServicePrincipal()];
1633
- case 1:
1634
- sp = _b.sent();
1635
- if (!sp) return [3 /*break*/, 4];
1636
- scope = this.prepareScope(false, this.config.servicePrincipalRequestedScopes);
1637
- return [4 /*yield*/, this.tokenClient.getByClientCredentials(sp.id, sp.secret, scope)];
1638
- case 2:
1639
- res = _b.sent();
1640
- return [4 /*yield*/, this._store.setToken(res, this._servicePrincipalTokenId)];
1641
- case 3:
1642
- _b.sent();
1643
- return [2 /*return*/, res];
1644
- case 4: throw Error('Service principal is not registered!');
1645
- }
1646
- });
1647
- });
1648
- };
1649
- NucleusIdentityService.prototype.getServicePrincipalAccessTokenInternal = function () {
1650
- return __awaiter(this, void 0, void 0, function () {
1651
- var token;
1652
- return __generator(this, function (_b) {
1653
- switch (_b.label) {
1654
- case 0: return [4 /*yield*/, this._store.getToken(this._servicePrincipalTokenId)];
1655
- case 1:
1656
- token = _b.sent();
1657
- if (!!(token === null || token === void 0 ? void 0 : token.isValid())) return [3 /*break*/, 3];
1658
- return [4 /*yield*/, this.loginServicePrincipalInternal()];
1659
- case 2:
1660
- token = _b.sent();
1661
- _b.label = 3;
1662
- case 3: return [2 /*return*/, token === null || token === void 0 ? void 0 : token.accessToken];
1663
- }
1664
- });
1665
- });
1666
- };
1667
- NucleusIdentityService.prototype.getAccessTokenInternal = function () {
1668
- return __awaiter(this, void 0, void 0, function () {
1669
- var token;
1670
- return __generator(this, function (_b) {
1671
- switch (_b.label) {
1672
- case 0: return [4 /*yield*/, this._store.getToken()];
1673
- case 1:
1674
- token = _b.sent();
1675
- if (!(token && !token.isValid())) return [3 /*break*/, 3];
1676
- return [4 /*yield*/, this.loginWithRefreshToken(token)];
1677
- case 2:
1678
- token = _b.sent();
1679
- _b.label = 3;
1680
- case 3: return [2 /*return*/, token === null || token === void 0 ? void 0 : token.accessToken];
1681
- }
1682
- });
1683
- });
1684
- };
1685
- NucleusIdentityService.prototype.loginWithRefreshToken = function (token) {
1686
- return __awaiter(this, void 0, void 0, function () {
1687
- return __generator(this, function (_b) {
1688
- switch (_b.label) {
1689
- case 0:
1690
- if (!this._refreshTokenPromise) {
1691
- this._refreshTokenPromise = this.loginWithRefreshTokenInternal(token);
1692
- }
1693
- _b.label = 1;
1694
- case 1:
1695
- _b.trys.push([1, , 3, 4]);
1696
- return [4 /*yield*/, this._refreshTokenPromise];
1697
- case 2: return [2 /*return*/, _b.sent()];
1698
- case 3:
1699
- this._refreshTokenPromise = null;
1700
- return [7 /*endfinally*/];
1701
- case 4: return [2 /*return*/];
1702
- }
1703
- });
1704
- });
1705
- };
1706
- NucleusIdentityService.prototype.loginWithRefreshTokenInternal = function (token) {
1707
- return __awaiter(this, void 0, void 0, function () {
1708
- var res, err_1;
1709
- return __generator(this, function (_b) {
1710
- switch (_b.label) {
1711
- case 0:
1712
- if (!(token === null || token === void 0 ? void 0 : token.refreshToken)) return [3 /*break*/, 8];
1713
- _b.label = 1;
1714
- case 1:
1715
- _b.trys.push([1, 4, , 7]);
1716
- return [4 /*yield*/, this.tokenClient.getByRefreshToken(token.refreshToken)];
1717
- case 2:
1718
- res = _b.sent();
1719
- return [4 /*yield*/, this._store.setToken(res)];
1720
- case 3:
1721
- _b.sent();
1722
- return [2 /*return*/, res];
1723
- case 4:
1724
- err_1 = _b.sent();
1725
- console.warn('Nucleus.Identity: Failed to login with refresh token.', err_1);
1726
- if (!(err_1.message === 'invalid_grant')) return [3 /*break*/, 6];
1727
- return [4 /*yield*/, this.logout()];
1728
- case 5:
1729
- _b.sent();
1730
- _b.label = 6;
1731
- case 6: return [3 /*break*/, 7];
1732
- case 7: return [3 /*break*/, 9];
1733
- case 8:
1734
- console.warn('Nucleus.Identity: There is no refresh token available.');
1735
- _b.label = 9;
1736
- case 9: return [2 /*return*/];
1737
- }
1738
- });
1739
- });
1740
- };
1741
- NucleusIdentityService.prototype.getCodeHash = function (url) {
1742
- var arr = url.split('#');
1743
- if (arr.length > 1) {
1744
- var hash = arr[1];
1745
- if (hash.startsWith('code=')) {
1746
- return hash;
1747
- }
1748
- }
1749
- return null;
1750
- };
1751
- NucleusIdentityService.prototype.handleLaunchCodeHash = function () {
1752
- if (this.appService.isNative && this.appService.launchUrl) {
1753
- var hash = this.getCodeHash(this.appService.launchUrl);
1754
- if (hash) {
1755
- console.log('Nucleus.Identity: Got authorization code from launchUrl, will assign it to hash.');
1756
- window.location.hash = '#' + hash;
1757
- }
1758
- }
1759
- };
1760
- NucleusIdentityService.prototype.prepareScope = function (offlineAccess, aditionalScope) {
1761
- var scope = 'openid';
1762
- if (offlineAccess) {
1763
- scope += ' offline_access';
1764
- }
1765
- if (scope) {
1766
- scope += ' ' + aditionalScope;
1767
- }
1768
- return scope;
1769
- };
1770
- NucleusIdentityService.prototype.delay = function (miliseconds) {
1771
- return new Promise(function (resolve) {
1772
- setTimeout(function () {
1773
- resolve();
1774
- }, miliseconds);
1775
- });
1776
- };
1777
- return NucleusIdentityService;
1778
- }());
1779
- NucleusIdentityService.ɵfac = i0__namespace.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: NucleusIdentityService, deps: [{ token: i1__namespace.NucleusAppService }, { token: LocationService }, { token: i1__namespace$1.HttpClient }, { token: OidcConfigurationService }, { token: TokenClient }], target: i0__namespace.ɵɵFactoryTarget.Injectable });
1780
- NucleusIdentityService.ɵprov = i0__namespace.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: NucleusIdentityService, providedIn: 'root' });
1781
- i0__namespace.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: NucleusIdentityService, decorators: [{
1782
- type: i0.Injectable,
1783
- args: [{
1784
- providedIn: 'root'
1785
- }]
1786
- }], ctorParameters: function () { return [{ type: i1__namespace.NucleusAppService }, { type: LocationService }, { type: i1__namespace$1.HttpClient }, { type: OidcConfigurationService }, { type: TokenClient }]; } });
1787
-
1788
- var NucleusTokenInterceptor = /** @class */ (function () {
1789
- function NucleusTokenInterceptor(auth, config) {
1790
- var _a;
1791
- this.auth = auth;
1792
- this.config = config;
1793
- this._authorityInterceptPaths = ['/api', '/manage', '/otp/create', '/otp/status'];
1794
- this._authority = config.authority.toLowerCase();
1795
- this._interceptUrls = (_a = config.httpInterceptorUrls) === null || _a === void 0 ? void 0 : _a.map(function (x) { return x.toLowerCase(); });
1796
- }
1797
- NucleusTokenInterceptor.prototype.intercept = function (req, next) {
1798
- if (this.shouldIntercept(req.url)) {
1799
- var res = this.authorizeRequest(this.auth.getAccessToken(), req, next);
1800
- return this.checkUnauthorized(res);
1801
- }
1802
- return next.handle(req);
1803
- };
1804
- NucleusTokenInterceptor.prototype.shouldIntercept = function (url) {
1805
- var _a;
1806
- url = url.toLowerCase();
1807
- if (url.startsWith(this._authority)) {
1808
- var pathname_1 = new URL(url).pathname;
1809
- return (this._authorityInterceptPaths.some(function (x) { return pathname_1.startsWith(x); }));
1810
- }
1811
- if (((_a = this._interceptUrls) === null || _a === void 0 ? void 0 : _a.length) > 0) {
1812
- return this.config.httpInterceptorUrls.some(function (x) { return url.startsWith(x); });
1813
- }
1814
- return false;
1815
- };
1816
- NucleusTokenInterceptor.prototype.authorizeRequest = function (getToken, req, next) {
1817
- return rxjs.from(getToken).pipe(operators.mergeMap(function (token) {
1818
- if (token) {
1819
- var headers = req.headers.set('Authorization', "Bearer " + token);
1820
- req = req.clone({ headers: headers });
1821
- }
1822
- return next.handle(req);
1823
- }));
1824
- };
1825
- NucleusTokenInterceptor.prototype.checkUnauthorized = function (response) {
1826
- var _this = this;
1827
- return response.pipe(operators.catchError(function (err) {
1828
- if (err instanceof i1$1.HttpErrorResponse && err.status === 401) {
1829
- if (_this.config.automaticLoginOnHttp401) {
1830
- _this.auth.login();
1831
- }
1832
- }
1833
- return rxjs.throwError(err);
1834
- }));
1835
- };
1836
- return NucleusTokenInterceptor;
1837
- }());
1838
- NucleusTokenInterceptor.ɵfac = i0__namespace.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: NucleusTokenInterceptor, deps: [{ token: NucleusIdentityService }, { token: NucleusIdentityConfig }], target: i0__namespace.ɵɵFactoryTarget.Injectable });
1839
- NucleusTokenInterceptor.ɵprov = i0__namespace.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: NucleusTokenInterceptor, providedIn: 'root' });
1840
- i0__namespace.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: NucleusTokenInterceptor, decorators: [{
1841
- type: i0.Injectable,
1842
- args: [{
1843
- providedIn: 'root'
1844
- }]
1845
- }], ctorParameters: function () { return [{ type: NucleusIdentityService }, { type: NucleusIdentityConfig }]; } });
1846
-
1847
- var NucleusIdentityModule = /** @class */ (function () {
1848
- function NucleusIdentityModule() {
1849
- }
1850
- NucleusIdentityModule.forRoot = function (config) {
1851
- return {
1852
- ngModule: NucleusIdentityModule,
1853
- providers: [
1854
- { provide: NucleusIdentityConfig, useValue: config },
1855
- { provide: i1$1.HTTP_INTERCEPTORS, useClass: NucleusTokenInterceptor, multi: true },
1856
- ]
1857
- };
1858
- };
1859
- return NucleusIdentityModule;
1860
- }());
1861
- NucleusIdentityModule.ɵfac = i0__namespace.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: NucleusIdentityModule, deps: [], target: i0__namespace.ɵɵFactoryTarget.NgModule });
1862
- NucleusIdentityModule.ɵmod = i0__namespace.ɵɵngDeclareNgModule({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: NucleusIdentityModule });
1863
- NucleusIdentityModule.ɵinj = i0__namespace.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: NucleusIdentityModule, imports: [[]] });
1864
- i0__namespace.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "12.2.3", ngImport: i0__namespace, type: NucleusIdentityModule, decorators: [{
1865
- type: i0.NgModule,
1866
- args: [{
1867
- imports: [],
1868
- declarations: [],
1869
- exports: []
1870
- }]
1871
- }] });
1872
-
1873
- var OtpResponse = /** @class */ (function () {
1874
- function OtpResponse() {
1875
- }
1876
- return OtpResponse;
1877
- }());
1878
- var OtpStatus = /** @class */ (function () {
1879
- function OtpStatus() {
1880
- }
1881
- return OtpStatus;
1882
- }());
1883
- exports.OtpType = void 0;
1884
- (function (OtpType) {
1885
- OtpType[OtpType["SimpleNumbers"] = 0] = "SimpleNumbers";
1886
- OtpType[OtpType["SimpleAlfanumeric"] = 1] = "SimpleAlfanumeric";
1887
- OtpType[OtpType["Complex"] = 2] = "Complex";
1888
- })(exports.OtpType || (exports.OtpType = {}));
1889
-
1890
- /*
1891
- * Public API Surface of nucleus-identity
1892
- */
1893
-
1894
- /**
1895
- * Generated bundle index. Do not edit.
1896
- */
1897
-
1898
- exports.DeviceCode = DeviceCode;
1899
- exports.Identity = Identity;
1900
- exports.NucleusIdentityConfig = NucleusIdentityConfig;
1901
- exports.NucleusIdentityModule = NucleusIdentityModule;
1902
- exports.NucleusIdentityService = NucleusIdentityService;
1903
- exports.OtpResponse = OtpResponse;
1904
- exports.OtpStatus = OtpStatus;
1905
- exports.ServicePrincipalRegistrationStatus = ServicePrincipalRegistrationStatus;
1906
-
1907
- Object.defineProperty(exports, '__esModule', { value: true });
1908
-
1909
- })));
1910
- //# sourceMappingURL=kolektor-nucleus-identity.umd.js.map