@leapdev/auth-agent 2.2.13-beta.0 → 2.2.13-beta.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (25) hide show
  1. package/package.json +1 -1
  2. package/src/index.js +2 -4
  3. package/src/index.js.map +1 -0
  4. package/src/index.umd.js +91 -355
  5. package/src/lib/auth-agent.d.ts +4 -1
  6. package/src/lib/auth-agent.js +20 -21
  7. package/src/lib/auth-agent.js.map +1 -0
  8. package/src/lib/auth.service.js +55 -58
  9. package/src/lib/auth.service.js.map +1 -0
  10. package/src/lib/authentication.d.ts +5 -1
  11. package/src/lib/authentication.js +210 -163
  12. package/src/lib/authentication.js.map +1 -0
  13. package/src/lib/config.js +6 -9
  14. package/src/lib/config.js.map +1 -0
  15. package/src/lib/idle-timer.js +23 -26
  16. package/src/lib/idle-timer.js.map +1 -0
  17. package/src/lib/notification.js +41 -44
  18. package/src/lib/notification.js.map +1 -0
  19. package/src/lib/redirections.js +2 -5
  20. package/src/lib/redirections.js.map +1 -0
  21. package/src/lib/types.js +3 -5
  22. package/src/lib/types.js.map +1 -0
  23. package/src/lib/utils.js +10 -17
  24. package/src/lib/utils.js.map +1 -0
  25. package/CHANGELOG.md +0 -95
package/src/index.umd.js CHANGED
@@ -44,7 +44,12 @@
44
44
  if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
45
45
  if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
46
46
  return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
47
- }
47
+ }
48
+
49
+ typeof SuppressedError === "function" ? SuppressedError : function (error, suppressed, message) {
50
+ var e = new Error(message);
51
+ return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
52
+ };
48
53
 
49
54
  var commonjsGlobal = typeof globalThis !== 'undefined' ? globalThis : typeof window !== 'undefined' ? window : typeof global !== 'undefined' ? global : typeof self !== 'undefined' ? self : {};
50
55
 
@@ -3824,11 +3829,9 @@
3824
3829
  throw Error('Missing config parameter : ' + p);
3825
3830
  }
3826
3831
  });
3827
-
3828
3832
  if (!lodash.isArray(options.scopes)) {
3829
3833
  throw Error('Scopes must be an array with string values');
3830
3834
  }
3831
-
3832
3835
  const config = Object.assign(Object.assign({}, DEFAULT_CONFIG), options);
3833
3836
  return config;
3834
3837
  };
@@ -3838,9 +3841,7 @@
3838
3841
  class LeapAuthService {
3839
3842
  constructor(authHost, clientId) {
3840
3843
  _LeapAuthService_authHost.set(this, void 0);
3841
-
3842
3844
  _LeapAuthService_clientId.set(this, void 0);
3843
-
3844
3845
  this.getAccessTokenByJti = jti => {
3845
3846
  return new Promise((resolve, reject) => {
3846
3847
  __classPrivateFieldGet(this, _LeapAuthService_xhr, "f").call(this, {
@@ -3859,7 +3860,6 @@
3859
3860
  });
3860
3861
  });
3861
3862
  };
3862
-
3863
3863
  this.getRedirections = () => {
3864
3864
  return new Promise((resolve, reject) => {
3865
3865
  __classPrivateFieldGet(this, _LeapAuthService_xhr, "f").call(this, {
@@ -3872,7 +3872,6 @@
3872
3872
  });
3873
3873
  });
3874
3874
  };
3875
-
3876
3875
  this.exchangeAuthCodeForAccessToken = params => {
3877
3876
  return new Promise((resolve, reject) => {
3878
3877
  __classPrivateFieldGet(this, _LeapAuthService_xhr, "f").call(this, {
@@ -3893,7 +3892,6 @@
3893
3892
  });
3894
3893
  });
3895
3894
  };
3896
-
3897
3895
  this.renewAccessToken = params => {
3898
3896
  return new Promise((resolve, reject) => {
3899
3897
  __classPrivateFieldGet(this, _LeapAuthService_xhr, "f").call(this, {
@@ -3913,7 +3911,6 @@
3913
3911
  });
3914
3912
  });
3915
3913
  };
3916
-
3917
3914
  this.userInfo = token => {
3918
3915
  return new Promise((resolve, reject) => {
3919
3916
  __classPrivateFieldGet(this, _LeapAuthService_xhr, "f").call(this, {
@@ -3926,7 +3923,6 @@
3926
3923
  });
3927
3924
  });
3928
3925
  };
3929
-
3930
3926
  this.linkUser = params => {
3931
3927
  const {
3932
3928
  jti,
@@ -3935,14 +3931,12 @@
3935
3931
  } = params;
3936
3932
  const redirectUrl = newWindow ? __classPrivateFieldGet(this, _LeapAuthService_authHost, "f") + LEAP_AUTH_CLOSE_WINDOW_URL : params.redirectUrl;
3937
3933
  const requestUrl = `/cloudprovider/link?client_id=${__classPrivateFieldGet(this, _LeapAuthService_clientId, "f")}&prompt=none&jti=${jti}&callback=${redirectUrl}`;
3938
-
3939
3934
  __classPrivateFieldGet(this, _LeapAuthService_redirectUrl, "f").call(this, {
3940
3935
  requestUrl,
3941
3936
  newWindow,
3942
3937
  callback
3943
3938
  });
3944
3939
  };
3945
-
3946
3940
  this.unlinkUser = params => {
3947
3941
  const {
3948
3942
  jti,
@@ -3951,14 +3945,12 @@
3951
3945
  } = params;
3952
3946
  const redirectUrl = newWindow ? __classPrivateFieldGet(this, _LeapAuthService_authHost, "f") + LEAP_AUTH_CLOSE_WINDOW_URL : params.redirectUrl;
3953
3947
  const requestUrl = `/cloudprovider/unlink?client_id=${__classPrivateFieldGet(this, _LeapAuthService_clientId, "f")}&jti=${jti}&callback=${redirectUrl}`;
3954
-
3955
3948
  __classPrivateFieldGet(this, _LeapAuthService_redirectUrl, "f").call(this, {
3956
3949
  requestUrl,
3957
3950
  newWindow,
3958
3951
  callback
3959
3952
  });
3960
3953
  };
3961
-
3962
3954
  this.getCloudProviderToken = (token, jti) => {
3963
3955
  const url = `${__classPrivateFieldGet(this, _LeapAuthService_authHost, "f")}/cloudprovider/accesstoken` + (jti ? '/' + jti : '');
3964
3956
  return new Promise((resolve, reject) => {
@@ -3972,7 +3964,6 @@
3972
3964
  });
3973
3965
  });
3974
3966
  };
3975
-
3976
3967
  this.cloudProviderUserInfo = token => {
3977
3968
  return new Promise((resolve, reject) => {
3978
3969
  __classPrivateFieldGet(this, _LeapAuthService_xhr, "f").call(this, {
@@ -3985,7 +3976,6 @@
3985
3976
  });
3986
3977
  });
3987
3978
  };
3988
-
3989
3979
  this.cloudProviderReauthenticate = params => {
3990
3980
  const {
3991
3981
  nonce,
@@ -3994,14 +3984,12 @@
3994
3984
  } = params;
3995
3985
  const redirectUrl = newWindow ? __classPrivateFieldGet(this, _LeapAuthService_authHost, "f") + LEAP_AUTH_CLOSE_WINDOW_URL : params.redirectUrl;
3996
3986
  const requestUrl = `/cloudprovider/reauthenticate?nonce=${nonce}&redirectUrl=${redirectUrl}`;
3997
-
3998
3987
  __classPrivateFieldGet(this, _LeapAuthService_redirectUrl, "f").call(this, {
3999
3988
  requestUrl,
4000
3989
  newWindow,
4001
3990
  callback
4002
3991
  });
4003
3992
  };
4004
-
4005
3993
  this.cloudProviderReauthenticateLink = token => {
4006
3994
  return new Promise((resolve, reject) => {
4007
3995
  __classPrivateFieldGet(this, _LeapAuthService_xhr, "f").call(this, {
@@ -4014,7 +4002,6 @@
4014
4002
  });
4015
4003
  });
4016
4004
  };
4017
-
4018
4005
  this.cloudProviderUpdate = params => {
4019
4006
  const {
4020
4007
  firmId,
@@ -4037,7 +4024,6 @@
4037
4024
  });
4038
4025
  });
4039
4026
  };
4040
-
4041
4027
  this.statusAdminConsent = token => {
4042
4028
  return new Promise((resolve, reject) => {
4043
4029
  __classPrivateFieldGet(this, _LeapAuthService_xhr, "f").call(this, {
@@ -4050,7 +4036,6 @@
4050
4036
  });
4051
4037
  });
4052
4038
  };
4053
-
4054
4039
  this.getAdminConsent = params => {
4055
4040
  const {
4056
4041
  domain,
@@ -4059,14 +4044,12 @@
4059
4044
  } = params;
4060
4045
  const redirectUrl = newWindow ? __classPrivateFieldGet(this, _LeapAuthService_authHost, "f") + LEAP_AUTH_CLOSE_WINDOW_URL : params.redirectUrl;
4061
4046
  const requestUrl = `/cloudprovider/adminconsent?client_id=${__classPrivateFieldGet(this, _LeapAuthService_clientId, "f")}&redirectUrl=${redirectUrl}${domain ? '&domain=' + domain : ''}`;
4062
-
4063
4047
  __classPrivateFieldGet(this, _LeapAuthService_redirectUrl, "f").call(this, {
4064
4048
  requestUrl,
4065
4049
  newWindow,
4066
4050
  callback
4067
4051
  });
4068
4052
  };
4069
-
4070
4053
  this.revokeAdminConsent = token => {
4071
4054
  return new Promise((resolve, reject) => {
4072
4055
  __classPrivateFieldGet(this, _LeapAuthService_xhr, "f").call(this, {
@@ -4079,7 +4062,6 @@
4079
4062
  });
4080
4063
  });
4081
4064
  };
4082
-
4083
4065
  this.getLinkMap = (token, allUsers) => {
4084
4066
  return new Promise((resolve, reject) => {
4085
4067
  __classPrivateFieldGet(this, _LeapAuthService_xhr, "f").call(this, {
@@ -4092,7 +4074,6 @@
4092
4074
  });
4093
4075
  });
4094
4076
  };
4095
-
4096
4077
  this.setLinkMap = (token, linkMap) => {
4097
4078
  return new Promise((resolve, reject) => {
4098
4079
  __classPrivateFieldGet(this, _LeapAuthService_xhr, "f").call(this, {
@@ -4107,7 +4088,6 @@
4107
4088
  });
4108
4089
  });
4109
4090
  };
4110
-
4111
4091
  this.authoriseSupport = (token, params) => {
4112
4092
  const {
4113
4093
  code,
@@ -4130,7 +4110,6 @@
4130
4110
  });
4131
4111
  });
4132
4112
  };
4133
-
4134
4113
  this.changePassword = params => {
4135
4114
  const {
4136
4115
  newWindow,
@@ -4140,7 +4119,6 @@
4140
4119
  let changePasswordUrl = `/oauth/changepassword?client_id=${__classPrivateFieldGet(this, _LeapAuthService_clientId, "f")}`;
4141
4120
  let redirect_uri = '';
4142
4121
  let noListener = false;
4143
-
4144
4122
  if (newWindow) {
4145
4123
  if (!!callback && typeof callback === 'function') {
4146
4124
  redirect_uri = __classPrivateFieldGet(this, _LeapAuthService_authHost, "f") + LEAP_AUTH_CLOSE_WINDOW_URL;
@@ -4151,11 +4129,9 @@
4151
4129
  } else {
4152
4130
  redirect_uri = __classPrivateFieldGet(this, _LeapAuthService_authHost, "f") + '/oauth/logout?force=true' + '&redirect_uri=' + (redirectUrl || window.location.href);
4153
4131
  }
4154
-
4155
4132
  if (redirect_uri) {
4156
4133
  changePasswordUrl += `&redirect_uri=${encodeURIComponent(redirect_uri)}`;
4157
4134
  }
4158
-
4159
4135
  __classPrivateFieldGet(this, _LeapAuthService_redirectUrl, "f").call(this, {
4160
4136
  requestUrl: changePasswordUrl,
4161
4137
  newWindow,
@@ -4163,7 +4139,6 @@
4163
4139
  noListener
4164
4140
  });
4165
4141
  };
4166
-
4167
4142
  _LeapAuthService_xhr.set(this, (params, onload) => {
4168
4143
  const {
4169
4144
  method,
@@ -4183,7 +4158,6 @@
4183
4158
  xhr.setRequestHeader('Content-type', options.contentType);
4184
4159
  xhr.setRequestHeader('Access-Control-Allow-Origin', options.accessControlAllowOrigin);
4185
4160
  if (accessToken) xhr.setRequestHeader('Authorization', 'Bearer ' + accessToken);
4186
-
4187
4161
  xhr.onload = () => {
4188
4162
  try {
4189
4163
  let resp;
@@ -4193,11 +4167,9 @@
4193
4167
  onload(xhr.response, xhr.status);
4194
4168
  }
4195
4169
  };
4196
-
4197
4170
  if (options.body) options.body = JSON.stringify(options.body);
4198
4171
  xhr.send(options.body);
4199
4172
  });
4200
-
4201
4173
  _LeapAuthService_redirectUrl.set(this, params => {
4202
4174
  const {
4203
4175
  requestUrl,
@@ -4206,21 +4178,17 @@
4206
4178
  noListener
4207
4179
  } = params;
4208
4180
  const fullUrl = __classPrivateFieldGet(this, _LeapAuthService_authHost, "f") + requestUrl;
4209
-
4210
4181
  if (newWindow) {
4211
4182
  const childWindow = window.open(fullUrl, '_blank');
4212
-
4213
4183
  const eventHandler = event => {
4214
4184
  if (event && event.data === 'closeMe' && childWindow) {
4215
4185
  childWindow.close();
4216
-
4217
4186
  if (lodash.isFunction(callback)) {
4218
4187
  callback();
4219
4188
  window.removeEventListener('message', eventHandler, false);
4220
4189
  }
4221
4190
  }
4222
4191
  };
4223
-
4224
4192
  if (!noListener) {
4225
4193
  window.addEventListener('message', eventHandler, false);
4226
4194
  }
@@ -4228,17 +4196,13 @@
4228
4196
  window.location.href = fullUrl;
4229
4197
  }
4230
4198
  });
4231
-
4232
4199
  __classPrivateFieldSet(this, _LeapAuthService_authHost, authHost, "f");
4233
-
4234
4200
  __classPrivateFieldSet(this, _LeapAuthService_clientId, clientId, "f");
4235
4201
  }
4236
-
4237
4202
  }
4238
4203
  _LeapAuthService_authHost = new WeakMap(), _LeapAuthService_clientId = new WeakMap(), _LeapAuthService_xhr = new WeakMap(), _LeapAuthService_redirectUrl = new WeakMap();
4239
4204
 
4240
4205
  var HookName;
4241
-
4242
4206
  (function (HookName) {
4243
4207
  HookName["afterLogin"] = "afterLogin";
4244
4208
  HookName["beforeLogout"] = "beforeLogout";
@@ -4256,13 +4220,9 @@
4256
4220
  class Notification {
4257
4221
  constructor() {
4258
4222
  _Notification_pubnubKeys.set(this, void 0);
4259
-
4260
4223
  _Notification_pubnub.set(this, void 0);
4261
-
4262
4224
  _Notification_eventListeners.set(this, []);
4263
-
4264
4225
  _Notification_uniqueSessionTriggerHook.set(this, undefined);
4265
-
4266
4226
  this.init = params => __awaiter(this, void 0, void 0, function* () {
4267
4227
  const {
4268
4228
  authHost,
@@ -4272,15 +4232,11 @@
4272
4232
  uniqueSession,
4273
4233
  hooks
4274
4234
  } = params;
4275
-
4276
4235
  if (!!hooks && hooks.uniqueSessionTrigger) {
4277
4236
  __classPrivateFieldSet(this, _Notification_uniqueSessionTriggerHook, hooks.uniqueSessionTrigger, "f");
4278
4237
  }
4279
-
4280
4238
  __classPrivateFieldGet(this, _Notification_initFirmChannel, "f").call(this, firmId, userId);
4281
-
4282
4239
  __classPrivateFieldGet(this, _Notification_initUserChannel, "f").call(this, userId);
4283
-
4284
4240
  if (uniqueSession) {
4285
4241
  yield __classPrivateFieldGet(this, _Notification_initUniqueSessionChannel, "f").call(this, {
4286
4242
  authHost,
@@ -4288,37 +4244,30 @@
4288
4244
  });
4289
4245
  }
4290
4246
  });
4291
-
4292
4247
  this.destroy = () => {
4293
4248
  if (__classPrivateFieldGet(this, _Notification_pubnub, "f")) {
4294
4249
  __classPrivateFieldGet(this, _Notification_pubnub, "f").unsubscribeAll();
4295
-
4296
4250
  __classPrivateFieldSet(this, _Notification_eventListeners, [], "f");
4297
4251
  }
4298
4252
  };
4299
-
4300
4253
  this.registerEventListenerForUserChannel = params => {
4301
4254
  const {
4302
4255
  topic,
4303
4256
  messageType,
4304
4257
  callback
4305
4258
  } = params;
4306
-
4307
4259
  if (!lodash.isFunction(callback)) {
4308
4260
  throw Error(`Registering Event Listener ${topic} ${messageType}: callback needs to be a function`);
4309
4261
  }
4310
-
4311
4262
  __classPrivateFieldGet(this, _Notification_eventListeners, "f").push({
4312
4263
  topic,
4313
4264
  messageType,
4314
4265
  callback
4315
4266
  });
4316
4267
  };
4317
-
4318
4268
  this.setUniqueSessionTriggerHook = hook => {
4319
4269
  __classPrivateFieldSet(this, _Notification_uniqueSessionTriggerHook, hook, "f");
4320
4270
  };
4321
-
4322
4271
  _Notification_initFirmChannel.set(this, (firmId, userId) => {
4323
4272
  __classPrivateFieldGet(this, _Notification_pubnub, "f").addListener({
4324
4273
  presence: presenceEvent => {
@@ -4326,38 +4275,32 @@
4326
4275
  action,
4327
4276
  uuid
4328
4277
  } = presenceEvent;
4329
-
4330
4278
  if (uuid === __classPrivateFieldGet(this, _Notification_pubnubKeys, "f").uuid) {
4331
4279
  return;
4332
4280
  }
4333
-
4334
4281
  if (action === 'leave' || action === 'timeout') {
4335
4282
  const valuesUUID = uuid.split('~');
4336
4283
  const userIdFromPresence = valuesUUID[0] || '';
4337
4284
  const instanceGuidFromPresence = valuesUUID[1] || '';
4338
4285
  const userActionFromPresence = valuesUUID[2] || '';
4339
4286
  const isUserActionRequiredLogout = userActionFromPresence === USER_ACTION.USERNAME_CHANGED || userActionFromPresence === USER_ACTION.PASSWORD_CHANGED || userActionFromPresence === USER_ACTION.USER_DISABLED;
4340
-
4341
4287
  if (userIdFromPresence === userId && instanceGuidFromPresence === EMPTY_GUID && isUserActionRequiredLogout) {
4342
4288
  AuthAgent.logout(true);
4343
4289
  }
4344
4290
  }
4345
4291
  }
4346
4292
  });
4347
-
4348
4293
  __classPrivateFieldGet(this, _Notification_pubnub, "f").subscribe({
4349
4294
  channels: [firmId],
4350
4295
  withPresence: true
4351
4296
  });
4352
4297
  });
4353
-
4354
4298
  _Notification_initUserChannel.set(this, userId => {
4355
4299
  __classPrivateFieldGet(this, _Notification_pubnub, "f").addListener({
4356
4300
  message: data => {
4357
4301
  const {
4358
4302
  content
4359
4303
  } = data.message;
4360
-
4361
4304
  if (content && content.topic && content.messageType && content.data) {
4362
4305
  for (const eventListener of __classPrivateFieldGet(this, _Notification_eventListeners, "f")) {
4363
4306
  if (eventListener.topic === content.topic && eventListener.messageType === content.messageType && eventListener.callback && lodash.isFunction(eventListener.callback)) {
@@ -4367,13 +4310,11 @@
4367
4310
  }
4368
4311
  }
4369
4312
  });
4370
-
4371
4313
  __classPrivateFieldGet(this, _Notification_pubnub, "f").subscribe({
4372
4314
  channels: [`user_${userId}`],
4373
4315
  withPresence: false
4374
4316
  });
4375
4317
  });
4376
-
4377
4318
  _Notification_initUniqueSessionChannel.set(this, params => __awaiter(this, void 0, void 0, function* () {
4378
4319
  const decodedToken = yield AuthAgent.getDecodedAccessToken();
4379
4320
  const {
@@ -4385,36 +4326,29 @@
4385
4326
  sessionId: mySessionId,
4386
4327
  impersonatorId: myImpersonatorId
4387
4328
  } = decodedToken;
4388
-
4389
4329
  if (!decodedToken) {
4390
4330
  return;
4391
4331
  }
4392
-
4393
4332
  const channel = `auth-session-${myUserId}`;
4394
-
4395
4333
  __classPrivateFieldGet(this, _Notification_pubnub, "f").addListener({
4396
4334
  message: data => __awaiter(this, void 0, void 0, function* () {
4397
4335
  const decodedToken = yield AuthAgent.getDecodedAccessToken();
4398
-
4399
4336
  if (!decodedToken) {
4400
4337
  AuthAgent.logout(true);
4401
4338
  }
4402
-
4403
4339
  const {
4404
4340
  sessionId: mySessionId,
4405
4341
  impersonatorId: myImpersonatorId,
4406
4342
  userId: myUserId
4407
4343
  } = decodedToken;
4408
4344
  const myAgentId = localStorage.getItem('leap-auth-agent-id');
4409
-
4410
4345
  if (myAgentId && data && data.message) {
4411
4346
  const sessionId = data.message.sessionId,
4412
- authHost = data.message.authHost,
4413
- clientId = data.message.clientId,
4414
- logout = data.message.logout;
4415
- data.message.agentId;
4416
- const impersonatorId = myImpersonatorId ? myImpersonatorId : data.message.impersonatorId;
4417
-
4347
+ authHost = data.message.authHost,
4348
+ clientId = data.message.clientId,
4349
+ logout = data.message.logout;
4350
+ data.message.agentId;
4351
+ const impersonatorId = myImpersonatorId ? myImpersonatorId : data.message.impersonatorId;
4418
4352
  if (authHost === myAuthHost) {
4419
4353
  if (clientId === myClientId && sessionId !== mySessionId || clientId !== myClientId && sessionId === mySessionId && logout) {
4420
4354
  if (impersonatorId !== undefined && impersonatorId !== '') {
@@ -4431,19 +4365,15 @@
4431
4365
  }
4432
4366
  })
4433
4367
  });
4434
-
4435
4368
  __classPrivateFieldGet(this, _Notification_pubnub, "f").subscribe({
4436
4369
  channels: [channel],
4437
4370
  withPresence: true
4438
4371
  });
4439
-
4440
4372
  let agentId = localStorage.getItem('leap-auth-agent-id');
4441
-
4442
4373
  if (!agentId) {
4443
4374
  agentId = uuid.v4();
4444
4375
  localStorage.setItem('leap-auth-agent-id', agentId);
4445
4376
  }
4446
-
4447
4377
  __classPrivateFieldGet(this, _Notification_pubnub, "f").publish({
4448
4378
  message: {
4449
4379
  authHost: myAuthHost,
@@ -4459,16 +4389,13 @@
4459
4389
  }
4460
4390
  });
4461
4391
  }));
4462
-
4463
4392
  __classPrivateFieldSet(this, _Notification_pubnubKeys, {
4464
4393
  publishKey: 'pub-13f5288e-cd88-4ef9-9e68-0c11cd03ddb8',
4465
4394
  subscribeKey: 'sub-a456f002-0095-11e2-9638-9581afc33ebf',
4466
4395
  uuid: uuid.v4()
4467
4396
  }, "f");
4468
-
4469
4397
  __classPrivateFieldSet(this, _Notification_pubnub, new Pubnub__default["default"](__classPrivateFieldGet(this, _Notification_pubnubKeys, "f")), "f");
4470
4398
  }
4471
-
4472
4399
  }
4473
4400
  _Notification_pubnubKeys = new WeakMap(), _Notification_pubnub = new WeakMap(), _Notification_eventListeners = new WeakMap(), _Notification_uniqueSessionTriggerHook = new WeakMap(), _Notification_initFirmChannel = new WeakMap(), _Notification_initUserChannel = new WeakMap(), _Notification_initUniqueSessionChannel = new WeakMap();
4474
4401
 
@@ -5908,7 +5835,6 @@
5908
5835
  const deleteQueryParameter = (windowLocation, name, value) => {
5909
5836
  const nameValue = name + '=' + value;
5910
5837
  let toReplace = nameValue;
5911
-
5912
5838
  if (windowLocation.indexOf('?' + nameValue) >= 0) {
5913
5839
  if (windowLocation.indexOf('?' + nameValue + '&') >= 0) {
5914
5840
  toReplace += '&';
@@ -5918,16 +5844,13 @@
5918
5844
  } else if (windowLocation.indexOf('&' + nameValue) >= 0) {
5919
5845
  toReplace = '&' + toReplace;
5920
5846
  }
5921
-
5922
5847
  return windowLocation.replace(toReplace, '');
5923
5848
  };
5924
5849
  const getQueryParameter = name => {
5925
5850
  const paramsForSearch = parseParams(window.location.search.substring(1));
5926
-
5927
5851
  if (paramsForSearch[name]) {
5928
5852
  return paramsForSearch[name];
5929
5853
  }
5930
-
5931
5854
  return undefined;
5932
5855
  };
5933
5856
  const createCodeChallenge = verifier => __awaiter(void 0, void 0, void 0, function* () {
@@ -5955,41 +5878,33 @@
5955
5878
  randomValues.forEach(v => random += charset[v % charset.length]);
5956
5879
  return random;
5957
5880
  };
5958
-
5959
5881
  const sha256 = s => __awaiter(void 0, void 0, void 0, function* () {
5960
5882
  const digestOp = getCryptoSubtle().digest({
5961
5883
  name: 'SHA-256'
5962
5884
  }, new TextEncoder().encode(s));
5963
-
5964
5885
  if (window.msCrypto) {
5965
5886
  return new Promise((res, rej) => {
5966
5887
  digestOp.oncomplete = e => {
5967
5888
  res(e.target.result);
5968
5889
  };
5969
-
5970
5890
  digestOp.onerror = e => {
5971
5891
  rej(e.error);
5972
5892
  };
5973
-
5974
5893
  digestOp.onabort = () => {
5975
5894
  rej('The digest operation was aborted');
5976
5895
  };
5977
5896
  });
5978
5897
  }
5979
-
5980
5898
  return yield digestOp;
5981
5899
  });
5982
-
5983
5900
  const getCryptoSubtle = () => {
5984
5901
  const crypto = getCrypto();
5985
5902
  return crypto.subtle || crypto.webkitSubtle;
5986
5903
  };
5987
-
5988
5904
  const bufferToBase64UrlEncoded = input => {
5989
5905
  const ie11SafeInput = new Uint8Array(input);
5990
5906
  return urlEncodeB64(window.btoa(String.fromCharCode(...Array.from(ie11SafeInput))));
5991
5907
  };
5992
-
5993
5908
  const urlEncodeB64 = input => {
5994
5909
  const b64Chars = {
5995
5910
  '+': '-',
@@ -5998,17 +5913,14 @@
5998
5913
  };
5999
5914
  return input.replace(/[+/=]/g, m => b64Chars[m]);
6000
5915
  };
6001
-
6002
5916
  const parseParams = url => {
6003
5917
  const result = {};
6004
5918
  const params = url.split('&');
6005
-
6006
5919
  for (let i = 0; i < params.length; i++) {
6007
5920
  const param = params[i].split('=', 2);
6008
5921
  if (param.length !== 2) continue;
6009
5922
  result[param[0]] = decodeURIComponent(param[1].replace(/\+/g, " "));
6010
5923
  }
6011
-
6012
5924
  return result;
6013
5925
  };
6014
5926
 
@@ -6119,42 +6031,33 @@
6119
6031
  const redirections = redirectionConfig.environments;
6120
6032
  const suffix = topLevelDomains.find(suffix => origin.endsWith(suffix));
6121
6033
  const environmentVariables = redirectionConfig.environmentVariables;
6122
-
6123
6034
  if (suffix) {
6124
6035
  for (let i = 0; i < redirections.length; i++) {
6125
6036
  redirection = redirections[i];
6126
6037
  const tokenCriteriaMatched = containsKeys(decodedToken, redirection.criteria);
6127
-
6128
6038
  if (tokenCriteriaMatched && !!containsApplication(redirection.applications, origin)) {
6129
6039
  if (redirection.topLevelDomain !== suffix) {
6130
6040
  redirectUrl = origin.replace(suffix, redirection.topLevelDomain);
6131
6041
  }
6132
-
6133
6042
  const envVariables = environmentVariables[redirection.criteria.environment];
6134
-
6135
6043
  if (envVariables) {
6136
6044
  const prefixMappings = envVariables['prefixMappings'];
6137
6045
  const keys = Object.keys(prefixMappings);
6138
6046
  const needToUpdatePrefixKey = containsApplication(keys, origin);
6139
-
6140
6047
  if (needToUpdatePrefixKey) {
6141
6048
  const prefixValue = prefixMappings[needToUpdatePrefixKey];
6142
6049
  redirectUrl = redirectUrl ? redirectUrl.replace(needToUpdatePrefixKey, prefixValue) : origin.replace(needToUpdatePrefixKey, prefixValue);
6143
6050
  }
6144
6051
  }
6145
-
6146
6052
  break;
6147
6053
  }
6148
6054
  }
6149
-
6150
6055
  if (!!redirection && !!redirectUrl) {
6151
6056
  result = `${redirection.authHost}/oauth/passthrough?jti=${decodedToken.jti}&redirect=${encodeURIComponent(redirectUrl)}`;
6152
6057
  }
6153
6058
  }
6154
-
6155
6059
  return result;
6156
6060
  };
6157
-
6158
6061
  const containsKeys = (obj1, obj2) => {
6159
6062
  let result = true;
6160
6063
  Object.keys(obj2).forEach(key => {
@@ -6164,12 +6067,11 @@
6164
6067
  });
6165
6068
  return result;
6166
6069
  };
6167
-
6168
6070
  const containsApplication = (list, app) => {
6169
6071
  return list.find(appName => app.startsWith(`http://${appName}`) || app.startsWith(`https://${appName}`));
6170
6072
  };
6171
6073
 
6172
- var _Authentication_accessToken, _Authentication_config, _Authentication_leapAuthService, _Authentication_notification, _Authentication_refreshInfo, _Authentication_exchangeAuthCodeForAccessToken, _Authentication_verifyAndPerformRedirections, _Authentication_startRefreshAccessTokenProcess, _Authentication_destroyRefreshAccessTokenProcess, _Authentication_decodeAccessToken;
6074
+ var _Authentication_accessToken, _Authentication_config, _Authentication_leapAuthService, _Authentication_notification, _Authentication_popupLogin, _Authentication_refreshInfo, _Authentication_exchangeAuthCodeForAccessToken, _Authentication_verifyAndPerformRedirections, _Authentication_startRefreshAccessTokenProcess, _Authentication_destroyRefreshAccessTokenProcess, _Authentication_decodeAccessToken, _Authentication_handlePopupLogin;
6173
6075
  const SECONDS_BEFORE_EXPIRE = 30;
6174
6076
  const MAX_SETTIME_OUT = 2147483647;
6175
6077
  const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;
@@ -6178,32 +6080,25 @@
6178
6080
  class Authentication {
6179
6081
  constructor(options) {
6180
6082
  _Authentication_accessToken.set(this, void 0);
6181
-
6182
6083
  _Authentication_config.set(this, void 0);
6183
-
6184
6084
  _Authentication_leapAuthService.set(this, void 0);
6185
-
6186
6085
  _Authentication_notification.set(this, void 0);
6187
-
6086
+ _Authentication_popupLogin.set(this, void 0);
6188
6087
  _Authentication_refreshInfo.set(this, void 0);
6189
-
6190
6088
  this.registerEventListenerForUserChannel = params => {
6191
6089
  const {
6192
6090
  topic,
6193
6091
  messageType,
6194
6092
  callback
6195
6093
  } = params;
6196
-
6197
6094
  __classPrivateFieldGet(this, _Authentication_notification, "f").registerEventListenerForUserChannel({
6198
6095
  topic,
6199
6096
  messageType,
6200
6097
  callback
6201
6098
  });
6202
6099
  };
6203
-
6204
6100
  this.initNotification = () => __awaiter(this, void 0, void 0, function* () {
6205
6101
  const decodedToken = yield this.getDecodedRefreshedAccessToken();
6206
-
6207
6102
  if (decodedToken) {
6208
6103
  yield __classPrivateFieldGet(this, _Authentication_notification, "f").init({
6209
6104
  authHost: __classPrivateFieldGet(this, _Authentication_config, "f").authHost,
@@ -6215,43 +6110,44 @@
6215
6110
  });
6216
6111
  }
6217
6112
  });
6218
-
6219
6113
  this.destroyNotification = () => {
6220
6114
  __classPrivateFieldGet(this, _Authentication_notification, "f").destroy();
6221
6115
  };
6222
-
6223
- this.login = noPrompt => __awaiter(this, void 0, void 0, function* () {
6116
+ this.login = params => __awaiter(this, void 0, void 0, function* () {
6224
6117
  const done = yield this.checkAuthCode();
6225
-
6226
6118
  if (done && !!__classPrivateFieldGet(this, _Authentication_accessToken, "f")) {
6227
6119
  return __classPrivateFieldGet(this, _Authentication_accessToken, "f");
6228
6120
  } else {
6121
+ const {
6122
+ noPrompt,
6123
+ force_2fa,
6124
+ popup
6125
+ } = params;
6229
6126
  const code_verifier = createRandomString(64);
6230
6127
  const state = createRandomString(6);
6128
+ const nonce = createRandomString(6);
6231
6129
  window.sessionStorage.setItem(state, code_verifier);
6232
6130
  const {
6233
6131
  code_challenge,
6234
6132
  code_challenge_method
6235
6133
  } = yield createCodeChallenge(code_verifier);
6236
-
6237
6134
  const scope = __classPrivateFieldGet(this, _Authentication_config, "f").scopes.join(',');
6238
-
6239
6135
  const prompt = noPrompt ? 'none' : '';
6240
- const url = `${__classPrivateFieldGet(this, _Authentication_config, "f").authHost}/oauth/authorize?response_type=code&scope=${scope}&client_id=${__classPrivateFieldGet(this, _Authentication_config, "f").clientId}&redirect_uri=${encodeURIComponent(window.location.href)}&code_challenge=${encodeURIComponent(code_challenge)}&code_challenge_method=${code_challenge_method}&state=${state}&prompt=${prompt}&remember_me=${__classPrivateFieldGet(this, _Authentication_config, "f").rememberMe}`;
6241
- window.location.assign(url);
6242
- return;
6136
+ const url = `${__classPrivateFieldGet(this, _Authentication_config, "f").authHost}/oauth/authorize?response_type=code&scope=${scope}&client_id=${__classPrivateFieldGet(this, _Authentication_config, "f").clientId}&redirect_uri=${encodeURIComponent(window.location.href)}&code_challenge=${encodeURIComponent(code_challenge)}&code_challenge_method=${code_challenge_method}&force_2fa=${force_2fa}&nonce=${nonce}&state=${state}&prompt=${prompt}&remember_me=${__classPrivateFieldGet(this, _Authentication_config, "f").rememberMe}`;
6137
+ if (popup) {
6138
+ return __classPrivateFieldGet(this, _Authentication_handlePopupLogin, "f").call(this, url);
6139
+ } else {
6140
+ window.location.assign(url);
6141
+ return;
6142
+ }
6243
6143
  }
6244
6144
  });
6245
-
6246
6145
  this.logout = (force = false, redirectUrl) => {
6247
6146
  __classPrivateFieldSet(this, _Authentication_accessToken, undefined, "f");
6248
-
6249
6147
  const redirectUri = encodeURIComponent(redirectUrl || window.location.href);
6250
6148
  window.location.href = `${__classPrivateFieldGet(this, _Authentication_config, "f").authHost}/oauth/logout?force=${force}&redirect_uri=${redirectUri}`;
6251
-
6252
6149
  __classPrivateFieldGet(this, _Authentication_destroyRefreshAccessTokenProcess, "f").call(this);
6253
6150
  };
6254
-
6255
6151
  this.getAccessToken = () => {
6256
6152
  if (__classPrivateFieldGet(this, _Authentication_accessToken, "f") === undefined || !__classPrivateFieldGet(this, _Authentication_accessToken, "f")) {
6257
6153
  return '';
@@ -6259,20 +6155,17 @@
6259
6155
  return __classPrivateFieldGet(this, _Authentication_accessToken, "f");
6260
6156
  }
6261
6157
  };
6262
-
6263
6158
  this.getRefreshedAccessToken = force => __awaiter(this, void 0, void 0, function* () {
6264
6159
  if (__classPrivateFieldGet(this, _Authentication_accessToken, "f") === undefined || !__classPrivateFieldGet(this, _Authentication_accessToken, "f")) {
6265
6160
  return '';
6266
6161
  } else {
6267
6162
  if (__classPrivateFieldGet(this, _Authentication_refreshInfo, "f") && __classPrivateFieldGet(this, _Authentication_refreshInfo, "f").accessTokenExpireIn) {
6268
6163
  const decoded = __classPrivateFieldGet(this, _Authentication_decodeAccessToken, "f").call(this, __classPrivateFieldGet(this, _Authentication_accessToken, "f"));
6269
-
6270
6164
  if (force || !!decoded && (decoded.exp - SECONDS_BEFORE_EXPIRE) * 1000 < Date.now()) {
6271
6165
  const data = yield __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").renewAccessToken({
6272
6166
  refreshToken: __classPrivateFieldGet(this, _Authentication_refreshInfo, "f").refreshToken,
6273
6167
  verifier: __classPrivateFieldGet(this, _Authentication_refreshInfo, "f").verifier
6274
6168
  });
6275
-
6276
6169
  if (data) {
6277
6170
  if (data.refresh_token && data.expires_in) {
6278
6171
  __classPrivateFieldSet(this, _Authentication_refreshInfo, Object.assign(Object.assign({}, __classPrivateFieldGet(this, _Authentication_refreshInfo, "f")), {
@@ -6280,37 +6173,28 @@
6280
6173
  accessTokenExpireIn: data.expires_in
6281
6174
  }), "f");
6282
6175
  }
6283
-
6284
6176
  __classPrivateFieldSet(this, _Authentication_accessToken, data.access_token, "f");
6285
-
6286
6177
  yield this.triggerHooks(HookName.afterRefreshToken);
6287
6178
  return __classPrivateFieldGet(this, _Authentication_accessToken, "f");
6288
6179
  }
6289
6180
  }
6290
6181
  }
6291
-
6292
6182
  return __classPrivateFieldGet(this, _Authentication_accessToken, "f");
6293
6183
  }
6294
6184
  });
6295
-
6296
6185
  this.getDecodedAccessToken = () => {
6297
6186
  if (!__classPrivateFieldGet(this, _Authentication_accessToken, "f")) {
6298
6187
  return undefined;
6299
6188
  }
6300
-
6301
6189
  return __classPrivateFieldGet(this, _Authentication_decodeAccessToken, "f").call(this, __classPrivateFieldGet(this, _Authentication_accessToken, "f"));
6302
6190
  };
6303
-
6304
6191
  this.getDecodedRefreshedAccessToken = force => __awaiter(this, void 0, void 0, function* () {
6305
6192
  const token = yield this.getRefreshedAccessToken(force);
6306
-
6307
6193
  if (!token) {
6308
6194
  return undefined;
6309
6195
  }
6310
-
6311
6196
  return __classPrivateFieldGet(this, _Authentication_decodeAccessToken, "f").call(this, token);
6312
6197
  });
6313
-
6314
6198
  this.getHooks = () => {
6315
6199
  if (__classPrivateFieldGet(this, _Authentication_config, "f")) {
6316
6200
  return __classPrivateFieldGet(this, _Authentication_config, "f").hooks;
@@ -6318,56 +6202,44 @@
6318
6202
  return undefined;
6319
6203
  }
6320
6204
  };
6321
-
6322
6205
  this.setHook = params => {
6323
6206
  const {
6324
6207
  name,
6325
6208
  callback
6326
6209
  } = params;
6327
-
6328
6210
  if (!Object.values(HookName).find(h => h === name)) {
6329
6211
  throw Error('Unsupported hook: ' + name);
6330
6212
  }
6331
-
6332
6213
  if (!lodash.isFunction(callback)) {
6333
6214
  throw Error('hook must be a function: ' + name);
6334
6215
  }
6335
-
6336
6216
  __classPrivateFieldSet(this, _Authentication_config, Object.assign(Object.assign({}, __classPrivateFieldGet(this, _Authentication_config, "f")), {
6337
6217
  hooks: Object.assign(Object.assign({}, __classPrivateFieldGet(this, _Authentication_config, "f").hooks), {
6338
6218
  [name]: callback
6339
6219
  })
6340
6220
  }), "f");
6341
-
6342
6221
  if (name === HookName.uniqueSessionTrigger) {
6343
6222
  __classPrivateFieldGet(this, _Authentication_notification, "f").setUniqueSessionTriggerHook(callback);
6344
6223
  }
6345
-
6346
6224
  return;
6347
6225
  };
6348
-
6349
6226
  this.autoLogin = () => {
6350
6227
  return __classPrivateFieldGet(this, _Authentication_config, "f") ? __classPrivateFieldGet(this, _Authentication_config, "f").autoLogin || false : false;
6351
6228
  };
6352
-
6353
6229
  this.autoLogout = () => {
6354
6230
  return __classPrivateFieldGet(this, _Authentication_config, "f") ? __classPrivateFieldGet(this, _Authentication_config, "f").autoLogout || false : false;
6355
6231
  };
6356
-
6357
6232
  this.idleTimeoutInMinutes = () => {
6358
6233
  return __classPrivateFieldGet(this, _Authentication_config, "f") ? __classPrivateFieldGet(this, _Authentication_config, "f").idleTimeoutInMinutes || 30 : 30;
6359
6234
  };
6360
-
6361
6235
  this.checkTokenInUrl = () => {
6362
6236
  const accessTokenQuery = getQueryParameter('access_token') || getQueryParameter('auth') || getQueryParameter('authToken') || getQueryParameter('token') || getQueryParameter('jwt');
6363
-
6364
6237
  if (accessTokenQuery) {
6365
6238
  const {
6366
6239
  aud,
6367
6240
  firmId,
6368
6241
  userId
6369
6242
  } = __classPrivateFieldGet(this, _Authentication_decodeAccessToken, "f").call(this, accessTokenQuery);
6370
-
6371
6243
  if (!!firmId && !!userId && aud === '8MBJWOFS4RRRSZQC') {
6372
6244
  const queryParameterValue = accessTokenQuery;
6373
6245
  let myselfWithoutToken = deleteQueryParameter(window.location.href, 'access_token', queryParameterValue);
@@ -6379,38 +6251,30 @@
6379
6251
  window.location.href = __classPrivateFieldGet(this, _Authentication_config, "f").authHost + '/oauth/passthrough?token=' + queryParameterValue + '&redirect=' + myselfEncoded;
6380
6252
  return true;
6381
6253
  }
6382
-
6383
6254
  return false;
6384
6255
  }
6385
-
6386
6256
  return false;
6387
6257
  };
6388
-
6389
6258
  this.checkTokenInInit = () => {
6390
6259
  if (__classPrivateFieldGet(this, _Authentication_config, "f") && __classPrivateFieldGet(this, _Authentication_config, "f").initToken) {
6391
6260
  const {
6392
6261
  jti
6393
6262
  } = __classPrivateFieldGet(this, _Authentication_decodeAccessToken, "f").call(this, __classPrivateFieldGet(this, _Authentication_config, "f").initToken);
6394
-
6395
6263
  if (jti) {
6396
6264
  const windowPassthroughSession = window.sessionStorage.getItem(PASSTHROUGH_SESSION_KEY);
6397
-
6398
6265
  if (windowPassthroughSession) {
6399
6266
  window.sessionStorage.removeItem(PASSTHROUGH_SESSION_KEY);
6400
6267
  return false;
6401
6268
  }
6402
-
6403
6269
  window.sessionStorage.setItem(PASSTHROUGH_SESSION_KEY, jti);
6404
6270
  const myselfEncoded = encodeURIComponent(window.location.href);
6405
6271
  window.location.href = __classPrivateFieldGet(this, _Authentication_config, "f").authHost + '/oauth/passthrough?jti=' + jti + '&redirect=' + myselfEncoded;
6406
6272
  return true;
6407
6273
  }
6408
6274
  }
6409
-
6410
6275
  window.sessionStorage.removeItem(PASSTHROUGH_SESSION_KEY);
6411
6276
  return false;
6412
6277
  };
6413
-
6414
6278
  this.verifySession = () => __awaiter(this, void 0, void 0, function* () {
6415
6279
  const code_verifier = createRandomString(64);
6416
6280
  const state = createRandomString(6);
@@ -6419,17 +6283,13 @@
6419
6283
  code_challenge,
6420
6284
  code_challenge_method
6421
6285
  } = yield createCodeChallenge(code_verifier);
6422
-
6423
6286
  const scope = __classPrivateFieldGet(this, _Authentication_config, "f").scopes.join(',');
6424
-
6425
6287
  const redirectUri = `${window.location.protocol}//${window.location.host}${window.location.pathname}`;
6426
6288
  const url = `${__classPrivateFieldGet(this, _Authentication_config, "f").authHost}/oauth/authorize?response_type=code&response_mode=web_message&scope=${scope}&client_id=${__classPrivateFieldGet(this, _Authentication_config, "f").clientId}&redirect_uri=${encodeURIComponent(redirectUri)}&code_challenge=${encodeURIComponent(code_challenge)}&code_challenge_method=${code_challenge_method}&state=${state}&prompt=none`;
6427
6289
  const resp = yield this.runIframe(url, state);
6428
-
6429
6290
  if (resp && resp.state) {
6430
6291
  const verifier = window.sessionStorage.getItem(resp.state);
6431
6292
  window.sessionStorage.removeItem(resp.state);
6432
-
6433
6293
  if (resp.code && verifier) {
6434
6294
  return __classPrivateFieldGet(this, _Authentication_exchangeAuthCodeForAccessToken, "f").call(this, {
6435
6295
  code: resp.code,
@@ -6437,50 +6297,54 @@
6437
6297
  redirectUri
6438
6298
  });
6439
6299
  }
6440
-
6441
6300
  return false;
6442
6301
  } else {
6443
6302
  return false;
6444
6303
  }
6445
6304
  });
6446
-
6447
6305
  this.checkAuthCode = () => __awaiter(this, void 0, void 0, function* () {
6448
6306
  const search = window.location.search;
6449
6307
  const queryParams = new URLSearchParams(search);
6450
6308
  const code = queryParams.get('code');
6451
6309
  const state = queryParams.get('state');
6452
-
6453
6310
  if (!!code && !!state) {
6454
- const verifier = window.sessionStorage.getItem(state);
6455
- window.sessionStorage.removeItem(state);
6456
- let newUrl = window.location.href;
6457
- newUrl = deleteQueryParameter(newUrl, 'code', code);
6458
- newUrl = deleteQueryParameter(newUrl, 'state', state);
6459
- window.history.pushState(null, '', newUrl);
6460
- return __classPrivateFieldGet(this, _Authentication_exchangeAuthCodeForAccessToken, "f").call(this, {
6461
- code,
6462
- verifier,
6463
- redirectUri: newUrl
6464
- });
6311
+ const isPopupLogin = window.sessionStorage.getItem('leap-auth-popup-login');
6312
+ if (isPopupLogin === 'true' && window.opener) {
6313
+ window.sessionStorage.removeItem('leap-auth-popup-login');
6314
+ window.opener.postMessage({
6315
+ source: 'leap-auth-popup-login',
6316
+ code,
6317
+ state
6318
+ }, '*');
6319
+ window.close();
6320
+ return false;
6321
+ } else {
6322
+ const verifier = window.sessionStorage.getItem(state);
6323
+ window.sessionStorage.removeItem(state);
6324
+ let newUrl = window.location.href;
6325
+ newUrl = deleteQueryParameter(newUrl, 'code', code);
6326
+ newUrl = deleteQueryParameter(newUrl, 'state', state);
6327
+ window.history.pushState(null, '', newUrl);
6328
+ return __classPrivateFieldGet(this, _Authentication_exchangeAuthCodeForAccessToken, "f").call(this, {
6329
+ code,
6330
+ verifier,
6331
+ redirectUri: newUrl
6332
+ });
6333
+ }
6465
6334
  } else {
6466
6335
  return false;
6467
6336
  }
6468
6337
  });
6469
-
6470
6338
  this.getUserInfo = () => __awaiter(this, void 0, void 0, function* () {
6471
6339
  const token = yield this.getRefreshedAccessToken();
6472
6340
  return __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").userInfo(token);
6473
6341
  });
6474
-
6475
6342
  this.linkUser = params => __awaiter(this, void 0, void 0, function* () {
6476
6343
  const decodeToken = yield this.getDecodedRefreshedAccessToken();
6477
-
6478
6344
  if (!decodeToken) {
6479
6345
  return;
6480
6346
  }
6481
-
6482
6347
  const redirectUrl = params.redirectUrl || window.location.href;
6483
-
6484
6348
  __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").linkUser({
6485
6349
  redirectUrl,
6486
6350
  jti: decodeToken.jti,
@@ -6488,16 +6352,12 @@
6488
6352
  callback: params.callback
6489
6353
  });
6490
6354
  });
6491
-
6492
6355
  this.unlinkUser = params => __awaiter(this, void 0, void 0, function* () {
6493
6356
  const decodeToken = yield this.getDecodedRefreshedAccessToken();
6494
-
6495
6357
  if (!decodeToken) {
6496
6358
  return;
6497
6359
  }
6498
-
6499
6360
  const redirectUrl = params.redirectUrl || window.location.href;
6500
-
6501
6361
  __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").unlinkUser({
6502
6362
  redirectUrl,
6503
6363
  jti: decodeToken.jti,
@@ -6505,34 +6365,25 @@
6505
6365
  callback: params.callback
6506
6366
  });
6507
6367
  });
6508
-
6509
6368
  this.getCloudProviderToken = jti => __awaiter(this, void 0, void 0, function* () {
6510
6369
  const token = yield this.getRefreshedAccessToken();
6511
-
6512
6370
  if (!token) {
6513
6371
  throw Error('Not authenticated yet');
6514
6372
  }
6515
-
6516
6373
  return __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").getCloudProviderToken(token, jti);
6517
6374
  });
6518
-
6519
6375
  this.cloudProviderUserInfo = () => __awaiter(this, void 0, void 0, function* () {
6520
6376
  const token = yield this.getRefreshedAccessToken();
6521
-
6522
6377
  if (!token) {
6523
6378
  throw Error('Not authenticated yet');
6524
6379
  }
6525
-
6526
6380
  return __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").cloudProviderUserInfo(token);
6527
6381
  });
6528
-
6529
6382
  this.cloudProviderReauthenticate = params => __awaiter(this, void 0, void 0, function* () {
6530
6383
  const token = yield this.getRefreshedAccessToken();
6531
-
6532
6384
  if (!token) {
6533
6385
  throw Error('Not authenticated yet');
6534
6386
  }
6535
-
6536
6387
  let {
6537
6388
  nonce,
6538
6389
  redirectUrl
@@ -6542,12 +6393,10 @@
6542
6393
  callback
6543
6394
  } = params;
6544
6395
  redirectUrl = redirectUrl || window.location.href;
6545
-
6546
6396
  if (!nonce) {
6547
6397
  const reauthticateLink = yield __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").cloudProviderReauthenticateLink(token);
6548
6398
  nonce = reauthticateLink.nonce;
6549
6399
  }
6550
-
6551
6400
  return __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").cloudProviderReauthenticate({
6552
6401
  redirectUrl,
6553
6402
  nonce,
@@ -6555,16 +6404,12 @@
6555
6404
  callback
6556
6405
  });
6557
6406
  });
6558
-
6559
6407
  this.cloudProviderUpdate = cloudProviderId => __awaiter(this, void 0, void 0, function* () {
6560
6408
  const token = yield this.getRefreshedAccessToken();
6561
-
6562
6409
  if (!token) {
6563
6410
  throw Error('Not authenticated yet');
6564
6411
  }
6565
-
6566
6412
  const decodedToken = __classPrivateFieldGet(this, _Authentication_decodeAccessToken, "f").call(this, token);
6567
-
6568
6413
  const {
6569
6414
  firmId
6570
6415
  } = decodedToken;
@@ -6574,89 +6419,65 @@
6574
6419
  token: token
6575
6420
  });
6576
6421
  });
6577
-
6578
6422
  this.statusAdminConsent = () => __awaiter(this, void 0, void 0, function* () {
6579
6423
  const token = yield this.getRefreshedAccessToken();
6580
-
6581
6424
  if (!token) {
6582
6425
  throw Error('Not authenticated yet');
6583
6426
  }
6584
-
6585
6427
  return __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").statusAdminConsent(token);
6586
6428
  });
6587
-
6588
6429
  this.getAdminConsent = params => {
6589
6430
  const redirectUrl = params.redirectUrl || window.location.href;
6590
-
6591
6431
  __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").getAdminConsent(Object.assign(Object.assign({}, params), {
6592
6432
  redirectUrl
6593
6433
  }));
6594
6434
  };
6595
-
6596
6435
  this.revokeAdminConsent = () => __awaiter(this, void 0, void 0, function* () {
6597
6436
  const token = yield this.getRefreshedAccessToken();
6598
-
6599
6437
  if (!token) {
6600
6438
  throw Error('Not authenticated yet');
6601
6439
  }
6602
-
6603
6440
  return __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").revokeAdminConsent(token);
6604
6441
  });
6605
-
6606
6442
  this.getLinkMap = (allUsers = false) => __awaiter(this, void 0, void 0, function* () {
6607
6443
  const token = yield this.getRefreshedAccessToken();
6608
-
6609
6444
  if (!token) {
6610
6445
  throw Error('Not authenticated yet');
6611
6446
  }
6612
-
6613
6447
  return __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").getLinkMap(token, allUsers);
6614
6448
  });
6615
-
6616
6449
  this.setLinkMap = linkMap => __awaiter(this, void 0, void 0, function* () {
6617
6450
  const token = yield this.getRefreshedAccessToken();
6618
-
6619
6451
  if (!token) {
6620
6452
  throw Error('Not authenticated yet');
6621
6453
  }
6622
-
6623
6454
  const verifyFormat = () => {
6624
6455
  if (Array.isArray(linkMap)) {
6625
6456
  for (const link of linkMap) {
6626
6457
  if (!(link.internalUser && link.externalUser && link.externalUser.id)) return false;
6627
6458
  }
6628
-
6629
6459
  return true;
6630
6460
  }
6631
-
6632
6461
  return false;
6633
6462
  };
6634
-
6635
6463
  if (!verifyFormat()) throw Error('linkmap in wrong format');
6636
6464
  return __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").setLinkMap(token, linkMap);
6637
6465
  });
6638
-
6639
6466
  this.authoriseSupport = params => __awaiter(this, void 0, void 0, function* () {
6640
6467
  const token = yield this.getRefreshedAccessToken();
6641
-
6642
6468
  if (!token) {
6643
6469
  throw Error('Not authenticated yet');
6644
6470
  }
6645
-
6646
6471
  return __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").authoriseSupport(token, params);
6647
6472
  });
6648
-
6649
6473
  this.changePassword = params => {
6650
6474
  const redirectUrl = params.redirectUrl || window.location.href;
6651
-
6652
6475
  __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").changePassword(Object.assign(Object.assign({}, params), {
6653
6476
  redirectUrl
6654
6477
  }));
6655
6478
  };
6656
-
6657
6479
  this.passthrough = params => __awaiter(this, void 0, void 0, function* () {
6658
6480
  const decodedToken = yield this.getDecodedRefreshedAccessToken();
6659
-
6660
6481
  if (decodedToken && decodedToken.jti) {
6661
6482
  const {
6662
6483
  url,
@@ -6665,31 +6486,26 @@
6665
6486
  } = params;
6666
6487
  const encodedRedirectUrl = encodeURIComponent(url);
6667
6488
  const passthroughUrl = `${authHost || __classPrivateFieldGet(this, _Authentication_config, "f").authHost}/oauth/passthrough?jti=${decodedToken.jti}&redirect=${encodedRedirectUrl}&output=embed`;
6668
-
6669
6489
  if (newWindow) {
6670
6490
  window.open(passthroughUrl, '_blank');
6671
6491
  } else {
6672
6492
  window.location.assign(passthroughUrl);
6673
6493
  }
6674
6494
  }
6675
-
6676
6495
  return;
6677
6496
  });
6678
-
6679
6497
  this.triggerHooks = hookName => __awaiter(this, void 0, void 0, function* () {
6680
6498
  const hooks = this.getHooks();
6681
6499
  const token = yield this.getRefreshedAccessToken();
6682
6500
  const hookFn = hooks && !!hooks[hookName] && lodash.isFunction(hooks[hookName]) ? hooks[hookName](token) : false;
6683
6501
  return Promise.resolve(hookFn);
6684
6502
  });
6685
-
6686
6503
  this.afterAuthenticated = () => {
6687
6504
  return this.triggerHooks(HookName.afterLogin).then(() => __awaiter(this, void 0, void 0, function* () {
6688
6505
  yield this.initNotification();
6689
6506
  return __classPrivateFieldGet(this, _Authentication_accessToken, "f");
6690
6507
  }));
6691
6508
  };
6692
-
6693
6509
  this.runIframe = (authorizeUrl, state, timeoutInSeconds = DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS) => {
6694
6510
  return new Promise((res, rej) => {
6695
6511
  const iframe = window.document.createElement('iframe');
@@ -6697,20 +6513,17 @@
6697
6513
  iframe.setAttribute('height', '0');
6698
6514
  iframe.setAttribute('id', 'agent-iframe');
6699
6515
  iframe.style.display = 'none';
6700
-
6701
6516
  const removeIframe = () => {
6702
6517
  if (window.document.body.contains(iframe)) {
6703
6518
  window.document.body.removeChild(iframe);
6704
6519
  window.removeEventListener('message', iframeEventHandler, false);
6705
6520
  }
6706
6521
  };
6707
-
6708
6522
  const timeoutSetTimeoutId = setTimeout(() => {
6709
6523
  rej('agent-iframe timeout');
6710
6524
  removeIframe();
6711
6525
  window.sessionStorage.removeItem(state);
6712
6526
  }, timeoutInSeconds * 1000);
6713
-
6714
6527
  const iframeEventHandler = e => {
6715
6528
  const {
6716
6529
  data,
@@ -6719,30 +6532,25 @@
6719
6532
  } = e;
6720
6533
  if (origin !== __classPrivateFieldGet(this, _Authentication_config, "f").authHost) return;
6721
6534
  if (!data || data.type !== 'authorization_response') return;
6722
-
6723
6535
  if (source) {
6724
6536
  source.close();
6725
6537
  }
6726
-
6727
6538
  res(data.response);
6728
6539
  clearTimeout(timeoutSetTimeoutId);
6729
6540
  window.removeEventListener('message', iframeEventHandler, false);
6730
6541
  setTimeout(removeIframe, CLEANUP_IFRAME_TIMEOUT_IN_SECONDS * 1000);
6731
6542
  };
6732
-
6733
6543
  window.addEventListener('message', iframeEventHandler, false);
6734
6544
  window.document.body.appendChild(iframe);
6735
6545
  iframe.setAttribute('src', authorizeUrl);
6736
6546
  });
6737
6547
  };
6738
-
6739
6548
  _Authentication_exchangeAuthCodeForAccessToken.set(this, params => __awaiter(this, void 0, void 0, function* () {
6740
6549
  const {
6741
6550
  verifier,
6742
6551
  code,
6743
6552
  redirectUri
6744
6553
  } = params;
6745
-
6746
6554
  if (verifier) {
6747
6555
  const data = yield __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").exchangeAuthCodeForAccessToken({
6748
6556
  code,
@@ -6750,11 +6558,9 @@
6750
6558
  redirectUri
6751
6559
  });
6752
6560
  const redirectTriggered = yield __classPrivateFieldGet(this, _Authentication_verifyAndPerformRedirections, "f").call(this, data.access_token);
6753
-
6754
6561
  if (redirectTriggered) {
6755
6562
  return true;
6756
6563
  }
6757
-
6758
6564
  if (data.refresh_token && data.expires_in) {
6759
6565
  __classPrivateFieldSet(this, _Authentication_refreshInfo, {
6760
6566
  refreshToken: data.refresh_token,
@@ -6762,105 +6568,79 @@
6762
6568
  verifier: verifier,
6763
6569
  timer: undefined
6764
6570
  }, "f");
6765
-
6766
6571
  if (__classPrivateFieldGet(this, _Authentication_config, "f").autoRefreshToken) {
6767
6572
  __classPrivateFieldGet(this, _Authentication_startRefreshAccessTokenProcess, "f").call(this);
6768
6573
  }
6769
6574
  }
6770
-
6771
6575
  __classPrivateFieldSet(this, _Authentication_accessToken, data.access_token, "f");
6772
-
6773
6576
  return true;
6774
6577
  } else {
6775
6578
  return false;
6776
6579
  }
6777
6580
  }));
6778
-
6779
6581
  _Authentication_verifyAndPerformRedirections.set(this, accessToken => __awaiter(this, void 0, void 0, function* () {
6780
6582
  const redirectionConfig = yield __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").getRedirections();
6781
6583
  const origin = window.location.origin;
6782
-
6783
6584
  const decodedToken = __classPrivateFieldGet(this, _Authentication_decodeAccessToken, "f").call(this, accessToken);
6784
-
6785
6585
  const redirectUri = getRedirectUri(origin, decodedToken, redirectionConfig);
6786
-
6787
6586
  if (redirectUri) {
6788
6587
  this.logout(false, redirectUri);
6789
6588
  return true;
6790
6589
  }
6791
-
6792
6590
  return false;
6793
6591
  }));
6794
-
6795
6592
  _Authentication_startRefreshAccessTokenProcess.set(this, () => {
6796
6593
  if (!__classPrivateFieldGet(this, _Authentication_refreshInfo, "f")) {
6797
6594
  return;
6798
6595
  }
6799
-
6800
6596
  if (__classPrivateFieldGet(this, _Authentication_refreshInfo, "f").timer) {
6801
6597
  clearTimeout(__classPrivateFieldGet(this, _Authentication_refreshInfo, "f").timer);
6802
-
6803
6598
  __classPrivateFieldSet(this, _Authentication_refreshInfo, Object.assign(Object.assign({}, __classPrivateFieldGet(this, _Authentication_refreshInfo, "f")), {
6804
6599
  timer: undefined
6805
6600
  }), "f");
6806
6601
  }
6807
-
6808
6602
  const waitBeforeExecuting = (__classPrivateFieldGet(this, _Authentication_refreshInfo, "f").accessTokenExpireIn - SECONDS_BEFORE_EXPIRE) * 1000;
6809
-
6810
6603
  if (waitBeforeExecuting > MAX_SETTIME_OUT) {
6811
6604
  return;
6812
6605
  }
6813
-
6814
6606
  const timer = setTimeout(() => __awaiter(this, void 0, void 0, function* () {
6815
6607
  if (!__classPrivateFieldGet(this, _Authentication_refreshInfo, "f")) {
6816
6608
  return;
6817
6609
  }
6818
-
6819
6610
  const data = yield __classPrivateFieldGet(this, _Authentication_leapAuthService, "f").renewAccessToken({
6820
6611
  refreshToken: __classPrivateFieldGet(this, _Authentication_refreshInfo, "f").refreshToken,
6821
6612
  verifier: __classPrivateFieldGet(this, _Authentication_refreshInfo, "f").verifier
6822
6613
  });
6823
-
6824
6614
  if (data) {
6825
6615
  if (data.refresh_token && data.expires_in) {
6826
6616
  __classPrivateFieldSet(this, _Authentication_refreshInfo, Object.assign(Object.assign({}, __classPrivateFieldGet(this, _Authentication_refreshInfo, "f")), {
6827
6617
  refreshToken: data.refresh_token,
6828
6618
  accessTokenExpireIn: data.expires_in
6829
6619
  }), "f");
6830
-
6831
6620
  __classPrivateFieldGet(this, _Authentication_startRefreshAccessTokenProcess, "f").call(this);
6832
6621
  }
6833
-
6834
6622
  __classPrivateFieldSet(this, _Authentication_accessToken, data.access_token, "f");
6835
-
6836
6623
  yield this.triggerHooks(HookName.afterRefreshToken);
6837
6624
  }
6838
6625
  }), waitBeforeExecuting);
6839
-
6840
6626
  __classPrivateFieldSet(this, _Authentication_refreshInfo, Object.assign(Object.assign({}, __classPrivateFieldGet(this, _Authentication_refreshInfo, "f")), {
6841
6627
  timer
6842
6628
  }), "f");
6843
6629
  });
6844
-
6845
6630
  _Authentication_destroyRefreshAccessTokenProcess.set(this, () => {
6846
6631
  if (!__classPrivateFieldGet(this, _Authentication_refreshInfo, "f")) {
6847
6632
  return;
6848
6633
  }
6849
-
6850
6634
  if (__classPrivateFieldGet(this, _Authentication_refreshInfo, "f").timer) {
6851
6635
  clearTimeout(__classPrivateFieldGet(this, _Authentication_refreshInfo, "f").timer);
6852
6636
  }
6853
-
6854
6637
  __classPrivateFieldSet(this, _Authentication_refreshInfo, undefined, "f");
6855
6638
  });
6856
-
6857
6639
  _Authentication_decodeAccessToken.set(this, accessToken => {
6858
6640
  if (!accessToken) {
6859
6641
  return undefined;
6860
6642
  }
6861
-
6862
6643
  const payload = accessToken.split('.')[1];
6863
-
6864
6644
  if (payload) {
6865
6645
  try {
6866
6646
  const result = window.atob(payload);
@@ -6869,31 +6649,52 @@
6869
6649
  throw Error('Fail to decode access token.');
6870
6650
  }
6871
6651
  }
6872
-
6873
6652
  return undefined;
6874
6653
  });
6875
-
6654
+ _Authentication_handlePopupLogin.set(this, url => {
6655
+ return new Promise(resolve => {
6656
+ __classPrivateFieldSet(this, _Authentication_popupLogin, true, "f");
6657
+ window.sessionStorage.setItem('leap-auth-popup-login', 'true');
6658
+ window.open(url, '_blank', 'menubar=0,top=500,left=0,width=600,height=600');
6659
+ window.addEventListener('message', event => __awaiter(this, void 0, void 0, function* () {
6660
+ if (event.data && event.data.source && event.data.source === 'leap-auth-popup-login') {
6661
+ const code = event.data.code;
6662
+ const state = event.data.state;
6663
+ const verifier = window.sessionStorage.getItem(state);
6664
+ window.sessionStorage.removeItem(state);
6665
+ let newUrl = window.location.href;
6666
+ newUrl = deleteQueryParameter(newUrl, 'code', code);
6667
+ newUrl = deleteQueryParameter(newUrl, 'state', state);
6668
+ window.history.pushState(null, '', newUrl);
6669
+ const done = yield __classPrivateFieldGet(this, _Authentication_exchangeAuthCodeForAccessToken, "f").call(this, {
6670
+ code,
6671
+ verifier,
6672
+ redirectUri: newUrl
6673
+ });
6674
+ if (done) {
6675
+ resolve(__classPrivateFieldGet(this, _Authentication_accessToken, "f"));
6676
+ } else {
6677
+ resolve(undefined);
6678
+ }
6679
+ }
6680
+ }));
6681
+ });
6682
+ });
6876
6683
  __classPrivateFieldSet(this, _Authentication_accessToken, undefined, "f");
6877
-
6878
6684
  __classPrivateFieldSet(this, _Authentication_config, init$1(options), "f");
6879
-
6880
6685
  __classPrivateFieldSet(this, _Authentication_leapAuthService, new LeapAuthService(__classPrivateFieldGet(this, _Authentication_config, "f").authHost, __classPrivateFieldGet(this, _Authentication_config, "f").clientId), "f");
6881
-
6882
6686
  __classPrivateFieldSet(this, _Authentication_notification, new Notification(), "f");
6687
+ __classPrivateFieldSet(this, _Authentication_popupLogin, false, "f");
6883
6688
  }
6884
-
6885
6689
  }
6886
- _Authentication_accessToken = new WeakMap(), _Authentication_config = new WeakMap(), _Authentication_leapAuthService = new WeakMap(), _Authentication_notification = new WeakMap(), _Authentication_refreshInfo = new WeakMap(), _Authentication_exchangeAuthCodeForAccessToken = new WeakMap(), _Authentication_verifyAndPerformRedirections = new WeakMap(), _Authentication_startRefreshAccessTokenProcess = new WeakMap(), _Authentication_destroyRefreshAccessTokenProcess = new WeakMap(), _Authentication_decodeAccessToken = new WeakMap();
6690
+ _Authentication_accessToken = new WeakMap(), _Authentication_config = new WeakMap(), _Authentication_leapAuthService = new WeakMap(), _Authentication_notification = new WeakMap(), _Authentication_popupLogin = new WeakMap(), _Authentication_refreshInfo = new WeakMap(), _Authentication_exchangeAuthCodeForAccessToken = new WeakMap(), _Authentication_verifyAndPerformRedirections = new WeakMap(), _Authentication_startRefreshAccessTokenProcess = new WeakMap(), _Authentication_destroyRefreshAccessTokenProcess = new WeakMap(), _Authentication_decodeAccessToken = new WeakMap(), _Authentication_handlePopupLogin = new WeakMap();
6887
6691
 
6888
6692
  var _IdleTimer_timeoutInMinutes, _IdleTimer_timer, _IdleTimer_onTimeout, _IdleTimer_cleanUpTracker, _IdleTimer_clearTimeout, _IdleTimer_resetTimer;
6889
6693
  class IdleTimer {
6890
6694
  constructor(params) {
6891
6695
  _IdleTimer_timeoutInMinutes.set(this, void 0);
6892
-
6893
6696
  _IdleTimer_timer.set(this, void 0);
6894
-
6895
6697
  _IdleTimer_onTimeout.set(this, void 0);
6896
-
6897
6698
  this.tracker = () => {
6898
6699
  window.addEventListener('onload', __classPrivateFieldGet(this, _IdleTimer_resetTimer, "f"), true);
6899
6700
  window.addEventListener('mousemove', __classPrivateFieldGet(this, _IdleTimer_resetTimer, "f"), true);
@@ -6901,7 +6702,6 @@
6901
6702
  window.addEventListener('onscroll', __classPrivateFieldGet(this, _IdleTimer_resetTimer, "f"), true);
6902
6703
  window.addEventListener('onkeypress', __classPrivateFieldGet(this, _IdleTimer_resetTimer, "f"), true);
6903
6704
  };
6904
-
6905
6705
  _IdleTimer_cleanUpTracker.set(this, () => {
6906
6706
  window.removeEventListener('onload', __classPrivateFieldGet(this, _IdleTimer_resetTimer, "f"), true);
6907
6707
  window.removeEventListener('mousemove', __classPrivateFieldGet(this, _IdleTimer_resetTimer, "f"), true);
@@ -6909,49 +6709,36 @@
6909
6709
  window.removeEventListener('onscroll', __classPrivateFieldGet(this, _IdleTimer_resetTimer, "f"), true);
6910
6710
  window.removeEventListener('onkeypress', __classPrivateFieldGet(this, _IdleTimer_resetTimer, "f"), true);
6911
6711
  });
6912
-
6913
6712
  _IdleTimer_clearTimeout.set(this, () => {
6914
6713
  if (__classPrivateFieldGet(this, _IdleTimer_timer, "f")) {
6915
6714
  clearTimeout(__classPrivateFieldGet(this, _IdleTimer_timer, "f"));
6916
6715
  }
6917
6716
  });
6918
-
6919
6717
  _IdleTimer_resetTimer.set(this, () => {
6920
6718
  __classPrivateFieldGet(this, _IdleTimer_clearTimeout, "f").call(this);
6921
-
6922
6719
  __classPrivateFieldSet(this, _IdleTimer_timer, setTimeout(() => {
6923
6720
  __classPrivateFieldGet(this, _IdleTimer_clearTimeout, "f").call(this);
6924
-
6925
6721
  __classPrivateFieldGet(this, _IdleTimer_cleanUpTracker, "f").call(this);
6926
-
6927
6722
  __classPrivateFieldGet(this, _IdleTimer_onTimeout, "f").call(this);
6928
6723
  }, __classPrivateFieldGet(this, _IdleTimer_timeoutInMinutes, "f") * 60 * 1000), "f");
6929
6724
  });
6930
-
6931
6725
  const {
6932
6726
  timeoutInMinutes,
6933
6727
  onTimeout: onTimeout
6934
6728
  } = params;
6935
-
6936
6729
  __classPrivateFieldSet(this, _IdleTimer_timeoutInMinutes, timeoutInMinutes, "f");
6937
-
6938
6730
  __classPrivateFieldSet(this, _IdleTimer_onTimeout, onTimeout, "f");
6939
6731
  }
6940
-
6941
6732
  }
6942
6733
  _IdleTimer_timeoutInMinutes = new WeakMap(), _IdleTimer_timer = new WeakMap(), _IdleTimer_onTimeout = new WeakMap(), _IdleTimer_cleanUpTracker = new WeakMap(), _IdleTimer_clearTimeout = new WeakMap(), _IdleTimer_resetTimer = new WeakMap();
6943
6734
 
6944
6735
  let auth;
6945
-
6946
6736
  const init = options => __awaiter(void 0, void 0, void 0, function* () {
6947
6737
  auth = new Authentication(options);
6948
-
6949
6738
  if (!auth) {
6950
6739
  return false;
6951
6740
  }
6952
-
6953
6741
  const autoLogout = auth.autoLogout();
6954
-
6955
6742
  if (autoLogout) {
6956
6743
  const timeoutInMinutes = auth.idleTimeoutInMinutes();
6957
6744
  const idleTimer = new IdleTimer({
@@ -6960,162 +6747,133 @@
6960
6747
  });
6961
6748
  idleTimer.tracker();
6962
6749
  }
6963
-
6964
6750
  const done = yield auth.checkAuthCode();
6965
-
6966
6751
  if (done) {
6967
6752
  return auth.afterAuthenticated();
6968
6753
  }
6969
-
6970
6754
  const hasAuthSession = yield verifySession();
6971
-
6972
6755
  if (hasAuthSession) {
6973
6756
  return auth.afterAuthenticated();
6974
6757
  }
6975
-
6976
6758
  const passthrough = auth.checkTokenInUrl() || auth.checkTokenInInit();
6977
-
6978
6759
  if (passthrough) {
6979
6760
  return false;
6980
6761
  }
6981
-
6982
6762
  const autoLogin = auth.autoLogin();
6983
-
6984
6763
  if (autoLogin) {
6985
6764
  yield login();
6986
6765
  }
6987
-
6988
6766
  return true;
6989
6767
  });
6990
-
6991
6768
  const verifySession = () => __awaiter(void 0, void 0, void 0, function* () {
6992
6769
  if (!auth) {
6993
6770
  throw Error('Not init yet');
6994
6771
  }
6995
-
6996
6772
  return yield auth.verifySession();
6997
6773
  });
6998
-
6999
6774
  const getAccessToken = () => {
7000
6775
  return !auth ? '' : auth.getAccessToken();
7001
6776
  };
7002
-
7003
6777
  const getRefreshedAccessToken = force => __awaiter(void 0, void 0, void 0, function* () {
7004
6778
  return !auth ? '' : yield auth.getRefreshedAccessToken(force);
7005
6779
  });
7006
-
7007
- const login = () => __awaiter(void 0, void 0, void 0, function* () {
6780
+ const login = (params = {}) => __awaiter(void 0, void 0, void 0, function* () {
7008
6781
  if (!auth) {
7009
6782
  throw Error('Not init yet');
7010
6783
  }
7011
-
7012
- return auth.login().then(token => {
6784
+ const {
6785
+ force_2fa,
6786
+ popup
6787
+ } = params;
6788
+ return auth.login({
6789
+ noPrompt: false,
6790
+ force_2fa: !!force_2fa,
6791
+ popup: !!popup
6792
+ }).then(token => {
7013
6793
  return token && auth ? auth.afterAuthenticated() : undefined;
7014
6794
  });
7015
6795
  });
7016
-
7017
6796
  const logout = (force = false, redirectUrl) => __awaiter(void 0, void 0, void 0, function* () {
7018
6797
  if (!auth) {
7019
6798
  throw Error('Not init yet');
7020
6799
  }
7021
-
7022
6800
  return auth.triggerHooks(HookName.beforeLogout).then(() => {
7023
6801
  if (auth) {
7024
6802
  auth.destroyNotification();
7025
6803
  auth.logout(force, redirectUrl);
7026
6804
  }
7027
-
7028
6805
  return;
7029
6806
  }).catch(function (err) {
7030
6807
  console.error('Error while logging out : ', err);
7031
6808
  throw Error(err);
7032
6809
  });
7033
6810
  });
7034
-
7035
6811
  const registerHook = (hookName, callback) => {
7036
6812
  if (!auth) {
7037
6813
  throw Error('Not init yet');
7038
6814
  }
7039
-
7040
6815
  if (auth) {
7041
6816
  auth.setHook({
7042
6817
  name: hookName,
7043
6818
  callback
7044
6819
  });
7045
6820
  }
7046
-
7047
6821
  return;
7048
6822
  };
7049
-
7050
6823
  const getDecodedAccessToken = () => {
7051
6824
  if (!auth) {
7052
6825
  throw Error('Not init yet');
7053
6826
  }
7054
-
7055
6827
  return auth.getDecodedAccessToken();
7056
6828
  };
7057
-
7058
6829
  const getDecodedRefreshedAccessToken = force => __awaiter(void 0, void 0, void 0, function* () {
7059
6830
  if (!auth) {
7060
6831
  throw Error('Not init yet');
7061
6832
  }
7062
-
7063
6833
  return yield auth.getDecodedRefreshedAccessToken(force);
7064
6834
  });
7065
-
7066
6835
  const userInfo = () => {
7067
6836
  if (!auth) {
7068
6837
  throw Error('Not init yet');
7069
6838
  }
7070
-
7071
6839
  return auth.getUserInfo();
7072
6840
  };
7073
-
7074
6841
  const linkUser = (redirectUrl, newWindow, callback) => __awaiter(void 0, void 0, void 0, function* () {
7075
6842
  if (!auth) {
7076
6843
  throw Error('Not init yet');
7077
6844
  }
7078
-
7079
6845
  yield auth.linkUser({
7080
6846
  redirectUrl,
7081
6847
  newWindow,
7082
6848
  callback
7083
6849
  });
7084
6850
  });
7085
-
7086
6851
  const unlinkUser = (redirectUrl, newWindow, callback) => __awaiter(void 0, void 0, void 0, function* () {
7087
6852
  if (!auth) {
7088
6853
  throw Error('Not init yet');
7089
6854
  }
7090
-
7091
6855
  yield auth.unlinkUser({
7092
6856
  redirectUrl,
7093
6857
  newWindow,
7094
6858
  callback
7095
6859
  });
7096
6860
  });
7097
-
7098
6861
  const getCloudProviderToken = jti => {
7099
6862
  if (!auth) {
7100
6863
  throw Error('Not init yet');
7101
6864
  }
7102
-
7103
6865
  return auth.getCloudProviderToken(jti);
7104
6866
  };
7105
-
7106
6867
  const cloudProviderUserInfo = () => {
7107
6868
  if (!auth) {
7108
6869
  throw Error('Not init yet');
7109
6870
  }
7110
-
7111
6871
  return auth.cloudProviderUserInfo();
7112
6872
  };
7113
-
7114
6873
  const cloudProviderReauthenticate = (nonce, redirectUrl, newWindow, callback) => {
7115
6874
  if (!auth) {
7116
6875
  throw Error('Not init yet');
7117
6876
  }
7118
-
7119
6877
  return auth.cloudProviderReauthenticate({
7120
6878
  redirectUrl,
7121
6879
  nonce,
@@ -7123,32 +6881,25 @@
7123
6881
  callback
7124
6882
  });
7125
6883
  };
7126
-
7127
6884
  const cloudProviderUpdate = cloudProviderId => {
7128
6885
  if (!auth) {
7129
6886
  throw Error('Not init yet');
7130
6887
  }
7131
-
7132
6888
  if (!cloudProviderId) {
7133
6889
  throw Error('cloudProviderId is required');
7134
6890
  }
7135
-
7136
6891
  return auth.cloudProviderUpdate(cloudProviderId);
7137
6892
  };
7138
-
7139
6893
  const statusAdminConsent = () => {
7140
6894
  if (!auth) {
7141
6895
  throw Error('Not init yet');
7142
6896
  }
7143
-
7144
6897
  return auth.statusAdminConsent();
7145
6898
  };
7146
-
7147
6899
  const getAdminConsent = (domain, redirectUrl, newWindow, callback) => {
7148
6900
  if (!auth) {
7149
6901
  throw Error('Not init yet');
7150
6902
  }
7151
-
7152
6903
  auth.getAdminConsent({
7153
6904
  domain,
7154
6905
  redirectUrl,
@@ -7156,78 +6907,63 @@
7156
6907
  callback
7157
6908
  });
7158
6909
  };
7159
-
7160
6910
  const revokeAdminConsent = () => {
7161
6911
  if (!auth) {
7162
6912
  throw Error('Not init yet');
7163
6913
  }
7164
-
7165
6914
  return auth.revokeAdminConsent();
7166
6915
  };
7167
-
7168
6916
  const getLinkMap = allUsers => {
7169
6917
  if (!auth) {
7170
6918
  throw Error('Not init yet');
7171
6919
  }
7172
-
7173
6920
  return auth.getLinkMap(allUsers);
7174
6921
  };
7175
-
7176
6922
  const setLinkMap = linkMap => {
7177
6923
  if (!auth) {
7178
6924
  throw Error('Not init yet');
7179
6925
  }
7180
-
7181
6926
  return auth.setLinkMap(linkMap);
7182
6927
  };
7183
-
7184
6928
  const authoriseSupport = (code, duration) => {
7185
6929
  if (!auth) {
7186
6930
  throw Error('Not init yet');
7187
6931
  }
7188
-
7189
6932
  return auth.authoriseSupport({
7190
6933
  code,
7191
6934
  duration
7192
6935
  });
7193
6936
  };
7194
-
7195
6937
  const changePassword = (redirectUrl, newWindow, callback) => {
7196
6938
  if (!auth) {
7197
6939
  throw Error('Not init yet');
7198
6940
  }
7199
-
7200
6941
  auth.changePassword({
7201
6942
  redirectUrl,
7202
6943
  newWindow,
7203
6944
  callback
7204
6945
  });
7205
6946
  };
7206
-
7207
6947
  const registerEventListener = (topic, messageType, callback) => {
7208
6948
  if (!auth) {
7209
6949
  throw Error('Not init yet');
7210
6950
  }
7211
-
7212
6951
  auth.registerEventListenerForUserChannel({
7213
6952
  topic,
7214
6953
  messageType,
7215
6954
  callback
7216
6955
  });
7217
6956
  };
7218
-
7219
6957
  const passthrough = (url, newWindow = false, authHost) => __awaiter(void 0, void 0, void 0, function* () {
7220
6958
  if (!auth) {
7221
6959
  throw Error('Not init yet');
7222
6960
  }
7223
-
7224
6961
  yield auth.passthrough({
7225
6962
  url,
7226
6963
  newWindow,
7227
6964
  authHost
7228
6965
  });
7229
6966
  });
7230
-
7231
6967
  const AuthAgent = {
7232
6968
  init,
7233
6969
  registerHook,