@nsshunt/stsoauth2plugin 0.0.3

package/dist/stsoauth2worker.js

@@ -0,0 +1,553 @@
+var __classPrivateFieldSet = (this && this.__classPrivateFieldSet) || function (receiver, state, value, kind, f) {
+    if (kind === "m") throw new TypeError("Private method is not writable");
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a setter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot write private member to an object whose class did not declare it");
+    return (kind === "a" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;
+};
+var __classPrivateFieldGet = (this && this.__classPrivateFieldGet) || function (receiver, state, kind, f) {
+    if (kind === "a" && !f) throw new TypeError("Private accessor was defined without a getter");
+    if (typeof state === "function" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError("Cannot read private member from an object whose class did not declare it");
+    return kind === "m" ? f : kind === "a" ? f.call(receiver) : f ? f.value : state.get(receiver);
+};
+var _STSOAuth2Worker_clientSessionStore, _STSOAuth2Worker_cUtils, _STSOAuth2Worker_qParams, _STSOAuth2Worker_STORAGE_AUTHORIZE_OPTIONS_KEY, _STSOAuth2Worker_STORAGE_SESSION_KEY, _STSOAuth2Worker_aic, _STSOAuth2Worker_errorCallback, _STSOAuth2Worker_handleAuthenticateEvent, _STSOAuth2Worker_oauthWorkerPort, _STSOAuth2Worker_currentMessageId, _STSOAuth2Worker_ProcessCommand, _STSOAuth2Worker_RestoreSession, _STSOAuth2Worker_Authorize, _STSOAuth2Worker_HandleRedirect, _STSOAuth2Worker_GetTokenFromBroker, _STSOAuth2Worker_GetToken, _STSOAuth2Worker_RefreshToken, _STSOAuth2Worker_Logout;
+import Debug from "debug";
+const debug = Debug(`proc:${process.pid}:stsoauth2worker.ts`);
+import 'colors';
+import axios from "axios";
+import { OAuth2ParameterType } from '@nsshunt/stsutils';
+import CryptoUtils from './Utils/CryptoUtils';
+import QueryParams from './Utils/QueryParams';
+import jwt_decode from "jwt-decode";
+import { ClientStorageType, ClientStorageFactory } from './stsStorage';
+import { StatusCodes } from 'http-status-codes';
+import { AuthorizeOptionsResponseType, AuthorizeOptionsResponseMode, OAuthGrantTypes, IOauth2ListenerCommand } from './stsoauth2types';
+const CreateRandomString = (size = 43) => {
+    const randomValues = Array.from(self.crypto.getRandomValues(new Uint8Array(size)));
+    const b64 = window.btoa(String.fromCharCode(...randomValues));
+    return b64;
+    //return randomValues.toString('base64');
+};
+// STS Client SDK for SPAs
+class STSOAuth2Worker {
+    constructor(workerPort) {
+        //this.#store = app.config.globalProperties.$store;
+        //#storageManager = null;
+        _STSOAuth2Worker_clientSessionStore.set(this, null); // In memory tokens while the client is logged in
+        _STSOAuth2Worker_cUtils.set(this, new CryptoUtils());
+        _STSOAuth2Worker_qParams.set(this, new QueryParams());
+        _STSOAuth2Worker_STORAGE_AUTHORIZE_OPTIONS_KEY.set(this, 'authorize_options.stsmda.com.au');
+        _STSOAuth2Worker_STORAGE_SESSION_KEY.set(this, 'session.stsmda.com.au');
+        _STSOAuth2Worker_aic.set(this, null);
+        _STSOAuth2Worker_errorCallback.set(this, null); //@@ will be replaced with a message back
+        //#store = null;
+        _STSOAuth2Worker_handleAuthenticateEvent.set(this, null);
+        _STSOAuth2Worker_oauthWorkerPort.set(this, null);
+        _STSOAuth2Worker_currentMessageId.set(this, 0);
+        // Attempt to restore a previous session using the STSBroker
+        /*
+        { parameterType: OAuth2ParameterType.CLIENT_ID, errorType: authErrorType.CLIENT_ID_MISMATCH },
+        { parameterType: OAuth2ParameterType.SCOPE, errorType: authErrorType.SCOPE_MISMATCH }
+        { parameterType: OAuth2ParameterType.REDIRECT_URI, errorType: authErrorType.REDIRECT_URI_MISMATCH },
+        { parameterType: OAuth2ParameterType.AUDIENCE, errorType: authErrorType.SCOPE_MISMATCH }
+    
+        Successful Response
+        {
+            "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...",
+            "token_type": "Bearer",
+            "expires_in": 3599,
+            "scope": "https%3A%2F%2Fgraph.microsoft.com%2Fmail.read",
+            "refresh_token": "AwABAAAAvPM1KaPlrEqdFSBzjqfTGAMxZGUTdM0t4B4...",
+            "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIyZDRkMTFhMi1mODE0LTQ2YTctOD...",
+        }
+    
+        Error Response
+        {
+            "error": "invalid_scope",
+            "error_description": "AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope https://foo.microsoft.com/mail.read is not valid.\r\nTrace ID: 255d1aef-8c98-452f-ac51-23d051240864\r\nCorrelation ID: fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7\r\nTimestamp: 2016-01-09 02:02:12Z",
+            "error_codes": [
+                70011
+            ],
+            "timestamp": "2016-01-09 02:02:12Z",
+        }
+    
+        
+        */
+        this.SetupListener = () => {
+            __classPrivateFieldGet(this, _STSOAuth2Worker_oauthWorkerPort, "f").onmessage = async (data) => {
+                const auth2ListenerMessage = data.data;
+                switch (auth2ListenerMessage.command) {
+                    case IOauth2ListenerCommand.RESTORE_SESSION:
+                        __classPrivateFieldGet(this, _STSOAuth2Worker_ProcessCommand, "f").call(this, auth2ListenerMessage, await __classPrivateFieldGet(this, _STSOAuth2Worker_RestoreSession, "f").call(this));
+                        break;
+                    case IOauth2ListenerCommand.AUTHORIZE:
+                        __classPrivateFieldGet(this, _STSOAuth2Worker_ProcessCommand, "f").call(this, auth2ListenerMessage, await __classPrivateFieldGet(this, _STSOAuth2Worker_Authorize, "f").call(this));
+                        break;
+                    case IOauth2ListenerCommand.HANDLE_REDIRECT:
+                        __classPrivateFieldGet(this, _STSOAuth2Worker_ProcessCommand, "f").call(this, auth2ListenerMessage, await __classPrivateFieldGet(this, _STSOAuth2Worker_HandleRedirect, "f").call(this, auth2ListenerMessage.payload));
+                        break;
+                    case IOauth2ListenerCommand.LOGOUT:
+                        __classPrivateFieldGet(this, _STSOAuth2Worker_ProcessCommand, "f").call(this, auth2ListenerMessage, await __classPrivateFieldGet(this, _STSOAuth2Worker_Logout, "f").call(this));
+                        break;
+                    default:
+                        throw new Error(`Command: [${auth2ListenerMessage.command}'] not found.`);
+                }
+            };
+        };
+        _STSOAuth2Worker_ProcessCommand.set(this, async (auth2ListenerMessage, response) => {
+            const messageResponse = {
+                messageId: auth2ListenerMessage.messageId,
+                command: auth2ListenerMessage.command,
+                payload: response
+            };
+            __classPrivateFieldGet(this, _STSOAuth2Worker_oauthWorkerPort, "f").postMessage(messageResponse);
+        });
+        _STSOAuth2Worker_RestoreSession.set(this, async () => {
+            //@@ attempt to get from client storage first
+            let restoredSessionData = null;
+            restoredSessionData = __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").get(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"));
+            if (restoredSessionData !== null) {
+                console.log('Session restored from client storage.');
+                if (__classPrivateFieldGet(this, _STSOAuth2Worker_aic, "f")) {
+                    __classPrivateFieldGet(this, _STSOAuth2Worker_aic, "f").UpdateInstrument('m', { LogMessage: 'Session restored from client storage.' });
+                }
+            }
+            else {
+                const url = `${process.env.BROKER_ENDPOINT}:${process.env.BROKER_PORT}${process.env.BROKER_API_ROOT}/session`;
+                console.log('RestoreSession');
+                console.log(url);
+                if (__classPrivateFieldGet(this, _STSOAuth2Worker_aic, "f")) {
+                    __classPrivateFieldGet(this, _STSOAuth2Worker_aic, "f").UpdateInstrument('m', { LogMessage: 'RestoreSession' });
+                    __classPrivateFieldGet(this, _STSOAuth2Worker_aic, "f").UpdateInstrument('m', { LogMessage: url });
+                }
+                try {
+                    const retVal = await axios({
+                        method: "post",
+                        url: url,
+                        data: {
+                            [OAuth2ParameterType.CLIENT_ID]: process.env.CLIENT_ID,
+                            [OAuth2ParameterType.SCOPE]: process.env.SCOPE,
+                            [OAuth2ParameterType.REDIRECT_URI]: process.env.REDIRECT_URI,
+                            [OAuth2ParameterType.AUDIENCE]: process.env.AUDIENCE
+                        },
+                        withCredentials: true,
+                        timeout: parseInt(process.env.TIMEOUT),
+                    });
+                    if (retVal.data.status === StatusCodes.OK) {
+                        restoredSessionData = retVal.data.detail;
+                        __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").set(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"), restoredSessionData);
+                        console.log('Session restored from server side cookie.');
+                        //this.#store.commit('stsOAuth2SDK/SessionData', restoredSessionData);
+                    }
+                    else {
+                        //@@ handle error better
+                        //this.#store.commit('stsOAuth2SDK/SessionData', null);
+                        console.log('Could not restore previous session:-');
+                        console.log(JSON.stringify(retVal.data));
+                    }
+                }
+                catch (error) {
+                    //@@ handle error better
+                    //this.#store.commit('stsOAuth2SDK/SessionData', null);
+                    console.log('Could not restore previous session (error state):-');
+                    console.log(error);
+                    console.log(JSON.stringify(error));
+                }
+            }
+            //@@ must only use in-memory for this ...
+            //this.#store.commit('stsOAuth2SDK/SessionData', restoredSessionData);
+            if (restoredSessionData !== null) {
+                __classPrivateFieldGet(this, _STSOAuth2Worker_handleAuthenticateEvent, "f").call(this, restoredSessionData.id_token);
+                console.log('Refreshing tokens ...');
+                return __classPrivateFieldGet(this, _STSOAuth2Worker_RefreshToken, "f").call(this);
+            }
+            else {
+                __classPrivateFieldGet(this, _STSOAuth2Worker_handleAuthenticateEvent, "f").call(this, null);
+                return false;
+            }
+        });
+        _STSOAuth2Worker_Authorize.set(this, async () => {
+            console.log('Authorize ...');
+            /* MS Example
+            --------------
+            https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?
+            client_id=6731de76-14a6-49ae-97bc-6eba6914391e
+            &response_type=code
+            &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
+            &response_mode=query
+            &scope=offline_access%20https%3A%2F%2Fgraph.microsoft.com%2Fuser.read%20api%3A%2F%2F
+            &state=12345
+            &code_challenge=YTFjNjI1OWYzMzA3MTI4ZDY2Njg5M2RkNmVjNDE5YmEyZGRhOGYyM2IzNjdmZWFhMTQ1ODg3NDcxY2Nl
+            &code_challenge_method=S256
+    
+            Successful Response
+    
+            GET http://localhost?
+            code=AwABAAAAvPM1KaPlrEqdFSBzjqfTGBCmLdgfSTLEMPGYuNHSUYBrq...
+            &state=12345
+    
+            Error Response
+            GET http://localhost?
+            error=access_denied
+            &error_description=the+user+canceled+the+authentication
+    
+            << Hybrid Flow >>
+    
+            https://login.microsoftonline.com/{tenant}/oauth2/v2.0/authorize?
+            client_id=6731de76-14a6-49ae-97bc-6eba6914391e
+            &response_type=code%20id_token
+            &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
+            &response_mode=fragment
+            &scope=openid%20offline_access%20https%3A%2F%2Fgraph.microsoft.com%2Fuser.read
+            &state=12345
+            &nonce=abcde
+            &code_challenge=YTFjNjI1OWYzMzA3MTI4ZDY2Njg5M2RkNmVjNDE5YmEyZGRhOGYyM2IzNjdmZWFhMTQ1ODg3NDcxY2Nl
+            &code_challenge_method=S256
+    
+            Successful Response
+    
+            GET https://login.microsoftonline.com/common/oauth2/nativeclient#
+            code=AwABAAAAvPM1KaPlrEqdFSBzjqfTGBCmLdgfSTLEMPGYuNHSUYBrq...
+            &id_token=eYj...
+            &state=12345
+    
+            Notes:
+            The nonce is included as a claim inside the returned id_token
+            Ref: https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth2-auth-code-flow
+            */
+            const client_id = process.env.CLIENT_ID;
+            const nonce = __classPrivateFieldGet(this, _STSOAuth2Worker_cUtils, "f").CreateRandomString();
+            const response_type = [AuthorizeOptionsResponseType.CODE];
+            const redirect_uri = process.env.REDIRECT_URI;
+            const response_mode = AuthorizeOptionsResponseMode.QUERY;
+            const scope = process.env.SCOPE;
+            const state = __classPrivateFieldGet(this, _STSOAuth2Worker_cUtils, "f").CreateRandomString();
+            const code_verifier = __classPrivateFieldGet(this, _STSOAuth2Worker_cUtils, "f").CreateRandomString();
+            const code_challenge = await __classPrivateFieldGet(this, _STSOAuth2Worker_cUtils, "f").DigestMessage(code_verifier);
+            const code_challenge_method = 'S256';
+            //let audience = process.env.AUDIENCE;
+            const authorizeOptions = {
+                client_id,
+                nonce,
+                response_type,
+                redirect_uri,
+                response_mode,
+                scope,
+                state,
+                code_challenge,
+                code_challenge_method
+            };
+            const url = `${process.env.AUTH_ENDPOINT}:${process.env.AUTH_PORT}${process.env.AUTH_APIROOT}?${__classPrivateFieldGet(this, _STSOAuth2Worker_qParams, "f").CreateQueryParams(authorizeOptions)}`;
+            console.log(url);
+            // Now add the code_verifier to the transaction data
+            authorizeOptions.code_verifier = code_verifier; //@@ Is this is the only thing required across the transaction ?
+            console.log(`Authorize:authorizeOptions: [${JSON.stringify(authorizeOptions)}]`);
+            return {
+                url,
+                authorizeOptions
+            };
+            //window.location.assign(url);
+            //@@ this may need to be a message back to the plugin to re-direct
+            //window.location.replace(url);
+        });
+        _STSOAuth2Worker_HandleRedirect.set(this, async (payload) => {
+            const queryVars = payload.queryVars;
+            const authorizeOptions = payload.authorizeOptions;
+            console.log('HandleRedirect');
+            // We have been re-direct back here from the /authorize end-point
+            console.log(`HandleRedirect:Query Vars: [${JSON.stringify(queryVars)}]`);
+            if (queryVars[OAuth2ParameterType.CODE]) {
+                const response = queryVars;
+                console.log(`authorizeOptions from transaction state: [${JSON.stringify(authorizeOptions)}]`);
+                const redirectState = response.state;
+                const authorizeOptionsState = authorizeOptions.state;
+                if (authorizeOptionsState.localeCompare(redirectState) === 0) {
+                    console.log('redirected state (from queryVars) matched previously saved transaction authorizeOptions state'.green);
+                    return await __classPrivateFieldGet(this, _STSOAuth2Worker_GetToken, "f").call(this, authorizeOptions, response);
+                }
+                else {
+                    console.log('redirected state (from queryVars) did NOT match previously saved transaction authorizeOptions state'.red);
+                    __classPrivateFieldGet(this, _STSOAuth2Worker_errorCallback, "f").call(this, { message: 'State un-matched' });
+                    return false;
+                }
+            }
+            else if (queryVars[OAuth2ParameterType.ERROR]) {
+                const response = queryVars;
+                //@@ pass error back to parent thread (to the plugin) as a message
+                const error = response.error;
+                const errorDescription = response.error_description;
+                __classPrivateFieldGet(this, _STSOAuth2Worker_errorCallback, "f").call(this, { message: 'State un-matched' });
+                return false;
+            }
+            else {
+                // Invalid redirect query params
+                const error = 'Invalid redirect query params'; //@@ fix
+                const errorDescription = 'Invalid redirect query params description'; //@@ fix
+                __classPrivateFieldGet(this, _STSOAuth2Worker_errorCallback, "f").call(this, { message: 'State un-matched' });
+                return false;
+            }
+        }
+        /*
+        client_id=6731de76-14a6-49ae-97bc-6eba6914391e
+        &scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
+        &code=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq3n8b2JRLk4OxVXr...
+        &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
+        &grant_type=authorization_code
+        &code_verifier=ThisIsntRandomButItNeedsToBe43CharactersLong
+        &client_secret=JqQX2PNo9bpM0uEihUPzyrh    // NOTE: Only required for web apps. This secret needs to be URL-Encoded.
+    
+        Successful Response
+        {
+            "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...",
+            "token_type": "Bearer",
+            "expires_in": 3599,
+            "scope": "https%3A%2F%2Fgraph.microsoft.com%2Fmail.read",
+            "refresh_token": "AwABAAAAvPM1KaPlrEqdFSBzjqfTGAMxZGUTdM0t4B4...",
+            "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIyZDRkMTFhMi1mODE0LTQ2YTctOD...",
+        }
+        */
+        // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
+        );
+        /*
+        client_id=6731de76-14a6-49ae-97bc-6eba6914391e
+        &scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
+        &code=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq3n8b2JRLk4OxVXr...
+        &redirect_uri=http%3A%2F%2Flocalhost%2Fmyapp%2F
+        &grant_type=authorization_code
+        &code_verifier=ThisIsntRandomButItNeedsToBe43CharactersLong
+        &client_secret=JqQX2PNo9bpM0uEihUPzyrh    // NOTE: Only required for web apps. This secret needs to be URL-Encoded.
+    
+        Successful Response
+        {
+            "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik5HVEZ2ZEstZnl0aEV1Q...",
+            "token_type": "Bearer",
+            "expires_in": 3599,
+            "scope": "https%3A%2F%2Fgraph.microsoft.com%2Fmail.read",
+            "refresh_token": "AwABAAAAvPM1KaPlrEqdFSBzjqfTGAMxZGUTdM0t4B4...",
+            "id_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIn0.eyJhdWQiOiIyZDRkMTFhMi1mODE0LTQ2YTctOD...",
+        }
+        */
+        // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
+        _STSOAuth2Worker_GetTokenFromBroker.set(this, async (authorizationCodeFlowParameters) => {
+            console.log("#GetTokenFromBroker");
+            __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").remove(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"));
+            const url = `${process.env.BROKER_ENDPOINT}:${process.env.BROKER_PORT}${process.env.BROKER_API_ROOT}/token`;
+            console.log(`#GetTokenFromBroker:url = [${url}]`);
+            console.log(authorizationCodeFlowParameters);
+            try {
+                const retVal = await axios({
+                    method: "post",
+                    url: url,
+                    data: authorizationCodeFlowParameters,
+                    withCredentials: true,
+                    timeout: parseInt(process.env.TIMEOUT),
+                });
+                console.log(`retVal: ${JSON.stringify(retVal)}`);
+                if (retVal.status === StatusCodes.OK) {
+                    console.log('Storing tokens...');
+                    const tokenResponse = retVal.data;
+                    //this.#store.commit('stsOAuth2SDK/SessionData', tokenResponse);
+                    __classPrivateFieldGet(this, _STSOAuth2Worker_handleAuthenticateEvent, "f").call(this, tokenResponse.id_token);
+                    __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").set(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"), tokenResponse);
+                    return true;
+                }
+                else if (retVal.status === StatusCodes.UNAUTHORIZED) {
+                    console.log('NOT Storing tokens...');
+                    console.log(retVal.status);
+                    //this.#store.commit('stsOAuth2SDK/SessionData', null);
+                    __classPrivateFieldGet(this, _STSOAuth2Worker_handleAuthenticateEvent, "f").call(this, null);
+                    const response = retVal.data;
+                    //@@ store response in state
+                    //@@ go to error page ??
+                    return false;
+                }
+                else {
+                    // General error
+                    console.log('NOT Storing tokens...');
+                    console.log(retVal.status);
+                    //this.#store.commit('stsOAuth2SDK/SessionData', null);
+                    __classPrivateFieldGet(this, _STSOAuth2Worker_handleAuthenticateEvent, "f").call(this, null);
+                    console.log('Could not obtain access_token from token end-point:-');
+                    console.log(JSON.stringify(retVal.data));
+                    //@@ store error in state to show in error page
+                    return false;
+                }
+            }
+            catch (error) {
+                //this.#store.commit('stsOAuth2SDK/SessionData', null);
+                __classPrivateFieldGet(this, _STSOAuth2Worker_handleAuthenticateEvent, "f").call(this, null);
+                //console.log('Could not restore previous session (error state):-');
+                console.log(error);
+                console.log(JSON.stringify(error));
+                //@@ store error in state to show in error page
+                return false;
+            }
+        }
+        // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
+        );
+        // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
+        _STSOAuth2Worker_GetToken.set(this, async (authorizeOptions, authorizeResponse) => {
+            console.log("#GetToken");
+            console.log(authorizeResponse);
+            __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").set(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"), null);
+            const authorizationCodeFlowParameters = {
+                client_id: process.env.CLIENT_ID,
+                scope: process.env.SCOPE,
+                code: authorizeResponse.code,
+                redirect_uri: process.env.REDIRECT_URI,
+                grant_type: OAuthGrantTypes.AUTHORIZATION_CODE,
+                code_verifier: authorizeOptions.code_verifier
+            };
+            return __classPrivateFieldGet(this, _STSOAuth2Worker_GetTokenFromBroker, "f").call(this, authorizationCodeFlowParameters);
+        }
+        /*
+        // Line breaks for legibility only
+    
+    POST /{tenant}/oauth2/v2.0/token HTTP/1.1
+    Host: https://login.microsoftonline.com
+    Content-Type: application/x-www-form-urlencoded
+    
+    client_id=535fb089-9ff3-47b6-9bfb-4f1264799865
+    &scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
+    &refresh_token=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq...
+    &grant_type=refresh_token
+    &client_secret=sampleCredentia1s    // NOTE: Only required for web apps. This secret needs to be URL-Encoded
+    
+    Error Response
+    {
+        "error": "invalid_scope",
+        "error_description": "AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope https://foo.microsoft.com/mail.read is not valid.\r\nTrace ID: 255d1aef-8c98-452f-ac51-23d051240864\r\nCorrelation ID: fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7\r\nTimestamp: 2016-01-09 02:02:12Z",
+        "error_codes": [
+          70011
+        ],
+        "timestamp": "2016-01-09 02:02:12Z",
+        "trace_id": "255d1aef-8c98-452f-ac51-23d051240864",
+        "correlation_id": "fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7"
+      }
+    */
+        );
+        /*
+        // Line breaks for legibility only
+    
+    POST /{tenant}/oauth2/v2.0/token HTTP/1.1
+    Host: https://login.microsoftonline.com
+    Content-Type: application/x-www-form-urlencoded
+    
+    client_id=535fb089-9ff3-47b6-9bfb-4f1264799865
+    &scope=https%3A%2F%2Fgraph.microsoft.com%2Fmail.read
+    &refresh_token=OAAABAAAAiL9Kn2Z27UubvWFPbm0gLWQJVzCTE9UkP3pSx1aXxUjq...
+    &grant_type=refresh_token
+    &client_secret=sampleCredentia1s    // NOTE: Only required for web apps. This secret needs to be URL-Encoded
+    
+    Error Response
+    {
+        "error": "invalid_scope",
+        "error_description": "AADSTS70011: The provided value for the input parameter 'scope' is not valid. The scope https://foo.microsoft.com/mail.read is not valid.\r\nTrace ID: 255d1aef-8c98-452f-ac51-23d051240864\r\nCorrelation ID: fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7\r\nTimestamp: 2016-01-09 02:02:12Z",
+        "error_codes": [
+          70011
+        ],
+        "timestamp": "2016-01-09 02:02:12Z",
+        "trace_id": "255d1aef-8c98-452f-ac51-23d051240864",
+        "correlation_id": "fb3d2015-bc17-4bb9-bb85-30c5cf1aaaa7"
+      }
+    */
+        _STSOAuth2Worker_RefreshToken.set(this, async () => {
+            // Get access_token, refresh_token and id_token using OAuth2 Authorization Code Flow
+            console.log("RefreshToken");
+            //let currentSessionData = this.#store.getters['stsOAuth2SDK/SessionData'];
+            const currentSessionData = __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").get(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"));
+            if (currentSessionData) {
+                const refreshFlowParameters = {
+                    client_id: process.env.CLIENT_ID,
+                    scope: process.env.SCOPE,
+                    refresh_token: currentSessionData.refresh_token,
+                    grant_type: OAuthGrantTypes.REFRESH_TOKEN
+                };
+                return __classPrivateFieldGet(this, _STSOAuth2Worker_GetTokenFromBroker, "f").call(this, refreshFlowParameters);
+            }
+            else {
+                // show error
+                //@@ no valid session exists for refresh
+                return false;
+            }
+        }
+        // call broker to logout
+        // broker to logout of server
+        // delete cookie
+        // clear session storage
+        // clear all state from $store
+        );
+        // call broker to logout
+        // broker to logout of server
+        // delete cookie
+        // clear session storage
+        // clear all state from $store
+        _STSOAuth2Worker_Logout.set(this, async () => {
+            console.log('Logout');
+            const url = `${process.env.BROKER_ENDPOINT}:${process.env.BROKER_PORT}${process.env.BROKER_API_ROOT}/logout`;
+            console.log(url);
+            const currentSessionData = __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").get(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"));
+            const refresh_token = currentSessionData.refresh_token;
+            console.log(refresh_token);
+            const decodedRefreshToken = jwt_decode(refresh_token);
+            console.log(decodedRefreshToken);
+            const sessionId = decodedRefreshToken.sts_session;
+            console.log(sessionId);
+            __classPrivateFieldGet(this, _STSOAuth2Worker_clientSessionStore, "f").remove(__classPrivateFieldGet(this, _STSOAuth2Worker_STORAGE_SESSION_KEY, "f"));
+            //this.#store.commit('stsOAuth2SDK/SessionData', null);
+            __classPrivateFieldGet(this, _STSOAuth2Worker_handleAuthenticateEvent, "f").call(this, null);
+            try {
+                const retVal = await axios({
+                    method: "post",
+                    url: url,
+                    data: {
+                        sessionId
+                    },
+                    withCredentials: true,
+                    timeout: parseInt(process.env.TIMEOUT),
+                });
+                if (retVal.data.status === StatusCodes.OK) {
+                    return true;
+                }
+                else {
+                    console.log('Error during logout (server side)');
+                    console.log(JSON.stringify(retVal.data));
+                    return false;
+                }
+            }
+            catch (error) {
+                console.log('Error during logout (server side)');
+                console.log(error);
+                console.log(JSON.stringify(error));
+                return false;
+            }
+        });
+        // In memory storage for OAuth2 tokens for our valid session
+        __classPrivateFieldSet(this, _STSOAuth2Worker_clientSessionStore, new ClientStorageFactory({ clientStorageType: ClientStorageType.MEMORY_STORAGE }).GetStorage(), "f");
+        //@@ needs to be sent the instrument manager controller port
+        //@@this.#aic = app.config.globalProperties.$sts.aic.PrimaryPublishInstrumentController;
+        //this.#handleAuthenticateEvent = handleAuthenticateEvent;
+        __classPrivateFieldSet(this, _STSOAuth2Worker_handleAuthenticateEvent, (id_token) => {
+            const message = {
+                messageId: -1,
+                command: IOauth2ListenerCommand.AUTHENTICATE_EVENT
+            };
+            __classPrivateFieldGet(this, _STSOAuth2Worker_ProcessCommand, "f").call(this, message, id_token);
+        }, "f");
+        __classPrivateFieldSet(this, _STSOAuth2Worker_errorCallback, (error) => {
+            const message = {
+                messageId: -1,
+                command: IOauth2ListenerCommand.ERROR
+            };
+            __classPrivateFieldGet(this, _STSOAuth2Worker_ProcessCommand, "f").call(this, message, error);
+        }, "f");
+        __classPrivateFieldSet(this, _STSOAuth2Worker_oauthWorkerPort, workerPort, "f");
+        this.SetupListener();
+    }
+}
+_STSOAuth2Worker_clientSessionStore = new WeakMap(), _STSOAuth2Worker_cUtils = new WeakMap(), _STSOAuth2Worker_qParams = new WeakMap(), _STSOAuth2Worker_STORAGE_AUTHORIZE_OPTIONS_KEY = new WeakMap(), _STSOAuth2Worker_STORAGE_SESSION_KEY = new WeakMap(), _STSOAuth2Worker_aic = new WeakMap(), _STSOAuth2Worker_errorCallback = new WeakMap(), _STSOAuth2Worker_handleAuthenticateEvent = new WeakMap(), _STSOAuth2Worker_oauthWorkerPort = new WeakMap(), _STSOAuth2Worker_currentMessageId = new WeakMap(), _STSOAuth2Worker_ProcessCommand = new WeakMap(), _STSOAuth2Worker_RestoreSession = new WeakMap(), _STSOAuth2Worker_Authorize = new WeakMap(), _STSOAuth2Worker_HandleRedirect = new WeakMap(), _STSOAuth2Worker_GetTokenFromBroker = new WeakMap(), _STSOAuth2Worker_GetToken = new WeakMap(), _STSOAuth2Worker_RefreshToken = new WeakMap(), _STSOAuth2Worker_Logout = new WeakMap();
+let oAuth2Worker = null;
+onmessage = async function (data) {
+    const workerPort = data.data;
+    oAuth2Worker = new STSOAuth2Worker(workerPort);
+};
+//# sourceMappingURL=stsoauth2worker.js.map

package/dist/stsoauth2worker.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"stsoauth2worker.js","sourceRoot":"","sources":["../src/stsoauth2worker.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,MAAM,KAAK,GAAG,KAAK,CAAC,QAAQ,OAAO,CAAC,GAAG,qBAAqB,CAAC,CAAC;AAE9D,OAAO,QAAQ,CAAA;AAEf,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAc,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAEpE,OAAO,WAAW,MAAM,qBAAqB,CAAA;AAC7C,OAAO,WAAW,MAAM,qBAAqB,CAAA;AAE7C,OAAO,UAAU,MAAM,YAAY,CAAA;AAEnC,OAAO,EAAe,iBAAiB,EAAE,oBAAoB,EAAE,MAAM,cAAc,CAAA;AAEnF,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAE/C,OAAO,EAAE,4BAA4B,EAAE,4BAA4B,EACmC,eAAe,EAC5F,sBAAsB,EAAkC,MAAM,kBAAkB,CAAA;AAEzG,MAAM,kBAAkB,GAAG,CAAC,IAAI,GAAG,EAAE,EAAE,EAAE;IACxC,MAAM,YAAY,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IAClF,MAAM,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,YAAY,CAAC,CAAC,CAAC;IAC9D,OAAO,GAAG,CAAC;IACX,yCAAyC;AAC1C,CAAC,CAAA;AAED,0BAA0B;AAC1B,MAAM,eAAe;IAcpB,YAAY,UAAuB;QAClC,mDAAmD;QAdpD,yBAAyB;QACzB,8CAAmD,IAAI,EAAC,CAAC,iDAAiD;QAC1G,kCAAU,IAAI,WAAW,EAAE,EAAC;QAC5B,mCAAW,IAAI,WAAW,EAAE,EAAC;QAC7B,yDAAiC,iCAAiC,EAAC;QACnE,+CAAuB,uBAAuB,EAAC;QAC/C,+BAAO,IAAI,EAAC;QACZ,yCAAiB,IAAI,EAAC,CAAC,yCAAyC;QAChE,gBAAgB;QAChB,mDAA8C,IAAI,EAAC;QACnD,2CAAgC,IAAI,EAAC;QACrC,4CAAoB,CAAC,EAAC;QAgCtB,4DAA4D;QAC5D;;;;;;;;;;;;;;;;;;;;;;;;;;;UA2BK;QAGL,kBAAa,GAAG,GAAG,EAAE;YACpB,uBAAA,IAAI,wCAAiB,CAAC,SAAS,GAAG,KAAK,EAAE,IAAkB,EAAE,EAAE;gBAC9D,MAAM,oBAAoB,GAA2B,IAAI,CAAC,IAA8B,CAAC;gBACzF,QAAQ,oBAAoB,CAAC,OAAO,EAAE;oBACtC,KAAK,sBAAsB,CAAC,eAAe;wBAC1C,uBAAA,IAAI,uCAAgB,MAApB,IAAI,EAAiB,oBAAoB,EAAE,MAAM,uBAAA,IAAI,uCAAgB,MAApB,IAAI,CAAkB,CAAC,CAAC;wBACzE,MAAM;oBACP,KAAK,sBAAsB,CAAC,SAAS;wBACpC,uBAAA,IAAI,uCAAgB,MAApB,IAAI,EAAiB,oBAAoB,EAAE,MAAM,uBAAA,IAAI,kCAAW,MAAf,IAAI,CAAa,CAAC,CAAC;wBACpE,MAAM;oBACP,KAAK,sBAAsB,CAAC,eAAe;wBAC1C,uBAAA,IAAI,uCAAgB,MAApB,IAAI,EAAiB,oBAAoB,EAAE,MAAM,uBAAA,IAAI,uCAAgB,MAApB,IAAI,EAAiB,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC;wBACrG,MAAM;oBACP,KAAK,sBAAsB,CAAC,MAAM;wBACjC,uBAAA,IAAI,uCAAgB,MAApB,IAAI,EAAiB,oBAAoB,EAAE,MAAM,uBAAA,IAAI,+BAAQ,MAAZ,IAAI,CAAU,CAAC,CAAC;wBACjE,MAAM;oBACP;wBACC,MAAM,IAAI,KAAK,CAAC,aAAa,oBAAoB,CAAC,OAAO,eAAe,CAAC,CAAC;iBAC1E;YACF,CAAC,CAAA;QACF,CAAC,CAAA;QAED,0CAAkB,KAAK,EAAE,oBAA4C,EAAE,QAAa,EAAE,EAAE;YACvF,MAAM,eAAe,GAAmC;gBACvD,SAAS,EAAE,oBAAoB,CAAC,SAAS;gBACzC,OAAO,EAAE,oBAAoB,CAAC,OAAO;gBACrC,OAAO,EAAE,QAAQ;aACjB,CAAA;YACD,uBAAA,IAAI,wCAAiB,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC;QACpD,CAAC,EAAA;QAED,0CAAkB,KAAK,IAAsB,EAAE;YAC9C,6CAA6C;YAE7C,IAAI,mBAAmB,GAAmB,IAAI,CAAC;YAC/C,mBAAmB,GAAG,uBAAA,IAAI,2CAAoB,CAAC,GAAG,CAAC,uBAAA,IAAI,4CAAqB,CAAC,CAAC;YAC9E,IAAI,mBAAmB,KAAK,IAAI,EAAE;gBACjC,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;gBACrD,IAAI,uBAAA,IAAI,4BAAK,EAAE;oBACd,uBAAA,IAAI,4BAAK,CAAC,gBAAgB,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,uCAAuC,EAAE,CAAC,CAAC;iBACzF;aACD;iBAAM;gBACN,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,UAAU,CAAC;gBAC9G,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;gBAC9B,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACjB,IAAI,uBAAA,IAAI,4BAAK,EAAE;oBACd,uBAAA,IAAI,4BAAK,CAAC,gBAAgB,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,gBAAgB,EAAE,CAAC,CAAC;oBAClE,uBAAA,IAAI,4BAAK,CAAC,gBAAgB,CAAC,GAAG,EAAE,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;iBACrD;gBACD,IAAI;oBACH,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC;wBAC1B,MAAM,EAAE,MAAM;wBACd,GAAG,EAAE,GAAG;wBACR,IAAI,EAAE;4BACL,CAAC,mBAAmB,CAAC,SAAS,CAAC,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS;4BACtD,CAAC,mBAAmB,CAAC,KAAK,CAAC,EAAE,OAAO,CAAC,GAAG,CAAC,KAAK;4BAC9C,CAAC,mBAAmB,CAAC,YAAY,CAAC,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY;4BAC5D,CAAC,mBAAmB,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC,GAAG,CAAC,QAAQ;yBACpD;wBACD,eAAe,EAAE,IAAI;wBACrB,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC;qBACtC,CAAC,CAAC;oBACH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE;wBAC1C,mBAAmB,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC;wBACzC,uBAAA,IAAI,2CAAoB,CAAC,GAAG,CAAC,uBAAA,IAAI,4CAAqB,EAAE,mBAAmB,CAAC,CAAC;wBAC7E,OAAO,CAAC,GAAG,CAAC,2CAA2C,CAAC,CAAC;wBACzD,sEAAsE;qBACtE;yBAAM;wBACN,wBAAwB;wBACxB,uDAAuD;wBACvD,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;wBACpD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;qBACzC;iBACD;gBAAC,OAAO,KAAK,EAAE;oBACf,wBAAwB;oBACxB,uDAAuD;oBACvD,OAAO,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAAC;oBAClE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;oBACnB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;iBACnC;aACD;YAED,yCAAyC;YACzC,sEAAsE;YACtE,IAAI,mBAAmB,KAAK,IAAI,EAAE;gBACjC,uBAAA,IAAI,gDAAyB,MAA7B,IAAI,EAA0B,mBAAmB,CAAC,QAAQ,CAAC,CAAC;gBAC5D,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;gBACrC,OAAO,uBAAA,IAAI,qCAAc,MAAlB,IAAI,CAAgB,CAAC;aAC5B;iBAAM;gBACN,uBAAA,IAAI,gDAAyB,MAA7B,IAAI,EAA0B,IAAI,CAAC,CAAC;gBACpC,OAAO,KAAK,CAAC;aACb;QACF,CAAC,EAAA;QAED,qCAAa,KAAK,IAAyB,EAAE;YAC5C,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YAE7B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;cA8CQ;YAER,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC;YACxC,MAAM,KAAK,GAAG,uBAAA,IAAI,+BAAQ,CAAC,kBAAkB,EAAE,CAAC;YAChD,MAAM,aAAa,GAAG,CAAE,4BAA4B,CAAC,IAAI,CAAE,CAAA;YAC3D,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC;YAC9C,MAAM,aAAa,GAAG,4BAA4B,CAAC,KAAK,CAAA;YACxD,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC;YAChC,MAAM,KAAK,GAAG,uBAAA,IAAI,+BAAQ,CAAC,kBAAkB,EAAE,CAAC;YAChD,MAAM,aAAa,GAAG,uBAAA,IAAI,+BAAQ,CAAC,kBAAkB,EAAE,CAAC;YACxD,MAAM,cAAc,GAAG,MAAM,uBAAA,IAAI,+BAAQ,CAAC,aAAa,CAAC,aAAa,CAAC,CAAC;YACvE,MAAM,qBAAqB,GAAG,MAAM,CAAC;YACrC,sCAAsC;YAEtC,MAAM,gBAAgB,GAAsB;gBAC3C,SAAS;gBACT,KAAK;gBACL,aAAa;gBACb,YAAY;gBACZ,aAAa;gBACb,KAAK;gBACL,KAAK;gBACL,cAAc;gBACd,qBAAqB;aACrB,CAAA;YAED,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,IAAI,OAAO,CAAC,GAAG,CAAC,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,uBAAA,IAAI,gCAAS,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,EAAE,CAAC;YAEpJ,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YAEjB,oDAAoD;YACpD,gBAAgB,CAAC,aAAa,GAAG,aAAa,CAAC,CAAC,gEAAgE;YAEhH,OAAO,CAAC,GAAG,CAAC,gCAAgC,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;YAEjF,OAAO;gBACN,GAAG;gBACH,gBAAgB;aAChB,CAAA;YACD,8BAA8B;YAC9B,kEAAkE;YAClE,+BAA+B;QAChC,CAAC,EAAA;QAED,0CAAkB,KAAK,EAAE,OAAY,EAAoB,EAAE;YAC1D,MAAM,SAAS,GAAiD,OAAO,CAAC,SAAS,CAAC;YAClF,MAAM,gBAAgB,GAAsB,OAAO,CAAC,gBAAgB,CAAA;YAEpE,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;YAC9B,iEAAiE;YACjE,OAAO,CAAC,GAAG,CAAC,+BAA+B,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;YAEzE,IAAI,SAAS,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE;gBACxC,MAAM,QAAQ,GAAuB,SAA+B,CAAC;gBAErE,OAAO,CAAC,GAAG,CAAC,6CAA6C,IAAI,CAAC,SAAS,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;gBAE9F,MAAM,aAAa,GAAG,QAAQ,CAAC,KAAK,CAAC;gBACrC,MAAM,qBAAqB,GAAG,gBAAgB,CAAC,KAAK,CAAC;gBAErD,IAAI,qBAAqB,CAAC,aAAa,CAAC,aAAa,CAAC,KAAK,CAAC,EAAE;oBAC7D,OAAO,CAAC,GAAG,CAAC,+FAA+F,CAAC,KAAK,CAAC,CAAC;oBAEnH,OAAO,MAAM,uBAAA,IAAI,iCAAU,MAAd,IAAI,EAAW,gBAAgB,EAAE,QAAQ,CAAC,CAAC;iBACxD;qBAAM;oBACN,OAAO,CAAC,GAAG,CAAC,qGAAqG,CAAC,GAAG,CAAC,CAAC;oBACvH,uBAAA,IAAI,sCAAe,MAAnB,IAAI,EAAgB,EAAC,OAAO,EAAE,kBAAkB,EAAC,CAAC,CAAC;oBACnD,OAAO,KAAK,CAAC;iBACb;aACD;iBAAM,IAAI,SAAS,CAAC,mBAAmB,CAAC,KAAK,CAAC,EAAE;gBAChD,MAAM,QAAQ,GAA4B,SAAoC,CAAC;gBAC/E,kEAAkE;gBAClE,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC;gBAC7B,MAAM,gBAAgB,GAAG,QAAQ,CAAC,iBAAiB,CAAC;gBACpD,uBAAA,IAAI,sCAAe,MAAnB,IAAI,EAAgB,EAAC,OAAO,EAAE,kBAAkB,EAAC,CAAC,CAAC;gBACnD,OAAO,KAAK,CAAC;aACb;iBAAM;gBACN,gCAAgC;gBAChC,MAAM,KAAK,GAAG,+BAA+B,CAAC,CAAC,QAAQ;gBACvD,MAAM,gBAAgB,GAAG,2CAA2C,CAAC,CAAC,QAAQ;gBAC9E,uBAAA,IAAI,sCAAe,MAAnB,IAAI,EAAgB,EAAC,OAAO,EAAE,kBAAkB,EAAC,CAAC,CAAC;gBACnD,OAAO,KAAK,CAAC;aACb;QACF,CAAC;QAED;;;;;;;;;;;;;;;;;;UAkBK;QAEL,oFAAoF;UAtBnF;QAED;;;;;;;;;;;;;;;;;;UAkBK;QAEL,oFAAoF;QACpF,8CAAsB,KAAK,EAAE,+BAA0F,EAAoB,EAAE;YAC5I,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;YAEnC,uBAAA,IAAI,2CAAoB,CAAC,MAAM,CAAC,uBAAA,IAAI,4CAAqB,CAAC,CAAC;YAE3D,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,QAAQ,CAAC;YAC5G,OAAO,CAAC,GAAG,CAAC,8BAA8B,GAAG,GAAG,CAAC,CAAC;YAClD,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;YAE7C,IAAI;gBACH,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC;oBAC1B,MAAM,EAAE,MAAM;oBACd,GAAG,EAAE,GAAG;oBACR,IAAI,EAAE,+BAA+B;oBACrC,eAAe,EAAE,IAAI;oBACrB,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC;iBACtC,CAAC,CAAC;gBACH,OAAO,CAAC,GAAG,CAAC,WAAW,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBAEjD,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE;oBACrC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;oBACjC,MAAM,aAAa,GAAmB,MAAM,CAAC,IAAsB,CAAC;oBACpE,gEAAgE;oBAChE,uBAAA,IAAI,gDAAyB,MAA7B,IAAI,EAA0B,aAAa,CAAC,QAAQ,CAAC,CAAC;oBACtD,uBAAA,IAAI,2CAAoB,CAAC,GAAG,CAAC,uBAAA,IAAI,4CAAqB,EAAE,aAAa,CAAC,CAAC;oBACvE,OAAO,IAAI,CAAC;iBACZ;qBAAM,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,CAAC,YAAY,EAAE;oBACtD,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;oBACrC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;oBAE3B,uDAAuD;oBACvD,uBAAA,IAAI,gDAAyB,MAA7B,IAAI,EAA0B,IAAI,CAAC,CAAC;oBAEpC,MAAM,QAAQ,GAAwB,MAAM,CAAC,IAA2B,CAAC;oBAEzE,4BAA4B;oBAC5B,wBAAwB;oBACxB,OAAO,KAAK,CAAC;iBAEb;qBAAM;oBACN,gBAAgB;oBAChB,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;oBACrC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;oBAE3B,uDAAuD;oBACvD,uBAAA,IAAI,gDAAyB,MAA7B,IAAI,EAA0B,IAAI,CAAC,CAAC;oBAEpC,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;oBACpE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;oBACzC,+CAA+C;oBAC/C,OAAO,KAAK,CAAC;iBACb;aACD;YAAC,OAAO,KAAK,EAAE;gBACf,uDAAuD;gBACvD,uBAAA,IAAI,gDAAyB,MAA7B,IAAI,EAA0B,IAAI,CAAC,CAAC;gBACpC,oEAAoE;gBACpE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;gBACnB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;gBAEnC,+CAA+C;gBAE/C,OAAO,KAAK,CAAC;aACb;QACF,CAAC;QAED,oFAAoF;UAFnF;QAED,oFAAoF;QACpF,oCAAY,KAAK,EAAE,gBAAmC,EAAE,iBAAqC,EAAoB,EAAE;YAClH,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YACzB,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;YAE/B,uBAAA,IAAI,2CAAoB,CAAC,GAAG,CAAC,uBAAA,IAAI,4CAAqB,EAAE,IAAI,CAAC,CAAC;YAE9D,MAAM,+BAA+B,GAAqC;gBACzE,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS;gBAChC,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,KAAK;gBACxB,IAAI,EAAE,iBAAiB,CAAC,IAAI;gBAC5B,YAAY,EAAE,OAAO,CAAC,GAAG,CAAC,YAAY;gBACtC,UAAU,EAAE,eAAe,CAAC,kBAAkB;gBAC9C,aAAa,EAAE,gBAAgB,CAAC,aAAa;aAC7C,CAAA;YAED,OAAO,uBAAA,IAAI,2CAAoB,MAAxB,IAAI,EAAqB,+BAA+B,CAAC,CAAC;QAClE,CAAC;QAED;;;;;;;;;;;;;;;;;;;;;;;;MAwBC;UA1BA;QAED;;;;;;;;;;;;;;;;;;;;;;;;MAwBC;QAED,wCAAgB,KAAK,IAAsB,EAAE;YAC5C,oFAAoF;YACpF,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YAE5B,2EAA2E;YAC3E,MAAM,kBAAkB,GAAmB,uBAAA,IAAI,2CAAoB,CAAC,GAAG,CAAC,uBAAA,IAAI,4CAAqB,CAAC,CAAC;YACnG,IAAI,kBAAkB,EAAE;gBACvB,MAAM,qBAAqB,GAA2B;oBACrD,SAAS,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS;oBAChC,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,KAAK;oBACxB,aAAa,EAAE,kBAAkB,CAAC,aAAa;oBAC/C,UAAU,EAAE,eAAe,CAAC,aAAa;iBACzC,CAAA;gBAED,OAAO,uBAAA,IAAI,2CAAoB,MAAxB,IAAI,EAAqB,qBAAqB,CAAC,CAAC;aACvD;iBAAM;gBACN,aAAa;gBACb,wCAAwC;gBACxC,OAAO,KAAK,CAAC;aACb;QACF,CAAC;QAED,wBAAwB;QACxB,6BAA6B;QAC7B,gBAAgB;QAChB,wBAAwB;QACxB,8BAA8B;UAN7B;QAED,wBAAwB;QACxB,6BAA6B;QAC7B,gBAAgB;QAChB,wBAAwB;QACxB,8BAA8B;QAC9B,kCAAU,KAAK,IAAsB,EAAE;YACtC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACtB,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,IAAI,OAAO,CAAC,GAAG,CAAC,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,SAAS,CAAC;YAC7G,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YAEjB,MAAM,kBAAkB,GAAmB,uBAAA,IAAI,2CAAoB,CAAC,GAAG,CAAC,uBAAA,IAAI,4CAAqB,CAAC,CAAC;YACnG,MAAM,aAAa,GAAG,kBAAkB,CAAC,aAAa,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAE3B,MAAM,mBAAmB,GAAe,UAAU,CAAa,aAAa,CAAC,CAAC;YAC9E,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;YACjC,MAAM,SAAS,GAAG,mBAAmB,CAAC,WAAW,CAAC;YAClD,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YAEvB,uBAAA,IAAI,2CAAoB,CAAC,MAAM,CAAC,uBAAA,IAAI,4CAAqB,CAAC,CAAC;YAC3D,uDAAuD;YACvD,uBAAA,IAAI,gDAAyB,MAA7B,IAAI,EAA0B,IAAI,CAAC,CAAC;YAEpC,IAAI;gBACH,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC;oBAC1B,MAAM,EAAE,MAAM;oBACd,GAAG,EAAE,GAAG;oBACR,IAAI,EAAE;wBACL,SAAS;qBACT;oBACD,eAAe,EAAE,IAAI;oBACrB,OAAO,EAAE,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC;iBACtC,CAAC,CAAC;gBACH,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,KAAK,WAAW,CAAC,EAAE,EAAE;oBAC1C,OAAO,IAAI,CAAC;iBACZ;qBAAM;oBACN,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;oBACjD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;oBACzC,OAAO,KAAK,CAAC;iBACb;aACD;YAAC,OAAO,KAAK,EAAE;gBACf,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;gBACjD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;gBACnB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;gBACnC,OAAO,KAAK,CAAC;aACb;QACF,CAAC,EAAA;QAreA,4DAA4D;QAC5D,uBAAA,IAAI,uCAAuB,IAAI,oBAAoB,CAAiB,EAAC,iBAAiB,EAAE,iBAAiB,CAAC,cAAc,EAAC,CAAC,CAAC,UAAU,EAAE,MAAA,CAAC;QAExI,4DAA4D;QAC5D,wFAAwF;QAExF,0DAA0D;QAC1D,uBAAA,IAAI,4CAA4B,CAAC,QAAgB,EAAE,EAAE;YACpD,MAAM,OAAO,GAA2B;gBACvC,SAAS,EAAE,CAAC,CAAC;gBACb,OAAO,EAAE,sBAAsB,CAAC,kBAAkB;aAClD,CAAA;YACD,uBAAA,IAAI,uCAAgB,MAApB,IAAI,EAAiB,OAAO,EAAE,QAAQ,CAAC,CAAC;QACzC,CAAC,MAAA,CAAA;QAED,uBAAA,IAAI,kCAAkB,CAAC,KAAU,EAAE,EAAE;YACpC,MAAM,OAAO,GAA2B;gBACvC,SAAS,EAAE,CAAC,CAAC;gBACb,OAAO,EAAE,sBAAsB,CAAC,KAAK;aACrC,CAAA;YACD,uBAAA,IAAI,uCAAgB,MAApB,IAAI,EAAiB,OAAO,EAAE,KAAK,CAAC,CAAC;QACtC,CAAC,MAAA,CAAA;QAED,uBAAA,IAAI,oCAAoB,UAAU,MAAA,CAAC;QACnC,IAAI,CAAC,aAAa,EAAE,CAAC;IACtB,CAAC;CA6cD;;AAED,IAAI,YAAY,GAAoB,IAAI,CAAC;AAEzC,SAAS,GAAG,KAAK,WAAU,IAAkB;IAE5C,MAAM,UAAU,GAAG,IAAI,CAAC,IAAmB,CAAC;IAC5C,YAAY,GAAG,IAAI,eAAe,CAAC,UAAU,CAAC,CAAC;AAChD,CAAC,CAAA"}

package/package.json

@@ -0,0 +1,43 @@
+{
+  "name": "@nsshunt/stsoauth2plugin",
+  "version": "0.0.3",
+  "description": "STS OAuth2 Plugin for Vue",
+  "main": "dist/index.js",
+  "types": "./types/index.d.ts",
+  "scripts": {
+    "lint": "eslint . --ext js,jsx,ts,tsx --fix",
+    "test": "jest --detectOpenHandles --no-cache",
+    "testwatch": "jest --watchAll --detectOpenHandles --no-cache",
+    "build": "tsc"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/nsshunt/stsoauth2plugin.git"
+  },
+  "author": "",
+  "license": "ISC",
+  "bugs": {
+    "url": "https://github.com/nsshunt/stsoauth2plugin/issues"
+  },
+  "devDependencies": {
+    "@babel/preset-env": "^7.18.2",
+    "@babel/preset-typescript": "^7.17.12",
+    "@tsconfig/node18": "^1.0.0",
+    "@types/debug": "^4.1.7",
+    "@types/jest": "^27.5.1",
+    "@typescript-eslint/eslint-plugin": "^5.27.0",
+    "@typescript-eslint/parser": "^5.27.0",
+    "eslint": "^8.16.0",
+    "jest": "^28.0.2",
+    "supertest": "^6.2.2",
+    "typescript": "^4.7.2"
+  },
+  "homepage": "https://github.com/nsshunt/stsoauth2plugin#readme",
+  "dependencies": {
+    "@nsshunt/stsutils": "^1.15.1",
+    "es-cookie": "^1.3.2",
+    "http-status-codes": "^2.2.0",
+    "jwt-decode": "^3.1.2",
+    "vue-router": "^4.0.16"
+  }
+}

package/src/Utils/CryptoUtils.ts

@@ -0,0 +1,32 @@
+export class CryptoUtils {
+	DigestMessage = async function (message) {
+		const encoder = new TextEncoder();
+		const data = encoder.encode(message);
+		const hashBuffer = await crypto.subtle.digest('SHA-256', data);
+		const hashArray = Array.from(new Uint8Array(hashBuffer)); // convert buffer to byte array
+		//let b64 = window.btoa(String.fromCharCode(...hashArray));
+		const b64 = btoa(String.fromCharCode(...hashArray));// Use below if a HEX string is required
+		// const hashHex = hashArray.map(b => b.toString(16).padStart(2, '0')).join(''); // convert bytes to hex string
+		return b64;
+	}
+
+	CreateRandomString = (size = 43) => {
+		//const randomValues = Array.from(window.crypto.getRandomValues(new Uint8Array(size)))
+		const randomValues = Array.from(crypto.getRandomValues(new Uint8Array(size)))
+		//let b64 = window.btoa(String.fromCharCode(...randomValues));
+		const b64 = btoa(String.fromCharCode(...randomValues));
+		return b64;
+		//return randomValues.toString('base64');
+	}
+
+	CreateRandomStringEx = () => {
+		const charset = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.';
+		let random = '';
+		//const randomValues = Array.from(window.crypto.getRandomValues(new Uint8Array(43)));
+		const randomValues = Array.from(crypto.getRandomValues(new Uint8Array(43)));
+		randomValues.forEach(v => (random += charset[v % charset.length]));
+		return random;
+	}
+}
+
+export default CryptoUtils