@passflow/core 0.2.10 → 0.2.11
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +177 -175
- package/dist/index.mjs.map +1 -1
- package/dist/lib/services/auth-service.d.ts.map +1 -1
- package/dist/lib/services/token-cache-service.d.ts.map +1 -1
- package/dist/lib/store.d.ts +4 -0
- package/dist/lib/store.d.ts.map +1 -1
- package/package.json +4 -2
package/dist/index.mjs
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import F from "axios";
|
|
2
2
|
import { v4 as H } from "uuid";
|
|
3
3
|
import { startRegistration as K, startAuthentication as j } from "@simplewebauthn/browser";
|
|
4
|
-
const z = "0.2.
|
|
4
|
+
const z = "0.2.11", X = {
|
|
5
5
|
version: z
|
|
6
6
|
}, C = "X-Passflow-Clientid", I = "Authorization", W = "X-Passflow-DeviceId", J = "X-Passflow-DeviceType", Z = X.version, Ne = ["id", "offline", "openid"], Q = ["id", "offline", "tenant", "email", "oidc", "openid", "access:tenant:all"], V = "https://auth.passflow.cloud", Ke = "default", ee = 500, te = 600, re = 100, se = 6e4, G = 30, ie = 3, oe = 30, ne = 200, ae = (i) => {
|
|
7
7
|
const e = [];
|
|
@@ -12,8 +12,8 @@ const z = "0.2.10", X = {
|
|
|
12
12
|
continue;
|
|
13
13
|
const s = { tenant: { id: r.tenant_id, name: r.tenant_name } };
|
|
14
14
|
s.groups = r.groups ? Object.keys(r.groups).map((o) => {
|
|
15
|
-
const
|
|
16
|
-
return { group: { id: o, name: r.group_names?.[o] ?? "unknown" }, roles:
|
|
15
|
+
const a = r.groups[o] || [];
|
|
16
|
+
return { group: { id: o, name: r.group_names?.[o] ?? "unknown" }, roles: a };
|
|
17
17
|
}) : [], s.tenantRoles = s.groups?.find((o) => o.group.id === r.root_group_id), e.push(s);
|
|
18
18
|
}
|
|
19
19
|
return { raw: i, tenants: e };
|
|
@@ -62,8 +62,8 @@ function v(i) {
|
|
|
62
62
|
if (!e) throw new Error("Invalid token string");
|
|
63
63
|
const t = e.replace(/-/g, "+").replace(/_/g, "/"), r = t + "=".repeat((4 - t.length % 4) % 4), s = ce(r), o = decodeURIComponent(
|
|
64
64
|
s.split("").map((d) => "%" + ("00" + d.charCodeAt(0).toString(16)).slice(-2)).join("")
|
|
65
|
-
),
|
|
66
|
-
return
|
|
65
|
+
), a = JSON.parse(o);
|
|
66
|
+
return a.membership = a.passflow_tm && a.type !== "invite" ? ae(a.passflow_tm) : void 0, a;
|
|
67
67
|
}
|
|
68
68
|
var p = /* @__PURE__ */ ((i) => (i.id_token = "id_token", i.access_token = "access", i.refresh_token = "refresh", i.invite_token = "invite", i.reset_token = "reset", i.web_cookie = "web-cookie", i.management = "management", i.signin = "signin", i.actor = "actor", i.two_factor = "2fa", i))(p || {}), y = /* @__PURE__ */ ((i) => (i.JsonBody = "json_body", i.Cookie = "cookie", i.Mobile = "mobile", i.BFF = "bff", i))(y || {}), q = /* @__PURE__ */ ((i) => (i.Unknown = "unknown", i.Valid = "valid", i.Invalid = "invalid", i))(q || {});
|
|
69
69
|
class Y {
|
|
@@ -227,8 +227,8 @@ class $ {
|
|
|
227
227
|
* In JSON mode: save all tokens (existing behavior)
|
|
228
228
|
*/
|
|
229
229
|
saveTokens(e, t) {
|
|
230
|
-
const { id_token: r, access_token: s, refresh_token: o, scopes:
|
|
231
|
-
t === y.Cookie || t === y.BFF ? r && this.storage.setItem(this.ID_TOKEN_KEY, r) : (r && this.storage.setItem(this.getKeyForTokenType(p.id_token), r), s && this.storage.setItem(this.getKeyForTokenType(p.access_token), s), o && this.storage.setItem(this.getKeyForTokenType(p.refresh_token), o),
|
|
230
|
+
const { id_token: r, access_token: s, refresh_token: o, scopes: a } = e;
|
|
231
|
+
t === y.Cookie || t === y.BFF ? r && this.storage.setItem(this.ID_TOKEN_KEY, r) : (r && this.storage.setItem(this.getKeyForTokenType(p.id_token), r), s && this.storage.setItem(this.getKeyForTokenType(p.access_token), s), o && this.storage.setItem(this.getKeyForTokenType(p.refresh_token), o), a && this.storage.setItem(this.scopes, a.join(",")));
|
|
232
232
|
}
|
|
233
233
|
getToken(e) {
|
|
234
234
|
const t = this.getKeyForTokenType(e);
|
|
@@ -437,9 +437,9 @@ class _ {
|
|
|
437
437
|
Accept: "application/json",
|
|
438
438
|
"Content-Type": "application/json"
|
|
439
439
|
}, this.nonAccessTokenEndpoints = ["/auth/", "/settings", "/settings/"], this.protectedEndpoints = ["logout", "refresh"];
|
|
440
|
-
const { url: s, appId: o, keyStoragePrefix:
|
|
440
|
+
const { url: s, appId: o, keyStoragePrefix: a } = e;
|
|
441
441
|
this.url = s || V, this.storageManager = t ?? new $({
|
|
442
|
-
prefix:
|
|
442
|
+
prefix: a ?? ""
|
|
443
443
|
}), this.deviceService = r ?? new B(this.storageManager), this.tokenService = new he(this.storageManager), this.tokenDeliveryManager = new Y(this.storageManager), o && (this.appId = o, this.defaultHeaders = {
|
|
444
444
|
...this.defaultHeaders,
|
|
445
445
|
[C]: o
|
|
@@ -552,18 +552,18 @@ class _ {
|
|
|
552
552
|
const o = t._retryCount || 0;
|
|
553
553
|
if (o >= le)
|
|
554
554
|
return Promise.reject(e);
|
|
555
|
-
let
|
|
555
|
+
let a = ge * Math.pow(2, o);
|
|
556
556
|
const d = e.response?.headers?.["retry-after"];
|
|
557
557
|
if (d) {
|
|
558
558
|
const h = Number.parseInt(d, 10);
|
|
559
559
|
if (!Number.isNaN(h))
|
|
560
|
-
|
|
560
|
+
a = h * 1e3;
|
|
561
561
|
else {
|
|
562
562
|
const g = new Date(d);
|
|
563
|
-
Number.isNaN(g.getTime()) || (
|
|
563
|
+
Number.isNaN(g.getTime()) || (a = Math.max(0, g.getTime() - Date.now()));
|
|
564
564
|
}
|
|
565
565
|
}
|
|
566
|
-
return await new Promise((h) => setTimeout(h,
|
|
566
|
+
return await new Promise((h) => setTimeout(h, a)), t._retryCount = o + 1, this.instance.request(t);
|
|
567
567
|
}
|
|
568
568
|
// eslint-disable-next-line complexity
|
|
569
569
|
// biome-ignore lint/suspicious/useAwait: <explanation>
|
|
@@ -715,21 +715,21 @@ class fe {
|
|
|
715
715
|
});
|
|
716
716
|
}
|
|
717
717
|
passkeyRegisterStart(e, t, r, s = !1) {
|
|
718
|
-
const { create_tenant: o } = e,
|
|
718
|
+
const { create_tenant: o } = e, a = {
|
|
719
719
|
...e,
|
|
720
720
|
create_tenant: o ?? !1,
|
|
721
721
|
device: t,
|
|
722
722
|
os: r
|
|
723
723
|
}, d = s ? T.passkeyRegisterStart : c.passkeyRegisterStart;
|
|
724
|
-
return this.axiosClient.post(d,
|
|
724
|
+
return this.axiosClient.post(d, a);
|
|
725
725
|
}
|
|
726
726
|
passkeyRegisterComplete(e, t, r, s = !1) {
|
|
727
727
|
const o = {
|
|
728
728
|
challenge_id: r,
|
|
729
729
|
device: t,
|
|
730
730
|
passkey_data: e
|
|
731
|
-
},
|
|
732
|
-
return this.axiosClient.post(
|
|
731
|
+
}, a = s ? T.passkeyRegisterComplete : c.passkeyRegisterComplete;
|
|
732
|
+
return this.axiosClient.post(a, o);
|
|
733
733
|
}
|
|
734
734
|
passkeyAuthenticateStart(e, t, r, s = !1) {
|
|
735
735
|
const o = {
|
|
@@ -737,9 +737,9 @@ class fe {
|
|
|
737
737
|
user_id: e.user_id ?? "",
|
|
738
738
|
device: t,
|
|
739
739
|
os: r
|
|
740
|
-
},
|
|
740
|
+
}, a = s ? T.passkeyAuthenticateStart : c.passkeyAuthenticateStart;
|
|
741
741
|
return this.axiosClient.post(
|
|
742
|
-
|
|
742
|
+
a,
|
|
743
743
|
o
|
|
744
744
|
);
|
|
745
745
|
}
|
|
@@ -748,11 +748,11 @@ class fe {
|
|
|
748
748
|
challenge_id: r,
|
|
749
749
|
device: t,
|
|
750
750
|
passkey_data: e
|
|
751
|
-
},
|
|
752
|
-
return this.axiosClient.post(
|
|
751
|
+
}, a = s ? T.passkeyAuthenticateComplete : c.passkeyAuthenticateComplete;
|
|
752
|
+
return this.axiosClient.post(a, o);
|
|
753
753
|
}
|
|
754
754
|
passkeyValidate(e, t, r, s = !1, o) {
|
|
755
|
-
const
|
|
755
|
+
const a = {
|
|
756
756
|
otp: e,
|
|
757
757
|
device: t,
|
|
758
758
|
challenge_id: r
|
|
@@ -760,7 +760,7 @@ class fe {
|
|
|
760
760
|
let d = c.passkeyValidate;
|
|
761
761
|
!o && s && (d = T.passkeyValidate);
|
|
762
762
|
const h = o ? { [C]: o } : {};
|
|
763
|
-
return this.axiosClient.post(d,
|
|
763
|
+
return this.axiosClient.post(d, a, { headers: h });
|
|
764
764
|
}
|
|
765
765
|
}
|
|
766
766
|
class ke {
|
|
@@ -952,8 +952,8 @@ class ye {
|
|
|
952
952
|
* @param role Role to assign
|
|
953
953
|
*/
|
|
954
954
|
addUserToGroup(e, t, r, s) {
|
|
955
|
-
const o = `${c.tenantPath}/${e}/group/${t}/add`,
|
|
956
|
-
return this.axiosClient.post(o,
|
|
955
|
+
const o = `${c.tenantPath}/${e}/group/${t}/add`, a = { user_id: r, role: s };
|
|
956
|
+
return this.axiosClient.post(o, a);
|
|
957
957
|
}
|
|
958
958
|
/**
|
|
959
959
|
* Remove user roles from a group
|
|
@@ -963,8 +963,8 @@ class ye {
|
|
|
963
963
|
* @param roles Roles to remove
|
|
964
964
|
*/
|
|
965
965
|
removeUserRolesFromGroup(e, t, r, s) {
|
|
966
|
-
const o = `${c.tenantPath}/${e}/group/${t}/remove_roles`,
|
|
967
|
-
return this.axiosClient.post(o,
|
|
966
|
+
const o = `${c.tenantPath}/${e}/group/${t}/remove_roles`, a = { user_id: r, roles: s };
|
|
967
|
+
return this.axiosClient.post(o, a);
|
|
968
968
|
}
|
|
969
969
|
/**
|
|
970
970
|
* Change user roles in a group
|
|
@@ -974,8 +974,8 @@ class ye {
|
|
|
974
974
|
* @param roles New roles to assign
|
|
975
975
|
*/
|
|
976
976
|
changeUserRoles(e, t, r, s) {
|
|
977
|
-
const o = `${c.tenantPath}/${e}/group/${t}/change`,
|
|
978
|
-
return this.axiosClient.post(o,
|
|
977
|
+
const o = `${c.tenantPath}/${e}/group/${t}/change`, a = { user_id: r, roles: s };
|
|
978
|
+
return this.axiosClient.post(o, a);
|
|
979
979
|
}
|
|
980
980
|
/**
|
|
981
981
|
* Delete a user from a group
|
|
@@ -1197,13 +1197,13 @@ class me {
|
|
|
1197
1197
|
};
|
|
1198
1198
|
}).catch((r) => {
|
|
1199
1199
|
if (r.response) {
|
|
1200
|
-
const s = r.response.status, o = r.response.data || {},
|
|
1200
|
+
const s = r.response.status, o = r.response.data || {}, a = r.response.headers?.["retry-after"] ? parseInt(r.response.headers["retry-after"], 10) : void 0;
|
|
1201
1201
|
return {
|
|
1202
1202
|
success: !1,
|
|
1203
1203
|
error: {
|
|
1204
1204
|
code: o.error || this.mapStatusToErrorCode(s),
|
|
1205
1205
|
message: o.message || this.getDefaultErrorMessage(s),
|
|
1206
|
-
retryAfter:
|
|
1206
|
+
retryAfter: a
|
|
1207
1207
|
}
|
|
1208
1208
|
};
|
|
1209
1209
|
}
|
|
@@ -1365,14 +1365,14 @@ class Se {
|
|
|
1365
1365
|
passkeyDisplayName: s,
|
|
1366
1366
|
passkeyUsername: o
|
|
1367
1367
|
}) {
|
|
1368
|
-
const
|
|
1368
|
+
const a = {
|
|
1369
1369
|
passkey_display_name: s,
|
|
1370
1370
|
passkey_username: o,
|
|
1371
1371
|
relying_party_id: e,
|
|
1372
1372
|
deviceId: t,
|
|
1373
1373
|
os: r
|
|
1374
1374
|
};
|
|
1375
|
-
return this.axiosClient.post(c.addUserPasskey,
|
|
1375
|
+
return this.axiosClient.post(c.addUserPasskey, a);
|
|
1376
1376
|
}
|
|
1377
1377
|
addUserPasskeyComplete(e, t, r) {
|
|
1378
1378
|
return this.axiosClient.post(c.completeAddUserPasskey, {
|
|
@@ -1382,7 +1382,7 @@ class Se {
|
|
|
1382
1382
|
});
|
|
1383
1383
|
}
|
|
1384
1384
|
}
|
|
1385
|
-
var
|
|
1385
|
+
var n = /* @__PURE__ */ ((i) => (i.SignIn = "signin", i.SignInStart = "signin:start", i.Register = "register", i.RegisterStart = "register:start", i.SignOut = "signout", i.SessionRestored = "session:restored", i.SessionExpired = "session:expired", i.Error = "error", i.Refresh = "refresh", i.RefreshStart = "refresh:start", i.TokenCacheExpired = "token-cache-expired", i.TwoFactorRequired = "2fa:required", i.TwoFactorSetupStarted = "2fa:setup_started", i.TwoFactorEnabled = "2fa:enabled", i.TwoFactorDisabled = "2fa:disabled", i.TwoFactorVerified = "2fa:verified", i.TwoFactorRecoveryUsed = "2fa:recovery_used", i.TwoFactorRecoveryCodesLow = "2fa:recovery_low", i.TwoFactorRecoveryCodesExhausted = "2fa:recovery_exhausted", i.TwoFactorSetupMagicLinkValidated = "2fa:magic_link_validated", i.TwoFactorSetupMagicLinkFailed = "2fa:magic_link_failed", i.TwoFactorChallengeReceived = "two_factor_challenge_received", i.TwoFactorMethodSwitched = "two_factor_method_switched", i.TwoFactorDeviceTrusted = "two_factor_device_trusted", i))(n || {});
|
|
1386
1386
|
class we {
|
|
1387
1387
|
constructor() {
|
|
1388
1388
|
this.subscribers = /* @__PURE__ */ new Map();
|
|
@@ -1457,8 +1457,8 @@ function Ee(i) {
|
|
|
1457
1457
|
return /^[A-Z0-9-]{4,16}$/.test(e) ? e : null;
|
|
1458
1458
|
}
|
|
1459
1459
|
class Ie {
|
|
1460
|
-
constructor(e, t, r, s, o,
|
|
1461
|
-
this.authApi = e, this.deviceService = t, this.storageManager = r, this.subscribeStore = s, this.tokenCacheService = o, this.scopes =
|
|
1460
|
+
constructor(e, t, r, s, o, a, d, h, g, f, k, A) {
|
|
1461
|
+
this.authApi = e, this.deviceService = t, this.storageManager = r, this.subscribeStore = s, this.tokenCacheService = o, this.scopes = a, this.createTenantForNewUser = d, this.origin = h, this.url = g, this.sessionCallbacks = f, this.appId = k, this.tokenExchangeConfig = A, this.tokenDeliveryManager = new Y(r), A?.enabled && this.tokenDeliveryManager.setMode(y.BFF), this.initializeSession();
|
|
1462
1462
|
}
|
|
1463
1463
|
/**
|
|
1464
1464
|
* Initialize session state on page load for cookie/BFF mode
|
|
@@ -1487,7 +1487,7 @@ class Ie {
|
|
|
1487
1487
|
return !1;
|
|
1488
1488
|
try {
|
|
1489
1489
|
const e = await this.authApi.validateSession();
|
|
1490
|
-
return e.valid ? (this.tokenDeliveryManager.setSessionValid(), e.user && this.subscribeStore.notify(
|
|
1490
|
+
return e.valid ? (this.tokenDeliveryManager.setSessionValid(), e.user && this.subscribeStore.notify(n.SessionRestored, e.user), !0) : (this.tokenDeliveryManager.setSessionInvalid(), !1);
|
|
1491
1491
|
} catch {
|
|
1492
1492
|
return this.tokenDeliveryManager.setSessionInvalid(), !1;
|
|
1493
1493
|
}
|
|
@@ -1531,7 +1531,7 @@ class Ie {
|
|
|
1531
1531
|
originalError: s,
|
|
1532
1532
|
code: "VALIDATION_ERROR"
|
|
1533
1533
|
};
|
|
1534
|
-
throw this.subscribeStore.notify(
|
|
1534
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1535
1535
|
}
|
|
1536
1536
|
if ("username" in e && e.username && !_e(e.username)) {
|
|
1537
1537
|
const s = new Error(
|
|
@@ -1541,7 +1541,7 @@ class Ie {
|
|
|
1541
1541
|
originalError: s,
|
|
1542
1542
|
code: "VALIDATION_ERROR"
|
|
1543
1543
|
};
|
|
1544
|
-
throw this.subscribeStore.notify(
|
|
1544
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1545
1545
|
}
|
|
1546
1546
|
if ("phone" in e && e.phone && !x(e.phone)) {
|
|
1547
1547
|
const s = new Error("Invalid phone number format. Phone must be in E.164 format (e.g., +12345678901)"), o = {
|
|
@@ -1549,18 +1549,18 @@ class Ie {
|
|
|
1549
1549
|
originalError: s,
|
|
1550
1550
|
code: "VALIDATION_ERROR"
|
|
1551
1551
|
};
|
|
1552
|
-
throw this.subscribeStore.notify(
|
|
1552
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1553
1553
|
}
|
|
1554
|
-
this.subscribeStore.notify(
|
|
1554
|
+
this.subscribeStore.notify(n.SignInStart, { email: e.email });
|
|
1555
1555
|
const t = this.deviceService.getDeviceId(), r = b.web;
|
|
1556
1556
|
e.scopes = e.scopes ?? this.scopes;
|
|
1557
1557
|
try {
|
|
1558
1558
|
const s = await this.authApi.signIn(e, t, r);
|
|
1559
|
-
return "requires_2fa" in s && s.requires_2fa === !0 || "tfa_token" in s && s.tfa_token ? (this.subscribeStore.notify(
|
|
1559
|
+
return "requires_2fa" in s && s.requires_2fa === !0 || "tfa_token" in s && s.tfa_token ? (this.subscribeStore.notify(n.TwoFactorRequired, {
|
|
1560
1560
|
email: e.email || "",
|
|
1561
1561
|
challengeId: s.challenge_id || "",
|
|
1562
1562
|
tfaToken: s.tfa_token || ""
|
|
1563
|
-
}), s) : (await this.processAuthResponse(s, e.scopes), this.subscribeStore.notify(
|
|
1563
|
+
}), s) : (await this.processAuthResponse(s, e.scopes), this.subscribeStore.notify(n.SignIn, {
|
|
1564
1564
|
tokens: s,
|
|
1565
1565
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1566
1566
|
}), await this.submitSessionCheck(), s);
|
|
@@ -1570,7 +1570,7 @@ class Ie {
|
|
|
1570
1570
|
originalError: s,
|
|
1571
1571
|
code: s instanceof u ? s.id : void 0
|
|
1572
1572
|
};
|
|
1573
|
-
throw this.subscribeStore.notify(
|
|
1573
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1574
1574
|
}
|
|
1575
1575
|
}
|
|
1576
1576
|
async signUp(e) {
|
|
@@ -1580,7 +1580,7 @@ class Ie {
|
|
|
1580
1580
|
originalError: t,
|
|
1581
1581
|
code: "VALIDATION_ERROR"
|
|
1582
1582
|
};
|
|
1583
|
-
throw this.subscribeStore.notify(
|
|
1583
|
+
throw this.subscribeStore.notify(n.Error, r), t;
|
|
1584
1584
|
}
|
|
1585
1585
|
if (e.user.phone_number && !x(e.user.phone_number)) {
|
|
1586
1586
|
const t = new Error("Invalid phone number format. Phone must be in E.164 format (e.g., +12345678901)"), r = {
|
|
@@ -1588,12 +1588,12 @@ class Ie {
|
|
|
1588
1588
|
originalError: t,
|
|
1589
1589
|
code: "VALIDATION_ERROR"
|
|
1590
1590
|
};
|
|
1591
|
-
throw this.subscribeStore.notify(
|
|
1591
|
+
throw this.subscribeStore.notify(n.Error, r), t;
|
|
1592
1592
|
}
|
|
1593
|
-
this.subscribeStore.notify(
|
|
1593
|
+
this.subscribeStore.notify(n.RegisterStart, { email: e.user.email }), e.scopes = e.scopes ?? this.scopes, e.create_tenant = this.createTenantForNewUser;
|
|
1594
1594
|
try {
|
|
1595
1595
|
const t = await this.authApi.signUp(e);
|
|
1596
|
-
return await this.processAuthResponse(t, e.scopes), this.subscribeStore.notify(
|
|
1596
|
+
return await this.processAuthResponse(t, e.scopes), this.subscribeStore.notify(n.Register, {
|
|
1597
1597
|
tokens: t,
|
|
1598
1598
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1599
1599
|
}), await this.submitSessionCheck(), t;
|
|
@@ -1603,7 +1603,7 @@ class Ie {
|
|
|
1603
1603
|
originalError: t,
|
|
1604
1604
|
code: t instanceof u ? t.id : void 0
|
|
1605
1605
|
};
|
|
1606
|
-
throw this.subscribeStore.notify(
|
|
1606
|
+
throw this.subscribeStore.notify(n.Error, r), t;
|
|
1607
1607
|
}
|
|
1608
1608
|
}
|
|
1609
1609
|
async passwordlessSignIn(e) {
|
|
@@ -1613,7 +1613,7 @@ class Ie {
|
|
|
1613
1613
|
originalError: s,
|
|
1614
1614
|
code: "VALIDATION_ERROR"
|
|
1615
1615
|
};
|
|
1616
|
-
throw this.subscribeStore.notify(
|
|
1616
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1617
1617
|
}
|
|
1618
1618
|
if (e.phone && !x(e.phone)) {
|
|
1619
1619
|
const s = new Error("Invalid phone number format. Phone must be in E.164 format (e.g., +12345678901)"), o = {
|
|
@@ -1621,9 +1621,9 @@ class Ie {
|
|
|
1621
1621
|
originalError: s,
|
|
1622
1622
|
code: "VALIDATION_ERROR"
|
|
1623
1623
|
};
|
|
1624
|
-
throw this.subscribeStore.notify(
|
|
1624
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1625
1625
|
}
|
|
1626
|
-
this.subscribeStore.notify(
|
|
1626
|
+
this.subscribeStore.notify(n.SignInStart, { email: e.email }), e.scopes = e.scopes ?? this.scopes;
|
|
1627
1627
|
const t = this.deviceService.getDeviceId(), r = b.web;
|
|
1628
1628
|
try {
|
|
1629
1629
|
return await this.authApi.passwordlessSignIn(e, t, r);
|
|
@@ -1633,14 +1633,14 @@ class Ie {
|
|
|
1633
1633
|
originalError: s,
|
|
1634
1634
|
code: s instanceof u ? s.id : void 0
|
|
1635
1635
|
};
|
|
1636
|
-
throw this.subscribeStore.notify(
|
|
1636
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1637
1637
|
}
|
|
1638
1638
|
}
|
|
1639
1639
|
async passwordlessSignInComplete(e) {
|
|
1640
|
-
this.subscribeStore.notify(
|
|
1640
|
+
this.subscribeStore.notify(n.SignInStart, {}), e.scopes = e.scopes ?? this.scopes, e.device = this.deviceService.getDeviceId();
|
|
1641
1641
|
try {
|
|
1642
1642
|
const t = await this.authApi.passwordlessSignInComplete(e);
|
|
1643
|
-
return await this.processAuthResponse(t, e.scopes), this.subscribeStore.notify(
|
|
1643
|
+
return await this.processAuthResponse(t, e.scopes), this.subscribeStore.notify(n.SignIn, {
|
|
1644
1644
|
tokens: t,
|
|
1645
1645
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1646
1646
|
}), await this.submitSessionCheck(), t;
|
|
@@ -1650,7 +1650,7 @@ class Ie {
|
|
|
1650
1650
|
originalError: t,
|
|
1651
1651
|
code: t instanceof u ? t.id : void 0
|
|
1652
1652
|
};
|
|
1653
|
-
throw this.subscribeStore.notify(
|
|
1653
|
+
throw this.subscribeStore.notify(n.Error, r), t;
|
|
1654
1654
|
}
|
|
1655
1655
|
}
|
|
1656
1656
|
async logOut() {
|
|
@@ -1671,10 +1671,10 @@ class Ie {
|
|
|
1671
1671
|
} catch {
|
|
1672
1672
|
}
|
|
1673
1673
|
}
|
|
1674
|
-
this.storageManager.deleteTokens(), this.storageManager.clearIdToken(), this.storageManager.clearCsrfToken(), this.tokenDeliveryManager.reset(), this.subscribeStore.notify(
|
|
1674
|
+
this.storageManager.deleteTokens(), this.storageManager.clearIdToken(), this.storageManager.clearCsrfToken(), this.tokenDeliveryManager.reset(), this.subscribeStore.notify(n.SignOut, {});
|
|
1675
1675
|
}
|
|
1676
1676
|
async refreshToken() {
|
|
1677
|
-
if (this.subscribeStore.notify(
|
|
1677
|
+
if (this.subscribeStore.notify(n.RefreshStart, {}), this.tokenDeliveryManager.isBFFMode() && this.tokenExchangeConfig?.refreshUrl)
|
|
1678
1678
|
try {
|
|
1679
1679
|
const r = await fetch(this.tokenExchangeConfig.refreshUrl, {
|
|
1680
1680
|
method: "POST",
|
|
@@ -1684,25 +1684,25 @@ class Ie {
|
|
|
1684
1684
|
if (!r.ok)
|
|
1685
1685
|
throw this.tokenDeliveryManager.setSessionInvalid(), new Error("BFF token refresh failed");
|
|
1686
1686
|
const s = await r.json();
|
|
1687
|
-
return this.tokenDeliveryManager.setSessionValid(), s.id_token && this.storageManager.setIdToken(s.id_token), this.subscribeStore.notify(
|
|
1687
|
+
return this.tokenDeliveryManager.setSessionValid(), s.id_token && this.storageManager.setIdToken(s.id_token), this.subscribeStore.notify(n.Refresh, {
|
|
1688
1688
|
tokens: s,
|
|
1689
1689
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1690
|
-
}), this.subscribeStore.notify(
|
|
1690
|
+
}), this.subscribeStore.notify(n.TokenCacheExpired, { isExpired: !1 }), this.tokenCacheService.isRefreshing = !1, this.tokenCacheService.tokenExpiredFlag = !1, s;
|
|
1691
1691
|
} catch (r) {
|
|
1692
1692
|
this.tokenDeliveryManager.setSessionInvalid();
|
|
1693
1693
|
const s = {
|
|
1694
1694
|
message: r instanceof Error ? r.message : "Token refresh failed",
|
|
1695
1695
|
originalError: r
|
|
1696
1696
|
};
|
|
1697
|
-
throw this.subscribeStore.notify(
|
|
1697
|
+
throw this.subscribeStore.notify(n.Error, s), r;
|
|
1698
1698
|
}
|
|
1699
1699
|
if (this.tokenDeliveryManager.isCookieMode())
|
|
1700
1700
|
try {
|
|
1701
1701
|
const r = await this.authApi.refreshToken("", this.scopes);
|
|
1702
|
-
return this.tokenDeliveryManager.setSessionValid(), await this.processAuthResponse(r, this.scopes), this.subscribeStore.notify(
|
|
1702
|
+
return this.tokenDeliveryManager.setSessionValid(), await this.processAuthResponse(r, this.scopes), this.subscribeStore.notify(n.Refresh, {
|
|
1703
1703
|
tokens: r,
|
|
1704
1704
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1705
|
-
}), this.subscribeStore.notify(
|
|
1705
|
+
}), this.subscribeStore.notify(n.TokenCacheExpired, { isExpired: !1 }), this.tokenCacheService.isRefreshing = !1, this.tokenCacheService.tokenExpiredFlag = !1, r;
|
|
1706
1706
|
} catch (r) {
|
|
1707
1707
|
this.tokenDeliveryManager.setSessionInvalid();
|
|
1708
1708
|
const s = {
|
|
@@ -1710,7 +1710,7 @@ class Ie {
|
|
|
1710
1710
|
originalError: r,
|
|
1711
1711
|
code: r instanceof u ? r.id : void 0
|
|
1712
1712
|
};
|
|
1713
|
-
throw this.subscribeStore.notify(
|
|
1713
|
+
throw this.subscribeStore.notify(n.Error, s), r;
|
|
1714
1714
|
}
|
|
1715
1715
|
const e = this.storageManager.getTokens();
|
|
1716
1716
|
if (e) {
|
|
@@ -1719,22 +1719,22 @@ class Ie {
|
|
|
1719
1719
|
message: "No refresh token found",
|
|
1720
1720
|
originalError: r
|
|
1721
1721
|
};
|
|
1722
|
-
throw this.subscribeStore.notify(
|
|
1722
|
+
throw this.subscribeStore.notify(n.Error, s), r;
|
|
1723
1723
|
}
|
|
1724
1724
|
} else {
|
|
1725
1725
|
const r = new Error("No tokens found"), s = {
|
|
1726
1726
|
message: "No tokens found",
|
|
1727
1727
|
originalError: r
|
|
1728
1728
|
};
|
|
1729
|
-
throw this.subscribeStore.notify(
|
|
1729
|
+
throw this.subscribeStore.notify(n.Error, s), r;
|
|
1730
1730
|
}
|
|
1731
1731
|
const t = e?.scopes ?? this.scopes;
|
|
1732
1732
|
try {
|
|
1733
1733
|
const r = await this.authApi.refreshToken(e?.refresh_token ?? "", t, e?.access_token);
|
|
1734
|
-
return r.scopes = t, this.storageManager.saveTokens(r), this.tokenCacheService.setTokensCache(r), this.subscribeStore.notify(
|
|
1734
|
+
return r.scopes = t, this.storageManager.saveTokens(r), this.tokenCacheService.setTokensCache(r), this.subscribeStore.notify(n.Refresh, {
|
|
1735
1735
|
tokens: r,
|
|
1736
1736
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1737
|
-
}), this.subscribeStore.notify(
|
|
1737
|
+
}), this.subscribeStore.notify(n.TokenCacheExpired, { isExpired: !1 }), this.tokenCacheService.isRefreshing = !1, this.tokenCacheService.tokenExpiredFlag = !1, this.tokenCacheService.startTokenCheck(), r;
|
|
1738
1738
|
} catch (r) {
|
|
1739
1739
|
const s = {
|
|
1740
1740
|
message: r instanceof Error ? r.message : "Token refresh failed",
|
|
@@ -1745,7 +1745,9 @@ class Ie {
|
|
|
1745
1745
|
data: r.response.data
|
|
1746
1746
|
} : void 0
|
|
1747
1747
|
};
|
|
1748
|
-
|
|
1748
|
+
this.subscribeStore.notify(n.Error, s);
|
|
1749
|
+
const o = F.isAxiosError(r) && r.response?.status && r.response.status >= 400 && r.response.status < 500;
|
|
1750
|
+
throw o && (this.tokenCacheService.tokenExpiredFlag = !0, this.tokenCacheService.setTokensCache(void 0), this.storageManager.deleteTokens(), this.subscribeStore.notify(n.SessionExpired, { reason: "refresh_failed" })), r instanceof u ? r : o ? new Error(`Getting unknown error message from server with code:${r.response?.status}`) : r;
|
|
1749
1751
|
}
|
|
1750
1752
|
}
|
|
1751
1753
|
async sendPasswordResetEmail(e) {
|
|
@@ -1757,43 +1759,43 @@ class Ie {
|
|
|
1757
1759
|
originalError: t,
|
|
1758
1760
|
code: t instanceof u ? t.id : void 0
|
|
1759
1761
|
};
|
|
1760
|
-
throw this.subscribeStore.notify(
|
|
1762
|
+
throw this.subscribeStore.notify(n.Error, r), t;
|
|
1761
1763
|
}
|
|
1762
1764
|
}
|
|
1763
1765
|
async resetPassword(e, t) {
|
|
1764
|
-
this.subscribeStore.notify(
|
|
1766
|
+
this.subscribeStore.notify(n.SignInStart, {});
|
|
1765
1767
|
const s = new URLSearchParams(window.location.search).get("token") ?? void 0, o = t ?? this.scopes;
|
|
1766
1768
|
try {
|
|
1767
|
-
const
|
|
1768
|
-
return await this.processAuthResponse(
|
|
1769
|
-
tokens:
|
|
1769
|
+
const a = await this.authApi.resetPassword(e, o, s);
|
|
1770
|
+
return await this.processAuthResponse(a, o), this.subscribeStore.notify(n.SignIn, {
|
|
1771
|
+
tokens: a,
|
|
1770
1772
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1771
|
-
}), await this.submitSessionCheck(),
|
|
1772
|
-
} catch (
|
|
1773
|
+
}), await this.submitSessionCheck(), a;
|
|
1774
|
+
} catch (a) {
|
|
1773
1775
|
const d = {
|
|
1774
|
-
message:
|
|
1775
|
-
originalError:
|
|
1776
|
-
code:
|
|
1776
|
+
message: a instanceof Error ? a.message : "Password reset failed",
|
|
1777
|
+
originalError: a,
|
|
1778
|
+
code: a instanceof u ? a.id : void 0
|
|
1777
1779
|
};
|
|
1778
|
-
throw this.subscribeStore.notify(
|
|
1780
|
+
throw this.subscribeStore.notify(n.Error, d), a;
|
|
1779
1781
|
}
|
|
1780
1782
|
}
|
|
1781
1783
|
async passkeyRegister(e) {
|
|
1782
|
-
this.subscribeStore.notify(
|
|
1784
|
+
this.subscribeStore.notify(n.RegisterStart, {});
|
|
1783
1785
|
const t = this.deviceService.getDeviceId(), r = b.web;
|
|
1784
1786
|
e.scopes = e.scopes ?? this.scopes, e.create_tenant = this.createTenantForNewUser;
|
|
1785
1787
|
try {
|
|
1786
1788
|
const { challenge_id: s, publicKey: o } = await this.authApi.passkeyRegisterStart(e, t, r, !this.appId);
|
|
1787
1789
|
o.user.id = btoa(o.user.id);
|
|
1788
|
-
const
|
|
1790
|
+
const a = await K({
|
|
1789
1791
|
optionsJSON: o
|
|
1790
1792
|
}), d = await this.authApi.passkeyRegisterComplete(
|
|
1791
|
-
|
|
1793
|
+
a,
|
|
1792
1794
|
t,
|
|
1793
1795
|
s,
|
|
1794
1796
|
!this.appId
|
|
1795
1797
|
);
|
|
1796
|
-
return await this.processAuthResponse(d, e.scopes), this.subscribeStore.notify(
|
|
1798
|
+
return await this.processAuthResponse(d, e.scopes), this.subscribeStore.notify(n.Register, {
|
|
1797
1799
|
tokens: d,
|
|
1798
1800
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1799
1801
|
}), await this.submitSessionCheck(), d;
|
|
@@ -1803,23 +1805,23 @@ class Ie {
|
|
|
1803
1805
|
originalError: s,
|
|
1804
1806
|
code: s instanceof u ? s.id : void 0
|
|
1805
1807
|
};
|
|
1806
|
-
throw this.subscribeStore.notify(
|
|
1808
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1807
1809
|
}
|
|
1808
1810
|
}
|
|
1809
1811
|
async passkeyAuthenticate(e) {
|
|
1810
|
-
this.subscribeStore.notify(
|
|
1812
|
+
this.subscribeStore.notify(n.SignInStart, {});
|
|
1811
1813
|
const t = this.deviceService.getDeviceId(), r = b.web;
|
|
1812
1814
|
e.scopes = e.scopes ?? this.scopes;
|
|
1813
1815
|
try {
|
|
1814
|
-
const { challenge_id: s, publicKey: o } = await this.authApi.passkeyAuthenticateStart(e, t, r, !this.appId),
|
|
1816
|
+
const { challenge_id: s, publicKey: o } = await this.authApi.passkeyAuthenticateStart(e, t, r, !this.appId), a = await j({
|
|
1815
1817
|
optionsJSON: o
|
|
1816
1818
|
}), d = await this.authApi.passkeyAuthenticateComplete(
|
|
1817
|
-
|
|
1819
|
+
a,
|
|
1818
1820
|
t,
|
|
1819
1821
|
s,
|
|
1820
1822
|
!this.appId
|
|
1821
1823
|
);
|
|
1822
|
-
return "access_token" in d && (await this.processAuthResponse(d, e.scopes), this.subscribeStore.notify(
|
|
1824
|
+
return "access_token" in d && (await this.processAuthResponse(d, e.scopes), this.subscribeStore.notify(n.SignIn, {
|
|
1823
1825
|
tokens: d,
|
|
1824
1826
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1825
1827
|
}), await this.submitSessionCheck()), d;
|
|
@@ -1829,7 +1831,7 @@ class Ie {
|
|
|
1829
1831
|
originalError: s,
|
|
1830
1832
|
code: s instanceof u ? s.id : void 0
|
|
1831
1833
|
};
|
|
1832
|
-
throw this.subscribeStore.notify(
|
|
1834
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1833
1835
|
}
|
|
1834
1836
|
}
|
|
1835
1837
|
createFederatedAuthUrl(e) {
|
|
@@ -1842,33 +1844,33 @@ class Ie {
|
|
|
1842
1844
|
...e.invite_token ? { invite_token: e.invite_token } : {},
|
|
1843
1845
|
...e.create_tenant ? { create_tenant: e.create_tenant.toString() } : {},
|
|
1844
1846
|
...e.device ? { device: e.device } : {}
|
|
1845
|
-
}, o = new URL(t, this.url),
|
|
1846
|
-
return o.search =
|
|
1847
|
+
}, o = new URL(t, this.url), a = new URLSearchParams(s);
|
|
1848
|
+
return o.search = a.toString(), o.toString();
|
|
1847
1849
|
}
|
|
1848
1850
|
federatedAuthWithPopup(e) {
|
|
1849
|
-
this.subscribeStore.notify(
|
|
1851
|
+
this.subscribeStore.notify(n.SignInStart, { provider: e.provider });
|
|
1850
1852
|
const t = e.scopes ?? this.scopes, r = this.deviceService.getDeviceId(), s = this.createFederatedAuthUrl({ ...e, scopes: t, device: r }), o = window.open(s, "_blank", `width=${ee},height=${te}`);
|
|
1851
1853
|
if (!o) {
|
|
1852
1854
|
this.federatedAuthWithRedirect(e);
|
|
1853
1855
|
return;
|
|
1854
1856
|
}
|
|
1855
|
-
const
|
|
1857
|
+
const a = Date.now(), d = setInterval(() => {
|
|
1856
1858
|
if (o.closed) {
|
|
1857
1859
|
clearInterval(d);
|
|
1858
1860
|
const h = {
|
|
1859
1861
|
message: "Authentication popup was closed",
|
|
1860
1862
|
code: "POPUP_CLOSED"
|
|
1861
1863
|
};
|
|
1862
|
-
this.subscribeStore.notify(
|
|
1864
|
+
this.subscribeStore.notify(n.Error, h);
|
|
1863
1865
|
return;
|
|
1864
1866
|
}
|
|
1865
|
-
if (Date.now() -
|
|
1867
|
+
if (Date.now() - a > se) {
|
|
1866
1868
|
clearInterval(d), o.close();
|
|
1867
1869
|
const h = {
|
|
1868
1870
|
message: "Authentication popup timed out",
|
|
1869
1871
|
code: "POPUP_TIMEOUT"
|
|
1870
1872
|
};
|
|
1871
|
-
this.subscribeStore.notify(
|
|
1873
|
+
this.subscribeStore.notify(n.Error, h);
|
|
1872
1874
|
return;
|
|
1873
1875
|
}
|
|
1874
1876
|
try {
|
|
@@ -1880,7 +1882,7 @@ class Ie {
|
|
|
1880
1882
|
scopes: t
|
|
1881
1883
|
};
|
|
1882
1884
|
this.processAuthResponse(A, t).then(() => {
|
|
1883
|
-
this.subscribeStore.notify(
|
|
1885
|
+
this.subscribeStore.notify(n.SignIn, {
|
|
1884
1886
|
tokens: A,
|
|
1885
1887
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1886
1888
|
}), window.location.href = `${this.origin}`;
|
|
@@ -1891,27 +1893,27 @@ class Ie {
|
|
|
1891
1893
|
}, re);
|
|
1892
1894
|
}
|
|
1893
1895
|
federatedAuthWithRedirect(e) {
|
|
1894
|
-
this.subscribeStore.notify(
|
|
1896
|
+
this.subscribeStore.notify(n.SignInStart, { provider: e.provider });
|
|
1895
1897
|
const t = e.scopes ?? this.scopes, r = this.deviceService.getDeviceId(), s = this.createFederatedAuthUrl({ ...e, scopes: t, device: r });
|
|
1896
1898
|
window.location.href = s;
|
|
1897
1899
|
}
|
|
1898
1900
|
// Helper methods for authentication UI redirect
|
|
1899
1901
|
authRedirectUrl(e = {}) {
|
|
1900
1902
|
try {
|
|
1901
|
-
const { url: t, redirectUrl: r, scopes: s, appId: o } = e ?? {},
|
|
1902
|
-
|
|
1903
|
+
const { url: t, redirectUrl: r, scopes: s, appId: o } = e ?? {}, a = new URL(t ?? this.url);
|
|
1904
|
+
a.pathname = (a.pathname.endsWith("/") ? a.pathname : a.pathname + "/") + "web";
|
|
1903
1905
|
const d = s ?? this.scopes, h = {
|
|
1904
1906
|
appId: o ?? this.appId ?? "",
|
|
1905
1907
|
redirectto: r ?? window.location.href,
|
|
1906
1908
|
scopes: d.join(",")
|
|
1907
1909
|
}, g = new URLSearchParams(h);
|
|
1908
|
-
return
|
|
1910
|
+
return a.search = g.toString(), a.toString();
|
|
1909
1911
|
} catch (t) {
|
|
1910
1912
|
const r = {
|
|
1911
1913
|
message: t instanceof Error ? t.message : "Failed to create auth redirect URL",
|
|
1912
1914
|
originalError: t
|
|
1913
1915
|
};
|
|
1914
|
-
throw this.subscribeStore.notify(
|
|
1916
|
+
throw this.subscribeStore.notify(n.Error, r), t;
|
|
1915
1917
|
}
|
|
1916
1918
|
}
|
|
1917
1919
|
authRedirect(e = {}) {
|
|
@@ -1922,7 +1924,7 @@ class Ie {
|
|
|
1922
1924
|
message: t instanceof Error ? t.message : "Failed to redirect to auth page",
|
|
1923
1925
|
originalError: t
|
|
1924
1926
|
};
|
|
1925
|
-
throw this.subscribeStore.notify(
|
|
1927
|
+
throw this.subscribeStore.notify(n.Error, r), t;
|
|
1926
1928
|
}
|
|
1927
1929
|
}
|
|
1928
1930
|
/**
|
|
@@ -1941,7 +1943,7 @@ class Ie {
|
|
|
1941
1943
|
message: t instanceof Error ? t.message : "Failed to check authentication status",
|
|
1942
1944
|
originalError: t
|
|
1943
1945
|
};
|
|
1944
|
-
return this.subscribeStore.notify(
|
|
1946
|
+
return this.subscribeStore.notify(n.Error, r), !1;
|
|
1945
1947
|
}
|
|
1946
1948
|
}
|
|
1947
1949
|
/**
|
|
@@ -1956,7 +1958,7 @@ class Ie {
|
|
|
1956
1958
|
message: s instanceof Error || s instanceof u ? s.message : "Session check failed",
|
|
1957
1959
|
originalError: s
|
|
1958
1960
|
};
|
|
1959
|
-
this.subscribeStore.notify(
|
|
1961
|
+
this.subscribeStore.notify(n.Error, o), t = void 0;
|
|
1960
1962
|
}
|
|
1961
1963
|
return t && this.sessionCallbacks.createSession && await this.sessionCallbacks.createSession({ tokens: t, parsedTokens: r }), !t && this.sessionCallbacks.expiredSession && await this.sessionCallbacks.expiredSession(), t;
|
|
1962
1964
|
}
|
|
@@ -1980,7 +1982,7 @@ class Ie {
|
|
|
1980
1982
|
message: t instanceof Error ? t.message : "Failed to get tokens",
|
|
1981
1983
|
originalError: t
|
|
1982
1984
|
};
|
|
1983
|
-
this.subscribeStore.notify(
|
|
1985
|
+
this.subscribeStore.notify(n.Error, r);
|
|
1984
1986
|
return;
|
|
1985
1987
|
}
|
|
1986
1988
|
}
|
|
@@ -2053,31 +2055,31 @@ class Re {
|
|
|
2053
2055
|
}
|
|
2054
2056
|
normalize(e) {
|
|
2055
2057
|
const t = /* @__PURE__ */ new Map(), r = /* @__PURE__ */ new Map(), s = /* @__PURE__ */ new Map(), o = [];
|
|
2056
|
-
return e.groups?.forEach((
|
|
2057
|
-
r.set(
|
|
2058
|
-
id:
|
|
2059
|
-
name:
|
|
2060
|
-
default:
|
|
2061
|
-
updated_at:
|
|
2062
|
-
created_at:
|
|
2058
|
+
return e.groups?.forEach((a) => {
|
|
2059
|
+
r.set(a.id, {
|
|
2060
|
+
id: a.id,
|
|
2061
|
+
name: a.name,
|
|
2062
|
+
default: a.default ?? !1,
|
|
2063
|
+
updated_at: a.updated_at,
|
|
2064
|
+
created_at: a.created_at
|
|
2063
2065
|
});
|
|
2064
|
-
}), e.roles?.forEach((
|
|
2065
|
-
s.set(
|
|
2066
|
-
id:
|
|
2067
|
-
tenant_id:
|
|
2068
|
-
name:
|
|
2066
|
+
}), e.roles?.forEach((a) => {
|
|
2067
|
+
s.set(a.id, {
|
|
2068
|
+
id: a.id,
|
|
2069
|
+
tenant_id: a.tenant_id,
|
|
2070
|
+
name: a.name
|
|
2069
2071
|
});
|
|
2070
|
-
}), e.users_in_groups?.forEach((
|
|
2071
|
-
const d =
|
|
2072
|
+
}), e.users_in_groups?.forEach((a) => {
|
|
2073
|
+
const d = a.user;
|
|
2072
2074
|
d && !t.has(d.id) && t.set(d.id, {
|
|
2073
2075
|
id: d.id,
|
|
2074
2076
|
name: d.name ?? null,
|
|
2075
2077
|
email: d.email ?? null,
|
|
2076
2078
|
phone: d.phone ?? null
|
|
2077
|
-
}), d &&
|
|
2079
|
+
}), d && a.group_id && r.has(a.group_id) && o.push({
|
|
2078
2080
|
userId: d.id,
|
|
2079
|
-
groupId:
|
|
2080
|
-
roleIds:
|
|
2081
|
+
groupId: a.group_id,
|
|
2082
|
+
roleIds: a.roles?.map((h) => h.id) ?? []
|
|
2081
2083
|
});
|
|
2082
2084
|
}), {
|
|
2083
2085
|
tenant_id: e.tenant_id,
|
|
@@ -2503,39 +2505,39 @@ class Fe {
|
|
|
2503
2505
|
return;
|
|
2504
2506
|
}
|
|
2505
2507
|
const t = v(e.access_token);
|
|
2506
|
-
S(t) ? (this.tokenExpiredFlag = !0, this.stopTokenCheck(), this.subscribeStore.notify(
|
|
2508
|
+
S(t) ? (this.tokenExpiredFlag = !0, this.stopTokenCheck(), this.subscribeStore.notify(n.TokenCacheExpired, { isExpired: !0 })) : (this.setTokensCache(e), this.startTokenCheck());
|
|
2507
2509
|
} catch (e) {
|
|
2508
2510
|
const t = {
|
|
2509
2511
|
message: e instanceof Error ? e.message : "Failed to get tokens",
|
|
2510
2512
|
originalError: e
|
|
2511
2513
|
};
|
|
2512
|
-
this.subscribeStore.notify(
|
|
2514
|
+
this.subscribeStore.notify(n.Error, t), this.setTokensCache(void 0);
|
|
2513
2515
|
}
|
|
2514
2516
|
}
|
|
2515
2517
|
async refreshTokensCache(e) {
|
|
2516
2518
|
if (!this.isRefreshing)
|
|
2517
2519
|
try {
|
|
2518
|
-
this.isRefreshing = !0, this.subscribeStore.notify(
|
|
2520
|
+
this.isRefreshing = !0, this.subscribeStore.notify(n.RefreshStart, {});
|
|
2519
2521
|
const t = await this.authApi.refreshToken(e?.refresh_token ?? "", e.scopes ?? [], e.access_token);
|
|
2520
|
-
this.setTokensCache(t), this.subscribeStore.notify(
|
|
2522
|
+
this.setTokensCache(t), this.subscribeStore.notify(n.Refresh, { tokens: t, parsedTokens: this.getParsedTokens() }), this.subscribeStore.notify(n.TokenCacheExpired, { isExpired: !1 }), this.tokenExpiredFlag = !1, this.startTokenCheck();
|
|
2521
2523
|
} catch (t) {
|
|
2522
2524
|
const r = {
|
|
2523
2525
|
message: t instanceof Error ? t.message : "Failed to get tokens",
|
|
2524
2526
|
originalError: t
|
|
2525
2527
|
};
|
|
2526
|
-
this.subscribeStore.notify(
|
|
2528
|
+
this.subscribeStore.notify(n.Error, r), this.tokenExpiredFlag = !0, this.setTokensCache(void 0), this.stopTokenCheck(), this.storageManager.deleteTokens(), this.subscribeStore.notify(n.SessionExpired, { reason: "refresh_failed" });
|
|
2527
2529
|
} finally {
|
|
2528
2530
|
this.isRefreshing = !1;
|
|
2529
2531
|
}
|
|
2530
2532
|
}
|
|
2531
2533
|
startTokenCheck() {
|
|
2532
2534
|
this.checkInterval && clearInterval(this.checkInterval), !this.tokenExpiredFlag && (this.setupVisibilityListener(), this.checkInterval = setInterval(() => {
|
|
2533
|
-
typeof document < "u" && document.hidden || this.isRefreshing || this.tokenExpiredFlag || this.isExpired() && !this.tokenExpiredFlag && (this.tokenExpiredFlag = !0, this.subscribeStore.notify(
|
|
2535
|
+
typeof document < "u" && document.hidden || this.isRefreshing || this.tokenExpiredFlag || this.isExpired() && !this.tokenExpiredFlag && (this.tokenExpiredFlag = !0, this.subscribeStore.notify(n.TokenCacheExpired, { isExpired: !0 }), this.stopTokenCheck());
|
|
2534
2536
|
}, this.CHECK_INTERVAL));
|
|
2535
2537
|
}
|
|
2536
2538
|
setupVisibilityListener() {
|
|
2537
2539
|
typeof document > "u" || (this.visibilityChangeHandler && document.removeEventListener("visibilitychange", this.visibilityChangeHandler), this.visibilityChangeHandler = () => {
|
|
2538
|
-
!document.hidden && this.checkInterval && !this.isRefreshing && !this.tokenExpiredFlag && this.isExpired() && (this.tokenExpiredFlag = !0, this.subscribeStore.notify(
|
|
2540
|
+
!document.hidden && this.checkInterval && !this.isRefreshing && !this.tokenExpiredFlag && this.isExpired() && (this.tokenExpiredFlag = !0, this.subscribeStore.notify(n.TokenCacheExpired, { isExpired: !0 }), this.stopTokenCheck());
|
|
2539
2541
|
}, document.addEventListener("visibilitychange", this.visibilityChangeHandler));
|
|
2540
2542
|
}
|
|
2541
2543
|
setupPageUnloadHandler() {
|
|
@@ -2576,7 +2578,7 @@ class Fe {
|
|
|
2576
2578
|
message: e instanceof Error ? e.message : "Failed to get tokens",
|
|
2577
2579
|
originalError: e
|
|
2578
2580
|
};
|
|
2579
|
-
this.subscribeStore.notify(
|
|
2581
|
+
this.subscribeStore.notify(n.Error, t);
|
|
2580
2582
|
return;
|
|
2581
2583
|
}
|
|
2582
2584
|
}
|
|
@@ -2596,13 +2598,13 @@ class De {
|
|
|
2596
2598
|
this.twoFactorApi = e, this.subscribeStore = t, this.PARTIAL_AUTH_TIMEOUT_MS = 300 * 1e3, this.SESSION_STORAGE_KEY = "passflow_2fa_challenge", this.totpDigits = 6;
|
|
2597
2599
|
const r = {
|
|
2598
2600
|
onAuthChange: (s, o) => {
|
|
2599
|
-
if (s ===
|
|
2600
|
-
const
|
|
2601
|
-
this.setPartialAuthState(
|
|
2601
|
+
if (s === n.TwoFactorRequired) {
|
|
2602
|
+
const a = o;
|
|
2603
|
+
this.setPartialAuthState(a.email, a.challengeId, a.tfaToken);
|
|
2602
2604
|
}
|
|
2603
2605
|
}
|
|
2604
2606
|
};
|
|
2605
|
-
this.subscribeStore.subscribe(r, [
|
|
2607
|
+
this.subscribeStore.subscribe(r, [n.TwoFactorRequired]);
|
|
2606
2608
|
}
|
|
2607
2609
|
/**
|
|
2608
2610
|
* Emit error event and throw the error
|
|
@@ -2614,7 +2616,7 @@ class De {
|
|
|
2614
2616
|
originalError: e,
|
|
2615
2617
|
code: r?.id || void 0
|
|
2616
2618
|
};
|
|
2617
|
-
throw this.subscribeStore.notify(
|
|
2619
|
+
throw this.subscribeStore.notify(n.Error, s), e;
|
|
2618
2620
|
}
|
|
2619
2621
|
/**
|
|
2620
2622
|
* Get 2FA enrollment status for current user
|
|
@@ -2634,7 +2636,7 @@ class De {
|
|
|
2634
2636
|
async beginSetup() {
|
|
2635
2637
|
try {
|
|
2636
2638
|
const e = await this.twoFactorApi.beginSetup();
|
|
2637
|
-
return e.totp_digits && (this.totpDigits = e.totp_digits), this.subscribeStore.notify(
|
|
2639
|
+
return e.totp_digits && (this.totpDigits = e.totp_digits), this.subscribeStore.notify(n.TwoFactorSetupStarted, { secret: e.secret }), e;
|
|
2638
2640
|
} catch (e) {
|
|
2639
2641
|
this.emitErrorAndThrow(e, "Begin 2FA setup");
|
|
2640
2642
|
}
|
|
@@ -2648,7 +2650,7 @@ class De {
|
|
|
2648
2650
|
throw new Error(`Invalid TOTP code format. Code must be exactly ${this.totpDigits} digits.`);
|
|
2649
2651
|
try {
|
|
2650
2652
|
const t = await this.twoFactorApi.confirmSetup({ code: e });
|
|
2651
|
-
return this.subscribeStore.notify(
|
|
2653
|
+
return this.subscribeStore.notify(n.TwoFactorEnabled, {
|
|
2652
2654
|
recoveryCodes: t.recovery_codes,
|
|
2653
2655
|
clearRecoveryCodes: () => {
|
|
2654
2656
|
t.recovery_codes.length = 0;
|
|
@@ -2674,7 +2676,7 @@ class De {
|
|
|
2674
2676
|
code: e,
|
|
2675
2677
|
tfa_token: this.partialAuthState.tfaToken
|
|
2676
2678
|
});
|
|
2677
|
-
return this.clearPartialAuthState(), this.subscribeStore.notify(
|
|
2679
|
+
return this.clearPartialAuthState(), this.subscribeStore.notify(n.TwoFactorVerified, { tokens: t }), t;
|
|
2678
2680
|
} catch (t) {
|
|
2679
2681
|
this.emitErrorAndThrow(t, "Verify 2FA code");
|
|
2680
2682
|
}
|
|
@@ -2696,13 +2698,13 @@ class De {
|
|
|
2696
2698
|
recovery_code: t,
|
|
2697
2699
|
tfa_token: this.partialAuthState.tfaToken
|
|
2698
2700
|
});
|
|
2699
|
-
return this.clearPartialAuthState(), r.remaining_recovery_codes === 0 ? this.subscribeStore.notify(
|
|
2701
|
+
return this.clearPartialAuthState(), r.remaining_recovery_codes === 0 ? this.subscribeStore.notify(n.TwoFactorRecoveryCodesExhausted, { tokens: r }) : r.remaining_recovery_codes <= 2 && this.subscribeStore.notify(n.TwoFactorRecoveryCodesLow, {
|
|
2700
2702
|
tokens: r,
|
|
2701
2703
|
remainingCodes: r.remaining_recovery_codes
|
|
2702
|
-
}), this.subscribeStore.notify(
|
|
2704
|
+
}), this.subscribeStore.notify(n.TwoFactorRecoveryUsed, {
|
|
2703
2705
|
tokens: r,
|
|
2704
2706
|
remainingCodes: r.remaining_recovery_codes
|
|
2705
|
-
}), this.subscribeStore.notify(
|
|
2707
|
+
}), this.subscribeStore.notify(n.TwoFactorVerified, { tokens: r }), r;
|
|
2706
2708
|
} catch (t) {
|
|
2707
2709
|
this.emitErrorAndThrow(t, "Use recovery code");
|
|
2708
2710
|
}
|
|
@@ -2715,7 +2717,7 @@ class De {
|
|
|
2715
2717
|
throw new Error(`Invalid TOTP code format. Code must be exactly ${this.totpDigits} digits.`);
|
|
2716
2718
|
try {
|
|
2717
2719
|
const t = await this.twoFactorApi.disable({ code: e });
|
|
2718
|
-
return this.subscribeStore.notify(
|
|
2720
|
+
return this.subscribeStore.notify(n.TwoFactorDisabled, {}), t;
|
|
2719
2721
|
} catch (t) {
|
|
2720
2722
|
this.emitErrorAndThrow(t, "Disable 2FA");
|
|
2721
2723
|
}
|
|
@@ -2815,12 +2817,12 @@ class De {
|
|
|
2815
2817
|
scope: "2fa_setup",
|
|
2816
2818
|
timestamp: Date.now(),
|
|
2817
2819
|
expiresAt: Date.now() + (t.expiresIn || 3600) * 1e3
|
|
2818
|
-
}, this.subscribeStore.notify(
|
|
2820
|
+
}, this.subscribeStore.notify(n.TwoFactorSetupMagicLinkValidated, {
|
|
2819
2821
|
userId: t.userId,
|
|
2820
2822
|
appId: t.appId,
|
|
2821
2823
|
expiresIn: t.expiresIn || 3600,
|
|
2822
2824
|
sessionToken: t.sessionToken
|
|
2823
|
-
})) : t.error && this.subscribeStore.notify(
|
|
2825
|
+
})) : t.error && this.subscribeStore.notify(n.TwoFactorSetupMagicLinkFailed, {
|
|
2824
2826
|
error: t.error
|
|
2825
2827
|
}), t;
|
|
2826
2828
|
}
|
|
@@ -2891,7 +2893,7 @@ class De {
|
|
|
2891
2893
|
async beginMethodSetup(e) {
|
|
2892
2894
|
try {
|
|
2893
2895
|
const t = await this.twoFactorApi.beginMethodSetup(e);
|
|
2894
|
-
return this.subscribeStore.notify(
|
|
2896
|
+
return this.subscribeStore.notify(n.TwoFactorSetupStarted, { secret: "", method: e }), t;
|
|
2895
2897
|
} catch (t) {
|
|
2896
2898
|
this.emitErrorAndThrow(t, "Begin 2FA method setup");
|
|
2897
2899
|
}
|
|
@@ -2902,7 +2904,7 @@ class De {
|
|
|
2902
2904
|
async confirmMethodSetup(e, t) {
|
|
2903
2905
|
try {
|
|
2904
2906
|
const r = await this.twoFactorApi.confirmMethodSetup(e, t);
|
|
2905
|
-
return this.subscribeStore.notify(
|
|
2907
|
+
return this.subscribeStore.notify(n.TwoFactorEnabled, {
|
|
2906
2908
|
recoveryCodes: [],
|
|
2907
2909
|
clearRecoveryCodes: () => {
|
|
2908
2910
|
}
|
|
@@ -2927,7 +2929,7 @@ class De {
|
|
|
2927
2929
|
async requestChallenge(e) {
|
|
2928
2930
|
try {
|
|
2929
2931
|
const t = await this.twoFactorApi.requestChallenge(e);
|
|
2930
|
-
return this.subscribeStore.notify(
|
|
2932
|
+
return this.subscribeStore.notify(n.TwoFactorChallengeReceived, {
|
|
2931
2933
|
challengeId: t.challenge_id,
|
|
2932
2934
|
method: t.method,
|
|
2933
2935
|
alternativeMethods: t.alternative_methods
|
|
@@ -2942,12 +2944,12 @@ class De {
|
|
|
2942
2944
|
async verifyV2(e) {
|
|
2943
2945
|
try {
|
|
2944
2946
|
const t = await this.twoFactorApi.verifyV2(e);
|
|
2945
|
-
return t.success && (this.subscribeStore.notify(
|
|
2947
|
+
return t.success && (this.subscribeStore.notify(n.TwoFactorVerified, {
|
|
2946
2948
|
tokens: {
|
|
2947
2949
|
access_token: t.access_token,
|
|
2948
2950
|
refresh_token: t.refresh_token
|
|
2949
2951
|
}
|
|
2950
|
-
}), t.device_trusted && this.subscribeStore.notify(
|
|
2952
|
+
}), t.device_trusted && this.subscribeStore.notify(n.TwoFactorDeviceTrusted, {})), t;
|
|
2951
2953
|
} catch (t) {
|
|
2952
2954
|
this.emitErrorAndThrow(t, "Verify 2FA challenge");
|
|
2953
2955
|
}
|
|
@@ -2958,7 +2960,7 @@ class De {
|
|
|
2958
2960
|
async switchToAlternative(e) {
|
|
2959
2961
|
try {
|
|
2960
2962
|
const t = await this.twoFactorApi.switchToAlternative(e);
|
|
2961
|
-
return this.subscribeStore.notify(
|
|
2963
|
+
return this.subscribeStore.notify(n.TwoFactorMethodSwitched, {
|
|
2962
2964
|
challengeId: t.challenge_id,
|
|
2963
2965
|
method: t.method,
|
|
2964
2966
|
alternativeMethods: t.alternative_methods
|
|
@@ -3026,7 +3028,7 @@ class Pe {
|
|
|
3026
3028
|
passkeyUsername: t,
|
|
3027
3029
|
passkeyDisplayName: r
|
|
3028
3030
|
} = {}) {
|
|
3029
|
-
const s = this.deviceService.getDeviceId(), o = b.web, { challenge_id:
|
|
3031
|
+
const s = this.deviceService.getDeviceId(), o = b.web, { challenge_id: a, publicKey: d } = await this.userAPI.addUserPasskeyStart({
|
|
3030
3032
|
relyingPartyId: e || window?.location?.hostname,
|
|
3031
3033
|
deviceId: s,
|
|
3032
3034
|
os: o,
|
|
@@ -3035,17 +3037,17 @@ class Pe {
|
|
|
3035
3037
|
});
|
|
3036
3038
|
d.user.id = btoa(d.user.id);
|
|
3037
3039
|
const h = await K({ optionsJSON: d });
|
|
3038
|
-
return await this.userAPI.addUserPasskeyComplete(h, s,
|
|
3040
|
+
return await this.userAPI.addUserPasskeyComplete(h, s, a);
|
|
3039
3041
|
}
|
|
3040
3042
|
}
|
|
3041
3043
|
const O = class O {
|
|
3042
3044
|
constructor(e) {
|
|
3043
3045
|
this.doRefreshTokens = !1, this.origin = window.location.origin, this.session = async ({
|
|
3044
3046
|
createSession: o,
|
|
3045
|
-
expiredSession:
|
|
3047
|
+
expiredSession: a,
|
|
3046
3048
|
doRefresh: d = !1
|
|
3047
3049
|
}) => {
|
|
3048
|
-
this.createSessionCallback = o, this.expiredSessionCallback =
|
|
3050
|
+
this.createSessionCallback = o, this.expiredSessionCallback = a, this.doRefreshTokens = d, await this.submitSessionCheck();
|
|
3049
3051
|
};
|
|
3050
3052
|
const { url: t, appId: r, scopes: s } = e;
|
|
3051
3053
|
this.url = t || V, this.appId = r, this.storageManager = new $({
|
|
@@ -3092,7 +3094,7 @@ const O = class O {
|
|
|
3092
3094
|
message: r instanceof Error || r instanceof u ? r.message : "Session check failed",
|
|
3093
3095
|
originalError: r
|
|
3094
3096
|
};
|
|
3095
|
-
this.subscribeStore.notify(
|
|
3097
|
+
this.subscribeStore.notify(n.Error, s), e = void 0;
|
|
3096
3098
|
}
|
|
3097
3099
|
e && this.createSessionCallback && await this.createSessionCallback({ tokens: e, parsedTokens: t }), !e && this.expiredSessionCallback && await this.expiredSessionCallback();
|
|
3098
3100
|
}
|
|
@@ -3170,7 +3172,7 @@ const O = class O {
|
|
|
3170
3172
|
const h = new URLSearchParams(window.location.hash.substring(1));
|
|
3171
3173
|
h.get("access_token") && (e = h, t = !0);
|
|
3172
3174
|
}
|
|
3173
|
-
const r = e.get("access_token"), s = e.get("refresh_token"), o = e.get("id_token"),
|
|
3175
|
+
const r = e.get("access_token"), s = e.get("refresh_token"), o = e.get("id_token"), a = e.get("scopes")?.split(",") ?? this.scopes;
|
|
3174
3176
|
let d;
|
|
3175
3177
|
if (r) {
|
|
3176
3178
|
if (!D(r)) {
|
|
@@ -3178,7 +3180,7 @@ const O = class O {
|
|
|
3178
3180
|
message: "Invalid access token format received",
|
|
3179
3181
|
code: "INVALID_TOKEN_FORMAT"
|
|
3180
3182
|
};
|
|
3181
|
-
this.subscribeStore.notify(
|
|
3183
|
+
this.subscribeStore.notify(n.Error, h), this.cleanupUrlParams(t);
|
|
3182
3184
|
return;
|
|
3183
3185
|
}
|
|
3184
3186
|
if (s && !D(s)) {
|
|
@@ -3186,7 +3188,7 @@ const O = class O {
|
|
|
3186
3188
|
message: "Invalid refresh token format received",
|
|
3187
3189
|
code: "INVALID_TOKEN_FORMAT"
|
|
3188
3190
|
};
|
|
3189
|
-
this.subscribeStore.notify(
|
|
3191
|
+
this.subscribeStore.notify(n.Error, h), this.cleanupUrlParams(t);
|
|
3190
3192
|
return;
|
|
3191
3193
|
}
|
|
3192
3194
|
if (o && !D(o)) {
|
|
@@ -3194,15 +3196,15 @@ const O = class O {
|
|
|
3194
3196
|
message: "Invalid ID token format received",
|
|
3195
3197
|
code: "INVALID_TOKEN_FORMAT"
|
|
3196
3198
|
};
|
|
3197
|
-
this.subscribeStore.notify(
|
|
3199
|
+
this.subscribeStore.notify(n.Error, h), this.cleanupUrlParams(t);
|
|
3198
3200
|
return;
|
|
3199
3201
|
}
|
|
3200
3202
|
return d = {
|
|
3201
3203
|
access_token: r,
|
|
3202
3204
|
refresh_token: s ?? void 0,
|
|
3203
3205
|
id_token: o ?? void 0,
|
|
3204
|
-
scopes:
|
|
3205
|
-
}, this.storageManager.clearDeliveryMode(), this.storageManager.saveTokens(d), this.tokenCacheService.setTokensCache(d), this.subscribeStore.notify(
|
|
3206
|
+
scopes: a
|
|
3207
|
+
}, this.storageManager.clearDeliveryMode(), this.storageManager.saveTokens(d), this.tokenCacheService.setTokensCache(d), this.subscribeStore.notify(n.SignIn, { tokens: d, parsedTokens: this.getParsedTokens() }), this.submitSessionCheck(), this.cleanupUrlParams(t), this.error = void 0, d;
|
|
3206
3208
|
} else
|
|
3207
3209
|
this.error = this.checkErrorsFromURL();
|
|
3208
3210
|
}
|
|
@@ -3437,7 +3439,7 @@ const O = class O {
|
|
|
3437
3439
|
originalError: e,
|
|
3438
3440
|
code: e instanceof u ? e.id : void 0
|
|
3439
3441
|
};
|
|
3440
|
-
throw this.subscribeStore.notify(
|
|
3442
|
+
throw this.subscribeStore.notify(n.Error, r), e;
|
|
3441
3443
|
}
|
|
3442
3444
|
/**
|
|
3443
3445
|
* Sign out the current user and clear all tokens.
|
|
@@ -3458,7 +3460,7 @@ const O = class O {
|
|
|
3458
3460
|
*/
|
|
3459
3461
|
async logOut() {
|
|
3460
3462
|
try {
|
|
3461
|
-
await this.authService.logOut(), this.storageManager.deleteTokens(), this.tokenCacheService.setTokensCache(void 0), this.twoFactorService.clearPartialAuthState(), await this.submitSessionCheck(), this.subscribeStore.notify(
|
|
3463
|
+
await this.authService.logOut(), this.storageManager.deleteTokens(), this.tokenCacheService.setTokensCache(void 0), this.twoFactorService.clearPartialAuthState(), await this.submitSessionCheck(), this.subscribeStore.notify(n.SignOut, {});
|
|
3462
3464
|
} catch (e) {
|
|
3463
3465
|
this.handleError(e, "Log out");
|
|
3464
3466
|
}
|
|
@@ -3528,13 +3530,13 @@ const O = class O {
|
|
|
3528
3530
|
* ```
|
|
3529
3531
|
*/
|
|
3530
3532
|
reset(e) {
|
|
3531
|
-
if (this.storageManager.deleteTokens(), this.tokenCacheService.setTokensCache(void 0), this.subscribeStore.notify(
|
|
3533
|
+
if (this.storageManager.deleteTokens(), this.tokenCacheService.setTokensCache(void 0), this.subscribeStore.notify(n.SignOut, {}), e) {
|
|
3532
3534
|
this.error = new Error(e);
|
|
3533
3535
|
const t = {
|
|
3534
3536
|
message: e,
|
|
3535
3537
|
code: "RESET_ERROR"
|
|
3536
3538
|
};
|
|
3537
|
-
throw this.subscribeStore.notify(
|
|
3539
|
+
throw this.subscribeStore.notify(n.Error, t), this.error;
|
|
3538
3540
|
}
|
|
3539
3541
|
}
|
|
3540
3542
|
/**
|
|
@@ -3561,7 +3563,7 @@ const O = class O {
|
|
|
3561
3563
|
try {
|
|
3562
3564
|
return await this.authService.refreshToken();
|
|
3563
3565
|
} catch (e) {
|
|
3564
|
-
throw e instanceof u || this.subscribeStore.notify(
|
|
3566
|
+
throw e instanceof u || this.subscribeStore.notify(n.Error, {
|
|
3565
3567
|
message: "Failed to refresh token",
|
|
3566
3568
|
originalError: e
|
|
3567
3569
|
}), e;
|
|
@@ -3766,7 +3768,7 @@ const O = class O {
|
|
|
3766
3768
|
* ```
|
|
3767
3769
|
*/
|
|
3768
3770
|
setTokens(e) {
|
|
3769
|
-
this.storageManager.saveTokens(e), this.tokenCacheService.setTokensCache(e), this.subscribeStore.notify(
|
|
3771
|
+
this.storageManager.saveTokens(e), this.tokenCacheService.setTokensCache(e), this.subscribeStore.notify(n.SignIn, {
|
|
3770
3772
|
tokens: e,
|
|
3771
3773
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
3772
3774
|
});
|
|
@@ -4202,7 +4204,7 @@ const O = class O {
|
|
|
4202
4204
|
async verifyTwoFactor(e) {
|
|
4203
4205
|
try {
|
|
4204
4206
|
const t = await this.twoFactorService.verify(e);
|
|
4205
|
-
return this.storageManager.saveTokens(t), this.tokenCacheService.setTokensCache(t), this.subscribeStore.notify(
|
|
4207
|
+
return this.storageManager.saveTokens(t), this.tokenCacheService.setTokensCache(t), this.subscribeStore.notify(n.SignIn, {
|
|
4206
4208
|
tokens: t,
|
|
4207
4209
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
4208
4210
|
}), await this.submitSessionCheck(), t;
|
|
@@ -4229,7 +4231,7 @@ const O = class O {
|
|
|
4229
4231
|
async useTwoFactorRecoveryCode(e) {
|
|
4230
4232
|
try {
|
|
4231
4233
|
const t = await this.twoFactorService.useRecoveryCode(e);
|
|
4232
|
-
return this.storageManager.saveTokens(t), this.tokenCacheService.setTokensCache(t), this.subscribeStore.notify(
|
|
4234
|
+
return this.storageManager.saveTokens(t), this.tokenCacheService.setTokensCache(t), this.subscribeStore.notify(n.SignIn, {
|
|
4233
4235
|
tokens: t,
|
|
4234
4236
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
4235
4237
|
}), await this.submitSessionCheck(), t;
|
|
@@ -4705,9 +4707,9 @@ class Ge {
|
|
|
4705
4707
|
signal: r.signal
|
|
4706
4708
|
});
|
|
4707
4709
|
clearTimeout(s);
|
|
4708
|
-
const
|
|
4710
|
+
const a = {};
|
|
4709
4711
|
o.headers.forEach((h, g) => {
|
|
4710
|
-
|
|
4712
|
+
a[g.toLowerCase()] = h;
|
|
4711
4713
|
});
|
|
4712
4714
|
const d = await o.json();
|
|
4713
4715
|
if (!o.ok) {
|
|
@@ -4718,7 +4720,7 @@ class Ge {
|
|
|
4718
4720
|
error_uri: d.error_uri
|
|
4719
4721
|
},
|
|
4720
4722
|
o.status,
|
|
4721
|
-
|
|
4723
|
+
a
|
|
4722
4724
|
);
|
|
4723
4725
|
throw this.config.onError && this.config.onError({
|
|
4724
4726
|
error: h.code,
|
|
@@ -4945,7 +4947,7 @@ export {
|
|
|
4945
4947
|
T as PassflowAdminEndpointPaths,
|
|
4946
4948
|
c as PassflowEndpointPaths,
|
|
4947
4949
|
u as PassflowError,
|
|
4948
|
-
|
|
4950
|
+
n as PassflowEvent,
|
|
4949
4951
|
de as Providers,
|
|
4950
4952
|
E as RequestMethod,
|
|
4951
4953
|
Z as SDK_VERSION,
|