@passflow/core 0.2.10 → 0.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/index.mjs +234 -216
- package/dist/index.mjs.map +1 -1
- package/dist/lib/api/cli-auth.d.ts +12 -0
- package/dist/lib/api/cli-auth.d.ts.map +1 -0
- package/dist/lib/api/index.d.ts +1 -0
- package/dist/lib/api/index.d.ts.map +1 -1
- package/dist/lib/api/model.d.ts +20 -1
- package/dist/lib/api/model.d.ts.map +1 -1
- package/dist/lib/index.d.ts +2 -0
- package/dist/lib/index.d.ts.map +1 -1
- package/dist/lib/services/auth-service.d.ts.map +1 -1
- package/dist/lib/services/token-cache-service.d.ts.map +1 -1
- package/dist/lib/store.d.ts +4 -0
- package/dist/lib/store.d.ts.map +1 -1
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/package.json +4 -2
package/dist/index.mjs
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import F from "axios";
|
|
2
2
|
import { v4 as H } from "uuid";
|
|
3
3
|
import { startRegistration as K, startAuthentication as j } from "@simplewebauthn/browser";
|
|
4
|
-
const z = "0.
|
|
4
|
+
const z = "0.5.0", X = {
|
|
5
5
|
version: z
|
|
6
6
|
}, C = "X-Passflow-Clientid", I = "Authorization", W = "X-Passflow-DeviceId", J = "X-Passflow-DeviceType", Z = X.version, Ne = ["id", "offline", "openid"], Q = ["id", "offline", "tenant", "email", "oidc", "openid", "access:tenant:all"], V = "https://auth.passflow.cloud", Ke = "default", ee = 500, te = 600, re = 100, se = 6e4, G = 30, ie = 3, oe = 30, ne = 200, ae = (i) => {
|
|
7
7
|
const e = [];
|
|
@@ -12,8 +12,8 @@ const z = "0.2.10", X = {
|
|
|
12
12
|
continue;
|
|
13
13
|
const s = { tenant: { id: r.tenant_id, name: r.tenant_name } };
|
|
14
14
|
s.groups = r.groups ? Object.keys(r.groups).map((o) => {
|
|
15
|
-
const
|
|
16
|
-
return { group: { id: o, name: r.group_names?.[o] ?? "unknown" }, roles:
|
|
15
|
+
const a = r.groups[o] || [];
|
|
16
|
+
return { group: { id: o, name: r.group_names?.[o] ?? "unknown" }, roles: a };
|
|
17
17
|
}) : [], s.tenantRoles = s.groups?.find((o) => o.group.id === r.root_group_id), e.push(s);
|
|
18
18
|
}
|
|
19
19
|
return { raw: i, tenants: e };
|
|
@@ -62,10 +62,10 @@ function v(i) {
|
|
|
62
62
|
if (!e) throw new Error("Invalid token string");
|
|
63
63
|
const t = e.replace(/-/g, "+").replace(/_/g, "/"), r = t + "=".repeat((4 - t.length % 4) % 4), s = ce(r), o = decodeURIComponent(
|
|
64
64
|
s.split("").map((d) => "%" + ("00" + d.charCodeAt(0).toString(16)).slice(-2)).join("")
|
|
65
|
-
),
|
|
66
|
-
return
|
|
65
|
+
), a = JSON.parse(o);
|
|
66
|
+
return a.membership = a.passflow_tm && a.type !== "invite" ? ae(a.passflow_tm) : void 0, a;
|
|
67
67
|
}
|
|
68
|
-
var p = /* @__PURE__ */ ((i) => (i.id_token = "id_token", i.access_token = "access", i.refresh_token = "refresh", i.invite_token = "invite", i.reset_token = "reset", i.web_cookie = "web-cookie", i.management = "management", i.signin = "signin", i.actor = "actor", i.two_factor = "2fa", i))(p || {}),
|
|
68
|
+
var p = /* @__PURE__ */ ((i) => (i.id_token = "id_token", i.access_token = "access", i.refresh_token = "refresh", i.invite_token = "invite", i.reset_token = "reset", i.web_cookie = "web-cookie", i.management = "management", i.signin = "signin", i.actor = "actor", i.two_factor = "2fa", i))(p || {}), m = /* @__PURE__ */ ((i) => (i.JsonBody = "json_body", i.Cookie = "cookie", i.Mobile = "mobile", i.BFF = "bff", i))(m || {}), q = /* @__PURE__ */ ((i) => (i.Unknown = "unknown", i.Valid = "valid", i.Invalid = "invalid", i))(q || {});
|
|
69
69
|
class Y {
|
|
70
70
|
constructor(e) {
|
|
71
71
|
this.storageManager = e, this.mode = "json_body", this.sessionState = "unknown", this.isInitializedFlag = !1, this.STORAGE_PREFIX = "passflow_", this.DELIVERY_MODE_KEY = `${this.STORAGE_PREFIX}delivery_mode`, this.SESSION_STATE_KEY = `${this.STORAGE_PREFIX}session_state`, this.loadPersistedMode(), this.loadPersistedSessionState();
|
|
@@ -166,7 +166,7 @@ class Y {
|
|
|
166
166
|
loadPersistedMode() {
|
|
167
167
|
try {
|
|
168
168
|
const e = this.storageManager.storage.getItem(this.DELIVERY_MODE_KEY);
|
|
169
|
-
e && Object.values(
|
|
169
|
+
e && Object.values(m).includes(e) && (this.mode = e, this.isInitializedFlag = !0);
|
|
170
170
|
} catch {
|
|
171
171
|
}
|
|
172
172
|
}
|
|
@@ -227,8 +227,8 @@ class $ {
|
|
|
227
227
|
* In JSON mode: save all tokens (existing behavior)
|
|
228
228
|
*/
|
|
229
229
|
saveTokens(e, t) {
|
|
230
|
-
const { id_token: r, access_token: s, refresh_token: o, scopes:
|
|
231
|
-
t ===
|
|
230
|
+
const { id_token: r, access_token: s, refresh_token: o, scopes: a } = e;
|
|
231
|
+
t === m.Cookie || t === m.BFF ? r && this.storage.setItem(this.ID_TOKEN_KEY, r) : (r && this.storage.setItem(this.getKeyForTokenType(p.id_token), r), s && this.storage.setItem(this.getKeyForTokenType(p.access_token), s), o && this.storage.setItem(this.getKeyForTokenType(p.refresh_token), o), a && this.storage.setItem(this.scopes, a.join(",")));
|
|
232
232
|
}
|
|
233
233
|
getToken(e) {
|
|
234
234
|
const t = this.getKeyForTokenType(e);
|
|
@@ -241,7 +241,7 @@ class $ {
|
|
|
241
241
|
*/
|
|
242
242
|
getTokens() {
|
|
243
243
|
const e = this.getDeliveryMode();
|
|
244
|
-
if (e ===
|
|
244
|
+
if (e === m.Cookie || e === m.BFF) {
|
|
245
245
|
const r = this.storage.getItem(this.ID_TOKEN_KEY);
|
|
246
246
|
return r ? {
|
|
247
247
|
id_token: r
|
|
@@ -324,7 +324,7 @@ class $ {
|
|
|
324
324
|
getDeliveryMode() {
|
|
325
325
|
try {
|
|
326
326
|
const e = this.storage.getItem(this.DELIVERY_MODE_KEY);
|
|
327
|
-
if (e && Object.values(
|
|
327
|
+
if (e && Object.values(m).includes(e))
|
|
328
328
|
return e;
|
|
329
329
|
} catch {
|
|
330
330
|
}
|
|
@@ -416,14 +416,14 @@ class B {
|
|
|
416
416
|
return H();
|
|
417
417
|
}
|
|
418
418
|
}
|
|
419
|
-
var E = /* @__PURE__ */ ((i) => (i.GET = "get", i.POST = "post", i.PUT = "put", i.PATCH = "patch", i.DELETE = "delete", i))(E || {}), c = /* @__PURE__ */ ((i) => (i.signin = "/auth/login", i.signup = "/auth/register", i.signInWithProvider = "/auth/federated/start/", i.passwordless = "/auth/passwordless/start", i.passwordlessComplete = "/auth/passwordless/complete", i.logout = "/user/logout", i.refresh = "/auth/refresh", i.validateSession = "/user/me", i.sendPasswordResetEmail = "/auth/password/reset", i.resetPassword = "/auth/password/change", i.appSettings = "/app/settings", i.passkeyRegisterStart = "/auth/passkey/register/start", i.passkeyRegisterComplete = "/auth/passkey/register/complete", i.passkeyAuthenticateStart = "/auth/passkey/authenticate/start", i.passkeyAuthenticateComplete = "/auth/passkey/authenticate/complete", i.passkeyValidate = "/auth/validate", i.settingsAll = "/settings", i.settingsPasswordPolicy = "/settings/password", i.settingsPasskey = "/settings/passkey", i.userPasskey = "/user/passkey", i.addUserPasskey = "/user/passkey/add/start", i.completeAddUserPasskey = "/user/passkey/add/complete", i.joinInvitation = "/user/tenant/join", i.tenantPath = "/user/tenant", i.invitationsPath = "/user/tenant/:tenantID/invitations", i.requestInvitation = "/user/invite", i.invitationDelete = "/user/invite/:invitationID", i.invitationResend = "/user/invite/:invitationID/resend", i.invitationGetLink = "/user/invite/:invitationID/link", i.twoFactor = "/user/2fa", i.twoFactorStatus = "/user/2fa/status", i.twoFactorSetupBegin = "/user/2fa/setup/begin", i.twoFactorSetupConfirm = "/user/2fa/setup/confirm", i.twoFactorVerify = "/auth/2fa/verify", i.twoFactorRecovery = "/auth/2fa/recovery", i.twoFactorRegenerateCodes = "/user/2fa/recovery-codes/regenerate", i.twoFactorSetupMagicLink = "/auth/2fa-setup", i.TwoFactorMethodsAvailable = "/v2/user/2fa/methods/available", i.TwoFactorMethodsRegistered = "/v2/user/2fa/methods", i.TwoFactorMethodSetupBegin = "/v2/user/2fa/methods/:method/setup/begin", i.TwoFactorMethodSetupConfirm = "/v2/user/2fa/methods/:method/setup/confirm", i.TwoFactorMethodRemove = "/v2/user/2fa/methods/:id", i.TwoFactorChallenge = "/v2/auth/2fa/challenge", i.TwoFactorVerifyV2 = "/v2/auth/2fa/verify", i.TwoFactorAlternative = "/v2/auth/2fa/alternative", i.TwoFactorTrustedDevices = "/v2/user/2fa/trusted-devices", i.TwoFactorTrustedDeviceRevoke = "/v2/user/2fa/trusted-devices/:id", i))(c || {}),
|
|
419
|
+
var E = /* @__PURE__ */ ((i) => (i.GET = "get", i.POST = "post", i.PUT = "put", i.PATCH = "patch", i.DELETE = "delete", i))(E || {}), c = /* @__PURE__ */ ((i) => (i.signin = "/auth/login", i.signup = "/auth/register", i.signInWithProvider = "/auth/federated/start/", i.passwordless = "/auth/passwordless/start", i.passwordlessComplete = "/auth/passwordless/complete", i.logout = "/user/logout", i.refresh = "/auth/refresh", i.validateSession = "/user/me", i.sendPasswordResetEmail = "/auth/password/reset", i.resetPassword = "/auth/password/change", i.appSettings = "/app/settings", i.passkeyRegisterStart = "/auth/passkey/register/start", i.passkeyRegisterComplete = "/auth/passkey/register/complete", i.passkeyAuthenticateStart = "/auth/passkey/authenticate/start", i.passkeyAuthenticateComplete = "/auth/passkey/authenticate/complete", i.passkeyValidate = "/auth/validate", i.settingsAll = "/settings", i.settingsPasswordPolicy = "/settings/password", i.settingsPasskey = "/settings/passkey", i.userPasskey = "/user/passkey", i.addUserPasskey = "/user/passkey/add/start", i.completeAddUserPasskey = "/user/passkey/add/complete", i.joinInvitation = "/user/tenant/join", i.tenantPath = "/user/tenant", i.invitationsPath = "/user/tenant/:tenantID/invitations", i.requestInvitation = "/user/invite", i.invitationDelete = "/user/invite/:invitationID", i.invitationResend = "/user/invite/:invitationID/resend", i.invitationGetLink = "/user/invite/:invitationID/link", i.twoFactor = "/user/2fa", i.twoFactorStatus = "/user/2fa/status", i.twoFactorSetupBegin = "/user/2fa/setup/begin", i.twoFactorSetupConfirm = "/user/2fa/setup/confirm", i.twoFactorVerify = "/auth/2fa/verify", i.twoFactorRecovery = "/auth/2fa/recovery", i.twoFactorRegenerateCodes = "/user/2fa/recovery-codes/regenerate", i.twoFactorSetupMagicLink = "/auth/2fa-setup", i.TwoFactorMethodsAvailable = "/v2/user/2fa/methods/available", i.TwoFactorMethodsRegistered = "/v2/user/2fa/methods", i.TwoFactorMethodSetupBegin = "/v2/user/2fa/methods/:method/setup/begin", i.TwoFactorMethodSetupConfirm = "/v2/user/2fa/methods/:method/setup/confirm", i.TwoFactorMethodRemove = "/v2/user/2fa/methods/:id", i.TwoFactorChallenge = "/v2/auth/2fa/challenge", i.TwoFactorVerifyV2 = "/v2/auth/2fa/verify", i.TwoFactorAlternative = "/v2/auth/2fa/alternative", i.TwoFactorTrustedDevices = "/v2/user/2fa/trusted-devices", i.TwoFactorTrustedDeviceRevoke = "/v2/user/2fa/trusted-devices/:id", i.cliAuthStatus = "/cli/auth/status/:sessionId", i.cliAuthComplete = "/cli/auth/complete", i))(c || {}), _ = /* @__PURE__ */ ((i) => (i.passkeyRegisterStart = "/admin/auth/passkey/register/start", i.passkeyRegisterComplete = "/admin/auth/passkey/register/complete", i.passkeyAuthenticateStart = "/admin/auth/passkey/authenticate/start", i.passkeyAuthenticateComplete = "/admin/auth/passkey/authenticate/complete", i.passkeyValidate = "/admin/auth/validate", i.logout = "/admin/auth/logout", i))(_ || {});
|
|
420
420
|
class u extends Error {
|
|
421
421
|
constructor(e) {
|
|
422
422
|
super(), this.id = e?.id ?? "unknown", this.message = e?.message ?? e ?? "Something went wrong", this.status = e?.status ?? 500, this.location = e?.location ?? "unknown", this.time = e?.time ?? (/* @__PURE__ */ new Date()).toISOString();
|
|
423
423
|
}
|
|
424
424
|
}
|
|
425
425
|
var de = /* @__PURE__ */ ((i) => (i.google = "google", i.facebook = "facebook", i))(de || {}), b = /* @__PURE__ */ ((i) => (i.web = "web", i))(b || {});
|
|
426
|
-
function
|
|
426
|
+
function y(i, e) {
|
|
427
427
|
let t = i;
|
|
428
428
|
return Object.entries(e).forEach(([r, s]) => {
|
|
429
429
|
t = t.replace(`:${r}`, s);
|
|
@@ -431,15 +431,15 @@ function m(i, e) {
|
|
|
431
431
|
}
|
|
432
432
|
var ue = /* @__PURE__ */ ((i) => (i.Disabled = "disabled", i.Optional = "optional", i.Required = "required", i))(ue || {});
|
|
433
433
|
const le = 3, ge = 1e3;
|
|
434
|
-
class
|
|
434
|
+
class w {
|
|
435
435
|
constructor(e, t, r) {
|
|
436
436
|
this.refreshPromise = null, this.isRefreshing = !1, this.origin = typeof window < "u" ? window.location.origin : "", this.defaultHeaders = {
|
|
437
437
|
Accept: "application/json",
|
|
438
438
|
"Content-Type": "application/json"
|
|
439
439
|
}, this.nonAccessTokenEndpoints = ["/auth/", "/settings", "/settings/"], this.protectedEndpoints = ["logout", "refresh"];
|
|
440
|
-
const { url: s, appId: o, keyStoragePrefix:
|
|
440
|
+
const { url: s, appId: o, keyStoragePrefix: a } = e;
|
|
441
441
|
this.url = s || V, this.storageManager = t ?? new $({
|
|
442
|
-
prefix:
|
|
442
|
+
prefix: a ?? ""
|
|
443
443
|
}), this.deviceService = r ?? new B(this.storageManager), this.tokenService = new he(this.storageManager), this.tokenDeliveryManager = new Y(this.storageManager), o && (this.appId = o, this.defaultHeaders = {
|
|
444
444
|
...this.defaultHeaders,
|
|
445
445
|
[C]: o
|
|
@@ -552,18 +552,18 @@ class _ {
|
|
|
552
552
|
const o = t._retryCount || 0;
|
|
553
553
|
if (o >= le)
|
|
554
554
|
return Promise.reject(e);
|
|
555
|
-
let
|
|
555
|
+
let a = ge * Math.pow(2, o);
|
|
556
556
|
const d = e.response?.headers?.["retry-after"];
|
|
557
557
|
if (d) {
|
|
558
558
|
const h = Number.parseInt(d, 10);
|
|
559
559
|
if (!Number.isNaN(h))
|
|
560
|
-
|
|
560
|
+
a = h * 1e3;
|
|
561
561
|
else {
|
|
562
562
|
const g = new Date(d);
|
|
563
|
-
Number.isNaN(g.getTime()) || (
|
|
563
|
+
Number.isNaN(g.getTime()) || (a = Math.max(0, g.getTime() - Date.now()));
|
|
564
564
|
}
|
|
565
565
|
}
|
|
566
|
-
return await new Promise((h) => setTimeout(h,
|
|
566
|
+
return await new Promise((h) => setTimeout(h, a)), t._retryCount = o + 1, this.instance.request(t);
|
|
567
567
|
}
|
|
568
568
|
// eslint-disable-next-line complexity
|
|
569
569
|
// biome-ignore lint/suspicious/useAwait: <explanation>
|
|
@@ -622,7 +622,7 @@ class _ {
|
|
|
622
622
|
}
|
|
623
623
|
class pe {
|
|
624
624
|
constructor(e, t, r) {
|
|
625
|
-
this.axiosClient = new
|
|
625
|
+
this.axiosClient = new w(e, t, r);
|
|
626
626
|
}
|
|
627
627
|
setAppId(e) {
|
|
628
628
|
this.axiosClient.setAppId(e);
|
|
@@ -633,7 +633,7 @@ class pe {
|
|
|
633
633
|
}
|
|
634
634
|
class fe {
|
|
635
635
|
constructor(e, t, r) {
|
|
636
|
-
this.axiosClient = new
|
|
636
|
+
this.axiosClient = new w(e, t, r);
|
|
637
637
|
}
|
|
638
638
|
setAppId(e) {
|
|
639
639
|
this.axiosClient.setAppId(e);
|
|
@@ -690,7 +690,7 @@ class fe {
|
|
|
690
690
|
);
|
|
691
691
|
}
|
|
692
692
|
logOut(e, t, r = !1) {
|
|
693
|
-
const s = r ? void 0 : { refresh_token: t, device: e }, o = r ?
|
|
693
|
+
const s = r ? void 0 : { refresh_token: t, device: e }, o = r ? _.logout : c.logout;
|
|
694
694
|
return this.axiosClient.post(o, s);
|
|
695
695
|
}
|
|
696
696
|
validateSession() {
|
|
@@ -715,21 +715,21 @@ class fe {
|
|
|
715
715
|
});
|
|
716
716
|
}
|
|
717
717
|
passkeyRegisterStart(e, t, r, s = !1) {
|
|
718
|
-
const { create_tenant: o } = e,
|
|
718
|
+
const { create_tenant: o } = e, a = {
|
|
719
719
|
...e,
|
|
720
720
|
create_tenant: o ?? !1,
|
|
721
721
|
device: t,
|
|
722
722
|
os: r
|
|
723
|
-
}, d = s ?
|
|
724
|
-
return this.axiosClient.post(d,
|
|
723
|
+
}, d = s ? _.passkeyRegisterStart : c.passkeyRegisterStart;
|
|
724
|
+
return this.axiosClient.post(d, a);
|
|
725
725
|
}
|
|
726
726
|
passkeyRegisterComplete(e, t, r, s = !1) {
|
|
727
727
|
const o = {
|
|
728
728
|
challenge_id: r,
|
|
729
729
|
device: t,
|
|
730
730
|
passkey_data: e
|
|
731
|
-
},
|
|
732
|
-
return this.axiosClient.post(
|
|
731
|
+
}, a = s ? _.passkeyRegisterComplete : c.passkeyRegisterComplete;
|
|
732
|
+
return this.axiosClient.post(a, o);
|
|
733
733
|
}
|
|
734
734
|
passkeyAuthenticateStart(e, t, r, s = !1) {
|
|
735
735
|
const o = {
|
|
@@ -737,9 +737,9 @@ class fe {
|
|
|
737
737
|
user_id: e.user_id ?? "",
|
|
738
738
|
device: t,
|
|
739
739
|
os: r
|
|
740
|
-
},
|
|
740
|
+
}, a = s ? _.passkeyAuthenticateStart : c.passkeyAuthenticateStart;
|
|
741
741
|
return this.axiosClient.post(
|
|
742
|
-
|
|
742
|
+
a,
|
|
743
743
|
o
|
|
744
744
|
);
|
|
745
745
|
}
|
|
@@ -748,24 +748,39 @@ class fe {
|
|
|
748
748
|
challenge_id: r,
|
|
749
749
|
device: t,
|
|
750
750
|
passkey_data: e
|
|
751
|
-
},
|
|
752
|
-
return this.axiosClient.post(
|
|
751
|
+
}, a = s ? _.passkeyAuthenticateComplete : c.passkeyAuthenticateComplete;
|
|
752
|
+
return this.axiosClient.post(a, o);
|
|
753
753
|
}
|
|
754
754
|
passkeyValidate(e, t, r, s = !1, o) {
|
|
755
|
-
const
|
|
755
|
+
const a = {
|
|
756
756
|
otp: e,
|
|
757
757
|
device: t,
|
|
758
758
|
challenge_id: r
|
|
759
759
|
};
|
|
760
760
|
let d = c.passkeyValidate;
|
|
761
|
-
!o && s && (d =
|
|
761
|
+
!o && s && (d = _.passkeyValidate);
|
|
762
762
|
const h = o ? { [C]: o } : {};
|
|
763
|
-
return this.axiosClient.post(d,
|
|
763
|
+
return this.axiosClient.post(d, a, { headers: h });
|
|
764
|
+
}
|
|
765
|
+
}
|
|
766
|
+
class Ve {
|
|
767
|
+
constructor(e, t, r) {
|
|
768
|
+
this.axiosClient = new w(e, t, r);
|
|
769
|
+
}
|
|
770
|
+
setAppId(e) {
|
|
771
|
+
this.axiosClient.setAppId(e);
|
|
772
|
+
}
|
|
773
|
+
getCLIAuthStatus(e) {
|
|
774
|
+
const t = y(c.cliAuthStatus, { sessionId: e });
|
|
775
|
+
return this.axiosClient.get(t);
|
|
776
|
+
}
|
|
777
|
+
completeCLIAuth(e) {
|
|
778
|
+
return this.axiosClient.post(c.cliAuthComplete, e);
|
|
764
779
|
}
|
|
765
780
|
}
|
|
766
781
|
class ke {
|
|
767
782
|
constructor(e, t, r) {
|
|
768
|
-
this.axiosClient = new
|
|
783
|
+
this.axiosClient = new w(e, t, r);
|
|
769
784
|
}
|
|
770
785
|
setAppId(e) {
|
|
771
786
|
this.axiosClient.setAppId(e);
|
|
@@ -789,7 +804,7 @@ class ke {
|
|
|
789
804
|
getInvitations(e) {
|
|
790
805
|
const t = {};
|
|
791
806
|
e.groupID && (t.group_id = e.groupID.toString()), e.skip !== void 0 && (t.skip = e.skip.toString()), e.limit !== void 0 && (t.limit = e.limit.toString());
|
|
792
|
-
const r =
|
|
807
|
+
const r = y(c.invitationsPath, {
|
|
793
808
|
tenantID: e.tenantID
|
|
794
809
|
});
|
|
795
810
|
return this.axiosClient.get(r, { params: t }).then((s) => ({
|
|
@@ -803,7 +818,7 @@ class ke {
|
|
|
803
818
|
* @returns Promise with success response
|
|
804
819
|
*/
|
|
805
820
|
deleteInvitation(e) {
|
|
806
|
-
const t =
|
|
821
|
+
const t = y(c.invitationDelete, {
|
|
807
822
|
invitationID: e
|
|
808
823
|
});
|
|
809
824
|
return this.axiosClient.delete(t);
|
|
@@ -814,7 +829,7 @@ class ke {
|
|
|
814
829
|
* @returns Promise with success response
|
|
815
830
|
*/
|
|
816
831
|
resendInvitation(e) {
|
|
817
|
-
const t =
|
|
832
|
+
const t = y(c.invitationResend, {
|
|
818
833
|
invitationID: e
|
|
819
834
|
});
|
|
820
835
|
return this.axiosClient.post(t, {});
|
|
@@ -825,7 +840,7 @@ class ke {
|
|
|
825
840
|
* @returns Promise with the link
|
|
826
841
|
*/
|
|
827
842
|
getInvitationLink(e) {
|
|
828
|
-
const t =
|
|
843
|
+
const t = y(c.invitationGetLink, {
|
|
829
844
|
invitationID: e
|
|
830
845
|
});
|
|
831
846
|
return this.axiosClient.get(t);
|
|
@@ -833,7 +848,7 @@ class ke {
|
|
|
833
848
|
}
|
|
834
849
|
class ve {
|
|
835
850
|
constructor(e, t, r) {
|
|
836
|
-
this.axiosClient = new
|
|
851
|
+
this.axiosClient = new w(e, t, r);
|
|
837
852
|
}
|
|
838
853
|
setAppId(e) {
|
|
839
854
|
this.axiosClient.setAppId(e);
|
|
@@ -850,7 +865,7 @@ class ve {
|
|
|
850
865
|
}
|
|
851
866
|
class ye {
|
|
852
867
|
constructor(e, t, r) {
|
|
853
|
-
this.axiosClient = new
|
|
868
|
+
this.axiosClient = new w(e, t, r);
|
|
854
869
|
}
|
|
855
870
|
setAppId(e) {
|
|
856
871
|
this.axiosClient.setAppId(e);
|
|
@@ -952,8 +967,8 @@ class ye {
|
|
|
952
967
|
* @param role Role to assign
|
|
953
968
|
*/
|
|
954
969
|
addUserToGroup(e, t, r, s) {
|
|
955
|
-
const o = `${c.tenantPath}/${e}/group/${t}/add`,
|
|
956
|
-
return this.axiosClient.post(o,
|
|
970
|
+
const o = `${c.tenantPath}/${e}/group/${t}/add`, a = { user_id: r, role: s };
|
|
971
|
+
return this.axiosClient.post(o, a);
|
|
957
972
|
}
|
|
958
973
|
/**
|
|
959
974
|
* Remove user roles from a group
|
|
@@ -963,8 +978,8 @@ class ye {
|
|
|
963
978
|
* @param roles Roles to remove
|
|
964
979
|
*/
|
|
965
980
|
removeUserRolesFromGroup(e, t, r, s) {
|
|
966
|
-
const o = `${c.tenantPath}/${e}/group/${t}/remove_roles`,
|
|
967
|
-
return this.axiosClient.post(o,
|
|
981
|
+
const o = `${c.tenantPath}/${e}/group/${t}/remove_roles`, a = { user_id: r, roles: s };
|
|
982
|
+
return this.axiosClient.post(o, a);
|
|
968
983
|
}
|
|
969
984
|
/**
|
|
970
985
|
* Change user roles in a group
|
|
@@ -974,8 +989,8 @@ class ye {
|
|
|
974
989
|
* @param roles New roles to assign
|
|
975
990
|
*/
|
|
976
991
|
changeUserRoles(e, t, r, s) {
|
|
977
|
-
const o = `${c.tenantPath}/${e}/group/${t}/change`,
|
|
978
|
-
return this.axiosClient.post(o,
|
|
992
|
+
const o = `${c.tenantPath}/${e}/group/${t}/change`, a = { user_id: r, roles: s };
|
|
993
|
+
return this.axiosClient.post(o, a);
|
|
979
994
|
}
|
|
980
995
|
/**
|
|
981
996
|
* Delete a user from a group
|
|
@@ -1083,7 +1098,7 @@ class ye {
|
|
|
1083
1098
|
}
|
|
1084
1099
|
class me {
|
|
1085
1100
|
constructor(e, t, r) {
|
|
1086
|
-
this.axiosClient = new
|
|
1101
|
+
this.axiosClient = new w(e, t, r);
|
|
1087
1102
|
}
|
|
1088
1103
|
setAppId(e) {
|
|
1089
1104
|
this.axiosClient.setAppId(e);
|
|
@@ -1197,13 +1212,13 @@ class me {
|
|
|
1197
1212
|
};
|
|
1198
1213
|
}).catch((r) => {
|
|
1199
1214
|
if (r.response) {
|
|
1200
|
-
const s = r.response.status, o = r.response.data || {},
|
|
1215
|
+
const s = r.response.status, o = r.response.data || {}, a = r.response.headers?.["retry-after"] ? parseInt(r.response.headers["retry-after"], 10) : void 0;
|
|
1201
1216
|
return {
|
|
1202
1217
|
success: !1,
|
|
1203
1218
|
error: {
|
|
1204
1219
|
code: o.error || this.mapStatusToErrorCode(s),
|
|
1205
1220
|
message: o.message || this.getDefaultErrorMessage(s),
|
|
1206
|
-
retryAfter:
|
|
1221
|
+
retryAfter: a
|
|
1207
1222
|
}
|
|
1208
1223
|
};
|
|
1209
1224
|
}
|
|
@@ -1272,7 +1287,7 @@ class me {
|
|
|
1272
1287
|
* POST /v2/user/2fa/methods/:method/setup/begin
|
|
1273
1288
|
*/
|
|
1274
1289
|
beginMethodSetup(e) {
|
|
1275
|
-
const t =
|
|
1290
|
+
const t = y(c.TwoFactorMethodSetupBegin, { method: e });
|
|
1276
1291
|
return this.axiosClient.post(t, {});
|
|
1277
1292
|
}
|
|
1278
1293
|
/**
|
|
@@ -1280,7 +1295,7 @@ class me {
|
|
|
1280
1295
|
* POST /v2/user/2fa/methods/:method/setup/confirm
|
|
1281
1296
|
*/
|
|
1282
1297
|
confirmMethodSetup(e, t) {
|
|
1283
|
-
const r =
|
|
1298
|
+
const r = y(c.TwoFactorMethodSetupConfirm, { method: e });
|
|
1284
1299
|
return this.axiosClient.post(r, t);
|
|
1285
1300
|
}
|
|
1286
1301
|
/**
|
|
@@ -1288,7 +1303,7 @@ class me {
|
|
|
1288
1303
|
* DELETE /v2/user/2fa/methods/:id
|
|
1289
1304
|
*/
|
|
1290
1305
|
removeMethod(e) {
|
|
1291
|
-
const t =
|
|
1306
|
+
const t = y(c.TwoFactorMethodRemove, { id: e });
|
|
1292
1307
|
return this.axiosClient.delete(t);
|
|
1293
1308
|
}
|
|
1294
1309
|
/**
|
|
@@ -1333,13 +1348,13 @@ class me {
|
|
|
1333
1348
|
* DELETE /v2/user/2fa/trusted-devices/:id
|
|
1334
1349
|
*/
|
|
1335
1350
|
revokeTrustedDevice(e) {
|
|
1336
|
-
const t =
|
|
1351
|
+
const t = y(c.TwoFactorTrustedDeviceRevoke, { id: e });
|
|
1337
1352
|
return this.axiosClient.delete(t);
|
|
1338
1353
|
}
|
|
1339
1354
|
}
|
|
1340
1355
|
class Se {
|
|
1341
1356
|
constructor(e, t, r) {
|
|
1342
|
-
this.axiosClient = new
|
|
1357
|
+
this.axiosClient = new w(e, t, r);
|
|
1343
1358
|
}
|
|
1344
1359
|
setAppId(e) {
|
|
1345
1360
|
this.axiosClient.setAppId(e);
|
|
@@ -1365,14 +1380,14 @@ class Se {
|
|
|
1365
1380
|
passkeyDisplayName: s,
|
|
1366
1381
|
passkeyUsername: o
|
|
1367
1382
|
}) {
|
|
1368
|
-
const
|
|
1383
|
+
const a = {
|
|
1369
1384
|
passkey_display_name: s,
|
|
1370
1385
|
passkey_username: o,
|
|
1371
1386
|
relying_party_id: e,
|
|
1372
1387
|
deviceId: t,
|
|
1373
1388
|
os: r
|
|
1374
1389
|
};
|
|
1375
|
-
return this.axiosClient.post(c.addUserPasskey,
|
|
1390
|
+
return this.axiosClient.post(c.addUserPasskey, a);
|
|
1376
1391
|
}
|
|
1377
1392
|
addUserPasskeyComplete(e, t, r) {
|
|
1378
1393
|
return this.axiosClient.post(c.completeAddUserPasskey, {
|
|
@@ -1382,7 +1397,7 @@ class Se {
|
|
|
1382
1397
|
});
|
|
1383
1398
|
}
|
|
1384
1399
|
}
|
|
1385
|
-
var
|
|
1400
|
+
var n = /* @__PURE__ */ ((i) => (i.SignIn = "signin", i.SignInStart = "signin:start", i.Register = "register", i.RegisterStart = "register:start", i.SignOut = "signout", i.SessionRestored = "session:restored", i.SessionExpired = "session:expired", i.Error = "error", i.Refresh = "refresh", i.RefreshStart = "refresh:start", i.TokenCacheExpired = "token-cache-expired", i.TwoFactorRequired = "2fa:required", i.TwoFactorSetupStarted = "2fa:setup_started", i.TwoFactorEnabled = "2fa:enabled", i.TwoFactorDisabled = "2fa:disabled", i.TwoFactorVerified = "2fa:verified", i.TwoFactorRecoveryUsed = "2fa:recovery_used", i.TwoFactorRecoveryCodesLow = "2fa:recovery_low", i.TwoFactorRecoveryCodesExhausted = "2fa:recovery_exhausted", i.TwoFactorSetupMagicLinkValidated = "2fa:magic_link_validated", i.TwoFactorSetupMagicLinkFailed = "2fa:magic_link_failed", i.TwoFactorChallengeReceived = "two_factor_challenge_received", i.TwoFactorMethodSwitched = "two_factor_method_switched", i.TwoFactorDeviceTrusted = "two_factor_device_trusted", i))(n || {});
|
|
1386
1401
|
class we {
|
|
1387
1402
|
constructor() {
|
|
1388
1403
|
this.subscribers = /* @__PURE__ */ new Map();
|
|
@@ -1457,8 +1472,8 @@ function Ee(i) {
|
|
|
1457
1472
|
return /^[A-Z0-9-]{4,16}$/.test(e) ? e : null;
|
|
1458
1473
|
}
|
|
1459
1474
|
class Ie {
|
|
1460
|
-
constructor(e, t, r, s, o,
|
|
1461
|
-
this.authApi = e, this.deviceService = t, this.storageManager = r, this.subscribeStore = s, this.tokenCacheService = o, this.scopes =
|
|
1475
|
+
constructor(e, t, r, s, o, a, d, h, g, f, k, A) {
|
|
1476
|
+
this.authApi = e, this.deviceService = t, this.storageManager = r, this.subscribeStore = s, this.tokenCacheService = o, this.scopes = a, this.createTenantForNewUser = d, this.origin = h, this.url = g, this.sessionCallbacks = f, this.appId = k, this.tokenExchangeConfig = A, this.tokenDeliveryManager = new Y(r), A?.enabled && this.tokenDeliveryManager.setMode(m.BFF), this.initializeSession();
|
|
1462
1477
|
}
|
|
1463
1478
|
/**
|
|
1464
1479
|
* Initialize session state on page load for cookie/BFF mode
|
|
@@ -1487,7 +1502,7 @@ class Ie {
|
|
|
1487
1502
|
return !1;
|
|
1488
1503
|
try {
|
|
1489
1504
|
const e = await this.authApi.validateSession();
|
|
1490
|
-
return e.valid ? (this.tokenDeliveryManager.setSessionValid(), e.user && this.subscribeStore.notify(
|
|
1505
|
+
return e.valid ? (this.tokenDeliveryManager.setSessionValid(), e.user && this.subscribeStore.notify(n.SessionRestored, e.user), !0) : (this.tokenDeliveryManager.setSessionInvalid(), !1);
|
|
1491
1506
|
} catch {
|
|
1492
1507
|
return this.tokenDeliveryManager.setSessionInvalid(), !1;
|
|
1493
1508
|
}
|
|
@@ -1531,7 +1546,7 @@ class Ie {
|
|
|
1531
1546
|
originalError: s,
|
|
1532
1547
|
code: "VALIDATION_ERROR"
|
|
1533
1548
|
};
|
|
1534
|
-
throw this.subscribeStore.notify(
|
|
1549
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1535
1550
|
}
|
|
1536
1551
|
if ("username" in e && e.username && !_e(e.username)) {
|
|
1537
1552
|
const s = new Error(
|
|
@@ -1541,7 +1556,7 @@ class Ie {
|
|
|
1541
1556
|
originalError: s,
|
|
1542
1557
|
code: "VALIDATION_ERROR"
|
|
1543
1558
|
};
|
|
1544
|
-
throw this.subscribeStore.notify(
|
|
1559
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1545
1560
|
}
|
|
1546
1561
|
if ("phone" in e && e.phone && !x(e.phone)) {
|
|
1547
1562
|
const s = new Error("Invalid phone number format. Phone must be in E.164 format (e.g., +12345678901)"), o = {
|
|
@@ -1549,18 +1564,18 @@ class Ie {
|
|
|
1549
1564
|
originalError: s,
|
|
1550
1565
|
code: "VALIDATION_ERROR"
|
|
1551
1566
|
};
|
|
1552
|
-
throw this.subscribeStore.notify(
|
|
1567
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1553
1568
|
}
|
|
1554
|
-
this.subscribeStore.notify(
|
|
1569
|
+
this.subscribeStore.notify(n.SignInStart, { email: e.email });
|
|
1555
1570
|
const t = this.deviceService.getDeviceId(), r = b.web;
|
|
1556
1571
|
e.scopes = e.scopes ?? this.scopes;
|
|
1557
1572
|
try {
|
|
1558
1573
|
const s = await this.authApi.signIn(e, t, r);
|
|
1559
|
-
return "requires_2fa" in s && s.requires_2fa === !0 || "tfa_token" in s && s.tfa_token ? (this.subscribeStore.notify(
|
|
1574
|
+
return "requires_2fa" in s && s.requires_2fa === !0 || "tfa_token" in s && s.tfa_token ? (this.subscribeStore.notify(n.TwoFactorRequired, {
|
|
1560
1575
|
email: e.email || "",
|
|
1561
1576
|
challengeId: s.challenge_id || "",
|
|
1562
1577
|
tfaToken: s.tfa_token || ""
|
|
1563
|
-
}), s) : (await this.processAuthResponse(s, e.scopes), this.subscribeStore.notify(
|
|
1578
|
+
}), s) : (await this.processAuthResponse(s, e.scopes), this.subscribeStore.notify(n.SignIn, {
|
|
1564
1579
|
tokens: s,
|
|
1565
1580
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1566
1581
|
}), await this.submitSessionCheck(), s);
|
|
@@ -1570,7 +1585,7 @@ class Ie {
|
|
|
1570
1585
|
originalError: s,
|
|
1571
1586
|
code: s instanceof u ? s.id : void 0
|
|
1572
1587
|
};
|
|
1573
|
-
throw this.subscribeStore.notify(
|
|
1588
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1574
1589
|
}
|
|
1575
1590
|
}
|
|
1576
1591
|
async signUp(e) {
|
|
@@ -1580,7 +1595,7 @@ class Ie {
|
|
|
1580
1595
|
originalError: t,
|
|
1581
1596
|
code: "VALIDATION_ERROR"
|
|
1582
1597
|
};
|
|
1583
|
-
throw this.subscribeStore.notify(
|
|
1598
|
+
throw this.subscribeStore.notify(n.Error, r), t;
|
|
1584
1599
|
}
|
|
1585
1600
|
if (e.user.phone_number && !x(e.user.phone_number)) {
|
|
1586
1601
|
const t = new Error("Invalid phone number format. Phone must be in E.164 format (e.g., +12345678901)"), r = {
|
|
@@ -1588,12 +1603,12 @@ class Ie {
|
|
|
1588
1603
|
originalError: t,
|
|
1589
1604
|
code: "VALIDATION_ERROR"
|
|
1590
1605
|
};
|
|
1591
|
-
throw this.subscribeStore.notify(
|
|
1606
|
+
throw this.subscribeStore.notify(n.Error, r), t;
|
|
1592
1607
|
}
|
|
1593
|
-
this.subscribeStore.notify(
|
|
1608
|
+
this.subscribeStore.notify(n.RegisterStart, { email: e.user.email }), e.scopes = e.scopes ?? this.scopes, e.create_tenant = this.createTenantForNewUser;
|
|
1594
1609
|
try {
|
|
1595
1610
|
const t = await this.authApi.signUp(e);
|
|
1596
|
-
return await this.processAuthResponse(t, e.scopes), this.subscribeStore.notify(
|
|
1611
|
+
return await this.processAuthResponse(t, e.scopes), this.subscribeStore.notify(n.Register, {
|
|
1597
1612
|
tokens: t,
|
|
1598
1613
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1599
1614
|
}), await this.submitSessionCheck(), t;
|
|
@@ -1603,7 +1618,7 @@ class Ie {
|
|
|
1603
1618
|
originalError: t,
|
|
1604
1619
|
code: t instanceof u ? t.id : void 0
|
|
1605
1620
|
};
|
|
1606
|
-
throw this.subscribeStore.notify(
|
|
1621
|
+
throw this.subscribeStore.notify(n.Error, r), t;
|
|
1607
1622
|
}
|
|
1608
1623
|
}
|
|
1609
1624
|
async passwordlessSignIn(e) {
|
|
@@ -1613,7 +1628,7 @@ class Ie {
|
|
|
1613
1628
|
originalError: s,
|
|
1614
1629
|
code: "VALIDATION_ERROR"
|
|
1615
1630
|
};
|
|
1616
|
-
throw this.subscribeStore.notify(
|
|
1631
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1617
1632
|
}
|
|
1618
1633
|
if (e.phone && !x(e.phone)) {
|
|
1619
1634
|
const s = new Error("Invalid phone number format. Phone must be in E.164 format (e.g., +12345678901)"), o = {
|
|
@@ -1621,9 +1636,9 @@ class Ie {
|
|
|
1621
1636
|
originalError: s,
|
|
1622
1637
|
code: "VALIDATION_ERROR"
|
|
1623
1638
|
};
|
|
1624
|
-
throw this.subscribeStore.notify(
|
|
1639
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1625
1640
|
}
|
|
1626
|
-
this.subscribeStore.notify(
|
|
1641
|
+
this.subscribeStore.notify(n.SignInStart, { email: e.email }), e.scopes = e.scopes ?? this.scopes;
|
|
1627
1642
|
const t = this.deviceService.getDeviceId(), r = b.web;
|
|
1628
1643
|
try {
|
|
1629
1644
|
return await this.authApi.passwordlessSignIn(e, t, r);
|
|
@@ -1633,14 +1648,14 @@ class Ie {
|
|
|
1633
1648
|
originalError: s,
|
|
1634
1649
|
code: s instanceof u ? s.id : void 0
|
|
1635
1650
|
};
|
|
1636
|
-
throw this.subscribeStore.notify(
|
|
1651
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1637
1652
|
}
|
|
1638
1653
|
}
|
|
1639
1654
|
async passwordlessSignInComplete(e) {
|
|
1640
|
-
this.subscribeStore.notify(
|
|
1655
|
+
this.subscribeStore.notify(n.SignInStart, {}), e.scopes = e.scopes ?? this.scopes, e.device = this.deviceService.getDeviceId();
|
|
1641
1656
|
try {
|
|
1642
1657
|
const t = await this.authApi.passwordlessSignInComplete(e);
|
|
1643
|
-
return await this.processAuthResponse(t, e.scopes), this.subscribeStore.notify(
|
|
1658
|
+
return await this.processAuthResponse(t, e.scopes), this.subscribeStore.notify(n.SignIn, {
|
|
1644
1659
|
tokens: t,
|
|
1645
1660
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1646
1661
|
}), await this.submitSessionCheck(), t;
|
|
@@ -1650,7 +1665,7 @@ class Ie {
|
|
|
1650
1665
|
originalError: t,
|
|
1651
1666
|
code: t instanceof u ? t.id : void 0
|
|
1652
1667
|
};
|
|
1653
|
-
throw this.subscribeStore.notify(
|
|
1668
|
+
throw this.subscribeStore.notify(n.Error, r), t;
|
|
1654
1669
|
}
|
|
1655
1670
|
}
|
|
1656
1671
|
async logOut() {
|
|
@@ -1671,10 +1686,10 @@ class Ie {
|
|
|
1671
1686
|
} catch {
|
|
1672
1687
|
}
|
|
1673
1688
|
}
|
|
1674
|
-
this.storageManager.deleteTokens(), this.storageManager.clearIdToken(), this.storageManager.clearCsrfToken(), this.tokenDeliveryManager.reset(), this.subscribeStore.notify(
|
|
1689
|
+
this.storageManager.deleteTokens(), this.storageManager.clearIdToken(), this.storageManager.clearCsrfToken(), this.tokenDeliveryManager.reset(), this.subscribeStore.notify(n.SignOut, {});
|
|
1675
1690
|
}
|
|
1676
1691
|
async refreshToken() {
|
|
1677
|
-
if (this.subscribeStore.notify(
|
|
1692
|
+
if (this.subscribeStore.notify(n.RefreshStart, {}), this.tokenDeliveryManager.isBFFMode() && this.tokenExchangeConfig?.refreshUrl)
|
|
1678
1693
|
try {
|
|
1679
1694
|
const r = await fetch(this.tokenExchangeConfig.refreshUrl, {
|
|
1680
1695
|
method: "POST",
|
|
@@ -1684,25 +1699,25 @@ class Ie {
|
|
|
1684
1699
|
if (!r.ok)
|
|
1685
1700
|
throw this.tokenDeliveryManager.setSessionInvalid(), new Error("BFF token refresh failed");
|
|
1686
1701
|
const s = await r.json();
|
|
1687
|
-
return this.tokenDeliveryManager.setSessionValid(), s.id_token && this.storageManager.setIdToken(s.id_token), this.subscribeStore.notify(
|
|
1702
|
+
return this.tokenDeliveryManager.setSessionValid(), s.id_token && this.storageManager.setIdToken(s.id_token), this.subscribeStore.notify(n.Refresh, {
|
|
1688
1703
|
tokens: s,
|
|
1689
1704
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1690
|
-
}), this.subscribeStore.notify(
|
|
1705
|
+
}), this.subscribeStore.notify(n.TokenCacheExpired, { isExpired: !1 }), this.tokenCacheService.isRefreshing = !1, this.tokenCacheService.tokenExpiredFlag = !1, s;
|
|
1691
1706
|
} catch (r) {
|
|
1692
1707
|
this.tokenDeliveryManager.setSessionInvalid();
|
|
1693
1708
|
const s = {
|
|
1694
1709
|
message: r instanceof Error ? r.message : "Token refresh failed",
|
|
1695
1710
|
originalError: r
|
|
1696
1711
|
};
|
|
1697
|
-
throw this.subscribeStore.notify(
|
|
1712
|
+
throw this.subscribeStore.notify(n.Error, s), r;
|
|
1698
1713
|
}
|
|
1699
1714
|
if (this.tokenDeliveryManager.isCookieMode())
|
|
1700
1715
|
try {
|
|
1701
1716
|
const r = await this.authApi.refreshToken("", this.scopes);
|
|
1702
|
-
return this.tokenDeliveryManager.setSessionValid(), await this.processAuthResponse(r, this.scopes), this.subscribeStore.notify(
|
|
1717
|
+
return this.tokenDeliveryManager.setSessionValid(), await this.processAuthResponse(r, this.scopes), this.subscribeStore.notify(n.Refresh, {
|
|
1703
1718
|
tokens: r,
|
|
1704
1719
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1705
|
-
}), this.subscribeStore.notify(
|
|
1720
|
+
}), this.subscribeStore.notify(n.TokenCacheExpired, { isExpired: !1 }), this.tokenCacheService.isRefreshing = !1, this.tokenCacheService.tokenExpiredFlag = !1, r;
|
|
1706
1721
|
} catch (r) {
|
|
1707
1722
|
this.tokenDeliveryManager.setSessionInvalid();
|
|
1708
1723
|
const s = {
|
|
@@ -1710,7 +1725,7 @@ class Ie {
|
|
|
1710
1725
|
originalError: r,
|
|
1711
1726
|
code: r instanceof u ? r.id : void 0
|
|
1712
1727
|
};
|
|
1713
|
-
throw this.subscribeStore.notify(
|
|
1728
|
+
throw this.subscribeStore.notify(n.Error, s), r;
|
|
1714
1729
|
}
|
|
1715
1730
|
const e = this.storageManager.getTokens();
|
|
1716
1731
|
if (e) {
|
|
@@ -1719,22 +1734,22 @@ class Ie {
|
|
|
1719
1734
|
message: "No refresh token found",
|
|
1720
1735
|
originalError: r
|
|
1721
1736
|
};
|
|
1722
|
-
throw this.subscribeStore.notify(
|
|
1737
|
+
throw this.subscribeStore.notify(n.Error, s), r;
|
|
1723
1738
|
}
|
|
1724
1739
|
} else {
|
|
1725
1740
|
const r = new Error("No tokens found"), s = {
|
|
1726
1741
|
message: "No tokens found",
|
|
1727
1742
|
originalError: r
|
|
1728
1743
|
};
|
|
1729
|
-
throw this.subscribeStore.notify(
|
|
1744
|
+
throw this.subscribeStore.notify(n.Error, s), r;
|
|
1730
1745
|
}
|
|
1731
1746
|
const t = e?.scopes ?? this.scopes;
|
|
1732
1747
|
try {
|
|
1733
1748
|
const r = await this.authApi.refreshToken(e?.refresh_token ?? "", t, e?.access_token);
|
|
1734
|
-
return r.scopes = t, this.storageManager.saveTokens(r), this.tokenCacheService.setTokensCache(r), this.subscribeStore.notify(
|
|
1749
|
+
return r.scopes = t, this.storageManager.saveTokens(r), this.tokenCacheService.setTokensCache(r), this.subscribeStore.notify(n.Refresh, {
|
|
1735
1750
|
tokens: r,
|
|
1736
1751
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1737
|
-
}), this.subscribeStore.notify(
|
|
1752
|
+
}), this.subscribeStore.notify(n.TokenCacheExpired, { isExpired: !1 }), this.tokenCacheService.isRefreshing = !1, this.tokenCacheService.tokenExpiredFlag = !1, this.tokenCacheService.startTokenCheck(), r;
|
|
1738
1753
|
} catch (r) {
|
|
1739
1754
|
const s = {
|
|
1740
1755
|
message: r instanceof Error ? r.message : "Token refresh failed",
|
|
@@ -1745,7 +1760,9 @@ class Ie {
|
|
|
1745
1760
|
data: r.response.data
|
|
1746
1761
|
} : void 0
|
|
1747
1762
|
};
|
|
1748
|
-
|
|
1763
|
+
this.subscribeStore.notify(n.Error, s);
|
|
1764
|
+
const o = F.isAxiosError(r) && r.response?.status && r.response.status >= 400 && r.response.status < 500;
|
|
1765
|
+
throw o && (this.tokenCacheService.tokenExpiredFlag = !0, this.tokenCacheService.setTokensCache(void 0), this.storageManager.deleteTokens(), this.subscribeStore.notify(n.SessionExpired, { reason: "refresh_failed" })), r instanceof u ? r : o ? new Error(`Getting unknown error message from server with code:${r.response?.status}`) : r;
|
|
1749
1766
|
}
|
|
1750
1767
|
}
|
|
1751
1768
|
async sendPasswordResetEmail(e) {
|
|
@@ -1757,43 +1774,43 @@ class Ie {
|
|
|
1757
1774
|
originalError: t,
|
|
1758
1775
|
code: t instanceof u ? t.id : void 0
|
|
1759
1776
|
};
|
|
1760
|
-
throw this.subscribeStore.notify(
|
|
1777
|
+
throw this.subscribeStore.notify(n.Error, r), t;
|
|
1761
1778
|
}
|
|
1762
1779
|
}
|
|
1763
1780
|
async resetPassword(e, t) {
|
|
1764
|
-
this.subscribeStore.notify(
|
|
1781
|
+
this.subscribeStore.notify(n.SignInStart, {});
|
|
1765
1782
|
const s = new URLSearchParams(window.location.search).get("token") ?? void 0, o = t ?? this.scopes;
|
|
1766
1783
|
try {
|
|
1767
|
-
const
|
|
1768
|
-
return await this.processAuthResponse(
|
|
1769
|
-
tokens:
|
|
1784
|
+
const a = await this.authApi.resetPassword(e, o, s);
|
|
1785
|
+
return await this.processAuthResponse(a, o), this.subscribeStore.notify(n.SignIn, {
|
|
1786
|
+
tokens: a,
|
|
1770
1787
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1771
|
-
}), await this.submitSessionCheck(),
|
|
1772
|
-
} catch (
|
|
1788
|
+
}), await this.submitSessionCheck(), a;
|
|
1789
|
+
} catch (a) {
|
|
1773
1790
|
const d = {
|
|
1774
|
-
message:
|
|
1775
|
-
originalError:
|
|
1776
|
-
code:
|
|
1791
|
+
message: a instanceof Error ? a.message : "Password reset failed",
|
|
1792
|
+
originalError: a,
|
|
1793
|
+
code: a instanceof u ? a.id : void 0
|
|
1777
1794
|
};
|
|
1778
|
-
throw this.subscribeStore.notify(
|
|
1795
|
+
throw this.subscribeStore.notify(n.Error, d), a;
|
|
1779
1796
|
}
|
|
1780
1797
|
}
|
|
1781
1798
|
async passkeyRegister(e) {
|
|
1782
|
-
this.subscribeStore.notify(
|
|
1799
|
+
this.subscribeStore.notify(n.RegisterStart, {});
|
|
1783
1800
|
const t = this.deviceService.getDeviceId(), r = b.web;
|
|
1784
1801
|
e.scopes = e.scopes ?? this.scopes, e.create_tenant = this.createTenantForNewUser;
|
|
1785
1802
|
try {
|
|
1786
1803
|
const { challenge_id: s, publicKey: o } = await this.authApi.passkeyRegisterStart(e, t, r, !this.appId);
|
|
1787
1804
|
o.user.id = btoa(o.user.id);
|
|
1788
|
-
const
|
|
1805
|
+
const a = await K({
|
|
1789
1806
|
optionsJSON: o
|
|
1790
1807
|
}), d = await this.authApi.passkeyRegisterComplete(
|
|
1791
|
-
|
|
1808
|
+
a,
|
|
1792
1809
|
t,
|
|
1793
1810
|
s,
|
|
1794
1811
|
!this.appId
|
|
1795
1812
|
);
|
|
1796
|
-
return await this.processAuthResponse(d, e.scopes), this.subscribeStore.notify(
|
|
1813
|
+
return await this.processAuthResponse(d, e.scopes), this.subscribeStore.notify(n.Register, {
|
|
1797
1814
|
tokens: d,
|
|
1798
1815
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1799
1816
|
}), await this.submitSessionCheck(), d;
|
|
@@ -1803,23 +1820,23 @@ class Ie {
|
|
|
1803
1820
|
originalError: s,
|
|
1804
1821
|
code: s instanceof u ? s.id : void 0
|
|
1805
1822
|
};
|
|
1806
|
-
throw this.subscribeStore.notify(
|
|
1823
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1807
1824
|
}
|
|
1808
1825
|
}
|
|
1809
1826
|
async passkeyAuthenticate(e) {
|
|
1810
|
-
this.subscribeStore.notify(
|
|
1827
|
+
this.subscribeStore.notify(n.SignInStart, {});
|
|
1811
1828
|
const t = this.deviceService.getDeviceId(), r = b.web;
|
|
1812
1829
|
e.scopes = e.scopes ?? this.scopes;
|
|
1813
1830
|
try {
|
|
1814
|
-
const { challenge_id: s, publicKey: o } = await this.authApi.passkeyAuthenticateStart(e, t, r, !this.appId),
|
|
1831
|
+
const { challenge_id: s, publicKey: o } = await this.authApi.passkeyAuthenticateStart(e, t, r, !this.appId), a = await j({
|
|
1815
1832
|
optionsJSON: o
|
|
1816
1833
|
}), d = await this.authApi.passkeyAuthenticateComplete(
|
|
1817
|
-
|
|
1834
|
+
a,
|
|
1818
1835
|
t,
|
|
1819
1836
|
s,
|
|
1820
1837
|
!this.appId
|
|
1821
1838
|
);
|
|
1822
|
-
return "access_token" in d && (await this.processAuthResponse(d, e.scopes), this.subscribeStore.notify(
|
|
1839
|
+
return "access_token" in d && (await this.processAuthResponse(d, e.scopes), this.subscribeStore.notify(n.SignIn, {
|
|
1823
1840
|
tokens: d,
|
|
1824
1841
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1825
1842
|
}), await this.submitSessionCheck()), d;
|
|
@@ -1829,7 +1846,7 @@ class Ie {
|
|
|
1829
1846
|
originalError: s,
|
|
1830
1847
|
code: s instanceof u ? s.id : void 0
|
|
1831
1848
|
};
|
|
1832
|
-
throw this.subscribeStore.notify(
|
|
1849
|
+
throw this.subscribeStore.notify(n.Error, o), s;
|
|
1833
1850
|
}
|
|
1834
1851
|
}
|
|
1835
1852
|
createFederatedAuthUrl(e) {
|
|
@@ -1842,33 +1859,33 @@ class Ie {
|
|
|
1842
1859
|
...e.invite_token ? { invite_token: e.invite_token } : {},
|
|
1843
1860
|
...e.create_tenant ? { create_tenant: e.create_tenant.toString() } : {},
|
|
1844
1861
|
...e.device ? { device: e.device } : {}
|
|
1845
|
-
}, o = new URL(t, this.url),
|
|
1846
|
-
return o.search =
|
|
1862
|
+
}, o = new URL(t, this.url), a = new URLSearchParams(s);
|
|
1863
|
+
return o.search = a.toString(), o.toString();
|
|
1847
1864
|
}
|
|
1848
1865
|
federatedAuthWithPopup(e) {
|
|
1849
|
-
this.subscribeStore.notify(
|
|
1866
|
+
this.subscribeStore.notify(n.SignInStart, { provider: e.provider });
|
|
1850
1867
|
const t = e.scopes ?? this.scopes, r = this.deviceService.getDeviceId(), s = this.createFederatedAuthUrl({ ...e, scopes: t, device: r }), o = window.open(s, "_blank", `width=${ee},height=${te}`);
|
|
1851
1868
|
if (!o) {
|
|
1852
1869
|
this.federatedAuthWithRedirect(e);
|
|
1853
1870
|
return;
|
|
1854
1871
|
}
|
|
1855
|
-
const
|
|
1872
|
+
const a = Date.now(), d = setInterval(() => {
|
|
1856
1873
|
if (o.closed) {
|
|
1857
1874
|
clearInterval(d);
|
|
1858
1875
|
const h = {
|
|
1859
1876
|
message: "Authentication popup was closed",
|
|
1860
1877
|
code: "POPUP_CLOSED"
|
|
1861
1878
|
};
|
|
1862
|
-
this.subscribeStore.notify(
|
|
1879
|
+
this.subscribeStore.notify(n.Error, h);
|
|
1863
1880
|
return;
|
|
1864
1881
|
}
|
|
1865
|
-
if (Date.now() -
|
|
1882
|
+
if (Date.now() - a > se) {
|
|
1866
1883
|
clearInterval(d), o.close();
|
|
1867
1884
|
const h = {
|
|
1868
1885
|
message: "Authentication popup timed out",
|
|
1869
1886
|
code: "POPUP_TIMEOUT"
|
|
1870
1887
|
};
|
|
1871
|
-
this.subscribeStore.notify(
|
|
1888
|
+
this.subscribeStore.notify(n.Error, h);
|
|
1872
1889
|
return;
|
|
1873
1890
|
}
|
|
1874
1891
|
try {
|
|
@@ -1880,7 +1897,7 @@ class Ie {
|
|
|
1880
1897
|
scopes: t
|
|
1881
1898
|
};
|
|
1882
1899
|
this.processAuthResponse(A, t).then(() => {
|
|
1883
|
-
this.subscribeStore.notify(
|
|
1900
|
+
this.subscribeStore.notify(n.SignIn, {
|
|
1884
1901
|
tokens: A,
|
|
1885
1902
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
1886
1903
|
}), window.location.href = `${this.origin}`;
|
|
@@ -1891,27 +1908,27 @@ class Ie {
|
|
|
1891
1908
|
}, re);
|
|
1892
1909
|
}
|
|
1893
1910
|
federatedAuthWithRedirect(e) {
|
|
1894
|
-
this.subscribeStore.notify(
|
|
1911
|
+
this.subscribeStore.notify(n.SignInStart, { provider: e.provider });
|
|
1895
1912
|
const t = e.scopes ?? this.scopes, r = this.deviceService.getDeviceId(), s = this.createFederatedAuthUrl({ ...e, scopes: t, device: r });
|
|
1896
1913
|
window.location.href = s;
|
|
1897
1914
|
}
|
|
1898
1915
|
// Helper methods for authentication UI redirect
|
|
1899
1916
|
authRedirectUrl(e = {}) {
|
|
1900
1917
|
try {
|
|
1901
|
-
const { url: t, redirectUrl: r, scopes: s, appId: o } = e ?? {},
|
|
1902
|
-
|
|
1918
|
+
const { url: t, redirectUrl: r, scopes: s, appId: o } = e ?? {}, a = new URL(t ?? this.url);
|
|
1919
|
+
a.pathname = (a.pathname.endsWith("/") ? a.pathname : a.pathname + "/") + "web";
|
|
1903
1920
|
const d = s ?? this.scopes, h = {
|
|
1904
1921
|
appId: o ?? this.appId ?? "",
|
|
1905
1922
|
redirectto: r ?? window.location.href,
|
|
1906
1923
|
scopes: d.join(",")
|
|
1907
1924
|
}, g = new URLSearchParams(h);
|
|
1908
|
-
return
|
|
1925
|
+
return a.search = g.toString(), a.toString();
|
|
1909
1926
|
} catch (t) {
|
|
1910
1927
|
const r = {
|
|
1911
1928
|
message: t instanceof Error ? t.message : "Failed to create auth redirect URL",
|
|
1912
1929
|
originalError: t
|
|
1913
1930
|
};
|
|
1914
|
-
throw this.subscribeStore.notify(
|
|
1931
|
+
throw this.subscribeStore.notify(n.Error, r), t;
|
|
1915
1932
|
}
|
|
1916
1933
|
}
|
|
1917
1934
|
authRedirect(e = {}) {
|
|
@@ -1922,7 +1939,7 @@ class Ie {
|
|
|
1922
1939
|
message: t instanceof Error ? t.message : "Failed to redirect to auth page",
|
|
1923
1940
|
originalError: t
|
|
1924
1941
|
};
|
|
1925
|
-
throw this.subscribeStore.notify(
|
|
1942
|
+
throw this.subscribeStore.notify(n.Error, r), t;
|
|
1926
1943
|
}
|
|
1927
1944
|
}
|
|
1928
1945
|
/**
|
|
@@ -1941,7 +1958,7 @@ class Ie {
|
|
|
1941
1958
|
message: t instanceof Error ? t.message : "Failed to check authentication status",
|
|
1942
1959
|
originalError: t
|
|
1943
1960
|
};
|
|
1944
|
-
return this.subscribeStore.notify(
|
|
1961
|
+
return this.subscribeStore.notify(n.Error, r), !1;
|
|
1945
1962
|
}
|
|
1946
1963
|
}
|
|
1947
1964
|
/**
|
|
@@ -1956,7 +1973,7 @@ class Ie {
|
|
|
1956
1973
|
message: s instanceof Error || s instanceof u ? s.message : "Session check failed",
|
|
1957
1974
|
originalError: s
|
|
1958
1975
|
};
|
|
1959
|
-
this.subscribeStore.notify(
|
|
1976
|
+
this.subscribeStore.notify(n.Error, o), t = void 0;
|
|
1960
1977
|
}
|
|
1961
1978
|
return t && this.sessionCallbacks.createSession && await this.sessionCallbacks.createSession({ tokens: t, parsedTokens: r }), !t && this.sessionCallbacks.expiredSession && await this.sessionCallbacks.expiredSession(), t;
|
|
1962
1979
|
}
|
|
@@ -1980,7 +1997,7 @@ class Ie {
|
|
|
1980
1997
|
message: t instanceof Error ? t.message : "Failed to get tokens",
|
|
1981
1998
|
originalError: t
|
|
1982
1999
|
};
|
|
1983
|
-
this.subscribeStore.notify(
|
|
2000
|
+
this.subscribeStore.notify(n.Error, r);
|
|
1984
2001
|
return;
|
|
1985
2002
|
}
|
|
1986
2003
|
}
|
|
@@ -2053,31 +2070,31 @@ class Re {
|
|
|
2053
2070
|
}
|
|
2054
2071
|
normalize(e) {
|
|
2055
2072
|
const t = /* @__PURE__ */ new Map(), r = /* @__PURE__ */ new Map(), s = /* @__PURE__ */ new Map(), o = [];
|
|
2056
|
-
return e.groups?.forEach((
|
|
2057
|
-
r.set(
|
|
2058
|
-
id:
|
|
2059
|
-
name:
|
|
2060
|
-
default:
|
|
2061
|
-
updated_at:
|
|
2062
|
-
created_at:
|
|
2073
|
+
return e.groups?.forEach((a) => {
|
|
2074
|
+
r.set(a.id, {
|
|
2075
|
+
id: a.id,
|
|
2076
|
+
name: a.name,
|
|
2077
|
+
default: a.default ?? !1,
|
|
2078
|
+
updated_at: a.updated_at,
|
|
2079
|
+
created_at: a.created_at
|
|
2063
2080
|
});
|
|
2064
|
-
}), e.roles?.forEach((
|
|
2065
|
-
s.set(
|
|
2066
|
-
id:
|
|
2067
|
-
tenant_id:
|
|
2068
|
-
name:
|
|
2081
|
+
}), e.roles?.forEach((a) => {
|
|
2082
|
+
s.set(a.id, {
|
|
2083
|
+
id: a.id,
|
|
2084
|
+
tenant_id: a.tenant_id,
|
|
2085
|
+
name: a.name
|
|
2069
2086
|
});
|
|
2070
|
-
}), e.users_in_groups?.forEach((
|
|
2071
|
-
const d =
|
|
2087
|
+
}), e.users_in_groups?.forEach((a) => {
|
|
2088
|
+
const d = a.user;
|
|
2072
2089
|
d && !t.has(d.id) && t.set(d.id, {
|
|
2073
2090
|
id: d.id,
|
|
2074
2091
|
name: d.name ?? null,
|
|
2075
2092
|
email: d.email ?? null,
|
|
2076
2093
|
phone: d.phone ?? null
|
|
2077
|
-
}), d &&
|
|
2094
|
+
}), d && a.group_id && r.has(a.group_id) && o.push({
|
|
2078
2095
|
userId: d.id,
|
|
2079
|
-
groupId:
|
|
2080
|
-
roleIds:
|
|
2096
|
+
groupId: a.group_id,
|
|
2097
|
+
roleIds: a.roles?.map((h) => h.id) ?? []
|
|
2081
2098
|
});
|
|
2082
2099
|
}), {
|
|
2083
2100
|
tenant_id: e.tenant_id,
|
|
@@ -2503,39 +2520,39 @@ class Fe {
|
|
|
2503
2520
|
return;
|
|
2504
2521
|
}
|
|
2505
2522
|
const t = v(e.access_token);
|
|
2506
|
-
S(t) ? (this.tokenExpiredFlag = !0, this.stopTokenCheck(), this.subscribeStore.notify(
|
|
2523
|
+
S(t) ? (this.tokenExpiredFlag = !0, this.stopTokenCheck(), this.subscribeStore.notify(n.TokenCacheExpired, { isExpired: !0 })) : (this.setTokensCache(e), this.startTokenCheck());
|
|
2507
2524
|
} catch (e) {
|
|
2508
2525
|
const t = {
|
|
2509
2526
|
message: e instanceof Error ? e.message : "Failed to get tokens",
|
|
2510
2527
|
originalError: e
|
|
2511
2528
|
};
|
|
2512
|
-
this.subscribeStore.notify(
|
|
2529
|
+
this.subscribeStore.notify(n.Error, t), this.setTokensCache(void 0);
|
|
2513
2530
|
}
|
|
2514
2531
|
}
|
|
2515
2532
|
async refreshTokensCache(e) {
|
|
2516
2533
|
if (!this.isRefreshing)
|
|
2517
2534
|
try {
|
|
2518
|
-
this.isRefreshing = !0, this.subscribeStore.notify(
|
|
2535
|
+
this.isRefreshing = !0, this.subscribeStore.notify(n.RefreshStart, {});
|
|
2519
2536
|
const t = await this.authApi.refreshToken(e?.refresh_token ?? "", e.scopes ?? [], e.access_token);
|
|
2520
|
-
this.setTokensCache(t), this.subscribeStore.notify(
|
|
2537
|
+
this.setTokensCache(t), this.subscribeStore.notify(n.Refresh, { tokens: t, parsedTokens: this.getParsedTokens() }), this.subscribeStore.notify(n.TokenCacheExpired, { isExpired: !1 }), this.tokenExpiredFlag = !1, this.startTokenCheck();
|
|
2521
2538
|
} catch (t) {
|
|
2522
2539
|
const r = {
|
|
2523
2540
|
message: t instanceof Error ? t.message : "Failed to get tokens",
|
|
2524
2541
|
originalError: t
|
|
2525
2542
|
};
|
|
2526
|
-
this.subscribeStore.notify(
|
|
2543
|
+
this.subscribeStore.notify(n.Error, r), this.tokenExpiredFlag = !0, this.setTokensCache(void 0), this.stopTokenCheck(), this.storageManager.deleteTokens(), this.subscribeStore.notify(n.SessionExpired, { reason: "refresh_failed" });
|
|
2527
2544
|
} finally {
|
|
2528
2545
|
this.isRefreshing = !1;
|
|
2529
2546
|
}
|
|
2530
2547
|
}
|
|
2531
2548
|
startTokenCheck() {
|
|
2532
2549
|
this.checkInterval && clearInterval(this.checkInterval), !this.tokenExpiredFlag && (this.setupVisibilityListener(), this.checkInterval = setInterval(() => {
|
|
2533
|
-
typeof document < "u" && document.hidden || this.isRefreshing || this.tokenExpiredFlag || this.isExpired() && !this.tokenExpiredFlag && (this.tokenExpiredFlag = !0, this.subscribeStore.notify(
|
|
2550
|
+
typeof document < "u" && document.hidden || this.isRefreshing || this.tokenExpiredFlag || this.isExpired() && !this.tokenExpiredFlag && (this.tokenExpiredFlag = !0, this.subscribeStore.notify(n.TokenCacheExpired, { isExpired: !0 }), this.stopTokenCheck());
|
|
2534
2551
|
}, this.CHECK_INTERVAL));
|
|
2535
2552
|
}
|
|
2536
2553
|
setupVisibilityListener() {
|
|
2537
2554
|
typeof document > "u" || (this.visibilityChangeHandler && document.removeEventListener("visibilitychange", this.visibilityChangeHandler), this.visibilityChangeHandler = () => {
|
|
2538
|
-
!document.hidden && this.checkInterval && !this.isRefreshing && !this.tokenExpiredFlag && this.isExpired() && (this.tokenExpiredFlag = !0, this.subscribeStore.notify(
|
|
2555
|
+
!document.hidden && this.checkInterval && !this.isRefreshing && !this.tokenExpiredFlag && this.isExpired() && (this.tokenExpiredFlag = !0, this.subscribeStore.notify(n.TokenCacheExpired, { isExpired: !0 }), this.stopTokenCheck());
|
|
2539
2556
|
}, document.addEventListener("visibilitychange", this.visibilityChangeHandler));
|
|
2540
2557
|
}
|
|
2541
2558
|
setupPageUnloadHandler() {
|
|
@@ -2576,7 +2593,7 @@ class Fe {
|
|
|
2576
2593
|
message: e instanceof Error ? e.message : "Failed to get tokens",
|
|
2577
2594
|
originalError: e
|
|
2578
2595
|
};
|
|
2579
|
-
this.subscribeStore.notify(
|
|
2596
|
+
this.subscribeStore.notify(n.Error, t);
|
|
2580
2597
|
return;
|
|
2581
2598
|
}
|
|
2582
2599
|
}
|
|
@@ -2596,13 +2613,13 @@ class De {
|
|
|
2596
2613
|
this.twoFactorApi = e, this.subscribeStore = t, this.PARTIAL_AUTH_TIMEOUT_MS = 300 * 1e3, this.SESSION_STORAGE_KEY = "passflow_2fa_challenge", this.totpDigits = 6;
|
|
2597
2614
|
const r = {
|
|
2598
2615
|
onAuthChange: (s, o) => {
|
|
2599
|
-
if (s ===
|
|
2600
|
-
const
|
|
2601
|
-
this.setPartialAuthState(
|
|
2616
|
+
if (s === n.TwoFactorRequired) {
|
|
2617
|
+
const a = o;
|
|
2618
|
+
this.setPartialAuthState(a.email, a.challengeId, a.tfaToken);
|
|
2602
2619
|
}
|
|
2603
2620
|
}
|
|
2604
2621
|
};
|
|
2605
|
-
this.subscribeStore.subscribe(r, [
|
|
2622
|
+
this.subscribeStore.subscribe(r, [n.TwoFactorRequired]);
|
|
2606
2623
|
}
|
|
2607
2624
|
/**
|
|
2608
2625
|
* Emit error event and throw the error
|
|
@@ -2614,7 +2631,7 @@ class De {
|
|
|
2614
2631
|
originalError: e,
|
|
2615
2632
|
code: r?.id || void 0
|
|
2616
2633
|
};
|
|
2617
|
-
throw this.subscribeStore.notify(
|
|
2634
|
+
throw this.subscribeStore.notify(n.Error, s), e;
|
|
2618
2635
|
}
|
|
2619
2636
|
/**
|
|
2620
2637
|
* Get 2FA enrollment status for current user
|
|
@@ -2634,7 +2651,7 @@ class De {
|
|
|
2634
2651
|
async beginSetup() {
|
|
2635
2652
|
try {
|
|
2636
2653
|
const e = await this.twoFactorApi.beginSetup();
|
|
2637
|
-
return e.totp_digits && (this.totpDigits = e.totp_digits), this.subscribeStore.notify(
|
|
2654
|
+
return e.totp_digits && (this.totpDigits = e.totp_digits), this.subscribeStore.notify(n.TwoFactorSetupStarted, { secret: e.secret }), e;
|
|
2638
2655
|
} catch (e) {
|
|
2639
2656
|
this.emitErrorAndThrow(e, "Begin 2FA setup");
|
|
2640
2657
|
}
|
|
@@ -2648,7 +2665,7 @@ class De {
|
|
|
2648
2665
|
throw new Error(`Invalid TOTP code format. Code must be exactly ${this.totpDigits} digits.`);
|
|
2649
2666
|
try {
|
|
2650
2667
|
const t = await this.twoFactorApi.confirmSetup({ code: e });
|
|
2651
|
-
return this.subscribeStore.notify(
|
|
2668
|
+
return this.subscribeStore.notify(n.TwoFactorEnabled, {
|
|
2652
2669
|
recoveryCodes: t.recovery_codes,
|
|
2653
2670
|
clearRecoveryCodes: () => {
|
|
2654
2671
|
t.recovery_codes.length = 0;
|
|
@@ -2674,7 +2691,7 @@ class De {
|
|
|
2674
2691
|
code: e,
|
|
2675
2692
|
tfa_token: this.partialAuthState.tfaToken
|
|
2676
2693
|
});
|
|
2677
|
-
return this.clearPartialAuthState(), this.subscribeStore.notify(
|
|
2694
|
+
return this.clearPartialAuthState(), this.subscribeStore.notify(n.TwoFactorVerified, { tokens: t }), t;
|
|
2678
2695
|
} catch (t) {
|
|
2679
2696
|
this.emitErrorAndThrow(t, "Verify 2FA code");
|
|
2680
2697
|
}
|
|
@@ -2696,13 +2713,13 @@ class De {
|
|
|
2696
2713
|
recovery_code: t,
|
|
2697
2714
|
tfa_token: this.partialAuthState.tfaToken
|
|
2698
2715
|
});
|
|
2699
|
-
return this.clearPartialAuthState(), r.remaining_recovery_codes === 0 ? this.subscribeStore.notify(
|
|
2716
|
+
return this.clearPartialAuthState(), r.remaining_recovery_codes === 0 ? this.subscribeStore.notify(n.TwoFactorRecoveryCodesExhausted, { tokens: r }) : r.remaining_recovery_codes <= 2 && this.subscribeStore.notify(n.TwoFactorRecoveryCodesLow, {
|
|
2700
2717
|
tokens: r,
|
|
2701
2718
|
remainingCodes: r.remaining_recovery_codes
|
|
2702
|
-
}), this.subscribeStore.notify(
|
|
2719
|
+
}), this.subscribeStore.notify(n.TwoFactorRecoveryUsed, {
|
|
2703
2720
|
tokens: r,
|
|
2704
2721
|
remainingCodes: r.remaining_recovery_codes
|
|
2705
|
-
}), this.subscribeStore.notify(
|
|
2722
|
+
}), this.subscribeStore.notify(n.TwoFactorVerified, { tokens: r }), r;
|
|
2706
2723
|
} catch (t) {
|
|
2707
2724
|
this.emitErrorAndThrow(t, "Use recovery code");
|
|
2708
2725
|
}
|
|
@@ -2715,7 +2732,7 @@ class De {
|
|
|
2715
2732
|
throw new Error(`Invalid TOTP code format. Code must be exactly ${this.totpDigits} digits.`);
|
|
2716
2733
|
try {
|
|
2717
2734
|
const t = await this.twoFactorApi.disable({ code: e });
|
|
2718
|
-
return this.subscribeStore.notify(
|
|
2735
|
+
return this.subscribeStore.notify(n.TwoFactorDisabled, {}), t;
|
|
2719
2736
|
} catch (t) {
|
|
2720
2737
|
this.emitErrorAndThrow(t, "Disable 2FA");
|
|
2721
2738
|
}
|
|
@@ -2815,12 +2832,12 @@ class De {
|
|
|
2815
2832
|
scope: "2fa_setup",
|
|
2816
2833
|
timestamp: Date.now(),
|
|
2817
2834
|
expiresAt: Date.now() + (t.expiresIn || 3600) * 1e3
|
|
2818
|
-
}, this.subscribeStore.notify(
|
|
2835
|
+
}, this.subscribeStore.notify(n.TwoFactorSetupMagicLinkValidated, {
|
|
2819
2836
|
userId: t.userId,
|
|
2820
2837
|
appId: t.appId,
|
|
2821
2838
|
expiresIn: t.expiresIn || 3600,
|
|
2822
2839
|
sessionToken: t.sessionToken
|
|
2823
|
-
})) : t.error && this.subscribeStore.notify(
|
|
2840
|
+
})) : t.error && this.subscribeStore.notify(n.TwoFactorSetupMagicLinkFailed, {
|
|
2824
2841
|
error: t.error
|
|
2825
2842
|
}), t;
|
|
2826
2843
|
}
|
|
@@ -2891,7 +2908,7 @@ class De {
|
|
|
2891
2908
|
async beginMethodSetup(e) {
|
|
2892
2909
|
try {
|
|
2893
2910
|
const t = await this.twoFactorApi.beginMethodSetup(e);
|
|
2894
|
-
return this.subscribeStore.notify(
|
|
2911
|
+
return this.subscribeStore.notify(n.TwoFactorSetupStarted, { secret: "", method: e }), t;
|
|
2895
2912
|
} catch (t) {
|
|
2896
2913
|
this.emitErrorAndThrow(t, "Begin 2FA method setup");
|
|
2897
2914
|
}
|
|
@@ -2902,7 +2919,7 @@ class De {
|
|
|
2902
2919
|
async confirmMethodSetup(e, t) {
|
|
2903
2920
|
try {
|
|
2904
2921
|
const r = await this.twoFactorApi.confirmMethodSetup(e, t);
|
|
2905
|
-
return this.subscribeStore.notify(
|
|
2922
|
+
return this.subscribeStore.notify(n.TwoFactorEnabled, {
|
|
2906
2923
|
recoveryCodes: [],
|
|
2907
2924
|
clearRecoveryCodes: () => {
|
|
2908
2925
|
}
|
|
@@ -2927,7 +2944,7 @@ class De {
|
|
|
2927
2944
|
async requestChallenge(e) {
|
|
2928
2945
|
try {
|
|
2929
2946
|
const t = await this.twoFactorApi.requestChallenge(e);
|
|
2930
|
-
return this.subscribeStore.notify(
|
|
2947
|
+
return this.subscribeStore.notify(n.TwoFactorChallengeReceived, {
|
|
2931
2948
|
challengeId: t.challenge_id,
|
|
2932
2949
|
method: t.method,
|
|
2933
2950
|
alternativeMethods: t.alternative_methods
|
|
@@ -2942,12 +2959,12 @@ class De {
|
|
|
2942
2959
|
async verifyV2(e) {
|
|
2943
2960
|
try {
|
|
2944
2961
|
const t = await this.twoFactorApi.verifyV2(e);
|
|
2945
|
-
return t.success && (this.subscribeStore.notify(
|
|
2962
|
+
return t.success && (this.subscribeStore.notify(n.TwoFactorVerified, {
|
|
2946
2963
|
tokens: {
|
|
2947
2964
|
access_token: t.access_token,
|
|
2948
2965
|
refresh_token: t.refresh_token
|
|
2949
2966
|
}
|
|
2950
|
-
}), t.device_trusted && this.subscribeStore.notify(
|
|
2967
|
+
}), t.device_trusted && this.subscribeStore.notify(n.TwoFactorDeviceTrusted, {})), t;
|
|
2951
2968
|
} catch (t) {
|
|
2952
2969
|
this.emitErrorAndThrow(t, "Verify 2FA challenge");
|
|
2953
2970
|
}
|
|
@@ -2958,7 +2975,7 @@ class De {
|
|
|
2958
2975
|
async switchToAlternative(e) {
|
|
2959
2976
|
try {
|
|
2960
2977
|
const t = await this.twoFactorApi.switchToAlternative(e);
|
|
2961
|
-
return this.subscribeStore.notify(
|
|
2978
|
+
return this.subscribeStore.notify(n.TwoFactorMethodSwitched, {
|
|
2962
2979
|
challengeId: t.challenge_id,
|
|
2963
2980
|
method: t.method,
|
|
2964
2981
|
alternativeMethods: t.alternative_methods
|
|
@@ -3026,7 +3043,7 @@ class Pe {
|
|
|
3026
3043
|
passkeyUsername: t,
|
|
3027
3044
|
passkeyDisplayName: r
|
|
3028
3045
|
} = {}) {
|
|
3029
|
-
const s = this.deviceService.getDeviceId(), o = b.web, { challenge_id:
|
|
3046
|
+
const s = this.deviceService.getDeviceId(), o = b.web, { challenge_id: a, publicKey: d } = await this.userAPI.addUserPasskeyStart({
|
|
3030
3047
|
relyingPartyId: e || window?.location?.hostname,
|
|
3031
3048
|
deviceId: s,
|
|
3032
3049
|
os: o,
|
|
@@ -3035,17 +3052,17 @@ class Pe {
|
|
|
3035
3052
|
});
|
|
3036
3053
|
d.user.id = btoa(d.user.id);
|
|
3037
3054
|
const h = await K({ optionsJSON: d });
|
|
3038
|
-
return await this.userAPI.addUserPasskeyComplete(h, s,
|
|
3055
|
+
return await this.userAPI.addUserPasskeyComplete(h, s, a);
|
|
3039
3056
|
}
|
|
3040
3057
|
}
|
|
3041
3058
|
const O = class O {
|
|
3042
3059
|
constructor(e) {
|
|
3043
3060
|
this.doRefreshTokens = !1, this.origin = window.location.origin, this.session = async ({
|
|
3044
3061
|
createSession: o,
|
|
3045
|
-
expiredSession:
|
|
3062
|
+
expiredSession: a,
|
|
3046
3063
|
doRefresh: d = !1
|
|
3047
3064
|
}) => {
|
|
3048
|
-
this.createSessionCallback = o, this.expiredSessionCallback =
|
|
3065
|
+
this.createSessionCallback = o, this.expiredSessionCallback = a, this.doRefreshTokens = d, await this.submitSessionCheck();
|
|
3049
3066
|
};
|
|
3050
3067
|
const { url: t, appId: r, scopes: s } = e;
|
|
3051
3068
|
this.url = t || V, this.appId = r, this.storageManager = new $({
|
|
@@ -3092,7 +3109,7 @@ const O = class O {
|
|
|
3092
3109
|
message: r instanceof Error || r instanceof u ? r.message : "Session check failed",
|
|
3093
3110
|
originalError: r
|
|
3094
3111
|
};
|
|
3095
|
-
this.subscribeStore.notify(
|
|
3112
|
+
this.subscribeStore.notify(n.Error, s), e = void 0;
|
|
3096
3113
|
}
|
|
3097
3114
|
e && this.createSessionCallback && await this.createSessionCallback({ tokens: e, parsedTokens: t }), !e && this.expiredSessionCallback && await this.expiredSessionCallback();
|
|
3098
3115
|
}
|
|
@@ -3170,7 +3187,7 @@ const O = class O {
|
|
|
3170
3187
|
const h = new URLSearchParams(window.location.hash.substring(1));
|
|
3171
3188
|
h.get("access_token") && (e = h, t = !0);
|
|
3172
3189
|
}
|
|
3173
|
-
const r = e.get("access_token"), s = e.get("refresh_token"), o = e.get("id_token"),
|
|
3190
|
+
const r = e.get("access_token"), s = e.get("refresh_token"), o = e.get("id_token"), a = e.get("scopes")?.split(",") ?? this.scopes;
|
|
3174
3191
|
let d;
|
|
3175
3192
|
if (r) {
|
|
3176
3193
|
if (!D(r)) {
|
|
@@ -3178,7 +3195,7 @@ const O = class O {
|
|
|
3178
3195
|
message: "Invalid access token format received",
|
|
3179
3196
|
code: "INVALID_TOKEN_FORMAT"
|
|
3180
3197
|
};
|
|
3181
|
-
this.subscribeStore.notify(
|
|
3198
|
+
this.subscribeStore.notify(n.Error, h), this.cleanupUrlParams(t);
|
|
3182
3199
|
return;
|
|
3183
3200
|
}
|
|
3184
3201
|
if (s && !D(s)) {
|
|
@@ -3186,7 +3203,7 @@ const O = class O {
|
|
|
3186
3203
|
message: "Invalid refresh token format received",
|
|
3187
3204
|
code: "INVALID_TOKEN_FORMAT"
|
|
3188
3205
|
};
|
|
3189
|
-
this.subscribeStore.notify(
|
|
3206
|
+
this.subscribeStore.notify(n.Error, h), this.cleanupUrlParams(t);
|
|
3190
3207
|
return;
|
|
3191
3208
|
}
|
|
3192
3209
|
if (o && !D(o)) {
|
|
@@ -3194,15 +3211,15 @@ const O = class O {
|
|
|
3194
3211
|
message: "Invalid ID token format received",
|
|
3195
3212
|
code: "INVALID_TOKEN_FORMAT"
|
|
3196
3213
|
};
|
|
3197
|
-
this.subscribeStore.notify(
|
|
3214
|
+
this.subscribeStore.notify(n.Error, h), this.cleanupUrlParams(t);
|
|
3198
3215
|
return;
|
|
3199
3216
|
}
|
|
3200
3217
|
return d = {
|
|
3201
3218
|
access_token: r,
|
|
3202
3219
|
refresh_token: s ?? void 0,
|
|
3203
3220
|
id_token: o ?? void 0,
|
|
3204
|
-
scopes:
|
|
3205
|
-
}, this.storageManager.clearDeliveryMode(), this.storageManager.saveTokens(d), this.tokenCacheService.setTokensCache(d), this.subscribeStore.notify(
|
|
3221
|
+
scopes: a
|
|
3222
|
+
}, this.storageManager.clearDeliveryMode(), this.storageManager.saveTokens(d), this.tokenCacheService.setTokensCache(d), this.subscribeStore.notify(n.SignIn, { tokens: d, parsedTokens: this.getParsedTokens() }), this.submitSessionCheck(), this.cleanupUrlParams(t), this.error = void 0, d;
|
|
3206
3223
|
} else
|
|
3207
3224
|
this.error = this.checkErrorsFromURL();
|
|
3208
3225
|
}
|
|
@@ -3437,7 +3454,7 @@ const O = class O {
|
|
|
3437
3454
|
originalError: e,
|
|
3438
3455
|
code: e instanceof u ? e.id : void 0
|
|
3439
3456
|
};
|
|
3440
|
-
throw this.subscribeStore.notify(
|
|
3457
|
+
throw this.subscribeStore.notify(n.Error, r), e;
|
|
3441
3458
|
}
|
|
3442
3459
|
/**
|
|
3443
3460
|
* Sign out the current user and clear all tokens.
|
|
@@ -3458,7 +3475,7 @@ const O = class O {
|
|
|
3458
3475
|
*/
|
|
3459
3476
|
async logOut() {
|
|
3460
3477
|
try {
|
|
3461
|
-
await this.authService.logOut(), this.storageManager.deleteTokens(), this.tokenCacheService.setTokensCache(void 0), this.twoFactorService.clearPartialAuthState(), await this.submitSessionCheck(), this.subscribeStore.notify(
|
|
3478
|
+
await this.authService.logOut(), this.storageManager.deleteTokens(), this.tokenCacheService.setTokensCache(void 0), this.twoFactorService.clearPartialAuthState(), await this.submitSessionCheck(), this.subscribeStore.notify(n.SignOut, {});
|
|
3462
3479
|
} catch (e) {
|
|
3463
3480
|
this.handleError(e, "Log out");
|
|
3464
3481
|
}
|
|
@@ -3528,13 +3545,13 @@ const O = class O {
|
|
|
3528
3545
|
* ```
|
|
3529
3546
|
*/
|
|
3530
3547
|
reset(e) {
|
|
3531
|
-
if (this.storageManager.deleteTokens(), this.tokenCacheService.setTokensCache(void 0), this.subscribeStore.notify(
|
|
3548
|
+
if (this.storageManager.deleteTokens(), this.tokenCacheService.setTokensCache(void 0), this.subscribeStore.notify(n.SignOut, {}), e) {
|
|
3532
3549
|
this.error = new Error(e);
|
|
3533
3550
|
const t = {
|
|
3534
3551
|
message: e,
|
|
3535
3552
|
code: "RESET_ERROR"
|
|
3536
3553
|
};
|
|
3537
|
-
throw this.subscribeStore.notify(
|
|
3554
|
+
throw this.subscribeStore.notify(n.Error, t), this.error;
|
|
3538
3555
|
}
|
|
3539
3556
|
}
|
|
3540
3557
|
/**
|
|
@@ -3561,7 +3578,7 @@ const O = class O {
|
|
|
3561
3578
|
try {
|
|
3562
3579
|
return await this.authService.refreshToken();
|
|
3563
3580
|
} catch (e) {
|
|
3564
|
-
throw e instanceof u || this.subscribeStore.notify(
|
|
3581
|
+
throw e instanceof u || this.subscribeStore.notify(n.Error, {
|
|
3565
3582
|
message: "Failed to refresh token",
|
|
3566
3583
|
originalError: e
|
|
3567
3584
|
}), e;
|
|
@@ -3766,7 +3783,7 @@ const O = class O {
|
|
|
3766
3783
|
* ```
|
|
3767
3784
|
*/
|
|
3768
3785
|
setTokens(e) {
|
|
3769
|
-
this.storageManager.saveTokens(e), this.tokenCacheService.setTokensCache(e), this.subscribeStore.notify(
|
|
3786
|
+
this.storageManager.saveTokens(e), this.tokenCacheService.setTokensCache(e), this.subscribeStore.notify(n.SignIn, {
|
|
3770
3787
|
tokens: e,
|
|
3771
3788
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
3772
3789
|
});
|
|
@@ -4202,7 +4219,7 @@ const O = class O {
|
|
|
4202
4219
|
async verifyTwoFactor(e) {
|
|
4203
4220
|
try {
|
|
4204
4221
|
const t = await this.twoFactorService.verify(e);
|
|
4205
|
-
return this.storageManager.saveTokens(t), this.tokenCacheService.setTokensCache(t), this.subscribeStore.notify(
|
|
4222
|
+
return this.storageManager.saveTokens(t), this.tokenCacheService.setTokensCache(t), this.subscribeStore.notify(n.SignIn, {
|
|
4206
4223
|
tokens: t,
|
|
4207
4224
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
4208
4225
|
}), await this.submitSessionCheck(), t;
|
|
@@ -4229,7 +4246,7 @@ const O = class O {
|
|
|
4229
4246
|
async useTwoFactorRecoveryCode(e) {
|
|
4230
4247
|
try {
|
|
4231
4248
|
const t = await this.twoFactorService.useRecoveryCode(e);
|
|
4232
|
-
return this.storageManager.saveTokens(t), this.tokenCacheService.setTokensCache(t), this.subscribeStore.notify(
|
|
4249
|
+
return this.storageManager.saveTokens(t), this.tokenCacheService.setTokensCache(t), this.subscribeStore.notify(n.SignIn, {
|
|
4233
4250
|
tokens: t,
|
|
4234
4251
|
parsedTokens: this.tokenCacheService.getParsedTokens()
|
|
4235
4252
|
}), await this.submitSessionCheck(), t;
|
|
@@ -4517,7 +4534,7 @@ class U extends l {
|
|
|
4517
4534
|
}), this.name = "M2MConfigError";
|
|
4518
4535
|
}
|
|
4519
4536
|
}
|
|
4520
|
-
const
|
|
4537
|
+
const Ge = {
|
|
4521
4538
|
InvalidRequest: "invalid_request",
|
|
4522
4539
|
InvalidClient: "invalid_client",
|
|
4523
4540
|
InvalidGrant: "invalid_grant",
|
|
@@ -4527,7 +4544,7 @@ const Ve = {
|
|
|
4527
4544
|
RateLimitExceeded: "rate_limit_exceeded",
|
|
4528
4545
|
ServerError: "server_error",
|
|
4529
4546
|
TemporarilyUnavailable: "temporarily_unavailable"
|
|
4530
|
-
},
|
|
4547
|
+
}, T = {
|
|
4531
4548
|
/** Default token endpoint path */
|
|
4532
4549
|
TOKEN_ENDPOINT: "/oauth2/token",
|
|
4533
4550
|
/** Default request timeout in milliseconds */
|
|
@@ -4567,7 +4584,7 @@ const Ue = {
|
|
|
4567
4584
|
return Math.pow(2, i - 1) * 1e3;
|
|
4568
4585
|
}
|
|
4569
4586
|
};
|
|
4570
|
-
class
|
|
4587
|
+
class qe {
|
|
4571
4588
|
/**
|
|
4572
4589
|
* Create a new M2M client
|
|
4573
4590
|
*
|
|
@@ -4598,16 +4615,16 @@ class Ge {
|
|
|
4598
4615
|
scopes: e.scopes,
|
|
4599
4616
|
audience: e.audience,
|
|
4600
4617
|
autoRefresh: e.autoRefresh ?? !1,
|
|
4601
|
-
refreshThreshold: e.refreshThreshold ??
|
|
4602
|
-
timeout: e.timeout ??
|
|
4603
|
-
retries: e.retries ??
|
|
4604
|
-
retryDelay: e.retryDelay ??
|
|
4618
|
+
refreshThreshold: e.refreshThreshold ?? T.REFRESH_THRESHOLD,
|
|
4619
|
+
timeout: e.timeout ?? T.TIMEOUT,
|
|
4620
|
+
retries: e.retries ?? T.RETRIES,
|
|
4621
|
+
retryDelay: e.retryDelay ?? T.RETRY_DELAY,
|
|
4605
4622
|
retryStrategy: e.retryStrategy,
|
|
4606
4623
|
cache: e.cache,
|
|
4607
4624
|
onTokenRequest: e.onTokenRequest,
|
|
4608
4625
|
onTokenResponse: e.onTokenResponse,
|
|
4609
4626
|
onError: e.onError
|
|
4610
|
-
}, this.cache = e.cache ?? new xe(), this.retryStrategy = e.retryStrategy ?? Ue, this.tokenEndpoint = `${t}${
|
|
4627
|
+
}, this.cache = e.cache ?? new xe(), this.retryStrategy = e.retryStrategy ?? Ue, this.tokenEndpoint = `${t}${T.TOKEN_ENDPOINT}`;
|
|
4611
4628
|
}
|
|
4612
4629
|
/**
|
|
4613
4630
|
* Get the cache key for this client
|
|
@@ -4698,16 +4715,16 @@ class Ge {
|
|
|
4698
4715
|
const o = await fetch(this.tokenEndpoint, {
|
|
4699
4716
|
method: "POST",
|
|
4700
4717
|
headers: {
|
|
4701
|
-
"Content-Type":
|
|
4718
|
+
"Content-Type": T.CONTENT_TYPE,
|
|
4702
4719
|
Accept: "application/json"
|
|
4703
4720
|
},
|
|
4704
4721
|
body: t.toString(),
|
|
4705
4722
|
signal: r.signal
|
|
4706
4723
|
});
|
|
4707
4724
|
clearTimeout(s);
|
|
4708
|
-
const
|
|
4725
|
+
const a = {};
|
|
4709
4726
|
o.headers.forEach((h, g) => {
|
|
4710
|
-
|
|
4727
|
+
a[g.toLowerCase()] = h;
|
|
4711
4728
|
});
|
|
4712
4729
|
const d = await o.json();
|
|
4713
4730
|
if (!o.ok) {
|
|
@@ -4718,7 +4735,7 @@ class Ge {
|
|
|
4718
4735
|
error_uri: d.error_uri
|
|
4719
4736
|
},
|
|
4720
4737
|
o.status,
|
|
4721
|
-
|
|
4738
|
+
a
|
|
4722
4739
|
);
|
|
4723
4740
|
throw this.config.onError && this.config.onError({
|
|
4724
4741
|
error: h.code,
|
|
@@ -4870,7 +4887,7 @@ class Ge {
|
|
|
4870
4887
|
const s = await fetch(t, {
|
|
4871
4888
|
method: "POST",
|
|
4872
4889
|
headers: {
|
|
4873
|
-
"Content-Type":
|
|
4890
|
+
"Content-Type": T.CONTENT_TYPE
|
|
4874
4891
|
},
|
|
4875
4892
|
body: r.toString()
|
|
4876
4893
|
});
|
|
@@ -4920,6 +4937,7 @@ export {
|
|
|
4920
4937
|
pe as AppAPI,
|
|
4921
4938
|
fe as AuthAPI,
|
|
4922
4939
|
Ie as AuthService,
|
|
4940
|
+
Ve as CLIAuthAPI,
|
|
4923
4941
|
Ke as DEFAULT_GROUP_NAME,
|
|
4924
4942
|
Q as DEFAULT_SCOPES,
|
|
4925
4943
|
W as DEVICE_ID_HEADER_KEY,
|
|
@@ -4927,13 +4945,13 @@ export {
|
|
|
4927
4945
|
ne as ERROR_MESSAGE_MAX_LENGTH,
|
|
4928
4946
|
ke as InvitationAPI,
|
|
4929
4947
|
be as InvitationService,
|
|
4930
|
-
|
|
4948
|
+
qe as M2MClient,
|
|
4931
4949
|
U as M2MConfigError,
|
|
4932
4950
|
l as M2MError,
|
|
4933
|
-
|
|
4951
|
+
Ge as M2MErrorCodes,
|
|
4934
4952
|
N as M2MNetworkError,
|
|
4935
4953
|
M as M2MTokenParseError,
|
|
4936
|
-
|
|
4954
|
+
T as M2M_DEFAULTS,
|
|
4937
4955
|
Ne as MINIMAL_DEFAULT_SCOPES,
|
|
4938
4956
|
b as OS,
|
|
4939
4957
|
V as PASSFLOW_CLOUD_URL,
|
|
@@ -4942,10 +4960,10 @@ export {
|
|
|
4942
4960
|
se as POPUP_TIMEOUT_MS,
|
|
4943
4961
|
ee as POPUP_WIDTH,
|
|
4944
4962
|
L as Passflow,
|
|
4945
|
-
|
|
4963
|
+
_ as PassflowAdminEndpointPaths,
|
|
4946
4964
|
c as PassflowEndpointPaths,
|
|
4947
4965
|
u as PassflowError,
|
|
4948
|
-
|
|
4966
|
+
n as PassflowEvent,
|
|
4949
4967
|
de as Providers,
|
|
4950
4968
|
E as RequestMethod,
|
|
4951
4969
|
Z as SDK_VERSION,
|
|
@@ -4956,7 +4974,7 @@ export {
|
|
|
4956
4974
|
Me as TenantService,
|
|
4957
4975
|
Re as TenantUserMembership,
|
|
4958
4976
|
Fe as TokenCacheService,
|
|
4959
|
-
|
|
4977
|
+
m as TokenDeliveryMode,
|
|
4960
4978
|
p as TokenType,
|
|
4961
4979
|
me as TwoFactorApiClient,
|
|
4962
4980
|
ue as TwoFactorPolicy,
|
|
@@ -4971,7 +4989,7 @@ export {
|
|
|
4971
4989
|
x as isValidPhoneNumber,
|
|
4972
4990
|
_e as isValidUsername,
|
|
4973
4991
|
v as parseToken,
|
|
4974
|
-
|
|
4992
|
+
y as pathWithParams,
|
|
4975
4993
|
Te as sanitizeErrorMessage
|
|
4976
4994
|
};
|
|
4977
4995
|
//# sourceMappingURL=index.mjs.map
|