@pod-os/elements 0.40.0 → 0.41.0-rc.4453840.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/{index-Bc4gZgPG.js → index-BP03J2RA.js} +246 -75
- package/dist/cjs/{jsonld-V2RB47OZ-JAbnY92y.js → jsonld-V2RB47OZ-B6QDxKa1.js} +1 -1
- package/dist/cjs/pos-add-literal-value_3.cjs.entry.js +1 -1
- package/dist/cjs/pos-add-new-thing_32.cjs.entry.js +1 -1
- package/dist/cjs/pos-add-relation.cjs.entry.js +1 -1
- package/dist/cjs/pos-container-contents.cjs.entry.js +1 -1
- package/dist/cjs/pos-subjects.cjs.entry.js +1 -1
- package/dist/components/index2.js +1 -1
- package/dist/elements/elements.esm.js +1 -1
- package/dist/elements/{p-57d32176.entry.js → p-1e0bd264.entry.js} +1 -1
- package/dist/elements/{p-a8628eb4.entry.js → p-3ef3a9a9.entry.js} +1 -1
- package/dist/elements/{p-f6da714c.entry.js → p-5506bf9a.entry.js} +1 -1
- package/dist/elements/{p-DuW6UWKz.js → p-DqO-cIHe.js} +1 -1
- package/dist/elements/{p-ed1d9d77.entry.js → p-d31c55b9.entry.js} +1 -1
- package/dist/elements/{p-2ee1efdb.entry.js → p-f9c10964.entry.js} +1 -1
- package/dist/elements/p-sVi8GCz5.js +67 -0
- package/dist/esm/{index-LnGgDqFG.js → index-CMbRpNym.js} +246 -75
- package/dist/esm/{jsonld-V2RB47OZ-DFmZ008Y.js → jsonld-V2RB47OZ-zn531VHn.js} +1 -1
- package/dist/esm/pos-add-literal-value_3.entry.js +1 -1
- package/dist/esm/pos-add-new-thing_32.entry.js +1 -1
- package/dist/esm/pos-add-relation.entry.js +1 -1
- package/dist/esm/pos-container-contents.entry.js +1 -1
- package/dist/esm/pos-subjects.entry.js +1 -1
- package/package.json +2 -2
- package/dist/elements/p-BXBNVUZ5.js +0 -67
|
@@ -1 +1 @@
|
|
|
1
|
-
import{p as e,B as o,d as r,w as t,N as a,e as i,g as n,b as p}from"./p-spEUIGXI.js";export{s as setNonce}from"./p-spEUIGXI.js";var d=e=>{const o=e.cloneNode;e.cloneNode=function(e){if("TEMPLATE"===this.nodeName)return o.call(this,e);const s=o.call(this,!1),r=this.childNodes;if(e)for(let e=0;e<r.length;e++)2!==r[e].nodeType&&s.appendChild(r[e].cloneNode(!0));return s}};(()=>{o.isDev&&!o.isTesting&&r("Running in development mode."),o.cloneNodeFix&&d(i.prototype);const s=o.scriptDataOpts?t.document&&Array.from(t.document.querySelectorAll("script")).find((e=>new RegExp(`/${a}(\\.esm)?\\.js($|\\?|#)`).test(e.src)||e.getAttribute("data-stencil-namespace")===a)):null,n=import.meta.url,p=o.scriptDataOpts&&(s||{})["data-opts"]||{};return""!==n&&(p.resourcesUrl=new URL(".",n).href),e(p)})().then((async e=>(await n(),p([["p-a234b3fe",[[1,"pos-app-generic"]]],["p-e4eae182",[[1,"pos-app-ldp-container"]]],["p-4fa32d10",[[1,"pos-app-rdf-document"]]],["p-a78df72b",[[1,"pos-app-image-viewer",{resource:[32]}]]],["p-0febf76e",[[1,"pos-tool-attachments",{os:[32],resource:[32]}]]],["p-33783890",[[1,"pos-app-document-viewer",{resource:[32]}]]],["p-17d63fec",[[0,"pos-list",{rel:[1],ifTypeof:[1,"if-typeof"],fetch:[4],error:[32],os:[32],resource:[32],items:[32],templateString:[32]}]]],["p-aca646a4",[[0,"pos-case",{ifTypeof:[1,"if-typeof"],ifProperty:[1,"if-property"],ifRev:[1,"if-rev"],not:[4],else:[4],error:[32]}]]],["p-31370224",[[0,"pos-switch",{error:[32],resource:[32],caseElements:[32],types:[32],relations:[32],reverseRelations:[32]}]]],["p-624503dd",[[1,"pos-value",{predicate:[1],resource:[32]}]]],["p-5f8df3c2",[[1,"pos-attachments",{resource:[32],attachments:[32],addToList:[64]}]]],["p-
|
|
1
|
+
import{p as e,B as o,d as r,w as t,N as a,e as i,g as n,b as p}from"./p-spEUIGXI.js";export{s as setNonce}from"./p-spEUIGXI.js";var d=e=>{const o=e.cloneNode;e.cloneNode=function(e){if("TEMPLATE"===this.nodeName)return o.call(this,e);const s=o.call(this,!1),r=this.childNodes;if(e)for(let e=0;e<r.length;e++)2!==r[e].nodeType&&s.appendChild(r[e].cloneNode(!0));return s}};(()=>{o.isDev&&!o.isTesting&&r("Running in development mode."),o.cloneNodeFix&&d(i.prototype);const s=o.scriptDataOpts?t.document&&Array.from(t.document.querySelectorAll("script")).find((e=>new RegExp(`/${a}(\\.esm)?\\.js($|\\?|#)`).test(e.src)||e.getAttribute("data-stencil-namespace")===a)):null,n=import.meta.url,p=o.scriptDataOpts&&(s||{})["data-opts"]||{};return""!==n&&(p.resourcesUrl=new URL(".",n).href),e(p)})().then((async e=>(await n(),p([["p-a234b3fe",[[1,"pos-app-generic"]]],["p-e4eae182",[[1,"pos-app-ldp-container"]]],["p-4fa32d10",[[1,"pos-app-rdf-document"]]],["p-a78df72b",[[1,"pos-app-image-viewer",{resource:[32]}]]],["p-0febf76e",[[1,"pos-tool-attachments",{os:[32],resource:[32]}]]],["p-33783890",[[1,"pos-app-document-viewer",{resource:[32]}]]],["p-17d63fec",[[0,"pos-list",{rel:[1],ifTypeof:[1,"if-typeof"],fetch:[4],error:[32],os:[32],resource:[32],items:[32],templateString:[32]}]]],["p-aca646a4",[[0,"pos-case",{ifTypeof:[1,"if-typeof"],ifProperty:[1,"if-property"],ifRev:[1,"if-rev"],not:[4],else:[4],error:[32]}]]],["p-31370224",[[0,"pos-switch",{error:[32],resource:[32],caseElements:[32],types:[32],relations:[32],reverseRelations:[32]}]]],["p-624503dd",[[1,"pos-value",{predicate:[1],resource:[32]}]]],["p-5f8df3c2",[[1,"pos-attachments",{resource:[32],attachments:[32],addToList:[64]}]]],["p-d31c55b9",[[1,"pos-container-contents",{container:[32],contents:[32],loading:[32],createNewItem:[32]},[[0,"keydown","handleKeyDown"]]]]],["p-2f122da6",[[1,"pos-document",{src:[1],alt:[1],os:[32],file:[32],brokenFile:[32],error:[32],saveStatus:[32],loading:[32],isEditable:[32]},[[0,"pod-os:document-modified","handleDocumentModified"]],{os:[{fetchBlob:0}],src:[{fetchBlob:0}]}]]],["p-1e0bd264",[[0,"pos-app-browser",{restorePreviousSession:[4,"restore-previous-session"],mode:[1],uri:[32]}],[0,"pos-internal-router",{uri:[1]}],[257,"pos-login",{os:[32],customLoggedInComponent:[32]},[[4,"pod-os:logout","logout"],[4,"pod-os:login","onLogin"]]],[1,"pos-navigation",{uri:[1],os:[32],inputValue:[32],searchIndex:[32],suggestions:[32],selectedIndex:[32],resource:[32]},[[0,"pod-os:search:index-created","buildSearchIndex"],[0,"pod-os:search:index-updated","rebuildSearchIndex"],[0,"pod-os:navigate","openNavigationDialog"],[4,"click","closeDialog"],[0,"pod-os:link","clearSuggestions"],[0,"click","onClickSelf"],[0,"keydown","handleKeyDown"]],{uri:[{updateResource:0}],os:[{updateResource:0}]}],[1,"pos-user-menu",{webId:[1,"web-id"]},[[0,"sl-select","onSelect"]]],[1,"pos-add-new-thing",{referenceUri:[1,"reference-uri"]}],[1,"pos-type-router",{initialTool:[32],availableTools:[32],oldTool:[32],currentTool:[32],transitioning:[32]},[[0,"pod-os:tool-selected","handleToolSelected"]]],[257,"pos-app",{restorePreviousSession:[4,"restore-previous-session"],os:[32],unsubscribeSettings:[32],loading:[32]},[[0,"pod-os:init","initializeOs"],[0,"pod-os:module","loadModule"]]],[257,"pos-error-toast",{title:[32],message:[32]},[[8,"unhandledrejection","unhandledRejection"],[0,"pod-os:error","catchError"]]],[260,"pos-router",{mode:[1],uri:[32]},[[0,"pod-os:link","linkClicked"],[8,"pod-os:session-restored","sessionRestored"]]],[1,"pos-app-dashboard"],[1,"pos-navigation-bar",{current:[16],searchIndexReady:[4,"search-index-ready"]},[[4,"keydown","activate"]]],[1,"pos-app-settings"],[17,"pos-new-thing-form",{referenceUri:[1,"reference-uri"],os:[32],newUri:[32],name:[32],selectedTypeUri:[32],canSubmit:[32]},null,{name:[{validate:0}],selectedTypeUri:[{validate:0}]}],[17,"pos-login-form",{idpUrl:[32],canSubmit:[32],rememberMe:[32]},null,{idpUrl:[{validate:0}]}],[1,"pos-tool-select",{selected:[16],tools:[16]}],[1,"pos-type-index-entries",{uri:[1],entries:[32]}],[1,"pos-example-resources"],[1,"pos-make-findable",{uri:[1],os:[32],thing:[32],indexes:[32],unsubscribeSessionChange:[32],showOptions:[32],isIndexed:[32]},[[0,"sl-select","onSelect"]],{uri:[{updateUri:0}]}],[260,"pos-dialog",{showModal:[64],close:[64]}],[1,"pos-getting-started"],[1,"pos-setting-offline-cache"],[1,"pos-share",{uri:[1],apps:[32],os:[32]},[[4,"pod-os:resource-loaded","resourceLoaded"],[0,"sl-select","onSelect"]],{uri:[{updateApps:0}]}],[257,"pos-picture",{blurredBackground:[4,"blurred-background"],noUpload:[4,"no-upload"],resource:[32],os:[32],isUploading:[32]}],[1,"pos-image",{src:[1],alt:[1],blurredBackground:[4,"blurred-background"],os:[32],dataUri:[32],brokenFile:[32],networkError:[32],imageError:[32],loading:[32]},null,{os:[{fetchBlob:0}],src:[{fetchBlob:0}]}],[1,"pos-upload",{accept:[16],uploader:[16]}],[1,"pos-predicate",{uri:[1],label:[1],expanded:[32]}],[17,"pos-select-term",{placeholder:[1],value:[1],os:[32],terms:[32]},null,{os:[{setTerms:0}]}],[257,"pos-rich-link",{uri:[1],rel:[1],rev:[1],link:[32],followPredicate:[32],error:[32],showCustomContent:[32]}],[1,"pos-description",{resource:[32]}],[1,"pos-label",{resource:[32]}],[257,"pos-resource",{uri:[1],lazy:[4],os:[32],resource:[32],consumers:[32],error:[32],loading:[32],fetch:[64]},[[0,"pod-os:resource","provideResource"]],{os:[{loadResource:0}],uri:[{loadResource:0}]}]]],["p-c4034954",[[1,"pos-relations",{data:[32]}],[1,"pos-reverse-relations",{data:[32]}]]],["p-3ef3a9a9",[[1,"pos-subjects",{data:[32]}]]],["p-f9c10964",[[1,"pos-add-relation",{os:[32],resource:[32],selectedTermUri:[32],currentValue:[32]}]]],["p-d6e9d178",[[1,"pos-markdown-document",{file:[16],saveStatus:[1,"save-status"],editable:[4],markdown:[32],isModified:[32],isEditing:[32],startEditing:[64],stopEditing:[64]}]]],["p-513f7548",[[257,"pos-container-item",{resource:[32]}],[1,"pos-container-toolbar"],[1,"pos-create-new-container-item",{type:[1],container:[16],os:[32],name:[32]}]]],["p-5506bf9a",[[1,"pos-literals",{data:[32]}],[1,"pos-type-badges",{data:[32],typeLabels:[32],isExpanded:[32]}],[1,"pos-add-literal-value",{os:[32],resource:[32],currentValue:[32],selectedTermUri:[32]},null,{os:[{setName:0}]}]]]],e))));
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import{r as e,h as t,H as i,c as r,a as o,i as s,j as a}from"./p-spEUIGXI.js";import{i as n,E as l,T as d,c as p,_ as h,n as c,S as u,x as f,d as m,r as b,w as y,e as g,f as v}from"./p-Bz2zblgU.js";import{c as w,s as x,B as k}from"./p-DO6v4X9H.js";import{P as S,N as D,a as I,T as C}from"./p-BXBNVUZ5.js";import{c as B}from"./p-vFMstSdt.js";import{L as P,e as z,s as F,a as T,g as A,b as E,w as _,S as M}from"./p-DPNKR_cm.js";import{a as R,i as N,t as U,e as O}from"./p-DpbuT47x.js";import{s as $}from"./p-BW_CkW1K.js";import{s as j}from"./p-jlzl8vRd.js";import{u as W}from"./p-D0uCfr1-.js";const L=class{constructor(t){e(this,t)}openDialog(){this.dialog.showModal()}render(){return t(i,{key:"9a60547270fcc455679acdfe6de75da57e513b1f"},t("button",{key:"32a8ba00ef511587024c843663e281e2b6930c19",id:"new",title:"Add a new thing",onClick:()=>this.openDialog()},t("sl-icon",{key:"6faf99cef999b441410770b0509f5a8d6a10f7e9",name:"plus-circle"})),t("pos-dialog",{key:"f6cd827c19d3dfe33500f03e561f399e11d728ce",ref:e=>this.dialog=e},t("span",{key:"ff40b8f28a349a1ad6db11e2d427d74ea5fbd300",slot:"title"},"Add a new thing"),t("pos-new-thing-form",{key:"e48257160d78d025e6213bd61c4953261d4829c2",slot:"content",referenceUri:this.referenceUri})))}};L.style=":host{font-family:var(--font-sans);display:block}button#new{cursor:pointer;display:flex;align-items:center;justify-content:center;border:none;width:var(--size-10);height:var(--size-10);background-color:var(--pos-primary-color);color:var(--pos-primary-text-color);font-size:var(--scale-6);border-radius:var(--radius-xs);padding:var(--size-2)}button#new:hover,button#new:focus{outline:none;filter:brightness(110%);box-shadow:var(--shadow-sm)}pos-new-thing-form{margin:var(--scale-3)}";const H=localStorage.getItem("settings"),V=w(H?JSON.parse(H):{offlineCache:!1,rememberedIdp:null});V.on("set",(()=>{const e=JSON.stringify(V.state);localStorage.setItem("settings",e)})),window.addEventListener("storage",(e=>{if("settings"===e.key&&e.newValue){const t=JSON.parse(e.newValue);V.state.offlineCache=t.offlineCache,V.state.rememberedIdp=t.rememberedIdp}}));const J=(e,t)=>t.some((t=>e instanceof t));let K,q;const G=new WeakMap,X=new WeakMap,Y=new WeakMap;let Z={get(e,t,i){if(e instanceof IDBTransaction){if("done"===t)return G.get(e);if("store"===t)return i.objectStoreNames[1]?void 0:i.objectStore(i.objectStoreNames[0])}return te(e[t])},set:(e,t,i)=>(e[t]=i,!0),has:(e,t)=>e instanceof IDBTransaction&&("done"===t||"store"===t)||t in e};function Q(e){Z=e(Z)}function ee(e){return"function"==typeof e?(t=e,(q||(q=[IDBCursor.prototype.advance,IDBCursor.prototype.continue,IDBCursor.prototype.continuePrimaryKey])).includes(t)?function(...e){return t.apply(ie(this),e),te(this.request)}:function(...e){return te(t.apply(ie(this),e))}):(e instanceof IDBTransaction&&function(e){if(G.has(e))return;const t=new Promise(((t,i)=>{const r=()=>{e.removeEventListener("complete",o),e.removeEventListener("error",s),e.removeEventListener("abort",s)},o=()=>{t(),r()},s=()=>{i(e.error||new DOMException("AbortError","AbortError")),r()};e.addEventListener("complete",o),e.addEventListener("error",s),e.addEventListener("abort",s)}));G.set(e,t)}(e),J(e,K||(K=[IDBDatabase,IDBObjectStore,IDBIndex,IDBCursor,IDBTransaction]))?new Proxy(e,Z):e);var t}function te(e){if(e instanceof IDBRequest)return function(e){const t=new Promise(((t,i)=>{const r=()=>{e.removeEventListener("success",o),e.removeEventListener("error",s)},o=()=>{t(te(e.result)),r()},s=()=>{i(e.error),r()};e.addEventListener("success",o),e.addEventListener("error",s)}));return Y.set(t,e),t}(e);if(X.has(e))return X.get(e);const t=ee(e);return t!==e&&(X.set(e,t),Y.set(t,e)),t}const ie=e=>Y.get(e),re=["get","getKey","getAll","getAllKeys","count"],oe=["put","add","delete","clear"],se=new Map;function ae(e,t){if(!(e instanceof IDBDatabase)||t in e||"string"!=typeof t)return;if(se.get(t))return se.get(t);const i=t.replace(/FromIndex$/,""),r=t!==i,o=oe.includes(i);if(!(i in(r?IDBIndex:IDBObjectStore).prototype)||!o&&!re.includes(i))return;const s=async function(e,...t){const s=this.transaction(e,o?"readwrite":"readonly");let a=s.store;return r&&(a=a.index(t.shift())),(await Promise.all([a[i](...t),o&&s.done]))[0]};return se.set(t,s),s}Q((e=>({...e,get:(t,i,r)=>ae(t,i)||e.get(t,i,r),has:(t,i)=>!!ae(t,i)||e.has(t,i)})));const ne=["continue","continuePrimaryKey","advance"],le={},de=new WeakMap,pe=new WeakMap,he={get(e,t){if(!ne.includes(t))return e[t];let i=le[t];return i||(i=le[t]=function(...e){de.set(this,pe.get(this)[t](...e))}),i}};async function*ce(...e){let t=this;if(t instanceof IDBCursor||(t=await t.openCursor(...e)),!t)return;const i=new Proxy(t,he);for(pe.set(i,t),Y.set(i,ie(t));t;)yield i,t=await(de.get(i)||t.continue()),de.delete(i)}function ue(e,t){return t===Symbol.asyncIterator&&J(e,[IDBIndex,IDBObjectStore,IDBCursor])||"iterate"===t&&J(e,[IDBIndex,IDBObjectStore])}Q((e=>({...e,get:(t,i,r)=>ue(t,i)?ce:e.get(t,i,r),has:(t,i)=>ue(t,i)||e.has(t,i)})));class fe{constructor(){this.dbPromise=function(e,t,{blocked:i,upgrade:r,blocking:o,terminated:s}={}){const a=indexedDB.open(e,t),n=te(a);return r&&a.addEventListener("upgradeneeded",(e=>{r(te(a.result),e.oldVersion,e.newVersion,te(a.transaction),e)})),i&&a.addEventListener("blocked",(e=>i(e.oldVersion,e.newVersion,e))),n.then((e=>{s&&e.addEventListener("close",(()=>s())),o&&e.addEventListener("versionchange",(e=>o(e.oldVersion,e.newVersion,e)))})).catch((()=>{})),n}("OfflineCacheDB",1,{upgrade(e){e.objectStoreNames.contains("documents")||e.createObjectStore("documents",{keyPath:"url"}).createIndex("url-revision",["url","revision"])}})}async clear(){return(await this.dbPromise).clear("documents")}async get(e){const t=await this.dbPromise;return await t.get("documents",e)}async put(e){const t=await this.dbPromise;await t.getFromIndex("documents","url-revision",[e.url,e.revision])||await t.put("documents",e)}}class me{isOnline(){return navigator.onLine}}const be=(e,t)=>new S({session:e,offlineCache:t.offlineCache?new fe:new D,onlineStatus:new me});var ye="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};function ge(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}var ve=crypto;const we=e=>e instanceof CryptoKey;const xe=new TextEncoder,ke=new TextDecoder;function Se(...e){const t=e.reduce(((e,{length:t})=>e+t),0),i=new Uint8Array(t);let r=0;for(const t of e)i.set(t,r),r+=t.length;return i}const De=e=>(e=>{let t=e;"string"==typeof t&&(t=xe.encode(t));const i=[];for(let e=0;e<t.length;e+=32768)i.push(String.fromCharCode.apply(null,t.subarray(e,e+32768)));return btoa(i.join(""))})(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"),Ie=e=>{let t=e;t instanceof Uint8Array&&(t=ke.decode(t)),t=t.replace(/-/g,"+").replace(/_/g,"/").replace(/\s/g,"");try{return(e=>{const t=atob(e),i=new Uint8Array(t.length);for(let e=0;e<t.length;e++)i[e]=t.charCodeAt(e);return i})(t)}catch{throw new TypeError("The input to be decoded is not correctly encoded.")}};class Ce extends Error{constructor(e,t){super(e,t),this.code="ERR_JOSE_GENERIC",this.name=this.constructor.name,Error.captureStackTrace?.(this,this.constructor)}}Ce.code="ERR_JOSE_GENERIC";class Be extends Ce{constructor(e,t,i="unspecified",r="unspecified"){super(e,{cause:{claim:i,reason:r,payload:t}}),this.code="ERR_JWT_CLAIM_VALIDATION_FAILED",this.claim=i,this.reason=r,this.payload=t}}Be.code="ERR_JWT_CLAIM_VALIDATION_FAILED";class Pe extends Ce{constructor(e,t,i="unspecified",r="unspecified"){super(e,{cause:{claim:i,reason:r,payload:t}}),this.code="ERR_JWT_EXPIRED",this.claim=i,this.reason=r,this.payload=t}}Pe.code="ERR_JWT_EXPIRED";class ze extends Ce{constructor(){super(...arguments),this.code="ERR_JOSE_ALG_NOT_ALLOWED"}}ze.code="ERR_JOSE_ALG_NOT_ALLOWED";class Fe extends Ce{constructor(){super(...arguments),this.code="ERR_JOSE_NOT_SUPPORTED"}}Fe.code="ERR_JOSE_NOT_SUPPORTED",class extends Ce{constructor(e="decryption operation failed",t){super(e,t),this.code="ERR_JWE_DECRYPTION_FAILED"}}.code="ERR_JWE_DECRYPTION_FAILED",class extends Ce{constructor(){super(...arguments),this.code="ERR_JWE_INVALID"}}.code="ERR_JWE_INVALID";class Te extends Ce{constructor(){super(...arguments),this.code="ERR_JWS_INVALID"}}Te.code="ERR_JWS_INVALID";class Ae extends Ce{constructor(){super(...arguments),this.code="ERR_JWT_INVALID"}}Ae.code="ERR_JWT_INVALID";class Ee extends Ce{constructor(){super(...arguments),this.code="ERR_JWK_INVALID"}}Ee.code="ERR_JWK_INVALID";class _e extends Ce{constructor(){super(...arguments),this.code="ERR_JWKS_INVALID"}}_e.code="ERR_JWKS_INVALID";class Me extends Ce{constructor(e="no applicable key found in the JSON Web Key Set",t){super(e,t),this.code="ERR_JWKS_NO_MATCHING_KEY"}}Me.code="ERR_JWKS_NO_MATCHING_KEY";class Re extends Ce{constructor(e="multiple matching keys found in the JSON Web Key Set",t){super(e,t),this.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS"}}Re.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS";class Ne extends Ce{constructor(e="request timed out",t){super(e,t),this.code="ERR_JWKS_TIMEOUT"}}Ne.code="ERR_JWKS_TIMEOUT";class Ue extends Ce{constructor(e="signature verification failed",t){super(e,t),this.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED"}}function Oe(e,t="algorithm.name"){return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`)}function $e(e,t){return e.name===t}function je(e){return parseInt(e.name.slice(4),10)}function We(e,t,...i){if((i=i.filter(Boolean)).length>2){const t=i.pop();e+=`one of type ${i.join(", ")}, or ${t}.`}else e+=2===i.length?`one of type ${i[0]} or ${i[1]}.`:`of type ${i[0]}.`;return null==t?e+=` Received ${t}`:"function"==typeof t&&t.name?e+=` Received function ${t.name}`:"object"==typeof t&&null!=t&&t.constructor?.name&&(e+=` Received an instance of ${t.constructor.name}`),e}Ue.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED";var Le=(e,...t)=>We("Key must be ",e,...t);function He(e,t,...i){return We(`Key for the ${e} algorithm must be `,t,...i)}var Ve=e=>!!we(e)||"KeyObject"===e?.[Symbol.toStringTag];const Je=["CryptoKey"];var Ke=(...e)=>{const t=e.filter(Boolean);if(0===t.length||1===t.length)return!0;let i;for(const e of t){const t=Object.keys(e);if(i&&0!==i.size)for(const e of t){if(i.has(e))return!1;i.add(e)}else i=new Set(t)}return!0};function qe(e){if("object"!=typeof(t=e)||null===t||"[object Object]"!==Object.prototype.toString.call(e))return!1;var t;if(null===Object.getPrototypeOf(e))return!0;let i=e;for(;null!==Object.getPrototypeOf(i);)i=Object.getPrototypeOf(i);return Object.getPrototypeOf(e)===i}var Ge=(e,t)=>{if(e.startsWith("RS")||e.startsWith("PS")){const{modulusLength:i}=t.algorithm;if("number"!=typeof i||i<2048)throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`)}};function Xe(e){return qe(e)&&"string"==typeof e.kty}var Ye=async e=>{if(!e.alg)throw new TypeError('"alg" argument is required when "jwk.alg" is not present');const{algorithm:t,keyUsages:i}=function(e){let t,i;switch(e.kty){case"RSA":switch(e.alg){case"PS256":case"PS384":case"PS512":t={name:"RSA-PSS",hash:`SHA-${e.alg.slice(-3)}`},i=e.d?["sign"]:["verify"];break;case"RS256":case"RS384":case"RS512":t={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.alg.slice(-3)}`},i=e.d?["sign"]:["verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":t={name:"RSA-OAEP",hash:`SHA-${parseInt(e.alg.slice(-3),10)||1}`},i=e.d?["decrypt","unwrapKey"]:["encrypt","wrapKey"];break;default:throw new Fe('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;case"EC":switch(e.alg){case"ES256":t={name:"ECDSA",namedCurve:"P-256"},i=e.d?["sign"]:["verify"];break;case"ES384":t={name:"ECDSA",namedCurve:"P-384"},i=e.d?["sign"]:["verify"];break;case"ES512":t={name:"ECDSA",namedCurve:"P-521"},i=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:"ECDH",namedCurve:e.crv},i=e.d?["deriveBits"]:[];break;default:throw new Fe('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;case"OKP":switch(e.alg){case"Ed25519":t={name:"Ed25519"},i=e.d?["sign"]:["verify"];break;case"EdDSA":t={name:e.crv},i=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:e.crv},i=e.d?["deriveBits"]:[];break;default:throw new Fe('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;default:throw new Fe('Invalid or unsupported JWK "kty" (Key Type) Parameter value')}return{algorithm:t,keyUsages:i}}(e),r=[t,e.ext??!1,e.key_ops??i],o={...e};return delete o.alg,delete o.use,ve.subtle.importKey("jwk",o,...r)};const Ze=e=>Ie(e);let Qe,et;const tt=e=>"KeyObject"===e?.[Symbol.toStringTag],it=async(e,t,i,r,o=!1)=>{let s=e.get(t);if(s?.[r])return s[r];const a=await Ye({...i,alg:r});return o&&Object.freeze(t),s?s[r]=a:e.set(t,{[r]:a}),a};async function rt(e,t){if(!qe(e))throw new TypeError("JWK must be an object");switch(t||(t=e.alg),e.kty){case"oct":if("string"!=typeof e.k||!e.k)throw new TypeError('missing "k" (Key Value) Parameter value');return Ie(e.k);case"RSA":if("oth"in e&&void 0!==e.oth)throw new Fe('RSA JWK "oth" (Other Primes Info) Parameter value is not supported');case"EC":case"OKP":return Ye({...e,alg:t});default:throw new Fe('Unsupported "kty" (Key Type) Parameter value')}}const ot=e=>e?.[Symbol.toStringTag],st=(e,t,i)=>{if(void 0!==t.use&&"sig"!==t.use)throw new TypeError("Invalid key for this operation, when present its use must be sig");if(void 0!==t.key_ops&&!0!==t.key_ops.includes?.(i))throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${i}`);if(void 0!==t.alg&&t.alg!==e)throw new TypeError(`Invalid key for this operation, when present its alg must be ${e}`);return!0};function at(e,t,i,r){t.startsWith("HS")||"dir"===t||t.startsWith("PBES2")||/^A\d{3}(?:GCM)?KW$/.test(t)?((e,t,i,r)=>{if(!(t instanceof Uint8Array)){if(r&&Xe(t)){if(function(e){return Xe(e)&&"oct"===e.kty&&"string"==typeof e.k}(t)&&st(e,t,i))return;throw new TypeError('JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present')}if(!Ve(t))throw new TypeError(He(e,t,...Je,"Uint8Array",r?"JSON Web Key":null));if("secret"!==t.type)throw new TypeError(`${ot(t)} instances for symmetric algorithms must be of type "secret"`)}})(t,i,r,e):((e,t,i,r)=>{if(r&&Xe(t))switch(i){case"sign":if(function(e){return"oct"!==e.kty&&"string"==typeof e.d}(t)&&st(e,t,i))return;throw new TypeError("JSON Web Key for this operation be a private JWK");case"verify":if(function(e){return"oct"!==e.kty&&void 0===e.d}(t)&&st(e,t,i))return;throw new TypeError("JSON Web Key for this operation be a public JWK")}if(!Ve(t))throw new TypeError(He(e,t,...Je,r?"JSON Web Key":null));if("secret"===t.type)throw new TypeError(`${ot(t)} instances for asymmetric algorithms must not be of type "secret"`);if("sign"===i&&"public"===t.type)throw new TypeError(`${ot(t)} instances for asymmetric algorithm signing must be of type "private"`);if("decrypt"===i&&"public"===t.type)throw new TypeError(`${ot(t)} instances for asymmetric algorithm decryption must be of type "private"`);if(t.algorithm&&"verify"===i&&"private"===t.type)throw new TypeError(`${ot(t)} instances for asymmetric algorithm verifying must be of type "public"`);if(t.algorithm&&"encrypt"===i&&"private"===t.type)throw new TypeError(`${ot(t)} instances for asymmetric algorithm encryption must be of type "public"`)})(t,i,r,e)}at.bind(void 0,!1);const nt=at.bind(void 0,!0);function lt(e,t,i,r,o){if(void 0!==o.crit&&void 0===r?.crit)throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');if(!r||void 0===r.crit)return new Set;if(!Array.isArray(r.crit)||0===r.crit.length||r.crit.some((e=>"string"!=typeof e||0===e.length)))throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');let s;s=void 0!==i?new Map([...Object.entries(i),...t.entries()]):t;for(const t of r.crit){if(!s.has(t))throw new Fe(`Extension Header Parameter "${t}" is not recognized`);if(void 0===o[t])throw new e(`Extension Header Parameter "${t}" is missing`);if(s.get(t)&&void 0===r[t])throw new e(`Extension Header Parameter "${t}" MUST be integrity protected`)}return new Set(r.crit)}async function dt(e){return(async e=>{if(e instanceof Uint8Array)return{kty:"oct",k:De(e)};if(!we(e))throw new TypeError(Le(e,...Je,"Uint8Array"));if(!e.extractable)throw new TypeError("non-extractable CryptoKey cannot be exported as a JWK");const{ext:t,key_ops:i,alg:r,use:o,...s}=await ve.subtle.exportKey("jwk",e);return s})(e)}function pt(e,t){const i=`SHA-${e.slice(-3)}`;switch(e){case"HS256":case"HS384":case"HS512":return{hash:i,name:"HMAC"};case"PS256":case"PS384":case"PS512":return{hash:i,name:"RSA-PSS",saltLength:e.slice(-3)>>3};case"RS256":case"RS384":case"RS512":return{hash:i,name:"RSASSA-PKCS1-v1_5"};case"ES256":case"ES384":case"ES512":return{hash:i,name:"ECDSA",namedCurve:t.namedCurve};case"Ed25519":return{name:"Ed25519"};case"EdDSA":return{name:t.name};default:throw new Fe(`alg ${e} is not supported either by JOSE or your javascript runtime`)}}async function ht(e,t,i){if("sign"===i&&(t=await((e,t)=>{if(tt(e)){let i=e.export({format:"jwk"});return i.k?Ze(i.k):(Qe||(Qe=new WeakMap),it(Qe,e,i,t))}return Xe(e)?e.k?Ie(e.k):(Qe||(Qe=new WeakMap),it(Qe,e,e,t,!0)):e})(t,e)),"verify"===i&&(t=await((e,t)=>{if(tt(e)){let i=e.export({format:"jwk"});return delete i.d,delete i.dp,delete i.dq,delete i.p,delete i.q,delete i.qi,i.k?Ze(i.k):(et||(et=new WeakMap),it(et,e,i,t))}return Xe(e)?e.k?Ie(e.k):(et||(et=new WeakMap),it(et,e,e,t,!0)):e})(t,e)),we(t))return function(e,t,...i){switch(t){case"HS256":case"HS384":case"HS512":{if(!$e(e.algorithm,"HMAC"))throw Oe("HMAC");const i=parseInt(t.slice(2),10);if(je(e.algorithm.hash)!==i)throw Oe(`SHA-${i}`,"algorithm.hash");break}case"RS256":case"RS384":case"RS512":{if(!$e(e.algorithm,"RSASSA-PKCS1-v1_5"))throw Oe("RSASSA-PKCS1-v1_5");const i=parseInt(t.slice(2),10);if(je(e.algorithm.hash)!==i)throw Oe(`SHA-${i}`,"algorithm.hash");break}case"PS256":case"PS384":case"PS512":{if(!$e(e.algorithm,"RSA-PSS"))throw Oe("RSA-PSS");const i=parseInt(t.slice(2),10);if(je(e.algorithm.hash)!==i)throw Oe(`SHA-${i}`,"algorithm.hash");break}case"EdDSA":if("Ed25519"!==e.algorithm.name&&"Ed448"!==e.algorithm.name)throw Oe("Ed25519 or Ed448");break;case"Ed25519":if(!$e(e.algorithm,"Ed25519"))throw Oe("Ed25519");break;case"ES256":case"ES384":case"ES512":{if(!$e(e.algorithm,"ECDSA"))throw Oe("ECDSA");const i=function(e){switch(e){case"ES256":return"P-256";case"ES384":return"P-384";case"ES512":return"P-521";default:throw new Error("unreachable")}}(t);if(e.algorithm.namedCurve!==i)throw Oe(i,"algorithm.namedCurve");break}default:throw new TypeError("CryptoKey does not support this operation")}!function(e,t){if(t.length&&!t.some((t=>e.usages.includes(t)))){let e="CryptoKey does not support this operation, its usages must include ";if(t.length>2){const i=t.pop();e+=`one of ${t.join(", ")}, or ${i}.`}else e+=2===t.length?`one of ${t[0]} or ${t[1]}.`:`${t[0]}.`;throw new TypeError(e)}}(e,i)}(t,e,i),t;if(t instanceof Uint8Array){if(!e.startsWith("HS"))throw new TypeError(Le(t,...Je));return ve.subtle.importKey("raw",t,{hash:`SHA-${e.slice(-3)}`,name:"HMAC"},!1,[i])}throw new TypeError(Le(t,...Je,"Uint8Array","JSON Web Key"))}async function ct(e,t,i){if(e instanceof Uint8Array&&(e=ke.decode(e)),"string"!=typeof e)throw new Te("Compact JWS must be a string or Uint8Array");const{0:r,1:o,2:s,length:a}=e.split(".");if(3!==a)throw new Te("Invalid Compact JWS");const n=await async function(e,t,i){if(!qe(e))throw new Te("Flattened JWS must be an object");if(void 0===e.protected&&void 0===e.header)throw new Te('Flattened JWS must have either of the "protected" or "header" members');if(void 0!==e.protected&&"string"!=typeof e.protected)throw new Te("JWS Protected Header incorrect type");if(void 0===e.payload)throw new Te("JWS Payload missing");if("string"!=typeof e.signature)throw new Te("JWS Signature missing or incorrect type");if(void 0!==e.header&&!qe(e.header))throw new Te("JWS Unprotected Header incorrect type");let r={};if(e.protected)try{const t=Ie(e.protected);r=JSON.parse(ke.decode(t))}catch{throw new Te("JWS Protected Header is invalid")}if(!Ke(r,e.header))throw new Te("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const o={...r,...e.header};let s=!0;if(lt(Te,new Map([["b64",!0]]),i?.crit,r,o).has("b64")&&(s=r.b64,"boolean"!=typeof s))throw new Te('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:a}=o;if("string"!=typeof a||!a)throw new Te('JWS "alg" (Algorithm) Header Parameter missing or invalid');const n=i&&((e,t)=>{if(void 0!==t&&(!Array.isArray(t)||t.some((e=>"string"!=typeof e))))throw new TypeError(`"${e}" option must be an array of strings`);if(t)return new Set(t)})("algorithms",i.algorithms);if(n&&!n.has(a))throw new ze('"alg" (Algorithm) Header Parameter value not allowed');if(s){if("string"!=typeof e.payload)throw new Te("JWS Payload must be a string")}else if("string"!=typeof e.payload&&!(e.payload instanceof Uint8Array))throw new Te("JWS Payload must be a string or an Uint8Array instance");let l=!1;"function"==typeof t?(t=await t(r,e),l=!0,nt(a,t,"verify"),Xe(t)&&(t=await rt(t,a))):nt(a,t,"verify");const d=Se(xe.encode(e.protected??""),xe.encode("."),"string"==typeof e.payload?xe.encode(e.payload):e.payload);let p,h;try{p=Ie(e.signature)}catch{throw new Te("Failed to base64url decode the signature")}if(!await(async(e,t,i,r)=>{const o=await ht(e,t,"verify");Ge(e,o);const s=pt(e,o.algorithm);try{return await ve.subtle.verify(s,o,i,r)}catch{return!1}})(a,t,p,d))throw new Ue;if(s)try{h=Ie(e.payload)}catch{throw new Te("Failed to base64url decode the payload")}else h="string"==typeof e.payload?xe.encode(e.payload):e.payload;const c={payload:h};return void 0!==e.protected&&(c.protectedHeader=r),void 0!==e.header&&(c.unprotectedHeader=e.header),l?{...c,key:t}:c}({payload:o,protected:r,signature:s},t,i),l={payload:n.payload,protectedHeader:n.protectedHeader};return"function"==typeof t?{...l,key:n.key}:l}var ut=e=>Math.floor(e.getTime()/1e3);const ft=/^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i;var mt=e=>{const t=ft.exec(e);if(!t||t[4]&&t[1])throw new TypeError("Invalid time period format");const i=parseFloat(t[2]);let r;switch(t[3].toLowerCase()){case"sec":case"secs":case"second":case"seconds":case"s":r=Math.round(i);break;case"minute":case"minutes":case"min":case"mins":case"m":r=Math.round(60*i);break;case"hour":case"hours":case"hr":case"hrs":case"h":r=Math.round(3600*i);break;case"day":case"days":case"d":r=Math.round(86400*i);break;case"week":case"weeks":case"w":r=Math.round(604800*i);break;default:r=Math.round(31557600*i)}return"-"===t[1]||"ago"===t[4]?-r:r};const bt=e=>e.toLowerCase().replace(/^application\//,"");var yt=(e,t,i={})=>{let r;try{r=JSON.parse(ke.decode(t))}catch{}if(!qe(r))throw new Ae("JWT Claims Set must be a top-level JSON object");const{typ:o}=i;if(o&&("string"!=typeof e.typ||bt(e.typ)!==bt(o)))throw new Be('unexpected "typ" JWT header value',r,"typ","check_failed");const{requiredClaims:s=[],issuer:a,subject:n,audience:l,maxTokenAge:d}=i,p=[...s];void 0!==d&&p.push("iat"),void 0!==l&&p.push("aud"),void 0!==n&&p.push("sub"),void 0!==a&&p.push("iss");for(const e of new Set(p.reverse()))if(!(e in r))throw new Be(`missing required "${e}" claim`,r,e,"missing");if(a&&!(Array.isArray(a)?a:[a]).includes(r.iss))throw new Be('unexpected "iss" claim value',r,"iss","check_failed");if(n&&r.sub!==n)throw new Be('unexpected "sub" claim value',r,"sub","check_failed");if(l&&(c="string"==typeof l?[l]:l,!("string"==typeof(h=r.aud)?c.includes(h):Array.isArray(h)&&c.some(Set.prototype.has.bind(new Set(h))))))throw new Be('unexpected "aud" claim value',r,"aud","check_failed");var h,c;let u;switch(typeof i.clockTolerance){case"string":u=mt(i.clockTolerance);break;case"number":u=i.clockTolerance;break;case"undefined":u=0;break;default:throw new TypeError("Invalid clockTolerance option type")}const{currentDate:f}=i,m=ut(f||new Date);if((void 0!==r.iat||d)&&"number"!=typeof r.iat)throw new Be('"iat" claim must be a number',r,"iat","invalid");if(void 0!==r.nbf){if("number"!=typeof r.nbf)throw new Be('"nbf" claim must be a number',r,"nbf","invalid");if(r.nbf>m+u)throw new Be('"nbf" claim timestamp check failed',r,"nbf","check_failed")}if(void 0!==r.exp){if("number"!=typeof r.exp)throw new Be('"exp" claim must be a number',r,"exp","invalid");if(r.exp<=m-u)throw new Pe('"exp" claim timestamp check failed',r,"exp","check_failed")}if(d){const e=m-r.iat;if(e-u>("number"==typeof d?d:mt(d)))throw new Pe('"iat" claim timestamp check failed (too far in the past)',r,"iat","check_failed");if(e<0-u)throw new Be('"iat" claim timestamp check failed (it should be in the past)',r,"iat","check_failed")}return r};async function gt(e,t,i){const r=await ct(e,t,i);if(r.protectedHeader.crit?.includes("b64")&&!1===r.protectedHeader.b64)throw new Ae("JWTs MUST NOT use unencoded payload");const o={payload:yt(r.protectedHeader,r.payload,i),protectedHeader:r.protectedHeader};return"function"==typeof t?{...o,key:r.key}:o}class vt{constructor(e){if(!(e instanceof Uint8Array))throw new TypeError("payload must be an instance of Uint8Array");this._payload=e}setProtectedHeader(e){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=e,this}setUnprotectedHeader(e){if(this._unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this._unprotectedHeader=e,this}async sign(e,t){if(!this._protectedHeader&&!this._unprotectedHeader)throw new Te("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");if(!Ke(this._protectedHeader,this._unprotectedHeader))throw new Te("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const i={...this._protectedHeader,...this._unprotectedHeader};let r=!0;if(lt(Te,new Map([["b64",!0]]),t?.crit,this._protectedHeader,i).has("b64")&&(r=this._protectedHeader.b64,"boolean"!=typeof r))throw new Te('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:o}=i;if("string"!=typeof o||!o)throw new Te('JWS "alg" (Algorithm) Header Parameter missing or invalid');nt(o,e,"sign");let s,a=this._payload;r&&(a=xe.encode(De(a))),s=xe.encode(this._protectedHeader?De(JSON.stringify(this._protectedHeader)):"");const n=Se(s,xe.encode("."),a),l=await(async(e,t,i)=>{const r=await ht(e,t,"sign");Ge(e,r);const o=await ve.subtle.sign(pt(e,r.algorithm),r,i);return new Uint8Array(o)})(o,e,n),d={signature:De(l),payload:""};return r&&(d.payload=ke.decode(a)),this._unprotectedHeader&&(d.header=this._unprotectedHeader),this._protectedHeader&&(d.protected=ke.decode(s)),d}}class wt{constructor(e){this._flattened=new vt(e)}setProtectedHeader(e){return this._flattened.setProtectedHeader(e),this}async sign(e,t){const i=await this._flattened.sign(e,t);if(void 0===i.payload)throw new TypeError("use the flattened module for creating JWS with b64: false");return`${i.protected}.${i.payload}.${i.signature}`}}function xt(e,t){if(!Number.isFinite(t))throw new TypeError(`Invalid ${e} input`);return t}class kt{constructor(e={}){if(!qe(e))throw new TypeError("JWT Claims Set MUST be an object");this._payload=e}setIssuer(e){return this._payload={...this._payload,iss:e},this}setSubject(e){return this._payload={...this._payload,sub:e},this}setAudience(e){return this._payload={...this._payload,aud:e},this}setJti(e){return this._payload={...this._payload,jti:e},this}setNotBefore(e){return this._payload="number"==typeof e?{...this._payload,nbf:xt("setNotBefore",e)}:e instanceof Date?{...this._payload,nbf:xt("setNotBefore",ut(e))}:{...this._payload,nbf:ut(new Date)+mt(e)},this}setExpirationTime(e){return this._payload="number"==typeof e?{...this._payload,exp:xt("setExpirationTime",e)}:e instanceof Date?{...this._payload,exp:xt("setExpirationTime",ut(e))}:{...this._payload,exp:ut(new Date)+mt(e)},this}setIssuedAt(e){return this._payload=void 0===e?{...this._payload,iat:ut(new Date)}:e instanceof Date?{...this._payload,iat:xt("setIssuedAt",ut(e))}:"string"==typeof e?{...this._payload,iat:xt("setIssuedAt",ut(new Date)+mt(e))}:{...this._payload,iat:xt("setIssuedAt",e)},this}}class St extends kt{setProtectedHeader(e){return this._protectedHeader=e,this}async sign(e,t){const i=new wt(xe.encode(JSON.stringify(this._payload)));if(i.setProtectedHeader(this._protectedHeader),Array.isArray(this._protectedHeader?.crit)&&this._protectedHeader.crit.includes("b64")&&!1===this._protectedHeader.b64)throw new Ae("JWTs MUST NOT use unencoded payload");return i.sign(e,t)}}const Dt=(e,t)=>{if("string"!=typeof e||!e)throw new Ee(`${t} missing or invalid`)};async function It(e,t){if(!qe(e))throw new TypeError("JWK must be an object");if(t??(t="sha256"),"sha256"!==t&&"sha384"!==t&&"sha512"!==t)throw new TypeError('digestAlgorithm must one of "sha256", "sha384", or "sha512"');let i;switch(e.kty){case"EC":Dt(e.crv,'"crv" (Curve) Parameter'),Dt(e.x,'"x" (X Coordinate) Parameter'),Dt(e.y,'"y" (Y Coordinate) Parameter'),i={crv:e.crv,kty:e.kty,x:e.x,y:e.y};break;case"OKP":Dt(e.crv,'"crv" (Subtype of Key Pair) Parameter'),Dt(e.x,'"x" (Public Key) Parameter'),i={crv:e.crv,kty:e.kty,x:e.x};break;case"RSA":Dt(e.e,'"e" (Exponent) Parameter'),Dt(e.n,'"n" (Modulus) Parameter'),i={e:e.e,kty:e.kty,n:e.n};break;case"oct":Dt(e.k,'"k" (Key Value) Parameter'),i={k:e.k,kty:e.kty};break;default:throw new Fe('"kty" (Key Type) Parameter missing or unsupported')}const r=xe.encode(JSON.stringify(i));return De(await(async(e,t)=>{const i=`SHA-${e.slice(-3)}`;return new Uint8Array(await ve.subtle.digest(i,t))})(t,r))}function Ct(e){return qe(e)}function Bt(e){return"function"==typeof structuredClone?structuredClone(e):JSON.parse(JSON.stringify(e))}class Pt{constructor(e){if(this._cached=new WeakMap,!function(e){return e&&"object"==typeof e&&Array.isArray(e.keys)&&e.keys.every(Ct)}(e))throw new _e("JSON Web Key Set malformed");this._jwks=Bt(e)}async getKey(e,t){const{alg:i,kid:r}={...e,...t?.header},o=function(e){switch("string"==typeof e&&e.slice(0,2)){case"RS":case"PS":return"RSA";case"ES":return"EC";case"Ed":return"OKP";default:throw new Fe('Unsupported "alg" value for a JSON Web Key Set')}}(i),s=this._jwks.keys.filter((e=>{let t=o===e.kty;if(t&&"string"==typeof r&&(t=r===e.kid),t&&"string"==typeof e.alg&&(t=i===e.alg),t&&"string"==typeof e.use&&(t="sig"===e.use),t&&Array.isArray(e.key_ops)&&(t=e.key_ops.includes("verify")),t)switch(i){case"ES256":t="P-256"===e.crv;break;case"ES256K":t="secp256k1"===e.crv;break;case"ES384":t="P-384"===e.crv;break;case"ES512":t="P-521"===e.crv;break;case"Ed25519":t="Ed25519"===e.crv;break;case"EdDSA":t="Ed25519"===e.crv||"Ed448"===e.crv}return t})),{0:a,length:n}=s;if(0===n)throw new Me;if(1!==n){const e=new Re,{_cached:t}=this;throw e[Symbol.asyncIterator]=async function*(){for(const e of s)try{yield await zt(t,e,i)}catch{}},e}return zt(this._cached,a,i)}}async function zt(e,t,i){const r=e.get(t)||e.set(t,{}).get(t);if(void 0===r[i]){const e=await rt({...t,ext:!0},i);if(e instanceof Uint8Array||"public"!==e.type)throw new _e("JSON Web Key Set members must be public keys");r[i]=e}return r[i]}function Ft(e){const t=new Pt(e),i=async(e,i)=>t.getKey(e,i);return Object.defineProperties(i,{jwks:{value:()=>Bt(t._jwks),enumerable:!0,configurable:!1,writable:!1}}),i}let Tt;"undefined"!=typeof navigator&&navigator.userAgent?.startsWith?.("Mozilla/5.0 ")||(Tt="jose/v5.10.0");const At=Symbol();class Et{constructor(e,t){if(!(e instanceof URL))throw new TypeError("url must be an instance of URL");var i,r;this._url=new URL(e.href),this._options={agent:t?.agent,headers:t?.headers},this._timeoutDuration="number"==typeof t?.timeoutDuration?t?.timeoutDuration:5e3,this._cooldownDuration="number"==typeof t?.cooldownDuration?t?.cooldownDuration:3e4,this._cacheMaxAge="number"==typeof t?.cacheMaxAge?t?.cacheMaxAge:6e5,void 0!==t?.[At]&&(this._cache=t?.[At],i=t?.[At],r=this._cacheMaxAge,"object"==typeof i&&null!==i&&"uat"in i&&"number"==typeof i.uat&&!(Date.now()-i.uat>=r)&&"jwks"in i&&qe(i.jwks)&&Array.isArray(i.jwks.keys)&&Array.prototype.every.call(i.jwks.keys,qe)&&(this._jwksTimestamp=this._cache.uat,this._local=Ft(this._cache.jwks)))}coolingDown(){return"number"==typeof this._jwksTimestamp&&Date.now()<this._jwksTimestamp+this._cooldownDuration}fresh(){return"number"==typeof this._jwksTimestamp&&Date.now()<this._jwksTimestamp+this._cacheMaxAge}async getKey(e,t){this._local&&this.fresh()||await this.reload();try{return await this._local(e,t)}catch(i){if(i instanceof Me&&!1===this.coolingDown())return await this.reload(),this._local(e,t);throw i}}async reload(){this._pendingFetch&&("undefined"!=typeof WebSocketPair||"undefined"!=typeof navigator&&"Cloudflare-Workers"===navigator.userAgent||"undefined"!=typeof EdgeRuntime&&"vercel"===EdgeRuntime)&&(this._pendingFetch=void 0);const e=new Headers(this._options.headers);Tt&&!e.has("User-Agent")&&(e.set("User-Agent",Tt),this._options.headers=Object.fromEntries(e.entries())),this._pendingFetch||(this._pendingFetch=(async(e,t,i)=>{let r,o,s=!1;"function"==typeof AbortController&&(r=new AbortController,o=setTimeout((()=>{s=!0,r.abort()}),t));const a=await fetch(e.href,{signal:r?r.signal:void 0,redirect:"manual",headers:i.headers}).catch((e=>{if(s)throw new Ne;throw e}));if(void 0!==o&&clearTimeout(o),200!==a.status)throw new Ce("Expected 200 OK from the JSON Web Key Set HTTP response");try{return await a.json()}catch{throw new Ce("Failed to parse the JSON Web Key Set HTTP response as JSON")}})(this._url,this._timeoutDuration,this._options).then((e=>{this._local=Ft(e),this._cache&&(this._cache.uat=Date.now(),this._cache.jwks=e),this._jwksTimestamp=Date.now(),this._pendingFetch=void 0})).catch((e=>{throw this._pendingFetch=void 0,e}))),await this._pendingFetch}}function _t(e,t){const i=new Et(e,t),r=async(e,t)=>i.getKey(e,t);return Object.defineProperties(r,{coolingDown:{get:()=>i.coolingDown(),enumerable:!0,configurable:!1},fresh:{get:()=>i.fresh(),enumerable:!0,configurable:!1},reload:{value:()=>i.reload(),enumerable:!0,configurable:!1,writable:!1},reloading:{get:()=>!!i._pendingFetch,enumerable:!0,configurable:!1},jwks:{value:()=>i._local?.jwks(),enumerable:!0,configurable:!1,writable:!1}}),r}const Mt=Ie;function Rt(e){const t=e?.modulusLength??2048;if("number"!=typeof t||t<2048)throw new Fe("Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used");return t}class Nt{dbName;storeName;dbVersion;db=null;constructor(e="soidc",t="session",i=1){this.dbName=e,this.storeName=t,this.dbVersion=i}async init(){return new Promise(((e,t)=>{const i=indexedDB.open(this.dbName,this.dbVersion);i.onerror=e=>{t(new Error(`Database error: ${e.target.error}`))},i.onsuccess=t=>{this.db=t.target.result,e(this)},i.onupgradeneeded=e=>{const t=e.target.result;t.objectStoreNames.contains(this.storeName)||t.createObjectStore(this.storeName)}}))}async setItem(e,t){return this.db||await this.init(),new Promise(((i,r)=>{const o=this.db.transaction(this.storeName,"readwrite");o.oncomplete=()=>{i()},o.onerror=t=>{r(new Error(`Transaction error for setItem(${e},...): ${t.target.error}`))},o.onabort=t=>{r(new Error(`Transaction aborted for setItem(${e},...): ${t.target.error}`))},o.objectStore(this.storeName).put(t,e)}))}async getItem(e){return this.db||await this.init(),new Promise(((t,i)=>{const r=this.db.transaction(this.storeName,"readonly");r.onerror=t=>{i(new Error(`Transaction error for getItem(${e}): ${t.target.error}`))},r.onabort=t=>{i(new Error(`Transaction aborted for getItem(${e}): ${t.target.error}`))};const o=r.objectStore(this.storeName).get(e);o.onsuccess=()=>{t(o.result||null)}}))}async deleteItem(e){return this.db||await this.init(),new Promise(((t,i)=>{const r=this.db.transaction(this.storeName,"readwrite");r.oncomplete=()=>{t()},r.onerror=t=>{i(new Error(`Transaction error for deleteItem(${e}): ${t.target.error}`))},r.onabort=t=>{i(new Error(`Transaction aborted for deleteItem(${e}): ${t.target.error}`))},r.objectStore(this.storeName).delete(e)}))}async clear(){return this.db||await this.init(),new Promise(((e,t)=>{const i=this.db.transaction(this.storeName,"readwrite");i.oncomplete=()=>{e()},i.onerror=e=>{t(new Error(`Transaction error for clear(): ${e.target.error}`))},i.onabort=e=>{t(new Error(`Transaction aborted for clear(): ${e.target.error}`))},i.objectStore(this.storeName).clear()}))}close(){this.db&&(this.db.close(),this.db=null)}}const Ut=async()=>{const e=window.crypto.randomUUID()+"-"+window.crypto.randomUUID(),t=new Uint8Array(await window.crypto.subtle.digest("SHA-256",(new TextEncoder).encode(e)));return{pkce_code_verifier:e,pkce_code_challenge:btoa(String.fromCharCode(...t)).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}},Ot=async()=>{const e=await(new Nt).init(),t=await e.getItem("client_id"),i=await e.getItem("token_endpoint"),r=await e.getItem("dpop_keypair"),o=await e.getItem("refresh_token");if(null===t||null===i||null===r||null===o)throw new Error("Could not refresh tokens: details missing from database.");const s=await $t(o,t,i,r).then((e=>{if(!e.ok)throw new Error(`HTTP error! Status: ${e.status}`);return e.json()})),a=s.access_token,n=await e.getItem("idp");if(null===n)throw new Error("Access Token validation preparation - Could not find in sessionDatabase: idp");const l=await e.getItem("jwks_uri");if(null===l)throw new Error("Access Token validation preparation - Could not find in sessionDatabase: jwks_uri");const d=_t(new URL(l)),{payload:p}=await gt(a,d,{issuer:n,audience:"solid"}),h=await It(await dt(r.publicKey));if(p.cnf.jkt!=h)throw new Error("Access Token validation failed on `jkt`: jkt != DPoP thumbprint - "+p.cnf.jkt+" != "+h);if(p.client_id!=t)throw new Error("Access Token validation failed on `client_id`: JWT payload != client_id - "+p.client_id+" != "+t);return await e.setItem("refresh_token",s.refresh_token),e.close(),{...s,dpop_key_pair:r}},$t=async(e,t,i,r)=>{const o=await dt(r.publicKey);o.alg="ES256";const s=await new St({htu:i,htm:"POST"}).setIssuedAt().setJti(window.crypto.randomUUID()).setProtectedHeader({alg:"ES256",typ:"dpop+jwt",jwk:o}).sign(r.privateKey);return fetch(i,{method:"POST",headers:{dpop:s,"Content-Type":"application/x-www-form-urlencoded"},body:new URLSearchParams({grant_type:"refresh_token",refresh_token:e,client_id:t})})};class jt{sessionInformation;isActive_=!1;webId_=void 0;currentAth_=void 0;tokenRefreshTimeout;sessionDeactivateTimeout;onSessionExpirationWarning;constructor(e,t){this.sessionInformation={clientDetails:e},this.onSessionExpirationWarning=t?.onSessionExpirationWarning}async login(e,t){await(async(e,t,i)=>{const r=new URL(t),o=r.origin+r.pathname+r.search,s=new URL(e).origin,a=await fetch(`${s}/.well-known/openid-configuration`).then((e=>{if(!e.ok)throw new Error(`HTTP error! Status: ${e.status}`);return e.json()})),n=a.issuer,l=e=>e.endsWith("/")?e.slice(0,-1):e;if(l(e)!==l(n))throw new Error("RFC 9207 - iss != idp - "+n+" != "+e);sessionStorage.setItem("idp",n),sessionStorage.setItem("token_endpoint",a.token_endpoint),sessionStorage.setItem("jwks_uri",a.jwks_uri);let d=i?.client_id;if(!d){const e=a.registration_endpoint,t=await(async(e,t)=>{const i={...t,grant_types:["authorization_code","refresh_token"],id_token_signed_response_alg:"ES256",token_endpoint_auth_method:"none",application_type:"web",subject_type:"public"};return fetch(e,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(i)})})(e,i??{redirect_uris:[o]}).then((e=>{if(!e.ok)throw new Error(`HTTP error! Status: ${e.status}`);return e.json()}));d=t.client_id,sessionStorage.setItem("client_id",d)}const{pkce_code_verifier:p,pkce_code_challenge:h}=await Ut();sessionStorage.setItem("pkce_code_verifier",p);const c=window.crypto.randomUUID();sessionStorage.setItem("csrf_token",c);const u=a.authorization_endpoint+"?response_type=code"+`&redirect_uri=${encodeURIComponent(o)}&scope=openid offline_access webid`+`&client_id=${encodeURIComponent(d)}&code_challenge_method=S256`+`&code_challenge=${h}`+`&state=${c}&prompt=consent`;window.location.href=u})(e,t,this.sessionInformation.clientDetails)}async logout(){if(this.sessionDeactivateTimeout&&clearTimeout(this.sessionDeactivateTimeout),this.sessionDeactivateTimeout=void 0,this.tokenRefreshTimeout&&clearTimeout(this.tokenRefreshTimeout),this.tokenRefreshTimeout=void 0,this.sessionInformation.idpDetails=void 0,this.sessionInformation.tokenDetails=void 0,this.isActive_=!1,this.webId_=void 0,this.sessionInformation.clientDetails?.client_id)try{new URL(this.sessionInformation.clientDetails.client_id)}catch(e){this.sessionInformation.clientDetails.client_id=void 0}const e=await(new Nt).init();await e.clear(),e.close()}async handleRedirectFromLogin(){const e=await(async e=>{const t=new URL(window.location.href),i=t.searchParams.get("code");if(null===i)return{clientDetails:e};const r=sessionStorage.getItem("idp");if(null===r||t.searchParams.get("iss")!=r)throw new Error("RFC 9207 - iss != idp - "+t.searchParams.get("iss")+" != "+r);if(t.searchParams.get("state")!=sessionStorage.getItem("csrf_token"))throw new Error("RFC 6749 - state != csrf_token - "+t.searchParams.get("state")+" != "+sessionStorage.getItem("csrf_token"));t.searchParams.delete("iss"),t.searchParams.delete("state"),t.searchParams.delete("code"),window.history.pushState({},document.title,t.toString());const o=sessionStorage.getItem("pkce_code_verifier");if(null===o)throw new Error("Access Token Request preparation - Could not find in sessionStorage: pkce_code_verifier");const s=e?.client_id||sessionStorage.getItem("client_id");if(!s)throw new Error("Access Token Request preparation - Could not find in sessionStorage: client_id (dynamic registration)");const a=sessionStorage.getItem("token_endpoint");if(null===a)throw new Error("Access Token Request preparation - Could not find in sessionStorage: token_endpoint");const n=await async function(e,t){return async function(e,t){let i,r;switch(e){case"PS256":case"PS384":case"PS512":i={name:"RSA-PSS",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Rt(t)},r=["sign","verify"];break;case"RS256":case"RS384":case"RS512":i={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Rt(t)},r=["sign","verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":i={name:"RSA-OAEP",hash:`SHA-${parseInt(e.slice(-3),10)||1}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Rt(t)},r=["decrypt","unwrapKey","encrypt","wrapKey"];break;case"ES256":i={name:"ECDSA",namedCurve:"P-256"},r=["sign","verify"];break;case"ES384":i={name:"ECDSA",namedCurve:"P-384"},r=["sign","verify"];break;case"ES512":i={name:"ECDSA",namedCurve:"P-521"},r=["sign","verify"];break;case"Ed25519":i={name:"Ed25519"},r=["sign","verify"];break;case"EdDSA":{r=["sign","verify"];const e="Ed25519";switch(e){case"Ed25519":case"Ed448":i={name:e};break;default:throw new Fe("Invalid or unsupported crv option provided")}break}case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":{r=["deriveKey","deriveBits"];const e="P-256";switch(e){case"P-256":case"P-384":case"P-521":i={name:"ECDH",namedCurve:e};break;case"X25519":case"X448":i={name:e};break;default:throw new Fe("Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448")}break}default:throw new Fe('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}return ve.subtle.generateKey(i,!1,r)}(e,t)}("ES256"),l=await(async(e,t,i,r,o,s)=>{const a=await dt(s.publicKey);a.alg="ES256";const n=await new St({htu:o,htm:"POST"}).setIssuedAt().setJti(window.crypto.randomUUID()).setProtectedHeader({alg:"ES256",typ:"dpop+jwt",jwk:a}).sign(s.privateKey);return fetch(o,{method:"POST",headers:{dpop:n,"Content-Type":"application/x-www-form-urlencoded"},body:new URLSearchParams({grant_type:"authorization_code",code:e,code_verifier:t,redirect_uri:i,client_id:r})})})(i,o,t.toString(),s,a,n).then((e=>{if(!e.ok)throw new Error(`HTTP error! Status: ${e.status}`);return e.json()})),d=l.access_token,p=sessionStorage.getItem("jwks_uri");if(null===p)throw new Error("Access Token validation preparation - Could not find in sessionStorage: jwks_uri");const h=_t(new URL(p)),{payload:c}=await gt(d,h,{issuer:r,audience:"solid"}),u=await It(await dt(n.publicKey));if(c.cnf.jkt!=u)throw new Error("Access Token validation failed on `jkt`: jkt != DPoP thumbprint - "+c.cnf.jkt+" != "+u);if(c.client_id!=s)throw new Error("Access Token validation failed on `client_id`: JWT payload != client_id - "+c.client_id+" != "+s);const f={...l,dpop_key_pair:n},m={idp:r,jwks_uri:p,token_endpoint:a};e||(e={redirect_uris:[window.location.href]}),e.client_id=s;const b=await(new Nt).init();return await Promise.all([b.setItem("idp",r),b.setItem("jwks_uri",p),b.setItem("token_endpoint",a),b.setItem("client_id",s),b.setItem("dpop_keypair",n),b.setItem("refresh_token",l.refresh_token)]),b.close(),sessionStorage.removeItem("csrf_token"),sessionStorage.removeItem("pkce_code_verifier"),sessionStorage.removeItem("idp"),sessionStorage.removeItem("jwks_uri"),sessionStorage.removeItem("token_endpoint"),sessionStorage.removeItem("client_id"),{clientDetails:e,idpDetails:m,tokenDetails:f}})(this.sessionInformation.clientDetails);e.tokenDetails&&(this.sessionInformation=e,await this.setSessionDetails())}async restore(){await Ot().then((e=>(this.sessionInformation.tokenDetails=e,this.setSessionDetails()))).catch((()=>{}))}async createSignedDPoPToken(e){if(!this.sessionInformation.tokenDetails||!this.currentAth_)throw new Error("Session not established.");e.ath=this.currentAth_;const t=await dt(this.sessionInformation.tokenDetails.dpop_key_pair.publicKey);return new St(e).setIssuedAt().setJti(window.crypto.randomUUID()).setProtectedHeader({alg:"ES256",typ:"dpop+jwt",jwk:t}).sign(this.sessionInformation.tokenDetails.dpop_key_pair.privateKey)}async authFetch(e,t,i){let r,o,s;if(e instanceof Request?(r=new URL(e.url),o=t?.method||e?.method||"GET",s=new Headers(e.headers)):(t=t||{},r=new URL(e.toString()),o=t.method||"GET",s=t.headers?new Headers(t.headers):new Headers),this.sessionInformation.tokenDetails){i=i??{htu:`${r.origin}${r.pathname}`,htm:o.toUpperCase()};const e=await this.createSignedDPoPToken(i);s.set("dpop",e),s.set("authorization",`DPoP ${this.sessionInformation.tokenDetails.access_token}`)}return e instanceof Request?fetch(new Request(e,{...t,headers:s})):fetch(r,{...t,headers:s})}get isActive(){return this.isActive_}get webId(){return this.webId_}async setSessionDetails(){this.sessionInformation.tokenDetails?.access_token||this.logout(),this.currentAth_=await this.computeAth(this.sessionInformation.tokenDetails.access_token),this.webId_=function(e){if("string"!=typeof e)throw new Ae("JWTs must use Compact JWS serialization, JWT must be a string");const{1:t,length:i}=e.split(".");if(5===i)throw new Ae("Only JWTs using Compact JWS serialization can be decoded");if(3!==i)throw new Ae("Invalid JWT");if(!t)throw new Ae("JWTs must contain a payload");let r,o;try{r=Mt(t)}catch{throw new Ae("Failed to base64url decode the payload")}try{o=JSON.parse(ke.decode(r))}catch{throw new Ae("Failed to parse the decoded payload as JSON")}if(!qe(o))throw new Ae("Invalid JWT Claims Set");return o}(this.sessionInformation.tokenDetails.access_token).webid,this.isActive_=void 0!==this.webId,this.setSessionDeactivateTimeout(),this.setTokenRefreshTimeout()}setSessionDeactivateTimeout(){const e=1e3*(this.sessionInformation.tokenDetails.expires_in-5);this.sessionDeactivateTimeout&&clearTimeout(this.sessionDeactivateTimeout),this.sessionDeactivateTimeout=setTimeout((()=>this.logout()),e)}setTokenRefreshTimeout(){const e=1e3*(this.sessionInformation.tokenDetails.expires_in-95);this.tokenRefreshTimeout&&clearTimeout(this.tokenRefreshTimeout),this.tokenRefreshTimeout=setTimeout((async()=>{const e=await Ot().catch((()=>{this.onSessionExpirationWarning&&this.onSessionExpirationWarning()}));e&&(this.sessionInformation.tokenDetails=e,this.setSessionDetails())}),e)}async computeAth(e){const t=(new TextEncoder).encode(e),i=await crypto.subtle.digest("SHA-256",t),r=Array.from(new Uint8Array(i));return btoa(String.fromCharCode(...r)).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}}class Wt{get authenticatedFetch(){return this._authenticatedFetch}constructor(){this.onSessionRestoreCallback=()=>{},this.sessionInfo$=new B.BehaviorSubject({isLoggedIn:!1,webId:void 0}),this.session=new jt,this._authenticatedFetch=this.session.authFetch.bind(this.session)}async handleIncomingRedirect(e=!1){await this.session.handleRedirectFromLogin(),e&&(await this.session.restore(),this.session.isActive&&this.onSessionRestoreCallback(window.location.href)),this.sessionInfo$.next({isLoggedIn:this.session.isActive,webId:this.session.webId})}async login(e){return this.session.login(e,window.location.href)}async logout(){await this.session.logout(),this.sessionInfo$.next({isLoggedIn:!1,webId:void 0})}observeSession(){return this.sessionInfo$}onSessionRestore(e){this.onSessionRestoreCallback=e}}var Lt=n`
|
|
1
|
+
import{r as e,h as t,H as i,c as r,a as o,i as s,j as a}from"./p-spEUIGXI.js";import{i as n,E as l,T as d,c as p,_ as h,n as c,S as u,x as f,d as m,r as b,w as y,e as g,f as v}from"./p-Bz2zblgU.js";import{c as w,s as x,B as k}from"./p-DO6v4X9H.js";import{P as S,N as D,a as I,T as C}from"./p-sVi8GCz5.js";import{c as B}from"./p-vFMstSdt.js";import{L as P,e as z,s as F,a as T,g as A,b as E,w as _,S as M}from"./p-DPNKR_cm.js";import{a as R,i as N,t as U,e as O}from"./p-DpbuT47x.js";import{s as $}from"./p-BW_CkW1K.js";import{s as j}from"./p-jlzl8vRd.js";import{u as W}from"./p-D0uCfr1-.js";const L=class{constructor(t){e(this,t)}openDialog(){this.dialog.showModal()}render(){return t(i,{key:"9a60547270fcc455679acdfe6de75da57e513b1f"},t("button",{key:"32a8ba00ef511587024c843663e281e2b6930c19",id:"new",title:"Add a new thing",onClick:()=>this.openDialog()},t("sl-icon",{key:"6faf99cef999b441410770b0509f5a8d6a10f7e9",name:"plus-circle"})),t("pos-dialog",{key:"f6cd827c19d3dfe33500f03e561f399e11d728ce",ref:e=>this.dialog=e},t("span",{key:"ff40b8f28a349a1ad6db11e2d427d74ea5fbd300",slot:"title"},"Add a new thing"),t("pos-new-thing-form",{key:"e48257160d78d025e6213bd61c4953261d4829c2",slot:"content",referenceUri:this.referenceUri})))}};L.style=":host{font-family:var(--font-sans);display:block}button#new{cursor:pointer;display:flex;align-items:center;justify-content:center;border:none;width:var(--size-10);height:var(--size-10);background-color:var(--pos-primary-color);color:var(--pos-primary-text-color);font-size:var(--scale-6);border-radius:var(--radius-xs);padding:var(--size-2)}button#new:hover,button#new:focus{outline:none;filter:brightness(110%);box-shadow:var(--shadow-sm)}pos-new-thing-form{margin:var(--scale-3)}";const H=localStorage.getItem("settings"),V=w(H?JSON.parse(H):{offlineCache:!1,rememberedIdp:null});V.on("set",(()=>{const e=JSON.stringify(V.state);localStorage.setItem("settings",e)})),window.addEventListener("storage",(e=>{if("settings"===e.key&&e.newValue){const t=JSON.parse(e.newValue);V.state.offlineCache=t.offlineCache,V.state.rememberedIdp=t.rememberedIdp}}));const J=(e,t)=>t.some((t=>e instanceof t));let K,q;const G=new WeakMap,X=new WeakMap,Y=new WeakMap;let Z={get(e,t,i){if(e instanceof IDBTransaction){if("done"===t)return G.get(e);if("store"===t)return i.objectStoreNames[1]?void 0:i.objectStore(i.objectStoreNames[0])}return te(e[t])},set:(e,t,i)=>(e[t]=i,!0),has:(e,t)=>e instanceof IDBTransaction&&("done"===t||"store"===t)||t in e};function Q(e){Z=e(Z)}function ee(e){return"function"==typeof e?(t=e,(q||(q=[IDBCursor.prototype.advance,IDBCursor.prototype.continue,IDBCursor.prototype.continuePrimaryKey])).includes(t)?function(...e){return t.apply(ie(this),e),te(this.request)}:function(...e){return te(t.apply(ie(this),e))}):(e instanceof IDBTransaction&&function(e){if(G.has(e))return;const t=new Promise(((t,i)=>{const r=()=>{e.removeEventListener("complete",o),e.removeEventListener("error",s),e.removeEventListener("abort",s)},o=()=>{t(),r()},s=()=>{i(e.error||new DOMException("AbortError","AbortError")),r()};e.addEventListener("complete",o),e.addEventListener("error",s),e.addEventListener("abort",s)}));G.set(e,t)}(e),J(e,K||(K=[IDBDatabase,IDBObjectStore,IDBIndex,IDBCursor,IDBTransaction]))?new Proxy(e,Z):e);var t}function te(e){if(e instanceof IDBRequest)return function(e){const t=new Promise(((t,i)=>{const r=()=>{e.removeEventListener("success",o),e.removeEventListener("error",s)},o=()=>{t(te(e.result)),r()},s=()=>{i(e.error),r()};e.addEventListener("success",o),e.addEventListener("error",s)}));return Y.set(t,e),t}(e);if(X.has(e))return X.get(e);const t=ee(e);return t!==e&&(X.set(e,t),Y.set(t,e)),t}const ie=e=>Y.get(e),re=["get","getKey","getAll","getAllKeys","count"],oe=["put","add","delete","clear"],se=new Map;function ae(e,t){if(!(e instanceof IDBDatabase)||t in e||"string"!=typeof t)return;if(se.get(t))return se.get(t);const i=t.replace(/FromIndex$/,""),r=t!==i,o=oe.includes(i);if(!(i in(r?IDBIndex:IDBObjectStore).prototype)||!o&&!re.includes(i))return;const s=async function(e,...t){const s=this.transaction(e,o?"readwrite":"readonly");let a=s.store;return r&&(a=a.index(t.shift())),(await Promise.all([a[i](...t),o&&s.done]))[0]};return se.set(t,s),s}Q((e=>({...e,get:(t,i,r)=>ae(t,i)||e.get(t,i,r),has:(t,i)=>!!ae(t,i)||e.has(t,i)})));const ne=["continue","continuePrimaryKey","advance"],le={},de=new WeakMap,pe=new WeakMap,he={get(e,t){if(!ne.includes(t))return e[t];let i=le[t];return i||(i=le[t]=function(...e){de.set(this,pe.get(this)[t](...e))}),i}};async function*ce(...e){let t=this;if(t instanceof IDBCursor||(t=await t.openCursor(...e)),!t)return;const i=new Proxy(t,he);for(pe.set(i,t),Y.set(i,ie(t));t;)yield i,t=await(de.get(i)||t.continue()),de.delete(i)}function ue(e,t){return t===Symbol.asyncIterator&&J(e,[IDBIndex,IDBObjectStore,IDBCursor])||"iterate"===t&&J(e,[IDBIndex,IDBObjectStore])}Q((e=>({...e,get:(t,i,r)=>ue(t,i)?ce:e.get(t,i,r),has:(t,i)=>ue(t,i)||e.has(t,i)})));class fe{constructor(){this.dbPromise=function(e,t,{blocked:i,upgrade:r,blocking:o,terminated:s}={}){const a=indexedDB.open(e,t),n=te(a);return r&&a.addEventListener("upgradeneeded",(e=>{r(te(a.result),e.oldVersion,e.newVersion,te(a.transaction),e)})),i&&a.addEventListener("blocked",(e=>i(e.oldVersion,e.newVersion,e))),n.then((e=>{s&&e.addEventListener("close",(()=>s())),o&&e.addEventListener("versionchange",(e=>o(e.oldVersion,e.newVersion,e)))})).catch((()=>{})),n}("OfflineCacheDB",1,{upgrade(e){e.objectStoreNames.contains("documents")||e.createObjectStore("documents",{keyPath:"url"}).createIndex("url-revision",["url","revision"])}})}async clear(){return(await this.dbPromise).clear("documents")}async get(e){const t=await this.dbPromise;return await t.get("documents",e)}async put(e){const t=await this.dbPromise;await t.getFromIndex("documents","url-revision",[e.url,e.revision])||await t.put("documents",e)}}class me{isOnline(){return navigator.onLine}}const be=(e,t)=>new S({session:e,offlineCache:t.offlineCache?new fe:new D,onlineStatus:new me});var ye="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};function ge(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}var ve=crypto;const we=e=>e instanceof CryptoKey;const xe=new TextEncoder,ke=new TextDecoder;function Se(...e){const t=e.reduce(((e,{length:t})=>e+t),0),i=new Uint8Array(t);let r=0;for(const t of e)i.set(t,r),r+=t.length;return i}const De=e=>(e=>{let t=e;"string"==typeof t&&(t=xe.encode(t));const i=[];for(let e=0;e<t.length;e+=32768)i.push(String.fromCharCode.apply(null,t.subarray(e,e+32768)));return btoa(i.join(""))})(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"),Ie=e=>{let t=e;t instanceof Uint8Array&&(t=ke.decode(t)),t=t.replace(/-/g,"+").replace(/_/g,"/").replace(/\s/g,"");try{return(e=>{const t=atob(e),i=new Uint8Array(t.length);for(let e=0;e<t.length;e++)i[e]=t.charCodeAt(e);return i})(t)}catch{throw new TypeError("The input to be decoded is not correctly encoded.")}};class Ce extends Error{constructor(e,t){super(e,t),this.code="ERR_JOSE_GENERIC",this.name=this.constructor.name,Error.captureStackTrace?.(this,this.constructor)}}Ce.code="ERR_JOSE_GENERIC";class Be extends Ce{constructor(e,t,i="unspecified",r="unspecified"){super(e,{cause:{claim:i,reason:r,payload:t}}),this.code="ERR_JWT_CLAIM_VALIDATION_FAILED",this.claim=i,this.reason=r,this.payload=t}}Be.code="ERR_JWT_CLAIM_VALIDATION_FAILED";class Pe extends Ce{constructor(e,t,i="unspecified",r="unspecified"){super(e,{cause:{claim:i,reason:r,payload:t}}),this.code="ERR_JWT_EXPIRED",this.claim=i,this.reason=r,this.payload=t}}Pe.code="ERR_JWT_EXPIRED";class ze extends Ce{constructor(){super(...arguments),this.code="ERR_JOSE_ALG_NOT_ALLOWED"}}ze.code="ERR_JOSE_ALG_NOT_ALLOWED";class Fe extends Ce{constructor(){super(...arguments),this.code="ERR_JOSE_NOT_SUPPORTED"}}Fe.code="ERR_JOSE_NOT_SUPPORTED",class extends Ce{constructor(e="decryption operation failed",t){super(e,t),this.code="ERR_JWE_DECRYPTION_FAILED"}}.code="ERR_JWE_DECRYPTION_FAILED",class extends Ce{constructor(){super(...arguments),this.code="ERR_JWE_INVALID"}}.code="ERR_JWE_INVALID";class Te extends Ce{constructor(){super(...arguments),this.code="ERR_JWS_INVALID"}}Te.code="ERR_JWS_INVALID";class Ae extends Ce{constructor(){super(...arguments),this.code="ERR_JWT_INVALID"}}Ae.code="ERR_JWT_INVALID";class Ee extends Ce{constructor(){super(...arguments),this.code="ERR_JWK_INVALID"}}Ee.code="ERR_JWK_INVALID";class _e extends Ce{constructor(){super(...arguments),this.code="ERR_JWKS_INVALID"}}_e.code="ERR_JWKS_INVALID";class Me extends Ce{constructor(e="no applicable key found in the JSON Web Key Set",t){super(e,t),this.code="ERR_JWKS_NO_MATCHING_KEY"}}Me.code="ERR_JWKS_NO_MATCHING_KEY";class Re extends Ce{constructor(e="multiple matching keys found in the JSON Web Key Set",t){super(e,t),this.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS"}}Re.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS";class Ne extends Ce{constructor(e="request timed out",t){super(e,t),this.code="ERR_JWKS_TIMEOUT"}}Ne.code="ERR_JWKS_TIMEOUT";class Ue extends Ce{constructor(e="signature verification failed",t){super(e,t),this.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED"}}function Oe(e,t="algorithm.name"){return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`)}function $e(e,t){return e.name===t}function je(e){return parseInt(e.name.slice(4),10)}function We(e,t,...i){if((i=i.filter(Boolean)).length>2){const t=i.pop();e+=`one of type ${i.join(", ")}, or ${t}.`}else e+=2===i.length?`one of type ${i[0]} or ${i[1]}.`:`of type ${i[0]}.`;return null==t?e+=` Received ${t}`:"function"==typeof t&&t.name?e+=` Received function ${t.name}`:"object"==typeof t&&null!=t&&t.constructor?.name&&(e+=` Received an instance of ${t.constructor.name}`),e}Ue.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED";var Le=(e,...t)=>We("Key must be ",e,...t);function He(e,t,...i){return We(`Key for the ${e} algorithm must be `,t,...i)}var Ve=e=>!!we(e)||"KeyObject"===e?.[Symbol.toStringTag];const Je=["CryptoKey"];var Ke=(...e)=>{const t=e.filter(Boolean);if(0===t.length||1===t.length)return!0;let i;for(const e of t){const t=Object.keys(e);if(i&&0!==i.size)for(const e of t){if(i.has(e))return!1;i.add(e)}else i=new Set(t)}return!0};function qe(e){if("object"!=typeof(t=e)||null===t||"[object Object]"!==Object.prototype.toString.call(e))return!1;var t;if(null===Object.getPrototypeOf(e))return!0;let i=e;for(;null!==Object.getPrototypeOf(i);)i=Object.getPrototypeOf(i);return Object.getPrototypeOf(e)===i}var Ge=(e,t)=>{if(e.startsWith("RS")||e.startsWith("PS")){const{modulusLength:i}=t.algorithm;if("number"!=typeof i||i<2048)throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`)}};function Xe(e){return qe(e)&&"string"==typeof e.kty}var Ye=async e=>{if(!e.alg)throw new TypeError('"alg" argument is required when "jwk.alg" is not present');const{algorithm:t,keyUsages:i}=function(e){let t,i;switch(e.kty){case"RSA":switch(e.alg){case"PS256":case"PS384":case"PS512":t={name:"RSA-PSS",hash:`SHA-${e.alg.slice(-3)}`},i=e.d?["sign"]:["verify"];break;case"RS256":case"RS384":case"RS512":t={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.alg.slice(-3)}`},i=e.d?["sign"]:["verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":t={name:"RSA-OAEP",hash:`SHA-${parseInt(e.alg.slice(-3),10)||1}`},i=e.d?["decrypt","unwrapKey"]:["encrypt","wrapKey"];break;default:throw new Fe('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;case"EC":switch(e.alg){case"ES256":t={name:"ECDSA",namedCurve:"P-256"},i=e.d?["sign"]:["verify"];break;case"ES384":t={name:"ECDSA",namedCurve:"P-384"},i=e.d?["sign"]:["verify"];break;case"ES512":t={name:"ECDSA",namedCurve:"P-521"},i=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:"ECDH",namedCurve:e.crv},i=e.d?["deriveBits"]:[];break;default:throw new Fe('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;case"OKP":switch(e.alg){case"Ed25519":t={name:"Ed25519"},i=e.d?["sign"]:["verify"];break;case"EdDSA":t={name:e.crv},i=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:e.crv},i=e.d?["deriveBits"]:[];break;default:throw new Fe('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;default:throw new Fe('Invalid or unsupported JWK "kty" (Key Type) Parameter value')}return{algorithm:t,keyUsages:i}}(e),r=[t,e.ext??!1,e.key_ops??i],o={...e};return delete o.alg,delete o.use,ve.subtle.importKey("jwk",o,...r)};const Ze=e=>Ie(e);let Qe,et;const tt=e=>"KeyObject"===e?.[Symbol.toStringTag],it=async(e,t,i,r,o=!1)=>{let s=e.get(t);if(s?.[r])return s[r];const a=await Ye({...i,alg:r});return o&&Object.freeze(t),s?s[r]=a:e.set(t,{[r]:a}),a};async function rt(e,t){if(!qe(e))throw new TypeError("JWK must be an object");switch(t||(t=e.alg),e.kty){case"oct":if("string"!=typeof e.k||!e.k)throw new TypeError('missing "k" (Key Value) Parameter value');return Ie(e.k);case"RSA":if("oth"in e&&void 0!==e.oth)throw new Fe('RSA JWK "oth" (Other Primes Info) Parameter value is not supported');case"EC":case"OKP":return Ye({...e,alg:t});default:throw new Fe('Unsupported "kty" (Key Type) Parameter value')}}const ot=e=>e?.[Symbol.toStringTag],st=(e,t,i)=>{if(void 0!==t.use&&"sig"!==t.use)throw new TypeError("Invalid key for this operation, when present its use must be sig");if(void 0!==t.key_ops&&!0!==t.key_ops.includes?.(i))throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${i}`);if(void 0!==t.alg&&t.alg!==e)throw new TypeError(`Invalid key for this operation, when present its alg must be ${e}`);return!0};function at(e,t,i,r){t.startsWith("HS")||"dir"===t||t.startsWith("PBES2")||/^A\d{3}(?:GCM)?KW$/.test(t)?((e,t,i,r)=>{if(!(t instanceof Uint8Array)){if(r&&Xe(t)){if(function(e){return Xe(e)&&"oct"===e.kty&&"string"==typeof e.k}(t)&&st(e,t,i))return;throw new TypeError('JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present')}if(!Ve(t))throw new TypeError(He(e,t,...Je,"Uint8Array",r?"JSON Web Key":null));if("secret"!==t.type)throw new TypeError(`${ot(t)} instances for symmetric algorithms must be of type "secret"`)}})(t,i,r,e):((e,t,i,r)=>{if(r&&Xe(t))switch(i){case"sign":if(function(e){return"oct"!==e.kty&&"string"==typeof e.d}(t)&&st(e,t,i))return;throw new TypeError("JSON Web Key for this operation be a private JWK");case"verify":if(function(e){return"oct"!==e.kty&&void 0===e.d}(t)&&st(e,t,i))return;throw new TypeError("JSON Web Key for this operation be a public JWK")}if(!Ve(t))throw new TypeError(He(e,t,...Je,r?"JSON Web Key":null));if("secret"===t.type)throw new TypeError(`${ot(t)} instances for asymmetric algorithms must not be of type "secret"`);if("sign"===i&&"public"===t.type)throw new TypeError(`${ot(t)} instances for asymmetric algorithm signing must be of type "private"`);if("decrypt"===i&&"public"===t.type)throw new TypeError(`${ot(t)} instances for asymmetric algorithm decryption must be of type "private"`);if(t.algorithm&&"verify"===i&&"private"===t.type)throw new TypeError(`${ot(t)} instances for asymmetric algorithm verifying must be of type "public"`);if(t.algorithm&&"encrypt"===i&&"private"===t.type)throw new TypeError(`${ot(t)} instances for asymmetric algorithm encryption must be of type "public"`)})(t,i,r,e)}at.bind(void 0,!1);const nt=at.bind(void 0,!0);function lt(e,t,i,r,o){if(void 0!==o.crit&&void 0===r?.crit)throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');if(!r||void 0===r.crit)return new Set;if(!Array.isArray(r.crit)||0===r.crit.length||r.crit.some((e=>"string"!=typeof e||0===e.length)))throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');let s;s=void 0!==i?new Map([...Object.entries(i),...t.entries()]):t;for(const t of r.crit){if(!s.has(t))throw new Fe(`Extension Header Parameter "${t}" is not recognized`);if(void 0===o[t])throw new e(`Extension Header Parameter "${t}" is missing`);if(s.get(t)&&void 0===r[t])throw new e(`Extension Header Parameter "${t}" MUST be integrity protected`)}return new Set(r.crit)}async function dt(e){return(async e=>{if(e instanceof Uint8Array)return{kty:"oct",k:De(e)};if(!we(e))throw new TypeError(Le(e,...Je,"Uint8Array"));if(!e.extractable)throw new TypeError("non-extractable CryptoKey cannot be exported as a JWK");const{ext:t,key_ops:i,alg:r,use:o,...s}=await ve.subtle.exportKey("jwk",e);return s})(e)}function pt(e,t){const i=`SHA-${e.slice(-3)}`;switch(e){case"HS256":case"HS384":case"HS512":return{hash:i,name:"HMAC"};case"PS256":case"PS384":case"PS512":return{hash:i,name:"RSA-PSS",saltLength:e.slice(-3)>>3};case"RS256":case"RS384":case"RS512":return{hash:i,name:"RSASSA-PKCS1-v1_5"};case"ES256":case"ES384":case"ES512":return{hash:i,name:"ECDSA",namedCurve:t.namedCurve};case"Ed25519":return{name:"Ed25519"};case"EdDSA":return{name:t.name};default:throw new Fe(`alg ${e} is not supported either by JOSE or your javascript runtime`)}}async function ht(e,t,i){if("sign"===i&&(t=await((e,t)=>{if(tt(e)){let i=e.export({format:"jwk"});return i.k?Ze(i.k):(Qe||(Qe=new WeakMap),it(Qe,e,i,t))}return Xe(e)?e.k?Ie(e.k):(Qe||(Qe=new WeakMap),it(Qe,e,e,t,!0)):e})(t,e)),"verify"===i&&(t=await((e,t)=>{if(tt(e)){let i=e.export({format:"jwk"});return delete i.d,delete i.dp,delete i.dq,delete i.p,delete i.q,delete i.qi,i.k?Ze(i.k):(et||(et=new WeakMap),it(et,e,i,t))}return Xe(e)?e.k?Ie(e.k):(et||(et=new WeakMap),it(et,e,e,t,!0)):e})(t,e)),we(t))return function(e,t,...i){switch(t){case"HS256":case"HS384":case"HS512":{if(!$e(e.algorithm,"HMAC"))throw Oe("HMAC");const i=parseInt(t.slice(2),10);if(je(e.algorithm.hash)!==i)throw Oe(`SHA-${i}`,"algorithm.hash");break}case"RS256":case"RS384":case"RS512":{if(!$e(e.algorithm,"RSASSA-PKCS1-v1_5"))throw Oe("RSASSA-PKCS1-v1_5");const i=parseInt(t.slice(2),10);if(je(e.algorithm.hash)!==i)throw Oe(`SHA-${i}`,"algorithm.hash");break}case"PS256":case"PS384":case"PS512":{if(!$e(e.algorithm,"RSA-PSS"))throw Oe("RSA-PSS");const i=parseInt(t.slice(2),10);if(je(e.algorithm.hash)!==i)throw Oe(`SHA-${i}`,"algorithm.hash");break}case"EdDSA":if("Ed25519"!==e.algorithm.name&&"Ed448"!==e.algorithm.name)throw Oe("Ed25519 or Ed448");break;case"Ed25519":if(!$e(e.algorithm,"Ed25519"))throw Oe("Ed25519");break;case"ES256":case"ES384":case"ES512":{if(!$e(e.algorithm,"ECDSA"))throw Oe("ECDSA");const i=function(e){switch(e){case"ES256":return"P-256";case"ES384":return"P-384";case"ES512":return"P-521";default:throw new Error("unreachable")}}(t);if(e.algorithm.namedCurve!==i)throw Oe(i,"algorithm.namedCurve");break}default:throw new TypeError("CryptoKey does not support this operation")}!function(e,t){if(t.length&&!t.some((t=>e.usages.includes(t)))){let e="CryptoKey does not support this operation, its usages must include ";if(t.length>2){const i=t.pop();e+=`one of ${t.join(", ")}, or ${i}.`}else e+=2===t.length?`one of ${t[0]} or ${t[1]}.`:`${t[0]}.`;throw new TypeError(e)}}(e,i)}(t,e,i),t;if(t instanceof Uint8Array){if(!e.startsWith("HS"))throw new TypeError(Le(t,...Je));return ve.subtle.importKey("raw",t,{hash:`SHA-${e.slice(-3)}`,name:"HMAC"},!1,[i])}throw new TypeError(Le(t,...Je,"Uint8Array","JSON Web Key"))}async function ct(e,t,i){if(e instanceof Uint8Array&&(e=ke.decode(e)),"string"!=typeof e)throw new Te("Compact JWS must be a string or Uint8Array");const{0:r,1:o,2:s,length:a}=e.split(".");if(3!==a)throw new Te("Invalid Compact JWS");const n=await async function(e,t,i){if(!qe(e))throw new Te("Flattened JWS must be an object");if(void 0===e.protected&&void 0===e.header)throw new Te('Flattened JWS must have either of the "protected" or "header" members');if(void 0!==e.protected&&"string"!=typeof e.protected)throw new Te("JWS Protected Header incorrect type");if(void 0===e.payload)throw new Te("JWS Payload missing");if("string"!=typeof e.signature)throw new Te("JWS Signature missing or incorrect type");if(void 0!==e.header&&!qe(e.header))throw new Te("JWS Unprotected Header incorrect type");let r={};if(e.protected)try{const t=Ie(e.protected);r=JSON.parse(ke.decode(t))}catch{throw new Te("JWS Protected Header is invalid")}if(!Ke(r,e.header))throw new Te("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const o={...r,...e.header};let s=!0;if(lt(Te,new Map([["b64",!0]]),i?.crit,r,o).has("b64")&&(s=r.b64,"boolean"!=typeof s))throw new Te('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:a}=o;if("string"!=typeof a||!a)throw new Te('JWS "alg" (Algorithm) Header Parameter missing or invalid');const n=i&&((e,t)=>{if(void 0!==t&&(!Array.isArray(t)||t.some((e=>"string"!=typeof e))))throw new TypeError(`"${e}" option must be an array of strings`);if(t)return new Set(t)})("algorithms",i.algorithms);if(n&&!n.has(a))throw new ze('"alg" (Algorithm) Header Parameter value not allowed');if(s){if("string"!=typeof e.payload)throw new Te("JWS Payload must be a string")}else if("string"!=typeof e.payload&&!(e.payload instanceof Uint8Array))throw new Te("JWS Payload must be a string or an Uint8Array instance");let l=!1;"function"==typeof t?(t=await t(r,e),l=!0,nt(a,t,"verify"),Xe(t)&&(t=await rt(t,a))):nt(a,t,"verify");const d=Se(xe.encode(e.protected??""),xe.encode("."),"string"==typeof e.payload?xe.encode(e.payload):e.payload);let p,h;try{p=Ie(e.signature)}catch{throw new Te("Failed to base64url decode the signature")}if(!await(async(e,t,i,r)=>{const o=await ht(e,t,"verify");Ge(e,o);const s=pt(e,o.algorithm);try{return await ve.subtle.verify(s,o,i,r)}catch{return!1}})(a,t,p,d))throw new Ue;if(s)try{h=Ie(e.payload)}catch{throw new Te("Failed to base64url decode the payload")}else h="string"==typeof e.payload?xe.encode(e.payload):e.payload;const c={payload:h};return void 0!==e.protected&&(c.protectedHeader=r),void 0!==e.header&&(c.unprotectedHeader=e.header),l?{...c,key:t}:c}({payload:o,protected:r,signature:s},t,i),l={payload:n.payload,protectedHeader:n.protectedHeader};return"function"==typeof t?{...l,key:n.key}:l}var ut=e=>Math.floor(e.getTime()/1e3);const ft=/^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i;var mt=e=>{const t=ft.exec(e);if(!t||t[4]&&t[1])throw new TypeError("Invalid time period format");const i=parseFloat(t[2]);let r;switch(t[3].toLowerCase()){case"sec":case"secs":case"second":case"seconds":case"s":r=Math.round(i);break;case"minute":case"minutes":case"min":case"mins":case"m":r=Math.round(60*i);break;case"hour":case"hours":case"hr":case"hrs":case"h":r=Math.round(3600*i);break;case"day":case"days":case"d":r=Math.round(86400*i);break;case"week":case"weeks":case"w":r=Math.round(604800*i);break;default:r=Math.round(31557600*i)}return"-"===t[1]||"ago"===t[4]?-r:r};const bt=e=>e.toLowerCase().replace(/^application\//,"");var yt=(e,t,i={})=>{let r;try{r=JSON.parse(ke.decode(t))}catch{}if(!qe(r))throw new Ae("JWT Claims Set must be a top-level JSON object");const{typ:o}=i;if(o&&("string"!=typeof e.typ||bt(e.typ)!==bt(o)))throw new Be('unexpected "typ" JWT header value',r,"typ","check_failed");const{requiredClaims:s=[],issuer:a,subject:n,audience:l,maxTokenAge:d}=i,p=[...s];void 0!==d&&p.push("iat"),void 0!==l&&p.push("aud"),void 0!==n&&p.push("sub"),void 0!==a&&p.push("iss");for(const e of new Set(p.reverse()))if(!(e in r))throw new Be(`missing required "${e}" claim`,r,e,"missing");if(a&&!(Array.isArray(a)?a:[a]).includes(r.iss))throw new Be('unexpected "iss" claim value',r,"iss","check_failed");if(n&&r.sub!==n)throw new Be('unexpected "sub" claim value',r,"sub","check_failed");if(l&&(c="string"==typeof l?[l]:l,!("string"==typeof(h=r.aud)?c.includes(h):Array.isArray(h)&&c.some(Set.prototype.has.bind(new Set(h))))))throw new Be('unexpected "aud" claim value',r,"aud","check_failed");var h,c;let u;switch(typeof i.clockTolerance){case"string":u=mt(i.clockTolerance);break;case"number":u=i.clockTolerance;break;case"undefined":u=0;break;default:throw new TypeError("Invalid clockTolerance option type")}const{currentDate:f}=i,m=ut(f||new Date);if((void 0!==r.iat||d)&&"number"!=typeof r.iat)throw new Be('"iat" claim must be a number',r,"iat","invalid");if(void 0!==r.nbf){if("number"!=typeof r.nbf)throw new Be('"nbf" claim must be a number',r,"nbf","invalid");if(r.nbf>m+u)throw new Be('"nbf" claim timestamp check failed',r,"nbf","check_failed")}if(void 0!==r.exp){if("number"!=typeof r.exp)throw new Be('"exp" claim must be a number',r,"exp","invalid");if(r.exp<=m-u)throw new Pe('"exp" claim timestamp check failed',r,"exp","check_failed")}if(d){const e=m-r.iat;if(e-u>("number"==typeof d?d:mt(d)))throw new Pe('"iat" claim timestamp check failed (too far in the past)',r,"iat","check_failed");if(e<0-u)throw new Be('"iat" claim timestamp check failed (it should be in the past)',r,"iat","check_failed")}return r};async function gt(e,t,i){const r=await ct(e,t,i);if(r.protectedHeader.crit?.includes("b64")&&!1===r.protectedHeader.b64)throw new Ae("JWTs MUST NOT use unencoded payload");const o={payload:yt(r.protectedHeader,r.payload,i),protectedHeader:r.protectedHeader};return"function"==typeof t?{...o,key:r.key}:o}class vt{constructor(e){if(!(e instanceof Uint8Array))throw new TypeError("payload must be an instance of Uint8Array");this._payload=e}setProtectedHeader(e){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=e,this}setUnprotectedHeader(e){if(this._unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this._unprotectedHeader=e,this}async sign(e,t){if(!this._protectedHeader&&!this._unprotectedHeader)throw new Te("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");if(!Ke(this._protectedHeader,this._unprotectedHeader))throw new Te("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const i={...this._protectedHeader,...this._unprotectedHeader};let r=!0;if(lt(Te,new Map([["b64",!0]]),t?.crit,this._protectedHeader,i).has("b64")&&(r=this._protectedHeader.b64,"boolean"!=typeof r))throw new Te('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:o}=i;if("string"!=typeof o||!o)throw new Te('JWS "alg" (Algorithm) Header Parameter missing or invalid');nt(o,e,"sign");let s,a=this._payload;r&&(a=xe.encode(De(a))),s=xe.encode(this._protectedHeader?De(JSON.stringify(this._protectedHeader)):"");const n=Se(s,xe.encode("."),a),l=await(async(e,t,i)=>{const r=await ht(e,t,"sign");Ge(e,r);const o=await ve.subtle.sign(pt(e,r.algorithm),r,i);return new Uint8Array(o)})(o,e,n),d={signature:De(l),payload:""};return r&&(d.payload=ke.decode(a)),this._unprotectedHeader&&(d.header=this._unprotectedHeader),this._protectedHeader&&(d.protected=ke.decode(s)),d}}class wt{constructor(e){this._flattened=new vt(e)}setProtectedHeader(e){return this._flattened.setProtectedHeader(e),this}async sign(e,t){const i=await this._flattened.sign(e,t);if(void 0===i.payload)throw new TypeError("use the flattened module for creating JWS with b64: false");return`${i.protected}.${i.payload}.${i.signature}`}}function xt(e,t){if(!Number.isFinite(t))throw new TypeError(`Invalid ${e} input`);return t}class kt{constructor(e={}){if(!qe(e))throw new TypeError("JWT Claims Set MUST be an object");this._payload=e}setIssuer(e){return this._payload={...this._payload,iss:e},this}setSubject(e){return this._payload={...this._payload,sub:e},this}setAudience(e){return this._payload={...this._payload,aud:e},this}setJti(e){return this._payload={...this._payload,jti:e},this}setNotBefore(e){return this._payload="number"==typeof e?{...this._payload,nbf:xt("setNotBefore",e)}:e instanceof Date?{...this._payload,nbf:xt("setNotBefore",ut(e))}:{...this._payload,nbf:ut(new Date)+mt(e)},this}setExpirationTime(e){return this._payload="number"==typeof e?{...this._payload,exp:xt("setExpirationTime",e)}:e instanceof Date?{...this._payload,exp:xt("setExpirationTime",ut(e))}:{...this._payload,exp:ut(new Date)+mt(e)},this}setIssuedAt(e){return this._payload=void 0===e?{...this._payload,iat:ut(new Date)}:e instanceof Date?{...this._payload,iat:xt("setIssuedAt",ut(e))}:"string"==typeof e?{...this._payload,iat:xt("setIssuedAt",ut(new Date)+mt(e))}:{...this._payload,iat:xt("setIssuedAt",e)},this}}class St extends kt{setProtectedHeader(e){return this._protectedHeader=e,this}async sign(e,t){const i=new wt(xe.encode(JSON.stringify(this._payload)));if(i.setProtectedHeader(this._protectedHeader),Array.isArray(this._protectedHeader?.crit)&&this._protectedHeader.crit.includes("b64")&&!1===this._protectedHeader.b64)throw new Ae("JWTs MUST NOT use unencoded payload");return i.sign(e,t)}}const Dt=(e,t)=>{if("string"!=typeof e||!e)throw new Ee(`${t} missing or invalid`)};async function It(e,t){if(!qe(e))throw new TypeError("JWK must be an object");if(t??(t="sha256"),"sha256"!==t&&"sha384"!==t&&"sha512"!==t)throw new TypeError('digestAlgorithm must one of "sha256", "sha384", or "sha512"');let i;switch(e.kty){case"EC":Dt(e.crv,'"crv" (Curve) Parameter'),Dt(e.x,'"x" (X Coordinate) Parameter'),Dt(e.y,'"y" (Y Coordinate) Parameter'),i={crv:e.crv,kty:e.kty,x:e.x,y:e.y};break;case"OKP":Dt(e.crv,'"crv" (Subtype of Key Pair) Parameter'),Dt(e.x,'"x" (Public Key) Parameter'),i={crv:e.crv,kty:e.kty,x:e.x};break;case"RSA":Dt(e.e,'"e" (Exponent) Parameter'),Dt(e.n,'"n" (Modulus) Parameter'),i={e:e.e,kty:e.kty,n:e.n};break;case"oct":Dt(e.k,'"k" (Key Value) Parameter'),i={k:e.k,kty:e.kty};break;default:throw new Fe('"kty" (Key Type) Parameter missing or unsupported')}const r=xe.encode(JSON.stringify(i));return De(await(async(e,t)=>{const i=`SHA-${e.slice(-3)}`;return new Uint8Array(await ve.subtle.digest(i,t))})(t,r))}function Ct(e){return qe(e)}function Bt(e){return"function"==typeof structuredClone?structuredClone(e):JSON.parse(JSON.stringify(e))}class Pt{constructor(e){if(this._cached=new WeakMap,!function(e){return e&&"object"==typeof e&&Array.isArray(e.keys)&&e.keys.every(Ct)}(e))throw new _e("JSON Web Key Set malformed");this._jwks=Bt(e)}async getKey(e,t){const{alg:i,kid:r}={...e,...t?.header},o=function(e){switch("string"==typeof e&&e.slice(0,2)){case"RS":case"PS":return"RSA";case"ES":return"EC";case"Ed":return"OKP";default:throw new Fe('Unsupported "alg" value for a JSON Web Key Set')}}(i),s=this._jwks.keys.filter((e=>{let t=o===e.kty;if(t&&"string"==typeof r&&(t=r===e.kid),t&&"string"==typeof e.alg&&(t=i===e.alg),t&&"string"==typeof e.use&&(t="sig"===e.use),t&&Array.isArray(e.key_ops)&&(t=e.key_ops.includes("verify")),t)switch(i){case"ES256":t="P-256"===e.crv;break;case"ES256K":t="secp256k1"===e.crv;break;case"ES384":t="P-384"===e.crv;break;case"ES512":t="P-521"===e.crv;break;case"Ed25519":t="Ed25519"===e.crv;break;case"EdDSA":t="Ed25519"===e.crv||"Ed448"===e.crv}return t})),{0:a,length:n}=s;if(0===n)throw new Me;if(1!==n){const e=new Re,{_cached:t}=this;throw e[Symbol.asyncIterator]=async function*(){for(const e of s)try{yield await zt(t,e,i)}catch{}},e}return zt(this._cached,a,i)}}async function zt(e,t,i){const r=e.get(t)||e.set(t,{}).get(t);if(void 0===r[i]){const e=await rt({...t,ext:!0},i);if(e instanceof Uint8Array||"public"!==e.type)throw new _e("JSON Web Key Set members must be public keys");r[i]=e}return r[i]}function Ft(e){const t=new Pt(e),i=async(e,i)=>t.getKey(e,i);return Object.defineProperties(i,{jwks:{value:()=>Bt(t._jwks),enumerable:!0,configurable:!1,writable:!1}}),i}let Tt;"undefined"!=typeof navigator&&navigator.userAgent?.startsWith?.("Mozilla/5.0 ")||(Tt="jose/v5.10.0");const At=Symbol();class Et{constructor(e,t){if(!(e instanceof URL))throw new TypeError("url must be an instance of URL");var i,r;this._url=new URL(e.href),this._options={agent:t?.agent,headers:t?.headers},this._timeoutDuration="number"==typeof t?.timeoutDuration?t?.timeoutDuration:5e3,this._cooldownDuration="number"==typeof t?.cooldownDuration?t?.cooldownDuration:3e4,this._cacheMaxAge="number"==typeof t?.cacheMaxAge?t?.cacheMaxAge:6e5,void 0!==t?.[At]&&(this._cache=t?.[At],i=t?.[At],r=this._cacheMaxAge,"object"==typeof i&&null!==i&&"uat"in i&&"number"==typeof i.uat&&!(Date.now()-i.uat>=r)&&"jwks"in i&&qe(i.jwks)&&Array.isArray(i.jwks.keys)&&Array.prototype.every.call(i.jwks.keys,qe)&&(this._jwksTimestamp=this._cache.uat,this._local=Ft(this._cache.jwks)))}coolingDown(){return"number"==typeof this._jwksTimestamp&&Date.now()<this._jwksTimestamp+this._cooldownDuration}fresh(){return"number"==typeof this._jwksTimestamp&&Date.now()<this._jwksTimestamp+this._cacheMaxAge}async getKey(e,t){this._local&&this.fresh()||await this.reload();try{return await this._local(e,t)}catch(i){if(i instanceof Me&&!1===this.coolingDown())return await this.reload(),this._local(e,t);throw i}}async reload(){this._pendingFetch&&("undefined"!=typeof WebSocketPair||"undefined"!=typeof navigator&&"Cloudflare-Workers"===navigator.userAgent||"undefined"!=typeof EdgeRuntime&&"vercel"===EdgeRuntime)&&(this._pendingFetch=void 0);const e=new Headers(this._options.headers);Tt&&!e.has("User-Agent")&&(e.set("User-Agent",Tt),this._options.headers=Object.fromEntries(e.entries())),this._pendingFetch||(this._pendingFetch=(async(e,t,i)=>{let r,o,s=!1;"function"==typeof AbortController&&(r=new AbortController,o=setTimeout((()=>{s=!0,r.abort()}),t));const a=await fetch(e.href,{signal:r?r.signal:void 0,redirect:"manual",headers:i.headers}).catch((e=>{if(s)throw new Ne;throw e}));if(void 0!==o&&clearTimeout(o),200!==a.status)throw new Ce("Expected 200 OK from the JSON Web Key Set HTTP response");try{return await a.json()}catch{throw new Ce("Failed to parse the JSON Web Key Set HTTP response as JSON")}})(this._url,this._timeoutDuration,this._options).then((e=>{this._local=Ft(e),this._cache&&(this._cache.uat=Date.now(),this._cache.jwks=e),this._jwksTimestamp=Date.now(),this._pendingFetch=void 0})).catch((e=>{throw this._pendingFetch=void 0,e}))),await this._pendingFetch}}function _t(e,t){const i=new Et(e,t),r=async(e,t)=>i.getKey(e,t);return Object.defineProperties(r,{coolingDown:{get:()=>i.coolingDown(),enumerable:!0,configurable:!1},fresh:{get:()=>i.fresh(),enumerable:!0,configurable:!1},reload:{value:()=>i.reload(),enumerable:!0,configurable:!1,writable:!1},reloading:{get:()=>!!i._pendingFetch,enumerable:!0,configurable:!1},jwks:{value:()=>i._local?.jwks(),enumerable:!0,configurable:!1,writable:!1}}),r}const Mt=Ie;function Rt(e){const t=e?.modulusLength??2048;if("number"!=typeof t||t<2048)throw new Fe("Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used");return t}class Nt{dbName;storeName;dbVersion;db=null;constructor(e="soidc",t="session",i=1){this.dbName=e,this.storeName=t,this.dbVersion=i}async init(){return new Promise(((e,t)=>{const i=indexedDB.open(this.dbName,this.dbVersion);i.onerror=e=>{t(new Error(`Database error: ${e.target.error}`))},i.onsuccess=t=>{this.db=t.target.result,e(this)},i.onupgradeneeded=e=>{const t=e.target.result;t.objectStoreNames.contains(this.storeName)||t.createObjectStore(this.storeName)}}))}async setItem(e,t){return this.db||await this.init(),new Promise(((i,r)=>{const o=this.db.transaction(this.storeName,"readwrite");o.oncomplete=()=>{i()},o.onerror=t=>{r(new Error(`Transaction error for setItem(${e},...): ${t.target.error}`))},o.onabort=t=>{r(new Error(`Transaction aborted for setItem(${e},...): ${t.target.error}`))},o.objectStore(this.storeName).put(t,e)}))}async getItem(e){return this.db||await this.init(),new Promise(((t,i)=>{const r=this.db.transaction(this.storeName,"readonly");r.onerror=t=>{i(new Error(`Transaction error for getItem(${e}): ${t.target.error}`))},r.onabort=t=>{i(new Error(`Transaction aborted for getItem(${e}): ${t.target.error}`))};const o=r.objectStore(this.storeName).get(e);o.onsuccess=()=>{t(o.result||null)}}))}async deleteItem(e){return this.db||await this.init(),new Promise(((t,i)=>{const r=this.db.transaction(this.storeName,"readwrite");r.oncomplete=()=>{t()},r.onerror=t=>{i(new Error(`Transaction error for deleteItem(${e}): ${t.target.error}`))},r.onabort=t=>{i(new Error(`Transaction aborted for deleteItem(${e}): ${t.target.error}`))},r.objectStore(this.storeName).delete(e)}))}async clear(){return this.db||await this.init(),new Promise(((e,t)=>{const i=this.db.transaction(this.storeName,"readwrite");i.oncomplete=()=>{e()},i.onerror=e=>{t(new Error(`Transaction error for clear(): ${e.target.error}`))},i.onabort=e=>{t(new Error(`Transaction aborted for clear(): ${e.target.error}`))},i.objectStore(this.storeName).clear()}))}close(){this.db&&(this.db.close(),this.db=null)}}const Ut=async()=>{const e=window.crypto.randomUUID()+"-"+window.crypto.randomUUID(),t=new Uint8Array(await window.crypto.subtle.digest("SHA-256",(new TextEncoder).encode(e)));return{pkce_code_verifier:e,pkce_code_challenge:btoa(String.fromCharCode(...t)).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}},Ot=async()=>{const e=await(new Nt).init(),t=await e.getItem("client_id"),i=await e.getItem("token_endpoint"),r=await e.getItem("dpop_keypair"),o=await e.getItem("refresh_token");if(null===t||null===i||null===r||null===o)throw new Error("Could not refresh tokens: details missing from database.");const s=await $t(o,t,i,r).then((e=>{if(!e.ok)throw new Error(`HTTP error! Status: ${e.status}`);return e.json()})),a=s.access_token,n=await e.getItem("idp");if(null===n)throw new Error("Access Token validation preparation - Could not find in sessionDatabase: idp");const l=await e.getItem("jwks_uri");if(null===l)throw new Error("Access Token validation preparation - Could not find in sessionDatabase: jwks_uri");const d=_t(new URL(l)),{payload:p}=await gt(a,d,{issuer:n,audience:"solid"}),h=await It(await dt(r.publicKey));if(p.cnf.jkt!=h)throw new Error("Access Token validation failed on `jkt`: jkt != DPoP thumbprint - "+p.cnf.jkt+" != "+h);if(p.client_id!=t)throw new Error("Access Token validation failed on `client_id`: JWT payload != client_id - "+p.client_id+" != "+t);return await e.setItem("refresh_token",s.refresh_token),e.close(),{...s,dpop_key_pair:r}},$t=async(e,t,i,r)=>{const o=await dt(r.publicKey);o.alg="ES256";const s=await new St({htu:i,htm:"POST"}).setIssuedAt().setJti(window.crypto.randomUUID()).setProtectedHeader({alg:"ES256",typ:"dpop+jwt",jwk:o}).sign(r.privateKey);return fetch(i,{method:"POST",headers:{dpop:s,"Content-Type":"application/x-www-form-urlencoded"},body:new URLSearchParams({grant_type:"refresh_token",refresh_token:e,client_id:t})})};class jt{sessionInformation;isActive_=!1;webId_=void 0;currentAth_=void 0;tokenRefreshTimeout;sessionDeactivateTimeout;onSessionExpirationWarning;constructor(e,t){this.sessionInformation={clientDetails:e},this.onSessionExpirationWarning=t?.onSessionExpirationWarning}async login(e,t){await(async(e,t,i)=>{const r=new URL(t),o=r.origin+r.pathname+r.search,s=new URL(e).origin,a=await fetch(`${s}/.well-known/openid-configuration`).then((e=>{if(!e.ok)throw new Error(`HTTP error! Status: ${e.status}`);return e.json()})),n=a.issuer,l=e=>e.endsWith("/")?e.slice(0,-1):e;if(l(e)!==l(n))throw new Error("RFC 9207 - iss != idp - "+n+" != "+e);sessionStorage.setItem("idp",n),sessionStorage.setItem("token_endpoint",a.token_endpoint),sessionStorage.setItem("jwks_uri",a.jwks_uri);let d=i?.client_id;if(!d){const e=a.registration_endpoint,t=await(async(e,t)=>{const i={...t,grant_types:["authorization_code","refresh_token"],id_token_signed_response_alg:"ES256",token_endpoint_auth_method:"none",application_type:"web",subject_type:"public"};return fetch(e,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(i)})})(e,i??{redirect_uris:[o]}).then((e=>{if(!e.ok)throw new Error(`HTTP error! Status: ${e.status}`);return e.json()}));d=t.client_id,sessionStorage.setItem("client_id",d)}const{pkce_code_verifier:p,pkce_code_challenge:h}=await Ut();sessionStorage.setItem("pkce_code_verifier",p);const c=window.crypto.randomUUID();sessionStorage.setItem("csrf_token",c);const u=a.authorization_endpoint+"?response_type=code"+`&redirect_uri=${encodeURIComponent(o)}&scope=openid offline_access webid`+`&client_id=${encodeURIComponent(d)}&code_challenge_method=S256`+`&code_challenge=${h}`+`&state=${c}&prompt=consent`;window.location.href=u})(e,t,this.sessionInformation.clientDetails)}async logout(){if(this.sessionDeactivateTimeout&&clearTimeout(this.sessionDeactivateTimeout),this.sessionDeactivateTimeout=void 0,this.tokenRefreshTimeout&&clearTimeout(this.tokenRefreshTimeout),this.tokenRefreshTimeout=void 0,this.sessionInformation.idpDetails=void 0,this.sessionInformation.tokenDetails=void 0,this.isActive_=!1,this.webId_=void 0,this.sessionInformation.clientDetails?.client_id)try{new URL(this.sessionInformation.clientDetails.client_id)}catch(e){this.sessionInformation.clientDetails.client_id=void 0}const e=await(new Nt).init();await e.clear(),e.close()}async handleRedirectFromLogin(){const e=await(async e=>{const t=new URL(window.location.href),i=t.searchParams.get("code");if(null===i)return{clientDetails:e};const r=sessionStorage.getItem("idp");if(null===r||t.searchParams.get("iss")!=r)throw new Error("RFC 9207 - iss != idp - "+t.searchParams.get("iss")+" != "+r);if(t.searchParams.get("state")!=sessionStorage.getItem("csrf_token"))throw new Error("RFC 6749 - state != csrf_token - "+t.searchParams.get("state")+" != "+sessionStorage.getItem("csrf_token"));t.searchParams.delete("iss"),t.searchParams.delete("state"),t.searchParams.delete("code"),window.history.pushState({},document.title,t.toString());const o=sessionStorage.getItem("pkce_code_verifier");if(null===o)throw new Error("Access Token Request preparation - Could not find in sessionStorage: pkce_code_verifier");const s=e?.client_id||sessionStorage.getItem("client_id");if(!s)throw new Error("Access Token Request preparation - Could not find in sessionStorage: client_id (dynamic registration)");const a=sessionStorage.getItem("token_endpoint");if(null===a)throw new Error("Access Token Request preparation - Could not find in sessionStorage: token_endpoint");const n=await async function(e,t){return async function(e,t){let i,r;switch(e){case"PS256":case"PS384":case"PS512":i={name:"RSA-PSS",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Rt(t)},r=["sign","verify"];break;case"RS256":case"RS384":case"RS512":i={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Rt(t)},r=["sign","verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":i={name:"RSA-OAEP",hash:`SHA-${parseInt(e.slice(-3),10)||1}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Rt(t)},r=["decrypt","unwrapKey","encrypt","wrapKey"];break;case"ES256":i={name:"ECDSA",namedCurve:"P-256"},r=["sign","verify"];break;case"ES384":i={name:"ECDSA",namedCurve:"P-384"},r=["sign","verify"];break;case"ES512":i={name:"ECDSA",namedCurve:"P-521"},r=["sign","verify"];break;case"Ed25519":i={name:"Ed25519"},r=["sign","verify"];break;case"EdDSA":{r=["sign","verify"];const e="Ed25519";switch(e){case"Ed25519":case"Ed448":i={name:e};break;default:throw new Fe("Invalid or unsupported crv option provided")}break}case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":{r=["deriveKey","deriveBits"];const e="P-256";switch(e){case"P-256":case"P-384":case"P-521":i={name:"ECDH",namedCurve:e};break;case"X25519":case"X448":i={name:e};break;default:throw new Fe("Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448")}break}default:throw new Fe('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}return ve.subtle.generateKey(i,!1,r)}(e,t)}("ES256"),l=await(async(e,t,i,r,o,s)=>{const a=await dt(s.publicKey);a.alg="ES256";const n=await new St({htu:o,htm:"POST"}).setIssuedAt().setJti(window.crypto.randomUUID()).setProtectedHeader({alg:"ES256",typ:"dpop+jwt",jwk:a}).sign(s.privateKey);return fetch(o,{method:"POST",headers:{dpop:n,"Content-Type":"application/x-www-form-urlencoded"},body:new URLSearchParams({grant_type:"authorization_code",code:e,code_verifier:t,redirect_uri:i,client_id:r})})})(i,o,t.toString(),s,a,n).then((e=>{if(!e.ok)throw new Error(`HTTP error! Status: ${e.status}`);return e.json()})),d=l.access_token,p=sessionStorage.getItem("jwks_uri");if(null===p)throw new Error("Access Token validation preparation - Could not find in sessionStorage: jwks_uri");const h=_t(new URL(p)),{payload:c}=await gt(d,h,{issuer:r,audience:"solid"}),u=await It(await dt(n.publicKey));if(c.cnf.jkt!=u)throw new Error("Access Token validation failed on `jkt`: jkt != DPoP thumbprint - "+c.cnf.jkt+" != "+u);if(c.client_id!=s)throw new Error("Access Token validation failed on `client_id`: JWT payload != client_id - "+c.client_id+" != "+s);const f={...l,dpop_key_pair:n},m={idp:r,jwks_uri:p,token_endpoint:a};e||(e={redirect_uris:[window.location.href]}),e.client_id=s;const b=await(new Nt).init();return await Promise.all([b.setItem("idp",r),b.setItem("jwks_uri",p),b.setItem("token_endpoint",a),b.setItem("client_id",s),b.setItem("dpop_keypair",n),b.setItem("refresh_token",l.refresh_token)]),b.close(),sessionStorage.removeItem("csrf_token"),sessionStorage.removeItem("pkce_code_verifier"),sessionStorage.removeItem("idp"),sessionStorage.removeItem("jwks_uri"),sessionStorage.removeItem("token_endpoint"),sessionStorage.removeItem("client_id"),{clientDetails:e,idpDetails:m,tokenDetails:f}})(this.sessionInformation.clientDetails);e.tokenDetails&&(this.sessionInformation=e,await this.setSessionDetails())}async restore(){await Ot().then((e=>(this.sessionInformation.tokenDetails=e,this.setSessionDetails()))).catch((()=>{}))}async createSignedDPoPToken(e){if(!this.sessionInformation.tokenDetails||!this.currentAth_)throw new Error("Session not established.");e.ath=this.currentAth_;const t=await dt(this.sessionInformation.tokenDetails.dpop_key_pair.publicKey);return new St(e).setIssuedAt().setJti(window.crypto.randomUUID()).setProtectedHeader({alg:"ES256",typ:"dpop+jwt",jwk:t}).sign(this.sessionInformation.tokenDetails.dpop_key_pair.privateKey)}async authFetch(e,t,i){let r,o,s;if(e instanceof Request?(r=new URL(e.url),o=t?.method||e?.method||"GET",s=new Headers(e.headers)):(t=t||{},r=new URL(e.toString()),o=t.method||"GET",s=t.headers?new Headers(t.headers):new Headers),this.sessionInformation.tokenDetails){i=i??{htu:`${r.origin}${r.pathname}`,htm:o.toUpperCase()};const e=await this.createSignedDPoPToken(i);s.set("dpop",e),s.set("authorization",`DPoP ${this.sessionInformation.tokenDetails.access_token}`)}return e instanceof Request?fetch(new Request(e,{...t,headers:s})):fetch(r,{...t,headers:s})}get isActive(){return this.isActive_}get webId(){return this.webId_}async setSessionDetails(){this.sessionInformation.tokenDetails?.access_token||this.logout(),this.currentAth_=await this.computeAth(this.sessionInformation.tokenDetails.access_token),this.webId_=function(e){if("string"!=typeof e)throw new Ae("JWTs must use Compact JWS serialization, JWT must be a string");const{1:t,length:i}=e.split(".");if(5===i)throw new Ae("Only JWTs using Compact JWS serialization can be decoded");if(3!==i)throw new Ae("Invalid JWT");if(!t)throw new Ae("JWTs must contain a payload");let r,o;try{r=Mt(t)}catch{throw new Ae("Failed to base64url decode the payload")}try{o=JSON.parse(ke.decode(r))}catch{throw new Ae("Failed to parse the decoded payload as JSON")}if(!qe(o))throw new Ae("Invalid JWT Claims Set");return o}(this.sessionInformation.tokenDetails.access_token).webid,this.isActive_=void 0!==this.webId,this.setSessionDeactivateTimeout(),this.setTokenRefreshTimeout()}setSessionDeactivateTimeout(){const e=1e3*(this.sessionInformation.tokenDetails.expires_in-5);this.sessionDeactivateTimeout&&clearTimeout(this.sessionDeactivateTimeout),this.sessionDeactivateTimeout=setTimeout((()=>this.logout()),e)}setTokenRefreshTimeout(){const e=1e3*(this.sessionInformation.tokenDetails.expires_in-95);this.tokenRefreshTimeout&&clearTimeout(this.tokenRefreshTimeout),this.tokenRefreshTimeout=setTimeout((async()=>{const e=await Ot().catch((()=>{this.onSessionExpirationWarning&&this.onSessionExpirationWarning()}));e&&(this.sessionInformation.tokenDetails=e,this.setSessionDetails())}),e)}async computeAth(e){const t=(new TextEncoder).encode(e),i=await crypto.subtle.digest("SHA-256",t),r=Array.from(new Uint8Array(i));return btoa(String.fromCharCode(...r)).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}}class Wt{get authenticatedFetch(){return this._authenticatedFetch}constructor(){this.onSessionRestoreCallback=()=>{},this.sessionInfo$=new B.BehaviorSubject({isLoggedIn:!1,webId:void 0}),this.session=new jt,this._authenticatedFetch=this.session.authFetch.bind(this.session)}async handleIncomingRedirect(e=!1){await this.session.handleRedirectFromLogin(),e&&(await this.session.restore(),this.session.isActive&&this.onSessionRestoreCallback(window.location.href)),this.sessionInfo$.next({isLoggedIn:this.session.isActive,webId:this.session.webId})}async login(e){return this.session.login(e,window.location.href)}async logout(){await this.session.logout(),this.sessionInfo$.next({isLoggedIn:!1,webId:void 0})}observeSession(){return this.sessionInfo$}onSessionRestore(e){this.onSessionRestoreCallback=e}}var Lt=n`
|
|
2
2
|
:host {
|
|
3
3
|
--height: 1rem;
|
|
4
4
|
--track-color: var(--sl-color-neutral-200);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
import{r as o,c as r,h as s}from"./p-spEUIGXI.js";import{R as c}from"./p-
|
|
1
|
+
import{r as o,c as r,h as s}from"./p-spEUIGXI.js";import{R as c}from"./p-sVi8GCz5.js";import{s as l}from"./p-BW_CkW1K.js";const a=class{constructor(s){o(this,s),this.subscribeResource=r(this,"pod-os:resource",7),this.data=[],this.receiveResource=o=>{const r=o.assume(c);this.data=r.subjects()}}componentWillLoad(){l(this)}render(){const o=this.data.map((o=>s("li",null,s("pos-rich-link",{uri:o.uri}))));return this.data.length>0?s("ul",null,o):null}};a.style=":host{--background-base-color:color-mix(in srgb, var(--pos-background-color), var(--color-grey-800) 10%);--background-color-even:hsl(from var(--background-base-color) h s calc(l + 7));--background-color-odd:hsl(from var(--background-base-color) h s calc(l + 10));--border-color:var(--background-base-color)}ul{display:flex;flex-direction:column;gap:var(--size-2);margin:0;padding:0;li{border:var(--size-px) solid var(--border-color);padding:var(--size-4);list-style-type:none;&:nth-child(even){background-color:var(--background-color-even)}&:nth-child(odd){background-color:var(--background-color-odd)}}}";export{a as pos_subjects}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
import{r as s,c as o,h as t,H as e}from"./p-spEUIGXI.js";import{l}from"./p-
|
|
1
|
+
import{r as s,c as o,h as t,H as e}from"./p-spEUIGXI.js";import{l}from"./p-sVi8GCz5.js";import{s as i}from"./p-jlzl8vRd.js";import{s as r}from"./p-BW_CkW1K.js";import"./p-Bz2zblgU.js";import"./p-DPNKR_cm.js";import"./p-DpbuT47x.js";const a=class{constructor(t){s(this,t),this.subscribePodOs=o(this,"pod-os:init",7),this.subscribeResource=o(this,"pod-os:resource",7),this.addedLiteralValue=o(this,"pod-os:added-literal-value",7),this.error=o(this,"pod-os:error",7),this.receiveResource=s=>{this.resource=s},this.receivePodOs=async s=>{this.os=s}}setName(){}componentWillLoad(){r(this),i(this)}async save(){try{await this.os.addPropertyValue(this.resource,this.selectedTermUri,this.currentValue);const s={predicate:this.selectedTermUri,label:l(this.selectedTermUri),values:[this.currentValue]};this.addedLiteralValue.emit(s),this.currentValue=""}catch(s){this.error.emit(s)}}onTermSelected(s){this.selectedTermUri=s.detail.uri,this.valueInput.focus()}render(){var s;if(null===(s=this.resource)||void 0===s?void 0:s.editable)return t(e,null,t("sl-icon",{name:"plus-circle"}),t("pos-select-term",{placeholder:"Add literal","onPod-os:term-selected":s=>this.onTermSelected(s)}),t("input",{ref:s=>this.valueInput=s,value:this.currentValue,placeholder:"",onInput:s=>this.currentValue=s.target.value,onChange:()=>this.save()}))}static get watchers(){return{os:[{setName:0}]}}};a.style=":host{display:flex;align-items:center;gap:0.2rem}input{padding:var(--size-2);background-color:transparent;color:var(--pos-normal-text-color);border:none}input:focus{outline:2px solid var(--pos-primary-color);background-color:var(--pos-input-background-color);transition:outline 0.1s, background-color 0.1s}";const n=class{constructor(t){s(this,t),this.subscribeResource=o(this,"pod-os:resource",7),this.data=[],this.receiveResource=s=>{this.data=s.literals()}}componentWillLoad(){r(this)}literalValueAdded(s){const o=this.data.find((o=>o.predicate===s.predicate));this.data=o?this.data.map((t=>t.predicate===o.predicate?{predicate:o.predicate,label:o.label,values:[...o.values,...s.values]}:t)):[...this.data,s]}render(){return t(e,{key:"79a29288f727943c57b62ffc4f3090ecf236f693"},this.data.length>0?t("dl",null,this.data.map((s=>t("div",{class:"predicate-values"},t("dt",null,t("pos-predicate",{uri:s.predicate,label:s.label})),t("div",{class:"values"},s.values.map((s=>t("dd",null,s)))))))):null,t("pos-add-literal-value",{key:"68d1936aca1dff7ff11493266aaf8e3c4d6d67e6","onPod-os:added-literal-value":s=>this.literalValueAdded(s.detail)}))}};n.style=":host{--background-base-color:color-mix(in srgb, var(--pos-background-color), var(--color-grey-800) 10%);--background-color-even:hsl(from var(--background-base-color) h s calc(l + 7));--background-color-odd:hsl(from var(--background-base-color) h s calc(l + 10));--border-color:var(--background-base-color)}dd{padding:0;margin:0}dl{padding:0;margin:0;display:flex;flex-direction:column;gap:var(--size-1)}dt{margin-bottom:var(--size-1)}.predicate-values:nth-child(odd){background-color:var(--background-color-odd)}.predicate-values:nth-child(even){background-color:var(--background-color-even)}.predicate-values{display:flex;flex-direction:column;border:var(--size-px) solid var(--border-color);padding:var(--size-2);gap:var(--size-1);.values{display:flex;flex-direction:column;gap:var(--size-2)}}";const c=class{constructor(t){s(this,t),this.subscribeResource=o(this,"pod-os:resource",7),this.data=[],this.typeLabels=[],this.isExpanded=!1,this.receiveResource=s=>{this.data=s.types(),this.typeLabels=[...new Set(s.types().map((s=>s.label)))]}}componentWillLoad(){r(this)}toggleDetails(){this.isExpanded=!this.isExpanded}render(){return 0==this.data.length?null:this.isExpanded?t("div",{class:"types expanded"},t("sl-tooltip",{content:"Collapse types"},t("button",{class:"toggle",onClick:()=>this.toggleDetails()},t("sl-icon",{name:"arrows-collapse"}))),t("ul",null,this.data.map((s=>t("li",null,s.uri))))):t(e,null,t("div",{class:"types"},t("ul",null,this.typeLabels.map((s=>t("li",null,s)))),t("sl-tooltip",{content:"Expand types"},t("button",{class:"toggle",onClick:()=>this.toggleDetails()},t("sl-icon",{name:"arrows-expand"})))))}};c.style=".types{display:flex;gap:var(--size-1)}.expanded{flex-direction:column;justify-content:flex-start;align-items:flex-start;ul{flex-direction:column}}button.toggle{display:flex;cursor:pointer;justify-content:center;align-items:center;aspect-ratio:1 / 1}ul{margin:0;padding:0;display:flex;flex-direction:row;font-size:var(--size-3);gap:var(--size-2);li{cursor:default;display:inline-flex;align-items:center;padding:var(--size-1);border-radius:var(--radius-sm);background-color:var(--pos-subtle-text-color);color:var(--pos-background-color);list-style:none}}";export{a as pos_add_literal_value,n as pos_literals,c as pos_type_badges}
|