npm - @versini/auth-provider - Versions diffs - 4.1.0 → 4.3.0 - Mend

@versini/auth-provider 4.1.0 → 4.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.js CHANGED Viewed

@@ -1,55 +1,81 @@
-import { jsx as pe } from "react/jsx-runtime";
-import * as I from "react";
-import { createContext as fe, useState as ye, useCallback as me, useEffect as we, useContext as Se } from "react";
+import { jsx as Ue } from "react/jsx-runtime";
+import * as D from "react";
+import { createContext as Ne, useState as He, useCallback as Le, useEffect as $e, useContext as Ke } from "react";
 /*!
-  @versini/auth-provider v4.1.0
+  @versini/auth-provider v4.3.0
   © 2024 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
-    version: "4.1.0",
-    buildTime: "06/26/2024 12:59 PM EDT",
+    version: "4.3.0",
+    buildTime: "06/28/2024 11:03 AM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
 } catch {
 }
 /*!
-  @versini/auth-common v2.6.0
+  @versini/auth-common v2.9.0
   © 2024 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_COMMON__ || (window.__VERSINI_AUTH_COMMON__ = {
-    version: "2.6.0",
-    buildTime: "06/26/2024 12:59 PM EDT",
+    version: "2.9.0",
+    buildTime: "06/28/2024 11:03 AM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
 } catch {
 }
-const x = crypto, Z = (e) => e instanceof CryptoKey, v = new TextEncoder(), C = new TextDecoder();
-function Ee(...e) {
+const M = {
+  ID_TOKEN: "id_token",
+  ACCESS_TOKEN: "token",
+  ID_AND_ACCESS_TOKEN: "id_token token",
+  CODE: "code",
+  REFRESH_TOKEN: "refresh_token"
+}, Je = {
+  CLIENT_ID: "X-Auth-ClientId"
+}, f = {
+  ALG: "RS256",
+  USER_ID_KEY: "sub",
+  TOKEN_ID_KEY: "__raw",
+  NONCE_KEY: "_nonce",
+  ISSUER: "gizmette.com"
+}, We = `-----BEGIN PUBLIC KEY-----
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6i3Jd9fY/3COqCw/m7
+w5PKyTYLGAI2I6SIIdpe6i6DOCbEkmDz7LdVsBqwNtVi8gvWYIj+8ol6rU3qu1v5
+i1Jd45GSK4kzkVdgCmQZbM5ak0KI99q5wsrAIzUd+LRJ2HRvWtr5IYdsIiXaQjle
+aMwPFOIcJH+rKfFgNcHLcaS5syp7zU1ANwZ+trgR+DifBr8TLVkBynmNeTyhDm2+
+l0haqjMk0UoNPPE8iYBWUHQJJE1Dqstj65d6Eh5g64Pao25y4cmYJbKjiblIGEkE
+sjqybA9mARAqh9k/eiIopecWSiffNQTwVQVd2I9ZH3BalhEXHlqFgrjz51kFqg81
+awIDAQAB
+-----END PUBLIC KEY-----`, V = {
+  AUTHENTICATE: "authenticate",
+  CODE: "code",
+  LOGOUT: "logout"
+}, te = crypto, Ee = (e) => e instanceof CryptoKey, L = new TextEncoder(), Y = new TextDecoder();
+function xe(...e) {
   const t = e.reduce((a, { length: s }) => a + s, 0), o = new Uint8Array(t);
   let r = 0;
   for (const a of e)
     o.set(a, r), r += a.length;
   return o;
 }
-const ge = (e) => {
+const je = (e) => {
   const t = atob(e), o = new Uint8Array(t.length);
   for (let r = 0; r < t.length; r++)
     o[r] = t.charCodeAt(r);
   return o;
-}, N = (e) => {
+}, B = (e) => {
   let t = e;
-  t instanceof Uint8Array && (t = C.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
+  t instanceof Uint8Array && (t = Y.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
   try {
-    return ge(t);
+    return je(t);
   } catch {
     throw new TypeError("The input to be decoded is not correctly encoded.");
   }
 };
-let b = class extends Error {
+class C extends Error {
   static get code() {
     return "ERR_JOSE_GENERIC";
   }
@@ -57,8 +83,8 @@ let b = class extends Error {
     var o;
     super(t), this.code = "ERR_JOSE_GENERIC", this.name = this.constructor.name, (o = Error.captureStackTrace) == null || o.call(Error, this, this.constructor);
   }
-};
-class S extends b {
+}
+class g extends C {
   static get code() {
     return "ERR_JWT_CLAIM_VALIDATION_FAILED";
   }
@@ -66,7 +92,7 @@ class S extends b {
     super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = r, this.reason = a, this.payload = o;
   }
 }
-class V extends b {
+class ae extends C {
   static get code() {
     return "ERR_JWT_EXPIRED";
   }
@@ -74,7 +100,7 @@ class V extends b {
     super(t), this.code = "ERR_JWT_EXPIRED", this.claim = r, this.reason = a, this.payload = o;
   }
 }
-class Ae extends b {
+class Me extends C {
   constructor() {
     super(...arguments), this.code = "ERR_JOSE_ALG_NOT_ALLOWED";
   }
@@ -82,7 +108,7 @@ class Ae extends b {
     return "ERR_JOSE_ALG_NOT_ALLOWED";
   }
 }
-class P extends b {
+class F extends C {
   constructor() {
     super(...arguments), this.code = "ERR_JOSE_NOT_SUPPORTED";
   }
@@ -90,7 +116,7 @@ class P extends b {
     return "ERR_JOSE_NOT_SUPPORTED";
   }
 }
-let d = class extends b {
+let h = class extends C {
   constructor() {
     super(...arguments), this.code = "ERR_JWS_INVALID";
   }
@@ -98,7 +124,7 @@ let d = class extends b {
     return "ERR_JWS_INVALID";
   }
 };
-class ee extends b {
+class Se extends C {
   constructor() {
     super(...arguments), this.code = "ERR_JWT_INVALID";
   }
@@ -106,7 +132,7 @@ class ee extends b {
     return "ERR_JWT_INVALID";
   }
 }
-class _e extends b {
+class Ve extends C {
   constructor() {
     super(...arguments), this.code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED", this.message = "signature verification failed";
   }
@@ -114,16 +140,16 @@ class _e extends b {
     return "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
   }
 }
-function E(e, t = "algorithm.name") {
+function _(e, t = "algorithm.name") {
   return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`);
 }
-function R(e, t) {
+function $(e, t) {
   return e.name === t;
 }
-function D(e) {
+function q(e) {
   return parseInt(e.name.slice(4), 10);
 }
-function be(e) {
+function Ye(e) {
   switch (e) {
     case "ES256":
       return "P-256";
@@ -135,7 +161,7 @@ function be(e) {
       throw new Error("unreachable");
   }
 }
-function Ie(e, t) {
+function Fe(e, t) {
   if (t.length && !t.some((o) => e.usages.includes(o))) {
     let o = "CryptoKey does not support this operation, its usages must include ";
     if (t.length > 2) {
@@ -146,59 +172,59 @@ function Ie(e, t) {
     throw new TypeError(o);
   }
 }
-function Te(e, t, ...o) {
+function Ge(e, t, ...o) {
   switch (t) {
     case "HS256":
     case "HS384":
     case "HS512": {
-      if (!R(e.algorithm, "HMAC"))
-        throw E("HMAC");
+      if (!$(e.algorithm, "HMAC"))
+        throw _("HMAC");
       const r = parseInt(t.slice(2), 10);
-      if (D(e.algorithm.hash) !== r)
-        throw E(`SHA-${r}`, "algorithm.hash");
+      if (q(e.algorithm.hash) !== r)
+        throw _(`SHA-${r}`, "algorithm.hash");
       break;
     }
     case "RS256":
     case "RS384":
     case "RS512": {
-      if (!R(e.algorithm, "RSASSA-PKCS1-v1_5"))
-        throw E("RSASSA-PKCS1-v1_5");
+      if (!$(e.algorithm, "RSASSA-PKCS1-v1_5"))
+        throw _("RSASSA-PKCS1-v1_5");
       const r = parseInt(t.slice(2), 10);
-      if (D(e.algorithm.hash) !== r)
-        throw E(`SHA-${r}`, "algorithm.hash");
+      if (q(e.algorithm.hash) !== r)
+        throw _(`SHA-${r}`, "algorithm.hash");
       break;
     }
     case "PS256":
     case "PS384":
     case "PS512": {
-      if (!R(e.algorithm, "RSA-PSS"))
-        throw E("RSA-PSS");
+      if (!$(e.algorithm, "RSA-PSS"))
+        throw _("RSA-PSS");
       const r = parseInt(t.slice(2), 10);
-      if (D(e.algorithm.hash) !== r)
-        throw E(`SHA-${r}`, "algorithm.hash");
+      if (q(e.algorithm.hash) !== r)
+        throw _(`SHA-${r}`, "algorithm.hash");
       break;
     }
     case "EdDSA": {
       if (e.algorithm.name !== "Ed25519" && e.algorithm.name !== "Ed448")
-        throw E("Ed25519 or Ed448");
+        throw _("Ed25519 or Ed448");
       break;
     }
     case "ES256":
     case "ES384":
     case "ES512": {
-      if (!R(e.algorithm, "ECDSA"))
-        throw E("ECDSA");
-      const r = be(t);
+      if (!$(e.algorithm, "ECDSA"))
+        throw _("ECDSA");
+      const r = Ye(t);
       if (e.algorithm.namedCurve !== r)
-        throw E(r, "algorithm.namedCurve");
+        throw _(r, "algorithm.namedCurve");
       break;
     }
     default:
       throw new TypeError("CryptoKey does not support this operation");
   }
-  Ie(e, o);
+  Fe(e, o);
 }
-function te(e, t, ...o) {
+function ge(e, t, ...o) {
   var r;
   if (o.length > 2) {
     const a = o.pop();
@@ -207,11 +233,11 @@ function te(e, t, ...o) {
     o.length === 2 ? e += `one of type ${o[0]} or ${o[1]}.` : e += `of type ${o[0]}.`;
   return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (r = t.constructor) != null && r.name && (e += ` Received an instance of ${t.constructor.name}`), e;
 }
-const Y = (e, ...t) => te("Key must be ", e, ...t);
-function re(e, t, ...o) {
-  return te(`Key for the ${e} algorithm must be `, t, ...o);
+const ne = (e, ...t) => ge("Key must be ", e, ...t);
+function Ae(e, t, ...o) {
+  return ge(`Key for the ${e} algorithm must be `, t, ...o);
 }
-const oe = (e) => Z(e), A = ["CryptoKey"], ve = (...e) => {
+const _e = (e) => Ee(e), I = ["CryptoKey"], Be = (...e) => {
   const t = e.filter(Boolean);
   if (t.length === 0 || t.length === 1)
     return !0;
@@ -230,11 +256,11 @@ const oe = (e) => Z(e), A = ["CryptoKey"], ve = (...e) => {
   }
   return !0;
 };
-function Re(e) {
+function qe(e) {
   return typeof e == "object" && e !== null;
 }
-function W(e) {
-  if (!Re(e) || Object.prototype.toString.call(e) !== "[object Object]")
+function ee(e) {
+  if (!qe(e) || Object.prototype.toString.call(e) !== "[object Object]")
     return !1;
   if (Object.getPrototypeOf(e) === null)
     return !0;
@@ -243,39 +269,39 @@ function W(e) {
     t = Object.getPrototypeOf(t);
   return Object.getPrototypeOf(e) === t;
 }
-const ke = (e, t) => {
+const ze = (e, t) => {
   if (e.startsWith("RS") || e.startsWith("PS")) {
     const { modulusLength: o } = t.algorithm;
     if (typeof o != "number" || o < 2048)
       throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`);
   }
-}, g = (e, t, o = 0) => {
+}, b = (e, t, o = 0) => {
   o === 0 && (t.unshift(t.length), t.unshift(6));
   const r = e.indexOf(t[0], o);
   if (r === -1)
     return !1;
   const a = e.subarray(r, r + t.length);
-  return a.length !== t.length ? !1 : a.every((s, n) => s === t[n]) || g(e, t, r + 1);
-}, G = (e) => {
+  return a.length !== t.length ? !1 : a.every((s, n) => s === t[n]) || b(e, t, r + 1);
+}, se = (e) => {
   switch (!0) {
-    case g(e, [42, 134, 72, 206, 61, 3, 1, 7]):
+    case b(e, [42, 134, 72, 206, 61, 3, 1, 7]):
       return "P-256";
-    case g(e, [43, 129, 4, 0, 34]):
+    case b(e, [43, 129, 4, 0, 34]):
       return "P-384";
-    case g(e, [43, 129, 4, 0, 35]):
+    case b(e, [43, 129, 4, 0, 35]):
       return "P-521";
-    case g(e, [43, 101, 110]):
+    case b(e, [43, 101, 110]):
       return "X25519";
-    case g(e, [43, 101, 111]):
+    case b(e, [43, 101, 111]):
       return "X448";
-    case g(e, [43, 101, 112]):
+    case b(e, [43, 101, 112]):
       return "Ed25519";
-    case g(e, [43, 101, 113]):
+    case b(e, [43, 101, 113]):
       return "Ed448";
     default:
-      throw new P("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
+      throw new F("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
   }
-}, Ce = async (e, t, o, r, a) => {
+}, Xe = async (e, t, o, r, a) => {
   let s, n;
   const i = new Uint8Array(atob(o.replace(e, "")).split("").map((c) => c.charCodeAt(0)));
   switch (r) {
@@ -311,43 +337,43 @@ const ke = (e, t) => {
     case "ECDH-ES+A128KW":
     case "ECDH-ES+A192KW":
     case "ECDH-ES+A256KW": {
-      const c = G(i);
+      const c = se(i);
       s = c.startsWith("P-") ? { name: "ECDH", namedCurve: c } : { name: c }, n = [];
       break;
     }
     case "EdDSA":
-      s = { name: G(i) }, n = ["verify"];
+      s = { name: se(i) }, n = ["verify"];
       break;
     default:
-      throw new P('Invalid or unsupported "alg" (Algorithm) value');
+      throw new F('Invalid or unsupported "alg" (Algorithm) value');
   }
-  return x.subtle.importKey(t, i, s, !1, n);
-}, Pe = (e, t, o) => Ce(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
-async function Oe(e, t, o) {
+  return te.subtle.importKey(t, i, s, !1, n);
+}, Qe = (e, t, o) => Xe(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
+async function Ze(e, t, o) {
   if (e.indexOf("-----BEGIN PUBLIC KEY-----") !== 0)
     throw new TypeError('"spki" must be SPKI formatted string');
-  return Pe(e, t);
+  return Qe(e, t);
 }
-const Ne = (e, t) => {
+const et = (e, t) => {
   if (!(t instanceof Uint8Array)) {
-    if (!oe(t))
-      throw new TypeError(re(e, t, ...A, "Uint8Array"));
+    if (!_e(t))
+      throw new TypeError(Ae(e, t, ...I, "Uint8Array"));
     if (t.type !== "secret")
-      throw new TypeError(`${A.join(" or ")} instances for symmetric algorithms must be of type "secret"`);
+      throw new TypeError(`${I.join(" or ")} instances for symmetric algorithms must be of type "secret"`);
   }
-}, De = (e, t, o) => {
-  if (!oe(t))
-    throw new TypeError(re(e, t, ...A));
+}, tt = (e, t, o) => {
+  if (!_e(t))
+    throw new TypeError(Ae(e, t, ...I));
   if (t.type === "secret")
-    throw new TypeError(`${A.join(" or ")} instances for asymmetric algorithms must not be of type "secret"`);
+    throw new TypeError(`${I.join(" or ")} instances for asymmetric algorithms must not be of type "secret"`);
   if (t.algorithm && o === "verify" && t.type === "private")
-    throw new TypeError(`${A.join(" or ")} instances for asymmetric algorithm verifying must be of type "public"`);
+    throw new TypeError(`${I.join(" or ")} instances for asymmetric algorithm verifying must be of type "public"`);
   if (t.algorithm && o === "encrypt" && t.type === "private")
-    throw new TypeError(`${A.join(" or ")} instances for asymmetric algorithm encryption must be of type "public"`);
-}, Ue = (e, t, o) => {
-  e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? Ne(e, t) : De(e, t, o);
+    throw new TypeError(`${I.join(" or ")} instances for asymmetric algorithm encryption must be of type "public"`);
+}, rt = (e, t, o) => {
+  e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? et(e, t) : tt(e, t, o);
 };
-function He(e, t, o, r, a) {
+function ot(e, t, o, r, a) {
   if (a.crit !== void 0 && (r == null ? void 0 : r.crit) === void 0)
     throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');
   if (!r || r.crit === void 0)
@@ -358,7 +384,7 @@ function He(e, t, o, r, a) {
   o !== void 0 ? s = new Map([...Object.entries(o), ...t.entries()]) : s = t;
   for (const n of r.crit) {
     if (!s.has(n))
-      throw new P(`Extension Header Parameter "${n}" is not recognized`);
+      throw new F(`Extension Header Parameter "${n}" is not recognized`);
     if (a[n] === void 0)
       throw new e(`Extension Header Parameter "${n}" is missing`);
     if (s.get(n) && r[n] === void 0)
@@ -366,13 +392,13 @@ function He(e, t, o, r, a) {
   }
   return new Set(r.crit);
 }
-const Le = (e, t) => {
+const at = (e, t) => {
   if (t !== void 0 && (!Array.isArray(t) || t.some((o) => typeof o != "string")))
     throw new TypeError(`"${e}" option must be an array of strings`);
   if (t)
     return new Set(t);
 };
-function $e(e, t) {
+function nt(e, t) {
   const o = `SHA-${e.slice(-3)}`;
   switch (e) {
     case "HS256":
@@ -394,104 +420,104 @@ function $e(e, t) {
     case "EdDSA":
       return { name: t.name };
     default:
-      throw new P(`alg ${e} is not supported either by JOSE or your javascript runtime`);
+      throw new F(`alg ${e} is not supported either by JOSE or your javascript runtime`);
   }
 }
-function Je(e, t, o) {
-  if (Z(t))
-    return Te(t, e, o), t;
+function st(e, t, o) {
+  if (Ee(t))
+    return Ge(t, e, o), t;
   if (t instanceof Uint8Array) {
     if (!e.startsWith("HS"))
-      throw new TypeError(Y(t, ...A));
-    return x.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [o]);
+      throw new TypeError(ne(t, ...I));
+    return te.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [o]);
   }
-  throw new TypeError(Y(t, ...A, "Uint8Array"));
+  throw new TypeError(ne(t, ...I, "Uint8Array"));
 }
-const Ke = async (e, t, o, r) => {
-  const a = await Je(e, t, "verify");
-  ke(e, a);
-  const s = $e(e, a.algorithm);
+const ct = async (e, t, o, r) => {
+  const a = await st(e, t, "verify");
+  ze(e, a);
+  const s = nt(e, a.algorithm);
   try {
-    return await x.subtle.verify(s, a, o, r);
+    return await te.subtle.verify(s, a, o, r);
   } catch {
     return !1;
   }
 };
-async function We(e, t, o) {
-  if (!W(e))
-    throw new d("Flattened JWS must be an object");
+async function it(e, t, o) {
+  if (!ee(e))
+    throw new h("Flattened JWS must be an object");
   if (e.protected === void 0 && e.header === void 0)
-    throw new d('Flattened JWS must have either of the "protected" or "header" members');
+    throw new h('Flattened JWS must have either of the "protected" or "header" members');
   if (e.protected !== void 0 && typeof e.protected != "string")
-    throw new d("JWS Protected Header incorrect type");
+    throw new h("JWS Protected Header incorrect type");
   if (e.payload === void 0)
-    throw new d("JWS Payload missing");
+    throw new h("JWS Payload missing");
   if (typeof e.signature != "string")
-    throw new d("JWS Signature missing or incorrect type");
-  if (e.header !== void 0 && !W(e.header))
-    throw new d("JWS Unprotected Header incorrect type");
+    throw new h("JWS Signature missing or incorrect type");
+  if (e.header !== void 0 && !ee(e.header))
+    throw new h("JWS Unprotected Header incorrect type");
   let r = {};
   if (e.protected)
     try {
-      const w = N(e.protected);
-      r = JSON.parse(C.decode(w));
+      const m = B(e.protected);
+      r = JSON.parse(Y.decode(m));
     } catch {
-      throw new d("JWS Protected Header is invalid");
+      throw new h("JWS Protected Header is invalid");
     }
-  if (!ve(r, e.header))
-    throw new d("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
+  if (!Be(r, e.header))
+    throw new h("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
   const a = {
     ...r,
     ...e.header
-  }, s = He(d, /* @__PURE__ */ new Map([["b64", !0]]), o == null ? void 0 : o.crit, r, a);
+  }, s = ot(h, /* @__PURE__ */ new Map([["b64", !0]]), o == null ? void 0 : o.crit, r, a);
   let n = !0;
   if (s.has("b64") && (n = r.b64, typeof n != "boolean"))
-    throw new d('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
+    throw new h('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
   const { alg: i } = a;
   if (typeof i != "string" || !i)
-    throw new d('JWS "alg" (Algorithm) Header Parameter missing or invalid');
-  const c = o && Le("algorithms", o.algorithms);
+    throw new h('JWS "alg" (Algorithm) Header Parameter missing or invalid');
+  const c = o && at("algorithms", o.algorithms);
   if (c && !c.has(i))
-    throw new Ae('"alg" (Algorithm) Header Parameter value not allowed');
+    throw new Me('"alg" (Algorithm) Header Parameter value not allowed');
   if (n) {
     if (typeof e.payload != "string")
-      throw new d("JWS Payload must be a string");
+      throw new h("JWS Payload must be a string");
   } else if (typeof e.payload != "string" && !(e.payload instanceof Uint8Array))
-    throw new d("JWS Payload must be a string or an Uint8Array instance");
-  let p = !1;
-  typeof t == "function" && (t = await t(r, e), p = !0), Ue(i, t, "verify");
-  const y = Ee(v.encode(e.protected ?? ""), v.encode("."), typeof e.payload == "string" ? v.encode(e.payload) : e.payload);
-  let l;
+    throw new h("JWS Payload must be a string or an Uint8Array instance");
+  let u = !1;
+  typeof t == "function" && (t = await t(r, e), u = !0), rt(i, t, "verify");
+  const y = xe(L.encode(e.protected ?? ""), L.encode("."), typeof e.payload == "string" ? L.encode(e.payload) : e.payload);
+  let p;
   try {
-    l = N(e.signature);
+    p = B(e.signature);
   } catch {
-    throw new d("Failed to base64url decode the signature");
+    throw new h("Failed to base64url decode the signature");
   }
-  if (!await Ke(i, t, l, y))
-    throw new _e();
-  let m;
+  if (!await ct(i, t, p, y))
+    throw new Ve();
+  let T;
   if (n)
     try {
-      m = N(e.payload);
+      T = B(e.payload);
     } catch {
-      throw new d("Failed to base64url decode the payload");
+      throw new h("Failed to base64url decode the payload");
     }
   else
-    typeof e.payload == "string" ? m = v.encode(e.payload) : m = e.payload;
-  const h = { payload: m };
-  return e.protected !== void 0 && (h.protectedHeader = r), e.header !== void 0 && (h.unprotectedHeader = e.header), p ? { ...h, key: t } : h;
+    typeof e.payload == "string" ? T = L.encode(e.payload) : T = e.payload;
+  const E = { payload: T };
+  return e.protected !== void 0 && (E.protectedHeader = r), e.header !== void 0 && (E.unprotectedHeader = e.header), u ? { ...E, key: t } : E;
 }
-async function xe(e, t, o) {
-  if (e instanceof Uint8Array && (e = C.decode(e)), typeof e != "string")
-    throw new d("Compact JWS must be a string or Uint8Array");
+async function ut(e, t, o) {
+  if (e instanceof Uint8Array && (e = Y.decode(e)), typeof e != "string")
+    throw new h("Compact JWS must be a string or Uint8Array");
   const { 0: r, 1: a, 2: s, length: n } = e.split(".");
   if (n !== 3)
-    throw new d("Invalid Compact JWS");
-  const i = await We({ payload: a, protected: r, signature: s }, t, o), c = { payload: i.payload, protectedHeader: i.protectedHeader };
+    throw new h("Invalid Compact JWS");
+  const i = await it({ payload: a, protected: r, signature: s }, t, o), c = { payload: i.payload, protectedHeader: i.protectedHeader };
   return typeof t == "function" ? { ...c, key: i.key } : c;
 }
-const je = (e) => Math.floor(e.getTime() / 1e3), ae = 60, ne = ae * 60, j = ne * 24, Me = j * 7, Ve = j * 365.25, Ye = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, B = (e) => {
-  const t = Ye.exec(e);
+const dt = (e) => Math.floor(e.getTime() / 1e3), Te = 60, be = Te * 60, re = be * 24, lt = re * 7, ht = re * 365.25, pt = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, ce = (e) => {
+  const t = pt.exec(e);
   if (!t || t[4] && t[1])
     throw new TypeError("Invalid time period format");
   const o = parseFloat(t[2]), r = t[3].toLowerCase();
@@ -509,237 +535,260 @@ const je = (e) => Math.floor(e.getTime() / 1e3), ae = 60, ne = ae * 60, j = ne *
     case "min":
     case "mins":
     case "m":
-      a = Math.round(o * ae);
+      a = Math.round(o * Te);
       break;
     case "hour":
     case "hours":
     case "hr":
     case "hrs":
     case "h":
-      a = Math.round(o * ne);
+      a = Math.round(o * be);
       break;
     case "day":
     case "days":
     case "d":
-      a = Math.round(o * j);
+      a = Math.round(o * re);
       break;
     case "week":
     case "weeks":
     case "w":
-      a = Math.round(o * Me);
+      a = Math.round(o * lt);
       break;
     default:
-      a = Math.round(o * Ve);
+      a = Math.round(o * ht);
       break;
   }
   return t[1] === "-" || t[4] === "ago" ? -a : a;
-}, F = (e) => e.toLowerCase().replace(/^application\//, ""), Ge = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, Be = (e, t, o = {}) => {
+}, ie = (e) => e.toLowerCase().replace(/^application\//, ""), ft = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, yt = (e, t, o = {}) => {
   let r;
   try {
-    r = JSON.parse(C.decode(t));
+    r = JSON.parse(Y.decode(t));
   } catch {
   }
-  if (!W(r))
-    throw new ee("JWT Claims Set must be a top-level JSON object");
+  if (!ee(r))
+    throw new Se("JWT Claims Set must be a top-level JSON object");
   const { typ: a } = o;
-  if (a && (typeof e.typ != "string" || F(e.typ) !== F(a)))
-    throw new S('unexpected "typ" JWT header value', r, "typ", "check_failed");
-  const { requiredClaims: s = [], issuer: n, subject: i, audience: c, maxTokenAge: p } = o, y = [...s];
-  p !== void 0 && y.push("iat"), c !== void 0 && y.push("aud"), i !== void 0 && y.push("sub"), n !== void 0 && y.push("iss");
-  for (const w of new Set(y.reverse()))
-    if (!(w in r))
-      throw new S(`missing required "${w}" claim`, r, w, "missing");
+  if (a && (typeof e.typ != "string" || ie(e.typ) !== ie(a)))
+    throw new g('unexpected "typ" JWT header value', r, "typ", "check_failed");
+  const { requiredClaims: s = [], issuer: n, subject: i, audience: c, maxTokenAge: u } = o, y = [...s];
+  u !== void 0 && y.push("iat"), c !== void 0 && y.push("aud"), i !== void 0 && y.push("sub"), n !== void 0 && y.push("iss");
+  for (const m of new Set(y.reverse()))
+    if (!(m in r))
+      throw new g(`missing required "${m}" claim`, r, m, "missing");
   if (n && !(Array.isArray(n) ? n : [n]).includes(r.iss))
-    throw new S('unexpected "iss" claim value', r, "iss", "check_failed");
+    throw new g('unexpected "iss" claim value', r, "iss", "check_failed");
   if (i && r.sub !== i)
-    throw new S('unexpected "sub" claim value', r, "sub", "check_failed");
-  if (c && !Ge(r.aud, typeof c == "string" ? [c] : c))
-    throw new S('unexpected "aud" claim value', r, "aud", "check_failed");
-  let l;
+    throw new g('unexpected "sub" claim value', r, "sub", "check_failed");
+  if (c && !ft(r.aud, typeof c == "string" ? [c] : c))
+    throw new g('unexpected "aud" claim value', r, "aud", "check_failed");
+  let p;
   switch (typeof o.clockTolerance) {
     case "string":
-      l = B(o.clockTolerance);
+      p = ce(o.clockTolerance);
       break;
     case "number":
-      l = o.clockTolerance;
+      p = o.clockTolerance;
       break;
     case "undefined":
-      l = 0;
+      p = 0;
       break;
     default:
       throw new TypeError("Invalid clockTolerance option type");
   }
-  const { currentDate: m } = o, h = je(m || /* @__PURE__ */ new Date());
-  if ((r.iat !== void 0 || p) && typeof r.iat != "number")
-    throw new S('"iat" claim must be a number', r, "iat", "invalid");
+  const { currentDate: T } = o, E = dt(T || /* @__PURE__ */ new Date());
+  if ((r.iat !== void 0 || u) && typeof r.iat != "number")
+    throw new g('"iat" claim must be a number', r, "iat", "invalid");
   if (r.nbf !== void 0) {
     if (typeof r.nbf != "number")
-      throw new S('"nbf" claim must be a number', r, "nbf", "invalid");
-    if (r.nbf > h + l)
-      throw new S('"nbf" claim timestamp check failed', r, "nbf", "check_failed");
+      throw new g('"nbf" claim must be a number', r, "nbf", "invalid");
+    if (r.nbf > E + p)
+      throw new g('"nbf" claim timestamp check failed', r, "nbf", "check_failed");
   }
   if (r.exp !== void 0) {
     if (typeof r.exp != "number")
-      throw new S('"exp" claim must be a number', r, "exp", "invalid");
-    if (r.exp <= h - l)
-      throw new V('"exp" claim timestamp check failed', r, "exp", "check_failed");
+      throw new g('"exp" claim must be a number', r, "exp", "invalid");
+    if (r.exp <= E - p)
+      throw new ae('"exp" claim timestamp check failed', r, "exp", "check_failed");
   }
-  if (p) {
-    const w = h - r.iat, O = typeof p == "number" ? p : B(p);
-    if (w - l > O)
-      throw new V('"iat" claim timestamp check failed (too far in the past)', r, "iat", "check_failed");
-    if (w < 0 - l)
-      throw new S('"iat" claim timestamp check failed (it should be in the past)', r, "iat", "check_failed");
+  if (u) {
+    const m = E - r.iat, v = typeof u == "number" ? u : ce(u);
+    if (m - p > v)
+      throw new ae('"iat" claim timestamp check failed (too far in the past)', r, "iat", "check_failed");
+    if (m < 0 - p)
+      throw new g('"iat" claim timestamp check failed (it should be in the past)', r, "iat", "check_failed");
   }
   return r;
 };
-async function Fe(e, t, o) {
+async function mt(e, t, o) {
   var r;
-  const a = await xe(e, t, o);
+  const a = await ut(e, t, o);
   if ((r = a.protectedHeader.crit) != null && r.includes("b64") && a.protectedHeader.b64 === !1)
-    throw new ee("JWTs MUST NOT use unencoded payload");
-  const s = { payload: Be(a.protectedHeader, a.payload, o), protectedHeader: a.protectedHeader };
+    throw new Se("JWTs MUST NOT use unencoded payload");
+  const s = { payload: yt(a.protectedHeader, a.payload, o), protectedHeader: a.protectedHeader };
   return typeof t == "function" ? { ...s, key: a.key } : s;
 }
-const qe = {
-  ID_TOKEN: "id_token",
-  ACCESS_TOKEN: "token",
-  ID_AND_ACCESS_TOKEN: "id_token token"
-}, ze = {
-  CLIENT_ID: "X-Auth-ClientId"
-}, _ = {
-  ALG: "RS256",
-  USER_ID_KEY: "_id",
-  TOKEN_ID_KEY: "__raw",
-  NONCE_KEY: "_nonce",
-  ISSUER: "gizmette.com"
-}, Xe = `-----BEGIN PUBLIC KEY-----
-MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6i3Jd9fY/3COqCw/m7
-w5PKyTYLGAI2I6SIIdpe6i6DOCbEkmDz7LdVsBqwNtVi8gvWYIj+8ol6rU3qu1v5
-i1Jd45GSK4kzkVdgCmQZbM5ak0KI99q5wsrAIzUd+LRJ2HRvWtr5IYdsIiXaQjle
-aMwPFOIcJH+rKfFgNcHLcaS5syp7zU1ANwZ+trgR+DifBr8TLVkBynmNeTyhDm2+
-l0haqjMk0UoNPPE8iYBWUHQJJE1Dqstj65d6Eh5g64Pao25y4cmYJbKjiblIGEkE
-sjqybA9mARAqh9k/eiIopecWSiffNQTwVQVd2I9ZH3BalhEXHlqFgrjz51kFqg81
-awIDAQAB
------END PUBLIC KEY-----`, se = async (e, t) => {
+const N = async (e) => {
   try {
-    const o = _.ALG, r = await Oe(Xe, o);
-    return await Fe(e, r, {
-      issuer: _.ISSUER,
-      audience: t
+    const t = f.ALG, o = await Ze(We, t);
+    return await mt(e, o, {
+      issuer: f.ISSUER
     });
   } catch {
     return;
   }
 };
-function ie(e, t) {
+var d = [];
+for (var z = 0; z < 256; ++z)
+  d.push((z + 256).toString(16).slice(1));
+function wt(e, t = 0) {
+  return (d[e[t + 0]] + d[e[t + 1]] + d[e[t + 2]] + d[e[t + 3]] + "-" + d[e[t + 4]] + d[e[t + 5]] + "-" + d[e[t + 6]] + d[e[t + 7]] + "-" + d[e[t + 8]] + d[e[t + 9]] + "-" + d[e[t + 10]] + d[e[t + 11]] + d[e[t + 12]] + d[e[t + 13]] + d[e[t + 14]] + d[e[t + 15]]).toLowerCase();
+}
+var K, Et = new Uint8Array(16);
+function St() {
+  if (!K && (K = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !K))
+    throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
+  return K(Et);
+}
+var gt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
+const ue = {
+  randomUUID: gt
+};
+function de(e, t, o) {
+  if (ue.randomUUID && !t && !e)
+    return ue.randomUUID();
+  e = e || {};
+  var r = e.random || (e.rng || St)();
+  return r[6] = r[6] & 15 | 64, r[8] = r[8] & 63 | 128, wt(r);
+}
+const le = globalThis.crypto, At = (e) => `${de()}${de()}`.slice(0, e), _t = (e) => btoa(
+  [...new Uint8Array(e)].map((t) => String.fromCharCode(t)).join("")
+);
+async function Tt(e) {
+  if (!le.subtle)
+    throw new Error(
+      "crypto.subtle is available only in secure contexts (HTTPS)."
+    );
+  const t = new TextEncoder().encode(e), o = await le.subtle.digest("SHA-256", t);
+  return _t(o).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+}
+async function bt(e) {
+  const o = At(43), r = await Tt(o);
+  return {
+    code_verifier: o,
+    code_challenge: r
+  };
+}
+function Ie(e, t) {
   window.dispatchEvent(new StorageEvent("storage", { key: e, newValue: t }));
 }
-const q = (e, t) => {
+const he = (e, t) => {
   const o = JSON.stringify(
     typeof t == "function" ? t() : t
   );
-  window.localStorage.setItem(e, o), ie(e, o);
-}, Qe = (e) => {
-  window.localStorage.removeItem(e), ie(e, null);
-}, z = (e) => window.localStorage.getItem(e), Ze = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
-function U({
+  window.localStorage.setItem(e, o), Ie(e, o);
+}, It = (e) => {
+  window.localStorage.removeItem(e), Ie(e, null);
+}, pe = (e) => window.localStorage.getItem(e), vt = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
+function J({
   key: e,
   initialValue: t
 }) {
-  const o = () => z(e), r = I.useSyncExternalStore(
-    Ze,
+  const o = () => pe(e), r = D.useSyncExternalStore(
+    vt,
     o
-  ), a = I.useCallback(
+  ), a = D.useCallback(
     (i) => {
       try {
         const c = typeof i == "function" ? i(JSON.parse(r)) : i;
-        c == null ? Qe(e) : q(e, c);
+        c == null ? It(e) : he(e, c);
       } catch (c) {
         console.warn(c);
       }
     },
     [e, r]
-  ), s = I.useCallback(() => {
+  ), s = D.useCallback(() => {
     a(t);
-  }, [t, a]), n = I.useCallback(() => {
+  }, [t, a]), n = D.useCallback(() => {
     a(null);
   }, [a]);
-  return I.useEffect(() => {
+  return D.useEffect(() => {
     try {
-      z(e) === null && typeof t < "u" && q(e, t);
+      pe(e) === null && typeof t < "u" && he(e, t);
     } catch (i) {
       console.warn(i);
     }
   }, [e, t]), [r ? JSON.parse(r) : null, a, s, n];
 }
-var u = [];
-for (var H = 0; H < 256; ++H)
-  u.push((H + 256).toString(16).slice(1));
-function et(e, t = 0) {
-  return (u[e[t + 0]] + u[e[t + 1]] + u[e[t + 2]] + u[e[t + 3]] + "-" + u[e[t + 4]] + u[e[t + 5]] + "-" + u[e[t + 6]] + u[e[t + 7]] + "-" + u[e[t + 8]] + u[e[t + 9]] + "-" + u[e[t + 10]] + u[e[t + 11]] + u[e[t + 12]] + u[e[t + 13]] + u[e[t + 14]] + u[e[t + 15]]).toLowerCase();
+var l = [];
+for (var X = 0; X < 256; ++X)
+  l.push((X + 256).toString(16).slice(1));
+function Rt(e, t = 0) {
+  return (l[e[t + 0]] + l[e[t + 1]] + l[e[t + 2]] + l[e[t + 3]] + "-" + l[e[t + 4]] + l[e[t + 5]] + "-" + l[e[t + 6]] + l[e[t + 7]] + "-" + l[e[t + 8]] + l[e[t + 9]] + "-" + l[e[t + 10]] + l[e[t + 11]] + l[e[t + 12]] + l[e[t + 13]] + l[e[t + 14]] + l[e[t + 15]]).toLowerCase();
 }
-var k, tt = new Uint8Array(16);
-function rt() {
-  if (!k && (k = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !k))
+var W, kt = new Uint8Array(16);
+function Ct() {
+  if (!W && (W = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !W))
     throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
-  return k(tt);
+  return W(kt);
 }
-var ot = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
-const X = {
-  randomUUID: ot
+var Ot = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
+const fe = {
+  randomUUID: Ot
 };
-function at(e, t, o) {
-  if (X.randomUUID && !t && !e)
-    return X.randomUUID();
+function Pt(e, t, o) {
+  if (fe.randomUUID && !t && !e)
+    return fe.randomUUID();
   e = e || {};
-  var r = e.random || (e.rng || rt)();
-  return r[6] = r[6] & 15 | 64, r[8] = r[8] & 63 | 128, et(r);
+  var r = e.random || (e.rng || Ct)();
+  return r[6] = r[6] & 15 | 64, r[8] = r[8] & 63 | 128, Rt(r);
 }
-const L = "Oops! It looks like your session has expired. For your security, please log in again to continue.", nt = "Your session has been successfully terminated.", st = "Login failed. Please try again.", it = "You forgot to wrap your component in <AuthProvider>.", Q = {
+const Q = "Oops! It looks like your session has expired. For your security, please log in again to continue.", Dt = "Your session has been successfully terminated.", ye = "Login failed. Please try again.", U = "Error getting access token, please re-authenticate.", Ut = "You forgot to wrap your component in <AuthProvider>.", me = {
   dev: "https://auth.gizmette.local.com:3003",
   prod: "https://mylogin.gizmette.com"
-}, $ = "@@auth@@", ct = process.env.NODE_ENV === "production", ut = !ct, ce = {
-  AUTHENTICATE: "authenticate",
-  LOGOUT: "logout"
-}, ue = async ({ type: e, params: t = {} }) => {
+}, x = "@@auth@@", Nt = process.env.NODE_ENV === "production", Ht = !Nt, G = async ({
+  type: e,
+  clientId: t,
+  params: o = {}
+}) => {
   try {
-    const o = await fetch(
-      ut ? `${Q.dev}/${e}` : `${Q.prod}/${e}`,
+    const r = await fetch(
+      Ht ? `${me.dev}/${e}` : `${me.prod}/${e}`,
       {
         credentials: "include",
         method: "POST",
         headers: {
           "Content-Type": "application/json",
-          [ze.CLIENT_ID]: `${t.clientId}`
+          [Je.CLIENT_ID]: `${t}`
         },
-        body: JSON.stringify(t)
+        body: JSON.stringify(o)
       }
     );
-    if (o.status !== 200)
-      return { status: o.status, data: [] };
-    const { data: r, errors: a } = await o.json();
+    if (r.status !== 200)
+      return { status: r.status, data: [] };
+    const { data: a, errors: s } = await r.json();
     return {
-      status: o.status,
-      data: r,
-      errors: a
+      status: r.status,
+      data: a,
+      errors: s
     };
-  } catch (o) {
-    return console.error(o), { status: 500, data: [] };
+  } catch (r) {
+    return console.error(r), { status: 500, data: [] };
   }
-}, J = async ({
+}, Z = async ({
   idToken: e,
   accessToken: t,
-  clientId: o
+  refreshToken: o,
+  clientId: r
 }) => {
   try {
     return {
-      status: (await ue({
-        type: ce.LOGOUT,
+      status: (await G({
+        type: V.LOGOUT,
+        clientId: r,
         params: {
           idToken: e,
           accessToken: t,
-          clientId: o
+          refreshToken: o
         }
       })).status === 200
     };
@@ -748,29 +797,93 @@ const L = "Oops! It looks like your session has expired. For your security, plea
       status: !1
     };
   }
-}, dt = async ({
+}, we = async ({
   username: e,
   password: t,
   clientId: o,
   nonce: r,
-  sessionExpiration: a
+  type: a,
+  sessionExpiration: s,
+  code: n,
+  code_verifier: i
 }) => {
   try {
-    const s = await ue({
-      type: ce.AUTHENTICATE,
+    const c = await G({
+      type: V.AUTHENTICATE,
+      clientId: o,
       params: {
-        type: qe.ID_AND_ACCESS_TOKEN,
+        type: a || M.ID_AND_ACCESS_TOKEN,
         username: e,
         password: t,
-        sessionExpiration: a,
-        clientId: o,
-        nonce: r
+        sessionExpiration: s,
+        nonce: r,
+        code: n,
+        code_verifier: i
       }
-    }), n = await se(s.data.idToken, o);
-    return n && n.payload[_.USER_ID_KEY] !== "" && n.payload[_.NONCE_KEY] === r ? {
-      idToken: s.data.idToken,
+    }), u = await N(c.data.idToken);
+    return u && u.payload[f.USER_ID_KEY] !== "" && u.payload[f.NONCE_KEY] === r ? {
+      idToken: c.data.idToken,
+      accessToken: c.data.accessToken,
+      refreshToken: c.data.refreshToken,
+      userId: u.payload[f.USER_ID_KEY],
+      status: !0
+    } : {
+      status: !1
+    };
+  } catch {
+    return {
+      status: !1
+    };
+  }
+}, Lt = async ({
+  nonce: e,
+  clientId: t,
+  code_challenge: o
+}) => {
+  try {
+    const r = await G({
+      type: V.CODE,
+      clientId: t,
+      params: {
+        type: M.CODE,
+        nonce: e,
+        code_challenge: o
+      }
+    });
+    return r.data.code ? {
+      status: !0,
+      code: r.data.code
+    } : {
+      status: !1
+    };
+  } catch {
+    return {
+      status: !1
+    };
+  }
+}, $t = async ({
+  clientId: e,
+  userId: t,
+  nonce: o,
+  refreshToken: r,
+  accessToken: a
+}) => {
+  try {
+    const s = await G({
+      type: V.AUTHENTICATE,
+      clientId: e,
+      params: {
+        type: M.REFRESH_TOKEN,
+        userId: t,
+        nonce: o,
+        refreshToken: r,
+        accessToken: a
+      }
+    }), n = await N(s.data.accessToken);
+    return n && n.payload[f.USER_ID_KEY] !== "" && n.payload[f.NONCE_KEY] === o ? {
       accessToken: s.data.accessToken,
-      userId: n.payload[_.USER_ID_KEY],
+      refreshToken: s.data.refreshToken,
+      userId: n.payload[f.USER_ID_KEY],
       status: !0
     } : {
       status: !1
@@ -780,112 +893,166 @@ const L = "Oops! It looks like your session has expired. For your security, plea
       status: !1
     };
   }
-}, K = () => {
-  throw new Error(it);
-}, de = fe({
+}, j = () => {
+  throw new Error(Ut);
+}, ve = Ne({
   isAuthenticated: !1,
   isLoading: !1,
-  login: K,
-  logout: K,
-  getAccessToken: K,
-  logoutReason: "",
-  idTokenClaims: null
-}), yt = ({
+  login: j,
+  logout: j,
+  getAccessToken: j,
+  getIdToken: j,
+  logoutReason: ""
+}), xt = ({
   children: e,
   sessionExpiration: t,
   clientId: o
 }) => {
-  const [r, a, , s] = U({
-    key: `${$}::${o}::@@user@@`
-  }), [n, i, , c] = U({
-    key: `${$}::${o}::@@access@@`
-  }), [, p, , y] = U({
-    key: `${$}::${o}::@@nonce@@`
-  }), [l, m] = ye({
+  const [r, a, , s] = J({
+    key: `${x}::${o}::@@user@@`
+  }), [n, i, , c] = J({
+    key: `${x}::${o}::@@access@@`
+  }), [u, y, , p] = J(
+    {
+      key: `${x}::${o}::@@refresh@@`
+    }
+  ), [T, E, , m] = J({
+    key: `${x}::${o}::@@nonce@@`
+  }), [v, H] = He({
     isLoading: !0,
     isAuthenticated: !1,
-    logoutReason: "",
     userId: "",
-    idTokenClaims: null
-  }), h = me(
-    (f) => {
-      m({
+    logoutReason: ""
+  }), A = Le(
+    (w) => {
+      H({
         isLoading: !1,
         isAuthenticated: !1,
-        logoutReason: f || L,
         userId: "",
-        idTokenClaims: null
-      }), s(), c(), y();
+        logoutReason: w || Q
+      }), s(), c(), p(), m();
     },
-    [s, c, y]
+    [s, c, m, p]
   );
-  we(() => {
-    l.isLoading && r !== null && (async () => {
+  $e(() => {
+    v.isLoading && r !== null && (async () => {
       try {
-        const f = await se(r, o);
-        f && f.payload[_.USER_ID_KEY] !== "" ? m({
+        const w = await N(r);
+        w && w.payload[f.USER_ID_KEY] !== "" ? H({
           isLoading: !1,
           isAuthenticated: !0,
-          logoutReason: "",
-          userId: f.payload[_.USER_ID_KEY],
-          idTokenClaims: {
-            ...f == null ? void 0 : f.payload,
-            [_.TOKEN_ID_KEY]: r
-          }
-        }) : (h(L), await J({
+          userId: w.payload[f.USER_ID_KEY],
+          logoutReason: ""
+        }) : (A(Q), await Z({
           idToken: r,
           accessToken: n,
+          refreshToken: u,
           clientId: o
         }));
       } catch {
-        h(L), await J({
+        A(Q), await Z({
           idToken: r,
           accessToken: n,
+          refreshToken: u,
           clientId: o
         });
       }
     })();
   }, [
-    l.isLoading,
+    v.isLoading,
     n,
     r,
+    u,
     o,
-    h
+    A
   ]);
-  const w = async (f, he) => {
-    const M = at();
-    p(M);
-    const T = await dt({
-      username: f,
-      password: he,
+  const Re = async (w, O, R) => {
+    const k = Pt();
+    if (E(k), R === M.CODE) {
+      const { code_verifier: Pe, code_challenge: De } = await bt(), oe = await Lt({
+        nonce: k,
+        clientId: o,
+        code_challenge: De
+      });
+      if (oe.status) {
+        const P = await we({
+          username: w,
+          password: O,
+          clientId: o,
+          sessionExpiration: t,
+          nonce: k,
+          type: R,
+          code: oe.code,
+          code_verifier: Pe
+        });
+        return P.status ? (a(P.idToken), i(P.accessToken), y(P.refreshToken), H({
+          isLoading: !1,
+          isAuthenticated: !0,
+          userId: P.userId,
+          logoutReason: ""
+        }), !0) : (A(ye), !1);
+      }
+      return !1;
+    }
+    const S = await we({
+      username: w,
+      password: O,
       clientId: o,
       sessionExpiration: t,
-      nonce: M
+      nonce: k,
+      type: R
     });
-    return T.status ? (a(T.idToken), i(T.accessToken), m({
+    return S.status ? (a(S.idToken), i(S.accessToken), y(S.refreshToken), H({
       isLoading: !1,
       isAuthenticated: !0,
-      userId: T.userId
-    }), !0) : (h(st), !1);
-  }, O = async () => {
-    h(nt), await J({
+      userId: S.userId
+    }), !0) : (A(ye), !1);
+  }, ke = async () => {
+    A(Dt), await Z({
       idToken: r,
       accessToken: n,
+      refreshToken: u,
       clientId: o
     });
-  }, le = () => {
-    if (l.isAuthenticated && n)
-      return n;
+  }, Ce = async () => {
+    const { isAuthenticated: w, userId: O } = v;
+    try {
+      if (w && O && n) {
+        const R = await N(n);
+        if (R && R.payload[f.USER_ID_KEY] !== "")
+          return n;
+        const k = await N(u);
+        if (k && k.payload[f.USER_ID_KEY] !== "") {
+          const S = await $t({
+            clientId: o,
+            userId: O,
+            nonce: T,
+            refreshToken: u,
+            accessToken: n
+          });
+          if (S.status)
+            return i(S.accessToken), y(S.refreshToken), S.accessToken;
+          A(U);
+        }
+        return A(U), console.error(U), "";
+      }
+    } catch {
+      return A(U), console.error(U), "";
+    }
+  }, Oe = () => {
+    if (v.isAuthenticated && r)
+      return r;
   };
-  return /* @__PURE__ */ pe(
-    de.Provider,
+  return /* @__PURE__ */ Ue(
+    ve.Provider,
     {
-      value: { ...l, login: w, logout: O, getAccessToken: le },
+      value: { ...v, login: Re, logout: ke, getAccessToken: Ce, getIdToken: Oe },
       children: e
     }
   );
-}, mt = (e = de) => Se(e);
+}, jt = (e = ve) => Ke(e);
 export {
-  yt as AuthProvider,
-  mt as useAuth
+  M as AUTH_TYPES,
+  xt as AuthProvider,
+  jt as useAuth
 };