@versini/auth-provider 4.2.0 → 4.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/index.d.ts +8 -2
  2. package/dist/index.js +635 -479
  3. package/package.json +4 -4
package/dist/index.js CHANGED
@@ -1,46 +1,47 @@
1
- import { jsx as Pe } from "react/jsx-runtime";
2
- import * as C from "react";
3
- import { createContext as De, useState as Ue, useCallback as Ne, useEffect as He, useContext as Le } from "react";
1
+ import { jsx as We } from "react/jsx-runtime";
2
+ import * as D from "react";
3
+ import { createContext as Je, useState as xe, useCallback as je, useEffect as Me, useContext as Ve } from "react";
4
4
  /*!
5
- @versini/auth-provider v4.2.0
5
+ @versini/auth-provider v4.4.0
6
6
  © 2024 gizmette.com
7
7
  */
8
8
  try {
9
9
  window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
10
- version: "4.2.0",
11
- buildTime: "06/27/2024 06:57 PM EDT",
10
+ version: "4.4.0",
11
+ buildTime: "06/29/2024 12:23 PM EDT",
12
12
  homepage: "https://github.com/aversini/auth-client",
13
13
  license: "MIT"
14
14
  });
15
15
  } catch {
16
16
  }
17
17
  /*!
18
- @versini/auth-common v2.8.0
18
+ @versini/auth-common v2.10.0
19
19
  © 2024 gizmette.com
20
20
  */
21
21
  try {
22
22
  window.__VERSINI_AUTH_COMMON__ || (window.__VERSINI_AUTH_COMMON__ = {
23
- version: "2.8.0",
24
- buildTime: "06/27/2024 06:57 PM EDT",
23
+ version: "2.10.0",
24
+ buildTime: "06/29/2024 12:23 PM EDT",
25
25
  homepage: "https://github.com/aversini/auth-client",
26
26
  license: "MIT"
27
27
  });
28
28
  } catch {
29
29
  }
30
- const F = {
30
+ const B = {
31
31
  ID_TOKEN: "id_token",
32
32
  ACCESS_TOKEN: "token",
33
33
  ID_AND_ACCESS_TOKEN: "id_token token",
34
- CODE: "code"
35
- }, $e = {
34
+ CODE: "code",
35
+ REFRESH_TOKEN: "refresh_token"
36
+ }, Ye = {
36
37
  CLIENT_ID: "X-Auth-ClientId"
37
- }, _ = {
38
+ }, y = {
38
39
  ALG: "RS256",
39
40
  USER_ID_KEY: "sub",
40
41
  TOKEN_ID_KEY: "__raw",
41
42
  NONCE_KEY: "_nonce",
42
43
  ISSUER: "gizmette.com"
43
- }, Je = `-----BEGIN PUBLIC KEY-----
44
+ }, Be = `-----BEGIN PUBLIC KEY-----
44
45
  MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6i3Jd9fY/3COqCw/m7
45
46
  w5PKyTYLGAI2I6SIIdpe6i6DOCbEkmDz7LdVsBqwNtVi8gvWYIj+8ol6rU3qu1v5
46
47
  i1Jd45GSK4kzkVdgCmQZbM5ak0KI99q5wsrAIzUd+LRJ2HRvWtr5IYdsIiXaQjle
@@ -48,58 +49,58 @@ aMwPFOIcJH+rKfFgNcHLcaS5syp7zU1ANwZ+trgR+DifBr8TLVkBynmNeTyhDm2+
48
49
  l0haqjMk0UoNPPE8iYBWUHQJJE1Dqstj65d6Eh5g64Pao25y4cmYJbKjiblIGEkE
49
50
  sjqybA9mARAqh9k/eiIopecWSiffNQTwVQVd2I9ZH3BalhEXHlqFgrjz51kFqg81
50
51
  awIDAQAB
51
- -----END PUBLIC KEY-----`, q = {
52
+ -----END PUBLIC KEY-----`, F = {
52
53
  AUTHENTICATE: "authenticate",
53
54
  CODE: "code",
54
55
  LOGOUT: "logout"
55
- }, z = crypto, ye = (e) => e instanceof CryptoKey, P = new TextEncoder(), J = new TextDecoder();
56
- function Ke(...e) {
57
- const t = e.reduce((n, { length: s }) => n + s, 0), o = new Uint8Array(t);
58
- let r = 0;
56
+ }, G = crypto, Ae = (e) => e instanceof CryptoKey, K = new TextEncoder(), q = new TextDecoder();
57
+ function Fe(...e) {
58
+ const t = e.reduce((n, { length: s }) => n + s, 0), r = new Uint8Array(t);
59
+ let a = 0;
59
60
  for (const n of e)
60
- o.set(n, r), r += n.length;
61
- return o;
62
- }
63
- const We = (e) => {
64
- const t = atob(e), o = new Uint8Array(t.length);
65
- for (let r = 0; r < t.length; r++)
66
- o[r] = t.charCodeAt(r);
67
- return o;
68
- }, x = (e) => {
61
+ r.set(n, a), a += n.length;
62
+ return r;
63
+ }
64
+ const Ge = (e) => {
65
+ const t = atob(e), r = new Uint8Array(t.length);
66
+ for (let a = 0; a < t.length; a++)
67
+ r[a] = t.charCodeAt(a);
68
+ return r;
69
+ }, M = (e) => {
69
70
  let t = e;
70
- t instanceof Uint8Array && (t = J.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
71
+ t instanceof Uint8Array && (t = q.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
71
72
  try {
72
- return We(t);
73
+ return Ge(t);
73
74
  } catch {
74
75
  throw new TypeError("The input to be decoded is not correctly encoded.");
75
76
  }
76
77
  };
77
- class T extends Error {
78
+ class C extends Error {
78
79
  static get code() {
79
80
  return "ERR_JOSE_GENERIC";
80
81
  }
81
82
  constructor(t) {
82
- var o;
83
- super(t), this.code = "ERR_JOSE_GENERIC", this.name = this.constructor.name, (o = Error.captureStackTrace) == null || o.call(Error, this, this.constructor);
83
+ var r;
84
+ super(t), this.code = "ERR_JOSE_GENERIC", this.name = this.constructor.name, (r = Error.captureStackTrace) == null || r.call(Error, this, this.constructor);
84
85
  }
85
86
  }
86
- class w extends T {
87
+ class g extends C {
87
88
  static get code() {
88
89
  return "ERR_JWT_CLAIM_VALIDATION_FAILED";
89
90
  }
90
- constructor(t, o, r = "unspecified", n = "unspecified") {
91
- super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = r, this.reason = n, this.payload = o;
91
+ constructor(t, r, a = "unspecified", n = "unspecified") {
92
+ super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = a, this.reason = n, this.payload = r;
92
93
  }
93
94
  }
94
- class te extends T {
95
+ class ce extends C {
95
96
  static get code() {
96
97
  return "ERR_JWT_EXPIRED";
97
98
  }
98
- constructor(t, o, r = "unspecified", n = "unspecified") {
99
- super(t), this.code = "ERR_JWT_EXPIRED", this.claim = r, this.reason = n, this.payload = o;
99
+ constructor(t, r, a = "unspecified", n = "unspecified") {
100
+ super(t), this.code = "ERR_JWT_EXPIRED", this.claim = a, this.reason = n, this.payload = r;
100
101
  }
101
102
  }
102
- class xe extends T {
103
+ class qe extends C {
103
104
  constructor() {
104
105
  super(...arguments), this.code = "ERR_JOSE_ALG_NOT_ALLOWED";
105
106
  }
@@ -107,15 +108,14 @@ class xe extends T {
107
108
  return "ERR_JOSE_ALG_NOT_ALLOWED";
108
109
  }
109
110
  }
110
- class K extends T {
111
+ let T = class extends C {
111
112
  constructor() {
112
113
  super(...arguments), this.code = "ERR_JOSE_NOT_SUPPORTED";
113
114
  }
114
115
  static get code() {
115
116
  return "ERR_JOSE_NOT_SUPPORTED";
116
117
  }
117
- }
118
- let h = class extends T {
118
+ }, h = class extends C {
119
119
  constructor() {
120
120
  super(...arguments), this.code = "ERR_JWS_INVALID";
121
121
  }
@@ -123,7 +123,7 @@ let h = class extends T {
123
123
  return "ERR_JWS_INVALID";
124
124
  }
125
125
  };
126
- class me extends T {
126
+ class be extends C {
127
127
  constructor() {
128
128
  super(...arguments), this.code = "ERR_JWT_INVALID";
129
129
  }
@@ -131,7 +131,7 @@ class me extends T {
131
131
  return "ERR_JWT_INVALID";
132
132
  }
133
133
  }
134
- class je extends T {
134
+ class ze extends C {
135
135
  constructor() {
136
136
  super(...arguments), this.code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED", this.message = "signature verification failed";
137
137
  }
@@ -139,16 +139,16 @@ class je extends T {
139
139
  return "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
140
140
  }
141
141
  }
142
- function S(e, t = "algorithm.name") {
142
+ function b(e, t = "algorithm.name") {
143
143
  return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`);
144
144
  }
145
- function D(e, t) {
145
+ function $(e, t) {
146
146
  return e.name === t;
147
147
  }
148
- function j(e) {
148
+ function X(e) {
149
149
  return parseInt(e.name.slice(4), 10);
150
150
  }
151
- function Me(e) {
151
+ function Xe(e) {
152
152
  switch (e) {
153
153
  case "ES256":
154
154
  return "P-256";
@@ -160,106 +160,106 @@ function Me(e) {
160
160
  throw new Error("unreachable");
161
161
  }
162
162
  }
163
- function Ve(e, t) {
164
- if (t.length && !t.some((o) => e.usages.includes(o))) {
165
- let o = "CryptoKey does not support this operation, its usages must include ";
163
+ function Qe(e, t) {
164
+ if (t.length && !t.some((r) => e.usages.includes(r))) {
165
+ let r = "CryptoKey does not support this operation, its usages must include ";
166
166
  if (t.length > 2) {
167
- const r = t.pop();
168
- o += `one of ${t.join(", ")}, or ${r}.`;
167
+ const a = t.pop();
168
+ r += `one of ${t.join(", ")}, or ${a}.`;
169
169
  } else
170
- t.length === 2 ? o += `one of ${t[0]} or ${t[1]}.` : o += `${t[0]}.`;
171
- throw new TypeError(o);
170
+ t.length === 2 ? r += `one of ${t[0]} or ${t[1]}.` : r += `${t[0]}.`;
171
+ throw new TypeError(r);
172
172
  }
173
173
  }
174
- function Ge(e, t, ...o) {
174
+ function Ze(e, t, ...r) {
175
175
  switch (t) {
176
176
  case "HS256":
177
177
  case "HS384":
178
178
  case "HS512": {
179
- if (!D(e.algorithm, "HMAC"))
180
- throw S("HMAC");
181
- const r = parseInt(t.slice(2), 10);
182
- if (j(e.algorithm.hash) !== r)
183
- throw S(`SHA-${r}`, "algorithm.hash");
179
+ if (!$(e.algorithm, "HMAC"))
180
+ throw b("HMAC");
181
+ const a = parseInt(t.slice(2), 10);
182
+ if (X(e.algorithm.hash) !== a)
183
+ throw b(`SHA-${a}`, "algorithm.hash");
184
184
  break;
185
185
  }
186
186
  case "RS256":
187
187
  case "RS384":
188
188
  case "RS512": {
189
- if (!D(e.algorithm, "RSASSA-PKCS1-v1_5"))
190
- throw S("RSASSA-PKCS1-v1_5");
191
- const r = parseInt(t.slice(2), 10);
192
- if (j(e.algorithm.hash) !== r)
193
- throw S(`SHA-${r}`, "algorithm.hash");
189
+ if (!$(e.algorithm, "RSASSA-PKCS1-v1_5"))
190
+ throw b("RSASSA-PKCS1-v1_5");
191
+ const a = parseInt(t.slice(2), 10);
192
+ if (X(e.algorithm.hash) !== a)
193
+ throw b(`SHA-${a}`, "algorithm.hash");
194
194
  break;
195
195
  }
196
196
  case "PS256":
197
197
  case "PS384":
198
198
  case "PS512": {
199
- if (!D(e.algorithm, "RSA-PSS"))
200
- throw S("RSA-PSS");
201
- const r = parseInt(t.slice(2), 10);
202
- if (j(e.algorithm.hash) !== r)
203
- throw S(`SHA-${r}`, "algorithm.hash");
199
+ if (!$(e.algorithm, "RSA-PSS"))
200
+ throw b("RSA-PSS");
201
+ const a = parseInt(t.slice(2), 10);
202
+ if (X(e.algorithm.hash) !== a)
203
+ throw b(`SHA-${a}`, "algorithm.hash");
204
204
  break;
205
205
  }
206
206
  case "EdDSA": {
207
207
  if (e.algorithm.name !== "Ed25519" && e.algorithm.name !== "Ed448")
208
- throw S("Ed25519 or Ed448");
208
+ throw b("Ed25519 or Ed448");
209
209
  break;
210
210
  }
211
211
  case "ES256":
212
212
  case "ES384":
213
213
  case "ES512": {
214
- if (!D(e.algorithm, "ECDSA"))
215
- throw S("ECDSA");
216
- const r = Me(t);
217
- if (e.algorithm.namedCurve !== r)
218
- throw S(r, "algorithm.namedCurve");
214
+ if (!$(e.algorithm, "ECDSA"))
215
+ throw b("ECDSA");
216
+ const a = Xe(t);
217
+ if (e.algorithm.namedCurve !== a)
218
+ throw b(a, "algorithm.namedCurve");
219
219
  break;
220
220
  }
221
221
  default:
222
222
  throw new TypeError("CryptoKey does not support this operation");
223
223
  }
224
- Ve(e, o);
224
+ Qe(e, r);
225
225
  }
226
- function we(e, t, ...o) {
227
- var r;
228
- if (o.length > 2) {
229
- const n = o.pop();
230
- e += `one of type ${o.join(", ")}, or ${n}.`;
226
+ function _e(e, t, ...r) {
227
+ var a;
228
+ if (r.length > 2) {
229
+ const n = r.pop();
230
+ e += `one of type ${r.join(", ")}, or ${n}.`;
231
231
  } else
232
- o.length === 2 ? e += `one of type ${o[0]} or ${o[1]}.` : e += `of type ${o[0]}.`;
233
- return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (r = t.constructor) != null && r.name && (e += ` Received an instance of ${t.constructor.name}`), e;
232
+ r.length === 2 ? e += `one of type ${r[0]} or ${r[1]}.` : e += `of type ${r[0]}.`;
233
+ return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (a = t.constructor) != null && a.name && (e += ` Received an instance of ${t.constructor.name}`), e;
234
234
  }
235
- const re = (e, ...t) => we("Key must be ", e, ...t);
236
- function ge(e, t, ...o) {
237
- return we(`Key for the ${e} algorithm must be `, t, ...o);
235
+ const ie = (e, ...t) => _e("Key must be ", e, ...t);
236
+ function ve(e, t, ...r) {
237
+ return _e(`Key for the ${e} algorithm must be `, t, ...r);
238
238
  }
239
- const Se = (e) => ye(e), b = ["CryptoKey"], Ye = (...e) => {
239
+ const Te = (e) => Ae(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", Y = ["CryptoKey"], et = (...e) => {
240
240
  const t = e.filter(Boolean);
241
241
  if (t.length === 0 || t.length === 1)
242
242
  return !0;
243
- let o;
244
- for (const r of t) {
245
- const n = Object.keys(r);
246
- if (!o || o.size === 0) {
247
- o = new Set(n);
243
+ let r;
244
+ for (const a of t) {
245
+ const n = Object.keys(a);
246
+ if (!r || r.size === 0) {
247
+ r = new Set(n);
248
248
  continue;
249
249
  }
250
250
  for (const s of n) {
251
- if (o.has(s))
251
+ if (r.has(s))
252
252
  return !1;
253
- o.add(s);
253
+ r.add(s);
254
254
  }
255
255
  }
256
256
  return !0;
257
257
  };
258
- function Be(e) {
258
+ function tt(e) {
259
259
  return typeof e == "object" && e !== null;
260
260
  }
261
- function B(e) {
262
- if (!Be(e) || Object.prototype.toString.call(e) !== "[object Object]")
261
+ function ne(e) {
262
+ if (!tt(e) || Object.prototype.toString.call(e) !== "[object Object]")
263
263
  return !1;
264
264
  if (Object.getPrototypeOf(e) === null)
265
265
  return !0;
@@ -268,51 +268,153 @@ function B(e) {
268
268
  t = Object.getPrototypeOf(t);
269
269
  return Object.getPrototypeOf(e) === t;
270
270
  }
271
- const Fe = (e, t) => {
271
+ const rt = (e, t) => {
272
272
  if (e.startsWith("RS") || e.startsWith("PS")) {
273
- const { modulusLength: o } = t.algorithm;
274
- if (typeof o != "number" || o < 2048)
273
+ const { modulusLength: r } = t.algorithm;
274
+ if (typeof r != "number" || r < 2048)
275
275
  throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`);
276
276
  }
277
- }, A = (e, t, o = 0) => {
278
- o === 0 && (t.unshift(t.length), t.unshift(6));
279
- const r = e.indexOf(t[0], o);
280
- if (r === -1)
277
+ };
278
+ function at(e) {
279
+ let t, r;
280
+ switch (e.kty) {
281
+ case "RSA": {
282
+ switch (e.alg) {
283
+ case "PS256":
284
+ case "PS384":
285
+ case "PS512":
286
+ t = { name: "RSA-PSS", hash: `SHA-${e.alg.slice(-3)}` }, r = e.d ? ["sign"] : ["verify"];
287
+ break;
288
+ case "RS256":
289
+ case "RS384":
290
+ case "RS512":
291
+ t = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${e.alg.slice(-3)}` }, r = e.d ? ["sign"] : ["verify"];
292
+ break;
293
+ case "RSA-OAEP":
294
+ case "RSA-OAEP-256":
295
+ case "RSA-OAEP-384":
296
+ case "RSA-OAEP-512":
297
+ t = {
298
+ name: "RSA-OAEP",
299
+ hash: `SHA-${parseInt(e.alg.slice(-3), 10) || 1}`
300
+ }, r = e.d ? ["decrypt", "unwrapKey"] : ["encrypt", "wrapKey"];
301
+ break;
302
+ default:
303
+ throw new T('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
304
+ }
305
+ break;
306
+ }
307
+ case "EC": {
308
+ switch (e.alg) {
309
+ case "ES256":
310
+ t = { name: "ECDSA", namedCurve: "P-256" }, r = e.d ? ["sign"] : ["verify"];
311
+ break;
312
+ case "ES384":
313
+ t = { name: "ECDSA", namedCurve: "P-384" }, r = e.d ? ["sign"] : ["verify"];
314
+ break;
315
+ case "ES512":
316
+ t = { name: "ECDSA", namedCurve: "P-521" }, r = e.d ? ["sign"] : ["verify"];
317
+ break;
318
+ case "ECDH-ES":
319
+ case "ECDH-ES+A128KW":
320
+ case "ECDH-ES+A192KW":
321
+ case "ECDH-ES+A256KW":
322
+ t = { name: "ECDH", namedCurve: e.crv }, r = e.d ? ["deriveBits"] : [];
323
+ break;
324
+ default:
325
+ throw new T('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
326
+ }
327
+ break;
328
+ }
329
+ case "OKP": {
330
+ switch (e.alg) {
331
+ case "EdDSA":
332
+ t = { name: e.crv }, r = e.d ? ["sign"] : ["verify"];
333
+ break;
334
+ case "ECDH-ES":
335
+ case "ECDH-ES+A128KW":
336
+ case "ECDH-ES+A192KW":
337
+ case "ECDH-ES+A256KW":
338
+ t = { name: e.crv }, r = e.d ? ["deriveBits"] : [];
339
+ break;
340
+ default:
341
+ throw new T('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
342
+ }
343
+ break;
344
+ }
345
+ default:
346
+ throw new T('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
347
+ }
348
+ return { algorithm: t, keyUsages: r };
349
+ }
350
+ const nt = async (e) => {
351
+ if (!e.alg)
352
+ throw new TypeError('"alg" argument is required when "jwk.alg" is not present');
353
+ const { algorithm: t, keyUsages: r } = at(e), a = [
354
+ t,
355
+ e.ext ?? !1,
356
+ e.key_ops ?? r
357
+ ], n = { ...e };
358
+ return delete n.alg, delete n.use, G.subtle.importKey("jwk", n, ...a);
359
+ }, ke = (e) => M(e);
360
+ let Q, Z;
361
+ const Ie = (e) => (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", Re = async (e, t, r, a) => {
362
+ let n = e.get(t);
363
+ if (n != null && n[a])
364
+ return n[a];
365
+ const s = await nt({ ...r, alg: a });
366
+ return n ? n[a] = s : e.set(t, { [a]: s }), s;
367
+ }, ot = (e, t) => {
368
+ if (Ie(e)) {
369
+ let r = e.export({ format: "jwk" });
370
+ return delete r.d, delete r.dp, delete r.dq, delete r.p, delete r.q, delete r.qi, r.k ? ke(r.k) : (Z || (Z = /* @__PURE__ */ new WeakMap()), Re(Z, e, r, t));
371
+ }
372
+ return e;
373
+ }, st = (e, t) => {
374
+ if (Ie(e)) {
375
+ let r = e.export({ format: "jwk" });
376
+ return r.k ? ke(r.k) : (Q || (Q = /* @__PURE__ */ new WeakMap()), Re(Q, e, r, t));
377
+ }
378
+ return e;
379
+ }, ct = { normalizePublicKey: ot, normalizePrivateKey: st }, v = (e, t, r = 0) => {
380
+ r === 0 && (t.unshift(t.length), t.unshift(6));
381
+ const a = e.indexOf(t[0], r);
382
+ if (a === -1)
281
383
  return !1;
282
- const n = e.subarray(r, r + t.length);
283
- return n.length !== t.length ? !1 : n.every((s, a) => s === t[a]) || A(e, t, r + 1);
284
- }, oe = (e) => {
384
+ const n = e.subarray(a, a + t.length);
385
+ return n.length !== t.length ? !1 : n.every((s, o) => s === t[o]) || v(e, t, a + 1);
386
+ }, ue = (e) => {
285
387
  switch (!0) {
286
- case A(e, [42, 134, 72, 206, 61, 3, 1, 7]):
388
+ case v(e, [42, 134, 72, 206, 61, 3, 1, 7]):
287
389
  return "P-256";
288
- case A(e, [43, 129, 4, 0, 34]):
390
+ case v(e, [43, 129, 4, 0, 34]):
289
391
  return "P-384";
290
- case A(e, [43, 129, 4, 0, 35]):
392
+ case v(e, [43, 129, 4, 0, 35]):
291
393
  return "P-521";
292
- case A(e, [43, 101, 110]):
394
+ case v(e, [43, 101, 110]):
293
395
  return "X25519";
294
- case A(e, [43, 101, 111]):
396
+ case v(e, [43, 101, 111]):
295
397
  return "X448";
296
- case A(e, [43, 101, 112]):
398
+ case v(e, [43, 101, 112]):
297
399
  return "Ed25519";
298
- case A(e, [43, 101, 113]):
400
+ case v(e, [43, 101, 113]):
299
401
  return "Ed448";
300
402
  default:
301
- throw new K("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
403
+ throw new T("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
302
404
  }
303
- }, qe = async (e, t, o, r, n) => {
304
- let s, a;
305
- const c = new Uint8Array(atob(o.replace(e, "")).split("").map((i) => i.charCodeAt(0)));
306
- switch (r) {
405
+ }, it = async (e, t, r, a, n) => {
406
+ let s, o;
407
+ const i = new Uint8Array(atob(r.replace(e, "")).split("").map((c) => c.charCodeAt(0)));
408
+ switch (a) {
307
409
  case "PS256":
308
410
  case "PS384":
309
411
  case "PS512":
310
- s = { name: "RSA-PSS", hash: `SHA-${r.slice(-3)}` }, a = ["verify"];
412
+ s = { name: "RSA-PSS", hash: `SHA-${a.slice(-3)}` }, o = ["verify"];
311
413
  break;
312
414
  case "RS256":
313
415
  case "RS384":
314
416
  case "RS512":
315
- s = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${r.slice(-3)}` }, a = ["verify"];
417
+ s = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${a.slice(-3)}` }, o = ["verify"];
316
418
  break;
317
419
  case "RSA-OAEP":
318
420
  case "RSA-OAEP-256":
@@ -320,130 +422,130 @@ const Fe = (e, t) => {
320
422
  case "RSA-OAEP-512":
321
423
  s = {
322
424
  name: "RSA-OAEP",
323
- hash: `SHA-${parseInt(r.slice(-3), 10) || 1}`
324
- }, a = ["encrypt", "wrapKey"];
425
+ hash: `SHA-${parseInt(a.slice(-3), 10) || 1}`
426
+ }, o = ["encrypt", "wrapKey"];
325
427
  break;
326
428
  case "ES256":
327
- s = { name: "ECDSA", namedCurve: "P-256" }, a = ["verify"];
429
+ s = { name: "ECDSA", namedCurve: "P-256" }, o = ["verify"];
328
430
  break;
329
431
  case "ES384":
330
- s = { name: "ECDSA", namedCurve: "P-384" }, a = ["verify"];
432
+ s = { name: "ECDSA", namedCurve: "P-384" }, o = ["verify"];
331
433
  break;
332
434
  case "ES512":
333
- s = { name: "ECDSA", namedCurve: "P-521" }, a = ["verify"];
435
+ s = { name: "ECDSA", namedCurve: "P-521" }, o = ["verify"];
334
436
  break;
335
437
  case "ECDH-ES":
336
438
  case "ECDH-ES+A128KW":
337
439
  case "ECDH-ES+A192KW":
338
440
  case "ECDH-ES+A256KW": {
339
- const i = oe(c);
340
- s = i.startsWith("P-") ? { name: "ECDH", namedCurve: i } : { name: i }, a = [];
441
+ const c = ue(i);
442
+ s = c.startsWith("P-") ? { name: "ECDH", namedCurve: c } : { name: c }, o = [];
341
443
  break;
342
444
  }
343
445
  case "EdDSA":
344
- s = { name: oe(c) }, a = ["verify"];
446
+ s = { name: ue(i) }, o = ["verify"];
345
447
  break;
346
448
  default:
347
- throw new K('Invalid or unsupported "alg" (Algorithm) value');
449
+ throw new T('Invalid or unsupported "alg" (Algorithm) value');
348
450
  }
349
- return z.subtle.importKey(t, c, s, !1, a);
350
- }, ze = (e, t, o) => qe(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
351
- async function Xe(e, t, o) {
451
+ return G.subtle.importKey(t, i, s, !1, o);
452
+ }, ut = (e, t, r) => it(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
453
+ async function dt(e, t, r) {
352
454
  if (e.indexOf("-----BEGIN PUBLIC KEY-----") !== 0)
353
455
  throw new TypeError('"spki" must be SPKI formatted string');
354
- return ze(e, t);
456
+ return ut(e, t);
355
457
  }
356
- const Qe = (e, t) => {
458
+ const V = (e) => e == null ? void 0 : e[Symbol.toStringTag], lt = (e, t) => {
357
459
  if (!(t instanceof Uint8Array)) {
358
- if (!Se(t))
359
- throw new TypeError(ge(e, t, ...b, "Uint8Array"));
460
+ if (!Te(t))
461
+ throw new TypeError(ve(e, t, ...Y, "Uint8Array"));
360
462
  if (t.type !== "secret")
361
- throw new TypeError(`${b.join(" or ")} instances for symmetric algorithms must be of type "secret"`);
463
+ throw new TypeError(`${V(t)} instances for symmetric algorithms must be of type "secret"`);
362
464
  }
363
- }, Ze = (e, t, o) => {
364
- if (!Se(t))
365
- throw new TypeError(ge(e, t, ...b));
465
+ }, ht = (e, t, r) => {
466
+ if (!Te(t))
467
+ throw new TypeError(ve(e, t, ...Y));
366
468
  if (t.type === "secret")
367
- throw new TypeError(`${b.join(" or ")} instances for asymmetric algorithms must not be of type "secret"`);
368
- if (t.algorithm && o === "verify" && t.type === "private")
369
- throw new TypeError(`${b.join(" or ")} instances for asymmetric algorithm verifying must be of type "public"`);
370
- if (t.algorithm && o === "encrypt" && t.type === "private")
371
- throw new TypeError(`${b.join(" or ")} instances for asymmetric algorithm encryption must be of type "public"`);
372
- }, et = (e, t, o) => {
373
- e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? Qe(e, t) : Ze(e, t, o);
469
+ throw new TypeError(`${V(t)} instances for asymmetric algorithms must not be of type "secret"`);
470
+ if (t.algorithm && r === "verify" && t.type === "private")
471
+ throw new TypeError(`${V(t)} instances for asymmetric algorithm verifying must be of type "public"`);
472
+ if (t.algorithm && r === "encrypt" && t.type === "private")
473
+ throw new TypeError(`${V(t)} instances for asymmetric algorithm encryption must be of type "public"`);
474
+ }, pt = (e, t, r) => {
475
+ e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? lt(e, t) : ht(e, t, r);
374
476
  };
375
- function tt(e, t, o, r, n) {
376
- if (n.crit !== void 0 && (r == null ? void 0 : r.crit) === void 0)
477
+ function yt(e, t, r, a, n) {
478
+ if (n.crit !== void 0 && (a == null ? void 0 : a.crit) === void 0)
377
479
  throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');
378
- if (!r || r.crit === void 0)
480
+ if (!a || a.crit === void 0)
379
481
  return /* @__PURE__ */ new Set();
380
- if (!Array.isArray(r.crit) || r.crit.length === 0 || r.crit.some((a) => typeof a != "string" || a.length === 0))
482
+ if (!Array.isArray(a.crit) || a.crit.length === 0 || a.crit.some((o) => typeof o != "string" || o.length === 0))
381
483
  throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');
382
484
  let s;
383
- o !== void 0 ? s = new Map([...Object.entries(o), ...t.entries()]) : s = t;
384
- for (const a of r.crit) {
385
- if (!s.has(a))
386
- throw new K(`Extension Header Parameter "${a}" is not recognized`);
387
- if (n[a] === void 0)
388
- throw new e(`Extension Header Parameter "${a}" is missing`);
389
- if (s.get(a) && r[a] === void 0)
390
- throw new e(`Extension Header Parameter "${a}" MUST be integrity protected`);
485
+ r !== void 0 ? s = new Map([...Object.entries(r), ...t.entries()]) : s = t;
486
+ for (const o of a.crit) {
487
+ if (!s.has(o))
488
+ throw new T(`Extension Header Parameter "${o}" is not recognized`);
489
+ if (n[o] === void 0)
490
+ throw new e(`Extension Header Parameter "${o}" is missing`);
491
+ if (s.get(o) && a[o] === void 0)
492
+ throw new e(`Extension Header Parameter "${o}" MUST be integrity protected`);
391
493
  }
392
- return new Set(r.crit);
494
+ return new Set(a.crit);
393
495
  }
394
- const rt = (e, t) => {
395
- if (t !== void 0 && (!Array.isArray(t) || t.some((o) => typeof o != "string")))
496
+ const ft = (e, t) => {
497
+ if (t !== void 0 && (!Array.isArray(t) || t.some((r) => typeof r != "string")))
396
498
  throw new TypeError(`"${e}" option must be an array of strings`);
397
499
  if (t)
398
500
  return new Set(t);
399
501
  };
400
- function ot(e, t) {
401
- const o = `SHA-${e.slice(-3)}`;
502
+ function mt(e, t) {
503
+ const r = `SHA-${e.slice(-3)}`;
402
504
  switch (e) {
403
505
  case "HS256":
404
506
  case "HS384":
405
507
  case "HS512":
406
- return { hash: o, name: "HMAC" };
508
+ return { hash: r, name: "HMAC" };
407
509
  case "PS256":
408
510
  case "PS384":
409
511
  case "PS512":
410
- return { hash: o, name: "RSA-PSS", saltLength: e.slice(-3) >> 3 };
512
+ return { hash: r, name: "RSA-PSS", saltLength: e.slice(-3) >> 3 };
411
513
  case "RS256":
412
514
  case "RS384":
413
515
  case "RS512":
414
- return { hash: o, name: "RSASSA-PKCS1-v1_5" };
516
+ return { hash: r, name: "RSASSA-PKCS1-v1_5" };
415
517
  case "ES256":
416
518
  case "ES384":
417
519
  case "ES512":
418
- return { hash: o, name: "ECDSA", namedCurve: t.namedCurve };
520
+ return { hash: r, name: "ECDSA", namedCurve: t.namedCurve };
419
521
  case "EdDSA":
420
522
  return { name: t.name };
421
523
  default:
422
- throw new K(`alg ${e} is not supported either by JOSE or your javascript runtime`);
524
+ throw new T(`alg ${e} is not supported either by JOSE or your javascript runtime`);
423
525
  }
424
526
  }
425
- function nt(e, t, o) {
426
- if (ye(t))
427
- return Ge(t, e, o), t;
527
+ async function wt(e, t, r) {
528
+ if (t = await ct.normalizePublicKey(t, e), Ae(t))
529
+ return Ze(t, e, r), t;
428
530
  if (t instanceof Uint8Array) {
429
531
  if (!e.startsWith("HS"))
430
- throw new TypeError(re(t, ...b));
431
- return z.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [o]);
532
+ throw new TypeError(ie(t, ...Y));
533
+ return G.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [r]);
432
534
  }
433
- throw new TypeError(re(t, ...b, "Uint8Array"));
535
+ throw new TypeError(ie(t, ...Y, "Uint8Array"));
434
536
  }
435
- const at = async (e, t, o, r) => {
436
- const n = await nt(e, t, "verify");
437
- Fe(e, n);
438
- const s = ot(e, n.algorithm);
537
+ const St = async (e, t, r, a) => {
538
+ const n = await wt(e, t, "verify");
539
+ rt(e, n);
540
+ const s = mt(e, n.algorithm);
439
541
  try {
440
- return await z.subtle.verify(s, n, o, r);
542
+ return await G.subtle.verify(s, n, r, a);
441
543
  } catch {
442
544
  return !1;
443
545
  }
444
546
  };
445
- async function st(e, t, o) {
446
- if (!B(e))
547
+ async function Et(e, t, r) {
548
+ if (!ne(e))
447
549
  throw new h("Flattened JWS must be an object");
448
550
  if (e.protected === void 0 && e.header === void 0)
449
551
  throw new h('Flattened JWS must have either of the "protected" or "header" members');
@@ -453,341 +555,341 @@ async function st(e, t, o) {
453
555
  throw new h("JWS Payload missing");
454
556
  if (typeof e.signature != "string")
455
557
  throw new h("JWS Signature missing or incorrect type");
456
- if (e.header !== void 0 && !B(e.header))
558
+ if (e.header !== void 0 && !ne(e.header))
457
559
  throw new h("JWS Unprotected Header incorrect type");
458
- let r = {};
560
+ let a = {};
459
561
  if (e.protected)
460
562
  try {
461
- const p = x(e.protected);
462
- r = JSON.parse(J.decode(p));
563
+ const m = M(e.protected);
564
+ a = JSON.parse(q.decode(m));
463
565
  } catch {
464
566
  throw new h("JWS Protected Header is invalid");
465
567
  }
466
- if (!Ye(r, e.header))
568
+ if (!et(a, e.header))
467
569
  throw new h("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
468
570
  const n = {
469
- ...r,
571
+ ...a,
470
572
  ...e.header
471
- }, s = tt(h, /* @__PURE__ */ new Map([["b64", !0]]), o == null ? void 0 : o.crit, r, n);
472
- let a = !0;
473
- if (s.has("b64") && (a = r.b64, typeof a != "boolean"))
573
+ }, s = yt(h, /* @__PURE__ */ new Map([["b64", !0]]), r == null ? void 0 : r.crit, a, n);
574
+ let o = !0;
575
+ if (s.has("b64") && (o = a.b64, typeof o != "boolean"))
474
576
  throw new h('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
475
- const { alg: c } = n;
476
- if (typeof c != "string" || !c)
577
+ const { alg: i } = n;
578
+ if (typeof i != "string" || !i)
477
579
  throw new h('JWS "alg" (Algorithm) Header Parameter missing or invalid');
478
- const i = o && rt("algorithms", o.algorithms);
479
- if (i && !i.has(c))
480
- throw new xe('"alg" (Algorithm) Header Parameter value not allowed');
481
- if (a) {
580
+ const c = r && ft("algorithms", r.algorithms);
581
+ if (c && !c.has(i))
582
+ throw new qe('"alg" (Algorithm) Header Parameter value not allowed');
583
+ if (o) {
482
584
  if (typeof e.payload != "string")
483
585
  throw new h("JWS Payload must be a string");
484
586
  } else if (typeof e.payload != "string" && !(e.payload instanceof Uint8Array))
485
587
  throw new h("JWS Payload must be a string or an Uint8Array instance");
486
588
  let u = !1;
487
- typeof t == "function" && (t = await t(r, e), u = !0), et(c, t, "verify");
488
- const m = Ke(P.encode(e.protected ?? ""), P.encode("."), typeof e.payload == "string" ? P.encode(e.payload) : e.payload);
489
- let f;
589
+ typeof t == "function" && (t = await t(a, e), u = !0), pt(i, t, "verify");
590
+ const f = Fe(K.encode(e.protected ?? ""), K.encode("."), typeof e.payload == "string" ? K.encode(e.payload) : e.payload);
591
+ let p;
490
592
  try {
491
- f = x(e.signature);
593
+ p = M(e.signature);
492
594
  } catch {
493
595
  throw new h("Failed to base64url decode the signature");
494
596
  }
495
- if (!await at(c, t, f, m))
496
- throw new je();
497
- let E;
498
- if (a)
597
+ if (!await St(i, t, p, f))
598
+ throw new ze();
599
+ let _;
600
+ if (o)
499
601
  try {
500
- E = x(e.payload);
602
+ _ = M(e.payload);
501
603
  } catch {
502
604
  throw new h("Failed to base64url decode the payload");
503
605
  }
504
606
  else
505
- typeof e.payload == "string" ? E = P.encode(e.payload) : E = e.payload;
506
- const y = { payload: E };
507
- return e.protected !== void 0 && (y.protectedHeader = r), e.header !== void 0 && (y.unprotectedHeader = e.header), u ? { ...y, key: t } : y;
607
+ typeof e.payload == "string" ? _ = K.encode(e.payload) : _ = e.payload;
608
+ const S = { payload: _ };
609
+ return e.protected !== void 0 && (S.protectedHeader = a), e.header !== void 0 && (S.unprotectedHeader = e.header), u ? { ...S, key: t } : S;
508
610
  }
509
- async function it(e, t, o) {
510
- if (e instanceof Uint8Array && (e = J.decode(e)), typeof e != "string")
611
+ async function gt(e, t, r) {
612
+ if (e instanceof Uint8Array && (e = q.decode(e)), typeof e != "string")
511
613
  throw new h("Compact JWS must be a string or Uint8Array");
512
- const { 0: r, 1: n, 2: s, length: a } = e.split(".");
513
- if (a !== 3)
614
+ const { 0: a, 1: n, 2: s, length: o } = e.split(".");
615
+ if (o !== 3)
514
616
  throw new h("Invalid Compact JWS");
515
- const c = await st({ payload: n, protected: r, signature: s }, t, o), i = { payload: c.payload, protectedHeader: c.protectedHeader };
516
- return typeof t == "function" ? { ...i, key: c.key } : i;
617
+ const i = await Et({ payload: n, protected: a, signature: s }, t, r), c = { payload: i.payload, protectedHeader: i.protectedHeader };
618
+ return typeof t == "function" ? { ...c, key: i.key } : c;
517
619
  }
518
- const ct = (e) => Math.floor(e.getTime() / 1e3), Ee = 60, Ae = Ee * 60, X = Ae * 24, ut = X * 7, dt = X * 365.25, lt = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, ne = (e) => {
519
- const t = lt.exec(e);
620
+ const At = (e) => Math.floor(e.getTime() / 1e3), Ce = 60, Pe = Ce * 60, oe = Pe * 24, bt = oe * 7, _t = oe * 365.25, vt = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, de = (e) => {
621
+ const t = vt.exec(e);
520
622
  if (!t || t[4] && t[1])
521
623
  throw new TypeError("Invalid time period format");
522
- const o = parseFloat(t[2]), r = t[3].toLowerCase();
624
+ const r = parseFloat(t[2]), a = t[3].toLowerCase();
523
625
  let n;
524
- switch (r) {
626
+ switch (a) {
525
627
  case "sec":
526
628
  case "secs":
527
629
  case "second":
528
630
  case "seconds":
529
631
  case "s":
530
- n = Math.round(o);
632
+ n = Math.round(r);
531
633
  break;
532
634
  case "minute":
533
635
  case "minutes":
534
636
  case "min":
535
637
  case "mins":
536
638
  case "m":
537
- n = Math.round(o * Ee);
639
+ n = Math.round(r * Ce);
538
640
  break;
539
641
  case "hour":
540
642
  case "hours":
541
643
  case "hr":
542
644
  case "hrs":
543
645
  case "h":
544
- n = Math.round(o * Ae);
646
+ n = Math.round(r * Pe);
545
647
  break;
546
648
  case "day":
547
649
  case "days":
548
650
  case "d":
549
- n = Math.round(o * X);
651
+ n = Math.round(r * oe);
550
652
  break;
551
653
  case "week":
552
654
  case "weeks":
553
655
  case "w":
554
- n = Math.round(o * ut);
656
+ n = Math.round(r * bt);
555
657
  break;
556
658
  default:
557
- n = Math.round(o * dt);
659
+ n = Math.round(r * _t);
558
660
  break;
559
661
  }
560
662
  return t[1] === "-" || t[4] === "ago" ? -n : n;
561
- }, ae = (e) => e.toLowerCase().replace(/^application\//, ""), ht = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, pt = (e, t, o = {}) => {
562
- let r;
663
+ }, le = (e) => e.toLowerCase().replace(/^application\//, ""), Tt = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, kt = (e, t, r = {}) => {
664
+ let a;
563
665
  try {
564
- r = JSON.parse(J.decode(t));
666
+ a = JSON.parse(q.decode(t));
565
667
  } catch {
566
668
  }
567
- if (!B(r))
568
- throw new me("JWT Claims Set must be a top-level JSON object");
569
- const { typ: n } = o;
570
- if (n && (typeof e.typ != "string" || ae(e.typ) !== ae(n)))
571
- throw new w('unexpected "typ" JWT header value', r, "typ", "check_failed");
572
- const { requiredClaims: s = [], issuer: a, subject: c, audience: i, maxTokenAge: u } = o, m = [...s];
573
- u !== void 0 && m.push("iat"), i !== void 0 && m.push("aud"), c !== void 0 && m.push("sub"), a !== void 0 && m.push("iss");
574
- for (const p of new Set(m.reverse()))
575
- if (!(p in r))
576
- throw new w(`missing required "${p}" claim`, r, p, "missing");
577
- if (a && !(Array.isArray(a) ? a : [a]).includes(r.iss))
578
- throw new w('unexpected "iss" claim value', r, "iss", "check_failed");
579
- if (c && r.sub !== c)
580
- throw new w('unexpected "sub" claim value', r, "sub", "check_failed");
581
- if (i && !ht(r.aud, typeof i == "string" ? [i] : i))
582
- throw new w('unexpected "aud" claim value', r, "aud", "check_failed");
583
- let f;
584
- switch (typeof o.clockTolerance) {
669
+ if (!ne(a))
670
+ throw new be("JWT Claims Set must be a top-level JSON object");
671
+ const { typ: n } = r;
672
+ if (n && (typeof e.typ != "string" || le(e.typ) !== le(n)))
673
+ throw new g('unexpected "typ" JWT header value', a, "typ", "check_failed");
674
+ const { requiredClaims: s = [], issuer: o, subject: i, audience: c, maxTokenAge: u } = r, f = [...s];
675
+ u !== void 0 && f.push("iat"), c !== void 0 && f.push("aud"), i !== void 0 && f.push("sub"), o !== void 0 && f.push("iss");
676
+ for (const m of new Set(f.reverse()))
677
+ if (!(m in a))
678
+ throw new g(`missing required "${m}" claim`, a, m, "missing");
679
+ if (o && !(Array.isArray(o) ? o : [o]).includes(a.iss))
680
+ throw new g('unexpected "iss" claim value', a, "iss", "check_failed");
681
+ if (i && a.sub !== i)
682
+ throw new g('unexpected "sub" claim value', a, "sub", "check_failed");
683
+ if (c && !Tt(a.aud, typeof c == "string" ? [c] : c))
684
+ throw new g('unexpected "aud" claim value', a, "aud", "check_failed");
685
+ let p;
686
+ switch (typeof r.clockTolerance) {
585
687
  case "string":
586
- f = ne(o.clockTolerance);
688
+ p = de(r.clockTolerance);
587
689
  break;
588
690
  case "number":
589
- f = o.clockTolerance;
691
+ p = r.clockTolerance;
590
692
  break;
591
693
  case "undefined":
592
- f = 0;
694
+ p = 0;
593
695
  break;
594
696
  default:
595
697
  throw new TypeError("Invalid clockTolerance option type");
596
698
  }
597
- const { currentDate: E } = o, y = ct(E || /* @__PURE__ */ new Date());
598
- if ((r.iat !== void 0 || u) && typeof r.iat != "number")
599
- throw new w('"iat" claim must be a number', r, "iat", "invalid");
600
- if (r.nbf !== void 0) {
601
- if (typeof r.nbf != "number")
602
- throw new w('"nbf" claim must be a number', r, "nbf", "invalid");
603
- if (r.nbf > y + f)
604
- throw new w('"nbf" claim timestamp check failed', r, "nbf", "check_failed");
605
- }
606
- if (r.exp !== void 0) {
607
- if (typeof r.exp != "number")
608
- throw new w('"exp" claim must be a number', r, "exp", "invalid");
609
- if (r.exp <= y - f)
610
- throw new te('"exp" claim timestamp check failed', r, "exp", "check_failed");
699
+ const { currentDate: _ } = r, S = At(_ || /* @__PURE__ */ new Date());
700
+ if ((a.iat !== void 0 || u) && typeof a.iat != "number")
701
+ throw new g('"iat" claim must be a number', a, "iat", "invalid");
702
+ if (a.nbf !== void 0) {
703
+ if (typeof a.nbf != "number")
704
+ throw new g('"nbf" claim must be a number', a, "nbf", "invalid");
705
+ if (a.nbf > S + p)
706
+ throw new g('"nbf" claim timestamp check failed', a, "nbf", "check_failed");
707
+ }
708
+ if (a.exp !== void 0) {
709
+ if (typeof a.exp != "number")
710
+ throw new g('"exp" claim must be a number', a, "exp", "invalid");
711
+ if (a.exp <= S - p)
712
+ throw new ce('"exp" claim timestamp check failed', a, "exp", "check_failed");
611
713
  }
612
714
  if (u) {
613
- const p = y - r.iat, v = typeof u == "number" ? u : ne(u);
614
- if (p - f > v)
615
- throw new te('"iat" claim timestamp check failed (too far in the past)', r, "iat", "check_failed");
616
- if (p < 0 - f)
617
- throw new w('"iat" claim timestamp check failed (it should be in the past)', r, "iat", "check_failed");
715
+ const m = S - a.iat, k = typeof u == "number" ? u : de(u);
716
+ if (m - p > k)
717
+ throw new ce('"iat" claim timestamp check failed (too far in the past)', a, "iat", "check_failed");
718
+ if (m < 0 - p)
719
+ throw new g('"iat" claim timestamp check failed (it should be in the past)', a, "iat", "check_failed");
618
720
  }
619
- return r;
721
+ return a;
620
722
  };
621
- async function ft(e, t, o) {
622
- var r;
623
- const n = await it(e, t, o);
624
- if ((r = n.protectedHeader.crit) != null && r.includes("b64") && n.protectedHeader.b64 === !1)
625
- throw new me("JWTs MUST NOT use unencoded payload");
626
- const s = { payload: pt(n.protectedHeader, n.payload, o), protectedHeader: n.protectedHeader };
723
+ async function It(e, t, r) {
724
+ var a;
725
+ const n = await gt(e, t, r);
726
+ if ((a = n.protectedHeader.crit) != null && a.includes("b64") && n.protectedHeader.b64 === !1)
727
+ throw new be("JWTs MUST NOT use unencoded payload");
728
+ const s = { payload: kt(n.protectedHeader, n.payload, r), protectedHeader: n.protectedHeader };
627
729
  return typeof t == "function" ? { ...s, key: n.key } : s;
628
730
  }
629
- const be = async (e) => {
731
+ const H = async (e) => {
630
732
  try {
631
- const t = _.ALG, o = await Xe(Je, t);
632
- return await ft(e, o, {
633
- issuer: _.ISSUER
733
+ const t = y.ALG, r = await dt(Be, t);
734
+ return await It(e, r, {
735
+ issuer: y.ISSUER
634
736
  });
635
737
  } catch {
636
738
  return;
637
739
  }
638
740
  };
639
741
  var d = [];
640
- for (var M = 0; M < 256; ++M)
641
- d.push((M + 256).toString(16).slice(1));
642
- function yt(e, t = 0) {
742
+ for (var ee = 0; ee < 256; ++ee)
743
+ d.push((ee + 256).toString(16).slice(1));
744
+ function Rt(e, t = 0) {
643
745
  return (d[e[t + 0]] + d[e[t + 1]] + d[e[t + 2]] + d[e[t + 3]] + "-" + d[e[t + 4]] + d[e[t + 5]] + "-" + d[e[t + 6]] + d[e[t + 7]] + "-" + d[e[t + 8]] + d[e[t + 9]] + "-" + d[e[t + 10]] + d[e[t + 11]] + d[e[t + 12]] + d[e[t + 13]] + d[e[t + 14]] + d[e[t + 15]]).toLowerCase();
644
746
  }
645
- var U, mt = new Uint8Array(16);
646
- function wt() {
647
- if (!U && (U = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !U))
747
+ var L, Ct = new Uint8Array(16);
748
+ function Pt() {
749
+ if (!L && (L = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !L))
648
750
  throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
649
- return U(mt);
751
+ return L(Ct);
650
752
  }
651
- var gt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
652
- const se = {
653
- randomUUID: gt
753
+ var Ot = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
754
+ const he = {
755
+ randomUUID: Ot
654
756
  };
655
- function ie(e, t, o) {
656
- if (se.randomUUID && !t && !e)
657
- return se.randomUUID();
757
+ function pe(e, t, r) {
758
+ if (he.randomUUID && !t && !e)
759
+ return he.randomUUID();
658
760
  e = e || {};
659
- var r = e.random || (e.rng || wt)();
660
- return r[6] = r[6] & 15 | 64, r[8] = r[8] & 63 | 128, yt(r);
761
+ var a = e.random || (e.rng || Pt)();
762
+ return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128, Rt(a);
661
763
  }
662
- const ce = globalThis.crypto, St = (e) => `${ie()}${ie()}`.slice(0, e), Et = (e) => btoa(
764
+ const ye = globalThis.crypto, Dt = (e) => `${pe()}${pe()}`.slice(0, e), Ut = (e) => btoa(
663
765
  [...new Uint8Array(e)].map((t) => String.fromCharCode(t)).join("")
664
766
  );
665
- async function At(e) {
666
- if (!ce.subtle)
767
+ async function Ht(e) {
768
+ if (!ye.subtle)
667
769
  throw new Error(
668
770
  "crypto.subtle is available only in secure contexts (HTTPS)."
669
771
  );
670
- const t = new TextEncoder().encode(e), o = await ce.subtle.digest("SHA-256", t);
671
- return Et(o).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
772
+ const t = new TextEncoder().encode(e), r = await ye.subtle.digest("SHA-256", t);
773
+ return Ut(r).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
672
774
  }
673
- async function bt(e) {
674
- const o = St(43), r = await At(o);
775
+ async function Nt(e) {
776
+ const r = Dt(43), a = await Ht(r);
675
777
  return {
676
- code_verifier: o,
677
- code_challenge: r
778
+ code_verifier: r,
779
+ code_challenge: a
678
780
  };
679
781
  }
680
- function _e(e, t) {
782
+ function Oe(e, t) {
681
783
  window.dispatchEvent(new StorageEvent("storage", { key: e, newValue: t }));
682
784
  }
683
- const ue = (e, t) => {
684
- const o = JSON.stringify(
785
+ const fe = (e, t) => {
786
+ const r = JSON.stringify(
685
787
  typeof t == "function" ? t() : t
686
788
  );
687
- window.localStorage.setItem(e, o), _e(e, o);
688
- }, _t = (e) => {
689
- window.localStorage.removeItem(e), _e(e, null);
690
- }, de = (e) => window.localStorage.getItem(e), Tt = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
691
- function N({
789
+ window.localStorage.setItem(e, r), Oe(e, r);
790
+ }, Kt = (e) => {
791
+ window.localStorage.removeItem(e), Oe(e, null);
792
+ }, me = (e) => window.localStorage.getItem(e), $t = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
793
+ function W({
692
794
  key: e,
693
795
  initialValue: t
694
796
  }) {
695
- const o = () => de(e), r = C.useSyncExternalStore(
696
- Tt,
697
- o
698
- ), n = C.useCallback(
699
- (c) => {
797
+ const r = () => me(e), a = D.useSyncExternalStore(
798
+ $t,
799
+ r
800
+ ), n = D.useCallback(
801
+ (i) => {
700
802
  try {
701
- const i = typeof c == "function" ? c(JSON.parse(r)) : c;
702
- i == null ? _t(e) : ue(e, i);
703
- } catch (i) {
704
- console.warn(i);
803
+ const c = typeof i == "function" ? i(JSON.parse(a)) : i;
804
+ c == null ? Kt(e) : fe(e, c);
805
+ } catch (c) {
806
+ console.warn(c);
705
807
  }
706
808
  },
707
- [e, r]
708
- ), s = C.useCallback(() => {
809
+ [e, a]
810
+ ), s = D.useCallback(() => {
709
811
  n(t);
710
- }, [t, n]), a = C.useCallback(() => {
812
+ }, [t, n]), o = D.useCallback(() => {
711
813
  n(null);
712
814
  }, [n]);
713
- return C.useEffect(() => {
815
+ return D.useEffect(() => {
714
816
  try {
715
- de(e) === null && typeof t < "u" && ue(e, t);
716
- } catch (c) {
717
- console.warn(c);
817
+ me(e) === null && typeof t < "u" && fe(e, t);
818
+ } catch (i) {
819
+ console.warn(i);
718
820
  }
719
- }, [e, t]), [r ? JSON.parse(r) : null, n, s, a];
821
+ }, [e, t]), [a ? JSON.parse(a) : null, n, s, o];
720
822
  }
721
823
  var l = [];
722
- for (var V = 0; V < 256; ++V)
723
- l.push((V + 256).toString(16).slice(1));
724
- function vt(e, t = 0) {
824
+ for (var te = 0; te < 256; ++te)
825
+ l.push((te + 256).toString(16).slice(1));
826
+ function Lt(e, t = 0) {
725
827
  return (l[e[t + 0]] + l[e[t + 1]] + l[e[t + 2]] + l[e[t + 3]] + "-" + l[e[t + 4]] + l[e[t + 5]] + "-" + l[e[t + 6]] + l[e[t + 7]] + "-" + l[e[t + 8]] + l[e[t + 9]] + "-" + l[e[t + 10]] + l[e[t + 11]] + l[e[t + 12]] + l[e[t + 13]] + l[e[t + 14]] + l[e[t + 15]]).toLowerCase();
726
828
  }
727
- var H, It = new Uint8Array(16);
728
- function Rt() {
729
- if (!H && (H = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !H))
829
+ var J, Wt = new Uint8Array(16);
830
+ function Jt() {
831
+ if (!J && (J = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !J))
730
832
  throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
731
- return H(It);
833
+ return J(Wt);
732
834
  }
733
- var kt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
734
- const le = {
735
- randomUUID: kt
835
+ var xt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
836
+ const we = {
837
+ randomUUID: xt
736
838
  };
737
- function Ct(e, t, o) {
738
- if (le.randomUUID && !t && !e)
739
- return le.randomUUID();
839
+ function jt(e, t, r) {
840
+ if (we.randomUUID && !t && !e)
841
+ return we.randomUUID();
740
842
  e = e || {};
741
- var r = e.random || (e.rng || Rt)();
742
- return r[6] = r[6] & 15 | 64, r[8] = r[8] & 63 | 128, vt(r);
843
+ var a = e.random || (e.rng || Jt)();
844
+ return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128, Lt(a);
743
845
  }
744
- const G = "Oops! It looks like your session has expired. For your security, please log in again to continue.", Ot = "Your session has been successfully terminated.", he = "Login failed. Please try again.", Pt = "You forgot to wrap your component in <AuthProvider>.", pe = {
846
+ const re = "Oops! It looks like your session has expired. For your security, please log in again to continue.", Mt = "Your session has been successfully terminated.", Se = "Login failed. Please try again.", U = "Error getting access token, please re-authenticate.", Vt = "You forgot to wrap your component in <AuthProvider>.", Ee = {
745
847
  dev: "https://auth.gizmette.local.com:3003",
746
848
  prod: "https://mylogin.gizmette.com"
747
- }, L = "@@auth@@", Dt = process.env.NODE_ENV === "production", Ut = !Dt, Q = async ({
849
+ }, x = "@@auth@@", Yt = process.env.NODE_ENV === "production", Bt = !Yt, z = async ({
748
850
  type: e,
749
851
  clientId: t,
750
- params: o = {}
852
+ params: r = {}
751
853
  }) => {
752
854
  try {
753
- const r = await fetch(
754
- Ut ? `${pe.dev}/${e}` : `${pe.prod}/${e}`,
855
+ const a = await fetch(
856
+ Bt ? `${Ee.dev}/${e}` : `${Ee.prod}/${e}`,
755
857
  {
756
858
  credentials: "include",
757
859
  method: "POST",
758
860
  headers: {
759
861
  "Content-Type": "application/json",
760
- [$e.CLIENT_ID]: `${t}`
862
+ [Ye.CLIENT_ID]: `${t}`
761
863
  },
762
- body: JSON.stringify(o)
864
+ body: JSON.stringify(r)
763
865
  }
764
866
  );
765
- if (r.status !== 200)
766
- return { status: r.status, data: [] };
767
- const { data: n, errors: s } = await r.json();
867
+ if (a.status !== 200)
868
+ return { status: a.status, data: [] };
869
+ const { data: n, errors: s } = await a.json();
768
870
  return {
769
- status: r.status,
871
+ status: a.status,
770
872
  data: n,
771
873
  errors: s
772
874
  };
773
- } catch (r) {
774
- return console.error(r), { status: 500, data: [] };
875
+ } catch (a) {
876
+ return console.error(a), { status: 500, data: [] };
775
877
  }
776
- }, Y = async ({
878
+ }, ae = async ({
777
879
  idToken: e,
778
880
  accessToken: t,
779
- refreshToken: o,
780
- clientId: r
881
+ refreshToken: r,
882
+ clientId: a
781
883
  }) => {
782
884
  try {
783
885
  return {
784
- status: (await Q({
785
- type: q.LOGOUT,
786
- clientId: r,
886
+ status: (await z({
887
+ type: F.LOGOUT,
888
+ clientId: a,
787
889
  params: {
788
890
  idToken: e,
789
891
  accessToken: t,
790
- refreshToken: o
892
+ refreshToken: r
791
893
  }
792
894
  })).status === 200
793
895
  };
@@ -796,35 +898,35 @@ const G = "Oops! It looks like your session has expired. For your security, plea
796
898
  status: !1
797
899
  };
798
900
  }
799
- }, fe = async ({
901
+ }, ge = async ({
800
902
  username: e,
801
903
  password: t,
802
- clientId: o,
803
- nonce: r,
904
+ clientId: r,
905
+ nonce: a,
804
906
  type: n,
805
907
  sessionExpiration: s,
806
- code: a,
807
- code_verifier: c
908
+ code: o,
909
+ code_verifier: i
808
910
  }) => {
809
911
  try {
810
- const i = await Q({
811
- type: q.AUTHENTICATE,
812
- clientId: o,
912
+ const c = await z({
913
+ type: F.AUTHENTICATE,
914
+ clientId: r,
813
915
  params: {
814
- type: n || F.ID_AND_ACCESS_TOKEN,
916
+ type: n || B.ID_AND_ACCESS_TOKEN,
815
917
  username: e,
816
918
  password: t,
817
919
  sessionExpiration: s,
818
- nonce: r,
819
- code: a,
820
- code_verifier: c
920
+ nonce: a,
921
+ code: o,
922
+ code_verifier: i
821
923
  }
822
- }), u = await be(i.data.idToken);
823
- return u && u.payload[_.USER_ID_KEY] !== "" && u.payload[_.NONCE_KEY] === r ? {
824
- idToken: i.data.idToken,
825
- accessToken: i.data.accessToken,
826
- refreshToken: i.data.refreshToken,
827
- userId: u.payload[_.USER_ID_KEY],
924
+ }), u = await H(c.data.idToken);
925
+ return u && u.payload[y.USER_ID_KEY] !== "" && u.payload[y.NONCE_KEY] === a ? {
926
+ idToken: c.data.idToken,
927
+ accessToken: c.data.accessToken,
928
+ refreshToken: c.data.refreshToken,
929
+ userId: u.payload[y.USER_ID_KEY],
828
930
  status: !0
829
931
  } : {
830
932
  status: !1
@@ -834,24 +936,56 @@ const G = "Oops! It looks like your session has expired. For your security, plea
834
936
  status: !1
835
937
  };
836
938
  }
837
- }, Nt = async ({
939
+ }, Ft = async ({
838
940
  nonce: e,
839
941
  clientId: t,
840
- code_challenge: o
942
+ code_challenge: r
841
943
  }) => {
842
944
  try {
843
- const r = await Q({
844
- type: q.CODE,
945
+ const a = await z({
946
+ type: F.CODE,
845
947
  clientId: t,
846
948
  params: {
847
- type: F.CODE,
949
+ type: B.CODE,
848
950
  nonce: e,
849
- code_challenge: o
951
+ code_challenge: r
850
952
  }
851
953
  });
852
- return r.data.code ? {
954
+ return a.data.code ? {
853
955
  status: !0,
854
- code: r.data.code
956
+ code: a.data.code
957
+ } : {
958
+ status: !1
959
+ };
960
+ } catch {
961
+ return {
962
+ status: !1
963
+ };
964
+ }
965
+ }, Gt = async ({
966
+ clientId: e,
967
+ userId: t,
968
+ nonce: r,
969
+ refreshToken: a,
970
+ accessToken: n
971
+ }) => {
972
+ try {
973
+ const s = await z({
974
+ type: F.AUTHENTICATE,
975
+ clientId: e,
976
+ params: {
977
+ type: B.REFRESH_TOKEN,
978
+ userId: t,
979
+ nonce: r,
980
+ refreshToken: a,
981
+ accessToken: n
982
+ }
983
+ }), o = await H(s.data.accessToken);
984
+ return o && o.payload[y.USER_ID_KEY] !== "" && o.payload[y.NONCE_KEY] === r ? {
985
+ accessToken: s.data.accessToken,
986
+ refreshToken: s.data.refreshToken,
987
+ userId: o.payload[y.USER_ID_KEY],
988
+ status: !0
855
989
  } : {
856
990
  status: !1
857
991
  };
@@ -860,144 +994,166 @@ const G = "Oops! It looks like your session has expired. For your security, plea
860
994
  status: !1
861
995
  };
862
996
  }
863
- }, $ = () => {
864
- throw new Error(Pt);
865
- }, Te = De({
997
+ }, j = () => {
998
+ throw new Error(Vt);
999
+ }, De = Je({
866
1000
  isAuthenticated: !1,
867
1001
  isLoading: !1,
868
- login: $,
869
- logout: $,
870
- getAccessToken: $,
871
- getIdToken: $,
1002
+ login: j,
1003
+ logout: j,
1004
+ getAccessToken: j,
1005
+ getIdToken: j,
872
1006
  logoutReason: ""
873
- }), Jt = ({
1007
+ }), Zt = ({
874
1008
  children: e,
875
1009
  sessionExpiration: t,
876
- clientId: o
1010
+ clientId: r
877
1011
  }) => {
878
- const [r, n, , s] = N({
879
- key: `${L}::${o}::@@user@@`
880
- }), [a, c, , i] = N({
881
- key: `${L}::${o}::@@access@@`
882
- }), [u, m, , f] = N(
1012
+ const [a, n, , s] = W({
1013
+ key: `${x}::${r}::@@user@@`
1014
+ }), [o, i, , c] = W({
1015
+ key: `${x}::${r}::@@access@@`
1016
+ }), [u, f, , p] = W(
883
1017
  {
884
- key: `${L}::${o}::@@refresh@@`
1018
+ key: `${x}::${r}::@@refresh@@`
885
1019
  }
886
- ), [, E, , y] = N({
887
- key: `${L}::${o}::@@nonce@@`
888
- }), [p, v] = Ue({
1020
+ ), [_, S, , m] = W({
1021
+ key: `${x}::${r}::@@nonce@@`
1022
+ }), [k, N] = xe({
889
1023
  isLoading: !0,
890
1024
  isAuthenticated: !1,
891
1025
  userId: "",
892
1026
  logoutReason: ""
893
- }), I = Ne(
894
- (g) => {
895
- v({
1027
+ }), A = je(
1028
+ (w) => {
1029
+ N({
896
1030
  isLoading: !1,
897
1031
  isAuthenticated: !1,
898
1032
  userId: "",
899
- logoutReason: g || G
900
- }), s(), i(), f(), y();
1033
+ logoutReason: w || re
1034
+ }), s(), c(), p(), m();
901
1035
  },
902
- [s, i, y, f]
1036
+ [s, c, m, p]
903
1037
  );
904
- He(() => {
905
- p.isLoading && r !== null && (async () => {
1038
+ Me(() => {
1039
+ k.isLoading && a !== null && (async () => {
906
1040
  try {
907
- const g = await be(r);
908
- g && g.payload[_.USER_ID_KEY] !== "" ? v({
1041
+ const w = await H(a);
1042
+ w && w.payload[y.USER_ID_KEY] !== "" ? N({
909
1043
  isLoading: !1,
910
1044
  isAuthenticated: !0,
911
- userId: g.payload[_.USER_ID_KEY],
1045
+ userId: w.payload[y.USER_ID_KEY],
912
1046
  logoutReason: ""
913
- }) : (I(G), await Y({
914
- idToken: r,
915
- accessToken: a,
1047
+ }) : (A(re), await ae({
1048
+ idToken: a,
1049
+ accessToken: o,
916
1050
  refreshToken: u,
917
- clientId: o
1051
+ clientId: r
918
1052
  }));
919
1053
  } catch {
920
- I(G), await Y({
921
- idToken: r,
922
- accessToken: a,
1054
+ A(re), await ae({
1055
+ idToken: a,
1056
+ accessToken: o,
923
1057
  refreshToken: u,
924
- clientId: o
1058
+ clientId: r
925
1059
  });
926
1060
  }
927
1061
  })();
928
1062
  }, [
929
- p.isLoading,
1063
+ k.isLoading,
1064
+ o,
930
1065
  a,
931
- r,
932
1066
  u,
933
- o,
934
- I
1067
+ r,
1068
+ A
935
1069
  ]);
936
- const ve = async (g, Z, W) => {
937
- const O = Ct();
938
- if (E(O), W === F.CODE) {
939
- const { code_verifier: Ce, code_challenge: Oe } = await bt(), ee = await Nt({
940
- nonce: O,
941
- clientId: o,
942
- code_challenge: Oe
1070
+ const Ue = async (w, P, I) => {
1071
+ const R = jt();
1072
+ if (S(R), I === B.CODE) {
1073
+ const { code_verifier: $e, code_challenge: Le } = await Nt(), se = await Ft({
1074
+ nonce: R,
1075
+ clientId: r,
1076
+ code_challenge: Le
943
1077
  });
944
- if (ee.status) {
945
- const k = await fe({
946
- username: g,
947
- password: Z,
948
- clientId: o,
1078
+ if (se.status) {
1079
+ const O = await ge({
1080
+ username: w,
1081
+ password: P,
1082
+ clientId: r,
949
1083
  sessionExpiration: t,
950
- nonce: O,
951
- type: W,
952
- code: ee.code,
953
- code_verifier: Ce
1084
+ nonce: R,
1085
+ type: I,
1086
+ code: se.code,
1087
+ code_verifier: $e
954
1088
  });
955
- return k.status ? (n(k.idToken), c(k.accessToken), m(k.refreshToken), v({
1089
+ return O.status ? (n(O.idToken), i(O.accessToken), f(O.refreshToken), N({
956
1090
  isLoading: !1,
957
1091
  isAuthenticated: !0,
958
- userId: k.userId,
1092
+ userId: O.userId,
959
1093
  logoutReason: ""
960
- }), !0) : (I(he), !1);
1094
+ }), !0) : (A(Se), !1);
961
1095
  }
962
1096
  return !1;
963
1097
  }
964
- const R = await fe({
965
- username: g,
966
- password: Z,
967
- clientId: o,
1098
+ const E = await ge({
1099
+ username: w,
1100
+ password: P,
1101
+ clientId: r,
968
1102
  sessionExpiration: t,
969
- nonce: O,
970
- type: W
1103
+ nonce: R,
1104
+ type: I
971
1105
  });
972
- return R.status ? (n(R.idToken), c(R.accessToken), m(R.refreshToken), v({
1106
+ return E.status ? (n(E.idToken), i(E.accessToken), f(E.refreshToken), N({
973
1107
  isLoading: !1,
974
1108
  isAuthenticated: !0,
975
- userId: R.userId
976
- }), !0) : (I(he), !1);
977
- }, Ie = async () => {
978
- I(Ot), await Y({
979
- idToken: r,
980
- accessToken: a,
1109
+ userId: E.userId
1110
+ }), !0) : (A(Se), !1);
1111
+ }, He = async () => {
1112
+ A(Mt), await ae({
1113
+ idToken: a,
1114
+ accessToken: o,
981
1115
  refreshToken: u,
982
- clientId: o
1116
+ clientId: r
983
1117
  });
984
- }, Re = () => {
985
- if (p.isAuthenticated && a)
1118
+ }, Ne = async () => {
1119
+ const { isAuthenticated: w, userId: P } = k;
1120
+ try {
1121
+ if (w && P && o) {
1122
+ const I = await H(o);
1123
+ if (I && I.payload[y.USER_ID_KEY] !== "")
1124
+ return o;
1125
+ const R = await H(u);
1126
+ if (R && R.payload[y.USER_ID_KEY] !== "") {
1127
+ const E = await Gt({
1128
+ clientId: r,
1129
+ userId: P,
1130
+ nonce: _,
1131
+ refreshToken: u,
1132
+ accessToken: o
1133
+ });
1134
+ if (E.status)
1135
+ return i(E.accessToken), f(E.refreshToken), E.accessToken;
1136
+ A(U);
1137
+ }
1138
+ return A(U), console.error(U), "";
1139
+ }
1140
+ } catch {
1141
+ return A(U), console.error(U), "";
1142
+ }
1143
+ }, Ke = () => {
1144
+ if (k.isAuthenticated && a)
986
1145
  return a;
987
- }, ke = () => {
988
- if (p.isAuthenticated && r)
989
- return r;
990
1146
  };
991
- return /* @__PURE__ */ Pe(
992
- Te.Provider,
1147
+ return /* @__PURE__ */ We(
1148
+ De.Provider,
993
1149
  {
994
- value: { ...p, login: ve, logout: Ie, getAccessToken: Re, getIdToken: ke },
1150
+ value: { ...k, login: Ue, logout: He, getAccessToken: Ne, getIdToken: Ke },
995
1151
  children: e
996
1152
  }
997
1153
  );
998
- }, Kt = (e = Te) => Le(e);
1154
+ }, er = (e = De) => Ve(e);
999
1155
  export {
1000
- F as AUTH_TYPES,
1001
- Jt as AuthProvider,
1002
- Kt as useAuth
1156
+ B as AUTH_TYPES,
1157
+ Zt as AuthProvider,
1158
+ er as useAuth
1003
1159
  };