@versini/auth-provider 5.0.1 → 5.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.d.ts +1 -1
- package/dist/index.js +465 -399
- package/package.json +2 -2
package/dist/index.js
CHANGED
|
@@ -1,14 +1,17 @@
|
|
|
1
|
-
|
|
1
|
+
var je = Object.defineProperty;
|
|
2
|
+
var Me = (e, t, r) => t in e ? je(e, t, { enumerable: !0, configurable: !0, writable: !0, value: r }) : e[t] = r;
|
|
3
|
+
var N = (e, t, r) => (Me(e, typeof t != "symbol" ? t + "" : t, r), r);
|
|
4
|
+
import { jsx as Ve } from "react/jsx-runtime";
|
|
2
5
|
import * as U from "react";
|
|
3
|
-
import { createContext as
|
|
6
|
+
import { createContext as Ye, useRef as Be, useState as Fe, useCallback as Ge, useEffect as qe, useContext as ze } from "react";
|
|
4
7
|
/*!
|
|
5
|
-
@versini/auth-provider v5.0.
|
|
8
|
+
@versini/auth-provider v5.0.3
|
|
6
9
|
© 2024 gizmette.com
|
|
7
10
|
*/
|
|
8
11
|
try {
|
|
9
12
|
window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
|
|
10
|
-
version: "5.0.
|
|
11
|
-
buildTime: "07/
|
|
13
|
+
version: "5.0.3",
|
|
14
|
+
buildTime: "07/05/2024 10:27 AM EDT",
|
|
12
15
|
homepage: "https://github.com/aversini/auth-client",
|
|
13
16
|
license: "MIT"
|
|
14
17
|
});
|
|
@@ -21,28 +24,28 @@ try {
|
|
|
21
24
|
try {
|
|
22
25
|
window.__VERSINI_AUTH_COMMON__ || (window.__VERSINI_AUTH_COMMON__ = {
|
|
23
26
|
version: "2.10.1",
|
|
24
|
-
buildTime: "07/
|
|
27
|
+
buildTime: "07/05/2024 10:27 AM EDT",
|
|
25
28
|
homepage: "https://github.com/aversini/auth-client",
|
|
26
29
|
license: "MIT"
|
|
27
30
|
});
|
|
28
31
|
} catch {
|
|
29
32
|
}
|
|
30
|
-
const
|
|
33
|
+
const F = {
|
|
31
34
|
ID_TOKEN: "id_token",
|
|
32
35
|
ACCESS_TOKEN: "token",
|
|
33
36
|
ID_AND_ACCESS_TOKEN: "id_token token",
|
|
34
37
|
CODE: "code",
|
|
35
38
|
REFRESH_TOKEN: "refresh_token"
|
|
36
|
-
},
|
|
39
|
+
}, Xe = {
|
|
37
40
|
CLIENT_ID: "X-Auth-ClientId"
|
|
38
|
-
},
|
|
41
|
+
}, m = {
|
|
39
42
|
ALG: "RS256",
|
|
40
43
|
USER_ID_KEY: "sub",
|
|
41
44
|
TOKEN_ID_KEY: "__raw",
|
|
42
45
|
NONCE_KEY: "_nonce",
|
|
43
46
|
USERNAME_KEY: "username",
|
|
44
47
|
ISSUER: "gizmette.com"
|
|
45
|
-
},
|
|
48
|
+
}, Qe = `-----BEGIN PUBLIC KEY-----
|
|
46
49
|
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6i3Jd9fY/3COqCw/m7
|
|
47
50
|
w5PKyTYLGAI2I6SIIdpe6i6DOCbEkmDz7LdVsBqwNtVi8gvWYIj+8ol6rU3qu1v5
|
|
48
51
|
i1Jd45GSK4kzkVdgCmQZbM5ak0KI99q5wsrAIzUd+LRJ2HRvWtr5IYdsIiXaQjle
|
|
@@ -50,28 +53,28 @@ aMwPFOIcJH+rKfFgNcHLcaS5syp7zU1ANwZ+trgR+DifBr8TLVkBynmNeTyhDm2+
|
|
|
50
53
|
l0haqjMk0UoNPPE8iYBWUHQJJE1Dqstj65d6Eh5g64Pao25y4cmYJbKjiblIGEkE
|
|
51
54
|
sjqybA9mARAqh9k/eiIopecWSiffNQTwVQVd2I9ZH3BalhEXHlqFgrjz51kFqg81
|
|
52
55
|
awIDAQAB
|
|
53
|
-
-----END PUBLIC KEY-----`,
|
|
56
|
+
-----END PUBLIC KEY-----`, G = {
|
|
54
57
|
AUTHENTICATE: "authenticate",
|
|
55
58
|
CODE: "code",
|
|
56
59
|
LOGOUT: "logout"
|
|
57
|
-
},
|
|
58
|
-
function
|
|
60
|
+
}, q = crypto, be = (e) => e instanceof CryptoKey, L = new TextEncoder(), z = new TextDecoder();
|
|
61
|
+
function Ze(...e) {
|
|
59
62
|
const t = e.reduce((n, { length: s }) => n + s, 0), r = new Uint8Array(t);
|
|
60
63
|
let a = 0;
|
|
61
64
|
for (const n of e)
|
|
62
65
|
r.set(n, a), a += n.length;
|
|
63
66
|
return r;
|
|
64
67
|
}
|
|
65
|
-
const
|
|
68
|
+
const et = (e) => {
|
|
66
69
|
const t = atob(e), r = new Uint8Array(t.length);
|
|
67
70
|
for (let a = 0; a < t.length; a++)
|
|
68
71
|
r[a] = t.charCodeAt(a);
|
|
69
72
|
return r;
|
|
70
|
-
},
|
|
73
|
+
}, V = (e) => {
|
|
71
74
|
let t = e;
|
|
72
|
-
t instanceof Uint8Array && (t =
|
|
75
|
+
t instanceof Uint8Array && (t = z.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
|
|
73
76
|
try {
|
|
74
|
-
return
|
|
77
|
+
return et(t);
|
|
75
78
|
} catch {
|
|
76
79
|
throw new TypeError("The input to be decoded is not correctly encoded.");
|
|
77
80
|
}
|
|
@@ -85,7 +88,7 @@ class C extends Error {
|
|
|
85
88
|
super(t), this.code = "ERR_JOSE_GENERIC", this.name = this.constructor.name, (r = Error.captureStackTrace) == null || r.call(Error, this, this.constructor);
|
|
86
89
|
}
|
|
87
90
|
}
|
|
88
|
-
class
|
|
91
|
+
class g extends C {
|
|
89
92
|
static get code() {
|
|
90
93
|
return "ERR_JWT_CLAIM_VALIDATION_FAILED";
|
|
91
94
|
}
|
|
@@ -93,7 +96,7 @@ class A extends C {
|
|
|
93
96
|
super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = a, this.reason = n, this.payload = r;
|
|
94
97
|
}
|
|
95
98
|
}
|
|
96
|
-
class
|
|
99
|
+
class de extends C {
|
|
97
100
|
static get code() {
|
|
98
101
|
return "ERR_JWT_EXPIRED";
|
|
99
102
|
}
|
|
@@ -101,7 +104,7 @@ class ce extends C {
|
|
|
101
104
|
super(t), this.code = "ERR_JWT_EXPIRED", this.claim = a, this.reason = n, this.payload = r;
|
|
102
105
|
}
|
|
103
106
|
}
|
|
104
|
-
class
|
|
107
|
+
class tt extends C {
|
|
105
108
|
constructor() {
|
|
106
109
|
super(...arguments), this.code = "ERR_JOSE_ALG_NOT_ALLOWED";
|
|
107
110
|
}
|
|
@@ -109,14 +112,14 @@ class qe extends C {
|
|
|
109
112
|
return "ERR_JOSE_ALG_NOT_ALLOWED";
|
|
110
113
|
}
|
|
111
114
|
}
|
|
112
|
-
let
|
|
115
|
+
let R = class extends C {
|
|
113
116
|
constructor() {
|
|
114
117
|
super(...arguments), this.code = "ERR_JOSE_NOT_SUPPORTED";
|
|
115
118
|
}
|
|
116
119
|
static get code() {
|
|
117
120
|
return "ERR_JOSE_NOT_SUPPORTED";
|
|
118
121
|
}
|
|
119
|
-
},
|
|
122
|
+
}, f = class extends C {
|
|
120
123
|
constructor() {
|
|
121
124
|
super(...arguments), this.code = "ERR_JWS_INVALID";
|
|
122
125
|
}
|
|
@@ -124,7 +127,7 @@ let k = class extends C {
|
|
|
124
127
|
return "ERR_JWS_INVALID";
|
|
125
128
|
}
|
|
126
129
|
};
|
|
127
|
-
class
|
|
130
|
+
class _e extends C {
|
|
128
131
|
constructor() {
|
|
129
132
|
super(...arguments), this.code = "ERR_JWT_INVALID";
|
|
130
133
|
}
|
|
@@ -132,7 +135,7 @@ class be extends C {
|
|
|
132
135
|
return "ERR_JWT_INVALID";
|
|
133
136
|
}
|
|
134
137
|
}
|
|
135
|
-
class
|
|
138
|
+
class rt extends C {
|
|
136
139
|
constructor() {
|
|
137
140
|
super(...arguments), this.code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED", this.message = "signature verification failed";
|
|
138
141
|
}
|
|
@@ -140,16 +143,16 @@ class ze extends C {
|
|
|
140
143
|
return "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
|
|
141
144
|
}
|
|
142
145
|
}
|
|
143
|
-
function
|
|
146
|
+
function _(e, t = "algorithm.name") {
|
|
144
147
|
return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`);
|
|
145
148
|
}
|
|
146
149
|
function $(e, t) {
|
|
147
150
|
return e.name === t;
|
|
148
151
|
}
|
|
149
|
-
function
|
|
152
|
+
function Z(e) {
|
|
150
153
|
return parseInt(e.name.slice(4), 10);
|
|
151
154
|
}
|
|
152
|
-
function
|
|
155
|
+
function at(e) {
|
|
153
156
|
switch (e) {
|
|
154
157
|
case "ES256":
|
|
155
158
|
return "P-256";
|
|
@@ -161,7 +164,7 @@ function Xe(e) {
|
|
|
161
164
|
throw new Error("unreachable");
|
|
162
165
|
}
|
|
163
166
|
}
|
|
164
|
-
function
|
|
167
|
+
function nt(e, t) {
|
|
165
168
|
if (t.length && !t.some((r) => e.usages.includes(r))) {
|
|
166
169
|
let r = "CryptoKey does not support this operation, its usages must include ";
|
|
167
170
|
if (t.length > 2) {
|
|
@@ -172,59 +175,59 @@ function Qe(e, t) {
|
|
|
172
175
|
throw new TypeError(r);
|
|
173
176
|
}
|
|
174
177
|
}
|
|
175
|
-
function
|
|
178
|
+
function st(e, t, ...r) {
|
|
176
179
|
switch (t) {
|
|
177
180
|
case "HS256":
|
|
178
181
|
case "HS384":
|
|
179
182
|
case "HS512": {
|
|
180
183
|
if (!$(e.algorithm, "HMAC"))
|
|
181
|
-
throw
|
|
184
|
+
throw _("HMAC");
|
|
182
185
|
const a = parseInt(t.slice(2), 10);
|
|
183
|
-
if (
|
|
184
|
-
throw
|
|
186
|
+
if (Z(e.algorithm.hash) !== a)
|
|
187
|
+
throw _(`SHA-${a}`, "algorithm.hash");
|
|
185
188
|
break;
|
|
186
189
|
}
|
|
187
190
|
case "RS256":
|
|
188
191
|
case "RS384":
|
|
189
192
|
case "RS512": {
|
|
190
193
|
if (!$(e.algorithm, "RSASSA-PKCS1-v1_5"))
|
|
191
|
-
throw
|
|
194
|
+
throw _("RSASSA-PKCS1-v1_5");
|
|
192
195
|
const a = parseInt(t.slice(2), 10);
|
|
193
|
-
if (
|
|
194
|
-
throw
|
|
196
|
+
if (Z(e.algorithm.hash) !== a)
|
|
197
|
+
throw _(`SHA-${a}`, "algorithm.hash");
|
|
195
198
|
break;
|
|
196
199
|
}
|
|
197
200
|
case "PS256":
|
|
198
201
|
case "PS384":
|
|
199
202
|
case "PS512": {
|
|
200
203
|
if (!$(e.algorithm, "RSA-PSS"))
|
|
201
|
-
throw
|
|
204
|
+
throw _("RSA-PSS");
|
|
202
205
|
const a = parseInt(t.slice(2), 10);
|
|
203
|
-
if (
|
|
204
|
-
throw
|
|
206
|
+
if (Z(e.algorithm.hash) !== a)
|
|
207
|
+
throw _(`SHA-${a}`, "algorithm.hash");
|
|
205
208
|
break;
|
|
206
209
|
}
|
|
207
210
|
case "EdDSA": {
|
|
208
211
|
if (e.algorithm.name !== "Ed25519" && e.algorithm.name !== "Ed448")
|
|
209
|
-
throw
|
|
212
|
+
throw _("Ed25519 or Ed448");
|
|
210
213
|
break;
|
|
211
214
|
}
|
|
212
215
|
case "ES256":
|
|
213
216
|
case "ES384":
|
|
214
217
|
case "ES512": {
|
|
215
218
|
if (!$(e.algorithm, "ECDSA"))
|
|
216
|
-
throw
|
|
217
|
-
const a =
|
|
219
|
+
throw _("ECDSA");
|
|
220
|
+
const a = at(t);
|
|
218
221
|
if (e.algorithm.namedCurve !== a)
|
|
219
|
-
throw
|
|
222
|
+
throw _(a, "algorithm.namedCurve");
|
|
220
223
|
break;
|
|
221
224
|
}
|
|
222
225
|
default:
|
|
223
226
|
throw new TypeError("CryptoKey does not support this operation");
|
|
224
227
|
}
|
|
225
|
-
|
|
228
|
+
nt(e, r);
|
|
226
229
|
}
|
|
227
|
-
function
|
|
230
|
+
function ve(e, t, ...r) {
|
|
228
231
|
var a;
|
|
229
232
|
if (r.length > 2) {
|
|
230
233
|
const n = r.pop();
|
|
@@ -233,11 +236,11 @@ function _e(e, t, ...r) {
|
|
|
233
236
|
r.length === 2 ? e += `one of type ${r[0]} or ${r[1]}.` : e += `of type ${r[0]}.`;
|
|
234
237
|
return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (a = t.constructor) != null && a.name && (e += ` Received an instance of ${t.constructor.name}`), e;
|
|
235
238
|
}
|
|
236
|
-
const
|
|
237
|
-
function
|
|
238
|
-
return
|
|
239
|
+
const le = (e, ...t) => ve("Key must be ", e, ...t);
|
|
240
|
+
function Re(e, t, ...r) {
|
|
241
|
+
return ve(`Key for the ${e} algorithm must be `, t, ...r);
|
|
239
242
|
}
|
|
240
|
-
const
|
|
243
|
+
const Ie = (e) => be(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", B = ["CryptoKey"], ot = (...e) => {
|
|
241
244
|
const t = e.filter(Boolean);
|
|
242
245
|
if (t.length === 0 || t.length === 1)
|
|
243
246
|
return !0;
|
|
@@ -256,11 +259,11 @@ const Te = (e) => Ae(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) ===
|
|
|
256
259
|
}
|
|
257
260
|
return !0;
|
|
258
261
|
};
|
|
259
|
-
function
|
|
262
|
+
function it(e) {
|
|
260
263
|
return typeof e == "object" && e !== null;
|
|
261
264
|
}
|
|
262
|
-
function
|
|
263
|
-
if (!
|
|
265
|
+
function ie(e) {
|
|
266
|
+
if (!it(e) || Object.prototype.toString.call(e) !== "[object Object]")
|
|
264
267
|
return !1;
|
|
265
268
|
if (Object.getPrototypeOf(e) === null)
|
|
266
269
|
return !0;
|
|
@@ -269,14 +272,14 @@ function ne(e) {
|
|
|
269
272
|
t = Object.getPrototypeOf(t);
|
|
270
273
|
return Object.getPrototypeOf(e) === t;
|
|
271
274
|
}
|
|
272
|
-
const
|
|
275
|
+
const ct = (e, t) => {
|
|
273
276
|
if (e.startsWith("RS") || e.startsWith("PS")) {
|
|
274
277
|
const { modulusLength: r } = t.algorithm;
|
|
275
278
|
if (typeof r != "number" || r < 2048)
|
|
276
279
|
throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`);
|
|
277
280
|
}
|
|
278
281
|
};
|
|
279
|
-
function
|
|
282
|
+
function ut(e) {
|
|
280
283
|
let t, r;
|
|
281
284
|
switch (e.kty) {
|
|
282
285
|
case "RSA": {
|
|
@@ -301,7 +304,7 @@ function at(e) {
|
|
|
301
304
|
}, r = e.d ? ["decrypt", "unwrapKey"] : ["encrypt", "wrapKey"];
|
|
302
305
|
break;
|
|
303
306
|
default:
|
|
304
|
-
throw new
|
|
307
|
+
throw new R('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
|
|
305
308
|
}
|
|
306
309
|
break;
|
|
307
310
|
}
|
|
@@ -323,7 +326,7 @@ function at(e) {
|
|
|
323
326
|
t = { name: "ECDH", namedCurve: e.crv }, r = e.d ? ["deriveBits"] : [];
|
|
324
327
|
break;
|
|
325
328
|
default:
|
|
326
|
-
throw new
|
|
329
|
+
throw new R('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
|
|
327
330
|
}
|
|
328
331
|
break;
|
|
329
332
|
}
|
|
@@ -339,71 +342,71 @@ function at(e) {
|
|
|
339
342
|
t = { name: e.crv }, r = e.d ? ["deriveBits"] : [];
|
|
340
343
|
break;
|
|
341
344
|
default:
|
|
342
|
-
throw new
|
|
345
|
+
throw new R('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
|
|
343
346
|
}
|
|
344
347
|
break;
|
|
345
348
|
}
|
|
346
349
|
default:
|
|
347
|
-
throw new
|
|
350
|
+
throw new R('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
|
|
348
351
|
}
|
|
349
352
|
return { algorithm: t, keyUsages: r };
|
|
350
353
|
}
|
|
351
|
-
const
|
|
354
|
+
const dt = async (e) => {
|
|
352
355
|
if (!e.alg)
|
|
353
356
|
throw new TypeError('"alg" argument is required when "jwk.alg" is not present');
|
|
354
|
-
const { algorithm: t, keyUsages: r } =
|
|
357
|
+
const { algorithm: t, keyUsages: r } = ut(e), a = [
|
|
355
358
|
t,
|
|
356
359
|
e.ext ?? !1,
|
|
357
360
|
e.key_ops ?? r
|
|
358
361
|
], n = { ...e };
|
|
359
|
-
return delete n.alg, delete n.use,
|
|
360
|
-
},
|
|
361
|
-
let
|
|
362
|
-
const
|
|
362
|
+
return delete n.alg, delete n.use, q.subtle.importKey("jwk", n, ...a);
|
|
363
|
+
}, Ce = (e) => V(e);
|
|
364
|
+
let ee, te;
|
|
365
|
+
const Pe = (e) => (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", Oe = async (e, t, r, a) => {
|
|
363
366
|
let n = e.get(t);
|
|
364
367
|
if (n != null && n[a])
|
|
365
368
|
return n[a];
|
|
366
|
-
const s = await
|
|
369
|
+
const s = await dt({ ...r, alg: a });
|
|
367
370
|
return n ? n[a] = s : e.set(t, { [a]: s }), s;
|
|
368
|
-
},
|
|
369
|
-
if (
|
|
371
|
+
}, lt = (e, t) => {
|
|
372
|
+
if (Pe(e)) {
|
|
370
373
|
let r = e.export({ format: "jwk" });
|
|
371
|
-
return delete r.d, delete r.dp, delete r.dq, delete r.p, delete r.q, delete r.qi, r.k ?
|
|
374
|
+
return delete r.d, delete r.dp, delete r.dq, delete r.p, delete r.q, delete r.qi, r.k ? Ce(r.k) : (te || (te = /* @__PURE__ */ new WeakMap()), Oe(te, e, r, t));
|
|
372
375
|
}
|
|
373
376
|
return e;
|
|
374
|
-
},
|
|
375
|
-
if (
|
|
377
|
+
}, ht = (e, t) => {
|
|
378
|
+
if (Pe(e)) {
|
|
376
379
|
let r = e.export({ format: "jwk" });
|
|
377
|
-
return r.k ?
|
|
380
|
+
return r.k ? Ce(r.k) : (ee || (ee = /* @__PURE__ */ new WeakMap()), Oe(ee, e, r, t));
|
|
378
381
|
}
|
|
379
382
|
return e;
|
|
380
|
-
},
|
|
383
|
+
}, ft = { normalizePublicKey: lt, normalizePrivateKey: ht }, v = (e, t, r = 0) => {
|
|
381
384
|
r === 0 && (t.unshift(t.length), t.unshift(6));
|
|
382
385
|
const a = e.indexOf(t[0], r);
|
|
383
386
|
if (a === -1)
|
|
384
387
|
return !1;
|
|
385
388
|
const n = e.subarray(a, a + t.length);
|
|
386
|
-
return n.length !== t.length ? !1 : n.every((s, o) => s === t[o]) ||
|
|
387
|
-
},
|
|
389
|
+
return n.length !== t.length ? !1 : n.every((s, o) => s === t[o]) || v(e, t, a + 1);
|
|
390
|
+
}, he = (e) => {
|
|
388
391
|
switch (!0) {
|
|
389
|
-
case
|
|
392
|
+
case v(e, [42, 134, 72, 206, 61, 3, 1, 7]):
|
|
390
393
|
return "P-256";
|
|
391
|
-
case
|
|
394
|
+
case v(e, [43, 129, 4, 0, 34]):
|
|
392
395
|
return "P-384";
|
|
393
|
-
case
|
|
396
|
+
case v(e, [43, 129, 4, 0, 35]):
|
|
394
397
|
return "P-521";
|
|
395
|
-
case
|
|
398
|
+
case v(e, [43, 101, 110]):
|
|
396
399
|
return "X25519";
|
|
397
|
-
case
|
|
400
|
+
case v(e, [43, 101, 111]):
|
|
398
401
|
return "X448";
|
|
399
|
-
case
|
|
402
|
+
case v(e, [43, 101, 112]):
|
|
400
403
|
return "Ed25519";
|
|
401
|
-
case
|
|
404
|
+
case v(e, [43, 101, 113]):
|
|
402
405
|
return "Ed448";
|
|
403
406
|
default:
|
|
404
|
-
throw new
|
|
407
|
+
throw new R("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
|
|
405
408
|
}
|
|
406
|
-
},
|
|
409
|
+
}, pt = async (e, t, r, a, n) => {
|
|
407
410
|
let s, o;
|
|
408
411
|
const i = new Uint8Array(atob(r.replace(e, "")).split("").map((c) => c.charCodeAt(0)));
|
|
409
412
|
switch (a) {
|
|
@@ -439,43 +442,43 @@ const Re = (e) => (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject",
|
|
|
439
442
|
case "ECDH-ES+A128KW":
|
|
440
443
|
case "ECDH-ES+A192KW":
|
|
441
444
|
case "ECDH-ES+A256KW": {
|
|
442
|
-
const c =
|
|
445
|
+
const c = he(i);
|
|
443
446
|
s = c.startsWith("P-") ? { name: "ECDH", namedCurve: c } : { name: c }, o = [];
|
|
444
447
|
break;
|
|
445
448
|
}
|
|
446
449
|
case "EdDSA":
|
|
447
|
-
s = { name:
|
|
450
|
+
s = { name: he(i) }, o = ["verify"];
|
|
448
451
|
break;
|
|
449
452
|
default:
|
|
450
|
-
throw new
|
|
453
|
+
throw new R('Invalid or unsupported "alg" (Algorithm) value');
|
|
451
454
|
}
|
|
452
|
-
return
|
|
453
|
-
},
|
|
454
|
-
async function
|
|
455
|
+
return q.subtle.importKey(t, i, s, !1, o);
|
|
456
|
+
}, yt = (e, t, r) => pt(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
|
|
457
|
+
async function mt(e, t, r) {
|
|
455
458
|
if (e.indexOf("-----BEGIN PUBLIC KEY-----") !== 0)
|
|
456
459
|
throw new TypeError('"spki" must be SPKI formatted string');
|
|
457
|
-
return
|
|
460
|
+
return yt(e, t);
|
|
458
461
|
}
|
|
459
|
-
const
|
|
462
|
+
const Y = (e) => e == null ? void 0 : e[Symbol.toStringTag], wt = (e, t) => {
|
|
460
463
|
if (!(t instanceof Uint8Array)) {
|
|
461
|
-
if (!
|
|
462
|
-
throw new TypeError(
|
|
464
|
+
if (!Ie(t))
|
|
465
|
+
throw new TypeError(Re(e, t, ...B, "Uint8Array"));
|
|
463
466
|
if (t.type !== "secret")
|
|
464
|
-
throw new TypeError(`${
|
|
467
|
+
throw new TypeError(`${Y(t)} instances for symmetric algorithms must be of type "secret"`);
|
|
465
468
|
}
|
|
466
|
-
},
|
|
467
|
-
if (!
|
|
468
|
-
throw new TypeError(
|
|
469
|
+
}, Et = (e, t, r) => {
|
|
470
|
+
if (!Ie(t))
|
|
471
|
+
throw new TypeError(Re(e, t, ...B));
|
|
469
472
|
if (t.type === "secret")
|
|
470
|
-
throw new TypeError(`${
|
|
473
|
+
throw new TypeError(`${Y(t)} instances for asymmetric algorithms must not be of type "secret"`);
|
|
471
474
|
if (t.algorithm && r === "verify" && t.type === "private")
|
|
472
|
-
throw new TypeError(`${
|
|
475
|
+
throw new TypeError(`${Y(t)} instances for asymmetric algorithm verifying must be of type "public"`);
|
|
473
476
|
if (t.algorithm && r === "encrypt" && t.type === "private")
|
|
474
|
-
throw new TypeError(`${
|
|
475
|
-
},
|
|
476
|
-
e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ?
|
|
477
|
+
throw new TypeError(`${Y(t)} instances for asymmetric algorithm encryption must be of type "public"`);
|
|
478
|
+
}, St = (e, t, r) => {
|
|
479
|
+
e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? wt(e, t) : Et(e, t, r);
|
|
477
480
|
};
|
|
478
|
-
function
|
|
481
|
+
function gt(e, t, r, a, n) {
|
|
479
482
|
if (n.crit !== void 0 && (a == null ? void 0 : a.crit) === void 0)
|
|
480
483
|
throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');
|
|
481
484
|
if (!a || a.crit === void 0)
|
|
@@ -486,7 +489,7 @@ function yt(e, t, r, a, n) {
|
|
|
486
489
|
r !== void 0 ? s = new Map([...Object.entries(r), ...t.entries()]) : s = t;
|
|
487
490
|
for (const o of a.crit) {
|
|
488
491
|
if (!s.has(o))
|
|
489
|
-
throw new
|
|
492
|
+
throw new R(`Extension Header Parameter "${o}" is not recognized`);
|
|
490
493
|
if (n[o] === void 0)
|
|
491
494
|
throw new e(`Extension Header Parameter "${o}" is missing`);
|
|
492
495
|
if (s.get(o) && a[o] === void 0)
|
|
@@ -494,13 +497,13 @@ function yt(e, t, r, a, n) {
|
|
|
494
497
|
}
|
|
495
498
|
return new Set(a.crit);
|
|
496
499
|
}
|
|
497
|
-
const
|
|
500
|
+
const At = (e, t) => {
|
|
498
501
|
if (t !== void 0 && (!Array.isArray(t) || t.some((r) => typeof r != "string")))
|
|
499
502
|
throw new TypeError(`"${e}" option must be an array of strings`);
|
|
500
503
|
if (t)
|
|
501
504
|
return new Set(t);
|
|
502
505
|
};
|
|
503
|
-
function
|
|
506
|
+
function Tt(e, t) {
|
|
504
507
|
const r = `SHA-${e.slice(-3)}`;
|
|
505
508
|
switch (e) {
|
|
506
509
|
case "HS256":
|
|
@@ -522,104 +525,104 @@ function mt(e, t) {
|
|
|
522
525
|
case "EdDSA":
|
|
523
526
|
return { name: t.name };
|
|
524
527
|
default:
|
|
525
|
-
throw new
|
|
528
|
+
throw new R(`alg ${e} is not supported either by JOSE or your javascript runtime`);
|
|
526
529
|
}
|
|
527
530
|
}
|
|
528
|
-
async function
|
|
529
|
-
if (t = await
|
|
530
|
-
return
|
|
531
|
+
async function kt(e, t, r) {
|
|
532
|
+
if (t = await ft.normalizePublicKey(t, e), be(t))
|
|
533
|
+
return st(t, e, r), t;
|
|
531
534
|
if (t instanceof Uint8Array) {
|
|
532
535
|
if (!e.startsWith("HS"))
|
|
533
|
-
throw new TypeError(
|
|
534
|
-
return
|
|
536
|
+
throw new TypeError(le(t, ...B));
|
|
537
|
+
return q.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [r]);
|
|
535
538
|
}
|
|
536
|
-
throw new TypeError(
|
|
539
|
+
throw new TypeError(le(t, ...B, "Uint8Array"));
|
|
537
540
|
}
|
|
538
|
-
const
|
|
539
|
-
const n = await
|
|
540
|
-
|
|
541
|
-
const s =
|
|
541
|
+
const bt = async (e, t, r, a) => {
|
|
542
|
+
const n = await kt(e, t, "verify");
|
|
543
|
+
ct(e, n);
|
|
544
|
+
const s = Tt(e, n.algorithm);
|
|
542
545
|
try {
|
|
543
|
-
return await
|
|
546
|
+
return await q.subtle.verify(s, n, r, a);
|
|
544
547
|
} catch {
|
|
545
548
|
return !1;
|
|
546
549
|
}
|
|
547
550
|
};
|
|
548
|
-
async function
|
|
549
|
-
if (!
|
|
550
|
-
throw new
|
|
551
|
+
async function _t(e, t, r) {
|
|
552
|
+
if (!ie(e))
|
|
553
|
+
throw new f("Flattened JWS must be an object");
|
|
551
554
|
if (e.protected === void 0 && e.header === void 0)
|
|
552
|
-
throw new
|
|
555
|
+
throw new f('Flattened JWS must have either of the "protected" or "header" members');
|
|
553
556
|
if (e.protected !== void 0 && typeof e.protected != "string")
|
|
554
|
-
throw new
|
|
557
|
+
throw new f("JWS Protected Header incorrect type");
|
|
555
558
|
if (e.payload === void 0)
|
|
556
|
-
throw new
|
|
559
|
+
throw new f("JWS Payload missing");
|
|
557
560
|
if (typeof e.signature != "string")
|
|
558
|
-
throw new
|
|
559
|
-
if (e.header !== void 0 && !
|
|
560
|
-
throw new
|
|
561
|
+
throw new f("JWS Signature missing or incorrect type");
|
|
562
|
+
if (e.header !== void 0 && !ie(e.header))
|
|
563
|
+
throw new f("JWS Unprotected Header incorrect type");
|
|
561
564
|
let a = {};
|
|
562
565
|
if (e.protected)
|
|
563
566
|
try {
|
|
564
|
-
const
|
|
565
|
-
a = JSON.parse(
|
|
567
|
+
const S = V(e.protected);
|
|
568
|
+
a = JSON.parse(z.decode(S));
|
|
566
569
|
} catch {
|
|
567
|
-
throw new
|
|
570
|
+
throw new f("JWS Protected Header is invalid");
|
|
568
571
|
}
|
|
569
|
-
if (!
|
|
570
|
-
throw new
|
|
572
|
+
if (!ot(a, e.header))
|
|
573
|
+
throw new f("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
|
|
571
574
|
const n = {
|
|
572
575
|
...a,
|
|
573
576
|
...e.header
|
|
574
|
-
}, s =
|
|
577
|
+
}, s = gt(f, /* @__PURE__ */ new Map([["b64", !0]]), r == null ? void 0 : r.crit, a, n);
|
|
575
578
|
let o = !0;
|
|
576
579
|
if (s.has("b64") && (o = a.b64, typeof o != "boolean"))
|
|
577
|
-
throw new
|
|
580
|
+
throw new f('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
|
|
578
581
|
const { alg: i } = n;
|
|
579
582
|
if (typeof i != "string" || !i)
|
|
580
|
-
throw new
|
|
581
|
-
const c = r &&
|
|
583
|
+
throw new f('JWS "alg" (Algorithm) Header Parameter missing or invalid');
|
|
584
|
+
const c = r && At("algorithms", r.algorithms);
|
|
582
585
|
if (c && !c.has(i))
|
|
583
|
-
throw new
|
|
586
|
+
throw new tt('"alg" (Algorithm) Header Parameter value not allowed');
|
|
584
587
|
if (o) {
|
|
585
588
|
if (typeof e.payload != "string")
|
|
586
|
-
throw new
|
|
589
|
+
throw new f("JWS Payload must be a string");
|
|
587
590
|
} else if (typeof e.payload != "string" && !(e.payload instanceof Uint8Array))
|
|
588
|
-
throw new
|
|
589
|
-
let
|
|
590
|
-
typeof t == "function" && (t = await t(a, e),
|
|
591
|
-
const
|
|
592
|
-
let
|
|
591
|
+
throw new f("JWS Payload must be a string or an Uint8Array instance");
|
|
592
|
+
let d = !1;
|
|
593
|
+
typeof t == "function" && (t = await t(a, e), d = !0), St(i, t, "verify");
|
|
594
|
+
const y = Ze(L.encode(e.protected ?? ""), L.encode("."), typeof e.payload == "string" ? L.encode(e.payload) : e.payload);
|
|
595
|
+
let p;
|
|
593
596
|
try {
|
|
594
|
-
|
|
597
|
+
p = V(e.signature);
|
|
595
598
|
} catch {
|
|
596
|
-
throw new
|
|
599
|
+
throw new f("Failed to base64url decode the signature");
|
|
597
600
|
}
|
|
598
|
-
if (!await
|
|
599
|
-
throw new
|
|
600
|
-
let
|
|
601
|
+
if (!await bt(i, t, p, y))
|
|
602
|
+
throw new rt();
|
|
603
|
+
let A;
|
|
601
604
|
if (o)
|
|
602
605
|
try {
|
|
603
|
-
|
|
606
|
+
A = V(e.payload);
|
|
604
607
|
} catch {
|
|
605
|
-
throw new
|
|
608
|
+
throw new f("Failed to base64url decode the payload");
|
|
606
609
|
}
|
|
607
610
|
else
|
|
608
|
-
typeof e.payload == "string" ?
|
|
609
|
-
const
|
|
610
|
-
return e.protected !== void 0 && (
|
|
611
|
+
typeof e.payload == "string" ? A = L.encode(e.payload) : A = e.payload;
|
|
612
|
+
const E = { payload: A };
|
|
613
|
+
return e.protected !== void 0 && (E.protectedHeader = a), e.header !== void 0 && (E.unprotectedHeader = e.header), d ? { ...E, key: t } : E;
|
|
611
614
|
}
|
|
612
|
-
async function
|
|
613
|
-
if (e instanceof Uint8Array && (e =
|
|
614
|
-
throw new
|
|
615
|
+
async function vt(e, t, r) {
|
|
616
|
+
if (e instanceof Uint8Array && (e = z.decode(e)), typeof e != "string")
|
|
617
|
+
throw new f("Compact JWS must be a string or Uint8Array");
|
|
615
618
|
const { 0: a, 1: n, 2: s, length: o } = e.split(".");
|
|
616
619
|
if (o !== 3)
|
|
617
|
-
throw new
|
|
618
|
-
const i = await
|
|
620
|
+
throw new f("Invalid Compact JWS");
|
|
621
|
+
const i = await _t({ payload: n, protected: a, signature: s }, t, r), c = { payload: i.payload, protectedHeader: i.protectedHeader };
|
|
619
622
|
return typeof t == "function" ? { ...c, key: i.key } : c;
|
|
620
623
|
}
|
|
621
|
-
const
|
|
622
|
-
const t =
|
|
624
|
+
const Rt = (e) => Math.floor(e.getTime() / 1e3), De = 60, Ue = De * 60, ce = Ue * 24, It = ce * 7, Ct = ce * 365.25, Pt = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, fe = (e) => {
|
|
625
|
+
const t = Pt.exec(e);
|
|
623
626
|
if (!t || t[4] && t[1])
|
|
624
627
|
throw new TypeError("Invalid time period format");
|
|
625
628
|
const r = parseFloat(t[2]), a = t[3].toLowerCase();
|
|
@@ -637,172 +640,172 @@ const At = (e) => Math.floor(e.getTime() / 1e3), Ce = 60, Pe = Ce * 60, oe = Pe
|
|
|
637
640
|
case "min":
|
|
638
641
|
case "mins":
|
|
639
642
|
case "m":
|
|
640
|
-
n = Math.round(r *
|
|
643
|
+
n = Math.round(r * De);
|
|
641
644
|
break;
|
|
642
645
|
case "hour":
|
|
643
646
|
case "hours":
|
|
644
647
|
case "hr":
|
|
645
648
|
case "hrs":
|
|
646
649
|
case "h":
|
|
647
|
-
n = Math.round(r *
|
|
650
|
+
n = Math.round(r * Ue);
|
|
648
651
|
break;
|
|
649
652
|
case "day":
|
|
650
653
|
case "days":
|
|
651
654
|
case "d":
|
|
652
|
-
n = Math.round(r *
|
|
655
|
+
n = Math.round(r * ce);
|
|
653
656
|
break;
|
|
654
657
|
case "week":
|
|
655
658
|
case "weeks":
|
|
656
659
|
case "w":
|
|
657
|
-
n = Math.round(r *
|
|
660
|
+
n = Math.round(r * It);
|
|
658
661
|
break;
|
|
659
662
|
default:
|
|
660
|
-
n = Math.round(r *
|
|
663
|
+
n = Math.round(r * Ct);
|
|
661
664
|
break;
|
|
662
665
|
}
|
|
663
666
|
return t[1] === "-" || t[4] === "ago" ? -n : n;
|
|
664
|
-
},
|
|
667
|
+
}, pe = (e) => e.toLowerCase().replace(/^application\//, ""), Ot = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, Dt = (e, t, r = {}) => {
|
|
665
668
|
let a;
|
|
666
669
|
try {
|
|
667
|
-
a = JSON.parse(
|
|
670
|
+
a = JSON.parse(z.decode(t));
|
|
668
671
|
} catch {
|
|
669
672
|
}
|
|
670
|
-
if (!
|
|
671
|
-
throw new
|
|
673
|
+
if (!ie(a))
|
|
674
|
+
throw new _e("JWT Claims Set must be a top-level JSON object");
|
|
672
675
|
const { typ: n } = r;
|
|
673
|
-
if (n && (typeof e.typ != "string" ||
|
|
674
|
-
throw new
|
|
675
|
-
const { requiredClaims: s = [], issuer: o, subject: i, audience: c, maxTokenAge:
|
|
676
|
-
|
|
677
|
-
for (const
|
|
678
|
-
if (!(
|
|
679
|
-
throw new
|
|
676
|
+
if (n && (typeof e.typ != "string" || pe(e.typ) !== pe(n)))
|
|
677
|
+
throw new g('unexpected "typ" JWT header value', a, "typ", "check_failed");
|
|
678
|
+
const { requiredClaims: s = [], issuer: o, subject: i, audience: c, maxTokenAge: d } = r, y = [...s];
|
|
679
|
+
d !== void 0 && y.push("iat"), c !== void 0 && y.push("aud"), i !== void 0 && y.push("sub"), o !== void 0 && y.push("iss");
|
|
680
|
+
for (const S of new Set(y.reverse()))
|
|
681
|
+
if (!(S in a))
|
|
682
|
+
throw new g(`missing required "${S}" claim`, a, S, "missing");
|
|
680
683
|
if (o && !(Array.isArray(o) ? o : [o]).includes(a.iss))
|
|
681
|
-
throw new
|
|
684
|
+
throw new g('unexpected "iss" claim value', a, "iss", "check_failed");
|
|
682
685
|
if (i && a.sub !== i)
|
|
683
|
-
throw new
|
|
684
|
-
if (c && !
|
|
685
|
-
throw new
|
|
686
|
-
let
|
|
686
|
+
throw new g('unexpected "sub" claim value', a, "sub", "check_failed");
|
|
687
|
+
if (c && !Ot(a.aud, typeof c == "string" ? [c] : c))
|
|
688
|
+
throw new g('unexpected "aud" claim value', a, "aud", "check_failed");
|
|
689
|
+
let p;
|
|
687
690
|
switch (typeof r.clockTolerance) {
|
|
688
691
|
case "string":
|
|
689
|
-
|
|
692
|
+
p = fe(r.clockTolerance);
|
|
690
693
|
break;
|
|
691
694
|
case "number":
|
|
692
|
-
|
|
695
|
+
p = r.clockTolerance;
|
|
693
696
|
break;
|
|
694
697
|
case "undefined":
|
|
695
|
-
|
|
698
|
+
p = 0;
|
|
696
699
|
break;
|
|
697
700
|
default:
|
|
698
701
|
throw new TypeError("Invalid clockTolerance option type");
|
|
699
702
|
}
|
|
700
|
-
const { currentDate:
|
|
701
|
-
if ((a.iat !== void 0 ||
|
|
702
|
-
throw new
|
|
703
|
+
const { currentDate: A } = r, E = Rt(A || /* @__PURE__ */ new Date());
|
|
704
|
+
if ((a.iat !== void 0 || d) && typeof a.iat != "number")
|
|
705
|
+
throw new g('"iat" claim must be a number', a, "iat", "invalid");
|
|
703
706
|
if (a.nbf !== void 0) {
|
|
704
707
|
if (typeof a.nbf != "number")
|
|
705
|
-
throw new
|
|
706
|
-
if (a.nbf >
|
|
707
|
-
throw new
|
|
708
|
+
throw new g('"nbf" claim must be a number', a, "nbf", "invalid");
|
|
709
|
+
if (a.nbf > E + p)
|
|
710
|
+
throw new g('"nbf" claim timestamp check failed', a, "nbf", "check_failed");
|
|
708
711
|
}
|
|
709
712
|
if (a.exp !== void 0) {
|
|
710
713
|
if (typeof a.exp != "number")
|
|
711
|
-
throw new
|
|
712
|
-
if (a.exp <=
|
|
713
|
-
throw new
|
|
714
|
+
throw new g('"exp" claim must be a number', a, "exp", "invalid");
|
|
715
|
+
if (a.exp <= E - p)
|
|
716
|
+
throw new de('"exp" claim timestamp check failed', a, "exp", "check_failed");
|
|
714
717
|
}
|
|
715
|
-
if (
|
|
716
|
-
const
|
|
717
|
-
if (
|
|
718
|
-
throw new
|
|
719
|
-
if (
|
|
720
|
-
throw new
|
|
718
|
+
if (d) {
|
|
719
|
+
const S = E - a.iat, K = typeof d == "number" ? d : fe(d);
|
|
720
|
+
if (S - p > K)
|
|
721
|
+
throw new de('"iat" claim timestamp check failed (too far in the past)', a, "iat", "check_failed");
|
|
722
|
+
if (S < 0 - p)
|
|
723
|
+
throw new g('"iat" claim timestamp check failed (it should be in the past)', a, "iat", "check_failed");
|
|
721
724
|
}
|
|
722
725
|
return a;
|
|
723
726
|
};
|
|
724
|
-
async function
|
|
727
|
+
async function Ut(e, t, r) {
|
|
725
728
|
var a;
|
|
726
|
-
const n = await
|
|
729
|
+
const n = await vt(e, t, r);
|
|
727
730
|
if ((a = n.protectedHeader.crit) != null && a.includes("b64") && n.protectedHeader.b64 === !1)
|
|
728
|
-
throw new
|
|
729
|
-
const s = { payload:
|
|
731
|
+
throw new _e("JWTs MUST NOT use unencoded payload");
|
|
732
|
+
const s = { payload: Dt(n.protectedHeader, n.payload, r), protectedHeader: n.protectedHeader };
|
|
730
733
|
return typeof t == "function" ? { ...s, key: n.key } : s;
|
|
731
734
|
}
|
|
732
735
|
const H = async (e) => {
|
|
733
736
|
try {
|
|
734
|
-
const t =
|
|
735
|
-
return await
|
|
736
|
-
issuer:
|
|
737
|
+
const t = m.ALG, r = await mt(Qe, t);
|
|
738
|
+
return await Ut(e, r, {
|
|
739
|
+
issuer: m.ISSUER
|
|
737
740
|
});
|
|
738
741
|
} catch {
|
|
739
742
|
return;
|
|
740
743
|
}
|
|
741
744
|
};
|
|
742
|
-
var
|
|
743
|
-
for (var
|
|
744
|
-
|
|
745
|
-
function
|
|
746
|
-
return (
|
|
745
|
+
var l = [];
|
|
746
|
+
for (var re = 0; re < 256; ++re)
|
|
747
|
+
l.push((re + 256).toString(16).slice(1));
|
|
748
|
+
function Ht(e, t = 0) {
|
|
749
|
+
return (l[e[t + 0]] + l[e[t + 1]] + l[e[t + 2]] + l[e[t + 3]] + "-" + l[e[t + 4]] + l[e[t + 5]] + "-" + l[e[t + 6]] + l[e[t + 7]] + "-" + l[e[t + 8]] + l[e[t + 9]] + "-" + l[e[t + 10]] + l[e[t + 11]] + l[e[t + 12]] + l[e[t + 13]] + l[e[t + 14]] + l[e[t + 15]]).toLowerCase();
|
|
747
750
|
}
|
|
748
|
-
var
|
|
749
|
-
function
|
|
750
|
-
if (!
|
|
751
|
+
var W, Kt = new Uint8Array(16);
|
|
752
|
+
function Nt() {
|
|
753
|
+
if (!W && (W = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !W))
|
|
751
754
|
throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
|
|
752
|
-
return
|
|
755
|
+
return W(Kt);
|
|
753
756
|
}
|
|
754
|
-
var
|
|
755
|
-
const
|
|
756
|
-
randomUUID:
|
|
757
|
+
var Lt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
|
|
758
|
+
const ye = {
|
|
759
|
+
randomUUID: Lt
|
|
757
760
|
};
|
|
758
|
-
function
|
|
759
|
-
if (
|
|
760
|
-
return
|
|
761
|
+
function me(e, t, r) {
|
|
762
|
+
if (ye.randomUUID && !t && !e)
|
|
763
|
+
return ye.randomUUID();
|
|
761
764
|
e = e || {};
|
|
762
|
-
var a = e.random || (e.rng ||
|
|
763
|
-
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128,
|
|
765
|
+
var a = e.random || (e.rng || Nt)();
|
|
766
|
+
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128, Ht(a);
|
|
764
767
|
}
|
|
765
|
-
const
|
|
768
|
+
const we = globalThis.crypto, $t = (e) => `${me()}${me()}`.slice(0, e), Wt = (e) => btoa(
|
|
766
769
|
[...new Uint8Array(e)].map((t) => String.fromCharCode(t)).join("")
|
|
767
770
|
);
|
|
768
|
-
async function
|
|
769
|
-
if (!
|
|
771
|
+
async function Jt(e) {
|
|
772
|
+
if (!we.subtle)
|
|
770
773
|
throw new Error(
|
|
771
774
|
"crypto.subtle is available only in secure contexts (HTTPS)."
|
|
772
775
|
);
|
|
773
|
-
const t = new TextEncoder().encode(e), r = await
|
|
774
|
-
return
|
|
776
|
+
const t = new TextEncoder().encode(e), r = await we.subtle.digest("SHA-256", t);
|
|
777
|
+
return Wt(r).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
|
|
775
778
|
}
|
|
776
|
-
async function
|
|
777
|
-
const r =
|
|
779
|
+
async function xt(e) {
|
|
780
|
+
const r = $t(43), a = await Jt(r);
|
|
778
781
|
return {
|
|
779
782
|
code_verifier: r,
|
|
780
783
|
code_challenge: a
|
|
781
784
|
};
|
|
782
785
|
}
|
|
783
|
-
function
|
|
786
|
+
function He(e, t) {
|
|
784
787
|
window.dispatchEvent(new StorageEvent("storage", { key: e, newValue: t }));
|
|
785
788
|
}
|
|
786
|
-
const
|
|
789
|
+
const Ee = (e, t) => {
|
|
787
790
|
const r = JSON.stringify(
|
|
788
791
|
typeof t == "function" ? t() : t
|
|
789
792
|
);
|
|
790
|
-
window.localStorage.setItem(e, r),
|
|
791
|
-
},
|
|
792
|
-
window.localStorage.removeItem(e),
|
|
793
|
-
},
|
|
794
|
-
function
|
|
793
|
+
window.localStorage.setItem(e, r), He(e, r);
|
|
794
|
+
}, jt = (e) => {
|
|
795
|
+
window.localStorage.removeItem(e), He(e, null);
|
|
796
|
+
}, Se = (e) => window.localStorage.getItem(e), Mt = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
|
|
797
|
+
function J({
|
|
795
798
|
key: e,
|
|
796
799
|
initialValue: t
|
|
797
800
|
}) {
|
|
798
|
-
const r = () =>
|
|
799
|
-
|
|
801
|
+
const r = () => Se(e), a = U.useSyncExternalStore(
|
|
802
|
+
Mt,
|
|
800
803
|
r
|
|
801
804
|
), n = U.useCallback(
|
|
802
805
|
(i) => {
|
|
803
806
|
try {
|
|
804
807
|
const c = typeof i == "function" ? i(JSON.parse(a)) : i;
|
|
805
|
-
c == null ?
|
|
808
|
+
c == null ? jt(e) : Ee(e, c);
|
|
806
809
|
} catch (c) {
|
|
807
810
|
console.warn(c);
|
|
808
811
|
}
|
|
@@ -815,52 +818,52 @@ function W({
|
|
|
815
818
|
}, [n]);
|
|
816
819
|
return U.useEffect(() => {
|
|
817
820
|
try {
|
|
818
|
-
|
|
821
|
+
Se(e) === null && typeof t < "u" && Ee(e, t);
|
|
819
822
|
} catch (i) {
|
|
820
823
|
console.warn(i);
|
|
821
824
|
}
|
|
822
825
|
}, [e, t]), [a ? JSON.parse(a) : null, n, s, o];
|
|
823
826
|
}
|
|
824
|
-
var
|
|
825
|
-
for (var
|
|
826
|
-
|
|
827
|
-
function
|
|
828
|
-
return (
|
|
827
|
+
var h = [];
|
|
828
|
+
for (var ae = 0; ae < 256; ++ae)
|
|
829
|
+
h.push((ae + 256).toString(16).slice(1));
|
|
830
|
+
function Vt(e, t = 0) {
|
|
831
|
+
return (h[e[t + 0]] + h[e[t + 1]] + h[e[t + 2]] + h[e[t + 3]] + "-" + h[e[t + 4]] + h[e[t + 5]] + "-" + h[e[t + 6]] + h[e[t + 7]] + "-" + h[e[t + 8]] + h[e[t + 9]] + "-" + h[e[t + 10]] + h[e[t + 11]] + h[e[t + 12]] + h[e[t + 13]] + h[e[t + 14]] + h[e[t + 15]]).toLowerCase();
|
|
829
832
|
}
|
|
830
|
-
var
|
|
831
|
-
function
|
|
832
|
-
if (!
|
|
833
|
+
var x, Yt = new Uint8Array(16);
|
|
834
|
+
function Bt() {
|
|
835
|
+
if (!x && (x = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !x))
|
|
833
836
|
throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
|
|
834
|
-
return
|
|
837
|
+
return x(Yt);
|
|
835
838
|
}
|
|
836
|
-
var
|
|
837
|
-
const
|
|
838
|
-
randomUUID:
|
|
839
|
+
var Ft = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
|
|
840
|
+
const ge = {
|
|
841
|
+
randomUUID: Ft
|
|
839
842
|
};
|
|
840
|
-
function
|
|
841
|
-
if (
|
|
842
|
-
return
|
|
843
|
+
function Gt(e, t, r) {
|
|
844
|
+
if (ge.randomUUID && !t && !e)
|
|
845
|
+
return ge.randomUUID();
|
|
843
846
|
e = e || {};
|
|
844
|
-
var a = e.random || (e.rng ||
|
|
845
|
-
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128,
|
|
847
|
+
var a = e.random || (e.rng || Bt)();
|
|
848
|
+
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128, Vt(a);
|
|
846
849
|
}
|
|
847
|
-
const
|
|
850
|
+
const ne = "Oops! It looks like your session has expired. For your security, please log in again to continue.", qt = "Your session has been successfully terminated.", Ae = "Login failed. Please try again.", se = "Error getting access token, please re-authenticate.", zt = "You forgot to wrap your component in <AuthProvider>.", Te = {
|
|
848
851
|
dev: "https://auth.gizmette.local.com:3003",
|
|
849
852
|
prod: "https://mylogin.gizmette.com"
|
|
850
|
-
},
|
|
853
|
+
}, j = "@@auth@@", Xt = process.env.NODE_ENV === "production", Qt = !Xt, X = async ({
|
|
851
854
|
type: e,
|
|
852
855
|
clientId: t,
|
|
853
856
|
params: r = {}
|
|
854
857
|
}) => {
|
|
855
858
|
try {
|
|
856
859
|
const a = await fetch(
|
|
857
|
-
|
|
860
|
+
Qt ? `${Te.dev}/${e}` : `${Te.prod}/${e}`,
|
|
858
861
|
{
|
|
859
862
|
credentials: "include",
|
|
860
863
|
method: "POST",
|
|
861
864
|
headers: {
|
|
862
865
|
"Content-Type": "application/json",
|
|
863
|
-
[
|
|
866
|
+
[Xe.CLIENT_ID]: `${t}`
|
|
864
867
|
},
|
|
865
868
|
body: JSON.stringify(r)
|
|
866
869
|
}
|
|
@@ -876,7 +879,7 @@ const re = "Oops! It looks like your session has expired. For your security, ple
|
|
|
876
879
|
} catch (a) {
|
|
877
880
|
return console.error(a), { status: 500, data: [] };
|
|
878
881
|
}
|
|
879
|
-
},
|
|
882
|
+
}, oe = async ({
|
|
880
883
|
idToken: e,
|
|
881
884
|
accessToken: t,
|
|
882
885
|
refreshToken: r,
|
|
@@ -884,8 +887,8 @@ const re = "Oops! It looks like your session has expired. For your security, ple
|
|
|
884
887
|
}) => {
|
|
885
888
|
try {
|
|
886
889
|
return {
|
|
887
|
-
status: (await
|
|
888
|
-
type:
|
|
890
|
+
status: (await X({
|
|
891
|
+
type: G.LOGOUT,
|
|
889
892
|
clientId: a,
|
|
890
893
|
params: {
|
|
891
894
|
idToken: e,
|
|
@@ -899,7 +902,7 @@ const re = "Oops! It looks like your session has expired. For your security, ple
|
|
|
899
902
|
status: !1
|
|
900
903
|
};
|
|
901
904
|
}
|
|
902
|
-
},
|
|
905
|
+
}, ke = async ({
|
|
903
906
|
username: e,
|
|
904
907
|
password: t,
|
|
905
908
|
clientId: r,
|
|
@@ -910,11 +913,11 @@ const re = "Oops! It looks like your session has expired. For your security, ple
|
|
|
910
913
|
code_verifier: i
|
|
911
914
|
}) => {
|
|
912
915
|
try {
|
|
913
|
-
const c = await
|
|
914
|
-
type:
|
|
916
|
+
const c = await X({
|
|
917
|
+
type: G.AUTHENTICATE,
|
|
915
918
|
clientId: r,
|
|
916
919
|
params: {
|
|
917
|
-
type: n ||
|
|
920
|
+
type: n || F.ID_AND_ACCESS_TOKEN,
|
|
918
921
|
username: e,
|
|
919
922
|
password: t,
|
|
920
923
|
sessionExpiration: s,
|
|
@@ -922,12 +925,12 @@ const re = "Oops! It looks like your session has expired. For your security, ple
|
|
|
922
925
|
code: o,
|
|
923
926
|
code_verifier: i
|
|
924
927
|
}
|
|
925
|
-
}),
|
|
926
|
-
return
|
|
928
|
+
}), d = await H(c.data.idToken);
|
|
929
|
+
return d && d.payload[m.USER_ID_KEY] !== "" && d.payload[m.NONCE_KEY] === a ? {
|
|
927
930
|
idToken: c.data.idToken,
|
|
928
931
|
accessToken: c.data.accessToken,
|
|
929
932
|
refreshToken: c.data.refreshToken,
|
|
930
|
-
userId:
|
|
933
|
+
userId: d.payload[m.USER_ID_KEY],
|
|
931
934
|
status: !0
|
|
932
935
|
} : {
|
|
933
936
|
status: !1
|
|
@@ -937,17 +940,17 @@ const re = "Oops! It looks like your session has expired. For your security, ple
|
|
|
937
940
|
status: !1
|
|
938
941
|
};
|
|
939
942
|
}
|
|
940
|
-
},
|
|
943
|
+
}, Zt = async ({
|
|
941
944
|
nonce: e,
|
|
942
945
|
clientId: t,
|
|
943
946
|
code_challenge: r
|
|
944
947
|
}) => {
|
|
945
948
|
try {
|
|
946
|
-
const a = await
|
|
947
|
-
type:
|
|
949
|
+
const a = await X({
|
|
950
|
+
type: G.CODE,
|
|
948
951
|
clientId: t,
|
|
949
952
|
params: {
|
|
950
|
-
type:
|
|
953
|
+
type: F.CODE,
|
|
951
954
|
nonce: e,
|
|
952
955
|
code_challenge: r
|
|
953
956
|
}
|
|
@@ -963,7 +966,7 @@ const re = "Oops! It looks like your session has expired. For your security, ple
|
|
|
963
966
|
status: !1
|
|
964
967
|
};
|
|
965
968
|
}
|
|
966
|
-
},
|
|
969
|
+
}, er = async ({
|
|
967
970
|
clientId: e,
|
|
968
971
|
userId: t,
|
|
969
972
|
nonce: r,
|
|
@@ -971,21 +974,21 @@ const re = "Oops! It looks like your session has expired. For your security, ple
|
|
|
971
974
|
accessToken: n
|
|
972
975
|
}) => {
|
|
973
976
|
try {
|
|
974
|
-
const s = await
|
|
975
|
-
type:
|
|
977
|
+
const s = await X({
|
|
978
|
+
type: G.AUTHENTICATE,
|
|
976
979
|
clientId: e,
|
|
977
980
|
params: {
|
|
978
|
-
type:
|
|
981
|
+
type: F.REFRESH_TOKEN,
|
|
979
982
|
userId: t,
|
|
980
983
|
nonce: r,
|
|
981
984
|
refreshToken: a,
|
|
982
985
|
accessToken: n
|
|
983
986
|
}
|
|
984
987
|
}), o = await H(s.data.accessToken);
|
|
985
|
-
return o && o.payload[
|
|
988
|
+
return o && o.payload[m.USER_ID_KEY] !== "" && o.payload[m.NONCE_KEY] === r ? {
|
|
986
989
|
accessToken: s.data.accessToken,
|
|
987
990
|
refreshToken: s.data.refreshToken,
|
|
988
|
-
userId: o.payload[
|
|
991
|
+
userId: o.payload[m.USER_ID_KEY],
|
|
989
992
|
status: !0
|
|
990
993
|
} : {
|
|
991
994
|
status: !1
|
|
@@ -995,176 +998,239 @@ const re = "Oops! It looks like your session has expired. For your security, ple
|
|
|
995
998
|
status: !1
|
|
996
999
|
};
|
|
997
1000
|
}
|
|
998
|
-
}
|
|
999
|
-
|
|
1000
|
-
|
|
1001
|
+
};
|
|
1002
|
+
class tr {
|
|
1003
|
+
constructor(t = null, r = null) {
|
|
1004
|
+
N(this, "refreshTokenPromise", null);
|
|
1005
|
+
N(this, "accessToken");
|
|
1006
|
+
N(this, "refreshToken");
|
|
1007
|
+
this.accessToken = t || "", this.refreshToken = r || "";
|
|
1008
|
+
}
|
|
1009
|
+
async refreshtoken({
|
|
1010
|
+
clientId: t,
|
|
1011
|
+
userId: r,
|
|
1012
|
+
nonce: a
|
|
1013
|
+
}) {
|
|
1014
|
+
this.refreshTokenPromise || (this.refreshTokenPromise = this._refreshToken({
|
|
1015
|
+
clientId: t,
|
|
1016
|
+
userId: r,
|
|
1017
|
+
nonce: a
|
|
1018
|
+
}));
|
|
1019
|
+
try {
|
|
1020
|
+
return await this.refreshTokenPromise;
|
|
1021
|
+
} finally {
|
|
1022
|
+
this.refreshTokenPromise = null;
|
|
1023
|
+
}
|
|
1024
|
+
}
|
|
1025
|
+
async _refreshToken({
|
|
1026
|
+
clientId: t,
|
|
1027
|
+
userId: r,
|
|
1028
|
+
nonce: a
|
|
1029
|
+
}) {
|
|
1030
|
+
const n = await H(this.refreshToken);
|
|
1031
|
+
if (n && n.payload[m.USER_ID_KEY] !== "") {
|
|
1032
|
+
const s = await er({
|
|
1033
|
+
clientId: t,
|
|
1034
|
+
userId: r,
|
|
1035
|
+
nonce: a,
|
|
1036
|
+
refreshToken: this.refreshToken,
|
|
1037
|
+
accessToken: this.accessToken
|
|
1038
|
+
});
|
|
1039
|
+
return s.status ? (this.accessToken = s.accessToken, this.refreshToken = s.refreshToken, {
|
|
1040
|
+
status: "success",
|
|
1041
|
+
newAccessToken: s.accessToken,
|
|
1042
|
+
newRefreshToken: s.refreshToken
|
|
1043
|
+
}) : {
|
|
1044
|
+
status: "failure"
|
|
1045
|
+
};
|
|
1046
|
+
} else
|
|
1047
|
+
return {
|
|
1048
|
+
status: "failure"
|
|
1049
|
+
};
|
|
1050
|
+
}
|
|
1051
|
+
}
|
|
1052
|
+
const M = () => {
|
|
1053
|
+
throw new Error(zt);
|
|
1054
|
+
}, Ke = Ye({
|
|
1001
1055
|
isAuthenticated: !1,
|
|
1002
1056
|
isLoading: !1,
|
|
1003
|
-
login:
|
|
1004
|
-
logout:
|
|
1005
|
-
getAccessToken:
|
|
1006
|
-
getIdToken:
|
|
1057
|
+
login: M,
|
|
1058
|
+
logout: M,
|
|
1059
|
+
getAccessToken: M,
|
|
1060
|
+
getIdToken: M,
|
|
1007
1061
|
logoutReason: ""
|
|
1008
|
-
}),
|
|
1062
|
+
}), ir = ({
|
|
1009
1063
|
children: e,
|
|
1010
1064
|
sessionExpiration: t,
|
|
1011
1065
|
clientId: r
|
|
1012
1066
|
}) => {
|
|
1013
|
-
const
|
|
1014
|
-
key: `${
|
|
1015
|
-
}), [
|
|
1016
|
-
key: `${
|
|
1017
|
-
}), [
|
|
1067
|
+
const a = Be(!1), [n, s, , o] = J({
|
|
1068
|
+
key: `${j}::${r}::@@user@@`
|
|
1069
|
+
}), [i, c, , d] = J({
|
|
1070
|
+
key: `${j}::${r}::@@access@@`
|
|
1071
|
+
}), [y, p, , A] = J(
|
|
1018
1072
|
{
|
|
1019
|
-
key: `${
|
|
1073
|
+
key: `${j}::${r}::@@refresh@@`
|
|
1020
1074
|
}
|
|
1021
|
-
), [
|
|
1022
|
-
key: `${
|
|
1023
|
-
}), [
|
|
1075
|
+
), [E, S, , K] = J({
|
|
1076
|
+
key: `${j}::${r}::@@nonce@@`
|
|
1077
|
+
}), Ne = new tr(i, y), [P, T] = Fe({
|
|
1024
1078
|
isLoading: !0,
|
|
1025
1079
|
isAuthenticated: !1,
|
|
1026
1080
|
user: void 0,
|
|
1027
1081
|
logoutReason: ""
|
|
1028
|
-
}),
|
|
1029
|
-
(
|
|
1030
|
-
|
|
1031
|
-
isLoading: !
|
|
1082
|
+
}), k = Ge(
|
|
1083
|
+
(u) => {
|
|
1084
|
+
console.warn(u), T({
|
|
1085
|
+
isLoading: !0,
|
|
1032
1086
|
isAuthenticated: !1,
|
|
1033
1087
|
user: void 0,
|
|
1034
|
-
logoutReason:
|
|
1035
|
-
}),
|
|
1088
|
+
logoutReason: u || ne
|
|
1089
|
+
}), o(), d(), A(), K();
|
|
1036
1090
|
},
|
|
1037
|
-
[
|
|
1091
|
+
[o, d, K, A]
|
|
1038
1092
|
);
|
|
1039
|
-
|
|
1040
|
-
|
|
1041
|
-
|
|
1042
|
-
|
|
1043
|
-
|
|
1044
|
-
|
|
1045
|
-
|
|
1046
|
-
|
|
1047
|
-
|
|
1048
|
-
|
|
1049
|
-
|
|
1050
|
-
|
|
1051
|
-
|
|
1052
|
-
|
|
1053
|
-
|
|
1054
|
-
|
|
1055
|
-
|
|
1056
|
-
|
|
1057
|
-
|
|
1058
|
-
|
|
1059
|
-
|
|
1060
|
-
|
|
1061
|
-
|
|
1062
|
-
|
|
1063
|
-
|
|
1064
|
-
|
|
1065
|
-
|
|
1093
|
+
qe(() => {
|
|
1094
|
+
if (!a.current)
|
|
1095
|
+
return P.isLoading && n !== null ? (async () => {
|
|
1096
|
+
try {
|
|
1097
|
+
const u = await H(n);
|
|
1098
|
+
u && u.payload[m.USER_ID_KEY] !== "" ? T({
|
|
1099
|
+
isLoading: !1,
|
|
1100
|
+
isAuthenticated: !0,
|
|
1101
|
+
user: {
|
|
1102
|
+
userId: u.payload[m.USER_ID_KEY],
|
|
1103
|
+
username: u.payload[m.USERNAME_KEY]
|
|
1104
|
+
},
|
|
1105
|
+
logoutReason: ""
|
|
1106
|
+
}) : (k(ne), await oe({
|
|
1107
|
+
idToken: n,
|
|
1108
|
+
accessToken: i,
|
|
1109
|
+
refreshToken: y,
|
|
1110
|
+
clientId: r
|
|
1111
|
+
}), T((w) => ({
|
|
1112
|
+
...w,
|
|
1113
|
+
isLoading: !1
|
|
1114
|
+
})));
|
|
1115
|
+
} catch {
|
|
1116
|
+
k(ne), await oe({
|
|
1117
|
+
idToken: n,
|
|
1118
|
+
accessToken: i,
|
|
1119
|
+
refreshToken: y,
|
|
1120
|
+
clientId: r
|
|
1121
|
+
}), T((w) => ({
|
|
1122
|
+
...w,
|
|
1123
|
+
isLoading: !1
|
|
1124
|
+
}));
|
|
1125
|
+
}
|
|
1126
|
+
})() : T((u) => ({
|
|
1127
|
+
...u,
|
|
1128
|
+
isLoading: !1
|
|
1129
|
+
})), () => {
|
|
1130
|
+
a.current = !0;
|
|
1131
|
+
};
|
|
1066
1132
|
}, [
|
|
1067
|
-
|
|
1068
|
-
|
|
1069
|
-
|
|
1070
|
-
|
|
1133
|
+
P,
|
|
1134
|
+
i,
|
|
1135
|
+
n,
|
|
1136
|
+
y,
|
|
1071
1137
|
r,
|
|
1072
|
-
|
|
1138
|
+
k
|
|
1073
1139
|
]);
|
|
1074
|
-
const
|
|
1075
|
-
const
|
|
1076
|
-
if (S(
|
|
1077
|
-
|
|
1078
|
-
|
|
1140
|
+
const Le = async (u, w, b) => {
|
|
1141
|
+
const I = Gt();
|
|
1142
|
+
if (S(I), T((Q) => ({
|
|
1143
|
+
...Q,
|
|
1144
|
+
isLoading: !0
|
|
1145
|
+
})), b === F.CODE) {
|
|
1146
|
+
const { code_verifier: Q, code_challenge: xe } = await xt(), ue = await Zt({
|
|
1147
|
+
nonce: I,
|
|
1079
1148
|
clientId: r,
|
|
1080
|
-
code_challenge:
|
|
1149
|
+
code_challenge: xe
|
|
1081
1150
|
});
|
|
1082
|
-
if (
|
|
1083
|
-
const D = await
|
|
1084
|
-
username:
|
|
1085
|
-
password:
|
|
1151
|
+
if (ue.status) {
|
|
1152
|
+
const D = await ke({
|
|
1153
|
+
username: u,
|
|
1154
|
+
password: w,
|
|
1086
1155
|
clientId: r,
|
|
1087
1156
|
sessionExpiration: t,
|
|
1088
|
-
nonce:
|
|
1089
|
-
type:
|
|
1090
|
-
code:
|
|
1091
|
-
code_verifier:
|
|
1157
|
+
nonce: I,
|
|
1158
|
+
type: b,
|
|
1159
|
+
code: ue.code,
|
|
1160
|
+
code_verifier: Q
|
|
1092
1161
|
});
|
|
1093
|
-
return D.status ? (
|
|
1162
|
+
return D.status ? (s(D.idToken), c(D.accessToken), p(D.refreshToken), T({
|
|
1094
1163
|
isLoading: !1,
|
|
1095
1164
|
isAuthenticated: !0,
|
|
1096
1165
|
user: {
|
|
1097
1166
|
userId: D.userId,
|
|
1098
|
-
username:
|
|
1167
|
+
username: u
|
|
1099
1168
|
},
|
|
1100
1169
|
logoutReason: ""
|
|
1101
|
-
}), !0) : (
|
|
1170
|
+
}), !0) : (k(Ae), !1);
|
|
1102
1171
|
}
|
|
1103
1172
|
return !1;
|
|
1104
1173
|
}
|
|
1105
|
-
const O = await
|
|
1106
|
-
username:
|
|
1107
|
-
password:
|
|
1174
|
+
const O = await ke({
|
|
1175
|
+
username: u,
|
|
1176
|
+
password: w,
|
|
1108
1177
|
clientId: r,
|
|
1109
1178
|
sessionExpiration: t,
|
|
1110
|
-
nonce:
|
|
1111
|
-
type:
|
|
1179
|
+
nonce: I,
|
|
1180
|
+
type: b
|
|
1112
1181
|
});
|
|
1113
|
-
return O.status ? (
|
|
1182
|
+
return O.status ? (s(O.idToken), c(O.accessToken), p(O.refreshToken), T({
|
|
1114
1183
|
isLoading: !1,
|
|
1115
1184
|
isAuthenticated: !0,
|
|
1116
1185
|
user: {
|
|
1117
1186
|
userId: O.userId,
|
|
1118
|
-
username:
|
|
1187
|
+
username: u
|
|
1119
1188
|
}
|
|
1120
|
-
}), !0) : (
|
|
1121
|
-
},
|
|
1122
|
-
|
|
1123
|
-
idToken:
|
|
1124
|
-
accessToken:
|
|
1125
|
-
refreshToken:
|
|
1189
|
+
}), !0) : (k(Ae), !1);
|
|
1190
|
+
}, $e = async (u) => {
|
|
1191
|
+
u == null || u.preventDefault(), k(qt), await oe({
|
|
1192
|
+
idToken: n,
|
|
1193
|
+
accessToken: i,
|
|
1194
|
+
refreshToken: y,
|
|
1126
1195
|
clientId: r
|
|
1127
|
-
})
|
|
1128
|
-
|
|
1129
|
-
|
|
1196
|
+
}), T((w) => ({
|
|
1197
|
+
...w,
|
|
1198
|
+
isLoading: !1
|
|
1199
|
+
}));
|
|
1200
|
+
}, We = async () => {
|
|
1201
|
+
const { isAuthenticated: u, user: w } = P;
|
|
1130
1202
|
try {
|
|
1131
|
-
if (
|
|
1132
|
-
if (
|
|
1133
|
-
const
|
|
1134
|
-
if (
|
|
1135
|
-
return
|
|
1136
|
-
}
|
|
1137
|
-
const I = await H(u);
|
|
1138
|
-
if (I && I.payload[f.USER_ID_KEY] !== "") {
|
|
1139
|
-
const m = await Gt({
|
|
1140
|
-
clientId: r,
|
|
1141
|
-
userId: P.userId,
|
|
1142
|
-
nonce: _,
|
|
1143
|
-
refreshToken: u,
|
|
1144
|
-
accessToken: o
|
|
1145
|
-
});
|
|
1146
|
-
return m.status ? (i(m.accessToken), w(m.refreshToken), m.accessToken) : (g(v), console.error(v), "");
|
|
1203
|
+
if (u && w && w.userId) {
|
|
1204
|
+
if (i) {
|
|
1205
|
+
const I = await H(i);
|
|
1206
|
+
if (I && I.payload[m.USER_ID_KEY] !== "")
|
|
1207
|
+
return i;
|
|
1147
1208
|
}
|
|
1148
|
-
|
|
1209
|
+
const b = await Ne.refreshtoken({
|
|
1210
|
+
clientId: r,
|
|
1211
|
+
userId: w.userId,
|
|
1212
|
+
nonce: E
|
|
1213
|
+
});
|
|
1214
|
+
return b.status ? (c(b.newAccessToken), p(b.newRefreshToken), b.newAccessToken) : (k(se), "");
|
|
1149
1215
|
}
|
|
1150
|
-
return
|
|
1216
|
+
return k(se), "";
|
|
1151
1217
|
} catch {
|
|
1152
|
-
return
|
|
1218
|
+
return k(se), "";
|
|
1153
1219
|
}
|
|
1154
|
-
},
|
|
1155
|
-
if (
|
|
1156
|
-
return
|
|
1220
|
+
}, Je = () => {
|
|
1221
|
+
if (P.isAuthenticated && n)
|
|
1222
|
+
return n;
|
|
1157
1223
|
};
|
|
1158
|
-
return /* @__PURE__ */
|
|
1159
|
-
|
|
1224
|
+
return /* @__PURE__ */ Ve(
|
|
1225
|
+
Ke.Provider,
|
|
1160
1226
|
{
|
|
1161
|
-
value: { ...
|
|
1227
|
+
value: { ...P, login: Le, logout: $e, getAccessToken: We, getIdToken: Je },
|
|
1162
1228
|
children: e
|
|
1163
1229
|
}
|
|
1164
1230
|
);
|
|
1165
|
-
},
|
|
1231
|
+
}, cr = (e = Ke) => ze(e);
|
|
1166
1232
|
export {
|
|
1167
|
-
|
|
1168
|
-
|
|
1169
|
-
|
|
1233
|
+
F as AUTH_TYPES,
|
|
1234
|
+
ir as AuthProvider,
|
|
1235
|
+
cr as useAuth
|
|
1170
1236
|
};
|