@versini/auth-provider 5.1.1 → 5.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +288 -288
- package/package.json +3 -3
package/dist/index.js
CHANGED
|
@@ -1,17 +1,16 @@
|
|
|
1
|
-
var
|
|
2
|
-
var
|
|
3
|
-
var
|
|
4
|
-
import { jsx as
|
|
5
|
-
import
|
|
6
|
-
import { createContext as Fe, useRef as Ge, useState as qe, useCallback as le, useEffect as ze, useContext as Xe } from "react";
|
|
1
|
+
var Ye = Object.defineProperty;
|
|
2
|
+
var Be = (e, t, r) => t in e ? Ye(e, t, { enumerable: !0, configurable: !0, writable: !0, value: r }) : e[t] = r;
|
|
3
|
+
var L = (e, t, r) => Be(e, typeof t != "symbol" ? t + "" : t, r);
|
|
4
|
+
import { jsx as Fe } from "react/jsx-runtime";
|
|
5
|
+
import { useSyncExternalStore as Ge, useCallback as H, useEffect as ve, createContext as qe, useRef as ze, useState as Xe, useContext as Qe } from "react";
|
|
7
6
|
/*!
|
|
8
|
-
@versini/auth-provider v5.1.
|
|
7
|
+
@versini/auth-provider v5.1.2
|
|
9
8
|
© 2024 gizmette.com
|
|
10
9
|
*/
|
|
11
10
|
try {
|
|
12
11
|
window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
|
|
13
|
-
version: "5.1.
|
|
14
|
-
buildTime: "07/
|
|
12
|
+
version: "5.1.2",
|
|
13
|
+
buildTime: "07/09/2024 11:15 AM EDT",
|
|
15
14
|
homepage: "https://github.com/aversini/auth-client",
|
|
16
15
|
license: "MIT"
|
|
17
16
|
});
|
|
@@ -24,19 +23,19 @@ try {
|
|
|
24
23
|
try {
|
|
25
24
|
window.__VERSINI_AUTH_COMMON__ || (window.__VERSINI_AUTH_COMMON__ = {
|
|
26
25
|
version: "2.11.0",
|
|
27
|
-
buildTime: "07/
|
|
26
|
+
buildTime: "07/09/2024 11:15 AM EDT",
|
|
28
27
|
homepage: "https://github.com/aversini/auth-client",
|
|
29
28
|
license: "MIT"
|
|
30
29
|
});
|
|
31
30
|
} catch {
|
|
32
31
|
}
|
|
33
|
-
const
|
|
32
|
+
const q = {
|
|
34
33
|
ID_TOKEN: "id_token",
|
|
35
34
|
ACCESS_TOKEN: "token",
|
|
36
35
|
ID_AND_ACCESS_TOKEN: "id_token token",
|
|
37
36
|
CODE: "code",
|
|
38
37
|
REFRESH_TOKEN: "refresh_token"
|
|
39
|
-
},
|
|
38
|
+
}, Ze = {
|
|
40
39
|
CLIENT_ID: "X-Auth-ClientId"
|
|
41
40
|
}, w = {
|
|
42
41
|
ALG: "RS256",
|
|
@@ -45,7 +44,7 @@ const G = {
|
|
|
45
44
|
NONCE_KEY: "_nonce",
|
|
46
45
|
USERNAME_KEY: "username",
|
|
47
46
|
ISSUER: "gizmette.com"
|
|
48
|
-
},
|
|
47
|
+
}, et = `-----BEGIN PUBLIC KEY-----
|
|
49
48
|
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6i3Jd9fY/3COqCw/m7
|
|
50
49
|
w5PKyTYLGAI2I6SIIdpe6i6DOCbEkmDz7LdVsBqwNtVi8gvWYIj+8ol6rU3qu1v5
|
|
51
50
|
i1Jd45GSK4kzkVdgCmQZbM5ak0KI99q5wsrAIzUd+LRJ2HRvWtr5IYdsIiXaQjle
|
|
@@ -53,28 +52,28 @@ aMwPFOIcJH+rKfFgNcHLcaS5syp7zU1ANwZ+trgR+DifBr8TLVkBynmNeTyhDm2+
|
|
|
53
52
|
l0haqjMk0UoNPPE8iYBWUHQJJE1Dqstj65d6Eh5g64Pao25y4cmYJbKjiblIGEkE
|
|
54
53
|
sjqybA9mARAqh9k/eiIopecWSiffNQTwVQVd2I9ZH3BalhEXHlqFgrjz51kFqg81
|
|
55
54
|
awIDAQAB
|
|
56
|
-
-----END PUBLIC KEY-----`,
|
|
55
|
+
-----END PUBLIC KEY-----`, z = {
|
|
57
56
|
AUTHENTICATE: "authenticate",
|
|
58
57
|
CODE: "code",
|
|
59
58
|
LOGOUT: "logout"
|
|
60
|
-
},
|
|
61
|
-
function
|
|
59
|
+
}, X = crypto, be = (e) => e instanceof CryptoKey, $ = new TextEncoder(), Q = new TextDecoder();
|
|
60
|
+
function tt(...e) {
|
|
62
61
|
const t = e.reduce((n, { length: s }) => n + s, 0), r = new Uint8Array(t);
|
|
63
62
|
let a = 0;
|
|
64
63
|
for (const n of e)
|
|
65
64
|
r.set(n, a), a += n.length;
|
|
66
65
|
return r;
|
|
67
66
|
}
|
|
68
|
-
const
|
|
67
|
+
const rt = (e) => {
|
|
69
68
|
const t = atob(e), r = new Uint8Array(t.length);
|
|
70
69
|
for (let a = 0; a < t.length; a++)
|
|
71
70
|
r[a] = t.charCodeAt(a);
|
|
72
71
|
return r;
|
|
73
|
-
},
|
|
72
|
+
}, B = (e) => {
|
|
74
73
|
let t = e;
|
|
75
|
-
t instanceof Uint8Array && (t =
|
|
74
|
+
t instanceof Uint8Array && (t = Q.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
|
|
76
75
|
try {
|
|
77
|
-
return
|
|
76
|
+
return rt(t);
|
|
78
77
|
} catch {
|
|
79
78
|
throw new TypeError("The input to be decoded is not correctly encoded.");
|
|
80
79
|
}
|
|
@@ -96,7 +95,7 @@ class A extends C {
|
|
|
96
95
|
super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = a, this.reason = n, this.payload = r;
|
|
97
96
|
}
|
|
98
97
|
}
|
|
99
|
-
class
|
|
98
|
+
class le extends C {
|
|
100
99
|
static get code() {
|
|
101
100
|
return "ERR_JWT_EXPIRED";
|
|
102
101
|
}
|
|
@@ -104,7 +103,7 @@ class he extends C {
|
|
|
104
103
|
super(t), this.code = "ERR_JWT_EXPIRED", this.claim = a, this.reason = n, this.payload = r;
|
|
105
104
|
}
|
|
106
105
|
}
|
|
107
|
-
class
|
|
106
|
+
class at extends C {
|
|
108
107
|
constructor() {
|
|
109
108
|
super(...arguments), this.code = "ERR_JOSE_ALG_NOT_ALLOWED";
|
|
110
109
|
}
|
|
@@ -112,30 +111,31 @@ class rt extends C {
|
|
|
112
111
|
return "ERR_JOSE_ALG_NOT_ALLOWED";
|
|
113
112
|
}
|
|
114
113
|
}
|
|
115
|
-
|
|
114
|
+
class b extends C {
|
|
116
115
|
constructor() {
|
|
117
116
|
super(...arguments), this.code = "ERR_JOSE_NOT_SUPPORTED";
|
|
118
117
|
}
|
|
119
118
|
static get code() {
|
|
120
119
|
return "ERR_JOSE_NOT_SUPPORTED";
|
|
121
120
|
}
|
|
122
|
-
}
|
|
121
|
+
}
|
|
122
|
+
class f extends C {
|
|
123
123
|
constructor() {
|
|
124
124
|
super(...arguments), this.code = "ERR_JWS_INVALID";
|
|
125
125
|
}
|
|
126
126
|
static get code() {
|
|
127
127
|
return "ERR_JWS_INVALID";
|
|
128
128
|
}
|
|
129
|
-
}
|
|
130
|
-
|
|
129
|
+
}
|
|
130
|
+
let Re = class extends C {
|
|
131
131
|
constructor() {
|
|
132
132
|
super(...arguments), this.code = "ERR_JWT_INVALID";
|
|
133
133
|
}
|
|
134
134
|
static get code() {
|
|
135
135
|
return "ERR_JWT_INVALID";
|
|
136
136
|
}
|
|
137
|
-
}
|
|
138
|
-
class
|
|
137
|
+
};
|
|
138
|
+
class nt extends C {
|
|
139
139
|
constructor() {
|
|
140
140
|
super(...arguments), this.code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED", this.message = "signature verification failed";
|
|
141
141
|
}
|
|
@@ -143,16 +143,16 @@ class at extends C {
|
|
|
143
143
|
return "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
|
|
144
144
|
}
|
|
145
145
|
}
|
|
146
|
-
function
|
|
146
|
+
function k(e, t = "algorithm.name") {
|
|
147
147
|
return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`);
|
|
148
148
|
}
|
|
149
|
-
function
|
|
149
|
+
function W(e, t) {
|
|
150
150
|
return e.name === t;
|
|
151
151
|
}
|
|
152
152
|
function te(e) {
|
|
153
153
|
return parseInt(e.name.slice(4), 10);
|
|
154
154
|
}
|
|
155
|
-
function
|
|
155
|
+
function st(e) {
|
|
156
156
|
switch (e) {
|
|
157
157
|
case "ES256":
|
|
158
158
|
return "P-256";
|
|
@@ -164,83 +164,81 @@ function nt(e) {
|
|
|
164
164
|
throw new Error("unreachable");
|
|
165
165
|
}
|
|
166
166
|
}
|
|
167
|
-
function
|
|
167
|
+
function ot(e, t) {
|
|
168
168
|
if (t.length && !t.some((r) => e.usages.includes(r))) {
|
|
169
169
|
let r = "CryptoKey does not support this operation, its usages must include ";
|
|
170
170
|
if (t.length > 2) {
|
|
171
171
|
const a = t.pop();
|
|
172
172
|
r += `one of ${t.join(", ")}, or ${a}.`;
|
|
173
|
-
} else
|
|
174
|
-
t.length === 2 ? r += `one of ${t[0]} or ${t[1]}.` : r += `${t[0]}.`;
|
|
173
|
+
} else t.length === 2 ? r += `one of ${t[0]} or ${t[1]}.` : r += `${t[0]}.`;
|
|
175
174
|
throw new TypeError(r);
|
|
176
175
|
}
|
|
177
176
|
}
|
|
178
|
-
function
|
|
177
|
+
function it(e, t, ...r) {
|
|
179
178
|
switch (t) {
|
|
180
179
|
case "HS256":
|
|
181
180
|
case "HS384":
|
|
182
181
|
case "HS512": {
|
|
183
|
-
if (
|
|
184
|
-
throw
|
|
182
|
+
if (!W(e.algorithm, "HMAC"))
|
|
183
|
+
throw k("HMAC");
|
|
185
184
|
const a = parseInt(t.slice(2), 10);
|
|
186
185
|
if (te(e.algorithm.hash) !== a)
|
|
187
|
-
throw
|
|
186
|
+
throw k(`SHA-${a}`, "algorithm.hash");
|
|
188
187
|
break;
|
|
189
188
|
}
|
|
190
189
|
case "RS256":
|
|
191
190
|
case "RS384":
|
|
192
191
|
case "RS512": {
|
|
193
|
-
if (
|
|
194
|
-
throw
|
|
192
|
+
if (!W(e.algorithm, "RSASSA-PKCS1-v1_5"))
|
|
193
|
+
throw k("RSASSA-PKCS1-v1_5");
|
|
195
194
|
const a = parseInt(t.slice(2), 10);
|
|
196
195
|
if (te(e.algorithm.hash) !== a)
|
|
197
|
-
throw
|
|
196
|
+
throw k(`SHA-${a}`, "algorithm.hash");
|
|
198
197
|
break;
|
|
199
198
|
}
|
|
200
199
|
case "PS256":
|
|
201
200
|
case "PS384":
|
|
202
201
|
case "PS512": {
|
|
203
|
-
if (
|
|
204
|
-
throw
|
|
202
|
+
if (!W(e.algorithm, "RSA-PSS"))
|
|
203
|
+
throw k("RSA-PSS");
|
|
205
204
|
const a = parseInt(t.slice(2), 10);
|
|
206
205
|
if (te(e.algorithm.hash) !== a)
|
|
207
|
-
throw
|
|
206
|
+
throw k(`SHA-${a}`, "algorithm.hash");
|
|
208
207
|
break;
|
|
209
208
|
}
|
|
210
209
|
case "EdDSA": {
|
|
211
210
|
if (e.algorithm.name !== "Ed25519" && e.algorithm.name !== "Ed448")
|
|
212
|
-
throw
|
|
211
|
+
throw k("Ed25519 or Ed448");
|
|
213
212
|
break;
|
|
214
213
|
}
|
|
215
214
|
case "ES256":
|
|
216
215
|
case "ES384":
|
|
217
216
|
case "ES512": {
|
|
218
|
-
if (
|
|
219
|
-
throw
|
|
220
|
-
const a =
|
|
217
|
+
if (!W(e.algorithm, "ECDSA"))
|
|
218
|
+
throw k("ECDSA");
|
|
219
|
+
const a = st(t);
|
|
221
220
|
if (e.algorithm.namedCurve !== a)
|
|
222
|
-
throw
|
|
221
|
+
throw k(a, "algorithm.namedCurve");
|
|
223
222
|
break;
|
|
224
223
|
}
|
|
225
224
|
default:
|
|
226
225
|
throw new TypeError("CryptoKey does not support this operation");
|
|
227
226
|
}
|
|
228
|
-
|
|
227
|
+
ot(e, r);
|
|
229
228
|
}
|
|
230
229
|
function Ie(e, t, ...r) {
|
|
231
230
|
var a;
|
|
232
231
|
if (r.length > 2) {
|
|
233
232
|
const n = r.pop();
|
|
234
233
|
e += `one of type ${r.join(", ")}, or ${n}.`;
|
|
235
|
-
} else
|
|
236
|
-
r.length === 2 ? e += `one of type ${r[0]} or ${r[1]}.` : e += `of type ${r[0]}.`;
|
|
234
|
+
} else r.length === 2 ? e += `one of type ${r[0]} or ${r[1]}.` : e += `of type ${r[0]}.`;
|
|
237
235
|
return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (a = t.constructor) != null && a.name && (e += ` Received an instance of ${t.constructor.name}`), e;
|
|
238
236
|
}
|
|
239
|
-
const
|
|
237
|
+
const he = (e, ...t) => Ie("Key must be ", e, ...t);
|
|
240
238
|
function Ce(e, t, ...r) {
|
|
241
239
|
return Ie(`Key for the ${e} algorithm must be `, t, ...r);
|
|
242
240
|
}
|
|
243
|
-
const Pe = (e) =>
|
|
241
|
+
const Pe = (e) => be(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", G = ["CryptoKey"], ct = (...e) => {
|
|
244
242
|
const t = e.filter(Boolean);
|
|
245
243
|
if (t.length === 0 || t.length === 1)
|
|
246
244
|
return !0;
|
|
@@ -259,11 +257,11 @@ const Pe = (e) => ve(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) ===
|
|
|
259
257
|
}
|
|
260
258
|
return !0;
|
|
261
259
|
};
|
|
262
|
-
function
|
|
260
|
+
function ut(e) {
|
|
263
261
|
return typeof e == "object" && e !== null;
|
|
264
262
|
}
|
|
265
263
|
function ie(e) {
|
|
266
|
-
if (!
|
|
264
|
+
if (!ut(e) || Object.prototype.toString.call(e) !== "[object Object]")
|
|
267
265
|
return !1;
|
|
268
266
|
if (Object.getPrototypeOf(e) === null)
|
|
269
267
|
return !0;
|
|
@@ -272,14 +270,14 @@ function ie(e) {
|
|
|
272
270
|
t = Object.getPrototypeOf(t);
|
|
273
271
|
return Object.getPrototypeOf(e) === t;
|
|
274
272
|
}
|
|
275
|
-
const
|
|
273
|
+
const dt = (e, t) => {
|
|
276
274
|
if (e.startsWith("RS") || e.startsWith("PS")) {
|
|
277
275
|
const { modulusLength: r } = t.algorithm;
|
|
278
276
|
if (typeof r != "number" || r < 2048)
|
|
279
277
|
throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`);
|
|
280
278
|
}
|
|
281
279
|
};
|
|
282
|
-
function
|
|
280
|
+
function lt(e) {
|
|
283
281
|
let t, r;
|
|
284
282
|
switch (e.kty) {
|
|
285
283
|
case "RSA": {
|
|
@@ -304,7 +302,7 @@ function dt(e) {
|
|
|
304
302
|
}, r = e.d ? ["decrypt", "unwrapKey"] : ["encrypt", "wrapKey"];
|
|
305
303
|
break;
|
|
306
304
|
default:
|
|
307
|
-
throw new
|
|
305
|
+
throw new b('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
|
|
308
306
|
}
|
|
309
307
|
break;
|
|
310
308
|
}
|
|
@@ -326,7 +324,7 @@ function dt(e) {
|
|
|
326
324
|
t = { name: "ECDH", namedCurve: e.crv }, r = e.d ? ["deriveBits"] : [];
|
|
327
325
|
break;
|
|
328
326
|
default:
|
|
329
|
-
throw new
|
|
327
|
+
throw new b('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
|
|
330
328
|
}
|
|
331
329
|
break;
|
|
332
330
|
}
|
|
@@ -342,71 +340,71 @@ function dt(e) {
|
|
|
342
340
|
t = { name: e.crv }, r = e.d ? ["deriveBits"] : [];
|
|
343
341
|
break;
|
|
344
342
|
default:
|
|
345
|
-
throw new
|
|
343
|
+
throw new b('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
|
|
346
344
|
}
|
|
347
345
|
break;
|
|
348
346
|
}
|
|
349
347
|
default:
|
|
350
|
-
throw new
|
|
348
|
+
throw new b('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
|
|
351
349
|
}
|
|
352
350
|
return { algorithm: t, keyUsages: r };
|
|
353
351
|
}
|
|
354
|
-
const
|
|
352
|
+
const ht = async (e) => {
|
|
355
353
|
if (!e.alg)
|
|
356
354
|
throw new TypeError('"alg" argument is required when "jwk.alg" is not present');
|
|
357
|
-
const { algorithm: t, keyUsages: r } =
|
|
355
|
+
const { algorithm: t, keyUsages: r } = lt(e), a = [
|
|
358
356
|
t,
|
|
359
357
|
e.ext ?? !1,
|
|
360
358
|
e.key_ops ?? r
|
|
361
359
|
], n = { ...e };
|
|
362
|
-
return delete n.alg, delete n.use,
|
|
363
|
-
}, Oe = (e) =>
|
|
360
|
+
return delete n.alg, delete n.use, X.subtle.importKey("jwk", n, ...a);
|
|
361
|
+
}, Oe = (e) => B(e);
|
|
364
362
|
let re, ae;
|
|
365
363
|
const De = (e) => (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", Ue = async (e, t, r, a) => {
|
|
366
364
|
let n = e.get(t);
|
|
367
365
|
if (n != null && n[a])
|
|
368
366
|
return n[a];
|
|
369
|
-
const s = await
|
|
367
|
+
const s = await ht({ ...r, alg: a });
|
|
370
368
|
return n ? n[a] = s : e.set(t, { [a]: s }), s;
|
|
371
|
-
},
|
|
369
|
+
}, ft = (e, t) => {
|
|
372
370
|
if (De(e)) {
|
|
373
371
|
let r = e.export({ format: "jwk" });
|
|
374
372
|
return delete r.d, delete r.dp, delete r.dq, delete r.p, delete r.q, delete r.qi, r.k ? Oe(r.k) : (ae || (ae = /* @__PURE__ */ new WeakMap()), Ue(ae, e, r, t));
|
|
375
373
|
}
|
|
376
374
|
return e;
|
|
377
|
-
},
|
|
375
|
+
}, pt = (e, t) => {
|
|
378
376
|
if (De(e)) {
|
|
379
377
|
let r = e.export({ format: "jwk" });
|
|
380
378
|
return r.k ? Oe(r.k) : (re || (re = /* @__PURE__ */ new WeakMap()), Ue(re, e, r, t));
|
|
381
379
|
}
|
|
382
380
|
return e;
|
|
383
|
-
},
|
|
381
|
+
}, yt = { normalizePublicKey: ft, normalizePrivateKey: pt }, v = (e, t, r = 0) => {
|
|
384
382
|
r === 0 && (t.unshift(t.length), t.unshift(6));
|
|
385
383
|
const a = e.indexOf(t[0], r);
|
|
386
384
|
if (a === -1)
|
|
387
385
|
return !1;
|
|
388
386
|
const n = e.subarray(a, a + t.length);
|
|
389
|
-
return n.length !== t.length ? !1 : n.every((s, o) => s === t[o]) ||
|
|
390
|
-
},
|
|
387
|
+
return n.length !== t.length ? !1 : n.every((s, o) => s === t[o]) || v(e, t, a + 1);
|
|
388
|
+
}, fe = (e) => {
|
|
391
389
|
switch (!0) {
|
|
392
|
-
case
|
|
390
|
+
case v(e, [42, 134, 72, 206, 61, 3, 1, 7]):
|
|
393
391
|
return "P-256";
|
|
394
|
-
case
|
|
392
|
+
case v(e, [43, 129, 4, 0, 34]):
|
|
395
393
|
return "P-384";
|
|
396
|
-
case
|
|
394
|
+
case v(e, [43, 129, 4, 0, 35]):
|
|
397
395
|
return "P-521";
|
|
398
|
-
case
|
|
396
|
+
case v(e, [43, 101, 110]):
|
|
399
397
|
return "X25519";
|
|
400
|
-
case
|
|
398
|
+
case v(e, [43, 101, 111]):
|
|
401
399
|
return "X448";
|
|
402
|
-
case
|
|
400
|
+
case v(e, [43, 101, 112]):
|
|
403
401
|
return "Ed25519";
|
|
404
|
-
case
|
|
402
|
+
case v(e, [43, 101, 113]):
|
|
405
403
|
return "Ed448";
|
|
406
404
|
default:
|
|
407
|
-
throw new
|
|
405
|
+
throw new b("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
|
|
408
406
|
}
|
|
409
|
-
},
|
|
407
|
+
}, wt = async (e, t, r, a, n) => {
|
|
410
408
|
let s, o;
|
|
411
409
|
const i = new Uint8Array(atob(r.replace(e, "")).split("").map((c) => c.charCodeAt(0)));
|
|
412
410
|
switch (a) {
|
|
@@ -442,43 +440,43 @@ const De = (e) => (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject",
|
|
|
442
440
|
case "ECDH-ES+A128KW":
|
|
443
441
|
case "ECDH-ES+A192KW":
|
|
444
442
|
case "ECDH-ES+A256KW": {
|
|
445
|
-
const c =
|
|
443
|
+
const c = fe(i);
|
|
446
444
|
s = c.startsWith("P-") ? { name: "ECDH", namedCurve: c } : { name: c }, o = [];
|
|
447
445
|
break;
|
|
448
446
|
}
|
|
449
447
|
case "EdDSA":
|
|
450
|
-
s = { name:
|
|
448
|
+
s = { name: fe(i) }, o = ["verify"];
|
|
451
449
|
break;
|
|
452
450
|
default:
|
|
453
|
-
throw new
|
|
451
|
+
throw new b('Invalid or unsupported "alg" (Algorithm) value');
|
|
454
452
|
}
|
|
455
|
-
return
|
|
456
|
-
},
|
|
457
|
-
async function
|
|
453
|
+
return X.subtle.importKey(t, i, s, !1, o);
|
|
454
|
+
}, mt = (e, t, r) => wt(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
|
|
455
|
+
async function Et(e, t, r) {
|
|
458
456
|
if (e.indexOf("-----BEGIN PUBLIC KEY-----") !== 0)
|
|
459
457
|
throw new TypeError('"spki" must be SPKI formatted string');
|
|
460
|
-
return
|
|
458
|
+
return mt(e, t);
|
|
461
459
|
}
|
|
462
|
-
const
|
|
460
|
+
const F = (e) => e == null ? void 0 : e[Symbol.toStringTag], St = (e, t) => {
|
|
463
461
|
if (!(t instanceof Uint8Array)) {
|
|
464
462
|
if (!Pe(t))
|
|
465
|
-
throw new TypeError(Ce(e, t, ...
|
|
463
|
+
throw new TypeError(Ce(e, t, ...G, "Uint8Array"));
|
|
466
464
|
if (t.type !== "secret")
|
|
467
|
-
throw new TypeError(`${
|
|
465
|
+
throw new TypeError(`${F(t)} instances for symmetric algorithms must be of type "secret"`);
|
|
468
466
|
}
|
|
469
|
-
},
|
|
467
|
+
}, gt = (e, t, r) => {
|
|
470
468
|
if (!Pe(t))
|
|
471
|
-
throw new TypeError(Ce(e, t, ...
|
|
469
|
+
throw new TypeError(Ce(e, t, ...G));
|
|
472
470
|
if (t.type === "secret")
|
|
473
|
-
throw new TypeError(`${
|
|
471
|
+
throw new TypeError(`${F(t)} instances for asymmetric algorithms must not be of type "secret"`);
|
|
474
472
|
if (t.algorithm && r === "verify" && t.type === "private")
|
|
475
|
-
throw new TypeError(`${
|
|
473
|
+
throw new TypeError(`${F(t)} instances for asymmetric algorithm verifying must be of type "public"`);
|
|
476
474
|
if (t.algorithm && r === "encrypt" && t.type === "private")
|
|
477
|
-
throw new TypeError(`${
|
|
478
|
-
},
|
|
479
|
-
e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ?
|
|
475
|
+
throw new TypeError(`${F(t)} instances for asymmetric algorithm encryption must be of type "public"`);
|
|
476
|
+
}, At = (e, t, r) => {
|
|
477
|
+
e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? St(e, t) : gt(e, t, r);
|
|
480
478
|
};
|
|
481
|
-
function
|
|
479
|
+
function Tt(e, t, r, a, n) {
|
|
482
480
|
if (n.crit !== void 0 && (a == null ? void 0 : a.crit) === void 0)
|
|
483
481
|
throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');
|
|
484
482
|
if (!a || a.crit === void 0)
|
|
@@ -489,7 +487,7 @@ function At(e, t, r, a, n) {
|
|
|
489
487
|
r !== void 0 ? s = new Map([...Object.entries(r), ...t.entries()]) : s = t;
|
|
490
488
|
for (const o of a.crit) {
|
|
491
489
|
if (!s.has(o))
|
|
492
|
-
throw new
|
|
490
|
+
throw new b(`Extension Header Parameter "${o}" is not recognized`);
|
|
493
491
|
if (n[o] === void 0)
|
|
494
492
|
throw new e(`Extension Header Parameter "${o}" is missing`);
|
|
495
493
|
if (s.get(o) && a[o] === void 0)
|
|
@@ -497,13 +495,13 @@ function At(e, t, r, a, n) {
|
|
|
497
495
|
}
|
|
498
496
|
return new Set(a.crit);
|
|
499
497
|
}
|
|
500
|
-
const
|
|
498
|
+
const kt = (e, t) => {
|
|
501
499
|
if (t !== void 0 && (!Array.isArray(t) || t.some((r) => typeof r != "string")))
|
|
502
500
|
throw new TypeError(`"${e}" option must be an array of strings`);
|
|
503
501
|
if (t)
|
|
504
502
|
return new Set(t);
|
|
505
503
|
};
|
|
506
|
-
function
|
|
504
|
+
function _t(e, t) {
|
|
507
505
|
const r = `SHA-${e.slice(-3)}`;
|
|
508
506
|
switch (e) {
|
|
509
507
|
case "HS256":
|
|
@@ -525,30 +523,30 @@ function kt(e, t) {
|
|
|
525
523
|
case "EdDSA":
|
|
526
524
|
return { name: t.name };
|
|
527
525
|
default:
|
|
528
|
-
throw new
|
|
526
|
+
throw new b(`alg ${e} is not supported either by JOSE or your javascript runtime`);
|
|
529
527
|
}
|
|
530
528
|
}
|
|
531
|
-
async function
|
|
532
|
-
if (t = await
|
|
533
|
-
return
|
|
529
|
+
async function vt(e, t, r) {
|
|
530
|
+
if (t = await yt.normalizePublicKey(t, e), be(t))
|
|
531
|
+
return it(t, e, r), t;
|
|
534
532
|
if (t instanceof Uint8Array) {
|
|
535
533
|
if (!e.startsWith("HS"))
|
|
536
|
-
throw new TypeError(
|
|
537
|
-
return
|
|
534
|
+
throw new TypeError(he(t, ...G));
|
|
535
|
+
return X.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [r]);
|
|
538
536
|
}
|
|
539
|
-
throw new TypeError(
|
|
537
|
+
throw new TypeError(he(t, ...G, "Uint8Array"));
|
|
540
538
|
}
|
|
541
|
-
const
|
|
542
|
-
const n = await
|
|
543
|
-
|
|
544
|
-
const s =
|
|
539
|
+
const bt = async (e, t, r, a) => {
|
|
540
|
+
const n = await vt(e, t, "verify");
|
|
541
|
+
dt(e, n);
|
|
542
|
+
const s = _t(e, n.algorithm);
|
|
545
543
|
try {
|
|
546
|
-
return await
|
|
544
|
+
return await X.subtle.verify(s, n, r, a);
|
|
547
545
|
} catch {
|
|
548
546
|
return !1;
|
|
549
547
|
}
|
|
550
548
|
};
|
|
551
|
-
async function
|
|
549
|
+
async function Rt(e, t, r) {
|
|
552
550
|
if (!ie(e))
|
|
553
551
|
throw new f("Flattened JWS must be an object");
|
|
554
552
|
if (e.protected === void 0 && e.header === void 0)
|
|
@@ -564,65 +562,64 @@ async function vt(e, t, r) {
|
|
|
564
562
|
let a = {};
|
|
565
563
|
if (e.protected)
|
|
566
564
|
try {
|
|
567
|
-
const S =
|
|
568
|
-
a = JSON.parse(
|
|
565
|
+
const S = B(e.protected);
|
|
566
|
+
a = JSON.parse(Q.decode(S));
|
|
569
567
|
} catch {
|
|
570
568
|
throw new f("JWS Protected Header is invalid");
|
|
571
569
|
}
|
|
572
|
-
if (!
|
|
570
|
+
if (!ct(a, e.header))
|
|
573
571
|
throw new f("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
|
|
574
572
|
const n = {
|
|
575
573
|
...a,
|
|
576
574
|
...e.header
|
|
577
|
-
}, s =
|
|
575
|
+
}, s = Tt(f, /* @__PURE__ */ new Map([["b64", !0]]), r == null ? void 0 : r.crit, a, n);
|
|
578
576
|
let o = !0;
|
|
579
577
|
if (s.has("b64") && (o = a.b64, typeof o != "boolean"))
|
|
580
578
|
throw new f('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
|
|
581
579
|
const { alg: i } = n;
|
|
582
580
|
if (typeof i != "string" || !i)
|
|
583
581
|
throw new f('JWS "alg" (Algorithm) Header Parameter missing or invalid');
|
|
584
|
-
const c = r &&
|
|
582
|
+
const c = r && kt("algorithms", r.algorithms);
|
|
585
583
|
if (c && !c.has(i))
|
|
586
|
-
throw new
|
|
584
|
+
throw new at('"alg" (Algorithm) Header Parameter value not allowed');
|
|
587
585
|
if (o) {
|
|
588
586
|
if (typeof e.payload != "string")
|
|
589
587
|
throw new f("JWS Payload must be a string");
|
|
590
588
|
} else if (typeof e.payload != "string" && !(e.payload instanceof Uint8Array))
|
|
591
589
|
throw new f("JWS Payload must be a string or an Uint8Array instance");
|
|
592
590
|
let d = !1;
|
|
593
|
-
typeof t == "function" && (t = await t(a, e), d = !0),
|
|
594
|
-
const p =
|
|
591
|
+
typeof t == "function" && (t = await t(a, e), d = !0), At(i, t, "verify");
|
|
592
|
+
const p = tt($.encode(e.protected ?? ""), $.encode("."), typeof e.payload == "string" ? $.encode(e.payload) : e.payload);
|
|
595
593
|
let y;
|
|
596
594
|
try {
|
|
597
|
-
y =
|
|
595
|
+
y = B(e.signature);
|
|
598
596
|
} catch {
|
|
599
597
|
throw new f("Failed to base64url decode the signature");
|
|
600
598
|
}
|
|
601
|
-
if (!await
|
|
602
|
-
throw new
|
|
599
|
+
if (!await bt(i, t, y, p))
|
|
600
|
+
throw new nt();
|
|
603
601
|
let E;
|
|
604
602
|
if (o)
|
|
605
603
|
try {
|
|
606
|
-
E =
|
|
604
|
+
E = B(e.payload);
|
|
607
605
|
} catch {
|
|
608
606
|
throw new f("Failed to base64url decode the payload");
|
|
609
607
|
}
|
|
610
|
-
else
|
|
611
|
-
typeof e.payload == "string" ? E = L.encode(e.payload) : E = e.payload;
|
|
608
|
+
else typeof e.payload == "string" ? E = $.encode(e.payload) : E = e.payload;
|
|
612
609
|
const m = { payload: E };
|
|
613
610
|
return e.protected !== void 0 && (m.protectedHeader = a), e.header !== void 0 && (m.unprotectedHeader = e.header), d ? { ...m, key: t } : m;
|
|
614
611
|
}
|
|
615
|
-
async function
|
|
616
|
-
if (e instanceof Uint8Array && (e =
|
|
612
|
+
async function It(e, t, r) {
|
|
613
|
+
if (e instanceof Uint8Array && (e = Q.decode(e)), typeof e != "string")
|
|
617
614
|
throw new f("Compact JWS must be a string or Uint8Array");
|
|
618
615
|
const { 0: a, 1: n, 2: s, length: o } = e.split(".");
|
|
619
616
|
if (o !== 3)
|
|
620
617
|
throw new f("Invalid Compact JWS");
|
|
621
|
-
const i = await
|
|
618
|
+
const i = await Rt({ payload: n, protected: a, signature: s }, t, r), c = { payload: i.payload, protectedHeader: i.protectedHeader };
|
|
622
619
|
return typeof t == "function" ? { ...c, key: i.key } : c;
|
|
623
620
|
}
|
|
624
|
-
const
|
|
625
|
-
const t =
|
|
621
|
+
const Ct = (e) => Math.floor(e.getTime() / 1e3), He = 60, Ke = He * 60, ce = Ke * 24, Pt = ce * 7, Ot = ce * 365.25, Dt = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, pe = (e) => {
|
|
622
|
+
const t = Dt.exec(e);
|
|
626
623
|
if (!t || t[4] && t[1])
|
|
627
624
|
throw new TypeError("Invalid time period format");
|
|
628
625
|
const r = parseFloat(t[2]), a = t[3].toLowerCase();
|
|
@@ -657,23 +654,23 @@ const It = (e) => Math.floor(e.getTime() / 1e3), He = 60, Ke = He * 60, ce = Ke
|
|
|
657
654
|
case "week":
|
|
658
655
|
case "weeks":
|
|
659
656
|
case "w":
|
|
660
|
-
n = Math.round(r *
|
|
657
|
+
n = Math.round(r * Pt);
|
|
661
658
|
break;
|
|
662
659
|
default:
|
|
663
|
-
n = Math.round(r *
|
|
660
|
+
n = Math.round(r * Ot);
|
|
664
661
|
break;
|
|
665
662
|
}
|
|
666
663
|
return t[1] === "-" || t[4] === "ago" ? -n : n;
|
|
667
|
-
},
|
|
664
|
+
}, ye = (e) => e.toLowerCase().replace(/^application\//, ""), Ut = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, Ht = (e, t, r = {}) => {
|
|
668
665
|
let a;
|
|
669
666
|
try {
|
|
670
|
-
a = JSON.parse(
|
|
667
|
+
a = JSON.parse(Q.decode(t));
|
|
671
668
|
} catch {
|
|
672
669
|
}
|
|
673
670
|
if (!ie(a))
|
|
674
671
|
throw new Re("JWT Claims Set must be a top-level JSON object");
|
|
675
672
|
const { typ: n } = r;
|
|
676
|
-
if (n && (typeof e.typ != "string" ||
|
|
673
|
+
if (n && (typeof e.typ != "string" || ye(e.typ) !== ye(n)))
|
|
677
674
|
throw new A('unexpected "typ" JWT header value', a, "typ", "check_failed");
|
|
678
675
|
const { requiredClaims: s = [], issuer: o, subject: i, audience: c, maxTokenAge: d } = r, p = [...s];
|
|
679
676
|
d !== void 0 && p.push("iat"), c !== void 0 && p.push("aud"), i !== void 0 && p.push("sub"), o !== void 0 && p.push("iss");
|
|
@@ -684,12 +681,12 @@ const It = (e) => Math.floor(e.getTime() / 1e3), He = 60, Ke = He * 60, ce = Ke
|
|
|
684
681
|
throw new A('unexpected "iss" claim value', a, "iss", "check_failed");
|
|
685
682
|
if (i && a.sub !== i)
|
|
686
683
|
throw new A('unexpected "sub" claim value', a, "sub", "check_failed");
|
|
687
|
-
if (c && !
|
|
684
|
+
if (c && !Ut(a.aud, typeof c == "string" ? [c] : c))
|
|
688
685
|
throw new A('unexpected "aud" claim value', a, "aud", "check_failed");
|
|
689
686
|
let y;
|
|
690
687
|
switch (typeof r.clockTolerance) {
|
|
691
688
|
case "string":
|
|
692
|
-
y =
|
|
689
|
+
y = pe(r.clockTolerance);
|
|
693
690
|
break;
|
|
694
691
|
case "number":
|
|
695
692
|
y = r.clockTolerance;
|
|
@@ -700,7 +697,7 @@ const It = (e) => Math.floor(e.getTime() / 1e3), He = 60, Ke = He * 60, ce = Ke
|
|
|
700
697
|
default:
|
|
701
698
|
throw new TypeError("Invalid clockTolerance option type");
|
|
702
699
|
}
|
|
703
|
-
const { currentDate: E } = r, m =
|
|
700
|
+
const { currentDate: E } = r, m = Ct(E || /* @__PURE__ */ new Date());
|
|
704
701
|
if ((a.iat !== void 0 || d) && typeof a.iat != "number")
|
|
705
702
|
throw new A('"iat" claim must be a number', a, "iat", "invalid");
|
|
706
703
|
if (a.nbf !== void 0) {
|
|
@@ -713,29 +710,29 @@ const It = (e) => Math.floor(e.getTime() / 1e3), He = 60, Ke = He * 60, ce = Ke
|
|
|
713
710
|
if (typeof a.exp != "number")
|
|
714
711
|
throw new A('"exp" claim must be a number', a, "exp", "invalid");
|
|
715
712
|
if (a.exp <= m - y)
|
|
716
|
-
throw new
|
|
713
|
+
throw new le('"exp" claim timestamp check failed', a, "exp", "check_failed");
|
|
717
714
|
}
|
|
718
715
|
if (d) {
|
|
719
|
-
const S = m - a.iat,
|
|
720
|
-
if (S - y >
|
|
721
|
-
throw new
|
|
716
|
+
const S = m - a.iat, ee = typeof d == "number" ? d : pe(d);
|
|
717
|
+
if (S - y > ee)
|
|
718
|
+
throw new le('"iat" claim timestamp check failed (too far in the past)', a, "iat", "check_failed");
|
|
722
719
|
if (S < 0 - y)
|
|
723
720
|
throw new A('"iat" claim timestamp check failed (it should be in the past)', a, "iat", "check_failed");
|
|
724
721
|
}
|
|
725
722
|
return a;
|
|
726
723
|
};
|
|
727
|
-
async function
|
|
724
|
+
async function Kt(e, t, r) {
|
|
728
725
|
var a;
|
|
729
|
-
const n = await
|
|
726
|
+
const n = await It(e, t, r);
|
|
730
727
|
if ((a = n.protectedHeader.crit) != null && a.includes("b64") && n.protectedHeader.b64 === !1)
|
|
731
728
|
throw new Re("JWTs MUST NOT use unencoded payload");
|
|
732
|
-
const s = { payload:
|
|
729
|
+
const s = { payload: Ht(n.protectedHeader, n.payload, r), protectedHeader: n.protectedHeader };
|
|
733
730
|
return typeof t == "function" ? { ...s, key: n.key } : s;
|
|
734
731
|
}
|
|
735
|
-
const
|
|
732
|
+
const K = async (e) => {
|
|
736
733
|
try {
|
|
737
|
-
const t = w.ALG, r = await
|
|
738
|
-
return await
|
|
734
|
+
const t = w.ALG, r = await Et(et, t);
|
|
735
|
+
return await Kt(e, r, {
|
|
739
736
|
issuer: w.ISSUER
|
|
740
737
|
});
|
|
741
738
|
} catch {
|
|
@@ -745,39 +742,39 @@ const H = async (e) => {
|
|
|
745
742
|
var l = [];
|
|
746
743
|
for (var ne = 0; ne < 256; ++ne)
|
|
747
744
|
l.push((ne + 256).toString(16).slice(1));
|
|
748
|
-
function
|
|
745
|
+
function Nt(e, t = 0) {
|
|
749
746
|
return (l[e[t + 0]] + l[e[t + 1]] + l[e[t + 2]] + l[e[t + 3]] + "-" + l[e[t + 4]] + l[e[t + 5]] + "-" + l[e[t + 6]] + l[e[t + 7]] + "-" + l[e[t + 8]] + l[e[t + 9]] + "-" + l[e[t + 10]] + l[e[t + 11]] + l[e[t + 12]] + l[e[t + 13]] + l[e[t + 14]] + l[e[t + 15]]).toLowerCase();
|
|
750
747
|
}
|
|
751
|
-
var
|
|
752
|
-
function
|
|
753
|
-
if (!
|
|
748
|
+
var J, Lt = new Uint8Array(16);
|
|
749
|
+
function $t() {
|
|
750
|
+
if (!J && (J = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !J))
|
|
754
751
|
throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
|
|
755
|
-
return
|
|
752
|
+
return J(Lt);
|
|
756
753
|
}
|
|
757
|
-
var
|
|
758
|
-
const
|
|
759
|
-
randomUUID:
|
|
754
|
+
var Wt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
|
|
755
|
+
const we = {
|
|
756
|
+
randomUUID: Wt
|
|
760
757
|
};
|
|
761
|
-
function
|
|
762
|
-
if (
|
|
763
|
-
return
|
|
758
|
+
function me(e, t, r) {
|
|
759
|
+
if (we.randomUUID && !t && !e)
|
|
760
|
+
return we.randomUUID();
|
|
764
761
|
e = e || {};
|
|
765
|
-
var a = e.random || (e.rng ||
|
|
766
|
-
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128,
|
|
762
|
+
var a = e.random || (e.rng || $t)();
|
|
763
|
+
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128, Nt(a);
|
|
767
764
|
}
|
|
768
|
-
const
|
|
765
|
+
const Ee = globalThis.crypto, Jt = (e) => `${me()}${me()}`.slice(0, e), xt = (e) => btoa(
|
|
769
766
|
[...new Uint8Array(e)].map((t) => String.fromCharCode(t)).join("")
|
|
770
767
|
);
|
|
771
|
-
async function
|
|
772
|
-
if (!
|
|
768
|
+
async function jt(e) {
|
|
769
|
+
if (!Ee.subtle)
|
|
773
770
|
throw new Error(
|
|
774
771
|
"crypto.subtle is available only in secure contexts (HTTPS)."
|
|
775
772
|
);
|
|
776
|
-
const t = new TextEncoder().encode(e), r = await
|
|
777
|
-
return
|
|
773
|
+
const t = new TextEncoder().encode(e), r = await Ee.subtle.digest("SHA-256", t);
|
|
774
|
+
return xt(r).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
|
|
778
775
|
}
|
|
779
|
-
async function
|
|
780
|
-
const r =
|
|
776
|
+
async function Mt(e) {
|
|
777
|
+
const r = Jt(43), a = await jt(r);
|
|
781
778
|
return {
|
|
782
779
|
code_verifier: r,
|
|
783
780
|
code_challenge: a
|
|
@@ -786,84 +783,81 @@ async function jt(e) {
|
|
|
786
783
|
function Ne(e, t) {
|
|
787
784
|
window.dispatchEvent(new StorageEvent("storage", { key: e, newValue: t }));
|
|
788
785
|
}
|
|
789
|
-
const
|
|
786
|
+
const Se = (e, t) => {
|
|
790
787
|
const r = JSON.stringify(
|
|
791
788
|
typeof t == "function" ? t() : t
|
|
792
789
|
);
|
|
793
790
|
window.localStorage.setItem(e, r), Ne(e, r);
|
|
794
|
-
},
|
|
791
|
+
}, Vt = (e) => {
|
|
795
792
|
window.localStorage.removeItem(e), Ne(e, null);
|
|
796
|
-
},
|
|
797
|
-
function
|
|
793
|
+
}, ge = (e) => window.localStorage.getItem(e), Yt = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
|
|
794
|
+
function x({
|
|
798
795
|
key: e,
|
|
799
796
|
initialValue: t
|
|
800
797
|
}) {
|
|
801
|
-
const r = () =>
|
|
802
|
-
|
|
803
|
-
r
|
|
804
|
-
), n = U.useCallback(
|
|
805
|
-
(i) => {
|
|
798
|
+
const r = Ge(Yt, () => ge(e)), a = H(
|
|
799
|
+
(o) => {
|
|
806
800
|
try {
|
|
807
|
-
const
|
|
808
|
-
|
|
809
|
-
} catch (
|
|
810
|
-
console.warn(
|
|
801
|
+
const i = typeof o == "function" ? o(JSON.parse(r)) : o;
|
|
802
|
+
i == null ? Vt(e) : Se(e, i);
|
|
803
|
+
} catch (i) {
|
|
804
|
+
console.warn(i);
|
|
811
805
|
}
|
|
812
806
|
},
|
|
813
|
-
[e,
|
|
814
|
-
),
|
|
815
|
-
|
|
816
|
-
}, [t,
|
|
817
|
-
|
|
818
|
-
}, [
|
|
819
|
-
return
|
|
807
|
+
[e, r]
|
|
808
|
+
), n = H(() => {
|
|
809
|
+
a(t);
|
|
810
|
+
}, [t, a]), s = H(() => {
|
|
811
|
+
a(null);
|
|
812
|
+
}, [a]);
|
|
813
|
+
return ve(() => {
|
|
820
814
|
try {
|
|
821
|
-
|
|
822
|
-
} catch (
|
|
823
|
-
console.warn(
|
|
815
|
+
ge(e) === null && typeof t < "u" && Se(e, t);
|
|
816
|
+
} catch (o) {
|
|
817
|
+
console.warn(o);
|
|
824
818
|
}
|
|
825
|
-
}, [e, t]), [
|
|
819
|
+
}, [e, t]), [r ? JSON.parse(r) : null, a, n, s];
|
|
826
820
|
}
|
|
827
821
|
var h = [];
|
|
828
822
|
for (var se = 0; se < 256; ++se)
|
|
829
823
|
h.push((se + 256).toString(16).slice(1));
|
|
830
|
-
function
|
|
824
|
+
function Bt(e, t = 0) {
|
|
831
825
|
return (h[e[t + 0]] + h[e[t + 1]] + h[e[t + 2]] + h[e[t + 3]] + "-" + h[e[t + 4]] + h[e[t + 5]] + "-" + h[e[t + 6]] + h[e[t + 7]] + "-" + h[e[t + 8]] + h[e[t + 9]] + "-" + h[e[t + 10]] + h[e[t + 11]] + h[e[t + 12]] + h[e[t + 13]] + h[e[t + 14]] + h[e[t + 15]]).toLowerCase();
|
|
832
826
|
}
|
|
833
|
-
var
|
|
834
|
-
function
|
|
835
|
-
if (!
|
|
827
|
+
var j, Ft = new Uint8Array(16);
|
|
828
|
+
function Gt() {
|
|
829
|
+
if (!j && (j = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !j))
|
|
836
830
|
throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
|
|
837
|
-
return
|
|
831
|
+
return j(Ft);
|
|
838
832
|
}
|
|
839
|
-
var
|
|
840
|
-
const
|
|
841
|
-
randomUUID:
|
|
833
|
+
var qt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
|
|
834
|
+
const Ae = {
|
|
835
|
+
randomUUID: qt
|
|
842
836
|
};
|
|
843
|
-
function
|
|
844
|
-
if (
|
|
845
|
-
return
|
|
837
|
+
function zt(e, t, r) {
|
|
838
|
+
if (Ae.randomUUID && !t && !e)
|
|
839
|
+
return Ae.randomUUID();
|
|
846
840
|
e = e || {};
|
|
847
|
-
var a = e.random || (e.rng ||
|
|
848
|
-
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128,
|
|
841
|
+
var a = e.random || (e.rng || Gt)();
|
|
842
|
+
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128, Bt(a);
|
|
849
843
|
}
|
|
850
|
-
const
|
|
844
|
+
const M = "Oops! It looks like your session has expired. For your security, please log in again to continue.", Xt = "Your session has been successfully terminated.", Te = "Login failed. Please try again.", oe = "Error getting access token, please re-authenticate.", Qt = "You forgot to wrap your component in <AuthProvider>.", ke = {
|
|
851
845
|
dev: "https://auth.gizmette.local.com:3003",
|
|
852
846
|
prod: "https://mylogin.gizmette.com"
|
|
853
|
-
},
|
|
847
|
+
}, V = "@@auth@@", Zt = process.env.NODE_ENV === "production", er = !Zt, Z = async ({
|
|
854
848
|
type: e,
|
|
855
849
|
clientId: t,
|
|
856
850
|
params: r = {}
|
|
857
851
|
}) => {
|
|
858
852
|
try {
|
|
859
853
|
const a = await fetch(
|
|
860
|
-
|
|
854
|
+
er ? `${ke.dev}/${e}` : `${ke.prod}/${e}`,
|
|
861
855
|
{
|
|
862
856
|
credentials: "include",
|
|
863
857
|
method: "POST",
|
|
864
858
|
headers: {
|
|
865
859
|
"Content-Type": "application/json",
|
|
866
|
-
[
|
|
860
|
+
[Ze.CLIENT_ID]: `${t}`
|
|
867
861
|
},
|
|
868
862
|
body: JSON.stringify(r)
|
|
869
863
|
}
|
|
@@ -879,7 +873,7 @@ const j = "Oops! It looks like your session has expired. For your security, plea
|
|
|
879
873
|
} catch (a) {
|
|
880
874
|
return console.error(a), { status: 500, data: [] };
|
|
881
875
|
}
|
|
882
|
-
},
|
|
876
|
+
}, tr = async ({
|
|
883
877
|
idToken: e,
|
|
884
878
|
accessToken: t,
|
|
885
879
|
refreshToken: r,
|
|
@@ -888,8 +882,8 @@ const j = "Oops! It looks like your session has expired. For your security, plea
|
|
|
888
882
|
}) => {
|
|
889
883
|
try {
|
|
890
884
|
return {
|
|
891
|
-
status: (await
|
|
892
|
-
type:
|
|
885
|
+
status: (await Z({
|
|
886
|
+
type: z.LOGOUT,
|
|
893
887
|
clientId: a,
|
|
894
888
|
params: {
|
|
895
889
|
idToken: e,
|
|
@@ -916,11 +910,11 @@ const j = "Oops! It looks like your session has expired. For your security, plea
|
|
|
916
910
|
domain: c
|
|
917
911
|
}) => {
|
|
918
912
|
try {
|
|
919
|
-
const d = await
|
|
920
|
-
type:
|
|
913
|
+
const d = await Z({
|
|
914
|
+
type: z.AUTHENTICATE,
|
|
921
915
|
clientId: r,
|
|
922
916
|
params: {
|
|
923
|
-
type: n ||
|
|
917
|
+
type: n || q.ID_AND_ACCESS_TOKEN,
|
|
924
918
|
username: e,
|
|
925
919
|
password: t,
|
|
926
920
|
sessionExpiration: s,
|
|
@@ -929,7 +923,7 @@ const j = "Oops! It looks like your session has expired. For your security, plea
|
|
|
929
923
|
code_verifier: i,
|
|
930
924
|
domain: c
|
|
931
925
|
}
|
|
932
|
-
}), p = await
|
|
926
|
+
}), p = await K(d.data.idToken);
|
|
933
927
|
return p && p.payload[w.USER_ID_KEY] !== "" && p.payload[w.NONCE_KEY] === a ? {
|
|
934
928
|
idToken: d.data.idToken,
|
|
935
929
|
accessToken: d.data.accessToken,
|
|
@@ -944,17 +938,17 @@ const j = "Oops! It looks like your session has expired. For your security, plea
|
|
|
944
938
|
status: !1
|
|
945
939
|
};
|
|
946
940
|
}
|
|
947
|
-
},
|
|
941
|
+
}, rr = async ({
|
|
948
942
|
nonce: e,
|
|
949
943
|
clientId: t,
|
|
950
944
|
code_challenge: r
|
|
951
945
|
}) => {
|
|
952
946
|
try {
|
|
953
|
-
const a = await
|
|
954
|
-
type:
|
|
947
|
+
const a = await Z({
|
|
948
|
+
type: z.CODE,
|
|
955
949
|
clientId: t,
|
|
956
950
|
params: {
|
|
957
|
-
type:
|
|
951
|
+
type: q.CODE,
|
|
958
952
|
nonce: e,
|
|
959
953
|
code_challenge: r
|
|
960
954
|
}
|
|
@@ -970,7 +964,7 @@ const j = "Oops! It looks like your session has expired. For your security, plea
|
|
|
970
964
|
status: !1
|
|
971
965
|
};
|
|
972
966
|
}
|
|
973
|
-
},
|
|
967
|
+
}, ar = async ({
|
|
974
968
|
clientId: e,
|
|
975
969
|
userId: t,
|
|
976
970
|
nonce: r,
|
|
@@ -979,18 +973,18 @@ const j = "Oops! It looks like your session has expired. For your security, plea
|
|
|
979
973
|
domain: s
|
|
980
974
|
}) => {
|
|
981
975
|
try {
|
|
982
|
-
const o = await
|
|
983
|
-
type:
|
|
976
|
+
const o = await Z({
|
|
977
|
+
type: z.AUTHENTICATE,
|
|
984
978
|
clientId: e,
|
|
985
979
|
params: {
|
|
986
|
-
type:
|
|
980
|
+
type: q.REFRESH_TOKEN,
|
|
987
981
|
userId: t,
|
|
988
982
|
nonce: r,
|
|
989
983
|
refreshToken: a,
|
|
990
984
|
accessToken: n,
|
|
991
985
|
domain: s
|
|
992
986
|
}
|
|
993
|
-
}), i = await
|
|
987
|
+
}), i = await K(o.data.accessToken);
|
|
994
988
|
return i && i.payload[w.USER_ID_KEY] !== "" && i.payload[w.NONCE_KEY] === r ? {
|
|
995
989
|
accessToken: o.data.accessToken,
|
|
996
990
|
refreshToken: o.data.refreshToken,
|
|
@@ -1005,11 +999,11 @@ const j = "Oops! It looks like your session has expired. For your security, plea
|
|
|
1005
999
|
};
|
|
1006
1000
|
}
|
|
1007
1001
|
};
|
|
1008
|
-
class
|
|
1002
|
+
class nr {
|
|
1009
1003
|
constructor(t = null, r = null) {
|
|
1010
|
-
|
|
1011
|
-
|
|
1012
|
-
|
|
1004
|
+
L(this, "refreshTokenPromise", null);
|
|
1005
|
+
L(this, "accessToken");
|
|
1006
|
+
L(this, "refreshToken");
|
|
1013
1007
|
this.accessToken = t || "", this.refreshToken = r || "";
|
|
1014
1008
|
}
|
|
1015
1009
|
async refreshtoken({
|
|
@@ -1036,9 +1030,9 @@ class ar {
|
|
|
1036
1030
|
nonce: a,
|
|
1037
1031
|
domain: n
|
|
1038
1032
|
}) {
|
|
1039
|
-
const s = await
|
|
1033
|
+
const s = await K(this.refreshToken);
|
|
1040
1034
|
if (s && s.payload[w.USER_ID_KEY] !== "") {
|
|
1041
|
-
const o = await
|
|
1035
|
+
const o = await ar({
|
|
1042
1036
|
clientId: t,
|
|
1043
1037
|
userId: r,
|
|
1044
1038
|
nonce: a,
|
|
@@ -1059,15 +1053,15 @@ class ar {
|
|
|
1059
1053
|
};
|
|
1060
1054
|
}
|
|
1061
1055
|
}
|
|
1062
|
-
const
|
|
1063
|
-
throw new Error(
|
|
1064
|
-
}, Le =
|
|
1056
|
+
const Y = () => {
|
|
1057
|
+
throw new Error(Qt);
|
|
1058
|
+
}, Le = qe({
|
|
1065
1059
|
isAuthenticated: !1,
|
|
1066
1060
|
isLoading: !1,
|
|
1067
|
-
login:
|
|
1068
|
-
logout:
|
|
1069
|
-
getAccessToken:
|
|
1070
|
-
getIdToken:
|
|
1061
|
+
login: Y,
|
|
1062
|
+
logout: Y,
|
|
1063
|
+
getAccessToken: Y,
|
|
1064
|
+
getIdToken: Y,
|
|
1071
1065
|
logoutReason: ""
|
|
1072
1066
|
}), ur = ({
|
|
1073
1067
|
children: e,
|
|
@@ -1075,41 +1069,41 @@ const V = () => {
|
|
|
1075
1069
|
clientId: r,
|
|
1076
1070
|
domain: a = ""
|
|
1077
1071
|
}) => {
|
|
1078
|
-
const n =
|
|
1079
|
-
key: `${
|
|
1080
|
-
}), [c, d, , p] =
|
|
1081
|
-
key: `${
|
|
1082
|
-
}), [y, E, , m] =
|
|
1072
|
+
const n = ze(!1), [s, o, , i] = x({
|
|
1073
|
+
key: `${V}::${r}::@@user@@`
|
|
1074
|
+
}), [c, d, , p] = x({
|
|
1075
|
+
key: `${V}::${r}::@@access@@`
|
|
1076
|
+
}), [y, E, , m] = x(
|
|
1083
1077
|
{
|
|
1084
|
-
key: `${
|
|
1078
|
+
key: `${V}::${r}::@@refresh@@`
|
|
1085
1079
|
}
|
|
1086
|
-
), [S,
|
|
1087
|
-
key: `${
|
|
1088
|
-
}), $e = new
|
|
1080
|
+
), [S, ee, , ue] = x({
|
|
1081
|
+
key: `${V}::${r}::@@nonce@@`
|
|
1082
|
+
}), $e = new nr(c, y), [P, T] = Xe({
|
|
1089
1083
|
isLoading: !0,
|
|
1090
1084
|
isAuthenticated: !1,
|
|
1091
1085
|
user: void 0,
|
|
1092
1086
|
logoutReason: ""
|
|
1093
|
-
}),
|
|
1087
|
+
}), N = H(
|
|
1094
1088
|
(u) => {
|
|
1095
|
-
console.warn(u),
|
|
1089
|
+
console.warn(u), T({
|
|
1096
1090
|
isLoading: !0,
|
|
1097
1091
|
isAuthenticated: !1,
|
|
1098
1092
|
user: void 0,
|
|
1099
|
-
logoutReason: u ||
|
|
1093
|
+
logoutReason: u || M
|
|
1100
1094
|
}), i(), p(), m(), ue();
|
|
1101
1095
|
},
|
|
1102
1096
|
[p, i, ue, m]
|
|
1103
|
-
), R =
|
|
1097
|
+
), R = H(
|
|
1104
1098
|
async (u) => {
|
|
1105
|
-
|
|
1099
|
+
N(u || M), await tr({
|
|
1106
1100
|
idToken: s,
|
|
1107
1101
|
accessToken: c,
|
|
1108
1102
|
refreshToken: y,
|
|
1109
1103
|
clientId: r,
|
|
1110
1104
|
domain: a
|
|
1111
|
-
}),
|
|
1112
|
-
...
|
|
1105
|
+
}), T((_) => ({
|
|
1106
|
+
..._,
|
|
1113
1107
|
isLoading: !1
|
|
1114
1108
|
}));
|
|
1115
1109
|
},
|
|
@@ -1119,15 +1113,15 @@ const V = () => {
|
|
|
1119
1113
|
a,
|
|
1120
1114
|
s,
|
|
1121
1115
|
y,
|
|
1122
|
-
|
|
1116
|
+
N
|
|
1123
1117
|
]
|
|
1124
1118
|
);
|
|
1125
|
-
|
|
1119
|
+
ve(() => {
|
|
1126
1120
|
if (!n.current)
|
|
1127
1121
|
return P.isLoading && s !== null ? (async () => {
|
|
1128
1122
|
try {
|
|
1129
|
-
const u = await
|
|
1130
|
-
u && u.payload[w.USER_ID_KEY] !== "" ?
|
|
1123
|
+
const u = await K(s);
|
|
1124
|
+
u && u.payload[w.USER_ID_KEY] !== "" ? T({
|
|
1131
1125
|
isLoading: !1,
|
|
1132
1126
|
isAuthenticated: !0,
|
|
1133
1127
|
user: {
|
|
@@ -1135,83 +1129,89 @@ const V = () => {
|
|
|
1135
1129
|
username: u.payload[w.USERNAME_KEY]
|
|
1136
1130
|
},
|
|
1137
1131
|
logoutReason: ""
|
|
1138
|
-
}) : await R(
|
|
1132
|
+
}) : await R(M);
|
|
1139
1133
|
} catch {
|
|
1140
|
-
await R(
|
|
1134
|
+
await R(M);
|
|
1141
1135
|
}
|
|
1142
|
-
})() :
|
|
1136
|
+
})() : T((u) => ({
|
|
1143
1137
|
...u,
|
|
1144
1138
|
isLoading: !1
|
|
1145
1139
|
})), () => {
|
|
1146
1140
|
n.current = !0;
|
|
1147
1141
|
};
|
|
1148
1142
|
}, [P.isLoading, s, R]);
|
|
1149
|
-
const We = async (u,
|
|
1150
|
-
const I =
|
|
1151
|
-
if (
|
|
1152
|
-
...
|
|
1143
|
+
const We = async (u, _, g) => {
|
|
1144
|
+
const I = zt();
|
|
1145
|
+
if (ee(I), T((D) => ({
|
|
1146
|
+
...D,
|
|
1153
1147
|
isLoading: !0
|
|
1154
|
-
})), i(), p(), m(), g ===
|
|
1155
|
-
const { code_verifier:
|
|
1148
|
+
})), i(), p(), m(), g === q.CODE) {
|
|
1149
|
+
const { code_verifier: D, code_challenge: Me } = await Mt(), de = await rr({
|
|
1156
1150
|
nonce: I,
|
|
1157
1151
|
clientId: r,
|
|
1158
1152
|
code_challenge: Me
|
|
1159
1153
|
});
|
|
1160
1154
|
if (de.status) {
|
|
1161
|
-
const
|
|
1155
|
+
const U = await _e({
|
|
1162
1156
|
username: u,
|
|
1163
|
-
password:
|
|
1157
|
+
password: _,
|
|
1164
1158
|
clientId: r,
|
|
1165
1159
|
sessionExpiration: t,
|
|
1166
1160
|
nonce: I,
|
|
1167
1161
|
type: g,
|
|
1168
1162
|
code: de.code,
|
|
1169
|
-
code_verifier:
|
|
1163
|
+
code_verifier: D,
|
|
1170
1164
|
domain: a
|
|
1171
1165
|
});
|
|
1172
|
-
return
|
|
1166
|
+
return U.status ? (o(U.idToken), d(U.accessToken), E(U.refreshToken), T({
|
|
1173
1167
|
isLoading: !1,
|
|
1174
1168
|
isAuthenticated: !0,
|
|
1175
1169
|
user: {
|
|
1176
|
-
userId:
|
|
1170
|
+
userId: U.userId,
|
|
1177
1171
|
username: u
|
|
1178
1172
|
},
|
|
1179
1173
|
logoutReason: ""
|
|
1180
|
-
}), !0) : (
|
|
1174
|
+
}), !0) : (N(Te), T((Ve) => ({
|
|
1175
|
+
...Ve,
|
|
1176
|
+
isLoading: !1
|
|
1177
|
+
})), !1);
|
|
1181
1178
|
}
|
|
1182
1179
|
return !1;
|
|
1183
1180
|
}
|
|
1184
1181
|
const O = await _e({
|
|
1185
1182
|
username: u,
|
|
1186
|
-
password:
|
|
1183
|
+
password: _,
|
|
1187
1184
|
clientId: r,
|
|
1188
1185
|
sessionExpiration: t,
|
|
1189
1186
|
nonce: I,
|
|
1190
1187
|
type: g,
|
|
1191
1188
|
domain: a
|
|
1192
1189
|
});
|
|
1193
|
-
return O.status ? (o(O.idToken), d(O.accessToken), E(O.refreshToken),
|
|
1190
|
+
return O.status ? (o(O.idToken), d(O.accessToken), E(O.refreshToken), T({
|
|
1194
1191
|
isLoading: !1,
|
|
1195
1192
|
isAuthenticated: !0,
|
|
1196
1193
|
user: {
|
|
1197
1194
|
userId: O.userId,
|
|
1198
1195
|
username: u
|
|
1199
1196
|
}
|
|
1200
|
-
}), !0) : (
|
|
1197
|
+
}), !0) : (N(Te), T((D) => ({
|
|
1198
|
+
...D,
|
|
1199
|
+
isLoading: !1
|
|
1200
|
+
})), !1);
|
|
1201
1201
|
}, Je = async (u) => {
|
|
1202
|
-
u == null || u.preventDefault(), await R(
|
|
1202
|
+
u == null || u.preventDefault(), await R(Xt);
|
|
1203
1203
|
}, xe = async () => {
|
|
1204
|
-
const { isAuthenticated: u, user:
|
|
1204
|
+
const { isAuthenticated: u, user: _ } = P;
|
|
1205
1205
|
try {
|
|
1206
|
-
if (u &&
|
|
1206
|
+
if (u && _ && _.userId) {
|
|
1207
1207
|
if (c) {
|
|
1208
|
-
const I = await
|
|
1208
|
+
const I = await K(c);
|
|
1209
1209
|
if (I && I.payload[w.USER_ID_KEY] !== "")
|
|
1210
1210
|
return c;
|
|
1211
1211
|
}
|
|
1212
1212
|
const g = await $e.refreshtoken({
|
|
1213
1213
|
clientId: r,
|
|
1214
|
-
userId:
|
|
1214
|
+
userId: _.userId,
|
|
1215
1215
|
nonce: S,
|
|
1216
1216
|
domain: a
|
|
1217
1217
|
});
|
|
@@ -1225,16 +1225,16 @@ const V = () => {
|
|
|
1225
1225
|
if (P.isAuthenticated && s)
|
|
1226
1226
|
return s;
|
|
1227
1227
|
};
|
|
1228
|
-
return /* @__PURE__ */
|
|
1228
|
+
return /* @__PURE__ */ Fe(
|
|
1229
1229
|
Le.Provider,
|
|
1230
1230
|
{
|
|
1231
1231
|
value: { ...P, login: We, logout: Je, getAccessToken: xe, getIdToken: je },
|
|
1232
1232
|
children: e
|
|
1233
1233
|
}
|
|
1234
1234
|
);
|
|
1235
|
-
}, dr = (e = Le) =>
|
|
1235
|
+
}, dr = (e = Le) => Qe(e);
|
|
1236
1236
|
export {
|
|
1237
|
-
|
|
1237
|
+
q as AUTH_TYPES,
|
|
1238
1238
|
ur as AuthProvider,
|
|
1239
1239
|
dr as useAuth
|
|
1240
1240
|
};
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@versini/auth-provider",
|
|
3
|
-
"version": "5.1.
|
|
3
|
+
"version": "5.1.2",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"author": "Arno Versini",
|
|
6
6
|
"publishConfig": {
|
|
@@ -45,9 +45,9 @@
|
|
|
45
45
|
},
|
|
46
46
|
"dependencies": {
|
|
47
47
|
"@versini/auth-common": "2.11.0",
|
|
48
|
-
"@versini/ui-hooks": "4.0.
|
|
48
|
+
"@versini/ui-hooks": "4.0.1",
|
|
49
49
|
"jose": "5.6.3",
|
|
50
50
|
"uuid": "10.0.0"
|
|
51
51
|
},
|
|
52
|
-
"gitHead": "
|
|
52
|
+
"gitHead": "b422f26798753972e8db4e33c6168245aa53a1e0"
|
|
53
53
|
}
|