@versini/auth-provider 5.1.1 → 5.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +385 -380
- package/package.json +3 -3
package/dist/index.js
CHANGED
|
@@ -1,17 +1,16 @@
|
|
|
1
|
-
var
|
|
2
|
-
var
|
|
3
|
-
var
|
|
4
|
-
import { jsx as
|
|
5
|
-
import
|
|
6
|
-
import { createContext as Fe, useRef as Ge, useState as qe, useCallback as le, useEffect as ze, useContext as Xe } from "react";
|
|
1
|
+
var Ye = Object.defineProperty;
|
|
2
|
+
var Be = (e, t, r) => t in e ? Ye(e, t, { enumerable: !0, configurable: !0, writable: !0, value: r }) : e[t] = r;
|
|
3
|
+
var L = (e, t, r) => Be(e, typeof t != "symbol" ? t + "" : t, r);
|
|
4
|
+
import { jsx as Fe } from "react/jsx-runtime";
|
|
5
|
+
import { useSyncExternalStore as Ge, useCallback as H, useEffect as ve, createContext as qe, useRef as ze, useState as Xe, useContext as Qe } from "react";
|
|
7
6
|
/*!
|
|
8
|
-
@versini/auth-provider v5.1.
|
|
7
|
+
@versini/auth-provider v5.1.3
|
|
9
8
|
© 2024 gizmette.com
|
|
10
9
|
*/
|
|
11
10
|
try {
|
|
12
11
|
window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
|
|
13
|
-
version: "5.1.
|
|
14
|
-
buildTime: "07/
|
|
12
|
+
version: "5.1.3",
|
|
13
|
+
buildTime: "07/09/2024 03:32 PM EDT",
|
|
15
14
|
homepage: "https://github.com/aversini/auth-client",
|
|
16
15
|
license: "MIT"
|
|
17
16
|
});
|
|
@@ -24,19 +23,19 @@ try {
|
|
|
24
23
|
try {
|
|
25
24
|
window.__VERSINI_AUTH_COMMON__ || (window.__VERSINI_AUTH_COMMON__ = {
|
|
26
25
|
version: "2.11.0",
|
|
27
|
-
buildTime: "07/
|
|
26
|
+
buildTime: "07/09/2024 03:32 PM EDT",
|
|
28
27
|
homepage: "https://github.com/aversini/auth-client",
|
|
29
28
|
license: "MIT"
|
|
30
29
|
});
|
|
31
30
|
} catch {
|
|
32
31
|
}
|
|
33
|
-
const
|
|
32
|
+
const q = {
|
|
34
33
|
ID_TOKEN: "id_token",
|
|
35
34
|
ACCESS_TOKEN: "token",
|
|
36
35
|
ID_AND_ACCESS_TOKEN: "id_token token",
|
|
37
36
|
CODE: "code",
|
|
38
37
|
REFRESH_TOKEN: "refresh_token"
|
|
39
|
-
},
|
|
38
|
+
}, Ze = {
|
|
40
39
|
CLIENT_ID: "X-Auth-ClientId"
|
|
41
40
|
}, w = {
|
|
42
41
|
ALG: "RS256",
|
|
@@ -45,7 +44,7 @@ const G = {
|
|
|
45
44
|
NONCE_KEY: "_nonce",
|
|
46
45
|
USERNAME_KEY: "username",
|
|
47
46
|
ISSUER: "gizmette.com"
|
|
48
|
-
},
|
|
47
|
+
}, et = `-----BEGIN PUBLIC KEY-----
|
|
49
48
|
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6i3Jd9fY/3COqCw/m7
|
|
50
49
|
w5PKyTYLGAI2I6SIIdpe6i6DOCbEkmDz7LdVsBqwNtVi8gvWYIj+8ol6rU3qu1v5
|
|
51
50
|
i1Jd45GSK4kzkVdgCmQZbM5ak0KI99q5wsrAIzUd+LRJ2HRvWtr5IYdsIiXaQjle
|
|
@@ -53,33 +52,33 @@ aMwPFOIcJH+rKfFgNcHLcaS5syp7zU1ANwZ+trgR+DifBr8TLVkBynmNeTyhDm2+
|
|
|
53
52
|
l0haqjMk0UoNPPE8iYBWUHQJJE1Dqstj65d6Eh5g64Pao25y4cmYJbKjiblIGEkE
|
|
54
53
|
sjqybA9mARAqh9k/eiIopecWSiffNQTwVQVd2I9ZH3BalhEXHlqFgrjz51kFqg81
|
|
55
54
|
awIDAQAB
|
|
56
|
-
-----END PUBLIC KEY-----`,
|
|
55
|
+
-----END PUBLIC KEY-----`, z = {
|
|
57
56
|
AUTHENTICATE: "authenticate",
|
|
58
57
|
CODE: "code",
|
|
59
58
|
LOGOUT: "logout"
|
|
60
|
-
},
|
|
61
|
-
function
|
|
62
|
-
const t = e.reduce((n, { length:
|
|
59
|
+
}, X = crypto, be = (e) => e instanceof CryptoKey, $ = new TextEncoder(), Q = new TextDecoder();
|
|
60
|
+
function tt(...e) {
|
|
61
|
+
const t = e.reduce((n, { length: o }) => n + o, 0), r = new Uint8Array(t);
|
|
63
62
|
let a = 0;
|
|
64
63
|
for (const n of e)
|
|
65
64
|
r.set(n, a), a += n.length;
|
|
66
65
|
return r;
|
|
67
66
|
}
|
|
68
|
-
const
|
|
67
|
+
const rt = (e) => {
|
|
69
68
|
const t = atob(e), r = new Uint8Array(t.length);
|
|
70
69
|
for (let a = 0; a < t.length; a++)
|
|
71
70
|
r[a] = t.charCodeAt(a);
|
|
72
71
|
return r;
|
|
73
|
-
},
|
|
72
|
+
}, B = (e) => {
|
|
74
73
|
let t = e;
|
|
75
|
-
t instanceof Uint8Array && (t =
|
|
74
|
+
t instanceof Uint8Array && (t = Q.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
|
|
76
75
|
try {
|
|
77
|
-
return
|
|
76
|
+
return rt(t);
|
|
78
77
|
} catch {
|
|
79
78
|
throw new TypeError("The input to be decoded is not correctly encoded.");
|
|
80
79
|
}
|
|
81
80
|
};
|
|
82
|
-
class
|
|
81
|
+
class P extends Error {
|
|
83
82
|
static get code() {
|
|
84
83
|
return "ERR_JOSE_GENERIC";
|
|
85
84
|
}
|
|
@@ -88,7 +87,7 @@ class C extends Error {
|
|
|
88
87
|
super(t), this.code = "ERR_JOSE_GENERIC", this.name = this.constructor.name, (r = Error.captureStackTrace) == null || r.call(Error, this, this.constructor);
|
|
89
88
|
}
|
|
90
89
|
}
|
|
91
|
-
class
|
|
90
|
+
class T extends P {
|
|
92
91
|
static get code() {
|
|
93
92
|
return "ERR_JWT_CLAIM_VALIDATION_FAILED";
|
|
94
93
|
}
|
|
@@ -96,7 +95,7 @@ class A extends C {
|
|
|
96
95
|
super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = a, this.reason = n, this.payload = r;
|
|
97
96
|
}
|
|
98
97
|
}
|
|
99
|
-
class
|
|
98
|
+
class le extends P {
|
|
100
99
|
static get code() {
|
|
101
100
|
return "ERR_JWT_EXPIRED";
|
|
102
101
|
}
|
|
@@ -104,7 +103,7 @@ class he extends C {
|
|
|
104
103
|
super(t), this.code = "ERR_JWT_EXPIRED", this.claim = a, this.reason = n, this.payload = r;
|
|
105
104
|
}
|
|
106
105
|
}
|
|
107
|
-
class
|
|
106
|
+
class at extends P {
|
|
108
107
|
constructor() {
|
|
109
108
|
super(...arguments), this.code = "ERR_JOSE_ALG_NOT_ALLOWED";
|
|
110
109
|
}
|
|
@@ -112,30 +111,31 @@ class rt extends C {
|
|
|
112
111
|
return "ERR_JOSE_ALG_NOT_ALLOWED";
|
|
113
112
|
}
|
|
114
113
|
}
|
|
115
|
-
|
|
114
|
+
class b extends P {
|
|
116
115
|
constructor() {
|
|
117
116
|
super(...arguments), this.code = "ERR_JOSE_NOT_SUPPORTED";
|
|
118
117
|
}
|
|
119
118
|
static get code() {
|
|
120
119
|
return "ERR_JOSE_NOT_SUPPORTED";
|
|
121
120
|
}
|
|
122
|
-
}
|
|
121
|
+
}
|
|
122
|
+
class f extends P {
|
|
123
123
|
constructor() {
|
|
124
124
|
super(...arguments), this.code = "ERR_JWS_INVALID";
|
|
125
125
|
}
|
|
126
126
|
static get code() {
|
|
127
127
|
return "ERR_JWS_INVALID";
|
|
128
128
|
}
|
|
129
|
-
}
|
|
130
|
-
|
|
129
|
+
}
|
|
130
|
+
let Re = class extends P {
|
|
131
131
|
constructor() {
|
|
132
132
|
super(...arguments), this.code = "ERR_JWT_INVALID";
|
|
133
133
|
}
|
|
134
134
|
static get code() {
|
|
135
135
|
return "ERR_JWT_INVALID";
|
|
136
136
|
}
|
|
137
|
-
}
|
|
138
|
-
class
|
|
137
|
+
};
|
|
138
|
+
class nt extends P {
|
|
139
139
|
constructor() {
|
|
140
140
|
super(...arguments), this.code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED", this.message = "signature verification failed";
|
|
141
141
|
}
|
|
@@ -143,16 +143,16 @@ class at extends C {
|
|
|
143
143
|
return "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
|
|
144
144
|
}
|
|
145
145
|
}
|
|
146
|
-
function
|
|
146
|
+
function _(e, t = "algorithm.name") {
|
|
147
147
|
return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`);
|
|
148
148
|
}
|
|
149
|
-
function
|
|
149
|
+
function W(e, t) {
|
|
150
150
|
return e.name === t;
|
|
151
151
|
}
|
|
152
152
|
function te(e) {
|
|
153
153
|
return parseInt(e.name.slice(4), 10);
|
|
154
154
|
}
|
|
155
|
-
function
|
|
155
|
+
function st(e) {
|
|
156
156
|
switch (e) {
|
|
157
157
|
case "ES256":
|
|
158
158
|
return "P-256";
|
|
@@ -164,83 +164,81 @@ function nt(e) {
|
|
|
164
164
|
throw new Error("unreachable");
|
|
165
165
|
}
|
|
166
166
|
}
|
|
167
|
-
function
|
|
167
|
+
function ot(e, t) {
|
|
168
168
|
if (t.length && !t.some((r) => e.usages.includes(r))) {
|
|
169
169
|
let r = "CryptoKey does not support this operation, its usages must include ";
|
|
170
170
|
if (t.length > 2) {
|
|
171
171
|
const a = t.pop();
|
|
172
172
|
r += `one of ${t.join(", ")}, or ${a}.`;
|
|
173
|
-
} else
|
|
174
|
-
t.length === 2 ? r += `one of ${t[0]} or ${t[1]}.` : r += `${t[0]}.`;
|
|
173
|
+
} else t.length === 2 ? r += `one of ${t[0]} or ${t[1]}.` : r += `${t[0]}.`;
|
|
175
174
|
throw new TypeError(r);
|
|
176
175
|
}
|
|
177
176
|
}
|
|
178
|
-
function
|
|
177
|
+
function it(e, t, ...r) {
|
|
179
178
|
switch (t) {
|
|
180
179
|
case "HS256":
|
|
181
180
|
case "HS384":
|
|
182
181
|
case "HS512": {
|
|
183
|
-
if (
|
|
184
|
-
throw
|
|
182
|
+
if (!W(e.algorithm, "HMAC"))
|
|
183
|
+
throw _("HMAC");
|
|
185
184
|
const a = parseInt(t.slice(2), 10);
|
|
186
185
|
if (te(e.algorithm.hash) !== a)
|
|
187
|
-
throw
|
|
186
|
+
throw _(`SHA-${a}`, "algorithm.hash");
|
|
188
187
|
break;
|
|
189
188
|
}
|
|
190
189
|
case "RS256":
|
|
191
190
|
case "RS384":
|
|
192
191
|
case "RS512": {
|
|
193
|
-
if (
|
|
194
|
-
throw
|
|
192
|
+
if (!W(e.algorithm, "RSASSA-PKCS1-v1_5"))
|
|
193
|
+
throw _("RSASSA-PKCS1-v1_5");
|
|
195
194
|
const a = parseInt(t.slice(2), 10);
|
|
196
195
|
if (te(e.algorithm.hash) !== a)
|
|
197
|
-
throw
|
|
196
|
+
throw _(`SHA-${a}`, "algorithm.hash");
|
|
198
197
|
break;
|
|
199
198
|
}
|
|
200
199
|
case "PS256":
|
|
201
200
|
case "PS384":
|
|
202
201
|
case "PS512": {
|
|
203
|
-
if (
|
|
204
|
-
throw
|
|
202
|
+
if (!W(e.algorithm, "RSA-PSS"))
|
|
203
|
+
throw _("RSA-PSS");
|
|
205
204
|
const a = parseInt(t.slice(2), 10);
|
|
206
205
|
if (te(e.algorithm.hash) !== a)
|
|
207
|
-
throw
|
|
206
|
+
throw _(`SHA-${a}`, "algorithm.hash");
|
|
208
207
|
break;
|
|
209
208
|
}
|
|
210
209
|
case "EdDSA": {
|
|
211
210
|
if (e.algorithm.name !== "Ed25519" && e.algorithm.name !== "Ed448")
|
|
212
|
-
throw
|
|
211
|
+
throw _("Ed25519 or Ed448");
|
|
213
212
|
break;
|
|
214
213
|
}
|
|
215
214
|
case "ES256":
|
|
216
215
|
case "ES384":
|
|
217
216
|
case "ES512": {
|
|
218
|
-
if (
|
|
219
|
-
throw
|
|
220
|
-
const a =
|
|
217
|
+
if (!W(e.algorithm, "ECDSA"))
|
|
218
|
+
throw _("ECDSA");
|
|
219
|
+
const a = st(t);
|
|
221
220
|
if (e.algorithm.namedCurve !== a)
|
|
222
|
-
throw
|
|
221
|
+
throw _(a, "algorithm.namedCurve");
|
|
223
222
|
break;
|
|
224
223
|
}
|
|
225
224
|
default:
|
|
226
225
|
throw new TypeError("CryptoKey does not support this operation");
|
|
227
226
|
}
|
|
228
|
-
|
|
227
|
+
ot(e, r);
|
|
229
228
|
}
|
|
230
229
|
function Ie(e, t, ...r) {
|
|
231
230
|
var a;
|
|
232
231
|
if (r.length > 2) {
|
|
233
232
|
const n = r.pop();
|
|
234
233
|
e += `one of type ${r.join(", ")}, or ${n}.`;
|
|
235
|
-
} else
|
|
236
|
-
r.length === 2 ? e += `one of type ${r[0]} or ${r[1]}.` : e += `of type ${r[0]}.`;
|
|
234
|
+
} else r.length === 2 ? e += `one of type ${r[0]} or ${r[1]}.` : e += `of type ${r[0]}.`;
|
|
237
235
|
return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (a = t.constructor) != null && a.name && (e += ` Received an instance of ${t.constructor.name}`), e;
|
|
238
236
|
}
|
|
239
|
-
const
|
|
237
|
+
const he = (e, ...t) => Ie("Key must be ", e, ...t);
|
|
240
238
|
function Ce(e, t, ...r) {
|
|
241
239
|
return Ie(`Key for the ${e} algorithm must be `, t, ...r);
|
|
242
240
|
}
|
|
243
|
-
const Pe = (e) =>
|
|
241
|
+
const Pe = (e) => be(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", G = ["CryptoKey"], ct = (...e) => {
|
|
244
242
|
const t = e.filter(Boolean);
|
|
245
243
|
if (t.length === 0 || t.length === 1)
|
|
246
244
|
return !0;
|
|
@@ -251,19 +249,19 @@ const Pe = (e) => ve(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) ===
|
|
|
251
249
|
r = new Set(n);
|
|
252
250
|
continue;
|
|
253
251
|
}
|
|
254
|
-
for (const
|
|
255
|
-
if (r.has(
|
|
252
|
+
for (const o of n) {
|
|
253
|
+
if (r.has(o))
|
|
256
254
|
return !1;
|
|
257
|
-
r.add(
|
|
255
|
+
r.add(o);
|
|
258
256
|
}
|
|
259
257
|
}
|
|
260
258
|
return !0;
|
|
261
259
|
};
|
|
262
|
-
function
|
|
260
|
+
function ut(e) {
|
|
263
261
|
return typeof e == "object" && e !== null;
|
|
264
262
|
}
|
|
265
263
|
function ie(e) {
|
|
266
|
-
if (!
|
|
264
|
+
if (!ut(e) || Object.prototype.toString.call(e) !== "[object Object]")
|
|
267
265
|
return !1;
|
|
268
266
|
if (Object.getPrototypeOf(e) === null)
|
|
269
267
|
return !0;
|
|
@@ -272,14 +270,14 @@ function ie(e) {
|
|
|
272
270
|
t = Object.getPrototypeOf(t);
|
|
273
271
|
return Object.getPrototypeOf(e) === t;
|
|
274
272
|
}
|
|
275
|
-
const
|
|
273
|
+
const dt = (e, t) => {
|
|
276
274
|
if (e.startsWith("RS") || e.startsWith("PS")) {
|
|
277
275
|
const { modulusLength: r } = t.algorithm;
|
|
278
276
|
if (typeof r != "number" || r < 2048)
|
|
279
277
|
throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`);
|
|
280
278
|
}
|
|
281
279
|
};
|
|
282
|
-
function
|
|
280
|
+
function lt(e) {
|
|
283
281
|
let t, r;
|
|
284
282
|
switch (e.kty) {
|
|
285
283
|
case "RSA": {
|
|
@@ -304,7 +302,7 @@ function dt(e) {
|
|
|
304
302
|
}, r = e.d ? ["decrypt", "unwrapKey"] : ["encrypt", "wrapKey"];
|
|
305
303
|
break;
|
|
306
304
|
default:
|
|
307
|
-
throw new
|
|
305
|
+
throw new b('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
|
|
308
306
|
}
|
|
309
307
|
break;
|
|
310
308
|
}
|
|
@@ -326,7 +324,7 @@ function dt(e) {
|
|
|
326
324
|
t = { name: "ECDH", namedCurve: e.crv }, r = e.d ? ["deriveBits"] : [];
|
|
327
325
|
break;
|
|
328
326
|
default:
|
|
329
|
-
throw new
|
|
327
|
+
throw new b('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
|
|
330
328
|
}
|
|
331
329
|
break;
|
|
332
330
|
}
|
|
@@ -342,168 +340,168 @@ function dt(e) {
|
|
|
342
340
|
t = { name: e.crv }, r = e.d ? ["deriveBits"] : [];
|
|
343
341
|
break;
|
|
344
342
|
default:
|
|
345
|
-
throw new
|
|
343
|
+
throw new b('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
|
|
346
344
|
}
|
|
347
345
|
break;
|
|
348
346
|
}
|
|
349
347
|
default:
|
|
350
|
-
throw new
|
|
348
|
+
throw new b('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
|
|
351
349
|
}
|
|
352
350
|
return { algorithm: t, keyUsages: r };
|
|
353
351
|
}
|
|
354
|
-
const
|
|
352
|
+
const ht = async (e) => {
|
|
355
353
|
if (!e.alg)
|
|
356
354
|
throw new TypeError('"alg" argument is required when "jwk.alg" is not present');
|
|
357
|
-
const { algorithm: t, keyUsages: r } =
|
|
355
|
+
const { algorithm: t, keyUsages: r } = lt(e), a = [
|
|
358
356
|
t,
|
|
359
357
|
e.ext ?? !1,
|
|
360
358
|
e.key_ops ?? r
|
|
361
359
|
], n = { ...e };
|
|
362
|
-
return delete n.alg, delete n.use,
|
|
363
|
-
}, Oe = (e) =>
|
|
360
|
+
return delete n.alg, delete n.use, X.subtle.importKey("jwk", n, ...a);
|
|
361
|
+
}, Oe = (e) => B(e);
|
|
364
362
|
let re, ae;
|
|
365
363
|
const De = (e) => (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", Ue = async (e, t, r, a) => {
|
|
366
364
|
let n = e.get(t);
|
|
367
365
|
if (n != null && n[a])
|
|
368
366
|
return n[a];
|
|
369
|
-
const
|
|
370
|
-
return n ? n[a] =
|
|
371
|
-
},
|
|
367
|
+
const o = await ht({ ...r, alg: a });
|
|
368
|
+
return n ? n[a] = o : e.set(t, { [a]: o }), o;
|
|
369
|
+
}, ft = (e, t) => {
|
|
372
370
|
if (De(e)) {
|
|
373
371
|
let r = e.export({ format: "jwk" });
|
|
374
372
|
return delete r.d, delete r.dp, delete r.dq, delete r.p, delete r.q, delete r.qi, r.k ? Oe(r.k) : (ae || (ae = /* @__PURE__ */ new WeakMap()), Ue(ae, e, r, t));
|
|
375
373
|
}
|
|
376
374
|
return e;
|
|
377
|
-
},
|
|
375
|
+
}, pt = (e, t) => {
|
|
378
376
|
if (De(e)) {
|
|
379
377
|
let r = e.export({ format: "jwk" });
|
|
380
378
|
return r.k ? Oe(r.k) : (re || (re = /* @__PURE__ */ new WeakMap()), Ue(re, e, r, t));
|
|
381
379
|
}
|
|
382
380
|
return e;
|
|
383
|
-
},
|
|
381
|
+
}, yt = { normalizePublicKey: ft, normalizePrivateKey: pt }, v = (e, t, r = 0) => {
|
|
384
382
|
r === 0 && (t.unshift(t.length), t.unshift(6));
|
|
385
383
|
const a = e.indexOf(t[0], r);
|
|
386
384
|
if (a === -1)
|
|
387
385
|
return !1;
|
|
388
386
|
const n = e.subarray(a, a + t.length);
|
|
389
|
-
return n.length !== t.length ? !1 : n.every((
|
|
390
|
-
},
|
|
387
|
+
return n.length !== t.length ? !1 : n.every((o, s) => o === t[s]) || v(e, t, a + 1);
|
|
388
|
+
}, fe = (e) => {
|
|
391
389
|
switch (!0) {
|
|
392
|
-
case
|
|
390
|
+
case v(e, [42, 134, 72, 206, 61, 3, 1, 7]):
|
|
393
391
|
return "P-256";
|
|
394
|
-
case
|
|
392
|
+
case v(e, [43, 129, 4, 0, 34]):
|
|
395
393
|
return "P-384";
|
|
396
|
-
case
|
|
394
|
+
case v(e, [43, 129, 4, 0, 35]):
|
|
397
395
|
return "P-521";
|
|
398
|
-
case
|
|
396
|
+
case v(e, [43, 101, 110]):
|
|
399
397
|
return "X25519";
|
|
400
|
-
case
|
|
398
|
+
case v(e, [43, 101, 111]):
|
|
401
399
|
return "X448";
|
|
402
|
-
case
|
|
400
|
+
case v(e, [43, 101, 112]):
|
|
403
401
|
return "Ed25519";
|
|
404
|
-
case
|
|
402
|
+
case v(e, [43, 101, 113]):
|
|
405
403
|
return "Ed448";
|
|
406
404
|
default:
|
|
407
|
-
throw new
|
|
405
|
+
throw new b("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
|
|
408
406
|
}
|
|
409
|
-
},
|
|
410
|
-
let
|
|
407
|
+
}, wt = async (e, t, r, a, n) => {
|
|
408
|
+
let o, s;
|
|
411
409
|
const i = new Uint8Array(atob(r.replace(e, "")).split("").map((c) => c.charCodeAt(0)));
|
|
412
410
|
switch (a) {
|
|
413
411
|
case "PS256":
|
|
414
412
|
case "PS384":
|
|
415
413
|
case "PS512":
|
|
416
|
-
|
|
414
|
+
o = { name: "RSA-PSS", hash: `SHA-${a.slice(-3)}` }, s = ["verify"];
|
|
417
415
|
break;
|
|
418
416
|
case "RS256":
|
|
419
417
|
case "RS384":
|
|
420
418
|
case "RS512":
|
|
421
|
-
|
|
419
|
+
o = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${a.slice(-3)}` }, s = ["verify"];
|
|
422
420
|
break;
|
|
423
421
|
case "RSA-OAEP":
|
|
424
422
|
case "RSA-OAEP-256":
|
|
425
423
|
case "RSA-OAEP-384":
|
|
426
424
|
case "RSA-OAEP-512":
|
|
427
|
-
|
|
425
|
+
o = {
|
|
428
426
|
name: "RSA-OAEP",
|
|
429
427
|
hash: `SHA-${parseInt(a.slice(-3), 10) || 1}`
|
|
430
|
-
},
|
|
428
|
+
}, s = ["encrypt", "wrapKey"];
|
|
431
429
|
break;
|
|
432
430
|
case "ES256":
|
|
433
|
-
|
|
431
|
+
o = { name: "ECDSA", namedCurve: "P-256" }, s = ["verify"];
|
|
434
432
|
break;
|
|
435
433
|
case "ES384":
|
|
436
|
-
|
|
434
|
+
o = { name: "ECDSA", namedCurve: "P-384" }, s = ["verify"];
|
|
437
435
|
break;
|
|
438
436
|
case "ES512":
|
|
439
|
-
|
|
437
|
+
o = { name: "ECDSA", namedCurve: "P-521" }, s = ["verify"];
|
|
440
438
|
break;
|
|
441
439
|
case "ECDH-ES":
|
|
442
440
|
case "ECDH-ES+A128KW":
|
|
443
441
|
case "ECDH-ES+A192KW":
|
|
444
442
|
case "ECDH-ES+A256KW": {
|
|
445
|
-
const c =
|
|
446
|
-
|
|
443
|
+
const c = fe(i);
|
|
444
|
+
o = c.startsWith("P-") ? { name: "ECDH", namedCurve: c } : { name: c }, s = [];
|
|
447
445
|
break;
|
|
448
446
|
}
|
|
449
447
|
case "EdDSA":
|
|
450
|
-
|
|
448
|
+
o = { name: fe(i) }, s = ["verify"];
|
|
451
449
|
break;
|
|
452
450
|
default:
|
|
453
|
-
throw new
|
|
451
|
+
throw new b('Invalid or unsupported "alg" (Algorithm) value');
|
|
454
452
|
}
|
|
455
|
-
return
|
|
456
|
-
},
|
|
457
|
-
async function
|
|
453
|
+
return X.subtle.importKey(t, i, o, !1, s);
|
|
454
|
+
}, mt = (e, t, r) => wt(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
|
|
455
|
+
async function Et(e, t, r) {
|
|
458
456
|
if (e.indexOf("-----BEGIN PUBLIC KEY-----") !== 0)
|
|
459
457
|
throw new TypeError('"spki" must be SPKI formatted string');
|
|
460
|
-
return
|
|
458
|
+
return mt(e, t);
|
|
461
459
|
}
|
|
462
|
-
const
|
|
460
|
+
const F = (e) => e == null ? void 0 : e[Symbol.toStringTag], St = (e, t) => {
|
|
463
461
|
if (!(t instanceof Uint8Array)) {
|
|
464
462
|
if (!Pe(t))
|
|
465
|
-
throw new TypeError(Ce(e, t, ...
|
|
463
|
+
throw new TypeError(Ce(e, t, ...G, "Uint8Array"));
|
|
466
464
|
if (t.type !== "secret")
|
|
467
|
-
throw new TypeError(`${
|
|
465
|
+
throw new TypeError(`${F(t)} instances for symmetric algorithms must be of type "secret"`);
|
|
468
466
|
}
|
|
469
|
-
},
|
|
467
|
+
}, gt = (e, t, r) => {
|
|
470
468
|
if (!Pe(t))
|
|
471
|
-
throw new TypeError(Ce(e, t, ...
|
|
469
|
+
throw new TypeError(Ce(e, t, ...G));
|
|
472
470
|
if (t.type === "secret")
|
|
473
|
-
throw new TypeError(`${
|
|
471
|
+
throw new TypeError(`${F(t)} instances for asymmetric algorithms must not be of type "secret"`);
|
|
474
472
|
if (t.algorithm && r === "verify" && t.type === "private")
|
|
475
|
-
throw new TypeError(`${
|
|
473
|
+
throw new TypeError(`${F(t)} instances for asymmetric algorithm verifying must be of type "public"`);
|
|
476
474
|
if (t.algorithm && r === "encrypt" && t.type === "private")
|
|
477
|
-
throw new TypeError(`${
|
|
478
|
-
},
|
|
479
|
-
e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ?
|
|
475
|
+
throw new TypeError(`${F(t)} instances for asymmetric algorithm encryption must be of type "public"`);
|
|
476
|
+
}, At = (e, t, r) => {
|
|
477
|
+
e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? St(e, t) : gt(e, t, r);
|
|
480
478
|
};
|
|
481
|
-
function
|
|
479
|
+
function Tt(e, t, r, a, n) {
|
|
482
480
|
if (n.crit !== void 0 && (a == null ? void 0 : a.crit) === void 0)
|
|
483
481
|
throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');
|
|
484
482
|
if (!a || a.crit === void 0)
|
|
485
483
|
return /* @__PURE__ */ new Set();
|
|
486
|
-
if (!Array.isArray(a.crit) || a.crit.length === 0 || a.crit.some((
|
|
484
|
+
if (!Array.isArray(a.crit) || a.crit.length === 0 || a.crit.some((s) => typeof s != "string" || s.length === 0))
|
|
487
485
|
throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');
|
|
488
|
-
let
|
|
489
|
-
r !== void 0 ?
|
|
490
|
-
for (const
|
|
491
|
-
if (!
|
|
492
|
-
throw new
|
|
493
|
-
if (n[
|
|
494
|
-
throw new e(`Extension Header Parameter "${
|
|
495
|
-
if (
|
|
496
|
-
throw new e(`Extension Header Parameter "${
|
|
486
|
+
let o;
|
|
487
|
+
r !== void 0 ? o = new Map([...Object.entries(r), ...t.entries()]) : o = t;
|
|
488
|
+
for (const s of a.crit) {
|
|
489
|
+
if (!o.has(s))
|
|
490
|
+
throw new b(`Extension Header Parameter "${s}" is not recognized`);
|
|
491
|
+
if (n[s] === void 0)
|
|
492
|
+
throw new e(`Extension Header Parameter "${s}" is missing`);
|
|
493
|
+
if (o.get(s) && a[s] === void 0)
|
|
494
|
+
throw new e(`Extension Header Parameter "${s}" MUST be integrity protected`);
|
|
497
495
|
}
|
|
498
496
|
return new Set(a.crit);
|
|
499
497
|
}
|
|
500
|
-
const
|
|
498
|
+
const kt = (e, t) => {
|
|
501
499
|
if (t !== void 0 && (!Array.isArray(t) || t.some((r) => typeof r != "string")))
|
|
502
500
|
throw new TypeError(`"${e}" option must be an array of strings`);
|
|
503
501
|
if (t)
|
|
504
502
|
return new Set(t);
|
|
505
503
|
};
|
|
506
|
-
function
|
|
504
|
+
function _t(e, t) {
|
|
507
505
|
const r = `SHA-${e.slice(-3)}`;
|
|
508
506
|
switch (e) {
|
|
509
507
|
case "HS256":
|
|
@@ -525,30 +523,30 @@ function kt(e, t) {
|
|
|
525
523
|
case "EdDSA":
|
|
526
524
|
return { name: t.name };
|
|
527
525
|
default:
|
|
528
|
-
throw new
|
|
526
|
+
throw new b(`alg ${e} is not supported either by JOSE or your javascript runtime`);
|
|
529
527
|
}
|
|
530
528
|
}
|
|
531
|
-
async function
|
|
532
|
-
if (t = await
|
|
533
|
-
return
|
|
529
|
+
async function vt(e, t, r) {
|
|
530
|
+
if (t = await yt.normalizePublicKey(t, e), be(t))
|
|
531
|
+
return it(t, e, r), t;
|
|
534
532
|
if (t instanceof Uint8Array) {
|
|
535
533
|
if (!e.startsWith("HS"))
|
|
536
|
-
throw new TypeError(
|
|
537
|
-
return
|
|
534
|
+
throw new TypeError(he(t, ...G));
|
|
535
|
+
return X.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [r]);
|
|
538
536
|
}
|
|
539
|
-
throw new TypeError(
|
|
537
|
+
throw new TypeError(he(t, ...G, "Uint8Array"));
|
|
540
538
|
}
|
|
541
|
-
const
|
|
542
|
-
const n = await
|
|
543
|
-
|
|
544
|
-
const
|
|
539
|
+
const bt = async (e, t, r, a) => {
|
|
540
|
+
const n = await vt(e, t, "verify");
|
|
541
|
+
dt(e, n);
|
|
542
|
+
const o = _t(e, n.algorithm);
|
|
545
543
|
try {
|
|
546
|
-
return await
|
|
544
|
+
return await X.subtle.verify(o, n, r, a);
|
|
547
545
|
} catch {
|
|
548
546
|
return !1;
|
|
549
547
|
}
|
|
550
548
|
};
|
|
551
|
-
async function
|
|
549
|
+
async function Rt(e, t, r) {
|
|
552
550
|
if (!ie(e))
|
|
553
551
|
throw new f("Flattened JWS must be an object");
|
|
554
552
|
if (e.protected === void 0 && e.header === void 0)
|
|
@@ -564,65 +562,64 @@ async function vt(e, t, r) {
|
|
|
564
562
|
let a = {};
|
|
565
563
|
if (e.protected)
|
|
566
564
|
try {
|
|
567
|
-
const
|
|
568
|
-
a = JSON.parse(
|
|
565
|
+
const g = B(e.protected);
|
|
566
|
+
a = JSON.parse(Q.decode(g));
|
|
569
567
|
} catch {
|
|
570
568
|
throw new f("JWS Protected Header is invalid");
|
|
571
569
|
}
|
|
572
|
-
if (!
|
|
570
|
+
if (!ct(a, e.header))
|
|
573
571
|
throw new f("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
|
|
574
572
|
const n = {
|
|
575
573
|
...a,
|
|
576
574
|
...e.header
|
|
577
|
-
},
|
|
578
|
-
let
|
|
579
|
-
if (
|
|
575
|
+
}, o = Tt(f, /* @__PURE__ */ new Map([["b64", !0]]), r == null ? void 0 : r.crit, a, n);
|
|
576
|
+
let s = !0;
|
|
577
|
+
if (o.has("b64") && (s = a.b64, typeof s != "boolean"))
|
|
580
578
|
throw new f('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
|
|
581
579
|
const { alg: i } = n;
|
|
582
580
|
if (typeof i != "string" || !i)
|
|
583
581
|
throw new f('JWS "alg" (Algorithm) Header Parameter missing or invalid');
|
|
584
|
-
const c = r &&
|
|
582
|
+
const c = r && kt("algorithms", r.algorithms);
|
|
585
583
|
if (c && !c.has(i))
|
|
586
|
-
throw new
|
|
587
|
-
if (
|
|
584
|
+
throw new at('"alg" (Algorithm) Header Parameter value not allowed');
|
|
585
|
+
if (s) {
|
|
588
586
|
if (typeof e.payload != "string")
|
|
589
587
|
throw new f("JWS Payload must be a string");
|
|
590
588
|
} else if (typeof e.payload != "string" && !(e.payload instanceof Uint8Array))
|
|
591
589
|
throw new f("JWS Payload must be a string or an Uint8Array instance");
|
|
592
590
|
let d = !1;
|
|
593
|
-
typeof t == "function" && (t = await t(a, e), d = !0),
|
|
594
|
-
const p =
|
|
591
|
+
typeof t == "function" && (t = await t(a, e), d = !0), At(i, t, "verify");
|
|
592
|
+
const p = tt($.encode(e.protected ?? ""), $.encode("."), typeof e.payload == "string" ? $.encode(e.payload) : e.payload);
|
|
595
593
|
let y;
|
|
596
594
|
try {
|
|
597
|
-
y =
|
|
595
|
+
y = B(e.signature);
|
|
598
596
|
} catch {
|
|
599
597
|
throw new f("Failed to base64url decode the signature");
|
|
600
598
|
}
|
|
601
|
-
if (!await
|
|
602
|
-
throw new
|
|
603
|
-
let
|
|
604
|
-
if (
|
|
599
|
+
if (!await bt(i, t, y, p))
|
|
600
|
+
throw new nt();
|
|
601
|
+
let S;
|
|
602
|
+
if (s)
|
|
605
603
|
try {
|
|
606
|
-
|
|
604
|
+
S = B(e.payload);
|
|
607
605
|
} catch {
|
|
608
606
|
throw new f("Failed to base64url decode the payload");
|
|
609
607
|
}
|
|
610
|
-
else
|
|
611
|
-
|
|
612
|
-
const m = { payload: E };
|
|
608
|
+
else typeof e.payload == "string" ? S = $.encode(e.payload) : S = e.payload;
|
|
609
|
+
const m = { payload: S };
|
|
613
610
|
return e.protected !== void 0 && (m.protectedHeader = a), e.header !== void 0 && (m.unprotectedHeader = e.header), d ? { ...m, key: t } : m;
|
|
614
611
|
}
|
|
615
|
-
async function
|
|
616
|
-
if (e instanceof Uint8Array && (e =
|
|
612
|
+
async function It(e, t, r) {
|
|
613
|
+
if (e instanceof Uint8Array && (e = Q.decode(e)), typeof e != "string")
|
|
617
614
|
throw new f("Compact JWS must be a string or Uint8Array");
|
|
618
|
-
const { 0: a, 1: n, 2:
|
|
619
|
-
if (
|
|
615
|
+
const { 0: a, 1: n, 2: o, length: s } = e.split(".");
|
|
616
|
+
if (s !== 3)
|
|
620
617
|
throw new f("Invalid Compact JWS");
|
|
621
|
-
const i = await
|
|
618
|
+
const i = await Rt({ payload: n, protected: a, signature: o }, t, r), c = { payload: i.payload, protectedHeader: i.protectedHeader };
|
|
622
619
|
return typeof t == "function" ? { ...c, key: i.key } : c;
|
|
623
620
|
}
|
|
624
|
-
const
|
|
625
|
-
const t =
|
|
621
|
+
const Ct = (e) => Math.floor(e.getTime() / 1e3), He = 60, Ke = He * 60, ce = Ke * 24, Pt = ce * 7, Ot = ce * 365.25, Dt = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, pe = (e) => {
|
|
622
|
+
const t = Dt.exec(e);
|
|
626
623
|
if (!t || t[4] && t[1])
|
|
627
624
|
throw new TypeError("Invalid time period format");
|
|
628
625
|
const r = parseFloat(t[2]), a = t[3].toLowerCase();
|
|
@@ -657,39 +654,39 @@ const It = (e) => Math.floor(e.getTime() / 1e3), He = 60, Ke = He * 60, ce = Ke
|
|
|
657
654
|
case "week":
|
|
658
655
|
case "weeks":
|
|
659
656
|
case "w":
|
|
660
|
-
n = Math.round(r *
|
|
657
|
+
n = Math.round(r * Pt);
|
|
661
658
|
break;
|
|
662
659
|
default:
|
|
663
|
-
n = Math.round(r *
|
|
660
|
+
n = Math.round(r * Ot);
|
|
664
661
|
break;
|
|
665
662
|
}
|
|
666
663
|
return t[1] === "-" || t[4] === "ago" ? -n : n;
|
|
667
|
-
},
|
|
664
|
+
}, ye = (e) => e.toLowerCase().replace(/^application\//, ""), Ut = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, Ht = (e, t, r = {}) => {
|
|
668
665
|
let a;
|
|
669
666
|
try {
|
|
670
|
-
a = JSON.parse(
|
|
667
|
+
a = JSON.parse(Q.decode(t));
|
|
671
668
|
} catch {
|
|
672
669
|
}
|
|
673
670
|
if (!ie(a))
|
|
674
671
|
throw new Re("JWT Claims Set must be a top-level JSON object");
|
|
675
672
|
const { typ: n } = r;
|
|
676
|
-
if (n && (typeof e.typ != "string" ||
|
|
677
|
-
throw new
|
|
678
|
-
const { requiredClaims:
|
|
679
|
-
d !== void 0 && p.push("iat"), c !== void 0 && p.push("aud"), i !== void 0 && p.push("sub"),
|
|
680
|
-
for (const
|
|
681
|
-
if (!(
|
|
682
|
-
throw new
|
|
683
|
-
if (
|
|
684
|
-
throw new
|
|
673
|
+
if (n && (typeof e.typ != "string" || ye(e.typ) !== ye(n)))
|
|
674
|
+
throw new T('unexpected "typ" JWT header value', a, "typ", "check_failed");
|
|
675
|
+
const { requiredClaims: o = [], issuer: s, subject: i, audience: c, maxTokenAge: d } = r, p = [...o];
|
|
676
|
+
d !== void 0 && p.push("iat"), c !== void 0 && p.push("aud"), i !== void 0 && p.push("sub"), s !== void 0 && p.push("iss");
|
|
677
|
+
for (const g of new Set(p.reverse()))
|
|
678
|
+
if (!(g in a))
|
|
679
|
+
throw new T(`missing required "${g}" claim`, a, g, "missing");
|
|
680
|
+
if (s && !(Array.isArray(s) ? s : [s]).includes(a.iss))
|
|
681
|
+
throw new T('unexpected "iss" claim value', a, "iss", "check_failed");
|
|
685
682
|
if (i && a.sub !== i)
|
|
686
|
-
throw new
|
|
687
|
-
if (c && !
|
|
688
|
-
throw new
|
|
683
|
+
throw new T('unexpected "sub" claim value', a, "sub", "check_failed");
|
|
684
|
+
if (c && !Ut(a.aud, typeof c == "string" ? [c] : c))
|
|
685
|
+
throw new T('unexpected "aud" claim value', a, "aud", "check_failed");
|
|
689
686
|
let y;
|
|
690
687
|
switch (typeof r.clockTolerance) {
|
|
691
688
|
case "string":
|
|
692
|
-
y =
|
|
689
|
+
y = pe(r.clockTolerance);
|
|
693
690
|
break;
|
|
694
691
|
case "number":
|
|
695
692
|
y = r.clockTolerance;
|
|
@@ -700,42 +697,42 @@ const It = (e) => Math.floor(e.getTime() / 1e3), He = 60, Ke = He * 60, ce = Ke
|
|
|
700
697
|
default:
|
|
701
698
|
throw new TypeError("Invalid clockTolerance option type");
|
|
702
699
|
}
|
|
703
|
-
const { currentDate:
|
|
700
|
+
const { currentDate: S } = r, m = Ct(S || /* @__PURE__ */ new Date());
|
|
704
701
|
if ((a.iat !== void 0 || d) && typeof a.iat != "number")
|
|
705
|
-
throw new
|
|
702
|
+
throw new T('"iat" claim must be a number', a, "iat", "invalid");
|
|
706
703
|
if (a.nbf !== void 0) {
|
|
707
704
|
if (typeof a.nbf != "number")
|
|
708
|
-
throw new
|
|
705
|
+
throw new T('"nbf" claim must be a number', a, "nbf", "invalid");
|
|
709
706
|
if (a.nbf > m + y)
|
|
710
|
-
throw new
|
|
707
|
+
throw new T('"nbf" claim timestamp check failed', a, "nbf", "check_failed");
|
|
711
708
|
}
|
|
712
709
|
if (a.exp !== void 0) {
|
|
713
710
|
if (typeof a.exp != "number")
|
|
714
|
-
throw new
|
|
711
|
+
throw new T('"exp" claim must be a number', a, "exp", "invalid");
|
|
715
712
|
if (a.exp <= m - y)
|
|
716
|
-
throw new
|
|
713
|
+
throw new le('"exp" claim timestamp check failed', a, "exp", "check_failed");
|
|
717
714
|
}
|
|
718
715
|
if (d) {
|
|
719
|
-
const
|
|
720
|
-
if (
|
|
721
|
-
throw new
|
|
722
|
-
if (
|
|
723
|
-
throw new
|
|
716
|
+
const g = m - a.iat, ee = typeof d == "number" ? d : pe(d);
|
|
717
|
+
if (g - y > ee)
|
|
718
|
+
throw new le('"iat" claim timestamp check failed (too far in the past)', a, "iat", "check_failed");
|
|
719
|
+
if (g < 0 - y)
|
|
720
|
+
throw new T('"iat" claim timestamp check failed (it should be in the past)', a, "iat", "check_failed");
|
|
724
721
|
}
|
|
725
722
|
return a;
|
|
726
723
|
};
|
|
727
|
-
async function
|
|
724
|
+
async function Kt(e, t, r) {
|
|
728
725
|
var a;
|
|
729
|
-
const n = await
|
|
726
|
+
const n = await It(e, t, r);
|
|
730
727
|
if ((a = n.protectedHeader.crit) != null && a.includes("b64") && n.protectedHeader.b64 === !1)
|
|
731
728
|
throw new Re("JWTs MUST NOT use unencoded payload");
|
|
732
|
-
const
|
|
733
|
-
return typeof t == "function" ? { ...
|
|
729
|
+
const o = { payload: Ht(n.protectedHeader, n.payload, r), protectedHeader: n.protectedHeader };
|
|
730
|
+
return typeof t == "function" ? { ...o, key: n.key } : o;
|
|
734
731
|
}
|
|
735
|
-
const
|
|
732
|
+
const K = async (e) => {
|
|
736
733
|
try {
|
|
737
|
-
const t = w.ALG, r = await
|
|
738
|
-
return await
|
|
734
|
+
const t = w.ALG, r = await Et(et, t);
|
|
735
|
+
return await Kt(e, r, {
|
|
739
736
|
issuer: w.ISSUER
|
|
740
737
|
});
|
|
741
738
|
} catch {
|
|
@@ -745,39 +742,39 @@ const H = async (e) => {
|
|
|
745
742
|
var l = [];
|
|
746
743
|
for (var ne = 0; ne < 256; ++ne)
|
|
747
744
|
l.push((ne + 256).toString(16).slice(1));
|
|
748
|
-
function
|
|
745
|
+
function Nt(e, t = 0) {
|
|
749
746
|
return (l[e[t + 0]] + l[e[t + 1]] + l[e[t + 2]] + l[e[t + 3]] + "-" + l[e[t + 4]] + l[e[t + 5]] + "-" + l[e[t + 6]] + l[e[t + 7]] + "-" + l[e[t + 8]] + l[e[t + 9]] + "-" + l[e[t + 10]] + l[e[t + 11]] + l[e[t + 12]] + l[e[t + 13]] + l[e[t + 14]] + l[e[t + 15]]).toLowerCase();
|
|
750
747
|
}
|
|
751
|
-
var
|
|
752
|
-
function
|
|
753
|
-
if (!
|
|
748
|
+
var J, Lt = new Uint8Array(16);
|
|
749
|
+
function $t() {
|
|
750
|
+
if (!J && (J = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !J))
|
|
754
751
|
throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
|
|
755
|
-
return
|
|
752
|
+
return J(Lt);
|
|
756
753
|
}
|
|
757
|
-
var
|
|
758
|
-
const
|
|
759
|
-
randomUUID:
|
|
754
|
+
var Wt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
|
|
755
|
+
const we = {
|
|
756
|
+
randomUUID: Wt
|
|
760
757
|
};
|
|
761
|
-
function
|
|
762
|
-
if (
|
|
763
|
-
return
|
|
758
|
+
function me(e, t, r) {
|
|
759
|
+
if (we.randomUUID && !t && !e)
|
|
760
|
+
return we.randomUUID();
|
|
764
761
|
e = e || {};
|
|
765
|
-
var a = e.random || (e.rng ||
|
|
766
|
-
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128,
|
|
762
|
+
var a = e.random || (e.rng || $t)();
|
|
763
|
+
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128, Nt(a);
|
|
767
764
|
}
|
|
768
|
-
const
|
|
765
|
+
const Ee = globalThis.crypto, Jt = (e) => `${me()}${me()}`.slice(0, e), xt = (e) => btoa(
|
|
769
766
|
[...new Uint8Array(e)].map((t) => String.fromCharCode(t)).join("")
|
|
770
767
|
);
|
|
771
|
-
async function
|
|
772
|
-
if (!
|
|
768
|
+
async function jt(e) {
|
|
769
|
+
if (!Ee.subtle)
|
|
773
770
|
throw new Error(
|
|
774
771
|
"crypto.subtle is available only in secure contexts (HTTPS)."
|
|
775
772
|
);
|
|
776
|
-
const t = new TextEncoder().encode(e), r = await
|
|
777
|
-
return
|
|
773
|
+
const t = new TextEncoder().encode(e), r = await Ee.subtle.digest("SHA-256", t);
|
|
774
|
+
return xt(r).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
|
|
778
775
|
}
|
|
779
|
-
async function
|
|
780
|
-
const r =
|
|
776
|
+
async function Mt(e) {
|
|
777
|
+
const r = Jt(43), a = await jt(r);
|
|
781
778
|
return {
|
|
782
779
|
code_verifier: r,
|
|
783
780
|
code_challenge: a
|
|
@@ -786,116 +783,115 @@ async function jt(e) {
|
|
|
786
783
|
function Ne(e, t) {
|
|
787
784
|
window.dispatchEvent(new StorageEvent("storage", { key: e, newValue: t }));
|
|
788
785
|
}
|
|
789
|
-
const
|
|
786
|
+
const Se = (e, t) => {
|
|
790
787
|
const r = JSON.stringify(
|
|
791
788
|
typeof t == "function" ? t() : t
|
|
792
789
|
);
|
|
793
790
|
window.localStorage.setItem(e, r), Ne(e, r);
|
|
794
|
-
},
|
|
791
|
+
}, Vt = (e) => {
|
|
795
792
|
window.localStorage.removeItem(e), Ne(e, null);
|
|
796
|
-
},
|
|
797
|
-
function
|
|
793
|
+
}, ge = (e) => window.localStorage.getItem(e), Yt = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
|
|
794
|
+
function x({
|
|
798
795
|
key: e,
|
|
799
796
|
initialValue: t
|
|
800
797
|
}) {
|
|
801
|
-
const r = () =>
|
|
802
|
-
|
|
803
|
-
r
|
|
804
|
-
), n = U.useCallback(
|
|
805
|
-
(i) => {
|
|
798
|
+
const r = Ge(Yt, () => ge(e)), a = H(
|
|
799
|
+
(s) => {
|
|
806
800
|
try {
|
|
807
|
-
const
|
|
808
|
-
|
|
809
|
-
} catch (
|
|
810
|
-
console.warn(
|
|
801
|
+
const i = typeof s == "function" ? s(JSON.parse(r)) : s;
|
|
802
|
+
i == null ? Vt(e) : Se(e, i);
|
|
803
|
+
} catch (i) {
|
|
804
|
+
console.warn(i);
|
|
811
805
|
}
|
|
812
806
|
},
|
|
813
|
-
[e,
|
|
814
|
-
),
|
|
815
|
-
|
|
816
|
-
}, [t,
|
|
817
|
-
|
|
818
|
-
}, [
|
|
819
|
-
return
|
|
807
|
+
[e, r]
|
|
808
|
+
), n = H(() => {
|
|
809
|
+
a(t);
|
|
810
|
+
}, [t, a]), o = H(() => {
|
|
811
|
+
a(null);
|
|
812
|
+
}, [a]);
|
|
813
|
+
return ve(() => {
|
|
820
814
|
try {
|
|
821
|
-
|
|
822
|
-
} catch (
|
|
823
|
-
console.warn(
|
|
815
|
+
ge(e) === null && typeof t < "u" && Se(e, t);
|
|
816
|
+
} catch (s) {
|
|
817
|
+
console.warn(s);
|
|
824
818
|
}
|
|
825
|
-
}, [e, t]), [
|
|
819
|
+
}, [e, t]), [r ? JSON.parse(r) : null, a, n, o];
|
|
826
820
|
}
|
|
827
821
|
var h = [];
|
|
828
822
|
for (var se = 0; se < 256; ++se)
|
|
829
823
|
h.push((se + 256).toString(16).slice(1));
|
|
830
|
-
function
|
|
824
|
+
function Bt(e, t = 0) {
|
|
831
825
|
return (h[e[t + 0]] + h[e[t + 1]] + h[e[t + 2]] + h[e[t + 3]] + "-" + h[e[t + 4]] + h[e[t + 5]] + "-" + h[e[t + 6]] + h[e[t + 7]] + "-" + h[e[t + 8]] + h[e[t + 9]] + "-" + h[e[t + 10]] + h[e[t + 11]] + h[e[t + 12]] + h[e[t + 13]] + h[e[t + 14]] + h[e[t + 15]]).toLowerCase();
|
|
832
826
|
}
|
|
833
|
-
var
|
|
834
|
-
function
|
|
835
|
-
if (!
|
|
827
|
+
var j, Ft = new Uint8Array(16);
|
|
828
|
+
function Gt() {
|
|
829
|
+
if (!j && (j = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !j))
|
|
836
830
|
throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
|
|
837
|
-
return
|
|
831
|
+
return j(Ft);
|
|
838
832
|
}
|
|
839
|
-
var
|
|
840
|
-
const
|
|
841
|
-
randomUUID:
|
|
833
|
+
var qt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
|
|
834
|
+
const Ae = {
|
|
835
|
+
randomUUID: qt
|
|
842
836
|
};
|
|
843
|
-
function
|
|
844
|
-
if (
|
|
845
|
-
return
|
|
837
|
+
function zt(e, t, r) {
|
|
838
|
+
if (Ae.randomUUID && !t && !e)
|
|
839
|
+
return Ae.randomUUID();
|
|
846
840
|
e = e || {};
|
|
847
|
-
var a = e.random || (e.rng ||
|
|
848
|
-
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128,
|
|
841
|
+
var a = e.random || (e.rng || Gt)();
|
|
842
|
+
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128, Bt(a);
|
|
849
843
|
}
|
|
850
|
-
const
|
|
844
|
+
const M = "Oops! It looks like your session has expired. For your security, please log in again to continue.", Xt = "Your session has been successfully terminated.", Te = "Login failed. Please try again.", oe = "Error getting access token, please re-authenticate.", Qt = "You forgot to wrap your component in <AuthProvider>.", ke = {
|
|
851
845
|
dev: "https://auth.gizmette.local.com:3003",
|
|
852
846
|
prod: "https://mylogin.gizmette.com"
|
|
853
|
-
},
|
|
847
|
+
}, V = "@@auth@@", Zt = process.env.NODE_ENV === "production", er = !Zt, Z = async ({
|
|
854
848
|
type: e,
|
|
855
849
|
clientId: t,
|
|
856
850
|
params: r = {}
|
|
857
851
|
}) => {
|
|
858
852
|
try {
|
|
859
853
|
const a = await fetch(
|
|
860
|
-
|
|
854
|
+
er ? `${ke.dev}/${e}` : `${ke.prod}/${e}`,
|
|
861
855
|
{
|
|
862
856
|
credentials: "include",
|
|
863
857
|
method: "POST",
|
|
864
858
|
headers: {
|
|
865
859
|
"Content-Type": "application/json",
|
|
866
|
-
[
|
|
860
|
+
[Ze.CLIENT_ID]: `${t}`
|
|
867
861
|
},
|
|
868
862
|
body: JSON.stringify(r)
|
|
869
863
|
}
|
|
870
864
|
);
|
|
871
865
|
if (a.status !== 200)
|
|
872
866
|
return { status: a.status, data: [] };
|
|
873
|
-
const { data: n, errors:
|
|
867
|
+
const { data: n, errors: o } = await a.json();
|
|
874
868
|
return {
|
|
875
869
|
status: a.status,
|
|
876
870
|
data: n,
|
|
877
|
-
errors:
|
|
871
|
+
errors: o
|
|
878
872
|
};
|
|
879
873
|
} catch (a) {
|
|
880
874
|
return console.error(a), { status: 500, data: [] };
|
|
881
875
|
}
|
|
882
|
-
},
|
|
883
|
-
|
|
884
|
-
|
|
885
|
-
|
|
886
|
-
|
|
887
|
-
|
|
876
|
+
}, tr = async ({
|
|
877
|
+
userId: e,
|
|
878
|
+
idToken: t,
|
|
879
|
+
accessToken: r,
|
|
880
|
+
refreshToken: a,
|
|
881
|
+
clientId: n,
|
|
882
|
+
domain: o
|
|
888
883
|
}) => {
|
|
889
884
|
try {
|
|
890
885
|
return {
|
|
891
|
-
status: (await
|
|
892
|
-
type:
|
|
893
|
-
clientId:
|
|
886
|
+
status: (await Z({
|
|
887
|
+
type: z.LOGOUT,
|
|
888
|
+
clientId: n,
|
|
894
889
|
params: {
|
|
895
|
-
|
|
896
|
-
|
|
897
|
-
|
|
898
|
-
|
|
890
|
+
userId: e,
|
|
891
|
+
idToken: t,
|
|
892
|
+
accessToken: r,
|
|
893
|
+
refreshToken: a,
|
|
894
|
+
domain: o
|
|
899
895
|
}
|
|
900
896
|
})).status === 200
|
|
901
897
|
};
|
|
@@ -910,26 +906,26 @@ const j = "Oops! It looks like your session has expired. For your security, plea
|
|
|
910
906
|
clientId: r,
|
|
911
907
|
nonce: a,
|
|
912
908
|
type: n,
|
|
913
|
-
sessionExpiration:
|
|
914
|
-
code:
|
|
909
|
+
sessionExpiration: o,
|
|
910
|
+
code: s,
|
|
915
911
|
code_verifier: i,
|
|
916
912
|
domain: c
|
|
917
913
|
}) => {
|
|
918
914
|
try {
|
|
919
|
-
const d = await
|
|
920
|
-
type:
|
|
915
|
+
const d = await Z({
|
|
916
|
+
type: z.AUTHENTICATE,
|
|
921
917
|
clientId: r,
|
|
922
918
|
params: {
|
|
923
|
-
type: n ||
|
|
919
|
+
type: n || q.ID_AND_ACCESS_TOKEN,
|
|
924
920
|
username: e,
|
|
925
921
|
password: t,
|
|
926
|
-
sessionExpiration:
|
|
922
|
+
sessionExpiration: o,
|
|
927
923
|
nonce: a,
|
|
928
|
-
code:
|
|
924
|
+
code: s,
|
|
929
925
|
code_verifier: i,
|
|
930
926
|
domain: c
|
|
931
927
|
}
|
|
932
|
-
}), p = await
|
|
928
|
+
}), p = await K(d.data.idToken);
|
|
933
929
|
return p && p.payload[w.USER_ID_KEY] !== "" && p.payload[w.NONCE_KEY] === a ? {
|
|
934
930
|
idToken: d.data.idToken,
|
|
935
931
|
accessToken: d.data.accessToken,
|
|
@@ -944,17 +940,17 @@ const j = "Oops! It looks like your session has expired. For your security, plea
|
|
|
944
940
|
status: !1
|
|
945
941
|
};
|
|
946
942
|
}
|
|
947
|
-
},
|
|
943
|
+
}, rr = async ({
|
|
948
944
|
nonce: e,
|
|
949
945
|
clientId: t,
|
|
950
946
|
code_challenge: r
|
|
951
947
|
}) => {
|
|
952
948
|
try {
|
|
953
|
-
const a = await
|
|
954
|
-
type:
|
|
949
|
+
const a = await Z({
|
|
950
|
+
type: z.CODE,
|
|
955
951
|
clientId: t,
|
|
956
952
|
params: {
|
|
957
|
-
type:
|
|
953
|
+
type: q.CODE,
|
|
958
954
|
nonce: e,
|
|
959
955
|
code_challenge: r
|
|
960
956
|
}
|
|
@@ -970,30 +966,30 @@ const j = "Oops! It looks like your session has expired. For your security, plea
|
|
|
970
966
|
status: !1
|
|
971
967
|
};
|
|
972
968
|
}
|
|
973
|
-
},
|
|
969
|
+
}, ar = async ({
|
|
974
970
|
clientId: e,
|
|
975
971
|
userId: t,
|
|
976
972
|
nonce: r,
|
|
977
973
|
refreshToken: a,
|
|
978
974
|
accessToken: n,
|
|
979
|
-
domain:
|
|
975
|
+
domain: o
|
|
980
976
|
}) => {
|
|
981
977
|
try {
|
|
982
|
-
const
|
|
983
|
-
type:
|
|
978
|
+
const s = await Z({
|
|
979
|
+
type: z.AUTHENTICATE,
|
|
984
980
|
clientId: e,
|
|
985
981
|
params: {
|
|
986
|
-
type:
|
|
982
|
+
type: q.REFRESH_TOKEN,
|
|
987
983
|
userId: t,
|
|
988
984
|
nonce: r,
|
|
989
985
|
refreshToken: a,
|
|
990
986
|
accessToken: n,
|
|
991
|
-
domain:
|
|
987
|
+
domain: o
|
|
992
988
|
}
|
|
993
|
-
}), i = await
|
|
989
|
+
}), i = await K(s.data.accessToken);
|
|
994
990
|
return i && i.payload[w.USER_ID_KEY] !== "" && i.payload[w.NONCE_KEY] === r ? {
|
|
995
|
-
accessToken:
|
|
996
|
-
refreshToken:
|
|
991
|
+
accessToken: s.data.accessToken,
|
|
992
|
+
refreshToken: s.data.refreshToken,
|
|
997
993
|
userId: i.payload[w.USER_ID_KEY],
|
|
998
994
|
status: !0
|
|
999
995
|
} : {
|
|
@@ -1005,11 +1001,11 @@ const j = "Oops! It looks like your session has expired. For your security, plea
|
|
|
1005
1001
|
};
|
|
1006
1002
|
}
|
|
1007
1003
|
};
|
|
1008
|
-
class
|
|
1004
|
+
class nr {
|
|
1009
1005
|
constructor(t = null, r = null) {
|
|
1010
|
-
|
|
1011
|
-
|
|
1012
|
-
|
|
1006
|
+
L(this, "refreshTokenPromise", null);
|
|
1007
|
+
L(this, "accessToken");
|
|
1008
|
+
L(this, "refreshToken");
|
|
1013
1009
|
this.accessToken = t || "", this.refreshToken = r || "";
|
|
1014
1010
|
}
|
|
1015
1011
|
async refreshtoken({
|
|
@@ -1036,9 +1032,9 @@ class ar {
|
|
|
1036
1032
|
nonce: a,
|
|
1037
1033
|
domain: n
|
|
1038
1034
|
}) {
|
|
1039
|
-
const
|
|
1040
|
-
if (
|
|
1041
|
-
const
|
|
1035
|
+
const o = await K(this.refreshToken);
|
|
1036
|
+
if (o && o.payload[w.USER_ID_KEY] !== "") {
|
|
1037
|
+
const s = await ar({
|
|
1042
1038
|
clientId: t,
|
|
1043
1039
|
userId: r,
|
|
1044
1040
|
nonce: a,
|
|
@@ -1046,10 +1042,10 @@ class ar {
|
|
|
1046
1042
|
accessToken: this.accessToken,
|
|
1047
1043
|
domain: n
|
|
1048
1044
|
});
|
|
1049
|
-
return
|
|
1045
|
+
return s.status ? (this.accessToken = s.accessToken, this.refreshToken = s.refreshToken, {
|
|
1050
1046
|
status: "success",
|
|
1051
|
-
newAccessToken:
|
|
1052
|
-
newRefreshToken:
|
|
1047
|
+
newAccessToken: s.accessToken,
|
|
1048
|
+
newRefreshToken: s.refreshToken
|
|
1053
1049
|
}) : {
|
|
1054
1050
|
status: "failure"
|
|
1055
1051
|
};
|
|
@@ -1059,15 +1055,15 @@ class ar {
|
|
|
1059
1055
|
};
|
|
1060
1056
|
}
|
|
1061
1057
|
}
|
|
1062
|
-
const
|
|
1063
|
-
throw new Error(
|
|
1064
|
-
}, Le =
|
|
1058
|
+
const Y = () => {
|
|
1059
|
+
throw new Error(Qt);
|
|
1060
|
+
}, Le = qe({
|
|
1065
1061
|
isAuthenticated: !1,
|
|
1066
1062
|
isLoading: !1,
|
|
1067
|
-
login:
|
|
1068
|
-
logout:
|
|
1069
|
-
getAccessToken:
|
|
1070
|
-
getIdToken:
|
|
1063
|
+
login: Y,
|
|
1064
|
+
logout: Y,
|
|
1065
|
+
getAccessToken: Y,
|
|
1066
|
+
getIdToken: Y,
|
|
1071
1067
|
logoutReason: ""
|
|
1072
1068
|
}), ur = ({
|
|
1073
1069
|
children: e,
|
|
@@ -1075,59 +1071,62 @@ const V = () => {
|
|
|
1075
1071
|
clientId: r,
|
|
1076
1072
|
domain: a = ""
|
|
1077
1073
|
}) => {
|
|
1078
|
-
const n =
|
|
1079
|
-
key: `${
|
|
1080
|
-
}), [c, d, , p] =
|
|
1081
|
-
key: `${
|
|
1082
|
-
}), [y,
|
|
1074
|
+
const n = ze(!1), [o, s, , i] = x({
|
|
1075
|
+
key: `${V}::${r}::@@user@@`
|
|
1076
|
+
}), [c, d, , p] = x({
|
|
1077
|
+
key: `${V}::${r}::@@access@@`
|
|
1078
|
+
}), [y, S, , m] = x(
|
|
1083
1079
|
{
|
|
1084
|
-
key: `${
|
|
1080
|
+
key: `${V}::${r}::@@refresh@@`
|
|
1085
1081
|
}
|
|
1086
|
-
), [
|
|
1087
|
-
key: `${
|
|
1088
|
-
}), $e = new
|
|
1082
|
+
), [g, ee, , ue] = x({
|
|
1083
|
+
key: `${V}::${r}::@@nonce@@`
|
|
1084
|
+
}), $e = new nr(c, y), [R, k] = Xe({
|
|
1089
1085
|
isLoading: !0,
|
|
1090
1086
|
isAuthenticated: !1,
|
|
1091
1087
|
user: void 0,
|
|
1092
1088
|
logoutReason: ""
|
|
1093
|
-
}),
|
|
1089
|
+
}), N = H(
|
|
1094
1090
|
(u) => {
|
|
1095
|
-
console.warn(u),
|
|
1091
|
+
console.warn(u), k({
|
|
1096
1092
|
isLoading: !0,
|
|
1097
1093
|
isAuthenticated: !1,
|
|
1098
1094
|
user: void 0,
|
|
1099
|
-
logoutReason: u ||
|
|
1095
|
+
logoutReason: u || M
|
|
1100
1096
|
}), i(), p(), m(), ue();
|
|
1101
1097
|
},
|
|
1102
1098
|
[p, i, ue, m]
|
|
1103
|
-
),
|
|
1099
|
+
), I = H(
|
|
1104
1100
|
async (u) => {
|
|
1105
|
-
|
|
1106
|
-
|
|
1101
|
+
const { user: A } = R;
|
|
1102
|
+
N(u || M), await tr({
|
|
1103
|
+
userId: (A == null ? void 0 : A.userId) || "",
|
|
1104
|
+
idToken: o,
|
|
1107
1105
|
accessToken: c,
|
|
1108
1106
|
refreshToken: y,
|
|
1109
1107
|
clientId: r,
|
|
1110
1108
|
domain: a
|
|
1111
|
-
}),
|
|
1112
|
-
...
|
|
1109
|
+
}), k((E) => ({
|
|
1110
|
+
...E,
|
|
1113
1111
|
isLoading: !1
|
|
1114
1112
|
}));
|
|
1115
1113
|
},
|
|
1116
1114
|
[
|
|
1117
1115
|
c,
|
|
1116
|
+
R,
|
|
1118
1117
|
r,
|
|
1119
1118
|
a,
|
|
1120
|
-
|
|
1119
|
+
o,
|
|
1121
1120
|
y,
|
|
1122
|
-
|
|
1121
|
+
N
|
|
1123
1122
|
]
|
|
1124
1123
|
);
|
|
1125
|
-
|
|
1124
|
+
ve(() => {
|
|
1126
1125
|
if (!n.current)
|
|
1127
|
-
return
|
|
1126
|
+
return R.isLoading && o !== null ? (async () => {
|
|
1128
1127
|
try {
|
|
1129
|
-
const u = await
|
|
1130
|
-
u && u.payload[w.USER_ID_KEY] !== "" ?
|
|
1128
|
+
const u = await K(o);
|
|
1129
|
+
u && u.payload[w.USER_ID_KEY] !== "" ? k({
|
|
1131
1130
|
isLoading: !1,
|
|
1132
1131
|
isAuthenticated: !0,
|
|
1133
1132
|
user: {
|
|
@@ -1135,106 +1134,112 @@ const V = () => {
|
|
|
1135
1134
|
username: u.payload[w.USERNAME_KEY]
|
|
1136
1135
|
},
|
|
1137
1136
|
logoutReason: ""
|
|
1138
|
-
}) : await
|
|
1137
|
+
}) : await I(M);
|
|
1139
1138
|
} catch {
|
|
1140
|
-
await
|
|
1139
|
+
await I(M);
|
|
1141
1140
|
}
|
|
1142
|
-
})() :
|
|
1141
|
+
})() : k((u) => ({
|
|
1143
1142
|
...u,
|
|
1144
1143
|
isLoading: !1
|
|
1145
1144
|
})), () => {
|
|
1146
1145
|
n.current = !0;
|
|
1147
1146
|
};
|
|
1148
|
-
}, [
|
|
1149
|
-
const We = async (u,
|
|
1150
|
-
const
|
|
1151
|
-
if (
|
|
1152
|
-
...
|
|
1147
|
+
}, [R.isLoading, o, I]);
|
|
1148
|
+
const We = async (u, A, E) => {
|
|
1149
|
+
const C = zt();
|
|
1150
|
+
if (ee(C), k((D) => ({
|
|
1151
|
+
...D,
|
|
1153
1152
|
isLoading: !0
|
|
1154
|
-
})), i(), p(), m(),
|
|
1155
|
-
const { code_verifier:
|
|
1156
|
-
nonce:
|
|
1153
|
+
})), i(), p(), m(), E === q.CODE) {
|
|
1154
|
+
const { code_verifier: D, code_challenge: Me } = await Mt(), de = await rr({
|
|
1155
|
+
nonce: C,
|
|
1157
1156
|
clientId: r,
|
|
1158
1157
|
code_challenge: Me
|
|
1159
1158
|
});
|
|
1160
1159
|
if (de.status) {
|
|
1161
|
-
const
|
|
1160
|
+
const U = await _e({
|
|
1162
1161
|
username: u,
|
|
1163
|
-
password:
|
|
1162
|
+
password: A,
|
|
1164
1163
|
clientId: r,
|
|
1165
1164
|
sessionExpiration: t,
|
|
1166
|
-
nonce:
|
|
1167
|
-
type:
|
|
1165
|
+
nonce: C,
|
|
1166
|
+
type: E,
|
|
1168
1167
|
code: de.code,
|
|
1169
|
-
code_verifier:
|
|
1168
|
+
code_verifier: D,
|
|
1170
1169
|
domain: a
|
|
1171
1170
|
});
|
|
1172
|
-
return
|
|
1171
|
+
return U.status ? (s(U.idToken), d(U.accessToken), S(U.refreshToken), k({
|
|
1173
1172
|
isLoading: !1,
|
|
1174
1173
|
isAuthenticated: !0,
|
|
1175
1174
|
user: {
|
|
1176
|
-
userId:
|
|
1175
|
+
userId: U.userId,
|
|
1177
1176
|
username: u
|
|
1178
1177
|
},
|
|
1179
1178
|
logoutReason: ""
|
|
1180
|
-
}), !0) : (
|
|
1179
|
+
}), !0) : (N(Te), k((Ve) => ({
|
|
1180
|
+
...Ve,
|
|
1181
|
+
isLoading: !1
|
|
1182
|
+
})), !1);
|
|
1181
1183
|
}
|
|
1182
1184
|
return !1;
|
|
1183
1185
|
}
|
|
1184
1186
|
const O = await _e({
|
|
1185
1187
|
username: u,
|
|
1186
|
-
password:
|
|
1188
|
+
password: A,
|
|
1187
1189
|
clientId: r,
|
|
1188
1190
|
sessionExpiration: t,
|
|
1189
|
-
nonce:
|
|
1190
|
-
type:
|
|
1191
|
+
nonce: C,
|
|
1192
|
+
type: E,
|
|
1191
1193
|
domain: a
|
|
1192
1194
|
});
|
|
1193
|
-
return O.status ? (
|
|
1195
|
+
return O.status ? (s(O.idToken), d(O.accessToken), S(O.refreshToken), k({
|
|
1194
1196
|
isLoading: !1,
|
|
1195
1197
|
isAuthenticated: !0,
|
|
1196
1198
|
user: {
|
|
1197
1199
|
userId: O.userId,
|
|
1198
1200
|
username: u
|
|
1199
1201
|
}
|
|
1200
|
-
}), !0) : (
|
|
1202
|
+
}), !0) : (N(Te), k((D) => ({
|
|
1203
|
+
...D,
|
|
1204
|
+
isLoading: !1
|
|
1205
|
+
})), !1);
|
|
1201
1206
|
}, Je = async (u) => {
|
|
1202
|
-
u == null || u.preventDefault(), await
|
|
1207
|
+
u == null || u.preventDefault(), await I(Xt);
|
|
1203
1208
|
}, xe = async () => {
|
|
1204
|
-
const { isAuthenticated: u, user:
|
|
1209
|
+
const { isAuthenticated: u, user: A } = R;
|
|
1205
1210
|
try {
|
|
1206
|
-
if (u &&
|
|
1211
|
+
if (u && A && A.userId) {
|
|
1207
1212
|
if (c) {
|
|
1208
|
-
const
|
|
1209
|
-
if (
|
|
1213
|
+
const C = await K(c);
|
|
1214
|
+
if (C && C.payload[w.USER_ID_KEY] !== "")
|
|
1210
1215
|
return c;
|
|
1211
1216
|
}
|
|
1212
|
-
const
|
|
1217
|
+
const E = await $e.refreshtoken({
|
|
1213
1218
|
clientId: r,
|
|
1214
|
-
userId:
|
|
1215
|
-
nonce:
|
|
1219
|
+
userId: A.userId,
|
|
1220
|
+
nonce: g,
|
|
1216
1221
|
domain: a
|
|
1217
1222
|
});
|
|
1218
|
-
return
|
|
1223
|
+
return E.status && E.status === "success" ? (d(E.newAccessToken), S(E.newRefreshToken), E.newAccessToken) : (await I(oe), "");
|
|
1219
1224
|
}
|
|
1220
|
-
return await
|
|
1225
|
+
return await I(oe), "";
|
|
1221
1226
|
} catch {
|
|
1222
|
-
return await
|
|
1227
|
+
return await I(oe), "";
|
|
1223
1228
|
}
|
|
1224
1229
|
}, je = () => {
|
|
1225
|
-
if (
|
|
1226
|
-
return
|
|
1230
|
+
if (R.isAuthenticated && o)
|
|
1231
|
+
return o;
|
|
1227
1232
|
};
|
|
1228
|
-
return /* @__PURE__ */
|
|
1233
|
+
return /* @__PURE__ */ Fe(
|
|
1229
1234
|
Le.Provider,
|
|
1230
1235
|
{
|
|
1231
|
-
value: { ...
|
|
1236
|
+
value: { ...R, login: We, logout: Je, getAccessToken: xe, getIdToken: je },
|
|
1232
1237
|
children: e
|
|
1233
1238
|
}
|
|
1234
1239
|
);
|
|
1235
|
-
}, dr = (e = Le) =>
|
|
1240
|
+
}, dr = (e = Le) => Qe(e);
|
|
1236
1241
|
export {
|
|
1237
|
-
|
|
1242
|
+
q as AUTH_TYPES,
|
|
1238
1243
|
ur as AuthProvider,
|
|
1239
1244
|
dr as useAuth
|
|
1240
1245
|
};
|