@versini/auth-provider 5.1.2 → 5.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +416 -402
- package/package.json +2 -2
package/dist/index.js
CHANGED
|
@@ -1,16 +1,16 @@
|
|
|
1
|
-
var
|
|
2
|
-
var
|
|
3
|
-
var
|
|
4
|
-
import { jsx as
|
|
5
|
-
import { useSyncExternalStore as
|
|
1
|
+
var Fe = Object.defineProperty;
|
|
2
|
+
var qe = (e, t, r) => t in e ? Fe(e, t, { enumerable: !0, configurable: !0, writable: !0, value: r }) : e[t] = r;
|
|
3
|
+
var H = (e, t, r) => qe(e, typeof t != "symbol" ? t + "" : t, r);
|
|
4
|
+
import { jsx as de } from "react/jsx-runtime";
|
|
5
|
+
import ze, { useSyncExternalStore as Xe, useCallback as D, useEffect as ve, createContext as Qe, useReducer as Ze, useRef as et, useContext as tt } from "react";
|
|
6
6
|
/*!
|
|
7
|
-
@versini/auth-provider v5.
|
|
7
|
+
@versini/auth-provider v5.2.0
|
|
8
8
|
© 2024 gizmette.com
|
|
9
9
|
*/
|
|
10
10
|
try {
|
|
11
11
|
window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
|
|
12
|
-
version: "5.
|
|
13
|
-
buildTime: "07/09/2024
|
|
12
|
+
version: "5.2.0",
|
|
13
|
+
buildTime: "07/09/2024 07:17 PM EDT",
|
|
14
14
|
homepage: "https://github.com/aversini/auth-client",
|
|
15
15
|
license: "MIT"
|
|
16
16
|
});
|
|
@@ -23,7 +23,7 @@ try {
|
|
|
23
23
|
try {
|
|
24
24
|
window.__VERSINI_AUTH_COMMON__ || (window.__VERSINI_AUTH_COMMON__ = {
|
|
25
25
|
version: "2.11.0",
|
|
26
|
-
buildTime: "07/09/2024
|
|
26
|
+
buildTime: "07/09/2024 07:17 PM EDT",
|
|
27
27
|
homepage: "https://github.com/aversini/auth-client",
|
|
28
28
|
license: "MIT"
|
|
29
29
|
});
|
|
@@ -35,7 +35,7 @@ const q = {
|
|
|
35
35
|
ID_AND_ACCESS_TOKEN: "id_token token",
|
|
36
36
|
CODE: "code",
|
|
37
37
|
REFRESH_TOKEN: "refresh_token"
|
|
38
|
-
},
|
|
38
|
+
}, rt = {
|
|
39
39
|
CLIENT_ID: "X-Auth-ClientId"
|
|
40
40
|
}, w = {
|
|
41
41
|
ALG: "RS256",
|
|
@@ -44,7 +44,7 @@ const q = {
|
|
|
44
44
|
NONCE_KEY: "_nonce",
|
|
45
45
|
USERNAME_KEY: "username",
|
|
46
46
|
ISSUER: "gizmette.com"
|
|
47
|
-
},
|
|
47
|
+
}, at = `-----BEGIN PUBLIC KEY-----
|
|
48
48
|
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6i3Jd9fY/3COqCw/m7
|
|
49
49
|
w5PKyTYLGAI2I6SIIdpe6i6DOCbEkmDz7LdVsBqwNtVi8gvWYIj+8ol6rU3qu1v5
|
|
50
50
|
i1Jd45GSK4kzkVdgCmQZbM5ak0KI99q5wsrAIzUd+LRJ2HRvWtr5IYdsIiXaQjle
|
|
@@ -56,29 +56,29 @@ awIDAQAB
|
|
|
56
56
|
AUTHENTICATE: "authenticate",
|
|
57
57
|
CODE: "code",
|
|
58
58
|
LOGOUT: "logout"
|
|
59
|
-
}, X = crypto, be = (e) => e instanceof CryptoKey,
|
|
60
|
-
function
|
|
61
|
-
const t = e.reduce((n, { length:
|
|
59
|
+
}, X = crypto, be = (e) => e instanceof CryptoKey, K = new TextEncoder(), Q = new TextDecoder();
|
|
60
|
+
function nt(...e) {
|
|
61
|
+
const t = e.reduce((n, { length: o }) => n + o, 0), r = new Uint8Array(t);
|
|
62
62
|
let a = 0;
|
|
63
63
|
for (const n of e)
|
|
64
64
|
r.set(n, a), a += n.length;
|
|
65
65
|
return r;
|
|
66
66
|
}
|
|
67
|
-
const
|
|
67
|
+
const st = (e) => {
|
|
68
68
|
const t = atob(e), r = new Uint8Array(t.length);
|
|
69
69
|
for (let a = 0; a < t.length; a++)
|
|
70
70
|
r[a] = t.charCodeAt(a);
|
|
71
71
|
return r;
|
|
72
|
-
},
|
|
72
|
+
}, Y = (e) => {
|
|
73
73
|
let t = e;
|
|
74
74
|
t instanceof Uint8Array && (t = Q.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
|
|
75
75
|
try {
|
|
76
|
-
return
|
|
76
|
+
return st(t);
|
|
77
77
|
} catch {
|
|
78
78
|
throw new TypeError("The input to be decoded is not correctly encoded.");
|
|
79
79
|
}
|
|
80
80
|
};
|
|
81
|
-
class
|
|
81
|
+
class R extends Error {
|
|
82
82
|
static get code() {
|
|
83
83
|
return "ERR_JOSE_GENERIC";
|
|
84
84
|
}
|
|
@@ -87,7 +87,7 @@ class C extends Error {
|
|
|
87
87
|
super(t), this.code = "ERR_JOSE_GENERIC", this.name = this.constructor.name, (r = Error.captureStackTrace) == null || r.call(Error, this, this.constructor);
|
|
88
88
|
}
|
|
89
89
|
}
|
|
90
|
-
class
|
|
90
|
+
class T extends R {
|
|
91
91
|
static get code() {
|
|
92
92
|
return "ERR_JWT_CLAIM_VALIDATION_FAILED";
|
|
93
93
|
}
|
|
@@ -95,7 +95,7 @@ class A extends C {
|
|
|
95
95
|
super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = a, this.reason = n, this.payload = r;
|
|
96
96
|
}
|
|
97
97
|
}
|
|
98
|
-
class le extends
|
|
98
|
+
class le extends R {
|
|
99
99
|
static get code() {
|
|
100
100
|
return "ERR_JWT_EXPIRED";
|
|
101
101
|
}
|
|
@@ -103,7 +103,7 @@ class le extends C {
|
|
|
103
103
|
super(t), this.code = "ERR_JWT_EXPIRED", this.claim = a, this.reason = n, this.payload = r;
|
|
104
104
|
}
|
|
105
105
|
}
|
|
106
|
-
class
|
|
106
|
+
class ot extends R {
|
|
107
107
|
constructor() {
|
|
108
108
|
super(...arguments), this.code = "ERR_JOSE_ALG_NOT_ALLOWED";
|
|
109
109
|
}
|
|
@@ -111,7 +111,7 @@ class at extends C {
|
|
|
111
111
|
return "ERR_JOSE_ALG_NOT_ALLOWED";
|
|
112
112
|
}
|
|
113
113
|
}
|
|
114
|
-
class
|
|
114
|
+
class v extends R {
|
|
115
115
|
constructor() {
|
|
116
116
|
super(...arguments), this.code = "ERR_JOSE_NOT_SUPPORTED";
|
|
117
117
|
}
|
|
@@ -119,7 +119,7 @@ class b extends C {
|
|
|
119
119
|
return "ERR_JOSE_NOT_SUPPORTED";
|
|
120
120
|
}
|
|
121
121
|
}
|
|
122
|
-
class f extends
|
|
122
|
+
class f extends R {
|
|
123
123
|
constructor() {
|
|
124
124
|
super(...arguments), this.code = "ERR_JWS_INVALID";
|
|
125
125
|
}
|
|
@@ -127,7 +127,7 @@ class f extends C {
|
|
|
127
127
|
return "ERR_JWS_INVALID";
|
|
128
128
|
}
|
|
129
129
|
}
|
|
130
|
-
let
|
|
130
|
+
let Ie = class extends R {
|
|
131
131
|
constructor() {
|
|
132
132
|
super(...arguments), this.code = "ERR_JWT_INVALID";
|
|
133
133
|
}
|
|
@@ -135,7 +135,7 @@ let Re = class extends C {
|
|
|
135
135
|
return "ERR_JWT_INVALID";
|
|
136
136
|
}
|
|
137
137
|
};
|
|
138
|
-
class
|
|
138
|
+
class it extends R {
|
|
139
139
|
constructor() {
|
|
140
140
|
super(...arguments), this.code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED", this.message = "signature verification failed";
|
|
141
141
|
}
|
|
@@ -146,13 +146,13 @@ class nt extends C {
|
|
|
146
146
|
function k(e, t = "algorithm.name") {
|
|
147
147
|
return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`);
|
|
148
148
|
}
|
|
149
|
-
function
|
|
149
|
+
function L(e, t) {
|
|
150
150
|
return e.name === t;
|
|
151
151
|
}
|
|
152
|
-
function
|
|
152
|
+
function ee(e) {
|
|
153
153
|
return parseInt(e.name.slice(4), 10);
|
|
154
154
|
}
|
|
155
|
-
function
|
|
155
|
+
function ct(e) {
|
|
156
156
|
switch (e) {
|
|
157
157
|
case "ES256":
|
|
158
158
|
return "P-256";
|
|
@@ -164,7 +164,7 @@ function st(e) {
|
|
|
164
164
|
throw new Error("unreachable");
|
|
165
165
|
}
|
|
166
166
|
}
|
|
167
|
-
function
|
|
167
|
+
function ut(e, t) {
|
|
168
168
|
if (t.length && !t.some((r) => e.usages.includes(r))) {
|
|
169
169
|
let r = "CryptoKey does not support this operation, its usages must include ";
|
|
170
170
|
if (t.length > 2) {
|
|
@@ -174,35 +174,35 @@ function ot(e, t) {
|
|
|
174
174
|
throw new TypeError(r);
|
|
175
175
|
}
|
|
176
176
|
}
|
|
177
|
-
function
|
|
177
|
+
function dt(e, t, ...r) {
|
|
178
178
|
switch (t) {
|
|
179
179
|
case "HS256":
|
|
180
180
|
case "HS384":
|
|
181
181
|
case "HS512": {
|
|
182
|
-
if (!
|
|
182
|
+
if (!L(e.algorithm, "HMAC"))
|
|
183
183
|
throw k("HMAC");
|
|
184
184
|
const a = parseInt(t.slice(2), 10);
|
|
185
|
-
if (
|
|
185
|
+
if (ee(e.algorithm.hash) !== a)
|
|
186
186
|
throw k(`SHA-${a}`, "algorithm.hash");
|
|
187
187
|
break;
|
|
188
188
|
}
|
|
189
189
|
case "RS256":
|
|
190
190
|
case "RS384":
|
|
191
191
|
case "RS512": {
|
|
192
|
-
if (!
|
|
192
|
+
if (!L(e.algorithm, "RSASSA-PKCS1-v1_5"))
|
|
193
193
|
throw k("RSASSA-PKCS1-v1_5");
|
|
194
194
|
const a = parseInt(t.slice(2), 10);
|
|
195
|
-
if (
|
|
195
|
+
if (ee(e.algorithm.hash) !== a)
|
|
196
196
|
throw k(`SHA-${a}`, "algorithm.hash");
|
|
197
197
|
break;
|
|
198
198
|
}
|
|
199
199
|
case "PS256":
|
|
200
200
|
case "PS384":
|
|
201
201
|
case "PS512": {
|
|
202
|
-
if (!
|
|
202
|
+
if (!L(e.algorithm, "RSA-PSS"))
|
|
203
203
|
throw k("RSA-PSS");
|
|
204
204
|
const a = parseInt(t.slice(2), 10);
|
|
205
|
-
if (
|
|
205
|
+
if (ee(e.algorithm.hash) !== a)
|
|
206
206
|
throw k(`SHA-${a}`, "algorithm.hash");
|
|
207
207
|
break;
|
|
208
208
|
}
|
|
@@ -214,9 +214,9 @@ function it(e, t, ...r) {
|
|
|
214
214
|
case "ES256":
|
|
215
215
|
case "ES384":
|
|
216
216
|
case "ES512": {
|
|
217
|
-
if (!
|
|
217
|
+
if (!L(e.algorithm, "ECDSA"))
|
|
218
218
|
throw k("ECDSA");
|
|
219
|
-
const a =
|
|
219
|
+
const a = ct(t);
|
|
220
220
|
if (e.algorithm.namedCurve !== a)
|
|
221
221
|
throw k(a, "algorithm.namedCurve");
|
|
222
222
|
break;
|
|
@@ -224,9 +224,9 @@ function it(e, t, ...r) {
|
|
|
224
224
|
default:
|
|
225
225
|
throw new TypeError("CryptoKey does not support this operation");
|
|
226
226
|
}
|
|
227
|
-
|
|
227
|
+
ut(e, r);
|
|
228
228
|
}
|
|
229
|
-
function
|
|
229
|
+
function Re(e, t, ...r) {
|
|
230
230
|
var a;
|
|
231
231
|
if (r.length > 2) {
|
|
232
232
|
const n = r.pop();
|
|
@@ -234,11 +234,11 @@ function Ie(e, t, ...r) {
|
|
|
234
234
|
} else r.length === 2 ? e += `one of type ${r[0]} or ${r[1]}.` : e += `of type ${r[0]}.`;
|
|
235
235
|
return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (a = t.constructor) != null && a.name && (e += ` Received an instance of ${t.constructor.name}`), e;
|
|
236
236
|
}
|
|
237
|
-
const he = (e, ...t) =>
|
|
237
|
+
const he = (e, ...t) => Re("Key must be ", e, ...t);
|
|
238
238
|
function Ce(e, t, ...r) {
|
|
239
|
-
return
|
|
239
|
+
return Re(`Key for the ${e} algorithm must be `, t, ...r);
|
|
240
240
|
}
|
|
241
|
-
const Pe = (e) => be(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject",
|
|
241
|
+
const Pe = (e) => be(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", F = ["CryptoKey"], lt = (...e) => {
|
|
242
242
|
const t = e.filter(Boolean);
|
|
243
243
|
if (t.length === 0 || t.length === 1)
|
|
244
244
|
return !0;
|
|
@@ -249,19 +249,19 @@ const Pe = (e) => be(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) ===
|
|
|
249
249
|
r = new Set(n);
|
|
250
250
|
continue;
|
|
251
251
|
}
|
|
252
|
-
for (const
|
|
253
|
-
if (r.has(
|
|
252
|
+
for (const o of n) {
|
|
253
|
+
if (r.has(o))
|
|
254
254
|
return !1;
|
|
255
|
-
r.add(
|
|
255
|
+
r.add(o);
|
|
256
256
|
}
|
|
257
257
|
}
|
|
258
258
|
return !0;
|
|
259
259
|
};
|
|
260
|
-
function
|
|
260
|
+
function ht(e) {
|
|
261
261
|
return typeof e == "object" && e !== null;
|
|
262
262
|
}
|
|
263
|
-
function
|
|
264
|
-
if (!
|
|
263
|
+
function oe(e) {
|
|
264
|
+
if (!ht(e) || Object.prototype.toString.call(e) !== "[object Object]")
|
|
265
265
|
return !1;
|
|
266
266
|
if (Object.getPrototypeOf(e) === null)
|
|
267
267
|
return !0;
|
|
@@ -270,14 +270,14 @@ function ie(e) {
|
|
|
270
270
|
t = Object.getPrototypeOf(t);
|
|
271
271
|
return Object.getPrototypeOf(e) === t;
|
|
272
272
|
}
|
|
273
|
-
const
|
|
273
|
+
const pt = (e, t) => {
|
|
274
274
|
if (e.startsWith("RS") || e.startsWith("PS")) {
|
|
275
275
|
const { modulusLength: r } = t.algorithm;
|
|
276
276
|
if (typeof r != "number" || r < 2048)
|
|
277
277
|
throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`);
|
|
278
278
|
}
|
|
279
279
|
};
|
|
280
|
-
function
|
|
280
|
+
function ft(e) {
|
|
281
281
|
let t, r;
|
|
282
282
|
switch (e.kty) {
|
|
283
283
|
case "RSA": {
|
|
@@ -302,7 +302,7 @@ function lt(e) {
|
|
|
302
302
|
}, r = e.d ? ["decrypt", "unwrapKey"] : ["encrypt", "wrapKey"];
|
|
303
303
|
break;
|
|
304
304
|
default:
|
|
305
|
-
throw new
|
|
305
|
+
throw new v('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
|
|
306
306
|
}
|
|
307
307
|
break;
|
|
308
308
|
}
|
|
@@ -324,7 +324,7 @@ function lt(e) {
|
|
|
324
324
|
t = { name: "ECDH", namedCurve: e.crv }, r = e.d ? ["deriveBits"] : [];
|
|
325
325
|
break;
|
|
326
326
|
default:
|
|
327
|
-
throw new
|
|
327
|
+
throw new v('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
|
|
328
328
|
}
|
|
329
329
|
break;
|
|
330
330
|
}
|
|
@@ -340,168 +340,168 @@ function lt(e) {
|
|
|
340
340
|
t = { name: e.crv }, r = e.d ? ["deriveBits"] : [];
|
|
341
341
|
break;
|
|
342
342
|
default:
|
|
343
|
-
throw new
|
|
343
|
+
throw new v('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
|
|
344
344
|
}
|
|
345
345
|
break;
|
|
346
346
|
}
|
|
347
347
|
default:
|
|
348
|
-
throw new
|
|
348
|
+
throw new v('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
|
|
349
349
|
}
|
|
350
350
|
return { algorithm: t, keyUsages: r };
|
|
351
351
|
}
|
|
352
|
-
const
|
|
352
|
+
const yt = async (e) => {
|
|
353
353
|
if (!e.alg)
|
|
354
354
|
throw new TypeError('"alg" argument is required when "jwk.alg" is not present');
|
|
355
|
-
const { algorithm: t, keyUsages: r } =
|
|
355
|
+
const { algorithm: t, keyUsages: r } = ft(e), a = [
|
|
356
356
|
t,
|
|
357
357
|
e.ext ?? !1,
|
|
358
358
|
e.key_ops ?? r
|
|
359
359
|
], n = { ...e };
|
|
360
360
|
return delete n.alg, delete n.use, X.subtle.importKey("jwk", n, ...a);
|
|
361
|
-
}, Oe = (e) =>
|
|
362
|
-
let
|
|
361
|
+
}, Oe = (e) => Y(e);
|
|
362
|
+
let te, re;
|
|
363
363
|
const De = (e) => (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", Ue = async (e, t, r, a) => {
|
|
364
364
|
let n = e.get(t);
|
|
365
365
|
if (n != null && n[a])
|
|
366
366
|
return n[a];
|
|
367
|
-
const
|
|
368
|
-
return n ? n[a] =
|
|
369
|
-
},
|
|
367
|
+
const o = await yt({ ...r, alg: a });
|
|
368
|
+
return n ? n[a] = o : e.set(t, { [a]: o }), o;
|
|
369
|
+
}, wt = (e, t) => {
|
|
370
370
|
if (De(e)) {
|
|
371
371
|
let r = e.export({ format: "jwk" });
|
|
372
|
-
return delete r.d, delete r.dp, delete r.dq, delete r.p, delete r.q, delete r.qi, r.k ? Oe(r.k) : (
|
|
372
|
+
return delete r.d, delete r.dp, delete r.dq, delete r.p, delete r.q, delete r.qi, r.k ? Oe(r.k) : (re || (re = /* @__PURE__ */ new WeakMap()), Ue(re, e, r, t));
|
|
373
373
|
}
|
|
374
374
|
return e;
|
|
375
|
-
},
|
|
375
|
+
}, mt = (e, t) => {
|
|
376
376
|
if (De(e)) {
|
|
377
377
|
let r = e.export({ format: "jwk" });
|
|
378
|
-
return r.k ? Oe(r.k) : (
|
|
378
|
+
return r.k ? Oe(r.k) : (te || (te = /* @__PURE__ */ new WeakMap()), Ue(te, e, r, t));
|
|
379
379
|
}
|
|
380
380
|
return e;
|
|
381
|
-
},
|
|
381
|
+
}, Et = { normalizePublicKey: wt, normalizePrivateKey: mt }, _ = (e, t, r = 0) => {
|
|
382
382
|
r === 0 && (t.unshift(t.length), t.unshift(6));
|
|
383
383
|
const a = e.indexOf(t[0], r);
|
|
384
384
|
if (a === -1)
|
|
385
385
|
return !1;
|
|
386
386
|
const n = e.subarray(a, a + t.length);
|
|
387
|
-
return n.length !== t.length ? !1 : n.every((
|
|
388
|
-
},
|
|
387
|
+
return n.length !== t.length ? !1 : n.every((o, s) => o === t[s]) || _(e, t, a + 1);
|
|
388
|
+
}, pe = (e) => {
|
|
389
389
|
switch (!0) {
|
|
390
|
-
case
|
|
390
|
+
case _(e, [42, 134, 72, 206, 61, 3, 1, 7]):
|
|
391
391
|
return "P-256";
|
|
392
|
-
case
|
|
392
|
+
case _(e, [43, 129, 4, 0, 34]):
|
|
393
393
|
return "P-384";
|
|
394
|
-
case
|
|
394
|
+
case _(e, [43, 129, 4, 0, 35]):
|
|
395
395
|
return "P-521";
|
|
396
|
-
case
|
|
396
|
+
case _(e, [43, 101, 110]):
|
|
397
397
|
return "X25519";
|
|
398
|
-
case
|
|
398
|
+
case _(e, [43, 101, 111]):
|
|
399
399
|
return "X448";
|
|
400
|
-
case
|
|
400
|
+
case _(e, [43, 101, 112]):
|
|
401
401
|
return "Ed25519";
|
|
402
|
-
case
|
|
402
|
+
case _(e, [43, 101, 113]):
|
|
403
403
|
return "Ed448";
|
|
404
404
|
default:
|
|
405
|
-
throw new
|
|
405
|
+
throw new v("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
|
|
406
406
|
}
|
|
407
|
-
},
|
|
408
|
-
let
|
|
407
|
+
}, St = async (e, t, r, a, n) => {
|
|
408
|
+
let o, s;
|
|
409
409
|
const i = new Uint8Array(atob(r.replace(e, "")).split("").map((c) => c.charCodeAt(0)));
|
|
410
410
|
switch (a) {
|
|
411
411
|
case "PS256":
|
|
412
412
|
case "PS384":
|
|
413
413
|
case "PS512":
|
|
414
|
-
|
|
414
|
+
o = { name: "RSA-PSS", hash: `SHA-${a.slice(-3)}` }, s = ["verify"];
|
|
415
415
|
break;
|
|
416
416
|
case "RS256":
|
|
417
417
|
case "RS384":
|
|
418
418
|
case "RS512":
|
|
419
|
-
|
|
419
|
+
o = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${a.slice(-3)}` }, s = ["verify"];
|
|
420
420
|
break;
|
|
421
421
|
case "RSA-OAEP":
|
|
422
422
|
case "RSA-OAEP-256":
|
|
423
423
|
case "RSA-OAEP-384":
|
|
424
424
|
case "RSA-OAEP-512":
|
|
425
|
-
|
|
425
|
+
o = {
|
|
426
426
|
name: "RSA-OAEP",
|
|
427
427
|
hash: `SHA-${parseInt(a.slice(-3), 10) || 1}`
|
|
428
|
-
},
|
|
428
|
+
}, s = ["encrypt", "wrapKey"];
|
|
429
429
|
break;
|
|
430
430
|
case "ES256":
|
|
431
|
-
|
|
431
|
+
o = { name: "ECDSA", namedCurve: "P-256" }, s = ["verify"];
|
|
432
432
|
break;
|
|
433
433
|
case "ES384":
|
|
434
|
-
|
|
434
|
+
o = { name: "ECDSA", namedCurve: "P-384" }, s = ["verify"];
|
|
435
435
|
break;
|
|
436
436
|
case "ES512":
|
|
437
|
-
|
|
437
|
+
o = { name: "ECDSA", namedCurve: "P-521" }, s = ["verify"];
|
|
438
438
|
break;
|
|
439
439
|
case "ECDH-ES":
|
|
440
440
|
case "ECDH-ES+A128KW":
|
|
441
441
|
case "ECDH-ES+A192KW":
|
|
442
442
|
case "ECDH-ES+A256KW": {
|
|
443
|
-
const c =
|
|
444
|
-
|
|
443
|
+
const c = pe(i);
|
|
444
|
+
o = c.startsWith("P-") ? { name: "ECDH", namedCurve: c } : { name: c }, s = [];
|
|
445
445
|
break;
|
|
446
446
|
}
|
|
447
447
|
case "EdDSA":
|
|
448
|
-
|
|
448
|
+
o = { name: pe(i) }, s = ["verify"];
|
|
449
449
|
break;
|
|
450
450
|
default:
|
|
451
|
-
throw new
|
|
451
|
+
throw new v('Invalid or unsupported "alg" (Algorithm) value');
|
|
452
452
|
}
|
|
453
|
-
return X.subtle.importKey(t, i,
|
|
454
|
-
},
|
|
455
|
-
async function
|
|
453
|
+
return X.subtle.importKey(t, i, o, !1, s);
|
|
454
|
+
}, gt = (e, t, r) => St(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
|
|
455
|
+
async function At(e, t, r) {
|
|
456
456
|
if (e.indexOf("-----BEGIN PUBLIC KEY-----") !== 0)
|
|
457
457
|
throw new TypeError('"spki" must be SPKI formatted string');
|
|
458
|
-
return
|
|
458
|
+
return gt(e, t);
|
|
459
459
|
}
|
|
460
|
-
const
|
|
460
|
+
const V = (e) => e == null ? void 0 : e[Symbol.toStringTag], Tt = (e, t) => {
|
|
461
461
|
if (!(t instanceof Uint8Array)) {
|
|
462
462
|
if (!Pe(t))
|
|
463
|
-
throw new TypeError(Ce(e, t, ...
|
|
463
|
+
throw new TypeError(Ce(e, t, ...F, "Uint8Array"));
|
|
464
464
|
if (t.type !== "secret")
|
|
465
|
-
throw new TypeError(`${
|
|
465
|
+
throw new TypeError(`${V(t)} instances for symmetric algorithms must be of type "secret"`);
|
|
466
466
|
}
|
|
467
|
-
},
|
|
467
|
+
}, kt = (e, t, r) => {
|
|
468
468
|
if (!Pe(t))
|
|
469
|
-
throw new TypeError(Ce(e, t, ...
|
|
469
|
+
throw new TypeError(Ce(e, t, ...F));
|
|
470
470
|
if (t.type === "secret")
|
|
471
|
-
throw new TypeError(`${
|
|
471
|
+
throw new TypeError(`${V(t)} instances for asymmetric algorithms must not be of type "secret"`);
|
|
472
472
|
if (t.algorithm && r === "verify" && t.type === "private")
|
|
473
|
-
throw new TypeError(`${
|
|
473
|
+
throw new TypeError(`${V(t)} instances for asymmetric algorithm verifying must be of type "public"`);
|
|
474
474
|
if (t.algorithm && r === "encrypt" && t.type === "private")
|
|
475
|
-
throw new TypeError(`${
|
|
476
|
-
},
|
|
477
|
-
e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ?
|
|
475
|
+
throw new TypeError(`${V(t)} instances for asymmetric algorithm encryption must be of type "public"`);
|
|
476
|
+
}, _t = (e, t, r) => {
|
|
477
|
+
e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? Tt(e, t) : kt(e, t, r);
|
|
478
478
|
};
|
|
479
|
-
function
|
|
479
|
+
function vt(e, t, r, a, n) {
|
|
480
480
|
if (n.crit !== void 0 && (a == null ? void 0 : a.crit) === void 0)
|
|
481
481
|
throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');
|
|
482
482
|
if (!a || a.crit === void 0)
|
|
483
483
|
return /* @__PURE__ */ new Set();
|
|
484
|
-
if (!Array.isArray(a.crit) || a.crit.length === 0 || a.crit.some((
|
|
484
|
+
if (!Array.isArray(a.crit) || a.crit.length === 0 || a.crit.some((s) => typeof s != "string" || s.length === 0))
|
|
485
485
|
throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');
|
|
486
|
-
let
|
|
487
|
-
r !== void 0 ?
|
|
488
|
-
for (const
|
|
489
|
-
if (!
|
|
490
|
-
throw new
|
|
491
|
-
if (n[
|
|
492
|
-
throw new e(`Extension Header Parameter "${
|
|
493
|
-
if (
|
|
494
|
-
throw new e(`Extension Header Parameter "${
|
|
486
|
+
let o;
|
|
487
|
+
r !== void 0 ? o = new Map([...Object.entries(r), ...t.entries()]) : o = t;
|
|
488
|
+
for (const s of a.crit) {
|
|
489
|
+
if (!o.has(s))
|
|
490
|
+
throw new v(`Extension Header Parameter "${s}" is not recognized`);
|
|
491
|
+
if (n[s] === void 0)
|
|
492
|
+
throw new e(`Extension Header Parameter "${s}" is missing`);
|
|
493
|
+
if (o.get(s) && a[s] === void 0)
|
|
494
|
+
throw new e(`Extension Header Parameter "${s}" MUST be integrity protected`);
|
|
495
495
|
}
|
|
496
496
|
return new Set(a.crit);
|
|
497
497
|
}
|
|
498
|
-
const
|
|
498
|
+
const bt = (e, t) => {
|
|
499
499
|
if (t !== void 0 && (!Array.isArray(t) || t.some((r) => typeof r != "string")))
|
|
500
500
|
throw new TypeError(`"${e}" option must be an array of strings`);
|
|
501
501
|
if (t)
|
|
502
502
|
return new Set(t);
|
|
503
503
|
};
|
|
504
|
-
function
|
|
504
|
+
function It(e, t) {
|
|
505
505
|
const r = `SHA-${e.slice(-3)}`;
|
|
506
506
|
switch (e) {
|
|
507
507
|
case "HS256":
|
|
@@ -523,31 +523,31 @@ function _t(e, t) {
|
|
|
523
523
|
case "EdDSA":
|
|
524
524
|
return { name: t.name };
|
|
525
525
|
default:
|
|
526
|
-
throw new
|
|
526
|
+
throw new v(`alg ${e} is not supported either by JOSE or your javascript runtime`);
|
|
527
527
|
}
|
|
528
528
|
}
|
|
529
|
-
async function
|
|
530
|
-
if (t = await
|
|
531
|
-
return
|
|
529
|
+
async function Rt(e, t, r) {
|
|
530
|
+
if (t = await Et.normalizePublicKey(t, e), be(t))
|
|
531
|
+
return dt(t, e, r), t;
|
|
532
532
|
if (t instanceof Uint8Array) {
|
|
533
533
|
if (!e.startsWith("HS"))
|
|
534
|
-
throw new TypeError(he(t, ...
|
|
534
|
+
throw new TypeError(he(t, ...F));
|
|
535
535
|
return X.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [r]);
|
|
536
536
|
}
|
|
537
|
-
throw new TypeError(he(t, ...
|
|
537
|
+
throw new TypeError(he(t, ...F, "Uint8Array"));
|
|
538
538
|
}
|
|
539
|
-
const
|
|
540
|
-
const n = await
|
|
541
|
-
|
|
542
|
-
const
|
|
539
|
+
const Ct = async (e, t, r, a) => {
|
|
540
|
+
const n = await Rt(e, t, "verify");
|
|
541
|
+
pt(e, n);
|
|
542
|
+
const o = It(e, n.algorithm);
|
|
543
543
|
try {
|
|
544
|
-
return await X.subtle.verify(
|
|
544
|
+
return await X.subtle.verify(o, n, r, a);
|
|
545
545
|
} catch {
|
|
546
546
|
return !1;
|
|
547
547
|
}
|
|
548
548
|
};
|
|
549
|
-
async function
|
|
550
|
-
if (!
|
|
549
|
+
async function Pt(e, t, r) {
|
|
550
|
+
if (!oe(e))
|
|
551
551
|
throw new f("Flattened JWS must be an object");
|
|
552
552
|
if (e.protected === void 0 && e.header === void 0)
|
|
553
553
|
throw new f('Flattened JWS must have either of the "protected" or "header" members');
|
|
@@ -557,69 +557,69 @@ async function Rt(e, t, r) {
|
|
|
557
557
|
throw new f("JWS Payload missing");
|
|
558
558
|
if (typeof e.signature != "string")
|
|
559
559
|
throw new f("JWS Signature missing or incorrect type");
|
|
560
|
-
if (e.header !== void 0 && !
|
|
560
|
+
if (e.header !== void 0 && !oe(e.header))
|
|
561
561
|
throw new f("JWS Unprotected Header incorrect type");
|
|
562
562
|
let a = {};
|
|
563
563
|
if (e.protected)
|
|
564
564
|
try {
|
|
565
|
-
const
|
|
566
|
-
a = JSON.parse(Q.decode(
|
|
565
|
+
const E = Y(e.protected);
|
|
566
|
+
a = JSON.parse(Q.decode(E));
|
|
567
567
|
} catch {
|
|
568
568
|
throw new f("JWS Protected Header is invalid");
|
|
569
569
|
}
|
|
570
|
-
if (!
|
|
570
|
+
if (!lt(a, e.header))
|
|
571
571
|
throw new f("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
|
|
572
572
|
const n = {
|
|
573
573
|
...a,
|
|
574
574
|
...e.header
|
|
575
|
-
},
|
|
576
|
-
let
|
|
577
|
-
if (
|
|
575
|
+
}, o = vt(f, /* @__PURE__ */ new Map([["b64", !0]]), r == null ? void 0 : r.crit, a, n);
|
|
576
|
+
let s = !0;
|
|
577
|
+
if (o.has("b64") && (s = a.b64, typeof s != "boolean"))
|
|
578
578
|
throw new f('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
|
|
579
579
|
const { alg: i } = n;
|
|
580
580
|
if (typeof i != "string" || !i)
|
|
581
581
|
throw new f('JWS "alg" (Algorithm) Header Parameter missing or invalid');
|
|
582
|
-
const c = r &&
|
|
582
|
+
const c = r && bt("algorithms", r.algorithms);
|
|
583
583
|
if (c && !c.has(i))
|
|
584
|
-
throw new
|
|
585
|
-
if (
|
|
584
|
+
throw new ot('"alg" (Algorithm) Header Parameter value not allowed');
|
|
585
|
+
if (s) {
|
|
586
586
|
if (typeof e.payload != "string")
|
|
587
587
|
throw new f("JWS Payload must be a string");
|
|
588
588
|
} else if (typeof e.payload != "string" && !(e.payload instanceof Uint8Array))
|
|
589
589
|
throw new f("JWS Payload must be a string or an Uint8Array instance");
|
|
590
590
|
let d = !1;
|
|
591
|
-
typeof t == "function" && (t = await t(a, e), d = !0),
|
|
592
|
-
const
|
|
591
|
+
typeof t == "function" && (t = await t(a, e), d = !0), _t(i, t, "verify");
|
|
592
|
+
const l = nt(K.encode(e.protected ?? ""), K.encode("."), typeof e.payload == "string" ? K.encode(e.payload) : e.payload);
|
|
593
593
|
let y;
|
|
594
594
|
try {
|
|
595
|
-
y =
|
|
595
|
+
y = Y(e.signature);
|
|
596
596
|
} catch {
|
|
597
597
|
throw new f("Failed to base64url decode the signature");
|
|
598
598
|
}
|
|
599
|
-
if (!await
|
|
600
|
-
throw new
|
|
601
|
-
let
|
|
602
|
-
if (
|
|
599
|
+
if (!await Ct(i, t, y, l))
|
|
600
|
+
throw new it();
|
|
601
|
+
let S;
|
|
602
|
+
if (s)
|
|
603
603
|
try {
|
|
604
|
-
|
|
604
|
+
S = Y(e.payload);
|
|
605
605
|
} catch {
|
|
606
606
|
throw new f("Failed to base64url decode the payload");
|
|
607
607
|
}
|
|
608
|
-
else typeof e.payload == "string" ?
|
|
609
|
-
const m = { payload:
|
|
608
|
+
else typeof e.payload == "string" ? S = K.encode(e.payload) : S = e.payload;
|
|
609
|
+
const m = { payload: S };
|
|
610
610
|
return e.protected !== void 0 && (m.protectedHeader = a), e.header !== void 0 && (m.unprotectedHeader = e.header), d ? { ...m, key: t } : m;
|
|
611
611
|
}
|
|
612
|
-
async function
|
|
612
|
+
async function Ot(e, t, r) {
|
|
613
613
|
if (e instanceof Uint8Array && (e = Q.decode(e)), typeof e != "string")
|
|
614
614
|
throw new f("Compact JWS must be a string or Uint8Array");
|
|
615
|
-
const { 0: a, 1: n, 2:
|
|
616
|
-
if (
|
|
615
|
+
const { 0: a, 1: n, 2: o, length: s } = e.split(".");
|
|
616
|
+
if (s !== 3)
|
|
617
617
|
throw new f("Invalid Compact JWS");
|
|
618
|
-
const i = await
|
|
618
|
+
const i = await Pt({ payload: n, protected: a, signature: o }, t, r), c = { payload: i.payload, protectedHeader: i.protectedHeader };
|
|
619
619
|
return typeof t == "function" ? { ...c, key: i.key } : c;
|
|
620
620
|
}
|
|
621
|
-
const
|
|
622
|
-
const t =
|
|
621
|
+
const Dt = (e) => Math.floor(e.getTime() / 1e3), Ne = 60, He = Ne * 60, ie = He * 24, Ut = ie * 7, Nt = ie * 365.25, Ht = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, fe = (e) => {
|
|
622
|
+
const t = Ht.exec(e);
|
|
623
623
|
if (!t || t[4] && t[1])
|
|
624
624
|
throw new TypeError("Invalid time period format");
|
|
625
625
|
const r = parseFloat(t[2]), a = t[3].toLowerCase();
|
|
@@ -637,56 +637,56 @@ const Ct = (e) => Math.floor(e.getTime() / 1e3), He = 60, Ke = He * 60, ce = Ke
|
|
|
637
637
|
case "min":
|
|
638
638
|
case "mins":
|
|
639
639
|
case "m":
|
|
640
|
-
n = Math.round(r *
|
|
640
|
+
n = Math.round(r * Ne);
|
|
641
641
|
break;
|
|
642
642
|
case "hour":
|
|
643
643
|
case "hours":
|
|
644
644
|
case "hr":
|
|
645
645
|
case "hrs":
|
|
646
646
|
case "h":
|
|
647
|
-
n = Math.round(r *
|
|
647
|
+
n = Math.round(r * He);
|
|
648
648
|
break;
|
|
649
649
|
case "day":
|
|
650
650
|
case "days":
|
|
651
651
|
case "d":
|
|
652
|
-
n = Math.round(r *
|
|
652
|
+
n = Math.round(r * ie);
|
|
653
653
|
break;
|
|
654
654
|
case "week":
|
|
655
655
|
case "weeks":
|
|
656
656
|
case "w":
|
|
657
|
-
n = Math.round(r *
|
|
657
|
+
n = Math.round(r * Ut);
|
|
658
658
|
break;
|
|
659
659
|
default:
|
|
660
|
-
n = Math.round(r *
|
|
660
|
+
n = Math.round(r * Nt);
|
|
661
661
|
break;
|
|
662
662
|
}
|
|
663
663
|
return t[1] === "-" || t[4] === "ago" ? -n : n;
|
|
664
|
-
}, ye = (e) => e.toLowerCase().replace(/^application\//, ""),
|
|
664
|
+
}, ye = (e) => e.toLowerCase().replace(/^application\//, ""), Kt = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, Lt = (e, t, r = {}) => {
|
|
665
665
|
let a;
|
|
666
666
|
try {
|
|
667
667
|
a = JSON.parse(Q.decode(t));
|
|
668
668
|
} catch {
|
|
669
669
|
}
|
|
670
|
-
if (!
|
|
671
|
-
throw new
|
|
670
|
+
if (!oe(a))
|
|
671
|
+
throw new Ie("JWT Claims Set must be a top-level JSON object");
|
|
672
672
|
const { typ: n } = r;
|
|
673
673
|
if (n && (typeof e.typ != "string" || ye(e.typ) !== ye(n)))
|
|
674
|
-
throw new
|
|
675
|
-
const { requiredClaims:
|
|
676
|
-
d !== void 0 &&
|
|
677
|
-
for (const
|
|
678
|
-
if (!(
|
|
679
|
-
throw new
|
|
680
|
-
if (
|
|
681
|
-
throw new
|
|
674
|
+
throw new T('unexpected "typ" JWT header value', a, "typ", "check_failed");
|
|
675
|
+
const { requiredClaims: o = [], issuer: s, subject: i, audience: c, maxTokenAge: d } = r, l = [...o];
|
|
676
|
+
d !== void 0 && l.push("iat"), c !== void 0 && l.push("aud"), i !== void 0 && l.push("sub"), s !== void 0 && l.push("iss");
|
|
677
|
+
for (const E of new Set(l.reverse()))
|
|
678
|
+
if (!(E in a))
|
|
679
|
+
throw new T(`missing required "${E}" claim`, a, E, "missing");
|
|
680
|
+
if (s && !(Array.isArray(s) ? s : [s]).includes(a.iss))
|
|
681
|
+
throw new T('unexpected "iss" claim value', a, "iss", "check_failed");
|
|
682
682
|
if (i && a.sub !== i)
|
|
683
|
-
throw new
|
|
684
|
-
if (c && !
|
|
685
|
-
throw new
|
|
683
|
+
throw new T('unexpected "sub" claim value', a, "sub", "check_failed");
|
|
684
|
+
if (c && !Kt(a.aud, typeof c == "string" ? [c] : c))
|
|
685
|
+
throw new T('unexpected "aud" claim value', a, "aud", "check_failed");
|
|
686
686
|
let y;
|
|
687
687
|
switch (typeof r.clockTolerance) {
|
|
688
688
|
case "string":
|
|
689
|
-
y =
|
|
689
|
+
y = fe(r.clockTolerance);
|
|
690
690
|
break;
|
|
691
691
|
case "number":
|
|
692
692
|
y = r.clockTolerance;
|
|
@@ -697,199 +697,201 @@ const Ct = (e) => Math.floor(e.getTime() / 1e3), He = 60, Ke = He * 60, ce = Ke
|
|
|
697
697
|
default:
|
|
698
698
|
throw new TypeError("Invalid clockTolerance option type");
|
|
699
699
|
}
|
|
700
|
-
const { currentDate:
|
|
700
|
+
const { currentDate: S } = r, m = Dt(S || /* @__PURE__ */ new Date());
|
|
701
701
|
if ((a.iat !== void 0 || d) && typeof a.iat != "number")
|
|
702
|
-
throw new
|
|
702
|
+
throw new T('"iat" claim must be a number', a, "iat", "invalid");
|
|
703
703
|
if (a.nbf !== void 0) {
|
|
704
704
|
if (typeof a.nbf != "number")
|
|
705
|
-
throw new
|
|
705
|
+
throw new T('"nbf" claim must be a number', a, "nbf", "invalid");
|
|
706
706
|
if (a.nbf > m + y)
|
|
707
|
-
throw new
|
|
707
|
+
throw new T('"nbf" claim timestamp check failed', a, "nbf", "check_failed");
|
|
708
708
|
}
|
|
709
709
|
if (a.exp !== void 0) {
|
|
710
710
|
if (typeof a.exp != "number")
|
|
711
|
-
throw new
|
|
711
|
+
throw new T('"exp" claim must be a number', a, "exp", "invalid");
|
|
712
712
|
if (a.exp <= m - y)
|
|
713
713
|
throw new le('"exp" claim timestamp check failed', a, "exp", "check_failed");
|
|
714
714
|
}
|
|
715
715
|
if (d) {
|
|
716
|
-
const
|
|
717
|
-
if (
|
|
716
|
+
const E = m - a.iat, C = typeof d == "number" ? d : fe(d);
|
|
717
|
+
if (E - y > C)
|
|
718
718
|
throw new le('"iat" claim timestamp check failed (too far in the past)', a, "iat", "check_failed");
|
|
719
|
-
if (
|
|
720
|
-
throw new
|
|
719
|
+
if (E < 0 - y)
|
|
720
|
+
throw new T('"iat" claim timestamp check failed (it should be in the past)', a, "iat", "check_failed");
|
|
721
721
|
}
|
|
722
722
|
return a;
|
|
723
723
|
};
|
|
724
|
-
async function
|
|
724
|
+
async function $t(e, t, r) {
|
|
725
725
|
var a;
|
|
726
|
-
const n = await
|
|
726
|
+
const n = await Ot(e, t, r);
|
|
727
727
|
if ((a = n.protectedHeader.crit) != null && a.includes("b64") && n.protectedHeader.b64 === !1)
|
|
728
|
-
throw new
|
|
729
|
-
const
|
|
730
|
-
return typeof t == "function" ? { ...
|
|
728
|
+
throw new Ie("JWTs MUST NOT use unencoded payload");
|
|
729
|
+
const o = { payload: Lt(n.protectedHeader, n.payload, r), protectedHeader: n.protectedHeader };
|
|
730
|
+
return typeof t == "function" ? { ...o, key: n.key } : o;
|
|
731
731
|
}
|
|
732
|
-
const
|
|
732
|
+
const U = async (e) => {
|
|
733
733
|
try {
|
|
734
|
-
const t = w.ALG, r = await
|
|
735
|
-
return await
|
|
734
|
+
const t = w.ALG, r = await At(at, t);
|
|
735
|
+
return await $t(e, r, {
|
|
736
736
|
issuer: w.ISSUER
|
|
737
737
|
});
|
|
738
738
|
} catch {
|
|
739
739
|
return;
|
|
740
740
|
}
|
|
741
741
|
};
|
|
742
|
-
var
|
|
743
|
-
for (var
|
|
744
|
-
|
|
745
|
-
function
|
|
746
|
-
return (
|
|
742
|
+
var h = [];
|
|
743
|
+
for (var ae = 0; ae < 256; ++ae)
|
|
744
|
+
h.push((ae + 256).toString(16).slice(1));
|
|
745
|
+
function Wt(e, t = 0) {
|
|
746
|
+
return (h[e[t + 0]] + h[e[t + 1]] + h[e[t + 2]] + h[e[t + 3]] + "-" + h[e[t + 4]] + h[e[t + 5]] + "-" + h[e[t + 6]] + h[e[t + 7]] + "-" + h[e[t + 8]] + h[e[t + 9]] + "-" + h[e[t + 10]] + h[e[t + 11]] + h[e[t + 12]] + h[e[t + 13]] + h[e[t + 14]] + h[e[t + 15]]).toLowerCase();
|
|
747
747
|
}
|
|
748
|
-
var
|
|
749
|
-
function
|
|
750
|
-
if (
|
|
748
|
+
var $, Jt = new Uint8Array(16);
|
|
749
|
+
function xt() {
|
|
750
|
+
if (!$ && ($ = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !$))
|
|
751
751
|
throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
|
|
752
|
-
return
|
|
752
|
+
return $(Jt);
|
|
753
753
|
}
|
|
754
|
-
var
|
|
754
|
+
var jt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
|
|
755
755
|
const we = {
|
|
756
|
-
randomUUID:
|
|
756
|
+
randomUUID: jt
|
|
757
757
|
};
|
|
758
758
|
function me(e, t, r) {
|
|
759
759
|
if (we.randomUUID && !t && !e)
|
|
760
760
|
return we.randomUUID();
|
|
761
761
|
e = e || {};
|
|
762
|
-
var a = e.random || (e.rng ||
|
|
763
|
-
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128,
|
|
762
|
+
var a = e.random || (e.rng || xt)();
|
|
763
|
+
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128, Wt(a);
|
|
764
764
|
}
|
|
765
|
-
const Ee = globalThis.crypto,
|
|
765
|
+
const Ee = globalThis.crypto, Mt = (e) => `${me()}${me()}`.slice(0, e), Yt = (e) => btoa(
|
|
766
766
|
[...new Uint8Array(e)].map((t) => String.fromCharCode(t)).join("")
|
|
767
767
|
);
|
|
768
|
-
async function
|
|
768
|
+
async function Vt(e) {
|
|
769
769
|
if (!Ee.subtle)
|
|
770
770
|
throw new Error(
|
|
771
771
|
"crypto.subtle is available only in secure contexts (HTTPS)."
|
|
772
772
|
);
|
|
773
773
|
const t = new TextEncoder().encode(e), r = await Ee.subtle.digest("SHA-256", t);
|
|
774
|
-
return
|
|
774
|
+
return Yt(r).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
|
|
775
775
|
}
|
|
776
|
-
async function
|
|
777
|
-
const r =
|
|
776
|
+
async function Gt(e) {
|
|
777
|
+
const r = Mt(43), a = await Vt(r);
|
|
778
778
|
return {
|
|
779
779
|
code_verifier: r,
|
|
780
780
|
code_challenge: a
|
|
781
781
|
};
|
|
782
782
|
}
|
|
783
|
-
function
|
|
783
|
+
function Ke(e, t) {
|
|
784
784
|
window.dispatchEvent(new StorageEvent("storage", { key: e, newValue: t }));
|
|
785
785
|
}
|
|
786
786
|
const Se = (e, t) => {
|
|
787
787
|
const r = JSON.stringify(
|
|
788
788
|
typeof t == "function" ? t() : t
|
|
789
789
|
);
|
|
790
|
-
window.localStorage.setItem(e, r),
|
|
791
|
-
},
|
|
792
|
-
window.localStorage.removeItem(e),
|
|
793
|
-
}, ge = (e) => window.localStorage.getItem(e),
|
|
794
|
-
function
|
|
790
|
+
window.localStorage.setItem(e, r), Ke(e, r);
|
|
791
|
+
}, Bt = (e) => {
|
|
792
|
+
window.localStorage.removeItem(e), Ke(e, null);
|
|
793
|
+
}, ge = (e) => window.localStorage.getItem(e), Ft = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
|
|
794
|
+
function W({
|
|
795
795
|
key: e,
|
|
796
796
|
initialValue: t
|
|
797
797
|
}) {
|
|
798
|
-
const r =
|
|
799
|
-
(
|
|
798
|
+
const r = Xe(Ft, () => ge(e)), a = D(
|
|
799
|
+
(s) => {
|
|
800
800
|
try {
|
|
801
|
-
const i = typeof
|
|
802
|
-
i == null ?
|
|
801
|
+
const i = typeof s == "function" ? s(JSON.parse(r)) : s;
|
|
802
|
+
i == null ? Bt(e) : Se(e, i);
|
|
803
803
|
} catch (i) {
|
|
804
804
|
console.warn(i);
|
|
805
805
|
}
|
|
806
806
|
},
|
|
807
807
|
[e, r]
|
|
808
|
-
), n =
|
|
808
|
+
), n = D(() => {
|
|
809
809
|
a(t);
|
|
810
|
-
}, [t, a]),
|
|
810
|
+
}, [t, a]), o = D(() => {
|
|
811
811
|
a(null);
|
|
812
812
|
}, [a]);
|
|
813
813
|
return ve(() => {
|
|
814
814
|
try {
|
|
815
815
|
ge(e) === null && typeof t < "u" && Se(e, t);
|
|
816
|
-
} catch (
|
|
817
|
-
console.warn(
|
|
816
|
+
} catch (s) {
|
|
817
|
+
console.warn(s);
|
|
818
818
|
}
|
|
819
|
-
}, [e, t]), [r ? JSON.parse(r) : null, a, n,
|
|
819
|
+
}, [e, t]), [r ? JSON.parse(r) : null, a, n, o];
|
|
820
820
|
}
|
|
821
|
-
var
|
|
822
|
-
for (var
|
|
823
|
-
|
|
824
|
-
function
|
|
825
|
-
return (
|
|
821
|
+
var p = [];
|
|
822
|
+
for (var ne = 0; ne < 256; ++ne)
|
|
823
|
+
p.push((ne + 256).toString(16).slice(1));
|
|
824
|
+
function qt(e, t = 0) {
|
|
825
|
+
return (p[e[t + 0]] + p[e[t + 1]] + p[e[t + 2]] + p[e[t + 3]] + "-" + p[e[t + 4]] + p[e[t + 5]] + "-" + p[e[t + 6]] + p[e[t + 7]] + "-" + p[e[t + 8]] + p[e[t + 9]] + "-" + p[e[t + 10]] + p[e[t + 11]] + p[e[t + 12]] + p[e[t + 13]] + p[e[t + 14]] + p[e[t + 15]]).toLowerCase();
|
|
826
826
|
}
|
|
827
|
-
var
|
|
828
|
-
function
|
|
829
|
-
if (!
|
|
827
|
+
var J, zt = new Uint8Array(16);
|
|
828
|
+
function Xt() {
|
|
829
|
+
if (!J && (J = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !J))
|
|
830
830
|
throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
|
|
831
|
-
return
|
|
831
|
+
return J(zt);
|
|
832
832
|
}
|
|
833
|
-
var
|
|
833
|
+
var Qt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
|
|
834
834
|
const Ae = {
|
|
835
|
-
randomUUID:
|
|
835
|
+
randomUUID: Qt
|
|
836
836
|
};
|
|
837
|
-
function
|
|
837
|
+
function Zt(e, t, r) {
|
|
838
838
|
if (Ae.randomUUID && !t && !e)
|
|
839
839
|
return Ae.randomUUID();
|
|
840
840
|
e = e || {};
|
|
841
|
-
var a = e.random || (e.rng ||
|
|
842
|
-
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128,
|
|
841
|
+
var a = e.random || (e.rng || Xt)();
|
|
842
|
+
return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128, qt(a);
|
|
843
843
|
}
|
|
844
|
-
const
|
|
844
|
+
const x = "Oops! It looks like your session has expired. For your security, please log in again to continue.", er = "Your session has been successfully terminated.", Te = "Login failed. Please try again.", se = "Error getting access token, please re-authenticate.", tr = "You forgot to wrap your component in <AuthProvider>.", ke = {
|
|
845
845
|
dev: "https://auth.gizmette.local.com:3003",
|
|
846
846
|
prod: "https://mylogin.gizmette.com"
|
|
847
|
-
},
|
|
847
|
+
}, j = "@@auth@@", G = "LOADING", B = "LOGIN", Le = "LOGOUT", rr = process.env.NODE_ENV === "production", ar = !rr, Z = async ({
|
|
848
848
|
type: e,
|
|
849
849
|
clientId: t,
|
|
850
850
|
params: r = {}
|
|
851
851
|
}) => {
|
|
852
852
|
try {
|
|
853
853
|
const a = await fetch(
|
|
854
|
-
|
|
854
|
+
ar ? `${ke.dev}/${e}` : `${ke.prod}/${e}`,
|
|
855
855
|
{
|
|
856
856
|
credentials: "include",
|
|
857
857
|
method: "POST",
|
|
858
858
|
headers: {
|
|
859
859
|
"Content-Type": "application/json",
|
|
860
|
-
[
|
|
860
|
+
[rt.CLIENT_ID]: `${t}`
|
|
861
861
|
},
|
|
862
862
|
body: JSON.stringify(r)
|
|
863
863
|
}
|
|
864
864
|
);
|
|
865
865
|
if (a.status !== 200)
|
|
866
866
|
return { status: a.status, data: [] };
|
|
867
|
-
const { data: n, errors:
|
|
867
|
+
const { data: n, errors: o } = await a.json();
|
|
868
868
|
return {
|
|
869
869
|
status: a.status,
|
|
870
870
|
data: n,
|
|
871
|
-
errors:
|
|
871
|
+
errors: o
|
|
872
872
|
};
|
|
873
873
|
} catch (a) {
|
|
874
874
|
return console.error(a), { status: 500, data: [] };
|
|
875
875
|
}
|
|
876
|
-
},
|
|
877
|
-
|
|
878
|
-
|
|
879
|
-
|
|
880
|
-
|
|
881
|
-
|
|
876
|
+
}, nr = async ({
|
|
877
|
+
userId: e,
|
|
878
|
+
idToken: t,
|
|
879
|
+
accessToken: r,
|
|
880
|
+
refreshToken: a,
|
|
881
|
+
clientId: n,
|
|
882
|
+
domain: o
|
|
882
883
|
}) => {
|
|
883
884
|
try {
|
|
884
885
|
return {
|
|
885
886
|
status: (await Z({
|
|
886
887
|
type: z.LOGOUT,
|
|
887
|
-
clientId:
|
|
888
|
+
clientId: n,
|
|
888
889
|
params: {
|
|
889
|
-
|
|
890
|
-
|
|
891
|
-
|
|
892
|
-
|
|
890
|
+
userId: e,
|
|
891
|
+
idToken: t,
|
|
892
|
+
accessToken: r,
|
|
893
|
+
refreshToken: a,
|
|
894
|
+
domain: o
|
|
893
895
|
}
|
|
894
896
|
})).status === 200
|
|
895
897
|
};
|
|
@@ -904,8 +906,8 @@ const M = "Oops! It looks like your session has expired. For your security, plea
|
|
|
904
906
|
clientId: r,
|
|
905
907
|
nonce: a,
|
|
906
908
|
type: n,
|
|
907
|
-
sessionExpiration:
|
|
908
|
-
code:
|
|
909
|
+
sessionExpiration: o,
|
|
910
|
+
code: s,
|
|
909
911
|
code_verifier: i,
|
|
910
912
|
domain: c
|
|
911
913
|
}) => {
|
|
@@ -917,18 +919,18 @@ const M = "Oops! It looks like your session has expired. For your security, plea
|
|
|
917
919
|
type: n || q.ID_AND_ACCESS_TOKEN,
|
|
918
920
|
username: e,
|
|
919
921
|
password: t,
|
|
920
|
-
sessionExpiration:
|
|
922
|
+
sessionExpiration: o,
|
|
921
923
|
nonce: a,
|
|
922
|
-
code:
|
|
924
|
+
code: s,
|
|
923
925
|
code_verifier: i,
|
|
924
926
|
domain: c
|
|
925
927
|
}
|
|
926
|
-
}),
|
|
927
|
-
return
|
|
928
|
+
}), l = await U(d.data.idToken);
|
|
929
|
+
return l && l.payload[w.USER_ID_KEY] !== "" && l.payload[w.NONCE_KEY] === a ? {
|
|
928
930
|
idToken: d.data.idToken,
|
|
929
931
|
accessToken: d.data.accessToken,
|
|
930
932
|
refreshToken: d.data.refreshToken,
|
|
931
|
-
userId:
|
|
933
|
+
userId: l.payload[w.USER_ID_KEY],
|
|
932
934
|
status: !0
|
|
933
935
|
} : {
|
|
934
936
|
status: !1
|
|
@@ -938,7 +940,7 @@ const M = "Oops! It looks like your session has expired. For your security, plea
|
|
|
938
940
|
status: !1
|
|
939
941
|
};
|
|
940
942
|
}
|
|
941
|
-
},
|
|
943
|
+
}, sr = async ({
|
|
942
944
|
nonce: e,
|
|
943
945
|
clientId: t,
|
|
944
946
|
code_challenge: r
|
|
@@ -964,16 +966,16 @@ const M = "Oops! It looks like your session has expired. For your security, plea
|
|
|
964
966
|
status: !1
|
|
965
967
|
};
|
|
966
968
|
}
|
|
967
|
-
},
|
|
969
|
+
}, or = async ({
|
|
968
970
|
clientId: e,
|
|
969
971
|
userId: t,
|
|
970
972
|
nonce: r,
|
|
971
973
|
refreshToken: a,
|
|
972
974
|
accessToken: n,
|
|
973
|
-
domain:
|
|
975
|
+
domain: o
|
|
974
976
|
}) => {
|
|
975
977
|
try {
|
|
976
|
-
const
|
|
978
|
+
const s = await Z({
|
|
977
979
|
type: z.AUTHENTICATE,
|
|
978
980
|
clientId: e,
|
|
979
981
|
params: {
|
|
@@ -982,12 +984,12 @@ const M = "Oops! It looks like your session has expired. For your security, plea
|
|
|
982
984
|
nonce: r,
|
|
983
985
|
refreshToken: a,
|
|
984
986
|
accessToken: n,
|
|
985
|
-
domain:
|
|
987
|
+
domain: o
|
|
986
988
|
}
|
|
987
|
-
}), i = await
|
|
989
|
+
}), i = await U(s.data.accessToken);
|
|
988
990
|
return i && i.payload[w.USER_ID_KEY] !== "" && i.payload[w.NONCE_KEY] === r ? {
|
|
989
|
-
accessToken:
|
|
990
|
-
refreshToken:
|
|
991
|
+
accessToken: s.data.accessToken,
|
|
992
|
+
refreshToken: s.data.refreshToken,
|
|
991
993
|
userId: i.payload[w.USER_ID_KEY],
|
|
992
994
|
status: !0
|
|
993
995
|
} : {
|
|
@@ -999,11 +1001,11 @@ const M = "Oops! It looks like your session has expired. For your security, plea
|
|
|
999
1001
|
};
|
|
1000
1002
|
}
|
|
1001
1003
|
};
|
|
1002
|
-
class
|
|
1004
|
+
class ir {
|
|
1003
1005
|
constructor(t = null, r = null) {
|
|
1004
|
-
|
|
1005
|
-
|
|
1006
|
-
|
|
1006
|
+
H(this, "refreshTokenPromise", null);
|
|
1007
|
+
H(this, "accessToken");
|
|
1008
|
+
H(this, "refreshToken");
|
|
1007
1009
|
this.accessToken = t || "", this.refreshToken = r || "";
|
|
1008
1010
|
}
|
|
1009
1011
|
async refreshtoken({
|
|
@@ -1030,9 +1032,9 @@ class nr {
|
|
|
1030
1032
|
nonce: a,
|
|
1031
1033
|
domain: n
|
|
1032
1034
|
}) {
|
|
1033
|
-
const
|
|
1034
|
-
if (
|
|
1035
|
-
const
|
|
1035
|
+
const o = await U(this.refreshToken);
|
|
1036
|
+
if (o && o.payload[w.USER_ID_KEY] !== "") {
|
|
1037
|
+
const s = await or({
|
|
1036
1038
|
clientId: t,
|
|
1037
1039
|
userId: r,
|
|
1038
1040
|
nonce: a,
|
|
@@ -1040,10 +1042,10 @@ class nr {
|
|
|
1040
1042
|
accessToken: this.accessToken,
|
|
1041
1043
|
domain: n
|
|
1042
1044
|
});
|
|
1043
|
-
return
|
|
1045
|
+
return s.status ? (this.accessToken = s.accessToken, this.refreshToken = s.refreshToken, {
|
|
1044
1046
|
status: "success",
|
|
1045
|
-
newAccessToken:
|
|
1046
|
-
newRefreshToken:
|
|
1047
|
+
newAccessToken: s.accessToken,
|
|
1048
|
+
newRefreshToken: s.refreshToken
|
|
1047
1049
|
}) : {
|
|
1048
1050
|
status: "failure"
|
|
1049
1051
|
};
|
|
@@ -1053,188 +1055,200 @@ class nr {
|
|
|
1053
1055
|
};
|
|
1054
1056
|
}
|
|
1055
1057
|
}
|
|
1056
|
-
const
|
|
1057
|
-
throw new Error(
|
|
1058
|
-
},
|
|
1058
|
+
const M = () => {
|
|
1059
|
+
throw new Error(tr);
|
|
1060
|
+
}, $e = Qe({
|
|
1059
1061
|
isAuthenticated: !1,
|
|
1060
1062
|
isLoading: !1,
|
|
1061
|
-
login:
|
|
1062
|
-
logout:
|
|
1063
|
-
getAccessToken:
|
|
1064
|
-
getIdToken:
|
|
1063
|
+
login: M,
|
|
1064
|
+
logout: M,
|
|
1065
|
+
getAccessToken: M,
|
|
1066
|
+
getIdToken: M,
|
|
1065
1067
|
logoutReason: ""
|
|
1066
|
-
}),
|
|
1068
|
+
}), cr = ze.createContext({
|
|
1069
|
+
state: {
|
|
1070
|
+
isLoading: !0,
|
|
1071
|
+
isAuthenticated: !1,
|
|
1072
|
+
user: void 0,
|
|
1073
|
+
logoutReason: ""
|
|
1074
|
+
},
|
|
1075
|
+
dispatch: () => {
|
|
1076
|
+
}
|
|
1077
|
+
}), ur = (e, t) => (t == null ? void 0 : t.type) === G ? {
|
|
1078
|
+
...e,
|
|
1079
|
+
isLoading: t.payload.isLoading
|
|
1080
|
+
} : (t == null ? void 0 : t.type) === B ? {
|
|
1081
|
+
...e,
|
|
1082
|
+
isLoading: !1,
|
|
1083
|
+
isAuthenticated: !0,
|
|
1084
|
+
user: t.payload.user
|
|
1085
|
+
} : (t == null ? void 0 : t.type) === Le ? {
|
|
1086
|
+
...e,
|
|
1087
|
+
isLoading: !1,
|
|
1088
|
+
isAuthenticated: !1,
|
|
1089
|
+
user: void 0,
|
|
1090
|
+
logoutReason: t.payload.logoutReason
|
|
1091
|
+
} : e, fr = ({
|
|
1067
1092
|
children: e,
|
|
1068
1093
|
sessionExpiration: t,
|
|
1069
1094
|
clientId: r,
|
|
1070
1095
|
domain: a = ""
|
|
1071
1096
|
}) => {
|
|
1072
|
-
const n
|
|
1073
|
-
key: `${V}::${r}::@@user@@`
|
|
1074
|
-
}), [c, d, , p] = x({
|
|
1075
|
-
key: `${V}::${r}::@@access@@`
|
|
1076
|
-
}), [y, E, , m] = x(
|
|
1077
|
-
{
|
|
1078
|
-
key: `${V}::${r}::@@refresh@@`
|
|
1079
|
-
}
|
|
1080
|
-
), [S, ee, , ue] = x({
|
|
1081
|
-
key: `${V}::${r}::@@nonce@@`
|
|
1082
|
-
}), $e = new nr(c, y), [P, T] = Xe({
|
|
1097
|
+
const [n, o] = Ze(ur, {
|
|
1083
1098
|
isLoading: !0,
|
|
1084
1099
|
isAuthenticated: !1,
|
|
1085
1100
|
user: void 0,
|
|
1086
1101
|
logoutReason: ""
|
|
1087
|
-
}),
|
|
1102
|
+
}), s = et(!1), [i, c, , d] = W({
|
|
1103
|
+
key: `${j}::${r}::@@user@@`
|
|
1104
|
+
}), [l, y, , S] = W({
|
|
1105
|
+
key: `${j}::${r}::@@access@@`
|
|
1106
|
+
}), [m, E, , C] = W(
|
|
1107
|
+
{
|
|
1108
|
+
key: `${j}::${r}::@@refresh@@`
|
|
1109
|
+
}
|
|
1110
|
+
), [We, Je, , ce] = W({
|
|
1111
|
+
key: `${j}::${r}::@@nonce@@`
|
|
1112
|
+
}), xe = new ir(l, m), N = D(
|
|
1088
1113
|
(u) => {
|
|
1089
|
-
console.warn(u),
|
|
1090
|
-
|
|
1091
|
-
|
|
1092
|
-
|
|
1093
|
-
|
|
1094
|
-
}),
|
|
1114
|
+
console.warn(u), o({
|
|
1115
|
+
type: Le,
|
|
1116
|
+
payload: {
|
|
1117
|
+
logoutReason: u || x
|
|
1118
|
+
}
|
|
1119
|
+
}), d(), S(), C(), ce(), o({ type: G, payload: { isLoading: !1 } });
|
|
1095
1120
|
},
|
|
1096
|
-
[
|
|
1097
|
-
),
|
|
1121
|
+
[S, d, ce, C]
|
|
1122
|
+
), b = D(
|
|
1098
1123
|
async (u) => {
|
|
1099
|
-
|
|
1100
|
-
|
|
1101
|
-
|
|
1102
|
-
|
|
1124
|
+
const { user: g } = n;
|
|
1125
|
+
await nr({
|
|
1126
|
+
userId: (g == null ? void 0 : g.userId) || "",
|
|
1127
|
+
idToken: i,
|
|
1128
|
+
accessToken: l,
|
|
1129
|
+
refreshToken: m,
|
|
1103
1130
|
clientId: r,
|
|
1104
1131
|
domain: a
|
|
1105
|
-
}),
|
|
1106
|
-
..._,
|
|
1107
|
-
isLoading: !1
|
|
1108
|
-
}));
|
|
1132
|
+
}), N(u || x);
|
|
1109
1133
|
},
|
|
1110
1134
|
[
|
|
1111
|
-
|
|
1135
|
+
l,
|
|
1136
|
+
n,
|
|
1112
1137
|
r,
|
|
1113
1138
|
a,
|
|
1114
|
-
|
|
1115
|
-
|
|
1139
|
+
i,
|
|
1140
|
+
m,
|
|
1116
1141
|
N
|
|
1117
1142
|
]
|
|
1118
1143
|
);
|
|
1119
1144
|
ve(() => {
|
|
1120
|
-
if (!
|
|
1121
|
-
return
|
|
1145
|
+
if (!s.current)
|
|
1146
|
+
return n.isLoading && i !== null ? (async () => {
|
|
1122
1147
|
try {
|
|
1123
|
-
const u = await
|
|
1124
|
-
u && u.payload[w.USER_ID_KEY] !== "" ?
|
|
1125
|
-
|
|
1126
|
-
|
|
1127
|
-
|
|
1128
|
-
|
|
1129
|
-
|
|
1130
|
-
|
|
1131
|
-
|
|
1132
|
-
}) : await
|
|
1148
|
+
const u = await U(i);
|
|
1149
|
+
u && u.payload[w.USER_ID_KEY] !== "" ? o({
|
|
1150
|
+
type: B,
|
|
1151
|
+
payload: {
|
|
1152
|
+
user: {
|
|
1153
|
+
userId: u.payload[w.USER_ID_KEY],
|
|
1154
|
+
username: u.payload[w.USERNAME_KEY]
|
|
1155
|
+
}
|
|
1156
|
+
}
|
|
1157
|
+
}) : await b(x);
|
|
1133
1158
|
} catch {
|
|
1134
|
-
await
|
|
1159
|
+
await b(x);
|
|
1135
1160
|
}
|
|
1136
|
-
})() :
|
|
1137
|
-
|
|
1138
|
-
isLoading: !1
|
|
1139
|
-
})), () => {
|
|
1140
|
-
n.current = !0;
|
|
1161
|
+
})() : o({ type: G, payload: { isLoading: !1 } }), () => {
|
|
1162
|
+
s.current = !0;
|
|
1141
1163
|
};
|
|
1142
|
-
}, [
|
|
1143
|
-
const
|
|
1144
|
-
const I =
|
|
1145
|
-
if (
|
|
1146
|
-
|
|
1147
|
-
isLoading: !0
|
|
1148
|
-
})), i(), p(), m(), g === q.CODE) {
|
|
1149
|
-
const { code_verifier: D, code_challenge: Me } = await Mt(), de = await rr({
|
|
1164
|
+
}, [n.isLoading, i, b]);
|
|
1165
|
+
const je = async (u, g, A) => {
|
|
1166
|
+
const I = Zt();
|
|
1167
|
+
if (Je(I), o({ type: G, payload: { isLoading: !0 } }), d(), S(), C(), A === q.CODE) {
|
|
1168
|
+
const { code_verifier: Ge, code_challenge: Be } = await Gt(), ue = await sr({
|
|
1150
1169
|
nonce: I,
|
|
1151
1170
|
clientId: r,
|
|
1152
|
-
code_challenge:
|
|
1171
|
+
code_challenge: Be
|
|
1153
1172
|
});
|
|
1154
|
-
if (
|
|
1155
|
-
const
|
|
1173
|
+
if (ue.status) {
|
|
1174
|
+
const O = await _e({
|
|
1156
1175
|
username: u,
|
|
1157
|
-
password:
|
|
1176
|
+
password: g,
|
|
1158
1177
|
clientId: r,
|
|
1159
1178
|
sessionExpiration: t,
|
|
1160
1179
|
nonce: I,
|
|
1161
|
-
type:
|
|
1162
|
-
code:
|
|
1163
|
-
code_verifier:
|
|
1180
|
+
type: A,
|
|
1181
|
+
code: ue.code,
|
|
1182
|
+
code_verifier: Ge,
|
|
1164
1183
|
domain: a
|
|
1165
1184
|
});
|
|
1166
|
-
return
|
|
1167
|
-
|
|
1168
|
-
|
|
1169
|
-
|
|
1170
|
-
|
|
1171
|
-
|
|
1172
|
-
|
|
1173
|
-
|
|
1174
|
-
}), !0) : (N(Te),
|
|
1175
|
-
...Ve,
|
|
1176
|
-
isLoading: !1
|
|
1177
|
-
})), !1);
|
|
1185
|
+
return O.status ? (c(O.idToken), y(O.accessToken), E(O.refreshToken), o({
|
|
1186
|
+
type: B,
|
|
1187
|
+
payload: {
|
|
1188
|
+
user: {
|
|
1189
|
+
userId: O.userId,
|
|
1190
|
+
username: u
|
|
1191
|
+
}
|
|
1192
|
+
}
|
|
1193
|
+
}), !0) : (N(Te), !1);
|
|
1178
1194
|
}
|
|
1179
1195
|
return !1;
|
|
1180
1196
|
}
|
|
1181
|
-
const
|
|
1197
|
+
const P = await _e({
|
|
1182
1198
|
username: u,
|
|
1183
|
-
password:
|
|
1199
|
+
password: g,
|
|
1184
1200
|
clientId: r,
|
|
1185
1201
|
sessionExpiration: t,
|
|
1186
1202
|
nonce: I,
|
|
1187
|
-
type:
|
|
1203
|
+
type: A,
|
|
1188
1204
|
domain: a
|
|
1189
1205
|
});
|
|
1190
|
-
return
|
|
1191
|
-
|
|
1192
|
-
|
|
1193
|
-
|
|
1194
|
-
|
|
1195
|
-
|
|
1206
|
+
return P.status ? (c(P.idToken), y(P.accessToken), E(P.refreshToken), o({
|
|
1207
|
+
type: B,
|
|
1208
|
+
payload: {
|
|
1209
|
+
user: {
|
|
1210
|
+
userId: P.userId,
|
|
1211
|
+
username: u
|
|
1212
|
+
}
|
|
1196
1213
|
}
|
|
1197
|
-
}), !0) : (N(Te),
|
|
1198
|
-
|
|
1199
|
-
|
|
1200
|
-
|
|
1201
|
-
|
|
1202
|
-
u == null || u.preventDefault(), await R(Xt);
|
|
1203
|
-
}, xe = async () => {
|
|
1204
|
-
const { isAuthenticated: u, user: _ } = P;
|
|
1214
|
+
}), !0) : (N(Te), !1);
|
|
1215
|
+
}, Me = async (u) => {
|
|
1216
|
+
u == null || u.preventDefault(), await b(er);
|
|
1217
|
+
}, Ye = async () => {
|
|
1218
|
+
const { isAuthenticated: u, user: g } = n;
|
|
1205
1219
|
try {
|
|
1206
|
-
if (u &&
|
|
1207
|
-
if (
|
|
1208
|
-
const I = await
|
|
1220
|
+
if (u && g && g.userId) {
|
|
1221
|
+
if (l) {
|
|
1222
|
+
const I = await U(l);
|
|
1209
1223
|
if (I && I.payload[w.USER_ID_KEY] !== "")
|
|
1210
|
-
return
|
|
1224
|
+
return l;
|
|
1211
1225
|
}
|
|
1212
|
-
const
|
|
1226
|
+
const A = await xe.refreshtoken({
|
|
1213
1227
|
clientId: r,
|
|
1214
|
-
userId:
|
|
1215
|
-
nonce:
|
|
1228
|
+
userId: g.userId,
|
|
1229
|
+
nonce: We,
|
|
1216
1230
|
domain: a
|
|
1217
1231
|
});
|
|
1218
|
-
return
|
|
1232
|
+
return A.status && A.status === "success" ? (y(A.newAccessToken), E(A.newRefreshToken), A.newAccessToken) : (await b(se), "");
|
|
1219
1233
|
}
|
|
1220
|
-
return await
|
|
1234
|
+
return await b(se), "";
|
|
1221
1235
|
} catch {
|
|
1222
|
-
return await
|
|
1236
|
+
return await b(se), "";
|
|
1223
1237
|
}
|
|
1224
|
-
},
|
|
1225
|
-
if (
|
|
1226
|
-
return
|
|
1238
|
+
}, Ve = () => {
|
|
1239
|
+
if (n.isAuthenticated && i)
|
|
1240
|
+
return i;
|
|
1227
1241
|
};
|
|
1228
|
-
return /* @__PURE__ */
|
|
1229
|
-
|
|
1242
|
+
return /* @__PURE__ */ de(cr.Provider, { value: { state: n, dispatch: o }, children: /* @__PURE__ */ de(
|
|
1243
|
+
$e.Provider,
|
|
1230
1244
|
{
|
|
1231
|
-
value: { ...
|
|
1245
|
+
value: { ...n, login: je, logout: Me, getAccessToken: Ye, getIdToken: Ve },
|
|
1232
1246
|
children: e
|
|
1233
1247
|
}
|
|
1234
|
-
);
|
|
1235
|
-
},
|
|
1248
|
+
) });
|
|
1249
|
+
}, yr = (e = $e) => tt(e);
|
|
1236
1250
|
export {
|
|
1237
1251
|
q as AUTH_TYPES,
|
|
1238
|
-
|
|
1239
|
-
|
|
1252
|
+
fr as AuthProvider,
|
|
1253
|
+
yr as useAuth
|
|
1240
1254
|
};
|