@versini/auth-provider 5.2.1 → 5.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/index.d.ts +5 -2
  2. package/dist/index.js +1027 -515
  3. package/package.json +3 -2
package/dist/index.js CHANGED
@@ -1,21 +1,309 @@
1
- var Fe = Object.defineProperty;
2
- var qe = (e, t, r) => t in e ? Fe(e, t, { enumerable: !0, configurable: !0, writable: !0, value: r }) : e[t] = r;
3
- var H = (e, t, r) => qe(e, typeof t != "symbol" ? t + "" : t, r);
4
- import { jsx as de } from "react/jsx-runtime";
5
- import ze, { useSyncExternalStore as Xe, useCallback as D, useEffect as ve, createContext as Qe, useReducer as Ze, useRef as et, useContext as tt } from "react";
1
+ var dt = Object.defineProperty;
2
+ var ht = (e, t, r) => t in e ? dt(e, t, { enumerable: !0, configurable: !0, writable: !0, value: r }) : e[t] = r;
3
+ var M = (e, t, r) => ht(e, typeof t != "symbol" ? t + "" : t, r);
4
+ import { jsx as Te } from "react/jsx-runtime";
5
+ import pt, { useSyncExternalStore as ft, useCallback as x, useEffect as Ke, createContext as yt, useReducer as mt, useRef as Et, useContext as wt } from "react";
6
6
  /*!
7
- @versini/auth-provider v5.2.1
7
+ @versini/auth-provider v5.3.0
8
8
  © 2024 gizmette.com
9
9
  */
10
10
  try {
11
11
  window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
12
- version: "5.2.1",
13
- buildTime: "07/09/2024 07:27 PM EDT",
12
+ version: "5.3.0",
13
+ buildTime: "07/14/2024 06:45 PM EDT",
14
14
  homepage: "https://github.com/aversini/auth-client",
15
15
  license: "MIT"
16
16
  });
17
17
  } catch {
18
18
  }
19
+ function b(e) {
20
+ const t = new Uint8Array(e);
21
+ let r = "";
22
+ for (const a of t)
23
+ r += String.fromCharCode(a);
24
+ return btoa(r).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
25
+ }
26
+ function ee(e) {
27
+ const t = e.replace(/-/g, "+").replace(/_/g, "/"), r = (4 - t.length % 4) % 4, n = t.padEnd(t.length + r, "="), a = atob(n), o = new ArrayBuffer(a.length), s = new Uint8Array(o);
28
+ for (let i = 0; i < a.length; i++)
29
+ s[i] = a.charCodeAt(i);
30
+ return o;
31
+ }
32
+ function Ee() {
33
+ return (window == null ? void 0 : window.PublicKeyCredential) !== void 0 && typeof window.PublicKeyCredential == "function";
34
+ }
35
+ function He(e) {
36
+ const { id: t } = e;
37
+ return {
38
+ ...e,
39
+ id: ee(t),
40
+ transports: e.transports
41
+ };
42
+ }
43
+ function $e(e) {
44
+ return e === "localhost" || /^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(e);
45
+ }
46
+ class A extends Error {
47
+ constructor({ message: t, code: r, cause: n, name: a }) {
48
+ super(t, { cause: n }), this.name = a ?? n.name, this.code = r;
49
+ }
50
+ }
51
+ function gt({ error: e, options: t }) {
52
+ var n, a;
53
+ const { publicKey: r } = t;
54
+ if (!r)
55
+ throw Error("options was missing required publicKey property");
56
+ if (e.name === "AbortError") {
57
+ if (t.signal instanceof AbortSignal)
58
+ return new A({
59
+ message: "Registration ceremony was sent an abort signal",
60
+ code: "ERROR_CEREMONY_ABORTED",
61
+ cause: e
62
+ });
63
+ } else if (e.name === "ConstraintError") {
64
+ if (((n = r.authenticatorSelection) == null ? void 0 : n.requireResidentKey) === !0)
65
+ return new A({
66
+ message: "Discoverable credentials were required but no available authenticator supported it",
67
+ code: "ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",
68
+ cause: e
69
+ });
70
+ if (((a = r.authenticatorSelection) == null ? void 0 : a.userVerification) === "required")
71
+ return new A({
72
+ message: "User verification was required but no available authenticator supported it",
73
+ code: "ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",
74
+ cause: e
75
+ });
76
+ } else {
77
+ if (e.name === "InvalidStateError")
78
+ return new A({
79
+ message: "The authenticator was previously registered",
80
+ code: "ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",
81
+ cause: e
82
+ });
83
+ if (e.name === "NotAllowedError")
84
+ return new A({
85
+ message: e.message,
86
+ code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",
87
+ cause: e
88
+ });
89
+ if (e.name === "NotSupportedError")
90
+ return r.pubKeyCredParams.filter((s) => s.type === "public-key").length === 0 ? new A({
91
+ message: 'No entry in pubKeyCredParams was of type "public-key"',
92
+ code: "ERROR_MALFORMED_PUBKEYCREDPARAMS",
93
+ cause: e
94
+ }) : new A({
95
+ message: "No available authenticator supported any of the specified pubKeyCredParams algorithms",
96
+ code: "ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",
97
+ cause: e
98
+ });
99
+ if (e.name === "SecurityError") {
100
+ const o = window.location.hostname;
101
+ if ($e(o)) {
102
+ if (r.rp.id !== o)
103
+ return new A({
104
+ message: `The RP ID "${r.rp.id}" is invalid for this domain`,
105
+ code: "ERROR_INVALID_RP_ID",
106
+ cause: e
107
+ });
108
+ } else return new A({
109
+ message: `${window.location.hostname} is an invalid domain`,
110
+ code: "ERROR_INVALID_DOMAIN",
111
+ cause: e
112
+ });
113
+ } else if (e.name === "TypeError") {
114
+ if (r.user.id.byteLength < 1 || r.user.id.byteLength > 64)
115
+ return new A({
116
+ message: "User ID was not between 1 and 64 characters",
117
+ code: "ERROR_INVALID_USER_ID_LENGTH",
118
+ cause: e
119
+ });
120
+ } else if (e.name === "UnknownError")
121
+ return new A({
122
+ message: "The authenticator was unable to process the specified options, or could not create a new credential",
123
+ code: "ERROR_AUTHENTICATOR_GENERAL_ERROR",
124
+ cause: e
125
+ });
126
+ }
127
+ return e;
128
+ }
129
+ class At {
130
+ createNewAbortSignal() {
131
+ if (this.controller) {
132
+ const r = new Error("Cancelling existing WebAuthn API call for new one");
133
+ r.name = "AbortError", this.controller.abort(r);
134
+ }
135
+ const t = new AbortController();
136
+ return this.controller = t, t.signal;
137
+ }
138
+ cancelCeremony() {
139
+ if (this.controller) {
140
+ const t = new Error("Manually cancelling existing WebAuthn API call");
141
+ t.name = "AbortError", this.controller.abort(t), this.controller = void 0;
142
+ }
143
+ }
144
+ }
145
+ const Le = new At(), St = ["cross-platform", "platform"];
146
+ function We(e) {
147
+ if (e && !(St.indexOf(e) < 0))
148
+ return e;
149
+ }
150
+ async function Tt(e) {
151
+ var m;
152
+ if (!Ee())
153
+ throw new Error("WebAuthn is not supported in this browser");
154
+ const r = { publicKey: {
155
+ ...e,
156
+ challenge: ee(e.challenge),
157
+ user: {
158
+ ...e.user,
159
+ id: ee(e.user.id)
160
+ },
161
+ excludeCredentials: (m = e.excludeCredentials) == null ? void 0 : m.map(He)
162
+ } };
163
+ r.signal = Le.createNewAbortSignal();
164
+ let n;
165
+ try {
166
+ n = await navigator.credentials.create(r);
167
+ } catch (d) {
168
+ throw gt({ error: d, options: r });
169
+ }
170
+ if (!n)
171
+ throw new Error("Registration was not completed");
172
+ const { id: a, rawId: o, response: s, type: i } = n;
173
+ let u;
174
+ typeof s.getTransports == "function" && (u = s.getTransports());
175
+ let h;
176
+ if (typeof s.getPublicKeyAlgorithm == "function")
177
+ try {
178
+ h = s.getPublicKeyAlgorithm();
179
+ } catch (d) {
180
+ ce("getPublicKeyAlgorithm()", d);
181
+ }
182
+ let l;
183
+ if (typeof s.getPublicKey == "function")
184
+ try {
185
+ const d = s.getPublicKey();
186
+ d !== null && (l = b(d));
187
+ } catch (d) {
188
+ ce("getPublicKey()", d);
189
+ }
190
+ let f;
191
+ if (typeof s.getAuthenticatorData == "function")
192
+ try {
193
+ f = b(s.getAuthenticatorData());
194
+ } catch (d) {
195
+ ce("getAuthenticatorData()", d);
196
+ }
197
+ return {
198
+ id: a,
199
+ rawId: b(o),
200
+ response: {
201
+ attestationObject: b(s.attestationObject),
202
+ clientDataJSON: b(s.clientDataJSON),
203
+ transports: u,
204
+ publicKeyAlgorithm: h,
205
+ publicKey: l,
206
+ authenticatorData: f
207
+ },
208
+ type: i,
209
+ clientExtensionResults: n.getClientExtensionResults(),
210
+ authenticatorAttachment: We(n.authenticatorAttachment)
211
+ };
212
+ }
213
+ function ce(e, t) {
214
+ console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${e}. You should report this error to them.
215
+ `, t);
216
+ }
217
+ function Rt() {
218
+ if (!Ee())
219
+ return new Promise((t) => t(!1));
220
+ const e = window.PublicKeyCredential;
221
+ return e.isConditionalMediationAvailable === void 0 ? new Promise((t) => t(!1)) : e.isConditionalMediationAvailable();
222
+ }
223
+ function It({ error: e, options: t }) {
224
+ const { publicKey: r } = t;
225
+ if (!r)
226
+ throw Error("options was missing required publicKey property");
227
+ if (e.name === "AbortError") {
228
+ if (t.signal instanceof AbortSignal)
229
+ return new A({
230
+ message: "Authentication ceremony was sent an abort signal",
231
+ code: "ERROR_CEREMONY_ABORTED",
232
+ cause: e
233
+ });
234
+ } else {
235
+ if (e.name === "NotAllowedError")
236
+ return new A({
237
+ message: e.message,
238
+ code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",
239
+ cause: e
240
+ });
241
+ if (e.name === "SecurityError") {
242
+ const n = window.location.hostname;
243
+ if ($e(n)) {
244
+ if (r.rpId !== n)
245
+ return new A({
246
+ message: `The RP ID "${r.rpId}" is invalid for this domain`,
247
+ code: "ERROR_INVALID_RP_ID",
248
+ cause: e
249
+ });
250
+ } else return new A({
251
+ message: `${window.location.hostname} is an invalid domain`,
252
+ code: "ERROR_INVALID_DOMAIN",
253
+ cause: e
254
+ });
255
+ } else if (e.name === "UnknownError")
256
+ return new A({
257
+ message: "The authenticator was unable to process the specified options, or could not create a new assertion signature",
258
+ code: "ERROR_AUTHENTICATOR_GENERAL_ERROR",
259
+ cause: e
260
+ });
261
+ }
262
+ return e;
263
+ }
264
+ async function bt(e, t = !1) {
265
+ var f, m;
266
+ if (!Ee())
267
+ throw new Error("WebAuthn is not supported in this browser");
268
+ let r;
269
+ ((f = e.allowCredentials) == null ? void 0 : f.length) !== 0 && (r = (m = e.allowCredentials) == null ? void 0 : m.map(He));
270
+ const n = {
271
+ ...e,
272
+ challenge: ee(e.challenge),
273
+ allowCredentials: r
274
+ }, a = {};
275
+ if (t) {
276
+ if (!await Rt())
277
+ throw Error("Browser does not support WebAuthn autofill");
278
+ if (document.querySelectorAll("input[autocomplete$='webauthn']").length < 1)
279
+ throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');
280
+ a.mediation = "conditional", n.allowCredentials = [];
281
+ }
282
+ a.publicKey = n, a.signal = Le.createNewAbortSignal();
283
+ let o;
284
+ try {
285
+ o = await navigator.credentials.get(a);
286
+ } catch (d) {
287
+ throw It({ error: d, options: a });
288
+ }
289
+ if (!o)
290
+ throw new Error("Authentication was not completed");
291
+ const { id: s, rawId: i, response: u, type: h } = o;
292
+ let l;
293
+ return u.userHandle && (l = b(u.userHandle)), {
294
+ id: s,
295
+ rawId: b(i),
296
+ response: {
297
+ authenticatorData: b(u.authenticatorData),
298
+ clientDataJSON: b(u.clientDataJSON),
299
+ signature: b(u.signature),
300
+ userHandle: l
301
+ },
302
+ type: h,
303
+ clientExtensionResults: o.getClientExtensionResults(),
304
+ authenticatorAttachment: We(o.authenticatorAttachment)
305
+ };
306
+ }
19
307
  /*!
20
308
  @versini/auth-common v2.11.0
21
309
  © 2024 gizmette.com
@@ -23,28 +311,28 @@ try {
23
311
  try {
24
312
  window.__VERSINI_AUTH_COMMON__ || (window.__VERSINI_AUTH_COMMON__ = {
25
313
  version: "2.11.0",
26
- buildTime: "07/09/2024 07:27 PM EDT",
314
+ buildTime: "07/14/2024 06:45 PM EDT",
27
315
  homepage: "https://github.com/aversini/auth-client",
28
316
  license: "MIT"
29
317
  });
30
318
  } catch {
31
319
  }
32
- const q = {
320
+ const ne = {
33
321
  ID_TOKEN: "id_token",
34
322
  ACCESS_TOKEN: "token",
35
323
  ID_AND_ACCESS_TOKEN: "id_token token",
36
324
  CODE: "code",
37
325
  REFRESH_TOKEN: "refresh_token"
38
- }, rt = {
326
+ }, xe = {
39
327
  CLIENT_ID: "X-Auth-ClientId"
40
- }, w = {
328
+ }, T = {
41
329
  ALG: "RS256",
42
330
  USER_ID_KEY: "sub",
43
331
  TOKEN_ID_KEY: "__raw",
44
332
  NONCE_KEY: "_nonce",
45
333
  USERNAME_KEY: "username",
46
334
  ISSUER: "gizmette.com"
47
- }, at = `-----BEGIN PUBLIC KEY-----
335
+ }, _t = `-----BEGIN PUBLIC KEY-----
48
336
  MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6i3Jd9fY/3COqCw/m7
49
337
  w5PKyTYLGAI2I6SIIdpe6i6DOCbEkmDz7LdVsBqwNtVi8gvWYIj+8ol6rU3qu1v5
50
338
  i1Jd45GSK4kzkVdgCmQZbM5ak0KI99q5wsrAIzUd+LRJ2HRvWtr5IYdsIiXaQjle
@@ -52,33 +340,33 @@ aMwPFOIcJH+rKfFgNcHLcaS5syp7zU1ANwZ+trgR+DifBr8TLVkBynmNeTyhDm2+
52
340
  l0haqjMk0UoNPPE8iYBWUHQJJE1Dqstj65d6Eh5g64Pao25y4cmYJbKjiblIGEkE
53
341
  sjqybA9mARAqh9k/eiIopecWSiffNQTwVQVd2I9ZH3BalhEXHlqFgrjz51kFqg81
54
342
  awIDAQAB
55
- -----END PUBLIC KEY-----`, z = {
343
+ -----END PUBLIC KEY-----`, ae = {
56
344
  AUTHENTICATE: "authenticate",
57
345
  CODE: "code",
58
346
  LOGOUT: "logout"
59
- }, X = crypto, be = (e) => e instanceof CryptoKey, K = new TextEncoder(), Q = new TextDecoder();
60
- function nt(...e) {
61
- const t = e.reduce((n, { length: o }) => n + o, 0), r = new Uint8Array(t);
62
- let a = 0;
63
- for (const n of e)
64
- r.set(n, a), a += n.length;
347
+ }, se = crypto, Ge = (e) => e instanceof CryptoKey, V = new TextEncoder(), oe = new TextDecoder();
348
+ function Ot(...e) {
349
+ const t = e.reduce((a, { length: o }) => a + o, 0), r = new Uint8Array(t);
350
+ let n = 0;
351
+ for (const a of e)
352
+ r.set(a, n), n += a.length;
65
353
  return r;
66
354
  }
67
- const st = (e) => {
355
+ const kt = (e) => {
68
356
  const t = atob(e), r = new Uint8Array(t.length);
69
- for (let a = 0; a < t.length; a++)
70
- r[a] = t.charCodeAt(a);
357
+ for (let n = 0; n < t.length; n++)
358
+ r[n] = t.charCodeAt(n);
71
359
  return r;
72
- }, Y = (e) => {
360
+ }, X = (e) => {
73
361
  let t = e;
74
- t instanceof Uint8Array && (t = Q.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
362
+ t instanceof Uint8Array && (t = oe.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
75
363
  try {
76
- return st(t);
364
+ return kt(t);
77
365
  } catch {
78
366
  throw new TypeError("The input to be decoded is not correctly encoded.");
79
367
  }
80
368
  };
81
- class R extends Error {
369
+ class v extends Error {
82
370
  static get code() {
83
371
  return "ERR_JOSE_GENERIC";
84
372
  }
@@ -87,23 +375,23 @@ class R extends Error {
87
375
  super(t), this.code = "ERR_JOSE_GENERIC", this.name = this.constructor.name, (r = Error.captureStackTrace) == null || r.call(Error, this, this.constructor);
88
376
  }
89
377
  }
90
- class T extends R {
378
+ class I extends v {
91
379
  static get code() {
92
380
  return "ERR_JWT_CLAIM_VALIDATION_FAILED";
93
381
  }
94
- constructor(t, r, a = "unspecified", n = "unspecified") {
95
- super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = a, this.reason = n, this.payload = r;
382
+ constructor(t, r, n = "unspecified", a = "unspecified") {
383
+ super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = n, this.reason = a, this.payload = r;
96
384
  }
97
385
  }
98
- class le extends R {
386
+ class Re extends v {
99
387
  static get code() {
100
388
  return "ERR_JWT_EXPIRED";
101
389
  }
102
- constructor(t, r, a = "unspecified", n = "unspecified") {
103
- super(t), this.code = "ERR_JWT_EXPIRED", this.claim = a, this.reason = n, this.payload = r;
390
+ constructor(t, r, n = "unspecified", a = "unspecified") {
391
+ super(t), this.code = "ERR_JWT_EXPIRED", this.claim = n, this.reason = a, this.payload = r;
104
392
  }
105
393
  }
106
- class ot extends R {
394
+ class Pt extends v {
107
395
  constructor() {
108
396
  super(...arguments), this.code = "ERR_JOSE_ALG_NOT_ALLOWED";
109
397
  }
@@ -111,7 +399,7 @@ class ot extends R {
111
399
  return "ERR_JOSE_ALG_NOT_ALLOWED";
112
400
  }
113
401
  }
114
- class v extends R {
402
+ class k extends v {
115
403
  constructor() {
116
404
  super(...arguments), this.code = "ERR_JOSE_NOT_SUPPORTED";
117
405
  }
@@ -119,7 +407,7 @@ class v extends R {
119
407
  return "ERR_JOSE_NOT_SUPPORTED";
120
408
  }
121
409
  }
122
- class f extends R {
410
+ class g extends v {
123
411
  constructor() {
124
412
  super(...arguments), this.code = "ERR_JWS_INVALID";
125
413
  }
@@ -127,7 +415,7 @@ class f extends R {
127
415
  return "ERR_JWS_INVALID";
128
416
  }
129
417
  }
130
- let Ie = class extends R {
418
+ let Me = class extends v {
131
419
  constructor() {
132
420
  super(...arguments), this.code = "ERR_JWT_INVALID";
133
421
  }
@@ -135,7 +423,7 @@ let Ie = class extends R {
135
423
  return "ERR_JWT_INVALID";
136
424
  }
137
425
  };
138
- class it extends R {
426
+ class vt extends v {
139
427
  constructor() {
140
428
  super(...arguments), this.code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED", this.message = "signature verification failed";
141
429
  }
@@ -143,16 +431,16 @@ class it extends R {
143
431
  return "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
144
432
  }
145
433
  }
146
- function k(e, t = "algorithm.name") {
434
+ function _(e, t = "algorithm.name") {
147
435
  return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`);
148
436
  }
149
- function L(e, t) {
437
+ function J(e, t) {
150
438
  return e.name === t;
151
439
  }
152
- function ee(e) {
440
+ function ue(e) {
153
441
  return parseInt(e.name.slice(4), 10);
154
442
  }
155
- function ct(e) {
443
+ function Ct(e) {
156
444
  switch (e) {
157
445
  case "ES256":
158
446
  return "P-256";
@@ -164,92 +452,92 @@ function ct(e) {
164
452
  throw new Error("unreachable");
165
453
  }
166
454
  }
167
- function ut(e, t) {
455
+ function Nt(e, t) {
168
456
  if (t.length && !t.some((r) => e.usages.includes(r))) {
169
457
  let r = "CryptoKey does not support this operation, its usages must include ";
170
458
  if (t.length > 2) {
171
- const a = t.pop();
172
- r += `one of ${t.join(", ")}, or ${a}.`;
459
+ const n = t.pop();
460
+ r += `one of ${t.join(", ")}, or ${n}.`;
173
461
  } else t.length === 2 ? r += `one of ${t[0]} or ${t[1]}.` : r += `${t[0]}.`;
174
462
  throw new TypeError(r);
175
463
  }
176
464
  }
177
- function dt(e, t, ...r) {
465
+ function Dt(e, t, ...r) {
178
466
  switch (t) {
179
467
  case "HS256":
180
468
  case "HS384":
181
469
  case "HS512": {
182
- if (!L(e.algorithm, "HMAC"))
183
- throw k("HMAC");
184
- const a = parseInt(t.slice(2), 10);
185
- if (ee(e.algorithm.hash) !== a)
186
- throw k(`SHA-${a}`, "algorithm.hash");
470
+ if (!J(e.algorithm, "HMAC"))
471
+ throw _("HMAC");
472
+ const n = parseInt(t.slice(2), 10);
473
+ if (ue(e.algorithm.hash) !== n)
474
+ throw _(`SHA-${n}`, "algorithm.hash");
187
475
  break;
188
476
  }
189
477
  case "RS256":
190
478
  case "RS384":
191
479
  case "RS512": {
192
- if (!L(e.algorithm, "RSASSA-PKCS1-v1_5"))
193
- throw k("RSASSA-PKCS1-v1_5");
194
- const a = parseInt(t.slice(2), 10);
195
- if (ee(e.algorithm.hash) !== a)
196
- throw k(`SHA-${a}`, "algorithm.hash");
480
+ if (!J(e.algorithm, "RSASSA-PKCS1-v1_5"))
481
+ throw _("RSASSA-PKCS1-v1_5");
482
+ const n = parseInt(t.slice(2), 10);
483
+ if (ue(e.algorithm.hash) !== n)
484
+ throw _(`SHA-${n}`, "algorithm.hash");
197
485
  break;
198
486
  }
199
487
  case "PS256":
200
488
  case "PS384":
201
489
  case "PS512": {
202
- if (!L(e.algorithm, "RSA-PSS"))
203
- throw k("RSA-PSS");
204
- const a = parseInt(t.slice(2), 10);
205
- if (ee(e.algorithm.hash) !== a)
206
- throw k(`SHA-${a}`, "algorithm.hash");
490
+ if (!J(e.algorithm, "RSA-PSS"))
491
+ throw _("RSA-PSS");
492
+ const n = parseInt(t.slice(2), 10);
493
+ if (ue(e.algorithm.hash) !== n)
494
+ throw _(`SHA-${n}`, "algorithm.hash");
207
495
  break;
208
496
  }
209
497
  case "EdDSA": {
210
498
  if (e.algorithm.name !== "Ed25519" && e.algorithm.name !== "Ed448")
211
- throw k("Ed25519 or Ed448");
499
+ throw _("Ed25519 or Ed448");
212
500
  break;
213
501
  }
214
502
  case "ES256":
215
503
  case "ES384":
216
504
  case "ES512": {
217
- if (!L(e.algorithm, "ECDSA"))
218
- throw k("ECDSA");
219
- const a = ct(t);
220
- if (e.algorithm.namedCurve !== a)
221
- throw k(a, "algorithm.namedCurve");
505
+ if (!J(e.algorithm, "ECDSA"))
506
+ throw _("ECDSA");
507
+ const n = Ct(t);
508
+ if (e.algorithm.namedCurve !== n)
509
+ throw _(n, "algorithm.namedCurve");
222
510
  break;
223
511
  }
224
512
  default:
225
513
  throw new TypeError("CryptoKey does not support this operation");
226
514
  }
227
- ut(e, r);
515
+ Nt(e, r);
228
516
  }
229
- function Re(e, t, ...r) {
230
- var a;
517
+ function Ve(e, t, ...r) {
518
+ var n;
231
519
  if (r.length > 2) {
232
- const n = r.pop();
233
- e += `one of type ${r.join(", ")}, or ${n}.`;
520
+ const a = r.pop();
521
+ e += `one of type ${r.join(", ")}, or ${a}.`;
234
522
  } else r.length === 2 ? e += `one of type ${r[0]} or ${r[1]}.` : e += `of type ${r[0]}.`;
235
- return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (a = t.constructor) != null && a.name && (e += ` Received an instance of ${t.constructor.name}`), e;
523
+ return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (n = t.constructor) != null && n.name && (e += ` Received an instance of ${t.constructor.name}`), e;
236
524
  }
237
- const he = (e, ...t) => Re("Key must be ", e, ...t);
238
- function Ce(e, t, ...r) {
239
- return Re(`Key for the ${e} algorithm must be `, t, ...r);
525
+ const Ie = (e, ...t) => Ve("Key must be ", e, ...t);
526
+ function Je(e, t, ...r) {
527
+ return Ve(`Key for the ${e} algorithm must be `, t, ...r);
240
528
  }
241
- const Pe = (e) => be(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", F = ["CryptoKey"], lt = (...e) => {
529
+ const Ye = (e) => Ge(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", te = ["CryptoKey"], Ut = (...e) => {
242
530
  const t = e.filter(Boolean);
243
531
  if (t.length === 0 || t.length === 1)
244
532
  return !0;
245
533
  let r;
246
- for (const a of t) {
247
- const n = Object.keys(a);
534
+ for (const n of t) {
535
+ const a = Object.keys(n);
248
536
  if (!r || r.size === 0) {
249
- r = new Set(n);
537
+ r = new Set(a);
250
538
  continue;
251
539
  }
252
- for (const o of n) {
540
+ for (const o of a) {
253
541
  if (r.has(o))
254
542
  return !1;
255
543
  r.add(o);
@@ -257,11 +545,11 @@ const Pe = (e) => be(e) ? !0 : (e == null ? void 0 : e[Symbol.toStringTag]) ===
257
545
  }
258
546
  return !0;
259
547
  };
260
- function ht(e) {
548
+ function Kt(e) {
261
549
  return typeof e == "object" && e !== null;
262
550
  }
263
- function oe(e) {
264
- if (!ht(e) || Object.prototype.toString.call(e) !== "[object Object]")
551
+ function me(e) {
552
+ if (!Kt(e) || Object.prototype.toString.call(e) !== "[object Object]")
265
553
  return !1;
266
554
  if (Object.getPrototypeOf(e) === null)
267
555
  return !0;
@@ -270,14 +558,14 @@ function oe(e) {
270
558
  t = Object.getPrototypeOf(t);
271
559
  return Object.getPrototypeOf(e) === t;
272
560
  }
273
- const pt = (e, t) => {
561
+ const Ht = (e, t) => {
274
562
  if (e.startsWith("RS") || e.startsWith("PS")) {
275
563
  const { modulusLength: r } = t.algorithm;
276
564
  if (typeof r != "number" || r < 2048)
277
565
  throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`);
278
566
  }
279
567
  };
280
- function ft(e) {
568
+ function $t(e) {
281
569
  let t, r;
282
570
  switch (e.kty) {
283
571
  case "RSA": {
@@ -302,7 +590,7 @@ function ft(e) {
302
590
  }, r = e.d ? ["decrypt", "unwrapKey"] : ["encrypt", "wrapKey"];
303
591
  break;
304
592
  default:
305
- throw new v('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
593
+ throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
306
594
  }
307
595
  break;
308
596
  }
@@ -324,7 +612,7 @@ function ft(e) {
324
612
  t = { name: "ECDH", namedCurve: e.crv }, r = e.d ? ["deriveBits"] : [];
325
613
  break;
326
614
  default:
327
- throw new v('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
615
+ throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
328
616
  }
329
617
  break;
330
618
  }
@@ -340,83 +628,83 @@ function ft(e) {
340
628
  t = { name: e.crv }, r = e.d ? ["deriveBits"] : [];
341
629
  break;
342
630
  default:
343
- throw new v('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
631
+ throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
344
632
  }
345
633
  break;
346
634
  }
347
635
  default:
348
- throw new v('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
636
+ throw new k('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
349
637
  }
350
638
  return { algorithm: t, keyUsages: r };
351
639
  }
352
- const yt = async (e) => {
640
+ const Lt = async (e) => {
353
641
  if (!e.alg)
354
642
  throw new TypeError('"alg" argument is required when "jwk.alg" is not present');
355
- const { algorithm: t, keyUsages: r } = ft(e), a = [
643
+ const { algorithm: t, keyUsages: r } = $t(e), n = [
356
644
  t,
357
645
  e.ext ?? !1,
358
646
  e.key_ops ?? r
359
- ], n = { ...e };
360
- return delete n.alg, delete n.use, X.subtle.importKey("jwk", n, ...a);
361
- }, Oe = (e) => Y(e);
362
- let te, re;
363
- const De = (e) => (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", Ue = async (e, t, r, a) => {
364
- let n = e.get(t);
365
- if (n != null && n[a])
366
- return n[a];
367
- const o = await yt({ ...r, alg: a });
368
- return n ? n[a] = o : e.set(t, { [a]: o }), o;
369
- }, wt = (e, t) => {
370
- if (De(e)) {
647
+ ], a = { ...e };
648
+ return delete a.alg, delete a.use, se.subtle.importKey("jwk", a, ...n);
649
+ }, je = (e) => X(e);
650
+ let le, de;
651
+ const Fe = (e) => (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject", Be = async (e, t, r, n) => {
652
+ let a = e.get(t);
653
+ if (a != null && a[n])
654
+ return a[n];
655
+ const o = await Lt({ ...r, alg: n });
656
+ return a ? a[n] = o : e.set(t, { [n]: o }), o;
657
+ }, Wt = (e, t) => {
658
+ if (Fe(e)) {
371
659
  let r = e.export({ format: "jwk" });
372
- return delete r.d, delete r.dp, delete r.dq, delete r.p, delete r.q, delete r.qi, r.k ? Oe(r.k) : (re || (re = /* @__PURE__ */ new WeakMap()), Ue(re, e, r, t));
660
+ return delete r.d, delete r.dp, delete r.dq, delete r.p, delete r.q, delete r.qi, r.k ? je(r.k) : (de || (de = /* @__PURE__ */ new WeakMap()), Be(de, e, r, t));
373
661
  }
374
662
  return e;
375
- }, mt = (e, t) => {
376
- if (De(e)) {
663
+ }, xt = (e, t) => {
664
+ if (Fe(e)) {
377
665
  let r = e.export({ format: "jwk" });
378
- return r.k ? Oe(r.k) : (te || (te = /* @__PURE__ */ new WeakMap()), Ue(te, e, r, t));
666
+ return r.k ? je(r.k) : (le || (le = /* @__PURE__ */ new WeakMap()), Be(le, e, r, t));
379
667
  }
380
668
  return e;
381
- }, Et = { normalizePublicKey: wt, normalizePrivateKey: mt }, _ = (e, t, r = 0) => {
669
+ }, Gt = { normalizePublicKey: Wt, normalizePrivateKey: xt }, O = (e, t, r = 0) => {
382
670
  r === 0 && (t.unshift(t.length), t.unshift(6));
383
- const a = e.indexOf(t[0], r);
384
- if (a === -1)
671
+ const n = e.indexOf(t[0], r);
672
+ if (n === -1)
385
673
  return !1;
386
- const n = e.subarray(a, a + t.length);
387
- return n.length !== t.length ? !1 : n.every((o, s) => o === t[s]) || _(e, t, a + 1);
388
- }, pe = (e) => {
674
+ const a = e.subarray(n, n + t.length);
675
+ return a.length !== t.length ? !1 : a.every((o, s) => o === t[s]) || O(e, t, n + 1);
676
+ }, be = (e) => {
389
677
  switch (!0) {
390
- case _(e, [42, 134, 72, 206, 61, 3, 1, 7]):
678
+ case O(e, [42, 134, 72, 206, 61, 3, 1, 7]):
391
679
  return "P-256";
392
- case _(e, [43, 129, 4, 0, 34]):
680
+ case O(e, [43, 129, 4, 0, 34]):
393
681
  return "P-384";
394
- case _(e, [43, 129, 4, 0, 35]):
682
+ case O(e, [43, 129, 4, 0, 35]):
395
683
  return "P-521";
396
- case _(e, [43, 101, 110]):
684
+ case O(e, [43, 101, 110]):
397
685
  return "X25519";
398
- case _(e, [43, 101, 111]):
686
+ case O(e, [43, 101, 111]):
399
687
  return "X448";
400
- case _(e, [43, 101, 112]):
688
+ case O(e, [43, 101, 112]):
401
689
  return "Ed25519";
402
- case _(e, [43, 101, 113]):
690
+ case O(e, [43, 101, 113]):
403
691
  return "Ed448";
404
692
  default:
405
- throw new v("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
693
+ throw new k("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
406
694
  }
407
- }, St = async (e, t, r, a, n) => {
695
+ }, Mt = async (e, t, r, n, a) => {
408
696
  let o, s;
409
- const i = new Uint8Array(atob(r.replace(e, "")).split("").map((c) => c.charCodeAt(0)));
410
- switch (a) {
697
+ const i = new Uint8Array(atob(r.replace(e, "")).split("").map((u) => u.charCodeAt(0)));
698
+ switch (n) {
411
699
  case "PS256":
412
700
  case "PS384":
413
701
  case "PS512":
414
- o = { name: "RSA-PSS", hash: `SHA-${a.slice(-3)}` }, s = ["verify"];
702
+ o = { name: "RSA-PSS", hash: `SHA-${n.slice(-3)}` }, s = ["verify"];
415
703
  break;
416
704
  case "RS256":
417
705
  case "RS384":
418
706
  case "RS512":
419
- o = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${a.slice(-3)}` }, s = ["verify"];
707
+ o = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${n.slice(-3)}` }, s = ["verify"];
420
708
  break;
421
709
  case "RSA-OAEP":
422
710
  case "RSA-OAEP-256":
@@ -424,7 +712,7 @@ const De = (e) => (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject",
424
712
  case "RSA-OAEP-512":
425
713
  o = {
426
714
  name: "RSA-OAEP",
427
- hash: `SHA-${parseInt(a.slice(-3), 10) || 1}`
715
+ hash: `SHA-${parseInt(n.slice(-3), 10) || 1}`
428
716
  }, s = ["encrypt", "wrapKey"];
429
717
  break;
430
718
  case "ES256":
@@ -440,68 +728,68 @@ const De = (e) => (e == null ? void 0 : e[Symbol.toStringTag]) === "KeyObject",
440
728
  case "ECDH-ES+A128KW":
441
729
  case "ECDH-ES+A192KW":
442
730
  case "ECDH-ES+A256KW": {
443
- const c = pe(i);
444
- o = c.startsWith("P-") ? { name: "ECDH", namedCurve: c } : { name: c }, s = [];
731
+ const u = be(i);
732
+ o = u.startsWith("P-") ? { name: "ECDH", namedCurve: u } : { name: u }, s = [];
445
733
  break;
446
734
  }
447
735
  case "EdDSA":
448
- o = { name: pe(i) }, s = ["verify"];
736
+ o = { name: be(i) }, s = ["verify"];
449
737
  break;
450
738
  default:
451
- throw new v('Invalid or unsupported "alg" (Algorithm) value');
739
+ throw new k('Invalid or unsupported "alg" (Algorithm) value');
452
740
  }
453
- return X.subtle.importKey(t, i, o, !1, s);
454
- }, gt = (e, t, r) => St(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
455
- async function At(e, t, r) {
741
+ return se.subtle.importKey(t, i, o, !1, s);
742
+ }, Vt = (e, t, r) => Mt(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
743
+ async function Jt(e, t, r) {
456
744
  if (e.indexOf("-----BEGIN PUBLIC KEY-----") !== 0)
457
745
  throw new TypeError('"spki" must be SPKI formatted string');
458
- return gt(e, t);
746
+ return Vt(e, t);
459
747
  }
460
- const V = (e) => e == null ? void 0 : e[Symbol.toStringTag], Tt = (e, t) => {
748
+ const Z = (e) => e == null ? void 0 : e[Symbol.toStringTag], Yt = (e, t) => {
461
749
  if (!(t instanceof Uint8Array)) {
462
- if (!Pe(t))
463
- throw new TypeError(Ce(e, t, ...F, "Uint8Array"));
750
+ if (!Ye(t))
751
+ throw new TypeError(Je(e, t, ...te, "Uint8Array"));
464
752
  if (t.type !== "secret")
465
- throw new TypeError(`${V(t)} instances for symmetric algorithms must be of type "secret"`);
753
+ throw new TypeError(`${Z(t)} instances for symmetric algorithms must be of type "secret"`);
466
754
  }
467
- }, kt = (e, t, r) => {
468
- if (!Pe(t))
469
- throw new TypeError(Ce(e, t, ...F));
755
+ }, jt = (e, t, r) => {
756
+ if (!Ye(t))
757
+ throw new TypeError(Je(e, t, ...te));
470
758
  if (t.type === "secret")
471
- throw new TypeError(`${V(t)} instances for asymmetric algorithms must not be of type "secret"`);
759
+ throw new TypeError(`${Z(t)} instances for asymmetric algorithms must not be of type "secret"`);
472
760
  if (t.algorithm && r === "verify" && t.type === "private")
473
- throw new TypeError(`${V(t)} instances for asymmetric algorithm verifying must be of type "public"`);
761
+ throw new TypeError(`${Z(t)} instances for asymmetric algorithm verifying must be of type "public"`);
474
762
  if (t.algorithm && r === "encrypt" && t.type === "private")
475
- throw new TypeError(`${V(t)} instances for asymmetric algorithm encryption must be of type "public"`);
476
- }, _t = (e, t, r) => {
477
- e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? Tt(e, t) : kt(e, t, r);
763
+ throw new TypeError(`${Z(t)} instances for asymmetric algorithm encryption must be of type "public"`);
764
+ }, Ft = (e, t, r) => {
765
+ e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? Yt(e, t) : jt(e, t, r);
478
766
  };
479
- function vt(e, t, r, a, n) {
480
- if (n.crit !== void 0 && (a == null ? void 0 : a.crit) === void 0)
767
+ function Bt(e, t, r, n, a) {
768
+ if (a.crit !== void 0 && (n == null ? void 0 : n.crit) === void 0)
481
769
  throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');
482
- if (!a || a.crit === void 0)
770
+ if (!n || n.crit === void 0)
483
771
  return /* @__PURE__ */ new Set();
484
- if (!Array.isArray(a.crit) || a.crit.length === 0 || a.crit.some((s) => typeof s != "string" || s.length === 0))
772
+ if (!Array.isArray(n.crit) || n.crit.length === 0 || n.crit.some((s) => typeof s != "string" || s.length === 0))
485
773
  throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');
486
774
  let o;
487
775
  r !== void 0 ? o = new Map([...Object.entries(r), ...t.entries()]) : o = t;
488
- for (const s of a.crit) {
776
+ for (const s of n.crit) {
489
777
  if (!o.has(s))
490
- throw new v(`Extension Header Parameter "${s}" is not recognized`);
491
- if (n[s] === void 0)
778
+ throw new k(`Extension Header Parameter "${s}" is not recognized`);
779
+ if (a[s] === void 0)
492
780
  throw new e(`Extension Header Parameter "${s}" is missing`);
493
- if (o.get(s) && a[s] === void 0)
781
+ if (o.get(s) && n[s] === void 0)
494
782
  throw new e(`Extension Header Parameter "${s}" MUST be integrity protected`);
495
783
  }
496
- return new Set(a.crit);
784
+ return new Set(n.crit);
497
785
  }
498
- const bt = (e, t) => {
786
+ const qt = (e, t) => {
499
787
  if (t !== void 0 && (!Array.isArray(t) || t.some((r) => typeof r != "string")))
500
788
  throw new TypeError(`"${e}" option must be an array of strings`);
501
789
  if (t)
502
790
  return new Set(t);
503
791
  };
504
- function It(e, t) {
792
+ function zt(e, t) {
505
793
  const r = `SHA-${e.slice(-3)}`;
506
794
  switch (e) {
507
795
  case "HS256":
@@ -523,374 +811,374 @@ function It(e, t) {
523
811
  case "EdDSA":
524
812
  return { name: t.name };
525
813
  default:
526
- throw new v(`alg ${e} is not supported either by JOSE or your javascript runtime`);
814
+ throw new k(`alg ${e} is not supported either by JOSE or your javascript runtime`);
527
815
  }
528
816
  }
529
- async function Rt(e, t, r) {
530
- if (t = await Et.normalizePublicKey(t, e), be(t))
531
- return dt(t, e, r), t;
817
+ async function Qt(e, t, r) {
818
+ if (t = await Gt.normalizePublicKey(t, e), Ge(t))
819
+ return Dt(t, e, r), t;
532
820
  if (t instanceof Uint8Array) {
533
821
  if (!e.startsWith("HS"))
534
- throw new TypeError(he(t, ...F));
535
- return X.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [r]);
822
+ throw new TypeError(Ie(t, ...te));
823
+ return se.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [r]);
536
824
  }
537
- throw new TypeError(he(t, ...F, "Uint8Array"));
825
+ throw new TypeError(Ie(t, ...te, "Uint8Array"));
538
826
  }
539
- const Ct = async (e, t, r, a) => {
540
- const n = await Rt(e, t, "verify");
541
- pt(e, n);
542
- const o = It(e, n.algorithm);
827
+ const Xt = async (e, t, r, n) => {
828
+ const a = await Qt(e, t, "verify");
829
+ Ht(e, a);
830
+ const o = zt(e, a.algorithm);
543
831
  try {
544
- return await X.subtle.verify(o, n, r, a);
832
+ return await se.subtle.verify(o, a, r, n);
545
833
  } catch {
546
834
  return !1;
547
835
  }
548
836
  };
549
- async function Pt(e, t, r) {
550
- if (!oe(e))
551
- throw new f("Flattened JWS must be an object");
837
+ async function Zt(e, t, r) {
838
+ if (!me(e))
839
+ throw new g("Flattened JWS must be an object");
552
840
  if (e.protected === void 0 && e.header === void 0)
553
- throw new f('Flattened JWS must have either of the "protected" or "header" members');
841
+ throw new g('Flattened JWS must have either of the "protected" or "header" members');
554
842
  if (e.protected !== void 0 && typeof e.protected != "string")
555
- throw new f("JWS Protected Header incorrect type");
843
+ throw new g("JWS Protected Header incorrect type");
556
844
  if (e.payload === void 0)
557
- throw new f("JWS Payload missing");
845
+ throw new g("JWS Payload missing");
558
846
  if (typeof e.signature != "string")
559
- throw new f("JWS Signature missing or incorrect type");
560
- if (e.header !== void 0 && !oe(e.header))
561
- throw new f("JWS Unprotected Header incorrect type");
562
- let a = {};
847
+ throw new g("JWS Signature missing or incorrect type");
848
+ if (e.header !== void 0 && !me(e.header))
849
+ throw new g("JWS Unprotected Header incorrect type");
850
+ let n = {};
563
851
  if (e.protected)
564
852
  try {
565
- const E = Y(e.protected);
566
- a = JSON.parse(Q.decode(E));
853
+ const S = X(e.protected);
854
+ n = JSON.parse(oe.decode(S));
567
855
  } catch {
568
- throw new f("JWS Protected Header is invalid");
856
+ throw new g("JWS Protected Header is invalid");
569
857
  }
570
- if (!lt(a, e.header))
571
- throw new f("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
572
- const n = {
573
- ...a,
858
+ if (!Ut(n, e.header))
859
+ throw new g("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
860
+ const a = {
861
+ ...n,
574
862
  ...e.header
575
- }, o = vt(f, /* @__PURE__ */ new Map([["b64", !0]]), r == null ? void 0 : r.crit, a, n);
863
+ }, o = Bt(g, /* @__PURE__ */ new Map([["b64", !0]]), r == null ? void 0 : r.crit, n, a);
576
864
  let s = !0;
577
- if (o.has("b64") && (s = a.b64, typeof s != "boolean"))
578
- throw new f('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
579
- const { alg: i } = n;
865
+ if (o.has("b64") && (s = n.b64, typeof s != "boolean"))
866
+ throw new g('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
867
+ const { alg: i } = a;
580
868
  if (typeof i != "string" || !i)
581
- throw new f('JWS "alg" (Algorithm) Header Parameter missing or invalid');
582
- const c = r && bt("algorithms", r.algorithms);
583
- if (c && !c.has(i))
584
- throw new ot('"alg" (Algorithm) Header Parameter value not allowed');
869
+ throw new g('JWS "alg" (Algorithm) Header Parameter missing or invalid');
870
+ const u = r && qt("algorithms", r.algorithms);
871
+ if (u && !u.has(i))
872
+ throw new Pt('"alg" (Algorithm) Header Parameter value not allowed');
585
873
  if (s) {
586
874
  if (typeof e.payload != "string")
587
- throw new f("JWS Payload must be a string");
875
+ throw new g("JWS Payload must be a string");
588
876
  } else if (typeof e.payload != "string" && !(e.payload instanceof Uint8Array))
589
- throw new f("JWS Payload must be a string or an Uint8Array instance");
590
- let d = !1;
591
- typeof t == "function" && (t = await t(a, e), d = !0), _t(i, t, "verify");
592
- const l = nt(K.encode(e.protected ?? ""), K.encode("."), typeof e.payload == "string" ? K.encode(e.payload) : e.payload);
593
- let y;
877
+ throw new g("JWS Payload must be a string or an Uint8Array instance");
878
+ let h = !1;
879
+ typeof t == "function" && (t = await t(n, e), h = !0), Ft(i, t, "verify");
880
+ const l = Ot(V.encode(e.protected ?? ""), V.encode("."), typeof e.payload == "string" ? V.encode(e.payload) : e.payload);
881
+ let f;
594
882
  try {
595
- y = Y(e.signature);
883
+ f = X(e.signature);
596
884
  } catch {
597
- throw new f("Failed to base64url decode the signature");
885
+ throw new g("Failed to base64url decode the signature");
598
886
  }
599
- if (!await Ct(i, t, y, l))
600
- throw new it();
601
- let S;
887
+ if (!await Xt(i, t, f, l))
888
+ throw new vt();
889
+ let m;
602
890
  if (s)
603
891
  try {
604
- S = Y(e.payload);
892
+ m = X(e.payload);
605
893
  } catch {
606
- throw new f("Failed to base64url decode the payload");
894
+ throw new g("Failed to base64url decode the payload");
607
895
  }
608
- else typeof e.payload == "string" ? S = K.encode(e.payload) : S = e.payload;
609
- const m = { payload: S };
610
- return e.protected !== void 0 && (m.protectedHeader = a), e.header !== void 0 && (m.unprotectedHeader = e.header), d ? { ...m, key: t } : m;
896
+ else typeof e.payload == "string" ? m = V.encode(e.payload) : m = e.payload;
897
+ const d = { payload: m };
898
+ return e.protected !== void 0 && (d.protectedHeader = n), e.header !== void 0 && (d.unprotectedHeader = e.header), h ? { ...d, key: t } : d;
611
899
  }
612
- async function Ot(e, t, r) {
613
- if (e instanceof Uint8Array && (e = Q.decode(e)), typeof e != "string")
614
- throw new f("Compact JWS must be a string or Uint8Array");
615
- const { 0: a, 1: n, 2: o, length: s } = e.split(".");
900
+ async function er(e, t, r) {
901
+ if (e instanceof Uint8Array && (e = oe.decode(e)), typeof e != "string")
902
+ throw new g("Compact JWS must be a string or Uint8Array");
903
+ const { 0: n, 1: a, 2: o, length: s } = e.split(".");
616
904
  if (s !== 3)
617
- throw new f("Invalid Compact JWS");
618
- const i = await Pt({ payload: n, protected: a, signature: o }, t, r), c = { payload: i.payload, protectedHeader: i.protectedHeader };
619
- return typeof t == "function" ? { ...c, key: i.key } : c;
905
+ throw new g("Invalid Compact JWS");
906
+ const i = await Zt({ payload: a, protected: n, signature: o }, t, r), u = { payload: i.payload, protectedHeader: i.protectedHeader };
907
+ return typeof t == "function" ? { ...u, key: i.key } : u;
620
908
  }
621
- const Dt = (e) => Math.floor(e.getTime() / 1e3), Ne = 60, He = Ne * 60, ie = He * 24, Ut = ie * 7, Nt = ie * 365.25, Ht = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, fe = (e) => {
622
- const t = Ht.exec(e);
909
+ const tr = (e) => Math.floor(e.getTime() / 1e3), qe = 60, ze = qe * 60, we = ze * 24, rr = we * 7, nr = we * 365.25, ar = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, _e = (e) => {
910
+ const t = ar.exec(e);
623
911
  if (!t || t[4] && t[1])
624
912
  throw new TypeError("Invalid time period format");
625
- const r = parseFloat(t[2]), a = t[3].toLowerCase();
626
- let n;
627
- switch (a) {
913
+ const r = parseFloat(t[2]), n = t[3].toLowerCase();
914
+ let a;
915
+ switch (n) {
628
916
  case "sec":
629
917
  case "secs":
630
918
  case "second":
631
919
  case "seconds":
632
920
  case "s":
633
- n = Math.round(r);
921
+ a = Math.round(r);
634
922
  break;
635
923
  case "minute":
636
924
  case "minutes":
637
925
  case "min":
638
926
  case "mins":
639
927
  case "m":
640
- n = Math.round(r * Ne);
928
+ a = Math.round(r * qe);
641
929
  break;
642
930
  case "hour":
643
931
  case "hours":
644
932
  case "hr":
645
933
  case "hrs":
646
934
  case "h":
647
- n = Math.round(r * He);
935
+ a = Math.round(r * ze);
648
936
  break;
649
937
  case "day":
650
938
  case "days":
651
939
  case "d":
652
- n = Math.round(r * ie);
940
+ a = Math.round(r * we);
653
941
  break;
654
942
  case "week":
655
943
  case "weeks":
656
944
  case "w":
657
- n = Math.round(r * Ut);
945
+ a = Math.round(r * rr);
658
946
  break;
659
947
  default:
660
- n = Math.round(r * Nt);
948
+ a = Math.round(r * nr);
661
949
  break;
662
950
  }
663
- return t[1] === "-" || t[4] === "ago" ? -n : n;
664
- }, ye = (e) => e.toLowerCase().replace(/^application\//, ""), Kt = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, Lt = (e, t, r = {}) => {
665
- let a;
951
+ return t[1] === "-" || t[4] === "ago" ? -a : a;
952
+ }, Oe = (e) => e.toLowerCase().replace(/^application\//, ""), sr = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, or = (e, t, r = {}) => {
953
+ let n;
666
954
  try {
667
- a = JSON.parse(Q.decode(t));
955
+ n = JSON.parse(oe.decode(t));
668
956
  } catch {
669
957
  }
670
- if (!oe(a))
671
- throw new Ie("JWT Claims Set must be a top-level JSON object");
672
- const { typ: n } = r;
673
- if (n && (typeof e.typ != "string" || ye(e.typ) !== ye(n)))
674
- throw new T('unexpected "typ" JWT header value', a, "typ", "check_failed");
675
- const { requiredClaims: o = [], issuer: s, subject: i, audience: c, maxTokenAge: d } = r, l = [...o];
676
- d !== void 0 && l.push("iat"), c !== void 0 && l.push("aud"), i !== void 0 && l.push("sub"), s !== void 0 && l.push("iss");
677
- for (const E of new Set(l.reverse()))
678
- if (!(E in a))
679
- throw new T(`missing required "${E}" claim`, a, E, "missing");
680
- if (s && !(Array.isArray(s) ? s : [s]).includes(a.iss))
681
- throw new T('unexpected "iss" claim value', a, "iss", "check_failed");
682
- if (i && a.sub !== i)
683
- throw new T('unexpected "sub" claim value', a, "sub", "check_failed");
684
- if (c && !Kt(a.aud, typeof c == "string" ? [c] : c))
685
- throw new T('unexpected "aud" claim value', a, "aud", "check_failed");
686
- let y;
958
+ if (!me(n))
959
+ throw new Me("JWT Claims Set must be a top-level JSON object");
960
+ const { typ: a } = r;
961
+ if (a && (typeof e.typ != "string" || Oe(e.typ) !== Oe(a)))
962
+ throw new I('unexpected "typ" JWT header value', n, "typ", "check_failed");
963
+ const { requiredClaims: o = [], issuer: s, subject: i, audience: u, maxTokenAge: h } = r, l = [...o];
964
+ h !== void 0 && l.push("iat"), u !== void 0 && l.push("aud"), i !== void 0 && l.push("sub"), s !== void 0 && l.push("iss");
965
+ for (const S of new Set(l.reverse()))
966
+ if (!(S in n))
967
+ throw new I(`missing required "${S}" claim`, n, S, "missing");
968
+ if (s && !(Array.isArray(s) ? s : [s]).includes(n.iss))
969
+ throw new I('unexpected "iss" claim value', n, "iss", "check_failed");
970
+ if (i && n.sub !== i)
971
+ throw new I('unexpected "sub" claim value', n, "sub", "check_failed");
972
+ if (u && !sr(n.aud, typeof u == "string" ? [u] : u))
973
+ throw new I('unexpected "aud" claim value', n, "aud", "check_failed");
974
+ let f;
687
975
  switch (typeof r.clockTolerance) {
688
976
  case "string":
689
- y = fe(r.clockTolerance);
977
+ f = _e(r.clockTolerance);
690
978
  break;
691
979
  case "number":
692
- y = r.clockTolerance;
980
+ f = r.clockTolerance;
693
981
  break;
694
982
  case "undefined":
695
- y = 0;
983
+ f = 0;
696
984
  break;
697
985
  default:
698
986
  throw new TypeError("Invalid clockTolerance option type");
699
987
  }
700
- const { currentDate: S } = r, m = Dt(S || /* @__PURE__ */ new Date());
701
- if ((a.iat !== void 0 || d) && typeof a.iat != "number")
702
- throw new T('"iat" claim must be a number', a, "iat", "invalid");
703
- if (a.nbf !== void 0) {
704
- if (typeof a.nbf != "number")
705
- throw new T('"nbf" claim must be a number', a, "nbf", "invalid");
706
- if (a.nbf > m + y)
707
- throw new T('"nbf" claim timestamp check failed', a, "nbf", "check_failed");
988
+ const { currentDate: m } = r, d = tr(m || /* @__PURE__ */ new Date());
989
+ if ((n.iat !== void 0 || h) && typeof n.iat != "number")
990
+ throw new I('"iat" claim must be a number', n, "iat", "invalid");
991
+ if (n.nbf !== void 0) {
992
+ if (typeof n.nbf != "number")
993
+ throw new I('"nbf" claim must be a number', n, "nbf", "invalid");
994
+ if (n.nbf > d + f)
995
+ throw new I('"nbf" claim timestamp check failed', n, "nbf", "check_failed");
708
996
  }
709
- if (a.exp !== void 0) {
710
- if (typeof a.exp != "number")
711
- throw new T('"exp" claim must be a number', a, "exp", "invalid");
712
- if (a.exp <= m - y)
713
- throw new le('"exp" claim timestamp check failed', a, "exp", "check_failed");
997
+ if (n.exp !== void 0) {
998
+ if (typeof n.exp != "number")
999
+ throw new I('"exp" claim must be a number', n, "exp", "invalid");
1000
+ if (n.exp <= d - f)
1001
+ throw new Re('"exp" claim timestamp check failed', n, "exp", "check_failed");
714
1002
  }
715
- if (d) {
716
- const E = m - a.iat, C = typeof d == "number" ? d : fe(d);
717
- if (E - y > C)
718
- throw new le('"iat" claim timestamp check failed (too far in the past)', a, "iat", "check_failed");
719
- if (E < 0 - y)
720
- throw new T('"iat" claim timestamp check failed (it should be in the past)', a, "iat", "check_failed");
1003
+ if (h) {
1004
+ const S = d - n.iat, C = typeof h == "number" ? h : _e(h);
1005
+ if (S - f > C)
1006
+ throw new Re('"iat" claim timestamp check failed (too far in the past)', n, "iat", "check_failed");
1007
+ if (S < 0 - f)
1008
+ throw new I('"iat" claim timestamp check failed (it should be in the past)', n, "iat", "check_failed");
721
1009
  }
722
- return a;
1010
+ return n;
723
1011
  };
724
- async function $t(e, t, r) {
725
- var a;
726
- const n = await Ot(e, t, r);
727
- if ((a = n.protectedHeader.crit) != null && a.includes("b64") && n.protectedHeader.b64 === !1)
728
- throw new Ie("JWTs MUST NOT use unencoded payload");
729
- const o = { payload: Lt(n.protectedHeader, n.payload, r), protectedHeader: n.protectedHeader };
730
- return typeof t == "function" ? { ...o, key: n.key } : o;
1012
+ async function ir(e, t, r) {
1013
+ var n;
1014
+ const a = await er(e, t, r);
1015
+ if ((n = a.protectedHeader.crit) != null && n.includes("b64") && a.protectedHeader.b64 === !1)
1016
+ throw new Me("JWTs MUST NOT use unencoded payload");
1017
+ const o = { payload: or(a.protectedHeader, a.payload, r), protectedHeader: a.protectedHeader };
1018
+ return typeof t == "function" ? { ...o, key: a.key } : o;
731
1019
  }
732
- const U = async (e) => {
1020
+ const G = async (e) => {
733
1021
  try {
734
- const t = w.ALG, r = await At(at, t);
735
- return await $t(e, r, {
736
- issuer: w.ISSUER
1022
+ const t = T.ALG, r = await Jt(_t, t);
1023
+ return await ir(e, r, {
1024
+ issuer: T.ISSUER
737
1025
  });
738
1026
  } catch {
739
1027
  return;
740
1028
  }
741
1029
  };
742
- var h = [];
743
- for (var ae = 0; ae < 256; ++ae)
744
- h.push((ae + 256).toString(16).slice(1));
745
- function Wt(e, t = 0) {
746
- return (h[e[t + 0]] + h[e[t + 1]] + h[e[t + 2]] + h[e[t + 3]] + "-" + h[e[t + 4]] + h[e[t + 5]] + "-" + h[e[t + 6]] + h[e[t + 7]] + "-" + h[e[t + 8]] + h[e[t + 9]] + "-" + h[e[t + 10]] + h[e[t + 11]] + h[e[t + 12]] + h[e[t + 13]] + h[e[t + 14]] + h[e[t + 15]]).toLowerCase();
1030
+ var E = [];
1031
+ for (var he = 0; he < 256; ++he)
1032
+ E.push((he + 256).toString(16).slice(1));
1033
+ function cr(e, t = 0) {
1034
+ return (E[e[t + 0]] + E[e[t + 1]] + E[e[t + 2]] + E[e[t + 3]] + "-" + E[e[t + 4]] + E[e[t + 5]] + "-" + E[e[t + 6]] + E[e[t + 7]] + "-" + E[e[t + 8]] + E[e[t + 9]] + "-" + E[e[t + 10]] + E[e[t + 11]] + E[e[t + 12]] + E[e[t + 13]] + E[e[t + 14]] + E[e[t + 15]]).toLowerCase();
747
1035
  }
748
- var $, Jt = new Uint8Array(16);
749
- function xt() {
750
- if (!$ && ($ = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !$))
1036
+ var Y, ur = new Uint8Array(16);
1037
+ function lr() {
1038
+ if (!Y && (Y = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !Y))
751
1039
  throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
752
- return $(Jt);
1040
+ return Y(ur);
753
1041
  }
754
- var jt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
755
- const we = {
756
- randomUUID: jt
1042
+ var dr = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
1043
+ const ke = {
1044
+ randomUUID: dr
757
1045
  };
758
- function me(e, t, r) {
759
- if (we.randomUUID && !t && !e)
760
- return we.randomUUID();
1046
+ function Pe(e, t, r) {
1047
+ if (ke.randomUUID && !t && !e)
1048
+ return ke.randomUUID();
761
1049
  e = e || {};
762
- var a = e.random || (e.rng || xt)();
763
- return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128, Wt(a);
1050
+ var n = e.random || (e.rng || lr)();
1051
+ return n[6] = n[6] & 15 | 64, n[8] = n[8] & 63 | 128, cr(n);
764
1052
  }
765
- const Ee = globalThis.crypto, Mt = (e) => `${me()}${me()}`.slice(0, e), Yt = (e) => btoa(
1053
+ const ve = globalThis.crypto, hr = (e) => `${Pe()}${Pe()}`.slice(0, e), pr = (e) => btoa(
766
1054
  [...new Uint8Array(e)].map((t) => String.fromCharCode(t)).join("")
767
1055
  );
768
- async function Vt(e) {
769
- if (!Ee.subtle)
1056
+ async function fr(e) {
1057
+ if (!ve.subtle)
770
1058
  throw new Error(
771
1059
  "crypto.subtle is available only in secure contexts (HTTPS)."
772
1060
  );
773
- const t = new TextEncoder().encode(e), r = await Ee.subtle.digest("SHA-256", t);
774
- return Yt(r).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
1061
+ const t = new TextEncoder().encode(e), r = await ve.subtle.digest("SHA-256", t);
1062
+ return pr(r).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
775
1063
  }
776
- async function Gt(e) {
777
- const r = Mt(43), a = await Vt(r);
1064
+ async function yr(e) {
1065
+ const r = hr(43), n = await fr(r);
778
1066
  return {
779
1067
  code_verifier: r,
780
- code_challenge: a
1068
+ code_challenge: n
781
1069
  };
782
1070
  }
783
- function Ke(e, t) {
1071
+ function Qe(e, t) {
784
1072
  window.dispatchEvent(new StorageEvent("storage", { key: e, newValue: t }));
785
1073
  }
786
- const Se = (e, t) => {
1074
+ const Ce = (e, t) => {
787
1075
  const r = JSON.stringify(
788
1076
  typeof t == "function" ? t() : t
789
1077
  );
790
- window.localStorage.setItem(e, r), Ke(e, r);
791
- }, Bt = (e) => {
792
- window.localStorage.removeItem(e), Ke(e, null);
793
- }, ge = (e) => window.localStorage.getItem(e), Ft = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
794
- function W({
1078
+ window.localStorage.setItem(e, r), Qe(e, r);
1079
+ }, mr = (e) => {
1080
+ window.localStorage.removeItem(e), Qe(e, null);
1081
+ }, Ne = (e) => window.localStorage.getItem(e), Er = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
1082
+ function j({
795
1083
  key: e,
796
1084
  initialValue: t
797
1085
  }) {
798
- const r = Xe(Ft, () => ge(e)), a = D(
1086
+ const r = ft(Er, () => Ne(e)), n = x(
799
1087
  (s) => {
800
1088
  try {
801
1089
  const i = typeof s == "function" ? s(JSON.parse(r)) : s;
802
- i == null ? Bt(e) : Se(e, i);
1090
+ i == null ? mr(e) : Ce(e, i);
803
1091
  } catch (i) {
804
1092
  console.warn(i);
805
1093
  }
806
1094
  },
807
1095
  [e, r]
808
- ), n = D(() => {
809
- a(t);
810
- }, [t, a]), o = D(() => {
811
- a(null);
812
- }, [a]);
813
- return ve(() => {
1096
+ ), a = x(() => {
1097
+ n(t);
1098
+ }, [t, n]), o = x(() => {
1099
+ n(null);
1100
+ }, [n]);
1101
+ return Ke(() => {
814
1102
  try {
815
- ge(e) === null && typeof t < "u" && Se(e, t);
1103
+ Ne(e) === null && typeof t < "u" && Ce(e, t);
816
1104
  } catch (s) {
817
1105
  console.warn(s);
818
1106
  }
819
- }, [e, t]), [r ? JSON.parse(r) : null, a, n, o];
1107
+ }, [e, t]), [r ? JSON.parse(r) : null, n, a, o];
820
1108
  }
821
- var p = [];
822
- for (var ne = 0; ne < 256; ++ne)
823
- p.push((ne + 256).toString(16).slice(1));
824
- function qt(e, t = 0) {
825
- return (p[e[t + 0]] + p[e[t + 1]] + p[e[t + 2]] + p[e[t + 3]] + "-" + p[e[t + 4]] + p[e[t + 5]] + "-" + p[e[t + 6]] + p[e[t + 7]] + "-" + p[e[t + 8]] + p[e[t + 9]] + "-" + p[e[t + 10]] + p[e[t + 11]] + p[e[t + 12]] + p[e[t + 13]] + p[e[t + 14]] + p[e[t + 15]]).toLowerCase();
1109
+ var w = [];
1110
+ for (var pe = 0; pe < 256; ++pe)
1111
+ w.push((pe + 256).toString(16).slice(1));
1112
+ function wr(e, t = 0) {
1113
+ return (w[e[t + 0]] + w[e[t + 1]] + w[e[t + 2]] + w[e[t + 3]] + "-" + w[e[t + 4]] + w[e[t + 5]] + "-" + w[e[t + 6]] + w[e[t + 7]] + "-" + w[e[t + 8]] + w[e[t + 9]] + "-" + w[e[t + 10]] + w[e[t + 11]] + w[e[t + 12]] + w[e[t + 13]] + w[e[t + 14]] + w[e[t + 15]]).toLowerCase();
826
1114
  }
827
- var J, zt = new Uint8Array(16);
828
- function Xt() {
829
- if (!J && (J = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !J))
1115
+ var F, gr = new Uint8Array(16);
1116
+ function Ar() {
1117
+ if (!F && (F = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !F))
830
1118
  throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
831
- return J(zt);
1119
+ return F(gr);
832
1120
  }
833
- var Qt = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
834
- const Ae = {
835
- randomUUID: Qt
1121
+ var Sr = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
1122
+ const De = {
1123
+ randomUUID: Sr
836
1124
  };
837
- function Zt(e, t, r) {
838
- if (Ae.randomUUID && !t && !e)
839
- return Ae.randomUUID();
1125
+ function fe(e, t, r) {
1126
+ if (De.randomUUID && !t && !e)
1127
+ return De.randomUUID();
840
1128
  e = e || {};
841
- var a = e.random || (e.rng || Xt)();
842
- return a[6] = a[6] & 15 | 64, a[8] = a[8] & 63 | 128, qt(a);
1129
+ var n = e.random || (e.rng || Ar)();
1130
+ return n[6] = n[6] & 15 | 64, n[8] = n[8] & 63 | 128, wr(n);
843
1131
  }
844
- const x = "Oops! It looks like your session has expired. For your security, please log in again to continue.", er = "Your session has been successfully terminated.", Te = "Login failed. Please try again.", se = "Error getting access token, please re-authenticate.", tr = "You forgot to wrap your component in <AuthProvider>.", ke = {
1132
+ const B = "Oops! It looks like your session has expired. For your security, please log in again to continue.", Tr = "Your session has been successfully terminated.", q = "Login failed. Please try again.", ye = "Error getting access token, please re-authenticate.", Rr = "You forgot to wrap your component in <AuthProvider>.", re = {
845
1133
  dev: "https://auth.gizmette.local.com:3003",
846
1134
  prod: "https://mylogin.gizmette.com"
847
- }, j = "@@auth@@", G = "LOADING", B = "LOGIN", Le = "LOGOUT", rr = process.env.NODE_ENV === "production", ar = !rr, Z = async ({
1135
+ }, z = "@@auth@@", L = "LOADING", W = "LOGIN", Xe = "LOGOUT", Ir = process.env.NODE_ENV === "production", Ze = !Ir, ie = async ({
848
1136
  type: e,
849
1137
  clientId: t,
850
1138
  params: r = {}
851
1139
  }) => {
852
1140
  try {
853
- const a = await fetch(
854
- ar ? `${ke.dev}/${e}` : `${ke.prod}/${e}`,
1141
+ const n = await fetch(
1142
+ Ze ? `${re.dev}/${e}` : `${re.prod}/${e}`,
855
1143
  {
856
1144
  credentials: "include",
857
1145
  method: "POST",
858
1146
  headers: {
859
1147
  "Content-Type": "application/json",
860
- [rt.CLIENT_ID]: `${t}`
1148
+ [xe.CLIENT_ID]: `${t}`
861
1149
  },
862
1150
  body: JSON.stringify(r)
863
1151
  }
864
1152
  );
865
- if (a.status !== 200)
866
- return { status: a.status, data: [] };
867
- const { data: n, errors: o } = await a.json();
1153
+ if (n.status !== 200)
1154
+ return { status: n.status, data: [] };
1155
+ const { data: a, errors: o } = await n.json();
868
1156
  return {
869
- status: a.status,
870
- data: n,
1157
+ status: n.status,
1158
+ data: a,
871
1159
  errors: o
872
1160
  };
873
- } catch (a) {
874
- return console.error(a), { status: 500, data: [] };
1161
+ } catch (n) {
1162
+ return console.error(n), { status: 500, data: [] };
875
1163
  }
876
- }, nr = async ({
1164
+ }, br = async ({
877
1165
  userId: e,
878
1166
  idToken: t,
879
1167
  accessToken: r,
880
- refreshToken: a,
881
- clientId: n,
1168
+ refreshToken: n,
1169
+ clientId: a,
882
1170
  domain: o
883
1171
  }) => {
884
1172
  try {
885
1173
  return {
886
- status: (await Z({
887
- type: z.LOGOUT,
888
- clientId: n,
1174
+ status: (await ie({
1175
+ type: ae.LOGOUT,
1176
+ clientId: a,
889
1177
  params: {
890
1178
  userId: e,
891
1179
  idToken: t,
892
1180
  accessToken: r,
893
- refreshToken: a,
1181
+ refreshToken: n,
894
1182
  domain: o
895
1183
  }
896
1184
  })).status === 200
@@ -900,37 +1188,37 @@ const x = "Oops! It looks like your session has expired. For your security, plea
900
1188
  status: !1
901
1189
  };
902
1190
  }
903
- }, _e = async ({
1191
+ }, Ue = async ({
904
1192
  username: e,
905
1193
  password: t,
906
1194
  clientId: r,
907
- nonce: a,
908
- type: n,
1195
+ nonce: n,
1196
+ type: a,
909
1197
  sessionExpiration: o,
910
1198
  code: s,
911
1199
  code_verifier: i,
912
- domain: c
1200
+ domain: u
913
1201
  }) => {
914
1202
  try {
915
- const d = await Z({
916
- type: z.AUTHENTICATE,
1203
+ const h = await ie({
1204
+ type: ae.AUTHENTICATE,
917
1205
  clientId: r,
918
1206
  params: {
919
- type: n || q.ID_AND_ACCESS_TOKEN,
1207
+ type: a || ne.ID_AND_ACCESS_TOKEN,
920
1208
  username: e,
921
1209
  password: t,
922
1210
  sessionExpiration: o,
923
- nonce: a,
1211
+ nonce: n,
924
1212
  code: s,
925
1213
  code_verifier: i,
926
- domain: c
1214
+ domain: u
927
1215
  }
928
- }), l = await U(d.data.idToken);
929
- return l && l.payload[w.USER_ID_KEY] !== "" && l.payload[w.NONCE_KEY] === a ? {
930
- idToken: d.data.idToken,
931
- accessToken: d.data.accessToken,
932
- refreshToken: d.data.refreshToken,
933
- userId: l.payload[w.USER_ID_KEY],
1216
+ }), l = await G(h.data.idToken);
1217
+ return l && l.payload[T.USER_ID_KEY] !== "" && l.payload[T.NONCE_KEY] === n ? {
1218
+ idToken: h.data.idToken,
1219
+ accessToken: h.data.accessToken,
1220
+ refreshToken: h.data.refreshToken,
1221
+ userId: l.payload[T.USER_ID_KEY],
934
1222
  status: !0
935
1223
  } : {
936
1224
  status: !1
@@ -940,24 +1228,24 @@ const x = "Oops! It looks like your session has expired. For your security, plea
940
1228
  status: !1
941
1229
  };
942
1230
  }
943
- }, sr = async ({
1231
+ }, _r = async ({
944
1232
  nonce: e,
945
1233
  clientId: t,
946
1234
  code_challenge: r
947
1235
  }) => {
948
1236
  try {
949
- const a = await Z({
950
- type: z.CODE,
1237
+ const n = await ie({
1238
+ type: ae.CODE,
951
1239
  clientId: t,
952
1240
  params: {
953
- type: q.CODE,
1241
+ type: ne.CODE,
954
1242
  nonce: e,
955
1243
  code_challenge: r
956
1244
  }
957
1245
  });
958
- return a.data.code ? {
1246
+ return n.data.code ? {
959
1247
  status: !0,
960
- code: a.data.code
1248
+ code: n.data.code
961
1249
  } : {
962
1250
  status: !1
963
1251
  };
@@ -966,31 +1254,31 @@ const x = "Oops! It looks like your session has expired. For your security, plea
966
1254
  status: !1
967
1255
  };
968
1256
  }
969
- }, or = async ({
1257
+ }, Or = async ({
970
1258
  clientId: e,
971
1259
  userId: t,
972
1260
  nonce: r,
973
- refreshToken: a,
974
- accessToken: n,
1261
+ refreshToken: n,
1262
+ accessToken: a,
975
1263
  domain: o
976
1264
  }) => {
977
1265
  try {
978
- const s = await Z({
979
- type: z.AUTHENTICATE,
1266
+ const s = await ie({
1267
+ type: ae.AUTHENTICATE,
980
1268
  clientId: e,
981
1269
  params: {
982
- type: q.REFRESH_TOKEN,
1270
+ type: ne.REFRESH_TOKEN,
983
1271
  userId: t,
984
1272
  nonce: r,
985
- refreshToken: a,
986
- accessToken: n,
1273
+ refreshToken: n,
1274
+ accessToken: a,
987
1275
  domain: o
988
1276
  }
989
- }), i = await U(s.data.accessToken);
990
- return i && i.payload[w.USER_ID_KEY] !== "" && i.payload[w.NONCE_KEY] === r ? {
1277
+ }), i = await G(s.data.accessToken);
1278
+ return i && i.payload[T.USER_ID_KEY] !== "" && i.payload[T.NONCE_KEY] === r ? {
991
1279
  accessToken: s.data.accessToken,
992
1280
  refreshToken: s.data.refreshToken,
993
- userId: i.payload[w.USER_ID_KEY],
1281
+ userId: i.payload[T.USER_ID_KEY],
994
1282
  status: !0
995
1283
  } : {
996
1284
  status: !1
@@ -1000,25 +1288,150 @@ const x = "Oops! It looks like your session has expired. For your security, plea
1000
1288
  status: !1
1001
1289
  };
1002
1290
  }
1291
+ }, Q = {
1292
+ GET_REGISTRATION_OPTIONS: `mutation GetPasskeyRegistrationOptions(
1293
+ $clientId: String!,
1294
+ $username: String!,
1295
+ $id: String!) {
1296
+ getPasskeyRegistrationOptions(clientId: $clientId, username: $username, id: $id) {
1297
+ challenge
1298
+ rp {
1299
+ id
1300
+ name
1301
+ }
1302
+ user {
1303
+ id
1304
+ name
1305
+ displayName
1306
+ }
1307
+ pubKeyCredParams {
1308
+ type
1309
+ alg
1310
+ }
1311
+ timeout
1312
+
1313
+ attestation
1314
+ }
1315
+ }`,
1316
+ VERIFY_REGISTRATION: `mutation VerifyPasskeyRegistration(
1317
+ $clientId: String!,
1318
+ $username: String!,
1319
+ $id: String!,
1320
+ $registration: RegistrationOptionsInput!) {
1321
+ verifyPasskeyRegistration(
1322
+ clientId: $clientId,
1323
+ username: $username,
1324
+ id: $id,
1325
+ registration: $registration) {
1326
+ status
1327
+ message
1328
+ }
1329
+ }`,
1330
+ GET_AUTHENTICATION_OPTIONS: `mutation GetPasskeyAuthenticationOptions(
1331
+ $id: String!,
1332
+ $clientId: String!,
1333
+ ) {
1334
+ getPasskeyAuthenticationOptions(
1335
+ id: $id,
1336
+ clientId: $clientId) {
1337
+ rpId,
1338
+ challenge,
1339
+ allowCredentials,
1340
+ timeout,
1341
+ userVerification,
1342
+ }
1343
+ }`,
1344
+ VERIFY_AUTHENTICATION: `mutation VerifyPasskeyAuthentication(
1345
+ $clientId: String!,
1346
+ $id: String!,
1347
+ $authentication: AuthenticationOptionsInput!,
1348
+ $nonce: String!,
1349
+ $domain: String) {
1350
+ verifyPasskeyAuthentication(
1351
+ clientId: $clientId,
1352
+ id: $id,
1353
+ authentication: $authentication,
1354
+ nonce: $nonce,
1355
+ domain: $domain) {
1356
+ status,
1357
+ idToken,
1358
+ accessToken,
1359
+ refreshToken,
1360
+ userId,
1361
+ username,
1362
+ }
1363
+ }`
1364
+ }, D = {
1365
+ GET_REGISTRATION_OPTIONS: {
1366
+ schema: Q.GET_REGISTRATION_OPTIONS,
1367
+ method: "getPasskeyRegistrationOptions"
1368
+ },
1369
+ VERIFY_REGISTRATION: {
1370
+ schema: Q.VERIFY_REGISTRATION,
1371
+ method: "verifyPasskeyRegistration"
1372
+ },
1373
+ GET_AUTHENTICATION_OPTIONS: {
1374
+ schema: Q.GET_AUTHENTICATION_OPTIONS,
1375
+ method: "getPasskeyAuthenticationOptions"
1376
+ },
1377
+ VERIFY_AUTHENTICATION: {
1378
+ schema: Q.VERIFY_AUTHENTICATION,
1379
+ method: "verifyPasskeyAuthentication"
1380
+ }
1381
+ }, U = async ({
1382
+ accessToken: e,
1383
+ type: t,
1384
+ clientId: r,
1385
+ params: n = {}
1386
+ }) => {
1387
+ try {
1388
+ const a = t != null && t.data ? t.data(n) : n, o = `Bearer ${e}`, s = await fetch(
1389
+ Ze ? `${re.dev}/graphql` : `${re.prod}/graphql`,
1390
+ {
1391
+ method: "POST",
1392
+ credentials: "include",
1393
+ headers: {
1394
+ authorization: o,
1395
+ "Content-Type": "application/json",
1396
+ Accept: "application/json",
1397
+ [xe.CLIENT_ID]: `${r}`
1398
+ },
1399
+ body: JSON.stringify({
1400
+ query: t.schema,
1401
+ variables: a
1402
+ })
1403
+ }
1404
+ );
1405
+ if (s.status !== 200)
1406
+ return { status: s.status, data: [] };
1407
+ const { data: i, errors: u } = await s.json();
1408
+ return {
1409
+ status: s.status,
1410
+ data: i[t.method],
1411
+ errors: u
1412
+ };
1413
+ } catch (a) {
1414
+ return console.error(a), { status: 500, data: [] };
1415
+ }
1003
1416
  };
1004
- class ir {
1417
+ class kr {
1005
1418
  constructor(t = null, r = null) {
1006
- H(this, "refreshTokenPromise", null);
1007
- H(this, "accessToken");
1008
- H(this, "refreshToken");
1419
+ M(this, "refreshTokenPromise", null);
1420
+ M(this, "accessToken");
1421
+ M(this, "refreshToken");
1009
1422
  this.accessToken = t || "", this.refreshToken = r || "";
1010
1423
  }
1011
1424
  async refreshtoken({
1012
1425
  clientId: t,
1013
1426
  userId: r,
1014
- nonce: a,
1015
- domain: n
1427
+ nonce: n,
1428
+ domain: a
1016
1429
  }) {
1017
1430
  this.refreshTokenPromise || (this.refreshTokenPromise = this._refreshToken({
1018
1431
  clientId: t,
1019
1432
  userId: r,
1020
- nonce: a,
1021
- domain: n
1433
+ nonce: n,
1434
+ domain: a
1022
1435
  }));
1023
1436
  try {
1024
1437
  return await this.refreshTokenPromise;
@@ -1029,18 +1442,18 @@ class ir {
1029
1442
  async _refreshToken({
1030
1443
  clientId: t,
1031
1444
  userId: r,
1032
- nonce: a,
1033
- domain: n
1445
+ nonce: n,
1446
+ domain: a
1034
1447
  }) {
1035
- const o = await U(this.refreshToken);
1036
- if (o && o.payload[w.USER_ID_KEY] !== "") {
1037
- const s = await or({
1448
+ const o = await G(this.refreshToken);
1449
+ if (o && o.payload[T.USER_ID_KEY] !== "") {
1450
+ const s = await Or({
1038
1451
  clientId: t,
1039
1452
  userId: r,
1040
- nonce: a,
1453
+ nonce: n,
1041
1454
  refreshToken: this.refreshToken,
1042
1455
  accessToken: this.accessToken,
1043
- domain: n
1456
+ domain: a
1044
1457
  });
1045
1458
  return s.status ? (this.accessToken = s.accessToken, this.refreshToken = s.refreshToken, {
1046
1459
  status: "success",
@@ -1055,17 +1468,19 @@ class ir {
1055
1468
  };
1056
1469
  }
1057
1470
  }
1058
- const M = () => {
1059
- throw new Error(tr);
1060
- }, $e = Qe({
1471
+ const K = () => {
1472
+ throw new Error(Rr);
1473
+ }, et = yt({
1061
1474
  isAuthenticated: !1,
1062
1475
  isLoading: !1,
1063
- login: M,
1064
- logout: M,
1065
- getAccessToken: M,
1066
- getIdToken: M,
1476
+ login: K,
1477
+ logout: K,
1478
+ getAccessToken: K,
1479
+ getIdToken: K,
1480
+ registeringForPasskey: K,
1481
+ loginWithPasskey: K,
1067
1482
  logoutReason: ""
1068
- }), cr = ze.createContext({
1483
+ }), Pr = pt.createContext({
1069
1484
  state: {
1070
1485
  isLoading: !0,
1071
1486
  isAuthenticated: !1,
@@ -1074,182 +1489,279 @@ const M = () => {
1074
1489
  },
1075
1490
  dispatch: () => {
1076
1491
  }
1077
- }), ur = (e, t) => (t == null ? void 0 : t.type) === G ? {
1492
+ }), vr = (e, t) => (t == null ? void 0 : t.type) === L ? {
1078
1493
  ...e,
1079
1494
  isLoading: t.payload.isLoading
1080
- } : (t == null ? void 0 : t.type) === B ? {
1495
+ } : (t == null ? void 0 : t.type) === W ? {
1081
1496
  ...e,
1082
1497
  isLoading: !1,
1083
1498
  isAuthenticated: !0,
1084
1499
  user: t.payload.user,
1085
1500
  logoutReason: ""
1086
- } : (t == null ? void 0 : t.type) === Le ? {
1501
+ } : (t == null ? void 0 : t.type) === Xe ? {
1087
1502
  ...e,
1088
1503
  isLoading: !1,
1089
1504
  isAuthenticated: !1,
1090
1505
  user: void 0,
1091
1506
  logoutReason: t.payload.logoutReason
1092
- } : e, fr = ({
1507
+ } : e, Kr = ({
1093
1508
  children: e,
1094
1509
  sessionExpiration: t,
1095
1510
  clientId: r,
1096
- domain: a = ""
1511
+ domain: n = ""
1097
1512
  }) => {
1098
- const [n, o] = Ze(ur, {
1513
+ const [a, o] = mt(vr, {
1099
1514
  isLoading: !0,
1100
1515
  isAuthenticated: !1,
1101
1516
  user: void 0,
1102
1517
  logoutReason: ""
1103
- }), s = et(!1), [i, c, , d] = W({
1104
- key: `${j}::${r}::@@user@@`
1105
- }), [l, y, , S] = W({
1106
- key: `${j}::${r}::@@access@@`
1107
- }), [m, E, , C] = W(
1518
+ }), s = Et(!1), [i, u, , h] = j({
1519
+ key: `${z}::${r}::@@user@@`
1520
+ }), [l, f, , m] = j({
1521
+ key: `${z}::${r}::@@access@@`
1522
+ }), [d, S, , C] = j(
1108
1523
  {
1109
- key: `${j}::${r}::@@refresh@@`
1524
+ key: `${z}::${r}::@@refresh@@`
1110
1525
  }
1111
- ), [We, Je, , ce] = W({
1112
- key: `${j}::${r}::@@nonce@@`
1113
- }), xe = new ir(l, m), N = D(
1114
- (u) => {
1115
- console.warn(u), o({
1116
- type: Le,
1526
+ ), [tt, ge, , Ae] = j({
1527
+ key: `${z}::${r}::@@nonce@@`
1528
+ }), rt = new kr(l, d), N = x(
1529
+ (c) => {
1530
+ console.warn(c), o({
1531
+ type: Xe,
1117
1532
  payload: {
1118
- logoutReason: u || x
1533
+ logoutReason: c || B
1119
1534
  }
1120
- }), d(), S(), C(), ce(), o({ type: G, payload: { isLoading: !1 } });
1535
+ }), h(), m(), C(), Ae(), o({ type: L, payload: { isLoading: !1 } });
1121
1536
  },
1122
- [S, d, ce, C]
1123
- ), b = D(
1124
- async (u) => {
1125
- const { user: g } = n;
1126
- await nr({
1127
- userId: (g == null ? void 0 : g.userId) || "",
1537
+ [m, h, Ae, C]
1538
+ ), P = x(
1539
+ async (c) => {
1540
+ const { user: y } = a;
1541
+ await br({
1542
+ userId: (y == null ? void 0 : y.userId) || "",
1128
1543
  idToken: i,
1129
1544
  accessToken: l,
1130
- refreshToken: m,
1545
+ refreshToken: d,
1131
1546
  clientId: r,
1132
- domain: a
1133
- }), N(u || x);
1547
+ domain: n
1548
+ }), N(c || B);
1134
1549
  },
1135
1550
  [
1136
1551
  l,
1137
- n,
1138
- r,
1139
1552
  a,
1553
+ r,
1554
+ n,
1140
1555
  i,
1141
- m,
1556
+ d,
1142
1557
  N
1143
1558
  ]
1144
1559
  );
1145
- ve(() => {
1560
+ Ke(() => {
1146
1561
  if (!s.current)
1147
- return n.isLoading && i !== null ? (async () => {
1562
+ return a.isLoading && i !== null ? (async () => {
1148
1563
  try {
1149
- const u = await U(i);
1150
- u && u.payload[w.USER_ID_KEY] !== "" ? o({
1151
- type: B,
1564
+ const c = await G(i);
1565
+ c && c.payload[T.USER_ID_KEY] !== "" ? o({
1566
+ type: W,
1152
1567
  payload: {
1153
1568
  user: {
1154
- userId: u.payload[w.USER_ID_KEY],
1155
- username: u.payload[w.USERNAME_KEY]
1569
+ userId: c.payload[T.USER_ID_KEY],
1570
+ username: c.payload[T.USERNAME_KEY]
1156
1571
  }
1157
1572
  }
1158
- }) : await b(x);
1573
+ }) : await P(B);
1159
1574
  } catch {
1160
- await b(x);
1575
+ await P(B);
1161
1576
  }
1162
- })() : o({ type: G, payload: { isLoading: !1 } }), () => {
1577
+ })() : o({ type: L, payload: { isLoading: !1 } }), () => {
1163
1578
  s.current = !0;
1164
1579
  };
1165
- }, [n.isLoading, i, b]);
1166
- const je = async (u, g, A) => {
1167
- const I = Zt();
1168
- if (Je(I), o({ type: G, payload: { isLoading: !0 } }), d(), S(), C(), A === q.CODE) {
1169
- const { code_verifier: Ge, code_challenge: Be } = await Gt(), ue = await sr({
1170
- nonce: I,
1580
+ }, [a.isLoading, i, P]);
1581
+ const nt = async (c, y, p) => {
1582
+ const R = fe();
1583
+ if (ge(R), o({ type: L, payload: { isLoading: !0 } }), h(), m(), C(), p === ne.CODE) {
1584
+ const { code_verifier: ut, code_challenge: lt } = await yr(), Se = await _r({
1585
+ nonce: R,
1171
1586
  clientId: r,
1172
- code_challenge: Be
1587
+ code_challenge: lt
1173
1588
  });
1174
- if (ue.status) {
1175
- const O = await _e({
1176
- username: u,
1177
- password: g,
1589
+ if (Se.status) {
1590
+ const $ = await Ue({
1591
+ username: c,
1592
+ password: y,
1178
1593
  clientId: r,
1179
1594
  sessionExpiration: t,
1180
- nonce: I,
1181
- type: A,
1182
- code: ue.code,
1183
- code_verifier: Ge,
1184
- domain: a
1595
+ nonce: R,
1596
+ type: p,
1597
+ code: Se.code,
1598
+ code_verifier: ut,
1599
+ domain: n
1185
1600
  });
1186
- return O.status ? (c(O.idToken), y(O.accessToken), E(O.refreshToken), o({
1187
- type: B,
1601
+ return $.status ? (u($.idToken), f($.accessToken), S($.refreshToken), o({
1602
+ type: W,
1188
1603
  payload: {
1189
1604
  user: {
1190
- userId: O.userId,
1191
- username: u
1605
+ userId: $.userId,
1606
+ username: c
1192
1607
  }
1193
1608
  }
1194
- }), !0) : (N(Te), !1);
1609
+ }), !0) : (N(q), !1);
1195
1610
  }
1196
1611
  return !1;
1197
1612
  }
1198
- const P = await _e({
1199
- username: u,
1200
- password: g,
1613
+ const H = await Ue({
1614
+ username: c,
1615
+ password: y,
1201
1616
  clientId: r,
1202
1617
  sessionExpiration: t,
1203
- nonce: I,
1204
- type: A,
1205
- domain: a
1618
+ nonce: R,
1619
+ type: p,
1620
+ domain: n
1206
1621
  });
1207
- return P.status ? (c(P.idToken), y(P.accessToken), E(P.refreshToken), o({
1208
- type: B,
1622
+ return H.status ? (u(H.idToken), f(H.accessToken), S(H.refreshToken), o({
1623
+ type: W,
1209
1624
  payload: {
1210
1625
  user: {
1211
- userId: P.userId,
1212
- username: u
1626
+ userId: H.userId,
1627
+ username: c
1213
1628
  }
1214
1629
  }
1215
- }), !0) : (N(Te), !1);
1216
- }, Me = async (u) => {
1217
- u == null || u.preventDefault(), await b(er);
1218
- }, Ye = async () => {
1219
- const { isAuthenticated: u, user: g } = n;
1630
+ }), !0) : (N(q), !1);
1631
+ }, at = async (c) => {
1632
+ c == null || c.preventDefault(), await P(Tr);
1633
+ }, st = async () => {
1634
+ const { isAuthenticated: c, user: y } = a;
1220
1635
  try {
1221
- if (u && g && g.userId) {
1636
+ if (c && y && y.userId) {
1222
1637
  if (l) {
1223
- const I = await U(l);
1224
- if (I && I.payload[w.USER_ID_KEY] !== "")
1638
+ const R = await G(l);
1639
+ if (R && R.payload[T.USER_ID_KEY] !== "")
1225
1640
  return l;
1226
1641
  }
1227
- const A = await xe.refreshtoken({
1642
+ const p = await rt.refreshtoken({
1228
1643
  clientId: r,
1229
- userId: g.userId,
1230
- nonce: We,
1231
- domain: a
1644
+ userId: y.userId,
1645
+ nonce: tt,
1646
+ domain: n
1232
1647
  });
1233
- return A.status && A.status === "success" ? (y(A.newAccessToken), E(A.newRefreshToken), A.newAccessToken) : (await b(se), "");
1648
+ return p.status && p.status === "success" ? (f(p.newAccessToken), S(p.newRefreshToken), p.newAccessToken) : (await P(ye), "");
1234
1649
  }
1235
- return await b(se), "";
1650
+ return await P(ye), "";
1236
1651
  } catch {
1237
- return await b(se), "";
1652
+ return await P(ye), "";
1238
1653
  }
1239
- }, Ve = () => {
1240
- if (n.isAuthenticated && i)
1654
+ }, ot = () => {
1655
+ if (a.isAuthenticated && i)
1241
1656
  return i;
1657
+ }, it = async () => {
1658
+ const { user: c } = a;
1659
+ let y = await U({
1660
+ accessToken: l,
1661
+ clientId: r,
1662
+ type: D.GET_REGISTRATION_OPTIONS,
1663
+ params: {
1664
+ clientId: r,
1665
+ id: c == null ? void 0 : c.userId,
1666
+ username: c == null ? void 0 : c.username
1667
+ }
1668
+ });
1669
+ if (y.status)
1670
+ try {
1671
+ const p = await Tt(y.data);
1672
+ y = await U({
1673
+ accessToken: l,
1674
+ clientId: r,
1675
+ type: D.VERIFY_REGISTRATION,
1676
+ params: {
1677
+ clientId: r,
1678
+ id: c == null ? void 0 : c.userId,
1679
+ username: c == null ? void 0 : c.username,
1680
+ registration: p
1681
+ }
1682
+ });
1683
+ } catch {
1684
+ return await U({
1685
+ accessToken: l,
1686
+ clientId: r,
1687
+ type: D.VERIFY_REGISTRATION,
1688
+ params: {
1689
+ clientId: r,
1690
+ id: c == null ? void 0 : c.userId,
1691
+ username: c == null ? void 0 : c.username,
1692
+ registration: {}
1693
+ }
1694
+ }), !1;
1695
+ }
1696
+ }, ct = async () => {
1697
+ const c = fe();
1698
+ ge(c), o({ type: L, payload: { isLoading: !0 } }), h(), m(), C();
1699
+ const y = fe();
1700
+ let p = await U({
1701
+ accessToken: l,
1702
+ clientId: r,
1703
+ type: D.GET_AUTHENTICATION_OPTIONS,
1704
+ params: {
1705
+ id: y,
1706
+ clientId: r
1707
+ }
1708
+ });
1709
+ if (p.status)
1710
+ try {
1711
+ const R = await bt(p.data);
1712
+ return p = await U({
1713
+ accessToken: l,
1714
+ clientId: r,
1715
+ type: D.VERIFY_AUTHENTICATION,
1716
+ params: {
1717
+ clientId: r,
1718
+ id: y,
1719
+ authentication: R,
1720
+ nonce: c,
1721
+ domain: n
1722
+ }
1723
+ }), p.data.status === "success" ? (u(p.data.idToken), f(p.data.accessToken), S(p.data.refreshToken), o({
1724
+ type: W,
1725
+ payload: {
1726
+ user: {
1727
+ userId: p.data.userId,
1728
+ username: p.data.username
1729
+ }
1730
+ }
1731
+ }), !0) : (N(q), !1);
1732
+ } catch {
1733
+ return await U({
1734
+ accessToken: l,
1735
+ clientId: r,
1736
+ type: D.VERIFY_AUTHENTICATION,
1737
+ params: {
1738
+ clientId: r,
1739
+ id: y,
1740
+ authentication: {},
1741
+ nonce: c,
1742
+ domain: n
1743
+ }
1744
+ }), N(q), !1;
1745
+ }
1242
1746
  };
1243
- return /* @__PURE__ */ de(cr.Provider, { value: { state: n, dispatch: o }, children: /* @__PURE__ */ de(
1244
- $e.Provider,
1747
+ return /* @__PURE__ */ Te(Pr.Provider, { value: { state: a, dispatch: o }, children: /* @__PURE__ */ Te(
1748
+ et.Provider,
1245
1749
  {
1246
- value: { ...n, login: je, logout: Me, getAccessToken: Ye, getIdToken: Ve },
1750
+ value: {
1751
+ ...a,
1752
+ login: nt,
1753
+ logout: at,
1754
+ getAccessToken: st,
1755
+ getIdToken: ot,
1756
+ registeringForPasskey: it,
1757
+ loginWithPasskey: ct
1758
+ },
1247
1759
  children: e
1248
1760
  }
1249
1761
  ) });
1250
- }, yr = (e = $e) => tt(e);
1762
+ }, Hr = (e = et) => wt(e);
1251
1763
  export {
1252
- q as AUTH_TYPES,
1253
- fr as AuthProvider,
1254
- yr as useAuth
1764
+ ne as AUTH_TYPES,
1765
+ Kr as AuthProvider,
1766
+ Hr as useAuth
1255
1767
  };