@versini/auth-provider 8.0.2 → 8.0.4

package/dist/auth.js

@@ -2,17 +2,17 @@ var Pe = Object.defineProperty;
 var Ce = (e, t, n) => t in e ? Pe(e, t, { enumerable: !0, configurable: !0, writable: !0, value: n }) : e[t] = n;
 var K = (e, t, n) => Ce(e, typeof t != "symbol" ? t + "" : t, n);
 import { jsx as H } from "react/jsx-runtime";
-import { at as ie, st as ve, O as T, ot as M, nt as C, Ye as D, ct as Ue } from "./index-CJYVbSzH.js";
+import { at as ie, st as ve, m as T, ot as M, nt as C, ke as D, ct as Ue } from "./index-BM1ZTA9w.js";
 import De, { useSyncExternalStore as Le, useCallback as S, useEffect as ce, createContext as $e, useContext as Ke, useReducer as Ye, useRef as Ge } from "react";
 import { AuthHookContext as Ve } from "./AuthHookContext-C9a2AwWZ.js";
 /*!
-  @versini/auth-provider v8.0.2
+  @versini/auth-provider v8.0.4
   © 2025 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
-    version: "8.0.2",
-    buildTime: "04/19/2025 03:24 PM EDT",
+    version: "8.0.4",
+    buildTime: "06/03/2025 09:53 AM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });

package/dist/auth0.js

@@ -2,13 +2,13 @@ import { jsx as B } from "react/jsx-runtime";
 import Oe, { createContext as Te, useState as Pe, useReducer as Ce, useRef as Ee, useCallback as R, useEffect as je, useMemo as ze, useContext as xe } from "react";
 import { AuthHookContext as Re } from "./AuthHookContext-C9a2AwWZ.js";
 /*!
-  @versini/auth-provider v8.0.2
+  @versini/auth-provider v8.0.4
   © 2025 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
-    version: "8.0.2",
-    buildTime: "04/19/2025 03:24 PM EDT",
+    version: "8.0.4",
+    buildTime: "06/03/2025 09:53 AM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
@@ -505,7 +505,7 @@ const H = () => window.crypto, M = () => {
   })]).finally(() => {
     clearTimeout(o);
   });
-}, De = async (i, e, t, n, o, r, c) => {
+}, Ae = async (i, e, t, n, o, r, c) => {
   return h = { auth: { audience: e, scope: t }, timeout: o, fetchUrl: i, fetchOptions: n, useFormData: c }, l = r, new Promise(function(d, a) {
     const s = new MessageChannel();
     s.port1.onmessage = function(u) {
@@ -513,14 +513,14 @@ const H = () => window.crypto, M = () => {
     }, l.postMessage(h, [s.port2]);
   });
   var h, l;
-}, Ae = async (i, e, t, n, o, r, c = 1e4) => o ? De(i, e, t, n, c, o, r) : Ne(i, n, c);
+}, De = async (i, e, t, n, o, r, c = 1e4) => o ? Ae(i, e, t, n, c, o, r) : Ne(i, n, c);
 async function Xe(i, e) {
   var { baseUrl: t, timeout: n, audience: o, scope: r, auth0Client: c, useFormData: h } = i, l = E(i, ["baseUrl", "timeout", "audience", "scope", "auth0Client", "useFormData"]);
   const d = h ? Q(l) : JSON.stringify(l);
   return await async function(a, s, u, p, m, w, g) {
     let v, b = null;
     for (let I = 0; I < 3; I++) try {
-      v = await Ae(a, u, p, m, w, g, s), b = null;
+      v = await De(a, u, p, m, w, g, s), b = null;
       break;
     } catch (S) {
       b = S;
@@ -663,7 +663,7 @@ class Je {
     this.storage.remove(this.storageKey, { cookieDomain: this.cookieDomain });
   }
 }
-const A = (i) => typeof i == "number", Me = ["iss", "aud", "exp", "nbf", "iat", "jti", "azp", "nonce", "auth_time", "at_hash", "c_hash", "acr", "amr", "sub_jwk", "cnf", "sip_from_tag", "sip_date", "sip_callid", "sip_cseq_num", "sip_via_branch", "orig", "dest", "mky", "events", "toe", "txn", "rph", "sid", "vot", "vtm"], Fe = (i) => {
+const D = (i) => typeof i == "number", Me = ["iss", "aud", "exp", "nbf", "iat", "jti", "azp", "nonce", "auth_time", "at_hash", "c_hash", "acr", "amr", "sub_jwk", "cnf", "sip_from_tag", "sip_date", "sip_callid", "sip_cseq_num", "sip_via_branch", "orig", "dest", "mky", "events", "toe", "txn", "rph", "sid", "vot", "vtm"], Fe = (i) => {
   if (!i.id_token) throw new Error("ID token is required but missing");
   const e = ((r) => {
     const c = r.split("."), [h, l, d] = c;
@@ -689,16 +689,16 @@ const A = (i) => typeof i == "number", Me = ["iss", "aud", "exp", "nbf", "iat",
     if (!e.claims.nonce) throw new Error("Nonce (nonce) claim must be a string present in the ID token");
     if (e.claims.nonce !== i.nonce) throw new Error(`Nonce (nonce) claim mismatch in the ID token; expected "${i.nonce}", found "${e.claims.nonce}"`);
   }
-  if (i.max_age && !A(e.claims.auth_time)) throw new Error("Authentication Time (auth_time) claim must be a number present in the ID token when Max Age (max_age) is specified");
-  if (e.claims.exp == null || !A(e.claims.exp)) throw new Error("Expiration Time (exp) claim must be a number present in the ID token");
-  if (!A(e.claims.iat)) throw new Error("Issued At (iat) claim must be a number present in the ID token");
+  if (i.max_age && !D(e.claims.auth_time)) throw new Error("Authentication Time (auth_time) claim must be a number present in the ID token when Max Age (max_age) is specified");
+  if (e.claims.exp == null || !D(e.claims.exp)) throw new Error("Expiration Time (exp) claim must be a number present in the ID token");
+  if (!D(e.claims.iat)) throw new Error("Issued At (iat) claim must be a number present in the ID token");
   const t = i.leeway || 60, n = new Date(i.now || Date.now()), o = /* @__PURE__ */ new Date(0);
   if (o.setUTCSeconds(e.claims.exp + t), n > o) throw new Error(`Expiration Time (exp) claim error in the ID token; current time (${n}) is after expiration time (${o})`);
-  if (e.claims.nbf != null && A(e.claims.nbf)) {
+  if (e.claims.nbf != null && D(e.claims.nbf)) {
     const r = /* @__PURE__ */ new Date(0);
     if (r.setUTCSeconds(e.claims.nbf - t), n < r) throw new Error(`Not Before time (nbf) claim in the ID token indicates that this token can't be used just yet. Current time (${n}) is before ${r}`);
   }
-  if (e.claims.auth_time != null && A(e.claims.auth_time)) {
+  if (e.claims.auth_time != null && D(e.claims.auth_time)) {
     const r = /* @__PURE__ */ new Date(0);
     if (r.setUTCSeconds(parseInt(e.claims.auth_time) + i.max_age + t), n > r) throw new Error(`Authentication Time (auth_time) claim in the ID token indicates that too much time has passed since the last end-user authentication. Current time (${n}) is after last auth at ${r}`);
   }
@@ -1220,20 +1220,20 @@ var be = {
   ), b = R(function(k, _) {
     return L(void 0, void 0, void 0, function() {
       var I, S, O, z;
-      return K(this, function(D) {
-        switch (D.label) {
+      return K(this, function(A) {
+        switch (A.label) {
           case 0:
-            return D.trys.push([0, 2, 3, 5]), [4, l.getTokenWithPopup(k, _)];
+            return A.trys.push([0, 2, 3, 5]), [4, l.getTokenWithPopup(k, _)];
           case 1:
-            return I = D.sent(), [3, 5];
+            return I = A.sent(), [3, 5];
           case 2:
-            throw S = D.sent(), $(S);
+            throw S = A.sent(), $(S);
           case 3:
             return O = s, z = {
               type: "GET_ACCESS_TOKEN_COMPLETE"
             }, [4, l.getUser()];
           case 4:
-            return O.apply(void 0, [(z.user = D.sent(), z)]), [
+            return O.apply(void 0, [(z.user = A.sent(), z)]), [
               7
               /*endfinally*/
             ];

package/dist/hooks.js

@@ -1,13 +1,13 @@
 import { useContext as o } from "react";
 import { AuthHookContext as e } from "./AuthHookContext-C9a2AwWZ.js";
 /*!
-  @versini/auth-provider v8.0.2
+  @versini/auth-provider v8.0.4
   © 2025 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
-    version: "8.0.2",
-    buildTime: "04/19/2025 03:24 PM EDT",
+    version: "8.0.4",
+    buildTime: "06/03/2025 09:53 AM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });

package/dist/{index-CJYVbSzH.js → index-BM1ZTA9w.js}

@@ -1,12 +1,12 @@
 var ee = Object.defineProperty, te = (e, t, r) => t in e ? ee(e, t, { enumerable: !0, configurable: !0, writable: !0, value: r }) : e[t] = r, c = (e, t, r) => te(e, typeof t != "symbol" ? t + "" : t, r);
 /*!
-  @versini/auth-common v4.3.0
+  @versini/auth-common v4.5.0
   © 2025 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_COMMON__ || (window.__VERSINI_AUTH_COMMON__ = {
-    version: "4.3.0",
-    buildTime: "04/19/2025 03:24 PM EDT",
+    version: "4.5.0",
+    buildTime: "06/03/2025 09:53 AM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
@@ -23,7 +23,7 @@ const qe = {
 }, ze = {
   CLIENT_ID: "X-Auth-ClientId",
   AUTH_TYPE: "X-Auth-Type"
-}, I = {
+}, C = {
   ALG: "RS256",
   USER_ID_KEY: "sub",
   USERNAME_KEY: "username",
@@ -34,6 +34,7 @@ const qe = {
   EXPIRES_AT_KEY: "exp",
   CREATED_AT_KEY: "iat",
   SCOPES_KEY: "scopes",
+  SCOPE_KEY: "scope",
   CLIENT_ID_KEY: "aud",
   ISSUER: "gizmette.com"
 }, re = `-----BEGIN PUBLIC KEY-----
@@ -49,7 +50,7 @@ awIDAQAB
   LOGOUT: "logout",
   LOGIN: "login",
   REFRESH: "refresh"
-}, K = new TextEncoder(), C = new TextDecoder();
+}, R = new TextEncoder(), k = new TextDecoder();
 function ae(...e) {
   const t = e.reduce((n, { length: o }) => n + o, 0), r = new Uint8Array(t);
   let a = 0;
@@ -65,13 +66,13 @@ function ne(e) {
     r[a] = t.charCodeAt(a);
   return r;
 }
-function P(e) {
+function _(e) {
   if (Uint8Array.fromBase64)
-    return Uint8Array.fromBase64(typeof e == "string" ? e : C.decode(e), {
+    return Uint8Array.fromBase64(typeof e == "string" ? e : k.decode(e), {
       alphabet: "base64url"
     });
   let t = e;
-  t instanceof Uint8Array && (t = C.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
+  t instanceof Uint8Array && (t = k.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
   try {
     return ne(t);
   } catch {
@@ -85,12 +86,12 @@ class A extends Error {
   }
 }
 c(A, "code", "ERR_JOSE_GENERIC");
-class h extends A {
+class p extends A {
   constructor(t, r, a = "unspecified", n = "unspecified") {
     super(t, { cause: { claim: a, reason: n, payload: r } }), c(this, "code", "ERR_JWT_CLAIM_VALIDATION_FAILED"), c(this, "claim"), c(this, "reason"), c(this, "payload"), this.claim = a, this.reason = n, this.payload = r;
   }
 }
-c(h, "code", "ERR_JWT_CLAIM_VALIDATION_FAILED");
+c(p, "code", "ERR_JWT_CLAIM_VALIDATION_FAILED");
 class D extends A {
   constructor(t, r, a = "unspecified", n = "unspecified") {
     super(t, { cause: { claim: a, reason: n, payload: r } }), c(this, "code", "ERR_JWT_EXPIRED"), c(this, "claim"), c(this, "reason"), c(this, "payload"), this.claim = a, this.reason = n, this.payload = r;
@@ -109,12 +110,12 @@ class E extends A {
   }
 }
 c(E, "code", "ERR_JOSE_NOT_SUPPORTED");
-class d extends A {
+class l extends A {
   constructor() {
     super(...arguments), c(this, "code", "ERR_JWS_INVALID");
   }
 }
-c(d, "code", "ERR_JWS_INVALID");
+c(l, "code", "ERR_JWS_INVALID");
 class f extends A {
   constructor() {
     super(...arguments), c(this, "code", "ERR_JWT_INVALID");
@@ -127,10 +128,10 @@ class F extends A {
   }
 }
 c(F, "code", "ERR_JWS_SIGNATURE_VERIFICATION_FAILED");
-function w(e, t = "algorithm.name") {
+function S(e, t = "algorithm.name") {
   return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`);
 }
-function k(e, t) {
+function P(e, t) {
   return e.name === t;
 }
 function H(e) {
@@ -157,47 +158,47 @@ function ie(e, t, r) {
     case "HS256":
     case "HS384":
     case "HS512": {
-      if (!k(e.algorithm, "HMAC"))
-        throw w("HMAC");
+      if (!P(e.algorithm, "HMAC"))
+        throw S("HMAC");
       const a = parseInt(t.slice(2), 10);
       if (H(e.algorithm.hash) !== a)
-        throw w(`SHA-${a}`, "algorithm.hash");
+        throw S(`SHA-${a}`, "algorithm.hash");
       break;
     }
     case "RS256":
     case "RS384":
     case "RS512": {
-      if (!k(e.algorithm, "RSASSA-PKCS1-v1_5"))
-        throw w("RSASSA-PKCS1-v1_5");
+      if (!P(e.algorithm, "RSASSA-PKCS1-v1_5"))
+        throw S("RSASSA-PKCS1-v1_5");
       const a = parseInt(t.slice(2), 10);
       if (H(e.algorithm.hash) !== a)
-        throw w(`SHA-${a}`, "algorithm.hash");
+        throw S(`SHA-${a}`, "algorithm.hash");
       break;
     }
     case "PS256":
     case "PS384":
     case "PS512": {
-      if (!k(e.algorithm, "RSA-PSS"))
-        throw w("RSA-PSS");
+      if (!P(e.algorithm, "RSA-PSS"))
+        throw S("RSA-PSS");
       const a = parseInt(t.slice(2), 10);
       if (H(e.algorithm.hash) !== a)
-        throw w(`SHA-${a}`, "algorithm.hash");
+        throw S(`SHA-${a}`, "algorithm.hash");
       break;
     }
     case "Ed25519":
     case "EdDSA": {
-      if (!k(e.algorithm, "Ed25519"))
-        throw w("Ed25519");
+      if (!P(e.algorithm, "Ed25519"))
+        throw S("Ed25519");
       break;
     }
     case "ES256":
     case "ES384":
     case "ES512": {
-      if (!k(e.algorithm, "ECDSA"))
-        throw w("ECDSA");
+      if (!P(e.algorithm, "ECDSA"))
+        throw S("ECDSA");
       const a = oe(t);
       if (e.algorithm.namedCurve !== a)
-        throw w(a, "algorithm.namedCurve");
+        throw S(a, "algorithm.namedCurve");
       break;
     }
     default:
@@ -223,7 +224,7 @@ function q(e) {
 function z(e) {
   return e?.[Symbol.toStringTag] === "KeyObject";
 }
-const Q = (e) => q(e) || z(e), de = (...e) => {
+const Q = (e) => q(e) || z(e), le = (...e) => {
   const t = e.filter(Boolean);
   if (t.length === 0 || t.length === 1)
     return !0;
@@ -242,11 +243,11 @@ const Q = (e) => q(e) || z(e), de = (...e) => {
   }
   return !0;
 };
-function le(e) {
+function de(e) {
   return typeof e == "object" && e !== null;
 }
-const T = (e) => {
-  if (!le(e) || Object.prototype.toString.call(e) !== "[object Object]")
+const K = (e) => {
+  if (!de(e) || Object.prototype.toString.call(e) !== "[object Object]")
     return !1;
   if (Object.getPrototypeOf(e) === null)
     return !0;
@@ -260,27 +261,27 @@ const T = (e) => {
     if (typeof r != "number" || r < 2048)
       throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`);
   }
-}, R = (e, t, r = 0) => {
+}, I = (e, t, r = 0) => {
   r === 0 && (t.unshift(t.length), t.unshift(6));
   const a = e.indexOf(t[0], r);
   if (a === -1)
     return !1;
   const n = e.subarray(a, a + t.length);
-  return n.length !== t.length ? !1 : n.every((o, s) => o === t[s]) || R(e, t, a + 1);
+  return n.length !== t.length ? !1 : n.every((o, s) => o === t[s]) || I(e, t, a + 1);
 }, ye = (e) => {
   switch (!0) {
-    case R(e, [42, 134, 72, 206, 61, 3, 1, 7]):
+    case I(e, [42, 134, 72, 206, 61, 3, 1, 7]):
       return "P-256";
-    case R(e, [43, 129, 4, 0, 34]):
+    case I(e, [43, 129, 4, 0, 34]):
       return "P-384";
-    case R(e, [43, 129, 4, 0, 35]):
+    case I(e, [43, 129, 4, 0, 35]):
       return "P-521";
     default:
       return;
   }
-}, he = async (e, t, r, a, n) => {
+}, pe = async (e, t, r, a, n) => {
   let o, s;
-  const i = new Uint8Array(atob(r.replace(e, "")).split("").map((l) => l.charCodeAt(0)));
+  const i = new Uint8Array(atob(r.replace(e, "")).split("").map((d) => d.charCodeAt(0)));
   switch (a) {
     case "PS256":
     case "PS384":
@@ -314,8 +315,8 @@ const T = (e) => {
     case "ECDH-ES+A128KW":
     case "ECDH-ES+A192KW":
     case "ECDH-ES+A256KW": {
-      const l = ye(i);
-      o = l != null && l.startsWith("P-") ? { name: "ECDH", namedCurve: l } : { name: "X25519" }, s = [];
+      const d = ye(i);
+      o = d != null && d.startsWith("P-") ? { name: "ECDH", namedCurve: d } : { name: "X25519" }, s = [];
       break;
     }
     case "Ed25519":
@@ -326,7 +327,7 @@ const T = (e) => {
       throw new E('Invalid or unsupported "alg" (Algorithm) value');
   }
   return crypto.subtle.importKey(t, i, o, !0, s);
-}, pe = (e, t, r) => he(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
+}, he = (e, t, r) => pe(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
 function fe(e) {
   let t, r;
   switch (e.kty) {
@@ -406,12 +407,12 @@ const me = async (e) => {
   const { algorithm: t, keyUsages: r } = fe(e), a = { ...e };
   return delete a.alg, delete a.use, crypto.subtle.importKey("jwk", a, t, e.ext ?? !e.d, e.key_ops ?? r);
 };
-async function we(e, t, r) {
+async function Se(e, t, r) {
   if (e.indexOf("-----BEGIN PUBLIC KEY-----") !== 0)
     throw new TypeError('"spki" must be SPKI formatted string');
-  return pe(e, t);
+  return he(e, t);
 }
-const Se = (e, t, r, a, n) => {
+const we = (e, t, r, a, n) => {
   if (n.crit !== void 0 && a?.crit === void 0)
     throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');
   if (!a || a.crit === void 0)
@@ -436,7 +437,7 @@ const Se = (e, t, r, a, n) => {
     return new Set(t);
 };
 function U(e) {
-  return T(e) && typeof e.kty == "string";
+  return K(e) && typeof e.kty == "string";
 }
 function ge(e) {
   return e.kty !== "oct" && typeof e.d == "string";
@@ -558,7 +559,7 @@ const $ = async (e, t, r, a = !1) => {
     return $(e, r, t);
   }
   if (U(e))
-    return e.k ? P(e.k) : $(e, e, t, !0);
+    return e.k ? _(e.k) : $(e, e, t, !0);
   throw new Error("unreachable");
 }, v = (e) => e?.[Symbol.toStringTag], J = (e, t, r) => {
   var a, n;
@@ -648,9 +649,9 @@ const $ = async (e, t, r, a = !1) => {
       case "encrypt":
         throw new TypeError(`${v(t)} instances for asymmetric algorithm encryption must be of type "public"`);
     }
-}, Te = (e, t, r) => {
+}, _e = (e, t, r) => {
   e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A(?:128|192|256)(?:GCM)?(?:KW)?$/.test(e) || /^A(?:128|192|256)CBC-HS(?:256|384|512)$/.test(e) ? ke(e, t, r) : Pe(e, t, r);
-}, _e = (e, t) => {
+}, Ke = (e, t) => {
   const r = `SHA-${e.slice(-3)}`;
   switch (e) {
     case "HS256":
@@ -675,7 +676,7 @@ const $ = async (e, t, r, a = !1) => {
     default:
       throw new E(`alg ${e} is not supported either by JOSE or your javascript runtime`);
   }
-}, Ke = async (e, t, r) => {
+}, Te = async (e, t, r) => {
   if (t instanceof Uint8Array) {
     if (!e.startsWith("HS"))
       throw new TypeError(ce(t, "CryptoKey", "KeyObject", "JSON Web Key"));
@@ -683,9 +684,9 @@ const $ = async (e, t, r, a = !1) => {
   }
   return ie(t, e, r), t;
 }, Re = async (e, t, r, a) => {
-  const n = await Ke(e, t, "verify");
+  const n = await Te(e, t, "verify");
   ue(e, n);
-  const o = _e(e, n.algorithm);
+  const o = Ke(e, n.algorithm);
   try {
     return await crypto.subtle.verify(o, n, r, a);
   } catch {
@@ -693,77 +694,77 @@ const $ = async (e, t, r, a = !1) => {
   }
 };
 async function Ie(e, t, r) {
-  if (!T(e))
-    throw new d("Flattened JWS must be an object");
+  if (!K(e))
+    throw new l("Flattened JWS must be an object");
   if (e.protected === void 0 && e.header === void 0)
-    throw new d('Flattened JWS must have either of the "protected" or "header" members');
+    throw new l('Flattened JWS must have either of the "protected" or "header" members');
   if (e.protected !== void 0 && typeof e.protected != "string")
-    throw new d("JWS Protected Header incorrect type");
+    throw new l("JWS Protected Header incorrect type");
   if (e.payload === void 0)
-    throw new d("JWS Payload missing");
+    throw new l("JWS Payload missing");
   if (typeof e.signature != "string")
-    throw new d("JWS Signature missing or incorrect type");
-  if (e.header !== void 0 && !T(e.header))
-    throw new d("JWS Unprotected Header incorrect type");
+    throw new l("JWS Signature missing or incorrect type");
+  if (e.header !== void 0 && !K(e.header))
+    throw new l("JWS Unprotected Header incorrect type");
   let a = {};
   if (e.protected)
     try {
-      const O = P(e.protected);
-      a = JSON.parse(C.decode(O));
+      const O = _(e.protected);
+      a = JSON.parse(k.decode(O));
     } catch {
-      throw new d("JWS Protected Header is invalid");
+      throw new l("JWS Protected Header is invalid");
     }
-  if (!de(a, e.header))
-    throw new d("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
+  if (!le(a, e.header))
+    throw new l("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
   const n = {
     ...a,
     ...e.header
-  }, o = Se(d, /* @__PURE__ */ new Map([["b64", !0]]), r?.crit, a, n);
+  }, o = we(l, /* @__PURE__ */ new Map([["b64", !0]]), r?.crit, a, n);
   let s = !0;
   if (o.has("b64") && (s = a.b64, typeof s != "boolean"))
-    throw new d('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
+    throw new l('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
   const { alg: i } = n;
   if (typeof i != "string" || !i)
-    throw new d('JWS "alg" (Algorithm) Header Parameter missing or invalid');
-  const l = r && Ee("algorithms", r.algorithms);
-  if (l && !l.has(i))
+    throw new l('JWS "alg" (Algorithm) Header Parameter missing or invalid');
+  const d = r && Ee("algorithms", r.algorithms);
+  if (d && !d.has(i))
     throw new Y('"alg" (Algorithm) Header Parameter value not allowed');
   if (s) {
     if (typeof e.payload != "string")
-      throw new d("JWS Payload must be a string");
+      throw new l("JWS Payload must be a string");
   } else if (typeof e.payload != "string" && !(e.payload instanceof Uint8Array))
-    throw new d("JWS Payload must be a string or an Uint8Array instance");
+    throw new l("JWS Payload must be a string or an Uint8Array instance");
   let m = !1;
-  typeof t == "function" && (t = await t(a, e), m = !0), Te(i, t, "verify");
-  const b = ae(K.encode(e.protected ?? ""), K.encode("."), typeof e.payload == "string" ? K.encode(e.payload) : e.payload);
-  let p;
+  typeof t == "function" && (t = await t(a, e), m = !0), _e(i, t, "verify");
+  const b = ae(R.encode(e.protected ?? ""), R.encode("."), typeof e.payload == "string" ? R.encode(e.payload) : e.payload);
+  let h;
   try {
-    p = P(e.signature);
+    h = _(e.signature);
   } catch {
-    throw new d("Failed to base64url decode the signature");
+    throw new l("Failed to base64url decode the signature");
   }
-  const _ = await Ce(t, i);
-  if (!await Re(i, _, p, b))
+  const T = await Ce(t, i);
+  if (!await Re(i, T, h, b))
     throw new F();
-  let S;
+  let w;
   if (s)
     try {
-      S = P(e.payload);
+      w = _(e.payload);
     } catch {
-      throw new d("Failed to base64url decode the payload");
+      throw new l("Failed to base64url decode the payload");
     }
-  else typeof e.payload == "string" ? S = K.encode(e.payload) : S = e.payload;
-  const y = { payload: S };
-  return e.protected !== void 0 && (y.protectedHeader = a), e.header !== void 0 && (y.unprotectedHeader = e.header), m ? { ...y, key: _ } : y;
+  else typeof e.payload == "string" ? w = R.encode(e.payload) : w = e.payload;
+  const y = { payload: w };
+  return e.protected !== void 0 && (y.protectedHeader = a), e.header !== void 0 && (y.unprotectedHeader = e.header), m ? { ...y, key: T } : y;
 }
 async function Oe(e, t, r) {
-  if (e instanceof Uint8Array && (e = C.decode(e)), typeof e != "string")
-    throw new d("Compact JWS must be a string or Uint8Array");
+  if (e instanceof Uint8Array && (e = k.decode(e)), typeof e != "string")
+    throw new l("Compact JWS must be a string or Uint8Array");
   const { 0: a, 1: n, 2: o, length: s } = e.split(".");
   if (s !== 3)
-    throw new d("Invalid Compact JWS");
-  const i = await Ie({ payload: n, protected: a, signature: o }, t, r), l = { payload: i.payload, protectedHeader: i.protectedHeader };
-  return typeof t == "function" ? { ...l, key: i.key } : l;
+    throw new l("Invalid Compact JWS");
+  const i = await Ie({ payload: n, protected: a, signature: o }, t, r), d = { payload: i.payload, protectedHeader: i.protectedHeader };
+  return typeof t == "function" ? { ...d, key: i.key } : d;
 }
 const He = (e) => Math.floor(e.getTime() / 1e3), X = 60, Z = X * 60, N = Z * 24, We = N * 7, De = N * 365.25, Je = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, j = (e) => {
   const t = Je.exec(e);
@@ -812,60 +813,60 @@ const He = (e) => Math.floor(e.getTime() / 1e3), X = 60, Z = X * 60, N = Z * 24,
 function Ne(e, t, r = {}) {
   let a;
   try {
-    a = JSON.parse(C.decode(t));
+    a = JSON.parse(k.decode(t));
   } catch {
   }
-  if (!T(a))
+  if (!K(a))
     throw new f("JWT Claims Set must be a top-level JSON object");
   const { typ: n } = r;
   if (n && (typeof e.typ != "string" || L(e.typ) !== L(n)))
-    throw new h('unexpected "typ" JWT header value', a, "typ", "check_failed");
-  const { requiredClaims: o = [], issuer: s, subject: i, audience: l, maxTokenAge: m } = r, b = [...o];
-  m !== void 0 && b.push("iat"), l !== void 0 && b.push("aud"), i !== void 0 && b.push("sub"), s !== void 0 && b.push("iss");
+    throw new p('unexpected "typ" JWT header value', a, "typ", "check_failed");
+  const { requiredClaims: o = [], issuer: s, subject: i, audience: d, maxTokenAge: m } = r, b = [...o];
+  m !== void 0 && b.push("iat"), d !== void 0 && b.push("aud"), i !== void 0 && b.push("sub"), s !== void 0 && b.push("iss");
   for (const y of new Set(b.reverse()))
     if (!(y in a))
-      throw new h(`missing required "${y}" claim`, a, y, "missing");
+      throw new p(`missing required "${y}" claim`, a, y, "missing");
   if (s && !(Array.isArray(s) ? s : [s]).includes(a.iss))
-    throw new h('unexpected "iss" claim value', a, "iss", "check_failed");
+    throw new p('unexpected "iss" claim value', a, "iss", "check_failed");
   if (i && a.sub !== i)
-    throw new h('unexpected "sub" claim value', a, "sub", "check_failed");
-  if (l && !Ue(a.aud, typeof l == "string" ? [l] : l))
-    throw new h('unexpected "aud" claim value', a, "aud", "check_failed");
-  let p;
+    throw new p('unexpected "sub" claim value', a, "sub", "check_failed");
+  if (d && !Ue(a.aud, typeof d == "string" ? [d] : d))
+    throw new p('unexpected "aud" claim value', a, "aud", "check_failed");
+  let h;
   switch (typeof r.clockTolerance) {
     case "string":
-      p = j(r.clockTolerance);
+      h = j(r.clockTolerance);
       break;
     case "number":
-      p = r.clockTolerance;
+      h = r.clockTolerance;
       break;
     case "undefined":
-      p = 0;
+      h = 0;
       break;
     default:
       throw new TypeError("Invalid clockTolerance option type");
   }
-  const { currentDate: _ } = r, S = He(_ || /* @__PURE__ */ new Date());
+  const { currentDate: T } = r, w = He(T || /* @__PURE__ */ new Date());
   if ((a.iat !== void 0 || m) && typeof a.iat != "number")
-    throw new h('"iat" claim must be a number', a, "iat", "invalid");
+    throw new p('"iat" claim must be a number', a, "iat", "invalid");
   if (a.nbf !== void 0) {
     if (typeof a.nbf != "number")
-      throw new h('"nbf" claim must be a number', a, "nbf", "invalid");
-    if (a.nbf > S + p)
-      throw new h('"nbf" claim timestamp check failed', a, "nbf", "check_failed");
+      throw new p('"nbf" claim must be a number', a, "nbf", "invalid");
+    if (a.nbf > w + h)
+      throw new p('"nbf" claim timestamp check failed', a, "nbf", "check_failed");
   }
   if (a.exp !== void 0) {
     if (typeof a.exp != "number")
-      throw new h('"exp" claim must be a number', a, "exp", "invalid");
-    if (a.exp <= S - p)
+      throw new p('"exp" claim must be a number', a, "exp", "invalid");
+    if (a.exp <= w - h)
       throw new D('"exp" claim timestamp check failed', a, "exp", "check_failed");
   }
   if (m) {
-    const y = S - a.iat, O = typeof m == "number" ? m : j(m);
-    if (y - p > O)
+    const y = w - a.iat, O = typeof m == "number" ? m : j(m);
+    if (y - h > O)
       throw new D('"iat" claim timestamp check failed (too far in the past)', a, "iat", "check_failed");
-    if (y < 0 - p)
-      throw new h('"iat" claim timestamp check failed (it should be in the past)', a, "iat", "check_failed");
+    if (y < 0 - h)
+      throw new p('"iat" claim timestamp check failed (it should be in the past)', a, "iat", "check_failed");
   }
   return a;
 }
@@ -889,25 +890,25 @@ function je(e) {
     throw new f("JWTs must contain a payload");
   let a;
   try {
-    a = P(t);
+    a = _(t);
   } catch {
     throw new f("Failed to base64url decode the payload");
   }
   let n;
   try {
-    n = JSON.parse(C.decode(a));
+    n = JSON.parse(k.decode(a));
   } catch {
     throw new f("Failed to parse the decoded payload as JSON");
   }
-  if (!T(n))
+  if (!K(n))
     throw new f("Invalid JWT Claims Set");
   return n;
 }
 const Le = async (e) => {
   try {
-    const t = I.ALG, r = await we(re, t);
+    const t = C.ALG, r = await Se(re, t);
     return await $e(e, r, {
-      issuer: I.ISSUER
+      issuer: C.ISSUER
     });
   } catch {
     return;
@@ -964,21 +965,26 @@ async function Ze(e) {
   };
 }
 const et = async (e, t) => {
-  var r;
-  const a = await Le(e);
-  if (!a || !Array.isArray((r = a.payload) == null ? void 0 : r[I.SCOPES_KEY]))
+  const r = await Le(e);
+  if (!r || !r.payload)
+    return !1;
+  let a = [];
+  if (Array.isArray(r.payload[C.SCOPES_KEY]))
+    a = r.payload[C.SCOPES_KEY];
+  else if (typeof r.payload[C.SCOPE_KEY] == "string")
+    a = r.payload[C.SCOPE_KEY].split(" ").filter((n) => n.trim() !== "");
+  else
     return !1;
-  const n = a.payload[I.SCOPES_KEY];
-  return Array.isArray(t) ? t.every((o) => n.includes(o)) : Object.keys(t).some(
-    (o) => t[o].every((s) => n.includes(s))
+  return Array.isArray(t) ? t.every((n) => a.includes(n)) : Object.keys(t).some(
+    (n) => t[n].every((o) => a.includes(o))
   );
 };
 export {
-  I as O,
-  Le as Ye,
   ze as at,
   Ze as ct,
   et as ft,
+  Le as ke,
+  C as m,
   qe as nt,
   Qe as ot,
   Xe as st

package/dist/index.js

@@ -1,12 +1,12 @@
-import { nt as t, ft as r } from "./index-CJYVbSzH.js";
+import { nt as t, ft as r } from "./index-BM1ZTA9w.js";
 /*!
-  @versini/auth-provider v8.0.2
+  @versini/auth-provider v8.0.4
   © 2025 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
-    version: "8.0.2",
-    buildTime: "04/19/2025 03:24 PM EDT",
+    version: "8.0.4",
+    buildTime: "06/03/2025 09:53 AM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "@versini/auth-provider",
-	"version": "8.0.2",
+	"version": "8.0.4",
 	"license": "MIT",
 	"author": "Arno Versini",
 	"publishConfig": {
@@ -55,10 +55,10 @@
 	"dependencies": {
 		"@auth0/auth0-react": "2.3.0",
 		"@simplewebauthn/browser": "13.1.0",
-		"@versini/auth-common": "4.3.0",
+		"@versini/auth-common": "4.5.0",
 		"@versini/ui-hooks": "4.7.3",
 		"jose": "6.0.10",
 		"uuid": "11.1.0"
 	},
-	"gitHead": "687d768111980b3d94ca4008c9074477605e5871"
+	"gitHead": "fb77e97e486bd0fa158543e93d35b3a9be64d451"
 }