@wandelbots/wandelbots-js-react-components 3.5.0 → 3.5.1-pr.feat-add-eight-abbs.449.688e34f
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/{auth0-spa-js.production.esm-9WdmjTxR.js → auth0-spa-js.production.esm-DL9f1uDJ.js} +365 -356
- package/dist/auth0-spa-js.production.esm-DL9f1uDJ.js.map +1 -0
- package/dist/auth0-spa-js.production.esm-DTiWXa87.cjs +5 -0
- package/dist/auth0-spa-js.production.esm-DTiWXa87.cjs.map +1 -0
- package/dist/core.cjs.js +1 -1
- package/dist/core.es.js +1 -1
- package/dist/index.cjs.js +1 -1
- package/dist/index.es.js +1 -1
- package/dist/{theming-Bafjg0Wg.js → theming-Coh4zx7d.js} +4768 -4546
- package/dist/theming-Coh4zx7d.js.map +1 -0
- package/dist/theming-D4ztsmTr.cjs +133 -0
- package/dist/theming-D4ztsmTr.cjs.map +1 -0
- package/package.json +11 -11
- package/dist/auth0-spa-js.production.esm-9WdmjTxR.js.map +0 -1
- package/dist/auth0-spa-js.production.esm-BcLLh1tx.cjs +0 -5
- package/dist/auth0-spa-js.production.esm-BcLLh1tx.cjs.map +0 -1
- package/dist/theming-BQcKj8Gp.cjs +0 -133
- package/dist/theming-BQcKj8Gp.cjs.map +0 -1
- package/dist/theming-Bafjg0Wg.js.map +0 -1
package/dist/{auth0-spa-js.production.esm-9WdmjTxR.js → auth0-spa-js.production.esm-DL9f1uDJ.js}
RENAMED
|
@@ -20,19 +20,19 @@ var O = ee((function(i, e) {
|
|
|
20
20
|
function n() {
|
|
21
21
|
var o = this;
|
|
22
22
|
this.locked = /* @__PURE__ */ new Map(), this.addToLocked = function(r, a) {
|
|
23
|
-
var
|
|
24
|
-
|
|
23
|
+
var l = o.locked.get(r);
|
|
24
|
+
l === void 0 ? a === void 0 ? o.locked.set(r, []) : o.locked.set(r, [a]) : a !== void 0 && (l.unshift(a), o.locked.set(r, l));
|
|
25
25
|
}, this.isLocked = function(r) {
|
|
26
26
|
return o.locked.has(r);
|
|
27
27
|
}, this.lock = function(r) {
|
|
28
|
-
return new Promise((function(a,
|
|
28
|
+
return new Promise((function(a, l) {
|
|
29
29
|
o.isLocked(r) ? o.addToLocked(r, a) : (o.addToLocked(r), a());
|
|
30
30
|
}));
|
|
31
31
|
}, this.unlock = function(r) {
|
|
32
32
|
var a = o.locked.get(r);
|
|
33
33
|
if (a !== void 0 && a.length !== 0) {
|
|
34
|
-
var
|
|
35
|
-
o.locked.set(r, a),
|
|
34
|
+
var l = a.pop();
|
|
35
|
+
o.locked.set(r, a), l !== void 0 && setTimeout(l, 0);
|
|
36
36
|
} else o.locked.delete(r);
|
|
37
37
|
};
|
|
38
38
|
}
|
|
@@ -45,32 +45,32 @@ var O = ee((function(i, e) {
|
|
|
45
45
|
};
|
|
46
46
|
}));
|
|
47
47
|
Q(O);
|
|
48
|
-
var
|
|
49
|
-
var t = C && C.__awaiter || function(s, c,
|
|
50
|
-
return new (
|
|
51
|
-
function
|
|
48
|
+
var xe = Q(ee((function(i, e) {
|
|
49
|
+
var t = C && C.__awaiter || function(s, c, h, d) {
|
|
50
|
+
return new (h || (h = Promise))((function(m, y) {
|
|
51
|
+
function f(w) {
|
|
52
52
|
try {
|
|
53
|
-
b(
|
|
54
|
-
} catch (
|
|
55
|
-
y(
|
|
53
|
+
b(d.next(w));
|
|
54
|
+
} catch (g) {
|
|
55
|
+
y(g);
|
|
56
56
|
}
|
|
57
57
|
}
|
|
58
58
|
function k(w) {
|
|
59
59
|
try {
|
|
60
|
-
b(
|
|
61
|
-
} catch (
|
|
62
|
-
y(
|
|
60
|
+
b(d.throw(w));
|
|
61
|
+
} catch (g) {
|
|
62
|
+
y(g);
|
|
63
63
|
}
|
|
64
64
|
}
|
|
65
65
|
function b(w) {
|
|
66
|
-
w.done ? m(w.value) : new
|
|
67
|
-
|
|
68
|
-
})).then(
|
|
66
|
+
w.done ? m(w.value) : new h((function(g) {
|
|
67
|
+
g(w.value);
|
|
68
|
+
})).then(f, k);
|
|
69
69
|
}
|
|
70
|
-
b((
|
|
70
|
+
b((d = d.apply(s, c || [])).next());
|
|
71
71
|
}));
|
|
72
72
|
}, n = C && C.__generator || function(s, c) {
|
|
73
|
-
var
|
|
73
|
+
var h, d, m, y, f = { label: 0, sent: function() {
|
|
74
74
|
if (1 & m[0]) throw m[1];
|
|
75
75
|
return m[1];
|
|
76
76
|
}, trys: [], ops: [] };
|
|
@@ -79,51 +79,51 @@ var je = Q(ee((function(i, e) {
|
|
|
79
79
|
}), y;
|
|
80
80
|
function k(b) {
|
|
81
81
|
return function(w) {
|
|
82
|
-
return (function(
|
|
83
|
-
if (
|
|
84
|
-
for (;
|
|
85
|
-
if (
|
|
86
|
-
switch (
|
|
82
|
+
return (function(g) {
|
|
83
|
+
if (h) throw new TypeError("Generator is already executing.");
|
|
84
|
+
for (; f; ) try {
|
|
85
|
+
if (h = 1, d && (m = 2 & g[0] ? d.return : g[0] ? d.throw || ((m = d.return) && m.call(d), 0) : d.next) && !(m = m.call(d, g[1])).done) return m;
|
|
86
|
+
switch (d = 0, m && (g = [2 & g[0], m.value]), g[0]) {
|
|
87
87
|
case 0:
|
|
88
88
|
case 1:
|
|
89
|
-
m =
|
|
89
|
+
m = g;
|
|
90
90
|
break;
|
|
91
91
|
case 4:
|
|
92
|
-
return
|
|
92
|
+
return f.label++, { value: g[1], done: !1 };
|
|
93
93
|
case 5:
|
|
94
|
-
|
|
94
|
+
f.label++, d = g[1], g = [0];
|
|
95
95
|
continue;
|
|
96
96
|
case 7:
|
|
97
|
-
|
|
97
|
+
g = f.ops.pop(), f.trys.pop();
|
|
98
98
|
continue;
|
|
99
99
|
default:
|
|
100
|
-
if (m =
|
|
101
|
-
|
|
100
|
+
if (m = f.trys, !((m = m.length > 0 && m[m.length - 1]) || g[0] !== 6 && g[0] !== 2)) {
|
|
101
|
+
f = 0;
|
|
102
102
|
continue;
|
|
103
103
|
}
|
|
104
|
-
if (
|
|
105
|
-
|
|
104
|
+
if (g[0] === 3 && (!m || g[1] > m[0] && g[1] < m[3])) {
|
|
105
|
+
f.label = g[1];
|
|
106
106
|
break;
|
|
107
107
|
}
|
|
108
|
-
if (
|
|
109
|
-
|
|
108
|
+
if (g[0] === 6 && f.label < m[1]) {
|
|
109
|
+
f.label = m[1], m = g;
|
|
110
110
|
break;
|
|
111
111
|
}
|
|
112
|
-
if (m &&
|
|
113
|
-
|
|
112
|
+
if (m && f.label < m[2]) {
|
|
113
|
+
f.label = m[2], f.ops.push(g);
|
|
114
114
|
break;
|
|
115
115
|
}
|
|
116
|
-
m[2] &&
|
|
116
|
+
m[2] && f.ops.pop(), f.trys.pop();
|
|
117
117
|
continue;
|
|
118
118
|
}
|
|
119
|
-
|
|
120
|
-
} catch (
|
|
121
|
-
|
|
119
|
+
g = c.call(s, f);
|
|
120
|
+
} catch (_) {
|
|
121
|
+
g = [6, _], d = 0;
|
|
122
122
|
} finally {
|
|
123
|
-
|
|
123
|
+
h = m = 0;
|
|
124
124
|
}
|
|
125
|
-
if (5 &
|
|
126
|
-
return { value:
|
|
125
|
+
if (5 & g[0]) throw g[1];
|
|
126
|
+
return { value: g[0] ? g[1] : void 0, done: !0 };
|
|
127
127
|
})([b, w]);
|
|
128
128
|
};
|
|
129
129
|
}
|
|
@@ -155,7 +155,7 @@ var je = Q(ee((function(i, e) {
|
|
|
155
155
|
}));
|
|
156
156
|
}, setItem: function(s, c) {
|
|
157
157
|
return t(o, void 0, void 0, (function() {
|
|
158
|
-
return n(this, (function(
|
|
158
|
+
return n(this, (function(h) {
|
|
159
159
|
throw new Error("Unsupported");
|
|
160
160
|
}));
|
|
161
161
|
}));
|
|
@@ -170,59 +170,59 @@ var je = Q(ee((function(i, e) {
|
|
|
170
170
|
}, setItemSync: function(s, c) {
|
|
171
171
|
return window.localStorage.setItem(s, c);
|
|
172
172
|
} };
|
|
173
|
-
function
|
|
173
|
+
function l(s) {
|
|
174
174
|
return new Promise((function(c) {
|
|
175
175
|
return setTimeout(c, s);
|
|
176
176
|
}));
|
|
177
177
|
}
|
|
178
178
|
function u(s) {
|
|
179
|
-
for (var c = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz",
|
|
180
|
-
|
|
181
|
-
return
|
|
179
|
+
for (var c = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz", h = "", d = 0; d < s; d++)
|
|
180
|
+
h += c[Math.floor(Math.random() * c.length)];
|
|
181
|
+
return h;
|
|
182
182
|
}
|
|
183
183
|
var p = (function() {
|
|
184
184
|
function s(c) {
|
|
185
185
|
this.acquiredIatSet = /* @__PURE__ */ new Set(), this.storageHandler = void 0, this.id = Date.now().toString() + u(15), this.acquireLock = this.acquireLock.bind(this), this.releaseLock = this.releaseLock.bind(this), this.releaseLock__private__ = this.releaseLock__private__.bind(this), this.waitForSomethingToChange = this.waitForSomethingToChange.bind(this), this.refreshLockWhileAcquired = this.refreshLockWhileAcquired.bind(this), this.storageHandler = c, s.waiters === void 0 && (s.waiters = []);
|
|
186
186
|
}
|
|
187
|
-
return s.prototype.acquireLock = function(c,
|
|
188
|
-
return
|
|
189
|
-
var
|
|
190
|
-
return n(this, (function(
|
|
191
|
-
switch (
|
|
187
|
+
return s.prototype.acquireLock = function(c, h) {
|
|
188
|
+
return h === void 0 && (h = 5e3), t(this, void 0, void 0, (function() {
|
|
189
|
+
var d, m, y, f, k, b, w;
|
|
190
|
+
return n(this, (function(g) {
|
|
191
|
+
switch (g.label) {
|
|
192
192
|
case 0:
|
|
193
|
-
|
|
193
|
+
d = Date.now() + u(4), m = Date.now() + h, y = r + "-" + c, f = this.storageHandler === void 0 ? a : this.storageHandler, g.label = 1;
|
|
194
194
|
case 1:
|
|
195
|
-
return Date.now() < m ? [4,
|
|
195
|
+
return Date.now() < m ? [4, l(30)] : [3, 8];
|
|
196
196
|
case 2:
|
|
197
|
-
return
|
|
197
|
+
return g.sent(), f.getItemSync(y) !== null ? [3, 5] : (k = this.id + "-" + c + "-" + d, [4, l(Math.floor(25 * Math.random()))]);
|
|
198
198
|
case 3:
|
|
199
|
-
return
|
|
199
|
+
return g.sent(), f.setItemSync(y, JSON.stringify({ id: this.id, iat: d, timeoutKey: k, timeAcquired: Date.now(), timeRefreshed: Date.now() })), [4, l(30)];
|
|
200
200
|
case 4:
|
|
201
|
-
return
|
|
201
|
+
return g.sent(), (b = f.getItemSync(y)) !== null && (w = JSON.parse(b)).id === this.id && w.iat === d ? (this.acquiredIatSet.add(d), this.refreshLockWhileAcquired(y, d), [2, !0]) : [3, 7];
|
|
202
202
|
case 5:
|
|
203
203
|
return s.lockCorrector(this.storageHandler === void 0 ? a : this.storageHandler), [4, this.waitForSomethingToChange(m)];
|
|
204
204
|
case 6:
|
|
205
|
-
|
|
205
|
+
g.sent(), g.label = 7;
|
|
206
206
|
case 7:
|
|
207
|
-
return
|
|
207
|
+
return d = Date.now() + u(4), [3, 1];
|
|
208
208
|
case 8:
|
|
209
209
|
return [2, !1];
|
|
210
210
|
}
|
|
211
211
|
}));
|
|
212
212
|
}));
|
|
213
|
-
}, s.prototype.refreshLockWhileAcquired = function(c,
|
|
213
|
+
}, s.prototype.refreshLockWhileAcquired = function(c, h) {
|
|
214
214
|
return t(this, void 0, void 0, (function() {
|
|
215
|
-
var
|
|
215
|
+
var d = this;
|
|
216
216
|
return n(this, (function(m) {
|
|
217
217
|
return setTimeout((function() {
|
|
218
|
-
return t(
|
|
219
|
-
var y,
|
|
218
|
+
return t(d, void 0, void 0, (function() {
|
|
219
|
+
var y, f, k;
|
|
220
220
|
return n(this, (function(b) {
|
|
221
221
|
switch (b.label) {
|
|
222
222
|
case 0:
|
|
223
|
-
return [4, O.default().lock(
|
|
223
|
+
return [4, O.default().lock(h)];
|
|
224
224
|
case 1:
|
|
225
|
-
return b.sent(), this.acquiredIatSet.has(
|
|
225
|
+
return b.sent(), this.acquiredIatSet.has(h) ? (y = this.storageHandler === void 0 ? a : this.storageHandler, (f = y.getItemSync(c)) === null ? (O.default().unlock(h), [2]) : ((k = JSON.parse(f)).timeRefreshed = Date.now(), y.setItemSync(c, JSON.stringify(k)), O.default().unlock(h), this.refreshLockWhileAcquired(c, h), [2])) : (O.default().unlock(h), [2]);
|
|
226
226
|
}
|
|
227
227
|
}));
|
|
228
228
|
}));
|
|
@@ -231,31 +231,31 @@ var je = Q(ee((function(i, e) {
|
|
|
231
231
|
}));
|
|
232
232
|
}, s.prototype.waitForSomethingToChange = function(c) {
|
|
233
233
|
return t(this, void 0, void 0, (function() {
|
|
234
|
-
return n(this, (function(
|
|
235
|
-
switch (
|
|
234
|
+
return n(this, (function(h) {
|
|
235
|
+
switch (h.label) {
|
|
236
236
|
case 0:
|
|
237
|
-
return [4, new Promise((function(
|
|
238
|
-
var m = !1, y = Date.now(),
|
|
237
|
+
return [4, new Promise((function(d) {
|
|
238
|
+
var m = !1, y = Date.now(), f = !1;
|
|
239
239
|
function k() {
|
|
240
|
-
if (
|
|
240
|
+
if (f || (window.removeEventListener("storage", k), s.removeFromWaiting(k), clearTimeout(b), f = !0), !m) {
|
|
241
241
|
m = !0;
|
|
242
242
|
var w = 50 - (Date.now() - y);
|
|
243
|
-
w > 0 ? setTimeout(
|
|
243
|
+
w > 0 ? setTimeout(d, w) : d(null);
|
|
244
244
|
}
|
|
245
245
|
}
|
|
246
246
|
window.addEventListener("storage", k), s.addToWaiting(k);
|
|
247
247
|
var b = setTimeout(k, Math.max(0, c - Date.now()));
|
|
248
248
|
}))];
|
|
249
249
|
case 1:
|
|
250
|
-
return
|
|
250
|
+
return h.sent(), [2];
|
|
251
251
|
}
|
|
252
252
|
}));
|
|
253
253
|
}));
|
|
254
254
|
}, s.addToWaiting = function(c) {
|
|
255
255
|
this.removeFromWaiting(c), s.waiters !== void 0 && s.waiters.push(c);
|
|
256
256
|
}, s.removeFromWaiting = function(c) {
|
|
257
|
-
s.waiters !== void 0 && (s.waiters = s.waiters.filter((function(
|
|
258
|
-
return
|
|
257
|
+
s.waiters !== void 0 && (s.waiters = s.waiters.filter((function(h) {
|
|
258
|
+
return h !== c;
|
|
259
259
|
})));
|
|
260
260
|
}, s.notifyWaiters = function() {
|
|
261
261
|
s.waiters !== void 0 && s.waiters.slice().forEach((function(c) {
|
|
@@ -263,42 +263,42 @@ var je = Q(ee((function(i, e) {
|
|
|
263
263
|
}));
|
|
264
264
|
}, s.prototype.releaseLock = function(c) {
|
|
265
265
|
return t(this, void 0, void 0, (function() {
|
|
266
|
-
return n(this, (function(
|
|
267
|
-
switch (
|
|
266
|
+
return n(this, (function(h) {
|
|
267
|
+
switch (h.label) {
|
|
268
268
|
case 0:
|
|
269
269
|
return [4, this.releaseLock__private__(c)];
|
|
270
270
|
case 1:
|
|
271
|
-
return [2,
|
|
271
|
+
return [2, h.sent()];
|
|
272
272
|
}
|
|
273
273
|
}));
|
|
274
274
|
}));
|
|
275
275
|
}, s.prototype.releaseLock__private__ = function(c) {
|
|
276
276
|
return t(this, void 0, void 0, (function() {
|
|
277
|
-
var
|
|
278
|
-
return n(this, (function(
|
|
279
|
-
switch (
|
|
277
|
+
var h, d, m, y;
|
|
278
|
+
return n(this, (function(f) {
|
|
279
|
+
switch (f.label) {
|
|
280
280
|
case 0:
|
|
281
|
-
return
|
|
281
|
+
return h = this.storageHandler === void 0 ? a : this.storageHandler, d = r + "-" + c, (m = h.getItemSync(d)) === null ? [2] : (y = JSON.parse(m)).id !== this.id ? [3, 2] : [4, O.default().lock(y.iat)];
|
|
282
282
|
case 1:
|
|
283
|
-
|
|
283
|
+
f.sent(), this.acquiredIatSet.delete(y.iat), h.removeItemSync(d), O.default().unlock(y.iat), s.notifyWaiters(), f.label = 2;
|
|
284
284
|
case 2:
|
|
285
285
|
return [2];
|
|
286
286
|
}
|
|
287
287
|
}));
|
|
288
288
|
}));
|
|
289
289
|
}, s.lockCorrector = function(c) {
|
|
290
|
-
for (var
|
|
291
|
-
var
|
|
292
|
-
if (
|
|
293
|
-
m.push(
|
|
290
|
+
for (var h = Date.now() - 5e3, d = c, m = [], y = 0; ; ) {
|
|
291
|
+
var f = d.keySync(y);
|
|
292
|
+
if (f === null) break;
|
|
293
|
+
m.push(f), y++;
|
|
294
294
|
}
|
|
295
295
|
for (var k = !1, b = 0; b < m.length; b++) {
|
|
296
296
|
var w = m[b];
|
|
297
297
|
if (w.includes(r)) {
|
|
298
|
-
var
|
|
299
|
-
if (
|
|
300
|
-
var
|
|
301
|
-
(
|
|
298
|
+
var g = d.getItemSync(w);
|
|
299
|
+
if (g !== null) {
|
|
300
|
+
var _ = JSON.parse(g);
|
|
301
|
+
(_.timeRefreshed === void 0 && _.timeAcquired < h || _.timeRefreshed !== void 0 && _.timeRefreshed < h) && (d.removeItemSync(w), k = !0);
|
|
302
302
|
}
|
|
303
303
|
}
|
|
304
304
|
}
|
|
@@ -307,7 +307,7 @@ var je = Q(ee((function(i, e) {
|
|
|
307
307
|
})();
|
|
308
308
|
e.default = p;
|
|
309
309
|
})));
|
|
310
|
-
const
|
|
310
|
+
const ze = { timeoutInSeconds: 60 }, ve = { name: "auth0-spa-js", version: "2.11.3" }, _e = () => Date.now();
|
|
311
311
|
class v extends Error {
|
|
312
312
|
constructor(e, t) {
|
|
313
313
|
super(t), this.error = e, this.error_description = t, Object.setPrototypeOf(this, v.prototype);
|
|
@@ -326,12 +326,12 @@ class ne extends v {
|
|
|
326
326
|
super(e, t), this.connection = n, this.state = o, this.appState = r, Object.setPrototypeOf(this, ne.prototype);
|
|
327
327
|
}
|
|
328
328
|
}
|
|
329
|
-
class
|
|
329
|
+
class N extends v {
|
|
330
330
|
constructor() {
|
|
331
|
-
super("timeout", "Timeout"), Object.setPrototypeOf(this,
|
|
331
|
+
super("timeout", "Timeout"), Object.setPrototypeOf(this, N.prototype);
|
|
332
332
|
}
|
|
333
333
|
}
|
|
334
|
-
class oe extends
|
|
334
|
+
class oe extends N {
|
|
335
335
|
constructor(e) {
|
|
336
336
|
super(), this.popup = e, Object.setPrototypeOf(this, oe.prototype);
|
|
337
337
|
}
|
|
@@ -351,63 +351,63 @@ class se extends v {
|
|
|
351
351
|
super(e, t), this.mfa_token = n, Object.setPrototypeOf(this, se.prototype);
|
|
352
352
|
}
|
|
353
353
|
}
|
|
354
|
-
class
|
|
354
|
+
class F extends v {
|
|
355
355
|
constructor(e, t) {
|
|
356
|
-
super("missing_refresh_token", `Missing Refresh Token (audience: '${
|
|
356
|
+
super("missing_refresh_token", `Missing Refresh Token (audience: '${J(e, ["default"])}', scope: '${J(t)}')`), this.audience = e, this.scope = t, Object.setPrototypeOf(this, F.prototype);
|
|
357
357
|
}
|
|
358
358
|
}
|
|
359
359
|
class ae extends v {
|
|
360
360
|
constructor(e, t) {
|
|
361
|
-
super("missing_scopes", `Missing requested scopes after refresh (audience: '${
|
|
361
|
+
super("missing_scopes", `Missing requested scopes after refresh (audience: '${J(e, ["default"])}', missing scope: '${J(t)}')`), this.audience = e, this.scope = t, Object.setPrototypeOf(this, ae.prototype);
|
|
362
362
|
}
|
|
363
363
|
}
|
|
364
|
-
class
|
|
364
|
+
class G extends v {
|
|
365
365
|
constructor(e) {
|
|
366
|
-
super("use_dpop_nonce", "Server rejected DPoP proof: wrong nonce"), this.newDpopNonce = e, Object.setPrototypeOf(this,
|
|
366
|
+
super("use_dpop_nonce", "Server rejected DPoP proof: wrong nonce"), this.newDpopNonce = e, Object.setPrototypeOf(this, G.prototype);
|
|
367
367
|
}
|
|
368
368
|
}
|
|
369
|
-
function
|
|
369
|
+
function J(i, e = []) {
|
|
370
370
|
return i && !e.includes(i) ? i : "";
|
|
371
371
|
}
|
|
372
|
-
const
|
|
372
|
+
const X = () => window.crypto, R = () => {
|
|
373
373
|
const i = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.";
|
|
374
374
|
let e = "";
|
|
375
|
-
return Array.from(
|
|
376
|
-
},
|
|
377
|
-
const n =
|
|
375
|
+
return Array.from(X().getRandomValues(new Uint8Array(43))).forEach(((t) => e += i[t % i.length])), e;
|
|
376
|
+
}, M = (i) => btoa(i), Ee = [{ key: "name", type: ["string"] }, { key: "version", type: ["string", "number"] }, { key: "env", type: ["object"] }], Ne = (i) => Object.keys(i).reduce(((e, t) => {
|
|
377
|
+
const n = Ee.find(((o) => o.key === t));
|
|
378
378
|
return n && n.type.includes(typeof i[t]) && (e[t] = i[t]), e;
|
|
379
379
|
}), {}), B = (i) => {
|
|
380
380
|
var { clientId: e } = i, t = I(i, ["clientId"]);
|
|
381
381
|
return new URLSearchParams(((n) => Object.keys(n).filter(((o) => n[o] !== void 0)).reduce(((o, r) => Object.assign(Object.assign({}, o), { [r]: n[r] })), {}))(Object.assign({ client_id: e }, t))).toString();
|
|
382
|
-
},
|
|
382
|
+
}, de = async (i) => await X().subtle.digest({ name: "SHA-256" }, new TextEncoder().encode(i)), he = (i) => ((e) => decodeURIComponent(atob(e).split("").map(((t) => "%" + ("00" + t.charCodeAt(0).toString(16)).slice(-2))).join("")))(i.replace(/_/g, "/").replace(/-/g, "+")), le = (i) => {
|
|
383
383
|
const e = new Uint8Array(i);
|
|
384
384
|
return ((t) => {
|
|
385
385
|
const n = { "+": "-", "/": "_", "=": "" };
|
|
386
386
|
return t.replace(/[+/=]/g, ((o) => n[o]));
|
|
387
387
|
})(window.btoa(String.fromCharCode(...Array.from(e))));
|
|
388
|
-
},
|
|
389
|
-
function
|
|
390
|
-
return typeof i == "string" ?
|
|
388
|
+
}, Re = new TextEncoder(), De = new TextDecoder();
|
|
389
|
+
function L(i) {
|
|
390
|
+
return typeof i == "string" ? Re.encode(i) : De.decode(i);
|
|
391
391
|
}
|
|
392
|
-
function
|
|
393
|
-
if (typeof i.modulusLength != "number" || i.modulusLength < 2048) throw new
|
|
392
|
+
function pe(i) {
|
|
393
|
+
if (typeof i.modulusLength != "number" || i.modulusLength < 2048) throw new Le(`${i.name} modulusLength must be at least 2048 bits`);
|
|
394
394
|
}
|
|
395
|
-
async function
|
|
395
|
+
async function Ae(i, e, t) {
|
|
396
396
|
if (t.usages.includes("sign") === !1) throw new TypeError('private CryptoKey instances used for signing assertions must include "sign" in their "usages"');
|
|
397
|
-
const n = `${
|
|
398
|
-
return `${n}.${
|
|
397
|
+
const n = `${U(L(JSON.stringify(i)))}.${U(L(JSON.stringify(e)))}`;
|
|
398
|
+
return `${n}.${U(await crypto.subtle.sign((function(o) {
|
|
399
399
|
switch (o.algorithm.name) {
|
|
400
400
|
case "ECDSA":
|
|
401
401
|
return { name: o.algorithm.name, hash: "SHA-256" };
|
|
402
402
|
case "RSA-PSS":
|
|
403
|
-
return
|
|
403
|
+
return pe(o.algorithm), { name: o.algorithm.name, saltLength: 32 };
|
|
404
404
|
case "RSASSA-PKCS1-v1_5":
|
|
405
|
-
return
|
|
405
|
+
return pe(o.algorithm), { name: o.algorithm.name };
|
|
406
406
|
case "Ed25519":
|
|
407
407
|
return { name: o.algorithm.name };
|
|
408
408
|
}
|
|
409
409
|
throw new K();
|
|
410
|
-
})(t), t,
|
|
410
|
+
})(t), t, L(n)))}`;
|
|
411
411
|
}
|
|
412
412
|
let q;
|
|
413
413
|
Uint8Array.prototype.toBase64 ? q = (i) => (i instanceof ArrayBuffer && (i = new Uint8Array(i)), i.toBase64({ alphabet: "base64url", omitPadding: !0 })) : q = (e) => {
|
|
@@ -416,7 +416,7 @@ Uint8Array.prototype.toBase64 ? q = (i) => (i instanceof ArrayBuffer && (i = new
|
|
|
416
416
|
for (let n = 0; n < e.byteLength; n += 32768) t.push(String.fromCharCode.apply(null, e.subarray(n, n + 32768)));
|
|
417
417
|
return btoa(t.join("")).replace(/=/g, "").replace(/\+/g, "-").replace(/\//g, "_");
|
|
418
418
|
};
|
|
419
|
-
function
|
|
419
|
+
function U(i) {
|
|
420
420
|
return q(i);
|
|
421
421
|
}
|
|
422
422
|
class K extends Error {
|
|
@@ -425,13 +425,13 @@ class K extends Error {
|
|
|
425
425
|
super(e ?? "operation not supported"), this.name = this.constructor.name, (t = Error.captureStackTrace) === null || t === void 0 || t.call(Error, this, this.constructor);
|
|
426
426
|
}
|
|
427
427
|
}
|
|
428
|
-
class
|
|
428
|
+
class Le extends Error {
|
|
429
429
|
constructor(e) {
|
|
430
430
|
var t;
|
|
431
431
|
super(e), this.name = this.constructor.name, (t = Error.captureStackTrace) === null || t === void 0 || t.call(Error, this, this.constructor);
|
|
432
432
|
}
|
|
433
433
|
}
|
|
434
|
-
function
|
|
434
|
+
function Ue(i) {
|
|
435
435
|
switch (i.algorithm.name) {
|
|
436
436
|
case "RSA-PSS":
|
|
437
437
|
return (function(e) {
|
|
@@ -454,30 +454,30 @@ function Ae(i) {
|
|
|
454
454
|
throw new K("unsupported CryptoKey algorithm name");
|
|
455
455
|
}
|
|
456
456
|
}
|
|
457
|
-
function
|
|
457
|
+
function Se(i) {
|
|
458
458
|
return i instanceof CryptoKey;
|
|
459
459
|
}
|
|
460
|
-
function
|
|
461
|
-
return
|
|
460
|
+
function Ie(i) {
|
|
461
|
+
return Se(i) && i.type === "public";
|
|
462
462
|
}
|
|
463
|
-
async function
|
|
464
|
-
const a = i == null ? void 0 : i.privateKey,
|
|
465
|
-
if (!
|
|
463
|
+
async function Ze(i, e, t, n, o, r) {
|
|
464
|
+
const a = i == null ? void 0 : i.privateKey, l = i == null ? void 0 : i.publicKey;
|
|
465
|
+
if (!Se(u = a) || u.type !== "private") throw new TypeError('"keypair.privateKey" must be a private CryptoKey');
|
|
466
466
|
var u;
|
|
467
|
-
if (!
|
|
468
|
-
if (
|
|
467
|
+
if (!Ie(l)) throw new TypeError('"keypair.publicKey" must be a public CryptoKey');
|
|
468
|
+
if (l.extractable !== !0) throw new TypeError('"keypair.publicKey.extractable" must be true');
|
|
469
469
|
if (typeof e != "string") throw new TypeError('"htu" must be a string');
|
|
470
470
|
if (typeof t != "string") throw new TypeError('"htm" must be a string');
|
|
471
471
|
if (n !== void 0 && typeof n != "string") throw new TypeError('"nonce" must be a string or undefined');
|
|
472
472
|
if (o !== void 0 && typeof o != "string") throw new TypeError('"accessToken" must be a string or undefined');
|
|
473
|
-
return
|
|
473
|
+
return Ae({ alg: Ue(a), typ: "dpop+jwt", jwk: await Pe(l) }, Object.assign(Object.assign({}, r), { iat: Math.floor(Date.now() / 1e3), jti: crypto.randomUUID(), htm: t, nonce: n, htu: e, ath: o ? U(await crypto.subtle.digest("SHA-256", L(o))) : void 0 }), a);
|
|
474
474
|
}
|
|
475
|
-
async function
|
|
475
|
+
async function Pe(i) {
|
|
476
476
|
const { kty: e, e: t, n, x: o, y: r, crv: a } = await crypto.subtle.exportKey("jwk", i);
|
|
477
477
|
return { kty: e, crv: a, e: t, n, x: o, y: r };
|
|
478
478
|
}
|
|
479
|
-
const
|
|
480
|
-
function
|
|
479
|
+
const He = ["authorization_code", "refresh_token", "urn:ietf:params:oauth:grant-type:token-exchange"];
|
|
480
|
+
function We() {
|
|
481
481
|
return (async function(i, e) {
|
|
482
482
|
var t;
|
|
483
483
|
let n;
|
|
@@ -501,11 +501,11 @@ function Ze() {
|
|
|
501
501
|
return crypto.subtle.generateKey(n, (t = e == null ? void 0 : e.extractable) !== null && t !== void 0 && t, ["sign", "verify"]);
|
|
502
502
|
})("ES256", { extractable: !1 });
|
|
503
503
|
}
|
|
504
|
-
function
|
|
504
|
+
function Je(i) {
|
|
505
505
|
return (async function(e) {
|
|
506
|
-
if (!
|
|
506
|
+
if (!Ie(e)) throw new TypeError('"publicKey" must be a public CryptoKey');
|
|
507
507
|
if (e.extractable !== !0) throw new TypeError('"publicKey.extractable" must be true');
|
|
508
|
-
const t = await
|
|
508
|
+
const t = await Pe(e);
|
|
509
509
|
let n;
|
|
510
510
|
switch (t.kty) {
|
|
511
511
|
case "EC":
|
|
@@ -520,80 +520,80 @@ function He(i) {
|
|
|
520
520
|
default:
|
|
521
521
|
throw new K("unsupported JWK kty");
|
|
522
522
|
}
|
|
523
|
-
return
|
|
523
|
+
return U(await crypto.subtle.digest({ name: "SHA-256" }, L(JSON.stringify(n))));
|
|
524
524
|
})(i.publicKey);
|
|
525
525
|
}
|
|
526
|
-
function
|
|
526
|
+
function Xe({ keyPair: i, url: e, method: t, nonce: n, accessToken: o }) {
|
|
527
527
|
const r = (function(a) {
|
|
528
|
-
const
|
|
529
|
-
return
|
|
528
|
+
const l = new URL(a);
|
|
529
|
+
return l.search = "", l.hash = "", l.href;
|
|
530
530
|
})(e);
|
|
531
|
-
return
|
|
531
|
+
return Ze(i, r, t, n, o);
|
|
532
532
|
}
|
|
533
|
-
const
|
|
533
|
+
const Ve = async (i, e) => {
|
|
534
534
|
const t = await fetch(i, e);
|
|
535
535
|
return { ok: t.ok, json: await t.json(), headers: (n = t.headers, [...n].reduce(((o, [r, a]) => (o[r] = a, o)), {})) };
|
|
536
536
|
var n;
|
|
537
|
-
},
|
|
537
|
+
}, Fe = async (i, e, t) => {
|
|
538
538
|
const n = new AbortController();
|
|
539
539
|
let o;
|
|
540
|
-
return e.signal = n.signal, Promise.race([
|
|
540
|
+
return e.signal = n.signal, Promise.race([Ve(i, e), new Promise(((r, a) => {
|
|
541
541
|
o = setTimeout((() => {
|
|
542
542
|
n.abort(), a(new Error("Timeout when executing 'fetch'"));
|
|
543
543
|
}), t);
|
|
544
544
|
}))]).finally((() => {
|
|
545
545
|
clearTimeout(o);
|
|
546
546
|
}));
|
|
547
|
-
},
|
|
548
|
-
return u = { auth: { audience: e, scope: t }, timeout: o, fetchUrl: i, fetchOptions: n, useFormData: a, useMrrt:
|
|
549
|
-
const
|
|
550
|
-
|
|
551
|
-
|
|
552
|
-
}, p.postMessage(u, [
|
|
547
|
+
}, Ge = async (i, e, t, n, o, r, a, l) => {
|
|
548
|
+
return u = { auth: { audience: e, scope: t }, timeout: o, fetchUrl: i, fetchOptions: n, useFormData: a, useMrrt: l }, p = r, new Promise((function(s, c) {
|
|
549
|
+
const h = new MessageChannel();
|
|
550
|
+
h.port1.onmessage = function(d) {
|
|
551
|
+
d.data.error ? c(new Error(d.data.error)) : s(d.data), h.port1.close();
|
|
552
|
+
}, p.postMessage(u, [h.port2]);
|
|
553
553
|
}));
|
|
554
554
|
var u, p;
|
|
555
|
-
},
|
|
556
|
-
async function
|
|
555
|
+
}, Me = async (i, e, t, n, o, r, a = 1e4, l) => o ? Ge(i, e, t, n, a, o, r, l) : Fe(i, n, a);
|
|
556
|
+
async function Te(i, e, t, n, o, r, a, l, u, p) {
|
|
557
557
|
if (u) {
|
|
558
558
|
const w = await u.generateProof({ url: i, method: o.method || "GET", nonce: await u.getNonce() });
|
|
559
559
|
o.headers = Object.assign(Object.assign({}, o.headers), { dpop: w });
|
|
560
560
|
}
|
|
561
561
|
let s, c = null;
|
|
562
562
|
for (let w = 0; w < 3; w++) try {
|
|
563
|
-
s = await
|
|
563
|
+
s = await Me(i, t, n, o, r, a, e, l), c = null;
|
|
564
564
|
break;
|
|
565
|
-
} catch (
|
|
566
|
-
c =
|
|
565
|
+
} catch (g) {
|
|
566
|
+
c = g;
|
|
567
567
|
}
|
|
568
568
|
if (c) throw c;
|
|
569
|
-
const
|
|
569
|
+
const h = s.json, { error: d, error_description: m } = h, y = I(h, ["error", "error_description"]), { headers: f, ok: k } = s;
|
|
570
570
|
let b;
|
|
571
|
-
if (u && (b =
|
|
571
|
+
if (u && (b = f["dpop-nonce"], b && await u.setNonce(b)), !k) {
|
|
572
572
|
const w = m || `HTTP error. Unable to fetch ${i}`;
|
|
573
|
-
if (
|
|
574
|
-
if (
|
|
575
|
-
if (
|
|
576
|
-
if (!u || !b || p) throw new
|
|
577
|
-
return
|
|
573
|
+
if (d === "mfa_required") throw new se(d, w, y.mfa_token);
|
|
574
|
+
if (d === "missing_refresh_token") throw new F(t, n);
|
|
575
|
+
if (d === "use_dpop_nonce") {
|
|
576
|
+
if (!u || !b || p) throw new G(b);
|
|
577
|
+
return Te(i, e, t, n, o, r, a, l, u, !0);
|
|
578
578
|
}
|
|
579
|
-
throw new v(
|
|
579
|
+
throw new v(d || "request_error", w);
|
|
580
580
|
}
|
|
581
581
|
return y;
|
|
582
582
|
}
|
|
583
|
-
async function
|
|
584
|
-
var { baseUrl: t, timeout: n, audience: o, scope: r, auth0Client: a, useFormData:
|
|
585
|
-
const c = s.grant_type === "urn:ietf:params:oauth:grant-type:token-exchange",
|
|
586
|
-
var
|
|
587
|
-
return await
|
|
583
|
+
async function Ye(i, e) {
|
|
584
|
+
var { baseUrl: t, timeout: n, audience: o, scope: r, auth0Client: a, useFormData: l, useMrrt: u, dpop: p } = i, s = I(i, ["baseUrl", "timeout", "audience", "scope", "auth0Client", "useFormData", "useMrrt", "dpop"]);
|
|
585
|
+
const c = s.grant_type === "urn:ietf:params:oauth:grant-type:token-exchange", h = s.grant_type === "refresh_token" && u, d = Object.assign(Object.assign(Object.assign(Object.assign({}, s), c && o && { audience: o }), c && r && { scope: r }), h && { audience: o, scope: r }), m = l ? B(d) : JSON.stringify(d), y = (f = s.grant_type, He.includes(f));
|
|
586
|
+
var f;
|
|
587
|
+
return await Te(`${t}/oauth/token`, n, o || "default", r, { method: "POST", body: m, headers: { "Content-Type": l ? "application/x-www-form-urlencoded" : "application/json", "Auth0-Client": btoa(JSON.stringify(Ne(a || ve))) } }, e, l, u, y ? p : void 0);
|
|
588
588
|
}
|
|
589
|
-
const
|
|
589
|
+
const W = (...i) => {
|
|
590
590
|
return (e = i.filter(Boolean).join(" ").trim().split(/\s+/), Array.from(new Set(e))).join(" ");
|
|
591
591
|
var e;
|
|
592
|
-
},
|
|
592
|
+
}, H = (i, e, t) => {
|
|
593
593
|
let n;
|
|
594
|
-
return t && (n = i[t]), n || (n = i.default),
|
|
594
|
+
return t && (n = i[t]), n || (n = i.default), W(n, e);
|
|
595
595
|
};
|
|
596
|
-
class
|
|
596
|
+
class S {
|
|
597
597
|
constructor(e, t = "@@auth0spajs@@", n) {
|
|
598
598
|
this.prefix = t, this.suffix = n, this.clientId = e.clientId, this.scope = e.scope, this.audience = e.audience;
|
|
599
599
|
}
|
|
@@ -602,14 +602,14 @@ class _ {
|
|
|
602
602
|
}
|
|
603
603
|
static fromKey(e) {
|
|
604
604
|
const [t, n, o, r] = e.split("::");
|
|
605
|
-
return new
|
|
605
|
+
return new S({ clientId: n, scope: r, audience: o }, t);
|
|
606
606
|
}
|
|
607
607
|
static fromCacheEntry(e) {
|
|
608
608
|
const { scope: t, audience: n, client_id: o } = e;
|
|
609
|
-
return new
|
|
609
|
+
return new S({ scope: t, audience: n, clientId: o });
|
|
610
610
|
}
|
|
611
611
|
}
|
|
612
|
-
class
|
|
612
|
+
class $e {
|
|
613
613
|
set(e, t) {
|
|
614
614
|
localStorage.setItem(e, JSON.stringify(t));
|
|
615
615
|
}
|
|
@@ -628,7 +628,7 @@ class Me {
|
|
|
628
628
|
return Object.keys(window.localStorage).filter(((e) => e.startsWith("@@auth0spajs@@")));
|
|
629
629
|
}
|
|
630
630
|
}
|
|
631
|
-
class
|
|
631
|
+
class Oe {
|
|
632
632
|
constructor() {
|
|
633
633
|
this.enclosedCache = /* @__PURE__ */ (function() {
|
|
634
634
|
let e = {};
|
|
@@ -643,9 +643,9 @@ class Pe {
|
|
|
643
643
|
})();
|
|
644
644
|
}
|
|
645
645
|
}
|
|
646
|
-
class
|
|
646
|
+
class Be {
|
|
647
647
|
constructor(e, t, n) {
|
|
648
|
-
this.cache = e, this.keyManifest = t, this.nowProvider = n ||
|
|
648
|
+
this.cache = e, this.keyManifest = t, this.nowProvider = n || _e;
|
|
649
649
|
}
|
|
650
650
|
async setIdToken(e, t, n) {
|
|
651
651
|
var o;
|
|
@@ -667,10 +667,10 @@ class Ye {
|
|
|
667
667
|
const p = await this.getCacheKeys();
|
|
668
668
|
if (!p) return;
|
|
669
669
|
const s = this.matchExistingCacheKey(e, p);
|
|
670
|
-
if (s && (a = await this.cache.get(s)), !
|
|
670
|
+
if (s && (a = await this.cache.get(s)), !a && n && o !== "cache-only") return this.getEntryWithRefreshToken(e, p);
|
|
671
671
|
}
|
|
672
672
|
if (!a) return;
|
|
673
|
-
const
|
|
673
|
+
const l = await this.nowProvider(), u = Math.floor(l / 1e3);
|
|
674
674
|
return a.expiresAt - t < u ? a.body.refresh_token ? this.modifiedCachedEntry(a, e) : (await this.cache.remove(e.toKey()), void await ((r = this.keyManifest) === null || r === void 0 ? void 0 : r.remove(e.toKey()))) : a.body;
|
|
675
675
|
}
|
|
676
676
|
async modifiedCachedEntry(e, t) {
|
|
@@ -678,11 +678,11 @@ class Ye {
|
|
|
678
678
|
}
|
|
679
679
|
async set(e) {
|
|
680
680
|
var t;
|
|
681
|
-
const n = new
|
|
681
|
+
const n = new S({ clientId: e.client_id, scope: e.scope, audience: e.audience }), o = await this.wrapCacheEntry(e);
|
|
682
682
|
await this.cache.set(n.toKey(), o), await ((t = this.keyManifest) === null || t === void 0 ? void 0 : t.add(n.toKey()));
|
|
683
683
|
}
|
|
684
684
|
async remove(e, t, n) {
|
|
685
|
-
const o = new
|
|
685
|
+
const o = new S({ clientId: e, scope: n, audience: t });
|
|
686
686
|
await this.cache.remove(o.toKey());
|
|
687
687
|
}
|
|
688
688
|
async clear(e) {
|
|
@@ -701,19 +701,19 @@ class Ye {
|
|
|
701
701
|
return this.keyManifest ? (e = await this.keyManifest.get()) === null || e === void 0 ? void 0 : e.keys : this.cache.allKeys ? this.cache.allKeys() : void 0;
|
|
702
702
|
}
|
|
703
703
|
getIdTokenCacheKey(e) {
|
|
704
|
-
return new
|
|
704
|
+
return new S({ clientId: e }, "@@auth0spajs@@", "@@user@@").toKey();
|
|
705
705
|
}
|
|
706
706
|
matchExistingCacheKey(e, t) {
|
|
707
707
|
return t.filter(((n) => {
|
|
708
708
|
var o;
|
|
709
|
-
const r =
|
|
709
|
+
const r = S.fromKey(n), a = new Set(r.scope && r.scope.split(" ")), l = ((o = e.scope) === null || o === void 0 ? void 0 : o.split(" ")) || [], u = r.scope && l.reduce(((p, s) => p && a.has(s)), !0);
|
|
710
710
|
return r.prefix === "@@auth0spajs@@" && r.clientId === e.clientId && r.audience === e.audience && u;
|
|
711
711
|
}))[0];
|
|
712
712
|
}
|
|
713
713
|
async getEntryWithRefreshToken(e, t) {
|
|
714
714
|
var n;
|
|
715
715
|
for (const o of t) {
|
|
716
|
-
const r =
|
|
716
|
+
const r = S.fromKey(o);
|
|
717
717
|
if (r.prefix === "@@auth0spajs@@" && r.clientId === e.clientId) {
|
|
718
718
|
const a = await this.cache.get(o);
|
|
719
719
|
if (!((n = a == null ? void 0 : a.body) === null || n === void 0) && n.refresh_token) return this.modifiedCachedEntry(a, e);
|
|
@@ -726,13 +726,13 @@ class Ye {
|
|
|
726
726
|
if (o) for (const r of o) {
|
|
727
727
|
const a = await this.cache.get(r);
|
|
728
728
|
if (((n = a == null ? void 0 : a.body) === null || n === void 0 ? void 0 : n.refresh_token) === e) {
|
|
729
|
-
const
|
|
730
|
-
await this.set(
|
|
729
|
+
const l = Object.assign(Object.assign({}, a.body), { refresh_token: t });
|
|
730
|
+
await this.set(l);
|
|
731
731
|
}
|
|
732
732
|
}
|
|
733
733
|
}
|
|
734
734
|
}
|
|
735
|
-
class
|
|
735
|
+
class qe {
|
|
736
736
|
constructor(e, t, n) {
|
|
737
737
|
this.storage = e, this.clientId = t, this.cookieDomain = n, this.storageKey = `a0.spajs.txs.${this.clientId}`;
|
|
738
738
|
}
|
|
@@ -746,15 +746,15 @@ class $e {
|
|
|
746
746
|
this.storage.remove(this.storageKey, { cookieDomain: this.cookieDomain });
|
|
747
747
|
}
|
|
748
748
|
}
|
|
749
|
-
const
|
|
749
|
+
const D = (i) => typeof i == "number", Qe = ["iss", "aud", "exp", "nbf", "iat", "jti", "azp", "nonce", "auth_time", "at_hash", "c_hash", "acr", "amr", "sub_jwk", "cnf", "sip_from_tag", "sip_date", "sip_callid", "sip_cseq_num", "sip_via_branch", "orig", "dest", "mky", "events", "toe", "txn", "rph", "sid", "vot", "vtm"], et = (i) => {
|
|
750
750
|
if (!i.id_token) throw new Error("ID token is required but missing");
|
|
751
751
|
const e = ((r) => {
|
|
752
|
-
const a = r.split("."), [
|
|
753
|
-
if (a.length !== 3 || !
|
|
754
|
-
const s = JSON.parse(he(u)), c = { __raw: r },
|
|
755
|
-
return Object.keys(s).forEach(((
|
|
756
|
-
c[
|
|
757
|
-
})), { encoded: { header:
|
|
752
|
+
const a = r.split("."), [l, u, p] = a;
|
|
753
|
+
if (a.length !== 3 || !l || !u || !p) throw new Error("ID token could not be decoded");
|
|
754
|
+
const s = JSON.parse(he(u)), c = { __raw: r }, h = {};
|
|
755
|
+
return Object.keys(s).forEach(((d) => {
|
|
756
|
+
c[d] = s[d], Qe.includes(d) || (h[d] = s[d]);
|
|
757
|
+
})), { encoded: { header: l, payload: u, signature: p }, header: JSON.parse(he(l)), claims: c, user: h };
|
|
758
758
|
})(i.id_token);
|
|
759
759
|
if (!e.claims.iss) throw new Error("Issuer (iss) claim must be a string present in the ID token");
|
|
760
760
|
if (e.claims.iss !== i.iss) throw new Error(`Issuer (iss) claim mismatch in the ID token; expected "${i.iss}", found "${e.claims.iss}"`);
|
|
@@ -772,16 +772,16 @@ const R = (i) => typeof i == "number", Be = ["iss", "aud", "exp", "nbf", "iat",
|
|
|
772
772
|
if (!e.claims.nonce) throw new Error("Nonce (nonce) claim must be a string present in the ID token");
|
|
773
773
|
if (e.claims.nonce !== i.nonce) throw new Error(`Nonce (nonce) claim mismatch in the ID token; expected "${i.nonce}", found "${e.claims.nonce}"`);
|
|
774
774
|
}
|
|
775
|
-
if (i.max_age && !
|
|
776
|
-
if (e.claims.exp == null || !
|
|
777
|
-
if (!
|
|
775
|
+
if (i.max_age && !D(e.claims.auth_time)) throw new Error("Authentication Time (auth_time) claim must be a number present in the ID token when Max Age (max_age) is specified");
|
|
776
|
+
if (e.claims.exp == null || !D(e.claims.exp)) throw new Error("Expiration Time (exp) claim must be a number present in the ID token");
|
|
777
|
+
if (!D(e.claims.iat)) throw new Error("Issued At (iat) claim must be a number present in the ID token");
|
|
778
778
|
const t = i.leeway || 60, n = new Date(i.now || Date.now()), o = /* @__PURE__ */ new Date(0);
|
|
779
779
|
if (o.setUTCSeconds(e.claims.exp + t), n > o) throw new Error(`Expiration Time (exp) claim error in the ID token; current time (${n}) is after expiration time (${o})`);
|
|
780
|
-
if (e.claims.nbf != null &&
|
|
780
|
+
if (e.claims.nbf != null && D(e.claims.nbf)) {
|
|
781
781
|
const r = /* @__PURE__ */ new Date(0);
|
|
782
782
|
if (r.setUTCSeconds(e.claims.nbf - t), n < r) throw new Error(`Not Before time (nbf) claim in the ID token indicates that this token can't be used just yet. Current time (${n}) is before ${r}`);
|
|
783
783
|
}
|
|
784
|
-
if (e.claims.auth_time != null &&
|
|
784
|
+
if (e.claims.auth_time != null && D(e.claims.auth_time)) {
|
|
785
785
|
const r = /* @__PURE__ */ new Date(0);
|
|
786
786
|
if (r.setUTCSeconds(parseInt(e.claims.auth_time) + i.max_age + t), n > r) throw new Error(`Authentication Time (auth_time) claim in the ID token indicates that too much time has passed since the last end-user authentication. Current time (${n}) is after last auth at ${r}`);
|
|
787
787
|
}
|
|
@@ -802,7 +802,7 @@ const R = (i) => typeof i == "number", Be = ["iss", "aud", "exp", "nbf", "iat",
|
|
|
802
802
|
var x = ee((function(i, e) {
|
|
803
803
|
var t = C && C.__assign || function() {
|
|
804
804
|
return t = Object.assign || function(u) {
|
|
805
|
-
for (var p, s = 1, c = arguments.length; s < c; s++) for (var
|
|
805
|
+
for (var p, s = 1, c = arguments.length; s < c; s++) for (var h in p = arguments[s]) Object.prototype.hasOwnProperty.call(p, h) && (u[h] = p[h]);
|
|
806
806
|
return u;
|
|
807
807
|
}, t.apply(this, arguments);
|
|
808
808
|
};
|
|
@@ -814,18 +814,18 @@ var x = ee((function(i, e) {
|
|
|
814
814
|
function o(u, p, s) {
|
|
815
815
|
return encodeURIComponent(u).replace(/%(23|24|26|2B|5E|60|7C)/g, decodeURIComponent).replace(/\(/g, "%28").replace(/\)/g, "%29") + "=" + encodeURIComponent(p).replace(/%(23|24|26|2B|3A|3C|3E|3D|2F|3F|40|5B|5D|5E|60|7B|7D|7C)/g, decodeURIComponent) + (function(c) {
|
|
816
816
|
if (typeof c.expires == "number") {
|
|
817
|
-
var
|
|
818
|
-
|
|
817
|
+
var h = /* @__PURE__ */ new Date();
|
|
818
|
+
h.setMilliseconds(h.getMilliseconds() + 864e5 * c.expires), c.expires = h;
|
|
819
819
|
}
|
|
820
820
|
return n("Expires", c.expires ? c.expires.toUTCString() : "") + n("Domain", c.domain) + n("Path", c.path) + n("Secure", c.secure) + n("SameSite", c.sameSite);
|
|
821
821
|
})(s);
|
|
822
822
|
}
|
|
823
823
|
function r(u) {
|
|
824
|
-
for (var p = {}, s = u ? u.split("; ") : [], c = /(%[\dA-F]{2})+/gi,
|
|
825
|
-
var
|
|
824
|
+
for (var p = {}, s = u ? u.split("; ") : [], c = /(%[\dA-F]{2})+/gi, h = 0; h < s.length; h++) {
|
|
825
|
+
var d = s[h].split("="), m = d.slice(1).join("=");
|
|
826
826
|
m.charAt(0) === '"' && (m = m.slice(1, -1));
|
|
827
827
|
try {
|
|
828
|
-
p[
|
|
828
|
+
p[d[0].replace(c, decodeURIComponent)] = m.replace(c, decodeURIComponent);
|
|
829
829
|
} catch {
|
|
830
830
|
}
|
|
831
831
|
}
|
|
@@ -834,35 +834,35 @@ var x = ee((function(i, e) {
|
|
|
834
834
|
function a() {
|
|
835
835
|
return r(document.cookie);
|
|
836
836
|
}
|
|
837
|
-
function
|
|
837
|
+
function l(u, p, s) {
|
|
838
838
|
document.cookie = o(u, p, t({ path: "/" }, s));
|
|
839
839
|
}
|
|
840
840
|
e.__esModule = !0, e.encode = o, e.parse = r, e.getAll = a, e.get = function(u) {
|
|
841
841
|
return a()[u];
|
|
842
|
-
}, e.set =
|
|
843
|
-
|
|
842
|
+
}, e.set = l, e.remove = function(u, p) {
|
|
843
|
+
l(u, "", t(t({}, p), { expires: -1 }));
|
|
844
844
|
};
|
|
845
845
|
}));
|
|
846
846
|
Q(x), x.encode, x.parse, x.getAll;
|
|
847
|
-
var
|
|
847
|
+
var tt = x.get, Ce = x.set, je = x.remove;
|
|
848
848
|
const z = { get(i) {
|
|
849
|
-
const e =
|
|
849
|
+
const e = tt(i);
|
|
850
850
|
if (e !== void 0) return JSON.parse(e);
|
|
851
851
|
}, save(i, e, t) {
|
|
852
852
|
let n = {};
|
|
853
|
-
window.location.protocol === "https:" && (n = { secure: !0, sameSite: "none" }), t != null && t.daysUntilExpire && (n.expires = t.daysUntilExpire), t != null && t.cookieDomain && (n.domain = t.cookieDomain),
|
|
853
|
+
window.location.protocol === "https:" && (n = { secure: !0, sameSite: "none" }), t != null && t.daysUntilExpire && (n.expires = t.daysUntilExpire), t != null && t.cookieDomain && (n.domain = t.cookieDomain), Ce(i, JSON.stringify(e), n);
|
|
854
854
|
}, remove(i, e) {
|
|
855
855
|
let t = {};
|
|
856
|
-
e != null && e.cookieDomain && (t.domain = e.cookieDomain),
|
|
857
|
-
} },
|
|
856
|
+
e != null && e.cookieDomain && (t.domain = e.cookieDomain), je(i, t);
|
|
857
|
+
} }, nt = { get(i) {
|
|
858
858
|
return z.get(i) || z.get(`_legacy_${i}`);
|
|
859
859
|
}, save(i, e, t) {
|
|
860
860
|
let n = {};
|
|
861
|
-
window.location.protocol === "https:" && (n = { secure: !0 }), t != null && t.daysUntilExpire && (n.expires = t.daysUntilExpire), t != null && t.cookieDomain && (n.domain = t.cookieDomain),
|
|
861
|
+
window.location.protocol === "https:" && (n = { secure: !0 }), t != null && t.daysUntilExpire && (n.expires = t.daysUntilExpire), t != null && t.cookieDomain && (n.domain = t.cookieDomain), Ce(`_legacy_${i}`, JSON.stringify(e), n), z.save(i, e, t);
|
|
862
862
|
}, remove(i, e) {
|
|
863
863
|
let t = {};
|
|
864
|
-
e != null && e.cookieDomain && (t.domain = e.cookieDomain),
|
|
865
|
-
} },
|
|
864
|
+
e != null && e.cookieDomain && (t.domain = e.cookieDomain), je(i, t), z.remove(i, e), z.remove(`_legacy_${i}`, e);
|
|
865
|
+
} }, ot = { get(i) {
|
|
866
866
|
if (typeof sessionStorage > "u") return;
|
|
867
867
|
const e = sessionStorage.getItem(i);
|
|
868
868
|
return e != null ? JSON.parse(e) : void 0;
|
|
@@ -875,23 +875,26 @@ var j;
|
|
|
875
875
|
(function(i) {
|
|
876
876
|
i.Code = "code", i.ConnectCode = "connect_code";
|
|
877
877
|
})(j || (j = {}));
|
|
878
|
-
function
|
|
878
|
+
function it(i, e, t) {
|
|
879
879
|
var n = e === void 0 ? null : e, o = (function(u, p) {
|
|
880
880
|
var s = atob(u);
|
|
881
881
|
if (p) {
|
|
882
|
-
for (var c = new Uint8Array(s.length),
|
|
882
|
+
for (var c = new Uint8Array(s.length), h = 0, d = s.length; h < d; ++h) c[h] = s.charCodeAt(h);
|
|
883
883
|
return String.fromCharCode.apply(null, new Uint16Array(c.buffer));
|
|
884
884
|
}
|
|
885
885
|
return s;
|
|
886
886
|
})(i, t !== void 0 && t), r = o.indexOf(`
|
|
887
|
-
`, 10) + 1, a = o.substring(r) + (n ? "//# sourceMappingURL=" + n : ""),
|
|
888
|
-
return URL.createObjectURL(
|
|
887
|
+
`, 10) + 1, a = o.substring(r) + (n ? "//# sourceMappingURL=" + n : ""), l = new Blob([a], { type: "application/javascript" });
|
|
888
|
+
return URL.createObjectURL(l);
|
|
889
889
|
}
|
|
890
|
-
var
|
|
891
|
-
return
|
|
890
|
+
var me, fe, ge, Y, rt = (me = "Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwohZnVuY3Rpb24oKXsidXNlIHN0cmljdCI7Y2xhc3MgZSBleHRlbmRzIEVycm9ye2NvbnN0cnVjdG9yKHQscil7c3VwZXIociksdGhpcy5lcnJvcj10LHRoaXMuZXJyb3JfZGVzY3JpcHRpb249cixPYmplY3Quc2V0UHJvdG90eXBlT2YodGhpcyxlLnByb3RvdHlwZSl9c3RhdGljIGZyb21QYXlsb2FkKHtlcnJvcjp0LGVycm9yX2Rlc2NyaXB0aW9uOnJ9KXtyZXR1cm4gbmV3IGUodCxyKX19Y2xhc3MgdCBleHRlbmRzIGV7Y29uc3RydWN0b3IoZSxzKXtzdXBlcigibWlzc2luZ19yZWZyZXNoX3Rva2VuIixgTWlzc2luZyBSZWZyZXNoIFRva2VuIChhdWRpZW5jZTogJyR7cihlLFsiZGVmYXVsdCJdKX0nLCBzY29wZTogJyR7cihzKX0nKWApLHRoaXMuYXVkaWVuY2U9ZSx0aGlzLnNjb3BlPXMsT2JqZWN0LnNldFByb3RvdHlwZU9mKHRoaXMsdC5wcm90b3R5cGUpfX1mdW5jdGlvbiByKGUsdD1bXSl7cmV0dXJuIGUmJiF0LmluY2x1ZGVzKGUpP2U6IiJ9ImZ1bmN0aW9uIj09dHlwZW9mIFN1cHByZXNzZWRFcnJvciYmU3VwcHJlc3NlZEVycm9yO2NvbnN0IHM9ZT0+e3ZhcntjbGllbnRJZDp0fT1lLHI9ZnVuY3Rpb24oZSx0KXt2YXIgcj17fTtmb3IodmFyIHMgaW4gZSlPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoZSxzKSYmdC5pbmRleE9mKHMpPDAmJihyW3NdPWVbc10pO2lmKG51bGwhPWUmJiJmdW5jdGlvbiI9PXR5cGVvZiBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzKXt2YXIgbz0wO2ZvcihzPU9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMoZSk7bzxzLmxlbmd0aDtvKyspdC5pbmRleE9mKHNbb10pPDAmJk9iamVjdC5wcm90b3R5cGUucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChlLHNbb10pJiYocltzW29dXT1lW3Nbb11dKX1yZXR1cm4gcn0oZSxbImNsaWVudElkIl0pO3JldHVybiBuZXcgVVJMU2VhcmNoUGFyYW1zKChlPT5PYmplY3Qua2V5cyhlKS5maWx0ZXIoKHQ9PnZvaWQgMCE9PWVbdF0pKS5yZWR1Y2UoKCh0LHIpPT5PYmplY3QuYXNzaWduKE9iamVjdC5hc3NpZ24oe30sdCkse1tyXTplW3JdfSkpLHt9KSkoT2JqZWN0LmFzc2lnbih7Y2xpZW50X2lkOnR9LHIpKSkudG9TdHJpbmcoKX07bGV0IG89e307Y29uc3Qgbj0oZSx0KT0+YCR7ZX18JHt0fWA7YWRkRXZlbnRMaXN0ZW5lcigibWVzc2FnZSIsKGFzeW5jKHtkYXRhOnt0aW1lb3V0OmUsYXV0aDpyLGZldGNoVXJsOmksZmV0Y2hPcHRpb25zOmMsdXNlRm9ybURhdGE6YSx1c2VNcnJ0OmZ9LHBvcnRzOltwXX0pPT57bGV0IGgsdSxsPXt9O2NvbnN0e2F1ZGllbmNlOmQsc2NvcGU6eX09cnx8e307dHJ5e2NvbnN0IHI9YT8oZT0+e2NvbnN0IHQ9bmV3IFVSTFNlYXJjaFBhcmFtcyhlKSxyPXt9O3JldHVybiB0LmZvckVhY2goKChlLHQpPT57clt0XT1lfSkpLHJ9KShjLmJvZHkpOkpTT04ucGFyc2UoYy5ib2R5KTtpZighci5yZWZyZXNoX3Rva2VuJiYicmVmcmVzaF90b2tlbiI9PT1yLmdyYW50X3R5cGUpe2lmKHU9KChlLHQpPT5vW24oZSx0KV0pKGQseSksIXUmJmYpe2NvbnN0IGU9by5sYXRlc3RfcmVmcmVzaF90b2tlbix0PSgoZSx0KT0+e2NvbnN0IHI9T2JqZWN0LmtleXMobykuZmluZCgocj0+e2lmKCJsYXRlc3RfcmVmcmVzaF90b2tlbiIhPT1yKXtjb25zdCBzPSgoZSx0KT0+dC5zdGFydHNXaXRoKGAke2V9fGApKSh0LHIpLG89ci5zcGxpdCgifCIpWzFdLnNwbGl0KCIgIiksbj1lLnNwbGl0KCIgIikuZXZlcnkoKGU9Pm8uaW5jbHVkZXMoZSkpKTtyZXR1cm4gcyYmbn19KSk7cmV0dXJuISFyfSkoeSxkKTtlJiYhdCYmKHU9ZSl9aWYoIXUpdGhyb3cgbmV3IHQoZCx5KTtjLmJvZHk9YT9zKE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSxyKSx7cmVmcmVzaF90b2tlbjp1fSkpOkpTT04uc3RyaW5naWZ5KE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSxyKSx7cmVmcmVzaF90b2tlbjp1fSkpfWxldCBqLGs7ImZ1bmN0aW9uIj09dHlwZW9mIEFib3J0Q29udHJvbGxlciYmKGo9bmV3IEFib3J0Q29udHJvbGxlcixjLnNpZ25hbD1qLnNpZ25hbCk7dHJ5e2s9YXdhaXQgUHJvbWlzZS5yYWNlKFsoXz1lLG5ldyBQcm9taXNlKChlPT5zZXRUaW1lb3V0KGUsXykpKSksZmV0Y2goaSxPYmplY3QuYXNzaWduKHt9LGMpKV0pfWNhdGNoKGUpe3JldHVybiB2b2lkIHAucG9zdE1lc3NhZ2Uoe2Vycm9yOmUubWVzc2FnZX0pfWlmKCFrKXJldHVybiBqJiZqLmFib3J0KCksdm9pZCBwLnBvc3RNZXNzYWdlKHtlcnJvcjoiVGltZW91dCB3aGVuIGV4ZWN1dGluZyAnZmV0Y2gnIn0pO2c9ay5oZWFkZXJzLGw9Wy4uLmddLnJlZHVjZSgoKGUsW3Qscl0pPT4oZVt0XT1yLGUpKSx7fSksaD1hd2FpdCBrLmpzb24oKSxoLnJlZnJlc2hfdG9rZW4/KGYmJihvLmxhdGVzdF9yZWZyZXNoX3Rva2VuPWgucmVmcmVzaF90b2tlbixPPXUsYj1oLnJlZnJlc2hfdG9rZW4sT2JqZWN0LmVudHJpZXMobykuZm9yRWFjaCgoKFtlLHRdKT0+e3Q9PT1PJiYob1tlXT1iKX0pKSksKChlLHQscik9PntvW24odCxyKV09ZX0pKGgucmVmcmVzaF90b2tlbixkLHkpLGRlbGV0ZSBoLnJlZnJlc2hfdG9rZW4pOigoZSx0KT0+e2RlbGV0ZSBvW24oZSx0KV19KShkLHkpLHAucG9zdE1lc3NhZ2Uoe29rOmsub2ssanNvbjpoLGhlYWRlcnM6bH0pfWNhdGNoKGUpe3AucG9zdE1lc3NhZ2Uoe29rOiExLGpzb246e2Vycm9yOmUuZXJyb3IsZXJyb3JfZGVzY3JpcHRpb246ZS5tZXNzYWdlfSxoZWFkZXJzOmx9KX12YXIgTyxiLGcsX30pKX0oKTsKCg==", fe = null, ge = !1, function(i) {
|
|
891
|
+
return Y = Y || it(me, fe, ge), new Worker(Y, i);
|
|
892
892
|
});
|
|
893
|
-
const
|
|
894
|
-
|
|
893
|
+
const $ = {}, ye = async (i, e = 3) => {
|
|
894
|
+
for (let t = 0; t < e; t++) if (await i()) return !0;
|
|
895
|
+
return !1;
|
|
896
|
+
};
|
|
897
|
+
class st {
|
|
895
898
|
constructor(e, t) {
|
|
896
899
|
this.cache = e, this.clientId = t, this.manifestKey = this.createManifestKeyFrom(this.clientId);
|
|
897
900
|
}
|
|
@@ -917,14 +920,14 @@ class it {
|
|
|
917
920
|
return `@@auth0spajs@@::${e}`;
|
|
918
921
|
}
|
|
919
922
|
}
|
|
920
|
-
const
|
|
923
|
+
const at = { memory: () => new Oe().enclosedCache, localstorage: () => new $e() }, we = (i) => at[i], be = (i) => {
|
|
921
924
|
const { openUrl: e, onRedirect: t } = i, n = I(i, ["openUrl", "onRedirect"]);
|
|
922
925
|
return Object.assign(Object.assign({}, n), { openUrl: e === !1 || e ? e : t });
|
|
923
|
-
},
|
|
926
|
+
}, ke = (i, e) => {
|
|
924
927
|
const t = (e == null ? void 0 : e.split(" ")) || [];
|
|
925
928
|
return ((i == null ? void 0 : i.split(" ")) || []).every(((n) => t.includes(n)));
|
|
926
929
|
}, T = { NONCE: "nonce", KEYPAIR: "keypair" };
|
|
927
|
-
class
|
|
930
|
+
class ct {
|
|
928
931
|
constructor(e) {
|
|
929
932
|
this.clientId = e;
|
|
930
933
|
}
|
|
@@ -982,9 +985,9 @@ class st {
|
|
|
982
985
|
return this.deleteByClientId(T.KEYPAIR, this.clientId);
|
|
983
986
|
}
|
|
984
987
|
}
|
|
985
|
-
class
|
|
988
|
+
class ut {
|
|
986
989
|
constructor(e) {
|
|
987
|
-
this.storage = new
|
|
990
|
+
this.storage = new ct(e);
|
|
988
991
|
}
|
|
989
992
|
getNonce(e) {
|
|
990
993
|
return this.storage.findNonce(e);
|
|
@@ -994,14 +997,14 @@ class at {
|
|
|
994
997
|
}
|
|
995
998
|
async getOrGenerateKeyPair() {
|
|
996
999
|
let e = await this.storage.findKeyPair();
|
|
997
|
-
return e || (e = await
|
|
1000
|
+
return e || (e = await We(), await this.storage.setKeyPair(e)), e;
|
|
998
1001
|
}
|
|
999
1002
|
async generateProof(e) {
|
|
1000
1003
|
const t = await this.getOrGenerateKeyPair();
|
|
1001
|
-
return
|
|
1004
|
+
return Xe(Object.assign({ keyPair: t }, e));
|
|
1002
1005
|
}
|
|
1003
1006
|
async calculateThumbprint() {
|
|
1004
|
-
return
|
|
1007
|
+
return Je(await this.getOrGenerateKeyPair());
|
|
1005
1008
|
}
|
|
1006
1009
|
async clear() {
|
|
1007
1010
|
await Promise.all([this.storage.clearNonces(), this.storage.clearKeyPairs()]);
|
|
@@ -1011,7 +1014,7 @@ var E;
|
|
|
1011
1014
|
(function(i) {
|
|
1012
1015
|
i.Bearer = "Bearer", i.DPoP = "DPoP";
|
|
1013
1016
|
})(E || (E = {}));
|
|
1014
|
-
class
|
|
1017
|
+
class dt {
|
|
1015
1018
|
constructor(e, t) {
|
|
1016
1019
|
this.hooks = t, this.config = Object.assign(Object.assign({}, e), { fetch: e.fetch || (typeof window > "u" ? fetch : window.fetch.bind(window)) });
|
|
1017
1020
|
}
|
|
@@ -1060,7 +1063,7 @@ class ct {
|
|
|
1060
1063
|
async handleResponse(e, t) {
|
|
1061
1064
|
const n = this.getHeader(e.headers, "dpop-nonce");
|
|
1062
1065
|
if (n && await this.hooks.setDpopNonce(n), !this.hasUseDpopNonceError(e)) return e;
|
|
1063
|
-
if (!n || !t.onUseDpopNonceError) throw new
|
|
1066
|
+
if (!n || !t.onUseDpopNonceError) throw new G(n);
|
|
1064
1067
|
return t.onUseDpopNonceError();
|
|
1065
1068
|
}
|
|
1066
1069
|
async internalFetchWithAuth(e, t, n, o) {
|
|
@@ -1074,7 +1077,7 @@ class ct {
|
|
|
1074
1077
|
return this.internalFetchWithAuth(e, t, o, n);
|
|
1075
1078
|
}
|
|
1076
1079
|
}
|
|
1077
|
-
class
|
|
1080
|
+
class ht {
|
|
1078
1081
|
constructor(e, t) {
|
|
1079
1082
|
this.myAccountFetcher = e, this.apiBase = t;
|
|
1080
1083
|
}
|
|
@@ -1091,51 +1094,51 @@ class ut {
|
|
|
1091
1094
|
try {
|
|
1092
1095
|
t = await e.text(), t = JSON.parse(t);
|
|
1093
1096
|
} catch (n) {
|
|
1094
|
-
throw new
|
|
1097
|
+
throw new V({ type: "invalid_json", status: e.status, title: "Invalid JSON response", detail: t || String(n) });
|
|
1095
1098
|
}
|
|
1096
1099
|
if (e.ok) return t;
|
|
1097
|
-
throw new
|
|
1100
|
+
throw new V(t);
|
|
1098
1101
|
}
|
|
1099
1102
|
}
|
|
1100
|
-
class
|
|
1103
|
+
class V extends Error {
|
|
1101
1104
|
constructor({ type: e, status: t, title: n, detail: o, validation_errors: r }) {
|
|
1102
|
-
super(o), this.name = "MyAccountApiError", this.type = e, this.status = t, this.title = n, this.detail = o, this.validation_errors = r, Object.setPrototypeOf(this,
|
|
1105
|
+
super(o), this.name = "MyAccountApiError", this.type = e, this.status = t, this.title = n, this.detail = o, this.validation_errors = r, Object.setPrototypeOf(this, V.prototype);
|
|
1103
1106
|
}
|
|
1104
1107
|
}
|
|
1105
|
-
const
|
|
1106
|
-
class
|
|
1108
|
+
const A = new xe();
|
|
1109
|
+
class lt {
|
|
1107
1110
|
constructor(e) {
|
|
1108
1111
|
let t, n;
|
|
1109
|
-
if (this.userCache = new
|
|
1112
|
+
if (this.userCache = new Oe().enclosedCache, this.activeLockKeys = /* @__PURE__ */ new Set(), this.defaultOptions = { authorizationParams: { scope: "openid profile email" }, useRefreshTokensFallback: !1, useFormData: !0 }, this._releaseLockOnPageHide = async () => {
|
|
1110
1113
|
const u = Array.from(this.activeLockKeys);
|
|
1111
|
-
for (const p of u) await
|
|
1114
|
+
for (const p of u) await A.releaseLock(p);
|
|
1112
1115
|
this.activeLockKeys.clear(), window.removeEventListener("pagehide", this._releaseLockOnPageHide);
|
|
1113
1116
|
}, this.options = Object.assign(Object.assign(Object.assign({}, this.defaultOptions), e), { authorizationParams: Object.assign(Object.assign({}, this.defaultOptions.authorizationParams), e.authorizationParams) }), typeof window < "u" && (() => {
|
|
1114
|
-
if (!
|
|
1115
|
-
if (
|
|
1117
|
+
if (!X()) throw new Error("For security reasons, `window.crypto` is required to run `auth0-spa-js`.");
|
|
1118
|
+
if (X().subtle === void 0) throw new Error(`
|
|
1116
1119
|
auth0-spa-js must run on a secure origin. See https://github.com/auth0/auth0-spa-js/blob/main/FAQ.md#why-do-i-get-auth0-spa-js-must-run-on-a-secure-origin for more information.
|
|
1117
1120
|
`);
|
|
1118
1121
|
})(), e.cache && e.cacheLocation && console.warn("Both `cache` and `cacheLocation` options have been specified in the Auth0Client configuration; ignoring `cacheLocation` and using `cache`."), e.cache) n = e.cache;
|
|
1119
1122
|
else {
|
|
1120
|
-
if (t = e.cacheLocation || "memory", !
|
|
1121
|
-
n =
|
|
1123
|
+
if (t = e.cacheLocation || "memory", !we(t)) throw new Error(`Invalid cache location "${t}"`);
|
|
1124
|
+
n = we(t)();
|
|
1122
1125
|
}
|
|
1123
|
-
this.httpTimeoutMs = e.httpTimeoutInSeconds ? 1e3 * e.httpTimeoutInSeconds : 1e4, this.cookieStorage = e.legacySameSiteCookie === !1 ? z :
|
|
1124
|
-
const o = e.useCookiesForTransactions ? this.cookieStorage :
|
|
1126
|
+
this.httpTimeoutMs = e.httpTimeoutInSeconds ? 1e3 * e.httpTimeoutInSeconds : 1e4, this.cookieStorage = e.legacySameSiteCookie === !1 ? z : nt, this.orgHintCookieName = `auth0.${this.options.clientId}.organization_hint`, this.isAuthenticatedCookieName = ((u) => `auth0.${u}.is.authenticated`)(this.options.clientId), this.sessionCheckExpiryDays = e.sessionCheckExpiryDays || 1;
|
|
1127
|
+
const o = e.useCookiesForTransactions ? this.cookieStorage : ot;
|
|
1125
1128
|
var r;
|
|
1126
1129
|
this.scope = ((u, p, ...s) => {
|
|
1127
|
-
if (typeof u != "object") return { default:
|
|
1128
|
-
let c = { default:
|
|
1129
|
-
return Object.keys(u).forEach(((
|
|
1130
|
-
const
|
|
1131
|
-
c[
|
|
1130
|
+
if (typeof u != "object") return { default: W(p, u, ...s) };
|
|
1131
|
+
let c = { default: W(p, ...s) };
|
|
1132
|
+
return Object.keys(u).forEach(((h) => {
|
|
1133
|
+
const d = u[h];
|
|
1134
|
+
c[h] = W(p, d, ...s);
|
|
1132
1135
|
})), c;
|
|
1133
|
-
})(this.options.authorizationParams.scope, "openid", this.options.useRefreshTokens ? "offline_access" : ""), this.transactionManager = new
|
|
1134
|
-
const a = `${this.domainUrl}/me/`,
|
|
1135
|
-
this.myAccountApi = new
|
|
1136
|
+
})(this.options.authorizationParams.scope, "openid", this.options.useRefreshTokens ? "offline_access" : ""), this.transactionManager = new qe(o, this.options.clientId, this.options.cookieDomain), this.nowProvider = this.options.nowProvider || _e, this.cacheManager = new Be(n, n.allKeys ? void 0 : new st(n, this.options.clientId), this.nowProvider), this.dpop = this.options.useDpop ? new ut(this.options.clientId) : void 0, this.domainUrl = (r = this.options.domain, /^https?:\/\//.test(r) ? r : `https://${r}`), this.tokenIssuer = ((u, p) => u ? u.startsWith("https://") ? u : `https://${u}/` : `${p}/`)(this.options.issuer, this.domainUrl);
|
|
1137
|
+
const a = `${this.domainUrl}/me/`, l = this.createFetcher(Object.assign(Object.assign({}, this.options.useDpop && { dpopNonceId: "__auth0_my_account_api__" }), { getAccessToken: () => this.getTokenSilently({ authorizationParams: { scope: "create:me:connected_accounts", audience: a }, detailedResponse: !0 }) }));
|
|
1138
|
+
this.myAccountApi = new ht(l, a), typeof window < "u" && window.Worker && this.options.useRefreshTokens && t === "memory" && (this.options.workerUrl ? this.worker = new Worker(this.options.workerUrl) : this.worker = new rt());
|
|
1136
1139
|
}
|
|
1137
1140
|
_url(e) {
|
|
1138
|
-
const t = encodeURIComponent(btoa(JSON.stringify(this.options.auth0Client ||
|
|
1141
|
+
const t = encodeURIComponent(btoa(JSON.stringify(this.options.auth0Client || ve)));
|
|
1139
1142
|
return `${this.domainUrl}${e}&auth0Client=${t}`;
|
|
1140
1143
|
}
|
|
1141
1144
|
_authorizeUrl(e) {
|
|
@@ -1143,7 +1146,7 @@ class ht {
|
|
|
1143
1146
|
}
|
|
1144
1147
|
async _verifyIdToken(e, t, n) {
|
|
1145
1148
|
const o = await this.nowProvider();
|
|
1146
|
-
return
|
|
1149
|
+
return et({ iss: this.tokenIssuer, aud: this.options.clientId, id_token: e, nonce: t, organization: n, leeway: this.options.leeway, max_age: (r = this.options.authorizationParams.max_age, typeof r != "string" ? r : parseInt(r, 10) || void 0), now: o });
|
|
1147
1150
|
var r;
|
|
1148
1151
|
}
|
|
1149
1152
|
_processOrgHint(e) {
|
|
@@ -1151,28 +1154,28 @@ class ht {
|
|
|
1151
1154
|
}
|
|
1152
1155
|
async _prepareAuthorizeUrl(e, t, n) {
|
|
1153
1156
|
var o;
|
|
1154
|
-
const r =
|
|
1155
|
-
return { nonce: a, code_verifier:
|
|
1157
|
+
const r = M(R()), a = M(R()), l = R(), u = await de(l), p = le(u), s = await ((o = this.dpop) === null || o === void 0 ? void 0 : o.calculateThumbprint()), c = ((d, m, y, f, k, b, w, g, _) => Object.assign(Object.assign(Object.assign({ client_id: d.clientId }, d.authorizationParams), y), { scope: H(m, y.scope, y.audience), response_type: "code", response_mode: g || "query", state: f, nonce: k, redirect_uri: w || d.authorizationParams.redirect_uri, code_challenge: b, code_challenge_method: "S256", dpop_jkt: _ }))(this.options, this.scope, e, r, a, p, e.redirect_uri || this.options.authorizationParams.redirect_uri || n, t == null ? void 0 : t.response_mode, s), h = this._authorizeUrl(c);
|
|
1158
|
+
return { nonce: a, code_verifier: l, scope: c.scope, audience: c.audience || "default", redirect_uri: c.redirect_uri, state: r, url: h };
|
|
1156
1159
|
}
|
|
1157
1160
|
async loginWithPopup(e, t) {
|
|
1158
1161
|
var n;
|
|
1159
|
-
if (e = e || {}, !(t = t || {}).popup && (t.popup = ((
|
|
1162
|
+
if (e = e || {}, !(t = t || {}).popup && (t.popup = ((l) => {
|
|
1160
1163
|
const u = window.screenX + (window.innerWidth - 400) / 2, p = window.screenY + (window.innerHeight - 600) / 2;
|
|
1161
|
-
return window.open(
|
|
1164
|
+
return window.open(l, "auth0:authorize:popup", `left=${u},top=${p},width=400,height=600,resizable,scrollbars=yes,status=1`);
|
|
1162
1165
|
})(""), !t.popup)) throw new re();
|
|
1163
1166
|
const o = await this._prepareAuthorizeUrl(e.authorizationParams || {}, { response_mode: "web_message" }, window.location.origin);
|
|
1164
1167
|
t.popup.location.href = o.url;
|
|
1165
|
-
const r = await ((
|
|
1168
|
+
const r = await ((l) => new Promise(((u, p) => {
|
|
1166
1169
|
let s;
|
|
1167
1170
|
const c = setInterval((() => {
|
|
1168
|
-
|
|
1169
|
-
}), 1e3),
|
|
1170
|
-
clearInterval(c), p(new oe(
|
|
1171
|
-
}), 1e3 * (
|
|
1172
|
-
s = function(
|
|
1173
|
-
if (
|
|
1174
|
-
if (clearTimeout(
|
|
1175
|
-
u(
|
|
1171
|
+
l.popup && l.popup.closed && (clearInterval(c), clearTimeout(h), window.removeEventListener("message", s, !1), p(new ie(l.popup)));
|
|
1172
|
+
}), 1e3), h = setTimeout((() => {
|
|
1173
|
+
clearInterval(c), p(new oe(l.popup)), window.removeEventListener("message", s, !1);
|
|
1174
|
+
}), 1e3 * (l.timeoutInSeconds || 60));
|
|
1175
|
+
s = function(d) {
|
|
1176
|
+
if (d.data && d.data.type === "authorization_response") {
|
|
1177
|
+
if (clearTimeout(h), clearInterval(c), window.removeEventListener("message", s, !1), l.closePopup !== !1 && l.popup.close(), d.data.response.error) return p(v.fromPayload(d.data.response));
|
|
1178
|
+
u(d.data.response);
|
|
1176
1179
|
}
|
|
1177
1180
|
}, window.addEventListener("message", s);
|
|
1178
1181
|
})))(Object.assign(Object.assign({}, t), { timeoutInSeconds: t.timeoutInSeconds || this.options.authorizeTimeoutInSeconds || 60 }));
|
|
@@ -1192,10 +1195,10 @@ class ht {
|
|
|
1192
1195
|
}
|
|
1193
1196
|
async loginWithRedirect(e = {}) {
|
|
1194
1197
|
var t;
|
|
1195
|
-
const n =
|
|
1198
|
+
const n = be(e), { openUrl: o, fragment: r, appState: a } = n, l = I(n, ["openUrl", "fragment", "appState"]), u = ((t = l.authorizationParams) === null || t === void 0 ? void 0 : t.organization) || this.options.authorizationParams.organization, p = await this._prepareAuthorizeUrl(l.authorizationParams || {}), { url: s } = p, c = I(p, ["url"]);
|
|
1196
1199
|
this.transactionManager.create(Object.assign(Object.assign(Object.assign({}, c), { appState: a, response_type: j.Code }), u && { organization: u }));
|
|
1197
|
-
const
|
|
1198
|
-
o ? await o(
|
|
1200
|
+
const h = r ? `${s}#${r}` : s;
|
|
1201
|
+
o ? await o(h) : window.location.assign(h);
|
|
1199
1202
|
}
|
|
1200
1203
|
async handleRedirectCallback(e = window.location.href) {
|
|
1201
1204
|
const t = e.split("?").slice(1);
|
|
@@ -1214,16 +1217,16 @@ class ht {
|
|
|
1214
1217
|
const { code: n, state: o, error: r, error_description: a } = e;
|
|
1215
1218
|
if (r) throw new te(r, a || r, o, t.appState);
|
|
1216
1219
|
if (!t.code_verifier || t.state && t.state !== o) throw new v("state_mismatch", "Invalid state");
|
|
1217
|
-
const
|
|
1218
|
-
return await this._requestToken(Object.assign({ audience: t.audience, scope: t.scope, code_verifier: t.code_verifier, grant_type: "authorization_code", code: n }, p ? { redirect_uri: p } : {}), { nonceIn: u, organization:
|
|
1220
|
+
const l = t.organization, u = t.nonce, p = t.redirect_uri;
|
|
1221
|
+
return await this._requestToken(Object.assign({ audience: t.audience, scope: t.scope, code_verifier: t.code_verifier, grant_type: "authorization_code", code: n }, p ? { redirect_uri: p } : {}), { nonceIn: u, organization: l }), { appState: t.appState, response_type: j.Code };
|
|
1219
1222
|
}
|
|
1220
1223
|
async _handleConnectAccountRedirectCallback(e, t) {
|
|
1221
1224
|
const { connect_code: n, state: o, error: r, error_description: a } = e;
|
|
1222
1225
|
if (r) throw new ne(r, a || r, t.connection, o, t.appState);
|
|
1223
1226
|
if (!n) throw new v("missing_connect_code", "Missing connect code");
|
|
1224
1227
|
if (!(t.code_verifier && t.state && t.auth_session && t.redirect_uri && t.state === o)) throw new v("state_mismatch", "Invalid state");
|
|
1225
|
-
const
|
|
1226
|
-
return Object.assign(Object.assign({},
|
|
1228
|
+
const l = await this.myAccountApi.completeAccount({ auth_session: t.auth_session, connect_code: n, redirect_uri: t.redirect_uri, code_verifier: t.code_verifier });
|
|
1229
|
+
return Object.assign(Object.assign({}, l), { appState: t.appState, response_type: j.ConnectCode });
|
|
1227
1230
|
}
|
|
1228
1231
|
async checkSession(e) {
|
|
1229
1232
|
if (!this.cookieStorage.get(this.isAuthenticatedCookieName)) {
|
|
@@ -1237,43 +1240,40 @@ class ht {
|
|
|
1237
1240
|
}
|
|
1238
1241
|
async getTokenSilently(e = {}) {
|
|
1239
1242
|
var t, n;
|
|
1240
|
-
const o = Object.assign(Object.assign({ cacheMode: "on" }, e), { authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), e.authorizationParams), { scope:
|
|
1241
|
-
let u =
|
|
1243
|
+
const o = Object.assign(Object.assign({ cacheMode: "on" }, e), { authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), e.authorizationParams), { scope: H(this.scope, (t = e.authorizationParams) === null || t === void 0 ? void 0 : t.scope, ((n = e.authorizationParams) === null || n === void 0 ? void 0 : n.audience) || this.options.authorizationParams.audience) }) }), r = await ((a, l) => {
|
|
1244
|
+
let u = $[l];
|
|
1242
1245
|
return u || (u = a().finally((() => {
|
|
1243
|
-
delete
|
|
1244
|
-
})),
|
|
1246
|
+
delete $[l], u = null;
|
|
1247
|
+
})), $[l] = u), u;
|
|
1245
1248
|
})((() => this._getTokenSilently(o)), `${this.options.clientId}::${o.authorizationParams.audience}::${o.authorizationParams.scope}`);
|
|
1246
1249
|
return e.detailedResponse ? r : r == null ? void 0 : r.access_token;
|
|
1247
1250
|
}
|
|
1248
1251
|
async _getTokenSilently(e) {
|
|
1249
1252
|
const { cacheMode: t } = e, n = I(e, ["cacheMode"]);
|
|
1250
1253
|
if (t !== "off") {
|
|
1251
|
-
const
|
|
1252
|
-
if (
|
|
1254
|
+
const l = await this._getEntryFromCache({ scope: n.authorizationParams.scope, audience: n.authorizationParams.audience || "default", clientId: this.options.clientId, cacheMode: t });
|
|
1255
|
+
if (l) return l;
|
|
1253
1256
|
}
|
|
1254
1257
|
if (t === "cache-only") return;
|
|
1255
1258
|
const o = (r = this.options.clientId, a = n.authorizationParams.audience || "default", `auth0.lock.getTokenSilently.${r}.${a}`);
|
|
1256
1259
|
var r, a;
|
|
1257
|
-
if (!await (
|
|
1258
|
-
for (let p = 0; p < u; p++) if (await h()) return !0;
|
|
1259
|
-
return !1;
|
|
1260
|
-
})((() => $.acquireLock(o, 5e3)), 10)) throw new U();
|
|
1260
|
+
if (!await ye((() => A.acquireLock(o, 5e3)), 10)) throw new N();
|
|
1261
1261
|
this.activeLockKeys.add(o), this.activeLockKeys.size === 1 && window.addEventListener("pagehide", this._releaseLockOnPageHide);
|
|
1262
1262
|
try {
|
|
1263
1263
|
if (t !== "off") {
|
|
1264
|
-
const
|
|
1265
|
-
if (
|
|
1264
|
+
const d = await this._getEntryFromCache({ scope: n.authorizationParams.scope, audience: n.authorizationParams.audience || "default", clientId: this.options.clientId });
|
|
1265
|
+
if (d) return d;
|
|
1266
1266
|
}
|
|
1267
|
-
const
|
|
1268
|
-
return Object.assign(Object.assign({ id_token: u, token_type: p, access_token: s }, c ? { scope: c } : null), { expires_in:
|
|
1267
|
+
const l = this.options.useRefreshTokens ? await this._getTokenUsingRefreshToken(n) : await this._getTokenFromIFrame(n), { id_token: u, token_type: p, access_token: s, oauthTokenScope: c, expires_in: h } = l;
|
|
1268
|
+
return Object.assign(Object.assign({ id_token: u, token_type: p, access_token: s }, c ? { scope: c } : null), { expires_in: h });
|
|
1269
1269
|
} finally {
|
|
1270
|
-
await
|
|
1270
|
+
await A.releaseLock(o), this.activeLockKeys.delete(o), this.activeLockKeys.size === 0 && window.removeEventListener("pagehide", this._releaseLockOnPageHide);
|
|
1271
1271
|
}
|
|
1272
1272
|
}
|
|
1273
1273
|
async getTokenWithPopup(e = {}, t = {}) {
|
|
1274
1274
|
var n, o;
|
|
1275
|
-
const r = Object.assign(Object.assign({}, e), { authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), e.authorizationParams), { scope:
|
|
1276
|
-
return t = Object.assign(Object.assign({},
|
|
1275
|
+
const r = Object.assign(Object.assign({}, e), { authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), e.authorizationParams), { scope: H(this.scope, (n = e.authorizationParams) === null || n === void 0 ? void 0 : n.scope, ((o = e.authorizationParams) === null || o === void 0 ? void 0 : o.audience) || this.options.authorizationParams.audience) }) });
|
|
1276
|
+
return t = Object.assign(Object.assign({}, ze), t), await this.loginWithPopup(r, t), (await this.cacheManager.get(new S({ scope: r.authorizationParams.scope, audience: r.authorizationParams.audience || "default", clientId: this.options.clientId }), void 0, this.options.useMrrt)).access_token;
|
|
1277
1277
|
}
|
|
1278
1278
|
async isAuthenticated() {
|
|
1279
1279
|
return !!await this.getUser();
|
|
@@ -1285,70 +1285,74 @@ class ht {
|
|
|
1285
1285
|
}
|
|
1286
1286
|
async logout(e = {}) {
|
|
1287
1287
|
var t;
|
|
1288
|
-
const n =
|
|
1288
|
+
const n = be(e), { openUrl: o } = n, r = I(n, ["openUrl"]);
|
|
1289
1289
|
e.clientId === null ? await this.cacheManager.clear() : await this.cacheManager.clear(e.clientId || this.options.clientId), this.cookieStorage.remove(this.orgHintCookieName, { cookieDomain: this.options.cookieDomain }), this.cookieStorage.remove(this.isAuthenticatedCookieName, { cookieDomain: this.options.cookieDomain }), this.userCache.remove("@@user@@"), await ((t = this.dpop) === null || t === void 0 ? void 0 : t.clear());
|
|
1290
1290
|
const a = this._buildLogoutUrl(r);
|
|
1291
1291
|
o ? await o(a) : o !== !1 && window.location.assign(a);
|
|
1292
1292
|
}
|
|
1293
1293
|
async _getTokenFromIFrame(e) {
|
|
1294
|
-
const t =
|
|
1295
|
-
|
|
1296
|
-
const { url: o, state: r, nonce: a, code_verifier: h, redirect_uri: u, scope: p, audience: s } = await this._prepareAuthorizeUrl(t, { response_mode: "web_message" }, window.location.origin);
|
|
1294
|
+
const t = `auth0.lock.getTokenFromIFrame.${this.options.clientId}`;
|
|
1295
|
+
if (!await ye((() => A.acquireLock(t, 5e3)), 10)) throw new N();
|
|
1297
1296
|
try {
|
|
1297
|
+
const n = Object.assign(Object.assign({}, e.authorizationParams), { prompt: "none" }), o = this.cookieStorage.get(this.orgHintCookieName);
|
|
1298
|
+
o && !n.organization && (n.organization = o);
|
|
1299
|
+
const { url: r, state: a, nonce: l, code_verifier: u, redirect_uri: p, scope: s, audience: c } = await this._prepareAuthorizeUrl(n, { response_mode: "web_message" }, window.location.origin);
|
|
1298
1300
|
if (window.crossOriginIsolated) throw new v("login_required", "The application is running in a Cross-Origin Isolated context, silently retrieving a token without refresh token is not possible.");
|
|
1299
|
-
const
|
|
1301
|
+
const h = e.timeoutInSeconds || this.options.authorizeTimeoutInSeconds;
|
|
1300
1302
|
let d;
|
|
1301
1303
|
try {
|
|
1302
1304
|
d = new URL(this.domainUrl).origin;
|
|
1303
1305
|
} catch {
|
|
1304
1306
|
d = this.domainUrl;
|
|
1305
1307
|
}
|
|
1306
|
-
const
|
|
1307
|
-
const
|
|
1308
|
-
|
|
1309
|
-
const
|
|
1310
|
-
window.document.body.contains(
|
|
1308
|
+
const m = await ((f, k, b = 60) => new Promise(((w, g) => {
|
|
1309
|
+
const _ = window.document.createElement("iframe");
|
|
1310
|
+
_.setAttribute("width", "0"), _.setAttribute("height", "0"), _.style.display = "none";
|
|
1311
|
+
const ce = () => {
|
|
1312
|
+
window.document.body.contains(_) && (window.document.body.removeChild(_), window.removeEventListener("message", Z, !1));
|
|
1311
1313
|
};
|
|
1312
|
-
let
|
|
1313
|
-
const
|
|
1314
|
-
|
|
1315
|
-
}), 1e3 *
|
|
1316
|
-
|
|
1317
|
-
if (P.origin !=
|
|
1318
|
-
const
|
|
1319
|
-
|
|
1320
|
-
}, window.addEventListener("message",
|
|
1321
|
-
})))(
|
|
1322
|
-
if (
|
|
1323
|
-
const
|
|
1324
|
-
return Object.assign(Object.assign({},
|
|
1325
|
-
} catch (
|
|
1326
|
-
throw
|
|
1314
|
+
let Z;
|
|
1315
|
+
const Ke = setTimeout((() => {
|
|
1316
|
+
g(new N()), ce();
|
|
1317
|
+
}), 1e3 * b);
|
|
1318
|
+
Z = function(P) {
|
|
1319
|
+
if (P.origin != k || !P.data || P.data.type !== "authorization_response") return;
|
|
1320
|
+
const ue = P.source;
|
|
1321
|
+
ue && ue.close(), P.data.response.error ? g(v.fromPayload(P.data.response)) : w(P.data.response), clearTimeout(Ke), window.removeEventListener("message", Z, !1), setTimeout(ce, 2e3);
|
|
1322
|
+
}, window.addEventListener("message", Z, !1), window.document.body.appendChild(_), _.setAttribute("src", f);
|
|
1323
|
+
})))(r, d, h);
|
|
1324
|
+
if (a !== m.state) throw new v("state_mismatch", "Invalid state");
|
|
1325
|
+
const y = await this._requestToken(Object.assign(Object.assign({}, e.authorizationParams), { code_verifier: u, code: m.code, grant_type: "authorization_code", redirect_uri: p, timeout: e.authorizationParams.timeout || this.httpTimeoutMs }), { nonceIn: l, organization: n.organization });
|
|
1326
|
+
return Object.assign(Object.assign({}, y), { scope: s, oauthTokenScope: y.scope, audience: c });
|
|
1327
|
+
} catch (n) {
|
|
1328
|
+
throw n.error === "login_required" && this.logout({ openUrl: !1 }), n;
|
|
1329
|
+
} finally {
|
|
1330
|
+
await A.releaseLock(t);
|
|
1327
1331
|
}
|
|
1328
1332
|
}
|
|
1329
1333
|
async _getTokenUsingRefreshToken(e) {
|
|
1330
|
-
const t = await this.cacheManager.get(new
|
|
1334
|
+
const t = await this.cacheManager.get(new S({ scope: e.authorizationParams.scope, audience: e.authorizationParams.audience || "default", clientId: this.options.clientId }), void 0, this.options.useMrrt);
|
|
1331
1335
|
if (!(t && t.refresh_token || this.worker)) {
|
|
1332
1336
|
if (this.options.useRefreshTokensFallback) return await this._getTokenFromIFrame(e);
|
|
1333
|
-
throw new
|
|
1337
|
+
throw new F(e.authorizationParams.audience || "default", e.authorizationParams.scope);
|
|
1334
1338
|
}
|
|
1335
|
-
const n = e.authorizationParams.redirect_uri || this.options.authorizationParams.redirect_uri || window.location.origin, o = typeof e.timeoutInSeconds == "number" ? 1e3 * e.timeoutInSeconds : null, r = ((s, c,
|
|
1339
|
+
const n = e.authorizationParams.redirect_uri || this.options.authorizationParams.redirect_uri || window.location.origin, o = typeof e.timeoutInSeconds == "number" ? 1e3 * e.timeoutInSeconds : null, r = ((s, c, h, d) => {
|
|
1336
1340
|
var m;
|
|
1337
|
-
if (s &&
|
|
1338
|
-
if (c.audience !==
|
|
1339
|
-
const y =
|
|
1340
|
-
return y.length >=
|
|
1341
|
+
if (s && h && d) {
|
|
1342
|
+
if (c.audience !== h) return c.scope;
|
|
1343
|
+
const y = d.split(" "), f = ((m = c.scope) === null || m === void 0 ? void 0 : m.split(" ")) || [], k = f.every(((b) => y.includes(b)));
|
|
1344
|
+
return y.length >= f.length && k ? d : c.scope;
|
|
1341
1345
|
}
|
|
1342
1346
|
return c.scope;
|
|
1343
1347
|
})(this.options.useMrrt, e.authorizationParams, t == null ? void 0 : t.audience, t == null ? void 0 : t.scope);
|
|
1344
1348
|
try {
|
|
1345
1349
|
const s = await this._requestToken(Object.assign(Object.assign(Object.assign({}, e.authorizationParams), { grant_type: "refresh_token", refresh_token: t && t.refresh_token, redirect_uri: n }), o && { timeout: o }), { scopesToRequest: r });
|
|
1346
|
-
if (s.refresh_token &&
|
|
1350
|
+
if (s.refresh_token && (t != null && t.refresh_token) && await this.cacheManager.updateEntry(t.refresh_token, s.refresh_token), this.options.useMrrt && (a = t == null ? void 0 : t.audience, l = t == null ? void 0 : t.scope, u = e.authorizationParams.audience, p = e.authorizationParams.scope, (a !== u || !ke(p, l)) && !ke(r, s.scope))) {
|
|
1347
1351
|
if (this.options.useRefreshTokensFallback) return await this._getTokenFromIFrame(e);
|
|
1348
1352
|
await this.cacheManager.remove(this.options.clientId, e.authorizationParams.audience, e.authorizationParams.scope);
|
|
1349
|
-
const c = ((
|
|
1350
|
-
const m = (
|
|
1351
|
-
return m.filter(((
|
|
1353
|
+
const c = ((h, d) => {
|
|
1354
|
+
const m = (h == null ? void 0 : h.split(" ")) || [], y = (d == null ? void 0 : d.split(" ")) || [];
|
|
1355
|
+
return m.filter(((f) => y.indexOf(f) == -1)).join(",");
|
|
1352
1356
|
})(r, s.scope);
|
|
1353
1357
|
throw new ae(e.authorizationParams.audience || "default", c);
|
|
1354
1358
|
}
|
|
@@ -1357,29 +1361,34 @@ class ht {
|
|
|
1357
1361
|
if ((s.message.indexOf("Missing Refresh Token") > -1 || s.message && s.message.indexOf("invalid refresh token") > -1) && this.options.useRefreshTokensFallback) return await this._getTokenFromIFrame(e);
|
|
1358
1362
|
throw s;
|
|
1359
1363
|
}
|
|
1360
|
-
var a,
|
|
1364
|
+
var a, l, u, p;
|
|
1361
1365
|
}
|
|
1362
1366
|
async _saveEntryInCache(e) {
|
|
1363
1367
|
const { id_token: t, decodedToken: n } = e, o = I(e, ["id_token", "decodedToken"]);
|
|
1364
1368
|
this.userCache.set("@@user@@", { id_token: t, decodedToken: n }), await this.cacheManager.setIdToken(this.options.clientId, e.id_token, e.decodedToken), await this.cacheManager.set(o);
|
|
1365
1369
|
}
|
|
1366
1370
|
async _getIdTokenFromCache() {
|
|
1367
|
-
const e = this.options.authorizationParams.audience || "default", t = this.scope[e], n = await this.cacheManager.getIdToken(new
|
|
1371
|
+
const e = this.options.authorizationParams.audience || "default", t = this.scope[e], n = await this.cacheManager.getIdToken(new S({ clientId: this.options.clientId, audience: e, scope: t })), o = this.userCache.get("@@user@@");
|
|
1368
1372
|
return n && n.id_token === (o == null ? void 0 : o.id_token) ? o : (this.userCache.set("@@user@@", n), n);
|
|
1369
1373
|
}
|
|
1370
1374
|
async _getEntryFromCache({ scope: e, audience: t, clientId: n, cacheMode: o }) {
|
|
1371
|
-
const r = await this.cacheManager.get(new
|
|
1375
|
+
const r = await this.cacheManager.get(new S({ scope: e, audience: t, clientId: n }), 60, this.options.useMrrt, o);
|
|
1372
1376
|
if (r && r.access_token) {
|
|
1373
|
-
const { token_type: a, access_token:
|
|
1374
|
-
return s && Object.assign(Object.assign({ id_token: s.id_token, token_type: a || "Bearer", access_token:
|
|
1377
|
+
const { token_type: a, access_token: l, oauthTokenScope: u, expires_in: p } = r, s = await this._getIdTokenFromCache();
|
|
1378
|
+
return s && Object.assign(Object.assign({ id_token: s.id_token, token_type: a || "Bearer", access_token: l }, u ? { scope: u } : null), { expires_in: p });
|
|
1375
1379
|
}
|
|
1376
1380
|
}
|
|
1377
1381
|
async _requestToken(e, t) {
|
|
1378
|
-
|
|
1379
|
-
|
|
1382
|
+
var n, o;
|
|
1383
|
+
const { nonceIn: r, organization: a, scopesToRequest: l } = t || {}, u = await Ye(Object.assign(Object.assign({ baseUrl: this.domainUrl, client_id: this.options.clientId, auth0Client: this.options.auth0Client, useFormData: this.options.useFormData, timeout: this.httpTimeoutMs, useMrrt: this.options.useMrrt, dpop: this.dpop }, e), { scope: l || e.scope }), this.worker), p = await this._verifyIdToken(u.id_token, r, a);
|
|
1384
|
+
if (e.grant_type === "authorization_code") {
|
|
1385
|
+
const s = await this._getIdTokenFromCache();
|
|
1386
|
+
!((o = (n = s == null ? void 0 : s.decodedToken) === null || n === void 0 ? void 0 : n.claims) === null || o === void 0) && o.sub && s.decodedToken.claims.sub !== p.claims.sub && (await this.cacheManager.clear(this.options.clientId), this.userCache.remove("@@user@@"));
|
|
1387
|
+
}
|
|
1388
|
+
return await this._saveEntryInCache(Object.assign(Object.assign(Object.assign(Object.assign({}, u), { decodedToken: p, scope: e.scope, audience: e.audience || "default" }), u.scope ? { oauthTokenScope: u.scope } : null), { client_id: this.options.clientId })), this.cookieStorage.save(this.isAuthenticatedCookieName, !0, { daysUntilExpire: this.sessionCheckExpiryDays, cookieDomain: this.options.cookieDomain }), this._processOrgHint(a || p.claims.org_id), Object.assign(Object.assign({}, u), { decodedToken: p });
|
|
1380
1389
|
}
|
|
1381
1390
|
async exchangeToken(e) {
|
|
1382
|
-
return this._requestToken({ grant_type: "urn:ietf:params:oauth:grant-type:token-exchange", subject_token: e.subject_token, subject_token_type: e.subject_token_type, scope:
|
|
1391
|
+
return this._requestToken({ grant_type: "urn:ietf:params:oauth:grant-type:token-exchange", subject_token: e.subject_token, subject_token_type: e.subject_token_type, scope: H(this.scope, e.scope, e.audience || this.options.authorizationParams.audience), audience: e.audience || this.options.authorizationParams.audience, organization: e.organization || this.options.authorizationParams.organization });
|
|
1383
1392
|
}
|
|
1384
1393
|
_assertDpop(e) {
|
|
1385
1394
|
if (!e) throw new Error("`useDpop` option must be enabled before using DPoP.");
|
|
@@ -1394,36 +1403,36 @@ class ht {
|
|
|
1394
1403
|
return this._assertDpop(this.dpop), this.dpop.generateProof(e);
|
|
1395
1404
|
}
|
|
1396
1405
|
createFetcher(e = {}) {
|
|
1397
|
-
return new
|
|
1406
|
+
return new dt(e, { isDpopEnabled: () => !!this.options.useDpop, getAccessToken: (t) => {
|
|
1398
1407
|
var n;
|
|
1399
1408
|
return this.getTokenSilently({ authorizationParams: { scope: (n = t == null ? void 0 : t.scope) === null || n === void 0 ? void 0 : n.join(" "), audience: t == null ? void 0 : t.audience }, detailedResponse: !0 });
|
|
1400
1409
|
}, getDpopNonce: () => this.getDpopNonce(e.dpopNonceId), setDpopNonce: (t) => this.setDpopNonce(t, e.dpopNonceId), generateDpopProof: (t) => this.generateDpopProof(t) });
|
|
1401
1410
|
}
|
|
1402
1411
|
async connectAccountWithRedirect(e) {
|
|
1403
|
-
const { openUrl: t, appState: n, connection: o, scopes: r, authorization_params: a, redirectUri:
|
|
1412
|
+
const { openUrl: t, appState: n, connection: o, scopes: r, authorization_params: a, redirectUri: l = this.options.authorizationParams.redirect_uri || window.location.origin } = e;
|
|
1404
1413
|
if (!o) throw new Error("connection is required");
|
|
1405
|
-
const u =
|
|
1406
|
-
this.transactionManager.create({ state: u, code_verifier: p, auth_session: m, redirect_uri:
|
|
1407
|
-
const y = new URL(
|
|
1408
|
-
y.searchParams.set("ticket",
|
|
1414
|
+
const u = M(R()), p = R(), s = await de(p), c = le(s), { connect_uri: h, connect_params: d, auth_session: m } = await this.myAccountApi.connectAccount({ connection: o, scopes: r, redirect_uri: l, state: u, code_challenge: c, code_challenge_method: "S256", authorization_params: a });
|
|
1415
|
+
this.transactionManager.create({ state: u, code_verifier: p, auth_session: m, redirect_uri: l, appState: n, connection: o, response_type: j.ConnectCode });
|
|
1416
|
+
const y = new URL(h);
|
|
1417
|
+
y.searchParams.set("ticket", d.ticket), t ? await t(y.toString()) : window.location.assign(y);
|
|
1409
1418
|
}
|
|
1410
1419
|
}
|
|
1411
1420
|
export {
|
|
1412
|
-
|
|
1421
|
+
lt as Auth0Client,
|
|
1413
1422
|
te as AuthenticationError,
|
|
1414
|
-
|
|
1423
|
+
S as CacheKey,
|
|
1415
1424
|
ne as ConnectError,
|
|
1416
1425
|
v as GenericError,
|
|
1417
|
-
|
|
1418
|
-
|
|
1426
|
+
Oe as InMemoryCache,
|
|
1427
|
+
$e as LocalStorageCache,
|
|
1419
1428
|
se as MfaRequiredError,
|
|
1420
|
-
|
|
1421
|
-
|
|
1429
|
+
F as MissingRefreshTokenError,
|
|
1430
|
+
V as MyAccountApiError,
|
|
1422
1431
|
ie as PopupCancelledError,
|
|
1423
1432
|
re as PopupOpenError,
|
|
1424
1433
|
oe as PopupTimeoutError,
|
|
1425
1434
|
j as ResponseType,
|
|
1426
|
-
|
|
1427
|
-
|
|
1435
|
+
N as TimeoutError,
|
|
1436
|
+
G as UseDpopNonceError
|
|
1428
1437
|
};
|
|
1429
|
-
//# sourceMappingURL=auth0-spa-js.production.esm-
|
|
1438
|
+
//# sourceMappingURL=auth0-spa-js.production.esm-DL9f1uDJ.js.map
|