solid-logic 3.0.9-f327aa58 → 3.0.9-ff53d0a

package/dist/solid-logic.umd.min.js

@@ -0,0 +1,32 @@
+!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports,require("node:crypto"),require("node:buffer"),require("node:util"),require("node:http"),require("node:https"),require("node:events"),require("rdflib")):"function"==typeof define&&define.amd?define(["exports","node:crypto","node:buffer","node:util","node:http","node:https","node:events","rdflib"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).SolidLogic={},e.crypto,e.node_buffer,e.util,e.http,e.https,e.events,e.rdflib)}(this,function(e,t,r,n,i,o,s,a){"use strict";function u(e){if(e&&e.__esModule)return e;var t=Object.create(null);return e&&Object.keys(e).forEach(function(r){if("default"!==r){var n=Object.getOwnPropertyDescriptor(e,r);Object.defineProperty(t,r,n.get?n:{enumerable:!0,get:function(){return e[r]}})}}),t.default=e,Object.freeze(t)}var c=u(t),h=u(n),l=u(i),f=u(o),d=u(a);function p(...e){console.log(...e)}function g(...e){console.warn(...e)}const y=new TextEncoder,v=new TextDecoder;function m(...e){const t=e.reduce((e,{length:t})=>e+t,0),r=new Uint8Array(t);let n=0;for(const t of e)r.set(t,n),n+=t.length;return r}const w=e=>r.Buffer.from(e).toString("base64url"),_=e=>new Uint8Array(r.Buffer.from(function(e){let t=e;return t instanceof Uint8Array&&(t=v.decode(t)),t}(e),"base64url"));class S extends Error{static code="ERR_JOSE_GENERIC";code="ERR_JOSE_GENERIC";constructor(e,t){super(e,t),this.name=this.constructor.name,Error.captureStackTrace?.(this,this.constructor)}}class b extends S{static code="ERR_JWT_CLAIM_VALIDATION_FAILED";code="ERR_JWT_CLAIM_VALIDATION_FAILED";claim;reason;payload;constructor(e,t,r="unspecified",n="unspecified"){super(e,{cause:{claim:r,reason:n,payload:t}}),this.claim=r,this.reason=n,this.payload=t}}class E extends S{static code="ERR_JWT_EXPIRED";code="ERR_JWT_EXPIRED";claim;reason;payload;constructor(e,t,r="unspecified",n="unspecified"){super(e,{cause:{claim:r,reason:n,payload:t}}),this.claim=r,this.reason=n,this.payload=t}}class F extends S{static code="ERR_JOSE_ALG_NOT_ALLOWED";code="ERR_JOSE_ALG_NOT_ALLOWED"}class A extends S{static code="ERR_JOSE_NOT_SUPPORTED";code="ERR_JOSE_NOT_SUPPORTED"}class x extends S{static code="ERR_JWS_INVALID";code="ERR_JWS_INVALID"}class k extends S{static code="ERR_JWT_INVALID";code="ERR_JWT_INVALID"}class P extends S{static code="ERR_JWKS_INVALID";code="ERR_JWKS_INVALID"}class T extends S{static code="ERR_JWKS_NO_MATCHING_KEY";code="ERR_JWKS_NO_MATCHING_KEY";constructor(e="no applicable key found in the JSON Web Key Set",t){super(e,t)}}class I extends S{[Symbol.asyncIterator];static code="ERR_JWKS_MULTIPLE_MATCHING_KEYS";code="ERR_JWKS_MULTIPLE_MATCHING_KEYS";constructor(e="multiple matching keys found in the JSON Web Key Set",t){super(e,t)}}class R extends S{static code="ERR_JWKS_TIMEOUT";code="ERR_JWKS_TIMEOUT";constructor(e="request timed out",t){super(e,t)}}class C extends S{static code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED";code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED";constructor(e="signature verification failed",t){super(e,t)}}var U=e=>h.types.isKeyObject(e);const L=c.webcrypto,D=e=>h.types.isCryptoKey(e);function N(e,t="algorithm.name"){return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`)}function O(e,t){return e.name===t}function j(e){return parseInt(e.name.slice(4),10)}function B(e,t,...r){switch(t){case"HS256":case"HS384":case"HS512":{if(!O(e.algorithm,"HMAC"))throw N("HMAC");const r=parseInt(t.slice(2),10);if(j(e.algorithm.hash)!==r)throw N(`SHA-${r}`,"algorithm.hash");break}case"RS256":case"RS384":case"RS512":{if(!O(e.algorithm,"RSASSA-PKCS1-v1_5"))throw N("RSASSA-PKCS1-v1_5");const r=parseInt(t.slice(2),10);if(j(e.algorithm.hash)!==r)throw N(`SHA-${r}`,"algorithm.hash");break}case"PS256":case"PS384":case"PS512":{if(!O(e.algorithm,"RSA-PSS"))throw N("RSA-PSS");const r=parseInt(t.slice(2),10);if(j(e.algorithm.hash)!==r)throw N(`SHA-${r}`,"algorithm.hash");break}case"EdDSA":if("Ed25519"!==e.algorithm.name&&"Ed448"!==e.algorithm.name)throw N("Ed25519 or Ed448");break;case"Ed25519":if(!O(e.algorithm,"Ed25519"))throw N("Ed25519");break;case"ES256":case"ES384":case"ES512":{if(!O(e.algorithm,"ECDSA"))throw N("ECDSA");const r=function(e){switch(e){case"ES256":return"P-256";case"ES384":return"P-384";case"ES512":return"P-521";default:throw new Error("unreachable")}}(t);if(e.algorithm.namedCurve!==r)throw N(r,"algorithm.namedCurve");break}default:throw new TypeError("CryptoKey does not support this operation")}!function(e,t){if(t.length&&!t.some(t=>e.usages.includes(t))){let e="CryptoKey does not support this operation, its usages must include ";if(t.length>2){const r=t.pop();e+=`one of ${t.join(", ")}, or ${r}.`}else 2===t.length?e+=`one of ${t[0]} or ${t[1]}.`:e+=`${t[0]}.`;throw new TypeError(e)}}(e,r)}function H(e,t,...r){if((r=r.filter(Boolean)).length>2){const t=r.pop();e+=`one of type ${r.join(", ")}, or ${t}.`}else 2===r.length?e+=`one of type ${r[0]} or ${r[1]}.`:e+=`of type ${r[0]}.`;return null==t?e+=` Received ${t}`:"function"==typeof t&&t.name?e+=` Received function ${t.name}`:"object"==typeof t&&null!=t&&t.constructor?.name&&(e+=` Received an instance of ${t.constructor.name}`),e}var M=(e,...t)=>H("Key must be ",e,...t);function K(e,t,...r){return H(`Key for the ${e} algorithm must be `,t,...r)}var V=e=>U(e)||D(e);const q=["KeyObject"];(globalThis.CryptoKey||L?.CryptoKey)&&q.push("CryptoKey");var J=(...e)=>{const t=e.filter(Boolean);if(0===t.length||1===t.length)return!0;let r;for(const e of t){const t=Object.keys(e);if(r&&0!==r.size)for(const e of t){if(r.has(e))return!1;r.add(e)}else r=new Set(t)}return!0};function W(e){if("object"!=typeof(t=e)||null===t||"[object Object]"!==Object.prototype.toString.call(e))return!1;var t;if(null===Object.getPrototypeOf(e))return!0;let r=e;for(;null!==Object.getPrototypeOf(r);)r=Object.getPrototypeOf(r);return Object.getPrototypeOf(e)===r}function $(e){return W(e)&&"string"==typeof e.kty}var Y=(e,r)=>{let n;if(D(e))n=t.KeyObject.from(e);else{if(!U(e)){if($(e))return e.crv;throw new TypeError(M(e,...q))}n=e}if("secret"===n.type)throw new TypeError('only "private" or "public" type keys can be used for this operation');switch(n.asymmetricKeyType){case"ed25519":case"ed448":return`Ed${n.asymmetricKeyType.slice(2)}`;case"x25519":case"x448":return`X${n.asymmetricKeyType.slice(1)}`;case"ec":{const e=n.asymmetricKeyDetails.namedCurve;return r?e:(e=>{switch(e){case"prime256v1":return"P-256";case"secp384r1":return"P-384";case"secp521r1":return"P-521";case"secp256k1":return"secp256k1";default:throw new A("Unsupported key curve for this operation")}})(e)}default:throw new TypeError("Invalid asymmetric key type for this operation")}},z="undefined"!=typeof global?global:"undefined"!=typeof self?self:"undefined"!=typeof window?window:{},G=[],X=[],Q="undefined"!=typeof Uint8Array?Uint8Array:Array,Z=!1;function ee(){Z=!0;for(var e="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",t=0;t<64;++t)G[t]=e[t],X[e.charCodeAt(t)]=t;X["-".charCodeAt(0)]=62,X["_".charCodeAt(0)]=63}function te(e){return G[e>>18&63]+G[e>>12&63]+G[e>>6&63]+G[63&e]}function re(e,t,r){for(var n,i=[],o=t;o<r;o+=3)n=(e[o]<<16)+(e[o+1]<<8)+e[o+2],i.push(te(n));return i.join("")}function ne(e){var t;Z||ee();for(var r=e.length,n=r%3,i="",o=[],s=16383,a=0,u=r-n;a<u;a+=s)o.push(re(e,a,a+s>u?u:a+s));return 1===n?(t=e[r-1],i+=G[t>>2],i+=G[t<<4&63],i+="=="):2===n&&(t=(e[r-2]<<8)+e[r-1],i+=G[t>>10],i+=G[t>>4&63],i+=G[t<<2&63],i+="="),o.push(i),o.join("")}function ie(e,t,r,n,i){var o,s,a=8*i-n-1,u=(1<<a)-1,c=u>>1,h=-7,l=r?i-1:0,f=r?-1:1,d=e[t+l];for(l+=f,o=d&(1<<-h)-1,d>>=-h,h+=a;h>0;o=256*o+e[t+l],l+=f,h-=8);for(s=o&(1<<-h)-1,o>>=-h,h+=n;h>0;s=256*s+e[t+l],l+=f,h-=8);if(0===o)o=1-c;else{if(o===u)return s?NaN:1/0*(d?-1:1);s+=Math.pow(2,n),o-=c}return(d?-1:1)*s*Math.pow(2,o-n)}function oe(e,t,r,n,i,o){var s,a,u,c=8*o-i-1,h=(1<<c)-1,l=h>>1,f=23===i?Math.pow(2,-24)-Math.pow(2,-77):0,d=n?0:o-1,p=n?1:-1,g=t<0||0===t&&1/t<0?1:0;for(t=Math.abs(t),isNaN(t)||t===1/0?(a=isNaN(t)?1:0,s=h):(s=Math.floor(Math.log(t)/Math.LN2),t*(u=Math.pow(2,-s))<1&&(s--,u*=2),(t+=s+l>=1?f/u:f*Math.pow(2,1-l))*u>=2&&(s++,u/=2),s+l>=h?(a=0,s=h):s+l>=1?(a=(t*u-1)*Math.pow(2,i),s+=l):(a=t*Math.pow(2,l-1)*Math.pow(2,i),s=0));i>=8;e[r+d]=255&a,d+=p,a/=256,i-=8);for(s=s<<i|a,c+=i;c>0;e[r+d]=255&s,d+=p,s/=256,c-=8);e[r+d-p]|=128*g}var se={}.toString,ae=Array.isArray||function(e){return"[object Array]"==se.call(e)};function ue(){return he.TYPED_ARRAY_SUPPORT?2147483647:1073741823}function ce(e,t){if(ue()<t)throw new RangeError("Invalid typed array length");return he.TYPED_ARRAY_SUPPORT?(e=new Uint8Array(t)).__proto__=he.prototype:(null===e&&(e=new he(t)),e.length=t),e}function he(e,t,r){if(!(he.TYPED_ARRAY_SUPPORT||this instanceof he))return new he(e,t,r);if("number"==typeof e){if("string"==typeof t)throw new Error("If encoding is specified then the first argument must be a string");return de(this,e)}return le(this,e,t,r)}function le(e,t,r,n){if("number"==typeof t)throw new TypeError('"value" argument must not be a number');return"undefined"!=typeof ArrayBuffer&&t instanceof ArrayBuffer?function(e,t,r,n){if(t.byteLength,r<0||t.byteLength<r)throw new RangeError("'offset' is out of bounds");if(t.byteLength<r+(n||0))throw new RangeError("'length' is out of bounds");t=void 0===r&&void 0===n?new Uint8Array(t):void 0===n?new Uint8Array(t,r):new Uint8Array(t,r,n);he.TYPED_ARRAY_SUPPORT?(e=t).__proto__=he.prototype:e=pe(e,t);return e}(e,t,r,n):"string"==typeof t?function(e,t,r){"string"==typeof r&&""!==r||(r="utf8");if(!he.isEncoding(r))throw new TypeError('"encoding" must be a valid string encoding');var n=0|ve(t,r);e=ce(e,n);var i=e.write(t,r);i!==n&&(e=e.slice(0,i));return e}(e,t,r):function(e,t){if(ye(t)){var r=0|ge(t.length);return 0===(e=ce(e,r)).length||t.copy(e,0,0,r),e}if(t){if("undefined"!=typeof ArrayBuffer&&t.buffer instanceof ArrayBuffer||"length"in t)return"number"!=typeof t.length||(n=t.length)!=n?ce(e,0):pe(e,t);if("Buffer"===t.type&&ae(t.data))return pe(e,t.data)}var n;throw new TypeError("First argument must be a string, Buffer, ArrayBuffer, Array, or array-like object.")}(e,t)}function fe(e){if("number"!=typeof e)throw new TypeError('"size" argument must be a number');if(e<0)throw new RangeError('"size" argument must not be negative')}function de(e,t){if(fe(t),e=ce(e,t<0?0:0|ge(t)),!he.TYPED_ARRAY_SUPPORT)for(var r=0;r<t;++r)e[r]=0;return e}function pe(e,t){var r=t.length<0?0:0|ge(t.length);e=ce(e,r);for(var n=0;n<r;n+=1)e[n]=255&t[n];return e}function ge(e){if(e>=ue())throw new RangeError("Attempt to allocate Buffer larger than maximum size: 0x"+ue().toString(16)+" bytes");return 0|e}function ye(e){return!(null==e||!e._isBuffer)}function ve(e,t){if(ye(e))return e.length;if("undefined"!=typeof ArrayBuffer&&"function"==typeof ArrayBuffer.isView&&(ArrayBuffer.isView(e)||e instanceof ArrayBuffer))return e.byteLength;"string"!=typeof e&&(e=""+e);var r=e.length;if(0===r)return 0;for(var n=!1;;)switch(t){case"ascii":case"latin1":case"binary":return r;case"utf8":case"utf-8":case void 0:return qe(e).length;case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return 2*r;case"hex":return r>>>1;case"base64":return Je(e).length;default:if(n)return qe(e).length;t=(""+t).toLowerCase(),n=!0}}function me(e,t,r){var n=!1;if((void 0===t||t<0)&&(t=0),t>this.length)return"";if((void 0===r||r>this.length)&&(r=this.length),r<=0)return"";if((r>>>=0)<=(t>>>=0))return"";for(e||(e="utf8");;)switch(e){case"hex":return Ue(this,t,r);case"utf8":case"utf-8":return Te(this,t,r);case"ascii":return Re(this,t,r);case"latin1":case"binary":return Ce(this,t,r);case"base64":return Pe(this,t,r);case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return Le(this,t,r);default:if(n)throw new TypeError("Unknown encoding: "+e);e=(e+"").toLowerCase(),n=!0}}function we(e,t,r){var n=e[t];e[t]=e[r],e[r]=n}function _e(e,t,r,n,i){if(0===e.length)return-1;if("string"==typeof r?(n=r,r=0):r>2147483647?r=2147483647:r<-2147483648&&(r=-2147483648),r=+r,isNaN(r)&&(r=i?0:e.length-1),r<0&&(r=e.length+r),r>=e.length){if(i)return-1;r=e.length-1}else if(r<0){if(!i)return-1;r=0}if("string"==typeof t&&(t=he.from(t,n)),ye(t))return 0===t.length?-1:Se(e,t,r,n,i);if("number"==typeof t)return t&=255,he.TYPED_ARRAY_SUPPORT&&"function"==typeof Uint8Array.prototype.indexOf?i?Uint8Array.prototype.indexOf.call(e,t,r):Uint8Array.prototype.lastIndexOf.call(e,t,r):Se(e,[t],r,n,i);throw new TypeError("val must be string, number or Buffer")}function Se(e,t,r,n,i){var o,s=1,a=e.length,u=t.length;if(void 0!==n&&("ucs2"===(n=String(n).toLowerCase())||"ucs-2"===n||"utf16le"===n||"utf-16le"===n)){if(e.length<2||t.length<2)return-1;s=2,a/=2,u/=2,r/=2}function c(e,t){return 1===s?e[t]:e.readUInt16BE(t*s)}if(i){var h=-1;for(o=r;o<a;o++)if(c(e,o)===c(t,-1===h?0:o-h)){if(-1===h&&(h=o),o-h+1===u)return h*s}else-1!==h&&(o-=o-h),h=-1}else for(r+u>a&&(r=a-u),o=r;o>=0;o--){for(var l=!0,f=0;f<u;f++)if(c(e,o+f)!==c(t,f)){l=!1;break}if(l)return o}return-1}function be(e,t,r,n){r=Number(r)||0;var i=e.length-r;n?(n=Number(n))>i&&(n=i):n=i;var o=t.length;if(o%2!=0)throw new TypeError("Invalid hex string");n>o/2&&(n=o/2);for(var s=0;s<n;++s){var a=parseInt(t.substr(2*s,2),16);if(isNaN(a))return s;e[r+s]=a}return s}function Ee(e,t,r,n){return We(qe(t,e.length-r),e,r,n)}function Fe(e,t,r,n){return We(function(e){for(var t=[],r=0;r<e.length;++r)t.push(255&e.charCodeAt(r));return t}(t),e,r,n)}function Ae(e,t,r,n){return Fe(e,t,r,n)}function xe(e,t,r,n){return We(Je(t),e,r,n)}function ke(e,t,r,n){return We(function(e,t){for(var r,n,i,o=[],s=0;s<e.length&&!((t-=2)<0);++s)n=(r=e.charCodeAt(s))>>8,i=r%256,o.push(i),o.push(n);return o}(t,e.length-r),e,r,n)}function Pe(e,t,r){return 0===t&&r===e.length?ne(e):ne(e.slice(t,r))}function Te(e,t,r){r=Math.min(e.length,r);for(var n=[],i=t;i<r;){var o,s,a,u,c=e[i],h=null,l=c>239?4:c>223?3:c>191?2:1;if(i+l<=r)switch(l){case 1:c<128&&(h=c);break;case 2:128==(192&(o=e[i+1]))&&(u=(31&c)<<6|63&o)>127&&(h=u);break;case 3:o=e[i+1],s=e[i+2],128==(192&o)&&128==(192&s)&&(u=(15&c)<<12|(63&o)<<6|63&s)>2047&&(u<55296||u>57343)&&(h=u);break;case 4:o=e[i+1],s=e[i+2],a=e[i+3],128==(192&o)&&128==(192&s)&&128==(192&a)&&(u=(15&c)<<18|(63&o)<<12|(63&s)<<6|63&a)>65535&&u<1114112&&(h=u)}null===h?(h=65533,l=1):h>65535&&(h-=65536,n.push(h>>>10&1023|55296),h=56320|1023&h),n.push(h),i+=l}return function(e){var t=e.length;if(t<=Ie)return String.fromCharCode.apply(String,e);var r="",n=0;for(;n<t;)r+=String.fromCharCode.apply(String,e.slice(n,n+=Ie));return r}(n)}he.TYPED_ARRAY_SUPPORT=void 0===z.TYPED_ARRAY_SUPPORT||z.TYPED_ARRAY_SUPPORT,ue(),he.poolSize=8192,he._augment=function(e){return e.__proto__=he.prototype,e},he.from=function(e,t,r){return le(null,e,t,r)},he.TYPED_ARRAY_SUPPORT&&(he.prototype.__proto__=Uint8Array.prototype,he.__proto__=Uint8Array,"undefined"!=typeof Symbol&&Symbol.species&&he[Symbol.species]),he.alloc=function(e,t,r){return function(e,t,r,n){return fe(t),t<=0?ce(e,t):void 0!==r?"string"==typeof n?ce(e,t).fill(r,n):ce(e,t).fill(r):ce(e,t)}(null,e,t,r)},he.allocUnsafe=function(e){return de(null,e)},he.allocUnsafeSlow=function(e){return de(null,e)},he.isBuffer=function(e){return null!=e&&(!!e._isBuffer||$e(e)||function(e){return"function"==typeof e.readFloatLE&&"function"==typeof e.slice&&$e(e.slice(0,0))}(e))},he.compare=function(e,t){if(!ye(e)||!ye(t))throw new TypeError("Arguments must be Buffers");if(e===t)return 0;for(var r=e.length,n=t.length,i=0,o=Math.min(r,n);i<o;++i)if(e[i]!==t[i]){r=e[i],n=t[i];break}return r<n?-1:n<r?1:0},he.isEncoding=function(e){switch(String(e).toLowerCase()){case"hex":case"utf8":case"utf-8":case"ascii":case"latin1":case"binary":case"base64":case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return!0;default:return!1}},he.concat=function(e,t){if(!ae(e))throw new TypeError('"list" argument must be an Array of Buffers');if(0===e.length)return he.alloc(0);var r;if(void 0===t)for(t=0,r=0;r<e.length;++r)t+=e[r].length;var n=he.allocUnsafe(t),i=0;for(r=0;r<e.length;++r){var o=e[r];if(!ye(o))throw new TypeError('"list" argument must be an Array of Buffers');o.copy(n,i),i+=o.length}return n},he.byteLength=ve,he.prototype._isBuffer=!0,he.prototype.swap16=function(){var e=this.length;if(e%2!=0)throw new RangeError("Buffer size must be a multiple of 16-bits");for(var t=0;t<e;t+=2)we(this,t,t+1);return this},he.prototype.swap32=function(){var e=this.length;if(e%4!=0)throw new RangeError("Buffer size must be a multiple of 32-bits");for(var t=0;t<e;t+=4)we(this,t,t+3),we(this,t+1,t+2);return this},he.prototype.swap64=function(){var e=this.length;if(e%8!=0)throw new RangeError("Buffer size must be a multiple of 64-bits");for(var t=0;t<e;t+=8)we(this,t,t+7),we(this,t+1,t+6),we(this,t+2,t+5),we(this,t+3,t+4);return this},he.prototype.toString=function(){var e=0|this.length;return 0===e?"":0===arguments.length?Te(this,0,e):me.apply(this,arguments)},he.prototype.equals=function(e){if(!ye(e))throw new TypeError("Argument must be a Buffer");return this===e||0===he.compare(this,e)},he.prototype.inspect=function(){var e="";return this.length>0&&(e=this.toString("hex",0,50).match(/.{2}/g).join(" "),this.length>50&&(e+=" ... ")),"<Buffer "+e+">"},he.prototype.compare=function(e,t,r,n,i){if(!ye(e))throw new TypeError("Argument must be a Buffer");if(void 0===t&&(t=0),void 0===r&&(r=e?e.length:0),void 0===n&&(n=0),void 0===i&&(i=this.length),t<0||r>e.length||n<0||i>this.length)throw new RangeError("out of range index");if(n>=i&&t>=r)return 0;if(n>=i)return-1;if(t>=r)return 1;if(this===e)return 0;for(var o=(i>>>=0)-(n>>>=0),s=(r>>>=0)-(t>>>=0),a=Math.min(o,s),u=this.slice(n,i),c=e.slice(t,r),h=0;h<a;++h)if(u[h]!==c[h]){o=u[h],s=c[h];break}return o<s?-1:s<o?1:0},he.prototype.includes=function(e,t,r){return-1!==this.indexOf(e,t,r)},he.prototype.indexOf=function(e,t,r){return _e(this,e,t,r,!0)},he.prototype.lastIndexOf=function(e,t,r){return _e(this,e,t,r,!1)},he.prototype.write=function(e,t,r,n){if(void 0===t)n="utf8",r=this.length,t=0;else if(void 0===r&&"string"==typeof t)n=t,r=this.length,t=0;else{if(!isFinite(t))throw new Error("Buffer.write(string, encoding, offset[, length]) is no longer supported");t|=0,isFinite(r)?(r|=0,void 0===n&&(n="utf8")):(n=r,r=void 0)}var i=this.length-t;if((void 0===r||r>i)&&(r=i),e.length>0&&(r<0||t<0)||t>this.length)throw new RangeError("Attempt to write outside buffer bounds");n||(n="utf8");for(var o=!1;;)switch(n){case"hex":return be(this,e,t,r);case"utf8":case"utf-8":return Ee(this,e,t,r);case"ascii":return Fe(this,e,t,r);case"latin1":case"binary":return Ae(this,e,t,r);case"base64":return xe(this,e,t,r);case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return ke(this,e,t,r);default:if(o)throw new TypeError("Unknown encoding: "+n);n=(""+n).toLowerCase(),o=!0}},he.prototype.toJSON=function(){return{type:"Buffer",data:Array.prototype.slice.call(this._arr||this,0)}};var Ie=4096;function Re(e,t,r){var n="";r=Math.min(e.length,r);for(var i=t;i<r;++i)n+=String.fromCharCode(127&e[i]);return n}function Ce(e,t,r){var n="";r=Math.min(e.length,r);for(var i=t;i<r;++i)n+=String.fromCharCode(e[i]);return n}function Ue(e,t,r){var n=e.length;(!t||t<0)&&(t=0),(!r||r<0||r>n)&&(r=n);for(var i="",o=t;o<r;++o)i+=Ve(e[o]);return i}function Le(e,t,r){for(var n=e.slice(t,r),i="",o=0;o<n.length;o+=2)i+=String.fromCharCode(n[o]+256*n[o+1]);return i}function De(e,t,r){if(e%1!=0||e<0)throw new RangeError("offset is not uint");if(e+t>r)throw new RangeError("Trying to access beyond buffer length")}function Ne(e,t,r,n,i,o){if(!ye(e))throw new TypeError('"buffer" argument must be a Buffer instance');if(t>i||t<o)throw new RangeError('"value" argument is out of bounds');if(r+n>e.length)throw new RangeError("Index out of range")}function Oe(e,t,r,n){t<0&&(t=65535+t+1);for(var i=0,o=Math.min(e.length-r,2);i<o;++i)e[r+i]=(t&255<<8*(n?i:1-i))>>>8*(n?i:1-i)}function je(e,t,r,n){t<0&&(t=4294967295+t+1);for(var i=0,o=Math.min(e.length-r,4);i<o;++i)e[r+i]=t>>>8*(n?i:3-i)&255}function Be(e,t,r,n,i,o){if(r+n>e.length)throw new RangeError("Index out of range");if(r<0)throw new RangeError("Index out of range")}function He(e,t,r,n,i){return i||Be(e,0,r,4),oe(e,t,r,n,23,4),r+4}function Me(e,t,r,n,i){return i||Be(e,0,r,8),oe(e,t,r,n,52,8),r+8}he.prototype.slice=function(e,t){var r,n=this.length;if((e=~~e)<0?(e+=n)<0&&(e=0):e>n&&(e=n),(t=void 0===t?n:~~t)<0?(t+=n)<0&&(t=0):t>n&&(t=n),t<e&&(t=e),he.TYPED_ARRAY_SUPPORT)(r=this.subarray(e,t)).__proto__=he.prototype;else{var i=t-e;r=new he(i,void 0);for(var o=0;o<i;++o)r[o]=this[o+e]}return r},he.prototype.readUIntLE=function(e,t,r){e|=0,t|=0,r||De(e,t,this.length);for(var n=this[e],i=1,o=0;++o<t&&(i*=256);)n+=this[e+o]*i;return n},he.prototype.readUIntBE=function(e,t,r){e|=0,t|=0,r||De(e,t,this.length);for(var n=this[e+--t],i=1;t>0&&(i*=256);)n+=this[e+--t]*i;return n},he.prototype.readUInt8=function(e,t){return t||De(e,1,this.length),this[e]},he.prototype.readUInt16LE=function(e,t){return t||De(e,2,this.length),this[e]|this[e+1]<<8},he.prototype.readUInt16BE=function(e,t){return t||De(e,2,this.length),this[e]<<8|this[e+1]},he.prototype.readUInt32LE=function(e,t){return t||De(e,4,this.length),(this[e]|this[e+1]<<8|this[e+2]<<16)+16777216*this[e+3]},he.prototype.readUInt32BE=function(e,t){return t||De(e,4,this.length),16777216*this[e]+(this[e+1]<<16|this[e+2]<<8|this[e+3])},he.prototype.readIntLE=function(e,t,r){e|=0,t|=0,r||De(e,t,this.length);for(var n=this[e],i=1,o=0;++o<t&&(i*=256);)n+=this[e+o]*i;return n>=(i*=128)&&(n-=Math.pow(2,8*t)),n},he.prototype.readIntBE=function(e,t,r){e|=0,t|=0,r||De(e,t,this.length);for(var n=t,i=1,o=this[e+--n];n>0&&(i*=256);)o+=this[e+--n]*i;return o>=(i*=128)&&(o-=Math.pow(2,8*t)),o},he.prototype.readInt8=function(e,t){return t||De(e,1,this.length),128&this[e]?-1*(255-this[e]+1):this[e]},he.prototype.readInt16LE=function(e,t){t||De(e,2,this.length);var r=this[e]|this[e+1]<<8;return 32768&r?4294901760|r:r},he.prototype.readInt16BE=function(e,t){t||De(e,2,this.length);var r=this[e+1]|this[e]<<8;return 32768&r?4294901760|r:r},he.prototype.readInt32LE=function(e,t){return t||De(e,4,this.length),this[e]|this[e+1]<<8|this[e+2]<<16|this[e+3]<<24},he.prototype.readInt32BE=function(e,t){return t||De(e,4,this.length),this[e]<<24|this[e+1]<<16|this[e+2]<<8|this[e+3]},he.prototype.readFloatLE=function(e,t){return t||De(e,4,this.length),ie(this,e,!0,23,4)},he.prototype.readFloatBE=function(e,t){return t||De(e,4,this.length),ie(this,e,!1,23,4)},he.prototype.readDoubleLE=function(e,t){return t||De(e,8,this.length),ie(this,e,!0,52,8)},he.prototype.readDoubleBE=function(e,t){return t||De(e,8,this.length),ie(this,e,!1,52,8)},he.prototype.writeUIntLE=function(e,t,r,n){(e=+e,t|=0,r|=0,n)||Ne(this,e,t,r,Math.pow(2,8*r)-1,0);var i=1,o=0;for(this[t]=255&e;++o<r&&(i*=256);)this[t+o]=e/i&255;return t+r},he.prototype.writeUIntBE=function(e,t,r,n){(e=+e,t|=0,r|=0,n)||Ne(this,e,t,r,Math.pow(2,8*r)-1,0);var i=r-1,o=1;for(this[t+i]=255&e;--i>=0&&(o*=256);)this[t+i]=e/o&255;return t+r},he.prototype.writeUInt8=function(e,t,r){return e=+e,t|=0,r||Ne(this,e,t,1,255,0),he.TYPED_ARRAY_SUPPORT||(e=Math.floor(e)),this[t]=255&e,t+1},he.prototype.writeUInt16LE=function(e,t,r){return e=+e,t|=0,r||Ne(this,e,t,2,65535,0),he.TYPED_ARRAY_SUPPORT?(this[t]=255&e,this[t+1]=e>>>8):Oe(this,e,t,!0),t+2},he.prototype.writeUInt16BE=function(e,t,r){return e=+e,t|=0,r||Ne(this,e,t,2,65535,0),he.TYPED_ARRAY_SUPPORT?(this[t]=e>>>8,this[t+1]=255&e):Oe(this,e,t,!1),t+2},he.prototype.writeUInt32LE=function(e,t,r){return e=+e,t|=0,r||Ne(this,e,t,4,4294967295,0),he.TYPED_ARRAY_SUPPORT?(this[t+3]=e>>>24,this[t+2]=e>>>16,this[t+1]=e>>>8,this[t]=255&e):je(this,e,t,!0),t+4},he.prototype.writeUInt32BE=function(e,t,r){return e=+e,t|=0,r||Ne(this,e,t,4,4294967295,0),he.TYPED_ARRAY_SUPPORT?(this[t]=e>>>24,this[t+1]=e>>>16,this[t+2]=e>>>8,this[t+3]=255&e):je(this,e,t,!1),t+4},he.prototype.writeIntLE=function(e,t,r,n){if(e=+e,t|=0,!n){var i=Math.pow(2,8*r-1);Ne(this,e,t,r,i-1,-i)}var o=0,s=1,a=0;for(this[t]=255&e;++o<r&&(s*=256);)e<0&&0===a&&0!==this[t+o-1]&&(a=1),this[t+o]=(e/s|0)-a&255;return t+r},he.prototype.writeIntBE=function(e,t,r,n){if(e=+e,t|=0,!n){var i=Math.pow(2,8*r-1);Ne(this,e,t,r,i-1,-i)}var o=r-1,s=1,a=0;for(this[t+o]=255&e;--o>=0&&(s*=256);)e<0&&0===a&&0!==this[t+o+1]&&(a=1),this[t+o]=(e/s|0)-a&255;return t+r},he.prototype.writeInt8=function(e,t,r){return e=+e,t|=0,r||Ne(this,e,t,1,127,-128),he.TYPED_ARRAY_SUPPORT||(e=Math.floor(e)),e<0&&(e=255+e+1),this[t]=255&e,t+1},he.prototype.writeInt16LE=function(e,t,r){return e=+e,t|=0,r||Ne(this,e,t,2,32767,-32768),he.TYPED_ARRAY_SUPPORT?(this[t]=255&e,this[t+1]=e>>>8):Oe(this,e,t,!0),t+2},he.prototype.writeInt16BE=function(e,t,r){return e=+e,t|=0,r||Ne(this,e,t,2,32767,-32768),he.TYPED_ARRAY_SUPPORT?(this[t]=e>>>8,this[t+1]=255&e):Oe(this,e,t,!1),t+2},he.prototype.writeInt32LE=function(e,t,r){return e=+e,t|=0,r||Ne(this,e,t,4,2147483647,-2147483648),he.TYPED_ARRAY_SUPPORT?(this[t]=255&e,this[t+1]=e>>>8,this[t+2]=e>>>16,this[t+3]=e>>>24):je(this,e,t,!0),t+4},he.prototype.writeInt32BE=function(e,t,r){return e=+e,t|=0,r||Ne(this,e,t,4,2147483647,-2147483648),e<0&&(e=4294967295+e+1),he.TYPED_ARRAY_SUPPORT?(this[t]=e>>>24,this[t+1]=e>>>16,this[t+2]=e>>>8,this[t+3]=255&e):je(this,e,t,!1),t+4},he.prototype.writeFloatLE=function(e,t,r){return He(this,e,t,!0,r)},he.prototype.writeFloatBE=function(e,t,r){return He(this,e,t,!1,r)},he.prototype.writeDoubleLE=function(e,t,r){return Me(this,e,t,!0,r)},he.prototype.writeDoubleBE=function(e,t,r){return Me(this,e,t,!1,r)},he.prototype.copy=function(e,t,r,n){if(r||(r=0),n||0===n||(n=this.length),t>=e.length&&(t=e.length),t||(t=0),n>0&&n<r&&(n=r),n===r)return 0;if(0===e.length||0===this.length)return 0;if(t<0)throw new RangeError("targetStart out of bounds");if(r<0||r>=this.length)throw new RangeError("sourceStart out of bounds");if(n<0)throw new RangeError("sourceEnd out of bounds");n>this.length&&(n=this.length),e.length-t<n-r&&(n=e.length-t+r);var i,o=n-r;if(this===e&&r<t&&t<n)for(i=o-1;i>=0;--i)e[i+t]=this[i+r];else if(o<1e3||!he.TYPED_ARRAY_SUPPORT)for(i=0;i<o;++i)e[i+t]=this[i+r];else Uint8Array.prototype.set.call(e,this.subarray(r,r+o),t);return o},he.prototype.fill=function(e,t,r,n){if("string"==typeof e){if("string"==typeof t?(n=t,t=0,r=this.length):"string"==typeof r&&(n=r,r=this.length),1===e.length){var i=e.charCodeAt(0);i<256&&(e=i)}if(void 0!==n&&"string"!=typeof n)throw new TypeError("encoding must be a string");if("string"==typeof n&&!he.isEncoding(n))throw new TypeError("Unknown encoding: "+n)}else"number"==typeof e&&(e&=255);if(t<0||this.length<t||this.length<r)throw new RangeError("Out of range index");if(r<=t)return this;var o;if(t>>>=0,r=void 0===r?this.length:r>>>0,e||(e=0),"number"==typeof e)for(o=t;o<r;++o)this[o]=e;else{var s=ye(e)?e:qe(new he(e,n).toString()),a=s.length;for(o=0;o<r-t;++o)this[o+t]=s[o%a]}return this};var Ke=/[^+\/0-9A-Za-z-_]/g;function Ve(e){return e<16?"0"+e.toString(16):e.toString(16)}function qe(e,t){var r;t=t||1/0;for(var n=e.length,i=null,o=[],s=0;s<n;++s){if((r=e.charCodeAt(s))>55295&&r<57344){if(!i){if(r>56319){(t-=3)>-1&&o.push(239,191,189);continue}if(s+1===n){(t-=3)>-1&&o.push(239,191,189);continue}i=r;continue}if(r<56320){(t-=3)>-1&&o.push(239,191,189),i=r;continue}r=65536+(i-55296<<10|r-56320)}else i&&(t-=3)>-1&&o.push(239,191,189);if(i=null,r<128){if((t-=1)<0)break;o.push(r)}else if(r<2048){if((t-=2)<0)break;o.push(r>>6|192,63&r|128)}else if(r<65536){if((t-=3)<0)break;o.push(r>>12|224,r>>6&63|128,63&r|128)}else{if(!(r<1114112))throw new Error("Invalid code point");if((t-=4)<0)break;o.push(r>>18|240,r>>12&63|128,r>>6&63|128,63&r|128)}}return o}function Je(e){return function(e){var t,r,n,i,o,s;Z||ee();var a=e.length;if(a%4>0)throw new Error("Invalid string. Length must be a multiple of 4");o="="===e[a-2]?2:"="===e[a-1]?1:0,s=new Q(3*a/4-o),n=o>0?a-4:a;var u=0;for(t=0,r=0;t<n;t+=4,r+=3)i=X[e.charCodeAt(t)]<<18|X[e.charCodeAt(t+1)]<<12|X[e.charCodeAt(t+2)]<<6|X[e.charCodeAt(t+3)],s[u++]=i>>16&255,s[u++]=i>>8&255,s[u++]=255&i;return 2===o?(i=X[e.charCodeAt(t)]<<2|X[e.charCodeAt(t+1)]>>4,s[u++]=255&i):1===o&&(i=X[e.charCodeAt(t)]<<10|X[e.charCodeAt(t+1)]<<4|X[e.charCodeAt(t+2)]>>2,s[u++]=i>>8&255,s[u++]=255&i),s}(function(e){if((e=function(e){return e.trim?e.trim():e.replace(/^\s+|\s+$/g,"")}(e).replace(Ke,"")).length<2)return"";for(;e.length%4!=0;)e+="=";return e}(e))}function We(e,t,r,n){for(var i=0;i<n&&!(i+r>=t.length||i>=e.length);++i)t[i+r]=e[i];return i}function $e(e){return!!e.constructor&&"function"==typeof e.constructor.isBuffer&&e.constructor.isBuffer(e)}var Ye=(e,r)=>{let n;try{n=e instanceof t.KeyObject?e.asymmetricKeyDetails?.modulusLength:he.from(e.n,"base64url").byteLength<<3}catch{}if("number"!=typeof n||n<2048)throw new TypeError(`${r} requires key modulusLength to be 2048 bits or larger`)};var ze=e=>e.d?t.createPrivateKey({format:"jwk",key:e}):t.createPublicKey({format:"jwk",key:e});async function Ge(e,t){if(!W(e))throw new TypeError("JWK must be an object");switch(t||=e.alg,e.kty){case"oct":if("string"!=typeof e.k||!e.k)throw new TypeError('missing "k" (Key Value) Parameter value');return _(e.k);case"RSA":if("oth"in e&&void 0!==e.oth)throw new A('RSA JWK "oth" (Other Primes Info) Parameter value is not supported');case"EC":case"OKP":return ze({...e,alg:t});default:throw new A('Unsupported "kty" (Key Type) Parameter value')}}const Xe=e=>e?.[Symbol.toStringTag],Qe=(e,t,r)=>{if(void 0!==t.use&&"sig"!==t.use)throw new TypeError("Invalid key for this operation, when present its use must be sig");if(void 0!==t.key_ops&&!0!==t.key_ops.includes?.(r))throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${r}`);if(void 0!==t.alg&&t.alg!==e)throw new TypeError(`Invalid key for this operation, when present its alg must be ${e}`);return!0},Ze=(e,t,r,n)=>{if(!(t instanceof Uint8Array)){if(n&&$(t)){if(function(e){return $(e)&&"oct"===e.kty&&"string"==typeof e.k}(t)&&Qe(e,t,r))return;throw new TypeError('JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present')}if(!V(t))throw new TypeError(K(e,t,...q,"Uint8Array",n?"JSON Web Key":null));if("secret"!==t.type)throw new TypeError(`${Xe(t)} instances for symmetric algorithms must be of type "secret"`)}};function et(e,t,r,n){t.startsWith("HS")||"dir"===t||t.startsWith("PBES2")||/^A\d{3}(?:GCM)?KW$/.test(t)?Ze(t,r,n,e):((e,t,r,n)=>{if(n&&$(t))switch(r){case"sign":if(function(e){return"oct"!==e.kty&&"string"==typeof e.d}(t)&&Qe(e,t,r))return;throw new TypeError("JSON Web Key for this operation be a private JWK");case"verify":if(function(e){return"oct"!==e.kty&&void 0===e.d}(t)&&Qe(e,t,r))return;throw new TypeError("JSON Web Key for this operation be a public JWK")}if(!V(t))throw new TypeError(K(e,t,...q,n?"JSON Web Key":null));if("secret"===t.type)throw new TypeError(`${Xe(t)} instances for asymmetric algorithms must not be of type "secret"`);if("sign"===r&&"public"===t.type)throw new TypeError(`${Xe(t)} instances for asymmetric algorithm signing must be of type "private"`);if("decrypt"===r&&"public"===t.type)throw new TypeError(`${Xe(t)} instances for asymmetric algorithm decryption must be of type "private"`);if(t.algorithm&&"verify"===r&&"private"===t.type)throw new TypeError(`${Xe(t)} instances for asymmetric algorithm verifying must be of type "public"`);if(t.algorithm&&"encrypt"===r&&"private"===t.type)throw new TypeError(`${Xe(t)} instances for asymmetric algorithm encryption must be of type "public"`)})(t,r,n,e)}et.bind(void 0,!1);const tt=et.bind(void 0,!0);function rt(e,t,r,n,i){if(void 0!==i.crit&&void 0===n?.crit)throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');if(!n||void 0===n.crit)return new Set;if(!Array.isArray(n.crit)||0===n.crit.length||n.crit.some(e=>"string"!=typeof e||0===e.length))throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');let o;o=void 0!==r?new Map([...Object.entries(r),...t.entries()]):t;for(const t of n.crit){if(!o.has(t))throw new A(`Extension Header Parameter "${t}" is not recognized`);if(void 0===i[t])throw new e(`Extension Header Parameter "${t}" is missing`);if(o.get(t)&&void 0===n[t])throw new e(`Extension Header Parameter "${t}" MUST be integrity protected`)}return new Set(n.crit)}var nt=(e,t)=>{if(void 0!==t&&(!Array.isArray(t)||t.some(e=>"string"!=typeof e)))throw new TypeError(`"${e}" option must be an array of strings`);if(t)return new Set(t)};var it=e=>{let r;if(D(e)){if(!e.extractable)throw new TypeError("CryptoKey is not extractable");r=t.KeyObject.from(e)}else{if(!U(e)){if(e instanceof Uint8Array)return{kty:"oct",k:w(e)};throw new TypeError(M(e,...q,"Uint8Array"))}r=e}if("secret"!==r.type&&!["rsa","ec","ed25519","x25519","ed448","x448"].includes(r.asymmetricKeyType))throw new A("Unsupported key asymmetricKeyType");return r.export({format:"jwk"})};async function ot(e){return it(e)}function st(e){switch(e){case"PS256":case"RS256":case"ES256":case"ES256K":return"sha256";case"PS384":case"RS384":case"ES384":return"sha384";case"PS512":case"RS512":case"ES512":return"sha512";case"Ed25519":case"EdDSA":return;default:throw new A(`alg ${e} is not supported either by JOSE or your javascript runtime`)}}const at=new Map([["ES256","P-256"],["ES256K","secp256k1"],["ES384","P-384"],["ES512","P-521"]]);function ut(e,r){let n,i,o,s;if(r instanceof t.KeyObject)n=r.asymmetricKeyType,i=r.asymmetricKeyDetails;else switch(o=!0,r.kty){case"RSA":n="rsa";break;case"EC":n="ec";break;case"OKP":if("Ed25519"===r.crv){n="ed25519";break}if("Ed448"===r.crv){n="ed448";break}throw new TypeError("Invalid key for this operation, its crv must be Ed25519 or Ed448");default:throw new TypeError("Invalid key for this operation, its kty must be RSA, OKP, or EC")}switch(e){case"Ed25519":if("ed25519"!==n)throw new TypeError("Invalid key for this operation, its asymmetricKeyType must be ed25519");break;case"EdDSA":if(!["ed25519","ed448"].includes(n))throw new TypeError("Invalid key for this operation, its asymmetricKeyType must be ed25519 or ed448");break;case"RS256":case"RS384":case"RS512":if("rsa"!==n)throw new TypeError("Invalid key for this operation, its asymmetricKeyType must be rsa");Ye(r,e);break;case"PS256":case"PS384":case"PS512":if("rsa-pss"===n){const{hashAlgorithm:t,mgf1HashAlgorithm:r,saltLength:n}=i,o=parseInt(e.slice(-3),10);if(void 0!==t&&(t!==`sha${o}`||r!==t))throw new TypeError(`Invalid key for this operation, its RSA-PSS parameters do not meet the requirements of "alg" ${e}`);if(void 0!==n&&n>o>>3)throw new TypeError(`Invalid key for this operation, its RSA-PSS parameter saltLength does not meet the requirements of "alg" ${e}`)}else if("rsa"!==n)throw new TypeError("Invalid key for this operation, its asymmetricKeyType must be rsa or rsa-pss");Ye(r,e),s={padding:t.constants.RSA_PKCS1_PSS_PADDING,saltLength:t.constants.RSA_PSS_SALTLEN_DIGEST};break;case"ES256":case"ES256K":case"ES384":case"ES512":{if("ec"!==n)throw new TypeError("Invalid key for this operation, its asymmetricKeyType must be ec");const t=Y(r),i=at.get(e);if(t!==i)throw new TypeError(`Invalid key curve for the algorithm, its curve must be ${i}, got ${t}`);s={dsaEncoding:"ieee-p1363"};break}default:throw new A(`alg ${e} is not supported either by JOSE or your javascript runtime`)}return o?{format:"jwk",key:r,...s}:s?{...s,key:r}:r}function ct(e,r,n){if(r instanceof Uint8Array){if(!e.startsWith("HS"))throw new TypeError(M(r,...q));return t.createSecretKey(r)}if(r instanceof t.KeyObject)return r;if(D(r))return B(r,e,n),t.KeyObject.from(r);if($(r))return e.startsWith("HS")?t.createSecretKey(he.from(r.k,"base64url")):r;throw new TypeError(M(r,...q,"Uint8Array","JSON Web Key"))}const ht=n.promisify(c.sign);var lt=async(e,t,r)=>{const n=ct(e,t,"sign");if(e.startsWith("HS")){const t=c.createHmac(function(e){switch(e){case"HS256":return"sha256";case"HS384":return"sha384";case"HS512":return"sha512";default:throw new A(`alg ${e} is not supported either by JOSE or your javascript runtime`)}}(e),n);return t.update(r),t.digest()}return ht(st(e),r,ut(e,n))};const ft=n.promisify(c.verify);var dt=async(e,t,r,n)=>{const i=ct(e,t,"verify");if(e.startsWith("HS")){const t=await lt(e,i,n),o=r;try{return c.timingSafeEqual(o,t)}catch{return!1}}const o=st(e),s=ut(e,i);try{return await ft(o,n,s,r)}catch{return!1}};async function pt(e,t,r){if(e instanceof Uint8Array&&(e=v.decode(e)),"string"!=typeof e)throw new x("Compact JWS must be a string or Uint8Array");const{0:n,1:i,2:o,length:s}=e.split(".");if(3!==s)throw new x("Invalid Compact JWS");const a=await async function(e,t,r){if(!W(e))throw new x("Flattened JWS must be an object");if(void 0===e.protected&&void 0===e.header)throw new x('Flattened JWS must have either of the "protected" or "header" members');if(void 0!==e.protected&&"string"!=typeof e.protected)throw new x("JWS Protected Header incorrect type");if(void 0===e.payload)throw new x("JWS Payload missing");if("string"!=typeof e.signature)throw new x("JWS Signature missing or incorrect type");if(void 0!==e.header&&!W(e.header))throw new x("JWS Unprotected Header incorrect type");let n={};if(e.protected)try{const t=_(e.protected);n=JSON.parse(v.decode(t))}catch{throw new x("JWS Protected Header is invalid")}if(!J(n,e.header))throw new x("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const i={...n,...e.header};let o=!0;if(rt(x,new Map([["b64",!0]]),r?.crit,n,i).has("b64")&&(o=n.b64,"boolean"!=typeof o))throw new x('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:s}=i;if("string"!=typeof s||!s)throw new x('JWS "alg" (Algorithm) Header Parameter missing or invalid');const a=r&&nt("algorithms",r.algorithms);if(a&&!a.has(s))throw new F('"alg" (Algorithm) Header Parameter value not allowed');if(o){if("string"!=typeof e.payload)throw new x("JWS Payload must be a string")}else if("string"!=typeof e.payload&&!(e.payload instanceof Uint8Array))throw new x("JWS Payload must be a string or an Uint8Array instance");let u=!1;"function"==typeof t?(t=await t(n,e),u=!0,tt(s,t,"verify"),$(t)&&(t=await Ge(t,s))):tt(s,t,"verify");const c=m(y.encode(e.protected??""),y.encode("."),"string"==typeof e.payload?y.encode(e.payload):e.payload);let h,l;try{h=_(e.signature)}catch{throw new x("Failed to base64url decode the signature")}if(!await dt(s,t,h,c))throw new C;if(o)try{l=_(e.payload)}catch{throw new x("Failed to base64url decode the payload")}else l="string"==typeof e.payload?y.encode(e.payload):e.payload;const f={payload:l};return void 0!==e.protected&&(f.protectedHeader=n),void 0!==e.header&&(f.unprotectedHeader=e.header),u?{...f,key:t}:f}({payload:i,protected:n,signature:o},t,r),u={payload:a.payload,protectedHeader:a.protectedHeader};return"function"==typeof t?{...u,key:a.key}:u}var gt=e=>Math.floor(e.getTime()/1e3);const yt=86400,vt=/^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i;var mt=e=>{const t=vt.exec(e);if(!t||t[4]&&t[1])throw new TypeError("Invalid time period format");const r=parseFloat(t[2]);let n;switch(t[3].toLowerCase()){case"sec":case"secs":case"second":case"seconds":case"s":n=Math.round(r);break;case"minute":case"minutes":case"min":case"mins":case"m":n=Math.round(60*r);break;case"hour":case"hours":case"hr":case"hrs":case"h":n=Math.round(3600*r);break;case"day":case"days":case"d":n=Math.round(r*yt);break;case"week":case"weeks":case"w":n=Math.round(604800*r);break;default:n=Math.round(31557600*r)}return"-"===t[1]||"ago"===t[4]?-n:n};const wt=e=>e.toLowerCase().replace(/^application\//,"");var _t=(e,t,r={})=>{let n;try{n=JSON.parse(v.decode(t))}catch{}if(!W(n))throw new k("JWT Claims Set must be a top-level JSON object");const{typ:i}=r;if(i&&("string"!=typeof e.typ||wt(e.typ)!==wt(i)))throw new b('unexpected "typ" JWT header value',n,"typ","check_failed");const{requiredClaims:o=[],issuer:s,subject:a,audience:u,maxTokenAge:c}=r,h=[...o];void 0!==c&&h.push("iat"),void 0!==u&&h.push("aud"),void 0!==a&&h.push("sub"),void 0!==s&&h.push("iss");for(const e of new Set(h.reverse()))if(!(e in n))throw new b(`missing required "${e}" claim`,n,e,"missing");if(s&&!(Array.isArray(s)?s:[s]).includes(n.iss))throw new b('unexpected "iss" claim value',n,"iss","check_failed");if(a&&n.sub!==a)throw new b('unexpected "sub" claim value',n,"sub","check_failed");if(u&&(l=n.aud,f="string"==typeof u?[u]:u,!("string"==typeof l?f.includes(l):Array.isArray(l)&&f.some(Set.prototype.has.bind(new Set(l))))))throw new b('unexpected "aud" claim value',n,"aud","check_failed");var l,f;let d;switch(typeof r.clockTolerance){case"string":d=mt(r.clockTolerance);break;case"number":d=r.clockTolerance;break;case"undefined":d=0;break;default:throw new TypeError("Invalid clockTolerance option type")}const{currentDate:p}=r,g=gt(p||new Date);if((void 0!==n.iat||c)&&"number"!=typeof n.iat)throw new b('"iat" claim must be a number',n,"iat","invalid");if(void 0!==n.nbf){if("number"!=typeof n.nbf)throw new b('"nbf" claim must be a number',n,"nbf","invalid");if(n.nbf>g+d)throw new b('"nbf" claim timestamp check failed',n,"nbf","check_failed")}if(void 0!==n.exp){if("number"!=typeof n.exp)throw new b('"exp" claim must be a number',n,"exp","invalid");if(n.exp<=g-d)throw new E('"exp" claim timestamp check failed',n,"exp","check_failed")}if(c){const e=g-n.iat;if(e-d>("number"==typeof c?c:mt(c)))throw new E('"iat" claim timestamp check failed (too far in the past)',n,"iat","check_failed");if(e<0-d)throw new b('"iat" claim timestamp check failed (it should be in the past)',n,"iat","check_failed")}return n};class St{_payload;_protectedHeader;_unprotectedHeader;constructor(e){if(!(e instanceof Uint8Array))throw new TypeError("payload must be an instance of Uint8Array");this._payload=e}setProtectedHeader(e){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=e,this}setUnprotectedHeader(e){if(this._unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this._unprotectedHeader=e,this}async sign(e,t){if(!this._protectedHeader&&!this._unprotectedHeader)throw new x("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");if(!J(this._protectedHeader,this._unprotectedHeader))throw new x("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const r={...this._protectedHeader,...this._unprotectedHeader};let n=!0;if(rt(x,new Map([["b64",!0]]),t?.crit,this._protectedHeader,r).has("b64")&&(n=this._protectedHeader.b64,"boolean"!=typeof n))throw new x('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:i}=r;if("string"!=typeof i||!i)throw new x('JWS "alg" (Algorithm) Header Parameter missing or invalid');tt(i,e,"sign");let o,s=this._payload;n&&(s=y.encode(w(s))),o=this._protectedHeader?y.encode(w(JSON.stringify(this._protectedHeader))):y.encode("");const a=m(o,y.encode("."),s),u=await lt(i,e,a),c={signature:w(u),payload:""};return n&&(c.payload=v.decode(s)),this._unprotectedHeader&&(c.header=this._unprotectedHeader),this._protectedHeader&&(c.protected=v.decode(o)),c}}class bt{_flattened;constructor(e){this._flattened=new St(e)}setProtectedHeader(e){return this._flattened.setProtectedHeader(e),this}async sign(e,t){const r=await this._flattened.sign(e,t);if(void 0===r.payload)throw new TypeError("use the flattened module for creating JWS with b64: false");return`${r.protected}.${r.payload}.${r.signature}`}}function Et(e,t){if(!Number.isFinite(t))throw new TypeError(`Invalid ${e} input`);return t}class Ft{_payload;constructor(e={}){if(!W(e))throw new TypeError("JWT Claims Set MUST be an object");this._payload=e}setIssuer(e){return this._payload={...this._payload,iss:e},this}setSubject(e){return this._payload={...this._payload,sub:e},this}setAudience(e){return this._payload={...this._payload,aud:e},this}setJti(e){return this._payload={...this._payload,jti:e},this}setNotBefore(e){return"number"==typeof e?this._payload={...this._payload,nbf:Et("setNotBefore",e)}:e instanceof Date?this._payload={...this._payload,nbf:Et("setNotBefore",gt(e))}:this._payload={...this._payload,nbf:gt(new Date)+mt(e)},this}setExpirationTime(e){return"number"==typeof e?this._payload={...this._payload,exp:Et("setExpirationTime",e)}:e instanceof Date?this._payload={...this._payload,exp:Et("setExpirationTime",gt(e))}:this._payload={...this._payload,exp:gt(new Date)+mt(e)},this}setIssuedAt(e){return void 0===e?this._payload={...this._payload,iat:gt(new Date)}:e instanceof Date?this._payload={...this._payload,iat:Et("setIssuedAt",gt(e))}:this._payload="string"==typeof e?{...this._payload,iat:Et("setIssuedAt",gt(new Date)+mt(e))}:{...this._payload,iat:Et("setIssuedAt",e)},this}}class At extends Ft{_protectedHeader;setProtectedHeader(e){return this._protectedHeader=e,this}async sign(e,t){const r=new bt(y.encode(JSON.stringify(this._payload)));if(r.setProtectedHeader(this._protectedHeader),Array.isArray(this._protectedHeader?.crit)&&this._protectedHeader.crit.includes("b64")&&!1===this._protectedHeader.b64)throw new k("JWTs MUST NOT use unencoded payload");return r.sign(e,t)}}function xt(e){return W(e)}function kt(e){return"function"==typeof structuredClone?structuredClone(e):JSON.parse(JSON.stringify(e))}class Pt{_jwks;_cached=new WeakMap;constructor(e){if(!function(e){return e&&"object"==typeof e&&Array.isArray(e.keys)&&e.keys.every(xt)}(e))throw new P("JSON Web Key Set malformed");this._jwks=kt(e)}async getKey(e,t){const{alg:r,kid:n}={...e,...t?.header},i=function(e){switch("string"==typeof e&&e.slice(0,2)){case"RS":case"PS":return"RSA";case"ES":return"EC";case"Ed":return"OKP";default:throw new A('Unsupported "alg" value for a JSON Web Key Set')}}(r),o=this._jwks.keys.filter(e=>{let t=i===e.kty;if(t&&"string"==typeof n&&(t=n===e.kid),t&&"string"==typeof e.alg&&(t=r===e.alg),t&&"string"==typeof e.use&&(t="sig"===e.use),t&&Array.isArray(e.key_ops)&&(t=e.key_ops.includes("verify")),t)switch(r){case"ES256":t="P-256"===e.crv;break;case"ES256K":t="secp256k1"===e.crv;break;case"ES384":t="P-384"===e.crv;break;case"ES512":t="P-521"===e.crv;break;case"Ed25519":t="Ed25519"===e.crv;break;case"EdDSA":t="Ed25519"===e.crv||"Ed448"===e.crv}return t}),{0:s,length:a}=o;if(0===a)throw new T;if(1!==a){const e=new I,{_cached:t}=this;throw e[Symbol.asyncIterator]=async function*(){for(const e of o)try{yield await Tt(t,e,r)}catch{}},e}return Tt(this._cached,s,r)}}async function Tt(e,t,r){const n=e.get(t)||e.set(t,{}).get(t);if(void 0===n[r]){const e=await Ge({...t,ext:!0},r);if(e instanceof Uint8Array||"public"!==e.type)throw new P("JSON Web Key Set members must be public keys");n[r]=e}return n[r]}function It(e){const t=new Pt(e),r=async(e,r)=>t.getKey(e,r);return Object.defineProperties(r,{jwks:{value:()=>kt(t._jwks),enumerable:!0,configurable:!1,writable:!1}}),r}var Rt=async(e,t,r)=>{let n;switch(e.protocol){case"https:":n=f.get;break;case"http:":n=l.get;break;default:throw new TypeError("Unsupported URL protocol.")}const{agent:i,headers:o}=r,a=n(e.href,{agent:i,timeout:t,headers:o}),[u]=await Promise.race([s.once(a,"response"),s.once(a,"timeout")]);if(!u)throw a.destroy(),new R;if(200!==u.statusCode)throw new S("Expected 200 OK from the JSON Web Key Set HTTP response");const c=[];for await(const e of u)c.push(e);try{return JSON.parse(v.decode(m(...c)))}catch{throw new S("Failed to parse the JSON Web Key Set HTTP response as JSON")}};let Ct;if("undefined"==typeof navigator||!navigator.userAgent?.startsWith?.("Mozilla/5.0 ")){Ct=`${"jose"}/${"v5.10.0"}`}const Ut=Symbol();class Lt{_url;_timeoutDuration;_cooldownDuration;_cacheMaxAge;_jwksTimestamp;_pendingFetch;_options;_local;_cache;constructor(e,t){if(!(e instanceof URL))throw new TypeError("url must be an instance of URL");var r,n;this._url=new URL(e.href),this._options={agent:t?.agent,headers:t?.headers},this._timeoutDuration="number"==typeof t?.timeoutDuration?t?.timeoutDuration:5e3,this._cooldownDuration="number"==typeof t?.cooldownDuration?t?.cooldownDuration:3e4,this._cacheMaxAge="number"==typeof t?.cacheMaxAge?t?.cacheMaxAge:6e5,void 0!==t?.[Ut]&&(this._cache=t?.[Ut],r=t?.[Ut],n=this._cacheMaxAge,"object"==typeof r&&null!==r&&"uat"in r&&"number"==typeof r.uat&&!(Date.now()-r.uat>=n)&&"jwks"in r&&W(r.jwks)&&Array.isArray(r.jwks.keys)&&Array.prototype.every.call(r.jwks.keys,W)&&(this._jwksTimestamp=this._cache.uat,this._local=It(this._cache.jwks)))}coolingDown(){return"number"==typeof this._jwksTimestamp&&Date.now()<this._jwksTimestamp+this._cooldownDuration}fresh(){return"number"==typeof this._jwksTimestamp&&Date.now()<this._jwksTimestamp+this._cacheMaxAge}async getKey(e,t){this._local&&this.fresh()||await this.reload();try{return await this._local(e,t)}catch(r){if(r instanceof T&&!1===this.coolingDown())return await this.reload(),this._local(e,t);throw r}}async reload(){this._pendingFetch&&("undefined"!=typeof WebSocketPair||"undefined"!=typeof navigator&&"Cloudflare-Workers"===navigator.userAgent||"undefined"!=typeof EdgeRuntime&&"vercel"===EdgeRuntime)&&(this._pendingFetch=void 0);const e=new Headers(this._options.headers);Ct&&!e.has("User-Agent")&&(e.set("User-Agent",Ct),this._options.headers=Object.fromEntries(e.entries())),this._pendingFetch||=Rt(this._url,this._timeoutDuration,this._options).then(e=>{this._local=It(e),this._cache&&(this._cache.uat=Date.now(),this._cache.jwks=e),this._jwksTimestamp=Date.now(),this._pendingFetch=void 0}).catch(e=>{throw this._pendingFetch=void 0,e}),await this._pendingFetch}}const Dt=n.promisify(t.generateKeyPair);async function Nt(e,t){return async function(e,t){switch(e){case"RS256":case"RS384":case"RS512":case"PS256":case"PS384":case"PS512":case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":case"RSA1_5":{const e=t?.modulusLength??2048;if("number"!=typeof e||e<2048)throw new A("Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used");return await Dt("rsa",{modulusLength:e,publicExponent:65537})}case"ES256":return Dt("ec",{namedCurve:"P-256"});case"ES256K":return Dt("ec",{namedCurve:"secp256k1"});case"ES384":return Dt("ec",{namedCurve:"P-384"});case"ES512":return Dt("ec",{namedCurve:"P-521"});case"Ed25519":return Dt("ed25519");case"EdDSA":switch(t?.crv){case void 0:case"Ed25519":return Dt("ed25519");case"Ed448":return Dt("ed448");default:throw new A("Invalid or unsupported crv option provided, supported values are Ed25519 and Ed448")}case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":{const e=t?.crv??"P-256";switch(e){case void 0:case"P-256":case"P-384":case"P-521":return Dt("ec",{namedCurve:e});case"X25519":return Dt("x25519");case"X448":return Dt("x448");default:throw new A("Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448")}}default:throw new A('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}}(e,t)}const Ot=[];for(let e=0;e<256;++e)Ot.push((e+256).toString(16).slice(1));let jt;const Bt=new Uint8Array(16);var Ht={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};function Mt(e,t,r){if(Ht.randomUUID&&!t&&!e)return Ht.randomUUID();const n=(e=e||{}).random??e.rng?.()??function(){if(!jt){if("undefined"==typeof crypto||!crypto.getRandomValues)throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");jt=crypto.getRandomValues.bind(crypto)}return jt(Bt)}();if(n.length<16)throw new Error("Random bytes length must be >= 16");if(n[6]=15&n[6]|64,n[8]=63&n[8]|128,t){if((r=r||0)<0||r+16>t.length)throw new RangeError(`UUID byte range ${r}:${r+15} is out of buffer bounds`);for(let e=0;e<16;++e)t[r+e]=n[e];return t}return function(e,t=0){return(Ot[e[t+0]]+Ot[e[t+1]]+Ot[e[t+2]]+Ot[e[t+3]]+"-"+Ot[e[t+4]]+Ot[e[t+5]]+"-"+Ot[e[t+6]]+Ot[e[t+7]]+"-"+Ot[e[t+8]]+Ot[e[t+9]]+"-"+Ot[e[t+10]]+Ot[e[t+11]]+Ot[e[t+12]]+Ot[e[t+13]]+Ot[e[t+14]]+Ot[e[t+15]]).toLowerCase()}(n)}const Kt="solidClientAuthn:",Vt=["ES256","RS256"],qt="error",Jt="login",Wt="logout",$t="newRefreshToken",Yt="sessionExpired",zt="sessionExtended",Gt="sessionRestore",Xt="timeoutSet",Qt=["openid","offline_access","webid"];class Zt{handleables;constructor(e){this.handleables=e,this.handleables=e}async getProperHandler(e){const t=await Promise.all(this.handleables.map(t=>t.canHandle(...e)));for(let e=0;e<t.length;e+=1)if(t[e])return this.handleables[e];return null}async canHandle(...e){return null!==await this.getProperHandler(e)}async handle(...e){const t=await this.getProperHandler(e);if(t)return t.handle(...e);throw new Error(`[${this.constructor.name}] cannot find a suitable handler for: ${e.map(e=>{try{return JSON.stringify(e)}catch(t){return e.toString()}}).join(", ")}`)}}async function er(e,t,r,n){let i,o;try{const{payload:o}=await async function(e,t,r){const n=await pt(e,t,r);if(n.protectedHeader.crit?.includes("b64")&&!1===n.protectedHeader.b64)throw new k("JWTs MUST NOT use unencoded payload");const i={payload:_t(n.protectedHeader,n.payload,r),protectedHeader:n.protectedHeader};return"function"==typeof t?{...i,key:n.key}:i}(e,function(e,t){const r=new Lt(e,t),n=async(e,t)=>r.getKey(e,t);return Object.defineProperties(n,{coolingDown:{get:()=>r.coolingDown(),enumerable:!0,configurable:!1},fresh:{get:()=>r.fresh(),enumerable:!0,configurable:!1},reload:{value:()=>r.reload(),enumerable:!0,configurable:!1,writable:!1},reloading:{get:()=>!!r._pendingFetch,enumerable:!0,configurable:!1},jwks:{value:()=>r._local?.jwks(),enumerable:!0,configurable:!1,writable:!1}}),n}(new URL(t)),{issuer:r,audience:n});i=o}catch(e){throw new Error(`Token verification failed: ${e.stack}`)}if("string"==typeof i.azp&&(o=i.azp),"string"==typeof i.webid)return{webId:i.webid,clientId:o};if("string"!=typeof i.sub)throw new Error(`The token ${JSON.stringify(i)} is invalid: it has no 'webid' claim and no 'sub' claim.`);try{return new URL(i.sub),{webId:i.sub,clientId:o}}catch(e){throw new Error(`The token has no 'webid' claim, and its 'sub' claim of [${i.sub}] is invalid as a URL - error [${e}].`)}}function tr(e){try{const t=new URL(e),r=!t.searchParams.has("code")&&!t.searchParams.has("state"),n=""===t.hash;return r&&n}catch(e){return!1}}function rr(e){const t=new URL(e);return t.searchParams.delete("state"),t.searchParams.delete("code"),t.searchParams.delete("error"),t.searchParams.delete("error_description"),t.searchParams.delete("iss"),t}class nr{storageUtility;redirector;constructor(e,t){this.storageUtility=e,this.redirector=t,this.storageUtility=e,this.redirector=t}parametersGuard=e=>void 0!==e.issuerConfiguration.grantTypesSupported&&e.issuerConfiguration.grantTypesSupported.indexOf("authorization_code")>-1&&void 0!==e.redirectUrl;async canHandle(e){return this.parametersGuard(e)}async setupRedirectHandler({oidcLoginOptions:e,state:t,codeVerifier:r,targetUrl:n}){if(!this.parametersGuard(e))throw new Error("The authorization code grant requires a redirectUrl.");var i,o;await Promise.all([this.storageUtility.setForUser(t,{sessionId:e.sessionId}),this.storageUtility.setForUser(e.sessionId,{codeVerifier:r,issuer:e.issuer.toString(),redirectUrl:e.redirectUrl,dpop:Boolean(e.dpop).toString(),keepAlive:(i=e.keepAlive,o=!0,"boolean"==typeof i?Boolean(i):Boolean(o)).toString()})]),this.redirector.redirect(n,{handleRedirect:e.handleRedirect})}}class ir{sessionInfoManager;constructor(e){this.sessionInfoManager=e,this.sessionInfoManager=e}async canHandle(){return!0}async handle(e){await this.sessionInfoManager.clear(e)}}class or{redirector;constructor(e){this.redirector=e,this.redirector=e}async canHandle(e,t){return"idp"===t?.logoutType}async handle(e,t){if("idp"!==t?.logoutType)throw new Error("Attempting to call idp logout handler to perform app logout");if(void 0===t.toLogoutUrl)throw new Error("Cannot perform IDP logout. Did you log in using the OIDC authentication flow?");this.redirector.redirect(t.toLogoutUrl(t),{handleRedirect:t.handleRedirect})}}class sr{handlers;constructor(e,t){this.handlers=[new ir(e),new or(t)]}async canHandle(){return!0}async handle(e,t){for(const r of this.handlers)await r.canHandle(e,t)&&await r.handle(e,t)}}function ar(){return{isLoggedIn:!1,sessionId:Mt(),fetch:(...e)=>fetch(...e)}}async function ur(e,t){await Promise.all([t.deleteAllUserData(e,{secure:!1}),t.deleteAllUserData(e,{secure:!0})])}class cr{storageUtility;constructor(e){this.storageUtility=e,this.storageUtility=e}update(e,t){throw new Error("Not Implemented")}set(e,t){throw new Error("Not Implemented")}get(e){throw new Error("Not implemented")}async getAll(){throw new Error("Not implemented")}async clear(e){return ur(e,this.storageUtility)}async register(e){throw new Error("Not implemented")}async getRegisteredSessionIdAll(){throw new Error("Not implemented")}async clearAll(){throw new Error("Not implemented")}async setOidcContext(e,t){throw new Error("Not implemented")}}function hr({endSessionEndpoint:e,idTokenHint:t}){if(void 0!==e)return function({state:r,postLogoutUrl:n}){return function({endSessionEndpoint:e,idTokenHint:t,postLogoutRedirectUri:r,state:n}){const i=new URL(e);return void 0!==t&&i.searchParams.append("id_token_hint",t),void 0!==r&&(i.searchParams.append("post_logout_redirect_uri",r),void 0!==n&&i.searchParams.append("state",n)),i.toString()}({endSessionEndpoint:e,idTokenHint:t,state:r,postLogoutRedirectUri:n})}}function lr(e){try{return new URL(e),!0}catch{return!1}}async function fr(e,t,r,n){let i;if(function(e,t){return t.scopesSupported.includes("webid")&&void 0!==e.clientId&&lr(e.clientId)}(e,t))i={clientId:e.clientId,clientName:e.clientName,clientType:"solid-oidc"};else{if(!function(e){return void 0!==e.clientId&&!lr(e.clientId)}(e))return n.getClient({sessionId:e.sessionId,clientName:e.clientName,redirectUrl:e.redirectUrl},t);i={clientId:e.clientId,clientSecret:e.clientSecret,clientName:e.clientName,clientType:"static"}}const o={clientId:i.clientId,clientType:i.clientType};return"static"===i.clientType&&(o.clientSecret=i.clientSecret),i.clientName&&(o.clientName=i.clientName),await r.setForUser(e.sessionId,o),i}const dr=(e,t)=>fetch(e,t);class pr{loginHandler;redirectHandler;logoutHandler;sessionInfoManager;issuerConfigFetcher;boundLogout;constructor(e,t,r,n,i){this.loginHandler=e,this.redirectHandler=t,this.logoutHandler=r,this.sessionInfoManager=n,this.issuerConfigFetcher=i,this.loginHandler=e,this.redirectHandler=t,this.logoutHandler=r,this.sessionInfoManager=n,this.issuerConfigFetcher=i}fetch=dr;logout=async(e,t)=>{await this.logoutHandler.handle(e,"idp"===t?.logoutType?{...t,toLogoutUrl:this.boundLogout}:t),this.fetch=dr,delete this.boundLogout};getSessionInfo=async e=>this.sessionInfoManager.get(e);getAllSessionInfo=async()=>this.sessionInfoManager.getAll()}async function gr(e,t,r){try{const[n,i,o,s,a]=await Promise.all([t.getForUser(e,"issuer",{errorIfNull:!0}),t.getForUser(e,"codeVerifier"),t.getForUser(e,"redirectUrl"),t.getForUser(e,"dpop",{errorIfNull:!0}),t.getForUser(e,"keepAlive")]);await t.deleteForUser(e,"codeVerifier");return{codeVerifier:i,redirectUrl:o,issuerConfig:await r.fetchConfig(n),dpop:"true"===s,keepAlive:"string"!=typeof a||"true"===a}}catch(t){throw new Error(`Failed to retrieve OIDC context from storage associated with session [${e}]: ${t}`)}}class yr{secureStorage;insecureStorage;constructor(e,t){this.secureStorage=e,this.insecureStorage=t,this.secureStorage=e,this.insecureStorage=t}getKey(e){return`solidClientAuthenticationUser:${e}`}async getUserData(e,t){const r=await(t?this.secureStorage:this.insecureStorage).get(this.getKey(e));if(void 0===r)return{};try{return JSON.parse(r)}catch(n){throw new Error(`Data for user [${e}] in [${t?"secure":"unsecure"}] storage is corrupted - expected valid JSON, but got: ${r}`)}}async setUserData(e,t,r){await(r?this.secureStorage:this.insecureStorage).set(this.getKey(e),JSON.stringify(t))}async get(e,t){const r=await(t?.secure?this.secureStorage:this.insecureStorage).get(e);if(void 0===r&&t?.errorIfNull)throw new Error(`[${e}] is not stored`);return r}async set(e,t,r){return(r?.secure?this.secureStorage:this.insecureStorage).set(e,t)}async delete(e,t){return(t?.secure?this.secureStorage:this.insecureStorage).delete(e)}async getForUser(e,t,r){const n=await this.getUserData(e,r?.secure);let i;if(n&&n[t]||(i=void 0),i=n[t],void 0===i&&r?.errorIfNull)throw new Error(`Field [${t}] for user [${e}] is not stored`);return i||void 0}async setForUser(e,t,r){let n;try{n=await this.getUserData(e,r?.secure)}catch{n={}}await this.setUserData(e,{...n,...t},r?.secure)}async deleteForUser(e,t,r){const n=await this.getUserData(e,r?.secure);delete n[t],await this.setUserData(e,n,r?.secure)}async deleteAllUserData(e,t){await(t?.secure?this.secureStorage:this.insecureStorage).delete(this.getKey(e))}}class vr{map={};async get(e){return this.map[e]||void 0}async set(e,t){this.map[e]=t}async delete(e){delete this.map[e]}}class mr extends Error{constructor(e){super(e)}}class wr extends Error{missingFields;constructor(e){super(`Invalid response from OIDC provider: missing fields ${e}`),this.missingFields=e}}class _r extends Error{error;errorDescription;constructor(e,t,r){super(e),this.error=t,this.errorDescription=r}}function Sr(e){const t=new URL(e);return new URL(t.pathname,t.origin).toString()}async function br(e,t,r){return new At({htu:Sr(e),htm:t.toUpperCase(),jti:Mt()}).setProtectedHeader({alg:Vt[0],jwk:r.publicKey,typ:"dpop+jwt"}).setIssuedAt().sign(r.privateKey,{})}async function Er(e,t,r,n){if(void 0!==r)return async function(e,t,r,n){const i=new Headers(n?.headers);return i.set("Authorization",`DPoP ${t}`),i.set("DPoP",await br(e,n?.method??"get",r)),{...n,headers:i}}(e,t,r,n);const i=new Headers(n?.headers);return i.set("Authorization",`Bearer ${t}`),{...n,headers:i}}async function Fr(e,t,r,n,i=fetch){return i(t,await Er(t.toString(),e,n,r))}const Ar=e=>void 0!==e?e-5>0?e-5:e:600;function xr(e,t){let r,n=e;const i=t?.refreshOptions;if(void 0!==i){const e=async()=>{try{const{accessToken:o,refreshToken:s,expiresIn:a}=await async function(e,t,r){const n=await e.tokenRefresher.refresh(e.sessionId,e.refreshToken,t);return r?.emit(zt,n.expiresIn??600),{accessToken:n.accessToken,refreshToken:n.refreshToken,expiresIn:n.expiresIn}}(i,t.dpopKey,t.eventEmitter);n=o,void 0!==s&&(i.refreshToken=s),clearTimeout(r),r=setTimeout(e,1e3*Ar(a)),t.eventEmitter?.emit(Xt,r)}catch(e){e instanceof _r&&(t?.eventEmitter?.emit(qt,e.error,e.errorDescription),t?.eventEmitter?.emit(Yt)),e instanceof wr&&e.missingFields.includes("access_token")&&t?.eventEmitter?.emit(Yt)}};r=setTimeout(e,1e3*Ar(t.expiresIn)),t.eventEmitter?.emit(Xt,r)}else if(void 0!==t&&void 0!==t.eventEmitter){const e=setTimeout(()=>{t.eventEmitter.emit(Yt)},1e3*Ar(t.expiresIn));t.eventEmitter.emit(Xt,e)}return async(e,r)=>{let i=await Fr(n,e,r,t?.dpopKey,t?.fetch);const o=!i.ok&&(s=i.status,![401,403].includes(s));var s;if(i.ok||o)return i;return i.url!==e&&void 0!==t?.dpopKey&&(i=await Fr(n,i.url,r,t.dpopKey,t.fetch)),i}}function kr(){}function Pr(){Pr.init.call(this)}function Tr(e){return void 0===e._maxListeners?Pr.defaultMaxListeners:e._maxListeners}function Ir(e,t,r,n){var i,o,s,a;if("function"!=typeof r)throw new TypeError('"listener" argument must be a function');if((o=e._events)?(o.newListener&&(e.emit("newListener",t,r.listener?r.listener:r),o=e._events),s=o[t]):(o=e._events=new kr,e._eventsCount=0),s){if("function"==typeof s?s=o[t]=n?[r,s]:[s,r]:n?s.unshift(r):s.push(r),!s.warned&&(i=Tr(e))&&i>0&&s.length>i){s.warned=!0;var u=new Error("Possible EventEmitter memory leak detected. "+s.length+" "+t+" listeners added. Use emitter.setMaxListeners() to increase limit");u.name="MaxListenersExceededWarning",u.emitter=e,u.type=t,u.count=s.length,a=u,"function"==typeof console.warn?console.warn(a):console.log(a)}}else s=o[t]=r,++e._eventsCount;return e}function Rr(e,t,r){var n=!1;function i(){e.removeListener(t,i),n||(n=!0,r.apply(e,arguments))}return i.listener=r,i}function Cr(e){var t=this._events;if(t){var r=t[e];if("function"==typeof r)return 1;if(r)return r.length}return 0}function Ur(e,t){for(var r=new Array(t);t--;)r[t]=e[t];return r}function Lr(e){return e&&e.__esModule&&Object.prototype.hasOwnProperty.call(e,"default")?e.default:e}kr.prototype=Object.create(null),Pr.EventEmitter=Pr,Pr.usingDomains=!1,Pr.prototype.domain=void 0,Pr.prototype._events=void 0,Pr.prototype._maxListeners=void 0,Pr.defaultMaxListeners=10,Pr.init=function(){this.domain=null,Pr.usingDomains&&undefined.active,this._events&&this._events!==Object.getPrototypeOf(this)._events||(this._events=new kr,this._eventsCount=0),this._maxListeners=this._maxListeners||void 0},Pr.prototype.setMaxListeners=function(e){if("number"!=typeof e||e<0||isNaN(e))throw new TypeError('"n" argument must be a positive number');return this._maxListeners=e,this},Pr.prototype.getMaxListeners=function(){return Tr(this)},Pr.prototype.emit=function(e){var t,r,n,i,o,s,a,u="error"===e;if(s=this._events)u=u&&null==s.error;else if(!u)return!1;if(a=this.domain,u){if(t=arguments[1],!a){if(t instanceof Error)throw t;var c=new Error('Uncaught, unspecified "error" event. ('+t+")");throw c.context=t,c}return t||(t=new Error('Uncaught, unspecified "error" event')),t.domainEmitter=this,t.domain=a,t.domainThrown=!1,a.emit("error",t),!1}if(!(r=s[e]))return!1;var h="function"==typeof r;switch(n=arguments.length){case 1:!function(e,t,r){if(t)e.call(r);else for(var n=e.length,i=Ur(e,n),o=0;o<n;++o)i[o].call(r)}(r,h,this);break;case 2:!function(e,t,r,n){if(t)e.call(r,n);else for(var i=e.length,o=Ur(e,i),s=0;s<i;++s)o[s].call(r,n)}(r,h,this,arguments[1]);break;case 3:!function(e,t,r,n,i){if(t)e.call(r,n,i);else for(var o=e.length,s=Ur(e,o),a=0;a<o;++a)s[a].call(r,n,i)}(r,h,this,arguments[1],arguments[2]);break;case 4:!function(e,t,r,n,i,o){if(t)e.call(r,n,i,o);else for(var s=e.length,a=Ur(e,s),u=0;u<s;++u)a[u].call(r,n,i,o)}(r,h,this,arguments[1],arguments[2],arguments[3]);break;default:for(i=new Array(n-1),o=1;o<n;o++)i[o-1]=arguments[o];!function(e,t,r,n){if(t)e.apply(r,n);else for(var i=e.length,o=Ur(e,i),s=0;s<i;++s)o[s].apply(r,n)}(r,h,this,i)}return!0},Pr.prototype.addListener=function(e,t){return Ir(this,e,t,!1)},Pr.prototype.on=Pr.prototype.addListener,Pr.prototype.prependListener=function(e,t){return Ir(this,e,t,!0)},Pr.prototype.once=function(e,t){if("function"!=typeof t)throw new TypeError('"listener" argument must be a function');return this.on(e,Rr(this,e,t)),this},Pr.prototype.prependOnceListener=function(e,t){if("function"!=typeof t)throw new TypeError('"listener" argument must be a function');return this.prependListener(e,Rr(this,e,t)),this},Pr.prototype.removeListener=function(e,t){var r,n,i,o,s;if("function"!=typeof t)throw new TypeError('"listener" argument must be a function');if(!(n=this._events))return this;if(!(r=n[e]))return this;if(r===t||r.listener&&r.listener===t)0===--this._eventsCount?this._events=new kr:(delete n[e],n.removeListener&&this.emit("removeListener",e,r.listener||t));else if("function"!=typeof r){for(i=-1,o=r.length;o-- >0;)if(r[o]===t||r[o].listener&&r[o].listener===t){s=r[o].listener,i=o;break}if(i<0)return this;if(1===r.length){if(r[0]=void 0,0===--this._eventsCount)return this._events=new kr,this;delete n[e]}else!function(e,t){for(var r=t,n=r+1,i=e.length;n<i;r+=1,n+=1)e[r]=e[n];e.pop()}(r,i);n.removeListener&&this.emit("removeListener",e,s||t)}return this},Pr.prototype.off=function(e,t){return this.removeListener(e,t)},Pr.prototype.removeAllListeners=function(e){var t,r;if(!(r=this._events))return this;if(!r.removeListener)return 0===arguments.length?(this._events=new kr,this._eventsCount=0):r[e]&&(0===--this._eventsCount?this._events=new kr:delete r[e]),this;if(0===arguments.length){for(var n,i=Object.keys(r),o=0;o<i.length;++o)"removeListener"!==(n=i[o])&&this.removeAllListeners(n);return this.removeAllListeners("removeListener"),this._events=new kr,this._eventsCount=0,this}if("function"==typeof(t=r[e]))this.removeListener(e,t);else if(t)do{this.removeListener(e,t[t.length-1])}while(t[0]);return this},Pr.prototype.listeners=function(e){var t,r=this._events;return r&&(t=r[e])?"function"==typeof t?[t.listener||t]:function(e){for(var t=new Array(e.length),r=0;r<t.length;++r)t[r]=e[r].listener||e[r];return t}(t):[]},Pr.listenerCount=function(e,t){return"function"==typeof e.listenerCount?e.listenerCount(t):Cr.call(e,t)},Pr.prototype.listenerCount=Cr,Pr.prototype.eventNames=function(){return this._eventsCount>0?Reflect.ownKeys(this._events):[]};var Dr,Nr={exports:{}};var Or=(Dr||(Dr=1,function(e){var t;t=function(){return function(e){var t={};function r(n){if(t[n])return t[n].exports;var i=t[n]={i:n,l:!1,exports:{}};return e[n].call(i.exports,i,i.exports,r),i.l=!0,i.exports}return r.m=e,r.c=t,r.d=function(e,t,n){r.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:n})},r.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r.t=function(e,t){if(1&t&&(e=r(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var n=Object.create(null);if(r.r(n),Object.defineProperty(n,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var i in e)r.d(n,i,function(t){return e[t]}.bind(null,i));return n},r.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return r.d(t,"a",t),t},r.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},r.p="",r(r.s=22)}([function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0});var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i={debug:function(){},info:function(){},warn:function(){},error:function(){}},o=void 0,s=void 0;(t.Log=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.reset=function(){s=3,o=i},e.debug=function(){if(s>=4){for(var e=arguments.length,t=Array(e),r=0;r<e;r++)t[r]=arguments[r];o.debug.apply(o,Array.from(t))}},e.info=function(){if(s>=3){for(var e=arguments.length,t=Array(e),r=0;r<e;r++)t[r]=arguments[r];o.info.apply(o,Array.from(t))}},e.warn=function(){if(s>=2){for(var e=arguments.length,t=Array(e),r=0;r<e;r++)t[r]=arguments[r];o.warn.apply(o,Array.from(t))}},e.error=function(){if(s>=1){for(var e=arguments.length,t=Array(e),r=0;r<e;r++)t[r]=arguments[r];o.error.apply(o,Array.from(t))}},n(e,null,[{key:"NONE",get:function(){return 0}},{key:"ERROR",get:function(){return 1}},{key:"WARN",get:function(){return 2}},{key:"INFO",get:function(){return 3}},{key:"DEBUG",get:function(){return 4}},{key:"level",get:function(){return s},set:function(e){if(!(0<=e&&e<=4))throw new Error("Invalid log level");s=e}},{key:"logger",get:function(){return o},set:function(e){if(!e.debug&&e.info&&(e.debug=e.info),!(e.debug&&e.info&&e.warn&&e.error))throw new Error("Invalid logger");o=e}}]),e}()).reset()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0});var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i={setInterval:function(e){function t(t,r){return e.apply(this,arguments)}return t.toString=function(){return e.toString()},t}(function(e,t){return setInterval(e,t)}),clearInterval:function(e){function t(t){return e.apply(this,arguments)}return t.toString=function(){return e.toString()},t}(function(e){return clearInterval(e)})},o=!1,s=null;t.Global=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e._testing=function(){o=!0},e.setXMLHttpRequest=function(e){s=e},n(e,null,[{key:"location",get:function(){if(!o)return location}},{key:"localStorage",get:function(){if(!o&&"undefined"!=typeof window)return localStorage}},{key:"sessionStorage",get:function(){if(!o&&"undefined"!=typeof window)return sessionStorage}},{key:"XMLHttpRequest",get:function(){if(!o&&"undefined"!=typeof window)return s||XMLHttpRequest}},{key:"timer",get:function(){if(!o)return i}}]),e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.MetadataService=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0),o=r(7),s=".well-known/openid-configuration";t.MetadataService=function(){function e(t){var r=arguments.length>1&&void 0!==arguments[1]?arguments[1]:o.JsonService;if(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),!t)throw i.Log.error("MetadataService: No settings passed to MetadataService"),new Error("settings");this._settings=t,this._jsonService=new r(["application/jwk-set+json"])}return e.prototype.resetSigningKeys=function(){this._settings=this._settings||{},this._settings.signingKeys=void 0},e.prototype.getMetadata=function(){var e=this;return this._settings.metadata?(i.Log.debug("MetadataService.getMetadata: Returning metadata from settings"),Promise.resolve(this._settings.metadata)):this.metadataUrl?(i.Log.debug("MetadataService.getMetadata: getting metadata from",this.metadataUrl),this._jsonService.getJson(this.metadataUrl).then(function(t){i.Log.debug("MetadataService.getMetadata: json received");var r=e._settings.metadataSeed||{};return e._settings.metadata=Object.assign({},r,t),e._settings.metadata})):(i.Log.error("MetadataService.getMetadata: No authority or metadataUrl configured on settings"),Promise.reject(new Error("No authority or metadataUrl configured on settings")))},e.prototype.getIssuer=function(){return this._getMetadataProperty("issuer")},e.prototype.getAuthorizationEndpoint=function(){return this._getMetadataProperty("authorization_endpoint")},e.prototype.getUserInfoEndpoint=function(){return this._getMetadataProperty("userinfo_endpoint")},e.prototype.getTokenEndpoint=function(){var e=!(arguments.length>0&&void 0!==arguments[0])||arguments[0];return this._getMetadataProperty("token_endpoint",e)},e.prototype.getCheckSessionIframe=function(){return this._getMetadataProperty("check_session_iframe",!0)},e.prototype.getEndSessionEndpoint=function(){return this._getMetadataProperty("end_session_endpoint",!0)},e.prototype.getRevocationEndpoint=function(){return this._getMetadataProperty("revocation_endpoint",!0)},e.prototype.getKeysEndpoint=function(){return this._getMetadataProperty("jwks_uri",!0)},e.prototype._getMetadataProperty=function(e){var t=arguments.length>1&&void 0!==arguments[1]&&arguments[1];return i.Log.debug("MetadataService.getMetadataProperty for: "+e),this.getMetadata().then(function(r){if(i.Log.debug("MetadataService.getMetadataProperty: metadata recieved"),void 0===r[e]){if(!0===t)return void i.Log.warn("MetadataService.getMetadataProperty: Metadata does not contain optional property "+e);throw i.Log.error("MetadataService.getMetadataProperty: Metadata does not contain property "+e),new Error("Metadata does not contain property "+e)}return r[e]})},e.prototype.getSigningKeys=function(){var e=this;return this._settings.signingKeys?(i.Log.debug("MetadataService.getSigningKeys: Returning signingKeys from settings"),Promise.resolve(this._settings.signingKeys)):this._getMetadataProperty("jwks_uri").then(function(t){return i.Log.debug("MetadataService.getSigningKeys: jwks_uri received",t),e._jsonService.getJson(t).then(function(t){if(i.Log.debug("MetadataService.getSigningKeys: key set received",t),!t.keys)throw i.Log.error("MetadataService.getSigningKeys: Missing keys on keyset"),new Error("Missing keys on keyset");return e._settings.signingKeys=t.keys,e._settings.signingKeys})})},n(e,[{key:"metadataUrl",get:function(){return this._metadataUrl||(this._settings.metadataUrl?this._metadataUrl=this._settings.metadataUrl:(this._metadataUrl=this._settings.authority,this._metadataUrl&&this._metadataUrl.indexOf(s)<0&&("/"!==this._metadataUrl[this._metadataUrl.length-1]&&(this._metadataUrl+="/"),this._metadataUrl+=s))),this._metadataUrl}}]),e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.UrlUtility=void 0;var n=r(0),i=r(1);t.UrlUtility=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.addQueryParam=function(e,t,r){return e.indexOf("?")<0&&(e+="?"),"?"!==e[e.length-1]&&(e+="&"),e+=encodeURIComponent(t),(e+="=")+encodeURIComponent(r)},e.parseUrlFragment=function(e){var t=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"#",r=arguments.length>2&&void 0!==arguments[2]?arguments[2]:i.Global;"string"!=typeof e&&(e=r.location.href);var o=e.lastIndexOf(t);o>=0&&(e=e.substr(o+1)),"?"===t&&(o=e.indexOf("#"))>=0&&(e=e.substr(0,o));for(var s,a={},u=/([^&=]+)=([^&]*)/g,c=0;s=u.exec(e);)if(a[decodeURIComponent(s[1])]=decodeURIComponent(s[2].replace(/\+/g," ")),c++>50)return n.Log.error("UrlUtility.parseUrlFragment: response exceeded expected number of parameters",e),{error:"Response exceeded expected number of parameters"};for(var h in a)return a;return{}},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.JoseUtil=void 0;var n=r(26),i=function(e){return e&&e.__esModule?e:{default:e}}(r(33));t.JoseUtil=(0,i.default)({jws:n.jws,KeyUtil:n.KeyUtil,X509:n.X509,crypto:n.crypto,hextob64u:n.hextob64u,b64tohex:n.b64tohex,AllowedSigningAlgs:n.AllowedSigningAlgs})},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.OidcClientSettings=void 0;var n="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},i=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),o=r(0),s=r(23),a=r(6),u=r(24),c=r(2),h=".well-known/openid-configuration";t.OidcClientSettings=function(){function e(){var t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},r=t.authority,i=t.metadataUrl,o=t.metadata,h=t.signingKeys,l=t.metadataSeed,f=t.client_id,d=t.client_secret,p=t.response_type,g=void 0===p?"id_token":p,y=t.scope,v=void 0===y?"openid":y,m=t.redirect_uri,w=t.post_logout_redirect_uri,_=t.client_authentication,S=void 0===_?"client_secret_post":_,b=t.prompt,E=t.display,F=t.max_age,A=t.ui_locales,x=t.acr_values,k=t.resource,P=t.response_mode,T=t.filterProtocolClaims,I=void 0===T||T,R=t.loadUserInfo,C=void 0===R||R,U=t.staleStateAge,L=void 0===U?900:U,D=t.clockSkew,N=void 0===D?300:D,O=t.clockService,j=void 0===O?new s.ClockService:O,B=t.userInfoJwtIssuer,H=void 0===B?"OP":B,M=t.mergeClaims,K=void 0!==M&&M,V=t.stateStore,q=void 0===V?new a.WebStorageStateStore:V,J=t.ResponseValidatorCtor,W=void 0===J?u.ResponseValidator:J,$=t.MetadataServiceCtor,Y=void 0===$?c.MetadataService:$,z=t.extraQueryParams,G=void 0===z?{}:z,X=t.extraTokenParams,Q=void 0===X?{}:X;(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")})(this,e),this._authority=r,this._metadataUrl=i,this._metadata=o,this._metadataSeed=l,this._signingKeys=h,this._client_id=f,this._client_secret=d,this._response_type=g,this._scope=v,this._redirect_uri=m,this._post_logout_redirect_uri=w,this._client_authentication=S,this._prompt=b,this._display=E,this._max_age=F,this._ui_locales=A,this._acr_values=x,this._resource=k,this._response_mode=P,this._filterProtocolClaims=!!I,this._loadUserInfo=!!C,this._staleStateAge=L,this._clockSkew=N,this._clockService=j,this._userInfoJwtIssuer=H,this._mergeClaims=!!K,this._stateStore=q,this._validator=new W(this),this._metadataService=new Y(this),this._extraQueryParams="object"===(void 0===G?"undefined":n(G))?G:{},this._extraTokenParams="object"===(void 0===Q?"undefined":n(Q))?Q:{}}return e.prototype.getEpochTime=function(){return this._clockService.getEpochTime()},i(e,[{key:"client_id",get:function(){return this._client_id},set:function(e){if(this._client_id)throw o.Log.error("OidcClientSettings.set_client_id: client_id has already been assigned."),new Error("client_id has already been assigned.");this._client_id=e}},{key:"client_secret",get:function(){return this._client_secret}},{key:"response_type",get:function(){return this._response_type}},{key:"scope",get:function(){return this._scope}},{key:"redirect_uri",get:function(){return this._redirect_uri}},{key:"post_logout_redirect_uri",get:function(){return this._post_logout_redirect_uri}},{key:"client_authentication",get:function(){return this._client_authentication}},{key:"prompt",get:function(){return this._prompt}},{key:"display",get:function(){return this._display}},{key:"max_age",get:function(){return this._max_age}},{key:"ui_locales",get:function(){return this._ui_locales}},{key:"acr_values",get:function(){return this._acr_values}},{key:"resource",get:function(){return this._resource}},{key:"response_mode",get:function(){return this._response_mode}},{key:"authority",get:function(){return this._authority},set:function(e){if(this._authority)throw o.Log.error("OidcClientSettings.set_authority: authority has already been assigned."),new Error("authority has already been assigned.");this._authority=e}},{key:"metadataUrl",get:function(){return this._metadataUrl||(this._metadataUrl=this.authority,this._metadataUrl&&this._metadataUrl.indexOf(h)<0&&("/"!==this._metadataUrl[this._metadataUrl.length-1]&&(this._metadataUrl+="/"),this._metadataUrl+=h)),this._metadataUrl}},{key:"metadata",get:function(){return this._metadata},set:function(e){this._metadata=e}},{key:"metadataSeed",get:function(){return this._metadataSeed},set:function(e){this._metadataSeed=e}},{key:"signingKeys",get:function(){return this._signingKeys},set:function(e){this._signingKeys=e}},{key:"filterProtocolClaims",get:function(){return this._filterProtocolClaims}},{key:"loadUserInfo",get:function(){return this._loadUserInfo}},{key:"staleStateAge",get:function(){return this._staleStateAge}},{key:"clockSkew",get:function(){return this._clockSkew}},{key:"userInfoJwtIssuer",get:function(){return this._userInfoJwtIssuer}},{key:"mergeClaims",get:function(){return this._mergeClaims}},{key:"stateStore",get:function(){return this._stateStore}},{key:"validator",get:function(){return this._validator}},{key:"metadataService",get:function(){return this._metadataService}},{key:"extraQueryParams",get:function(){return this._extraQueryParams},set:function(e){"object"===(void 0===e?"undefined":n(e))?this._extraQueryParams=e:this._extraQueryParams={}}},{key:"extraTokenParams",get:function(){return this._extraTokenParams},set:function(e){"object"===(void 0===e?"undefined":n(e))?this._extraTokenParams=e:this._extraTokenParams={}}}]),e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.WebStorageStateStore=void 0;var n=r(0),i=r(1);t.WebStorageStateStore=function(){function e(){var t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},r=t.prefix,n=void 0===r?"oidc.":r,o=t.store,s=void 0===o?i.Global.localStorage:o;(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")})(this,e),this._store=s,this._prefix=n}return e.prototype.set=function(e,t){return n.Log.debug("WebStorageStateStore.set",e),e=this._prefix+e,this._store.setItem(e,t),Promise.resolve()},e.prototype.get=function(e){n.Log.debug("WebStorageStateStore.get",e),e=this._prefix+e;var t=this._store.getItem(e);return Promise.resolve(t)},e.prototype.remove=function(e){n.Log.debug("WebStorageStateStore.remove",e),e=this._prefix+e;var t=this._store.getItem(e);return this._store.removeItem(e),Promise.resolve(t)},e.prototype.getAllKeys=function(){n.Log.debug("WebStorageStateStore.getAllKeys");for(var e=[],t=0;t<this._store.length;t++){var r=this._store.key(t);0===r.indexOf(this._prefix)&&e.push(r.substr(this._prefix.length))}return Promise.resolve(e)},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.JsonService=void 0;var n=r(0),i=r(1);t.JsonService=function(){function e(){var t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:null,r=arguments.length>1&&void 0!==arguments[1]?arguments[1]:i.Global.XMLHttpRequest,n=arguments.length>2&&void 0!==arguments[2]?arguments[2]:null;(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")})(this,e),t&&Array.isArray(t)?this._contentTypes=t.slice():this._contentTypes=[],this._contentTypes.push("application/json"),n&&this._contentTypes.push("application/jwt"),this._XMLHttpRequest=r,this._jwtHandler=n}return e.prototype.getJson=function(e,t){var r=this;if(!e)throw n.Log.error("JsonService.getJson: No url passed"),new Error("url");return n.Log.debug("JsonService.getJson, url: ",e),new Promise(function(i,o){var s=new r._XMLHttpRequest;s.open("GET",e);var a=r._contentTypes,u=r._jwtHandler;s.onload=function(){if(n.Log.debug("JsonService.getJson: HTTP response received, status",s.status),200===s.status){var t=s.getResponseHeader("Content-Type");if(t){var r=a.find(function(e){if(t.startsWith(e))return!0});if("application/jwt"==r)return void u(s).then(i,o);if(r)try{return void i(JSON.parse(s.responseText))}catch(e){return n.Log.error("JsonService.getJson: Error parsing JSON response",e.message),void o(e)}}o(Error("Invalid response Content-Type: "+t+", from URL: "+e))}else o(Error(s.statusText+" ("+s.status+")"))},s.onerror=function(){n.Log.error("JsonService.getJson: network error"),o(Error("Network Error"))},t&&(n.Log.debug("JsonService.getJson: token passed, setting Authorization header"),s.setRequestHeader("Authorization","Bearer "+t)),s.send()})},e.prototype.postForm=function(e,t,r){var i=this;if(!e)throw n.Log.error("JsonService.postForm: No url passed"),new Error("url");return n.Log.debug("JsonService.postForm, url: ",e),new Promise(function(o,s){var a=new i._XMLHttpRequest;a.open("POST",e);var u=i._contentTypes;a.onload=function(){if(n.Log.debug("JsonService.postForm: HTTP response received, status",a.status),200!==a.status){if(400===a.status&&(r=a.getResponseHeader("Content-Type"))&&u.find(function(e){if(r.startsWith(e))return!0}))try{var t=JSON.parse(a.responseText);if(t&&t.error)return n.Log.error("JsonService.postForm: Error from server: ",t.error),void s(new Error(t.error))}catch(e){return n.Log.error("JsonService.postForm: Error parsing JSON response",e.message),void s(e)}s(Error(a.statusText+" ("+a.status+")"))}else{var r;if((r=a.getResponseHeader("Content-Type"))&&u.find(function(e){if(r.startsWith(e))return!0}))try{return void o(JSON.parse(a.responseText))}catch(e){return n.Log.error("JsonService.postForm: Error parsing JSON response",e.message),void s(e)}s(Error("Invalid response Content-Type: "+r+", from URL: "+e))}},a.onerror=function(){n.Log.error("JsonService.postForm: network error"),s(Error("Network Error"))};var c="";for(var h in t){var l=t[h];l&&(c.length>0&&(c+="&"),c+=encodeURIComponent(h),c+="=",c+=encodeURIComponent(l))}a.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),void 0!==r&&a.setRequestHeader("Authorization","Basic "+btoa(r)),a.send(c)})},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.SigninRequest=void 0;var n=r(0),i=r(3),o=r(13);t.SigninRequest=function(){function e(t){var r=t.url,s=t.client_id,a=t.redirect_uri,u=t.response_type,c=t.scope,h=t.authority,l=t.data,f=t.prompt,d=t.display,p=t.max_age,g=t.ui_locales,y=t.id_token_hint,v=t.login_hint,m=t.acr_values,w=t.resource,_=t.response_mode,S=t.request,b=t.request_uri,E=t.extraQueryParams,F=t.request_type,A=t.client_secret,x=t.extraTokenParams,k=t.skipUserInfo;if(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),!r)throw n.Log.error("SigninRequest.ctor: No url passed"),new Error("url");if(!s)throw n.Log.error("SigninRequest.ctor: No client_id passed"),new Error("client_id");if(!a)throw n.Log.error("SigninRequest.ctor: No redirect_uri passed"),new Error("redirect_uri");if(!u)throw n.Log.error("SigninRequest.ctor: No response_type passed"),new Error("response_type");if(!c)throw n.Log.error("SigninRequest.ctor: No scope passed"),new Error("scope");if(!h)throw n.Log.error("SigninRequest.ctor: No authority passed"),new Error("authority");var P=e.isOidc(u),T=e.isCode(u);_||(_=e.isCode(u)?"query":null),this.state=new o.SigninState({nonce:P,data:l,client_id:s,authority:h,redirect_uri:a,code_verifier:T,request_type:F,response_mode:_,client_secret:A,scope:c,extraTokenParams:x,skipUserInfo:k}),r=i.UrlUtility.addQueryParam(r,"client_id",s),r=i.UrlUtility.addQueryParam(r,"redirect_uri",a),r=i.UrlUtility.addQueryParam(r,"response_type",u),r=i.UrlUtility.addQueryParam(r,"scope",c),r=i.UrlUtility.addQueryParam(r,"state",this.state.id),P&&(r=i.UrlUtility.addQueryParam(r,"nonce",this.state.nonce)),T&&(r=i.UrlUtility.addQueryParam(r,"code_challenge",this.state.code_challenge),r=i.UrlUtility.addQueryParam(r,"code_challenge_method","S256"));var I={prompt:f,display:d,max_age:p,ui_locales:g,id_token_hint:y,login_hint:v,acr_values:m,resource:w,request:S,request_uri:b,response_mode:_};for(var R in I)I[R]&&(r=i.UrlUtility.addQueryParam(r,R,I[R]));for(var C in E)r=i.UrlUtility.addQueryParam(r,C,E[C]);this.url=r}return e.isOidc=function(e){return!!e.split(/\s+/g).filter(function(e){return"id_token"===e})[0]},e.isOAuth=function(e){return!!e.split(/\s+/g).filter(function(e){return"token"===e})[0]},e.isCode=function(e){return!!e.split(/\s+/g).filter(function(e){return"code"===e})[0]},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.State=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0),o=function(e){return e&&e.__esModule?e:{default:e}}(r(14));t.State=function(){function e(){var t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},r=t.id,n=t.data,i=t.created,s=t.request_type;(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")})(this,e),this._id=r||(0,o.default)(),this._data=n,this._created="number"==typeof i&&i>0?i:parseInt(Date.now()/1e3),this._request_type=s}return e.prototype.toStorageString=function(){return i.Log.debug("State.toStorageString"),JSON.stringify({id:this.id,data:this.data,created:this.created,request_type:this.request_type})},e.fromStorageString=function(t){return i.Log.debug("State.fromStorageString"),new e(JSON.parse(t))},e.clearStaleState=function(t,r){var n=Date.now()/1e3-r;return t.getAllKeys().then(function(r){i.Log.debug("State.clearStaleState: got keys",r);for(var o=[],s=function(s){var a=r[s];u=t.get(a).then(function(r){var o=!1;if(r)try{var s=e.fromStorageString(r);i.Log.debug("State.clearStaleState: got item from key: ",a,s.created),s.created<=n&&(o=!0)}catch(e){i.Log.error("State.clearStaleState: Error parsing state for key",a,e.message),o=!0}else i.Log.debug("State.clearStaleState: no item in storage for key: ",a),o=!0;if(o)return i.Log.debug("State.clearStaleState: removed item for key: ",a),t.remove(a)}),o.push(u)},a=0;a<r.length;a++){var u;s(a)}return i.Log.debug("State.clearStaleState: waiting on promise count:",o.length),Promise.all(o)})},n(e,[{key:"id",get:function(){return this._id}},{key:"data",get:function(){return this._data}},{key:"created",get:function(){return this._created}},{key:"request_type",get:function(){return this._request_type}}]),e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.OidcClient=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0),o=r(5),s=r(12),a=r(8),u=r(34),c=r(35),h=r(36),l=r(13),f=r(9);t.OidcClient=function(){function e(){var t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")})(this,e),t instanceof o.OidcClientSettings?this._settings=t:this._settings=new o.OidcClientSettings(t)}return e.prototype.createSigninRequest=function(){var e=this,t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},r=t.response_type,n=t.scope,o=t.redirect_uri,s=t.data,u=t.state,c=t.prompt,h=t.display,l=t.max_age,f=t.ui_locales,d=t.id_token_hint,p=t.login_hint,g=t.acr_values,y=t.resource,v=t.request,m=t.request_uri,w=t.response_mode,_=t.extraQueryParams,S=t.extraTokenParams,b=t.request_type,E=t.skipUserInfo,F=arguments[1];i.Log.debug("OidcClient.createSigninRequest");var A=this._settings.client_id;r=r||this._settings.response_type,n=n||this._settings.scope,o=o||this._settings.redirect_uri,c=c||this._settings.prompt,h=h||this._settings.display,l=l||this._settings.max_age,f=f||this._settings.ui_locales,g=g||this._settings.acr_values,y=y||this._settings.resource,w=w||this._settings.response_mode,_=_||this._settings.extraQueryParams,S=S||this._settings.extraTokenParams;var x=this._settings.authority;return a.SigninRequest.isCode(r)&&"code"!==r?Promise.reject(new Error("OpenID Connect hybrid flow is not supported")):this._metadataService.getAuthorizationEndpoint().then(function(t){i.Log.debug("OidcClient.createSigninRequest: Received authorization endpoint",t);var k=new a.SigninRequest({url:t,client_id:A,redirect_uri:o,response_type:r,scope:n,data:s||u,authority:x,prompt:c,display:h,max_age:l,ui_locales:f,id_token_hint:d,login_hint:p,acr_values:g,resource:y,request:v,request_uri:m,extraQueryParams:_,extraTokenParams:S,request_type:b,response_mode:w,client_secret:e._settings.client_secret,skipUserInfo:E}),P=k.state;return(F=F||e._stateStore).set(P.id,P.toStorageString()).then(function(){return k})})},e.prototype.readSigninResponseState=function(e,t){var r=arguments.length>2&&void 0!==arguments[2]&&arguments[2];i.Log.debug("OidcClient.readSigninResponseState");var n="query"===this._settings.response_mode||!this._settings.response_mode&&a.SigninRequest.isCode(this._settings.response_type)?"?":"#",o=new u.SigninResponse(e,n);return o.state?(t=t||this._stateStore,(r?t.remove.bind(t):t.get.bind(t))(o.state).then(function(e){if(!e)throw i.Log.error("OidcClient.readSigninResponseState: No matching state found in storage"),new Error("No matching state found in storage");return{state:l.SigninState.fromStorageString(e),response:o}})):(i.Log.error("OidcClient.readSigninResponseState: No state in response"),Promise.reject(new Error("No state in response")))},e.prototype.processSigninResponse=function(e,t){var r=this;return i.Log.debug("OidcClient.processSigninResponse"),this.readSigninResponseState(e,t,!0).then(function(e){var t=e.state,n=e.response;return i.Log.debug("OidcClient.processSigninResponse: Received state from storage; validating response"),r._validator.validateSigninResponse(t,n)})},e.prototype.createSignoutRequest=function(){var e=this,t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},r=t.id_token_hint,n=t.data,o=t.state,s=t.post_logout_redirect_uri,a=t.extraQueryParams,u=t.request_type,h=arguments[1];return i.Log.debug("OidcClient.createSignoutRequest"),s=s||this._settings.post_logout_redirect_uri,a=a||this._settings.extraQueryParams,this._metadataService.getEndSessionEndpoint().then(function(t){if(!t)throw i.Log.error("OidcClient.createSignoutRequest: No end session endpoint url returned"),new Error("no end session endpoint");i.Log.debug("OidcClient.createSignoutRequest: Received end session endpoint",t);var l=new c.SignoutRequest({url:t,id_token_hint:r,post_logout_redirect_uri:s,data:n||o,extraQueryParams:a,request_type:u}),f=l.state;return f&&(i.Log.debug("OidcClient.createSignoutRequest: Signout request has state to persist"),(h=h||e._stateStore).set(f.id,f.toStorageString())),l})},e.prototype.readSignoutResponseState=function(e,t){var r=arguments.length>2&&void 0!==arguments[2]&&arguments[2];i.Log.debug("OidcClient.readSignoutResponseState");var n=new h.SignoutResponse(e);if(!n.state)return i.Log.debug("OidcClient.readSignoutResponseState: No state in response"),n.error?(i.Log.warn("OidcClient.readSignoutResponseState: Response was error: ",n.error),Promise.reject(new s.ErrorResponse(n))):Promise.resolve({state:void 0,response:n});var o=n.state;return t=t||this._stateStore,(r?t.remove.bind(t):t.get.bind(t))(o).then(function(e){if(!e)throw i.Log.error("OidcClient.readSignoutResponseState: No matching state found in storage"),new Error("No matching state found in storage");return{state:f.State.fromStorageString(e),response:n}})},e.prototype.processSignoutResponse=function(e,t){var r=this;return i.Log.debug("OidcClient.processSignoutResponse"),this.readSignoutResponseState(e,t,!0).then(function(e){var t=e.state,n=e.response;return t?(i.Log.debug("OidcClient.processSignoutResponse: Received state from storage; validating response"),r._validator.validateSignoutResponse(t,n)):(i.Log.debug("OidcClient.processSignoutResponse: No state from storage; skipping validating response"),n)})},e.prototype.clearStaleState=function(e){return i.Log.debug("OidcClient.clearStaleState"),e=e||this._stateStore,f.State.clearStaleState(e,this.settings.staleStateAge)},n(e,[{key:"_stateStore",get:function(){return this.settings.stateStore}},{key:"_validator",get:function(){return this.settings.validator}},{key:"_metadataService",get:function(){return this.settings.metadataService}},{key:"settings",get:function(){return this._settings}},{key:"metadataService",get:function(){return this._metadataService}}]),e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.TokenClient=void 0;var n=r(7),i=r(2),o=r(0);t.TokenClient=function(){function e(t){var r=arguments.length>1&&void 0!==arguments[1]?arguments[1]:n.JsonService,s=arguments.length>2&&void 0!==arguments[2]?arguments[2]:i.MetadataService;if(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),!t)throw o.Log.error("TokenClient.ctor: No settings passed"),new Error("settings");this._settings=t,this._jsonService=new r,this._metadataService=new s(this._settings)}return e.prototype.exchangeCode=function(){var e=this,t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(t=Object.assign({},t)).grant_type=t.grant_type||"authorization_code",t.client_id=t.client_id||this._settings.client_id,t.client_secret=t.client_secret||this._settings.client_secret,t.redirect_uri=t.redirect_uri||this._settings.redirect_uri;var r=void 0,n=t._client_authentication||this._settings._client_authentication;return delete t._client_authentication,t.code?t.redirect_uri?t.code_verifier?t.client_id?t.client_secret||"client_secret_basic"!=n?("client_secret_basic"==n&&(r=t.client_id+":"+t.client_secret,delete t.client_id,delete t.client_secret),this._metadataService.getTokenEndpoint(!1).then(function(n){return o.Log.debug("TokenClient.exchangeCode: Received token endpoint"),e._jsonService.postForm(n,t,r).then(function(e){return o.Log.debug("TokenClient.exchangeCode: response received"),e})})):(o.Log.error("TokenClient.exchangeCode: No client_secret passed"),Promise.reject(new Error("A client_secret is required"))):(o.Log.error("TokenClient.exchangeCode: No client_id passed"),Promise.reject(new Error("A client_id is required"))):(o.Log.error("TokenClient.exchangeCode: No code_verifier passed"),Promise.reject(new Error("A code_verifier is required"))):(o.Log.error("TokenClient.exchangeCode: No redirect_uri passed"),Promise.reject(new Error("A redirect_uri is required"))):(o.Log.error("TokenClient.exchangeCode: No code passed"),Promise.reject(new Error("A code is required")))},e.prototype.exchangeRefreshToken=function(){var e=this,t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(t=Object.assign({},t)).grant_type=t.grant_type||"refresh_token",t.client_id=t.client_id||this._settings.client_id,t.client_secret=t.client_secret||this._settings.client_secret;var r=void 0,n=t._client_authentication||this._settings._client_authentication;return delete t._client_authentication,t.refresh_token?t.client_id?("client_secret_basic"==n&&(r=t.client_id+":"+t.client_secret,delete t.client_id,delete t.client_secret),this._metadataService.getTokenEndpoint(!1).then(function(n){return o.Log.debug("TokenClient.exchangeRefreshToken: Received token endpoint"),e._jsonService.postForm(n,t,r).then(function(e){return o.Log.debug("TokenClient.exchangeRefreshToken: response received"),e})})):(o.Log.error("TokenClient.exchangeRefreshToken: No client_id passed"),Promise.reject(new Error("A client_id is required"))):(o.Log.error("TokenClient.exchangeRefreshToken: No refresh_token passed"),Promise.reject(new Error("A refresh_token is required")))},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.ErrorResponse=void 0;var n=r(0);t.ErrorResponse=function(e){function t(){var r=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},i=r.error,o=r.error_description,s=r.error_uri,a=r.state,u=r.session_state;if(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,t),!i)throw n.Log.error("No error passed to ErrorResponse"),new Error("error");var c=function(e,t){if(!e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return!t||"object"!=typeof t&&"function"!=typeof t?e:t}(this,e.call(this,o||i));return c.name="ErrorResponse",c.error=i,c.error_description=o,c.error_uri=s,c.state=a,c.session_state=u,c}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function, not "+typeof t);e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}),t&&(Object.setPrototypeOf?Object.setPrototypeOf(e,t):e.__proto__=t)}(t,e),t}(Error)},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.SigninState=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0),o=r(9),s=r(4),a=function(e){return e&&e.__esModule?e:{default:e}}(r(14));t.SigninState=function(e){function t(){var r=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},n=r.nonce,i=r.authority,o=r.client_id,u=r.redirect_uri,c=r.code_verifier,h=r.response_mode,l=r.client_secret,f=r.scope,d=r.extraTokenParams,p=r.skipUserInfo;!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,t);var g=function(e,t){if(!e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return!t||"object"!=typeof t&&"function"!=typeof t?e:t}(this,e.call(this,arguments[0]));if(!0===n?g._nonce=(0,a.default)():n&&(g._nonce=n),!0===c?g._code_verifier=(0,a.default)()+(0,a.default)()+(0,a.default)():c&&(g._code_verifier=c),g.code_verifier){var y=s.JoseUtil.hashString(g.code_verifier,"SHA256");g._code_challenge=s.JoseUtil.hexToBase64Url(y)}return g._redirect_uri=u,g._authority=i,g._client_id=o,g._response_mode=h,g._client_secret=l,g._scope=f,g._extraTokenParams=d,g._skipUserInfo=p,g}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function, not "+typeof t);e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}),t&&(Object.setPrototypeOf?Object.setPrototypeOf(e,t):e.__proto__=t)}(t,e),t.prototype.toStorageString=function(){return i.Log.debug("SigninState.toStorageString"),JSON.stringify({id:this.id,data:this.data,created:this.created,request_type:this.request_type,nonce:this.nonce,code_verifier:this.code_verifier,redirect_uri:this.redirect_uri,authority:this.authority,client_id:this.client_id,response_mode:this.response_mode,client_secret:this.client_secret,scope:this.scope,extraTokenParams:this.extraTokenParams,skipUserInfo:this.skipUserInfo})},t.fromStorageString=function(e){return i.Log.debug("SigninState.fromStorageString"),new t(JSON.parse(e))},n(t,[{key:"nonce",get:function(){return this._nonce}},{key:"authority",get:function(){return this._authority}},{key:"client_id",get:function(){return this._client_id}},{key:"redirect_uri",get:function(){return this._redirect_uri}},{key:"code_verifier",get:function(){return this._code_verifier}},{key:"code_challenge",get:function(){return this._code_challenge}},{key:"response_mode",get:function(){return this._response_mode}},{key:"client_secret",get:function(){return this._client_secret}},{key:"scope",get:function(){return this._scope}},{key:"extraTokenParams",get:function(){return this._extraTokenParams}},{key:"skipUserInfo",get:function(){return this._skipUserInfo}}]),t}(o.State)},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.default=function(){return("undefined"!=n&&null!==n&&void 0!==n.getRandomValues?i:o)().replace(/-/g,"")};var n="undefined"!=typeof window?window.crypto||window.msCrypto:null;function i(){return([1e7]+-1e3+-4e3+-8e3+-1e11).replace(/[018]/g,function(e){return(e^n.getRandomValues(new Uint8Array(1))[0]&15>>e/4).toString(16)})}function o(){return([1e7]+-1e3+-4e3+-8e3+-1e11).replace(/[018]/g,function(e){return(e^16*Math.random()>>e/4).toString(16)})}e.exports=t.default},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.User=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0);t.User=function(){function e(t){var r=t.id_token,n=t.session_state,i=t.access_token,o=t.refresh_token,s=t.token_type,a=t.scope,u=t.profile,c=t.expires_at,h=t.state;!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this.id_token=r,this.session_state=n,this.access_token=i,this.refresh_token=o,this.token_type=s,this.scope=a,this.profile=u,this.expires_at=c,this.state=h}return e.prototype.toStorageString=function(){return i.Log.debug("User.toStorageString"),JSON.stringify({id_token:this.id_token,session_state:this.session_state,access_token:this.access_token,refresh_token:this.refresh_token,token_type:this.token_type,scope:this.scope,profile:this.profile,expires_at:this.expires_at})},e.fromStorageString=function(t){return i.Log.debug("User.fromStorageString"),new e(JSON.parse(t))},n(e,[{key:"expires_in",get:function(){if(this.expires_at){var e=parseInt(Date.now()/1e3);return this.expires_at-e}},set:function(e){var t=parseInt(e);if("number"==typeof t&&t>0){var r=parseInt(Date.now()/1e3);this.expires_at=r+t}}},{key:"expired",get:function(){var e=this.expires_in;if(void 0!==e)return e<=0}},{key:"scopes",get:function(){return(this.scope||"").split(" ")}}]),e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.AccessTokenEvents=void 0;var n=r(0),i=r(46);t.AccessTokenEvents=function(){function e(){var t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},r=t.accessTokenExpiringNotificationTime,n=void 0===r?60:r,o=t.accessTokenExpiringTimer,s=void 0===o?new i.Timer("Access token expiring"):o,a=t.accessTokenExpiredTimer,u=void 0===a?new i.Timer("Access token expired"):a;(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")})(this,e),this._accessTokenExpiringNotificationTime=n,this._accessTokenExpiring=s,this._accessTokenExpired=u}return e.prototype.load=function(e){if(e.access_token&&void 0!==e.expires_in){var t=e.expires_in;if(n.Log.debug("AccessTokenEvents.load: access token present, remaining duration:",t),t>0){var r=t-this._accessTokenExpiringNotificationTime;r<=0&&(r=1),n.Log.debug("AccessTokenEvents.load: registering expiring timer in:",r),this._accessTokenExpiring.init(r)}else n.Log.debug("AccessTokenEvents.load: canceling existing expiring timer becase we're past expiration."),this._accessTokenExpiring.cancel();var i=t+1;n.Log.debug("AccessTokenEvents.load: registering expired timer in:",i),this._accessTokenExpired.init(i)}else this._accessTokenExpiring.cancel(),this._accessTokenExpired.cancel()},e.prototype.unload=function(){n.Log.debug("AccessTokenEvents.unload: canceling existing access token timers"),this._accessTokenExpiring.cancel(),this._accessTokenExpired.cancel()},e.prototype.addAccessTokenExpiring=function(e){this._accessTokenExpiring.addHandler(e)},e.prototype.removeAccessTokenExpiring=function(e){this._accessTokenExpiring.removeHandler(e)},e.prototype.addAccessTokenExpired=function(e){this._accessTokenExpired.addHandler(e)},e.prototype.removeAccessTokenExpired=function(e){this._accessTokenExpired.removeHandler(e)},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.Event=void 0;var n=r(0);t.Event=function(){function e(t){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this._name=t,this._callbacks=[]}return e.prototype.addHandler=function(e){this._callbacks.push(e)},e.prototype.removeHandler=function(e){var t=this._callbacks.findIndex(function(t){return t===e});t>=0&&this._callbacks.splice(t,1)},e.prototype.raise=function(){n.Log.debug("Event: Raising event: "+this._name);for(var e=0;e<this._callbacks.length;e++){var t;(t=this._callbacks)[e].apply(t,arguments)}},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.SessionMonitor=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0),o=r(19),s=r(1);t.SessionMonitor=function(){function e(t){var r=this,n=arguments.length>1&&void 0!==arguments[1]?arguments[1]:o.CheckSessionIFrame,a=arguments.length>2&&void 0!==arguments[2]?arguments[2]:s.Global.timer;if(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),!t)throw i.Log.error("SessionMonitor.ctor: No user manager passed to SessionMonitor"),new Error("userManager");this._userManager=t,this._CheckSessionIFrameCtor=n,this._timer=a,this._userManager.events.addUserLoaded(this._start.bind(this)),this._userManager.events.addUserUnloaded(this._stop.bind(this)),Promise.resolve(this._userManager.getUser().then(function(e){e?r._start(e):r._settings.monitorAnonymousSession&&r._userManager.querySessionStatus().then(function(e){var t={session_state:e.session_state};e.sub&&e.sid&&(t.profile={sub:e.sub,sid:e.sid}),r._start(t)}).catch(function(e){i.Log.error("SessionMonitor ctor: error from querySessionStatus:",e.message)})}).catch(function(e){i.Log.error("SessionMonitor ctor: error from getUser:",e.message)}))}return e.prototype._start=function(e){var t=this,r=e.session_state;r&&(e.profile?(this._sub=e.profile.sub,this._sid=e.profile.sid,i.Log.debug("SessionMonitor._start: session_state:",r,", sub:",this._sub)):(this._sub=void 0,this._sid=void 0,i.Log.debug("SessionMonitor._start: session_state:",r,", anonymous user")),this._checkSessionIFrame?this._checkSessionIFrame.start(r):this._metadataService.getCheckSessionIframe().then(function(e){if(e){i.Log.debug("SessionMonitor._start: Initializing check session iframe");var n=t._client_id,o=t._checkSessionInterval,s=t._stopCheckSessionOnError;t._checkSessionIFrame=new t._CheckSessionIFrameCtor(t._callback.bind(t),n,e,o,s),t._checkSessionIFrame.load().then(function(){t._checkSessionIFrame.start(r)})}else i.Log.warn("SessionMonitor._start: No check session iframe found in the metadata")}).catch(function(e){i.Log.error("SessionMonitor._start: Error from getCheckSessionIframe:",e.message)}))},e.prototype._stop=function(){var e=this;if(this._sub=void 0,this._sid=void 0,this._checkSessionIFrame&&(i.Log.debug("SessionMonitor._stop"),this._checkSessionIFrame.stop()),this._settings.monitorAnonymousSession)var t=this._timer.setInterval(function(){e._timer.clearInterval(t),e._userManager.querySessionStatus().then(function(t){var r={session_state:t.session_state};t.sub&&t.sid&&(r.profile={sub:t.sub,sid:t.sid}),e._start(r)}).catch(function(e){i.Log.error("SessionMonitor: error from querySessionStatus:",e.message)})},1e3)},e.prototype._callback=function(){var e=this;this._userManager.querySessionStatus().then(function(t){var r=!0;t?t.sub===e._sub?(r=!1,e._checkSessionIFrame.start(t.session_state),t.sid===e._sid?i.Log.debug("SessionMonitor._callback: Same sub still logged in at OP, restarting check session iframe; session_state:",t.session_state):(i.Log.debug("SessionMonitor._callback: Same sub still logged in at OP, session state has changed, restarting check session iframe; session_state:",t.session_state),e._userManager.events._raiseUserSessionChanged())):i.Log.debug("SessionMonitor._callback: Different subject signed into OP:",t.sub):i.Log.debug("SessionMonitor._callback: Subject no longer signed into OP"),r&&(e._sub?(i.Log.debug("SessionMonitor._callback: SessionMonitor._callback; raising signed out event"),e._userManager.events._raiseUserSignedOut()):(i.Log.debug("SessionMonitor._callback: SessionMonitor._callback; raising signed in event"),e._userManager.events._raiseUserSignedIn()))}).catch(function(t){e._sub&&(i.Log.debug("SessionMonitor._callback: Error calling queryCurrentSigninSession; raising signed out event",t.message),e._userManager.events._raiseUserSignedOut())})},n(e,[{key:"_settings",get:function(){return this._userManager.settings}},{key:"_metadataService",get:function(){return this._userManager.metadataService}},{key:"_client_id",get:function(){return this._settings.client_id}},{key:"_checkSessionInterval",get:function(){return this._settings.checkSessionInterval}},{key:"_stopCheckSessionOnError",get:function(){return this._settings.stopCheckSessionOnError}}]),e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.CheckSessionIFrame=void 0;var n=r(0);t.CheckSessionIFrame=function(){function e(t,r,n,i){var o=!(arguments.length>4&&void 0!==arguments[4])||arguments[4];(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")})(this,e),this._callback=t,this._client_id=r,this._url=n,this._interval=i||2e3,this._stopOnError=o;var s=n.indexOf("/",n.indexOf("//")+2);this._frame_origin=n.substr(0,s),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.style.display="none",this._frame.width=0,this._frame.height=0,this._frame.src=n}return e.prototype.load=function(){var e=this;return new Promise(function(t){e._frame.onload=function(){t()},window.document.body.appendChild(e._frame),e._boundMessageEvent=e._message.bind(e),window.addEventListener("message",e._boundMessageEvent,!1)})},e.prototype._message=function(e){e.origin===this._frame_origin&&e.source===this._frame.contentWindow&&("error"===e.data?(n.Log.error("CheckSessionIFrame: error message from check session op iframe"),this._stopOnError&&this.stop()):"changed"===e.data?(n.Log.debug("CheckSessionIFrame: changed message from check session op iframe"),this.stop(),this._callback()):n.Log.debug("CheckSessionIFrame: "+e.data+" message from check session op iframe"))},e.prototype.start=function(e){var t=this;if(this._session_state!==e){n.Log.debug("CheckSessionIFrame.start"),this.stop(),this._session_state=e;var r=function(){t._frame.contentWindow.postMessage(t._client_id+" "+t._session_state,t._frame_origin)};r(),this._timer=window.setInterval(r,this._interval)}},e.prototype.stop=function(){this._session_state=null,this._timer&&(n.Log.debug("CheckSessionIFrame.stop"),window.clearInterval(this._timer),this._timer=null)},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.TokenRevocationClient=void 0;var n=r(0),i=r(2),o=r(1);t.TokenRevocationClient=function(){function e(t){var r=arguments.length>1&&void 0!==arguments[1]?arguments[1]:o.Global.XMLHttpRequest,s=arguments.length>2&&void 0!==arguments[2]?arguments[2]:i.MetadataService;if(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),!t)throw n.Log.error("TokenRevocationClient.ctor: No settings provided"),new Error("No settings provided.");this._settings=t,this._XMLHttpRequestCtor=r,this._metadataService=new s(this._settings)}return e.prototype.revoke=function(e,t){var r=this,i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:"access_token";if(!e)throw n.Log.error("TokenRevocationClient.revoke: No token provided"),new Error("No token provided.");if("access_token"!==i&&"refresh_token"!=i)throw n.Log.error("TokenRevocationClient.revoke: Invalid token type"),new Error("Invalid token type.");return this._metadataService.getRevocationEndpoint().then(function(o){if(o){n.Log.debug("TokenRevocationClient.revoke: Revoking "+i);var s=r._settings.client_id,a=r._settings.client_secret;return r._revoke(o,s,a,e,i)}if(t)throw n.Log.error("TokenRevocationClient.revoke: Revocation not supported"),new Error("Revocation not supported")})},e.prototype._revoke=function(e,t,r,i,o){var s=this;return new Promise(function(a,u){var c=new s._XMLHttpRequestCtor;c.open("POST",e),c.onload=function(){n.Log.debug("TokenRevocationClient.revoke: HTTP response received, status",c.status),200===c.status?a():u(Error(c.statusText+" ("+c.status+")"))},c.onerror=function(){n.Log.debug("TokenRevocationClient.revoke: Network Error."),u("Network Error")};var h="client_id="+encodeURIComponent(t);r&&(h+="&client_secret="+encodeURIComponent(r)),h+="&token_type_hint="+encodeURIComponent(o),h+="&token="+encodeURIComponent(i),c.setRequestHeader("Content-Type","application/x-www-form-urlencoded"),c.send(h)})},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.CordovaPopupWindow=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0);t.CordovaPopupWindow=function(){function e(t){var r=this;!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this._promise=new Promise(function(e,t){r._resolve=e,r._reject=t}),this.features=t.popupWindowFeatures||"location=no,toolbar=no,zoom=no",this.target=t.popupWindowTarget||"_blank",this.redirect_uri=t.startUrl,i.Log.debug("CordovaPopupWindow.ctor: redirect_uri: "+this.redirect_uri)}return e.prototype._isInAppBrowserInstalled=function(e){return["cordova-plugin-inappbrowser","cordova-plugin-inappbrowser.inappbrowser","org.apache.cordova.inappbrowser"].some(function(t){return e.hasOwnProperty(t)})},e.prototype.navigate=function(e){if(e&&e.url){if(!window.cordova)return this._error("cordova is undefined");var t=window.cordova.require("cordova/plugin_list").metadata;if(!1===this._isInAppBrowserInstalled(t))return this._error("InAppBrowser plugin not found");this._popup=cordova.InAppBrowser.open(e.url,this.target,this.features),this._popup?(i.Log.debug("CordovaPopupWindow.navigate: popup successfully created"),this._exitCallbackEvent=this._exitCallback.bind(this),this._loadStartCallbackEvent=this._loadStartCallback.bind(this),this._popup.addEventListener("exit",this._exitCallbackEvent,!1),this._popup.addEventListener("loadstart",this._loadStartCallbackEvent,!1)):this._error("Error opening popup window")}else this._error("No url provided");return this.promise},e.prototype._loadStartCallback=function(e){0===e.url.indexOf(this.redirect_uri)&&this._success({url:e.url})},e.prototype._exitCallback=function(e){this._error(e)},e.prototype._success=function(e){this._cleanup(),i.Log.debug("CordovaPopupWindow: Successful response from cordova popup window"),this._resolve(e)},e.prototype._error=function(e){this._cleanup(),i.Log.error(e),this._reject(new Error(e))},e.prototype.close=function(){this._cleanup()},e.prototype._cleanup=function(){this._popup&&(i.Log.debug("CordovaPopupWindow: cleaning up popup"),this._popup.removeEventListener("exit",this._exitCallbackEvent,!1),this._popup.removeEventListener("loadstart",this._loadStartCallbackEvent,!1),this._popup.close()),this._popup=null},n(e,[{key:"promise",get:function(){return this._promise}}]),e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0});var n=r(0),i=r(10),o=r(5),s=r(6),a=r(37),u=r(38),c=r(16),h=r(2),l=r(48),f=r(49),d=r(19),p=r(20),g=r(18),y=r(1),v=r(15),m=r(50);t.default={Version:m.Version,Log:n.Log,OidcClient:i.OidcClient,OidcClientSettings:o.OidcClientSettings,WebStorageStateStore:s.WebStorageStateStore,InMemoryWebStorage:a.InMemoryWebStorage,UserManager:u.UserManager,AccessTokenEvents:c.AccessTokenEvents,MetadataService:h.MetadataService,CordovaPopupNavigator:l.CordovaPopupNavigator,CordovaIFrameNavigator:f.CordovaIFrameNavigator,CheckSessionIFrame:d.CheckSessionIFrame,TokenRevocationClient:p.TokenRevocationClient,SessionMonitor:g.SessionMonitor,Global:y.Global,User:v.User},e.exports=t.default},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.ClockService=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.getEpochTime=function(){return Promise.resolve(Date.now()/1e3|0)},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.ResponseValidator=void 0;var n="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},i=r(0),o=r(2),s=r(25),a=r(11),u=r(12),c=r(4),h=["nonce","at_hash","iat","nbf","exp","aud","iss","c_hash"];t.ResponseValidator=function(){function e(t){var r=arguments.length>1&&void 0!==arguments[1]?arguments[1]:o.MetadataService,n=arguments.length>2&&void 0!==arguments[2]?arguments[2]:s.UserInfoService,u=arguments.length>3&&void 0!==arguments[3]?arguments[3]:c.JoseUtil,h=arguments.length>4&&void 0!==arguments[4]?arguments[4]:a.TokenClient;if(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),!t)throw i.Log.error("ResponseValidator.ctor: No settings passed to ResponseValidator"),new Error("settings");this._settings=t,this._metadataService=new r(this._settings),this._userInfoService=new n(this._settings),this._joseUtil=u,this._tokenClient=new h(this._settings)}return e.prototype.validateSigninResponse=function(e,t){var r=this;return i.Log.debug("ResponseValidator.validateSigninResponse"),this._processSigninParams(e,t).then(function(t){return i.Log.debug("ResponseValidator.validateSigninResponse: state processed"),r._validateTokens(e,t).then(function(t){return i.Log.debug("ResponseValidator.validateSigninResponse: tokens validated"),r._processClaims(e,t).then(function(e){return i.Log.debug("ResponseValidator.validateSigninResponse: claims processed"),e})})})},e.prototype.validateSignoutResponse=function(e,t){return e.id!==t.state?(i.Log.error("ResponseValidator.validateSignoutResponse: State does not match"),Promise.reject(new Error("State does not match"))):(i.Log.debug("ResponseValidator.validateSignoutResponse: state validated"),t.state=e.data,t.error?(i.Log.warn("ResponseValidator.validateSignoutResponse: Response was error",t.error),Promise.reject(new u.ErrorResponse(t))):Promise.resolve(t))},e.prototype._processSigninParams=function(e,t){if(e.id!==t.state)return i.Log.error("ResponseValidator._processSigninParams: State does not match"),Promise.reject(new Error("State does not match"));if(!e.client_id)return i.Log.error("ResponseValidator._processSigninParams: No client_id on state"),Promise.reject(new Error("No client_id on state"));if(!e.authority)return i.Log.error("ResponseValidator._processSigninParams: No authority on state"),Promise.reject(new Error("No authority on state"));if(this._settings.authority){if(this._settings.authority&&this._settings.authority!==e.authority)return i.Log.error("ResponseValidator._processSigninParams: authority mismatch on settings vs. signin state"),Promise.reject(new Error("authority mismatch on settings vs. signin state"))}else this._settings.authority=e.authority;if(this._settings.client_id){if(this._settings.client_id&&this._settings.client_id!==e.client_id)return i.Log.error("ResponseValidator._processSigninParams: client_id mismatch on settings vs. signin state"),Promise.reject(new Error("client_id mismatch on settings vs. signin state"))}else this._settings.client_id=e.client_id;return i.Log.debug("ResponseValidator._processSigninParams: state validated"),t.state=e.data,t.error?(i.Log.warn("ResponseValidator._processSigninParams: Response was error",t.error),Promise.reject(new u.ErrorResponse(t))):e.nonce&&!t.id_token?(i.Log.error("ResponseValidator._processSigninParams: Expecting id_token in response"),Promise.reject(new Error("No id_token in response"))):!e.nonce&&t.id_token?(i.Log.error("ResponseValidator._processSigninParams: Not expecting id_token in response"),Promise.reject(new Error("Unexpected id_token in response"))):e.code_verifier&&!t.code?(i.Log.error("ResponseValidator._processSigninParams: Expecting code in response"),Promise.reject(new Error("No code in response"))):!e.code_verifier&&t.code?(i.Log.error("ResponseValidator._processSigninParams: Not expecting code in response"),Promise.reject(new Error("Unexpected code in response"))):(t.scope||(t.scope=e.scope),Promise.resolve(t))},e.prototype._processClaims=function(e,t){var r=this;if(t.isOpenIdConnect){if(i.Log.debug("ResponseValidator._processClaims: response is OIDC, processing claims"),t.profile=this._filterProtocolClaims(t.profile),!0!==e.skipUserInfo&&this._settings.loadUserInfo&&t.access_token)return i.Log.debug("ResponseValidator._processClaims: loading user info"),this._userInfoService.getClaims(t.access_token).then(function(e){return i.Log.debug("ResponseValidator._processClaims: user info claims received from user info endpoint"),e.sub!==t.profile.sub?(i.Log.error("ResponseValidator._processClaims: sub from user info endpoint does not match sub in id_token"),Promise.reject(new Error("sub from user info endpoint does not match sub in id_token"))):(t.profile=r._mergeClaims(t.profile,e),i.Log.debug("ResponseValidator._processClaims: user info claims received, updated profile:",t.profile),t)});i.Log.debug("ResponseValidator._processClaims: not loading user info")}else i.Log.debug("ResponseValidator._processClaims: response is not OIDC, not processing claims");return Promise.resolve(t)},e.prototype._mergeClaims=function(e,t){var r=Object.assign({},e);for(var i in t){var o=t[i];Array.isArray(o)||(o=[o]);for(var s=0;s<o.length;s++){var a=o[s];r[i]?Array.isArray(r[i])?r[i].indexOf(a)<0&&r[i].push(a):r[i]!==a&&("object"===(void 0===a?"undefined":n(a))&&this._settings.mergeClaims?r[i]=this._mergeClaims(r[i],a):r[i]=[r[i],a]):r[i]=a}}return r},e.prototype._filterProtocolClaims=function(e){i.Log.debug("ResponseValidator._filterProtocolClaims, incoming claims:",e);var t=Object.assign({},e);return this._settings._filterProtocolClaims?(h.forEach(function(e){delete t[e]}),i.Log.debug("ResponseValidator._filterProtocolClaims: protocol claims filtered",t)):i.Log.debug("ResponseValidator._filterProtocolClaims: protocol claims not filtered"),t},e.prototype._validateTokens=function(e,t){return t.code?(i.Log.debug("ResponseValidator._validateTokens: Validating code"),this._processCode(e,t)):t.id_token?t.access_token?(i.Log.debug("ResponseValidator._validateTokens: Validating id_token and access_token"),this._validateIdTokenAndAccessToken(e,t)):(i.Log.debug("ResponseValidator._validateTokens: Validating id_token"),this._validateIdToken(e,t)):(i.Log.debug("ResponseValidator._validateTokens: No code to process or id_token to validate"),Promise.resolve(t))},e.prototype._processCode=function(e,t){var r=this,o={client_id:e.client_id,client_secret:e.client_secret,code:t.code,redirect_uri:e.redirect_uri,code_verifier:e.code_verifier};return e.extraTokenParams&&"object"===n(e.extraTokenParams)&&Object.assign(o,e.extraTokenParams),this._tokenClient.exchangeCode(o).then(function(n){for(var o in n)t[o]=n[o];return t.id_token?(i.Log.debug("ResponseValidator._processCode: token response successful, processing id_token"),r._validateIdTokenAttributes(e,t)):(i.Log.debug("ResponseValidator._processCode: token response successful, returning response"),t)})},e.prototype._validateIdTokenAttributes=function(e,t){var r=this;return this._metadataService.getIssuer().then(function(n){var o=e.client_id,s=r._settings.clockSkew;return i.Log.debug("ResponseValidator._validateIdTokenAttributes: Validaing JWT attributes; using clock skew (in seconds) of: ",s),r._settings.getEpochTime().then(function(a){return r._joseUtil.validateJwtAttributes(t.id_token,n,o,s,a).then(function(r){return e.nonce&&e.nonce!==r.nonce?(i.Log.error("ResponseValidator._validateIdTokenAttributes: Invalid nonce in id_token"),Promise.reject(new Error("Invalid nonce in id_token"))):r.sub?(t.profile=r,t):(i.Log.error("ResponseValidator._validateIdTokenAttributes: No sub present in id_token"),Promise.reject(new Error("No sub present in id_token")))})})})},e.prototype._validateIdTokenAndAccessToken=function(e,t){var r=this;return this._validateIdToken(e,t).then(function(e){return r._validateAccessToken(e)})},e.prototype._getSigningKeyForJwt=function(e){var t=this;return this._metadataService.getSigningKeys().then(function(r){var n=e.header.kid;if(!r)return i.Log.error("ResponseValidator._validateIdToken: No signing keys from metadata"),Promise.reject(new Error("No signing keys from metadata"));i.Log.debug("ResponseValidator._validateIdToken: Received signing keys");var o=void 0;if(n)o=r.filter(function(e){return e.kid===n})[0];else{if((r=t._filterByAlg(r,e.header.alg)).length>1)return i.Log.error("ResponseValidator._validateIdToken: No kid found in id_token and more than one key found in metadata"),Promise.reject(new Error("No kid found in id_token and more than one key found in metadata"));o=r[0]}return Promise.resolve(o)})},e.prototype._getSigningKeyForJwtWithSingleRetry=function(e){var t=this;return this._getSigningKeyForJwt(e).then(function(r){return r?Promise.resolve(r):(t._metadataService.resetSigningKeys(),t._getSigningKeyForJwt(e))})},e.prototype._validateIdToken=function(e,t){var r=this;if(!e.nonce)return i.Log.error("ResponseValidator._validateIdToken: No nonce on state"),Promise.reject(new Error("No nonce on state"));var n=this._joseUtil.parseJwt(t.id_token);return n&&n.header&&n.payload?e.nonce!==n.payload.nonce?(i.Log.error("ResponseValidator._validateIdToken: Invalid nonce in id_token"),Promise.reject(new Error("Invalid nonce in id_token"))):this._metadataService.getIssuer().then(function(o){return i.Log.debug("ResponseValidator._validateIdToken: Received issuer"),r._getSigningKeyForJwtWithSingleRetry(n).then(function(s){if(!s)return i.Log.error("ResponseValidator._validateIdToken: No key matching kid or alg found in signing keys"),Promise.reject(new Error("No key matching kid or alg found in signing keys"));var a=e.client_id,u=r._settings.clockSkew;return i.Log.debug("ResponseValidator._validateIdToken: Validaing JWT; using clock skew (in seconds) of: ",u),r._joseUtil.validateJwt(t.id_token,s,o,a,u).then(function(){return i.Log.debug("ResponseValidator._validateIdToken: JWT validation successful"),n.payload.sub?(t.profile=n.payload,t):(i.Log.error("ResponseValidator._validateIdToken: No sub present in id_token"),Promise.reject(new Error("No sub present in id_token")))})})}):(i.Log.error("ResponseValidator._validateIdToken: Failed to parse id_token",n),Promise.reject(new Error("Failed to parse id_token")))},e.prototype._filterByAlg=function(e,t){var r=null;if(t.startsWith("RS"))r="RSA";else if(t.startsWith("PS"))r="PS";else{if(!t.startsWith("ES"))return i.Log.debug("ResponseValidator._filterByAlg: alg not supported: ",t),[];r="EC"}return i.Log.debug("ResponseValidator._filterByAlg: Looking for keys that match kty: ",r),e=e.filter(function(e){return e.kty===r}),i.Log.debug("ResponseValidator._filterByAlg: Number of keys that match kty: ",r,e.length),e},e.prototype._validateAccessToken=function(e){if(!e.profile)return i.Log.error("ResponseValidator._validateAccessToken: No profile loaded from id_token"),Promise.reject(new Error("No profile loaded from id_token"));if(!e.profile.at_hash)return i.Log.error("ResponseValidator._validateAccessToken: No at_hash in id_token"),Promise.reject(new Error("No at_hash in id_token"));if(!e.id_token)return i.Log.error("ResponseValidator._validateAccessToken: No id_token"),Promise.reject(new Error("No id_token"));var t=this._joseUtil.parseJwt(e.id_token);if(!t||!t.header)return i.Log.error("ResponseValidator._validateAccessToken: Failed to parse id_token",t),Promise.reject(new Error("Failed to parse id_token"));var r=t.header.alg;if(!r||5!==r.length)return i.Log.error("ResponseValidator._validateAccessToken: Unsupported alg:",r),Promise.reject(new Error("Unsupported alg: "+r));var n=r.substr(2,3);if(!n)return i.Log.error("ResponseValidator._validateAccessToken: Unsupported alg:",r,n),Promise.reject(new Error("Unsupported alg: "+r));if(256!==(n=parseInt(n))&&384!==n&&512!==n)return i.Log.error("ResponseValidator._validateAccessToken: Unsupported alg:",r,n),Promise.reject(new Error("Unsupported alg: "+r));var o="sha"+n,s=this._joseUtil.hashString(e.access_token,o);if(!s)return i.Log.error("ResponseValidator._validateAccessToken: access_token hash failed:",o),Promise.reject(new Error("Failed to validate at_hash"));var a=s.substr(0,s.length/2),u=this._joseUtil.hexToBase64Url(a);return u!==e.profile.at_hash?(i.Log.error("ResponseValidator._validateAccessToken: Failed to validate at_hash",u,e.profile.at_hash),Promise.reject(new Error("Failed to validate at_hash"))):(i.Log.debug("ResponseValidator._validateAccessToken: success"),Promise.resolve(e))},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.UserInfoService=void 0;var n=r(7),i=r(2),o=r(0),s=r(4);t.UserInfoService=function(){function e(t){var r=arguments.length>1&&void 0!==arguments[1]?arguments[1]:n.JsonService,a=arguments.length>2&&void 0!==arguments[2]?arguments[2]:i.MetadataService,u=arguments.length>3&&void 0!==arguments[3]?arguments[3]:s.JoseUtil;if(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),!t)throw o.Log.error("UserInfoService.ctor: No settings passed"),new Error("settings");this._settings=t,this._jsonService=new r(void 0,void 0,this._getClaimsFromJwt.bind(this)),this._metadataService=new a(this._settings),this._joseUtil=u}return e.prototype.getClaims=function(e){var t=this;return e?this._metadataService.getUserInfoEndpoint().then(function(r){return o.Log.debug("UserInfoService.getClaims: received userinfo url",r),t._jsonService.getJson(r,e).then(function(e){return o.Log.debug("UserInfoService.getClaims: claims received",e),e})}):(o.Log.error("UserInfoService.getClaims: No token passed"),Promise.reject(new Error("A token is required")))},e.prototype._getClaimsFromJwt=function e(t){var r=this;try{var n=this._joseUtil.parseJwt(t.responseText);if(!n||!n.header||!n.payload)return o.Log.error("UserInfoService._getClaimsFromJwt: Failed to parse JWT",n),Promise.reject(new Error("Failed to parse id_token"));var i=n.header.kid,s=void 0;switch(this._settings.userInfoJwtIssuer){case"OP":s=this._metadataService.getIssuer();break;case"ANY":s=Promise.resolve(n.payload.iss);break;default:s=Promise.resolve(this._settings.userInfoJwtIssuer)}return s.then(function(e){return o.Log.debug("UserInfoService._getClaimsFromJwt: Received issuer:"+e),r._metadataService.getSigningKeys().then(function(s){if(!s)return o.Log.error("UserInfoService._getClaimsFromJwt: No signing keys from metadata"),Promise.reject(new Error("No signing keys from metadata"));o.Log.debug("UserInfoService._getClaimsFromJwt: Received signing keys");var a=void 0;if(i)a=s.filter(function(e){return e.kid===i})[0];else{if((s=r._filterByAlg(s,n.header.alg)).length>1)return o.Log.error("UserInfoService._getClaimsFromJwt: No kid found in id_token and more than one key found in metadata"),Promise.reject(new Error("No kid found in id_token and more than one key found in metadata"));a=s[0]}if(!a)return o.Log.error("UserInfoService._getClaimsFromJwt: No key matching kid or alg found in signing keys"),Promise.reject(new Error("No key matching kid or alg found in signing keys"));var u=r._settings.client_id,c=r._settings.clockSkew;return o.Log.debug("UserInfoService._getClaimsFromJwt: Validaing JWT; using clock skew (in seconds) of: ",c),r._joseUtil.validateJwt(t.responseText,a,e,u,c,void 0,!0).then(function(){return o.Log.debug("UserInfoService._getClaimsFromJwt: JWT validation successful"),n.payload})})})}catch(e){return o.Log.error("UserInfoService._getClaimsFromJwt: Error parsing JWT response",e.message),void reject(e)}},e.prototype._filterByAlg=function(e,t){var r=null;if(t.startsWith("RS"))r="RSA";else if(t.startsWith("PS"))r="PS";else{if(!t.startsWith("ES"))return o.Log.debug("UserInfoService._filterByAlg: alg not supported: ",t),[];r="EC"}return o.Log.debug("UserInfoService._filterByAlg: Looking for keys that match kty: ",r),e=e.filter(function(e){return e.kty===r}),o.Log.debug("UserInfoService._filterByAlg: Number of keys that match kty: ",r,e.length),e},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.AllowedSigningAlgs=t.b64tohex=t.hextob64u=t.crypto=t.X509=t.KeyUtil=t.jws=void 0;var n=r(27);t.jws=n.jws,t.KeyUtil=n.KEYUTIL,t.X509=n.X509,t.crypto=n.crypto,t.hextob64u=n.hextob64u,t.b64tohex=n.b64tohex,t.AllowedSigningAlgs=["RS256","RS384","RS512","PS256","PS384","PS512","ES256","ES384","ES512"]},function(e,t,r){(function(e){Object.defineProperty(t,"__esModule",{value:!0});var r,n,i,o,s,a,u,c,h,l,f,d="function"==typeof Symbol&&"symbol"==typeof Symbol.iterator?function(e){return typeof e}:function(e){return e&&"function"==typeof Symbol&&e.constructor===Symbol&&e!==Symbol.prototype?"symbol":typeof e},p={userAgent:!1},g={},y=y||(r=Math,i=(n={}).lib={},o=i.Base=function(){function e(){}return{extend:function(t){e.prototype=this;var r=new e;return t&&r.mixIn(t),r.hasOwnProperty("init")||(r.init=function(){r.$super.init.apply(this,arguments)}),r.init.prototype=r,r.$super=this,r},create:function(){var e=this.extend();return e.init.apply(e,arguments),e},init:function(){},mixIn:function(e){for(var t in e)e.hasOwnProperty(t)&&(this[t]=e[t]);e.hasOwnProperty("toString")&&(this.toString=e.toString)},clone:function(){return this.init.prototype.extend(this)}}}(),s=i.WordArray=o.extend({init:function(e,t){e=this.words=e||[],this.sigBytes=null!=t?t:4*e.length},toString:function(e){return(e||u).stringify(this)},concat:function(e){var t=this.words,r=e.words,n=this.sigBytes,i=e.sigBytes;if(this.clamp(),n%4)for(var o=0;o<i;o++){var s=r[o>>>2]>>>24-o%4*8&255;t[n+o>>>2]|=s<<24-(n+o)%4*8}else for(o=0;o<i;o+=4)t[n+o>>>2]=r[o>>>2];return this.sigBytes+=i,this},clamp:function(){var e=this.words,t=this.sigBytes;e[t>>>2]&=4294967295<<32-t%4*8,e.length=r.ceil(t/4)},clone:function(){var e=o.clone.call(this);return e.words=this.words.slice(0),e},random:function(e){for(var t=[],n=0;n<e;n+=4)t.push(4294967296*r.random()|0);return new s.init(t,e)}}),a=n.enc={},u=a.Hex={stringify:function(e){for(var t=e.words,r=e.sigBytes,n=[],i=0;i<r;i++){var o=t[i>>>2]>>>24-i%4*8&255;n.push((o>>>4).toString(16)),n.push((15&o).toString(16))}return n.join("")},parse:function(e){for(var t=e.length,r=[],n=0;n<t;n+=2)r[n>>>3]|=parseInt(e.substr(n,2),16)<<24-n%8*4;return new s.init(r,t/2)}},c=a.Latin1={stringify:function(e){for(var t=e.words,r=e.sigBytes,n=[],i=0;i<r;i++){var o=t[i>>>2]>>>24-i%4*8&255;n.push(String.fromCharCode(o))}return n.join("")},parse:function(e){for(var t=e.length,r=[],n=0;n<t;n++)r[n>>>2]|=(255&e.charCodeAt(n))<<24-n%4*8;return new s.init(r,t)}},h=a.Utf8={stringify:function(e){try{return decodeURIComponent(escape(c.stringify(e)))}catch(e){throw new Error("Malformed UTF-8 data")}},parse:function(e){return c.parse(unescape(encodeURIComponent(e)))}},l=i.BufferedBlockAlgorithm=o.extend({reset:function(){this._data=new s.init,this._nDataBytes=0},_append:function(e){"string"==typeof e&&(e=h.parse(e)),this._data.concat(e),this._nDataBytes+=e.sigBytes},_process:function(e){var t=this._data,n=t.words,i=t.sigBytes,o=this.blockSize,a=i/(4*o),u=(a=e?r.ceil(a):r.max((0|a)-this._minBufferSize,0))*o,c=r.min(4*u,i);if(u){for(var h=0;h<u;h+=o)this._doProcessBlock(n,h);var l=n.splice(0,u);t.sigBytes-=c}return new s.init(l,c)},clone:function(){var e=o.clone.call(this);return e._data=this._data.clone(),e},_minBufferSize:0}),i.Hasher=l.extend({cfg:o.extend(),init:function(e){this.cfg=this.cfg.extend(e),this.reset()},reset:function(){l.reset.call(this),this._doReset()},update:function(e){return this._append(e),this._process(),this},finalize:function(e){return e&&this._append(e),this._doFinalize()},blockSize:16,_createHelper:function(e){return function(t,r){return new e.init(r).finalize(t)}},_createHmacHelper:function(e){return function(t,r){return new f.HMAC.init(e,r).finalize(t)}}}),f=n.algo={},n);!function(){var e,t=(e=y).lib,r=t.Base,n=t.WordArray;(e=e.x64={}).Word=r.extend({init:function(e,t){this.high=e,this.low=t}}),e.WordArray=r.extend({init:function(e,t){e=this.words=e||[],this.sigBytes=null!=t?t:8*e.length},toX32:function(){for(var e=this.words,t=e.length,r=[],i=0;i<t;i++){var o=e[i];r.push(o.high),r.push(o.low)}return n.create(r,this.sigBytes)},clone:function(){for(var e=r.clone.call(this),t=e.words=this.words.slice(0),n=t.length,i=0;i<n;i++)t[i]=t[i].clone();return e}})}(),function(){var e=y,t=e.lib.WordArray;e.enc.Base64={stringify:function(e){var t=e.words,r=e.sigBytes,n=this._map;e.clamp(),e=[];for(var i=0;i<r;i+=3)for(var o=(t[i>>>2]>>>24-i%4*8&255)<<16|(t[i+1>>>2]>>>24-(i+1)%4*8&255)<<8|t[i+2>>>2]>>>24-(i+2)%4*8&255,s=0;4>s&&i+.75*s<r;s++)e.push(n.charAt(o>>>6*(3-s)&63));if(t=n.charAt(64))for(;e.length%4;)e.push(t);return e.join("")},parse:function(e){var r=e.length,n=this._map;(i=n.charAt(64))&&-1!=(i=e.indexOf(i))&&(r=i);for(var i=[],o=0,s=0;s<r;s++)if(s%4){var a=n.indexOf(e.charAt(s-1))<<s%4*2,u=n.indexOf(e.charAt(s))>>>6-s%4*2;i[o>>>2]|=(a|u)<<24-o%4*8,o++}return t.create(i,o)},_map:"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/="}}(),function(e){for(var t=y,r=(i=t.lib).WordArray,n=i.Hasher,i=t.algo,o=[],s=[],a=function(e){return 4294967296*(e-(0|e))|0},u=2,c=0;64>c;){var h;e:{h=u;for(var l=e.sqrt(h),f=2;f<=l;f++)if(!(h%f)){h=!1;break e}h=!0}h&&(8>c&&(o[c]=a(e.pow(u,.5))),s[c]=a(e.pow(u,1/3)),c++),u++}var d=[];i=i.SHA256=n.extend({_doReset:function(){this._hash=new r.init(o.slice(0))},_doProcessBlock:function(e,t){for(var r=this._hash.words,n=r[0],i=r[1],o=r[2],a=r[3],u=r[4],c=r[5],h=r[6],l=r[7],f=0;64>f;f++){if(16>f)d[f]=0|e[t+f];else{var p=d[f-15],g=d[f-2];d[f]=((p<<25|p>>>7)^(p<<14|p>>>18)^p>>>3)+d[f-7]+((g<<15|g>>>17)^(g<<13|g>>>19)^g>>>10)+d[f-16]}p=l+((u<<26|u>>>6)^(u<<21|u>>>11)^(u<<7|u>>>25))+(u&c^~u&h)+s[f]+d[f],g=((n<<30|n>>>2)^(n<<19|n>>>13)^(n<<10|n>>>22))+(n&i^n&o^i&o),l=h,h=c,c=u,u=a+p|0,a=o,o=i,i=n,n=p+g|0}r[0]=r[0]+n|0,r[1]=r[1]+i|0,r[2]=r[2]+o|0,r[3]=r[3]+a|0,r[4]=r[4]+u|0,r[5]=r[5]+c|0,r[6]=r[6]+h|0,r[7]=r[7]+l|0},_doFinalize:function(){var t=this._data,r=t.words,n=8*this._nDataBytes,i=8*t.sigBytes;return r[i>>>5]|=128<<24-i%32,r[14+(i+64>>>9<<4)]=e.floor(n/4294967296),r[15+(i+64>>>9<<4)]=n,t.sigBytes=4*r.length,this._process(),this._hash},clone:function(){var e=n.clone.call(this);return e._hash=this._hash.clone(),e}}),t.SHA256=n._createHelper(i),t.HmacSHA256=n._createHmacHelper(i)}(Math),function(){function e(){return n.create.apply(n,arguments)}for(var t=y,r=t.lib.Hasher,n=(o=t.x64).Word,i=o.WordArray,o=t.algo,s=[e(1116352408,3609767458),e(1899447441,602891725),e(3049323471,3964484399),e(3921009573,2173295548),e(961987163,4081628472),e(1508970993,3053834265),e(2453635748,2937671579),e(2870763221,3664609560),e(3624381080,2734883394),e(310598401,1164996542),e(607225278,1323610764),e(1426881987,3590304994),e(1925078388,4068182383),e(2162078206,991336113),e(2614888103,633803317),e(3248222580,3479774868),e(3835390401,2666613458),e(4022224774,944711139),e(264347078,2341262773),e(604807628,2007800933),e(770255983,1495990901),e(1249150122,1856431235),e(1555081692,3175218132),e(1996064986,2198950837),e(2554220882,3999719339),e(2821834349,766784016),e(2952996808,2566594879),e(3210313671,3203337956),e(3336571891,1034457026),e(3584528711,2466948901),e(113926993,3758326383),e(338241895,168717936),e(666307205,1188179964),e(773529912,1546045734),e(1294757372,1522805485),e(1396182291,2643833823),e(1695183700,2343527390),e(1986661051,1014477480),e(2177026350,1206759142),e(2456956037,344077627),e(2730485921,1290863460),e(2820302411,3158454273),e(3259730800,3505952657),e(3345764771,106217008),e(3516065817,3606008344),e(3600352804,1432725776),e(4094571909,1467031594),e(275423344,851169720),e(430227734,3100823752),e(506948616,1363258195),e(659060556,3750685593),e(883997877,3785050280),e(958139571,3318307427),e(1322822218,3812723403),e(1537002063,2003034995),e(1747873779,3602036899),e(1955562222,1575990012),e(2024104815,1125592928),e(2227730452,2716904306),e(2361852424,442776044),e(2428436474,593698344),e(2756734187,3733110249),e(3204031479,2999351573),e(3329325298,3815920427),e(3391569614,3928383900),e(3515267271,566280711),e(3940187606,3454069534),e(4118630271,4000239992),e(116418474,1914138554),e(174292421,2731055270),e(289380356,3203993006),e(460393269,320620315),e(685471733,587496836),e(852142971,1086792851),e(1017036298,365543100),e(1126000580,2618297676),e(1288033470,3409855158),e(1501505948,4234509866),e(1607167915,987167468),e(1816402316,1246189591)],a=[],u=0;80>u;u++)a[u]=e();o=o.SHA512=r.extend({_doReset:function(){this._hash=new i.init([new n.init(1779033703,4089235720),new n.init(3144134277,2227873595),new n.init(1013904242,4271175723),new n.init(2773480762,1595750129),new n.init(1359893119,2917565137),new n.init(2600822924,725511199),new n.init(528734635,4215389547),new n.init(1541459225,327033209)])},_doProcessBlock:function(e,t){for(var r=(l=this._hash.words)[0],n=l[1],i=l[2],o=l[3],u=l[4],c=l[5],h=l[6],l=l[7],f=r.high,d=r.low,p=n.high,g=n.low,y=i.high,v=i.low,m=o.high,w=o.low,_=u.high,S=u.low,b=c.high,E=c.low,F=h.high,A=h.low,x=l.high,k=l.low,P=f,T=d,I=p,R=g,C=y,U=v,L=m,D=w,N=_,O=S,j=b,B=E,H=F,M=A,K=x,V=k,q=0;80>q;q++){var J=a[q];if(16>q)var W=J.high=0|e[t+2*q],$=J.low=0|e[t+2*q+1];else{W=(($=(W=a[q-15]).high)>>>1|(Y=W.low)<<31)^($>>>8|Y<<24)^$>>>7;var Y=(Y>>>1|$<<31)^(Y>>>8|$<<24)^(Y>>>7|$<<25),z=(($=(z=a[q-2]).high)>>>19|(G=z.low)<<13)^($<<3|G>>>29)^$>>>6,G=(G>>>19|$<<13)^(G<<3|$>>>29)^(G>>>6|$<<26),X=($=a[q-7]).high,Q=(Z=a[q-16]).high,Z=Z.low;W=(W=(W=W+X+(($=Y+$.low)>>>0<Y>>>0?1:0))+z+(($+=G)>>>0<G>>>0?1:0))+Q+(($+=Z)>>>0<Z>>>0?1:0),J.high=W,J.low=$}X=N&j^~N&H,Z=O&B^~O&M,J=P&I^P&C^I&C;var ee=T&R^T&U^R&U,te=(Y=(P>>>28|T<<4)^(P<<30|T>>>2)^(P<<25|T>>>7),z=(T>>>28|P<<4)^(T<<30|P>>>2)^(T<<25|P>>>7),(G=s[q]).high),re=G.low;Q=K+((N>>>14|O<<18)^(N>>>18|O<<14)^(N<<23|O>>>9))+((G=V+((O>>>14|N<<18)^(O>>>18|N<<14)^(O<<23|N>>>9)))>>>0<V>>>0?1:0),K=H,V=M,H=j,M=B,j=N,B=O,N=L+(Q=(Q=(Q=Q+X+((G+=Z)>>>0<Z>>>0?1:0))+te+((G+=re)>>>0<re>>>0?1:0))+W+((G+=$)>>>0<$>>>0?1:0))+((O=D+G|0)>>>0<D>>>0?1:0)|0,L=C,D=U,C=I,U=R,I=P,R=T,P=Q+(J=Y+J+(($=z+ee)>>>0<z>>>0?1:0))+((T=G+$|0)>>>0<G>>>0?1:0)|0}d=r.low=d+T,r.high=f+P+(d>>>0<T>>>0?1:0),g=n.low=g+R,n.high=p+I+(g>>>0<R>>>0?1:0),v=i.low=v+U,i.high=y+C+(v>>>0<U>>>0?1:0),w=o.low=w+D,o.high=m+L+(w>>>0<D>>>0?1:0),S=u.low=S+O,u.high=_+N+(S>>>0<O>>>0?1:0),E=c.low=E+B,c.high=b+j+(E>>>0<B>>>0?1:0),A=h.low=A+M,h.high=F+H+(A>>>0<M>>>0?1:0),k=l.low=k+V,l.high=x+K+(k>>>0<V>>>0?1:0)},_doFinalize:function(){var e=this._data,t=e.words,r=8*this._nDataBytes,n=8*e.sigBytes;return t[n>>>5]|=128<<24-n%32,t[30+(n+128>>>10<<5)]=Math.floor(r/4294967296),t[31+(n+128>>>10<<5)]=r,e.sigBytes=4*t.length,this._process(),this._hash.toX32()},clone:function(){var e=r.clone.call(this);return e._hash=this._hash.clone(),e},blockSize:32}),t.SHA512=r._createHelper(o),t.HmacSHA512=r._createHmacHelper(o)}(),function(){var e=y,t=(i=e.x64).Word,r=i.WordArray,n=(i=e.algo).SHA512,i=i.SHA384=n.extend({_doReset:function(){this._hash=new r.init([new t.init(3418070365,3238371032),new t.init(1654270250,914150663),new t.init(2438529370,812702999),new t.init(355462360,4144912697),new t.init(1731405415,4290775857),new t.init(2394180231,1750603025),new t.init(3675008525,1694076839),new t.init(1203062813,3204075428)])},_doFinalize:function(){var e=n._doFinalize.call(this);return e.sigBytes-=16,e}});e.SHA384=n._createHelper(i),e.HmacSHA384=n._createHmacHelper(i)}();
+/*! (c) Tom Wu | http://www-cs-students.stanford.edu/~tjw/jsbn/
+    		 */
+var v,m="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";function w(e){var t,r,n="";for(t=0;t+3<=e.length;t+=3)r=parseInt(e.substring(t,t+3),16),n+=m.charAt(r>>6)+m.charAt(63&r);for(t+1==e.length?(r=parseInt(e.substring(t,t+1),16),n+=m.charAt(r<<2)):t+2==e.length&&(r=parseInt(e.substring(t,t+2),16),n+=m.charAt(r>>2)+m.charAt((3&r)<<4));(3&n.length)>0;)n+="=";return n}function _(e){var t,r,n,i="",o=0;for(t=0;t<e.length&&"="!=e.charAt(t);++t)(n=m.indexOf(e.charAt(t)))<0||(0==o?(i+=k(n>>2),r=3&n,o=1):1==o?(i+=k(r<<2|n>>4),r=15&n,o=2):2==o?(i+=k(r),i+=k(n>>2),r=3&n,o=3):(i+=k(r<<2|n>>4),i+=k(15&n),o=0));return 1==o&&(i+=k(r<<2)),i}function S(e){var t,r=_(e),n=new Array;for(t=0;2*t<r.length;++t)n[t]=parseInt(r.substring(2*t,2*t+2),16);return n}function b(e,t,r){null!=e&&("number"==typeof e?this.fromNumber(e,t,r):null==t&&"string"!=typeof e?this.fromString(e,256):this.fromString(e,t))}function E(){return new b(null)}"Microsoft Internet Explorer"==p.appName?(b.prototype.am=function(e,t,r,n,i,o){for(var s=32767&t,a=t>>15;--o>=0;){var u=32767&this[e],c=this[e++]>>15,h=a*u+c*s;i=((u=s*u+((32767&h)<<15)+r[n]+(1073741823&i))>>>30)+(h>>>15)+a*c+(i>>>30),r[n++]=1073741823&u}return i},v=30):"Netscape"!=p.appName?(b.prototype.am=function(e,t,r,n,i,o){for(;--o>=0;){var s=t*this[e++]+r[n]+i;i=Math.floor(s/67108864),r[n++]=67108863&s}return i},v=26):(b.prototype.am=function(e,t,r,n,i,o){for(var s=16383&t,a=t>>14;--o>=0;){var u=16383&this[e],c=this[e++]>>14,h=a*u+c*s;i=((u=s*u+((16383&h)<<14)+r[n]+i)>>28)+(h>>14)+a*c,r[n++]=268435455&u}return i},v=28),b.prototype.DB=v,b.prototype.DM=(1<<v)-1,b.prototype.DV=1<<v,b.prototype.FV=Math.pow(2,52),b.prototype.F1=52-v,b.prototype.F2=2*v-52;var F,A,x=new Array;for(F="0".charCodeAt(0),A=0;A<=9;++A)x[F++]=A;for(F="a".charCodeAt(0),A=10;A<36;++A)x[F++]=A;for(F="A".charCodeAt(0),A=10;A<36;++A)x[F++]=A;function k(e){return"0123456789abcdefghijklmnopqrstuvwxyz".charAt(e)}function P(e,t){var r=x[e.charCodeAt(t)];return null==r?-1:r}function T(e){var t=E();return t.fromInt(e),t}function I(e){var t,r=1;return 0!=(t=e>>>16)&&(e=t,r+=16),0!=(t=e>>8)&&(e=t,r+=8),0!=(t=e>>4)&&(e=t,r+=4),0!=(t=e>>2)&&(e=t,r+=2),0!=(t=e>>1)&&(e=t,r+=1),r}function R(e){this.m=e}function C(e){this.m=e,this.mp=e.invDigit(),this.mpl=32767&this.mp,this.mph=this.mp>>15,this.um=(1<<e.DB-15)-1,this.mt2=2*e.t}function U(e,t){return e&t}function L(e,t){return e|t}function D(e,t){return e^t}function N(e,t){return e&~t}function O(e){if(0==e)return-1;var t=0;return!(65535&e)&&(e>>=16,t+=16),!(255&e)&&(e>>=8,t+=8),!(15&e)&&(e>>=4,t+=4),!(3&e)&&(e>>=2,t+=2),!(1&e)&&++t,t}function j(e){for(var t=0;0!=e;)e&=e-1,++t;return t}function B(){}function H(e){return e}function M(e){this.r2=E(),this.q3=E(),b.ONE.dlShiftTo(2*e.t,this.r2),this.mu=this.r2.divide(e),this.m=e}R.prototype.convert=function(e){return e.s<0||e.compareTo(this.m)>=0?e.mod(this.m):e},R.prototype.revert=function(e){return e},R.prototype.reduce=function(e){e.divRemTo(this.m,null,e)},R.prototype.mulTo=function(e,t,r){e.multiplyTo(t,r),this.reduce(r)},R.prototype.sqrTo=function(e,t){e.squareTo(t),this.reduce(t)},C.prototype.convert=function(e){var t=E();return e.abs().dlShiftTo(this.m.t,t),t.divRemTo(this.m,null,t),e.s<0&&t.compareTo(b.ZERO)>0&&this.m.subTo(t,t),t},C.prototype.revert=function(e){var t=E();return e.copyTo(t),this.reduce(t),t},C.prototype.reduce=function(e){for(;e.t<=this.mt2;)e[e.t++]=0;for(var t=0;t<this.m.t;++t){var r=32767&e[t],n=r*this.mpl+((r*this.mph+(e[t]>>15)*this.mpl&this.um)<<15)&e.DM;for(e[r=t+this.m.t]+=this.m.am(0,n,e,t,0,this.m.t);e[r]>=e.DV;)e[r]-=e.DV,e[++r]++}e.clamp(),e.drShiftTo(this.m.t,e),e.compareTo(this.m)>=0&&e.subTo(this.m,e)},C.prototype.mulTo=function(e,t,r){e.multiplyTo(t,r),this.reduce(r)},C.prototype.sqrTo=function(e,t){e.squareTo(t),this.reduce(t)},b.prototype.copyTo=function(e){for(var t=this.t-1;t>=0;--t)e[t]=this[t];e.t=this.t,e.s=this.s},b.prototype.fromInt=function(e){this.t=1,this.s=e<0?-1:0,e>0?this[0]=e:e<-1?this[0]=e+this.DV:this.t=0},b.prototype.fromString=function(e,t){var r;if(16==t)r=4;else if(8==t)r=3;else if(256==t)r=8;else if(2==t)r=1;else if(32==t)r=5;else{if(4!=t)return void this.fromRadix(e,t);r=2}this.t=0,this.s=0;for(var n=e.length,i=!1,o=0;--n>=0;){var s=8==r?255&e[n]:P(e,n);s<0?"-"==e.charAt(n)&&(i=!0):(i=!1,0==o?this[this.t++]=s:o+r>this.DB?(this[this.t-1]|=(s&(1<<this.DB-o)-1)<<o,this[this.t++]=s>>this.DB-o):this[this.t-1]|=s<<o,(o+=r)>=this.DB&&(o-=this.DB))}8==r&&!!(128&e[0])&&(this.s=-1,o>0&&(this[this.t-1]|=(1<<this.DB-o)-1<<o)),this.clamp(),i&&b.ZERO.subTo(this,this)},b.prototype.clamp=function(){for(var e=this.s&this.DM;this.t>0&&this[this.t-1]==e;)--this.t},b.prototype.dlShiftTo=function(e,t){var r;for(r=this.t-1;r>=0;--r)t[r+e]=this[r];for(r=e-1;r>=0;--r)t[r]=0;t.t=this.t+e,t.s=this.s},b.prototype.drShiftTo=function(e,t){for(var r=e;r<this.t;++r)t[r-e]=this[r];t.t=Math.max(this.t-e,0),t.s=this.s},b.prototype.lShiftTo=function(e,t){var r,n=e%this.DB,i=this.DB-n,o=(1<<i)-1,s=Math.floor(e/this.DB),a=this.s<<n&this.DM;for(r=this.t-1;r>=0;--r)t[r+s+1]=this[r]>>i|a,a=(this[r]&o)<<n;for(r=s-1;r>=0;--r)t[r]=0;t[s]=a,t.t=this.t+s+1,t.s=this.s,t.clamp()},b.prototype.rShiftTo=function(e,t){t.s=this.s;var r=Math.floor(e/this.DB);if(r>=this.t)t.t=0;else{var n=e%this.DB,i=this.DB-n,o=(1<<n)-1;t[0]=this[r]>>n;for(var s=r+1;s<this.t;++s)t[s-r-1]|=(this[s]&o)<<i,t[s-r]=this[s]>>n;n>0&&(t[this.t-r-1]|=(this.s&o)<<i),t.t=this.t-r,t.clamp()}},b.prototype.subTo=function(e,t){for(var r=0,n=0,i=Math.min(e.t,this.t);r<i;)n+=this[r]-e[r],t[r++]=n&this.DM,n>>=this.DB;if(e.t<this.t){for(n-=e.s;r<this.t;)n+=this[r],t[r++]=n&this.DM,n>>=this.DB;n+=this.s}else{for(n+=this.s;r<e.t;)n-=e[r],t[r++]=n&this.DM,n>>=this.DB;n-=e.s}t.s=n<0?-1:0,n<-1?t[r++]=this.DV+n:n>0&&(t[r++]=n),t.t=r,t.clamp()},b.prototype.multiplyTo=function(e,t){var r=this.abs(),n=e.abs(),i=r.t;for(t.t=i+n.t;--i>=0;)t[i]=0;for(i=0;i<n.t;++i)t[i+r.t]=r.am(0,n[i],t,i,0,r.t);t.s=0,t.clamp(),this.s!=e.s&&b.ZERO.subTo(t,t)},b.prototype.squareTo=function(e){for(var t=this.abs(),r=e.t=2*t.t;--r>=0;)e[r]=0;for(r=0;r<t.t-1;++r){var n=t.am(r,t[r],e,2*r,0,1);(e[r+t.t]+=t.am(r+1,2*t[r],e,2*r+1,n,t.t-r-1))>=t.DV&&(e[r+t.t]-=t.DV,e[r+t.t+1]=1)}e.t>0&&(e[e.t-1]+=t.am(r,t[r],e,2*r,0,1)),e.s=0,e.clamp()},b.prototype.divRemTo=function(e,t,r){var n=e.abs();if(!(n.t<=0)){var i=this.abs();if(i.t<n.t)return null!=t&&t.fromInt(0),void(null!=r&&this.copyTo(r));null==r&&(r=E());var o=E(),s=this.s,a=e.s,u=this.DB-I(n[n.t-1]);u>0?(n.lShiftTo(u,o),i.lShiftTo(u,r)):(n.copyTo(o),i.copyTo(r));var c=o.t,h=o[c-1];if(0!=h){var l=h*(1<<this.F1)+(c>1?o[c-2]>>this.F2:0),f=this.FV/l,d=(1<<this.F1)/l,p=1<<this.F2,g=r.t,y=g-c,v=null==t?E():t;for(o.dlShiftTo(y,v),r.compareTo(v)>=0&&(r[r.t++]=1,r.subTo(v,r)),b.ONE.dlShiftTo(c,v),v.subTo(o,o);o.t<c;)o[o.t++]=0;for(;--y>=0;){var m=r[--g]==h?this.DM:Math.floor(r[g]*f+(r[g-1]+p)*d);if((r[g]+=o.am(0,m,r,y,0,c))<m)for(o.dlShiftTo(y,v),r.subTo(v,r);r[g]<--m;)r.subTo(v,r)}null!=t&&(r.drShiftTo(c,t),s!=a&&b.ZERO.subTo(t,t)),r.t=c,r.clamp(),u>0&&r.rShiftTo(u,r),s<0&&b.ZERO.subTo(r,r)}}},b.prototype.invDigit=function(){if(this.t<1)return 0;var e=this[0];if(!(1&e))return 0;var t=3&e;return(t=(t=(t=(t=t*(2-(15&e)*t)&15)*(2-(255&e)*t)&255)*(2-((65535&e)*t&65535))&65535)*(2-e*t%this.DV)%this.DV)>0?this.DV-t:-t},b.prototype.isEven=function(){return 0==(this.t>0?1&this[0]:this.s)},b.prototype.exp=function(e,t){if(e>4294967295||e<1)return b.ONE;var r=E(),n=E(),i=t.convert(this),o=I(e)-1;for(i.copyTo(r);--o>=0;)if(t.sqrTo(r,n),(e&1<<o)>0)t.mulTo(n,i,r);else{var s=r;r=n,n=s}return t.revert(r)},b.prototype.toString=function(e){if(this.s<0)return"-"+this.negate().toString(e);var t;if(16==e)t=4;else if(8==e)t=3;else if(2==e)t=1;else if(32==e)t=5;else{if(4!=e)return this.toRadix(e);t=2}var r,n=(1<<t)-1,i=!1,o="",s=this.t,a=this.DB-s*this.DB%t;if(s-- >0)for(a<this.DB&&(r=this[s]>>a)>0&&(i=!0,o=k(r));s>=0;)a<t?(r=(this[s]&(1<<a)-1)<<t-a,r|=this[--s]>>(a+=this.DB-t)):(r=this[s]>>(a-=t)&n,a<=0&&(a+=this.DB,--s)),r>0&&(i=!0),i&&(o+=k(r));return i?o:"0"},b.prototype.negate=function(){var e=E();return b.ZERO.subTo(this,e),e},b.prototype.abs=function(){return this.s<0?this.negate():this},b.prototype.compareTo=function(e){var t=this.s-e.s;if(0!=t)return t;var r=this.t;if(0!=(t=r-e.t))return this.s<0?-t:t;for(;--r>=0;)if(0!=(t=this[r]-e[r]))return t;return 0},b.prototype.bitLength=function(){return this.t<=0?0:this.DB*(this.t-1)+I(this[this.t-1]^this.s&this.DM)},b.prototype.mod=function(e){var t=E();return this.abs().divRemTo(e,null,t),this.s<0&&t.compareTo(b.ZERO)>0&&e.subTo(t,t),t},b.prototype.modPowInt=function(e,t){var r;return r=e<256||t.isEven()?new R(t):new C(t),this.exp(e,r)},b.ZERO=T(0),b.ONE=T(1),B.prototype.convert=H,B.prototype.revert=H,B.prototype.mulTo=function(e,t,r){e.multiplyTo(t,r)},B.prototype.sqrTo=function(e,t){e.squareTo(t)},M.prototype.convert=function(e){if(e.s<0||e.t>2*this.m.t)return e.mod(this.m);if(e.compareTo(this.m)<0)return e;var t=E();return e.copyTo(t),this.reduce(t),t},M.prototype.revert=function(e){return e},M.prototype.reduce=function(e){for(e.drShiftTo(this.m.t-1,this.r2),e.t>this.m.t+1&&(e.t=this.m.t+1,e.clamp()),this.mu.multiplyUpperTo(this.r2,this.m.t+1,this.q3),this.m.multiplyLowerTo(this.q3,this.m.t+1,this.r2);e.compareTo(this.r2)<0;)e.dAddOffset(1,this.m.t+1);for(e.subTo(this.r2,e);e.compareTo(this.m)>=0;)e.subTo(this.m,e)},M.prototype.mulTo=function(e,t,r){e.multiplyTo(t,r),this.reduce(r)},M.prototype.sqrTo=function(e,t){e.squareTo(t),this.reduce(t)};var K,V,q,J=[2,3,5,7,11,13,17,19,23,29,31,37,41,43,47,53,59,61,67,71,73,79,83,89,97,101,103,107,109,113,127,131,137,139,149,151,157,163,167,173,179,181,191,193,197,199,211,223,227,229,233,239,241,251,257,263,269,271,277,281,283,293,307,311,313,317,331,337,347,349,353,359,367,373,379,383,389,397,401,409,419,421,431,433,439,443,449,457,461,463,467,479,487,491,499,503,509,521,523,541,547,557,563,569,571,577,587,593,599,601,607,613,617,619,631,641,643,647,653,659,661,673,677,683,691,701,709,719,727,733,739,743,751,757,761,769,773,787,797,809,811,821,823,827,829,839,853,857,859,863,877,881,883,887,907,911,919,929,937,941,947,953,967,971,977,983,991,997],W=(1<<26)/J[J.length-1];
+/*! (c) Tom Wu | http://www-cs-students.stanford.edu/~tjw/jsbn/
+    		 */function $(){this.i=0,this.j=0,this.S=new Array}
+/*! (c) Tom Wu | http://www-cs-students.stanford.edu/~tjw/jsbn/
+    		 */
+function Y(){!function(e){V[q++]^=255&e,V[q++]^=e>>8&255,V[q++]^=e>>16&255,V[q++]^=e>>24&255,q>=256&&(q-=256)}((new Date).getTime())}if(b.prototype.chunkSize=function(e){return Math.floor(Math.LN2*this.DB/Math.log(e))},b.prototype.toRadix=function(e){if(null==e&&(e=10),0==this.signum()||e<2||e>36)return"0";var t=this.chunkSize(e),r=Math.pow(e,t),n=T(r),i=E(),o=E(),s="";for(this.divRemTo(n,i,o);i.signum()>0;)s=(r+o.intValue()).toString(e).substr(1)+s,i.divRemTo(n,i,o);return o.intValue().toString(e)+s},b.prototype.fromRadix=function(e,t){this.fromInt(0),null==t&&(t=10);for(var r=this.chunkSize(t),n=Math.pow(t,r),i=!1,o=0,s=0,a=0;a<e.length;++a){var u=P(e,a);u<0?"-"==e.charAt(a)&&0==this.signum()&&(i=!0):(s=t*s+u,++o>=r&&(this.dMultiply(n),this.dAddOffset(s,0),o=0,s=0))}o>0&&(this.dMultiply(Math.pow(t,o)),this.dAddOffset(s,0)),i&&b.ZERO.subTo(this,this)},b.prototype.fromNumber=function(e,t,r){if("number"==typeof t)if(e<2)this.fromInt(1);else for(this.fromNumber(e,r),this.testBit(e-1)||this.bitwiseTo(b.ONE.shiftLeft(e-1),L,this),this.isEven()&&this.dAddOffset(1,0);!this.isProbablePrime(t);)this.dAddOffset(2,0),this.bitLength()>e&&this.subTo(b.ONE.shiftLeft(e-1),this);else{var n=new Array,i=7&e;n.length=1+(e>>3),t.nextBytes(n),i>0?n[0]&=(1<<i)-1:n[0]=0,this.fromString(n,256)}},b.prototype.bitwiseTo=function(e,t,r){var n,i,o=Math.min(e.t,this.t);for(n=0;n<o;++n)r[n]=t(this[n],e[n]);if(e.t<this.t){for(i=e.s&this.DM,n=o;n<this.t;++n)r[n]=t(this[n],i);r.t=this.t}else{for(i=this.s&this.DM,n=o;n<e.t;++n)r[n]=t(i,e[n]);r.t=e.t}r.s=t(this.s,e.s),r.clamp()},b.prototype.changeBit=function(e,t){var r=b.ONE.shiftLeft(e);return this.bitwiseTo(r,t,r),r},b.prototype.addTo=function(e,t){for(var r=0,n=0,i=Math.min(e.t,this.t);r<i;)n+=this[r]+e[r],t[r++]=n&this.DM,n>>=this.DB;if(e.t<this.t){for(n+=e.s;r<this.t;)n+=this[r],t[r++]=n&this.DM,n>>=this.DB;n+=this.s}else{for(n+=this.s;r<e.t;)n+=e[r],t[r++]=n&this.DM,n>>=this.DB;n+=e.s}t.s=n<0?-1:0,n>0?t[r++]=n:n<-1&&(t[r++]=this.DV+n),t.t=r,t.clamp()},b.prototype.dMultiply=function(e){this[this.t]=this.am(0,e-1,this,0,0,this.t),++this.t,this.clamp()},b.prototype.dAddOffset=function(e,t){if(0!=e){for(;this.t<=t;)this[this.t++]=0;for(this[t]+=e;this[t]>=this.DV;)this[t]-=this.DV,++t>=this.t&&(this[this.t++]=0),++this[t]}},b.prototype.multiplyLowerTo=function(e,t,r){var n,i=Math.min(this.t+e.t,t);for(r.s=0,r.t=i;i>0;)r[--i]=0;for(n=r.t-this.t;i<n;++i)r[i+this.t]=this.am(0,e[i],r,i,0,this.t);for(n=Math.min(e.t,t);i<n;++i)this.am(0,e[i],r,i,0,t-i);r.clamp()},b.prototype.multiplyUpperTo=function(e,t,r){--t;var n=r.t=this.t+e.t-t;for(r.s=0;--n>=0;)r[n]=0;for(n=Math.max(t-this.t,0);n<e.t;++n)r[this.t+n-t]=this.am(t-n,e[n],r,0,0,this.t+n-t);r.clamp(),r.drShiftTo(1,r)},b.prototype.modInt=function(e){if(e<=0)return 0;var t=this.DV%e,r=this.s<0?e-1:0;if(this.t>0)if(0==t)r=this[0]%e;else for(var n=this.t-1;n>=0;--n)r=(t*r+this[n])%e;return r},b.prototype.millerRabin=function(e){var t=this.subtract(b.ONE),r=t.getLowestSetBit();if(r<=0)return!1;var n=t.shiftRight(r);(e=e+1>>1)>J.length&&(e=J.length);for(var i=E(),o=0;o<e;++o){i.fromInt(J[Math.floor(Math.random()*J.length)]);var s=i.modPow(n,this);if(0!=s.compareTo(b.ONE)&&0!=s.compareTo(t)){for(var a=1;a++<r&&0!=s.compareTo(t);)if(0==(s=s.modPowInt(2,this)).compareTo(b.ONE))return!1;if(0!=s.compareTo(t))return!1}}return!0},b.prototype.clone=
+/*! (c) Tom Wu | http://www-cs-students.stanford.edu/~tjw/jsbn/
+    		 */
+function(){var e=E();return this.copyTo(e),e},b.prototype.intValue=function(){if(this.s<0){if(1==this.t)return this[0]-this.DV;if(0==this.t)return-1}else{if(1==this.t)return this[0];if(0==this.t)return 0}return(this[1]&(1<<32-this.DB)-1)<<this.DB|this[0]},b.prototype.byteValue=function(){return 0==this.t?this.s:this[0]<<24>>24},b.prototype.shortValue=function(){return 0==this.t?this.s:this[0]<<16>>16},b.prototype.signum=function(){return this.s<0?-1:this.t<=0||1==this.t&&this[0]<=0?0:1},b.prototype.toByteArray=function(){var e=this.t,t=new Array;t[0]=this.s;var r,n=this.DB-e*this.DB%8,i=0;if(e-- >0)for(n<this.DB&&(r=this[e]>>n)!=(this.s&this.DM)>>n&&(t[i++]=r|this.s<<this.DB-n);e>=0;)n<8?(r=(this[e]&(1<<n)-1)<<8-n,r|=this[--e]>>(n+=this.DB-8)):(r=this[e]>>(n-=8)&255,n<=0&&(n+=this.DB,--e)),!!(128&r)&&(r|=-256),0==i&&(128&this.s)!=(128&r)&&++i,(i>0||r!=this.s)&&(t[i++]=r);return t},b.prototype.equals=function(e){return 0==this.compareTo(e)},b.prototype.min=function(e){return this.compareTo(e)<0?this:e},b.prototype.max=function(e){return this.compareTo(e)>0?this:e},b.prototype.and=function(e){var t=E();return this.bitwiseTo(e,U,t),t},b.prototype.or=function(e){var t=E();return this.bitwiseTo(e,L,t),t},b.prototype.xor=function(e){var t=E();return this.bitwiseTo(e,D,t),t},b.prototype.andNot=function(e){var t=E();return this.bitwiseTo(e,N,t),t},b.prototype.not=function(){for(var e=E(),t=0;t<this.t;++t)e[t]=this.DM&~this[t];return e.t=this.t,e.s=~this.s,e},b.prototype.shiftLeft=function(e){var t=E();return e<0?this.rShiftTo(-e,t):this.lShiftTo(e,t),t},b.prototype.shiftRight=function(e){var t=E();return e<0?this.lShiftTo(-e,t):this.rShiftTo(e,t),t},b.prototype.getLowestSetBit=function(){for(var e=0;e<this.t;++e)if(0!=this[e])return e*this.DB+O(this[e]);return this.s<0?this.t*this.DB:-1},b.prototype.bitCount=function(){for(var e=0,t=this.s&this.DM,r=0;r<this.t;++r)e+=j(this[r]^t);return e},b.prototype.testBit=function(e){var t=Math.floor(e/this.DB);return t>=this.t?0!=this.s:!!(this[t]&1<<e%this.DB)},b.prototype.setBit=function(e){return this.changeBit(e,L)},b.prototype.clearBit=function(e){return this.changeBit(e,N)},b.prototype.flipBit=function(e){return this.changeBit(e,D)},b.prototype.add=function(e){var t=E();return this.addTo(e,t),t},b.prototype.subtract=function(e){var t=E();return this.subTo(e,t),t},b.prototype.multiply=function(e){var t=E();return this.multiplyTo(e,t),t},b.prototype.divide=function(e){var t=E();return this.divRemTo(e,t,null),t},b.prototype.remainder=function(e){var t=E();return this.divRemTo(e,null,t),t},b.prototype.divideAndRemainder=function(e){var t=E(),r=E();return this.divRemTo(e,t,r),new Array(t,r)},b.prototype.modPow=function(e,t){var r,n,i=e.bitLength(),o=T(1);if(i<=0)return o;r=i<18?1:i<48?3:i<144?4:i<768?5:6,n=i<8?new R(t):t.isEven()?new M(t):new C(t);var s=new Array,a=3,u=r-1,c=(1<<r)-1;if(s[1]=n.convert(this),r>1){var h=E();for(n.sqrTo(s[1],h);a<=c;)s[a]=E(),n.mulTo(h,s[a-2],s[a]),a+=2}var l,f,d=e.t-1,p=!0,g=E();for(i=I(e[d])-1;d>=0;){for(i>=u?l=e[d]>>i-u&c:(l=(e[d]&(1<<i+1)-1)<<u-i,d>0&&(l|=e[d-1]>>this.DB+i-u)),a=r;!(1&l);)l>>=1,--a;if((i-=a)<0&&(i+=this.DB,--d),p)s[l].copyTo(o),p=!1;else{for(;a>1;)n.sqrTo(o,g),n.sqrTo(g,o),a-=2;a>0?n.sqrTo(o,g):(f=o,o=g,g=f),n.mulTo(g,s[l],o)}for(;d>=0&&!(e[d]&1<<i);)n.sqrTo(o,g),f=o,o=g,g=f,--i<0&&(i=this.DB-1,--d)}return n.revert(o)},b.prototype.modInverse=function(e){var t=e.isEven();if(this.isEven()&&t||0==e.signum())return b.ZERO;for(var r=e.clone(),n=this.clone(),i=T(1),o=T(0),s=T(0),a=T(1);0!=r.signum();){for(;r.isEven();)r.rShiftTo(1,r),t?(i.isEven()&&o.isEven()||(i.addTo(this,i),o.subTo(e,o)),i.rShiftTo(1,i)):o.isEven()||o.subTo(e,o),o.rShiftTo(1,o);for(;n.isEven();)n.rShiftTo(1,n),t?(s.isEven()&&a.isEven()||(s.addTo(this,s),a.subTo(e,a)),s.rShiftTo(1,s)):a.isEven()||a.subTo(e,a),a.rShiftTo(1,a);r.compareTo(n)>=0?(r.subTo(n,r),t&&i.subTo(s,i),o.subTo(a,o)):(n.subTo(r,n),t&&s.subTo(i,s),a.subTo(o,a))}return 0!=n.compareTo(b.ONE)?b.ZERO:a.compareTo(e)>=0?a.subtract(e):a.signum()<0?(a.addTo(e,a),a.signum()<0?a.add(e):a):a},b.prototype.pow=function(e){return this.exp(e,new B)},b.prototype.gcd=function(e){var t=this.s<0?this.negate():this.clone(),r=e.s<0?e.negate():e.clone();if(t.compareTo(r)<0){var n=t;t=r,r=n}var i=t.getLowestSetBit(),o=r.getLowestSetBit();if(o<0)return t;for(i<o&&(o=i),o>0&&(t.rShiftTo(o,t),r.rShiftTo(o,r));t.signum()>0;)(i=t.getLowestSetBit())>0&&t.rShiftTo(i,t),(i=r.getLowestSetBit())>0&&r.rShiftTo(i,r),t.compareTo(r)>=0?(t.subTo(r,t),t.rShiftTo(1,t)):(r.subTo(t,r),r.rShiftTo(1,r));return o>0&&r.lShiftTo(o,r),r},b.prototype.isProbablePrime=function(e){var t,r=this.abs();if(1==r.t&&r[0]<=J[J.length-1]){for(t=0;t<J.length;++t)if(r[0]==J[t])return!0;return!1}if(r.isEven())return!1;for(t=1;t<J.length;){for(var n=J[t],i=t+1;i<J.length&&n<W;)n*=J[i++];for(n=r.modInt(n);t<i;)if(n%J[t++]==0)return!1}return r.millerRabin(e)},b.prototype.square=function(){var e=E();return this.squareTo(e),e},$.prototype.init=function(e){var t,r,n;for(t=0;t<256;++t)this.S[t]=t;for(r=0,t=0;t<256;++t)r=r+this.S[t]+e[t%e.length]&255,n=this.S[t],this.S[t]=this.S[r],this.S[r]=n;this.i=0,this.j=0},$.prototype.next=function(){var e;return this.i=this.i+1&255,this.j=this.j+this.S[this.i]&255,e=this.S[this.i],this.S[this.i]=this.S[this.j],this.S[this.j]=e,this.S[e+this.S[this.i]&255]},null==V){var z;if(V=new Array,q=0,void 0!==g&&(void 0!==g.crypto||void 0!==g.msCrypto)){var G=g.crypto||g.msCrypto;if(G.getRandomValues){var X=new Uint8Array(32);for(G.getRandomValues(X),z=0;z<32;++z)V[q++]=X[z]}else if("Netscape"==p.appName&&p.appVersion<"5"){var Q=g.crypto.random(32);for(z=0;z<Q.length;++z)V[q++]=255&Q.charCodeAt(z)}}for(;q<256;)z=Math.floor(65536*Math.random()),V[q++]=z>>>8,V[q++]=255&z;q=0,Y()}function Z(){if(null==K){for(Y(),(K=new $).init(V),q=0;q<V.length;++q)V[q]=0;q=0}return K.next()}function ee(){}
+/*! (c) Tom Wu | http://www-cs-students.stanford.edu/~tjw/jsbn/
+    		 */function te(e,t){return new b(e,t)}function re(e,t,r){for(var n="",i=0;n.length<t;)n+=r(String.fromCharCode.apply(String,e.concat([(4278190080&i)>>24,(16711680&i)>>16,(65280&i)>>8,255&i]))),i+=1;return n}function ne(){this.n=null,this.e=0,this.d=null,this.p=null,this.q=null,this.dmp1=null,this.dmq1=null,this.coeff=null
+/*! (c) Tom Wu | http://www-cs-students.stanford.edu/~tjw/jsbn/
+    		 */}function ie(e,t){this.x=t,this.q=e}function oe(e,t,r,n){this.curve=e,this.x=t,this.y=r,this.z=null==n?b.ONE:n,this.zinv=null}function se(e,t,r){this.q=e,this.a=this.fromBigInteger(t),this.b=this.fromBigInteger(r),this.infinity=new oe(this,null,null)}ee.prototype.nextBytes=function(e){var t;for(t=0;t<e.length;++t)e[t]=Z()},ne.prototype.doPublic=function(e){return e.modPowInt(this.e,this.n)},ne.prototype.setPublic=function(e,t){if(this.isPublic=!0,this.isPrivate=!1,"string"!=typeof e)this.n=e,this.e=t;else{if(!(null!=e&&null!=t&&e.length>0&&t.length>0))throw"Invalid RSA public key";this.n=te(e,16),this.e=parseInt(t,16)}},ne.prototype.encrypt=function(e){var t=function(e,t){if(t<e.length+11)throw"Message too long for RSA";for(var r=new Array,n=e.length-1;n>=0&&t>0;){var i=e.charCodeAt(n--);i<128?r[--t]=i:i>127&&i<2048?(r[--t]=63&i|128,r[--t]=i>>6|192):(r[--t]=63&i|128,r[--t]=i>>6&63|128,r[--t]=i>>12|224)}r[--t]=0;for(var o=new ee,s=new Array;t>2;){for(s[0]=0;0==s[0];)o.nextBytes(s);r[--t]=s[0]}return r[--t]=2,r[--t]=0,new b(r)}(e,this.n.bitLength()+7>>3);if(null==t)return null;var r=this.doPublic(t);if(null==r)return null;var n=r.toString(16);return 1&n.length?"0"+n:n},ne.prototype.encryptOAEP=function(e,t,r){var n=function(e,t,r,n){var i=ue.crypto.MessageDigest,o=ue.crypto.Util,s=null;if(r||(r="sha1"),"string"==typeof r&&(s=i.getCanonicalAlgName(r),n=i.getHashLength(s),r=function(e){return be(o.hashHex(Ee(e),s))}),e.length+2*n+2>t)throw"Message too long for RSA";var a,u="";for(a=0;a<t-e.length-2*n-2;a+=1)u+="\0";var c=r("")+u+"
"+e,h=new Array(n);(new ee).nextBytes(h);var l=re(h,c.length,r),f=[];for(a=0;a<c.length;a+=1)f[a]=c.charCodeAt(a)^l.charCodeAt(a);var d=re(f,h.length,r),p=[0];for(a=0;a<h.length;a+=1)p[a+1]=h[a]^d.charCodeAt(a);return new b(p.concat(f))}(e,this.n.bitLength()+7>>3,t,r);if(null==n)return null;var i=this.doPublic(n);if(null==i)return null;var o=i.toString(16);return 1&o.length?"0"+o:o},ne.prototype.type="RSA",ie.prototype.equals=function(e){return e==this||this.q.equals(e.q)&&this.x.equals(e.x)},ie.prototype.toBigInteger=function(){return this.x},ie.prototype.negate=function(){return new ie(this.q,this.x.negate().mod(this.q))},ie.prototype.add=function(e){return new ie(this.q,this.x.add(e.toBigInteger()).mod(this.q))},ie.prototype.subtract=function(e){return new ie(this.q,this.x.subtract(e.toBigInteger()).mod(this.q))},ie.prototype.multiply=function(e){return new ie(this.q,this.x.multiply(e.toBigInteger()).mod(this.q))},ie.prototype.square=function(){return new ie(this.q,this.x.square().mod(this.q))},ie.prototype.divide=function(e){return new ie(this.q,this.x.multiply(e.toBigInteger().modInverse(this.q)).mod(this.q))},oe.prototype.getX=function(){return null==this.zinv&&(this.zinv=this.z.modInverse(this.curve.q)),this.curve.fromBigInteger(this.x.toBigInteger().multiply(this.zinv).mod(this.curve.q))},oe.prototype.getY=function(){return null==this.zinv&&(this.zinv=this.z.modInverse(this.curve.q)),this.curve.fromBigInteger(this.y.toBigInteger().multiply(this.zinv).mod(this.curve.q))},oe.prototype.equals=function(e){return e==this||(this.isInfinity()?e.isInfinity():e.isInfinity()?this.isInfinity():!!e.y.toBigInteger().multiply(this.z).subtract(this.y.toBigInteger().multiply(e.z)).mod(this.curve.q).equals(b.ZERO)&&e.x.toBigInteger().multiply(this.z).subtract(this.x.toBigInteger().multiply(e.z)).mod(this.curve.q).equals(b.ZERO))},oe.prototype.isInfinity=function(){return null==this.x&&null==this.y||this.z.equals(b.ZERO)&&!this.y.toBigInteger().equals(b.ZERO)},oe.prototype.negate=function(){return new oe(this.curve,this.x,this.y.negate(),this.z)},oe.prototype.add=function(e){if(this.isInfinity())return e;if(e.isInfinity())return this;var t=e.y.toBigInteger().multiply(this.z).subtract(this.y.toBigInteger().multiply(e.z)).mod(this.curve.q),r=e.x.toBigInteger().multiply(this.z).subtract(this.x.toBigInteger().multiply(e.z)).mod(this.curve.q);if(b.ZERO.equals(r))return b.ZERO.equals(t)?this.twice():this.curve.getInfinity();var n=new b("3"),i=this.x.toBigInteger(),o=this.y.toBigInteger(),s=(e.x.toBigInteger(),e.y.toBigInteger(),r.square()),a=s.multiply(r),u=i.multiply(s),c=t.square().multiply(this.z),h=c.subtract(u.shiftLeft(1)).multiply(e.z).subtract(a).multiply(r).mod(this.curve.q),l=u.multiply(n).multiply(t).subtract(o.multiply(a)).subtract(c.multiply(t)).multiply(e.z).add(t.multiply(a)).mod(this.curve.q),f=a.multiply(this.z).multiply(e.z).mod(this.curve.q);return new oe(this.curve,this.curve.fromBigInteger(h),this.curve.fromBigInteger(l),f)},oe.prototype.twice=function(){if(this.isInfinity())return this;if(0==this.y.toBigInteger().signum())return this.curve.getInfinity();var e=new b("3"),t=this.x.toBigInteger(),r=this.y.toBigInteger(),n=r.multiply(this.z),i=n.multiply(r).mod(this.curve.q),o=this.curve.a.toBigInteger(),s=t.square().multiply(e);b.ZERO.equals(o)||(s=s.add(this.z.square().multiply(o)));var a=(s=s.mod(this.curve.q)).square().subtract(t.shiftLeft(3).multiply(i)).shiftLeft(1).multiply(n).mod(this.curve.q),u=s.multiply(e).multiply(t).subtract(i.shiftLeft(1)).shiftLeft(2).multiply(i).subtract(s.square().multiply(s)).mod(this.curve.q),c=n.square().multiply(n).shiftLeft(3).mod(this.curve.q);return new oe(this.curve,this.curve.fromBigInteger(a),this.curve.fromBigInteger(u),c)},oe.prototype.multiply=function(e){if(this.isInfinity())return this;if(0==e.signum())return this.curve.getInfinity();var t,r=e,n=r.multiply(new b("3")),i=this.negate(),o=this,s=this.curve.q.subtract(e),a=s.multiply(new b("3")),u=new oe(this.curve,this.x,this.y),c=u.negate();for(t=n.bitLength()-2;t>0;--t){o=o.twice();var h=n.testBit(t);h!=r.testBit(t)&&(o=o.add(h?this:i))}for(t=a.bitLength()-2;t>0;--t){u=u.twice();var l=a.testBit(t);l!=s.testBit(t)&&(u=u.add(l?u:c))}return o},oe.prototype.multiplyTwo=function(e,t,r){var n;n=e.bitLength()>r.bitLength()?e.bitLength()-1:r.bitLength()-1;for(var i=this.curve.getInfinity(),o=this.add(t);n>=0;)i=i.twice(),e.testBit(n)?i=r.testBit(n)?i.add(o):i.add(this):r.testBit(n)&&(i=i.add(t)),--n;return i},se.prototype.getQ=function(){return this.q},se.prototype.getA=function(){return this.a},se.prototype.getB=function(){return this.b},se.prototype.equals=function(e){return e==this||this.q.equals(e.q)&&this.a.equals(e.a)&&this.b.equals(e.b)},se.prototype.getInfinity=function(){return this.infinity},se.prototype.fromBigInteger=function(e){return new ie(this.q,e)},se.prototype.decodePointHex=function(e){switch(parseInt(e.substr(0,2),16)){case 0:return this.infinity;case 2:case 3:default:return null;case 4:case 6:case 7:var t=(e.length-2)/2,r=e.substr(2,t),n=e.substr(t+2,t);return new oe(this,this.fromBigInteger(new b(r,16)),this.fromBigInteger(new b(n,16)))}},
+/*! (c) Stefan Thomas | https://github.com/bitcoinjs/bitcoinjs-lib
+    		 */
+ie.prototype.getByteLength=function(){return Math.floor((this.toBigInteger().bitLength()+7)/8)},oe.prototype.getEncoded=function(e){var t=function(e,t){var r=e.toByteArrayUnsigned();if(t<r.length)r=r.slice(r.length-t);else for(;t>r.length;)r.unshift(0);return r},r=this.getX().toBigInteger(),n=this.getY().toBigInteger(),i=t(r,32);return e?n.isEven()?i.unshift(2):i.unshift(3):(i.unshift(4),i=i.concat(t(n,32))),i},oe.decodeFrom=function(e,t){t[0];var r=t.length-1,n=t.slice(1,1+r/2),i=t.slice(1+r/2,1+r);n.unshift(0),i.unshift(0);var o=new b(n),s=new b(i);return new oe(e,e.fromBigInteger(o),e.fromBigInteger(s))},oe.decodeFromHex=function(e,t){t.substr(0,2);var r=t.length-2,n=t.substr(2,r/2),i=t.substr(2+r/2,r/2),o=new b(n,16),s=new b(i,16);return new oe(e,e.fromBigInteger(o),e.fromBigInteger(s))},oe.prototype.add2D=function(e){if(this.isInfinity())return e;if(e.isInfinity())return this;if(this.x.equals(e.x))return this.y.equals(e.y)?this.twice():this.curve.getInfinity();var t=e.x.subtract(this.x),r=e.y.subtract(this.y).divide(t),n=r.square().subtract(this.x).subtract(e.x),i=r.multiply(this.x.subtract(n)).subtract(this.y);return new oe(this.curve,n,i)},oe.prototype.twice2D=function(){if(this.isInfinity())return this;if(0==this.y.toBigInteger().signum())return this.curve.getInfinity();var e=this.curve.fromBigInteger(b.valueOf(2)),t=this.curve.fromBigInteger(b.valueOf(3)),r=this.x.square().multiply(t).add(this.curve.a).divide(this.y.multiply(e)),n=r.square().subtract(this.x.multiply(e)),i=r.multiply(this.x.subtract(n)).subtract(this.y);return new oe(this.curve,n,i)},oe.prototype.multiply2D=function(e){if(this.isInfinity())return this;if(0==e.signum())return this.curve.getInfinity();var t,r=e,n=r.multiply(new b("3")),i=this.negate(),o=this;for(t=n.bitLength()-2;t>0;--t){o=o.twice();var s=n.testBit(t);s!=r.testBit(t)&&(o=o.add2D(s?this:i))}return o},oe.prototype.isOnCurve=function(){var e=this.getX().toBigInteger(),t=this.getY().toBigInteger(),r=this.curve.getA().toBigInteger(),n=this.curve.getB().toBigInteger(),i=this.curve.getQ(),o=t.multiply(t).mod(i),s=e.multiply(e).multiply(e).add(r.multiply(e)).add(n).mod(i);return o.equals(s)},oe.prototype.toString=function(){return"("+this.getX().toBigInteger().toString()+","+this.getY().toBigInteger().toString()+")"},oe.prototype.validate=function(){var e=this.curve.getQ();if(this.isInfinity())throw new Error("Point is at infinity.");var t=this.getX().toBigInteger(),r=this.getY().toBigInteger();if(t.compareTo(b.ONE)<0||t.compareTo(e.subtract(b.ONE))>0)throw new Error("x coordinate out of bounds");if(r.compareTo(b.ONE)<0||r.compareTo(e.subtract(b.ONE))>0)throw new Error("y coordinate out of bounds");if(!this.isOnCurve())throw new Error("Point is not on the curve.");if(this.multiply(e).isInfinity())throw new Error("Point is not a scalar multiple of G.");return!0};
+/*! Mike Samuel (c) 2009 | code.google.com/p/json-sans-eval
+    		 */
+var ae=function(){var e=new RegExp('(?:false|true|null|[\\{\\}\\[\\]]|(?:-?\\b(?:0|[1-9][0-9]*)(?:\\.[0-9]+)?(?:[eE][+-]?[0-9]+)?\\b)|(?:"(?:[^\\0-\\x08\\x0a-\\x1f"\\\\]|\\\\(?:["/\\\\bfnrt]|u[0-9A-Fa-f]{4}))*"))',"g"),t=new RegExp("\\\\(?:([^u])|u(.{4}))","g"),r={'"':'"',"/":"/","\\":"\\",b:"\b",f:"\f",n:"\n",r:"\r",t:"\t"};function n(e,t,n){return t?r[t]:String.fromCharCode(parseInt(n,16))}var i=new String(""),o=Object.hasOwnProperty;return function(r,s){var a,u,c=r.match(e),h=c[0],l=!1;"{"===h?a={}:"["===h?a=[]:(a=[],l=!0);for(var f=[a],p=1-l,g=c.length;p<g;++p){var y;switch((h=c[p]).charCodeAt(0)){default:(y=f[0])[u||y.length]=+h,u=void 0;break;case 34:if(-1!==(h=h.substring(1,h.length-1)).indexOf("\\")&&(h=h.replace(t,n)),y=f[0],!u){if(!(y instanceof Array)){u=h||i;break}u=y.length}y[u]=h,u=void 0;break;case 91:y=f[0],f.unshift(y[u||y.length]=[]),u=void 0;break;case 93:case 125:f.shift();break;case 102:(y=f[0])[u||y.length]=!1,u=void 0;break;case 110:(y=f[0])[u||y.length]=null,u=void 0;break;case 116:(y=f[0])[u||y.length]=!0,u=void 0;break;case 123:y=f[0],f.unshift(y[u||y.length]={}),u=void 0}}if(l){if(1!==f.length)throw new Error;a=a[0]}else if(f.length)throw new Error;return s&&(a=function e(t,r){var n=t[r];if(n&&"object"===(void 0===n?"undefined":d(n))){var i=null;for(var a in n)if(o.call(n,a)&&n!==t){var u=e(n,a);void 0!==u?n[a]=u:(i||(i=[]),i.push(a))}if(i)for(var c=i.length;--c>=0;)delete n[i[c]]}return s.call(t,r,n)}({"":a},"")),a}}();void 0!==ue&&ue||(t.KJUR=ue={}),void 0!==ue.asn1&&ue.asn1||(ue.asn1={}),ue.asn1.ASN1Util=new function(){this.integerToByteHex=function(e){var t=e.toString(16);return t.length%2==1&&(t="0"+t),t},this.bigIntToMinTwosComplementsHex=function(e){var t=e.toString(16);if("-"!=t.substr(0,1))t.length%2==1?t="0"+t:t.match(/^[0-7]/)||(t="00"+t);else{var r=t.substr(1).length;r%2==1?r+=1:t.match(/^[0-7]/)||(r+=2);for(var n="",i=0;i<r;i++)n+="f";t=new b(n,16).xor(e).add(b.ONE).toString(16).replace(/^-/,"")}return t},this.getPEMStringFromHex=function(e,t){return ke(e,t)},this.newObject=function(e){var t=ue.asn1,r=t.ASN1Object,n=t.DERBoolean,i=t.DERInteger,o=t.DERBitString,s=t.DEROctetString,a=t.DERNull,u=t.DERObjectIdentifier,c=t.DEREnumerated,h=t.DERUTF8String,l=t.DERNumericString,f=t.DERPrintableString,d=t.DERTeletexString,p=t.DERIA5String,g=t.DERUTCTime,y=t.DERGeneralizedTime,v=t.DERVisibleString,m=t.DERBMPString,w=t.DERSequence,_=t.DERSet,S=t.DERTaggedObject,b=t.ASN1Util.newObject;if(e instanceof t.ASN1Object)return e;var E=Object.keys(e);if(1!=E.length)throw new Error("key of param shall be only one.");var F=E[0];if(-1==":asn1:bool:int:bitstr:octstr:null:oid:enum:utf8str:numstr:prnstr:telstr:ia5str:utctime:gentime:visstr:bmpstr:seq:set:tag:".indexOf(":"+F+":"))throw new Error("undefined key: "+F);if("bool"==F)return new n(e[F]);if("int"==F)return new i(e[F]);if("bitstr"==F)return new o(e[F]);if("octstr"==F)return new s(e[F]);if("null"==F)return new a(e[F]);if("oid"==F)return new u(e[F]);if("enum"==F)return new c(e[F]);if("utf8str"==F)return new h(e[F]);if("numstr"==F)return new l(e[F]);if("prnstr"==F)return new f(e[F]);if("telstr"==F)return new d(e[F]);if("ia5str"==F)return new p(e[F]);if("utctime"==F)return new g(e[F]);if("gentime"==F)return new y(e[F]);if("visstr"==F)return new v(e[F]);if("bmpstr"==F)return new m(e[F]);if("asn1"==F)return new r(e[F]);if("seq"==F){for(var A=e[F],x=[],k=0;k<A.length;k++){var P=b(A[k]);x.push(P)}return new w({array:x})}if("set"==F){for(A=e[F],x=[],k=0;k<A.length;k++)P=b(A[k]),x.push(P);return new _({array:x})}if("tag"==F){var T=e[F];if("[object Array]"===Object.prototype.toString.call(T)&&3==T.length){var I=b(T[2]);return new S({tag:T[0],explicit:T[1],obj:I})}return new S(T)}},this.jsonToASN1HEX=function(e){return this.newObject(e).getEncodedHex()}},ue.asn1.ASN1Util.oidHexToInt=function(e){for(var t="",r=parseInt(e.substr(0,2),16),n=(t=Math.floor(r/40)+"."+r%40,""),i=2;i<e.length;i+=2){var o=("00000000"+parseInt(e.substr(i,2),16).toString(2)).slice(-8);n+=o.substr(1,7),"0"==o.substr(0,1)&&(t=t+"."+new b(n,2).toString(10),n="")}return t},ue.asn1.ASN1Util.oidIntToHex=function(e){var t=function(e){var t=e.toString(16);return 1==t.length&&(t="0"+t),t},r=function(e){var r="",n=new b(e,10).toString(2),i=7-n.length%7;7==i&&(i=0);for(var o="",s=0;s<i;s++)o+="0";for(n=o+n,s=0;s<n.length-1;s+=7){var a=n.substr(s,7);s!=n.length-7&&(a="1"+a),r+=t(parseInt(a,2))}return r};if(!e.match(/^[0-9.]+$/))throw"malformed oid string: "+e;var n="",i=e.split("."),o=40*parseInt(i[0])+parseInt(i[1]);n+=t(o),i.splice(0,2);for(var s=0;s<i.length;s++)n+=r(i[s]);return n},ue.asn1.ASN1Object=function(e){this.params=null,this.getLengthHexFromValue=function(){if(void 0===this.hV||null==this.hV)throw new Error("this.hV is null or undefined");if(this.hV.length%2==1)throw new Error("value hex must be even length: n=0,v="+this.hV);var e=this.hV.length/2,t=e.toString(16);if(t.length%2==1&&(t="0"+t),e<128)return t;var r=t.length/2;if(r>15)throw"ASN.1 length too long to represent by 8x: n = "+e.toString(16);return(128+r).toString(16)+t},this.getEncodedHex=function(){return(null==this.hTLV||this.isModified)&&(this.hV=this.getFreshValueHex(),this.hL=this.getLengthHexFromValue(),this.hTLV=this.hT+this.hL+this.hV,this.isModified=!1),this.hTLV},this.getValueHex=function(){return this.getEncodedHex(),this.hV},this.getFreshValueHex=function(){return""},this.setByParam=function(e){this.params=e},null!=e&&null!=e.tlv&&(this.hTLV=e.tlv,this.isModified=!1)},ue.asn1.DERAbstractString=function(e){ue.asn1.DERAbstractString.superclass.constructor.call(this),this.getString=function(){return this.s},this.setString=function(e){this.hTLV=null,this.isModified=!0,this.s=e,this.hV=_e(this.s).toLowerCase()},this.setStringHex=function(e){this.hTLV=null,this.isModified=!0,this.s=null,this.hV=e},this.getFreshValueHex=function(){return this.hV},void 0!==e&&("string"==typeof e?this.setString(e):void 0!==e.str?this.setString(e.str):void 0!==e.hex&&this.setStringHex(e.hex))},Me(ue.asn1.DERAbstractString,ue.asn1.ASN1Object),ue.asn1.DERAbstractTime=function(e){ue.asn1.DERAbstractTime.superclass.constructor.call(this),this.localDateToUTC=function(e){var t=e.getTime()+6e4*e.getTimezoneOffset();return new Date(t)},this.formatDate=function(e,t,r){var n=this.zeroPadding,i=this.localDateToUTC(e),o=String(i.getFullYear());"utc"==t&&(o=o.substr(2,2));var s=o+n(String(i.getMonth()+1),2)+n(String(i.getDate()),2)+n(String(i.getHours()),2)+n(String(i.getMinutes()),2)+n(String(i.getSeconds()),2);if(!0===r){var a=i.getMilliseconds();if(0!=a){var u=n(String(a),3);s=s+"."+(u=u.replace(/[0]+$/,""))}}return s+"Z"},this.zeroPadding=function(e,t){return e.length>=t?e:new Array(t-e.length+1).join("0")+e},this.getString=function(){return this.s},this.setString=function(e){this.hTLV=null,this.isModified=!0,this.s=e,this.hV=ge(e)},this.setByDateValue=function(e,t,r,n,i,o){var s=new Date(Date.UTC(e,t-1,r,n,i,o,0));this.setByDate(s)},this.getFreshValueHex=function(){return this.hV}},Me(ue.asn1.DERAbstractTime,ue.asn1.ASN1Object),ue.asn1.DERAbstractStructured=function(e){ue.asn1.DERAbstractString.superclass.constructor.call(this),this.setByASN1ObjectArray=function(e){this.hTLV=null,this.isModified=!0,this.asn1Array=e},this.appendASN1Object=function(e){this.hTLV=null,this.isModified=!0,this.asn1Array.push(e)},this.asn1Array=new Array,void 0!==e&&void 0!==e.array&&(this.asn1Array=e.array)},Me(ue.asn1.DERAbstractStructured,ue.asn1.ASN1Object),ue.asn1.DERBoolean=function(e){ue.asn1.DERBoolean.superclass.constructor.call(this),this.hT="01",this.hTLV=0==e?"010100":"0101ff"},Me(ue.asn1.DERBoolean,ue.asn1.ASN1Object),ue.asn1.DERInteger=function(e){ue.asn1.DERInteger.superclass.constructor.call(this),this.hT="02",this.setByBigInteger=function(e){this.hTLV=null,this.isModified=!0,this.hV=ue.asn1.ASN1Util.bigIntToMinTwosComplementsHex(e)},this.setByInteger=function(e){var t=new b(String(e),10);this.setByBigInteger(t)},this.setValueHex=function(e){this.hV=e},this.getFreshValueHex=function(){return this.hV},void 0!==e&&(void 0!==e.bigint?this.setByBigInteger(e.bigint):void 0!==e.int?this.setByInteger(e.int):"number"==typeof e?this.setByInteger(e):void 0!==e.hex&&this.setValueHex(e.hex))},Me(ue.asn1.DERInteger,ue.asn1.ASN1Object),ue.asn1.DERBitString=function(e){if(void 0!==e&&void 0!==e.obj){var t=ue.asn1.ASN1Util.newObject(e.obj);e.hex="00"+t.getEncodedHex()}ue.asn1.DERBitString.superclass.constructor.call(this),this.hT="03",this.setHexValueIncludingUnusedBits=function(e){this.hTLV=null,this.isModified=!0,this.hV=e},this.setUnusedBitsAndHexValue=function(e,t){if(e<0||7<e)throw"unused bits shall be from 0 to 7: u = "+e;var r="0"+e;this.hTLV=null,this.isModified=!0,this.hV=r+t},this.setByBinaryString=function(e){var t=8-(e=e.replace(/0+$/,"")).length%8;8==t&&(t=0);for(var r=0;r<=t;r++)e+="0";var n="";for(r=0;r<e.length-1;r+=8){var i=e.substr(r,8),o=parseInt(i,2).toString(16);1==o.length&&(o="0"+o),n+=o}this.hTLV=null,this.isModified=!0,this.hV="0"+t+n},this.setByBooleanArray=function(e){for(var t="",r=0;r<e.length;r++)1==e[r]?t+="1":t+="0";this.setByBinaryString(t)},this.newFalseArray=function(e){for(var t=new Array(e),r=0;r<e;r++)t[r]=!1;return t},this.getFreshValueHex=function(){return this.hV},void 0!==e&&("string"==typeof e&&e.toLowerCase().match(/^[0-9a-f]+$/)?this.setHexValueIncludingUnusedBits(e):void 0!==e.hex?this.setHexValueIncludingUnusedBits(e.hex):void 0!==e.bin?this.setByBinaryString(e.bin):void 0!==e.array&&this.setByBooleanArray(e.array))},Me(ue.asn1.DERBitString,ue.asn1.ASN1Object),ue.asn1.DEROctetString=function(e){if(void 0!==e&&void 0!==e.obj){var t=ue.asn1.ASN1Util.newObject(e.obj);e.hex=t.getEncodedHex()}ue.asn1.DEROctetString.superclass.constructor.call(this,e),this.hT="04"},Me(ue.asn1.DEROctetString,ue.asn1.DERAbstractString),ue.asn1.DERNull=function(){ue.asn1.DERNull.superclass.constructor.call(this),this.hT="05",this.hTLV="0500"},Me(ue.asn1.DERNull,ue.asn1.ASN1Object),ue.asn1.DERObjectIdentifier=function(e){ue.asn1.DERObjectIdentifier.superclass.constructor.call(this),this.hT="06",this.setValueHex=function(e){this.hTLV=null,this.isModified=!0,this.s=null,this.hV=e},this.setValueOidString=function(e){var t=function(e){var t=function(e){var t=e.toString(16);return 1==t.length&&(t="0"+t),t},r=function(e){var r="",n=parseInt(e,10).toString(2),i=7-n.length%7;7==i&&(i=0);for(var o="",s=0;s<i;s++)o+="0";for(n=o+n,s=0;s<n.length-1;s+=7){var a=n.substr(s,7);s!=n.length-7&&(a="1"+a),r+=t(parseInt(a,2))}return r};try{if(!e.match(/^[0-9.]+$/))return null;var n="",i=e.split("."),o=40*parseInt(i[0],10)+parseInt(i[1],10);n+=t(o),i.splice(0,2);for(var s=0;s<i.length;s++)n+=r(i[s]);return n}catch(e){return null}}(e);if(null==t)throw new Error("malformed oid string: "+e);this.hTLV=null,this.isModified=!0,this.s=null,this.hV=t},this.setValueName=function(e){var t=ue.asn1.x509.OID.name2oid(e);if(""===t)throw new Error("DERObjectIdentifier oidName undefined: "+e);this.setValueOidString(t)},this.setValueNameOrOid=function(e){e.match(/^[0-2].[0-9.]+$/)?this.setValueOidString(e):this.setValueName(e)},this.getFreshValueHex=function(){return this.hV},this.setByParam=function(e){"string"==typeof e?this.setValueNameOrOid(e):void 0!==e.oid?this.setValueNameOrOid(e.oid):void 0!==e.name?this.setValueNameOrOid(e.name):void 0!==e.hex&&this.setValueHex(e.hex)},void 0!==e&&this.setByParam(e)},Me(ue.asn1.DERObjectIdentifier,ue.asn1.ASN1Object),ue.asn1.DEREnumerated=function(e){ue.asn1.DEREnumerated.superclass.constructor.call(this),this.hT="0a",this.setByBigInteger=function(e){this.hTLV=null,this.isModified=!0,this.hV=ue.asn1.ASN1Util.bigIntToMinTwosComplementsHex(e)},this.setByInteger=function(e){var t=new b(String(e),10);this.setByBigInteger(t)},this.setValueHex=function(e){this.hV=e},this.getFreshValueHex=function(){return this.hV},void 0!==e&&(void 0!==e.int?this.setByInteger(e.int):"number"==typeof e?this.setByInteger(e):void 0!==e.hex&&this.setValueHex(e.hex))},Me(ue.asn1.DEREnumerated,ue.asn1.ASN1Object),ue.asn1.DERUTF8String=function(e){ue.asn1.DERUTF8String.superclass.constructor.call(this,e),this.hT="0c"},Me(ue.asn1.DERUTF8String,ue.asn1.DERAbstractString),ue.asn1.DERNumericString=function(e){ue.asn1.DERNumericString.superclass.constructor.call(this,e),this.hT="12"},Me(ue.asn1.DERNumericString,ue.asn1.DERAbstractString),ue.asn1.DERPrintableString=function(e){ue.asn1.DERPrintableString.superclass.constructor.call(this,e),this.hT="13"},Me(ue.asn1.DERPrintableString,ue.asn1.DERAbstractString),ue.asn1.DERTeletexString=function(e){ue.asn1.DERTeletexString.superclass.constructor.call(this,e),this.hT="14"},Me(ue.asn1.DERTeletexString,ue.asn1.DERAbstractString),ue.asn1.DERIA5String=function(e){ue.asn1.DERIA5String.superclass.constructor.call(this,e),this.hT="16"},Me(ue.asn1.DERIA5String,ue.asn1.DERAbstractString),ue.asn1.DERVisibleString=function(e){ue.asn1.DERIA5String.superclass.constructor.call(this,e),this.hT="1a"},Me(ue.asn1.DERVisibleString,ue.asn1.DERAbstractString),ue.asn1.DERBMPString=function(e){ue.asn1.DERBMPString.superclass.constructor.call(this,e),this.hT="1e"},Me(ue.asn1.DERBMPString,ue.asn1.DERAbstractString),ue.asn1.DERUTCTime=function(e){ue.asn1.DERUTCTime.superclass.constructor.call(this,e),this.hT="17",this.setByDate=function(e){this.hTLV=null,this.isModified=!0,this.date=e,this.s=this.formatDate(this.date,"utc"),this.hV=ge(this.s)},this.getFreshValueHex=function(){return void 0===this.date&&void 0===this.s&&(this.date=new Date,this.s=this.formatDate(this.date,"utc"),this.hV=ge(this.s)),this.hV},void 0!==e&&(void 0!==e.str?this.setString(e.str):"string"==typeof e&&e.match(/^[0-9]{12}Z$/)?this.setString(e):void 0!==e.hex?this.setStringHex(e.hex):void 0!==e.date&&this.setByDate(e.date))},Me(ue.asn1.DERUTCTime,ue.asn1.DERAbstractTime),ue.asn1.DERGeneralizedTime=function(e){ue.asn1.DERGeneralizedTime.superclass.constructor.call(this,e),this.hT="18",this.withMillis=!1,this.setByDate=function(e){this.hTLV=null,this.isModified=!0,this.date=e,this.s=this.formatDate(this.date,"gen",this.withMillis),this.hV=ge(this.s)},this.getFreshValueHex=function(){return void 0===this.date&&void 0===this.s&&(this.date=new Date,this.s=this.formatDate(this.date,"gen",this.withMillis),this.hV=ge(this.s)),this.hV},void 0!==e&&(void 0!==e.str?this.setString(e.str):"string"==typeof e&&e.match(/^[0-9]{14}Z$/)?this.setString(e):void 0!==e.hex?this.setStringHex(e.hex):void 0!==e.date&&this.setByDate(e.date),!0===e.millis&&(this.withMillis=!0))},Me(ue.asn1.DERGeneralizedTime,ue.asn1.DERAbstractTime),ue.asn1.DERSequence=function(e){ue.asn1.DERSequence.superclass.constructor.call(this,e),this.hT="30",this.getFreshValueHex=function(){for(var e="",t=0;t<this.asn1Array.length;t++)e+=this.asn1Array[t].getEncodedHex();return this.hV=e,this.hV}},Me(ue.asn1.DERSequence,ue.asn1.DERAbstractStructured),ue.asn1.DERSet=function(e){ue.asn1.DERSet.superclass.constructor.call(this,e),this.hT="31",this.sortFlag=!0,this.getFreshValueHex=function(){for(var e=new Array,t=0;t<this.asn1Array.length;t++){var r=this.asn1Array[t];e.push(r.getEncodedHex())}return 1==this.sortFlag&&e.sort(),this.hV=e.join(""),this.hV},void 0!==e&&void 0!==e.sortflag&&0==e.sortflag&&(this.sortFlag=!1)},Me(ue.asn1.DERSet,ue.asn1.DERAbstractStructured),ue.asn1.DERTaggedObject=function(e){ue.asn1.DERTaggedObject.superclass.constructor.call(this);var t=ue.asn1;this.hT="a0",this.hV="",this.isExplicit=!0,this.asn1Object=null,this.setASN1Object=function(e,t,r){this.hT=t,this.isExplicit=e,this.asn1Object=r,this.isExplicit?(this.hV=this.asn1Object.getEncodedHex(),this.hTLV=null,this.isModified=!0):(this.hV=null,this.hTLV=r.getEncodedHex(),this.hTLV=this.hTLV.replace(/^../,t),this.isModified=!1)},this.getFreshValueHex=function(){return this.hV},this.setByParam=function(e){null!=e.tag&&(this.hT=e.tag),null!=e.explicit&&(this.isExplicit=e.explicit),null!=e.tage&&(this.hT=e.tage,this.isExplicit=!0),null!=e.tagi&&(this.hT=e.tagi,this.isExplicit=!1),null!=e.obj&&(e.obj instanceof t.ASN1Object?(this.asn1Object=e.obj,this.setASN1Object(this.isExplicit,this.hT,this.asn1Object)):"object"==d(e.obj)&&(this.asn1Object=t.ASN1Util.newObject(e.obj),this.setASN1Object(this.isExplicit,this.hT,this.asn1Object)))},null!=e&&this.setByParam(e)},Me(ue.asn1.DERTaggedObject,ue.asn1.ASN1Object);var ue,ce,he,le=new function(){};function fe(e){for(var t=new Array,r=0;r<e.length;r++)t[r]=e.charCodeAt(r);return t}function de(e){for(var t="",r=0;r<e.length;r++)t+=String.fromCharCode(e[r]);return t}function pe(e){for(var t="",r=0;r<e.length;r++){var n=e[r].toString(16);1==n.length&&(n="0"+n),t+=n}return t}function ge(e){return pe(fe(e))}function ye(e){return(e=(e=e.replace(/\=/g,"")).replace(/\+/g,"-")).replace(/\//g,"_")}function ve(e){return e.length%4==2?e+="==":e.length%4==3&&(e+="="),(e=e.replace(/-/g,"+")).replace(/_/g,"/")}function me(e){return e.length%2==1&&(e="0"+e),ye(w(e))}function we(e){return _(ve(e))}function _e(e){return Re(Oe(e))}function Se(e){return decodeURIComponent(Ce(e))}function be(e){for(var t="",r=0;r<e.length-1;r+=2)t+=String.fromCharCode(parseInt(e.substr(r,2),16));return t}function Ee(e){for(var t="",r=0;r<e.length;r++)t+=("0"+e.charCodeAt(r).toString(16)).slice(-2);return t}function Fe(e){return w(e)}function Ae(e){var t=Fe(e).replace(/(.{64})/g,"$1\r\n");return t.replace(/\r\n$/,"")}function xe(e){return _(e.replace(/[^0-9A-Za-z\/+=]*/g,""))}function ke(e,t){return"-----BEGIN "+t+"-----\r\n"+Ae(e)+"\r\n-----END "+t+"-----\r\n"}function Pe(e,t){if(-1==e.indexOf("-----BEGIN "))throw"can't find PEM header: "+t;return xe(e=void 0!==t?(e=e.replace(new RegExp("^[^]*-----BEGIN "+t+"-----"),"")).replace(new RegExp("-----END "+t+"-----[^]*$"),""):(e=e.replace(/^[^]*-----BEGIN [^-]+-----/,"")).replace(/-----END [^-]+-----[^]*$/,""))}function Te(e){var t,r,n,i,o,s,a,u,c,h,l;if(l=e.match(/^(\d{2}|\d{4})(\d\d)(\d\d)(\d\d)(\d\d)(\d\d)(|\.\d+)Z$/))return u=l[1],t=parseInt(u),2===u.length&&(50<=t&&t<100?t=1900+t:0<=t&&t<50&&(t=2e3+t)),r=parseInt(l[2])-1,n=parseInt(l[3]),i=parseInt(l[4]),o=parseInt(l[5]),s=parseInt(l[6]),a=0,""!==(c=l[7])&&(h=(c.substr(1)+"00").substr(0,3),a=parseInt(h)),Date.UTC(t,r,n,i,o,s,a);throw"unsupported zulu format: "+e}function Ie(e){return~~(Te(e)/1e3)}function Re(e){return e.replace(/%/g,"")}function Ce(e){return e.replace(/(..)/g,"%$1")}function Ue(e){var t="malformed IPv6 address";if(!e.match(/^[0-9A-Fa-f:]+$/))throw t;var r=(e=e.toLowerCase()).split(":").length-1;if(r<2)throw t;var n=":".repeat(7-r+2),i=(e=e.replace("::",n)).split(":");if(8!=i.length)throw t;for(var o=0;o<8;o++)i[o]=("0000"+i[o]).slice(-4);return i.join("")}function Le(e){if(!e.match(/^[0-9A-Fa-f]{32}$/))throw"malformed IPv6 address octet";for(var t=(e=e.toLowerCase()).match(/.{1,4}/g),r=0;r<8;r++)t[r]=t[r].replace(/^0+/,""),""==t[r]&&(t[r]="0");var n=(e=":"+t.join(":")+":").match(/:(0:){2,}/g);if(null===n)return e.slice(1,-1);var i="";for(r=0;r<n.length;r++)n[r].length>i.length&&(i=n[r]);return(e=e.replace(i,"::")).slice(1,-1)}function De(e){var t="malformed hex value";if(!e.match(/^([0-9A-Fa-f][0-9A-Fa-f]){1,}$/))throw t;if(8!=e.length)return 32==e.length?Le(e):e;try{return parseInt(e.substr(0,2),16)+"."+parseInt(e.substr(2,2),16)+"."+parseInt(e.substr(4,2),16)+"."+parseInt(e.substr(6,2),16)}catch(e){throw t}}function Ne(e){return e.match(/.{4}/g).map(function(e){var t=parseInt(e.substr(0,2),16),r=parseInt(e.substr(2),16);if(0==t&r<128)return String.fromCharCode(r);if(t<8){var n=128|63&r;return Se((192|(7&t)<<3|(192&r)>>6).toString(16)+n.toString(16))}n=128|(15&t)<<2|(192&r)>>6;var i=128|63&r;return Se((224|(240&t)>>4).toString(16)+n.toString(16)+i.toString(16))}).join("")}function Oe(e){for(var t=encodeURIComponent(e),r="",n=0;n<t.length;n++)"%"==t[n]?(r+=t.substr(n,3),n+=2):r=r+"%"+ge(t[n]);return r}function je(e){return!(e.length%2!=0||!e.match(/^[0-9a-f]+$/)&&!e.match(/^[0-9A-F]+$/))}function Be(e){return e.length%2==1?"0"+e:e.substr(0,1)>"7"?"00"+e:e}le.getLblen=function(e,t){if("8"!=e.substr(t+2,1))return 1;var r=parseInt(e.substr(t+3,1));return 0==r?-1:0<r&&r<10?r+1:-2},le.getL=function(e,t){var r=le.getLblen(e,t);return r<1?"":e.substr(t+2,2*r)},le.getVblen=function(e,t){var r;return""==(r=le.getL(e,t))?-1:("8"===r.substr(0,1)?new b(r.substr(2),16):new b(r,16)).intValue()},le.getVidx=function(e,t){var r=le.getLblen(e,t);return r<0?r:t+2*(r+1)},le.getV=function(e,t){var r=le.getVidx(e,t),n=le.getVblen(e,t);return e.substr(r,2*n)},le.getTLV=function(e,t){return e.substr(t,2)+le.getL(e,t)+le.getV(e,t)},le.getTLVblen=function(e,t){return 2+2*le.getLblen(e,t)+2*le.getVblen(e,t)},le.getNextSiblingIdx=function(e,t){return le.getVidx(e,t)+2*le.getVblen(e,t)},le.getChildIdx=function(e,t){var r,n,i,o=le,s=[];r=o.getVidx(e,t),n=2*o.getVblen(e,t),"03"==e.substr(t,2)&&(r+=2,n-=2),i=0;for(var a=r;i<=n;){var u=o.getTLVblen(e,a);if((i+=u)<=n&&s.push(a),a+=u,i>=n)break}return s},le.getNthChildIdx=function(e,t,r){return le.getChildIdx(e,t)[r]},le.getIdxbyList=function(e,t,r,n){var i,o,s=le;return 0==r.length?void 0!==n&&e.substr(t,2)!==n?-1:t:(i=r.shift())>=(o=s.getChildIdx(e,t)).length?-1:s.getIdxbyList(e,o[i],r,n)},le.getIdxbyListEx=function(e,t,r,n){var i,o,s=le;if(0==r.length)return void 0!==n&&e.substr(t,2)!==n?-1:t;i=r.shift(),o=s.getChildIdx(e,t);for(var a=0,u=0;u<o.length;u++){var c=e.substr(o[u],2);if("number"==typeof i&&!s.isContextTag(c)&&a==i||"string"==typeof i&&s.isContextTag(c,i))return s.getIdxbyListEx(e,o[u],r,n);s.isContextTag(c)||a++}return-1},le.getTLVbyList=function(e,t,r,n){var i=le,o=i.getIdxbyList(e,t,r,n);return-1==o||o>=e.length?null:i.getTLV(e,o)},le.getTLVbyListEx=function(e,t,r,n){var i=le,o=i.getIdxbyListEx(e,t,r,n);return-1==o?null:i.getTLV(e,o)},le.getVbyList=function(e,t,r,n,i){var o,s,a=le;return-1==(o=a.getIdxbyList(e,t,r,n))||o>=e.length?null:(s=a.getV(e,o),!0===i&&(s=s.substr(2)),s)},le.getVbyListEx=function(e,t,r,n,i){var o,s,a=le;return-1==(o=a.getIdxbyListEx(e,t,r,n))?null:(s=a.getV(e,o),"03"==e.substr(o,2)&&!1!==i&&(s=s.substr(2)),s)},le.getInt=function(e,t,r){null==r&&(r=-1);try{var n=e.substr(t,2);if("02"!=n&&"03"!=n)return r;var i=le.getV(e,t);return"02"==n?parseInt(i,16):function(e){try{var t=e.substr(0,2);if("00"==t)return parseInt(e.substr(2),16);var r=parseInt(t,16),n=e.substr(2),i=parseInt(n,16).toString(2);return"0"==i&&(i="00000000"),i=i.slice(0,0-r),parseInt(i,2)}catch(e){return-1}}(i)}catch(e){return r}},le.getOID=function(e,t,r){null==r&&(r=null);try{return"06"!=e.substr(t,2)?r:function(e){if(!je(e))return null;try{var t=[],r=e.substr(0,2),n=parseInt(r,16);t[0]=new String(Math.floor(n/40)),t[1]=new String(n%40);for(var i=e.substr(2),o=[],s=0;s<i.length/2;s++)o.push(parseInt(i.substr(2*s,2),16));var a=[],u="";for(s=0;s<o.length;s++)128&o[s]?u+=He((127&o[s]).toString(2),7):(u+=He((127&o[s]).toString(2),7),a.push(new String(parseInt(u,2))),u="");var c=t.join(".");return a.length>0&&(c=c+"."+a.join(".")),c}catch(e){return null}}(le.getV(e,t))}catch(e){return r}},le.getOIDName=function(e,t,r){null==r&&(r=null);try{var n=le.getOID(e,t,r);if(n==r)return r;var i=ue.asn1.x509.OID.oid2name(n);return""==i?n:i}catch(e){return r}},le.getString=function(e,t,r){null==r&&(r=null);try{return be(le.getV(e,t))}catch(e){return r}},le.hextooidstr=function(e){var t=function(e,t){return e.length>=t?e:new Array(t-e.length+1).join("0")+e},r=[],n=e.substr(0,2),i=parseInt(n,16);r[0]=new String(Math.floor(i/40)),r[1]=new String(i%40);for(var o=e.substr(2),s=[],a=0;a<o.length/2;a++)s.push(parseInt(o.substr(2*a,2),16));var u=[],c="";for(a=0;a<s.length;a++)128&s[a]?c+=t((127&s[a]).toString(2),7):(c+=t((127&s[a]).toString(2),7),u.push(new String(parseInt(c,2))),c="");var h=r.join(".");return u.length>0&&(h=h+"."+u.join(".")),h},le.dump=function(e,t,r,n){var i=le,o=i.getV,s=i.dump,a=i.getChildIdx,u=e;e instanceof ue.asn1.ASN1Object&&(u=e.getEncodedHex());var c=function(e,t){return e.length<=2*t?e:e.substr(0,t)+"..(total "+e.length/2+"bytes).."+e.substr(e.length-t,t)};void 0===t&&(t={ommit_long_octet:32}),void 0===r&&(r=0),void 0===n&&(n="");var h,l=t.ommit_long_octet;if("01"==(h=u.substr(r,2)))return"00"==(f=o(u,r))?n+"BOOLEAN FALSE\n":n+"BOOLEAN TRUE\n";if("02"==h)return n+"INTEGER "+c(f=o(u,r),l)+"\n";if("03"==h){var f=o(u,r);return i.isASN1HEX(f.substr(2))?(S=n+"BITSTRING, encapsulates\n")+s(f.substr(2),t,0,n+"  "):n+"BITSTRING "+c(f,l)+"\n"}if("04"==h)return f=o(u,r),i.isASN1HEX(f)?(S=n+"OCTETSTRING, encapsulates\n")+s(f,t,0,n+"  "):n+"OCTETSTRING "+c(f,l)+"\n";if("05"==h)return n+"NULL\n";if("06"==h){var d=o(u,r),p=ue.asn1.ASN1Util.oidHexToInt(d),g=ue.asn1.x509.OID.oid2name(p),y=p.replace(/\./g," ");return""!=g?n+"ObjectIdentifier "+g+" ("+y+")\n":n+"ObjectIdentifier ("+y+")\n"}if("0a"==h)return n+"ENUMERATED "+parseInt(o(u,r))+"\n";if("0c"==h)return n+"UTF8String '"+Se(o(u,r))+"'\n";if("13"==h)return n+"PrintableString '"+Se(o(u,r))+"'\n";if("14"==h)return n+"TeletexString '"+Se(o(u,r))+"'\n";if("16"==h)return n+"IA5String '"+Se(o(u,r))+"'\n";if("17"==h)return n+"UTCTime "+Se(o(u,r))+"\n";if("18"==h)return n+"GeneralizedTime "+Se(o(u,r))+"\n";if("1a"==h)return n+"VisualString '"+Se(o(u,r))+"'\n";if("1e"==h)return n+"BMPString '"+Ne(o(u,r))+"'\n";if("30"==h){if("3000"==u.substr(r,4))return n+"SEQUENCE {}\n";S=n+"SEQUENCE\n";var v=t;if((2==(_=a(u,r)).length||3==_.length)&&"06"==u.substr(_[0],2)&&"04"==u.substr(_[_.length-1],2)){g=i.oidname(o(u,_[0]));var m=JSON.parse(JSON.stringify(t));m.x509ExtName=g,v=m}for(var w=0;w<_.length;w++)S+=s(u,v,_[w],n+"  ");return S}if("31"==h){S=n+"SET\n";var _=a(u,r);for(w=0;w<_.length;w++)S+=s(u,t,_[w],n+"  ");return S}if(128&(h=parseInt(h,16))){var S,b=31&h;if(32&h){for(S=n+"["+b+"]\n",_=a(u,r),w=0;w<_.length;w++)S+=s(u,t,_[w],n+"  ");return S}return f=o(u,r),le.isASN1HEX(f)?(S=n+"["+b+"]\n")+s(f,t,0,n+"  "):(("68747470"==f.substr(0,8)||"subjectAltName"===t.x509ExtName&&2==b)&&(f=Se(f)),n+"["+b+"] "+f+"\n")}return n+"UNKNOWN("+h+") "+o(u,r)+"\n"},le.isContextTag=function(e,t){var r,n;e=e.toLowerCase();try{r=parseInt(e,16)}catch(e){return-1}if(void 0===t)return 128==(192&r);try{return null!=t.match(/^\[[0-9]+\]$/)&&!((n=parseInt(t.substr(1,t.length-1),10))>31)&&128==(192&r)&&(31&r)==n}catch(e){return!1}},le.isASN1HEX=function(e){var t=le;if(e.length%2==1)return!1;var r=t.getVblen(e,0),n=e.substr(0,2),i=t.getL(e,0);return e.length-n.length-i.length==2*r},le.checkStrictDER=function(e,t,r,n,i){var o=le;if(void 0===r){if("string"!=typeof e)throw new Error("not hex string");if(e=e.toLowerCase(),!ue.lang.String.isHex(e))throw new Error("not hex string");r=e.length,i=(n=e.length/2)<128?1:Math.ceil(n.toString(16))+1}if(o.getL(e,t).length>2*i)throw new Error("L of TLV too long: idx="+t);var s=o.getVblen(e,t);if(s>n)throw new Error("value of L too long than hex: idx="+t);var a=o.getTLV(e,t),u=a.length-2-o.getL(e,t).length;if(u!==2*s)throw new Error("V string length and L's value not the same:"+u+"/"+2*s);if(0===t&&e.length!=a.length)throw new Error("total length and TLV length unmatch:"+e.length+"!="+a.length);var c=e.substr(t,2);if("02"===c){var h=o.getVidx(e,t);if("00"==e.substr(h,2)&&e.charCodeAt(h+2)<56)throw new Error("not least zeros for DER INTEGER")}if(32&parseInt(c,16)){for(var l=o.getVblen(e,t),f=0,d=o.getChildIdx(e,t),p=0;p<d.length;p++)f+=o.getTLV(e,d[p]).length,o.checkStrictDER(e,d[p],r,n,i);if(2*l!=f)throw new Error("sum of children's TLV length and L unmatch: "+2*l+"!="+f)}},le.oidname=function(e){var t=ue.asn1;ue.lang.String.isHex(e)&&(e=t.ASN1Util.oidHexToInt(e));var r=t.x509.OID.oid2name(e);return""===r&&(r=e),r},void 0!==ue&&ue||(t.KJUR=ue={}),void 0!==ue.lang&&ue.lang||(ue.lang={}),ue.lang.String=function(){},"function"==typeof e?(t.utf8tob64u=ce=function(t){return ye(e.from(t,"utf8").toString("base64"))},t.b64utoutf8=he=function(t){return e.from(ve(t),"base64").toString("utf8")}):(t.utf8tob64u=ce=function(e){return me(Re(Oe(e)))},t.b64utoutf8=he=function(e){return decodeURIComponent(Ce(we(e)))}),ue.lang.String.isInteger=function(e){return!!e.match(/^[0-9]+$/)||!!e.match(/^-[0-9]+$/)},ue.lang.String.isHex=function(e){return je(e)},ue.lang.String.isBase64=function(e){return!(!(e=e.replace(/\s+/g,"")).match(/^[0-9A-Za-z+\/]+={0,3}$/)||e.length%4!=0)},ue.lang.String.isBase64URL=function(e){return!e.match(/[+/=]/)&&(e=ve(e),ue.lang.String.isBase64(e))},ue.lang.String.isIntegerArray=function(e){return!!(e=e.replace(/\s+/g,"")).match(/^\[[0-9,]+\]$/)},ue.lang.String.isPrintable=function(e){return null!==e.match(/^[0-9A-Za-z '()+,-./:=?]*$/)},ue.lang.String.isIA5=function(e){return null!==e.match(/^[\x20-\x21\x23-\x7f]*$/)},ue.lang.String.isMail=function(e){return null!==e.match(/^[A-Za-z0-9]{1}[A-Za-z0-9_.-]*@{1}[A-Za-z0-9_.-]{1,}\.[A-Za-z0-9]{1,}$/)};var He=function(e,t,r){return null==r&&(r="0"),e.length>=t?e:new Array(t-e.length+1).join(r)+e};function Me(e,t){var r=function(){};r.prototype=t.prototype,e.prototype=new r,e.prototype.constructor=e,e.superclass=t.prototype,t.prototype.constructor==Object.prototype.constructor&&(t.prototype.constructor=t)}void 0!==ue&&ue||(t.KJUR=ue={}),void 0!==ue.crypto&&ue.crypto||(ue.crypto={}),ue.crypto.Util=new function(){this.DIGESTINFOHEAD={sha1:"3021300906052b0e03021a05000414",sha224:"302d300d06096086480165030402040500041c",sha256:"3031300d060960864801650304020105000420",sha384:"3041300d060960864801650304020205000430",sha512:"3051300d060960864801650304020305000440",md2:"3020300c06082a864886f70d020205000410",md5:"3020300c06082a864886f70d020505000410",ripemd160:"3021300906052b2403020105000414"},this.DEFAULTPROVIDER={md5:"cryptojs",sha1:"cryptojs",sha224:"cryptojs",sha256:"cryptojs",sha384:"cryptojs",sha512:"cryptojs",ripemd160:"cryptojs",hmacmd5:"cryptojs",hmacsha1:"cryptojs",hmacsha224:"cryptojs",hmacsha256:"cryptojs",hmacsha384:"cryptojs",hmacsha512:"cryptojs",hmacripemd160:"cryptojs",MD5withRSA:"cryptojs/jsrsa",SHA1withRSA:"cryptojs/jsrsa",SHA224withRSA:"cryptojs/jsrsa",SHA256withRSA:"cryptojs/jsrsa",SHA384withRSA:"cryptojs/jsrsa",SHA512withRSA:"cryptojs/jsrsa",RIPEMD160withRSA:"cryptojs/jsrsa",MD5withECDSA:"cryptojs/jsrsa",SHA1withECDSA:"cryptojs/jsrsa",SHA224withECDSA:"cryptojs/jsrsa",SHA256withECDSA:"cryptojs/jsrsa",SHA384withECDSA:"cryptojs/jsrsa",SHA512withECDSA:"cryptojs/jsrsa",RIPEMD160withECDSA:"cryptojs/jsrsa",SHA1withDSA:"cryptojs/jsrsa",SHA224withDSA:"cryptojs/jsrsa",SHA256withDSA:"cryptojs/jsrsa",MD5withRSAandMGF1:"cryptojs/jsrsa",SHAwithRSAandMGF1:"cryptojs/jsrsa",SHA1withRSAandMGF1:"cryptojs/jsrsa",SHA224withRSAandMGF1:"cryptojs/jsrsa",SHA256withRSAandMGF1:"cryptojs/jsrsa",SHA384withRSAandMGF1:"cryptojs/jsrsa",SHA512withRSAandMGF1:"cryptojs/jsrsa",RIPEMD160withRSAandMGF1:"cryptojs/jsrsa"},this.CRYPTOJSMESSAGEDIGESTNAME={md5:y.algo.MD5,sha1:y.algo.SHA1,sha224:y.algo.SHA224,sha256:y.algo.SHA256,sha384:y.algo.SHA384,sha512:y.algo.SHA512,ripemd160:y.algo.RIPEMD160},this.getDigestInfoHex=function(e,t){if(void 0===this.DIGESTINFOHEAD[t])throw"alg not supported in Util.DIGESTINFOHEAD: "+t;return this.DIGESTINFOHEAD[t]+e},this.getPaddedDigestInfoHex=function(e,t,r){var n=this.getDigestInfoHex(e,t),i=r/4;if(n.length+22>i)throw"key is too short for SigAlg: keylen="+r+","+t;for(var o="0001",s="00"+n,a="",u=i-4-s.length,c=0;c<u;c+=2)a+="ff";return o+a+s},this.hashString=function(e,t){return new ue.crypto.MessageDigest({alg:t}).digestString(e)},this.hashHex=function(e,t){return new ue.crypto.MessageDigest({alg:t}).digestHex(e)},this.sha1=function(e){return this.hashString(e,"sha1")},this.sha256=function(e){return this.hashString(e,"sha256")},this.sha256Hex=function(e){return this.hashHex(e,"sha256")},this.sha512=function(e){return this.hashString(e,"sha512")},this.sha512Hex=function(e){return this.hashHex(e,"sha512")},this.isKey=function(e){return e instanceof ne||e instanceof ue.crypto.DSA||e instanceof ue.crypto.ECDSA}},ue.crypto.Util.md5=function(e){return new ue.crypto.MessageDigest({alg:"md5",prov:"cryptojs"}).digestString(e)},ue.crypto.Util.ripemd160=function(e){return new ue.crypto.MessageDigest({alg:"ripemd160",prov:"cryptojs"}).digestString(e)},ue.crypto.Util.SECURERANDOMGEN=new ee,ue.crypto.Util.getRandomHexOfNbytes=function(e){var t=new Array(e);return ue.crypto.Util.SECURERANDOMGEN.nextBytes(t),pe(t)},ue.crypto.Util.getRandomBigIntegerOfNbytes=function(e){return new b(ue.crypto.Util.getRandomHexOfNbytes(e),16)},ue.crypto.Util.getRandomHexOfNbits=function(e){var t=e%8,r=new Array((e-t)/8+1);return ue.crypto.Util.SECURERANDOMGEN.nextBytes(r),r[0]=(255<<t&255^255)&r[0],pe(r)},ue.crypto.Util.getRandomBigIntegerOfNbits=function(e){return new b(ue.crypto.Util.getRandomHexOfNbits(e),16)},ue.crypto.Util.getRandomBigIntegerZeroToMax=function(e){for(var t=e.bitLength();;){var r=ue.crypto.Util.getRandomBigIntegerOfNbits(t);if(-1!=e.compareTo(r))return r}},ue.crypto.Util.getRandomBigIntegerMinToMax=function(e,t){var r=e.compareTo(t);if(1==r)throw"biMin is greater than biMax";if(0==r)return e;var n=t.subtract(e);return ue.crypto.Util.getRandomBigIntegerZeroToMax(n).add(e)},ue.crypto.MessageDigest=function(e){this.setAlgAndProvider=function(e,t){if(null!==(e=ue.crypto.MessageDigest.getCanonicalAlgName(e))&&void 0===t&&(t=ue.crypto.Util.DEFAULTPROVIDER[e]),-1!=":md5:sha1:sha224:sha256:sha384:sha512:ripemd160:".indexOf(e)&&"cryptojs"==t){try{this.md=ue.crypto.Util.CRYPTOJSMESSAGEDIGESTNAME[e].create()}catch(t){throw"setAlgAndProvider hash alg set fail alg="+e+"/"+t}this.updateString=function(e){this.md.update(e)},this.updateHex=function(e){var t=y.enc.Hex.parse(e);this.md.update(t)},this.digest=function(){return this.md.finalize().toString(y.enc.Hex)},this.digestString=function(e){return this.updateString(e),this.digest()},this.digestHex=function(e){return this.updateHex(e),this.digest()}}if(-1!=":sha256:".indexOf(e)&&"sjcl"==t){try{this.md=new sjcl.hash.sha256}catch(t){throw"setAlgAndProvider hash alg set fail alg="+e+"/"+t}this.updateString=function(e){this.md.update(e)},this.updateHex=function(e){var t=sjcl.codec.hex.toBits(e);this.md.update(t)},this.digest=function(){var e=this.md.finalize();return sjcl.codec.hex.fromBits(e)},this.digestString=function(e){return this.updateString(e),this.digest()},this.digestHex=function(e){return this.updateHex(e),this.digest()}}},this.updateString=function(e){throw"updateString(str) not supported for this alg/prov: "+this.algName+"/"+this.provName},this.updateHex=function(e){throw"updateHex(hex) not supported for this alg/prov: "+this.algName+"/"+this.provName},this.digest=function(){throw"digest() not supported for this alg/prov: "+this.algName+"/"+this.provName},this.digestString=function(e){throw"digestString(str) not supported for this alg/prov: "+this.algName+"/"+this.provName},this.digestHex=function(e){throw"digestHex(hex) not supported for this alg/prov: "+this.algName+"/"+this.provName},void 0!==e&&void 0!==e.alg&&(this.algName=e.alg,void 0===e.prov&&(this.provName=ue.crypto.Util.DEFAULTPROVIDER[this.algName]),this.setAlgAndProvider(this.algName,this.provName))},ue.crypto.MessageDigest.getCanonicalAlgName=function(e){return"string"==typeof e&&(e=(e=e.toLowerCase()).replace(/-/,"")),e},ue.crypto.MessageDigest.getHashLength=function(e){var t=ue.crypto.MessageDigest,r=t.getCanonicalAlgName(e);if(void 0===t.HASHLENGTH[r])throw"not supported algorithm: "+e;return t.HASHLENGTH[r]},ue.crypto.MessageDigest.HASHLENGTH={md5:16,sha1:20,sha224:28,sha256:32,sha384:48,sha512:64,ripemd160:20},ue.crypto.Mac=function(e){this.setAlgAndProvider=function(e,t){if(null==(e=e.toLowerCase())&&(e="hmacsha1"),"hmac"!=(e=e.toLowerCase()).substr(0,4))throw"setAlgAndProvider unsupported HMAC alg: "+e;void 0===t&&(t=ue.crypto.Util.DEFAULTPROVIDER[e]),this.algProv=e+"/"+t;var r=e.substr(4);if(-1!=":md5:sha1:sha224:sha256:sha384:sha512:ripemd160:".indexOf(r)&&"cryptojs"==t){try{var n=ue.crypto.Util.CRYPTOJSMESSAGEDIGESTNAME[r];this.mac=y.algo.HMAC.create(n,this.pass)}catch(e){throw"setAlgAndProvider hash alg set fail hashAlg="+r+"/"+e}this.updateString=function(e){this.mac.update(e)},this.updateHex=function(e){var t=y.enc.Hex.parse(e);this.mac.update(t)},this.doFinal=function(){return this.mac.finalize().toString(y.enc.Hex)},this.doFinalString=function(e){return this.updateString(e),this.doFinal()},this.doFinalHex=function(e){return this.updateHex(e),this.doFinal()}}},this.updateString=function(e){throw"updateString(str) not supported for this alg/prov: "+this.algProv},this.updateHex=function(e){throw"updateHex(hex) not supported for this alg/prov: "+this.algProv},this.doFinal=function(){throw"digest() not supported for this alg/prov: "+this.algProv},this.doFinalString=function(e){throw"digestString(str) not supported for this alg/prov: "+this.algProv},this.doFinalHex=function(e){throw"digestHex(hex) not supported for this alg/prov: "+this.algProv},this.setPassword=function(e){if("string"==typeof e){var t=e;return e.length%2!=1&&e.match(/^[0-9A-Fa-f]+$/)||(t=Ee(e)),void(this.pass=y.enc.Hex.parse(t))}if("object"!=(void 0===e?"undefined":d(e)))throw"KJUR.crypto.Mac unsupported password type: "+e;if(t=null,void 0!==e.hex){if(e.hex.length%2!=0||!e.hex.match(/^[0-9A-Fa-f]+$/))throw"Mac: wrong hex password: "+e.hex;t=e.hex}if(void 0!==e.utf8&&(t=_e(e.utf8)),void 0!==e.rstr&&(t=Ee(e.rstr)),void 0!==e.b64&&(t=_(e.b64)),void 0!==e.b64u&&(t=we(e.b64u)),null==t)throw"KJUR.crypto.Mac unsupported password type: "+e;this.pass=y.enc.Hex.parse(t)},void 0!==e&&(void 0!==e.pass&&this.setPassword(e.pass),void 0!==e.alg&&(this.algName=e.alg,void 0===e.prov&&(this.provName=ue.crypto.Util.DEFAULTPROVIDER[this.algName]),this.setAlgAndProvider(this.algName,this.provName)))},ue.crypto.Signature=function(e){var t=null;if(this._setAlgNames=function(){var e=this.algName.match(/^(.+)with(.+)$/);e&&(this.mdAlgName=e[1].toLowerCase(),this.pubkeyAlgName=e[2].toLowerCase(),"rsaandmgf1"==this.pubkeyAlgName&&"sha"==this.mdAlgName&&(this.mdAlgName="sha1"))},this._zeroPaddingOfSignature=function(e,t){for(var r="",n=t/4-e.length,i=0;i<n;i++)r+="0";return r+e},this.setAlgAndProvider=function(e,t){if(this._setAlgNames(),"cryptojs/jsrsa"!=t)throw new Error("provider not supported: "+t);if(-1!=":md5:sha1:sha224:sha256:sha384:sha512:ripemd160:".indexOf(this.mdAlgName)){try{this.md=new ue.crypto.MessageDigest({alg:this.mdAlgName})}catch(e){throw new Error("setAlgAndProvider hash alg set fail alg="+this.mdAlgName+"/"+e)}this.init=function(e,t){var r=null;try{r=void 0===t?Ke.getKey(e):Ke.getKey(e,t)}catch(e){throw"init failed:"+e}if(!0===r.isPrivate)this.prvKey=r,this.state="SIGN";else{if(!0!==r.isPublic)throw"init failed.:"+r;this.pubKey=r,this.state="VERIFY"}},this.updateString=function(e){this.md.updateString(e)},this.updateHex=function(e){this.md.updateHex(e)},this.sign=function(){if(this.sHashHex=this.md.digest(),void 0===this.prvKey&&void 0!==this.ecprvhex&&void 0!==this.eccurvename&&void 0!==ue.crypto.ECDSA&&(this.prvKey=new ue.crypto.ECDSA({curve:this.eccurvename,prv:this.ecprvhex})),this.prvKey instanceof ne&&"rsaandmgf1"===this.pubkeyAlgName)this.hSign=this.prvKey.signWithMessageHashPSS(this.sHashHex,this.mdAlgName,this.pssSaltLen);else if(this.prvKey instanceof ne&&"rsa"===this.pubkeyAlgName)this.hSign=this.prvKey.signWithMessageHash(this.sHashHex,this.mdAlgName);else if(this.prvKey instanceof ue.crypto.ECDSA)this.hSign=this.prvKey.signWithMessageHash(this.sHashHex);else{if(!(this.prvKey instanceof ue.crypto.DSA))throw"Signature: unsupported private key alg: "+this.pubkeyAlgName;this.hSign=this.prvKey.signWithMessageHash(this.sHashHex)}return this.hSign},this.signString=function(e){return this.updateString(e),this.sign()},this.signHex=function(e){return this.updateHex(e),this.sign()},this.verify=function(e){if(this.sHashHex=this.md.digest(),void 0===this.pubKey&&void 0!==this.ecpubhex&&void 0!==this.eccurvename&&void 0!==ue.crypto.ECDSA&&(this.pubKey=new ue.crypto.ECDSA({curve:this.eccurvename,pub:this.ecpubhex})),this.pubKey instanceof ne&&"rsaandmgf1"===this.pubkeyAlgName)return this.pubKey.verifyWithMessageHashPSS(this.sHashHex,e,this.mdAlgName,this.pssSaltLen);if(this.pubKey instanceof ne&&"rsa"===this.pubkeyAlgName)return this.pubKey.verifyWithMessageHash(this.sHashHex,e);if(void 0!==ue.crypto.ECDSA&&this.pubKey instanceof ue.crypto.ECDSA)return this.pubKey.verifyWithMessageHash(this.sHashHex,e);if(void 0!==ue.crypto.DSA&&this.pubKey instanceof ue.crypto.DSA)return this.pubKey.verifyWithMessageHash(this.sHashHex,e);throw"Signature: unsupported public key alg: "+this.pubkeyAlgName}}},this.init=function(e,t){throw"init(key, pass) not supported for this alg:prov="+this.algProvName},this.updateString=function(e){throw"updateString(str) not supported for this alg:prov="+this.algProvName},this.updateHex=function(e){throw"updateHex(hex) not supported for this alg:prov="+this.algProvName},this.sign=function(){throw"sign() not supported for this alg:prov="+this.algProvName},this.signString=function(e){throw"digestString(str) not supported for this alg:prov="+this.algProvName},this.signHex=function(e){throw"digestHex(hex) not supported for this alg:prov="+this.algProvName},this.verify=function(e){throw"verify(hSigVal) not supported for this alg:prov="+this.algProvName},this.initParams=e,void 0!==e&&(void 0!==e.alg&&(this.algName=e.alg,void 0===e.prov?this.provName=ue.crypto.Util.DEFAULTPROVIDER[this.algName]:this.provName=e.prov,this.algProvName=this.algName+":"+this.provName,this.setAlgAndProvider(this.algName,this.provName),this._setAlgNames()),void 0!==e.psssaltlen&&(this.pssSaltLen=e.psssaltlen),void 0!==e.prvkeypem)){if(void 0!==e.prvkeypas)throw"both prvkeypem and prvkeypas parameters not supported";try{t=Ke.getKey(e.prvkeypem),this.init(t)}catch(e){throw"fatal error to load pem private key: "+e}}},ue.crypto.Cipher=function(e){},ue.crypto.Cipher.encrypt=function(e,t,r){if(t instanceof ne&&t.isPublic){var n=ue.crypto.Cipher.getAlgByKeyAndName(t,r);if("RSA"===n)return t.encrypt(e);if("RSAOAEP"===n)return t.encryptOAEP(e,"sha1");var i=n.match(/^RSAOAEP(\d+)$/);if(null!==i)return t.encryptOAEP(e,"sha"+i[1]);throw"Cipher.encrypt: unsupported algorithm for RSAKey: "+r}throw"Cipher.encrypt: unsupported key or algorithm"},ue.crypto.Cipher.decrypt=function(e,t,r){if(t instanceof ne&&t.isPrivate){var n=ue.crypto.Cipher.getAlgByKeyAndName(t,r);if("RSA"===n)return t.decrypt(e);if("RSAOAEP"===n)return t.decryptOAEP(e,"sha1");var i=n.match(/^RSAOAEP(\d+)$/);if(null!==i)return t.decryptOAEP(e,"sha"+i[1]);throw"Cipher.decrypt: unsupported algorithm for RSAKey: "+r}throw"Cipher.decrypt: unsupported key or algorithm"},ue.crypto.Cipher.getAlgByKeyAndName=function(e,t){if(e instanceof ne){if(-1!=":RSA:RSAOAEP:RSAOAEP224:RSAOAEP256:RSAOAEP384:RSAOAEP512:".indexOf(t))return t;if(null==t)return"RSA";throw"getAlgByKeyAndName: not supported algorithm name for RSAKey: "+t}throw"getAlgByKeyAndName: not supported algorithm name: "+t},ue.crypto.OID=new function(){this.oidhex2name={"2a864886f70d010101":"rsaEncryption","2a8648ce3d0201":"ecPublicKey","2a8648ce380401":"dsa","2a8648ce3d030107":"secp256r1","2b8104001f":"secp192k1","2b81040021":"secp224r1","2b8104000a":"secp256k1","2b81040023":"secp521r1","2b81040022":"secp384r1","2a8648ce380403":"SHA1withDSA","608648016503040301":"SHA224withDSA","608648016503040302":"SHA256withDSA"}},void 0!==ue&&ue||(t.KJUR=ue={}),void 0!==ue.crypto&&ue.crypto||(ue.crypto={}),ue.crypto.ECDSA=function(e){var t=Error,r=b,n=oe,i=ue.crypto.ECDSA,o=ue.crypto.ECParameterDB,s=i.getName,a=le,u=a.getVbyListEx,c=a.isASN1HEX,h=new ee;this.type="EC",this.isPrivate=!1,this.isPublic=!1,this.getBigRandom=function(e){return new r(e.bitLength(),h).mod(e.subtract(r.ONE)).add(r.ONE)},this.setNamedCurve=function(e){this.ecparams=o.getByName(e),this.prvKeyHex=null,this.pubKeyHex=null,this.curveName=e},this.setPrivateKeyHex=function(e){this.isPrivate=!0,this.prvKeyHex=e},this.setPublicKeyHex=function(e){this.isPublic=!0,this.pubKeyHex=e},this.getPublicKeyXYHex=function(){var e=this.pubKeyHex;if("04"!==e.substr(0,2))throw"this method supports uncompressed format(04) only";var t=this.ecparams.keylen/4;if(e.length!==2+2*t)throw"malformed public key hex length";var r={};return r.x=e.substr(2,t),r.y=e.substr(2+t),r},this.getShortNISTPCurveName=function(){var e=this.curveName;return"secp256r1"===e||"NIST P-256"===e||"P-256"===e||"prime256v1"===e?"P-256":"secp384r1"===e||"NIST P-384"===e||"P-384"===e?"P-384":null},this.generateKeyPairHex=function(){var e=this.ecparams.n,t=this.getBigRandom(e),r=this.ecparams.G.multiply(t),n=r.getX().toBigInteger(),i=r.getY().toBigInteger(),o=this.ecparams.keylen/4,s=("0000000000"+t.toString(16)).slice(-o),a="04"+("0000000000"+n.toString(16)).slice(-o)+("0000000000"+i.toString(16)).slice(-o);return this.setPrivateKeyHex(s),this.setPublicKeyHex(a),{ecprvhex:s,ecpubhex:a}},this.signWithMessageHash=function(e){return this.signHex(e,this.prvKeyHex)},this.signHex=function(e,t){var n=new r(t,16),o=this.ecparams.n,s=new r(e.substring(0,this.ecparams.keylen/4),16);do{var a=this.getBigRandom(o),u=this.ecparams.G.multiply(a).getX().toBigInteger().mod(o)}while(u.compareTo(r.ZERO)<=0);var c=a.modInverse(o).multiply(s.add(n.multiply(u))).mod(o);return i.biRSSigToASN1Sig(u,c)},this.sign=function(e,t){var n=t,i=this.ecparams.n,o=r.fromByteArrayUnsigned(e);do{var s=this.getBigRandom(i),a=this.ecparams.G.multiply(s).getX().toBigInteger().mod(i)}while(a.compareTo(b.ZERO)<=0);var u=s.modInverse(i).multiply(o.add(n.multiply(a))).mod(i);return this.serializeSig(a,u)},this.verifyWithMessageHash=function(e,t){return this.verifyHex(e,t,this.pubKeyHex)},this.verifyHex=function(e,t,o){try{var s,a,u=i.parseSigHex(t);s=u.r,a=u.s;var c=n.decodeFromHex(this.ecparams.curve,o),h=new r(e.substring(0,this.ecparams.keylen/4),16);return this.verifyRaw(h,s,a,c)}catch(e){return!1}},this.verify=function(e,t,i){var o,s,a;if(Bitcoin.Util.isArray(t)){var u=this.parseSig(t);o=u.r,s=u.s}else{if("object"!==(void 0===t?"undefined":d(t))||!t.r||!t.s)throw"Invalid value for signature";o=t.r,s=t.s}if(i instanceof oe)a=i;else{if(!Bitcoin.Util.isArray(i))throw"Invalid format for pubkey value, must be byte array or ECPointFp";a=n.decodeFrom(this.ecparams.curve,i)}var c=r.fromByteArrayUnsigned(e);return this.verifyRaw(c,o,s,a)},this.verifyRaw=function(e,t,n,i){var o=this.ecparams.n,s=this.ecparams.G;if(t.compareTo(r.ONE)<0||t.compareTo(o)>=0)return!1;if(n.compareTo(r.ONE)<0||n.compareTo(o)>=0)return!1;var a=n.modInverse(o),u=e.multiply(a).mod(o),c=t.multiply(a).mod(o);return s.multiply(u).add(i.multiply(c)).getX().toBigInteger().mod(o).equals(t)},this.serializeSig=function(e,t){var r=e.toByteArraySigned(),n=t.toByteArraySigned(),i=[];return i.push(2),i.push(r.length),(i=i.concat(r)).push(2),i.push(n.length),(i=i.concat(n)).unshift(i.length),i.unshift(48),i},this.parseSig=function(e){var t;if(48!=e[0])throw new Error("Signature not a valid DERSequence");if(2!=e[t=2])throw new Error("First element in signature must be a DERInteger");var n=e.slice(t+2,t+2+e[t+1]);if(2!=e[t+=2+e[t+1]])throw new Error("Second element in signature must be a DERInteger");var i=e.slice(t+2,t+2+e[t+1]);return t+=2+e[t+1],{r:r.fromByteArrayUnsigned(n),s:r.fromByteArrayUnsigned(i)}},this.parseSigCompact=function(e){if(65!==e.length)throw"Signature has the wrong length";var t=e[0]-27;if(t<0||t>7)throw"Invalid signature type";var n=this.ecparams.n;return{r:r.fromByteArrayUnsigned(e.slice(1,33)).mod(n),s:r.fromByteArrayUnsigned(e.slice(33,65)).mod(n),i:t}},this.readPKCS5PrvKeyHex=function(e){if(!1===c(e))throw new Error("not ASN.1 hex string");var t,r,n;try{t=u(e,0,["[0]",0],"06"),r=u(e,0,[1],"04");try{n=u(e,0,["[1]",0],"03")}catch(e){}}catch(e){throw new Error("malformed PKCS#1/5 plain ECC private key")}if(this.curveName=s(t),void 0===this.curveName)throw"unsupported curve name";this.setNamedCurve(this.curveName),this.setPublicKeyHex(n),this.setPrivateKeyHex(r),this.isPublic=!1},this.readPKCS8PrvKeyHex=function(e){if(!1===c(e))throw new t("not ASN.1 hex string");var r,n,i;try{u(e,0,[1,0],"06"),r=u(e,0,[1,1],"06"),n=u(e,0,[2,0,1],"04");try{i=u(e,0,[2,0,"[1]",0],"03")}catch(e){}}catch(e){throw new t("malformed PKCS#8 plain ECC private key")}if(this.curveName=s(r),void 0===this.curveName)throw new t("unsupported curve name");this.setNamedCurve(this.curveName),this.setPublicKeyHex(i),this.setPrivateKeyHex(n),this.isPublic=!1},this.readPKCS8PubKeyHex=function(e){if(!1===c(e))throw new t("not ASN.1 hex string");var r,n;try{u(e,0,[0,0],"06"),r=u(e,0,[0,1],"06"),n=u(e,0,[1],"03")}catch(e){throw new t("malformed PKCS#8 ECC public key")}if(this.curveName=s(r),null===this.curveName)throw new t("unsupported curve name");this.setNamedCurve(this.curveName),this.setPublicKeyHex(n)},this.readCertPubKeyHex=function(e,r){if(!1===c(e))throw new t("not ASN.1 hex string");var n,i;try{n=u(e,0,[0,5,0,1],"06"),i=u(e,0,[0,5,1],"03")}catch(e){throw new t("malformed X.509 certificate ECC public key")}if(this.curveName=s(n),null===this.curveName)throw new t("unsupported curve name");this.setNamedCurve(this.curveName),this.setPublicKeyHex(i)},void 0!==e&&void 0!==e.curve&&(this.curveName=e.curve),void 0===this.curveName&&(this.curveName="secp256r1"),this.setNamedCurve(this.curveName),void 0!==e&&(void 0!==e.prv&&this.setPrivateKeyHex(e.prv),void 0!==e.pub&&this.setPublicKeyHex(e.pub))},ue.crypto.ECDSA.parseSigHex=function(e){var t=ue.crypto.ECDSA.parseSigHexInHexRS(e);return{r:new b(t.r,16),s:new b(t.s,16)}},ue.crypto.ECDSA.parseSigHexInHexRS=function(e){var t=le,r=t.getChildIdx,n=t.getV;if(t.checkStrictDER(e,0),"30"!=e.substr(0,2))throw new Error("signature is not a ASN.1 sequence");var i=r(e,0);if(2!=i.length)throw new Error("signature shall have two elements");var o=i[0],s=i[1];if("02"!=e.substr(o,2))throw new Error("1st item not ASN.1 integer");if("02"!=e.substr(s,2))throw new Error("2nd item not ASN.1 integer");return{r:n(e,o),s:n(e,s)}},ue.crypto.ECDSA.asn1SigToConcatSig=function(e){var t=ue.crypto.ECDSA.parseSigHexInHexRS(e),r=t.r,n=t.s;if("00"==r.substr(0,2)&&r.length%32==2&&(r=r.substr(2)),"00"==n.substr(0,2)&&n.length%32==2&&(n=n.substr(2)),r.length%32==30&&(r="00"+r),n.length%32==30&&(n="00"+n),r.length%32!=0)throw"unknown ECDSA sig r length error";if(n.length%32!=0)throw"unknown ECDSA sig s length error";return r+n},ue.crypto.ECDSA.concatSigToASN1Sig=function(e){if(e.length/2*8%128!=0)throw"unknown ECDSA concatinated r-s sig  length error";var t=e.substr(0,e.length/2),r=e.substr(e.length/2);return ue.crypto.ECDSA.hexRSSigToASN1Sig(t,r)},ue.crypto.ECDSA.hexRSSigToASN1Sig=function(e,t){var r=new b(e,16),n=new b(t,16);return ue.crypto.ECDSA.biRSSigToASN1Sig(r,n)},ue.crypto.ECDSA.biRSSigToASN1Sig=function(e,t){var r=ue.asn1,n=new r.DERInteger({bigint:e}),i=new r.DERInteger({bigint:t});return new r.DERSequence({array:[n,i]}).getEncodedHex()},ue.crypto.ECDSA.getName=function(e){return"2b8104001f"===e?"secp192k1":"2a8648ce3d030107"===e?"secp256r1":"2b8104000a"===e?"secp256k1":"2b81040021"===e?"secp224r1":"2b81040022"===e?"secp384r1":-1!=="|secp256r1|NIST P-256|P-256|prime256v1|".indexOf(e)?"secp256r1":-1!=="|secp256k1|".indexOf(e)?"secp256k1":-1!=="|secp224r1|NIST P-224|P-224|".indexOf(e)?"secp224r1":-1!=="|secp384r1|NIST P-384|P-384|".indexOf(e)?"secp384r1":null},void 0!==ue&&ue||(t.KJUR=ue={}),void 0!==ue.crypto&&ue.crypto||(ue.crypto={}),ue.crypto.ECParameterDB=new function(){var e={},t={};function r(e){return new b(e,16)}this.getByName=function(r){var n=r;if(void 0!==t[n]&&(n=t[r]),void 0!==e[n])return e[n];throw"unregistered EC curve name: "+n},this.regist=function(n,i,o,s,a,u,c,h,l,f,d,p){e[n]={};var g=r(o),y=r(s),v=r(a),m=r(u),w=r(c),_=new se(g,y,v),S=_.decodePointHex("04"+h+l);e[n].name=n,e[n].keylen=i,e[n].curve=_,e[n].G=S,e[n].n=m,e[n].h=w,e[n].oid=d,e[n].info=p;for(var b=0;b<f.length;b++)t[f[b]]=n}},ue.crypto.ECParameterDB.regist("secp128r1",128,"FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF","FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC","E87579C11079F43DD824993C2CEE5ED3","FFFFFFFE0000000075A30D1B9038A115","1","161FF7528B899B2D0C28607CA52C5B86","CF5AC8395BAFEB13C02DA292DDED7A83",[],"","secp128r1 : SECG curve over a 128 bit prime field"),ue.crypto.ECParameterDB.regist("secp160k1",160,"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73","0","7","0100000000000000000001B8FA16DFAB9ACA16B6B3","1","3B4C382CE37AA192A4019E763036F4F5DD4D7EBB","938CF935318FDCED6BC28286531733C3F03C4FEE",[],"","secp160k1 : SECG curve over a 160 bit prime field"),ue.crypto.ECParameterDB.regist("secp160r1",160,"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF","FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC","1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45","0100000000000000000001F4C8F927AED3CA752257","1","4A96B5688EF573284664698968C38BB913CBFC82","23A628553168947D59DCC912042351377AC5FB32",[],"","secp160r1 : SECG curve over a 160 bit prime field"),ue.crypto.ECParameterDB.regist("secp192k1",192,"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37","0","3","FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D","1","DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D","9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D",[]),ue.crypto.ECParameterDB.regist("secp192r1",192,"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF","FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC","64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1","FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831","1","188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012","07192B95FFC8DA78631011ED6B24CDD573F977A11E794811",[]),ue.crypto.ECParameterDB.regist("secp224r1",224,"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001","FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE","B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4","FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D","1","B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21","BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34",[]),ue.crypto.ECParameterDB.regist("secp256k1",256,"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F","0","7","FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141","1","79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798","483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8",[]),ue.crypto.ECParameterDB.regist("secp256r1",256,"FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF","FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC","5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B","FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551","1","6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296","4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5",["NIST P-256","P-256","prime256v1"]),ue.crypto.ECParameterDB.regist("secp384r1",384,"FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF","FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC","B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF","FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973","1","AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7","3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f",["NIST P-384","P-384"]),ue.crypto.ECParameterDB.regist("secp521r1",521,"1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF","1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC","051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00","1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409","1","C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66","011839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650",["NIST P-521","P-521"]);var Ke=function(){var e=function(e,r,n){return t(y.AES,e,r,n)},t=function(e,t,r,n){var i=y.enc.Hex.parse(t),o=y.enc.Hex.parse(r),s=y.enc.Hex.parse(n),a={};a.key=o,a.iv=s,a.ciphertext=i;var u=e.decrypt(a,o,{iv:s});return y.enc.Hex.stringify(u)},r=function(e,t,r){return n(y.AES,e,t,r)},n=function(e,t,r,n){var i=y.enc.Hex.parse(t),o=y.enc.Hex.parse(r),s=y.enc.Hex.parse(n),a=e.encrypt(i,o,{iv:s}),u=y.enc.Hex.parse(a.toString());return y.enc.Base64.stringify(u)},i={"AES-256-CBC":{proc:e,eproc:r,keylen:32,ivlen:16},"AES-192-CBC":{proc:e,eproc:r,keylen:24,ivlen:16},"AES-128-CBC":{proc:e,eproc:r,keylen:16,ivlen:16},"DES-EDE3-CBC":{proc:function(e,r,n){return t(y.TripleDES,e,r,n)},eproc:function(e,t,r){return n(y.TripleDES,e,t,r)},keylen:24,ivlen:8},"DES-CBC":{proc:function(e,r,n){return t(y.DES,e,r,n)},eproc:function(e,t,r){return n(y.DES,e,t,r)},keylen:8,ivlen:8}},o=function(e){var t={},r=e.match(new RegExp("DEK-Info: ([^,]+),([0-9A-Fa-f]+)","m"));r&&(t.cipher=r[1],t.ivsalt=r[2]);var n=e.match(new RegExp("-----BEGIN ([A-Z]+) PRIVATE KEY-----"));n&&(t.type=n[1]);var i=-1,o=0;-1!=e.indexOf("\r\n\r\n")&&(i=e.indexOf("\r\n\r\n"),o=2),-1!=e.indexOf("\n\n")&&(i=e.indexOf("\n\n"),o=1);var s=e.indexOf("-----END");if(-1!=i&&-1!=s){var a=e.substring(i+2*o,s-o);a=a.replace(/\s+/g,""),t.data=a}return t},s=function(e,t,r){for(var n=r.substring(0,16),o=y.enc.Hex.parse(n),s=y.enc.Utf8.parse(t),a=i[e].keylen+i[e].ivlen,u="",c=null;;){var h=y.algo.MD5.create();if(null!=c&&h.update(c),h.update(s),h.update(o),c=h.finalize(),(u+=y.enc.Hex.stringify(c)).length>=2*a)break}var l={};return l.keyhex=u.substr(0,2*i[e].keylen),l.ivhex=u.substr(2*i[e].keylen,2*i[e].ivlen),l},a=function(e,t,r,n){var o=y.enc.Base64.parse(e),s=y.enc.Hex.stringify(o);return(0,i[t].proc)(s,r,n)};return{version:"1.0.0",parsePKCS5PEM:function(e){return o(e)},getKeyAndUnusedIvByPasscodeAndIvsalt:function(e,t,r){return s(e,t,r)},decryptKeyB64:function(e,t,r,n){return a(e,t,r,n)},getDecryptedKeyHex:function(e,t){var r=o(e),n=r.cipher,i=r.ivsalt,u=r.data,c=s(n,t,i).keyhex;return a(u,n,c,i)},getEncryptedPKCS5PEMFromPrvKeyHex:function(e,t,r,n,o){var a="";if(void 0!==n&&null!=n||(n="AES-256-CBC"),void 0===i[n])throw new Error("KEYUTIL unsupported algorithm: "+n);void 0!==o&&null!=o||(o=function(e){var t=y.lib.WordArray.random(e);return y.enc.Hex.stringify(t)}(i[n].ivlen).toUpperCase());var u=function(e,t,r,n){return(0,i[t].eproc)(e,r,n)}(t,n,s(n,r,o).keyhex,o);return a="-----BEGIN "+e+" PRIVATE KEY-----\r\n",a+="Proc-Type: 4,ENCRYPTED\r\n",a+="DEK-Info: "+n+","+o+"\r\n",a+="\r\n",(a+=u.replace(/(.{64})/g,"$1\r\n"))+"\r\n-----END "+e+" PRIVATE KEY-----\r\n"},parseHexOfEncryptedPKCS8:function(e){var t=le,r=t.getChildIdx,n=t.getV,i={},o=r(e,0);if(2!=o.length)throw new Error("malformed format: SEQUENCE(0).items != 2: "+o.length);i.ciphertext=n(e,o[1]);var s=r(e,o[0]);if(2!=s.length)throw new Error("malformed format: SEQUENCE(0.0).items != 2: "+s.length);if("2a864886f70d01050d"!=n(e,s[0]))throw new Error("this only supports pkcs5PBES2");var a=r(e,s[1]);if(2!=s.length)throw new Error("malformed format: SEQUENCE(0.0.1).items != 2: "+a.length);var u=r(e,a[1]);if(2!=u.length)throw new Error("malformed format: SEQUENCE(0.0.1.1).items != 2: "+u.length);if("2a864886f70d0307"!=n(e,u[0]))throw"this only supports TripleDES";i.encryptionSchemeAlg="TripleDES",i.encryptionSchemeIV=n(e,u[1]);var c=r(e,a[0]);if(2!=c.length)throw new Error("malformed format: SEQUENCE(0.0.1.0).items != 2: "+c.length);if("2a864886f70d01050c"!=n(e,c[0]))throw new Error("this only supports pkcs5PBKDF2");var h=r(e,c[1]);if(h.length<2)throw new Error("malformed format: SEQUENCE(0.0.1.0.1).items < 2: "+h.length);i.pbkdf2Salt=n(e,h[0]);var l=n(e,h[1]);try{i.pbkdf2Iter=parseInt(l,16)}catch(e){throw new Error("malformed format pbkdf2Iter: "+l)}return i},getPBKDF2KeyHexFromParam:function(e,t){var r=y.enc.Hex.parse(e.pbkdf2Salt),n=e.pbkdf2Iter,i=y.PBKDF2(t,r,{keySize:6,iterations:n});return y.enc.Hex.stringify(i)},_getPlainPKCS8HexFromEncryptedPKCS8PEM:function(e,t){var r=Pe(e,"ENCRYPTED PRIVATE KEY"),n=this.parseHexOfEncryptedPKCS8(r),i=Ke.getPBKDF2KeyHexFromParam(n,t),o={};o.ciphertext=y.enc.Hex.parse(n.ciphertext);var s=y.enc.Hex.parse(i),a=y.enc.Hex.parse(n.encryptionSchemeIV),u=y.TripleDES.decrypt(o,s,{iv:a});return y.enc.Hex.stringify(u)},getKeyFromEncryptedPKCS8PEM:function(e,t){var r=this._getPlainPKCS8HexFromEncryptedPKCS8PEM(e,t);return this.getKeyFromPlainPrivatePKCS8Hex(r)},parsePlainPrivatePKCS8Hex:function(e){var t=le,r=t.getChildIdx,n=t.getV,i={algparam:null};if("30"!=e.substr(0,2))throw new Error("malformed plain PKCS8 private key(code:001)");var o=r(e,0);if(o.length<3)throw new Error("malformed plain PKCS8 private key(code:002)");if("30"!=e.substr(o[1],2))throw new Error("malformed PKCS8 private key(code:003)");var s=r(e,o[1]);if(2!=s.length)throw new Error("malformed PKCS8 private key(code:004)");if("06"!=e.substr(s[0],2))throw new Error("malformed PKCS8 private key(code:005)");if(i.algoid=n(e,s[0]),"06"==e.substr(s[1],2)&&(i.algparam=n(e,s[1])),"04"!=e.substr(o[2],2))throw new Error("malformed PKCS8 private key(code:006)");return i.keyidx=t.getVidx(e,o[2]),i},getKeyFromPlainPrivatePKCS8PEM:function(e){var t=Pe(e,"PRIVATE KEY");return this.getKeyFromPlainPrivatePKCS8Hex(t)},getKeyFromPlainPrivatePKCS8Hex:function(e){var t,r=this.parsePlainPrivatePKCS8Hex(e);if("2a864886f70d010101"==r.algoid)t=new ne;else if("2a8648ce380401"==r.algoid)t=new ue.crypto.DSA;else{if("2a8648ce3d0201"!=r.algoid)throw new Error("unsupported private key algorithm");t=new ue.crypto.ECDSA}return t.readPKCS8PrvKeyHex(e),t},_getKeyFromPublicPKCS8Hex:function(e){var t,r=le.getVbyList(e,0,[0,0],"06");if("2a864886f70d010101"===r)t=new ne;else if("2a8648ce380401"===r)t=new ue.crypto.DSA;else{if("2a8648ce3d0201"!==r)throw new Error("unsupported PKCS#8 public key hex");t=new ue.crypto.ECDSA}return t.readPKCS8PubKeyHex(e),t},parsePublicRawRSAKeyHex:function(e){var t=le,r=t.getChildIdx,n=t.getV,i={};if("30"!=e.substr(0,2))throw new Error("malformed RSA key(code:001)");var o=r(e,0);if(2!=o.length)throw new Error("malformed RSA key(code:002)");if("02"!=e.substr(o[0],2))throw new Error("malformed RSA key(code:003)");if(i.n=n(e,o[0]),"02"!=e.substr(o[1],2))throw new Error("malformed RSA key(code:004)");return i.e=n(e,o[1]),i},parsePublicPKCS8Hex:function(e){var t=le,r=t.getChildIdx,n=t.getV,i={algparam:null},o=r(e,0);if(2!=o.length)throw new Error("outer DERSequence shall have 2 elements: "+o.length);var s=o[0];if("30"!=e.substr(s,2))throw new Error("malformed PKCS8 public key(code:001)");var a=r(e,s);if(2!=a.length)throw new Error("malformed PKCS8 public key(code:002)");if("06"!=e.substr(a[0],2))throw new Error("malformed PKCS8 public key(code:003)");if(i.algoid=n(e,a[0]),"06"==e.substr(a[1],2)?i.algparam=n(e,a[1]):"30"==e.substr(a[1],2)&&(i.algparam={},i.algparam.p=t.getVbyList(e,a[1],[0],"02"),i.algparam.q=t.getVbyList(e,a[1],[1],"02"),i.algparam.g=t.getVbyList(e,a[1],[2],"02")),"03"!=e.substr(o[1],2))throw new Error("malformed PKCS8 public key(code:004)");return i.key=n(e,o[1]).substr(2),i}}}();function Ve(e,t){for(var r="",n=t/4-e.length,i=0;i<n;i++)r+="0";return r+e}function qe(e,t,r){for(var n="",i=0;n.length<t;)n+=be(r(Ee(e+String.fromCharCode.apply(String,[(4278190080&i)>>24,(16711680&i)>>16,(65280&i)>>8,255&i])))),i+=1;return n}function Je(e){for(var t in ue.crypto.Util.DIGESTINFOHEAD){var r=ue.crypto.Util.DIGESTINFOHEAD[t],n=r.length;if(e.substring(0,n)==r)return[t,e.substring(n)]}return[]}function We(e){var t,r=le,n=r.getChildIdx,i=r.getV,o=r.getTLV,s=r.getVbyList,a=r.getVbyListEx,u=r.getTLVbyList,c=r.getTLVbyListEx,h=r.getIdxbyList,l=r.getIdxbyListEx,f=r.getVidx,d=r.getInt,p=r.oidname,g=r.hextooidstr,y=Pe;try{t=ue.asn1.x509.AlgorithmIdentifier.PSSNAME2ASN1TLV}catch(e){}this.HEX2STAG={"0c":"utf8",13:"prn",16:"ia5","1a":"vis","1e":"bmp"},this.hex=null,this.version=0,this.foffset=0,this.aExtInfo=null,this.getVersion=function(){if(null===this.hex||0!==this.version)return this.version;var e=u(this.hex,0,[0,0]);if("a0"==e.substr(0,2)){var t=u(e,0,[0]),r=d(t,0);if(r<0||2<r)throw new Error("malformed version field");return this.version=r+1,this.version}return this.version=1,this.foffset=-1,1},this.getSerialNumberHex=function(){return a(this.hex,0,[0,0],"02")},this.getSignatureAlgorithmField=function(){var e=c(this.hex,0,[0,1]);return this.getAlgorithmIdentifierName(e)},this.getAlgorithmIdentifierName=function(e){for(var r in t)if(e===t[r])return r;return p(a(e,0,[0],"06"))},this.getIssuer=function(){return this.getX500Name(this.getIssuerHex())},this.getIssuerHex=function(){return u(this.hex,0,[0,3+this.foffset],"30")},this.getIssuerString=function(){return this.getIssuer().str},this.getSubject=function(){return this.getX500Name(this.getSubjectHex())},this.getSubjectHex=function(){return u(this.hex,0,[0,5+this.foffset],"30")},this.getSubjectString=function(){return this.getSubject().str},this.getNotBefore=function(){var e=s(this.hex,0,[0,4+this.foffset,0]);return e=e.replace(/(..)/g,"%$1"),decodeURIComponent(e)},this.getNotAfter=function(){var e=s(this.hex,0,[0,4+this.foffset,1]);return e=e.replace(/(..)/g,"%$1"),decodeURIComponent(e)},this.getPublicKeyHex=function(){return r.getTLVbyList(this.hex,0,[0,6+this.foffset],"30")},this.getPublicKeyIdx=function(){return h(this.hex,0,[0,6+this.foffset],"30")},this.getPublicKeyContentIdx=function(){var e=this.getPublicKeyIdx();return h(this.hex,e,[1,0],"30")},this.getPublicKey=function(){return Ke.getKey(this.getPublicKeyHex(),null,"pkcs8pub")},this.getSignatureAlgorithmName=function(){var e=u(this.hex,0,[1],"30");return this.getAlgorithmIdentifierName(e)},this.getSignatureValueHex=function(){return s(this.hex,0,[2],"03",!0)},this.verifySignature=function(e){var t=this.getSignatureAlgorithmField(),r=this.getSignatureValueHex(),n=u(this.hex,0,[0],"30"),i=new ue.crypto.Signature({alg:t});return i.init(e),i.updateHex(n),i.verify(r)},this.parseExt=function(e){var t,o,a;if(void 0===e){if(a=this.hex,3!==this.version)return-1;t=h(a,0,[0,7,0],"30"),o=n(a,t)}else{a=Pe(e);var u=h(a,0,[0,3,0,0],"06");if("2a864886f70d01090e"!=i(a,u))return void(this.aExtInfo=new Array);t=h(a,0,[0,3,0,1,0],"30"),o=n(a,t),this.hex=a}this.aExtInfo=new Array;for(var c=0;c<o.length;c++){var l={critical:!1},d=0;3===n(a,o[c]).length&&(l.critical=!0,d=1),l.oid=r.hextooidstr(s(a,o[c],[0],"06"));var p=h(a,o[c],[1+d]);l.vidx=f(a,p),this.aExtInfo.push(l)}},this.getExtInfo=function(e){var t=this.aExtInfo,r=e;if(e.match(/^[0-9.]+$/)||(r=ue.asn1.x509.OID.name2oid(e)),""!==r)for(var n=0;n<t.length;n++)if(t[n].oid===r)return t[n]},this.getExtBasicConstraints=function(e,t){if(void 0===e&&void 0===t){var r=this.getExtInfo("basicConstraints");if(void 0===r)return;e=o(this.hex,r.vidx),t=r.critical}var n={extname:"basicConstraints"};if(t&&(n.critical=!0),"3000"===e)return n;if("30030101ff"===e)return n.cA=!0,n;if("30060101ff02"===e.substr(0,12)){var s=i(e,10),a=parseInt(s,16);return n.cA=!0,n.pathLen=a,n}throw new Error("hExtV parse error: "+e)},this.getExtKeyUsage=function(e,t){if(void 0===e&&void 0===t){var r=this.getExtInfo("keyUsage");if(void 0===r)return;e=o(this.hex,r.vidx),t=r.critical}var n={extname:"keyUsage"};return t&&(n.critical=!0),n.names=this.getExtKeyUsageString(e).split(","),n},this.getExtKeyUsageBin=function(e){if(void 0===e){var t=this.getExtInfo("keyUsage");if(void 0===t)return"";e=o(this.hex,t.vidx)}if(8!=e.length&&10!=e.length)throw new Error("malformed key usage value: "+e);var r="000000000000000"+parseInt(e.substr(6),16).toString(2);return 8==e.length&&(r=r.slice(-8)),10==e.length&&(r=r.slice(-16)),""==(r=r.replace(/0+$/,""))&&(r="0"),r},this.getExtKeyUsageString=function(e){for(var t=this.getExtKeyUsageBin(e),r=new Array,n=0;n<t.length;n++)"1"==t.substr(n,1)&&r.push(We.KEYUSAGE_NAME[n]);return r.join(",")},this.getExtSubjectKeyIdentifier=function(e,t){if(void 0===e&&void 0===t){var r=this.getExtInfo("subjectKeyIdentifier");if(void 0===r)return;e=o(this.hex,r.vidx),t=r.critical}var n={extname:"subjectKeyIdentifier"};t&&(n.critical=!0);var s=i(e,0);return n.kid={hex:s},n},this.getExtAuthorityKeyIdentifier=function(e,t){if(void 0===e&&void 0===t){var r=this.getExtInfo("authorityKeyIdentifier");if(void 0===r)return;e=o(this.hex,r.vidx),t=r.critical}var s={extname:"authorityKeyIdentifier"};t&&(s.critical=!0);for(var a=n(e,0),u=0;u<a.length;u++){var c=e.substr(a[u],2);if("80"===c&&(s.kid={hex:i(e,a[u])}),"a1"===c){var h=o(e,a[u]),l=this.getGeneralNames(h);s.issuer=l[0].dn}"82"===c&&(s.sn={hex:i(e,a[u])})}return s},this.getExtExtKeyUsage=function(e,t){if(void 0===e&&void 0===t){var r=this.getExtInfo("extKeyUsage");if(void 0===r)return;e=o(this.hex,r.vidx),t=r.critical}var s={extname:"extKeyUsage",array:[]};t&&(s.critical=!0);for(var a=n(e,0),u=0;u<a.length;u++)s.array.push(p(i(e,a[u])));return s},this.getExtExtKeyUsageName=function(){var e=this.getExtInfo("extKeyUsage");if(void 0===e)return e;var t=new Array,r=o(this.hex,e.vidx);if(""===r)return t;for(var s=n(r,0),a=0;a<s.length;a++)t.push(p(i(r,s[a])));return t},this.getExtSubjectAltName=function(e,t){if(void 0===e&&void 0===t){var r=this.getExtInfo("subjectAltName");if(void 0===r)return;e=o(this.hex,r.vidx),t=r.critical}var n={extname:"subjectAltName",array:[]};return t&&(n.critical=!0),n.array=this.getGeneralNames(e),n},this.getExtIssuerAltName=function(e,t){if(void 0===e&&void 0===t){var r=this.getExtInfo("issuerAltName");if(void 0===r)return;e=o(this.hex,r.vidx),t=r.critical}var n={extname:"issuerAltName",array:[]};return t&&(n.critical=!0),n.array=this.getGeneralNames(e),n},this.getGeneralNames=function(e){for(var t=n(e,0),r=[],i=0;i<t.length;i++){var s=this.getGeneralName(o(e,t[i]));void 0!==s&&r.push(s)}return r},this.getGeneralName=function(e){var t=e.substr(0,2),r=i(e,0),n=be(r);return"81"==t?{rfc822:n}:"82"==t?{dns:n}:"86"==t?{uri:n}:"87"==t?{ip:De(r)}:"a4"==t?{dn:this.getX500Name(r)}:void 0},this.getExtSubjectAltName2=function(){var e,t,r,s=this.getExtInfo("subjectAltName");if(void 0===s)return s;for(var a=new Array,u=o(this.hex,s.vidx),c=n(u,0),h=0;h<c.length;h++)r=u.substr(c[h],2),e=i(u,c[h]),"81"===r&&(t=Se(e),a.push(["MAIL",t])),"82"===r&&(t=Se(e),a.push(["DNS",t])),"84"===r&&(t=We.hex2dn(e,0),a.push(["DN",t])),"86"===r&&(t=Se(e),a.push(["URI",t])),"87"===r&&(t=De(e),a.push(["IP",t]));return a},this.getExtCRLDistributionPoints=function(e,t){if(void 0===e&&void 0===t){var r=this.getExtInfo("cRLDistributionPoints");if(void 0===r)return;e=o(this.hex,r.vidx),t=r.critical}var i={extname:"cRLDistributionPoints",array:[]};t&&(i.critical=!0);for(var s=n(e,0),a=0;a<s.length;a++){var u=o(e,s[a]);i.array.push(this.getDistributionPoint(u))}return i},this.getDistributionPoint=function(e){for(var t={},r=n(e,0),i=0;i<r.length;i++){var s=e.substr(r[i],2),a=o(e,r[i]);"a0"==s&&(t.dpname=this.getDistributionPointName(a))}return t},this.getDistributionPointName=function(e){for(var t={},r=n(e,0),i=0;i<r.length;i++){var s=e.substr(r[i],2),a=o(e,r[i]);"a0"==s&&(t.full=this.getGeneralNames(a))}return t},this.getExtCRLDistributionPointsURI=function(){var e=this.getExtInfo("cRLDistributionPoints");if(void 0===e)return e;for(var t=new Array,r=n(this.hex,e.vidx),i=0;i<r.length;i++)try{var o=Se(s(this.hex,r[i],[0,0,0],"86"));t.push(o)}catch(e){}return t},this.getExtAIAInfo=function(){var e=this.getExtInfo("authorityInfoAccess");if(void 0===e)return e;for(var t={ocsp:[],caissuer:[]},r=n(this.hex,e.vidx),i=0;i<r.length;i++){var o=s(this.hex,r[i],[0],"06"),a=s(this.hex,r[i],[1],"86");"2b06010505073001"===o&&t.ocsp.push(Se(a)),"2b06010505073002"===o&&t.caissuer.push(Se(a))}return t},this.getExtAuthorityInfoAccess=function(e,t){if(void 0===e&&void 0===t){var r=this.getExtInfo("authorityInfoAccess");if(void 0===r)return;e=o(this.hex,r.vidx),t=r.critical}var i={extname:"authorityInfoAccess",array:[]};t&&(i.critical=!0);for(var u=n(e,0),c=0;c<u.length;c++){var h=a(e,u[c],[0],"06"),l=Se(s(e,u[c],[1],"86"));if("2b06010505073001"==h)i.array.push({ocsp:l});else{if("2b06010505073002"!=h)throw new Error("unknown method: "+h);i.array.push({caissuer:l})}}return i},this.getExtCertificatePolicies=function(e,t){if(void 0===e&&void 0===t){var r=this.getExtInfo("certificatePolicies");if(void 0===r)return;e=o(this.hex,r.vidx),t=r.critical}var i={extname:"certificatePolicies",array:[]};t&&(i.critical=!0);for(var s=n(e,0),a=0;a<s.length;a++){var u=o(e,s[a]),c=this.getPolicyInformation(u);i.array.push(c)}return i},this.getPolicyInformation=function(e){var t={},r=s(e,0,[0],"06");t.policyoid=p(r);var i=l(e,0,[1],"30");if(-1!=i){t.array=[];for(var a=n(e,i),u=0;u<a.length;u++){var c=o(e,a[u]),h=this.getPolicyQualifierInfo(c);t.array.push(h)}}return t},this.getPolicyQualifierInfo=function(e){var t={},r=s(e,0,[0],"06");if("2b06010505070201"===r){var n=a(e,0,[1],"16");t.cps=be(n)}else if("2b06010505070202"===r){var i=u(e,0,[1],"30");t.unotice=this.getUserNotice(i)}return t},this.getUserNotice=function(e){for(var t={},r=n(e,0),i=0;i<r.length;i++){var s=o(e,r[i]);"30"!=s.substr(0,2)&&(t.exptext=this.getDisplayText(s))}return t},this.getDisplayText=function(e){var t={};return t.type={"0c":"utf8",16:"ia5","1a":"vis","1e":"bmp"}[e.substr(0,2)],t.str=be(i(e,0)),t},this.getExtCRLNumber=function(e,t){var r={extname:"cRLNumber"};if(t&&(r.critical=!0),"02"==e.substr(0,2))return r.num={hex:i(e,0)},r;throw new Error("hExtV parse error: "+e)},this.getExtCRLReason=function(e,t){var r={extname:"cRLReason"};if(t&&(r.critical=!0),"0a"==e.substr(0,2))return r.code=parseInt(i(e,0),16),r;throw new Error("hExtV parse error: "+e)},this.getExtOcspNonce=function(e,t){var r={extname:"ocspNonce"};t&&(r.critical=!0);var n=i(e,0);return r.hex=n,r},this.getExtOcspNoCheck=function(e,t){var r={extname:"ocspNoCheck"};return t&&(r.critical=!0),r},this.getExtAdobeTimeStamp=function(e,t){if(void 0===e&&void 0===t){var r=this.getExtInfo("adobeTimeStamp");if(void 0===r)return;e=o(this.hex,r.vidx),t=r.critical}var i={extname:"adobeTimeStamp"};t&&(i.critical=!0);var s=n(e,0);if(s.length>1){var a=o(e,s[1]),u=this.getGeneralName(a);null!=u.uri&&(i.uri=u.uri)}if(s.length>2){var c=o(e,s[2]);"0101ff"==c&&(i.reqauth=!0),"010100"==c&&(i.reqauth=!1)}return i},this.getX500NameRule=function(e){for(var t=null,r=[],n=0;n<e.length;n++)for(var i=e[n],o=0;o<i.length;o++)r.push(i[o]);for(n=0;n<r.length;n++){var s=r[n],a=s.ds,u=s.value,c=s.type;if("prn"!=a&&"utf8"!=a&&"ia5"!=a)return"mixed";if("ia5"==a){if("CN"!=c)return"mixed";if(ue.lang.String.isMail(u))continue;return"mixed"}if("C"==c){if("prn"==a)continue;return"mixed"}if(null==t)t=a;else if(t!==a)return"mixed"}return null==t?"prn":t},this.getX500Name=function(e){var t=this.getX500NameArray(e);return{array:t,str:this.dnarraytostr(t)}},this.getX500NameArray=function(e){for(var t=[],r=n(e,0),i=0;i<r.length;i++)t.push(this.getRDN(o(e,r[i])));return t},this.getRDN=function(e){for(var t=[],r=n(e,0),i=0;i<r.length;i++)t.push(this.getAttrTypeAndValue(o(e,r[i])));return t},this.getAttrTypeAndValue=function(e){var t={type:null,value:null,ds:null},r=n(e,0),i=s(e,r[0],[],"06"),o=s(e,r[1],[]),a=ue.asn1.ASN1Util.oidHexToInt(i);return t.type=ue.asn1.x509.OID.oid2atype(a),t.ds=this.HEX2STAG[e.substr(r[1],2)],"bmp"!=t.ds?t.value=Se(o):t.value=Ne(o),t},this.readCertPEM=function(e){this.readCertHex(y(e))},this.readCertHex=function(e){this.hex=e,this.getVersion();try{h(this.hex,0,[0,7],"a3"),this.parseExt()}catch(e){}},this.getParam=function(){var e={};return e.version=this.getVersion(),e.serial={hex:this.getSerialNumberHex()},e.sigalg=this.getSignatureAlgorithmField(),e.issuer=this.getIssuer(),e.notbefore=this.getNotBefore(),e.notafter=this.getNotAfter(),e.subject=this.getSubject(),e.sbjpubkey=ke(this.getPublicKeyHex(),"PUBLIC KEY"),this.aExtInfo.length>0&&(e.ext=this.getExtParamArray()),e.sighex=this.getSignatureValueHex(),e},this.getExtParamArray=function(e){null==e&&-1!=l(this.hex,0,[0,"[3]"])&&(e=c(this.hex,0,[0,"[3]",0],"30"));for(var t=[],r=n(e,0),i=0;i<r.length;i++){var s=o(e,r[i]),a=this.getExtParam(s);null!=a&&t.push(a)}return t},this.getExtParam=function(e){var t=n(e,0).length;if(2!=t&&3!=t)throw new Error("wrong number elements in Extension: "+t+" "+e);var r=g(s(e,0,[0],"06")),i=!1;3==t&&"0101ff"==u(e,0,[1])&&(i=!0);var o=u(e,0,[t-1,0]),a=void 0;if("2.5.29.14"==r?a=this.getExtSubjectKeyIdentifier(o,i):"2.5.29.15"==r?a=this.getExtKeyUsage(o,i):"2.5.29.17"==r?a=this.getExtSubjectAltName(o,i):"2.5.29.18"==r?a=this.getExtIssuerAltName(o,i):"2.5.29.19"==r?a=this.getExtBasicConstraints(o,i):"2.5.29.31"==r?a=this.getExtCRLDistributionPoints(o,i):"2.5.29.32"==r?a=this.getExtCertificatePolicies(o,i):"2.5.29.35"==r?a=this.getExtAuthorityKeyIdentifier(o,i):"2.5.29.37"==r?a=this.getExtExtKeyUsage(o,i):"1.3.6.1.5.5.7.1.1"==r?a=this.getExtAuthorityInfoAccess(o,i):"2.5.29.20"==r?a=this.getExtCRLNumber(o,i):"2.5.29.21"==r?a=this.getExtCRLReason(o,i):"1.3.6.1.5.5.7.48.1.2"==r?a=this.getExtOcspNonce(o,i):"1.3.6.1.5.5.7.48.1.5"==r?a=this.getExtOcspNoCheck(o,i):"1.2.840.113583.1.1.9.1"==r&&(a=this.getExtAdobeTimeStamp(o,i)),null!=a)return a;var c={extname:r,extn:o};return i&&(c.critical=!0),c},this.findExt=function(e,t){for(var r=0;r<e.length;r++)if(e[r].extname==t)return e[r];return null},this.updateExtCDPFullURI=function(e,t){var r=this.findExt(e,"cRLDistributionPoints");if(null!=r&&null!=r.array)for(var n=r.array,i=0;i<n.length;i++)if(null!=n[i].dpname&&null!=n[i].dpname.full)for(var o=n[i].dpname.full,s=0;s<o.length;s++){var a=o[i];null!=a.uri&&(a.uri=t)}},this.updateExtAIAOCSP=function(e,t){var r=this.findExt(e,"authorityInfoAccess");if(null!=r&&null!=r.array)for(var n=r.array,i=0;i<n.length;i++)null!=n[i].ocsp&&(n[i].ocsp=t)},this.updateExtAIACAIssuer=function(e,t){var r=this.findExt(e,"authorityInfoAccess");if(null!=r&&null!=r.array)for(var n=r.array,i=0;i<n.length;i++)null!=n[i].caissuer&&(n[i].caissuer=t)},this.dnarraytostr=function(e){return"/"+e.map(function(e){return function(e){return e.map(function(e){return function(e){return e.type+"="+e.value}(e).replace(/\+/,"\\+")}).join("+")}(e).replace(/\//,"\\/")}).join("/")},this.getInfo=function(){var e,t,r,n=function(e){return JSON.stringify(e.array).replace(/[\[\]\{\}\"]/g,"")},i=function(e){for(var t="",r=e.array,n=0;n<r.length;n++){var i=r[n];if(t+="    policy oid: "+i.policyoid+"\n",void 0!==i.array)for(var o=0;o<i.array.length;o++){var s=i.array[o];void 0!==s.cps&&(t+="    cps: "+s.cps+"\n")}}return t},o=function(e){for(var t="",r=e.array,n=0;n<r.length;n++){var i=r[n];try{void 0!==i.dpname.full[0].uri&&(t+="    "+i.dpname.full[0].uri+"\n")}catch(e){}try{void 0!==i.dname.full[0].dn.hex&&(t+="    "+We.hex2dn(i.dpname.full[0].dn.hex)+"\n")}catch(e){}}return t},s=function(e){for(var t="",r=e.array,n=0;n<r.length;n++){var i=r[n];void 0!==i.caissuer&&(t+="    caissuer: "+i.caissuer+"\n"),void 0!==i.ocsp&&(t+="    ocsp: "+i.ocsp+"\n")}return t};if(e="Basic Fields\n",e+="  serial number: "+this.getSerialNumberHex()+"\n",e+="  signature algorithm: "+this.getSignatureAlgorithmField()+"\n",e+="  issuer: "+this.getIssuerString()+"\n",e+="  notBefore: "+this.getNotBefore()+"\n",e+="  notAfter: "+this.getNotAfter()+"\n",e+="  subject: "+this.getSubjectString()+"\n",e+="  subject public key info: \n",e+="    key algorithm: "+(t=this.getPublicKey()).type+"\n","RSA"===t.type&&(e+="    n="+Be(t.n.toString(16)).substr(0,16)+"...\n",e+="    e="+Be(t.e.toString(16))+"\n"),null!=(r=this.aExtInfo)){e+="X509v3 Extensions:\n";for(var a=0;a<r.length;a++){var u=r[a],c=ue.asn1.x509.OID.oid2name(u.oid);""===c&&(c=u.oid);var h="";if(!0===u.critical&&(h="CRITICAL"),e+="  "+c+" "+h+":\n","basicConstraints"===c){var l=this.getExtBasicConstraints();void 0===l.cA?e+="    {}\n":(e+="    cA=true",void 0!==l.pathLen&&(e+=", pathLen="+l.pathLen),e+="\n")}else if("keyUsage"===c)e+="    "+this.getExtKeyUsageString()+"\n";else if("subjectKeyIdentifier"===c)e+="    "+this.getExtSubjectKeyIdentifier().kid.hex+"\n";else if("authorityKeyIdentifier"===c){var f=this.getExtAuthorityKeyIdentifier();void 0!==f.kid&&(e+="    kid="+f.kid.hex+"\n")}else"extKeyUsage"===c?e+="    "+this.getExtExtKeyUsage().array.join(", ")+"\n":"subjectAltName"===c?e+="    "+n(this.getExtSubjectAltName())+"\n":"cRLDistributionPoints"===c?e+=o(this.getExtCRLDistributionPoints()):"authorityInfoAccess"===c?e+=s(this.getExtAuthorityInfoAccess()):"certificatePolicies"===c&&(e+=i(this.getExtCertificatePolicies()))}}return(e+="signature algorithm: "+this.getSignatureAlgorithmName()+"\n")+"signature: "+this.getSignatureValueHex().substr(0,16)+"...\n"},"string"==typeof e&&(-1!=e.indexOf("-----BEGIN")?this.readCertPEM(e):ue.lang.String.isHex(e)&&this.readCertHex(e))}Ke.getKey=function(e,t,r){var n,i=(v=le).getChildIdx,o=(v.getV,v.getVbyList),s=ue.crypto,a=s.ECDSA,u=s.DSA,c=ne,h=Pe,l=Ke;if(void 0!==c&&e instanceof c)return e;if(void 0!==a&&e instanceof a)return e;if(void 0!==u&&e instanceof u)return e;if(void 0!==e.curve&&void 0!==e.xy&&void 0===e.d)return new a({pub:e.xy,curve:e.curve});if(void 0!==e.curve&&void 0!==e.d)return new a({prv:e.d,curve:e.curve});if(void 0===e.kty&&void 0!==e.n&&void 0!==e.e&&void 0===e.d)return(T=new c).setPublic(e.n,e.e),T;if(void 0===e.kty&&void 0!==e.n&&void 0!==e.e&&void 0!==e.d&&void 0!==e.p&&void 0!==e.q&&void 0!==e.dp&&void 0!==e.dq&&void 0!==e.co&&void 0===e.qi)return(T=new c).setPrivateEx(e.n,e.e,e.d,e.p,e.q,e.dp,e.dq,e.co),T;if(void 0===e.kty&&void 0!==e.n&&void 0!==e.e&&void 0!==e.d&&void 0===e.p)return(T=new c).setPrivate(e.n,e.e,e.d),T;if(void 0!==e.p&&void 0!==e.q&&void 0!==e.g&&void 0!==e.y&&void 0===e.x)return(T=new u).setPublic(e.p,e.q,e.g,e.y),T;if(void 0!==e.p&&void 0!==e.q&&void 0!==e.g&&void 0!==e.y&&void 0!==e.x)return(T=new u).setPrivate(e.p,e.q,e.g,e.y,e.x),T;if("RSA"===e.kty&&void 0!==e.n&&void 0!==e.e&&void 0===e.d)return(T=new c).setPublic(we(e.n),we(e.e)),T;if("RSA"===e.kty&&void 0!==e.n&&void 0!==e.e&&void 0!==e.d&&void 0!==e.p&&void 0!==e.q&&void 0!==e.dp&&void 0!==e.dq&&void 0!==e.qi)return(T=new c).setPrivateEx(we(e.n),we(e.e),we(e.d),we(e.p),we(e.q),we(e.dp),we(e.dq),we(e.qi)),T;if("RSA"===e.kty&&void 0!==e.n&&void 0!==e.e&&void 0!==e.d)return(T=new c).setPrivate(we(e.n),we(e.e),we(e.d)),T;if("EC"===e.kty&&void 0!==e.crv&&void 0!==e.x&&void 0!==e.y&&void 0===e.d){var f=(P=new a({curve:e.crv})).ecparams.keylen/4,d="04"+("0000000000"+we(e.x)).slice(-f)+("0000000000"+we(e.y)).slice(-f);return P.setPublicKeyHex(d),P}if("EC"===e.kty&&void 0!==e.crv&&void 0!==e.x&&void 0!==e.y&&void 0!==e.d){f=(P=new a({curve:e.crv})).ecparams.keylen/4,d="04"+("0000000000"+we(e.x)).slice(-f)+("0000000000"+we(e.y)).slice(-f);var p=("0000000000"+we(e.d)).slice(-f);return P.setPublicKeyHex(d),P.setPrivateKeyHex(p),P}if("pkcs5prv"===r){var g,y=e,v=le;if(9===(g=i(y,0)).length)(T=new c).readPKCS5PrvKeyHex(y);else if(6===g.length)(T=new u).readPKCS5PrvKeyHex(y);else{if(!(g.length>2&&"04"===y.substr(g[1],2)))throw new Error("unsupported PKCS#1/5 hexadecimal key");(T=new a).readPKCS5PrvKeyHex(y)}return T}if("pkcs8prv"===r)return l.getKeyFromPlainPrivatePKCS8Hex(e);if("pkcs8pub"===r)return l._getKeyFromPublicPKCS8Hex(e);if("x509pub"===r)return We.getPublicKeyFromCertHex(e);if(-1!=e.indexOf("-END CERTIFICATE-",0)||-1!=e.indexOf("-END X509 CERTIFICATE-",0)||-1!=e.indexOf("-END TRUSTED CERTIFICATE-",0))return We.getPublicKeyFromCertPEM(e);if(-1!=e.indexOf("-END PUBLIC KEY-")){var m=Pe(e,"PUBLIC KEY");return l._getKeyFromPublicPKCS8Hex(m)}if(-1!=e.indexOf("-END RSA PRIVATE KEY-")&&-1==e.indexOf("4,ENCRYPTED")){var w=h(e,"RSA PRIVATE KEY");return l.getKey(w,null,"pkcs5prv")}if(-1!=e.indexOf("-END DSA PRIVATE KEY-")&&-1==e.indexOf("4,ENCRYPTED")){var _=o(n=h(e,"DSA PRIVATE KEY"),0,[1],"02"),S=o(n,0,[2],"02"),E=o(n,0,[3],"02"),F=o(n,0,[4],"02"),A=o(n,0,[5],"02");return(T=new u).setPrivate(new b(_,16),new b(S,16),new b(E,16),new b(F,16),new b(A,16)),T}if(-1!=e.indexOf("-END EC PRIVATE KEY-")&&-1==e.indexOf("4,ENCRYPTED"))return w=h(e,"EC PRIVATE KEY"),l.getKey(w,null,"pkcs5prv");if(-1!=e.indexOf("-END PRIVATE KEY-"))return l.getKeyFromPlainPrivatePKCS8PEM(e);if(-1!=e.indexOf("-END RSA PRIVATE KEY-")&&-1!=e.indexOf("4,ENCRYPTED")){var x=l.getDecryptedKeyHex(e,t),k=new ne;return k.readPKCS5PrvKeyHex(x),k}if(-1!=e.indexOf("-END EC PRIVATE KEY-")&&-1!=e.indexOf("4,ENCRYPTED")){var P,T=o(n=l.getDecryptedKeyHex(e,t),0,[1],"04"),I=o(n,0,[2,0],"06"),R=o(n,0,[3,0],"03").substr(2);if(void 0===ue.crypto.OID.oidhex2name[I])throw new Error("undefined OID(hex) in KJUR.crypto.OID: "+I);return(P=new a({curve:ue.crypto.OID.oidhex2name[I]})).setPublicKeyHex(R),P.setPrivateKeyHex(T),P.isPublic=!1,P}if(-1!=e.indexOf("-END DSA PRIVATE KEY-")&&-1!=e.indexOf("4,ENCRYPTED"))return _=o(n=l.getDecryptedKeyHex(e,t),0,[1],"02"),S=o(n,0,[2],"02"),E=o(n,0,[3],"02"),F=o(n,0,[4],"02"),A=o(n,0,[5],"02"),(T=new u).setPrivate(new b(_,16),new b(S,16),new b(E,16),new b(F,16),new b(A,16)),T;if(-1!=e.indexOf("-END ENCRYPTED PRIVATE KEY-"))return l.getKeyFromEncryptedPKCS8PEM(e,t);throw new Error("not supported argument")},Ke.generateKeypair=function(e,t){if("RSA"==e){var r=t;(s=new ne).generate(r,"10001"),s.isPrivate=!0,s.isPublic=!0;var n=new ne,i=s.n.toString(16),o=s.e.toString(16);return n.setPublic(i,o),n.isPrivate=!1,n.isPublic=!0,(a={}).prvKeyObj=s,a.pubKeyObj=n,a}if("EC"==e){var s,a,u=t,c=new ue.crypto.ECDSA({curve:u}).generateKeyPairHex();return(s=new ue.crypto.ECDSA({curve:u})).setPublicKeyHex(c.ecpubhex),s.setPrivateKeyHex(c.ecprvhex),s.isPrivate=!0,s.isPublic=!1,(n=new ue.crypto.ECDSA({curve:u})).setPublicKeyHex(c.ecpubhex),n.isPrivate=!1,n.isPublic=!0,(a={}).prvKeyObj=s,a.pubKeyObj=n,a}throw new Error("unknown algorithm: "+e)},Ke.getPEM=function(e,t,r,n,i,o){var s=ue,a=s.asn1,u=a.DERObjectIdentifier,c=a.DERInteger,h=a.ASN1Util.newObject,l=a.x509.SubjectPublicKeyInfo,f=s.crypto,d=f.DSA,p=f.ECDSA,g=ne;function v(e){return h({seq:[{int:0},{int:{bigint:e.n}},{int:e.e},{int:{bigint:e.d}},{int:{bigint:e.p}},{int:{bigint:e.q}},{int:{bigint:e.dmp1}},{int:{bigint:e.dmq1}},{int:{bigint:e.coeff}}]})}function m(e){return h({seq:[{int:1},{octstr:{hex:e.prvKeyHex}},{tag:["a0",!0,{oid:{name:e.curveName}}]},{tag:["a1",!0,{bitstr:{hex:"00"+e.pubKeyHex}}]}]})}function w(e){return h({seq:[{int:0},{int:{bigint:e.p}},{int:{bigint:e.q}},{int:{bigint:e.g}},{int:{bigint:e.y}},{int:{bigint:e.x}}]})}if((void 0!==g&&e instanceof g||void 0!==d&&e instanceof d||void 0!==p&&e instanceof p)&&1==e.isPublic&&(void 0===t||"PKCS8PUB"==t))return ke(E=new l(e).getEncodedHex(),"PUBLIC KEY");if("PKCS1PRV"==t&&void 0!==g&&e instanceof g&&(void 0===r||null==r)&&1==e.isPrivate)return ke(E=v(e).getEncodedHex(),"RSA PRIVATE KEY");if("PKCS1PRV"==t&&void 0!==p&&e instanceof p&&(void 0===r||null==r)&&1==e.isPrivate){var _=new u({name:e.curveName}).getEncodedHex(),S=m(e).getEncodedHex(),b="";return(b+=ke(_,"EC PARAMETERS"))+ke(S,"EC PRIVATE KEY")}if("PKCS1PRV"==t&&void 0!==d&&e instanceof d&&(void 0===r||null==r)&&1==e.isPrivate)return ke(E=w(e).getEncodedHex(),"DSA PRIVATE KEY");if("PKCS5PRV"==t&&void 0!==g&&e instanceof g&&void 0!==r&&null!=r&&1==e.isPrivate){var E=v(e).getEncodedHex();return void 0===n&&(n="DES-EDE3-CBC"),this.getEncryptedPKCS5PEMFromPrvKeyHex("RSA",E,r,n,o)}if("PKCS5PRV"==t&&void 0!==p&&e instanceof p&&void 0!==r&&null!=r&&1==e.isPrivate)return E=m(e).getEncodedHex(),void 0===n&&(n="DES-EDE3-CBC"),this.getEncryptedPKCS5PEMFromPrvKeyHex("EC",E,r,n,o);if("PKCS5PRV"==t&&void 0!==d&&e instanceof d&&void 0!==r&&null!=r&&1==e.isPrivate)return E=w(e).getEncodedHex(),void 0===n&&(n="DES-EDE3-CBC"),this.getEncryptedPKCS5PEMFromPrvKeyHex("DSA",E,r,n,o);var F=function(e,t){var r=A(e,t);return new h({seq:[{seq:[{oid:{name:"pkcs5PBES2"}},{seq:[{seq:[{oid:{name:"pkcs5PBKDF2"}},{seq:[{octstr:{hex:r.pbkdf2Salt}},{int:r.pbkdf2Iter}]}]},{seq:[{oid:{name:"des-EDE3-CBC"}},{octstr:{hex:r.encryptionSchemeIV}}]}]}]},{octstr:{hex:r.ciphertext}}]}).getEncodedHex()},A=function(e,t){var r=y.lib.WordArray.random(8),n=y.lib.WordArray.random(8),i=y.PBKDF2(t,r,{keySize:6,iterations:100}),o=y.enc.Hex.parse(e),s=y.TripleDES.encrypt(o,i,{iv:n})+"",a={};return a.ciphertext=s,a.pbkdf2Salt=y.enc.Hex.stringify(r),a.pbkdf2Iter=100,a.encryptionSchemeAlg="DES-EDE3-CBC",a.encryptionSchemeIV=y.enc.Hex.stringify(n),a};if("PKCS8PRV"==t&&null!=g&&e instanceof g&&1==e.isPrivate){var x=v(e).getEncodedHex();return E=h({seq:[{int:0},{seq:[{oid:{name:"rsaEncryption"}},{null:!0}]},{octstr:{hex:x}}]}).getEncodedHex(),void 0===r||null==r?ke(E,"PRIVATE KEY"):ke(S=F(E,r),"ENCRYPTED PRIVATE KEY")}if("PKCS8PRV"==t&&void 0!==p&&e instanceof p&&1==e.isPrivate)return x=new h({seq:[{int:1},{octstr:{hex:e.prvKeyHex}},{tag:["a1",!0,{bitstr:{hex:"00"+e.pubKeyHex}}]}]}).getEncodedHex(),E=h({seq:[{int:0},{seq:[{oid:{name:"ecPublicKey"}},{oid:{name:e.curveName}}]},{octstr:{hex:x}}]}).getEncodedHex(),void 0===r||null==r?ke(E,"PRIVATE KEY"):ke(S=F(E,r),"ENCRYPTED PRIVATE KEY");if("PKCS8PRV"==t&&void 0!==d&&e instanceof d&&1==e.isPrivate)return x=new c({bigint:e.x}).getEncodedHex(),E=h({seq:[{int:0},{seq:[{oid:{name:"dsa"}},{seq:[{int:{bigint:e.p}},{int:{bigint:e.q}},{int:{bigint:e.g}}]}]},{octstr:{hex:x}}]}).getEncodedHex(),void 0===r||null==r?ke(E,"PRIVATE KEY"):ke(S=F(E,r),"ENCRYPTED PRIVATE KEY");throw new Error("unsupported object nor format")},Ke.getKeyFromCSRPEM=function(e){var t=Pe(e,"CERTIFICATE REQUEST");return Ke.getKeyFromCSRHex(t)},Ke.getKeyFromCSRHex=function(e){var t=Ke.parseCSRHex(e);return Ke.getKey(t.p8pubkeyhex,null,"pkcs8pub")},Ke.parseCSRHex=function(e){var t=le,r=t.getChildIdx,n=t.getTLV,i={},o=e;if("30"!=o.substr(0,2))throw new Error("malformed CSR(code:001)");var s=r(o,0);if(s.length<1)throw new Error("malformed CSR(code:002)");if("30"!=o.substr(s[0],2))throw new Error("malformed CSR(code:003)");var a=r(o,s[0]);if(a.length<3)throw new Error("malformed CSR(code:004)");return i.p8pubkeyhex=n(o,a[2]),i},Ke.getKeyID=function(e){var t=Ke,r=le;"string"==typeof e&&-1!=e.indexOf("BEGIN ")&&(e=t.getKey(e));var n=Pe(t.getPEM(e)),i=r.getIdxbyList(n,0,[1]),o=r.getV(n,i).substring(2);return ue.crypto.Util.hashHex(o,"sha1")},Ke.getJWKFromKey=function(e){var t={};if(e instanceof ne&&e.isPrivate)return t.kty="RSA",t.n=me(e.n.toString(16)),t.e=me(e.e.toString(16)),t.d=me(e.d.toString(16)),t.p=me(e.p.toString(16)),t.q=me(e.q.toString(16)),t.dp=me(e.dmp1.toString(16)),t.dq=me(e.dmq1.toString(16)),t.qi=me(e.coeff.toString(16)),t;if(e instanceof ne&&e.isPublic)return t.kty="RSA",t.n=me(e.n.toString(16)),t.e=me(e.e.toString(16)),t;if(e instanceof ue.crypto.ECDSA&&e.isPrivate){if("P-256"!==(n=e.getShortNISTPCurveName())&&"P-384"!==n)throw new Error("unsupported curve name for JWT: "+n);var r=e.getPublicKeyXYHex();return t.kty="EC",t.crv=n,t.x=me(r.x),t.y=me(r.y),t.d=me(e.prvKeyHex),t}if(e instanceof ue.crypto.ECDSA&&e.isPublic){var n;if("P-256"!==(n=e.getShortNISTPCurveName())&&"P-384"!==n)throw new Error("unsupported curve name for JWT: "+n);return r=e.getPublicKeyXYHex(),t.kty="EC",t.crv=n,t.x=me(r.x),t.y=me(r.y),t}throw new Error("not supported key object")},ne.getPosArrayOfChildrenFromHex=function(e){return le.getChildIdx(e,0)},ne.getHexValueArrayOfChildrenFromHex=function(e){var t,r=le.getV,n=r(e,(t=ne.getPosArrayOfChildrenFromHex(e))[0]),i=r(e,t[1]),o=r(e,t[2]),s=r(e,t[3]),a=r(e,t[4]),u=r(e,t[5]),c=r(e,t[6]),h=r(e,t[7]),l=r(e,t[8]);return(t=new Array).push(n,i,o,s,a,u,c,h,l),t},ne.prototype.readPrivateKeyFromPEMString=function(e){var t=Pe(e),r=ne.getHexValueArrayOfChildrenFromHex(t);this.setPrivateEx(r[1],r[2],r[3],r[4],r[5],r[6],r[7],r[8])},ne.prototype.readPKCS5PrvKeyHex=function(e){var t=ne.getHexValueArrayOfChildrenFromHex(e);this.setPrivateEx(t[1],t[2],t[3],t[4],t[5],t[6],t[7],t[8])},ne.prototype.readPKCS8PrvKeyHex=function(e){var t,r,n,i,o,s,a,u,c=le,h=c.getVbyListEx;if(!1===c.isASN1HEX(e))throw new Error("not ASN.1 hex string");try{t=h(e,0,[2,0,1],"02"),r=h(e,0,[2,0,2],"02"),n=h(e,0,[2,0,3],"02"),i=h(e,0,[2,0,4],"02"),o=h(e,0,[2,0,5],"02"),s=h(e,0,[2,0,6],"02"),a=h(e,0,[2,0,7],"02"),u=h(e,0,[2,0,8],"02")}catch(e){throw new Error("malformed PKCS#8 plain RSA private key")}this.setPrivateEx(t,r,n,i,o,s,a,u)},ne.prototype.readPKCS5PubKeyHex=function(e){var t=le,r=t.getV;if(!1===t.isASN1HEX(e))throw new Error("keyHex is not ASN.1 hex string");var n=t.getChildIdx(e,0);if(2!==n.length||"02"!==e.substr(n[0],2)||"02"!==e.substr(n[1],2))throw new Error("wrong hex for PKCS#5 public key");var i=r(e,n[0]),o=r(e,n[1]);this.setPublic(i,o)},ne.prototype.readPKCS8PubKeyHex=function(e){var t=le;if(!1===t.isASN1HEX(e))throw new Error("not ASN.1 hex string");if("06092a864886f70d010101"!==t.getTLVbyListEx(e,0,[0,0]))throw new Error("not PKCS8 RSA public key");var r=t.getTLVbyListEx(e,0,[1,0]);this.readPKCS5PubKeyHex(r)},ne.prototype.readCertPubKeyHex=function(e,t){var r,n;(r=new We).readCertHex(e),n=r.getPublicKeyHex(),this.readPKCS8PubKeyHex(n)},ne.prototype.sign=function(e,t){var r=function(e){return ue.crypto.Util.hashString(e,t)}(e);return this.signWithMessageHash(r,t)},ne.prototype.signWithMessageHash=function(e,t){var r=te(ue.crypto.Util.getPaddedDigestInfoHex(e,t,this.n.bitLength()),16);return Ve(this.doPrivate(r).toString(16),this.n.bitLength())},ne.prototype.signPSS=function(e,t,r){var n=function(e){return ue.crypto.Util.hashHex(e,t)}(Ee(e));return void 0===r&&(r=-1),this.signWithMessageHashPSS(n,t,r)},ne.prototype.signWithMessageHashPSS=function(e,t,r){var n,i=be(e),o=i.length,s=this.n.bitLength()-1,a=Math.ceil(s/8),u=function(e){return ue.crypto.Util.hashHex(e,t)};if(-1===r||void 0===r)r=o;else if(-2===r)r=a-o-2;else if(r<-2)throw new Error("invalid salt length");if(a<o+r+2)throw new Error("data too long");var c="";r>0&&(c=new Array(r),(new ee).nextBytes(c),c=String.fromCharCode.apply(String,c));var h=be(u(Ee("\0\0\0\0\0\0\0\0"+i+c))),l=[];for(n=0;n<a-r-o-2;n+=1)l[n]=0;var f=String.fromCharCode.apply(String,l)+"
"+c,d=qe(h,f.length,u),p=[];for(n=0;n<f.length;n+=1)p[n]=f.charCodeAt(n)^d.charCodeAt(n);var g=65280>>8*a-s&255;for(p[0]&=~g,n=0;n<o;n++)p.push(h.charCodeAt(n));return p.push(188),Ve(this.doPrivate(new b(p)).toString(16),this.n.bitLength())},ne.prototype.verify=function(e,t){if(null==(t=t.toLowerCase()).match(/^[0-9a-f]+$/))return!1;var r=te(t,16),n=this.n.bitLength();if(r.bitLength()>n)return!1;var i=this.doPublic(r).toString(16);if(i.length+3!=n/4)return!1;var o=Je(i.replace(/^1f+00/,""));if(0==o.length)return!1;var s=o[0];return o[1]==function(e){return ue.crypto.Util.hashString(e,s)}(e)},ne.prototype.verifyWithMessageHash=function(e,t){if(t.length!=Math.ceil(this.n.bitLength()/4))return!1;var r=te(t,16);if(r.bitLength()>this.n.bitLength())return 0;var n=Je(this.doPublic(r).toString(16).replace(/^1f+00/,""));return 0!=n.length&&(n[0],n[1]==e)},ne.prototype.verifyPSS=function(e,t,r,n){var i=function(e){return ue.crypto.Util.hashHex(e,r)}(Ee(e));return void 0===n&&(n=-1),this.verifyWithMessageHashPSS(i,t,r,n)},ne.prototype.verifyWithMessageHashPSS=function(e,t,r,n){if(t.length!=Math.ceil(this.n.bitLength()/4))return!1;var i,o=new b(t,16),s=function(e){return ue.crypto.Util.hashHex(e,r)},a=be(e),u=a.length,c=this.n.bitLength()-1,h=Math.ceil(c/8);if(-1===n||void 0===n)n=u;else if(-2===n)n=h-u-2;else if(n<-2)throw new Error("invalid salt length");if(h<u+n+2)throw new Error("data too long");var l=this.doPublic(o).toByteArray();for(i=0;i<l.length;i+=1)l[i]&=255;for(;l.length<h;)l.unshift(0);if(188!==l[h-1])throw new Error("encoded message does not end in 0xbc");var f=(l=String.fromCharCode.apply(String,l)).substr(0,h-u-1),d=l.substr(f.length,u),p=65280>>8*h-c&255;if(0!=(f.charCodeAt(0)&p))throw new Error("bits beyond keysize not zero");var g=qe(d,f.length,s),y=[];for(i=0;i<f.length;i+=1)y[i]=f.charCodeAt(i)^g.charCodeAt(i);y[0]&=~p;var v=h-u-n-2;for(i=0;i<v;i+=1)if(0!==y[i])throw new Error("leftmost octets not zero");if(1!==y[v])throw new Error("0x01 marker not found");return d===be(s(Ee("\0\0\0\0\0\0\0\0"+a+String.fromCharCode.apply(String,y.slice(-n)))))},ne.SALT_LEN_HLEN=-1,ne.SALT_LEN_MAX=-2,ne.SALT_LEN_RECOVER=-2,We.hex2dn=function(e,t){void 0===t&&(t=0);var r=new We;return le.getTLV(e,t),r.getX500Name(e).str},We.hex2rdn=function(e,t){if(void 0===t&&(t=0),"31"!==e.substr(t,2))throw new Error("malformed RDN");for(var r=new Array,n=le.getChildIdx(e,t),i=0;i<n.length;i++)r.push(We.hex2attrTypeValue(e,n[i]));return(r=r.map(function(e){return e.replace("+","\\+")})).join("+")},We.hex2attrTypeValue=function(e,t){var r=le,n=r.getV;if(void 0===t&&(t=0),"30"!==e.substr(t,2))throw new Error("malformed attribute type and value");var i=r.getChildIdx(e,t);2!==i.length||e.substr(i[0],2);var o=n(e,i[0]),s=ue.asn1.ASN1Util.oidHexToInt(o);return ue.asn1.x509.OID.oid2atype(s)+"="+be(n(e,i[1]))},We.getPublicKeyFromCertHex=function(e){var t=new We;return t.readCertHex(e),t.getPublicKey()},We.getPublicKeyFromCertPEM=function(e){var t=new We;return t.readCertPEM(e),t.getPublicKey()},We.getPublicKeyInfoPropOfCertPEM=function(e){var t,r,n=le.getVbyList,i={algparam:null};return(t=new We).readCertPEM(e),r=t.getPublicKeyHex(),i.keyhex=n(r,0,[1],"03").substr(2),i.algoid=n(r,0,[0,0],"06"),"2a8648ce3d0201"===i.algoid&&(i.algparam=n(r,0,[0,1],"06")),i},We.KEYUSAGE_NAME=["digitalSignature","nonRepudiation","keyEncipherment","dataEncipherment","keyAgreement","keyCertSign","cRLSign","encipherOnly","decipherOnly"],void 0!==ue&&ue||(t.KJUR=ue={}),void 0!==ue.jws&&ue.jws||(ue.jws={}),ue.jws.JWS=function(){var e=ue.jws.JWS.isSafeJSONString;this.parseJWS=function(t,r){if(void 0===this.parsedJWS||!r&&void 0===this.parsedJWS.sigvalH){var n=t.match(/^([^.]+)\.([^.]+)\.([^.]+)$/);if(null==n)throw"JWS signature is not a form of 'Head.Payload.SigValue'.";var i=n[1],o=n[2],s=n[3],a=i+"."+o;if(this.parsedJWS={},this.parsedJWS.headB64U=i,this.parsedJWS.payloadB64U=o,this.parsedJWS.sigvalB64U=s,this.parsedJWS.si=a,!r){var u=we(s),c=te(u,16);this.parsedJWS.sigvalH=u,this.parsedJWS.sigvalBI=c}var h=he(i),l=he(o);if(this.parsedJWS.headS=h,this.parsedJWS.payloadS=l,!e(h,this.parsedJWS,"headP"))throw"malformed JSON string for JWS Head: "+h}}},ue.jws.JWS.sign=function(e,t,r,n,i){var o,s,a,u=ue,c=u.jws.JWS,h=c.readSafeJSONString,l=c.isSafeJSONString,f=u.crypto,p=(f.ECDSA,f.Mac),g=f.Signature,y=JSON;if("string"!=typeof t&&"object"!=(void 0===t?"undefined":d(t)))throw"spHeader must be JSON string or object: "+t;if("object"==(void 0===t?"undefined":d(t))&&(s=t,o=y.stringify(s)),"string"==typeof t){if(!l(o=t))throw"JWS Head is not safe JSON string: "+o;s=h(o)}if(a=r,"object"==(void 0===r?"undefined":d(r))&&(a=y.stringify(r)),""!=e&&null!=e||void 0===s.alg||(e=s.alg),""!=e&&null!=e&&void 0===s.alg&&(s.alg=e,o=y.stringify(s)),e!==s.alg)throw"alg and sHeader.alg doesn't match: "+e+"!="+s.alg;var v=null;if(void 0===c.jwsalg2sigalg[e])throw"unsupported alg name: "+e;v=c.jwsalg2sigalg[e];var m=ce(o)+"."+ce(a),w="";if("Hmac"==v.substr(0,4)){if(void 0===n)throw"mac key shall be specified for HS* alg";var _=new p({alg:v,prov:"cryptojs",pass:n});_.updateString(m),w=_.doFinal()}else if(-1!=v.indexOf("withECDSA")){(b=new g({alg:v})).init(n,i),b.updateString(m);var S=b.sign();w=ue.crypto.ECDSA.asn1SigToConcatSig(S)}else{var b;"none"!=v&&((b=new g({alg:v})).init(n,i),b.updateString(m),w=b.sign())}return m+"."+me(w)},ue.jws.JWS.verify=function(e,t,r){var n,i=ue,o=i.jws.JWS,s=o.readSafeJSONString,a=i.crypto,u=a.ECDSA,c=a.Mac,h=a.Signature;void 0!==d(ne)&&(n=ne);var l=e.split(".");if(3!==l.length)return!1;var f,p=l[0]+"."+l[1],g=we(l[2]),y=s(he(l[0])),v=null;if(void 0===y.alg)throw"algorithm not specified in header";if(f=(v=y.alg).substr(0,2),null!=r&&"[object Array]"===Object.prototype.toString.call(r)&&r.length>0&&-1==(":"+r.join(":")+":").indexOf(":"+v+":"))throw"algorithm '"+v+"' not accepted in the list";if("none"!=v&&null===t)throw"key shall be specified to verify.";if("string"==typeof t&&-1!=t.indexOf("-----BEGIN ")&&(t=Ke.getKey(t)),!("RS"!=f&&"PS"!=f||t instanceof n))throw"key shall be a RSAKey obj for RS* and PS* algs";if("ES"==f&&!(t instanceof u))throw"key shall be a ECDSA obj for ES* algs";var m=null;if(void 0===o.jwsalg2sigalg[y.alg])throw"unsupported alg name: "+v;if("none"==(m=o.jwsalg2sigalg[v]))throw"not supported";if("Hmac"==m.substr(0,4)){if(void 0===t)throw"hexadecimal key shall be specified for HMAC";var w=new c({alg:m,pass:t});return w.updateString(p),g==w.doFinal()}if(-1!=m.indexOf("withECDSA")){var _,S=null;try{S=u.concatSigToASN1Sig(g)}catch(e){return!1}return(_=new h({alg:m})).init(t),_.updateString(p),_.verify(S)}return(_=new h({alg:m})).init(t),_.updateString(p),_.verify(g)},ue.jws.JWS.parse=function(e){var t,r,n,i=e.split("."),o={};if(2!=i.length&&3!=i.length)throw"malformed sJWS: wrong number of '.' splitted elements";return t=i[0],r=i[1],3==i.length&&(n=i[2]),o.headerObj=ue.jws.JWS.readSafeJSONString(he(t)),o.payloadObj=ue.jws.JWS.readSafeJSONString(he(r)),o.headerPP=JSON.stringify(o.headerObj,null,"  "),null==o.payloadObj?o.payloadPP=he(r):o.payloadPP=JSON.stringify(o.payloadObj,null,"  "),void 0!==n&&(o.sigHex=we(n)),o},ue.jws.JWS.verifyJWT=function(e,t,r){var n=ue.jws,i=n.JWS,o=i.readSafeJSONString,s=i.inArray,a=i.includedArray,u=e.split("."),c=u[0],h=u[1],l=(we(u[2]),o(he(c))),f=o(he(h));if(void 0===l.alg)return!1;if(void 0===r.alg)throw"acceptField.alg shall be specified";if(!s(l.alg,r.alg))return!1;if(void 0!==f.iss&&"object"===d(r.iss)&&!s(f.iss,r.iss))return!1;if(void 0!==f.sub&&"object"===d(r.sub)&&!s(f.sub,r.sub))return!1;if(void 0!==f.aud&&"object"===d(r.aud))if("string"==typeof f.aud){if(!s(f.aud,r.aud))return!1}else if("object"==d(f.aud)&&!a(f.aud,r.aud))return!1;var p=n.IntDate.getNow();return void 0!==r.verifyAt&&"number"==typeof r.verifyAt&&(p=r.verifyAt),void 0!==r.gracePeriod&&"number"==typeof r.gracePeriod||(r.gracePeriod=0),!(void 0!==f.exp&&"number"==typeof f.exp&&f.exp+r.gracePeriod<p||void 0!==f.nbf&&"number"==typeof f.nbf&&p<f.nbf-r.gracePeriod||void 0!==f.iat&&"number"==typeof f.iat&&p<f.iat-r.gracePeriod||void 0!==f.jti&&void 0!==r.jti&&f.jti!==r.jti||!i.verify(e,t,r.alg))},ue.jws.JWS.includedArray=function(e,t){var r=ue.jws.JWS.inArray;if(null===e)return!1;if("object"!==(void 0===e?"undefined":d(e)))return!1;if("number"!=typeof e.length)return!1;for(var n=0;n<e.length;n++)if(!r(e[n],t))return!1;return!0},ue.jws.JWS.inArray=function(e,t){if(null===t)return!1;if("object"!==(void 0===t?"undefined":d(t)))return!1;if("number"!=typeof t.length)return!1;for(var r=0;r<t.length;r++)if(t[r]==e)return!0;return!1},ue.jws.JWS.jwsalg2sigalg={HS256:"HmacSHA256",HS384:"HmacSHA384",HS512:"HmacSHA512",RS256:"SHA256withRSA",RS384:"SHA384withRSA",RS512:"SHA512withRSA",ES256:"SHA256withECDSA",ES384:"SHA384withECDSA",PS256:"SHA256withRSAandMGF1",PS384:"SHA384withRSAandMGF1",PS512:"SHA512withRSAandMGF1",none:"none"},ue.jws.JWS.isSafeJSONString=function(e,t,r){var n=null;try{return"object"!=(void 0===(n=ae(e))?"undefined":d(n))||n.constructor===Array?0:(t&&(t[r]=n),1)}catch(e){return 0}},ue.jws.JWS.readSafeJSONString=function(e){var t=null;try{return"object"!=(void 0===(t=ae(e))?"undefined":d(t))||t.constructor===Array?null:t}catch(e){return null}},ue.jws.JWS.getEncodedSignatureValueFromJWS=function(e){var t=e.match(/^[^.]+\.[^.]+\.([^.]+)$/);if(null==t)throw"JWS signature is not a form of 'Head.Payload.SigValue'.";return t[1]},ue.jws.JWS.getJWKthumbprint=function(e){if("RSA"!==e.kty&&"EC"!==e.kty&&"oct"!==e.kty)throw"unsupported algorithm for JWK Thumprint";var t="{";if("RSA"===e.kty){if("string"!=typeof e.n||"string"!=typeof e.e)throw"wrong n and e value for RSA key";t+='"e":"'+e.e+'",',t+='"kty":"'+e.kty+'",',t+='"n":"'+e.n+'"}'}else if("EC"===e.kty){if("string"!=typeof e.crv||"string"!=typeof e.x||"string"!=typeof e.y)throw"wrong crv, x and y value for EC key";t+='"crv":"'+e.crv+'",',t+='"kty":"'+e.kty+'",',t+='"x":"'+e.x+'",',t+='"y":"'+e.y+'"}'}else if("oct"===e.kty){if("string"!=typeof e.k)throw"wrong k value for oct(symmetric) key";t+='"kty":"'+e.kty+'",',t+='"k":"'+e.k+'"}'}var r=Ee(t);return me(ue.crypto.Util.hashHex(r,"sha256"))},ue.jws.IntDate={},ue.jws.IntDate.get=function(e){var t=ue.jws.IntDate,r=t.getNow,n=t.getZulu;if("now"==e)return r();if("now + 1hour"==e)return r()+3600;if("now + 1day"==e)return r()+86400;if("now + 1month"==e)return r()+2592e3;if("now + 1year"==e)return r()+31536e3;if(e.match(/Z$/))return n(e);if(e.match(/^[0-9]+$/))return parseInt(e);throw"unsupported format: "+e},ue.jws.IntDate.getZulu=function(e){return Ie(e)},ue.jws.IntDate.getNow=function(){return~~(new Date/1e3)},ue.jws.IntDate.intDate2UTCString=function(e){return new Date(1e3*e).toUTCString()},ue.jws.IntDate.intDate2Zulu=function(e){var t=new Date(1e3*e);return("0000"+t.getUTCFullYear()).slice(-4)+("00"+(t.getUTCMonth()+1)).slice(-2)+("00"+t.getUTCDate()).slice(-2)+("00"+t.getUTCHours()).slice(-2)+("00"+t.getUTCMinutes()).slice(-2)+("00"+t.getUTCSeconds()).slice(-2)+"Z"},t.SecureRandom=ee,t.rng_seed_time=Y,t.BigInteger=b,t.RSAKey=ne;var $e=ue.crypto.EDSA;t.EDSA=$e;var Ye=ue.crypto.DSA;t.DSA=Ye;var ze=ue.crypto.Signature;t.Signature=ze;var Ge=ue.crypto.MessageDigest;t.MessageDigest=Ge;var Xe=ue.crypto.Mac;t.Mac=Xe;var Qe=ue.crypto.Cipher;t.Cipher=Qe,t.KEYUTIL=Ke,t.ASN1HEX=le,t.X509=We,t.CryptoJS=y,t.b64tohex=_,t.b64toBA=S,t.stoBA=fe,t.BAtos=de,t.BAtohex=pe,t.stohex=ge,t.stob64=function(e){return w(ge(e))},t.stob64u=function(e){return ye(w(ge(e)))},t.b64utos=function(e){return de(S(ve(e)))},t.b64tob64u=ye,t.b64utob64=ve,t.hex2b64=w,t.hextob64u=me,t.b64utohex=we,t.utf8tob64u=ce,t.b64utoutf8=he,t.utf8tob64=function(e){return w(Re(Oe(e)))},t.b64toutf8=function(e){return decodeURIComponent(Ce(_(e)))},t.utf8tohex=_e,t.hextoutf8=Se,t.hextorstr=be,t.rstrtohex=Ee,t.hextob64=Fe,t.hextob64nl=Ae,t.b64nltohex=xe,t.hextopem=ke,t.pemtohex=Pe,t.hextoArrayBuffer=function(e){if(e.length%2!=0)throw"input is not even length";if(null==e.match(/^[0-9A-Fa-f]+$/))throw"input is not hexadecimal";for(var t=new ArrayBuffer(e.length/2),r=new DataView(t),n=0;n<e.length/2;n++)r.setUint8(n,parseInt(e.substr(2*n,2),16));return t},t.ArrayBuffertohex=function(e){for(var t="",r=new DataView(e),n=0;n<e.byteLength;n++)t+=("00"+r.getUint8(n).toString(16)).slice(-2);return t},t.zulutomsec=Te,t.zulutosec=Ie,t.zulutodate=function(e){return new Date(Te(e))},t.datetozulu=function(e,t,r){var n,i=e.getUTCFullYear();if(t){if(i<1950||2049<i)throw"not proper year for UTCTime: "+i;n=(""+i).slice(-2)}else n=("000"+i).slice(-4);if(n+=("0"+(e.getUTCMonth()+1)).slice(-2),n+=("0"+e.getUTCDate()).slice(-2),n+=("0"+e.getUTCHours()).slice(-2),n+=("0"+e.getUTCMinutes()).slice(-2),n+=("0"+e.getUTCSeconds()).slice(-2),r){var o=e.getUTCMilliseconds();0!==o&&(n+="."+(o=(o=("00"+o).slice(-3)).replace(/0+$/g,"")))}return n+"Z"},t.uricmptohex=Re,t.hextouricmp=Ce,t.ipv6tohex=Ue,t.hextoipv6=Le,t.hextoip=De,t.iptohex=function(e){var t="malformed IP address";if(!(e=e.toLowerCase(e)).match(/^[0-9.]+$/)){if(e.match(/^[0-9a-f:]+$/)&&-1!==e.indexOf(":"))return Ue(e);throw t}var r=e.split(".");if(4!==r.length)throw t;var n="";try{for(var i=0;i<4;i++)n+=("0"+parseInt(r[i]).toString(16)).slice(-2);return n}catch(e){throw t}},t.encodeURIComponentAll=Oe,t.newline_toUnix=function(e){return e.replace(/\r\n/gm,"\n")},t.newline_toDos=function(e){return(e=e.replace(/\r\n/gm,"\n")).replace(/\n/gm,"\r\n")},t.hextoposhex=Be,t.intarystrtohex=function(e){e=(e=(e=e.replace(/^\s*\[\s*/,"")).replace(/\s*\]\s*$/,"")).replace(/\s*/g,"");try{return e.split(/,/).map(function(e,t,r){var n=parseInt(e);if(n<0||255<n)throw"integer not in range 0-255";return("00"+n.toString(16)).slice(-2)}).join("")}catch(e){throw"malformed integer array string: "+e}},t.strdiffidx=function(e,t){var r=e.length;e.length>t.length&&(r=t.length);for(var n=0;n<r;n++)if(e.charCodeAt(n)!=t.charCodeAt(n))return n;return e.length!=t.length?r:-1},t.KJUR=ue;var Ze=ue.crypto;t.crypto=Ze;var et=ue.asn1;t.asn1=et;var tt=ue.jws;t.jws=tt;var rt=ue.lang;t.lang=rt}).call(this,r(28).Buffer)},function(e,t,r){(function(e){
+/*!
+    		 * The buffer module from node.js, for the browser.
+    		 *
+    		 * @author   Feross Aboukhadijeh <http://feross.org>
+    		 * @license  MIT
+    		 */
+var n=r(30),i=r(31),o=r(32);function s(){return u.TYPED_ARRAY_SUPPORT?2147483647:1073741823}function a(e,t){if(s()<t)throw new RangeError("Invalid typed array length");return u.TYPED_ARRAY_SUPPORT?(e=new Uint8Array(t)).__proto__=u.prototype:(null===e&&(e=new u(t)),e.length=t),e}function u(e,t,r){if(!(u.TYPED_ARRAY_SUPPORT||this instanceof u))return new u(e,t,r);if("number"==typeof e){if("string"==typeof t)throw new Error("If encoding is specified then the first argument must be a string");return l(this,e)}return c(this,e,t,r)}function c(e,t,r,n){if("number"==typeof t)throw new TypeError('"value" argument must not be a number');return"undefined"!=typeof ArrayBuffer&&t instanceof ArrayBuffer?function(e,t,r,n){if(t.byteLength,r<0||t.byteLength<r)throw new RangeError("'offset' is out of bounds");if(t.byteLength<r+(n||0))throw new RangeError("'length' is out of bounds");return t=void 0===r&&void 0===n?new Uint8Array(t):void 0===n?new Uint8Array(t,r):new Uint8Array(t,r,n),u.TYPED_ARRAY_SUPPORT?(e=t).__proto__=u.prototype:e=f(e,t),e}(e,t,r,n):"string"==typeof t?function(e,t,r){if("string"==typeof r&&""!==r||(r="utf8"),!u.isEncoding(r))throw new TypeError('"encoding" must be a valid string encoding');var n=0|p(t,r),i=(e=a(e,n)).write(t,r);return i!==n&&(e=e.slice(0,i)),e}(e,t,r):function(e,t){if(u.isBuffer(t)){var r=0|d(t.length);return 0===(e=a(e,r)).length||t.copy(e,0,0,r),e}if(t){if("undefined"!=typeof ArrayBuffer&&t.buffer instanceof ArrayBuffer||"length"in t)return"number"!=typeof t.length||function(e){return e!=e}(t.length)?a(e,0):f(e,t);if("Buffer"===t.type&&o(t.data))return f(e,t.data)}throw new TypeError("First argument must be a string, Buffer, ArrayBuffer, Array, or array-like object.")}(e,t)}function h(e){if("number"!=typeof e)throw new TypeError('"size" argument must be a number');if(e<0)throw new RangeError('"size" argument must not be negative')}function l(e,t){if(h(t),e=a(e,t<0?0:0|d(t)),!u.TYPED_ARRAY_SUPPORT)for(var r=0;r<t;++r)e[r]=0;return e}function f(e,t){var r=t.length<0?0:0|d(t.length);e=a(e,r);for(var n=0;n<r;n+=1)e[n]=255&t[n];return e}function d(e){if(e>=s())throw new RangeError("Attempt to allocate Buffer larger than maximum size: 0x"+s().toString(16)+" bytes");return 0|e}function p(e,t){if(u.isBuffer(e))return e.length;if("undefined"!=typeof ArrayBuffer&&"function"==typeof ArrayBuffer.isView&&(ArrayBuffer.isView(e)||e instanceof ArrayBuffer))return e.byteLength;"string"!=typeof e&&(e=""+e);var r=e.length;if(0===r)return 0;for(var n=!1;;)switch(t){case"ascii":case"latin1":case"binary":return r;case"utf8":case"utf-8":case void 0:return M(e).length;case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return 2*r;case"hex":return r>>>1;case"base64":return K(e).length;default:if(n)return M(e).length;t=(""+t).toLowerCase(),n=!0}}function g(e,t,r){var n=!1;if((void 0===t||t<0)&&(t=0),t>this.length)return"";if((void 0===r||r>this.length)&&(r=this.length),r<=0)return"";if((r>>>=0)<=(t>>>=0))return"";for(e||(e="utf8");;)switch(e){case"hex":return I(this,t,r);case"utf8":case"utf-8":return x(this,t,r);case"ascii":return P(this,t,r);case"latin1":case"binary":return T(this,t,r);case"base64":return A(this,t,r);case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return R(this,t,r);default:if(n)throw new TypeError("Unknown encoding: "+e);e=(e+"").toLowerCase(),n=!0}}function y(e,t,r){var n=e[t];e[t]=e[r],e[r]=n}function v(e,t,r,n,i){if(0===e.length)return-1;if("string"==typeof r?(n=r,r=0):r>2147483647?r=2147483647:r<-2147483648&&(r=-2147483648),r=+r,isNaN(r)&&(r=i?0:e.length-1),r<0&&(r=e.length+r),r>=e.length){if(i)return-1;r=e.length-1}else if(r<0){if(!i)return-1;r=0}if("string"==typeof t&&(t=u.from(t,n)),u.isBuffer(t))return 0===t.length?-1:m(e,t,r,n,i);if("number"==typeof t)return t&=255,u.TYPED_ARRAY_SUPPORT&&"function"==typeof Uint8Array.prototype.indexOf?i?Uint8Array.prototype.indexOf.call(e,t,r):Uint8Array.prototype.lastIndexOf.call(e,t,r):m(e,[t],r,n,i);throw new TypeError("val must be string, number or Buffer")}function m(e,t,r,n,i){var o,s=1,a=e.length,u=t.length;if(void 0!==n&&("ucs2"===(n=String(n).toLowerCase())||"ucs-2"===n||"utf16le"===n||"utf-16le"===n)){if(e.length<2||t.length<2)return-1;s=2,a/=2,u/=2,r/=2}function c(e,t){return 1===s?e[t]:e.readUInt16BE(t*s)}if(i){var h=-1;for(o=r;o<a;o++)if(c(e,o)===c(t,-1===h?0:o-h)){if(-1===h&&(h=o),o-h+1===u)return h*s}else-1!==h&&(o-=o-h),h=-1}else for(r+u>a&&(r=a-u),o=r;o>=0;o--){for(var l=!0,f=0;f<u;f++)if(c(e,o+f)!==c(t,f)){l=!1;break}if(l)return o}return-1}function w(e,t,r,n){r=Number(r)||0;var i=e.length-r;n?(n=Number(n))>i&&(n=i):n=i;var o=t.length;if(o%2!=0)throw new TypeError("Invalid hex string");n>o/2&&(n=o/2);for(var s=0;s<n;++s){var a=parseInt(t.substr(2*s,2),16);if(isNaN(a))return s;e[r+s]=a}return s}function _(e,t,r,n){return V(M(t,e.length-r),e,r,n)}function S(e,t,r,n){return V(function(e){for(var t=[],r=0;r<e.length;++r)t.push(255&e.charCodeAt(r));return t}(t),e,r,n)}function b(e,t,r,n){return S(e,t,r,n)}function E(e,t,r,n){return V(K(t),e,r,n)}function F(e,t,r,n){return V(function(e,t){for(var r,n,i,o=[],s=0;s<e.length&&!((t-=2)<0);++s)n=(r=e.charCodeAt(s))>>8,i=r%256,o.push(i),o.push(n);return o}(t,e.length-r),e,r,n)}function A(e,t,r){return 0===t&&r===e.length?n.fromByteArray(e):n.fromByteArray(e.slice(t,r))}function x(e,t,r){r=Math.min(e.length,r);for(var n=[],i=t;i<r;){var o,s,a,u,c=e[i],h=null,l=c>239?4:c>223?3:c>191?2:1;if(i+l<=r)switch(l){case 1:c<128&&(h=c);break;case 2:128==(192&(o=e[i+1]))&&(u=(31&c)<<6|63&o)>127&&(h=u);break;case 3:o=e[i+1],s=e[i+2],128==(192&o)&&128==(192&s)&&(u=(15&c)<<12|(63&o)<<6|63&s)>2047&&(u<55296||u>57343)&&(h=u);break;case 4:o=e[i+1],s=e[i+2],a=e[i+3],128==(192&o)&&128==(192&s)&&128==(192&a)&&(u=(15&c)<<18|(63&o)<<12|(63&s)<<6|63&a)>65535&&u<1114112&&(h=u)}null===h?(h=65533,l=1):h>65535&&(h-=65536,n.push(h>>>10&1023|55296),h=56320|1023&h),n.push(h),i+=l}return function(e){var t=e.length;if(t<=k)return String.fromCharCode.apply(String,e);for(var r="",n=0;n<t;)r+=String.fromCharCode.apply(String,e.slice(n,n+=k));return r}(n)}t.Buffer=u,t.SlowBuffer=function(e){return+e!=e&&(e=0),u.alloc(+e)},t.INSPECT_MAX_BYTES=50,u.TYPED_ARRAY_SUPPORT=void 0!==e.TYPED_ARRAY_SUPPORT?e.TYPED_ARRAY_SUPPORT:function(){try{var e=new Uint8Array(1);return e.__proto__={__proto__:Uint8Array.prototype,foo:function(){return 42}},42===e.foo()&&"function"==typeof e.subarray&&0===e.subarray(1,1).byteLength}catch(e){return!1}}(),t.kMaxLength=s(),u.poolSize=8192,u._augment=function(e){return e.__proto__=u.prototype,e},u.from=function(e,t,r){return c(null,e,t,r)},u.TYPED_ARRAY_SUPPORT&&(u.prototype.__proto__=Uint8Array.prototype,u.__proto__=Uint8Array,"undefined"!=typeof Symbol&&Symbol.species&&u[Symbol.species]===u&&Object.defineProperty(u,Symbol.species,{value:null,configurable:!0})),u.alloc=function(e,t,r){return function(e,t,r,n){return h(t),t<=0?a(e,t):void 0!==r?"string"==typeof n?a(e,t).fill(r,n):a(e,t).fill(r):a(e,t)}(null,e,t,r)},u.allocUnsafe=function(e){return l(null,e)},u.allocUnsafeSlow=function(e){return l(null,e)},u.isBuffer=function(e){return!(null==e||!e._isBuffer)},u.compare=function(e,t){if(!u.isBuffer(e)||!u.isBuffer(t))throw new TypeError("Arguments must be Buffers");if(e===t)return 0;for(var r=e.length,n=t.length,i=0,o=Math.min(r,n);i<o;++i)if(e[i]!==t[i]){r=e[i],n=t[i];break}return r<n?-1:n<r?1:0},u.isEncoding=function(e){switch(String(e).toLowerCase()){case"hex":case"utf8":case"utf-8":case"ascii":case"latin1":case"binary":case"base64":case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return!0;default:return!1}},u.concat=function(e,t){if(!o(e))throw new TypeError('"list" argument must be an Array of Buffers');if(0===e.length)return u.alloc(0);var r;if(void 0===t)for(t=0,r=0;r<e.length;++r)t+=e[r].length;var n=u.allocUnsafe(t),i=0;for(r=0;r<e.length;++r){var s=e[r];if(!u.isBuffer(s))throw new TypeError('"list" argument must be an Array of Buffers');s.copy(n,i),i+=s.length}return n},u.byteLength=p,u.prototype._isBuffer=!0,u.prototype.swap16=function(){var e=this.length;if(e%2!=0)throw new RangeError("Buffer size must be a multiple of 16-bits");for(var t=0;t<e;t+=2)y(this,t,t+1);return this},u.prototype.swap32=function(){var e=this.length;if(e%4!=0)throw new RangeError("Buffer size must be a multiple of 32-bits");for(var t=0;t<e;t+=4)y(this,t,t+3),y(this,t+1,t+2);return this},u.prototype.swap64=function(){var e=this.length;if(e%8!=0)throw new RangeError("Buffer size must be a multiple of 64-bits");for(var t=0;t<e;t+=8)y(this,t,t+7),y(this,t+1,t+6),y(this,t+2,t+5),y(this,t+3,t+4);return this},u.prototype.toString=function(){var e=0|this.length;return 0===e?"":0===arguments.length?x(this,0,e):g.apply(this,arguments)},u.prototype.equals=function(e){if(!u.isBuffer(e))throw new TypeError("Argument must be a Buffer");return this===e||0===u.compare(this,e)},u.prototype.inspect=function(){var e="",r=t.INSPECT_MAX_BYTES;return this.length>0&&(e=this.toString("hex",0,r).match(/.{2}/g).join(" "),this.length>r&&(e+=" ... ")),"<Buffer "+e+">"},u.prototype.compare=function(e,t,r,n,i){if(!u.isBuffer(e))throw new TypeError("Argument must be a Buffer");if(void 0===t&&(t=0),void 0===r&&(r=e?e.length:0),void 0===n&&(n=0),void 0===i&&(i=this.length),t<0||r>e.length||n<0||i>this.length)throw new RangeError("out of range index");if(n>=i&&t>=r)return 0;if(n>=i)return-1;if(t>=r)return 1;if(this===e)return 0;for(var o=(i>>>=0)-(n>>>=0),s=(r>>>=0)-(t>>>=0),a=Math.min(o,s),c=this.slice(n,i),h=e.slice(t,r),l=0;l<a;++l)if(c[l]!==h[l]){o=c[l],s=h[l];break}return o<s?-1:s<o?1:0},u.prototype.includes=function(e,t,r){return-1!==this.indexOf(e,t,r)},u.prototype.indexOf=function(e,t,r){return v(this,e,t,r,!0)},u.prototype.lastIndexOf=function(e,t,r){return v(this,e,t,r,!1)},u.prototype.write=function(e,t,r,n){if(void 0===t)n="utf8",r=this.length,t=0;else if(void 0===r&&"string"==typeof t)n=t,r=this.length,t=0;else{if(!isFinite(t))throw new Error("Buffer.write(string, encoding, offset[, length]) is no longer supported");t|=0,isFinite(r)?(r|=0,void 0===n&&(n="utf8")):(n=r,r=void 0)}var i=this.length-t;if((void 0===r||r>i)&&(r=i),e.length>0&&(r<0||t<0)||t>this.length)throw new RangeError("Attempt to write outside buffer bounds");n||(n="utf8");for(var o=!1;;)switch(n){case"hex":return w(this,e,t,r);case"utf8":case"utf-8":return _(this,e,t,r);case"ascii":return S(this,e,t,r);case"latin1":case"binary":return b(this,e,t,r);case"base64":return E(this,e,t,r);case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return F(this,e,t,r);default:if(o)throw new TypeError("Unknown encoding: "+n);n=(""+n).toLowerCase(),o=!0}},u.prototype.toJSON=function(){return{type:"Buffer",data:Array.prototype.slice.call(this._arr||this,0)}};var k=4096;function P(e,t,r){var n="";r=Math.min(e.length,r);for(var i=t;i<r;++i)n+=String.fromCharCode(127&e[i]);return n}function T(e,t,r){var n="";r=Math.min(e.length,r);for(var i=t;i<r;++i)n+=String.fromCharCode(e[i]);return n}function I(e,t,r){var n=e.length;(!t||t<0)&&(t=0),(!r||r<0||r>n)&&(r=n);for(var i="",o=t;o<r;++o)i+=H(e[o]);return i}function R(e,t,r){for(var n=e.slice(t,r),i="",o=0;o<n.length;o+=2)i+=String.fromCharCode(n[o]+256*n[o+1]);return i}function C(e,t,r){if(e%1!=0||e<0)throw new RangeError("offset is not uint");if(e+t>r)throw new RangeError("Trying to access beyond buffer length")}function U(e,t,r,n,i,o){if(!u.isBuffer(e))throw new TypeError('"buffer" argument must be a Buffer instance');if(t>i||t<o)throw new RangeError('"value" argument is out of bounds');if(r+n>e.length)throw new RangeError("Index out of range")}function L(e,t,r,n){t<0&&(t=65535+t+1);for(var i=0,o=Math.min(e.length-r,2);i<o;++i)e[r+i]=(t&255<<8*(n?i:1-i))>>>8*(n?i:1-i)}function D(e,t,r,n){t<0&&(t=4294967295+t+1);for(var i=0,o=Math.min(e.length-r,4);i<o;++i)e[r+i]=t>>>8*(n?i:3-i)&255}function N(e,t,r,n,i,o){if(r+n>e.length)throw new RangeError("Index out of range");if(r<0)throw new RangeError("Index out of range")}function O(e,t,r,n,o){return o||N(e,0,r,4),i.write(e,t,r,n,23,4),r+4}function j(e,t,r,n,o){return o||N(e,0,r,8),i.write(e,t,r,n,52,8),r+8}u.prototype.slice=function(e,t){var r,n=this.length;if((e=~~e)<0?(e+=n)<0&&(e=0):e>n&&(e=n),(t=void 0===t?n:~~t)<0?(t+=n)<0&&(t=0):t>n&&(t=n),t<e&&(t=e),u.TYPED_ARRAY_SUPPORT)(r=this.subarray(e,t)).__proto__=u.prototype;else{var i=t-e;r=new u(i,void 0);for(var o=0;o<i;++o)r[o]=this[o+e]}return r},u.prototype.readUIntLE=function(e,t,r){e|=0,t|=0,r||C(e,t,this.length);for(var n=this[e],i=1,o=0;++o<t&&(i*=256);)n+=this[e+o]*i;return n},u.prototype.readUIntBE=function(e,t,r){e|=0,t|=0,r||C(e,t,this.length);for(var n=this[e+--t],i=1;t>0&&(i*=256);)n+=this[e+--t]*i;return n},u.prototype.readUInt8=function(e,t){return t||C(e,1,this.length),this[e]},u.prototype.readUInt16LE=function(e,t){return t||C(e,2,this.length),this[e]|this[e+1]<<8},u.prototype.readUInt16BE=function(e,t){return t||C(e,2,this.length),this[e]<<8|this[e+1]},u.prototype.readUInt32LE=function(e,t){return t||C(e,4,this.length),(this[e]|this[e+1]<<8|this[e+2]<<16)+16777216*this[e+3]},u.prototype.readUInt32BE=function(e,t){return t||C(e,4,this.length),16777216*this[e]+(this[e+1]<<16|this[e+2]<<8|this[e+3])},u.prototype.readIntLE=function(e,t,r){e|=0,t|=0,r||C(e,t,this.length);for(var n=this[e],i=1,o=0;++o<t&&(i*=256);)n+=this[e+o]*i;return n>=(i*=128)&&(n-=Math.pow(2,8*t)),n},u.prototype.readIntBE=function(e,t,r){e|=0,t|=0,r||C(e,t,this.length);for(var n=t,i=1,o=this[e+--n];n>0&&(i*=256);)o+=this[e+--n]*i;return o>=(i*=128)&&(o-=Math.pow(2,8*t)),o},u.prototype.readInt8=function(e,t){return t||C(e,1,this.length),128&this[e]?-1*(255-this[e]+1):this[e]},u.prototype.readInt16LE=function(e,t){t||C(e,2,this.length);var r=this[e]|this[e+1]<<8;return 32768&r?4294901760|r:r},u.prototype.readInt16BE=function(e,t){t||C(e,2,this.length);var r=this[e+1]|this[e]<<8;return 32768&r?4294901760|r:r},u.prototype.readInt32LE=function(e,t){return t||C(e,4,this.length),this[e]|this[e+1]<<8|this[e+2]<<16|this[e+3]<<24},u.prototype.readInt32BE=function(e,t){return t||C(e,4,this.length),this[e]<<24|this[e+1]<<16|this[e+2]<<8|this[e+3]},u.prototype.readFloatLE=function(e,t){return t||C(e,4,this.length),i.read(this,e,!0,23,4)},u.prototype.readFloatBE=function(e,t){return t||C(e,4,this.length),i.read(this,e,!1,23,4)},u.prototype.readDoubleLE=function(e,t){return t||C(e,8,this.length),i.read(this,e,!0,52,8)},u.prototype.readDoubleBE=function(e,t){return t||C(e,8,this.length),i.read(this,e,!1,52,8)},u.prototype.writeUIntLE=function(e,t,r,n){e=+e,t|=0,r|=0,n||U(this,e,t,r,Math.pow(2,8*r)-1,0);var i=1,o=0;for(this[t]=255&e;++o<r&&(i*=256);)this[t+o]=e/i&255;return t+r},u.prototype.writeUIntBE=function(e,t,r,n){e=+e,t|=0,r|=0,n||U(this,e,t,r,Math.pow(2,8*r)-1,0);var i=r-1,o=1;for(this[t+i]=255&e;--i>=0&&(o*=256);)this[t+i]=e/o&255;return t+r},u.prototype.writeUInt8=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,1,255,0),u.TYPED_ARRAY_SUPPORT||(e=Math.floor(e)),this[t]=255&e,t+1},u.prototype.writeUInt16LE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,2,65535,0),u.TYPED_ARRAY_SUPPORT?(this[t]=255&e,this[t+1]=e>>>8):L(this,e,t,!0),t+2},u.prototype.writeUInt16BE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,2,65535,0),u.TYPED_ARRAY_SUPPORT?(this[t]=e>>>8,this[t+1]=255&e):L(this,e,t,!1),t+2},u.prototype.writeUInt32LE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,4,4294967295,0),u.TYPED_ARRAY_SUPPORT?(this[t+3]=e>>>24,this[t+2]=e>>>16,this[t+1]=e>>>8,this[t]=255&e):D(this,e,t,!0),t+4},u.prototype.writeUInt32BE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,4,4294967295,0),u.TYPED_ARRAY_SUPPORT?(this[t]=e>>>24,this[t+1]=e>>>16,this[t+2]=e>>>8,this[t+3]=255&e):D(this,e,t,!1),t+4},u.prototype.writeIntLE=function(e,t,r,n){if(e=+e,t|=0,!n){var i=Math.pow(2,8*r-1);U(this,e,t,r,i-1,-i)}var o=0,s=1,a=0;for(this[t]=255&e;++o<r&&(s*=256);)e<0&&0===a&&0!==this[t+o-1]&&(a=1),this[t+o]=(e/s|0)-a&255;return t+r},u.prototype.writeIntBE=function(e,t,r,n){if(e=+e,t|=0,!n){var i=Math.pow(2,8*r-1);U(this,e,t,r,i-1,-i)}var o=r-1,s=1,a=0;for(this[t+o]=255&e;--o>=0&&(s*=256);)e<0&&0===a&&0!==this[t+o+1]&&(a=1),this[t+o]=(e/s|0)-a&255;return t+r},u.prototype.writeInt8=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,1,127,-128),u.TYPED_ARRAY_SUPPORT||(e=Math.floor(e)),e<0&&(e=255+e+1),this[t]=255&e,t+1},u.prototype.writeInt16LE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,2,32767,-32768),u.TYPED_ARRAY_SUPPORT?(this[t]=255&e,this[t+1]=e>>>8):L(this,e,t,!0),t+2},u.prototype.writeInt16BE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,2,32767,-32768),u.TYPED_ARRAY_SUPPORT?(this[t]=e>>>8,this[t+1]=255&e):L(this,e,t,!1),t+2},u.prototype.writeInt32LE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,4,2147483647,-2147483648),u.TYPED_ARRAY_SUPPORT?(this[t]=255&e,this[t+1]=e>>>8,this[t+2]=e>>>16,this[t+3]=e>>>24):D(this,e,t,!0),t+4},u.prototype.writeInt32BE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,4,2147483647,-2147483648),e<0&&(e=4294967295+e+1),u.TYPED_ARRAY_SUPPORT?(this[t]=e>>>24,this[t+1]=e>>>16,this[t+2]=e>>>8,this[t+3]=255&e):D(this,e,t,!1),t+4},u.prototype.writeFloatLE=function(e,t,r){return O(this,e,t,!0,r)},u.prototype.writeFloatBE=function(e,t,r){return O(this,e,t,!1,r)},u.prototype.writeDoubleLE=function(e,t,r){return j(this,e,t,!0,r)},u.prototype.writeDoubleBE=function(e,t,r){return j(this,e,t,!1,r)},u.prototype.copy=function(e,t,r,n){if(r||(r=0),n||0===n||(n=this.length),t>=e.length&&(t=e.length),t||(t=0),n>0&&n<r&&(n=r),n===r)return 0;if(0===e.length||0===this.length)return 0;if(t<0)throw new RangeError("targetStart out of bounds");if(r<0||r>=this.length)throw new RangeError("sourceStart out of bounds");if(n<0)throw new RangeError("sourceEnd out of bounds");n>this.length&&(n=this.length),e.length-t<n-r&&(n=e.length-t+r);var i,o=n-r;if(this===e&&r<t&&t<n)for(i=o-1;i>=0;--i)e[i+t]=this[i+r];else if(o<1e3||!u.TYPED_ARRAY_SUPPORT)for(i=0;i<o;++i)e[i+t]=this[i+r];else Uint8Array.prototype.set.call(e,this.subarray(r,r+o),t);return o},u.prototype.fill=function(e,t,r,n){if("string"==typeof e){if("string"==typeof t?(n=t,t=0,r=this.length):"string"==typeof r&&(n=r,r=this.length),1===e.length){var i=e.charCodeAt(0);i<256&&(e=i)}if(void 0!==n&&"string"!=typeof n)throw new TypeError("encoding must be a string");if("string"==typeof n&&!u.isEncoding(n))throw new TypeError("Unknown encoding: "+n)}else"number"==typeof e&&(e&=255);if(t<0||this.length<t||this.length<r)throw new RangeError("Out of range index");if(r<=t)return this;var o;if(t>>>=0,r=void 0===r?this.length:r>>>0,e||(e=0),"number"==typeof e)for(o=t;o<r;++o)this[o]=e;else{var s=u.isBuffer(e)?e:M(new u(e,n).toString()),a=s.length;for(o=0;o<r-t;++o)this[o+t]=s[o%a]}return this};var B=/[^+\/0-9A-Za-z-_]/g;function H(e){return e<16?"0"+e.toString(16):e.toString(16)}function M(e,t){var r;t=t||1/0;for(var n=e.length,i=null,o=[],s=0;s<n;++s){if((r=e.charCodeAt(s))>55295&&r<57344){if(!i){if(r>56319){(t-=3)>-1&&o.push(239,191,189);continue}if(s+1===n){(t-=3)>-1&&o.push(239,191,189);continue}i=r;continue}if(r<56320){(t-=3)>-1&&o.push(239,191,189),i=r;continue}r=65536+(i-55296<<10|r-56320)}else i&&(t-=3)>-1&&o.push(239,191,189);if(i=null,r<128){if((t-=1)<0)break;o.push(r)}else if(r<2048){if((t-=2)<0)break;o.push(r>>6|192,63&r|128)}else if(r<65536){if((t-=3)<0)break;o.push(r>>12|224,r>>6&63|128,63&r|128)}else{if(!(r<1114112))throw new Error("Invalid code point");if((t-=4)<0)break;o.push(r>>18|240,r>>12&63|128,r>>6&63|128,63&r|128)}}return o}function K(e){return n.toByteArray(function(e){if((e=function(e){return e.trim?e.trim():e.replace(/^\s+|\s+$/g,"")}(e).replace(B,"")).length<2)return"";for(;e.length%4!=0;)e+="=";return e}(e))}function V(e,t,r,n){for(var i=0;i<n&&!(i+r>=t.length||i>=e.length);++i)t[i+r]=e[i];return i}}).call(this,r(29))},function(e,t){var r;r=function(){return this}();try{r=r||new Function("return this")()}catch(e){"object"==typeof window&&(r=window)}e.exports=r},function(e,t,r){t.byteLength=function(e){var t=u(e),r=t[0],n=t[1];return 3*(r+n)/4-n},t.toByteArray=function(e){var t,r,n=u(e),s=n[0],a=n[1],c=new o(function(e,t,r){return 3*(t+r)/4-r}(0,s,a)),h=0,l=a>0?s-4:s;for(r=0;r<l;r+=4)t=i[e.charCodeAt(r)]<<18|i[e.charCodeAt(r+1)]<<12|i[e.charCodeAt(r+2)]<<6|i[e.charCodeAt(r+3)],c[h++]=t>>16&255,c[h++]=t>>8&255,c[h++]=255&t;return 2===a&&(t=i[e.charCodeAt(r)]<<2|i[e.charCodeAt(r+1)]>>4,c[h++]=255&t),1===a&&(t=i[e.charCodeAt(r)]<<10|i[e.charCodeAt(r+1)]<<4|i[e.charCodeAt(r+2)]>>2,c[h++]=t>>8&255,c[h++]=255&t),c},t.fromByteArray=function(e){for(var t,r=e.length,i=r%3,o=[],s=16383,a=0,u=r-i;a<u;a+=s)o.push(c(e,a,a+s>u?u:a+s));return 1===i?(t=e[r-1],o.push(n[t>>2]+n[t<<4&63]+"==")):2===i&&(t=(e[r-2]<<8)+e[r-1],o.push(n[t>>10]+n[t>>4&63]+n[t<<2&63]+"=")),o.join("")};for(var n=[],i=[],o="undefined"!=typeof Uint8Array?Uint8Array:Array,s="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",a=0;a<64;++a)n[a]=s[a],i[s.charCodeAt(a)]=a;function u(e){var t=e.length;if(t%4>0)throw new Error("Invalid string. Length must be a multiple of 4");var r=e.indexOf("=");return-1===r&&(r=t),[r,r===t?0:4-r%4]}function c(e,t,r){for(var i,o,s=[],a=t;a<r;a+=3)i=(e[a]<<16&16711680)+(e[a+1]<<8&65280)+(255&e[a+2]),s.push(n[(o=i)>>18&63]+n[o>>12&63]+n[o>>6&63]+n[63&o]);return s.join("")}i["-".charCodeAt(0)]=62,i["_".charCodeAt(0)]=63},function(e,t){
+/*! ieee754. BSD-3-Clause License. Feross Aboukhadijeh <https://feross.org/opensource> */
+t.read=function(e,t,r,n,i){var o,s,a=8*i-n-1,u=(1<<a)-1,c=u>>1,h=-7,l=r?i-1:0,f=r?-1:1,d=e[t+l];for(l+=f,o=d&(1<<-h)-1,d>>=-h,h+=a;h>0;o=256*o+e[t+l],l+=f,h-=8);for(s=o&(1<<-h)-1,o>>=-h,h+=n;h>0;s=256*s+e[t+l],l+=f,h-=8);if(0===o)o=1-c;else{if(o===u)return s?NaN:1/0*(d?-1:1);s+=Math.pow(2,n),o-=c}return(d?-1:1)*s*Math.pow(2,o-n)},t.write=function(e,t,r,n,i,o){var s,a,u,c=8*o-i-1,h=(1<<c)-1,l=h>>1,f=23===i?Math.pow(2,-24)-Math.pow(2,-77):0,d=n?0:o-1,p=n?1:-1,g=t<0||0===t&&1/t<0?1:0;for(t=Math.abs(t),isNaN(t)||t===1/0?(a=isNaN(t)?1:0,s=h):(s=Math.floor(Math.log(t)/Math.LN2),t*(u=Math.pow(2,-s))<1&&(s--,u*=2),(t+=s+l>=1?f/u:f*Math.pow(2,1-l))*u>=2&&(s++,u/=2),s+l>=h?(a=0,s=h):s+l>=1?(a=(t*u-1)*Math.pow(2,i),s+=l):(a=t*Math.pow(2,l-1)*Math.pow(2,i),s=0));i>=8;e[r+d]=255&a,d+=p,a/=256,i-=8);for(s=s<<i|a,c+=i;c>0;e[r+d]=255&s,d+=p,s/=256,c-=8);e[r+d-p]|=128*g}},function(e,t){var r={}.toString;e.exports=Array.isArray||function(e){return"[object Array]"==r.call(e)}},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.default=function(e){var t=e.jws,r=e.KeyUtil,i=e.X509,o=e.crypto,s=e.hextob64u,a=e.b64tohex,u=e.AllowedSigningAlgs;return function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.parseJwt=function e(r){n.Log.debug("JoseUtil.parseJwt");try{var i=t.JWS.parse(r);return{header:i.headerObj,payload:i.payloadObj}}catch(e){n.Log.error(e)}},e.validateJwt=function(t,o,s,u,c,h,l){n.Log.debug("JoseUtil.validateJwt");try{if("RSA"===o.kty)if(o.e&&o.n)o=r.getKey(o);else{if(!o.x5c||!o.x5c.length)return n.Log.error("JoseUtil.validateJwt: RSA key missing key material",o),Promise.reject(new Error("RSA key missing key material"));var f=a(o.x5c[0]);o=i.getPublicKeyFromCertHex(f)}else{if("EC"!==o.kty)return n.Log.error("JoseUtil.validateJwt: Unsupported key type",o&&o.kty),Promise.reject(new Error(o.kty));if(!(o.crv&&o.x&&o.y))return n.Log.error("JoseUtil.validateJwt: EC key missing key material",o),Promise.reject(new Error("EC key missing key material"));o=r.getKey(o)}return e._validateJwt(t,o,s,u,c,h,l)}catch(e){return n.Log.error(e&&e.message||e),Promise.reject("JWT validation failed")}},e.validateJwtAttributes=function(t,r,i,o,s,a){o||(o=0),s||(s=parseInt(Date.now()/1e3));var u=e.parseJwt(t).payload;if(!u.iss)return n.Log.error("JoseUtil._validateJwt: issuer was not provided"),Promise.reject(new Error("issuer was not provided"));if(u.iss!==r)return n.Log.error("JoseUtil._validateJwt: Invalid issuer in token",u.iss),Promise.reject(new Error("Invalid issuer in token: "+u.iss));if(!u.aud)return n.Log.error("JoseUtil._validateJwt: aud was not provided"),Promise.reject(new Error("aud was not provided"));if(!(u.aud===i||Array.isArray(u.aud)&&u.aud.indexOf(i)>=0))return n.Log.error("JoseUtil._validateJwt: Invalid audience in token",u.aud),Promise.reject(new Error("Invalid audience in token: "+u.aud));if(u.azp&&u.azp!==i)return n.Log.error("JoseUtil._validateJwt: Invalid azp in token",u.azp),Promise.reject(new Error("Invalid azp in token: "+u.azp));if(!a){var c=s+o,h=s-o;if(!u.iat)return n.Log.error("JoseUtil._validateJwt: iat was not provided"),Promise.reject(new Error("iat was not provided"));if(c<u.iat)return n.Log.error("JoseUtil._validateJwt: iat is in the future",u.iat),Promise.reject(new Error("iat is in the future: "+u.iat));if(u.nbf&&c<u.nbf)return n.Log.error("JoseUtil._validateJwt: nbf is in the future",u.nbf),Promise.reject(new Error("nbf is in the future: "+u.nbf));if(!u.exp)return n.Log.error("JoseUtil._validateJwt: exp was not provided"),Promise.reject(new Error("exp was not provided"));if(u.exp<h)return n.Log.error("JoseUtil._validateJwt: exp is in the past",u.exp),Promise.reject(new Error("exp is in the past:"+u.exp))}return Promise.resolve(u)},e._validateJwt=function(r,i,o,s,a,c,h){return e.validateJwtAttributes(r,o,s,a,c,h).then(function(e){try{return t.JWS.verify(r,i,u)?e:(n.Log.error("JoseUtil._validateJwt: signature validation failed"),Promise.reject(new Error("signature validation failed")))}catch(e){return n.Log.error(e&&e.message||e),Promise.reject(new Error("signature validation failed"))}})},e.hashString=function e(t,r){try{return o.Util.hashString(t,r)}catch(e){n.Log.error(e)}},e.hexToBase64Url=function e(t){try{return s(t)}catch(e){n.Log.error(e)}},e}()};var n=r(0);e.exports=t.default},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.SigninResponse=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(3);t.SigninResponse=function(){function e(t){var r=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"#";!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e);var n=i.UrlUtility.parseUrlFragment(t,r);this.error=n.error,this.error_description=n.error_description,this.error_uri=n.error_uri,this.code=n.code,this.state=n.state,this.id_token=n.id_token,this.session_state=n.session_state,this.access_token=n.access_token,this.token_type=n.token_type,this.scope=n.scope,this.profile=void 0,this.expires_in=n.expires_in}return n(e,[{key:"expires_in",get:function(){if(this.expires_at){var e=parseInt(Date.now()/1e3);return this.expires_at-e}},set:function(e){var t=parseInt(e);if("number"==typeof t&&t>0){var r=parseInt(Date.now()/1e3);this.expires_at=r+t}}},{key:"expired",get:function(){var e=this.expires_in;if(void 0!==e)return e<=0}},{key:"scopes",get:function(){return(this.scope||"").split(" ")}},{key:"isOpenIdConnect",get:function(){return this.scopes.indexOf("openid")>=0||!!this.id_token}}]),e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.SignoutRequest=void 0;var n=r(0),i=r(3),o=r(9);t.SignoutRequest=function e(t){var r=t.url,s=t.id_token_hint,a=t.post_logout_redirect_uri,u=t.data,c=t.extraQueryParams,h=t.request_type;if(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),!r)throw n.Log.error("SignoutRequest.ctor: No url passed"),new Error("url");for(var l in s&&(r=i.UrlUtility.addQueryParam(r,"id_token_hint",s)),a&&(r=i.UrlUtility.addQueryParam(r,"post_logout_redirect_uri",a),u&&(this.state=new o.State({data:u,request_type:h}),r=i.UrlUtility.addQueryParam(r,"state",this.state.id))),c)r=i.UrlUtility.addQueryParam(r,l,c[l]);this.url=r}},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.SignoutResponse=void 0;var n=r(3);t.SignoutResponse=function e(t){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e);var r=n.UrlUtility.parseUrlFragment(t,"?");this.error=r.error,this.error_description=r.error_description,this.error_uri=r.error_uri,this.state=r.state}},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.InMemoryWebStorage=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0);t.InMemoryWebStorage=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this._data={}}return e.prototype.getItem=function(e){return i.Log.debug("InMemoryWebStorage.getItem",e),this._data[e]},e.prototype.setItem=function(e,t){i.Log.debug("InMemoryWebStorage.setItem",e),this._data[e]=t},e.prototype.removeItem=function(e){i.Log.debug("InMemoryWebStorage.removeItem",e),delete this._data[e]},e.prototype.key=function(e){return Object.getOwnPropertyNames(this._data)[e]},n(e,[{key:"length",get:function(){return Object.getOwnPropertyNames(this._data).length}}]),e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.UserManager=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0),o=r(10),s=r(39),a=r(15),u=r(45),c=r(47),h=r(18),l=r(8),f=r(20),d=r(11),p=r(4);t.UserManager=function(e){function t(){var r=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},n=arguments.length>1&&void 0!==arguments[1]?arguments[1]:c.SilentRenewService,o=arguments.length>2&&void 0!==arguments[2]?arguments[2]:h.SessionMonitor,a=arguments.length>3&&void 0!==arguments[3]?arguments[3]:f.TokenRevocationClient,l=arguments.length>4&&void 0!==arguments[4]?arguments[4]:d.TokenClient,g=arguments.length>5&&void 0!==arguments[5]?arguments[5]:p.JoseUtil;(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")})(this,t),r instanceof s.UserManagerSettings||(r=new s.UserManagerSettings(r));var y=function(e,t){if(!e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return!t||"object"!=typeof t&&"function"!=typeof t?e:t}(this,e.call(this,r));return y._events=new u.UserManagerEvents(r),y._silentRenewService=new n(y),y.settings.automaticSilentRenew&&(i.Log.debug("UserManager.ctor: automaticSilentRenew is configured, setting up silent renew"),y.startSilentRenew()),y.settings.monitorSession&&(i.Log.debug("UserManager.ctor: monitorSession is configured, setting up session monitor"),y._sessionMonitor=new o(y)),y._tokenRevocationClient=new a(y._settings),y._tokenClient=new l(y._settings),y._joseUtil=g,y}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function, not "+typeof t);e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}),t&&(Object.setPrototypeOf?Object.setPrototypeOf(e,t):e.__proto__=t)}(t,e),t.prototype.getUser=function(){var e=this;return this._loadUser().then(function(t){return t?(i.Log.info("UserManager.getUser: user loaded"),e._events.load(t,!1),t):(i.Log.info("UserManager.getUser: user not found in storage"),null)})},t.prototype.removeUser=function(){var e=this;return this.storeUser(null).then(function(){i.Log.info("UserManager.removeUser: user removed from storage"),e._events.unload()})},t.prototype.signinRedirect=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(e=Object.assign({},e)).request_type="si:r";var t={useReplaceToNavigate:e.useReplaceToNavigate};return this._signinStart(e,this._redirectNavigator,t).then(function(){i.Log.info("UserManager.signinRedirect: successful")})},t.prototype.signinRedirectCallback=function(e){return this._signinEnd(e||this._redirectNavigator.url).then(function(e){return e.profile&&e.profile.sub?i.Log.info("UserManager.signinRedirectCallback: successful, signed in sub: ",e.profile.sub):i.Log.info("UserManager.signinRedirectCallback: no sub"),e})},t.prototype.signinPopup=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(e=Object.assign({},e)).request_type="si:p";var t=e.redirect_uri||this.settings.popup_redirect_uri||this.settings.redirect_uri;return t?(e.redirect_uri=t,e.display="popup",this._signin(e,this._popupNavigator,{startUrl:t,popupWindowFeatures:e.popupWindowFeatures||this.settings.popupWindowFeatures,popupWindowTarget:e.popupWindowTarget||this.settings.popupWindowTarget}).then(function(e){return e&&(e.profile&&e.profile.sub?i.Log.info("UserManager.signinPopup: signinPopup successful, signed in sub: ",e.profile.sub):i.Log.info("UserManager.signinPopup: no sub")),e})):(i.Log.error("UserManager.signinPopup: No popup_redirect_uri or redirect_uri configured"),Promise.reject(new Error("No popup_redirect_uri or redirect_uri configured")))},t.prototype.signinPopupCallback=function(e){return this._signinCallback(e,this._popupNavigator).then(function(e){return e&&(e.profile&&e.profile.sub?i.Log.info("UserManager.signinPopupCallback: successful, signed in sub: ",e.profile.sub):i.Log.info("UserManager.signinPopupCallback: no sub")),e}).catch(function(e){i.Log.error(e.message)})},t.prototype.signinSilent=function(){var e=this,t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};return t=Object.assign({},t),this._loadUser().then(function(r){return r&&r.refresh_token?(t.refresh_token=r.refresh_token,e._useRefreshToken(t)):(t.request_type="si:s",t.id_token_hint=t.id_token_hint||e.settings.includeIdTokenInSilentRenew&&r&&r.id_token,r&&e._settings.validateSubOnSilentRenew&&(i.Log.debug("UserManager.signinSilent, subject prior to silent renew: ",r.profile.sub),t.current_sub=r.profile.sub),e._signinSilentIframe(t))})},t.prototype._useRefreshToken=function(){var e=this,t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};return this._tokenClient.exchangeRefreshToken(t).then(function(t){return t?t.access_token?e._loadUser().then(function(r){if(r){var n=Promise.resolve();return t.id_token&&(n=e._validateIdTokenFromTokenRefreshToken(r.profile,t.id_token)),n.then(function(){return i.Log.debug("UserManager._useRefreshToken: refresh token response success"),r.id_token=t.id_token||r.id_token,r.access_token=t.access_token,r.refresh_token=t.refresh_token||r.refresh_token,r.expires_in=t.expires_in,e.storeUser(r).then(function(){return e._events.load(r),r})})}return null}):(i.Log.error("UserManager._useRefreshToken: No access token returned from token endpoint"),Promise.reject("No access token returned from token endpoint")):(i.Log.error("UserManager._useRefreshToken: No response returned from token endpoint"),Promise.reject("No response returned from token endpoint"))})},t.prototype._validateIdTokenFromTokenRefreshToken=function(e,t){var r=this;return this._metadataService.getIssuer().then(function(n){return r.settings.getEpochTime().then(function(o){return r._joseUtil.validateJwtAttributes(t,n,r._settings.client_id,r._settings.clockSkew,o).then(function(t){return t?t.sub!==e.sub?(i.Log.error("UserManager._validateIdTokenFromTokenRefreshToken: sub in id_token does not match current sub"),Promise.reject(new Error("sub in id_token does not match current sub"))):t.auth_time&&t.auth_time!==e.auth_time?(i.Log.error("UserManager._validateIdTokenFromTokenRefreshToken: auth_time in id_token does not match original auth_time"),Promise.reject(new Error("auth_time in id_token does not match original auth_time"))):t.azp&&t.azp!==e.azp?(i.Log.error("UserManager._validateIdTokenFromTokenRefreshToken: azp in id_token does not match original azp"),Promise.reject(new Error("azp in id_token does not match original azp"))):!t.azp&&e.azp?(i.Log.error("UserManager._validateIdTokenFromTokenRefreshToken: azp not in id_token, but present in original id_token"),Promise.reject(new Error("azp not in id_token, but present in original id_token"))):void 0:(i.Log.error("UserManager._validateIdTokenFromTokenRefreshToken: Failed to validate id_token"),Promise.reject(new Error("Failed to validate id_token")))})})})},t.prototype._signinSilentIframe=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},t=e.redirect_uri||this.settings.silent_redirect_uri||this.settings.redirect_uri;return t?(e.redirect_uri=t,e.prompt=e.prompt||"none",this._signin(e,this._iframeNavigator,{startUrl:t,silentRequestTimeout:e.silentRequestTimeout||this.settings.silentRequestTimeout}).then(function(e){return e&&(e.profile&&e.profile.sub?i.Log.info("UserManager.signinSilent: successful, signed in sub: ",e.profile.sub):i.Log.info("UserManager.signinSilent: no sub")),e})):(i.Log.error("UserManager.signinSilent: No silent_redirect_uri configured"),Promise.reject(new Error("No silent_redirect_uri configured")))},t.prototype.signinSilentCallback=function(e){return this._signinCallback(e,this._iframeNavigator).then(function(e){return e&&(e.profile&&e.profile.sub?i.Log.info("UserManager.signinSilentCallback: successful, signed in sub: ",e.profile.sub):i.Log.info("UserManager.signinSilentCallback: no sub")),e})},t.prototype.signinCallback=function(e){var t=this;return this.readSigninResponseState(e).then(function(r){var n=r.state;return r.response,"si:r"===n.request_type?t.signinRedirectCallback(e):"si:p"===n.request_type?t.signinPopupCallback(e):"si:s"===n.request_type?t.signinSilentCallback(e):Promise.reject(new Error("invalid response_type in state"))})},t.prototype.signoutCallback=function(e,t){var r=this;return this.readSignoutResponseState(e).then(function(n){var i=n.state,o=n.response;return i?"so:r"===i.request_type?r.signoutRedirectCallback(e):"so:p"===i.request_type?r.signoutPopupCallback(e,t):Promise.reject(new Error("invalid response_type in state")):o})},t.prototype.querySessionStatus=function(){var e=this,t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(t=Object.assign({},t)).request_type="si:s";var r=t.redirect_uri||this.settings.silent_redirect_uri||this.settings.redirect_uri;return r?(t.redirect_uri=r,t.prompt="none",t.response_type=t.response_type||this.settings.query_status_response_type,t.scope=t.scope||"openid",t.skipUserInfo=!0,this._signinStart(t,this._iframeNavigator,{startUrl:r,silentRequestTimeout:t.silentRequestTimeout||this.settings.silentRequestTimeout}).then(function(t){return e.processSigninResponse(t.url).then(function(e){if(i.Log.debug("UserManager.querySessionStatus: got signin response"),e.session_state&&e.profile.sub)return i.Log.info("UserManager.querySessionStatus: querySessionStatus success for sub: ",e.profile.sub),{session_state:e.session_state,sub:e.profile.sub,sid:e.profile.sid};i.Log.info("querySessionStatus successful, user not authenticated")}).catch(function(t){if(t.session_state&&e.settings.monitorAnonymousSession&&("login_required"==t.message||"consent_required"==t.message||"interaction_required"==t.message||"account_selection_required"==t.message))return i.Log.info("UserManager.querySessionStatus: querySessionStatus success for anonymous user"),{session_state:t.session_state};throw t})})):(i.Log.error("UserManager.querySessionStatus: No silent_redirect_uri configured"),Promise.reject(new Error("No silent_redirect_uri configured")))},t.prototype._signin=function(e,t){var r=this,n=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};return this._signinStart(e,t,n).then(function(t){return r._signinEnd(t.url,e)})},t.prototype._signinStart=function(e,t){var r=this,n=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};return t.prepare(n).then(function(t){return i.Log.debug("UserManager._signinStart: got navigator window handle"),r.createSigninRequest(e).then(function(e){return i.Log.debug("UserManager._signinStart: got signin request"),n.url=e.url,n.id=e.state.id,t.navigate(n)}).catch(function(e){throw t.close&&(i.Log.debug("UserManager._signinStart: Error after preparing navigator, closing navigator window"),t.close()),e})})},t.prototype._signinEnd=function(e){var t=this,r=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};return this.processSigninResponse(e).then(function(e){i.Log.debug("UserManager._signinEnd: got signin response");var n=new a.User(e);if(r.current_sub){if(r.current_sub!==n.profile.sub)return i.Log.debug("UserManager._signinEnd: current user does not match user returned from signin. sub from signin: ",n.profile.sub),Promise.reject(new Error("login_required"));i.Log.debug("UserManager._signinEnd: current user matches user returned from signin")}return t.storeUser(n).then(function(){return i.Log.debug("UserManager._signinEnd: user stored"),t._events.load(n),n})})},t.prototype._signinCallback=function(e,t){i.Log.debug("UserManager._signinCallback");var r="query"===this._settings.response_mode||!this._settings.response_mode&&l.SigninRequest.isCode(this._settings.response_type)?"?":"#";return t.callback(e,void 0,r)},t.prototype.signoutRedirect=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(e=Object.assign({},e)).request_type="so:r";var t=e.post_logout_redirect_uri||this.settings.post_logout_redirect_uri;t&&(e.post_logout_redirect_uri=t);var r={useReplaceToNavigate:e.useReplaceToNavigate};return this._signoutStart(e,this._redirectNavigator,r).then(function(){i.Log.info("UserManager.signoutRedirect: successful")})},t.prototype.signoutRedirectCallback=function(e){return this._signoutEnd(e||this._redirectNavigator.url).then(function(e){return i.Log.info("UserManager.signoutRedirectCallback: successful"),e})},t.prototype.signoutPopup=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(e=Object.assign({},e)).request_type="so:p";var t=e.post_logout_redirect_uri||this.settings.popup_post_logout_redirect_uri||this.settings.post_logout_redirect_uri;return e.post_logout_redirect_uri=t,e.display="popup",e.post_logout_redirect_uri&&(e.state=e.state||{}),this._signout(e,this._popupNavigator,{startUrl:t,popupWindowFeatures:e.popupWindowFeatures||this.settings.popupWindowFeatures,popupWindowTarget:e.popupWindowTarget||this.settings.popupWindowTarget}).then(function(){i.Log.info("UserManager.signoutPopup: successful")})},t.prototype.signoutPopupCallback=function(e,t){return void 0===t&&"boolean"==typeof e&&(t=e,e=null),this._popupNavigator.callback(e,t,"?").then(function(){i.Log.info("UserManager.signoutPopupCallback: successful")})},t.prototype._signout=function(e,t){var r=this,n=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};return this._signoutStart(e,t,n).then(function(e){return r._signoutEnd(e.url)})},t.prototype._signoutStart=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},t=this,r=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};return arguments[1].prepare(r).then(function(n){return i.Log.debug("UserManager._signoutStart: got navigator window handle"),t._loadUser().then(function(o){return i.Log.debug("UserManager._signoutStart: loaded current user from storage"),(t._settings.revokeAccessTokenOnSignout?t._revokeInternal(o):Promise.resolve()).then(function(){var s=e.id_token_hint||o&&o.id_token;return s&&(i.Log.debug("UserManager._signoutStart: Setting id_token into signout request"),e.id_token_hint=s),t.removeUser().then(function(){return i.Log.debug("UserManager._signoutStart: user removed, creating signout request"),t.createSignoutRequest(e).then(function(e){return i.Log.debug("UserManager._signoutStart: got signout request"),r.url=e.url,e.state&&(r.id=e.state.id),n.navigate(r)})})})}).catch(function(e){throw n.close&&(i.Log.debug("UserManager._signoutStart: Error after preparing navigator, closing navigator window"),n.close()),e})})},t.prototype._signoutEnd=function(e){return this.processSignoutResponse(e).then(function(e){return i.Log.debug("UserManager._signoutEnd: got signout response"),e})},t.prototype.revokeAccessToken=function(){var e=this;return this._loadUser().then(function(t){return e._revokeInternal(t,!0).then(function(r){if(r)return i.Log.debug("UserManager.revokeAccessToken: removing token properties from user and re-storing"),t.access_token=null,t.refresh_token=null,t.expires_at=null,t.token_type=null,e.storeUser(t).then(function(){i.Log.debug("UserManager.revokeAccessToken: user stored"),e._events.load(t)})})}).then(function(){i.Log.info("UserManager.revokeAccessToken: access token revoked successfully")})},t.prototype._revokeInternal=function(e,t){var r=this;if(e){var n=e.access_token,o=e.refresh_token;return this._revokeAccessTokenInternal(n,t).then(function(e){return r._revokeRefreshTokenInternal(o,t).then(function(t){return e||t||i.Log.debug("UserManager.revokeAccessToken: no need to revoke due to no token(s), or JWT format"),e||t})})}return Promise.resolve(!1)},t.prototype._revokeAccessTokenInternal=function(e,t){return!e||e.indexOf(".")>=0?Promise.resolve(!1):this._tokenRevocationClient.revoke(e,t).then(function(){return!0})},t.prototype._revokeRefreshTokenInternal=function(e,t){return e?this._tokenRevocationClient.revoke(e,t,"refresh_token").then(function(){return!0}):Promise.resolve(!1)},t.prototype.startSilentRenew=function(){this._silentRenewService.start()},t.prototype.stopSilentRenew=function(){this._silentRenewService.stop()},t.prototype._loadUser=function(){return this._userStore.get(this._userStoreKey).then(function(e){return e?(i.Log.debug("UserManager._loadUser: user storageString loaded"),a.User.fromStorageString(e)):(i.Log.debug("UserManager._loadUser: no user storageString"),null)})},t.prototype.storeUser=function(e){if(e){i.Log.debug("UserManager.storeUser: storing user");var t=e.toStorageString();return this._userStore.set(this._userStoreKey,t)}return i.Log.debug("storeUser.storeUser: removing user"),this._userStore.remove(this._userStoreKey)},n(t,[{key:"_redirectNavigator",get:function(){return this.settings.redirectNavigator}},{key:"_popupNavigator",get:function(){return this.settings.popupNavigator}},{key:"_iframeNavigator",get:function(){return this.settings.iframeNavigator}},{key:"_userStore",get:function(){return this.settings.userStore}},{key:"events",get:function(){return this._events}},{key:"_userStoreKey",get:function(){return"user:"+this.settings.authority+":"+this.settings.client_id}}]),t}(o.OidcClient)},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.UserManagerSettings=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=(r(0),r(5)),o=r(40),s=r(41),a=r(43),u=r(6),c=r(1),h=r(8);t.UserManagerSettings=function(e){function t(){var r=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},n=r.popup_redirect_uri,i=r.popup_post_logout_redirect_uri,l=r.popupWindowFeatures,f=r.popupWindowTarget,d=r.silent_redirect_uri,p=r.silentRequestTimeout,g=r.automaticSilentRenew,y=void 0!==g&&g,v=r.validateSubOnSilentRenew,m=void 0!==v&&v,w=r.includeIdTokenInSilentRenew,_=void 0===w||w,S=r.monitorSession,b=void 0===S||S,E=r.monitorAnonymousSession,F=void 0!==E&&E,A=r.checkSessionInterval,x=void 0===A?2e3:A,k=r.stopCheckSessionOnError,P=void 0===k||k,T=r.query_status_response_type,I=r.revokeAccessTokenOnSignout,R=void 0!==I&&I,C=r.accessTokenExpiringNotificationTime,U=void 0===C?60:C,L=r.redirectNavigator,D=void 0===L?new o.RedirectNavigator:L,N=r.popupNavigator,O=void 0===N?new s.PopupNavigator:N,j=r.iframeNavigator,B=void 0===j?new a.IFrameNavigator:j,H=r.userStore,M=void 0===H?new u.WebStorageStateStore({store:c.Global.sessionStorage}):H;!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,t);var K=function(e,t){if(!e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return!t||"object"!=typeof t&&"function"!=typeof t?e:t}(this,e.call(this,arguments[0]));return K._popup_redirect_uri=n,K._popup_post_logout_redirect_uri=i,K._popupWindowFeatures=l,K._popupWindowTarget=f,K._silent_redirect_uri=d,K._silentRequestTimeout=p,K._automaticSilentRenew=y,K._validateSubOnSilentRenew=m,K._includeIdTokenInSilentRenew=_,K._accessTokenExpiringNotificationTime=U,K._monitorSession=b,K._monitorAnonymousSession=F,K._checkSessionInterval=x,K._stopCheckSessionOnError=P,T?K._query_status_response_type=T:arguments[0]&&arguments[0].response_type?K._query_status_response_type=h.SigninRequest.isOidc(arguments[0].response_type)?"id_token":"code":K._query_status_response_type="id_token",K._revokeAccessTokenOnSignout=R,K._redirectNavigator=D,K._popupNavigator=O,K._iframeNavigator=B,K._userStore=M,K}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function, not "+typeof t);e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}),t&&(Object.setPrototypeOf?Object.setPrototypeOf(e,t):e.__proto__=t)}(t,e),n(t,[{key:"popup_redirect_uri",get:function(){return this._popup_redirect_uri}},{key:"popup_post_logout_redirect_uri",get:function(){return this._popup_post_logout_redirect_uri}},{key:"popupWindowFeatures",get:function(){return this._popupWindowFeatures}},{key:"popupWindowTarget",get:function(){return this._popupWindowTarget}},{key:"silent_redirect_uri",get:function(){return this._silent_redirect_uri}},{key:"silentRequestTimeout",get:function(){return this._silentRequestTimeout}},{key:"automaticSilentRenew",get:function(){return this._automaticSilentRenew}},{key:"validateSubOnSilentRenew",get:function(){return this._validateSubOnSilentRenew}},{key:"includeIdTokenInSilentRenew",get:function(){return this._includeIdTokenInSilentRenew}},{key:"accessTokenExpiringNotificationTime",get:function(){return this._accessTokenExpiringNotificationTime}},{key:"monitorSession",get:function(){return this._monitorSession}},{key:"monitorAnonymousSession",get:function(){return this._monitorAnonymousSession}},{key:"checkSessionInterval",get:function(){return this._checkSessionInterval}},{key:"stopCheckSessionOnError",get:function(){return this._stopCheckSessionOnError}},{key:"query_status_response_type",get:function(){return this._query_status_response_type}},{key:"revokeAccessTokenOnSignout",get:function(){return this._revokeAccessTokenOnSignout}},{key:"redirectNavigator",get:function(){return this._redirectNavigator}},{key:"popupNavigator",get:function(){return this._popupNavigator}},{key:"iframeNavigator",get:function(){return this._iframeNavigator}},{key:"userStore",get:function(){return this._userStore}}]),t}(i.OidcClientSettings)},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.RedirectNavigator=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0);t.RedirectNavigator=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.prepare=function(){return Promise.resolve(this)},e.prototype.navigate=function(e){return e&&e.url?(e.useReplaceToNavigate?window.location.replace(e.url):window.location=e.url,Promise.resolve()):(i.Log.error("RedirectNavigator.navigate: No url provided"),Promise.reject(new Error("No url provided")))},n(e,[{key:"url",get:function(){return window.location.href}}]),e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.PopupNavigator=void 0;var n=r(0),i=r(42);t.PopupNavigator=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.prepare=function(e){var t=new i.PopupWindow(e);return Promise.resolve(t)},e.prototype.callback=function e(t,r,o){n.Log.debug("PopupNavigator.callback");try{return i.PopupWindow.notifyOpener(t,r,o),Promise.resolve()}catch(e){return Promise.reject(e)}},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.PopupWindow=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0),o=r(3);t.PopupWindow=function(){function e(t){var r=this;!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this._promise=new Promise(function(e,t){r._resolve=e,r._reject=t});var n=t.popupWindowTarget||"_blank",o=t.popupWindowFeatures||"location=no,toolbar=no,width=500,height=500,left=100,top=100;";this._popup=window.open("",n,o),this._popup&&(i.Log.debug("PopupWindow.ctor: popup successfully created"),this._checkForPopupClosedTimer=window.setInterval(this._checkForPopupClosed.bind(this),500))}return e.prototype.navigate=function(e){return this._popup?e&&e.url?(i.Log.debug("PopupWindow.navigate: Setting URL in popup"),this._id=e.id,this._id&&(window["popupCallback_"+e.id]=this._callback.bind(this)),this._popup.focus(),this._popup.window.location=e.url):(this._error("PopupWindow.navigate: no url provided"),this._error("No url provided")):this._error("PopupWindow.navigate: Error opening popup window"),this.promise},e.prototype._success=function(e){i.Log.debug("PopupWindow.callback: Successful response from popup window"),this._cleanup(),this._resolve(e)},e.prototype._error=function(e){i.Log.error("PopupWindow.error: ",e),this._cleanup(),this._reject(new Error(e))},e.prototype.close=function(){this._cleanup(!1)},e.prototype._cleanup=function(e){i.Log.debug("PopupWindow.cleanup"),window.clearInterval(this._checkForPopupClosedTimer),this._checkForPopupClosedTimer=null,delete window["popupCallback_"+this._id],this._popup&&!e&&this._popup.close(),this._popup=null},e.prototype._checkForPopupClosed=function(){this._popup&&!this._popup.closed||this._error("Popup window closed")},e.prototype._callback=function(e,t){this._cleanup(t),e?(i.Log.debug("PopupWindow.callback success"),this._success({url:e})):(i.Log.debug("PopupWindow.callback: Invalid response from popup"),this._error("Invalid response from popup"))},e.notifyOpener=function(e,t,r){if(window.opener){if(e=e||window.location.href){var n=o.UrlUtility.parseUrlFragment(e,r);if(n.state){var s="popupCallback_"+n.state,a=window.opener[s];a?(i.Log.debug("PopupWindow.notifyOpener: passing url message to opener"),a(e,t)):i.Log.warn("PopupWindow.notifyOpener: no matching callback found on opener")}else i.Log.warn("PopupWindow.notifyOpener: no state found in response url")}}else i.Log.warn("PopupWindow.notifyOpener: no window.opener. Can't complete notification.")},n(e,[{key:"promise",get:function(){return this._promise}}]),e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.IFrameNavigator=void 0;var n=r(0),i=r(44);t.IFrameNavigator=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.prepare=function(e){var t=new i.IFrameWindow(e);return Promise.resolve(t)},e.prototype.callback=function e(t){n.Log.debug("IFrameNavigator.callback");try{return i.IFrameWindow.notifyParent(t),Promise.resolve()}catch(e){return Promise.reject(e)}},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.IFrameWindow=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0);t.IFrameWindow=function(){function e(t){var r=this;!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this._promise=new Promise(function(e,t){r._resolve=e,r._reject=t}),this._boundMessageEvent=this._message.bind(this),window.addEventListener("message",this._boundMessageEvent,!1),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.width=0,this._frame.height=0,window.document.body.appendChild(this._frame)}return e.prototype.navigate=function(e){if(e&&e.url){var t=e.silentRequestTimeout||1e4;i.Log.debug("IFrameWindow.navigate: Using timeout of:",t),this._timer=window.setTimeout(this._timeout.bind(this),t),this._frame.src=e.url}else this._error("No url provided");return this.promise},e.prototype._success=function(e){this._cleanup(),i.Log.debug("IFrameWindow: Successful response from frame window"),this._resolve(e)},e.prototype._error=function(e){this._cleanup(),i.Log.error(e),this._reject(new Error(e))},e.prototype.close=function(){this._cleanup()},e.prototype._cleanup=function(){this._frame&&(i.Log.debug("IFrameWindow: cleanup"),window.removeEventListener("message",this._boundMessageEvent,!1),window.clearTimeout(this._timer),window.document.body.removeChild(this._frame),this._timer=null,this._frame=null,this._boundMessageEvent=null)},e.prototype._timeout=function(){i.Log.debug("IFrameWindow.timeout"),this._error("Frame window timed out")},e.prototype._message=function(e){if(i.Log.debug("IFrameWindow.message"),this._timer&&e.origin===this._origin&&e.source===this._frame.contentWindow&&"string"==typeof e.data&&(e.data.startsWith("http://")||e.data.startsWith("https://"))){var t=e.data;t?this._success({url:t}):this._error("Invalid response from frame")}},e.notifyParent=function(e){i.Log.debug("IFrameWindow.notifyParent"),(e=e||window.location.href)&&(i.Log.debug("IFrameWindow.notifyParent: posting url message to parent"),window.parent.postMessage(e,location.protocol+"//"+location.host))},n(e,[{key:"promise",get:function(){return this._promise}},{key:"_origin",get:function(){return location.protocol+"//"+location.host}}]),e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.UserManagerEvents=void 0;var n=r(0),i=r(16),o=r(17);t.UserManagerEvents=function(e){function t(r){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,t);var n=function(e,t){if(!e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return!t||"object"!=typeof t&&"function"!=typeof t?e:t}(this,e.call(this,r));return n._userLoaded=new o.Event("User loaded"),n._userUnloaded=new o.Event("User unloaded"),n._silentRenewError=new o.Event("Silent renew error"),n._userSignedIn=new o.Event("User signed in"),n._userSignedOut=new o.Event("User signed out"),n._userSessionChanged=new o.Event("User session changed"),n}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function, not "+typeof t);e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}),t&&(Object.setPrototypeOf?Object.setPrototypeOf(e,t):e.__proto__=t)}(t,e),t.prototype.load=function(t){var r=!(arguments.length>1&&void 0!==arguments[1])||arguments[1];n.Log.debug("UserManagerEvents.load"),e.prototype.load.call(this,t),r&&this._userLoaded.raise(t)},t.prototype.unload=function(){n.Log.debug("UserManagerEvents.unload"),e.prototype.unload.call(this),this._userUnloaded.raise()},t.prototype.addUserLoaded=function(e){this._userLoaded.addHandler(e)},t.prototype.removeUserLoaded=function(e){this._userLoaded.removeHandler(e)},t.prototype.addUserUnloaded=function(e){this._userUnloaded.addHandler(e)},t.prototype.removeUserUnloaded=function(e){this._userUnloaded.removeHandler(e)},t.prototype.addSilentRenewError=function(e){this._silentRenewError.addHandler(e)},t.prototype.removeSilentRenewError=function(e){this._silentRenewError.removeHandler(e)},t.prototype._raiseSilentRenewError=function(e){n.Log.debug("UserManagerEvents._raiseSilentRenewError",e.message),this._silentRenewError.raise(e)},t.prototype.addUserSignedIn=function(e){this._userSignedIn.addHandler(e)},t.prototype.removeUserSignedIn=function(e){this._userSignedIn.removeHandler(e)},t.prototype._raiseUserSignedIn=function(){n.Log.debug("UserManagerEvents._raiseUserSignedIn"),this._userSignedIn.raise()},t.prototype.addUserSignedOut=function(e){this._userSignedOut.addHandler(e)},t.prototype.removeUserSignedOut=function(e){this._userSignedOut.removeHandler(e)},t.prototype._raiseUserSignedOut=function(){n.Log.debug("UserManagerEvents._raiseUserSignedOut"),this._userSignedOut.raise()},t.prototype.addUserSessionChanged=function(e){this._userSessionChanged.addHandler(e)},t.prototype.removeUserSessionChanged=function(e){this._userSessionChanged.removeHandler(e)},t.prototype._raiseUserSessionChanged=function(){n.Log.debug("UserManagerEvents._raiseUserSessionChanged"),this._userSessionChanged.raise()},t}(i.AccessTokenEvents)},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.Timer=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0),o=r(1),s=r(17);t.Timer=function(e){function t(r){var n=arguments.length>1&&void 0!==arguments[1]?arguments[1]:o.Global.timer,i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:void 0;!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,t);var s=function(e,t){if(!e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return!t||"object"!=typeof t&&"function"!=typeof t?e:t}(this,e.call(this,r));return s._timer=n,s._nowFunc=i||function(){return Date.now()/1e3},s}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function, not "+typeof t);e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}),t&&(Object.setPrototypeOf?Object.setPrototypeOf(e,t):e.__proto__=t)}(t,e),t.prototype.init=function(e){e<=0&&(e=1),e=parseInt(e);var t=this.now+e;if(this.expiration===t&&this._timerHandle)i.Log.debug("Timer.init timer "+this._name+" skipping initialization since already initialized for expiration:",this.expiration);else{this.cancel(),i.Log.debug("Timer.init timer "+this._name+" for duration:",e),this._expiration=t;var r=5;e<r&&(r=e),this._timerHandle=this._timer.setInterval(this._callback.bind(this),1e3*r)}},t.prototype.cancel=function(){this._timerHandle&&(i.Log.debug("Timer.cancel: ",this._name),this._timer.clearInterval(this._timerHandle),this._timerHandle=null)},t.prototype._callback=function(){var t=this._expiration-this.now;i.Log.debug("Timer.callback; "+this._name+" timer expires in:",t),this._expiration<=this.now&&(this.cancel(),e.prototype.raise.call(this))},n(t,[{key:"now",get:function(){return parseInt(this._nowFunc())}},{key:"expiration",get:function(){return this._expiration}}]),t}(s.Event)},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.SilentRenewService=void 0;var n=r(0);t.SilentRenewService=function(){function e(t){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this._userManager=t}return e.prototype.start=function(){this._callback||(this._callback=this._tokenExpiring.bind(this),this._userManager.events.addAccessTokenExpiring(this._callback),this._userManager.getUser().then(function(e){}).catch(function(e){n.Log.error("SilentRenewService.start: Error from getUser:",e.message)}))},e.prototype.stop=function(){this._callback&&(this._userManager.events.removeAccessTokenExpiring(this._callback),delete this._callback)},e.prototype._tokenExpiring=function(){var e=this;this._userManager.signinSilent().then(function(e){n.Log.debug("SilentRenewService._tokenExpiring: Silent token renewal successful")},function(t){n.Log.error("SilentRenewService._tokenExpiring: Error from signinSilent:",t.message),e._userManager.events._raiseSilentRenewError(t)})},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.CordovaPopupNavigator=void 0;var n=r(21);t.CordovaPopupNavigator=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.prepare=function(e){var t=new n.CordovaPopupWindow(e);return Promise.resolve(t)},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.CordovaIFrameNavigator=void 0;var n=r(21);t.CordovaIFrameNavigator=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.prepare=function(e){e.popupWindowFeatures="hidden=yes";var t=new n.CordovaPopupWindow(e);return Promise.resolve(t)},e}()},function(e,t,r){Object.defineProperty(t,"__esModule",{value:!0}),t.Version="1.11.6"}])},e.exports=t()}(Nr)),Nr.exports);function jr(e,t){if("string"!=typeof e.client_id)throw new Error(`Dynamic client registration failed: no client_id has been found on ${JSON.stringify(e)}`);if(t.redirectUrl&&function(e){return Array.isArray(e.redirect_uris)&&e.redirect_uris.every(e=>"string"==typeof e)}(e)&&e.redirect_uris[0]!==t.redirectUrl.toString())throw new Error(`Dynamic client registration failed: the returned redirect URIs ${JSON.stringify(e.redirect_uris)} don't match the provided ${JSON.stringify([t.redirectUrl.toString()])}`);return!0}async function Br(e,t){if(!t.registrationEndpoint)throw new Error("Dynamic Registration could not be completed because the issuer has no registration endpoint.");if(!Array.isArray(t.idTokenSigningAlgValuesSupported))throw new Error("The OIDC issuer discovery profile is missing the 'id_token_signing_alg_values_supported' value, which is mandatory.");const r=(n=t.idTokenSigningAlgValuesSupported,Vt.find(e=>n.includes(e))??null);var n;const i={client_name:e.clientName,application_type:"web",redirect_uris:[e.redirectUrl?.toString()],subject_type:"public",token_endpoint_auth_method:"client_secret_basic",id_token_signed_response_alg:r,grant_types:["authorization_code","refresh_token"]},o=await fetch(t.registrationEndpoint.toString(),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(i)});if(o.ok){const t=await o.json();return jr(t,e),{clientId:t.client_id,clientSecret:t.client_secret,expiresAt:t.client_secret_expires_at,idTokenSignedResponseAlg:t.id_token_signed_response_alg,clientType:"dynamic"}}throw 400===o.status&&function(e,t){if("invalid_redirect_uri"===e.error)throw new Error(`Dynamic client registration failed: the provided redirect uri [${t.redirectUrl?.toString()}] is invalid - ${e.error_description??""}`);if("invalid_client_metadata"===e.error)throw new Error(`Dynamic client registration failed: the provided client metadata ${JSON.stringify(t)} is invalid - ${e.error_description??""}`);throw new Error(`Dynamic client registration failed: ${e.error} - ${e.error_description??""}`)}(await o.json(),e),new Error(`Dynamic client registration failed: the server returned ${o.status} ${o.statusText} - ${await o.text()}`)}function Hr(e){return void 0!==e.error_description&&"string"==typeof e.error_description}function Mr(e,t){if(void 0!==(r=e).error&&"string"==typeof r.error)throw new _r(`Token endpoint returned error [${e.error}]${Hr(e)?`: ${e.error_description}`:""}${function(e){return void 0!==e.error_uri&&"string"==typeof e.error_uri}(e)?` (see ${e.error_uri})`:""}`,e.error,Hr(e)?e.error_description:void 0);var r;if(!function(e){return void 0!==e.access_token&&"string"==typeof e.access_token}(e))throw new wr(["access_token"]);if(!function(e){return void 0!==e.id_token&&"string"==typeof e.id_token}(e))throw new wr(["id_token"]);if(!function(e){return void 0!==e.token_type&&"string"==typeof e.token_type}(e))throw new wr(["token_type"]);if(!function(e){return void 0===e.expires_in||"number"==typeof e.expires_in}(e))throw new wr(["expires_in"]);if(!t&&"bearer"!==e.token_type.toLowerCase())throw new Error(`Invalid token endpoint response: requested a [Bearer] token, but got a 'token_type' value of [${e.token_type}].`);return e}async function Kr(e,t,r,n){!function(e,t){if(t.grantType&&(!e.grantTypesSupported||!e.grantTypesSupported.includes(t.grantType)))throw new Error(`The issuer [${e.issuer}] does not support the [${t.grantType}] grant`);if(!e.tokenEndpoint)throw new Error(`This issuer [${e.issuer}] does not have a token endpoint`)}(e,r);const i={"content-type":"application/x-www-form-urlencoded"};let o;n&&(o=await async function(){const{privateKey:e,publicKey:t}=await Nt(Vt[0]),r={privateKey:e,publicKey:await ot(t)};return[r.publicKey.alg]=Vt,r}(),i.DPoP=await br(e.tokenEndpoint,"POST",o)),t.clientSecret&&(i.Authorization=`Basic ${btoa(`${t.clientId}:${t.clientSecret}`)}`);const s={grant_type:r.grantType,redirect_uri:r.redirectUrl,code:r.code,code_verifier:r.codeVerifier,client_id:t.clientId},a={method:"POST",headers:i,body:new URLSearchParams(s).toString()},u=await fetch(e.tokenEndpoint,a),c=Mr(await u.json(),n),{webId:h,clientId:l}=await er(c.id_token,e.jwksUri,e.issuer,t.clientId);return{accessToken:c.access_token,idToken:c.id_token,refreshToken:(f=c,void 0!==f.refresh_token&&"string"==typeof f.refresh_token?c.refresh_token:void 0),webId:h,clientId:l,dpopKey:o,expiresIn:c.expires_in};var f}async function Vr(e,t,r,n){if(void 0===r.clientId)throw new Error("No client ID available when trying to refresh the access token.");const i={grant_type:"refresh_token",refresh_token:e};let o={};void 0!==n&&(o={DPoP:await br(t.tokenEndpoint,"POST",n)});let s={};void 0!==r.clientSecret?s={Authorization:`Basic ${btoa(`${r.clientId}:${r.clientSecret}`)}`}:(e=>{try{return new URL(e),!0}catch{return!1}})(r.clientId)&&(i.client_id=r.clientId);const a=await fetch(t.tokenEndpoint,{method:"POST",body:new URLSearchParams(i).toString(),headers:{...o,...s,"Content-Type":"application/x-www-form-urlencoded"}});let u;try{u=await a.json()}catch(e){throw new Error(`The token endpoint of issuer ${t.issuer} returned a malformed response.`)}const c=Mr(u,void 0!==n),{webId:h}=await er(c.id_token,t.jwksUri,t.issuer,r.clientId);return{accessToken:c.access_token,idToken:c.id_token,refreshToken:"string"==typeof c.refresh_token?c.refresh_token:void 0,webId:h,dpopKey:n,expiresIn:c.expires_in}}class qr extends yr{constructor(e,t){super(e,t)}}class Jr extends pr{login=async(e,t)=>{"none"!==e.prompt&&await this.sessionInfoManager.clear(e.sessionId);const r=e.redirectUrl??function(e){const t=rr(e);return t.hash="",e.includes(`${t.origin}/`)?t.href:`${t.origin}${t.href.substring(t.origin.length+1)}`}(window.location.href);if(!tr(r))throw new Error(`${r} is not a valid redirect URL, it is either a malformed IRI, includes a hash fragment, or reserved query parameters ('code' or 'state').`);await this.loginHandler.handle({...e,redirectUrl:r,clientName:e.clientName??e.clientId,eventEmitter:t})};validateCurrentSession=async e=>{const t=await this.sessionInfoManager.get(e);return void 0===t||void 0===t.clientAppId||void 0===t.issuer?null:t};handleIncomingRedirect=async(e,t)=>{try{const r=await this.redirectHandler.handle(e,t,void 0);return this.fetch=r.fetch.bind(window),this.boundLogout=r.getLogoutUrl,await this.cleanUrlAfterRedirect(e),{isLoggedIn:r.isLoggedIn,webId:r.webId,sessionId:r.sessionId,expirationDate:r.expirationDate,clientAppId:r.clientAppId}}catch(r){return await this.cleanUrlAfterRedirect(e),void t.emit(qt,"redirect",r)}};async cleanUrlAfterRedirect(e){const t=rr(e).href;for(window.history.replaceState(null,"",t);window.location.href!==t;)await new Promise(e=>{setTimeout(()=>e(),1)})}}function Wr(e){return"string"==typeof e.oidcIssuer}function $r(e){return"string"==typeof e.redirectUrl}class Yr{storageUtility;oidcHandler;issuerConfigFetcher;clientRegistrar;constructor(e,t,r,n){this.storageUtility=e,this.oidcHandler=t,this.issuerConfigFetcher=r,this.clientRegistrar=n,this.storageUtility=e,this.oidcHandler=t,this.issuerConfigFetcher=r,this.clientRegistrar=n}async canHandle(e){return Wr(e)&&$r(e)}async handle(e){if(!Wr(e))throw new mr(`OidcLoginHandler requires an OIDC issuer: missing property 'oidcIssuer' in ${JSON.stringify(e)}`);if(!$r(e))throw new mr(`OidcLoginHandler requires a redirect URL: missing property 'redirectUrl' in ${JSON.stringify(e)}`);const t=await this.issuerConfigFetcher.fetchConfig(e.oidcIssuer),r=await fr(e,t,this.storageUtility,this.clientRegistrar),n={issuer:t.issuer,dpop:"dpop"===e.tokenType.toLowerCase(),...e,issuerConfiguration:t,client:r,scopes:(i=e.customScopes,Array.isArray(i)?Array.from(new Set([...Qt,...i.filter(e=>"string"==typeof e&&!e.includes(" "))])):Qt)};var i;return this.oidcHandler.handle(n)}}class zr extends nr{async handle(e){const t={authority:e.issuer.toString(),client_id:e.client.clientId,client_secret:e.client.clientSecret,redirect_uri:e.redirectUrl,response_type:"code",scope:e.scopes.join(" "),filterProtocolClaims:!0,loadUserInfo:!1,code_verifier:!0,prompt:e.prompt??"consent"},r=new Or.OidcClient(t);try{const t=await r.createSigninRequest();return await this.setupRedirectHandler({oidcLoginOptions:e,state:t.state._id,codeVerifier:t.state._code_verifier,targetUrl:t.url.toString()})}catch(e){console.error(e)}}}const Gr={issuer:{toKey:"issuer",convertToUrl:!0},authorization_endpoint:{toKey:"authorizationEndpoint",convertToUrl:!0},token_endpoint:{toKey:"tokenEndpoint",convertToUrl:!0},userinfo_endpoint:{toKey:"userinfoEndpoint",convertToUrl:!0},jwks_uri:{toKey:"jwksUri",convertToUrl:!0},registration_endpoint:{toKey:"registrationEndpoint",convertToUrl:!0},end_session_endpoint:{toKey:"endSessionEndpoint",convertToUrl:!0},scopes_supported:{toKey:"scopesSupported"},response_types_supported:{toKey:"responseTypesSupported"},response_modes_supported:{toKey:"responseModesSupported"},grant_types_supported:{toKey:"grantTypesSupported"},acr_values_supported:{toKey:"acrValuesSupported"},subject_types_supported:{toKey:"subjectTypesSupported"},id_token_signing_alg_values_supported:{toKey:"idTokenSigningAlgValuesSupported"},id_token_encryption_alg_values_supported:{toKey:"idTokenEncryptionAlgValuesSupported"},id_token_encryption_enc_values_supported:{toKey:"idTokenEncryptionEncValuesSupported"},userinfo_signing_alg_values_supported:{toKey:"userinfoSigningAlgValuesSupported"},userinfo_encryption_alg_values_supported:{toKey:"userinfoEncryptionAlgValuesSupported"},userinfo_encryption_enc_values_supported:{toKey:"userinfoEncryptionEncValuesSupported"},request_object_signing_alg_values_supported:{toKey:"requestObjectSigningAlgValuesSupported"},request_object_encryption_alg_values_supported:{toKey:"requestObjectEncryptionAlgValuesSupported"},request_object_encryption_enc_values_supported:{toKey:"requestObjectEncryptionEncValuesSupported"},token_endpoint_auth_methods_supported:{toKey:"tokenEndpointAuthMethodsSupported"},token_endpoint_auth_signing_alg_values_supported:{toKey:"tokenEndpointAuthSigningAlgValuesSupported"},display_values_supported:{toKey:"displayValuesSupported"},claim_types_supported:{toKey:"claimTypesSupported"},claims_supported:{toKey:"claimsSupported"},service_documentation:{toKey:"serviceDocumentation"},claims_locales_supported:{toKey:"claimsLocalesSupported"},ui_locales_supported:{toKey:"uiLocalesSupported"},claims_parameter_supported:{toKey:"claimsParameterSupported"},request_parameter_supported:{toKey:"requestParameterSupported"},request_uri_parameter_supported:{toKey:"requestUriParameterSupported"},require_request_uri_registration:{toKey:"requireRequestUriRegistration"},op_policy_uri:{toKey:"opPolicyUri",convertToUrl:!0},op_tos_uri:{toKey:"opTosUri",convertToUrl:!0}};class Xr{storageUtility;constructor(e){this.storageUtility=e,this.storageUtility=e}static getLocalStorageKey(e){return`issuerConfig:${e}`}async fetchConfig(e){let t;const r=new URL(".well-known/openid-configuration",e.endsWith("/")?e:`${e}/`).href,n=await fetch(r);try{t=function(e){const t={};return Object.keys(e).forEach(r=>{Gr[r]&&(t[Gr[r].toKey]=e[r])}),Array.isArray(t.scopesSupported)||(t.scopesSupported=["openid"]),t}(await n.json())}catch(t){throw new mr(`[${e.toString()}] has an invalid configuration: ${t.message}`)}return await this.storageUtility.set(Xr.getLocalStorageKey(e),JSON.stringify(t)),t}}async function Qr(e,t){await ur(e,t),await async function(){const e=new Or.OidcClient({response_mode:"query"});await e.clearStaleState(new Or.WebStorageStateStore({}));const t=window.localStorage,r=[];for(let e=0;e<=t.length;e+=1){const n=t.key(e);n&&(n.match(/^oidc\..+$/)||n.match(/^solidClientAuthenticationUser:.+$/))&&r.push(n)}r.forEach(e=>t.removeItem(e))}()}class Zr extends cr{async get(e){const[t,r,n,i,o,s,a,u]=await Promise.all([this.storageUtility.getForUser(e,"isLoggedIn",{secure:!0}),this.storageUtility.getForUser(e,"webId",{secure:!0}),this.storageUtility.getForUser(e,"clientId",{secure:!1}),this.storageUtility.getForUser(e,"clientSecret",{secure:!1}),this.storageUtility.getForUser(e,"redirectUrl",{secure:!1}),this.storageUtility.getForUser(e,"refreshToken",{secure:!0}),this.storageUtility.getForUser(e,"issuer",{secure:!1}),this.storageUtility.getForUser(e,"tokenType",{secure:!1})]);if("string"!=typeof o||tr(o)){if(void 0!==u&&("string"!=typeof(c=u)||!["DPoP","Bearer"].includes(c)))throw new Error(`Tokens of type [${u}] are not supported.`);var c;if(void 0!==n||void 0!==t||void 0!==r||void 0!==s)return{sessionId:e,webId:r,isLoggedIn:"true"===t,redirectUrl:o,refreshToken:s,issuer:a,clientAppId:n,clientAppSecret:i,tokenType:u??"DPoP"}}else await Promise.all([this.storageUtility.deleteAllUserData(e,{secure:!1}),this.storageUtility.deleteAllUserData(e,{secure:!0})])}async clear(e){return Qr(e,this.storageUtility)}}class en{async canHandle(e){try{return new URL(e),!0}catch(t){throw new Error(`[${e}] is not a valid URL, and cannot be used as a redirect URL: ${t}`)}}async handle(e){return ar()}}class tn{storageUtility;sessionInfoManager;issuerConfigFetcher;clientRegistrar;tokerRefresher;constructor(e,t,r,n,i){this.storageUtility=e,this.sessionInfoManager=t,this.issuerConfigFetcher=r,this.clientRegistrar=n,this.tokerRefresher=i,this.storageUtility=e,this.sessionInfoManager=t,this.issuerConfigFetcher=r,this.clientRegistrar=n,this.tokerRefresher=i}async canHandle(e){try{const t=new URL(e);return null!==t.searchParams.get("code")&&null!==t.searchParams.get("state")}catch(t){throw new Error(`[${e}] is not a valid URL, and cannot be used as a redirect URL: ${t}`)}}async handle(e,t){if(!await this.canHandle(e))throw new Error(`AuthCodeRedirectHandler cannot handle [${e}]: it is missing one of [code, state].`);const r=new URL(e),n=r.searchParams.get("state"),i=await this.storageUtility.getForUser(n,"sessionId",{errorIfNull:!0}),{issuerConfig:o,codeVerifier:s,redirectUrl:a,dpop:u}=await gr(i,this.storageUtility,this.issuerConfigFetcher),c=r.searchParams.get("iss");if("string"==typeof c&&c!==o.issuer)throw new Error(`The value of the iss parameter (${c}) does not match the issuer identifier of the authorization server (${o.issuer}). See [rfc9207](https://www.rfc-editor.org/rfc/rfc9207.html#section-2.3-3.1.1)`);if(void 0===s)throw new Error(`The code verifier for session ${i} is missing from storage.`);if(void 0===a)throw new Error(`The redirect URL for session ${i} is missing from storage.`);const h=await this.clientRegistrar.getClient({sessionId:i},o),l=Date.now(),f=await Kr(o,h,{grantType:"authorization_code",code:r.searchParams.get("code"),codeVerifier:s,redirectUrl:a},u);let d;window.localStorage.removeItem(`oidc.${n}`),void 0!==f.refreshToken&&(d={sessionId:i,refreshToken:f.refreshToken,tokenRefresher:this.tokerRefresher});const p=xr(f.accessToken,{dpopKey:f.dpopKey,refreshOptions:d,eventEmitter:t,expiresIn:f.expiresIn});await async function(e,t,r,n,i,o,s,a){void 0!==o&&await e.setForUser(t,{refreshToken:o},{secure:s}),void 0!==r&&await e.setForUser(t,{webId:r},{secure:s}),void 0!==n&&await e.setForUser(t,{clientId:n},{secure:s}),void 0!==i&&await e.setForUser(t,{isLoggedIn:i},{secure:s}),void 0!==a&&await e.setForUser(t,{publicKey:JSON.stringify(a.publicKey),privateKey:JSON.stringify(await ot(a.privateKey))},{secure:s})}(this.storageUtility,i,f.webId,f.clientId,"true",void 0,!0);const g=await this.sessionInfoManager.get(i);if(!g)throw new Error(`Could not retrieve session: [${i}].`);return Object.assign(g,{fetch:p,getLogoutUrl:hr({idTokenHint:f.idToken,endSessionEndpoint:o.endSessionEndpoint}),expirationDate:"number"==typeof f.expiresIn?l+1e3*f.expiresIn:void 0})}}class rn extends Zt{constructor(e){super(e)}}class nn{get storage(){return window.localStorage}async get(e){return this.storage.getItem(e)||void 0}async set(e,t){this.storage.setItem(e,t)}async delete(e){this.storage.removeItem(e)}}class on{redirect(e,t){t&&t.handleRedirect?t.handleRedirect(e):t&&t.redirectByReplacingState?window.history.replaceState({},"",e):window.location.href=e}}class sn{storageUtility;constructor(e){this.storageUtility=e,this.storageUtility=e}async getClient(e,t){const[r,n,i,o,s]=await Promise.all([this.storageUtility.getForUser(e.sessionId,"clientId",{secure:!1}),this.storageUtility.getForUser(e.sessionId,"clientSecret",{secure:!1}),this.storageUtility.getForUser(e.sessionId,"expiresAt",{secure:!1}),this.storageUtility.getForUser(e.sessionId,"clientName",{secure:!1}),this.storageUtility.getForUser(e.sessionId,"clientType",{secure:!1})]),a=void 0!==i?Number.parseInt(i,10):-1,u=void 0!==n&&0!==a&&Math.floor(Date.now()/1e3)>a;if(r&&("string"==typeof(c=s)&&["dynamic","static","solid-oidc"].includes(c))&&!u)return void 0!==n?{clientId:r,clientSecret:n,clientName:o,clientType:"dynamic",expiresAt:a}:{clientId:r,clientName:o,clientType:s};var c;try{const r=await Br(e,t),n={clientId:r.clientId,clientType:"dynamic"};return void 0!==r.clientSecret&&(n.clientSecret=r.clientSecret,n.expiresAt=String(r.expiresAt)),r.idTokenSignedResponseAlg&&(n.idTokenSignedResponseAlg=r.idTokenSignedResponseAlg),await this.storageUtility.setForUser(e.sessionId,n,{secure:!1}),r}catch(e){throw new Error("Client registration failed.",{cause:e})}}}class an{async canHandle(e){try{return new URL(e).searchParams.has("error")}catch(t){throw new Error(`[${e}] is not a valid URL, and cannot be used as a redirect URL: ${t}`)}}async handle(e,t){if(void 0!==t){const r=new URL(e),n=r.searchParams.get("error"),i=r.searchParams.get("error_description");t.emit(qt,n,i)}return ar()}}class un{storageUtility;issuerConfigFetcher;clientRegistrar;constructor(e,t,r){this.storageUtility=e,this.issuerConfigFetcher=t,this.clientRegistrar=r,this.storageUtility=e,this.issuerConfigFetcher=t,this.clientRegistrar=r}async refresh(e,t,r,n){const i=await gr(e,this.storageUtility,this.issuerConfigFetcher),o=await this.clientRegistrar.getClient({sessionId:e},i.issuerConfig);if(void 0===t)throw new Error(`Session [${e}] has no refresh token to allow it to refresh its access token.`);if(i.dpop&&void 0===r)throw new Error(`For session [${e}], the key bound to the DPoP access token must be provided to refresh said access token.`);const s=await Vr(t,i.issuerConfig,o,r);return void 0!==s.refreshToken&&n?.emit($t,s.refreshToken),s}}function cn(e){const t=new vr,r=e.secureStorage||t,n=e.insecureStorage||new nn,i=new qr(r,n),o=new Xr(i),s=new sn(i),a=new Zr(i),u=new un(i,o,s),c=new on,h=new Yr(i,new zr(i,c),o,s),l=new rn([new an,new tn(i,a,o,s,u),new en]);return new Jr(h,l,new sr(a,c),a,o)}const hn=`${Kt}currentSession`,ln=`${Kt}currentUrl`;const fn=new class{info;events;clientAuthentication;tokenRequestInProgress=!1;constructor(e={},t=void 0){this.events=new Pr,e.clientAuthentication?this.clientAuthentication=e.clientAuthentication:e.secureStorage&&e.insecureStorage?this.clientAuthentication=cn({secureStorage:e.secureStorage,insecureStorage:e.insecureStorage}):this.clientAuthentication=cn({}),e.sessionInfo?this.info={sessionId:e.sessionInfo.sessionId,isLoggedIn:!1,webId:e.sessionInfo.webId,clientAppId:e.sessionInfo.clientAppId}:this.info={sessionId:t??Mt(),isLoggedIn:!1},this.events.on(Jt,()=>window.localStorage.setItem(hn,this.info.sessionId)),this.events.on(Yt,()=>this.internalLogout(!1)),this.events.on(qt,()=>this.internalLogout(!1))}login=async e=>(await this.clientAuthentication.login({sessionId:this.info.sessionId,...e,tokenType:e.tokenType??"DPoP"},this.events),new Promise(()=>{}));fetch=(e,t)=>this.clientAuthentication.fetch(e,t);internalLogout=async(e,t)=>{window.localStorage.removeItem(hn),await this.clientAuthentication.logout(this.info.sessionId,t),this.info.isLoggedIn=!1,e&&this.events.emit(Wt)};logout=async e=>this.internalLogout(!0,e);handleIncomingRedirect=async(e={})=>{if(this.info.isLoggedIn)return this.info;if(this.tokenRequestInProgress)return;const t="string"==typeof e?{url:e}:e,r=t.url??window.location.href;this.tokenRequestInProgress=!0;const n=await this.clientAuthentication.handleIncomingRedirect(r,this.events);if(function(e){return!!e?.isLoggedIn}(n)){this.setSessionInfo(n);const e=window.localStorage.getItem(ln);null===e?this.events.emit(Jt):(window.localStorage.removeItem(ln),this.events.emit(Gt,e))}else if(!0===t.restorePreviousSession){const e=window.localStorage.getItem(hn);if(null!==e){if(await async function(e,t,r){const n=await t.validateCurrentSession(e);return null!==n&&(window.localStorage.setItem(ln,window.location.href),await t.login({sessionId:e,prompt:"none",oidcIssuer:n.issuer,redirectUrl:n.redirectUrl,clientId:n.clientAppId,clientSecret:n.clientAppSecret,tokenType:n.tokenType??"DPoP"},r.events),!0)}(e,this.clientAuthentication,this))return new Promise(()=>{})}}return this.tokenRequestInProgress=!1,n};setSessionInfo(e){this.info.isLoggedIn=e.isLoggedIn,this.info.webId=e.webId,this.info.sessionId=e.sessionId,this.info.clientAppId=e.clientAppId,this.info.expirationDate=e.expirationDate,this.events.on(zt,e=>{this.info.expirationDate=Date.now()+1e3*e})}};var dn,pn;var gn=function(){if(pn)return dn;pn=1;const e={acl:"http://www.w3.org/ns/auth/acl#",arg:"http://www.w3.org/ns/pim/arg#",as:"https://www.w3.org/ns/activitystreams#",bookmark:"http://www.w3.org/2002/01/bookmark#",cal:"http://www.w3.org/2002/12/cal/ical#",cco:"http://www.ontologyrepository.com/CommonCoreOntologies/",cert:"http://www.w3.org/ns/auth/cert#",contact:"http://www.w3.org/2000/10/swap/pim/contact#",dc:"http://purl.org/dc/elements/1.1/",dct:"http://purl.org/dc/terms/",doap:"http://usefulinc.com/ns/doap#",foaf:"http://xmlns.com/foaf/0.1/",geo:"http://www.w3.org/2003/01/geo/wgs84_pos#",gpx:"http://www.w3.org/ns/pim/gpx#",gr:"http://purl.org/goodrelations/v1#",http:"http://www.w3.org/2007/ont/http#",httph:"http://www.w3.org/2007/ont/httph#",icalTZ:"http://www.w3.org/2002/12/cal/icaltzd#",ldp:"http://www.w3.org/ns/ldp#",link:"http://www.w3.org/2007/ont/link#",log:"http://www.w3.org/2000/10/swap/log#",meeting:"http://www.w3.org/ns/pim/meeting#",mo:"http://purl.org/ontology/mo/",org:"http://www.w3.org/ns/org#",owl:"http://www.w3.org/2002/07/owl#",pad:"http://www.w3.org/ns/pim/pad#",patch:"http://www.w3.org/ns/pim/patch#",prov:"http://www.w3.org/ns/prov#",pto:"http://www.productontology.org/id/",qu:"http://www.w3.org/2000/10/swap/pim/qif#",trip:"http://www.w3.org/ns/pim/trip#",rdf:"http://www.w3.org/1999/02/22-rdf-syntax-ns#",rdfs:"http://www.w3.org/2000/01/rdf-schema#",rss:"http://purl.org/rss/1.0/",sched:"http://www.w3.org/ns/pim/schedule#",schema:"http://schema.org/",sioc:"http://rdfs.org/sioc/ns#",skos:"http://www.w3.org/2004/02/skos/core#",solid:"http://www.w3.org/ns/solid/terms#",space:"http://www.w3.org/ns/pim/space#",stat:"http://www.w3.org/ns/posix/stat#",tab:"http://www.w3.org/2007/ont/link#",tabont:"http://www.w3.org/2007/ont/link#",ui:"http://www.w3.org/ns/ui#",vann:"http://purl.org/vocab/vann/",vcard:"http://www.w3.org/2006/vcard/ns#",wf:"http://www.w3.org/2005/01/wf/flow#",xsd:"http://www.w3.org/2001/XMLSchema#"};return dn=function(t={namedNode:e=>e}){const r={};for(const n in e){const i=e[n];r[n]=function(e=""){return t.namedNode(i+e)}}return r},dn}();const yn=Lr(gn)(d),vn=a.sym("http://www.iana.org/assignments/link-relations/acl");function mn(e){const t=yn;function r(e,r,n,i={}){const o=i.public||[],s=a.graph(),u=a.Namespace("http://www.w3.org/ns/auth/acl#");let c=s.sym(`${n}#a1`);const h=s.sym(n),l=s.sym(e);if(s.add(c,t.rdf("type"),u("Authorization"),h),s.add(c,u("accessTo"),l,h),i.defaultForNew&&s.add(c,u("default"),l,h),s.add(c,u("agent"),r,h),s.add(c,u("mode"),u("Read"),h),s.add(c,u("mode"),u("Write"),h),s.add(c,u("mode"),u("Control"),h),o.length){c=s.sym(`${n}#a2`),s.add(c,t.rdf("type"),u("Authorization"),h),s.add(c,u("accessTo"),l,h),s.add(c,u("agentClass"),t.foaf("Agent"),h);for(let e=0;e<o.length;e++)s.add(c,u("mode"),u(o[e]),h)}return a.serialize(h,s,n)}return{findAclDocUrl:async function(t){await e.fetcher.load(t);const r=e.any(t,vn);if(!r)throw new Error(`No ACL link discovered for ${t}`);return r.value},setACLUserPublic:function(t,n,i){const o=e.any(e.sym(t),vn);return Promise.resolve().then(()=>o||function(t){const r=e.fetcher;if(!r)throw new Error("Cannot fetch ACL rel, store has no fetcher");return r.load(t).then(r=>{if(!r.ok)throw new Error("fetchACLRel: While loading:"+r.error);const n=e.any(e.sym(t),vn);if(!n)throw new Error("fetchACLRel: No Link rel=ACL header for "+t);return n})}(t).catch(e=>{throw new Error(`Error fetching rel=ACL header for ${t}: ${e}`)})).then(o=>{const s=r(t,n,o.uri,i);if(!e.fetcher)throw new Error("Cannot PUT this, store has no fetcher");return e.fetcher.webOperation("PUT",o.uri,{data:s,contentType:"text/turtle"}).then(e=>{if(!e.ok)throw new Error("Error writing ACL text: "+e.error);return o})})},genACLText:r}}const wn=()=>{let{SolidAppContext:e}=window;if(e||={},e.viewingNoAuthPage=!1,e.noAuth&&window.document){if(window.document.location.href.startsWith(e.noAuth)){e.viewingNoAuthPage=!0;const t=new URLSearchParams(window.document.location.search);if(t){let r=e.viewedPage=t.get("uri")||null;if(r&&(r=decodeURI(r),!r.startsWith(e.noAuth))){const t=r.split(/\//);e.idp=t[0]+"//"+t[2],e.viewingNoAuthPage=!1}}}}return e};function _n(){const{$SolidTestEnvironment:e}=window;if(void 0!==e&&e.username)return p("Assuming the user is "+e.username),a.sym(e.username);if("undefined"!=typeof document&&document.location&&"http://localhost"===(""+document.location).slice(0,16)){const e=document.getElementById("appTarget");if(!e)return null;const t=e.getAttribute("testID");return t?(p("Assuming user is "+t),a.sym(t)):null}return null}class Sn{session;constructor(e){this.session=e}get authSession(){return this.session}currentUser(){const e=wn();return e.viewingNoAuthPage?a.sym(e.webId):this&&this.session&&this.session.info&&this.session.info.webId&&this.session.info.isLoggedIn?a.sym(this.session.info.webId):_n()}async checkUser(e){const t=new URL(window.location.href).hash;t&&window.localStorage.setItem("preLoginRedirectHash",t),this.session.events.on(Gt,e=>{p(`Session restored to ${e}`),document.location.toString()!==e&&history.replaceState(null,"",e)});const r=new URL(window.location.href);r.hash="",await this.session.handleIncomingRedirect({restorePreviousSession:!0,url:r.href});const n=window.localStorage.getItem("preLoginRedirectHash");if(n){const e=new URL(window.location.href);e.hash!==n&&(history.pushState?history.pushState(null,document.title,n):location.hash=n,e.hash=n),window.localStorage.setItem("preLoginRedirectHash","")}let i=_n();if(i)return Promise.resolve(e?e(i):i);const o=this.webIdFromSession(this.session.info);return o&&(i=this.saveUser(o)),i&&p(`(Logged in as ${i} by authentication)`),Promise.resolve(e?e(i):i)}saveUser(e,t){let r;if(e){r="string"==typeof e?e:e.uri;const n=a.namedNode(r);return t&&(t.me=n),n}return null}webIdFromSession(e){return e?.webId&&e.isLoggedIn?e.webId:null}}function bn(e){return a.sym(e.uri+"#id"+Date.now())}function En(e){return!e||`${window.location.origin}/`!==new URL(e.value).origin}const Fn="index.ttl#this";function An(e,t){const r=yn;async function n(t,r,n){await e.fetcher.load(t);const i=e.any(t,new a.NamedNode("http://www.iana.org/assignments/link-relations/acl"));if(!i)throw new Error("Chat ACL doc not found!");const o=`\n            @prefix acl: <http://www.w3.org/ns/auth/acl#>.\n            <#owner>\n            a acl:Authorization;\n            acl:agent <${r.value}>;\n            acl:accessTo <.>;\n            acl:default <.>;\n            acl:mode\n                acl:Read, acl:Write, acl:Control.\n            <#invitee>\n            a acl:Authorization;\n            acl:agent <${n.value}>;\n            acl:accessTo <.>;\n            acl:default <.>;\n            acl:mode\n                acl:Read, acl:Append.\n            `;await e.fetcher.webOperation("PUT",i.value,{data:o,contentType:"text/turtle"})}async function i(t,n){const i=e.any(n,r.solid("privateTypeIndex"));if(!i)throw new Error("Private type index not found!");await e.fetcher.load(i);const o=bn(i),s=[a.st(o,r.rdf("type"),r.solid("TypeRegistration"),i.doc()),a.st(o,r.solid("forClass"),r.meeting("LongChat"),i.doc()),a.st(o,r.solid("instance"),t,i.doc())];await new Promise((t,r)=>{e.updater.update([],s,function(e,n,i){n?t(null):r(new Error(i))})})}async function o(r){const n=await t.loadMe(),i=function(e,t){const r=new URL(`IndividualChats/${new URL(e.value).host}/`,t.value).toString();return new a.NamedNode(r)}(r,await t.getPodRoot(n));let o=!0;try{await e.fetcher.load(new a.NamedNode(i.value+"index.ttl#this"))}catch(e){o=!1}return{me:n,chatContainer:i,exists:o}}async function s(e,t){return(await u({me:t,newBase:e.value})).newInstance}function u(t){const n=e,i=n.updater;if(t.me&&!t.me.uri)throw new Error("chat mintNew:  Invalid userid "+t.me);const o=t.newInstance=t.newInstance||n.sym(t.newBase+Fn),s=o.doc();return n.add(o,r.rdf("type"),r.meeting("LongChat"),s),n.add(o,r.dc("title"),"Chat channel",s),n.add(o,r.dc("created"),a.term(new Date(Date.now())),s),t.me&&n.add(o,r.dc("author"),t.me,s),new Promise(function(e,r){i?.put(s,n.statementsMatching(void 0,void 0,void 0,s),"text/turtle",function(n,i,s){i?e({...t,newInstance:o}):r(new Error("FAILED to save new chat channel at: "+n+" : "+s))})})}async function c(t,n){await e.fetcher.load(t.doc());const i=e.any(t,r.ldp("inbox"),void 0,t.doc());if(!i)throw new Error(`Invitee inbox not found! ${t.value}`);const o=`\n        <> a <http://www.w3.org/ns/pim/meeting#LongChatInvite> ;\n        ${r.rdf("seeAlso")} <${n.value}> .\n        `,s=await(e.fetcher?.webOperation("POST",i.value,{data:o,contentType:"text/turtle"})),a=s?.headers.get("location");if(!a)throw new Error(`Invite sending returned a ${s?.status}`)}return{setAcl:n,addToPrivateTypeIndex:i,findChat:o,createChatThing:s,getChat:async function(e,t=!0){const{me:r,chatContainer:u,exists:h}=await o(e);if(h)return new a.NamedNode(u.value+Fn);if(t){const t=await s(u,r);return await c(e,t),await n(u,r,e),await i(t,r),t}return null},sendInvite:c,mintNew:u}}function xn(e,t,r,n,i){return{createInboxFor:async function(e,i){const o=await t.loadMe(),s=`${(await t.getPodRoot(o)).value}p2p-inboxes/${encodeURIComponent(i)}/`;return await n.createContainer(s),await r.setSinglePeerAccess({ownerWebId:o.value,peerWebId:e,accessToModes:"acl:Append",target:s}),s},getNewMessages:async function(e){e||(e=await t.loadMe());const r=await t.getMainInbox(e);return(await n.getContainerMembers(r)).filter(e=>!n.isContainer(e))},markAsRead:async function(t,r){const n=await e.fetcher._fetch(t);if(200!==n.status)throw new Error(`Not OK! ${t}`);const i=function(e,t){const r=t.getUTCFullYear(),n=("0"+(t.getUTCMonth()+1)).slice(-2),i=("0"+t.getUTCDate()).slice(-2),o=e.split("/"),s=o[o.length-1];return new URL(`./archive/${r}/${n}/${i}/${s}`,e).toString()}(t,r),o={method:"PUT",body:await n.text(),headers:[["Content-Type",n.headers.get("Content-Type")||"application/octet-stream"]]};"2"===(await e.fetcher._fetch(i,o)).status.toString()[0]&&await e.fetcher._fetch(t,{method:"DELETE"})}}}class kn extends Error{constructor(e){super(e),Object.setPrototypeOf(this,new.target.prototype),this.name=new.target.name}}class Pn extends kn{}class Tn extends kn{}class In extends kn{}class Rn extends kn{}class Cn extends kn{}class Un extends kn{status;constructor(e,t){super(t),this.status=e}}function Ln(e,t,r){const n=yn;async function i(t){await o(t);const i=function(e){const t=e.uri.replace("/profile/","/").replace("/public/","/").split("/").slice(0,-1).join("/")+"/Settings/Preferences.ttl";return a.sym(t)}(t);let s;try{s=await r.followOrCreateLink(t,n.space("preferencesFile"),i,t.doc())}catch(e){if(g(`User ${t} has no pointer in profile to preferences file.`),e instanceof Rn)throw e;if(e instanceof Cn)throw e;if(e instanceof Pn)throw e;if(e instanceof Tn)throw e;if(e instanceof In)throw e;if(e instanceof Un)throw e;throw e}try{await e.fetcher.load(s)}catch(e){const r=`Unable to load preference of user ${t}: ${e}`;if(g(r),401===e.response.status)throw new Pn;if(403===e.response.status){if(En(s))throw new Tn;throw new In}throw new Error(r)}return s}async function o(t){if(!t)throw new Error("loadProfile: no user given.");try{await e.fetcher.load(t.doc())}catch(e){throw new Error(`Unable to load profile of user ${t}: ${e}`)}return t.doc()}function s(t){return e.any(t,n.space("storage"),void 0,t.doc())}return{loadMe:async function(){const r=t.currentUser();if(null===r)throw new Error("Current user not found! Not logged in?");return await e.fetcher.load(r.doc()),r},getPodRoot:function(e){const t=s(e);if(!t)throw new Error("User pod root not found!");return t},getMainInbox:async function(t){await e.fetcher.load(t);const r=e.any(t,n.ldp("inbox"),void 0,t.doc());if(!r)throw new Error("User main inbox not found!");return r},findStorage:s,loadPreferences:i,loadProfile:o,silencedLoadPreferences:async function(e){try{return await i(e)}catch(e){return}}}}const Dn=function(e,t){p("SolidLogic: Unique instance created.  There should only be one of these.");const r=d.graph();d.fetcher(r,{fetch:e.fetch}),r.updater=new d.UpdateManager(r),r.features=[];const n=new Sn(t),i=mn(r),o=function(e){function t(t){return e.statementsMatching(t,a.sym("http://www.w3.org/ns/ldp#contains"),void 0).map(e=>e.object)}function r(e){const t=e.value;return"/"===t.charAt(t.length-1)}return{isContainer:r,createContainer:async function(t){if(!r(a.sym(t)))throw new Error(`Not a container URL ${t}`);const n=await e.fetcher._fetch(t,{method:"PUT",headers:{"Content-Type":"text/turtle","If-None-Match":"*",Link:'<http://www.w3.org/ns/ldp#BasicContainer>; rel="type"'},body:" "});if("2"!==n.status.toString()[0])throw new Error(`Not OK: got ${n.status} response while creating container at ${t}`)},getContainerElements:t,getContainerMembers:async function(r){return await e.fetcher.load(r),t(r)}}}(r),s=function(e,t,r){async function n(t){let r;try{r=await e.fetcher.load(t)}catch(r){if(404!==r.response.status){if(401===r.response.status)throw new Pn;if(403===r.response.status){if(En(t))throw new Tn;throw new In}const e="createIfNotExists doc load error NOT 404:  "+t+": "+r;throw new Un(r.status,r.message+e)}try{await e.fetcher.webOperation("PUT",t,{data:"",contentType:"text/turtle"})}catch(e){throw new Cn("createIfNotExists: PUT FAILED: "+t+": "+e)}await e.fetcher.load(t)}return r}return{recursiveDelete:async function n(i){try{if(r.isContainer(i)){const o=await t.findAclDocUrl(i);await e.fetcher._fetch(o,{method:"DELETE"});const s=await r.getContainerMembers(i);await Promise.all(s.map(e=>n(e)))}const o=i.value;return e.fetcher._fetch(o,{method:"DELETE"})}catch(e){p(`Please manually remove ${i.value} from your system.`,e)}},setSinglePeerAccess:async function(r){let n=["@prefix acl: <http://www.w3.org/ns/auth/acl#>.","",`<#alice> a acl:Authorization;\n  acl:agent <${r.ownerWebId}>;`,`  acl:accessTo <${r.target}>;`,`  acl:default <${r.target}>;`,"  acl:mode acl:Read, acl:Write, acl:Control.",""].join("\n");r.accessToModes&&(n+=["<#bobAccessTo> a acl:Authorization;",`  acl:agent <${r.peerWebId}>;`,`  acl:accessTo <${r.target}>;`,`  acl:mode ${r.accessToModes}.`,""].join("\n")),r.defaultModes&&(n+=["<#bobDefault> a acl:Authorization;",`  acl:agent <${r.peerWebId}>;`,`  acl:default <${r.target}>;`,`  acl:mode ${r.defaultModes}.`,""].join("\n"));const i=await t.findAclDocUrl(a.sym(r.target));return e.fetcher._fetch(i,{method:"PUT",body:n,headers:[["Content-Type","text/turtle"]]})},createEmptyRdfDoc:async function(t,r){await e.fetcher.webOperation("PUT",t.uri,{data:`# ${new Date} ${r}\n  `,contentType:"text/turtle"})},followOrCreateLink:async function(t,r,i,o){await e.fetcher.load(o);const s=e.any(t,r,null,o);if(s)return s;if(!e.updater.editable(o)){const e=`followOrCreateLink: cannot edit ${o.value}`;throw g(e),new Rn(e)}try{await e.updater.update([],[a.st(t,r,i,o)])}catch(e){throw g(`followOrCreateLink: Error making link in ${o} to ${i}: ${e}`),new Cn(e)}try{await n(i)}catch(e){throw g(`followOrCreateLink: Error loading or saving new linked document: ${i}: ${e}`),e}return i},loadOrCreateIfNotExists:n}}(r,i,o),u=Ln(r,n,s),c=An(r,u),h=xn(r,u,s,o),l=function(e,t,r,n){const i=yn;async function o(t){if(!t)throw new Error("loadTypeIndexesFor: No user given");const o=await r.loadProfile(t),s=h(t);let a;try{a=await n.followOrCreateLink(t,i.solid("publicTypeIndex"),s,o)}catch(e){g(`User ${t} has no pointer in profile to publicTypeIndex file.`)}const u=a?[{label:"public",index:a,agent:t}]:[];let c,f;try{c=await r.silencedLoadPreferences(t)}catch(e){c=null}if(c){const r=l(c);let s;try{s=e.any(t,i.solid("privateTypeIndex"),void 0,o)||await n.followOrCreateLink(t,i.solid("privateTypeIndex"),r,c)}catch(e){g(`User ${t} has no pointer in preference file to privateTypeIndex file.`)}f=s?[{label:"private",index:s,agent:t}]:[]}else f=[];const d=u.concat(f);if(0===d.length)return d;const p=d.map(e=>e.index);try{await e.fetcher.load(p)}catch(e){g("Problems loading type index: ",e)}return d}async function s(t){let n;try{n=await r.silencedLoadPreferences(t)}catch(e){g(`User ${t} has no pointer in profile to preferences file.`)}if(n){const r=e.each(t,i.solid("community"),void 0,n).concat(e.each(t,i.solid("community"),void 0,t.doc()));let s=[];for(const e of r)s=s.concat(await o(e));return s}return[]}async function u(e){return(await o(e)).concat((await s(e)).flat())}async function c(e,t){const r=await u(t);let n=[];for(const t of r){const r=await f(t,e);n=n.concat(r)}return n}function h(e){return a.sym(e.doc().dir()?.uri+"publicTypeIndex.ttl")}function l(e){return a.sym(e.doc().dir()?.uri+"privateTypeIndex.ttl")}async function f(t,r){const n=t.index,o=[],s=e.statementsMatching(null,i.solid("instance"),null,n).concat(e.statementsMatching(null,i.solid("instanceContainer"),null,n)).map(e=>e.subject);for(const u of s){const s=e.any(u,i.solid("forClass"),null,n);if(!r||s.sameTerm(r)){const r=e.each(u,i.solid("instance"),null,n);for(const e of r)o.push({instance:e,type:s,scope:t});const c=e.each(u,i.solid("instanceContainer"),null,n);for(const r of c)await e.fetcher.load(r),o.push({instance:a.sym(r.value),type:s,scope:t})}}return o}return{registerInTypeIndex:async function(t,r,n){const o=bn(r),s=[a.st(o,i.rdf("type"),i.solid("TypeRegistration"),r),a.st(o,i.solid("forClass"),n,r),a.st(o,i.solid("instance"),t,r)];try{await e.updater.update([],s)}catch(e){const n=`Unable to register ${t} in index ${r}: ${e}`;return console.warn(n),null}return o},getRegistrations:function(t,r){return e.each(void 0,i.solid("instance"),t).filter(t=>e.holds(t,i.solid("forClass"),r))},loadTypeIndexesFor:o,loadCommunityTypeIndexes:s,loadAllTypeIndexes:u,getScopedAppInstances:c,getAppInstances:async function(e){const r=t.currentUser();if(!r)throw new Error("getAppInstances: Must be logged in to find apps.");return(await c(e,r)).map(e=>e.instance)},suggestPublicTypeIndex:h,suggestPrivateTypeIndex:l,deleteTypeIndexRegistration:async function(t){const r=e.the(null,i.solid("instance"),t.instance,t.scope.index);if(!r)throw new Error(`deleteTypeIndexRegistration: No registration found for ${t.instance}`);const n=e.statementsMatching(r,null,null,t.scope.index);await e.updater.update(n,[])},getScopedAppsFromIndex:f}}(r,n,u,s);return p("SolidAuthnLogic initialized"),{store:r,authn:n,acl:i,inbox:h,chat:c,profile:u,typeIndex:l,load:function(e){return r.fetcher.load(e)},updatePromise:function(e,t=[]){return new Promise((n,i)=>{r.updater.update(e,t,function(e,t,r){t?n():i(new Error(r))})})},clearStore:function(){r.statements.slice().forEach(r.remove.bind(r))}}}({fetch:async(e,t)=>{const r=t&&t.credentials&&"omit"==t.credentials;return fn.info.webId&&!r?fn.fetch(e,t):window.fetch(e,t)}},fn);p("Unique quadstore initialized.");const Nn=[{name:"Solid Community",uri:"https://solidcommunity.net"},{name:"Solid Web",uri:"https://solidweb.org"},{name:"Inrupt.net",uri:"https://inrupt.net"},{name:"pod.Inrupt.com",uri:"https://login.inrupt.com"}];const On=Dn.authn,jn=Dn.authn.authSession,Bn=Dn.store;e.ACL_LINK=vn,e.CrossOriginForbiddenError=Tn,e.FetchError=Un,e.NotEditableError=Rn,e.NotFoundError=class extends kn{},e.SameOriginForbiddenError=In,e.UnauthorizedError=Pn,e.WebOperationError=Cn,e.appContext=wn,e.authSession=jn,e.authn=On,e.getSuggestedIssuers=function(){const e=[...Nn],{host:t,origin:r}=new URL(location.href),n=e.map(({uri:e})=>new URL(e).host);return n.includes(t)||n.some(e=>function(e,t){const r=e.length-t.length-1;return r>0&&"."===e[r]&&e.endsWith(t)}(t,e))||e.unshift({name:t,uri:r}),e},e.offlineTestID=_n,e.solidLogicSingleton=Dn,e.store=Bn,Object.defineProperty(e,"__esModule",{value:!0})});
+//# sourceMappingURL=solid-logic.umd.min.js.map