solid-logic 3.1.1-cfdb831 → 3.1.1-ecb4985

package/dist/solid-logic.external.min.js

@@ -28,5 +28,5 @@ var ae=function(){var e=new RegExp('(?:false|true|null|[\\{\\}\\[\\]]|(?:-?\\b(?
  */
 var n=r(30),i=r(31),o=r(32);function s(){return u.TYPED_ARRAY_SUPPORT?2147483647:1073741823}function a(e,t){if(s()<t)throw new RangeError("Invalid typed array length");return u.TYPED_ARRAY_SUPPORT?(e=new Uint8Array(t)).__proto__=u.prototype:(null===e&&(e=new u(t)),e.length=t),e}function u(e,t,r){if(!(u.TYPED_ARRAY_SUPPORT||this instanceof u))return new u(e,t,r);if("number"==typeof e){if("string"==typeof t)throw new Error("If encoding is specified then the first argument must be a string");return l(this,e)}return c(this,e,t,r)}function c(e,t,r,n){if("number"==typeof t)throw new TypeError('"value" argument must not be a number');return"undefined"!=typeof ArrayBuffer&&t instanceof ArrayBuffer?function(e,t,r,n){if(t.byteLength,r<0||t.byteLength<r)throw new RangeError("'offset' is out of bounds");if(t.byteLength<r+(n||0))throw new RangeError("'length' is out of bounds");return t=void 0===r&&void 0===n?new Uint8Array(t):void 0===n?new Uint8Array(t,r):new Uint8Array(t,r,n),u.TYPED_ARRAY_SUPPORT?(e=t).__proto__=u.prototype:e=d(e,t),e}(e,t,r,n):"string"==typeof t?function(e,t,r){if("string"==typeof r&&""!==r||(r="utf8"),!u.isEncoding(r))throw new TypeError('"encoding" must be a valid string encoding');var n=0|p(t,r),i=(e=a(e,n)).write(t,r);return i!==n&&(e=e.slice(0,i)),e}(e,t,r):function(e,t){if(u.isBuffer(t)){var r=0|f(t.length);return 0===(e=a(e,r)).length||t.copy(e,0,0,r),e}if(t){if("undefined"!=typeof ArrayBuffer&&t.buffer instanceof ArrayBuffer||"length"in t)return"number"!=typeof t.length||function(e){return e!=e}(t.length)?a(e,0):d(e,t);if("Buffer"===t.type&&o(t.data))return d(e,t.data)}throw new TypeError("First argument must be a string, Buffer, ArrayBuffer, Array, or array-like object.")}(e,t)}function h(e){if("number"!=typeof e)throw new TypeError('"size" argument must be a number');if(e<0)throw new RangeError('"size" argument must not be negative')}function l(e,t){if(h(t),e=a(e,t<0?0:0|f(t)),!u.TYPED_ARRAY_SUPPORT)for(var r=0;r<t;++r)e[r]=0;return e}function d(e,t){var r=t.length<0?0:0|f(t.length);e=a(e,r);for(var n=0;n<r;n+=1)e[n]=255&t[n];return e}function f(e){if(e>=s())throw new RangeError("Attempt to allocate Buffer larger than maximum size: 0x"+s().toString(16)+" bytes");return 0|e}function p(e,t){if(u.isBuffer(e))return e.length;if("undefined"!=typeof ArrayBuffer&&"function"==typeof ArrayBuffer.isView&&(ArrayBuffer.isView(e)||e instanceof ArrayBuffer))return e.byteLength;"string"!=typeof e&&(e=""+e);var r=e.length;if(0===r)return 0;for(var n=!1;;)switch(t){case"ascii":case"latin1":case"binary":return r;case"utf8":case"utf-8":case void 0:return B(e).length;case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return 2*r;case"hex":return r>>>1;case"base64":return K(e).length;default:if(n)return B(e).length;t=(""+t).toLowerCase(),n=!0}}function g(e,t,r){var n=!1;if((void 0===t||t<0)&&(t=0),t>this.length)return"";if((void 0===r||r>this.length)&&(r=this.length),r<=0)return"";if((r>>>=0)<=(t>>>=0))return"";for(e||(e="utf8");;)switch(e){case"hex":return I(this,t,r);case"utf8":case"utf-8":return A(this,t,r);case"ascii":return P(this,t,r);case"latin1":case"binary":return T(this,t,r);case"base64":return x(this,t,r);case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return C(this,t,r);default:if(n)throw new TypeError("Unknown encoding: "+e);e=(e+"").toLowerCase(),n=!0}}function y(e,t,r){var n=e[t];e[t]=e[r],e[r]=n}function v(e,t,r,n,i){if(0===e.length)return-1;if("string"==typeof r?(n=r,r=0):r>2147483647?r=2147483647:r<-2147483648&&(r=-2147483648),r=+r,isNaN(r)&&(r=i?0:e.length-1),r<0&&(r=e.length+r),r>=e.length){if(i)return-1;r=e.length-1}else if(r<0){if(!i)return-1;r=0}if("string"==typeof t&&(t=u.from(t,n)),u.isBuffer(t))return 0===t.length?-1:m(e,t,r,n,i);if("number"==typeof t)return t&=255,u.TYPED_ARRAY_SUPPORT&&"function"==typeof Uint8Array.prototype.indexOf?i?Uint8Array.prototype.indexOf.call(e,t,r):Uint8Array.prototype.lastIndexOf.call(e,t,r):m(e,[t],r,n,i);throw new TypeError("val must be string, number or Buffer")}function m(e,t,r,n,i){var o,s=1,a=e.length,u=t.length;if(void 0!==n&&("ucs2"===(n=String(n).toLowerCase())||"ucs-2"===n||"utf16le"===n||"utf-16le"===n)){if(e.length<2||t.length<2)return-1;s=2,a/=2,u/=2,r/=2}function c(e,t){return 1===s?e[t]:e.readUInt16BE(t*s)}if(i){var h=-1;for(o=r;o<a;o++)if(c(e,o)===c(t,-1===h?0:o-h)){if(-1===h&&(h=o),o-h+1===u)return h*s}else-1!==h&&(o-=o-h),h=-1}else for(r+u>a&&(r=a-u),o=r;o>=0;o--){for(var l=!0,d=0;d<u;d++)if(c(e,o+d)!==c(t,d)){l=!1;break}if(l)return o}return-1}function w(e,t,r,n){r=Number(r)||0;var i=e.length-r;n?(n=Number(n))>i&&(n=i):n=i;var o=t.length;if(o%2!=0)throw new TypeError("Invalid hex string");n>o/2&&(n=o/2);for(var s=0;s<n;++s){var a=parseInt(t.substr(2*s,2),16);if(isNaN(a))return s;e[r+s]=a}return s}function _(e,t,r,n){return V(B(t,e.length-r),e,r,n)}function S(e,t,r,n){return V(function(e){for(var t=[],r=0;r<e.length;++r)t.push(255&e.charCodeAt(r));return t}(t),e,r,n)}function b(e,t,r,n){return S(e,t,r,n)}function E(e,t,r,n){return V(K(t),e,r,n)}function F(e,t,r,n){return V(function(e,t){for(var r,n,i,o=[],s=0;s<e.length&&!((t-=2)<0);++s)n=(r=e.charCodeAt(s))>>8,i=r%256,o.push(i),o.push(n);return o}(t,e.length-r),e,r,n)}function x(e,t,r){return 0===t&&r===e.length?n.fromByteArray(e):n.fromByteArray(e.slice(t,r))}function A(e,t,r){r=Math.min(e.length,r);for(var n=[],i=t;i<r;){var o,s,a,u,c=e[i],h=null,l=c>239?4:c>223?3:c>191?2:1;if(i+l<=r)switch(l){case 1:c<128&&(h=c);break;case 2:128==(192&(o=e[i+1]))&&(u=(31&c)<<6|63&o)>127&&(h=u);break;case 3:o=e[i+1],s=e[i+2],128==(192&o)&&128==(192&s)&&(u=(15&c)<<12|(63&o)<<6|63&s)>2047&&(u<55296||u>57343)&&(h=u);break;case 4:o=e[i+1],s=e[i+2],a=e[i+3],128==(192&o)&&128==(192&s)&&128==(192&a)&&(u=(15&c)<<18|(63&o)<<12|(63&s)<<6|63&a)>65535&&u<1114112&&(h=u)}null===h?(h=65533,l=1):h>65535&&(h-=65536,n.push(h>>>10&1023|55296),h=56320|1023&h),n.push(h),i+=l}return function(e){var t=e.length;if(t<=k)return String.fromCharCode.apply(String,e);for(var r="",n=0;n<t;)r+=String.fromCharCode.apply(String,e.slice(n,n+=k));return r}(n)}t.Buffer=u,t.SlowBuffer=function(e){return+e!=e&&(e=0),u.alloc(+e)},t.INSPECT_MAX_BYTES=50,u.TYPED_ARRAY_SUPPORT=void 0!==e.TYPED_ARRAY_SUPPORT?e.TYPED_ARRAY_SUPPORT:function(){try{var e=new Uint8Array(1);return e.__proto__={__proto__:Uint8Array.prototype,foo:function(){return 42}},42===e.foo()&&"function"==typeof e.subarray&&0===e.subarray(1,1).byteLength}catch(e){return!1}}(),t.kMaxLength=s(),u.poolSize=8192,u._augment=function(e){return e.__proto__=u.prototype,e},u.from=function(e,t,r){return c(null,e,t,r)},u.TYPED_ARRAY_SUPPORT&&(u.prototype.__proto__=Uint8Array.prototype,u.__proto__=Uint8Array,"undefined"!=typeof Symbol&&Symbol.species&&u[Symbol.species]===u&&Object.defineProperty(u,Symbol.species,{value:null,configurable:!0})),u.alloc=function(e,t,r){return function(e,t,r,n){return h(t),t<=0?a(e,t):void 0!==r?"string"==typeof n?a(e,t).fill(r,n):a(e,t).fill(r):a(e,t)}(null,e,t,r)},u.allocUnsafe=function(e){return l(null,e)},u.allocUnsafeSlow=function(e){return l(null,e)},u.isBuffer=function(e){return!(null==e||!e._isBuffer)},u.compare=function(e,t){if(!u.isBuffer(e)||!u.isBuffer(t))throw new TypeError("Arguments must be Buffers");if(e===t)return 0;for(var r=e.length,n=t.length,i=0,o=Math.min(r,n);i<o;++i)if(e[i]!==t[i]){r=e[i],n=t[i];break}return r<n?-1:n<r?1:0},u.isEncoding=function(e){switch(String(e).toLowerCase()){case"hex":case"utf8":case"utf-8":case"ascii":case"latin1":case"binary":case"base64":case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return!0;default:return!1}},u.concat=function(e,t){if(!o(e))throw new TypeError('"list" argument must be an Array of Buffers');if(0===e.length)return u.alloc(0);var r;if(void 0===t)for(t=0,r=0;r<e.length;++r)t+=e[r].length;var n=u.allocUnsafe(t),i=0;for(r=0;r<e.length;++r){var s=e[r];if(!u.isBuffer(s))throw new TypeError('"list" argument must be an Array of Buffers');s.copy(n,i),i+=s.length}return n},u.byteLength=p,u.prototype._isBuffer=!0,u.prototype.swap16=function(){var e=this.length;if(e%2!=0)throw new RangeError("Buffer size must be a multiple of 16-bits");for(var t=0;t<e;t+=2)y(this,t,t+1);return this},u.prototype.swap32=function(){var e=this.length;if(e%4!=0)throw new RangeError("Buffer size must be a multiple of 32-bits");for(var t=0;t<e;t+=4)y(this,t,t+3),y(this,t+1,t+2);return this},u.prototype.swap64=function(){var e=this.length;if(e%8!=0)throw new RangeError("Buffer size must be a multiple of 64-bits");for(var t=0;t<e;t+=8)y(this,t,t+7),y(this,t+1,t+6),y(this,t+2,t+5),y(this,t+3,t+4);return this},u.prototype.toString=function(){var e=0|this.length;return 0===e?"":0===arguments.length?A(this,0,e):g.apply(this,arguments)},u.prototype.equals=function(e){if(!u.isBuffer(e))throw new TypeError("Argument must be a Buffer");return this===e||0===u.compare(this,e)},u.prototype.inspect=function(){var e="",r=t.INSPECT_MAX_BYTES;return this.length>0&&(e=this.toString("hex",0,r).match(/.{2}/g).join(" "),this.length>r&&(e+=" ... ")),"<Buffer "+e+">"},u.prototype.compare=function(e,t,r,n,i){if(!u.isBuffer(e))throw new TypeError("Argument must be a Buffer");if(void 0===t&&(t=0),void 0===r&&(r=e?e.length:0),void 0===n&&(n=0),void 0===i&&(i=this.length),t<0||r>e.length||n<0||i>this.length)throw new RangeError("out of range index");if(n>=i&&t>=r)return 0;if(n>=i)return-1;if(t>=r)return 1;if(this===e)return 0;for(var o=(i>>>=0)-(n>>>=0),s=(r>>>=0)-(t>>>=0),a=Math.min(o,s),c=this.slice(n,i),h=e.slice(t,r),l=0;l<a;++l)if(c[l]!==h[l]){o=c[l],s=h[l];break}return o<s?-1:s<o?1:0},u.prototype.includes=function(e,t,r){return-1!==this.indexOf(e,t,r)},u.prototype.indexOf=function(e,t,r){return v(this,e,t,r,!0)},u.prototype.lastIndexOf=function(e,t,r){return v(this,e,t,r,!1)},u.prototype.write=function(e,t,r,n){if(void 0===t)n="utf8",r=this.length,t=0;else if(void 0===r&&"string"==typeof t)n=t,r=this.length,t=0;else{if(!isFinite(t))throw new Error("Buffer.write(string, encoding, offset[, length]) is no longer supported");t|=0,isFinite(r)?(r|=0,void 0===n&&(n="utf8")):(n=r,r=void 0)}var i=this.length-t;if((void 0===r||r>i)&&(r=i),e.length>0&&(r<0||t<0)||t>this.length)throw new RangeError("Attempt to write outside buffer bounds");n||(n="utf8");for(var o=!1;;)switch(n){case"hex":return w(this,e,t,r);case"utf8":case"utf-8":return _(this,e,t,r);case"ascii":return S(this,e,t,r);case"latin1":case"binary":return b(this,e,t,r);case"base64":return E(this,e,t,r);case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return F(this,e,t,r);default:if(o)throw new TypeError("Unknown encoding: "+n);n=(""+n).toLowerCase(),o=!0}},u.prototype.toJSON=function(){return{type:"Buffer",data:Array.prototype.slice.call(this._arr||this,0)}};var k=4096;function P(e,t,r){var n="";r=Math.min(e.length,r);for(var i=t;i<r;++i)n+=String.fromCharCode(127&e[i]);return n}function T(e,t,r){var n="";r=Math.min(e.length,r);for(var i=t;i<r;++i)n+=String.fromCharCode(e[i]);return n}function I(e,t,r){var n=e.length;(!t||t<0)&&(t=0),(!r||r<0||r>n)&&(r=n);for(var i="",o=t;o<r;++o)i+=M(e[o]);return i}function C(e,t,r){for(var n=e.slice(t,r),i="",o=0;o<n.length;o+=2)i+=String.fromCharCode(n[o]+256*n[o+1]);return i}function R(e,t,r){if(e%1!=0||e<0)throw new RangeError("offset is not uint");if(e+t>r)throw new RangeError("Trying to access beyond buffer length")}function U(e,t,r,n,i,o){if(!u.isBuffer(e))throw new TypeError('"buffer" argument must be a Buffer instance');if(t>i||t<o)throw new RangeError('"value" argument is out of bounds');if(r+n>e.length)throw new RangeError("Index out of range")}function L(e,t,r,n){t<0&&(t=65535+t+1);for(var i=0,o=Math.min(e.length-r,2);i<o;++i)e[r+i]=(t&255<<8*(n?i:1-i))>>>8*(n?i:1-i)}function D(e,t,r,n){t<0&&(t=4294967295+t+1);for(var i=0,o=Math.min(e.length-r,4);i<o;++i)e[r+i]=t>>>8*(n?i:3-i)&255}function N(e,t,r,n,i,o){if(r+n>e.length)throw new RangeError("Index out of range");if(r<0)throw new RangeError("Index out of range")}function O(e,t,r,n,o){return o||N(e,0,r,4),i.write(e,t,r,n,23,4),r+4}function H(e,t,r,n,o){return o||N(e,0,r,8),i.write(e,t,r,n,52,8),r+8}u.prototype.slice=function(e,t){var r,n=this.length;if((e=~~e)<0?(e+=n)<0&&(e=0):e>n&&(e=n),(t=void 0===t?n:~~t)<0?(t+=n)<0&&(t=0):t>n&&(t=n),t<e&&(t=e),u.TYPED_ARRAY_SUPPORT)(r=this.subarray(e,t)).__proto__=u.prototype;else{var i=t-e;r=new u(i,void 0);for(var o=0;o<i;++o)r[o]=this[o+e]}return r},u.prototype.readUIntLE=function(e,t,r){e|=0,t|=0,r||R(e,t,this.length);for(var n=this[e],i=1,o=0;++o<t&&(i*=256);)n+=this[e+o]*i;return n},u.prototype.readUIntBE=function(e,t,r){e|=0,t|=0,r||R(e,t,this.length);for(var n=this[e+--t],i=1;t>0&&(i*=256);)n+=this[e+--t]*i;return n},u.prototype.readUInt8=function(e,t){return t||R(e,1,this.length),this[e]},u.prototype.readUInt16LE=function(e,t){return t||R(e,2,this.length),this[e]|this[e+1]<<8},u.prototype.readUInt16BE=function(e,t){return t||R(e,2,this.length),this[e]<<8|this[e+1]},u.prototype.readUInt32LE=function(e,t){return t||R(e,4,this.length),(this[e]|this[e+1]<<8|this[e+2]<<16)+16777216*this[e+3]},u.prototype.readUInt32BE=function(e,t){return t||R(e,4,this.length),16777216*this[e]+(this[e+1]<<16|this[e+2]<<8|this[e+3])},u.prototype.readIntLE=function(e,t,r){e|=0,t|=0,r||R(e,t,this.length);for(var n=this[e],i=1,o=0;++o<t&&(i*=256);)n+=this[e+o]*i;return n>=(i*=128)&&(n-=Math.pow(2,8*t)),n},u.prototype.readIntBE=function(e,t,r){e|=0,t|=0,r||R(e,t,this.length);for(var n=t,i=1,o=this[e+--n];n>0&&(i*=256);)o+=this[e+--n]*i;return o>=(i*=128)&&(o-=Math.pow(2,8*t)),o},u.prototype.readInt8=function(e,t){return t||R(e,1,this.length),128&this[e]?-1*(255-this[e]+1):this[e]},u.prototype.readInt16LE=function(e,t){t||R(e,2,this.length);var r=this[e]|this[e+1]<<8;return 32768&r?4294901760|r:r},u.prototype.readInt16BE=function(e,t){t||R(e,2,this.length);var r=this[e+1]|this[e]<<8;return 32768&r?4294901760|r:r},u.prototype.readInt32LE=function(e,t){return t||R(e,4,this.length),this[e]|this[e+1]<<8|this[e+2]<<16|this[e+3]<<24},u.prototype.readInt32BE=function(e,t){return t||R(e,4,this.length),this[e]<<24|this[e+1]<<16|this[e+2]<<8|this[e+3]},u.prototype.readFloatLE=function(e,t){return t||R(e,4,this.length),i.read(this,e,!0,23,4)},u.prototype.readFloatBE=function(e,t){return t||R(e,4,this.length),i.read(this,e,!1,23,4)},u.prototype.readDoubleLE=function(e,t){return t||R(e,8,this.length),i.read(this,e,!0,52,8)},u.prototype.readDoubleBE=function(e,t){return t||R(e,8,this.length),i.read(this,e,!1,52,8)},u.prototype.writeUIntLE=function(e,t,r,n){e=+e,t|=0,r|=0,n||U(this,e,t,r,Math.pow(2,8*r)-1,0);var i=1,o=0;for(this[t]=255&e;++o<r&&(i*=256);)this[t+o]=e/i&255;return t+r},u.prototype.writeUIntBE=function(e,t,r,n){e=+e,t|=0,r|=0,n||U(this,e,t,r,Math.pow(2,8*r)-1,0);var i=r-1,o=1;for(this[t+i]=255&e;--i>=0&&(o*=256);)this[t+i]=e/o&255;return t+r},u.prototype.writeUInt8=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,1,255,0),u.TYPED_ARRAY_SUPPORT||(e=Math.floor(e)),this[t]=255&e,t+1},u.prototype.writeUInt16LE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,2,65535,0),u.TYPED_ARRAY_SUPPORT?(this[t]=255&e,this[t+1]=e>>>8):L(this,e,t,!0),t+2},u.prototype.writeUInt16BE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,2,65535,0),u.TYPED_ARRAY_SUPPORT?(this[t]=e>>>8,this[t+1]=255&e):L(this,e,t,!1),t+2},u.prototype.writeUInt32LE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,4,4294967295,0),u.TYPED_ARRAY_SUPPORT?(this[t+3]=e>>>24,this[t+2]=e>>>16,this[t+1]=e>>>8,this[t]=255&e):D(this,e,t,!0),t+4},u.prototype.writeUInt32BE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,4,4294967295,0),u.TYPED_ARRAY_SUPPORT?(this[t]=e>>>24,this[t+1]=e>>>16,this[t+2]=e>>>8,this[t+3]=255&e):D(this,e,t,!1),t+4},u.prototype.writeIntLE=function(e,t,r,n){if(e=+e,t|=0,!n){var i=Math.pow(2,8*r-1);U(this,e,t,r,i-1,-i)}var o=0,s=1,a=0;for(this[t]=255&e;++o<r&&(s*=256);)e<0&&0===a&&0!==this[t+o-1]&&(a=1),this[t+o]=(e/s|0)-a&255;return t+r},u.prototype.writeIntBE=function(e,t,r,n){if(e=+e,t|=0,!n){var i=Math.pow(2,8*r-1);U(this,e,t,r,i-1,-i)}var o=r-1,s=1,a=0;for(this[t+o]=255&e;--o>=0&&(s*=256);)e<0&&0===a&&0!==this[t+o+1]&&(a=1),this[t+o]=(e/s|0)-a&255;return t+r},u.prototype.writeInt8=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,1,127,-128),u.TYPED_ARRAY_SUPPORT||(e=Math.floor(e)),e<0&&(e=255+e+1),this[t]=255&e,t+1},u.prototype.writeInt16LE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,2,32767,-32768),u.TYPED_ARRAY_SUPPORT?(this[t]=255&e,this[t+1]=e>>>8):L(this,e,t,!0),t+2},u.prototype.writeInt16BE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,2,32767,-32768),u.TYPED_ARRAY_SUPPORT?(this[t]=e>>>8,this[t+1]=255&e):L(this,e,t,!1),t+2},u.prototype.writeInt32LE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,4,2147483647,-2147483648),u.TYPED_ARRAY_SUPPORT?(this[t]=255&e,this[t+1]=e>>>8,this[t+2]=e>>>16,this[t+3]=e>>>24):D(this,e,t,!0),t+4},u.prototype.writeInt32BE=function(e,t,r){return e=+e,t|=0,r||U(this,e,t,4,2147483647,-2147483648),e<0&&(e=4294967295+e+1),u.TYPED_ARRAY_SUPPORT?(this[t]=e>>>24,this[t+1]=e>>>16,this[t+2]=e>>>8,this[t+3]=255&e):D(this,e,t,!1),t+4},u.prototype.writeFloatLE=function(e,t,r){return O(this,e,t,!0,r)},u.prototype.writeFloatBE=function(e,t,r){return O(this,e,t,!1,r)},u.prototype.writeDoubleLE=function(e,t,r){return H(this,e,t,!0,r)},u.prototype.writeDoubleBE=function(e,t,r){return H(this,e,t,!1,r)},u.prototype.copy=function(e,t,r,n){if(r||(r=0),n||0===n||(n=this.length),t>=e.length&&(t=e.length),t||(t=0),n>0&&n<r&&(n=r),n===r)return 0;if(0===e.length||0===this.length)return 0;if(t<0)throw new RangeError("targetStart out of bounds");if(r<0||r>=this.length)throw new RangeError("sourceStart out of bounds");if(n<0)throw new RangeError("sourceEnd out of bounds");n>this.length&&(n=this.length),e.length-t<n-r&&(n=e.length-t+r);var i,o=n-r;if(this===e&&r<t&&t<n)for(i=o-1;i>=0;--i)e[i+t]=this[i+r];else if(o<1e3||!u.TYPED_ARRAY_SUPPORT)for(i=0;i<o;++i)e[i+t]=this[i+r];else Uint8Array.prototype.set.call(e,this.subarray(r,r+o),t);return o},u.prototype.fill=function(e,t,r,n){if("string"==typeof e){if("string"==typeof t?(n=t,t=0,r=this.length):"string"==typeof r&&(n=r,r=this.length),1===e.length){var i=e.charCodeAt(0);i<256&&(e=i)}if(void 0!==n&&"string"!=typeof n)throw new TypeError("encoding must be a string");if("string"==typeof n&&!u.isEncoding(n))throw new TypeError("Unknown encoding: "+n)}else"number"==typeof e&&(e&=255);if(t<0||this.length<t||this.length<r)throw new RangeError("Out of range index");if(r<=t)return this;var o;if(t>>>=0,r=void 0===r?this.length:r>>>0,e||(e=0),"number"==typeof e)for(o=t;o<r;++o)this[o]=e;else{var s=u.isBuffer(e)?e:B(new u(e,n).toString()),a=s.length;for(o=0;o<r-t;++o)this[o+t]=s[o%a]}return this};var j=/[^+\/0-9A-Za-z-_]/g;function M(e){return e<16?"0"+e.toString(16):e.toString(16)}function B(e,t){var r;t=t||1/0;for(var n=e.length,i=null,o=[],s=0;s<n;++s){if((r=e.charCodeAt(s))>55295&&r<57344){if(!i){if(r>56319){(t-=3)>-1&&o.push(239,191,189);continue}if(s+1===n){(t-=3)>-1&&o.push(239,191,189);continue}i=r;continue}if(r<56320){(t-=3)>-1&&o.push(239,191,189),i=r;continue}r=65536+(i-55296<<10|r-56320)}else i&&(t-=3)>-1&&o.push(239,191,189);if(i=null,r<128){if((t-=1)<0)break;o.push(r)}else if(r<2048){if((t-=2)<0)break;o.push(r>>6|192,63&r|128)}else if(r<65536){if((t-=3)<0)break;o.push(r>>12|224,r>>6&63|128,63&r|128)}else{if(!(r<1114112))throw new Error("Invalid code point");if((t-=4)<0)break;o.push(r>>18|240,r>>12&63|128,r>>6&63|128,63&r|128)}}return o}function K(e){return n.toByteArray(function(e){if((e=function(e){return e.trim?e.trim():e.replace(/^\s+|\s+$/g,"")}(e).replace(j,"")).length<2)return"";for(;e.length%4!=0;)e+="=";return e}(e))}function V(e,t,r,n){for(var i=0;i<n&&!(i+r>=t.length||i>=e.length);++i)t[i+r]=e[i];return i}}).call(this,r(29))},function(e,t){var r;r=function(){return this}();try{r=r||new Function("return this")()}catch(e){"object"==typeof window&&(r=window)}e.exports=r},function(e,t,r){"use strict";t.byteLength=function(e){var t=u(e),r=t[0],n=t[1];return 3*(r+n)/4-n},t.toByteArray=function(e){var t,r,n=u(e),s=n[0],a=n[1],c=new o(function(e,t,r){return 3*(t+r)/4-r}(0,s,a)),h=0,l=a>0?s-4:s;for(r=0;r<l;r+=4)t=i[e.charCodeAt(r)]<<18|i[e.charCodeAt(r+1)]<<12|i[e.charCodeAt(r+2)]<<6|i[e.charCodeAt(r+3)],c[h++]=t>>16&255,c[h++]=t>>8&255,c[h++]=255&t;return 2===a&&(t=i[e.charCodeAt(r)]<<2|i[e.charCodeAt(r+1)]>>4,c[h++]=255&t),1===a&&(t=i[e.charCodeAt(r)]<<10|i[e.charCodeAt(r+1)]<<4|i[e.charCodeAt(r+2)]>>2,c[h++]=t>>8&255,c[h++]=255&t),c},t.fromByteArray=function(e){for(var t,r=e.length,i=r%3,o=[],s=16383,a=0,u=r-i;a<u;a+=s)o.push(c(e,a,a+s>u?u:a+s));return 1===i?(t=e[r-1],o.push(n[t>>2]+n[t<<4&63]+"==")):2===i&&(t=(e[r-2]<<8)+e[r-1],o.push(n[t>>10]+n[t>>4&63]+n[t<<2&63]+"=")),o.join("")};for(var n=[],i=[],o="undefined"!=typeof Uint8Array?Uint8Array:Array,s="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",a=0;a<64;++a)n[a]=s[a],i[s.charCodeAt(a)]=a;function u(e){var t=e.length;if(t%4>0)throw new Error("Invalid string. Length must be a multiple of 4");var r=e.indexOf("=");return-1===r&&(r=t),[r,r===t?0:4-r%4]}function c(e,t,r){for(var i,o,s=[],a=t;a<r;a+=3)i=(e[a]<<16&16711680)+(e[a+1]<<8&65280)+(255&e[a+2]),s.push(n[(o=i)>>18&63]+n[o>>12&63]+n[o>>6&63]+n[63&o]);return s.join("")}i["-".charCodeAt(0)]=62,i["_".charCodeAt(0)]=63},function(e,t){
 /*! ieee754. BSD-3-Clause License. Feross Aboukhadijeh <https://feross.org/opensource> */
-t.read=function(e,t,r,n,i){var o,s,a=8*i-n-1,u=(1<<a)-1,c=u>>1,h=-7,l=r?i-1:0,d=r?-1:1,f=e[t+l];for(l+=d,o=f&(1<<-h)-1,f>>=-h,h+=a;h>0;o=256*o+e[t+l],l+=d,h-=8);for(s=o&(1<<-h)-1,o>>=-h,h+=n;h>0;s=256*s+e[t+l],l+=d,h-=8);if(0===o)o=1-c;else{if(o===u)return s?NaN:1/0*(f?-1:1);s+=Math.pow(2,n),o-=c}return(f?-1:1)*s*Math.pow(2,o-n)},t.write=function(e,t,r,n,i,o){var s,a,u,c=8*o-i-1,h=(1<<c)-1,l=h>>1,d=23===i?Math.pow(2,-24)-Math.pow(2,-77):0,f=n?0:o-1,p=n?1:-1,g=t<0||0===t&&1/t<0?1:0;for(t=Math.abs(t),isNaN(t)||t===1/0?(a=isNaN(t)?1:0,s=h):(s=Math.floor(Math.log(t)/Math.LN2),t*(u=Math.pow(2,-s))<1&&(s--,u*=2),(t+=s+l>=1?d/u:d*Math.pow(2,1-l))*u>=2&&(s++,u/=2),s+l>=h?(a=0,s=h):s+l>=1?(a=(t*u-1)*Math.pow(2,i),s+=l):(a=t*Math.pow(2,l-1)*Math.pow(2,i),s=0));i>=8;e[r+f]=255&a,f+=p,a/=256,i-=8);for(s=s<<i|a,c+=i;c>0;e[r+f]=255&s,f+=p,s/=256,c-=8);e[r+f-p]|=128*g}},function(e,t){var r={}.toString;e.exports=Array.isArray||function(e){return"[object Array]"==r.call(e)}},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=function(e){var t=e.jws,r=e.KeyUtil,i=e.X509,o=e.crypto,s=e.hextob64u,a=e.b64tohex,u=e.AllowedSigningAlgs;return function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.parseJwt=function e(r){n.Log.debug("JoseUtil.parseJwt");try{var i=t.JWS.parse(r);return{header:i.headerObj,payload:i.payloadObj}}catch(e){n.Log.error(e)}},e.validateJwt=function(t,o,s,u,c,h,l){n.Log.debug("JoseUtil.validateJwt");try{if("RSA"===o.kty)if(o.e&&o.n)o=r.getKey(o);else{if(!o.x5c||!o.x5c.length)return n.Log.error("JoseUtil.validateJwt: RSA key missing key material",o),Promise.reject(new Error("RSA key missing key material"));var d=a(o.x5c[0]);o=i.getPublicKeyFromCertHex(d)}else{if("EC"!==o.kty)return n.Log.error("JoseUtil.validateJwt: Unsupported key type",o&&o.kty),Promise.reject(new Error(o.kty));if(!(o.crv&&o.x&&o.y))return n.Log.error("JoseUtil.validateJwt: EC key missing key material",o),Promise.reject(new Error("EC key missing key material"));o=r.getKey(o)}return e._validateJwt(t,o,s,u,c,h,l)}catch(e){return n.Log.error(e&&e.message||e),Promise.reject("JWT validation failed")}},e.validateJwtAttributes=function(t,r,i,o,s,a){o||(o=0),s||(s=parseInt(Date.now()/1e3));var u=e.parseJwt(t).payload;if(!u.iss)return n.Log.error("JoseUtil._validateJwt: issuer was not provided"),Promise.reject(new Error("issuer was not provided"));if(u.iss!==r)return n.Log.error("JoseUtil._validateJwt: Invalid issuer in token",u.iss),Promise.reject(new Error("Invalid issuer in token: "+u.iss));if(!u.aud)return n.Log.error("JoseUtil._validateJwt: aud was not provided"),Promise.reject(new Error("aud was not provided"));if(!(u.aud===i||Array.isArray(u.aud)&&u.aud.indexOf(i)>=0))return n.Log.error("JoseUtil._validateJwt: Invalid audience in token",u.aud),Promise.reject(new Error("Invalid audience in token: "+u.aud));if(u.azp&&u.azp!==i)return n.Log.error("JoseUtil._validateJwt: Invalid azp in token",u.azp),Promise.reject(new Error("Invalid azp in token: "+u.azp));if(!a){var c=s+o,h=s-o;if(!u.iat)return n.Log.error("JoseUtil._validateJwt: iat was not provided"),Promise.reject(new Error("iat was not provided"));if(c<u.iat)return n.Log.error("JoseUtil._validateJwt: iat is in the future",u.iat),Promise.reject(new Error("iat is in the future: "+u.iat));if(u.nbf&&c<u.nbf)return n.Log.error("JoseUtil._validateJwt: nbf is in the future",u.nbf),Promise.reject(new Error("nbf is in the future: "+u.nbf));if(!u.exp)return n.Log.error("JoseUtil._validateJwt: exp was not provided"),Promise.reject(new Error("exp was not provided"));if(u.exp<h)return n.Log.error("JoseUtil._validateJwt: exp is in the past",u.exp),Promise.reject(new Error("exp is in the past:"+u.exp))}return Promise.resolve(u)},e._validateJwt=function(r,i,o,s,a,c,h){return e.validateJwtAttributes(r,o,s,a,c,h).then(function(e){try{return t.JWS.verify(r,i,u)?e:(n.Log.error("JoseUtil._validateJwt: signature validation failed"),Promise.reject(new Error("signature validation failed")))}catch(e){return n.Log.error(e&&e.message||e),Promise.reject(new Error("signature validation failed"))}})},e.hashString=function e(t,r){try{return o.Util.hashString(t,r)}catch(e){n.Log.error(e)}},e.hexToBase64Url=function e(t){try{return s(t)}catch(e){n.Log.error(e)}},e}()};var n=r(0);e.exports=t.default},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.SigninResponse=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(3);t.SigninResponse=function(){function e(t){var r=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"#";!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e);var n=i.UrlUtility.parseUrlFragment(t,r);this.error=n.error,this.error_description=n.error_description,this.error_uri=n.error_uri,this.code=n.code,this.state=n.state,this.id_token=n.id_token,this.session_state=n.session_state,this.access_token=n.access_token,this.token_type=n.token_type,this.scope=n.scope,this.profile=void 0,this.expires_in=n.expires_in}return n(e,[{key:"expires_in",get:function(){if(this.expires_at){var e=parseInt(Date.now()/1e3);return this.expires_at-e}},set:function(e){var t=parseInt(e);if("number"==typeof t&&t>0){var r=parseInt(Date.now()/1e3);this.expires_at=r+t}}},{key:"expired",get:function(){var e=this.expires_in;if(void 0!==e)return e<=0}},{key:"scopes",get:function(){return(this.scope||"").split(" ")}},{key:"isOpenIdConnect",get:function(){return this.scopes.indexOf("openid")>=0||!!this.id_token}}]),e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.SignoutRequest=void 0;var n=r(0),i=r(3),o=r(9);t.SignoutRequest=function e(t){var r=t.url,s=t.id_token_hint,a=t.post_logout_redirect_uri,u=t.data,c=t.extraQueryParams,h=t.request_type;if(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),!r)throw n.Log.error("SignoutRequest.ctor: No url passed"),new Error("url");for(var l in s&&(r=i.UrlUtility.addQueryParam(r,"id_token_hint",s)),a&&(r=i.UrlUtility.addQueryParam(r,"post_logout_redirect_uri",a),u&&(this.state=new o.State({data:u,request_type:h}),r=i.UrlUtility.addQueryParam(r,"state",this.state.id))),c)r=i.UrlUtility.addQueryParam(r,l,c[l]);this.url=r}},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.SignoutResponse=void 0;var n=r(3);t.SignoutResponse=function e(t){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e);var r=n.UrlUtility.parseUrlFragment(t,"?");this.error=r.error,this.error_description=r.error_description,this.error_uri=r.error_uri,this.state=r.state}},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.InMemoryWebStorage=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0);t.InMemoryWebStorage=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this._data={}}return e.prototype.getItem=function(e){return i.Log.debug("InMemoryWebStorage.getItem",e),this._data[e]},e.prototype.setItem=function(e,t){i.Log.debug("InMemoryWebStorage.setItem",e),this._data[e]=t},e.prototype.removeItem=function(e){i.Log.debug("InMemoryWebStorage.removeItem",e),delete this._data[e]},e.prototype.key=function(e){return Object.getOwnPropertyNames(this._data)[e]},n(e,[{key:"length",get:function(){return Object.getOwnPropertyNames(this._data).length}}]),e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.UserManager=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0),o=r(10),s=r(39),a=r(15),u=r(45),c=r(47),h=r(18),l=r(8),d=r(20),f=r(11),p=r(4);t.UserManager=function(e){function t(){var r=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},n=arguments.length>1&&void 0!==arguments[1]?arguments[1]:c.SilentRenewService,o=arguments.length>2&&void 0!==arguments[2]?arguments[2]:h.SessionMonitor,a=arguments.length>3&&void 0!==arguments[3]?arguments[3]:d.TokenRevocationClient,l=arguments.length>4&&void 0!==arguments[4]?arguments[4]:f.TokenClient,g=arguments.length>5&&void 0!==arguments[5]?arguments[5]:p.JoseUtil;(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")})(this,t),r instanceof s.UserManagerSettings||(r=new s.UserManagerSettings(r));var y=function(e,t){if(!e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return!t||"object"!=typeof t&&"function"!=typeof t?e:t}(this,e.call(this,r));return y._events=new u.UserManagerEvents(r),y._silentRenewService=new n(y),y.settings.automaticSilentRenew&&(i.Log.debug("UserManager.ctor: automaticSilentRenew is configured, setting up silent renew"),y.startSilentRenew()),y.settings.monitorSession&&(i.Log.debug("UserManager.ctor: monitorSession is configured, setting up session monitor"),y._sessionMonitor=new o(y)),y._tokenRevocationClient=new a(y._settings),y._tokenClient=new l(y._settings),y._joseUtil=g,y}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function, not "+typeof t);e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}),t&&(Object.setPrototypeOf?Object.setPrototypeOf(e,t):e.__proto__=t)}(t,e),t.prototype.getUser=function(){var e=this;return this._loadUser().then(function(t){return t?(i.Log.info("UserManager.getUser: user loaded"),e._events.load(t,!1),t):(i.Log.info("UserManager.getUser: user not found in storage"),null)})},t.prototype.removeUser=function(){var e=this;return this.storeUser(null).then(function(){i.Log.info("UserManager.removeUser: user removed from storage"),e._events.unload()})},t.prototype.signinRedirect=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(e=Object.assign({},e)).request_type="si:r";var t={useReplaceToNavigate:e.useReplaceToNavigate};return this._signinStart(e,this._redirectNavigator,t).then(function(){i.Log.info("UserManager.signinRedirect: successful")})},t.prototype.signinRedirectCallback=function(e){return this._signinEnd(e||this._redirectNavigator.url).then(function(e){return e.profile&&e.profile.sub?i.Log.info("UserManager.signinRedirectCallback: successful, signed in sub: ",e.profile.sub):i.Log.info("UserManager.signinRedirectCallback: no sub"),e})},t.prototype.signinPopup=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(e=Object.assign({},e)).request_type="si:p";var t=e.redirect_uri||this.settings.popup_redirect_uri||this.settings.redirect_uri;return t?(e.redirect_uri=t,e.display="popup",this._signin(e,this._popupNavigator,{startUrl:t,popupWindowFeatures:e.popupWindowFeatures||this.settings.popupWindowFeatures,popupWindowTarget:e.popupWindowTarget||this.settings.popupWindowTarget}).then(function(e){return e&&(e.profile&&e.profile.sub?i.Log.info("UserManager.signinPopup: signinPopup successful, signed in sub: ",e.profile.sub):i.Log.info("UserManager.signinPopup: no sub")),e})):(i.Log.error("UserManager.signinPopup: No popup_redirect_uri or redirect_uri configured"),Promise.reject(new Error("No popup_redirect_uri or redirect_uri configured")))},t.prototype.signinPopupCallback=function(e){return this._signinCallback(e,this._popupNavigator).then(function(e){return e&&(e.profile&&e.profile.sub?i.Log.info("UserManager.signinPopupCallback: successful, signed in sub: ",e.profile.sub):i.Log.info("UserManager.signinPopupCallback: no sub")),e}).catch(function(e){i.Log.error(e.message)})},t.prototype.signinSilent=function(){var e=this,t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};return t=Object.assign({},t),this._loadUser().then(function(r){return r&&r.refresh_token?(t.refresh_token=r.refresh_token,e._useRefreshToken(t)):(t.request_type="si:s",t.id_token_hint=t.id_token_hint||e.settings.includeIdTokenInSilentRenew&&r&&r.id_token,r&&e._settings.validateSubOnSilentRenew&&(i.Log.debug("UserManager.signinSilent, subject prior to silent renew: ",r.profile.sub),t.current_sub=r.profile.sub),e._signinSilentIframe(t))})},t.prototype._useRefreshToken=function(){var e=this,t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};return this._tokenClient.exchangeRefreshToken(t).then(function(t){return t?t.access_token?e._loadUser().then(function(r){if(r){var n=Promise.resolve();return t.id_token&&(n=e._validateIdTokenFromTokenRefreshToken(r.profile,t.id_token)),n.then(function(){return i.Log.debug("UserManager._useRefreshToken: refresh token response success"),r.id_token=t.id_token||r.id_token,r.access_token=t.access_token,r.refresh_token=t.refresh_token||r.refresh_token,r.expires_in=t.expires_in,e.storeUser(r).then(function(){return e._events.load(r),r})})}return null}):(i.Log.error("UserManager._useRefreshToken: No access token returned from token endpoint"),Promise.reject("No access token returned from token endpoint")):(i.Log.error("UserManager._useRefreshToken: No response returned from token endpoint"),Promise.reject("No response returned from token endpoint"))})},t.prototype._validateIdTokenFromTokenRefreshToken=function(e,t){var r=this;return this._metadataService.getIssuer().then(function(n){return r.settings.getEpochTime().then(function(o){return r._joseUtil.validateJwtAttributes(t,n,r._settings.client_id,r._settings.clockSkew,o).then(function(t){return t?t.sub!==e.sub?(i.Log.error("UserManager._validateIdTokenFromTokenRefreshToken: sub in id_token does not match current sub"),Promise.reject(new Error("sub in id_token does not match current sub"))):t.auth_time&&t.auth_time!==e.auth_time?(i.Log.error("UserManager._validateIdTokenFromTokenRefreshToken: auth_time in id_token does not match original auth_time"),Promise.reject(new Error("auth_time in id_token does not match original auth_time"))):t.azp&&t.azp!==e.azp?(i.Log.error("UserManager._validateIdTokenFromTokenRefreshToken: azp in id_token does not match original azp"),Promise.reject(new Error("azp in id_token does not match original azp"))):!t.azp&&e.azp?(i.Log.error("UserManager._validateIdTokenFromTokenRefreshToken: azp not in id_token, but present in original id_token"),Promise.reject(new Error("azp not in id_token, but present in original id_token"))):void 0:(i.Log.error("UserManager._validateIdTokenFromTokenRefreshToken: Failed to validate id_token"),Promise.reject(new Error("Failed to validate id_token")))})})})},t.prototype._signinSilentIframe=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},t=e.redirect_uri||this.settings.silent_redirect_uri||this.settings.redirect_uri;return t?(e.redirect_uri=t,e.prompt=e.prompt||"none",this._signin(e,this._iframeNavigator,{startUrl:t,silentRequestTimeout:e.silentRequestTimeout||this.settings.silentRequestTimeout}).then(function(e){return e&&(e.profile&&e.profile.sub?i.Log.info("UserManager.signinSilent: successful, signed in sub: ",e.profile.sub):i.Log.info("UserManager.signinSilent: no sub")),e})):(i.Log.error("UserManager.signinSilent: No silent_redirect_uri configured"),Promise.reject(new Error("No silent_redirect_uri configured")))},t.prototype.signinSilentCallback=function(e){return this._signinCallback(e,this._iframeNavigator).then(function(e){return e&&(e.profile&&e.profile.sub?i.Log.info("UserManager.signinSilentCallback: successful, signed in sub: ",e.profile.sub):i.Log.info("UserManager.signinSilentCallback: no sub")),e})},t.prototype.signinCallback=function(e){var t=this;return this.readSigninResponseState(e).then(function(r){var n=r.state;return r.response,"si:r"===n.request_type?t.signinRedirectCallback(e):"si:p"===n.request_type?t.signinPopupCallback(e):"si:s"===n.request_type?t.signinSilentCallback(e):Promise.reject(new Error("invalid response_type in state"))})},t.prototype.signoutCallback=function(e,t){var r=this;return this.readSignoutResponseState(e).then(function(n){var i=n.state,o=n.response;return i?"so:r"===i.request_type?r.signoutRedirectCallback(e):"so:p"===i.request_type?r.signoutPopupCallback(e,t):Promise.reject(new Error("invalid response_type in state")):o})},t.prototype.querySessionStatus=function(){var e=this,t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(t=Object.assign({},t)).request_type="si:s";var r=t.redirect_uri||this.settings.silent_redirect_uri||this.settings.redirect_uri;return r?(t.redirect_uri=r,t.prompt="none",t.response_type=t.response_type||this.settings.query_status_response_type,t.scope=t.scope||"openid",t.skipUserInfo=!0,this._signinStart(t,this._iframeNavigator,{startUrl:r,silentRequestTimeout:t.silentRequestTimeout||this.settings.silentRequestTimeout}).then(function(t){return e.processSigninResponse(t.url).then(function(e){if(i.Log.debug("UserManager.querySessionStatus: got signin response"),e.session_state&&e.profile.sub)return i.Log.info("UserManager.querySessionStatus: querySessionStatus success for sub: ",e.profile.sub),{session_state:e.session_state,sub:e.profile.sub,sid:e.profile.sid};i.Log.info("querySessionStatus successful, user not authenticated")}).catch(function(t){if(t.session_state&&e.settings.monitorAnonymousSession&&("login_required"==t.message||"consent_required"==t.message||"interaction_required"==t.message||"account_selection_required"==t.message))return i.Log.info("UserManager.querySessionStatus: querySessionStatus success for anonymous user"),{session_state:t.session_state};throw t})})):(i.Log.error("UserManager.querySessionStatus: No silent_redirect_uri configured"),Promise.reject(new Error("No silent_redirect_uri configured")))},t.prototype._signin=function(e,t){var r=this,n=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};return this._signinStart(e,t,n).then(function(t){return r._signinEnd(t.url,e)})},t.prototype._signinStart=function(e,t){var r=this,n=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};return t.prepare(n).then(function(t){return i.Log.debug("UserManager._signinStart: got navigator window handle"),r.createSigninRequest(e).then(function(e){return i.Log.debug("UserManager._signinStart: got signin request"),n.url=e.url,n.id=e.state.id,t.navigate(n)}).catch(function(e){throw t.close&&(i.Log.debug("UserManager._signinStart: Error after preparing navigator, closing navigator window"),t.close()),e})})},t.prototype._signinEnd=function(e){var t=this,r=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};return this.processSigninResponse(e).then(function(e){i.Log.debug("UserManager._signinEnd: got signin response");var n=new a.User(e);if(r.current_sub){if(r.current_sub!==n.profile.sub)return i.Log.debug("UserManager._signinEnd: current user does not match user returned from signin. sub from signin: ",n.profile.sub),Promise.reject(new Error("login_required"));i.Log.debug("UserManager._signinEnd: current user matches user returned from signin")}return t.storeUser(n).then(function(){return i.Log.debug("UserManager._signinEnd: user stored"),t._events.load(n),n})})},t.prototype._signinCallback=function(e,t){i.Log.debug("UserManager._signinCallback");var r="query"===this._settings.response_mode||!this._settings.response_mode&&l.SigninRequest.isCode(this._settings.response_type)?"?":"#";return t.callback(e,void 0,r)},t.prototype.signoutRedirect=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(e=Object.assign({},e)).request_type="so:r";var t=e.post_logout_redirect_uri||this.settings.post_logout_redirect_uri;t&&(e.post_logout_redirect_uri=t);var r={useReplaceToNavigate:e.useReplaceToNavigate};return this._signoutStart(e,this._redirectNavigator,r).then(function(){i.Log.info("UserManager.signoutRedirect: successful")})},t.prototype.signoutRedirectCallback=function(e){return this._signoutEnd(e||this._redirectNavigator.url).then(function(e){return i.Log.info("UserManager.signoutRedirectCallback: successful"),e})},t.prototype.signoutPopup=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(e=Object.assign({},e)).request_type="so:p";var t=e.post_logout_redirect_uri||this.settings.popup_post_logout_redirect_uri||this.settings.post_logout_redirect_uri;return e.post_logout_redirect_uri=t,e.display="popup",e.post_logout_redirect_uri&&(e.state=e.state||{}),this._signout(e,this._popupNavigator,{startUrl:t,popupWindowFeatures:e.popupWindowFeatures||this.settings.popupWindowFeatures,popupWindowTarget:e.popupWindowTarget||this.settings.popupWindowTarget}).then(function(){i.Log.info("UserManager.signoutPopup: successful")})},t.prototype.signoutPopupCallback=function(e,t){return void 0===t&&"boolean"==typeof e&&(t=e,e=null),this._popupNavigator.callback(e,t,"?").then(function(){i.Log.info("UserManager.signoutPopupCallback: successful")})},t.prototype._signout=function(e,t){var r=this,n=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};return this._signoutStart(e,t,n).then(function(e){return r._signoutEnd(e.url)})},t.prototype._signoutStart=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},t=this,r=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};return arguments[1].prepare(r).then(function(n){return i.Log.debug("UserManager._signoutStart: got navigator window handle"),t._loadUser().then(function(o){return i.Log.debug("UserManager._signoutStart: loaded current user from storage"),(t._settings.revokeAccessTokenOnSignout?t._revokeInternal(o):Promise.resolve()).then(function(){var s=e.id_token_hint||o&&o.id_token;return s&&(i.Log.debug("UserManager._signoutStart: Setting id_token into signout request"),e.id_token_hint=s),t.removeUser().then(function(){return i.Log.debug("UserManager._signoutStart: user removed, creating signout request"),t.createSignoutRequest(e).then(function(e){return i.Log.debug("UserManager._signoutStart: got signout request"),r.url=e.url,e.state&&(r.id=e.state.id),n.navigate(r)})})})}).catch(function(e){throw n.close&&(i.Log.debug("UserManager._signoutStart: Error after preparing navigator, closing navigator window"),n.close()),e})})},t.prototype._signoutEnd=function(e){return this.processSignoutResponse(e).then(function(e){return i.Log.debug("UserManager._signoutEnd: got signout response"),e})},t.prototype.revokeAccessToken=function(){var e=this;return this._loadUser().then(function(t){return e._revokeInternal(t,!0).then(function(r){if(r)return i.Log.debug("UserManager.revokeAccessToken: removing token properties from user and re-storing"),t.access_token=null,t.refresh_token=null,t.expires_at=null,t.token_type=null,e.storeUser(t).then(function(){i.Log.debug("UserManager.revokeAccessToken: user stored"),e._events.load(t)})})}).then(function(){i.Log.info("UserManager.revokeAccessToken: access token revoked successfully")})},t.prototype._revokeInternal=function(e,t){var r=this;if(e){var n=e.access_token,o=e.refresh_token;return this._revokeAccessTokenInternal(n,t).then(function(e){return r._revokeRefreshTokenInternal(o,t).then(function(t){return e||t||i.Log.debug("UserManager.revokeAccessToken: no need to revoke due to no token(s), or JWT format"),e||t})})}return Promise.resolve(!1)},t.prototype._revokeAccessTokenInternal=function(e,t){return!e||e.indexOf(".")>=0?Promise.resolve(!1):this._tokenRevocationClient.revoke(e,t).then(function(){return!0})},t.prototype._revokeRefreshTokenInternal=function(e,t){return e?this._tokenRevocationClient.revoke(e,t,"refresh_token").then(function(){return!0}):Promise.resolve(!1)},t.prototype.startSilentRenew=function(){this._silentRenewService.start()},t.prototype.stopSilentRenew=function(){this._silentRenewService.stop()},t.prototype._loadUser=function(){return this._userStore.get(this._userStoreKey).then(function(e){return e?(i.Log.debug("UserManager._loadUser: user storageString loaded"),a.User.fromStorageString(e)):(i.Log.debug("UserManager._loadUser: no user storageString"),null)})},t.prototype.storeUser=function(e){if(e){i.Log.debug("UserManager.storeUser: storing user");var t=e.toStorageString();return this._userStore.set(this._userStoreKey,t)}return i.Log.debug("storeUser.storeUser: removing user"),this._userStore.remove(this._userStoreKey)},n(t,[{key:"_redirectNavigator",get:function(){return this.settings.redirectNavigator}},{key:"_popupNavigator",get:function(){return this.settings.popupNavigator}},{key:"_iframeNavigator",get:function(){return this.settings.iframeNavigator}},{key:"_userStore",get:function(){return this.settings.userStore}},{key:"events",get:function(){return this._events}},{key:"_userStoreKey",get:function(){return"user:"+this.settings.authority+":"+this.settings.client_id}}]),t}(o.OidcClient)},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.UserManagerSettings=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=(r(0),r(5)),o=r(40),s=r(41),a=r(43),u=r(6),c=r(1),h=r(8);t.UserManagerSettings=function(e){function t(){var r=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},n=r.popup_redirect_uri,i=r.popup_post_logout_redirect_uri,l=r.popupWindowFeatures,d=r.popupWindowTarget,f=r.silent_redirect_uri,p=r.silentRequestTimeout,g=r.automaticSilentRenew,y=void 0!==g&&g,v=r.validateSubOnSilentRenew,m=void 0!==v&&v,w=r.includeIdTokenInSilentRenew,_=void 0===w||w,S=r.monitorSession,b=void 0===S||S,E=r.monitorAnonymousSession,F=void 0!==E&&E,x=r.checkSessionInterval,A=void 0===x?2e3:x,k=r.stopCheckSessionOnError,P=void 0===k||k,T=r.query_status_response_type,I=r.revokeAccessTokenOnSignout,C=void 0!==I&&I,R=r.accessTokenExpiringNotificationTime,U=void 0===R?60:R,L=r.redirectNavigator,D=void 0===L?new o.RedirectNavigator:L,N=r.popupNavigator,O=void 0===N?new s.PopupNavigator:N,H=r.iframeNavigator,j=void 0===H?new a.IFrameNavigator:H,M=r.userStore,B=void 0===M?new u.WebStorageStateStore({store:c.Global.sessionStorage}):M;!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,t);var K=function(e,t){if(!e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return!t||"object"!=typeof t&&"function"!=typeof t?e:t}(this,e.call(this,arguments[0]));return K._popup_redirect_uri=n,K._popup_post_logout_redirect_uri=i,K._popupWindowFeatures=l,K._popupWindowTarget=d,K._silent_redirect_uri=f,K._silentRequestTimeout=p,K._automaticSilentRenew=y,K._validateSubOnSilentRenew=m,K._includeIdTokenInSilentRenew=_,K._accessTokenExpiringNotificationTime=U,K._monitorSession=b,K._monitorAnonymousSession=F,K._checkSessionInterval=A,K._stopCheckSessionOnError=P,T?K._query_status_response_type=T:arguments[0]&&arguments[0].response_type?K._query_status_response_type=h.SigninRequest.isOidc(arguments[0].response_type)?"id_token":"code":K._query_status_response_type="id_token",K._revokeAccessTokenOnSignout=C,K._redirectNavigator=D,K._popupNavigator=O,K._iframeNavigator=j,K._userStore=B,K}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function, not "+typeof t);e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}),t&&(Object.setPrototypeOf?Object.setPrototypeOf(e,t):e.__proto__=t)}(t,e),n(t,[{key:"popup_redirect_uri",get:function(){return this._popup_redirect_uri}},{key:"popup_post_logout_redirect_uri",get:function(){return this._popup_post_logout_redirect_uri}},{key:"popupWindowFeatures",get:function(){return this._popupWindowFeatures}},{key:"popupWindowTarget",get:function(){return this._popupWindowTarget}},{key:"silent_redirect_uri",get:function(){return this._silent_redirect_uri}},{key:"silentRequestTimeout",get:function(){return this._silentRequestTimeout}},{key:"automaticSilentRenew",get:function(){return this._automaticSilentRenew}},{key:"validateSubOnSilentRenew",get:function(){return this._validateSubOnSilentRenew}},{key:"includeIdTokenInSilentRenew",get:function(){return this._includeIdTokenInSilentRenew}},{key:"accessTokenExpiringNotificationTime",get:function(){return this._accessTokenExpiringNotificationTime}},{key:"monitorSession",get:function(){return this._monitorSession}},{key:"monitorAnonymousSession",get:function(){return this._monitorAnonymousSession}},{key:"checkSessionInterval",get:function(){return this._checkSessionInterval}},{key:"stopCheckSessionOnError",get:function(){return this._stopCheckSessionOnError}},{key:"query_status_response_type",get:function(){return this._query_status_response_type}},{key:"revokeAccessTokenOnSignout",get:function(){return this._revokeAccessTokenOnSignout}},{key:"redirectNavigator",get:function(){return this._redirectNavigator}},{key:"popupNavigator",get:function(){return this._popupNavigator}},{key:"iframeNavigator",get:function(){return this._iframeNavigator}},{key:"userStore",get:function(){return this._userStore}}]),t}(i.OidcClientSettings)},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.RedirectNavigator=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0);t.RedirectNavigator=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.prepare=function(){return Promise.resolve(this)},e.prototype.navigate=function(e){return e&&e.url?(e.useReplaceToNavigate?window.location.replace(e.url):window.location=e.url,Promise.resolve()):(i.Log.error("RedirectNavigator.navigate: No url provided"),Promise.reject(new Error("No url provided")))},n(e,[{key:"url",get:function(){return window.location.href}}]),e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.PopupNavigator=void 0;var n=r(0),i=r(42);t.PopupNavigator=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.prepare=function(e){var t=new i.PopupWindow(e);return Promise.resolve(t)},e.prototype.callback=function e(t,r,o){n.Log.debug("PopupNavigator.callback");try{return i.PopupWindow.notifyOpener(t,r,o),Promise.resolve()}catch(e){return Promise.reject(e)}},e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.PopupWindow=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0),o=r(3);t.PopupWindow=function(){function e(t){var r=this;!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this._promise=new Promise(function(e,t){r._resolve=e,r._reject=t});var n=t.popupWindowTarget||"_blank",o=t.popupWindowFeatures||"location=no,toolbar=no,width=500,height=500,left=100,top=100;";this._popup=window.open("",n,o),this._popup&&(i.Log.debug("PopupWindow.ctor: popup successfully created"),this._checkForPopupClosedTimer=window.setInterval(this._checkForPopupClosed.bind(this),500))}return e.prototype.navigate=function(e){return this._popup?e&&e.url?(i.Log.debug("PopupWindow.navigate: Setting URL in popup"),this._id=e.id,this._id&&(window["popupCallback_"+e.id]=this._callback.bind(this)),this._popup.focus(),this._popup.window.location=e.url):(this._error("PopupWindow.navigate: no url provided"),this._error("No url provided")):this._error("PopupWindow.navigate: Error opening popup window"),this.promise},e.prototype._success=function(e){i.Log.debug("PopupWindow.callback: Successful response from popup window"),this._cleanup(),this._resolve(e)},e.prototype._error=function(e){i.Log.error("PopupWindow.error: ",e),this._cleanup(),this._reject(new Error(e))},e.prototype.close=function(){this._cleanup(!1)},e.prototype._cleanup=function(e){i.Log.debug("PopupWindow.cleanup"),window.clearInterval(this._checkForPopupClosedTimer),this._checkForPopupClosedTimer=null,delete window["popupCallback_"+this._id],this._popup&&!e&&this._popup.close(),this._popup=null},e.prototype._checkForPopupClosed=function(){this._popup&&!this._popup.closed||this._error("Popup window closed")},e.prototype._callback=function(e,t){this._cleanup(t),e?(i.Log.debug("PopupWindow.callback success"),this._success({url:e})):(i.Log.debug("PopupWindow.callback: Invalid response from popup"),this._error("Invalid response from popup"))},e.notifyOpener=function(e,t,r){if(window.opener){if(e=e||window.location.href){var n=o.UrlUtility.parseUrlFragment(e,r);if(n.state){var s="popupCallback_"+n.state,a=window.opener[s];a?(i.Log.debug("PopupWindow.notifyOpener: passing url message to opener"),a(e,t)):i.Log.warn("PopupWindow.notifyOpener: no matching callback found on opener")}else i.Log.warn("PopupWindow.notifyOpener: no state found in response url")}}else i.Log.warn("PopupWindow.notifyOpener: no window.opener. Can't complete notification.")},n(e,[{key:"promise",get:function(){return this._promise}}]),e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.IFrameNavigator=void 0;var n=r(0),i=r(44);t.IFrameNavigator=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.prepare=function(e){var t=new i.IFrameWindow(e);return Promise.resolve(t)},e.prototype.callback=function e(t){n.Log.debug("IFrameNavigator.callback");try{return i.IFrameWindow.notifyParent(t),Promise.resolve()}catch(e){return Promise.reject(e)}},e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.IFrameWindow=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0);t.IFrameWindow=function(){function e(t){var r=this;!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this._promise=new Promise(function(e,t){r._resolve=e,r._reject=t}),this._boundMessageEvent=this._message.bind(this),window.addEventListener("message",this._boundMessageEvent,!1),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.width=0,this._frame.height=0,window.document.body.appendChild(this._frame)}return e.prototype.navigate=function(e){if(e&&e.url){var t=e.silentRequestTimeout||1e4;i.Log.debug("IFrameWindow.navigate: Using timeout of:",t),this._timer=window.setTimeout(this._timeout.bind(this),t),this._frame.src=e.url}else this._error("No url provided");return this.promise},e.prototype._success=function(e){this._cleanup(),i.Log.debug("IFrameWindow: Successful response from frame window"),this._resolve(e)},e.prototype._error=function(e){this._cleanup(),i.Log.error(e),this._reject(new Error(e))},e.prototype.close=function(){this._cleanup()},e.prototype._cleanup=function(){this._frame&&(i.Log.debug("IFrameWindow: cleanup"),window.removeEventListener("message",this._boundMessageEvent,!1),window.clearTimeout(this._timer),window.document.body.removeChild(this._frame),this._timer=null,this._frame=null,this._boundMessageEvent=null)},e.prototype._timeout=function(){i.Log.debug("IFrameWindow.timeout"),this._error("Frame window timed out")},e.prototype._message=function(e){if(i.Log.debug("IFrameWindow.message"),this._timer&&e.origin===this._origin&&e.source===this._frame.contentWindow&&"string"==typeof e.data&&(e.data.startsWith("http://")||e.data.startsWith("https://"))){var t=e.data;t?this._success({url:t}):this._error("Invalid response from frame")}},e.notifyParent=function(e){i.Log.debug("IFrameWindow.notifyParent"),(e=e||window.location.href)&&(i.Log.debug("IFrameWindow.notifyParent: posting url message to parent"),window.parent.postMessage(e,location.protocol+"//"+location.host))},n(e,[{key:"promise",get:function(){return this._promise}},{key:"_origin",get:function(){return location.protocol+"//"+location.host}}]),e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.UserManagerEvents=void 0;var n=r(0),i=r(16),o=r(17);t.UserManagerEvents=function(e){function t(r){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,t);var n=function(e,t){if(!e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return!t||"object"!=typeof t&&"function"!=typeof t?e:t}(this,e.call(this,r));return n._userLoaded=new o.Event("User loaded"),n._userUnloaded=new o.Event("User unloaded"),n._silentRenewError=new o.Event("Silent renew error"),n._userSignedIn=new o.Event("User signed in"),n._userSignedOut=new o.Event("User signed out"),n._userSessionChanged=new o.Event("User session changed"),n}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function, not "+typeof t);e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}),t&&(Object.setPrototypeOf?Object.setPrototypeOf(e,t):e.__proto__=t)}(t,e),t.prototype.load=function(t){var r=!(arguments.length>1&&void 0!==arguments[1])||arguments[1];n.Log.debug("UserManagerEvents.load"),e.prototype.load.call(this,t),r&&this._userLoaded.raise(t)},t.prototype.unload=function(){n.Log.debug("UserManagerEvents.unload"),e.prototype.unload.call(this),this._userUnloaded.raise()},t.prototype.addUserLoaded=function(e){this._userLoaded.addHandler(e)},t.prototype.removeUserLoaded=function(e){this._userLoaded.removeHandler(e)},t.prototype.addUserUnloaded=function(e){this._userUnloaded.addHandler(e)},t.prototype.removeUserUnloaded=function(e){this._userUnloaded.removeHandler(e)},t.prototype.addSilentRenewError=function(e){this._silentRenewError.addHandler(e)},t.prototype.removeSilentRenewError=function(e){this._silentRenewError.removeHandler(e)},t.prototype._raiseSilentRenewError=function(e){n.Log.debug("UserManagerEvents._raiseSilentRenewError",e.message),this._silentRenewError.raise(e)},t.prototype.addUserSignedIn=function(e){this._userSignedIn.addHandler(e)},t.prototype.removeUserSignedIn=function(e){this._userSignedIn.removeHandler(e)},t.prototype._raiseUserSignedIn=function(){n.Log.debug("UserManagerEvents._raiseUserSignedIn"),this._userSignedIn.raise()},t.prototype.addUserSignedOut=function(e){this._userSignedOut.addHandler(e)},t.prototype.removeUserSignedOut=function(e){this._userSignedOut.removeHandler(e)},t.prototype._raiseUserSignedOut=function(){n.Log.debug("UserManagerEvents._raiseUserSignedOut"),this._userSignedOut.raise()},t.prototype.addUserSessionChanged=function(e){this._userSessionChanged.addHandler(e)},t.prototype.removeUserSessionChanged=function(e){this._userSessionChanged.removeHandler(e)},t.prototype._raiseUserSessionChanged=function(){n.Log.debug("UserManagerEvents._raiseUserSessionChanged"),this._userSessionChanged.raise()},t}(i.AccessTokenEvents)},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.Timer=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0),o=r(1),s=r(17);t.Timer=function(e){function t(r){var n=arguments.length>1&&void 0!==arguments[1]?arguments[1]:o.Global.timer,i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:void 0;!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,t);var s=function(e,t){if(!e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return!t||"object"!=typeof t&&"function"!=typeof t?e:t}(this,e.call(this,r));return s._timer=n,s._nowFunc=i||function(){return Date.now()/1e3},s}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function, not "+typeof t);e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}),t&&(Object.setPrototypeOf?Object.setPrototypeOf(e,t):e.__proto__=t)}(t,e),t.prototype.init=function(e){e<=0&&(e=1),e=parseInt(e);var t=this.now+e;if(this.expiration===t&&this._timerHandle)i.Log.debug("Timer.init timer "+this._name+" skipping initialization since already initialized for expiration:",this.expiration);else{this.cancel(),i.Log.debug("Timer.init timer "+this._name+" for duration:",e),this._expiration=t;var r=5;e<r&&(r=e),this._timerHandle=this._timer.setInterval(this._callback.bind(this),1e3*r)}},t.prototype.cancel=function(){this._timerHandle&&(i.Log.debug("Timer.cancel: ",this._name),this._timer.clearInterval(this._timerHandle),this._timerHandle=null)},t.prototype._callback=function(){var t=this._expiration-this.now;i.Log.debug("Timer.callback; "+this._name+" timer expires in:",t),this._expiration<=this.now&&(this.cancel(),e.prototype.raise.call(this))},n(t,[{key:"now",get:function(){return parseInt(this._nowFunc())}},{key:"expiration",get:function(){return this._expiration}}]),t}(s.Event)},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.SilentRenewService=void 0;var n=r(0);t.SilentRenewService=function(){function e(t){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this._userManager=t}return e.prototype.start=function(){this._callback||(this._callback=this._tokenExpiring.bind(this),this._userManager.events.addAccessTokenExpiring(this._callback),this._userManager.getUser().then(function(e){}).catch(function(e){n.Log.error("SilentRenewService.start: Error from getUser:",e.message)}))},e.prototype.stop=function(){this._callback&&(this._userManager.events.removeAccessTokenExpiring(this._callback),delete this._callback)},e.prototype._tokenExpiring=function(){var e=this;this._userManager.signinSilent().then(function(e){n.Log.debug("SilentRenewService._tokenExpiring: Silent token renewal successful")},function(t){n.Log.error("SilentRenewService._tokenExpiring: Error from signinSilent:",t.message),e._userManager.events._raiseSilentRenewError(t)})},e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.CordovaPopupNavigator=void 0;var n=r(21);t.CordovaPopupNavigator=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.prepare=function(e){var t=new n.CordovaPopupWindow(e);return Promise.resolve(t)},e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.CordovaIFrameNavigator=void 0;var n=r(21);t.CordovaIFrameNavigator=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.prepare=function(e){e.popupWindowFeatures="hidden=yes";var t=new n.CordovaPopupWindow(e);return Promise.resolve(t)},e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.Version="1.11.6"}])},e.exports=t()}},r={};function n(e){var i=r[e];if(void 0!==i)return i.exports;var o=r[e]={exports:{}};return t[e].call(o.exports,o,o.exports,n),o.exports}n.n=e=>{var t=e&&e.__esModule?()=>e.default:()=>e;return n.d(t,{a:t}),t},n.d=(e,t)=>{for(var r in t)n.o(t,r)&&!n.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:t[r]})},n.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),n.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})};var i={};return(()=>{"use strict";function e(...e){console.log(...e)}function t(...e){console.warn(...e)}n.r(i),n.d(i,{ACL_LINK:()=>Zt,appContext:()=>tr,authSession:()=>br,authn:()=>Sr,createTypeIndexLogic:()=>vr,getSuggestedIssuers:()=>_r,offlineTestID:()=>rr,solidLogicSingleton:()=>mr,store:()=>Er});const r=new TextEncoder,o=new TextDecoder;function s(...e){const t=e.reduce((e,{length:t})=>e+t,0),r=new Uint8Array(t);let n=0;for(const t of e)r.set(t,n),n+=t.length;return r}const a=e=>(e=>{let t=e;"string"==typeof t&&(t=r.encode(t));const n=[];for(let e=0;e<t.length;e+=32768)n.push(String.fromCharCode.apply(null,t.subarray(e,e+32768)));return btoa(n.join(""))})(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"),u=e=>{let t=e;t instanceof Uint8Array&&(t=o.decode(t)),t=t.replace(/-/g,"+").replace(/_/g,"/").replace(/\s/g,"");try{return(e=>{const t=atob(e),r=new Uint8Array(t.length);for(let e=0;e<t.length;e++)r[e]=t.charCodeAt(e);return r})(t)}catch{throw new TypeError("The input to be decoded is not correctly encoded.")}};class c extends Error{constructor(e,t){super(e,t),this.code="ERR_JOSE_GENERIC",this.name=this.constructor.name,Error.captureStackTrace?.(this,this.constructor)}}c.code="ERR_JOSE_GENERIC";class h extends c{constructor(e,t,r="unspecified",n="unspecified"){super(e,{cause:{claim:r,reason:n,payload:t}}),this.code="ERR_JWT_CLAIM_VALIDATION_FAILED",this.claim=r,this.reason=n,this.payload=t}}h.code="ERR_JWT_CLAIM_VALIDATION_FAILED";class l extends c{constructor(e,t,r="unspecified",n="unspecified"){super(e,{cause:{claim:r,reason:n,payload:t}}),this.code="ERR_JWT_EXPIRED",this.claim=r,this.reason=n,this.payload=t}}l.code="ERR_JWT_EXPIRED";class d extends c{constructor(){super(...arguments),this.code="ERR_JOSE_ALG_NOT_ALLOWED"}}d.code="ERR_JOSE_ALG_NOT_ALLOWED";class f extends c{constructor(){super(...arguments),this.code="ERR_JOSE_NOT_SUPPORTED"}}f.code="ERR_JOSE_NOT_SUPPORTED";(class extends c{constructor(e="decryption operation failed",t){super(e,t),this.code="ERR_JWE_DECRYPTION_FAILED"}}).code="ERR_JWE_DECRYPTION_FAILED";(class extends c{constructor(){super(...arguments),this.code="ERR_JWE_INVALID"}}).code="ERR_JWE_INVALID";class p extends c{constructor(){super(...arguments),this.code="ERR_JWS_INVALID"}}p.code="ERR_JWS_INVALID";class g extends c{constructor(){super(...arguments),this.code="ERR_JWT_INVALID"}}g.code="ERR_JWT_INVALID";(class extends c{constructor(){super(...arguments),this.code="ERR_JWK_INVALID"}}).code="ERR_JWK_INVALID";class y extends c{constructor(){super(...arguments),this.code="ERR_JWKS_INVALID"}}y.code="ERR_JWKS_INVALID";class v extends c{constructor(e="no applicable key found in the JSON Web Key Set",t){super(e,t),this.code="ERR_JWKS_NO_MATCHING_KEY"}}v.code="ERR_JWKS_NO_MATCHING_KEY";class m extends c{constructor(e="multiple matching keys found in the JSON Web Key Set",t){super(e,t),this.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS"}}Symbol.asyncIterator,m.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS";class w extends c{constructor(e="request timed out",t){super(e,t),this.code="ERR_JWKS_TIMEOUT"}}w.code="ERR_JWKS_TIMEOUT";class _ extends c{constructor(e="signature verification failed",t){super(e,t),this.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED"}}function S(e,t){const r=`SHA-${e.slice(-3)}`;switch(e){case"HS256":case"HS384":case"HS512":return{hash:r,name:"HMAC"};case"PS256":case"PS384":case"PS512":return{hash:r,name:"RSA-PSS",saltLength:e.slice(-3)>>3};case"RS256":case"RS384":case"RS512":return{hash:r,name:"RSASSA-PKCS1-v1_5"};case"ES256":case"ES384":case"ES512":return{hash:r,name:"ECDSA",namedCurve:t.namedCurve};case"Ed25519":return{name:"Ed25519"};case"EdDSA":return{name:t.name};default:throw new f(`alg ${e} is not supported either by JOSE or your javascript runtime`)}}_.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED";const b=crypto,E=e=>e instanceof CryptoKey,F=(e,t)=>{if(e.startsWith("RS")||e.startsWith("PS")){const{modulusLength:r}=t.algorithm;if("number"!=typeof r||r<2048)throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`)}};function x(e,t="algorithm.name"){return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`)}function A(e,t){return e.name===t}function k(e){return parseInt(e.name.slice(4),10)}function P(e,t){if(t.length&&!t.some(t=>e.usages.includes(t))){let e="CryptoKey does not support this operation, its usages must include ";if(t.length>2){const r=t.pop();e+=`one of ${t.join(", ")}, or ${r}.`}else 2===t.length?e+=`one of ${t[0]} or ${t[1]}.`:e+=`${t[0]}.`;throw new TypeError(e)}}function T(e,t,...r){switch(t){case"HS256":case"HS384":case"HS512":{if(!A(e.algorithm,"HMAC"))throw x("HMAC");const r=parseInt(t.slice(2),10);if(k(e.algorithm.hash)!==r)throw x(`SHA-${r}`,"algorithm.hash");break}case"RS256":case"RS384":case"RS512":{if(!A(e.algorithm,"RSASSA-PKCS1-v1_5"))throw x("RSASSA-PKCS1-v1_5");const r=parseInt(t.slice(2),10);if(k(e.algorithm.hash)!==r)throw x(`SHA-${r}`,"algorithm.hash");break}case"PS256":case"PS384":case"PS512":{if(!A(e.algorithm,"RSA-PSS"))throw x("RSA-PSS");const r=parseInt(t.slice(2),10);if(k(e.algorithm.hash)!==r)throw x(`SHA-${r}`,"algorithm.hash");break}case"EdDSA":if("Ed25519"!==e.algorithm.name&&"Ed448"!==e.algorithm.name)throw x("Ed25519 or Ed448");break;case"Ed25519":if(!A(e.algorithm,"Ed25519"))throw x("Ed25519");break;case"ES256":case"ES384":case"ES512":{if(!A(e.algorithm,"ECDSA"))throw x("ECDSA");const r=function(e){switch(e){case"ES256":return"P-256";case"ES384":return"P-384";case"ES512":return"P-521";default:throw new Error("unreachable")}}(t);if(e.algorithm.namedCurve!==r)throw x(r,"algorithm.namedCurve");break}default:throw new TypeError("CryptoKey does not support this operation")}P(e,r)}function I(e,t,...r){if((r=r.filter(Boolean)).length>2){const t=r.pop();e+=`one of type ${r.join(", ")}, or ${t}.`}else 2===r.length?e+=`one of type ${r[0]} or ${r[1]}.`:e+=`of type ${r[0]}.`;return null==t?e+=` Received ${t}`:"function"==typeof t&&t.name?e+=` Received function ${t.name}`:"object"==typeof t&&null!=t&&t.constructor?.name&&(e+=` Received an instance of ${t.constructor.name}`),e}const C=(e,...t)=>I("Key must be ",e,...t);function R(e,t,...r){return I(`Key for the ${e} algorithm must be `,t,...r)}const U=e=>!!E(e)||"KeyObject"===e?.[Symbol.toStringTag],L=["CryptoKey"];function D(e){if("object"!=typeof(t=e)||null===t||"[object Object]"!==Object.prototype.toString.call(e))return!1;var t;if(null===Object.getPrototypeOf(e))return!0;let r=e;for(;null!==Object.getPrototypeOf(r);)r=Object.getPrototypeOf(r);return Object.getPrototypeOf(e)===r}function N(e){return D(e)&&"string"==typeof e.kty}const O=async e=>{if(!e.alg)throw new TypeError('"alg" argument is required when "jwk.alg" is not present');const{algorithm:t,keyUsages:r}=function(e){let t,r;switch(e.kty){case"RSA":switch(e.alg){case"PS256":case"PS384":case"PS512":t={name:"RSA-PSS",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case"RS256":case"RS384":case"RS512":t={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":t={name:"RSA-OAEP",hash:`SHA-${parseInt(e.alg.slice(-3),10)||1}`},r=e.d?["decrypt","unwrapKey"]:["encrypt","wrapKey"];break;default:throw new f('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;case"EC":switch(e.alg){case"ES256":t={name:"ECDSA",namedCurve:"P-256"},r=e.d?["sign"]:["verify"];break;case"ES384":t={name:"ECDSA",namedCurve:"P-384"},r=e.d?["sign"]:["verify"];break;case"ES512":t={name:"ECDSA",namedCurve:"P-521"},r=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:"ECDH",namedCurve:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new f('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;case"OKP":switch(e.alg){case"Ed25519":t={name:"Ed25519"},r=e.d?["sign"]:["verify"];break;case"EdDSA":t={name:e.crv},r=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new f('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;default:throw new f('Invalid or unsupported JWK "kty" (Key Type) Parameter value')}return{algorithm:t,keyUsages:r}}(e),n=[t,e.ext??!1,e.key_ops??r],i={...e};return delete i.alg,delete i.use,b.subtle.importKey("jwk",i,...n)},H=e=>u(e);let j,M;const B=e=>"KeyObject"===e?.[Symbol.toStringTag],K=async(e,t,r,n,i=!1)=>{let o=e.get(t);if(o?.[n])return o[n];const s=await O({...r,alg:n});return i&&Object.freeze(t),o?o[n]=s:e.set(t,{[n]:s}),s},V=(e,t)=>{if(B(e)){let r=e.export({format:"jwk"});return delete r.d,delete r.dp,delete r.dq,delete r.p,delete r.q,delete r.qi,r.k?H(r.k):(M||(M=new WeakMap),K(M,e,r,t))}if(N(e)){if(e.k)return u(e.k);M||(M=new WeakMap);return K(M,e,e,t,!0)}return e},q=(e,t)=>{if(B(e)){let r=e.export({format:"jwk"});return r.k?H(r.k):(j||(j=new WeakMap),K(j,e,r,t))}if(N(e)){if(e.k)return u(e.k);j||(j=new WeakMap);return K(j,e,e,t,!0)}return e};async function J(e,t,r){if("sign"===r&&(t=await q(t,e)),"verify"===r&&(t=await V(t,e)),E(t))return T(t,e,r),t;if(t instanceof Uint8Array){if(!e.startsWith("HS"))throw new TypeError(C(t,...L));return b.subtle.importKey("raw",t,{hash:`SHA-${e.slice(-3)}`,name:"HMAC"},!1,[r])}throw new TypeError(C(t,...L,"Uint8Array","JSON Web Key"))}const W=async(e,t,r,n)=>{const i=await J(e,t,"verify");F(e,i);const o=S(e,i.algorithm);try{return await b.subtle.verify(o,i,r,n)}catch{return!1}},$=(...e)=>{const t=e.filter(Boolean);if(0===t.length||1===t.length)return!0;let r;for(const e of t){const t=Object.keys(e);if(r&&0!==r.size)for(const e of t){if(r.has(e))return!1;r.add(e)}else r=new Set(t)}return!0},z=e=>e?.[Symbol.toStringTag],Y=(e,t,r)=>{if(void 0!==t.use&&"sig"!==t.use)throw new TypeError("Invalid key for this operation, when present its use must be sig");if(void 0!==t.key_ops&&!0!==t.key_ops.includes?.(r))throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${r}`);if(void 0!==t.alg&&t.alg!==e)throw new TypeError(`Invalid key for this operation, when present its alg must be ${e}`);return!0},G=(e,t,r,n)=>{if(!(t instanceof Uint8Array)){if(n&&N(t)){if(function(e){return N(e)&&"oct"===e.kty&&"string"==typeof e.k}(t)&&Y(e,t,r))return;throw new TypeError('JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present')}if(!U(t))throw new TypeError(R(e,t,...L,"Uint8Array",n?"JSON Web Key":null));if("secret"!==t.type)throw new TypeError(`${z(t)} instances for symmetric algorithms must be of type "secret"`)}};function X(e,t,r,n){t.startsWith("HS")||"dir"===t||t.startsWith("PBES2")||/^A\d{3}(?:GCM)?KW$/.test(t)?G(t,r,n,e):((e,t,r,n)=>{if(n&&N(t))switch(r){case"sign":if(function(e){return"oct"!==e.kty&&"string"==typeof e.d}(t)&&Y(e,t,r))return;throw new TypeError("JSON Web Key for this operation be a private JWK");case"verify":if(function(e){return"oct"!==e.kty&&void 0===e.d}(t)&&Y(e,t,r))return;throw new TypeError("JSON Web Key for this operation be a public JWK")}if(!U(t))throw new TypeError(R(e,t,...L,n?"JSON Web Key":null));if("secret"===t.type)throw new TypeError(`${z(t)} instances for asymmetric algorithms must not be of type "secret"`);if("sign"===r&&"public"===t.type)throw new TypeError(`${z(t)} instances for asymmetric algorithm signing must be of type "private"`);if("decrypt"===r&&"public"===t.type)throw new TypeError(`${z(t)} instances for asymmetric algorithm decryption must be of type "private"`);if(t.algorithm&&"verify"===r&&"private"===t.type)throw new TypeError(`${z(t)} instances for asymmetric algorithm verifying must be of type "public"`);if(t.algorithm&&"encrypt"===r&&"private"===t.type)throw new TypeError(`${z(t)} instances for asymmetric algorithm encryption must be of type "public"`)})(t,r,n,e)}X.bind(void 0,!1);const Q=X.bind(void 0,!0);const Z=function(e,t,r,n,i){if(void 0!==i.crit&&void 0===n?.crit)throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');if(!n||void 0===n.crit)return new Set;if(!Array.isArray(n.crit)||0===n.crit.length||n.crit.some(e=>"string"!=typeof e||0===e.length))throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');let o;o=void 0!==r?new Map([...Object.entries(r),...t.entries()]):t;for(const t of n.crit){if(!o.has(t))throw new f(`Extension Header Parameter "${t}" is not recognized`);if(void 0===i[t])throw new e(`Extension Header Parameter "${t}" is missing`);if(o.get(t)&&void 0===n[t])throw new e(`Extension Header Parameter "${t}" MUST be integrity protected`)}return new Set(n.crit)},ee=(e,t)=>{if(void 0!==t&&(!Array.isArray(t)||t.some(e=>"string"!=typeof e)))throw new TypeError(`"${e}" option must be an array of strings`);if(t)return new Set(t)};async function te(e,t){if(!D(e))throw new TypeError("JWK must be an object");switch(t||(t=e.alg),e.kty){case"oct":if("string"!=typeof e.k||!e.k)throw new TypeError('missing "k" (Key Value) Parameter value');return u(e.k);case"RSA":if("oth"in e&&void 0!==e.oth)throw new f('RSA JWK "oth" (Other Primes Info) Parameter value is not supported');case"EC":case"OKP":return O({...e,alg:t});default:throw new f('Unsupported "kty" (Key Type) Parameter value')}}async function re(e,t,n){if(e instanceof Uint8Array&&(e=o.decode(e)),"string"!=typeof e)throw new p("Compact JWS must be a string or Uint8Array");const{0:i,1:a,2:c,length:h}=e.split(".");if(3!==h)throw new p("Invalid Compact JWS");const l=await async function(e,t,n){if(!D(e))throw new p("Flattened JWS must be an object");if(void 0===e.protected&&void 0===e.header)throw new p('Flattened JWS must have either of the "protected" or "header" members');if(void 0!==e.protected&&"string"!=typeof e.protected)throw new p("JWS Protected Header incorrect type");if(void 0===e.payload)throw new p("JWS Payload missing");if("string"!=typeof e.signature)throw new p("JWS Signature missing or incorrect type");if(void 0!==e.header&&!D(e.header))throw new p("JWS Unprotected Header incorrect type");let i={};if(e.protected)try{const t=u(e.protected);i=JSON.parse(o.decode(t))}catch{throw new p("JWS Protected Header is invalid")}if(!$(i,e.header))throw new p("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const a={...i,...e.header};let c=!0;if(Z(p,new Map([["b64",!0]]),n?.crit,i,a).has("b64")&&(c=i.b64,"boolean"!=typeof c))throw new p('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:h}=a;if("string"!=typeof h||!h)throw new p('JWS "alg" (Algorithm) Header Parameter missing or invalid');const l=n&&ee("algorithms",n.algorithms);if(l&&!l.has(h))throw new d('"alg" (Algorithm) Header Parameter value not allowed');if(c){if("string"!=typeof e.payload)throw new p("JWS Payload must be a string")}else if("string"!=typeof e.payload&&!(e.payload instanceof Uint8Array))throw new p("JWS Payload must be a string or an Uint8Array instance");let f=!1;"function"==typeof t?(t=await t(i,e),f=!0,Q(h,t,"verify"),N(t)&&(t=await te(t,h))):Q(h,t,"verify");const g=s(r.encode(e.protected??""),r.encode("."),"string"==typeof e.payload?r.encode(e.payload):e.payload);let y,v;try{y=u(e.signature)}catch{throw new p("Failed to base64url decode the signature")}if(!await W(h,t,y,g))throw new _;if(c)try{v=u(e.payload)}catch{throw new p("Failed to base64url decode the payload")}else v="string"==typeof e.payload?r.encode(e.payload):e.payload;const m={payload:v};return void 0!==e.protected&&(m.protectedHeader=i),void 0!==e.header&&(m.unprotectedHeader=e.header),f?{...m,key:t}:m}({payload:a,protected:i,signature:c},t,n),f={payload:l.payload,protectedHeader:l.protectedHeader};return"function"==typeof t?{...f,key:l.key}:f}const ne=e=>Math.floor(e.getTime()/1e3),ie=86400,oe=/^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i,se=e=>{const t=oe.exec(e);if(!t||t[4]&&t[1])throw new TypeError("Invalid time period format");const r=parseFloat(t[2]);let n;switch(t[3].toLowerCase()){case"sec":case"secs":case"second":case"seconds":case"s":n=Math.round(r);break;case"minute":case"minutes":case"min":case"mins":case"m":n=Math.round(60*r);break;case"hour":case"hours":case"hr":case"hrs":case"h":n=Math.round(3600*r);break;case"day":case"days":case"d":n=Math.round(r*ie);break;case"week":case"weeks":case"w":n=Math.round(604800*r);break;default:n=Math.round(31557600*r)}return"-"===t[1]||"ago"===t[4]?-n:n},ae=e=>e.toLowerCase().replace(/^application\//,""),ue=(e,t,r={})=>{let n;try{n=JSON.parse(o.decode(t))}catch{}if(!D(n))throw new g("JWT Claims Set must be a top-level JSON object");const{typ:i}=r;if(i&&("string"!=typeof e.typ||ae(e.typ)!==ae(i)))throw new h('unexpected "typ" JWT header value',n,"typ","check_failed");const{requiredClaims:s=[],issuer:a,subject:u,audience:c,maxTokenAge:d}=r,f=[...s];void 0!==d&&f.push("iat"),void 0!==c&&f.push("aud"),void 0!==u&&f.push("sub"),void 0!==a&&f.push("iss");for(const e of new Set(f.reverse()))if(!(e in n))throw new h(`missing required "${e}" claim`,n,e,"missing");if(a&&!(Array.isArray(a)?a:[a]).includes(n.iss))throw new h('unexpected "iss" claim value',n,"iss","check_failed");if(u&&n.sub!==u)throw new h('unexpected "sub" claim value',n,"sub","check_failed");if(c&&(p=n.aud,y="string"==typeof c?[c]:c,!("string"==typeof p?y.includes(p):Array.isArray(p)&&y.some(Set.prototype.has.bind(new Set(p))))))throw new h('unexpected "aud" claim value',n,"aud","check_failed");var p,y;let v;switch(typeof r.clockTolerance){case"string":v=se(r.clockTolerance);break;case"number":v=r.clockTolerance;break;case"undefined":v=0;break;default:throw new TypeError("Invalid clockTolerance option type")}const{currentDate:m}=r,w=ne(m||new Date);if((void 0!==n.iat||d)&&"number"!=typeof n.iat)throw new h('"iat" claim must be a number',n,"iat","invalid");if(void 0!==n.nbf){if("number"!=typeof n.nbf)throw new h('"nbf" claim must be a number',n,"nbf","invalid");if(n.nbf>w+v)throw new h('"nbf" claim timestamp check failed',n,"nbf","check_failed")}if(void 0!==n.exp){if("number"!=typeof n.exp)throw new h('"exp" claim must be a number',n,"exp","invalid");if(n.exp<=w-v)throw new l('"exp" claim timestamp check failed',n,"exp","check_failed")}if(d){const e=w-n.iat;if(e-v>("number"==typeof d?d:se(d)))throw new l('"iat" claim timestamp check failed (too far in the past)',n,"iat","check_failed");if(e<0-v)throw new h('"iat" claim timestamp check failed (it should be in the past)',n,"iat","check_failed")}return n};const ce=async(e,t,r)=>{let n,i,o=!1;"function"==typeof AbortController&&(n=new AbortController,i=setTimeout(()=>{o=!0,n.abort()},t));const s=await fetch(e.href,{signal:n?n.signal:void 0,redirect:"manual",headers:r.headers}).catch(e=>{if(o)throw new w;throw e});if(void 0!==i&&clearTimeout(i),200!==s.status)throw new c("Expected 200 OK from the JSON Web Key Set HTTP response");try{return await s.json()}catch{throw new c("Failed to parse the JSON Web Key Set HTTP response as JSON")}};function he(e){return D(e)}function le(e){return"function"==typeof structuredClone?structuredClone(e):JSON.parse(JSON.stringify(e))}class de{constructor(e){if(this._cached=new WeakMap,!function(e){return e&&"object"==typeof e&&Array.isArray(e.keys)&&e.keys.every(he)}(e))throw new y("JSON Web Key Set malformed");this._jwks=le(e)}async getKey(e,t){const{alg:r,kid:n}={...e,...t?.header},i=function(e){switch("string"==typeof e&&e.slice(0,2)){case"RS":case"PS":return"RSA";case"ES":return"EC";case"Ed":return"OKP";default:throw new f('Unsupported "alg" value for a JSON Web Key Set')}}(r),o=this._jwks.keys.filter(e=>{let t=i===e.kty;if(t&&"string"==typeof n&&(t=n===e.kid),t&&"string"==typeof e.alg&&(t=r===e.alg),t&&"string"==typeof e.use&&(t="sig"===e.use),t&&Array.isArray(e.key_ops)&&(t=e.key_ops.includes("verify")),t)switch(r){case"ES256":t="P-256"===e.crv;break;case"ES256K":t="secp256k1"===e.crv;break;case"ES384":t="P-384"===e.crv;break;case"ES512":t="P-521"===e.crv;break;case"Ed25519":t="Ed25519"===e.crv;break;case"EdDSA":t="Ed25519"===e.crv||"Ed448"===e.crv}return t}),{0:s,length:a}=o;if(0===a)throw new v;if(1!==a){const e=new m,{_cached:t}=this;throw e[Symbol.asyncIterator]=async function*(){for(const e of o)try{yield await fe(t,e,r)}catch{}},e}return fe(this._cached,s,r)}}async function fe(e,t,r){const n=e.get(t)||e.set(t,{}).get(t);if(void 0===n[r]){const e=await te({...t,ext:!0},r);if(e instanceof Uint8Array||"public"!==e.type)throw new y("JSON Web Key Set members must be public keys");n[r]=e}return n[r]}function pe(e){const t=new de(e),r=async(e,r)=>t.getKey(e,r);return Object.defineProperties(r,{jwks:{value:()=>le(t._jwks),enumerable:!0,configurable:!1,writable:!1}}),r}let ge;if("undefined"==typeof navigator||!navigator.userAgent?.startsWith?.("Mozilla/5.0 ")){ge=`${"jose"}/${"v5.10.0"}`}const ye=Symbol();class ve{constructor(e,t){if(!(e instanceof URL))throw new TypeError("url must be an instance of URL");var r,n;this._url=new URL(e.href),this._options={agent:t?.agent,headers:t?.headers},this._timeoutDuration="number"==typeof t?.timeoutDuration?t?.timeoutDuration:5e3,this._cooldownDuration="number"==typeof t?.cooldownDuration?t?.cooldownDuration:3e4,this._cacheMaxAge="number"==typeof t?.cacheMaxAge?t?.cacheMaxAge:6e5,void 0!==t?.[ye]&&(this._cache=t?.[ye],r=t?.[ye],n=this._cacheMaxAge,"object"==typeof r&&null!==r&&"uat"in r&&"number"==typeof r.uat&&!(Date.now()-r.uat>=n)&&"jwks"in r&&D(r.jwks)&&Array.isArray(r.jwks.keys)&&Array.prototype.every.call(r.jwks.keys,D)&&(this._jwksTimestamp=this._cache.uat,this._local=pe(this._cache.jwks)))}coolingDown(){return"number"==typeof this._jwksTimestamp&&Date.now()<this._jwksTimestamp+this._cooldownDuration}fresh(){return"number"==typeof this._jwksTimestamp&&Date.now()<this._jwksTimestamp+this._cacheMaxAge}async getKey(e,t){this._local&&this.fresh()||await this.reload();try{return await this._local(e,t)}catch(r){if(r instanceof v&&!1===this.coolingDown())return await this.reload(),this._local(e,t);throw r}}async reload(){this._pendingFetch&&("undefined"!=typeof WebSocketPair||"undefined"!=typeof navigator&&"Cloudflare-Workers"===navigator.userAgent||"undefined"!=typeof EdgeRuntime&&"vercel"===EdgeRuntime)&&(this._pendingFetch=void 0);const e=new Headers(this._options.headers);ge&&!e.has("User-Agent")&&(e.set("User-Agent",ge),this._options.headers=Object.fromEntries(e.entries())),this._pendingFetch||(this._pendingFetch=ce(this._url,this._timeoutDuration,this._options).then(e=>{this._local=pe(e),this._cache&&(this._cache.uat=Date.now(),this._cache.jwks=e),this._jwksTimestamp=Date.now(),this._pendingFetch=void 0}).catch(e=>{throw this._pendingFetch=void 0,e})),await this._pendingFetch}}const me=async e=>{if(e instanceof Uint8Array)return{kty:"oct",k:a(e)};if(!E(e))throw new TypeError(C(e,...L,"Uint8Array"));if(!e.extractable)throw new TypeError("non-extractable CryptoKey cannot be exported as a JWK");const{ext:t,key_ops:r,alg:n,use:i,...o}=await b.subtle.exportKey("jwk",e);return o};async function we(e){return me(e)}const _e=async(e,t,r)=>{const n=await J(e,t,"sign");F(e,n);const i=await b.subtle.sign(S(e,n.algorithm),n,r);return new Uint8Array(i)};class Se{constructor(e){if(!(e instanceof Uint8Array))throw new TypeError("payload must be an instance of Uint8Array");this._payload=e}setProtectedHeader(e){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=e,this}setUnprotectedHeader(e){if(this._unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this._unprotectedHeader=e,this}async sign(e,t){if(!this._protectedHeader&&!this._unprotectedHeader)throw new p("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");if(!$(this._protectedHeader,this._unprotectedHeader))throw new p("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const n={...this._protectedHeader,...this._unprotectedHeader};let i=!0;if(Z(p,new Map([["b64",!0]]),t?.crit,this._protectedHeader,n).has("b64")&&(i=this._protectedHeader.b64,"boolean"!=typeof i))throw new p('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:u}=n;if("string"!=typeof u||!u)throw new p('JWS "alg" (Algorithm) Header Parameter missing or invalid');Q(u,e,"sign");let c,h=this._payload;i&&(h=r.encode(a(h))),c=this._protectedHeader?r.encode(a(JSON.stringify(this._protectedHeader))):r.encode("");const l=s(c,r.encode("."),h),d=await _e(u,e,l),f={signature:a(d),payload:""};return i&&(f.payload=o.decode(h)),this._unprotectedHeader&&(f.header=this._unprotectedHeader),this._protectedHeader&&(f.protected=o.decode(c)),f}}class be{constructor(e){this._flattened=new Se(e)}setProtectedHeader(e){return this._flattened.setProtectedHeader(e),this}async sign(e,t){const r=await this._flattened.sign(e,t);if(void 0===r.payload)throw new TypeError("use the flattened module for creating JWS with b64: false");return`${r.protected}.${r.payload}.${r.signature}`}}function Ee(e,t){if(!Number.isFinite(t))throw new TypeError(`Invalid ${e} input`);return t}class Fe{constructor(e={}){if(!D(e))throw new TypeError("JWT Claims Set MUST be an object");this._payload=e}setIssuer(e){return this._payload={...this._payload,iss:e},this}setSubject(e){return this._payload={...this._payload,sub:e},this}setAudience(e){return this._payload={...this._payload,aud:e},this}setJti(e){return this._payload={...this._payload,jti:e},this}setNotBefore(e){return"number"==typeof e?this._payload={...this._payload,nbf:Ee("setNotBefore",e)}:e instanceof Date?this._payload={...this._payload,nbf:Ee("setNotBefore",ne(e))}:this._payload={...this._payload,nbf:ne(new Date)+se(e)},this}setExpirationTime(e){return"number"==typeof e?this._payload={...this._payload,exp:Ee("setExpirationTime",e)}:e instanceof Date?this._payload={...this._payload,exp:Ee("setExpirationTime",ne(e))}:this._payload={...this._payload,exp:ne(new Date)+se(e)},this}setIssuedAt(e){return void 0===e?this._payload={...this._payload,iat:ne(new Date)}:e instanceof Date?this._payload={...this._payload,iat:Ee("setIssuedAt",ne(e))}:this._payload="string"==typeof e?{...this._payload,iat:Ee("setIssuedAt",ne(new Date)+se(e))}:{...this._payload,iat:Ee("setIssuedAt",e)},this}}class xe extends Fe{setProtectedHeader(e){return this._protectedHeader=e,this}async sign(e,t){const n=new be(r.encode(JSON.stringify(this._payload)));if(n.setProtectedHeader(this._protectedHeader),Array.isArray(this._protectedHeader?.crit)&&this._protectedHeader.crit.includes("b64")&&!1===this._protectedHeader.b64)throw new g("JWTs MUST NOT use unencoded payload");return n.sign(e,t)}}function Ae(e){const t=e?.modulusLength??2048;if("number"!=typeof t||t<2048)throw new f("Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used");return t}async function ke(e,t){return async function(e,t){let r,n;switch(e){case"PS256":case"PS384":case"PS512":r={name:"RSA-PSS",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Ae(t)},n=["sign","verify"];break;case"RS256":case"RS384":case"RS512":r={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Ae(t)},n=["sign","verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":r={name:"RSA-OAEP",hash:`SHA-${parseInt(e.slice(-3),10)||1}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Ae(t)},n=["decrypt","unwrapKey","encrypt","wrapKey"];break;case"ES256":r={name:"ECDSA",namedCurve:"P-256"},n=["sign","verify"];break;case"ES384":r={name:"ECDSA",namedCurve:"P-384"},n=["sign","verify"];break;case"ES512":r={name:"ECDSA",namedCurve:"P-521"},n=["sign","verify"];break;case"Ed25519":r={name:"Ed25519"},n=["sign","verify"];break;case"EdDSA":{n=["sign","verify"];const e=t?.crv??"Ed25519";switch(e){case"Ed25519":case"Ed448":r={name:e};break;default:throw new f("Invalid or unsupported crv option provided")}break}case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":{n=["deriveKey","deriveBits"];const e=t?.crv??"P-256";switch(e){case"P-256":case"P-384":case"P-521":r={name:"ECDH",namedCurve:e};break;case"X25519":case"X448":r={name:e};break;default:throw new f("Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448")}break}default:throw new f('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}return b.subtle.generateKey(r,t?.extractable??!1,n)}(e,t)}const Pe={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};let Te;const Ie=new Uint8Array(16);const Ce=[];for(let e=0;e<256;++e)Ce.push((e+256).toString(16).slice(1));function Re(e,t=0){return(Ce[e[t+0]]+Ce[e[t+1]]+Ce[e[t+2]]+Ce[e[t+3]]+"-"+Ce[e[t+4]]+Ce[e[t+5]]+"-"+Ce[e[t+6]]+Ce[e[t+7]]+"-"+Ce[e[t+8]]+Ce[e[t+9]]+"-"+Ce[e[t+10]]+Ce[e[t+11]]+Ce[e[t+12]]+Ce[e[t+13]]+Ce[e[t+14]]+Ce[e[t+15]]).toLowerCase()}const Ue=function(e,t,r){if(Pe.randomUUID&&!t&&!e)return Pe.randomUUID();const n=(e=e||{}).random??e.rng?.()??function(){if(!Te){if("undefined"==typeof crypto||!crypto.getRandomValues)throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");Te=crypto.getRandomValues.bind(crypto)}return Te(Ie)}();if(n.length<16)throw new Error("Random bytes length must be >= 16");if(n[6]=15&n[6]|64,n[8]=63&n[8]|128,t){if((r=r||0)<0||r+16>t.length)throw new RangeError(`UUID byte range ${r}:${r+15} is out of buffer bounds`);for(let e=0;e<16;++e)t[r+e]=n[e];return t}return Re(n)},Le="solidClientAuthn:",De=["ES256","RS256"],Ne="error",Oe="login",He="logout",je="newRefreshToken",Me="sessionExpired",Be="sessionExtended",Ke="sessionRestore",Ve="timeoutSet",qe=["openid","offline_access","webid"];class Je{handleables;constructor(e){this.handleables=e,this.handleables=e}async getProperHandler(e){const t=await Promise.all(this.handleables.map(t=>t.canHandle(...e)));for(let e=0;e<t.length;e+=1)if(t[e])return this.handleables[e];return null}async canHandle(...e){return null!==await this.getProperHandler(e)}async handle(...e){const t=await this.getProperHandler(e);if(t)return t.handle(...e);throw new Error(`[${this.constructor.name}] cannot find a suitable handler for: ${e.map(e=>{try{return JSON.stringify(e)}catch(t){return e.toString()}}).join(", ")}`)}}async function We(e,t,r,n){let i,o;try{const{payload:o}=await async function(e,t,r){const n=await re(e,t,r);if(n.protectedHeader.crit?.includes("b64")&&!1===n.protectedHeader.b64)throw new g("JWTs MUST NOT use unencoded payload");const i={payload:ue(n.protectedHeader,n.payload,r),protectedHeader:n.protectedHeader};return"function"==typeof t?{...i,key:n.key}:i}(e,function(e,t){const r=new ve(e,t),n=async(e,t)=>r.getKey(e,t);return Object.defineProperties(n,{coolingDown:{get:()=>r.coolingDown(),enumerable:!0,configurable:!1},fresh:{get:()=>r.fresh(),enumerable:!0,configurable:!1},reload:{value:()=>r.reload(),enumerable:!0,configurable:!1,writable:!1},reloading:{get:()=>!!r._pendingFetch,enumerable:!0,configurable:!1},jwks:{value:()=>r._local?.jwks(),enumerable:!0,configurable:!1,writable:!1}}),n}(new URL(t)),{issuer:r,audience:n});i=o}catch(e){throw new Error(`Token verification failed: ${e.stack}`)}if("string"==typeof i.azp&&(o=i.azp),"string"==typeof i.webid)return{webId:i.webid,clientId:o};if("string"!=typeof i.sub)throw new Error(`The token ${JSON.stringify(i)} is invalid: it has no 'webid' claim and no 'sub' claim.`);try{return new URL(i.sub),{webId:i.sub,clientId:o}}catch(e){throw new Error(`The token has no 'webid' claim, and its 'sub' claim of [${i.sub}] is invalid as a URL - error [${e}].`)}}function $e(e){try{const t=new URL(e),r=!t.searchParams.has("code")&&!t.searchParams.has("state"),n=""===t.hash;return r&&n}catch(e){return!1}}function ze(e){const t=new URL(e);return t.searchParams.delete("state"),t.searchParams.delete("code"),t.searchParams.delete("error"),t.searchParams.delete("error_description"),t.searchParams.delete("iss"),t}class Ye{storageUtility;redirector;constructor(e,t){this.storageUtility=e,this.redirector=t,this.storageUtility=e,this.redirector=t}parametersGuard=e=>void 0!==e.issuerConfiguration.grantTypesSupported&&e.issuerConfiguration.grantTypesSupported.indexOf("authorization_code")>-1&&void 0!==e.redirectUrl;async canHandle(e){return this.parametersGuard(e)}async setupRedirectHandler({oidcLoginOptions:e,state:t,codeVerifier:r,targetUrl:n}){if(!this.parametersGuard(e))throw new Error("The authorization code grant requires a redirectUrl.");var i,o;await Promise.all([this.storageUtility.setForUser(t,{sessionId:e.sessionId}),this.storageUtility.setForUser(e.sessionId,{codeVerifier:r,issuer:e.issuer.toString(),redirectUrl:e.redirectUrl,dpop:Boolean(e.dpop).toString(),keepAlive:(i=e.keepAlive,o=!0,"boolean"==typeof i?Boolean(i):Boolean(o)).toString()})]),this.redirector.redirect(n,{handleRedirect:e.handleRedirect})}}class Ge{sessionInfoManager;constructor(e){this.sessionInfoManager=e,this.sessionInfoManager=e}async canHandle(){return!0}async handle(e){await this.sessionInfoManager.clear(e)}}class Xe{redirector;constructor(e){this.redirector=e,this.redirector=e}async canHandle(e,t){return"idp"===t?.logoutType}async handle(e,t){if("idp"!==t?.logoutType)throw new Error("Attempting to call idp logout handler to perform app logout");if(void 0===t.toLogoutUrl)throw new Error("Cannot perform IDP logout. Did you log in using the OIDC authentication flow?");this.redirector.redirect(t.toLogoutUrl(t),{handleRedirect:t.handleRedirect})}}class Qe{handlers;constructor(e,t){this.handlers=[new Ge(e),new Xe(t)]}async canHandle(){return!0}async handle(e,t){for(const r of this.handlers)await r.canHandle(e,t)&&await r.handle(e,t)}}function Ze(){return{isLoggedIn:!1,sessionId:Ue(),fetch:(...e)=>fetch(...e)}}async function et(e,t){await Promise.all([t.deleteAllUserData(e,{secure:!1}),t.deleteAllUserData(e,{secure:!0})])}class tt{storageUtility;constructor(e){this.storageUtility=e,this.storageUtility=e}update(e,t){throw new Error("Not Implemented")}set(e,t){throw new Error("Not Implemented")}get(e){throw new Error("Not implemented")}async getAll(){throw new Error("Not implemented")}async clear(e){return et(e,this.storageUtility)}async register(e){throw new Error("Not implemented")}async getRegisteredSessionIdAll(){throw new Error("Not implemented")}async clearAll(){throw new Error("Not implemented")}async setOidcContext(e,t){throw new Error("Not implemented")}}function rt({endSessionEndpoint:e,idTokenHint:t}){if(void 0!==e)return function({state:r,postLogoutUrl:n}){return function({endSessionEndpoint:e,idTokenHint:t,postLogoutRedirectUri:r,state:n}){const i=new URL(e);return void 0!==t&&i.searchParams.append("id_token_hint",t),void 0!==r&&(i.searchParams.append("post_logout_redirect_uri",r),void 0!==n&&i.searchParams.append("state",n)),i.toString()}({endSessionEndpoint:e,idTokenHint:t,state:r,postLogoutRedirectUri:n})}}function nt(e){try{return new URL(e),!0}catch{return!1}}async function it(e,t,r,n){let i;if(function(e,t){return t.scopesSupported.includes("webid")&&void 0!==e.clientId&&nt(e.clientId)}(e,t))i={clientId:e.clientId,clientName:e.clientName,clientType:"solid-oidc"};else{if(!function(e){return void 0!==e.clientId&&!nt(e.clientId)}(e))return n.getClient({sessionId:e.sessionId,clientName:e.clientName,redirectUrl:e.redirectUrl},t);i={clientId:e.clientId,clientSecret:e.clientSecret,clientName:e.clientName,clientType:"static"}}const o={clientId:i.clientId,clientType:i.clientType};return"static"===i.clientType&&(o.clientSecret=i.clientSecret),i.clientName&&(o.clientName=i.clientName),await r.setForUser(e.sessionId,o),i}const ot=(e,t)=>fetch(e,t);class st{loginHandler;redirectHandler;logoutHandler;sessionInfoManager;issuerConfigFetcher;boundLogout;constructor(e,t,r,n,i){this.loginHandler=e,this.redirectHandler=t,this.logoutHandler=r,this.sessionInfoManager=n,this.issuerConfigFetcher=i,this.loginHandler=e,this.redirectHandler=t,this.logoutHandler=r,this.sessionInfoManager=n,this.issuerConfigFetcher=i}fetch=ot;logout=async(e,t)=>{await this.logoutHandler.handle(e,"idp"===t?.logoutType?{...t,toLogoutUrl:this.boundLogout}:t),this.fetch=ot,delete this.boundLogout};getSessionInfo=async e=>this.sessionInfoManager.get(e);getAllSessionInfo=async()=>this.sessionInfoManager.getAll()}async function at(e,t,r){try{const[n,i,o,s,a]=await Promise.all([t.getForUser(e,"issuer",{errorIfNull:!0}),t.getForUser(e,"codeVerifier"),t.getForUser(e,"redirectUrl"),t.getForUser(e,"dpop",{errorIfNull:!0}),t.getForUser(e,"keepAlive")]);await t.deleteForUser(e,"codeVerifier");return{codeVerifier:i,redirectUrl:o,issuerConfig:await r.fetchConfig(n),dpop:"true"===s,keepAlive:"string"!=typeof a||"true"===a}}catch(t){throw new Error(`Failed to retrieve OIDC context from storage associated with session [${e}]: ${t}`)}}class ut{secureStorage;insecureStorage;constructor(e,t){this.secureStorage=e,this.insecureStorage=t,this.secureStorage=e,this.insecureStorage=t}getKey(e){return`solidClientAuthenticationUser:${e}`}async getUserData(e,t){const r=await(t?this.secureStorage:this.insecureStorage).get(this.getKey(e));if(void 0===r)return{};try{return JSON.parse(r)}catch(n){throw new Error(`Data for user [${e}] in [${t?"secure":"unsecure"}] storage is corrupted - expected valid JSON, but got: ${r}`)}}async setUserData(e,t,r){await(r?this.secureStorage:this.insecureStorage).set(this.getKey(e),JSON.stringify(t))}async get(e,t){const r=await(t?.secure?this.secureStorage:this.insecureStorage).get(e);if(void 0===r&&t?.errorIfNull)throw new Error(`[${e}] is not stored`);return r}async set(e,t,r){return(r?.secure?this.secureStorage:this.insecureStorage).set(e,t)}async delete(e,t){return(t?.secure?this.secureStorage:this.insecureStorage).delete(e)}async getForUser(e,t,r){const n=await this.getUserData(e,r?.secure);let i;if(n&&n[t]||(i=void 0),i=n[t],void 0===i&&r?.errorIfNull)throw new Error(`Field [${t}] for user [${e}] is not stored`);return i||void 0}async setForUser(e,t,r){let n;try{n=await this.getUserData(e,r?.secure)}catch{n={}}await this.setUserData(e,{...n,...t},r?.secure)}async deleteForUser(e,t,r){const n=await this.getUserData(e,r?.secure);delete n[t],await this.setUserData(e,n,r?.secure)}async deleteAllUserData(e,t){await(t?.secure?this.secureStorage:this.insecureStorage).delete(this.getKey(e))}}class ct{map={};async get(e){return this.map[e]||void 0}async set(e,t){this.map[e]=t}async delete(e){delete this.map[e]}}class ht extends Error{constructor(e){super(e)}}Error;class lt extends Error{missingFields;constructor(e){super(`Invalid response from OIDC provider: missing fields ${e}`),this.missingFields=e}}class dt extends Error{error;errorDescription;constructor(e,t,r){super(e),this.error=t,this.errorDescription=r}}function ft(e){const t=new URL(e);return new URL(t.pathname,t.origin).toString()}async function pt(e,t,r){return new xe({htu:ft(e),htm:t.toUpperCase(),jti:Ue()}).setProtectedHeader({alg:De[0],jwk:r.publicKey,typ:"dpop+jwt"}).setIssuedAt().sign(r.privateKey,{})}async function gt(e,t,r,n){if(void 0!==r)return async function(e,t,r,n){const i=new Headers(n?.headers);return i.set("Authorization",`DPoP ${t}`),i.set("DPoP",await pt(e,n?.method??"get",r)),{...n,headers:i}}(e,t,r,n);const i=new Headers(n?.headers);return i.set("Authorization",`Bearer ${t}`),{...n,headers:i}}async function yt(e,t,r,n,i=fetch){return i(t,await gt(t.toString(),e,n,r))}const vt=e=>void 0!==e?e-5>0?e-5:e:600;function mt(e,t){let r,n=e;const i=t?.refreshOptions;if(void 0!==i){const e=async()=>{try{const{accessToken:o,refreshToken:s,expiresIn:a}=await async function(e,t,r){const n=await e.tokenRefresher.refresh(e.sessionId,e.refreshToken,t);return r?.emit(Be,n.expiresIn??600),{accessToken:n.accessToken,refreshToken:n.refreshToken,expiresIn:n.expiresIn}}(i,t.dpopKey,t.eventEmitter);n=o,void 0!==s&&(i.refreshToken=s),clearTimeout(r),r=setTimeout(e,1e3*vt(a)),t.eventEmitter?.emit(Ve,r)}catch(e){e instanceof dt&&(t?.eventEmitter?.emit(Ne,e.error,e.errorDescription),t?.eventEmitter?.emit(Me)),e instanceof lt&&e.missingFields.includes("access_token")&&t?.eventEmitter?.emit(Me)}};r=setTimeout(e,1e3*vt(t.expiresIn)),t.eventEmitter?.emit(Ve,r)}else if(void 0!==t&&void 0!==t.eventEmitter){const e=setTimeout(()=>{t.eventEmitter.emit(Me)},1e3*vt(t.expiresIn));t.eventEmitter.emit(Ve,e)}return async(e,r)=>{let i=await yt(n,e,r,t?.dpopKey,t?.fetch);const o=!i.ok&&(s=i.status,![401,403].includes(s));var s;if(i.ok||o)return i;return i.url!==e&&void 0!==t?.dpopKey&&(i=await yt(n,i.url,r,t.dpopKey,t.fetch)),i}}var wt=n(7),_t=n(516);function St(e,t){if("string"!=typeof e.client_id)throw new Error(`Dynamic client registration failed: no client_id has been found on ${JSON.stringify(e)}`);if(t.redirectUrl&&function(e){return Array.isArray(e.redirect_uris)&&e.redirect_uris.every(e=>"string"==typeof e)}(e)&&e.redirect_uris[0]!==t.redirectUrl.toString())throw new Error(`Dynamic client registration failed: the returned redirect URIs ${JSON.stringify(e.redirect_uris)} don't match the provided ${JSON.stringify([t.redirectUrl.toString()])}`);return!0}async function bt(e,t){if(!t.registrationEndpoint)throw new Error("Dynamic Registration could not be completed because the issuer has no registration endpoint.");if(!Array.isArray(t.idTokenSigningAlgValuesSupported))throw new Error("The OIDC issuer discovery profile is missing the 'id_token_signing_alg_values_supported' value, which is mandatory.");const r=(n=t.idTokenSigningAlgValuesSupported,De.find(e=>n.includes(e))??null);var n;const i={client_name:e.clientName,application_type:"web",redirect_uris:[e.redirectUrl?.toString()],subject_type:"public",token_endpoint_auth_method:"client_secret_basic",id_token_signed_response_alg:r,grant_types:["authorization_code","refresh_token"]},o=await fetch(t.registrationEndpoint.toString(),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(i)});if(o.ok){const t=await o.json();return St(t,e),{clientId:t.client_id,clientSecret:t.client_secret,expiresAt:t.client_secret_expires_at,idTokenSignedResponseAlg:t.id_token_signed_response_alg,clientType:"dynamic"}}throw 400===o.status&&function(e,t){if("invalid_redirect_uri"===e.error)throw new Error(`Dynamic client registration failed: the provided redirect uri [${t.redirectUrl?.toString()}] is invalid - ${e.error_description??""}`);if("invalid_client_metadata"===e.error)throw new Error(`Dynamic client registration failed: the provided client metadata ${JSON.stringify(t)} is invalid - ${e.error_description??""}`);throw new Error(`Dynamic client registration failed: ${e.error} - ${e.error_description??""}`)}(await o.json(),e),new Error(`Dynamic client registration failed: the server returned ${o.status} ${o.statusText} - ${await o.text()}`)}function Et(e){return void 0!==e.error_description&&"string"==typeof e.error_description}function Ft(e,t){if(void 0!==(r=e).error&&"string"==typeof r.error)throw new dt(`Token endpoint returned error [${e.error}]${Et(e)?`: ${e.error_description}`:""}${function(e){return void 0!==e.error_uri&&"string"==typeof e.error_uri}(e)?` (see ${e.error_uri})`:""}`,e.error,Et(e)?e.error_description:void 0);var r;if(!function(e){return void 0!==e.access_token&&"string"==typeof e.access_token}(e))throw new lt(["access_token"]);if(!function(e){return void 0!==e.id_token&&"string"==typeof e.id_token}(e))throw new lt(["id_token"]);if(!function(e){return void 0!==e.token_type&&"string"==typeof e.token_type}(e))throw new lt(["token_type"]);if(!function(e){return void 0===e.expires_in||"number"==typeof e.expires_in}(e))throw new lt(["expires_in"]);if(!t&&"bearer"!==e.token_type.toLowerCase())throw new Error(`Invalid token endpoint response: requested a [Bearer] token, but got a 'token_type' value of [${e.token_type}].`);return e}async function xt(e,t,r,n){!function(e,t){if(t.grantType&&(!e.grantTypesSupported||!e.grantTypesSupported.includes(t.grantType)))throw new Error(`The issuer [${e.issuer}] does not support the [${t.grantType}] grant`);if(!e.tokenEndpoint)throw new Error(`This issuer [${e.issuer}] does not have a token endpoint`)}(e,r);const i={"content-type":"application/x-www-form-urlencoded"};let o;n&&(o=await async function(){const{privateKey:e,publicKey:t}=await ke(De[0]),r={privateKey:e,publicKey:await we(t)};return[r.publicKey.alg]=De,r}(),i.DPoP=await pt(e.tokenEndpoint,"POST",o)),t.clientSecret&&(i.Authorization=`Basic ${btoa(`${t.clientId}:${t.clientSecret}`)}`);const s={grant_type:r.grantType,redirect_uri:r.redirectUrl,code:r.code,code_verifier:r.codeVerifier,client_id:t.clientId},a={method:"POST",headers:i,body:new URLSearchParams(s).toString()},u=await fetch(e.tokenEndpoint,a),c=Ft(await u.json(),n),{webId:h,clientId:l}=await We(c.id_token,e.jwksUri,e.issuer,t.clientId);return{accessToken:c.access_token,idToken:c.id_token,refreshToken:(d=c,void 0!==d.refresh_token&&"string"==typeof d.refresh_token?c.refresh_token:void 0),webId:h,clientId:l,dpopKey:o,expiresIn:c.expires_in};var d}async function At(e,t,r,n){if(void 0===r.clientId)throw new Error("No client ID available when trying to refresh the access token.");const i={grant_type:"refresh_token",refresh_token:e};let o={};void 0!==n&&(o={DPoP:await pt(t.tokenEndpoint,"POST",n)});let s={};void 0!==r.clientSecret?s={Authorization:`Basic ${btoa(`${r.clientId}:${r.clientSecret}`)}`}:(e=>{try{return new URL(e),!0}catch{return!1}})(r.clientId)&&(i.client_id=r.clientId);const a=await fetch(t.tokenEndpoint,{method:"POST",body:new URLSearchParams(i).toString(),headers:{...o,...s,"Content-Type":"application/x-www-form-urlencoded"}});let u;try{u=await a.json()}catch(e){throw new Error(`The token endpoint of issuer ${t.issuer} returned a malformed response.`)}const c=Ft(u,void 0!==n),{webId:h}=await We(c.id_token,t.jwksUri,t.issuer,r.clientId);return{accessToken:c.access_token,idToken:c.id_token,refreshToken:"string"==typeof c.refresh_token?c.refresh_token:void 0,webId:h,dpopKey:n,expiresIn:c.expires_in}}class kt extends ut{constructor(e,t){super(e,t)}}class Pt extends st{login=async(e,t)=>{"none"!==e.prompt&&await this.sessionInfoManager.clear(e.sessionId);const r=e.redirectUrl??function(e){const t=ze(e);return t.hash="",e.includes(`${t.origin}/`)?t.href:`${t.origin}${t.href.substring(t.origin.length+1)}`}(window.location.href);if(!$e(r))throw new Error(`${r} is not a valid redirect URL, it is either a malformed IRI, includes a hash fragment, or reserved query parameters ('code' or 'state').`);await this.loginHandler.handle({...e,redirectUrl:r,clientName:e.clientName??e.clientId,eventEmitter:t})};validateCurrentSession=async e=>{const t=await this.sessionInfoManager.get(e);return void 0===t||void 0===t.clientAppId||void 0===t.issuer?null:t};handleIncomingRedirect=async(e,t)=>{try{const r=await this.redirectHandler.handle(e,t,void 0);return this.fetch=r.fetch.bind(window),this.boundLogout=r.getLogoutUrl,await this.cleanUrlAfterRedirect(e),{isLoggedIn:r.isLoggedIn,webId:r.webId,sessionId:r.sessionId,expirationDate:r.expirationDate,clientAppId:r.clientAppId}}catch(r){return await this.cleanUrlAfterRedirect(e),void t.emit(Ne,"redirect",r)}};async cleanUrlAfterRedirect(e){const t=ze(e).href;for(window.history.replaceState(null,"",t);window.location.href!==t;)await new Promise(e=>{setTimeout(()=>e(),1)})}}function Tt(e){return"string"==typeof e.oidcIssuer}function It(e){return"string"==typeof e.redirectUrl}class Ct{storageUtility;oidcHandler;issuerConfigFetcher;clientRegistrar;constructor(e,t,r,n){this.storageUtility=e,this.oidcHandler=t,this.issuerConfigFetcher=r,this.clientRegistrar=n,this.storageUtility=e,this.oidcHandler=t,this.issuerConfigFetcher=r,this.clientRegistrar=n}async canHandle(e){return Tt(e)&&It(e)}async handle(e){if(!Tt(e))throw new ht(`OidcLoginHandler requires an OIDC issuer: missing property 'oidcIssuer' in ${JSON.stringify(e)}`);if(!It(e))throw new ht(`OidcLoginHandler requires a redirect URL: missing property 'redirectUrl' in ${JSON.stringify(e)}`);const t=await this.issuerConfigFetcher.fetchConfig(e.oidcIssuer),r=await it(e,t,this.storageUtility,this.clientRegistrar),n={issuer:t.issuer,dpop:"dpop"===e.tokenType.toLowerCase(),...e,issuerConfiguration:t,client:r,scopes:(i=e.customScopes,Array.isArray(i)?Array.from(new Set([...qe,...i.filter(e=>"string"==typeof e&&!e.includes(" "))])):qe)};var i;return this.oidcHandler.handle(n)}}class Rt extends Ye{async handle(e){const t={authority:e.issuer.toString(),client_id:e.client.clientId,client_secret:e.client.clientSecret,redirect_uri:e.redirectUrl,response_type:"code",scope:e.scopes.join(" "),filterProtocolClaims:!0,loadUserInfo:!1,code_verifier:!0,prompt:e.prompt??"consent"},r=new _t.OidcClient(t);try{const t=await r.createSigninRequest();return await this.setupRedirectHandler({oidcLoginOptions:e,state:t.state._id,codeVerifier:t.state._code_verifier,targetUrl:t.url.toString()})}catch(e){console.error(e)}}}const Ut={issuer:{toKey:"issuer",convertToUrl:!0},authorization_endpoint:{toKey:"authorizationEndpoint",convertToUrl:!0},token_endpoint:{toKey:"tokenEndpoint",convertToUrl:!0},userinfo_endpoint:{toKey:"userinfoEndpoint",convertToUrl:!0},jwks_uri:{toKey:"jwksUri",convertToUrl:!0},registration_endpoint:{toKey:"registrationEndpoint",convertToUrl:!0},end_session_endpoint:{toKey:"endSessionEndpoint",convertToUrl:!0},scopes_supported:{toKey:"scopesSupported"},response_types_supported:{toKey:"responseTypesSupported"},response_modes_supported:{toKey:"responseModesSupported"},grant_types_supported:{toKey:"grantTypesSupported"},acr_values_supported:{toKey:"acrValuesSupported"},subject_types_supported:{toKey:"subjectTypesSupported"},id_token_signing_alg_values_supported:{toKey:"idTokenSigningAlgValuesSupported"},id_token_encryption_alg_values_supported:{toKey:"idTokenEncryptionAlgValuesSupported"},id_token_encryption_enc_values_supported:{toKey:"idTokenEncryptionEncValuesSupported"},userinfo_signing_alg_values_supported:{toKey:"userinfoSigningAlgValuesSupported"},userinfo_encryption_alg_values_supported:{toKey:"userinfoEncryptionAlgValuesSupported"},userinfo_encryption_enc_values_supported:{toKey:"userinfoEncryptionEncValuesSupported"},request_object_signing_alg_values_supported:{toKey:"requestObjectSigningAlgValuesSupported"},request_object_encryption_alg_values_supported:{toKey:"requestObjectEncryptionAlgValuesSupported"},request_object_encryption_enc_values_supported:{toKey:"requestObjectEncryptionEncValuesSupported"},token_endpoint_auth_methods_supported:{toKey:"tokenEndpointAuthMethodsSupported"},token_endpoint_auth_signing_alg_values_supported:{toKey:"tokenEndpointAuthSigningAlgValuesSupported"},display_values_supported:{toKey:"displayValuesSupported"},claim_types_supported:{toKey:"claimTypesSupported"},claims_supported:{toKey:"claimsSupported"},service_documentation:{toKey:"serviceDocumentation"},claims_locales_supported:{toKey:"claimsLocalesSupported"},ui_locales_supported:{toKey:"uiLocalesSupported"},claims_parameter_supported:{toKey:"claimsParameterSupported"},request_parameter_supported:{toKey:"requestParameterSupported"},request_uri_parameter_supported:{toKey:"requestUriParameterSupported"},require_request_uri_registration:{toKey:"requireRequestUriRegistration"},op_policy_uri:{toKey:"opPolicyUri",convertToUrl:!0},op_tos_uri:{toKey:"opTosUri",convertToUrl:!0}};class Lt{storageUtility;constructor(e){this.storageUtility=e,this.storageUtility=e}static getLocalStorageKey(e){return`issuerConfig:${e}`}async fetchConfig(e){let t;const r=new URL(".well-known/openid-configuration",e.endsWith("/")?e:`${e}/`).href,n=await fetch(r);try{t=function(e){const t={};return Object.keys(e).forEach(r=>{Ut[r]&&(t[Ut[r].toKey]=e[r])}),Array.isArray(t.scopesSupported)||(t.scopesSupported=["openid"]),t}(await n.json())}catch(t){throw new ht(`[${e.toString()}] has an invalid configuration: ${t.message}`)}return await this.storageUtility.set(Lt.getLocalStorageKey(e),JSON.stringify(t)),t}}async function Dt(e,t){await et(e,t),await async function(){const e=new _t.OidcClient({response_mode:"query"});await e.clearStaleState(new _t.WebStorageStateStore({}));const t=window.localStorage,r=[];for(let e=0;e<=t.length;e+=1){const n=t.key(e);n&&(n.match(/^oidc\..+$/)||n.match(/^solidClientAuthenticationUser:.+$/))&&r.push(n)}r.forEach(e=>t.removeItem(e))}()}class Nt extends tt{async get(e){const[t,r,n,i,o,s,a,u]=await Promise.all([this.storageUtility.getForUser(e,"isLoggedIn",{secure:!0}),this.storageUtility.getForUser(e,"webId",{secure:!0}),this.storageUtility.getForUser(e,"clientId",{secure:!1}),this.storageUtility.getForUser(e,"clientSecret",{secure:!1}),this.storageUtility.getForUser(e,"redirectUrl",{secure:!1}),this.storageUtility.getForUser(e,"refreshToken",{secure:!0}),this.storageUtility.getForUser(e,"issuer",{secure:!1}),this.storageUtility.getForUser(e,"tokenType",{secure:!1})]);if("string"!=typeof o||$e(o)){if(void 0!==u&&("string"!=typeof(c=u)||!["DPoP","Bearer"].includes(c)))throw new Error(`Tokens of type [${u}] are not supported.`);var c;if(void 0!==n||void 0!==t||void 0!==r||void 0!==s)return{sessionId:e,webId:r,isLoggedIn:"true"===t,redirectUrl:o,refreshToken:s,issuer:a,clientAppId:n,clientAppSecret:i,tokenType:u??"DPoP"}}else await Promise.all([this.storageUtility.deleteAllUserData(e,{secure:!1}),this.storageUtility.deleteAllUserData(e,{secure:!0})])}async clear(e){return Dt(e,this.storageUtility)}}class Ot{async canHandle(e){try{return new URL(e),!0}catch(t){throw new Error(`[${e}] is not a valid URL, and cannot be used as a redirect URL: ${t}`)}}async handle(e){return Ze()}}class Ht{storageUtility;sessionInfoManager;issuerConfigFetcher;clientRegistrar;tokerRefresher;constructor(e,t,r,n,i){this.storageUtility=e,this.sessionInfoManager=t,this.issuerConfigFetcher=r,this.clientRegistrar=n,this.tokerRefresher=i,this.storageUtility=e,this.sessionInfoManager=t,this.issuerConfigFetcher=r,this.clientRegistrar=n,this.tokerRefresher=i}async canHandle(e){try{const t=new URL(e);return null!==t.searchParams.get("code")&&null!==t.searchParams.get("state")}catch(t){throw new Error(`[${e}] is not a valid URL, and cannot be used as a redirect URL: ${t}`)}}async handle(e,t){if(!await this.canHandle(e))throw new Error(`AuthCodeRedirectHandler cannot handle [${e}]: it is missing one of [code, state].`);const r=new URL(e),n=r.searchParams.get("state"),i=await this.storageUtility.getForUser(n,"sessionId",{errorIfNull:!0}),{issuerConfig:o,codeVerifier:s,redirectUrl:a,dpop:u}=await at(i,this.storageUtility,this.issuerConfigFetcher),c=r.searchParams.get("iss");if("string"==typeof c&&c!==o.issuer)throw new Error(`The value of the iss parameter (${c}) does not match the issuer identifier of the authorization server (${o.issuer}). See [rfc9207](https://www.rfc-editor.org/rfc/rfc9207.html#section-2.3-3.1.1)`);if(void 0===s)throw new Error(`The code verifier for session ${i} is missing from storage.`);if(void 0===a)throw new Error(`The redirect URL for session ${i} is missing from storage.`);const h=await this.clientRegistrar.getClient({sessionId:i},o),l=Date.now(),d=await xt(o,h,{grantType:"authorization_code",code:r.searchParams.get("code"),codeVerifier:s,redirectUrl:a},u);let f;window.localStorage.removeItem(`oidc.${n}`),void 0!==d.refreshToken&&(f={sessionId:i,refreshToken:d.refreshToken,tokenRefresher:this.tokerRefresher});const p=mt(d.accessToken,{dpopKey:d.dpopKey,refreshOptions:f,eventEmitter:t,expiresIn:d.expiresIn});await async function(e,t,r,n,i,o,s,a){void 0!==o&&await e.setForUser(t,{refreshToken:o},{secure:s}),void 0!==r&&await e.setForUser(t,{webId:r},{secure:s}),void 0!==n&&await e.setForUser(t,{clientId:n},{secure:s}),void 0!==i&&await e.setForUser(t,{isLoggedIn:i},{secure:s}),void 0!==a&&await e.setForUser(t,{publicKey:JSON.stringify(a.publicKey),privateKey:JSON.stringify(await we(a.privateKey))},{secure:s})}(this.storageUtility,i,d.webId,d.clientId,"true",void 0,!0);const g=await this.sessionInfoManager.get(i);if(!g)throw new Error(`Could not retrieve session: [${i}].`);return Object.assign(g,{fetch:p,getLogoutUrl:rt({idTokenHint:d.idToken,endSessionEndpoint:o.endSessionEndpoint}),expirationDate:"number"==typeof d.expiresIn?l+1e3*d.expiresIn:void 0})}}class jt extends Je{constructor(e){super(e)}}class Mt{get storage(){return window.localStorage}async get(e){return this.storage.getItem(e)||void 0}async set(e,t){this.storage.setItem(e,t)}async delete(e){this.storage.removeItem(e)}}class Bt{redirect(e,t){t&&t.handleRedirect?t.handleRedirect(e):t&&t.redirectByReplacingState?window.history.replaceState({},"",e):window.location.href=e}}class Kt{storageUtility;constructor(e){this.storageUtility=e,this.storageUtility=e}async getClient(e,t){const[r,n,i,o,s]=await Promise.all([this.storageUtility.getForUser(e.sessionId,"clientId",{secure:!1}),this.storageUtility.getForUser(e.sessionId,"clientSecret",{secure:!1}),this.storageUtility.getForUser(e.sessionId,"expiresAt",{secure:!1}),this.storageUtility.getForUser(e.sessionId,"clientName",{secure:!1}),this.storageUtility.getForUser(e.sessionId,"clientType",{secure:!1})]),a=void 0!==i?Number.parseInt(i,10):-1,u=void 0!==n&&0!==a&&Math.floor(Date.now()/1e3)>a;if(r&&("string"==typeof(c=s)&&["dynamic","static","solid-oidc"].includes(c))&&!u)return void 0!==n?{clientId:r,clientSecret:n,clientName:o,clientType:"dynamic",expiresAt:a}:{clientId:r,clientName:o,clientType:s};var c;try{const r=await bt(e,t),n={clientId:r.clientId,clientType:"dynamic"};return void 0!==r.clientSecret&&(n.clientSecret=r.clientSecret,n.expiresAt=String(r.expiresAt)),r.idTokenSignedResponseAlg&&(n.idTokenSignedResponseAlg=r.idTokenSignedResponseAlg),await this.storageUtility.setForUser(e.sessionId,n,{secure:!1}),r}catch(e){throw new Error("Client registration failed.",{cause:e})}}}class Vt{async canHandle(e){try{return new URL(e).searchParams.has("error")}catch(t){throw new Error(`[${e}] is not a valid URL, and cannot be used as a redirect URL: ${t}`)}}async handle(e,t){if(void 0!==t){const r=new URL(e),n=r.searchParams.get("error"),i=r.searchParams.get("error_description");t.emit(Ne,n,i)}return Ze()}}class qt{storageUtility;issuerConfigFetcher;clientRegistrar;constructor(e,t,r){this.storageUtility=e,this.issuerConfigFetcher=t,this.clientRegistrar=r,this.storageUtility=e,this.issuerConfigFetcher=t,this.clientRegistrar=r}async refresh(e,t,r,n){const i=await at(e,this.storageUtility,this.issuerConfigFetcher),o=await this.clientRegistrar.getClient({sessionId:e},i.issuerConfig);if(void 0===t)throw new Error(`Session [${e}] has no refresh token to allow it to refresh its access token.`);if(i.dpop&&void 0===r)throw new Error(`For session [${e}], the key bound to the DPoP access token must be provided to refresh said access token.`);const s=await At(t,i.issuerConfig,o,r);return void 0!==s.refreshToken&&n?.emit(je,s.refreshToken),s}}function Jt(e){const t=new ct,r=e.secureStorage||t,n=e.insecureStorage||new Mt,i=new kt(r,n),o=new Lt(i),s=new Kt(i),a=new Nt(i),u=new qt(i,o,s),c=new Bt,h=new Ct(i,new Rt(i,c),o,s),l=new jt([new Vt,new Ht(i,a,o,s,u),new Ot]);return new Pt(h,l,new Qe(a,c),a,o)}const Wt=`${Le}currentSession`,$t=`${Le}currentUrl`;class zt{info;events;clientAuthentication;tokenRequestInProgress=!1;constructor(e={},t=void 0){this.events=new wt,e.clientAuthentication?this.clientAuthentication=e.clientAuthentication:e.secureStorage&&e.insecureStorage?this.clientAuthentication=Jt({secureStorage:e.secureStorage,insecureStorage:e.insecureStorage}):this.clientAuthentication=Jt({}),e.sessionInfo?this.info={sessionId:e.sessionInfo.sessionId,isLoggedIn:!1,webId:e.sessionInfo.webId,clientAppId:e.sessionInfo.clientAppId}:this.info={sessionId:t??Ue(),isLoggedIn:!1},this.events.on(Oe,()=>window.localStorage.setItem(Wt,this.info.sessionId)),this.events.on(Me,()=>this.internalLogout(!1)),this.events.on(Ne,()=>this.internalLogout(!1))}login=async e=>(await this.clientAuthentication.login({sessionId:this.info.sessionId,...e,tokenType:e.tokenType??"DPoP"},this.events),new Promise(()=>{}));fetch=(e,t)=>this.clientAuthentication.fetch(e,t);internalLogout=async(e,t)=>{window.localStorage.removeItem(Wt),await this.clientAuthentication.logout(this.info.sessionId,t),this.info.isLoggedIn=!1,e&&this.events.emit(He)};logout=async e=>this.internalLogout(!0,e);handleIncomingRedirect=async(e={})=>{if(this.info.isLoggedIn)return this.info;if(this.tokenRequestInProgress)return;const t="string"==typeof e?{url:e}:e,r=t.url??window.location.href;this.tokenRequestInProgress=!0;const n=await this.clientAuthentication.handleIncomingRedirect(r,this.events);if(function(e){return!!e?.isLoggedIn}(n)){this.setSessionInfo(n);const e=window.localStorage.getItem($t);null===e?this.events.emit(Oe):(window.localStorage.removeItem($t),this.events.emit(Ke,e))}else if(!0===t.restorePreviousSession){const e=window.localStorage.getItem(Wt);if(null!==e){if(await async function(e,t,r){const n=await t.validateCurrentSession(e);return null!==n&&(window.localStorage.setItem($t,window.location.href),await t.login({sessionId:e,prompt:"none",oidcIssuer:n.issuer,redirectUrl:n.redirectUrl,clientId:n.clientAppId,clientSecret:n.clientAppSecret,tokenType:n.tokenType??"DPoP"},r.events),!0)}(e,this.clientAuthentication,this))return new Promise(()=>{})}}return this.tokenRequestInProgress=!1,n};setSessionInfo(e){this.info.isLoggedIn=e.isLoggedIn,this.info.webId=e.webId,this.info.sessionId=e.sessionId,this.info.clientAppId=e.clientAppId,this.info.expirationDate=e.expirationDate,this.events.on(Be,e=>{this.info.expirationDate=Date.now()+1e3*e})}}const Yt=new zt;var Gt=n(264),Xt=n(386);const Qt=n.n(Xt)()(Gt),Zt=(0,Gt.sym)("http://www.iana.org/assignments/link-relations/acl");function er(e){const t=Qt;function r(e,r,n,i={}){const o=i.public||[],s=(0,Gt.graph)(),a=(0,Gt.Namespace)("http://www.w3.org/ns/auth/acl#");let u=s.sym(`${n}#a1`);const c=s.sym(n),h=s.sym(e);if(s.add(u,t.rdf("type"),a("Authorization"),c),s.add(u,a("accessTo"),h,c),i.defaultForNew&&s.add(u,a("default"),h,c),s.add(u,a("agent"),r,c),s.add(u,a("mode"),a("Read"),c),s.add(u,a("mode"),a("Write"),c),s.add(u,a("mode"),a("Control"),c),o.length){u=s.sym(`${n}#a2`),s.add(u,t.rdf("type"),a("Authorization"),c),s.add(u,a("accessTo"),h,c),s.add(u,a("agentClass"),t.foaf("Agent"),c);for(let e=0;e<o.length;e++)s.add(u,a("mode"),a(o[e]),c)}return(0,Gt.serialize)(c,s,n)}return{findAclDocUrl:async function(t){await e.fetcher.load(t);const r=e.any(t,Zt);if(!r)throw new Error(`No ACL link discovered for ${t}`);return r.value},setACLUserPublic:function(t,n,i){const o=e.any(e.sym(t),Zt);return Promise.resolve().then(()=>o||function(t){const r=e.fetcher;if(!r)throw new Error("Cannot fetch ACL rel, store has no fetcher");return r.load(t).then(r=>{if(!r.ok)throw new Error("fetchACLRel: While loading:"+r.error);const n=e.any(e.sym(t),Zt);if(!n)throw new Error("fetchACLRel: No Link rel=ACL header for "+t);return n})}(t).catch(e=>{throw new Error(`Error fetching rel=ACL header for ${t}: ${e}`)})).then(o=>{const s=r(t,n,o.uri,i);if(!e.fetcher)throw new Error("Cannot PUT this, store has no fetcher");return e.fetcher.webOperation("PUT",o.uri,{data:s,contentType:"text/turtle"}).then(e=>{if(!e.ok)throw new Error("Error writing ACL text: "+e.error);return o})})},genACLText:r}}const tr=()=>{let{SolidAppContext:e}=window;if(e||={},e.viewingNoAuthPage=!1,e.noAuth&&window.document){if(window.document.location.href.startsWith(e.noAuth)){e.viewingNoAuthPage=!0;const t=new URLSearchParams(window.document.location.search);if(t){let r=e.viewedPage=t.get("uri")||null;if(r&&(r=decodeURI(r),!r.startsWith(e.noAuth))){const t=r.split(/\//);e.idp=t[0]+"//"+t[2],e.viewingNoAuthPage=!1}}}}return e};function rr(){const{$SolidTestEnvironment:t}=window;if(void 0!==t&&t.username)return e("Assuming the user is "+t.username),(0,Gt.sym)(t.username);if("undefined"!=typeof document&&document.location&&"http://localhost"===(""+document.location).slice(0,16)){const t=document.getElementById("appTarget");if(!t)return null;const r=t.getAttribute("testID");return r?(e("Assuming user is "+r),(0,Gt.sym)(r)):null}return null}class nr{session;constructor(e){this.session=e}get authSession(){return this.session}currentUser(){const e=tr();return e.viewingNoAuthPage?(0,Gt.sym)(e.webId):this&&this.session&&this.session.info&&this.session.info.webId&&this.session.info.isLoggedIn?(0,Gt.sym)(this.session.info.webId):rr()}async checkUser(t){const r=new URL(window.location.href).hash;r&&window.localStorage.setItem("preLoginRedirectHash",r),this.session.events.on(Ke,t=>{e(`Session restored to ${t}`),document.location.toString()!==t&&history.replaceState(null,"",t)});const n=new URL(window.location.href);n.hash="",await this.session.handleIncomingRedirect({restorePreviousSession:!0,url:n.href});const i=window.localStorage.getItem("preLoginRedirectHash");if(i){const e=new URL(window.location.href);e.hash!==i&&(history.pushState?history.pushState(null,document.title,i):location.hash=i,e.hash=i),window.localStorage.setItem("preLoginRedirectHash","")}let o=rr();if(o)return Promise.resolve(t?t(o):o);const s=this.webIdFromSession(this.session.info);return s&&(o=this.saveUser(s)),o&&e(`(Logged in as ${o} by authentication)`),Promise.resolve(t?t(o):o)}saveUser(e,t){let r;if(e){r="string"==typeof e?e:e.uri;const n=(0,Gt.namedNode)(r);return t&&(t.me=n),n}return null}webIdFromSession(e){return e?.webId&&e.isLoggedIn?e.webId:null}}function ir(e){return(0,Gt.sym)(e.uri+"#id"+Date.now())}function or(e){return!e||`${window.location.origin}/`!==new URL(e.value).origin}const sr="index.ttl#this";function ar(e,t){const r=Qt;async function n(t,r,n){await e.fetcher.load(t);const i=e.any(t,new Gt.NamedNode("http://www.iana.org/assignments/link-relations/acl"));if(!i)throw new Error("Chat ACL doc not found!");const o=`\n            @prefix acl: <http://www.w3.org/ns/auth/acl#>.\n            <#owner>\n            a acl:Authorization;\n            acl:agent <${r.value}>;\n            acl:accessTo <.>;\n            acl:default <.>;\n            acl:mode\n                acl:Read, acl:Write, acl:Control.\n            <#invitee>\n            a acl:Authorization;\n            acl:agent <${n.value}>;\n            acl:accessTo <.>;\n            acl:default <.>;\n            acl:mode\n                acl:Read, acl:Append.\n            `;await e.fetcher.webOperation("PUT",i.value,{data:o,contentType:"text/turtle"})}async function i(t,n){const i=e.any(n,r.solid("privateTypeIndex"));if(!i)throw new Error("Private type index not found!");await e.fetcher.load(i);const o=ir(i),s=[(0,Gt.st)(o,r.rdf("type"),r.solid("TypeRegistration"),i.doc()),(0,Gt.st)(o,r.solid("forClass"),r.meeting("LongChat"),i.doc()),(0,Gt.st)(o,r.solid("instance"),t,i.doc())];await new Promise((t,r)=>{e.updater.update([],s,function(e,n,i){n?t(null):r(new Error(i))})})}async function o(r){const n=await t.loadMe(),i=function(e,t){const r=new URL(`IndividualChats/${new URL(e.value).host}/`,t.value).toString();return new Gt.NamedNode(r)}(r,await t.getPodRoot(n));let o=!0;try{await e.fetcher.load(new Gt.NamedNode(i.value+"index.ttl#this"))}catch(e){o=!1}return{me:n,chatContainer:i,exists:o}}async function s(e,t){return(await a({me:t,newBase:e.value})).newInstance}function a(t){const n=e,i=n.updater;if(t.me&&!t.me.uri)throw new Error("chat mintNew:  Invalid userid "+t.me);const o=t.newInstance=t.newInstance||n.sym(t.newBase+sr),s=o.doc();return n.add(o,r.rdf("type"),r.meeting("LongChat"),s),n.add(o,r.dc("title"),"Chat channel",s),n.add(o,r.dc("created"),(0,Gt.term)(new Date(Date.now())),s),t.me&&n.add(o,r.dc("author"),t.me,s),new Promise(function(e,r){i?.put(s,n.statementsMatching(void 0,void 0,void 0,s),"text/turtle",function(n,i,s){i?e({...t,newInstance:o}):r(new Error("FAILED to save new chat channel at: "+n+" : "+s))})})}async function u(t,n){await e.fetcher.load(t.doc());const i=e.any(t,r.ldp("inbox"),void 0,t.doc());if(!i)throw new Error(`Invitee inbox not found! ${t.value}`);const o=`\n        <> a <http://www.w3.org/ns/pim/meeting#LongChatInvite> ;\n        ${r.rdf("seeAlso")} <${n.value}> .\n        `,s=await(e.fetcher?.webOperation("POST",i.value,{data:o,contentType:"text/turtle"})),a=s?.headers.get("location");if(!a)throw new Error(`Invite sending returned a ${s?.status}`)}return{setAcl:n,addToPrivateTypeIndex:i,findChat:o,createChatThing:s,getChat:async function(e,t=!0){const{me:r,chatContainer:a,exists:c}=await o(e);if(c)return new Gt.NamedNode(a.value+sr);if(t){const t=await s(a,r);return await u(e,t),await n(a,r,e),await i(t,r),t}return null},sendInvite:u,mintNew:a}}function ur(e,t,r,n,i){return{createInboxFor:async function(e,i){const o=await t.loadMe(),s=`${(await t.getPodRoot(o)).value}p2p-inboxes/${encodeURIComponent(i)}/`;return await n.createContainer(s),await r.setSinglePeerAccess({ownerWebId:o.value,peerWebId:e,accessToModes:"acl:Append",target:s}),s},getNewMessages:async function(e){e||(e=await t.loadMe());const r=await t.getMainInbox(e);return(await n.getContainerMembers(r)).filter(e=>!n.isContainer(e))},markAsRead:async function(t,r){const n=await e.fetcher._fetch(t);if(200!==n.status)throw new Error(`Not OK! ${t}`);const i=function(e,t){const r=t.getUTCFullYear(),n=("0"+(t.getUTCMonth()+1)).slice(-2),i=("0"+t.getUTCDate()).slice(-2),o=e.split("/"),s=o[o.length-1];return new URL(`./archive/${r}/${n}/${i}/${s}`,e).toString()}(t,r),o={method:"PUT",body:await n.text(),headers:[["Content-Type",n.headers.get("Content-Type")||"application/octet-stream"]]};"2"===(await e.fetcher._fetch(i,o)).status.toString()[0]&&await e.fetcher._fetch(t,{method:"DELETE"})}}}class cr extends Error{constructor(e){super(e),Object.setPrototypeOf(this,new.target.prototype),this.name=new.target.name}}class hr extends cr{}class lr extends cr{}class dr extends cr{}class fr extends cr{}class pr extends cr{}class gr extends cr{status;constructor(e,t){super(t),this.status=e}}function yr(e,r,n){const i=Qt;async function o(r){await s(r);const o=function(e){const t=e.uri.replace("/profile/","/").replace("/public/","/").split("/").slice(0,-1).join("/")+"/Settings/Preferences.ttl";return(0,Gt.sym)(t)}(r);let a;try{a=await n.followOrCreateLink(r,i.space("preferencesFile"),o,r.doc())}catch(e){if(t(`User ${r} has no pointer in profile to preferences file.`),e instanceof fr)throw e;if(e instanceof pr)throw e;if(e instanceof hr)throw e;if(e instanceof lr)throw e;if(e instanceof dr)throw e;if(e instanceof gr)throw e;throw e}try{await e.fetcher.load(a)}catch(e){const n=`Unable to load preference of user ${r}: ${e}`;if(t(n),401===e.response.status)throw new hr;if(403===e.response.status){if(or(a))throw new lr;throw new dr}throw new Error(n)}return a}async function s(t){if(!t)throw new Error("loadProfile: no user given.");try{await e.fetcher.load(t.doc())}catch(e){throw new Error(`Unable to load profile of user ${t}: ${e}`)}return t.doc()}function a(t){return e.any(t,i.space("storage"),void 0,t.doc())}return{loadMe:async function(){const t=r.currentUser();if(null===t)throw new Error("Current user not found! Not logged in?");return await e.fetcher.load(t.doc()),t},getPodRoot:function(e){const t=a(e);if(!t)throw new Error("User pod root not found!");return t},getMainInbox:async function(t){await e.fetcher.load(t);const r=e.any(t,i.ldp("inbox"),void 0,t.doc());if(!r)throw new Error("User main inbox not found!");return r},findStorage:a,loadPreferences:o,loadProfile:s,silencedLoadPreferences:async function(e){try{return await o(e)}catch(e){return}}}}function vr(e,r,n,i){const o=Qt;async function s(r){if(!r)throw new Error("loadTypeIndexesFor: No user given");const s=await n.loadProfile(r),a=h(r);let u;try{u=await i.followOrCreateLink(r,o.solid("publicTypeIndex"),a,s)}catch(e){t(`User ${r} has no pointer in profile to publicTypeIndex file.`)}const c=u?[{label:"public",index:u,agent:r}]:[];let d,f;try{d=await n.silencedLoadPreferences(r)}catch(e){d=null}if(d){const n=l(d);let a;try{a=e.any(r,o.solid("privateTypeIndex"),void 0,s)||await i.followOrCreateLink(r,o.solid("privateTypeIndex"),n,d)}catch(e){t(`User ${r} has no pointer in preference file to privateTypeIndex file.`)}f=a?[{label:"private",index:a,agent:r}]:[]}else f=[];const p=c.concat(f);if(0===p.length)return p;const g=p.map(e=>e.index);try{await e.fetcher.load(g)}catch(e){t("Problems loading type index: ",e)}return p}async function a(r){let i;try{i=await n.silencedLoadPreferences(r)}catch(e){t(`User ${r} has no pointer in profile to preferences file.`)}if(i){const t=e.each(r,o.solid("community"),void 0,i).concat(e.each(r,o.solid("community"),void 0,r.doc()));let n=[];for(const e of t)n=n.concat(await s(e));return n}return[]}async function u(e){return(await s(e)).concat((await a(e)).flat())}async function c(e,t){const r=await u(t);let n=[];for(const t of r){const r=await d(t,e);n=n.concat(r)}return n}function h(e){return(0,Gt.sym)(e.doc().dir()?.uri+"publicTypeIndex.ttl")}function l(e){return(0,Gt.sym)(e.doc().dir()?.uri+"privateTypeIndex.ttl")}async function d(t,r){const n=t.index,i=[],s=e.statementsMatching(null,o.solid("instance"),null,n).concat(e.statementsMatching(null,o.solid("instanceContainer"),null,n)).map(e=>e.subject);for(const a of s){const s=e.any(a,o.solid("forClass"),null,n);if(!r||s.sameTerm(r)){const r=e.each(a,o.solid("instance"),null,n);for(const e of r)i.push({instance:e,type:s,scope:t});const u=e.each(a,o.solid("instanceContainer"),null,n);for(const r of u)await e.fetcher.load(r),i.push({instance:(0,Gt.sym)(r.value),type:s,scope:t})}}return i}return{registerInTypeIndex:async function(t,r,n){const i=ir(r),s=[(0,Gt.st)(i,o.rdf("type"),o.solid("TypeRegistration"),r),(0,Gt.st)(i,o.solid("forClass"),n,r),(0,Gt.st)(i,o.solid("instance"),t,r)];try{await e.updater.update([],s)}catch(e){const n=`Unable to register ${t} in index ${r}: ${e}`;return console.warn(n),null}return i},getRegistrations:function(t,r){return e.each(void 0,o.solid("instance"),t).filter(t=>e.holds(t,o.solid("forClass"),r))},loadTypeIndexesFor:s,loadCommunityTypeIndexes:a,loadAllTypeIndexes:u,getScopedAppInstances:c,getAppInstances:async function(e){const t=r.currentUser();if(!t)throw new Error("getAppInstances: Must be logged in to find apps.");return(await c(e,t)).map(e=>e.instance)},suggestPublicTypeIndex:h,suggestPrivateTypeIndex:l,deleteTypeIndexRegistration:async function(t){const r=e.the(null,o.solid("instance"),t.instance,t.scope.index);if(!r)throw new Error(`deleteTypeIndexRegistration: No registration found for ${t.instance}`);const n=e.statementsMatching(r,null,null,t.scope.index);await e.updater.update(n,[])},getScopedAppsFromIndex:d}}const mr=function(r,n){e("SolidLogic: Unique instance created.  There should only be one of these.");const i=Gt.graph();Gt.fetcher(i,{fetch:r.fetch}),i.updater=new Gt.UpdateManager(i),i.features=[];const o=new nr(n),s=er(i),a=function(e){function t(t){return e.statementsMatching(t,(0,Gt.sym)("http://www.w3.org/ns/ldp#contains"),void 0).map(e=>e.object)}function r(e){const t=e.value;return"/"===t.charAt(t.length-1)}return{isContainer:r,createContainer:async function(t){if(!r((0,Gt.sym)(t)))throw new Error(`Not a container URL ${t}`);const n=await e.fetcher._fetch(t,{method:"PUT",headers:{"Content-Type":"text/turtle","If-None-Match":"*",Link:'<http://www.w3.org/ns/ldp#BasicContainer>; rel="type"'},body:" "});if("2"!==n.status.toString()[0])throw new Error(`Not OK: got ${n.status} response while creating container at ${t}`)},getContainerElements:t,getContainerMembers:async function(r){return await e.fetcher.load(r),t(r)}}}(i),u=function(r,n,i){async function o(e){let t;try{t=await r.fetcher.load(e)}catch(t){if(404!==t.response.status){if(401===t.response.status)throw new hr;if(403===t.response.status){if(or(e))throw new lr;throw new dr}const r="createIfNotExists doc load error NOT 404:  "+e+": "+t;throw new gr(t.status,t.message+r)}try{await r.fetcher.webOperation("PUT",e,{data:"",contentType:"text/turtle"})}catch(t){throw new pr("createIfNotExists: PUT FAILED: "+e+": "+t)}await r.fetcher.load(e)}return t}return{recursiveDelete:async function t(o){try{if(i.isContainer(o)){const e=await n.findAclDocUrl(o);await r.fetcher._fetch(e,{method:"DELETE"});const s=await i.getContainerMembers(o);await Promise.all(s.map(e=>t(e)))}const e=o.value;return r.fetcher._fetch(e,{method:"DELETE"})}catch(t){e(`Please manually remove ${o.value} from your system.`,t)}},setSinglePeerAccess:async function(e){let t=["@prefix acl: <http://www.w3.org/ns/auth/acl#>.","",`<#alice> a acl:Authorization;\n  acl:agent <${e.ownerWebId}>;`,`  acl:accessTo <${e.target}>;`,`  acl:default <${e.target}>;`,"  acl:mode acl:Read, acl:Write, acl:Control.",""].join("\n");e.accessToModes&&(t+=["<#bobAccessTo> a acl:Authorization;",`  acl:agent <${e.peerWebId}>;`,`  acl:accessTo <${e.target}>;`,`  acl:mode ${e.accessToModes}.`,""].join("\n")),e.defaultModes&&(t+=["<#bobDefault> a acl:Authorization;",`  acl:agent <${e.peerWebId}>;`,`  acl:default <${e.target}>;`,`  acl:mode ${e.defaultModes}.`,""].join("\n"));const i=await n.findAclDocUrl((0,Gt.sym)(e.target));return r.fetcher._fetch(i,{method:"PUT",body:t,headers:[["Content-Type","text/turtle"]]})},createEmptyRdfDoc:async function(e,t){await r.fetcher.webOperation("PUT",e.uri,{data:`# ${new Date} ${t}\n  `,contentType:"text/turtle"})},followOrCreateLink:async function(e,n,i,s){await r.fetcher.load(s);const a=r.any(e,n,null,s);if(a)return a;if(!r.updater.editable(s)){const e=`followOrCreateLink: cannot edit ${s.value}`;throw t(e),new fr(e)}try{await r.updater.update([],[(0,Gt.st)(e,n,i,s)])}catch(e){throw t(`followOrCreateLink: Error making link in ${s} to ${i}: ${e}`),new pr(e)}try{await o(i)}catch(e){throw t(`followOrCreateLink: Error loading or saving new linked document: ${i}: ${e}`),e}return i},loadOrCreateIfNotExists:o}}(i,s,a),c=yr(i,o,u),h=ar(i,c),l=ur(i,c,u,a),d=vr(i,o,c,u);return e("SolidAuthnLogic initialized"),{store:i,authn:o,acl:s,inbox:l,chat:h,profile:c,typeIndex:d,load:function(e){return i.fetcher.load(e)},updatePromise:function(e,t=[]){return new Promise((r,n)=>{i.updater.update(e,t,function(e,t,i){t?r():n(new Error(i))})})},clearStore:function(){i.statements.slice().forEach(i.remove.bind(i))}}}({fetch:async(e,t)=>{const r=t&&t.credentials&&"omit"==t.credentials;return Yt.info.webId&&!r?Yt.fetch(e,t):window.fetch(e,t)}},Yt);e("Unique quadstore initialized.");const wr=[{name:"Solid Community",uri:"https://solidcommunity.net"},{name:"Solid Web",uri:"https://solidweb.org"},{name:"Solid Web ME",uri:"https://solidweb.me"},{name:"Inrupt.com",uri:"https://login.inrupt.com"}];function _r(){const e=[...wr],{host:t,origin:r}=new URL(location.href),n=e.map(({uri:e})=>new URL(e).host);return n.includes(t)||n.some(e=>function(e,t){const r=e.length-t.length-1;return r>0&&"."===e[r]&&e.endsWith(t)}(t,e))||e.unshift({name:t,uri:r}),e}const Sr=mr.authn,br=mr.authn.authSession,Er=mr.store})(),i})());
+t.read=function(e,t,r,n,i){var o,s,a=8*i-n-1,u=(1<<a)-1,c=u>>1,h=-7,l=r?i-1:0,d=r?-1:1,f=e[t+l];for(l+=d,o=f&(1<<-h)-1,f>>=-h,h+=a;h>0;o=256*o+e[t+l],l+=d,h-=8);for(s=o&(1<<-h)-1,o>>=-h,h+=n;h>0;s=256*s+e[t+l],l+=d,h-=8);if(0===o)o=1-c;else{if(o===u)return s?NaN:1/0*(f?-1:1);s+=Math.pow(2,n),o-=c}return(f?-1:1)*s*Math.pow(2,o-n)},t.write=function(e,t,r,n,i,o){var s,a,u,c=8*o-i-1,h=(1<<c)-1,l=h>>1,d=23===i?Math.pow(2,-24)-Math.pow(2,-77):0,f=n?0:o-1,p=n?1:-1,g=t<0||0===t&&1/t<0?1:0;for(t=Math.abs(t),isNaN(t)||t===1/0?(a=isNaN(t)?1:0,s=h):(s=Math.floor(Math.log(t)/Math.LN2),t*(u=Math.pow(2,-s))<1&&(s--,u*=2),(t+=s+l>=1?d/u:d*Math.pow(2,1-l))*u>=2&&(s++,u/=2),s+l>=h?(a=0,s=h):s+l>=1?(a=(t*u-1)*Math.pow(2,i),s+=l):(a=t*Math.pow(2,l-1)*Math.pow(2,i),s=0));i>=8;e[r+f]=255&a,f+=p,a/=256,i-=8);for(s=s<<i|a,c+=i;c>0;e[r+f]=255&s,f+=p,s/=256,c-=8);e[r+f-p]|=128*g}},function(e,t){var r={}.toString;e.exports=Array.isArray||function(e){return"[object Array]"==r.call(e)}},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.default=function(e){var t=e.jws,r=e.KeyUtil,i=e.X509,o=e.crypto,s=e.hextob64u,a=e.b64tohex,u=e.AllowedSigningAlgs;return function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.parseJwt=function e(r){n.Log.debug("JoseUtil.parseJwt");try{var i=t.JWS.parse(r);return{header:i.headerObj,payload:i.payloadObj}}catch(e){n.Log.error(e)}},e.validateJwt=function(t,o,s,u,c,h,l){n.Log.debug("JoseUtil.validateJwt");try{if("RSA"===o.kty)if(o.e&&o.n)o=r.getKey(o);else{if(!o.x5c||!o.x5c.length)return n.Log.error("JoseUtil.validateJwt: RSA key missing key material",o),Promise.reject(new Error("RSA key missing key material"));var d=a(o.x5c[0]);o=i.getPublicKeyFromCertHex(d)}else{if("EC"!==o.kty)return n.Log.error("JoseUtil.validateJwt: Unsupported key type",o&&o.kty),Promise.reject(new Error(o.kty));if(!(o.crv&&o.x&&o.y))return n.Log.error("JoseUtil.validateJwt: EC key missing key material",o),Promise.reject(new Error("EC key missing key material"));o=r.getKey(o)}return e._validateJwt(t,o,s,u,c,h,l)}catch(e){return n.Log.error(e&&e.message||e),Promise.reject("JWT validation failed")}},e.validateJwtAttributes=function(t,r,i,o,s,a){o||(o=0),s||(s=parseInt(Date.now()/1e3));var u=e.parseJwt(t).payload;if(!u.iss)return n.Log.error("JoseUtil._validateJwt: issuer was not provided"),Promise.reject(new Error("issuer was not provided"));if(u.iss!==r)return n.Log.error("JoseUtil._validateJwt: Invalid issuer in token",u.iss),Promise.reject(new Error("Invalid issuer in token: "+u.iss));if(!u.aud)return n.Log.error("JoseUtil._validateJwt: aud was not provided"),Promise.reject(new Error("aud was not provided"));if(!(u.aud===i||Array.isArray(u.aud)&&u.aud.indexOf(i)>=0))return n.Log.error("JoseUtil._validateJwt: Invalid audience in token",u.aud),Promise.reject(new Error("Invalid audience in token: "+u.aud));if(u.azp&&u.azp!==i)return n.Log.error("JoseUtil._validateJwt: Invalid azp in token",u.azp),Promise.reject(new Error("Invalid azp in token: "+u.azp));if(!a){var c=s+o,h=s-o;if(!u.iat)return n.Log.error("JoseUtil._validateJwt: iat was not provided"),Promise.reject(new Error("iat was not provided"));if(c<u.iat)return n.Log.error("JoseUtil._validateJwt: iat is in the future",u.iat),Promise.reject(new Error("iat is in the future: "+u.iat));if(u.nbf&&c<u.nbf)return n.Log.error("JoseUtil._validateJwt: nbf is in the future",u.nbf),Promise.reject(new Error("nbf is in the future: "+u.nbf));if(!u.exp)return n.Log.error("JoseUtil._validateJwt: exp was not provided"),Promise.reject(new Error("exp was not provided"));if(u.exp<h)return n.Log.error("JoseUtil._validateJwt: exp is in the past",u.exp),Promise.reject(new Error("exp is in the past:"+u.exp))}return Promise.resolve(u)},e._validateJwt=function(r,i,o,s,a,c,h){return e.validateJwtAttributes(r,o,s,a,c,h).then(function(e){try{return t.JWS.verify(r,i,u)?e:(n.Log.error("JoseUtil._validateJwt: signature validation failed"),Promise.reject(new Error("signature validation failed")))}catch(e){return n.Log.error(e&&e.message||e),Promise.reject(new Error("signature validation failed"))}})},e.hashString=function e(t,r){try{return o.Util.hashString(t,r)}catch(e){n.Log.error(e)}},e.hexToBase64Url=function e(t){try{return s(t)}catch(e){n.Log.error(e)}},e}()};var n=r(0);e.exports=t.default},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.SigninResponse=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(3);t.SigninResponse=function(){function e(t){var r=arguments.length>1&&void 0!==arguments[1]?arguments[1]:"#";!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e);var n=i.UrlUtility.parseUrlFragment(t,r);this.error=n.error,this.error_description=n.error_description,this.error_uri=n.error_uri,this.code=n.code,this.state=n.state,this.id_token=n.id_token,this.session_state=n.session_state,this.access_token=n.access_token,this.token_type=n.token_type,this.scope=n.scope,this.profile=void 0,this.expires_in=n.expires_in}return n(e,[{key:"expires_in",get:function(){if(this.expires_at){var e=parseInt(Date.now()/1e3);return this.expires_at-e}},set:function(e){var t=parseInt(e);if("number"==typeof t&&t>0){var r=parseInt(Date.now()/1e3);this.expires_at=r+t}}},{key:"expired",get:function(){var e=this.expires_in;if(void 0!==e)return e<=0}},{key:"scopes",get:function(){return(this.scope||"").split(" ")}},{key:"isOpenIdConnect",get:function(){return this.scopes.indexOf("openid")>=0||!!this.id_token}}]),e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.SignoutRequest=void 0;var n=r(0),i=r(3),o=r(9);t.SignoutRequest=function e(t){var r=t.url,s=t.id_token_hint,a=t.post_logout_redirect_uri,u=t.data,c=t.extraQueryParams,h=t.request_type;if(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),!r)throw n.Log.error("SignoutRequest.ctor: No url passed"),new Error("url");for(var l in s&&(r=i.UrlUtility.addQueryParam(r,"id_token_hint",s)),a&&(r=i.UrlUtility.addQueryParam(r,"post_logout_redirect_uri",a),u&&(this.state=new o.State({data:u,request_type:h}),r=i.UrlUtility.addQueryParam(r,"state",this.state.id))),c)r=i.UrlUtility.addQueryParam(r,l,c[l]);this.url=r}},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.SignoutResponse=void 0;var n=r(3);t.SignoutResponse=function e(t){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e);var r=n.UrlUtility.parseUrlFragment(t,"?");this.error=r.error,this.error_description=r.error_description,this.error_uri=r.error_uri,this.state=r.state}},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.InMemoryWebStorage=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0);t.InMemoryWebStorage=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this._data={}}return e.prototype.getItem=function(e){return i.Log.debug("InMemoryWebStorage.getItem",e),this._data[e]},e.prototype.setItem=function(e,t){i.Log.debug("InMemoryWebStorage.setItem",e),this._data[e]=t},e.prototype.removeItem=function(e){i.Log.debug("InMemoryWebStorage.removeItem",e),delete this._data[e]},e.prototype.key=function(e){return Object.getOwnPropertyNames(this._data)[e]},n(e,[{key:"length",get:function(){return Object.getOwnPropertyNames(this._data).length}}]),e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.UserManager=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0),o=r(10),s=r(39),a=r(15),u=r(45),c=r(47),h=r(18),l=r(8),d=r(20),f=r(11),p=r(4);t.UserManager=function(e){function t(){var r=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},n=arguments.length>1&&void 0!==arguments[1]?arguments[1]:c.SilentRenewService,o=arguments.length>2&&void 0!==arguments[2]?arguments[2]:h.SessionMonitor,a=arguments.length>3&&void 0!==arguments[3]?arguments[3]:d.TokenRevocationClient,l=arguments.length>4&&void 0!==arguments[4]?arguments[4]:f.TokenClient,g=arguments.length>5&&void 0!==arguments[5]?arguments[5]:p.JoseUtil;(function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")})(this,t),r instanceof s.UserManagerSettings||(r=new s.UserManagerSettings(r));var y=function(e,t){if(!e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return!t||"object"!=typeof t&&"function"!=typeof t?e:t}(this,e.call(this,r));return y._events=new u.UserManagerEvents(r),y._silentRenewService=new n(y),y.settings.automaticSilentRenew&&(i.Log.debug("UserManager.ctor: automaticSilentRenew is configured, setting up silent renew"),y.startSilentRenew()),y.settings.monitorSession&&(i.Log.debug("UserManager.ctor: monitorSession is configured, setting up session monitor"),y._sessionMonitor=new o(y)),y._tokenRevocationClient=new a(y._settings),y._tokenClient=new l(y._settings),y._joseUtil=g,y}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function, not "+typeof t);e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}),t&&(Object.setPrototypeOf?Object.setPrototypeOf(e,t):e.__proto__=t)}(t,e),t.prototype.getUser=function(){var e=this;return this._loadUser().then(function(t){return t?(i.Log.info("UserManager.getUser: user loaded"),e._events.load(t,!1),t):(i.Log.info("UserManager.getUser: user not found in storage"),null)})},t.prototype.removeUser=function(){var e=this;return this.storeUser(null).then(function(){i.Log.info("UserManager.removeUser: user removed from storage"),e._events.unload()})},t.prototype.signinRedirect=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(e=Object.assign({},e)).request_type="si:r";var t={useReplaceToNavigate:e.useReplaceToNavigate};return this._signinStart(e,this._redirectNavigator,t).then(function(){i.Log.info("UserManager.signinRedirect: successful")})},t.prototype.signinRedirectCallback=function(e){return this._signinEnd(e||this._redirectNavigator.url).then(function(e){return e.profile&&e.profile.sub?i.Log.info("UserManager.signinRedirectCallback: successful, signed in sub: ",e.profile.sub):i.Log.info("UserManager.signinRedirectCallback: no sub"),e})},t.prototype.signinPopup=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(e=Object.assign({},e)).request_type="si:p";var t=e.redirect_uri||this.settings.popup_redirect_uri||this.settings.redirect_uri;return t?(e.redirect_uri=t,e.display="popup",this._signin(e,this._popupNavigator,{startUrl:t,popupWindowFeatures:e.popupWindowFeatures||this.settings.popupWindowFeatures,popupWindowTarget:e.popupWindowTarget||this.settings.popupWindowTarget}).then(function(e){return e&&(e.profile&&e.profile.sub?i.Log.info("UserManager.signinPopup: signinPopup successful, signed in sub: ",e.profile.sub):i.Log.info("UserManager.signinPopup: no sub")),e})):(i.Log.error("UserManager.signinPopup: No popup_redirect_uri or redirect_uri configured"),Promise.reject(new Error("No popup_redirect_uri or redirect_uri configured")))},t.prototype.signinPopupCallback=function(e){return this._signinCallback(e,this._popupNavigator).then(function(e){return e&&(e.profile&&e.profile.sub?i.Log.info("UserManager.signinPopupCallback: successful, signed in sub: ",e.profile.sub):i.Log.info("UserManager.signinPopupCallback: no sub")),e}).catch(function(e){i.Log.error(e.message)})},t.prototype.signinSilent=function(){var e=this,t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};return t=Object.assign({},t),this._loadUser().then(function(r){return r&&r.refresh_token?(t.refresh_token=r.refresh_token,e._useRefreshToken(t)):(t.request_type="si:s",t.id_token_hint=t.id_token_hint||e.settings.includeIdTokenInSilentRenew&&r&&r.id_token,r&&e._settings.validateSubOnSilentRenew&&(i.Log.debug("UserManager.signinSilent, subject prior to silent renew: ",r.profile.sub),t.current_sub=r.profile.sub),e._signinSilentIframe(t))})},t.prototype._useRefreshToken=function(){var e=this,t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};return this._tokenClient.exchangeRefreshToken(t).then(function(t){return t?t.access_token?e._loadUser().then(function(r){if(r){var n=Promise.resolve();return t.id_token&&(n=e._validateIdTokenFromTokenRefreshToken(r.profile,t.id_token)),n.then(function(){return i.Log.debug("UserManager._useRefreshToken: refresh token response success"),r.id_token=t.id_token||r.id_token,r.access_token=t.access_token,r.refresh_token=t.refresh_token||r.refresh_token,r.expires_in=t.expires_in,e.storeUser(r).then(function(){return e._events.load(r),r})})}return null}):(i.Log.error("UserManager._useRefreshToken: No access token returned from token endpoint"),Promise.reject("No access token returned from token endpoint")):(i.Log.error("UserManager._useRefreshToken: No response returned from token endpoint"),Promise.reject("No response returned from token endpoint"))})},t.prototype._validateIdTokenFromTokenRefreshToken=function(e,t){var r=this;return this._metadataService.getIssuer().then(function(n){return r.settings.getEpochTime().then(function(o){return r._joseUtil.validateJwtAttributes(t,n,r._settings.client_id,r._settings.clockSkew,o).then(function(t){return t?t.sub!==e.sub?(i.Log.error("UserManager._validateIdTokenFromTokenRefreshToken: sub in id_token does not match current sub"),Promise.reject(new Error("sub in id_token does not match current sub"))):t.auth_time&&t.auth_time!==e.auth_time?(i.Log.error("UserManager._validateIdTokenFromTokenRefreshToken: auth_time in id_token does not match original auth_time"),Promise.reject(new Error("auth_time in id_token does not match original auth_time"))):t.azp&&t.azp!==e.azp?(i.Log.error("UserManager._validateIdTokenFromTokenRefreshToken: azp in id_token does not match original azp"),Promise.reject(new Error("azp in id_token does not match original azp"))):!t.azp&&e.azp?(i.Log.error("UserManager._validateIdTokenFromTokenRefreshToken: azp not in id_token, but present in original id_token"),Promise.reject(new Error("azp not in id_token, but present in original id_token"))):void 0:(i.Log.error("UserManager._validateIdTokenFromTokenRefreshToken: Failed to validate id_token"),Promise.reject(new Error("Failed to validate id_token")))})})})},t.prototype._signinSilentIframe=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},t=e.redirect_uri||this.settings.silent_redirect_uri||this.settings.redirect_uri;return t?(e.redirect_uri=t,e.prompt=e.prompt||"none",this._signin(e,this._iframeNavigator,{startUrl:t,silentRequestTimeout:e.silentRequestTimeout||this.settings.silentRequestTimeout}).then(function(e){return e&&(e.profile&&e.profile.sub?i.Log.info("UserManager.signinSilent: successful, signed in sub: ",e.profile.sub):i.Log.info("UserManager.signinSilent: no sub")),e})):(i.Log.error("UserManager.signinSilent: No silent_redirect_uri configured"),Promise.reject(new Error("No silent_redirect_uri configured")))},t.prototype.signinSilentCallback=function(e){return this._signinCallback(e,this._iframeNavigator).then(function(e){return e&&(e.profile&&e.profile.sub?i.Log.info("UserManager.signinSilentCallback: successful, signed in sub: ",e.profile.sub):i.Log.info("UserManager.signinSilentCallback: no sub")),e})},t.prototype.signinCallback=function(e){var t=this;return this.readSigninResponseState(e).then(function(r){var n=r.state;return r.response,"si:r"===n.request_type?t.signinRedirectCallback(e):"si:p"===n.request_type?t.signinPopupCallback(e):"si:s"===n.request_type?t.signinSilentCallback(e):Promise.reject(new Error("invalid response_type in state"))})},t.prototype.signoutCallback=function(e,t){var r=this;return this.readSignoutResponseState(e).then(function(n){var i=n.state,o=n.response;return i?"so:r"===i.request_type?r.signoutRedirectCallback(e):"so:p"===i.request_type?r.signoutPopupCallback(e,t):Promise.reject(new Error("invalid response_type in state")):o})},t.prototype.querySessionStatus=function(){var e=this,t=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(t=Object.assign({},t)).request_type="si:s";var r=t.redirect_uri||this.settings.silent_redirect_uri||this.settings.redirect_uri;return r?(t.redirect_uri=r,t.prompt="none",t.response_type=t.response_type||this.settings.query_status_response_type,t.scope=t.scope||"openid",t.skipUserInfo=!0,this._signinStart(t,this._iframeNavigator,{startUrl:r,silentRequestTimeout:t.silentRequestTimeout||this.settings.silentRequestTimeout}).then(function(t){return e.processSigninResponse(t.url).then(function(e){if(i.Log.debug("UserManager.querySessionStatus: got signin response"),e.session_state&&e.profile.sub)return i.Log.info("UserManager.querySessionStatus: querySessionStatus success for sub: ",e.profile.sub),{session_state:e.session_state,sub:e.profile.sub,sid:e.profile.sid};i.Log.info("querySessionStatus successful, user not authenticated")}).catch(function(t){if(t.session_state&&e.settings.monitorAnonymousSession&&("login_required"==t.message||"consent_required"==t.message||"interaction_required"==t.message||"account_selection_required"==t.message))return i.Log.info("UserManager.querySessionStatus: querySessionStatus success for anonymous user"),{session_state:t.session_state};throw t})})):(i.Log.error("UserManager.querySessionStatus: No silent_redirect_uri configured"),Promise.reject(new Error("No silent_redirect_uri configured")))},t.prototype._signin=function(e,t){var r=this,n=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};return this._signinStart(e,t,n).then(function(t){return r._signinEnd(t.url,e)})},t.prototype._signinStart=function(e,t){var r=this,n=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};return t.prepare(n).then(function(t){return i.Log.debug("UserManager._signinStart: got navigator window handle"),r.createSigninRequest(e).then(function(e){return i.Log.debug("UserManager._signinStart: got signin request"),n.url=e.url,n.id=e.state.id,t.navigate(n)}).catch(function(e){throw t.close&&(i.Log.debug("UserManager._signinStart: Error after preparing navigator, closing navigator window"),t.close()),e})})},t.prototype._signinEnd=function(e){var t=this,r=arguments.length>1&&void 0!==arguments[1]?arguments[1]:{};return this.processSigninResponse(e).then(function(e){i.Log.debug("UserManager._signinEnd: got signin response");var n=new a.User(e);if(r.current_sub){if(r.current_sub!==n.profile.sub)return i.Log.debug("UserManager._signinEnd: current user does not match user returned from signin. sub from signin: ",n.profile.sub),Promise.reject(new Error("login_required"));i.Log.debug("UserManager._signinEnd: current user matches user returned from signin")}return t.storeUser(n).then(function(){return i.Log.debug("UserManager._signinEnd: user stored"),t._events.load(n),n})})},t.prototype._signinCallback=function(e,t){i.Log.debug("UserManager._signinCallback");var r="query"===this._settings.response_mode||!this._settings.response_mode&&l.SigninRequest.isCode(this._settings.response_type)?"?":"#";return t.callback(e,void 0,r)},t.prototype.signoutRedirect=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(e=Object.assign({},e)).request_type="so:r";var t=e.post_logout_redirect_uri||this.settings.post_logout_redirect_uri;t&&(e.post_logout_redirect_uri=t);var r={useReplaceToNavigate:e.useReplaceToNavigate};return this._signoutStart(e,this._redirectNavigator,r).then(function(){i.Log.info("UserManager.signoutRedirect: successful")})},t.prototype.signoutRedirectCallback=function(e){return this._signoutEnd(e||this._redirectNavigator.url).then(function(e){return i.Log.info("UserManager.signoutRedirectCallback: successful"),e})},t.prototype.signoutPopup=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{};(e=Object.assign({},e)).request_type="so:p";var t=e.post_logout_redirect_uri||this.settings.popup_post_logout_redirect_uri||this.settings.post_logout_redirect_uri;return e.post_logout_redirect_uri=t,e.display="popup",e.post_logout_redirect_uri&&(e.state=e.state||{}),this._signout(e,this._popupNavigator,{startUrl:t,popupWindowFeatures:e.popupWindowFeatures||this.settings.popupWindowFeatures,popupWindowTarget:e.popupWindowTarget||this.settings.popupWindowTarget}).then(function(){i.Log.info("UserManager.signoutPopup: successful")})},t.prototype.signoutPopupCallback=function(e,t){return void 0===t&&"boolean"==typeof e&&(t=e,e=null),this._popupNavigator.callback(e,t,"?").then(function(){i.Log.info("UserManager.signoutPopupCallback: successful")})},t.prototype._signout=function(e,t){var r=this,n=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};return this._signoutStart(e,t,n).then(function(e){return r._signoutEnd(e.url)})},t.prototype._signoutStart=function(){var e=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},t=this,r=arguments.length>2&&void 0!==arguments[2]?arguments[2]:{};return arguments[1].prepare(r).then(function(n){return i.Log.debug("UserManager._signoutStart: got navigator window handle"),t._loadUser().then(function(o){return i.Log.debug("UserManager._signoutStart: loaded current user from storage"),(t._settings.revokeAccessTokenOnSignout?t._revokeInternal(o):Promise.resolve()).then(function(){var s=e.id_token_hint||o&&o.id_token;return s&&(i.Log.debug("UserManager._signoutStart: Setting id_token into signout request"),e.id_token_hint=s),t.removeUser().then(function(){return i.Log.debug("UserManager._signoutStart: user removed, creating signout request"),t.createSignoutRequest(e).then(function(e){return i.Log.debug("UserManager._signoutStart: got signout request"),r.url=e.url,e.state&&(r.id=e.state.id),n.navigate(r)})})})}).catch(function(e){throw n.close&&(i.Log.debug("UserManager._signoutStart: Error after preparing navigator, closing navigator window"),n.close()),e})})},t.prototype._signoutEnd=function(e){return this.processSignoutResponse(e).then(function(e){return i.Log.debug("UserManager._signoutEnd: got signout response"),e})},t.prototype.revokeAccessToken=function(){var e=this;return this._loadUser().then(function(t){return e._revokeInternal(t,!0).then(function(r){if(r)return i.Log.debug("UserManager.revokeAccessToken: removing token properties from user and re-storing"),t.access_token=null,t.refresh_token=null,t.expires_at=null,t.token_type=null,e.storeUser(t).then(function(){i.Log.debug("UserManager.revokeAccessToken: user stored"),e._events.load(t)})})}).then(function(){i.Log.info("UserManager.revokeAccessToken: access token revoked successfully")})},t.prototype._revokeInternal=function(e,t){var r=this;if(e){var n=e.access_token,o=e.refresh_token;return this._revokeAccessTokenInternal(n,t).then(function(e){return r._revokeRefreshTokenInternal(o,t).then(function(t){return e||t||i.Log.debug("UserManager.revokeAccessToken: no need to revoke due to no token(s), or JWT format"),e||t})})}return Promise.resolve(!1)},t.prototype._revokeAccessTokenInternal=function(e,t){return!e||e.indexOf(".")>=0?Promise.resolve(!1):this._tokenRevocationClient.revoke(e,t).then(function(){return!0})},t.prototype._revokeRefreshTokenInternal=function(e,t){return e?this._tokenRevocationClient.revoke(e,t,"refresh_token").then(function(){return!0}):Promise.resolve(!1)},t.prototype.startSilentRenew=function(){this._silentRenewService.start()},t.prototype.stopSilentRenew=function(){this._silentRenewService.stop()},t.prototype._loadUser=function(){return this._userStore.get(this._userStoreKey).then(function(e){return e?(i.Log.debug("UserManager._loadUser: user storageString loaded"),a.User.fromStorageString(e)):(i.Log.debug("UserManager._loadUser: no user storageString"),null)})},t.prototype.storeUser=function(e){if(e){i.Log.debug("UserManager.storeUser: storing user");var t=e.toStorageString();return this._userStore.set(this._userStoreKey,t)}return i.Log.debug("storeUser.storeUser: removing user"),this._userStore.remove(this._userStoreKey)},n(t,[{key:"_redirectNavigator",get:function(){return this.settings.redirectNavigator}},{key:"_popupNavigator",get:function(){return this.settings.popupNavigator}},{key:"_iframeNavigator",get:function(){return this.settings.iframeNavigator}},{key:"_userStore",get:function(){return this.settings.userStore}},{key:"events",get:function(){return this._events}},{key:"_userStoreKey",get:function(){return"user:"+this.settings.authority+":"+this.settings.client_id}}]),t}(o.OidcClient)},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.UserManagerSettings=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=(r(0),r(5)),o=r(40),s=r(41),a=r(43),u=r(6),c=r(1),h=r(8);t.UserManagerSettings=function(e){function t(){var r=arguments.length>0&&void 0!==arguments[0]?arguments[0]:{},n=r.popup_redirect_uri,i=r.popup_post_logout_redirect_uri,l=r.popupWindowFeatures,d=r.popupWindowTarget,f=r.silent_redirect_uri,p=r.silentRequestTimeout,g=r.automaticSilentRenew,y=void 0!==g&&g,v=r.validateSubOnSilentRenew,m=void 0!==v&&v,w=r.includeIdTokenInSilentRenew,_=void 0===w||w,S=r.monitorSession,b=void 0===S||S,E=r.monitorAnonymousSession,F=void 0!==E&&E,x=r.checkSessionInterval,A=void 0===x?2e3:x,k=r.stopCheckSessionOnError,P=void 0===k||k,T=r.query_status_response_type,I=r.revokeAccessTokenOnSignout,C=void 0!==I&&I,R=r.accessTokenExpiringNotificationTime,U=void 0===R?60:R,L=r.redirectNavigator,D=void 0===L?new o.RedirectNavigator:L,N=r.popupNavigator,O=void 0===N?new s.PopupNavigator:N,H=r.iframeNavigator,j=void 0===H?new a.IFrameNavigator:H,M=r.userStore,B=void 0===M?new u.WebStorageStateStore({store:c.Global.sessionStorage}):M;!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,t);var K=function(e,t){if(!e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return!t||"object"!=typeof t&&"function"!=typeof t?e:t}(this,e.call(this,arguments[0]));return K._popup_redirect_uri=n,K._popup_post_logout_redirect_uri=i,K._popupWindowFeatures=l,K._popupWindowTarget=d,K._silent_redirect_uri=f,K._silentRequestTimeout=p,K._automaticSilentRenew=y,K._validateSubOnSilentRenew=m,K._includeIdTokenInSilentRenew=_,K._accessTokenExpiringNotificationTime=U,K._monitorSession=b,K._monitorAnonymousSession=F,K._checkSessionInterval=A,K._stopCheckSessionOnError=P,T?K._query_status_response_type=T:arguments[0]&&arguments[0].response_type?K._query_status_response_type=h.SigninRequest.isOidc(arguments[0].response_type)?"id_token":"code":K._query_status_response_type="id_token",K._revokeAccessTokenOnSignout=C,K._redirectNavigator=D,K._popupNavigator=O,K._iframeNavigator=j,K._userStore=B,K}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function, not "+typeof t);e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}),t&&(Object.setPrototypeOf?Object.setPrototypeOf(e,t):e.__proto__=t)}(t,e),n(t,[{key:"popup_redirect_uri",get:function(){return this._popup_redirect_uri}},{key:"popup_post_logout_redirect_uri",get:function(){return this._popup_post_logout_redirect_uri}},{key:"popupWindowFeatures",get:function(){return this._popupWindowFeatures}},{key:"popupWindowTarget",get:function(){return this._popupWindowTarget}},{key:"silent_redirect_uri",get:function(){return this._silent_redirect_uri}},{key:"silentRequestTimeout",get:function(){return this._silentRequestTimeout}},{key:"automaticSilentRenew",get:function(){return this._automaticSilentRenew}},{key:"validateSubOnSilentRenew",get:function(){return this._validateSubOnSilentRenew}},{key:"includeIdTokenInSilentRenew",get:function(){return this._includeIdTokenInSilentRenew}},{key:"accessTokenExpiringNotificationTime",get:function(){return this._accessTokenExpiringNotificationTime}},{key:"monitorSession",get:function(){return this._monitorSession}},{key:"monitorAnonymousSession",get:function(){return this._monitorAnonymousSession}},{key:"checkSessionInterval",get:function(){return this._checkSessionInterval}},{key:"stopCheckSessionOnError",get:function(){return this._stopCheckSessionOnError}},{key:"query_status_response_type",get:function(){return this._query_status_response_type}},{key:"revokeAccessTokenOnSignout",get:function(){return this._revokeAccessTokenOnSignout}},{key:"redirectNavigator",get:function(){return this._redirectNavigator}},{key:"popupNavigator",get:function(){return this._popupNavigator}},{key:"iframeNavigator",get:function(){return this._iframeNavigator}},{key:"userStore",get:function(){return this._userStore}}]),t}(i.OidcClientSettings)},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.RedirectNavigator=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0);t.RedirectNavigator=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.prepare=function(){return Promise.resolve(this)},e.prototype.navigate=function(e){return e&&e.url?(e.useReplaceToNavigate?window.location.replace(e.url):window.location=e.url,Promise.resolve()):(i.Log.error("RedirectNavigator.navigate: No url provided"),Promise.reject(new Error("No url provided")))},n(e,[{key:"url",get:function(){return window.location.href}}]),e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.PopupNavigator=void 0;var n=r(0),i=r(42);t.PopupNavigator=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.prepare=function(e){var t=new i.PopupWindow(e);return Promise.resolve(t)},e.prototype.callback=function e(t,r,o){n.Log.debug("PopupNavigator.callback");try{return i.PopupWindow.notifyOpener(t,r,o),Promise.resolve()}catch(e){return Promise.reject(e)}},e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.PopupWindow=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0),o=r(3);t.PopupWindow=function(){function e(t){var r=this;!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this._promise=new Promise(function(e,t){r._resolve=e,r._reject=t});var n=t.popupWindowTarget||"_blank",o=t.popupWindowFeatures||"location=no,toolbar=no,width=500,height=500,left=100,top=100;";this._popup=window.open("",n,o),this._popup&&(i.Log.debug("PopupWindow.ctor: popup successfully created"),this._checkForPopupClosedTimer=window.setInterval(this._checkForPopupClosed.bind(this),500))}return e.prototype.navigate=function(e){return this._popup?e&&e.url?(i.Log.debug("PopupWindow.navigate: Setting URL in popup"),this._id=e.id,this._id&&(window["popupCallback_"+e.id]=this._callback.bind(this)),this._popup.focus(),this._popup.window.location=e.url):(this._error("PopupWindow.navigate: no url provided"),this._error("No url provided")):this._error("PopupWindow.navigate: Error opening popup window"),this.promise},e.prototype._success=function(e){i.Log.debug("PopupWindow.callback: Successful response from popup window"),this._cleanup(),this._resolve(e)},e.prototype._error=function(e){i.Log.error("PopupWindow.error: ",e),this._cleanup(),this._reject(new Error(e))},e.prototype.close=function(){this._cleanup(!1)},e.prototype._cleanup=function(e){i.Log.debug("PopupWindow.cleanup"),window.clearInterval(this._checkForPopupClosedTimer),this._checkForPopupClosedTimer=null,delete window["popupCallback_"+this._id],this._popup&&!e&&this._popup.close(),this._popup=null},e.prototype._checkForPopupClosed=function(){this._popup&&!this._popup.closed||this._error("Popup window closed")},e.prototype._callback=function(e,t){this._cleanup(t),e?(i.Log.debug("PopupWindow.callback success"),this._success({url:e})):(i.Log.debug("PopupWindow.callback: Invalid response from popup"),this._error("Invalid response from popup"))},e.notifyOpener=function(e,t,r){if(window.opener){if(e=e||window.location.href){var n=o.UrlUtility.parseUrlFragment(e,r);if(n.state){var s="popupCallback_"+n.state,a=window.opener[s];a?(i.Log.debug("PopupWindow.notifyOpener: passing url message to opener"),a(e,t)):i.Log.warn("PopupWindow.notifyOpener: no matching callback found on opener")}else i.Log.warn("PopupWindow.notifyOpener: no state found in response url")}}else i.Log.warn("PopupWindow.notifyOpener: no window.opener. Can't complete notification.")},n(e,[{key:"promise",get:function(){return this._promise}}]),e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.IFrameNavigator=void 0;var n=r(0),i=r(44);t.IFrameNavigator=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.prepare=function(e){var t=new i.IFrameWindow(e);return Promise.resolve(t)},e.prototype.callback=function e(t){n.Log.debug("IFrameNavigator.callback");try{return i.IFrameWindow.notifyParent(t),Promise.resolve()}catch(e){return Promise.reject(e)}},e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.IFrameWindow=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0);t.IFrameWindow=function(){function e(t){var r=this;!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this._promise=new Promise(function(e,t){r._resolve=e,r._reject=t}),this._boundMessageEvent=this._message.bind(this),window.addEventListener("message",this._boundMessageEvent,!1),this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="absolute",this._frame.width=0,this._frame.height=0,window.document.body.appendChild(this._frame)}return e.prototype.navigate=function(e){if(e&&e.url){var t=e.silentRequestTimeout||1e4;i.Log.debug("IFrameWindow.navigate: Using timeout of:",t),this._timer=window.setTimeout(this._timeout.bind(this),t),this._frame.src=e.url}else this._error("No url provided");return this.promise},e.prototype._success=function(e){this._cleanup(),i.Log.debug("IFrameWindow: Successful response from frame window"),this._resolve(e)},e.prototype._error=function(e){this._cleanup(),i.Log.error(e),this._reject(new Error(e))},e.prototype.close=function(){this._cleanup()},e.prototype._cleanup=function(){this._frame&&(i.Log.debug("IFrameWindow: cleanup"),window.removeEventListener("message",this._boundMessageEvent,!1),window.clearTimeout(this._timer),window.document.body.removeChild(this._frame),this._timer=null,this._frame=null,this._boundMessageEvent=null)},e.prototype._timeout=function(){i.Log.debug("IFrameWindow.timeout"),this._error("Frame window timed out")},e.prototype._message=function(e){if(i.Log.debug("IFrameWindow.message"),this._timer&&e.origin===this._origin&&e.source===this._frame.contentWindow&&"string"==typeof e.data&&(e.data.startsWith("http://")||e.data.startsWith("https://"))){var t=e.data;t?this._success({url:t}):this._error("Invalid response from frame")}},e.notifyParent=function(e){i.Log.debug("IFrameWindow.notifyParent"),(e=e||window.location.href)&&(i.Log.debug("IFrameWindow.notifyParent: posting url message to parent"),window.parent.postMessage(e,location.protocol+"//"+location.host))},n(e,[{key:"promise",get:function(){return this._promise}},{key:"_origin",get:function(){return location.protocol+"//"+location.host}}]),e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.UserManagerEvents=void 0;var n=r(0),i=r(16),o=r(17);t.UserManagerEvents=function(e){function t(r){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,t);var n=function(e,t){if(!e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return!t||"object"!=typeof t&&"function"!=typeof t?e:t}(this,e.call(this,r));return n._userLoaded=new o.Event("User loaded"),n._userUnloaded=new o.Event("User unloaded"),n._silentRenewError=new o.Event("Silent renew error"),n._userSignedIn=new o.Event("User signed in"),n._userSignedOut=new o.Event("User signed out"),n._userSessionChanged=new o.Event("User session changed"),n}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function, not "+typeof t);e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}),t&&(Object.setPrototypeOf?Object.setPrototypeOf(e,t):e.__proto__=t)}(t,e),t.prototype.load=function(t){var r=!(arguments.length>1&&void 0!==arguments[1])||arguments[1];n.Log.debug("UserManagerEvents.load"),e.prototype.load.call(this,t),r&&this._userLoaded.raise(t)},t.prototype.unload=function(){n.Log.debug("UserManagerEvents.unload"),e.prototype.unload.call(this),this._userUnloaded.raise()},t.prototype.addUserLoaded=function(e){this._userLoaded.addHandler(e)},t.prototype.removeUserLoaded=function(e){this._userLoaded.removeHandler(e)},t.prototype.addUserUnloaded=function(e){this._userUnloaded.addHandler(e)},t.prototype.removeUserUnloaded=function(e){this._userUnloaded.removeHandler(e)},t.prototype.addSilentRenewError=function(e){this._silentRenewError.addHandler(e)},t.prototype.removeSilentRenewError=function(e){this._silentRenewError.removeHandler(e)},t.prototype._raiseSilentRenewError=function(e){n.Log.debug("UserManagerEvents._raiseSilentRenewError",e.message),this._silentRenewError.raise(e)},t.prototype.addUserSignedIn=function(e){this._userSignedIn.addHandler(e)},t.prototype.removeUserSignedIn=function(e){this._userSignedIn.removeHandler(e)},t.prototype._raiseUserSignedIn=function(){n.Log.debug("UserManagerEvents._raiseUserSignedIn"),this._userSignedIn.raise()},t.prototype.addUserSignedOut=function(e){this._userSignedOut.addHandler(e)},t.prototype.removeUserSignedOut=function(e){this._userSignedOut.removeHandler(e)},t.prototype._raiseUserSignedOut=function(){n.Log.debug("UserManagerEvents._raiseUserSignedOut"),this._userSignedOut.raise()},t.prototype.addUserSessionChanged=function(e){this._userSessionChanged.addHandler(e)},t.prototype.removeUserSessionChanged=function(e){this._userSessionChanged.removeHandler(e)},t.prototype._raiseUserSessionChanged=function(){n.Log.debug("UserManagerEvents._raiseUserSessionChanged"),this._userSessionChanged.raise()},t}(i.AccessTokenEvents)},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.Timer=void 0;var n=function(){function e(e,t){for(var r=0;r<t.length;r++){var n=t[r];n.enumerable=n.enumerable||!1,n.configurable=!0,"value"in n&&(n.writable=!0),Object.defineProperty(e,n.key,n)}}return function(t,r,n){return r&&e(t.prototype,r),n&&e(t,n),t}}(),i=r(0),o=r(1),s=r(17);t.Timer=function(e){function t(r){var n=arguments.length>1&&void 0!==arguments[1]?arguments[1]:o.Global.timer,i=arguments.length>2&&void 0!==arguments[2]?arguments[2]:void 0;!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,t);var s=function(e,t){if(!e)throw new ReferenceError("this hasn't been initialised - super() hasn't been called");return!t||"object"!=typeof t&&"function"!=typeof t?e:t}(this,e.call(this,r));return s._timer=n,s._nowFunc=i||function(){return Date.now()/1e3},s}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Super expression must either be null or a function, not "+typeof t);e.prototype=Object.create(t&&t.prototype,{constructor:{value:e,enumerable:!1,writable:!0,configurable:!0}}),t&&(Object.setPrototypeOf?Object.setPrototypeOf(e,t):e.__proto__=t)}(t,e),t.prototype.init=function(e){e<=0&&(e=1),e=parseInt(e);var t=this.now+e;if(this.expiration===t&&this._timerHandle)i.Log.debug("Timer.init timer "+this._name+" skipping initialization since already initialized for expiration:",this.expiration);else{this.cancel(),i.Log.debug("Timer.init timer "+this._name+" for duration:",e),this._expiration=t;var r=5;e<r&&(r=e),this._timerHandle=this._timer.setInterval(this._callback.bind(this),1e3*r)}},t.prototype.cancel=function(){this._timerHandle&&(i.Log.debug("Timer.cancel: ",this._name),this._timer.clearInterval(this._timerHandle),this._timerHandle=null)},t.prototype._callback=function(){var t=this._expiration-this.now;i.Log.debug("Timer.callback; "+this._name+" timer expires in:",t),this._expiration<=this.now&&(this.cancel(),e.prototype.raise.call(this))},n(t,[{key:"now",get:function(){return parseInt(this._nowFunc())}},{key:"expiration",get:function(){return this._expiration}}]),t}(s.Event)},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.SilentRenewService=void 0;var n=r(0);t.SilentRenewService=function(){function e(t){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e),this._userManager=t}return e.prototype.start=function(){this._callback||(this._callback=this._tokenExpiring.bind(this),this._userManager.events.addAccessTokenExpiring(this._callback),this._userManager.getUser().then(function(e){}).catch(function(e){n.Log.error("SilentRenewService.start: Error from getUser:",e.message)}))},e.prototype.stop=function(){this._callback&&(this._userManager.events.removeAccessTokenExpiring(this._callback),delete this._callback)},e.prototype._tokenExpiring=function(){var e=this;this._userManager.signinSilent().then(function(e){n.Log.debug("SilentRenewService._tokenExpiring: Silent token renewal successful")},function(t){n.Log.error("SilentRenewService._tokenExpiring: Error from signinSilent:",t.message),e._userManager.events._raiseSilentRenewError(t)})},e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.CordovaPopupNavigator=void 0;var n=r(21);t.CordovaPopupNavigator=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.prepare=function(e){var t=new n.CordovaPopupWindow(e);return Promise.resolve(t)},e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.CordovaIFrameNavigator=void 0;var n=r(21);t.CordovaIFrameNavigator=function(){function e(){!function(e,t){if(!(e instanceof t))throw new TypeError("Cannot call a class as a function")}(this,e)}return e.prototype.prepare=function(e){e.popupWindowFeatures="hidden=yes";var t=new n.CordovaPopupWindow(e);return Promise.resolve(t)},e}()},function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.Version="1.11.6"}])},e.exports=t()}},r={};function n(e){var i=r[e];if(void 0!==i)return i.exports;var o=r[e]={exports:{}};return t[e].call(o.exports,o,o.exports,n),o.exports}n.n=e=>{var t=e&&e.__esModule?()=>e.default:()=>e;return n.d(t,{a:t}),t},n.d=(e,t)=>{for(var r in t)n.o(t,r)&&!n.o(e,r)&&Object.defineProperty(e,r,{enumerable:!0,get:t[r]})},n.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t),n.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})};var i={};return(()=>{"use strict";function e(...e){console.log(...e)}function t(...e){console.warn(...e)}n.r(i),n.d(i,{ACL_LINK:()=>Zt,CrossOriginForbiddenError:()=>lr,FetchError:()=>yr,NotEditableError:()=>pr,NotFoundError:()=>fr,SameOriginForbiddenError:()=>dr,UnauthorizedError:()=>hr,WebOperationError:()=>gr,appContext:()=>tr,authSession:()=>Er,authn:()=>br,createTypeIndexLogic:()=>mr,getSuggestedIssuers:()=>Sr,offlineTestID:()=>rr,solidLogicSingleton:()=>wr,store:()=>Fr});const r=new TextEncoder,o=new TextDecoder;function s(...e){const t=e.reduce((e,{length:t})=>e+t,0),r=new Uint8Array(t);let n=0;for(const t of e)r.set(t,n),n+=t.length;return r}const a=e=>(e=>{let t=e;"string"==typeof t&&(t=r.encode(t));const n=[];for(let e=0;e<t.length;e+=32768)n.push(String.fromCharCode.apply(null,t.subarray(e,e+32768)));return btoa(n.join(""))})(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_"),u=e=>{let t=e;t instanceof Uint8Array&&(t=o.decode(t)),t=t.replace(/-/g,"+").replace(/_/g,"/").replace(/\s/g,"");try{return(e=>{const t=atob(e),r=new Uint8Array(t.length);for(let e=0;e<t.length;e++)r[e]=t.charCodeAt(e);return r})(t)}catch{throw new TypeError("The input to be decoded is not correctly encoded.")}};class c extends Error{constructor(e,t){super(e,t),this.code="ERR_JOSE_GENERIC",this.name=this.constructor.name,Error.captureStackTrace?.(this,this.constructor)}}c.code="ERR_JOSE_GENERIC";class h extends c{constructor(e,t,r="unspecified",n="unspecified"){super(e,{cause:{claim:r,reason:n,payload:t}}),this.code="ERR_JWT_CLAIM_VALIDATION_FAILED",this.claim=r,this.reason=n,this.payload=t}}h.code="ERR_JWT_CLAIM_VALIDATION_FAILED";class l extends c{constructor(e,t,r="unspecified",n="unspecified"){super(e,{cause:{claim:r,reason:n,payload:t}}),this.code="ERR_JWT_EXPIRED",this.claim=r,this.reason=n,this.payload=t}}l.code="ERR_JWT_EXPIRED";class d extends c{constructor(){super(...arguments),this.code="ERR_JOSE_ALG_NOT_ALLOWED"}}d.code="ERR_JOSE_ALG_NOT_ALLOWED";class f extends c{constructor(){super(...arguments),this.code="ERR_JOSE_NOT_SUPPORTED"}}f.code="ERR_JOSE_NOT_SUPPORTED";(class extends c{constructor(e="decryption operation failed",t){super(e,t),this.code="ERR_JWE_DECRYPTION_FAILED"}}).code="ERR_JWE_DECRYPTION_FAILED";(class extends c{constructor(){super(...arguments),this.code="ERR_JWE_INVALID"}}).code="ERR_JWE_INVALID";class p extends c{constructor(){super(...arguments),this.code="ERR_JWS_INVALID"}}p.code="ERR_JWS_INVALID";class g extends c{constructor(){super(...arguments),this.code="ERR_JWT_INVALID"}}g.code="ERR_JWT_INVALID";(class extends c{constructor(){super(...arguments),this.code="ERR_JWK_INVALID"}}).code="ERR_JWK_INVALID";class y extends c{constructor(){super(...arguments),this.code="ERR_JWKS_INVALID"}}y.code="ERR_JWKS_INVALID";class v extends c{constructor(e="no applicable key found in the JSON Web Key Set",t){super(e,t),this.code="ERR_JWKS_NO_MATCHING_KEY"}}v.code="ERR_JWKS_NO_MATCHING_KEY";class m extends c{constructor(e="multiple matching keys found in the JSON Web Key Set",t){super(e,t),this.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS"}}Symbol.asyncIterator,m.code="ERR_JWKS_MULTIPLE_MATCHING_KEYS";class w extends c{constructor(e="request timed out",t){super(e,t),this.code="ERR_JWKS_TIMEOUT"}}w.code="ERR_JWKS_TIMEOUT";class _ extends c{constructor(e="signature verification failed",t){super(e,t),this.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED"}}function S(e,t){const r=`SHA-${e.slice(-3)}`;switch(e){case"HS256":case"HS384":case"HS512":return{hash:r,name:"HMAC"};case"PS256":case"PS384":case"PS512":return{hash:r,name:"RSA-PSS",saltLength:e.slice(-3)>>3};case"RS256":case"RS384":case"RS512":return{hash:r,name:"RSASSA-PKCS1-v1_5"};case"ES256":case"ES384":case"ES512":return{hash:r,name:"ECDSA",namedCurve:t.namedCurve};case"Ed25519":return{name:"Ed25519"};case"EdDSA":return{name:t.name};default:throw new f(`alg ${e} is not supported either by JOSE or your javascript runtime`)}}_.code="ERR_JWS_SIGNATURE_VERIFICATION_FAILED";const b=crypto,E=e=>e instanceof CryptoKey,F=(e,t)=>{if(e.startsWith("RS")||e.startsWith("PS")){const{modulusLength:r}=t.algorithm;if("number"!=typeof r||r<2048)throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`)}};function x(e,t="algorithm.name"){return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`)}function A(e,t){return e.name===t}function k(e){return parseInt(e.name.slice(4),10)}function P(e,t){if(t.length&&!t.some(t=>e.usages.includes(t))){let e="CryptoKey does not support this operation, its usages must include ";if(t.length>2){const r=t.pop();e+=`one of ${t.join(", ")}, or ${r}.`}else 2===t.length?e+=`one of ${t[0]} or ${t[1]}.`:e+=`${t[0]}.`;throw new TypeError(e)}}function T(e,t,...r){switch(t){case"HS256":case"HS384":case"HS512":{if(!A(e.algorithm,"HMAC"))throw x("HMAC");const r=parseInt(t.slice(2),10);if(k(e.algorithm.hash)!==r)throw x(`SHA-${r}`,"algorithm.hash");break}case"RS256":case"RS384":case"RS512":{if(!A(e.algorithm,"RSASSA-PKCS1-v1_5"))throw x("RSASSA-PKCS1-v1_5");const r=parseInt(t.slice(2),10);if(k(e.algorithm.hash)!==r)throw x(`SHA-${r}`,"algorithm.hash");break}case"PS256":case"PS384":case"PS512":{if(!A(e.algorithm,"RSA-PSS"))throw x("RSA-PSS");const r=parseInt(t.slice(2),10);if(k(e.algorithm.hash)!==r)throw x(`SHA-${r}`,"algorithm.hash");break}case"EdDSA":if("Ed25519"!==e.algorithm.name&&"Ed448"!==e.algorithm.name)throw x("Ed25519 or Ed448");break;case"Ed25519":if(!A(e.algorithm,"Ed25519"))throw x("Ed25519");break;case"ES256":case"ES384":case"ES512":{if(!A(e.algorithm,"ECDSA"))throw x("ECDSA");const r=function(e){switch(e){case"ES256":return"P-256";case"ES384":return"P-384";case"ES512":return"P-521";default:throw new Error("unreachable")}}(t);if(e.algorithm.namedCurve!==r)throw x(r,"algorithm.namedCurve");break}default:throw new TypeError("CryptoKey does not support this operation")}P(e,r)}function I(e,t,...r){if((r=r.filter(Boolean)).length>2){const t=r.pop();e+=`one of type ${r.join(", ")}, or ${t}.`}else 2===r.length?e+=`one of type ${r[0]} or ${r[1]}.`:e+=`of type ${r[0]}.`;return null==t?e+=` Received ${t}`:"function"==typeof t&&t.name?e+=` Received function ${t.name}`:"object"==typeof t&&null!=t&&t.constructor?.name&&(e+=` Received an instance of ${t.constructor.name}`),e}const C=(e,...t)=>I("Key must be ",e,...t);function R(e,t,...r){return I(`Key for the ${e} algorithm must be `,t,...r)}const U=e=>!!E(e)||"KeyObject"===e?.[Symbol.toStringTag],L=["CryptoKey"];function D(e){if("object"!=typeof(t=e)||null===t||"[object Object]"!==Object.prototype.toString.call(e))return!1;var t;if(null===Object.getPrototypeOf(e))return!0;let r=e;for(;null!==Object.getPrototypeOf(r);)r=Object.getPrototypeOf(r);return Object.getPrototypeOf(e)===r}function N(e){return D(e)&&"string"==typeof e.kty}const O=async e=>{if(!e.alg)throw new TypeError('"alg" argument is required when "jwk.alg" is not present');const{algorithm:t,keyUsages:r}=function(e){let t,r;switch(e.kty){case"RSA":switch(e.alg){case"PS256":case"PS384":case"PS512":t={name:"RSA-PSS",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case"RS256":case"RS384":case"RS512":t={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.alg.slice(-3)}`},r=e.d?["sign"]:["verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":t={name:"RSA-OAEP",hash:`SHA-${parseInt(e.alg.slice(-3),10)||1}`},r=e.d?["decrypt","unwrapKey"]:["encrypt","wrapKey"];break;default:throw new f('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;case"EC":switch(e.alg){case"ES256":t={name:"ECDSA",namedCurve:"P-256"},r=e.d?["sign"]:["verify"];break;case"ES384":t={name:"ECDSA",namedCurve:"P-384"},r=e.d?["sign"]:["verify"];break;case"ES512":t={name:"ECDSA",namedCurve:"P-521"},r=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:"ECDH",namedCurve:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new f('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;case"OKP":switch(e.alg){case"Ed25519":t={name:"Ed25519"},r=e.d?["sign"]:["verify"];break;case"EdDSA":t={name:e.crv},r=e.d?["sign"]:["verify"];break;case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":t={name:e.crv},r=e.d?["deriveBits"]:[];break;default:throw new f('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}break;default:throw new f('Invalid or unsupported JWK "kty" (Key Type) Parameter value')}return{algorithm:t,keyUsages:r}}(e),n=[t,e.ext??!1,e.key_ops??r],i={...e};return delete i.alg,delete i.use,b.subtle.importKey("jwk",i,...n)},H=e=>u(e);let j,M;const B=e=>"KeyObject"===e?.[Symbol.toStringTag],K=async(e,t,r,n,i=!1)=>{let o=e.get(t);if(o?.[n])return o[n];const s=await O({...r,alg:n});return i&&Object.freeze(t),o?o[n]=s:e.set(t,{[n]:s}),s},V=(e,t)=>{if(B(e)){let r=e.export({format:"jwk"});return delete r.d,delete r.dp,delete r.dq,delete r.p,delete r.q,delete r.qi,r.k?H(r.k):(M||(M=new WeakMap),K(M,e,r,t))}if(N(e)){if(e.k)return u(e.k);M||(M=new WeakMap);return K(M,e,e,t,!0)}return e},q=(e,t)=>{if(B(e)){let r=e.export({format:"jwk"});return r.k?H(r.k):(j||(j=new WeakMap),K(j,e,r,t))}if(N(e)){if(e.k)return u(e.k);j||(j=new WeakMap);return K(j,e,e,t,!0)}return e};async function J(e,t,r){if("sign"===r&&(t=await q(t,e)),"verify"===r&&(t=await V(t,e)),E(t))return T(t,e,r),t;if(t instanceof Uint8Array){if(!e.startsWith("HS"))throw new TypeError(C(t,...L));return b.subtle.importKey("raw",t,{hash:`SHA-${e.slice(-3)}`,name:"HMAC"},!1,[r])}throw new TypeError(C(t,...L,"Uint8Array","JSON Web Key"))}const W=async(e,t,r,n)=>{const i=await J(e,t,"verify");F(e,i);const o=S(e,i.algorithm);try{return await b.subtle.verify(o,i,r,n)}catch{return!1}},$=(...e)=>{const t=e.filter(Boolean);if(0===t.length||1===t.length)return!0;let r;for(const e of t){const t=Object.keys(e);if(r&&0!==r.size)for(const e of t){if(r.has(e))return!1;r.add(e)}else r=new Set(t)}return!0},z=e=>e?.[Symbol.toStringTag],Y=(e,t,r)=>{if(void 0!==t.use&&"sig"!==t.use)throw new TypeError("Invalid key for this operation, when present its use must be sig");if(void 0!==t.key_ops&&!0!==t.key_ops.includes?.(r))throw new TypeError(`Invalid key for this operation, when present its key_ops must include ${r}`);if(void 0!==t.alg&&t.alg!==e)throw new TypeError(`Invalid key for this operation, when present its alg must be ${e}`);return!0},G=(e,t,r,n)=>{if(!(t instanceof Uint8Array)){if(n&&N(t)){if(function(e){return N(e)&&"oct"===e.kty&&"string"==typeof e.k}(t)&&Y(e,t,r))return;throw new TypeError('JSON Web Key for symmetric algorithms must have JWK "kty" (Key Type) equal to "oct" and the JWK "k" (Key Value) present')}if(!U(t))throw new TypeError(R(e,t,...L,"Uint8Array",n?"JSON Web Key":null));if("secret"!==t.type)throw new TypeError(`${z(t)} instances for symmetric algorithms must be of type "secret"`)}};function X(e,t,r,n){t.startsWith("HS")||"dir"===t||t.startsWith("PBES2")||/^A\d{3}(?:GCM)?KW$/.test(t)?G(t,r,n,e):((e,t,r,n)=>{if(n&&N(t))switch(r){case"sign":if(function(e){return"oct"!==e.kty&&"string"==typeof e.d}(t)&&Y(e,t,r))return;throw new TypeError("JSON Web Key for this operation be a private JWK");case"verify":if(function(e){return"oct"!==e.kty&&void 0===e.d}(t)&&Y(e,t,r))return;throw new TypeError("JSON Web Key for this operation be a public JWK")}if(!U(t))throw new TypeError(R(e,t,...L,n?"JSON Web Key":null));if("secret"===t.type)throw new TypeError(`${z(t)} instances for asymmetric algorithms must not be of type "secret"`);if("sign"===r&&"public"===t.type)throw new TypeError(`${z(t)} instances for asymmetric algorithm signing must be of type "private"`);if("decrypt"===r&&"public"===t.type)throw new TypeError(`${z(t)} instances for asymmetric algorithm decryption must be of type "private"`);if(t.algorithm&&"verify"===r&&"private"===t.type)throw new TypeError(`${z(t)} instances for asymmetric algorithm verifying must be of type "public"`);if(t.algorithm&&"encrypt"===r&&"private"===t.type)throw new TypeError(`${z(t)} instances for asymmetric algorithm encryption must be of type "public"`)})(t,r,n,e)}X.bind(void 0,!1);const Q=X.bind(void 0,!0);const Z=function(e,t,r,n,i){if(void 0!==i.crit&&void 0===n?.crit)throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');if(!n||void 0===n.crit)return new Set;if(!Array.isArray(n.crit)||0===n.crit.length||n.crit.some(e=>"string"!=typeof e||0===e.length))throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');let o;o=void 0!==r?new Map([...Object.entries(r),...t.entries()]):t;for(const t of n.crit){if(!o.has(t))throw new f(`Extension Header Parameter "${t}" is not recognized`);if(void 0===i[t])throw new e(`Extension Header Parameter "${t}" is missing`);if(o.get(t)&&void 0===n[t])throw new e(`Extension Header Parameter "${t}" MUST be integrity protected`)}return new Set(n.crit)},ee=(e,t)=>{if(void 0!==t&&(!Array.isArray(t)||t.some(e=>"string"!=typeof e)))throw new TypeError(`"${e}" option must be an array of strings`);if(t)return new Set(t)};async function te(e,t){if(!D(e))throw new TypeError("JWK must be an object");switch(t||(t=e.alg),e.kty){case"oct":if("string"!=typeof e.k||!e.k)throw new TypeError('missing "k" (Key Value) Parameter value');return u(e.k);case"RSA":if("oth"in e&&void 0!==e.oth)throw new f('RSA JWK "oth" (Other Primes Info) Parameter value is not supported');case"EC":case"OKP":return O({...e,alg:t});default:throw new f('Unsupported "kty" (Key Type) Parameter value')}}async function re(e,t,n){if(e instanceof Uint8Array&&(e=o.decode(e)),"string"!=typeof e)throw new p("Compact JWS must be a string or Uint8Array");const{0:i,1:a,2:c,length:h}=e.split(".");if(3!==h)throw new p("Invalid Compact JWS");const l=await async function(e,t,n){if(!D(e))throw new p("Flattened JWS must be an object");if(void 0===e.protected&&void 0===e.header)throw new p('Flattened JWS must have either of the "protected" or "header" members');if(void 0!==e.protected&&"string"!=typeof e.protected)throw new p("JWS Protected Header incorrect type");if(void 0===e.payload)throw new p("JWS Payload missing");if("string"!=typeof e.signature)throw new p("JWS Signature missing or incorrect type");if(void 0!==e.header&&!D(e.header))throw new p("JWS Unprotected Header incorrect type");let i={};if(e.protected)try{const t=u(e.protected);i=JSON.parse(o.decode(t))}catch{throw new p("JWS Protected Header is invalid")}if(!$(i,e.header))throw new p("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const a={...i,...e.header};let c=!0;if(Z(p,new Map([["b64",!0]]),n?.crit,i,a).has("b64")&&(c=i.b64,"boolean"!=typeof c))throw new p('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:h}=a;if("string"!=typeof h||!h)throw new p('JWS "alg" (Algorithm) Header Parameter missing or invalid');const l=n&&ee("algorithms",n.algorithms);if(l&&!l.has(h))throw new d('"alg" (Algorithm) Header Parameter value not allowed');if(c){if("string"!=typeof e.payload)throw new p("JWS Payload must be a string")}else if("string"!=typeof e.payload&&!(e.payload instanceof Uint8Array))throw new p("JWS Payload must be a string or an Uint8Array instance");let f=!1;"function"==typeof t?(t=await t(i,e),f=!0,Q(h,t,"verify"),N(t)&&(t=await te(t,h))):Q(h,t,"verify");const g=s(r.encode(e.protected??""),r.encode("."),"string"==typeof e.payload?r.encode(e.payload):e.payload);let y,v;try{y=u(e.signature)}catch{throw new p("Failed to base64url decode the signature")}if(!await W(h,t,y,g))throw new _;if(c)try{v=u(e.payload)}catch{throw new p("Failed to base64url decode the payload")}else v="string"==typeof e.payload?r.encode(e.payload):e.payload;const m={payload:v};return void 0!==e.protected&&(m.protectedHeader=i),void 0!==e.header&&(m.unprotectedHeader=e.header),f?{...m,key:t}:m}({payload:a,protected:i,signature:c},t,n),f={payload:l.payload,protectedHeader:l.protectedHeader};return"function"==typeof t?{...f,key:l.key}:f}const ne=e=>Math.floor(e.getTime()/1e3),ie=86400,oe=/^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i,se=e=>{const t=oe.exec(e);if(!t||t[4]&&t[1])throw new TypeError("Invalid time period format");const r=parseFloat(t[2]);let n;switch(t[3].toLowerCase()){case"sec":case"secs":case"second":case"seconds":case"s":n=Math.round(r);break;case"minute":case"minutes":case"min":case"mins":case"m":n=Math.round(60*r);break;case"hour":case"hours":case"hr":case"hrs":case"h":n=Math.round(3600*r);break;case"day":case"days":case"d":n=Math.round(r*ie);break;case"week":case"weeks":case"w":n=Math.round(604800*r);break;default:n=Math.round(31557600*r)}return"-"===t[1]||"ago"===t[4]?-n:n},ae=e=>e.toLowerCase().replace(/^application\//,""),ue=(e,t,r={})=>{let n;try{n=JSON.parse(o.decode(t))}catch{}if(!D(n))throw new g("JWT Claims Set must be a top-level JSON object");const{typ:i}=r;if(i&&("string"!=typeof e.typ||ae(e.typ)!==ae(i)))throw new h('unexpected "typ" JWT header value',n,"typ","check_failed");const{requiredClaims:s=[],issuer:a,subject:u,audience:c,maxTokenAge:d}=r,f=[...s];void 0!==d&&f.push("iat"),void 0!==c&&f.push("aud"),void 0!==u&&f.push("sub"),void 0!==a&&f.push("iss");for(const e of new Set(f.reverse()))if(!(e in n))throw new h(`missing required "${e}" claim`,n,e,"missing");if(a&&!(Array.isArray(a)?a:[a]).includes(n.iss))throw new h('unexpected "iss" claim value',n,"iss","check_failed");if(u&&n.sub!==u)throw new h('unexpected "sub" claim value',n,"sub","check_failed");if(c&&(p=n.aud,y="string"==typeof c?[c]:c,!("string"==typeof p?y.includes(p):Array.isArray(p)&&y.some(Set.prototype.has.bind(new Set(p))))))throw new h('unexpected "aud" claim value',n,"aud","check_failed");var p,y;let v;switch(typeof r.clockTolerance){case"string":v=se(r.clockTolerance);break;case"number":v=r.clockTolerance;break;case"undefined":v=0;break;default:throw new TypeError("Invalid clockTolerance option type")}const{currentDate:m}=r,w=ne(m||new Date);if((void 0!==n.iat||d)&&"number"!=typeof n.iat)throw new h('"iat" claim must be a number',n,"iat","invalid");if(void 0!==n.nbf){if("number"!=typeof n.nbf)throw new h('"nbf" claim must be a number',n,"nbf","invalid");if(n.nbf>w+v)throw new h('"nbf" claim timestamp check failed',n,"nbf","check_failed")}if(void 0!==n.exp){if("number"!=typeof n.exp)throw new h('"exp" claim must be a number',n,"exp","invalid");if(n.exp<=w-v)throw new l('"exp" claim timestamp check failed',n,"exp","check_failed")}if(d){const e=w-n.iat;if(e-v>("number"==typeof d?d:se(d)))throw new l('"iat" claim timestamp check failed (too far in the past)',n,"iat","check_failed");if(e<0-v)throw new h('"iat" claim timestamp check failed (it should be in the past)',n,"iat","check_failed")}return n};const ce=async(e,t,r)=>{let n,i,o=!1;"function"==typeof AbortController&&(n=new AbortController,i=setTimeout(()=>{o=!0,n.abort()},t));const s=await fetch(e.href,{signal:n?n.signal:void 0,redirect:"manual",headers:r.headers}).catch(e=>{if(o)throw new w;throw e});if(void 0!==i&&clearTimeout(i),200!==s.status)throw new c("Expected 200 OK from the JSON Web Key Set HTTP response");try{return await s.json()}catch{throw new c("Failed to parse the JSON Web Key Set HTTP response as JSON")}};function he(e){return D(e)}function le(e){return"function"==typeof structuredClone?structuredClone(e):JSON.parse(JSON.stringify(e))}class de{constructor(e){if(this._cached=new WeakMap,!function(e){return e&&"object"==typeof e&&Array.isArray(e.keys)&&e.keys.every(he)}(e))throw new y("JSON Web Key Set malformed");this._jwks=le(e)}async getKey(e,t){const{alg:r,kid:n}={...e,...t?.header},i=function(e){switch("string"==typeof e&&e.slice(0,2)){case"RS":case"PS":return"RSA";case"ES":return"EC";case"Ed":return"OKP";default:throw new f('Unsupported "alg" value for a JSON Web Key Set')}}(r),o=this._jwks.keys.filter(e=>{let t=i===e.kty;if(t&&"string"==typeof n&&(t=n===e.kid),t&&"string"==typeof e.alg&&(t=r===e.alg),t&&"string"==typeof e.use&&(t="sig"===e.use),t&&Array.isArray(e.key_ops)&&(t=e.key_ops.includes("verify")),t)switch(r){case"ES256":t="P-256"===e.crv;break;case"ES256K":t="secp256k1"===e.crv;break;case"ES384":t="P-384"===e.crv;break;case"ES512":t="P-521"===e.crv;break;case"Ed25519":t="Ed25519"===e.crv;break;case"EdDSA":t="Ed25519"===e.crv||"Ed448"===e.crv}return t}),{0:s,length:a}=o;if(0===a)throw new v;if(1!==a){const e=new m,{_cached:t}=this;throw e[Symbol.asyncIterator]=async function*(){for(const e of o)try{yield await fe(t,e,r)}catch{}},e}return fe(this._cached,s,r)}}async function fe(e,t,r){const n=e.get(t)||e.set(t,{}).get(t);if(void 0===n[r]){const e=await te({...t,ext:!0},r);if(e instanceof Uint8Array||"public"!==e.type)throw new y("JSON Web Key Set members must be public keys");n[r]=e}return n[r]}function pe(e){const t=new de(e),r=async(e,r)=>t.getKey(e,r);return Object.defineProperties(r,{jwks:{value:()=>le(t._jwks),enumerable:!0,configurable:!1,writable:!1}}),r}let ge;if("undefined"==typeof navigator||!navigator.userAgent?.startsWith?.("Mozilla/5.0 ")){ge=`${"jose"}/${"v5.10.0"}`}const ye=Symbol();class ve{constructor(e,t){if(!(e instanceof URL))throw new TypeError("url must be an instance of URL");var r,n;this._url=new URL(e.href),this._options={agent:t?.agent,headers:t?.headers},this._timeoutDuration="number"==typeof t?.timeoutDuration?t?.timeoutDuration:5e3,this._cooldownDuration="number"==typeof t?.cooldownDuration?t?.cooldownDuration:3e4,this._cacheMaxAge="number"==typeof t?.cacheMaxAge?t?.cacheMaxAge:6e5,void 0!==t?.[ye]&&(this._cache=t?.[ye],r=t?.[ye],n=this._cacheMaxAge,"object"==typeof r&&null!==r&&"uat"in r&&"number"==typeof r.uat&&!(Date.now()-r.uat>=n)&&"jwks"in r&&D(r.jwks)&&Array.isArray(r.jwks.keys)&&Array.prototype.every.call(r.jwks.keys,D)&&(this._jwksTimestamp=this._cache.uat,this._local=pe(this._cache.jwks)))}coolingDown(){return"number"==typeof this._jwksTimestamp&&Date.now()<this._jwksTimestamp+this._cooldownDuration}fresh(){return"number"==typeof this._jwksTimestamp&&Date.now()<this._jwksTimestamp+this._cacheMaxAge}async getKey(e,t){this._local&&this.fresh()||await this.reload();try{return await this._local(e,t)}catch(r){if(r instanceof v&&!1===this.coolingDown())return await this.reload(),this._local(e,t);throw r}}async reload(){this._pendingFetch&&("undefined"!=typeof WebSocketPair||"undefined"!=typeof navigator&&"Cloudflare-Workers"===navigator.userAgent||"undefined"!=typeof EdgeRuntime&&"vercel"===EdgeRuntime)&&(this._pendingFetch=void 0);const e=new Headers(this._options.headers);ge&&!e.has("User-Agent")&&(e.set("User-Agent",ge),this._options.headers=Object.fromEntries(e.entries())),this._pendingFetch||(this._pendingFetch=ce(this._url,this._timeoutDuration,this._options).then(e=>{this._local=pe(e),this._cache&&(this._cache.uat=Date.now(),this._cache.jwks=e),this._jwksTimestamp=Date.now(),this._pendingFetch=void 0}).catch(e=>{throw this._pendingFetch=void 0,e})),await this._pendingFetch}}const me=async e=>{if(e instanceof Uint8Array)return{kty:"oct",k:a(e)};if(!E(e))throw new TypeError(C(e,...L,"Uint8Array"));if(!e.extractable)throw new TypeError("non-extractable CryptoKey cannot be exported as a JWK");const{ext:t,key_ops:r,alg:n,use:i,...o}=await b.subtle.exportKey("jwk",e);return o};async function we(e){return me(e)}const _e=async(e,t,r)=>{const n=await J(e,t,"sign");F(e,n);const i=await b.subtle.sign(S(e,n.algorithm),n,r);return new Uint8Array(i)};class Se{constructor(e){if(!(e instanceof Uint8Array))throw new TypeError("payload must be an instance of Uint8Array");this._payload=e}setProtectedHeader(e){if(this._protectedHeader)throw new TypeError("setProtectedHeader can only be called once");return this._protectedHeader=e,this}setUnprotectedHeader(e){if(this._unprotectedHeader)throw new TypeError("setUnprotectedHeader can only be called once");return this._unprotectedHeader=e,this}async sign(e,t){if(!this._protectedHeader&&!this._unprotectedHeader)throw new p("either setProtectedHeader or setUnprotectedHeader must be called before #sign()");if(!$(this._protectedHeader,this._unprotectedHeader))throw new p("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");const n={...this._protectedHeader,...this._unprotectedHeader};let i=!0;if(Z(p,new Map([["b64",!0]]),t?.crit,this._protectedHeader,n).has("b64")&&(i=this._protectedHeader.b64,"boolean"!=typeof i))throw new p('The "b64" (base64url-encode payload) Header Parameter must be a boolean');const{alg:u}=n;if("string"!=typeof u||!u)throw new p('JWS "alg" (Algorithm) Header Parameter missing or invalid');Q(u,e,"sign");let c,h=this._payload;i&&(h=r.encode(a(h))),c=this._protectedHeader?r.encode(a(JSON.stringify(this._protectedHeader))):r.encode("");const l=s(c,r.encode("."),h),d=await _e(u,e,l),f={signature:a(d),payload:""};return i&&(f.payload=o.decode(h)),this._unprotectedHeader&&(f.header=this._unprotectedHeader),this._protectedHeader&&(f.protected=o.decode(c)),f}}class be{constructor(e){this._flattened=new Se(e)}setProtectedHeader(e){return this._flattened.setProtectedHeader(e),this}async sign(e,t){const r=await this._flattened.sign(e,t);if(void 0===r.payload)throw new TypeError("use the flattened module for creating JWS with b64: false");return`${r.protected}.${r.payload}.${r.signature}`}}function Ee(e,t){if(!Number.isFinite(t))throw new TypeError(`Invalid ${e} input`);return t}class Fe{constructor(e={}){if(!D(e))throw new TypeError("JWT Claims Set MUST be an object");this._payload=e}setIssuer(e){return this._payload={...this._payload,iss:e},this}setSubject(e){return this._payload={...this._payload,sub:e},this}setAudience(e){return this._payload={...this._payload,aud:e},this}setJti(e){return this._payload={...this._payload,jti:e},this}setNotBefore(e){return"number"==typeof e?this._payload={...this._payload,nbf:Ee("setNotBefore",e)}:e instanceof Date?this._payload={...this._payload,nbf:Ee("setNotBefore",ne(e))}:this._payload={...this._payload,nbf:ne(new Date)+se(e)},this}setExpirationTime(e){return"number"==typeof e?this._payload={...this._payload,exp:Ee("setExpirationTime",e)}:e instanceof Date?this._payload={...this._payload,exp:Ee("setExpirationTime",ne(e))}:this._payload={...this._payload,exp:ne(new Date)+se(e)},this}setIssuedAt(e){return void 0===e?this._payload={...this._payload,iat:ne(new Date)}:e instanceof Date?this._payload={...this._payload,iat:Ee("setIssuedAt",ne(e))}:this._payload="string"==typeof e?{...this._payload,iat:Ee("setIssuedAt",ne(new Date)+se(e))}:{...this._payload,iat:Ee("setIssuedAt",e)},this}}class xe extends Fe{setProtectedHeader(e){return this._protectedHeader=e,this}async sign(e,t){const n=new be(r.encode(JSON.stringify(this._payload)));if(n.setProtectedHeader(this._protectedHeader),Array.isArray(this._protectedHeader?.crit)&&this._protectedHeader.crit.includes("b64")&&!1===this._protectedHeader.b64)throw new g("JWTs MUST NOT use unencoded payload");return n.sign(e,t)}}function Ae(e){const t=e?.modulusLength??2048;if("number"!=typeof t||t<2048)throw new f("Invalid or unsupported modulusLength option provided, 2048 bits or larger keys must be used");return t}async function ke(e,t){return async function(e,t){let r,n;switch(e){case"PS256":case"PS384":case"PS512":r={name:"RSA-PSS",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Ae(t)},n=["sign","verify"];break;case"RS256":case"RS384":case"RS512":r={name:"RSASSA-PKCS1-v1_5",hash:`SHA-${e.slice(-3)}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Ae(t)},n=["sign","verify"];break;case"RSA-OAEP":case"RSA-OAEP-256":case"RSA-OAEP-384":case"RSA-OAEP-512":r={name:"RSA-OAEP",hash:`SHA-${parseInt(e.slice(-3),10)||1}`,publicExponent:new Uint8Array([1,0,1]),modulusLength:Ae(t)},n=["decrypt","unwrapKey","encrypt","wrapKey"];break;case"ES256":r={name:"ECDSA",namedCurve:"P-256"},n=["sign","verify"];break;case"ES384":r={name:"ECDSA",namedCurve:"P-384"},n=["sign","verify"];break;case"ES512":r={name:"ECDSA",namedCurve:"P-521"},n=["sign","verify"];break;case"Ed25519":r={name:"Ed25519"},n=["sign","verify"];break;case"EdDSA":{n=["sign","verify"];const e=t?.crv??"Ed25519";switch(e){case"Ed25519":case"Ed448":r={name:e};break;default:throw new f("Invalid or unsupported crv option provided")}break}case"ECDH-ES":case"ECDH-ES+A128KW":case"ECDH-ES+A192KW":case"ECDH-ES+A256KW":{n=["deriveKey","deriveBits"];const e=t?.crv??"P-256";switch(e){case"P-256":case"P-384":case"P-521":r={name:"ECDH",namedCurve:e};break;case"X25519":case"X448":r={name:e};break;default:throw new f("Invalid or unsupported crv option provided, supported values are P-256, P-384, P-521, X25519, and X448")}break}default:throw new f('Invalid or unsupported JWK "alg" (Algorithm) Parameter value')}return b.subtle.generateKey(r,t?.extractable??!1,n)}(e,t)}const Pe={randomUUID:"undefined"!=typeof crypto&&crypto.randomUUID&&crypto.randomUUID.bind(crypto)};let Te;const Ie=new Uint8Array(16);const Ce=[];for(let e=0;e<256;++e)Ce.push((e+256).toString(16).slice(1));function Re(e,t=0){return(Ce[e[t+0]]+Ce[e[t+1]]+Ce[e[t+2]]+Ce[e[t+3]]+"-"+Ce[e[t+4]]+Ce[e[t+5]]+"-"+Ce[e[t+6]]+Ce[e[t+7]]+"-"+Ce[e[t+8]]+Ce[e[t+9]]+"-"+Ce[e[t+10]]+Ce[e[t+11]]+Ce[e[t+12]]+Ce[e[t+13]]+Ce[e[t+14]]+Ce[e[t+15]]).toLowerCase()}const Ue=function(e,t,r){if(Pe.randomUUID&&!t&&!e)return Pe.randomUUID();const n=(e=e||{}).random??e.rng?.()??function(){if(!Te){if("undefined"==typeof crypto||!crypto.getRandomValues)throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");Te=crypto.getRandomValues.bind(crypto)}return Te(Ie)}();if(n.length<16)throw new Error("Random bytes length must be >= 16");if(n[6]=15&n[6]|64,n[8]=63&n[8]|128,t){if((r=r||0)<0||r+16>t.length)throw new RangeError(`UUID byte range ${r}:${r+15} is out of buffer bounds`);for(let e=0;e<16;++e)t[r+e]=n[e];return t}return Re(n)},Le="solidClientAuthn:",De=["ES256","RS256"],Ne="error",Oe="login",He="logout",je="newRefreshToken",Me="sessionExpired",Be="sessionExtended",Ke="sessionRestore",Ve="timeoutSet",qe=["openid","offline_access","webid"];class Je{handleables;constructor(e){this.handleables=e,this.handleables=e}async getProperHandler(e){const t=await Promise.all(this.handleables.map(t=>t.canHandle(...e)));for(let e=0;e<t.length;e+=1)if(t[e])return this.handleables[e];return null}async canHandle(...e){return null!==await this.getProperHandler(e)}async handle(...e){const t=await this.getProperHandler(e);if(t)return t.handle(...e);throw new Error(`[${this.constructor.name}] cannot find a suitable handler for: ${e.map(e=>{try{return JSON.stringify(e)}catch(t){return e.toString()}}).join(", ")}`)}}async function We(e,t,r,n){let i,o;try{const{payload:o}=await async function(e,t,r){const n=await re(e,t,r);if(n.protectedHeader.crit?.includes("b64")&&!1===n.protectedHeader.b64)throw new g("JWTs MUST NOT use unencoded payload");const i={payload:ue(n.protectedHeader,n.payload,r),protectedHeader:n.protectedHeader};return"function"==typeof t?{...i,key:n.key}:i}(e,function(e,t){const r=new ve(e,t),n=async(e,t)=>r.getKey(e,t);return Object.defineProperties(n,{coolingDown:{get:()=>r.coolingDown(),enumerable:!0,configurable:!1},fresh:{get:()=>r.fresh(),enumerable:!0,configurable:!1},reload:{value:()=>r.reload(),enumerable:!0,configurable:!1,writable:!1},reloading:{get:()=>!!r._pendingFetch,enumerable:!0,configurable:!1},jwks:{value:()=>r._local?.jwks(),enumerable:!0,configurable:!1,writable:!1}}),n}(new URL(t)),{issuer:r,audience:n});i=o}catch(e){throw new Error(`Token verification failed: ${e.stack}`)}if("string"==typeof i.azp&&(o=i.azp),"string"==typeof i.webid)return{webId:i.webid,clientId:o};if("string"!=typeof i.sub)throw new Error(`The token ${JSON.stringify(i)} is invalid: it has no 'webid' claim and no 'sub' claim.`);try{return new URL(i.sub),{webId:i.sub,clientId:o}}catch(e){throw new Error(`The token has no 'webid' claim, and its 'sub' claim of [${i.sub}] is invalid as a URL - error [${e}].`)}}function $e(e){try{const t=new URL(e),r=!t.searchParams.has("code")&&!t.searchParams.has("state"),n=""===t.hash;return r&&n}catch(e){return!1}}function ze(e){const t=new URL(e);return t.searchParams.delete("state"),t.searchParams.delete("code"),t.searchParams.delete("error"),t.searchParams.delete("error_description"),t.searchParams.delete("iss"),t}class Ye{storageUtility;redirector;constructor(e,t){this.storageUtility=e,this.redirector=t,this.storageUtility=e,this.redirector=t}parametersGuard=e=>void 0!==e.issuerConfiguration.grantTypesSupported&&e.issuerConfiguration.grantTypesSupported.indexOf("authorization_code")>-1&&void 0!==e.redirectUrl;async canHandle(e){return this.parametersGuard(e)}async setupRedirectHandler({oidcLoginOptions:e,state:t,codeVerifier:r,targetUrl:n}){if(!this.parametersGuard(e))throw new Error("The authorization code grant requires a redirectUrl.");var i,o;await Promise.all([this.storageUtility.setForUser(t,{sessionId:e.sessionId}),this.storageUtility.setForUser(e.sessionId,{codeVerifier:r,issuer:e.issuer.toString(),redirectUrl:e.redirectUrl,dpop:Boolean(e.dpop).toString(),keepAlive:(i=e.keepAlive,o=!0,"boolean"==typeof i?Boolean(i):Boolean(o)).toString()})]),this.redirector.redirect(n,{handleRedirect:e.handleRedirect})}}class Ge{sessionInfoManager;constructor(e){this.sessionInfoManager=e,this.sessionInfoManager=e}async canHandle(){return!0}async handle(e){await this.sessionInfoManager.clear(e)}}class Xe{redirector;constructor(e){this.redirector=e,this.redirector=e}async canHandle(e,t){return"idp"===t?.logoutType}async handle(e,t){if("idp"!==t?.logoutType)throw new Error("Attempting to call idp logout handler to perform app logout");if(void 0===t.toLogoutUrl)throw new Error("Cannot perform IDP logout. Did you log in using the OIDC authentication flow?");this.redirector.redirect(t.toLogoutUrl(t),{handleRedirect:t.handleRedirect})}}class Qe{handlers;constructor(e,t){this.handlers=[new Ge(e),new Xe(t)]}async canHandle(){return!0}async handle(e,t){for(const r of this.handlers)await r.canHandle(e,t)&&await r.handle(e,t)}}function Ze(){return{isLoggedIn:!1,sessionId:Ue(),fetch:(...e)=>fetch(...e)}}async function et(e,t){await Promise.all([t.deleteAllUserData(e,{secure:!1}),t.deleteAllUserData(e,{secure:!0})])}class tt{storageUtility;constructor(e){this.storageUtility=e,this.storageUtility=e}update(e,t){throw new Error("Not Implemented")}set(e,t){throw new Error("Not Implemented")}get(e){throw new Error("Not implemented")}async getAll(){throw new Error("Not implemented")}async clear(e){return et(e,this.storageUtility)}async register(e){throw new Error("Not implemented")}async getRegisteredSessionIdAll(){throw new Error("Not implemented")}async clearAll(){throw new Error("Not implemented")}async setOidcContext(e,t){throw new Error("Not implemented")}}function rt({endSessionEndpoint:e,idTokenHint:t}){if(void 0!==e)return function({state:r,postLogoutUrl:n}){return function({endSessionEndpoint:e,idTokenHint:t,postLogoutRedirectUri:r,state:n}){const i=new URL(e);return void 0!==t&&i.searchParams.append("id_token_hint",t),void 0!==r&&(i.searchParams.append("post_logout_redirect_uri",r),void 0!==n&&i.searchParams.append("state",n)),i.toString()}({endSessionEndpoint:e,idTokenHint:t,state:r,postLogoutRedirectUri:n})}}function nt(e){try{return new URL(e),!0}catch{return!1}}async function it(e,t,r,n){let i;if(function(e,t){return t.scopesSupported.includes("webid")&&void 0!==e.clientId&&nt(e.clientId)}(e,t))i={clientId:e.clientId,clientName:e.clientName,clientType:"solid-oidc"};else{if(!function(e){return void 0!==e.clientId&&!nt(e.clientId)}(e))return n.getClient({sessionId:e.sessionId,clientName:e.clientName,redirectUrl:e.redirectUrl},t);i={clientId:e.clientId,clientSecret:e.clientSecret,clientName:e.clientName,clientType:"static"}}const o={clientId:i.clientId,clientType:i.clientType};return"static"===i.clientType&&(o.clientSecret=i.clientSecret),i.clientName&&(o.clientName=i.clientName),await r.setForUser(e.sessionId,o),i}const ot=(e,t)=>fetch(e,t);class st{loginHandler;redirectHandler;logoutHandler;sessionInfoManager;issuerConfigFetcher;boundLogout;constructor(e,t,r,n,i){this.loginHandler=e,this.redirectHandler=t,this.logoutHandler=r,this.sessionInfoManager=n,this.issuerConfigFetcher=i,this.loginHandler=e,this.redirectHandler=t,this.logoutHandler=r,this.sessionInfoManager=n,this.issuerConfigFetcher=i}fetch=ot;logout=async(e,t)=>{await this.logoutHandler.handle(e,"idp"===t?.logoutType?{...t,toLogoutUrl:this.boundLogout}:t),this.fetch=ot,delete this.boundLogout};getSessionInfo=async e=>this.sessionInfoManager.get(e);getAllSessionInfo=async()=>this.sessionInfoManager.getAll()}async function at(e,t,r){try{const[n,i,o,s,a]=await Promise.all([t.getForUser(e,"issuer",{errorIfNull:!0}),t.getForUser(e,"codeVerifier"),t.getForUser(e,"redirectUrl"),t.getForUser(e,"dpop",{errorIfNull:!0}),t.getForUser(e,"keepAlive")]);await t.deleteForUser(e,"codeVerifier");return{codeVerifier:i,redirectUrl:o,issuerConfig:await r.fetchConfig(n),dpop:"true"===s,keepAlive:"string"!=typeof a||"true"===a}}catch(t){throw new Error(`Failed to retrieve OIDC context from storage associated with session [${e}]: ${t}`)}}class ut{secureStorage;insecureStorage;constructor(e,t){this.secureStorage=e,this.insecureStorage=t,this.secureStorage=e,this.insecureStorage=t}getKey(e){return`solidClientAuthenticationUser:${e}`}async getUserData(e,t){const r=await(t?this.secureStorage:this.insecureStorage).get(this.getKey(e));if(void 0===r)return{};try{return JSON.parse(r)}catch(n){throw new Error(`Data for user [${e}] in [${t?"secure":"unsecure"}] storage is corrupted - expected valid JSON, but got: ${r}`)}}async setUserData(e,t,r){await(r?this.secureStorage:this.insecureStorage).set(this.getKey(e),JSON.stringify(t))}async get(e,t){const r=await(t?.secure?this.secureStorage:this.insecureStorage).get(e);if(void 0===r&&t?.errorIfNull)throw new Error(`[${e}] is not stored`);return r}async set(e,t,r){return(r?.secure?this.secureStorage:this.insecureStorage).set(e,t)}async delete(e,t){return(t?.secure?this.secureStorage:this.insecureStorage).delete(e)}async getForUser(e,t,r){const n=await this.getUserData(e,r?.secure);let i;if(n&&n[t]||(i=void 0),i=n[t],void 0===i&&r?.errorIfNull)throw new Error(`Field [${t}] for user [${e}] is not stored`);return i||void 0}async setForUser(e,t,r){let n;try{n=await this.getUserData(e,r?.secure)}catch{n={}}await this.setUserData(e,{...n,...t},r?.secure)}async deleteForUser(e,t,r){const n=await this.getUserData(e,r?.secure);delete n[t],await this.setUserData(e,n,r?.secure)}async deleteAllUserData(e,t){await(t?.secure?this.secureStorage:this.insecureStorage).delete(this.getKey(e))}}class ct{map={};async get(e){return this.map[e]||void 0}async set(e,t){this.map[e]=t}async delete(e){delete this.map[e]}}class ht extends Error{constructor(e){super(e)}}Error;class lt extends Error{missingFields;constructor(e){super(`Invalid response from OIDC provider: missing fields ${e}`),this.missingFields=e}}class dt extends Error{error;errorDescription;constructor(e,t,r){super(e),this.error=t,this.errorDescription=r}}function ft(e){const t=new URL(e);return new URL(t.pathname,t.origin).toString()}async function pt(e,t,r){return new xe({htu:ft(e),htm:t.toUpperCase(),jti:Ue()}).setProtectedHeader({alg:De[0],jwk:r.publicKey,typ:"dpop+jwt"}).setIssuedAt().sign(r.privateKey,{})}async function gt(e,t,r,n){if(void 0!==r)return async function(e,t,r,n){const i=new Headers(n?.headers);return i.set("Authorization",`DPoP ${t}`),i.set("DPoP",await pt(e,n?.method??"get",r)),{...n,headers:i}}(e,t,r,n);const i=new Headers(n?.headers);return i.set("Authorization",`Bearer ${t}`),{...n,headers:i}}async function yt(e,t,r,n,i=fetch){return i(t,await gt(t.toString(),e,n,r))}const vt=e=>void 0!==e?e-5>0?e-5:e:600;function mt(e,t){let r,n=e;const i=t?.refreshOptions;if(void 0!==i){const e=async()=>{try{const{accessToken:o,refreshToken:s,expiresIn:a}=await async function(e,t,r){const n=await e.tokenRefresher.refresh(e.sessionId,e.refreshToken,t);return r?.emit(Be,n.expiresIn??600),{accessToken:n.accessToken,refreshToken:n.refreshToken,expiresIn:n.expiresIn}}(i,t.dpopKey,t.eventEmitter);n=o,void 0!==s&&(i.refreshToken=s),clearTimeout(r),r=setTimeout(e,1e3*vt(a)),t.eventEmitter?.emit(Ve,r)}catch(e){e instanceof dt&&(t?.eventEmitter?.emit(Ne,e.error,e.errorDescription),t?.eventEmitter?.emit(Me)),e instanceof lt&&e.missingFields.includes("access_token")&&t?.eventEmitter?.emit(Me)}};r=setTimeout(e,1e3*vt(t.expiresIn)),t.eventEmitter?.emit(Ve,r)}else if(void 0!==t&&void 0!==t.eventEmitter){const e=setTimeout(()=>{t.eventEmitter.emit(Me)},1e3*vt(t.expiresIn));t.eventEmitter.emit(Ve,e)}return async(e,r)=>{let i=await yt(n,e,r,t?.dpopKey,t?.fetch);const o=!i.ok&&(s=i.status,![401,403].includes(s));var s;if(i.ok||o)return i;return i.url!==e&&void 0!==t?.dpopKey&&(i=await yt(n,i.url,r,t.dpopKey,t.fetch)),i}}var wt=n(7),_t=n(516);function St(e,t){if("string"!=typeof e.client_id)throw new Error(`Dynamic client registration failed: no client_id has been found on ${JSON.stringify(e)}`);if(t.redirectUrl&&function(e){return Array.isArray(e.redirect_uris)&&e.redirect_uris.every(e=>"string"==typeof e)}(e)&&e.redirect_uris[0]!==t.redirectUrl.toString())throw new Error(`Dynamic client registration failed: the returned redirect URIs ${JSON.stringify(e.redirect_uris)} don't match the provided ${JSON.stringify([t.redirectUrl.toString()])}`);return!0}async function bt(e,t){if(!t.registrationEndpoint)throw new Error("Dynamic Registration could not be completed because the issuer has no registration endpoint.");if(!Array.isArray(t.idTokenSigningAlgValuesSupported))throw new Error("The OIDC issuer discovery profile is missing the 'id_token_signing_alg_values_supported' value, which is mandatory.");const r=(n=t.idTokenSigningAlgValuesSupported,De.find(e=>n.includes(e))??null);var n;const i={client_name:e.clientName,application_type:"web",redirect_uris:[e.redirectUrl?.toString()],subject_type:"public",token_endpoint_auth_method:"client_secret_basic",id_token_signed_response_alg:r,grant_types:["authorization_code","refresh_token"]},o=await fetch(t.registrationEndpoint.toString(),{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(i)});if(o.ok){const t=await o.json();return St(t,e),{clientId:t.client_id,clientSecret:t.client_secret,expiresAt:t.client_secret_expires_at,idTokenSignedResponseAlg:t.id_token_signed_response_alg,clientType:"dynamic"}}throw 400===o.status&&function(e,t){if("invalid_redirect_uri"===e.error)throw new Error(`Dynamic client registration failed: the provided redirect uri [${t.redirectUrl?.toString()}] is invalid - ${e.error_description??""}`);if("invalid_client_metadata"===e.error)throw new Error(`Dynamic client registration failed: the provided client metadata ${JSON.stringify(t)} is invalid - ${e.error_description??""}`);throw new Error(`Dynamic client registration failed: ${e.error} - ${e.error_description??""}`)}(await o.json(),e),new Error(`Dynamic client registration failed: the server returned ${o.status} ${o.statusText} - ${await o.text()}`)}function Et(e){return void 0!==e.error_description&&"string"==typeof e.error_description}function Ft(e,t){if(void 0!==(r=e).error&&"string"==typeof r.error)throw new dt(`Token endpoint returned error [${e.error}]${Et(e)?`: ${e.error_description}`:""}${function(e){return void 0!==e.error_uri&&"string"==typeof e.error_uri}(e)?` (see ${e.error_uri})`:""}`,e.error,Et(e)?e.error_description:void 0);var r;if(!function(e){return void 0!==e.access_token&&"string"==typeof e.access_token}(e))throw new lt(["access_token"]);if(!function(e){return void 0!==e.id_token&&"string"==typeof e.id_token}(e))throw new lt(["id_token"]);if(!function(e){return void 0!==e.token_type&&"string"==typeof e.token_type}(e))throw new lt(["token_type"]);if(!function(e){return void 0===e.expires_in||"number"==typeof e.expires_in}(e))throw new lt(["expires_in"]);if(!t&&"bearer"!==e.token_type.toLowerCase())throw new Error(`Invalid token endpoint response: requested a [Bearer] token, but got a 'token_type' value of [${e.token_type}].`);return e}async function xt(e,t,r,n){!function(e,t){if(t.grantType&&(!e.grantTypesSupported||!e.grantTypesSupported.includes(t.grantType)))throw new Error(`The issuer [${e.issuer}] does not support the [${t.grantType}] grant`);if(!e.tokenEndpoint)throw new Error(`This issuer [${e.issuer}] does not have a token endpoint`)}(e,r);const i={"content-type":"application/x-www-form-urlencoded"};let o;n&&(o=await async function(){const{privateKey:e,publicKey:t}=await ke(De[0]),r={privateKey:e,publicKey:await we(t)};return[r.publicKey.alg]=De,r}(),i.DPoP=await pt(e.tokenEndpoint,"POST",o)),t.clientSecret&&(i.Authorization=`Basic ${btoa(`${t.clientId}:${t.clientSecret}`)}`);const s={grant_type:r.grantType,redirect_uri:r.redirectUrl,code:r.code,code_verifier:r.codeVerifier,client_id:t.clientId},a={method:"POST",headers:i,body:new URLSearchParams(s).toString()},u=await fetch(e.tokenEndpoint,a),c=Ft(await u.json(),n),{webId:h,clientId:l}=await We(c.id_token,e.jwksUri,e.issuer,t.clientId);return{accessToken:c.access_token,idToken:c.id_token,refreshToken:(d=c,void 0!==d.refresh_token&&"string"==typeof d.refresh_token?c.refresh_token:void 0),webId:h,clientId:l,dpopKey:o,expiresIn:c.expires_in};var d}async function At(e,t,r,n){if(void 0===r.clientId)throw new Error("No client ID available when trying to refresh the access token.");const i={grant_type:"refresh_token",refresh_token:e};let o={};void 0!==n&&(o={DPoP:await pt(t.tokenEndpoint,"POST",n)});let s={};void 0!==r.clientSecret?s={Authorization:`Basic ${btoa(`${r.clientId}:${r.clientSecret}`)}`}:(e=>{try{return new URL(e),!0}catch{return!1}})(r.clientId)&&(i.client_id=r.clientId);const a=await fetch(t.tokenEndpoint,{method:"POST",body:new URLSearchParams(i).toString(),headers:{...o,...s,"Content-Type":"application/x-www-form-urlencoded"}});let u;try{u=await a.json()}catch(e){throw new Error(`The token endpoint of issuer ${t.issuer} returned a malformed response.`)}const c=Ft(u,void 0!==n),{webId:h}=await We(c.id_token,t.jwksUri,t.issuer,r.clientId);return{accessToken:c.access_token,idToken:c.id_token,refreshToken:"string"==typeof c.refresh_token?c.refresh_token:void 0,webId:h,dpopKey:n,expiresIn:c.expires_in}}class kt extends ut{constructor(e,t){super(e,t)}}class Pt extends st{login=async(e,t)=>{"none"!==e.prompt&&await this.sessionInfoManager.clear(e.sessionId);const r=e.redirectUrl??function(e){const t=ze(e);return t.hash="",e.includes(`${t.origin}/`)?t.href:`${t.origin}${t.href.substring(t.origin.length+1)}`}(window.location.href);if(!$e(r))throw new Error(`${r} is not a valid redirect URL, it is either a malformed IRI, includes a hash fragment, or reserved query parameters ('code' or 'state').`);await this.loginHandler.handle({...e,redirectUrl:r,clientName:e.clientName??e.clientId,eventEmitter:t})};validateCurrentSession=async e=>{const t=await this.sessionInfoManager.get(e);return void 0===t||void 0===t.clientAppId||void 0===t.issuer?null:t};handleIncomingRedirect=async(e,t)=>{try{const r=await this.redirectHandler.handle(e,t,void 0);return this.fetch=r.fetch.bind(window),this.boundLogout=r.getLogoutUrl,await this.cleanUrlAfterRedirect(e),{isLoggedIn:r.isLoggedIn,webId:r.webId,sessionId:r.sessionId,expirationDate:r.expirationDate,clientAppId:r.clientAppId}}catch(r){return await this.cleanUrlAfterRedirect(e),void t.emit(Ne,"redirect",r)}};async cleanUrlAfterRedirect(e){const t=ze(e).href;for(window.history.replaceState(null,"",t);window.location.href!==t;)await new Promise(e=>{setTimeout(()=>e(),1)})}}function Tt(e){return"string"==typeof e.oidcIssuer}function It(e){return"string"==typeof e.redirectUrl}class Ct{storageUtility;oidcHandler;issuerConfigFetcher;clientRegistrar;constructor(e,t,r,n){this.storageUtility=e,this.oidcHandler=t,this.issuerConfigFetcher=r,this.clientRegistrar=n,this.storageUtility=e,this.oidcHandler=t,this.issuerConfigFetcher=r,this.clientRegistrar=n}async canHandle(e){return Tt(e)&&It(e)}async handle(e){if(!Tt(e))throw new ht(`OidcLoginHandler requires an OIDC issuer: missing property 'oidcIssuer' in ${JSON.stringify(e)}`);if(!It(e))throw new ht(`OidcLoginHandler requires a redirect URL: missing property 'redirectUrl' in ${JSON.stringify(e)}`);const t=await this.issuerConfigFetcher.fetchConfig(e.oidcIssuer),r=await it(e,t,this.storageUtility,this.clientRegistrar),n={issuer:t.issuer,dpop:"dpop"===e.tokenType.toLowerCase(),...e,issuerConfiguration:t,client:r,scopes:(i=e.customScopes,Array.isArray(i)?Array.from(new Set([...qe,...i.filter(e=>"string"==typeof e&&!e.includes(" "))])):qe)};var i;return this.oidcHandler.handle(n)}}class Rt extends Ye{async handle(e){const t={authority:e.issuer.toString(),client_id:e.client.clientId,client_secret:e.client.clientSecret,redirect_uri:e.redirectUrl,response_type:"code",scope:e.scopes.join(" "),filterProtocolClaims:!0,loadUserInfo:!1,code_verifier:!0,prompt:e.prompt??"consent"},r=new _t.OidcClient(t);try{const t=await r.createSigninRequest();return await this.setupRedirectHandler({oidcLoginOptions:e,state:t.state._id,codeVerifier:t.state._code_verifier,targetUrl:t.url.toString()})}catch(e){console.error(e)}}}const Ut={issuer:{toKey:"issuer",convertToUrl:!0},authorization_endpoint:{toKey:"authorizationEndpoint",convertToUrl:!0},token_endpoint:{toKey:"tokenEndpoint",convertToUrl:!0},userinfo_endpoint:{toKey:"userinfoEndpoint",convertToUrl:!0},jwks_uri:{toKey:"jwksUri",convertToUrl:!0},registration_endpoint:{toKey:"registrationEndpoint",convertToUrl:!0},end_session_endpoint:{toKey:"endSessionEndpoint",convertToUrl:!0},scopes_supported:{toKey:"scopesSupported"},response_types_supported:{toKey:"responseTypesSupported"},response_modes_supported:{toKey:"responseModesSupported"},grant_types_supported:{toKey:"grantTypesSupported"},acr_values_supported:{toKey:"acrValuesSupported"},subject_types_supported:{toKey:"subjectTypesSupported"},id_token_signing_alg_values_supported:{toKey:"idTokenSigningAlgValuesSupported"},id_token_encryption_alg_values_supported:{toKey:"idTokenEncryptionAlgValuesSupported"},id_token_encryption_enc_values_supported:{toKey:"idTokenEncryptionEncValuesSupported"},userinfo_signing_alg_values_supported:{toKey:"userinfoSigningAlgValuesSupported"},userinfo_encryption_alg_values_supported:{toKey:"userinfoEncryptionAlgValuesSupported"},userinfo_encryption_enc_values_supported:{toKey:"userinfoEncryptionEncValuesSupported"},request_object_signing_alg_values_supported:{toKey:"requestObjectSigningAlgValuesSupported"},request_object_encryption_alg_values_supported:{toKey:"requestObjectEncryptionAlgValuesSupported"},request_object_encryption_enc_values_supported:{toKey:"requestObjectEncryptionEncValuesSupported"},token_endpoint_auth_methods_supported:{toKey:"tokenEndpointAuthMethodsSupported"},token_endpoint_auth_signing_alg_values_supported:{toKey:"tokenEndpointAuthSigningAlgValuesSupported"},display_values_supported:{toKey:"displayValuesSupported"},claim_types_supported:{toKey:"claimTypesSupported"},claims_supported:{toKey:"claimsSupported"},service_documentation:{toKey:"serviceDocumentation"},claims_locales_supported:{toKey:"claimsLocalesSupported"},ui_locales_supported:{toKey:"uiLocalesSupported"},claims_parameter_supported:{toKey:"claimsParameterSupported"},request_parameter_supported:{toKey:"requestParameterSupported"},request_uri_parameter_supported:{toKey:"requestUriParameterSupported"},require_request_uri_registration:{toKey:"requireRequestUriRegistration"},op_policy_uri:{toKey:"opPolicyUri",convertToUrl:!0},op_tos_uri:{toKey:"opTosUri",convertToUrl:!0}};class Lt{storageUtility;constructor(e){this.storageUtility=e,this.storageUtility=e}static getLocalStorageKey(e){return`issuerConfig:${e}`}async fetchConfig(e){let t;const r=new URL(".well-known/openid-configuration",e.endsWith("/")?e:`${e}/`).href,n=await fetch(r);try{t=function(e){const t={};return Object.keys(e).forEach(r=>{Ut[r]&&(t[Ut[r].toKey]=e[r])}),Array.isArray(t.scopesSupported)||(t.scopesSupported=["openid"]),t}(await n.json())}catch(t){throw new ht(`[${e.toString()}] has an invalid configuration: ${t.message}`)}return await this.storageUtility.set(Lt.getLocalStorageKey(e),JSON.stringify(t)),t}}async function Dt(e,t){await et(e,t),await async function(){const e=new _t.OidcClient({response_mode:"query"});await e.clearStaleState(new _t.WebStorageStateStore({}));const t=window.localStorage,r=[];for(let e=0;e<=t.length;e+=1){const n=t.key(e);n&&(n.match(/^oidc\..+$/)||n.match(/^solidClientAuthenticationUser:.+$/))&&r.push(n)}r.forEach(e=>t.removeItem(e))}()}class Nt extends tt{async get(e){const[t,r,n,i,o,s,a,u]=await Promise.all([this.storageUtility.getForUser(e,"isLoggedIn",{secure:!0}),this.storageUtility.getForUser(e,"webId",{secure:!0}),this.storageUtility.getForUser(e,"clientId",{secure:!1}),this.storageUtility.getForUser(e,"clientSecret",{secure:!1}),this.storageUtility.getForUser(e,"redirectUrl",{secure:!1}),this.storageUtility.getForUser(e,"refreshToken",{secure:!0}),this.storageUtility.getForUser(e,"issuer",{secure:!1}),this.storageUtility.getForUser(e,"tokenType",{secure:!1})]);if("string"!=typeof o||$e(o)){if(void 0!==u&&("string"!=typeof(c=u)||!["DPoP","Bearer"].includes(c)))throw new Error(`Tokens of type [${u}] are not supported.`);var c;if(void 0!==n||void 0!==t||void 0!==r||void 0!==s)return{sessionId:e,webId:r,isLoggedIn:"true"===t,redirectUrl:o,refreshToken:s,issuer:a,clientAppId:n,clientAppSecret:i,tokenType:u??"DPoP"}}else await Promise.all([this.storageUtility.deleteAllUserData(e,{secure:!1}),this.storageUtility.deleteAllUserData(e,{secure:!0})])}async clear(e){return Dt(e,this.storageUtility)}}class Ot{async canHandle(e){try{return new URL(e),!0}catch(t){throw new Error(`[${e}] is not a valid URL, and cannot be used as a redirect URL: ${t}`)}}async handle(e){return Ze()}}class Ht{storageUtility;sessionInfoManager;issuerConfigFetcher;clientRegistrar;tokerRefresher;constructor(e,t,r,n,i){this.storageUtility=e,this.sessionInfoManager=t,this.issuerConfigFetcher=r,this.clientRegistrar=n,this.tokerRefresher=i,this.storageUtility=e,this.sessionInfoManager=t,this.issuerConfigFetcher=r,this.clientRegistrar=n,this.tokerRefresher=i}async canHandle(e){try{const t=new URL(e);return null!==t.searchParams.get("code")&&null!==t.searchParams.get("state")}catch(t){throw new Error(`[${e}] is not a valid URL, and cannot be used as a redirect URL: ${t}`)}}async handle(e,t){if(!await this.canHandle(e))throw new Error(`AuthCodeRedirectHandler cannot handle [${e}]: it is missing one of [code, state].`);const r=new URL(e),n=r.searchParams.get("state"),i=await this.storageUtility.getForUser(n,"sessionId",{errorIfNull:!0}),{issuerConfig:o,codeVerifier:s,redirectUrl:a,dpop:u}=await at(i,this.storageUtility,this.issuerConfigFetcher),c=r.searchParams.get("iss");if("string"==typeof c&&c!==o.issuer)throw new Error(`The value of the iss parameter (${c}) does not match the issuer identifier of the authorization server (${o.issuer}). See [rfc9207](https://www.rfc-editor.org/rfc/rfc9207.html#section-2.3-3.1.1)`);if(void 0===s)throw new Error(`The code verifier for session ${i} is missing from storage.`);if(void 0===a)throw new Error(`The redirect URL for session ${i} is missing from storage.`);const h=await this.clientRegistrar.getClient({sessionId:i},o),l=Date.now(),d=await xt(o,h,{grantType:"authorization_code",code:r.searchParams.get("code"),codeVerifier:s,redirectUrl:a},u);let f;window.localStorage.removeItem(`oidc.${n}`),void 0!==d.refreshToken&&(f={sessionId:i,refreshToken:d.refreshToken,tokenRefresher:this.tokerRefresher});const p=mt(d.accessToken,{dpopKey:d.dpopKey,refreshOptions:f,eventEmitter:t,expiresIn:d.expiresIn});await async function(e,t,r,n,i,o,s,a){void 0!==o&&await e.setForUser(t,{refreshToken:o},{secure:s}),void 0!==r&&await e.setForUser(t,{webId:r},{secure:s}),void 0!==n&&await e.setForUser(t,{clientId:n},{secure:s}),void 0!==i&&await e.setForUser(t,{isLoggedIn:i},{secure:s}),void 0!==a&&await e.setForUser(t,{publicKey:JSON.stringify(a.publicKey),privateKey:JSON.stringify(await we(a.privateKey))},{secure:s})}(this.storageUtility,i,d.webId,d.clientId,"true",void 0,!0);const g=await this.sessionInfoManager.get(i);if(!g)throw new Error(`Could not retrieve session: [${i}].`);return Object.assign(g,{fetch:p,getLogoutUrl:rt({idTokenHint:d.idToken,endSessionEndpoint:o.endSessionEndpoint}),expirationDate:"number"==typeof d.expiresIn?l+1e3*d.expiresIn:void 0})}}class jt extends Je{constructor(e){super(e)}}class Mt{get storage(){return window.localStorage}async get(e){return this.storage.getItem(e)||void 0}async set(e,t){this.storage.setItem(e,t)}async delete(e){this.storage.removeItem(e)}}class Bt{redirect(e,t){t&&t.handleRedirect?t.handleRedirect(e):t&&t.redirectByReplacingState?window.history.replaceState({},"",e):window.location.href=e}}class Kt{storageUtility;constructor(e){this.storageUtility=e,this.storageUtility=e}async getClient(e,t){const[r,n,i,o,s]=await Promise.all([this.storageUtility.getForUser(e.sessionId,"clientId",{secure:!1}),this.storageUtility.getForUser(e.sessionId,"clientSecret",{secure:!1}),this.storageUtility.getForUser(e.sessionId,"expiresAt",{secure:!1}),this.storageUtility.getForUser(e.sessionId,"clientName",{secure:!1}),this.storageUtility.getForUser(e.sessionId,"clientType",{secure:!1})]),a=void 0!==i?Number.parseInt(i,10):-1,u=void 0!==n&&0!==a&&Math.floor(Date.now()/1e3)>a;if(r&&("string"==typeof(c=s)&&["dynamic","static","solid-oidc"].includes(c))&&!u)return void 0!==n?{clientId:r,clientSecret:n,clientName:o,clientType:"dynamic",expiresAt:a}:{clientId:r,clientName:o,clientType:s};var c;try{const r=await bt(e,t),n={clientId:r.clientId,clientType:"dynamic"};return void 0!==r.clientSecret&&(n.clientSecret=r.clientSecret,n.expiresAt=String(r.expiresAt)),r.idTokenSignedResponseAlg&&(n.idTokenSignedResponseAlg=r.idTokenSignedResponseAlg),await this.storageUtility.setForUser(e.sessionId,n,{secure:!1}),r}catch(e){throw new Error("Client registration failed.",{cause:e})}}}class Vt{async canHandle(e){try{return new URL(e).searchParams.has("error")}catch(t){throw new Error(`[${e}] is not a valid URL, and cannot be used as a redirect URL: ${t}`)}}async handle(e,t){if(void 0!==t){const r=new URL(e),n=r.searchParams.get("error"),i=r.searchParams.get("error_description");t.emit(Ne,n,i)}return Ze()}}class qt{storageUtility;issuerConfigFetcher;clientRegistrar;constructor(e,t,r){this.storageUtility=e,this.issuerConfigFetcher=t,this.clientRegistrar=r,this.storageUtility=e,this.issuerConfigFetcher=t,this.clientRegistrar=r}async refresh(e,t,r,n){const i=await at(e,this.storageUtility,this.issuerConfigFetcher),o=await this.clientRegistrar.getClient({sessionId:e},i.issuerConfig);if(void 0===t)throw new Error(`Session [${e}] has no refresh token to allow it to refresh its access token.`);if(i.dpop&&void 0===r)throw new Error(`For session [${e}], the key bound to the DPoP access token must be provided to refresh said access token.`);const s=await At(t,i.issuerConfig,o,r);return void 0!==s.refreshToken&&n?.emit(je,s.refreshToken),s}}function Jt(e){const t=new ct,r=e.secureStorage||t,n=e.insecureStorage||new Mt,i=new kt(r,n),o=new Lt(i),s=new Kt(i),a=new Nt(i),u=new qt(i,o,s),c=new Bt,h=new Ct(i,new Rt(i,c),o,s),l=new jt([new Vt,new Ht(i,a,o,s,u),new Ot]);return new Pt(h,l,new Qe(a,c),a,o)}const Wt=`${Le}currentSession`,$t=`${Le}currentUrl`;class zt{info;events;clientAuthentication;tokenRequestInProgress=!1;constructor(e={},t=void 0){this.events=new wt,e.clientAuthentication?this.clientAuthentication=e.clientAuthentication:e.secureStorage&&e.insecureStorage?this.clientAuthentication=Jt({secureStorage:e.secureStorage,insecureStorage:e.insecureStorage}):this.clientAuthentication=Jt({}),e.sessionInfo?this.info={sessionId:e.sessionInfo.sessionId,isLoggedIn:!1,webId:e.sessionInfo.webId,clientAppId:e.sessionInfo.clientAppId}:this.info={sessionId:t??Ue(),isLoggedIn:!1},this.events.on(Oe,()=>window.localStorage.setItem(Wt,this.info.sessionId)),this.events.on(Me,()=>this.internalLogout(!1)),this.events.on(Ne,()=>this.internalLogout(!1))}login=async e=>(await this.clientAuthentication.login({sessionId:this.info.sessionId,...e,tokenType:e.tokenType??"DPoP"},this.events),new Promise(()=>{}));fetch=(e,t)=>this.clientAuthentication.fetch(e,t);internalLogout=async(e,t)=>{window.localStorage.removeItem(Wt),await this.clientAuthentication.logout(this.info.sessionId,t),this.info.isLoggedIn=!1,e&&this.events.emit(He)};logout=async e=>this.internalLogout(!0,e);handleIncomingRedirect=async(e={})=>{if(this.info.isLoggedIn)return this.info;if(this.tokenRequestInProgress)return;const t="string"==typeof e?{url:e}:e,r=t.url??window.location.href;this.tokenRequestInProgress=!0;const n=await this.clientAuthentication.handleIncomingRedirect(r,this.events);if(function(e){return!!e?.isLoggedIn}(n)){this.setSessionInfo(n);const e=window.localStorage.getItem($t);null===e?this.events.emit(Oe):(window.localStorage.removeItem($t),this.events.emit(Ke,e))}else if(!0===t.restorePreviousSession){const e=window.localStorage.getItem(Wt);if(null!==e){if(await async function(e,t,r){const n=await t.validateCurrentSession(e);return null!==n&&(window.localStorage.setItem($t,window.location.href),await t.login({sessionId:e,prompt:"none",oidcIssuer:n.issuer,redirectUrl:n.redirectUrl,clientId:n.clientAppId,clientSecret:n.clientAppSecret,tokenType:n.tokenType??"DPoP"},r.events),!0)}(e,this.clientAuthentication,this))return new Promise(()=>{})}}return this.tokenRequestInProgress=!1,n};setSessionInfo(e){this.info.isLoggedIn=e.isLoggedIn,this.info.webId=e.webId,this.info.sessionId=e.sessionId,this.info.clientAppId=e.clientAppId,this.info.expirationDate=e.expirationDate,this.events.on(Be,e=>{this.info.expirationDate=Date.now()+1e3*e})}}const Yt=new zt;var Gt=n(264),Xt=n(386);const Qt=n.n(Xt)()(Gt),Zt=(0,Gt.sym)("http://www.iana.org/assignments/link-relations/acl");function er(e){const t=Qt;function r(e,r,n,i={}){const o=i.public||[],s=(0,Gt.graph)(),a=(0,Gt.Namespace)("http://www.w3.org/ns/auth/acl#");let u=s.sym(`${n}#a1`);const c=s.sym(n),h=s.sym(e);if(s.add(u,t.rdf("type"),a("Authorization"),c),s.add(u,a("accessTo"),h,c),i.defaultForNew&&s.add(u,a("default"),h,c),s.add(u,a("agent"),r,c),s.add(u,a("mode"),a("Read"),c),s.add(u,a("mode"),a("Write"),c),s.add(u,a("mode"),a("Control"),c),o.length){u=s.sym(`${n}#a2`),s.add(u,t.rdf("type"),a("Authorization"),c),s.add(u,a("accessTo"),h,c),s.add(u,a("agentClass"),t.foaf("Agent"),c);for(let e=0;e<o.length;e++)s.add(u,a("mode"),a(o[e]),c)}return(0,Gt.serialize)(c,s,n)}return{findAclDocUrl:async function(t){await e.fetcher.load(t);const r=e.any(t,Zt);if(!r)throw new Error(`No ACL link discovered for ${t}`);return r.value},setACLUserPublic:function(t,n,i){const o=e.any(e.sym(t),Zt);return Promise.resolve().then(()=>o||function(t){const r=e.fetcher;if(!r)throw new Error("Cannot fetch ACL rel, store has no fetcher");return r.load(t).then(r=>{if(!r.ok)throw new Error("fetchACLRel: While loading:"+r.error);const n=e.any(e.sym(t),Zt);if(!n)throw new Error("fetchACLRel: No Link rel=ACL header for "+t);return n})}(t).catch(e=>{throw new Error(`Error fetching rel=ACL header for ${t}: ${e}`)})).then(o=>{const s=r(t,n,o.uri,i);if(!e.fetcher)throw new Error("Cannot PUT this, store has no fetcher");return e.fetcher.webOperation("PUT",o.uri,{data:s,contentType:"text/turtle"}).then(e=>{if(!e.ok)throw new Error("Error writing ACL text: "+e.error);return o})})},genACLText:r}}const tr=()=>{let{SolidAppContext:e}=window;if(e||={},e.viewingNoAuthPage=!1,e.noAuth&&window.document){if(window.document.location.href.startsWith(e.noAuth)){e.viewingNoAuthPage=!0;const t=new URLSearchParams(window.document.location.search);if(t){let r=e.viewedPage=t.get("uri")||null;if(r&&(r=decodeURI(r),!r.startsWith(e.noAuth))){const t=r.split(/\//);e.idp=t[0]+"//"+t[2],e.viewingNoAuthPage=!1}}}}return e};function rr(){const{$SolidTestEnvironment:t}=window;if(void 0!==t&&t.username)return e("Assuming the user is "+t.username),(0,Gt.sym)(t.username);if("undefined"!=typeof document&&document.location&&"http://localhost"===(""+document.location).slice(0,16)){const t=document.getElementById("appTarget");if(!t)return null;const r=t.getAttribute("testID");return r?(e("Assuming user is "+r),(0,Gt.sym)(r)):null}return null}class nr{session;constructor(e){this.session=e}get authSession(){return this.session}currentUser(){const e=tr();return e.viewingNoAuthPage?(0,Gt.sym)(e.webId):this&&this.session&&this.session.info&&this.session.info.webId&&this.session.info.isLoggedIn?(0,Gt.sym)(this.session.info.webId):rr()}async checkUser(t){const r=new URL(window.location.href).hash;r&&window.localStorage.setItem("preLoginRedirectHash",r),this.session.events.on(Ke,t=>{e(`Session restored to ${t}`),document.location.toString()!==t&&history.replaceState(null,"",t)});const n=new URL(window.location.href);n.hash="",await this.session.handleIncomingRedirect({restorePreviousSession:!0,url:n.href});const i=window.localStorage.getItem("preLoginRedirectHash");if(i){const e=new URL(window.location.href);e.hash!==i&&(history.pushState?history.pushState(null,document.title,i):location.hash=i,e.hash=i),window.localStorage.setItem("preLoginRedirectHash","")}let o=rr();if(o)return Promise.resolve(t?t(o):o);const s=this.webIdFromSession(this.session.info);return s&&(o=this.saveUser(s)),o&&e(`(Logged in as ${o} by authentication)`),Promise.resolve(t?t(o):o)}saveUser(e,t){let r;if(e){r="string"==typeof e?e:e.uri;const n=(0,Gt.namedNode)(r);return t&&(t.me=n),n}return null}webIdFromSession(e){return e?.webId&&e.isLoggedIn?e.webId:null}}function ir(e){return(0,Gt.sym)(e.uri+"#id"+Date.now())}function or(e){return!e||`${window.location.origin}/`!==new URL(e.value).origin}const sr="index.ttl#this";function ar(e,t){const r=Qt;async function n(t,r,n){await e.fetcher.load(t);const i=e.any(t,new Gt.NamedNode("http://www.iana.org/assignments/link-relations/acl"));if(!i)throw new Error("Chat ACL doc not found!");const o=`\n            @prefix acl: <http://www.w3.org/ns/auth/acl#>.\n            <#owner>\n            a acl:Authorization;\n            acl:agent <${r.value}>;\n            acl:accessTo <.>;\n            acl:default <.>;\n            acl:mode\n                acl:Read, acl:Write, acl:Control.\n            <#invitee>\n            a acl:Authorization;\n            acl:agent <${n.value}>;\n            acl:accessTo <.>;\n            acl:default <.>;\n            acl:mode\n                acl:Read, acl:Append.\n            `;await e.fetcher.webOperation("PUT",i.value,{data:o,contentType:"text/turtle"})}async function i(t,n){const i=e.any(n,r.solid("privateTypeIndex"));if(!i)throw new Error("Private type index not found!");await e.fetcher.load(i);const o=ir(i),s=[(0,Gt.st)(o,r.rdf("type"),r.solid("TypeRegistration"),i.doc()),(0,Gt.st)(o,r.solid("forClass"),r.meeting("LongChat"),i.doc()),(0,Gt.st)(o,r.solid("instance"),t,i.doc())];await new Promise((t,r)=>{e.updater.update([],s,function(e,n,i){n?t(null):r(new Error(i))})})}async function o(r){const n=await t.loadMe(),i=function(e,t){const r=new URL(`IndividualChats/${new URL(e.value).host}/`,t.value).toString();return new Gt.NamedNode(r)}(r,await t.getPodRoot(n));let o=!0;try{await e.fetcher.load(new Gt.NamedNode(i.value+"index.ttl#this"))}catch(e){o=!1}return{me:n,chatContainer:i,exists:o}}async function s(e,t){return(await a({me:t,newBase:e.value})).newInstance}function a(t){const n=e,i=n.updater;if(t.me&&!t.me.uri)throw new Error("chat mintNew:  Invalid userid "+t.me);const o=t.newInstance=t.newInstance||n.sym(t.newBase+sr),s=o.doc();return n.add(o,r.rdf("type"),r.meeting("LongChat"),s),n.add(o,r.dc("title"),"Chat channel",s),n.add(o,r.dc("created"),(0,Gt.term)(new Date(Date.now())),s),t.me&&n.add(o,r.dc("author"),t.me,s),new Promise(function(e,r){i?.put(s,n.statementsMatching(void 0,void 0,void 0,s),"text/turtle",function(n,i,s){i?e({...t,newInstance:o}):r(new Error("FAILED to save new chat channel at: "+n+" : "+s))})})}async function u(t,n){await e.fetcher.load(t.doc());const i=e.any(t,r.ldp("inbox"),void 0,t.doc());if(!i)throw new Error(`Invitee inbox not found! ${t.value}`);const o=`\n        <> a <http://www.w3.org/ns/pim/meeting#LongChatInvite> ;\n        ${r.rdf("seeAlso")} <${n.value}> .\n        `,s=await(e.fetcher?.webOperation("POST",i.value,{data:o,contentType:"text/turtle"})),a=s?.headers.get("location");if(!a)throw new Error(`Invite sending returned a ${s?.status}`)}return{setAcl:n,addToPrivateTypeIndex:i,findChat:o,createChatThing:s,getChat:async function(e,t=!0){const{me:r,chatContainer:a,exists:c}=await o(e);if(c)return new Gt.NamedNode(a.value+sr);if(t){const t=await s(a,r);return await u(e,t),await n(a,r,e),await i(t,r),t}return null},sendInvite:u,mintNew:a}}function ur(e,t,r,n,i){return{createInboxFor:async function(e,i){const o=await t.loadMe(),s=`${(await t.getPodRoot(o)).value}p2p-inboxes/${encodeURIComponent(i)}/`;return await n.createContainer(s),await r.setSinglePeerAccess({ownerWebId:o.value,peerWebId:e,accessToModes:"acl:Append",target:s}),s},getNewMessages:async function(e){e||(e=await t.loadMe());const r=await t.getMainInbox(e);return(await n.getContainerMembers(r)).filter(e=>!n.isContainer(e))},markAsRead:async function(t,r){const n=await e.fetcher._fetch(t);if(200!==n.status)throw new Error(`Not OK! ${t}`);const i=function(e,t){const r=t.getUTCFullYear(),n=("0"+(t.getUTCMonth()+1)).slice(-2),i=("0"+t.getUTCDate()).slice(-2),o=e.split("/"),s=o[o.length-1];return new URL(`./archive/${r}/${n}/${i}/${s}`,e).toString()}(t,r),o={method:"PUT",body:await n.text(),headers:[["Content-Type",n.headers.get("Content-Type")||"application/octet-stream"]]};"2"===(await e.fetcher._fetch(i,o)).status.toString()[0]&&await e.fetcher._fetch(t,{method:"DELETE"})}}}class cr extends Error{constructor(e){super(e),Object.setPrototypeOf(this,new.target.prototype),this.name=new.target.name}}class hr extends cr{}class lr extends cr{}class dr extends cr{}class fr extends cr{}class pr extends cr{}class gr extends cr{}class yr extends cr{status;constructor(e,t){super(t),this.status=e}}function vr(e,r,n){const i=Qt;async function o(r){await s(r);const o=function(e){const t=e.uri.replace("/profile/","/").replace("/public/","/").split("/").slice(0,-1).join("/")+"/Settings/Preferences.ttl";return(0,Gt.sym)(t)}(r);let a;try{a=await n.followOrCreateLink(r,i.space("preferencesFile"),o,r.doc())}catch(e){if(t(`User ${r} has no pointer in profile to preferences file.`),e instanceof pr)throw e;if(e instanceof gr)throw e;if(e instanceof hr)throw e;if(e instanceof lr)throw e;if(e instanceof dr)throw e;if(e instanceof yr)throw e;throw e}try{await e.fetcher.load(a)}catch(e){const n=`Unable to load preference of user ${r}: ${e}`;if(t(n),401===e.response.status)throw new hr;if(403===e.response.status){if(or(a))throw new lr;throw new dr}throw new Error(n)}return a}async function s(t){if(!t)throw new Error("loadProfile: no user given.");try{await e.fetcher.load(t.doc())}catch(e){throw new Error(`Unable to load profile of user ${t}: ${e}`)}return t.doc()}function a(t){return e.any(t,i.space("storage"),void 0,t.doc())}return{loadMe:async function(){const t=r.currentUser();if(null===t)throw new Error("Current user not found! Not logged in?");return await e.fetcher.load(t.doc()),t},getPodRoot:function(e){const t=a(e);if(!t)throw new Error("User pod root not found!");return t},getMainInbox:async function(t){await e.fetcher.load(t);const r=e.any(t,i.ldp("inbox"),void 0,t.doc());if(!r)throw new Error("User main inbox not found!");return r},findStorage:a,loadPreferences:o,loadProfile:s,silencedLoadPreferences:async function(e){try{return await o(e)}catch(e){return}}}}function mr(e,r,n,i){const o=Qt;async function s(r){if(!r)throw new Error("loadTypeIndexesFor: No user given");const s=await n.loadProfile(r),a=h(r);let u;try{u=await i.followOrCreateLink(r,o.solid("publicTypeIndex"),a,s)}catch(e){t(`User ${r} has no pointer in profile to publicTypeIndex file.`)}const c=u?[{label:"public",index:u,agent:r}]:[];let d,f;try{d=await n.silencedLoadPreferences(r)}catch(e){d=null}if(d){const n=l(d);let a;try{a=e.any(r,o.solid("privateTypeIndex"),void 0,s)||await i.followOrCreateLink(r,o.solid("privateTypeIndex"),n,d)}catch(e){t(`User ${r} has no pointer in preference file to privateTypeIndex file.`)}f=a?[{label:"private",index:a,agent:r}]:[]}else f=[];const p=c.concat(f);if(0===p.length)return p;const g=p.map(e=>e.index);try{await e.fetcher.load(g)}catch(e){t("Problems loading type index: ",e)}return p}async function a(r){let i;try{i=await n.silencedLoadPreferences(r)}catch(e){t(`User ${r} has no pointer in profile to preferences file.`)}if(i){const t=e.each(r,o.solid("community"),void 0,i).concat(e.each(r,o.solid("community"),void 0,r.doc()));let n=[];for(const e of t)n=n.concat(await s(e));return n}return[]}async function u(e){return(await s(e)).concat((await a(e)).flat())}async function c(e,t){const r=await u(t);let n=[];for(const t of r){const r=await d(t,e);n=n.concat(r)}return n}function h(e){return(0,Gt.sym)(e.doc().dir()?.uri+"publicTypeIndex.ttl")}function l(e){return(0,Gt.sym)(e.doc().dir()?.uri+"privateTypeIndex.ttl")}async function d(t,r){const n=t.index,i=[],s=e.statementsMatching(null,o.solid("instance"),null,n).concat(e.statementsMatching(null,o.solid("instanceContainer"),null,n)).map(e=>e.subject);for(const a of s){const s=e.any(a,o.solid("forClass"),null,n);if(!r||s.sameTerm(r)){const r=e.each(a,o.solid("instance"),null,n);for(const e of r)i.push({instance:e,type:s,scope:t});const u=e.each(a,o.solid("instanceContainer"),null,n);for(const r of u)await e.fetcher.load(r),i.push({instance:(0,Gt.sym)(r.value),type:s,scope:t})}}return i}return{registerInTypeIndex:async function(t,r,n){const i=ir(r),s=[(0,Gt.st)(i,o.rdf("type"),o.solid("TypeRegistration"),r),(0,Gt.st)(i,o.solid("forClass"),n,r),(0,Gt.st)(i,o.solid("instance"),t,r)];try{await e.updater.update([],s)}catch(e){const n=`Unable to register ${t} in index ${r}: ${e}`;return console.warn(n),null}return i},getRegistrations:function(t,r){return e.each(void 0,o.solid("instance"),t).filter(t=>e.holds(t,o.solid("forClass"),r))},loadTypeIndexesFor:s,loadCommunityTypeIndexes:a,loadAllTypeIndexes:u,getScopedAppInstances:c,getAppInstances:async function(e){const t=r.currentUser();if(!t)throw new Error("getAppInstances: Must be logged in to find apps.");return(await c(e,t)).map(e=>e.instance)},suggestPublicTypeIndex:h,suggestPrivateTypeIndex:l,deleteTypeIndexRegistration:async function(t){const r=e.the(null,o.solid("instance"),t.instance,t.scope.index);if(!r)throw new Error(`deleteTypeIndexRegistration: No registration found for ${t.instance}`);const n=e.statementsMatching(r,null,null,t.scope.index);await e.updater.update(n,[])},getScopedAppsFromIndex:d}}const wr=function(r,n){e("SolidLogic: Unique instance created.  There should only be one of these.");const i=Gt.graph();Gt.fetcher(i,{fetch:r.fetch}),i.updater=new Gt.UpdateManager(i),i.features=[];const o=new nr(n),s=er(i),a=function(e){function t(t){return e.statementsMatching(t,(0,Gt.sym)("http://www.w3.org/ns/ldp#contains"),void 0).map(e=>e.object)}function r(e){const t=e.value;return"/"===t.charAt(t.length-1)}return{isContainer:r,createContainer:async function(t){if(!r((0,Gt.sym)(t)))throw new Error(`Not a container URL ${t}`);const n=await e.fetcher._fetch(t,{method:"PUT",headers:{"Content-Type":"text/turtle","If-None-Match":"*",Link:'<http://www.w3.org/ns/ldp#BasicContainer>; rel="type"'},body:" "});if("2"!==n.status.toString()[0])throw new Error(`Not OK: got ${n.status} response while creating container at ${t}`)},getContainerElements:t,getContainerMembers:async function(r){return await e.fetcher.load(r),t(r)}}}(i),u=function(r,n,i){async function o(e){let t;try{t=await r.fetcher.load(e)}catch(t){if(404!==t.response.status){if(401===t.response.status)throw new hr;if(403===t.response.status){if(or(e))throw new lr;throw new dr}const r="createIfNotExists doc load error NOT 404:  "+e+": "+t;throw new yr(t.status,t.message+r)}try{await r.fetcher.webOperation("PUT",e,{data:"",contentType:"text/turtle"})}catch(t){throw new gr("createIfNotExists: PUT FAILED: "+e+": "+t)}await r.fetcher.load(e)}return t}return{recursiveDelete:async function t(o){try{if(i.isContainer(o)){const e=await n.findAclDocUrl(o);await r.fetcher._fetch(e,{method:"DELETE"});const s=await i.getContainerMembers(o);await Promise.all(s.map(e=>t(e)))}const e=o.value;return r.fetcher._fetch(e,{method:"DELETE"})}catch(t){e(`Please manually remove ${o.value} from your system.`,t)}},setSinglePeerAccess:async function(e){let t=["@prefix acl: <http://www.w3.org/ns/auth/acl#>.","",`<#alice> a acl:Authorization;\n  acl:agent <${e.ownerWebId}>;`,`  acl:accessTo <${e.target}>;`,`  acl:default <${e.target}>;`,"  acl:mode acl:Read, acl:Write, acl:Control.",""].join("\n");e.accessToModes&&(t+=["<#bobAccessTo> a acl:Authorization;",`  acl:agent <${e.peerWebId}>;`,`  acl:accessTo <${e.target}>;`,`  acl:mode ${e.accessToModes}.`,""].join("\n")),e.defaultModes&&(t+=["<#bobDefault> a acl:Authorization;",`  acl:agent <${e.peerWebId}>;`,`  acl:default <${e.target}>;`,`  acl:mode ${e.defaultModes}.`,""].join("\n"));const i=await n.findAclDocUrl((0,Gt.sym)(e.target));return r.fetcher._fetch(i,{method:"PUT",body:t,headers:[["Content-Type","text/turtle"]]})},createEmptyRdfDoc:async function(e,t){await r.fetcher.webOperation("PUT",e.uri,{data:`# ${new Date} ${t}\n  `,contentType:"text/turtle"})},followOrCreateLink:async function(e,n,i,s){await r.fetcher.load(s);const a=r.any(e,n,null,s);if(a)return a;if(!r.updater.editable(s)){const e=`followOrCreateLink: cannot edit ${s.value}`;throw t(e),new pr(e)}try{await r.updater.update([],[(0,Gt.st)(e,n,i,s)])}catch(e){throw t(`followOrCreateLink: Error making link in ${s} to ${i}: ${e}`),new gr(e)}try{await o(i)}catch(e){throw t(`followOrCreateLink: Error loading or saving new linked document: ${i}: ${e}`),e}return i},loadOrCreateIfNotExists:o}}(i,s,a),c=vr(i,o,u),h=ar(i,c),l=ur(i,c,u,a),d=mr(i,o,c,u);return e("SolidAuthnLogic initialized"),{store:i,authn:o,acl:s,inbox:l,chat:h,profile:c,typeIndex:d,load:function(e){return i.fetcher.load(e)},updatePromise:function(e,t=[]){return new Promise((r,n)=>{i.updater.update(e,t,function(e,t,i){t?r():n(new Error(i))})})},clearStore:function(){i.statements.slice().forEach(i.remove.bind(i))}}}({fetch:async(e,t)=>{const r=t&&t.credentials&&"omit"==t.credentials;return Yt.info.webId&&!r?Yt.fetch(e,t):window.fetch(e,t)}},Yt);e("Unique quadstore initialized.");const _r=[{name:"Solid Community",uri:"https://solidcommunity.net"},{name:"Solid Web",uri:"https://solidweb.org"},{name:"Solid Web ME",uri:"https://solidweb.me"},{name:"Inrupt.com",uri:"https://login.inrupt.com"}];function Sr(){const e=[..._r],{host:t,origin:r}=new URL(location.href),n=e.map(({uri:e})=>new URL(e).host);return n.includes(t)||n.some(e=>function(e,t){const r=e.length-t.length-1;return r>0&&"."===e[r]&&e.endsWith(t)}(t,e))||e.unshift({name:t,uri:r}),e}const br=wr.authn,Er=wr.authn.authSession,Fr=wr.store})(),i})());
 //# sourceMappingURL=solid-logic.external.min.js.map