web-mojo 2.2.102 → 2.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +7 -0
- package/dist/admin.cjs.js +1 -1
- package/dist/admin.es.js +1 -1
- package/dist/auth.cjs.js +1 -1
- package/dist/auth.cjs.js.map +1 -1
- package/dist/auth.es.js +1 -1
- package/dist/auth.es.js.map +1 -1
- package/dist/charts.cjs.js +1 -1
- package/dist/charts.es.js +1 -1
- package/dist/chunks/{AssistantPanelView-CMRTtoqS.js → AssistantPanelView-BG34Qbfj.js} +2 -2
- package/dist/chunks/{AssistantPanelView-CMRTtoqS.js.map → AssistantPanelView-BG34Qbfj.js.map} +1 -1
- package/dist/chunks/{AssistantPanelView-CaVkWhVD.js → AssistantPanelView-DCEV6VeI.js} +2 -2
- package/dist/chunks/{AssistantPanelView-CaVkWhVD.js.map → AssistantPanelView-DCEV6VeI.js.map} +1 -1
- package/dist/chunks/{TokenManager-CFsr1qUV.js → TokenManager-CcQFvaFD.js} +2 -2
- package/dist/chunks/{TokenManager-CFsr1qUV.js.map → TokenManager-CcQFvaFD.js.map} +1 -1
- package/dist/chunks/{TokenManager-CHQxK_e5.js → TokenManager-DEWZqbuo.js} +2 -2
- package/dist/chunks/{TokenManager-CHQxK_e5.js.map → TokenManager-DEWZqbuo.js.map} +1 -1
- package/dist/chunks/admin-B5tf0zOO.js +2 -0
- package/dist/chunks/admin-B5tf0zOO.js.map +1 -0
- package/dist/chunks/admin-CGoTpXfs.js +2 -0
- package/dist/chunks/admin-CGoTpXfs.js.map +1 -0
- package/dist/chunks/{exportChart-DbsHDCxw.js → exportChart-BTJBYkOz.js} +2 -2
- package/dist/chunks/exportChart-BTJBYkOz.js.map +1 -0
- package/dist/chunks/{exportChart-Dk8D_du5.js → exportChart-kQ-we4Cp.js} +2 -2
- package/dist/chunks/exportChart-kQ-we4Cp.js.map +1 -0
- package/dist/chunks/version-BURwX10Q.js +2 -0
- package/dist/chunks/version-BURwX10Q.js.map +1 -0
- package/dist/chunks/version-CYGIXntv.js +2 -0
- package/dist/chunks/version-CYGIXntv.js.map +1 -0
- package/dist/docit.cjs.js +1 -1
- package/dist/docit.es.js +1 -1
- package/dist/index.cjs.js +1 -1
- package/dist/index.cjs.js.map +1 -1
- package/dist/index.es.js +1 -1
- package/dist/index.es.js.map +1 -1
- package/dist/lightbox.cjs.js +1 -1
- package/dist/lightbox.es.js +1 -1
- package/dist/mojo-auth.es.js +94 -65
- package/dist/mojo-auth.umd.js +1 -1
- package/package.json +1 -1
- package/dist/chunks/admin-BkxeK68u.js +0 -2
- package/dist/chunks/admin-BkxeK68u.js.map +0 -1
- package/dist/chunks/admin-vjoNbv_1.js +0 -2
- package/dist/chunks/admin-vjoNbv_1.js.map +0 -1
- package/dist/chunks/exportChart-DbsHDCxw.js.map +0 -1
- package/dist/chunks/exportChart-Dk8D_du5.js.map +0 -1
- package/dist/chunks/version-B0cBv8MN.js +0 -2
- package/dist/chunks/version-B0cBv8MN.js.map +0 -1
- package/dist/chunks/version-DtqCY0ZY.js +0 -2
- package/dist/chunks/version-DtqCY0ZY.js.map +0 -1
package/dist/mojo-auth.es.js
CHANGED
|
@@ -17,20 +17,21 @@ var y = k((S, p) => {
|
|
|
17
17
|
passkeyLoginComplete: "/api/auth/passkeys/login/complete",
|
|
18
18
|
oauthBegin: "/api/auth/oauth/{provider}/begin",
|
|
19
19
|
oauthComplete: "/api/auth/oauth/{provider}/complete",
|
|
20
|
-
refreshToken: "/api/refresh_token"
|
|
20
|
+
refreshToken: "/api/refresh_token",
|
|
21
|
+
exchangeAuthCode: "/api/auth/exchange"
|
|
21
22
|
};
|
|
22
|
-
function i(e,
|
|
23
|
-
var
|
|
24
|
-
return
|
|
25
|
-
|
|
26
|
-
}), g.replace(/\/$/, "") +
|
|
23
|
+
function i(e, t) {
|
|
24
|
+
var n = u[e] || w[e] || "";
|
|
25
|
+
return t && Object.keys(t).forEach(function(r) {
|
|
26
|
+
n = n.replace("{" + r + "}", t[r]);
|
|
27
|
+
}), g.replace(/\/$/, "") + n;
|
|
27
28
|
}
|
|
28
|
-
function s(e,
|
|
29
|
-
var
|
|
29
|
+
function s(e, t, n) {
|
|
30
|
+
var r = Object.assign({ "Content-Type": "application/json" }, {});
|
|
30
31
|
return fetch(e, {
|
|
31
32
|
method: "POST",
|
|
32
|
-
headers:
|
|
33
|
-
body: JSON.stringify(
|
|
33
|
+
headers: r,
|
|
34
|
+
body: JSON.stringify(t || {})
|
|
34
35
|
}).then(function(o) {
|
|
35
36
|
return o.json().then(function(a) {
|
|
36
37
|
if (!o.ok) throw a;
|
|
@@ -38,36 +39,36 @@ var y = k((S, p) => {
|
|
|
38
39
|
});
|
|
39
40
|
});
|
|
40
41
|
}
|
|
41
|
-
function m(e,
|
|
42
|
+
function m(e, t) {
|
|
42
43
|
return fetch(e, {
|
|
43
44
|
method: "GET",
|
|
44
45
|
headers: Object.assign({ "Content-Type": "application/json" }, {})
|
|
45
|
-
}).then(function(
|
|
46
|
-
return
|
|
47
|
-
if (!
|
|
48
|
-
return
|
|
46
|
+
}).then(function(n) {
|
|
47
|
+
return n.json().then(function(r) {
|
|
48
|
+
if (!n.ok) throw r;
|
|
49
|
+
return r;
|
|
49
50
|
});
|
|
50
51
|
});
|
|
51
52
|
}
|
|
52
53
|
function h(e) {
|
|
53
|
-
var
|
|
54
|
-
if (!
|
|
55
|
-
return localStorage.setItem(c.access,
|
|
54
|
+
var t = e && e.data ? e.data : e;
|
|
55
|
+
if (!t || !t.access_token) throw new Error("No access_token in response");
|
|
56
|
+
return localStorage.setItem(c.access, t.access_token), t.refresh_token && localStorage.setItem(c.refresh, t.refresh_token), t;
|
|
56
57
|
}
|
|
57
58
|
function v(e) {
|
|
58
59
|
return e ? typeof e == "string" ? e : e.message || e.error || Array.isArray(e.errors) && e.errors[0] && e.errors[0].message || "An error occurred" : "An error occurred";
|
|
59
60
|
}
|
|
60
|
-
function
|
|
61
|
-
for (var
|
|
62
|
-
|
|
63
|
-
return
|
|
61
|
+
function f(e) {
|
|
62
|
+
for (var t = e.replace(/-/g, "+").replace(/_/g, "/"), n = atob(t), r = new Uint8Array(n.length), o = 0; o < n.length; o++)
|
|
63
|
+
r[o] = n.charCodeAt(o);
|
|
64
|
+
return r.buffer;
|
|
64
65
|
}
|
|
65
66
|
function l(e) {
|
|
66
|
-
for (var
|
|
67
|
-
|
|
68
|
-
return btoa(
|
|
67
|
+
for (var t = new Uint8Array(e), n = "", r = 0; r < t.byteLength; r++)
|
|
68
|
+
n += String.fromCharCode(t[r]);
|
|
69
|
+
return btoa(n).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
|
|
69
70
|
}
|
|
70
|
-
var
|
|
71
|
+
var d = {
|
|
71
72
|
/**
|
|
72
73
|
* Initialize the library. Must be called before any auth method.
|
|
73
74
|
* @param {object} config
|
|
@@ -91,10 +92,10 @@ var y = k((S, p) => {
|
|
|
91
92
|
* NOTE: If MFA is enabled, the response will contain { mfa_required: true, mfa_token, mfa_methods }
|
|
92
93
|
* instead of tokens. Check result.mfa_required before assuming login is complete.
|
|
93
94
|
*/
|
|
94
|
-
login: function(e,
|
|
95
|
-
return s(i("login"), { username: e, password:
|
|
96
|
-
var
|
|
97
|
-
return
|
|
95
|
+
login: function(e, t) {
|
|
96
|
+
return s(i("login"), { username: e, password: t }).then(function(n) {
|
|
97
|
+
var r = n.data || n;
|
|
98
|
+
return r.mfa_required ? r : h(n);
|
|
98
99
|
});
|
|
99
100
|
},
|
|
100
101
|
// -----------------------------------------------------------------------
|
|
@@ -116,11 +117,11 @@ var y = k((S, p) => {
|
|
|
116
117
|
* @param {string} newPassword
|
|
117
118
|
* @returns {Promise<object>}
|
|
118
119
|
*/
|
|
119
|
-
resetWithCode: function(e,
|
|
120
|
+
resetWithCode: function(e, t, n) {
|
|
120
121
|
return s(i("resetWithCode"), {
|
|
121
122
|
email: e,
|
|
122
|
-
code:
|
|
123
|
-
new_password:
|
|
123
|
+
code: t,
|
|
124
|
+
new_password: n
|
|
124
125
|
}).then(h);
|
|
125
126
|
},
|
|
126
127
|
// -----------------------------------------------------------------------
|
|
@@ -141,10 +142,10 @@ var y = k((S, p) => {
|
|
|
141
142
|
* @param {string} newPassword
|
|
142
143
|
* @returns {Promise<object>}
|
|
143
144
|
*/
|
|
144
|
-
resetWithToken: function(e,
|
|
145
|
+
resetWithToken: function(e, t) {
|
|
145
146
|
return s(i("resetWithToken"), {
|
|
146
147
|
token: e,
|
|
147
|
-
new_password:
|
|
148
|
+
new_password: t
|
|
148
149
|
}).then(h);
|
|
149
150
|
},
|
|
150
151
|
// -----------------------------------------------------------------------
|
|
@@ -173,11 +174,11 @@ var y = k((S, p) => {
|
|
|
173
174
|
* @returns {Promise<object|null>} resolves with auth data or null if no token found
|
|
174
175
|
*/
|
|
175
176
|
handleMagicTokenFromURL: function() {
|
|
176
|
-
var e = new URLSearchParams(window.location.search),
|
|
177
|
-
if (!
|
|
177
|
+
var e = new URLSearchParams(window.location.search), t = e.get("token");
|
|
178
|
+
if (!t || t.indexOf("ml:") !== 0) return Promise.resolve(null);
|
|
178
179
|
e.delete("token");
|
|
179
|
-
var
|
|
180
|
-
return window.history.replaceState({}, "",
|
|
180
|
+
var n = e.toString() ? window.location.pathname + "?" + e.toString() : window.location.pathname;
|
|
181
|
+
return window.history.replaceState({}, "", n), d.loginWithMagicToken(t);
|
|
181
182
|
},
|
|
182
183
|
// -----------------------------------------------------------------------
|
|
183
184
|
// Passkey Login (WebAuthn)
|
|
@@ -197,14 +198,14 @@ var y = k((S, p) => {
|
|
|
197
198
|
* @returns {Promise<object>}
|
|
198
199
|
*/
|
|
199
200
|
loginWithPasskeyDiscoverable: function() {
|
|
200
|
-
return
|
|
201
|
-
var
|
|
202
|
-
return
|
|
203
|
-
return Object.assign({}, o, { id:
|
|
204
|
-
})), navigator.credentials.get({ publicKey:
|
|
201
|
+
return d.isPasskeySupported() ? s(i("passkeyLoginBegin"), {}).then(function(e) {
|
|
202
|
+
var t = e.data || e, n = t.challenge_id, r = t.publicKey;
|
|
203
|
+
return r.challenge = f(r.challenge), r.allowCredentials && (r.allowCredentials = r.allowCredentials.map(function(o) {
|
|
204
|
+
return Object.assign({}, o, { id: f(o.id) });
|
|
205
|
+
})), navigator.credentials.get({ publicKey: r }).then(function(o) {
|
|
205
206
|
if (!o) throw new Error("No credential received from authenticator");
|
|
206
207
|
return s(i("passkeyLoginComplete"), {
|
|
207
|
-
challenge_id:
|
|
208
|
+
challenge_id: n,
|
|
208
209
|
credential: {
|
|
209
210
|
id: o.id,
|
|
210
211
|
rawId: l(o.rawId),
|
|
@@ -228,14 +229,14 @@ var y = k((S, p) => {
|
|
|
228
229
|
* @returns {Promise<object>}
|
|
229
230
|
*/
|
|
230
231
|
loginWithPasskey: function(e) {
|
|
231
|
-
return
|
|
232
|
-
var
|
|
233
|
-
return o.challenge =
|
|
234
|
-
return Object.assign({}, a, { id:
|
|
232
|
+
return d.isPasskeySupported() ? s(i("passkeyLoginBegin"), { username: e }).then(function(t) {
|
|
233
|
+
var n = t.data || t, r = n.challenge_id, o = n.publicKey;
|
|
234
|
+
return o.challenge = f(o.challenge), o.allowCredentials && (o.allowCredentials = o.allowCredentials.map(function(a) {
|
|
235
|
+
return Object.assign({}, a, { id: f(a.id) });
|
|
235
236
|
})), navigator.credentials.get({ publicKey: o }).then(function(a) {
|
|
236
237
|
if (!a) throw new Error("No credential received from authenticator");
|
|
237
238
|
return s(i("passkeyLoginComplete"), {
|
|
238
|
-
challenge_id:
|
|
239
|
+
challenge_id: r,
|
|
239
240
|
credential: {
|
|
240
241
|
id: a.id,
|
|
241
242
|
rawId: l(a.rawId),
|
|
@@ -269,17 +270,17 @@ var y = k((S, p) => {
|
|
|
269
270
|
* allowed by the backend (ALLOWED_REDIRECT_URLS or per-group).
|
|
270
271
|
* @returns {Promise<void>}
|
|
271
272
|
*/
|
|
272
|
-
startOAuthLogin: function(e,
|
|
273
|
+
startOAuthLogin: function(e, t) {
|
|
273
274
|
sessionStorage.setItem("oauth_provider", e);
|
|
274
|
-
var
|
|
275
|
-
return m(
|
|
275
|
+
var n = t || window.location.origin + window.location.pathname, r = i("oauthBegin", { provider: e }) + "?redirect_uri=" + encodeURIComponent(n);
|
|
276
|
+
return m(r).then(function(o) {
|
|
276
277
|
var a = o.data || o;
|
|
277
278
|
if (!a.auth_url) throw new Error("No auth_url in OAuth begin response");
|
|
278
279
|
window.location.href = a.auth_url;
|
|
279
280
|
});
|
|
280
281
|
},
|
|
281
282
|
startGoogleLogin: function(e) {
|
|
282
|
-
return
|
|
283
|
+
return d.startOAuthLogin("google", e);
|
|
283
284
|
},
|
|
284
285
|
/**
|
|
285
286
|
* Complete OAuth login for any provider — call this on your OAuth callback page.
|
|
@@ -289,15 +290,43 @@ var y = k((S, p) => {
|
|
|
289
290
|
* @returns {Promise<object>}
|
|
290
291
|
*/
|
|
291
292
|
completeOAuthLogin: function(e) {
|
|
292
|
-
var
|
|
293
|
-
return
|
|
294
|
-
code:
|
|
295
|
-
state:
|
|
293
|
+
var t = new URLSearchParams(window.location.search), n = t.get("code"), r = t.get("state");
|
|
294
|
+
return n ? s(i("oauthComplete", { provider: e }), {
|
|
295
|
+
code: n,
|
|
296
|
+
state: r
|
|
296
297
|
}).then(h) : Promise.reject(new Error("No OAuth code in URL"));
|
|
297
298
|
},
|
|
298
299
|
/** @deprecated use completeOAuthLogin('google') */
|
|
299
300
|
completeGoogleLogin: function() {
|
|
300
|
-
return
|
|
301
|
+
return d.completeOAuthLogin("google");
|
|
302
|
+
},
|
|
303
|
+
// -----------------------------------------------------------------------
|
|
304
|
+
// Cross-Origin Auth Handoff
|
|
305
|
+
// -----------------------------------------------------------------------
|
|
306
|
+
/**
|
|
307
|
+
* Exchange a one-time auth handoff code for access + refresh tokens.
|
|
308
|
+
* The auth domain mints the code via /api/auth/handoff and appends it
|
|
309
|
+
* as ?auth_code= on the redirect to the consuming app. Single-use,
|
|
310
|
+
* 60s TTL — server-enforced.
|
|
311
|
+
* Stores tokens on success.
|
|
312
|
+
* @param {string} code - 32-hex auth handoff code from ?auth_code=
|
|
313
|
+
* @returns {Promise<object>} response data ({ access_token, refresh_token, user })
|
|
314
|
+
*/
|
|
315
|
+
exchangeAuthCode: function(e) {
|
|
316
|
+
return s(i("exchangeAuthCode"), { code: e }).then(h);
|
|
317
|
+
},
|
|
318
|
+
/**
|
|
319
|
+
* Convenience: read ?auth_code= from current URL and exchange it for
|
|
320
|
+
* tokens. Cleans the param from the URL *before* the network call so
|
|
321
|
+
* a slow exchange can't leak the code to third-party scripts.
|
|
322
|
+
* @returns {Promise<object|null>} resolves with auth data or null if no code found
|
|
323
|
+
*/
|
|
324
|
+
handleAuthCodeFromURL: function() {
|
|
325
|
+
var e = new URLSearchParams(window.location.search), t = e.get("auth_code");
|
|
326
|
+
if (!t) return Promise.resolve(null);
|
|
327
|
+
e.delete("auth_code");
|
|
328
|
+
var n = window.location.pathname + (e.toString() ? "?" + e.toString() : "") + (window.location.hash || "");
|
|
329
|
+
return window.history.replaceState({}, "", n), d.exchangeAuthCode(t);
|
|
301
330
|
},
|
|
302
331
|
// -----------------------------------------------------------------------
|
|
303
332
|
// Session helpers
|
|
@@ -346,10 +375,10 @@ var y = k((S, p) => {
|
|
|
346
375
|
var e = localStorage.getItem(c.access);
|
|
347
376
|
if (!e) return null;
|
|
348
377
|
try {
|
|
349
|
-
var
|
|
350
|
-
if (
|
|
351
|
-
var
|
|
352
|
-
return
|
|
378
|
+
var t = e.split(".");
|
|
379
|
+
if (t.length !== 3) return null;
|
|
380
|
+
var n = t[1].replace(/-/g, "+").replace(/_/g, "/"), r = 4 - n.length % 4;
|
|
381
|
+
return r !== 4 && (n += "====".slice(0, r)), JSON.parse(atob(n));
|
|
353
382
|
} catch {
|
|
354
383
|
return null;
|
|
355
384
|
}
|
|
@@ -360,7 +389,7 @@ var y = k((S, p) => {
|
|
|
360
389
|
* @returns {boolean}
|
|
361
390
|
*/
|
|
362
391
|
isTokenExpired: function() {
|
|
363
|
-
var e =
|
|
392
|
+
var e = d.getTokenPayload();
|
|
364
393
|
return !e || !e.exp ? !0 : Math.floor(Date.now() / 1e3) >= e.exp;
|
|
365
394
|
},
|
|
366
395
|
/**
|
|
@@ -383,7 +412,7 @@ var y = k((S, p) => {
|
|
|
383
412
|
*/
|
|
384
413
|
getError: v
|
|
385
414
|
};
|
|
386
|
-
return
|
|
415
|
+
return d;
|
|
387
416
|
});
|
|
388
417
|
});
|
|
389
418
|
export default y();
|
package/dist/mojo-auth.umd.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
(function(
|
|
1
|
+
(function(d){typeof define=="function"&&define.amd?define(d):d()})((function(){"use strict";(function(d,f){typeof define=="function"&&define.amd?define([],f):typeof module<"u"&&module.exports?module.exports=f():d.MojoAuth=f()})(typeof globalThis<"u"?globalThis:typeof window<"u"?window:void 0,function(){var d="",f={},u={access:"access_token",refresh:"refresh_token"},p={login:"/api/login",forgotPassword:"/api/auth/forgot",resetWithCode:"/api/auth/password/reset/code",resetWithToken:"/api/auth/password/reset/token",magicSend:"/api/auth/magic/send",magicLogin:"/api/auth/magic/login",passkeyLoginBegin:"/api/auth/passkeys/login/begin",passkeyLoginComplete:"/api/auth/passkeys/login/complete",oauthBegin:"/api/auth/oauth/{provider}/begin",oauthComplete:"/api/auth/oauth/{provider}/complete",refreshToken:"/api/refresh_token",exchangeAuthCode:"/api/auth/exchange"};function i(e,n){var t=f[e]||p[e]||"";return n&&Object.keys(n).forEach(function(r){t=t.replace("{"+r+"}",n[r])}),d.replace(/\/$/,"")+t}function s(e,n,t){var r=Object.assign({"Content-Type":"application/json"},{});return fetch(e,{method:"POST",headers:r,body:JSON.stringify(n||{})}).then(function(o){return o.json().then(function(a){if(!o.ok)throw a;return a})})}function w(e,n){return fetch(e,{method:"GET",headers:Object.assign({"Content-Type":"application/json"},{})}).then(function(t){return t.json().then(function(r){if(!t.ok)throw r;return r})})}function l(e){var n=e&&e.data?e.data:e;if(!n||!n.access_token)throw new Error("No access_token in response");return localStorage.setItem(u.access,n.access_token),n.refresh_token&&localStorage.setItem(u.refresh,n.refresh_token),n}function m(e){return e?typeof e=="string"?e:e.message||e.error||Array.isArray(e.errors)&&e.errors[0]&&e.errors[0].message||"An error occurred":"An error occurred"}function g(e){for(var n=e.replace(/-/g,"+").replace(/_/g,"/"),t=atob(n),r=new Uint8Array(t.length),o=0;o<t.length;o++)r[o]=t.charCodeAt(o);return r.buffer}function c(e){for(var n=new Uint8Array(e),t="",r=0;r<n.byteLength;r++)t+=String.fromCharCode(n[r]);return btoa(t).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}var h={init:function(e){if(!e||!e.baseURL)throw new Error("MojoAuth.init: baseURL is required");d=e.baseURL,f=Object.assign({},e.endpoints||{})},login:function(e,n){return s(i("login"),{username:e,password:n}).then(function(t){var r=t.data||t;return r.mfa_required?r:l(t)})},forgotPasswordCode:function(e){return s(i("forgotPassword"),{email:e,method:"code"})},resetWithCode:function(e,n,t){return s(i("resetWithCode"),{email:e,code:n,new_password:t}).then(l)},forgotPasswordLink:function(e){return s(i("forgotPassword"),{email:e,method:"link"})},resetWithToken:function(e,n){return s(i("resetWithToken"),{token:e,new_password:n}).then(l)},sendMagicLink:function(e){return s(i("magicSend"),{email:e})},loginWithMagicToken:function(e){return s(i("magicLogin"),{token:e}).then(l)},handleMagicTokenFromURL:function(){var e=new URLSearchParams(window.location.search),n=e.get("token");if(!n||n.indexOf("ml:")!==0)return Promise.resolve(null);e.delete("token");var t=e.toString()?window.location.pathname+"?"+e.toString():window.location.pathname;return window.history.replaceState({},"",t),h.loginWithMagicToken(n)},isPasskeySupported:function(){return typeof window<"u"&&typeof window.PublicKeyCredential<"u"&&typeof navigator.credentials<"u"&&typeof navigator.credentials.get=="function"},loginWithPasskeyDiscoverable:function(){return h.isPasskeySupported()?s(i("passkeyLoginBegin"),{}).then(function(e){var n=e.data||e,t=n.challenge_id,r=n.publicKey;return r.challenge=g(r.challenge),r.allowCredentials&&(r.allowCredentials=r.allowCredentials.map(function(o){return Object.assign({},o,{id:g(o.id)})})),navigator.credentials.get({publicKey:r}).then(function(o){if(!o)throw new Error("No credential received from authenticator");return s(i("passkeyLoginComplete"),{challenge_id:t,credential:{id:o.id,rawId:c(o.rawId),type:o.type,response:{clientDataJSON:c(o.response.clientDataJSON),authenticatorData:c(o.response.authenticatorData),signature:c(o.response.signature),userHandle:o.response.userHandle?c(o.response.userHandle):null}}})})}).then(l):Promise.reject(new Error("Passkeys are not supported in this browser"))},loginWithPasskey:function(e){return h.isPasskeySupported()?s(i("passkeyLoginBegin"),{username:e}).then(function(n){var t=n.data||n,r=t.challenge_id,o=t.publicKey;return o.challenge=g(o.challenge),o.allowCredentials&&(o.allowCredentials=o.allowCredentials.map(function(a){return Object.assign({},a,{id:g(a.id)})})),navigator.credentials.get({publicKey:o}).then(function(a){if(!a)throw new Error("No credential received from authenticator");return s(i("passkeyLoginComplete"),{challenge_id:r,credential:{id:a.id,rawId:c(a.rawId),type:a.type,response:{clientDataJSON:c(a.response.clientDataJSON),authenticatorData:c(a.response.authenticatorData),signature:c(a.response.signature),userHandle:a.response.userHandle?c(a.response.userHandle):null}}})})}).then(l):Promise.reject(new Error("Passkeys are not supported in this browser"))},startOAuthLogin:function(e,n){sessionStorage.setItem("oauth_provider",e);var t=n||window.location.origin+window.location.pathname,r=i("oauthBegin",{provider:e})+"?redirect_uri="+encodeURIComponent(t);return w(r).then(function(o){var a=o.data||o;if(!a.auth_url)throw new Error("No auth_url in OAuth begin response");window.location.href=a.auth_url})},startGoogleLogin:function(e){return h.startOAuthLogin("google",e)},completeOAuthLogin:function(e){var n=new URLSearchParams(window.location.search),t=n.get("code"),r=n.get("state");return t?s(i("oauthComplete",{provider:e}),{code:t,state:r}).then(l):Promise.reject(new Error("No OAuth code in URL"))},completeGoogleLogin:function(){return h.completeOAuthLogin("google")},exchangeAuthCode:function(e){return s(i("exchangeAuthCode"),{code:e}).then(l)},handleAuthCodeFromURL:function(){var e=new URLSearchParams(window.location.search),n=e.get("auth_code");if(!n)return Promise.resolve(null);e.delete("auth_code");var t=window.location.pathname+(e.toString()?"?"+e.toString():"")+(window.location.hash||"");return window.history.replaceState({},"",t),h.exchangeAuthCode(n)},logout:function(){localStorage.removeItem(u.access),localStorage.removeItem(u.refresh)},isAuthenticated:function(){return!!localStorage.getItem(u.access)},getToken:function(){return localStorage.getItem(u.access)},getRefreshToken:function(){return localStorage.getItem(u.refresh)},getAuthHeader:function(){var e=localStorage.getItem(u.access);return e?"Bearer "+e:null},getTokenPayload:function(){var e=localStorage.getItem(u.access);if(!e)return null;try{var n=e.split(".");if(n.length!==3)return null;var t=n[1].replace(/-/g,"+").replace(/_/g,"/"),r=4-t.length%4;return r!==4&&(t+="====".slice(0,r)),JSON.parse(atob(t))}catch{return null}},isTokenExpired:function(){var e=h.getTokenPayload();return!e||!e.exp?!0:Math.floor(Date.now()/1e3)>=e.exp},refreshToken:function(){var e=localStorage.getItem(u.refresh);return e?s(i("refreshToken"),{refresh_token:e}).then(l):Promise.reject(new Error("No refresh token stored"))},getError:m};return h})}));
|