zudoku 0.17.0 → 0.18.0

package/lib/zudoku.auth-openid.js

@@ -3,11 +3,11 @@ var je = (t, e, n) => e in t ? Ie(t, e, { enumerable: !0, configurable: !0, writ
 var b = (t, e, n) => je(t, typeof e != "symbol" ? e + "" : e, n);
 import { j as fe } from "./jsx-runtime-B6kdoens.js";
 import { c as Je, g as Oe } from "./_commonjsHelpers-BkfeUUK-.js";
-import { A as Ne } from "./AuthenticationPlugin-bqGAKfot.js";
-import { g as ze } from "./utils-DNAltzXc.js";
-import { Z as De } from "./invariant-Caa8-XvF.js";
-import { N as Ke } from "./index-DM9hrcCG.js";
-import { u as N } from "./state-BsPrOUAh.js";
+import { A as ze } from "./AuthenticationPlugin-DeGDVa1r.js";
+import { g as De } from "./utils-DcpDOncX.js";
+import { Z as Ne } from "./invariant-Caa8-XvF.js";
+import { l as Ke } from "./index-Czzd9rjU.js";
+import { u as z } from "./state-tsXBLONe.js";
 var pe = { exports: {} };
 (function(t) {
   (function(e, n) {
@@ -21,8 +21,8 @@ var pe = { exports: {} };
       "warn",
       "error"
     ], r = {}, i = null;
-    function c(l, g) {
-      var u = l[g];
+    function c(l, m) {
+      var u = l[m];
       if (typeof u.bind == "function")
         return u.bind(l);
       try {
@@ -40,9 +40,9 @@ var pe = { exports: {} };
       return l === "debug" && (l = "log"), typeof console === n ? !1 : l === "trace" && o ? p : console[l] !== void 0 ? c(console, l) : console.log !== void 0 ? c(console, "log") : e;
     }
     function f() {
-      for (var l = this.getLevel(), g = 0; g < a.length; g++) {
-        var u = a[g];
-        this[u] = g < l ? e : this.methodFactory(u, l, this.name);
+      for (var l = this.getLevel(), m = 0; m < a.length; m++) {
+        var u = a[m];
+        this[u] = m < l ? e : this.methodFactory(u, l, this.name);
       }
       if (this.log = this.debug, typeof console === n && l < this.levels.SILENT)
         return "No console available for logging";
@@ -52,27 +52,27 @@ var pe = { exports: {} };
         typeof console !== n && (f.call(this), this[l].apply(this, arguments));
       };
     }
-    function T(l, g, u) {
+    function T(l, m, u) {
       return _(l) || y.apply(this, arguments);
     }
-    function h(l, g) {
+    function h(l, m) {
       var u = this, J, F, R, v = "loglevel";
       typeof l == "string" ? v += ":" + l : typeof l == "symbol" && (v = void 0);
-      function Le(d) {
-        var m = (a[d] || "silent").toUpperCase();
+      function Ce(d) {
+        var g = (a[d] || "silent").toUpperCase();
         if (!(typeof window === n || !v)) {
           try {
-            window.localStorage[v] = m;
+            window.localStorage[v] = g;
             return;
           } catch {
           }
           try {
-            window.document.cookie = encodeURIComponent(v) + "=" + m + ";";
+            window.document.cookie = encodeURIComponent(v) + "=" + g + ";";
           } catch {
           }
         }
       }
-      function ne() {
+      function te() {
         var d;
         if (!(typeof window === n || !v)) {
           try {
@@ -81,16 +81,16 @@ var pe = { exports: {} };
           }
           if (typeof d === n)
             try {
-              var m = window.document.cookie, O = encodeURIComponent(v), oe = m.indexOf(O + "=");
-              oe !== -1 && (d = /^([^;]+)/.exec(
-                m.slice(oe + O.length + 1)
+              var g = window.document.cookie, O = encodeURIComponent(v), re = g.indexOf(O + "=");
+              re !== -1 && (d = /^([^;]+)/.exec(
+                g.slice(re + O.length + 1)
               )[1]);
             } catch {
             }
           return u.levels[d] === void 0 && (d = void 0), d;
         }
       }
-      function Ce() {
+      function Le() {
         if (!(typeof window === n || !v)) {
           try {
             window.localStorage.removeItem(v);
@@ -103,9 +103,9 @@ var pe = { exports: {} };
         }
       }
       function U(d) {
-        var m = d;
-        if (typeof m == "string" && u.levels[m.toUpperCase()] !== void 0 && (m = u.levels[m.toUpperCase()]), typeof m == "number" && m >= 0 && m <= u.levels.SILENT)
-          return m;
+        var g = d;
+        if (typeof g == "string" && u.levels[g.toUpperCase()] !== void 0 && (g = u.levels[g.toUpperCase()]), typeof g == "number" && g >= 0 && g <= u.levels.SILENT)
+          return g;
         throw new TypeError("log.setLevel() called with invalid level: " + d);
       }
       u.name = l, u.levels = {
@@ -115,14 +115,14 @@ var pe = { exports: {} };
         WARN: 3,
         ERROR: 4,
         SILENT: 5
-      }, u.methodFactory = g || T, u.getLevel = function() {
+      }, u.methodFactory = m || T, u.getLevel = function() {
         return R ?? F ?? J;
-      }, u.setLevel = function(d, m) {
-        return R = U(d), m !== !1 && Le(R), f.call(u);
+      }, u.setLevel = function(d, g) {
+        return R = U(d), g !== !1 && Ce(R), f.call(u);
       }, u.setDefaultLevel = function(d) {
-        F = U(d), ne() || u.setLevel(d, !1);
+        F = U(d), te() || u.setLevel(d, !1);
       }, u.resetLevel = function() {
-        R = null, Ce(), f.call(u);
+        R = null, Le(), f.call(u);
       }, u.enableAll = function(d) {
         u.setLevel(u.levels.TRACE, d);
       }, u.disableAll = function(d) {
@@ -134,15 +134,15 @@ var pe = { exports: {} };
       }, J = U(
         i ? i.getLevel() : "WARN"
       );
-      var re = ne();
-      re != null && (R = U(re)), f.call(u);
+      var ne = te();
+      ne != null && (R = U(ne)), f.call(u);
     }
-    i = new h(), i.getLogger = function(g) {
-      if (typeof g != "symbol" && typeof g != "string" || g === "")
+    i = new h(), i.getLogger = function(m) {
+      if (typeof m != "symbol" && typeof m != "string" || m === "")
         throw new TypeError("You must supply a name when creating a logger.");
-      var u = r[g];
-      return u || (u = r[g] = new h(
-        g,
+      var u = r[m];
+      return u || (u = r[m] = new h(
+        m,
         i.methodFactory
       )), u;
     };
@@ -155,11 +155,11 @@ var pe = { exports: {} };
   });
 })(pe);
 var We = pe.exports;
-const M = /* @__PURE__ */ Oe(We);
-let G;
-var z, he;
-(typeof navigator > "u" || !((he = (z = navigator.userAgent) == null ? void 0 : z.startsWith) != null && he.call(z, "Mozilla/5.0 "))) && (G = "oauth4webapi/v2.17.0");
-function Y(t, e) {
+const oe = /* @__PURE__ */ Oe(We);
+let V;
+var D, he;
+(typeof navigator > "u" || !((he = (D = navigator.userAgent) == null ? void 0 : D.startsWith) != null && he.call(D, "Mozilla/5.0 "))) && (V = "oauth4webapi/v2.17.0");
+function Z(t, e) {
   if (t == null)
     return !1;
   try {
@@ -168,7 +168,7 @@ function Y(t, e) {
     return !1;
   }
 }
-const K = Symbol(), He = Symbol(), Q = Symbol(), we = Symbol(), $e = Symbol(), Fe = Symbol(), Me = new TextEncoder(), Be = new TextDecoder();
+const K = Symbol(), He = Symbol(), Y = Symbol(), we = Symbol(), $e = Symbol(), Fe = Symbol(), Me = new TextEncoder(), Be = new TextDecoder();
 function E(t) {
   return typeof t == "string" ? Me.encode(t) : Be.decode(t);
 }
@@ -229,37 +229,37 @@ class Ze extends Error {
     super(e, n), this.name = this.constructor.name, (o = Error.captureStackTrace) == null || o.call(Error, this, this.constructor);
   }
 }
-const s = Ze, ge = new Ge(100);
-function me(t) {
+const s = Ze, me = new Ge(100);
+function ge(t) {
   return t instanceof CryptoKey;
 }
 function ye(t) {
-  return me(t) && t.type === "private";
+  return ge(t) && t.type === "private";
 }
 function Ye(t) {
-  return me(t) && t.type === "public";
+  return ge(t) && t.type === "public";
 }
-function X(t) {
+function Q(t) {
   try {
     const e = t.headers.get("dpop-nonce");
-    e && ge.set(new URL(t.url).origin, e);
+    e && me.set(new URL(t.url).origin, e);
   } catch {
   }
   return t;
 }
-function L(t) {
+function C(t) {
   return !(t === null || typeof t != "object" || Array.isArray(t));
 }
 function W(t) {
-  Y(t, Headers) && (t = Object.fromEntries(t.entries()));
+  Z(t, Headers) && (t = Object.fromEntries(t.entries()));
   const e = new Headers(t);
-  if (G && !e.has("user-agent") && e.set("user-agent", G), e.has("authorization"))
+  if (V && !e.has("user-agent") && e.set("user-agent", V), e.has("authorization"))
     throw new TypeError('"options.headers" must not include the "authorization" header name');
   if (e.has("dpop"))
     throw new TypeError('"options.headers" must not include the "dpop" header name');
   return e;
 }
-function ee(t) {
+function X(t) {
   if (typeof t == "function" && (t = t()), !(t instanceof AbortSignal))
     throw new TypeError('"options.signal" must return or be an instance of AbortSignal');
   return t;
@@ -282,12 +282,12 @@ async function Qe(t, e) {
       throw new TypeError('"options.algorithm" must be "oidc" (default), or "oauth2"');
   }
   const o = W(e == null ? void 0 : e.headers);
-  return o.set("accept", "application/json"), ((e == null ? void 0 : e[Q]) || fetch)(n.href, {
+  return o.set("accept", "application/json"), ((e == null ? void 0 : e[Y]) || fetch)(n.href, {
     headers: Object.fromEntries(o.entries()),
     method: "GET",
     redirect: "manual",
-    signal: e != null && e.signal ? ee(e.signal) : null
-  }).then(X);
+    signal: e != null && e.signal ? X(e.signal) : null
+  }).then(Q);
 }
 function w(t) {
   return typeof t == "string" && t.length !== 0;
@@ -295,18 +295,18 @@ function w(t) {
 async function Xe(t, e) {
   if (!(t instanceof URL))
     throw new TypeError('"expectedIssuer" must be an instance of URL');
-  if (!Y(e, Response))
+  if (!Z(e, Response))
     throw new TypeError('"response" must be an instance of Response');
   if (e.status !== 200)
     throw new s('"response" is not a conform Authorization Server Metadata response');
-  te(e);
+  ee(e);
   let n;
   try {
     n = await e.json();
   } catch (o) {
     throw new s('failed to parse "response" body as JSON', { cause: o });
   }
-  if (!L(n))
+  if (!C(n))
     throw new s('"response" body must be a top level object');
   if (!w(n.issuer))
     throw new s('"response" body "issuer" property must be a non-empty string');
@@ -399,7 +399,7 @@ function be(t) {
       throw new S("unsupported CryptoKey algorithm name");
   }
 }
-function C(t) {
+function L(t) {
   const e = t == null ? void 0 : t[K];
   return typeof e == "number" && Number.isFinite(e) ? e : 0;
 }
@@ -411,7 +411,7 @@ function $() {
   return Math.floor(Date.now() / 1e3);
 }
 function ct(t, e) {
-  const n = $() + C(e);
+  const n = $() + L(e);
   return {
     jti: H(),
     aud: [t.issuer, t.token_endpoint],
@@ -445,7 +445,7 @@ function se(t) {
     throw new TypeError('"client.client_secret" property must be a non-empty string');
   return t;
 }
-function B(t, e) {
+function M(t, e) {
   if (e !== void 0)
     throw new TypeError(`"options.clientPrivateKey" property must not be provided when ${t} client authentication method is used.`);
 }
@@ -457,11 +457,11 @@ async function lt(t, e, n, o, a) {
   switch (n.delete("client_secret"), n.delete("client_assertion_type"), n.delete("client_assertion"), e.token_endpoint_auth_method) {
     case void 0:
     case "client_secret_basic": {
-      B("client_secret_basic", a), o.set("authorization", ot(e.client_id, se(e.client_secret)));
+      M("client_secret_basic", a), o.set("authorization", ot(e.client_id, se(e.client_secret)));
       break;
     }
     case "client_secret_post": {
-      B("client_secret_post", a), n.set("client_id", e.client_id), n.set("client_secret", se(e.client_secret));
+      M("client_secret_post", a), n.set("client_id", e.client_id), n.set("client_secret", se(e.client_secret));
       break;
     }
     case "private_key_jwt": {
@@ -476,7 +476,7 @@ async function lt(t, e, n, o, a) {
     case "tls_client_auth":
     case "self_signed_tls_client_auth":
     case "none": {
-      ce(e.token_endpoint_auth_method, e.client_secret), B(e.token_endpoint_auth_method, a), n.set("client_id", e.client_id);
+      ce(e.token_endpoint_auth_method, e.client_secret), M(e.token_endpoint_auth_method, a), n.set("client_id", e.client_id);
       break;
     }
     default:
@@ -491,7 +491,7 @@ async function ve(t, e, n) {
 }
 async function dt(t, e, n, o, a, r) {
   var T;
-  const { privateKey: i, publicKey: c, nonce: p = ge.get(n.origin) } = e;
+  const { privateKey: i, publicKey: c, nonce: p = me.get(n.origin) } = e;
   if (!ye(i))
     throw new TypeError('"DPoP.privateKey" must be a private CryptoKey');
   if (!Ye(c))
@@ -514,13 +514,13 @@ async function dt(t, e, n, o, a, r) {
   };
   (T = e[we]) == null || T.call(e, f, y), t.set("dpop", await ve(f, y, i));
 }
-let D;
+let N;
 async function ht(t) {
   const { kty: e, e: n, n: o, x: a, y: r, crv: i } = await crypto.subtle.exportKey("jwk", t), c = { kty: e, e: n, n: o, x: a, y: r, crv: i };
-  return D.set(t, c), c;
+  return N.set(t, c), c;
 }
 async function ft(t) {
-  return D || (D = /* @__PURE__ */ new WeakMap()), D.get(t) || ht(t);
+  return N || (N = /* @__PURE__ */ new WeakMap()), N.get(t) || ht(t);
 }
 function ue(t, e, n) {
   if (typeof t != "string")
@@ -533,7 +533,7 @@ function Se(t, e, n = !1) {
 function Te(t, e) {
   return !!(t.use_mtls_endpoint_aliases || e != null && e[Fe]);
 }
-function Z(t) {
+function G(t) {
   const e = t;
   return typeof e != "object" || Array.isArray(e) || e === null ? !1 : e.error !== void 0;
 }
@@ -542,38 +542,38 @@ async function pt(t, e, n, o, a, r) {
     throw new TypeError('"accessToken" must be a non-empty string');
   if (!(n instanceof URL))
     throw new TypeError('"url" must be an instance of URL');
-  return o = W(o), (r == null ? void 0 : r.DPoP) === void 0 ? o.set("authorization", `Bearer ${t}`) : (await dt(o, r.DPoP, n, e.toUpperCase(), C({ [K]: r == null ? void 0 : r[K] }), t), o.set("authorization", `DPoP ${t}`)), ((r == null ? void 0 : r[Q]) || fetch)(n.href, {
+  return o = W(o), (r == null ? void 0 : r.DPoP) === void 0 ? o.set("authorization", `Bearer ${t}`) : (await dt(o, r.DPoP, n, e.toUpperCase(), L({ [K]: r == null ? void 0 : r[K] }), t), o.set("authorization", `DPoP ${t}`)), ((r == null ? void 0 : r[Y]) || fetch)(n.href, {
     body: a,
     headers: Object.fromEntries(o.entries()),
     method: e,
     redirect: "manual",
-    signal: r != null && r.signal ? ee(r.signal) : null
-  }).then(X);
+    signal: r != null && r.signal ? X(r.signal) : null
+  }).then(Q);
 }
 async function wt(t, e, n, o) {
   x(t), I(e);
   const a = Se(t, "userinfo_endpoint", Te(e, o)), r = W(o == null ? void 0 : o.headers);
   return e.userinfo_signed_response_alg ? r.set("accept", "application/jwt") : (r.set("accept", "application/json"), r.append("accept", "application/jwt")), pt(n, "GET", a, r, null, {
     ...o,
-    [K]: C(e)
+    [K]: L(e)
   });
 }
-async function gt(t, e, n, o, a, r, i) {
-  return await lt(t, e, a, r, i == null ? void 0 : i.clientPrivateKey), r.set("content-type", "application/x-www-form-urlencoded;charset=UTF-8"), ((i == null ? void 0 : i[Q]) || fetch)(o.href, {
+async function mt(t, e, n, o, a, r, i) {
+  return await lt(t, e, a, r, i == null ? void 0 : i.clientPrivateKey), r.set("content-type", "application/x-www-form-urlencoded;charset=UTF-8"), ((i == null ? void 0 : i[Y]) || fetch)(o.href, {
     body: a,
     headers: Object.fromEntries(r.entries()),
     method: n,
     redirect: "manual",
-    signal: i != null && i.signal ? ee(i.signal) : null
-  }).then(X);
+    signal: i != null && i.signal ? X(i.signal) : null
+  }).then(Q);
 }
 async function ke(t, e, n, o, a) {
   const r = Se(t, "token_endpoint", Te(e, a));
   o.set("grant_type", n);
   const i = W(a == null ? void 0 : a.headers);
-  return i.set("accept", "application/json"), gt(t, e, "POST", r, o, i, a);
+  return i.set("accept", "application/json"), mt(t, e, "POST", r, o, i, a);
 }
-async function mt(t, e, n, o) {
+async function gt(t, e, n, o) {
   if (x(t), I(e), !w(n))
     throw new TypeError('"refreshToken" must be a non-empty string');
   const a = new URLSearchParams(o == null ? void 0 : o.additionalParameters);
@@ -589,7 +589,7 @@ function yt(t) {
   return e[0];
 }
 async function Ee(t, e, n, o = !1, a = !1) {
-  if (x(t), I(e), !Y(n, Response))
+  if (x(t), I(e), !Z(n, Response))
     throw new TypeError('"response" must be an instance of Response');
   if (n.status !== 200) {
     let i;
@@ -597,14 +597,14 @@ async function Ee(t, e, n, o = !1, a = !1) {
       return i;
     throw new s('"response" is not a conform Token Endpoint response');
   }
-  te(n);
+  ee(n);
   let r;
   try {
     r = await n.json();
   } catch (i) {
     throw new s('failed to parse "response" body as JSON', { cause: i });
   }
-  if (!L(r))
+  if (!C(r))
     throw new s('"response" body must be a top level object');
   if (!w(r.access_token))
     throw new s('"response" body "access_token" property must be a non-empty string');
@@ -622,7 +622,7 @@ async function Ee(t, e, n, o = !1, a = !1) {
     if (r.id_token !== void 0 && !w(r.id_token))
       throw new s('"response" body "id_token" property must be a non-empty string');
     if (r.id_token) {
-      const { claims: i, jwt: c } = await Ct(r.id_token, xt.bind(void 0, e.id_token_signed_response_alg, t.id_token_signing_alg_values_supported), Ue, C(e), _e(e), e[$e]).then(At.bind(void 0, ["aud", "exp", "iat", "iss", "sub"])).then(vt.bind(void 0, t.issuer)).then(_t.bind(void 0, e.client_id));
+      const { claims: i, jwt: c } = await Lt(r.id_token, xt.bind(void 0, e.id_token_signed_response_alg, t.id_token_signing_alg_values_supported), Ue, L(e), _e(e), e[$e]).then(At.bind(void 0, ["aud", "exp", "iat", "iss", "sub"])).then(vt.bind(void 0, t.issuer)).then(_t.bind(void 0, e.client_id));
       if (Array.isArray(i.aud) && i.aud.length !== 1) {
         if (i.azp === void 0)
           throw new s('ID Token "aud" (audience) claim includes additional untrusted audiences');
@@ -691,21 +691,21 @@ function At(t, e) {
       throw new s(`JWT "${n}" (${kt[n]}) claim missing`);
   return e;
 }
-const Et = Symbol(), q = Symbol();
+const Et = Symbol(), B = Symbol();
 async function Rt(t, e, n, o, a) {
   const r = await Ee(t, e, n);
-  if (Z(r))
+  if (G(r))
     return r;
   if (!w(r.id_token))
     throw new s('"response" body "id_token" property must be a non-empty string');
-  a ?? (a = e.default_max_age ?? q);
+  a ?? (a = e.default_max_age ?? B);
   const i = yt(r);
-  if ((e.require_auth_time || a !== q) && i.auth_time === void 0)
+  if ((e.require_auth_time || a !== B) && i.auth_time === void 0)
     throw new s('ID Token "auth_time" (authentication time) claim missing');
-  if (a !== q) {
+  if (a !== B) {
     if (typeof a != "number" || a < 0)
       throw new TypeError('"maxAge" must be a non-negative number');
-    const c = $() + C(e), p = _e(e);
+    const c = $() + L(e), p = _e(e);
     if (i.auth_time + a < c - p)
       throw new s("too much time has elapsed since the last End-User authentication");
   }
@@ -725,16 +725,16 @@ async function Rt(t, e, n, o, a) {
   }
   return r;
 }
-function te(t) {
+function ee(t) {
   if (t.bodyUsed)
     throw new TypeError('"response" body has been used already');
 }
 async function Pt(t) {
   if (t.status > 399 && t.status < 500) {
-    te(t);
+    ee(t);
     try {
       const e = await t.json();
-      if (L(e) && typeof e.error == "string" && e.error.length)
+      if (C(e) && typeof e.error == "string" && e.error.length)
         return e.error_description !== void 0 && typeof e.error_description != "string" && delete e.error_description, e.error_uri !== void 0 && typeof e.error_uri != "string" && delete e.error_uri, e.algs !== void 0 && typeof e.algs != "string" && delete e.algs, e.scope !== void 0 && typeof e.scope != "string" && delete e.scope, e;
     } catch {
     }
@@ -784,12 +784,12 @@ function Pe(t) {
   throw new S();
 }
 const Ue = Symbol();
-async function Lt(t, e, n, o) {
+async function Ct(t, e, n, o) {
   const a = `${t}.${e}`;
   if (!await crypto.subtle.verify(Pe(n), n, o, E(a)))
     throw new s("JWT signature verification failed");
 }
-async function Ct(t, e, n, o, a, r) {
+async function Lt(t, e, n, o, a, r) {
   let { 0: i, 1: c, 2: p, length: _ } = t.split(".");
   if (_ === 5)
     if (r !== void 0)
@@ -804,20 +804,20 @@ async function Ct(t, e, n, o, a, r) {
   } catch (l) {
     throw new s("failed to parse JWT Header body as base64url encoded JSON", { cause: l });
   }
-  if (!L(f))
+  if (!C(f))
     throw new s("JWT Header must be a top level object");
   if (e(f), f.crit !== void 0)
     throw new s('unexpected JWT "crit" header parameter');
   const y = A(p);
   let T;
-  n !== Ue && (T = await n(f), await Lt(i, c, T, y));
+  n !== Ue && (T = await n(f), await Ct(i, c, T, y));
   let h;
   try {
     h = JSON.parse(E(A(c)));
   } catch (l) {
     throw new s("failed to parse JWT Payload body as base64url encoded JSON", { cause: l });
   }
-  if (!L(h))
+  if (!C(h))
     throw new s("JWT Payload must be a top level object");
   const j = $() + o;
   if (h.exp !== void 0) {
@@ -902,14 +902,14 @@ function Jt(t, e, n, o) {
 function Ot({
   handleCallback: t
 }) {
-  const e = ze({
+  const e = De({
     retry: !1,
     queryKey: ["oauth-callback"],
     queryFn: async () => {
       try {
         return await t();
       } catch (n) {
-        throw new De("Could not validate user", {
+        throw new Ne("Could not validate user", {
           cause: n,
           title: "Authentication Error",
           developerHint: "Check the configuration of your authorization provider and ensure all settings such as the callback URL are configured correctly."
@@ -926,8 +926,8 @@ class de extends P {
     super(e, o), this.error = n;
   }
 }
-const V = "code-verifier";
-class Nt extends Ne {
+const q = "code-verifier";
+class zt extends ze {
   constructor(e, n) {
     super(), this.callbackUrlPath = e, this.handleCallback = n;
   }
@@ -941,7 +941,7 @@ class Nt extends Ne {
     ];
   }
 }
-class zt {
+class Dt {
   constructor({
     issuer: e,
     audience: n,
@@ -961,11 +961,12 @@ class zt {
     b(this, "redirectToAfterSignOut");
     b(this, "audience");
     b(this, "signOut", async () => {
-      N.setState({
+      z.setState({
         isAuthenticated: !1,
         isPending: !1,
-        profile: void 0
-      }), sessionStorage.clear();
+        profile: void 0,
+        providerData: void 0
+      });
       const e = await this.getAuthServer(), n = new URL(
         window.location.origin + this.redirectToAfterSignOut
       );
@@ -977,8 +978,8 @@ class zt {
       )) : o = n;
     });
     b(this, "handleCallback", async () => {
-      const e = new URL(window.location.href), n = e.searchParams.get("state"), o = sessionStorage.getItem(V);
-      if (sessionStorage.removeItem(V), !o)
+      const e = new URL(window.location.href), n = e.searchParams.get("state"), o = sessionStorage.getItem(q);
+      if (sessionStorage.removeItem(q), !o)
         throw new P("No code verifier found in state.");
       const a = await this.getAuthServer(), r = Jt(
         a,
@@ -986,8 +987,8 @@ class zt {
         e.searchParams,
         n ?? void 0
       );
-      if (Z(r))
-        throw M.error("Error validating OAuth response", r), new de(
+      if (G(r))
+        throw oe.error("Error validating OAuth response", r), new de(
           "Error validating OAuth response",
           r
         );
@@ -1016,14 +1017,11 @@ class zt {
         emailVerified: y.email_verified ?? !1,
         pictureUrl: y.picture
       };
-      N.setState({
+      z.setState({
         isAuthenticated: !0,
         isPending: !1,
         profile: T
-      }), sessionStorage.setItem(
-        "profile-state",
-        JSON.stringify(N.getState().profile)
-      );
+      });
       const h = sessionStorage.getItem("redirect-to") ?? "/";
       return sessionStorage.removeItem("redirect-to"), h;
     });
@@ -1047,8 +1045,8 @@ class zt {
    * @param response
    */
   setTokensFromResponse(e) {
-    if (Z(e))
-      throw M.error("Bad Token Response", e), new de("Bad Token Response", e);
+    if (G(e))
+      throw oe.error("Bad Token Response", e), new de("Bad Token Response", e);
     if (!e.expires_in)
       throw new P("No expires_in in response");
     const n = {
@@ -1057,7 +1055,9 @@ class zt {
       expiresOn: new Date(Date.now() + e.expires_in * 1e3),
       tokenType: e.token_type
     };
-    sessionStorage.setItem("token-state", JSON.stringify(n));
+    z.setState({
+      providerData: n
+    });
   }
   async signUp({ redirectTo: e } = {}) {
     return this.authorize({
@@ -1079,7 +1079,7 @@ class zt {
     if (!a.authorization_endpoint)
       throw new P("No authorization endpoint");
     const r = et(), i = await nt(r);
-    sessionStorage.setItem(V, r);
+    sessionStorage.setItem(q, r);
     const c = new URL(
       a.authorization_endpoint
     );
@@ -1098,14 +1098,14 @@ class zt {
     location.href = c.href;
   }
   async getAccessToken() {
-    const e = await this.getAuthServer(), n = sessionStorage.getItem("token-state");
+    const e = await this.getAuthServer(), { providerData: n } = z.getState();
     if (!n)
       throw new P("User is not authenticated");
-    const o = JSON.parse(n);
+    const o = n;
     if (o.expiresOn < /* @__PURE__ */ new Date()) {
       if (!o.refreshToken)
         return await this.signIn(), "";
-      const a = await mt(
+      const a = await gt(
         e,
         this.client,
         o.refreshToken
@@ -1120,27 +1120,13 @@ class zt {
     } else
       return o.accessToken;
   }
-  pageLoad() {
-    const e = sessionStorage.getItem("profile-state");
-    if (e)
-      try {
-        const n = JSON.parse(e);
-        N.setState({
-          isAuthenticated: !0,
-          isPending: !1,
-          profile: n
-        });
-      } catch (n) {
-        M.error("Error parsing auth state", n);
-      }
-  }
   getAuthenticationPlugin() {
-    return new Nt(this.callbackUrlPath, this.handleCallback);
+    return new zt(this.callbackUrlPath, this.handleCallback);
   }
 }
-const qt = (t) => new zt(t);
+const qt = (t) => new Dt(t);
 export {
-  zt as OpenIDAuthenticationProvider,
+  Dt as OpenIDAuthenticationProvider,
   qt as default
 };
 //# sourceMappingURL=zudoku.auth-openid.js.map