zudoku 0.3.1-dev.17 → 0.3.1-dev.19

package/lib/zudoku.auth-openid.js

@@ -1,14 +1,15 @@
 var xe = Object.defineProperty;
 var Le = (t, e, n) => e in t ? xe(t, e, { enumerable: !0, configurable: !0, writable: !0, value: n }) : t[e] = n;
 var y = (t, e, n) => Le(t, typeof e != "symbol" ? e + "" : e, n);
-import { j as P } from "./jsx-runtime-B6kdoens.js";
+import { j as k } from "./jsx-runtime-B6kdoens.js";
 import { c as Ce, a as Ie } from "./_commonjsHelpers-BVfed4GL.js";
 import { A as je } from "./AuthenticationPlugin-owbEUimP.js";
 import { useState as ze, useRef as Je, useEffect as Oe } from "react";
 import { D as Ne } from "./DeveloperHint-BQSFXH01.js";
 import { E as De } from "./ErrorPage-PUg985n_.js";
-import { S as Ke } from "./Markdown-Chb9VIBv.js";
-import { e as We } from "./index-Yjb2PyPF.js";
+import { S as Ke } from "./Spinner-CvXZ7QK4.js";
+import { S as We } from "./Markdown-Chb9VIBv.js";
+import { e as He } from "./index-Yjb2PyPF.js";
 import { u as N } from "./state-DsXXkBLH.js";
 var fe = { exports: {} };
 (function(t) {
@@ -57,7 +58,7 @@ var fe = { exports: {} };
     function f(l, w, c) {
       return m(l) || _.apply(this, arguments);
     }
-    function A(l, w) {
+    function R(l, w) {
       var c = this, J, B, U, v = "loglevel";
       typeof l == "string" ? v += ":" + l : typeof l == "symbol" && (v = void 0);
       function Re(d) {
@@ -139,25 +140,25 @@ var fe = { exports: {} };
       var oe = re();
       oe != null && (U = L(oe)), b.call(c);
     }
-    i = new A(), i.getLogger = function(w) {
+    i = new R(), i.getLogger = function(w) {
       if (typeof w != "symbol" && typeof w != "string" || w === "")
         throw new TypeError("You must supply a name when creating a logger.");
       var c = r[w];
-      return c || (c = r[w] = new A(
+      return c || (c = r[w] = new R(
         w,
         i.methodFactory
       )), c;
     };
-    var R = typeof window !== n ? window.log : void 0;
+    var P = typeof window !== n ? window.log : void 0;
     return i.noConflict = function() {
-      return typeof window !== n && window.log === i && (window.log = R), i;
+      return typeof window !== n && window.log === i && (window.log = P), i;
     }, i.getLoggers = function() {
       return r;
     }, i.default = i, i;
   });
 })(fe);
-var He = fe.exports;
-const K = /* @__PURE__ */ Ie(He);
+var $e = fe.exports;
+const K = /* @__PURE__ */ Ie($e);
 let Y;
 var D, he;
 (typeof navigator > "u" || !((he = (D = navigator.userAgent) == null ? void 0 : D.startsWith) != null && he.call(D, "Mozilla/5.0 "))) && (Y = "oauth4webapi/v2.11.1");
@@ -170,19 +171,19 @@ function Q(t, e) {
     return !1;
   }
 }
-const H = Symbol(), $e = Symbol(), X = Symbol(), Fe = new TextEncoder(), Me = new TextDecoder();
-function k(t) {
-  return typeof t == "string" ? Fe.encode(t) : Me.decode(t);
+const H = Symbol(), Fe = Symbol(), X = Symbol(), Me = new TextEncoder(), Be = new TextDecoder();
+function A(t) {
+  return typeof t == "string" ? Me.encode(t) : Be.decode(t);
 }
 const se = 32768;
-function Be(t) {
+function qe(t) {
   t instanceof ArrayBuffer && (t = new Uint8Array(t));
   const e = [];
   for (let n = 0; n < t.byteLength; n += se)
     e.push(String.fromCharCode.apply(null, t.subarray(n, n + se)));
   return btoa(e.join("")).replace(/=/g, "").replace(/\+/g, "-").replace(/\//g, "_");
 }
-function qe(t) {
+function Ge(t) {
   try {
     const e = atob(t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "")), n = new Uint8Array(e.length);
     for (let o = 0; o < e.length; o++)
@@ -193,9 +194,9 @@ function qe(t) {
   }
 }
 function E(t) {
-  return typeof t == "string" ? qe(t) : Be(t);
+  return typeof t == "string" ? Ge(t) : qe(t);
 }
-class Ge {
+class Ve {
   constructor(e) {
     this.cache = /* @__PURE__ */ new Map(), this._cache = /* @__PURE__ */ new Map(), this.maxSize = e;
   }
@@ -225,20 +226,20 @@ class S extends Error {
     super(e ?? "operation not supported"), this.name = this.constructor.name, (n = Error.captureStackTrace) == null || n.call(Error, this, this.constructor);
   }
 }
-class Ve extends Error {
+class Ye extends Error {
   constructor(e, n) {
     var o;
     super(e, n), this.name = this.constructor.name, (o = Error.captureStackTrace) == null || o.call(Error, this, this.constructor);
   }
 }
-const a = Ve, pe = new Ge(100);
+const a = Ye, pe = new Ve(100);
 function we(t) {
   return t instanceof CryptoKey;
 }
 function ge(t) {
   return we(t) && t.type === "private";
 }
-function Ye(t) {
+function Ze(t) {
   return we(t) && t.type === "public";
 }
 function ee(t) {
@@ -266,7 +267,7 @@ function te(t) {
     throw new TypeError('"options.signal" must return or be an instance of AbortSignal');
   return t;
 }
-async function Ze(t, e) {
+async function Qe(t, e) {
   if (!(t instanceof URL))
     throw new TypeError('"issuerIdentifier" must be an instance of URL');
   if (t.protocol !== "https:" && t.protocol !== "http:")
@@ -294,7 +295,7 @@ async function Ze(t, e) {
 function p(t) {
   return typeof t == "string" && t.length !== 0;
 }
-async function Qe(t, e) {
+async function Xe(t, e) {
   if (!(t instanceof URL))
     throw new TypeError('"expectedIssuer" must be an instance of URL');
   if (!Q(e, Response))
@@ -319,18 +320,18 @@ async function Qe(t, e) {
 function F() {
   return E(crypto.getRandomValues(new Uint8Array(32)));
 }
-function Xe() {
+function et() {
   return F();
 }
-function et() {
+function tt() {
   return F();
 }
-async function tt(t) {
+async function nt(t) {
   if (!p(t))
     throw new TypeError('"codeVerifier" must be a non-empty string');
-  return E(await crypto.subtle.digest("SHA-256", k(t)));
+  return E(await crypto.subtle.digest("SHA-256", A(t)));
 }
-function nt(t) {
+function rt(t) {
   if (t instanceof CryptoKey)
     return { key: t };
   if (!((t == null ? void 0 : t.key) instanceof CryptoKey))
@@ -342,11 +343,11 @@ function nt(t) {
 function ae(t) {
   return encodeURIComponent(t).replace(/%20/g, "+");
 }
-function rt(t, e) {
+function ot(t, e) {
   const n = ae(t), o = ae(e);
   return `Basic ${btoa(`${n}:${o}`)}`;
 }
-function ot(t) {
+function it(t) {
   switch (t.algorithm.hash.name) {
     case "SHA-256":
       return "PS256";
@@ -358,7 +359,7 @@ function ot(t) {
       throw new S("unsupported RsaHashedKeyAlgorithm hash name");
   }
 }
-function it(t) {
+function st(t) {
   switch (t.algorithm.hash.name) {
     case "SHA-256":
       return "RS256";
@@ -370,7 +371,7 @@ function it(t) {
       throw new S("unsupported RsaHashedKeyAlgorithm hash name");
   }
 }
-function st(t) {
+function at(t) {
   switch (t.algorithm.namedCurve) {
     case "P-256":
       return "ES256";
@@ -385,11 +386,11 @@ function st(t) {
 function me(t) {
   switch (t.algorithm.name) {
     case "RSA-PSS":
-      return ot(t);
-    case "RSASSA-PKCS1-v1_5":
       return it(t);
-    case "ECDSA":
+    case "RSASSA-PKCS1-v1_5":
       return st(t);
+    case "ECDSA":
+      return at(t);
     case "Ed25519":
     case "Ed448":
       return "EdDSA";
@@ -402,13 +403,13 @@ function I(t) {
   return typeof e == "number" && Number.isFinite(e) ? e : 0;
 }
 function ye(t) {
-  const e = t == null ? void 0 : t[$e];
+  const e = t == null ? void 0 : t[Fe];
   return typeof e == "number" && Number.isFinite(e) && Math.sign(e) !== -1 ? e : 30;
 }
 function M() {
   return Math.floor(Date.now() / 1e3);
 }
-function at(t, e) {
+function ct(t, e) {
   const n = M() + I(e);
   return {
     jti: F(),
@@ -420,11 +421,11 @@ function at(t, e) {
     sub: e.client_id
   };
 }
-async function ct(t, e, n, o) {
+async function ut(t, e, n, o) {
   return be({
     alg: me(n),
     kid: o
-  }, at(t, e), n);
+  }, ct(t, e), n);
 }
 function j(t) {
   if (typeof t != "object" || t === null)
@@ -453,11 +454,11 @@ function ue(t, e) {
   if (e !== void 0)
     throw new TypeError(`"client.client_secret" property must not be provided when ${t} client authentication method is used.`);
 }
-async function ut(t, e, n, o, s) {
+async function lt(t, e, n, o, s) {
   switch (n.delete("client_secret"), n.delete("client_assertion_type"), n.delete("client_assertion"), e.token_endpoint_auth_method) {
     case void 0:
     case "client_secret_basic": {
-      q("client_secret_basic", s), o.set("authorization", rt(e.client_id, ce(e.client_secret)));
+      q("client_secret_basic", s), o.set("authorization", ot(e.client_id, ce(e.client_secret)));
       break;
     }
     case "client_secret_post": {
@@ -467,10 +468,10 @@ async function ut(t, e, n, o, s) {
     case "private_key_jwt": {
       if (ue("private_key_jwt", e.client_secret), s === void 0)
         throw new TypeError('"options.clientPrivateKey" must be provided when "client.token_endpoint_auth_method" is "private_key_jwt"');
-      const { key: r, kid: i } = nt(s);
+      const { key: r, kid: i } = rt(s);
       if (!ge(r))
         throw new TypeError('"options.clientPrivateKey.key" must be a private CryptoKey');
-      n.set("client_id", e.client_id), n.set("client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"), n.set("client_assertion", await ct(t, e, r, i));
+      n.set("client_id", e.client_id), n.set("client_assertion_type", "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"), n.set("client_assertion", await ut(t, e, r, i));
       break;
     }
     case "tls_client_auth":
@@ -486,14 +487,14 @@ async function ut(t, e, n, o, s) {
 async function be(t, e, n) {
   if (!n.usages.includes("sign"))
     throw new TypeError('CryptoKey instances used for signing assertions must include "sign" in their "usages"');
-  const o = `${E(k(JSON.stringify(t)))}.${E(k(JSON.stringify(e)))}`, s = E(await crypto.subtle.sign(ke(n), n, k(o)));
+  const o = `${E(A(JSON.stringify(t)))}.${E(A(JSON.stringify(e)))}`, s = E(await crypto.subtle.sign(ke(n), n, A(o)));
   return `${o}.${s}`;
 }
-async function lt(t, e, n, o, s, r) {
+async function dt(t, e, n, o, s, r) {
   const { privateKey: i, publicKey: u, nonce: h = pe.get(n.origin) } = e;
   if (!ge(i))
     throw new TypeError('"DPoP.privateKey" must be a private CryptoKey');
-  if (!Ye(u))
+  if (!Ze(u))
     throw new TypeError('"DPoP.publicKey" must be a public CryptoKey');
   if (h !== void 0 && !p(h))
     throw new TypeError('"DPoP.nonce" must be a non-empty string or undefined');
@@ -502,43 +503,43 @@ async function lt(t, e, n, o, s, r) {
   const m = M() + s, b = await be({
     alg: me(i),
     typ: "dpop+jwt",
-    jwk: await ht(u)
+    jwk: await ft(u)
   }, {
     iat: m,
     jti: F(),
     htm: o,
     nonce: h,
     htu: `${n.origin}${n.pathname}`,
-    ath: r ? E(await crypto.subtle.digest("SHA-256", k(r))) : void 0
+    ath: r ? E(await crypto.subtle.digest("SHA-256", A(r))) : void 0
   }, i);
   t.set("dpop", b);
 }
 let W;
-async function dt(t) {
+async function ht(t) {
   const { kty: e, e: n, n: o, x: s, y: r, crv: i } = await crypto.subtle.exportKey("jwk", t), u = { kty: e, e: n, n: o, x: s, y: r, crv: i };
   return W.set(t, u), u;
 }
-async function ht(t) {
-  return W || (W = /* @__PURE__ */ new WeakMap()), W.get(t) || dt(t);
+async function ft(t) {
+  return W || (W = /* @__PURE__ */ new WeakMap()), W.get(t) || ht(t);
 }
-function ft(t, e, n) {
+function pt(t, e, n) {
   if (typeof t != "string")
     throw new TypeError(`"as.${e}" must be a string`);
   return new URL(t);
 }
 function _e(t, e, n) {
-  return ft(t[e], e);
+  return pt(t[e], e);
 }
 function Z(t) {
   const e = t;
   return typeof e != "object" || Array.isArray(e) || e === null ? !1 : e.error !== void 0;
 }
-async function pt(t, e, n, o, s, r) {
+async function wt(t, e, n, o, s, r) {
   if (!p(t))
     throw new TypeError('"accessToken" must be a non-empty string');
   if (!(n instanceof URL))
     throw new TypeError('"url" must be an instance of URL');
-  return o = $(o), (r == null ? void 0 : r.DPoP) === void 0 ? o.set("authorization", `Bearer ${t}`) : (await lt(o, r.DPoP, n, "GET", I({ [H]: r == null ? void 0 : r[H] }), t), o.set("authorization", `DPoP ${t}`)), ((r == null ? void 0 : r[X]) || fetch)(n.href, {
+  return o = $(o), (r == null ? void 0 : r.DPoP) === void 0 ? o.set("authorization", `Bearer ${t}`) : (await dt(o, r.DPoP, n, "GET", I({ [H]: r == null ? void 0 : r[H] }), t), o.set("authorization", `DPoP ${t}`)), ((r == null ? void 0 : r[X]) || fetch)(n.href, {
     body: s,
     headers: Object.fromEntries(o.entries()),
     method: e,
@@ -546,16 +547,16 @@ async function pt(t, e, n, o, s, r) {
     signal: r != null && r.signal ? te(r.signal) : null
   }).then(ee);
 }
-async function wt(t, e, n, o) {
+async function gt(t, e, n, o) {
   j(t), z(e);
   const s = _e(t, "userinfo_endpoint"), r = $(o == null ? void 0 : o.headers);
-  return e.userinfo_signed_response_alg ? r.set("accept", "application/jwt") : (r.set("accept", "application/json"), r.append("accept", "application/jwt")), pt(n, "GET", s, r, null, {
+  return e.userinfo_signed_response_alg ? r.set("accept", "application/jwt") : (r.set("accept", "application/json"), r.append("accept", "application/jwt")), wt(n, "GET", s, r, null, {
     ...o,
     [H]: I(e)
   });
 }
-async function gt(t, e, n, o, s, r, i) {
-  return await ut(t, e, s, r, i == null ? void 0 : i.clientPrivateKey), r.set("content-type", "application/x-www-form-urlencoded;charset=UTF-8"), ((i == null ? void 0 : i[X]) || fetch)(o.href, {
+async function mt(t, e, n, o, s, r, i) {
+  return await lt(t, e, s, r, i == null ? void 0 : i.clientPrivateKey), r.set("content-type", "application/x-www-form-urlencoded;charset=UTF-8"), ((i == null ? void 0 : i[X]) || fetch)(o.href, {
     body: s,
     headers: Object.fromEntries(r.entries()),
     method: n,
@@ -567,16 +568,16 @@ async function ve(t, e, n, o, s) {
   const r = _e(t, "token_endpoint");
   o.set("grant_type", n);
   const i = $(s == null ? void 0 : s.headers);
-  return i.set("accept", "application/json"), gt(t, e, "POST", r, o, i, s);
+  return i.set("accept", "application/json"), mt(t, e, "POST", r, o, i, s);
 }
-async function mt(t, e, n, o) {
+async function yt(t, e, n, o) {
   if (j(t), z(e), !p(n))
     throw new TypeError('"refreshToken" must be a non-empty string');
   const s = new URLSearchParams(o == null ? void 0 : o.additionalParameters);
   return s.set("refresh_token", n), ve(t, e, "refresh_token", s, o);
 }
 const Se = /* @__PURE__ */ new WeakMap();
-function yt(t) {
+function bt(t) {
   if (!t.id_token)
     return;
   const e = Se.get(t);
@@ -589,7 +590,7 @@ async function Te(t, e, n, o = !1, s = !1) {
     throw new TypeError('"response" must be an instance of Response');
   if (n.status !== 200) {
     let i;
-    if (i = await Pt(n))
+    if (i = await Ut(n))
       return i;
     throw new a('"response" is not a conform Token Endpoint response');
   }
@@ -618,7 +619,7 @@ async function Te(t, e, n, o = !1, s = !1) {
     if (r.id_token !== void 0 && !p(r.id_token))
       throw new a('"response" body "id_token" property must be a non-empty string');
     if (r.id_token) {
-      const { claims: i } = await xt(r.id_token, Lt.bind(void 0, e.id_token_signed_response_alg, t.id_token_signing_alg_values_supported), Ae, I(e), ye(e)).then(kt.bind(void 0, ["aud", "exp", "iat", "iss", "sub"])).then(vt.bind(void 0, t.issuer)).then(_t.bind(void 0, e.client_id));
+      const { claims: i } = await Lt(r.id_token, Ct.bind(void 0, e.id_token_signed_response_alg, t.id_token_signing_alg_values_supported), Ae, I(e), ye(e)).then(At.bind(void 0, ["aud", "exp", "iat", "iss", "sub"])).then(St.bind(void 0, t.issuer)).then(vt.bind(void 0, e.client_id));
       if (Array.isArray(i.aud) && i.aud.length !== 1 && i.azp !== e.client_id)
         throw new a('unexpected ID Token "azp" (authorized party) claim value');
       if (i.auth_time !== void 0 && (!Number.isFinite(i.auth_time) || Math.sign(i.auth_time) !== 1))
@@ -628,10 +629,10 @@ async function Te(t, e, n, o = !1, s = !1) {
   }
   return r;
 }
-async function bt(t, e, n) {
+async function _t(t, e, n) {
   return Te(t, e, n);
 }
-function _t(t, e) {
+function vt(t, e) {
   if (Array.isArray(e.claims.aud)) {
     if (!e.claims.aud.includes(t))
       throw new a('unexpected JWT "aud" (audience) claim value');
@@ -639,16 +640,16 @@ function _t(t, e) {
     throw new a('unexpected JWT "aud" (audience) claim value');
   return e;
 }
-function vt(t, e) {
+function St(t, e) {
   if (e.claims.iss !== t)
     throw new a('unexpected JWT "iss" (issuer) claim value');
   return e;
 }
 const Ee = /* @__PURE__ */ new WeakSet();
-function St(t) {
+function Tt(t) {
   return Ee.add(t), t;
 }
-async function Tt(t, e, n, o, s, r) {
+async function Et(t, e, n, o, s, r) {
   if (j(t), z(e), !Ee.has(n))
     throw new TypeError('"callbackParameters" must be an instance of URLSearchParams obtained from "validateAuthResponse()", or "validateJwtAuthResponse()');
   if (!p(o))
@@ -661,7 +662,7 @@ async function Tt(t, e, n, o, s, r) {
   const u = new URLSearchParams(r == null ? void 0 : r.additionalParameters);
   return u.set("redirect_uri", o), u.set("code_verifier", s), u.set("code", i), ve(t, e, "authorization_code", u, r);
 }
-const Et = {
+const kt = {
   aud: "audience",
   c_hash: "code hash",
   client_id: "client id",
@@ -677,21 +678,21 @@ const Et = {
   htu: "http uri",
   cnf: "confirmation"
 };
-function kt(t, e) {
+function At(t, e) {
   for (const n of t)
     if (e.claims[n] === void 0)
-      throw new a(`JWT "${n}" (${Et[n]}) claim missing`);
+      throw new a(`JWT "${n}" (${kt[n]}) claim missing`);
   return e;
 }
-const At = Symbol(), G = Symbol();
-async function Rt(t, e, n, o, s) {
+const Rt = Symbol(), G = Symbol();
+async function Pt(t, e, n, o, s) {
   const r = await Te(t, e, n);
   if (Z(r))
     return r;
   if (!p(r.id_token))
     throw new a('"response" body "id_token" property must be a non-empty string');
   s ?? (s = e.default_max_age ?? G);
-  const i = yt(r);
+  const i = bt(r);
   if ((e.require_auth_time || s !== G) && i.auth_time === void 0)
     throw new a('ID Token "auth_time" (authentication time) claim missing');
   if (s !== G) {
@@ -703,7 +704,7 @@ async function Rt(t, e, n, o, s) {
   }
   switch (o) {
     case void 0:
-    case At:
+    case Rt:
       if (i.nonce !== void 0)
         throw new a('unexpected ID Token "nonce" claim value');
       break;
@@ -721,7 +722,7 @@ function ne(t) {
   if (t.bodyUsed)
     throw new TypeError('"response" body has been used already');
 }
-async function Pt(t) {
+async function Ut(t) {
   if (t.status > 399 && t.status < 500) {
     ne(t);
     try {
@@ -736,7 +737,7 @@ function le(t) {
   if (typeof t.modulusLength != "number" || t.modulusLength < 2048)
     throw new a(`${t.name} modulusLength must be at least 2048 bits`);
 }
-function Ut(t) {
+function xt(t) {
   switch (t) {
     case "P-256":
       return "SHA-256";
@@ -753,7 +754,7 @@ function ke(t) {
     case "ECDSA":
       return {
         name: t.algorithm.name,
-        hash: Ut(t.algorithm.namedCurve)
+        hash: xt(t.algorithm.namedCurve)
       };
     case "RSA-PSS":
       switch (le(t.algorithm), t.algorithm.hash.name) {
@@ -776,7 +777,7 @@ function ke(t) {
   throw new S();
 }
 const Ae = Symbol();
-async function xt(t, e, n, o, s) {
+async function Lt(t, e, n, o, s) {
   const { 0: r, 1: i, 2: u, length: h } = t.split(".");
   if (h === 5)
     throw new S("JWE structure JWTs are not supported");
@@ -784,9 +785,9 @@ async function xt(t, e, n, o, s) {
     throw new a("Invalid JWT");
   let m;
   try {
-    m = JSON.parse(k(E(r)));
-  } catch (R) {
-    throw new a("failed to parse JWT Header body as base64url encoded JSON", { cause: R });
+    m = JSON.parse(A(E(r)));
+  } catch (P) {
+    throw new a("failed to parse JWT Header body as base64url encoded JSON", { cause: P });
   }
   if (!C(m))
     throw new a("JWT Header must be a top level object");
@@ -796,23 +797,23 @@ async function xt(t, e, n, o, s) {
   let _;
   if (n !== Ae) {
     _ = await n(m);
-    const R = `${r}.${i}`;
-    if (!await crypto.subtle.verify(ke(_), _, b, k(R)))
+    const P = `${r}.${i}`;
+    if (!await crypto.subtle.verify(ke(_), _, b, A(P)))
       throw new a("JWT signature verification failed");
   }
   let f;
   try {
-    f = JSON.parse(k(E(i)));
-  } catch (R) {
-    throw new a("failed to parse JWT Payload body as base64url encoded JSON", { cause: R });
+    f = JSON.parse(A(E(i)));
+  } catch (P) {
+    throw new a("failed to parse JWT Payload body as base64url encoded JSON", { cause: P });
   }
   if (!C(f))
     throw new a("JWT Payload must be a top level object");
-  const A = M() + o;
+  const R = M() + o;
   if (f.exp !== void 0) {
     if (typeof f.exp != "number")
       throw new a('unexpected JWT "exp" (expiration time) claim type');
-    if (f.exp <= A - s)
+    if (f.exp <= R - s)
       throw new a('unexpected JWT "exp" (expiration time) claim value, timestamp is <= now()');
   }
   if (f.iat !== void 0 && typeof f.iat != "number")
@@ -822,14 +823,14 @@ async function xt(t, e, n, o, s) {
   if (f.nbf !== void 0) {
     if (typeof f.nbf != "number")
       throw new a('unexpected JWT "nbf" (not before) claim type');
-    if (f.nbf > A + s)
+    if (f.nbf > R + s)
       throw new a('unexpected JWT "nbf" (not before) claim value, timestamp is > now()');
   }
   if (f.aud !== void 0 && typeof f.aud != "string" && !Array.isArray(f.aud))
     throw new a('unexpected JWT "aud" (audience) claim type');
   return { header: m, claims: f, signature: b, key: _ };
 }
-function Lt(t, e, n) {
+function Ct(t, e, n) {
   if (t !== void 0) {
     if (n.alg !== t)
       throw new a('unexpected JWT "alg" header parameter');
@@ -849,8 +850,8 @@ function T(t, e) {
     throw new a(`"${e}" parameter must be provided only once`);
   return n;
 }
-const Ct = Symbol(), It = Symbol();
-function jt(t, e, n, o) {
+const It = Symbol(), jt = Symbol();
+function zt(t, e, n, o) {
   if (j(t), z(e), n instanceof URL && (n = n.searchParams), !(n instanceof URLSearchParams))
     throw new TypeError('"parameters" must be an instance of URLSearchParams, or URL');
   if (T(n, "response"))
@@ -862,11 +863,11 @@ function jt(t, e, n, o) {
     throw new a('unexpected "iss" (issuer) response parameter value');
   switch (o) {
     case void 0:
-    case It:
+    case jt:
       if (r !== void 0)
         throw new a('unexpected "state" response parameter encountered');
       break;
-    case Ct:
+    case It:
       break;
     default:
       if (!p(o))
@@ -886,30 +887,30 @@ function jt(t, e, n, o) {
   const u = T(n, "id_token"), h = T(n, "token");
   if (u !== void 0 || h !== void 0)
     throw new S("implicit and hybrid flows are not supported");
-  return St(new URLSearchParams(n));
+  return Tt(new URLSearchParams(n));
 }
-function zt({
+function Jt({
   handleCallback: t
 }) {
-  const [e, n] = ze(null), o = We(), s = Je(!1);
+  const [e, n] = ze(null), o = He(), s = Je(!1);
   return Oe(() => {
     s.current || (s.current = !0, t().then((r) => {
       o(r);
     }).catch((r) => {
       K.error(r), n(r);
     }));
-  }, [o, t]), e ? /* @__PURE__ */ P.jsx(
+  }, [o, t]), e ? /* @__PURE__ */ k.jsx(
     De,
     {
       category: "Error",
       title: "Authentication Error",
-      message: /* @__PURE__ */ P.jsxs(P.Fragment, { children: [
-        /* @__PURE__ */ P.jsx(Ne, { className: "mb-4", children: "Check the configuration of your authorization provider and ensure all settings such as the callback URL are configured correctly." }),
+      message: /* @__PURE__ */ k.jsxs(k.Fragment, { children: [
+        /* @__PURE__ */ k.jsx(Ne, { className: "mb-4", children: "Check the configuration of your authorization provider and ensure all settings such as the callback URL are configured correctly." }),
         "An error occurred while authorizing the user.",
-        /* @__PURE__ */ P.jsx(Ke, { code: e.toString(), language: "plain" })
+        /* @__PURE__ */ k.jsx(We, { code: e.toString(), language: "plain" })
       ] })
     }
-  ) : /* @__PURE__ */ P.jsx("p", { children: "Loading..." });
+  ) : /* @__PURE__ */ k.jsx("div", { className: "grid h-full place-items-center", children: /* @__PURE__ */ k.jsx(Ke, {}) });
 }
 class x extends Error {
 }
@@ -919,7 +920,7 @@ class de extends x {
   }
 }
 const V = "code-verifier";
-class Jt extends je {
+class Ot extends je {
   constructor(e, n) {
     super(), this.callbackUrlPath = e, this.handleCallback = n;
   }
@@ -928,12 +929,12 @@ class Jt extends je {
       ...super.getRoutes(),
       {
         path: this.callbackUrlPath,
-        element: /* @__PURE__ */ P.jsx(zt, { handleCallback: this.handleCallback })
+        element: /* @__PURE__ */ k.jsx(Jt, { handleCallback: this.handleCallback })
       }
     ];
   }
 }
-class Ot {
+class Nt {
   constructor({
     issuer: e,
     audience: n,
@@ -976,7 +977,7 @@ class Ot {
       const e = new URL(window.location.href), n = e.searchParams.get("state"), o = sessionStorage.getItem(V);
       if (sessionStorage.removeItem(V), !o)
         throw new x("No code verifier found in state.");
-      const s = await this.getAuthServer(), r = jt(
+      const s = await this.getAuthServer(), r = zt(
         s,
         this.client,
         e.searchParams,
@@ -989,19 +990,19 @@ class Ot {
         );
       const i = new URL(e);
       i.pathname = this.redirectToAfterSignIn, i.search = "";
-      const u = await Tt(
+      const u = await Et(
         s,
         this.client,
         r,
         i.toString(),
         o
-      ), h = await Rt(
+      ), h = await Pt(
         s,
         this.client,
         u
       );
       this.setTokensFromResponse(h);
-      const m = await this.getAccessToken(), _ = await (await wt(
+      const m = await this.getAccessToken(), _ = await (await gt(
         s,
         this.client,
         m
@@ -1020,8 +1021,8 @@ class Ot {
         "profile-state",
         JSON.stringify(N.getState().profile)
       );
-      const A = sessionStorage.getItem("redirect-to") ?? "/";
-      return sessionStorage.removeItem("redirect-to"), A;
+      const R = sessionStorage.getItem("redirect-to") ?? "/";
+      return sessionStorage.removeItem("redirect-to"), R;
     });
     this.client = {
       client_id: r,
@@ -1038,8 +1039,8 @@ class Ot {
           code_challenge_methods_supported: []
         };
       else {
-        const e = new URL(this.issuer), n = await Ze(e);
-        this.authorizationServer = await Qe(
+        const e = new URL(this.issuer), n = await Qe(e);
+        this.authorizationServer = await Xe(
           e,
           n
         );
@@ -1082,7 +1083,7 @@ class Ot {
     const o = "S256", s = await this.getAuthServer();
     if (!s.authorization_endpoint)
       throw new x("No authorization endpoint");
-    const r = Xe(), i = await tt(r);
+    const r = et(), i = await nt(r);
     sessionStorage.setItem(V, r);
     const u = new URL(
       s.authorization_endpoint
@@ -1096,7 +1097,7 @@ class Ot {
       isSignIn: !n,
       isSignUp: n
     }), ((b = s.code_challenge_methods_supported) == null ? void 0 : b.includes("S256")) !== !0) {
-      const _ = et();
+      const _ = tt();
       u.searchParams.set("state", _);
     }
     location.href = u.href;
@@ -1109,11 +1110,11 @@ class Ot {
     if (o.expiresOn < /* @__PURE__ */ new Date()) {
       if (!o.refreshToken)
         return await this.signIn(), "";
-      const s = await mt(
+      const s = await yt(
         e,
         this.client,
         o.refreshToken
-      ), r = await bt(
+      ), r = await _t(
         e,
         this.client,
         s
@@ -1139,12 +1140,12 @@ class Ot {
       }
   }
   getAuthenticationPlugin() {
-    return new Jt(this.callbackUrlPath, this.handleCallback);
+    return new Ot(this.callbackUrlPath, this.handleCallback);
   }
 }
-const Gt = (t) => new Ot(t);
+const Yt = (t) => new Nt(t);
 export {
-  Ot as OpenIDAuthenticationProvider,
-  Gt as default
+  Nt as OpenIDAuthenticationProvider,
+  Yt as default
 };
 //# sourceMappingURL=zudoku.auth-openid.js.map