zudoku 0.32.5 → 0.33.0

package/lib/zudoku.auth-openid.js

@@ -1,12 +1,12 @@
 var Ue = Object.defineProperty;
 var Le = (t, e, n) => e in t ? Ue(t, e, { enumerable: !0, configurable: !0, writable: !0, value: n }) : t[e] = n;
-var b = (t, e, n) => Le(t, typeof e != "symbol" ? e + "" : e, n);
+var _ = (t, e, n) => Le(t, typeof e != "symbol" ? e + "" : e, n);
 import { j as q } from "./jsx-runtime-CYK1ROHF.js";
 import { g as xe } from "./_commonjsHelpers-BkfeUUK-.js";
 import { C as Ce } from "./ClientOnly-E7hGysn1.js";
 import { j as oe } from "./joinUrl-10po2Jdj.js";
-import { A as Ie } from "./AuthenticationPlugin-BlxA4Mbn.js";
-import { a as je, u as L } from "./hook-CWwSAAlH.js";
+import { A as je } from "./AuthenticationPlugin-_gUMnGxb.js";
+import { b as Ie, u as L } from "./hook-4_6pQSo4.js";
 import { N as Je } from "./chunk-IR6S3I6Y-D_3UmFIn.js";
 import { Z as Oe } from "./invariant-Caa8-XvF.js";
 var D = { exports: {} }, ze = D.exports, ie;
@@ -23,8 +23,8 @@ function De() {
         "warn",
         "error"
       ], r = {}, i = null;
-      function c(l, m) {
-        var u = l[m];
+      function c(l, g) {
+        var u = l[g];
         if (typeof u.bind == "function")
           return u.bind(l);
         try {
@@ -35,41 +35,41 @@ function De() {
           };
         }
       }
-      function h() {
+      function f() {
         console.log && (console.log.apply ? console.log.apply(console, arguments) : Function.prototype.apply.apply(console.log, [console, arguments])), console.trace && console.trace();
       }
-      function _(l) {
-        return l === "debug" && (l = "log"), typeof console === n ? !1 : l === "trace" && o ? h : console[l] !== void 0 ? c(console, l) : console.log !== void 0 ? c(console, "log") : e;
+      function w(l) {
+        return l === "debug" && (l = "log"), typeof console === n ? !1 : l === "trace" && o ? f : console[l] !== void 0 ? c(console, l) : console.log !== void 0 ? c(console, "log") : e;
       }
       function p() {
-        for (var l = this.getLevel(), m = 0; m < a.length; m++) {
-          var u = a[m];
-          this[u] = m < l ? e : this.methodFactory(u, l, this.name);
+        for (var l = this.getLevel(), g = 0; g < a.length; g++) {
+          var u = a[g];
+          this[u] = g < l ? e : this.methodFactory(u, l, this.name);
         }
         if (this.log = this.debug, typeof console === n && l < this.levels.SILENT)
           return "No console available for logging";
       }
-      function y(l) {
+      function b(l) {
         return function() {
           typeof console !== n && (p.call(this), this[l].apply(this, arguments));
         };
       }
-      function T(l, m, u) {
-        return _(l) || y.apply(this, arguments);
+      function T(l, g, u) {
+        return w(l) || b.apply(this, arguments);
       }
-      function f(l, m) {
+      function h(l, g) {
         var u = this, J, $, R, v = "loglevel";
         typeof l == "string" ? v += ":" + l : typeof l == "symbol" && (v = void 0);
         function Ee(d) {
-          var g = (a[d] || "silent").toUpperCase();
+          var y = (a[d] || "silent").toUpperCase();
           if (!(typeof window === n || !v)) {
             try {
-              window.localStorage[v] = g;
+              window.localStorage[v] = y;
               return;
             } catch {
             }
             try {
-              window.document.cookie = encodeURIComponent(v) + "=" + g + ";";
+              window.document.cookie = encodeURIComponent(v) + "=" + y + ";";
             } catch {
             }
           }
@@ -83,9 +83,9 @@ function De() {
             }
             if (typeof d === n)
               try {
-                var g = window.document.cookie, O = encodeURIComponent(v), re = g.indexOf(O + "=");
+                var y = window.document.cookie, O = encodeURIComponent(v), re = y.indexOf(O + "=");
                 re !== -1 && (d = /^([^;]+)/.exec(
-                  g.slice(re + O.length + 1)
+                  y.slice(re + O.length + 1)
                 )[1]);
               } catch {
               }
@@ -105,9 +105,9 @@ function De() {
           }
         }
         function U(d) {
-          var g = d;
-          if (typeof g == "string" && u.levels[g.toUpperCase()] !== void 0 && (g = u.levels[g.toUpperCase()]), typeof g == "number" && g >= 0 && g <= u.levels.SILENT)
-            return g;
+          var y = d;
+          if (typeof y == "string" && u.levels[y.toUpperCase()] !== void 0 && (y = u.levels[y.toUpperCase()]), typeof y == "number" && y >= 0 && y <= u.levels.SILENT)
+            return y;
           throw new TypeError("log.setLevel() called with invalid level: " + d);
         }
         u.name = l, u.levels = {
@@ -117,10 +117,10 @@ function De() {
           WARN: 3,
           ERROR: 4,
           SILENT: 5
-        }, u.methodFactory = m || T, u.getLevel = function() {
+        }, u.methodFactory = g || T, u.getLevel = function() {
           return R ?? $ ?? J;
-        }, u.setLevel = function(d, g) {
-          return R = U(d), g !== !1 && Ee(R), p.call(u);
+        }, u.setLevel = function(d, y) {
+          return R = U(d), y !== !1 && Ee(R), p.call(u);
         }, u.setDefaultLevel = function(d) {
           $ = U(d), te() || u.setLevel(d, !1);
         }, u.resetLevel = function() {
@@ -139,18 +139,18 @@ function De() {
         var ne = te();
         ne != null && (R = U(ne)), p.call(u);
       }
-      i = new f(), i.getLogger = function(m) {
-        if (typeof m != "symbol" && typeof m != "string" || m === "")
+      i = new h(), i.getLogger = function(g) {
+        if (typeof g != "symbol" && typeof g != "string" || g === "")
           throw new TypeError("You must supply a name when creating a logger.");
-        var u = r[m];
-        return u || (u = r[m] = new f(
-          m,
+        var u = r[g];
+        return u || (u = r[g] = new h(
+          g,
           i.methodFactory
         )), u;
       };
-      var j = typeof window !== n ? window.log : void 0;
+      var I = typeof window !== n ? window.log : void 0;
       return i.noConflict = function() {
-        return typeof window !== n && window.log === i && (window.log = j), i;
+        return typeof window !== n && window.log === i && (window.log = I), i;
       }, i.getLoggers = function() {
         return r;
       }, i.default = i, i;
@@ -292,7 +292,7 @@ async function Xe(t, e) {
     signal: null
   }).then(Y);
 }
-function w(t) {
+function m(t) {
   return typeof t == "string" && t.length !== 0;
 }
 async function et(t, e) {
@@ -311,7 +311,7 @@ async function et(t, e) {
   }
   if (!x(n))
     throw new s('"response" body must be a top level object');
-  if (!w(n.issuer))
+  if (!m(n.issuer))
     throw new s('"response" body "issuer" property must be a non-empty string');
   if (new URL(n.issuer).href !== t.href)
     throw new s('"response" body "issuer" does not match "expectedIssuer"');
@@ -327,7 +327,7 @@ function nt() {
   return Q();
 }
 async function rt(t) {
-  if (!w(t))
+  if (!m(t))
     throw new TypeError('"codeVerifier" must be a non-empty string');
   return k(await crypto.subtle.digest("SHA-256", E(t)));
 }
@@ -403,19 +403,19 @@ function X() {
 function C(t) {
   if (typeof t != "object" || t === null)
     throw new TypeError('"as" must be an object');
-  if (!w(t.issuer))
+  if (!m(t.issuer))
     throw new TypeError('"as.issuer" property must be a non-empty string');
   return !0;
 }
-function I(t) {
+function j(t) {
   if (typeof t != "object" || t === null)
     throw new TypeError('"client" must be an object');
-  if (!w(t.client_id))
+  if (!m(t.client_id))
     throw new TypeError('"client.client_id" property must be a non-empty string');
   return !0;
 }
 function ue(t) {
-  if (!w(t))
+  if (!m(t))
     throw new TypeError('"client.client_secret" property must be a non-empty string');
   return t;
 }
@@ -454,28 +454,28 @@ async function lt(t, e, n) {
 }
 async function dt(t, e, n, o, a, r) {
   var T;
-  const { privateKey: i, publicKey: c, nonce: h = we.get(n.origin) } = e;
+  const { privateKey: i, publicKey: c, nonce: f = we.get(n.origin) } = e;
   if (!Ze(i))
     throw new TypeError('"DPoP.privateKey" must be a private CryptoKey');
   if (!Ye(c))
     throw new TypeError('"DPoP.publicKey" must be a public CryptoKey');
-  if (h !== void 0 && !w(h))
+  if (f !== void 0 && !m(f))
     throw new TypeError('"DPoP.nonce" must be a non-empty string or undefined');
   if (!c.extractable)
     throw new TypeError('"DPoP.publicKey.extractable" must be true');
-  const _ = X() + a, p = {
+  const w = X() + a, p = {
     alg: ct(i),
     typ: "dpop+jwt",
     jwk: await ft(c)
-  }, y = {
-    iat: _,
+  }, b = {
+    iat: w,
     jti: Q(),
     htm: o,
-    nonce: h,
+    nonce: f,
     htu: `${n.origin}${n.pathname}`,
     ath: r ? k(await crypto.subtle.digest("SHA-256", E(r))) : void 0
   };
-  (T = e[Ke]) == null || T.call(e, p, y), t.set("dpop", await lt(p, y, i));
+  (T = e[Ke]) == null || T.call(e, p, b), t.set("dpop", await lt(p, b, i));
 }
 let N;
 async function ht(t) {
@@ -501,7 +501,7 @@ function V(t) {
   return typeof e != "object" || Array.isArray(e) || e === null ? !1 : e.error !== void 0;
 }
 async function pt(t, e, n, o, a, r) {
-  if (!w(t))
+  if (!m(t))
     throw new TypeError('"accessToken" must be a non-empty string');
   if (!(n instanceof URL))
     throw new TypeError('"url" must be an instance of URL');
@@ -514,7 +514,7 @@ async function pt(t, e, n, o, a, r) {
   }).then(Y);
 }
 async function wt(t, e, n, o) {
-  C(t), I(e);
+  C(t), j(e);
   const a = ye(t, "userinfo_endpoint", be(e, o)), r = K(o == null ? void 0 : o.headers);
   return e.userinfo_signed_response_alg ? r.set("accept", "application/jwt") : (r.set("accept", "application/json"), r.append("accept", "application/jwt")), pt(n, "GET", a, r, null, {
     ...o,
@@ -537,7 +537,7 @@ async function _e(t, e, n, o, a) {
   return i.set("accept", "application/json"), mt(t, e, "POST", r, o, i, a);
 }
 async function gt(t, e, n, o) {
-  if (C(t), I(e), !w(n))
+  if (C(t), j(e), !m(n))
     throw new TypeError('"refreshToken" must be a non-empty string');
   const a = new URLSearchParams(o == null ? void 0 : o.additionalParameters);
   return a.set("refresh_token", n), _e(t, e, "refresh_token", a, o);
@@ -552,7 +552,7 @@ function yt(t) {
   return e[0];
 }
 async function Se(t, e, n, o = !1, a = !1) {
-  if (C(t), I(e), !G(n, Response))
+  if (C(t), j(e), !G(n, Response))
     throw new TypeError('"response" must be an instance of Response');
   if (n.status !== 200) {
     let i;
@@ -569,20 +569,20 @@ async function Se(t, e, n, o = !1, a = !1) {
   }
   if (!x(r))
     throw new s('"response" body must be a top level object');
-  if (!w(r.access_token))
+  if (!m(r.access_token))
     throw new s('"response" body "access_token" property must be a non-empty string');
-  if (!w(r.token_type))
+  if (!m(r.token_type))
     throw new s('"response" body "token_type" property must be a non-empty string');
   if (r.token_type = r.token_type.toLowerCase(), r.token_type !== "dpop" && r.token_type !== "bearer")
     throw new S("unsupported `token_type` value");
   if (r.expires_in !== void 0 && (typeof r.expires_in != "number" || r.expires_in <= 0))
     throw new s('"response" body "expires_in" property must be a positive number');
-  if (!a && r.refresh_token !== void 0 && !w(r.refresh_token))
+  if (!a && r.refresh_token !== void 0 && !m(r.refresh_token))
     throw new s('"response" body "refresh_token" property must be a non-empty string');
   if (r.scope !== void 0 && typeof r.scope != "string")
     throw new s('"response" body "scope" property must be a string');
   if (!o) {
-    if (r.id_token !== void 0 && !w(r.id_token))
+    if (r.id_token !== void 0 && !m(r.id_token))
       throw new s('"response" body "id_token" property must be a non-empty string');
     if (r.id_token) {
       const { claims: i, jwt: c } = await xt(r.id_token, Ct.bind(void 0, e.id_token_signed_response_alg, t.id_token_signing_alg_values_supported), ke, H(e), ge(e), e[He]).then(kt.bind(void 0, ["aud", "exp", "iat", "iss", "sub"])).then(vt.bind(void 0, t.issuer)).then(_t.bind(void 0, e.client_id));
@@ -620,11 +620,11 @@ function St(t) {
   return Te.add(t), t;
 }
 async function Tt(t, e, n, o, a, r) {
-  if (C(t), I(e), !Te.has(n))
+  if (C(t), j(e), !Te.has(n))
     throw new TypeError('"callbackParameters" must be an instance of URLSearchParams obtained from "validateAuthResponse()", or "validateJwtAuthResponse()');
-  if (!w(o))
+  if (!m(o))
     throw new TypeError('"redirectUri" must be a non-empty string');
-  if (!w(a))
+  if (!m(a))
     throw new TypeError('"codeVerifier" must be a non-empty string');
   const i = A(n, "code");
   if (!i)
@@ -659,7 +659,7 @@ async function Rt(t, e, n, o, a) {
   const r = await Se(t, e, n);
   if (V(r))
     return r;
-  if (!w(r.id_token))
+  if (!m(r.id_token))
     throw new s('"response" body "id_token" property must be a non-empty string');
   a ?? (a = e.default_max_age ?? F);
   const i = yt(r);
@@ -668,8 +668,8 @@ async function Rt(t, e, n, o, a) {
   if (a !== F) {
     if (typeof a != "number" || a < 0)
       throw new TypeError('"maxAge" must be a non-negative number');
-    const c = X() + H(e), h = ge(e);
-    if (i.auth_time + a < c - h)
+    const c = X() + H(e), f = ge(e);
+    if (i.auth_time + a < c - f)
       throw new s("too much time has elapsed since the last End-User authentication");
   }
   switch (o) {
@@ -679,7 +679,7 @@ async function Rt(t, e, n, o, a) {
         throw new s('unexpected ID Token "nonce" claim value');
       break;
     default:
-      if (!w(o))
+      if (!m(o))
         throw new TypeError('"expectedNonce" must be a non-empty string');
       if (i.nonce === void 0)
         throw new s('ID Token "nonce" claim missing');
@@ -753,13 +753,13 @@ async function Lt(t, e, n, o) {
     throw new s("JWT signature verification failed");
 }
 async function xt(t, e, n, o, a, r) {
-  let { 0: i, 1: c, 2: h, length: _ } = t.split(".");
-  if (_ === 5)
+  let { 0: i, 1: c, 2: f, length: w } = t.split(".");
+  if (w === 5)
     if (r !== void 0)
-      t = await r(t), { 0: i, 1: c, 2: h, length: _ } = t.split(".");
+      t = await r(t), { 0: i, 1: c, 2: f, length: w } = t.split(".");
     else
       throw new S("JWE structure JWTs are not supported");
-  if (_ !== 3)
+  if (w !== 3)
     throw new s("Invalid JWT");
   let p;
   try {
@@ -771,37 +771,37 @@ async function xt(t, e, n, o, a, r) {
     throw new s("JWT Header must be a top level object");
   if (e(p), p.crit !== void 0)
     throw new s('unexpected JWT "crit" header parameter');
-  const y = k(h);
+  const b = k(f);
   let T;
-  n !== ke && (T = await n(p), await Lt(i, c, T, y));
-  let f;
+  n !== ke && (T = await n(p), await Lt(i, c, T, b));
+  let h;
   try {
-    f = JSON.parse(E(k(c)));
+    h = JSON.parse(E(k(c)));
   } catch (l) {
     throw new s("failed to parse JWT Payload body as base64url encoded JSON", { cause: l });
   }
-  if (!x(f))
+  if (!x(h))
     throw new s("JWT Payload must be a top level object");
-  const j = X() + o;
-  if (f.exp !== void 0) {
-    if (typeof f.exp != "number")
+  const I = X() + o;
+  if (h.exp !== void 0) {
+    if (typeof h.exp != "number")
       throw new s('unexpected JWT "exp" (expiration time) claim type');
-    if (f.exp <= j - a)
+    if (h.exp <= I - a)
       throw new s('unexpected JWT "exp" (expiration time) claim value, timestamp is <= now()');
   }
-  if (f.iat !== void 0 && typeof f.iat != "number")
+  if (h.iat !== void 0 && typeof h.iat != "number")
     throw new s('unexpected JWT "iat" (issued at) claim type');
-  if (f.iss !== void 0 && typeof f.iss != "string")
+  if (h.iss !== void 0 && typeof h.iss != "string")
     throw new s('unexpected JWT "iss" (issuer) claim type');
-  if (f.nbf !== void 0) {
-    if (typeof f.nbf != "number")
+  if (h.nbf !== void 0) {
+    if (typeof h.nbf != "number")
       throw new s('unexpected JWT "nbf" (not before) claim type');
-    if (f.nbf > j + a)
+    if (h.nbf > I + a)
       throw new s('unexpected JWT "nbf" (not before) claim value, timestamp is > now()');
   }
-  if (f.aud !== void 0 && typeof f.aud != "string" && !Array.isArray(f.aud))
+  if (h.aud !== void 0 && typeof h.aud != "string" && !Array.isArray(h.aud))
     throw new s('unexpected JWT "aud" (audience) claim type');
-  return { header: p, claims: f, signature: y, key: T, jwt: t };
+  return { header: p, claims: h, signature: b, key: T, jwt: t };
 }
 function Ct(t, e, n) {
   if (t !== void 0) {
@@ -823,9 +823,9 @@ function A(t, e) {
     throw new s(`"${e}" parameter must be provided only once`);
   return n;
 }
-const It = Symbol(), jt = Symbol();
+const jt = Symbol(), It = Symbol();
 function Jt(t, e, n, o) {
-  if (C(t), I(e), n instanceof URL && (n = n.searchParams), !(n instanceof URLSearchParams))
+  if (C(t), j(e), n instanceof URL && (n = n.searchParams), !(n instanceof URLSearchParams))
     throw new TypeError('"parameters" must be an instance of URLSearchParams, or URL');
   if (A(n, "response"))
     throw new s('"parameters" contains a JARM response, use validateJwtAuthResponse() instead of validateAuthResponse()');
@@ -836,14 +836,14 @@ function Jt(t, e, n, o) {
     throw new s('unexpected "iss" (issuer) response parameter value');
   switch (o) {
     case void 0:
-    case jt:
+    case It:
       if (r !== void 0)
         throw new s('unexpected "state" response parameter encountered');
       break;
-    case It:
+    case jt:
       break;
     default:
-      if (!w(o))
+      if (!m(o))
         throw new s('"expectedState" must be a non-empty string');
       if (r === void 0)
         throw new s('response parameter "state" missing');
@@ -857,15 +857,15 @@ function Jt(t, e, n, o) {
       error_description: A(n, "error_description"),
       error_uri: A(n, "error_uri")
     };
-  const c = A(n, "id_token"), h = A(n, "token");
-  if (c !== void 0 || h !== void 0)
+  const c = A(n, "id_token"), f = A(n, "token");
+  if (c !== void 0 || f !== void 0)
     throw new S("implicit and hybrid flows are not supported");
   return St(new URLSearchParams(n));
 }
 function Ot({
   handleCallback: t
 }) {
-  const e = je({
+  const e = Ie({
     retry: !1,
     queryKey: ["oauth-callback"],
     queryFn: async () => {
@@ -890,7 +890,7 @@ class fe extends P {
   }
 }
 const M = "code-verifier";
-class zt extends Ie {
+class zt extends je {
   constructor(e, n) {
     super(), this.callbackUrlPath = e, this.handleCallback = n;
   }
@@ -912,19 +912,21 @@ class Dt {
     redirectToAfterSignUp: a,
     redirectToAfterSignIn: r,
     redirectToAfterSignOut: i,
-    basePath: c
+    basePath: c,
+    scopes: f
   }) {
-    b(this, "client");
-    b(this, "issuer");
-    b(this, "authorizationServer");
-    b(this, "callbackUrlPath");
-    b(this, "logoutRedirectUrlPath");
-    b(this, "onAuthorizationUrl");
-    b(this, "redirectToAfterSignUp");
-    b(this, "redirectToAfterSignIn");
-    b(this, "redirectToAfterSignOut");
-    b(this, "audience");
-    b(this, "signOut", async () => {
+    _(this, "client");
+    _(this, "issuer");
+    _(this, "authorizationServer");
+    _(this, "callbackUrlPath");
+    _(this, "logoutRedirectUrlPath");
+    _(this, "onAuthorizationUrl");
+    _(this, "redirectToAfterSignUp");
+    _(this, "redirectToAfterSignIn");
+    _(this, "redirectToAfterSignOut");
+    _(this, "audience");
+    _(this, "scopes");
+    _(this, "signOut", async () => {
       L.setState({
         isAuthenticated: !1,
         isPending: !1,
@@ -941,7 +943,7 @@ class Dt {
         n.toString()
       )) : o = n;
     });
-    b(this, "handleCallback", async () => {
+    _(this, "handleCallback", async () => {
       const e = new URL(window.location.href), n = e.searchParams.get("state"), o = sessionStorage.getItem(M);
       if (sessionStorage.removeItem(M), !o)
         throw new P("No code verifier found in state.");
@@ -964,37 +966,37 @@ class Dt {
         r,
         i.toString(),
         o
-      ), h = await Rt(
+      ), f = await Rt(
         a,
         this.client,
         c
       );
-      this.setTokensFromResponse(h);
-      const _ = await this.getAccessToken(), y = await (await wt(
+      this.setTokensFromResponse(f);
+      const w = await this.getAccessToken(), b = await (await wt(
         a,
         this.client,
-        _
+        w
       )).json(), T = {
-        sub: y.sub,
-        email: y.email,
-        name: y.name,
-        emailVerified: y.email_verified ?? !1,
-        pictureUrl: y.picture
+        sub: b.sub,
+        email: b.email,
+        name: b.name,
+        emailVerified: b.email_verified ?? !1,
+        pictureUrl: b.picture
       };
       L.setState({
         isAuthenticated: !0,
         isPending: !1,
         profile: T
       });
-      const f = sessionStorage.getItem("redirect-to") ?? "/";
-      return sessionStorage.removeItem("redirect-to"), f;
+      const h = sessionStorage.getItem("redirect-to") ?? "/";
+      return sessionStorage.removeItem("redirect-to"), h;
     });
     this.client = {
       client_id: o,
       token_endpoint_auth_method: "none"
-    }, this.audience = n, this.issuer = e, this.callbackUrlPath = oe(c, "/oauth/callback");
-    const h = oe(c, "/");
-    this.logoutRedirectUrlPath = h, this.redirectToAfterSignUp = a ?? h, this.redirectToAfterSignIn = r ?? h, this.redirectToAfterSignOut = i ?? h;
+    }, this.audience = n, this.issuer = e, this.callbackUrlPath = oe(c, "/oauth/callback"), this.scopes = f ?? ["openid", "profile", "email"];
+    const w = oe(c, "/");
+    this.logoutRedirectUrlPath = w, this.redirectToAfterSignUp = a ?? w, this.redirectToAfterSignIn = r ?? w, this.redirectToAfterSignOut = i ?? w;
   }
   async getAuthServer() {
     if (!this.authorizationServer) {
@@ -1041,7 +1043,7 @@ class Dt {
     redirectTo: e,
     isSignUp: n = !1
   }) {
-    var _, p;
+    var w, p;
     const o = "S256", a = await this.getAuthServer();
     if (!a.authorization_endpoint)
       throw new P("No authorization endpoint");
@@ -1051,16 +1053,16 @@ class Dt {
       a.authorization_endpoint
     );
     sessionStorage.setItem("redirect-to", e);
-    const h = new URL(window.location.origin);
-    if (h.pathname = this.callbackUrlPath, h.search = "", c.searchParams.set("client_id", this.client.client_id), c.searchParams.set("redirect_uri", h.toString()), c.searchParams.set("response_type", "code"), c.searchParams.set("scope", "openid profile email"), c.searchParams.set("code_challenge", i), c.searchParams.set(
+    const f = new URL(window.location.origin);
+    if (f.pathname = this.callbackUrlPath, f.search = "", c.searchParams.set("client_id", this.client.client_id), c.searchParams.set("redirect_uri", f.toString()), c.searchParams.set("response_type", "code"), c.searchParams.set("scope", this.scopes.join(" ")), c.searchParams.set("code_challenge", i), c.searchParams.set(
       "code_challenge_method",
       o
-    ), this.audience && c.searchParams.set("audience", this.audience), (_ = this.onAuthorizationUrl) == null || _.call(this, c, {
+    ), this.audience && c.searchParams.set("audience", this.audience), (w = this.onAuthorizationUrl) == null || w.call(this, c, {
       isSignIn: !n,
       isSignUp: n
     }), ((p = a.code_challenge_methods_supported) == null ? void 0 : p.includes("S256")) !== !0) {
-      const y = nt();
-      c.searchParams.set("state", y);
+      const b = nt();
+      c.searchParams.set("state", b);
     }
     location.href = c.href;
   }