zudoku 0.34.4 → 0.35.1

package/lib/zudoku.auth-openid.js

@@ -23,8 +23,8 @@ function De() {
         "warn",
         "error"
       ], r = {}, i = null;
-      function c(l, g) {
-        var u = l[g];
+      function c(l, y) {
+        var u = l[y];
         if (typeof u.bind == "function")
           return u.bind(l);
         try {
@@ -35,57 +35,57 @@ function De() {
           };
         }
       }
-      function f() {
+      function p() {
         console.log && (console.log.apply ? console.log.apply(console, arguments) : Function.prototype.apply.apply(console.log, [console, arguments])), console.trace && console.trace();
       }
       function w(l) {
-        return l === "debug" && (l = "log"), typeof console === n ? !1 : l === "trace" && o ? f : console[l] !== void 0 ? c(console, l) : console.log !== void 0 ? c(console, "log") : e;
+        return l === "debug" && (l = "log"), typeof console === n ? !1 : l === "trace" && o ? p : console[l] !== void 0 ? c(console, l) : console.log !== void 0 ? c(console, "log") : e;
       }
-      function p() {
-        for (var l = this.getLevel(), g = 0; g < a.length; g++) {
-          var u = a[g];
-          this[u] = g < l ? e : this.methodFactory(u, l, this.name);
+      function f() {
+        for (var l = this.getLevel(), y = 0; y < a.length; y++) {
+          var u = a[y];
+          this[u] = y < l ? e : this.methodFactory(u, l, this.name);
         }
         if (this.log = this.debug, typeof console === n && l < this.levels.SILENT)
           return "No console available for logging";
       }
-      function b(l) {
+      function g(l) {
         return function() {
-          typeof console !== n && (p.call(this), this[l].apply(this, arguments));
+          typeof console !== n && (f.call(this), this[l].apply(this, arguments));
         };
       }
-      function T(l, g, u) {
-        return w(l) || b.apply(this, arguments);
+      function v(l, y, u) {
+        return w(l) || g.apply(this, arguments);
       }
-      function h(l, g) {
-        var u = this, J, $, R, v = "loglevel";
-        typeof l == "string" ? v += ":" + l : typeof l == "symbol" && (v = void 0);
+      function h(l, y) {
+        var u = this, J, $, R, S = "loglevel";
+        typeof l == "string" ? S += ":" + l : typeof l == "symbol" && (S = void 0);
         function Ee(d) {
-          var y = (a[d] || "silent").toUpperCase();
-          if (!(typeof window === n || !v)) {
+          var b = (a[d] || "silent").toUpperCase();
+          if (!(typeof window === n || !S)) {
             try {
-              window.localStorage[v] = y;
+              window.localStorage[S] = b;
               return;
             } catch {
             }
             try {
-              window.document.cookie = encodeURIComponent(v) + "=" + y + ";";
+              window.document.cookie = encodeURIComponent(S) + "=" + b + ";";
             } catch {
             }
           }
         }
         function te() {
           var d;
-          if (!(typeof window === n || !v)) {
+          if (!(typeof window === n || !S)) {
             try {
-              d = window.localStorage[v];
+              d = window.localStorage[S];
             } catch {
             }
             if (typeof d === n)
               try {
-                var y = window.document.cookie, O = encodeURIComponent(v), re = y.indexOf(O + "=");
+                var b = window.document.cookie, O = encodeURIComponent(S), re = b.indexOf(O + "=");
                 re !== -1 && (d = /^([^;]+)/.exec(
-                  y.slice(re + O.length + 1)
+                  b.slice(re + O.length + 1)
                 )[1]);
               } catch {
               }
@@ -93,21 +93,21 @@ function De() {
           }
         }
         function Re() {
-          if (!(typeof window === n || !v)) {
+          if (!(typeof window === n || !S)) {
             try {
-              window.localStorage.removeItem(v);
+              window.localStorage.removeItem(S);
             } catch {
             }
             try {
-              window.document.cookie = encodeURIComponent(v) + "=; expires=Thu, 01 Jan 1970 00:00:00 UTC";
+              window.document.cookie = encodeURIComponent(S) + "=; expires=Thu, 01 Jan 1970 00:00:00 UTC";
             } catch {
             }
           }
         }
         function U(d) {
-          var y = d;
-          if (typeof y == "string" && u.levels[y.toUpperCase()] !== void 0 && (y = u.levels[y.toUpperCase()]), typeof y == "number" && y >= 0 && y <= u.levels.SILENT)
-            return y;
+          var b = d;
+          if (typeof b == "string" && u.levels[b.toUpperCase()] !== void 0 && (b = u.levels[b.toUpperCase()]), typeof b == "number" && b >= 0 && b <= u.levels.SILENT)
+            return b;
           throw new TypeError("log.setLevel() called with invalid level: " + d);
         }
         u.name = l, u.levels = {
@@ -117,34 +117,34 @@ function De() {
           WARN: 3,
           ERROR: 4,
           SILENT: 5
-        }, u.methodFactory = g || T, u.getLevel = function() {
+        }, u.methodFactory = y || v, u.getLevel = function() {
           return R ?? $ ?? J;
-        }, u.setLevel = function(d, y) {
-          return R = U(d), y !== !1 && Ee(R), p.call(u);
+        }, u.setLevel = function(d, b) {
+          return R = U(d), b !== !1 && Ee(R), f.call(u);
         }, u.setDefaultLevel = function(d) {
           $ = U(d), te() || u.setLevel(d, !1);
         }, u.resetLevel = function() {
-          R = null, Re(), p.call(u);
+          R = null, Re(), f.call(u);
         }, u.enableAll = function(d) {
           u.setLevel(u.levels.TRACE, d);
         }, u.disableAll = function(d) {
           u.setLevel(u.levels.SILENT, d);
         }, u.rebuild = function() {
-          if (i !== u && (J = U(i.getLevel())), p.call(u), i === u)
+          if (i !== u && (J = U(i.getLevel())), f.call(u), i === u)
             for (var d in r)
               r[d].rebuild();
         }, J = U(
           i ? i.getLevel() : "WARN"
         );
         var ne = te();
-        ne != null && (R = U(ne)), p.call(u);
+        ne != null && (R = U(ne)), f.call(u);
       }
-      i = new h(), i.getLogger = function(g) {
-        if (typeof g != "symbol" && typeof g != "string" || g === "")
+      i = new h(), i.getLogger = function(y) {
+        if (typeof y != "symbol" && typeof y != "string" || y === "")
           throw new TypeError("You must supply a name when creating a logger.");
-        var u = r[g];
-        return u || (u = r[g] = new h(
-          g,
+        var u = r[y];
+        return u || (u = r[y] = new h(
+          y,
           i.methodFactory
         )), u;
       };
@@ -220,7 +220,7 @@ class Ve {
     this.cache.set(e, n), this.cache.size >= this.maxSize && (this._cache = this.cache, this.cache = /* @__PURE__ */ new Map());
   }
 }
-class S extends Error {
+class T extends Error {
   constructor(e) {
     var n;
     super(e ?? "operation not supported"), this.name = this.constructor.name, (n = Error.captureStackTrace) == null || n.call(Error, this, this.constructor);
@@ -347,7 +347,7 @@ function it(t) {
     case "SHA-512":
       return "PS512";
     default:
-      throw new S("unsupported RsaHashedKeyAlgorithm hash name");
+      throw new T("unsupported RsaHashedKeyAlgorithm hash name");
   }
 }
 function at(t) {
@@ -359,7 +359,7 @@ function at(t) {
     case "SHA-512":
       return "RS512";
     default:
-      throw new S("unsupported RsaHashedKeyAlgorithm hash name");
+      throw new T("unsupported RsaHashedKeyAlgorithm hash name");
   }
 }
 function st(t) {
@@ -371,7 +371,7 @@ function st(t) {
     case "P-521":
       return "ES512";
     default:
-      throw new S("unsupported EcKeyAlgorithm namedCurve");
+      throw new T("unsupported EcKeyAlgorithm namedCurve");
   }
 }
 function ct(t) {
@@ -386,7 +386,7 @@ function ct(t) {
     case "Ed448":
       return "EdDSA";
     default:
-      throw new S("unsupported CryptoKey algorithm name");
+      throw new T("unsupported CryptoKey algorithm name");
   }
 }
 function H(t) {
@@ -443,7 +443,7 @@ async function ut(t, e, n, o, a) {
       break;
     }
     default:
-      throw new S("unsupported client token_endpoint_auth_method");
+      throw new T("unsupported client token_endpoint_auth_method");
   }
 }
 async function lt(t, e, n) {
@@ -453,29 +453,29 @@ async function lt(t, e, n) {
   return `${o}.${a}`;
 }
 async function dt(t, e, n, o, a, r) {
-  var T;
-  const { privateKey: i, publicKey: c, nonce: f = we.get(n.origin) } = e;
+  var v;
+  const { privateKey: i, publicKey: c, nonce: p = we.get(n.origin) } = e;
   if (!Ze(i))
     throw new TypeError('"DPoP.privateKey" must be a private CryptoKey');
   if (!Ye(c))
     throw new TypeError('"DPoP.publicKey" must be a public CryptoKey');
-  if (f !== void 0 && !m(f))
+  if (p !== void 0 && !m(p))
     throw new TypeError('"DPoP.nonce" must be a non-empty string or undefined');
   if (!c.extractable)
     throw new TypeError('"DPoP.publicKey.extractable" must be true');
-  const w = X() + a, p = {
+  const w = X() + a, f = {
     alg: ct(i),
     typ: "dpop+jwt",
     jwk: await ft(c)
-  }, b = {
+  }, g = {
     iat: w,
     jti: Q(),
     htm: o,
-    nonce: f,
+    nonce: p,
     htu: `${n.origin}${n.pathname}`,
     ath: r ? k(await crypto.subtle.digest("SHA-256", E(r))) : void 0
   };
-  (T = e[Ke]) == null || T.call(e, p, b), t.set("dpop", await lt(p, b, i));
+  (v = e[Ke]) == null || v.call(e, f, g), t.set("dpop", await lt(f, g, i));
 }
 let N;
 async function ht(t) {
@@ -574,7 +574,7 @@ async function Se(t, e, n, o = !1, a = !1) {
   if (!m(r.token_type))
     throw new s('"response" body "token_type" property must be a non-empty string');
   if (r.token_type = r.token_type.toLowerCase(), r.token_type !== "dpop" && r.token_type !== "bearer")
-    throw new S("unsupported `token_type` value");
+    throw new T("unsupported `token_type` value");
   if (r.expires_in !== void 0 && (typeof r.expires_in != "number" || r.expires_in <= 0))
     throw new s('"response" body "expires_in" property must be a positive number');
   if (!a && r.refresh_token !== void 0 && !m(r.refresh_token))
@@ -668,8 +668,8 @@ async function Rt(t, e, n, o, a) {
   if (a !== F) {
     if (typeof a != "number" || a < 0)
       throw new TypeError('"maxAge" must be a non-negative number');
-    const c = X() + H(e), f = ge(e);
-    if (i.auth_time + a < c - f)
+    const c = X() + H(e), p = ge(e);
+    if (i.auth_time + a < c - p)
       throw new s("too much time has elapsed since the last End-User authentication");
   }
   switch (o) {
@@ -716,7 +716,7 @@ function Ut(t) {
     case "P-521":
       return "SHA-512";
     default:
-      throw new S();
+      throw new T();
   }
 }
 function Ae(t) {
@@ -736,7 +736,7 @@ function Ae(t) {
             saltLength: parseInt(t.algorithm.hash.name.slice(-3), 10) >> 3
           };
         default:
-          throw new S();
+          throw new T();
       }
     case "RSASSA-PKCS1-v1_5":
       return he(t.algorithm), t.algorithm.name;
@@ -744,7 +744,7 @@ function Ae(t) {
     case "Ed25519":
       return t.algorithm.name;
   }
-  throw new S();
+  throw new T();
 }
 const ke = Symbol();
 async function Lt(t, e, n, o) {
@@ -753,27 +753,27 @@ async function Lt(t, e, n, o) {
     throw new s("JWT signature verification failed");
 }
 async function xt(t, e, n, o, a, r) {
-  let { 0: i, 1: c, 2: f, length: w } = t.split(".");
+  let { 0: i, 1: c, 2: p, length: w } = t.split(".");
   if (w === 5)
     if (r !== void 0)
-      t = await r(t), { 0: i, 1: c, 2: f, length: w } = t.split(".");
+      t = await r(t), { 0: i, 1: c, 2: p, length: w } = t.split(".");
     else
-      throw new S("JWE structure JWTs are not supported");
+      throw new T("JWE structure JWTs are not supported");
   if (w !== 3)
     throw new s("Invalid JWT");
-  let p;
+  let f;
   try {
-    p = JSON.parse(E(k(i)));
+    f = JSON.parse(E(k(i)));
   } catch (l) {
     throw new s("failed to parse JWT Header body as base64url encoded JSON", { cause: l });
   }
-  if (!x(p))
+  if (!x(f))
     throw new s("JWT Header must be a top level object");
-  if (e(p), p.crit !== void 0)
+  if (e(f), f.crit !== void 0)
     throw new s('unexpected JWT "crit" header parameter');
-  const b = k(f);
-  let T;
-  n !== ke && (T = await n(p), await Lt(i, c, T, b));
+  const g = k(p);
+  let v;
+  n !== ke && (v = await n(f), await Lt(i, c, v, g));
   let h;
   try {
     h = JSON.parse(E(k(c)));
@@ -801,7 +801,7 @@ async function xt(t, e, n, o, a, r) {
   }
   if (h.aud !== void 0 && typeof h.aud != "string" && !Array.isArray(h.aud))
     throw new s('unexpected JWT "aud" (audience) claim type');
-  return { header: p, claims: h, signature: b, key: T, jwt: t };
+  return { header: f, claims: h, signature: g, key: v, jwt: t };
 }
 function Ct(t, e, n) {
   if (t !== void 0) {
@@ -857,9 +857,9 @@ function Jt(t, e, n, o) {
       error_description: A(n, "error_description"),
       error_uri: A(n, "error_uri")
     };
-  const c = A(n, "id_token"), f = A(n, "token");
-  if (c !== void 0 || f !== void 0)
-    throw new S("implicit and hybrid flows are not supported");
+  const c = A(n, "id_token"), p = A(n, "token");
+  if (c !== void 0 || p !== void 0)
+    throw new T("implicit and hybrid flows are not supported");
   return St(new URLSearchParams(n));
 }
 function Ot({
@@ -913,7 +913,7 @@ class Dt {
     redirectToAfterSignIn: r,
     redirectToAfterSignOut: i,
     basePath: c,
-    scopes: f
+    scopes: p
   }) {
     _(this, "client");
     _(this, "issuer");
@@ -966,27 +966,27 @@ class Dt {
         r,
         i.toString(),
         o
-      ), f = await Rt(
+      ), p = await Rt(
         a,
         this.client,
         c
       );
-      this.setTokensFromResponse(f);
-      const w = await this.getAccessToken(), b = await (await wt(
+      this.setTokensFromResponse(p);
+      const w = await this.getAccessToken(), g = await (await wt(
         a,
         this.client,
         w
-      )).json(), T = {
-        sub: b.sub,
-        email: b.email,
-        name: b.name,
-        emailVerified: b.email_verified ?? !1,
-        pictureUrl: b.picture
+      )).json(), v = {
+        sub: g.sub,
+        email: g.email,
+        name: g.name,
+        emailVerified: g.email_verified ?? !1,
+        pictureUrl: g.picture
       };
       L.setState({
         isAuthenticated: !0,
         isPending: !1,
-        profile: T
+        profile: v
       });
       const h = sessionStorage.getItem("redirect-to") ?? "/";
       return sessionStorage.removeItem("redirect-to"), h;
@@ -994,7 +994,7 @@ class Dt {
     this.client = {
       client_id: o,
       token_endpoint_auth_method: "none"
-    }, this.audience = n, this.issuer = e, this.callbackUrlPath = oe(c, "/oauth/callback"), this.scopes = f ?? ["openid", "profile", "email"];
+    }, this.audience = n, this.issuer = e, this.callbackUrlPath = oe(c, "/oauth/callback"), this.scopes = p ?? ["openid", "profile", "email"];
     const w = oe(c, "/");
     this.logoutRedirectUrlPath = w, this.redirectToAfterSignUp = a ?? w, this.redirectToAfterSignIn = r ?? w, this.redirectToAfterSignOut = i ?? w;
   }
@@ -1043,7 +1043,7 @@ class Dt {
     redirectTo: e,
     isSignUp: n = !1
   }) {
-    var w, p;
+    var f, g;
     const o = "S256", a = await this.getAuthServer();
     if (!a.authorization_endpoint)
       throw new P("No authorization endpoint");
@@ -1051,18 +1051,18 @@ class Dt {
     sessionStorage.setItem(M, r);
     const c = new URL(
       a.authorization_endpoint
-    );
-    sessionStorage.setItem("redirect-to", e);
-    const f = new URL(window.location.origin);
-    if (f.pathname = this.callbackUrlPath, f.search = "", c.searchParams.set("client_id", this.client.client_id), c.searchParams.set("redirect_uri", f.toString()), c.searchParams.set("response_type", "code"), c.searchParams.set("scope", this.scopes.join(" ")), c.searchParams.set("code_challenge", i), c.searchParams.set(
+    ), p = e.startsWith(window.location.origin) ? e.slice(window.location.origin.length) : e;
+    sessionStorage.setItem("redirect-to", p);
+    const w = new URL(window.location.origin);
+    if (w.pathname = this.callbackUrlPath, w.search = "", c.searchParams.set("client_id", this.client.client_id), c.searchParams.set("redirect_uri", w.toString()), c.searchParams.set("response_type", "code"), c.searchParams.set("scope", this.scopes.join(" ")), c.searchParams.set("code_challenge", i), c.searchParams.set(
       "code_challenge_method",
       o
-    ), this.audience && c.searchParams.set("audience", this.audience), (w = this.onAuthorizationUrl) == null || w.call(this, c, {
+    ), this.audience && c.searchParams.set("audience", this.audience), (f = this.onAuthorizationUrl) == null || f.call(this, c, {
       isSignIn: !n,
       isSignUp: n
-    }), ((p = a.code_challenge_methods_supported) == null ? void 0 : p.includes("S256")) !== !0) {
-      const b = nt();
-      c.searchParams.set("state", b);
+    }), ((g = a.code_challenge_methods_supported) == null ? void 0 : g.includes("S256")) !== !0) {
+      const v = nt();
+      c.searchParams.set("state", v);
     }
     location.href = c.href;
   }