UNPKG

@auth0/auth0-spa-js

Version:

Auth0 SDK for Single Page Applications using Authorization Code Grant Flow with PKCE

github.com/auth0/auth0-spa-js

auth0/auth0-spa-js

3 lines (2 loc) • 4.84 kB

JavaScript

!function(e){"function"==typeof define&&define.amd?define(e):e()}(function(){"use strict";class e extends Error{constructor(t,r){super(r),this.error=t,this.error_description=r,Object.setPrototypeOf(this,e.prototype)}static fromPayload(t){let{error:r,error_description:o}=t;return new e(r,o)}}class t extends e{constructor(e,o){super("missing_refresh_token","Missing Refresh Token (audience: '".concat(r(e,["default"]),"', scope: '").concat(r(o),"')")),this.audience=e,this.scope=o,Object.setPrototypeOf(this,t.prototype)}}function r(e){return e&&!(arguments.length>1&&void 0!==arguments[1]?arguments[1]:[]).includes(e)?e:""}"function"==typeof SuppressedError&&SuppressedError;const o=e=>{var{clientId:t}=e,r=function(e,t){var r={};for(var o in e)Object.prototype.hasOwnProperty.call(e,o)&&t.indexOf(o)<0&&(r[o]=e[o]);if(null!=e&&"function"==typeof Object.getOwnPropertySymbols){var s=0;for(o=Object.getOwnPropertySymbols(e);s<o.length;s++)t.indexOf(o[s])<0&&Object.prototype.propertyIsEnumerable.call(e,o[s])&&(r[o[s]]=e[o[s]])}return r}(e,["clientId"]);return new URLSearchParams((e=>Object.keys(e).filter(t=>void 0!==e[t]).reduce((t,r)=>Object.assign(Object.assign({},t),{[r]:e[r]}),{}))(Object.assign({client_id:t},r))).toString()};let s={},n=null;const i=(e,t)=>"".concat(e,"|").concat(t),a=(e,t)=>t.startsWith("".concat(e,"|")),c=e=>{Object.entries(s).forEach(t=>{let[r,o]=t;o===e&&delete s[r]})},l=e=>{const t=new URLSearchParams(e),r={};return t.forEach((e,t)=>{r[t]=e}),r},f=async e=>{let r,n,{data:{timeout:c,auth:f,fetchUrl:u,fetchOptions:d,useFormData:h,useMrrt:p},ports:[g]}=e,y={};const{audience:b,scope:O}=f||{};try{const e=h?l(d.body):JSON.parse(d.body);if(!e.refresh_token&&"refresh_token"===e.grant_type){if(n=((e,t)=>s[i(e,t)])(b,O),!n&&p){const e=s.latest_refresh_token,t=((e,t)=>!!Object.keys(s).find(r=>{if("latest_refresh_token"!==r){const o=a(t,r),s=r.split("|")[1].split(" "),n=e.split(" ").every(e=>s.includes(e));return o&&n}}))(O,b);e&&!t&&(n=e)}if(!n)throw new t(b,O);d.body=h?o(Object.assign(Object.assign({},e),{refresh_token:n})):JSON.stringify(Object.assign(Object.assign({},e),{refresh_token:n}))}let f,w;"function"==typeof AbortController&&(f=new AbortController,d.signal=f.signal);try{w=await Promise.race([(m=c,new Promise(e=>setTimeout(e,m))),fetch(u,Object.assign({},d))])}catch(e){return void g.postMessage({error:e.message})}if(!w)return f&&f.abort(),void g.postMessage({error:"Timeout when executing 'fetch'"});_=w.headers,y=[..._].reduce((e,t)=>{let[r,o]=t;return e[r]=o,e},{}),r=await w.json(),r.refresh_token?(p&&(s.latest_refresh_token=r.refresh_token,k=n,j=r.refresh_token,Object.entries(s).forEach(e=>{let[t,r]=e;r===k&&(s[t]=j)})),((e,t,r)=>{s[i(t,r)]=e})(r.refresh_token,b,O),delete r.refresh_token):((e,t)=>{delete s[i(e,t)]})(b,O),g.postMessage({ok:w.ok,json:r,headers:y})}catch(e){g.postMessage({ok:!1,json:{error:e.error,error_description:e.message},headers:y})}var k,j,_,m},u=async e=>{let{data:{timeout:t,auth:r,fetchUrl:n,fetchOptions:i,useFormData:f},ports:[u]}=e;const{audience:d}=r||{};try{const e=(e=>{const t=new Set;return Object.entries(s).forEach(r=>{let[o,s]=r;a(e,o)&&t.add(s)}),Array.from(t)})(d);if(0===e.length)return void u.postMessage({ok:!0});const r=f?l(i.body):JSON.parse(i.body);for(const s of e){const e=f?o(Object.assign(Object.assign({},r),{token:s})):JSON.stringify(Object.assign(Object.assign({},r),{token:s}));let a,l,d,h;"function"==typeof AbortController&&(a=new AbortController,l=a.signal);try{h=await Promise.race([new Promise(e=>{d=setTimeout(e,t)}),fetch(n,Object.assign(Object.assign({},i),{body:e,signal:l}))]).finally(()=>clearTimeout(d))}catch(e){return void u.postMessage({error:e.message})}if(!h)return a&&a.abort(),void u.postMessage({error:"Timeout when executing 'fetch'"});if(!h.ok){let e;try{const{error_description:t}=JSON.parse(await h.text());e=t}catch(e){}return void u.postMessage({error:e||"HTTP error ".concat(h.status)})}c(s)}u.postMessage({ok:!0})}catch(e){u.postMessage({error:e.message||"Unknown error during token revocation"})}},d=(e,t)=>{if(!n)return!1;try{const r=new URL(n).origin,o=new URL(e.fetchUrl);return o.origin===r&&o.pathname===t}catch(e){return!1}};addEventListener("message",e=>{const{data:t,ports:r}=e,[o]=r;if(!("type"in t)||"init"!==t.type)return"type"in t&&"clear"===t.type?(s={},void(null==o||o.postMessage({ok:!0}))):"type"in t&&"revoke"===t.type?d(t,"/oauth/revoke")?void u(e):void(null==o||o.postMessage({ok:!1,json:{error:"invalid_fetch_url",error_description:"Unauthorized fetch URL"},headers:{}})):void("fetchUrl"in t&&d(t,"/oauth/token")?f(e):null==o||o.postMessage({ok:!1,json:{error:"invalid_fetch_url",error_description:"Unauthorized fetch URL"},headers:{}}));if(null===n)try{new URL(t.allowedBaseUrl),n=t.allowedBaseUrl}catch(e){return}})}); //# sourceMappingURL=auth0-spa-js.worker.production.js.map