UNPKG

@auth0/auth0-spa-js

Version:

Auth0 SDK for Single Page Applications using Authorization Code Grant Flow with PKCE

github.com/auth0/auth0-spa-js

auth0/auth0-spa-js

3 lines (2 loc) • 5.96 kB

JavaScript

!function(e){"function"==typeof define&&define.amd?define(e):e()}(function(){"use strict";function e(e,t){(null==t||t>e.length)&&(t=e.length);for(var r=0,n=Array(t);r<t;r++)n[r]=e[r];return n}function t(t,r){return function(e){if(Array.isArray(e))return e}(t)||function(e,t){var r=null==e?null:"undefined"!=typeof Symbol&&e[Symbol.iterator]||e["@@iterator"];if(null!=r){var n,o,s,i,a=[],c=!0,l=!1;try{if(s=(r=r.call(e)).next,0===t){if(Object(r)!==r)return;c=!1}else for(;!(c=(n=s.call(r)).done)&&(a.push(n.value),a.length!==t);c=!0);}catch(e){l=!0,o=e}finally{try{if(!c&&null!=r.return&&(i=r.return(),Object(i)!==i))return}finally{if(l)throw o}}return a}}(t,r)||function(t,r){if(t){if("string"==typeof t)return e(t,r);var n={}.toString.call(t).slice(8,-1);return"Object"===n&&t.constructor&&(n=t.constructor.name),"Map"===n||"Set"===n?Array.from(t):"Arguments"===n||/^(?:Ui|I)nt(?:8|16|32)(?:Clamped)?Array$/.test(n)?e(t,r):void 0}}(t,r)||function(){throw new TypeError("Invalid attempt to destructure non-iterable instance.\nIn order to be iterable, non-array objects must have a [Symbol.iterator]() method.")}()}class r extends Error{constructor(e,t){super(t),this.error=e,this.error_description=t,Object.setPrototypeOf(this,r.prototype)}static fromPayload(e){let t=e.error,n=e.error_description;return new r(t,n)}}class n extends r{constructor(e,t){super("missing_refresh_token","Missing Refresh Token (audience: '".concat(o(e,["default"]),"', scope: '").concat(o(t),"')")),this.audience=e,this.scope=t,Object.setPrototypeOf(this,n.prototype)}}function o(e){return e&&!(arguments.length>1&&void 0!==arguments[1]?arguments[1]:[]).includes(e)?e:""}"function"==typeof SuppressedError&&SuppressedError;const s=e=>{var t=e.clientId,r=function(e,t){var r={};for(var n in e)Object.prototype.hasOwnProperty.call(e,n)&&t.indexOf(n)<0&&(r[n]=e[n]);if(null!=e&&"function"==typeof Object.getOwnPropertySymbols){var o=0;for(n=Object.getOwnPropertySymbols(e);o<n.length;o++)t.indexOf(n[o])<0&&Object.prototype.propertyIsEnumerable.call(e,n[o])&&(r[n[o]]=e[n[o]])}return r}(e,["clientId"]);return new URLSearchParams((e=>Object.keys(e).filter(t=>void 0!==e[t]).reduce((t,r)=>Object.assign(Object.assign({},t),{[r]:e[r]}),{}))(Object.assign({client_id:t},r))).toString()};let i={},a=null;const c=(e,t)=>"".concat(e,"|").concat(t),l=(e,t)=>t.startsWith("".concat(e,"|")),u=e=>{Object.entries(i).forEach(r=>{let n=t(r,2),o=n[0];n[1]===e&&delete i[o]})},f=e=>{const t=new URLSearchParams(e),r={};return t.forEach((e,t)=>{r[t]=e}),r},d=async e=>{let r,o,a=e.data,u=a.timeout,d=a.auth,h=a.fetchUrl,p=a.fetchOptions,y=a.useFormData,g=a.useMrrt,b=t(e.ports,1)[0],O={};const m=d||{},j=m.audience,k=m.scope;try{const e=y?f(p.body):JSON.parse(p.body);if(!e.refresh_token&&"refresh_token"===e.grant_type){if(o=((e,t)=>i[c(e,t)])(j,k),!o&&g){const e=i.latest_refresh_token,t=((e,t)=>!!Object.keys(i).find(r=>{if("latest_refresh_token"!==r){const n=l(t,r),o=r.split("|")[1].split(" "),s=e.split(" ").every(e=>o.includes(e));return n&&s}}))(k,j);e&&!t&&(o=e)}if(!o)throw new n(j,k);p.body=y?s(Object.assign(Object.assign({},e),{refresh_token:o})):JSON.stringify(Object.assign(Object.assign({},e),{refresh_token:o}))}let a,d;"function"==typeof AbortController&&(a=new AbortController,p.signal=a.signal);try{d=await Promise.race([(S=u,new Promise(e=>setTimeout(e,S))),fetch(h,Object.assign({},p))])}catch(e){return void b.postMessage({error:e.message})}if(!d)return a&&a.abort(),void b.postMessage({error:"Timeout when executing 'fetch'"});w=d.headers,O=[...w].reduce((e,r)=>{let n=t(r,2),o=n[0],s=n[1];return e[o]=s,e},{}),r=await d.json(),r.refresh_token?(g&&(i.latest_refresh_token=r.refresh_token,v=o,_=r.refresh_token,Object.entries(i).forEach(e=>{let r=t(e,2),n=r[0];r[1]===v&&(i[n]=_)})),((e,t,r)=>{i[c(t,r)]=e})(r.refresh_token,j,k),delete r.refresh_token):((e,t)=>{delete i[c(e,t)]})(j,k),b.postMessage({ok:d.ok,json:r,headers:O})}catch(e){b.postMessage({ok:!1,json:{error:e.error,error_description:e.message},headers:O})}var v,_,w,S},h=async e=>{let r=e.data,n=r.timeout,o=r.auth,a=r.fetchUrl,c=r.fetchOptions,d=r.useFormData,h=t(e.ports,1)[0];const p=(o||{}).audience;try{const e=(e=>{const r=new Set;return Object.entries(i).forEach(n=>{let o=t(n,2),s=o[0],i=o[1];l(e,s)&&r.add(i)}),Array.from(r)})(p);if(0===e.length)return void h.postMessage({ok:!0});const r=d?f(c.body):JSON.parse(c.body);for(const t of e){const e=d?s(Object.assign(Object.assign({},r),{token:t})):JSON.stringify(Object.assign(Object.assign({},r),{token:t}));let o,i,l,f;"function"==typeof AbortController&&(o=new AbortController,i=o.signal);try{f=await Promise.race([new Promise(e=>{l=setTimeout(e,n)}),fetch(a,Object.assign(Object.assign({},c),{body:e,signal:i}))]).finally(()=>clearTimeout(l))}catch(e){return void h.postMessage({error:e.message})}if(!f)return o&&o.abort(),void h.postMessage({error:"Timeout when executing 'fetch'"});if(!f.ok){let e;try{const t=JSON.parse(await f.text());e=t.error_description}catch(e){}return void h.postMessage({error:e||"HTTP error ".concat(f.status)})}u(t)}h.postMessage({ok:!0})}catch(e){h.postMessage({error:e.message||"Unknown error during token revocation"})}},p=(e,t)=>{if(!a)return!1;try{const r=new URL(a).origin,n=new URL(e.fetchUrl);return n.origin===r&&n.pathname===t}catch(e){return!1}};addEventListener("message",e=>{const r=e.data,n=t(e.ports,1)[0];if(!("type"in r)||"init"!==r.type)return"type"in r&&"clear"===r.type?(i={},void(null==n||n.postMessage({ok:!0}))):"type"in r&&"revoke"===r.type?p(r,"/oauth/revoke")?void h(e):void(null==n||n.postMessage({ok:!1,json:{error:"invalid_fetch_url",error_description:"Unauthorized fetch URL"},headers:{}})):void("fetchUrl"in r&&p(r,"/oauth/token")?d(e):null==n||n.postMessage({ok:!1,json:{error:"invalid_fetch_url",error_description:"Unauthorized fetch URL"},headers:{}}));if(null===a)try{new URL(r.allowedBaseUrl),a=r.allowedBaseUrl}catch(e){return}})}); //# sourceMappingURL=auth0-spa-js.worker.production.js.map