UNPKG

@digital-blueprint/esign-app

Version:

[GitHub Repository](https://github.com/digital-blueprint/esign-app) | [npmjs package](https://www.npmjs.com/package/@digital-blueprint/esign-app) | [Unpkg CDN](https://unpkg.com/browse/@digital-blueprint/esign-app/) | [Esign Bundle](https://gitlab.tugraz.

github.com/digital-blueprint/esign-app

digital-blueprint/esign-app

47 lines (46 loc) 28.2 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
function e(){return e=Object.assign?Object.assign.bind():function(e){for(var t=1;t<arguments.length;t++){var n=arguments[t];for(var o in n)({}).hasOwnProperty.call(n,o)&&(e[o]=n[o])}return e},e.apply(null,arguments) /*! * License: LGPL-2.1-or-later * Dependencies: * * @webcomponents/scoped-custom-element-registry: BSD-3-Clause * @dbp-toolkit/app-shell: LGPL-2.1-or-later * @dbp-toolkit/common: LGPL-2.1-or-later * @dbp-toolkit/language-select: LGPL-2.1-or-later * @dbp-toolkit/auth: LGPL-2.1-or-later * @dbp-toolkit/notification: LGPL-2.1-or-later * @dbp-toolkit/theme-switcher: LGPL-2.1-or-later * path-to-regexp: MIT * universal-router: MIT * generateUrls: MIT * @dbp-toolkit/matomo: LGPL-2.1-or-later * @tugraz/web-components: LGPL-2.1-or-later * @digital-blueprint/annotpdf: MIT * lit-html: BSD-3-Clause * pdfjs-dist: Apache-2.0 * @popperjs/core: MIT * tippy.js: MIT * @dbp-toolkit/tooltip: LGPL-2.1-or-later * @dbp-toolkit/file-handling: LGPL-2.1-or-later * @dbp-toolkit/tabulator-table: LGPL-2.1-or-later * webdav: MIT * tabulator-tables: MIT * jose: MIT * file-saver: MIT * jquery: MIT * select2: MIT * @dbp-toolkit/resource-select: LGPL-2.1-or-later * xlsx: Apache-2.0 * @babel/runtime: MIT * fflate: MIT * jspdf: MIT * jspdf-autotable: MIT * i18next: MIT * @lit/reactive-element: BSD-3-Clause * lit-element: BSD-3-Clause * @open-wc/dedupe-mixin: MIT * @open-wc/scoped-elements: MIT * dialog-polyfill: BSD * keycloak-js: Apache-2.0 */}function t(r){if(!(this instanceof t))throw new Error("The 'Keycloak' constructor must be invoked with 'new'.");if("string"!=typeof r&&!o(r))throw new Error("The 'Keycloak' constructor must be provided with a configuration object, or a URL to a JSON configuration file.");if(o(r)){const e="oidcProvider"in r?["clientId"]:["url","realm","clientId"];for(const t of e)if(!r[t])throw new Error(`The configuration object is missing the required '${t}' property.`)}var i,a,s=this,c=[],u={enable:!0,callbackList:[],interval:5};s.didInitialize=!1;var l=!0,d=A(console.info),p=A(console.warn);function f(e){return function(e,t){for(var n=function(e){if("undefined"==typeof crypto||void 0===crypto.getRandomValues)throw new Error("Web Crypto API is not available.");return crypto.getRandomValues(new Uint8Array(e))}(e),o=new Array(e),r=0;r<e;r++)o[r]=t.charCodeAt(n[r]%t.length);return String.fromCharCode.apply(null,o)}(e,"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789")}async function h(e,t){if("S256"!==e)throw new TypeError(`Invalid value for 'pkceMethod', expected 'S256' but got '${e}'.`);return function(e){const t=String.fromCodePoint(...e);return btoa(t)}(new Uint8Array(await async function(e){const t=(new TextEncoder).encode(e);if("undefined"==typeof crypto||void 0===crypto.subtle)throw new Error("Web Crypto API is not available.");return await crypto.subtle.digest("SHA-256",t)}(t))).replace(/\+/g,"-").replace(/\//g,"_").replace(/\=/g,"")}function m(){return void 0!==s.authServerUrl?"/"==s.authServerUrl.charAt(s.authServerUrl.length-1)?s.authServerUrl+"realms/"+encodeURIComponent(s.realm):s.authServerUrl+"/realms/"+encodeURIComponent(s.realm):void 0}function g(e,t){var n=e.code,o=e.error,r=e.prompt,i=(new Date).getTime();if(e.kc_action_status&&s.onActionUpdate&&s.onActionUpdate(e.kc_action_status,e.kc_action),o)if("none"!=r)if(e.error_description&&"authentication_expired"===e.error_description)s.login(e.loginOptions);else{var a={error:o,error_description:e.error_description};s.onAuthError&&s.onAuthError(a),t&&t.setError(a)}else t&&t.setSuccess();else if("standard"!=s.flow&&(e.access_token||e.id_token)&&f(e.access_token,null,e.id_token,!0),"implicit"!=s.flow&&n){var c="code="+n+"&grant_type=authorization_code",u=s.endpoints.token(),p=new XMLHttpRequest;p.open("POST",u,!0),p.setRequestHeader("Content-type","application/x-www-form-urlencoded"),c+="&client_id="+encodeURIComponent(s.clientId),c+="&redirect_uri="+e.redirectUri,e.pkceCodeVerifier&&(c+="&code_verifier="+e.pkceCodeVerifier),p.withCredentials=!0,p.onreadystatechange=function(){if(4==p.readyState)if(200==p.status){var e=JSON.parse(p.responseText);f(e.access_token,e.refresh_token,e.id_token,"standard"===s.flow),_()}else s.onAuthError&&s.onAuthError(),t&&t.setError()},p.send(c)}function f(n,o,r,a){w(n,o,r,i=(i+(new Date).getTime())/2),l&&s.idTokenParsed&&s.idTokenParsed.nonce!=e.storedNonce?(d("[KEYCLOAK] Invalid nonce, clearing token"),s.clearToken(),t&&t.setError()):a&&(s.onAuthSuccess&&s.onAuthSuccess(),t&&t.setSuccess())}}function k(e){return 0==e.status&&e.responseText&&e.responseURL.startsWith("file:")}function w(e,t,o,r){if(s.tokenTimeoutHandle&&(clearTimeout(s.tokenTimeoutHandle),s.tokenTimeoutHandle=null),t?(s.refreshToken=t,s.refreshTokenParsed=n(t)):(delete s.refreshToken,delete s.refreshTokenParsed),o?(s.idToken=o,s.idTokenParsed=n(o)):(delete s.idToken,delete s.idTokenParsed),e){if(s.token=e,s.tokenParsed=n(e),s.sessionId=s.tokenParsed.sid,s.authenticated=!0,s.subject=s.tokenParsed.sub,s.realmAccess=s.tokenParsed.realm_access,s.resourceAccess=s.tokenParsed.resource_access,r&&(s.timeSkew=Math.floor(r/1e3)-s.tokenParsed.iat),null!=s.timeSkew&&(d("[KEYCLOAK] Estimated time difference between browser and server is "+s.timeSkew+" seconds"),s.onTokenExpired)){var i=1e3*(s.tokenParsed.exp-(new Date).getTime()/1e3+s.timeSkew);d("[KEYCLOAK] Token expires in "+Math.round(i/1e3)+" s"),i<=0?s.onTokenExpired():s.tokenTimeoutHandle=setTimeout(s.onTokenExpired,i)}}else delete s.token,delete s.tokenParsed,delete s.subject,delete s.realmAccess,delete s.resourceAccess,s.authenticated=!1}function v(){if("undefined"==typeof crypto||void 0===crypto.randomUUID)throw new Error("Web Crypto API is not available.");return crypto.randomUUID()}function b(e){var t=function(e){var t;switch(s.flow){case"standard":t=["code","state","session_state","kc_action_status","kc_action","iss"];break;case"implicit":t=["access_token","token_type","id_token","state","session_state","expires_in","kc_action_status","kc_action","iss"];break;case"hybrid":t=["access_token","token_type","id_token","code","state","session_state","expires_in","kc_action_status","kc_action","iss"]}t.push("error"),t.push("error_description"),t.push("error_uri");var n,o,r=e.indexOf("?"),i=e.indexOf("#");"query"===s.responseMode&&-1!==r?(n=e.substring(0,r),""!==(o=y(e.substring(r+1,-1!==i?i:e.length),t)).paramsString&&(n+="?"+o.paramsString),-1!==i&&(n+=e.substring(i))):"fragment"===s.responseMode&&-1!==i&&(n=e.substring(0,i),""!==(o=y(e.substring(i+1),t)).paramsString&&(n+="#"+o.paramsString));if(o&&o.oauthParams)if("standard"===s.flow||"hybrid"===s.flow){if((o.oauthParams.code||o.oauthParams.error)&&o.oauthParams.state)return o.oauthParams.newUrl=n,o.oauthParams}else if("implicit"===s.flow&&(o.oauthParams.access_token||o.oauthParams.error)&&o.oauthParams.state)return o.oauthParams.newUrl=n,o.oauthParams}(e);if(t){var n=a.get(t.state);return n&&(t.valid=!0,t.redirectUri=n.redirectUri,t.storedNonce=n.nonce,t.prompt=n.prompt,t.pkceCodeVerifier=n.pkceCodeVerifier,t.loginOptions=n.loginOptions),t}}function y(e,t){for(var n=e.split("&"),o={paramsString:"",oauthParams:{}},r=0;r<n.length;r++){var i=n[r].indexOf("="),a=n[r].slice(0,i);-1!==t.indexOf(a)?o.oauthParams[a]=n[r].slice(i+1):(""!==o.paramsString&&(o.paramsString+="&"),o.paramsString+=n[r])}return o}function S(){var e={setSuccess:function(t){e.resolve(t)},setError:function(t){e.reject(t)}};return e.promise=new Promise((function(t,n){e.resolve=t,e.reject=n})),e}function U(){var e=S();if(!u.enable)return e.setSuccess(),e.promise;if(u.iframe)return e.setSuccess(),e.promise;var t=document.createElement("iframe");u.iframe=t,t.onload=function(){var t=s.endpoints.authorize();"/"===t.charAt(0)?u.iframeOrigin=window.location.origin?window.location.origin:window.location.protocol+"//"+window.location.hostname+(window.location.port?":"+window.location.port:""):u.iframeOrigin=t.substring(0,t.indexOf("/",8)),e.setSuccess()};var n=s.endpoints.checkSessionIframe();t.setAttribute("src",n),t.setAttribute("sandbox","allow-storage-access-by-user-activation allow-scripts allow-same-origin"),t.setAttribute("title","keycloak-session-iframe"),t.style.display="none",document.body.appendChild(t);return window.addEventListener("message",(function(e){if(e.origin===u.iframeOrigin&&u.iframe.contentWindow===e.source&&("unchanged"==e.data||"changed"==e.data||"error"==e.data)){"unchanged"!=e.data&&s.clearToken();for(var t=u.callbackList.splice(0,u.callbackList.length),n=t.length-1;n>=0;--n){var o=t[n];"error"==e.data?o.setError():o.setSuccess("unchanged"==e.data)}}}),!1),e.promise}function _(){u.enable&&s.token&&setTimeout((function(){I().then((function(e){e&&_()}))}),1e3*u.interval)}function I(){var e=S();if(u.iframe&&u.iframeOrigin){var t=s.clientId+" "+(s.sessionId?s.sessionId:"");u.callbackList.push(e);var n=u.iframeOrigin;1==u.callbackList.length&&u.iframe.contentWindow.postMessage(t,n)}else e.setSuccess();return e.promise}function T(e){if(!e||"default"==e)return{login:async function(e){return window.location.assign(await s.createLoginUrl(e)),S().promise},logout:async function(e){var t;if("GET"===(null!=(t=null==e?void 0:e.logoutMethod)?t:s.logoutMethod))return void window.location.replace(s.createLogoutUrl(e));const n=s.createLogoutUrl(e),o=await fetch(n,{method:"POST",headers:{"Content-Type":"application/x-www-form-urlencoded"},body:new URLSearchParams({id_token_hint:s.idToken,client_id:s.clientId,post_logout_redirect_uri:i.redirectUri(e,!1)})});if(o.redirected)window.location.href=o.url;else{if(!o.ok)throw new Error("Logout failed, request returned an error code.");window.location.reload()}},register:async function(e){return window.location.assign(await s.createRegisterUrl(e)),S().promise},accountManagement:function(){var e=s.createAccountUrl();if(void 0===e)throw"Not supported by the OIDC server";return window.location.href=e,S().promise},redirectUri:function(e,t){return e&&e.redirectUri?e.redirectUri:s.redirectUri?s.redirectUri:location.href}};if("cordova"==e){u.enable=!1;var t=function(e,t,n){return window.cordova&&window.cordova.InAppBrowser?window.cordova.InAppBrowser.open(e,t,n):window.open(e,t,n)},n=function(e){var t=function(e){return e&&e.cordovaOptions?Object.keys(e.cordovaOptions).reduce((function(t,n){return t[n]=e.cordovaOptions[n],t}),{}):{}}(e);return t.location="no",e&&"none"==e.prompt&&(t.hidden="yes"),function(e){return Object.keys(e).reduce((function(t,n){return t.push(n+"="+e[n]),t}),[]).join(",")}(t)},o=function(){return s.redirectUri||"http://localhost"};return{login:async function(e){var r=S(),i=n(e),a=await s.createLoginUrl(e),c=t(a,"_blank",i),u=!1,l=!1,d=function(){l=!0,c.close()};return c.addEventListener("loadstart",(function(e){0==e.url.indexOf(o())&&(g(b(e.url),r),d(),u=!0)})),c.addEventListener("loaderror",(function(e){u||(0==e.url.indexOf(o())?(g(b(e.url),r),d(),u=!0):(r.setError(),d()))})),c.addEventListener("exit",(function(e){l||r.setError({reason:"closed_by_user"})})),r.promise},logout:function(e){var n,r=S(),i=s.createLogoutUrl(e),a=t(i,"_blank","location=no,hidden=yes,clearcache=yes");return a.addEventListener("loadstart",(function(e){0==e.url.indexOf(o())&&a.close()})),a.addEventListener("loaderror",(function(e){0==e.url.indexOf(o())||(n=!0),a.close()})),a.addEventListener("exit",(function(e){n?r.setError():(s.clearToken(),r.setSuccess())})),r.promise},register:async function(e){var r=S(),i=await s.createRegisterUrl(),a=n(e),c=t(i,"_blank",a);return c.addEventListener("loadstart",(function(e){0==e.url.indexOf(o())&&(c.close(),g(b(e.url),r))})),r.promise},accountManagement:function(){var e=s.createAccountUrl();if(void 0===e)throw"Not supported by the OIDC server";var n=t(e,"_blank","location=no");n.addEventListener("loadstart",(function(e){0==e.url.indexOf(o())&&n.close()}))},redirectUri:function(e){return o()}}}if("cordova-native"==e)return u.enable=!1,{login:async function(e){var t=S(),n=await s.createLoginUrl(e);return universalLinks.subscribe("keycloak",(function(e){universalLinks.unsubscribe("keycloak"),window.cordova.plugins.browsertab.close(),g(b(e.url),t)})),window.cordova.plugins.browsertab.openUrl(n),t.promise},logout:function(e){var t=S(),n=s.createLogoutUrl(e);return universalLinks.subscribe("keycloak",(function(e){universalLinks.unsubscribe("keycloak"),window.cordova.plugins.browsertab.close(),s.clearToken(),t.setSuccess()})),window.cordova.plugins.browsertab.openUrl(n),t.promise},register:async function(e){var t=S(),n=await s.createRegisterUrl(e);return universalLinks.subscribe("keycloak",(function(e){universalLinks.unsubscribe("keycloak"),window.cordova.plugins.browsertab.close(),g(b(e.url),t)})),window.cordova.plugins.browsertab.openUrl(n),t.promise},accountManagement:function(){var e=s.createAccountUrl();if(void 0===e)throw"Not supported by the OIDC server";window.cordova.plugins.browsertab.openUrl(e)},redirectUri:function(e){return e&&e.redirectUri?e.redirectUri:s.redirectUri?s.redirectUri:"http://localhost"}};throw"invalid adapter type: "+e}globalThis.isSecureContext||p("[KEYCLOAK] Keycloak JS must be used in a 'secure context' to function properly as it relies on browser APIs that are otherwise not available.\nContinuing to run your application insecurely will lead to unexpected behavior and breakage.\n\nFor more information see: https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts"),s.init=function(e={}){if(s.didInitialize)throw new Error("A 'Keycloak' instance can only be initialized once.");s.didInitialize=!0,s.authenticated=!1,a=function(){try{return new E}catch(e){}return new R}();if(i=["default","cordova","cordova-native"].indexOf(e.adapter)>-1?T(e.adapter):"object"==typeof e.adapter?e.adapter:window.Cordova||window.cordova?T("cordova"):T(),void 0!==e.useNonce&&(l=e.useNonce),void 0!==e.checkLoginIframe&&(u.enable=e.checkLoginIframe),e.checkLoginIframeInterval&&(u.interval=e.checkLoginIframeInterval),"login-required"===e.onLoad&&(s.loginRequired=!0),e.responseMode){if("query"!==e.responseMode&&"fragment"!==e.responseMode)throw"Invalid value for responseMode";s.responseMode=e.responseMode}if(e.flow){switch(e.flow){case"standard":s.responseType="code";break;case"implicit":s.responseType="id_token token";break;case"hybrid":s.responseType="code id_token token";break;default:throw"Invalid value for flow"}s.flow=e.flow}if(null!=e.timeSkew&&(s.timeSkew=e.timeSkew),e.redirectUri&&(s.redirectUri=e.redirectUri),e.silentCheckSsoRedirectUri&&(s.silentCheckSsoRedirectUri=e.silentCheckSsoRedirectUri),"boolean"==typeof e.silentCheckSsoFallback?s.silentCheckSsoFallback=e.silentCheckSsoFallback:s.silentCheckSsoFallback=!0,void 0!==e.pkceMethod){if("S256"!==e.pkceMethod&&!1!==e.pkceMethod)throw new TypeError(`Invalid value for pkceMethod', expected 'S256' or false but got ${e.pkceMethod}.`);s.pkceMethod=e.pkceMethod}else s.pkceMethod="S256";"boolean"==typeof e.enableLogging?s.enableLogging=e.enableLogging:s.enableLogging=!1,"POST"===e.logoutMethod?s.logoutMethod="POST":s.logoutMethod="GET","string"==typeof e.scope&&(s.scope=e.scope),"string"==typeof e.acrValues&&(s.acrValues=e.acrValues),"number"==typeof e.messageReceiveTimeout&&e.messageReceiveTimeout>0?s.messageReceiveTimeout=e.messageReceiveTimeout:s.messageReceiveTimeout=1e4,s.responseMode||(s.responseMode="fragment"),s.responseType||(s.responseType="code",s.flow="standard");var t=S(),n=S();n.promise.then((function(){s.onReady&&s.onReady(s.authenticated),t.setSuccess(s.authenticated)})).catch((function(e){t.setError(e)}));var o=function(){var e,t=S();"string"==typeof r&&(e=r);function n(e){s.endpoints=e?{authorize:function(){return e.authorization_endpoint},token:function(){return e.token_endpoint},logout:function(){if(!e.end_session_endpoint)throw"Not supported by the OIDC server";return e.end_session_endpoint},checkSessionIframe:function(){if(!e.check_session_iframe)throw"Not supported by the OIDC server";return e.check_session_iframe},register:function(){throw'Redirection to "Register user" page not supported in standard OIDC mode'},userinfo:function(){if(!e.userinfo_endpoint)throw"Not supported by the OIDC server";return e.userinfo_endpoint}}:{authorize:function(){return m()+"/protocol/openid-connect/auth"},token:function(){return m()+"/protocol/openid-connect/token"},logout:function(){return m()+"/protocol/openid-connect/logout"},checkSessionIframe:function(){return m()+"/protocol/openid-connect/login-status-iframe.html"},thirdPartyCookiesIframe:function(){return m()+"/protocol/openid-connect/3p-cookies/step1.html"},register:function(){return m()+"/protocol/openid-connect/registrations"},userinfo:function(){return m()+"/protocol/openid-connect/userinfo"}}}if(e){(i=new XMLHttpRequest).open("GET",e,!0),i.setRequestHeader("Accept","application/json"),i.onreadystatechange=function(){if(4==i.readyState)if(200==i.status||k(i)){var e=JSON.parse(i.responseText);s.authServerUrl=e["auth-server-url"],s.realm=e.realm,s.clientId=e.resource,n(null),t.setSuccess()}else t.setError()},i.send()}else{s.clientId=r.clientId;var o,i,a=r.oidcProvider;if(a)if("string"==typeof a)o="/"==a.charAt(a.length-1)?a+".well-known/openid-configuration":a+"/.well-known/openid-configuration",(i=new XMLHttpRequest).open("GET",o,!0),i.setRequestHeader("Accept","application/json"),i.onreadystatechange=function(){4==i.readyState&&(200==i.status||k(i)?(n(JSON.parse(i.responseText)),t.setSuccess()):t.setError())},i.send();else n(a),t.setSuccess();else s.authServerUrl=r.url,s.realm=r.realm,n(null),t.setSuccess()}return t.promise}();function c(){var t=function(t){t||(r.prompt="none"),e.locale&&(r.locale=e.locale),s.login(r).then((function(){n.setSuccess()})).catch((function(e){n.setError(e)}))},o=async function(){var e=document.createElement("iframe"),t=await s.createLoginUrl({prompt:"none",redirectUri:s.silentCheckSsoRedirectUri});e.setAttribute("src",t),e.setAttribute("sandbox","allow-storage-access-by-user-activation allow-scripts allow-same-origin"),e.setAttribute("title","keycloak-silent-check-sso"),e.style.display="none",document.body.appendChild(e);window.addEventListener("message",(function t(o){o.origin===window.location.origin&&e.contentWindow===o.source&&(g(b(o.data),n),document.body.removeChild(e),window.removeEventListener("message",t))}))},r={};switch(e.onLoad){case"check-sso":u.enable?U().then((function(){I().then((function(e){e?n.setSuccess():s.silentCheckSsoRedirectUri?o():t(!1)})).catch((function(e){n.setError(e)}))})):s.silentCheckSsoRedirectUri?o():t(!1);break;case"login-required":t(!0);break;default:throw"Invalid value for onLoad"}}function d(){var t=b(window.location.href);if(t&&window.history.replaceState(window.history.state,null,t.newUrl),t&&t.valid)return U().then((function(){g(t,n)})).catch((function(e){n.setError(e)}));e.token&&e.refreshToken?(w(e.token,e.refreshToken,e.idToken),u.enable?U().then((function(){I().then((function(e){e?(s.onAuthSuccess&&s.onAuthSuccess(),n.setSuccess(),_()):n.setSuccess()})).catch((function(e){n.setError(e)}))})):s.updateToken(-1).then((function(){s.onAuthSuccess&&s.onAuthSuccess(),n.setSuccess()})).catch((function(t){s.onAuthError&&s.onAuthError(),e.onLoad?c():n.setError(t)}))):e.onLoad?c():n.setSuccess()}return o.then((function(){(function(){var e=S();if((u.enable||s.silentCheckSsoRedirectUri)&&"function"==typeof s.endpoints.thirdPartyCookiesIframe){var t=document.createElement("iframe");t.setAttribute("src",s.endpoints.thirdPartyCookiesIframe()),t.setAttribute("sandbox","allow-storage-access-by-user-activation allow-scripts allow-same-origin"),t.setAttribute("title","keycloak-3p-check-iframe"),t.style.display="none",document.body.appendChild(t);var n=function n(o){t.contentWindow===o.source&&("supported"!==o.data&&"unsupported"!==o.data||("unsupported"===o.data&&(p("[KEYCLOAK] Your browser is blocking access to 3rd-party cookies, this means:\n\n - It is not possible to retrieve tokens without redirecting to the Keycloak server (a.k.a. no support for silent authentication).\n - It is not possible to automatically detect changes to the session status (such as the user logging out in another tab).\n\nFor more information see: https://www.keycloak.org/docs/latest/securing_apps/#_modern_browsers"),u.enable=!1,s.silentCheckSsoFallback&&(s.silentCheckSsoRedirectUri=!1)),document.body.removeChild(t),window.removeEventListener("message",n),e.setSuccess()))};window.addEventListener("message",n,!1)}else e.setSuccess();return function(e,t,n){var o=null,r=new Promise((function(e,r){o=setTimeout((function(){r({error:n})}),t)}));return Promise.race([e,r]).finally((function(){clearTimeout(o)}))}(e.promise,s.messageReceiveTimeout,"Timeout when waiting for 3rd party check iframe message.")})().then(d).catch((function(e){t.setError(e)}))})),o.catch((function(e){t.setError(e)})),t.promise},s.login=function(e){return i.login(e)},s.createLoginUrl=async function(e){var t,n=v(),o=v(),r=i.redirectUri(e),c={state:n,nonce:o,redirectUri:encodeURIComponent(r),loginOptions:e};e&&e.prompt&&(c.prompt=e.prompt),t=e&&"register"==e.action?s.endpoints.register():s.endpoints.authorize();var u=e&&e.scope||s.scope;u?-1===u.indexOf("openid")&&(u="openid "+u):u="openid";var d,p,m=t+"?client_id="+encodeURIComponent(s.clientId)+"&redirect_uri="+encodeURIComponent(r)+"&state="+encodeURIComponent(n)+"&response_mode="+encodeURIComponent(s.responseMode)+"&response_type="+encodeURIComponent(s.responseType)+"&scope="+encodeURIComponent(u);if(l&&(m=m+"&nonce="+encodeURIComponent(o)),e&&e.prompt&&(m+="&prompt="+encodeURIComponent(e.prompt)),e&&"number"==typeof e.maxAge&&(m+="&max_age="+encodeURIComponent(e.maxAge)),e&&e.loginHint&&(m+="&login_hint="+encodeURIComponent(e.loginHint)),e&&e.idpHint&&(m+="&kc_idp_hint="+encodeURIComponent(e.idpHint)),e&&e.action&&"register"!=e.action&&(m+="&kc_action="+encodeURIComponent(e.action)),e&&e.locale&&(m+="&ui_locales="+encodeURIComponent(e.locale)),e&&e.acr){var g=(d=e.acr,p={id_token:{acr:d}},JSON.stringify(p));m+="&claims="+encodeURIComponent(g)}if((e&&e.acrValues||s.acrValues)&&(m+="&acr_values="+encodeURIComponent(e.acrValues||s.acrValues)),s.pkceMethod)try{const e=f(96),t=await h(s.pkceMethod,e);c.pkceCodeVerifier=e,m+="&code_challenge="+t,m+="&code_challenge_method="+s.pkceMethod}catch(e){throw new Error("Failed to generate PKCE challenge.",{cause:e})}return a.add(c),m},s.logout=function(e){return i.logout(e)},s.createLogoutUrl=function(e){var t;if("POST"===(null!=(t=null==e?void 0:e.logoutMethod)?t:s.logoutMethod))return s.endpoints.logout();var n=s.endpoints.logout()+"?client_id="+encodeURIComponent(s.clientId)+"&post_logout_redirect_uri="+encodeURIComponent(i.redirectUri(e,!1));return s.idToken&&(n+="&id_token_hint="+encodeURIComponent(s.idToken)),n},s.register=function(e){return i.register(e)},s.createRegisterUrl=async function(e){return e||(e={}),e.action="register",await s.createLoginUrl(e)},s.createAccountUrl=function(e){var t=m(),n=void 0;return void 0!==t&&(n=t+"/account?referrer="+encodeURIComponent(s.clientId)+"&referrer_uri="+encodeURIComponent(i.redirectUri(e))),n},s.accountManagement=function(){return i.accountManagement()},s.hasRealmRole=function(e){var t=s.realmAccess;return!!t&&t.roles.indexOf(e)>=0},s.hasResourceRole=function(e,t){if(!s.resourceAccess)return!1;var n=s.resourceAccess[t||s.clientId];return!!n&&n.roles.indexOf(e)>=0},s.loadUserProfile=function(){var e=m()+"/account",t=new XMLHttpRequest;t.open("GET",e,!0),t.setRequestHeader("Accept","application/json"),t.setRequestHeader("Authorization","bearer "+s.token);var n=S();return t.onreadystatechange=function(){4==t.readyState&&(200==t.status?(s.profile=JSON.parse(t.responseText),n.setSuccess(s.profile)):n.setError())},t.send(),n.promise},s.loadUserInfo=function(){var e=s.endpoints.userinfo(),t=new XMLHttpRequest;t.open("GET",e,!0),t.setRequestHeader("Accept","application/json"),t.setRequestHeader("Authorization","bearer "+s.token);var n=S();return t.onreadystatechange=function(){4==t.readyState&&(200==t.status?(s.userInfo=JSON.parse(t.responseText),n.setSuccess(s.userInfo)):n.setError())},t.send(),n.promise},s.isTokenExpired=function(e){if(!s.tokenParsed||!s.refreshToken&&"implicit"!=s.flow)throw"Not authenticated";if(null==s.timeSkew)return d("[KEYCLOAK] Unable to determine if token is expired as timeskew is not set"),!0;var t=s.tokenParsed.exp-Math.ceil((new Date).getTime()/1e3)+s.timeSkew;if(e){if(isNaN(e))throw"Invalid minValidity";t-=e}return t<0},s.updateToken=function(e){var t=S();if(!s.refreshToken)return t.setError(),t.promise;e=e||5;var n=function(){var n=!1;if(-1==e?(n=!0,d("[KEYCLOAK] Refreshing token: forced refresh")):s.tokenParsed&&!s.isTokenExpired(e)||(n=!0,d("[KEYCLOAK] Refreshing token: token expired")),n){var o="grant_type=refresh_token&refresh_token="+s.refreshToken,r=s.endpoints.token();if(c.push(t),1==c.length){var i=new XMLHttpRequest;i.open("POST",r,!0),i.setRequestHeader("Content-type","application/x-www-form-urlencoded"),i.withCredentials=!0,o+="&client_id="+encodeURIComponent(s.clientId);var a=(new Date).getTime();i.onreadystatechange=function(){if(4==i.readyState)if(200==i.status){d("[KEYCLOAK] Token refreshed"),a=(a+(new Date).getTime())/2;var e=JSON.parse(i.responseText);w(e.access_token,e.refresh_token,e.id_token,a),s.onAuthRefreshSuccess&&s.onAuthRefreshSuccess();for(var t=c.pop();null!=t;t=c.pop())t.setSuccess(!0)}else{p("[KEYCLOAK] Failed to refresh token"),400==i.status&&s.clearToken(),s.onAuthRefreshError&&s.onAuthRefreshError();for(t=c.pop();null!=t;t=c.pop())t.setError(!0)}},i.send(o)}}else t.setSuccess(!1)};u.enable?I().then((function(){n()})).catch((function(e){t.setError(e)})):n();return t.promise},s.clearToken=function(){s.token&&(w(null,null,null),s.onAuthLogout&&s.onAuthLogout(),s.loginRequired&&s.login())};const C="kc-callback-";var E=function t(){if(!(this instanceof t))return new t;localStorage.setItem("kc-test","test"),localStorage.removeItem("kc-test");function n(){const e=Date.now();for(const[t,n]of r()){const o=i(n);(null===o||o<e)&&localStorage.removeItem(t)}}function r(){return Object.entries(localStorage).filter((([e])=>e.startsWith(C)))}function i(e){let t;try{t=JSON.parse(e)}catch(e){return null}return o(t)&&"expires"in t&&"number"==typeof t.expires?t.expires:null}this.get=function(e){if(e){var t=C+e,o=localStorage.getItem(t);return o&&(localStorage.removeItem(t),o=JSON.parse(o)),n(),o}},this.add=function(t){n();const o=C+t.state,i=JSON.stringify(e({},t,{expires:Date.now()+36e5}));try{localStorage.setItem(o,i)}catch(e){!function(){for(const[e]of r())localStorage.removeItem(e)}(),localStorage.setItem(o,i)}}},R=function e(){if(!(this instanceof e))return new e;var t=this;t.get=function(e){if(e){var t=o(C+e);return r(C+e,"",n(-100)),t?JSON.parse(t):void 0}},t.add=function(e){r(C+e.state,JSON.stringify(e),n(60))},t.removeItem=function(e){r(e,"",n(-100))};var n=function(e){var t=new Date;return t.setTime(t.getTime()+60*e*1e3),t},o=function(e){for(var t=e+"=",n=document.cookie.split(";"),o=0;o<n.length;o++){for(var r=n[o];" "==r.charAt(0);)r=r.substring(1);if(0==r.indexOf(t))return r.substring(t.length,r.length)}return""},r=function(e,t,n){var o=e+"="+t+"; expires="+n.toUTCString()+"; ";document.cookie=o}};function A(e){return function(){s.enableLogging&&e.apply(console,Array.prototype.slice.call(arguments))}}}function n(e){const[t,n]=e.split(".");if("string"!=typeof n)throw new Error("Unable to decode token, payload not found.");let o;try{o=function(e){let t=e.replaceAll("-","+").replaceAll("_","/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw new Error("Input is not of the correct length.")}try{return function(e){return decodeURIComponent(atob(e).replace(/(.)/g,((e,t)=>{let n=t.charCodeAt(0).toString(16).toUpperCase();return n.length<2&&(n="0"+n),"%"+n})))}(t)}catch(e){return atob(t)}}(n)}catch(e){throw new Error("Unable to decode token, payload is not a valid Base64URL value.",{cause:e})}try{return JSON.parse(o)}catch(e){throw new Error("Unable to decode token, payload is not a valid JSON value.",{cause:e})}}function o(e){return"object"==typeof e&&null!==e}export{t as default}; //# sourceMappingURL=keycloak.DXlw3xkH.es.js.map