UNPKG

@digital-blueprint/esign-app

Version:

[GitHub Repository](https://github.com/digital-blueprint/esign-app) | [npmjs package](https://www.npmjs.com/package/@digital-blueprint/esign-app) | [Unpkg CDN](https://unpkg.com/browse/@digital-blueprint/esign-app/) | [Esign Bundle](https://gitlab.tugraz.

github.com/digital-blueprint/esign-app

digital-blueprint/esign-app

28 lines (25 loc) 27.2 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
/*! * License: LGPL-2.1-or-later * Dependencies: * * @webcomponents/scoped-custom-element-registry: BSD-3-Clause * @dbp-toolkit/app-shell: LGPL-2.1-or-later * @dbp-toolkit/language-select: LGPL-2.1-or-later * @dbp-toolkit/auth: LGPL-2.1-or-later * @dbp-toolkit/notification: LGPL-2.1-or-later * @dbp-toolkit/theme-switcher: LGPL-2.1-or-later * universal-router: MIT * @dbp-toolkit/matomo: LGPL-2.1-or-later * @tugraz/web-components: LGPL-2.1-or-later * exceljs: MIT * fabric: MIT * jspdf-autotable: MIT * keycloak-js: Apache-2.0 */ function e(t){if(!(this instanceof e))throw Error(`The 'Keycloak' constructor must be invoked with 'new'.`);if(typeof t!=`string`&&!s(t))throw Error(`The 'Keycloak' constructor must be provided with a configuration object, or a URL to a JSON configuration file.`);if(s(t)){let e=`oidcProvider`in t?[`clientId`]:[`url`,`realm`,`clientId`];for(let n of e)if(!t[n])throw Error(`The configuration object is missing the required '${n}' property.`)}var a=this,o,c=[],l,u={enable:!0,callbackList:[],interval:5};a.didInitialize=!1;var d=!0,f=B(console.info),p=B(console.warn);globalThis.isSecureContext||p(`[KEYCLOAK] Keycloak JS must be used in a 'secure context' to function properly as it relies on browser APIs that are otherwise not available. Continuing to run your application insecurely will lead to unexpected behavior and breakage. For more information see: https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts`),a.init=function(e={}){if(a.didInitialize)throw Error(`A 'Keycloak' instance can only be initialized once.`);if(a.didInitialize=!0,a.authenticated=!1,l=z(),o=[`default`,`cordova`,`cordova-native`].indexOf(e.adapter)>-1?F(e.adapter):typeof e.adapter==`object`?e.adapter:window.Cordova||window.cordova?F(`cordova`):F(),e.useNonce!==void 0&&(d=e.useNonce),e.checkLoginIframe!==void 0&&(u.enable=e.checkLoginIframe),e.checkLoginIframeInterval&&(u.interval=e.checkLoginIframeInterval),e.onLoad===`login-required`&&(a.loginRequired=!0),e.responseMode)if(e.responseMode===`query`||e.responseMode===`fragment`)a.responseMode=e.responseMode;else throw`Invalid value for responseMode`;if(e.flow){switch(e.flow){case`standard`:a.responseType=`code`;break;case`implicit`:a.responseType=`id_token token`;break;case`hybrid`:a.responseType=`code id_token token`;break;default:throw`Invalid value for flow`}a.flow=e.flow}if(e.timeSkew!=null&&(a.timeSkew=e.timeSkew),e.redirectUri&&(a.redirectUri=e.redirectUri),e.silentCheckSsoRedirectUri&&(a.silentCheckSsoRedirectUri=e.silentCheckSsoRedirectUri),typeof e.silentCheckSsoFallback==`boolean`?a.silentCheckSsoFallback=e.silentCheckSsoFallback:a.silentCheckSsoFallback=!0,e.pkceMethod!==void 0){if(e.pkceMethod!==`S256`&&e.pkceMethod!==!1)throw TypeError(`Invalid value for pkceMethod', expected 'S256' or false but got ${e.pkceMethod}.`);a.pkceMethod=e.pkceMethod}else a.pkceMethod=`S256`;typeof e.enableLogging==`boolean`?a.enableLogging=e.enableLogging:a.enableLogging=!1,e.logoutMethod===`POST`?a.logoutMethod=`POST`:a.logoutMethod=`GET`,typeof e.scope==`string`&&(a.scope=e.scope),typeof e.acrValues==`string`&&(a.acrValues=e.acrValues),typeof e.messageReceiveTimeout==`number`&&e.messageReceiveTimeout>0?a.messageReceiveTimeout=e.messageReceiveTimeout:a.messageReceiveTimeout=1e4,a.responseMode||=`fragment`,a.responseType||(a.responseType=`code`,a.flow=`standard`);var t=k(),n=k();n.promise.then(function(){a.onReady&&a.onReady(a.authenticated),t.setSuccess(a.authenticated)}).catch(function(e){t.setError(e)});var r=S();function i(){var t=function(t){t||(i.prompt=`none`),e.locale&&(i.locale=e.locale),a.login(i).then(function(){n.setSuccess()}).catch(function(e){n.setError(e)})},r=async function(){var e=document.createElement(`iframe`),t=await a.createLoginUrl({prompt:`none`,redirectUri:a.silentCheckSsoRedirectUri});e.setAttribute(`src`,t),e.setAttribute(`sandbox`,`allow-storage-access-by-user-activation allow-scripts allow-same-origin`),e.setAttribute(`title`,`keycloak-silent-check-sso`),e.style.display=`none`,document.body.appendChild(e);var r=function(t){t.origin!==window.location.origin||e.contentWindow!==t.source||(x(E(t.data),n),document.body.removeChild(e),window.removeEventListener(`message`,r))};window.addEventListener(`message`,r)},i={};switch(e.onLoad){case`check-sso`:u.enable?j().then(function(){N().then(function(e){e?n.setSuccess():a.silentCheckSsoRedirectUri?r():t(!1)}).catch(function(e){n.setError(e)})}):a.silentCheckSsoRedirectUri?r():t(!1);break;case`login-required`:t(!0);break;default:throw`Invalid value for onLoad`}}function s(){var t=E(window.location.href);if(t&&window.history.replaceState(window.history.state,null,t.newUrl),t&&t.valid)return j().then(function(){x(t,n)}).catch(function(e){n.setError(e)});e.token&&e.refreshToken?(w(e.token,e.refreshToken,e.idToken),u.enable?j().then(function(){N().then(function(e){e?(a.onAuthSuccess&&a.onAuthSuccess(),n.setSuccess(),M()):n.setSuccess()}).catch(function(e){n.setError(e)})}):a.updateToken(-1).then(function(){a.onAuthSuccess&&a.onAuthSuccess(),n.setSuccess()}).catch(function(t){a.onAuthError&&a.onAuthError(),e.onLoad?i():n.setError(t)})):e.onLoad?i():n.setSuccess()}return r.then(function(){P().then(s).catch(function(e){t.setError(e)})}),r.catch(function(e){t.setError(e)}),t.promise},a.login=function(e){return o.login(e)};function m(e){if(typeof crypto>`u`||crypto.getRandomValues===void 0)throw Error(`Web Crypto API is not available.`);return crypto.getRandomValues(new Uint8Array(e))}function h(e){return g(e,`ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789`)}function g(e,t){for(var n=m(e),r=Array(e),i=0;i<e;i++)r[i]=t.charCodeAt(n[i]%t.length);return String.fromCharCode.apply(null,r)}async function _(e,t){if(e!==`S256`)throw TypeError(`Invalid value for 'pkceMethod', expected 'S256' but got '${e}'.`);return n(new Uint8Array(await r(t))).replace(/\+/g,`-`).replace(/\//g,`_`).replace(/\=/g,``)}function v(e){var t={id_token:{acr:e}};return JSON.stringify(t)}a.createLoginUrl=async function(e){var t=T(),n=T(),r=o.redirectUri(e),i={state:t,nonce:n,redirectUri:encodeURIComponent(r),loginOptions:e};e&&e.prompt&&(i.prompt=e.prompt);var s=e&&e.action==`register`?a.endpoints.register():a.endpoints.authorize(),c=e&&e.scope||a.scope;c?c.indexOf(`openid`)===-1&&(c=`openid `+c):c=`openid`;var u=s+`?client_id=`+encodeURIComponent(a.clientId)+`&redirect_uri=`+encodeURIComponent(r)+`&state=`+encodeURIComponent(t)+`&response_mode=`+encodeURIComponent(a.responseMode)+`&response_type=`+encodeURIComponent(a.responseType)+`&scope=`+encodeURIComponent(c);if(d&&(u=u+`&nonce=`+encodeURIComponent(n)),e&&e.prompt&&(u+=`&prompt=`+encodeURIComponent(e.prompt)),e&&typeof e.maxAge==`number`&&(u+=`&max_age=`+encodeURIComponent(e.maxAge)),e&&e.loginHint&&(u+=`&login_hint=`+encodeURIComponent(e.loginHint)),e&&e.idpHint&&(u+=`&kc_idp_hint=`+encodeURIComponent(e.idpHint)),e&&e.action&&e.action!=`register`&&(u+=`&kc_action=`+encodeURIComponent(e.action)),e&&e.locale&&(u+=`&ui_locales=`+encodeURIComponent(e.locale)),e&&e.acr){var f=v(e.acr);u+=`&claims=`+encodeURIComponent(f)}if((e&&e.acrValues||a.acrValues)&&(u+=`&acr_values=`+encodeURIComponent(e.acrValues||a.acrValues)),a.pkceMethod)try{let e=h(96),t=await _(a.pkceMethod,e);i.pkceCodeVerifier=e,u+=`&code_challenge=`+t,u+=`&code_challenge_method=`+a.pkceMethod}catch(e){throw Error(`Failed to generate PKCE challenge.`,{cause:e})}return l.add(i),u},a.logout=function(e){return o.logout(e)},a.createLogoutUrl=function(e){if((e?.logoutMethod??a.logoutMethod)===`POST`)return a.endpoints.logout();var t=a.endpoints.logout()+`?client_id=`+encodeURIComponent(a.clientId)+`&post_logout_redirect_uri=`+encodeURIComponent(o.redirectUri(e,!1));return a.idToken&&(t+=`&id_token_hint=`+encodeURIComponent(a.idToken)),t},a.register=function(e){return o.register(e)},a.createRegisterUrl=async function(e){return e||={},e.action=`register`,await a.createLoginUrl(e)},a.createAccountUrl=function(e){var t=y(),n=void 0;return t!==void 0&&(n=t+`/account?referrer=`+encodeURIComponent(a.clientId)+`&referrer_uri=`+encodeURIComponent(o.redirectUri(e))),n},a.accountManagement=function(){return o.accountManagement()},a.hasRealmRole=function(e){var t=a.realmAccess;return!!t&&t.roles.indexOf(e)>=0},a.hasResourceRole=function(e,t){if(!a.resourceAccess)return!1;var n=a.resourceAccess[t||a.clientId];return!!n&&n.roles.indexOf(e)>=0},a.loadUserProfile=function(){var e=y()+`/account`,t=new XMLHttpRequest;t.open(`GET`,e,!0),t.setRequestHeader(`Accept`,`application/json`),t.setRequestHeader(`Authorization`,`bearer `+a.token);var n=k();return t.onreadystatechange=function(){t.readyState==4&&(t.status==200?(a.profile=JSON.parse(t.responseText),n.setSuccess(a.profile)):n.setError())},t.send(),n.promise},a.loadUserInfo=function(){var e=a.endpoints.userinfo(),t=new XMLHttpRequest;t.open(`GET`,e,!0),t.setRequestHeader(`Accept`,`application/json`),t.setRequestHeader(`Authorization`,`bearer `+a.token);var n=k();return t.onreadystatechange=function(){t.readyState==4&&(t.status==200?(a.userInfo=JSON.parse(t.responseText),n.setSuccess(a.userInfo)):n.setError())},t.send(),n.promise},a.isTokenExpired=function(e){if(!a.tokenParsed||!a.refreshToken&&a.flow!=`implicit`)throw`Not authenticated`;if(a.timeSkew==null)return f(`[KEYCLOAK] Unable to determine if token is expired as timeskew is not set`),!0;var t=a.tokenParsed.exp-Math.ceil(new Date().getTime()/1e3)+a.timeSkew;if(e){if(isNaN(e))throw`Invalid minValidity`;t-=e}return t<0},a.updateToken=function(e){var t=k();if(!a.refreshToken)return t.setError(),t.promise;e||=5;var n=function(){var n=!1;if(e==-1?(n=!0,f(`[KEYCLOAK] Refreshing token: forced refresh`)):(!a.tokenParsed||a.isTokenExpired(e))&&(n=!0,f(`[KEYCLOAK] Refreshing token: token expired`)),!n)t.setSuccess(!1);else{var r=`grant_type=refresh_token&refresh_token=`+a.refreshToken,i=a.endpoints.token();if(c.push(t),c.length==1){var o=new XMLHttpRequest;o.open(`POST`,i,!0),o.setRequestHeader(`Content-type`,`application/x-www-form-urlencoded`),o.withCredentials=!0,r+=`&client_id=`+encodeURIComponent(a.clientId);var s=new Date().getTime();o.onreadystatechange=function(){if(o.readyState==4)if(o.status==200){f(`[KEYCLOAK] Token refreshed`),s=(s+new Date().getTime())/2;var e=JSON.parse(o.responseText);w(e.access_token,e.refresh_token,e.id_token,s),a.onAuthRefreshSuccess&&a.onAuthRefreshSuccess();for(var t=c.pop();t!=null;t=c.pop())t.setSuccess(!0)}else{p(`[KEYCLOAK] Failed to refresh token`),o.status==400&&a.clearToken(),a.onAuthRefreshError&&a.onAuthRefreshError();for(var t=c.pop();t!=null;t=c.pop())t.setError(`Failed to refresh token: An unexpected HTTP error occurred while attempting to refresh the token.`)}},o.send(r)}}};return u.enable?N().then(function(){n()}).catch(function(e){t.setError(e)}):n(),t.promise},a.clearToken=function(){a.token&&(w(null,null,null),a.onAuthLogout&&a.onAuthLogout(),a.loginRequired&&a.login())};function y(){if(a.authServerUrl!==void 0)return a.authServerUrl.charAt(a.authServerUrl.length-1)==`/`?a.authServerUrl+`realms/`+encodeURIComponent(a.realm):a.authServerUrl+`/realms/`+encodeURIComponent(a.realm)}function b(){return window.location.origin?window.location.origin:window.location.protocol+`//`+window.location.hostname+(window.location.port?`:`+window.location.port:``)}function x(e,t){var n=e.code,r=e.error,i=e.prompt,o=new Date().getTime();if(e.kc_action_status&&a.onActionUpdate&&a.onActionUpdate(e.kc_action_status,e.kc_action),r){if(i!=`none`)if(e.error_description&&e.error_description===`authentication_expired`)a.login(e.loginOptions);else{var s={error:r,error_description:e.error_description};a.onAuthError&&a.onAuthError(s),t&&t.setError(s)}else t&&t.setSuccess();return}else a.flow!=`standard`&&(e.access_token||e.id_token)&&p(e.access_token,null,e.id_token,!0);if(a.flow!=`implicit`&&n){var c=`code=`+n+`&grant_type=authorization_code`,l=a.endpoints.token(),u=new XMLHttpRequest;u.open(`POST`,l,!0),u.setRequestHeader(`Content-type`,`application/x-www-form-urlencoded`),c+=`&client_id=`+encodeURIComponent(a.clientId),c+=`&redirect_uri=`+e.redirectUri,e.pkceCodeVerifier&&(c+=`&code_verifier=`+e.pkceCodeVerifier),u.withCredentials=!0,u.onreadystatechange=function(){if(u.readyState==4)if(u.status==200){var e=JSON.parse(u.responseText);p(e.access_token,e.refresh_token,e.id_token,a.flow===`standard`),M()}else a.onAuthError&&a.onAuthError(),t&&t.setError()},u.send(c)}function p(n,r,i,s){o=(o+new Date().getTime())/2,w(n,r,i,o),d&&a.idTokenParsed&&a.idTokenParsed.nonce!=e.storedNonce?(f(`[KEYCLOAK] Invalid nonce, clearing token`),a.clearToken(),t&&t.setError()):s&&(a.onAuthSuccess&&a.onAuthSuccess(),t&&t.setSuccess())}}function S(){var e=k(),n;typeof t==`string`&&(n=t);function r(e){e?a.endpoints={authorize:function(){return e.authorization_endpoint},token:function(){return e.token_endpoint},logout:function(){if(!e.end_session_endpoint)throw`Not supported by the OIDC server`;return e.end_session_endpoint},checkSessionIframe:function(){if(!e.check_session_iframe)throw`Not supported by the OIDC server`;return e.check_session_iframe},register:function(){throw`Redirection to "Register user" page not supported in standard OIDC mode`},userinfo:function(){if(!e.userinfo_endpoint)throw`Not supported by the OIDC server`;return e.userinfo_endpoint}}:a.endpoints={authorize:function(){return y()+`/protocol/openid-connect/auth`},token:function(){return y()+`/protocol/openid-connect/token`},logout:function(){return y()+`/protocol/openid-connect/logout`},checkSessionIframe:function(){return y()+`/protocol/openid-connect/login-status-iframe.html`},thirdPartyCookiesIframe:function(){return y()+`/protocol/openid-connect/3p-cookies/step1.html`},register:function(){return y()+`/protocol/openid-connect/registrations`},userinfo:function(){return y()+`/protocol/openid-connect/userinfo`}}}if(n){var i=new XMLHttpRequest;i.open(`GET`,n,!0),i.setRequestHeader(`Accept`,`application/json`),i.onreadystatechange=function(){if(i.readyState==4)if(i.status==200||C(i)){var t=JSON.parse(i.responseText);a.authServerUrl=t[`auth-server-url`],a.realm=t.realm,a.clientId=t.resource,r(null),e.setSuccess()}else e.setError()},i.send()}else{a.clientId=t.clientId;var o=t.oidcProvider;if(!o)a.authServerUrl=t.url,a.realm=t.realm,r(null),e.setSuccess();else if(typeof o==`string`){var s=o.charAt(o.length-1)==`/`?o+`.well-known/openid-configuration`:o+`/.well-known/openid-configuration`,i=new XMLHttpRequest;i.open(`GET`,s,!0),i.setRequestHeader(`Accept`,`application/json`),i.onreadystatechange=function(){i.readyState==4&&(i.status==200||C(i)?(r(JSON.parse(i.responseText)),e.setSuccess()):e.setError())},i.send()}else r(o),e.setSuccess()}return e.promise}function C(e){return e.status==0&&e.responseText&&e.responseURL.startsWith(`file:`)}function w(e,t,n,r){if(a.tokenTimeoutHandle&&=(clearTimeout(a.tokenTimeoutHandle),null),t?(a.refreshToken=t,a.refreshTokenParsed=i(t)):(delete a.refreshToken,delete a.refreshTokenParsed),n?(a.idToken=n,a.idTokenParsed=i(n)):(delete a.idToken,delete a.idTokenParsed),e){if(a.token=e,a.tokenParsed=i(e),a.sessionId=a.tokenParsed.sid,a.authenticated=!0,a.subject=a.tokenParsed.sub,a.realmAccess=a.tokenParsed.realm_access,a.resourceAccess=a.tokenParsed.resource_access,r&&(a.timeSkew=Math.floor(r/1e3)-a.tokenParsed.iat),a.timeSkew!=null&&(f(`[KEYCLOAK] Estimated time difference between browser and server is `+a.timeSkew+` seconds`),a.onTokenExpired)){var o=(a.tokenParsed.exp-new Date().getTime()/1e3+a.timeSkew)*1e3;f(`[KEYCLOAK] Token expires in `+Math.round(o/1e3)+` s`),o<=0?a.onTokenExpired():a.tokenTimeoutHandle=setTimeout(a.onTokenExpired,o)}}else delete a.token,delete a.tokenParsed,delete a.subject,delete a.realmAccess,delete a.resourceAccess,a.authenticated=!1}function T(){if(typeof crypto>`u`||crypto.randomUUID===void 0)throw Error(`Web Crypto API is not available.`);return crypto.randomUUID()}function E(e){var t=D(e);if(t){var n=l.get(t.state);return n&&(t.valid=!0,t.redirectUri=n.redirectUri,t.storedNonce=n.nonce,t.prompt=n.prompt,t.pkceCodeVerifier=n.pkceCodeVerifier,t.loginOptions=n.loginOptions),t}}function D(e){var t;switch(a.flow){case`standard`:t=[`code`,`state`,`session_state`,`kc_action_status`,`kc_action`,`iss`];break;case`implicit`:t=[`access_token`,`token_type`,`id_token`,`state`,`session_state`,`expires_in`,`kc_action_status`,`kc_action`,`iss`];break;case`hybrid`:t=[`access_token`,`token_type`,`id_token`,`code`,`state`,`session_state`,`expires_in`,`kc_action_status`,`kc_action`,`iss`];break}t.push(`error`),t.push(`error_description`),t.push(`error_uri`);var n=e.indexOf(`?`),r=e.indexOf(`#`),i,o;if(a.responseMode===`query`&&n!==-1?(i=e.substring(0,n),o=O(e.substring(n+1,r===-1?e.length:r),t),o.paramsString!==``&&(i+=`?`+o.paramsString),r!==-1&&(i+=e.substring(r))):a.responseMode===`fragment`&&r!==-1&&(i=e.substring(0,r),o=O(e.substring(r+1),t),o.paramsString!==``&&(i+=`#`+o.paramsString)),o&&o.oauthParams){if(a.flow===`standard`||a.flow===`hybrid`){if((o.oauthParams.code||o.oauthParams.error)&&o.oauthParams.state)return o.oauthParams.newUrl=i,o.oauthParams}else if(a.flow===`implicit`&&(o.oauthParams.access_token||o.oauthParams.error)&&o.oauthParams.state)return o.oauthParams.newUrl=i,o.oauthParams}}function O(e,t){for(var n=e.split(`&`),r={paramsString:``,oauthParams:{}},i=0;i<n.length;i++){var a=n[i].indexOf(`=`),o=n[i].slice(0,a);t.indexOf(o)===-1?(r.paramsString!==``&&(r.paramsString+=`&`),r.paramsString+=n[i]):r.oauthParams[o]=n[i].slice(a+1)}return r}function k(){var e={setSuccess:function(t){e.resolve(t)},setError:function(t){e.reject(t)}};return e.promise=new Promise(function(t,n){e.resolve=t,e.reject=n}),e}function A(e,t,n){var r=null,i=new Promise(function(e,i){r=setTimeout(function(){i({error:n||`Promise is not settled within timeout of `+t+`ms`})},t)});return Promise.race([e,i]).finally(function(){clearTimeout(r)})}function j(){var e=k();if(!u.enable||u.iframe)return e.setSuccess(),e.promise;var t=document.createElement(`iframe`);u.iframe=t,t.onload=function(){var t=a.endpoints.authorize();t.charAt(0)===`/`?u.iframeOrigin=b():u.iframeOrigin=t.substring(0,t.indexOf(`/`,8)),e.setSuccess()};var n=a.endpoints.checkSessionIframe();return t.setAttribute(`src`,n),t.setAttribute(`sandbox`,`allow-storage-access-by-user-activation allow-scripts allow-same-origin`),t.setAttribute(`title`,`keycloak-session-iframe`),t.style.display=`none`,document.body.appendChild(t),window.addEventListener(`message`,function(e){if(!(e.origin!==u.iframeOrigin||u.iframe.contentWindow!==e.source)&&(e.data==`unchanged`||e.data==`changed`||e.data==`error`)){e.data!=`unchanged`&&a.clearToken();for(var t=u.callbackList.splice(0,u.callbackList.length),n=t.length-1;n>=0;--n){var r=t[n];e.data==`error`?r.setError():r.setSuccess(e.data==`unchanged`)}}},!1),e.promise}function M(){u.enable&&a.token&&setTimeout(function(){N().then(function(e){e&&M()})},u.interval*1e3)}function N(){var e=k();if(u.iframe&&u.iframeOrigin){var t=a.clientId+` `+(a.sessionId?a.sessionId:``);u.callbackList.push(e);var n=u.iframeOrigin;u.callbackList.length==1&&u.iframe.contentWindow.postMessage(t,n)}else e.setSuccess();return e.promise}function P(){var e=k();if((u.enable||a.silentCheckSsoRedirectUri)&&typeof a.endpoints.thirdPartyCookiesIframe==`function`){var t=document.createElement(`iframe`);t.setAttribute(`src`,a.endpoints.thirdPartyCookiesIframe()),t.setAttribute(`sandbox`,`allow-storage-access-by-user-activation allow-scripts allow-same-origin`),t.setAttribute(`title`,`keycloak-3p-check-iframe`),t.style.display=`none`,document.body.appendChild(t);var n=function(r){t.contentWindow===r.source&&(r.data!==`supported`&&r.data!==`unsupported`||(r.data===`unsupported`&&(p(`[KEYCLOAK] Your browser is blocking access to 3rd-party cookies, this means: - It is not possible to retrieve tokens without redirecting to the Keycloak server (a.k.a. no support for silent authentication). - It is not possible to automatically detect changes to the session status (such as the user logging out in another tab). For more information see: https://www.keycloak.org/securing-apps/javascript-adapter#_modern_browsers`),u.enable=!1,a.silentCheckSsoFallback&&(a.silentCheckSsoRedirectUri=!1)),document.body.removeChild(t),window.removeEventListener(`message`,n),e.setSuccess()))};window.addEventListener(`message`,n,!1)}else e.setSuccess();return A(e.promise,a.messageReceiveTimeout,`Timeout when waiting for 3rd party check iframe message.`)}function F(e){if(!e||e==`default`)return{login:async function(e){return window.location.assign(await a.createLoginUrl(e)),k().promise},logout:async function(e){if((e?.logoutMethod??a.logoutMethod)===`GET`){window.location.replace(a.createLogoutUrl(e));return}let t=document.createElement(`form`);t.setAttribute(`method`,`POST`),t.setAttribute(`action`,a.createLogoutUrl(e)),t.style.display=`none`;let n={id_token_hint:a.idToken,client_id:a.clientId,post_logout_redirect_uri:o.redirectUri(e,!1)};for(let[e,r]of Object.entries(n)){let n=document.createElement(`input`);n.setAttribute(`type`,`hidden`),n.setAttribute(`name`,e),n.setAttribute(`value`,r),t.appendChild(n)}document.body.appendChild(t),t.submit()},register:async function(e){return window.location.assign(await a.createRegisterUrl(e)),k().promise},accountManagement:function(){var e=a.createAccountUrl();if(e!==void 0)window.location.href=e;else throw`Not supported by the OIDC server`;return k().promise},redirectUri:function(e,t){return arguments.length==1&&(t=!0),e&&e.redirectUri?e.redirectUri:a.redirectUri?a.redirectUri:location.href}};if(e==`cordova`){u.enable=!1;var t=function(e,t,n){return window.cordova&&window.cordova.InAppBrowser?window.cordova.InAppBrowser.open(e,t,n):window.open(e,t,n)},n=function(e){return e&&e.cordovaOptions?Object.keys(e.cordovaOptions).reduce(function(t,n){return t[n]=e.cordovaOptions[n],t},{}):{}},r=function(e){return Object.keys(e).reduce(function(t,n){return t.push(n+`=`+e[n]),t},[]).join(`,`)},i=function(e){var t=n(e);return t.location=`no`,e&&e.prompt==`none`&&(t.hidden=`yes`),r(t)},s=function(){return a.redirectUri||`http://localhost`};return{login:async function(e){var n=k(),r=i(e),o=t(await a.createLoginUrl(e),`_blank`,r),c=!1,l=!1,u=function(){l=!0,o.close()};return o.addEventListener(`loadstart`,function(e){e.url.indexOf(s())==0&&(x(E(e.url),n),u(),c=!0)}),o.addEventListener(`loaderror`,function(e){c||(e.url.indexOf(s())==0?(x(E(e.url),n),u(),c=!0):(n.setError(),u()))}),o.addEventListener(`exit`,function(e){l||n.setError({reason:`closed_by_user`})}),n.promise},logout:function(e){var n=k(),r=t(a.createLogoutUrl(e),`_blank`,`location=no,hidden=yes,clearcache=yes`),i;return r.addEventListener(`loadstart`,function(e){e.url.indexOf(s())==0&&r.close()}),r.addEventListener(`loaderror`,function(e){e.url.indexOf(s())==0||(i=!0),r.close()}),r.addEventListener(`exit`,function(e){i?n.setError():(a.clearToken(),n.setSuccess())}),n.promise},register:async function(e){var n=k(),r=t(await a.createRegisterUrl(),`_blank`,i(e));return r.addEventListener(`loadstart`,function(e){e.url.indexOf(s())==0&&(r.close(),x(E(e.url),n))}),n.promise},accountManagement:function(){var e=a.createAccountUrl();if(e!==void 0){var n=t(e,`_blank`,`location=no`);n.addEventListener(`loadstart`,function(e){e.url.indexOf(s())==0&&n.close()})}else throw`Not supported by the OIDC server`},redirectUri:function(e){return s()}}}if(e==`cordova-native`)return u.enable=!1,{login:async function(e){var t=k(),n=await a.createLoginUrl(e);return universalLinks.subscribe(`keycloak`,function(e){universalLinks.unsubscribe(`keycloak`),window.cordova.plugins.browsertab.close(),x(E(e.url),t)}),window.cordova.plugins.browsertab.openUrl(n),t.promise},logout:function(e){var t=k(),n=a.createLogoutUrl(e);return universalLinks.subscribe(`keycloak`,function(e){universalLinks.unsubscribe(`keycloak`),window.cordova.plugins.browsertab.close(),a.clearToken(),t.setSuccess()}),window.cordova.plugins.browsertab.openUrl(n),t.promise},register:async function(e){var t=k(),n=await a.createRegisterUrl(e);return universalLinks.subscribe(`keycloak`,function(e){universalLinks.unsubscribe(`keycloak`),window.cordova.plugins.browsertab.close(),x(E(e.url),t)}),window.cordova.plugins.browsertab.openUrl(n),t.promise},accountManagement:function(){var e=a.createAccountUrl();if(e!==void 0)window.cordova.plugins.browsertab.openUrl(e);else throw`Not supported by the OIDC server`},redirectUri:function(e){return e&&e.redirectUri?e.redirectUri:a.redirectUri?a.redirectUri:`http://localhost`}};throw`invalid adapter type: `+e}let I=`kc-callback-`;var L=function(){if(!(this instanceof L))return new L;localStorage.setItem(`kc-test`,`test`),localStorage.removeItem(`kc-test`);var e=this;function t(){let e=Date.now();for(let[t,n]of r()){let r=i(n);(r===null||r<e)&&localStorage.removeItem(t)}}function n(){for(let[e]of r())localStorage.removeItem(e)}function r(){return Object.entries(localStorage).filter(([e])=>e.startsWith(I))}function i(e){let t;try{t=JSON.parse(e)}catch{return null}return s(t)&&`expires`in t&&typeof t.expires==`number`?t.expires:null}e.get=function(e){if(e){var n=I+e,r=localStorage.getItem(n);return r&&=(localStorage.removeItem(n),JSON.parse(r)),t(),r}},e.add=function(e){t();let r=I+e.state,i=JSON.stringify({...e,expires:Date.now()+3600*1e3});try{localStorage.setItem(r,i)}catch{n(),localStorage.setItem(r,i)}}},R=function(){if(!(this instanceof R))return new R;var e=this;e.get=function(e){if(e){var i=n(I+e);if(r(I+e,``,t(-100)),i)return JSON.parse(i)}},e.add=function(e){r(I+e.state,JSON.stringify(e),t(60))},e.removeItem=function(e){r(e,``,t(-100))};var t=function(e){var t=new Date;return t.setTime(t.getTime()+e*60*1e3),t},n=function(e){for(var t=e+`=`,n=document.cookie.split(`;`),r=0;r<n.length;r++){for(var i=n[r];i.charAt(0)==` `;)i=i.substring(1);if(i.indexOf(t)==0)return i.substring(t.length,i.length)}return``},r=function(e,t,n){var r=e+`=`+t+`; expires=`+n.toUTCString()+`; `;document.cookie=r}};function z(){try{return new L}catch{}return new R}function B(e){return function(){a.enableLogging&&e.apply(console,Array.prototype.slice.call(arguments))}}}var t=e;function n(e){let t=String.fromCodePoint(...e);return btoa(t)}async function r(e){let t=new TextEncoder().encode(e);if(typeof crypto>`u`||crypto.subtle===void 0)throw Error(`Web Crypto API is not available.`);return await crypto.subtle.digest(`SHA-256`,t)}function i(e){let[t,n]=e.split(`.`);if(typeof n!=`string`)throw Error(`Unable to decode token, payload not found.`);let r;try{r=a(n)}catch(e){throw Error(`Unable to decode token, payload is not a valid Base64URL value.`,{cause:e})}try{return JSON.parse(r)}catch(e){throw Error(`Unable to decode token, payload is not a valid JSON value.`,{cause:e})}}function a(e){let t=e.replaceAll(`-`,`+`).replaceAll(`_`,`/`);switch(t.length%4){case 0:break;case 2:t+=`==`;break;case 3:t+=`=`;break;default:throw Error(`Input is not of the correct length.`)}try{return o(t)}catch{return atob(t)}}function o(e){return decodeURIComponent(atob(e).replace(/(.)/g,(e,t)=>{let n=t.charCodeAt(0).toString(16).toUpperCase();return n.length<2&&(n=`0`+n),`%`+n}))}function s(e){return typeof e==`object`&&!!e}export{t as default}; //# sourceMappingURL=keycloak.Bd_Y67Ve.js.map