UNPKG

@it-enterprise/jwtauthentication

Version:

JSON Web Token-Based authentication library

1 lines • 130 kB

JavaScript

(function(e,t){"object"===typeof exports&&"object"===typeof module?module.exports=t():"function"===typeof define&&define.amd?define([],t):"object"===typeof exports?exports["jwtauthentication"]=t():e["jwtauthentication"]=t()})("undefined"!==typeof self?self:this,(()=>(()=>{var e={12:e=>{"use strict";e.exports=function(e,t){return function(){for(var r=new Array(arguments.length),s=0;s<r.length;s++)r[s]=arguments[s];return e.apply(t,r)}}},15:(e,t,r)=>{"use strict";var s=r(516),n=r(12),i=r(155),o=r(343),a=r(412);function c(e){var t=new i(e),r=n(i.prototype.request,t);return s.extend(r,i.prototype,t),s.extend(r,t),r.create=function(t){return c(o(e,t))},r}var u=c(a);u.Axios=i,u.CanceledError=r(563),u.CancelToken=r(191),u.isCancel=r(864),u.VERSION=r(641).version,u.toFormData=r(440),u.AxiosError=r(845),u.Cancel=u.CanceledError,u.all=function(e){return Promise.all(e)},u.spread=r(980),u.isAxiosError=r(19),e.exports=u,e.exports["default"]=u},18:(e,t,r)=>{"use strict";var s=r(516);e.exports=function(e,t){s.forEach(e,(function(r,s){s!==t&&s.toUpperCase()===t.toUpperCase()&&(e[t]=r,delete e[s])}))}},19:(e,t,r)=>{"use strict";var s=r(516);e.exports=function(e){return s.isObject(e)&&!0===e.isAxiosError}},106:(e,t,r)=>{"use strict";var s=r(516);function n(e){return encodeURIComponent(e).replace(/%3A/gi,":").replace(/%24/g,"$").replace(/%2C/gi,",").replace(/%20/g,"+").replace(/%5B/gi,"[").replace(/%5D/gi,"]")}e.exports=function(e,t,r){if(!t)return e;var i;if(r)i=r(t);else if(s.isURLSearchParams(t))i=t.toString();else{var o=[];s.forEach(t,(function(e,t){null!==e&&"undefined"!==typeof e&&(s.isArray(e)?t+="[]":e=[e],s.forEach(e,(function(e){s.isDate(e)?e=e.toISOString():s.isObject(e)&&(e=JSON.stringify(e)),o.push(n(t)+"="+n(e))})))})),i=o.join("&")}if(i){var a=e.indexOf("#");-1!==a&&(e=e.slice(0,a)),e+=(-1===e.indexOf("?")?"?":"&")+i}return e}},137:e=>{"use strict";e.exports=function(e){return/^([a-z][a-z\d+\-.]*:)?\/\//i.test(e)}},155:(e,t,r)=>{"use strict";var s=r(516),n=r(106),i=r(471),o=r(490),a=r(343),c=r(615),u=r(841),h=u.validators;function l(e){this.defaults=e,this.interceptors={request:new i,response:new i}}l.prototype.request=function(e,t){"string"===typeof e?(t=t||{},t.url=e):t=e||{},t=a(this.defaults,t),t.method?t.method=t.method.toLowerCase():this.defaults.method?t.method=this.defaults.method.toLowerCase():t.method="get";var r=t.transitional;void 0!==r&&u.assertOptions(r,{silentJSONParsing:h.transitional(h.boolean),forcedJSONParsing:h.transitional(h.boolean),clarifyTimeoutError:h.transitional(h.boolean)},!1);var s=[],n=!0;this.interceptors.request.forEach((function(e){"function"===typeof e.runWhen&&!1===e.runWhen(t)||(n=n&&e.synchronous,s.unshift(e.fulfilled,e.rejected))}));var i,c=[];if(this.interceptors.response.forEach((function(e){c.push(e.fulfilled,e.rejected)})),!n){var l=[o,void 0];Array.prototype.unshift.apply(l,s),l=l.concat(c),i=Promise.resolve(t);while(l.length)i=i.then(l.shift(),l.shift());return i}var d=t;while(s.length){var g=s.shift(),p=s.shift();try{d=g(d)}catch(_){p(_);break}}try{i=o(d)}catch(_){return Promise.reject(_)}while(c.length)i=i.then(c.shift(),c.shift());return i},l.prototype.getUri=function(e){e=a(this.defaults,e);var t=c(e.baseURL,e.url);return n(t,e.params,e.paramsSerializer)},s.forEach(["delete","get","head","options"],(function(e){l.prototype[e]=function(t,r){return this.request(a(r||{},{method:e,url:t,data:(r||{}).data}))}})),s.forEach(["post","put","patch"],(function(e){function t(t){return function(r,s,n){return this.request(a(n||{},{method:e,headers:t?{"Content-Type":"multipart/form-data"}:{},url:r,data:s}))}}l.prototype[e]=t(),l.prototype[e+"Form"]=t(!0)})),e.exports=l},191:(e,t,r)=>{"use strict";var s=r(563);function n(e){if("function"!==typeof e)throw new TypeError("executor must be a function.");var t;this.promise=new Promise((function(e){t=e}));var r=this;this.promise.then((function(e){if(r._listeners){var t,s=r._listeners.length;for(t=0;t<s;t++)r._listeners[t](e);r._listeners=null}})),this.promise.then=function(e){var t,s=new Promise((function(e){r.subscribe(e),t=e})).then(e);return s.cancel=function(){r.unsubscribe(t)},s},e((function(e){r.reason||(r.reason=new s(e),t(r.reason))}))}n.prototype.throwIfRequested=function(){if(this.reason)throw this.reason},n.prototype.subscribe=function(e){this.reason?e(this.reason):this._listeners?this._listeners.push(e):this._listeners=[e]},n.prototype.unsubscribe=function(e){if(this._listeners){var t=this._listeners.indexOf(e);-1!==t&&this._listeners.splice(t,1)}},n.source=function(){var e,t=new n((function(t){e=t}));return{token:t,cancel:e}},e.exports=n},202:(e,t,r)=>{"use strict";var s=r(516);e.exports=s.isStandardBrowserEnv()?function(){var e,t=/(msie|trident)/i.test(navigator.userAgent),r=document.createElement("a");function n(e){var s=e;return t&&(r.setAttribute("href",s),s=r.href),r.setAttribute("href",s),{href:r.href,protocol:r.protocol?r.protocol.replace(/:$/,""):"",host:r.host,search:r.search?r.search.replace(/^\?/,""):"",hash:r.hash?r.hash.replace(/^#/,""):"",hostname:r.hostname,port:r.port,pathname:"/"===r.pathname.charAt(0)?r.pathname:"/"+r.pathname}}return e=n(window.location.href),function(t){var r=s.isString(t)?n(t):t;return r.protocol===e.protocol&&r.host===e.host}}():function(){return function(){return!0}}()},343:(e,t,r)=>{"use strict";var s=r(516);e.exports=function(e,t){t=t||{};var r={};function n(e,t){return s.isPlainObject(e)&&s.isPlainObject(t)?s.merge(e,t):s.isPlainObject(t)?s.merge({},t):s.isArray(t)?t.slice():t}function i(r){return s.isUndefined(t[r])?s.isUndefined(e[r])?void 0:n(void 0,e[r]):n(e[r],t[r])}function o(e){if(!s.isUndefined(t[e]))return n(void 0,t[e])}function a(r){return s.isUndefined(t[r])?s.isUndefined(e[r])?void 0:n(void 0,e[r]):n(void 0,t[r])}function c(r){return r in t?n(e[r],t[r]):r in e?n(void 0,e[r]):void 0}var u={url:o,method:o,data:o,baseURL:a,transformRequest:a,transformResponse:a,paramsSerializer:a,timeout:a,timeoutMessage:a,withCredentials:a,adapter:a,responseType:a,xsrfCookieName:a,xsrfHeaderName:a,onUploadProgress:a,onDownloadProgress:a,decompress:a,maxContentLength:a,maxBodyLength:a,beforeRedirect:a,transport:a,httpAgent:a,httpsAgent:a,cancelToken:a,socketPath:a,responseEncoding:a,validateStatus:c};return s.forEach(Object.keys(e).concat(Object.keys(t)),(function(e){var t=u[e]||i,n=t(e);s.isUndefined(n)&&t!==c||(r[e]=n)})),r}},412:(e,t,r)=>{"use strict";var s=r(516),n=r(18),i=r(845),o=r(896),a=r(440),c={"Content-Type":"application/x-www-form-urlencoded"};function u(e,t){!s.isUndefined(e)&&s.isUndefined(e["Content-Type"])&&(e["Content-Type"]=t)}function h(){var e;return("undefined"!==typeof XMLHttpRequest||"undefined"!==typeof process&&"[object process]"===Object.prototype.toString.call(process))&&(e=r(592)),e}function l(e,t,r){if(s.isString(e))try{return(t||JSON.parse)(e),s.trim(e)}catch(n){if("SyntaxError"!==n.name)throw n}return(r||JSON.stringify)(e)}var d={transitional:o,adapter:h(),transformRequest:[function(e,t){if(n(t,"Accept"),n(t,"Content-Type"),s.isFormData(e)||s.isArrayBuffer(e)||s.isBuffer(e)||s.isStream(e)||s.isFile(e)||s.isBlob(e))return e;if(s.isArrayBufferView(e))return e.buffer;if(s.isURLSearchParams(e))return u(t,"application/x-www-form-urlencoded;charset=utf-8"),e.toString();var r,i=s.isObject(e),o=t&&t["Content-Type"];if((r=s.isFileList(e))||i&&"multipart/form-data"===o){var c=this.env&&this.env.FormData;return a(r?{"files[]":e}:e,c&&new c)}return i||"application/json"===o?(u(t,"application/json"),l(e)):e}],transformResponse:[function(e){var t=this.transitional||d.transitional,r=t&&t.silentJSONParsing,n=t&&t.forcedJSONParsing,o=!r&&"json"===this.responseType;if(o||n&&s.isString(e)&&e.length)try{return JSON.parse(e)}catch(a){if(o){if("SyntaxError"===a.name)throw i.from(a,i.ERR_BAD_RESPONSE,this,null,this.response);throw a}}return e}],timeout:0,xsrfCookieName:"XSRF-TOKEN",xsrfHeaderName:"X-XSRF-TOKEN",maxContentLength:-1,maxBodyLength:-1,env:{FormData:r(534)},validateStatus:function(e){return e>=200&&e<300},headers:{common:{Accept:"application/json, text/plain, */*"}}};s.forEach(["delete","get","head"],(function(e){d.headers[e]={}})),s.forEach(["post","put","patch"],(function(e){d.headers[e]=s.merge(c)})),e.exports=d},440:(e,t,r)=>{"use strict";var s=r(516);function n(e,t){t=t||new FormData;var r=[];function n(e){return null===e?"":s.isDate(e)?e.toISOString():s.isArrayBuffer(e)||s.isTypedArray(e)?"function"===typeof Blob?new Blob([e]):Buffer.from(e):e}function i(e,o){if(s.isPlainObject(e)||s.isArray(e)){if(-1!==r.indexOf(e))throw Error("Circular reference detected in "+o);r.push(e),s.forEach(e,(function(e,r){if(!s.isUndefined(e)){var a,c=o?o+"."+r:r;if(e&&!o&&"object"===typeof e)if(s.endsWith(r,"{}"))e=JSON.stringify(e);else if(s.endsWith(r,"[]")&&(a=s.toArray(e)))return void a.forEach((function(e){!s.isUndefined(e)&&t.append(c,n(e))}));i(e,c)}})),r.pop()}else t.append(o,n(e))}return i(e),t}e.exports=n},471:(e,t,r)=>{"use strict";var s=r(516);function n(){this.handlers=[]}n.prototype.use=function(e,t,r){return this.handlers.push({fulfilled:e,rejected:t,synchronous:!!r&&r.synchronous,runWhen:r?r.runWhen:null}),this.handlers.length-1},n.prototype.eject=function(e){this.handlers[e]&&(this.handlers[e]=null)},n.prototype.forEach=function(e){s.forEach(this.handlers,(function(t){null!==t&&e(t)}))},e.exports=n},490:(e,t,r)=>{"use strict";var s=r(516),n=r(881),i=r(864),o=r(412),a=r(563);function c(e){if(e.cancelToken&&e.cancelToken.throwIfRequested(),e.signal&&e.signal.aborted)throw new a}e.exports=function(e){c(e),e.headers=e.headers||{},e.data=n.call(e,e.data,e.headers,e.transformRequest),e.headers=s.merge(e.headers.common||{},e.headers[e.method]||{},e.headers),s.forEach(["delete","get","head","post","put","patch","common"],(function(t){delete e.headers[t]}));var t=e.adapter||o.adapter;return t(e).then((function(t){return c(e),t.data=n.call(e,t.data,t.headers,e.transformResponse),t}),(function(t){return i(t)||(c(e),t&&t.response&&(t.response.data=n.call(e,t.response.data,t.response.headers,e.transformResponse))),Promise.reject(t)}))}},505:(e,t,r)=>{e.exports=r(15)},516:(e,t,r)=>{"use strict";var s=r(12),n=Object.prototype.toString,i=function(e){return function(t){var r=n.call(t);return e[r]||(e[r]=r.slice(8,-1).toLowerCase())}}(Object.create(null));function o(e){return e=e.toLowerCase(),function(t){return i(t)===e}}function a(e){return Array.isArray(e)}function c(e){return"undefined"===typeof e}function u(e){return null!==e&&!c(e)&&null!==e.constructor&&!c(e.constructor)&&"function"===typeof e.constructor.isBuffer&&e.constructor.isBuffer(e)}var h=o("ArrayBuffer");function l(e){var t;return t="undefined"!==typeof ArrayBuffer&&ArrayBuffer.isView?ArrayBuffer.isView(e):e&&e.buffer&&h(e.buffer),t}function d(e){return"string"===typeof e}function g(e){return"number"===typeof e}function p(e){return null!==e&&"object"===typeof e}function _(e){if("object"!==i(e))return!1;var t=Object.getPrototypeOf(e);return null===t||t===Object.prototype}var f=o("Date"),w=o("File"),m=o("Blob"),v=o("FileList");function y(e){return"[object Function]"===n.call(e)}function k(e){return p(e)&&y(e.pipe)}function b(e){var t="[object FormData]";return e&&("function"===typeof FormData&&e instanceof FormData||n.call(e)===t||y(e.toString)&&e.toString()===t)}var S=o("URLSearchParams");function T(e){return e.trim?e.trim():e.replace(/^\s+|\s+$/g,"")}function x(){return("undefined"===typeof navigator||"ReactNative"!==navigator.product&&"NativeScript"!==navigator.product&&"NS"!==navigator.product)&&("undefined"!==typeof window&&"undefined"!==typeof document)}function E(e,t){if(null!==e&&"undefined"!==typeof e)if("object"!==typeof e&&(e=[e]),a(e))for(var r=0,s=e.length;r<s;r++)t.call(null,e[r],r,e);else for(var n in e)Object.prototype.hasOwnProperty.call(e,n)&&t.call(null,e[n],n,e)}function R(){var e={};function t(t,r){_(e[r])&&_(t)?e[r]=R(e[r],t):_(t)?e[r]=R({},t):a(t)?e[r]=t.slice():e[r]=t}for(var r=0,s=arguments.length;r<s;r++)E(arguments[r],t);return e}function U(e,t,r){return E(t,(function(t,n){e[n]=r&&"function"===typeof t?s(t,r):t})),e}function P(e){return 65279===e.charCodeAt(0)&&(e=e.slice(1)),e}function C(e,t,r,s){e.prototype=Object.create(t.prototype,s),e.prototype.constructor=e,r&&Object.assign(e.prototype,r)}function O(e,t,r){var s,n,i,o={};t=t||{};do{s=Object.getOwnPropertyNames(e),n=s.length;while(n-- >0)i=s[n],o[i]||(t[i]=e[i],o[i]=!0);e=Object.getPrototypeOf(e)}while(e&&(!r||r(e,t))&&e!==Object.prototype);return t}function I(e,t,r){e=String(e),(void 0===r||r>e.length)&&(r=e.length),r-=t.length;var s=e.indexOf(t,r);return-1!==s&&s===r}function A(e){if(!e)return null;var t=e.length;if(c(t))return null;var r=new Array(t);while(t-- >0)r[t]=e[t];return r}var N=function(e){return function(t){return e&&t instanceof e}}("undefined"!==typeof Uint8Array&&Object.getPrototypeOf(Uint8Array));e.exports={isArray:a,isArrayBuffer:h,isBuffer:u,isFormData:b,isArrayBufferView:l,isString:d,isNumber:g,isObject:p,isPlainObject:_,isUndefined:c,isDate:f,isFile:w,isBlob:m,isFunction:y,isStream:k,isURLSearchParams:S,isStandardBrowserEnv:x,forEach:E,merge:R,extend:U,trim:T,stripBOM:P,inherits:C,toFlatObject:O,kindOf:i,kindOfTest:o,endsWith:I,toArray:A,isTypedArray:N,isFileList:v}},522:(e,t,r)=>{"use strict";var s=r(845);e.exports=function(e,t,r){var n=r.config.validateStatus;r.status&&n&&!n(r.status)?t(new s("Request failed with status code "+r.status,[s.ERR_BAD_REQUEST,s.ERR_BAD_RESPONSE][Math.floor(r.status/100)-4],r.config,r.request,r)):e(r)}},534:e=>{e.exports=null},563:(e,t,r)=>{"use strict";var s=r(845),n=r(516);function i(e){s.call(this,null==e?"canceled":e,s.ERR_CANCELED),this.name="CanceledError"}n.inherits(i,s,{__CANCEL__:!0}),e.exports=i},592:(e,t,r)=>{"use strict";var s=r(516),n=r(522),i=r(948),o=r(106),a=r(615),c=r(631),u=r(202),h=r(896),l=r(845),d=r(563),g=r(656);e.exports=function(e){return new Promise((function(t,r){var p,_=e.data,f=e.headers,w=e.responseType;function m(){e.cancelToken&&e.cancelToken.unsubscribe(p),e.signal&&e.signal.removeEventListener("abort",p)}s.isFormData(_)&&s.isStandardBrowserEnv()&&delete f["Content-Type"];var v=new XMLHttpRequest;if(e.auth){var y=e.auth.username||"",k=e.auth.password?unescape(encodeURIComponent(e.auth.password)):"";f.Authorization="Basic "+btoa(y+":"+k)}var b=a(e.baseURL,e.url);function S(){if(v){var s="getAllResponseHeaders"in v?c(v.getAllResponseHeaders()):null,i=w&&"text"!==w&&"json"!==w?v.response:v.responseText,o={data:i,status:v.status,statusText:v.statusText,headers:s,config:e,request:v};n((function(e){t(e),m()}),(function(e){r(e),m()}),o),v=null}}if(v.open(e.method.toUpperCase(),o(b,e.params,e.paramsSerializer),!0),v.timeout=e.timeout,"onloadend"in v?v.onloadend=S:v.onreadystatechange=function(){v&&4===v.readyState&&(0!==v.status||v.responseURL&&0===v.responseURL.indexOf("file:"))&&setTimeout(S)},v.onabort=function(){v&&(r(new l("Request aborted",l.ECONNABORTED,e,v)),v=null)},v.onerror=function(){r(new l("Network Error",l.ERR_NETWORK,e,v,v)),v=null},v.ontimeout=function(){var t=e.timeout?"timeout of "+e.timeout+"ms exceeded":"timeout exceeded",s=e.transitional||h;e.timeoutErrorMessage&&(t=e.timeoutErrorMessage),r(new l(t,s.clarifyTimeoutError?l.ETIMEDOUT:l.ECONNABORTED,e,v)),v=null},s.isStandardBrowserEnv()){var T=(e.withCredentials||u(b))&&e.xsrfCookieName?i.read(e.xsrfCookieName):void 0;T&&(f[e.xsrfHeaderName]=T)}"setRequestHeader"in v&&s.forEach(f,(function(e,t){"undefined"===typeof _&&"content-type"===t.toLowerCase()?delete f[t]:v.setRequestHeader(t,e)})),s.isUndefined(e.withCredentials)||(v.withCredentials=!!e.withCredentials),w&&"json"!==w&&(v.responseType=e.responseType),"function"===typeof e.onDownloadProgress&&v.addEventListener("progress",e.onDownloadProgress),"function"===typeof e.onUploadProgress&&v.upload&&v.upload.addEventListener("progress",e.onUploadProgress),(e.cancelToken||e.signal)&&(p=function(e){v&&(r(!e||e&&e.type?new d:e),v.abort(),v=null)},e.cancelToken&&e.cancelToken.subscribe(p),e.signal&&(e.signal.aborted?p():e.signal.addEventListener("abort",p))),_||(_=null);var x=g(b);x&&-1===["http","https","file"].indexOf(x)?r(new l("Unsupported protocol "+x+":",l.ERR_BAD_REQUEST,e)):v.send(_)}))}},615:(e,t,r)=>{"use strict";var s=r(137),n=r(680);e.exports=function(e,t){return e&&!s(t)?n(e,t):t}},631:(e,t,r)=>{"use strict";var s=r(516),n=["age","authorization","content-length","content-type","etag","expires","from","host","if-modified-since","if-unmodified-since","last-modified","location","max-forwards","proxy-authorization","referer","retry-after","user-agent"];e.exports=function(e){var t,r,i,o={};return e?(s.forEach(e.split("\n"),(function(e){if(i=e.indexOf(":"),t=s.trim(e.substr(0,i)).toLowerCase(),r=s.trim(e.substr(i+1)),t){if(o[t]&&n.indexOf(t)>=0)return;o[t]="set-cookie"===t?(o[t]?o[t]:[]).concat([r]):o[t]?o[t]+", "+r:r}})),o):o}},641:e=>{e.exports={version:"0.27.2"}},656:e=>{"use strict";e.exports=function(e){var t=/^([-+\w]{1,25})(:?\/\/|:)/.exec(e);return t&&t[1]||""}},680:e=>{"use strict";e.exports=function(e,t){return t?e.replace(/\/+$/,"")+"/"+t.replace(/^\/+/,""):e}},841:(e,t,r)=>{"use strict";var s=r(641).version,n=r(845),i={};["object","boolean","number","function","string","symbol"].forEach((function(e,t){i[e]=function(r){return typeof r===e||"a"+(t<1?"n ":" ")+e}}));var o={};function a(e,t,r){if("object"!==typeof e)throw new n("options must be an object",n.ERR_BAD_OPTION_VALUE);var s=Object.keys(e),i=s.length;while(i-- >0){var o=s[i],a=t[o];if(a){var c=e[o],u=void 0===c||a(c,o,e);if(!0!==u)throw new n("option "+o+" must be "+u,n.ERR_BAD_OPTION_VALUE)}else if(!0!==r)throw new n("Unknown option "+o,n.ERR_BAD_OPTION)}}i.transitional=function(e,t,r){function i(e,t){return"[Axios v"+s+"] Transitional option '"+e+"'"+t+(r?". "+r:"")}return function(r,s,a){if(!1===e)throw new n(i(s," has been removed"+(t?" in "+t:"")),n.ERR_DEPRECATED);return t&&!o[s]&&(o[s]=!0,console.warn(i(s," has been deprecated since v"+t+" and will be removed in the near future"))),!e||e(r,s,a)}},e.exports={assertOptions:a,validators:i}},845:(e,t,r)=>{"use strict";var s=r(516);function n(e,t,r,s,n){Error.call(this),this.message=e,this.name="AxiosError",t&&(this.code=t),r&&(this.config=r),s&&(this.request=s),n&&(this.response=n)}s.inherits(n,Error,{toJSON:function(){return{message:this.message,name:this.name,description:this.description,number:this.number,fileName:this.fileName,lineNumber:this.lineNumber,columnNumber:this.columnNumber,stack:this.stack,config:this.config,code:this.code,status:this.response&&this.response.status?this.response.status:null}}});var i=n.prototype,o={};["ERR_BAD_OPTION_VALUE","ERR_BAD_OPTION","ECONNABORTED","ETIMEDOUT","ERR_NETWORK","ERR_FR_TOO_MANY_REDIRECTS","ERR_DEPRECATED","ERR_BAD_RESPONSE","ERR_BAD_REQUEST","ERR_CANCELED"].forEach((function(e){o[e]={value:e}})),Object.defineProperties(n,o),Object.defineProperty(i,"isAxiosError",{value:!0}),n.from=function(e,t,r,o,a,c){var u=Object.create(i);return s.toFlatObject(e,u,(function(e){return e!==Error.prototype})),n.call(u,e.message,t,r,o,a),u.name=e.name,c&&Object.assign(u,c),u},e.exports=n},864:e=>{"use strict";e.exports=function(e){return!(!e||!e.__CANCEL__)}},881:(e,t,r)=>{"use strict";var s=r(516),n=r(412);e.exports=function(e,t,r){var i=this||n;return s.forEach(r,(function(r){e=r.call(i,e,t)})),e}},896:e=>{"use strict";e.exports={silentJSONParsing:!0,forcedJSONParsing:!0,clarifyTimeoutError:!1}},948:(e,t,r)=>{"use strict";var s=r(516);e.exports=s.isStandardBrowserEnv()?function(){return{write:function(e,t,r,n,i,o){var a=[];a.push(e+"="+encodeURIComponent(t)),s.isNumber(r)&&a.push("expires="+new Date(r).toGMTString()),s.isString(n)&&a.push("path="+n),s.isString(i)&&a.push("domain="+i),!0===o&&a.push("secure"),document.cookie=a.join("; ")},read:function(e){var t=document.cookie.match(new RegExp("(^|;\\s*)("+e+")=([^;]*)"));return t?decodeURIComponent(t[3]):null},remove:function(e){this.write(e,"",Date.now()-864e5)}}}():function(){return{write:function(){},read:function(){return null},remove:function(){}}}()},980:e=>{"use strict";e.exports=function(e){return function(t){return e.apply(null,t)}}}},t={};function r(s){var n=t[s];if(void 0!==n)return n.exports;var i=t[s]={exports:{}};return e[s](i,i.exports,r),i.exports}(()=>{r.n=e=>{var t=e&&e.__esModule?()=>e["default"]:()=>e;return r.d(t,{a:t}),t}})(),(()=>{r.d=(e,t)=>{for(var s in t)r.o(t,s)&&!r.o(e,s)&&Object.defineProperty(e,s,{enumerable:!0,get:t[s]})}})(),(()=>{r.o=(e,t)=>Object.prototype.hasOwnProperty.call(e,t)})(),(()=>{r.r=e=>{"undefined"!==typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})}})(),(()=>{r.p=""})();var s={};return(()=>{"use strict";if(r.r(s),r.d(s,{default:()=>ze}),"undefined"!==typeof window){var e=window.document.currentScript,t=e&&e.src.match(/(.+\/)[^/]+\.js(\?.*)?$/);t&&(r.p=t[1])}class n extends Error{}function i(e){return decodeURIComponent(atob(e).replace(/(.)/g,((e,t)=>{let r=t.charCodeAt(0).toString(16).toUpperCase();return r.length<2&&(r="0"+r),"%"+r})))}function o(e){let t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw new Error("base64 string is not of the correct length")}try{return i(t)}catch(r){return atob(t)}}function a(e,t){if("string"!==typeof e)throw new n("Invalid token specified: must be a string");t||(t={});const r=!0===t.header?0:1,s=e.split(".")[r];if("string"!==typeof s)throw new n(`Invalid token specified: missing part #${r+1}`);let i;try{i=o(s)}catch(a){throw new n(`Invalid token specified: invalid base64 for part #${r+1} (${a.message})`)}try{return JSON.parse(i)}catch(a){throw new n(`Invalid token specified: invalid json for part #${r+1} (${a.message})`)}}n.prototype.name="InvalidTokenError";var c,u,h=r(505),l=r.n(h),d={debug:()=>{},info:()=>{},warn:()=>{},error:()=>{}},g=(e=>(e[e["NONE"]=0]="NONE",e[e["ERROR"]=1]="ERROR",e[e["WARN"]=2]="WARN",e[e["INFO"]=3]="INFO",e[e["DEBUG"]=4]="DEBUG",e))(g||{});(e=>{function t(){c=3,u=d}function r(e){if(!(0<=e&&e<=4))throw new Error("Invalid log level");c=e}function s(e){u=e}e.reset=t,e.setLevel=r,e.setLogger=s})(g||(g={}));var p=class e{constructor(e){this._name=e}debug(...t){c>=4&&u.debug(e._format(this._name,this._method),...t)}info(...t){c>=3&&u.info(e._format(this._name,this._method),...t)}warn(...t){c>=2&&u.warn(e._format(this._name,this._method),...t)}error(...t){c>=1&&u.error(e._format(this._name,this._method),...t)}throw(e){throw this.error(e),e}create(e){const t=Object.create(this);return t._method=e,t.debug("begin"),t}static createStatic(t,r){const s=new e(`${t}.${r}`);return s.debug("begin"),s}static _format(e,t){const r=`[${e}]`;return t?`${r} ${t}:`:r}static debug(t,...r){c>=4&&u.debug(e._format(t),...r)}static info(t,...r){c>=3&&u.info(e._format(t),...r)}static warn(t,...r){c>=2&&u.warn(e._format(t),...r)}static error(t,...r){c>=1&&u.error(e._format(t),...r)}};g.reset();var _=class{static decode(e){try{return a(e)}catch(t){throw p.error("JwtUtils.decode",t),t}}static async generateSignedJwt(e,t,r){const s=v.encodeBase64Url((new TextEncoder).encode(JSON.stringify(e))),n=v.encodeBase64Url((new TextEncoder).encode(JSON.stringify(t))),i=`${s}.${n}`,o=await window.crypto.subtle.sign({name:"ECDSA",hash:{name:"SHA-256"}},r,(new TextEncoder).encode(i)),a=v.encodeBase64Url(new Uint8Array(o));return`${i}.${a}`}},f="10000000-1000-4000-8000-100000000000",w=e=>btoa([...new Uint8Array(e)].map((e=>String.fromCharCode(e))).join("")),m=class e{static _randomWord(){const e=new Uint32Array(1);return crypto.getRandomValues(e),e[0]}static generateUUIDv4(){const t=f.replace(/[018]/g,(t=>(+t^e._randomWord()&15>>+t/4).toString(16)));return t.replace(/-/g,"")}static generateCodeVerifier(){return e.generateUUIDv4()+e.generateUUIDv4()+e.generateUUIDv4()}static async generateCodeChallenge(e){if(!crypto.subtle)throw new Error("Crypto.subtle is available only in secure contexts (HTTPS).");try{const t=new TextEncoder,r=t.encode(e),s=await crypto.subtle.digest("SHA-256",r);return w(s).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"")}catch(t){throw p.error("CryptoUtils.generateCodeChallenge",t),t}}static generateBasicAuth(e,t){const r=new TextEncoder,s=r.encode([e,t].join(":"));return w(s)}static async hash(e,t){const r=(new TextEncoder).encode(t),s=await crypto.subtle.digest(e,r);return new Uint8Array(s)}static async customCalculateJwkThumbprint(t){let r;switch(t.kty){case"RSA":r={e:t.e,kty:t.kty,n:t.n};break;case"EC":r={crv:t.crv,kty:t.kty,x:t.x,y:t.y};break;case"OKP":r={crv:t.crv,kty:t.kty,x:t.x};break;case"oct":r={crv:t.k,kty:t.kty};break;default:throw new Error("Unknown jwk type")}const s=await e.hash("SHA-256",JSON.stringify(r));return e.encodeBase64Url(s)}static async generateDPoPProof({url:t,accessToken:r,httpMethod:s,keyPair:n,nonce:i}){let o,a;const c={jti:window.crypto.randomUUID(),htm:null!=s?s:"GET",htu:t,iat:Math.floor(Date.now()/1e3)};r&&(o=await e.hash("SHA-256",r),a=e.encodeBase64Url(o),c.ath=a),i&&(c.nonce=i);try{const e=await crypto.subtle.exportKey("jwk",n.publicKey),t={alg:"ES256",typ:"dpop+jwt",jwk:{crv:e.crv,kty:e.kty,x:e.x,y:e.y}};return await _.generateSignedJwt(t,c,n.privateKey)}catch(u){throw u instanceof TypeError?new Error(`Error exporting dpop public key: ${u.message}`):u}}static async generateDPoPJkt(t){try{const r=await crypto.subtle.exportKey("jwk",t.publicKey);return await e.customCalculateJwkThumbprint(r)}catch(r){throw r instanceof TypeError?new Error(`Could not retrieve dpop keys from storage: ${r.message}`):r}}static async generateDPoPKeys(){return await window.crypto.subtle.generateKey({name:"ECDSA",namedCurve:"P-256"},!1,["sign","verify"])}};m.encodeBase64Url=e=>w(e).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_");var v=m,y=class{constructor(e){this._name=e,this._callbacks=[],this._logger=new p(`Event('${this._name}')`)}addHandler(e){return this._callbacks.push(e),()=>this.removeHandler(e)}removeHandler(e){const t=this._callbacks.lastIndexOf(e);t>=0&&this._callbacks.splice(t,1)}async raise(...e){this._logger.debug("raise:",...e);for(const t of this._callbacks)await t(...e)}},k=class{static center({...e}){var t;return null==e.width&&(e.width=null!=(t=[800,720,600,480].find((e=>e<=window.outerWidth/1.618)))?t:360),null!=e.left||(e.left=Math.max(0,Math.round(window.screenX+(window.outerWidth-e.width)/2))),null!=e.height&&(null!=e.top||(e.top=Math.max(0,Math.round(window.screenY+(window.outerHeight-e.height)/2)))),e}static serialize(e){return Object.entries(e).filter((([,e])=>null!=e)).map((([e,t])=>`${e}=${"boolean"!==typeof t?t:t?"yes":"no"}`)).join(",")}},b=class e extends y{constructor(){super(...arguments),this._logger=new p(`Timer('${this._name}')`),this._timerHandle=null,this._expiration=0,this._callback=()=>{const t=this._expiration-e.getEpochTime();this._logger.debug("timer completes in",t),this._expiration<=e.getEpochTime()&&(this.cancel(),super.raise())}}static getEpochTime(){return Math.floor(Date.now()/1e3)}init(t){const r=this._logger.create("init");t=Math.max(Math.floor(t),1);const s=e.getEpochTime()+t;if(this.expiration===s&&this._timerHandle)return void r.debug("skipping since already initialized for expiration at",this.expiration);this.cancel(),r.debug("using duration",t),this._expiration=s;const n=Math.min(t,5);this._timerHandle=setInterval(this._callback,1e3*n)}get expiration(){return this._expiration}cancel(){this._logger.create("cancel"),this._timerHandle&&(clearInterval(this._timerHandle),this._timerHandle=null)}},S=class{static readParams(e,t="query"){if(!e)throw new TypeError("Invalid URL");const r=new URL(e,"http://127.0.0.1"),s=r["fragment"===t?"hash":"search"];return new URLSearchParams(s.slice(1))}},T=";",x=class extends Error{constructor(e,t){var r,s,n;if(super(e.error_description||e.error||""),this.form=t,this.name="ErrorResponse",!e.error)throw p.error("ErrorResponse","No error passed"),new Error("No error passed");this.error=e.error,this.error_description=null!=(r=e.error_description)?r:null,this.error_uri=null!=(s=e.error_uri)?s:null,this.state=e.userState,this.session_state=null!=(n=e.session_state)?n:null,this.url_state=e.url_state}},E=class extends Error{constructor(e){super(e),this.name="ErrorTimeout"}},R=class{constructor(e){this._logger=new p("AccessTokenEvents"),this._expiringTimer=new b("Access token expiring"),this._expiredTimer=new b("Access token expired"),this._expiringNotificationTimeInSeconds=e.expiringNotificationTimeInSeconds}async load(e){const t=this._logger.create("load");if(e.access_token&&void 0!==e.expires_in){const r=e.expires_in;if(t.debug("access token present, remaining duration:",r),r>0){let e=r-this._expiringNotificationTimeInSeconds;e<=0&&(e=1),t.debug("registering expiring timer, raising in",e,"seconds"),this._expiringTimer.init(e)}else t.debug("canceling existing expiring timer because we're past expiration."),this._expiringTimer.cancel();const s=r+1;t.debug("registering expired timer, raising in",s,"seconds"),this._expiredTimer.init(s)}else this._expiringTimer.cancel(),this._expiredTimer.cancel()}async unload(){this._logger.debug("unload: canceling existing access token timers"),this._expiringTimer.cancel(),this._expiredTimer.cancel()}addAccessTokenExpiring(e){return this._expiringTimer.addHandler(e)}removeAccessTokenExpiring(e){this._expiringTimer.removeHandler(e)}addAccessTokenExpired(e){return this._expiredTimer.addHandler(e)}removeAccessTokenExpired(e){this._expiredTimer.removeHandler(e)}},U=class{constructor(e,t,r,s,n){this._callback=e,this._client_id=t,this._intervalInSeconds=s,this._stopOnError=n,this._logger=new p("CheckSessionIFrame"),this._timer=null,this._session_state=null,this._message=e=>{e.origin===this._frame_origin&&e.source===this._frame.contentWindow&&("error"===e.data?(this._logger.error("error message from check session op iframe"),this._stopOnError&&this.stop()):"changed"===e.data?(this._logger.debug("changed message from check session op iframe"),this.stop(),this._callback()):this._logger.debug(e.data+" message from check session op iframe"))};const i=new URL(r);this._frame_origin=i.origin,this._frame=window.document.createElement("iframe"),this._frame.style.visibility="hidden",this._frame.style.position="fixed",this._frame.style.left="-1000px",this._frame.style.top="0",this._frame.width="0",this._frame.height="0",this._frame.src=i.href}load(){return new Promise((e=>{this._frame.onload=()=>{e()},window.document.body.appendChild(this._frame),window.addEventListener("message",this._message,!1)}))}start(e){if(this._session_state===e)return;this._logger.create("start"),this.stop(),this._session_state=e;const t=()=>{this._frame.contentWindow&&this._session_state&&this._frame.contentWindow.postMessage(this._client_id+" "+this._session_state,this._frame_origin)};t(),this._timer=setInterval(t,1e3*this._intervalInSeconds)}stop(){this._logger.create("stop"),this._session_state=null,this._timer&&(clearInterval(this._timer),this._timer=null)}},P=class{constructor(){this._logger=new p("InMemoryWebStorage"),this._data={}}clear(){this._logger.create("clear"),this._data={}}getItem(e){return this._logger.create(`getItem('${e}')`),this._data[e]}setItem(e,t){this._logger.create(`setItem('${e}')`),this._data[e]=t}removeItem(e){this._logger.create(`removeItem('${e}')`),delete this._data[e]}get length(){return Object.getOwnPropertyNames(this._data).length}key(e){return Object.getOwnPropertyNames(this._data)[e]}},C=class extends Error{constructor(e,t){super(t),this.name="ErrorDPoPNonce",this.nonce=e}},O=class{constructor(e=[],t=null,r={}){this._jwtHandler=t,this._extraHeaders=r,this._logger=new p("JsonService"),this._contentTypes=[],this._contentTypes.push(...e,"application/json"),t&&this._contentTypes.push("application/jwt")}async fetchWithTimeout(e,t={}){const{timeoutInSeconds:r,...s}=t;if(!r)return await fetch(e,s);const n=new AbortController,i=setTimeout((()=>n.abort()),1e3*r);try{const r=await fetch(e,{...t,signal:n.signal});return r}catch(o){if(o instanceof DOMException&&"AbortError"===o.name)throw new E("Network timed out");throw o}finally{clearTimeout(i)}}async getJson(e,{token:t,credentials:r,timeoutInSeconds:s}={}){const n=this._logger.create("getJson"),i={Accept:this._contentTypes.join(", ")};let o;t&&(n.debug("token passed, setting Authorization header"),i["Authorization"]="Bearer "+t),this._appendExtraHeaders(i);try{n.debug("url:",e),o=await this.fetchWithTimeout(e,{method:"GET",headers:i,timeoutInSeconds:s,credentials:r})}catch(u){throw n.error("Network Error"),u}n.debug("HTTP response received, status",o.status);const a=o.headers.get("Content-Type");if(a&&!this._contentTypes.find((e=>a.startsWith(e)))&&n.throw(new Error(`Invalid response Content-Type: ${null!=a?a:"undefined"}, from URL: ${e}`)),o.ok&&this._jwtHandler&&(null==a?void 0:a.startsWith("application/jwt")))return await this._jwtHandler(await o.text());let c;try{c=await o.json()}catch(u){if(n.error("Error parsing JSON response",u),o.ok)throw u;throw new Error(`${o.statusText} (${o.status})`)}if(!o.ok){if(n.error("Error from server:",c),c.error)throw new x(c);throw new Error(`${o.statusText} (${o.status}): ${JSON.stringify(c)}`)}return c}async postForm(e,{body:t,basicAuth:r,timeoutInSeconds:s,initCredentials:n,extraHeaders:i}){const o=this._logger.create("postForm"),a={Accept:this._contentTypes.join(", "),"Content-Type":"application/x-www-form-urlencoded",...i};let c;void 0!==r&&(a["Authorization"]="Basic "+r),this._appendExtraHeaders(a);try{o.debug("url:",e),c=await this.fetchWithTimeout(e,{method:"POST",headers:a,body:t,timeoutInSeconds:s,credentials:n})}catch(d){throw o.error("Network error"),d}o.debug("HTTP response received, status",c.status);const u=c.headers.get("Content-Type");if(u&&!this._contentTypes.find((e=>u.startsWith(e))))throw new Error(`Invalid response Content-Type: ${null!=u?u:"undefined"}, from URL: ${e}`);const h=await c.text();let l={};if(h)try{l=JSON.parse(h)}catch(d){if(o.error("Error parsing JSON response",d),c.ok)throw d;throw new Error(`${c.statusText} (${c.status})`)}if(!c.ok){if(o.error("Error from server:",l),c.headers.has("dpop-nonce")){const e=c.headers.get("dpop-nonce");throw new C(e,`${JSON.stringify(l)}`)}if(l.error)throw new x(l,t);throw new Error(`${c.statusText} (${c.status}): ${JSON.stringify(l)}`)}return l}_appendExtraHeaders(e){const t=this._logger.create("appendExtraHeaders"),r=Object.keys(this._extraHeaders),s=["accept","content-type"],n=["authorization"];0!==r.length&&r.forEach((r=>{if(s.includes(r.toLocaleLowerCase()))return void t.warn("Protected header could not be set",r,s);if(n.includes(r.toLocaleLowerCase())&&Object.keys(e).includes(r))return void t.warn("Header could not be overridden",r,n);const i="function"===typeof this._extraHeaders[r]?this._extraHeaders[r]():this._extraHeaders[r];i&&""!==i&&(e[r]=i)}))}},I=class{constructor(e){this._settings=e,this._logger=new p("MetadataService"),this._signingKeys=null,this._metadata=null,this._metadataUrl=this._settings.metadataUrl,this._jsonService=new O(["application/jwk-set+json"],null,this._settings.extraHeaders),this._settings.signingKeys&&(this._logger.debug("using signingKeys from settings"),this._signingKeys=this._settings.signingKeys),this._settings.metadata&&(this._logger.debug("using metadata from settings"),this._metadata=this._settings.metadata),this._settings.fetchRequestCredentials&&(this._logger.debug("using fetchRequestCredentials from settings"),this._fetchRequestCredentials=this._settings.fetchRequestCredentials)}resetSigningKeys(){this._signingKeys=null}async getMetadata(){const e=this._logger.create("getMetadata");if(this._metadata)return e.debug("using cached values"),this._metadata;if(!this._metadataUrl)throw e.throw(new Error("No authority or metadataUrl configured on settings")),null;e.debug("getting metadata from",this._metadataUrl);const t=await this._jsonService.getJson(this._metadataUrl,{credentials:this._fetchRequestCredentials,timeoutInSeconds:this._settings.requestTimeoutInSeconds});return e.debug("merging remote JSON with seed metadata"),this._metadata=Object.assign({},t,this._settings.metadataSeed),this._metadata}getIssuer(){return this._getMetadataProperty("issuer")}getAuthorizationEndpoint(){return this._getMetadataProperty("authorization_endpoint")}getUserInfoEndpoint(){return this._getMetadataProperty("userinfo_endpoint")}getTokenEndpoint(e=!0){return this._getMetadataProperty("token_endpoint",e)}getCheckSessionIframe(){return this._getMetadataProperty("check_session_iframe",!0)}getEndSessionEndpoint(){return this._getMetadataProperty("end_session_endpoint",!0)}getRevocationEndpoint(e=!0){return this._getMetadataProperty("revocation_endpoint",e)}getKeysEndpoint(e=!0){return this._getMetadataProperty("jwks_uri",e)}async _getMetadataProperty(e,t=!1){const r=this._logger.create(`_getMetadataProperty('${e}')`),s=await this.getMetadata();if(r.debug("resolved"),void 0===s[e]){if(!0===t)return void r.warn("Metadata does not contain optional property");r.throw(new Error("Metadata does not contain property "+e))}return s[e]}async getSigningKeys(){const e=this._logger.create("getSigningKeys");if(this._signingKeys)return e.debug("returning signingKeys from cache"),this._signingKeys;const t=await this.getKeysEndpoint(!1);e.debug("got jwks_uri",t);const r=await this._jsonService.getJson(t,{timeoutInSeconds:this._settings.requestTimeoutInSeconds});if(e.debug("got key set",r),!Array.isArray(r.keys))throw e.throw(new Error("Missing keys on keyset")),null;return this._signingKeys=r.keys,this._signingKeys}},A=class{constructor({prefix:e="oidc.",store:t=localStorage}={}){this._logger=new p("WebStorageStateStore"),this._store=t,this._prefix=e}async set(e,t){this._logger.create(`set('${e}')`),e=this._prefix+e,await this._store.setItem(e,t)}async get(e){this._logger.create(`get('${e}')`),e=this._prefix+e;const t=await this._store.getItem(e);return t}async remove(e){this._logger.create(`remove('${e}')`),e=this._prefix+e;const t=await this._store.getItem(e);return await this._store.removeItem(e),t}async getAllKeys(){this._logger.create("getAllKeys");const e=await this._store.length,t=[];for(let r=0;r<e;r++){const e=await this._store.key(r);e&&0===e.indexOf(this._prefix)&&t.push(e.substr(this._prefix.length))}return t}},N="code",j="openid",M="client_secret_post",L=900,q=class{constructor({authority:e,metadataUrl:t,metadata:r,signingKeys:s,metadataSeed:n,client_id:i,client_secret:o,response_type:a=N,scope:c=j,redirect_uri:u,post_logout_redirect_uri:h,client_authentication:l=M,prompt:d,display:g,max_age:p,ui_locales:_,acr_values:f,resource:w,response_mode:m,filterProtocolClaims:v=!0,loadUserInfo:y=!1,requestTimeoutInSeconds:k,staleStateAgeInSeconds:b=L,mergeClaimsStrategy:S={array:"replace"},disablePKCE:T=!1,stateStore:x,revokeTokenAdditionalContentTypes:E,fetchRequestCredentials:R,refreshTokenAllowedScope:U,extraQueryParams:C={},extraTokenParams:O={},extraHeaders:I={},dpop:q,omitScopeWhenRequesting:D=!1}){var B;if(this.authority=e,t?this.metadataUrl=t:(this.metadataUrl=e,e&&(this.metadataUrl.endsWith("/")||(this.metadataUrl+="/"),this.metadataUrl+=".well-known/openid-configuration")),this.metadata=r,this.metadataSeed=n,this.signingKeys=s,this.client_id=i,this.client_secret=o,this.response_type=a,this.scope=c,this.redirect_uri=u,this.post_logout_redirect_uri=h,this.client_authentication=l,this.prompt=d,this.display=g,this.max_age=p,this.ui_locales=_,this.acr_values=f,this.resource=w,this.response_mode=m,this.filterProtocolClaims=null==v||v,this.loadUserInfo=!!y,this.staleStateAgeInSeconds=b,this.mergeClaimsStrategy=S,this.omitScopeWhenRequesting=D,this.disablePKCE=!!T,this.revokeTokenAdditionalContentTypes=E,this.fetchRequestCredentials=R||"same-origin",this.requestTimeoutInSeconds=k,x)this.stateStore=x;else{const e="undefined"!==typeof window?window.localStorage:new P;this.stateStore=new A({store:e})}if(this.refreshTokenAllowedScope=U,this.extraQueryParams=C,this.extraTokenParams=O,this.extraHeaders=I,this.dpop=q,this.dpop&&!(null==(B=this.dpop)?void 0:B.store))throw new Error("A DPoPStore is required when dpop is enabled")}},D=class{constructor(e,t){this._settings=e,this._metadataService=t,this._logger=new p("UserInfoService"),this._getClaimsFromJwt=async e=>{const t=this._logger.create("_getClaimsFromJwt");try{const r=_.decode(e);return t.debug("JWT decoding successful"),r}catch(r){throw t.error("Error parsing JWT response"),r}},this._jsonService=new O(void 0,this._getClaimsFromJwt,this._settings.extraHeaders)}async getClaims(e){const t=this._logger.create("getClaims");e||this._logger.throw(new Error("No token passed"));const r=await this._metadataService.getUserInfoEndpoint();t.debug("got userinfo url",r);const s=await this._jsonService.getJson(r,{token:e,credentials:this._settings.fetchRequestCredentials,timeoutInSeconds:this._settings.requestTimeoutInSeconds});return t.debug("got claims",s),s}},B=class{constructor(e,t){this._settings=e,this._metadataService=t,this._logger=new p("TokenClient"),this._jsonService=new O(this._settings.revokeTokenAdditionalContentTypes,null,this._settings.extraHeaders)}async exchangeCode({grant_type:e="authorization_code",redirect_uri:t=this._settings.redirect_uri,client_id:r=this._settings.client_id,client_secret:s=this._settings.client_secret,extraHeaders:n,...i}){const o=this._logger.create("exchangeCode");r||o.throw(new Error("A client_id is required")),t||o.throw(new Error("A redirect_uri is required")),i.code||o.throw(new Error("A code is required"));const a=new URLSearchParams({grant_type:e,redirect_uri:t});for(const[l,d]of Object.entries(i))null!=d&&a.set(l,d);let c;switch(this._settings.client_authentication){case"client_secret_basic":if(void 0===s||null===s)throw o.throw(new Error("A client_secret is required")),null;c=v.generateBasicAuth(r,s);break;case"client_secret_post":a.append("client_id",r),s&&a.append("client_secret",s);break}const u=await this._metadataService.getTokenEndpoint(!1);o.debug("got token endpoint");const h=await this._jsonService.postForm(u,{body:a,basicAuth:c,timeoutInSeconds:this._settings.requestTimeoutInSeconds,initCredentials:this._settings.fetchRequestCredentials,extraHeaders:n});return o.debug("got response"),h}async exchangeCredentials({grant_type:e="password",client_id:t=this._settings.client_id,client_secret:r=this._settings.client_secret,scope:s=this._settings.scope,...n}){const i=this._logger.create("exchangeCredentials");t||i.throw(new Error("A client_id is required"));const o=new URLSearchParams({grant_type:e});this._settings.omitScopeWhenRequesting||o.set("scope",s);for(const[h,l]of Object.entries(n))null!=l&&o.set(h,l);let a;switch(this._settings.client_authentication){case"client_secret_basic":if(void 0===r||null===r)throw i.throw(new Error("A client_secret is required")),null;a=v.generateBasicAuth(t,r);break;case"client_secret_post":o.append("client_id",t),r&&o.append("client_secret",r);break}const c=await this._metadataService.getTokenEndpoint(!1);i.debug("got token endpoint");const u=await this._jsonService.postForm(c,{body:o,basicAuth:a,timeoutInSeconds:this._settings.requestTimeoutInSeconds,initCredentials:this._settings.fetchRequestCredentials});return i.debug("got response"),u}async exchangeRefreshToken({grant_type:e="refresh_token",client_id:t=this._settings.client_id,client_secret:r=this._settings.client_secret,timeoutInSeconds:s,extraHeaders:n,...i}){const o=this._logger.create("exchangeRefreshToken");t||o.throw(new Error("A client_id is required")),i.refresh_token||o.throw(new Error("A refresh_token is required"));const a=new URLSearchParams({grant_type:e});for(const[l,d]of Object.entries(i))Array.isArray(d)?d.forEach((e=>a.append(l,e))):null!=d&&a.set(l,d);let c;switch(this._settings.client_authentication){case"client_secret_basic":if(void 0===r||null===r)throw o.throw(new Error("A client_secret is required")),null;c=v.generateBasicAuth(t,r);break;case"client_secret_post":a.append("client_id",t),r&&a.append("client_secret",r);break}const u=await this._metadataService.getTokenEndpoint(!1);o.debug("got token endpoint");const h=await this._jsonService.postForm(u,{body:a,basicAuth:c,timeoutInSeconds:s,initCredentials:this._settings.fetchRequestCredentials,extraHeaders:n});return o.debug("got response"),h}async revoke(e){var t;const r=this._logger.create("revoke");e.token||r.throw(new Error("A token is required"));const s=await this._metadataService.getRevocationEndpoint(!1);r.debug(`got revocation endpoint, revoking ${null!=(t=e.token_type_hint)?t:"default token type"}`);const n=new URLSearchParams;for(const[i,o]of Object.entries(e))null!=o&&n.set(i,o);n.set("client_id",this._settings.client_id),this._settings.client_secret&&n.set("client_secret",this._settings.client_secret),await this._jsonService.postForm(s,{body:n,timeoutInSeconds:this._settings.requestTimeoutInSeconds}),r.debug("got response")}},F=class{constructor(e,t,r){this._settings=e,this._metadataService=t,this._claimsService=r,this._logger=new p("ResponseValidator"),this._userInfoService=new D(this._settings,this._metadataService),this._tokenClient=new B(this._settings,this._metadataService)}async validateSigninResponse(e,t,r){const s=this._logger.create("validateSigninResponse");this._processSigninState(e,t),s.debug("state processed"),await this._processCode(e,t,r),s.debug("code processed"),e.isOpenId&&this._validateIdTokenAttributes(e),s.debug("tokens validated"),await this._processClaims(e,null==t?void 0:t.skipUserInfo,e.isOpenId),s.debug("claims processed")}async validateCredentialsResponse(e,t){const r=this._logger.create("validateCredentialsResponse");e.isOpenId&&e.id_token&&this._validateIdTokenAttributes(e),r.debug("tokens validated"),await this._processClaims(e,t,e.isOpenId),r.debug("claims processed")}async validateRefreshResponse(e,t){const r=this._logger.create("validateRefreshResponse");e.userState=t.data,null!=e.session_state||(e.session_state=t.session_state),null!=e.scope||(e.scope=t.scope),e.isOpenId&&e.id_token&&(this._validateIdTokenAttributes(e,t.id_token),r.debug("ID Token validated")),e.id_token||(e.id_token=t.id_token,e.profile=t.profile);const s=e.isOpenId&&!!e.id_token;await this._processClaims(e,!1,s),r.debug("claims processed")}validateSignoutResponse(e,t){const r=this._logger.create("validateSignoutResponse");if(t.id!==e.state&&r.throw(new Error("State does not match")),r.debug("state validated"),e.userState=t.data,e.error)throw r.warn("Response was error",e.error),new x(e)}_processSigninState(e,t){const r=this._logger.create("_processSigninState");if(t.id!==e.state&&r.throw(new Error("State does not match")),t.client_id||r.throw(new Error("No client_id on state")),t.authority||r.throw(new Error("No authority on state")),this._settings.authority!==t.authority&&r.throw(new Error("authority mismatch on settings vs. signin state")),this._settings.client_id&&this._settings.client_id!==t.client_id&&r.throw(new Error("client_id mismatch on settings vs. signin state")),r.debug("state validated"),e.userState=t.data,e.url_state=t.url_state,null!=e.scope||(e.scope=t.scope),e.error)throw r.warn("Response was error",e.error),new x(e);t.code_verifier&&!e.code&&r.throw(new Error("Expected code in response"))}async _processClaims(e,t=!1,r=!0){const s=this._logger.create("_processClaims");if(e.profile=this._claimsService.filterProtocolClaims(e.profile),t||!this._settings.loadUserInfo||!e.access_token)return void s.debug("not loading user info");s.debug("loading user info");const n=await this._userInfoService.getClaims(e.access_token);s.debug("user info claims received from user info endpoint"),r&&n.sub!==e.profile.sub&&s.throw(new Error("subject from UserInfo response does not match subject in ID Token")),e.profile=this._claimsService.mergeClaims(e.profile,this._claimsService.filterProtocolClaims(n)),s.debug("user info claims received, updated profile:",e.profile)}async _processCode(e,t,r){const s=this._logger.create("_processCode");if(e.code){s.debug("Validating code");const n=await this._tokenClient.exchangeCode({client_id:t.client_id,client_secret:t.client_secret,code:e.code,redirect_uri:t.redirect_uri,code_verifier:t.code_verifier,extraHeaders:r,...t.extraTokenParams});Object.assign(e,n)}else s.debug("No code to process")}_validateIdTokenAttributes(e,t){var r;const s=this._logger.create("_validateIdTokenAttributes");s.debug("decoding ID Token JWT");const n=_.decode(null!=(r=e.id_token)?r:"");if(n.sub||s.throw(new Error("ID Token is missing a subject claim")),t){const e=_.decode(t);n.sub!==e.sub&&s.throw(new Error("sub in id_token does not match current sub")),n.auth_time&&n.auth_time!==e.auth_time&&s.throw(new Error("auth_time in id_token does not match original auth_time")),n.azp&&n.azp!==e.azp&&s.throw(new Error("azp in id_token does not match original azp")),!n.azp&&e.azp&&s.throw(new Error("azp not in id_token, but present in original id_token"))}e.profile=n}},H=class e{constructor(e){this.id=e.id||v.generateUUIDv4(),this.data=e.data,e.created&&e.created>0?this.created=e.created:this.created=b.getEpochTime(),this.request_type=e.request_type,this.url_state=e.url_state}toStorageString(){return new p("State").create("toStorageString"),JSON.stringify({id:this.id,data:this.data,created:this.created,request_type:this.request_type,url_state:this.url_state})}static fromStorageString(t){return p.createStatic("State","fromStorageString"),Promise.resolve(new e(JSON.parse(t)))}static async clearStaleState(t,r){const s=p.createStatic("State","clearStaleState"),n=b.getEpochTime()-r,i=await t.getAllKeys();s.debug("got keys",i);for(let a=0;a<i.length;a++){const r=i[a],c=await t.get(r);let u=!1;if(c)try{const t=await e.fromStorageString(c);s.debug("got item from key:",r,t.created),t.created<=n&&(u=!0)}catch(o){s.error("Error parsing state for key:",r,o),u=!0}else s.debug("no item in storage for key:",r),u=!0;u&&(s.debug("removed item for key:",r),t.remove(r))}}},K=class e extends H{constructor(e){super(e),this.code_verifier=e.code_verifier,this.code_challenge=e.code_challenge,