UNPKG

@kinde-oss/kinde-auth-react

Version:

Kinde React SDK for authentication

kinde.com

kinde-oss/kinde-auth-react

2 lines (1 loc) 22.5 kB
1
2
"use strict";var H=(e=>(e.email="email",e.profile="profile",e.openid="openid",e.offline_access="offline",e))(H||{}),O=(e=>(e.none="none",e.create="create",e.login="login",e))(O||{}),V=(e=>(e.organizationDetails="organization_details",e.organizationMembers="organization_members",e.organizationPlanDetails="organization_plan_details",e.organizationPaymentDetails="organization_payment_details",e.organizationPlanSelection="organization_plan_selection",e.paymentDetails="payment_details",e.planSelection="plan_selection",e.planDetails="plan_details",e.profile="profile",e))(V||{}),G=(e=>(e.organizationDetails="organization_details",e.organizationMembers="organization_members",e.organizationPlanDetails="organization_plan_details",e.organizationPaymentDetails="organization_payment_details",e.organizationPlanSelection="organization_plan_selection",e.profile="profile",e))(G||{}),P=(e=>(e.logout="logout",e.login="login",e.register="registration",e.token="token",e.profile="profile",e))(P||{}),y=(e=>(e[e.refreshToken=0]="refreshToken",e[e.cookie=1]="cookie",e))(y||{});const N=e=>{const r=o=>btoa(o).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,"");if(e instanceof ArrayBuffer){const o=new Uint8Array(e),a=String.fromCharCode(...o);return r(a)}const t=new TextEncoder().encode(e),n=String.fromCharCode(...t);return r(n)},A=(e=28)=>{if(crypto){const r=new Uint8Array(e/2);return crypto.getRandomValues(r),Array.from(r,ae).join("")}else return ie(e)};function ae(e){return e.toString(16).padStart(2,"0")}function ie(e=28){const r="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";let t="";const n=r.length;for(let o=0;o<e;o++)t+=r.charAt(Math.floor(Math.random()*n));return t}const ce=e=>{e=e.split("?")[1];const r=new URLSearchParams(e);return{accessToken:r.get("access_token"),idToken:r.get("id_token"),expiresIn:+(r.get("expires_in")||0)}},E=e=>e.replace(/\/$/,""),J=(e,r=!1)=>{const t=Array.isArray(e.audience)?e.audience.join(" "):e.audience||"",n={login_hint:e.loginHint,is_create_org:e.isCreateOrg?.toString(),connection_id:e.connectionId,redirect_uri:e.redirectURL?r?e.redirectURL:E(e.redirectURL):void 0,audience:t,scope:e.scope?.join(" ")||"email profile openid offline",prompt:e.prompt,lang:e.lang,org_code:e.orgCode,org_name:e.orgName,has_success_page:e.hasSuccessPage?.toString(),workflow_deployment_id:e.workflowDeploymentId,supports_reauth:e.supportsReauth?.toString(),plan_interest:e.planInterest,pricing_table_key:e.pricingTableKey,pages_mode:e.pagesMode};return Object.keys(n).forEach(o=>n[o]===void 0&&delete n[o]),n},F=e=>typeof e!="object"||e===null?e:Array.isArray(e)?e.map(r=>F(r)):Object.fromEntries(Object.entries(e).map(([r,t])=>[r.replace(/_([a-z])/g,(n,o)=>o.toUpperCase()),F(t)])),le=["utm_source","utm_medium","utm_campaign","utm_content","utm_term","gclid","click_id","hsa_acc","hsa_cam","hsa_grp","hsa_ad","hsa_src","hsa_tgt","hsa_kw","hsa_mt","hsa_net","hsa_ver","match_type","keyword","device","ad_group_id","campaign_id","creative","network","ad_position","fbclid","li_fat_id","msclkid","twclid","ttclid"],ue=async(e,r=P.login,t,n)=>{const o=`${e}/oauth2/auth`,a=T();if(t.reauthState)try{const u=F(JSON.parse(atob(t.reauthState)));t={...t,...u},delete t.reauthState}catch(u){const m=u instanceof Error?u.message:"Unknown error";throw new Error(`Error handing reauth state: ${m}`)}if(!t.clientId)throw new Error("Error generating auth URL: Client ID missing");const i={client_id:t.clientId,response_type:t.responseType||"code",...J(t,n?.disableUrlSanitization)};t.state||(t.state=A(32)),a&&a.setSessionItem(s.state,t.state),i.state=t.state,t.nonce||(t.nonce=A(16)),i.nonce=t.nonce,a&&a.setSessionItem(s.nonce,t.nonce);let f="";if(t.codeChallenge)i.code_challenge=t.codeChallenge;else{const{codeVerifier:u,codeChallenge:m}=await fe();f=u,a&&a.setSessionItem(s.codeVerifier,u),i.code_challenge=m}i.code_challenge_method="S256",t.codeChallengeMethod&&(i.code_challenge_method=t.codeChallengeMethod),!t.prompt&&r===P.register&&(i.prompt=O.create),t.properties&&Object.keys(t.properties).forEach(u=>{if(!le.includes(u)){console.warn("Unsupported Property for url generation: ",u);return}const m=t.properties?.[u];m!==void 0&&(i[u]=m)});const l=new URLSearchParams(i).toString();return{url:new URL(`${o}?${l}`),state:i.state,nonce:i.nonce,codeChallenge:i.code_challenge,codeVerifier:f}};async function fe(){const e=A(52),r=new TextEncoder().encode(e);let t="";if(!crypto)t=N(btoa(e));else{const n=await crypto.subtle.digest("SHA-256",r);t=N(n)}return{codeVerifier:e,codeChallenge:t}}let x;function M(e,r){if(C(),typeof window>"u")throw new Error("setRefreshTimer requires a browser environment");if(e<=0)throw new Error("Timer duration must be positive");x=window.setTimeout(r,Math.min(e*1e3-1e4,864e5))}function C(){x!==void 0&&(window.clearTimeout(x),x=void 0)}const v={framework:"",frameworkVersion:"",sdkVersion:""},B=async()=>{await T()?.removeItems(s.state,s.nonce,s.codeVerifier)},W=()=>`${v.framework}/${v.sdkVersion}/${v.frameworkVersion}/Javascript`,de=async({urlParams:e,domain:r,clientId:t,redirectURL:n,autoRefresh:o=!1,onRefresh:a})=>{const i=e.get("state"),f=e.get("code");if(!i||!f)return console.error("Invalid state or code"),{success:!1,error:"Invalid state or code"};const l=T();if(!l)return console.error("No active storage found"),{success:!1,error:"Authentication storage is not initialized"};(!v.framework||!v.frameworkVersion)&&console.warn("Framework and version not set. Please set the framework and version in the config object");const u=await l.getSessionItem(s.state);if(i!==u)return console.error("Invalid state"),{success:!1,error:`Invalid state; supplied ${i}, expected ${u}`};const m=await l.getSessionItem(s.codeVerifier);if(m===null)return console.error("Code verifier not found"),{success:!1,error:"Code verifier not found"};const _={"Content-type":"application/x-www-form-urlencoded; charset=UTF-8"};v.framework&&(_["Kinde-SDK"]=W());const b={method:"POST",...!c.useInsecureForRefreshToken&&$(r)?{credentials:"include"}:{},headers:new Headers(_),body:new URLSearchParams({client_id:t,code:f,code_verifier:m,grant_type:"authorization_code",redirect_uri:n})};let g;C();try{if(g=await fetch(`${r}/oauth2/token`,b),!g?.ok){const w=await g.text();return console.error("Token exchange failed:",g.status,w),{success:!1,error:`Token exchange failed: ${g.status} - ${w}`}}}catch(w){return B(),console.error("Token exchange failed:",w),{success:!1,error:`Token exchange failed: ${w}`}}const d=await g.json(),K=k();K&&K.setItems({[s.accessToken]:d.access_token,[s.idToken]:d.id_token,[s.refreshToken]:d.refresh_token}),(c.useInsecureForRefreshToken||!$(r))&&l.setSessionItem(s.refreshToken,d.refresh_token),o&&M(d.expires_in,async()=>{I({domain:r,clientId:t,onRefresh:a})}),B();const se=(w=>(w.search="",w))(new URL(window.location.toString()));return window.history.replaceState(window.history.state,"",se),!d.access_token||!d.id_token||!d.refresh_token?{success:!1,error:"No access token received"}:{success:!0,[s.accessToken]:d.access_token,[s.idToken]:d.id_token,[s.refreshToken]:d.refresh_token}};function me(e){const r=document.cookie.split("; ").find(t=>t.startsWith(`${e}=`));if(!r)return null;try{const t=r.split("=")[1];return t?decodeURIComponent(t):null}catch(t){return console.error(`Error parsing cookie ${e}:`,t),null}}const he="_kbrte",pe=async({domain:e,clientId:r})=>{if(!e)return{success:!1,error:"Domain is required for authentication check"};if(!r)return{success:!1,error:"Client ID is required for authentication check"};const t=$(e),n=c.useInsecureForRefreshToken;let o=null;return t&&!n&&(o=me(he)),await I({domain:e,clientId:r,refreshType:o?y.cookie:y.refreshToken})},$=e=>!e.match(/^(?:https?:\/\/)?[a-zA-Z0-9][.-a-zA-Z0-9]*\.kinde\.com$/i);function U(e,r){return r<=0?[]:e.match(new RegExp(`.{1,${r}}`,"g"))||[]}var s=(e=>(e.accessToken="accessToken",e.idToken="idToken",e.refreshToken="refreshToken",e.state="state",e.nonce="nonce",e.codeVerifier="codeVerifier",e))(s||{});class R{async setItems(r){await Promise.all(Object.entries(r).map(([t,n])=>this.setSessionItem(t,n)))}async removeItems(...r){await Promise.all(r.map(t=>this.removeSessionItem(t)))}}class ge extends R{memCache={};async destroySession(){this.memCache={}}async setSessionItem(r,t){if(await this.removeSessionItem(r),typeof t=="string"){U(t,c.maxLength).forEach((n,o)=>{this.memCache[`${c.keyPrefix}${r}${o}`]=n});return}this.memCache[`${c.keyPrefix}${String(r)}0`]=t}async getSessionItem(r){if(this.memCache[`${c.keyPrefix}${String(r)}0`]===void 0)return null;let t="",n=0,o=`${c.keyPrefix}${String(r)}${n}`;for(;this.memCache[o]!==void 0;)t+=this.memCache[o],n++,o=`${c.keyPrefix}${String(r)}${n}`;return t}async removeSessionItem(r){for(const t in this.memCache)t.startsWith(`${c.keyPrefix}${String(r)}`)&&delete this.memCache[t]}}function L(e){return new Promise((r,t)=>{chrome.storage.local.get([e],function(n){chrome.runtime.lastError?t(void 0):r(n[e])})})}class we extends R{async destroySession(){await chrome.storage.local.clear()}async setSessionItem(r,t){if(await this.removeSessionItem(r),typeof t=="string"){U(t,c.maxLength).forEach(async(n,o)=>{await chrome.storage.local.set({[`${c.keyPrefix}${r}${o}`]:n})});return}await chrome.storage.local.set({[`${c.keyPrefix}${r}0`]:t})}async getSessionItem(r){let t="",n=0,o=`${c.keyPrefix}${String(r)}${n}`;for(;await L(`${c.keyPrefix}${String(r)}${n}`)!==void 0;)t+=await L(o),n++,o=`${c.keyPrefix}${String(r)}${n}`;return t}async removeSessionItem(r){let t=0;for(;await L(`${c.keyPrefix}${String(r)}${t}`)!==void 0;)await chrome.storage.local.remove(`${c.keyPrefix}${String(r)}${t}`),t++}}class ye extends R{constructor(){super(),c.useInsecureForRefreshToken&&console.warn("LocalStorage store should not be used in production")}internalItems=new Set;async destroySession(){this.internalItems.forEach(r=>{this.removeSessionItem(r)})}async setSessionItem(r,t){if(await this.removeSessionItem(r),this.internalItems.add(r),typeof t=="string"){U(t,c.maxLength).forEach((n,o)=>{localStorage.setItem(`${c.keyPrefix}${r}${o}`,n)});return}localStorage.setItem(`${c.keyPrefix}${r}0`,t)}async getSessionItem(r){if(localStorage.getItem(`${c.keyPrefix}${r}0`)===null)return null;let t="",n=0,o=`${c.keyPrefix}${String(r)}${n}`;for(;localStorage.getItem(o)!==null;)t+=localStorage.getItem(o),n++,o=`${c.keyPrefix}${String(r)}${n}`;return t}async removeSessionItem(r){let t=0;for(;localStorage.getItem(`${c.keyPrefix}${String(r)}${t}`)!==null;)localStorage.removeItem(`${c.keyPrefix}${String(r)}${t}`),t++;this.internalItems.delete(r)}}const c={keyPrefix:"kinde-",maxLength:2e3,useInsecureForRefreshToken:!1},Z=(e,r)=>{if(Array.isArray(e)&&Array.isArray(r))return Array.from(new Set([...e,...r]));if(e&&typeof e=="object"&&r&&typeof r=="object"){const t={...e};for(const n of Object.keys(r))n in t?t[n]=Z(t[n],r[n]):t[n]=r[n];return t}return r};async function D(e){const r=k();if(!r)throw new Error("No active storage found.");const t=await r.getSessionItem(s.accessToken);if(!t)throw new Error("Authentication token not found.");const n=await z("iss");if(!n?.value)throw new Error("Domain (iss claim) not found.");let o;try{o=await fetch(`${n.value}/${e}`,{method:"GET",headers:{Authorization:`Bearer ${t}`,"Content-Type":"application/json"}})}catch(a){throw new Error(`Failed to fetch from ${n.value}/${e}: ${a}`)}if(!o.ok)throw new Error(`API request failed with status ${o.status}`);return await o.json()}const S=async({url:e})=>{let r=[],t=await D(e);if(r=t.data,t.metadata?.has_more){let n=t.metadata.next_page_starting_after;for(;t.metadata.has_more;)t=await D(`${e}?starting_after=${n}`),r=Z(r,t.data),n=t.metadata.next_page_starting_after}return r},Q=async e=>{if(e?.forceApi){const n=await S({url:"account_api/v1/permissions"});return{orgCode:n.org_code,permissions:n.permissions?.map(o=>o.key)||[]}}const r=await h();if(!r)return{orgCode:null,permissions:[]};const t=r.permissions||r["x-hasura-permissions"]||[];return{orgCode:r.org_code||r["x-hasura-org-code"],permissions:t}},ke=e=>typeof e=="object"&&e!==null&&"permission"in e&&"condition"in e,X=async e=>{if(!e||!e.permissions||e?.permissions?.length===0)return!0;const{permissions:r}=e;let t;try{t=await Q({forceApi:e.forceApi})}catch(n){return console.error("[hasPermissions] Error getting permissions",n),!1}return(await Promise.all(r.map(async n=>ke(n)?t.permissions.find(o=>o===n.permission)?await n.condition({permissionKey:n.permission,orgCode:t.orgCode}):!1:!!t.permissions.find(o=>o===n)))).every(n=>n===!0)},Y=async e=>{const r=await z("roles");if(e?.forceApi||!r?.value)return(await S({url:"account_api/v1/roles"})).roles?.map(n=>({id:n.id,name:n.name,key:n.key}))||[];const t=await h();return t?!t.roles&&!t["x-hasura-roles"]?(console.warn("No roles found in token, ensure roles have been included in the token customisation within the application settings"),[]):t.roles||t["x-hasura-roles"]:[]},_e=e=>typeof e=="object"&&e!==null&&"role"in e&&"condition"in e,ee=async e=>{if(!e||!e.roles||e?.roles?.length===0)return!0;const{roles:r}=e;let t;try{t=await Y({forceApi:e.forceApi})}catch(n){return console.error("[hasRoles] Error getting roles",n),!1}return(await Promise.all(r.map(async n=>{if(_e(n)){const o=t.find(a=>a.key===n.role);return o?await n.condition(o):!1}else return t.map(o=>o.key).includes(n)}))).every(n=>n===!0)},ve=async e=>{if(e?.forceApi)return(await S({url:"account_api/v1/feature_flags"})).feature_flags?.map(n=>({key:n.key,value:n.value,type:n.type}))||[];const r=await h();if(!r)return null;const t=r.feature_flags||r["x-hasura-feature-flags"];return t?Object.entries(t).map(([n,o])=>({key:n,value:o.v,type:o.t})):null},$e=e=>typeof e=="object"&&e!==null&&"flag"in e&&"value"in e,re=async e=>{if(!e||!e.featureFlags||e?.featureFlags?.length===0)return!0;const{featureFlags:r}=e;let t;try{t=await ve({forceApi:e.forceApi})}catch(n){return console.error("[hasFeatureFlags] Error getting feature flags",n),!1}return r.map(n=>{if($e(n)){const o=t?.find(a=>a.key===n.flag);return o!==void 0&&o.value===n.value}else return t?.find(o=>o.key===n)!==void 0}).every(n=>n===!0)},te=async()=>{const e=await S({url:"account_api/v1/entitlements"});return{orgCode:e.org_code,plans:e.plans?.map(r=>({key:r.key,subscribedOn:r.subscribed_on}))||[],entitlements:e.entitlements?.map(r=>({id:r.id,fixedCharge:r.fixed_charge,priceName:r.price_name,unitAmount:r.unit_amount,featureKey:r.feature_key,featureName:r.feature_name,entitlementLimitMax:r.entitlement_limit_max,entitlementLimitMin:r.entitlement_limit_min}))||[]}},Se=e=>typeof e=="object"&&e!==null&&"entitlement"in e&&"condition"in e,ne=async e=>{if(!e||!e.billingEntitlements||e?.billingEntitlements?.length===0)return!0;const{billingEntitlements:r}=e;let t;try{t=await te()}catch(n){return console.error("[hasBillingEntitlements] Error getting entitlements",n),!1}return(await Promise.all(r.map(async n=>{if(Se(n)){const o=t.entitlements.find(a=>a.priceName===n.entitlement);return o?await n.condition(o):!1}else return t.entitlements.map(o=>o.priceName).includes(n)}))).every(n=>n===!0)},j=e=>e!==void 0&&typeof e=="object",Ie=async e=>{const r=[];return e.roles&&r.push(ee({roles:e.roles,forceApi:j(e.forceApi)?e.forceApi.roles:e.forceApi})),e.permissions&&r.push(X({permissions:e.permissions,forceApi:j(e.forceApi)?e.forceApi.permissions:e.forceApi})),e.featureFlags&&r.push(re({featureFlags:e.featureFlags,forceApi:j(e.forceApi)?e.forceApi.featureFlags:e.forceApi})),e.billingEntitlements&&r.push(ne({billingEntitlements:e.billingEntitlements})),(await Promise.all(r)).every(Boolean)};function Te(e,r){if(!e)return null;const t=e.split(".");if(t.length!==3)return null;const n=t[1].replace(/-/g,"+").replace(/_/g,"/"),o=decodeURIComponent(atob(n).split("").map(a=>"%"+("00"+a.charCodeAt(0).toString(16)).slice(-2)).join(""));return JSON.parse(o)}const h=async(e=s.accessToken)=>{const r=k();if(!r)return null;const t=await r.getSessionItem(e==="accessToken"?s.accessToken:s.idToken);if(!t)return null;const n=Te(t);return n||console.warn("No decoded token found"),n},q=async(e="accessToken")=>h(e),z=async(e,r="accessToken")=>{const t=await q(r);return t?{name:e,value:t[e]}:null},be=async()=>{const e=await h();return e?e.org_code||e["x-hasura-org-code"]:null},xe=async(e=s.accessToken)=>{const r=k();return r&&await r.getSessionItem(e==="accessToken"?s.accessToken:s.idToken)||null},Pe=async(e,r)=>{if(r?.forceApi){const o=(await S({url:"account_api/v1/feature_flags"})).feature_flags.find(a=>a.name===e);return o?o.value:null}const t=await h();if(!t)return null;const n=t.feature_flags||t["x-hasura-feature-flags"];return n?n[e]?.v??null:null},Ae=async()=>{const e=await q("idToken");if(!e)return null;const{sub:r}=e;return r?{id:e.sub,givenName:e.given_name,familyName:e.family_name,email:e.email,picture:e.picture}:(console.error("No sub in idToken"),null)},Ee=async(e,r)=>{if(r?.forceApi)return D(`account_api/v1/permission/${encodeURIComponent(e)}`);const t=await h();if(!t)return{permissionKey:e,orgCode:null,isGranted:!1};const n=t.permissions||[];return{permissionKey:e,orgCode:t.org_code,isGranted:!!n.includes(e)}},Ce=async()=>{const e=await h("idToken");return e?!e.org_codes&&!e["x-hasura-org-codes"]?(console.warn("Org codes not found in token, ensure org codes have been included in the token customisation within the application settings"),null):e.org_codes||e["x-hasura-org-codes"]:null},Ue=async e=>{try{const r=await h("accessToken");if(!r)return!1;if(!r.exp)return console.error("Token does not have an expiry"),!1;const t=r.exp<Math.floor(Date.now()/1e3);return t&&e?.useRefreshToken?(await I({domain:e.domain,clientId:e.clientId})).success:!t}catch(r){return console.error("Error checking authentication:",r),!1}},I=async({domain:e,clientId:r,refreshType:t=y.refreshToken,onRefresh:n})=>{const o=f=>(n&&n(f),f);if(!e)return o({success:!1,error:"Domain is required for token refresh"});if(!r)return o({success:!1,error:"Client ID is required for token refresh"});let a="",i;if(c.useInsecureForRefreshToken||!$(e)?i=T():i=k(),t===y.refreshToken){if(!i)return o({success:!1,error:"No active storage found"});if(a=await i.getSessionItem(s.refreshToken),!a)return o({success:!1,error:"No refresh token found"})}C();try{const f=await fetch(`${E(e)}/oauth2/token`,{method:"POST",...t===y.cookie&&{credentials:"include"},headers:{"Content-type":"application/x-www-form-urlencoded; charset=UTF-8"},body:new URLSearchParams({...t===y.refreshToken&&{refresh_token:a},grant_type:"refresh_token",client_id:r}).toString()});if(!f.ok)return o({success:!1,error:"Failed to refresh token"});const l=await f.json();if(l.access_token){const u=k();return u?(M(l.expires_in,async()=>{I({domain:e,clientId:r,refreshType:t,onRefresh:n})}),i&&(await u.setSessionItem(s.accessToken,l.access_token),l.id_token&&await u.setSessionItem(s.idToken,l.id_token),l.refresh_token&&await i.setSessionItem(s.refreshToken,l.refresh_token)),o({success:!0,[s.accessToken]:l.access_token,[s.idToken]:l.id_token,[s.refreshToken]:l.refresh_token})):o({success:!1,error:"No active storage found"})}}catch(f){return o({success:!1,error:`No access token received: ${f}`})}return o({success:!1,error:"No access token received"})},p={secure:null,insecure:null},Re=e=>{p.secure=e},k=()=>p.secure||null,ze=()=>p.secure!==null,Le=()=>{p.secure=null},je=e=>{p.insecure=e},T=()=>p.insecure||p.secure||null,Ne=()=>p.insecure!==null,Fe=()=>{p.insecure=null},De=async e=>(console.warn("Warning: generateProfileUrl is deprecated. Please use generatePortalUrl instead."),oe({domain:e.domain,returnUrl:e.returnUrl,subNav:e.subNav}));function Oe(e,r=[]){try{const t=new URL(e);return!r.includes(t.protocol)&&!!t.host}catch{return!1}}const oe=async({domain:e,returnUrl:r,subNav:t})=>{const n=k();if(!n)throw new Error("generatePortalUrl: Active storage not found");const o=await n.getSessionItem(s.accessToken);if(!o)throw new Error("generatePortalUrl: Access Token not found");if(!e||typeof e!="string"){const l=await z("iss");if(!l?.value||typeof l.value!="string")throw new Error("generatePortalUrl: Unable to determine domain from access token");e=l.value}if(!Oe(r,["ftp:","ws:"]))throw new Error("generatePortalUrl: returnUrl must be an absolute URL");const a=new URLSearchParams({subnav:t||V.profile,return_url:r}),i=await fetch(`${E(e)}/account_api/v1/portal_link?${a.toString()}`,{headers:{Authorization:`Bearer ${o}`}});if(!i.ok)throw new Error(`Failed to fetch profile URL: ${i.status} ${i.statusText}`);const f=await i.json();if(!f.url||typeof f.url!="string")throw new Error("Invalid URL received from API");try{return{url:new URL(f.url)}}catch(l){throw console.error(l),new Error(`Invalid URL format received from API: ${f.url}`)}},Ve=()=>window.self!==window.top,Me=async({url:e,popupOptions:r={},handleResult:t,forcePopup:n=!1})=>{Ve()||n?await qe({url:e,popupOptions:r,handleResult:t}):document.location=e},qe=async({url:e,popupOptions:r={},handleResult:t})=>{const{width:n=500,height:o=600,left:a=(window.screen.width-n)/2,top:i=(window.screen.height-o)/2}=r,f=window.open(e,"kinde_auth_popup",`width=${n},height=${o},left=${a},top=${i},scrollbars=yes,resizable=yes,toolbar=no,menubar=no,location=no,status=no`);if(!f)throw new Error("Popup was blocked by the browser");const l=()=>new Promise(u=>{const m=_=>{if(_.origin===window.location.origin&&_.data&&_.data.type==="KINDE_AUTH_RESULT"){window.removeEventListener("message",m);const b=new URLSearchParams;Object.entries(_.data.result).forEach(([g,d])=>{b.append(g,d)}),t?.(b).then(()=>u())}};window.addEventListener("message",m)});try{await l()}catch(u){throw new Error("Popup authentication failed: "+u)}return f},Ke={__esModule:!0,default:async()=>(await Promise.resolve().then(()=>require("./expoSecureStore-ClB_OEoC-BcoWi-4p.cjs"))).ExpoSecureStore};exports.$e=ce;exports.Ae=we;exports.Be=Ne;exports.C=T;exports.Ce=pe;exports.D=R;exports.De=Re;exports.Ee=ye;exports.F=C;exports.Fe=Ce;exports.G=M;exports.Ge=Me;exports.H=O;exports.He=Fe;exports.Ie=ge;exports.Je=Ke;exports.K=J;exports.Le=Ae;exports.M=z;exports.Me=ze;exports.N=U;exports.Ne=Ue;exports.Pe=Ie;exports.Q=H;exports.Re=Pe;exports.S=v;exports.T=$;exports.Te=ue;exports.U=A;exports.Ue=xe;exports.Ve=Le;exports.W=q;exports.X=G;exports._=y;exports._e=oe;exports.b=P;exports.be=be;exports.c=c;exports.ce=Y;exports.ge=te;exports.he=re;exports.i=s;exports.ie=X;exports.j=N;exports.je=je;exports.ke=ne;exports.m=h;exports.oe=Q;exports.q=V;exports.qe=De;exports.re=W;exports.ue=ee;exports.x=I;exports.xe=de;exports.y=k;exports.z=E;exports.ze=Ee;