UNPKG

@trimble-oss/trimble-id

Version:

Trimble Identity SDK for JavaScript/TypeScript

github.com/trimble-oss/trimble-id-sdk-docs-for-js

2 lines (1 loc) 36.5 kB
1
2
import e from"axios";import*as t from"jsrsasign";var n=function(e,t){return n=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},n(e,t)};var o=function(){return o=Object.assign||function(e){for(var t,n=1,o=arguments.length;n<o;n++)for(var i in t=arguments[n])Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i]);return e},o.apply(this,arguments)};function i(e,t,n,o){return new(n||(n=Promise))(function(i,r){function s(e){try{a(o.next(e))}catch(e){r(e)}}function c(e){try{a(o.throw(e))}catch(e){r(e)}}function a(e){var t;e.done?i(e.value):(t=e.value,t instanceof n?t:new n(function(e){e(t)})).then(s,c)}a((o=o.apply(e,t||[])).next())})}function r(e,t){var n,o,i,r={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]},s=Object.create(("function"==typeof Iterator?Iterator:Object).prototype);return s.next=c(0),s.throw=c(1),s.return=c(2),"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function c(c){return function(a){return function(c){if(n)throw new TypeError("Generator is already executing.");for(;s&&(s=0,c[0]&&(r=0)),r;)try{if(n=1,o&&(i=2&c[0]?o.return:c[0]?o.throw||((i=o.return)&&i.call(o),0):o.next)&&!(i=i.call(o,c[1])).done)return i;switch(o=0,i&&(c=[2&c[0],i.value]),c[0]){case 0:case 1:i=c;break;case 4:return r.label++,{value:c[1],done:!1};case 5:r.label++,o=c[1],c=[0];continue;case 7:c=r.ops.pop(),r.trys.pop();continue;default:if(!(i=r.trys,(i=i.length>0&&i[i.length-1])||6!==c[0]&&2!==c[0])){r=0;continue}if(3===c[0]&&(!i||c[1]>i[0]&&c[1]<i[3])){r.label=c[1];break}if(6===c[0]&&r.label<i[1]){r.label=i[1],i=c;break}if(i&&r.label<i[2]){r.label=i[2],r.ops.push(c);break}i[2]&&r.ops.pop(),r.trys.pop();continue}c=t.call(e,r)}catch(e){c=[6,e],o=0}finally{n=i=0}if(5&c[0])throw c[1];return{value:c[0]?c[1]:void 0,done:!0}}([c,a])}}}"function"==typeof SuppressedError&&SuppressedError;var s,c="RetrieveToken",a="RetrieveTokenEndpoint",u="RetrieveAuthorizationEndpoint",d="RetrieveUserInfoEndpoint",h="RetrieveTokenRevocationEndpoint",p="RetrieveEndSessionEndpoint",l="RetrieveJSONWebKeySetEndpoint",v="RetrieveIdToken",f="RetrieveRefreshToken",_="RetrieveCodeVerifier",E="RevokeRefreshToken",y="RetrieveTokenExpiry",w="GetOAuthRedirect",k="ValidateQuery",g="GetOAuthLogoutRedirect",b="ValidateCode",R="RetrieveClient",m="RetrieveKeyset",S="RetrieveClaimset",I="ClientCredentialTokenProvider",T="OpenIdEndpointProvider",C="FixedEndpointProvider",O="FixedTokenProvider",x="FixedKeysetProvider",P="RefreshableTokenProvider",U="AuthorizationCodeGrantTokenProvider",A="BearerTokenHttpClientProvider",j="OpenIdKeysetProvider",D="ValidatedClaimsetProvider",N="OnBehalfGrantTokenProvider",M="application/json",W=1e3,J=3e5,K=function(){function t(e,t){"string"==typeof e?(this._baseAddress=e,this._defaultSettings=t||{}):"object"==typeof e&&null!==e?(this._baseAddress="",this._defaultSettings=e):(this._baseAddress="",this._defaultSettings={})}return t.prototype.httpPost=function(t){return i(this,arguments,void 0,function(t,n,o){var i,s,c,a;return void 0===n&&(n=null),void 0===o&&(o={}),r(this,function(r){switch(r.label){case 0:return r.trys.push([0,2,,3]),i=this.prepareRequest(t,o),s=i.address,c=i.settings,[4,e.post(s,n,c)];case 1:return[2,r.sent().data];case 2:throw(a=r.sent()).response?new Error("Returned: ".concat(a.response.status," ").concat(JSON.stringify(a.response.data))):new Error(a.message);case 3:return[2]}})})},t.prototype.httpGet=function(t){return i(this,arguments,void 0,function(t,n){var o,i,s,c;return void 0===n&&(n={}),r(this,function(r){switch(r.label){case 0:return r.trys.push([0,2,,3]),o=this.prepareRequest(t,n),i=o.address,s=o.settings,[4,e.get(i,s)];case 1:return[2,r.sent().data];case 2:throw(c=r.sent()).response?new Error("Returned: ".concat(c.response.status," ").concat(JSON.stringify(c.response.data))):new Error(c.message);case 3:return[2]}})})},t.prototype.httpPut=function(t){return i(this,arguments,void 0,function(t,n,o){var i,s,c,a;return void 0===n&&(n=null),void 0===o&&(o={}),r(this,function(r){switch(r.label){case 0:return r.trys.push([0,2,,3]),i=this.prepareRequest(t,o),s=i.address,c=i.settings,[4,e.put(s,n,c)];case 1:return[2,r.sent().data];case 2:throw(a=r.sent()).response?new Error("Returned: ".concat(a.response.status," ").concat(JSON.stringify(a.response.data))):new Error(a.message);case 3:return[2]}})})},t.prototype.httpPatch=function(t){return i(this,arguments,void 0,function(t,n,o){var i,s,c,a;return void 0===n&&(n=null),void 0===o&&(o={}),r(this,function(r){switch(r.label){case 0:return r.trys.push([0,2,,3]),i=this.prepareRequest(t,o),s=i.address,c=i.settings,[4,e.patch(s,n,c)];case 1:return[2,r.sent().data];case 2:throw(a=r.sent()).response?new Error("Returned: ".concat(a.response.status," ").concat(JSON.stringify(a.response.data))):new Error(a.message);case 3:return[2]}})})},t.prototype.httpDelete=function(t){return i(this,arguments,void 0,function(t,n,o){var i,s,c,a;return void 0===n&&(n=null),void 0===o&&(o={}),r(this,function(r){switch(r.label){case 0:return r.trys.push([0,2,,3]),i=this.prepareRequest(t,o),s=i.address,(c=i.settings).data=n,[4,e.delete(s,c)];case 1:return[2,r.sent().data];case 2:throw(a=r.sent()).response?new Error("Returned: ".concat(a.response.status," ").concat(JSON.stringify(a.response.data))):new Error(a.message);case 3:return[2]}})})},t.prototype.httpPostJSON=function(e,t){return i(this,arguments,void 0,function(e,t,n){var o;return void 0===n&&(n={}),r(this,function(i){return o=this.combineSettings(n,{headers:{"Content-Type":M,Accept:M}}),[2,this.httpPost(e,t,o)]})})},t.prototype.httpGetJSON=function(e){return i(this,arguments,void 0,function(e,t){var n;return void 0===t&&(t={}),r(this,function(o){return n=this.combineSettings(t,{headers:{Accept:M}}),[2,this.httpGet(e,n)]})})},t.prototype.httpPutJSON=function(e,t){return i(this,arguments,void 0,function(e,t,n){var o;return void 0===n&&(n={}),r(this,function(i){return o=this.combineSettings(n,{headers:{"Content-Type":M,Accept:M}}),[2,this.httpPut(e,t,o)]})})},t.prototype.httpPatchJSON=function(e,t){return i(this,arguments,void 0,function(e,t,n){var o;return void 0===n&&(n={}),r(this,function(i){return o=this.combineSettings(n,{headers:{"Content-Type":M,Accept:M}}),[2,this.httpPatch(e,t,o)]})})},t.prototype.httpDeleteJSON=function(e){return i(this,arguments,void 0,function(e,t,n){var o;return void 0===t&&(t=null),void 0===n&&(n={}),r(this,function(i){return o=this.combineSettings(n,{headers:{"Content-Type":M,Accept:M}}),[2,this.httpDelete(e,t,o)]})})},t.prototype.httpPutFullResponse=function(t){return i(this,arguments,void 0,function(t,n,o){var i,s,c,a;return void 0===n&&(n=null),void 0===o&&(o={}),r(this,function(r){switch(r.label){case 0:return r.trys.push([0,2,,3]),i=this.prepareRequest(t,o),s=i.address,c=i.settings,[4,e.put(s,n,c)];case 1:return[2,r.sent()];case 2:throw(a=r.sent()).response?new Error("Returned: ".concat(a.response.status," ").concat(JSON.stringify(a.response.data))):new Error(a.message);case 3:return[2]}})})},t.prototype.httpPostJSONFullResponse=function(t,n){return i(this,arguments,void 0,function(t,n,i){var s,c,a,u;return void 0===i&&(i={}),r(this,function(r){switch(r.label){case 0:return r.trys.push([0,2,,3]),i.headers=o({"Content-Type":M,Accept:M},i.headers),s=this.prepareRequest(t,i),c=s.address,a=s.settings,[4,e.post(c,n,a)];case 1:return[2,r.sent()];case 2:throw(u=r.sent()).response?new Error("Returned: ".concat(u.response.status," ").concat(JSON.stringify(u.response.data))):new Error(u.message);case 3:return[2]}})})},t.prototype.httpDeleteJSONFullResponse=function(t){return i(this,arguments,void 0,function(t,n,o){var i,s,c,a;return void 0===n&&(n=null),void 0===o&&(o={}),r(this,function(r){switch(r.label){case 0:return r.trys.push([0,2,,3]),i=this.prepareRequest(t,o),s=i.address,(c=i.settings).data=n,[4,e.delete(s,c)];case 1:return[2,r.sent()];case 2:throw(a=r.sent()).response?new Error("Returned: ".concat(a.response.status," ").concat(JSON.stringify(a.response.data))):new Error(a.message);case 3:return[2]}})})},t.prototype.calculateAddress=function(e,t){return e?t?t.includes("://")?t:e+(e.endsWith("/")?"":"/")+t:e:t},t.prototype.isObject=function(e){return e&&"object"==typeof e&&!Array.isArray(e)},t.prototype.mergeDeep=function(e){for(var t,n,o=[],i=1;i<arguments.length;i++)o[i-1]=arguments[i];if(!o.length)return e;var r=o.shift();if(this.isObject(e)&&this.isObject(r))for(var s in r)this.isObject(r[s])?(e[s]||Object.assign(e,((t={})[s]={},t)),this.mergeDeep(e[s],r[s])):Object.assign(e,((n={})[s]=r[s],n));return this.mergeDeep.apply(this,function(e,t,n){if(n||2===arguments.length)for(var o,i=0,r=t.length;i<r;i++)!o&&i in t||(o||(o=Array.prototype.slice.call(t,0,i)),o[i]=t[i]);return e.concat(o||Array.prototype.slice.call(t))}([e],o,!1))},t.prototype.combineSettings=function(e,t){return this.mergeDeep(t,e)},t.prototype.prepareRequest=function(e,t){return void 0===t&&(t={}),{address:this.calculateAddress(this._baseAddress,e),settings:this.combineSettings(this._defaultSettings,t)}},t}(),V=t.KJUR||"undefined"!=typeof window&&window.KJUR,z=t.b64utoutf8||"undefined"!=typeof window&&window.b64utoutf8,G=t.KEYUTIL||"undefined"!=typeof window&&window.KEYUTIL,B=t.stob64||"undefined"!=typeof window&&window.stob64,q=t.hextob64u||"undefined"!=typeof window&&window.hextob64u;!function(e){e.INIT="INIT",e.METHOD_USAGE="METHOD",e.EXCEPTION="EXCEPTION"}(s||(s={}));var F,L=function(){function e(){}return Object.defineProperty(e,"API_KEY",{get:function(){return z(this.ENCODED_API_KEY)},enumerable:!1,configurable:!0}),Object.defineProperty(e,"CID",{get:function(){return this._cid||(this._cid=this.uuidv4()),this._cid},enumerable:!1,configurable:!0}),e.sendEvent=function(e,t){return i(this,void 0,void 0,function(){var n,o,i,s;return r(this,function(r){switch(r.label){case 0:return r.trys.push([0,2,,3]),n="/mp/collect?measurement_id=".concat(this.MEASUREMENT_ID,"&api_secret=").concat(this.API_KEY),o=this.BASE_ADDRESS+n,i={headers:{"Content-Type":"application/x-www-form-urlencoded",Accept:M}},s={client_id:this.CID,events:[{name:e,params:t}]},[4,(new K).httpPost(o,JSON.stringify(s),i)];case 1:case 2:return r.sent(),[3,3];case 3:return[2]}})})},e.sendCustomEvent=function(e,t,n,o,i,r){void 0===o&&(o=null),void 0===i&&(i=null),void 0===r&&(r=null);var s={event_type:t,client_name:o||this.SDK_NAME,client_version:i||this.SDK_VERSION,language:"js",application_id:n};r&&(s.exception_message=String(r)),this.sendEvent("".concat(e,"_").concat(t.toLowerCase()),s)},e.sendMethodEvent=function(e,t,n,o){void 0===n&&(n=null),void 0===o&&(o=null),this.sendCustomEvent(e,s.METHOD_USAGE,t,n,o)},e.sendInitEvent=function(e,t,n,o){void 0===n&&(n=null),void 0===o&&(o=null),this.sendCustomEvent(e,s.INIT,t,n,o)},e.sendExceptionEvent=function(e,t,n,o,i){void 0===o&&(o=null),void 0===i&&(i=null),this.sendCustomEvent(e,s.EXCEPTION,n,o,i,t)},e.uuidv4=function(){return"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,function(t){var n=Math.random()*e.HEX_BASE|0;return("x"===t?n:n&e.UUID_VARIANT_MASK|e.UUID_VARIANT_BITS).toString(e.HEX_BASE)})},e.BASE_ADDRESS="https://www.google-analytics.com",e.MEASUREMENT_ID="G-9DHNE789XG",e.ENCODED_API_KEY="N3dkNjB3RWVTbnVmYjhGSzZuYUhPUQ==",e.SDK_NAME="@trimble-oss/trimble-id",e.SDK_VERSION="1.0.0-beta.1",e.HEX_BASE=16,e.UUID_VARIANT_MASK=3,e.UUID_VARIANT_BITS=8,e._cid=null,e}();if("undefined"!=typeof window&&window.btoa)F=window.btoa;else try{F=require("btoa")}catch(e){F=function(e){return Buffer.from(e).toString("base64")}}var H=function(){function e(e,t,n){this._scopes=[],this._accessToken=null,this._tokenExpiry=new Date(0),this._endpointProvider=e,this._clientId=t,this._clientSecret=n,this._httpClient=new K,L.sendInitEvent(I,t)}return e.prototype.WithScopes=function(e){return this._scopes=this._scopes.concat(e),this},e.prototype.RetrieveToken=function(){return i(this,void 0,void 0,function(){var e,t,n;return r(this,function(o){switch(o.label){case 0:L.sendMethodEvent(c,this._clientId),o.label=1;case 1:return o.trys.push([1,4,,5]),this._tokenExpiry<new Date?[4,this._refreshToken()]:[3,3];case 2:o.sent(),o.label=3;case 3:if(!this._accessToken)throw new Error("Failed to retrieve access token");return[2,this._accessToken];case 4:throw e=o.sent(),L.sendExceptionEvent(c,null!==(t=e.message)&&void 0!==t?t:e,this._clientId),new Error("Unable to retrieve token: ".concat(null!==(n=e.message)&&void 0!==n?n:e));case 5:return[2]}})})},e.prototype._refreshToken=function(){return i(this,void 0,void 0,function(){var e,t,n,o,i,s,c;return r(this,function(r){switch(r.label){case 0:return[4,this._endpointProvider.RetrieveTokenEndpoint()];case 1:return e=r.sent(),t="".concat(this._clientId,":").concat(this._clientSecret),n="Basic ".concat(F(t)),o={headers:{Authorization:n,"Content-Type":"application/x-www-form-urlencoded",Accept:M}},i="grant_type=client_credentials&scope=".concat(encodeURIComponent(this._scopes.join(" "))),[4,this._httpClient.httpPost(e,i,o)];case 2:return s=r.sent(),this._accessToken=s.access_token,c=new Date,this._tokenExpiry=new Date(c.getTime()+s.expires_in*W),[2]}})})},e}(),Y=function(){function e(e,t){this._endpointProvider=e,this._clientId=t,this._httpClient=new K,L.sendInitEvent(P,t)}return e.GenerateCodeVerifier=function(){var e=V.crypto.Util.getRandomHexOfNbits(256);return q(e)},e.prototype.WithProofKeyForCodeExchange=function(e){return this._codeVerifier=e,this},e.prototype.WithConsumerSecret=function(e){return this._clientSecret=e,this},e.prototype.WithClientSecret=function(e){return this._clientSecret=e,this},e.prototype.WithAccessToken=function(e,t){return this._accessToken=e,this._tokenExpiry=t instanceof Date?t:new Date(t),this},e.prototype.WithIdToken=function(e){return this._idToken=e,this},e.prototype.WithRefreshToken=function(e){return this._refreshToken=e,this},e.prototype.WithLogoutRedirect=function(e){return this._logoutRedirectUrl=e,this},e.prototype.RetrieveToken=function(){return i(this,void 0,void 0,function(){var e,t,n,o;return r(this,function(i){switch(i.label){case 0:L.sendMethodEvent(c,this._clientId),i.label=1;case 1:return i.trys.push([1,5,,6]),e=new Date((new Date).getTime()+J),null==this._accessToken||this._isJwt(this._accessToken)&&this._jwtExpiry(this._accessToken)<e||!this._isJwt(this._accessToken)&&this._tokenExpiry&&this._tokenExpiry<e?[4,this._refreshTokenInternal()]:[3,3];case 2:if(i.sent(),this._accessToken)return[2,this._accessToken];throw new Error("Access token is null after refresh");case 3:return[2,this._accessToken];case 4:return[3,6];case 5:throw t=i.sent(),L.sendExceptionEvent(c,null!==(n=t.message)&&void 0!==n?n:t,this._clientId),new Error("Unable to retrieve token: ".concat(null!==(o=t.message)&&void 0!==o?o:t));case 6:return[2]}})})},e.prototype.RetrieveTokenExpiry=function(){return i(this,void 0,void 0,function(){return r(this,function(e){return L.sendMethodEvent(y,this._clientId),[2,Promise.resolve(this._tokenExpiry)]})})},e.prototype.RetrieveIdToken=function(){return i(this,void 0,void 0,function(){var e,t,n,o;return r(this,function(i){switch(i.label){case 0:L.sendMethodEvent(v,this._clientId),i.label=1;case 1:return i.trys.push([1,5,,6]),e=new Date((new Date).getTime()+J),null==this._idToken||this._jwtExpiry(this._idToken)<e?[4,this._refreshTokenInternal()]:[3,3];case 2:if(i.sent(),this._idToken)return[2,this._idToken];throw new Error("ID token is null after refresh");case 3:return[2,this._idToken];case 4:return[3,6];case 5:throw t=i.sent(),L.sendExceptionEvent(v,null!==(n=t.message)&&void 0!==n?n:t,this._clientId),new Error("Unable to retrieve id token: ".concat(null!==(o=t.message)&&void 0!==o?o:t));case 6:return[2]}})})},e.prototype.RetrieveRefreshToken=function(){return i(this,void 0,void 0,function(){return r(this,function(e){return L.sendMethodEvent(f,this._clientId),[2,Promise.resolve(this._refreshToken)]})})},e.prototype.RetrieveCodeVerifier=function(){return i(this,void 0,void 0,function(){return r(this,function(e){return L.sendMethodEvent(_,this._clientId),[2,Promise.resolve(this._codeVerifier)]})})},e.prototype.RevokeRefreshToken=function(){return i(this,void 0,void 0,function(){var e,t,n,o,i,s,c,a;return r(this,function(r){switch(r.label){case 0:L.sendMethodEvent(E,this._clientId),r.label=1;case 1:return r.trys.push([1,4,,5]),[4,this._endpointProvider.RetrieveTokenRevocationEndpoint()];case 2:return e=r.sent(),t={headers:{"Content-Type":"application/x-www-form-urlencoded",Accept:M}},this._clientSecret&&(n="".concat(this._clientId,":").concat(this._clientSecret),o="Basic ".concat(F(n)),t.headers&&(t.headers.Authorization=o)),i="token=".concat(encodeURIComponent(this._refreshToken),"&token_type_hint=refresh_token&client_id=").concat(encodeURIComponent(this._clientId)),this._codeVerifier&&(i="".concat(i,"&code_verifier=").concat(encodeURIComponent(this._codeVerifier))),[4,this._httpClient.httpPost(e,i,t)];case 3:return r.sent(),[2,!0];case 4:throw s=r.sent(),L.sendExceptionEvent(E,null!==(c=s.message)&&void 0!==c?c:s,this._clientId),new Error("Unable to revoke refresh token: ".concat(null!==(a=s.message)&&void 0!==a?a:s));case 5:return[2]}})})},e.prototype._isJwt=function(e){return e.includes(".")},e.prototype._jwtExpiry=function(e){var t=e.split("."),n=V.jws.JWS.readSafeJSONString(z(t[1]));return new Date(n.exp*W)},e.prototype._refreshTokenInternal=function(){return i(this,void 0,void 0,function(){var t,n,o,i,s,c,a,u;return r(this,function(r){switch(r.label){case 0:return[4,this._endpointProvider.RetrieveTokenEndpoint()];case 1:return t=r.sent(),n={headers:{"Content-Type":"application/x-www-form-urlencoded",Accept:M}},this._clientSecret&&(o="".concat(this._clientId,":").concat(this._clientSecret),i="Basic ".concat(F(o)),n.headers&&(n.headers.Authorization=i)),s="grant_type=refresh_token&client_id=".concat(encodeURIComponent(this._clientId),"&refresh_token=").concat(encodeURIComponent(this._refreshToken)),c=null,this._codeVerifier&&(s="".concat(s,"&code_verifier=").concat(encodeURIComponent(this._codeVerifier)),c=e.GenerateCodeVerifier(),s="".concat(s,"&code_challenge_method=S256"),s="".concat(s,"&code_challenge=").concat(encodeURIComponent(this._GenerateCodeChallenge(c)))),[4,this._httpClient.httpPost(t,s,n)];case 2:return a=r.sent(),this._accessToken=a.access_token,u=new Date,this._tokenExpiry=new Date(u.getTime()+a.expires_in*W),this._idToken=a.id_token,this._refreshToken=a.refresh_token,c&&(this._codeVerifier=c),[2]}})})},e.prototype._GenerateCodeChallenge=function(e){var t=V.crypto.Util.hashString(e,"sha256");return q(t)},e}(),X=function(e){function t(t,n,o){var i=e.call(this,t,n)||this;return i._redirectUrl=o,i._codeVerifier=null,i._scopes=["openid"],i._state=null,L.sendInitEvent(U,n),i}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function o(){this.constructor=e}n(e,t),e.prototype=null===t?Object.create(t):(o.prototype=t.prototype,new o)}(t,e),t.prototype.WithScopes=function(e){return this._scopes=this._scopes.concat(e),this},t.prototype.WithLogoutRedirect=function(e){return this._logoutRedirectUrl=e,this},t.prototype.WithIdentityProvider=function(e){return this._identityProvider=e,this},t.prototype.GetOAuthRedirect=function(e){return i(this,void 0,void 0,function(){var t,n,o,i,s;return r(this,function(r){switch(r.label){case 0:return r.trys.push([0,2,,3]),L.sendMethodEvent(w,this._clientId),[4,this._endpointProvider.RetrieveAuthorizationEndpoint()];case 1:return t=r.sent(),n="".concat(t,"?response_type=code&scope=").concat(encodeURIComponent(this._scopes.join(" ")),"&client_id=").concat(encodeURIComponent(this._clientId),"&redirect_uri=").concat(encodeURIComponent(this._redirectUrl)),this._codeVerifier&&(n="".concat(n,"&code_challenge_method=S256&code_challenge=").concat(encodeURIComponent(this._GenerateCodeChallenge(this._codeVerifier)))),e&&(n="".concat(n,"&state=").concat(encodeURIComponent(e))),this._identityProvider&&(n="".concat(n,"&identity_provider=").concat(encodeURIComponent(this._identityProvider))),[2,n];case 2:throw o=r.sent(),L.sendExceptionEvent(w,null!==(i=o.message)&&void 0!==i?i:o,this._clientId),new Error("Unable to return OAuth redirect: ".concat(null!==(s=o.message)&&void 0!==s?s:o));case 3:return[2]}})})},t.prototype.ValidateQuery=function(e){return i(this,void 0,void 0,function(){var t;return r(this,function(n){return L.sendMethodEvent(k,this._clientId),e.startsWith("?")&&(e=e.substring(1)),t={},e.split("&").forEach(function(e){var n=e.split("=");t[n[0]]=decodeURIComponent(n[1])}),this._state=t.state,[2,this._validateCode(t.code)]})})},t.prototype.GetOAuthLogoutRedirect=function(){return i(this,arguments,void 0,function(e){var t,n,o,i,s,c,a;return void 0===e&&(e=null),r(this,function(r){switch(r.label){case 0:return r.trys.push([0,3,,4]),L.sendMethodEvent(g,this._clientId),[4,this._endpointProvider.RetrieveEndSessionEndpoint()];case 1:return t=r.sent(),[4,this.RetrieveIdToken()];case 2:return n=r.sent(),o="".concat(t,"?id_token_hint=").concat(encodeURIComponent(n),"&post_logout_redirect_uri=").concat(encodeURIComponent(null!==(s=this._logoutRedirectUrl)&&void 0!==s?s:"")),e&&(o="".concat(o,"&state=").concat(encodeURIComponent(e))),[2,o];case 3:throw i=r.sent(),L.sendExceptionEvent(g,null!==(c=i.message)&&void 0!==c?c:i,this._clientId),new Error("Unable to get logout redirect: ".concat(null!==(a=i.message)&&void 0!==a?a:i));case 4:return[2]}})})},t.prototype.ValidateCode=function(e){return i(this,void 0,void 0,function(){return r(this,function(t){return L.sendMethodEvent(b,this._clientId),[2,this._validateCode(e)]})})},t.prototype._validateCode=function(e){return i(this,void 0,void 0,function(){var t,n,o,i,s,c,a,u,d,h,p;return r(this,function(r){switch(r.label){case 0:return r.trys.push([0,3,,4]),[4,this._endpointProvider.RetrieveTokenEndpoint()];case 1:return t=r.sent(),n={headers:{"Content-Type":"application/x-www-form-urlencoded",Accept:M}},this._clientSecret&&(o="".concat(this._clientId,":").concat(this._clientSecret),i="Basic ".concat(B(o)),n.headers&&(n.headers.Authorization=i)),s="grant_type=authorization_code&tenantDomain=trimble.com&client_id=".concat(encodeURIComponent(this._clientId),"&code=").concat(encodeURIComponent(e),"&redirect_uri=").concat(encodeURIComponent(this._redirectUrl)),c=null,this._codeVerifier&&(s="".concat(s,"&code_verifier=").concat(encodeURIComponent(this._codeVerifier)),c=Y.GenerateCodeVerifier(),s="".concat(s,"&code_challenge_method=S256"),s="".concat(s,"&code_challenge=").concat(encodeURIComponent(this._GenerateCodeChallenge(c)))),[4,this._httpClient.httpPost(t,s,n)];case 2:return a=r.sent(),u=new Date,this.WithAccessToken(a.access_token,new Date(u.getTime()+a.expires_in*W)).WithIdToken(a.id_token).WithRefreshToken(a.refresh_token),c&&this.WithProofKeyForCodeExchange(c),[2,!0];case 3:throw d=r.sent(),L.sendExceptionEvent(b,null!==(h=d.message)&&void 0!==h?h:d,this._clientId),new Error("Unable to validate code: ".concat(null!==(p=d.message)&&void 0!==p?p:d));case 4:return[2]}})})},t}(Y),Q=function(){function e(e){this._accessToken=e,L.sendInitEvent(O)}return e.prototype.RetrieveToken=function(){return i(this,void 0,void 0,function(){return r(this,function(e){return L.sendMethodEvent(c),[2,this._accessToken]})})},e}(),Z=function(){function e(e,t,n,o){this._endpointProvider=e,this._clientId=t,this._clientSecret=n,this._accessToken=o,this._scopes=[],this._httpClient=new K,L.sendInitEvent(N,t)}return e.prototype.WithScopes=function(e){return this._scopes=this._scopes.concat(e),this},e.prototype.RetrieveToken=function(){return i(this,void 0,void 0,function(){return r(this,function(e){return L.sendMethodEvent(c,this._clientId),this._refreshableTokenProvider?[2,this._refreshableTokenProvider.RetrieveToken()]:[2,this._retrieveToken()]})})},e.prototype._retrieveToken=function(){return i(this,void 0,void 0,function(){var e,t,n,o,i,s,a,u,d,h;return r(this,function(r){switch(r.label){case 0:return r.trys.push([0,3,,4]),[4,this._endpointProvider.RetrieveTokenEndpoint()];case 1:return e=r.sent(),t="".concat(this._clientId,":").concat(this._clientSecret),n="Basic ".concat(F(t)),o={headers:{Authorization:n,"Content-Type":"application/x-www-form-urlencoded",Accept:M}},i="grant_type=urn:ietf:params:oauth:grant-type:token-exchange&subject_token_type=urn:ietf:params:oauth:token-type:jwt&subject_token=".concat(encodeURIComponent(this._accessToken),"&scope=").concat(encodeURIComponent(this._scopes.join(" "))),[4,this._httpClient.httpPost(e,i,o)];case 2:return s=r.sent(),a=new Date,this._refreshableTokenProvider=new Y(this._endpointProvider,this._clientId).WithClientSecret(this._clientSecret).WithAccessToken(s.access_token,new Date(a.getTime()+s.expires_in*W)).WithRefreshToken(s.refresh_token),[2,s.access_token];case 3:throw u=r.sent(),L.sendExceptionEvent(c,null!==(d=u.message)&&void 0!==d?d:u,this._clientId),new Error("On-behalf grant failed: ".concat(null!==(h=u.message)&&void 0!==h?h:u));case 4:return[2]}})})},e}(),$=function(){function e(e,t){this._tokenProvider=e,this._baseAddress=t,L.sendInitEvent(A)}return e.prototype.RetrieveClient=function(){return i(this,void 0,void 0,function(){var e,t,n,o;return r(this,function(i){switch(i.label){case 0:L.sendMethodEvent(R),i.label=1;case 1:return i.trys.push([1,3,,4]),[4,this._tokenProvider.RetrieveToken()];case 2:return e=i.sent(),t={headers:{Authorization:"Bearer "+e}},[2,new K(this._baseAddress,t)];case 3:throw n=i.sent(),new Error("Unable to retrieve client: ".concat(null!==(o=n.message)&&void 0!==o?o:n));case 4:return[2]}})})},e}(),ee=function(){function e(){}return e.prototype.RetrieveClient=function(){return i(this,void 0,void 0,function(){return r(this,function(e){return[2,new K]})})},e}(),te=function(){function e(e,t,n,o,i){void 0===e&&(e=null),void 0===t&&(t=null),void 0===n&&(n=null),void 0===o&&(o=null),void 0===i&&(i=null),this._authorizationEndpoint=e,this._tokenEndpoint=t,this._userInfoEndpoint=n,this._tokenRevocationEndpoint=o||(t?new URL(t).origin+"/revoke":null),this._endSessionEndpoint=null,this._jwksEndpoint=i,L.sendInitEvent(C)}return e.prototype.WithAuthorizationEndpoint=function(e){var t=Object.create(Object.getPrototypeOf(this),Object.getOwnPropertyDescriptors(this));return t._authorizationEndpoint=e,t},e.prototype.WithTokenEndpoint=function(e){var t=Object.create(Object.getPrototypeOf(this),Object.getOwnPropertyDescriptors(this));return t._tokenEndpoint=e,t},e.prototype.WithUserInfoEndpoint=function(e){var t=Object.create(Object.getPrototypeOf(this),Object.getOwnPropertyDescriptors(this));return t._userInfoEndpoint=e,t},e.prototype.WithTokenRevocationEndpoint=function(e){var t=Object.create(Object.getPrototypeOf(this),Object.getOwnPropertyDescriptors(this));return t._tokenRevocationEndpoint=e,t},e.prototype.WithEndSessionEndpoint=function(e){var t=Object.create(Object.getPrototypeOf(this),Object.getOwnPropertyDescriptors(this));return t._endSessionEndpoint=e,t},e.prototype.WithJWKSEndpoint=function(e){var t=Object.create(Object.getPrototypeOf(this),Object.getOwnPropertyDescriptors(this));return t._jwksEndpoint=e,t},e.prototype.RetrieveAuthorizationEndpoint=function(){return L.sendMethodEvent(u),Promise.resolve(this._authorizationEndpoint)},e.prototype.RetrieveTokenEndpoint=function(){return L.sendMethodEvent(a),Promise.resolve(this._tokenEndpoint)},e.prototype.RetrieveUserInfoEndpoint=function(){return L.sendMethodEvent(d),Promise.resolve(this._userInfoEndpoint)},e.prototype.RetrieveTokenRevocationEndpoint=function(){return L.sendMethodEvent(h),Promise.resolve(this._tokenRevocationEndpoint)},e.prototype.RetrieveEndSessionEndpoint=function(){return L.sendMethodEvent(p),Promise.resolve(this._endSessionEndpoint)},e.prototype.RetrieveJSONWebKeySetEndpoint=function(){return L.sendMethodEvent(l),Promise.resolve(this._jwksEndpoint)},e}(),ne=function(){function e(e,t){void 0===t&&(t=null),this._authorizationEndpoint=null,this._tokenEndpoint=null,this._userInfoEndpoint=null,this._jwksEndpoint=null,this._tokenRevocationEndpoint=null,this._endSessionEndpoint=null,this._configurationEndpoint=e,this._tokenRevocationEndpoint=t,L.sendInitEvent(T)}return e.prototype.RetrieveAuthorizationEndpoint=function(){return i(this,void 0,void 0,function(){var e,t,n;return r(this,function(o){switch(o.label){case 0:L.sendMethodEvent(u),o.label=1;case 1:return o.trys.push([1,4,,5]),this._authorizationEndpoint?[3,3]:[4,this._loadConfiguration()];case 2:o.sent(),o.label=3;case 3:if(!this._authorizationEndpoint)throw new Error("Authorization endpoint is not available after loading configuration.");return[2,this._authorizationEndpoint];case 4:throw e=o.sent(),L.sendExceptionEvent(u,null!==(t=e.message)&&void 0!==t?t:e),new Error("Unable to retrieve authorization endpoint: ".concat(null!==(n=e.message)&&void 0!==n?n:e));case 5:return[2]}})})},e.prototype.RetrieveTokenEndpoint=function(){return i(this,void 0,void 0,function(){var e,t,n;return r(this,function(o){switch(o.label){case 0:L.sendMethodEvent(a),o.label=1;case 1:return o.trys.push([1,4,,5]),this._tokenEndpoint?[3,3]:[4,this._loadConfiguration()];case 2:o.sent(),o.label=3;case 3:if(!this._tokenEndpoint)throw new Error("Token endpoint is not available after loading configuration.");return[2,this._tokenEndpoint];case 4:throw e=o.sent(),L.sendExceptionEvent(a,null!==(t=e.message)&&void 0!==t?t:e),new Error("Unable to retrieve token endpoint: ".concat(null!==(n=e.message)&&void 0!==n?n:e));case 5:return[2]}})})},e.prototype.RetrieveUserInfoEndpoint=function(){return i(this,void 0,void 0,function(){var e,t,n;return r(this,function(o){switch(o.label){case 0:L.sendMethodEvent(d),o.label=1;case 1:return o.trys.push([1,4,,5]),this._userInfoEndpoint?[3,3]:[4,this._loadConfiguration()];case 2:o.sent(),o.label=3;case 3:if(!this._userInfoEndpoint)throw new Error("User info endpoint is not available after loading configuration.");return[2,this._userInfoEndpoint];case 4:throw e=o.sent(),L.sendExceptionEvent(d,null!==(t=e.message)&&void 0!==t?t:e),new Error("Unable to retrieve user info endpoint: ".concat(null!==(n=e.message)&&void 0!==n?n:e));case 5:return[2]}})})},e.prototype.RetrieveTokenRevocationEndpoint=function(){return i(this,void 0,void 0,function(){var e,t,n;return r(this,function(o){switch(o.label){case 0:L.sendMethodEvent(h),o.label=1;case 1:return o.trys.push([1,4,,5]),this._tokenRevocationEndpoint?[3,3]:[4,this._loadConfiguration()];case 2:o.sent(),o.label=3;case 3:if(!this._tokenRevocationEndpoint)throw new Error("Token revocation endpoint is not available after loading configuration.");return[2,this._tokenRevocationEndpoint];case 4:throw e=o.sent(),L.sendExceptionEvent(h,null!==(t=e.message)&&void 0!==t?t:e),new Error("Unable to retrieve token revocation endpoint: ".concat(null!==(n=e.message)&&void 0!==n?n:e));case 5:return[2]}})})},e.prototype.RetrieveEndSessionEndpoint=function(){return i(this,void 0,void 0,function(){var e,t,n;return r(this,function(o){switch(o.label){case 0:L.sendMethodEvent(p),o.label=1;case 1:return o.trys.push([1,4,,5]),this._endSessionEndpoint?[3,3]:[4,this._loadConfiguration()];case 2:o.sent(),o.label=3;case 3:if(!this._endSessionEndpoint)throw new Error("End session endpoint is not available after loading configuration.");return[2,this._endSessionEndpoint];case 4:throw e=o.sent(),L.sendExceptionEvent(p,null!==(t=e.message)&&void 0!==t?t:e),new Error("Unable to retrieve end session endpoint: ".concat(null!==(n=e.message)&&void 0!==n?n:e));case 5:return[2]}})})},e.prototype.RetrieveJSONWebKeySetEndpoint=function(){return i(this,void 0,void 0,function(){var e,t,n;return r(this,function(o){switch(o.label){case 0:L.sendMethodEvent(l),o.label=1;case 1:return o.trys.push([1,4,,5]),this._jwksEndpoint?[3,3]:[4,this._loadConfiguration()];case 2:o.sent(),o.label=3;case 3:if(!this._jwksEndpoint)throw new Error("JSON Web Key Set endpoint is not available after loading configuration.");return[2,this._jwksEndpoint];case 4:throw e=o.sent(),L.sendExceptionEvent(l,null!==(t=e.message)&&void 0!==t?t:e),new Error("Unable to retrieve JSON Web Key Set endpoint: ".concat(null!==(n=e.message)&&void 0!==n?n:e));case 5:return[2]}})})},e.prototype._loadConfiguration=function(){return i(this,void 0,void 0,function(){var e;return r(this,function(t){switch(t.label){case 0:return[4,(new K).httpGetJSON(this._configurationEndpoint)];case 1:return e=t.sent(),this._authorizationEndpoint=e.authorization_endpoint,this._tokenEndpoint=e.token_endpoint,this._userInfoEndpoint=e.userinfo_endpoint,this._jwksEndpoint=e.jwks_uri,e.revocation_endpoint?this._tokenRevocationEndpoint=e.revocation_endpoint:this._tokenRevocationEndpoint=this._tokenRevocationEndpoint||new URL(this._configurationEndpoint).origin+"/revoke",e.end_session_endpoint?this._endSessionEndpoint=e.end_session_endpoint:this._endSessionEndpoint=new URL(this._configurationEndpoint).origin+"/i/commonauth",[2]}})})},e}(),oe=function(){function e(e){this._keysetProvider=e,this._keyset=null,this._clockSkewInSeconds=300,this._tokenValidationRequired=!0,L.sendInitEvent(D)}return e.prototype.WithClockSkew=function(e){return this._clockSkewInSeconds=e,this},e.prototype.WithTokenValidation=function(e){return this._tokenValidationRequired=e,this},e.prototype.RetrieveClaimset=function(e){return i(this,void 0,void 0,function(){var t,n,o,i,s,c;return r(this,function(r){switch(r.label){case 0:L.sendMethodEvent(S),r.label=1;case 1:if(r.trys.push([1,3,,4]),3!==(t=e.split(".")).length)throw new Error("Invalid JWT format: must have exactly 3 parts (header.payload.signature)");return n=V.jws.JWS.readSafeJSONString(z(t[0])),[4,this._findMatchingKey(n.kid)];case 2:if(o=r.sent(),this._tokenValidationRequired){if(this._clockSkewInSeconds<0)throw new Error("ClockSkew is less than 0");if(!this._validateToken(e,o,this._clockSkewInSeconds))throw new Error("Unable to validate token")}return[2,V.jws.JWS.readSafeJSONString(z(t[1]))];case 3:throw i=r.sent(),L.sendExceptionEvent(S,null!==(s=i.message)&&void 0!==s?s:i),new Error("Unable to retrieve claimset: ".concat(null!==(c=i.message)&&void 0!==c?c:i));case 4:return[2]}})})},e.prototype._retrieveKeyset=function(){return i(this,void 0,void 0,function(){var e;return r(this,function(t){switch(t.label){case 0:return null==this._keyset?[3,1]:[2,this._keyset];case 1:return e=this,[4,this._keysetProvider.RetrieveKeyset()];case 2:return e._keyset=t.sent(),[2,this._keyset]}})})},e.prototype._findMatchingKey=function(e){return i(this,void 0,void 0,function(){var t,n,o;return r(this,function(i){switch(i.label){case 0:return[4,this._retrieveKeyset()];case 1:return t=i.sent(),void 0===(n=t.find(function(t){return t.kid===e}))?[3,2]:[2,n];case 2:return this._keyset=null,[4,this._retrieveKeyset()];case 3:if(o=i.sent(),void 0!==(n=o.find(function(t){return t.kid===e})))return[2,n];throw new Error("No key matching token KID in keyset");case 4:return[2]}})})},e.prototype._validateToken=function(e,t,n){var o=G.getKey(t);return V.jws.JWS.verifyJWT(e,o,{alg:["RS256"],gracePeriod:n})},e}(),ie=function(){function e(e){this._endpointProvider=e,L.sendInitEvent(j)}return e.prototype.RetrieveKeyset=function(){return i(this,void 0,void 0,function(){var e,t,n,o;return r(this,function(i){switch(i.label){case 0:L.sendMethodEvent(m),i.label=1;case 1:return i.trys.push([1,4,,5]),[4,this._endpointProvider.RetrieveJSONWebKeySetEndpoint()];case 2:return e=i.sent(),[4,(new K).httpGetJSON(e)];case 3:return[2,i.sent().keys];case 4:throw t=i.sent(),L.sendExceptionEvent(m,null!==(n=t.message)&&void 0!==n?n:t),new Error("Failed to retrieve JSON web key set: ".concat(null!==(o=t.message)&&void 0!==o?o:t));case 5:return[2]}})})},e}(),re=function(){function e(e){this._keyset=e,L.sendInitEvent(x)}return e.prototype.RetrieveKeyset=function(){return i(this,void 0,void 0,function(){var e,t;return r(this,function(n){try{return L.sendMethodEvent(m),[2,this._keyset]}catch(n){throw L.sendExceptionEvent(m,null!==(e=n.message)&&void 0!==e?e:n),new Error("Unable to retrieve keyset: ".concat(null!==(t=n.message)&&void 0!==t?t:n))}return[2]})})},e}();export{L as AnalyticsHttpClient,X as AuthorizationCodeGrantTokenProvider,$ as BearerTokenHttpClientProvider,H as ClientCredentialTokenProvider,te as FixedEndpointProvider,re as FixedKeysetProvider,Q as FixedTokenProvider,K as HttpClient,Z as OnBehalfGrantTokenProvider,ne as OpenIdEndpointProvider,ie as OpenIdKeysetProvider,Y as RefreshableTokenProvider,ee as SimpleHttpClientProvider,oe as ValidatedClaimsetProvider};