UNPKG

@trimble-oss/trimble-id

Version:

Trimble Identity SDK for JavaScript/TypeScript

github.com/trimble-oss/trimble-id-sdk-docs-for-js

2 lines (1 loc) 37.1 kB
1
2
"use strict";Object.defineProperty(exports,"__esModule",{value:!0});var e=require("axios"),t=require("jsrsasign");function n(e){return e&&"object"==typeof e&&"default"in e?e:{default:e}}function o(e){if(e&&e.__esModule)return e;var t=Object.create(null);return e&&Object.keys(e).forEach(function(n){if("default"!==n){var o=Object.getOwnPropertyDescriptor(e,n);Object.defineProperty(t,n,o.get?o:{enumerable:!0,get:function(){return e[n]}})}}),t.default=e,Object.freeze(t)}var i=n(e),r=o(t),s=function(e,t){return s=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var n in t)Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n])},s(e,t)};var c=function(){return c=Object.assign||function(e){for(var t,n=1,o=arguments.length;n<o;n++)for(var i in t=arguments[n])Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i]);return e},c.apply(this,arguments)};function a(e,t,n,o){return new(n||(n=Promise))(function(i,r){function s(e){try{a(o.next(e))}catch(e){r(e)}}function c(e){try{a(o.throw(e))}catch(e){r(e)}}function a(e){var t;e.done?i(e.value):(t=e.value,t instanceof n?t:new n(function(e){e(t)})).then(s,c)}a((o=o.apply(e,t||[])).next())})}function u(e,t){var n,o,i,r={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]},s=Object.create(("function"==typeof Iterator?Iterator:Object).prototype);return s.next=c(0),s.throw=c(1),s.return=c(2),"function"==typeof Symbol&&(s[Symbol.iterator]=function(){return this}),s;function c(c){return function(a){return function(c){if(n)throw new TypeError("Generator is already executing.");for(;s&&(s=0,c[0]&&(r=0)),r;)try{if(n=1,o&&(i=2&c[0]?o.return:c[0]?o.throw||((i=o.return)&&i.call(o),0):o.next)&&!(i=i.call(o,c[1])).done)return i;switch(o=0,i&&(c=[2&c[0],i.value]),c[0]){case 0:case 1:i=c;break;case 4:return r.label++,{value:c[1],done:!1};case 5:r.label++,o=c[1],c=[0];continue;case 7:c=r.ops.pop(),r.trys.pop();continue;default:if(!(i=r.trys,(i=i.length>0&&i[i.length-1])||6!==c[0]&&2!==c[0])){r=0;continue}if(3===c[0]&&(!i||c[1]>i[0]&&c[1]<i[3])){r.label=c[1];break}if(6===c[0]&&r.label<i[1]){r.label=i[1],i=c;break}if(i&&r.label<i[2]){r.label=i[2],r.ops.push(c);break}i[2]&&r.ops.pop(),r.trys.pop();continue}c=t.call(e,r)}catch(e){c=[6,e],o=0}finally{n=i=0}if(5&c[0])throw c[1];return{value:c[0]?c[1]:void 0,done:!0}}([c,a])}}}"function"==typeof SuppressedError&&SuppressedError;var d,h="RetrieveToken",p="RetrieveTokenEndpoint",l="RetrieveAuthorizationEndpoint",v="RetrieveUserInfoEndpoint",f="RetrieveTokenRevocationEndpoint",_="RetrieveEndSessionEndpoint",E="RetrieveJSONWebKeySetEndpoint",y="RetrieveIdToken",w="RetrieveRefreshToken",k="RetrieveCodeVerifier",g="RevokeRefreshToken",b="RetrieveTokenExpiry",R="GetOAuthRedirect",m="ValidateQuery",S="GetOAuthLogoutRedirect",I="ValidateCode",T="RetrieveClient",x="RetrieveKeyset",C="RetrieveClaimset",O="ClientCredentialTokenProvider",P="OpenIdEndpointProvider",A="FixedEndpointProvider",U="FixedTokenProvider",j="FixedKeysetProvider",D="RefreshableTokenProvider",N="AuthorizationCodeGrantTokenProvider",M="BearerTokenHttpClientProvider",W="OpenIdKeysetProvider",J="ValidatedClaimsetProvider",K="OnBehalfGrantTokenProvider",V="application/json",z=1e3,G=3e5,B=function(){function e(e,t){"string"==typeof e?(this._baseAddress=e,this._defaultSettings=t||{}):"object"==typeof e&&null!==e?(this._baseAddress="",this._defaultSettings=e):(this._baseAddress="",this._defaultSettings={})}return e.prototype.httpPost=function(e){return a(this,arguments,void 0,function(e,t,n){var o,r,s,c;return void 0===t&&(t=null),void 0===n&&(n={}),u(this,function(a){switch(a.label){case 0:return a.trys.push([0,2,,3]),o=this.prepareRequest(e,n),r=o.address,s=o.settings,[4,i.default.post(r,t,s)];case 1:return[2,a.sent().data];case 2:throw(c=a.sent()).response?new Error("Returned: ".concat(c.response.status," ").concat(JSON.stringify(c.response.data))):new Error(c.message);case 3:return[2]}})})},e.prototype.httpGet=function(e){return a(this,arguments,void 0,function(e,t){var n,o,r,s;return void 0===t&&(t={}),u(this,function(c){switch(c.label){case 0:return c.trys.push([0,2,,3]),n=this.prepareRequest(e,t),o=n.address,r=n.settings,[4,i.default.get(o,r)];case 1:return[2,c.sent().data];case 2:throw(s=c.sent()).response?new Error("Returned: ".concat(s.response.status," ").concat(JSON.stringify(s.response.data))):new Error(s.message);case 3:return[2]}})})},e.prototype.httpPut=function(e){return a(this,arguments,void 0,function(e,t,n){var o,r,s,c;return void 0===t&&(t=null),void 0===n&&(n={}),u(this,function(a){switch(a.label){case 0:return a.trys.push([0,2,,3]),o=this.prepareRequest(e,n),r=o.address,s=o.settings,[4,i.default.put(r,t,s)];case 1:return[2,a.sent().data];case 2:throw(c=a.sent()).response?new Error("Returned: ".concat(c.response.status," ").concat(JSON.stringify(c.response.data))):new Error(c.message);case 3:return[2]}})})},e.prototype.httpPatch=function(e){return a(this,arguments,void 0,function(e,t,n){var o,r,s,c;return void 0===t&&(t=null),void 0===n&&(n={}),u(this,function(a){switch(a.label){case 0:return a.trys.push([0,2,,3]),o=this.prepareRequest(e,n),r=o.address,s=o.settings,[4,i.default.patch(r,t,s)];case 1:return[2,a.sent().data];case 2:throw(c=a.sent()).response?new Error("Returned: ".concat(c.response.status," ").concat(JSON.stringify(c.response.data))):new Error(c.message);case 3:return[2]}})})},e.prototype.httpDelete=function(e){return a(this,arguments,void 0,function(e,t,n){var o,r,s,c;return void 0===t&&(t=null),void 0===n&&(n={}),u(this,function(a){switch(a.label){case 0:return a.trys.push([0,2,,3]),o=this.prepareRequest(e,n),r=o.address,(s=o.settings).data=t,[4,i.default.delete(r,s)];case 1:return[2,a.sent().data];case 2:throw(c=a.sent()).response?new Error("Returned: ".concat(c.response.status," ").concat(JSON.stringify(c.response.data))):new Error(c.message);case 3:return[2]}})})},e.prototype.httpPostJSON=function(e,t){return a(this,arguments,void 0,function(e,t,n){var o;return void 0===n&&(n={}),u(this,function(i){return o=this.combineSettings(n,{headers:{"Content-Type":V,Accept:V}}),[2,this.httpPost(e,t,o)]})})},e.prototype.httpGetJSON=function(e){return a(this,arguments,void 0,function(e,t){var n;return void 0===t&&(t={}),u(this,function(o){return n=this.combineSettings(t,{headers:{Accept:V}}),[2,this.httpGet(e,n)]})})},e.prototype.httpPutJSON=function(e,t){return a(this,arguments,void 0,function(e,t,n){var o;return void 0===n&&(n={}),u(this,function(i){return o=this.combineSettings(n,{headers:{"Content-Type":V,Accept:V}}),[2,this.httpPut(e,t,o)]})})},e.prototype.httpPatchJSON=function(e,t){return a(this,arguments,void 0,function(e,t,n){var o;return void 0===n&&(n={}),u(this,function(i){return o=this.combineSettings(n,{headers:{"Content-Type":V,Accept:V}}),[2,this.httpPatch(e,t,o)]})})},e.prototype.httpDeleteJSON=function(e){return a(this,arguments,void 0,function(e,t,n){var o;return void 0===t&&(t=null),void 0===n&&(n={}),u(this,function(i){return o=this.combineSettings(n,{headers:{"Content-Type":V,Accept:V}}),[2,this.httpDelete(e,t,o)]})})},e.prototype.httpPutFullResponse=function(e){return a(this,arguments,void 0,function(e,t,n){var o,r,s,c;return void 0===t&&(t=null),void 0===n&&(n={}),u(this,function(a){switch(a.label){case 0:return a.trys.push([0,2,,3]),o=this.prepareRequest(e,n),r=o.address,s=o.settings,[4,i.default.put(r,t,s)];case 1:return[2,a.sent()];case 2:throw(c=a.sent()).response?new Error("Returned: ".concat(c.response.status," ").concat(JSON.stringify(c.response.data))):new Error(c.message);case 3:return[2]}})})},e.prototype.httpPostJSONFullResponse=function(e,t){return a(this,arguments,void 0,function(e,t,n){var o,r,s,a;return void 0===n&&(n={}),u(this,function(u){switch(u.label){case 0:return u.trys.push([0,2,,3]),n.headers=c({"Content-Type":V,Accept:V},n.headers),o=this.prepareRequest(e,n),r=o.address,s=o.settings,[4,i.default.post(r,t,s)];case 1:return[2,u.sent()];case 2:throw(a=u.sent()).response?new Error("Returned: ".concat(a.response.status," ").concat(JSON.stringify(a.response.data))):new Error(a.message);case 3:return[2]}})})},e.prototype.httpDeleteJSONFullResponse=function(e){return a(this,arguments,void 0,function(e,t,n){var o,r,s,c;return void 0===t&&(t=null),void 0===n&&(n={}),u(this,function(a){switch(a.label){case 0:return a.trys.push([0,2,,3]),o=this.prepareRequest(e,n),r=o.address,(s=o.settings).data=t,[4,i.default.delete(r,s)];case 1:return[2,a.sent()];case 2:throw(c=a.sent()).response?new Error("Returned: ".concat(c.response.status," ").concat(JSON.stringify(c.response.data))):new Error(c.message);case 3:return[2]}})})},e.prototype.calculateAddress=function(e,t){return e?t?t.includes("://")?t:e+(e.endsWith("/")?"":"/")+t:e:t},e.prototype.isObject=function(e){return e&&"object"==typeof e&&!Array.isArray(e)},e.prototype.mergeDeep=function(e){for(var t,n,o=[],i=1;i<arguments.length;i++)o[i-1]=arguments[i];if(!o.length)return e;var r=o.shift();if(this.isObject(e)&&this.isObject(r))for(var s in r)this.isObject(r[s])?(e[s]||Object.assign(e,((t={})[s]={},t)),this.mergeDeep(e[s],r[s])):Object.assign(e,((n={})[s]=r[s],n));return this.mergeDeep.apply(this,function(e,t,n){if(n||2===arguments.length)for(var o,i=0,r=t.length;i<r;i++)!o&&i in t||(o||(o=Array.prototype.slice.call(t,0,i)),o[i]=t[i]);return e.concat(o||Array.prototype.slice.call(t))}([e],o,!1))},e.prototype.combineSettings=function(e,t){return this.mergeDeep(t,e)},e.prototype.prepareRequest=function(e,t){return void 0===t&&(t={}),{address:this.calculateAddress(this._baseAddress,e),settings:this.combineSettings(this._defaultSettings,t)}},e}(),q=r.KJUR||"undefined"!=typeof window&&window.KJUR,F=r.b64utoutf8||"undefined"!=typeof window&&window.b64utoutf8,H=r.KEYUTIL||"undefined"!=typeof window&&window.KEYUTIL,L=r.stob64||"undefined"!=typeof window&&window.stob64,Y=r.hextob64u||"undefined"!=typeof window&&window.hextob64u;!function(e){e.INIT="INIT",e.METHOD_USAGE="METHOD",e.EXCEPTION="EXCEPTION"}(d||(d={}));var X,Q=function(){function e(){}return Object.defineProperty(e,"API_KEY",{get:function(){return F(this.ENCODED_API_KEY)},enumerable:!1,configurable:!0}),Object.defineProperty(e,"CID",{get:function(){return this._cid||(this._cid=this.uuidv4()),this._cid},enumerable:!1,configurable:!0}),e.sendEvent=function(e,t){return a(this,void 0,void 0,function(){var n,o,i,r;return u(this,function(s){switch(s.label){case 0:return s.trys.push([0,2,,3]),n="/mp/collect?measurement_id=".concat(this.MEASUREMENT_ID,"&api_secret=").concat(this.API_KEY),o=this.BASE_ADDRESS+n,i={headers:{"Content-Type":"application/x-www-form-urlencoded",Accept:V}},r={client_id:this.CID,events:[{name:e,params:t}]},[4,(new B).httpPost(o,JSON.stringify(r),i)];case 1:case 2:return s.sent(),[3,3];case 3:return[2]}})})},e.sendCustomEvent=function(e,t,n,o,i,r){void 0===o&&(o=null),void 0===i&&(i=null),void 0===r&&(r=null);var s={event_type:t,client_name:o||this.SDK_NAME,client_version:i||this.SDK_VERSION,language:"js",application_id:n};r&&(s.exception_message=String(r)),this.sendEvent("".concat(e,"_").concat(t.toLowerCase()),s)},e.sendMethodEvent=function(e,t,n,o){void 0===n&&(n=null),void 0===o&&(o=null),this.sendCustomEvent(e,d.METHOD_USAGE,t,n,o)},e.sendInitEvent=function(e,t,n,o){void 0===n&&(n=null),void 0===o&&(o=null),this.sendCustomEvent(e,d.INIT,t,n,o)},e.sendExceptionEvent=function(e,t,n,o,i){void 0===o&&(o=null),void 0===i&&(i=null),this.sendCustomEvent(e,d.EXCEPTION,n,o,i,t)},e.uuidv4=function(){return"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,function(t){var n=Math.random()*e.HEX_BASE|0;return("x"===t?n:n&e.UUID_VARIANT_MASK|e.UUID_VARIANT_BITS).toString(e.HEX_BASE)})},e.BASE_ADDRESS="https://www.google-analytics.com",e.MEASUREMENT_ID="G-9DHNE789XG",e.ENCODED_API_KEY="N3dkNjB3RWVTbnVmYjhGSzZuYUhPUQ==",e.SDK_NAME="@trimble-oss/trimble-id",e.SDK_VERSION="1.0.0-beta.1",e.HEX_BASE=16,e.UUID_VARIANT_MASK=3,e.UUID_VARIANT_BITS=8,e._cid=null,e}();if("undefined"!=typeof window&&window.btoa)X=window.btoa;else try{X=require("btoa")}catch(e){X=function(e){return Buffer.from(e).toString("base64")}}var Z=function(){function e(e,t,n){this._scopes=[],this._accessToken=null,this._tokenExpiry=new Date(0),this._endpointProvider=e,this._clientId=t,this._clientSecret=n,this._httpClient=new B,Q.sendInitEvent(O,t)}return e.prototype.WithScopes=function(e){return this._scopes=this._scopes.concat(e),this},e.prototype.RetrieveToken=function(){return a(this,void 0,void 0,function(){var e,t,n;return u(this,function(o){switch(o.label){case 0:Q.sendMethodEvent(h,this._clientId),o.label=1;case 1:return o.trys.push([1,4,,5]),this._tokenExpiry<new Date?[4,this._refreshToken()]:[3,3];case 2:o.sent(),o.label=3;case 3:if(!this._accessToken)throw new Error("Failed to retrieve access token");return[2,this._accessToken];case 4:throw e=o.sent(),Q.sendExceptionEvent(h,null!==(t=e.message)&&void 0!==t?t:e,this._clientId),new Error("Unable to retrieve token: ".concat(null!==(n=e.message)&&void 0!==n?n:e));case 5:return[2]}})})},e.prototype._refreshToken=function(){return a(this,void 0,void 0,function(){var e,t,n,o,i,r,s;return u(this,function(c){switch(c.label){case 0:return[4,this._endpointProvider.RetrieveTokenEndpoint()];case 1:return e=c.sent(),t="".concat(this._clientId,":").concat(this._clientSecret),n="Basic ".concat(X(t)),o={headers:{Authorization:n,"Content-Type":"application/x-www-form-urlencoded",Accept:V}},i="grant_type=client_credentials&scope=".concat(encodeURIComponent(this._scopes.join(" "))),[4,this._httpClient.httpPost(e,i,o)];case 2:return r=c.sent(),this._accessToken=r.access_token,s=new Date,this._tokenExpiry=new Date(s.getTime()+r.expires_in*z),[2]}})})},e}(),$=function(){function e(e,t){this._endpointProvider=e,this._clientId=t,this._httpClient=new B,Q.sendInitEvent(D,t)}return e.GenerateCodeVerifier=function(){var e=q.crypto.Util.getRandomHexOfNbits(256);return Y(e)},e.prototype.WithProofKeyForCodeExchange=function(e){return this._codeVerifier=e,this},e.prototype.WithConsumerSecret=function(e){return this._clientSecret=e,this},e.prototype.WithClientSecret=function(e){return this._clientSecret=e,this},e.prototype.WithAccessToken=function(e,t){return this._accessToken=e,this._tokenExpiry=t instanceof Date?t:new Date(t),this},e.prototype.WithIdToken=function(e){return this._idToken=e,this},e.prototype.WithRefreshToken=function(e){return this._refreshToken=e,this},e.prototype.WithLogoutRedirect=function(e){return this._logoutRedirectUrl=e,this},e.prototype.RetrieveToken=function(){return a(this,void 0,void 0,function(){var e,t,n,o;return u(this,function(i){switch(i.label){case 0:Q.sendMethodEvent(h,this._clientId),i.label=1;case 1:return i.trys.push([1,5,,6]),e=new Date((new Date).getTime()+G),null==this._accessToken||this._isJwt(this._accessToken)&&this._jwtExpiry(this._accessToken)<e||!this._isJwt(this._accessToken)&&this._tokenExpiry&&this._tokenExpiry<e?[4,this._refreshTokenInternal()]:[3,3];case 2:if(i.sent(),this._accessToken)return[2,this._accessToken];throw new Error("Access token is null after refresh");case 3:return[2,this._accessToken];case 4:return[3,6];case 5:throw t=i.sent(),Q.sendExceptionEvent(h,null!==(n=t.message)&&void 0!==n?n:t,this._clientId),new Error("Unable to retrieve token: ".concat(null!==(o=t.message)&&void 0!==o?o:t));case 6:return[2]}})})},e.prototype.RetrieveTokenExpiry=function(){return a(this,void 0,void 0,function(){return u(this,function(e){return Q.sendMethodEvent(b,this._clientId),[2,Promise.resolve(this._tokenExpiry)]})})},e.prototype.RetrieveIdToken=function(){return a(this,void 0,void 0,function(){var e,t,n,o;return u(this,function(i){switch(i.label){case 0:Q.sendMethodEvent(y,this._clientId),i.label=1;case 1:return i.trys.push([1,5,,6]),e=new Date((new Date).getTime()+G),null==this._idToken||this._jwtExpiry(this._idToken)<e?[4,this._refreshTokenInternal()]:[3,3];case 2:if(i.sent(),this._idToken)return[2,this._idToken];throw new Error("ID token is null after refresh");case 3:return[2,this._idToken];case 4:return[3,6];case 5:throw t=i.sent(),Q.sendExceptionEvent(y,null!==(n=t.message)&&void 0!==n?n:t,this._clientId),new Error("Unable to retrieve id token: ".concat(null!==(o=t.message)&&void 0!==o?o:t));case 6:return[2]}})})},e.prototype.RetrieveRefreshToken=function(){return a(this,void 0,void 0,function(){return u(this,function(e){return Q.sendMethodEvent(w,this._clientId),[2,Promise.resolve(this._refreshToken)]})})},e.prototype.RetrieveCodeVerifier=function(){return a(this,void 0,void 0,function(){return u(this,function(e){return Q.sendMethodEvent(k,this._clientId),[2,Promise.resolve(this._codeVerifier)]})})},e.prototype.RevokeRefreshToken=function(){return a(this,void 0,void 0,function(){var e,t,n,o,i,r,s,c;return u(this,function(a){switch(a.label){case 0:Q.sendMethodEvent(g,this._clientId),a.label=1;case 1:return a.trys.push([1,4,,5]),[4,this._endpointProvider.RetrieveTokenRevocationEndpoint()];case 2:return e=a.sent(),t={headers:{"Content-Type":"application/x-www-form-urlencoded",Accept:V}},this._clientSecret&&(n="".concat(this._clientId,":").concat(this._clientSecret),o="Basic ".concat(X(n)),t.headers&&(t.headers.Authorization=o)),i="token=".concat(encodeURIComponent(this._refreshToken),"&token_type_hint=refresh_token&client_id=").concat(encodeURIComponent(this._clientId)),this._codeVerifier&&(i="".concat(i,"&code_verifier=").concat(encodeURIComponent(this._codeVerifier))),[4,this._httpClient.httpPost(e,i,t)];case 3:return a.sent(),[2,!0];case 4:throw r=a.sent(),Q.sendExceptionEvent(g,null!==(s=r.message)&&void 0!==s?s:r,this._clientId),new Error("Unable to revoke refresh token: ".concat(null!==(c=r.message)&&void 0!==c?c:r));case 5:return[2]}})})},e.prototype._isJwt=function(e){return e.includes(".")},e.prototype._jwtExpiry=function(e){var t=e.split("."),n=q.jws.JWS.readSafeJSONString(F(t[1]));return new Date(n.exp*z)},e.prototype._refreshTokenInternal=function(){return a(this,void 0,void 0,function(){var t,n,o,i,r,s,c,a;return u(this,function(u){switch(u.label){case 0:return[4,this._endpointProvider.RetrieveTokenEndpoint()];case 1:return t=u.sent(),n={headers:{"Content-Type":"application/x-www-form-urlencoded",Accept:V}},this._clientSecret&&(o="".concat(this._clientId,":").concat(this._clientSecret),i="Basic ".concat(X(o)),n.headers&&(n.headers.Authorization=i)),r="grant_type=refresh_token&client_id=".concat(encodeURIComponent(this._clientId),"&refresh_token=").concat(encodeURIComponent(this._refreshToken)),s=null,this._codeVerifier&&(r="".concat(r,"&code_verifier=").concat(encodeURIComponent(this._codeVerifier)),s=e.GenerateCodeVerifier(),r="".concat(r,"&code_challenge_method=S256"),r="".concat(r,"&code_challenge=").concat(encodeURIComponent(this._GenerateCodeChallenge(s)))),[4,this._httpClient.httpPost(t,r,n)];case 2:return c=u.sent(),this._accessToken=c.access_token,a=new Date,this._tokenExpiry=new Date(a.getTime()+c.expires_in*z),this._idToken=c.id_token,this._refreshToken=c.refresh_token,s&&(this._codeVerifier=s),[2]}})})},e.prototype._GenerateCodeChallenge=function(e){var t=q.crypto.Util.hashString(e,"sha256");return Y(t)},e}(),ee=function(e){function t(t,n,o){var i=e.call(this,t,n)||this;return i._redirectUrl=o,i._codeVerifier=null,i._scopes=["openid"],i._state=null,Q.sendInitEvent(N,n),i}return function(e,t){if("function"!=typeof t&&null!==t)throw new TypeError("Class extends value "+String(t)+" is not a constructor or null");function n(){this.constructor=e}s(e,t),e.prototype=null===t?Object.create(t):(n.prototype=t.prototype,new n)}(t,e),t.prototype.WithScopes=function(e){return this._scopes=this._scopes.concat(e),this},t.prototype.WithLogoutRedirect=function(e){return this._logoutRedirectUrl=e,this},t.prototype.WithIdentityProvider=function(e){return this._identityProvider=e,this},t.prototype.GetOAuthRedirect=function(e){return a(this,void 0,void 0,function(){var t,n,o,i,r;return u(this,function(s){switch(s.label){case 0:return s.trys.push([0,2,,3]),Q.sendMethodEvent(R,this._clientId),[4,this._endpointProvider.RetrieveAuthorizationEndpoint()];case 1:return t=s.sent(),n="".concat(t,"?response_type=code&scope=").concat(encodeURIComponent(this._scopes.join(" ")),"&client_id=").concat(encodeURIComponent(this._clientId),"&redirect_uri=").concat(encodeURIComponent(this._redirectUrl)),this._codeVerifier&&(n="".concat(n,"&code_challenge_method=S256&code_challenge=").concat(encodeURIComponent(this._GenerateCodeChallenge(this._codeVerifier)))),e&&(n="".concat(n,"&state=").concat(encodeURIComponent(e))),this._identityProvider&&(n="".concat(n,"&identity_provider=").concat(encodeURIComponent(this._identityProvider))),[2,n];case 2:throw o=s.sent(),Q.sendExceptionEvent(R,null!==(i=o.message)&&void 0!==i?i:o,this._clientId),new Error("Unable to return OAuth redirect: ".concat(null!==(r=o.message)&&void 0!==r?r:o));case 3:return[2]}})})},t.prototype.ValidateQuery=function(e){return a(this,void 0,void 0,function(){var t;return u(this,function(n){return Q.sendMethodEvent(m,this._clientId),e.startsWith("?")&&(e=e.substring(1)),t={},e.split("&").forEach(function(e){var n=e.split("=");t[n[0]]=decodeURIComponent(n[1])}),this._state=t.state,[2,this._validateCode(t.code)]})})},t.prototype.GetOAuthLogoutRedirect=function(){return a(this,arguments,void 0,function(e){var t,n,o,i,r,s,c;return void 0===e&&(e=null),u(this,function(a){switch(a.label){case 0:return a.trys.push([0,3,,4]),Q.sendMethodEvent(S,this._clientId),[4,this._endpointProvider.RetrieveEndSessionEndpoint()];case 1:return t=a.sent(),[4,this.RetrieveIdToken()];case 2:return n=a.sent(),o="".concat(t,"?id_token_hint=").concat(encodeURIComponent(n),"&post_logout_redirect_uri=").concat(encodeURIComponent(null!==(r=this._logoutRedirectUrl)&&void 0!==r?r:"")),e&&(o="".concat(o,"&state=").concat(encodeURIComponent(e))),[2,o];case 3:throw i=a.sent(),Q.sendExceptionEvent(S,null!==(s=i.message)&&void 0!==s?s:i,this._clientId),new Error("Unable to get logout redirect: ".concat(null!==(c=i.message)&&void 0!==c?c:i));case 4:return[2]}})})},t.prototype.ValidateCode=function(e){return a(this,void 0,void 0,function(){return u(this,function(t){return Q.sendMethodEvent(I,this._clientId),[2,this._validateCode(e)]})})},t.prototype._validateCode=function(e){return a(this,void 0,void 0,function(){var t,n,o,i,r,s,c,a,d,h,p;return u(this,function(u){switch(u.label){case 0:return u.trys.push([0,3,,4]),[4,this._endpointProvider.RetrieveTokenEndpoint()];case 1:return t=u.sent(),n={headers:{"Content-Type":"application/x-www-form-urlencoded",Accept:V}},this._clientSecret&&(o="".concat(this._clientId,":").concat(this._clientSecret),i="Basic ".concat(L(o)),n.headers&&(n.headers.Authorization=i)),r="grant_type=authorization_code&tenantDomain=trimble.com&client_id=".concat(encodeURIComponent(this._clientId),"&code=").concat(encodeURIComponent(e),"&redirect_uri=").concat(encodeURIComponent(this._redirectUrl)),s=null,this._codeVerifier&&(r="".concat(r,"&code_verifier=").concat(encodeURIComponent(this._codeVerifier)),s=$.GenerateCodeVerifier(),r="".concat(r,"&code_challenge_method=S256"),r="".concat(r,"&code_challenge=").concat(encodeURIComponent(this._GenerateCodeChallenge(s)))),[4,this._httpClient.httpPost(t,r,n)];case 2:return c=u.sent(),a=new Date,this.WithAccessToken(c.access_token,new Date(a.getTime()+c.expires_in*z)).WithIdToken(c.id_token).WithRefreshToken(c.refresh_token),s&&this.WithProofKeyForCodeExchange(s),[2,!0];case 3:throw d=u.sent(),Q.sendExceptionEvent(I,null!==(h=d.message)&&void 0!==h?h:d,this._clientId),new Error("Unable to validate code: ".concat(null!==(p=d.message)&&void 0!==p?p:d));case 4:return[2]}})})},t}($),te=function(){function e(e){this._accessToken=e,Q.sendInitEvent(U)}return e.prototype.RetrieveToken=function(){return a(this,void 0,void 0,function(){return u(this,function(e){return Q.sendMethodEvent(h),[2,this._accessToken]})})},e}(),ne=function(){function e(e,t,n,o){this._endpointProvider=e,this._clientId=t,this._clientSecret=n,this._accessToken=o,this._scopes=[],this._httpClient=new B,Q.sendInitEvent(K,t)}return e.prototype.WithScopes=function(e){return this._scopes=this._scopes.concat(e),this},e.prototype.RetrieveToken=function(){return a(this,void 0,void 0,function(){return u(this,function(e){return Q.sendMethodEvent(h,this._clientId),this._refreshableTokenProvider?[2,this._refreshableTokenProvider.RetrieveToken()]:[2,this._retrieveToken()]})})},e.prototype._retrieveToken=function(){return a(this,void 0,void 0,function(){var e,t,n,o,i,r,s,c,a,d;return u(this,function(u){switch(u.label){case 0:return u.trys.push([0,3,,4]),[4,this._endpointProvider.RetrieveTokenEndpoint()];case 1:return e=u.sent(),t="".concat(this._clientId,":").concat(this._clientSecret),n="Basic ".concat(X(t)),o={headers:{Authorization:n,"Content-Type":"application/x-www-form-urlencoded",Accept:V}},i="grant_type=urn:ietf:params:oauth:grant-type:token-exchange&subject_token_type=urn:ietf:params:oauth:token-type:jwt&subject_token=".concat(encodeURIComponent(this._accessToken),"&scope=").concat(encodeURIComponent(this._scopes.join(" "))),[4,this._httpClient.httpPost(e,i,o)];case 2:return r=u.sent(),s=new Date,this._refreshableTokenProvider=new $(this._endpointProvider,this._clientId).WithClientSecret(this._clientSecret).WithAccessToken(r.access_token,new Date(s.getTime()+r.expires_in*z)).WithRefreshToken(r.refresh_token),[2,r.access_token];case 3:throw c=u.sent(),Q.sendExceptionEvent(h,null!==(a=c.message)&&void 0!==a?a:c,this._clientId),new Error("On-behalf grant failed: ".concat(null!==(d=c.message)&&void 0!==d?d:c));case 4:return[2]}})})},e}(),oe=function(){function e(e,t){this._tokenProvider=e,this._baseAddress=t,Q.sendInitEvent(M)}return e.prototype.RetrieveClient=function(){return a(this,void 0,void 0,function(){var e,t,n,o;return u(this,function(i){switch(i.label){case 0:Q.sendMethodEvent(T),i.label=1;case 1:return i.trys.push([1,3,,4]),[4,this._tokenProvider.RetrieveToken()];case 2:return e=i.sent(),t={headers:{Authorization:"Bearer "+e}},[2,new B(this._baseAddress,t)];case 3:throw n=i.sent(),new Error("Unable to retrieve client: ".concat(null!==(o=n.message)&&void 0!==o?o:n));case 4:return[2]}})})},e}(),ie=function(){function e(){}return e.prototype.RetrieveClient=function(){return a(this,void 0,void 0,function(){return u(this,function(e){return[2,new B]})})},e}(),re=function(){function e(e,t,n,o,i){void 0===e&&(e=null),void 0===t&&(t=null),void 0===n&&(n=null),void 0===o&&(o=null),void 0===i&&(i=null),this._authorizationEndpoint=e,this._tokenEndpoint=t,this._userInfoEndpoint=n,this._tokenRevocationEndpoint=o||(t?new URL(t).origin+"/revoke":null),this._endSessionEndpoint=null,this._jwksEndpoint=i,Q.sendInitEvent(A)}return e.prototype.WithAuthorizationEndpoint=function(e){var t=Object.create(Object.getPrototypeOf(this),Object.getOwnPropertyDescriptors(this));return t._authorizationEndpoint=e,t},e.prototype.WithTokenEndpoint=function(e){var t=Object.create(Object.getPrototypeOf(this),Object.getOwnPropertyDescriptors(this));return t._tokenEndpoint=e,t},e.prototype.WithUserInfoEndpoint=function(e){var t=Object.create(Object.getPrototypeOf(this),Object.getOwnPropertyDescriptors(this));return t._userInfoEndpoint=e,t},e.prototype.WithTokenRevocationEndpoint=function(e){var t=Object.create(Object.getPrototypeOf(this),Object.getOwnPropertyDescriptors(this));return t._tokenRevocationEndpoint=e,t},e.prototype.WithEndSessionEndpoint=function(e){var t=Object.create(Object.getPrototypeOf(this),Object.getOwnPropertyDescriptors(this));return t._endSessionEndpoint=e,t},e.prototype.WithJWKSEndpoint=function(e){var t=Object.create(Object.getPrototypeOf(this),Object.getOwnPropertyDescriptors(this));return t._jwksEndpoint=e,t},e.prototype.RetrieveAuthorizationEndpoint=function(){return Q.sendMethodEvent(l),Promise.resolve(this._authorizationEndpoint)},e.prototype.RetrieveTokenEndpoint=function(){return Q.sendMethodEvent(p),Promise.resolve(this._tokenEndpoint)},e.prototype.RetrieveUserInfoEndpoint=function(){return Q.sendMethodEvent(v),Promise.resolve(this._userInfoEndpoint)},e.prototype.RetrieveTokenRevocationEndpoint=function(){return Q.sendMethodEvent(f),Promise.resolve(this._tokenRevocationEndpoint)},e.prototype.RetrieveEndSessionEndpoint=function(){return Q.sendMethodEvent(_),Promise.resolve(this._endSessionEndpoint)},e.prototype.RetrieveJSONWebKeySetEndpoint=function(){return Q.sendMethodEvent(E),Promise.resolve(this._jwksEndpoint)},e}(),se=function(){function e(e,t){void 0===t&&(t=null),this._authorizationEndpoint=null,this._tokenEndpoint=null,this._userInfoEndpoint=null,this._jwksEndpoint=null,this._tokenRevocationEndpoint=null,this._endSessionEndpoint=null,this._configurationEndpoint=e,this._tokenRevocationEndpoint=t,Q.sendInitEvent(P)}return e.prototype.RetrieveAuthorizationEndpoint=function(){return a(this,void 0,void 0,function(){var e,t,n;return u(this,function(o){switch(o.label){case 0:Q.sendMethodEvent(l),o.label=1;case 1:return o.trys.push([1,4,,5]),this._authorizationEndpoint?[3,3]:[4,this._loadConfiguration()];case 2:o.sent(),o.label=3;case 3:if(!this._authorizationEndpoint)throw new Error("Authorization endpoint is not available after loading configuration.");return[2,this._authorizationEndpoint];case 4:throw e=o.sent(),Q.sendExceptionEvent(l,null!==(t=e.message)&&void 0!==t?t:e),new Error("Unable to retrieve authorization endpoint: ".concat(null!==(n=e.message)&&void 0!==n?n:e));case 5:return[2]}})})},e.prototype.RetrieveTokenEndpoint=function(){return a(this,void 0,void 0,function(){var e,t,n;return u(this,function(o){switch(o.label){case 0:Q.sendMethodEvent(p),o.label=1;case 1:return o.trys.push([1,4,,5]),this._tokenEndpoint?[3,3]:[4,this._loadConfiguration()];case 2:o.sent(),o.label=3;case 3:if(!this._tokenEndpoint)throw new Error("Token endpoint is not available after loading configuration.");return[2,this._tokenEndpoint];case 4:throw e=o.sent(),Q.sendExceptionEvent(p,null!==(t=e.message)&&void 0!==t?t:e),new Error("Unable to retrieve token endpoint: ".concat(null!==(n=e.message)&&void 0!==n?n:e));case 5:return[2]}})})},e.prototype.RetrieveUserInfoEndpoint=function(){return a(this,void 0,void 0,function(){var e,t,n;return u(this,function(o){switch(o.label){case 0:Q.sendMethodEvent(v),o.label=1;case 1:return o.trys.push([1,4,,5]),this._userInfoEndpoint?[3,3]:[4,this._loadConfiguration()];case 2:o.sent(),o.label=3;case 3:if(!this._userInfoEndpoint)throw new Error("User info endpoint is not available after loading configuration.");return[2,this._userInfoEndpoint];case 4:throw e=o.sent(),Q.sendExceptionEvent(v,null!==(t=e.message)&&void 0!==t?t:e),new Error("Unable to retrieve user info endpoint: ".concat(null!==(n=e.message)&&void 0!==n?n:e));case 5:return[2]}})})},e.prototype.RetrieveTokenRevocationEndpoint=function(){return a(this,void 0,void 0,function(){var e,t,n;return u(this,function(o){switch(o.label){case 0:Q.sendMethodEvent(f),o.label=1;case 1:return o.trys.push([1,4,,5]),this._tokenRevocationEndpoint?[3,3]:[4,this._loadConfiguration()];case 2:o.sent(),o.label=3;case 3:if(!this._tokenRevocationEndpoint)throw new Error("Token revocation endpoint is not available after loading configuration.");return[2,this._tokenRevocationEndpoint];case 4:throw e=o.sent(),Q.sendExceptionEvent(f,null!==(t=e.message)&&void 0!==t?t:e),new Error("Unable to retrieve token revocation endpoint: ".concat(null!==(n=e.message)&&void 0!==n?n:e));case 5:return[2]}})})},e.prototype.RetrieveEndSessionEndpoint=function(){return a(this,void 0,void 0,function(){var e,t,n;return u(this,function(o){switch(o.label){case 0:Q.sendMethodEvent(_),o.label=1;case 1:return o.trys.push([1,4,,5]),this._endSessionEndpoint?[3,3]:[4,this._loadConfiguration()];case 2:o.sent(),o.label=3;case 3:if(!this._endSessionEndpoint)throw new Error("End session endpoint is not available after loading configuration.");return[2,this._endSessionEndpoint];case 4:throw e=o.sent(),Q.sendExceptionEvent(_,null!==(t=e.message)&&void 0!==t?t:e),new Error("Unable to retrieve end session endpoint: ".concat(null!==(n=e.message)&&void 0!==n?n:e));case 5:return[2]}})})},e.prototype.RetrieveJSONWebKeySetEndpoint=function(){return a(this,void 0,void 0,function(){var e,t,n;return u(this,function(o){switch(o.label){case 0:Q.sendMethodEvent(E),o.label=1;case 1:return o.trys.push([1,4,,5]),this._jwksEndpoint?[3,3]:[4,this._loadConfiguration()];case 2:o.sent(),o.label=3;case 3:if(!this._jwksEndpoint)throw new Error("JSON Web Key Set endpoint is not available after loading configuration.");return[2,this._jwksEndpoint];case 4:throw e=o.sent(),Q.sendExceptionEvent(E,null!==(t=e.message)&&void 0!==t?t:e),new Error("Unable to retrieve JSON Web Key Set endpoint: ".concat(null!==(n=e.message)&&void 0!==n?n:e));case 5:return[2]}})})},e.prototype._loadConfiguration=function(){return a(this,void 0,void 0,function(){var e;return u(this,function(t){switch(t.label){case 0:return[4,(new B).httpGetJSON(this._configurationEndpoint)];case 1:return e=t.sent(),this._authorizationEndpoint=e.authorization_endpoint,this._tokenEndpoint=e.token_endpoint,this._userInfoEndpoint=e.userinfo_endpoint,this._jwksEndpoint=e.jwks_uri,e.revocation_endpoint?this._tokenRevocationEndpoint=e.revocation_endpoint:this._tokenRevocationEndpoint=this._tokenRevocationEndpoint||new URL(this._configurationEndpoint).origin+"/revoke",e.end_session_endpoint?this._endSessionEndpoint=e.end_session_endpoint:this._endSessionEndpoint=new URL(this._configurationEndpoint).origin+"/i/commonauth",[2]}})})},e}(),ce=function(){function e(e){this._keysetProvider=e,this._keyset=null,this._clockSkewInSeconds=300,this._tokenValidationRequired=!0,Q.sendInitEvent(J)}return e.prototype.WithClockSkew=function(e){return this._clockSkewInSeconds=e,this},e.prototype.WithTokenValidation=function(e){return this._tokenValidationRequired=e,this},e.prototype.RetrieveClaimset=function(e){return a(this,void 0,void 0,function(){var t,n,o,i,r,s;return u(this,function(c){switch(c.label){case 0:Q.sendMethodEvent(C),c.label=1;case 1:if(c.trys.push([1,3,,4]),3!==(t=e.split(".")).length)throw new Error("Invalid JWT format: must have exactly 3 parts (header.payload.signature)");return n=q.jws.JWS.readSafeJSONString(F(t[0])),[4,this._findMatchingKey(n.kid)];case 2:if(o=c.sent(),this._tokenValidationRequired){if(this._clockSkewInSeconds<0)throw new Error("ClockSkew is less than 0");if(!this._validateToken(e,o,this._clockSkewInSeconds))throw new Error("Unable to validate token")}return[2,q.jws.JWS.readSafeJSONString(F(t[1]))];case 3:throw i=c.sent(),Q.sendExceptionEvent(C,null!==(r=i.message)&&void 0!==r?r:i),new Error("Unable to retrieve claimset: ".concat(null!==(s=i.message)&&void 0!==s?s:i));case 4:return[2]}})})},e.prototype._retrieveKeyset=function(){return a(this,void 0,void 0,function(){var e;return u(this,function(t){switch(t.label){case 0:return null==this._keyset?[3,1]:[2,this._keyset];case 1:return e=this,[4,this._keysetProvider.RetrieveKeyset()];case 2:return e._keyset=t.sent(),[2,this._keyset]}})})},e.prototype._findMatchingKey=function(e){return a(this,void 0,void 0,function(){var t,n,o;return u(this,function(i){switch(i.label){case 0:return[4,this._retrieveKeyset()];case 1:return t=i.sent(),void 0===(n=t.find(function(t){return t.kid===e}))?[3,2]:[2,n];case 2:return this._keyset=null,[4,this._retrieveKeyset()];case 3:if(o=i.sent(),void 0!==(n=o.find(function(t){return t.kid===e})))return[2,n];throw new Error("No key matching token KID in keyset");case 4:return[2]}})})},e.prototype._validateToken=function(e,t,n){var o=H.getKey(t);return q.jws.JWS.verifyJWT(e,o,{alg:["RS256"],gracePeriod:n})},e}(),ae=function(){function e(e){this._endpointProvider=e,Q.sendInitEvent(W)}return e.prototype.RetrieveKeyset=function(){return a(this,void 0,void 0,function(){var e,t,n,o;return u(this,function(i){switch(i.label){case 0:Q.sendMethodEvent(x),i.label=1;case 1:return i.trys.push([1,4,,5]),[4,this._endpointProvider.RetrieveJSONWebKeySetEndpoint()];case 2:return e=i.sent(),[4,(new B).httpGetJSON(e)];case 3:return[2,i.sent().keys];case 4:throw t=i.sent(),Q.sendExceptionEvent(x,null!==(n=t.message)&&void 0!==n?n:t),new Error("Failed to retrieve JSON web key set: ".concat(null!==(o=t.message)&&void 0!==o?o:t));case 5:return[2]}})})},e}(),ue=function(){function e(e){this._keyset=e,Q.sendInitEvent(j)}return e.prototype.RetrieveKeyset=function(){return a(this,void 0,void 0,function(){var e,t;return u(this,function(n){try{return Q.sendMethodEvent(x),[2,this._keyset]}catch(n){throw Q.sendExceptionEvent(x,null!==(e=n.message)&&void 0!==e?e:n),new Error("Unable to retrieve keyset: ".concat(null!==(t=n.message)&&void 0!==t?t:n))}return[2]})})},e}();exports.AnalyticsHttpClient=Q,exports.AuthorizationCodeGrantTokenProvider=ee,exports.BearerTokenHttpClientProvider=oe,exports.ClientCredentialTokenProvider=Z,exports.FixedEndpointProvider=re,exports.FixedKeysetProvider=ue,exports.FixedTokenProvider=te,exports.HttpClient=B,exports.OnBehalfGrantTokenProvider=ne,exports.OpenIdEndpointProvider=se,exports.OpenIdKeysetProvider=ae,exports.RefreshableTokenProvider=$,exports.SimpleHttpClientProvider=ie,exports.ValidatedClaimsetProvider=ce;