UNPKG

oidc-lib

Version:

A library for creating OIDC Service Providers

github.com/kimcameron/oidc-lib

kimcameron/oidc-lib

2 lines (1 loc) • 19.7 kB

JavaScript

!function e(t,n,a){function r(o,s){if(!n[o]){if(!t[o]){var l="function"==typeof require&&require;if(!s&&l)return l(o,!0);if(i)return i(o,!0);var c=new Error("Cannot find module '"+o+"'");throw c.code="MODULE_NOT_FOUND",c}var d=n[o]={exports:{}};t[o][0].call(d.exports,(function(e){return r(t[o][1][e]||e)}),d,d.exports,e,t,n,a)}return n[o].exports}for(var i="function"==typeof require&&require,o=0;o<a.length;o++)r(a[o]);return r}({1:[function(e,t,n){t.exports={email:{input:"fieldset",content:{email:{label:"Email address",input:"email"},email_verified:{label:"Verified",input:"radio",values:["true","false"],default:"false",editable:!1}}},phone:{input:"fieldset",content:{phone_number:{label:"Phone",input:"text"},phone_number_verified:{input:"radio",label:"Verified",values:["true","false"],default:"false",editable:!1}}},address:{input:"fieldset",legend:"Postal Address",object:"address",content:{street_address:{label:"Address",input:"text"},street_address_1:{label:"Apt or Unit",input:"text"},locality:{label:"City",input:"text"},region:{label:"State",input:"text"},postal_code:{label:"Zip",input:"text"},country:{label:"Country",input:"text"},address:{input:"object",note:'contains all claims with object of "address"'}}},profile:{input:"fieldset",legend:"Profile",content:{name:{label:"Name",input:"text"},given_name:{label:"First Name",input:"text"},family_name:{label:"Family Name",input:"text"},middle_name:{label:"Middle Name",input:"text"},nickname:{label:"Nickname",input:"text"},preferred_username:{label:"Username",input:"text"},profile:{label:"Profile",input:"text"},picture:{label:"Picture",input:"photo"},website:{label:"Web Site",input:"text"},gender:{label:"Gender",input:"radio",values:["male","female","alternative"],default:"female"},birthdate:{label:"Date of Birth",input:"text",template:"YYYY-MM-DD"},zoneinfo:{label:"Zone Info",input:"text"},locale:{label:"Locale",input:"text"},updated_at:{input:"text",format:"date"}}}}},{}],2:[function(e,t,n){function a(e,t){var n;for(var r in t)"fieldset"===(n=t[r]).input?a(e,n.content):e[r]=n}function r(e,t,n){var a,d,u,p,_,f="";for(var m in e){var v="",g=e[m];if(void 0!==t[m]||"suppress!"!==g.default){switch(g.input){case"text":case"email":d=c(g,m),v=void 0===g.type||"string"===g.type?d+'<input type="text" id="'+m+'" name="'+m+'" class="form-control"/>\r\n':d+'<textarea rows="2" cols="60" wrap="hard" id="'+m+'" name="'+m+'" style="height: auto;"></textarea>\r\n',v+="</div>";break;case"radio":i(m,g);var b="radio_"+m;v=(d=c(g,b))+'<div id="'+b+'">';for(var h=0;h<g.values.length;h++)v+='<label class="radio-inline"><input type="radio" name="'+m+'" id="'+(_=m+"_"+(p=g.values[h]))+'" />'+p+"</label>";v+="</div></div>";break;case"select":i(m,g),v=(a=o(g,m))+'<select id="'+m+'" name="'+m+'" >\r\n';for(h=0;h<g.values.length;h++)v+='<option value="'+(p=g.values[h])+'">'+p+"</option>\r\n";v+="</select>\r\n";break;case"checkboxes":i(m,g),v=(u=s(g,m))+'<div class="form-group form-check">\r\n';for(h=0;h<g.values.length;h++)v+='<label class="form-check-label"><input class="form-check-input" id="'+(_=m+"_"+(p=g.values[h]))+'" name="'+m+'" type="checkbox">'+p+"</label>\r\n";v+=l(u);break;case"checkbox":v='<label class="form-check-label"><input class="form-check-input" id="'+m+'" name="'+m+'" type="checkbox">'+(a=o(g,m))+"</label>\r\n";break;case"boolean":u=s(g,m);var k=["true","false"];for(h=0;h<k.length;h++)v+='<input type="radio" name="'+m+'" id="'+(_=m+"_"+(p=k[h]))+'" />\r\n<label for="'+_+'" class="inline">'+p+"  </label>\r\n";v+=l(u);break;case"fieldset":if(void 0!==n&&void 0!==g.scope&&n.indexOf(g.scope)<0){v="";break}(v=r(g.content,t)).length>0&&void 0!==g.legend&&(v=(u=s(g,m))+v+l(u));break;case"button":a="Submit",void 0!==g.label&&(a=g.label),v='<div class="col_3"><input type="button" value="'+a+'" onclick="'+g.method+'" /></div>\r\n';break;case"hidden":v='<input type="hidden" id="'+m+'" name="'+m+'"/>'}f+=v}}return f}function i(e,t){if(void 0===t.values)throw alert("formTemplate "+t.input+' "values" for "'+e+'" is not defined'),"error: values missing"}function o(e,t){var n=t;void 0!==e.label&&(n=e.label);var a="";return void 0!==e.label_class&&(a=' class="'+e.label_class+'"'),'<label for="'+t+'"'+a+">"+n+"</label>\r\n"}function s(e,t){var n="";return void 0!==e.legend&&(n='<div class="panel panel-default">\r\n<div class="panel-heading">'+e.legend+'</div>\r\n<div class="panel-body">'),n}function l(e){var t="";return""!==e&&(t="</div>\r\n</div>\r\n"),t}function c(e,t){return'<div class="form-group">'+o(e,t)}function d(e){var t=document.getElementById("warning_text"),n=document.getElementById("warning_div");void 0!==t&&(t.innerHTML=""),void 0!==n&&(n.style.visibility="hidden")}t.exports={loadFormValues:function e(t,n){for(var a in d(),t){var r,i=t[a],o="",s="";if(void 0===n[a]){if("suppress!"===i.default)continue;void 0!==i.default&&(o=i.default)}else o=n[a];if(void 0!==o)switch(i.input){case"text":if(r=document.getElementById(a),"string"==typeof o)r.value=o;else if(Array.isArray(o)){if(void 0===o.length)continue;var l=" ";"array"===i.type&&(l="\n");for(var c="",u="",p=0;p<o.length;p++){var _=o[p].trim();_.length>0&&(c+=u+_,u=l)}r.value=c}else r.value=JSON.stringify(o);break;case"select":(r=document.getElementById(a)).value=o;break;case"boolean":case"radio":o&&(s=a+"_"+o,(r=document.getElementById(s)).checked=!0);break;case"checkboxes":if(o&&o.length>0)for(p=0;p<o.length;p++)s=a+"_"+o[p],(r=document.getElementById(s)).checked=!0;break;case"checkbox":o&&((r=document.getElementById(a)).checked=!0);break;case"fieldset":e(i.content,n);break;case"hidden":(r=document.getElementById(a)).value=o}}},formToJson:function(e,t){var n={};a(n,t);for(var r=document.getElementById(e),i=r.getElementsByTagName("input"),o=r.getElementsByTagName("textarea"),s=r.getElementsByTagName("select"),l={},c=0;c<i.length;c++){var d=i[c],u=d.name;if(void 0!==(f=n[u]))switch(d.type){case"hidden":case"text":case"select":0!==d.value.length&&(l[u]=d.value);break;case"boolean":case"radio":if(d.checked){var p=u+"_";value=d.id.substring(p.length),l[u]=value}break;case"checkbox":if(d.checked){p=u+"_";d.id.startsWith(p)?(void 0===l[u]&&(l[u]=[]),value=d.id.substring(p.length),l[u].push(value)):l[u]=!0}}}for(c=0;c<s.length;c++){var _=s[c];u=_.name;void 0!==(f=n[u])&&(0!==_.value.length&&(l[u]=_.value))}for(c=0;c<o.length;c++){var f,m=o[c];u=m.name;if(void 0!==(f=n[u])&&0!==m.value.length)if("array"===f.type){for(var v=[],g=m.value.split("\n"),b=0;b<g.length;b++)0!==g[b].length&&v.push(g[b]);l[u]=v}else l[u]=m.value}return l},createInputDiv:function(e,t,n,a){form_html=r(t,n),document.getElementById(e).innerHTML=form_html},displayError:function(e){var t=document.getElementById("warning_text"),n=document.getElementById("warning_div");void 0!==t&&(t.innerHTML=e);void 0!==n&&(n.style.visibility="visible")},clearError:d,postJsonData:function(e,t,n){var a=new XMLHttpRequest;e.url;if(a.open(e.method,e.url,!0),void 0!==e.headers)for(var r=0;r<e.headers.length;r++){var i=e.headers[r];a.setRequestHeader(i.name,i.value)}a.onreadystatechange=function(){if(4===a.readyState&&200===a.status){var e=JSON.parse(a.responseText);n(e)}};var o=JSON.stringify(t);a.send(o)}}},{}],3:[function(e,t,n){const a="\\wallet\\views\\";t.exports={registerEndpoints:function(e){r=a,(i=e).app.post("/wallet/auth_useragent_response",(function(e,t){processAuthUserAgentResponse(i,e,t)})),i.app.post("/wallet/consent_useragent_response",(function(e,t){!async function(e,t,n){e.util.log_debug("--- WALLET: PROCESS CONSENT USER AGENT RESPONSE ---");var a=t.body;e.util.log_detail("params",a);var r=e.ptools.getPersona("kind","natural").data.options;if(r.startup_pin&&r.startup_pin!==a.holder_credential)return void e.pmanager.managerNotification("Invalid Wallet PIN","alert-danger",!0);var i=JSON.parse(e.base64url.decode(a.content_module_state));if(a.error)i.error=a.error;else{i.scope_claim_map=a.scope_claim_map;for(var o=e.base64url.decode(a.scope_info),s=JSON.parse(o),l=0;l<a.scopes_and_creds.length;l++){var c=a.scopes_and_creds[l];s.scopeArray.includes(c)||s.scopeArray.push(c)}if(!1===a.accepted){var d=s.scopeArray.indexOf("openid");d>-1&&s.scopeArray.splice(d,1)}void 0!==a.currentPersona&&(s.currentPersona=a.currentPersona),void 0!==a.credentialIssuerId&&(s.credentialIssuerId=a.credentialIssuerId),a.claims.sub=s.currentPersona,i.newIdTokenContent=a.claims,i.consentInfo=s}e.sts.applyConsentResponse(n,a.encoded_sts_state_bundle,i)}(i,e,t)})),i.app.post("/wallet/process_ajax_request",(function(e,t){!function(e,t,n){e.util.log_debug("--- WALLET: PROCESS AJAX REQUEST ---");var a=t.body;if(e.util.log_detail("params",a),!0!==l(n,a.startup_identifier,a.startup_pin))return;switch(a.op){case"check_credentials":!function(e){var t={kind:"submit"};e.json(t)}(n);break;default:d(n,"unknown_op",a.op)}}(i,e,t)})),i.app.get("/wallet/manager",(function(e,t){i.pmanager.manager(i,e,t)})),i.app.get("/wallet/oauth_error",(function(e,t){i.pmanager.oauth_error(i,e,t)})),i.app.get("/wallet/pickup_uri",(function(e,t){!function(e,t,n){var a=t.query.pickup_uri;if(!a)return n.statusCode=400,void n.end();var r=e.util.operator_profile.wallet_config_group.credential_pickup,i="";if(r)for(var o in r)if(a.startsWith(o)){i=r[o];break}if(!i)return n.statusCode=400,void n.end();var s=t.originalUrl.indexOf("pickup_uri=");a=t.originalUrl.substr(s+11),a=encodeURIComponent(a);var l=e.sts.selfIssuedIssuerIdentifier(),c={id_token:{shc:{value:a}}},d=JSON.stringify(c),u=l+"?req_cred="+i+"&claims="+d+"&next_step="+l+"%3Fpage%3Dpersonas";window.location=u}(i,e,t)})),i.app.get("/wallet/entry_point",(function(e,t){return async function(e,t,n){if(t.query.iss&&t.query.login_hint)return async function(e,t,n){try{var a,r,i="Error getting oidc_initiate_login params",o=t.query.iss,s=t.query.login_hint;if(!a){i="Error getting credential issuer metadata";var l=await e.token.requestOPMetadata(o);i="Unable to parse credential_issuer metadata";var c=JSON.parse(l).registration_endpoint;if(!c)throw i="Unable to retrieve credential_issuer registration endpoint","No registration endpoint";var d={url:c,method:"POST",parseJsonResponse:!0,headers:[{name:"Accept",value:"application/json"},{name:"Content-type",value:"application/json"}],postData:{redirect_uris:[e.sts.selfIssuedIssuerIdentifier()]}};(r=await e.util.jsonHttpData(d)).pkce=await e.simple_crypto.createB64Code(48)}var p=await e.ptools.locate_or_add_credential_persona(o,r);if(!p)throw"no persona_id located or added in create_persona_with_credential";await u(p,s,o)}catch(e){console.log("ERROR in oidc_initiate_login - "+i,e)}}(e,t)}(i,e)})),i.app.get("/wallet/oauth_error",(function(e,t){i.pmanager.oauth_error(i,e,t)}))},invokeAuthUserAgent:function(e,t,n,a){i.util.log_debug("--- WALLET: INVOKE AUTH USERAGENT ---");return i.util.log_debug("WARNING: login_hint has been disabled..."),void i.sts.applyAuthResponse(t,a,{})},invokeConsentUserAgent:async function(e,t,n,a,o){if(i.util.log_debug("--- WALLET: INVOKE CONSENT USERAGENT ---"),await s(e,t,a,o))return;var l="clms_0",c="clms_0";if(null!==n){l="clms_1";var d=n.client_uri;void 0===d&&(d=n.redirect_uri);var u=n.client_name;void 0===u&&(u=d);var p=n.company_logo;void 0===p&&(p="https://undefined.logo.uri");var _,f=!1,m=i.util.url(n.redirect_uri);void 0!==n.client_uri&&(_=i.util.url(n.client_uri)),void 0!==_&&_.hostname===m.hostname||(d=n.redirect_uri,f=!0)}var v=JSON.stringify(t),g=i.base64url.encode(v),b=o.consentInfo;void 0===b&&(b={});var h=JSON.stringify(b),k=i.base64url.encode(h),y=i.ptools.getPersona("kind","natural").data.options,w=y.startup_identifier?"clms_1":"clms_0",E=y.startup_pin?"clms_1":"clms_0";f&&(c="clms_1");var I=i.base64url.encode(JSON.stringify(o));e.render(r+"get_consent",{title:"Getting Consent",client_name:u,client_uri:d,client_redirect_uri:n.redirect_uri,cardset_blurb:"Select an ID",company_logo:p,danger:c,client_info_class:l,identifier_class:w,pin_class:E,scope_info:g,consent_info:k,content_module_state:I,encoded_sts_state_bundle:a})},generateUserinfo:function(e,t,n,a){i.util.log_debug("--- WALLET: GENERATE USERINFO ---"),i.util.log_debug("Generating userInfo in wallet\r\n"),i.util.log_detail("sub",a.sub);c(a.sub);i.sts.submitUserinfoResponse(e,"wallet",t,n,content_module_state.consentInfo.tokenContent)},processVerifiedIdToken:function(e,t,n){if(i.util.log_debug("--- WALLET: PROCESS VERIFIED ID TOKEN ---"),!1===c(t.sub))return;content_module_state={},content_module_state.sub=t.sub,i.sts.sendAuthResponse(e,n,content_module_state)},token_presentation_options:async function(e){switch(e.option){case"share_consented_claims":return i.ptools.getPersona("natural").data.options.share_consented_claims;case"tokenSigningKey":return await async function(e){try{var t=e.sub;if(void 0===t)throw"tokenSigningKey requested but no sub specified";return(await i.key_management.loadSingleKey({dictionary:{did:t}})).keyObject}catch(e){throw e}}(e);case"imposeFormPostResponseMode":case"vcFormat":if(!e.value)return o[e.option];o[e.option]=e.value}},setConsentMode:function(e){if(e){var t=document.getElementById("content_module_state").value,n=JSON.parse(i.base64url.decode(t));if(n.login_hint){var a=i.ptools.getPersona("id",n.login_hint);if(a&&"credential"===a.kind)return void i.ptools.output_card(!0)}}i.util.setElementVisibility("new_consent",!e),i.util.setElementVisibility("existing_consent",e)},VIEWPATH:a};var r=null,i=null,o={imposeFormPostResponseMode:!1,vcFormat:"verifiablePresentation"};async function s(e,t,n,a){var r,o=i.ptools.getPersona("natural").data.options;if(!a.explicitConsent&&o.share_consented_claims&&a.consentInfo&&a.consentInfo.idTokenContent&&i.sts.isScopeConsented(a)){var s=a.consentInfo.credentialIssuerId;r=i.ptools.getPersona("id",s)}if(!r)return!1;var l=a.consentInfo.idTokenContent;a.consentInfo=t,a.consentInfo.currentPersona=a.sub;var c={sub:a.sub},d=await i.token.retrieveVerifiableCredential(r,c);if(r.vc_constants&&d)if("verifiablePresentation"===await i.feature_modules.wallet.code.token_presentation_options({option:"vcFormat"})){var u={"@options":r.vc_constants["@options"],type:["VerifiablePresentation"],verifiableCredential:[d.JWT]};l.vp=u}else{l._claim_names={},l._claim_sources={};var p=r.vc_constants.type[r.vc_constants.type.length-1];l._claim_names[p]="vc1",l._claim_sources.vc1=d}a.scope_claim_map=r.scope_claim_map;for(var _=0;_<r.scopes_and_creds.length;_++){var f=r.scopes_and_creds[_];a.consentInfo.scopeArray.includes(f)||a.consentInfo.scopeArray.push(f)}return a.consentInfo.credentialIssuerId=r.id,l.sub=a.consentInfo.currentPersona,a.newIdTokenContent=l,i.sts.applyConsentResponse(e,n,a),!0}function l(e,t,n){var a=i.ptools.getPersona("kind","natural").options;if(a.startup_identifier){if(!t)return d(e,"invalid_authorization_parameters");if(t=t.toLowerCase(),a.startup_identifier.toLowerCase()!==t)return d(e,"incorrect startup id")}if(a.startup_pin){if(!n)return d(e,"invalid_authorization_parameters");if(a.startup_pin!==n)return i.util.log_detail("startup id entered",t),i.util.log_detail("startup pin entered",n),d(e,"invalid_pin")}return!0}function c(e){for(var t in userAccounts)if(userAccounts[t].sub===e)return userAccounts[t]}function d(e,t,n){i.util.log_detail("SENDING AJAX ERROR",t);var a={kind:"error",detail:{error:t,error_description:n}};return e.json(a),!1}async function u(e,t,n,a,r){try{error_message="Unable to connect to the credential_issuer";var o=await i.token.requestOPMetadata(n);error_message="Unable to parse credential_issuer metadata";var s=JSON.parse(o);if(error_message="Error getting or creating credential_issuer claims",!await async function(e,t){try{var n=t,a=await i.dbs.wallet.provider.getDocument(i.dbs.wallet,"credential_issuer_claims",n)}catch(n){var r={issuer:e,id:t};a=await i.dbs.wallet.provider.createOrUpdateDocument(i.dbs.wallet,"credential_issuer_claims",r)}return a}(n,e))throw alert("Error populating credential_issuer object"),"no credential_issuer claims in request_credential";var l=s.authorization_endpoint,c=i.sts.selfIssuedIssuerIdentifier(),d=await i.simple_crypto.randomString(),u={nonce:d,persona_id:e};i.nonceCache.set("cred_request_nonce_info",JSON.stringify(u));"code";var p={tok_ept:s.token_endpoint,cred_ept:s.credential_endpoint,sub:e};a&&(p.next_step=a);var _=i.util.createParameterString(p).substring(1),f=i.ptools.getPersona("id",e),m={client_id:f.client_id,redirect_uri:c,response_type:"code",nonce:d,state:_,scope:"openid openid_credential",login_hint:t,code_challenge:await i.simple_crypto.digestSha256(f.data.pkce),code_challenge_method:"S256"};r&&(m.claims=r);var v=i.util.createParameterString(m);window.location=l+v}catch(e){error_message;error_message?i.pmanager.managerNotification(error_message,"alert-warning",!0):i.pmanager.managerNotification(removeNotification)}}},{}],4:[function(e,t,n){var a=!1;window.claimerClientLib;var r={key_management:pk.key_management,sts:pk.sts,token:pk.token,pmanager:pk.pmanager,serialize64:pk.serialize64},i=pk.util.createDbScaffold(),o=e("../wallet/jsonForm"),s={wallet:{code:e("../wallet/wallet")}},l={"./wallet/data/scope_claim_map":e("../wallet/data/scope_claim_map_auto")},c=(e("../wallet/data/scope_claim_map_auto"),{});for(var d in pk.util.config.content_modules){pk.app.registerCookie(pk.sts.cookie_identifier+d);var u=["code","id_token","id_token token","code id_token","code token","code id_token token"];void 0!==pk.util.config.content_modules[d].responseTypes&&(u=pk.util.config.content_modules[d].responseTypes),c[d]=u}function p(t,n){var a=feature_modules[t].code;if(void 0===a.invokeConsentUserAgent)return null;var r,i="./claimer_content/"+t+"/data/"+n;try{if(r="undefined"==typeof window?e(i):l[i],void 0!==a.registerModuleScope){var o=a.registerModuleScope();for(var s in o)r[s]=o[s]}}catch(e){e.code,pk.util.log_debug("*** Warning: content module "+t+" contains an error defining "+n+" at "+i+".js... ")}return r}pk.feature_modules=s,pk.dbs={},pk.util.content_module_response_types=c,pk.util.content_module_signing_key=pk.key_management.contentModuleSigningKey,pk.util.jsonForm=o,null===navigator.serviceWorker.controller?pk.util.log_debug("[Main] Controller not yet present."):(pk.util.log_debug("[Main] Controller exists."),async function(){if(a)return;a=!0;var e="";try{if(!("indexedDB"in window))throw"This browser doesn't support IndexedDB";for(var t in e="Error initializing databases",dbResult=await function(e){var t=[];return new Promise(((n,a)=>{for(var r in e){var i=e[r];if(void 0!==i){var o=i.initialize(pk,r,i);t.push(o)}}Promise.all(t).then((e=>{for(var t=0;t<e.length;t++){var a=e[t];pk.dbs[a.contentModuleName]=a}n(!0)}),(e=>{a("error with initializeDatabase promises: "+e)}))}))}(i),pk.dbs)"sts"!==t.contentModuleName&&(t.flockMembership=pk.dbs.sts.flockMembership);var n={};for(var o in pk.feature_modules)try{pk.feature_modules[o].code.registerEndpoints(pk),n[o]=p(o,"scope_claim_map")}catch(e){claimer_config.logging>1?(console.error(chalk.red("Unable to register Endpoints for content module "+o)),console.error(e)):(console.error(chalk.red("Unable to register Endpoints for content module "+o)),console.error(chalk.red(e.message)))}for(var s in pk.util.content_scope_claim_maps=n,r)r[s].registerEndpoints(pk);e="Error initializing Personas";await pk.ptools.initializePersonas(!1);e="Error loading or creating keys",await pk.key_management.loadOrCreateKeys();var l=window.location.pathname.replace(/\/|\.|\-/g,"_");e="Error attempting to invoke startup function '"+l+"' in your script. ",this[l]()}catch(t){console.log("[Main] *******************************"),console.log(e+t),console.log("[Main] *******************************")}}())},{"../wallet/data/scope_claim_map_auto":1,"../wallet/jsonForm":2,"../wallet/wallet":3}]},{},[4]);