angular-auth-oidc-client - npm Package Compare versions

Comparing version 10.0.14 to 10.0.15

bundles/angular-auth-oidc-client.umd.min.js

@@ -1,2 +0,2 @@
-!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports,require("@angular/common"),require("jsrsasign-reduced"),require("@angular/common/http"),require("@angular/router"),require("rxjs"),require("rxjs/operators"),require("@angular/core"),require("common-tags")):"function"==typeof define&&define.amd?define("angular-auth-oidc-client",["exports","@angular/common","jsrsasign-reduced","@angular/common/http","@angular/router","rxjs","rxjs/operators","@angular/core","common-tags"],t):t(e["angular-auth-oidc-client"]={},e.ng.common,e["jsrsasign-reduced"],e.ng.common.http,e.ng.router,e.rxjs,e.rxjs.operators,e.ng.core,e["common-tags"])}(this,function(e,t,C,l,o,p,v,i,a){"use strict";function n(){this.keys=[]}function r(){this.kty="",this.use="",this.kid="",this.x5t="",this.e="",this.n="",this.x5c=[]}var u=function ce(e,t,o){void 0===o&&(o=!1),this.authorizationState=e,this.validationResult=t,this.isRenewProcess=o},c={authorized:"authorized",forbidden:"forbidden",unauthorized:"unauthorized"},d={NotSet:"NotSet",StatesDoNotMatch:"StatesDoNotMatch",SignatureFailed:"SignatureFailed",IncorrectNonce:"IncorrectNonce",RequiredPropertyMissing:"RequiredPropertyMissing",MaxOffsetExpired:"MaxOffsetExpired",IssDoesNotMatchIssuer:"IssDoesNotMatchIssuer",NoAuthWellKnownEndPoints:"NoAuthWellKnownEndPoints",IncorrectAud:"IncorrectAud",TokenExpired:"TokenExpired",IncorrectAtHash:"IncorrectAtHash",Ok:"Ok",LoginRequired:"LoginRequired",SecureTokenServerError:"SecureTokenServerError"},s=function de(e,t,o,i,n){void 0===e&&(e=""),void 0===t&&(t=""),void 0===o&&(o=!1),void 0===i&&(i={}),void 0===n&&(n=d.NotSet),this.access_token=e,this.id_token=t,this.authResponseIsValid=o,this.decoded_id_token=i,this.state=n},g=(h.prototype.getWellknownEndpoints=function(e){var t=new l.HttpHeaders;return t=t.set("Accept","application/json"),this.httpClient.get(e,{headers:t})},h.prototype.getIdentityUserData=function(e,t){var o=new l.HttpHeaders;return o=(o=o.set("Accept","application/json")).set("Authorization","Bearer "+decodeURIComponent(t)),this.httpClient.get(e,{headers:o})},h.prototype.get=function(e){var t=new l.HttpHeaders;return t=t.set("Accept","application/json"),this.httpClient.get(e,{headers:t})},h.decorators=[{type:i.Injectable}],h.ctorParameters=function(){return[{type:l.HttpClient}]},h);function h(e){this.httpClient=e}var f=function(){return(f=Object.assign||function(e){for(var t,o=1,i=arguments.length;o<i;o++)for(var n in t=arguments[o])Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n]);return e}).apply(this,arguments)};function b(e){var t="function"==typeof Symbol&&e[Symbol.iterator],o=0;return t?t.call(e):{next:function(){return e&&o>=e.length&&(e=void 0),{value:e&&e[o++],done:!e}}}}function S(e,t){var o="function"==typeof Symbol&&e[Symbol.iterator];if(!o)return e;var i,n,r=o.call(e),s=[];try{for(;(void 0===t||0<t--)&&!(i=r.next()).done;)s.push(i.value)}catch(a){n={error:a}}finally{try{i&&!i.done&&(o=r["return"])&&o.call(r)}finally{if(n)throw n.error}}return s}function _(e,t){return Object.defineProperty?Object.defineProperty(e,"raw",{value:t}):e.raw=t,e}var y=(Object.defineProperty(m.prototype,"isBrowser",{get:function(){return t.isPlatformBrowser(this.platformId)},enumerable:!0,configurable:!0}),m.decorators=[{type:i.Injectable,args:[{providedIn:"root"}]}],m.ctorParameters=function(){return[{type:Object,decorators:[{type:i.Inject,args:[i.PLATFORM_ID]}]}]},m.ngInjectableDef=i.defineInjectable({factory:function(){return new m(i.inject(i.PLATFORM_ID))},token:m,providedIn:"root"}),m);function m(e){this.platformId=e}var k=(Object.defineProperty(w.prototype,"openIDConfiguration",{get:function(){return this.mergedOpenIdConfiguration},enumerable:!0,configurable:!0}),Object.defineProperty(w.prototype,"wellKnownEndpoints",{get:function(){return this.authWellKnownEndpoints},enumerable:!0,configurable:!0}),Object.defineProperty(w.prototype,"onConfigurationChange",{get:function(){return this.onConfigurationChangeInternal.asObservable()},enumerable:!0,configurable:!0}),w.prototype.setup=function(e,t){this.mergedOpenIdConfiguration=f({},this.mergedOpenIdConfiguration,e),this.setSpecialCases(this.mergedOpenIdConfiguration),this.authWellKnownEndpoints=f({},t),this.onConfigurationChangeInternal.next(f({},this.mergedOpenIdConfiguration))},w.prototype.setSpecialCases=function(e){this.platformProvider.isBrowser||(e.start_checksession=!1,e.silent_renew=!1,e.use_refresh_token=!1)},w.decorators=[{type:i.Injectable,args:[{providedIn:"root"}]}],w.ctorParameters=function(){return[{type:y}]},w.ngInjectableDef=i.defineInjectable({factory:function(){return new w(i.inject(y))},token:w,providedIn:"root"}),w);function w(e){this.platformProvider=e,this.DEFAULT_CONFIG={stsServer:"https://please_set",redirect_url:"https://please_set",client_id:"please_set",response_type:"code",scope:"openid email profile",hd_param:"",post_logout_redirect_uri:"https://please_set",start_checksession:!1,silent_renew:!1,silent_renew_url:"https://please_set",silent_renew_offset_in_seconds:0,use_refresh_token:!1,ignore_nonce_after_refresh:!1,post_login_route:"/",forbidden_route:"/forbidden",unauthorized_route:"/unauthorized",auto_userinfo:!0,auto_clean_state_after_authentication:!0,trigger_authorization_result_event:!1,log_console_warning_active:!0,log_console_debug_active:!1,iss_validation_off:!1,history_cleanup_off:!1,max_id_token_iat_offset_allowed_in_seconds:3,isauthorizedrace_timeout_in_seconds:5,disable_iat_offset_validation:!1,storage:"undefined"!=typeof Storage?sessionStorage:null},this.INITIAL_AUTHWELLKNOWN={issuer:"",jwks_uri:"",authorization_endpoint:"",token_endpoint:"",userinfo_endpoint:"",end_session_endpoint:"",check_session_iframe:"",revocation_endpoint:"",introspection_endpoint:""},this.mergedOpenIdConfiguration=this.DEFAULT_CONFIG,this.authWellKnownEndpoints=this.INITIAL_AUTHWELLKNOWN,this.onConfigurationChangeInternal=new p.Subject}var I=(D.prototype.logError=function(e){for(var t=[],o=1;o<arguments.length;o++)t[o-1]=arguments[o];console.error.apply(console,function i(){for(var e=[],t=0;t<arguments.length;t++)e=e.concat(S(arguments[t]));return e}([e],t))},D.prototype.logWarning=function(e){this.configurationProvider.openIDConfiguration.log_console_warning_active&&console.warn(e)},D.prototype.logDebug=function(e){this.configurationProvider.openIDConfiguration.log_console_debug_active&&console.log(e)},D.decorators=[{type:i.Injectable}],D.ctorParameters=function(){return[{type:k}]},D);function D(e){this.configurationProvider=e}var P=(E.prototype.getExistingIFrame=function(e){var t=this.getIFrameFromParentWindow(e);if(this.isIFrameElement(t))return t;var o=this.getIFrameFromWindow(e);return this.isIFrameElement(o)?o:null},E.prototype.addIFrameToWindowBody=function(e){var t=window.document.createElement("iframe");return t.id=e,this.loggerService.logDebug(t),t.style.display="none",window.document.body.appendChild(t),t},E.prototype.getIFrameFromParentWindow=function(e){try{var t=window.parent.document.getElementById(e);return this.isIFrameElement(t)?t:null}catch(o){return null}},E.prototype.getIFrameFromWindow=function(e){var t=window.document.getElementById(e);return this.isIFrameElement(t)?t:null},E.prototype.isIFrameElement=function(e){return!!e&&e instanceof HTMLIFrameElement},E.decorators=[{type:i.Injectable}],E.ctorParameters=function(){return[{type:I}]},E);function E(e){this.loggerService=e}var R=(z.prototype.areEqual=function(e,t){if(!e||!t)return!1;if(this.bothValuesAreArrays(e,t))return this.arraysEqual(e,t);if(this.bothValuesAreStrings(e,t))return e===t;if(this.bothValuesAreObjects(e,t))return JSON.stringify(e).toLowerCase()===JSON.stringify(t).toLowerCase();if(this.oneValueIsStringAndTheOtherIsArray(e,t)){if(Array.isArray(e)&&this.valueIsString(t))return e[0]===t;if(Array.isArray(t)&&this.valueIsString(e))return t[0]===e}},z.prototype.oneValueIsStringAndTheOtherIsArray=function(e,t){return Array.isArray(e)&&this.valueIsString(t)||Array.isArray(t)&&this.valueIsString(e)},z.prototype.bothValuesAreObjects=function(e,t){return this.valueIsObject(e)&&this.valueIsObject(t)},z.prototype.bothValuesAreStrings=function(e,t){return this.valueIsString(e)&&this.valueIsString(t)},z.prototype.bothValuesAreArrays=function(e,t){return Array.isArray(e)&&Array.isArray(t)},z.prototype.valueIsString=function(e){return"string"==typeof e||e instanceof String},z.prototype.valueIsObject=function(e){return"object"==typeof e},z.prototype.arraysEqual=function(e,t){if(e.length!==t.length)return!1;for(var o=e.length;o--;)if(e[o]!==t[o])return!1;return!0},z.decorators=[{type:i.Injectable}],z);function z(){}var A=(T.prototype.getTokenExpirationDate=function(e){if(!e.hasOwnProperty("exp"))return new Date;var t=new Date(0);return t.setUTCSeconds(e.exp),t},T.prototype.getHeaderFromToken=function(e,t){return this.tokenIsValid(e)?this.getPartOfToken(e,0,t):{}},T.prototype.getPayloadFromToken=function(e,t){return this.tokenIsValid(e)?this.getPartOfToken(e,1,t):{}},T.prototype.getSignatureFromToken=function(e,t){return this.tokenIsValid(e)?this.getPartOfToken(e,2,t):{}},T.prototype.getPartOfToken=function(e,t,o){var i=this.extractPartOfToken(e,t);if(o)return i;var n=this.urlBase64Decode(i);return JSON.parse(n)},T.prototype.urlBase64Decode=function(e){var t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw Error("Illegal base64url string!")}var o="undefined"!=typeof window?window.atob(t):new Buffer(t,"base64").toString("binary");try{return decodeURIComponent(o.split("").map(function(e){return"%"+("00"+e.charCodeAt(0).toString(16)).slice(-2)}).join(""))}catch(i){return o}},T.prototype.tokenIsValid=function(e){return e?e.includes(".")?e.split(".").length===this.PARTS_OF_TOKEN||(this.loggerService.logError("token '"+e+"' is not valid --\x3e token has to have exactly "+this.PARTS_OF_TOKEN+" dots"),!1):(this.loggerService.logError("token '"+e+"' is not valid --\x3e no dots included"),!1):(this.loggerService.logError("token '"+e+"' is not valid --\x3e token falsy"),!1)},T.prototype.extractPartOfToken=function(e,t){return e.split(".")[t]},T.decorators=[{type:i.Injectable}],T.ctorParameters=function(){return[{type:I}]},T);function T(e){this.loggerService=e,this.PARTS_OF_TOKEN=3}var O=(x.decorators=[{type:i.Injectable}],x);function x(){}var j=(W.prototype.read=function(e){if(this.hasStorage)return JSON.parse(this.configProvider.openIDConfiguration.storage.getItem(e+"_"+this.configProvider.openIDConfiguration.client_id))},W.prototype.write=function(e,t){this.hasStorage&&(t=t===undefined?null:t,this.configProvider.openIDConfiguration.storage.setItem(e+"_"+this.configProvider.openIDConfiguration.client_id,JSON.stringify(t)))},W.decorators=[{type:i.Injectable}],W.ctorParameters=function(){return[{type:k}]},W);function W(e){this.configProvider=e,this.hasStorage="undefined"!=typeof Storage}var U=(Object.defineProperty(V.prototype,"authResult",{get:function(){return this.retrieve(this.storageAuthResult)},set:function(e){this.store(this.storageAuthResult,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"accessToken",{get:function(){return this.retrieve(this.storageAccessToken)||""},set:function(e){this.store(this.storageAccessToken,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"idToken",{get:function(){return this.retrieve(this.storageIdToken)||""},set:function(e){this.store(this.storageIdToken,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"isAuthorized",{get:function(){return this.retrieve(this.storageIsAuthorized)},set:function(e){this.store(this.storageIsAuthorized,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"userData",{get:function(){return this.retrieve(this.storageUserData)},set:function(e){this.store(this.storageUserData,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"authNonce",{get:function(){return this.retrieve(this.storageAuthNonce)||""},set:function(e){this.store(this.storageAuthNonce,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"code_verifier",{get:function(){return this.retrieve(this.storageCodeVerifier)||""},set:function(e){this.store(this.storageCodeVerifier,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"authStateControl",{get:function(){return this.retrieve(this.storageAuthStateControl)||""},set:function(e){this.store(this.storageAuthStateControl,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"sessionState",{get:function(){return this.retrieve(this.storageSessionState)},set:function(e){this.store(this.storageSessionState,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"silentRenewRunning",{get:function(){return this.retrieve(this.storageSilentRenewRunning)||""},set:function(e){this.store(this.storageSilentRenewRunning,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"customRequestParams",{get:function(){return this.retrieve(this.storageCustomRequestParams)},set:function(e){this.store(this.storageCustomRequestParams,e)},enumerable:!0,configurable:!0}),V.prototype.retrieve=function(e){return this.oidcSecurityStorage.read(e)},V.prototype.store=function(e,t){this.oidcSecurityStorage.write(e,t)},V.prototype.resetStorageData=function(e){e||(this.store(this.storageAuthResult,""),this.store(this.storageSessionState,""),this.store(this.storageSilentRenewRunning,""),this.store(this.storageIsAuthorized,!1),this.store(this.storageAccessToken,""),this.store(this.storageIdToken,""),this.store(this.storageUserData,""),this.store(this.storageCodeVerifier,""))},V.prototype.getAccessToken=function(){return this.retrieve(this.storageAccessToken)},V.prototype.getIdToken=function(){return this.retrieve(this.storageIdToken)},V.prototype.getRefreshToken=function(){return this.authResult.refresh_token},V.decorators=[{type:i.Injectable}],V.ctorParameters=function(){return[{type:O}]},V);function V(e){this.oidcSecurityStorage=e,this.storageAuthResult="authorizationResult",this.storageAccessToken="authorizationData",this.storageIdToken="authorizationDataIdToken",this.storageIsAuthorized="_isAuthorized",this.storageUserData="userData",this.storageAuthNonce="authNonce",this.storageCodeVerifier="code_verifier",this.storageAuthStateControl="authStateControl",this.storageSessionState="session_state",this.storageSilentRenewRunning="storage_silent_renew_running",this.storageCustomRequestParams="storage_custom_request_params"}var K=(F.prototype.isTokenExpired=function(e,t){var o;return o=this.tokenHelperService.getPayloadFromToken(e,!1),!this.validate_id_token_exp_not_expired(o,t)},F.prototype.validate_id_token_exp_not_expired=function(e,t){var o=this.tokenHelperService.getTokenExpirationDate(e);if(t=t||0,!o)return!1;var i=o.valueOf(),n=(new Date).valueOf()+1e3*t,r=n<i;return this.loggerService.logDebug("Token not expired?: "+i+" > "+n+"  ("+r+")"),r},F.prototype.validate_required_id_token=function(e){var t=!0;return e.hasOwnProperty("iss")||(t=!1,this.loggerService.logWarning("iss is missing, this is required in the id_token")),e.hasOwnProperty("sub")||(t=!1,this.loggerService.logWarning("sub is missing, this is required in the id_token")),e.hasOwnProperty("aud")||(t=!1,this.loggerService.logWarning("aud is missing, this is required in the id_token")),e.hasOwnProperty("exp")||(t=!1,this.loggerService.logWarning("exp is missing, this is required in the id_token")),e.hasOwnProperty("iat")||(t=!1,this.loggerService.logWarning("iat is missing, this is required in the id_token")),t},F.prototype.validate_id_token_iat_max_offset=function(e,t,o){if(o)return!0;if(!e.hasOwnProperty("iat"))return!1;var i=new Date(0);return i.setUTCSeconds(e.iat),t=t||0,null!=i&&(this.loggerService.logDebug("validate_id_token_iat_max_offset: "+((new Date).valueOf()-i.valueOf())+" < "+1e3*t),(new Date).valueOf()-i.valueOf()<1e3*t)},F.prototype.validate_id_token_nonce=function(e,t,o){return!((e.nonce!==undefined&&!o||t!==F.RefreshTokenNoncePlaceholder)&&e.nonce!==t&&(this.loggerService.logDebug("Validate_id_token_nonce failed, dataIdToken.nonce: "+e.nonce+" local_nonce:"+t),1))},F.prototype.validate_id_token_iss=function(e,t){return e.iss===t||(this.loggerService.logDebug("Validate_id_token_iss failed, dataIdToken.iss: "+e.iss+" authWellKnownEndpoints issuer:"+t),!1)},F.prototype.validate_id_token_aud=function(e,t){return e.aud instanceof Array?!!this.arrayHelperService.areEqual(e.aud,t)||(this.loggerService.logDebug("Validate_id_token_aud  array failed, dataIdToken.aud: "+e.aud+" client_id:"+t),!1):e.aud===t||(this.loggerService.logDebug("Validate_id_token_aud failed, dataIdToken.aud: "+e.aud+" client_id:"+t),!1)},F.prototype.validateStateFromHashCallback=function(e,t){return e===t||(this.loggerService.logDebug("ValidateStateFromHashCallback failed, state: "+e+" local_state:"+t),!1)},F.prototype.validate_userdata_sub_id_token=function(e,t){return e===t||(this.loggerService.logDebug("validate_userdata_sub_id_token failed, id_token_sub: "+e+" userdata_sub:"+t),!1)},F.prototype.validate_signature_id_token=function(e,t){var o,i,n,r,s,a;if(!t||!t.keys)return!1;var u=this.tokenHelperService.getHeaderFromToken(e,!1);if(0===Object.keys(u).length&&u.constructor===Object)return this.loggerService.logWarning("id token has no header data"),!1;var c=u.kid;if("RS256"!==u.alg)return this.loggerService.logWarning("Only RS256 supported"),!1;var d=!1;if(u.hasOwnProperty("kid"))try{for(var l=b(t.keys),g=l.next();!g.done;g=l.next())if((_=g.value).kid===c)return y=C.KEYUTIL.getKey(_),(d=C.KJUR.jws.JWS.verify(e,y,["RS256"]))||this.loggerService.logWarning("incorrect Signature, validation failed for id_token"),d}catch(m){s={error:m}}finally{try{g&&!g.done&&(a=l["return"])&&a.call(l)}finally{if(s)throw s.error}}else{var h=0;try{for(var f=b(t.keys),p=f.next();!p.done;p=f.next())"RSA"===(_=p.value).kty&&"sig"===_.use&&(h+=1)}catch(k){o={error:k}}finally{try{p&&!p.done&&(i=f["return"])&&i.call(f)}finally{if(o)throw o.error}}if(0===h)return this.loggerService.logWarning("no keys found, incorrect Signature, validation failed for id_token"),!1;if(1<h)return this.loggerService.logWarning("no ID Token kid claim in JOSE header and multiple supplied in jwks_uri"),!1;try{for(var v=b(t.keys),S=v.next();!S.done;S=v.next()){var _;if("RSA"===(_=S.value).kty&&"sig"===_.use){var y=C.KEYUTIL.getKey(_);return(d=C.KJUR.jws.JWS.verify(e,y,["RS256"]))||this.loggerService.logWarning("incorrect Signature, validation failed for id_token"),d}}}catch(w){n={error:w}}finally{try{S&&!S.done&&(r=v["return"])&&r.call(v)}finally{if(n)throw n.error}}}return d},F.prototype.config_validate_response_type=function(e){return"id_token token"===e||"id_token"===e||"code"===e||(this.loggerService.logWarning("module configure incorrect, invalid response_type:"+e),!1)},F.prototype.validate_id_token_at_hash=function(e,t,o){if(this.loggerService.logDebug("at_hash from the server:"+t),o&&!t)return this.loggerService.logDebug("Code Flow active, and no at_hash in the id_token, skipping check!"),!0;var i=this.generate_at_hash(""+e);if(this.loggerService.logDebug("at_hash client validation not decoded:"+i),i===t)return!0;var n=this.generate_at_hash(""+decodeURIComponent(e));return this.loggerService.logDebug("-gen access--"+n),n===t},F.prototype.generate_at_hash=function(e){var t=C.KJUR.crypto.Util.hashString(e,"sha256"),o=t.substr(0,t.length/2);return C.hextob64u(o)},F.prototype.generate_code_verifier=function(e){var t=C.KJUR.crypto.Util.hashString(e,"sha256");return C.hextob64u(t)},F.RefreshTokenNoncePlaceholder="--RefreshToken--",F.decorators=[{type:i.Injectable}],F.ctorParameters=function(){return[{type:R},{type:A},{type:I}]},F);function F(e,t,o){this.arrayHelperService=e,this.tokenHelperService=t,this.loggerService=o}var N=(H.prototype.validateState=function(e,t){var o=new s;if(!this.oidcSecurityValidation.validateStateFromHashCallback(e.state,this.oidcSecurityCommon.authStateControl))return this.loggerService.logWarning("authorizedCallback incorrect state"),o.state=d.StatesDoNotMatch,this.handleUnsuccessfulValidation(),o;if("id_token token"!==this.configurationProvider.openIDConfiguration.response_type&&"code"!==this.configurationProvider.openIDConfiguration.response_type||(o.access_token=e.access_token),e.id_token){if(o.id_token=e.id_token,o.decoded_id_token=this.tokenHelperService.getPayloadFromToken(o.id_token,!1),!this.oidcSecurityValidation.validate_signature_id_token(o.id_token,t))return this.loggerService.logDebug("authorizedCallback Signature validation failed id_token"),o.state=d.SignatureFailed,this.handleUnsuccessfulValidation(),o;if(!this.oidcSecurityValidation.validate_id_token_nonce(o.decoded_id_token,this.oidcSecurityCommon.authNonce,this.configurationProvider.openIDConfiguration.ignore_nonce_after_refresh))return this.loggerService.logWarning("authorizedCallback incorrect nonce"),o.state=d.IncorrectNonce,this.handleUnsuccessfulValidation(),o;if(!this.oidcSecurityValidation.validate_required_id_token(o.decoded_id_token))return this.loggerService.logDebug("authorizedCallback Validation, one of the REQUIRED properties missing from id_token"),o.state=d.RequiredPropertyMissing,this.handleUnsuccessfulValidation(),o;if(!this.oidcSecurityValidation.validate_id_token_iat_max_offset(o.decoded_id_token,this.configurationProvider.openIDConfiguration.max_id_token_iat_offset_allowed_in_seconds,this.configurationProvider.openIDConfiguration.disable_iat_offset_validation))return this.loggerService.logWarning("authorizedCallback Validation, iat rejected id_token was issued too far away from the current time"),o.state=d.MaxOffsetExpired,this.handleUnsuccessfulValidation(),o;if(!this.configurationProvider.wellKnownEndpoints)return this.loggerService.logWarning("authWellKnownEndpoints is undefined"),o.state=d.NoAuthWellKnownEndPoints,this.handleUnsuccessfulValidation(),o;if(this.configurationProvider.openIDConfiguration.iss_validation_off)this.loggerService.logDebug("iss validation is turned off, this is not recommended!");else if(!this.configurationProvider.openIDConfiguration.iss_validation_off&&!this.oidcSecurityValidation.validate_id_token_iss(o.decoded_id_token,this.configurationProvider.wellKnownEndpoints.issuer))return this.loggerService.logWarning("authorizedCallback incorrect iss does not match authWellKnownEndpoints issuer"),o.state=d.IssDoesNotMatchIssuer,this.handleUnsuccessfulValidation(),o;if(!this.oidcSecurityValidation.validate_id_token_aud(o.decoded_id_token,this.configurationProvider.openIDConfiguration.client_id))return this.loggerService.logWarning("authorizedCallback incorrect aud"),o.state=d.IncorrectAud,this.handleUnsuccessfulValidation(),o;if(!this.oidcSecurityValidation.validate_id_token_exp_not_expired(o.decoded_id_token))return this.loggerService.logWarning("authorizedCallback token expired"),o.state=d.TokenExpired,this.handleUnsuccessfulValidation(),o}else this.loggerService.logDebug("No id_token found, skipping id_token validation");return"id_token token"!==this.configurationProvider.openIDConfiguration.response_type&&"code"!==this.configurationProvider.openIDConfiguration.response_type?(o.authResponseIsValid=!0,o.state=d.Ok,this.handleSuccessfulValidation(),this.handleUnsuccessfulValidation()):this.oidcSecurityValidation.validate_id_token_at_hash(o.access_token,o.decoded_id_token.at_hash,"code"===this.configurationProvider.openIDConfiguration.response_type)&&o.access_token?(o.authResponseIsValid=!0,o.state=d.Ok,this.handleSuccessfulValidation()):(this.loggerService.logWarning("authorizedCallback incorrect at_hash"),o.state=d.IncorrectAtHash,this.handleUnsuccessfulValidation()),o},H.prototype.handleSuccessfulValidation=function(){this.oidcSecurityCommon.authNonce="",this.configurationProvider.openIDConfiguration.auto_clean_state_after_authentication&&(this.oidcSecurityCommon.authStateControl=""),this.loggerService.logDebug("AuthorizedCallback token(s) validated, continue")},H.prototype.handleUnsuccessfulValidation=function(){this.oidcSecurityCommon.authNonce="",this.configurationProvider.openIDConfiguration.auto_clean_state_after_authentication&&(this.oidcSecurityCommon.authStateControl=""),this.loggerService.logDebug("AuthorizedCallback token(s) invalid")},H.decorators=[{type:i.Injectable}],H.ctorParameters=function(){return[{type:U},{type:K},{type:A},{type:I},{type:k}]},H);function H(e,t,o,i,n){this.oidcSecurityCommon=e,this.oidcSecurityValidation=t,this.tokenHelperService=o,this.loggerService=i,this.configurationProvider=n}var M="myiFrameForCheckSession",q=(Object.defineProperty(L.prototype,"onCheckSessionChanged",{get:function(){return this.checkSessionChanged.asObservable()},enumerable:!0,configurable:!0}),L.prototype.doesSessionExist=function(){var e=this.iFrameService.getExistingIFrame(M);return!!e&&(this.sessionIframe=e,!0)},L.prototype.init=function(){var t=this;return this.lastIFrameRefresh+this.iframeRefreshInterval>Date.now()?p.from([this]):(this.doesSessionExist()||(this.sessionIframe=this.iFrameService.addIFrameToWindowBody(M),this.iframeMessageEvent=this.messageHandler.bind(this),window.addEventListener("message",this.iframeMessageEvent,!1)),this.configurationProvider.wellKnownEndpoints?(this.configurationProvider.wellKnownEndpoints.check_session_iframe?this.sessionIframe.contentWindow.location.replace(this.configurationProvider.wellKnownEndpoints.check_session_iframe):this.loggerService.logWarning("init check session: authWellKnownEndpoints is undefined"),p.Observable.create(function(e){t.sessionIframe.onload=function(){t.lastIFrameRefresh=Date.now(),e.next(t),e.complete()}})):void this.loggerService.logWarning("init check session: authWellKnownEndpoints is undefined. Returning."))},L.prototype.startCheckingSession=function(e){this.scheduledHeartBeat||this.pollServerSession(e)},L.prototype.stopCheckingSession=function(){this.scheduledHeartBeat&&this.clearScheduledHeartBeat()},L.prototype.pollServerSession=function(t){var o=this,i=function(){o.init().pipe(v.take(1)).subscribe(function(){if(o.sessionIframe&&t){o.loggerService.logDebug(o.sessionIframe);var e=o.oidcSecurityCommon.sessionState;e?(o.outstandingMessages++,o.sessionIframe.contentWindow.postMessage(t+" "+e,o.configurationProvider.openIDConfiguration.stsServer)):(o.loggerService.logDebug("OidcSecurityCheckSession pollServerSession session_state is blank"),o.checkSessionChanged.next())}else o.loggerService.logWarning("OidcSecurityCheckSession pollServerSession sessionIframe does not exist"),o.loggerService.logDebug(t),o.loggerService.logDebug(o.sessionIframe);3<o.outstandingMessages&&(o.loggerService.logError("OidcSecurityCheckSession not receiving check session response messages.\n                            Outstanding messages: "+o.outstandingMessages+". Server unreachable?"),o.checkSessionChanged.next()),o.scheduledHeartBeat=setTimeout(i,o.heartBeatInterval)})};this.outstandingMessages=0,this.zone.runOutsideAngular(function(){o.scheduledHeartBeat=setTimeout(i,o.heartBeatInterval)})},L.prototype.clearScheduledHeartBeat=function(){clearTimeout(this.scheduledHeartBeat),this.scheduledHeartBeat=null},L.prototype.messageHandler=function(e){this.outstandingMessages=0,this.sessionIframe&&e.origin===this.configurationProvider.openIDConfiguration.stsServer&&e.source===this.sessionIframe.contentWindow&&("error"===e.data?this.loggerService.logWarning("error from checksession messageHandler"):"changed"===e.data?this.checkSessionChanged.next():this.loggerService.logDebug(e.data+" from checksession messageHandler"))},L.decorators=[{type:i.Injectable}],L.ctorParameters=function(){return[{type:U},{type:I},{type:P},{type:i.NgZone},{type:k}]},L);function L(e,t,o,i,n){this.oidcSecurityCommon=e,this.loggerService=t,this.iFrameService=o,this.zone=i,this.configurationProvider=n,this.lastIFrameRefresh=0,this.outstandingMessages=0,this.heartBeatInterval=3e3,this.iframeRefreshInterval=6e4,this.checkSessionChanged=new p.Subject}var B=(Object.defineProperty(J.prototype,"onConfigurationLoaded",{get:function(){return this.configurationLoadedInternal.asObservable()},enumerable:!0,configurable:!0}),J.prototype.load=function(t){var o=this;return this.httpClient.get(t).pipe(v.switchMap(function(e){return o.loadUsingConfiguration(e)}),v.catchError(function(e){return o.loggerService.logError("OidcConfigService 'load' threw an error on calling "+t,e),o.configurationLoadedInternal.next(undefined),p.of(!1)})).toPromise()},J.prototype.load_using_stsServer=function(e){return this.loadUsingConfiguration({stsServer:e}).toPromise()},J.prototype.load_using_custom_stsServer=function(t){var o=this;return this.httpClient.get(t).pipe(v.switchMap(function(e){return o.configurationLoadedInternal.next({authWellknownEndpoints:e,customConfig:{stsServer:t}}),p.of(!0)}),v.catchError(function(e){return o.loggerService.logError("OidcConfigService 'load_using_custom_stsServer' threw an error on calling "+t,e),o.configurationLoadedInternal.next(undefined),p.of(!1)})).toPromise()},J.prototype.loadUsingConfiguration=function(t){var o=this;if(!t.stsServer)throw this.loggerService.logError("Property 'stsServer' is not present of passed config "+JSON.stringify(t),t),new Error("Property 'stsServer' is not present of passed config "+JSON.stringify(t));var i=t.stsServer+"/.well-known/openid-configuration";return this.httpClient.get(i).pipe(v.switchMap(function(e){return o.configurationLoadedInternal.next({authWellknownEndpoints:e,customConfig:t}),p.of(!0)}),v.catchError(function(e){return o.loggerService.logError("OidcConfigService 'load_using_stsServer' threw an error on calling "+i,e),o.configurationLoadedInternal.next(undefined),p.of(!1)}))},J.decorators=[{type:i.Injectable}],J.ctorParameters=function(){return[{type:I},{type:l.HttpClient}]},J);function J(e,t){this.loggerService=e,this.httpClient=t,this.configurationLoadedInternal=new p.ReplaySubject(1)}var G="myiFrameForSilentRenew",$=(Y.prototype.initRenew=function(){var e=this.iFrameService.getExistingIFrame(G);return e||this.iFrameService.addIFrameToWindowBody(G)},Y.prototype.startRenew=function(o){var i=this.initRenew();return this.loggerService.logDebug("startRenew for URL:"+o),new p.Observable(function(e){var t=function(){i.removeEventListener("load",t),e.next(undefined),e.complete()};return i.addEventListener("load",t),i.src=o,function(){i.removeEventListener("load",t)}})},Y.decorators=[{type:i.Injectable}],Y.ctorParameters=function(){return[{type:I},{type:P}]},Y);function Y(e,t){this.loggerService=e,this.iFrameService=t}var Z=(Q.prototype.initUserData=function(){var t=this;return this.getIdentityUserData().pipe(v.map(function(e){return t.userData=e}))},Q.prototype.getUserData=function(){if(!this.userData)throw Error("UserData is not set!");return this.userData},Q.prototype.setUserData=function(e){this.userData=e},Q.prototype.getIdentityUserData=function(){var e=this.oidcSecurityCommon.getAccessToken();if(!this.configurationProvider.wellKnownEndpoints)throw this.loggerService.logWarning("init check session: authWellKnownEndpoints is undefined"),Error("authWellKnownEndpoints is undefined");if(!this.configurationProvider.wellKnownEndpoints||!this.configurationProvider.wellKnownEndpoints.userinfo_endpoint)throw this.loggerService.logError("init check session: authWellKnownEndpoints.userinfo_endpoint is undefined; set auto_userinfo = false in config"),Error("authWellKnownEndpoints.userinfo_endpoint is undefined");return this.oidcDataService.getIdentityUserData(this.configurationProvider.wellKnownEndpoints.userinfo_endpoint||"",e)},Q.decorators=[{type:i.Injectable}],Q.ctorParameters=function(){return[{type:g},{type:U},{type:I},{type:k}]},Q);function Q(e,t,o,i){this.oidcDataService=e,this.oidcSecurityCommon=t,this.loggerService=o,this.configurationProvider=i,this.userData=""}var X=(ee.prototype.encodeKey=function(e){return encodeURIComponent(e)},ee.prototype.encodeValue=function(e){return encodeURIComponent(e)},ee.prototype.decodeKey=function(e){return decodeURIComponent(e)},ee.prototype.decodeValue=function(e){return decodeURIComponent(e)},ee);function ee(){}var te=(oe.prototype.getUrlParameter=function(e,t){if(!e)return"";if(!t)return"";t=t.replace(/[\[]/,"\\[").replace(/[\]]/,"\\]");var o=new RegExp("[\\?&]"+t+"=([^&#]*)").exec(e);return null===o?"":decodeURIComponent(o[1])},oe.decorators=[{type:i.Injectable,args:[{providedIn:"root"}]}],oe.ngInjectableDef=i.defineInjectable({factory:function(){return new oe},token:oe,providedIn:"root"}),oe);function oe(){}var ie,ne,re=(Object.defineProperty(se.prototype,"onModuleSetup",{get:function(){return this._onModuleSetup.asObservable()},enumerable:!0,configurable:!0}),Object.defineProperty(se.prototype,"onAuthorizationResult",{get:function(){return this._onAuthorizationResult.asObservable()},enumerable:!0,configurable:!0}),Object.defineProperty(se.prototype,"onCheckSessionChanged",{get:function(){return this._onCheckSessionChanged.asObservable()},enumerable:!0,configurable:!0}),Object.defineProperty(se.prototype,"onConfigurationChange",{get:function(){return this.configurationProvider.onConfigurationChange},enumerable:!0,configurable:!0}),se.prototype.setupModule=function(e,t){var o=this;this.configurationProvider.setup(e,t),this.oidcSecurityCheckSession.onCheckSessionChanged.subscribe(function(){o.loggerService.logDebug("onCheckSessionChanged"),o.checkSessionChanged=!0,o._onCheckSessionChanged.next(o.checkSessionChanged)});var i=this.oidcSecurityCommon.userData;i&&this.setUserData(i);var n=this.oidcSecurityCommon.isAuthorized;if(n&&(this.loggerService.logDebug("IsAuthorized setup module"),this.loggerService.logDebug(this.oidcSecurityCommon.idToken),this.oidcSecurityValidation.isTokenExpired(this.oidcSecurityCommon.idToken||this.oidcSecurityCommon.accessToken,this.configurationProvider.openIDConfiguration.silent_renew_offset_in_seconds)?this.loggerService.logDebug("IsAuthorized setup module; id_token isTokenExpired"):(this.loggerService.logDebug("IsAuthorized setup module; id_token is valid"),this.setIsAuthorized(n)),this.runTokenValidation()),this.loggerService.logDebug("STS server: "+this.configurationProvider.openIDConfiguration.stsServer),this._onModuleSetup.next(),this.configurationProvider.openIDConfiguration.silent_renew){this.oidcSecuritySilentRenew.initRenew(),this.boundSilentRenewEvent=this.silentRenewEventHandler.bind(this);var r=Math.random(),s=function(e){e.detail!==r&&(window.removeEventListener("oidc-silent-renew-message",o.boundSilentRenewEvent),window.removeEventListener("oidc-silent-renew-init",s))}.bind(this);window.addEventListener("oidc-silent-renew-init",s,!1),window.addEventListener("oidc-silent-renew-message",this.boundSilentRenewEvent,!1),window.dispatchEvent(new CustomEvent("oidc-silent-renew-init",{detail:r}))}},se.prototype.getUserData=function(){return this._userData.asObservable()},se.prototype.getIsModuleSetup=function(){return this._isModuleSetup.asObservable()},se.prototype.getIsAuthorized=function(){return this._isSetupAndAuthorized},se.prototype.getToken=function(){if(!this._isAuthorized.getValue())return"";var e=this.oidcSecurityCommon.getAccessToken();return decodeURIComponent(e)},se.prototype.getIdToken=function(){if(!this._isAuthorized.getValue())return"";var e=this.oidcSecurityCommon.getIdToken();return decodeURIComponent(e)},se.prototype.getRefreshToken=function(){if(!this._isAuthorized.getValue())return"";var e=this.oidcSecurityCommon.getRefreshToken();return decodeURIComponent(e)},se.prototype.getPayloadFromIdToken=function(e){void 0===e&&(e=!1);var t=this.getIdToken();return this.tokenHelperService.getPayloadFromToken(t,e)},se.prototype.setState=function(e){this.oidcSecurityCommon.authStateControl=e},se.prototype.getState=function(){return this.oidcSecurityCommon.authStateControl},se.prototype.setCustomRequestParameters=function(e){this.oidcSecurityCommon.customRequestParams=e},se.prototype.authorize=function(e){if(this.configurationProvider.wellKnownEndpoints&&(this.authWellKnownEndpointsLoaded=!0),this.authWellKnownEndpointsLoaded){if(this.oidcSecurityValidation.config_validate_response_type(this.configurationProvider.openIDConfiguration.response_type)){this.resetAuthorizationData(!1),this.loggerService.logDebug("BEGIN Authorize Code Flow, no auth data");var t=this.oidcSecurityCommon.authStateControl;t||(t=Date.now()+""+Math.random()+Math.random(),this.oidcSecurityCommon.authStateControl=t);var o="N"+Math.random()+Date.now();this.oidcSecurityCommon.authNonce=o,this.loggerService.logDebug("AuthorizedController created. local state: "+this.oidcSecurityCommon.authStateControl);var i="";if("code"===this.configurationProvider.openIDConfiguration.response_type){var n="C"+Math.random()+Date.now()+Date.now()+Math.random(),r=this.oidcSecurityValidation.generate_code_verifier(n);this.oidcSecurityCommon.code_verifier=n,this.configurationProvider.wellKnownEndpoints?i=this.createAuthorizeUrl(!0,r,this.configurationProvider.openIDConfiguration.redirect_url,o,t,this.configurationProvider.wellKnownEndpoints.authorization_endpoint||""):this.loggerService.logError("authWellKnownEndpoints is undefined")}else this.configurationProvider.wellKnownEndpoints?i=this.createAuthorizeUrl(!1,"",this.configurationProvider.openIDConfiguration.redirect_url,o,t,this.configurationProvider.wellKnownEndpoints.authorization_endpoint||""):this.loggerService.logError("authWellKnownEndpoints is undefined");e?e(i):this.redirectTo(i)}}else this.loggerService.logError("Well known endpoints must be loaded before user can login!")},se.prototype.authorizedCallbackWithCode=function(e){this.authorizedCallbackWithCode$(e).subscribe()},se.prototype.authorizedCallbackWithCode$=function(e){var t=this.urlParserService.getUrlParameter(e,"code"),o=this.urlParserService.getUrlParameter(e,"state"),i=this.urlParserService.getUrlParameter(e,"session_state")||null;return o?t?(this.loggerService.logDebug("running validation for callback"+e),this.requestTokensWithCode$(t,o,i)):(this.loggerService.logDebug("no code in url"),p.of()):(this.loggerService.logDebug("no state in url"),p.of())},se.prototype.requestTokensWithCode=function(e,t,o){this.requestTokensWithCode$(e,t,o).subscribe()},se.prototype.requestTokensWithCode$=function(e,t,o){var i=this;return this._isModuleSetup.pipe(v.filter(function(e){return!!e}),v.take(1),v.switchMap(function(){return i.requestTokensWithCodeProcedure$(e,t,o)}))},se.prototype.refreshTokensWithCodeProcedure=function(e,o){var i=this,t="";this.configurationProvider.wellKnownEndpoints&&this.configurationProvider.wellKnownEndpoints.token_endpoint&&(t=""+this.configurationProvider.wellKnownEndpoints.token_endpoint);var n=new l.HttpHeaders;n=n.set("Content-Type","application/x-www-form-urlencoded");var r="grant_type=refresh_token&client_id="+this.configurationProvider.openIDConfiguration.client_id+"&refresh_token="+e;return this.httpClient.post(t,r,{headers:n}).pipe(v.map(function(e){i.loggerService.logDebug("token refresh response: "+JSON.stringify(e));var t=new Object;(t=e).state=o,i.authorizedCodeFlowCallbackProcedure(t)}),v.catchError(function(e){return i.loggerService.logError(e),i.loggerService.logError("OidcService code request "+i.configurationProvider.openIDConfiguration.stsServer),p.of(!1)}))},se.prototype.requestTokensWithCodeProcedure=function(e,t,o){this.requestTokensWithCodeProcedure$(e,t,o).subscribe()},se.prototype.requestTokensWithCodeProcedure$=function(e,o,i){var n=this,t="";if(this.configurationProvider.wellKnownEndpoints&&this.configurationProvider.wellKnownEndpoints.token_endpoint&&(t=""+this.configurationProvider.wellKnownEndpoints.token_endpoint),!this.oidcSecurityValidation.validateStateFromHashCallback(o,this.oidcSecurityCommon.authStateControl))return this.loggerService.logWarning("authorizedCallback incorrect state"),p.throwError(new Error("incorrect state"));var r=new l.HttpHeaders;r=r.set("Content-Type","application/x-www-form-urlencoded");var s=a.oneLineTrim(ie=ie||_(["grant_type=authorization_code&client_id=","\n            &code_verifier=","\n            &code=","&redirect_uri=",""],["grant_type=authorization_code&client_id=","\n            &code_verifier=","\n            &code=","&redirect_uri=",""]),this.configurationProvider.openIDConfiguration.client_id,this.oidcSecurityCommon.code_verifier,e,this.configurationProvider.openIDConfiguration.redirect_url);return"running"===this.oidcSecurityCommon.silentRenewRunning&&(s=a.oneLineTrim(ne=ne||_(["grant_type=authorization_code&client_id=","\n                &code_verifier=","\n                &code=","\n                &redirect_uri=",""],["grant_type=authorization_code&client_id=","\n                &code_verifier=","\n                &code=","\n                &redirect_uri=",""]),this.configurationProvider.openIDConfiguration.client_id,this.oidcSecurityCommon.code_verifier,e,this.configurationProvider.openIDConfiguration.silent_renew_url)),this.httpClient.post(t,s,{headers:r}).pipe(v.map(function(e){var t=new Object;return(t=e).state=o,t.session_state=i,n.authorizedCodeFlowCallbackProcedure(t),undefined}),v.catchError(function(e){return n.loggerService.logError(e),n.loggerService.logError("OidcService code request "+n.configurationProvider.openIDConfiguration.stsServer),p.throwError(e)}))},se.prototype.authorizedCodeFlowCallbackProcedure=function(e){var t="running"===this.oidcSecurityCommon.silentRenewRunning;this.loggerService.logDebug("BEGIN authorized Code Flow Callback, no auth data"),this.resetAuthorizationData(t),this.authorizedCallbackProcedure(e,t)},se.prototype.authorizedImplicitFlowCallbackProcedure=function(e){var t="running"===this.oidcSecurityCommon.silentRenewRunning;this.loggerService.logDebug("BEGIN authorizedCallback, no auth data"),this.resetAuthorizationData(t);var o=(e=e||window.location.hash.substr(1)).split("&").reduce(function(e,t){var o=t.split("=");return e[o.shift()]=o.join("="),e},{});this.authorizedCallbackProcedure(o,t)},se.prototype.authorizedImplicitFlowCallback=function(e){var t=this;this._isModuleSetup.pipe(v.filter(function(e){return e}),v.take(1)).subscribe(function(){t.authorizedImplicitFlowCallbackProcedure(e)})},se.prototype.redirectTo=function(e){window.location.href=e},se.prototype.authorizedCallbackProcedure=function(o,i){var n=this;this.oidcSecurityCommon.authResult=o,this.configurationProvider.openIDConfiguration.history_cleanup_off||i?this.loggerService.logDebug("history clean up inactive"):window.history.replaceState({},window.document.title,window.location.origin+window.location.pathname),o.error?(i?this.loggerService.logDebug(o):this.loggerService.logWarning(o),"login_required"===o.error?this._onAuthorizationResult.next(new u(c.unauthorized,d.LoginRequired,i)):this._onAuthorizationResult.next(new u(c.unauthorized,d.SecureTokenServerError,i)),this.resetAuthorizationData(!1),this.oidcSecurityCommon.authNonce="",this.configurationProvider.openIDConfiguration.trigger_authorization_result_event||i||this.router.navigate([this.configurationProvider.openIDConfiguration.unauthorized_route])):(this.loggerService.logDebug(o),this.loggerService.logDebug("authorizedCallback created, begin token validation"),this.getSigningKeys().subscribe(function(e){var t=n.getValidatedStateResult(o,e);t.authResponseIsValid?(n.setAuthorizationData(t.access_token,t.id_token),n.oidcSecurityCommon.silentRenewRunning="",n.configurationProvider.openIDConfiguration.auto_userinfo?n.getUserinfo(i,o,t.id_token,t.decoded_id_token).subscribe(function(e){e?(n._onAuthorizationResult.next(new u(c.authorized,t.state,i)),n.configurationProvider.openIDConfiguration.trigger_authorization_result_event||i||n.router.navigate([n.configurationProvider.openIDConfiguration.post_login_route])):(n._onAuthorizationResult.next(new u(c.unauthorized,t.state,i)),n.configurationProvider.openIDConfiguration.trigger_authorization_result_event||i||n.router.navigate([n.configurationProvider.openIDConfiguration.unauthorized_route]))},function(e){n.loggerService.logWarning("Failed to retreive user info with error: "+JSON.stringify(e))}):(i||(n.oidcSecurityUserService.setUserData(t.decoded_id_token),n.setUserData(n.oidcSecurityUserService.getUserData())),n.runTokenValidation(),n._onAuthorizationResult.next(new u(c.authorized,t.state,i)),n.configurationProvider.openIDConfiguration.trigger_authorization_result_event||i||n.router.navigate([n.configurationProvider.openIDConfiguration.post_login_route]))):(n.loggerService.logWarning("authorizedCallback, token(s) validation failed, resetting"),n.loggerService.logWarning(window.location.hash),n.resetAuthorizationData(!1),n.oidcSecurityCommon.silentRenewRunning="",n._onAuthorizationResult.next(new u(c.unauthorized,t.state,i)),n.configurationProvider.openIDConfiguration.trigger_authorization_result_event||i||n.router.navigate([n.configurationProvider.openIDConfiguration.unauthorized_route]))},function(e){n.loggerService.logWarning("Failed to retreive siging key with error: "+JSON.stringify(e)),n.oidcSecurityCommon.silentRenewRunning=""}))},se.prototype.getUserinfo=function(e,o,t,i){var n=this;return void 0===e&&(e=!1),o=o||this.oidcSecurityCommon.authResult,t=t||this.oidcSecurityCommon.idToken,i=i||this.tokenHelperService.getPayloadFromToken(t,!1),new p.Observable(function(t){"id_token token"===n.configurationProvider.openIDConfiguration.response_type||"code"===n.configurationProvider.openIDConfiguration.response_type?e&&n._userData.value?(n.oidcSecurityCommon.sessionState=o.session_state,t.next(!0),t.complete()):n.oidcSecurityUserService.initUserData().subscribe(function(){n.loggerService.logDebug("authorizedCallback (id_token token || code) flow");var e=n.oidcSecurityUserService.getUserData();n.oidcSecurityValidation.validate_userdata_sub_id_token(i.sub,e.sub)?(n.setUserData(e),n.loggerService.logDebug(n.oidcSecurityCommon.accessToken),n.loggerService.logDebug(n.oidcSecurityUserService.getUserData()),n.oidcSecurityCommon.sessionState=o.session_state,n.runTokenValidation(),t.next(!0)):(n.loggerService.logWarning("authorizedCallback, User data sub does not match sub in id_token"),n.loggerService.logDebug("authorizedCallback, token(s) validation failed, resetting"),n.resetAuthorizationData(!1),t.next(!1)),t.complete()}):(n.loggerService.logDebug("authorizedCallback id_token flow"),n.loggerService.logDebug(n.oidcSecurityCommon.accessToken),n.oidcSecurityUserService.setUserData(i),n.setUserData(n.oidcSecurityUserService.getUserData()),n.oidcSecurityCommon.sessionState=o.session_state,n.runTokenValidation(),t.next(!0),t.complete())})},se.prototype.logoff=function(e){if(this.loggerService.logDebug("BEGIN Authorize, no auth data"),this.configurationProvider.wellKnownEndpoints)if(this.configurationProvider.wellKnownEndpoints.end_session_endpoint){var t=this.configurationProvider.wellKnownEndpoints.end_session_endpoint,o=this.oidcSecurityCommon.idToken,i=this.createEndSessionUrl(t,o);this.resetAuthorizationData(!1),this.configurationProvider.openIDConfiguration.start_checksession&&this.checkSessionChanged?this.loggerService.logDebug("only local login cleaned up, server session has changed"):e?e(i):this.redirectTo(i)}else this.resetAuthorizationData(!1),this.loggerService.logDebug("only local login cleaned up, no end_session_endpoint");else this.loggerService.logWarning("authWellKnownEndpoints is undefined")},se.prototype.refreshSession=function(){if(!this.configurationProvider.openIDConfiguration.silent_renew)return p.of(!1);this.loggerService.logDebug("BEGIN refresh session Authorize"),this.oidcSecurityCommon.silentRenewRunning="running";var e=this.oidcSecurityCommon.authStateControl;""!==e&&null!==e||(e=Date.now()+""+Math.random()+Math.random(),this.oidcSecurityCommon.authStateControl=e);var t="N"+Math.random()+Date.now();this.oidcSecurityCommon.authNonce=t,this.loggerService.logDebug("RefreshSession created. adding myautostate: "+this.oidcSecurityCommon.authStateControl);var o="";if("code"===this.configurationProvider.openIDConfiguration.response_type){if(this.configurationProvider.openIDConfiguration.use_refresh_token){var i=this.oidcSecurityCommon.getRefreshToken();if(i)return this.loggerService.logDebug("found refresh code, obtaining new credentials with refresh code"),this.oidcSecurityCommon.authNonce=K.RefreshTokenNoncePlaceholder,this.refreshTokensWithCodeProcedure(i,e);this.loggerService.logDebug("no refresh token found, using silent renew")}var n="C"+Math.random()+Date.now()+Date.now()+Math.random(),r=this.oidcSecurityValidation.generate_code_verifier(n);this.oidcSecurityCommon.code_verifier=n,this.configurationProvider.wellKnownEndpoints?o=this.createAuthorizeUrl(!0,r,this.configurationProvider.openIDConfiguration.silent_renew_url,t,e,this.configurationProvider.wellKnownEndpoints.authorization_endpoint||"","none"):this.loggerService.logWarning("authWellKnownEndpoints is undefined")}else this.configurationProvider.wellKnownEndpoints?o=this.createAuthorizeUrl(!1,"",this.configurationProvider.openIDConfiguration.silent_renew_url,t,e,this.configurationProvider.wellKnownEndpoints.authorization_endpoint||"","none"):this.loggerService.logWarning("authWellKnownEndpoints is undefined");return this.oidcSecuritySilentRenew.startRenew(o).pipe(v.map(function(){return!0}))},se.prototype.handleError=function(e){var t="running"===this.oidcSecurityCommon.silentRenewRunning;if(this.loggerService.logError(e),403===e.status||"403"===e.status)this.configurationProvider.openIDConfiguration.trigger_authorization_result_event?this._onAuthorizationResult.next(new u(c.unauthorized,d.NotSet,t)):this.router.navigate([this.configurationProvider.openIDConfiguration.forbidden_route]);else if(401===e.status||"401"===e.status){var o=this.oidcSecurityCommon.silentRenewRunning;this.resetAuthorizationData(!!o),this.configurationProvider.openIDConfiguration.trigger_authorization_result_event?this._onAuthorizationResult.next(new u(c.unauthorized,d.NotSet,t)):this.router.navigate([this.configurationProvider.openIDConfiguration.unauthorized_route])}},se.prototype.startCheckingSilentRenew=function(){this.runTokenValidation()},se.prototype.stopCheckingSilentRenew=function(){this._scheduledHeartBeat&&(clearTimeout(this._scheduledHeartBeat),this._scheduledHeartBeat=null,this.runTokenValidationRunning=!1)},se.prototype.resetAuthorizationData=function(e){e||(this.configurationProvider.openIDConfiguration.auto_userinfo&&this.setUserData(""),this.oidcSecurityCommon.resetStorageData(e),this.checkSessionChanged=!1,this.setIsAuthorized(!1))},se.prototype.getEndSessionUrl=function(){if(this.configurationProvider.wellKnownEndpoints&&this.configurationProvider.wellKnownEndpoints.end_session_endpoint){var e=this.configurationProvider.wellKnownEndpoints.end_session_endpoint,t=this.oidcSecurityCommon.idToken;return this.createEndSessionUrl(e,t)}},se.prototype.getValidatedStateResult=function(e,t){return e.error?new s("","",!1,{}):this.stateValidationService.validateState(e,t)},se.prototype.setUserData=function(e){this.oidcSecurityCommon.userData=e,this._userData.next(e)},se.prototype.setIsAuthorized=function(e){this._isAuthorized.next(e)},se.prototype.setAuthorizationData=function(e,t){""!==this.oidcSecurityCommon.accessToken&&(this.oidcSecurityCommon.accessToken=""),this.loggerService.logDebug(e),this.loggerService.logDebug(t),this.loggerService.logDebug("storing to storage, getting the roles"),this.oidcSecurityCommon.accessToken=e,this.oidcSecurityCommon.idToken=t,this.setIsAuthorized(!0),this.oidcSecurityCommon.isAuthorized=!0},se.prototype.createAuthorizeUrl=function(e,t,o,i,n,r,s){var a=r.split("?"),u=a[0],c=new l.HttpParams({fromString:a[1],encoder:new X});c=(c=(c=(c=(c=(c=c.set("client_id",this.configurationProvider.openIDConfiguration.client_id)).append("redirect_uri",o)).append("response_type",this.configurationProvider.openIDConfiguration.response_type)).append("scope",this.configurationProvider.openIDConfiguration.scope)).append("nonce",i)).append("state",n),e&&(c=(c=c.append("code_challenge",t)).append("code_challenge_method","S256")),s&&(c=c.append("prompt",s)),this.configurationProvider.openIDConfiguration.hd_param&&(c=c.append("hd",this.configurationProvider.openIDConfiguration.hd_param));var d=Object.assign({},this.oidcSecurityCommon.customRequestParams);return Object.keys(d).forEach(function(e){c=c.append(e,d[e].toString())}),u+"?"+c},se.prototype.createEndSessionUrl=function(e,t){var o=e.split("?"),i=o[0],n=new l.HttpParams({fromString:o[1],encoder:new X});return i+"?"+(n=(n=n.set("id_token_hint",t)).append("post_logout_redirect_uri",this.configurationProvider.openIDConfiguration.post_logout_redirect_uri))},se.prototype.getSigningKeys=function(){return this.configurationProvider.wellKnownEndpoints?(this.loggerService.logDebug("jwks_uri: "+this.configurationProvider.wellKnownEndpoints.jwks_uri),this.oidcDataService.get(this.configurationProvider.wellKnownEndpoints.jwks_uri||"").pipe(v.catchError(this.handleErrorGetSigningKeys))):(this.loggerService.logWarning("getSigningKeys: authWellKnownEndpoints is undefined"),this.oidcDataService.get("undefined").pipe(v.catchError(this.handleErrorGetSigningKeys)))},se.prototype.handleErrorGetSigningKeys=function(e){var t;if(e instanceof Response){var o=e.json()||{},i=JSON.stringify(o);t=e.status+" - "+(e.statusText||"")+" "+i}else t=e.message?e.message:e.toString();return this.loggerService.logError(t),p.throwError(t)},se.prototype.runTokenValidation=function(){var t=this;if(!this.runTokenValidationRunning&&this.configurationProvider.openIDConfiguration.silent_renew){this.runTokenValidationRunning=!0,this.loggerService.logDebug("runTokenValidation silent-renew running");var o=function(){if(t.loggerService.logDebug("silentRenewHeartBeatCheck\r\n\tsilentRenewRunning: "+("running"===t.oidcSecurityCommon.silentRenewRunning)+"\r\n\tidToken: "+!!t.getIdToken()+"\r\n\t_userData.value: "+!!t._userData.value),t._userData.value&&"running"!==t.oidcSecurityCommon.silentRenewRunning&&t.getIdToken()&&t.oidcSecurityValidation.isTokenExpired(t.oidcSecurityCommon.idToken,t.configurationProvider.openIDConfiguration.silent_renew_offset_in_seconds)){if(t.loggerService.logDebug("IsAuthorized: id_token isTokenExpired, start silent renew if active"),t.configurationProvider.openIDConfiguration.silent_renew)return void t.refreshSession().subscribe(function(){t._scheduledHeartBeat=setTimeout(o,3e3)},function(e){t.loggerService.logError("Error: "+e),t._scheduledHeartBeat=setTimeout(o,3e3)});t.resetAuthorizationData(!1)}t._scheduledHeartBeat=setTimeout(o,3e3)};this.zone.runOutsideAngular(function(){t._scheduledHeartBeat=setTimeout(o,1e4)})}},se.prototype.silentRenewEventHandler=function(e){if(this.loggerService.logDebug("silentRenewEventHandler"),"code"===this.configurationProvider.openIDConfiguration.response_type){var t=e.detail.toString().split("?"),o=new l.HttpParams({fromString:t[1]}),i=o.get("code"),n=o.get("state"),r=o.get("session_state"),s=o.get("error");i&&n&&this.requestTokensWithCodeProcedure(i,n,r),s&&(this._onAuthorizationResult.next(new u(c.unauthorized,d.LoginRequired,!0)),this.resetAuthorizationData(!1),this.oidcSecurityCommon.authNonce="",this.loggerService.logDebug(e.detail.toString()))}else this.authorizedImplicitFlowCallback(e.detail)},se.decorators=[{type:i.Injectable}],se.ctorParameters=function(){return[{type:g},{type:N},{type:o.Router},{type:q},{type:$},{type:Z},{type:U},{type:K},{type:A},{type:I},{type:i.NgZone},{type:l.HttpClient},{type:k},{type:te}]},se);function se(e,t,o,i,n,r,s,a,u,c,d,l,g,h){var f=this;this.oidcDataService=e,this.stateValidationService=t,this.router=o,this.oidcSecurityCheckSession=i,this.oidcSecuritySilentRenew=n,this.oidcSecurityUserService=r,this.oidcSecurityCommon=s,this.oidcSecurityValidation=a,this.tokenHelperService=u,this.loggerService=c,this.zone=d,this.httpClient=l,this.configurationProvider=g,this.urlParserService=h,this._onModuleSetup=new p.Subject,this._onCheckSessionChanged=new p.Subject,this._onAuthorizationResult=new p.Subject,this.checkSessionChanged=!1,this.moduleSetup=!1,this._isModuleSetup=new p.BehaviorSubject(!1),this._isAuthorized=new p.BehaviorSubject(!1),this._userData=new p.BehaviorSubject(""),this.authWellKnownEndpointsLoaded=!1,this.runTokenValidationRunning=!1,this.onModuleSetup.pipe(v.take(1)).subscribe(function(){f.moduleSetup=!0,f._isModuleSetup.next(!0)}),this._isSetupAndAuthorized=this._isModuleSetup.pipe(v.filter(function(e){return e}),v.switchMap(function(){if(!f.configurationProvider.openIDConfiguration.silent_renew)return f.loggerService.logDebug("IsAuthorizedRace: Silent Renew Not Active. Emitting."),p.from([!0]);var e=f._isAuthorized.asObservable().pipe(v.filter(function(e){return e}),v.take(1),v.tap(function(){return f.loggerService.logDebug("IsAuthorizedRace: Existing token is still authorized.")}),v.race(f._onAuthorizationResult.pipe(v.take(1),v.tap(function(){return f.loggerService.logDebug("IsAuthorizedRace: Silent Renew Refresh Session Complete")}),v.map(function(){return!0})),p.timer(1e3*f.configurationProvider.openIDConfiguration.isauthorizedrace_timeout_in_seconds).pipe(v.tap(function(){f.resetAuthorizationData(!1),f.oidcSecurityCommon.authNonce="",f.loggerService.logWarning("IsAuthorizedRace: Timeout reached. Emitting.")}),v.map(function(){return!0}))));return f.loggerService.logDebug("Silent Renew is active, check if token in storage is active"),""!==f.oidcSecurityCommon.authNonce&&f.oidcSecurityCommon.authNonce!==undefined||(f.loggerService.logDebug("Silent Renew or login not running, try to refresh the session"),f.refreshSession().subscribe()),e}),v.tap(function(){return f.loggerService.logDebug("IsAuthorizedRace: Completed")}),v.switchMapTo(this._isAuthorized.asObservable()),v.tap(function(e){return f.loggerService.logDebug("getIsAuthorized: "+e)}),v.shareReplay(1)),this._isSetupAndAuthorized.pipe(v.filter(function(){return f.configurationProvider.openIDConfiguration.start_checksession})).subscribe(function(e){e?f.oidcSecurityCheckSession.startCheckingSession(f.configurationProvider.openIDConfiguration.client_id):f.oidcSecurityCheckSession.stopCheckingSession()})}var ae=(ue.forRoot=function(e){return void 0===e&&(e={}),{ngModule:ue,providers:[B,re,K,q,$,Z,U,A,I,P,R,g,N,{provide:O,useClass:e.storage||j}]}},ue.decorators=[{type:i.NgModule}],ue);function ue(){}e.AuthorizationResult=u,e.AuthorizationState=c,e.JwtKeys=n,e.JwtKey=r,e.ValidateStateResult=s,e.ValidationResult=d,e.AuthModule=ae,e.TokenHelperService=A,e.OidcConfigService=B,e.OidcSecurityService=re,e.OidcSecurityStorage=O,e.BrowserStorage=j,e.OidcSecurityValidation=K,e.LoggerService=I,e.ɵc=g,e.ɵa=k,e.ɵh=P,e.ɵf=R,e.ɵd=N,e.ɵg=q,e.ɵe=U,e.ɵi=$,e.ɵj=Z,e.ɵb=y,e.ɵk=te,Object.defineProperty(e,"__esModule",{value:!0})});
+!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports,require("@angular/common"),require("jsrsasign-reduced"),require("@angular/common/http"),require("@angular/router"),require("rxjs"),require("rxjs/operators"),require("@angular/core"),require("common-tags")):"function"==typeof define&&define.amd?define("angular-auth-oidc-client",["exports","@angular/common","jsrsasign-reduced","@angular/common/http","@angular/router","rxjs","rxjs/operators","@angular/core","common-tags"],t):t(e["angular-auth-oidc-client"]={},e.ng.common,e["jsrsasign-reduced"],e.ng.common.http,e.ng.router,e.rxjs,e.rxjs.operators,e.ng.core,e["common-tags"])}(this,function(e,t,C,l,o,p,v,i,a){"use strict";function n(){this.keys=[]}function r(){this.kty="",this.use="",this.kid="",this.x5t="",this.e="",this.n="",this.x5c=[]}var u=function ce(e,t,o){void 0===o&&(o=!1),this.authorizationState=e,this.validationResult=t,this.isRenewProcess=o},c={authorized:"authorized",forbidden:"forbidden",unauthorized:"unauthorized"},d={NotSet:"NotSet",StatesDoNotMatch:"StatesDoNotMatch",SignatureFailed:"SignatureFailed",IncorrectNonce:"IncorrectNonce",RequiredPropertyMissing:"RequiredPropertyMissing",MaxOffsetExpired:"MaxOffsetExpired",IssDoesNotMatchIssuer:"IssDoesNotMatchIssuer",NoAuthWellKnownEndPoints:"NoAuthWellKnownEndPoints",IncorrectAud:"IncorrectAud",TokenExpired:"TokenExpired",IncorrectAtHash:"IncorrectAtHash",Ok:"Ok",LoginRequired:"LoginRequired",SecureTokenServerError:"SecureTokenServerError"},s=function de(e,t,o,i,n){void 0===e&&(e=""),void 0===t&&(t=""),void 0===o&&(o=!1),void 0===i&&(i={}),void 0===n&&(n=d.NotSet),this.access_token=e,this.id_token=t,this.authResponseIsValid=o,this.decoded_id_token=i,this.state=n},g=(h.prototype.getWellknownEndpoints=function(e){var t=new l.HttpHeaders;return t=t.set("Accept","application/json"),this.httpClient.get(e,{headers:t})},h.prototype.getIdentityUserData=function(e,t){var o=new l.HttpHeaders;return o=(o=o.set("Accept","application/json")).set("Authorization","Bearer "+decodeURIComponent(t)),this.httpClient.get(e,{headers:o})},h.prototype.get=function(e){var t=new l.HttpHeaders;return t=t.set("Accept","application/json"),this.httpClient.get(e,{headers:t})},h.decorators=[{type:i.Injectable}],h.ctorParameters=function(){return[{type:l.HttpClient}]},h);function h(e){this.httpClient=e}var f=function(){return(f=Object.assign||function(e){for(var t,o=1,i=arguments.length;o<i;o++)for(var n in t=arguments[o])Object.prototype.hasOwnProperty.call(t,n)&&(e[n]=t[n]);return e}).apply(this,arguments)};function b(e){var t="function"==typeof Symbol&&e[Symbol.iterator],o=0;return t?t.call(e):{next:function(){return e&&o>=e.length&&(e=void 0),{value:e&&e[o++],done:!e}}}}function S(e,t){var o="function"==typeof Symbol&&e[Symbol.iterator];if(!o)return e;var i,n,r=o.call(e),s=[];try{for(;(void 0===t||0<t--)&&!(i=r.next()).done;)s.push(i.value)}catch(a){n={error:a}}finally{try{i&&!i.done&&(o=r["return"])&&o.call(r)}finally{if(n)throw n.error}}return s}function _(e,t){return Object.defineProperty?Object.defineProperty(e,"raw",{value:t}):e.raw=t,e}var y=(Object.defineProperty(m.prototype,"isBrowser",{get:function(){return t.isPlatformBrowser(this.platformId)},enumerable:!0,configurable:!0}),m.decorators=[{type:i.Injectable,args:[{providedIn:"root"}]}],m.ctorParameters=function(){return[{type:Object,decorators:[{type:i.Inject,args:[i.PLATFORM_ID]}]}]},m.ngInjectableDef=i.defineInjectable({factory:function(){return new m(i.inject(i.PLATFORM_ID))},token:m,providedIn:"root"}),m);function m(e){this.platformId=e}var k=(Object.defineProperty(w.prototype,"openIDConfiguration",{get:function(){return this.mergedOpenIdConfiguration},enumerable:!0,configurable:!0}),Object.defineProperty(w.prototype,"wellKnownEndpoints",{get:function(){return this.authWellKnownEndpoints},enumerable:!0,configurable:!0}),Object.defineProperty(w.prototype,"onConfigurationChange",{get:function(){return this.onConfigurationChangeInternal.asObservable()},enumerable:!0,configurable:!0}),w.prototype.setup=function(e,t){this.mergedOpenIdConfiguration=f({},this.mergedOpenIdConfiguration,e),this.setSpecialCases(this.mergedOpenIdConfiguration),this.authWellKnownEndpoints=f({},t),this.onConfigurationChangeInternal.next(f({},this.mergedOpenIdConfiguration))},w.prototype.setSpecialCases=function(e){this.platformProvider.isBrowser||(e.start_checksession=!1,e.silent_renew=!1,e.use_refresh_token=!1)},w.decorators=[{type:i.Injectable,args:[{providedIn:"root"}]}],w.ctorParameters=function(){return[{type:y}]},w.ngInjectableDef=i.defineInjectable({factory:function(){return new w(i.inject(y))},token:w,providedIn:"root"}),w);function w(e){this.platformProvider=e,this.DEFAULT_CONFIG={stsServer:"https://please_set",redirect_url:"https://please_set",client_id:"please_set",response_type:"code",scope:"openid email profile",hd_param:"",post_logout_redirect_uri:"https://please_set",start_checksession:!1,silent_renew:!1,silent_renew_url:"https://please_set",silent_renew_offset_in_seconds:0,use_refresh_token:!1,ignore_nonce_after_refresh:!1,post_login_route:"/",forbidden_route:"/forbidden",unauthorized_route:"/unauthorized",auto_userinfo:!0,auto_clean_state_after_authentication:!0,trigger_authorization_result_event:!1,log_console_warning_active:!0,log_console_debug_active:!1,iss_validation_off:!1,history_cleanup_off:!1,max_id_token_iat_offset_allowed_in_seconds:3,isauthorizedrace_timeout_in_seconds:5,disable_iat_offset_validation:!1,storage:"undefined"!=typeof Storage?sessionStorage:null},this.INITIAL_AUTHWELLKNOWN={issuer:"",jwks_uri:"",authorization_endpoint:"",token_endpoint:"",userinfo_endpoint:"",end_session_endpoint:"",check_session_iframe:"",revocation_endpoint:"",introspection_endpoint:""},this.mergedOpenIdConfiguration=this.DEFAULT_CONFIG,this.authWellKnownEndpoints=this.INITIAL_AUTHWELLKNOWN,this.onConfigurationChangeInternal=new p.Subject}var I=(D.prototype.logError=function(e){for(var t=[],o=1;o<arguments.length;o++)t[o-1]=arguments[o];console.error.apply(console,function i(){for(var e=[],t=0;t<arguments.length;t++)e=e.concat(S(arguments[t]));return e}([e],t))},D.prototype.logWarning=function(e){this.configurationProvider.openIDConfiguration.log_console_warning_active&&console.warn(e)},D.prototype.logDebug=function(e){this.configurationProvider.openIDConfiguration.log_console_debug_active&&console.log(e)},D.decorators=[{type:i.Injectable}],D.ctorParameters=function(){return[{type:k}]},D);function D(e){this.configurationProvider=e}var P=(E.prototype.getExistingIFrame=function(e){var t=this.getIFrameFromParentWindow(e);if(this.isIFrameElement(t))return t;var o=this.getIFrameFromWindow(e);return this.isIFrameElement(o)?o:null},E.prototype.addIFrameToWindowBody=function(e){var t=window.document.createElement("iframe");return t.id=e,this.loggerService.logDebug(t),t.style.display="none",window.document.body.appendChild(t),t},E.prototype.getIFrameFromParentWindow=function(e){try{var t=window.parent.document.getElementById(e);return this.isIFrameElement(t)?t:null}catch(o){return null}},E.prototype.getIFrameFromWindow=function(e){var t=window.document.getElementById(e);return this.isIFrameElement(t)?t:null},E.prototype.isIFrameElement=function(e){return!!e&&e instanceof HTMLIFrameElement},E.decorators=[{type:i.Injectable}],E.ctorParameters=function(){return[{type:I}]},E);function E(e){this.loggerService=e}var R=(z.prototype.areEqual=function(e,t){if(!e||!t)return!1;if(this.bothValuesAreArrays(e,t))return this.arraysEqual(e,t);if(this.bothValuesAreStrings(e,t))return e===t;if(this.bothValuesAreObjects(e,t))return JSON.stringify(e).toLowerCase()===JSON.stringify(t).toLowerCase();if(this.oneValueIsStringAndTheOtherIsArray(e,t)){if(Array.isArray(e)&&this.valueIsString(t))return e[0]===t;if(Array.isArray(t)&&this.valueIsString(e))return t[0]===e}},z.prototype.oneValueIsStringAndTheOtherIsArray=function(e,t){return Array.isArray(e)&&this.valueIsString(t)||Array.isArray(t)&&this.valueIsString(e)},z.prototype.bothValuesAreObjects=function(e,t){return this.valueIsObject(e)&&this.valueIsObject(t)},z.prototype.bothValuesAreStrings=function(e,t){return this.valueIsString(e)&&this.valueIsString(t)},z.prototype.bothValuesAreArrays=function(e,t){return Array.isArray(e)&&Array.isArray(t)},z.prototype.valueIsString=function(e){return"string"==typeof e||e instanceof String},z.prototype.valueIsObject=function(e){return"object"==typeof e},z.prototype.arraysEqual=function(e,t){if(e.length!==t.length)return!1;for(var o=e.length;o--;)if(e[o]!==t[o])return!1;return!0},z.decorators=[{type:i.Injectable}],z);function z(){}var A=(T.prototype.getTokenExpirationDate=function(e){if(!e.hasOwnProperty("exp"))return new Date;var t=new Date(0);return t.setUTCSeconds(e.exp),t},T.prototype.getHeaderFromToken=function(e,t){return this.tokenIsValid(e)?this.getPartOfToken(e,0,t):{}},T.prototype.getPayloadFromToken=function(e,t){return this.tokenIsValid(e)?this.getPartOfToken(e,1,t):{}},T.prototype.getSignatureFromToken=function(e,t){return this.tokenIsValid(e)?this.getPartOfToken(e,2,t):{}},T.prototype.getPartOfToken=function(e,t,o){var i=this.extractPartOfToken(e,t);if(o)return i;var n=this.urlBase64Decode(i);return JSON.parse(n)},T.prototype.urlBase64Decode=function(e){var t=e.replace(/-/g,"+").replace(/_/g,"/");switch(t.length%4){case 0:break;case 2:t+="==";break;case 3:t+="=";break;default:throw Error("Illegal base64url string!")}var o="undefined"!=typeof window?window.atob(t):new Buffer(t,"base64").toString("binary");try{return decodeURIComponent(o.split("").map(function(e){return"%"+("00"+e.charCodeAt(0).toString(16)).slice(-2)}).join(""))}catch(i){return o}},T.prototype.tokenIsValid=function(e){return e?e.includes(".")?e.split(".").length===this.PARTS_OF_TOKEN||(this.loggerService.logError("token '"+e+"' is not valid --\x3e token has to have exactly "+this.PARTS_OF_TOKEN+" dots"),!1):(this.loggerService.logError("token '"+e+"' is not valid --\x3e no dots included"),!1):(this.loggerService.logError("token '"+e+"' is not valid --\x3e token falsy"),!1)},T.prototype.extractPartOfToken=function(e,t){return e.split(".")[t]},T.decorators=[{type:i.Injectable}],T.ctorParameters=function(){return[{type:I}]},T);function T(e){this.loggerService=e,this.PARTS_OF_TOKEN=3}var O=(x.decorators=[{type:i.Injectable}],x);function x(){}var j=(W.prototype.read=function(e){if(this.hasStorage)return JSON.parse(this.configProvider.openIDConfiguration.storage.getItem(e+"_"+this.configProvider.openIDConfiguration.client_id))},W.prototype.write=function(e,t){this.hasStorage&&(t=t===undefined?null:t,this.configProvider.openIDConfiguration.storage.setItem(e+"_"+this.configProvider.openIDConfiguration.client_id,JSON.stringify(t)))},W.decorators=[{type:i.Injectable}],W.ctorParameters=function(){return[{type:k}]},W);function W(e){this.configProvider=e,this.hasStorage="undefined"!=typeof Storage}var U=(Object.defineProperty(V.prototype,"authResult",{get:function(){return this.retrieve(this.storageAuthResult)},set:function(e){this.store(this.storageAuthResult,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"accessToken",{get:function(){return this.retrieve(this.storageAccessToken)||""},set:function(e){this.store(this.storageAccessToken,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"idToken",{get:function(){return this.retrieve(this.storageIdToken)||""},set:function(e){this.store(this.storageIdToken,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"isAuthorized",{get:function(){return this.retrieve(this.storageIsAuthorized)},set:function(e){this.store(this.storageIsAuthorized,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"userData",{get:function(){return this.retrieve(this.storageUserData)},set:function(e){this.store(this.storageUserData,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"authNonce",{get:function(){return this.retrieve(this.storageAuthNonce)||""},set:function(e){this.store(this.storageAuthNonce,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"code_verifier",{get:function(){return this.retrieve(this.storageCodeVerifier)||""},set:function(e){this.store(this.storageCodeVerifier,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"authStateControl",{get:function(){return this.retrieve(this.storageAuthStateControl)||""},set:function(e){this.store(this.storageAuthStateControl,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"sessionState",{get:function(){return this.retrieve(this.storageSessionState)},set:function(e){this.store(this.storageSessionState,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"silentRenewRunning",{get:function(){return this.retrieve(this.storageSilentRenewRunning)||""},set:function(e){this.store(this.storageSilentRenewRunning,e)},enumerable:!0,configurable:!0}),Object.defineProperty(V.prototype,"customRequestParams",{get:function(){return this.retrieve(this.storageCustomRequestParams)},set:function(e){this.store(this.storageCustomRequestParams,e)},enumerable:!0,configurable:!0}),V.prototype.retrieve=function(e){return this.oidcSecurityStorage.read(e)},V.prototype.store=function(e,t){this.oidcSecurityStorage.write(e,t)},V.prototype.resetStorageData=function(e){e||(this.store(this.storageAuthResult,""),this.store(this.storageSessionState,""),this.store(this.storageSilentRenewRunning,""),this.store(this.storageIsAuthorized,!1),this.store(this.storageAccessToken,""),this.store(this.storageIdToken,""),this.store(this.storageUserData,""),this.store(this.storageCodeVerifier,""))},V.prototype.getAccessToken=function(){return this.retrieve(this.storageAccessToken)},V.prototype.getIdToken=function(){return this.retrieve(this.storageIdToken)},V.prototype.getRefreshToken=function(){return this.authResult.refresh_token},V.decorators=[{type:i.Injectable}],V.ctorParameters=function(){return[{type:O}]},V);function V(e){this.oidcSecurityStorage=e,this.storageAuthResult="authorizationResult",this.storageAccessToken="authorizationData",this.storageIdToken="authorizationDataIdToken",this.storageIsAuthorized="_isAuthorized",this.storageUserData="userData",this.storageAuthNonce="authNonce",this.storageCodeVerifier="code_verifier",this.storageAuthStateControl="authStateControl",this.storageSessionState="session_state",this.storageSilentRenewRunning="storage_silent_renew_running",this.storageCustomRequestParams="storage_custom_request_params"}var K=(F.prototype.isTokenExpired=function(e,t){var o;return o=this.tokenHelperService.getPayloadFromToken(e,!1),!this.validate_id_token_exp_not_expired(o,t)},F.prototype.validate_id_token_exp_not_expired=function(e,t){var o=this.tokenHelperService.getTokenExpirationDate(e);if(t=t||0,!o)return!1;var i=o.valueOf(),n=(new Date).valueOf()+1e3*t,r=n<i;return this.loggerService.logDebug("Token not expired?: "+i+" > "+n+"  ("+r+")"),r},F.prototype.validate_required_id_token=function(e){var t=!0;return e.hasOwnProperty("iss")||(t=!1,this.loggerService.logWarning("iss is missing, this is required in the id_token")),e.hasOwnProperty("sub")||(t=!1,this.loggerService.logWarning("sub is missing, this is required in the id_token")),e.hasOwnProperty("aud")||(t=!1,this.loggerService.logWarning("aud is missing, this is required in the id_token")),e.hasOwnProperty("exp")||(t=!1,this.loggerService.logWarning("exp is missing, this is required in the id_token")),e.hasOwnProperty("iat")||(t=!1,this.loggerService.logWarning("iat is missing, this is required in the id_token")),t},F.prototype.validate_id_token_iat_max_offset=function(e,t,o){if(o)return!0;if(!e.hasOwnProperty("iat"))return!1;var i=new Date(0);return i.setUTCSeconds(e.iat),t=t||0,null!=i&&(this.loggerService.logDebug("validate_id_token_iat_max_offset: "+((new Date).valueOf()-i.valueOf())+" < "+1e3*t),(new Date).valueOf()-i.valueOf()<1e3*t)},F.prototype.validate_id_token_nonce=function(e,t,o){return!((e.nonce!==undefined&&!o||t!==F.RefreshTokenNoncePlaceholder)&&e.nonce!==t&&(this.loggerService.logDebug("Validate_id_token_nonce failed, dataIdToken.nonce: "+e.nonce+" local_nonce:"+t),1))},F.prototype.validate_id_token_iss=function(e,t){return e.iss===t||(this.loggerService.logDebug("Validate_id_token_iss failed, dataIdToken.iss: "+e.iss+" authWellKnownEndpoints issuer:"+t),!1)},F.prototype.validate_id_token_aud=function(e,t){return e.aud instanceof Array?!!this.arrayHelperService.areEqual(e.aud,t)||(this.loggerService.logDebug("Validate_id_token_aud  array failed, dataIdToken.aud: "+e.aud+" client_id:"+t),!1):e.aud===t||(this.loggerService.logDebug("Validate_id_token_aud failed, dataIdToken.aud: "+e.aud+" client_id:"+t),!1)},F.prototype.validateStateFromHashCallback=function(e,t){return e===t||(this.loggerService.logDebug("ValidateStateFromHashCallback failed, state: "+e+" local_state:"+t),!1)},F.prototype.validate_userdata_sub_id_token=function(e,t){return e===t||(this.loggerService.logDebug("validate_userdata_sub_id_token failed, id_token_sub: "+e+" userdata_sub:"+t),!1)},F.prototype.validate_signature_id_token=function(e,t){var o,i,n,r,s,a;if(!t||!t.keys)return!1;var u=this.tokenHelperService.getHeaderFromToken(e,!1);if(0===Object.keys(u).length&&u.constructor===Object)return this.loggerService.logWarning("id token has no header data"),!1;var c=u.kid;if("RS256"!==u.alg)return this.loggerService.logWarning("Only RS256 supported"),!1;var d=!1;if(u.hasOwnProperty("kid"))try{for(var l=b(t.keys),g=l.next();!g.done;g=l.next())if((_=g.value).kid===c)return y=C.KEYUTIL.getKey(_),(d=C.KJUR.jws.JWS.verify(e,y,["RS256"]))||this.loggerService.logWarning("incorrect Signature, validation failed for id_token"),d}catch(m){s={error:m}}finally{try{g&&!g.done&&(a=l["return"])&&a.call(l)}finally{if(s)throw s.error}}else{var h=0;try{for(var f=b(t.keys),p=f.next();!p.done;p=f.next())"RSA"===(_=p.value).kty&&"sig"===_.use&&(h+=1)}catch(k){o={error:k}}finally{try{p&&!p.done&&(i=f["return"])&&i.call(f)}finally{if(o)throw o.error}}if(0===h)return this.loggerService.logWarning("no keys found, incorrect Signature, validation failed for id_token"),!1;if(1<h)return this.loggerService.logWarning("no ID Token kid claim in JOSE header and multiple supplied in jwks_uri"),!1;try{for(var v=b(t.keys),S=v.next();!S.done;S=v.next()){var _;if("RSA"===(_=S.value).kty&&"sig"===_.use){var y=C.KEYUTIL.getKey(_);return(d=C.KJUR.jws.JWS.verify(e,y,["RS256"]))||this.loggerService.logWarning("incorrect Signature, validation failed for id_token"),d}}}catch(w){n={error:w}}finally{try{S&&!S.done&&(r=v["return"])&&r.call(v)}finally{if(n)throw n.error}}}return d},F.prototype.config_validate_response_type=function(e){return"id_token token"===e||"id_token"===e||"code"===e||(this.loggerService.logWarning("module configure incorrect, invalid response_type:"+e),!1)},F.prototype.validate_id_token_at_hash=function(e,t,o){if(this.loggerService.logDebug("at_hash from the server:"+t),o&&!t)return this.loggerService.logDebug("Code Flow active, and no at_hash in the id_token, skipping check!"),!0;var i=this.generate_at_hash(""+e);if(this.loggerService.logDebug("at_hash client validation not decoded:"+i),i===t)return!0;var n=this.generate_at_hash(""+decodeURIComponent(e));return this.loggerService.logDebug("-gen access--"+n),n===t},F.prototype.generate_at_hash=function(e){var t=C.KJUR.crypto.Util.hashString(e,"sha256"),o=t.substr(0,t.length/2);return C.hextob64u(o)},F.prototype.generate_code_verifier=function(e){var t=C.KJUR.crypto.Util.hashString(e,"sha256");return C.hextob64u(t)},F.RefreshTokenNoncePlaceholder="--RefreshToken--",F.decorators=[{type:i.Injectable}],F.ctorParameters=function(){return[{type:R},{type:A},{type:I}]},F);function F(e,t,o){this.arrayHelperService=e,this.tokenHelperService=t,this.loggerService=o}var N=(H.prototype.validateState=function(e,t){var o=new s;if(!this.oidcSecurityValidation.validateStateFromHashCallback(e.state,this.oidcSecurityCommon.authStateControl))return this.loggerService.logWarning("authorizedCallback incorrect state"),o.state=d.StatesDoNotMatch,this.handleUnsuccessfulValidation(),o;if("id_token token"!==this.configurationProvider.openIDConfiguration.response_type&&"code"!==this.configurationProvider.openIDConfiguration.response_type||(o.access_token=e.access_token),e.id_token){if(o.id_token=e.id_token,o.decoded_id_token=this.tokenHelperService.getPayloadFromToken(o.id_token,!1),!this.oidcSecurityValidation.validate_signature_id_token(o.id_token,t))return this.loggerService.logDebug("authorizedCallback Signature validation failed id_token"),o.state=d.SignatureFailed,this.handleUnsuccessfulValidation(),o;if(!this.oidcSecurityValidation.validate_id_token_nonce(o.decoded_id_token,this.oidcSecurityCommon.authNonce,this.configurationProvider.openIDConfiguration.ignore_nonce_after_refresh))return this.loggerService.logWarning("authorizedCallback incorrect nonce"),o.state=d.IncorrectNonce,this.handleUnsuccessfulValidation(),o;if(!this.oidcSecurityValidation.validate_required_id_token(o.decoded_id_token))return this.loggerService.logDebug("authorizedCallback Validation, one of the REQUIRED properties missing from id_token"),o.state=d.RequiredPropertyMissing,this.handleUnsuccessfulValidation(),o;if(!this.oidcSecurityValidation.validate_id_token_iat_max_offset(o.decoded_id_token,this.configurationProvider.openIDConfiguration.max_id_token_iat_offset_allowed_in_seconds,this.configurationProvider.openIDConfiguration.disable_iat_offset_validation))return this.loggerService.logWarning("authorizedCallback Validation, iat rejected id_token was issued too far away from the current time"),o.state=d.MaxOffsetExpired,this.handleUnsuccessfulValidation(),o;if(!this.configurationProvider.wellKnownEndpoints)return this.loggerService.logWarning("authWellKnownEndpoints is undefined"),o.state=d.NoAuthWellKnownEndPoints,this.handleUnsuccessfulValidation(),o;if(this.configurationProvider.openIDConfiguration.iss_validation_off)this.loggerService.logDebug("iss validation is turned off, this is not recommended!");else if(!this.configurationProvider.openIDConfiguration.iss_validation_off&&!this.oidcSecurityValidation.validate_id_token_iss(o.decoded_id_token,this.configurationProvider.wellKnownEndpoints.issuer))return this.loggerService.logWarning("authorizedCallback incorrect iss does not match authWellKnownEndpoints issuer"),o.state=d.IssDoesNotMatchIssuer,this.handleUnsuccessfulValidation(),o;if(!this.oidcSecurityValidation.validate_id_token_aud(o.decoded_id_token,this.configurationProvider.openIDConfiguration.client_id))return this.loggerService.logWarning("authorizedCallback incorrect aud"),o.state=d.IncorrectAud,this.handleUnsuccessfulValidation(),o;if(!this.oidcSecurityValidation.validate_id_token_exp_not_expired(o.decoded_id_token))return this.loggerService.logWarning("authorizedCallback token expired"),o.state=d.TokenExpired,this.handleUnsuccessfulValidation(),o}else this.loggerService.logDebug("No id_token found, skipping id_token validation");return"id_token token"!==this.configurationProvider.openIDConfiguration.response_type&&"code"!==this.configurationProvider.openIDConfiguration.response_type?(o.authResponseIsValid=!0,o.state=d.Ok,this.handleSuccessfulValidation(),this.handleUnsuccessfulValidation()):this.oidcSecurityValidation.validate_id_token_at_hash(o.access_token,o.decoded_id_token.at_hash,"code"===this.configurationProvider.openIDConfiguration.response_type)&&o.access_token?(o.authResponseIsValid=!0,o.state=d.Ok,this.handleSuccessfulValidation()):(this.loggerService.logWarning("authorizedCallback incorrect at_hash"),o.state=d.IncorrectAtHash,this.handleUnsuccessfulValidation()),o},H.prototype.handleSuccessfulValidation=function(){this.oidcSecurityCommon.authNonce="",this.configurationProvider.openIDConfiguration.auto_clean_state_after_authentication&&(this.oidcSecurityCommon.authStateControl=""),this.loggerService.logDebug("AuthorizedCallback token(s) validated, continue")},H.prototype.handleUnsuccessfulValidation=function(){this.oidcSecurityCommon.authNonce="",this.configurationProvider.openIDConfiguration.auto_clean_state_after_authentication&&(this.oidcSecurityCommon.authStateControl=""),this.loggerService.logDebug("AuthorizedCallback token(s) invalid")},H.decorators=[{type:i.Injectable}],H.ctorParameters=function(){return[{type:U},{type:K},{type:A},{type:I},{type:k}]},H);function H(e,t,o,i,n){this.oidcSecurityCommon=e,this.oidcSecurityValidation=t,this.tokenHelperService=o,this.loggerService=i,this.configurationProvider=n}var M="myiFrameForCheckSession",q=(Object.defineProperty(L.prototype,"onCheckSessionChanged",{get:function(){return this.checkSessionChanged.asObservable()},enumerable:!0,configurable:!0}),L.prototype.doesSessionExist=function(){var e=this.iFrameService.getExistingIFrame(M);return!!e&&(this.sessionIframe=e,!0)},L.prototype.init=function(){var t=this;return this.lastIFrameRefresh+this.iframeRefreshInterval>Date.now()?p.from([this]):(this.doesSessionExist()||(this.sessionIframe=this.iFrameService.addIFrameToWindowBody(M),this.iframeMessageEvent=this.messageHandler.bind(this),window.addEventListener("message",this.iframeMessageEvent,!1)),this.configurationProvider.wellKnownEndpoints?(this.configurationProvider.wellKnownEndpoints.check_session_iframe?this.sessionIframe.contentWindow.location.replace(this.configurationProvider.wellKnownEndpoints.check_session_iframe):this.loggerService.logWarning("init check session: authWellKnownEndpoints is undefined"),p.Observable.create(function(e){t.sessionIframe.onload=function(){t.lastIFrameRefresh=Date.now(),e.next(t),e.complete()}})):void this.loggerService.logWarning("init check session: authWellKnownEndpoints is undefined. Returning."))},L.prototype.startCheckingSession=function(e){this.scheduledHeartBeat||this.pollServerSession(e)},L.prototype.stopCheckingSession=function(){this.scheduledHeartBeat&&this.clearScheduledHeartBeat()},L.prototype.pollServerSession=function(t){var o=this,i=function(){o.init().pipe(v.take(1)).subscribe(function(){if(o.sessionIframe&&t){o.loggerService.logDebug(o.sessionIframe);var e=o.oidcSecurityCommon.sessionState;e?(o.outstandingMessages++,o.sessionIframe.contentWindow.postMessage(t+" "+e,o.configurationProvider.openIDConfiguration.stsServer)):(o.loggerService.logDebug("OidcSecurityCheckSession pollServerSession session_state is blank"),o.checkSessionChanged.next())}else o.loggerService.logWarning("OidcSecurityCheckSession pollServerSession sessionIframe does not exist"),o.loggerService.logDebug(t),o.loggerService.logDebug(o.sessionIframe);3<o.outstandingMessages&&(o.loggerService.logError("OidcSecurityCheckSession not receiving check session response messages.\n                            Outstanding messages: "+o.outstandingMessages+". Server unreachable?"),o.checkSessionChanged.next()),o.scheduledHeartBeat=setTimeout(i,o.heartBeatInterval)})};this.outstandingMessages=0,this.zone.runOutsideAngular(function(){o.scheduledHeartBeat=setTimeout(i,o.heartBeatInterval)})},L.prototype.clearScheduledHeartBeat=function(){clearTimeout(this.scheduledHeartBeat),this.scheduledHeartBeat=null},L.prototype.messageHandler=function(e){this.outstandingMessages=0,this.sessionIframe&&this.configurationProvider.openIDConfiguration.stsServer.startsWith(e.origin)&&e.source===this.sessionIframe.contentWindow&&("error"===e.data?this.loggerService.logWarning("error from checksession messageHandler"):"changed"===e.data?this.checkSessionChanged.next():this.loggerService.logDebug(e.data+" from checksession messageHandler"))},L.decorators=[{type:i.Injectable}],L.ctorParameters=function(){return[{type:U},{type:I},{type:P},{type:i.NgZone},{type:k}]},L);function L(e,t,o,i,n){this.oidcSecurityCommon=e,this.loggerService=t,this.iFrameService=o,this.zone=i,this.configurationProvider=n,this.lastIFrameRefresh=0,this.outstandingMessages=0,this.heartBeatInterval=3e3,this.iframeRefreshInterval=6e4,this.checkSessionChanged=new p.Subject}var B=(Object.defineProperty(J.prototype,"onConfigurationLoaded",{get:function(){return this.configurationLoadedInternal.asObservable()},enumerable:!0,configurable:!0}),J.prototype.load=function(t){var o=this;return this.httpClient.get(t).pipe(v.switchMap(function(e){return o.loadUsingConfiguration(e)}),v.catchError(function(e){return o.loggerService.logError("OidcConfigService 'load' threw an error on calling "+t,e),o.configurationLoadedInternal.next(undefined),p.of(!1)})).toPromise()},J.prototype.load_using_stsServer=function(e){return this.loadUsingConfiguration({stsServer:e}).toPromise()},J.prototype.load_using_custom_stsServer=function(t){var o=this;return this.httpClient.get(t).pipe(v.switchMap(function(e){return o.configurationLoadedInternal.next({authWellknownEndpoints:e,customConfig:{stsServer:t}}),p.of(!0)}),v.catchError(function(e){return o.loggerService.logError("OidcConfigService 'load_using_custom_stsServer' threw an error on calling "+t,e),o.configurationLoadedInternal.next(undefined),p.of(!1)})).toPromise()},J.prototype.loadUsingConfiguration=function(t){var o=this;if(!t.stsServer)throw this.loggerService.logError("Property 'stsServer' is not present of passed config "+JSON.stringify(t),t),new Error("Property 'stsServer' is not present of passed config "+JSON.stringify(t));var i=t.stsServer+"/.well-known/openid-configuration";return this.httpClient.get(i).pipe(v.switchMap(function(e){return o.configurationLoadedInternal.next({authWellknownEndpoints:e,customConfig:t}),p.of(!0)}),v.catchError(function(e){return o.loggerService.logError("OidcConfigService 'load_using_stsServer' threw an error on calling "+i,e),o.configurationLoadedInternal.next(undefined),p.of(!1)}))},J.decorators=[{type:i.Injectable}],J.ctorParameters=function(){return[{type:I},{type:l.HttpClient}]},J);function J(e,t){this.loggerService=e,this.httpClient=t,this.configurationLoadedInternal=new p.ReplaySubject(1)}var G="myiFrameForSilentRenew",$=(Y.prototype.initRenew=function(){var e=this.iFrameService.getExistingIFrame(G);return e||this.iFrameService.addIFrameToWindowBody(G)},Y.prototype.startRenew=function(o){var i=this.initRenew();return this.loggerService.logDebug("startRenew for URL:"+o),new p.Observable(function(e){var t=function(){i.removeEventListener("load",t),e.next(undefined),e.complete()};return i.addEventListener("load",t),i.src=o,function(){i.removeEventListener("load",t)}})},Y.decorators=[{type:i.Injectable}],Y.ctorParameters=function(){return[{type:I},{type:P}]},Y);function Y(e,t){this.loggerService=e,this.iFrameService=t}var Z=(Q.prototype.initUserData=function(){var t=this;return this.getIdentityUserData().pipe(v.map(function(e){return t.userData=e}))},Q.prototype.getUserData=function(){if(!this.userData)throw Error("UserData is not set!");return this.userData},Q.prototype.setUserData=function(e){this.userData=e},Q.prototype.getIdentityUserData=function(){var e=this.oidcSecurityCommon.getAccessToken();if(!this.configurationProvider.wellKnownEndpoints)throw this.loggerService.logWarning("init check session: authWellKnownEndpoints is undefined"),Error("authWellKnownEndpoints is undefined");if(!this.configurationProvider.wellKnownEndpoints||!this.configurationProvider.wellKnownEndpoints.userinfo_endpoint)throw this.loggerService.logError("init check session: authWellKnownEndpoints.userinfo_endpoint is undefined; set auto_userinfo = false in config"),Error("authWellKnownEndpoints.userinfo_endpoint is undefined");return this.oidcDataService.getIdentityUserData(this.configurationProvider.wellKnownEndpoints.userinfo_endpoint||"",e)},Q.decorators=[{type:i.Injectable}],Q.ctorParameters=function(){return[{type:g},{type:U},{type:I},{type:k}]},Q);function Q(e,t,o,i){this.oidcDataService=e,this.oidcSecurityCommon=t,this.loggerService=o,this.configurationProvider=i,this.userData=""}var X=(ee.prototype.encodeKey=function(e){return encodeURIComponent(e)},ee.prototype.encodeValue=function(e){return encodeURIComponent(e)},ee.prototype.decodeKey=function(e){return decodeURIComponent(e)},ee.prototype.decodeValue=function(e){return decodeURIComponent(e)},ee);function ee(){}var te=(oe.prototype.getUrlParameter=function(e,t){if(!e)return"";if(!t)return"";t=t.replace(/[\[]/,"\\[").replace(/[\]]/,"\\]");var o=new RegExp("[\\?&]"+t+"=([^&#]*)").exec(e);return null===o?"":decodeURIComponent(o[1])},oe.decorators=[{type:i.Injectable,args:[{providedIn:"root"}]}],oe.ngInjectableDef=i.defineInjectable({factory:function(){return new oe},token:oe,providedIn:"root"}),oe);function oe(){}var ie,ne,re=(Object.defineProperty(se.prototype,"onModuleSetup",{get:function(){return this._onModuleSetup.asObservable()},enumerable:!0,configurable:!0}),Object.defineProperty(se.prototype,"onAuthorizationResult",{get:function(){return this._onAuthorizationResult.asObservable()},enumerable:!0,configurable:!0}),Object.defineProperty(se.prototype,"onCheckSessionChanged",{get:function(){return this._onCheckSessionChanged.asObservable()},enumerable:!0,configurable:!0}),Object.defineProperty(se.prototype,"onConfigurationChange",{get:function(){return this.configurationProvider.onConfigurationChange},enumerable:!0,configurable:!0}),se.prototype.setupModule=function(e,t){var o=this;this.configurationProvider.setup(e,t),this.oidcSecurityCheckSession.onCheckSessionChanged.subscribe(function(){o.loggerService.logDebug("onCheckSessionChanged"),o.checkSessionChanged=!0,o._onCheckSessionChanged.next(o.checkSessionChanged)});var i=this.oidcSecurityCommon.userData;i&&this.setUserData(i);var n=this.oidcSecurityCommon.isAuthorized;if(n&&(this.loggerService.logDebug("IsAuthorized setup module"),this.loggerService.logDebug(this.oidcSecurityCommon.idToken),this.oidcSecurityValidation.isTokenExpired(this.oidcSecurityCommon.idToken||this.oidcSecurityCommon.accessToken,this.configurationProvider.openIDConfiguration.silent_renew_offset_in_seconds)?this.loggerService.logDebug("IsAuthorized setup module; id_token isTokenExpired"):(this.loggerService.logDebug("IsAuthorized setup module; id_token is valid"),this.setIsAuthorized(n)),this.runTokenValidation()),this.loggerService.logDebug("STS server: "+this.configurationProvider.openIDConfiguration.stsServer),this._onModuleSetup.next(),this.configurationProvider.openIDConfiguration.silent_renew){this.oidcSecuritySilentRenew.initRenew(),this.boundSilentRenewEvent=this.silentRenewEventHandler.bind(this);var r=Math.random(),s=function(e){e.detail!==r&&(window.removeEventListener("oidc-silent-renew-message",o.boundSilentRenewEvent),window.removeEventListener("oidc-silent-renew-init",s))}.bind(this);window.addEventListener("oidc-silent-renew-init",s,!1),window.addEventListener("oidc-silent-renew-message",this.boundSilentRenewEvent,!1),window.dispatchEvent(new CustomEvent("oidc-silent-renew-init",{detail:r}))}},se.prototype.getUserData=function(){return this._userData.asObservable()},se.prototype.getIsModuleSetup=function(){return this._isModuleSetup.asObservable()},se.prototype.getIsAuthorized=function(){return this._isSetupAndAuthorized},se.prototype.getToken=function(){if(!this._isAuthorized.getValue())return"";var e=this.oidcSecurityCommon.getAccessToken();return decodeURIComponent(e)},se.prototype.getIdToken=function(){if(!this._isAuthorized.getValue())return"";var e=this.oidcSecurityCommon.getIdToken();return decodeURIComponent(e)},se.prototype.getRefreshToken=function(){if(!this._isAuthorized.getValue())return"";var e=this.oidcSecurityCommon.getRefreshToken();return decodeURIComponent(e)},se.prototype.getPayloadFromIdToken=function(e){void 0===e&&(e=!1);var t=this.getIdToken();return this.tokenHelperService.getPayloadFromToken(t,e)},se.prototype.setState=function(e){this.oidcSecurityCommon.authStateControl=e},se.prototype.getState=function(){return this.oidcSecurityCommon.authStateControl},se.prototype.setCustomRequestParameters=function(e){this.oidcSecurityCommon.customRequestParams=e},se.prototype.authorize=function(e){if(this.configurationProvider.wellKnownEndpoints&&(this.authWellKnownEndpointsLoaded=!0),this.authWellKnownEndpointsLoaded){if(this.oidcSecurityValidation.config_validate_response_type(this.configurationProvider.openIDConfiguration.response_type)){this.resetAuthorizationData(!1),this.loggerService.logDebug("BEGIN Authorize Code Flow, no auth data");var t=this.oidcSecurityCommon.authStateControl;t||(t=Date.now()+""+Math.random()+Math.random(),this.oidcSecurityCommon.authStateControl=t);var o="N"+Math.random()+Date.now();this.oidcSecurityCommon.authNonce=o,this.loggerService.logDebug("AuthorizedController created. local state: "+this.oidcSecurityCommon.authStateControl);var i="";if("code"===this.configurationProvider.openIDConfiguration.response_type){var n="C"+Math.random()+Date.now()+Date.now()+Math.random(),r=this.oidcSecurityValidation.generate_code_verifier(n);this.oidcSecurityCommon.code_verifier=n,this.configurationProvider.wellKnownEndpoints?i=this.createAuthorizeUrl(!0,r,this.configurationProvider.openIDConfiguration.redirect_url,o,t,this.configurationProvider.wellKnownEndpoints.authorization_endpoint||""):this.loggerService.logError("authWellKnownEndpoints is undefined")}else this.configurationProvider.wellKnownEndpoints?i=this.createAuthorizeUrl(!1,"",this.configurationProvider.openIDConfiguration.redirect_url,o,t,this.configurationProvider.wellKnownEndpoints.authorization_endpoint||""):this.loggerService.logError("authWellKnownEndpoints is undefined");e?e(i):this.redirectTo(i)}}else this.loggerService.logError("Well known endpoints must be loaded before user can login!")},se.prototype.authorizedCallbackWithCode=function(e){this.authorizedCallbackWithCode$(e).subscribe()},se.prototype.authorizedCallbackWithCode$=function(e){var t=this.urlParserService.getUrlParameter(e,"code"),o=this.urlParserService.getUrlParameter(e,"state"),i=this.urlParserService.getUrlParameter(e,"session_state")||null;return o?t?(this.loggerService.logDebug("running validation for callback"+e),this.requestTokensWithCode$(t,o,i)):(this.loggerService.logDebug("no code in url"),p.of()):(this.loggerService.logDebug("no state in url"),p.of())},se.prototype.requestTokensWithCode=function(e,t,o){this.requestTokensWithCode$(e,t,o).subscribe()},se.prototype.requestTokensWithCode$=function(e,t,o){var i=this;return this._isModuleSetup.pipe(v.filter(function(e){return!!e}),v.take(1),v.switchMap(function(){return i.requestTokensWithCodeProcedure$(e,t,o)}))},se.prototype.refreshTokensWithCodeProcedure=function(e,o){var i=this,t="";this.configurationProvider.wellKnownEndpoints&&this.configurationProvider.wellKnownEndpoints.token_endpoint&&(t=""+this.configurationProvider.wellKnownEndpoints.token_endpoint);var n=new l.HttpHeaders;n=n.set("Content-Type","application/x-www-form-urlencoded");var r="grant_type=refresh_token&client_id="+this.configurationProvider.openIDConfiguration.client_id+"&refresh_token="+e;return this.httpClient.post(t,r,{headers:n}).pipe(v.map(function(e){i.loggerService.logDebug("token refresh response: "+JSON.stringify(e));var t=new Object;(t=e).state=o,i.authorizedCodeFlowCallbackProcedure(t)}),v.catchError(function(e){return i.loggerService.logError(e),i.loggerService.logError("OidcService code request "+i.configurationProvider.openIDConfiguration.stsServer),p.of(!1)}))},se.prototype.requestTokensWithCodeProcedure=function(e,t,o){this.requestTokensWithCodeProcedure$(e,t,o).subscribe()},se.prototype.requestTokensWithCodeProcedure$=function(e,o,i){var n=this,t="";if(this.configurationProvider.wellKnownEndpoints&&this.configurationProvider.wellKnownEndpoints.token_endpoint&&(t=""+this.configurationProvider.wellKnownEndpoints.token_endpoint),!this.oidcSecurityValidation.validateStateFromHashCallback(o,this.oidcSecurityCommon.authStateControl))return this.loggerService.logWarning("authorizedCallback incorrect state"),p.throwError(new Error("incorrect state"));var r=new l.HttpHeaders;r=r.set("Content-Type","application/x-www-form-urlencoded");var s=a.oneLineTrim(ie=ie||_(["grant_type=authorization_code&client_id=","\n            &code_verifier=","\n            &code=","&redirect_uri=",""],["grant_type=authorization_code&client_id=","\n            &code_verifier=","\n            &code=","&redirect_uri=",""]),this.configurationProvider.openIDConfiguration.client_id,this.oidcSecurityCommon.code_verifier,e,this.configurationProvider.openIDConfiguration.redirect_url);return"running"===this.oidcSecurityCommon.silentRenewRunning&&(s=a.oneLineTrim(ne=ne||_(["grant_type=authorization_code&client_id=","\n                &code_verifier=","\n                &code=","\n                &redirect_uri=",""],["grant_type=authorization_code&client_id=","\n                &code_verifier=","\n                &code=","\n                &redirect_uri=",""]),this.configurationProvider.openIDConfiguration.client_id,this.oidcSecurityCommon.code_verifier,e,this.configurationProvider.openIDConfiguration.silent_renew_url)),this.httpClient.post(t,s,{headers:r}).pipe(v.map(function(e){var t=new Object;return(t=e).state=o,t.session_state=i,n.authorizedCodeFlowCallbackProcedure(t),undefined}),v.catchError(function(e){return n.loggerService.logError(e),n.loggerService.logError("OidcService code request "+n.configurationProvider.openIDConfiguration.stsServer),p.throwError(e)}))},se.prototype.authorizedCodeFlowCallbackProcedure=function(e){var t="running"===this.oidcSecurityCommon.silentRenewRunning;this.loggerService.logDebug("BEGIN authorized Code Flow Callback, no auth data"),this.resetAuthorizationData(t),this.authorizedCallbackProcedure(e,t)},se.prototype.authorizedImplicitFlowCallbackProcedure=function(e){var t="running"===this.oidcSecurityCommon.silentRenewRunning;this.loggerService.logDebug("BEGIN authorizedCallback, no auth data"),this.resetAuthorizationData(t);var o=(e=e||window.location.hash.substr(1)).split("&").reduce(function(e,t){var o=t.split("=");return e[o.shift()]=o.join("="),e},{});this.authorizedCallbackProcedure(o,t)},se.prototype.authorizedImplicitFlowCallback=function(e){var t=this;this._isModuleSetup.pipe(v.filter(function(e){return e}),v.take(1)).subscribe(function(){t.authorizedImplicitFlowCallbackProcedure(e)})},se.prototype.redirectTo=function(e){window.location.href=e},se.prototype.authorizedCallbackProcedure=function(o,i){var n=this;this.oidcSecurityCommon.authResult=o,this.configurationProvider.openIDConfiguration.history_cleanup_off||i?this.loggerService.logDebug("history clean up inactive"):window.history.replaceState({},window.document.title,window.location.origin+window.location.pathname),o.error?(i?this.loggerService.logDebug(o):this.loggerService.logWarning(o),"login_required"===o.error?this._onAuthorizationResult.next(new u(c.unauthorized,d.LoginRequired,i)):this._onAuthorizationResult.next(new u(c.unauthorized,d.SecureTokenServerError,i)),this.resetAuthorizationData(!1),this.oidcSecurityCommon.authNonce="",this.configurationProvider.openIDConfiguration.trigger_authorization_result_event||i||this.router.navigate([this.configurationProvider.openIDConfiguration.unauthorized_route])):(this.loggerService.logDebug(o),this.loggerService.logDebug("authorizedCallback created, begin token validation"),this.getSigningKeys().subscribe(function(e){var t=n.getValidatedStateResult(o,e);t.authResponseIsValid?(n.setAuthorizationData(t.access_token,t.id_token),n.oidcSecurityCommon.silentRenewRunning="",n.configurationProvider.openIDConfiguration.auto_userinfo?n.getUserinfo(i,o,t.id_token,t.decoded_id_token).subscribe(function(e){e?(n._onAuthorizationResult.next(new u(c.authorized,t.state,i)),n.configurationProvider.openIDConfiguration.trigger_authorization_result_event||i||n.router.navigate([n.configurationProvider.openIDConfiguration.post_login_route])):(n._onAuthorizationResult.next(new u(c.unauthorized,t.state,i)),n.configurationProvider.openIDConfiguration.trigger_authorization_result_event||i||n.router.navigate([n.configurationProvider.openIDConfiguration.unauthorized_route]))},function(e){n.loggerService.logWarning("Failed to retreive user info with error: "+JSON.stringify(e))}):(i||(n.oidcSecurityUserService.setUserData(t.decoded_id_token),n.setUserData(n.oidcSecurityUserService.getUserData())),n.runTokenValidation(),n._onAuthorizationResult.next(new u(c.authorized,t.state,i)),n.configurationProvider.openIDConfiguration.trigger_authorization_result_event||i||n.router.navigate([n.configurationProvider.openIDConfiguration.post_login_route]))):(n.loggerService.logWarning("authorizedCallback, token(s) validation failed, resetting"),n.loggerService.logWarning(window.location.hash),n.resetAuthorizationData(!1),n.oidcSecurityCommon.silentRenewRunning="",n._onAuthorizationResult.next(new u(c.unauthorized,t.state,i)),n.configurationProvider.openIDConfiguration.trigger_authorization_result_event||i||n.router.navigate([n.configurationProvider.openIDConfiguration.unauthorized_route]))},function(e){n.loggerService.logWarning("Failed to retreive siging key with error: "+JSON.stringify(e)),n.oidcSecurityCommon.silentRenewRunning=""}))},se.prototype.getUserinfo=function(e,o,t,i){var n=this;return void 0===e&&(e=!1),o=o||this.oidcSecurityCommon.authResult,t=t||this.oidcSecurityCommon.idToken,i=i||this.tokenHelperService.getPayloadFromToken(t,!1),new p.Observable(function(t){"id_token token"===n.configurationProvider.openIDConfiguration.response_type||"code"===n.configurationProvider.openIDConfiguration.response_type?e&&n._userData.value?(n.oidcSecurityCommon.sessionState=o.session_state,t.next(!0),t.complete()):n.oidcSecurityUserService.initUserData().subscribe(function(){n.loggerService.logDebug("authorizedCallback (id_token token || code) flow");var e=n.oidcSecurityUserService.getUserData();n.oidcSecurityValidation.validate_userdata_sub_id_token(i.sub,e.sub)?(n.setUserData(e),n.loggerService.logDebug(n.oidcSecurityCommon.accessToken),n.loggerService.logDebug(n.oidcSecurityUserService.getUserData()),n.oidcSecurityCommon.sessionState=o.session_state,n.runTokenValidation(),t.next(!0)):(n.loggerService.logWarning("authorizedCallback, User data sub does not match sub in id_token"),n.loggerService.logDebug("authorizedCallback, token(s) validation failed, resetting"),n.resetAuthorizationData(!1),t.next(!1)),t.complete()}):(n.loggerService.logDebug("authorizedCallback id_token flow"),n.loggerService.logDebug(n.oidcSecurityCommon.accessToken),n.oidcSecurityUserService.setUserData(i),n.setUserData(n.oidcSecurityUserService.getUserData()),n.oidcSecurityCommon.sessionState=o.session_state,n.runTokenValidation(),t.next(!0),t.complete())})},se.prototype.logoff=function(e){if(this.loggerService.logDebug("BEGIN Authorize, no auth data"),this.configurationProvider.wellKnownEndpoints)if(this.configurationProvider.wellKnownEndpoints.end_session_endpoint){var t=this.configurationProvider.wellKnownEndpoints.end_session_endpoint,o=this.oidcSecurityCommon.idToken,i=this.createEndSessionUrl(t,o);this.resetAuthorizationData(!1),this.configurationProvider.openIDConfiguration.start_checksession&&this.checkSessionChanged?this.loggerService.logDebug("only local login cleaned up, server session has changed"):e?e(i):this.redirectTo(i)}else this.resetAuthorizationData(!1),this.loggerService.logDebug("only local login cleaned up, no end_session_endpoint");else this.loggerService.logWarning("authWellKnownEndpoints is undefined")},se.prototype.refreshSession=function(){var e=this;if(!this.configurationProvider.openIDConfiguration.silent_renew)return p.of(!1);this.loggerService.logDebug("BEGIN refresh session Authorize"),this.oidcSecurityCommon.silentRenewRunning="running";var t=this.oidcSecurityCommon.authStateControl;""!==t&&null!==t||(t=Date.now()+""+Math.random()+Math.random(),this.oidcSecurityCommon.authStateControl=t);var o="N"+Math.random()+Date.now();this.oidcSecurityCommon.authNonce=o,this.loggerService.logDebug("RefreshSession created. adding myautostate: "+this.oidcSecurityCommon.authStateControl);var i="";if("code"===this.configurationProvider.openIDConfiguration.response_type){if(this.configurationProvider.openIDConfiguration.use_refresh_token){var n=this.oidcSecurityCommon.getRefreshToken();if(n)return this.loggerService.logDebug("found refresh code, obtaining new credentials with refresh code"),this.oidcSecurityCommon.authNonce=K.RefreshTokenNoncePlaceholder,this.refreshTokensWithCodeProcedure(n,t);this.loggerService.logDebug("no refresh token found, using silent renew")}var r="C"+Math.random()+Date.now()+Date.now()+Math.random(),s=this.oidcSecurityValidation.generate_code_verifier(r);this.oidcSecurityCommon.code_verifier=r,this.configurationProvider.wellKnownEndpoints?i=this.createAuthorizeUrl(!0,s,this.configurationProvider.openIDConfiguration.silent_renew_url,o,t,this.configurationProvider.wellKnownEndpoints.authorization_endpoint||"","none"):this.loggerService.logWarning("authWellKnownEndpoints is undefined")}else this.configurationProvider.wellKnownEndpoints?i=this.createAuthorizeUrl(!1,"",this.configurationProvider.openIDConfiguration.silent_renew_url,o,t,this.configurationProvider.wellKnownEndpoints.authorization_endpoint||"","none"):this.loggerService.logWarning("authWellKnownEndpoints is undefined");return this.getIsAuthorized().pipe(v.first(function(e){return e}),v.switchMap(function(){return e.oidcSecuritySilentRenew.startRenew(i).pipe(v.map(function(){return!0}))}))},se.prototype.handleError=function(e){var t="running"===this.oidcSecurityCommon.silentRenewRunning;if(this.loggerService.logError(e),403===e.status||"403"===e.status)this.configurationProvider.openIDConfiguration.trigger_authorization_result_event?this._onAuthorizationResult.next(new u(c.unauthorized,d.NotSet,t)):this.router.navigate([this.configurationProvider.openIDConfiguration.forbidden_route]);else if(401===e.status||"401"===e.status){var o=this.oidcSecurityCommon.silentRenewRunning;this.resetAuthorizationData(!!o),this.configurationProvider.openIDConfiguration.trigger_authorization_result_event?this._onAuthorizationResult.next(new u(c.unauthorized,d.NotSet,t)):this.router.navigate([this.configurationProvider.openIDConfiguration.unauthorized_route])}},se.prototype.startCheckingSilentRenew=function(){this.runTokenValidation()},se.prototype.stopCheckingSilentRenew=function(){this._scheduledHeartBeat&&(clearTimeout(this._scheduledHeartBeat),this._scheduledHeartBeat=null,this.runTokenValidationRunning=!1)},se.prototype.resetAuthorizationData=function(e){e||(this.configurationProvider.openIDConfiguration.auto_userinfo&&this.setUserData(""),this.oidcSecurityCommon.resetStorageData(e),this.checkSessionChanged=!1,this.setIsAuthorized(!1))},se.prototype.getEndSessionUrl=function(){if(this.configurationProvider.wellKnownEndpoints&&this.configurationProvider.wellKnownEndpoints.end_session_endpoint){var e=this.configurationProvider.wellKnownEndpoints.end_session_endpoint,t=this.oidcSecurityCommon.idToken;return this.createEndSessionUrl(e,t)}},se.prototype.getValidatedStateResult=function(e,t){return e.error?new s("","",!1,{}):this.stateValidationService.validateState(e,t)},se.prototype.setUserData=function(e){this.oidcSecurityCommon.userData=e,this._userData.next(e)},se.prototype.setIsAuthorized=function(e){this._isAuthorized.next(e)},se.prototype.setAuthorizationData=function(e,t){""!==this.oidcSecurityCommon.accessToken&&(this.oidcSecurityCommon.accessToken=""),this.loggerService.logDebug(e),this.loggerService.logDebug(t),this.loggerService.logDebug("storing to storage, getting the roles"),this.oidcSecurityCommon.accessToken=e,this.oidcSecurityCommon.idToken=t,this.setIsAuthorized(!0),this.oidcSecurityCommon.isAuthorized=!0},se.prototype.createAuthorizeUrl=function(e,t,o,i,n,r,s){var a=r.split("?"),u=a[0],c=new l.HttpParams({fromString:a[1],encoder:new X});c=(c=(c=(c=(c=(c=c.set("client_id",this.configurationProvider.openIDConfiguration.client_id)).append("redirect_uri",o)).append("response_type",this.configurationProvider.openIDConfiguration.response_type)).append("scope",this.configurationProvider.openIDConfiguration.scope)).append("nonce",i)).append("state",n),e&&(c=(c=c.append("code_challenge",t)).append("code_challenge_method","S256")),s&&(c=c.append("prompt",s)),this.configurationProvider.openIDConfiguration.hd_param&&(c=c.append("hd",this.configurationProvider.openIDConfiguration.hd_param));var d=Object.assign({},this.oidcSecurityCommon.customRequestParams);return Object.keys(d).forEach(function(e){c=c.append(e,d[e].toString())}),u+"?"+c},se.prototype.createEndSessionUrl=function(e,t){var o=e.split("?"),i=o[0],n=new l.HttpParams({fromString:o[1],encoder:new X});return i+"?"+(n=(n=n.set("id_token_hint",t)).append("post_logout_redirect_uri",this.configurationProvider.openIDConfiguration.post_logout_redirect_uri))},se.prototype.getSigningKeys=function(){return this.configurationProvider.wellKnownEndpoints?(this.loggerService.logDebug("jwks_uri: "+this.configurationProvider.wellKnownEndpoints.jwks_uri),this.oidcDataService.get(this.configurationProvider.wellKnownEndpoints.jwks_uri||"").pipe(v.catchError(this.handleErrorGetSigningKeys))):(this.loggerService.logWarning("getSigningKeys: authWellKnownEndpoints is undefined"),this.oidcDataService.get("undefined").pipe(v.catchError(this.handleErrorGetSigningKeys)))},se.prototype.handleErrorGetSigningKeys=function(e){var t;if(e instanceof Response){var o=e.json()||{},i=JSON.stringify(o);t=e.status+" - "+(e.statusText||"")+" "+i}else t=e.message?e.message:e.toString();return this.loggerService.logError(t),p.throwError(t)},se.prototype.runTokenValidation=function(){var t=this;if(!this.runTokenValidationRunning&&this.configurationProvider.openIDConfiguration.silent_renew){this.runTokenValidationRunning=!0,this.loggerService.logDebug("runTokenValidation silent-renew running");var o=function(){if(t.loggerService.logDebug("silentRenewHeartBeatCheck\r\n\tsilentRenewRunning: "+("running"===t.oidcSecurityCommon.silentRenewRunning)+"\r\n\tidToken: "+!!t.getIdToken()+"\r\n\t_userData.value: "+!!t._userData.value),t._userData.value&&"running"!==t.oidcSecurityCommon.silentRenewRunning&&t.getIdToken()&&t.oidcSecurityValidation.isTokenExpired(t.oidcSecurityCommon.idToken,t.configurationProvider.openIDConfiguration.silent_renew_offset_in_seconds)){if(t.loggerService.logDebug("IsAuthorized: id_token isTokenExpired, start silent renew if active"),t.configurationProvider.openIDConfiguration.silent_renew)return void t.refreshSession().subscribe(function(){t._scheduledHeartBeat=setTimeout(o,3e3)},function(e){t.loggerService.logError("Error: "+e),t._scheduledHeartBeat=setTimeout(o,3e3)});t.resetAuthorizationData(!1)}t._scheduledHeartBeat=setTimeout(o,3e3)};this.zone.runOutsideAngular(function(){t._scheduledHeartBeat=setTimeout(o,1e4)})}},se.prototype.silentRenewEventHandler=function(e){if(this.loggerService.logDebug("silentRenewEventHandler"),"code"===this.configurationProvider.openIDConfiguration.response_type){var t=e.detail.toString().split("?"),o=new l.HttpParams({fromString:t[1]}),i=o.get("code"),n=o.get("state"),r=o.get("session_state"),s=o.get("error");i&&n&&this.requestTokensWithCodeProcedure(i,n,r),s&&(this._onAuthorizationResult.next(new u(c.unauthorized,d.LoginRequired,!0)),this.resetAuthorizationData(!1),this.oidcSecurityCommon.authNonce="",this.loggerService.logDebug(e.detail.toString()))}else this.authorizedImplicitFlowCallback(e.detail)},se.decorators=[{type:i.Injectable}],se.ctorParameters=function(){return[{type:g},{type:N},{type:o.Router},{type:q},{type:$},{type:Z},{type:U},{type:K},{type:A},{type:I},{type:i.NgZone},{type:l.HttpClient},{type:k},{type:te}]},se);function se(e,t,o,i,n,r,s,a,u,c,d,l,g,h){var f=this;this.oidcDataService=e,this.stateValidationService=t,this.router=o,this.oidcSecurityCheckSession=i,this.oidcSecuritySilentRenew=n,this.oidcSecurityUserService=r,this.oidcSecurityCommon=s,this.oidcSecurityValidation=a,this.tokenHelperService=u,this.loggerService=c,this.zone=d,this.httpClient=l,this.configurationProvider=g,this.urlParserService=h,this._onModuleSetup=new p.Subject,this._onCheckSessionChanged=new p.Subject,this._onAuthorizationResult=new p.Subject,this.checkSessionChanged=!1,this.moduleSetup=!1,this._isModuleSetup=new p.BehaviorSubject(!1),this._isAuthorized=new p.BehaviorSubject(!1),this._userData=new p.BehaviorSubject(""),this.authWellKnownEndpointsLoaded=!1,this.runTokenValidationRunning=!1,this.onModuleSetup.pipe(v.take(1)).subscribe(function(){f.moduleSetup=!0,f._isModuleSetup.next(!0)}),this._isSetupAndAuthorized=this._isModuleSetup.pipe(v.filter(function(e){return e}),v.switchMap(function(){if(!f.configurationProvider.openIDConfiguration.silent_renew)return f.loggerService.logDebug("IsAuthorizedRace: Silent Renew Not Active. Emitting."),p.from([!0]);var e=f._isAuthorized.asObservable().pipe(v.filter(function(e){return e}),v.take(1),v.tap(function(){return f.loggerService.logDebug("IsAuthorizedRace: Existing token is still authorized.")}),v.race(f._onAuthorizationResult.pipe(v.take(1),v.tap(function(){return f.loggerService.logDebug("IsAuthorizedRace: Silent Renew Refresh Session Complete")}),v.map(function(){return!0})),p.timer(1e3*f.configurationProvider.openIDConfiguration.isauthorizedrace_timeout_in_seconds).pipe(v.tap(function(){f.resetAuthorizationData(!1),f.oidcSecurityCommon.authNonce="",f.loggerService.logWarning("IsAuthorizedRace: Timeout reached. Emitting.")}),v.map(function(){return!0}))));return f.loggerService.logDebug("Silent Renew is active, check if token in storage is active"),""!==f.oidcSecurityCommon.authNonce&&f.oidcSecurityCommon.authNonce!==undefined||(f.loggerService.logDebug("Silent Renew or login not running, try to refresh the session"),f.refreshSession().subscribe()),e}),v.tap(function(){return f.loggerService.logDebug("IsAuthorizedRace: Completed")}),v.switchMapTo(this._isAuthorized.asObservable()),v.tap(function(e){return f.loggerService.logDebug("getIsAuthorized: "+e)}),v.shareReplay(1)),this._isSetupAndAuthorized.pipe(v.filter(function(){return f.configurationProvider.openIDConfiguration.start_checksession})).subscribe(function(e){e?f.oidcSecurityCheckSession.startCheckingSession(f.configurationProvider.openIDConfiguration.client_id):f.oidcSecurityCheckSession.stopCheckingSession()})}var ae=(ue.forRoot=function(e){return void 0===e&&(e={}),{ngModule:ue,providers:[B,re,K,q,$,Z,U,A,I,P,R,g,N,{provide:O,useClass:e.storage||j}]}},ue.decorators=[{type:i.NgModule}],ue);function ue(){}e.AuthorizationResult=u,e.AuthorizationState=c,e.JwtKeys=n,e.JwtKey=r,e.ValidateStateResult=s,e.ValidationResult=d,e.AuthModule=ae,e.TokenHelperService=A,e.OidcConfigService=B,e.OidcSecurityService=re,e.OidcSecurityStorage=O,e.BrowserStorage=j,e.OidcSecurityValidation=K,e.LoggerService=I,e.ɵc=g,e.ɵa=k,e.ɵh=P,e.ɵf=R,e.ɵd=N,e.ɵg=q,e.ɵe=U,e.ɵi=$,e.ɵj=Z,e.ɵb=y,e.ɵk=te,Object.defineProperty(e,"__esModule",{value:!0})});
 //# sourceMappingURL=angular-auth-oidc-client.umd.min.js.map

esm2015/lib/services/oidc.security.check-session.js

@@ -180,3 +180,3 @@ /**
         if (this.sessionIframe &&
-            e.origin === this.configurationProvider.openIDConfiguration.stsServer &&
+            this.configurationProvider.openIDConfiguration.stsServer.startsWith(e.origin) &&
             e.source === this.sessionIframe.contentWindow) {
@@ -273,2 +273,2 @@ if (e.data === 'error') {
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib2lkYy5zZWN1cml0eS5jaGVjay1zZXNzaW9uLmpzIiwic291cmNlUm9vdCI6Im5nOi8vYW5ndWxhci1hdXRoLW9pZGMtY2xpZW50LyIsInNvdXJjZXMiOlsibGliL3NlcnZpY2VzL29pZGMuc2VjdXJpdHkuY2hlY2stc2Vzc2lvbi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7O0FBQUEsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLEVBQUUsTUFBTSxlQUFlLENBQUM7QUFDbkQsT0FBTyxFQUFFLElBQUksRUFBRSxVQUFVLEVBQVksT0FBTyxFQUFFLE1BQU0sTUFBTSxDQUFDO0FBQzNELE9BQU8sRUFBRSxJQUFJLEVBQUUsTUFBTSxnQkFBZ0IsQ0FBQztBQUN0QyxPQUFPLEVBQUUscUJBQXFCLEVBQUUsTUFBTSwrQkFBK0IsQ0FBQztBQUN0RSxPQUFPLEVBQUUsYUFBYSxFQUFFLE1BQU0sMkJBQTJCLENBQUM7QUFDMUQsT0FBTyxFQUFFLGFBQWEsRUFBRSxNQUFNLHVCQUF1QixDQUFDO0FBQ3RELE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxNQUFNLHdCQUF3QixDQUFDOztNQUV0RCxtQ0FBbUMsR0FBRyx5QkFBeUI7O0FBS3JFLE1BQU0sT0FBTyx3QkFBd0I7Ozs7Ozs7O0lBY2pDLFlBQ1ksa0JBQXNDLEVBQ3RDLGFBQTRCLEVBQzVCLGFBQTRCLEVBQzVCLElBQVksRUFDSCxxQkFBNEM7UUFKckQsdUJBQWtCLEdBQWxCLGtCQUFrQixDQUFvQjtRQUN0QyxrQkFBYSxHQUFiLGFBQWEsQ0FBZTtRQUM1QixrQkFBYSxHQUFiLGFBQWEsQ0FBZTtRQUM1QixTQUFJLEdBQUosSUFBSSxDQUFRO1FBQ0gsMEJBQXFCLEdBQXJCLHFCQUFxQixDQUF1QjtRQWZ6RCxzQkFBaUIsR0FBRyxDQUFDLENBQUM7UUFDdEIsd0JBQW1CLEdBQUcsQ0FBQyxDQUFDO1FBQ3hCLHNCQUFpQixHQUFHLElBQUksQ0FBQztRQUN6QiwwQkFBcUIsR0FBRyxLQUFLLENBQUM7UUFDOUIsd0JBQW1CLEdBQUcsSUFBSSxPQUFPLEVBQU8sQ0FBQztJQVk5QyxDQUFDOzs7O0lBVkosSUFBVyxxQkFBcUI7UUFDNUIsT0FBTyxJQUFJLENBQUMsbUJBQW1CLENBQUMsWUFBWSxFQUFFLENBQUM7SUFDbkQsQ0FBQzs7Ozs7SUFVTyxnQkFBZ0I7O2NBQ2QsY0FBYyxHQUFHLElBQUksQ0FBQyxhQUFhLENBQUMsaUJBQWlCLENBQUMsbUNBQW1DLENBQUM7UUFFaEcsSUFBSSxDQUFDLGNBQWMsRUFBRTtZQUNqQixPQUFPLEtBQUssQ0FBQztTQUNoQjtRQUVELElBQUksQ0FBQyxhQUFhLEdBQUcsY0FBYyxDQUFDO1FBQ3BDLE9BQU8sSUFBSSxDQUFDO0lBQ2hCLENBQUM7Ozs7O0lBRU8sSUFBSTtRQUNSLElBQUksSUFBSSxDQUFDLGlCQUFpQixHQUFHLElBQUksQ0FBQyxxQkFBcUIsR0FBRyxJQUFJLENBQUMsR0FBRyxFQUFFLEVBQUU7WUFDbEUsT0FBTyxJQUFJLENBQUMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO1NBQ3ZCO1FBRUQsSUFBSSxDQUFDLElBQUksQ0FBQyxnQkFBZ0IsRUFBRSxFQUFFO1lBQzFCLElBQUksQ0FBQyxhQUFhLEdBQUcsSUFBSSxDQUFDLGFBQWEsQ0FBQyxxQkFBcUIsQ0FBQyxtQ0FBbUMsQ0FBQyxDQUFDO1lBQ25HLElBQUksQ0FBQyxrQkFBa0IsR0FBRyxJQUFJLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztZQUN6RCxNQUFNLENBQUMsZ0JBQWdCLENBQUMsU0FBUyxFQUFFLElBQUksQ0FBQyxrQkFBa0IsRUFBRSxLQUFLLENBQUMsQ0FBQztTQUN0RTtRQUVELElBQUksQ0FBQyxJQUFJLENBQUMscUJBQXFCLENBQUMsa0JBQWtCLEVBQUU7WUFDaEQsSUFBSSxDQUFDLGFBQWEsQ0FBQyxVQUFVLENBQUMscUVBQXFFLENBQUMsQ0FBQztZQUNyRyxPQUFPO1NBQ1Y7UUFFRCxJQUFJLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxrQkFBa0IsQ0FBQyxvQkFBb0IsRUFBRTtZQUNwRSxJQUFJLENBQUMsYUFBYSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxrQkFBa0IsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO1NBQ3pIO2FBQU07WUFDSCxJQUFJLENBQUMsYUFBYSxDQUFDLFVBQVUsQ0FBQyx5REFBeUQsQ0FBQyxDQUFDO1NBQzVGO1FBRUQsT0FBTyxVQUFVLENBQUMsTUFBTTs7OztRQUFDLENBQUMsUUFBNEMsRUFBRSxFQUFFO1lBQ3RFLElBQUksQ0FBQyxhQUFhLENBQUMsTUFBTTs7O1lBQUcsR0FBRyxFQUFFO2dCQUM3QixJQUFJLENBQUMsaUJBQWlCLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO2dCQUNwQyxRQUFRLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO2dCQUNwQixRQUFRLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDeEIsQ0FBQyxDQUFBLENBQUM7UUFDTixDQUFDLEVBQUMsQ0FBQztJQUNQLENBQUM7Ozs7O0lBRUQsb0JBQW9CLENBQUMsUUFBZ0I7UUFDakMsSUFBSSxJQUFJLENBQUMsa0JBQWtCLEVBQUU7WUFDekIsT0FBTztTQUNWO1FBRUQsSUFBSSxDQUFDLGlCQUFpQixDQUFDLFFBQVEsQ0FBQyxDQUFDO0lBQ3JDLENBQUM7Ozs7SUFFRCxtQkFBbUI7UUFDZixJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFrQixFQUFFO1lBQzFCLE9BQU87U0FDVjtRQUVELElBQUksQ0FBQyx1QkFBdUIsRUFBRSxDQUFDO0lBQ25DLENBQUM7Ozs7OztJQUVPLGlCQUFpQixDQUFDLFFBQWdCOztjQUNoQyxzQkFBc0I7OztRQUFHLEdBQUcsRUFBRTtZQUNoQyxJQUFJLENBQUMsSUFBSSxFQUFFO2lCQUNOLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUM7aUJBQ2IsU0FBUzs7O1lBQUMsR0FBRyxFQUFFO2dCQUNaLElBQUksSUFBSSxDQUFDLGFBQWEsSUFBSSxRQUFRLEVBQUU7b0JBQ2hDLElBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsQ0FBQzs7MEJBQzFDLFlBQVksR0FBRyxJQUFJLENBQUMsa0JBQWtCLENBQUMsWUFBWTtvQkFDekQsSUFBSSxZQUFZLEVBQUU7d0JBQ2QsSUFBSSxDQUFDLG1CQUFtQixFQUFFLENBQUM7d0JBQzNCLElBQUksQ0FBQyxhQUFhLENBQUMsYUFBYSxDQUFDLFdBQVcsQ0FDeEMsUUFBUSxHQUFHLEdBQUcsR0FBRyxZQUFZLEVBQzdCLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxtQkFBbUIsQ0FBQyxTQUFTLENBQzNELENBQUM7cUJBQ0w7eUJBQU07d0JBQ0gsSUFBSSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsbUVBQW1FLENBQUMsQ0FBQzt3QkFDakcsSUFBSSxDQUFDLG1CQUFtQixDQUFDLElBQUksRUFBRSxDQUFDO3FCQUNuQztpQkFDSjtxQkFBTTtvQkFDSCxJQUFJLENBQUMsYUFBYSxDQUFDLFVBQVUsQ0FBQyx5RUFBeUUsQ0FBQyxDQUFDO29CQUN6RyxJQUFJLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsQ0FBQztvQkFDdEMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxDQUFDO29CQUNoRCxlQUFlO2lCQUNsQjtnQkFFRCx1REFBdUQ7Z0JBQ3ZELElBQUksSUFBSSxDQUFDLG1CQUFtQixHQUFHLENBQUMsRUFBRTtvQkFDOUIsSUFBSSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQ3ZCO29EQUN3QixJQUFJLENBQUMsbUJBQW1CLHVCQUF1QixDQUMxRSxDQUFDO29CQUNGLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxJQUFJLEVBQUUsQ0FBQztpQkFDbkM7Z0JBRUQsSUFBSSxDQUFDLGtCQUFrQixHQUFHLFVBQVUsQ0FBQyxzQkFBc0IsRUFBRSxJQUFJLENBQUMsaUJBQWlCLENBQUMsQ0FBQztZQUN6RixDQUFDLEVBQUMsQ0FBQztRQUNYLENBQUMsQ0FBQTtRQUVELElBQUksQ0FBQyxtQkFBbUIsR0FBRyxDQUFDLENBQUM7UUFFN0IsSUFBSSxDQUFDLElBQUksQ0FBQyxpQkFBaUI7OztRQUFDLEdBQUcsRUFBRTtZQUM3QixJQUFJLENBQUMsa0JBQWtCLEdBQUcsVUFBVSxDQUFDLHNCQUFzQixFQUFFLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO1FBQ3pGLENBQUMsRUFBQyxDQUFDO0lBQ1AsQ0FBQzs7Ozs7SUFDTyx1QkFBdUI7UUFDM0IsWUFBWSxDQUFDLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO1FBQ3RDLElBQUksQ0FBQyxrQkFBa0IsR0FBRyxJQUFJLENBQUM7SUFDbkMsQ0FBQzs7Ozs7O0lBRU8sY0FBYyxDQUFDLENBQU07UUFDekIsSUFBSSxDQUFDLG1CQUFtQixHQUFHLENBQUMsQ0FBQztRQUM3QixJQUNJLElBQUksQ0FBQyxhQUFhO1lBQ2xCLENBQUMsQ0FBQyxNQUFNLEtBQUssSUFBSSxDQUFDLHFCQUFxQixDQUFDLG1CQUFtQixDQUFDLFNBQVM7WUFDckUsQ0FBQyxDQUFDLE1BQU0sS0FBSyxJQUFJLENBQUMsYUFBYSxDQUFDLGFBQWEsRUFDL0M7WUFDRSxJQUFJLENBQUMsQ0FBQyxJQUFJLEtBQUssT0FBTyxFQUFFO2dCQUNwQixJQUFJLENBQUMsYUFBYSxDQUFDLFVBQVUsQ0FBQyx3Q0FBd0MsQ0FBQyxDQUFDO2FBQzNFO2lCQUFNLElBQUksQ0FBQyxDQUFDLElBQUksS0FBSyxTQUFTLEVBQUU7Z0JBQzdCLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxJQUFJLEVBQUUsQ0FBQzthQUNuQztpQkFBTTtnQkFDSCxJQUFJLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxDQUFDLENBQUMsSUFBSSxHQUFHLG1DQUFtQyxDQUFDLENBQUM7YUFDN0U7U0FDSjtJQUNMLENBQUM7OztZQWpKSixVQUFVOzs7O1lBTkYsa0JBQWtCO1lBRGxCLGFBQWE7WUFEYixhQUFhO1lBSkQsTUFBTTtZQUdsQixxQkFBcUI7Ozs7Ozs7SUFXMUIsaURBQTJCOzs7OztJQUMzQixzREFBZ0M7Ozs7O0lBQ2hDLHNEQUFnQzs7Ozs7SUFDaEMscURBQThCOzs7OztJQUM5Qix1REFBZ0M7Ozs7O0lBQ2hDLHFEQUFpQzs7Ozs7SUFDakMseURBQXNDOzs7OztJQUN0Qyx1REFBaUQ7Ozs7O0lBTzdDLHNEQUE4Qzs7Ozs7SUFDOUMsaURBQW9DOzs7OztJQUNwQyxpREFBb0M7Ozs7O0lBQ3BDLHdDQUFvQjs7Ozs7SUFDcEIseURBQTZEIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgSW5qZWN0YWJsZSwgTmdab25lIH0gZnJvbSAnQGFuZ3VsYXIvY29yZSc7XG5pbXBvcnQgeyBmcm9tLCBPYnNlcnZhYmxlLCBPYnNlcnZlciwgU3ViamVjdCB9IGZyb20gJ3J4anMnO1xuaW1wb3J0IHsgdGFrZSB9IGZyb20gJ3J4anMvb3BlcmF0b3JzJztcbmltcG9ydCB7IENvbmZpZ3VyYXRpb25Qcm92aWRlciB9IGZyb20gJy4vYXV0aC1jb25maWd1cmF0aW9uLnByb3ZpZGVyJztcbmltcG9ydCB7IElGcmFtZVNlcnZpY2UgfSBmcm9tICcuL2V4aXN0aW5nLWlmcmFtZS5zZXJ2aWNlJztcbmltcG9ydCB7IExvZ2dlclNlcnZpY2UgfSBmcm9tICcuL29pZGMubG9nZ2VyLnNlcnZpY2UnO1xuaW1wb3J0IHsgT2lkY1NlY3VyaXR5Q29tbW9uIH0gZnJvbSAnLi9vaWRjLnNlY3VyaXR5LmNvbW1vbic7XG5cbmNvbnN0IElGUkFNRV9GT1JfQ0hFQ0tfU0VTU0lPTl9JREVOVElGSUVSID0gJ215aUZyYW1lRm9yQ2hlY2tTZXNzaW9uJztcblxuLy8gaHR0cDovL29wZW5pZC5uZXQvc3BlY3Mvb3BlbmlkLWNvbm5lY3Qtc2Vzc2lvbi0xXzAtSUQ0Lmh0bWxcblxuQEluamVjdGFibGUoKVxuZXhwb3J0IGNsYXNzIE9pZGNTZWN1cml0eUNoZWNrU2Vzc2lvbiB7XG4gICAgcHJpdmF0ZSBzZXNzaW9uSWZyYW1lOiBhbnk7XG4gICAgcHJpdmF0ZSBpZnJhbWVNZXNzYWdlRXZlbnQ6IGFueTtcbiAgICBwcml2YXRlIHNjaGVkdWxlZEhlYXJ0QmVhdDogYW55O1xuICAgIHByaXZhdGUgbGFzdElGcmFtZVJlZnJlc2ggPSAwO1xuICAgIHByaXZhdGUgb3V0c3RhbmRpbmdNZXNzYWdlcyA9IDA7XG4gICAgcHJpdmF0ZSBoZWFydEJlYXRJbnRlcnZhbCA9IDMwMDA7XG4gICAgcHJpdmF0ZSBpZnJhbWVSZWZyZXNoSW50ZXJ2YWwgPSA2MDAwMDtcbiAgICBwcml2YXRlIGNoZWNrU2Vzc2lvbkNoYW5nZWQgPSBuZXcgU3ViamVjdDxhbnk+KCk7XG5cbiAgICBwdWJsaWMgZ2V0IG9uQ2hlY2tTZXNzaW9uQ2hhbmdlZCgpOiBPYnNlcnZhYmxlPGFueT4ge1xuICAgICAgICByZXR1cm4gdGhpcy5jaGVja1Nlc3Npb25DaGFuZ2VkLmFzT2JzZXJ2YWJsZSgpO1xuICAgIH1cblxuICAgIGNvbnN0cnVjdG9yKFxuICAgICAgICBwcml2YXRlIG9pZGNTZWN1cml0eUNvbW1vbjogT2lkY1NlY3VyaXR5Q29tbW9uLFxuICAgICAgICBwcml2YXRlIGxvZ2dlclNlcnZpY2U6IExvZ2dlclNlcnZpY2UsXG4gICAgICAgIHByaXZhdGUgaUZyYW1lU2VydmljZTogSUZyYW1lU2VydmljZSxcbiAgICAgICAgcHJpdmF0ZSB6b25lOiBOZ1pvbmUsXG4gICAgICAgIHByaXZhdGUgcmVhZG9ubHkgY29uZmlndXJhdGlvblByb3ZpZGVyOiBDb25maWd1cmF0aW9uUHJvdmlkZXJcbiAgICApIHt9XG5cbiAgICBwcml2YXRlIGRvZXNTZXNzaW9uRXhpc3QoKTogYm9vbGVhbiB7XG4gICAgICAgIGNvbnN0IGV4aXN0aW5nSUZyYW1lID0gdGhpcy5pRnJhbWVTZXJ2aWNlLmdldEV4aXN0aW5nSUZyYW1lKElGUkFNRV9GT1JfQ0hFQ0tfU0VTU0lPTl9JREVOVElGSUVSKTtcblxuICAgICAgICBpZiAoIWV4aXN0aW5nSUZyYW1lKSB7XG4gICAgICAgICAgICByZXR1cm4gZmFsc2U7XG4gICAgICAgIH1cblxuICAgICAgICB0aGlzLnNlc3Npb25JZnJhbWUgPSBleGlzdGluZ0lGcmFtZTtcbiAgICAgICAgcmV0dXJuIHRydWU7XG4gICAgfVxuXG4gICAgcHJpdmF0ZSBpbml0KCkge1xuICAgICAgICBpZiAodGhpcy5sYXN0SUZyYW1lUmVmcmVzaCArIHRoaXMuaWZyYW1lUmVmcmVzaEludGVydmFsID4gRGF0ZS5ub3coKSkge1xuICAgICAgICAgICAgcmV0dXJuIGZyb20oW3RoaXNdKTtcbiAgICAgICAgfVxuXG4gICAgICAgIGlmICghdGhpcy5kb2VzU2Vzc2lvbkV4aXN0KCkpIHtcbiAgICAgICAgICAgIHRoaXMuc2Vzc2lvbklmcmFtZSA9IHRoaXMuaUZyYW1lU2VydmljZS5hZGRJRnJhbWVUb1dpbmRvd0JvZHkoSUZSQU1FX0ZPUl9DSEVDS19TRVNTSU9OX0lERU5USUZJRVIpO1xuICAgICAgICAgICAgdGhpcy5pZnJhbWVNZXNzYWdlRXZlbnQgPSB0aGlzLm1lc3NhZ2VIYW5kbGVyLmJpbmQodGhpcyk7XG4gICAgICAgICAgICB3aW5kb3cuYWRkRXZlbnRMaXN0ZW5lcignbWVzc2FnZScsIHRoaXMuaWZyYW1lTWVzc2FnZUV2ZW50LCBmYWxzZSk7XG4gICAgICAgIH1cblxuICAgICAgICBpZiAoIXRoaXMuY29uZmlndXJhdGlvblByb3ZpZGVyLndlbGxLbm93bkVuZHBvaW50cykge1xuICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ1dhcm5pbmcoJ2luaXQgY2hlY2sgc2Vzc2lvbjogYXV0aFdlbGxLbm93bkVuZHBvaW50cyBpcyB1bmRlZmluZWQuIFJldHVybmluZy4nKTtcbiAgICAgICAgICAgIHJldHVybjtcbiAgICAgICAgfVxuXG4gICAgICAgIGlmICh0aGlzLmNvbmZpZ3VyYXRpb25Qcm92aWRlci53ZWxsS25vd25FbmRwb2ludHMuY2hlY2tfc2Vzc2lvbl9pZnJhbWUpIHtcbiAgICAgICAgICAgIHRoaXMuc2Vzc2lvbklmcmFtZS5jb250ZW50V2luZG93LmxvY2F0aW9uLnJlcGxhY2UodGhpcy5jb25maWd1cmF0aW9uUHJvdmlkZXIud2VsbEtub3duRW5kcG9pbnRzLmNoZWNrX3Nlc3Npb25faWZyYW1lKTtcbiAgICAgICAgfSBlbHNlIHtcbiAgICAgICAgICAgIHRoaXMubG9nZ2VyU2VydmljZS5sb2dXYXJuaW5nKCdpbml0IGNoZWNrIHNlc3Npb246IGF1dGhXZWxsS25vd25FbmRwb2ludHMgaXMgdW5kZWZpbmVkJyk7XG4gICAgICAgIH1cblxuICAgICAgICByZXR1cm4gT2JzZXJ2YWJsZS5jcmVhdGUoKG9ic2VydmVyOiBPYnNlcnZlcjxPaWRjU2VjdXJpdHlDaGVja1Nlc3Npb24+KSA9PiB7XG4gICAgICAgICAgICB0aGlzLnNlc3Npb25JZnJhbWUub25sb2FkID0gKCkgPT4ge1xuICAgICAgICAgICAgICAgIHRoaXMubGFzdElGcmFtZVJlZnJlc2ggPSBEYXRlLm5vdygpO1xuICAgICAgICAgICAgICAgIG9ic2VydmVyLm5leHQodGhpcyk7XG4gICAgICAgICAgICAgICAgb2JzZXJ2ZXIuY29tcGxldGUoKTtcbiAgICAgICAgICAgIH07XG4gICAgICAgIH0pO1xuICAgIH1cblxuICAgIHN0YXJ0Q2hlY2tpbmdTZXNzaW9uKGNsaWVudElkOiBzdHJpbmcpOiB2b2lkIHtcbiAgICAgICAgaWYgKHRoaXMuc2NoZWR1bGVkSGVhcnRCZWF0KSB7XG4gICAgICAgICAgICByZXR1cm47XG4gICAgICAgIH1cblxuICAgICAgICB0aGlzLnBvbGxTZXJ2ZXJTZXNzaW9uKGNsaWVudElkKTtcbiAgICB9XG5cbiAgICBzdG9wQ2hlY2tpbmdTZXNzaW9uKCk6IHZvaWQge1xuICAgICAgICBpZiAoIXRoaXMuc2NoZWR1bGVkSGVhcnRCZWF0KSB7XG4gICAgICAgICAgICByZXR1cm47XG4gICAgICAgIH1cblxuICAgICAgICB0aGlzLmNsZWFyU2NoZWR1bGVkSGVhcnRCZWF0KCk7XG4gICAgfVxuXG4gICAgcHJpdmF0ZSBwb2xsU2VydmVyU2Vzc2lvbihjbGllbnRJZDogc3RyaW5nKSB7XG4gICAgICAgIGNvbnN0IHBvbGxTZXJ2ZXJTZXNzaW9uUmVjdXIgPSAoKSA9PiB7XG4gICAgICAgICAgICB0aGlzLmluaXQoKVxuICAgICAgICAgICAgICAgIC5waXBlKHRha2UoMSkpXG4gICAgICAgICAgICAgICAgLnN1YnNjcmliZSgoKSA9PiB7XG4gICAgICAgICAgICAgICAgICAgIGlmICh0aGlzLnNlc3Npb25JZnJhbWUgJiYgY2xpZW50SWQpIHtcbiAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMubG9nZ2VyU2VydmljZS5sb2dEZWJ1Zyh0aGlzLnNlc3Npb25JZnJhbWUpO1xuICAgICAgICAgICAgICAgICAgICAgICAgY29uc3Qgc2Vzc2lvblN0YXRlID0gdGhpcy5vaWRjU2VjdXJpdHlDb21tb24uc2Vzc2lvblN0YXRlO1xuICAgICAgICAgICAgICAgICAgICAgICAgaWYgKHNlc3Npb25TdGF0ZSkge1xuICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMub3V0c3RhbmRpbmdNZXNzYWdlcysrO1xuICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMuc2Vzc2lvbklmcmFtZS5jb250ZW50V2luZG93LnBvc3RNZXNzYWdlKFxuICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjbGllbnRJZCArICcgJyArIHNlc3Npb25TdGF0ZSxcbiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5jb25maWd1cmF0aW9uUHJvdmlkZXIub3BlbklEQ29uZmlndXJhdGlvbi5zdHNTZXJ2ZXJcbiAgICAgICAgICAgICAgICAgICAgICAgICAgICApO1xuICAgICAgICAgICAgICAgICAgICAgICAgfSBlbHNlIHtcbiAgICAgICAgICAgICAgICAgICAgICAgICAgICB0aGlzLmxvZ2dlclNlcnZpY2UubG9nRGVidWcoJ09pZGNTZWN1cml0eUNoZWNrU2Vzc2lvbiBwb2xsU2VydmVyU2Vzc2lvbiBzZXNzaW9uX3N0YXRlIGlzIGJsYW5rJyk7XG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5jaGVja1Nlc3Npb25DaGFuZ2VkLm5leHQoKTtcbiAgICAgICAgICAgICAgICAgICAgICAgIH1cbiAgICAgICAgICAgICAgICAgICAgfSBlbHNlIHtcbiAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMubG9nZ2VyU2VydmljZS5sb2dXYXJuaW5nKCdPaWRjU2VjdXJpdHlDaGVja1Nlc3Npb24gcG9sbFNlcnZlclNlc3Npb24gc2Vzc2lvbklmcmFtZSBkb2VzIG5vdCBleGlzdCcpO1xuICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ0RlYnVnKGNsaWVudElkKTtcbiAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMubG9nZ2VyU2VydmljZS5sb2dEZWJ1Zyh0aGlzLnNlc3Npb25JZnJhbWUpO1xuICAgICAgICAgICAgICAgICAgICAgICAgLy8gdGhpcy5pbml0KCk7XG4gICAgICAgICAgICAgICAgICAgIH1cblxuICAgICAgICAgICAgICAgICAgICAvLyBhZnRlciBzZW5kaW5nIHRocmVlIG1lc3NhZ2VzIHdpdGggbm8gcmVzcG9uc2UsIGZhaWwuXG4gICAgICAgICAgICAgICAgICAgIGlmICh0aGlzLm91dHN0YW5kaW5nTWVzc2FnZXMgPiAzKSB7XG4gICAgICAgICAgICAgICAgICAgICAgICB0aGlzLmxvZ2dlclNlcnZpY2UubG9nRXJyb3IoXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgYE9pZGNTZWN1cml0eUNoZWNrU2Vzc2lvbiBub3QgcmVjZWl2aW5nIGNoZWNrIHNlc3Npb24gcmVzcG9uc2UgbWVzc2FnZXMuXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgT3V0c3RhbmRpbmcgbWVzc2FnZXM6ICR7dGhpcy5vdXRzdGFuZGluZ01lc3NhZ2VzfS4gU2VydmVyIHVucmVhY2hhYmxlP2BcbiAgICAgICAgICAgICAgICAgICAgICAgICk7XG4gICAgICAgICAgICAgICAgICAgICAgICB0aGlzLmNoZWNrU2Vzc2lvbkNoYW5nZWQubmV4dCgpO1xuICAgICAgICAgICAgICAgICAgICB9XG5cbiAgICAgICAgICAgICAgICAgICAgdGhpcy5zY2hlZHVsZWRIZWFydEJlYXQgPSBzZXRUaW1lb3V0KHBvbGxTZXJ2ZXJTZXNzaW9uUmVjdXIsIHRoaXMuaGVhcnRCZWF0SW50ZXJ2YWwpO1xuICAgICAgICAgICAgICAgIH0pO1xuICAgICAgICB9O1xuXG4gICAgICAgIHRoaXMub3V0c3RhbmRpbmdNZXNzYWdlcyA9IDA7XG5cbiAgICAgICAgdGhpcy56b25lLnJ1bk91dHNpZGVBbmd1bGFyKCgpID0+IHtcbiAgICAgICAgICAgIHRoaXMuc2NoZWR1bGVkSGVhcnRCZWF0ID0gc2V0VGltZW91dChwb2xsU2VydmVyU2Vzc2lvblJlY3VyLCB0aGlzLmhlYXJ0QmVhdEludGVydmFsKTtcbiAgICAgICAgfSk7XG4gICAgfVxuICAgIHByaXZhdGUgY2xlYXJTY2hlZHVsZWRIZWFydEJlYXQoKSB7XG4gICAgICAgIGNsZWFyVGltZW91dCh0aGlzLnNjaGVkdWxlZEhlYXJ0QmVhdCk7XG4gICAgICAgIHRoaXMuc2NoZWR1bGVkSGVhcnRCZWF0ID0gbnVsbDtcbiAgICB9XG5cbiAgICBwcml2YXRlIG1lc3NhZ2VIYW5kbGVyKGU6IGFueSkge1xuICAgICAgICB0aGlzLm91dHN0YW5kaW5nTWVzc2FnZXMgPSAwO1xuICAgICAgICBpZiAoXG4gICAgICAgICAgICB0aGlzLnNlc3Npb25JZnJhbWUgJiZcbiAgICAgICAgICAgIGUub3JpZ2luID09PSB0aGlzLmNvbmZpZ3VyYXRpb25Qcm92aWRlci5vcGVuSURDb25maWd1cmF0aW9uLnN0c1NlcnZlciAmJlxuICAgICAgICAgICAgZS5zb3VyY2UgPT09IHRoaXMuc2Vzc2lvbklmcmFtZS5jb250ZW50V2luZG93XG4gICAgICAgICkge1xuICAgICAgICAgICAgaWYgKGUuZGF0YSA9PT0gJ2Vycm9yJykge1xuICAgICAgICAgICAgICAgIHRoaXMubG9nZ2VyU2VydmljZS5sb2dXYXJuaW5nKCdlcnJvciBmcm9tIGNoZWNrc2Vzc2lvbiBtZXNzYWdlSGFuZGxlcicpO1xuICAgICAgICAgICAgfSBlbHNlIGlmIChlLmRhdGEgPT09ICdjaGFuZ2VkJykge1xuICAgICAgICAgICAgICAgIHRoaXMuY2hlY2tTZXNzaW9uQ2hhbmdlZC5uZXh0KCk7XG4gICAgICAgICAgICB9IGVsc2Uge1xuICAgICAgICAgICAgICAgIHRoaXMubG9nZ2VyU2VydmljZS5sb2dEZWJ1ZyhlLmRhdGEgKyAnIGZyb20gY2hlY2tzZXNzaW9uIG1lc3NhZ2VIYW5kbGVyJyk7XG4gICAgICAgICAgICB9XG4gICAgICAgIH1cbiAgICB9XG59XG4iXX0=
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib2lkYy5zZWN1cml0eS5jaGVjay1zZXNzaW9uLmpzIiwic291cmNlUm9vdCI6Im5nOi8vYW5ndWxhci1hdXRoLW9pZGMtY2xpZW50LyIsInNvdXJjZXMiOlsibGliL3NlcnZpY2VzL29pZGMuc2VjdXJpdHkuY2hlY2stc2Vzc2lvbi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7O0FBQUEsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLEVBQUUsTUFBTSxlQUFlLENBQUM7QUFDbkQsT0FBTyxFQUFFLElBQUksRUFBRSxVQUFVLEVBQVksT0FBTyxFQUFFLE1BQU0sTUFBTSxDQUFDO0FBQzNELE9BQU8sRUFBRSxJQUFJLEVBQUUsTUFBTSxnQkFBZ0IsQ0FBQztBQUN0QyxPQUFPLEVBQUUscUJBQXFCLEVBQUUsTUFBTSwrQkFBK0IsQ0FBQztBQUN0RSxPQUFPLEVBQUUsYUFBYSxFQUFFLE1BQU0sMkJBQTJCLENBQUM7QUFDMUQsT0FBTyxFQUFFLGFBQWEsRUFBRSxNQUFNLHVCQUF1QixDQUFDO0FBQ3RELE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxNQUFNLHdCQUF3QixDQUFDOztNQUV0RCxtQ0FBbUMsR0FBRyx5QkFBeUI7O0FBS3JFLE1BQU0sT0FBTyx3QkFBd0I7Ozs7Ozs7O0lBY2pDLFlBQ1ksa0JBQXNDLEVBQ3RDLGFBQTRCLEVBQzVCLGFBQTRCLEVBQzVCLElBQVksRUFDSCxxQkFBNEM7UUFKckQsdUJBQWtCLEdBQWxCLGtCQUFrQixDQUFvQjtRQUN0QyxrQkFBYSxHQUFiLGFBQWEsQ0FBZTtRQUM1QixrQkFBYSxHQUFiLGFBQWEsQ0FBZTtRQUM1QixTQUFJLEdBQUosSUFBSSxDQUFRO1FBQ0gsMEJBQXFCLEdBQXJCLHFCQUFxQixDQUF1QjtRQWZ6RCxzQkFBaUIsR0FBRyxDQUFDLENBQUM7UUFDdEIsd0JBQW1CLEdBQUcsQ0FBQyxDQUFDO1FBQ3hCLHNCQUFpQixHQUFHLElBQUksQ0FBQztRQUN6QiwwQkFBcUIsR0FBRyxLQUFLLENBQUM7UUFDOUIsd0JBQW1CLEdBQUcsSUFBSSxPQUFPLEVBQU8sQ0FBQztJQVk5QyxDQUFDOzs7O0lBVkosSUFBVyxxQkFBcUI7UUFDNUIsT0FBTyxJQUFJLENBQUMsbUJBQW1CLENBQUMsWUFBWSxFQUFFLENBQUM7SUFDbkQsQ0FBQzs7Ozs7SUFVTyxnQkFBZ0I7O2NBQ2QsY0FBYyxHQUFHLElBQUksQ0FBQyxhQUFhLENBQUMsaUJBQWlCLENBQUMsbUNBQW1DLENBQUM7UUFFaEcsSUFBSSxDQUFDLGNBQWMsRUFBRTtZQUNqQixPQUFPLEtBQUssQ0FBQztTQUNoQjtRQUVELElBQUksQ0FBQyxhQUFhLEdBQUcsY0FBYyxDQUFDO1FBQ3BDLE9BQU8sSUFBSSxDQUFDO0lBQ2hCLENBQUM7Ozs7O0lBRU8sSUFBSTtRQUNSLElBQUksSUFBSSxDQUFDLGlCQUFpQixHQUFHLElBQUksQ0FBQyxxQkFBcUIsR0FBRyxJQUFJLENBQUMsR0FBRyxFQUFFLEVBQUU7WUFDbEUsT0FBTyxJQUFJLENBQUMsQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDO1NBQ3ZCO1FBRUQsSUFBSSxDQUFDLElBQUksQ0FBQyxnQkFBZ0IsRUFBRSxFQUFFO1lBQzFCLElBQUksQ0FBQyxhQUFhLEdBQUcsSUFBSSxDQUFDLGFBQWEsQ0FBQyxxQkFBcUIsQ0FBQyxtQ0FBbUMsQ0FBQyxDQUFDO1lBQ25HLElBQUksQ0FBQyxrQkFBa0IsR0FBRyxJQUFJLENBQUMsY0FBYyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQztZQUN6RCxNQUFNLENBQUMsZ0JBQWdCLENBQUMsU0FBUyxFQUFFLElBQUksQ0FBQyxrQkFBa0IsRUFBRSxLQUFLLENBQUMsQ0FBQztTQUN0RTtRQUVELElBQUksQ0FBQyxJQUFJLENBQUMscUJBQXFCLENBQUMsa0JBQWtCLEVBQUU7WUFDaEQsSUFBSSxDQUFDLGFBQWEsQ0FBQyxVQUFVLENBQUMscUVBQXFFLENBQUMsQ0FBQztZQUNyRyxPQUFPO1NBQ1Y7UUFFRCxJQUFJLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxrQkFBa0IsQ0FBQyxvQkFBb0IsRUFBRTtZQUNwRSxJQUFJLENBQUMsYUFBYSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxrQkFBa0IsQ0FBQyxvQkFBb0IsQ0FBQyxDQUFDO1NBQ3pIO2FBQU07WUFDSCxJQUFJLENBQUMsYUFBYSxDQUFDLFVBQVUsQ0FBQyx5REFBeUQsQ0FBQyxDQUFDO1NBQzVGO1FBRUQsT0FBTyxVQUFVLENBQUMsTUFBTTs7OztRQUFDLENBQUMsUUFBNEMsRUFBRSxFQUFFO1lBQ3RFLElBQUksQ0FBQyxhQUFhLENBQUMsTUFBTTs7O1lBQUcsR0FBRyxFQUFFO2dCQUM3QixJQUFJLENBQUMsaUJBQWlCLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO2dCQUNwQyxRQUFRLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO2dCQUNwQixRQUFRLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDeEIsQ0FBQyxDQUFBLENBQUM7UUFDTixDQUFDLEVBQUMsQ0FBQztJQUNQLENBQUM7Ozs7O0lBRUQsb0JBQW9CLENBQUMsUUFBZ0I7UUFDakMsSUFBSSxJQUFJLENBQUMsa0JBQWtCLEVBQUU7WUFDekIsT0FBTztTQUNWO1FBRUQsSUFBSSxDQUFDLGlCQUFpQixDQUFDLFFBQVEsQ0FBQyxDQUFDO0lBQ3JDLENBQUM7Ozs7SUFFRCxtQkFBbUI7UUFDZixJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFrQixFQUFFO1lBQzFCLE9BQU87U0FDVjtRQUVELElBQUksQ0FBQyx1QkFBdUIsRUFBRSxDQUFDO0lBQ25DLENBQUM7Ozs7OztJQUVPLGlCQUFpQixDQUFDLFFBQWdCOztjQUNoQyxzQkFBc0I7OztRQUFHLEdBQUcsRUFBRTtZQUNoQyxJQUFJLENBQUMsSUFBSSxFQUFFO2lCQUNOLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUM7aUJBQ2IsU0FBUzs7O1lBQUMsR0FBRyxFQUFFO2dCQUNaLElBQUksSUFBSSxDQUFDLGFBQWEsSUFBSSxRQUFRLEVBQUU7b0JBQ2hDLElBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLElBQUksQ0FBQyxhQUFhLENBQUMsQ0FBQzs7MEJBQzFDLFlBQVksR0FBRyxJQUFJLENBQUMsa0JBQWtCLENBQUMsWUFBWTtvQkFDekQsSUFBSSxZQUFZLEVBQUU7d0JBQ2QsSUFBSSxDQUFDLG1CQUFtQixFQUFFLENBQUM7d0JBQzNCLElBQUksQ0FBQyxhQUFhLENBQUMsYUFBYSxDQUFDLFdBQVcsQ0FDeEMsUUFBUSxHQUFHLEdBQUcsR0FBRyxZQUFZLEVBQzdCLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxtQkFBbUIsQ0FBQyxTQUFTLENBQzNELENBQUM7cUJBQ0w7eUJBQU07d0JBQ0gsSUFBSSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsbUVBQW1FLENBQUMsQ0FBQzt3QkFDakcsSUFBSSxDQUFDLG1CQUFtQixDQUFDLElBQUksRUFBRSxDQUFDO3FCQUNuQztpQkFDSjtxQkFBTTtvQkFDSCxJQUFJLENBQUMsYUFBYSxDQUFDLFVBQVUsQ0FBQyx5RUFBeUUsQ0FBQyxDQUFDO29CQUN6RyxJQUFJLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxRQUFRLENBQUMsQ0FBQztvQkFDdEMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsSUFBSSxDQUFDLGFBQWEsQ0FBQyxDQUFDO29CQUNoRCxlQUFlO2lCQUNsQjtnQkFFRCx1REFBdUQ7Z0JBQ3ZELElBQUksSUFBSSxDQUFDLG1CQUFtQixHQUFHLENBQUMsRUFBRTtvQkFDOUIsSUFBSSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQ3ZCO29EQUN3QixJQUFJLENBQUMsbUJBQW1CLHVCQUF1QixDQUMxRSxDQUFDO29CQUNGLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxJQUFJLEVBQUUsQ0FBQztpQkFDbkM7Z0JBRUQsSUFBSSxDQUFDLGtCQUFrQixHQUFHLFVBQVUsQ0FBQyxzQkFBc0IsRUFBRSxJQUFJLENBQUMsaUJBQWlCLENBQUMsQ0FBQztZQUN6RixDQUFDLEVBQUMsQ0FBQztRQUNYLENBQUMsQ0FBQTtRQUVELElBQUksQ0FBQyxtQkFBbUIsR0FBRyxDQUFDLENBQUM7UUFFN0IsSUFBSSxDQUFDLElBQUksQ0FBQyxpQkFBaUI7OztRQUFDLEdBQUcsRUFBRTtZQUM3QixJQUFJLENBQUMsa0JBQWtCLEdBQUcsVUFBVSxDQUFDLHNCQUFzQixFQUFFLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO1FBQ3pGLENBQUMsRUFBQyxDQUFDO0lBQ1AsQ0FBQzs7Ozs7SUFDTyx1QkFBdUI7UUFDM0IsWUFBWSxDQUFDLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxDQUFDO1FBQ3RDLElBQUksQ0FBQyxrQkFBa0IsR0FBRyxJQUFJLENBQUM7SUFDbkMsQ0FBQzs7Ozs7O0lBRU8sY0FBYyxDQUFDLENBQU07UUFDekIsSUFBSSxDQUFDLG1CQUFtQixHQUFHLENBQUMsQ0FBQztRQUM3QixJQUNJLElBQUksQ0FBQyxhQUFhO1lBQ2xCLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxtQkFBbUIsQ0FBQyxTQUFTLENBQUMsVUFBVSxDQUFDLENBQUMsQ0FBQyxNQUFNLENBQUM7WUFDN0UsQ0FBQyxDQUFDLE1BQU0sS0FBSyxJQUFJLENBQUMsYUFBYSxDQUFDLGFBQWEsRUFDL0M7WUFDRSxJQUFJLENBQUMsQ0FBQyxJQUFJLEtBQUssT0FBTyxFQUFFO2dCQUNwQixJQUFJLENBQUMsYUFBYSxDQUFDLFVBQVUsQ0FBQyx3Q0FBd0MsQ0FBQyxDQUFDO2FBQzNFO2lCQUFNLElBQUksQ0FBQyxDQUFDLElBQUksS0FBSyxTQUFTLEVBQUU7Z0JBQzdCLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxJQUFJLEVBQUUsQ0FBQzthQUNuQztpQkFBTTtnQkFDSCxJQUFJLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxDQUFDLENBQUMsSUFBSSxHQUFHLG1DQUFtQyxDQUFDLENBQUM7YUFDN0U7U0FDSjtJQUNMLENBQUM7OztZQWpKSixVQUFVOzs7O1lBTkYsa0JBQWtCO1lBRGxCLGFBQWE7WUFEYixhQUFhO1lBSkQsTUFBTTtZQUdsQixxQkFBcUI7Ozs7Ozs7SUFXMUIsaURBQTJCOzs7OztJQUMzQixzREFBZ0M7Ozs7O0lBQ2hDLHNEQUFnQzs7Ozs7SUFDaEMscURBQThCOzs7OztJQUM5Qix1REFBZ0M7Ozs7O0lBQ2hDLHFEQUFpQzs7Ozs7SUFDakMseURBQXNDOzs7OztJQUN0Qyx1REFBaUQ7Ozs7O0lBTzdDLHNEQUE4Qzs7Ozs7SUFDOUMsaURBQW9DOzs7OztJQUNwQyxpREFBb0M7Ozs7O0lBQ3BDLHdDQUFvQjs7Ozs7SUFDcEIseURBQTZEIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0IHsgSW5qZWN0YWJsZSwgTmdab25lIH0gZnJvbSAnQGFuZ3VsYXIvY29yZSc7XG5pbXBvcnQgeyBmcm9tLCBPYnNlcnZhYmxlLCBPYnNlcnZlciwgU3ViamVjdCB9IGZyb20gJ3J4anMnO1xuaW1wb3J0IHsgdGFrZSB9IGZyb20gJ3J4anMvb3BlcmF0b3JzJztcbmltcG9ydCB7IENvbmZpZ3VyYXRpb25Qcm92aWRlciB9IGZyb20gJy4vYXV0aC1jb25maWd1cmF0aW9uLnByb3ZpZGVyJztcbmltcG9ydCB7IElGcmFtZVNlcnZpY2UgfSBmcm9tICcuL2V4aXN0aW5nLWlmcmFtZS5zZXJ2aWNlJztcbmltcG9ydCB7IExvZ2dlclNlcnZpY2UgfSBmcm9tICcuL29pZGMubG9nZ2VyLnNlcnZpY2UnO1xuaW1wb3J0IHsgT2lkY1NlY3VyaXR5Q29tbW9uIH0gZnJvbSAnLi9vaWRjLnNlY3VyaXR5LmNvbW1vbic7XG5cbmNvbnN0IElGUkFNRV9GT1JfQ0hFQ0tfU0VTU0lPTl9JREVOVElGSUVSID0gJ215aUZyYW1lRm9yQ2hlY2tTZXNzaW9uJztcblxuLy8gaHR0cDovL29wZW5pZC5uZXQvc3BlY3Mvb3BlbmlkLWNvbm5lY3Qtc2Vzc2lvbi0xXzAtSUQ0Lmh0bWxcblxuQEluamVjdGFibGUoKVxuZXhwb3J0IGNsYXNzIE9pZGNTZWN1cml0eUNoZWNrU2Vzc2lvbiB7XG4gICAgcHJpdmF0ZSBzZXNzaW9uSWZyYW1lOiBhbnk7XG4gICAgcHJpdmF0ZSBpZnJhbWVNZXNzYWdlRXZlbnQ6IGFueTtcbiAgICBwcml2YXRlIHNjaGVkdWxlZEhlYXJ0QmVhdDogYW55O1xuICAgIHByaXZhdGUgbGFzdElGcmFtZVJlZnJlc2ggPSAwO1xuICAgIHByaXZhdGUgb3V0c3RhbmRpbmdNZXNzYWdlcyA9IDA7XG4gICAgcHJpdmF0ZSBoZWFydEJlYXRJbnRlcnZhbCA9IDMwMDA7XG4gICAgcHJpdmF0ZSBpZnJhbWVSZWZyZXNoSW50ZXJ2YWwgPSA2MDAwMDtcbiAgICBwcml2YXRlIGNoZWNrU2Vzc2lvbkNoYW5nZWQgPSBuZXcgU3ViamVjdDxhbnk+KCk7XG5cbiAgICBwdWJsaWMgZ2V0IG9uQ2hlY2tTZXNzaW9uQ2hhbmdlZCgpOiBPYnNlcnZhYmxlPGFueT4ge1xuICAgICAgICByZXR1cm4gdGhpcy5jaGVja1Nlc3Npb25DaGFuZ2VkLmFzT2JzZXJ2YWJsZSgpO1xuICAgIH1cblxuICAgIGNvbnN0cnVjdG9yKFxuICAgICAgICBwcml2YXRlIG9pZGNTZWN1cml0eUNvbW1vbjogT2lkY1NlY3VyaXR5Q29tbW9uLFxuICAgICAgICBwcml2YXRlIGxvZ2dlclNlcnZpY2U6IExvZ2dlclNlcnZpY2UsXG4gICAgICAgIHByaXZhdGUgaUZyYW1lU2VydmljZTogSUZyYW1lU2VydmljZSxcbiAgICAgICAgcHJpdmF0ZSB6b25lOiBOZ1pvbmUsXG4gICAgICAgIHByaXZhdGUgcmVhZG9ubHkgY29uZmlndXJhdGlvblByb3ZpZGVyOiBDb25maWd1cmF0aW9uUHJvdmlkZXJcbiAgICApIHt9XG5cbiAgICBwcml2YXRlIGRvZXNTZXNzaW9uRXhpc3QoKTogYm9vbGVhbiB7XG4gICAgICAgIGNvbnN0IGV4aXN0aW5nSUZyYW1lID0gdGhpcy5pRnJhbWVTZXJ2aWNlLmdldEV4aXN0aW5nSUZyYW1lKElGUkFNRV9GT1JfQ0hFQ0tfU0VTU0lPTl9JREVOVElGSUVSKTtcblxuICAgICAgICBpZiAoIWV4aXN0aW5nSUZyYW1lKSB7XG4gICAgICAgICAgICByZXR1cm4gZmFsc2U7XG4gICAgICAgIH1cblxuICAgICAgICB0aGlzLnNlc3Npb25JZnJhbWUgPSBleGlzdGluZ0lGcmFtZTtcbiAgICAgICAgcmV0dXJuIHRydWU7XG4gICAgfVxuXG4gICAgcHJpdmF0ZSBpbml0KCkge1xuICAgICAgICBpZiAodGhpcy5sYXN0SUZyYW1lUmVmcmVzaCArIHRoaXMuaWZyYW1lUmVmcmVzaEludGVydmFsID4gRGF0ZS5ub3coKSkge1xuICAgICAgICAgICAgcmV0dXJuIGZyb20oW3RoaXNdKTtcbiAgICAgICAgfVxuXG4gICAgICAgIGlmICghdGhpcy5kb2VzU2Vzc2lvbkV4aXN0KCkpIHtcbiAgICAgICAgICAgIHRoaXMuc2Vzc2lvbklmcmFtZSA9IHRoaXMuaUZyYW1lU2VydmljZS5hZGRJRnJhbWVUb1dpbmRvd0JvZHkoSUZSQU1FX0ZPUl9DSEVDS19TRVNTSU9OX0lERU5USUZJRVIpO1xuICAgICAgICAgICAgdGhpcy5pZnJhbWVNZXNzYWdlRXZlbnQgPSB0aGlzLm1lc3NhZ2VIYW5kbGVyLmJpbmQodGhpcyk7XG4gICAgICAgICAgICB3aW5kb3cuYWRkRXZlbnRMaXN0ZW5lcignbWVzc2FnZScsIHRoaXMuaWZyYW1lTWVzc2FnZUV2ZW50LCBmYWxzZSk7XG4gICAgICAgIH1cblxuICAgICAgICBpZiAoIXRoaXMuY29uZmlndXJhdGlvblByb3ZpZGVyLndlbGxLbm93bkVuZHBvaW50cykge1xuICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ1dhcm5pbmcoJ2luaXQgY2hlY2sgc2Vzc2lvbjogYXV0aFdlbGxLbm93bkVuZHBvaW50cyBpcyB1bmRlZmluZWQuIFJldHVybmluZy4nKTtcbiAgICAgICAgICAgIHJldHVybjtcbiAgICAgICAgfVxuXG4gICAgICAgIGlmICh0aGlzLmNvbmZpZ3VyYXRpb25Qcm92aWRlci53ZWxsS25vd25FbmRwb2ludHMuY2hlY2tfc2Vzc2lvbl9pZnJhbWUpIHtcbiAgICAgICAgICAgIHRoaXMuc2Vzc2lvbklmcmFtZS5jb250ZW50V2luZG93LmxvY2F0aW9uLnJlcGxhY2UodGhpcy5jb25maWd1cmF0aW9uUHJvdmlkZXIud2VsbEtub3duRW5kcG9pbnRzLmNoZWNrX3Nlc3Npb25faWZyYW1lKTtcbiAgICAgICAgfSBlbHNlIHtcbiAgICAgICAgICAgIHRoaXMubG9nZ2VyU2VydmljZS5sb2dXYXJuaW5nKCdpbml0IGNoZWNrIHNlc3Npb246IGF1dGhXZWxsS25vd25FbmRwb2ludHMgaXMgdW5kZWZpbmVkJyk7XG4gICAgICAgIH1cblxuICAgICAgICByZXR1cm4gT2JzZXJ2YWJsZS5jcmVhdGUoKG9ic2VydmVyOiBPYnNlcnZlcjxPaWRjU2VjdXJpdHlDaGVja1Nlc3Npb24+KSA9PiB7XG4gICAgICAgICAgICB0aGlzLnNlc3Npb25JZnJhbWUub25sb2FkID0gKCkgPT4ge1xuICAgICAgICAgICAgICAgIHRoaXMubGFzdElGcmFtZVJlZnJlc2ggPSBEYXRlLm5vdygpO1xuICAgICAgICAgICAgICAgIG9ic2VydmVyLm5leHQodGhpcyk7XG4gICAgICAgICAgICAgICAgb2JzZXJ2ZXIuY29tcGxldGUoKTtcbiAgICAgICAgICAgIH07XG4gICAgICAgIH0pO1xuICAgIH1cblxuICAgIHN0YXJ0Q2hlY2tpbmdTZXNzaW9uKGNsaWVudElkOiBzdHJpbmcpOiB2b2lkIHtcbiAgICAgICAgaWYgKHRoaXMuc2NoZWR1bGVkSGVhcnRCZWF0KSB7XG4gICAgICAgICAgICByZXR1cm47XG4gICAgICAgIH1cblxuICAgICAgICB0aGlzLnBvbGxTZXJ2ZXJTZXNzaW9uKGNsaWVudElkKTtcbiAgICB9XG5cbiAgICBzdG9wQ2hlY2tpbmdTZXNzaW9uKCk6IHZvaWQge1xuICAgICAgICBpZiAoIXRoaXMuc2NoZWR1bGVkSGVhcnRCZWF0KSB7XG4gICAgICAgICAgICByZXR1cm47XG4gICAgICAgIH1cblxuICAgICAgICB0aGlzLmNsZWFyU2NoZWR1bGVkSGVhcnRCZWF0KCk7XG4gICAgfVxuXG4gICAgcHJpdmF0ZSBwb2xsU2VydmVyU2Vzc2lvbihjbGllbnRJZDogc3RyaW5nKSB7XG4gICAgICAgIGNvbnN0IHBvbGxTZXJ2ZXJTZXNzaW9uUmVjdXIgPSAoKSA9PiB7XG4gICAgICAgICAgICB0aGlzLmluaXQoKVxuICAgICAgICAgICAgICAgIC5waXBlKHRha2UoMSkpXG4gICAgICAgICAgICAgICAgLnN1YnNjcmliZSgoKSA9PiB7XG4gICAgICAgICAgICAgICAgICAgIGlmICh0aGlzLnNlc3Npb25JZnJhbWUgJiYgY2xpZW50SWQpIHtcbiAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMubG9nZ2VyU2VydmljZS5sb2dEZWJ1Zyh0aGlzLnNlc3Npb25JZnJhbWUpO1xuICAgICAgICAgICAgICAgICAgICAgICAgY29uc3Qgc2Vzc2lvblN0YXRlID0gdGhpcy5vaWRjU2VjdXJpdHlDb21tb24uc2Vzc2lvblN0YXRlO1xuICAgICAgICAgICAgICAgICAgICAgICAgaWYgKHNlc3Npb25TdGF0ZSkge1xuICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMub3V0c3RhbmRpbmdNZXNzYWdlcysrO1xuICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMuc2Vzc2lvbklmcmFtZS5jb250ZW50V2luZG93LnBvc3RNZXNzYWdlKFxuICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICBjbGllbnRJZCArICcgJyArIHNlc3Npb25TdGF0ZSxcbiAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5jb25maWd1cmF0aW9uUHJvdmlkZXIub3BlbklEQ29uZmlndXJhdGlvbi5zdHNTZXJ2ZXJcbiAgICAgICAgICAgICAgICAgICAgICAgICAgICApO1xuICAgICAgICAgICAgICAgICAgICAgICAgfSBlbHNlIHtcbiAgICAgICAgICAgICAgICAgICAgICAgICAgICB0aGlzLmxvZ2dlclNlcnZpY2UubG9nRGVidWcoJ09pZGNTZWN1cml0eUNoZWNrU2Vzc2lvbiBwb2xsU2VydmVyU2Vzc2lvbiBzZXNzaW9uX3N0YXRlIGlzIGJsYW5rJyk7XG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5jaGVja1Nlc3Npb25DaGFuZ2VkLm5leHQoKTtcbiAgICAgICAgICAgICAgICAgICAgICAgIH1cbiAgICAgICAgICAgICAgICAgICAgfSBlbHNlIHtcbiAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMubG9nZ2VyU2VydmljZS5sb2dXYXJuaW5nKCdPaWRjU2VjdXJpdHlDaGVja1Nlc3Npb24gcG9sbFNlcnZlclNlc3Npb24gc2Vzc2lvbklmcmFtZSBkb2VzIG5vdCBleGlzdCcpO1xuICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ0RlYnVnKGNsaWVudElkKTtcbiAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMubG9nZ2VyU2VydmljZS5sb2dEZWJ1Zyh0aGlzLnNlc3Npb25JZnJhbWUpO1xuICAgICAgICAgICAgICAgICAgICAgICAgLy8gdGhpcy5pbml0KCk7XG4gICAgICAgICAgICAgICAgICAgIH1cblxuICAgICAgICAgICAgICAgICAgICAvLyBhZnRlciBzZW5kaW5nIHRocmVlIG1lc3NhZ2VzIHdpdGggbm8gcmVzcG9uc2UsIGZhaWwuXG4gICAgICAgICAgICAgICAgICAgIGlmICh0aGlzLm91dHN0YW5kaW5nTWVzc2FnZXMgPiAzKSB7XG4gICAgICAgICAgICAgICAgICAgICAgICB0aGlzLmxvZ2dlclNlcnZpY2UubG9nRXJyb3IoXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgYE9pZGNTZWN1cml0eUNoZWNrU2Vzc2lvbiBub3QgcmVjZWl2aW5nIGNoZWNrIHNlc3Npb24gcmVzcG9uc2UgbWVzc2FnZXMuXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgT3V0c3RhbmRpbmcgbWVzc2FnZXM6ICR7dGhpcy5vdXRzdGFuZGluZ01lc3NhZ2VzfS4gU2VydmVyIHVucmVhY2hhYmxlP2BcbiAgICAgICAgICAgICAgICAgICAgICAgICk7XG4gICAgICAgICAgICAgICAgICAgICAgICB0aGlzLmNoZWNrU2Vzc2lvbkNoYW5nZWQubmV4dCgpO1xuICAgICAgICAgICAgICAgICAgICB9XG5cbiAgICAgICAgICAgICAgICAgICAgdGhpcy5zY2hlZHVsZWRIZWFydEJlYXQgPSBzZXRUaW1lb3V0KHBvbGxTZXJ2ZXJTZXNzaW9uUmVjdXIsIHRoaXMuaGVhcnRCZWF0SW50ZXJ2YWwpO1xuICAgICAgICAgICAgICAgIH0pO1xuICAgICAgICB9O1xuXG4gICAgICAgIHRoaXMub3V0c3RhbmRpbmdNZXNzYWdlcyA9IDA7XG5cbiAgICAgICAgdGhpcy56b25lLnJ1bk91dHNpZGVBbmd1bGFyKCgpID0+IHtcbiAgICAgICAgICAgIHRoaXMuc2NoZWR1bGVkSGVhcnRCZWF0ID0gc2V0VGltZW91dChwb2xsU2VydmVyU2Vzc2lvblJlY3VyLCB0aGlzLmhlYXJ0QmVhdEludGVydmFsKTtcbiAgICAgICAgfSk7XG4gICAgfVxuICAgIHByaXZhdGUgY2xlYXJTY2hlZHVsZWRIZWFydEJlYXQoKSB7XG4gICAgICAgIGNsZWFyVGltZW91dCh0aGlzLnNjaGVkdWxlZEhlYXJ0QmVhdCk7XG4gICAgICAgIHRoaXMuc2NoZWR1bGVkSGVhcnRCZWF0ID0gbnVsbDtcbiAgICB9XG5cbiAgICBwcml2YXRlIG1lc3NhZ2VIYW5kbGVyKGU6IGFueSkge1xuICAgICAgICB0aGlzLm91dHN0YW5kaW5nTWVzc2FnZXMgPSAwO1xuICAgICAgICBpZiAoXG4gICAgICAgICAgICB0aGlzLnNlc3Npb25JZnJhbWUgJiZcbiAgICAgICAgICAgIHRoaXMuY29uZmlndXJhdGlvblByb3ZpZGVyLm9wZW5JRENvbmZpZ3VyYXRpb24uc3RzU2VydmVyLnN0YXJ0c1dpdGgoZS5vcmlnaW4pICYmXG4gICAgICAgICAgICBlLnNvdXJjZSA9PT0gdGhpcy5zZXNzaW9uSWZyYW1lLmNvbnRlbnRXaW5kb3dcbiAgICAgICAgKSB7XG4gICAgICAgICAgICBpZiAoZS5kYXRhID09PSAnZXJyb3InKSB7XG4gICAgICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ1dhcm5pbmcoJ2Vycm9yIGZyb20gY2hlY2tzZXNzaW9uIG1lc3NhZ2VIYW5kbGVyJyk7XG4gICAgICAgICAgICB9IGVsc2UgaWYgKGUuZGF0YSA9PT0gJ2NoYW5nZWQnKSB7XG4gICAgICAgICAgICAgICAgdGhpcy5jaGVja1Nlc3Npb25DaGFuZ2VkLm5leHQoKTtcbiAgICAgICAgICAgIH0gZWxzZSB7XG4gICAgICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ0RlYnVnKGUuZGF0YSArICcgZnJvbSBjaGVja3Nlc3Npb24gbWVzc2FnZUhhbmRsZXInKTtcbiAgICAgICAgICAgIH1cbiAgICAgICAgfVxuICAgIH1cbn1cbiJdfQ==

esm5/lib/services/oidc.security.check-session.js

@@ -207,3 +207,3 @@ /**
         if (this.sessionIframe &&
-            e.origin === this.configurationProvider.openIDConfiguration.stsServer &&
+            this.configurationProvider.openIDConfiguration.stsServer.startsWith(e.origin) &&
             e.source === this.sessionIframe.contentWindow) {
@@ -302,2 +302,2 @@ if (e.data === 'error') {
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib2lkYy5zZWN1cml0eS5jaGVjay1zZXNzaW9uLmpzIiwic291cmNlUm9vdCI6Im5nOi8vYW5ndWxhci1hdXRoLW9pZGMtY2xpZW50LyIsInNvdXJjZXMiOlsibGliL3NlcnZpY2VzL29pZGMuc2VjdXJpdHkuY2hlY2stc2Vzc2lvbi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7O0FBQUEsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLEVBQUUsTUFBTSxlQUFlLENBQUM7QUFDbkQsT0FBTyxFQUFFLElBQUksRUFBRSxVQUFVLEVBQVksT0FBTyxFQUFFLE1BQU0sTUFBTSxDQUFDO0FBQzNELE9BQU8sRUFBRSxJQUFJLEVBQUUsTUFBTSxnQkFBZ0IsQ0FBQztBQUN0QyxPQUFPLEVBQUUscUJBQXFCLEVBQUUsTUFBTSwrQkFBK0IsQ0FBQztBQUN0RSxPQUFPLEVBQUUsYUFBYSxFQUFFLE1BQU0sMkJBQTJCLENBQUM7QUFDMUQsT0FBTyxFQUFFLGFBQWEsRUFBRSxNQUFNLHVCQUF1QixDQUFDO0FBQ3RELE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxNQUFNLHdCQUF3QixDQUFDOztJQUV0RCxtQ0FBbUMsR0FBRyx5QkFBeUI7O0FBSXJFO0lBZUksa0NBQ1ksa0JBQXNDLEVBQ3RDLGFBQTRCLEVBQzVCLGFBQTRCLEVBQzVCLElBQVksRUFDSCxxQkFBNEM7UUFKckQsdUJBQWtCLEdBQWxCLGtCQUFrQixDQUFvQjtRQUN0QyxrQkFBYSxHQUFiLGFBQWEsQ0FBZTtRQUM1QixrQkFBYSxHQUFiLGFBQWEsQ0FBZTtRQUM1QixTQUFJLEdBQUosSUFBSSxDQUFRO1FBQ0gsMEJBQXFCLEdBQXJCLHFCQUFxQixDQUF1QjtRQWZ6RCxzQkFBaUIsR0FBRyxDQUFDLENBQUM7UUFDdEIsd0JBQW1CLEdBQUcsQ0FBQyxDQUFDO1FBQ3hCLHNCQUFpQixHQUFHLElBQUksQ0FBQztRQUN6QiwwQkFBcUIsR0FBRyxLQUFLLENBQUM7UUFDOUIsd0JBQW1CLEdBQUcsSUFBSSxPQUFPLEVBQU8sQ0FBQztJQVk5QyxDQUFDO0lBVkosc0JBQVcsMkRBQXFCOzs7O1FBQWhDO1lBQ0ksT0FBTyxJQUFJLENBQUMsbUJBQW1CLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDbkQsQ0FBQzs7O09BQUE7Ozs7O0lBVU8sbURBQWdCOzs7O0lBQXhCOztZQUNVLGNBQWMsR0FBRyxJQUFJLENBQUMsYUFBYSxDQUFDLGlCQUFpQixDQUFDLG1DQUFtQyxDQUFDO1FBRWhHLElBQUksQ0FBQyxjQUFjLEVBQUU7WUFDakIsT0FBTyxLQUFLLENBQUM7U0FDaEI7UUFFRCxJQUFJLENBQUMsYUFBYSxHQUFHLGNBQWMsQ0FBQztRQUNwQyxPQUFPLElBQUksQ0FBQztJQUNoQixDQUFDOzs7OztJQUVPLHVDQUFJOzs7O0lBQVo7UUFBQSxpQkE2QkM7UUE1QkcsSUFBSSxJQUFJLENBQUMsaUJBQWlCLEdBQUcsSUFBSSxDQUFDLHFCQUFxQixHQUFHLElBQUksQ0FBQyxHQUFHLEVBQUUsRUFBRTtZQUNsRSxPQUFPLElBQUksQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUM7U0FDdkI7UUFFRCxJQUFJLENBQUMsSUFBSSxDQUFDLGdCQUFnQixFQUFFLEVBQUU7WUFDMUIsSUFBSSxDQUFDLGFBQWEsR0FBRyxJQUFJLENBQUMsYUFBYSxDQUFDLHFCQUFxQixDQUFDLG1DQUFtQyxDQUFDLENBQUM7WUFDbkcsSUFBSSxDQUFDLGtCQUFrQixHQUFHLElBQUksQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ3pELE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxTQUFTLEVBQUUsSUFBSSxDQUFDLGtCQUFrQixFQUFFLEtBQUssQ0FBQyxDQUFDO1NBQ3RFO1FBRUQsSUFBSSxDQUFDLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxrQkFBa0IsRUFBRTtZQUNoRCxJQUFJLENBQUMsYUFBYSxDQUFDLFVBQVUsQ0FBQyxxRUFBcUUsQ0FBQyxDQUFDO1lBQ3JHLE9BQU87U0FDVjtRQUVELElBQUksSUFBSSxDQUFDLHFCQUFxQixDQUFDLGtCQUFrQixDQUFDLG9CQUFvQixFQUFFO1lBQ3BFLElBQUksQ0FBQyxhQUFhLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLHFCQUFxQixDQUFDLGtCQUFrQixDQUFDLG9CQUFvQixDQUFDLENBQUM7U0FDekg7YUFBTTtZQUNILElBQUksQ0FBQyxhQUFhLENBQUMsVUFBVSxDQUFDLHlEQUF5RCxDQUFDLENBQUM7U0FDNUY7UUFFRCxPQUFPLFVBQVUsQ0FBQyxNQUFNOzs7O1FBQUMsVUFBQyxRQUE0QztZQUNsRSxLQUFJLENBQUMsYUFBYSxDQUFDLE1BQU07OztZQUFHO2dCQUN4QixLQUFJLENBQUMsaUJBQWlCLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO2dCQUNwQyxRQUFRLENBQUMsSUFBSSxDQUFDLEtBQUksQ0FBQyxDQUFDO2dCQUNwQixRQUFRLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDeEIsQ0FBQyxDQUFBLENBQUM7UUFDTixDQUFDLEVBQUMsQ0FBQztJQUNQLENBQUM7Ozs7O0lBRUQsdURBQW9COzs7O0lBQXBCLFVBQXFCLFFBQWdCO1FBQ2pDLElBQUksSUFBSSxDQUFDLGtCQUFrQixFQUFFO1lBQ3pCLE9BQU87U0FDVjtRQUVELElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxRQUFRLENBQUMsQ0FBQztJQUNyQyxDQUFDOzs7O0lBRUQsc0RBQW1COzs7SUFBbkI7UUFDSSxJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFrQixFQUFFO1lBQzFCLE9BQU87U0FDVjtRQUVELElBQUksQ0FBQyx1QkFBdUIsRUFBRSxDQUFDO0lBQ25DLENBQUM7Ozs7OztJQUVPLG9EQUFpQjs7Ozs7SUFBekIsVUFBMEIsUUFBZ0I7UUFBMUMsaUJBMkNDOztZQTFDUyxzQkFBc0I7OztRQUFHO1lBQzNCLEtBQUksQ0FBQyxJQUFJLEVBQUU7aUJBQ04sSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQztpQkFDYixTQUFTOzs7WUFBQztnQkFDUCxJQUFJLEtBQUksQ0FBQyxhQUFhLElBQUksUUFBUSxFQUFFO29CQUNoQyxLQUFJLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxLQUFJLENBQUMsYUFBYSxDQUFDLENBQUM7O3dCQUMxQyxZQUFZLEdBQUcsS0FBSSxDQUFDLGtCQUFrQixDQUFDLFlBQVk7b0JBQ3pELElBQUksWUFBWSxFQUFFO3dCQUNkLEtBQUksQ0FBQyxtQkFBbUIsRUFBRSxDQUFDO3dCQUMzQixLQUFJLENBQUMsYUFBYSxDQUFDLGFBQWEsQ0FBQyxXQUFXLENBQ3hDLFFBQVEsR0FBRyxHQUFHLEdBQUcsWUFBWSxFQUM3QixLQUFJLENBQUMscUJBQXFCLENBQUMsbUJBQW1CLENBQUMsU0FBUyxDQUMzRCxDQUFDO3FCQUNMO3lCQUFNO3dCQUNILEtBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLG1FQUFtRSxDQUFDLENBQUM7d0JBQ2pHLEtBQUksQ0FBQyxtQkFBbUIsQ0FBQyxJQUFJLEVBQUUsQ0FBQztxQkFDbkM7aUJBQ0o7cUJBQU07b0JBQ0gsS0FBSSxDQUFDLGFBQWEsQ0FBQyxVQUFVLENBQUMseUVBQXlFLENBQUMsQ0FBQztvQkFDekcsS0FBSSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDLENBQUM7b0JBQ3RDLEtBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLEtBQUksQ0FBQyxhQUFhLENBQUMsQ0FBQztvQkFDaEQsZUFBZTtpQkFDbEI7Z0JBRUQsdURBQXVEO2dCQUN2RCxJQUFJLEtBQUksQ0FBQyxtQkFBbUIsR0FBRyxDQUFDLEVBQUU7b0JBQzlCLEtBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUN2QixnSUFDd0IsS0FBSSxDQUFDLG1CQUFtQiwwQkFBdUIsQ0FDMUUsQ0FBQztvQkFDRixLQUFJLENBQUMsbUJBQW1CLENBQUMsSUFBSSxFQUFFLENBQUM7aUJBQ25DO2dCQUVELEtBQUksQ0FBQyxrQkFBa0IsR0FBRyxVQUFVLENBQUMsc0JBQXNCLEVBQUUsS0FBSSxDQUFDLGlCQUFpQixDQUFDLENBQUM7WUFDekYsQ0FBQyxFQUFDLENBQUM7UUFDWCxDQUFDLENBQUE7UUFFRCxJQUFJLENBQUMsbUJBQW1CLEdBQUcsQ0FBQyxDQUFDO1FBRTdCLElBQUksQ0FBQyxJQUFJLENBQUMsaUJBQWlCOzs7UUFBQztZQUN4QixLQUFJLENBQUMsa0JBQWtCLEdBQUcsVUFBVSxDQUFDLHNCQUFzQixFQUFFLEtBQUksQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO1FBQ3pGLENBQUMsRUFBQyxDQUFDO0lBQ1AsQ0FBQzs7Ozs7SUFDTywwREFBdUI7Ozs7SUFBL0I7UUFDSSxZQUFZLENBQUMsSUFBSSxDQUFDLGtCQUFrQixDQUFDLENBQUM7UUFDdEMsSUFBSSxDQUFDLGtCQUFrQixHQUFHLElBQUksQ0FBQztJQUNuQyxDQUFDOzs7Ozs7SUFFTyxpREFBYzs7Ozs7SUFBdEIsVUFBdUIsQ0FBTTtRQUN6QixJQUFJLENBQUMsbUJBQW1CLEdBQUcsQ0FBQyxDQUFDO1FBQzdCLElBQ0ksSUFBSSxDQUFDLGFBQWE7WUFDbEIsQ0FBQyxDQUFDLE1BQU0sS0FBSyxJQUFJLENBQUMscUJBQXFCLENBQUMsbUJBQW1CLENBQUMsU0FBUztZQUNyRSxDQUFDLENBQUMsTUFBTSxLQUFLLElBQUksQ0FBQyxhQUFhLENBQUMsYUFBYSxFQUMvQztZQUNFLElBQUksQ0FBQyxDQUFDLElBQUksS0FBSyxPQUFPLEVBQUU7Z0JBQ3BCLElBQUksQ0FBQyxhQUFhLENBQUMsVUFBVSxDQUFDLHdDQUF3QyxDQUFDLENBQUM7YUFDM0U7aUJBQU0sSUFBSSxDQUFDLENBQUMsSUFBSSxLQUFLLFNBQVMsRUFBRTtnQkFDN0IsSUFBSSxDQUFDLG1CQUFtQixDQUFDLElBQUksRUFBRSxDQUFDO2FBQ25DO2lCQUFNO2dCQUNILElBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQyxJQUFJLEdBQUcsbUNBQW1DLENBQUMsQ0FBQzthQUM3RTtTQUNKO0lBQ0wsQ0FBQzs7Z0JBakpKLFVBQVU7Ozs7Z0JBTkYsa0JBQWtCO2dCQURsQixhQUFhO2dCQURiLGFBQWE7Z0JBSkQsTUFBTTtnQkFHbEIscUJBQXFCOztJQTJKOUIsK0JBQUM7Q0FBQSxBQWxKRCxJQWtKQztTQWpKWSx3QkFBd0I7Ozs7OztJQUNqQyxpREFBMkI7Ozs7O0lBQzNCLHNEQUFnQzs7Ozs7SUFDaEMsc0RBQWdDOzs7OztJQUNoQyxxREFBOEI7Ozs7O0lBQzlCLHVEQUFnQzs7Ozs7SUFDaEMscURBQWlDOzs7OztJQUNqQyx5REFBc0M7Ozs7O0lBQ3RDLHVEQUFpRDs7Ozs7SUFPN0Msc0RBQThDOzs7OztJQUM5QyxpREFBb0M7Ozs7O0lBQ3BDLGlEQUFvQzs7Ozs7SUFDcEMsd0NBQW9COzs7OztJQUNwQix5REFBNkQiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBJbmplY3RhYmxlLCBOZ1pvbmUgfSBmcm9tICdAYW5ndWxhci9jb3JlJztcbmltcG9ydCB7IGZyb20sIE9ic2VydmFibGUsIE9ic2VydmVyLCBTdWJqZWN0IH0gZnJvbSAncnhqcyc7XG5pbXBvcnQgeyB0YWtlIH0gZnJvbSAncnhqcy9vcGVyYXRvcnMnO1xuaW1wb3J0IHsgQ29uZmlndXJhdGlvblByb3ZpZGVyIH0gZnJvbSAnLi9hdXRoLWNvbmZpZ3VyYXRpb24ucHJvdmlkZXInO1xuaW1wb3J0IHsgSUZyYW1lU2VydmljZSB9IGZyb20gJy4vZXhpc3RpbmctaWZyYW1lLnNlcnZpY2UnO1xuaW1wb3J0IHsgTG9nZ2VyU2VydmljZSB9IGZyb20gJy4vb2lkYy5sb2dnZXIuc2VydmljZSc7XG5pbXBvcnQgeyBPaWRjU2VjdXJpdHlDb21tb24gfSBmcm9tICcuL29pZGMuc2VjdXJpdHkuY29tbW9uJztcblxuY29uc3QgSUZSQU1FX0ZPUl9DSEVDS19TRVNTSU9OX0lERU5USUZJRVIgPSAnbXlpRnJhbWVGb3JDaGVja1Nlc3Npb24nO1xuXG4vLyBodHRwOi8vb3BlbmlkLm5ldC9zcGVjcy9vcGVuaWQtY29ubmVjdC1zZXNzaW9uLTFfMC1JRDQuaHRtbFxuXG5ASW5qZWN0YWJsZSgpXG5leHBvcnQgY2xhc3MgT2lkY1NlY3VyaXR5Q2hlY2tTZXNzaW9uIHtcbiAgICBwcml2YXRlIHNlc3Npb25JZnJhbWU6IGFueTtcbiAgICBwcml2YXRlIGlmcmFtZU1lc3NhZ2VFdmVudDogYW55O1xuICAgIHByaXZhdGUgc2NoZWR1bGVkSGVhcnRCZWF0OiBhbnk7XG4gICAgcHJpdmF0ZSBsYXN0SUZyYW1lUmVmcmVzaCA9IDA7XG4gICAgcHJpdmF0ZSBvdXRzdGFuZGluZ01lc3NhZ2VzID0gMDtcbiAgICBwcml2YXRlIGhlYXJ0QmVhdEludGVydmFsID0gMzAwMDtcbiAgICBwcml2YXRlIGlmcmFtZVJlZnJlc2hJbnRlcnZhbCA9IDYwMDAwO1xuICAgIHByaXZhdGUgY2hlY2tTZXNzaW9uQ2hhbmdlZCA9IG5ldyBTdWJqZWN0PGFueT4oKTtcblxuICAgIHB1YmxpYyBnZXQgb25DaGVja1Nlc3Npb25DaGFuZ2VkKCk6IE9ic2VydmFibGU8YW55PiB7XG4gICAgICAgIHJldHVybiB0aGlzLmNoZWNrU2Vzc2lvbkNoYW5nZWQuYXNPYnNlcnZhYmxlKCk7XG4gICAgfVxuXG4gICAgY29uc3RydWN0b3IoXG4gICAgICAgIHByaXZhdGUgb2lkY1NlY3VyaXR5Q29tbW9uOiBPaWRjU2VjdXJpdHlDb21tb24sXG4gICAgICAgIHByaXZhdGUgbG9nZ2VyU2VydmljZTogTG9nZ2VyU2VydmljZSxcbiAgICAgICAgcHJpdmF0ZSBpRnJhbWVTZXJ2aWNlOiBJRnJhbWVTZXJ2aWNlLFxuICAgICAgICBwcml2YXRlIHpvbmU6IE5nWm9uZSxcbiAgICAgICAgcHJpdmF0ZSByZWFkb25seSBjb25maWd1cmF0aW9uUHJvdmlkZXI6IENvbmZpZ3VyYXRpb25Qcm92aWRlclxuICAgICkge31cblxuICAgIHByaXZhdGUgZG9lc1Nlc3Npb25FeGlzdCgpOiBib29sZWFuIHtcbiAgICAgICAgY29uc3QgZXhpc3RpbmdJRnJhbWUgPSB0aGlzLmlGcmFtZVNlcnZpY2UuZ2V0RXhpc3RpbmdJRnJhbWUoSUZSQU1FX0ZPUl9DSEVDS19TRVNTSU9OX0lERU5USUZJRVIpO1xuXG4gICAgICAgIGlmICghZXhpc3RpbmdJRnJhbWUpIHtcbiAgICAgICAgICAgIHJldHVybiBmYWxzZTtcbiAgICAgICAgfVxuXG4gICAgICAgIHRoaXMuc2Vzc2lvbklmcmFtZSA9IGV4aXN0aW5nSUZyYW1lO1xuICAgICAgICByZXR1cm4gdHJ1ZTtcbiAgICB9XG5cbiAgICBwcml2YXRlIGluaXQoKSB7XG4gICAgICAgIGlmICh0aGlzLmxhc3RJRnJhbWVSZWZyZXNoICsgdGhpcy5pZnJhbWVSZWZyZXNoSW50ZXJ2YWwgPiBEYXRlLm5vdygpKSB7XG4gICAgICAgICAgICByZXR1cm4gZnJvbShbdGhpc10pO1xuICAgICAgICB9XG5cbiAgICAgICAgaWYgKCF0aGlzLmRvZXNTZXNzaW9uRXhpc3QoKSkge1xuICAgICAgICAgICAgdGhpcy5zZXNzaW9uSWZyYW1lID0gdGhpcy5pRnJhbWVTZXJ2aWNlLmFkZElGcmFtZVRvV2luZG93Qm9keShJRlJBTUVfRk9SX0NIRUNLX1NFU1NJT05fSURFTlRJRklFUik7XG4gICAgICAgICAgICB0aGlzLmlmcmFtZU1lc3NhZ2VFdmVudCA9IHRoaXMubWVzc2FnZUhhbmRsZXIuYmluZCh0aGlzKTtcbiAgICAgICAgICAgIHdpbmRvdy5hZGRFdmVudExpc3RlbmVyKCdtZXNzYWdlJywgdGhpcy5pZnJhbWVNZXNzYWdlRXZlbnQsIGZhbHNlKTtcbiAgICAgICAgfVxuXG4gICAgICAgIGlmICghdGhpcy5jb25maWd1cmF0aW9uUHJvdmlkZXIud2VsbEtub3duRW5kcG9pbnRzKSB7XG4gICAgICAgICAgICB0aGlzLmxvZ2dlclNlcnZpY2UubG9nV2FybmluZygnaW5pdCBjaGVjayBzZXNzaW9uOiBhdXRoV2VsbEtub3duRW5kcG9pbnRzIGlzIHVuZGVmaW5lZC4gUmV0dXJuaW5nLicpO1xuICAgICAgICAgICAgcmV0dXJuO1xuICAgICAgICB9XG5cbiAgICAgICAgaWYgKHRoaXMuY29uZmlndXJhdGlvblByb3ZpZGVyLndlbGxLbm93bkVuZHBvaW50cy5jaGVja19zZXNzaW9uX2lmcmFtZSkge1xuICAgICAgICAgICAgdGhpcy5zZXNzaW9uSWZyYW1lLmNvbnRlbnRXaW5kb3cubG9jYXRpb24ucmVwbGFjZSh0aGlzLmNvbmZpZ3VyYXRpb25Qcm92aWRlci53ZWxsS25vd25FbmRwb2ludHMuY2hlY2tfc2Vzc2lvbl9pZnJhbWUpO1xuICAgICAgICB9IGVsc2Uge1xuICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ1dhcm5pbmcoJ2luaXQgY2hlY2sgc2Vzc2lvbjogYXV0aFdlbGxLbm93bkVuZHBvaW50cyBpcyB1bmRlZmluZWQnKTtcbiAgICAgICAgfVxuXG4gICAgICAgIHJldHVybiBPYnNlcnZhYmxlLmNyZWF0ZSgob2JzZXJ2ZXI6IE9ic2VydmVyPE9pZGNTZWN1cml0eUNoZWNrU2Vzc2lvbj4pID0+IHtcbiAgICAgICAgICAgIHRoaXMuc2Vzc2lvbklmcmFtZS5vbmxvYWQgPSAoKSA9PiB7XG4gICAgICAgICAgICAgICAgdGhpcy5sYXN0SUZyYW1lUmVmcmVzaCA9IERhdGUubm93KCk7XG4gICAgICAgICAgICAgICAgb2JzZXJ2ZXIubmV4dCh0aGlzKTtcbiAgICAgICAgICAgICAgICBvYnNlcnZlci5jb21wbGV0ZSgpO1xuICAgICAgICAgICAgfTtcbiAgICAgICAgfSk7XG4gICAgfVxuXG4gICAgc3RhcnRDaGVja2luZ1Nlc3Npb24oY2xpZW50SWQ6IHN0cmluZyk6IHZvaWQge1xuICAgICAgICBpZiAodGhpcy5zY2hlZHVsZWRIZWFydEJlYXQpIHtcbiAgICAgICAgICAgIHJldHVybjtcbiAgICAgICAgfVxuXG4gICAgICAgIHRoaXMucG9sbFNlcnZlclNlc3Npb24oY2xpZW50SWQpO1xuICAgIH1cblxuICAgIHN0b3BDaGVja2luZ1Nlc3Npb24oKTogdm9pZCB7XG4gICAgICAgIGlmICghdGhpcy5zY2hlZHVsZWRIZWFydEJlYXQpIHtcbiAgICAgICAgICAgIHJldHVybjtcbiAgICAgICAgfVxuXG4gICAgICAgIHRoaXMuY2xlYXJTY2hlZHVsZWRIZWFydEJlYXQoKTtcbiAgICB9XG5cbiAgICBwcml2YXRlIHBvbGxTZXJ2ZXJTZXNzaW9uKGNsaWVudElkOiBzdHJpbmcpIHtcbiAgICAgICAgY29uc3QgcG9sbFNlcnZlclNlc3Npb25SZWN1ciA9ICgpID0+IHtcbiAgICAgICAgICAgIHRoaXMuaW5pdCgpXG4gICAgICAgICAgICAgICAgLnBpcGUodGFrZSgxKSlcbiAgICAgICAgICAgICAgICAuc3Vic2NyaWJlKCgpID0+IHtcbiAgICAgICAgICAgICAgICAgICAgaWYgKHRoaXMuc2Vzc2lvbklmcmFtZSAmJiBjbGllbnRJZCkge1xuICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ0RlYnVnKHRoaXMuc2Vzc2lvbklmcmFtZSk7XG4gICAgICAgICAgICAgICAgICAgICAgICBjb25zdCBzZXNzaW9uU3RhdGUgPSB0aGlzLm9pZGNTZWN1cml0eUNvbW1vbi5zZXNzaW9uU3RhdGU7XG4gICAgICAgICAgICAgICAgICAgICAgICBpZiAoc2Vzc2lvblN0YXRlKSB7XG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5vdXRzdGFuZGluZ01lc3NhZ2VzKys7XG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5zZXNzaW9uSWZyYW1lLmNvbnRlbnRXaW5kb3cucG9zdE1lc3NhZ2UoXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGNsaWVudElkICsgJyAnICsgc2Vzc2lvblN0YXRlLFxuICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB0aGlzLmNvbmZpZ3VyYXRpb25Qcm92aWRlci5vcGVuSURDb25maWd1cmF0aW9uLnN0c1NlcnZlclxuICAgICAgICAgICAgICAgICAgICAgICAgICAgICk7XG4gICAgICAgICAgICAgICAgICAgICAgICB9IGVsc2Uge1xuICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMubG9nZ2VyU2VydmljZS5sb2dEZWJ1ZygnT2lkY1NlY3VyaXR5Q2hlY2tTZXNzaW9uIHBvbGxTZXJ2ZXJTZXNzaW9uIHNlc3Npb25fc3RhdGUgaXMgYmxhbmsnKTtcbiAgICAgICAgICAgICAgICAgICAgICAgICAgICB0aGlzLmNoZWNrU2Vzc2lvbkNoYW5nZWQubmV4dCgpO1xuICAgICAgICAgICAgICAgICAgICAgICAgfVxuICAgICAgICAgICAgICAgICAgICB9IGVsc2Uge1xuICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ1dhcm5pbmcoJ09pZGNTZWN1cml0eUNoZWNrU2Vzc2lvbiBwb2xsU2VydmVyU2Vzc2lvbiBzZXNzaW9uSWZyYW1lIGRvZXMgbm90IGV4aXN0Jyk7XG4gICAgICAgICAgICAgICAgICAgICAgICB0aGlzLmxvZ2dlclNlcnZpY2UubG9nRGVidWcoY2xpZW50SWQpO1xuICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ0RlYnVnKHRoaXMuc2Vzc2lvbklmcmFtZSk7XG4gICAgICAgICAgICAgICAgICAgICAgICAvLyB0aGlzLmluaXQoKTtcbiAgICAgICAgICAgICAgICAgICAgfVxuXG4gICAgICAgICAgICAgICAgICAgIC8vIGFmdGVyIHNlbmRpbmcgdGhyZWUgbWVzc2FnZXMgd2l0aCBubyByZXNwb25zZSwgZmFpbC5cbiAgICAgICAgICAgICAgICAgICAgaWYgKHRoaXMub3V0c3RhbmRpbmdNZXNzYWdlcyA+IDMpIHtcbiAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMubG9nZ2VyU2VydmljZS5sb2dFcnJvcihcbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBgT2lkY1NlY3VyaXR5Q2hlY2tTZXNzaW9uIG5vdCByZWNlaXZpbmcgY2hlY2sgc2Vzc2lvbiByZXNwb25zZSBtZXNzYWdlcy5cbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBPdXRzdGFuZGluZyBtZXNzYWdlczogJHt0aGlzLm91dHN0YW5kaW5nTWVzc2FnZXN9LiBTZXJ2ZXIgdW5yZWFjaGFibGU/YFxuICAgICAgICAgICAgICAgICAgICAgICAgKTtcbiAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMuY2hlY2tTZXNzaW9uQ2hhbmdlZC5uZXh0KCk7XG4gICAgICAgICAgICAgICAgICAgIH1cblxuICAgICAgICAgICAgICAgICAgICB0aGlzLnNjaGVkdWxlZEhlYXJ0QmVhdCA9IHNldFRpbWVvdXQocG9sbFNlcnZlclNlc3Npb25SZWN1ciwgdGhpcy5oZWFydEJlYXRJbnRlcnZhbCk7XG4gICAgICAgICAgICAgICAgfSk7XG4gICAgICAgIH07XG5cbiAgICAgICAgdGhpcy5vdXRzdGFuZGluZ01lc3NhZ2VzID0gMDtcblxuICAgICAgICB0aGlzLnpvbmUucnVuT3V0c2lkZUFuZ3VsYXIoKCkgPT4ge1xuICAgICAgICAgICAgdGhpcy5zY2hlZHVsZWRIZWFydEJlYXQgPSBzZXRUaW1lb3V0KHBvbGxTZXJ2ZXJTZXNzaW9uUmVjdXIsIHRoaXMuaGVhcnRCZWF0SW50ZXJ2YWwpO1xuICAgICAgICB9KTtcbiAgICB9XG4gICAgcHJpdmF0ZSBjbGVhclNjaGVkdWxlZEhlYXJ0QmVhdCgpIHtcbiAgICAgICAgY2xlYXJUaW1lb3V0KHRoaXMuc2NoZWR1bGVkSGVhcnRCZWF0KTtcbiAgICAgICAgdGhpcy5zY2hlZHVsZWRIZWFydEJlYXQgPSBudWxsO1xuICAgIH1cblxuICAgIHByaXZhdGUgbWVzc2FnZUhhbmRsZXIoZTogYW55KSB7XG4gICAgICAgIHRoaXMub3V0c3RhbmRpbmdNZXNzYWdlcyA9IDA7XG4gICAgICAgIGlmIChcbiAgICAgICAgICAgIHRoaXMuc2Vzc2lvbklmcmFtZSAmJlxuICAgICAgICAgICAgZS5vcmlnaW4gPT09IHRoaXMuY29uZmlndXJhdGlvblByb3ZpZGVyLm9wZW5JRENvbmZpZ3VyYXRpb24uc3RzU2VydmVyICYmXG4gICAgICAgICAgICBlLnNvdXJjZSA9PT0gdGhpcy5zZXNzaW9uSWZyYW1lLmNvbnRlbnRXaW5kb3dcbiAgICAgICAgKSB7XG4gICAgICAgICAgICBpZiAoZS5kYXRhID09PSAnZXJyb3InKSB7XG4gICAgICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ1dhcm5pbmcoJ2Vycm9yIGZyb20gY2hlY2tzZXNzaW9uIG1lc3NhZ2VIYW5kbGVyJyk7XG4gICAgICAgICAgICB9IGVsc2UgaWYgKGUuZGF0YSA9PT0gJ2NoYW5nZWQnKSB7XG4gICAgICAgICAgICAgICAgdGhpcy5jaGVja1Nlc3Npb25DaGFuZ2VkLm5leHQoKTtcbiAgICAgICAgICAgIH0gZWxzZSB7XG4gICAgICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ0RlYnVnKGUuZGF0YSArICcgZnJvbSBjaGVja3Nlc3Npb24gbWVzc2FnZUhhbmRsZXInKTtcbiAgICAgICAgICAgIH1cbiAgICAgICAgfVxuICAgIH1cbn1cbiJdfQ==
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoib2lkYy5zZWN1cml0eS5jaGVjay1zZXNzaW9uLmpzIiwic291cmNlUm9vdCI6Im5nOi8vYW5ndWxhci1hdXRoLW9pZGMtY2xpZW50LyIsInNvdXJjZXMiOlsibGliL3NlcnZpY2VzL29pZGMuc2VjdXJpdHkuY2hlY2stc2Vzc2lvbi50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7O0FBQUEsT0FBTyxFQUFFLFVBQVUsRUFBRSxNQUFNLEVBQUUsTUFBTSxlQUFlLENBQUM7QUFDbkQsT0FBTyxFQUFFLElBQUksRUFBRSxVQUFVLEVBQVksT0FBTyxFQUFFLE1BQU0sTUFBTSxDQUFDO0FBQzNELE9BQU8sRUFBRSxJQUFJLEVBQUUsTUFBTSxnQkFBZ0IsQ0FBQztBQUN0QyxPQUFPLEVBQUUscUJBQXFCLEVBQUUsTUFBTSwrQkFBK0IsQ0FBQztBQUN0RSxPQUFPLEVBQUUsYUFBYSxFQUFFLE1BQU0sMkJBQTJCLENBQUM7QUFDMUQsT0FBTyxFQUFFLGFBQWEsRUFBRSxNQUFNLHVCQUF1QixDQUFDO0FBQ3RELE9BQU8sRUFBRSxrQkFBa0IsRUFBRSxNQUFNLHdCQUF3QixDQUFDOztJQUV0RCxtQ0FBbUMsR0FBRyx5QkFBeUI7O0FBSXJFO0lBZUksa0NBQ1ksa0JBQXNDLEVBQ3RDLGFBQTRCLEVBQzVCLGFBQTRCLEVBQzVCLElBQVksRUFDSCxxQkFBNEM7UUFKckQsdUJBQWtCLEdBQWxCLGtCQUFrQixDQUFvQjtRQUN0QyxrQkFBYSxHQUFiLGFBQWEsQ0FBZTtRQUM1QixrQkFBYSxHQUFiLGFBQWEsQ0FBZTtRQUM1QixTQUFJLEdBQUosSUFBSSxDQUFRO1FBQ0gsMEJBQXFCLEdBQXJCLHFCQUFxQixDQUF1QjtRQWZ6RCxzQkFBaUIsR0FBRyxDQUFDLENBQUM7UUFDdEIsd0JBQW1CLEdBQUcsQ0FBQyxDQUFDO1FBQ3hCLHNCQUFpQixHQUFHLElBQUksQ0FBQztRQUN6QiwwQkFBcUIsR0FBRyxLQUFLLENBQUM7UUFDOUIsd0JBQW1CLEdBQUcsSUFBSSxPQUFPLEVBQU8sQ0FBQztJQVk5QyxDQUFDO0lBVkosc0JBQVcsMkRBQXFCOzs7O1FBQWhDO1lBQ0ksT0FBTyxJQUFJLENBQUMsbUJBQW1CLENBQUMsWUFBWSxFQUFFLENBQUM7UUFDbkQsQ0FBQzs7O09BQUE7Ozs7O0lBVU8sbURBQWdCOzs7O0lBQXhCOztZQUNVLGNBQWMsR0FBRyxJQUFJLENBQUMsYUFBYSxDQUFDLGlCQUFpQixDQUFDLG1DQUFtQyxDQUFDO1FBRWhHLElBQUksQ0FBQyxjQUFjLEVBQUU7WUFDakIsT0FBTyxLQUFLLENBQUM7U0FDaEI7UUFFRCxJQUFJLENBQUMsYUFBYSxHQUFHLGNBQWMsQ0FBQztRQUNwQyxPQUFPLElBQUksQ0FBQztJQUNoQixDQUFDOzs7OztJQUVPLHVDQUFJOzs7O0lBQVo7UUFBQSxpQkE2QkM7UUE1QkcsSUFBSSxJQUFJLENBQUMsaUJBQWlCLEdBQUcsSUFBSSxDQUFDLHFCQUFxQixHQUFHLElBQUksQ0FBQyxHQUFHLEVBQUUsRUFBRTtZQUNsRSxPQUFPLElBQUksQ0FBQyxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUM7U0FDdkI7UUFFRCxJQUFJLENBQUMsSUFBSSxDQUFDLGdCQUFnQixFQUFFLEVBQUU7WUFDMUIsSUFBSSxDQUFDLGFBQWEsR0FBRyxJQUFJLENBQUMsYUFBYSxDQUFDLHFCQUFxQixDQUFDLG1DQUFtQyxDQUFDLENBQUM7WUFDbkcsSUFBSSxDQUFDLGtCQUFrQixHQUFHLElBQUksQ0FBQyxjQUFjLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDO1lBQ3pELE1BQU0sQ0FBQyxnQkFBZ0IsQ0FBQyxTQUFTLEVBQUUsSUFBSSxDQUFDLGtCQUFrQixFQUFFLEtBQUssQ0FBQyxDQUFDO1NBQ3RFO1FBRUQsSUFBSSxDQUFDLElBQUksQ0FBQyxxQkFBcUIsQ0FBQyxrQkFBa0IsRUFBRTtZQUNoRCxJQUFJLENBQUMsYUFBYSxDQUFDLFVBQVUsQ0FBQyxxRUFBcUUsQ0FBQyxDQUFDO1lBQ3JHLE9BQU87U0FDVjtRQUVELElBQUksSUFBSSxDQUFDLHFCQUFxQixDQUFDLGtCQUFrQixDQUFDLG9CQUFvQixFQUFFO1lBQ3BFLElBQUksQ0FBQyxhQUFhLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLHFCQUFxQixDQUFDLGtCQUFrQixDQUFDLG9CQUFvQixDQUFDLENBQUM7U0FDekg7YUFBTTtZQUNILElBQUksQ0FBQyxhQUFhLENBQUMsVUFBVSxDQUFDLHlEQUF5RCxDQUFDLENBQUM7U0FDNUY7UUFFRCxPQUFPLFVBQVUsQ0FBQyxNQUFNOzs7O1FBQUMsVUFBQyxRQUE0QztZQUNsRSxLQUFJLENBQUMsYUFBYSxDQUFDLE1BQU07OztZQUFHO2dCQUN4QixLQUFJLENBQUMsaUJBQWlCLEdBQUcsSUFBSSxDQUFDLEdBQUcsRUFBRSxDQUFDO2dCQUNwQyxRQUFRLENBQUMsSUFBSSxDQUFDLEtBQUksQ0FBQyxDQUFDO2dCQUNwQixRQUFRLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDeEIsQ0FBQyxDQUFBLENBQUM7UUFDTixDQUFDLEVBQUMsQ0FBQztJQUNQLENBQUM7Ozs7O0lBRUQsdURBQW9COzs7O0lBQXBCLFVBQXFCLFFBQWdCO1FBQ2pDLElBQUksSUFBSSxDQUFDLGtCQUFrQixFQUFFO1lBQ3pCLE9BQU87U0FDVjtRQUVELElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxRQUFRLENBQUMsQ0FBQztJQUNyQyxDQUFDOzs7O0lBRUQsc0RBQW1COzs7SUFBbkI7UUFDSSxJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFrQixFQUFFO1lBQzFCLE9BQU87U0FDVjtRQUVELElBQUksQ0FBQyx1QkFBdUIsRUFBRSxDQUFDO0lBQ25DLENBQUM7Ozs7OztJQUVPLG9EQUFpQjs7Ozs7SUFBekIsVUFBMEIsUUFBZ0I7UUFBMUMsaUJBMkNDOztZQTFDUyxzQkFBc0I7OztRQUFHO1lBQzNCLEtBQUksQ0FBQyxJQUFJLEVBQUU7aUJBQ04sSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQztpQkFDYixTQUFTOzs7WUFBQztnQkFDUCxJQUFJLEtBQUksQ0FBQyxhQUFhLElBQUksUUFBUSxFQUFFO29CQUNoQyxLQUFJLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxLQUFJLENBQUMsYUFBYSxDQUFDLENBQUM7O3dCQUMxQyxZQUFZLEdBQUcsS0FBSSxDQUFDLGtCQUFrQixDQUFDLFlBQVk7b0JBQ3pELElBQUksWUFBWSxFQUFFO3dCQUNkLEtBQUksQ0FBQyxtQkFBbUIsRUFBRSxDQUFDO3dCQUMzQixLQUFJLENBQUMsYUFBYSxDQUFDLGFBQWEsQ0FBQyxXQUFXLENBQ3hDLFFBQVEsR0FBRyxHQUFHLEdBQUcsWUFBWSxFQUM3QixLQUFJLENBQUMscUJBQXFCLENBQUMsbUJBQW1CLENBQUMsU0FBUyxDQUMzRCxDQUFDO3FCQUNMO3lCQUFNO3dCQUNILEtBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLG1FQUFtRSxDQUFDLENBQUM7d0JBQ2pHLEtBQUksQ0FBQyxtQkFBbUIsQ0FBQyxJQUFJLEVBQUUsQ0FBQztxQkFDbkM7aUJBQ0o7cUJBQU07b0JBQ0gsS0FBSSxDQUFDLGFBQWEsQ0FBQyxVQUFVLENBQUMseUVBQXlFLENBQUMsQ0FBQztvQkFDekcsS0FBSSxDQUFDLGFBQWEsQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDLENBQUM7b0JBQ3RDLEtBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLEtBQUksQ0FBQyxhQUFhLENBQUMsQ0FBQztvQkFDaEQsZUFBZTtpQkFDbEI7Z0JBRUQsdURBQXVEO2dCQUN2RCxJQUFJLEtBQUksQ0FBQyxtQkFBbUIsR0FBRyxDQUFDLEVBQUU7b0JBQzlCLEtBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUN2QixnSUFDd0IsS0FBSSxDQUFDLG1CQUFtQiwwQkFBdUIsQ0FDMUUsQ0FBQztvQkFDRixLQUFJLENBQUMsbUJBQW1CLENBQUMsSUFBSSxFQUFFLENBQUM7aUJBQ25DO2dCQUVELEtBQUksQ0FBQyxrQkFBa0IsR0FBRyxVQUFVLENBQUMsc0JBQXNCLEVBQUUsS0FBSSxDQUFDLGlCQUFpQixDQUFDLENBQUM7WUFDekYsQ0FBQyxFQUFDLENBQUM7UUFDWCxDQUFDLENBQUE7UUFFRCxJQUFJLENBQUMsbUJBQW1CLEdBQUcsQ0FBQyxDQUFDO1FBRTdCLElBQUksQ0FBQyxJQUFJLENBQUMsaUJBQWlCOzs7UUFBQztZQUN4QixLQUFJLENBQUMsa0JBQWtCLEdBQUcsVUFBVSxDQUFDLHNCQUFzQixFQUFFLEtBQUksQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO1FBQ3pGLENBQUMsRUFBQyxDQUFDO0lBQ1AsQ0FBQzs7Ozs7SUFDTywwREFBdUI7Ozs7SUFBL0I7UUFDSSxZQUFZLENBQUMsSUFBSSxDQUFDLGtCQUFrQixDQUFDLENBQUM7UUFDdEMsSUFBSSxDQUFDLGtCQUFrQixHQUFHLElBQUksQ0FBQztJQUNuQyxDQUFDOzs7Ozs7SUFFTyxpREFBYzs7Ozs7SUFBdEIsVUFBdUIsQ0FBTTtRQUN6QixJQUFJLENBQUMsbUJBQW1CLEdBQUcsQ0FBQyxDQUFDO1FBQzdCLElBQ0ksSUFBSSxDQUFDLGFBQWE7WUFDbEIsSUFBSSxDQUFDLHFCQUFxQixDQUFDLG1CQUFtQixDQUFDLFNBQVMsQ0FBQyxVQUFVLENBQUMsQ0FBQyxDQUFDLE1BQU0sQ0FBQztZQUM3RSxDQUFDLENBQUMsTUFBTSxLQUFLLElBQUksQ0FBQyxhQUFhLENBQUMsYUFBYSxFQUMvQztZQUNFLElBQUksQ0FBQyxDQUFDLElBQUksS0FBSyxPQUFPLEVBQUU7Z0JBQ3BCLElBQUksQ0FBQyxhQUFhLENBQUMsVUFBVSxDQUFDLHdDQUF3QyxDQUFDLENBQUM7YUFDM0U7aUJBQU0sSUFBSSxDQUFDLENBQUMsSUFBSSxLQUFLLFNBQVMsRUFBRTtnQkFDN0IsSUFBSSxDQUFDLG1CQUFtQixDQUFDLElBQUksRUFBRSxDQUFDO2FBQ25DO2lCQUFNO2dCQUNILElBQUksQ0FBQyxhQUFhLENBQUMsUUFBUSxDQUFDLENBQUMsQ0FBQyxJQUFJLEdBQUcsbUNBQW1DLENBQUMsQ0FBQzthQUM3RTtTQUNKO0lBQ0wsQ0FBQzs7Z0JBakpKLFVBQVU7Ozs7Z0JBTkYsa0JBQWtCO2dCQURsQixhQUFhO2dCQURiLGFBQWE7Z0JBSkQsTUFBTTtnQkFHbEIscUJBQXFCOztJQTJKOUIsK0JBQUM7Q0FBQSxBQWxKRCxJQWtKQztTQWpKWSx3QkFBd0I7Ozs7OztJQUNqQyxpREFBMkI7Ozs7O0lBQzNCLHNEQUFnQzs7Ozs7SUFDaEMsc0RBQWdDOzs7OztJQUNoQyxxREFBOEI7Ozs7O0lBQzlCLHVEQUFnQzs7Ozs7SUFDaEMscURBQWlDOzs7OztJQUNqQyx5REFBc0M7Ozs7O0lBQ3RDLHVEQUFpRDs7Ozs7SUFPN0Msc0RBQThDOzs7OztJQUM5QyxpREFBb0M7Ozs7O0lBQ3BDLGlEQUFvQzs7Ozs7SUFDcEMsd0NBQW9COzs7OztJQUNwQix5REFBNkQiLCJzb3VyY2VzQ29udGVudCI6WyJpbXBvcnQgeyBJbmplY3RhYmxlLCBOZ1pvbmUgfSBmcm9tICdAYW5ndWxhci9jb3JlJztcbmltcG9ydCB7IGZyb20sIE9ic2VydmFibGUsIE9ic2VydmVyLCBTdWJqZWN0IH0gZnJvbSAncnhqcyc7XG5pbXBvcnQgeyB0YWtlIH0gZnJvbSAncnhqcy9vcGVyYXRvcnMnO1xuaW1wb3J0IHsgQ29uZmlndXJhdGlvblByb3ZpZGVyIH0gZnJvbSAnLi9hdXRoLWNvbmZpZ3VyYXRpb24ucHJvdmlkZXInO1xuaW1wb3J0IHsgSUZyYW1lU2VydmljZSB9IGZyb20gJy4vZXhpc3RpbmctaWZyYW1lLnNlcnZpY2UnO1xuaW1wb3J0IHsgTG9nZ2VyU2VydmljZSB9IGZyb20gJy4vb2lkYy5sb2dnZXIuc2VydmljZSc7XG5pbXBvcnQgeyBPaWRjU2VjdXJpdHlDb21tb24gfSBmcm9tICcuL29pZGMuc2VjdXJpdHkuY29tbW9uJztcblxuY29uc3QgSUZSQU1FX0ZPUl9DSEVDS19TRVNTSU9OX0lERU5USUZJRVIgPSAnbXlpRnJhbWVGb3JDaGVja1Nlc3Npb24nO1xuXG4vLyBodHRwOi8vb3BlbmlkLm5ldC9zcGVjcy9vcGVuaWQtY29ubmVjdC1zZXNzaW9uLTFfMC1JRDQuaHRtbFxuXG5ASW5qZWN0YWJsZSgpXG5leHBvcnQgY2xhc3MgT2lkY1NlY3VyaXR5Q2hlY2tTZXNzaW9uIHtcbiAgICBwcml2YXRlIHNlc3Npb25JZnJhbWU6IGFueTtcbiAgICBwcml2YXRlIGlmcmFtZU1lc3NhZ2VFdmVudDogYW55O1xuICAgIHByaXZhdGUgc2NoZWR1bGVkSGVhcnRCZWF0OiBhbnk7XG4gICAgcHJpdmF0ZSBsYXN0SUZyYW1lUmVmcmVzaCA9IDA7XG4gICAgcHJpdmF0ZSBvdXRzdGFuZGluZ01lc3NhZ2VzID0gMDtcbiAgICBwcml2YXRlIGhlYXJ0QmVhdEludGVydmFsID0gMzAwMDtcbiAgICBwcml2YXRlIGlmcmFtZVJlZnJlc2hJbnRlcnZhbCA9IDYwMDAwO1xuICAgIHByaXZhdGUgY2hlY2tTZXNzaW9uQ2hhbmdlZCA9IG5ldyBTdWJqZWN0PGFueT4oKTtcblxuICAgIHB1YmxpYyBnZXQgb25DaGVja1Nlc3Npb25DaGFuZ2VkKCk6IE9ic2VydmFibGU8YW55PiB7XG4gICAgICAgIHJldHVybiB0aGlzLmNoZWNrU2Vzc2lvbkNoYW5nZWQuYXNPYnNlcnZhYmxlKCk7XG4gICAgfVxuXG4gICAgY29uc3RydWN0b3IoXG4gICAgICAgIHByaXZhdGUgb2lkY1NlY3VyaXR5Q29tbW9uOiBPaWRjU2VjdXJpdHlDb21tb24sXG4gICAgICAgIHByaXZhdGUgbG9nZ2VyU2VydmljZTogTG9nZ2VyU2VydmljZSxcbiAgICAgICAgcHJpdmF0ZSBpRnJhbWVTZXJ2aWNlOiBJRnJhbWVTZXJ2aWNlLFxuICAgICAgICBwcml2YXRlIHpvbmU6IE5nWm9uZSxcbiAgICAgICAgcHJpdmF0ZSByZWFkb25seSBjb25maWd1cmF0aW9uUHJvdmlkZXI6IENvbmZpZ3VyYXRpb25Qcm92aWRlclxuICAgICkge31cblxuICAgIHByaXZhdGUgZG9lc1Nlc3Npb25FeGlzdCgpOiBib29sZWFuIHtcbiAgICAgICAgY29uc3QgZXhpc3RpbmdJRnJhbWUgPSB0aGlzLmlGcmFtZVNlcnZpY2UuZ2V0RXhpc3RpbmdJRnJhbWUoSUZSQU1FX0ZPUl9DSEVDS19TRVNTSU9OX0lERU5USUZJRVIpO1xuXG4gICAgICAgIGlmICghZXhpc3RpbmdJRnJhbWUpIHtcbiAgICAgICAgICAgIHJldHVybiBmYWxzZTtcbiAgICAgICAgfVxuXG4gICAgICAgIHRoaXMuc2Vzc2lvbklmcmFtZSA9IGV4aXN0aW5nSUZyYW1lO1xuICAgICAgICByZXR1cm4gdHJ1ZTtcbiAgICB9XG5cbiAgICBwcml2YXRlIGluaXQoKSB7XG4gICAgICAgIGlmICh0aGlzLmxhc3RJRnJhbWVSZWZyZXNoICsgdGhpcy5pZnJhbWVSZWZyZXNoSW50ZXJ2YWwgPiBEYXRlLm5vdygpKSB7XG4gICAgICAgICAgICByZXR1cm4gZnJvbShbdGhpc10pO1xuICAgICAgICB9XG5cbiAgICAgICAgaWYgKCF0aGlzLmRvZXNTZXNzaW9uRXhpc3QoKSkge1xuICAgICAgICAgICAgdGhpcy5zZXNzaW9uSWZyYW1lID0gdGhpcy5pRnJhbWVTZXJ2aWNlLmFkZElGcmFtZVRvV2luZG93Qm9keShJRlJBTUVfRk9SX0NIRUNLX1NFU1NJT05fSURFTlRJRklFUik7XG4gICAgICAgICAgICB0aGlzLmlmcmFtZU1lc3NhZ2VFdmVudCA9IHRoaXMubWVzc2FnZUhhbmRsZXIuYmluZCh0aGlzKTtcbiAgICAgICAgICAgIHdpbmRvdy5hZGRFdmVudExpc3RlbmVyKCdtZXNzYWdlJywgdGhpcy5pZnJhbWVNZXNzYWdlRXZlbnQsIGZhbHNlKTtcbiAgICAgICAgfVxuXG4gICAgICAgIGlmICghdGhpcy5jb25maWd1cmF0aW9uUHJvdmlkZXIud2VsbEtub3duRW5kcG9pbnRzKSB7XG4gICAgICAgICAgICB0aGlzLmxvZ2dlclNlcnZpY2UubG9nV2FybmluZygnaW5pdCBjaGVjayBzZXNzaW9uOiBhdXRoV2VsbEtub3duRW5kcG9pbnRzIGlzIHVuZGVmaW5lZC4gUmV0dXJuaW5nLicpO1xuICAgICAgICAgICAgcmV0dXJuO1xuICAgICAgICB9XG5cbiAgICAgICAgaWYgKHRoaXMuY29uZmlndXJhdGlvblByb3ZpZGVyLndlbGxLbm93bkVuZHBvaW50cy5jaGVja19zZXNzaW9uX2lmcmFtZSkge1xuICAgICAgICAgICAgdGhpcy5zZXNzaW9uSWZyYW1lLmNvbnRlbnRXaW5kb3cubG9jYXRpb24ucmVwbGFjZSh0aGlzLmNvbmZpZ3VyYXRpb25Qcm92aWRlci53ZWxsS25vd25FbmRwb2ludHMuY2hlY2tfc2Vzc2lvbl9pZnJhbWUpO1xuICAgICAgICB9IGVsc2Uge1xuICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ1dhcm5pbmcoJ2luaXQgY2hlY2sgc2Vzc2lvbjogYXV0aFdlbGxLbm93bkVuZHBvaW50cyBpcyB1bmRlZmluZWQnKTtcbiAgICAgICAgfVxuXG4gICAgICAgIHJldHVybiBPYnNlcnZhYmxlLmNyZWF0ZSgob2JzZXJ2ZXI6IE9ic2VydmVyPE9pZGNTZWN1cml0eUNoZWNrU2Vzc2lvbj4pID0+IHtcbiAgICAgICAgICAgIHRoaXMuc2Vzc2lvbklmcmFtZS5vbmxvYWQgPSAoKSA9PiB7XG4gICAgICAgICAgICAgICAgdGhpcy5sYXN0SUZyYW1lUmVmcmVzaCA9IERhdGUubm93KCk7XG4gICAgICAgICAgICAgICAgb2JzZXJ2ZXIubmV4dCh0aGlzKTtcbiAgICAgICAgICAgICAgICBvYnNlcnZlci5jb21wbGV0ZSgpO1xuICAgICAgICAgICAgfTtcbiAgICAgICAgfSk7XG4gICAgfVxuXG4gICAgc3RhcnRDaGVja2luZ1Nlc3Npb24oY2xpZW50SWQ6IHN0cmluZyk6IHZvaWQge1xuICAgICAgICBpZiAodGhpcy5zY2hlZHVsZWRIZWFydEJlYXQpIHtcbiAgICAgICAgICAgIHJldHVybjtcbiAgICAgICAgfVxuXG4gICAgICAgIHRoaXMucG9sbFNlcnZlclNlc3Npb24oY2xpZW50SWQpO1xuICAgIH1cblxuICAgIHN0b3BDaGVja2luZ1Nlc3Npb24oKTogdm9pZCB7XG4gICAgICAgIGlmICghdGhpcy5zY2hlZHVsZWRIZWFydEJlYXQpIHtcbiAgICAgICAgICAgIHJldHVybjtcbiAgICAgICAgfVxuXG4gICAgICAgIHRoaXMuY2xlYXJTY2hlZHVsZWRIZWFydEJlYXQoKTtcbiAgICB9XG5cbiAgICBwcml2YXRlIHBvbGxTZXJ2ZXJTZXNzaW9uKGNsaWVudElkOiBzdHJpbmcpIHtcbiAgICAgICAgY29uc3QgcG9sbFNlcnZlclNlc3Npb25SZWN1ciA9ICgpID0+IHtcbiAgICAgICAgICAgIHRoaXMuaW5pdCgpXG4gICAgICAgICAgICAgICAgLnBpcGUodGFrZSgxKSlcbiAgICAgICAgICAgICAgICAuc3Vic2NyaWJlKCgpID0+IHtcbiAgICAgICAgICAgICAgICAgICAgaWYgKHRoaXMuc2Vzc2lvbklmcmFtZSAmJiBjbGllbnRJZCkge1xuICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ0RlYnVnKHRoaXMuc2Vzc2lvbklmcmFtZSk7XG4gICAgICAgICAgICAgICAgICAgICAgICBjb25zdCBzZXNzaW9uU3RhdGUgPSB0aGlzLm9pZGNTZWN1cml0eUNvbW1vbi5zZXNzaW9uU3RhdGU7XG4gICAgICAgICAgICAgICAgICAgICAgICBpZiAoc2Vzc2lvblN0YXRlKSB7XG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5vdXRzdGFuZGluZ01lc3NhZ2VzKys7XG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5zZXNzaW9uSWZyYW1lLmNvbnRlbnRXaW5kb3cucG9zdE1lc3NhZ2UoXG4gICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgIGNsaWVudElkICsgJyAnICsgc2Vzc2lvblN0YXRlLFxuICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICB0aGlzLmNvbmZpZ3VyYXRpb25Qcm92aWRlci5vcGVuSURDb25maWd1cmF0aW9uLnN0c1NlcnZlclxuICAgICAgICAgICAgICAgICAgICAgICAgICAgICk7XG4gICAgICAgICAgICAgICAgICAgICAgICB9IGVsc2Uge1xuICAgICAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMubG9nZ2VyU2VydmljZS5sb2dEZWJ1ZygnT2lkY1NlY3VyaXR5Q2hlY2tTZXNzaW9uIHBvbGxTZXJ2ZXJTZXNzaW9uIHNlc3Npb25fc3RhdGUgaXMgYmxhbmsnKTtcbiAgICAgICAgICAgICAgICAgICAgICAgICAgICB0aGlzLmNoZWNrU2Vzc2lvbkNoYW5nZWQubmV4dCgpO1xuICAgICAgICAgICAgICAgICAgICAgICAgfVxuICAgICAgICAgICAgICAgICAgICB9IGVsc2Uge1xuICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ1dhcm5pbmcoJ09pZGNTZWN1cml0eUNoZWNrU2Vzc2lvbiBwb2xsU2VydmVyU2Vzc2lvbiBzZXNzaW9uSWZyYW1lIGRvZXMgbm90IGV4aXN0Jyk7XG4gICAgICAgICAgICAgICAgICAgICAgICB0aGlzLmxvZ2dlclNlcnZpY2UubG9nRGVidWcoY2xpZW50SWQpO1xuICAgICAgICAgICAgICAgICAgICAgICAgdGhpcy5sb2dnZXJTZXJ2aWNlLmxvZ0RlYnVnKHRoaXMuc2Vzc2lvbklmcmFtZSk7XG4gICAgICAgICAgICAgICAgICAgICAgICAvLyB0aGlzLmluaXQoKTtcbiAgICAgICAgICAgICAgICAgICAgfVxuXG4gICAgICAgICAgICAgICAgICAgIC8vIGFmdGVyIHNlbmRpbmcgdGhyZWUgbWVzc2FnZXMgd2l0aCBubyByZXNwb25zZSwgZmFpbC5cbiAgICAgICAgICAgICAgICAgICAgaWYgKHRoaXMub3V0c3RhbmRpbmdNZXNzYWdlcyA+IDMpIHtcbiAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMubG9nZ2VyU2VydmljZS5sb2dFcnJvcihcbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBgT2lkY1NlY3VyaXR5Q2hlY2tTZXNzaW9uIG5vdCByZWNlaXZpbmcgY2hlY2sgc2Vzc2lvbiByZXNwb25zZSBtZXNzYWdlcy5cbiAgICAgICAgICAgICAgICAgICAgICAgICAgICBPdXRzdGFuZGluZyBtZXNzYWdlczogJHt0aGlzLm91dHN0YW5kaW5nTWVzc2FnZXN9LiBTZXJ2ZXIgdW5yZWFjaGFibGU/YFxuICAgICAgICAgICAgICAgICAgICAgICAgKTtcbiAgICAgICAgICAgICAgICAgICAgICAgIHRoaXMuY2hlY2tTZXNzaW9uQ2hhbmdlZC5uZXh0KCk7XG4gICAgICAgICAgICAgICAgICAgIH1cblxuICAgICAgICAgICAgICAgICAgICB0aGlzLnNjaGVkdWxlZEhlYXJ0QmVhdCA9IHNldFRpbWVvdXQocG9sbFNlcnZlclNlc3Npb25SZWN1ciwgdGhpcy5oZWFydEJlYXRJbnRlcnZhbCk7XG4gICAgICAgICAgICAgICAgfSk7XG4gICAgICAgIH07XG5cbiAgICAgICAgdGhpcy5vdXRzdGFuZGluZ01lc3NhZ2VzID0gMDtcblxuICAgICAgICB0aGlzLnpvbmUucnVuT3V0c2lkZUFuZ3VsYXIoKCkgPT4ge1xuICAgICAgICAgICAgdGhpcy5zY2hlZHVsZWRIZWFydEJlYXQgPSBzZXRUaW1lb3V0KHBvbGxTZXJ2ZXJTZXNzaW9uUmVjdXIsIHRoaXMuaGVhcnRCZWF0SW50ZXJ2YWwpO1xuICAgICAgICB9KTtcbiAgICB9XG4gICAgcHJpdmF0ZSBjbGVhclNjaGVkdWxlZEhlYXJ0QmVhdCgpIHtcbiAgICAgICAgY2xlYXJUaW1lb3V0KHRoaXMuc2NoZWR1bGVkSGVhcnRCZWF0KTtcbiAgICAgICAgdGhpcy5zY2hlZHVsZWRIZWFydEJlYXQgPSBudWxsO1xuICAgIH1cblxuICAgIHByaXZhdGUgbWVzc2FnZUhhbmRsZXIoZTogYW55KSB7XG4gICAgICAgIHRoaXMub3V0c3RhbmRpbmdNZXNzYWdlcyA9IDA7XG4gICAgICAgIGlmIChcbiAgICAgICAgICAgIHRoaXMuc2Vzc2lvbklmcmFtZSAmJlxuICAgICAgICAgICAgdGhpcy5jb25maWd1cmF0aW9uUHJvdmlkZXIub3BlbklEQ29uZmlndXJhdGlvbi5zdHNTZXJ2ZXIuc3RhcnRzV2l0aChlLm9yaWdpbikgJiZcbiAgICAgICAgICAgIGUuc291cmNlID09PSB0aGlzLnNlc3Npb25JZnJhbWUuY29udGVudFdpbmRvd1xuICAgICAgICApIHtcbiAgICAgICAgICAgIGlmIChlLmRhdGEgPT09ICdlcnJvcicpIHtcbiAgICAgICAgICAgICAgICB0aGlzLmxvZ2dlclNlcnZpY2UubG9nV2FybmluZygnZXJyb3IgZnJvbSBjaGVja3Nlc3Npb24gbWVzc2FnZUhhbmRsZXInKTtcbiAgICAgICAgICAgIH0gZWxzZSBpZiAoZS5kYXRhID09PSAnY2hhbmdlZCcpIHtcbiAgICAgICAgICAgICAgICB0aGlzLmNoZWNrU2Vzc2lvbkNoYW5nZWQubmV4dCgpO1xuICAgICAgICAgICAgfSBlbHNlIHtcbiAgICAgICAgICAgICAgICB0aGlzLmxvZ2dlclNlcnZpY2UubG9nRGVidWcoZS5kYXRhICsgJyBmcm9tIGNoZWNrc2Vzc2lvbiBtZXNzYWdlSGFuZGxlcicpO1xuICAgICAgICAgICAgfVxuICAgICAgICB9XG4gICAgfVxufVxuIl19

package.json

@@ -31,3 +31,3 @@ {
   "license": "MIT",
-  "version": "10.0.14",
+  "version": "10.0.15",
   "description": "An OpenID Connect Code Flow with PKCE,Implicit Flow client for Angular",
@@ -34,0 +34,0 @@ "main": "bundles/angular-auth-oidc-client.umd.js",

README.md

@@ -42,3 +42,3 @@ # Angular Lib for OpenID Connect Code Flow with PKCE and Implicit Flow
 ```typescript
- "angular-auth-oidc-client": "^10.0.14"
+ "angular-auth-oidc-client": "^10.0.15"
 ```
@@ -45,0 +45,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

2206972

increased by0.18%

Lines of code

21527

increased by0.21%

No dependency changes