Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
keycloak-js
Advanced tools
keycloak-js - npm Package Compare versions
Comparing version 17.0.1 to 18.0.0
@@ -21,103 +21,114 @@ /* | ||
| */ | ||
| import * as Keycloak from './keycloak'; | ||
| import Keycloak from './keycloak'; | ||
| export as namespace KeycloakAuthorization; | ||
| export interface KeycloakAuthorizationPromise { | ||
| then(onGrant: (rpt: string) => void, onDeny: () => void, onError: () => void): void; | ||
| } | ||
| export = KeycloakAuthorization; | ||
| export interface AuthorizationRequest { | ||
| /** | ||
| * An array of objects representing the resource and scopes. | ||
| */ | ||
| permissions?:ResourcePermission[], | ||
| /** | ||
| * Creates a new Keycloak client instance. | ||
| * @param config Path to a JSON config file or a plain config object. | ||
| */ | ||
| declare function KeycloakAuthorization(keycloak: Keycloak.KeycloakInstance): KeycloakAuthorization.KeycloakAuthorizationInstance; | ||
| /** | ||
| * A permission ticket obtained from a resource server when using UMA authorization protocol. | ||
| */ | ||
| ticket?:string, | ||
| declare namespace KeycloakAuthorization { | ||
| interface KeycloakAuthorizationPromise { | ||
| then(onGrant: (rpt: string) => void, onDeny: () => void, onError: () => void): void; | ||
| } | ||
| /** | ||
| * A boolean value indicating whether the server should create permission requests to the resources | ||
| * and scopes referenced by a permission ticket. This parameter will only take effect when used together | ||
| * with the ticket parameter as part of a UMA authorization process. | ||
| */ | ||
| submitRequest?:boolean, | ||
| interface AuthorizationRequest { | ||
| /** | ||
| * An array of objects representing the resource and scopes. | ||
| */ | ||
| permissions?:ResourcePermission[], | ||
| /** | ||
| * Defines additional information about this authorization request in order to specify how it should be processed | ||
| * by the server. | ||
| */ | ||
| metadata?:AuthorizationRequestMetadata, | ||
| /** | ||
| * A permission ticket obtained from a resource server when using UMA authorization protocol. | ||
| */ | ||
| ticket?:string, | ||
| /** | ||
| * Defines whether or not this authorization request should include the current RPT. If set to true, the RPT will | ||
| * be sent and permissions in the current RPT will be included in the new RPT. Otherwise, only the permissions referenced in this | ||
| * authorization request will be granted in the new RPT. | ||
| */ | ||
| incrementalAuthorization?:boolean | ||
| } | ||
| /** | ||
| * A boolean value indicating whether the server should create permission requests to the resources | ||
| * and scopes referenced by a permission ticket. This parameter will only take effect when used together | ||
| * with the ticket parameter as part of a UMA authorization process. | ||
| */ | ||
| submitRequest?:boolean, | ||
| export interface AuthorizationRequestMetadata { | ||
| /** | ||
| * A boolean value indicating to the server if resource names should be included in the RPT’s permissions. | ||
| * If false, only the resource identifier is included. | ||
| */ | ||
| responseIncludeResourceName?:any, | ||
| /** | ||
| * Defines additional information about this authorization request in order to specify how it should be processed | ||
| * by the server. | ||
| */ | ||
| metadata?:AuthorizationRequestMetadata, | ||
| /** | ||
| * An integer N that defines a limit for the amount of permissions an RPT can have. When used together with | ||
| * rpt parameter, only the last N requested permissions will be kept in the RPT. | ||
| */ | ||
| response_permissions_limit?:number | ||
| } | ||
| /** | ||
| * Defines whether or not this authorization request should include the current RPT. If set to true, the RPT will | ||
| * be sent and permissions in the current RPT will be included in the new RPT. Otherwise, only the permissions referenced in this | ||
| * authorization request will be granted in the new RPT. | ||
| */ | ||
| incrementalAuthorization?:boolean | ||
| } | ||
| export interface ResourcePermission { | ||
| /** | ||
| * The id or name of a resource. | ||
| */ | ||
| id:string, | ||
| interface AuthorizationRequestMetadata { | ||
| /** | ||
| * A boolean value indicating to the server if resource names should be included in the RPT’s permissions. | ||
| * If false, only the resource identifier is included. | ||
| */ | ||
| responseIncludeResourceName?:any, | ||
| /** | ||
| * An array of strings where each value is the name of a scope associated with the resource. | ||
| */ | ||
| scopes?:string[] | ||
| } | ||
| /** | ||
| * An integer N that defines a limit for the amount of permissions an RPT can have. When used together with | ||
| * rpt parameter, only the last N requested permissions will be kept in the RPT. | ||
| */ | ||
| response_permissions_limit?:number | ||
| } | ||
| /** | ||
| * @deprecated Instead of importing 'KeycloakAuthorizationInstance' you can import 'KeycloakAuthorization' directly as a type. | ||
| */ | ||
| export type KeycloakAuthorizationInstance = KeycloakAuthorization; | ||
| interface ResourcePermission { | ||
| /** | ||
| * The id or name of a resource. | ||
| */ | ||
| id:string, | ||
| /** | ||
| * @deprecated Construct a KeycloakAuthorization instance using the `new` keyword instead. | ||
| */ | ||
| declare function KeycloakAuthorization(keycloak: Keycloak): KeycloakAuthorization; | ||
| /** | ||
| * An array of strings where each value is the name of a scope associated with the resource. | ||
| */ | ||
| scopes?:string[] | ||
| } | ||
| declare class KeycloakAuthorization { | ||
| /** | ||
| * Creates a new Keycloak client instance. | ||
| * @param config Path to a JSON config file or a plain config object. | ||
| */ | ||
| constructor(keycloak: Keycloak) | ||
| interface KeycloakAuthorizationInstance { | ||
| rpt: any; | ||
| config: { rpt_endpoint: string }; | ||
| rpt: any; | ||
| config: { rpt_endpoint: string }; | ||
| init(): void; | ||
| init(): void; | ||
| /** | ||
| * This method enables client applications to better integrate with resource servers protected by a Keycloak | ||
| * policy enforcer using UMA protocol. | ||
| * | ||
| * The authorization request must be provided with a ticket. | ||
| * | ||
| * @param authorizationRequest An AuthorizationRequest instance with a valid permission ticket set. | ||
| * @returns A promise to set functions to be invoked on grant, deny or error. | ||
| */ | ||
| authorize(authorizationRequest: AuthorizationRequest): KeycloakAuthorizationPromise; | ||
| /** | ||
| * This method enables client applications to better integrate with resource servers protected by a Keycloak | ||
| * policy enforcer using UMA protocol. | ||
| * | ||
| * The authorization request must be provided with a ticket. | ||
| * | ||
| * @param authorizationRequest An AuthorizationRequest instance with a valid permission ticket set. | ||
| * @returns A promise to set functions to be invoked on grant, deny or error. | ||
| */ | ||
| authorize(authorizationRequest: AuthorizationRequest): KeycloakAuthorizationPromise; | ||
| /** | ||
| * Obtains all entitlements from a Keycloak server based on a given resourceServerId. | ||
| * | ||
| * @param resourceServerId The id (client id) of the resource server to obtain permissions from. | ||
| * @param authorizationRequest An AuthorizationRequest instance. | ||
| * @returns A promise to set functions to be invoked on grant, deny or error. | ||
| */ | ||
| entitlement(resourceServerId: string, authorizationRequest?: AuthorizationRequest): KeycloakAuthorizationPromise; | ||
| } | ||
| /** | ||
| * Obtains all entitlements from a Keycloak server based on a given resourceServerId. | ||
| * | ||
| * @param resourceServerId The id (client id) of the resource server to obtain permissions from. | ||
| * @param authorizationRequest An AuthorizationRequest instance. | ||
| * @returns A promise to set functions to be invoked on grant, deny or error. | ||
| */ | ||
| entitlement(resourceServerId: string, authorizationRequest?: AuthorizationRequest): KeycloakAuthorizationPromise; | ||
| } | ||
| export default KeycloakAuthorization; | ||
| /** | ||
| * @deprecated The 'KeycloakAuthorization' namespace is deprecated, use named imports instead. | ||
| */ | ||
| export as namespace KeycloakAuthorization; |
@@ -21,598 +21,627 @@ /* | ||
| */ | ||
| export as namespace Keycloak; | ||
| export type KeycloakOnLoad = 'login-required'|'check-sso'; | ||
| export type KeycloakResponseMode = 'query'|'fragment'; | ||
| export type KeycloakResponseType = 'code'|'id_token token'|'code id_token token'; | ||
| export type KeycloakFlow = 'standard'|'implicit'|'hybrid'; | ||
| export type KeycloakPkceMethod = 'S256'; | ||
| export = Keycloak; | ||
| export interface KeycloakConfig { | ||
| /** | ||
| * URL to the Keycloak server, for example: http://keycloak-server/auth | ||
| */ | ||
| url?: string; | ||
| /** | ||
| * Name of the realm, for example: 'myrealm' | ||
| */ | ||
| realm: string; | ||
| /** | ||
| * Client identifier, example: 'myapp' | ||
| */ | ||
| clientId: string; | ||
| } | ||
| /** | ||
| * Creates a new Keycloak client instance. | ||
| * @param config A configuration object or path to a JSON config file. | ||
| */ | ||
| declare function Keycloak(config?: Keycloak.KeycloakConfig | string): Keycloak.KeycloakInstance; | ||
| export interface Acr { | ||
| /** | ||
| * Array of values, which will be used inside ID Token `acr` claim sent inside the `claims` parameter to Keycloak server during login. | ||
| * Values should correspond to the ACR levels defined in the ACR to Loa mapping for realm or client or to the numbers (levels) inside defined | ||
| * Keycloak authentication flow. See section 5.5.1 of OIDC 1.0 specification for the details. | ||
| */ | ||
| values: string[]; | ||
| /** | ||
| * This parameter specifies if ACR claims is considered essential or not. | ||
| */ | ||
| essential: boolean; | ||
| } | ||
| declare namespace Keycloak { | ||
| type KeycloakOnLoad = 'login-required'|'check-sso'; | ||
| type KeycloakResponseMode = 'query'|'fragment'; | ||
| type KeycloakResponseType = 'code'|'id_token token'|'code id_token token'; | ||
| type KeycloakFlow = 'standard'|'implicit'|'hybrid'; | ||
| type KeycloakPkceMethod = 'S256'; | ||
| export interface KeycloakInitOptions { | ||
| /** | ||
| * Adds a [cryptographic nonce](https://en.wikipedia.org/wiki/Cryptographic_nonce) | ||
| * to verify that the authentication response matches the request. | ||
| * @default true | ||
| */ | ||
| useNonce?: boolean; | ||
| interface KeycloakConfig { | ||
| /** | ||
| * URL to the Keycloak server, for example: http://keycloak-server/auth | ||
| */ | ||
| url?: string; | ||
| /** | ||
| * Name of the realm, for example: 'myrealm' | ||
| */ | ||
| realm: string; | ||
| /** | ||
| * Client identifier, example: 'myapp' | ||
| */ | ||
| clientId: string; | ||
| } | ||
| /** | ||
| * | ||
| * Allow usage of different types of adapters or a custom adapter to make Keycloak work in different environments. | ||
| * | ||
| * The following options are supported: | ||
| * - `default` - Use default APIs that are available in browsers. | ||
| * - `cordova` - Use a WebView in Cordova. | ||
| * - `cordova-native` - Use Cordova native APIs, this is recommended over `cordova`. | ||
| * | ||
| * It's also possible to pass in a custom adapter for the environment you are running Keycloak in. In order to do so extend the `KeycloakAdapter` interface and implement the methods that are defined there. | ||
| * | ||
| * For example: | ||
| * | ||
| * ```ts | ||
| * import Keycloak, { KeycloakAdapter } from 'keycloak-js'; | ||
| * | ||
| * // Implement the 'KeycloakAdapter' interface so that all required methods are guaranteed to be present. | ||
| * const MyCustomAdapter: KeycloakAdapter = { | ||
| * login(options) { | ||
| * // Write your own implementation here. | ||
| * } | ||
| * | ||
| * // The other methods go here... | ||
| * }; | ||
| * | ||
| * const keycloak = new Keycloak(); | ||
| * | ||
| * keycloak.init({ | ||
| * adapter: MyCustomAdapter, | ||
| * }); | ||
| * ``` | ||
| */ | ||
| adapter?: 'default' | 'cordova' | 'cordova-native' | KeycloakAdapter; | ||
| /** | ||
| * Specifies an action to do on load. | ||
| */ | ||
| onLoad?: KeycloakOnLoad; | ||
| interface KeycloakInitOptions { | ||
| /** | ||
| * Adds a [cryptographic nonce](https://en.wikipedia.org/wiki/Cryptographic_nonce) | ||
| * to verify that the authentication response matches the request. | ||
| * @default true | ||
| */ | ||
| useNonce?: boolean; | ||
| /** | ||
| * Set an initial value for the token. | ||
| */ | ||
| token?: string; | ||
| /** | ||
| * | ||
| * Allow usage of different types of adapters or a custom adapter to make Keycloak work in different environments. | ||
| * | ||
| * The following options are supported: | ||
| * - `default` - Use default APIs that are available in browsers. | ||
| * - `cordova` - Use a WebView in Cordova. | ||
| * - `cordova-native` - Use Cordova native APIs, this is recommended over `cordova`. | ||
| * | ||
| * It's also possible to pass in a custom adapter for the environment you are running Keycloak in. In order to do so extend the `KeycloakAdapter` interface and implement the methods that are defined there. | ||
| * | ||
| * For example: | ||
| * | ||
| * ```ts | ||
| * import Keycloak, { KeycloakAdapter } from 'keycloak-js'; | ||
| * | ||
| * // Implement the 'KeycloakAdapter' interface so that all required methods are guaranteed to be present. | ||
| * const MyCustomAdapter: KeycloakAdapter = { | ||
| * login(options) { | ||
| * // Write your own implementation here. | ||
| * } | ||
| * | ||
| * // The other methods go here... | ||
| * }; | ||
| * | ||
| * const keycloak = new Keycloak(); | ||
| * | ||
| * keycloak.init({ | ||
| * adapter: MyCustomAdapter, | ||
| * }); | ||
| * ``` | ||
| */ | ||
| adapter?: 'default' | 'cordova' | 'cordova-native' | KeycloakAdapter; | ||
| /** | ||
| * Specifies an action to do on load. | ||
| */ | ||
| onLoad?: KeycloakOnLoad; | ||
| /** | ||
| * Set an initial value for the refresh token. | ||
| */ | ||
| refreshToken?: string; | ||
| /** | ||
| * Set an initial value for the token. | ||
| */ | ||
| token?: string; | ||
| /** | ||
| * Set an initial value for the id token (only together with `token` or | ||
| * `refreshToken`). | ||
| */ | ||
| idToken?: string; | ||
| /** | ||
| * Set an initial value for the refresh token. | ||
| */ | ||
| refreshToken?: string; | ||
| /** | ||
| * Set an initial value for skew between local time and Keycloak server in | ||
| * seconds (only together with `token` or `refreshToken`). | ||
| */ | ||
| timeSkew?: number; | ||
| /** | ||
| * Set an initial value for the id token (only together with `token` or | ||
| * `refreshToken`). | ||
| */ | ||
| idToken?: string; | ||
| /** | ||
| * Set to enable/disable monitoring login state. | ||
| * @default true | ||
| */ | ||
| checkLoginIframe?: boolean; | ||
| /** | ||
| * Set an initial value for skew between local time and Keycloak server in | ||
| * seconds (only together with `token` or `refreshToken`). | ||
| */ | ||
| timeSkew?: number; | ||
| /** | ||
| * Set the interval to check login state (in seconds). | ||
| * @default 5 | ||
| */ | ||
| checkLoginIframeInterval?: number; | ||
| /** | ||
| * Set to enable/disable monitoring login state. | ||
| * @default true | ||
| */ | ||
| checkLoginIframe?: boolean; | ||
| /** | ||
| * Set the OpenID Connect response mode to send to Keycloak upon login. | ||
| * @default fragment After successful authentication Keycloak will redirect | ||
| * to JavaScript application with OpenID Connect parameters | ||
| * added in URL fragment. This is generally safer and | ||
| * recommended over query. | ||
| */ | ||
| responseMode?: KeycloakResponseMode; | ||
| /** | ||
| * Set the interval to check login state (in seconds). | ||
| * @default 5 | ||
| */ | ||
| checkLoginIframeInterval?: number; | ||
| /** | ||
| * Specifies a default uri to redirect to after login or logout. | ||
| * This is currently supported for adapter 'cordova-native' and 'default' | ||
| */ | ||
| redirectUri?: string; | ||
| /** | ||
| * Set the OpenID Connect response mode to send to Keycloak upon login. | ||
| * @default fragment After successful authentication Keycloak will redirect | ||
| * to JavaScript application with OpenID Connect parameters | ||
| * added in URL fragment. This is generally safer and | ||
| * recommended over query. | ||
| */ | ||
| responseMode?: KeycloakResponseMode; | ||
| /** | ||
| * Specifies an uri to redirect to after silent check-sso. | ||
| * Silent check-sso will only happen, when this redirect uri is given and | ||
| * the specified uri is available whithin the application. | ||
| */ | ||
| silentCheckSsoRedirectUri?: string; | ||
| /** | ||
| * Specifies a default uri to redirect to after login or logout. | ||
| * This is currently supported for adapter 'cordova-native' and 'default' | ||
| */ | ||
| redirectUri?: string; | ||
| /** | ||
| * Specifies whether the silent check-sso should fallback to "non-silent" | ||
| * check-sso when 3rd party cookies are blocked by the browser. Defaults | ||
| * to true. | ||
| */ | ||
| silentCheckSsoFallback?: boolean; | ||
| /** | ||
| * Specifies an uri to redirect to after silent check-sso. | ||
| * Silent check-sso will only happen, when this redirect uri is given and | ||
| * the specified uri is available whithin the application. | ||
| */ | ||
| silentCheckSsoRedirectUri?: string; | ||
| /** | ||
| * Set the OpenID Connect flow. | ||
| * @default standard | ||
| */ | ||
| flow?: KeycloakFlow; | ||
| /** | ||
| * Specifies whether the silent check-sso should fallback to "non-silent" | ||
| * check-sso when 3rd party cookies are blocked by the browser. Defaults | ||
| * to true. | ||
| */ | ||
| silentCheckSsoFallback?: boolean; | ||
| /** | ||
| * Configures the Proof Key for Code Exchange (PKCE) method to use. | ||
| * The currently allowed method is 'S256'. | ||
| * If not configured, PKCE will not be used. | ||
| */ | ||
| pkceMethod?: KeycloakPkceMethod; | ||
| /** | ||
| * Set the OpenID Connect flow. | ||
| * @default standard | ||
| */ | ||
| flow?: KeycloakFlow; | ||
| /** | ||
| * Enables logging messages from Keycloak to the console. | ||
| * @default false | ||
| */ | ||
| enableLogging?: boolean | ||
| /** | ||
| * Configures the Proof Key for Code Exchange (PKCE) method to use. | ||
| * The currently allowed method is 'S256'. | ||
| * If not configured, PKCE will not be used. | ||
| */ | ||
| pkceMethod?: KeycloakPkceMethod; | ||
| /** | ||
| * Configures how long will Keycloak adapter wait for receiving messages from server in ms. This is used, | ||
| * for example, when waiting for response of 3rd party cookies check. | ||
| * | ||
| * @default 10000 | ||
| */ | ||
| messageReceiveTimeout?: number | ||
| } | ||
| /** | ||
| * Enables logging messages from Keycloak to the console. | ||
| * @default false | ||
| */ | ||
| enableLogging?: boolean | ||
| export interface KeycloakLoginOptions { | ||
| /** | ||
| * Specifies the scope parameter for the login url | ||
| * The scope 'openid' will be added to the scope if it is missing or undefined. | ||
| */ | ||
| scope?: string; | ||
| /** | ||
| * Configures how long will Keycloak adapter wait for receiving messages from server in ms. This is used, | ||
| * for example, when waiting for response of 3rd party cookies check. | ||
| * | ||
| * @default 10000 | ||
| */ | ||
| messageReceiveTimeout?: number | ||
| } | ||
| /** | ||
| * Specifies the uri to redirect to after login. | ||
| */ | ||
| redirectUri?: string; | ||
| interface KeycloakLoginOptions { | ||
| /** | ||
| * Specifies the scope parameter for the login url | ||
| * The scope 'openid' will be added to the scope if it is missing or undefined. | ||
| */ | ||
| scope?: string; | ||
| /** | ||
| * By default the login screen is displayed if the user is not logged into | ||
| * Keycloak. To only authenticate to the application if the user is already | ||
| * logged in and not display the login page if the user is not logged in, set | ||
| * this option to `'none'`. To always require re-authentication and ignore | ||
| * SSO, set this option to `'login'`. | ||
| */ | ||
| prompt?: 'none'|'login'; | ||
| /** | ||
| * Specifies the uri to redirect to after login. | ||
| */ | ||
| redirectUri?: string; | ||
| /** | ||
| * If value is `'register'` then user is redirected to registration page, | ||
| * otherwise to login page. | ||
| */ | ||
| action?: string; | ||
| /** | ||
| * By default the login screen is displayed if the user is not logged into | ||
| * Keycloak. To only authenticate to the application if the user is already | ||
| * logged in and not display the login page if the user is not logged in, set | ||
| * this option to `'none'`. To always require re-authentication and ignore | ||
| * SSO, set this option to `'login'`. | ||
| */ | ||
| prompt?: 'none'|'login'; | ||
| /** | ||
| * Used just if user is already authenticated. Specifies maximum time since | ||
| * the authentication of user happened. If user is already authenticated for | ||
| * longer time than `'maxAge'`, the SSO is ignored and he will need to | ||
| * authenticate again. | ||
| */ | ||
| maxAge?: number; | ||
| /** | ||
| * If value is `'register'` then user is redirected to registration page, | ||
| * otherwise to login page. | ||
| */ | ||
| action?: string; | ||
| /** | ||
| * Used to pre-fill the username/email field on the login form. | ||
| */ | ||
| loginHint?: string; | ||
| /** | ||
| * Used just if user is already authenticated. Specifies maximum time since | ||
| * the authentication of user happened. If user is already authenticated for | ||
| * longer time than `'maxAge'`, the SSO is ignored and he will need to | ||
| * authenticate again. | ||
| */ | ||
| maxAge?: number; | ||
| /** | ||
| * Sets the `acr` claim of the ID token sent inside the `claims` parameter. See section 5.5.1 of the OIDC 1.0 specification. | ||
| */ | ||
| acr?: Acr; | ||
| /** | ||
| * Used to pre-fill the username/email field on the login form. | ||
| */ | ||
| loginHint?: string; | ||
| /** | ||
| * Used to tell Keycloak which IDP the user wants to authenticate with. | ||
| */ | ||
| idpHint?: string; | ||
| /** | ||
| * Used to tell Keycloak which IDP the user wants to authenticate with. | ||
| */ | ||
| idpHint?: string; | ||
| /** | ||
| * Sets the 'ui_locales' query param in compliance with section 3.1.2.1 | ||
| * of the OIDC 1.0 specification. | ||
| */ | ||
| locale?: string; | ||
| /** | ||
| * Sets the 'ui_locales' query param in compliance with section 3.1.2.1 | ||
| * of the OIDC 1.0 specification. | ||
| */ | ||
| locale?: string; | ||
| /** | ||
| * Specifies arguments that are passed to the Cordova in-app-browser (if applicable). | ||
| * Options 'hidden' and 'location' are not affected by these arguments. | ||
| * All available options are defined at https://cordova.apache.org/docs/en/latest/reference/cordova-plugin-inappbrowser/. | ||
| * Example of use: { zoom: "no", hardwareback: "yes" } | ||
| */ | ||
| cordovaOptions?: { [optionName: string]: string }; | ||
| } | ||
| /** | ||
| * Specifies arguments that are passed to the Cordova in-app-browser (if applicable). | ||
| * Options 'hidden' and 'location' are not affected by these arguments. | ||
| * All available options are defined at https://cordova.apache.org/docs/en/latest/reference/cordova-plugin-inappbrowser/. | ||
| * Example of use: { zoom: "no", hardwareback: "yes" } | ||
| */ | ||
| cordovaOptions?: { [optionName: string]: string }; | ||
| } | ||
| export interface KeycloakLogoutOptions { | ||
| /** | ||
| * Specifies the uri to redirect to after logout. | ||
| */ | ||
| redirectUri?: string; | ||
| } | ||
| interface KeycloakLogoutOptions { | ||
| /** | ||
| * Specifies the uri to redirect to after logout. | ||
| */ | ||
| redirectUri?: string; | ||
| } | ||
| export interface KeycloakRegisterOptions extends Omit<KeycloakLoginOptions, 'action'> { } | ||
| interface KeycloakRegisterOptions extends Omit<KeycloakLoginOptions, 'action'> { } | ||
| interface KeycloakAccountOptions { | ||
| /** | ||
| * Specifies the uri to redirect to when redirecting back to the application. | ||
| */ | ||
| redirectUri?: string; | ||
| } | ||
| export interface KeycloakAccountOptions { | ||
| /** | ||
| * Specifies the uri to redirect to when redirecting back to the application. | ||
| */ | ||
| redirectUri?: string; | ||
| } | ||
| type KeycloakPromiseCallback<T> = (result: T) => void; | ||
| export type KeycloakPromiseCallback<T> = (result: T) => void; | ||
| interface KeycloakPromise<TSuccess, TError> extends Promise<TSuccess> { | ||
| /** | ||
| * Function to call if the promised action succeeds. | ||
| * | ||
| * @deprecated Use `.then()` instead. | ||
| */ | ||
| success(callback: KeycloakPromiseCallback<TSuccess>): KeycloakPromise<TSuccess, TError>; | ||
| export interface KeycloakPromise<TSuccess, TError> extends Promise<TSuccess> { | ||
| /** | ||
| * Function to call if the promised action succeeds. | ||
| * | ||
| * @deprecated Use `.then()` instead. | ||
| */ | ||
| success(callback: KeycloakPromiseCallback<TSuccess>): KeycloakPromise<TSuccess, TError>; | ||
| /** | ||
| * Function to call if the promised action throws an error. | ||
| * | ||
| * @deprecated Use `.catch()` instead. | ||
| */ | ||
| error(callback: KeycloakPromiseCallback<TError>): KeycloakPromise<TSuccess, TError>; | ||
| } | ||
| /** | ||
| * Function to call if the promised action throws an error. | ||
| * | ||
| * @deprecated Use `.catch()` instead. | ||
| */ | ||
| error(callback: KeycloakPromiseCallback<TError>): KeycloakPromise<TSuccess, TError>; | ||
| } | ||
| interface KeycloakError { | ||
| error: string; | ||
| error_description: string; | ||
| } | ||
| export interface KeycloakError { | ||
| error: string; | ||
| error_description: string; | ||
| } | ||
| interface KeycloakAdapter { | ||
| login(options?: KeycloakLoginOptions): KeycloakPromise<void, void>; | ||
| logout(options?: KeycloakLogoutOptions): KeycloakPromise<void, void>; | ||
| register(options?: KeycloakRegisterOptions): KeycloakPromise<void, void>; | ||
| accountManagement(): KeycloakPromise<void, void>; | ||
| redirectUri(options: { redirectUri: string; }, encodeHash: boolean): string; | ||
| } | ||
| export interface KeycloakAdapter { | ||
| login(options?: KeycloakLoginOptions): KeycloakPromise<void, void>; | ||
| logout(options?: KeycloakLogoutOptions): KeycloakPromise<void, void>; | ||
| register(options?: KeycloakRegisterOptions): KeycloakPromise<void, void>; | ||
| accountManagement(): KeycloakPromise<void, void>; | ||
| redirectUri(options: { redirectUri: string; }, encodeHash: boolean): string; | ||
| } | ||
| interface KeycloakProfile { | ||
| id?: string; | ||
| username?: string; | ||
| email?: string; | ||
| firstName?: string; | ||
| lastName?: string; | ||
| enabled?: boolean; | ||
| emailVerified?: boolean; | ||
| totp?: boolean; | ||
| createdTimestamp?: number; | ||
| } | ||
| export interface KeycloakProfile { | ||
| id?: string; | ||
| username?: string; | ||
| email?: string; | ||
| firstName?: string; | ||
| lastName?: string; | ||
| enabled?: boolean; | ||
| emailVerified?: boolean; | ||
| totp?: boolean; | ||
| createdTimestamp?: number; | ||
| } | ||
| interface KeycloakTokenParsed { | ||
| iss?: string; | ||
| sub?: string; | ||
| aud?: string; | ||
| exp?: number; | ||
| iat?: number; | ||
| auth_time?: number; | ||
| nonce?: string; | ||
| acr?: string; | ||
| amr?: string; | ||
| azp?: string; | ||
| session_state?: string; | ||
| realm_access?: KeycloakRoles; | ||
| resource_access?: KeycloakResourceAccess; | ||
| [key: string]: any; // Add other attributes here. | ||
| } | ||
| export interface KeycloakTokenParsed { | ||
| iss?: string; | ||
| sub?: string; | ||
| aud?: string; | ||
| exp?: number; | ||
| iat?: number; | ||
| auth_time?: number; | ||
| nonce?: string; | ||
| acr?: string; | ||
| amr?: string; | ||
| azp?: string; | ||
| session_state?: string; | ||
| realm_access?: KeycloakRoles; | ||
| resource_access?: KeycloakResourceAccess; | ||
| [key: string]: any; // Add other attributes here. | ||
| } | ||
| interface KeycloakResourceAccess { | ||
| [key: string]: KeycloakRoles | ||
| } | ||
| export interface KeycloakResourceAccess { | ||
| [key: string]: KeycloakRoles | ||
| } | ||
| interface KeycloakRoles { | ||
| roles: string[]; | ||
| } | ||
| export interface KeycloakRoles { | ||
| roles: string[]; | ||
| } | ||
| /** | ||
| * @deprecated Instead of importing 'KeycloakInstance' you can import 'Keycloak' directly as a type. | ||
| */ | ||
| export type KeycloakInstance = Keycloak; | ||
| /** | ||
| * @deprecated Construct a Keycloak instance using the `new` keyword instead. | ||
| */ | ||
| declare function Keycloak(config?: KeycloakConfig | string): Keycloak; | ||
| /** | ||
| * A client for the Keycloak authentication server. | ||
| * @see {@link https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/javascript-adapter.html|Keycloak JS adapter documentation} | ||
| */ | ||
| declare class Keycloak { | ||
| /** | ||
| * A client for the Keycloak authentication server. | ||
| * @see {@link https://keycloak.gitbooks.io/securing-client-applications-guide/content/topics/oidc/javascript-adapter.html|Keycloak JS adapter documentation} | ||
| * Creates a new Keycloak client instance. | ||
| * @param config A configuration object or path to a JSON config file. | ||
| */ | ||
| interface KeycloakInstance { | ||
| /** | ||
| * Is true if the user is authenticated, false otherwise. | ||
| */ | ||
| authenticated?: boolean; | ||
| constructor(config?: KeycloakConfig | string) | ||
| /** | ||
| * The user id. | ||
| */ | ||
| subject?: string; | ||
| /** | ||
| * Is true if the user is authenticated, false otherwise. | ||
| */ | ||
| authenticated?: boolean; | ||
| /** | ||
| * Response mode passed in init (default value is `'fragment'`). | ||
| */ | ||
| responseMode?: KeycloakResponseMode; | ||
| /** | ||
| * The user id. | ||
| */ | ||
| subject?: string; | ||
| /** | ||
| * Response type sent to Keycloak with login requests. This is determined | ||
| * based on the flow value used during initialization, but can be overridden | ||
| * by setting this value. | ||
| */ | ||
| responseType?: KeycloakResponseType; | ||
| /** | ||
| * Response mode passed in init (default value is `'fragment'`). | ||
| */ | ||
| responseMode?: KeycloakResponseMode; | ||
| /** | ||
| * Flow passed in init. | ||
| */ | ||
| flow?: KeycloakFlow; | ||
| /** | ||
| * Response type sent to Keycloak with login requests. This is determined | ||
| * based on the flow value used during initialization, but can be overridden | ||
| * by setting this value. | ||
| */ | ||
| responseType?: KeycloakResponseType; | ||
| /** | ||
| * The realm roles associated with the token. | ||
| */ | ||
| realmAccess?: KeycloakRoles; | ||
| /** | ||
| * Flow passed in init. | ||
| */ | ||
| flow?: KeycloakFlow; | ||
| /** | ||
| * The resource roles associated with the token. | ||
| */ | ||
| resourceAccess?: KeycloakResourceAccess; | ||
| /** | ||
| * The realm roles associated with the token. | ||
| */ | ||
| realmAccess?: KeycloakRoles; | ||
| /** | ||
| * The base64 encoded token that can be sent in the Authorization header in | ||
| * requests to services. | ||
| */ | ||
| token?: string; | ||
| /** | ||
| * The resource roles associated with the token. | ||
| */ | ||
| resourceAccess?: KeycloakResourceAccess; | ||
| /** | ||
| * The parsed token as a JavaScript object. | ||
| */ | ||
| tokenParsed?: KeycloakTokenParsed; | ||
| /** | ||
| * The base64 encoded token that can be sent in the Authorization header in | ||
| * requests to services. | ||
| */ | ||
| token?: string; | ||
| /** | ||
| * The base64 encoded refresh token that can be used to retrieve a new token. | ||
| */ | ||
| refreshToken?: string; | ||
| /** | ||
| * The parsed token as a JavaScript object. | ||
| */ | ||
| tokenParsed?: KeycloakTokenParsed; | ||
| /** | ||
| * The parsed refresh token as a JavaScript object. | ||
| */ | ||
| refreshTokenParsed?: KeycloakTokenParsed; | ||
| /** | ||
| * The base64 encoded refresh token that can be used to retrieve a new token. | ||
| */ | ||
| refreshToken?: string; | ||
| /** | ||
| * The base64 encoded ID token. | ||
| */ | ||
| idToken?: string; | ||
| /** | ||
| * The parsed refresh token as a JavaScript object. | ||
| */ | ||
| refreshTokenParsed?: KeycloakTokenParsed; | ||
| /** | ||
| * The parsed id token as a JavaScript object. | ||
| */ | ||
| idTokenParsed?: KeycloakTokenParsed; | ||
| /** | ||
| * The base64 encoded ID token. | ||
| */ | ||
| idToken?: string; | ||
| /** | ||
| * The estimated time difference between the browser time and the Keycloak | ||
| * server in seconds. This value is just an estimation, but is accurate | ||
| * enough when determining if a token is expired or not. | ||
| */ | ||
| timeSkew?: number; | ||
| /** | ||
| * The parsed id token as a JavaScript object. | ||
| */ | ||
| idTokenParsed?: KeycloakTokenParsed; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| loginRequired?: boolean; | ||
| /** | ||
| * The estimated time difference between the browser time and the Keycloak | ||
| * server in seconds. This value is just an estimation, but is accurate | ||
| * enough when determining if a token is expired or not. | ||
| */ | ||
| timeSkew?: number; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| authServerUrl?: string; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| loginRequired?: boolean; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| realm?: string; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| authServerUrl?: string; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| clientId?: string; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| realm?: string; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| clientSecret?: string; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| clientId?: string; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| redirectUri?: string; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| clientSecret?: string; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| sessionId?: string; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| redirectUri?: string; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| profile?: KeycloakProfile; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| sessionId?: string; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| userInfo?: {}; // KeycloakUserInfo; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| profile?: KeycloakProfile; | ||
| /** | ||
| * Called when the adapter is initialized. | ||
| */ | ||
| onReady?(authenticated?: boolean): void; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| userInfo?: {}; // KeycloakUserInfo; | ||
| /** | ||
| * Called when a user is successfully authenticated. | ||
| */ | ||
| onAuthSuccess?(): void; | ||
| /** | ||
| * Called when the adapter is initialized. | ||
| */ | ||
| onReady?(authenticated?: boolean): void; | ||
| /** | ||
| * Called if there was an error during authentication. | ||
| */ | ||
| onAuthError?(errorData: KeycloakError): void; | ||
| /** | ||
| * Called when a user is successfully authenticated. | ||
| */ | ||
| onAuthSuccess?(): void; | ||
| /** | ||
| * Called when the token is refreshed. | ||
| */ | ||
| onAuthRefreshSuccess?(): void; | ||
| /** | ||
| * Called if there was an error during authentication. | ||
| */ | ||
| onAuthError?(errorData: KeycloakError): void; | ||
| /** | ||
| * Called if there was an error while trying to refresh the token. | ||
| */ | ||
| onAuthRefreshError?(): void; | ||
| /** | ||
| * Called when the token is refreshed. | ||
| */ | ||
| onAuthRefreshSuccess?(): void; | ||
| /** | ||
| * Called if the user is logged out (will only be called if the session | ||
| * status iframe is enabled, or in Cordova mode). | ||
| */ | ||
| onAuthLogout?(): void; | ||
| /** | ||
| * Called if there was an error while trying to refresh the token. | ||
| */ | ||
| onAuthRefreshError?(): void; | ||
| /** | ||
| * Called when the access token is expired. If a refresh token is available | ||
| * the token can be refreshed with Keycloak#updateToken, or in cases where | ||
| * it's not (ie. with implicit flow) you can redirect to login screen to | ||
| * obtain a new access token. | ||
| */ | ||
| onTokenExpired?(): void; | ||
| /** | ||
| * Called if the user is logged out (will only be called if the session | ||
| * status iframe is enabled, or in Cordova mode). | ||
| */ | ||
| onAuthLogout?(): void; | ||
| /** | ||
| * Called when a AIA has been requested by the application. | ||
| */ | ||
| onActionUpdate?(status: 'success'|'cancelled'|'error'): void; | ||
| /** | ||
| * Called when the access token is expired. If a refresh token is available | ||
| * the token can be refreshed with Keycloak#updateToken, or in cases where | ||
| * it's not (ie. with implicit flow) you can redirect to login screen to | ||
| * obtain a new access token. | ||
| */ | ||
| onTokenExpired?(): void; | ||
| /** | ||
| * Called to initialize the adapter. | ||
| * @param initOptions Initialization options. | ||
| * @returns A promise to set functions to be invoked on success or error. | ||
| */ | ||
| init(initOptions: KeycloakInitOptions): KeycloakPromise<boolean, KeycloakError>; | ||
| /** | ||
| * Called when a AIA has been requested by the application. | ||
| */ | ||
| onActionUpdate?(status: 'success'|'cancelled'|'error'): void; | ||
| /** | ||
| * Redirects to login form. | ||
| * @param options Login options. | ||
| */ | ||
| login(options?: KeycloakLoginOptions): KeycloakPromise<void, void>; | ||
| /** | ||
| * Called to initialize the adapter. | ||
| * @param initOptions Initialization options. | ||
| * @returns A promise to set functions to be invoked on success or error. | ||
| */ | ||
| init(initOptions: KeycloakInitOptions): KeycloakPromise<boolean, KeycloakError>; | ||
| /** | ||
| * Redirects to logout. | ||
| * @param options Logout options. | ||
| */ | ||
| logout(options?: KeycloakLogoutOptions): KeycloakPromise<void, void>; | ||
| /** | ||
| * Redirects to login form. | ||
| * @param options Login options. | ||
| */ | ||
| login(options?: KeycloakLoginOptions): KeycloakPromise<void, void>; | ||
| /** | ||
| * Redirects to registration form. | ||
| * @param options The options used for the registration. | ||
| */ | ||
| register(options?: KeycloakRegisterOptions): KeycloakPromise<void, void>; | ||
| /** | ||
| * Redirects to logout. | ||
| * @param options Logout options. | ||
| */ | ||
| logout(options?: KeycloakLogoutOptions): KeycloakPromise<void, void>; | ||
| /** | ||
| * Redirects to the Account Management Console. | ||
| */ | ||
| accountManagement(): KeycloakPromise<void, void>; | ||
| /** | ||
| * Redirects to registration form. | ||
| * @param options The options used for the registration. | ||
| */ | ||
| register(options?: KeycloakRegisterOptions): KeycloakPromise<void, void>; | ||
| /** | ||
| * Returns the URL to login form. | ||
| * @param options Supports same options as Keycloak#login. | ||
| */ | ||
| createLoginUrl(options?: KeycloakLoginOptions): string; | ||
| /** | ||
| * Redirects to the Account Management Console. | ||
| */ | ||
| accountManagement(): KeycloakPromise<void, void>; | ||
| /** | ||
| * Returns the URL to logout the user. | ||
| * @param options Logout options. | ||
| */ | ||
| createLogoutUrl(options?: KeycloakLogoutOptions): string; | ||
| /** | ||
| * Returns the URL to login form. | ||
| * @param options Supports same options as Keycloak#login. | ||
| */ | ||
| createLoginUrl(options?: KeycloakLoginOptions): string; | ||
| /** | ||
| * Returns the URL to registration page. | ||
| * @param options The options used for creating the registration URL. | ||
| */ | ||
| createRegisterUrl(options?: KeycloakRegisterOptions): string; | ||
| /** | ||
| * Returns the URL to logout the user. | ||
| * @param options Logout options. | ||
| */ | ||
| createLogoutUrl(options?: KeycloakLogoutOptions): string; | ||
| /** | ||
| * Returns the URL to the Account Management Console. | ||
| * @param options The options used for creating the account URL. | ||
| */ | ||
| createAccountUrl(options?: KeycloakAccountOptions): string; | ||
| /** | ||
| * Returns the URL to registration page. | ||
| * @param options The options used for creating the registration URL. | ||
| */ | ||
| createRegisterUrl(options?: KeycloakRegisterOptions): string; | ||
| /** | ||
| * Returns true if the token has less than `minValidity` seconds left before | ||
| * it expires. | ||
| * @param minValidity If not specified, `0` is used. | ||
| */ | ||
| isTokenExpired(minValidity?: number): boolean; | ||
| /** | ||
| * Returns the URL to the Account Management Console. | ||
| * @param options The options used for creating the account URL. | ||
| */ | ||
| createAccountUrl(options?: KeycloakAccountOptions): string; | ||
| /** | ||
| * If the token expires within `minValidity` seconds, the token is refreshed. | ||
| * If the session status iframe is enabled, the session status is also | ||
| * checked. | ||
| * @returns A promise to set functions that can be invoked if the token is | ||
| * still valid, or if the token is no longer valid. | ||
| * @example | ||
| * ```js | ||
| * keycloak.updateToken(5).then(function(refreshed) { | ||
| * if (refreshed) { | ||
| * alert('Token was successfully refreshed'); | ||
| * } else { | ||
| * alert('Token is still valid'); | ||
| * } | ||
| * }).catch(function() { | ||
| * alert('Failed to refresh the token, or the session has expired'); | ||
| * }); | ||
| */ | ||
| updateToken(minValidity: number): KeycloakPromise<boolean, boolean>; | ||
| /** | ||
| * Returns true if the token has less than `minValidity` seconds left before | ||
| * it expires. | ||
| * @param minValidity If not specified, `0` is used. | ||
| */ | ||
| isTokenExpired(minValidity?: number): boolean; | ||
| /** | ||
| * Clears authentication state, including tokens. This can be useful if | ||
| * the application has detected the session was expired, for example if | ||
| * updating token fails. Invoking this results in Keycloak#onAuthLogout | ||
| * callback listener being invoked. | ||
| */ | ||
| clearToken(): void; | ||
| /** | ||
| * If the token expires within `minValidity` seconds, the token is refreshed. | ||
| * If the session status iframe is enabled, the session status is also | ||
| * checked. | ||
| * @returns A promise to set functions that can be invoked if the token is | ||
| * still valid, or if the token is no longer valid. | ||
| * @example | ||
| * ```js | ||
| * keycloak.updateToken(5).then(function(refreshed) { | ||
| * if (refreshed) { | ||
| * alert('Token was successfully refreshed'); | ||
| * } else { | ||
| * alert('Token is still valid'); | ||
| * } | ||
| * }).catch(function() { | ||
| * alert('Failed to refresh the token, or the session has expired'); | ||
| * }); | ||
| */ | ||
| updateToken(minValidity: number): KeycloakPromise<boolean, boolean>; | ||
| /** | ||
| * Returns true if the token has the given realm role. | ||
| * @param role A realm role name. | ||
| */ | ||
| hasRealmRole(role: string): boolean; | ||
| /** | ||
| * Clears authentication state, including tokens. This can be useful if | ||
| * the application has detected the session was expired, for example if | ||
| * updating token fails. Invoking this results in Keycloak#onAuthLogout | ||
| * callback listener being invoked. | ||
| */ | ||
| clearToken(): void; | ||
| /** | ||
| * Returns true if the token has the given role for the resource. | ||
| * @param role A role name. | ||
| * @param resource If not specified, `clientId` is used. | ||
| */ | ||
| hasResourceRole(role: string, resource?: string): boolean; | ||
| /** | ||
| * Returns true if the token has the given realm role. | ||
| * @param role A realm role name. | ||
| */ | ||
| hasRealmRole(role: string): boolean; | ||
| /** | ||
| * Loads the user's profile. | ||
| * @returns A promise to set functions to be invoked on success or error. | ||
| */ | ||
| loadUserProfile(): KeycloakPromise<KeycloakProfile, void>; | ||
| /** | ||
| * Returns true if the token has the given role for the resource. | ||
| * @param role A role name. | ||
| * @param resource If not specified, `clientId` is used. | ||
| */ | ||
| hasResourceRole(role: string, resource?: string): boolean; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| loadUserInfo(): KeycloakPromise<{}, void>; | ||
| } | ||
| /** | ||
| * Loads the user's profile. | ||
| * @returns A promise to set functions to be invoked on success or error. | ||
| */ | ||
| loadUserProfile(): KeycloakPromise<KeycloakProfile, void>; | ||
| /** | ||
| * @private Undocumented. | ||
| */ | ||
| loadUserInfo(): KeycloakPromise<{}, void>; | ||
| } | ||
| export default Keycloak; | ||
| /** | ||
| * @deprecated The 'Keycloak' namespace is deprecated, use named imports instead. | ||
| */ | ||
| export as namespace Keycloak; |
@@ -1,2 +0,2 @@ | ||
| !function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define("keycloak",t):(e="undefined"!=typeof globalThis?globalThis:e||self).Keycloak=t()}(this,(function(){"use strict";var commonjsGlobal="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};function commonjsRequire(e){throw new Error('Could not dynamically require "'+e+'". Please configure the dynamicRequireTargets or/and ignoreDynamicRequires option of @rollup/plugin-commonjs appropriately for this require call to work.')}var es6Promise_min={exports:{}};!function(e,t){e.exports=function(){function e(e){var t=typeof e;return null!==e&&("object"===t||"function"===t)}function t(e){return"function"==typeof e}function r(e){F=e}function n(e){K=e}function o(){return function(){return process.nextTick(u)}}function i(){return void 0!==B?function(){B(u)}:c()}function s(){var e=0,t=new q(u),r=document.createTextNode("");return t.observe(r,{characterData:!0}),function(){r.data=e=++e%2}}function a(){var e=new MessageChannel;return e.port1.onmessage=u,function(){return e.port2.postMessage(0)}}function c(){var e=setTimeout;return function(){return e(u,1)}}function u(){for(var e=0;e<j;e+=2)(0,V[e])(V[e+1]),V[e]=void 0,V[e+1]=void 0;j=0}function l(){try{var e=Function("return this")().require("vertx");return B=e.runOnLoop||e.runOnContext,i()}catch(e){return c()}}function h(e,t){var r=this,n=new this.constructor(f);void 0===n[G]&&U(n);var o=r._state;if(o){var i=arguments[o-1];K((function(){return E(o,n,i,r._result)}))}else A(r,n,e,t);return n}function d(e){var t=this;if(e&&"object"==typeof e&&e.constructor===t)return e;var r=new t(f);return _(r,e),r}function f(){}function p(){return new TypeError("You cannot resolve a promise with itself")}function m(){return new TypeError("A promises callback cannot return that same promise.")}function v(e,t,r,n){try{e.call(t,r,n)}catch(e){return e}}function k(e,t,r){K((function(e){var n=!1,o=v(r,t,(function(r){n||(n=!0,t!==r?_(e,r):S(e,r))}),(function(t){n||(n=!0,b(e,t))}),"Settle: "+(e._label||" unknown promise"));!n&&o&&(n=!0,b(e,o))}),e)}function g(e,t){t._state===Z?S(e,t._result):t._state===$?b(e,t._result):A(t,void 0,(function(t){return _(e,t)}),(function(t){return b(e,t)}))}function y(e,r,n){r.constructor===e.constructor&&n===h&&r.constructor.resolve===d?g(e,r):void 0===n?S(e,r):t(n)?k(e,r,n):S(e,r)}function _(t,r){if(t===r)b(t,p());else if(e(r)){var n=void 0;try{n=r.then}catch(e){return void b(t,e)}y(t,r,n)}else S(t,r)}function w(e){e._onerror&&e._onerror(e._result),R(e)}function S(e,t){e._state===Q&&(e._result=t,e._state=Z,0!==e._subscribers.length&&K(R,e))}function b(e,t){e._state===Q&&(e._state=$,e._result=t,K(w,e))}function A(e,t,r,n){var o=e._subscribers,i=o.length;e._onerror=null,o[i]=t,o[i+Z]=r,o[i+$]=n,0===i&&e._state&&K(R,e)}function R(e){var t=e._subscribers,r=e._state;if(0!==t.length){for(var n=void 0,o=void 0,i=e._result,s=0;s<t.length;s+=3)n=t[s],o=t[s+r],n?E(r,n,o,i):o(i);e._subscribers.length=0}}function E(e,r,n,o){var i=t(n),s=void 0,a=void 0,c=!0;if(i){try{s=n(o)}catch(e){c=!1,a=e}if(r===s)return void b(r,m())}else s=o;r._state!==Q||(i&&c?_(r,s):!1===c?b(r,a):e===Z?S(r,s):e===$&&b(r,s))}function H(e,t){try{t((function(t){_(e,t)}),(function(t){b(e,t)}))}catch(t){b(e,t)}}function C(){return ee++}function U(e){e[G]=ee++,e._state=void 0,e._result=void 0,e._subscribers=[]}function T(){return new Error("Array Methods must be provided an Array")}function O(e){return new te(this,e).promise}function I(e){var t=this;return new t(N(e)?function(r,n){for(var o=e.length,i=0;i<o;i++)t.resolve(e[i]).then(r,n)}:function(e,t){return t(new TypeError("You must pass an array to race."))})}function L(e){var t=new this(f);return b(t,e),t}function x(){throw new TypeError("You must pass a resolver function as the first argument to the promise constructor")}function P(){throw new TypeError("Failed to construct 'Promise': Please use the 'new' operator, this object constructor cannot be called as a function.")}function X(){var e=void 0;if(void 0!==commonjsGlobal)e=commonjsGlobal;else if("undefined"!=typeof self)e=self;else try{e=Function("return this")()}catch(e){throw new Error("polyfill failed because global object is unavailable in this environment")}var t=e.Promise;if(t){var r=null;try{r=Object.prototype.toString.call(t.resolve())}catch(e){}if("[object Promise]"===r&&!t.cast)return}e.Promise=re}var M=void 0;M=Array.isArray?Array.isArray:function(e){return"[object Array]"===Object.prototype.toString.call(e)};var N=M,j=0,B=void 0,F=void 0,K=function(e,t){V[j]=e,V[j+1]=t,2===(j+=2)&&(F?F(u):z())},D="undefined"!=typeof window?window:void 0,J=D||{},q=J.MutationObserver||J.WebKitMutationObserver,Y="undefined"==typeof self&&"undefined"!=typeof process&&"[object process]"==={}.toString.call(process),W="undefined"!=typeof Uint8ClampedArray&&"undefined"!=typeof importScripts&&"undefined"!=typeof MessageChannel,V=new Array(1e3),z=void 0;z=Y?o():q?s():W?a():void 0===D&&"function"==typeof commonjsRequire?l():c();var G=Math.random().toString(36).substring(2),Q=void 0,Z=1,$=2,ee=0,te=function(){function e(e,t){this._instanceConstructor=e,this.promise=new e(f),this.promise[G]||U(this.promise),N(t)?(this.length=t.length,this._remaining=t.length,this._result=new Array(this.length),0===this.length?S(this.promise,this._result):(this.length=this.length||0,this._enumerate(t),0===this._remaining&&S(this.promise,this._result))):b(this.promise,T())}return e.prototype._enumerate=function(e){for(var t=0;this._state===Q&&t<e.length;t++)this._eachEntry(e[t],t)},e.prototype._eachEntry=function(e,t){var r=this._instanceConstructor,n=r.resolve;if(n===d){var o=void 0,i=void 0,s=!1;try{o=e.then}catch(e){s=!0,i=e}if(o===h&&e._state!==Q)this._settledAt(e._state,t,e._result);else if("function"!=typeof o)this._remaining--,this._result[t]=e;else if(r===re){var a=new r(f);s?b(a,i):y(a,e,o),this._willSettleAt(a,t)}else this._willSettleAt(new r((function(t){return t(e)})),t)}else this._willSettleAt(n(e),t)},e.prototype._settledAt=function(e,t,r){var n=this.promise;n._state===Q&&(this._remaining--,e===$?b(n,r):this._result[t]=r),0===this._remaining&&S(n,this._result)},e.prototype._willSettleAt=function(e,t){var r=this;A(e,void 0,(function(e){return r._settledAt(Z,t,e)}),(function(e){return r._settledAt($,t,e)}))},e}(),re=function(){function e(t){this[G]=C(),this._result=this._state=void 0,this._subscribers=[],f!==t&&("function"!=typeof t&&x(),this instanceof e?H(this,t):P())}return e.prototype.catch=function(e){return this.then(null,e)},e.prototype.finally=function(e){var r=this,n=r.constructor;return t(e)?r.then((function(t){return n.resolve(e()).then((function(){return t}))}),(function(t){return n.resolve(e()).then((function(){throw t}))})):r.then(e,e)},e}();return re.prototype.then=h,re.all=O,re.race=I,re.resolve=d,re.reject=L,re._setScheduler=r,re._setAsap=n,re._asap=K,re.polyfill=X,re.Promise=re,re}()}(es6Promise_min);var base64Js={};base64Js.byteLength=byteLength,base64Js.toByteArray=toByteArray,base64Js.fromByteArray=fromByteArray;for(var lookup=[],revLookup=[],Arr="undefined"!=typeof Uint8Array?Uint8Array:Array,code="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",i=0,len=code.length;i<len;++i)lookup[i]=code[i],revLookup[code.charCodeAt(i)]=i;function getLens(e){var t=e.length;if(t%4>0)throw new Error("Invalid string. Length must be a multiple of 4");var r=e.indexOf("=");return-1===r&&(r=t),[r,r===t?0:4-r%4]}function byteLength(e){var t=getLens(e),r=t[0],n=t[1];return 3*(r+n)/4-n}function _byteLength(e,t,r){return 3*(t+r)/4-r}function toByteArray(e){var t,r,n=getLens(e),o=n[0],i=n[1],s=new Arr(_byteLength(e,o,i)),a=0,c=i>0?o-4:o;for(r=0;r<c;r+=4)t=revLookup[e.charCodeAt(r)]<<18|revLookup[e.charCodeAt(r+1)]<<12|revLookup[e.charCodeAt(r+2)]<<6|revLookup[e.charCodeAt(r+3)],s[a++]=t>>16&255,s[a++]=t>>8&255,s[a++]=255&t;return 2===i&&(t=revLookup[e.charCodeAt(r)]<<2|revLookup[e.charCodeAt(r+1)]>>4,s[a++]=255&t),1===i&&(t=revLookup[e.charCodeAt(r)]<<10|revLookup[e.charCodeAt(r+1)]<<4|revLookup[e.charCodeAt(r+2)]>>2,s[a++]=t>>8&255,s[a++]=255&t),s}function tripletToBase64(e){return lookup[e>>18&63]+lookup[e>>12&63]+lookup[e>>6&63]+lookup[63&e]}function encodeChunk(e,t,r){for(var n,o=[],i=t;i<r;i+=3)n=(e[i]<<16&16711680)+(e[i+1]<<8&65280)+(255&e[i+2]),o.push(tripletToBase64(n));return o.join("")}function fromByteArray(e){for(var t,r=e.length,n=r%3,o=[],i=16383,s=0,a=r-n;s<a;s+=i)o.push(encodeChunk(e,s,s+i>a?a:s+i));return 1===n?(t=e[r-1],o.push(lookup[t>>2]+lookup[t<<4&63]+"==")):2===n&&(t=(e[r-2]<<8)+e[r-1],o.push(lookup[t>>10]+lookup[t>>4&63]+lookup[t<<2&63]+"=")),o.join("")}revLookup["-".charCodeAt(0)]=62,revLookup["_".charCodeAt(0)]=63;var sha256={exports:{}}; | ||
| !function(e,t){"object"==typeof exports&&"undefined"!=typeof module?module.exports=t():"function"==typeof define&&define.amd?define("keycloak",t):(e="undefined"!=typeof globalThis?globalThis:e||self).Keycloak=t()}(this,(function(){"use strict";var commonjsGlobal="undefined"!=typeof globalThis?globalThis:"undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:{};function commonjsRequire(e){throw new Error('Could not dynamically require "'+e+'". Please configure the dynamicRequireTargets or/and ignoreDynamicRequires option of @rollup/plugin-commonjs appropriately for this require call to work.')}var es6Promise_min={exports:{}};!function(e,t){e.exports=function(){function e(e){var t=typeof e;return null!==e&&("object"===t||"function"===t)}function t(e){return"function"==typeof e}function r(e){F=e}function n(e){K=e}function o(){return function(){return process.nextTick(u)}}function i(){return void 0!==B?function(){B(u)}:c()}function s(){var e=0,t=new q(u),r=document.createTextNode("");return t.observe(r,{characterData:!0}),function(){r.data=e=++e%2}}function a(){var e=new MessageChannel;return e.port1.onmessage=u,function(){return e.port2.postMessage(0)}}function c(){var e=setTimeout;return function(){return e(u,1)}}function u(){for(var e=0;e<j;e+=2)(0,V[e])(V[e+1]),V[e]=void 0,V[e+1]=void 0;j=0}function l(){try{var e=Function("return this")().require("vertx");return B=e.runOnLoop||e.runOnContext,i()}catch(e){return c()}}function h(e,t){var r=this,n=new this.constructor(f);void 0===n[G]&&U(n);var o=r._state;if(o){var i=arguments[o-1];K((function(){return E(o,n,i,r._result)}))}else A(r,n,e,t);return n}function d(e){var t=this;if(e&&"object"==typeof e&&e.constructor===t)return e;var r=new t(f);return _(r,e),r}function f(){}function p(){return new TypeError("You cannot resolve a promise with itself")}function m(){return new TypeError("A promises callback cannot return that same promise.")}function v(e,t,r,n){try{e.call(t,r,n)}catch(e){return e}}function k(e,t,r){K((function(e){var n=!1,o=v(r,t,(function(r){n||(n=!0,t!==r?_(e,r):S(e,r))}),(function(t){n||(n=!0,b(e,t))}),"Settle: "+(e._label||" unknown promise"));!n&&o&&(n=!0,b(e,o))}),e)}function g(e,t){t._state===Q?S(e,t._result):t._state===Z?b(e,t._result):A(t,void 0,(function(t){return _(e,t)}),(function(t){return b(e,t)}))}function y(e,r,n){r.constructor===e.constructor&&n===h&&r.constructor.resolve===d?g(e,r):void 0===n?S(e,r):t(n)?k(e,r,n):S(e,r)}function _(t,r){if(t===r)b(t,p());else if(e(r)){var n=void 0;try{n=r.then}catch(e){return void b(t,e)}y(t,r,n)}else S(t,r)}function w(e){e._onerror&&e._onerror(e._result),R(e)}function S(e,t){e._state===$&&(e._result=t,e._state=Q,0!==e._subscribers.length&&K(R,e))}function b(e,t){e._state===$&&(e._state=Z,e._result=t,K(w,e))}function A(e,t,r,n){var o=e._subscribers,i=o.length;e._onerror=null,o[i]=t,o[i+Q]=r,o[i+Z]=n,0===i&&e._state&&K(R,e)}function R(e){var t=e._subscribers,r=e._state;if(0!==t.length){for(var n=void 0,o=void 0,i=e._result,s=0;s<t.length;s+=3)n=t[s],o=t[s+r],n?E(r,n,o,i):o(i);e._subscribers.length=0}}function E(e,r,n,o){var i=t(n),s=void 0,a=void 0,c=!0;if(i){try{s=n(o)}catch(e){c=!1,a=e}if(r===s)return void b(r,m())}else s=o;r._state!==$||(i&&c?_(r,s):!1===c?b(r,a):e===Q?S(r,s):e===Z&&b(r,s))}function H(e,t){try{t((function(t){_(e,t)}),(function(t){b(e,t)}))}catch(t){b(e,t)}}function C(){return ee++}function U(e){e[G]=ee++,e._state=void 0,e._result=void 0,e._subscribers=[]}function T(){return new Error("Array Methods must be provided an Array")}function O(e){return new te(this,e).promise}function I(e){var t=this;return new t(N(e)?function(r,n){for(var o=e.length,i=0;i<o;i++)t.resolve(e[i]).then(r,n)}:function(e,t){return t(new TypeError("You must pass an array to race."))})}function L(e){var t=new this(f);return b(t,e),t}function x(){throw new TypeError("You must pass a resolver function as the first argument to the promise constructor")}function P(){throw new TypeError("Failed to construct 'Promise': Please use the 'new' operator, this object constructor cannot be called as a function.")}function X(){var e=void 0;if(void 0!==commonjsGlobal)e=commonjsGlobal;else if("undefined"!=typeof self)e=self;else try{e=Function("return this")()}catch(e){throw new Error("polyfill failed because global object is unavailable in this environment")}var t=e.Promise;if(t){var r=null;try{r=Object.prototype.toString.call(t.resolve())}catch(e){}if("[object Promise]"===r&&!t.cast)return}e.Promise=re}var M=void 0;M=Array.isArray?Array.isArray:function(e){return"[object Array]"===Object.prototype.toString.call(e)};var N=M,j=0,B=void 0,F=void 0,K=function(e,t){V[j]=e,V[j+1]=t,2===(j+=2)&&(F?F(u):z())},D="undefined"!=typeof window?window:void 0,J=D||{},q=J.MutationObserver||J.WebKitMutationObserver,Y="undefined"==typeof self&&"undefined"!=typeof process&&"[object process]"==={}.toString.call(process),W="undefined"!=typeof Uint8ClampedArray&&"undefined"!=typeof importScripts&&"undefined"!=typeof MessageChannel,V=new Array(1e3),z=void 0;z=Y?o():q?s():W?a():void 0===D&&"function"==typeof commonjsRequire?l():c();var G=Math.random().toString(36).substring(2),$=void 0,Q=1,Z=2,ee=0,te=function(){function e(e,t){this._instanceConstructor=e,this.promise=new e(f),this.promise[G]||U(this.promise),N(t)?(this.length=t.length,this._remaining=t.length,this._result=new Array(this.length),0===this.length?S(this.promise,this._result):(this.length=this.length||0,this._enumerate(t),0===this._remaining&&S(this.promise,this._result))):b(this.promise,T())}return e.prototype._enumerate=function(e){for(var t=0;this._state===$&&t<e.length;t++)this._eachEntry(e[t],t)},e.prototype._eachEntry=function(e,t){var r=this._instanceConstructor,n=r.resolve;if(n===d){var o=void 0,i=void 0,s=!1;try{o=e.then}catch(e){s=!0,i=e}if(o===h&&e._state!==$)this._settledAt(e._state,t,e._result);else if("function"!=typeof o)this._remaining--,this._result[t]=e;else if(r===re){var a=new r(f);s?b(a,i):y(a,e,o),this._willSettleAt(a,t)}else this._willSettleAt(new r((function(t){return t(e)})),t)}else this._willSettleAt(n(e),t)},e.prototype._settledAt=function(e,t,r){var n=this.promise;n._state===$&&(this._remaining--,e===Z?b(n,r):this._result[t]=r),0===this._remaining&&S(n,this._result)},e.prototype._willSettleAt=function(e,t){var r=this;A(e,void 0,(function(e){return r._settledAt(Q,t,e)}),(function(e){return r._settledAt(Z,t,e)}))},e}(),re=function(){function e(t){this[G]=C(),this._result=this._state=void 0,this._subscribers=[],f!==t&&("function"!=typeof t&&x(),this instanceof e?H(this,t):P())}return e.prototype.catch=function(e){return this.then(null,e)},e.prototype.finally=function(e){var r=this,n=r.constructor;return t(e)?r.then((function(t){return n.resolve(e()).then((function(){return t}))}),(function(t){return n.resolve(e()).then((function(){throw t}))})):r.then(e,e)},e}();return re.prototype.then=h,re.all=O,re.race=I,re.resolve=d,re.reject=L,re._setScheduler=r,re._setAsap=n,re._asap=K,re.polyfill=X,re.Promise=re,re}()}(es6Promise_min);var base64Js={};base64Js.byteLength=byteLength,base64Js.toByteArray=toByteArray,base64Js.fromByteArray=fromByteArray;for(var lookup=[],revLookup=[],Arr="undefined"!=typeof Uint8Array?Uint8Array:Array,code="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",i=0,len=code.length;i<len;++i)lookup[i]=code[i],revLookup[code.charCodeAt(i)]=i;function getLens(e){var t=e.length;if(t%4>0)throw new Error("Invalid string. Length must be a multiple of 4");var r=e.indexOf("=");return-1===r&&(r=t),[r,r===t?0:4-r%4]}function byteLength(e){var t=getLens(e),r=t[0],n=t[1];return 3*(r+n)/4-n}function _byteLength(e,t,r){return 3*(t+r)/4-r}function toByteArray(e){var t,r,n=getLens(e),o=n[0],i=n[1],s=new Arr(_byteLength(e,o,i)),a=0,c=i>0?o-4:o;for(r=0;r<c;r+=4)t=revLookup[e.charCodeAt(r)]<<18|revLookup[e.charCodeAt(r+1)]<<12|revLookup[e.charCodeAt(r+2)]<<6|revLookup[e.charCodeAt(r+3)],s[a++]=t>>16&255,s[a++]=t>>8&255,s[a++]=255&t;return 2===i&&(t=revLookup[e.charCodeAt(r)]<<2|revLookup[e.charCodeAt(r+1)]>>4,s[a++]=255&t),1===i&&(t=revLookup[e.charCodeAt(r)]<<10|revLookup[e.charCodeAt(r+1)]<<4|revLookup[e.charCodeAt(r+2)]>>2,s[a++]=t>>8&255,s[a++]=255&t),s}function tripletToBase64(e){return lookup[e>>18&63]+lookup[e>>12&63]+lookup[e>>6&63]+lookup[63&e]}function encodeChunk(e,t,r){for(var n,o=[],i=t;i<r;i+=3)n=(e[i]<<16&16711680)+(e[i+1]<<8&65280)+(255&e[i+2]),o.push(tripletToBase64(n));return o.join("")}function fromByteArray(e){for(var t,r=e.length,n=r%3,o=[],i=16383,s=0,a=r-n;s<a;s+=i)o.push(encodeChunk(e,s,s+i>a?a:s+i));return 1===n?(t=e[r-1],o.push(lookup[t>>2]+lookup[t<<4&63]+"==")):2===n&&(t=(e[r-2]<<8)+e[r-1],o.push(lookup[t>>10]+lookup[t>>4&63]+lookup[t<<2&63]+"=")),o.join("")}revLookup["-".charCodeAt(0)]=62,revLookup["_".charCodeAt(0)]=63;var sha256$1={exports:{}}; | ||
| /** | ||
@@ -9,3 +9,3 @@ * [js-sha256]{@link https://github.com/emn178/js-sha256} | ||
| * @license MIT | ||
| */if(function(module){(function(){var ERROR="input is invalid type",WINDOW="object"==typeof window,root=WINDOW?window:{};root.JS_SHA256_NO_WINDOW&&(WINDOW=!1);var WEB_WORKER=!WINDOW&&"object"==typeof self,NODE_JS=!root.JS_SHA256_NO_NODE_JS&&"object"==typeof process&&process.versions&&process.versions.node;NODE_JS?root=commonjsGlobal:WEB_WORKER&&(root=self);var COMMON_JS=!root.JS_SHA256_NO_COMMON_JS&&module.exports,ARRAY_BUFFER=!root.JS_SHA256_NO_ARRAY_BUFFER&&"undefined"!=typeof ArrayBuffer,HEX_CHARS="0123456789abcdef".split(""),EXTRA=[-2147483648,8388608,32768,128],SHIFT=[24,16,8,0],K=[1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298],OUTPUT_TYPES=["hex","array","digest","arrayBuffer"],blocks=[];!root.JS_SHA256_NO_NODE_JS&&Array.isArray||(Array.isArray=function(e){return"[object Array]"===Object.prototype.toString.call(e)}),!ARRAY_BUFFER||!root.JS_SHA256_NO_ARRAY_BUFFER_IS_VIEW&&ArrayBuffer.isView||(ArrayBuffer.isView=function(e){return"object"==typeof e&&e.buffer&&e.buffer.constructor===ArrayBuffer});var createOutputMethod=function(e,t){return function(r){return new Sha256(t,!0).update(r)[e]()}},createMethod=function(e){var t=createOutputMethod("hex",e);NODE_JS&&(t=nodeWrap(t,e)),t.create=function(){return new Sha256(e)},t.update=function(e){return t.create().update(e)};for(var r=0;r<OUTPUT_TYPES.length;++r){var n=OUTPUT_TYPES[r];t[n]=createOutputMethod(n,e)}return t},nodeWrap=function(method,is224){var crypto=eval("require('crypto')"),Buffer=eval("require('buffer').Buffer"),algorithm=is224?"sha224":"sha256",nodeMethod=function(e){if("string"==typeof e)return crypto.createHash(algorithm).update(e,"utf8").digest("hex");if(null==e)throw new Error(ERROR);return e.constructor===ArrayBuffer&&(e=new Uint8Array(e)),Array.isArray(e)||ArrayBuffer.isView(e)||e.constructor===Buffer?crypto.createHash(algorithm).update(new Buffer(e)).digest("hex"):method(e)};return nodeMethod},createHmacOutputMethod=function(e,t){return function(r,n){return new HmacSha256(r,t,!0).update(n)[e]()}},createHmacMethod=function(e){var t=createHmacOutputMethod("hex",e);t.create=function(t){return new HmacSha256(t,e)},t.update=function(e,r){return t.create(e).update(r)};for(var r=0;r<OUTPUT_TYPES.length;++r){var n=OUTPUT_TYPES[r];t[n]=createHmacOutputMethod(n,e)}return t};function Sha256(e,t){t?(blocks[0]=blocks[16]=blocks[1]=blocks[2]=blocks[3]=blocks[4]=blocks[5]=blocks[6]=blocks[7]=blocks[8]=blocks[9]=blocks[10]=blocks[11]=blocks[12]=blocks[13]=blocks[14]=blocks[15]=0,this.blocks=blocks):this.blocks=[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],e?(this.h0=3238371032,this.h1=914150663,this.h2=812702999,this.h3=4144912697,this.h4=4290775857,this.h5=1750603025,this.h6=1694076839,this.h7=3204075428):(this.h0=1779033703,this.h1=3144134277,this.h2=1013904242,this.h3=2773480762,this.h4=1359893119,this.h5=2600822924,this.h6=528734635,this.h7=1541459225),this.block=this.start=this.bytes=this.hBytes=0,this.finalized=this.hashed=!1,this.first=!0,this.is224=e}function HmacSha256(e,t,r){var n,o=typeof e;if("string"===o){var i,s=[],a=e.length,c=0;for(n=0;n<a;++n)(i=e.charCodeAt(n))<128?s[c++]=i:i<2048?(s[c++]=192|i>>6,s[c++]=128|63&i):i<55296||i>=57344?(s[c++]=224|i>>12,s[c++]=128|i>>6&63,s[c++]=128|63&i):(i=65536+((1023&i)<<10|1023&e.charCodeAt(++n)),s[c++]=240|i>>18,s[c++]=128|i>>12&63,s[c++]=128|i>>6&63,s[c++]=128|63&i);e=s}else{if("object"!==o)throw new Error(ERROR);if(null===e)throw new Error(ERROR);if(ARRAY_BUFFER&&e.constructor===ArrayBuffer)e=new Uint8Array(e);else if(!(Array.isArray(e)||ARRAY_BUFFER&&ArrayBuffer.isView(e)))throw new Error(ERROR)}e.length>64&&(e=new Sha256(t,!0).update(e).array());var u=[],l=[];for(n=0;n<64;++n){var h=e[n]||0;u[n]=92^h,l[n]=54^h}Sha256.call(this,t,r),this.update(l),this.oKeyPad=u,this.inner=!0,this.sharedMemory=r}Sha256.prototype.update=function(e){if(!this.finalized){var t,r=typeof e;if("string"!==r){if("object"!==r)throw new Error(ERROR);if(null===e)throw new Error(ERROR);if(ARRAY_BUFFER&&e.constructor===ArrayBuffer)e=new Uint8Array(e);else if(!(Array.isArray(e)||ARRAY_BUFFER&&ArrayBuffer.isView(e)))throw new Error(ERROR);t=!0}for(var n,o,i=0,s=e.length,a=this.blocks;i<s;){if(this.hashed&&(this.hashed=!1,a[0]=this.block,a[16]=a[1]=a[2]=a[3]=a[4]=a[5]=a[6]=a[7]=a[8]=a[9]=a[10]=a[11]=a[12]=a[13]=a[14]=a[15]=0),t)for(o=this.start;i<s&&o<64;++i)a[o>>2]|=e[i]<<SHIFT[3&o++];else for(o=this.start;i<s&&o<64;++i)(n=e.charCodeAt(i))<128?a[o>>2]|=n<<SHIFT[3&o++]:n<2048?(a[o>>2]|=(192|n>>6)<<SHIFT[3&o++],a[o>>2]|=(128|63&n)<<SHIFT[3&o++]):n<55296||n>=57344?(a[o>>2]|=(224|n>>12)<<SHIFT[3&o++],a[o>>2]|=(128|n>>6&63)<<SHIFT[3&o++],a[o>>2]|=(128|63&n)<<SHIFT[3&o++]):(n=65536+((1023&n)<<10|1023&e.charCodeAt(++i)),a[o>>2]|=(240|n>>18)<<SHIFT[3&o++],a[o>>2]|=(128|n>>12&63)<<SHIFT[3&o++],a[o>>2]|=(128|n>>6&63)<<SHIFT[3&o++],a[o>>2]|=(128|63&n)<<SHIFT[3&o++]);this.lastByteIndex=o,this.bytes+=o-this.start,o>=64?(this.block=a[16],this.start=o-64,this.hash(),this.hashed=!0):this.start=o}return this.bytes>4294967295&&(this.hBytes+=this.bytes/4294967296<<0,this.bytes=this.bytes%4294967296),this}},Sha256.prototype.finalize=function(){if(!this.finalized){this.finalized=!0;var e=this.blocks,t=this.lastByteIndex;e[16]=this.block,e[t>>2]|=EXTRA[3&t],this.block=e[16],t>=56&&(this.hashed||this.hash(),e[0]=this.block,e[16]=e[1]=e[2]=e[3]=e[4]=e[5]=e[6]=e[7]=e[8]=e[9]=e[10]=e[11]=e[12]=e[13]=e[14]=e[15]=0),e[14]=this.hBytes<<3|this.bytes>>>29,e[15]=this.bytes<<3,this.hash()}},Sha256.prototype.hash=function(){var e,t,r,n,o,i,s,a,c,u=this.h0,l=this.h1,h=this.h2,d=this.h3,f=this.h4,p=this.h5,m=this.h6,v=this.h7,k=this.blocks;for(e=16;e<64;++e)t=((o=k[e-15])>>>7|o<<25)^(o>>>18|o<<14)^o>>>3,r=((o=k[e-2])>>>17|o<<15)^(o>>>19|o<<13)^o>>>10,k[e]=k[e-16]+t+k[e-7]+r<<0;for(c=l&h,e=0;e<64;e+=4)this.first?(this.is224?(i=300032,v=(o=k[0]-1413257819)-150054599<<0,d=o+24177077<<0):(i=704751109,v=(o=k[0]-210244248)-1521486534<<0,d=o+143694565<<0),this.first=!1):(t=(u>>>2|u<<30)^(u>>>13|u<<19)^(u>>>22|u<<10),n=(i=u&l)^u&h^c,v=d+(o=v+(r=(f>>>6|f<<26)^(f>>>11|f<<21)^(f>>>25|f<<7))+(f&p^~f&m)+K[e]+k[e])<<0,d=o+(t+n)<<0),t=(d>>>2|d<<30)^(d>>>13|d<<19)^(d>>>22|d<<10),n=(s=d&u)^d&l^i,m=h+(o=m+(r=(v>>>6|v<<26)^(v>>>11|v<<21)^(v>>>25|v<<7))+(v&f^~v&p)+K[e+1]+k[e+1])<<0,t=((h=o+(t+n)<<0)>>>2|h<<30)^(h>>>13|h<<19)^(h>>>22|h<<10),n=(a=h&d)^h&u^s,p=l+(o=p+(r=(m>>>6|m<<26)^(m>>>11|m<<21)^(m>>>25|m<<7))+(m&v^~m&f)+K[e+2]+k[e+2])<<0,t=((l=o+(t+n)<<0)>>>2|l<<30)^(l>>>13|l<<19)^(l>>>22|l<<10),n=(c=l&h)^l&d^a,f=u+(o=f+(r=(p>>>6|p<<26)^(p>>>11|p<<21)^(p>>>25|p<<7))+(p&m^~p&v)+K[e+3]+k[e+3])<<0,u=o+(t+n)<<0;this.h0=this.h0+u<<0,this.h1=this.h1+l<<0,this.h2=this.h2+h<<0,this.h3=this.h3+d<<0,this.h4=this.h4+f<<0,this.h5=this.h5+p<<0,this.h6=this.h6+m<<0,this.h7=this.h7+v<<0},Sha256.prototype.hex=function(){this.finalize();var e=this.h0,t=this.h1,r=this.h2,n=this.h3,o=this.h4,i=this.h5,s=this.h6,a=this.h7,c=HEX_CHARS[e>>28&15]+HEX_CHARS[e>>24&15]+HEX_CHARS[e>>20&15]+HEX_CHARS[e>>16&15]+HEX_CHARS[e>>12&15]+HEX_CHARS[e>>8&15]+HEX_CHARS[e>>4&15]+HEX_CHARS[15&e]+HEX_CHARS[t>>28&15]+HEX_CHARS[t>>24&15]+HEX_CHARS[t>>20&15]+HEX_CHARS[t>>16&15]+HEX_CHARS[t>>12&15]+HEX_CHARS[t>>8&15]+HEX_CHARS[t>>4&15]+HEX_CHARS[15&t]+HEX_CHARS[r>>28&15]+HEX_CHARS[r>>24&15]+HEX_CHARS[r>>20&15]+HEX_CHARS[r>>16&15]+HEX_CHARS[r>>12&15]+HEX_CHARS[r>>8&15]+HEX_CHARS[r>>4&15]+HEX_CHARS[15&r]+HEX_CHARS[n>>28&15]+HEX_CHARS[n>>24&15]+HEX_CHARS[n>>20&15]+HEX_CHARS[n>>16&15]+HEX_CHARS[n>>12&15]+HEX_CHARS[n>>8&15]+HEX_CHARS[n>>4&15]+HEX_CHARS[15&n]+HEX_CHARS[o>>28&15]+HEX_CHARS[o>>24&15]+HEX_CHARS[o>>20&15]+HEX_CHARS[o>>16&15]+HEX_CHARS[o>>12&15]+HEX_CHARS[o>>8&15]+HEX_CHARS[o>>4&15]+HEX_CHARS[15&o]+HEX_CHARS[i>>28&15]+HEX_CHARS[i>>24&15]+HEX_CHARS[i>>20&15]+HEX_CHARS[i>>16&15]+HEX_CHARS[i>>12&15]+HEX_CHARS[i>>8&15]+HEX_CHARS[i>>4&15]+HEX_CHARS[15&i]+HEX_CHARS[s>>28&15]+HEX_CHARS[s>>24&15]+HEX_CHARS[s>>20&15]+HEX_CHARS[s>>16&15]+HEX_CHARS[s>>12&15]+HEX_CHARS[s>>8&15]+HEX_CHARS[s>>4&15]+HEX_CHARS[15&s];return this.is224||(c+=HEX_CHARS[a>>28&15]+HEX_CHARS[a>>24&15]+HEX_CHARS[a>>20&15]+HEX_CHARS[a>>16&15]+HEX_CHARS[a>>12&15]+HEX_CHARS[a>>8&15]+HEX_CHARS[a>>4&15]+HEX_CHARS[15&a]),c},Sha256.prototype.toString=Sha256.prototype.hex,Sha256.prototype.digest=function(){this.finalize();var e=this.h0,t=this.h1,r=this.h2,n=this.h3,o=this.h4,i=this.h5,s=this.h6,a=this.h7,c=[e>>24&255,e>>16&255,e>>8&255,255&e,t>>24&255,t>>16&255,t>>8&255,255&t,r>>24&255,r>>16&255,r>>8&255,255&r,n>>24&255,n>>16&255,n>>8&255,255&n,o>>24&255,o>>16&255,o>>8&255,255&o,i>>24&255,i>>16&255,i>>8&255,255&i,s>>24&255,s>>16&255,s>>8&255,255&s];return this.is224||c.push(a>>24&255,a>>16&255,a>>8&255,255&a),c},Sha256.prototype.array=Sha256.prototype.digest,Sha256.prototype.arrayBuffer=function(){this.finalize();var e=new ArrayBuffer(this.is224?28:32),t=new DataView(e);return t.setUint32(0,this.h0),t.setUint32(4,this.h1),t.setUint32(8,this.h2),t.setUint32(12,this.h3),t.setUint32(16,this.h4),t.setUint32(20,this.h5),t.setUint32(24,this.h6),this.is224||t.setUint32(28,this.h7),e},HmacSha256.prototype=new Sha256,HmacSha256.prototype.finalize=function(){if(Sha256.prototype.finalize.call(this),this.inner){this.inner=!1;var e=this.array();Sha256.call(this,this.is224,this.sharedMemory),this.update(this.oKeyPad),this.update(e),Sha256.prototype.finalize.call(this)}};var exports=createMethod();exports.sha256=exports,exports.sha224=createMethod(!0),exports.sha256.hmac=createHmacMethod(),exports.sha224.hmac=createHmacMethod(!0),COMMON_JS?module.exports=exports:(root.sha256=exports.sha256,root.sha224=exports.sha224)})()}(sha256),void 0===es6Promise_min.exports.Promise)throw Error("Keycloak requires an environment that supports Promises. Make sure that you include the appropriate polyfill.");var loggedPromiseDeprecation=!1;function logPromiseDeprecation(){loggedPromiseDeprecation||(loggedPromiseDeprecation=!0,console.warn("[KEYCLOAK] Usage of legacy style promise methods such as `.error()` and `.success()` has been deprecated and support will be removed in future versions. Use standard style promise methods such as `.then() and `.catch()` instead."))}function Keycloak(e){if(!(this instanceof Keycloak))return new Keycloak(e);for(var t,r,n=this,o=[],i={enable:!0,callbackList:[],interval:5},s=document.getElementsByTagName("script"),a=0;a<s.length;a++)-1===s[a].src.indexOf("keycloak.js")&&-1===s[a].src.indexOf("keycloak.min.js")||-1===s[a].src.indexOf("version=")||(n.iframeVersion=s[a].src.substring(s[a].src.indexOf("version=")+8).split("&")[0]);var c=!0,u=C(console.info),l=C(console.warn);function h(e,t){for(var r=function(e){var t=null,r=window.crypto||window.msCrypto;if(r&&r.getRandomValues&&window.Uint8Array)return t=new Uint8Array(e),r.getRandomValues(t),t;t=new Array(e);for(var n=0;n<t.length;n++)t[n]=Math.floor(256*Math.random());return t}(e),n=new Array(e),o=0;o<e;o++)n[o]=t.charCodeAt(r[o]%t.length);return String.fromCharCode.apply(null,n)}function d(){return void 0!==n.authServerUrl?"/"==n.authServerUrl.charAt(n.authServerUrl.length-1)?n.authServerUrl+"realms/"+encodeURIComponent(n.realm):n.authServerUrl+"/realms/"+encodeURIComponent(n.realm):void 0}function f(e,t){var r=e.code,o=e.error,i=e.prompt,s=(new Date).getTime();if(e.kc_action_status&&n.onActionUpdate&&n.onActionUpdate(e.kc_action_status),o)if("none"!=i){var a={error:o,error_description:e.error_description};n.onAuthError&&n.onAuthError(a),t&&t.setError(a)}else t&&t.setSuccess();else if("standard"!=n.flow&&(e.access_token||e.id_token)&&f(e.access_token,null,e.id_token,!0),"implicit"!=n.flow&&r){var l="code="+r+"&grant_type=authorization_code",h=n.endpoints.token(),d=new XMLHttpRequest;d.open("POST",h,!0),d.setRequestHeader("Content-type","application/x-www-form-urlencoded"),l+="&client_id="+encodeURIComponent(n.clientId),l+="&redirect_uri="+e.redirectUri,e.pkceCodeVerifier&&(l+="&code_verifier="+e.pkceCodeVerifier),d.withCredentials=!0,d.onreadystatechange=function(){if(4==d.readyState)if(200==d.status){var e=JSON.parse(d.responseText);f(e.access_token,e.refresh_token,e.id_token,"standard"===n.flow),S()}else n.onAuthError&&n.onAuthError(),t&&t.setError()},d.send(l)}function f(r,o,i,a){m(r,o,i,s=(s+(new Date).getTime())/2),c&&(n.tokenParsed&&n.tokenParsed.nonce!=e.storedNonce||n.refreshTokenParsed&&n.refreshTokenParsed.nonce!=e.storedNonce||n.idTokenParsed&&n.idTokenParsed.nonce!=e.storedNonce)?(u("[KEYCLOAK] Invalid nonce, clearing token"),n.clearToken(),t&&t.setError()):a&&(n.onAuthSuccess&&n.onAuthSuccess(),t&&t.setSuccess())}}function p(e){return 0==e.status&&e.responseText&&e.responseURL.startsWith("file:")}function m(e,t,r,o){if(n.tokenTimeoutHandle&&(clearTimeout(n.tokenTimeoutHandle),n.tokenTimeoutHandle=null),t?(n.refreshToken=t,n.refreshTokenParsed=v(t)):(delete n.refreshToken,delete n.refreshTokenParsed),r?(n.idToken=r,n.idTokenParsed=v(r)):(delete n.idToken,delete n.idTokenParsed),e){if(n.token=e,n.tokenParsed=v(e),n.sessionId=n.tokenParsed.session_state,n.authenticated=!0,n.subject=n.tokenParsed.sub,n.realmAccess=n.tokenParsed.realm_access,n.resourceAccess=n.tokenParsed.resource_access,o&&(n.timeSkew=Math.floor(o/1e3)-n.tokenParsed.iat),null!=n.timeSkew&&(u("[KEYCLOAK] Estimated time difference between browser and server is "+n.timeSkew+" seconds"),n.onTokenExpired)){var i=1e3*(n.tokenParsed.exp-(new Date).getTime()/1e3+n.timeSkew);u("[KEYCLOAK] Token expires in "+Math.round(i/1e3)+" s"),i<=0?n.onTokenExpired():n.tokenTimeoutHandle=setTimeout(n.onTokenExpired,i)}}else delete n.token,delete n.tokenParsed,delete n.subject,delete n.realmAccess,delete n.resourceAccess,n.authenticated=!1}function v(e){switch((e=(e=(e=e.split(".")[1]).replace(/-/g,"+")).replace(/_/g,"/")).length%4){case 0:break;case 2:e+="==";break;case 3:e+="=";break;default:throw"Invalid token"}return e=decodeURIComponent(escape(atob(e))),e=JSON.parse(e)}function k(){var e="0123456789abcdef",t=h(36,e).split("");return t[14]="4",t[19]=e.substr(3&t[19]|8,1),t[8]=t[13]=t[18]=t[23]="-",t.join("")}function g(e){var t=function(e){var t;switch(n.flow){case"standard":t=["code","state","session_state","kc_action_status"];break;case"implicit":t=["access_token","token_type","id_token","state","session_state","expires_in","kc_action_status"];break;case"hybrid":t=["access_token","token_type","id_token","code","state","session_state","expires_in","kc_action_status"]}t.push("error"),t.push("error_description"),t.push("error_uri");var r,o,i=e.indexOf("?"),s=e.indexOf("#");"query"===n.responseMode&&-1!==i?(r=e.substring(0,i),""!==(o=y(e.substring(i+1,-1!==s?s:e.length),t)).paramsString&&(r+="?"+o.paramsString),-1!==s&&(r+=e.substring(s))):"fragment"===n.responseMode&&-1!==s&&(r=e.substring(0,s),""!==(o=y(e.substring(s+1),t)).paramsString&&(r+="#"+o.paramsString));if(o&&o.oauthParams)if("standard"===n.flow||"hybrid"===n.flow){if((o.oauthParams.code||o.oauthParams.error)&&o.oauthParams.state)return o.oauthParams.newUrl=r,o.oauthParams}else if("implicit"===n.flow&&(o.oauthParams.access_token||o.oauthParams.error)&&o.oauthParams.state)return o.oauthParams.newUrl=r,o.oauthParams}(e);if(t){var o=r.get(t.state);return o&&(t.valid=!0,t.redirectUri=o.redirectUri,t.storedNonce=o.nonce,t.prompt=o.prompt,t.pkceCodeVerifier=o.pkceCodeVerifier),t}}function y(e,t){for(var r=e.split("&"),n={paramsString:"",oauthParams:{}},o=0;o<r.length;o++){var i=r[o].indexOf("="),s=r[o].slice(0,i);-1!==t.indexOf(s)?n.oauthParams[s]=r[o].slice(i+1):(""!==n.paramsString&&(n.paramsString+="&"),n.paramsString+=r[o])}return n}function _(){var e={setSuccess:function(t){e.resolve(t)},setError:function(t){e.reject(t)}};return e.promise=new es6Promise_min.exports.Promise((function(t,r){e.resolve=t,e.reject=r})),e.promise.success=function(e){return logPromiseDeprecation(),this.then((function(t){e(t)})),this},e.promise.error=function(e){return logPromiseDeprecation(),this.catch((function(t){e(t)})),this},e}function w(){var e=_();if(!i.enable)return e.setSuccess(),e.promise;if(i.iframe)return e.setSuccess(),e.promise;var t=document.createElement("iframe");i.iframe=t,t.onload=function(){var t=n.endpoints.authorize();"/"===t.charAt(0)?i.iframeOrigin=window.location.origin?window.location.origin:window.location.protocol+"//"+window.location.hostname+(window.location.port?":"+window.location.port:""):i.iframeOrigin=t.substring(0,t.indexOf("/",8)),e.setSuccess()};var r=n.endpoints.checkSessionIframe();t.setAttribute("src",r),t.setAttribute("title","keycloak-session-iframe"),t.style.display="none",document.body.appendChild(t);return window.addEventListener("message",(function(e){if(e.origin===i.iframeOrigin&&i.iframe.contentWindow===e.source&&("unchanged"==e.data||"changed"==e.data||"error"==e.data)){"unchanged"!=e.data&&n.clearToken();for(var t=i.callbackList.splice(0,i.callbackList.length),r=t.length-1;r>=0;--r){var o=t[r];"error"==e.data?o.setError():o.setSuccess("unchanged"==e.data)}}}),!1),e.promise}function S(){i.enable&&n.token&&setTimeout((function(){b().then((function(e){e&&S()}))}),1e3*i.interval)}function b(){var e=_();if(i.iframe&&i.iframeOrigin){var t=n.clientId+" "+(n.sessionId?n.sessionId:"");i.callbackList.push(e);var r=i.iframeOrigin;1==i.callbackList.length&&i.iframe.contentWindow.postMessage(t,r)}else e.setSuccess();return e.promise}function A(){var e=_();if(i.enable||n.silentCheckSsoRedirectUri){var t=document.createElement("iframe");t.setAttribute("src",n.endpoints.thirdPartyCookiesIframe()),t.setAttribute("title","keycloak-3p-check-iframe"),t.style.display="none",document.body.appendChild(t);var r=function(o){t.contentWindow===o.source&&("supported"!==o.data&&"unsupported"!==o.data||("unsupported"===o.data&&(i.enable=!1,n.silentCheckSsoFallback&&(n.silentCheckSsoRedirectUri=!1),l("[KEYCLOAK] 3rd party cookies aren't supported by this browser. checkLoginIframe and silent check-sso are not available.")),document.body.removeChild(t),window.removeEventListener("message",r),e.setSuccess()))};window.addEventListener("message",r,!1)}else e.setSuccess();return function(e,t,r){var n=null,o=new es6Promise_min.exports.Promise((function(e,o){n=setTimeout((function(){o({error:r||"Promise is not settled within timeout of "+t+"ms"})}),t)}));return es6Promise_min.exports.Promise.race([e,o]).finally((function(){clearTimeout(n)}))}(e.promise,n.messageReceiveTimeout,"Timeout when waiting for 3rd party check iframe message.")}function R(e){if(!e||"default"==e)return{login:function(e){return window.location.replace(n.createLoginUrl(e)),_().promise},logout:function(e){return window.location.replace(n.createLogoutUrl(e)),_().promise},register:function(e){return window.location.replace(n.createRegisterUrl(e)),_().promise},accountManagement:function(){var e=n.createAccountUrl();if(void 0===e)throw"Not supported by the OIDC server";return window.location.href=e,_().promise},redirectUri:function(e,t){return e&&e.redirectUri?e.redirectUri:n.redirectUri?n.redirectUri:location.href}};if("cordova"==e){i.enable=!1;var t=function(e,t,r){return window.cordova&&window.cordova.InAppBrowser?window.cordova.InAppBrowser.open(e,t,r):window.open(e,t,r)},r=function(e){var t=function(e){return e&&e.cordovaOptions?Object.keys(e.cordovaOptions).reduce((function(t,r){return t[r]=e.cordovaOptions[r],t}),{}):{}}(e);return t.location="no",e&&"none"==e.prompt&&(t.hidden="yes"),function(e){return Object.keys(e).reduce((function(t,r){return t.push(r+"="+e[r]),t}),[]).join(",")}(t)};return{login:function(e){var o=_(),i=r(e),s=n.createLoginUrl(e),a=t(s,"_blank",i),c=!1,u=!1,l=function(){u=!0,a.close()};return a.addEventListener("loadstart",(function(e){0==e.url.indexOf("http://localhost")&&(f(g(e.url),o),l(),c=!0)})),a.addEventListener("loaderror",(function(e){c||(0==e.url.indexOf("http://localhost")?(f(g(e.url),o),l(),c=!0):(o.setError(),l()))})),a.addEventListener("exit",(function(e){u||o.setError({reason:"closed_by_user"})})),o.promise},logout:function(e){var r,o=_(),i=n.createLogoutUrl(e),s=t(i,"_blank","location=no,hidden=yes,clearcache=yes");return s.addEventListener("loadstart",(function(e){0==e.url.indexOf("http://localhost")&&s.close()})),s.addEventListener("loaderror",(function(e){0==e.url.indexOf("http://localhost")||(r=!0),s.close()})),s.addEventListener("exit",(function(e){r?o.setError():(n.clearToken(),o.setSuccess())})),o.promise},register:function(e){var o=_(),i=n.createRegisterUrl(),s=r(e),a=t(i,"_blank",s);return a.addEventListener("loadstart",(function(e){0==e.url.indexOf("http://localhost")&&(a.close(),f(g(e.url),o))})),o.promise},accountManagement:function(){var e=n.createAccountUrl();if(void 0===e)throw"Not supported by the OIDC server";var r=t(e,"_blank","location=no");r.addEventListener("loadstart",(function(e){0==e.url.indexOf("http://localhost")&&r.close()}))},redirectUri:function(e){return"http://localhost"}}}if("cordova-native"==e)return i.enable=!1,{login:function(e){var t=_(),r=n.createLoginUrl(e);return universalLinks.subscribe("keycloak",(function(e){universalLinks.unsubscribe("keycloak"),window.cordova.plugins.browsertab.close(),f(g(e.url),t)})),window.cordova.plugins.browsertab.openUrl(r),t.promise},logout:function(e){var t=_(),r=n.createLogoutUrl(e);return universalLinks.subscribe("keycloak",(function(e){universalLinks.unsubscribe("keycloak"),window.cordova.plugins.browsertab.close(),n.clearToken(),t.setSuccess()})),window.cordova.plugins.browsertab.openUrl(r),t.promise},register:function(e){var t=_(),r=n.createRegisterUrl(e);return universalLinks.subscribe("keycloak",(function(e){universalLinks.unsubscribe("keycloak"),window.cordova.plugins.browsertab.close(),f(g(e.url),t)})),window.cordova.plugins.browsertab.openUrl(r),t.promise},accountManagement:function(){var e=n.createAccountUrl();if(void 0===e)throw"Not supported by the OIDC server";window.cordova.plugins.browsertab.openUrl(e)},redirectUri:function(e){return e&&e.redirectUri?e.redirectUri:n.redirectUri?n.redirectUri:"http://localhost"}};throw"invalid adapter type: "+e}n.init=function(o){n.authenticated=!1,r=function(){try{return new E}catch(e){}return new H}();if(t=o&&["default","cordova","cordova-native"].indexOf(o.adapter)>-1?R(o.adapter):o&&"object"==typeof o.adapter?o.adapter:window.Cordova||window.cordova?R("cordova"):R(),o){if(void 0!==o.useNonce&&(c=o.useNonce),void 0!==o.checkLoginIframe&&(i.enable=o.checkLoginIframe),o.checkLoginIframeInterval&&(i.interval=o.checkLoginIframeInterval),"login-required"===o.onLoad&&(n.loginRequired=!0),o.responseMode){if("query"!==o.responseMode&&"fragment"!==o.responseMode)throw"Invalid value for responseMode";n.responseMode=o.responseMode}if(o.flow){switch(o.flow){case"standard":n.responseType="code";break;case"implicit":n.responseType="id_token token";break;case"hybrid":n.responseType="code id_token token";break;default:throw"Invalid value for flow"}n.flow=o.flow}if(null!=o.timeSkew&&(n.timeSkew=o.timeSkew),o.redirectUri&&(n.redirectUri=o.redirectUri),o.silentCheckSsoRedirectUri&&(n.silentCheckSsoRedirectUri=o.silentCheckSsoRedirectUri),"boolean"==typeof o.silentCheckSsoFallback?n.silentCheckSsoFallback=o.silentCheckSsoFallback:n.silentCheckSsoFallback=!0,o.pkceMethod){if("S256"!==o.pkceMethod)throw"Invalid value for pkceMethod";n.pkceMethod=o.pkceMethod}"boolean"==typeof o.enableLogging?n.enableLogging=o.enableLogging:n.enableLogging=!1,"string"==typeof o.scope&&(n.scope=o.scope),"number"==typeof o.messageReceiveTimeout&&o.messageReceiveTimeout>0?n.messageReceiveTimeout=o.messageReceiveTimeout:n.messageReceiveTimeout=1e4}n.responseMode||(n.responseMode="fragment"),n.responseType||(n.responseType="code",n.flow="standard");var s=_(),a=_();a.promise.then((function(){n.onReady&&n.onReady(n.authenticated),s.setSuccess(n.authenticated)})).catch((function(e){s.setError(e)}));var u=function(t){var r,o=_();e?"string"==typeof e&&(r=e):r="keycloak.json";function i(e){n.endpoints=e?{authorize:function(){return e.authorization_endpoint},token:function(){return e.token_endpoint},logout:function(){if(!e.end_session_endpoint)throw"Not supported by the OIDC server";return e.end_session_endpoint},checkSessionIframe:function(){if(!e.check_session_iframe)throw"Not supported by the OIDC server";return e.check_session_iframe},register:function(){throw'Redirection to "Register user" page not supported in standard OIDC mode'},userinfo:function(){if(!e.userinfo_endpoint)throw"Not supported by the OIDC server";return e.userinfo_endpoint}}:{authorize:function(){return d()+"/protocol/openid-connect/auth"},token:function(){return d()+"/protocol/openid-connect/token"},logout:function(){return d()+"/protocol/openid-connect/logout"},checkSessionIframe:function(){var e=d()+"/protocol/openid-connect/login-status-iframe.html";return n.iframeVersion&&(e=e+"?version="+n.iframeVersion),e},thirdPartyCookiesIframe:function(){var e=d()+"/protocol/openid-connect/3p-cookies/step1.html";return n.iframeVersion&&(e=e+"?version="+n.iframeVersion),e},register:function(){return d()+"/protocol/openid-connect/registrations"},userinfo:function(){return d()+"/protocol/openid-connect/userinfo"}}}if(r){(c=new XMLHttpRequest).open("GET",r,!0),c.setRequestHeader("Accept","application/json"),c.onreadystatechange=function(){if(4==c.readyState)if(200==c.status||p(c)){var e=JSON.parse(c.responseText);n.authServerUrl=e["auth-server-url"],n.realm=e.realm,n.clientId=e.resource,i(null),o.setSuccess()}else o.setError()},c.send()}else{if(!e.clientId)throw"clientId missing";n.clientId=e.clientId;var s=e.oidcProvider;if(s){var a,c;if("string"==typeof s)a="/"==s.charAt(s.length-1)?s+".well-known/openid-configuration":s+"/.well-known/openid-configuration",(c=new XMLHttpRequest).open("GET",a,!0),c.setRequestHeader("Accept","application/json"),c.onreadystatechange=function(){4==c.readyState&&(200==c.status||p(c)?(i(JSON.parse(c.responseText)),o.setSuccess()):o.setError())},c.send();else i(s),o.setSuccess()}else{if(!e.url)for(var u=document.getElementsByTagName("script"),l=0;l<u.length;l++)if(u[l].src.match(/.*keycloak\.js/)){e.url=u[l].src.substr(0,u[l].src.indexOf("/js/keycloak.js"));break}if(!e.realm)throw"realm missing";n.authServerUrl=e.url,n.realm=e.realm,i(null),o.setSuccess()}}return o.promise}();function l(){var e=function(e){e||(r.prompt="none"),n.login(r).then((function(){a.setSuccess()})).catch((function(e){a.setError(e)}))},t=function(){var e=document.createElement("iframe"),t=n.createLoginUrl({prompt:"none",redirectUri:n.silentCheckSsoRedirectUri});e.setAttribute("src",t),e.setAttribute("title","keycloak-silent-check-sso"),e.style.display="none",document.body.appendChild(e);var r=function(t){t.origin===window.location.origin&&e.contentWindow===t.source&&(f(g(t.data),a),document.body.removeChild(e),window.removeEventListener("message",r))};window.addEventListener("message",r)},r={};switch(o.onLoad){case"check-sso":i.enable?w().then((function(){b().then((function(r){r?a.setSuccess():n.silentCheckSsoRedirectUri?t():e(!1)})).catch((function(e){a.setError(e)}))})):n.silentCheckSsoRedirectUri?t():e(!1);break;case"login-required":e(!0);break;default:throw"Invalid value for onLoad"}}function h(){var e=g(window.location.href);if(e&&window.history.replaceState(window.history.state,null,e.newUrl),e&&e.valid)return w().then((function(){f(e,a)})).catch((function(e){a.setError(e)}));o?o.token&&o.refreshToken?(m(o.token,o.refreshToken,o.idToken),i.enable?w().then((function(){b().then((function(e){e?(n.onAuthSuccess&&n.onAuthSuccess(),a.setSuccess(),S()):a.setSuccess()})).catch((function(e){a.setError(e)}))})):n.updateToken(-1).then((function(){n.onAuthSuccess&&n.onAuthSuccess(),a.setSuccess()})).catch((function(e){n.onAuthError&&n.onAuthError(),o.onLoad?l():a.setError(e)}))):o.onLoad?l():a.setSuccess():a.setSuccess()}return u.then((function(){(function(){var e=_(),t=function(){"interactive"!==document.readyState&&"complete"!==document.readyState||(document.removeEventListener("readystatechange",t),e.setSuccess())};return document.addEventListener("readystatechange",t),t(),e.promise})().then(A).then(h).catch((function(e){s.setError(e)}))})),u.catch((function(e){s.setError(e)})),s.promise},n.login=function(e){return t.login(e)},n.createLoginUrl=function(e){var o,i=k(),s=k(),a=t.redirectUri(e),u={state:i,nonce:s,redirectUri:encodeURIComponent(a)};e&&e.prompt&&(u.prompt=e.prompt),o=e&&"register"==e.action?n.endpoints.register():n.endpoints.authorize();var l=e&&e.scope||n.scope;l?-1===l.indexOf("openid")&&(l="openid "+l):l="openid";var d=o+"?client_id="+encodeURIComponent(n.clientId)+"&redirect_uri="+encodeURIComponent(a)+"&state="+encodeURIComponent(i)+"&response_mode="+encodeURIComponent(n.responseMode)+"&response_type="+encodeURIComponent(n.responseType)+"&scope="+encodeURIComponent(l);if(c&&(d=d+"&nonce="+encodeURIComponent(s)),e&&e.prompt&&(d+="&prompt="+encodeURIComponent(e.prompt)),e&&e.maxAge&&(d+="&max_age="+encodeURIComponent(e.maxAge)),e&&e.loginHint&&(d+="&login_hint="+encodeURIComponent(e.loginHint)),e&&e.idpHint&&(d+="&kc_idp_hint="+encodeURIComponent(e.idpHint)),e&&e.action&&"register"!=e.action&&(d+="&kc_action="+encodeURIComponent(e.action)),e&&e.locale&&(d+="&ui_locales="+encodeURIComponent(e.locale)),n.pkceMethod){var f=function(e){return h(e,"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789")}(96);u.pkceCodeVerifier=f;var p=function(e,t){if("S256"===e){var r=new Uint8Array(sha256.exports.sha256.arrayBuffer(t));return base64Js.fromByteArray(r).replace(/\+/g,"-").replace(/\//g,"_").replace(/\=/g,"")}throw"Invalid value for pkceMethod"}(n.pkceMethod,f);d+="&code_challenge="+p,d+="&code_challenge_method="+n.pkceMethod}return r.add(u),d},n.logout=function(e){return t.logout(e)},n.createLogoutUrl=function(e){return n.endpoints.logout()+"?redirect_uri="+encodeURIComponent(t.redirectUri(e,!1))},n.register=function(e){return t.register(e)},n.createRegisterUrl=function(e){return e||(e={}),e.action="register",n.createLoginUrl(e)},n.createAccountUrl=function(e){var r=d(),o=void 0;return void 0!==r&&(o=r+"/account?referrer="+encodeURIComponent(n.clientId)+"&referrer_uri="+encodeURIComponent(t.redirectUri(e))),o},n.accountManagement=function(){return t.accountManagement()},n.hasRealmRole=function(e){var t=n.realmAccess;return!!t&&t.roles.indexOf(e)>=0},n.hasResourceRole=function(e,t){if(!n.resourceAccess)return!1;var r=n.resourceAccess[t||n.clientId];return!!r&&r.roles.indexOf(e)>=0},n.loadUserProfile=function(){var e=d()+"/account",t=new XMLHttpRequest;t.open("GET",e,!0),t.setRequestHeader("Accept","application/json"),t.setRequestHeader("Authorization","bearer "+n.token);var r=_();return t.onreadystatechange=function(){4==t.readyState&&(200==t.status?(n.profile=JSON.parse(t.responseText),r.setSuccess(n.profile)):r.setError())},t.send(),r.promise},n.loadUserInfo=function(){var e=n.endpoints.userinfo(),t=new XMLHttpRequest;t.open("GET",e,!0),t.setRequestHeader("Accept","application/json"),t.setRequestHeader("Authorization","bearer "+n.token);var r=_();return t.onreadystatechange=function(){4==t.readyState&&(200==t.status?(n.userInfo=JSON.parse(t.responseText),r.setSuccess(n.userInfo)):r.setError())},t.send(),r.promise},n.isTokenExpired=function(e){if(!n.tokenParsed||!n.refreshToken&&"implicit"!=n.flow)throw"Not authenticated";if(null==n.timeSkew)return u("[KEYCLOAK] Unable to determine if token is expired as timeskew is not set"),!0;var t=n.tokenParsed.exp-Math.ceil((new Date).getTime()/1e3)+n.timeSkew;if(e){if(isNaN(e))throw"Invalid minValidity";t-=e}return t<0},n.updateToken=function(e){var t=_();if(!n.refreshToken)return t.setError(),t.promise;e=e||5;var r=function(){var r=!1;if(-1==e?(r=!0,u("[KEYCLOAK] Refreshing token: forced refresh")):n.tokenParsed&&!n.isTokenExpired(e)||(r=!0,u("[KEYCLOAK] Refreshing token: token expired")),r){var i="grant_type=refresh_token&refresh_token="+n.refreshToken,s=n.endpoints.token();if(o.push(t),1==o.length){var a=new XMLHttpRequest;a.open("POST",s,!0),a.setRequestHeader("Content-type","application/x-www-form-urlencoded"),a.withCredentials=!0,i+="&client_id="+encodeURIComponent(n.clientId);var c=(new Date).getTime();a.onreadystatechange=function(){if(4==a.readyState)if(200==a.status){u("[KEYCLOAK] Token refreshed"),c=(c+(new Date).getTime())/2;var e=JSON.parse(a.responseText);m(e.access_token,e.refresh_token,e.id_token,c),n.onAuthRefreshSuccess&&n.onAuthRefreshSuccess();for(var t=o.pop();null!=t;t=o.pop())t.setSuccess(!0)}else{l("[KEYCLOAK] Failed to refresh token"),400==a.status&&n.clearToken(),n.onAuthRefreshError&&n.onAuthRefreshError();for(t=o.pop();null!=t;t=o.pop())t.setError(!0)}},a.send(i)}}else t.setSuccess(!1)};i.enable?b().then((function(){r()})).catch((function(e){t.setError(e)})):r();return t.promise},n.clearToken=function(){n.token&&(m(null,null,null),n.onAuthLogout&&n.onAuthLogout(),n.loginRequired&&n.login())};var E=function(){if(!(this instanceof E))return new E;localStorage.setItem("kc-test","test"),localStorage.removeItem("kc-test");function e(){for(var e=(new Date).getTime(),t=0;t<localStorage.length;t++){var r=localStorage.key(t);if(r&&0==r.indexOf("kc-callback-")){var n=localStorage.getItem(r);if(n)try{var o=JSON.parse(n).expires;(!o||o<e)&&localStorage.removeItem(r)}catch(e){localStorage.removeItem(r)}}}}this.get=function(t){if(t){var r="kc-callback-"+t,n=localStorage.getItem(r);return n&&(localStorage.removeItem(r),n=JSON.parse(n)),e(),n}},this.add=function(t){e();var r="kc-callback-"+t.state;t.expires=(new Date).getTime()+36e5,localStorage.setItem(r,JSON.stringify(t))}},H=function(){if(!(this instanceof H))return new H;var e=this;e.get=function(e){if(e){var o=r("kc-callback-"+e);return n("kc-callback-"+e,"",t(-100)),o?JSON.parse(o):void 0}},e.add=function(e){n("kc-callback-"+e.state,JSON.stringify(e),t(60))},e.removeItem=function(e){n(e,"",t(-100))};var t=function(e){var t=new Date;return t.setTime(t.getTime()+60*e*1e3),t},r=function(e){for(var t=e+"=",r=document.cookie.split(";"),n=0;n<r.length;n++){for(var o=r[n];" "==o.charAt(0);)o=o.substring(1);if(0==o.indexOf(t))return o.substring(t.length,o.length)}return""},n=function(e,t,r){var n=e+"="+t+"; expires="+r.toUTCString()+"; ";document.cookie=n}};function C(e){return function(){n.enableLogging&&e.apply(console,Array.prototype.slice.call(arguments))}}}return Keycloak})); | ||
| */(function(module){(function(){var ERROR="input is invalid type",WINDOW="object"==typeof window,root=WINDOW?window:{};root.JS_SHA256_NO_WINDOW&&(WINDOW=!1);var WEB_WORKER=!WINDOW&&"object"==typeof self,NODE_JS=!root.JS_SHA256_NO_NODE_JS&&"object"==typeof process&&process.versions&&process.versions.node;NODE_JS?root=commonjsGlobal:WEB_WORKER&&(root=self);var COMMON_JS=!root.JS_SHA256_NO_COMMON_JS&&module.exports,ARRAY_BUFFER=!root.JS_SHA256_NO_ARRAY_BUFFER&&"undefined"!=typeof ArrayBuffer,HEX_CHARS="0123456789abcdef".split(""),EXTRA=[-2147483648,8388608,32768,128],SHIFT=[24,16,8,0],K=[1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298],OUTPUT_TYPES=["hex","array","digest","arrayBuffer"],blocks=[];!root.JS_SHA256_NO_NODE_JS&&Array.isArray||(Array.isArray=function(e){return"[object Array]"===Object.prototype.toString.call(e)}),!ARRAY_BUFFER||!root.JS_SHA256_NO_ARRAY_BUFFER_IS_VIEW&&ArrayBuffer.isView||(ArrayBuffer.isView=function(e){return"object"==typeof e&&e.buffer&&e.buffer.constructor===ArrayBuffer});var createOutputMethod=function(e,t){return function(r){return new Sha256(t,!0).update(r)[e]()}},createMethod=function(e){var t=createOutputMethod("hex",e);NODE_JS&&(t=nodeWrap(t,e)),t.create=function(){return new Sha256(e)},t.update=function(e){return t.create().update(e)};for(var r=0;r<OUTPUT_TYPES.length;++r){var n=OUTPUT_TYPES[r];t[n]=createOutputMethod(n,e)}return t},nodeWrap=function(method,is224){var crypto=eval("require('crypto')"),Buffer=eval("require('buffer').Buffer"),algorithm=is224?"sha224":"sha256",nodeMethod=function(e){if("string"==typeof e)return crypto.createHash(algorithm).update(e,"utf8").digest("hex");if(null==e)throw new Error(ERROR);return e.constructor===ArrayBuffer&&(e=new Uint8Array(e)),Array.isArray(e)||ArrayBuffer.isView(e)||e.constructor===Buffer?crypto.createHash(algorithm).update(new Buffer(e)).digest("hex"):method(e)};return nodeMethod},createHmacOutputMethod=function(e,t){return function(r,n){return new HmacSha256(r,t,!0).update(n)[e]()}},createHmacMethod=function(e){var t=createHmacOutputMethod("hex",e);t.create=function(t){return new HmacSha256(t,e)},t.update=function(e,r){return t.create(e).update(r)};for(var r=0;r<OUTPUT_TYPES.length;++r){var n=OUTPUT_TYPES[r];t[n]=createHmacOutputMethod(n,e)}return t};function Sha256(e,t){t?(blocks[0]=blocks[16]=blocks[1]=blocks[2]=blocks[3]=blocks[4]=blocks[5]=blocks[6]=blocks[7]=blocks[8]=blocks[9]=blocks[10]=blocks[11]=blocks[12]=blocks[13]=blocks[14]=blocks[15]=0,this.blocks=blocks):this.blocks=[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],e?(this.h0=3238371032,this.h1=914150663,this.h2=812702999,this.h3=4144912697,this.h4=4290775857,this.h5=1750603025,this.h6=1694076839,this.h7=3204075428):(this.h0=1779033703,this.h1=3144134277,this.h2=1013904242,this.h3=2773480762,this.h4=1359893119,this.h5=2600822924,this.h6=528734635,this.h7=1541459225),this.block=this.start=this.bytes=this.hBytes=0,this.finalized=this.hashed=!1,this.first=!0,this.is224=e}function HmacSha256(e,t,r){var n,o=typeof e;if("string"===o){var i,s=[],a=e.length,c=0;for(n=0;n<a;++n)(i=e.charCodeAt(n))<128?s[c++]=i:i<2048?(s[c++]=192|i>>6,s[c++]=128|63&i):i<55296||i>=57344?(s[c++]=224|i>>12,s[c++]=128|i>>6&63,s[c++]=128|63&i):(i=65536+((1023&i)<<10|1023&e.charCodeAt(++n)),s[c++]=240|i>>18,s[c++]=128|i>>12&63,s[c++]=128|i>>6&63,s[c++]=128|63&i);e=s}else{if("object"!==o)throw new Error(ERROR);if(null===e)throw new Error(ERROR);if(ARRAY_BUFFER&&e.constructor===ArrayBuffer)e=new Uint8Array(e);else if(!(Array.isArray(e)||ARRAY_BUFFER&&ArrayBuffer.isView(e)))throw new Error(ERROR)}e.length>64&&(e=new Sha256(t,!0).update(e).array());var u=[],l=[];for(n=0;n<64;++n){var h=e[n]||0;u[n]=92^h,l[n]=54^h}Sha256.call(this,t,r),this.update(l),this.oKeyPad=u,this.inner=!0,this.sharedMemory=r}Sha256.prototype.update=function(e){if(!this.finalized){var t,r=typeof e;if("string"!==r){if("object"!==r)throw new Error(ERROR);if(null===e)throw new Error(ERROR);if(ARRAY_BUFFER&&e.constructor===ArrayBuffer)e=new Uint8Array(e);else if(!(Array.isArray(e)||ARRAY_BUFFER&&ArrayBuffer.isView(e)))throw new Error(ERROR);t=!0}for(var n,o,i=0,s=e.length,a=this.blocks;i<s;){if(this.hashed&&(this.hashed=!1,a[0]=this.block,a[16]=a[1]=a[2]=a[3]=a[4]=a[5]=a[6]=a[7]=a[8]=a[9]=a[10]=a[11]=a[12]=a[13]=a[14]=a[15]=0),t)for(o=this.start;i<s&&o<64;++i)a[o>>2]|=e[i]<<SHIFT[3&o++];else for(o=this.start;i<s&&o<64;++i)(n=e.charCodeAt(i))<128?a[o>>2]|=n<<SHIFT[3&o++]:n<2048?(a[o>>2]|=(192|n>>6)<<SHIFT[3&o++],a[o>>2]|=(128|63&n)<<SHIFT[3&o++]):n<55296||n>=57344?(a[o>>2]|=(224|n>>12)<<SHIFT[3&o++],a[o>>2]|=(128|n>>6&63)<<SHIFT[3&o++],a[o>>2]|=(128|63&n)<<SHIFT[3&o++]):(n=65536+((1023&n)<<10|1023&e.charCodeAt(++i)),a[o>>2]|=(240|n>>18)<<SHIFT[3&o++],a[o>>2]|=(128|n>>12&63)<<SHIFT[3&o++],a[o>>2]|=(128|n>>6&63)<<SHIFT[3&o++],a[o>>2]|=(128|63&n)<<SHIFT[3&o++]);this.lastByteIndex=o,this.bytes+=o-this.start,o>=64?(this.block=a[16],this.start=o-64,this.hash(),this.hashed=!0):this.start=o}return this.bytes>4294967295&&(this.hBytes+=this.bytes/4294967296<<0,this.bytes=this.bytes%4294967296),this}},Sha256.prototype.finalize=function(){if(!this.finalized){this.finalized=!0;var e=this.blocks,t=this.lastByteIndex;e[16]=this.block,e[t>>2]|=EXTRA[3&t],this.block=e[16],t>=56&&(this.hashed||this.hash(),e[0]=this.block,e[16]=e[1]=e[2]=e[3]=e[4]=e[5]=e[6]=e[7]=e[8]=e[9]=e[10]=e[11]=e[12]=e[13]=e[14]=e[15]=0),e[14]=this.hBytes<<3|this.bytes>>>29,e[15]=this.bytes<<3,this.hash()}},Sha256.prototype.hash=function(){var e,t,r,n,o,i,s,a,c,u=this.h0,l=this.h1,h=this.h2,d=this.h3,f=this.h4,p=this.h5,m=this.h6,v=this.h7,k=this.blocks;for(e=16;e<64;++e)t=((o=k[e-15])>>>7|o<<25)^(o>>>18|o<<14)^o>>>3,r=((o=k[e-2])>>>17|o<<15)^(o>>>19|o<<13)^o>>>10,k[e]=k[e-16]+t+k[e-7]+r<<0;for(c=l&h,e=0;e<64;e+=4)this.first?(this.is224?(i=300032,v=(o=k[0]-1413257819)-150054599<<0,d=o+24177077<<0):(i=704751109,v=(o=k[0]-210244248)-1521486534<<0,d=o+143694565<<0),this.first=!1):(t=(u>>>2|u<<30)^(u>>>13|u<<19)^(u>>>22|u<<10),n=(i=u&l)^u&h^c,v=d+(o=v+(r=(f>>>6|f<<26)^(f>>>11|f<<21)^(f>>>25|f<<7))+(f&p^~f&m)+K[e]+k[e])<<0,d=o+(t+n)<<0),t=(d>>>2|d<<30)^(d>>>13|d<<19)^(d>>>22|d<<10),n=(s=d&u)^d&l^i,m=h+(o=m+(r=(v>>>6|v<<26)^(v>>>11|v<<21)^(v>>>25|v<<7))+(v&f^~v&p)+K[e+1]+k[e+1])<<0,t=((h=o+(t+n)<<0)>>>2|h<<30)^(h>>>13|h<<19)^(h>>>22|h<<10),n=(a=h&d)^h&u^s,p=l+(o=p+(r=(m>>>6|m<<26)^(m>>>11|m<<21)^(m>>>25|m<<7))+(m&v^~m&f)+K[e+2]+k[e+2])<<0,t=((l=o+(t+n)<<0)>>>2|l<<30)^(l>>>13|l<<19)^(l>>>22|l<<10),n=(c=l&h)^l&d^a,f=u+(o=f+(r=(p>>>6|p<<26)^(p>>>11|p<<21)^(p>>>25|p<<7))+(p&m^~p&v)+K[e+3]+k[e+3])<<0,u=o+(t+n)<<0;this.h0=this.h0+u<<0,this.h1=this.h1+l<<0,this.h2=this.h2+h<<0,this.h3=this.h3+d<<0,this.h4=this.h4+f<<0,this.h5=this.h5+p<<0,this.h6=this.h6+m<<0,this.h7=this.h7+v<<0},Sha256.prototype.hex=function(){this.finalize();var e=this.h0,t=this.h1,r=this.h2,n=this.h3,o=this.h4,i=this.h5,s=this.h6,a=this.h7,c=HEX_CHARS[e>>28&15]+HEX_CHARS[e>>24&15]+HEX_CHARS[e>>20&15]+HEX_CHARS[e>>16&15]+HEX_CHARS[e>>12&15]+HEX_CHARS[e>>8&15]+HEX_CHARS[e>>4&15]+HEX_CHARS[15&e]+HEX_CHARS[t>>28&15]+HEX_CHARS[t>>24&15]+HEX_CHARS[t>>20&15]+HEX_CHARS[t>>16&15]+HEX_CHARS[t>>12&15]+HEX_CHARS[t>>8&15]+HEX_CHARS[t>>4&15]+HEX_CHARS[15&t]+HEX_CHARS[r>>28&15]+HEX_CHARS[r>>24&15]+HEX_CHARS[r>>20&15]+HEX_CHARS[r>>16&15]+HEX_CHARS[r>>12&15]+HEX_CHARS[r>>8&15]+HEX_CHARS[r>>4&15]+HEX_CHARS[15&r]+HEX_CHARS[n>>28&15]+HEX_CHARS[n>>24&15]+HEX_CHARS[n>>20&15]+HEX_CHARS[n>>16&15]+HEX_CHARS[n>>12&15]+HEX_CHARS[n>>8&15]+HEX_CHARS[n>>4&15]+HEX_CHARS[15&n]+HEX_CHARS[o>>28&15]+HEX_CHARS[o>>24&15]+HEX_CHARS[o>>20&15]+HEX_CHARS[o>>16&15]+HEX_CHARS[o>>12&15]+HEX_CHARS[o>>8&15]+HEX_CHARS[o>>4&15]+HEX_CHARS[15&o]+HEX_CHARS[i>>28&15]+HEX_CHARS[i>>24&15]+HEX_CHARS[i>>20&15]+HEX_CHARS[i>>16&15]+HEX_CHARS[i>>12&15]+HEX_CHARS[i>>8&15]+HEX_CHARS[i>>4&15]+HEX_CHARS[15&i]+HEX_CHARS[s>>28&15]+HEX_CHARS[s>>24&15]+HEX_CHARS[s>>20&15]+HEX_CHARS[s>>16&15]+HEX_CHARS[s>>12&15]+HEX_CHARS[s>>8&15]+HEX_CHARS[s>>4&15]+HEX_CHARS[15&s];return this.is224||(c+=HEX_CHARS[a>>28&15]+HEX_CHARS[a>>24&15]+HEX_CHARS[a>>20&15]+HEX_CHARS[a>>16&15]+HEX_CHARS[a>>12&15]+HEX_CHARS[a>>8&15]+HEX_CHARS[a>>4&15]+HEX_CHARS[15&a]),c},Sha256.prototype.toString=Sha256.prototype.hex,Sha256.prototype.digest=function(){this.finalize();var e=this.h0,t=this.h1,r=this.h2,n=this.h3,o=this.h4,i=this.h5,s=this.h6,a=this.h7,c=[e>>24&255,e>>16&255,e>>8&255,255&e,t>>24&255,t>>16&255,t>>8&255,255&t,r>>24&255,r>>16&255,r>>8&255,255&r,n>>24&255,n>>16&255,n>>8&255,255&n,o>>24&255,o>>16&255,o>>8&255,255&o,i>>24&255,i>>16&255,i>>8&255,255&i,s>>24&255,s>>16&255,s>>8&255,255&s];return this.is224||c.push(a>>24&255,a>>16&255,a>>8&255,255&a),c},Sha256.prototype.array=Sha256.prototype.digest,Sha256.prototype.arrayBuffer=function(){this.finalize();var e=new ArrayBuffer(this.is224?28:32),t=new DataView(e);return t.setUint32(0,this.h0),t.setUint32(4,this.h1),t.setUint32(8,this.h2),t.setUint32(12,this.h3),t.setUint32(16,this.h4),t.setUint32(20,this.h5),t.setUint32(24,this.h6),this.is224||t.setUint32(28,this.h7),e},HmacSha256.prototype=new Sha256,HmacSha256.prototype.finalize=function(){if(Sha256.prototype.finalize.call(this),this.inner){this.inner=!1;var e=this.array();Sha256.call(this,this.is224,this.sharedMemory),this.update(this.oKeyPad),this.update(e),Sha256.prototype.finalize.call(this)}};var exports=createMethod();exports.sha256=exports,exports.sha224=createMethod(!0),exports.sha256.hmac=createHmacMethod(),exports.sha224.hmac=createHmacMethod(!0),COMMON_JS?module.exports=exports:(root.sha256=exports.sha256,root.sha224=exports.sha224)})()})(sha256$1);var sha256=sha256$1.exports;if(void 0===es6Promise_min.exports.Promise)throw Error("Keycloak requires an environment that supports Promises. Make sure that you include the appropriate polyfill.");var loggedPromiseDeprecation=!1;function logPromiseDeprecation(){loggedPromiseDeprecation||(loggedPromiseDeprecation=!0,console.warn("[KEYCLOAK] Usage of legacy style promise methods such as `.error()` and `.success()` has been deprecated and support will be removed in future versions. Use standard style promise methods such as `.then() and `.catch()` instead."))}function Keycloak(e){if(!(this instanceof Keycloak))return new Keycloak(e);for(var t,r,n=this,o=[],i={enable:!0,callbackList:[],interval:5},s=document.getElementsByTagName("script"),a=0;a<s.length;a++)-1===s[a].src.indexOf("keycloak.js")&&-1===s[a].src.indexOf("keycloak.min.js")||-1===s[a].src.indexOf("version=")||(n.iframeVersion=s[a].src.substring(s[a].src.indexOf("version=")+8).split("&")[0]);var c=!0,u=C(console.info),l=C(console.warn);function h(e,t){for(var r=function(e){var t=null,r=window.crypto||window.msCrypto;if(r&&r.getRandomValues&&window.Uint8Array)return t=new Uint8Array(e),r.getRandomValues(t),t;t=new Array(e);for(var n=0;n<t.length;n++)t[n]=Math.floor(256*Math.random());return t}(e),n=new Array(e),o=0;o<e;o++)n[o]=t.charCodeAt(r[o]%t.length);return String.fromCharCode.apply(null,n)}function d(){return void 0!==n.authServerUrl?"/"==n.authServerUrl.charAt(n.authServerUrl.length-1)?n.authServerUrl+"realms/"+encodeURIComponent(n.realm):n.authServerUrl+"/realms/"+encodeURIComponent(n.realm):void 0}function f(e,t){var r=e.code,o=e.error,i=e.prompt,s=(new Date).getTime();if(e.kc_action_status&&n.onActionUpdate&&n.onActionUpdate(e.kc_action_status),o)if("none"!=i){var a={error:o,error_description:e.error_description};n.onAuthError&&n.onAuthError(a),t&&t.setError(a)}else t&&t.setSuccess();else if("standard"!=n.flow&&(e.access_token||e.id_token)&&f(e.access_token,null,e.id_token,!0),"implicit"!=n.flow&&r){var l="code="+r+"&grant_type=authorization_code",h=n.endpoints.token(),d=new XMLHttpRequest;d.open("POST",h,!0),d.setRequestHeader("Content-type","application/x-www-form-urlencoded"),l+="&client_id="+encodeURIComponent(n.clientId),l+="&redirect_uri="+e.redirectUri,e.pkceCodeVerifier&&(l+="&code_verifier="+e.pkceCodeVerifier),d.withCredentials=!0,d.onreadystatechange=function(){if(4==d.readyState)if(200==d.status){var e=JSON.parse(d.responseText);f(e.access_token,e.refresh_token,e.id_token,"standard"===n.flow),S()}else n.onAuthError&&n.onAuthError(),t&&t.setError()},d.send(l)}function f(r,o,i,a){m(r,o,i,s=(s+(new Date).getTime())/2),c&&(n.tokenParsed&&n.tokenParsed.nonce!=e.storedNonce||n.refreshTokenParsed&&n.refreshTokenParsed.nonce!=e.storedNonce||n.idTokenParsed&&n.idTokenParsed.nonce!=e.storedNonce)?(u("[KEYCLOAK] Invalid nonce, clearing token"),n.clearToken(),t&&t.setError()):a&&(n.onAuthSuccess&&n.onAuthSuccess(),t&&t.setSuccess())}}function p(e){return 0==e.status&&e.responseText&&e.responseURL.startsWith("file:")}function m(e,t,r,o){if(n.tokenTimeoutHandle&&(clearTimeout(n.tokenTimeoutHandle),n.tokenTimeoutHandle=null),t?(n.refreshToken=t,n.refreshTokenParsed=v(t)):(delete n.refreshToken,delete n.refreshTokenParsed),r?(n.idToken=r,n.idTokenParsed=v(r)):(delete n.idToken,delete n.idTokenParsed),e){if(n.token=e,n.tokenParsed=v(e),n.sessionId=n.tokenParsed.session_state,n.authenticated=!0,n.subject=n.tokenParsed.sub,n.realmAccess=n.tokenParsed.realm_access,n.resourceAccess=n.tokenParsed.resource_access,o&&(n.timeSkew=Math.floor(o/1e3)-n.tokenParsed.iat),null!=n.timeSkew&&(u("[KEYCLOAK] Estimated time difference between browser and server is "+n.timeSkew+" seconds"),n.onTokenExpired)){var i=1e3*(n.tokenParsed.exp-(new Date).getTime()/1e3+n.timeSkew);u("[KEYCLOAK] Token expires in "+Math.round(i/1e3)+" s"),i<=0?n.onTokenExpired():n.tokenTimeoutHandle=setTimeout(n.onTokenExpired,i)}}else delete n.token,delete n.tokenParsed,delete n.subject,delete n.realmAccess,delete n.resourceAccess,n.authenticated=!1}function v(e){switch((e=(e=(e=e.split(".")[1]).replace(/-/g,"+")).replace(/_/g,"/")).length%4){case 0:break;case 2:e+="==";break;case 3:e+="=";break;default:throw"Invalid token"}return e=decodeURIComponent(escape(atob(e))),e=JSON.parse(e)}function k(){var e="0123456789abcdef",t=h(36,e).split("");return t[14]="4",t[19]=e.substr(3&t[19]|8,1),t[8]=t[13]=t[18]=t[23]="-",t.join("")}function g(e){var t=function(e){var t;switch(n.flow){case"standard":t=["code","state","session_state","kc_action_status"];break;case"implicit":t=["access_token","token_type","id_token","state","session_state","expires_in","kc_action_status"];break;case"hybrid":t=["access_token","token_type","id_token","code","state","session_state","expires_in","kc_action_status"]}t.push("error"),t.push("error_description"),t.push("error_uri");var r,o,i=e.indexOf("?"),s=e.indexOf("#");"query"===n.responseMode&&-1!==i?(r=e.substring(0,i),""!==(o=y(e.substring(i+1,-1!==s?s:e.length),t)).paramsString&&(r+="?"+o.paramsString),-1!==s&&(r+=e.substring(s))):"fragment"===n.responseMode&&-1!==s&&(r=e.substring(0,s),""!==(o=y(e.substring(s+1),t)).paramsString&&(r+="#"+o.paramsString));if(o&&o.oauthParams)if("standard"===n.flow||"hybrid"===n.flow){if((o.oauthParams.code||o.oauthParams.error)&&o.oauthParams.state)return o.oauthParams.newUrl=r,o.oauthParams}else if("implicit"===n.flow&&(o.oauthParams.access_token||o.oauthParams.error)&&o.oauthParams.state)return o.oauthParams.newUrl=r,o.oauthParams}(e);if(t){var o=r.get(t.state);return o&&(t.valid=!0,t.redirectUri=o.redirectUri,t.storedNonce=o.nonce,t.prompt=o.prompt,t.pkceCodeVerifier=o.pkceCodeVerifier),t}}function y(e,t){for(var r=e.split("&"),n={paramsString:"",oauthParams:{}},o=0;o<r.length;o++){var i=r[o].indexOf("="),s=r[o].slice(0,i);-1!==t.indexOf(s)?n.oauthParams[s]=r[o].slice(i+1):(""!==n.paramsString&&(n.paramsString+="&"),n.paramsString+=r[o])}return n}function _(){var e={setSuccess:function(t){e.resolve(t)},setError:function(t){e.reject(t)}};return e.promise=new es6Promise_min.exports.Promise((function(t,r){e.resolve=t,e.reject=r})),e.promise.success=function(e){return logPromiseDeprecation(),this.then((function(t){e(t)})),this},e.promise.error=function(e){return logPromiseDeprecation(),this.catch((function(t){e(t)})),this},e}function w(){var e=_();if(!i.enable)return e.setSuccess(),e.promise;if(i.iframe)return e.setSuccess(),e.promise;var t=document.createElement("iframe");i.iframe=t,t.onload=function(){var t=n.endpoints.authorize();"/"===t.charAt(0)?i.iframeOrigin=window.location.origin?window.location.origin:window.location.protocol+"//"+window.location.hostname+(window.location.port?":"+window.location.port:""):i.iframeOrigin=t.substring(0,t.indexOf("/",8)),e.setSuccess()};var r=n.endpoints.checkSessionIframe();t.setAttribute("src",r),t.setAttribute("title","keycloak-session-iframe"),t.style.display="none",document.body.appendChild(t);return window.addEventListener("message",(function(e){if(e.origin===i.iframeOrigin&&i.iframe.contentWindow===e.source&&("unchanged"==e.data||"changed"==e.data||"error"==e.data)){"unchanged"!=e.data&&n.clearToken();for(var t=i.callbackList.splice(0,i.callbackList.length),r=t.length-1;r>=0;--r){var o=t[r];"error"==e.data?o.setError():o.setSuccess("unchanged"==e.data)}}}),!1),e.promise}function S(){i.enable&&n.token&&setTimeout((function(){b().then((function(e){e&&S()}))}),1e3*i.interval)}function b(){var e=_();if(i.iframe&&i.iframeOrigin){var t=n.clientId+" "+(n.sessionId?n.sessionId:"");i.callbackList.push(e);var r=i.iframeOrigin;1==i.callbackList.length&&i.iframe.contentWindow.postMessage(t,r)}else e.setSuccess();return e.promise}function A(){var e=_();if(i.enable||n.silentCheckSsoRedirectUri){var t=document.createElement("iframe");t.setAttribute("src",n.endpoints.thirdPartyCookiesIframe()),t.setAttribute("title","keycloak-3p-check-iframe"),t.style.display="none",document.body.appendChild(t);var r=function(o){t.contentWindow===o.source&&("supported"!==o.data&&"unsupported"!==o.data||("unsupported"===o.data&&(i.enable=!1,n.silentCheckSsoFallback&&(n.silentCheckSsoRedirectUri=!1),l("[KEYCLOAK] 3rd party cookies aren't supported by this browser. checkLoginIframe and silent check-sso are not available.")),document.body.removeChild(t),window.removeEventListener("message",r),e.setSuccess()))};window.addEventListener("message",r,!1)}else e.setSuccess();return function(e,t,r){var n=null,o=new es6Promise_min.exports.Promise((function(e,o){n=setTimeout((function(){o({error:r||"Promise is not settled within timeout of "+t+"ms"})}),t)}));return es6Promise_min.exports.Promise.race([e,o]).finally((function(){clearTimeout(n)}))}(e.promise,n.messageReceiveTimeout,"Timeout when waiting for 3rd party check iframe message.")}function R(e){if(!e||"default"==e)return{login:function(e){return window.location.replace(n.createLoginUrl(e)),_().promise},logout:function(e){return window.location.replace(n.createLogoutUrl(e)),_().promise},register:function(e){return window.location.replace(n.createRegisterUrl(e)),_().promise},accountManagement:function(){var e=n.createAccountUrl();if(void 0===e)throw"Not supported by the OIDC server";return window.location.href=e,_().promise},redirectUri:function(e,t){return e&&e.redirectUri?e.redirectUri:n.redirectUri?n.redirectUri:location.href}};if("cordova"==e){i.enable=!1;var t=function(e,t,r){return window.cordova&&window.cordova.InAppBrowser?window.cordova.InAppBrowser.open(e,t,r):window.open(e,t,r)},r=function(e){var t=function(e){return e&&e.cordovaOptions?Object.keys(e.cordovaOptions).reduce((function(t,r){return t[r]=e.cordovaOptions[r],t}),{}):{}}(e);return t.location="no",e&&"none"==e.prompt&&(t.hidden="yes"),function(e){return Object.keys(e).reduce((function(t,r){return t.push(r+"="+e[r]),t}),[]).join(",")}(t)};return{login:function(e){var o=_(),i=r(e),s=n.createLoginUrl(e),a=t(s,"_blank",i),c=!1,u=!1,l=function(){u=!0,a.close()};return a.addEventListener("loadstart",(function(e){0==e.url.indexOf("http://localhost")&&(f(g(e.url),o),l(),c=!0)})),a.addEventListener("loaderror",(function(e){c||(0==e.url.indexOf("http://localhost")?(f(g(e.url),o),l(),c=!0):(o.setError(),l()))})),a.addEventListener("exit",(function(e){u||o.setError({reason:"closed_by_user"})})),o.promise},logout:function(e){var r,o=_(),i=n.createLogoutUrl(e),s=t(i,"_blank","location=no,hidden=yes,clearcache=yes");return s.addEventListener("loadstart",(function(e){0==e.url.indexOf("http://localhost")&&s.close()})),s.addEventListener("loaderror",(function(e){0==e.url.indexOf("http://localhost")||(r=!0),s.close()})),s.addEventListener("exit",(function(e){r?o.setError():(n.clearToken(),o.setSuccess())})),o.promise},register:function(e){var o=_(),i=n.createRegisterUrl(),s=r(e),a=t(i,"_blank",s);return a.addEventListener("loadstart",(function(e){0==e.url.indexOf("http://localhost")&&(a.close(),f(g(e.url),o))})),o.promise},accountManagement:function(){var e=n.createAccountUrl();if(void 0===e)throw"Not supported by the OIDC server";var r=t(e,"_blank","location=no");r.addEventListener("loadstart",(function(e){0==e.url.indexOf("http://localhost")&&r.close()}))},redirectUri:function(e){return"http://localhost"}}}if("cordova-native"==e)return i.enable=!1,{login:function(e){var t=_(),r=n.createLoginUrl(e);return universalLinks.subscribe("keycloak",(function(e){universalLinks.unsubscribe("keycloak"),window.cordova.plugins.browsertab.close(),f(g(e.url),t)})),window.cordova.plugins.browsertab.openUrl(r),t.promise},logout:function(e){var t=_(),r=n.createLogoutUrl(e);return universalLinks.subscribe("keycloak",(function(e){universalLinks.unsubscribe("keycloak"),window.cordova.plugins.browsertab.close(),n.clearToken(),t.setSuccess()})),window.cordova.plugins.browsertab.openUrl(r),t.promise},register:function(e){var t=_(),r=n.createRegisterUrl(e);return universalLinks.subscribe("keycloak",(function(e){universalLinks.unsubscribe("keycloak"),window.cordova.plugins.browsertab.close(),f(g(e.url),t)})),window.cordova.plugins.browsertab.openUrl(r),t.promise},accountManagement:function(){var e=n.createAccountUrl();if(void 0===e)throw"Not supported by the OIDC server";window.cordova.plugins.browsertab.openUrl(e)},redirectUri:function(e){return e&&e.redirectUri?e.redirectUri:n.redirectUri?n.redirectUri:"http://localhost"}};throw"invalid adapter type: "+e}n.init=function(o){n.authenticated=!1,r=function(){try{return new E}catch(e){}return new H}();if(t=o&&["default","cordova","cordova-native"].indexOf(o.adapter)>-1?R(o.adapter):o&&"object"==typeof o.adapter?o.adapter:window.Cordova||window.cordova?R("cordova"):R(),o){if(void 0!==o.useNonce&&(c=o.useNonce),void 0!==o.checkLoginIframe&&(i.enable=o.checkLoginIframe),o.checkLoginIframeInterval&&(i.interval=o.checkLoginIframeInterval),"login-required"===o.onLoad&&(n.loginRequired=!0),o.responseMode){if("query"!==o.responseMode&&"fragment"!==o.responseMode)throw"Invalid value for responseMode";n.responseMode=o.responseMode}if(o.flow){switch(o.flow){case"standard":n.responseType="code";break;case"implicit":n.responseType="id_token token";break;case"hybrid":n.responseType="code id_token token";break;default:throw"Invalid value for flow"}n.flow=o.flow}if(null!=o.timeSkew&&(n.timeSkew=o.timeSkew),o.redirectUri&&(n.redirectUri=o.redirectUri),o.silentCheckSsoRedirectUri&&(n.silentCheckSsoRedirectUri=o.silentCheckSsoRedirectUri),"boolean"==typeof o.silentCheckSsoFallback?n.silentCheckSsoFallback=o.silentCheckSsoFallback:n.silentCheckSsoFallback=!0,o.pkceMethod){if("S256"!==o.pkceMethod)throw"Invalid value for pkceMethod";n.pkceMethod=o.pkceMethod}"boolean"==typeof o.enableLogging?n.enableLogging=o.enableLogging:n.enableLogging=!1,"string"==typeof o.scope&&(n.scope=o.scope),"number"==typeof o.messageReceiveTimeout&&o.messageReceiveTimeout>0?n.messageReceiveTimeout=o.messageReceiveTimeout:n.messageReceiveTimeout=1e4}n.responseMode||(n.responseMode="fragment"),n.responseType||(n.responseType="code",n.flow="standard");var s=_(),a=_();a.promise.then((function(){n.onReady&&n.onReady(n.authenticated),s.setSuccess(n.authenticated)})).catch((function(e){s.setError(e)}));var u=function(t){var r,o=_();e?"string"==typeof e&&(r=e):r="keycloak.json";function i(e){n.endpoints=e?{authorize:function(){return e.authorization_endpoint},token:function(){return e.token_endpoint},logout:function(){if(!e.end_session_endpoint)throw"Not supported by the OIDC server";return e.end_session_endpoint},checkSessionIframe:function(){if(!e.check_session_iframe)throw"Not supported by the OIDC server";return e.check_session_iframe},register:function(){throw'Redirection to "Register user" page not supported in standard OIDC mode'},userinfo:function(){if(!e.userinfo_endpoint)throw"Not supported by the OIDC server";return e.userinfo_endpoint}}:{authorize:function(){return d()+"/protocol/openid-connect/auth"},token:function(){return d()+"/protocol/openid-connect/token"},logout:function(){return d()+"/protocol/openid-connect/logout"},checkSessionIframe:function(){var e=d()+"/protocol/openid-connect/login-status-iframe.html";return n.iframeVersion&&(e=e+"?version="+n.iframeVersion),e},thirdPartyCookiesIframe:function(){var e=d()+"/protocol/openid-connect/3p-cookies/step1.html";return n.iframeVersion&&(e=e+"?version="+n.iframeVersion),e},register:function(){return d()+"/protocol/openid-connect/registrations"},userinfo:function(){return d()+"/protocol/openid-connect/userinfo"}}}if(r){(c=new XMLHttpRequest).open("GET",r,!0),c.setRequestHeader("Accept","application/json"),c.onreadystatechange=function(){if(4==c.readyState)if(200==c.status||p(c)){var e=JSON.parse(c.responseText);n.authServerUrl=e["auth-server-url"],n.realm=e.realm,n.clientId=e.resource,i(null),o.setSuccess()}else o.setError()},c.send()}else{if(!e.clientId)throw"clientId missing";n.clientId=e.clientId;var s=e.oidcProvider;if(s){var a,c;if("string"==typeof s)a="/"==s.charAt(s.length-1)?s+".well-known/openid-configuration":s+"/.well-known/openid-configuration",(c=new XMLHttpRequest).open("GET",a,!0),c.setRequestHeader("Accept","application/json"),c.onreadystatechange=function(){4==c.readyState&&(200==c.status||p(c)?(i(JSON.parse(c.responseText)),o.setSuccess()):o.setError())},c.send();else i(s),o.setSuccess()}else{if(!e.url)for(var u=document.getElementsByTagName("script"),l=0;l<u.length;l++)if(u[l].src.match(/.*keycloak\.js/)){e.url=u[l].src.substr(0,u[l].src.indexOf("/js/keycloak.js"));break}if(!e.realm)throw"realm missing";n.authServerUrl=e.url,n.realm=e.realm,i(null),o.setSuccess()}}return o.promise}();function l(){var e=function(e){e||(r.prompt="none"),n.login(r).then((function(){a.setSuccess()})).catch((function(e){a.setError(e)}))},t=function(){var e=document.createElement("iframe"),t=n.createLoginUrl({prompt:"none",redirectUri:n.silentCheckSsoRedirectUri});e.setAttribute("src",t),e.setAttribute("title","keycloak-silent-check-sso"),e.style.display="none",document.body.appendChild(e);var r=function(t){t.origin===window.location.origin&&e.contentWindow===t.source&&(f(g(t.data),a),document.body.removeChild(e),window.removeEventListener("message",r))};window.addEventListener("message",r)},r={};switch(o.onLoad){case"check-sso":i.enable?w().then((function(){b().then((function(r){r?a.setSuccess():n.silentCheckSsoRedirectUri?t():e(!1)})).catch((function(e){a.setError(e)}))})):n.silentCheckSsoRedirectUri?t():e(!1);break;case"login-required":e(!0);break;default:throw"Invalid value for onLoad"}}function h(){var e=g(window.location.href);if(e&&window.history.replaceState(window.history.state,null,e.newUrl),e&&e.valid)return w().then((function(){f(e,a)})).catch((function(e){a.setError(e)}));o?o.token&&o.refreshToken?(m(o.token,o.refreshToken,o.idToken),i.enable?w().then((function(){b().then((function(e){e?(n.onAuthSuccess&&n.onAuthSuccess(),a.setSuccess(),S()):a.setSuccess()})).catch((function(e){a.setError(e)}))})):n.updateToken(-1).then((function(){n.onAuthSuccess&&n.onAuthSuccess(),a.setSuccess()})).catch((function(e){n.onAuthError&&n.onAuthError(),o.onLoad?l():a.setError(e)}))):o.onLoad?l():a.setSuccess():a.setSuccess()}return u.then((function(){(function(){var e=_(),t=function(){"interactive"!==document.readyState&&"complete"!==document.readyState||(document.removeEventListener("readystatechange",t),e.setSuccess())};return document.addEventListener("readystatechange",t),t(),e.promise})().then(A).then(h).catch((function(e){s.setError(e)}))})),u.catch((function(e){s.setError(e)})),s.promise},n.login=function(e){return t.login(e)},n.createLoginUrl=function(e){var o,i=k(),s=k(),a=t.redirectUri(e),u={state:i,nonce:s,redirectUri:encodeURIComponent(a)};e&&e.prompt&&(u.prompt=e.prompt),o=e&&"register"==e.action?n.endpoints.register():n.endpoints.authorize();var l=e&&e.scope||n.scope;l?-1===l.indexOf("openid")&&(l="openid "+l):l="openid";var d,f,p=o+"?client_id="+encodeURIComponent(n.clientId)+"&redirect_uri="+encodeURIComponent(a)+"&state="+encodeURIComponent(i)+"&response_mode="+encodeURIComponent(n.responseMode)+"&response_type="+encodeURIComponent(n.responseType)+"&scope="+encodeURIComponent(l);if(c&&(p=p+"&nonce="+encodeURIComponent(s)),e&&e.prompt&&(p+="&prompt="+encodeURIComponent(e.prompt)),e&&e.maxAge&&(p+="&max_age="+encodeURIComponent(e.maxAge)),e&&e.loginHint&&(p+="&login_hint="+encodeURIComponent(e.loginHint)),e&&e.idpHint&&(p+="&kc_idp_hint="+encodeURIComponent(e.idpHint)),e&&e.action&&"register"!=e.action&&(p+="&kc_action="+encodeURIComponent(e.action)),e&&e.locale&&(p+="&ui_locales="+encodeURIComponent(e.locale)),e&&e.acr){var m=(d=e.acr,f={id_token:{acr:d}},JSON.stringify(f));p+="&claims="+encodeURIComponent(m)}if(n.pkceMethod){var v=function(e){return h(e,"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789")}(96);u.pkceCodeVerifier=v;var g=function(e,t){if("S256"===e){var r=new Uint8Array(sha256.arrayBuffer(t));return base64Js.fromByteArray(r).replace(/\+/g,"-").replace(/\//g,"_").replace(/\=/g,"")}throw"Invalid value for pkceMethod"}(n.pkceMethod,v);p+="&code_challenge="+g,p+="&code_challenge_method="+n.pkceMethod}return r.add(u),p},n.logout=function(e){return t.logout(e)},n.createLogoutUrl=function(e){return n.endpoints.logout()+"?post_logout_redirect_uri="+encodeURIComponent(t.redirectUri(e,!1))+"&id_token_hint="+encodeURIComponent(n.idToken)},n.register=function(e){return t.register(e)},n.createRegisterUrl=function(e){return e||(e={}),e.action="register",n.createLoginUrl(e)},n.createAccountUrl=function(e){var r=d(),o=void 0;return void 0!==r&&(o=r+"/account?referrer="+encodeURIComponent(n.clientId)+"&referrer_uri="+encodeURIComponent(t.redirectUri(e))),o},n.accountManagement=function(){return t.accountManagement()},n.hasRealmRole=function(e){var t=n.realmAccess;return!!t&&t.roles.indexOf(e)>=0},n.hasResourceRole=function(e,t){if(!n.resourceAccess)return!1;var r=n.resourceAccess[t||n.clientId];return!!r&&r.roles.indexOf(e)>=0},n.loadUserProfile=function(){var e=d()+"/account",t=new XMLHttpRequest;t.open("GET",e,!0),t.setRequestHeader("Accept","application/json"),t.setRequestHeader("Authorization","bearer "+n.token);var r=_();return t.onreadystatechange=function(){4==t.readyState&&(200==t.status?(n.profile=JSON.parse(t.responseText),r.setSuccess(n.profile)):r.setError())},t.send(),r.promise},n.loadUserInfo=function(){var e=n.endpoints.userinfo(),t=new XMLHttpRequest;t.open("GET",e,!0),t.setRequestHeader("Accept","application/json"),t.setRequestHeader("Authorization","bearer "+n.token);var r=_();return t.onreadystatechange=function(){4==t.readyState&&(200==t.status?(n.userInfo=JSON.parse(t.responseText),r.setSuccess(n.userInfo)):r.setError())},t.send(),r.promise},n.isTokenExpired=function(e){if(!n.tokenParsed||!n.refreshToken&&"implicit"!=n.flow)throw"Not authenticated";if(null==n.timeSkew)return u("[KEYCLOAK] Unable to determine if token is expired as timeskew is not set"),!0;var t=n.tokenParsed.exp-Math.ceil((new Date).getTime()/1e3)+n.timeSkew;if(e){if(isNaN(e))throw"Invalid minValidity";t-=e}return t<0},n.updateToken=function(e){var t=_();if(!n.refreshToken)return t.setError(),t.promise;e=e||5;var r=function(){var r=!1;if(-1==e?(r=!0,u("[KEYCLOAK] Refreshing token: forced refresh")):n.tokenParsed&&!n.isTokenExpired(e)||(r=!0,u("[KEYCLOAK] Refreshing token: token expired")),r){var i="grant_type=refresh_token&refresh_token="+n.refreshToken,s=n.endpoints.token();if(o.push(t),1==o.length){var a=new XMLHttpRequest;a.open("POST",s,!0),a.setRequestHeader("Content-type","application/x-www-form-urlencoded"),a.withCredentials=!0,i+="&client_id="+encodeURIComponent(n.clientId);var c=(new Date).getTime();a.onreadystatechange=function(){if(4==a.readyState)if(200==a.status){u("[KEYCLOAK] Token refreshed"),c=(c+(new Date).getTime())/2;var e=JSON.parse(a.responseText);m(e.access_token,e.refresh_token,e.id_token,c),n.onAuthRefreshSuccess&&n.onAuthRefreshSuccess();for(var t=o.pop();null!=t;t=o.pop())t.setSuccess(!0)}else{l("[KEYCLOAK] Failed to refresh token"),400==a.status&&n.clearToken(),n.onAuthRefreshError&&n.onAuthRefreshError();for(t=o.pop();null!=t;t=o.pop())t.setError(!0)}},a.send(i)}}else t.setSuccess(!1)};i.enable?b().then((function(){r()})).catch((function(e){t.setError(e)})):r();return t.promise},n.clearToken=function(){n.token&&(m(null,null,null),n.onAuthLogout&&n.onAuthLogout(),n.loginRequired&&n.login())};var E=function(){if(!(this instanceof E))return new E;localStorage.setItem("kc-test","test"),localStorage.removeItem("kc-test");function e(){for(var e=(new Date).getTime(),t=0;t<localStorage.length;t++){var r=localStorage.key(t);if(r&&0==r.indexOf("kc-callback-")){var n=localStorage.getItem(r);if(n)try{var o=JSON.parse(n).expires;(!o||o<e)&&localStorage.removeItem(r)}catch(e){localStorage.removeItem(r)}}}}this.get=function(t){if(t){var r="kc-callback-"+t,n=localStorage.getItem(r);return n&&(localStorage.removeItem(r),n=JSON.parse(n)),e(),n}},this.add=function(t){e();var r="kc-callback-"+t.state;t.expires=(new Date).getTime()+36e5,localStorage.setItem(r,JSON.stringify(t))}},H=function(){if(!(this instanceof H))return new H;var e=this;e.get=function(e){if(e){var o=r("kc-callback-"+e);return n("kc-callback-"+e,"",t(-100)),o?JSON.parse(o):void 0}},e.add=function(e){n("kc-callback-"+e.state,JSON.stringify(e),t(60))},e.removeItem=function(e){n(e,"",t(-100))};var t=function(e){var t=new Date;return t.setTime(t.getTime()+60*e*1e3),t},r=function(e){for(var t=e+"=",r=document.cookie.split(";"),n=0;n<r.length;n++){for(var o=r[n];" "==o.charAt(0);)o=o.substring(1);if(0==o.indexOf(t))return o.substring(t.length,o.length)}return""},n=function(e,t,r){var n=e+"="+t+"; expires="+r.toUTCString()+"; ";document.cookie=n}};function C(e){return function(){n.enableLogging&&e.apply(console,Array.prototype.slice.call(arguments))}}}return Keycloak})); | ||
| //# sourceMappingURL=keycloak.min.js.map |
| { | ||
| "name": "keycloak-js", | ||
| "version": "17.0.1", | ||
| "version": "18.0.0", | ||
| "description": "Keycloak Adapter", | ||
@@ -5,0 +5,0 @@ "main": "dist/keycloak.js", |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is not supported yet
Sorry, the diff of this file is not supported yet
New alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
Fixed alerts
License Policy Violation
LicenseThis package is not allowed per your license policy. Review the package's license to ensure compliance.
Found 1 instance in 1 package
No README
QualityPackage does not have a README. This may indicate a failed publish or a low quality package.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by0.64%
322263
- Number of package files
- increased by9.09%
12
- Lines of code
- increased by1.3%
4835
- Number of medium quality alerts
- decreased by-100%
0
- Number of lines in readme file
- increased byInfinity%
4
No dependency changes