/**
 * Minified by jsDelivr using Terser v5.39.0.
 * Original file: /npm/@gzup/auth-sdk@0.22.0/index.js
 *
 * Do NOT use SRI with dynamically generated files! More information: https://www.jsdelivr.com/using-sri-with-dynamic-files
 */
"use strict";var __create=Object.create,__defProp=Object.defineProperty,__getOwnPropDesc=Object.getOwnPropertyDescriptor,__getOwnPropNames=Object.getOwnPropertyNames,__getProtoOf=Object.getPrototypeOf,__hasOwnProp=Object.prototype.hasOwnProperty,__export=(e,t)=>{for(var r in t)__defProp(e,r,{get:t[r],enumerable:!0})},__copyProps=(e,t,r,s)=>{if(t&&"object"==typeof t||"function"==typeof t)for(let o of __getOwnPropNames(t))__hasOwnProp.call(e,o)||o===r||__defProp(e,o,{get:()=>t[o],enumerable:!(s=__getOwnPropDesc(t,o))||s.enumerable});return e},__toESM=(e,t,r)=>(r=null!=e?__create(__getProtoOf(e)):{},__copyProps(!t&&e&&e.__esModule?r:__defProp(r,"default",{value:e,enumerable:!0}),e)),__toCommonJS=e=>__copyProps(__defProp({},"__esModule",{value:!0}),e),src_exports={};__export(src_exports,{ExternalProvider:()=>ExternalProvider,SaleorAuthClient:()=>SaleorAuthClient,SaleorExternalAuth:()=>SaleorExternalAuth,createSaleorAuthClient:()=>createSaleorAuthClient}),module.exports=__toCommonJS(src_exports);var getStorageAuthEventKey=e=>[e,"saleor_storage_auth_change"].filter(Boolean).join("+"),getStorageAuthStateKey=e=>[e,"saleor_auth_module_auth_state"].filter(Boolean).join("+"),getRefreshTokenKey=e=>[e,"saleor_auth_module_refresh_token"].filter(Boolean).join("+"),SaleorAuthStorageHandler=class{constructor(e,t){this.storage=e,this.prefix=t,this.handleStorageChange=e=>{const{oldValue:t,newValue:r,type:s,key:o}=e;t!==r&&"storage"===s&&o===getStorageAuthStateKey(this.prefix)&&this.sendAuthStateEvent(r)},this.cleanup=()=>{window.removeEventListener("storage",this.handleStorageChange)},this.sendAuthStateEvent=e=>{const t=new CustomEvent(getStorageAuthEventKey(this.prefix),{detail:{authState:e}});window.dispatchEvent(t)},this.getAuthState=()=>this.storage.getItem(getStorageAuthStateKey(this.prefix))||"signedOut",this.setAuthState=e=>{this.storage.setItem(getStorageAuthStateKey(this.prefix),e),this.sendAuthStateEvent(e)},this.getRefreshToken=()=>this.storage.getItem(getRefreshTokenKey(this.prefix))||null,this.setRefreshToken=e=>{this.storage.setItem(getRefreshTokenKey(this.prefix),e)},this.clearAuthStorage=()=>{this.setAuthState("signedOut"),this.storage.removeItem(getRefreshTokenKey(this.prefix))},window.addEventListener("storage",this.handleStorageChange)}},import_printer=require("graphql/language/printer.js"),MILLI_MULTIPLYER=1e3,TOKEN_GRACE_PERIOD=2e3,decodeToken=e=>{const t=e.split("."),r=Buffer.from(t[1]||"","base64").toString();return JSON.parse(r)},getTokenExpiry=e=>decodeToken(e).exp*MILLI_MULTIPLYER||0,getTokenIss=e=>decodeToken(e).iss,isExpiredToken=e=>getTokenExpiry(e)-TOKEN_GRACE_PERIOD<=Date.now(),getRequestData=(e,t)=>({method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify({query:(0,import_printer.print)(e),variables:t})}),InvariantError=class extends Error{constructor(e){super(e)}};function invariant(e,t){if(!e)throw new InvariantError(`Invariant Violation: ${t||""}`)}var import_graphql_tag=__toESM(require("graphql-tag")),accountErrorFragment=import_graphql_tag.default`
  fragment AccountErrorFragment on AccountError {
    code
    field
    message
  }
`,TOKEN_REFRESH=import_graphql_tag.default`
  ${accountErrorFragment}
  mutation refreshToken($refreshToken: String!) {
    tokenRefresh(refreshToken: $refreshToken) {
      token
      errors {
        ...AccountErrorFragment
      }
    }
  }
`,TOKEN_CREATE=import_graphql_tag.default`
  mutation tokenCreate($email: String!, $password: String!) {
    tokenCreate(email: $email, password: $password) {
      token
      refreshToken
      errors {
        message
        field
        code
      }
    }
  }
`,PASSWORD_RESET=import_graphql_tag.default`
  mutation passwordReset($email: String!, $password: String!, $token: String!) {
    setPassword(email: $email, password: $password, token: $token) {
      token
      refreshToken
      errors {
        message
        field
        code
      }
    }
  }
`,ExternalAuthenticationURL=import_graphql_tag.default`
  mutation externalAuthenticationUrl($pluginId: String!, $input: JSONString!) {
    externalAuthenticationUrl(pluginId: $pluginId, input: $input) {
      authenticationData
      errors {
        code
        field
        message
      }
    }
  }
`,ExternalObtainAccessTokens=import_graphql_tag.default`
  mutation AuthObtainAccessToken($pluginId: String!, $input: JSONString!) {
    externalObtainAccessTokens(pluginId: $pluginId, input: $input) {
      token
      refreshToken
      user {
        id
        email
      }
      errors {
        field
        code
        message
      }
    }
  }
`,import_cookie=__toESM(require("cookie")),SaleorAuthClient=class{constructor({saleorApiUrl:e,storage:t,onAuthRefresh:r}){this.accessToken=null,this.tokenRefreshPromise=null,this.cleanup=()=>{this.storageHandler?.cleanup()},this.runAuthorizedRequest=(e,t)=>{if(!this.accessToken)return fetch(e,t);const r=t?.headers||{},s=getTokenIss(this.accessToken),o=("string"==typeof(n=e)?n:n instanceof URL?n.href:n.url)===s;var n;return fetch(e,{...t,headers:o?{...r,Authorization:`Bearer ${this.accessToken}`}:r})},this.handleRequestWithTokenRefresh=async(e,t)=>{const r=this.storageHandler?.getRefreshToken();if(invariant(r,"Missing refresh token in token refresh handler"),this.accessToken&&!isExpiredToken(this.accessToken))return this.fetchWithAuth(e,t);if(this.onAuthRefresh?.(!0),this.tokenRefreshPromise){const r=await this.tokenRefreshPromise,s=await r.clone().json(),{errors:o,data:{tokenRefresh:{errors:n,token:a}}}=s;return this.onAuthRefresh?.(!1),n?.length||o?.length||!a?(this.tokenRefreshPromise=null,this.storageHandler?.clearAuthStorage(),fetch(e,t)):(this.storageHandler?.setAuthState("signedIn"),this.accessToken=a,this.tokenRefreshPromise=null,this.runAuthorizedRequest(e,t))}return this.tokenRefreshPromise=fetch(this.saleorApiUrl,getRequestData(TOKEN_REFRESH,{refreshToken:r})),this.fetchWithAuth(e,t)},this.handleSignIn=async e=>{const t=await e.json(),r="tokenCreate"in t.data?t.data.tokenCreate:t.data.setPassword;if(!r)return t;const{errors:s,token:o,refreshToken:n}=r;return!o||s.length?(this.storageHandler?.setAuthState("signedOut"),t):(o&&(this.accessToken=o),n&&this.storageHandler?.setRefreshToken(n),this.storageHandler?.setAuthState("signedIn"),t)},this.fetchWithAuth=async(e,t)=>{const r=this.storageHandler?.getRefreshToken();return this.accessToken||(this.accessToken=import_cookie.default.parse(document.cookie).token,document.cookie=import_cookie.default.serialize("token","",{expires:new Date(0),path:"/"})),this.accessToken&&!isExpiredToken(this.accessToken)?this.runAuthorizedRequest(e,t):r?this.handleRequestWithTokenRefresh(e,t):fetch(e,t)},this.resetPassword=async e=>{const t=await fetch(this.saleorApiUrl,getRequestData(PASSWORD_RESET,e));return this.handleSignIn(t)},this.signIn=async e=>{const t=await fetch(this.saleorApiUrl,getRequestData(TOKEN_CREATE,e));return this.handleSignIn(t)},this.signOut=()=>{this.accessToken=null,this.storageHandler?.clearAuthStorage(),document.cookie=import_cookie.default.serialize("token","",{expires:new Date(0),path:"/"})};const s=t||("undefined"!=typeof window?window.localStorage:void 0);this.storageHandler=s?new SaleorAuthStorageHandler(s,e):null,this.onAuthRefresh=r,this.saleorApiUrl=e}},createSaleorAuthClient=e=>new SaleorAuthClient(e),SaleorExternalAuth=class{constructor(e,t){this.saleorURL=e,this.provider=t}async makePOSTRequest(e,t){const r=await fetch(this.saleorURL,getRequestData(e,t)),s=await r.json();if("errors"in s)throw console.error(s.errors[0].message),new Error(s.errors[0].message);return s.data}async initiate({redirectURL:e}){const{externalAuthenticationUrl:{authenticationData:t,errors:r}}=await this.makePOSTRequest(ExternalAuthenticationURL,{pluginId:this.provider,input:JSON.stringify({redirectUri:e})});if(r.length>0)throw new Error(r[0].message);const{authorizationUrl:s}=JSON.parse(t);return s}async obtainAccessToken({code:e,state:t}){const{externalObtainAccessTokens:r}=await this.makePOSTRequest(ExternalObtainAccessTokens,{pluginId:this.provider,input:JSON.stringify({code:e,state:t})});return r}},ExternalProvider=(e=>(e.OpenIDConnect="mirumee.authentication.openidconnect",e.SaleorCloud="cloud_auth.CloudAuthorizationPlugin",e))(ExternalProvider||{});
//# sourceMappingURL=/sm/1e6a253c27474a0c9fedd7779651e60deb93ee8d2c69911c6f8f96d3db98d9e2.map