Server : Apache System : Linux ks5.tuic.fr 6.1.0-18-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.76-1 (2024-02-01) x86_64 User : pragmatice ( 1003) PHP Version : 8.2.24 Disable Function : NONE Directory :  /tmp/tsx-1023/

Upload File : current_dir [ Writeable ] document_root [ Writeable ]

{"code":"(()=>{\nvar __create=Object.create;var __defProp=Object.defineProperty;var __getOwnPropDesc=Object.getOwnPropertyDescriptor;var __getOwnPropNames=Object.getOwnPropertyNames;var __getProtoOf=Object.getPrototypeOf;var __hasOwnProp=Object.prototype.hasOwnProperty;var __name=(target,value)=>__defProp(target,\"name\",{value,configurable:true});var __export=(target,all)=>{for(var name in all)__defProp(target,name,{get:all[name],enumerable:true})};var __copyProps=(to,from,except,desc)=>{if(from&&typeof from===\"object\"||typeof from===\"function\"){for(let key of __getOwnPropNames(from))if(!__hasOwnProp.call(to,key)&&key!==except)__defProp(to,key,{get:()=>from[key],enumerable:!(desc=__getOwnPropDesc(from,key))||desc.enumerable})}return to};var __toESM=(mod,isNodeMode,target)=>(target=mod!=null?__create(__getProtoOf(mod)):{},__copyProps(isNodeMode||!mod||!mod.__esModule?__defProp(target,\"default\",{value:mod,enumerable:true}):target,mod));var __toCommonJS=mod=>__copyProps(__defProp({},\"__esModule\",{value:true}),mod);var token_jwt_auth_exports={};__export(token_jwt_auth_exports,{default:()=>getTokenJwtAuth});module.exports=__toCommonJS(token_jwt_auth_exports);var import_errors=require(\"../helpers/errors.js\");var import_weak_cache=__toESM(require(\"../helpers/weak_cache.js\"));var JWT=__toESM(require(\"../helpers/jwt.js\"));function getTokenJwtAuth(provider){const clockTolerance=(0,import_weak_cache.default)(provider).configuration(\"clockTolerance\");return __name(async function tokenJwtAuth(ctx,keystore,algorithms){const acceptedAud=ctx.oidc.clientJwtAuthExpectedAudience();const{header,payload}=JWT.decode(ctx.oidc.params.client_assertion);if(!algorithms.includes(header.alg)){throw new import_errors.InvalidClientAuth(\"alg mismatch\")}if(!payload.exp){throw new import_errors.InvalidClientAuth(\"expiration must be specified in the client_assertion JWT\")}if(!payload.jti){throw new import_errors.InvalidClientAuth(\"unique jti (JWT ID) must be provided in the client_assertion JWT\")}if(!payload.iss){throw new import_errors.InvalidClientAuth(\"iss (JWT issuer) must be provided in the client_assertion JWT\")}if(payload.iss!==ctx.oidc.client.clientId){throw new import_errors.InvalidClientAuth(\"iss (JWT issuer) must be the client_id\")}if(!payload.aud){throw new import_errors.InvalidClientAuth(\"aud (JWT audience) must be provided in the client_assertion JWT\")}if(Array.isArray(payload.aud)){if(!payload.aud.some(aud=>acceptedAud.has(aud))){throw new import_errors.InvalidClientAuth(\"list of audience (aud) must include the endpoint url, issuer identifier or token endpoint url\")}}else if(!acceptedAud.has(payload.aud)){throw new import_errors.InvalidClientAuth(\"audience (aud) must equal the endpoint url, issuer identifier or token endpoint url\")}try{await JWT.verify(ctx.oidc.params.client_assertion,keystore,{clockTolerance,ignoreAzp:true})}catch(err){throw new import_errors.InvalidClientAuth(err.message)}const unique=await provider.ReplayDetection.unique(payload.iss,payload.jti,payload.exp+clockTolerance);if(!unique){throw new import_errors.InvalidClientAuth(\"client assertion tokens must only be used once\")}},\"tokenJwtAuth\")}__name(getTokenJwtAuth,\"getTokenJwtAuth\");\n})()\n","warnings":[],"map":{"version":3,"mappings":";i/BAAA,mKAAkC,gCAClC,sBAAqB,6CACrB,QAAqB,sCAEN,SAAR,gBAAiC,SAAU,CAChD,MAAM,kBAAiB,kBAAAA,SAAS,QAAQ,EAAE,cAAc,gBAAgB,EACxE,OAAO,sBAAe,aACpB,IACA,SACA,WACA,CACA,MAAM,YAAc,IAAI,KAAK,8BAA8B,EAC3D,KAAM,CAAE,OAAQ,OAAQ,EAAI,IAAI,OAAO,IAAI,KAAK,OAAO,gBAAgB,EAEvE,GAAI,CAAC,WAAW,SAAS,OAAO,GAAG,EAAG,CACpC,MAAM,IAAI,gCAAkB,cAAc,CAC5C,CAEA,GAAI,CAAC,QAAQ,IAAK,CAChB,MAAM,IAAI,gCAAkB,0DAA0D,CACxF,CAEA,GAAI,CAAC,QAAQ,IAAK,CAChB,MAAM,IAAI,gCAAkB,kEAAkE,CAChG,CAEA,GAAI,CAAC,QAAQ,IAAK,CAChB,MAAM,IAAI,gCAAkB,+DAA+D,CAC7F,CAEA,GAAI,QAAQ,MAAQ,IAAI,KAAK,OAAO,SAAU,CAC5C,MAAM,IAAI,gCAAkB,wCAAwC,CACtE,CAEA,GAAI,CAAC,QAAQ,IAAK,CAChB,MAAM,IAAI,gCAAkB,iEAAiE,CAC/F,CAEA,GAAI,MAAM,QAAQ,QAAQ,GAAG,EAAG,CAC9B,GAAI,CAAC,QAAQ,IAAI,KAAM,KAAQ,YAAY,IAAI,GAAG,CAAC,EAAG,CACpD,MAAM,IAAI,gCAAkB,+FAA+F,CAC7H,CACF,SAAW,CAAC,YAAY,IAAI,QAAQ,GAAG,EAAG,CACxC,MAAM,IAAI,gCAAkB,qFAAqF,CACnH,CAEA,GAAI,CACF,MAAM,IAAI,OAAO,IAAI,KAAK,OAAO,iBAAkB,SAAU,CAC3D,eACA,UAAW,IACb,CAAC,CACH,OAAS,IAAK,CACZ,MAAM,IAAI,gCAAkB,IAAI,OAAO,CACzC,CAEA,MAAM,OAAS,MAAM,SAAS,gBAAgB,OAC5C,QAAQ,IACR,QAAQ,IACR,QAAQ,IAAM,cAChB,EAEA,GAAI,CAAC,OAAQ,CACX,MAAM,IAAI,gCAAkB,gDAAgD,CAC9E,CACF,EA1DO,eA2DT,CA7DwB","names":["instance"],"ignoreList":[],"sources":["/home/etherpad/node_modules/.pnpm/oidc-provider@8.4.6/node_modules/oidc-provider/lib/shared/token_jwt_auth.js"],"sourcesContent":[null]}}