import{$ as _e,$b as Nt,C as j,D as jt,E as Z,F as Ft,G as we,H as Ut,I as Pt,J as L,K as Se,L as Ge,M as Lt,O as Mt,P as Ot,Q as We,Qa as xe,T as be,Tb as tt,W as B,X as Te,Xb as st,Y as Ze,Yb as Ce,Zb as rt,_ as w,a as S,aa as p,b as E,ba as f,ca as v,d as Qe,da as Ye,e as V,ea as J,fa as oe,g as W,gc as $t,h as K,i as ve,ia as Dt,j as Et,k as It,kc as q,l as xt,lc as Y,m as ye,mc as X,n as T,nc as Vt,o as ke,oa as Ee,p as Ct,pa as ce,q as R,r as At,ra as Xe,s as z,sc as zt,ta as Ie,ua as Ht,x as ne,xa as et,y as x,z as Rt}from"./chunk-YD3GTX6M.js";function it(t,r){let e=!r?.manualCleanup;e&&!r?.injector&&Dt(it);let s=e?r?.injector?.get(Xe)??v(Xe):null,i=Ds(r?.equal),n;r?.requireSync?n=et({kind:0},{equal:i}):n=et({kind:1,value:r?.initialValue},{equal:i});let o,c=t.subscribe({next:a=>n.set({kind:1,value:a}),error:a=>{if(r?.rejectErrors)throw a;n.set({kind:2,error:a})},complete:()=>{o?.()}});if(r?.requireSync&&n().kind===0)throw new Ze(601,!1);return o=s?.onDestroy(c.unsubscribe.bind(c)),Ce(()=>{let a=n();switch(a.kind){case 1:return a.value;case 2:throw a.error;case 0:throw new Ze(601,!1)}},{equal:r?.equal})}function Ds(t=Object.is){return(r,e)=>r.kind===1&&e.kind===1&&t(r.value,e.value)}var at={};function dt(t,r){if(at[t]=(at[t]||0)+1,typeof r=="function")return nt(t,(...s)=>E(S({},r(...s)),{type:t}));switch(r?r._as:"empty"){case"empty":return nt(t,()=>({type:t}));case"props":return nt(t,s=>E(S({},s),{type:t}));default:throw new Error("Unexpected config.")}}function F(){return{_as:"props",_p:void 0}}function nt(t,r){return Object.defineProperty(r,"type",{value:t,writable:!1})}function Hs(t){return t.charAt(0).toUpperCase()+t.substring(1)}function Ns(t){return t.charAt(0).toLowerCase()+t.substring(1)}function $s(t,r){if(t==null)throw new Error(`${r} must be defined.`)}function Pe(t){let{source:r,events:e}=t;return Object.keys(e).reduce((s,i)=>E(S({},s),{[Vs(i)]:dt(zs(r,i),e[i])}),{})}function M(){return F()}function Vs(t){return t.trim().split(" ").map((r,e)=>e===0?Ns(r):Hs(r)).join("")}function zs(t,r){return`[${t}] ${r}`}var ns="@ngrx/store/init",ee=(()=>{class t extends ve{constructor(){super({type:ns})}next(e){if(typeof e=="function")throw new TypeError(`
        Dispatch expected an object, instead it received a function.
        If you're using the createAction function, make sure to invoke the function
        before dispatching the action. For example, someAction should be someAction().`);if(typeof e>"u")throw new TypeError("Actions must be objects");if(typeof e.type>"u")throw new TypeError("Actions must have a type property");super.next(e)}complete(){}ngOnDestroy(){super.complete()}static{this.\u0275fac=function(s){return new(s||t)}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac})}}return t})(),Bs=[ee],os=new p("@ngrx/store Internal Root Guard"),Bt=new p("@ngrx/store Internal Initial State"),ft=new p("@ngrx/store Initial State"),cs=new p("@ngrx/store Reducer Factory"),qt=new p("@ngrx/store Internal Reducer Factory Provider"),as=new p("@ngrx/store Initial Reducers"),ot=new p("@ngrx/store Internal Initial Reducers"),Kt=new p("@ngrx/store Store Features"),Jt=new p("@ngrx/store Internal Store Reducers"),ct=new p("@ngrx/store Internal Feature Reducers"),Qt=new p("@ngrx/store Internal Feature Configs"),us=new p("@ngrx/store Internal Store Features"),Gt=new p("@ngrx/store Internal Feature Reducers Token"),ls=new p("@ngrx/store Feature Reducers"),Wt=new p("@ngrx/store User Provided Meta Reducers"),Ae=new p("@ngrx/store Meta Reducers"),Zt=new p("@ngrx/store Internal Resolved Meta Reducers"),Yt=new p("@ngrx/store User Runtime Checks Config"),Xt=new p("@ngrx/store Internal User Runtime Checks Config"),ae=new p("@ngrx/store Internal Runtime Checks"),pt=new p("@ngrx/store Check if Action types are unique"),ue=new p("@ngrx/store Root Store Provider"),Re=new p("@ngrx/store Feature State Provider");function mt(t,r={}){let e=Object.keys(t),s={};for(let n=0;n<e.length;n++){let o=e[n];typeof t[o]=="function"&&(s[o]=t[o])}let i=Object.keys(s);return function(o,c){o=o===void 0?r:o;let a=!1,l={};for(let h=0;h<i.length;h++){let u=i[h],m=s[u],d=o[u],g=m(d,c);l[u]=g,a=a||g!==d}return a?l:o}}function qs(t,r){return Object.keys(t).filter(e=>e!==r).reduce((e,s)=>Object.assign(e,{[s]:t[s]}),{})}function hs(...t){return function(r){if(t.length===0)return r;let e=t[t.length-1];return t.slice(0,-1).reduceRight((i,n)=>n(i),e(r))}}function ds(t,r){return Array.isArray(r)&&r.length>0&&(t=hs.apply(null,[...r,t])),(e,s)=>{let i=t(e);return(n,o)=>(n=n===void 0?s:n,i(n,o))}}function Ks(t){let r=Array.isArray(t)&&t.length>0?hs(...t):e=>e;return(e,s)=>(e=r(e),(i,n)=>(i=i===void 0?s:i,e(i,n)))}var le=class extends W{},je=class extends ee{},Js="@ngrx/store/update-reducers",Fe=(()=>{class t extends ve{get currentReducers(){return this.reducers}constructor(e,s,i,n){super(n(i,s)),this.dispatcher=e,this.initialState=s,this.reducers=i,this.reducerFactory=n}addFeature(e){this.addFeatures([e])}addFeatures(e){let s=e.reduce((i,{reducers:n,reducerFactory:o,metaReducers:c,initialState:a,key:l})=>{let h=typeof n=="function"?Ks(c)(n,a):ds(o,c)(n,a);return i[l]=h,i},{});this.addReducers(s)}removeFeature(e){this.removeFeatures([e])}removeFeatures(e){this.removeReducers(e.map(s=>s.key))}addReducer(e,s){this.addReducers({[e]:s})}addReducers(e){this.reducers=S(S({},this.reducers),e),this.updateReducers(Object.keys(e))}removeReducer(e){this.removeReducers([e])}removeReducers(e){e.forEach(s=>{this.reducers=qs(this.reducers,s)}),this.updateReducers(e)}updateReducers(e){this.next(this.reducerFactory(this.reducers,this.initialState)),this.dispatcher.next({type:Js,features:e})}ngOnDestroy(){this.complete()}static{this.\u0275fac=function(s){return new(s||t)(f(je),f(ft),f(as),f(cs))}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac})}}return t})(),Qs=[Fe,{provide:le,useExisting:Fe},{provide:je,useExisting:ee}],he=(()=>{class t extends K{ngOnDestroy(){this.complete()}static{this.\u0275fac=(()=>{let e;return function(i){return(e||(e=Ee(t)))(i||t)}})()}static{this.\u0275prov=w({token:t,factory:t.\u0275fac})}}return t})(),Gs=[he],Ue=class extends W{},es=(()=>{class t extends ve{static{this.INIT=ns}constructor(e,s,i,n){super(n);let c=e.pipe(xt(Et)).pipe(Te(s)),a={state:n},l=c.pipe(Ot(Ws,a));this.stateSubscription=l.subscribe(({state:h,action:u})=>{this.next(h),i.next(u)}),this.state=it(this,{manualCleanup:!0,requireSync:!0})}ngOnDestroy(){this.stateSubscription.unsubscribe(),this.complete()}static{this.\u0275fac=function(s){return new(s||t)(f(ee),f(le),f(he),f(ft))}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac})}}return t})();function Ws(t={state:void 0},[r,e]){let{state:s}=t;return{state:e(s,r),action:r}}var Zs=[es,{provide:Ue,useExisting:es}],O=(()=>{class t extends W{constructor(e,s,i,n){super(),this.actionsObserver=s,this.reducerManager=i,this.injector=n,this.source=e,this.state=e.state}select(e,...s){return Xs.call(null,e,...s)(this)}selectSignal(e,s){return Ce(()=>e(this.state()),s)}lift(e){let s=new t(this,this.actionsObserver,this.reducerManager);return s.operator=e,s}dispatch(e,s){if(typeof e=="function")return this.processDispatchFn(e,s);this.actionsObserver.next(e)}next(e){this.actionsObserver.next(e)}error(e){this.actionsObserver.error(e)}complete(){this.actionsObserver.complete()}addReducer(e,s){this.reducerManager.addReducer(e,s)}removeReducer(e){this.reducerManager.removeReducer(e)}processDispatchFn(e,s){$s(this.injector,"Store Injector");let i=s?.injector??er()??this.injector;return rt(()=>{let n=e();st(()=>this.dispatch(n))},{injector:i})}static{this.\u0275fac=function(s){return new(s||t)(f(Ue),f(ee),f(Fe),f(ce))}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac})}}return t})(),Ys=[O];function Xs(t,r,...e){return function(i){let n;if(typeof t=="string"){let o=[r,...e].filter(Boolean);n=i.pipe(Mt(t,...o))}else if(typeof t=="function")n=i.pipe(R(o=>t(o,r)));else throw new TypeError(`Unexpected type '${typeof t}' in select operator, expected 'string' or 'function'`);return n.pipe(Pt())}}function er(){try{return v(ce)}catch{return}}var gt="https://ngrx.io/guide/store/configuration/runtime-checks";function ts(t){return t===void 0}function ss(t){return t===null}function fs(t){return Array.isArray(t)}function tr(t){return typeof t=="string"}function sr(t){return typeof t=="boolean"}function rr(t){return typeof t=="number"}function ps(t){return typeof t=="object"&&t!==null}function ir(t){return ps(t)&&!fs(t)}function nr(t){if(!ir(t))return!1;let r=Object.getPrototypeOf(t);return r===Object.prototype||r===null}function ut(t){return typeof t=="function"}function or(t){return ut(t)&&t.hasOwnProperty("\u0275cmp")}function cr(t,r){return Object.prototype.hasOwnProperty.call(t,r)}var ar=!1;function ur(){return ar}function rs(t,r){return t===r}function lr(t,r,e){for(let s=0;s<t.length;s++)if(!e(t[s],r[s]))return!0;return!1}function ms(t,r=rs,e=rs){let s=null,i=null,n;function o(){s=null,i=null}function c(h=void 0){n={result:h}}function a(){n=void 0}function l(){if(n!==void 0)return n.result;if(!s)return i=t.apply(null,arguments),s=arguments,i;if(!lr(arguments,s,r))return i;let h=t.apply(null,arguments);return s=arguments,e(i,h)?i:(i=h,h)}return{memoized:l,reset:o,setResult:c,clearResult:a}}function k(...t){return dr(ms)(...t)}function hr(t,r,e,s){if(e===void 0){let n=r.map(o=>o(t));return s.memoized.apply(null,n)}let i=r.map(n=>n(t,e));return s.memoized.apply(null,[...i,e])}function dr(t,r={stateFn:hr}){return function(...e){let s=e;if(Array.isArray(s[0])){let[h,...u]=s;s=[...h,...u]}else s.length===1&&fr(s[0])&&(s=pr(s[0]));let i=s.slice(0,s.length-1),n=s[s.length-1],o=i.filter(h=>h.release&&typeof h.release=="function"),c=t(function(...h){return n.apply(null,h)}),a=ms(function(h,u){return r.stateFn.apply(null,[h,i,u,c])});function l(){a.reset(),c.reset(),o.forEach(h=>h.release())}return Object.assign(a.memoized,{release:l,projector:c.memoized,setResult:a.setResult,clearResult:a.clearResult})}}function te(t){return k(r=>{let e=r[t];return!ur()&&tt()&&!(t in r)&&console.warn(`@ngrx/store: The feature name "${t}" does not exist in the state, therefore createFeatureSelector cannot access it.  Be sure it is imported in a loaded module using StoreModule.forRoot('${t}', ...) or StoreModule.forFeature('${t}', ...).  If the default state is intended to be undefined, as is the case with router state, this development-only warning message can be ignored.`),e},r=>r)}function fr(t){return!!t&&typeof t=="object"&&Object.values(t).every(r=>typeof r=="function")}function pr(t){let r=Object.values(t),e=Object.keys(t),s=(...i)=>e.reduce((n,o,c)=>E(S({},n),{[o]:i[c]}),{});return[...r,s]}function mr(t){return t instanceof p?v(t):t}function gr(t,r){return r.map((e,s)=>{if(t[s]instanceof p){let i=v(t[s]);return{key:e.key,reducerFactory:i.reducerFactory?i.reducerFactory:mt,metaReducers:i.metaReducers?i.metaReducers:[],initialState:i.initialState}}return e})}function vr(t){return t.map(r=>r instanceof p?v(r):r)}function gs(t){return typeof t=="function"?t():t}function yr(t,r){return t.concat(r)}function kr(){if(v(O,{optional:!0,skipSelf:!0}))throw new TypeError("The root Store has been provided more than once. Feature modules should provide feature states instead.");return"guarded"}function wr(t,r){return function(e,s){let i=r.action(s)?lt(s):s,n=t(e,i);return r.state()?lt(n):n}}function lt(t){Object.freeze(t);let r=ut(t);return Object.getOwnPropertyNames(t).forEach(e=>{if(!e.startsWith("\u0275")&&cr(t,e)&&(!r||e!=="caller"&&e!=="callee"&&e!=="arguments")){let s=t[e];(ps(s)||ut(s))&&!Object.isFrozen(s)&&lt(s)}}),t}function Sr(t,r){return function(e,s){if(r.action(s)){let n=ht(s);is(n,"action")}let i=t(e,s);if(r.state()){let n=ht(i);is(n,"state")}return i}}function ht(t,r=[]){return(ts(t)||ss(t))&&r.length===0?{path:["root"],value:t}:Object.keys(t).reduce((s,i)=>{if(s)return s;let n=t[i];return or(n)?s:ts(n)||ss(n)||rr(n)||sr(n)||tr(n)||fs(n)?!1:nr(n)?ht(n,[...r,i]):{path:[...r,i],value:n}},!1)}function is(t,r){if(t===!1)return;let e=t.path.join("."),s=new Error(`Detected unserializable ${r} at "${e}". ${gt}#strict${r}serializability`);throw s.value=t.value,s.unserializablePath=e,s}function br(t,r){return function(e,s){if(r.action(s)&&!Ie.isInAngularZone())throw new Error(`Action '${s.type}' running outside NgZone. ${gt}#strictactionwithinngzone`);return t(e,s)}}function Tr(t){return tt()?S({strictStateSerializability:!1,strictActionSerializability:!1,strictStateImmutability:!0,strictActionImmutability:!0,strictActionWithinNgZone:!1,strictActionTypeUniqueness:!1},t):{strictStateSerializability:!1,strictActionSerializability:!1,strictStateImmutability:!1,strictActionImmutability:!1,strictActionWithinNgZone:!1,strictActionTypeUniqueness:!1}}function _r({strictActionSerializability:t,strictStateSerializability:r}){return e=>t||r?Sr(e,{action:s=>t&&!vt(s),state:()=>r}):e}function Er({strictActionImmutability:t,strictStateImmutability:r}){return e=>t||r?wr(e,{action:s=>t&&!vt(s),state:()=>r}):e}function vt(t){return t.type.startsWith("@ngrx")}function Ir({strictActionWithinNgZone:t}){return r=>t?br(r,{action:e=>t&&!vt(e)}):r}function xr(t){return[{provide:Xt,useValue:t},{provide:Yt,useFactory:Cr,deps:[Xt]},{provide:ae,deps:[Yt],useFactory:Tr},{provide:Ae,multi:!0,deps:[ae],useFactory:Er},{provide:Ae,multi:!0,deps:[ae],useFactory:_r},{provide:Ae,multi:!0,deps:[ae],useFactory:Ir}]}function vs(){return[{provide:pt,multi:!0,deps:[ae],useFactory:Ar}]}function Cr(t){return t}function Ar(t){if(!t.strictActionTypeUniqueness)return;let r=Object.entries(at).filter(([,e])=>e>1).map(([e])=>e);if(r.length)throw new Error(`Action types are registered more than once, ${r.map(e=>`"${e}"`).join(", ")}. ${gt}#strictactiontypeuniqueness`)}function on(t,r,e={}){return J([...Lr(t,r,e),Pr])}function Rr(t={},r={}){return[{provide:os,useFactory:kr},{provide:Bt,useValue:r.initialState},{provide:ft,useFactory:gs,deps:[Bt]},{provide:ot,useValue:t},{provide:Jt,useExisting:t instanceof p?t:ot},{provide:as,deps:[ot,[new Ye(Jt)]],useFactory:mr},{provide:Wt,useValue:r.metaReducers?r.metaReducers:[]},{provide:Zt,deps:[Ae,Wt],useFactory:yr},{provide:qt,useValue:r.reducerFactory?r.reducerFactory:mt},{provide:cs,deps:[qt,Zt],useFactory:ds},Bs,Qs,Gs,Zs,Ys,xr(r.runtimeChecks),vs()]}function jr(){v(ee),v(le),v(he),v(O),v(os,{optional:!0}),v(pt,{optional:!0})}var Fr=[{provide:ue,useFactory:jr},oe(()=>v(ue))];function cn(t,r){return J([...Rr(t,r),Fr])}function Ur(){v(ue);let t=v(us),r=v(ls),e=v(Fe);v(pt,{optional:!0});let s=t.map((i,n)=>{let c=r.shift()[n];return E(S({},i),{reducers:c,initialState:gs(i.initialState)})});e.addFeatures(s)}var Pr=[{provide:Re,useFactory:Ur},oe(()=>v(Re))];function Lr(t,r,e={}){return[{provide:Qt,multi:!0,useValue:t instanceof Object?{}:e},{provide:Kt,multi:!0,useValue:{key:t instanceof Object?t.name:t,reducerFactory:!(e instanceof p)&&e.reducerFactory?e.reducerFactory:mt,metaReducers:!(e instanceof p)&&e.metaReducers?e.metaReducers:[],initialState:!(e instanceof p)&&e.initialState?e.initialState:void 0}},{provide:us,deps:[Qt,Kt],useFactory:gr},{provide:ct,multi:!0,useValue:t instanceof Object?t.reducer:r},{provide:Gt,multi:!0,useExisting:r instanceof p?r:ct},{provide:ls,multi:!0,deps:[ct,[new Ye(Gt)]],useFactory:vr},vs()]}function D(...t){let r=t.pop(),e=t.map(s=>s.type);return{reducer:r,types:e}}function Le(t,...r){let e=new Map;for(let s of r)for(let i of s.types){let n=e.get(i);if(n){let o=(c,a)=>s.reducer(n(c,a),a);e.set(i,o)}else e.set(i,s.reducer)}return function(s=t,i){let n=e.get(i.type);return n?n(s,i):s}}var A=Pe({source:"App State Actions",events:{initAuth:M(),initAuthSuccess:F(),initAuthFailure:F(),login:F(),logout:M(),getLicense:M(),getLicenseSuccess:F(),getLicenseError:F()}});var ks="app",Mr={authData:null,license:null,initialized:!1},fn=Le(Mr,D(A.initAuthSuccess,(t,{authData:r})=>E(S({},t),{authData:r,error:null,initialized:!0})),D(A.initAuthFailure,A.getLicenseError,(t,{error:r})=>E(S({},t),{error:r,initialized:!0})),D(A.getLicenseSuccess,(t,{license:r})=>E(S({},t),{license:r})));var Me={};Qe(Me,{selectAccessToken:()=>ws,selectAuthData:()=>se,selectAuthProfile:()=>Hr,selectInitialized:()=>Or,selectIsLoggedIn:()=>$r,selectLicense:()=>Nr,selectPrefferedUserName:()=>Dr});var yt=te(ks),se=k(yt,t=>t.authData),Or=k(yt,t=>t.initialized),ws=k(se,t=>t?.accessToken),Dr=k(se,t=>t?.authProfile.preferred_username),Hr=k(se,t=>t?.authProfile??null),Nr=k(yt,t=>t.license),$r=k(ws,t=>!!t);var b=Pe({source:"App State Actions",events:{initApp:M(),initTheme:M(),initConfig:M(),setTheme:F(),setConfig:F(),toggleTheme:M(),acceptEula:M(),setMobile:F(),setSize:F(),initTutorials:M(),setTutorialsConfig:F()}});var Oe="app_state",Vr=!!localStorage.getItem("eulaAccepted"),zr={theme:null,appConfig:null,eulaAccepted:Vr,isMobile:!1,size:"XSmall"},bn=Le(zr,D(b.setTheme,(t,{theme:r})=>E(S({},t),{theme:r})),D(b.setConfig,(t,{appConfig:r})=>E(S({},t),{appConfig:r})),D(b.acceptEula,t=>E(S({},t),{eulaAccepted:!0})),D(b.setMobile,(t,{isMobile:r})=>E(S({},t),{isMobile:r})),D(b.setSize,(t,{size:r})=>E(S({},t),{size:r})),D(b.setTutorialsConfig,(t,{tutorialsConfig:r})=>E(S({},t),{tutorialsConfig:r})));var Ss={};Qe(Ss,{selectAcademyUrl:()=>Qr,selectAcademyUrlNotLoggedIn:()=>Gr,selectAppConfig:()=>fe,selectEulaAccepted:()=>qr,selectForumUrl:()=>Kr,selectForumUrlNotLoggedIn:()=>Jr,selectIsMobile:()=>Wr,selectSize:()=>Zr,selectTheme:()=>Br});var de=te(Oe),Br=k(de,t=>t.theme),fe=k(de,t=>t.appConfig),qr=k(de,t=>t.eulaAccepted),Kr=k(fe,t=>t?.forumUrl),Jr=k(fe,t=>t?`${t.keycloakUrl}/protocol/openid-connect/auth?client_id=kx-forums&scope=openid&redirect_uri=${encodeURIComponent(t.forumUrl)}&response_type=code`:null),Qr=k(fe,t=>t?.academyUrl||"#"),Gr=k(fe,t=>t?`${t.keycloakUrl}/protocol/openid-connect/auth?client_id=learning-hub&scope=openid&redirect_uri=${encodeURIComponent(t.academyUrl)}&response_type=code`:"#"),Wr=k(de,t=>t.isMobile),Zr=k(de,t=>t.size);var bs=(()=>{class t{constructor(e){this.http=e}getConfig(){return this.cachedData$||(this.cachedData$=this.http.get("./assets/config/settings.json").pipe(We(1))),this.cachedData$}getTutorials(){return this.cachedTutorials$||(this.cachedTutorials$=this.http.get("./assets/config/tutorials.json").pipe(We(1))),this.cachedTutorials$}static{this.\u0275fac=function(s){return new(s||t)(f(X))}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac,providedIn:"root"})}}return t})();var ei={dispatch:!0,functional:!1,useEffectsErrorHandler:!0},De="__@ngrx/effects_create__";function U(t,r={}){let e=r.functional?t:t(),s=S(S({},ei),r);return Object.defineProperty(e,De,{value:s}),e}function ti(t){return Object.getOwnPropertyNames(t).filter(s=>t[s]&&t[s].hasOwnProperty(De)?t[s][De].hasOwnProperty("dispatch"):!1).map(s=>{let i=t[s][De];return S({propertyName:s},i)})}function si(t){return ti(t)}function Ts(t){return Object.getPrototypeOf(t)}function ri(t){return!!t.constructor&&t.constructor.name!=="Object"&&t.constructor.name!=="Function"}function _s(t){return typeof t=="function"}function ii(t){return t.filter(_s)}function ni(t,r,e){let s=Ts(t),n=!!s&&s.constructor.name!=="Object"?s.constructor.name:null,o=si(t).map(({propertyName:c,dispatch:a,useEffectsErrorHandler:l})=>{let h=typeof t[c]=="function"?t[c]():t[c],u=l?e(h,r):h;return a===!1?u.pipe(Ft()):u.pipe(Lt()).pipe(R(d=>({effect:t[c],notification:d,propertyName:c,sourceName:n,sourceInstance:t})))});return ne(...o)}var oi=10;function Es(t,r,e=oi){return t.pipe(j(s=>(r&&r.handleError(s),e<=1?t:Es(t,r,e-1))))}var He=(()=>{class t extends W{constructor(e){super(),e&&(this.source=e)}lift(e){let s=new t;return s.source=this,s.operator=e,s}static{this.\u0275fac=function(s){return new(s||t)(f(he))}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac,providedIn:"root"})}}return t})();function P(...t){return x(r=>t.some(e=>typeof e=="string"?e===r.type:e.type===r.type))}var $n=new p("@ngrx/effects Internal Root Guard"),Vn=new p("@ngrx/effects User Provided Effects"),zn=new p("@ngrx/effects Internal Root Effects"),Bn=new p("@ngrx/effects Internal Root Effects Instances"),qn=new p("@ngrx/effects Internal Feature Effects"),Kn=new p("@ngrx/effects Internal Feature Effects Instance Groups"),ci=new p("@ngrx/effects Effects Error Handler",{providedIn:"root",factory:()=>Es}),ai="@ngrx/effects/init",ui=dt(ai);function li(t,r){if(t.notification.kind==="N"){let e=t.notification.value;!hi(e)&&r.handleError(new Error(`Effect ${di(t)} dispatched an invalid action: ${fi(e)}`))}}function hi(t){return typeof t!="function"&&t&&t.type&&typeof t.type=="string"}function di({propertyName:t,sourceInstance:r,sourceName:e}){let s=typeof r[t]=="function";return!!e?`"${e}.${String(t)}${s?"()":""}"`:`"${String(t)}()"`}function fi(t){try{return JSON.stringify(t)}catch{return t}}var pi="ngrxOnIdentifyEffects";function mi(t){return kt(t,pi)}var gi="ngrxOnRunEffects";function vi(t){return kt(t,gi)}var yi="ngrxOnInitEffects";function ki(t){return kt(t,yi)}function kt(t,r){return t&&r in t&&typeof t[r]=="function"}var Is=(()=>{class t extends K{constructor(e,s){super(),this.errorHandler=e,this.effectsErrorHandler=s}addEffects(e){this.next(e)}toActions(){return this.pipe(Ge(e=>ri(e)?Ts(e):e),z(e=>e.pipe(Ge(wi))),z(e=>{let s=e.pipe(L(n=>Si(this.errorHandler,this.effectsErrorHandler)(n)),R(n=>(li(n,this.errorHandler),n.notification)),x(n=>n.kind==="N"&&n.value!=null),Ut()),i=e.pipe(Z(1),x(ki),R(n=>n.ngrxOnInitEffects()));return ne(s,i)}))}static{this.\u0275fac=function(s){return new(s||t)(f(Ht),f(ci))}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac,providedIn:"root"})}}return t})();function wi(t){return mi(t)?t.ngrxOnIdentifyEffects():""}function Si(t,r){return e=>{let s=ni(e,t,r);return vi(e)?e.ngrxOnRunEffects(s):s}}var bi=(()=>{class t{get isStarted(){return!!this.effectsSubscription}constructor(e,s){this.effectSources=e,this.store=s,this.effectsSubscription=null}start(){this.effectsSubscription||(this.effectsSubscription=this.effectSources.toActions().subscribe(this.store))}ngOnDestroy(){this.effectsSubscription&&(this.effectsSubscription.unsubscribe(),this.effectsSubscription=null)}static{this.\u0275fac=function(s){return new(s||t)(f(Is),f(O))}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac,providedIn:"root"})}}return t})();function Jn(...t){let r=t.flat(),e=ii(r);return J([e,oe(()=>{v(ue),v(Re,{optional:!0});let s=v(bi),i=v(Is),n=!s.isStarted;n&&s.start();for(let o of r){let c=_s(o)?v(o):o;i.addEffects(c)}n&&v(O).dispatch(ui())})])}var Cs=(()=>{class t{constructor(){this.darkLoaded=!1,this.lightLoaded=!1,this.currentTheme=localStorage.getItem("app-theme"),this.currentTheme||(this.currentTheme=window.matchMedia("(prefers-color-scheme: dark)").matches?"dark":"light")}initTheme(){return this.currentTheme==="dark"?this.setTheme("dark"):this.setTheme("light"),this.currentTheme}loadDark(){if(this.darkLoaded)return;let e=document.createElement("link");e.rel="stylesheet",e.href="proxy.php?url=https%3A%2F%2Fdeveloper.kx.com%2Fdark-theme.css",document.head.appendChild(e),this.darkLoaded=!0}loadLight(){if(this.lightLoaded)return;let e=document.createElement("link");e.rel="stylesheet",e.href="proxy.php?url=https%3A%2F%2Fdeveloper.kx.com%2Flight-theme.css",document.head.appendChild(e),this.lightLoaded=!0}setTheme(e){e==="light"?(this.loadLight(),document.getElementsByTagName("html")[0].classList.remove("dark-theme"),document.getElementsByTagName("html")[0].classList.add("light-theme")):(this.loadDark(),document.getElementsByTagName("html")[0].classList.remove("light-theme"),document.getElementsByTagName("html")[0].classList.add("dark-theme")),this.currentTheme=e,localStorage.setItem("app-theme",e)}toggleTheme(){return this.currentTheme==="dark"?this.setTheme("light"):this.setTheme("dark"),this.currentTheme}static{this.\u0275fac=function(s){return new(s||t)}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac,providedIn:"root"})}}return t})();var Xn=(()=>{class t{ngrxOnInitEffects(){return b.initApp()}constructor(e,s,i){this.actions$=e,this.themeService=s,this.configService=i,this.initApp$=U(()=>this.actions$.pipe(P(b.initApp),L(()=>T(b.initTheme(),b.initConfig(),b.initTutorials())))),this.initTutorials$=U(()=>this.actions$.pipe(P(b.initTutorials),L(()=>this.configService.getTutorials().pipe(z(n=>T(b.setTutorialsConfig({tutorialsConfig:n}))))))),this.initTheme$=U(()=>this.actions$.pipe(P(b.initTheme),L(()=>{let n=this.themeService.initTheme();return T(b.setTheme({theme:n}))}))),this.initConfig$=U(()=>this.actions$.pipe(P(b.initConfig),L(()=>this.configService.getConfig().pipe(z(n=>T(b.setConfig({appConfig:n}))))))),this.toggleTheme$=U(()=>this.actions$.pipe(P(b.toggleTheme),L(()=>{let n=this.themeService.toggleTheme();return T(b.setTheme({theme:n}))}))),this.acceptEula$=U(()=>this.actions$.pipe(P(b.acceptEula),B(()=>{localStorage.setItem("eulaAccepted",Date.now().toString())})),{dispatch:!1})}static{this.\u0275fac=function(s){return new(s||t)(f(He),f(Cs),f(bs))}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac})}}return t})();var js={};Qe(js,{selectFeaturedTutorials:()=>_i,selectFeaturedTutorialsImage:()=>Ri,selectTutorials:()=>re,selectTutorialsCategories:()=>Ei,selectTutorialsLanguages:()=>Ci,selectTutorialsProducts:()=>xi,selectTutorialsSkillLevels:()=>Ai,selectTutorialsTags:()=>Ii});var As=te(Oe),Rs=k(As,t=>t.tutorialsConfig),re=k(Rs,t=>t?.tutorials),_i=k(Rs,t=>t?.tutorials.filter(r=>t?.featured.ids.includes(r.id))),Ei=k(re,t=>Array.from(new Set(t?.flatMap(r=>r.categories||[])))),Ii=k(re,t=>Array.from(new Set(t?.flatMap(r=>r.tags?.map(e=>e.split(" ").map(s=>s.charAt(0).toUpperCase()+s.slice(1)).join(" "))||[])))),xi=k(re,t=>Array.from(new Set(t?.flatMap(r=>r.products||[])))),Ci=k(re,t=>Array.from(new Set(t?.flatMap(r=>r.languages||[])))),Ai=k(re,t=>Array.from(new Set(t?.flatMap(r=>r.skillLevel||[])))),Ri=k(As,t=>t.tutorialsConfig?.featured.imageFileName);var Ne=class{validateSignature(r){return Promise.resolve(null)}validateAtHash(r){return Promise.resolve(!0)}},$e=class{};var pe=class{},ji=(()=>{class t extends pe{now(){return Date.now()}new(){return new Date}static{this.\u0275fac=(()=>{let e;return function(i){return(e||(e=Ee(t)))(i||t)}})()}static{this.\u0275prov=w({token:t,factory:t.\u0275fac})}}return t})();var Ve=class{},ze=class{},Fi=(()=>{class t{constructor(){this.data=new Map}getItem(e){return this.data.get(e)}removeItem(e){this.data.delete(e)}setItem(e,s){this.data.set(e,s)}static{this.\u0275fac=function(s){return new(s||t)}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac})}}return t})();var me=class{constructor(r){this.type=r}},C=class extends me{constructor(r,e=null){super(r),this.info=e}},H=class extends me{constructor(r,e=null){super(r),this.info=e}},_=class extends me{constructor(r,e,s=null){super(r),this.reason=e,this.params=s}};function Fs(t){let r=t.replace(/-/g,"+").replace(/_/g,"/");return decodeURIComponent(atob(r).split("").map(function(e){return"%"+("00"+e.charCodeAt(0).toString(16)).slice(-2)}).join(""))}function Us(t){return btoa(t).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}var ie=class{constructor(r){this.clientId="",this.redirectUri="",this.postLogoutRedirectUri="",this.redirectUriAsPostLogoutRedirectUriFallback=!0,this.loginUrl="",this.scope="openid profile",this.resource="",this.rngUrl="",this.oidc=!0,this.requestAccessToken=!0,this.options=null,this.issuer="",this.logoutUrl="",this.clearHashAfterLogin=!0,this.tokenEndpoint=null,this.revocationEndpoint=null,this.customTokenParameters=[],this.userinfoEndpoint=null,this.responseType="",this.showDebugInformation=!1,this.silentRefreshRedirectUri="",this.silentRefreshMessagePrefix="",this.silentRefreshShowIFrame=!1,this.siletRefreshTimeout=1e3*20,this.silentRefreshTimeout=1e3*20,this.dummyClientSecret="",this.requireHttps="remoteOnly",this.strictDiscoveryDocumentValidation=!0,this.jwks=null,this.customQueryParams=null,this.silentRefreshIFrameName="angular-oauth-oidc-silent-refresh-iframe",this.timeoutFactor=.75,this.sessionChecksEnabled=!1,this.sessionCheckIntervall=3*1e3,this.sessionCheckIFrameUrl=null,this.sessionCheckIFrameName="angular-oauth-oidc-check-session-iframe",this.disableAtHashCheck=!1,this.skipSubjectCheck=!1,this.useIdTokenHintForSilentRefresh=!1,this.skipIssuerCheck=!1,this.nonceStateSeparator=";",this.useHttpBasicAuth=!1,this.decreaseExpirationBySec=0,this.waitForTokenInMsec=0,this.disablePKCE=!1,this.preserveRequestedRoute=!1,this.disableIdTokenTimer=!1,this.checkOrigin=!1,this.openUri=e=>{location.href=e},r&&Object.assign(this,r)}},G=class{encodeKey(r){return encodeURIComponent(r)}encodeValue(r){return encodeURIComponent(r)}decodeKey(r){return decodeURIComponent(r)}decodeValue(r){return decodeURIComponent(r)}},Be=class{};var Ps=(()=>{class t{getHashFragmentParams(e){let s=e||window.location.hash;if(s=decodeURIComponent(s),s.indexOf("#")!==0)return{};let i=s.indexOf("?");return i>-1?s=s.substr(i+1):s=s.substr(1),this.parseQueryString(s)}parseQueryString(e){let s={},i,n,o,c,a,l;if(e===null)return s;let h=e.split("&");for(let u=0;u<h.length;u++)i=h[u],n=i.indexOf("="),n===-1?(o=i,c=null):(o=i.substr(0,n),c=i.substr(n+1)),a=decodeURIComponent(o),l=decodeURIComponent(c),a.substr(0,1)==="/"&&(a=a.substr(1)),s[a]=l;return s}static{this.\u0275fac=function(s){return new(s||t)}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac})}}return t})(),Ls=32,Ui=64,Pi=new Uint32Array([1116352408,1899447441,3049323471,3921009573,961987163,1508970993,2453635748,2870763221,3624381080,310598401,607225278,1426881987,1925078388,2162078206,2614888103,3248222580,3835390401,4022224774,264347078,604807628,770255983,1249150122,1555081692,1996064986,2554220882,2821834349,2952996808,3210313671,3336571891,3584528711,113926993,338241895,666307205,773529912,1294757372,1396182291,1695183700,1986661051,2177026350,2456956037,2730485921,2820302411,3259730800,3345764771,3516065817,3600352804,4094571909,275423344,430227734,506948616,659060556,883997877,958139571,1322822218,1537002063,1747873779,1955562222,2024104815,2227730452,2361852424,2428436474,2756734187,3204031479,3329325298]);function wt(t,r,e,s,i){let n,o,c,a,l,h,u,m,d,g,I,$,N;for(;i>=64;){for(n=r[0],o=r[1],c=r[2],a=r[3],l=r[4],h=r[5],u=r[6],m=r[7],g=0;g<16;g++)I=s+g*4,t[g]=(e[I]&255)<<24|(e[I+1]&255)<<16|(e[I+2]&255)<<8|e[I+3]&255;for(g=16;g<64;g++)d=t[g-2],$=(d>>>17|d<<15)^(d>>>19|d<<13)^d>>>10,d=t[g-15],N=(d>>>7|d<<25)^(d>>>18|d<<14)^d>>>3,t[g]=($+t[g-7]|0)+(N+t[g-16]|0);for(g=0;g<64;g++)$=(((l>>>6|l<<26)^(l>>>11|l<<21)^(l>>>25|l<<7))+(l&h^~l&u)|0)+(m+(Pi[g]+t[g]|0)|0)|0,N=((n>>>2|n<<30)^(n>>>13|n<<19)^(n>>>22|n<<10))+(n&o^n&c^o&c)|0,m=u,u=h,h=l,l=a+$|0,a=c,c=o,o=n,n=$+N|0;r[0]+=n,r[1]+=o,r[2]+=c,r[3]+=a,r[4]+=l,r[5]+=h,r[6]+=u,r[7]+=m,s+=64,i-=64}return s}var St=class{constructor(){this.digestLength=Ls,this.blockSize=Ui,this.state=new Int32Array(8),this.temp=new Int32Array(64),this.buffer=new Uint8Array(128),this.bufferLength=0,this.bytesHashed=0,this.finished=!1,this.reset()}reset(){return this.state[0]=1779033703,this.state[1]=3144134277,this.state[2]=1013904242,this.state[3]=2773480762,this.state[4]=1359893119,this.state[5]=2600822924,this.state[6]=528734635,this.state[7]=1541459225,this.bufferLength=0,this.bytesHashed=0,this.finished=!1,this}clean(){for(let r=0;r<this.buffer.length;r++)this.buffer[r]=0;for(let r=0;r<this.temp.length;r++)this.temp[r]=0;this.reset()}update(r,e=r.length){if(this.finished)throw new Error("SHA256: can't update because hash was finished.");let s=0;if(this.bytesHashed+=e,this.bufferLength>0){for(;this.bufferLength<64&&e>0;)this.buffer[this.bufferLength++]=r[s++],e--;this.bufferLength===64&&(wt(this.temp,this.state,this.buffer,0,64),this.bufferLength=0)}for(e>=64&&(s=wt(this.temp,this.state,r,s,e),e%=64);e>0;)this.buffer[this.bufferLength++]=r[s++],e--;return this}finish(r){if(!this.finished){let e=this.bytesHashed,s=this.bufferLength,i=e/536870912|0,n=e<<3,o=e%64<56?64:128;this.buffer[s]=128;for(let c=s+1;c<o-8;c++)this.buffer[c]=0;this.buffer[o-8]=i>>>24&255,this.buffer[o-7]=i>>>16&255,this.buffer[o-6]=i>>>8&255,this.buffer[o-5]=i>>>0&255,this.buffer[o-4]=n>>>24&255,this.buffer[o-3]=n>>>16&255,this.buffer[o-2]=n>>>8&255,this.buffer[o-1]=n>>>0&255,wt(this.temp,this.state,this.buffer,0,o),this.finished=!0}for(let e=0;e<8;e++)r[e*4+0]=this.state[e]>>>24&255,r[e*4+1]=this.state[e]>>>16&255,r[e*4+2]=this.state[e]>>>8&255,r[e*4+3]=this.state[e]>>>0&255;return this}digest(){let r=new Uint8Array(this.digestLength);return this.finish(r),r}_saveState(r){for(let e=0;e<this.state.length;e++)r[e]=this.state[e]}_restoreState(r,e){for(let s=0;s<this.state.length;s++)this.state[s]=r[s];this.bytesHashed=e,this.finished=!1,this.bufferLength=0}};function Li(t){let r=new St().update(t),e=r.digest();return r.clean(),e}var vo=new Uint8Array(Ls);var qe=class{};function Mi(t){if(typeof t!="string")throw new TypeError("expected string");let r=t,e=new Uint8Array(r.length);for(let s=0;s<r.length;s++)e[s]=r.charCodeAt(s);return e}function Oi(t){let r=[];for(let e=0;e<t.length;e++)r.push(String.fromCharCode(t[e]));return r.join("")}var Di=(()=>{class t{calcHash(e,s){return V(this,null,function*(){return Oi(Li(Mi(e)))})}toHashString2(e){let s="";for(let i of e)s+=String.fromCharCode(i);return s}toHashString(e){let s=new Uint8Array(e),i="";for(let n of s)i+=String.fromCharCode(n);return i}static{this.\u0275fac=function(s){return new(s||t)}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac})}}return t})(),Je=(()=>{class t extends ie{constructor(e,s,i,n,o,c,a,l,h,u){super(),this.ngZone=e,this.http=s,this.config=o,this.urlHelper=c,this.logger=a,this.crypto=l,this.dateTimeService=u,this.discoveryDocumentLoaded=!1,this.state="",this.eventsSubject=new K,this.discoveryDocumentLoadedSubject=new K,this.grantTypesSupported=[],this.inImplicitFlow=!1,this.saveNoncesInLocalStorage=!1,this.debug("angular-oauth2-oidc v10"),this.document=h,o||(o={}),this.discoveryDocumentLoaded$=this.discoveryDocumentLoadedSubject.asObservable(),this.events=this.eventsSubject.asObservable(),n&&(this.tokenValidationHandler=n),o&&this.configure(o);try{i?this.setStorage(i):typeof sessionStorage<"u"&&this.setStorage(sessionStorage)}catch(m){console.error("No OAuthStorage provided and cannot access default (sessionStorage).Consider providing a custom OAuthStorage implementation in your module.",m)}if(this.checkLocalStorageAccessable()){let m=window?.navigator?.userAgent;(m?.includes("MSIE ")||m?.includes("Trident"))&&(this.saveNoncesInLocalStorage=!0)}this.setupRefreshTimer()}checkLocalStorageAccessable(){if(typeof window>"u")return!1;let e="test";try{return typeof window.localStorage>"u"?!1:(localStorage.setItem(e,e),localStorage.removeItem(e),!0)}catch{return!1}}configure(e){Object.assign(this,new ie,e),this.config=Object.assign({},new ie,e),this.sessionChecksEnabled&&this.setupSessionCheck(),this.configChanged()}configChanged(){this.setupRefreshTimer()}restartSessionChecksIfStillLoggedIn(){this.hasValidIdToken()&&this.initSessionCheck()}restartRefreshTimerIfStillLoggedIn(){this.setupExpirationTimers()}setupSessionCheck(){this.events.pipe(x(e=>e.type==="token_received")).subscribe(()=>{this.initSessionCheck()})}setupAutomaticSilentRefresh(e={},s,i=!0){let n=!0;this.clearAutomaticRefreshTimer(),this.automaticRefreshSubscription=this.events.pipe(B(o=>{o.type==="token_received"?n=!0:o.type==="logout"&&(n=!1)}),x(o=>o.type==="token_expires"&&(s==null||s==="any"||o.info===s)),jt(1e3)).subscribe(()=>{n&&this.refreshInternal(e,i).catch(()=>{this.debug("Automatic silent refresh did not work")})}),this.restartRefreshTimerIfStillLoggedIn()}refreshInternal(e,s){return!this.useSilentRefresh&&this.responseType==="code"?this.refreshToken():this.silentRefresh(e,s)}loadDiscoveryDocumentAndTryLogin(e=null){return this.loadDiscoveryDocument().then(()=>this.tryLogin(e))}loadDiscoveryDocumentAndLogin(e=null){return e=e||{},this.loadDiscoveryDocumentAndTryLogin(e).then(()=>{if(!this.hasValidIdToken()||!this.hasValidAccessToken()){let s=typeof e.state=="string"?e.state:"";return this.initLoginFlow(s),!1}else return!0})}debug(...e){this.showDebugInformation&&this.logger.debug(...e)}validateUrlFromDiscoveryDocument(e){let s=[],i=this.validateUrlForHttps(e),n=this.validateUrlAgainstIssuer(e);return i||s.push("https for all urls required. Also for urls received by discovery."),n||s.push("Every url in discovery document has to start with the issuer url.Also see property strictDiscoveryDocumentValidation."),s}validateUrlForHttps(e){if(!e)return!0;let s=e.toLowerCase();return this.requireHttps===!1||(s.match(/^http:\/\/localhost($|[:/])/)||s.match(/^http:\/\/localhost($|[:/])/))&&this.requireHttps==="remoteOnly"?!0:s.startsWith("https://")}assertUrlNotNullAndCorrectProtocol(e,s){if(!e)throw new Error(`'${s}' should not be null`);if(!this.validateUrlForHttps(e))throw new Error(`'${s}' must use HTTPS (with TLS), or config value for property 'requireHttps' must be set to 'false' and allow HTTP (without TLS).`)}validateUrlAgainstIssuer(e){return!this.strictDiscoveryDocumentValidation||!e?!0:e.toLowerCase().startsWith(this.issuer.toLowerCase())}setupRefreshTimer(){if(typeof window>"u"){this.debug("timer not supported on this plattform");return}(this.hasValidIdToken()||this.hasValidAccessToken())&&(this.clearAccessTokenTimer(),this.clearIdTokenTimer(),this.setupExpirationTimers()),this.tokenReceivedSubscription&&this.tokenReceivedSubscription.unsubscribe(),this.tokenReceivedSubscription=this.events.pipe(x(e=>e.type==="token_received")).subscribe(()=>{this.clearAccessTokenTimer(),this.clearIdTokenTimer(),this.setupExpirationTimers()})}setupExpirationTimers(){this.hasValidAccessToken()&&this.setupAccessTokenTimer(),!this.disableIdTokenTimer&&this.hasValidIdToken()&&this.setupIdTokenTimer()}setupAccessTokenTimer(){let e=this.getAccessTokenExpiration(),s=this.getAccessTokenStoredAt(),i=this.calcTimeout(s,e);this.ngZone.runOutsideAngular(()=>{this.accessTokenTimeoutSubscription=T(new H("token_expires","access_token")).pipe(we(i)).subscribe(n=>{this.ngZone.run(()=>{this.eventsSubject.next(n)})})})}setupIdTokenTimer(){let e=this.getIdTokenExpiration(),s=this.getIdTokenStoredAt(),i=this.calcTimeout(s,e);this.ngZone.runOutsideAngular(()=>{this.idTokenTimeoutSubscription=T(new H("token_expires","id_token")).pipe(we(i)).subscribe(n=>{this.ngZone.run(()=>{this.eventsSubject.next(n)})})})}stopAutomaticRefresh(){this.clearAccessTokenTimer(),this.clearIdTokenTimer(),this.clearAutomaticRefreshTimer()}clearAccessTokenTimer(){this.accessTokenTimeoutSubscription&&this.accessTokenTimeoutSubscription.unsubscribe()}clearIdTokenTimer(){this.idTokenTimeoutSubscription&&this.idTokenTimeoutSubscription.unsubscribe()}clearAutomaticRefreshTimer(){this.automaticRefreshSubscription&&this.automaticRefreshSubscription.unsubscribe()}calcTimeout(e,s){let i=this.dateTimeService.now(),n=(s-e)*this.timeoutFactor-(i-e),o=Math.max(0,n),c=2147483647;return o>c?c:o}setStorage(e){this._storage=e,this.configChanged()}loadDiscoveryDocument(e=null){return new Promise((s,i)=>{if(e||(e=this.issuer||"",e.endsWith("/")||(e+="/"),e+=".well-known/openid-configuration"),!this.validateUrlForHttps(e)){i("issuer  must use HTTPS (with TLS), or config value for property 'requireHttps' must be set to 'false' and allow HTTP (without TLS).");return}this.http.get(e).subscribe(n=>{if(!this.validateDiscoveryDocument(n)){this.eventsSubject.next(new _("discovery_document_validation_error",null)),i("discovery_document_validation_error");return}this.loginUrl=n.authorization_endpoint,this.logoutUrl=n.end_session_endpoint||this.logoutUrl,this.grantTypesSupported=n.grant_types_supported,this.issuer=n.issuer,this.tokenEndpoint=n.token_endpoint,this.userinfoEndpoint=n.userinfo_endpoint||this.userinfoEndpoint,this.jwksUri=n.jwks_uri,this.sessionCheckIFrameUrl=n.check_session_iframe||this.sessionCheckIFrameUrl,this.discoveryDocumentLoaded=!0,this.discoveryDocumentLoadedSubject.next(n),this.revocationEndpoint=n.revocation_endpoint||this.revocationEndpoint,this.sessionChecksEnabled&&this.restartSessionChecksIfStillLoggedIn(),this.loadJwks().then(o=>{let c={discoveryDocument:n,jwks:o},a=new C("discovery_document_loaded",c);this.eventsSubject.next(a),s(a)}).catch(o=>{this.eventsSubject.next(new _("discovery_document_load_error",o)),i(o)})},n=>{this.logger.error("error loading discovery document",n),this.eventsSubject.next(new _("discovery_document_load_error",n)),i(n)})})}loadJwks(){return new Promise((e,s)=>{this.jwksUri?this.http.get(this.jwksUri).subscribe(i=>{this.jwks=i,e(i)},i=>{this.logger.error("error loading jwks",i),this.eventsSubject.next(new _("jwks_load_error",i)),s(i)}):e(null)})}validateDiscoveryDocument(e){let s;return!this.skipIssuerCheck&&e.issuer!==this.issuer?(this.logger.error("invalid issuer in discovery document","expected: "+this.issuer,"current: "+e.issuer),!1):(s=this.validateUrlFromDiscoveryDocument(e.authorization_endpoint),s.length>0?(this.logger.error("error validating authorization_endpoint in discovery document",s),!1):(s=this.validateUrlFromDiscoveryDocument(e.end_session_endpoint),s.length>0?(this.logger.error("error validating end_session_endpoint in discovery document",s),!1):(s=this.validateUrlFromDiscoveryDocument(e.token_endpoint),s.length>0&&this.logger.error("error validating token_endpoint in discovery document",s),s=this.validateUrlFromDiscoveryDocument(e.revocation_endpoint),s.length>0&&this.logger.error("error validating revocation_endpoint in discovery document",s),s=this.validateUrlFromDiscoveryDocument(e.userinfo_endpoint),s.length>0?(this.logger.error("error validating userinfo_endpoint in discovery document",s),!1):(s=this.validateUrlFromDiscoveryDocument(e.jwks_uri),s.length>0?(this.logger.error("error validating jwks_uri in discovery document",s),!1):(this.sessionChecksEnabled&&!e.check_session_iframe&&this.logger.warn("sessionChecksEnabled is activated but discovery document does not contain a check_session_iframe field"),!0)))))}fetchTokenUsingPasswordFlowAndLoadUserProfile(e,s,i=new q){return this.fetchTokenUsingPasswordFlow(e,s,i).then(()=>this.loadUserProfile())}loadUserProfile(){if(!this.hasValidAccessToken())throw new Error("Can not load User Profile without access_token");if(!this.validateUrlForHttps(this.userinfoEndpoint))throw new Error("userinfoEndpoint must use HTTPS (with TLS), or config value for property 'requireHttps' must be set to 'false' and allow HTTP (without TLS).");return new Promise((e,s)=>{let i=new q().set("Authorization","Bearer "+this.getAccessToken());this.http.get(this.userinfoEndpoint,{headers:i,observe:"response",responseType:"text"}).subscribe(n=>{if(this.debug("userinfo received",JSON.stringify(n)),n.headers.get("content-type").startsWith("application/json")){let o=JSON.parse(n.body),c=this.getIdentityClaims()||{};if(!this.skipSubjectCheck&&this.oidc&&(!c.sub||o.sub!==c.sub)){s(`if property oidc is true, the received user-id (sub) has to be the user-id of the user that has logged in with oidc.
if you are not using oidc but just oauth2 password flow set oidc to false`);return}o=Object.assign({},c,o),this._storage.setItem("id_token_claims_obj",JSON.stringify(o)),this.eventsSubject.next(new C("user_profile_loaded")),e({info:o})}else this.debug("userinfo is not JSON, treating it as JWE/JWS"),this.eventsSubject.next(new C("user_profile_loaded")),e(JSON.parse(n.body))},n=>{this.logger.error("error loading user info",n),this.eventsSubject.next(new _("user_profile_load_error",n)),s(n)})})}fetchTokenUsingPasswordFlow(e,s,i=new q){let n={username:e,password:s};return this.fetchTokenUsingGrant("password",n,i)}fetchTokenUsingGrant(e,s,i=new q){this.assertUrlNotNullAndCorrectProtocol(this.tokenEndpoint,"tokenEndpoint");let n=new Y({encoder:new G}).set("grant_type",e).set("scope",this.scope);if(this.useHttpBasicAuth){let o=btoa(`${this.clientId}:${this.dummyClientSecret}`);i=i.set("Authorization","Basic "+o)}if(this.useHttpBasicAuth||(n=n.set("client_id",this.clientId)),!this.useHttpBasicAuth&&this.dummyClientSecret&&(n=n.set("client_secret",this.dummyClientSecret)),this.customQueryParams)for(let o of Object.getOwnPropertyNames(this.customQueryParams))n=n.set(o,this.customQueryParams[o]);for(let o of Object.keys(s))n=n.set(o,s[o]);return i=i.set("Content-Type","application/x-www-form-urlencoded"),new Promise((o,c)=>{this.http.post(this.tokenEndpoint,n,{headers:i}).subscribe(a=>{this.debug("tokenResponse",a),this.storeAccessTokenResponse(a.access_token,a.refresh_token,a.expires_in||this.fallbackAccessTokenExpirationTimeInSec,a.scope,this.extractRecognizedCustomParameters(a)),this.oidc&&a.id_token&&this.processIdToken(a.id_token,a.access_token).then(l=>{this.storeIdToken(l),o(a)}),this.eventsSubject.next(new C("token_received")),o(a)},a=>{this.logger.error("Error performing ${grantType} flow",a),this.eventsSubject.next(new _("token_error",a)),c(a)})})}refreshToken(){return this.assertUrlNotNullAndCorrectProtocol(this.tokenEndpoint,"tokenEndpoint"),new Promise((e,s)=>{let i=new Y({encoder:new G}).set("grant_type","refresh_token").set("scope",this.scope).set("refresh_token",this._storage.getItem("refresh_token")),n=new q().set("Content-Type","application/x-www-form-urlencoded");if(this.useHttpBasicAuth){let o=btoa(`${this.clientId}:${this.dummyClientSecret}`);n=n.set("Authorization","Basic "+o)}if(this.useHttpBasicAuth||(i=i.set("client_id",this.clientId)),!this.useHttpBasicAuth&&this.dummyClientSecret&&(i=i.set("client_secret",this.dummyClientSecret)),this.customQueryParams)for(let o of Object.getOwnPropertyNames(this.customQueryParams))i=i.set(o,this.customQueryParams[o]);this.http.post(this.tokenEndpoint,i,{headers:n}).pipe(be(o=>this.oidc&&o.id_token?ye(this.processIdToken(o.id_token,o.access_token,!0)).pipe(B(c=>this.storeIdToken(c)),R(()=>o)):T(o))).subscribe(o=>{this.debug("refresh tokenResponse",o),this.storeAccessTokenResponse(o.access_token,o.refresh_token,o.expires_in||this.fallbackAccessTokenExpirationTimeInSec,o.scope,this.extractRecognizedCustomParameters(o)),this.eventsSubject.next(new C("token_received")),this.eventsSubject.next(new C("token_refreshed")),e(o)},o=>{this.logger.error("Error refreshing token",o),this.eventsSubject.next(new _("token_refresh_error",o)),s(o)})})}removeSilentRefreshEventListener(){this.silentRefreshPostMessageEventListener&&(window.removeEventListener("message",this.silentRefreshPostMessageEventListener),this.silentRefreshPostMessageEventListener=null)}setupSilentRefreshEventListener(){this.removeSilentRefreshEventListener(),this.silentRefreshPostMessageEventListener=e=>{let s=this.processMessageEventMessage(e);this.checkOrigin&&e.origin!==location.origin&&console.error("wrong origin requested silent refresh!"),this.tryLogin({customHashFragment:s,preventClearHashAfterLogin:!0,customRedirectUri:this.silentRefreshRedirectUri||this.redirectUri}).catch(i=>this.debug("tryLogin during silent refresh failed",i))},window.addEventListener("message",this.silentRefreshPostMessageEventListener)}silentRefresh(e={},s=!0){let i=this.getIdentityClaims()||{};if(this.useIdTokenHintForSilentRefresh&&this.hasValidIdToken()&&(e.id_token_hint=this.getIdToken()),!this.validateUrlForHttps(this.loginUrl))throw new Error("loginUrl  must use HTTPS (with TLS), or config value for property 'requireHttps' must be set to 'false' and allow HTTP (without TLS).");if(typeof this.document>"u")throw new Error("silent refresh is not supported on this platform");let n=this.document.getElementById(this.silentRefreshIFrameName);n&&this.document.body.removeChild(n),this.silentRefreshSubject=i.sub;let o=this.document.createElement("iframe");o.id=this.silentRefreshIFrameName,this.setupSilentRefreshEventListener();let c=this.silentRefreshRedirectUri||this.redirectUri;this.createLoginUrl(null,null,c,s,e).then(u=>{o.setAttribute("src",u),this.silentRefreshShowIFrame||(o.style.display="none"),this.document.body.appendChild(o)});let a=this.events.pipe(x(u=>u instanceof _),Se()),l=this.events.pipe(x(u=>u.type==="token_received"),Se()),h=T(new _("silent_refresh_timeout",null)).pipe(we(this.silentRefreshTimeout));return Rt([a,l,h]).pipe(R(u=>{if(u instanceof _)throw u.type==="silent_refresh_timeout"?this.eventsSubject.next(u):(u=new _("silent_refresh_error",u),this.eventsSubject.next(u)),u;return u.type==="token_received"&&(u=new C("silently_refreshed"),this.eventsSubject.next(u)),u})).toPromise()}initImplicitFlowInPopup(e){return this.initLoginFlowInPopup(e)}initLoginFlowInPopup(e){return e=e||{},this.createLoginUrl(null,null,this.silentRefreshRedirectUri,!1,{display:"popup"}).then(s=>new Promise((i,n)=>{let c=null;e.windowRef?e.windowRef&&!e.windowRef.closed&&(c=e.windowRef,c.location.href=s):c=window.open(s,"ngx-oauth2-oidc-login",this.calculatePopupFeatures(e));let a,l=g=>{this.tryLogin({customHashFragment:g,preventClearHashAfterLogin:!0,customRedirectUri:this.silentRefreshRedirectUri}).then(()=>{u(),i(!0)},I=>{u(),n(I)})},h=()=>{(!c||c.closed)&&(u(),n(new _("popup_closed",{})))};c?a=window.setInterval(h,500):n(new _("popup_blocked",{}));let u=()=>{window.clearInterval(a),window.removeEventListener("storage",d),window.removeEventListener("message",m),c!==null&&c.close(),c=null},m=g=>{let I=this.processMessageEventMessage(g);I&&I!==null?(window.removeEventListener("storage",d),l(I)):console.log("false event firing")},d=g=>{g.key==="auth_hash"&&(window.removeEventListener("message",m),l(g.newValue))};window.addEventListener("message",m),window.addEventListener("storage",d)}))}calculatePopupFeatures(e){let s=e.height||470,i=e.width||500,n=window.screenLeft+(window.outerWidth-i)/2,o=window.screenTop+(window.outerHeight-s)/2;return`location=no,toolbar=no,width=${i},height=${s},top=${o},left=${n}`}processMessageEventMessage(e){let s="#";if(this.silentRefreshMessagePrefix&&(s+=this.silentRefreshMessagePrefix),!e||!e.data||typeof e.data!="string")return;let i=e.data;if(i.startsWith(s))return"#"+i.substr(s.length)}canPerformSessionCheck(){return this.sessionChecksEnabled?this.sessionCheckIFrameUrl?this.getSessionState()?!(typeof this.document>"u"):(console.warn("sessionChecksEnabled is activated but there is no session_state"),!1):(console.warn("sessionChecksEnabled is activated but there is no sessionCheckIFrameUrl"),!1):!1}setupSessionCheckEventListener(){this.removeSessionCheckEventListener(),this.sessionCheckEventListener=e=>{let s=e.origin.toLowerCase(),i=this.issuer.toLowerCase();if(this.debug("sessionCheckEventListener"),!i.startsWith(s)){this.debug("sessionCheckEventListener","wrong origin",s,"expected",i,"event",e);return}switch(e.data){case"unchanged":this.ngZone.run(()=>{this.handleSessionUnchanged()});break;case"changed":this.ngZone.run(()=>{this.handleSessionChange()});break;case"error":this.ngZone.run(()=>{this.handleSessionError()});break}this.debug("got info from session check inframe",e)},this.ngZone.runOutsideAngular(()=>{window.addEventListener("message",this.sessionCheckEventListener)})}handleSessionUnchanged(){this.debug("session check","session unchanged"),this.eventsSubject.next(new H("session_unchanged"))}handleSessionChange(){this.eventsSubject.next(new H("session_changed")),this.stopSessionCheckTimer(),!this.useSilentRefresh&&this.responseType==="code"?this.refreshToken().then(()=>{this.debug("token refresh after session change worked")}).catch(()=>{this.debug("token refresh did not work after session changed"),this.eventsSubject.next(new H("session_terminated")),this.logOut(!0)}):this.silentRefreshRedirectUri?(this.silentRefresh().catch(()=>this.debug("silent refresh failed after session changed")),this.waitForSilentRefreshAfterSessionChange()):(this.eventsSubject.next(new H("session_terminated")),this.logOut(!0))}waitForSilentRefreshAfterSessionChange(){this.events.pipe(x(e=>e.type==="silently_refreshed"||e.type==="silent_refresh_timeout"||e.type==="silent_refresh_error"),Se()).subscribe(e=>{e.type!=="silently_refreshed"&&(this.debug("silent refresh did not work after session changed"),this.eventsSubject.next(new H("session_terminated")),this.logOut(!0))})}handleSessionError(){this.stopSessionCheckTimer(),this.eventsSubject.next(new H("session_error"))}removeSessionCheckEventListener(){this.sessionCheckEventListener&&(window.removeEventListener("message",this.sessionCheckEventListener),this.sessionCheckEventListener=null)}initSessionCheck(){if(!this.canPerformSessionCheck())return;let e=this.document.getElementById(this.sessionCheckIFrameName);e&&this.document.body.removeChild(e);let s=this.document.createElement("iframe");s.id=this.sessionCheckIFrameName,this.setupSessionCheckEventListener();let i=this.sessionCheckIFrameUrl;s.setAttribute("src",i),s.style.display="none",this.document.body.appendChild(s),this.startSessionCheckTimer()}startSessionCheckTimer(){this.stopSessionCheckTimer(),this.ngZone.runOutsideAngular(()=>{this.sessionCheckTimer=setInterval(this.checkSession.bind(this),this.sessionCheckIntervall)})}stopSessionCheckTimer(){this.sessionCheckTimer&&(clearInterval(this.sessionCheckTimer),this.sessionCheckTimer=null)}checkSession(){let e=this.document.getElementById(this.sessionCheckIFrameName);e||this.logger.warn("checkSession did not find iframe",this.sessionCheckIFrameName);let s=this.getSessionState();s||this.stopSessionCheckTimer();let i=this.clientId+" "+s;e.contentWindow.postMessage(i,this.issuer)}createLoginUrl(){return V(this,arguments,function*(e="",s="",i="",n=!1,o={}){let c=this,a;i?a=i:a=this.redirectUri;let l=yield this.createAndSaveNonce();if(e?e=l+this.config.nonceStateSeparator+encodeURIComponent(e):e=l,!this.requestAccessToken&&!this.oidc)throw new Error("Either requestAccessToken or oidc or both must be true");this.config.responseType?this.responseType=this.config.responseType:this.oidc&&this.requestAccessToken?this.responseType="id_token token":this.oidc&&!this.requestAccessToken?this.responseType="id_token":this.responseType="token";let h=c.loginUrl.indexOf("?")>-1?"&":"?",u=c.scope;this.oidc&&!u.match(/(^|\s)openid($|\s)/)&&(u="openid "+u);let m=c.loginUrl+h+"response_type="+encodeURIComponent(c.responseType)+"&client_id="+encodeURIComponent(c.clientId)+"&state="+encodeURIComponent(e)+"&redirect_uri="+encodeURIComponent(a)+"&scope="+encodeURIComponent(u);if(this.responseType.includes("code")&&!this.disablePKCE){let[d,g]=yield this.createChallangeVerifierPairForPKCE();this.saveNoncesInLocalStorage&&typeof window.localStorage<"u"?localStorage.setItem("PKCE_verifier",g):this._storage.setItem("PKCE_verifier",g),m+="&code_challenge="+d,m+="&code_challenge_method=S256"}s&&(m+="&login_hint="+encodeURIComponent(s)),c.resource&&(m+="&resource="+encodeURIComponent(c.resource)),c.oidc&&(m+="&nonce="+encodeURIComponent(l)),n&&(m+="&prompt=none");for(let d of Object.keys(o))m+="&"+encodeURIComponent(d)+"="+encodeURIComponent(o[d]);if(this.customQueryParams)for(let d of Object.getOwnPropertyNames(this.customQueryParams))m+="&"+d+"="+encodeURIComponent(this.customQueryParams[d]);return m})}initImplicitFlowInternal(e="",s=""){if(this.inImplicitFlow)return;if(this.inImplicitFlow=!0,!this.validateUrlForHttps(this.loginUrl))throw new Error("loginUrl  must use HTTPS (with TLS), or config value for property 'requireHttps' must be set to 'false' and allow HTTP (without TLS).");let i={},n=null;typeof s=="string"?n=s:typeof s=="object"&&(i=s),this.createLoginUrl(e,n,null,!1,i).then(this.config.openUri).catch(o=>{console.error("Error in initImplicitFlow",o),this.inImplicitFlow=!1})}initImplicitFlow(e="",s=""){this.loginUrl!==""?this.initImplicitFlowInternal(e,s):this.events.pipe(x(i=>i.type==="discovery_document_loaded")).subscribe(()=>this.initImplicitFlowInternal(e,s))}resetImplicitFlow(){this.inImplicitFlow=!1}callOnTokenReceivedIfExists(e){let s=this;if(e.onTokenReceived){let i={idClaims:s.getIdentityClaims(),idToken:s.getIdToken(),accessToken:s.getAccessToken(),state:s.state};e.onTokenReceived(i)}}storeAccessTokenResponse(e,s,i,n,o){if(this._storage.setItem("access_token",e),n&&!Array.isArray(n)?this._storage.setItem("granted_scopes",JSON.stringify(n.split(" "))):n&&Array.isArray(n)&&this._storage.setItem("granted_scopes",JSON.stringify(n)),this._storage.setItem("access_token_stored_at",""+this.dateTimeService.now()),i){let c=i*1e3,l=this.dateTimeService.new().getTime()+c;this._storage.setItem("expires_at",""+l)}s&&this._storage.setItem("refresh_token",s),o&&o.forEach((c,a)=>{this._storage.setItem(a,c)})}tryLogin(e=null){return this.config.responseType==="code"?this.tryLoginCodeFlow(e).then(()=>!0):this.tryLoginImplicitFlow(e)}parseQueryString(e){return!e||e.length===0?{}:(e.charAt(0)==="?"&&(e=e.substr(1)),this.urlHelper.parseQueryString(e))}tryLoginCodeFlow(e=null){return V(this,null,function*(){e=e||{};let s=e.customHashFragment?e.customHashFragment.substring(1):window.location.search,i=this.getCodePartsFromUrl(s),n=i.code,o=i.state,c=i.session_state;if(!e.preventClearHashAfterLogin){let h=location.origin+location.pathname+location.search.replace(/code=[^&$]*/,"").replace(/scope=[^&$]*/,"").replace(/state=[^&$]*/,"").replace(/session_state=[^&$]*/,"").replace(/^\?&/,"?").replace(/&$/,"").replace(/^\?$/,"").replace(/&+/g,"&").replace(/\?&/,"?").replace(/\?$/,"")+location.hash;history.replaceState(null,window.name,h)}let[a,l]=this.parseState(o);if(this.state=l,i.error){this.debug("error trying to login"),this.handleLoginError(e,i);let h=new _("code_error",{},i);return this.eventsSubject.next(h),Promise.reject(h)}if(!e.disableNonceCheck){if(!a)return this.saveRequestedRoute(),Promise.resolve();if(!e.disableOAuth2StateCheck&&!this.validateNonce(a)){let u=new _("invalid_nonce_in_state",null);return this.eventsSubject.next(u),Promise.reject(u)}}return this.storeSessionState(c),n&&(yield this.getTokenFromCode(n,e),this.restoreRequestedRoute()),Promise.resolve()})}saveRequestedRoute(){this.config.preserveRequestedRoute&&this._storage.setItem("requested_route",window.location.pathname+window.location.search)}restoreRequestedRoute(){let e=this._storage.getItem("requested_route");e&&history.replaceState(null,"",window.location.origin+e)}getCodePartsFromUrl(e){return!e||e.length===0?this.urlHelper.getHashFragmentParams():(e.charAt(0)==="?"&&(e=e.substr(1)),this.urlHelper.parseQueryString(e))}getTokenFromCode(e,s){let i=new Y({encoder:new G}).set("grant_type","authorization_code").set("code",e).set("redirect_uri",s.customRedirectUri||this.redirectUri);if(!this.disablePKCE){let n;this.saveNoncesInLocalStorage&&typeof window.localStorage<"u"?n=localStorage.getItem("PKCE_verifier"):n=this._storage.getItem("PKCE_verifier"),n?i=i.set("code_verifier",n):console.warn("No PKCE verifier found in oauth storage!")}return this.fetchAndProcessToken(i,s)}fetchAndProcessToken(e,s){s=s||{},this.assertUrlNotNullAndCorrectProtocol(this.tokenEndpoint,"tokenEndpoint");let i=new q().set("Content-Type","application/x-www-form-urlencoded");if(this.useHttpBasicAuth){let n=btoa(`${this.clientId}:${this.dummyClientSecret}`);i=i.set("Authorization","Basic "+n)}return this.useHttpBasicAuth||(e=e.set("client_id",this.clientId)),!this.useHttpBasicAuth&&this.dummyClientSecret&&(e=e.set("client_secret",this.dummyClientSecret)),new Promise((n,o)=>{if(this.customQueryParams)for(let c of Object.getOwnPropertyNames(this.customQueryParams))e=e.set(c,this.customQueryParams[c]);this.http.post(this.tokenEndpoint,e,{headers:i}).subscribe(c=>{this.debug("refresh tokenResponse",c),this.storeAccessTokenResponse(c.access_token,c.refresh_token,c.expires_in||this.fallbackAccessTokenExpirationTimeInSec,c.scope,this.extractRecognizedCustomParameters(c)),this.oidc&&c.id_token?this.processIdToken(c.id_token,c.access_token,s.disableNonceCheck).then(a=>{this.storeIdToken(a),this.eventsSubject.next(new C("token_received")),this.eventsSubject.next(new C("token_refreshed")),n(c)}).catch(a=>{this.eventsSubject.next(new _("token_validation_error",a)),console.error("Error validating tokens"),console.error(a),o(a)}):(this.eventsSubject.next(new C("token_received")),this.eventsSubject.next(new C("token_refreshed")),n(c))},c=>{console.error("Error getting token",c),this.eventsSubject.next(new _("token_refresh_error",c)),o(c)})})}tryLoginImplicitFlow(e=null){e=e||{};let s;e.customHashFragment?s=this.urlHelper.getHashFragmentParams(e.customHashFragment):s=this.urlHelper.getHashFragmentParams(),this.debug("parsed url",s);let i=s.state,[n,o]=this.parseState(i);if(this.state=o,s.error){this.debug("error trying to login"),this.handleLoginError(e,s);let u=new _("token_error",{},s);return this.eventsSubject.next(u),Promise.reject(u)}let c=s.access_token,a=s.id_token,l=s.session_state,h=s.scope;if(!this.requestAccessToken&&!this.oidc)return Promise.reject("Either requestAccessToken or oidc (or both) must be true.");if(this.requestAccessToken&&!c||this.requestAccessToken&&!e.disableOAuth2StateCheck&&!i||this.oidc&&!a)return Promise.resolve(!1);if(this.sessionChecksEnabled&&!l&&this.logger.warn("session checks (Session Status Change Notification) were activated in the configuration but the id_token does not contain a session_state claim"),this.requestAccessToken&&!e.disableNonceCheck&&!this.validateNonce(n)){let m=new _("invalid_nonce_in_state",null);return this.eventsSubject.next(m),Promise.reject(m)}return this.requestAccessToken&&this.storeAccessTokenResponse(c,null,s.expires_in||this.fallbackAccessTokenExpirationTimeInSec,h),this.oidc?this.processIdToken(a,c,e.disableNonceCheck).then(u=>e.validationHandler?e.validationHandler({accessToken:c,idClaims:u.idTokenClaims,idToken:u.idToken,state:i}).then(()=>u):u).then(u=>(this.storeIdToken(u),this.storeSessionState(l),this.clearHashAfterLogin&&!e.preventClearHashAfterLogin&&this.clearLocationHash(),this.eventsSubject.next(new C("token_received")),this.callOnTokenReceivedIfExists(e),this.inImplicitFlow=!1,!0)).catch(u=>(this.eventsSubject.next(new _("token_validation_error",u)),this.logger.error("Error validating tokens"),this.logger.error(u),Promise.reject(u))):(this.eventsSubject.next(new C("token_received")),this.clearHashAfterLogin&&!e.preventClearHashAfterLogin&&this.clearLocationHash(),this.callOnTokenReceivedIfExists(e),Promise.resolve(!0))}parseState(e){let s=e,i="";if(e){let n=e.indexOf(this.config.nonceStateSeparator);n>-1&&(s=e.substr(0,n),i=e.substr(n+this.config.nonceStateSeparator.length))}return[s,i]}validateNonce(e){let s;return this.saveNoncesInLocalStorage&&typeof window.localStorage<"u"?s=localStorage.getItem("nonce"):s=this._storage.getItem("nonce"),s!==e?(console.error("Validating access_token failed, wrong state/nonce.",s,e),!1):!0}storeIdToken(e){this._storage.setItem("id_token",e.idToken),this._storage.setItem("id_token_claims_obj",e.idTokenClaimsJson),this._storage.setItem("id_token_expires_at",""+e.idTokenExpiresAt),this._storage.setItem("id_token_stored_at",""+this.dateTimeService.now())}storeSessionState(e){this._storage.setItem("session_state",e)}getSessionState(){return this._storage.getItem("session_state")}handleLoginError(e,s){e.onLoginError&&e.onLoginError(s),this.clearHashAfterLogin&&!e.preventClearHashAfterLogin&&this.clearLocationHash()}getClockSkewInMsec(e=6e5){return!this.clockSkewInSec&&this.clockSkewInSec!==0?e:this.clockSkewInSec*1e3}processIdToken(e,s,i=!1){let n=e.split("."),o=this.padBase64(n[0]),c=Fs(o),a=JSON.parse(c),l=this.padBase64(n[1]),h=Fs(l),u=JSON.parse(h),m;if(this.saveNoncesInLocalStorage&&typeof window.localStorage<"u"?m=localStorage.getItem("nonce"):m=this._storage.getItem("nonce"),Array.isArray(u.aud)){if(u.aud.every(y=>y!==this.clientId)){let y="Wrong audience: "+u.aud.join(",");return this.logger.warn(y),Promise.reject(y)}}else if(u.aud!==this.clientId){let y="Wrong audience: "+u.aud;return this.logger.warn(y),Promise.reject(y)}if(!u.sub){let y="No sub claim in id_token";return this.logger.warn(y),Promise.reject(y)}if(this.sessionChecksEnabled&&this.silentRefreshSubject&&this.silentRefreshSubject!==u.sub){let y=`After refreshing, we got an id_token for another user (sub). Expected sub: ${this.silentRefreshSubject}, received sub: ${u.sub}`;return this.logger.warn(y),Promise.reject(y)}if(!u.iat){let y="No iat claim in id_token";return this.logger.warn(y),Promise.reject(y)}if(!this.skipIssuerCheck&&u.iss!==this.issuer){let y="Wrong issuer: "+u.iss;return this.logger.warn(y),Promise.reject(y)}if(!i&&u.nonce!==m){let y="Wrong nonce: "+u.nonce;return this.logger.warn(y),Promise.reject(y)}if(Object.prototype.hasOwnProperty.call(this,"responseType")&&(this.responseType==="code"||this.responseType==="id_token")&&(this.disableAtHashCheck=!0),!this.disableAtHashCheck&&this.requestAccessToken&&!u.at_hash){let y="An at_hash is needed!";return this.logger.warn(y),Promise.reject(y)}let d=this.dateTimeService.now(),g=u.iat*1e3,I=u.exp*1e3,$=this.getClockSkewInMsec();if(g-$>=d||I+$-this.decreaseExpirationBySec<=d){let y="Token has expired";return console.error(y),console.error({now:d,issuedAtMSec:g,expiresAtMSec:I}),Promise.reject(y)}let N={accessToken:s,idToken:e,jwks:this.jwks,idTokenClaims:u,idTokenHeader:a,loadKeys:()=>this.loadJwks()};return this.disableAtHashCheck?this.checkSignature(N).then(()=>({idToken:e,idTokenClaims:u,idTokenClaimsJson:h,idTokenHeader:a,idTokenHeaderJson:c,idTokenExpiresAt:I})):this.checkAtHash(N).then(y=>{if(!this.disableAtHashCheck&&this.requestAccessToken&&!y){let ge="Wrong at_hash";return this.logger.warn(ge),Promise.reject(ge)}return this.checkSignature(N).then(()=>{let ge=!this.disableAtHashCheck,Tt={idToken:e,idTokenClaims:u,idTokenClaimsJson:h,idTokenHeader:a,idTokenHeaderJson:c,idTokenExpiresAt:I};return ge?this.checkAtHash(N).then(Os=>{if(this.requestAccessToken&&!Os){let _t="Wrong at_hash";return this.logger.warn(_t),Promise.reject(_t)}else return Tt}):Tt})})}getIdentityClaims(){let e=this._storage.getItem("id_token_claims_obj");return e?JSON.parse(e):null}getGrantedScopes(){let e=this._storage.getItem("granted_scopes");return e?JSON.parse(e):null}getIdToken(){return this._storage?this._storage.getItem("id_token"):null}padBase64(e){for(;e.length%4!==0;)e+="=";return e}getAccessToken(){return this._storage?this._storage.getItem("access_token"):null}getRefreshToken(){return this._storage?this._storage.getItem("refresh_token"):null}getAccessTokenExpiration(){return this._storage.getItem("expires_at")?parseInt(this._storage.getItem("expires_at"),10):null}getAccessTokenStoredAt(){return parseInt(this._storage.getItem("access_token_stored_at"),10)}getIdTokenStoredAt(){return parseInt(this._storage.getItem("id_token_stored_at"),10)}getIdTokenExpiration(){return this._storage.getItem("id_token_expires_at")?parseInt(this._storage.getItem("id_token_expires_at"),10):null}hasValidAccessToken(){if(this.getAccessToken()){let e=this._storage.getItem("expires_at"),s=this.dateTimeService.new();return!(e&&parseInt(e,10)-this.decreaseExpirationBySec<s.getTime()-this.getClockSkewInMsec())}return!1}hasValidIdToken(){if(this.getIdToken()){let e=this._storage.getItem("id_token_expires_at"),s=this.dateTimeService.new();return!(e&&parseInt(e,10)-this.decreaseExpirationBySec<s.getTime()-this.getClockSkewInMsec())}return!1}getCustomTokenResponseProperty(e){return this._storage&&this.config.customTokenParameters&&this.config.customTokenParameters.indexOf(e)>=0&&this._storage.getItem(e)!==null?JSON.parse(this._storage.getItem(e)):null}authorizationHeader(){return"Bearer "+this.getAccessToken()}logOut(e={},s=""){let i=!1;typeof e=="boolean"&&(i=e,e={});let n=this.getIdToken();if(this._storage.removeItem("access_token"),this._storage.removeItem("id_token"),this._storage.removeItem("refresh_token"),this.saveNoncesInLocalStorage?(localStorage.removeItem("nonce"),localStorage.removeItem("PKCE_verifier")):(this._storage.removeItem("nonce"),this._storage.removeItem("PKCE_verifier")),this._storage.removeItem("expires_at"),this._storage.removeItem("id_token_claims_obj"),this._storage.removeItem("id_token_expires_at"),this._storage.removeItem("id_token_stored_at"),this._storage.removeItem("access_token_stored_at"),this._storage.removeItem("granted_scopes"),this._storage.removeItem("session_state"),this.config.customTokenParameters&&this.config.customTokenParameters.forEach(c=>this._storage.removeItem(c)),this.silentRefreshSubject=null,this.eventsSubject.next(new H("logout")),!this.logoutUrl||i)return;let o;if(!this.validateUrlForHttps(this.logoutUrl))throw new Error("logoutUrl  must use HTTPS (with TLS), or config value for property 'requireHttps' must be set to 'false' and allow HTTP (without TLS).");if(this.logoutUrl.indexOf("{{")>-1)o=this.logoutUrl.replace(/\{\{id_token\}\}/,encodeURIComponent(n)).replace(/\{\{client_id\}\}/,encodeURIComponent(this.clientId));else{let c=new Y({encoder:new G});n&&(c=c.set("id_token_hint",n));let a=this.postLogoutRedirectUri||this.redirectUriAsPostLogoutRedirectUriFallback&&this.redirectUri||"";a&&(c=c.set("post_logout_redirect_uri",a),s&&(c=c.set("state",s)));for(let l in e)c=c.set(l,e[l]);o=this.logoutUrl+(this.logoutUrl.indexOf("?")>-1?"&":"?")+c.toString()}this.config.openUri(o)}createAndSaveNonce(){let e=this;return this.createNonce().then(function(s){return e.saveNoncesInLocalStorage&&typeof window.localStorage<"u"?localStorage.setItem("nonce",s):e._storage.setItem("nonce",s),s})}ngOnDestroy(){this.clearAccessTokenTimer(),this.clearIdTokenTimer(),this.removeSilentRefreshEventListener();let e=this.document.getElementById(this.silentRefreshIFrameName);e&&e.remove(),this.stopSessionCheckTimer(),this.removeSessionCheckEventListener();let s=this.document.getElementById(this.sessionCheckIFrameName);s&&s.remove()}createNonce(){return new Promise(e=>{if(this.rngUrl)throw new Error("createNonce with rng-web-api has not been implemented so far");let s="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~",i=45,n="",o=typeof self>"u"?null:self.crypto||self.msCrypto;if(o){let c=new Uint8Array(i);o.getRandomValues(c),c.map||(c.map=Array.prototype.map),c=c.map(a=>s.charCodeAt(a%s.length)),n=String.fromCharCode.apply(null,c)}else for(;0<i--;)n+=s[Math.random()*s.length|0];e(Us(n))})}checkAtHash(e){return V(this,null,function*(){return this.tokenValidationHandler?this.tokenValidationHandler.validateAtHash(e):(this.logger.warn("No tokenValidationHandler configured. Cannot check at_hash."),!0)})}checkSignature(e){return this.tokenValidationHandler?this.tokenValidationHandler.validateSignature(e):(this.logger.warn("No tokenValidationHandler configured. Cannot check signature."),Promise.resolve(null))}initLoginFlow(e="",s={}){return this.responseType==="code"?this.initCodeFlow(e,s):this.initImplicitFlow(e,s)}initCodeFlow(e="",s={}){this.loginUrl!==""?this.initCodeFlowInternal(e,s):this.events.pipe(x(i=>i.type==="discovery_document_loaded")).subscribe(()=>this.initCodeFlowInternal(e,s))}initCodeFlowInternal(e="",s={}){if(!this.validateUrlForHttps(this.loginUrl))throw new Error("loginUrl  must use HTTPS (with TLS), or config value for property 'requireHttps' must be set to 'false' and allow HTTP (without TLS).");let i={},n=null;typeof s=="string"?n=s:typeof s=="object"&&(i=s),this.createLoginUrl(e,n,null,!1,i).then(this.config.openUri).catch(o=>{console.error("Error in initAuthorizationCodeFlow"),console.error(o)})}createChallangeVerifierPairForPKCE(){return V(this,null,function*(){if(!this.crypto)throw new Error("PKCE support for code flow needs a CryptoHander. Did you import the OAuthModule using forRoot() ?");let e=yield this.createNonce(),s=yield this.crypto.calcHash(e,"sha-256");return[Us(s),e]})}extractRecognizedCustomParameters(e){let s=new Map;return this.config.customTokenParameters&&this.config.customTokenParameters.forEach(i=>{e[i]&&s.set(i,JSON.stringify(e[i]))}),s}revokeTokenAndLogout(e={},s=!1){let i=this.revocationEndpoint,n=this.getAccessToken(),o=this.getRefreshToken();if(!n)return Promise.resolve();let c=new Y({encoder:new G}),a=new q().set("Content-Type","application/x-www-form-urlencoded");if(this.useHttpBasicAuth){let l=btoa(`${this.clientId}:${this.dummyClientSecret}`);a=a.set("Authorization","Basic "+l)}if(this.useHttpBasicAuth||(c=c.set("client_id",this.clientId)),!this.useHttpBasicAuth&&this.dummyClientSecret&&(c=c.set("client_secret",this.dummyClientSecret)),this.customQueryParams)for(let l of Object.getOwnPropertyNames(this.customQueryParams))c=c.set(l,this.customQueryParams[l]);return new Promise((l,h)=>{let u,m;if(n){let d=c.set("token",n).set("token_type_hint","access_token");u=this.http.post(i,d,{headers:a})}else u=T(null);if(o){let d=c.set("token",o).set("token_type_hint","refresh_token");m=this.http.post(i,d,{headers:a})}else m=T(null);s&&(u=u.pipe(j(d=>d.status===0?T(null):ke(d))),m=m.pipe(j(d=>d.status===0?T(null):ke(d)))),At([u,m]).subscribe(d=>{this.logOut(e),l(d),this.logger.info("Token successfully revoked")},d=>{this.logger.error("Error revoking token",d),this.eventsSubject.next(new _("token_revoke_error",d)),h(d)})})}clearLocationHash(){location.hash!=""&&(location.hash="")}static{this.\u0275fac=function(s){return new(s||t)(f(Ie),f(X),f(ze,8),f(Be,8),f(ie,8),f(Ps),f(Ve),f(qe,8),f(Nt),f(pe))}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac})}}return t})(),Ke=class{},bt=class{handleError(r){return ke(r)}},Hi=(()=>{class t{constructor(e,s,i){this.oAuthService=e,this.errorHandler=s,this.moduleConfig=i}checkUrl(e){return this.moduleConfig.resourceServer.customUrlValidation?this.moduleConfig.resourceServer.customUrlValidation(e):this.moduleConfig.resourceServer.allowedUrls?!!this.moduleConfig.resourceServer.allowedUrls.find(s=>e.toLowerCase().startsWith(s.toLowerCase())):!0}intercept(e,s){let i=e.url.toLowerCase();return!this.moduleConfig||!this.moduleConfig.resourceServer||!this.checkUrl(i)?s.handle(e):this.moduleConfig.resourceServer.sendAccessToken?ne(T(this.oAuthService.getAccessToken()).pipe(x(o=>!!o)),this.oAuthService.events.pipe(x(o=>o.type==="token_received"),Ct(this.oAuthService.waitForTokenInMsec||0),j(()=>T(null)),R(()=>this.oAuthService.getAccessToken()))).pipe(Z(1),z(o=>{if(o){let c="Bearer "+o,a=e.headers.set("Authorization",c);e=e.clone({headers:a})}return s.handle(e).pipe(j(c=>this.errorHandler.handleError(c)))})):s.handle(e).pipe(j(o=>this.errorHandler.handleError(o)))}static{this.\u0275fac=function(s){return new(s||t)(f(Je),f(Ke),f($e,8))}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac})}}return t})();function Ni(){return console}function $i(){return typeof sessionStorage<"u"?sessionStorage:new Fi}function Vi(t=null,r=Ne){return J([Je,Ps,{provide:Ve,useFactory:Ni},{provide:ze,useFactory:$i},{provide:Be,useClass:r},{provide:qe,useClass:Di},{provide:Ke,useClass:bt},{provide:$e,useValue:t},{provide:Vt,useClass:Hi,multi:!0},{provide:pe,useClass:ji}])}var yo=(()=>{class t{static forRoot(e=null,s=Ne){return{ngModule:t,providers:[Vi(e,s)]}}static{this.\u0275fac=function(s){return new(s||t)}}static{this.\u0275mod=xe({type:t})}static{this.\u0275inj=_e({imports:[$t]})}}return t})();var ko=new p("AUTH_CONFIG");var Ms=(()=>{class t{constructor(){this.http=v(X),this.oauthService=v(Je)}get isValid(){return this.oauthService.hasValidAccessToken()&&this.oauthService.hasValidIdToken()}setupService(e){this.oauthService.configure(this.buildConfig(e)),this.oauthService.setStorage(localStorage)}buildConfig(e){return{issuer:e.keycloakUrl,redirectUri:window.location.origin,clientId:"devxp",scope:"openid profiledetails",responseType:"code",showDebugInformation:!1,dummyClientSecret:"0ohlUVpZc6PBC4EpsFk7rJY1rm5M5Ox3",silentRefreshRedirectUri:window.location.origin+"/silent-refresh.html",useSilentRefresh:!0,sessionChecksEnabled:!0,clearHashAfterLogin:!0}}initAuth(e){return V(this,null,function*(){try{let s,n=new URLSearchParams(location.search).get("state");if(n){let o=n.split(";")[1];o&&(s=decodeURIComponent(o))}if(this.setupService(e),yield this.oauthService.loadDiscoveryDocument(),!this.isValid&&(yield this.oauthService.tryLogin(),!this.isValid)){let o;try{o=yield this.oauthService.silentRefresh()}catch{o=null}o&&(yield this.oauthService.tryLogin())}if(this.isValid){let o=this.oauthService.getIdToken(),c=(yield this.oauthService.loadUserProfile()).info,a=this.oauthService.getAccessToken();return window.dataLayer=window.dataLayer||[],window.dataLayer.push({event:"identity_available",identity_id:c.sub}),this.oauthService.setupAutomaticSilentRefresh(),{accessToken:a,idToken:o,authProfile:c,redirectUrl:s}}}catch(s){console.error("Auth initialization error:",s),this.isValid&&this.oauthService.logOut()}return null})}getLicense(e,s){if(e&&s){let i=new URLSearchParams;return i.append("id_token",e),i.append("_com_kx_klic_pardot_funnel","kdb-community-edition-public-preview"),i.append("_com_kx_klic_pardot_action","https://go.marketing.kx.com/l/911142/2025-05-15/cqgfxq"),i.append("email",s),i.append("download_kclic","%%kclic%%"),i.append("b64_kclic","%%b64_kclic%%"),i.append("kclic_expiry","%%kclic_expiry%%"),i.append("kclic_num","%%kclic_num%%"),i.append("downloads_bearer","%%downloads_bearer%%"),this.http.post("https://pardot-csebufpdta-nw.a.run.app",i.toString(),{headers:{"Content-Type":"application/x-www-form-urlencoded"}}).pipe(j(n=>(console.error(n),T(null))))}return T(null)}login(e,s){this.oauthService.initImplicitFlow(s||void 0)}logout(){this.oauthService.revokeTokenAndLogout()}static{this.\u0275fac=function(s){return new(s||t)}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac,providedIn:"root"})}}return t})();var Po=(()=>{class t{constructor(e,s,i,n){this.authService=e,this.actions$=s,this.store=i,this.router=n,this.initAuth$=U(()=>this.actions$.pipe(P(b.setConfig),L(({appConfig:o})=>ye(this.authService.initAuth(o)).pipe(R(c=>(c?.redirectUrl&&this.router.navigate([c.redirectUrl]),A.initAuthSuccess({authData:c}))),j(c=>T(A.initAuthFailure({error:c}))))))),this.getLicense$=U(()=>this.actions$.pipe(P(A.getLicense),Te(this.store.select(se)),L(([o,c])=>c?this.authService.getLicense(c.idToken,c.authProfile.email).pipe(R(a=>a?A.getLicenseSuccess({license:a}):A.getLicenseError({error:"No license returned."})),j(a=>T(A.getLicenseError({error:a})))):It))),this.login$=U(()=>this.actions$.pipe(P(A.login),B(o=>{this.authService.login(o.email,o.redirectUrl)})),{dispatch:!1}),this.logout$=U(()=>this.actions$.pipe(P(A.logout),B(()=>{this.authService.logout()})),{dispatch:!1})}static{this.\u0275fac=function(s){return new(s||t)(f(Ms),f(He),f(O),f(zt))}}static{this.\u0275prov=w({token:t,factory:t.\u0275fac})}}return t})();var Ko=(t,r)=>v(O).select(Me.selectAccessToken).pipe(Z(1),be(s=>{if(t.url==="https://pardot-csebufpdta-nw.a.run.app")return r(t);let i=s?t.clone({setHeaders:{Authorization:`Bearer ${s}`}}):t;return r(i)}));export{Vi as a,yo as b,F as c,Pe as d,O as e,k as f,te as g,on as h,cn as i,D as j,Le as k,A as l,U as m,He as n,P as o,Jn as p,ks as q,fn as r,Or as s,$r as t,Me as u,b as v,Oe as w,bn as x,Ss as y,bs as z,Xn as A,js as B,Po as C,Ko as D};