{"version":3,"sources":["meteor://💻app/packages/oauth/oauth_server.js","meteor://💻app/packages/oauth/pending_credentials.js","meteor://💻app/packages/oauth/oauth_common.js","meteor://💻app/packages/oauth/deprecated.js"],"names":["url","module","link","default","v","OAuth","OAuthTest","RoutePolicy","declare","registeredServices","_requestHandlers","registerService","name","version","urls","handleOauthRequest","Error","serviceName","unregisterService","retrieveCredential","credentialToken","credentialSecret","_retrievePendingCredential","_generateState","loginStyle","redirectUrl","Buffer","from","JSON","stringify","toString","_stateFromQuery","query","string","state","e","Log","warn","parse","_loginStyleFromQuery","style","err","_credentialTokenFromQuery","_isCordovaFromQuery","isCordova","_checkRedirectUrlOrigin","appHost","Meteor","absoluteUrl","appHostReplacedLocalhost","undefined","replaceLocalhost","substr","length","middleware","req","res","next","oauthServiceName","service","ensureConfigured","handler","_storePendingCredential","stack","message","_endOfLoginResponse","error","WebApp","connectHandlers","use","i","indexOf","barePath","substring","splitPath","split","ServiceConfiguration","configurations","findOne","ConfigError","isSafe","value","test","_renderOauthResults","only_credential_secret_for_test","writeHead","end","details","token","secret","credentials","_endOfPopupResponseTemplate","Assets","getText","_endOfRedirectResponseTemplate","renderEndOfLoginResponse","options","escape","s","replace","config","setCredentialToken","storagePrefix","_storageTokenPrefix","template","result","__meteor_runtime_config__","ROOT_URL_PATH_PREFIX","OAuthEncryption","Package","usingOAuthEncryption","keyIsLoaded","sealSecret","plaintext","seal","openSecret","maybeSecret","userId","isSealed","open","openSecrets","serviceData","Object","keys","forEach","key","_pendingCredentials","Mongo","Collection","_preventAutopublish","_ensureIndex","unique","_cleanStaleResults","timeCutoff","Date","setMinutes","getMinutes","remove","createdAt","$lt","_cleanupHandle","setInterval","credential","check","String","Match","Maybe","storableError","upsert","pendingCredential","_id","recreateError","plainObject","getOwnPropertyNames","errorDoc","meteorError","_redirectUri","params","absoluteUrlOptions","isAndroid","cordova","android","isServer","Npm","require","rootUrl","process","env","MOBILE_ROOT_URL","ROOT_URL","parsedRootUrl","hostname","host","format","URL","_constructUrl","Oauth"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,IAAIA,GAAJ;AAAQC,MAAM,CAACC,IAAP,CAAY,KAAZ,EAAkB;AAACC,SAAO,CAACC,CAAD,EAAG;AAACJ,OAAG,GAACI,CAAJ;AAAM;;AAAlB,CAAlB,EAAsC,CAAtC;AAERC,KAAK,GAAG,EAAR;AACAC,SAAS,GAAG,EAAZ;AAEAC,WAAW,CAACC,OAAZ,CAAoB,UAApB,EAAgC,SAAhC;AAEA,MAAMC,kBAAkB,GAAG,EAA3B,C,CAEA;AACA;AACA;;AACAJ,KAAK,CAACK,gBAAN,GAAyB,EAAzB,C,CAGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACAL,KAAK,CAACM,eAAN,GAAwB,CAACC,IAAD,EAAOC,OAAP,EAAgBC,IAAhB,EAAsBC,kBAAtB,KAA6C;AACnE,MAAIN,kBAAkB,CAACG,IAAD,CAAtB,EACE,MAAM,IAAII,KAAJ,CAAW,0BAAyBJ,IAAK,gBAAzC,CAAN;AAEFH,oBAAkB,CAACG,IAAD,CAAlB,GAA2B;AACzBK,eAAW,EAAEL,IADY;AAEzBC,WAFyB;AAGzBC,QAHyB;AAIzBC;AAJyB,GAA3B;AAMD,CAVD,C,CAYA;;;AACAT,SAAS,CAACY,iBAAV,GAA8BN,IAAI,IAAI;AACpC,SAAOH,kBAAkB,CAACG,IAAD,CAAzB;AACD,CAFD;;AAKAP,KAAK,CAACc,kBAAN,GAA2B,CAACC,eAAD,EAAkBC,gBAAlB,KACzBhB,KAAK,CAACiB,0BAAN,CAAiCF,eAAjC,EAAkDC,gBAAlD,CADF,C,CAIA;AACA;AACA;;;AACAhB,KAAK,CAACkB,cAAN,GAAuB,CAACC,UAAD,EAAaJ,eAAb,EAA8BK,WAA9B,KAA8C;AACnE,SAAOC,MAAM,CAACC,IAAP,CAAYC,IAAI,CAACC,SAAL,CAAe;AAChCL,cAAU,EAAEA,UADoB;AAEhCJ,mBAAe,EAAEA,eAFe;AAGhCK,eAAW,EAAEA;AAHmB,GAAf,CAAZ,EAGuBK,QAHvB,CAGgC,QAHhC,CAAP;AAID,CALD;;AAOAzB,KAAK,CAAC0B,eAAN,GAAwBC,KAAK,IAAI;AAC/B,MAAIC,MAAJ;;AACA,MAAI;AACFA,UAAM,GAAGP,MAAM,CAACC,IAAP,CAAYK,KAAK,CAACE,KAAlB,EAAyB,QAAzB,EAAmCJ,QAAnC,CAA4C,QAA5C,CAAT;AACD,GAFD,CAEE,OAAOK,CAAP,EAAU;AACVC,OAAG,CAACC,IAAJ,CAAU,mDAAkDL,KAAK,CAACE,KAAM,EAAxE;AACA,UAAMC,CAAN;AACD;;AAED,MAAI;AACF,WAAOP,IAAI,CAACU,KAAL,CAAWL,MAAX,CAAP;AACD,GAFD,CAEE,OAAOE,CAAP,EAAU;AACVC,OAAG,CAACC,IAAJ,CAAU,2CAA0CJ,MAAO,EAA3D;AACA,UAAME,CAAN;AACD;AACF,CAfD;;AAiBA9B,KAAK,CAACkC,oBAAN,GAA6BP,KAAK,IAAI;AACpC,MAAIQ,KAAJ,CADoC,CAEpC;AACA;AACA;;AACA,MAAI;AACFA,SAAK,GAAGnC,KAAK,CAAC0B,eAAN,CAAsBC,KAAtB,EAA6BR,UAArC;AACD,GAFD,CAEE,OAAOiB,GAAP,EAAY;AACZD,SAAK,GAAG,OAAR;AACD;;AACD,MAAIA,KAAK,KAAK,OAAV,IAAqBA,KAAK,KAAK,UAAnC,EAA+C;AAC7C,UAAM,IAAIxB,KAAJ,CAAW,6BAA4BwB,KAAM,EAA7C,CAAN;AACD;;AACD,SAAOA,KAAP;AACD,CAdD;;AAgBAnC,KAAK,CAACqC,yBAAN,GAAkCV,KAAK,IAAI;AACzC,MAAIE,KAAJ,CADyC,CAEzC;AACA;AACA;AACA;;AACA,MAAI;AACFA,SAAK,GAAG7B,KAAK,CAAC0B,eAAN,CAAsBC,KAAtB,CAAR;AACD,GAFD,CAEE,OAAOS,GAAP,EAAY;AACZ,WAAOT,KAAK,CAACE,KAAb;AACD;;AACD,SAAOA,KAAK,CAACd,eAAb;AACD,CAZD;;AAcAf,KAAK,CAACsC,mBAAN,GAA4BX,KAAK,IAAI;AACnC,MAAI;AACF,WAAO,CAAC,CAAE3B,KAAK,CAAC0B,eAAN,CAAsBC,KAAtB,EAA6BY,SAAvC;AACD,GAFD,CAEE,OAAOH,GAAP,EAAY;AACZ;AACA;AACA;AACA;AACA,WAAO,KAAP;AACD;AACF,CAVD,C,CAYA;AACA;AACA;AACA;;;AACApC,KAAK,CAACwC,uBAAN,GAAgCpB,WAAW,IAAI;AAC7C,QAAMqB,OAAO,GAAGC,MAAM,CAACC,WAAP,EAAhB;AACA,QAAMC,wBAAwB,GAAGF,MAAM,CAACC,WAAP,CAAmBE,SAAnB,EAA8B;AAC7DC,oBAAgB,EAAE;AAD2C,GAA9B,CAAjC;AAGA,SACE1B,WAAW,CAAC2B,MAAZ,CAAmB,CAAnB,EAAsBN,OAAO,CAACO,MAA9B,MAA0CP,OAA1C,IACArB,WAAW,CAAC2B,MAAZ,CAAmB,CAAnB,EAAsBH,wBAAwB,CAACI,MAA/C,MAA2DJ,wBAF7D;AAID,CATD;;AAWA,MAAMK,UAAU,GAAG,CAACC,GAAD,EAAMC,GAAN,EAAWC,IAAX,KAAoB;AACrC;AACA;AACA,MAAI;AACF,UAAMxC,WAAW,GAAGyC,gBAAgB,CAACH,GAAD,CAApC;;AACA,QAAI,CAACtC,WAAL,EAAkB;AAChB;AACAwC,UAAI;AACJ;AACD;;AAED,UAAME,OAAO,GAAGlD,kBAAkB,CAACQ,WAAD,CAAlC,CARE,CAUF;;AACA,QAAI,CAAC0C,OAAL,EACE,MAAM,IAAI3C,KAAJ,CAAW,4BAA2BC,WAAY,EAAlD,CAAN,CAZA,CAcF;;AACA2C,oBAAgB,CAAC3C,WAAD,CAAhB;AAEA,UAAM4C,OAAO,GAAGxD,KAAK,CAACK,gBAAN,CAAuBiD,OAAO,CAAC9C,OAA/B,CAAhB;AACA,QAAI,CAACgD,OAAL,EACE,MAAM,IAAI7C,KAAJ,CAAW,4BAA2B2C,OAAO,CAAC9C,OAAQ,EAAtD,CAAN;AACFgD,WAAO,CAACF,OAAD,EAAUJ,GAAG,CAACvB,KAAd,EAAqBwB,GAArB,CAAP;AACD,GArBD,CAqBE,OAAOf,GAAP,EAAY;AACZ;AACA;AACA;AACA;AACA;AACA;AACA;AACA,QAAIc,GAAG,CAACvB,KAAJ,CAAUE,KAAV,IAAmBO,GAAG,YAAYzB,KAAtC,EAA6C;AAC3C,UAAI;AAAE;AACJX,aAAK,CAACyD,uBAAN,CAA8BzD,KAAK,CAACqC,yBAAN,CAAgCa,GAAG,CAACvB,KAApC,CAA9B,EAA0ES,GAA1E;AACD,OAFD,CAEE,OAAOA,GAAP,EAAY;AACZ;AACA;AACAL,WAAG,CAACC,IAAJ,CAAS,gEACAI,GAAG,CAACsB,KADJ,IACatB,GAAG,CAACuB,OAD1B;AAED;AACF,KAjBW,CAmBZ;AACA;AACA;AACA;;;AACA,QAAI;AACF3D,WAAK,CAAC4D,mBAAN,CAA0BT,GAA1B,EAA+B;AAC7BxB,aAAK,EAAEuB,GAAG,CAACvB,KADkB;AAE7BR,kBAAU,EAAEnB,KAAK,CAACkC,oBAAN,CAA2BgB,GAAG,CAACvB,KAA/B,CAFiB;AAG7BkC,aAAK,EAAEzB;AAHsB,OAA/B;AAKD,KAND,CAME,OAAOA,GAAP,EAAY;AACZL,SAAG,CAACC,IAAJ,CAAS,8CACCI,GAAG,KAAKA,GAAG,CAACsB,KAAJ,IAAatB,GAAG,CAACuB,OAAtB,CADJ,CAAT;AAED;AACF;AACF,CA1DD,C,CA4DA;;;AACAG,MAAM,CAACC,eAAP,CAAuBC,GAAvB,CAA2Bf,UAA3B;AAEAhD,SAAS,CAACgD,UAAV,GAAuBA,UAAvB,C,CAEA;AACA;AACA;AACA;;AACA,MAAMI,gBAAgB,GAAGH,GAAG,IAAI;AAC9B;AACA,QAAMe,CAAC,GAAGf,GAAG,CAACvD,GAAJ,CAAQuE,OAAR,CAAgB,GAAhB,CAAV;AACA,MAAIC,QAAJ;AACA,MAAIF,CAAC,KAAK,CAAC,CAAX,EACEE,QAAQ,GAAGjB,GAAG,CAACvD,GAAf,CADF,KAGEwE,QAAQ,GAAGjB,GAAG,CAACvD,GAAJ,CAAQyE,SAAR,CAAkB,CAAlB,EAAqBH,CAArB,CAAX;AACF,QAAMI,SAAS,GAAGF,QAAQ,CAACG,KAAT,CAAe,GAAf,CAAlB,CAR8B,CAU9B;AACA;;AACA,MAAID,SAAS,CAAC,CAAD,CAAT,KAAiB,QAArB,EACE,OAAO,IAAP,CAb4B,CAe9B;;AACA,QAAMzD,WAAW,GAAGyD,SAAS,CAAC,CAAD,CAA7B;AACA,SAAOzD,WAAP;AACD,CAlBD,C,CAoBA;;;AACA,MAAM2C,gBAAgB,GAAG3C,WAAW,IAAI;AACtC,MAAI,CAAC2D,oBAAoB,CAACC,cAArB,CAAoCC,OAApC,CAA4C;AAACnB,WAAO,EAAE1C;AAAV,GAA5C,CAAL,EAA0E;AACxE,UAAM,IAAI2D,oBAAoB,CAACG,WAAzB,EAAN;AACD;AACF,CAJD;;AAMA,MAAMC,MAAM,GAAGC,KAAK,IAAI;AACtB;AACA;AACA,SAAO,OAAOA,KAAP,KAAiB,QAAjB,IACL,oBAAoBC,IAApB,CAAyBD,KAAzB,CADF;AAED,CALD,C,CAOA;;;AACA5E,KAAK,CAAC8E,mBAAN,GAA4B,CAAC3B,GAAD,EAAMxB,KAAN,EAAaX,gBAAb,KAAkC;AAC5D;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAEA,MAAIW,KAAK,CAACoD,+BAAV,EAA2C;AACzC5B,OAAG,CAAC6B,SAAJ,CAAc,GAAd,EAAmB;AAAC,sBAAgB;AAAjB,KAAnB;AACA7B,OAAG,CAAC8B,GAAJ,CAAQjE,gBAAR,EAA0B,OAA1B;AACD,GAHD,MAGO;AACL,UAAMkE,OAAO,GAAG;AACdvD,WADc;AAEdR,gBAAU,EAAEnB,KAAK,CAACkC,oBAAN,CAA2BP,KAA3B;AAFE,KAAhB;;AAIA,QAAIA,KAAK,CAACkC,KAAV,EAAiB;AACfqB,aAAO,CAACrB,KAAR,GAAgBlC,KAAK,CAACkC,KAAtB;AACD,KAFD,MAEO;AACL,YAAMsB,KAAK,GAAGnF,KAAK,CAACqC,yBAAN,CAAgCV,KAAhC,CAAd;;AACA,YAAMyD,MAAM,GAAGpE,gBAAf;;AACA,UAAImE,KAAK,IAAIC,MAAT,IACAT,MAAM,CAACQ,KAAD,CADN,IACiBR,MAAM,CAACS,MAAD,CAD3B,EACqC;AACnCF,eAAO,CAACG,WAAR,GAAsB;AAAEF,eAAK,EAAEA,KAAT;AAAgBC,gBAAM,EAAEA;AAAxB,SAAtB;AACD,OAHD,MAGO;AACLF,eAAO,CAACrB,KAAR,GAAgB,oCAAhB;AACD;AACF;;AAED7D,SAAK,CAAC4D,mBAAN,CAA0BT,GAA1B,EAA+B+B,OAA/B;AACD;AACF,CAjCD,C,CAmCA;AACA;AACA;;;AACAlF,KAAK,CAACsF,2BAAN,GAAoCC,MAAM,CAACC,OAAP,CAClC,4BADkC,CAApC;AAGAxF,KAAK,CAACyF,8BAAN,GAAuCF,MAAM,CAACC,OAAP,CACrC,+BADqC,CAAvC,C,CAGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;AACA,MAAME,wBAAwB,GAAGC,OAAO,IAAI;AAC1C;AACA;AACA;AACA;AAEA,QAAMC,MAAM,GAAGC,CAAC,IAAI;AAClB,QAAIA,CAAJ,EAAO;AACL,aAAOA,CAAC,CAACC,OAAF,CAAU,IAAV,EAAgB,OAAhB,EACLA,OADK,CACG,IADH,EACS,MADT,EAELA,OAFK,CAEG,IAFH,EAES,MAFT,EAGLA,OAHK,CAGG,KAHH,EAGU,QAHV,EAILA,OAJK,CAIG,KAJH,EAIU,QAJV,EAKLA,OALK,CAKG,KALH,EAKU,QALV,CAAP;AAMD,KAPD,MAOO;AACL,aAAOD,CAAP;AACD;AACF,GAXD,CAN0C,CAmB1C;AACA;;;AACA,QAAME,MAAM,GAAG;AACbC,sBAAkB,EAAE,CAAC,CAAEL,OAAO,CAACK,kBADlB;AAEbjF,mBAAe,EAAE6E,MAAM,CAACD,OAAO,CAAC5E,eAAT,CAFV;AAGbC,oBAAgB,EAAE4E,MAAM,CAACD,OAAO,CAAC3E,gBAAT,CAHX;AAIbiF,iBAAa,EAAEL,MAAM,CAAC5F,KAAK,CAACkG,mBAAP,CAJR;AAKb9E,eAAW,EAAEwE,MAAM,CAACD,OAAO,CAACvE,WAAT,CALN;AAMbmB,aAAS,EAAE,CAAC,CAAEoD,OAAO,CAACpD;AANT,GAAf;AASA,MAAI4D,QAAJ;;AACA,MAAIR,OAAO,CAACxE,UAAR,KAAuB,OAA3B,EAAoC;AAClCgF,YAAQ,GAAGnG,KAAK,CAACsF,2BAAjB;AACD,GAFD,MAEO,IAAIK,OAAO,CAACxE,UAAR,KAAuB,UAA3B,EAAuC;AAC5CgF,YAAQ,GAAGnG,KAAK,CAACyF,8BAAjB;AACD,GAFM,MAEA;AACL,UAAM,IAAI9E,KAAJ,CAAW,uBAAsBgF,OAAO,CAACxE,UAAW,EAApD,CAAN;AACD;;AAED,QAAMiF,MAAM,GAAGD,QAAQ,CAACL,OAAT,CAAiB,YAAjB,EAA+BvE,IAAI,CAACC,SAAL,CAAeuE,MAAf,CAA/B,EACZD,OADY,CAEX,0BAFW,EAEiBO,yBAAyB,CAACC,oBAF3C,CAAf;AAKA,SAAQ,oBAAmBF,MAAO,EAAlC;AACD,CA7CD,C,CA+CA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AACApG,KAAK,CAAC4D,mBAAN,GAA4B,CAACT,GAAD,EAAM+B,OAAN,KAAkB;AAC5C/B,KAAG,CAAC6B,SAAJ,CAAc,GAAd,EAAmB;AAAC,oBAAgB;AAAjB,GAAnB;AAEA,MAAI5D,WAAJ;;AACA,MAAI8D,OAAO,CAAC/D,UAAR,KAAuB,UAA3B,EAAuC;AACrCC,eAAW,GAAGpB,KAAK,CAAC0B,eAAN,CAAsBwD,OAAO,CAACvD,KAA9B,EAAqCP,WAAnD;AACA,UAAMqB,OAAO,GAAGC,MAAM,CAACC,WAAP,EAAhB;;AACA,QAAI3C,KAAK,CAACwC,uBAAN,CAA8BpB,WAA9B,CAAJ,EAAgD;AAC9C8D,aAAO,CAACrB,KAAR,GAAiB,gBAAezC,WAAY,EAA5B,GACb,yCAAwCqB,OAAQ,GADnD;AAEArB,iBAAW,GAAGqB,OAAd;AACD;AACF;;AAED,QAAMF,SAAS,GAAGvC,KAAK,CAACsC,mBAAN,CAA0B4C,OAAO,CAACvD,KAAlC,CAAlB;;AAEA,MAAIuD,OAAO,CAACrB,KAAZ,EAAmB;AACjB9B,OAAG,CAACC,IAAJ,CAAS,6BACCkD,OAAO,CAACrB,KAAR,YAAyBlD,KAAzB,GACAuE,OAAO,CAACrB,KAAR,CAAcF,OADd,GACwBuB,OAAO,CAACrB,KAFjC,CAAT;AAGAV,OAAG,CAAC8B,GAAJ,CAAQS,wBAAwB,CAAC;AAC/BvE,gBAAU,EAAE+D,OAAO,CAAC/D,UADW;AAE/B6E,wBAAkB,EAAE,KAFW;AAG/B5E,iBAH+B;AAI/BmB;AAJ+B,KAAD,CAAhC,EAKI,OALJ;AAMA;AACD,GA3B2C,CA6B5C;AACA;AACA;;;AACAY,KAAG,CAAC8B,GAAJ,CAAQS,wBAAwB,CAAC;AAC/BvE,cAAU,EAAE+D,OAAO,CAAC/D,UADW;AAE/B6E,sBAAkB,EAAE,IAFW;AAG/BjF,mBAAe,EAAEmE,OAAO,CAACG,WAAR,CAAoBF,KAHN;AAI/BnE,oBAAgB,EAAEkE,OAAO,CAACG,WAAR,CAAoBD,MAJP;AAK/BhE,eAL+B;AAM/BmB;AAN+B,GAAD,CAAhC,EAOI,OAPJ;AAQD,CAxCD;;AA2CA,MAAMgE,eAAe,GAAGC,OAAO,CAAC,kBAAD,CAAP,IAA+BA,OAAO,CAAC,kBAAD,CAAP,CAA4BD,eAAnF;;AAEA,MAAME,oBAAoB,GAAG,MAC3BF,eAAe,IAAIA,eAAe,CAACG,WAAhB,EADrB,C,CAGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA1G,KAAK,CAAC2G,UAAN,GAAmBC,SAAS,IAAI;AAC9B,MAAIH,oBAAoB,EAAxB,EACE,OAAOF,eAAe,CAACM,IAAhB,CAAqBD,SAArB,CAAP,CADF,KAGE,OAAOA,SAAP;AACH,CALD,C,CAOA;AACA;AACA;AACA;AACA;AACA;;;AACA5G,KAAK,CAAC8G,UAAN,GAAmB,CAACC,WAAD,EAAcC,MAAd,KAAyB;AAC1C,MAAI,CAACR,OAAO,CAAC,kBAAD,CAAR,IAAgC,CAACD,eAAe,CAACU,QAAhB,CAAyBF,WAAzB,CAArC,EACE,OAAOA,WAAP;AAEF,SAAOR,eAAe,CAACW,IAAhB,CAAqBH,WAArB,EAAkCC,MAAlC,CAAP;AACD,CALD,C,CAOA;AACA;;;AACAhH,KAAK,CAACmH,WAAN,GAAoB,CAACC,WAAD,EAAcJ,MAAd,KAAyB;AAC3C,QAAMZ,MAAM,GAAG,EAAf;AACAiB,QAAM,CAACC,IAAP,CAAYF,WAAZ,EAAyBG,OAAzB,CAAiCC,GAAG,IAClCpB,MAAM,CAACoB,GAAD,CAAN,GAAcxH,KAAK,CAAC8G,UAAN,CAAiBM,WAAW,CAACI,GAAD,CAA5B,EAAmCR,MAAnC,CADhB;AAGA,SAAOZ,MAAP;AACD,CAND,C;;;;;;;;;;;ACtcA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AAGA;AACA;AACApG,KAAK,CAACyH,mBAAN,GAA4B,IAAIC,KAAK,CAACC,UAAV,CAC1B,iCAD0B,EACS;AACjCC,qBAAmB,EAAE;AADY,CADT,CAA5B;;AAKA5H,KAAK,CAACyH,mBAAN,CAA0BI,YAA1B,CAAuC,KAAvC,EAA8C;AAACC,QAAM,EAAE;AAAT,CAA9C;;AACA9H,KAAK,CAACyH,mBAAN,CAA0BI,YAA1B,CAAuC,kBAAvC;;AACA7H,KAAK,CAACyH,mBAAN,CAA0BI,YAA1B,CAAuC,WAAvC,E,CAIA;;;AACA,MAAME,kBAAkB,GAAG,MAAM;AAC/B;AACA,QAAMC,UAAU,GAAG,IAAIC,IAAJ,EAAnB;AACAD,YAAU,CAACE,UAAX,CAAsBF,UAAU,CAACG,UAAX,KAA0B,CAAhD;;AACAnI,OAAK,CAACyH,mBAAN,CAA0BW,MAA1B,CAAiC;AAAEC,aAAS,EAAE;AAAEC,SAAG,EAAEN;AAAP;AAAb,GAAjC;AACD,CALD;;AAMA,MAAMO,cAAc,GAAG7F,MAAM,CAAC8F,WAAP,CAAmBT,kBAAnB,EAAuC,KAAK,IAA5C,CAAvB,C,CAGA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;;;AACA/H,KAAK,CAACyD,uBAAN,GAAgC,CAAC+D,GAAD,EAAMiB,UAAN,EAAkBzH,gBAAgB,GAAG,IAArC,KAA8C;AAC5E0H,OAAK,CAAClB,GAAD,EAAMmB,MAAN,CAAL;AACAD,OAAK,CAAC1H,gBAAD,EAAmB4H,KAAK,CAACC,KAAN,CAAYF,MAAZ,CAAnB,CAAL;;AAEA,MAAIF,UAAU,YAAY9H,KAA1B,EAAiC;AAC/B8H,cAAU,GAAGK,aAAa,CAACL,UAAD,CAA1B;AACD,GAFD,MAEO;AACLA,cAAU,GAAGzI,KAAK,CAAC2G,UAAN,CAAiB8B,UAAjB,CAAb;AACD,GAR2E,CAU5E;AACA;AACA;;;AACAzI,OAAK,CAACyH,mBAAN,CAA0BsB,MAA1B,CAAiC;AAC/BvB;AAD+B,GAAjC,EAEG;AACDA,OADC;AAEDiB,cAFC;AAGDzH,oBAHC;AAIDqH,aAAS,EAAE,IAAIJ,IAAJ;AAJV,GAFH;AAQD,CArBD,C,CAwBA;AACA;AACA;AACA;AACA;;;AACAjI,KAAK,CAACiB,0BAAN,GAAmC,CAACuG,GAAD,EAAMxG,gBAAgB,GAAG,IAAzB,KAAkC;AACnE0H,OAAK,CAAClB,GAAD,EAAMmB,MAAN,CAAL;;AAEA,QAAMK,iBAAiB,GAAGhJ,KAAK,CAACyH,mBAAN,CAA0BhD,OAA1B,CAAkC;AAC1D+C,OAD0D;AAE1DxG;AAF0D,GAAlC,CAA1B;;AAKA,MAAIgI,iBAAJ,EAAuB;AACrBhJ,SAAK,CAACyH,mBAAN,CAA0BW,MAA1B,CAAiC;AAAEa,SAAG,EAAED,iBAAiB,CAACC;AAAzB,KAAjC;;AACA,QAAID,iBAAiB,CAACP,UAAlB,CAA6B5E,KAAjC,EACE,OAAOqF,aAAa,CAACF,iBAAiB,CAACP,UAAlB,CAA6B5E,KAA9B,CAApB,CADF,KAGE,OAAO7D,KAAK,CAAC8G,UAAN,CAAiBkC,iBAAiB,CAACP,UAAnC,CAAP;AACH,GAND,MAMO;AACL,WAAO5F,SAAP;AACD;AACF,CAjBD,C,CAoBA;AACA;AACA;AACA;;;AACA,MAAMiG,aAAa,GAAGjF,KAAK,IAAI;AAC7B,QAAMsF,WAAW,GAAG,EAApB;AACA9B,QAAM,CAAC+B,mBAAP,CAA2BvF,KAA3B,EAAkC0D,OAAlC,CACEC,GAAG,IAAI2B,WAAW,CAAC3B,GAAD,CAAX,GAAmB3D,KAAK,CAAC2D,GAAD,CADjC,EAF6B,CAM7B;;AACA,MAAG3D,KAAK,YAAYnB,MAAM,CAAC/B,KAA3B,EAAkC;AAChCwI,eAAW,CAAC,aAAD,CAAX,GAA6B,IAA7B;AACD;;AAED,SAAO;AAAEtF,SAAK,EAAEsF;AAAT,GAAP;AACD,CAZD,C,CAcA;;;AACA,MAAMD,aAAa,GAAGG,QAAQ,IAAI;AAChC,MAAIxF,KAAJ;;AAEA,MAAIwF,QAAQ,CAACC,WAAb,EAA0B;AACxBzF,SAAK,GAAG,IAAInB,MAAM,CAAC/B,KAAX,EAAR;AACA,WAAO0I,QAAQ,CAACC,WAAhB;AACD,GAHD,MAGO;AACLzF,SAAK,GAAG,IAAIlD,KAAJ,EAAR;AACD;;AAED0G,QAAM,CAAC+B,mBAAP,CAA2BC,QAA3B,EAAqC9B,OAArC,CAA6CC,GAAG,IAC9C3D,KAAK,CAAC2D,GAAD,CAAL,GAAa6B,QAAQ,CAAC7B,GAAD,CADvB;AAIA,SAAO3D,KAAP;AACD,CAfD,C;;;;;;;;;;;;;;;AC9GA7D,KAAK,CAACkG,mBAAN,GAA4B,gCAA5B;;AAEAlG,KAAK,CAACuJ,YAAN,GAAqB,CAAC3I,WAAD,EAAcmF,MAAd,EAAsByD,MAAtB,EAA8BC,kBAA9B,KAAqD;AACxE;AACA;AACA;AACA;AACA;AACA;AACA;AACA,QAAM9H,KAAK,GAAGoE,MAAM,CAAC5E,UAAP,GAAoB,IAApB,GAA2B,OAAzC,CARwE,CAUxE;AACA;AACA;;AACA,MAAIoB,SAAS,GAAG,KAAhB;AACA,MAAImH,SAAS,GAAG,KAAhB;;AACA,MAAIF,MAAJ,EAAY;AACVA,UAAM,mCAAQA,MAAR,CAAN;AACAjH,aAAS,GAAGiH,MAAM,CAACG,OAAnB;AACAD,aAAS,GAAGF,MAAM,CAACI,OAAnB;AACA,WAAOJ,MAAM,CAACG,OAAd;AACA,WAAOH,MAAM,CAACI,OAAd;;AACA,QAAIvC,MAAM,CAACC,IAAP,CAAYkC,MAAZ,EAAoBxG,MAApB,KAA+B,CAAnC,EAAsC;AACpCwG,YAAM,GAAG3G,SAAT;AACD;AACF;;AAED,MAAIH,MAAM,CAACmH,QAAP,IAAmBtH,SAAvB,EAAkC;AAChC,UAAM5C,GAAG,GAAGmK,GAAG,CAACC,OAAJ,CAAY,KAAZ,CAAZ;;AACA,QAAIC,OAAO,GAAGC,OAAO,CAACC,GAAR,CAAYC,eAAZ,IACR9D,yBAAyB,CAAC+D,QADhC;;AAGA,QAAIV,SAAJ,EAAe;AACb;AACA;AACA;AACA;AACA;AACA,YAAMW,aAAa,GAAG1K,GAAG,CAACsC,KAAJ,CAAU+H,OAAV,CAAtB;;AACA,UAAIK,aAAa,CAACC,QAAd,KAA2B,WAA/B,EAA4C;AAC1CD,qBAAa,CAACC,QAAd,GAAyB,UAAzB;AACA,eAAOD,aAAa,CAACE,IAArB;AACD;;AACDP,aAAO,GAAGrK,GAAG,CAAC6K,MAAJ,CAAWH,aAAX,CAAV;AACD;;AAEDZ,sBAAkB,mCACbA,kBADa;AAEhB;AACA;AACAO;AAJgB,MAAlB;AAMD;;AAED,SAAOS,GAAG,CAACC,aAAJ,CACLhI,MAAM,CAACC,WAAP,CAAoB,UAAS/B,WAAY,EAAzC,EAA4C6I,kBAA5C,CADK,EAEL9H,KAFK,EAGL6H,MAHK,CAAP;AAID,CAzDD,C;;;;;;;;;;;ACFA;AAEAmB,KAAK,GAAG3K,KAAR,C","file":"/packages/oauth.js","sourcesContent":["import url from 'url';\n\nOAuth = {};\nOAuthTest = {};\n\nRoutePolicy.declare('/_oauth/', 'network');\n\nconst registeredServices = {};\n\n// Internal: Maps from service version to handler function. The\n// 'oauth1' and 'oauth2' packages manipulate this directly to register\n// for callbacks.\nOAuth._requestHandlers = {};\n\n\n// Register a handler for an OAuth service. The handler will be called\n// when we get an incoming http request on /_oauth/{serviceName}. This\n// handler should use that information to fetch data about the user\n// logging in.\n//\n// @param name {String} e.g. \"google\", \"facebook\"\n// @param version {Number} OAuth version (1 or 2)\n// @param urls For OAuth1 only, specify the service's urls\n// @param handleOauthRequest {Function(oauthBinding|query)}\n// - (For OAuth1 only) oauthBinding {OAuth1Binding} bound to the appropriate provider\n// - (For OAuth2 only) query {Object} parameters passed in query string\n// - return value is:\n// - {serviceData:, (optional options:)} where serviceData should end\n// up in the user's services[name] field\n// - `null` if the user declined to give permissions\n//\nOAuth.registerService = (name, version, urls, handleOauthRequest) => {\n if (registeredServices[name])\n throw new Error(`Already registered the ${name} OAuth service`);\n\n registeredServices[name] = {\n serviceName: name,\n version,\n urls,\n handleOauthRequest,\n };\n};\n\n// For test cleanup.\nOAuthTest.unregisterService = name => {\n delete registeredServices[name];\n};\n\n\nOAuth.retrieveCredential = (credentialToken, credentialSecret) =>\n OAuth._retrievePendingCredential(credentialToken, credentialSecret);\n\n\n// The state parameter is normally generated on the client using\n// `btoa`, but for tests we need a version that runs on the server.\n//\nOAuth._generateState = (loginStyle, credentialToken, redirectUrl) => {\n return Buffer.from(JSON.stringify({\n loginStyle: loginStyle,\n credentialToken: credentialToken,\n redirectUrl: redirectUrl})).toString('base64');\n};\n\nOAuth._stateFromQuery = query => {\n let string;\n try {\n string = Buffer.from(query.state, 'base64').toString('binary');\n } catch (e) {\n Log.warn(`Unable to base64 decode state from OAuth query: ${query.state}`);\n throw e;\n }\n\n try {\n return JSON.parse(string);\n } catch (e) {\n Log.warn(`Unable to parse state from OAuth query: ${string}`);\n throw e;\n }\n};\n\nOAuth._loginStyleFromQuery = query => {\n let style;\n // For backwards-compatibility for older clients, catch any errors\n // that result from parsing the state parameter. If we can't parse it,\n // set login style to popup by default.\n try {\n style = OAuth._stateFromQuery(query).loginStyle;\n } catch (err) {\n style = \"popup\";\n }\n if (style !== \"popup\" && style !== \"redirect\") {\n throw new Error(`Unrecognized login style: ${style}`);\n }\n return style;\n};\n\nOAuth._credentialTokenFromQuery = query => {\n let state;\n // For backwards-compatibility for older clients, catch any errors\n // that result from parsing the state parameter. If we can't parse it,\n // assume that the state parameter's value is the credential token, as\n // it used to be for older clients.\n try {\n state = OAuth._stateFromQuery(query);\n } catch (err) {\n return query.state;\n }\n return state.credentialToken;\n};\n\nOAuth._isCordovaFromQuery = query => {\n try {\n return !! OAuth._stateFromQuery(query).isCordova;\n } catch (err) {\n // For backwards-compatibility for older clients, catch any errors\n // that result from parsing the state parameter. If we can't parse\n // it, assume that we are not on Cordova, since older Meteor didn't\n // do Cordova.\n return false;\n }\n};\n\n// Checks if the `redirectUrl` matches the app host.\n// We export this function so that developers can override this\n// behavior to allow apps from external domains to login using the\n// redirect OAuth flow.\nOAuth._checkRedirectUrlOrigin = redirectUrl => {\n const appHost = Meteor.absoluteUrl();\n const appHostReplacedLocalhost = Meteor.absoluteUrl(undefined, {\n replaceLocalhost: true\n });\n return (\n redirectUrl.substr(0, appHost.length) !== appHost &&\n redirectUrl.substr(0, appHostReplacedLocalhost.length) !== appHostReplacedLocalhost\n );\n};\n\nconst middleware = (req, res, next) => {\n // Make sure to catch any exceptions because otherwise we'd crash\n // the runner\n try {\n const serviceName = oauthServiceName(req);\n if (!serviceName) {\n // not an oauth request. pass to next middleware.\n next();\n return;\n }\n\n const service = registeredServices[serviceName];\n\n // Skip everything if there's no service set by the oauth middleware\n if (!service)\n throw new Error(`Unexpected OAuth service ${serviceName}`);\n\n // Make sure we're configured\n ensureConfigured(serviceName);\n\n const handler = OAuth._requestHandlers[service.version];\n if (!handler)\n throw new Error(`Unexpected OAuth version ${service.version}`);\n handler(service, req.query, res);\n } catch (err) {\n // if we got thrown an error, save it off, it will get passed to\n // the appropriate login call (if any) and reported there.\n //\n // The other option would be to display it in the popup tab that\n // is still open at this point, ignoring the 'close' or 'redirect'\n // we were passed. But then the developer wouldn't be able to\n // style the error or react to it in any way.\n if (req.query.state && err instanceof Error) {\n try { // catch any exceptions to avoid crashing runner\n OAuth._storePendingCredential(OAuth._credentialTokenFromQuery(req.query), err);\n } catch (err) {\n // Ignore the error and just give up. If we failed to store the\n // error, then the login will just fail with a generic error.\n Log.warn(\"Error in OAuth Server while storing pending login result.\\n\" +\n err.stack || err.message);\n }\n }\n\n // close the popup. because nobody likes them just hanging\n // there. when someone sees this multiple times they might\n // think to check server logs (we hope?)\n // Catch errors because any exception here will crash the runner.\n try {\n OAuth._endOfLoginResponse(res, {\n query: req.query,\n loginStyle: OAuth._loginStyleFromQuery(req.query),\n error: err\n });\n } catch (err) {\n Log.warn(\"Error generating end of login response\\n\" +\n (err && (err.stack || err.message)));\n }\n }\n};\n\n// Listen to incoming OAuth http requests\nWebApp.connectHandlers.use(middleware);\n\nOAuthTest.middleware = middleware;\n\n// Handle /_oauth/* paths and extract the service name.\n//\n// @returns {String|null} e.g. \"facebook\", or null if this isn't an\n// oauth request\nconst oauthServiceName = req => {\n // req.url will be \"/_oauth/\" with an optional \"?close\".\n const i = req.url.indexOf('?');\n let barePath;\n if (i === -1)\n barePath = req.url;\n else\n barePath = req.url.substring(0, i);\n const splitPath = barePath.split('/');\n\n // Any non-oauth request will continue down the default\n // middlewares.\n if (splitPath[1] !== '_oauth')\n return null;\n\n // Find service based on url\n const serviceName = splitPath[2];\n return serviceName;\n};\n\n// Make sure we're configured\nconst ensureConfigured = serviceName => {\n if (!ServiceConfiguration.configurations.findOne({service: serviceName})) {\n throw new ServiceConfiguration.ConfigError();\n }\n};\n\nconst isSafe = value => {\n // This matches strings generated by `Random.secret` and\n // `Random.id`.\n return typeof value === \"string\" &&\n /^[a-zA-Z0-9\\-_]+$/.test(value);\n};\n\n// Internal: used by the oauth1 and oauth2 packages\nOAuth._renderOauthResults = (res, query, credentialSecret) => {\n // For tests, we support the `only_credential_secret_for_test`\n // parameter, which just returns the credential secret without any\n // surrounding HTML. (The test needs to be able to easily grab the\n // secret and use it to log in.)\n //\n // XXX only_credential_secret_for_test could be useful for other\n // things beside tests, like command-line clients. We should give it a\n // real name and serve the credential secret in JSON.\n\n if (query.only_credential_secret_for_test) {\n res.writeHead(200, {'Content-Type': 'text/html'});\n res.end(credentialSecret, 'utf-8');\n } else {\n const details = {\n query,\n loginStyle: OAuth._loginStyleFromQuery(query)\n };\n if (query.error) {\n details.error = query.error;\n } else {\n const token = OAuth._credentialTokenFromQuery(query);\n const secret = credentialSecret;\n if (token && secret &&\n isSafe(token) && isSafe(secret)) {\n details.credentials = { token: token, secret: secret};\n } else {\n details.error = \"invalid_credential_token_or_secret\";\n }\n }\n\n OAuth._endOfLoginResponse(res, details);\n }\n};\n\n// This \"template\" (not a real Spacebars template, just an HTML file\n// with some ##PLACEHOLDER##s) communicates the credential secret back\n// to the main window and then closes the popup.\nOAuth._endOfPopupResponseTemplate = Assets.getText(\n \"end_of_popup_response.html\");\n\nOAuth._endOfRedirectResponseTemplate = Assets.getText(\n \"end_of_redirect_response.html\");\n\n// Renders the end of login response template into some HTML and JavaScript\n// that closes the popup or redirects at the end of the OAuth flow.\n//\n// options are:\n// - loginStyle (\"popup\" or \"redirect\")\n// - setCredentialToken (boolean)\n// - credentialToken\n// - credentialSecret\n// - redirectUrl\n// - isCordova (boolean)\n//\nconst renderEndOfLoginResponse = options => {\n // It would be nice to use Blaze here, but it's a little tricky\n // because our mustaches would be inside a