h&      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghi krdlab@gmail.com experimental Safe-Inferred"6 oidc-client#Manages state and nonce. (Maybe OIDC should have them) oidc-client"Generate state and nonce at random oidc-clientReturns j if  is unknown oidc-clientShould delete at least nonce   krdlab@gmail.com experimental Safe-Inferred"d klmnopqrstkrdlab@gmail.com experimental Safe-Inferred" oidc-client An OpenID Provider Configuration1 oidc-clientAn OpenID Provider information !"#$%&'()*+,-./012341234 !"#$%&'()*+,-./0krdlab@gmail.com experimental Safe-Inferred"; oidc-clientThis data type represents information needed in the OpenID flow.D oidc-clientOP's information (obtained by  )E oidc-client client ID oidc-client client secret oidc-clientredirect URI (the HTTP endpont on your server that will receive a response from OP) ;<=>?@ABCDE ;<=>?@ABCDEkrdlab@gmail.com experimental Safe-Inferred";F oidc-clientClaims required for an  =https://openid.net/specs/openid-connect-core-1_0.html#IDTokenID Token=, plus recommended claims (nonce) and other custom claims.FGKIMHJLNOPQRSUVTWOPQRSUVTFGKIMHJLNWkrdlab@gmail.com experimental Safe-Inferred" ^ oidc-clientMake URL for Authorization Request after generating state and nonce from ._ oidc-clientGet and validate access token and with code and state stored in the ". Then deletes session info by .` oidc-client#Make URL for Authorization Request.^ oidc-client?used to specify what are privileges requested for tokens. (use  ScopeValue) oidc-clientOptional parameters` oidc-client?used to specify what are privileges requested for tokens. (use  ScopeValue) oidc-client1used for CSRF mitigation. (recommended parameter) oidc-clientOptional parameters^_``_^krdlab@gmail.com experimental Safe-Inferred" aakrdlab@gmail.com experimental Safe-Inferred" b oidc-clientThis function obtains OpenID Provider configuration and JWK set.b oidc-client!OpenID Provider's Issuer location !"#$%&'()*+,1234abcba1234 !"#$%&'()*+,ckrdlab@gmail.com experimental Safe-Inferred"d oidc-clientMake URL for Authorization Request after generating state and nonce from .e oidc-clientGet and validate access token and with code and state stored in the ". Then deletes session info by .f oidc-client#Make URL for Authorization Request.g oidc-clientRequest and validate tokens.This function requests ID Token and Access Token to a OP's token endpoint, and validates the received ID Token. Returned O value is a valid.If a HTTP error has occurred or a tokens validation has failed, this function throws .d oidc-client?used to specify what are privileges requested for tokens. (use  ScopeValue) oidc-clientOptional parametersf oidc-client?used to specify what are privileges requested for tokens. (use  ScopeValue) oidc-client1used for CSRF mitigation. (recommended parameter) oidc-clientOptional parametersdefghifedghi krdlab@gmail.com experimental Safe-Inferred(uvwxyz{|}~ ,+*)('&%$#" !1423;DEFNLJHMIGKOTVUSRPQWabcdefghi;DE    !"#$%&'()**+,-./01234567789::;<=>?@ABCCDEFGHIJKLMMNOPQRSTUUVWXYZ[\]^_`abcdef gcheijklmn o [ Z X W V o p q rstustvstwstxstystzst{st|st}st}s~s~s~stststststststststststststststststststststststststststststststststststststststststststststststststst)oidc-client-0.7.0.1-7H748m6KAY6UslEE9BLgSWeb.OIDC.Client.Types"Web.OIDC.Client.Discovery.ProviderWeb.OIDC.Client.SettingsWeb.OIDC.Client.TokensWeb.OIDC.Client.IdTokenFlow!Web.OIDC.Client.Discovery.IssuersWeb.OIDC.Client.DiscoveryWeb.OIDC.Client.CodeFlowWeb.OIDC.Client.InternaldiscoverWeb.OIDC.Client SessionStoresessionStoreGeneratesessionStoreSavesessionStoreGetsessionStoreDeleteOpenIdExceptionDiscoveryExceptionInternalHttpException JsonException UnsecuredJwt JwtExceptionValidationException UnknownStateMissingNonceInResponseMismatchedNoncesCode ParametersNonceStateScope ScopeValueIssuerLocationopenIdprofileemailaddressphone offlineAccess$fExceptionOpenIdException$fShowOpenIdException ConfigurationissuerauthorizationEndpoint tokenEndpointuserinfoEndpointrevocationEndpointjwksUriresponseTypesSupportedsubjectTypesSupported idTokenSigningAlgValuesSupportedscopesSupported!tokenEndpointAuthMethodsSupportedclaimsSupported JwsAlgJson Unsupported getJwsAlgProvider configurationjwkSet$fFromJSONJwsAlgJson$fShowConfiguration$fEqConfiguration$fShowJwsAlgJson$fEqJwsAlgJson$fFromJSONConfigurationOIDCoidcAuthorizationServerUrloidcTokenEndpoint oidcClientIdoidcClientSecretoidcRedirectUri oidcProviderdefnewOIDCsetCredentials IdTokenClaimsisssubaudexpiatnonce otherClaimsTokens accessToken tokenTypeidToken idTokenJwt expiresIn refreshTokenvalidateIdToken$fFromJSONIdTokenClaims $fShowTokens $fEqTokens$fShowIdTokenClaims$fEqIdTokenClaims$fGenericIdTokenClaimsprepareAuthenticationRequestUrlgetValidIdTokenClaimsgetAuthenticationRequestUrlgooglegenerateDiscoveryUrlgetValidTokens requestTokensvalidateClaimsgetCurrentIntDatebase GHC.MaybeNothingTokensResponse textToIntrethrowparseUrl%jose-jwt-0.9.4-1L4r92UBUsbA1kfWjO3PS9 Jose.Types parseHeader encodeHeader defJweHdr defJwsHdr JwtHeader UnsecuredHJweHJwsHIntDateJose.Jwt decodeClaimsdecodeencodeJwtunJwtPayloadNestedClaimsJwsJwe JwtContent Unsecured JwtEncoding JwsEncoding JweEncodingKeyIdUTCKeyId JwsHeaderjwsKidjwsCtyjwsTypjwsAlg JweHeaderjweKidjweZipjweCtyjweTypjweEncjweAlg JwtClaimsjwtJtijwtIatjwtNbfjwtExpjwtAudjwtSubjwtIssJwtError Base64Error BadCrypto BadSignature BadClaims BadHeaderBadDotsKeyError BadAlgorithm