@wandelbots/wandelbots-js-react-components/dist/auth0-spa-js.production.esm-BcLLh1tx.cjs

React UI toolkit for building applications on top of the Wandelbots platform

"use strict";Object.defineProperty(exports,Symbol.toStringTag,{value:"Module"});function I(i,e){var t={};for(var n in i)Object.prototype.hasOwnProperty.call(i,n)&&e.indexOf(n)<0&&(t[n]=i[n]);if(i!=null&&typeof Object.getOwnPropertySymbols=="function"){var o=0;for(n=Object.getOwnPropertySymbols(i);o<n.length;o++)e.indexOf(n[o])<0&&Object.prototype.propertyIsEnumerable.call(i,n[o])&&(t[n[o]]=i[n[o]])}return t}var C=typeof globalThis<"u"?globalThis:typeof window<"u"?window:typeof global<"u"?global:typeof self<"u"?self:{};function ie(i){return i&&i.__esModule&&Object.prototype.hasOwnProperty.call(i,"default")?i.default:i}function re(i,e){return i(e={exports:{}},e.exports),e.exports}var O=re((function(i,e){Object.defineProperty(e,"__esModule",{value:!0});var t=(function(){function n(){var o=this;this.locked=new Map,this.addToLocked=function(r,a){var h=o.locked.get(r);h===void 0?a===void 0?o.locked.set(r,[]):o.locked.set(r,[a]):a!==void 0&&(h.unshift(a),o.locked.set(r,h))},this.isLocked=function(r){return o.locked.has(r)},this.lock=function(r){return new Promise((function(a,h){o.isLocked(r)?o.addToLocked(r,a):(o.addToLocked(r),a())}))},this.unlock=function(r){var a=o.locked.get(r);if(a!==void 0&&a.length!==0){var h=a.pop();o.locked.set(r,a),h!==void 0&&setTimeout(h,0)}else o.locked.delete(r)}}return n.getInstance=function(){return n.instance===void 0&&(n.instance=new n),n.instance},n})();e.default=function(){return t.getInstance()}}));ie(O);var je=ie(re((function(i,e){var t=C&&C.__awaiter||function(s,c,d,l){return new(d||(d=Promise))((function(m,y){function g(w){try{b(l.next(w))}catch(f){y(f)}}function k(w){try{b(l.throw(w))}catch(f){y(f)}}function b(w){w.done?m(w.value):new d((function(f){f(w.value)})).then(g,k)}b((l=l.apply(s,c||[])).next())}))},n=C&&C.__generator||function(s,c){var d,l,m,y,g={label:0,sent:function(){if(1&m[0])throw m[1];return m[1]},trys:[],ops:[]};return y={next:k(0),throw:k(1),return:k(2)},typeof Symbol=="function"&&(y[Symbol.iterator]=function(){return this}),y;function k(b){return function(w){return(function(f){if(d)throw new TypeError("Generator is already executing.");for(;g;)try{if(d=1,l&&(m=2&f[0]?l.return:f[0]?l.throw||((m=l.return)&&m.call(l),0):l.next)&&!(m=m.call(l,f[1])).done)return m;switch(l=0,m&&(f=[2&f[0],m.value]),f[0]){case 0:case 1:m=f;break;case 4:return g.label++,{value:f[1],done:!1};case 5:g.label++,l=f[1],f=[0];continue;case 7:f=g.ops.pop(),g.trys.pop();continue;default:if(m=g.trys,!((m=m.length>0&&m[m.length-1])||f[0]!==6&&f[0]!==2)){g=0;continue}if(f[0]===3&&(!m||f[1]>m[0]&&f[1]<m[3])){g.label=f[1];break}if(f[0]===6&&g.label<m[1]){g.label=m[1],m=f;break}if(m&&g.label<m[2]){g.label=m[2],g.ops.push(f);break}m[2]&&g.ops.pop(),g.trys.pop();continue}f=c.call(s,g)}catch(S){f=[6,S],l=0}finally{d=m=0}if(5&f[0])throw f[1];return{value:f[0]?f[1]:void 0,done:!0}})([b,w])}}},o=C;Object.defineProperty(e,"__esModule",{value:!0});var r="browser-tabs-lock-key",a={key:function(s){return t(o,void 0,void 0,(function(){return n(this,(function(c){throw new Error("Unsupported")}))}))},getItem:function(s){return t(o,void 0,void 0,(function(){return n(this,(function(c){throw new Error("Unsupported")}))}))},clear:function(){return t(o,void 0,void 0,(function(){return n(this,(function(s){return[2,window.localStorage.clear()]}))}))},removeItem:function(s){return t(o,void 0,void 0,(function(){return n(this,(function(c){throw new Error("Unsupported")}))}))},setItem:function(s,c){return t(o,void 0,void 0,(function(){return n(this,(function(d){throw new Error("Unsupported")}))}))},keySync:function(s){return window.localStorage.key(s)},getItemSync:function(s){return window.localStorage.getItem(s)},clearSync:function(){return window.localStorage.clear()},removeItemSync:function(s){return window.localStorage.removeItem(s)},setItemSync:function(s,c){return window.localStorage.setItem(s,c)}};function h(s){return new Promise((function(c){return setTimeout(c,s)}))}function u(s){for(var c="0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz",d="",l=0;l<s;l++)d+=c[Math.floor(Math.random()*c.length)];return d}var p=(function(){function s(c){this.acquiredIatSet=new Set,this.storageHandler=void 0,this.id=Date.now().toString()+u(15),this.acquireLock=this.acquireLock.bind(this),this.releaseLock=this.releaseLock.bind(this),this.releaseLock__private__=this.releaseLock__private__.bind(this),this.waitForSomethingToChange=this.waitForSomethingToChange.bind(this),this.refreshLockWhileAcquired=this.refreshLockWhileAcquired.bind(this),this.storageHandler=c,s.waiters===void 0&&(s.waiters=[])}return s.prototype.acquireLock=function(c,d){return d===void 0&&(d=5e3),t(this,void 0,void 0,(function(){var l,m,y,g,k,b,w;return n(this,(function(f){switch(f.label){case 0:l=Date.now()+u(4),m=Date.now()+d,y=r+"-"+c,g=this.storageHandler===void 0?a:this.storageHandler,f.label=1;case 1:return Date.now()<m?[4,h(30)]:[3,8];case 2:return f.sent(),g.getItemSync(y)!==null?[3,5]:(k=this.id+"-"+c+"-"+l,[4,h(Math.floor(25*Math.random()))]);case 3:return f.sent(),g.setItemSync(y,JSON.stringify({id:this.id,iat:l,timeoutKey:k,timeAcquired:Date.now(),timeRefreshed:Date.now()})),[4,h(30)];case 4:return f.sent(),(b=g.getItemSync(y))!==null&&(w=JSON.parse(b)).id===this.id&&w.iat===l?(this.acquiredIatSet.add(l),this.refreshLockWhileAcquired(y,l),[2,!0]):[3,7];case 5:return s.lockCorrector(this.storageHandler===void 0?a:this.storageHandler),[4,this.waitForSomethingToChange(m)];case 6:f.sent(),f.label=7;case 7:return l=Date.now()+u(4),[3,1];case 8:return[2,!1]}}))}))},s.prototype.refreshLockWhileAcquired=function(c,d){return t(this,void 0,void 0,(function(){var l=this;return n(this,(function(m){return setTimeout((function(){return t(l,void 0,void 0,(function(){var y,g,k;return n(this,(function(b){switch(b.label){case 0:return[4,O.default().lock(d)];case 1:return b.sent(),this.acquiredIatSet.has(d)?(y=this.storageHandler===void 0?a:this.storageHandler,(g=y.getItemSync(c))===null?(O.default().unlock(d),[2]):((k=JSON.parse(g)).timeRefreshed=Date.now(),y.setItemSync(c,JSON.stringify(k)),O.default().unlock(d),this.refreshLockWhileAcquired(c,d),[2])):(O.default().unlock(d),[2])}}))}))}),1e3),[2]}))}))},s.prototype.waitForSomethingToChange=function(c){return t(this,void 0,void 0,(function(){return n(this,(function(d){switch(d.label){case 0:return[4,new Promise((function(l){var m=!1,y=Date.now(),g=!1;function k(){if(g||(window.removeEventListener("storage",k),s.removeFromWaiting(k),clearTimeout(b),g=!0),!m){m=!0;var w=50-(Date.now()-y);w>0?setTimeout(l,w):l(null)}}window.addEventListener("storage",k),s.addToWaiting(k);var b=setTimeout(k,Math.max(0,c-Date.now()))}))];case 1:return d.sent(),[2]}}))}))},s.addToWaiting=function(c){this.removeFromWaiting(c),s.waiters!==void 0&&s.waiters.push(c)},s.removeFromWaiting=function(c){s.waiters!==void 0&&(s.waiters=s.waiters.filter((function(d){return d!==c})))},s.notifyWaiters=function(){s.waiters!==void 0&&s.waiters.slice().forEach((function(c){return c()}))},s.prototype.releaseLock=function(c){return t(this,void 0,void 0,(function(){return n(this,(function(d){switch(d.label){case 0:return[4,this.releaseLock__private__(c)];case 1:return[2,d.sent()]}}))}))},s.prototype.releaseLock__private__=function(c){return t(this,void 0,void 0,(function(){var d,l,m,y;return n(this,(function(g){switch(g.label){case 0:return d=this.storageHandler===void 0?a:this.storageHandler,l=r+"-"+c,(m=d.getItemSync(l))===null?[2]:(y=JSON.parse(m)).id!==this.id?[3,2]:[4,O.default().lock(y.iat)];case 1:g.sent(),this.acquiredIatSet.delete(y.iat),d.removeItemSync(l),O.default().unlock(y.iat),s.notifyWaiters(),g.label=2;case 2:return[2]}}))}))},s.lockCorrector=function(c){for(var d=Date.now()-5e3,l=c,m=[],y=0;;){var g=l.keySync(y);if(g===null)break;m.push(g),y++}for(var k=!1,b=0;b<m.length;b++){var w=m[b];if(w.includes(r)){var f=l.getItemSync(w);if(f!==null){var S=JSON.parse(f);(S.timeRefreshed===void 0&&S.timeAcquired<d||S.timeRefreshed!==void 0&&S.timeRefreshed<d)&&(l.removeItemSync(w),k=!0)}}}k&&s.notifyWaiters()},s.waiters=void 0,s})();e.default=p})));const Ke={timeoutInSeconds:60},be={name:"auth0-spa-js",version:"2.11.0"},ke=()=>Date.now();class v extends Error{constructor(e,t){super(t),this.error=e,this.error_description=t,Object.setPrototypeOf(this,v.prototype)}static fromPayload({error:e,error_description:t}){return new v(e,t)}}class F extends v{constructor(e,t,n,o=null){super(e,t),this.state=n,this.appState=o,Object.setPrototypeOf(this,F.prototype)}}class G extends v{constructor(e,t,n,o,r=null){super(e,t),this.connection=n,this.state=o,this.appState=r,Object.setPrototypeOf(this,G.prototype)}}class E extends v{constructor(){super("timeout","Timeout"),Object.setPrototypeOf(this,E.prototype)}}class M extends E{constructor(e){super(),this.popup=e,Object.setPrototypeOf(this,M.prototype)}}class Y extends v{constructor(e){super("cancelled","Popup closed"),this.popup=e,Object.setPrototypeOf(this,Y.prototype)}}class $ extends v{constructor(){super("popup_open","Unable to open a popup for loginWithPopup - window.open returned `null`"),Object.setPrototypeOf(this,$.prototype)}}class B extends v{constructor(e,t,n){super(e,t),this.mfa_token=n,Object.setPrototypeOf(this,B.prototype)}}class L extends v{constructor(e,t){super("missing_refresh_token",`Missing Refresh Token (audience: '${X(e,["default"])}', scope: '${X(t)}')`),this.audience=e,this.scope=t,Object.setPrototypeOf(this,L.prototype)}}class se extends v{constructor(e,t){super("missing_scopes",`Missing requested scopes after refresh (audience: '${X(e,["default"])}', missing scope: '${X(t)}')`),this.audience=e,this.scope=t,Object.setPrototypeOf(this,se.prototype)}}class Z extends v{constructor(e){super("use_dpop_nonce","Server rejected DPoP proof: wrong nonce"),this.newDpopNonce=e,Object.setPrototypeOf(this,Z.prototype)}}function X(i,e=[]){return i&&!e.includes(i)?i:""}const V=()=>window.crypto,R=()=>{const i="0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.";let e="";return Array.from(V().getRandomValues(new Uint8Array(43))).forEach((t=>e+=i[t%i.length])),e},q=i=>btoa(i),xe=[{key:"name",type:["string"]},{key:"version",type:["string","number"]},{key:"env",type:["object"]}],ze=i=>Object.keys(i).reduce(((e,t)=>{const n=xe.find((o=>o.key===t));return n&&n.type.includes(typeof i[t])&&(e[t]=i[t]),e}),{}),ne=i=>{var{clientId:e}=i,t=I(i,["clientId"]);return new URLSearchParams((n=>Object.keys(n).filter((o=>n[o]!==void 0)).reduce(((o,r)=>Object.assign(Object.assign({},o),{[r]:n[r]})),{}))(Object.assign({client_id:e},t))).toString()},ue=async i=>await V().subtle.digest({name:"SHA-256"},new TextEncoder().encode(i)),he=i=>(e=>decodeURIComponent(atob(e).split("").map((t=>"%"+("00"+t.charCodeAt(0).toString(16)).slice(-2))).join("")))(i.replace(/_/g,"/").replace(/-/g,"+")),de=i=>{const e=new Uint8Array(i);return(t=>{const n={"+":"-","/":"_","=":""};return t.replace(/[+/=]/g,(o=>n[o]))})(window.btoa(String.fromCharCode(...Array.from(e))))},Ee=new TextEncoder,Re=new TextDecoder;function D(i){return typeof i=="string"?Ee.encode(i):Re.decode(i)}function le(i){if(typeof i.modulusLength!="number"||i.modulusLength<2048)throw new De(`${i.name} modulusLength must be at least 2048 bits`)}async function Ne(i,e,t){if(t.usages.includes("sign")===!1)throw new TypeError('private CryptoKey instances used for signing assertions must include "sign" in their "usages"');const n=`${A(D(JSON.stringify(i)))}.${A(D(JSON.stringify(e)))}`;return`${n}.${A(await crypto.subtle.sign((function(o){switch(o.algorithm.name){case"ECDSA":return{name:o.algorithm.name,hash:"SHA-256"};case"RSA-PSS":return le(o.algorithm),{name:o.algorithm.name,saltLength:32};case"RSASSA-PKCS1-v1_5":return le(o.algorithm),{name:o.algorithm.name};case"Ed25519":return{name:o.algorithm.name}}throw new j})(t),t,D(n)))}`}let oe;Uint8Array.prototype.toBase64?oe=i=>(i instanceof ArrayBuffer&&(i=new Uint8Array(i)),i.toBase64({alphabet:"base64url",omitPadding:!0})):oe=e=>{e instanceof ArrayBuffer&&(e=new Uint8Array(e));const t=[];for(let n=0;n<e.byteLength;n+=32768)t.push(String.fromCharCode.apply(null,e.subarray(n,n+32768)));return btoa(t.join("")).replace(/=/g,"").replace(/\+/g,"-").replace(/\//g,"_")};function A(i){return oe(i)}class j extends Error{constructor(e){var t;super(e??"operation not supported"),this.name=this.constructor.name,(t=Error.captureStackTrace)===null||t===void 0||t.call(Error,this,this.constructor)}}class De extends Error{constructor(e){var t;super(e),this.name=this.constructor.name,(t=Error.captureStackTrace)===null||t===void 0||t.call(Error,this,this.constructor)}}function Ae(i){switch(i.algorithm.name){case"RSA-PSS":return(function(e){if(e.algorithm.hash.name==="SHA-256")return"PS256";throw new j("unsupported RsaHashedKeyAlgorithm hash name")})(i);case"RSASSA-PKCS1-v1_5":return(function(e){if(e.algorithm.hash.name==="SHA-256")return"RS256";throw new j("unsupported RsaHashedKeyAlgorithm hash name")})(i);case"ECDSA":return(function(e){if(e.algorithm.namedCurve==="P-256")return"ES256";throw new j("unsupported EcKeyAlgorithm namedCurve")})(i);case"Ed25519":return"Ed25519";default:throw new j("unsupported CryptoKey algorithm name")}}function ve(i){return i instanceof CryptoKey}function _e(i){return ve(i)&&i.type==="public"}async function Ue(i,e,t,n,o,r){const a=i==null?void 0:i.privateKey,h=i==null?void 0:i.publicKey;if(!ve(u=a)||u.type!=="private")throw new TypeError('"keypair.privateKey" must be a private CryptoKey');var u;if(!_e(h))throw new TypeError('"keypair.publicKey" must be a public CryptoKey');if(h.extractable!==!0)throw new TypeError('"keypair.publicKey.extractable" must be true');if(typeof e!="string")throw new TypeError('"htu" must be a string');if(typeof t!="string")throw new TypeError('"htm" must be a string');if(n!==void 0&&typeof n!="string")throw new TypeError('"nonce" must be a string or undefined');if(o!==void 0&&typeof o!="string")throw new TypeError('"accessToken" must be a string or undefined');return Ne({alg:Ae(a),typ:"dpop+jwt",jwk:await Se(h)},Object.assign(Object.assign({},r),{iat:Math.floor(Date.now()/1e3),jti:crypto.randomUUID(),htm:t,nonce:n,htu:e,ath:o?A(await crypto.subtle.digest("SHA-256",D(o))):void 0}),a)}async function Se(i){const{kty:e,e:t,n,x:o,y:r,crv:a}=await crypto.subtle.exportKey("jwk",i);return{kty:e,crv:a,e:t,n,x:o,y:r}}const Le=["authorization_code","refresh_token","urn:ietf:params:oauth:grant-type:token-exchange"];function Ze(){return(async function(i,e){var t;let n;if(i.length===0)throw new TypeError('"alg" must be a non-empty string');switch(i){case"PS256":n={name:"RSA-PSS",hash:"SHA-256",modulusLength:2048,publicExponent:new Uint8Array([1,0,1])};break;case"RS256":n={name:"RSASSA-PKCS1-v1_5",hash:"SHA-256",modulusLength:2048,publicExponent:new Uint8Array([1,0,1])};break;case"ES256":n={name:"ECDSA",namedCurve:"P-256"};break;case"Ed25519":n={name:"Ed25519"};break;default:throw new j}return crypto.subtle.generateKey(n,(t=e==null?void 0:e.extractable)!==null&&t!==void 0&&t,["sign","verify"])})("ES256",{extractable:!1})}function He(i){return(async function(e){if(!_e(e))throw new TypeError('"publicKey" must be a public CryptoKey');if(e.extractable!==!0)throw new TypeError('"publicKey.extractable" must be true');const t=await Se(e);let n;switch(t.kty){case"EC":n={crv:t.crv,kty:t.kty,x:t.x,y:t.y};break;case"OKP":n={crv:t.crv,kty:t.kty,x:t.x};break;case"RSA":n={e:t.e,kty:t.kty,n:t.n};break;default:throw new j("unsupported JWK kty")}return A(await crypto.subtle.digest({name:"SHA-256"},D(JSON.stringify(n))))})(i.publicKey)}function We({keyPair:i,url:e,method:t,nonce:n,accessToken:o}){const r=(function(a){const h=new URL(a);return h.search="",h.hash="",h.href})(e);return Ue(i,r,t,n,o)}const Je=async(i,e)=>{const t=await fetch(i,e);return{ok:t.ok,json:await t.json(),headers:(n=t.headers,[...n].reduce(((o,[r,a])=>(o[r]=a,o)),{}))};var n},Xe=async(i,e,t)=>{const n=new AbortController;let o;return e.signal=n.signal,Promise.race([Je(i,e),new Promise(((r,a)=>{o=setTimeout((()=>{n.abort(),a(new Error("Timeout when executing 'fetch'"))}),t)}))]).finally((()=>{clearTimeout(o)}))},Ve=async(i,e,t,n,o,r,a,h)=>{return u={auth:{audience:e,scope:t},timeout:o,fetchUrl:i,fetchOptions:n,useFormData:a,useMrrt:h},p=r,new Promise((function(s,c){const d=new MessageChannel;d.port1.onmessage=function(l){l.data.error?c(new Error(l.data.error)):s(l.data),d.port1.close()},p.postMessage(u,[d.port2])}));var u,p},Fe=async(i,e,t,n,o,r,a=1e4,h)=>o?Ve(i,e,t,n,a,o,r,h):Xe(i,n,a);async function Ie(i,e,t,n,o,r,a,h,u,p){if(u){const w=await u.generateProof({url:i,method:o.method||"GET",nonce:await u.getNonce()});o.headers=Object.assign(Object.assign({},o.headers),{dpop:w})}let s,c=null;for(let w=0;w<3;w++)try{s=await Fe(i,t,n,o,r,a,e,h),c=null;break}catch(f){c=f}if(c)throw c;const d=s.json,{error:l,error_description:m}=d,y=I(d,["error","error_description"]),{headers:g,ok:k}=s;let b;if(u&&(b=g["dpop-nonce"],b&&await u.setNonce(b)),!k){const w=m||`HTTP error. Unable to fetch ${i}`;if(l==="mfa_required")throw new B(l,w,y.mfa_token);if(l==="missing_refresh_token")throw new L(t,n);if(l==="use_dpop_nonce"){if(!u||!b||p)throw new Z(b);return Ie(i,e,t,n,o,r,a,h,u,!0)}throw new v(l||"request_error",w)}return y}async function Ge(i,e){var{baseUrl:t,timeout:n,audience:o,scope:r,auth0Client:a,useFormData:h,useMrrt:u,dpop:p}=i,s=I(i,["baseUrl","timeout","audience","scope","auth0Client","useFormData","useMrrt","dpop"]);const c=s.grant_type==="urn:ietf:params:oauth:grant-type:token-exchange",d=s.grant_type==="refresh_token"&&u,l=Object.assign(Object.assign(Object.assign(Object.assign({},s),c&&o&&{audience:o}),c&&r&&{scope:r}),d&&{audience:o,scope:r}),m=h?ne(l):JSON.stringify(l),y=(g=s.grant_type,Le.includes(g));var g;return await Ie(`${t}/oauth/token`,n,o||"default",r,{method:"POST",body:m,headers:{"Content-Type":h?"application/x-www-form-urlencoded":"application/json","Auth0-Client":btoa(JSON.stringify(ze(a||be)))}},e,h,u,y?p:void 0)}const J=(...i)=>{return(e=i.filter(Boolean).join(" ").trim().split(/\s+/),Array.from(new Set(e))).join(" ");var e},W=(i,e,t)=>{let n;return t&&(n=i[t]),n||(n=i.default),J(n,e)};class _{constructor(e,t="@@auth0spajs@@",n){this.prefix=t,this.suffix=n,this.clientId=e.clientId,this.scope=e.scope,this.audience=e.audience}toKey(){return[this.prefix,this.clientId,this.audience,this.scope,this.suffix].filter(Boolean).join("::")}static fromKey(e){const[t,n,o,r]=e.split("::");return new _({clientId:n,scope:r,audience:o},t)}static fromCacheEntry(e){const{scope:t,audience:n,client_id:o}=e;return new _({scope:t,audience:n,clientId:o})}}class Te{set(e,t){localStorage.setItem(e,JSON.stringify(t))}get(e){const t=window.localStorage.getItem(e);if(t)try{return JSON.parse(t)}catch{return}}remove(e){localStorage.removeItem(e)}allKeys(){return Object.keys(window.localStorage).filter((e=>e.startsWith("@@auth0spajs@@")))}}class ae{constructor(){this.enclosedCache=(function(){let e={};return{set(t,n){e[t]=n},get(t){const n=e[t];if(n)return n},remove(t){delete e[t]},allKeys:()=>Object.keys(e)}})()}}class Me{constructor(e,t,n){this.cache=e,this.keyManifest=t,this.nowProvider=n||ke}async setIdToken(e,t,n){var o;const r=this.getIdTokenCacheKey(e);await this.cache.set(r,{id_token:t,decodedToken:n}),await((o=this.keyManifest)===null||o===void 0?void 0:o.add(r))}async getIdToken(e){const t=await this.cache.get(this.getIdTokenCacheKey(e.clientId));if(!t&&e.scope&&e.audience){const n=await this.get(e);return!n||!n.id_token||!n.decodedToken?void 0:{id_token:n.id_token,decodedToken:n.decodedToken}}if(t)return{id_token:t.id_token,decodedToken:t.decodedToken}}async get(e,t=0,n=!1,o){var r;let a=await this.cache.get(e.toKey());if(!a){const p=await this.getCacheKeys();if(!p)return;const s=this.matchExistingCacheKey(e,p);if(s&&(a=await this.cache.get(s)),!s&&n&&o!=="cache-only")return this.getEntryWithRefreshToken(e,p)}if(!a)return;const h=await this.nowProvider(),u=Math.floor(h/1e3);return a.expiresAt-t<u?a.body.refresh_token?this.modifiedCachedEntry(a,e):(await this.cache.remove(e.toKey()),void await((r=this.keyManifest)===null||r===void 0?void 0:r.remove(e.toKey()))):a.body}async modifiedCachedEntry(e,t){return e.body={refresh_token:e.body.refresh_token,audience:e.body.audience,scope:e.body.scope},await this.cache.set(t.toKey(),e),{refresh_token:e.body.refresh_token,audience:e.body.audience,scope:e.body.scope}}async set(e){var t;const n=new _({clientId:e.client_id,scope:e.scope,audience:e.audience}),o=await this.wrapCacheEntry(e);await this.cache.set(n.toKey(),o),await((t=this.keyManifest)===null||t===void 0?void 0:t.add(n.toKey()))}async remove(e,t,n){const o=new _({clientId:e,scope:n,audience:t});await this.cache.remove(o.toKey())}async clear(e){var t;const n=await this.getCacheKeys();n&&(await n.filter((o=>!e||o.includes(e))).reduce((async(o,r)=>{await o,await this.cache.remove(r)}),Promise.resolve()),await((t=this.keyManifest)===null||t===void 0?void 0:t.clear()))}async wrapCacheEntry(e){const t=await this.nowProvider();return{body:e,expiresAt:Math.floor(t/1e3)+e.expires_in}}async getCacheKeys(){var e;return this.keyManifest?(e=await this.keyManifest.get())===null||e===void 0?void 0:e.keys:this.cache.allKeys?this.cache.allKeys():void 0}getIdTokenCacheKey(e){return new _({clientId:e},"@@auth0spajs@@","@@user@@").toKey()}matchExistingCacheKey(e,t){return t.filter((n=>{var o;const r=_.fromKey(n),a=new Set(r.scope&&r.scope.split(" ")),h=((o=e.scope)===null||o===void 0?void 0:o.split(" "))||[],u=r.scope&&h.reduce(((p,s)=>p&&a.has(s)),!0);return r.prefix==="@@auth0spajs@@"&&r.clientId===e.clientId&&r.audience===e.audience&&u}))[0]}async getEntryWithRefreshToken(e,t){var n;for(const o of t){const r=_.fromKey(o);if(r.prefix==="@@auth0spajs@@"&&r.clientId===e.clientId){const a=await this.cache.get(o);if(!((n=a==null?void 0:a.body)===null||n===void 0)&&n.refresh_token)return this.modifiedCachedEntry(a,e)}}}async updateEntry(e,t){var n;const o=await this.getCacheKeys();if(o)for(const r of o){const a=await this.cache.get(r);if(((n=a==null?void 0:a.body)===null||n===void 0?void 0:n.refresh_token)===e){const h=Object.assign(Object.assign({},a.body),{refresh_token:t});await this.set(h)}}}}class Ye{constructor(e,t,n){this.storage=e,this.clientId=t,this.cookieDomain=n,this.storageKey=`a0.spajs.txs.${this.clientId}`}create(e){this.storage.save(this.storageKey,e,{daysUntilExpire:1,cookieDomain:this.cookieDomain})}get(){return this.storage.get(this.storageKey)}remove(){this.storage.remove(this.storageKey,{cookieDomain:this.cookieDomain})}}const N=i=>typeof i=="number",$e=["iss","aud","exp","nbf","iat","jti","azp","nonce","auth_time","at_hash","c_hash","acr","amr","sub_jwk","cnf","sip_from_tag","sip_date","sip_callid","sip_cseq_num","sip_via_branch","orig","dest","mky","events","toe","txn","rph","sid","vot","vtm"],Be=i=>{if(!i.id_token)throw new Error("ID token is required but missing");const e=(r=>{const a=r.split("."),[h,u,p]=a;if(a.length!==3||!h||!u||!p)throw new Error("ID token could not be decoded");const s=JSON.parse(he(u)),c={__raw:r},d={};return Object.keys(s).forEach((l=>{c[l]=s[l],$e.includes(l)||(d[l]=s[l])})),{encoded:{header:h,payload:u,signature:p},header:JSON.parse(he(h)),claims:c,user:d}})(i.id_token);if(!e.claims.iss)throw new Error("Issuer (iss) claim must be a string present in the ID token");if(e.claims.iss!==i.iss)throw new Error(`Issuer (iss) claim mismatch in the ID token; expected "${i.iss}", found "${e.claims.iss}"`);if(!e.user.sub)throw new Error("Subject (sub) claim must be a string present in the ID token");if(e.header.alg!=="RS256")throw new Error(`Signature algorithm of "${e.header.alg}" is not supported. Expected the ID token to be signed with "RS256".`);if(!e.claims.aud||typeof e.claims.aud!="string"&&!Array.isArray(e.claims.aud))throw new Error("Audience (aud) claim must be a string or array of strings present in the ID token");if(Array.isArray(e.claims.aud)){if(!e.claims.aud.includes(i.aud))throw new Error(`Audience (aud) claim mismatch in the ID token; expected "${i.aud}" but was not one of "${e.claims.aud.join(", ")}"`);if(e.claims.aud.length>1){if(!e.claims.azp)throw new Error("Authorized Party (azp) claim must be a string present in the ID token when Audience (aud) claim has multiple values");if(e.claims.azp!==i.aud)throw new Error(`Authorized Party (azp) claim mismatch in the ID token; expected "${i.aud}", found "${e.claims.azp}"`)}}else if(e.claims.aud!==i.aud)throw new Error(`Audience (aud) claim mismatch in the ID token; expected "${i.aud}" but found "${e.claims.aud}"`);if(i.nonce){if(!e.claims.nonce)throw new Error("Nonce (nonce) claim must be a string present in the ID token");if(e.claims.nonce!==i.nonce)throw new Error(`Nonce (nonce) claim mismatch in the ID token; expected "${i.nonce}", found "${e.claims.nonce}"`)}if(i.max_age&&!N(e.claims.auth_time))throw new Error("Authentication Time (auth_time) claim must be a number present in the ID token when Max Age (max_age) is specified");if(e.claims.exp==null||!N(e.claims.exp))throw new Error("Expiration Time (exp) claim must be a number present in the ID token");if(!N(e.claims.iat))throw new Error("Issued At (iat) claim must be a number present in the ID token");const t=i.leeway||60,n=new Date(i.now||Date.now()),o=new Date(0);if(o.setUTCSeconds(e.claims.exp+t),n>o)throw new Error(`Expiration Time (exp) claim error in the ID token; current time (${n}) is after expiration time (${o})`);if(e.claims.nbf!=null&&N(e.claims.nbf)){const r=new Date(0);if(r.setUTCSeconds(e.claims.nbf-t),n<r)throw new Error(`Not Before time (nbf) claim in the ID token indicates that this token can't be used just yet. Current time (${n}) is before ${r}`)}if(e.claims.auth_time!=null&&N(e.claims.auth_time)){const r=new Date(0);if(r.setUTCSeconds(parseInt(e.claims.auth_time)+i.max_age+t),n>r)throw new Error(`Authentication Time (auth_time) claim in the ID token indicates that too much time has passed since the last end-user authentication. Current time (${n}) is after last auth at ${r}`)}if(i.organization){const r=i.organization.trim();if(r.startsWith("org_")){const a=r;if(!e.claims.org_id)throw new Error("Organization ID (org_id) claim must be a string present in the ID token");if(a!==e.claims.org_id)throw new Error(`Organization ID (org_id) claim mismatch in the ID token; expected "${a}", found "${e.claims.org_id}"`)}else{const a=r.toLowerCase();if(!e.claims.org_name)throw new Error("Organization Name (org_name) claim must be a string present in the ID token");if(a!==e.claims.org_name)throw new Error(`Organization Name (org_name) claim mismatch in the ID token; expected "${a}", found "${e.claims.org_name}"`)}}return e};var K=re((function(i,e){var t=C&&C.__assign||function(){return t=Object.assign||function(u){for(var p,s=1,c=arguments.length;s<c;s++)for(var d in p=arguments[s])Object.prototype.hasOwnProperty.call(p,d)&&(u[d]=p[d]);return u},t.apply(this,arguments)};function n(u,p){if(!p)return"";var s="; "+u;return p===!0?s:s+"="+p}function o(u,p,s){return encodeURIComponent(u).replace(/%(23|24|26|2B|5E|60|7C)/g,decodeURIComponent).replace(/\(/g,"%28").replace(/\)/g,"%29")+"="+encodeURIComponent(p).replace(/%(23|24|26|2B|3A|3C|3E|3D|2F|3F|40|5B|5D|5E|60|7B|7D|7C)/g,decodeURIComponent)+(function(c){if(typeof c.expires=="number"){var d=new Date;d.setMilliseconds(d.getMilliseconds()+864e5*c.expires),c.expires=d}return n("Expires",c.expires?c.expires.toUTCString():"")+n("Domain",c.domain)+n("Path",c.path)+n("Secure",c.secure)+n("SameSite",c.sameSite)})(s)}function r(u){for(var p={},s=u?u.split("; "):[],c=/(%[\dA-F]{2})+/gi,d=0;d<s.length;d++){var l=s[d].split("="),m=l.slice(1).join("=");m.charAt(0)==='"'&&(m=m.slice(1,-1));try{p[l[0].replace(c,decodeURIComponent)]=m.replace(c,decodeURIComponent)}catch{}}return p}function a(){return r(document.cookie)}function h(u,p,s){document.cookie=o(u,p,t({path:"/"},s))}e.__esModule=!0,e.encode=o,e.parse=r,e.getAll=a,e.get=function(u){return a()[u]},e.set=h,e.remove=function(u,p){h(u,"",t(t({},p),{expires:-1}))}}));ie(K),K.encode,K.parse,K.getAll;var qe=K.get,Pe=K.set,Oe=K.remove;const x={get(i){const e=qe(i);if(e!==void 0)return JSON.parse(e)},save(i,e,t){let n={};window.location.protocol==="https:"&&(n={secure:!0,sameSite:"none"}),t!=null&&t.daysUntilExpire&&(n.expires=t.daysUntilExpire),t!=null&&t.cookieDomain&&(n.domain=t.cookieDomain),Pe(i,JSON.stringify(e),n)},remove(i,e){let t={};e!=null&&e.cookieDomain&&(t.domain=e.cookieDomain),Oe(i,t)}},Qe={get(i){return x.get(i)||x.get(`_legacy_${i}`)},save(i,e,t){let n={};window.location.protocol==="https:"&&(n={secure:!0}),t!=null&&t.daysUntilExpire&&(n.expires=t.daysUntilExpire),t!=null&&t.cookieDomain&&(n.domain=t.cookieDomain),Pe(`_legacy_${i}`,JSON.stringify(e),n),x.save(i,e,t)},remove(i,e){let t={};e!=null&&e.cookieDomain&&(t.domain=e.cookieDomain),Oe(i,t),x.remove(i,e),x.remove(`_legacy_${i}`,e)}},et={get(i){if(typeof sessionStorage>"u")return;const e=sessionStorage.getItem(i);return e!=null?JSON.parse(e):void 0},save(i,e){sessionStorage.setItem(i,JSON.stringify(e))},remove(i){sessionStorage.removeItem(i)}};exports.ResponseType=void 0;(function(i){i.Code="code",i.ConnectCode="connect_code"})(exports.ResponseType||(exports.ResponseType={}));function tt(i,e,t){var n=e===void 0?null:e,o=(function(u,p){var s=atob(u);if(p){for(var c=new Uint8Array(s.length),d=0,l=s.length;d<l;++d)c[d]=s.charCodeAt(d);return String.fromCharCode.apply(null,new Uint16Array(c.buffer))}return s})(i,t!==void 0&&t),r=o.indexOf(`
`,10)+1,a=o.substring(r)+(n?"//# sourceMappingURL="+n:""),h=new Blob([a],{type:"application/javascript"});return URL.createObjectURL(h)}var pe,me,fe,Q,nt=(pe="Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwohZnVuY3Rpb24oKXsidXNlIHN0cmljdCI7Y2xhc3MgZSBleHRlbmRzIEVycm9ye2NvbnN0cnVjdG9yKHQscil7c3VwZXIociksdGhpcy5lcnJvcj10LHRoaXMuZXJyb3JfZGVzY3JpcHRpb249cixPYmplY3Quc2V0UHJvdG90eXBlT2YodGhpcyxlLnByb3RvdHlwZSl9c3RhdGljIGZyb21QYXlsb2FkKHtlcnJvcjp0LGVycm9yX2Rlc2NyaXB0aW9uOnJ9KXtyZXR1cm4gbmV3IGUodCxyKX19Y2xhc3MgdCBleHRlbmRzIGV7Y29uc3RydWN0b3IoZSxzKXtzdXBlcigibWlzc2luZ19yZWZyZXNoX3Rva2VuIixgTWlzc2luZyBSZWZyZXNoIFRva2VuIChhdWRpZW5jZTogJyR7cihlLFsiZGVmYXVsdCJdKX0nLCBzY29wZTogJyR7cihzKX0nKWApLHRoaXMuYXVkaWVuY2U9ZSx0aGlzLnNjb3BlPXMsT2JqZWN0LnNldFByb3RvdHlwZU9mKHRoaXMsdC5wcm90b3R5cGUpfX1mdW5jdGlvbiByKGUsdD1bXSl7cmV0dXJuIGUmJiF0LmluY2x1ZGVzKGUpP2U6IiJ9ImZ1bmN0aW9uIj09dHlwZW9mIFN1cHByZXNzZWRFcnJvciYmU3VwcHJlc3NlZEVycm9yO2NvbnN0IHM9ZT0+e3ZhcntjbGllbnRJZDp0fT1lLHI9ZnVuY3Rpb24oZSx0KXt2YXIgcj17fTtmb3IodmFyIHMgaW4gZSlPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoZSxzKSYmdC5pbmRleE9mKHMpPDAmJihyW3NdPWVbc10pO2lmKG51bGwhPWUmJiJmdW5jdGlvbiI9PXR5cGVvZiBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzKXt2YXIgbz0wO2ZvcihzPU9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMoZSk7bzxzLmxlbmd0aDtvKyspdC5pbmRleE9mKHNbb10pPDAmJk9iamVjdC5wcm90b3R5cGUucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChlLHNbb10pJiYocltzW29dXT1lW3Nbb11dKX1yZXR1cm4gcn0oZSxbImNsaWVudElkIl0pO3JldHVybiBuZXcgVVJMU2VhcmNoUGFyYW1zKChlPT5PYmplY3Qua2V5cyhlKS5maWx0ZXIoKHQ9PnZvaWQgMCE9PWVbdF0pKS5yZWR1Y2UoKCh0LHIpPT5PYmplY3QuYXNzaWduKE9iamVjdC5hc3NpZ24oe30sdCkse1tyXTplW3JdfSkpLHt9KSkoT2JqZWN0LmFzc2lnbih7Y2xpZW50X2lkOnR9LHIpKSkudG9TdHJpbmcoKX07bGV0IG89e307Y29uc3Qgbj0oZSx0KT0+YCR7ZX18JHt0fWA7YWRkRXZlbnRMaXN0ZW5lcigibWVzc2FnZSIsKGFzeW5jKHtkYXRhOnt0aW1lb3V0OmUsYXV0aDpyLGZldGNoVXJsOmksZmV0Y2hPcHRpb25zOmMsdXNlRm9ybURhdGE6YSx1c2VNcnJ0OmZ9LHBvcnRzOltwXX0pPT57bGV0IGgsdSxsPXt9O2NvbnN0e2F1ZGllbmNlOmQsc2NvcGU6eX09cnx8e307dHJ5e2NvbnN0IHI9YT8oZT0+e2NvbnN0IHQ9bmV3IFVSTFNlYXJjaFBhcmFtcyhlKSxyPXt9O3JldHVybiB0LmZvckVhY2goKChlLHQpPT57clt0XT1lfSkpLHJ9KShjLmJvZHkpOkpTT04ucGFyc2UoYy5ib2R5KTtpZighci5yZWZyZXNoX3Rva2VuJiYicmVmcmVzaF90b2tlbiI9PT1yLmdyYW50X3R5cGUpe2lmKHU9KChlLHQpPT5vW24oZSx0KV0pKGQseSksIXUmJmYpe2NvbnN0IGU9by5sYXRlc3RfcmVmcmVzaF90b2tlbix0PSgoZSx0KT0+e2NvbnN0IHI9T2JqZWN0LmtleXMobykuZmluZCgocj0+e2lmKCJsYXRlc3RfcmVmcmVzaF90b2tlbiIhPT1yKXtjb25zdCBzPSgoZSx0KT0+dC5zdGFydHNXaXRoKGAke2V9fGApKSh0LHIpLG89ci5zcGxpdCgifCIpWzFdLnNwbGl0KCIgIiksbj1lLnNwbGl0KCIgIikuZXZlcnkoKGU9Pm8uaW5jbHVkZXMoZSkpKTtyZXR1cm4gcyYmbn19KSk7cmV0dXJuISFyfSkoeSxkKTtlJiYhdCYmKHU9ZSl9aWYoIXUpdGhyb3cgbmV3IHQoZCx5KTtjLmJvZHk9YT9zKE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSxyKSx7cmVmcmVzaF90b2tlbjp1fSkpOkpTT04uc3RyaW5naWZ5KE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSxyKSx7cmVmcmVzaF90b2tlbjp1fSkpfWxldCBqLGs7ImZ1bmN0aW9uIj09dHlwZW9mIEFib3J0Q29udHJvbGxlciYmKGo9bmV3IEFib3J0Q29udHJvbGxlcixjLnNpZ25hbD1qLnNpZ25hbCk7dHJ5e2s9YXdhaXQgUHJvbWlzZS5yYWNlKFsoXz1lLG5ldyBQcm9taXNlKChlPT5zZXRUaW1lb3V0KGUsXykpKSksZmV0Y2goaSxPYmplY3QuYXNzaWduKHt9LGMpKV0pfWNhdGNoKGUpe3JldHVybiB2b2lkIHAucG9zdE1lc3NhZ2Uoe2Vycm9yOmUubWVzc2FnZX0pfWlmKCFrKXJldHVybiBqJiZqLmFib3J0KCksdm9pZCBwLnBvc3RNZXNzYWdlKHtlcnJvcjoiVGltZW91dCB3aGVuIGV4ZWN1dGluZyAnZmV0Y2gnIn0pO2c9ay5oZWFkZXJzLGw9Wy4uLmddLnJlZHVjZSgoKGUsW3Qscl0pPT4oZVt0XT1yLGUpKSx7fSksaD1hd2FpdCBrLmpzb24oKSxoLnJlZnJlc2hfdG9rZW4/KGYmJihvLmxhdGVzdF9yZWZyZXNoX3Rva2VuPWgucmVmcmVzaF90b2tlbixPPXUsYj1oLnJlZnJlc2hfdG9rZW4sT2JqZWN0LmVudHJpZXMobykuZm9yRWFjaCgoKFtlLHRdKT0+e3Q9PT1PJiYob1tlXT1iKX0pKSksKChlLHQscik9PntvW24odCxyKV09ZX0pKGgucmVmcmVzaF90b2tlbixkLHkpLGRlbGV0ZSBoLnJlZnJlc2hfdG9rZW4pOigoZSx0KT0+e2RlbGV0ZSBvW24oZSx0KV19KShkLHkpLHAucG9zdE1lc3NhZ2Uoe29rOmsub2ssanNvbjpoLGhlYWRlcnM6bH0pfWNhdGNoKGUpe3AucG9zdE1lc3NhZ2Uoe29rOiExLGpzb246e2Vycm9yOmUuZXJyb3IsZXJyb3JfZGVzY3JpcHRpb246ZS5tZXNzYWdlfSxoZWFkZXJzOmx9KX12YXIgTyxiLGcsX30pKX0oKTsKCg==",me=null,fe=!1,function(i){return Q=Q||tt(pe,me,fe),new Worker(Q,i)});const ee={};class ot{constructor(e,t){this.cache=e,this.clientId=t,this.manifestKey=this.createManifestKeyFrom(this.clientId)}async add(e){var t;const n=new Set(((t=await this.cache.get(this.manifestKey))===null||t===void 0?void 0:t.keys)||[]);n.add(e),await this.cache.set(this.manifestKey,{keys:[...n]})}async remove(e){const t=await this.cache.get(this.manifestKey);if(t){const n=new Set(t.keys);return n.delete(e),n.size>0?await this.cache.set(this.manifestKey,{keys:[...n]}):await this.cache.remove(this.manifestKey)}}get(){return this.cache.get(this.manifestKey)}clear(){return this.cache.remove(this.manifestKey)}createManifestKeyFrom(e){return`@@auth0spajs@@::${e}`}}const it={memory:()=>new ae().enclosedCache,localstorage:()=>new Te},ge=i=>it[i],ye=i=>{const{openUrl:e,onRedirect:t}=i,n=I(i,["openUrl","onRedirect"]);return Object.assign(Object.assign({},n),{openUrl:e===!1||e?e:t})},we=(i,e)=>{const t=(e==null?void 0:e.split(" "))||[];return((i==null?void 0:i.split(" "))||[]).every((n=>t.includes(n)))},P={NONCE:"nonce",KEYPAIR:"keypair"};class rt{constructor(e){this.clientId=e}getVersion(){return 1}createDbHandle(){const e=window.indexedDB.open("auth0-spa-js",this.getVersion());return new Promise(((t,n)=>{e.onupgradeneeded=()=>Object.values(P).forEach((o=>e.result.createObjectStore(o))),e.onerror=()=>n(e.error),e.onsuccess=()=>t(e.result)}))}async getDbHandle(){return this.dbHandle||(this.dbHandle=await this.createDbHandle()),this.dbHandle}async executeDbRequest(e,t,n){const o=n((await this.getDbHandle()).transaction(e,t).objectStore(e));return new Promise(((r,a)=>{o.onsuccess=()=>r(o.result),o.onerror=()=>a(o.error)}))}buildKey(e){const t=e?`_${e}`:"auth0";return`${this.clientId}::${t}`}setNonce(e,t){return this.save(P.NONCE,this.buildKey(t),e)}setKeyPair(e){return this.save(P.KEYPAIR,this.buildKey(),e)}async save(e,t,n){await this.executeDbRequest(e,"readwrite",(o=>o.put(n,t)))}findNonce(e){return this.find(P.NONCE,this.buildKey(e))}findKeyPair(){return this.find(P.KEYPAIR,this.buildKey())}find(e,t){return this.executeDbRequest(e,"readonly",(n=>n.get(t)))}async deleteBy(e,t){const n=await this.executeDbRequest(e,"readonly",(o=>o.getAllKeys()));n==null||n.filter(t).map((o=>this.executeDbRequest(e,"readwrite",(r=>r.delete(o)))))}deleteByClientId(e,t){return this.deleteBy(e,(n=>typeof n=="string"&&n.startsWith(`${t}::`)))}clearNonces(){return this.deleteByClientId(P.NONCE,this.clientId)}clearKeyPairs(){return this.deleteByClientId(P.KEYPAIR,this.clientId)}}class st{constructor(e){this.storage=new rt(e)}getNonce(e){return this.storage.findNonce(e)}setNonce(e,t){return this.storage.setNonce(e,t)}async getOrGenerateKeyPair(){let e=await this.storage.findKeyPair();return e||(e=await Ze(),await this.storage.setKeyPair(e)),e}async generateProof(e){const t=await this.getOrGenerateKeyPair();return We(Object.assign({keyPair:t},e))}async calculateThumbprint(){return He(await this.getOrGenerateKeyPair())}async clear(){await Promise.all([this.storage.clearNonces(),this.storage.clearKeyPairs()])}}var z;(function(i){i.Bearer="Bearer",i.DPoP="DPoP"})(z||(z={}));class at{constructor(e,t){this.hooks=t,this.config=Object.assign(Object.assign({},e),{fetch:e.fetch||(typeof window>"u"?fetch:window.fetch.bind(window))})}isAbsoluteUrl(e){return/^(https?:)?\/\//i.test(e)}buildUrl(e,t){if(t){if(this.isAbsoluteUrl(t))return t;if(e)return`${e.replace(/\/?\/$/,"")}/${t.replace(/^\/+/,"")}`}throw new TypeError("`url` must be absolute or `baseUrl` non-empty.")}getAccessToken(e){return this.config.getAccessToken?this.config.getAccessToken(e):this.hooks.getAccessToken(e)}extractUrl(e){return typeof e=="string"?e:e instanceof URL?e.href:e.url}buildBaseRequest(e,t){if(!this.config.baseUrl)return new Request(e,t);const n=this.buildUrl(this.config.baseUrl,this.extractUrl(e)),o=e instanceof Request?new Request(n,e):n;return new Request(o,t)}setAuthorizationHeader(e,t,n=z.Bearer){e.headers.set("authorization",`${n} ${t}`)}async setDpopProofHeader(e,t){if(!this.config.dpopNonceId)return;const n=await this.hooks.getDpopNonce(),o=await this.hooks.generateDpopProof({accessToken:t,method:e.method,nonce:n,url:e.url});e.headers.set("dpop",o)}async prepareRequest(e,t){const n=await this.getAccessToken(t);let o,r;typeof n=="string"?(o=this.config.dpopNonceId?z.DPoP:z.Bearer,r=n):(o=n.token_type,r=n.access_token),this.setAuthorizationHeader(e,r,o),o===z.DPoP&&await this.setDpopProofHeader(e,r)}getHeader(e,t){return Array.isArray(e)?new Headers(e).get(t)||"":typeof e.get=="function"?e.get(t)||"":e[t]||""}hasUseDpopNonceError(e){if(e.status!==401)return!1;const t=this.getHeader(e.headers,"www-authenticate");return t.includes("invalid_dpop_nonce")||t.includes("use_dpop_nonce")}async handleResponse(e,t){const n=this.getHeader(e.headers,"dpop-nonce");if(n&&await this.hooks.setDpopNonce(n),!this.hasUseDpopNonceError(e))return e;if(!n||!t.onUseDpopNonceError)throw new Z(n);return t.onUseDpopNonceError()}async internalFetchWithAuth(e,t,n,o){const r=this.buildBaseRequest(e,t);await this.prepareRequest(r,o);const a=await this.config.fetch(r);return this.handleResponse(a,n)}fetchWithAuth(e,t,n){const o={onUseDpopNonceError:()=>this.internalFetchWithAuth(e,t,Object.assign(Object.assign({},o),{onUseDpopNonceError:void 0}),n)};return this.internalFetchWithAuth(e,t,o,n)}}class ct{constructor(e,t){this.myAccountFetcher=e,this.apiBase=t}async connectAccount(e){const t=await this.myAccountFetcher.fetchWithAuth(`${this.apiBase}v1/connected-accounts/connect`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(e)});return this._handleResponse(t)}async completeAccount(e){const t=await this.myAccountFetcher.fetchWithAuth(`${this.apiBase}v1/connected-accounts/complete`,{method:"POST",headers:{"Content-Type":"application/json"},body:JSON.stringify(e)});return this._handleResponse(t)}async _handleResponse(e){let t;try{t=await e.text(),t=JSON.parse(t)}catch(n){throw new U({type:"invalid_json",status:e.status,title:"Invalid JSON response",detail:t||String(n)})}if(e.ok)return t;throw new U(t)}}class U extends Error{constructor({type:e,status:t,title:n,detail:o,validation_errors:r}){super(o),this.name="MyAccountApiError",this.type=e,this.status=t,this.title=n,this.detail=o,this.validation_errors=r,Object.setPrototypeOf(this,U.prototype)}}const te=new je;class ut{constructor(e){let t,n;if(this.userCache=new ae().enclosedCache,this.activeLockKeys=new Set,this.defaultOptions={authorizationParams:{scope:"openid profile email"},useRefreshTokensFallback:!1,useFormData:!0},this._releaseLockOnPageHide=async()=>{const u=Array.from(this.activeLockKeys);for(const p of u)await te.releaseLock(p);this.activeLockKeys.clear(),window.removeEventListener("pagehide",this._releaseLockOnPageHide)},this.options=Object.assign(Object.assign(Object.assign({},this.defaultOptions),e),{authorizationParams:Object.assign(Object.assign({},this.defaultOptions.authorizationParams),e.authorizationParams)}),typeof window<"u"&&(()=>{if(!V())throw new Error("For security reasons, `window.crypto` is required to run `auth0-spa-js`.");if(V().subtle===void 0)throw new Error(`
      auth0-spa-js must run on a secure origin. See https://github.com/auth0/auth0-spa-js/blob/main/FAQ.md#why-do-i-get-auth0-spa-js-must-run-on-a-secure-origin for more information.
    `)})(),e.cache&&e.cacheLocation&&console.warn("Both `cache` and `cacheLocation` options have been specified in the Auth0Client configuration; ignoring `cacheLocation` and using `cache`."),e.cache)n=e.cache;else{if(t=e.cacheLocation||"memory",!ge(t))throw new Error(`Invalid cache location "${t}"`);n=ge(t)()}this.httpTimeoutMs=e.httpTimeoutInSeconds?1e3*e.httpTimeoutInSeconds:1e4,this.cookieStorage=e.legacySameSiteCookie===!1?x:Qe,this.orgHintCookieName=`auth0.${this.options.clientId}.organization_hint`,this.isAuthenticatedCookieName=(u=>`auth0.${u}.is.authenticated`)(this.options.clientId),this.sessionCheckExpiryDays=e.sessionCheckExpiryDays||1;const o=e.useCookiesForTransactions?this.cookieStorage:et;var r;this.scope=((u,p,...s)=>{if(typeof u!="object")return{default:J(p,u,...s)};let c={default:J(p,...s)};return Object.keys(u).forEach((d=>{const l=u[d];c[d]=J(p,l,...s)})),c})(this.options.authorizationParams.scope,"openid",this.options.useRefreshTokens?"offline_access":""),this.transactionManager=new Ye(o,this.options.clientId,this.options.cookieDomain),this.nowProvider=this.options.nowProvider||ke,this.cacheManager=new Me(n,n.allKeys?void 0:new ot(n,this.options.clientId),this.nowProvider),this.dpop=this.options.useDpop?new st(this.options.clientId):void 0,this.domainUrl=(r=this.options.domain,/^https?:\/\//.test(r)?r:`https://${r}`),this.tokenIssuer=((u,p)=>u?u.startsWith("https://")?u:`https://${u}/`:`${p}/`)(this.options.issuer,this.domainUrl);const a=`${this.domainUrl}/me/`,h=this.createFetcher(Object.assign(Object.assign({},this.options.useDpop&&{dpopNonceId:"__auth0_my_account_api__"}),{getAccessToken:()=>this.getTokenSilently({authorizationParams:{scope:"create:me:connected_accounts",audience:a},detailedResponse:!0})}));this.myAccountApi=new ct(h,a),typeof window<"u"&&window.Worker&&this.options.useRefreshTokens&&t==="memory"&&(this.options.workerUrl?this.worker=new Worker(this.options.workerUrl):this.worker=new nt)}_url(e){const t=encodeURIComponent(btoa(JSON.stringify(this.options.auth0Client||be)));return`${this.domainUrl}${e}&auth0Client=${t}`}_authorizeUrl(e){return this._url(`/authorize?${ne(e)}`)}async _verifyIdToken(e,t,n){const o=await this.nowProvider();return Be({iss:this.tokenIssuer,aud:this.options.clientId,id_token:e,nonce:t,organization:n,leeway:this.options.leeway,max_age:(r=this.options.authorizationParams.max_age,typeof r!="string"?r:parseInt(r,10)||void 0),now:o});var r}_processOrgHint(e){e?this.cookieStorage.save(this.orgHintCookieName,e,{daysUntilExpire:this.sessionCheckExpiryDays,cookieDomain:this.options.cookieDomain}):this.cookieStorage.remove(this.orgHintCookieName,{cookieDomain:this.options.cookieDomain})}async _prepareAuthorizeUrl(e,t,n){var o;const r=q(R()),a=q(R()),h=R(),u=await ue(h),p=de(u),s=await((o=this.dpop)===null||o===void 0?void 0:o.calculateThumbprint()),c=((l,m,y,g,k,b,w,f,S)=>Object.assign(Object.assign(Object.assign({client_id:l.clientId},l.authorizationParams),y),{scope:W(m,y.scope,y.audience),response_type:"code",response_mode:f||"query",state:g,nonce:k,redirect_uri:w||l.authorizationParams.redirect_uri,code_challenge:b,code_challenge_method:"S256",dpop_jkt:S}))(this.options,this.scope,e,r,a,p,e.redirect_uri||this.options.authorizationParams.redirect_uri||n,t==null?void 0:t.response_mode,s),d=this._authorizeUrl(c);return{nonce:a,code_verifier:h,scope:c.scope,audience:c.audience||"default",redirect_uri:c.redirect_uri,state:r,url:d}}async loginWithPopup(e,t){var n;if(e=e||{},!(t=t||{}).popup&&(t.popup=(h=>{const u=window.screenX+(window.innerWidth-400)/2,p=window.screenY+(window.innerHeight-600)/2;return window.open(h,"auth0:authorize:popup",`left=${u},top=${p},width=400,height=600,resizable,scrollbars=yes,status=1`)})(""),!t.popup))throw new $;const o=await this._prepareAuthorizeUrl(e.authorizationParams||{},{response_mode:"web_message"},window.location.origin);t.popup.location.href=o.url;const r=await(h=>new Promise(((u,p)=>{let s;const c=setInterval((()=>{h.popup&&h.popup.closed&&(clearInterval(c),clearTimeout(d),window.removeEventListener("message",s,!1),p(new Y(h.popup)))}),1e3),d=setTimeout((()=>{clearInterval(c),p(new M(h.popup)),window.removeEventListener("message",s,!1)}),1e3*(h.timeoutInSeconds||60));s=function(l){if(l.data&&l.data.type==="authorization_response"){if(clearTimeout(d),clearInterval(c),window.removeEventListener("message",s,!1),h.popup.close(),l.data.response.error)return p(v.fromPayload(l.data.response));u(l.data.response)}},window.addEventListener("message",s)})))(Object.assign(Object.assign({},t),{timeoutInSeconds:t.timeoutInSeconds||this.options.authorizeTimeoutInSeconds||60}));if(o.state!==r.state)throw new v("state_mismatch","Invalid state");const a=((n=e.authorizationParams)===null||n===void 0?void 0:n.organization)||this.options.authorizationParams.organization;await this._requestToken({audience:o.audience,scope:o.scope,code_verifier:o.code_verifier,grant_type:"authorization_code",code:r.code,redirect_uri:o.redirect_uri},{nonceIn:o.nonce,organization:a})}async getUser(){var e;const t=await this._getIdTokenFromCache();return(e=t==null?void 0:t.decodedToken)===null||e===void 0?void 0:e.user}async getIdTokenClaims(){var e;const t=await this._getIdTokenFromCache();return(e=t==null?void 0:t.decodedToken)===null||e===void 0?void 0:e.claims}async loginWithRedirect(e={}){var t;const n=ye(e),{openUrl:o,fragment:r,appState:a}=n,h=I(n,["openUrl","fragment","appState"]),u=((t=h.authorizationParams)===null||t===void 0?void 0:t.organization)||this.options.authorizationParams.organization,p=await this._prepareAuthorizeUrl(h.authorizationParams||{}),{url:s}=p,c=I(p,["url"]);this.transactionManager.create(Object.assign(Object.assign(Object.assign({},c),{appState:a,response_type:exports.ResponseType.Code}),u&&{organization:u}));const d=r?`${s}#${r}`:s;o?await o(d):window.location.assign(d)}async handleRedirectCallback(e=window.location.href){const t=e.split("?").slice(1);if(t.length===0)throw new Error("There are no query params available for parsing.");const n=this.transactionManager.get();if(!n)throw new v("missing_transaction","Invalid state");this.transactionManager.remove();const o=(r=>{r.indexOf("#")>-1&&(r=r.substring(0,r.indexOf("#")));const a=new URLSearchParams(r);return{state:a.get("state"),code:a.get("code")||void 0,connect_code:a.get("connect_code")||void 0,error:a.get("error")||void 0,error_description:a.get("error_description")||void 0}})(t.join(""));return n.response_type===exports.ResponseType.ConnectCode?this._handleConnectAccountRedirectCallback(o,n):this._handleLoginRedirectCallback(o,n)}async _handleLoginRedirectCallback(e,t){const{code:n,state:o,error:r,error_description:a}=e;if(r)throw new F(r,a||r,o,t.appState);if(!t.code_verifier||t.state&&t.state!==o)throw new v("state_mismatch","Invalid state");const h=t.organization,u=t.nonce,p=t.redirect_uri;return await this._requestToken(Object.assign({audience:t.audience,scope:t.scope,code_verifier:t.code_verifier,grant_type:"authorization_code",code:n},p?{redirect_uri:p}:{}),{nonceIn:u,organization:h}),{appState:t.appState,response_type:exports.ResponseType.Code}}async _handleConnectAccountRedirectCallback(e,t){const{connect_code:n,state:o,error:r,error_description:a}=e;if(r)throw new G(r,a||r,t.connection,o,t.appState);if(!n)throw new v("missing_connect_code","Missing connect code");if(!(t.code_verifier&&t.state&&t.auth_session&&t.redirect_uri&&t.state===o))throw new v("state_mismatch","Invalid state");const h=await this.myAccountApi.completeAccount({auth_session:t.auth_session,connect_code:n,redirect_uri:t.redirect_uri,code_verifier:t.code_verifier});return Object.assign(Object.assign({},h),{appState:t.appState,response_type:exports.ResponseType.ConnectCode})}async checkSession(e){if(!this.cookieStorage.get(this.isAuthenticatedCookieName)){if(!this.cookieStorage.get("auth0.is.authenticated"))return;this.cookieStorage.save(this.isAuthenticatedCookieName,!0,{daysUntilExpire:this.sessionCheckExpiryDays,cookieDomain:this.options.cookieDomain}),this.cookieStorage.remove("auth0.is.authenticated")}try{await this.getTokenSilently(e)}catch{}}async getTokenSilently(e={}){var t,n;const o=Object.assign(Object.assign({cacheMode:"on"},e),{authorizationParams:Object.assign(Object.assign(Object.assign({},this.options.authorizationParams),e.authorizationParams),{scope:W(this.scope,(t=e.authorizationParams)===null||t===void 0?void 0:t.scope,((n=e.authorizationParams)===null||n===void 0?void 0:n.audience)||this.options.authorizationParams.audience)})}),r=await((a,h)=>{let u=ee[h];return u||(u=a().finally((()=>{delete ee[h],u=null})),ee[h]=u),u})((()=>this._getTokenSilently(o)),`${this.options.clientId}::${o.authorizationParams.audience}::${o.authorizationParams.scope}`);return e.detailedResponse?r:r==null?void 0:r.access_token}async _getTokenSilently(e){const{cacheMode:t}=e,n=I(e,["cacheMode"]);if(t!=="off"){const h=await this._getEntryFromCache({scope:n.authorizationParams.scope,audience:n.authorizationParams.audience||"default",clientId:this.options.clientId,cacheMode:t});if(h)return h}if(t==="cache-only")return;const o=(r=this.options.clientId,a=n.authorizationParams.audience||"default",`auth0.lock.getTokenSilently.${r}.${a}`);var r,a;if(!await(async(h,u=3)=>{for(let p=0;p<u;p++)if(await h())return!0;return!1})((()=>te.acquireLock