@auth0/auth0-spa-js 2.14.0 → 2.16.0

package/dist/auth0-spa-js.development.js

@@ -15,6 +15,297 @@
         var e = new Error(message);
         return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
     };
+    var version = "2.16.0";
+    const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;
+    const DEFAULT_POPUP_CONFIG_OPTIONS = {
+        timeoutInSeconds: DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS
+    };
+    const DEFAULT_SILENT_TOKEN_RETRY_COUNT = 3;
+    const CLEANUP_IFRAME_TIMEOUT_IN_SECONDS = 2;
+    const DEFAULT_FETCH_TIMEOUT_MS = 1e4;
+    const CACHE_LOCATION_MEMORY = "memory";
+    const MISSING_REFRESH_TOKEN_ERROR_MESSAGE = "Missing Refresh Token";
+    const INVALID_REFRESH_TOKEN_ERROR_MESSAGE = "invalid refresh token";
+    const USER_BLOCKED_ERROR_MESSAGE = "user is blocked";
+    const DEFAULT_SCOPE = "openid profile email";
+    const DEFAULT_SESSION_CHECK_EXPIRY_DAYS = 1;
+    const DEFAULT_AUTH0_CLIENT = {
+        name: "auth0-spa-js",
+        version: version
+    };
+    const DEFAULT_NOW_PROVIDER = () => Date.now();
+    const DEFAULT_AUDIENCE = "default";
+    class GenericError extends Error {
+        constructor(error, error_description) {
+            super(error_description);
+            this.error = error;
+            this.error_description = error_description;
+            Object.setPrototypeOf(this, GenericError.prototype);
+        }
+        static fromPayload(_ref) {
+            let {error: error, error_description: error_description} = _ref;
+            return new GenericError(error, error_description);
+        }
+    }
+    class AuthenticationError extends GenericError {
+        constructor(error, error_description, state) {
+            let appState = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : null;
+            super(error, error_description);
+            this.state = state;
+            this.appState = appState;
+            Object.setPrototypeOf(this, AuthenticationError.prototype);
+        }
+    }
+    class ConnectError extends GenericError {
+        constructor(error, error_description, connection, state) {
+            let appState = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : null;
+            super(error, error_description);
+            this.connection = connection;
+            this.state = state;
+            this.appState = appState;
+            Object.setPrototypeOf(this, ConnectError.prototype);
+        }
+    }
+    class TimeoutError extends GenericError {
+        constructor() {
+            super("timeout", "Timeout");
+            Object.setPrototypeOf(this, TimeoutError.prototype);
+        }
+    }
+    class PopupTimeoutError extends TimeoutError {
+        constructor(popup) {
+            super();
+            this.popup = popup;
+            Object.setPrototypeOf(this, PopupTimeoutError.prototype);
+        }
+    }
+    class PopupCancelledError extends GenericError {
+        constructor(popup) {
+            super("cancelled", "Popup closed");
+            this.popup = popup;
+            Object.setPrototypeOf(this, PopupCancelledError.prototype);
+        }
+    }
+    class PopupOpenError extends GenericError {
+        constructor() {
+            super("popup_open", "Unable to open a popup for loginWithPopup - window.open returned `null`");
+            Object.setPrototypeOf(this, PopupOpenError.prototype);
+        }
+    }
+    class MfaRequiredError extends GenericError {
+        constructor(error, error_description, mfa_token, mfa_requirements) {
+            super(error, error_description);
+            this.mfa_token = mfa_token;
+            this.mfa_requirements = mfa_requirements;
+            Object.setPrototypeOf(this, MfaRequiredError.prototype);
+        }
+    }
+    class MissingRefreshTokenError extends GenericError {
+        constructor(audience, scope) {
+            super("missing_refresh_token", "Missing Refresh Token (audience: '".concat(valueOrEmptyString(audience, [ "default" ]), "', scope: '").concat(valueOrEmptyString(scope), "')"));
+            this.audience = audience;
+            this.scope = scope;
+            Object.setPrototypeOf(this, MissingRefreshTokenError.prototype);
+        }
+    }
+    class MissingScopesError extends GenericError {
+        constructor(audience, scope) {
+            super("missing_scopes", "Missing requested scopes after refresh (audience: '".concat(valueOrEmptyString(audience, [ "default" ]), "', missing scope: '").concat(valueOrEmptyString(scope), "')"));
+            this.audience = audience;
+            this.scope = scope;
+            Object.setPrototypeOf(this, MissingScopesError.prototype);
+        }
+    }
+    class UseDpopNonceError extends GenericError {
+        constructor(newDpopNonce) {
+            super("use_dpop_nonce", "Server rejected DPoP proof: wrong nonce");
+            this.newDpopNonce = newDpopNonce;
+            Object.setPrototypeOf(this, UseDpopNonceError.prototype);
+        }
+    }
+    function valueOrEmptyString(value) {
+        let exclude = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : [];
+        return value && !exclude.includes(value) ? value : "";
+    }
+    const parseAuthenticationResult = queryString => {
+        if (queryString.indexOf("#") > -1) {
+            queryString = queryString.substring(0, queryString.indexOf("#"));
+        }
+        const searchParams = new URLSearchParams(queryString);
+        return {
+            state: searchParams.get("state"),
+            code: searchParams.get("code") || undefined,
+            connect_code: searchParams.get("connect_code") || undefined,
+            error: searchParams.get("error") || undefined,
+            error_description: searchParams.get("error_description") || undefined
+        };
+    };
+    const runIframe = function runIframe(authorizeUrl, eventOrigin) {
+        let timeoutInSeconds = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS;
+        return new Promise(((res, rej) => {
+            const iframe = window.document.createElement("iframe");
+            iframe.setAttribute("width", "0");
+            iframe.setAttribute("height", "0");
+            iframe.style.display = "none";
+            const removeIframe = () => {
+                if (window.document.body.contains(iframe)) {
+                    window.document.body.removeChild(iframe);
+                    window.removeEventListener("message", _iframeEventHandler, false);
+                }
+            };
+            let _iframeEventHandler;
+            const timeoutSetTimeoutId = setTimeout((() => {
+                rej(new TimeoutError);
+                removeIframe();
+            }), timeoutInSeconds * 1e3);
+            _iframeEventHandler = function iframeEventHandler(e) {
+                if (e.origin != eventOrigin) return;
+                if (!e.data || e.data.type !== "authorization_response") return;
+                const eventSource = e.source;
+                if (eventSource) {
+                    eventSource.close();
+                }
+                e.data.response.error ? rej(GenericError.fromPayload(e.data.response)) : res(e.data.response);
+                clearTimeout(timeoutSetTimeoutId);
+                window.removeEventListener("message", _iframeEventHandler, false);
+                setTimeout(removeIframe, CLEANUP_IFRAME_TIMEOUT_IN_SECONDS * 1e3);
+            };
+            window.addEventListener("message", _iframeEventHandler, false);
+            window.document.body.appendChild(iframe);
+            iframe.setAttribute("src", authorizeUrl);
+        }));
+    };
+    const openPopup = url => {
+        const width = 400;
+        const height = 600;
+        const left = window.screenX + (window.innerWidth - width) / 2;
+        const top = window.screenY + (window.innerHeight - height) / 2;
+        return window.open(url, "auth0:authorize:popup", "left=".concat(left, ",top=").concat(top, ",width=").concat(width, ",height=").concat(height, ",resizable,scrollbars=yes,status=1"));
+    };
+    const runPopup = config => new Promise(((resolve, reject) => {
+        let _popupEventListener;
+        const popupTimer = setInterval((() => {
+            if (config.popup && config.popup.closed) {
+                clearInterval(popupTimer);
+                clearTimeout(timeoutId);
+                window.removeEventListener("message", _popupEventListener, false);
+                reject(new PopupCancelledError(config.popup));
+            }
+        }), 1e3);
+        const timeoutId = setTimeout((() => {
+            clearInterval(popupTimer);
+            reject(new PopupTimeoutError(config.popup));
+            window.removeEventListener("message", _popupEventListener, false);
+        }), (config.timeoutInSeconds || DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS) * 1e3);
+        _popupEventListener = function popupEventListener(e) {
+            if (!e.data || e.data.type !== "authorization_response") {
+                return;
+            }
+            clearTimeout(timeoutId);
+            clearInterval(popupTimer);
+            window.removeEventListener("message", _popupEventListener, false);
+            if (config.closePopup !== false) {
+                config.popup.close();
+            }
+            if (e.data.response.error) {
+                return reject(GenericError.fromPayload(e.data.response));
+            }
+            resolve(e.data.response);
+        };
+        window.addEventListener("message", _popupEventListener);
+    }));
+    const getCrypto = () => window.crypto;
+    const createRandomString = () => {
+        const charset = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.";
+        let random = "";
+        const randomValues = Array.from(getCrypto().getRandomValues(new Uint8Array(43)));
+        randomValues.forEach((v => random += charset[v % charset.length]));
+        return random;
+    };
+    const encode$2 = value => btoa(value);
+    const stripUndefined = params => Object.keys(params).filter((k => typeof params[k] !== "undefined")).reduce(((acc, key) => Object.assign(Object.assign({}, acc), {
+        [key]: params[key]
+    })), {});
+    const ALLOWED_AUTH0CLIENT_PROPERTIES = [ {
+        key: "name",
+        type: [ "string" ]
+    }, {
+        key: "version",
+        type: [ "string", "number" ]
+    }, {
+        key: "env",
+        type: [ "object" ]
+    } ];
+    const stripAuth0Client = function stripAuth0Client(auth0Client) {
+        let excludeEnv = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : false;
+        return Object.keys(auth0Client).reduce(((acc, key) => {
+            if (excludeEnv && key === "env") {
+                return acc;
+            }
+            const allowedProperty = ALLOWED_AUTH0CLIENT_PROPERTIES.find((p => p.key === key));
+            if (allowedProperty && allowedProperty.type.includes(typeof auth0Client[key])) {
+                acc[key] = auth0Client[key];
+            }
+            return acc;
+        }), {});
+    };
+    const createQueryParams = _a => {
+        var {clientId: client_id} = _a, params = __rest(_a, [ "clientId" ]);
+        return new URLSearchParams(stripUndefined(Object.assign({
+            client_id: client_id
+        }, params))).toString();
+    };
+    const sha256 = async s => {
+        const digestOp = getCrypto().subtle.digest({
+            name: "SHA-256"
+        }, (new TextEncoder).encode(s));
+        return await digestOp;
+    };
+    const urlEncodeB64 = input => {
+        const b64Chars = {
+            "+": "-",
+            "/": "_",
+            "=": ""
+        };
+        return input.replace(/[+/=]/g, (m => b64Chars[m]));
+    };
+    const decodeB64 = input => decodeURIComponent(atob(input).split("").map((c => "%" + ("00" + c.charCodeAt(0).toString(16)).slice(-2))).join(""));
+    const urlDecodeB64 = input => decodeB64(input.replace(/_/g, "/").replace(/-/g, "+"));
+    const bufferToBase64UrlEncoded = input => {
+        const ie11SafeInput = new Uint8Array(input);
+        return urlEncodeB64(window.btoa(String.fromCharCode(...Array.from(ie11SafeInput))));
+    };
+    const validateCrypto = () => {
+        if (!getCrypto()) {
+            throw new Error("For security reasons, `window.crypto` is required to run `auth0-spa-js`.");
+        }
+        if (typeof getCrypto().subtle === "undefined") {
+            throw new Error("\n      auth0-spa-js must run on a secure origin. See https://github.com/auth0/auth0-spa-js/blob/main/FAQ.md#why-do-i-get-auth0-spa-js-must-run-on-a-secure-origin for more information.\n    ");
+        }
+    };
+    const getDomain = domainUrl => {
+        if (!/^https?:\/\//.test(domainUrl)) {
+            return "https://".concat(domainUrl);
+        }
+        return domainUrl;
+    };
+    const getTokenIssuer = (issuer, domainUrl) => {
+        if (issuer) {
+            return issuer.startsWith("https://") ? issuer : "https://".concat(issuer, "/");
+        }
+        return "".concat(domainUrl, "/");
+    };
+    const parseNumber = value => {
+        if (typeof value !== "string") {
+            return value;
+        }
+        return parseInt(value, 10) || undefined;
+    };
+    const fromEntries = iterable => [ ...iterable ].reduce(((obj, _ref) => {
+        let [key, val] = _ref;
+        obj[key] = val;
+        return obj;
+    }), {});
     var commonjsGlobal = typeof globalThis !== "undefined" ? globalThis : typeof window !== "undefined" ? window : typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : {};
     var browserTabsLock = {};
     var processLock = {};
@@ -198,628 +489,404 @@
     var processLock_1 = processLock;
     var LOCK_STORAGE_KEY = "browser-tabs-lock-key";
     var DEFAULT_STORAGE_HANDLER = {
-        key: function(index) {
-            return __awaiter(_this, void 0, void 0, (function() {
-                return __generator(this, (function(_a) {
-                    throw new Error("Unsupported");
-                }));
-            }));
-        },
-        getItem: function(key) {
-            return __awaiter(_this, void 0, void 0, (function() {
-                return __generator(this, (function(_a) {
-                    throw new Error("Unsupported");
-                }));
-            }));
-        },
-        clear: function() {
-            return __awaiter(_this, void 0, void 0, (function() {
-                return __generator(this, (function(_a) {
-                    return [ 2, window.localStorage.clear() ];
-                }));
-            }));
-        },
-        removeItem: function(key) {
-            return __awaiter(_this, void 0, void 0, (function() {
-                return __generator(this, (function(_a) {
-                    throw new Error("Unsupported");
-                }));
-            }));
-        },
-        setItem: function(key, value) {
-            return __awaiter(_this, void 0, void 0, (function() {
-                return __generator(this, (function(_a) {
-                    throw new Error("Unsupported");
-                }));
-            }));
-        },
-        keySync: function(index) {
-            return window.localStorage.key(index);
-        },
-        getItemSync: function(key) {
-            return window.localStorage.getItem(key);
-        },
-        clearSync: function() {
-            return window.localStorage.clear();
-        },
-        removeItemSync: function(key) {
-            return window.localStorage.removeItem(key);
-        },
-        setItemSync: function(key, value) {
-            return window.localStorage.setItem(key, value);
-        }
-    };
-    function delay(milliseconds) {
-        return new Promise((function(resolve) {
-            return setTimeout(resolve, milliseconds);
-        }));
-    }
-    function generateRandomString(length) {
-        var CHARS = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz";
-        var randomstring = "";
-        for (var i = 0; i < length; i++) {
-            var INDEX = Math.floor(Math.random() * CHARS.length);
-            randomstring += CHARS[INDEX];
-        }
-        return randomstring;
-    }
-    function getLockId() {
-        return Date.now().toString() + generateRandomString(15);
-    }
-    var SuperTokensLock = function() {
-        function SuperTokensLock(storageHandler) {
-            this.acquiredIatSet = new Set;
-            this.storageHandler = undefined;
-            this.id = getLockId();
-            this.acquireLock = this.acquireLock.bind(this);
-            this.releaseLock = this.releaseLock.bind(this);
-            this.releaseLock__private__ = this.releaseLock__private__.bind(this);
-            this.waitForSomethingToChange = this.waitForSomethingToChange.bind(this);
-            this.refreshLockWhileAcquired = this.refreshLockWhileAcquired.bind(this);
-            this.storageHandler = storageHandler;
-            if (SuperTokensLock.waiters === undefined) {
-                SuperTokensLock.waiters = [];
-            }
-        }
-        SuperTokensLock.prototype.acquireLock = function(lockKey, timeout) {
-            if (timeout === void 0) {
-                timeout = 5e3;
-            }
-            return __awaiter(this, void 0, void 0, (function() {
-                var iat, MAX_TIME, STORAGE_KEY, STORAGE, lockObj, TIMEOUT_KEY, lockObjPostDelay, parsedLockObjPostDelay;
-                return __generator(this, (function(_a) {
-                    switch (_a.label) {
-                      case 0:
-                        iat = Date.now() + generateRandomString(4);
-                        MAX_TIME = Date.now() + timeout;
-                        STORAGE_KEY = LOCK_STORAGE_KEY + "-" + lockKey;
-                        STORAGE = this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler;
-                        _a.label = 1;
-
-                      case 1:
-                        if (!(Date.now() < MAX_TIME)) return [ 3, 8 ];
-                        return [ 4, delay(30) ];
-
-                      case 2:
-                        _a.sent();
-                        lockObj = STORAGE.getItemSync(STORAGE_KEY);
-                        if (!(lockObj === null)) return [ 3, 5 ];
-                        TIMEOUT_KEY = this.id + "-" + lockKey + "-" + iat;
-                        return [ 4, delay(Math.floor(Math.random() * 25)) ];
-
-                      case 3:
-                        _a.sent();
-                        STORAGE.setItemSync(STORAGE_KEY, JSON.stringify({
-                            id: this.id,
-                            iat: iat,
-                            timeoutKey: TIMEOUT_KEY,
-                            timeAcquired: Date.now(),
-                            timeRefreshed: Date.now()
-                        }));
-                        return [ 4, delay(30) ];
-
-                      case 4:
-                        _a.sent();
-                        lockObjPostDelay = STORAGE.getItemSync(STORAGE_KEY);
-                        if (lockObjPostDelay !== null) {
-                            parsedLockObjPostDelay = JSON.parse(lockObjPostDelay);
-                            if (parsedLockObjPostDelay.id === this.id && parsedLockObjPostDelay.iat === iat) {
-                                this.acquiredIatSet.add(iat);
-                                this.refreshLockWhileAcquired(STORAGE_KEY, iat);
-                                return [ 2, true ];
-                            }
-                        }
-                        return [ 3, 7 ];
-
-                      case 5:
-                        SuperTokensLock.lockCorrector(this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler);
-                        return [ 4, this.waitForSomethingToChange(MAX_TIME) ];
-
-                      case 6:
-                        _a.sent();
-                        _a.label = 7;
-
-                      case 7:
-                        iat = Date.now() + generateRandomString(4);
-                        return [ 3, 1 ];
-
-                      case 8:
-                        return [ 2, false ];
-                    }
-                }));
-            }));
-        };
-        SuperTokensLock.prototype.refreshLockWhileAcquired = function(storageKey, iat) {
-            return __awaiter(this, void 0, void 0, (function() {
-                var _this = this;
-                return __generator(this, (function(_a) {
-                    setTimeout((function() {
-                        return __awaiter(_this, void 0, void 0, (function() {
-                            var STORAGE, lockObj, parsedLockObj;
-                            return __generator(this, (function(_a) {
-                                switch (_a.label) {
-                                  case 0:
-                                    return [ 4, processLock_1.default().lock(iat) ];
-
-                                  case 1:
-                                    _a.sent();
-                                    if (!this.acquiredIatSet.has(iat)) {
-                                        processLock_1.default().unlock(iat);
-                                        return [ 2 ];
-                                    }
-                                    STORAGE = this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler;
-                                    lockObj = STORAGE.getItemSync(storageKey);
-                                    if (lockObj !== null) {
-                                        parsedLockObj = JSON.parse(lockObj);
-                                        parsedLockObj.timeRefreshed = Date.now();
-                                        STORAGE.setItemSync(storageKey, JSON.stringify(parsedLockObj));
-                                        processLock_1.default().unlock(iat);
-                                    } else {
-                                        processLock_1.default().unlock(iat);
-                                        return [ 2 ];
-                                    }
-                                    this.refreshLockWhileAcquired(storageKey, iat);
-                                    return [ 2 ];
-                                }
-                            }));
-                        }));
-                    }), 1e3);
-                    return [ 2 ];
+        key: function(index) {
+            return __awaiter(_this, void 0, void 0, (function() {
+                return __generator(this, (function(_a) {
+                    throw new Error("Unsupported");
                 }));
             }));
-        };
-        SuperTokensLock.prototype.waitForSomethingToChange = function(MAX_TIME) {
-            return __awaiter(this, void 0, void 0, (function() {
+        },
+        getItem: function(key) {
+            return __awaiter(_this, void 0, void 0, (function() {
                 return __generator(this, (function(_a) {
-                    switch (_a.label) {
-                      case 0:
-                        return [ 4, new Promise((function(resolve) {
-                            var resolvedCalled = false;
-                            var startedAt = Date.now();
-                            var MIN_TIME_TO_WAIT = 50;
-                            var removedListeners = false;
-                            function stopWaiting() {
-                                if (!removedListeners) {
-                                    window.removeEventListener("storage", stopWaiting);
-                                    SuperTokensLock.removeFromWaiting(stopWaiting);
-                                    clearTimeout(timeOutId);
-                                    removedListeners = true;
-                                }
-                                if (!resolvedCalled) {
-                                    resolvedCalled = true;
-                                    var timeToWait = MIN_TIME_TO_WAIT - (Date.now() - startedAt);
-                                    if (timeToWait > 0) {
-                                        setTimeout(resolve, timeToWait);
-                                    } else {
-                                        resolve(null);
-                                    }
-                                }
-                            }
-                            window.addEventListener("storage", stopWaiting);
-                            SuperTokensLock.addToWaiting(stopWaiting);
-                            var timeOutId = setTimeout(stopWaiting, Math.max(0, MAX_TIME - Date.now()));
-                        })) ];
-
-                      case 1:
-                        _a.sent();
-                        return [ 2 ];
-                    }
+                    throw new Error("Unsupported");
                 }));
             }));
-        };
-        SuperTokensLock.addToWaiting = function(func) {
-            this.removeFromWaiting(func);
-            if (SuperTokensLock.waiters === undefined) {
-                return;
-            }
-            SuperTokensLock.waiters.push(func);
-        };
-        SuperTokensLock.removeFromWaiting = function(func) {
-            if (SuperTokensLock.waiters === undefined) {
-                return;
-            }
-            SuperTokensLock.waiters = SuperTokensLock.waiters.filter((function(i) {
-                return i !== func;
-            }));
-        };
-        SuperTokensLock.notifyWaiters = function() {
-            if (SuperTokensLock.waiters === undefined) {
-                return;
-            }
-            var waiters = SuperTokensLock.waiters.slice();
-            waiters.forEach((function(i) {
-                return i();
+        },
+        clear: function() {
+            return __awaiter(_this, void 0, void 0, (function() {
+                return __generator(this, (function(_a) {
+                    return [ 2, window.localStorage.clear() ];
+                }));
             }));
-        };
-        SuperTokensLock.prototype.releaseLock = function(lockKey) {
-            return __awaiter(this, void 0, void 0, (function() {
+        },
+        removeItem: function(key) {
+            return __awaiter(_this, void 0, void 0, (function() {
                 return __generator(this, (function(_a) {
-                    switch (_a.label) {
-                      case 0:
-                        return [ 4, this.releaseLock__private__(lockKey) ];
-
-                      case 1:
-                        return [ 2, _a.sent() ];
-                    }
+                    throw new Error("Unsupported");
                 }));
             }));
-        };
-        SuperTokensLock.prototype.releaseLock__private__ = function(lockKey) {
-            return __awaiter(this, void 0, void 0, (function() {
-                var STORAGE, STORAGE_KEY, lockObj, parsedlockObj;
+        },
+        setItem: function(key, value) {
+            return __awaiter(_this, void 0, void 0, (function() {
                 return __generator(this, (function(_a) {
-                    switch (_a.label) {
-                      case 0:
-                        STORAGE = this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler;
-                        STORAGE_KEY = LOCK_STORAGE_KEY + "-" + lockKey;
-                        lockObj = STORAGE.getItemSync(STORAGE_KEY);
-                        if (lockObj === null) {
-                            return [ 2 ];
-                        }
-                        parsedlockObj = JSON.parse(lockObj);
-                        if (!(parsedlockObj.id === this.id)) return [ 3, 2 ];
-                        return [ 4, processLock_1.default().lock(parsedlockObj.iat) ];
-
-                      case 1:
-                        _a.sent();
-                        this.acquiredIatSet.delete(parsedlockObj.iat);
-                        STORAGE.removeItemSync(STORAGE_KEY);
-                        processLock_1.default().unlock(parsedlockObj.iat);
-                        SuperTokensLock.notifyWaiters();
-                        _a.label = 2;
-
-                      case 2:
-                        return [ 2 ];
-                    }
+                    throw new Error("Unsupported");
                 }));
             }));
-        };
-        SuperTokensLock.lockCorrector = function(storageHandler) {
-            var MIN_ALLOWED_TIME = Date.now() - 5e3;
-            var STORAGE = storageHandler;
-            var KEYS = [];
-            var currIndex = 0;
-            while (true) {
-                var key = STORAGE.keySync(currIndex);
-                if (key === null) {
-                    break;
-                }
-                KEYS.push(key);
-                currIndex++;
-            }
-            var notifyWaiters = false;
-            for (var i = 0; i < KEYS.length; i++) {
-                var LOCK_KEY = KEYS[i];
-                if (LOCK_KEY.includes(LOCK_STORAGE_KEY)) {
-                    var lockObj = STORAGE.getItemSync(LOCK_KEY);
-                    if (lockObj !== null) {
-                        var parsedlockObj = JSON.parse(lockObj);
-                        if (parsedlockObj.timeRefreshed === undefined && parsedlockObj.timeAcquired < MIN_ALLOWED_TIME || parsedlockObj.timeRefreshed !== undefined && parsedlockObj.timeRefreshed < MIN_ALLOWED_TIME) {
-                            STORAGE.removeItemSync(LOCK_KEY);
-                            notifyWaiters = true;
-                        }
-                    }
-                }
-            }
-            if (notifyWaiters) {
-                SuperTokensLock.notifyWaiters();
-            }
-        };
-        SuperTokensLock.waiters = undefined;
-        return SuperTokensLock;
-    }();
-    var _default = browserTabsLock.default = SuperTokensLock;
-    var version = "2.14.0";
-    const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;
-    const DEFAULT_POPUP_CONFIG_OPTIONS = {
-        timeoutInSeconds: DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS
-    };
-    const DEFAULT_SILENT_TOKEN_RETRY_COUNT = 3;
-    const CLEANUP_IFRAME_TIMEOUT_IN_SECONDS = 2;
-    const DEFAULT_FETCH_TIMEOUT_MS = 1e4;
-    const CACHE_LOCATION_MEMORY = "memory";
-    const MISSING_REFRESH_TOKEN_ERROR_MESSAGE = "Missing Refresh Token";
-    const INVALID_REFRESH_TOKEN_ERROR_MESSAGE = "invalid refresh token";
-    const USER_BLOCKED_ERROR_MESSAGE = "user is blocked";
-    const DEFAULT_SCOPE = "openid profile email";
-    const DEFAULT_SESSION_CHECK_EXPIRY_DAYS = 1;
-    const DEFAULT_AUTH0_CLIENT = {
-        name: "auth0-spa-js",
-        version: version
-    };
-    const DEFAULT_NOW_PROVIDER = () => Date.now();
-    const DEFAULT_AUDIENCE = "default";
-    class GenericError extends Error {
-        constructor(error, error_description) {
-            super(error_description);
-            this.error = error;
-            this.error_description = error_description;
-            Object.setPrototypeOf(this, GenericError.prototype);
-        }
-        static fromPayload(_ref) {
-            let {error: error, error_description: error_description} = _ref;
-            return new GenericError(error, error_description);
-        }
-    }
-    class AuthenticationError extends GenericError {
-        constructor(error, error_description, state) {
-            let appState = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : null;
-            super(error, error_description);
-            this.state = state;
-            this.appState = appState;
-            Object.setPrototypeOf(this, AuthenticationError.prototype);
-        }
-    }
-    class ConnectError extends GenericError {
-        constructor(error, error_description, connection, state) {
-            let appState = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : null;
-            super(error, error_description);
-            this.connection = connection;
-            this.state = state;
-            this.appState = appState;
-            Object.setPrototypeOf(this, ConnectError.prototype);
-        }
-    }
-    class TimeoutError extends GenericError {
-        constructor() {
-            super("timeout", "Timeout");
-            Object.setPrototypeOf(this, TimeoutError.prototype);
-        }
-    }
-    class PopupTimeoutError extends TimeoutError {
-        constructor(popup) {
-            super();
-            this.popup = popup;
-            Object.setPrototypeOf(this, PopupTimeoutError.prototype);
-        }
-    }
-    class PopupCancelledError extends GenericError {
-        constructor(popup) {
-            super("cancelled", "Popup closed");
-            this.popup = popup;
-            Object.setPrototypeOf(this, PopupCancelledError.prototype);
-        }
-    }
-    class PopupOpenError extends GenericError {
-        constructor() {
-            super("popup_open", "Unable to open a popup for loginWithPopup - window.open returned `null`");
-            Object.setPrototypeOf(this, PopupOpenError.prototype);
-        }
-    }
-    class MfaRequiredError extends GenericError {
-        constructor(error, error_description, mfa_token, mfa_requirements) {
-            super(error, error_description);
-            this.mfa_token = mfa_token;
-            this.mfa_requirements = mfa_requirements;
-            Object.setPrototypeOf(this, MfaRequiredError.prototype);
-        }
-    }
-    class MissingRefreshTokenError extends GenericError {
-        constructor(audience, scope) {
-            super("missing_refresh_token", "Missing Refresh Token (audience: '".concat(valueOrEmptyString(audience, [ "default" ]), "', scope: '").concat(valueOrEmptyString(scope), "')"));
-            this.audience = audience;
-            this.scope = scope;
-            Object.setPrototypeOf(this, MissingRefreshTokenError.prototype);
-        }
-    }
-    class MissingScopesError extends GenericError {
-        constructor(audience, scope) {
-            super("missing_scopes", "Missing requested scopes after refresh (audience: '".concat(valueOrEmptyString(audience, [ "default" ]), "', missing scope: '").concat(valueOrEmptyString(scope), "')"));
-            this.audience = audience;
-            this.scope = scope;
-            Object.setPrototypeOf(this, MissingScopesError.prototype);
+        },
+        keySync: function(index) {
+            return window.localStorage.key(index);
+        },
+        getItemSync: function(key) {
+            return window.localStorage.getItem(key);
+        },
+        clearSync: function() {
+            return window.localStorage.clear();
+        },
+        removeItemSync: function(key) {
+            return window.localStorage.removeItem(key);
+        },
+        setItemSync: function(key, value) {
+            return window.localStorage.setItem(key, value);
         }
+    };
+    function delay(milliseconds) {
+        return new Promise((function(resolve) {
+            return setTimeout(resolve, milliseconds);
+        }));
     }
-    class UseDpopNonceError extends GenericError {
-        constructor(newDpopNonce) {
-            super("use_dpop_nonce", "Server rejected DPoP proof: wrong nonce");
-            this.newDpopNonce = newDpopNonce;
-            Object.setPrototypeOf(this, UseDpopNonceError.prototype);
+    function generateRandomString(length) {
+        var CHARS = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz";
+        var randomstring = "";
+        for (var i = 0; i < length; i++) {
+            var INDEX = Math.floor(Math.random() * CHARS.length);
+            randomstring += CHARS[INDEX];
         }
+        return randomstring;
     }
-    function valueOrEmptyString(value) {
-        let exclude = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : [];
-        return value && !exclude.includes(value) ? value : "";
+    function getLockId() {
+        return Date.now().toString() + generateRandomString(15);
     }
-    const parseAuthenticationResult = queryString => {
-        if (queryString.indexOf("#") > -1) {
-            queryString = queryString.substring(0, queryString.indexOf("#"));
+    var SuperTokensLock = function() {
+        function SuperTokensLock(storageHandler) {
+            this.acquiredIatSet = new Set;
+            this.storageHandler = undefined;
+            this.id = getLockId();
+            this.acquireLock = this.acquireLock.bind(this);
+            this.releaseLock = this.releaseLock.bind(this);
+            this.releaseLock__private__ = this.releaseLock__private__.bind(this);
+            this.waitForSomethingToChange = this.waitForSomethingToChange.bind(this);
+            this.refreshLockWhileAcquired = this.refreshLockWhileAcquired.bind(this);
+            this.storageHandler = storageHandler;
+            if (SuperTokensLock.waiters === undefined) {
+                SuperTokensLock.waiters = [];
+            }
         }
-        const searchParams = new URLSearchParams(queryString);
-        return {
-            state: searchParams.get("state"),
-            code: searchParams.get("code") || undefined,
-            connect_code: searchParams.get("connect_code") || undefined,
-            error: searchParams.get("error") || undefined,
-            error_description: searchParams.get("error_description") || undefined
-        };
-    };
-    const runIframe = function runIframe(authorizeUrl, eventOrigin) {
-        let timeoutInSeconds = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS;
-        return new Promise(((res, rej) => {
-            const iframe = window.document.createElement("iframe");
-            iframe.setAttribute("width", "0");
-            iframe.setAttribute("height", "0");
-            iframe.style.display = "none";
-            const removeIframe = () => {
-                if (window.document.body.contains(iframe)) {
-                    window.document.body.removeChild(iframe);
-                    window.removeEventListener("message", _iframeEventHandler, false);
-                }
-            };
-            let _iframeEventHandler;
-            const timeoutSetTimeoutId = setTimeout((() => {
-                rej(new TimeoutError);
-                removeIframe();
-            }), timeoutInSeconds * 1e3);
-            _iframeEventHandler = function iframeEventHandler(e) {
-                if (e.origin != eventOrigin) return;
-                if (!e.data || e.data.type !== "authorization_response") return;
-                const eventSource = e.source;
-                if (eventSource) {
-                    eventSource.close();
-                }
-                e.data.response.error ? rej(GenericError.fromPayload(e.data.response)) : res(e.data.response);
-                clearTimeout(timeoutSetTimeoutId);
-                window.removeEventListener("message", _iframeEventHandler, false);
-                setTimeout(removeIframe, CLEANUP_IFRAME_TIMEOUT_IN_SECONDS * 1e3);
-            };
-            window.addEventListener("message", _iframeEventHandler, false);
-            window.document.body.appendChild(iframe);
-            iframe.setAttribute("src", authorizeUrl);
-        }));
-    };
-    const openPopup = url => {
-        const width = 400;
-        const height = 600;
-        const left = window.screenX + (window.innerWidth - width) / 2;
-        const top = window.screenY + (window.innerHeight - height) / 2;
-        return window.open(url, "auth0:authorize:popup", "left=".concat(left, ",top=").concat(top, ",width=").concat(width, ",height=").concat(height, ",resizable,scrollbars=yes,status=1"));
-    };
-    const runPopup = config => new Promise(((resolve, reject) => {
-        let _popupEventListener;
-        const popupTimer = setInterval((() => {
-            if (config.popup && config.popup.closed) {
-                clearInterval(popupTimer);
-                clearTimeout(timeoutId);
-                window.removeEventListener("message", _popupEventListener, false);
-                reject(new PopupCancelledError(config.popup));
+        SuperTokensLock.prototype.acquireLock = function(lockKey, timeout) {
+            if (timeout === void 0) {
+                timeout = 5e3;
             }
-        }), 1e3);
-        const timeoutId = setTimeout((() => {
-            clearInterval(popupTimer);
-            reject(new PopupTimeoutError(config.popup));
-            window.removeEventListener("message", _popupEventListener, false);
-        }), (config.timeoutInSeconds || DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS) * 1e3);
-        _popupEventListener = function popupEventListener(e) {
-            if (!e.data || e.data.type !== "authorization_response") {
+            return __awaiter(this, void 0, void 0, (function() {
+                var iat, MAX_TIME, STORAGE_KEY, STORAGE, lockObj, TIMEOUT_KEY, lockObjPostDelay, parsedLockObjPostDelay;
+                return __generator(this, (function(_a) {
+                    switch (_a.label) {
+                      case 0:
+                        iat = Date.now() + generateRandomString(4);
+                        MAX_TIME = Date.now() + timeout;
+                        STORAGE_KEY = LOCK_STORAGE_KEY + "-" + lockKey;
+                        STORAGE = this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler;
+                        _a.label = 1;
+
+                      case 1:
+                        if (!(Date.now() < MAX_TIME)) return [ 3, 8 ];
+                        return [ 4, delay(30) ];
+
+                      case 2:
+                        _a.sent();
+                        lockObj = STORAGE.getItemSync(STORAGE_KEY);
+                        if (!(lockObj === null)) return [ 3, 5 ];
+                        TIMEOUT_KEY = this.id + "-" + lockKey + "-" + iat;
+                        return [ 4, delay(Math.floor(Math.random() * 25)) ];
+
+                      case 3:
+                        _a.sent();
+                        STORAGE.setItemSync(STORAGE_KEY, JSON.stringify({
+                            id: this.id,
+                            iat: iat,
+                            timeoutKey: TIMEOUT_KEY,
+                            timeAcquired: Date.now(),
+                            timeRefreshed: Date.now()
+                        }));
+                        return [ 4, delay(30) ];
+
+                      case 4:
+                        _a.sent();
+                        lockObjPostDelay = STORAGE.getItemSync(STORAGE_KEY);
+                        if (lockObjPostDelay !== null) {
+                            parsedLockObjPostDelay = JSON.parse(lockObjPostDelay);
+                            if (parsedLockObjPostDelay.id === this.id && parsedLockObjPostDelay.iat === iat) {
+                                this.acquiredIatSet.add(iat);
+                                this.refreshLockWhileAcquired(STORAGE_KEY, iat);
+                                return [ 2, true ];
+                            }
+                        }
+                        return [ 3, 7 ];
+
+                      case 5:
+                        SuperTokensLock.lockCorrector(this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler);
+                        return [ 4, this.waitForSomethingToChange(MAX_TIME) ];
+
+                      case 6:
+                        _a.sent();
+                        _a.label = 7;
+
+                      case 7:
+                        iat = Date.now() + generateRandomString(4);
+                        return [ 3, 1 ];
+
+                      case 8:
+                        return [ 2, false ];
+                    }
+                }));
+            }));
+        };
+        SuperTokensLock.prototype.refreshLockWhileAcquired = function(storageKey, iat) {
+            return __awaiter(this, void 0, void 0, (function() {
+                var _this = this;
+                return __generator(this, (function(_a) {
+                    setTimeout((function() {
+                        return __awaiter(_this, void 0, void 0, (function() {
+                            var STORAGE, lockObj, parsedLockObj;
+                            return __generator(this, (function(_a) {
+                                switch (_a.label) {
+                                  case 0:
+                                    return [ 4, processLock_1.default().lock(iat) ];
+
+                                  case 1:
+                                    _a.sent();
+                                    if (!this.acquiredIatSet.has(iat)) {
+                                        processLock_1.default().unlock(iat);
+                                        return [ 2 ];
+                                    }
+                                    STORAGE = this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler;
+                                    lockObj = STORAGE.getItemSync(storageKey);
+                                    if (lockObj !== null) {
+                                        parsedLockObj = JSON.parse(lockObj);
+                                        parsedLockObj.timeRefreshed = Date.now();
+                                        STORAGE.setItemSync(storageKey, JSON.stringify(parsedLockObj));
+                                        processLock_1.default().unlock(iat);
+                                    } else {
+                                        processLock_1.default().unlock(iat);
+                                        return [ 2 ];
+                                    }
+                                    this.refreshLockWhileAcquired(storageKey, iat);
+                                    return [ 2 ];
+                                }
+                            }));
+                        }));
+                    }), 1e3);
+                    return [ 2 ];
+                }));
+            }));
+        };
+        SuperTokensLock.prototype.waitForSomethingToChange = function(MAX_TIME) {
+            return __awaiter(this, void 0, void 0, (function() {
+                return __generator(this, (function(_a) {
+                    switch (_a.label) {
+                      case 0:
+                        return [ 4, new Promise((function(resolve) {
+                            var resolvedCalled = false;
+                            var startedAt = Date.now();
+                            var MIN_TIME_TO_WAIT = 50;
+                            var removedListeners = false;
+                            function stopWaiting() {
+                                if (!removedListeners) {
+                                    window.removeEventListener("storage", stopWaiting);
+                                    SuperTokensLock.removeFromWaiting(stopWaiting);
+                                    clearTimeout(timeOutId);
+                                    removedListeners = true;
+                                }
+                                if (!resolvedCalled) {
+                                    resolvedCalled = true;
+                                    var timeToWait = MIN_TIME_TO_WAIT - (Date.now() - startedAt);
+                                    if (timeToWait > 0) {
+                                        setTimeout(resolve, timeToWait);
+                                    } else {
+                                        resolve(null);
+                                    }
+                                }
+                            }
+                            window.addEventListener("storage", stopWaiting);
+                            SuperTokensLock.addToWaiting(stopWaiting);
+                            var timeOutId = setTimeout(stopWaiting, Math.max(0, MAX_TIME - Date.now()));
+                        })) ];
+
+                      case 1:
+                        _a.sent();
+                        return [ 2 ];
+                    }
+                }));
+            }));
+        };
+        SuperTokensLock.addToWaiting = function(func) {
+            this.removeFromWaiting(func);
+            if (SuperTokensLock.waiters === undefined) {
                 return;
             }
-            clearTimeout(timeoutId);
-            clearInterval(popupTimer);
-            window.removeEventListener("message", _popupEventListener, false);
-            if (config.closePopup !== false) {
-                config.popup.close();
+            SuperTokensLock.waiters.push(func);
+        };
+        SuperTokensLock.removeFromWaiting = function(func) {
+            if (SuperTokensLock.waiters === undefined) {
+                return;
             }
-            if (e.data.response.error) {
-                return reject(GenericError.fromPayload(e.data.response));
+            SuperTokensLock.waiters = SuperTokensLock.waiters.filter((function(i) {
+                return i !== func;
+            }));
+        };
+        SuperTokensLock.notifyWaiters = function() {
+            if (SuperTokensLock.waiters === undefined) {
+                return;
             }
-            resolve(e.data.response);
+            var waiters = SuperTokensLock.waiters.slice();
+            waiters.forEach((function(i) {
+                return i();
+            }));
         };
-        window.addEventListener("message", _popupEventListener);
-    }));
-    const getCrypto = () => window.crypto;
-    const createRandomString = () => {
-        const charset = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.";
-        let random = "";
-        const randomValues = Array.from(getCrypto().getRandomValues(new Uint8Array(43)));
-        randomValues.forEach((v => random += charset[v % charset.length]));
-        return random;
-    };
-    const encode$2 = value => btoa(value);
-    const stripUndefined = params => Object.keys(params).filter((k => typeof params[k] !== "undefined")).reduce(((acc, key) => Object.assign(Object.assign({}, acc), {
-        [key]: params[key]
-    })), {});
-    const ALLOWED_AUTH0CLIENT_PROPERTIES = [ {
-        key: "name",
-        type: [ "string" ]
-    }, {
-        key: "version",
-        type: [ "string", "number" ]
-    }, {
-        key: "env",
-        type: [ "object" ]
-    } ];
-    const stripAuth0Client = function stripAuth0Client(auth0Client) {
-        let excludeEnv = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : false;
-        return Object.keys(auth0Client).reduce(((acc, key) => {
-            if (excludeEnv && key === "env") {
-                return acc;
+        SuperTokensLock.prototype.releaseLock = function(lockKey) {
+            return __awaiter(this, void 0, void 0, (function() {
+                return __generator(this, (function(_a) {
+                    switch (_a.label) {
+                      case 0:
+                        return [ 4, this.releaseLock__private__(lockKey) ];
+
+                      case 1:
+                        return [ 2, _a.sent() ];
+                    }
+                }));
+            }));
+        };
+        SuperTokensLock.prototype.releaseLock__private__ = function(lockKey) {
+            return __awaiter(this, void 0, void 0, (function() {
+                var STORAGE, STORAGE_KEY, lockObj, parsedlockObj;
+                return __generator(this, (function(_a) {
+                    switch (_a.label) {
+                      case 0:
+                        STORAGE = this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler;
+                        STORAGE_KEY = LOCK_STORAGE_KEY + "-" + lockKey;
+                        lockObj = STORAGE.getItemSync(STORAGE_KEY);
+                        if (lockObj === null) {
+                            return [ 2 ];
+                        }
+                        parsedlockObj = JSON.parse(lockObj);
+                        if (!(parsedlockObj.id === this.id)) return [ 3, 2 ];
+                        return [ 4, processLock_1.default().lock(parsedlockObj.iat) ];
+
+                      case 1:
+                        _a.sent();
+                        this.acquiredIatSet.delete(parsedlockObj.iat);
+                        STORAGE.removeItemSync(STORAGE_KEY);
+                        processLock_1.default().unlock(parsedlockObj.iat);
+                        SuperTokensLock.notifyWaiters();
+                        _a.label = 2;
+
+                      case 2:
+                        return [ 2 ];
+                    }
+                }));
+            }));
+        };
+        SuperTokensLock.lockCorrector = function(storageHandler) {
+            var MIN_ALLOWED_TIME = Date.now() - 5e3;
+            var STORAGE = storageHandler;
+            var KEYS = [];
+            var currIndex = 0;
+            while (true) {
+                var key = STORAGE.keySync(currIndex);
+                if (key === null) {
+                    break;
+                }
+                KEYS.push(key);
+                currIndex++;
             }
-            const allowedProperty = ALLOWED_AUTH0CLIENT_PROPERTIES.find((p => p.key === key));
-            if (allowedProperty && allowedProperty.type.includes(typeof auth0Client[key])) {
-                acc[key] = auth0Client[key];
+            var notifyWaiters = false;
+            for (var i = 0; i < KEYS.length; i++) {
+                var LOCK_KEY = KEYS[i];
+                if (LOCK_KEY.includes(LOCK_STORAGE_KEY)) {
+                    var lockObj = STORAGE.getItemSync(LOCK_KEY);
+                    if (lockObj !== null) {
+                        var parsedlockObj = JSON.parse(lockObj);
+                        if (parsedlockObj.timeRefreshed === undefined && parsedlockObj.timeAcquired < MIN_ALLOWED_TIME || parsedlockObj.timeRefreshed !== undefined && parsedlockObj.timeRefreshed < MIN_ALLOWED_TIME) {
+                            STORAGE.removeItemSync(LOCK_KEY);
+                            notifyWaiters = true;
+                        }
+                    }
+                }
+            }
+            if (notifyWaiters) {
+                SuperTokensLock.notifyWaiters();
             }
-            return acc;
-        }), {});
-    };
-    const createQueryParams = _a => {
-        var {clientId: client_id} = _a, params = __rest(_a, [ "clientId" ]);
-        return new URLSearchParams(stripUndefined(Object.assign({
-            client_id: client_id
-        }, params))).toString();
-    };
-    const sha256 = async s => {
-        const digestOp = getCrypto().subtle.digest({
-            name: "SHA-256"
-        }, (new TextEncoder).encode(s));
-        return await digestOp;
-    };
-    const urlEncodeB64 = input => {
-        const b64Chars = {
-            "+": "-",
-            "/": "_",
-            "=": ""
         };
-        return input.replace(/[+/=]/g, (m => b64Chars[m]));
-    };
-    const decodeB64 = input => decodeURIComponent(atob(input).split("").map((c => "%" + ("00" + c.charCodeAt(0).toString(16)).slice(-2))).join(""));
-    const urlDecodeB64 = input => decodeB64(input.replace(/_/g, "/").replace(/-/g, "+"));
-    const bufferToBase64UrlEncoded = input => {
-        const ie11SafeInput = new Uint8Array(input);
-        return urlEncodeB64(window.btoa(String.fromCharCode(...Array.from(ie11SafeInput))));
-    };
-    const validateCrypto = () => {
-        if (!getCrypto()) {
-            throw new Error("For security reasons, `window.crypto` is required to run `auth0-spa-js`.");
-        }
-        if (typeof getCrypto().subtle === "undefined") {
-            throw new Error("\n      auth0-spa-js must run on a secure origin. See https://github.com/auth0/auth0-spa-js/blob/main/FAQ.md#why-do-i-get-auth0-spa-js-must-run-on-a-secure-origin for more information.\n    ");
+        SuperTokensLock.waiters = undefined;
+        return SuperTokensLock;
+    }();
+    var _default = browserTabsLock.default = SuperTokensLock;
+    class WebLocksApiManager {
+        async runWithLock(key, timeout, callback) {
+            const controller = new AbortController;
+            const timeoutId = setTimeout((() => controller.abort()), timeout);
+            try {
+                return await navigator.locks.request(key, {
+                    mode: "exclusive",
+                    signal: controller.signal
+                }, (async lock => {
+                    clearTimeout(timeoutId);
+                    if (!lock) throw new Error("Lock not available");
+                    return await callback();
+                }));
+            } catch (error) {
+                clearTimeout(timeoutId);
+                if ((error === null || error === void 0 ? void 0 : error.name) === "AbortError") throw new TimeoutError;
+                throw error;
+            }
         }
-    };
-    const getDomain = domainUrl => {
-        if (!/^https?:\/\//.test(domainUrl)) {
-            return "https://".concat(domainUrl);
+    }
+    class LegacyLockManager {
+        constructor() {
+            this.activeLocks = new Set;
+            this.lock = new _default;
+            this.pagehideHandler = () => {
+                this.activeLocks.forEach((key => this.lock.releaseLock(key)));
+                this.activeLocks.clear();
+            };
         }
-        return domainUrl;
-    };
-    const getTokenIssuer = (issuer, domainUrl) => {
-        if (issuer) {
-            return issuer.startsWith("https://") ? issuer : "https://".concat(issuer, "/");
+        async runWithLock(key, timeout, callback) {
+            const retryAttempts = 10;
+            let acquired = false;
+            for (let i = 0; i < retryAttempts && !acquired; i++) {
+                acquired = await this.lock.acquireLock(key, timeout);
+            }
+            if (!acquired) {
+                throw new TimeoutError;
+            }
+            this.activeLocks.add(key);
+            if (this.activeLocks.size === 1 && typeof window !== "undefined") {
+                window.addEventListener("pagehide", this.pagehideHandler);
+            }
+            try {
+                return await callback();
+            } finally {
+                this.activeLocks.delete(key);
+                await this.lock.releaseLock(key);
+                if (this.activeLocks.size === 0 && typeof window !== "undefined") {
+                    window.removeEventListener("pagehide", this.pagehideHandler);
+                }
+            }
         }
-        return "".concat(domainUrl, "/");
-    };
-    const parseNumber = value => {
-        if (typeof value !== "string") {
-            return value;
+    }
+    function isWebLocksSupported() {
+        var _a;
+        return typeof navigator !== "undefined" && typeof ((_a = navigator.locks) === null || _a === void 0 ? void 0 : _a.request) === "function";
+    }
+    function createLockManager() {
+        return isWebLocksSupported() ? new WebLocksApiManager : new LegacyLockManager;
+    }
+    let lockManager = null;
+    function getLockManager() {
+        if (!lockManager) {
+            lockManager = createLockManager();
         }
-        return parseInt(value, 10) || undefined;
-    };
-    const fromEntries = iterable => [ ...iterable ].reduce(((obj, _ref) => {
-        let [key, val] = _ref;
-        obj[key] = val;
-        return obj;
-    }), {});
+        return lockManager;
+    }
     const encoder$2 = new TextEncoder;
     const decoder$2 = new TextDecoder;
     function buf$1(input) {
@@ -1535,10 +1602,8 @@
             for (const key of allKeys) {
                 const entry = await this.cache.get(key);
                 if (((_a = entry === null || entry === void 0 ? void 0 : entry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) === oldRefreshToken) {
-                    const cacheEntry = Object.assign(Object.assign({}, entry.body), {
-                        refresh_token: newRefreshToken
-                    });
-                    await this.set(cacheEntry);
+                    entry.body.refresh_token = newRefreshToken;
+                    await this.cache.set(key, entry);
                 }
             }
         }
@@ -1889,15 +1954,6 @@
         }
         return promise;
     };
-    const retryPromise = async function retryPromise(cb) {
-        let maxNumberOfRetries = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : 3;
-        for (let i = 0; i < maxNumberOfRetries; i++) {
-            if (await cb()) {
-                return true;
-            }
-        }
-        return false;
-    };
     class CacheKeyManifest {
         constructor(cache, clientId) {
             this.cache = cache;
@@ -7356,11 +7412,9 @@
             }
         }
     }
-    const lock = new _default;
     class Auth0Client {
         constructor(options) {
             this.userCache = (new InMemoryCache).enclosedCache;
-            this.activeLockKeys = new Set;
             this.defaultOptions = {
                 authorizationParams: {
                     scope: DEFAULT_SCOPE
@@ -7368,18 +7422,11 @@
                 useRefreshTokensFallback: false,
                 useFormData: true
             };
-            this._releaseLockOnPageHide = async () => {
-                const lockKeysToRelease = Array.from(this.activeLockKeys);
-                for (const lockKey of lockKeysToRelease) {
-                    await lock.releaseLock(lockKey);
-                }
-                this.activeLockKeys.clear();
-                window.removeEventListener("pagehide", this._releaseLockOnPageHide);
-            };
             this.options = Object.assign(Object.assign(Object.assign({}, this.defaultOptions), options), {
                 authorizationParams: Object.assign(Object.assign({}, this.defaultOptions.authorizationParams), options.authorizationParams)
             });
             typeof window !== "undefined" && validateCrypto();
+            this.lockManager = getLockManager();
             if (options.cache && options.cacheLocation) {
                 console.warn("Both `cache` and `cacheLocation` options have been specified in the Auth0Client configuration; ignoring `cacheLocation` and using `cache`.");
             }
@@ -7668,12 +7715,8 @@
                 return;
             }
             const lockKey = buildGetTokenSilentlyLockKey(this.options.clientId, getTokenOptions.authorizationParams.audience || "default");
-            if (await retryPromise((() => lock.acquireLock(lockKey, 5e3)), 10)) {
-                this.activeLockKeys.add(lockKey);
-                if (this.activeLockKeys.size === 1) {
-                    window.addEventListener("pagehide", this._releaseLockOnPageHide);
-                }
-                try {
+            try {
+                return await this.lockManager.runWithLock(lockKey, 5e3, (async () => {
                     if (cacheMode !== "off") {
                         const entry = await this._getEntryFromCache({
                             scope: getTokenOptions.authorizationParams.scope,
@@ -7695,15 +7738,33 @@
                     } : null), {
                         expires_in: expires_in
                     });
-                } finally {
-                    await lock.releaseLock(lockKey);
-                    this.activeLockKeys.delete(lockKey);
-                    if (this.activeLockKeys.size === 0) {
-                        window.removeEventListener("pagehide", this._releaseLockOnPageHide);
-                    }
+                }));
+            } catch (error) {
+                if (this._isInteractiveError(error) && this.options.interactiveErrorHandler === "popup") {
+                    return await this._handleInteractiveErrorWithPopup(getTokenOptions);
                 }
-            } else {
-                throw new TimeoutError;
+                throw error;
+            }
+        }
+        _isInteractiveError(error) {
+            return error instanceof MfaRequiredError;
+        }
+        async _handleInteractiveErrorWithPopup(options) {
+            try {
+                await this.loginWithPopup({
+                    authorizationParams: options.authorizationParams
+                });
+                const entry = await this._getEntryFromCache({
+                    scope: options.authorizationParams.scope,
+                    audience: options.authorizationParams.audience || DEFAULT_AUDIENCE,
+                    clientId: this.options.clientId
+                });
+                if (!entry) {
+                    throw new GenericError("interactive_handler_cache_miss", "Token not found in cache after interactive authentication");
+                }
+                return entry;
+            } catch (error) {
+                throw error;
             }
         }
         async getTokenWithPopup() {
@@ -7767,8 +7828,8 @@
         }
         async _getTokenFromIFrame(options) {
             const iframeLockKey = buildIframeLockKey(this.options.clientId);
-            if (await retryPromise((() => lock.acquireLock(iframeLockKey, 5e3)), 10)) {
-                try {
+            try {
+                return await this.lockManager.runWithLock(iframeLockKey, 5e3, (async () => {
                     const params = Object.assign(Object.assign({}, options.authorizationParams), {
                         prompt: "none"
                     });
@@ -7808,18 +7869,14 @@
                         oauthTokenScope: tokenResult.scope,
                         audience: audience
                     });
-                } catch (e) {
-                    if (e.error === "login_required") {
-                        this.logout({
-                            openUrl: false
-                        });
-                    }
-                    throw e;
-                } finally {
-                    await lock.releaseLock(iframeLockKey);
+                }));
+            } catch (e) {
+                if (e.error === "login_required") {
+                    this.logout({
+                        openUrl: false
+                    });
                 }
-            } else {
-                throw new TimeoutError;
+                throw e;
             }
         }
         async _getTokenUsingRefreshToken(options) {