@auth0/auth0-spa-js 2.14.0 → 2.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (20) hide show
  1. package/README.md +1 -1
  2. package/dist/auth0-spa-js.development.js +698 -641
  3. package/dist/auth0-spa-js.development.js.map +1 -1
  4. package/dist/auth0-spa-js.production.esm.js +1 -1
  5. package/dist/auth0-spa-js.production.esm.js.map +1 -1
  6. package/dist/auth0-spa-js.production.js +1 -1
  7. package/dist/auth0-spa-js.production.js.map +1 -1
  8. package/dist/lib/auth0-spa-js.cjs.js +888 -827
  9. package/dist/lib/auth0-spa-js.cjs.js.map +1 -1
  10. package/dist/typings/Auth0Client.d.ts +11 -8
  11. package/dist/typings/cache/cache-manager.d.ts +9 -5
  12. package/dist/typings/global.d.ts +21 -0
  13. package/dist/typings/lock.d.ts +32 -0
  14. package/dist/typings/version.d.ts +1 -1
  15. package/package.json +1 -1
  16. package/src/Auth0Client.ts +144 -124
  17. package/src/cache/cache-manager.ts +11 -11
  18. package/src/global.ts +22 -0
  19. package/src/lock.ts +141 -0
  20. package/src/version.ts +1 -1
package/dist/lib/auth0-spa-js.cjs.js CHANGED
@@ -18,877 +18,950 @@ typeof SuppressedError === "function" ? SuppressedError : function(error, suppre
18
18
  return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
19
19
  };
20
20
 
21
- var commonjsGlobal = typeof globalThis !== "undefined" ? globalThis : typeof window !== "undefined" ? window : typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : {};
21
+ var version = "2.16.0";
22
22
 
23
- var browserTabsLock = {};
23
+ const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;
24
24
 
25
- var processLock = {};
25
+ const DEFAULT_POPUP_CONFIG_OPTIONS = {
26
+ timeoutInSeconds: DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS
27
+ };
26
28
 
27
- Object.defineProperty(processLock, "__esModule", {
28
- value: true
29
- });
29
+ const DEFAULT_SILENT_TOKEN_RETRY_COUNT = 3;
30
30
 
31
- var ProcessLocking = function() {
32
- function ProcessLocking() {
33
- var _this = this;
34
- this.locked = new Map;
35
- this.addToLocked = function(key, toAdd) {
36
- var callbacks = _this.locked.get(key);
37
- if (callbacks === undefined) {
38
- if (toAdd === undefined) {
39
- _this.locked.set(key, []);
40
- } else {
41
- _this.locked.set(key, [ toAdd ]);
42
- }
43
- } else {
44
- if (toAdd !== undefined) {
45
- callbacks.unshift(toAdd);
46
- _this.locked.set(key, callbacks);
47
- }
48
- }
49
- };
50
- this.isLocked = function(key) {
51
- return _this.locked.has(key);
52
- };
53
- this.lock = function(key) {
54
- return new Promise((function(resolve, reject) {
55
- if (_this.isLocked(key)) {
56
- _this.addToLocked(key, resolve);
57
- } else {
58
- _this.addToLocked(key);
59
- resolve();
60
- }
61
- }));
62
- };
63
- this.unlock = function(key) {
64
- var callbacks = _this.locked.get(key);
65
- if (callbacks === undefined || callbacks.length === 0) {
66
- _this.locked.delete(key);
67
- return;
68
- }
69
- var toCall = callbacks.pop();
70
- _this.locked.set(key, callbacks);
71
- if (toCall !== undefined) {
72
- setTimeout(toCall, 0);
73
- }
74
- };
75
- }
76
- ProcessLocking.getInstance = function() {
77
- if (ProcessLocking.instance === undefined) {
78
- ProcessLocking.instance = new ProcessLocking;
79
- }
80
- return ProcessLocking.instance;
81
- };
82
- return ProcessLocking;
83
- }();
31
+ const CLEANUP_IFRAME_TIMEOUT_IN_SECONDS = 2;
84
32
 
85
- function getLock() {
86
- return ProcessLocking.getInstance();
87
- }
33
+ const DEFAULT_FETCH_TIMEOUT_MS = 1e4;
88
34
 
89
- processLock.default = getLock;
35
+ const CACHE_LOCATION_MEMORY = "memory";
90
36
 
91
- var __awaiter = commonjsGlobal && commonjsGlobal.__awaiter || function(thisArg, _arguments, P, generator) {
92
- return new (P || (P = Promise))((function(resolve, reject) {
93
- function fulfilled(value) {
94
- try {
95
- step(generator.next(value));
96
- } catch (e) {
97
- reject(e);
98
- }
99
- }
100
- function rejected(value) {
101
- try {
102
- step(generator["throw"](value));
103
- } catch (e) {
104
- reject(e);
105
- }
106
- }
107
- function step(result) {
108
- result.done ? resolve(result.value) : new P((function(resolve) {
109
- resolve(result.value);
110
- })).then(fulfilled, rejected);
111
- }
112
- step((generator = generator.apply(thisArg, _arguments || [])).next());
113
- }));
37
+ const MISSING_REFRESH_TOKEN_ERROR_MESSAGE = "Missing Refresh Token";
38
+
39
+ const INVALID_REFRESH_TOKEN_ERROR_MESSAGE = "invalid refresh token";
40
+
41
+ const USER_BLOCKED_ERROR_MESSAGE = "user is blocked";
42
+
43
+ const DEFAULT_SCOPE = "openid profile email";
44
+
45
+ const DEFAULT_SESSION_CHECK_EXPIRY_DAYS = 1;
46
+
47
+ const DEFAULT_AUTH0_CLIENT = {
48
+ name: "auth0-spa-js",
49
+ version: version
114
50
  };
115
51
 
116
- var __generator = commonjsGlobal && commonjsGlobal.__generator || function(thisArg, body) {
117
- var _ = {
118
- label: 0,
119
- sent: function() {
120
- if (t[0] & 1) throw t[1];
121
- return t[1];
122
- },
123
- trys: [],
124
- ops: []
125
- }, f, y, t, g;
126
- return g = {
127
- next: verb(0),
128
- throw: verb(1),
129
- return: verb(2)
130
- }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
131
- return this;
132
- }), g;
133
- function verb(n) {
134
- return function(v) {
135
- return step([ n, v ]);
136
- };
137
- }
138
- function step(op) {
139
- if (f) throw new TypeError("Generator is already executing.");
140
- while (_) try {
141
- if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y),
142
- 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
143
- if (y = 0, t) op = [ op[0] & 2, t.value ];
144
- switch (op[0]) {
145
- case 0:
146
- case 1:
147
- t = op;
148
- break;
52
+ const DEFAULT_NOW_PROVIDER = () => Date.now();
149
53
 
150
- case 4:
151
- _.label++;
152
- return {
153
- value: op[1],
154
- done: false
155
- };
54
+ const DEFAULT_AUDIENCE = "default";
156
55
 
157
- case 5:
158
- _.label++;
159
- y = op[1];
160
- op = [ 0 ];
161
- continue;
56
+ class GenericError extends Error {
57
+ constructor(error, error_description) {
58
+ super(error_description);
59
+ this.error = error;
60
+ this.error_description = error_description;
61
+ Object.setPrototypeOf(this, GenericError.prototype);
62
+ }
63
+ static fromPayload(_ref) {
64
+ let {error: error, error_description: error_description} = _ref;
65
+ return new GenericError(error, error_description);
66
+ }
67
+ }
162
68
 
163
- case 7:
164
- op = _.ops.pop();
165
- _.trys.pop();
166
- continue;
69
+ class AuthenticationError extends GenericError {
70
+ constructor(error, error_description, state) {
71
+ let appState = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : null;
72
+ super(error, error_description);
73
+ this.state = state;
74
+ this.appState = appState;
75
+ Object.setPrototypeOf(this, AuthenticationError.prototype);
76
+ }
77
+ }
167
78
 
168
- default:
169
- if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
170
- _ = 0;
171
- continue;
172
- }
173
- if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
174
- _.label = op[1];
175
- break;
176
- }
177
- if (op[0] === 6 && _.label < t[1]) {
178
- _.label = t[1];
179
- t = op;
180
- break;
181
- }
182
- if (t && _.label < t[2]) {
183
- _.label = t[2];
184
- _.ops.push(op);
185
- break;
186
- }
187
- if (t[2]) _.ops.pop();
188
- _.trys.pop();
189
- continue;
190
- }
191
- op = body.call(thisArg, _);
192
- } catch (e) {
193
- op = [ 6, e ];
194
- y = 0;
195
- } finally {
196
- f = t = 0;
197
- }
198
- if (op[0] & 5) throw op[1];
199
- return {
200
- value: op[0] ? op[1] : void 0,
201
- done: true
202
- };
79
+ class ConnectError extends GenericError {
80
+ constructor(error, error_description, connection, state) {
81
+ let appState = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : null;
82
+ super(error, error_description);
83
+ this.connection = connection;
84
+ this.state = state;
85
+ this.appState = appState;
86
+ Object.setPrototypeOf(this, ConnectError.prototype);
203
87
  }
204
- };
88
+ }
205
89
 
206
- var _this = commonjsGlobal;
90
+ class TimeoutError extends GenericError {
91
+ constructor() {
92
+ super("timeout", "Timeout");
93
+ Object.setPrototypeOf(this, TimeoutError.prototype);
94
+ }
95
+ }
207
96
 
208
- Object.defineProperty(browserTabsLock, "__esModule", {
209
- value: true
210
- });
97
+ class PopupTimeoutError extends TimeoutError {
98
+ constructor(popup) {
99
+ super();
100
+ this.popup = popup;
101
+ Object.setPrototypeOf(this, PopupTimeoutError.prototype);
102
+ }
103
+ }
211
104
 
212
- var processLock_1 = processLock;
105
+ class PopupCancelledError extends GenericError {
106
+ constructor(popup) {
107
+ super("cancelled", "Popup closed");
108
+ this.popup = popup;
109
+ Object.setPrototypeOf(this, PopupCancelledError.prototype);
110
+ }
111
+ }
213
112
 
214
- var LOCK_STORAGE_KEY = "browser-tabs-lock-key";
113
+ class PopupOpenError extends GenericError {
114
+ constructor() {
115
+ super("popup_open", "Unable to open a popup for loginWithPopup - window.open returned `null`");
116
+ Object.setPrototypeOf(this, PopupOpenError.prototype);
117
+ }
118
+ }
215
119
 
216
- var DEFAULT_STORAGE_HANDLER = {
217
- key: function(index) {
218
- return __awaiter(_this, void 0, void 0, (function() {
219
- return __generator(this, (function(_a) {
220
- throw new Error("Unsupported");
221
- }));
222
- }));
223
- },
224
- getItem: function(key) {
225
- return __awaiter(_this, void 0, void 0, (function() {
226
- return __generator(this, (function(_a) {
227
- throw new Error("Unsupported");
228
- }));
229
- }));
230
- },
231
- clear: function() {
232
- return __awaiter(_this, void 0, void 0, (function() {
233
- return __generator(this, (function(_a) {
234
- return [ 2, window.localStorage.clear() ];
235
- }));
236
- }));
237
- },
238
- removeItem: function(key) {
239
- return __awaiter(_this, void 0, void 0, (function() {
240
- return __generator(this, (function(_a) {
241
- throw new Error("Unsupported");
242
- }));
243
- }));
244
- },
245
- setItem: function(key, value) {
246
- return __awaiter(_this, void 0, void 0, (function() {
247
- return __generator(this, (function(_a) {
248
- throw new Error("Unsupported");
249
- }));
250
- }));
251
- },
252
- keySync: function(index) {
253
- return window.localStorage.key(index);
254
- },
255
- getItemSync: function(key) {
256
- return window.localStorage.getItem(key);
257
- },
258
- clearSync: function() {
259
- return window.localStorage.clear();
260
- },
261
- removeItemSync: function(key) {
262
- return window.localStorage.removeItem(key);
263
- },
264
- setItemSync: function(key, value) {
265
- return window.localStorage.setItem(key, value);
120
+ class MfaRequiredError extends GenericError {
121
+ constructor(error, error_description, mfa_token, mfa_requirements) {
122
+ super(error, error_description);
123
+ this.mfa_token = mfa_token;
124
+ this.mfa_requirements = mfa_requirements;
125
+ Object.setPrototypeOf(this, MfaRequiredError.prototype);
266
126
  }
267
- };
268
-
269
- function delay(milliseconds) {
270
- return new Promise((function(resolve) {
271
- return setTimeout(resolve, milliseconds);
272
- }));
273
127
  }
274
128
 
275
- function generateRandomString(length) {
276
- var CHARS = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz";
277
- var randomstring = "";
278
- for (var i = 0; i < length; i++) {
279
- var INDEX = Math.floor(Math.random() * CHARS.length);
280
- randomstring += CHARS[INDEX];
129
+ class MissingRefreshTokenError extends GenericError {
130
+ constructor(audience, scope) {
131
+ super("missing_refresh_token", "Missing Refresh Token (audience: '".concat(valueOrEmptyString(audience, [ "default" ]), "', scope: '").concat(valueOrEmptyString(scope), "')"));
132
+ this.audience = audience;
133
+ this.scope = scope;
134
+ Object.setPrototypeOf(this, MissingRefreshTokenError.prototype);
281
135
  }
282
- return randomstring;
283
136
  }
284
137
 
285
- function getLockId() {
286
- return Date.now().toString() + generateRandomString(15);
138
+ class MissingScopesError extends GenericError {
139
+ constructor(audience, scope) {
140
+ super("missing_scopes", "Missing requested scopes after refresh (audience: '".concat(valueOrEmptyString(audience, [ "default" ]), "', missing scope: '").concat(valueOrEmptyString(scope), "')"));
141
+ this.audience = audience;
142
+ this.scope = scope;
143
+ Object.setPrototypeOf(this, MissingScopesError.prototype);
144
+ }
287
145
  }
288
146
 
289
- var SuperTokensLock = function() {
290
- function SuperTokensLock(storageHandler) {
291
- this.acquiredIatSet = new Set;
292
- this.storageHandler = undefined;
293
- this.id = getLockId();
294
- this.acquireLock = this.acquireLock.bind(this);
295
- this.releaseLock = this.releaseLock.bind(this);
296
- this.releaseLock__private__ = this.releaseLock__private__.bind(this);
297
- this.waitForSomethingToChange = this.waitForSomethingToChange.bind(this);
298
- this.refreshLockWhileAcquired = this.refreshLockWhileAcquired.bind(this);
299
- this.storageHandler = storageHandler;
300
- if (SuperTokensLock.waiters === undefined) {
301
- SuperTokensLock.waiters = [];
302
- }
147
+ class UseDpopNonceError extends GenericError {
148
+ constructor(newDpopNonce) {
149
+ super("use_dpop_nonce", "Server rejected DPoP proof: wrong nonce");
150
+ this.newDpopNonce = newDpopNonce;
151
+ Object.setPrototypeOf(this, UseDpopNonceError.prototype);
303
152
  }
304
- SuperTokensLock.prototype.acquireLock = function(lockKey, timeout) {
305
- if (timeout === void 0) {
306
- timeout = 5e3;
307
- }
308
- return __awaiter(this, void 0, void 0, (function() {
309
- var iat, MAX_TIME, STORAGE_KEY, STORAGE, lockObj, TIMEOUT_KEY, lockObjPostDelay, parsedLockObjPostDelay;
310
- return __generator(this, (function(_a) {
311
- switch (_a.label) {
312
- case 0:
313
- iat = Date.now() + generateRandomString(4);
314
- MAX_TIME = Date.now() + timeout;
315
- STORAGE_KEY = LOCK_STORAGE_KEY + "-" + lockKey;
316
- STORAGE = this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler;
317
- _a.label = 1;
153
+ }
318
154
 
319
- case 1:
320
- if (!(Date.now() < MAX_TIME)) return [ 3, 8 ];
321
- return [ 4, delay(30) ];
155
+ function valueOrEmptyString(value) {
156
+ let exclude = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : [];
157
+ return value && !exclude.includes(value) ? value : "";
158
+ }
322
159
 
323
- case 2:
324
- _a.sent();
325
- lockObj = STORAGE.getItemSync(STORAGE_KEY);
326
- if (!(lockObj === null)) return [ 3, 5 ];
327
- TIMEOUT_KEY = this.id + "-" + lockKey + "-" + iat;
328
- return [ 4, delay(Math.floor(Math.random() * 25)) ];
160
+ const parseAuthenticationResult = queryString => {
161
+ if (queryString.indexOf("#") > -1) {
162
+ queryString = queryString.substring(0, queryString.indexOf("#"));
163
+ }
164
+ const searchParams = new URLSearchParams(queryString);
165
+ return {
166
+ state: searchParams.get("state"),
167
+ code: searchParams.get("code") || undefined,
168
+ connect_code: searchParams.get("connect_code") || undefined,
169
+ error: searchParams.get("error") || undefined,
170
+ error_description: searchParams.get("error_description") || undefined
171
+ };
172
+ };
329
173
 
330
- case 3:
331
- _a.sent();
332
- STORAGE.setItemSync(STORAGE_KEY, JSON.stringify({
333
- id: this.id,
334
- iat: iat,
335
- timeoutKey: TIMEOUT_KEY,
336
- timeAcquired: Date.now(),
337
- timeRefreshed: Date.now()
338
- }));
339
- return [ 4, delay(30) ];
174
+ const runIframe = function runIframe(authorizeUrl, eventOrigin) {
175
+ let timeoutInSeconds = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS;
176
+ return new Promise(((res, rej) => {
177
+ const iframe = window.document.createElement("iframe");
178
+ iframe.setAttribute("width", "0");
179
+ iframe.setAttribute("height", "0");
180
+ iframe.style.display = "none";
181
+ const removeIframe = () => {
182
+ if (window.document.body.contains(iframe)) {
183
+ window.document.body.removeChild(iframe);
184
+ window.removeEventListener("message", _iframeEventHandler, false);
185
+ }
186
+ };
187
+ let _iframeEventHandler;
188
+ const timeoutSetTimeoutId = setTimeout((() => {
189
+ rej(new TimeoutError);
190
+ removeIframe();
191
+ }), timeoutInSeconds * 1e3);
192
+ _iframeEventHandler = function iframeEventHandler(e) {
193
+ if (e.origin != eventOrigin) return;
194
+ if (!e.data || e.data.type !== "authorization_response") return;
195
+ const eventSource = e.source;
196
+ if (eventSource) {
197
+ eventSource.close();
198
+ }
199
+ e.data.response.error ? rej(GenericError.fromPayload(e.data.response)) : res(e.data.response);
200
+ clearTimeout(timeoutSetTimeoutId);
201
+ window.removeEventListener("message", _iframeEventHandler, false);
202
+ setTimeout(removeIframe, CLEANUP_IFRAME_TIMEOUT_IN_SECONDS * 1e3);
203
+ };
204
+ window.addEventListener("message", _iframeEventHandler, false);
205
+ window.document.body.appendChild(iframe);
206
+ iframe.setAttribute("src", authorizeUrl);
207
+ }));
208
+ };
340
209
 
341
- case 4:
342
- _a.sent();
343
- lockObjPostDelay = STORAGE.getItemSync(STORAGE_KEY);
344
- if (lockObjPostDelay !== null) {
345
- parsedLockObjPostDelay = JSON.parse(lockObjPostDelay);
346
- if (parsedLockObjPostDelay.id === this.id && parsedLockObjPostDelay.iat === iat) {
347
- this.acquiredIatSet.add(iat);
348
- this.refreshLockWhileAcquired(STORAGE_KEY, iat);
349
- return [ 2, true ];
350
- }
351
- }
352
- return [ 3, 7 ];
210
+ const openPopup = url => {
211
+ const width = 400;
212
+ const height = 600;
213
+ const left = window.screenX + (window.innerWidth - width) / 2;
214
+ const top = window.screenY + (window.innerHeight - height) / 2;
215
+ return window.open(url, "auth0:authorize:popup", "left=".concat(left, ",top=").concat(top, ",width=").concat(width, ",height=").concat(height, ",resizable,scrollbars=yes,status=1"));
216
+ };
353
217
 
354
- case 5:
355
- SuperTokensLock.lockCorrector(this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler);
356
- return [ 4, this.waitForSomethingToChange(MAX_TIME) ];
218
+ const runPopup = config => new Promise(((resolve, reject) => {
219
+ let _popupEventListener;
220
+ const popupTimer = setInterval((() => {
221
+ if (config.popup && config.popup.closed) {
222
+ clearInterval(popupTimer);
223
+ clearTimeout(timeoutId);
224
+ window.removeEventListener("message", _popupEventListener, false);
225
+ reject(new PopupCancelledError(config.popup));
226
+ }
227
+ }), 1e3);
228
+ const timeoutId = setTimeout((() => {
229
+ clearInterval(popupTimer);
230
+ reject(new PopupTimeoutError(config.popup));
231
+ window.removeEventListener("message", _popupEventListener, false);
232
+ }), (config.timeoutInSeconds || DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS) * 1e3);
233
+ _popupEventListener = function popupEventListener(e) {
234
+ if (!e.data || e.data.type !== "authorization_response") {
235
+ return;
236
+ }
237
+ clearTimeout(timeoutId);
238
+ clearInterval(popupTimer);
239
+ window.removeEventListener("message", _popupEventListener, false);
240
+ if (config.closePopup !== false) {
241
+ config.popup.close();
242
+ }
243
+ if (e.data.response.error) {
244
+ return reject(GenericError.fromPayload(e.data.response));
245
+ }
246
+ resolve(e.data.response);
247
+ };
248
+ window.addEventListener("message", _popupEventListener);
249
+ }));
357
250
 
358
- case 6:
359
- _a.sent();
360
- _a.label = 7;
251
+ const getCrypto = () => window.crypto;
361
252
 
362
- case 7:
363
- iat = Date.now() + generateRandomString(4);
364
- return [ 3, 1 ];
253
+ const createRandomString = () => {
254
+ const charset = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.";
255
+ let random = "";
256
+ const randomValues = Array.from(getCrypto().getRandomValues(new Uint8Array(43)));
257
+ randomValues.forEach((v => random += charset[v % charset.length]));
258
+ return random;
259
+ };
365
260
 
366
- case 8:
367
- return [ 2, false ];
368
- }
369
- }));
370
- }));
371
- };
372
- SuperTokensLock.prototype.refreshLockWhileAcquired = function(storageKey, iat) {
373
- return __awaiter(this, void 0, void 0, (function() {
374
- var _this = this;
375
- return __generator(this, (function(_a) {
376
- setTimeout((function() {
377
- return __awaiter(_this, void 0, void 0, (function() {
378
- var STORAGE, lockObj, parsedLockObj;
379
- return __generator(this, (function(_a) {
380
- switch (_a.label) {
381
- case 0:
382
- return [ 4, processLock_1.default().lock(iat) ];
261
+ const encode$2 = value => btoa(value);
383
262
 
384
- case 1:
385
- _a.sent();
386
- if (!this.acquiredIatSet.has(iat)) {
387
- processLock_1.default().unlock(iat);
388
- return [ 2 ];
389
- }
390
- STORAGE = this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler;
391
- lockObj = STORAGE.getItemSync(storageKey);
392
- if (lockObj !== null) {
393
- parsedLockObj = JSON.parse(lockObj);
394
- parsedLockObj.timeRefreshed = Date.now();
395
- STORAGE.setItemSync(storageKey, JSON.stringify(parsedLockObj));
396
- processLock_1.default().unlock(iat);
397
- } else {
398
- processLock_1.default().unlock(iat);
399
- return [ 2 ];
400
- }
401
- this.refreshLockWhileAcquired(storageKey, iat);
402
- return [ 2 ];
403
- }
404
- }));
405
- }));
406
- }), 1e3);
407
- return [ 2 ];
408
- }));
409
- }));
410
- };
411
- SuperTokensLock.prototype.waitForSomethingToChange = function(MAX_TIME) {
412
- return __awaiter(this, void 0, void 0, (function() {
413
- return __generator(this, (function(_a) {
414
- switch (_a.label) {
415
- case 0:
416
- return [ 4, new Promise((function(resolve) {
417
- var resolvedCalled = false;
418
- var startedAt = Date.now();
419
- var MIN_TIME_TO_WAIT = 50;
420
- var removedListeners = false;
421
- function stopWaiting() {
422
- if (!removedListeners) {
423
- window.removeEventListener("storage", stopWaiting);
424
- SuperTokensLock.removeFromWaiting(stopWaiting);
425
- clearTimeout(timeOutId);
426
- removedListeners = true;
427
- }
428
- if (!resolvedCalled) {
429
- resolvedCalled = true;
430
- var timeToWait = MIN_TIME_TO_WAIT - (Date.now() - startedAt);
431
- if (timeToWait > 0) {
432
- setTimeout(resolve, timeToWait);
433
- } else {
434
- resolve(null);
435
- }
436
- }
437
- }
438
- window.addEventListener("storage", stopWaiting);
439
- SuperTokensLock.addToWaiting(stopWaiting);
440
- var timeOutId = setTimeout(stopWaiting, Math.max(0, MAX_TIME - Date.now()));
441
- })) ];
263
+ const stripUndefined = params => Object.keys(params).filter((k => typeof params[k] !== "undefined")).reduce(((acc, key) => Object.assign(Object.assign({}, acc), {
264
+ [key]: params[key]
265
+ })), {});
442
266
 
443
- case 1:
444
- _a.sent();
445
- return [ 2 ];
446
- }
447
- }));
448
- }));
449
- };
450
- SuperTokensLock.addToWaiting = function(func) {
451
- this.removeFromWaiting(func);
452
- if (SuperTokensLock.waiters === undefined) {
453
- return;
454
- }
455
- SuperTokensLock.waiters.push(func);
456
- };
457
- SuperTokensLock.removeFromWaiting = function(func) {
458
- if (SuperTokensLock.waiters === undefined) {
459
- return;
267
+ const ALLOWED_AUTH0CLIENT_PROPERTIES = [ {
268
+ key: "name",
269
+ type: [ "string" ]
270
+ }, {
271
+ key: "version",
272
+ type: [ "string", "number" ]
273
+ }, {
274
+ key: "env",
275
+ type: [ "object" ]
276
+ } ];
277
+
278
+ const stripAuth0Client = function stripAuth0Client(auth0Client) {
279
+ let excludeEnv = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : false;
280
+ return Object.keys(auth0Client).reduce(((acc, key) => {
281
+ if (excludeEnv && key === "env") {
282
+ return acc;
460
283
  }
461
- SuperTokensLock.waiters = SuperTokensLock.waiters.filter((function(i) {
462
- return i !== func;
463
- }));
464
- };
465
- SuperTokensLock.notifyWaiters = function() {
466
- if (SuperTokensLock.waiters === undefined) {
467
- return;
284
+ const allowedProperty = ALLOWED_AUTH0CLIENT_PROPERTIES.find((p => p.key === key));
285
+ if (allowedProperty && allowedProperty.type.includes(typeof auth0Client[key])) {
286
+ acc[key] = auth0Client[key];
468
287
  }
469
- var waiters = SuperTokensLock.waiters.slice();
470
- waiters.forEach((function(i) {
471
- return i();
472
- }));
473
- };
474
- SuperTokensLock.prototype.releaseLock = function(lockKey) {
475
- return __awaiter(this, void 0, void 0, (function() {
476
- return __generator(this, (function(_a) {
477
- switch (_a.label) {
478
- case 0:
479
- return [ 4, this.releaseLock__private__(lockKey) ];
288
+ return acc;
289
+ }), {});
290
+ };
480
291
 
481
- case 1:
482
- return [ 2, _a.sent() ];
483
- }
484
- }));
485
- }));
486
- };
487
- SuperTokensLock.prototype.releaseLock__private__ = function(lockKey) {
488
- return __awaiter(this, void 0, void 0, (function() {
489
- var STORAGE, STORAGE_KEY, lockObj, parsedlockObj;
490
- return __generator(this, (function(_a) {
491
- switch (_a.label) {
492
- case 0:
493
- STORAGE = this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler;
494
- STORAGE_KEY = LOCK_STORAGE_KEY + "-" + lockKey;
495
- lockObj = STORAGE.getItemSync(STORAGE_KEY);
496
- if (lockObj === null) {
497
- return [ 2 ];
498
- }
499
- parsedlockObj = JSON.parse(lockObj);
500
- if (!(parsedlockObj.id === this.id)) return [ 3, 2 ];
501
- return [ 4, processLock_1.default().lock(parsedlockObj.iat) ];
292
+ const createQueryParams = _a => {
293
+ var {clientId: client_id} = _a, params = __rest(_a, [ "clientId" ]);
294
+ return new URLSearchParams(stripUndefined(Object.assign({
295
+ client_id: client_id
296
+ }, params))).toString();
297
+ };
502
298
 
503
- case 1:
504
- _a.sent();
505
- this.acquiredIatSet.delete(parsedlockObj.iat);
506
- STORAGE.removeItemSync(STORAGE_KEY);
507
- processLock_1.default().unlock(parsedlockObj.iat);
508
- SuperTokensLock.notifyWaiters();
509
- _a.label = 2;
299
+ const sha256 = async s => {
300
+ const digestOp = getCrypto().subtle.digest({
301
+ name: "SHA-256"
302
+ }, (new TextEncoder).encode(s));
303
+ return await digestOp;
304
+ };
510
305
 
511
- case 2:
512
- return [ 2 ];
513
- }
514
- }));
515
- }));
516
- };
517
- SuperTokensLock.lockCorrector = function(storageHandler) {
518
- var MIN_ALLOWED_TIME = Date.now() - 5e3;
519
- var STORAGE = storageHandler;
520
- var KEYS = [];
521
- var currIndex = 0;
522
- while (true) {
523
- var key = STORAGE.keySync(currIndex);
524
- if (key === null) {
525
- break;
526
- }
527
- KEYS.push(key);
528
- currIndex++;
529
- }
530
- var notifyWaiters = false;
531
- for (var i = 0; i < KEYS.length; i++) {
532
- var LOCK_KEY = KEYS[i];
533
- if (LOCK_KEY.includes(LOCK_STORAGE_KEY)) {
534
- var lockObj = STORAGE.getItemSync(LOCK_KEY);
535
- if (lockObj !== null) {
536
- var parsedlockObj = JSON.parse(lockObj);
537
- if (parsedlockObj.timeRefreshed === undefined && parsedlockObj.timeAcquired < MIN_ALLOWED_TIME || parsedlockObj.timeRefreshed !== undefined && parsedlockObj.timeRefreshed < MIN_ALLOWED_TIME) {
538
- STORAGE.removeItemSync(LOCK_KEY);
539
- notifyWaiters = true;
540
- }
541
- }
542
- }
543
- }
544
- if (notifyWaiters) {
545
- SuperTokensLock.notifyWaiters();
546
- }
306
+ const urlEncodeB64 = input => {
307
+ const b64Chars = {
308
+ "+": "-",
309
+ "/": "_",
310
+ "=": ""
547
311
  };
548
- SuperTokensLock.waiters = undefined;
549
- return SuperTokensLock;
550
- }();
551
-
552
- var _default = browserTabsLock.default = SuperTokensLock;
312
+ return input.replace(/[+/=]/g, (m => b64Chars[m]));
313
+ };
553
314
 
554
- var version = "2.14.0";
315
+ const decodeB64 = input => decodeURIComponent(atob(input).split("").map((c => "%" + ("00" + c.charCodeAt(0).toString(16)).slice(-2))).join(""));
555
316
 
556
- const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;
317
+ const urlDecodeB64 = input => decodeB64(input.replace(/_/g, "/").replace(/-/g, "+"));
557
318
 
558
- const DEFAULT_POPUP_CONFIG_OPTIONS = {
559
- timeoutInSeconds: DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS
319
+ const bufferToBase64UrlEncoded = input => {
320
+ const ie11SafeInput = new Uint8Array(input);
321
+ return urlEncodeB64(window.btoa(String.fromCharCode(...Array.from(ie11SafeInput))));
560
322
  };
561
323
 
562
- const DEFAULT_SILENT_TOKEN_RETRY_COUNT = 3;
324
+ const validateCrypto = () => {
325
+ if (!getCrypto()) {
326
+ throw new Error("For security reasons, `window.crypto` is required to run `auth0-spa-js`.");
327
+ }
328
+ if (typeof getCrypto().subtle === "undefined") {
329
+ throw new Error("\n auth0-spa-js must run on a secure origin. See https://github.com/auth0/auth0-spa-js/blob/main/FAQ.md#why-do-i-get-auth0-spa-js-must-run-on-a-secure-origin for more information.\n ");
330
+ }
331
+ };
563
332
 
564
- const CLEANUP_IFRAME_TIMEOUT_IN_SECONDS = 2;
333
+ const getDomain = domainUrl => {
334
+ if (!/^https?:\/\//.test(domainUrl)) {
335
+ return "https://".concat(domainUrl);
336
+ }
337
+ return domainUrl;
338
+ };
565
339
 
566
- const DEFAULT_FETCH_TIMEOUT_MS = 1e4;
340
+ const getTokenIssuer = (issuer, domainUrl) => {
341
+ if (issuer) {
342
+ return issuer.startsWith("https://") ? issuer : "https://".concat(issuer, "/");
343
+ }
344
+ return "".concat(domainUrl, "/");
345
+ };
567
346
 
568
- const CACHE_LOCATION_MEMORY = "memory";
569
-
570
- const MISSING_REFRESH_TOKEN_ERROR_MESSAGE = "Missing Refresh Token";
571
-
572
- const INVALID_REFRESH_TOKEN_ERROR_MESSAGE = "invalid refresh token";
573
-
574
- const USER_BLOCKED_ERROR_MESSAGE = "user is blocked";
575
-
576
- const DEFAULT_SCOPE = "openid profile email";
577
-
578
- const DEFAULT_SESSION_CHECK_EXPIRY_DAYS = 1;
579
-
580
- const DEFAULT_AUTH0_CLIENT = {
581
- name: "auth0-spa-js",
582
- version: version
347
+ const parseNumber = value => {
348
+ if (typeof value !== "string") {
349
+ return value;
350
+ }
351
+ return parseInt(value, 10) || undefined;
583
352
  };
584
353
 
585
- const DEFAULT_NOW_PROVIDER = () => Date.now();
586
-
587
- const DEFAULT_AUDIENCE = "default";
354
+ const fromEntries = iterable => [ ...iterable ].reduce(((obj, _ref) => {
355
+ let [key, val] = _ref;
356
+ obj[key] = val;
357
+ return obj;
358
+ }), {});
588
359
 
589
- class GenericError extends Error {
590
- constructor(error, error_description) {
591
- super(error_description);
592
- this.error = error;
593
- this.error_description = error_description;
594
- Object.setPrototypeOf(this, GenericError.prototype);
595
- }
596
- static fromPayload(_ref) {
597
- let {error: error, error_description: error_description} = _ref;
598
- return new GenericError(error, error_description);
599
- }
600
- }
360
+ var commonjsGlobal = typeof globalThis !== "undefined" ? globalThis : typeof window !== "undefined" ? window : typeof global !== "undefined" ? global : typeof self !== "undefined" ? self : {};
601
361
 
602
- class AuthenticationError extends GenericError {
603
- constructor(error, error_description, state) {
604
- let appState = arguments.length > 3 && arguments[3] !== undefined ? arguments[3] : null;
605
- super(error, error_description);
606
- this.state = state;
607
- this.appState = appState;
608
- Object.setPrototypeOf(this, AuthenticationError.prototype);
609
- }
610
- }
362
+ var browserTabsLock = {};
611
363
 
612
- class ConnectError extends GenericError {
613
- constructor(error, error_description, connection, state) {
614
- let appState = arguments.length > 4 && arguments[4] !== undefined ? arguments[4] : null;
615
- super(error, error_description);
616
- this.connection = connection;
617
- this.state = state;
618
- this.appState = appState;
619
- Object.setPrototypeOf(this, ConnectError.prototype);
620
- }
621
- }
364
+ var processLock = {};
622
365
 
623
- class TimeoutError extends GenericError {
624
- constructor() {
625
- super("timeout", "Timeout");
626
- Object.setPrototypeOf(this, TimeoutError.prototype);
627
- }
628
- }
366
+ Object.defineProperty(processLock, "__esModule", {
367
+ value: true
368
+ });
629
369
 
630
- class PopupTimeoutError extends TimeoutError {
631
- constructor(popup) {
632
- super();
633
- this.popup = popup;
634
- Object.setPrototypeOf(this, PopupTimeoutError.prototype);
370
+ var ProcessLocking = function() {
371
+ function ProcessLocking() {
372
+ var _this = this;
373
+ this.locked = new Map;
374
+ this.addToLocked = function(key, toAdd) {
375
+ var callbacks = _this.locked.get(key);
376
+ if (callbacks === undefined) {
377
+ if (toAdd === undefined) {
378
+ _this.locked.set(key, []);
379
+ } else {
380
+ _this.locked.set(key, [ toAdd ]);
381
+ }
382
+ } else {
383
+ if (toAdd !== undefined) {
384
+ callbacks.unshift(toAdd);
385
+ _this.locked.set(key, callbacks);
386
+ }
387
+ }
388
+ };
389
+ this.isLocked = function(key) {
390
+ return _this.locked.has(key);
391
+ };
392
+ this.lock = function(key) {
393
+ return new Promise((function(resolve, reject) {
394
+ if (_this.isLocked(key)) {
395
+ _this.addToLocked(key, resolve);
396
+ } else {
397
+ _this.addToLocked(key);
398
+ resolve();
399
+ }
400
+ }));
401
+ };
402
+ this.unlock = function(key) {
403
+ var callbacks = _this.locked.get(key);
404
+ if (callbacks === undefined || callbacks.length === 0) {
405
+ _this.locked.delete(key);
406
+ return;
407
+ }
408
+ var toCall = callbacks.pop();
409
+ _this.locked.set(key, callbacks);
410
+ if (toCall !== undefined) {
411
+ setTimeout(toCall, 0);
412
+ }
413
+ };
635
414
  }
636
- }
415
+ ProcessLocking.getInstance = function() {
416
+ if (ProcessLocking.instance === undefined) {
417
+ ProcessLocking.instance = new ProcessLocking;
418
+ }
419
+ return ProcessLocking.instance;
420
+ };
421
+ return ProcessLocking;
422
+ }();
637
423
 
638
- class PopupCancelledError extends GenericError {
639
- constructor(popup) {
640
- super("cancelled", "Popup closed");
641
- this.popup = popup;
642
- Object.setPrototypeOf(this, PopupCancelledError.prototype);
643
- }
424
+ function getLock() {
425
+ return ProcessLocking.getInstance();
644
426
  }
645
427
 
646
- class PopupOpenError extends GenericError {
647
- constructor() {
648
- super("popup_open", "Unable to open a popup for loginWithPopup - window.open returned `null`");
649
- Object.setPrototypeOf(this, PopupOpenError.prototype);
650
- }
651
- }
428
+ processLock.default = getLock;
652
429
 
653
- class MfaRequiredError extends GenericError {
654
- constructor(error, error_description, mfa_token, mfa_requirements) {
655
- super(error, error_description);
656
- this.mfa_token = mfa_token;
657
- this.mfa_requirements = mfa_requirements;
658
- Object.setPrototypeOf(this, MfaRequiredError.prototype);
659
- }
660
- }
430
+ var __awaiter = commonjsGlobal && commonjsGlobal.__awaiter || function(thisArg, _arguments, P, generator) {
431
+ return new (P || (P = Promise))((function(resolve, reject) {
432
+ function fulfilled(value) {
433
+ try {
434
+ step(generator.next(value));
435
+ } catch (e) {
436
+ reject(e);
437
+ }
438
+ }
439
+ function rejected(value) {
440
+ try {
441
+ step(generator["throw"](value));
442
+ } catch (e) {
443
+ reject(e);
444
+ }
445
+ }
446
+ function step(result) {
447
+ result.done ? resolve(result.value) : new P((function(resolve) {
448
+ resolve(result.value);
449
+ })).then(fulfilled, rejected);
450
+ }
451
+ step((generator = generator.apply(thisArg, _arguments || [])).next());
452
+ }));
453
+ };
661
454
 
662
- class MissingRefreshTokenError extends GenericError {
663
- constructor(audience, scope) {
664
- super("missing_refresh_token", "Missing Refresh Token (audience: '".concat(valueOrEmptyString(audience, [ "default" ]), "', scope: '").concat(valueOrEmptyString(scope), "')"));
665
- this.audience = audience;
666
- this.scope = scope;
667
- Object.setPrototypeOf(this, MissingRefreshTokenError.prototype);
455
+ var __generator = commonjsGlobal && commonjsGlobal.__generator || function(thisArg, body) {
456
+ var _ = {
457
+ label: 0,
458
+ sent: function() {
459
+ if (t[0] & 1) throw t[1];
460
+ return t[1];
461
+ },
462
+ trys: [],
463
+ ops: []
464
+ }, f, y, t, g;
465
+ return g = {
466
+ next: verb(0),
467
+ throw: verb(1),
468
+ return: verb(2)
469
+ }, typeof Symbol === "function" && (g[Symbol.iterator] = function() {
470
+ return this;
471
+ }), g;
472
+ function verb(n) {
473
+ return function(v) {
474
+ return step([ n, v ]);
475
+ };
668
476
  }
669
- }
477
+ function step(op) {
478
+ if (f) throw new TypeError("Generator is already executing.");
479
+ while (_) try {
480
+ if (f = 1, y && (t = op[0] & 2 ? y["return"] : op[0] ? y["throw"] || ((t = y["return"]) && t.call(y),
481
+ 0) : y.next) && !(t = t.call(y, op[1])).done) return t;
482
+ if (y = 0, t) op = [ op[0] & 2, t.value ];
483
+ switch (op[0]) {
484
+ case 0:
485
+ case 1:
486
+ t = op;
487
+ break;
670
488
 
671
- class MissingScopesError extends GenericError {
672
- constructor(audience, scope) {
673
- super("missing_scopes", "Missing requested scopes after refresh (audience: '".concat(valueOrEmptyString(audience, [ "default" ]), "', missing scope: '").concat(valueOrEmptyString(scope), "')"));
674
- this.audience = audience;
675
- this.scope = scope;
676
- Object.setPrototypeOf(this, MissingScopesError.prototype);
677
- }
678
- }
489
+ case 4:
490
+ _.label++;
491
+ return {
492
+ value: op[1],
493
+ done: false
494
+ };
679
495
 
680
- class UseDpopNonceError extends GenericError {
681
- constructor(newDpopNonce) {
682
- super("use_dpop_nonce", "Server rejected DPoP proof: wrong nonce");
683
- this.newDpopNonce = newDpopNonce;
684
- Object.setPrototypeOf(this, UseDpopNonceError.prototype);
685
- }
686
- }
496
+ case 5:
497
+ _.label++;
498
+ y = op[1];
499
+ op = [ 0 ];
500
+ continue;
687
501
 
688
- function valueOrEmptyString(value) {
689
- let exclude = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : [];
690
- return value && !exclude.includes(value) ? value : "";
691
- }
502
+ case 7:
503
+ op = _.ops.pop();
504
+ _.trys.pop();
505
+ continue;
692
506
 
693
- const parseAuthenticationResult = queryString => {
694
- if (queryString.indexOf("#") > -1) {
695
- queryString = queryString.substring(0, queryString.indexOf("#"));
696
- }
697
- const searchParams = new URLSearchParams(queryString);
698
- return {
699
- state: searchParams.get("state"),
700
- code: searchParams.get("code") || undefined,
701
- connect_code: searchParams.get("connect_code") || undefined,
702
- error: searchParams.get("error") || undefined,
703
- error_description: searchParams.get("error_description") || undefined
704
- };
705
- };
706
-
707
- const runIframe = function runIframe(authorizeUrl, eventOrigin) {
708
- let timeoutInSeconds = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS;
709
- return new Promise(((res, rej) => {
710
- const iframe = window.document.createElement("iframe");
711
- iframe.setAttribute("width", "0");
712
- iframe.setAttribute("height", "0");
713
- iframe.style.display = "none";
714
- const removeIframe = () => {
715
- if (window.document.body.contains(iframe)) {
716
- window.document.body.removeChild(iframe);
717
- window.removeEventListener("message", _iframeEventHandler, false);
718
- }
719
- };
720
- let _iframeEventHandler;
721
- const timeoutSetTimeoutId = setTimeout((() => {
722
- rej(new TimeoutError);
723
- removeIframe();
724
- }), timeoutInSeconds * 1e3);
725
- _iframeEventHandler = function iframeEventHandler(e) {
726
- if (e.origin != eventOrigin) return;
727
- if (!e.data || e.data.type !== "authorization_response") return;
728
- const eventSource = e.source;
729
- if (eventSource) {
730
- eventSource.close();
507
+ default:
508
+ if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) {
509
+ _ = 0;
510
+ continue;
511
+ }
512
+ if (op[0] === 3 && (!t || op[1] > t[0] && op[1] < t[3])) {
513
+ _.label = op[1];
514
+ break;
515
+ }
516
+ if (op[0] === 6 && _.label < t[1]) {
517
+ _.label = t[1];
518
+ t = op;
519
+ break;
520
+ }
521
+ if (t && _.label < t[2]) {
522
+ _.label = t[2];
523
+ _.ops.push(op);
524
+ break;
525
+ }
526
+ if (t[2]) _.ops.pop();
527
+ _.trys.pop();
528
+ continue;
731
529
  }
732
- e.data.response.error ? rej(GenericError.fromPayload(e.data.response)) : res(e.data.response);
733
- clearTimeout(timeoutSetTimeoutId);
734
- window.removeEventListener("message", _iframeEventHandler, false);
735
- setTimeout(removeIframe, CLEANUP_IFRAME_TIMEOUT_IN_SECONDS * 1e3);
530
+ op = body.call(thisArg, _);
531
+ } catch (e) {
532
+ op = [ 6, e ];
533
+ y = 0;
534
+ } finally {
535
+ f = t = 0;
536
+ }
537
+ if (op[0] & 5) throw op[1];
538
+ return {
539
+ value: op[0] ? op[1] : void 0,
540
+ done: true
736
541
  };
737
- window.addEventListener("message", _iframeEventHandler, false);
738
- window.document.body.appendChild(iframe);
739
- iframe.setAttribute("src", authorizeUrl);
740
- }));
542
+ }
741
543
  };
742
544
 
743
- const openPopup = url => {
744
- const width = 400;
745
- const height = 600;
746
- const left = window.screenX + (window.innerWidth - width) / 2;
747
- const top = window.screenY + (window.innerHeight - height) / 2;
748
- return window.open(url, "auth0:authorize:popup", "left=".concat(left, ",top=").concat(top, ",width=").concat(width, ",height=").concat(height, ",resizable,scrollbars=yes,status=1"));
545
+ var _this = commonjsGlobal;
546
+
547
+ Object.defineProperty(browserTabsLock, "__esModule", {
548
+ value: true
549
+ });
550
+
551
+ var processLock_1 = processLock;
552
+
553
+ var LOCK_STORAGE_KEY = "browser-tabs-lock-key";
554
+
555
+ var DEFAULT_STORAGE_HANDLER = {
556
+ key: function(index) {
557
+ return __awaiter(_this, void 0, void 0, (function() {
558
+ return __generator(this, (function(_a) {
559
+ throw new Error("Unsupported");
560
+ }));
561
+ }));
562
+ },
563
+ getItem: function(key) {
564
+ return __awaiter(_this, void 0, void 0, (function() {
565
+ return __generator(this, (function(_a) {
566
+ throw new Error("Unsupported");
567
+ }));
568
+ }));
569
+ },
570
+ clear: function() {
571
+ return __awaiter(_this, void 0, void 0, (function() {
572
+ return __generator(this, (function(_a) {
573
+ return [ 2, window.localStorage.clear() ];
574
+ }));
575
+ }));
576
+ },
577
+ removeItem: function(key) {
578
+ return __awaiter(_this, void 0, void 0, (function() {
579
+ return __generator(this, (function(_a) {
580
+ throw new Error("Unsupported");
581
+ }));
582
+ }));
583
+ },
584
+ setItem: function(key, value) {
585
+ return __awaiter(_this, void 0, void 0, (function() {
586
+ return __generator(this, (function(_a) {
587
+ throw new Error("Unsupported");
588
+ }));
589
+ }));
590
+ },
591
+ keySync: function(index) {
592
+ return window.localStorage.key(index);
593
+ },
594
+ getItemSync: function(key) {
595
+ return window.localStorage.getItem(key);
596
+ },
597
+ clearSync: function() {
598
+ return window.localStorage.clear();
599
+ },
600
+ removeItemSync: function(key) {
601
+ return window.localStorage.removeItem(key);
602
+ },
603
+ setItemSync: function(key, value) {
604
+ return window.localStorage.setItem(key, value);
605
+ }
749
606
  };
750
607
 
751
- const runPopup = config => new Promise(((resolve, reject) => {
752
- let _popupEventListener;
753
- const popupTimer = setInterval((() => {
754
- if (config.popup && config.popup.closed) {
755
- clearInterval(popupTimer);
756
- clearTimeout(timeoutId);
757
- window.removeEventListener("message", _popupEventListener, false);
758
- reject(new PopupCancelledError(config.popup));
608
+ function delay(milliseconds) {
609
+ return new Promise((function(resolve) {
610
+ return setTimeout(resolve, milliseconds);
611
+ }));
612
+ }
613
+
614
+ function generateRandomString(length) {
615
+ var CHARS = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz";
616
+ var randomstring = "";
617
+ for (var i = 0; i < length; i++) {
618
+ var INDEX = Math.floor(Math.random() * CHARS.length);
619
+ randomstring += CHARS[INDEX];
620
+ }
621
+ return randomstring;
622
+ }
623
+
624
+ function getLockId() {
625
+ return Date.now().toString() + generateRandomString(15);
626
+ }
627
+
628
+ var SuperTokensLock = function() {
629
+ function SuperTokensLock(storageHandler) {
630
+ this.acquiredIatSet = new Set;
631
+ this.storageHandler = undefined;
632
+ this.id = getLockId();
633
+ this.acquireLock = this.acquireLock.bind(this);
634
+ this.releaseLock = this.releaseLock.bind(this);
635
+ this.releaseLock__private__ = this.releaseLock__private__.bind(this);
636
+ this.waitForSomethingToChange = this.waitForSomethingToChange.bind(this);
637
+ this.refreshLockWhileAcquired = this.refreshLockWhileAcquired.bind(this);
638
+ this.storageHandler = storageHandler;
639
+ if (SuperTokensLock.waiters === undefined) {
640
+ SuperTokensLock.waiters = [];
759
641
  }
760
- }), 1e3);
761
- const timeoutId = setTimeout((() => {
762
- clearInterval(popupTimer);
763
- reject(new PopupTimeoutError(config.popup));
764
- window.removeEventListener("message", _popupEventListener, false);
765
- }), (config.timeoutInSeconds || DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS) * 1e3);
766
- _popupEventListener = function popupEventListener(e) {
767
- if (!e.data || e.data.type !== "authorization_response") {
642
+ }
643
+ SuperTokensLock.prototype.acquireLock = function(lockKey, timeout) {
644
+ if (timeout === void 0) {
645
+ timeout = 5e3;
646
+ }
647
+ return __awaiter(this, void 0, void 0, (function() {
648
+ var iat, MAX_TIME, STORAGE_KEY, STORAGE, lockObj, TIMEOUT_KEY, lockObjPostDelay, parsedLockObjPostDelay;
649
+ return __generator(this, (function(_a) {
650
+ switch (_a.label) {
651
+ case 0:
652
+ iat = Date.now() + generateRandomString(4);
653
+ MAX_TIME = Date.now() + timeout;
654
+ STORAGE_KEY = LOCK_STORAGE_KEY + "-" + lockKey;
655
+ STORAGE = this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler;
656
+ _a.label = 1;
657
+
658
+ case 1:
659
+ if (!(Date.now() < MAX_TIME)) return [ 3, 8 ];
660
+ return [ 4, delay(30) ];
661
+
662
+ case 2:
663
+ _a.sent();
664
+ lockObj = STORAGE.getItemSync(STORAGE_KEY);
665
+ if (!(lockObj === null)) return [ 3, 5 ];
666
+ TIMEOUT_KEY = this.id + "-" + lockKey + "-" + iat;
667
+ return [ 4, delay(Math.floor(Math.random() * 25)) ];
668
+
669
+ case 3:
670
+ _a.sent();
671
+ STORAGE.setItemSync(STORAGE_KEY, JSON.stringify({
672
+ id: this.id,
673
+ iat: iat,
674
+ timeoutKey: TIMEOUT_KEY,
675
+ timeAcquired: Date.now(),
676
+ timeRefreshed: Date.now()
677
+ }));
678
+ return [ 4, delay(30) ];
679
+
680
+ case 4:
681
+ _a.sent();
682
+ lockObjPostDelay = STORAGE.getItemSync(STORAGE_KEY);
683
+ if (lockObjPostDelay !== null) {
684
+ parsedLockObjPostDelay = JSON.parse(lockObjPostDelay);
685
+ if (parsedLockObjPostDelay.id === this.id && parsedLockObjPostDelay.iat === iat) {
686
+ this.acquiredIatSet.add(iat);
687
+ this.refreshLockWhileAcquired(STORAGE_KEY, iat);
688
+ return [ 2, true ];
689
+ }
690
+ }
691
+ return [ 3, 7 ];
692
+
693
+ case 5:
694
+ SuperTokensLock.lockCorrector(this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler);
695
+ return [ 4, this.waitForSomethingToChange(MAX_TIME) ];
696
+
697
+ case 6:
698
+ _a.sent();
699
+ _a.label = 7;
700
+
701
+ case 7:
702
+ iat = Date.now() + generateRandomString(4);
703
+ return [ 3, 1 ];
704
+
705
+ case 8:
706
+ return [ 2, false ];
707
+ }
708
+ }));
709
+ }));
710
+ };
711
+ SuperTokensLock.prototype.refreshLockWhileAcquired = function(storageKey, iat) {
712
+ return __awaiter(this, void 0, void 0, (function() {
713
+ var _this = this;
714
+ return __generator(this, (function(_a) {
715
+ setTimeout((function() {
716
+ return __awaiter(_this, void 0, void 0, (function() {
717
+ var STORAGE, lockObj, parsedLockObj;
718
+ return __generator(this, (function(_a) {
719
+ switch (_a.label) {
720
+ case 0:
721
+ return [ 4, processLock_1.default().lock(iat) ];
722
+
723
+ case 1:
724
+ _a.sent();
725
+ if (!this.acquiredIatSet.has(iat)) {
726
+ processLock_1.default().unlock(iat);
727
+ return [ 2 ];
728
+ }
729
+ STORAGE = this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler;
730
+ lockObj = STORAGE.getItemSync(storageKey);
731
+ if (lockObj !== null) {
732
+ parsedLockObj = JSON.parse(lockObj);
733
+ parsedLockObj.timeRefreshed = Date.now();
734
+ STORAGE.setItemSync(storageKey, JSON.stringify(parsedLockObj));
735
+ processLock_1.default().unlock(iat);
736
+ } else {
737
+ processLock_1.default().unlock(iat);
738
+ return [ 2 ];
739
+ }
740
+ this.refreshLockWhileAcquired(storageKey, iat);
741
+ return [ 2 ];
742
+ }
743
+ }));
744
+ }));
745
+ }), 1e3);
746
+ return [ 2 ];
747
+ }));
748
+ }));
749
+ };
750
+ SuperTokensLock.prototype.waitForSomethingToChange = function(MAX_TIME) {
751
+ return __awaiter(this, void 0, void 0, (function() {
752
+ return __generator(this, (function(_a) {
753
+ switch (_a.label) {
754
+ case 0:
755
+ return [ 4, new Promise((function(resolve) {
756
+ var resolvedCalled = false;
757
+ var startedAt = Date.now();
758
+ var MIN_TIME_TO_WAIT = 50;
759
+ var removedListeners = false;
760
+ function stopWaiting() {
761
+ if (!removedListeners) {
762
+ window.removeEventListener("storage", stopWaiting);
763
+ SuperTokensLock.removeFromWaiting(stopWaiting);
764
+ clearTimeout(timeOutId);
765
+ removedListeners = true;
766
+ }
767
+ if (!resolvedCalled) {
768
+ resolvedCalled = true;
769
+ var timeToWait = MIN_TIME_TO_WAIT - (Date.now() - startedAt);
770
+ if (timeToWait > 0) {
771
+ setTimeout(resolve, timeToWait);
772
+ } else {
773
+ resolve(null);
774
+ }
775
+ }
776
+ }
777
+ window.addEventListener("storage", stopWaiting);
778
+ SuperTokensLock.addToWaiting(stopWaiting);
779
+ var timeOutId = setTimeout(stopWaiting, Math.max(0, MAX_TIME - Date.now()));
780
+ })) ];
781
+
782
+ case 1:
783
+ _a.sent();
784
+ return [ 2 ];
785
+ }
786
+ }));
787
+ }));
788
+ };
789
+ SuperTokensLock.addToWaiting = function(func) {
790
+ this.removeFromWaiting(func);
791
+ if (SuperTokensLock.waiters === undefined) {
792
+ return;
793
+ }
794
+ SuperTokensLock.waiters.push(func);
795
+ };
796
+ SuperTokensLock.removeFromWaiting = function(func) {
797
+ if (SuperTokensLock.waiters === undefined) {
768
798
  return;
769
799
  }
770
- clearTimeout(timeoutId);
771
- clearInterval(popupTimer);
772
- window.removeEventListener("message", _popupEventListener, false);
773
- if (config.closePopup !== false) {
774
- config.popup.close();
775
- }
776
- if (e.data.response.error) {
777
- return reject(GenericError.fromPayload(e.data.response));
800
+ SuperTokensLock.waiters = SuperTokensLock.waiters.filter((function(i) {
801
+ return i !== func;
802
+ }));
803
+ };
804
+ SuperTokensLock.notifyWaiters = function() {
805
+ if (SuperTokensLock.waiters === undefined) {
806
+ return;
778
807
  }
779
- resolve(e.data.response);
808
+ var waiters = SuperTokensLock.waiters.slice();
809
+ waiters.forEach((function(i) {
810
+ return i();
811
+ }));
780
812
  };
781
- window.addEventListener("message", _popupEventListener);
782
- }));
783
-
784
- const getCrypto = () => window.crypto;
785
-
786
- const createRandomString = () => {
787
- const charset = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.";
788
- let random = "";
789
- const randomValues = Array.from(getCrypto().getRandomValues(new Uint8Array(43)));
790
- randomValues.forEach((v => random += charset[v % charset.length]));
791
- return random;
792
- };
793
-
794
- const encode$2 = value => btoa(value);
813
+ SuperTokensLock.prototype.releaseLock = function(lockKey) {
814
+ return __awaiter(this, void 0, void 0, (function() {
815
+ return __generator(this, (function(_a) {
816
+ switch (_a.label) {
817
+ case 0:
818
+ return [ 4, this.releaseLock__private__(lockKey) ];
795
819
 
796
- const stripUndefined = params => Object.keys(params).filter((k => typeof params[k] !== "undefined")).reduce(((acc, key) => Object.assign(Object.assign({}, acc), {
797
- [key]: params[key]
798
- })), {});
820
+ case 1:
821
+ return [ 2, _a.sent() ];
822
+ }
823
+ }));
824
+ }));
825
+ };
826
+ SuperTokensLock.prototype.releaseLock__private__ = function(lockKey) {
827
+ return __awaiter(this, void 0, void 0, (function() {
828
+ var STORAGE, STORAGE_KEY, lockObj, parsedlockObj;
829
+ return __generator(this, (function(_a) {
830
+ switch (_a.label) {
831
+ case 0:
832
+ STORAGE = this.storageHandler === undefined ? DEFAULT_STORAGE_HANDLER : this.storageHandler;
833
+ STORAGE_KEY = LOCK_STORAGE_KEY + "-" + lockKey;
834
+ lockObj = STORAGE.getItemSync(STORAGE_KEY);
835
+ if (lockObj === null) {
836
+ return [ 2 ];
837
+ }
838
+ parsedlockObj = JSON.parse(lockObj);
839
+ if (!(parsedlockObj.id === this.id)) return [ 3, 2 ];
840
+ return [ 4, processLock_1.default().lock(parsedlockObj.iat) ];
799
841
 
800
- const ALLOWED_AUTH0CLIENT_PROPERTIES = [ {
801
- key: "name",
802
- type: [ "string" ]
803
- }, {
804
- key: "version",
805
- type: [ "string", "number" ]
806
- }, {
807
- key: "env",
808
- type: [ "object" ]
809
- } ];
842
+ case 1:
843
+ _a.sent();
844
+ this.acquiredIatSet.delete(parsedlockObj.iat);
845
+ STORAGE.removeItemSync(STORAGE_KEY);
846
+ processLock_1.default().unlock(parsedlockObj.iat);
847
+ SuperTokensLock.notifyWaiters();
848
+ _a.label = 2;
810
849
 
811
- const stripAuth0Client = function stripAuth0Client(auth0Client) {
812
- let excludeEnv = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : false;
813
- return Object.keys(auth0Client).reduce(((acc, key) => {
814
- if (excludeEnv && key === "env") {
815
- return acc;
850
+ case 2:
851
+ return [ 2 ];
852
+ }
853
+ }));
854
+ }));
855
+ };
856
+ SuperTokensLock.lockCorrector = function(storageHandler) {
857
+ var MIN_ALLOWED_TIME = Date.now() - 5e3;
858
+ var STORAGE = storageHandler;
859
+ var KEYS = [];
860
+ var currIndex = 0;
861
+ while (true) {
862
+ var key = STORAGE.keySync(currIndex);
863
+ if (key === null) {
864
+ break;
865
+ }
866
+ KEYS.push(key);
867
+ currIndex++;
816
868
  }
817
- const allowedProperty = ALLOWED_AUTH0CLIENT_PROPERTIES.find((p => p.key === key));
818
- if (allowedProperty && allowedProperty.type.includes(typeof auth0Client[key])) {
819
- acc[key] = auth0Client[key];
869
+ var notifyWaiters = false;
870
+ for (var i = 0; i < KEYS.length; i++) {
871
+ var LOCK_KEY = KEYS[i];
872
+ if (LOCK_KEY.includes(LOCK_STORAGE_KEY)) {
873
+ var lockObj = STORAGE.getItemSync(LOCK_KEY);
874
+ if (lockObj !== null) {
875
+ var parsedlockObj = JSON.parse(lockObj);
876
+ if (parsedlockObj.timeRefreshed === undefined && parsedlockObj.timeAcquired < MIN_ALLOWED_TIME || parsedlockObj.timeRefreshed !== undefined && parsedlockObj.timeRefreshed < MIN_ALLOWED_TIME) {
877
+ STORAGE.removeItemSync(LOCK_KEY);
878
+ notifyWaiters = true;
879
+ }
880
+ }
881
+ }
882
+ }
883
+ if (notifyWaiters) {
884
+ SuperTokensLock.notifyWaiters();
820
885
  }
821
- return acc;
822
- }), {});
823
- };
824
-
825
- const createQueryParams = _a => {
826
- var {clientId: client_id} = _a, params = __rest(_a, [ "clientId" ]);
827
- return new URLSearchParams(stripUndefined(Object.assign({
828
- client_id: client_id
829
- }, params))).toString();
830
- };
831
-
832
- const sha256 = async s => {
833
- const digestOp = getCrypto().subtle.digest({
834
- name: "SHA-256"
835
- }, (new TextEncoder).encode(s));
836
- return await digestOp;
837
- };
838
-
839
- const urlEncodeB64 = input => {
840
- const b64Chars = {
841
- "+": "-",
842
- "/": "_",
843
- "=": ""
844
886
  };
845
- return input.replace(/[+/=]/g, (m => b64Chars[m]));
846
- };
847
-
848
- const decodeB64 = input => decodeURIComponent(atob(input).split("").map((c => "%" + ("00" + c.charCodeAt(0).toString(16)).slice(-2))).join(""));
887
+ SuperTokensLock.waiters = undefined;
888
+ return SuperTokensLock;
889
+ }();
849
890
 
850
- const urlDecodeB64 = input => decodeB64(input.replace(/_/g, "/").replace(/-/g, "+"));
891
+ var _default = browserTabsLock.default = SuperTokensLock;
851
892
 
852
- const bufferToBase64UrlEncoded = input => {
853
- const ie11SafeInput = new Uint8Array(input);
854
- return urlEncodeB64(window.btoa(String.fromCharCode(...Array.from(ie11SafeInput))));
855
- };
893
+ class WebLocksApiManager {
894
+ async runWithLock(key, timeout, callback) {
895
+ const controller = new AbortController;
896
+ const timeoutId = setTimeout((() => controller.abort()), timeout);
897
+ try {
898
+ return await navigator.locks.request(key, {
899
+ mode: "exclusive",
900
+ signal: controller.signal
901
+ }, (async lock => {
902
+ clearTimeout(timeoutId);
903
+ if (!lock) throw new Error("Lock not available");
904
+ return await callback();
905
+ }));
906
+ } catch (error) {
907
+ clearTimeout(timeoutId);
908
+ if ((error === null || error === void 0 ? void 0 : error.name) === "AbortError") throw new TimeoutError;
909
+ throw error;
910
+ }
911
+ }
912
+ }
856
913
 
857
- const validateCrypto = () => {
858
- if (!getCrypto()) {
859
- throw new Error("For security reasons, `window.crypto` is required to run `auth0-spa-js`.");
914
+ class LegacyLockManager {
915
+ constructor() {
916
+ this.activeLocks = new Set;
917
+ this.lock = new _default;
918
+ this.pagehideHandler = () => {
919
+ this.activeLocks.forEach((key => this.lock.releaseLock(key)));
920
+ this.activeLocks.clear();
921
+ };
860
922
  }
861
- if (typeof getCrypto().subtle === "undefined") {
862
- throw new Error("\n auth0-spa-js must run on a secure origin. See https://github.com/auth0/auth0-spa-js/blob/main/FAQ.md#why-do-i-get-auth0-spa-js-must-run-on-a-secure-origin for more information.\n ");
923
+ async runWithLock(key, timeout, callback) {
924
+ const retryAttempts = 10;
925
+ let acquired = false;
926
+ for (let i = 0; i < retryAttempts && !acquired; i++) {
927
+ acquired = await this.lock.acquireLock(key, timeout);
928
+ }
929
+ if (!acquired) {
930
+ throw new TimeoutError;
931
+ }
932
+ this.activeLocks.add(key);
933
+ if (this.activeLocks.size === 1 && typeof window !== "undefined") {
934
+ window.addEventListener("pagehide", this.pagehideHandler);
935
+ }
936
+ try {
937
+ return await callback();
938
+ } finally {
939
+ this.activeLocks.delete(key);
940
+ await this.lock.releaseLock(key);
941
+ if (this.activeLocks.size === 0 && typeof window !== "undefined") {
942
+ window.removeEventListener("pagehide", this.pagehideHandler);
943
+ }
944
+ }
863
945
  }
864
- };
946
+ }
865
947
 
866
- const getDomain = domainUrl => {
867
- if (!/^https?:\/\//.test(domainUrl)) {
868
- return "https://".concat(domainUrl);
869
- }
870
- return domainUrl;
871
- };
948
+ function isWebLocksSupported() {
949
+ var _a;
950
+ return typeof navigator !== "undefined" && typeof ((_a = navigator.locks) === null || _a === void 0 ? void 0 : _a.request) === "function";
951
+ }
872
952
 
873
- const getTokenIssuer = (issuer, domainUrl) => {
874
- if (issuer) {
875
- return issuer.startsWith("https://") ? issuer : "https://".concat(issuer, "/");
876
- }
877
- return "".concat(domainUrl, "/");
878
- };
953
+ function createLockManager() {
954
+ return isWebLocksSupported() ? new WebLocksApiManager : new LegacyLockManager;
955
+ }
879
956
 
880
- const parseNumber = value => {
881
- if (typeof value !== "string") {
882
- return value;
883
- }
884
- return parseInt(value, 10) || undefined;
885
- };
957
+ let lockManager = null;
886
958
 
887
- const fromEntries = iterable => [ ...iterable ].reduce(((obj, _ref) => {
888
- let [key, val] = _ref;
889
- obj[key] = val;
890
- return obj;
891
- }), {});
959
+ function getLockManager() {
960
+ if (!lockManager) {
961
+ lockManager = createLockManager();
962
+ }
963
+ return lockManager;
964
+ }
892
965
 
893
966
  const encoder$2 = new TextEncoder;
894
967
 
@@ -1654,10 +1727,8 @@ class CacheManager {
1654
1727
  for (const key of allKeys) {
1655
1728
  const entry = await this.cache.get(key);
1656
1729
  if (((_a = entry === null || entry === void 0 ? void 0 : entry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) === oldRefreshToken) {
1657
- const cacheEntry = Object.assign(Object.assign({}, entry.body), {
1658
- refresh_token: newRefreshToken
1659
- });
1660
- await this.set(cacheEntry);
1730
+ entry.body.refresh_token = newRefreshToken;
1731
+ await this.cache.set(key, entry);
1661
1732
  }
1662
1733
  }
1663
1734
  }
@@ -2040,16 +2111,6 @@ const singlePromise = (cb, key) => {
2040
2111
  return promise;
2041
2112
  };
2042
2113
 
2043
- const retryPromise = async function retryPromise(cb) {
2044
- let maxNumberOfRetries = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : 3;
2045
- for (let i = 0; i < maxNumberOfRetries; i++) {
2046
- if (await cb()) {
2047
- return true;
2048
- }
2049
- }
2050
- return false;
2051
- };
2052
-
2053
2114
  class CacheKeyManifest {
2054
2115
  constructor(cache, clientId) {
2055
2116
  this.cache = cache;
@@ -7929,12 +7990,9 @@ class MfaApiClient {
7929
7990
  }
7930
7991
  }
7931
7992
 
7932
- const lock = new _default;
7933
-
7934
7993
  class Auth0Client {
7935
7994
  constructor(options) {
7936
7995
  this.userCache = (new InMemoryCache).enclosedCache;
7937
- this.activeLockKeys = new Set;
7938
7996
  this.defaultOptions = {
7939
7997
  authorizationParams: {
7940
7998
  scope: DEFAULT_SCOPE
@@ -7942,18 +8000,11 @@ class Auth0Client {
7942
8000
  useRefreshTokensFallback: false,
7943
8001
  useFormData: true
7944
8002
  };
7945
- this._releaseLockOnPageHide = async () => {
7946
- const lockKeysToRelease = Array.from(this.activeLockKeys);
7947
- for (const lockKey of lockKeysToRelease) {
7948
- await lock.releaseLock(lockKey);
7949
- }
7950
- this.activeLockKeys.clear();
7951
- window.removeEventListener("pagehide", this._releaseLockOnPageHide);
7952
- };
7953
8003
  this.options = Object.assign(Object.assign(Object.assign({}, this.defaultOptions), options), {
7954
8004
  authorizationParams: Object.assign(Object.assign({}, this.defaultOptions.authorizationParams), options.authorizationParams)
7955
8005
  });
7956
8006
  typeof window !== "undefined" && validateCrypto();
8007
+ this.lockManager = getLockManager();
7957
8008
  if (options.cache && options.cacheLocation) {
7958
8009
  console.warn("Both `cache` and `cacheLocation` options have been specified in the Auth0Client configuration; ignoring `cacheLocation` and using `cache`.");
7959
8010
  }
@@ -8242,12 +8293,8 @@ class Auth0Client {
8242
8293
  return;
8243
8294
  }
8244
8295
  const lockKey = buildGetTokenSilentlyLockKey(this.options.clientId, getTokenOptions.authorizationParams.audience || "default");
8245
- if (await retryPromise((() => lock.acquireLock(lockKey, 5e3)), 10)) {
8246
- this.activeLockKeys.add(lockKey);
8247
- if (this.activeLockKeys.size === 1) {
8248
- window.addEventListener("pagehide", this._releaseLockOnPageHide);
8249
- }
8250
- try {
8296
+ try {
8297
+ return await this.lockManager.runWithLock(lockKey, 5e3, (async () => {
8251
8298
  if (cacheMode !== "off") {
8252
8299
  const entry = await this._getEntryFromCache({
8253
8300
  scope: getTokenOptions.authorizationParams.scope,
@@ -8269,15 +8316,33 @@ class Auth0Client {
8269
8316
  } : null), {
8270
8317
  expires_in: expires_in
8271
8318
  });
8272
- } finally {
8273
- await lock.releaseLock(lockKey);
8274
- this.activeLockKeys.delete(lockKey);
8275
- if (this.activeLockKeys.size === 0) {
8276
- window.removeEventListener("pagehide", this._releaseLockOnPageHide);
8277
- }
8319
+ }));
8320
+ } catch (error) {
8321
+ if (this._isInteractiveError(error) && this.options.interactiveErrorHandler === "popup") {
8322
+ return await this._handleInteractiveErrorWithPopup(getTokenOptions);
8278
8323
  }
8279
- } else {
8280
- throw new TimeoutError;
8324
+ throw error;
8325
+ }
8326
+ }
8327
+ _isInteractiveError(error) {
8328
+ return error instanceof MfaRequiredError;
8329
+ }
8330
+ async _handleInteractiveErrorWithPopup(options) {
8331
+ try {
8332
+ await this.loginWithPopup({
8333
+ authorizationParams: options.authorizationParams
8334
+ });
8335
+ const entry = await this._getEntryFromCache({
8336
+ scope: options.authorizationParams.scope,
8337
+ audience: options.authorizationParams.audience || DEFAULT_AUDIENCE,
8338
+ clientId: this.options.clientId
8339
+ });
8340
+ if (!entry) {
8341
+ throw new GenericError("interactive_handler_cache_miss", "Token not found in cache after interactive authentication");
8342
+ }
8343
+ return entry;
8344
+ } catch (error) {
8345
+ throw error;
8281
8346
  }
8282
8347
  }
8283
8348
  async getTokenWithPopup() {
@@ -8341,8 +8406,8 @@ class Auth0Client {
8341
8406
  }
8342
8407
  async _getTokenFromIFrame(options) {
8343
8408
  const iframeLockKey = buildIframeLockKey(this.options.clientId);
8344
- if (await retryPromise((() => lock.acquireLock(iframeLockKey, 5e3)), 10)) {
8345
- try {
8409
+ try {
8410
+ return await this.lockManager.runWithLock(iframeLockKey, 5e3, (async () => {
8346
8411
  const params = Object.assign(Object.assign({}, options.authorizationParams), {
8347
8412
  prompt: "none"
8348
8413
  });
@@ -8382,18 +8447,14 @@ class Auth0Client {
8382
8447
  oauthTokenScope: tokenResult.scope,
8383
8448
  audience: audience
8384
8449
  });
8385
- } catch (e) {
8386
- if (e.error === "login_required") {
8387
- this.logout({
8388
- openUrl: false
8389
- });
8390
- }
8391
- throw e;
8392
- } finally {
8393
- await lock.releaseLock(iframeLockKey);
8450
+ }));
8451
+ } catch (e) {
8452
+ if (e.error === "login_required") {
8453
+ this.logout({
8454
+ openUrl: false
8455
+ });
8394
8456
  }
8395
- } else {
8396
- throw new TimeoutError;
8457
+ throw e;
8397
8458
  }
8398
8459
  }
8399
8460
  async _getTokenUsingRefreshToken(options) {