@auth0/auth0-spa-js 2.17.1 → 2.18.1

package/dist/lib/auth0-spa-js.cjs.js

@@ -4,21 +4,163 @@ Object.defineProperty(exports, "__esModule", {
     value: true
 });
 
-function __rest(s, e) {
+function _OverloadYield(e, d) {
+    this.v = e, this.k = d;
+}
+
+function _assertClassBrand(e, t, n) {
+    if ("function" == typeof e ? e === t : e.has(t)) return arguments.length < 3 ? t : n;
+    throw new TypeError("Private element is not present on this object");
+}
+
+function _awaitAsyncGenerator(e) {
+    return new _OverloadYield(e, 0);
+}
+
+function _checkPrivateRedeclaration(e, t) {
+    if (t.has(e)) throw new TypeError("Cannot initialize the same private elements twice on an object");
+}
+
+function _classPrivateFieldGet2(s, a) {
+    return s.get(_assertClassBrand(s, a));
+}
+
+function _classPrivateFieldInitSpec(e, t, a) {
+    _checkPrivateRedeclaration(e, t), t.set(e, a);
+}
+
+function _classPrivateFieldSet2(s, a, r) {
+    return s.set(_assertClassBrand(s, a), r), r;
+}
+
+function _classPrivateMethodInitSpec(e, a) {
+    _checkPrivateRedeclaration(e, a), a.add(e);
+}
+
+function _defineProperty(e, r, t) {
+    return (r = _toPropertyKey(r)) in e ? Object.defineProperty(e, r, {
+        value: t,
+        enumerable: !0,
+        configurable: !0,
+        writable: !0
+    }) : e[r] = t, e;
+}
+
+function ownKeys(e, r) {
+    var t = Object.keys(e);
+    if (Object.getOwnPropertySymbols) {
+        var o = Object.getOwnPropertySymbols(e);
+        r && (o = o.filter(function(r) {
+            return Object.getOwnPropertyDescriptor(e, r).enumerable;
+        })), t.push.apply(t, o);
+    }
+    return t;
+}
+
+function _objectSpread2(e) {
+    for (var r = 1; r < arguments.length; r++) {
+        var t = null != arguments[r] ? arguments[r] : {};
+        r % 2 ? ownKeys(Object(t), !0).forEach(function(r) {
+            _defineProperty(e, r, t[r]);
+        }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys(Object(t)).forEach(function(r) {
+            Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r));
+        });
+    }
+    return e;
+}
+
+function _objectWithoutProperties(e, t) {
+    if (null == e) return {};
+    var o, r, i = _objectWithoutPropertiesLoose(e, t);
+    if (Object.getOwnPropertySymbols) {
+        var n = Object.getOwnPropertySymbols(e);
+        for (r = 0; r < n.length; r++) o = n[r], -1 === t.indexOf(o) && {}.propertyIsEnumerable.call(e, o) && (i[o] = e[o]);
+    }
+    return i;
+}
+
+function _objectWithoutPropertiesLoose(r, e) {
+    if (null == r) return {};
     var t = {};
-    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0) t[p] = s[p];
-    if (s != null && typeof Object.getOwnPropertySymbols === "function") for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
-        if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i])) t[p[i]] = s[p[i]];
+    for (var n in r) if ({}.hasOwnProperty.call(r, n)) {
+        if (-1 !== e.indexOf(n)) continue;
+        t[n] = r[n];
     }
     return t;
 }
 
-typeof SuppressedError === "function" ? SuppressedError : function(error, suppressed, message) {
-    var e = new Error(message);
-    return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
+function _toPrimitive(t, r) {
+    if ("object" != typeof t || !t) return t;
+    var e = t[Symbol.toPrimitive];
+    if (void 0 !== e) {
+        var i = e.call(t, r || "default");
+        if ("object" != typeof i) return i;
+        throw new TypeError("@@toPrimitive must return a primitive value.");
+    }
+    return ("string" === r ? String : Number)(t);
+}
+
+function _toPropertyKey(t) {
+    var i = _toPrimitive(t, "string");
+    return "symbol" == typeof i ? i : i + "";
+}
+
+function _wrapAsyncGenerator(e) {
+    return function() {
+        return new AsyncGenerator(e.apply(this, arguments));
+    };
+}
+
+function AsyncGenerator(e) {
+    var t, n;
+    function resume(t, n) {
+        try {
+            var r = e[t](n), o = r.value, u = o instanceof _OverloadYield;
+            Promise.resolve(u ? o.v : o).then(function(n) {
+                if (u) {
+                    var i = "return" === t && o.k ? t : "next";
+                    if (!o.k || n.done) return resume(i, n);
+                    n = e[i](n).value;
+                }
+                settle(!!r.done, n);
+            }, function(e) {
+                resume("throw", e);
+            });
+        } catch (e) {
+            settle(2, e);
+        }
+    }
+    function settle(e, r) {
+        2 === e ? t.reject(r) : t.resolve({
+            value: r,
+            done: e
+        }), (t = t.next) ? resume(t.key, t.arg) : n = null;
+    }
+    this._invoke = function(e, r) {
+        return new Promise(function(o, u) {
+            var i = {
+                key: e,
+                arg: r,
+                resolve: o,
+                reject: u,
+                next: null
+            };
+            n ? n = n.next = i : (t = n = i, resume(e, r));
+        });
+    }, "function" != typeof e.return && (this.return = void 0);
+}
+
+AsyncGenerator.prototype["function" == typeof Symbol && Symbol.asyncIterator || "@@asyncIterator"] = function() {
+    return this;
+}, AsyncGenerator.prototype.next = function(e) {
+    return this._invoke("next", e);
+}, AsyncGenerator.prototype.throw = function(e) {
+    return this._invoke("throw", e);
+}, AsyncGenerator.prototype.return = function(e) {
+    return this._invoke("return", e);
 };
 
-var version = "2.17.1";
+var version = "2.18.1";
 
 const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;
 
@@ -159,6 +301,8 @@ function valueOrEmptyString(value) {
     return value && !exclude.includes(value) ? value : "";
 }
 
+const _excluded$5 = [ "clientId" ];
+
 const parseAuthenticationResult = queryString => {
     if (queryString.indexOf("#") > -1) {
         queryString = queryString.substring(0, queryString.indexOf("#"));
@@ -217,7 +361,7 @@ const openPopup = url => {
     return window.open(url, "auth0:authorize:popup", "left=".concat(left, ",top=").concat(top, ",width=").concat(width, ",height=").concat(height, ",resizable,scrollbars=yes,status=1"));
 };
 
-const runPopup = config => new Promise((resolve, reject) => {
+const runPopup = (config, eventOrigin) => new Promise((resolve, reject) => {
     let _popupEventListener;
     const popupTimer = setInterval(() => {
         if (config.popup && config.popup.closed) {
@@ -233,6 +377,7 @@ const runPopup = config => new Promise((resolve, reject) => {
         window.removeEventListener("message", _popupEventListener, false);
     }, (config.timeoutInSeconds || DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS) * 1e3);
     _popupEventListener = function popupEventListener(e) {
+        if (e.origin !== eventOrigin) return;
         if (!e.data || e.data.type !== "authorization_response") {
             return;
         }
@@ -254,15 +399,22 @@ const getCrypto = () => window.crypto;
 
 const createRandomString = () => {
     const charset = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.";
+    const validMax = 256 - 256 % charset.length;
     let random = "";
-    const randomValues = Array.from(getCrypto().getRandomValues(new Uint8Array(43)));
-    randomValues.forEach(v => random += charset[v % charset.length]);
+    while (random.length < 43) {
+        const bytes = getCrypto().getRandomValues(new Uint8Array(43 - random.length));
+        for (const byte of bytes) {
+            if (random.length < 43 && byte < validMax) {
+                random += charset[byte % charset.length];
+            }
+        }
+    }
     return random;
 };
 
 const encode$2 = value => btoa(value);
 
-const stripUndefined = params => Object.keys(params).filter(k => typeof params[k] !== "undefined").reduce((acc, key) => Object.assign(Object.assign({}, acc), {
+const stripUndefined = params => Object.keys(params).filter(k => typeof params[k] !== "undefined").reduce((acc, key) => _objectSpread2(_objectSpread2({}, acc), {}, {
     [key]: params[key]
 }), {});
 
@@ -291,9 +443,9 @@ const stripAuth0Client = function stripAuth0Client(auth0Client) {
     }, {});
 };
 
-const createQueryParams = _a => {
-    var {clientId: client_id} = _a, params = __rest(_a, [ "clientId" ]);
-    return new URLSearchParams(stripUndefined(Object.assign({
+const createQueryParams = _ref => {
+    let {clientId: client_id} = _ref, params = _objectWithoutProperties(_ref, _excluded$5);
+    return new URLSearchParams(stripUndefined(_objectSpread2({
         client_id: client_id
     }, params))).toString();
 };
@@ -353,8 +505,8 @@ const parseNumber = value => {
     return parseInt(value, 10) || undefined;
 };
 
-const fromEntries = iterable => [ ...iterable ].reduce((obj, _ref) => {
-    let [key, val] = _ref;
+const fromEntries = iterable => [ ...iterable ].reduce((obj, _ref2) => {
+    let [key, val] = _ref2;
     obj[key] = val;
     return obj;
 }, {});
@@ -915,7 +1067,9 @@ class WebLocksApiManager {
 
 class LegacyLockManager {
     constructor() {
-        this.activeLocks = new Set;
+        _defineProperty(this, "lock", void 0);
+        _defineProperty(this, "activeLocks", new Set);
+        _defineProperty(this, "pagehideHandler", void 0);
         this.lock = new _default;
         this.pagehideHandler = () => {
             this.activeLocks.forEach(key => this.lock.releaseLock(key));
@@ -948,8 +1102,8 @@ class LegacyLockManager {
 }
 
 function isWebLocksSupported() {
-    var _a;
-    return typeof navigator !== "undefined" && typeof ((_a = navigator.locks) === null || _a === void 0 ? void 0 : _a.request) === "function";
+    var _navigator$locks;
+    return typeof navigator !== "undefined" && typeof ((_navigator$locks = navigator.locks) === null || _navigator$locks === void 0 ? void 0 : _navigator$locks.request) === "function";
 }
 
 function createLockManager() {
@@ -1319,6 +1473,8 @@ const sendMessage = (message, to) => new Promise(function(resolve, reject) {
     to.postMessage(message, [ messageChannel.port2 ]);
 });
 
+const _excluded$4 = [ "error", "error_description" ];
+
 const createAbortController = () => new AbortController;
 
 const dofetch = async (fetchUrl, fetchOptions) => {
@@ -1373,7 +1529,7 @@ async function getJSON(url, timeout, audience, scope, options, worker, useFormDa
             method: options.method || "GET",
             nonce: await dpop.getNonce()
         });
-        options.headers = Object.assign(Object.assign({}, options.headers), {
+        options.headers = _objectSpread2(_objectSpread2({}, options.headers), {}, {
             dpop: dpopProof
         });
     }
@@ -1391,7 +1547,7 @@ async function getJSON(url, timeout, audience, scope, options, worker, useFormDa
     if (fetchError) {
         throw fetchError;
     }
-    const _a = response.json, {error: error, error_description: error_description} = _a, data = __rest(_a, [ "error", "error_description" ]), {headers: headers, ok: ok} = response;
+    const {json: {error: error, error_description: error_description}, headers: headers, ok: ok} = response, data = _objectWithoutProperties(response.json, _excluded$4);
     let newDpopNonce;
     if (dpop) {
         newDpopNonce = headers[DPOP_NONCE_HEADER];
@@ -1418,11 +1574,13 @@ async function getJSON(url, timeout, audience, scope, options, worker, useFormDa
     return data;
 }
 
-async function oauthToken(_a, worker) {
-    var {baseUrl: baseUrl, timeout: timeout, audience: audience, scope: scope, auth0Client: auth0Client, useFormData: useFormData, useMrrt: useMrrt, dpop: dpop} = _a, options = __rest(_a, [ "baseUrl", "timeout", "audience", "scope", "auth0Client", "useFormData", "useMrrt", "dpop" ]);
+const _excluded$3 = [ "baseUrl", "timeout", "audience", "scope", "auth0Client", "useFormData", "useMrrt", "dpop" ];
+
+async function oauthToken(_ref, worker) {
+    let {baseUrl: baseUrl, timeout: timeout, audience: audience, scope: scope, auth0Client: auth0Client, useFormData: useFormData, useMrrt: useMrrt, dpop: dpop} = _ref, options = _objectWithoutProperties(_ref, _excluded$3);
     const isTokenExchange = options.grant_type === "urn:ietf:params:oauth:grant-type:token-exchange";
     const refreshWithMrrt = options.grant_type === "refresh_token" && useMrrt;
-    const allParams = Object.assign(Object.assign(Object.assign(Object.assign({}, options), isTokenExchange && audience && {
+    const allParams = _objectSpread2(_objectSpread2(_objectSpread2(_objectSpread2({}, options), isTokenExchange && audience && {
         audience: audience
     }), isTokenExchange && scope && {
         scope: scope
@@ -1491,6 +1649,9 @@ class CacheKey {
         let suffix = arguments.length > 2 ? arguments[2] : undefined;
         this.prefix = prefix;
         this.suffix = suffix;
+        _defineProperty(this, "clientId", void 0);
+        _defineProperty(this, "scope", void 0);
+        _defineProperty(this, "audience", void 0);
         this.clientId = data.clientId;
         this.scope = data.scope;
         this.audience = data.audience;
@@ -1540,7 +1701,7 @@ class LocalStorageCache {
 
 class InMemoryCache {
     constructor() {
-        this.enclosedCache = function() {
+        _defineProperty(this, "enclosedCache", function() {
             let cache = {};
             return {
                 set(key, entry) {
@@ -1560,7 +1721,7 @@ class InMemoryCache {
                     return Object.keys(cache);
                 }
             };
-        }();
+        }());
     }
 }
 
@@ -1570,16 +1731,17 @@ class CacheManager {
     constructor(cache, keyManifest, nowProvider) {
         this.cache = cache;
         this.keyManifest = keyManifest;
+        _defineProperty(this, "nowProvider", void 0);
         this.nowProvider = nowProvider || DEFAULT_NOW_PROVIDER;
     }
     async setIdToken(clientId, idToken, decodedToken) {
-        var _a;
+        var _this$keyManifest;
         const cacheKey = this.getIdTokenCacheKey(clientId);
         await this.cache.set(cacheKey, {
             id_token: idToken,
             decodedToken: decodedToken
         });
-        await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.add(cacheKey));
+        await ((_this$keyManifest = this.keyManifest) === null || _this$keyManifest === void 0 ? void 0 : _this$keyManifest.add(cacheKey));
     }
     async getIdToken(cacheKey) {
         const entry = await this.cache.get(this.getIdTokenCacheKey(cacheKey.clientId));
@@ -1608,7 +1770,6 @@ class CacheManager {
         let expiryAdjustmentSeconds = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : DEFAULT_EXPIRY_ADJUSTMENT_SECONDS;
         let useMrrt = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : false;
         let cacheMode = arguments.length > 3 ? arguments[3] : undefined;
-        var _a;
         let wrappedEntry = await this.cache.get(cacheKey.toKey());
         if (!wrappedEntry) {
             const keys = await this.getCacheKeys();
@@ -1627,11 +1788,12 @@ class CacheManager {
         const now = await this.nowProvider();
         const nowSeconds = Math.floor(now / 1e3);
         if (wrappedEntry.expiresAt - expiryAdjustmentSeconds < nowSeconds) {
+            var _this$keyManifest2;
             if (wrappedEntry.body.refresh_token) {
                 return this.modifiedCachedEntry(wrappedEntry, cacheKey);
             }
             await this.cache.remove(cacheKey.toKey());
-            await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.remove(cacheKey.toKey()));
+            await ((_this$keyManifest2 = this.keyManifest) === null || _this$keyManifest2 === void 0 ? void 0 : _this$keyManifest2.remove(cacheKey.toKey()));
             return;
         }
         return wrappedEntry.body;
@@ -1650,7 +1812,7 @@ class CacheManager {
         };
     }
     async set(entry) {
-        var _a;
+        var _this$keyManifest3;
         const cacheKey = new CacheKey({
             clientId: entry.client_id,
             scope: entry.scope,
@@ -1658,7 +1820,7 @@ class CacheManager {
         });
         const wrappedEntry = await this.wrapCacheEntry(entry);
         await this.cache.set(cacheKey.toKey(), wrappedEntry);
-        await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.add(cacheKey.toKey()));
+        await ((_this$keyManifest3 = this.keyManifest) === null || _this$keyManifest3 === void 0 ? void 0 : _this$keyManifest3.add(cacheKey.toKey()));
     }
     async remove(client_id, audience, scope) {
         const cacheKey = new CacheKey({
@@ -1669,14 +1831,14 @@ class CacheManager {
         await this.cache.remove(cacheKey.toKey());
     }
     async clear(clientId) {
-        var _a;
+        var _this$keyManifest4;
         const keys = await this.getCacheKeys();
         if (!keys) return;
         await keys.filter(key => clientId ? key.includes(clientId) : true).reduce(async (memo, key) => {
             await memo;
             await this.cache.remove(key);
         }, Promise.resolve());
-        await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.clear());
+        await ((_this$keyManifest4 = this.keyManifest) === null || _this$keyManifest4 === void 0 ? void 0 : _this$keyManifest4.clear());
     }
     async wrapCacheEntry(entry) {
         const now = await this.nowProvider();
@@ -1687,9 +1849,9 @@ class CacheManager {
         };
     }
     async getCacheKeys() {
-        var _a;
         if (this.keyManifest) {
-            return (_a = await this.keyManifest.get()) === null || _a === void 0 ? void 0 : _a.keys;
+            var _await$this$keyManife;
+            return (_await$this$keyManife = await this.keyManifest.get()) === null || _await$this$keyManife === void 0 ? void 0 : _await$this$keyManife.keys;
         } else if (this.cache.allKeys) {
             return this.cache.allKeys();
         }
@@ -1701,21 +1863,21 @@ class CacheManager {
     }
     matchExistingCacheKey(keyToMatch, allKeys) {
         return allKeys.filter(key => {
-            var _a;
+            var _keyToMatch$scope;
             const cacheKey = CacheKey.fromKey(key);
             const scopeSet = new Set(cacheKey.scope && cacheKey.scope.split(" "));
-            const scopesToMatch = ((_a = keyToMatch.scope) === null || _a === void 0 ? void 0 : _a.split(" ")) || [];
+            const scopesToMatch = ((_keyToMatch$scope = keyToMatch.scope) === null || _keyToMatch$scope === void 0 ? void 0 : _keyToMatch$scope.split(" ")) || [];
             const hasAllScopes = cacheKey.scope && scopesToMatch.reduce((acc, current) => acc && scopeSet.has(current), true);
             return cacheKey.prefix === CACHE_KEY_PREFIX && cacheKey.clientId === keyToMatch.clientId && cacheKey.audience === keyToMatch.audience && hasAllScopes;
         })[0];
     }
     async getEntryWithRefreshToken(keyToMatch, allKeys) {
-        var _a;
         for (const key of allKeys) {
             const cacheKey = CacheKey.fromKey(key);
             if (cacheKey.prefix === CACHE_KEY_PREFIX && cacheKey.clientId === keyToMatch.clientId) {
+                var _cachedEntry$body;
                 const cachedEntry = await this.cache.get(key);
-                if ((_a = cachedEntry === null || cachedEntry === void 0 ? void 0 : cachedEntry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) {
+                if (cachedEntry !== null && cachedEntry !== void 0 && (_cachedEntry$body = cachedEntry.body) !== null && _cachedEntry$body !== void 0 && _cachedEntry$body.refresh_token) {
                     return this.modifiedCachedEntry(cachedEntry, keyToMatch);
                 }
             }
@@ -1723,12 +1885,12 @@ class CacheManager {
         return undefined;
     }
     async updateEntry(oldRefreshToken, newRefreshToken) {
-        var _a;
         const allKeys = await this.getCacheKeys();
         if (!allKeys) return;
         for (const key of allKeys) {
+            var _entry$body;
             const entry = await this.cache.get(key);
-            if (((_a = entry === null || entry === void 0 ? void 0 : entry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) === oldRefreshToken) {
+            if ((entry === null || entry === void 0 || (_entry$body = entry.body) === null || _entry$body === void 0 ? void 0 : _entry$body.refresh_token) === oldRefreshToken) {
                 entry.body.refresh_token = newRefreshToken;
                 await this.cache.set(key, entry);
             }
@@ -1743,6 +1905,7 @@ class TransactionManager {
         this.storage = storage;
         this.clientId = clientId;
         this.cookieDomain = cookieDomain;
+        _defineProperty(this, "storageKey", void 0);
         this.storageKey = "".concat(TRANSACTION_STORAGE_KEY_PREFIX, ".").concat(this.clientId);
     }
     create(transaction) {
@@ -1983,17 +2146,17 @@ const CookieStorage = {
                 sameSite: "none"
             };
         }
-        if (options === null || options === void 0 ? void 0 : options.daysUntilExpire) {
+        if (options !== null && options !== void 0 && options.daysUntilExpire) {
             cookieAttributes.expires = options.daysUntilExpire;
         }
-        if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
+        if (options !== null && options !== void 0 && options.cookieDomain) {
             cookieAttributes.domain = options.cookieDomain;
         }
         set_1(key, JSON.stringify(value), cookieAttributes);
     },
     remove(key, options) {
         let cookieAttributes = {};
-        if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
+        if (options !== null && options !== void 0 && options.cookieDomain) {
             cookieAttributes.domain = options.cookieDomain;
         }
         remove_1(key, cookieAttributes);
@@ -2017,10 +2180,10 @@ const CookieStorageWithLegacySameSite = {
                 secure: true
             };
         }
-        if (options === null || options === void 0 ? void 0 : options.daysUntilExpire) {
+        if (options !== null && options !== void 0 && options.daysUntilExpire) {
             cookieAttributes.expires = options.daysUntilExpire;
         }
-        if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
+        if (options !== null && options !== void 0 && options.cookieDomain) {
             cookieAttributes.domain = options.cookieDomain;
         }
         set_1("".concat(LEGACY_PREFIX).concat(key), JSON.stringify(value), cookieAttributes);
@@ -2028,7 +2191,7 @@ const CookieStorageWithLegacySameSite = {
     },
     remove(key, options) {
         let cookieAttributes = {};
-        if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
+        if (options !== null && options !== void 0 && options.cookieDomain) {
             cookieAttributes.domain = options.cookieDomain;
         }
         remove_1(key, cookieAttributes);
@@ -2056,14 +2219,36 @@ const SessionStorage = {
     }
 };
 
-exports.ResponseType = void 0;
-
-(function(ResponseType) {
+let ResponseType = function(ResponseType) {
     ResponseType["Code"] = "code";
     ResponseType["ConnectCode"] = "connect_code";
-})(exports.ResponseType || (exports.ResponseType = {}));
+    return ResponseType;
+}({});
 
-class User {}
+class User {
+    constructor() {
+        _defineProperty(this, "name", void 0);
+        _defineProperty(this, "given_name", void 0);
+        _defineProperty(this, "family_name", void 0);
+        _defineProperty(this, "middle_name", void 0);
+        _defineProperty(this, "nickname", void 0);
+        _defineProperty(this, "preferred_username", void 0);
+        _defineProperty(this, "profile", void 0);
+        _defineProperty(this, "picture", void 0);
+        _defineProperty(this, "website", void 0);
+        _defineProperty(this, "email", void 0);
+        _defineProperty(this, "email_verified", void 0);
+        _defineProperty(this, "gender", void 0);
+        _defineProperty(this, "birthdate", void 0);
+        _defineProperty(this, "zoneinfo", void 0);
+        _defineProperty(this, "locale", void 0);
+        _defineProperty(this, "phone_number", void 0);
+        _defineProperty(this, "phone_number_verified", void 0);
+        _defineProperty(this, "address", void 0);
+        _defineProperty(this, "updated_at", void 0);
+        _defineProperty(this, "sub", void 0);
+    }
+}
 
 function decodeBase64$1(base64, enableUnicode) {
     var binaryString = atob(base64);
@@ -2097,7 +2282,7 @@ function createBase64WorkerFactory(base64, sourcemapArg, enableUnicodeArg) {
     };
 }
 
-var WorkerFactory = createBase64WorkerFactory("Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwooZnVuY3Rpb24oKSB7CiAgICAidXNlIHN0cmljdCI7CiAgICBjbGFzcyBHZW5lcmljRXJyb3IgZXh0ZW5kcyBFcnJvciB7CiAgICAgICAgY29uc3RydWN0b3IoZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uKSB7CiAgICAgICAgICAgIHN1cGVyKGVycm9yX2Rlc2NyaXB0aW9uKTsKICAgICAgICAgICAgdGhpcy5lcnJvciA9IGVycm9yOwogICAgICAgICAgICB0aGlzLmVycm9yX2Rlc2NyaXB0aW9uID0gZXJyb3JfZGVzY3JpcHRpb247CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBHZW5lcmljRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICAgICAgc3RhdGljIGZyb21QYXlsb2FkKF9yZWYpIHsKICAgICAgICAgICAgbGV0IHtlcnJvcjogZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uOiBlcnJvcl9kZXNjcmlwdGlvbn0gPSBfcmVmOwogICAgICAgICAgICByZXR1cm4gbmV3IEdlbmVyaWNFcnJvcihlcnJvciwgZXJyb3JfZGVzY3JpcHRpb24pOwogICAgICAgIH0KICAgIH0KICAgIGNsYXNzIE1pc3NpbmdSZWZyZXNoVG9rZW5FcnJvciBleHRlbmRzIEdlbmVyaWNFcnJvciB7CiAgICAgICAgY29uc3RydWN0b3IoYXVkaWVuY2UsIHNjb3BlKSB7CiAgICAgICAgICAgIHN1cGVyKCJtaXNzaW5nX3JlZnJlc2hfdG9rZW4iLCAiTWlzc2luZyBSZWZyZXNoIFRva2VuIChhdWRpZW5jZTogJyIuY29uY2F0KHZhbHVlT3JFbXB0eVN0cmluZyhhdWRpZW5jZSwgWyAiZGVmYXVsdCIgXSksICInLCBzY29wZTogJyIpLmNvbmNhdCh2YWx1ZU9yRW1wdHlTdHJpbmcoc2NvcGUpLCAiJykiKSk7CiAgICAgICAgICAgIHRoaXMuYXVkaWVuY2UgPSBhdWRpZW5jZTsKICAgICAgICAgICAgdGhpcy5zY29wZSA9IHNjb3BlOwogICAgICAgICAgICBPYmplY3Quc2V0UHJvdG90eXBlT2YodGhpcywgTWlzc2luZ1JlZnJlc2hUb2tlbkVycm9yLnByb3RvdHlwZSk7CiAgICAgICAgfQogICAgfQogICAgZnVuY3Rpb24gdmFsdWVPckVtcHR5U3RyaW5nKHZhbHVlKSB7CiAgICAgICAgbGV0IGV4Y2x1ZGUgPSBhcmd1bWVudHMubGVuZ3RoID4gMSAmJiBhcmd1bWVudHNbMV0gIT09IHVuZGVmaW5lZCA/IGFyZ3VtZW50c1sxXSA6IFtdOwogICAgICAgIHJldHVybiB2YWx1ZSAmJiAhZXhjbHVkZS5pbmNsdWRlcyh2YWx1ZSkgPyB2YWx1ZSA6ICIiOwogICAgfQogICAgZnVuY3Rpb24gX19yZXN0KHMsIGUpIHsKICAgICAgICB2YXIgdCA9IHt9OwogICAgICAgIGZvciAodmFyIHAgaW4gcykgaWYgKE9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChzLCBwKSAmJiBlLmluZGV4T2YocCkgPCAwKSB0W3BdID0gc1twXTsKICAgICAgICBpZiAocyAhPSBudWxsICYmIHR5cGVvZiBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzID09PSAiZnVuY3Rpb24iKSBmb3IgKHZhciBpID0gMCwgcCA9IE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMocyk7IGkgPCBwLmxlbmd0aDsgaSsrKSB7CiAgICAgICAgICAgIGlmIChlLmluZGV4T2YocFtpXSkgPCAwICYmIE9iamVjdC5wcm90b3R5cGUucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChzLCBwW2ldKSkgdFtwW2ldXSA9IHNbcFtpXV07CiAgICAgICAgfQogICAgICAgIHJldHVybiB0OwogICAgfQogICAgdHlwZW9mIFN1cHByZXNzZWRFcnJvciA9PT0gImZ1bmN0aW9uIiA/IFN1cHByZXNzZWRFcnJvciA6IGZ1bmN0aW9uKGVycm9yLCBzdXBwcmVzc2VkLCBtZXNzYWdlKSB7CiAgICAgICAgdmFyIGUgPSBuZXcgRXJyb3IobWVzc2FnZSk7CiAgICAgICAgcmV0dXJuIGUubmFtZSA9ICJTdXBwcmVzc2VkRXJyb3IiLCBlLmVycm9yID0gZXJyb3IsIGUuc3VwcHJlc3NlZCA9IHN1cHByZXNzZWQsIGU7CiAgICB9OwogICAgY29uc3Qgc3RyaXBVbmRlZmluZWQgPSBwYXJhbXMgPT4gT2JqZWN0LmtleXMocGFyYW1zKS5maWx0ZXIoayA9PiB0eXBlb2YgcGFyYW1zW2tdICE9PSAidW5kZWZpbmVkIikucmVkdWNlKChhY2MsIGtleSkgPT4gT2JqZWN0LmFzc2lnbihPYmplY3QuYXNzaWduKHt9LCBhY2MpLCB7CiAgICAgICAgW2tleV06IHBhcmFtc1trZXldCiAgICB9KSwge30pOwogICAgY29uc3QgY3JlYXRlUXVlcnlQYXJhbXMgPSBfYSA9PiB7CiAgICAgICAgdmFyIHtjbGllbnRJZDogY2xpZW50X2lkfSA9IF9hLCBwYXJhbXMgPSBfX3Jlc3QoX2EsIFsgImNsaWVudElkIiBdKTsKICAgICAgICByZXR1cm4gbmV3IFVSTFNlYXJjaFBhcmFtcyhzdHJpcFVuZGVmaW5lZChPYmplY3QuYXNzaWduKHsKICAgICAgICAgICAgY2xpZW50X2lkOiBjbGllbnRfaWQKICAgICAgICB9LCBwYXJhbXMpKSkudG9TdHJpbmcoKTsKICAgIH07CiAgICBjb25zdCBmcm9tRW50cmllcyA9IGl0ZXJhYmxlID0+IFsgLi4uaXRlcmFibGUgXS5yZWR1Y2UoKG9iaiwgX3JlZikgPT4gewogICAgICAgIGxldCBba2V5LCB2YWxdID0gX3JlZjsKICAgICAgICBvYmpba2V5XSA9IHZhbDsKICAgICAgICByZXR1cm4gb2JqOwogICAgfSwge30pOwogICAgbGV0IHJlZnJlc2hUb2tlbnMgPSB7fTsKICAgIGNvbnN0IGNhY2hlS2V5ID0gKGF1ZGllbmNlLCBzY29wZSkgPT4gIiIuY29uY2F0KGF1ZGllbmNlLCAifCIpLmNvbmNhdChzY29wZSk7CiAgICBjb25zdCBjYWNoZUtleUNvbnRhaW5zQXVkaWVuY2UgPSAoYXVkaWVuY2UsIGNhY2hlS2V5KSA9PiBjYWNoZUtleS5zdGFydHNXaXRoKCIiLmNvbmNhdChhdWRpZW5jZSwgInwiKSk7CiAgICBjb25zdCBnZXRSZWZyZXNoVG9rZW4gPSAoYXVkaWVuY2UsIHNjb3BlKSA9PiByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldOwogICAgY29uc3Qgc2V0UmVmcmVzaFRva2VuID0gKHJlZnJlc2hUb2tlbiwgYXVkaWVuY2UsIHNjb3BlKSA9PiByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldID0gcmVmcmVzaFRva2VuOwogICAgY29uc3QgZGVsZXRlUmVmcmVzaFRva2VuID0gKGF1ZGllbmNlLCBzY29wZSkgPT4gZGVsZXRlIHJlZnJlc2hUb2tlbnNbY2FjaGVLZXkoYXVkaWVuY2UsIHNjb3BlKV07CiAgICBjb25zdCB3YWl0ID0gdGltZSA9PiBuZXcgUHJvbWlzZShyZXNvbHZlID0+IHNldFRpbWVvdXQocmVzb2x2ZSwgdGltZSkpOwogICAgY29uc3QgZm9ybURhdGFUb09iamVjdCA9IGZvcm1EYXRhID0+IHsKICAgICAgICBjb25zdCBxdWVyeVBhcmFtcyA9IG5ldyBVUkxTZWFyY2hQYXJhbXMoZm9ybURhdGEpOwogICAgICAgIGNvbnN0IHBhcnNlZFF1ZXJ5ID0ge307CiAgICAgICAgcXVlcnlQYXJhbXMuZm9yRWFjaCgodmFsLCBrZXkpID0+IHsKICAgICAgICAgICAgcGFyc2VkUXVlcnlba2V5XSA9IHZhbDsKICAgICAgICB9KTsKICAgICAgICByZXR1cm4gcGFyc2VkUXVlcnk7CiAgICB9OwogICAgY29uc3QgdXBkYXRlUmVmcmVzaFRva2VucyA9IChvbGRSZWZyZXNoVG9rZW4sIG5ld1JlZnJlc2hUb2tlbikgPT4gewogICAgICAgIE9iamVjdC5lbnRyaWVzKHJlZnJlc2hUb2tlbnMpLmZvckVhY2goX3JlZiA9PiB7CiAgICAgICAgICAgIGxldCBba2V5LCB0b2tlbl0gPSBfcmVmOwogICAgICAgICAgICBpZiAodG9rZW4gPT09IG9sZFJlZnJlc2hUb2tlbikgewogICAgICAgICAgICAgICAgcmVmcmVzaFRva2Vuc1trZXldID0gbmV3UmVmcmVzaFRva2VuOwogICAgICAgICAgICB9CiAgICAgICAgfSk7CiAgICB9OwogICAgY29uc3QgY2hlY2tEb3duc2NvcGluZyA9IChzY29wZSwgYXVkaWVuY2UpID0+IHsKICAgICAgICBjb25zdCBmaW5kQ29pbmNpZGVuY2UgPSBPYmplY3Qua2V5cyhyZWZyZXNoVG9rZW5zKS5maW5kKGtleSA9PiB7CiAgICAgICAgICAgIGlmIChrZXkgIT09ICJsYXRlc3RfcmVmcmVzaF90b2tlbiIpIHsKICAgICAgICAgICAgICAgIGNvbnN0IGlzU2FtZUF1ZGllbmNlID0gY2FjaGVLZXlDb250YWluc0F1ZGllbmNlKGF1ZGllbmNlLCBrZXkpOwogICAgICAgICAgICAgICAgY29uc3Qgc2NvcGVzS2V5ID0ga2V5LnNwbGl0KCJ8IilbMV0uc3BsaXQoIiAiKTsKICAgICAgICAgICAgICAgIGNvbnN0IHJlcXVlc3RlZFNjb3BlcyA9IHNjb3BlLnNwbGl0KCIgIik7CiAgICAgICAgICAgICAgICBjb25zdCBzY29wZXNBcmVJbmNsdWRlZCA9IHJlcXVlc3RlZFNjb3Blcy5ldmVyeShrZXkgPT4gc2NvcGVzS2V5LmluY2x1ZGVzKGtleSkpOwogICAgICAgICAgICAgICAgcmV0dXJuIGlzU2FtZUF1ZGllbmNlICYmIHNjb3Blc0FyZUluY2x1ZGVkOwogICAgICAgICAgICB9CiAgICAgICAgfSk7CiAgICAgICAgcmV0dXJuIGZpbmRDb2luY2lkZW5jZSA/IHRydWUgOiBmYWxzZTsKICAgIH07CiAgICBjb25zdCBtZXNzYWdlSGFuZGxlciA9IGFzeW5jIF9yZWYyID0+IHsKICAgICAgICBsZXQge2RhdGE6IHt0aW1lb3V0OiB0aW1lb3V0LCBhdXRoOiBhdXRoLCBmZXRjaFVybDogZmV0Y2hVcmwsIGZldGNoT3B0aW9uczogZmV0Y2hPcHRpb25zLCB1c2VGb3JtRGF0YTogdXNlRm9ybURhdGEsIHVzZU1ycnQ6IHVzZU1ycnR9LCBwb3J0czogW3BvcnRdfSA9IF9yZWYyOwogICAgICAgIGxldCBoZWFkZXJzID0ge307CiAgICAgICAgbGV0IGpzb247CiAgICAgICAgbGV0IHJlZnJlc2hUb2tlbjsKICAgICAgICBjb25zdCB7YXVkaWVuY2U6IGF1ZGllbmNlLCBzY29wZTogc2NvcGV9ID0gYXV0aCB8fCB7fTsKICAgICAgICB0cnkgewogICAgICAgICAgICBjb25zdCBib2R5ID0gdXNlRm9ybURhdGEgPyBmb3JtRGF0YVRvT2JqZWN0KGZldGNoT3B0aW9ucy5ib2R5KSA6IEpTT04ucGFyc2UoZmV0Y2hPcHRpb25zLmJvZHkpOwogICAgICAgICAgICBpZiAoIWJvZHkucmVmcmVzaF90b2tlbiAmJiBib2R5LmdyYW50X3R5cGUgPT09ICJyZWZyZXNoX3Rva2VuIikgewogICAgICAgICAgICAgICAgcmVmcmVzaFRva2VuID0gZ2V0UmVmcmVzaFRva2VuKGF1ZGllbmNlLCBzY29wZSk7CiAgICAgICAgICAgICAgICBpZiAoIXJlZnJlc2hUb2tlbiAmJiB1c2VNcnJ0KSB7CiAgICAgICAgICAgICAgICAgICAgY29uc3QgbGF0ZXN0UmVmcmVzaFRva2VuID0gcmVmcmVzaFRva2Vuc1sibGF0ZXN0X3JlZnJlc2hfdG9rZW4iXTsKICAgICAgICAgICAgICAgICAgICBjb25zdCBpc0Rvd25zY29waW5nID0gY2hlY2tEb3duc2NvcGluZyhzY29wZSwgYXVkaWVuY2UpOwogICAgICAgICAgICAgICAgICAgIGlmIChsYXRlc3RSZWZyZXNoVG9rZW4gJiYgIWlzRG93bnNjb3BpbmcpIHsKICAgICAgICAgICAgICAgICAgICAgICAgcmVmcmVzaFRva2VuID0gbGF0ZXN0UmVmcmVzaFRva2VuOwogICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIGlmICghcmVmcmVzaFRva2VuKSB7CiAgICAgICAgICAgICAgICAgICAgdGhyb3cgbmV3IE1pc3NpbmdSZWZyZXNoVG9rZW5FcnJvcihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgZmV0Y2hPcHRpb25zLmJvZHkgPSB1c2VGb3JtRGF0YSA/IGNyZWF0ZVF1ZXJ5UGFyYW1zKE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSwgYm9keSksIHsKICAgICAgICAgICAgICAgICAgICByZWZyZXNoX3Rva2VuOiByZWZyZXNoVG9rZW4KICAgICAgICAgICAgICAgIH0pKSA6IEpTT04uc3RyaW5naWZ5KE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSwgYm9keSksIHsKICAgICAgICAgICAgICAgICAgICByZWZyZXNoX3Rva2VuOiByZWZyZXNoVG9rZW4KICAgICAgICAgICAgICAgIH0pKTsKICAgICAgICAgICAgfQogICAgICAgICAgICBsZXQgYWJvcnRDb250cm9sbGVyOwogICAgICAgICAgICBpZiAodHlwZW9mIEFib3J0Q29udHJvbGxlciA9PT0gImZ1bmN0aW9uIikgewogICAgICAgICAgICAgICAgYWJvcnRDb250cm9sbGVyID0gbmV3IEFib3J0Q29udHJvbGxlcjsKICAgICAgICAgICAgICAgIGZldGNoT3B0aW9ucy5zaWduYWwgPSBhYm9ydENvbnRyb2xsZXIuc2lnbmFsOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGxldCByZXNwb25zZTsKICAgICAgICAgICAgdHJ5IHsKICAgICAgICAgICAgICAgIHJlc3BvbnNlID0gYXdhaXQgUHJvbWlzZS5yYWNlKFsgd2FpdCh0aW1lb3V0KSwgZmV0Y2goZmV0Y2hVcmwsIE9iamVjdC5hc3NpZ24oe30sIGZldGNoT3B0aW9ucykpIF0pOwogICAgICAgICAgICB9IGNhdGNoIChlcnJvcikgewogICAgICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICAgICAgZXJyb3I6IGVycm9yLm1lc3NhZ2UKICAgICAgICAgICAgICAgIH0pOwogICAgICAgICAgICAgICAgcmV0dXJuOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGlmICghcmVzcG9uc2UpIHsKICAgICAgICAgICAgICAgIGlmIChhYm9ydENvbnRyb2xsZXIpIGFib3J0Q29udHJvbGxlci5hYm9ydCgpOwogICAgICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICAgICAgZXJyb3I6ICJUaW1lb3V0IHdoZW4gZXhlY3V0aW5nICdmZXRjaCciCiAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgfQogICAgICAgICAgICBoZWFkZXJzID0gZnJvbUVudHJpZXMocmVzcG9uc2UuaGVhZGVycyk7CiAgICAgICAgICAgIGpzb24gPSBhd2FpdCByZXNwb25zZS5qc29uKCk7CiAgICAgICAgICAgIGlmIChqc29uLnJlZnJlc2hfdG9rZW4pIHsKICAgICAgICAgICAgICAgIGlmICh1c2VNcnJ0KSB7CiAgICAgICAgICAgICAgICAgICAgcmVmcmVzaFRva2Vuc1sibGF0ZXN0X3JlZnJlc2hfdG9rZW4iXSA9IGpzb24ucmVmcmVzaF90b2tlbjsKICAgICAgICAgICAgICAgICAgICB1cGRhdGVSZWZyZXNoVG9rZW5zKHJlZnJlc2hUb2tlbiwganNvbi5yZWZyZXNoX3Rva2VuKTsKICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIHNldFJlZnJlc2hUb2tlbihqc29uLnJlZnJlc2hfdG9rZW4sIGF1ZGllbmNlLCBzY29wZSk7CiAgICAgICAgICAgICAgICBkZWxldGUganNvbi5yZWZyZXNoX3Rva2VuOwogICAgICAgICAgICB9IGVsc2UgewogICAgICAgICAgICAgICAgZGVsZXRlUmVmcmVzaFRva2VuKGF1ZGllbmNlLCBzY29wZSk7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICBvazogcmVzcG9uc2Uub2ssCiAgICAgICAgICAgICAgICBqc29uOiBqc29uLAogICAgICAgICAgICAgICAgaGVhZGVyczogaGVhZGVycwogICAgICAgICAgICB9KTsKICAgICAgICB9IGNhdGNoIChlcnJvcikgewogICAgICAgICAgICBwb3J0LnBvc3RNZXNzYWdlKHsKICAgICAgICAgICAgICAgIG9rOiBmYWxzZSwKICAgICAgICAgICAgICAgIGpzb246IHsKICAgICAgICAgICAgICAgICAgICBlcnJvcjogZXJyb3IuZXJyb3IsCiAgICAgICAgICAgICAgICAgICAgZXJyb3JfZGVzY3JpcHRpb246IGVycm9yLm1lc3NhZ2UKICAgICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgICBoZWFkZXJzOiBoZWFkZXJzCiAgICAgICAgICAgIH0pOwogICAgICAgIH0KICAgIH07CiAgICB7CiAgICAgICAgYWRkRXZlbnRMaXN0ZW5lcigibWVzc2FnZSIsIG1lc3NhZ2VIYW5kbGVyKTsKICAgIH0KfSkoKTsKCg==", null, false);
+var WorkerFactory = createBase64WorkerFactory("Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwooZnVuY3Rpb24oKSB7CiAgICAidXNlIHN0cmljdCI7CiAgICBmdW5jdGlvbiBfZGVmaW5lUHJvcGVydHkoZSwgciwgdCkgewogICAgICAgIHJldHVybiAociA9IF90b1Byb3BlcnR5S2V5KHIpKSBpbiBlID8gT2JqZWN0LmRlZmluZVByb3BlcnR5KGUsIHIsIHsKICAgICAgICAgICAgdmFsdWU6IHQsCiAgICAgICAgICAgIGVudW1lcmFibGU6ICEwLAogICAgICAgICAgICBjb25maWd1cmFibGU6ICEwLAogICAgICAgICAgICB3cml0YWJsZTogITAKICAgICAgICB9KSA6IGVbcl0gPSB0LCBlOwogICAgfQogICAgZnVuY3Rpb24gb3duS2V5cyhlLCByKSB7CiAgICAgICAgdmFyIHQgPSBPYmplY3Qua2V5cyhlKTsKICAgICAgICBpZiAoT2JqZWN0LmdldE93blByb3BlcnR5U3ltYm9scykgewogICAgICAgICAgICB2YXIgbyA9IE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMoZSk7CiAgICAgICAgICAgIHIgJiYgKG8gPSBvLmZpbHRlcihmdW5jdGlvbihyKSB7CiAgICAgICAgICAgICAgICByZXR1cm4gT2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcihlLCByKS5lbnVtZXJhYmxlOwogICAgICAgICAgICB9KSksIHQucHVzaC5hcHBseSh0LCBvKTsKICAgICAgICB9CiAgICAgICAgcmV0dXJuIHQ7CiAgICB9CiAgICBmdW5jdGlvbiBfb2JqZWN0U3ByZWFkMihlKSB7CiAgICAgICAgZm9yICh2YXIgciA9IDE7IHIgPCBhcmd1bWVudHMubGVuZ3RoOyByKyspIHsKICAgICAgICAgICAgdmFyIHQgPSBudWxsICE9IGFyZ3VtZW50c1tyXSA/IGFyZ3VtZW50c1tyXSA6IHt9OwogICAgICAgICAgICByICUgMiA/IG93bktleXMoT2JqZWN0KHQpLCAhMCkuZm9yRWFjaChmdW5jdGlvbihyKSB7CiAgICAgICAgICAgICAgICBfZGVmaW5lUHJvcGVydHkoZSwgciwgdFtyXSk7CiAgICAgICAgICAgIH0pIDogT2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcnMgPyBPYmplY3QuZGVmaW5lUHJvcGVydGllcyhlLCBPYmplY3QuZ2V0T3duUHJvcGVydHlEZXNjcmlwdG9ycyh0KSkgOiBvd25LZXlzKE9iamVjdCh0KSkuZm9yRWFjaChmdW5jdGlvbihyKSB7CiAgICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoZSwgciwgT2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcih0LCByKSk7CiAgICAgICAgICAgIH0pOwogICAgICAgIH0KICAgICAgICByZXR1cm4gZTsKICAgIH0KICAgIGZ1bmN0aW9uIF9vYmplY3RXaXRob3V0UHJvcGVydGllcyhlLCB0KSB7CiAgICAgICAgaWYgKG51bGwgPT0gZSkgcmV0dXJuIHt9OwogICAgICAgIHZhciBvLCByLCBpID0gX29iamVjdFdpdGhvdXRQcm9wZXJ0aWVzTG9vc2UoZSwgdCk7CiAgICAgICAgaWYgKE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMpIHsKICAgICAgICAgICAgdmFyIG4gPSBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzKGUpOwogICAgICAgICAgICBmb3IgKHIgPSAwOyByIDwgbi5sZW5ndGg7IHIrKykgbyA9IG5bcl0sIC0xID09PSB0LmluZGV4T2YobykgJiYge30ucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChlLCBvKSAmJiAoaVtvXSA9IGVbb10pOwogICAgICAgIH0KICAgICAgICByZXR1cm4gaTsKICAgIH0KICAgIGZ1bmN0aW9uIF9vYmplY3RXaXRob3V0UHJvcGVydGllc0xvb3NlKHIsIGUpIHsKICAgICAgICBpZiAobnVsbCA9PSByKSByZXR1cm4ge307CiAgICAgICAgdmFyIHQgPSB7fTsKICAgICAgICBmb3IgKHZhciBuIGluIHIpIGlmICh7fS5oYXNPd25Qcm9wZXJ0eS5jYWxsKHIsIG4pKSB7CiAgICAgICAgICAgIGlmICgtMSAhPT0gZS5pbmRleE9mKG4pKSBjb250aW51ZTsKICAgICAgICAgICAgdFtuXSA9IHJbbl07CiAgICAgICAgfQogICAgICAgIHJldHVybiB0OwogICAgfQogICAgZnVuY3Rpb24gX3RvUHJpbWl0aXZlKHQsIHIpIHsKICAgICAgICBpZiAoIm9iamVjdCIgIT0gdHlwZW9mIHQgfHwgIXQpIHJldHVybiB0OwogICAgICAgIHZhciBlID0gdFtTeW1ib2wudG9QcmltaXRpdmVdOwogICAgICAgIGlmICh2b2lkIDAgIT09IGUpIHsKICAgICAgICAgICAgdmFyIGkgPSBlLmNhbGwodCwgciB8fCAiZGVmYXVsdCIpOwogICAgICAgICAgICBpZiAoIm9iamVjdCIgIT0gdHlwZW9mIGkpIHJldHVybiBpOwogICAgICAgICAgICB0aHJvdyBuZXcgVHlwZUVycm9yKCJAQHRvUHJpbWl0aXZlIG11c3QgcmV0dXJuIGEgcHJpbWl0aXZlIHZhbHVlLiIpOwogICAgICAgIH0KICAgICAgICByZXR1cm4gKCJzdHJpbmciID09PSByID8gU3RyaW5nIDogTnVtYmVyKSh0KTsKICAgIH0KICAgIGZ1bmN0aW9uIF90b1Byb3BlcnR5S2V5KHQpIHsKICAgICAgICB2YXIgaSA9IF90b1ByaW1pdGl2ZSh0LCAic3RyaW5nIik7CiAgICAgICAgcmV0dXJuICJzeW1ib2wiID09IHR5cGVvZiBpID8gaSA6IGkgKyAiIjsKICAgIH0KICAgIGNsYXNzIEdlbmVyaWNFcnJvciBleHRlbmRzIEVycm9yIHsKICAgICAgICBjb25zdHJ1Y3RvcihlcnJvciwgZXJyb3JfZGVzY3JpcHRpb24pIHsKICAgICAgICAgICAgc3VwZXIoZXJyb3JfZGVzY3JpcHRpb24pOwogICAgICAgICAgICB0aGlzLmVycm9yID0gZXJyb3I7CiAgICAgICAgICAgIHRoaXMuZXJyb3JfZGVzY3JpcHRpb24gPSBlcnJvcl9kZXNjcmlwdGlvbjsKICAgICAgICAgICAgT2JqZWN0LnNldFByb3RvdHlwZU9mKHRoaXMsIEdlbmVyaWNFcnJvci5wcm90b3R5cGUpOwogICAgICAgIH0KICAgICAgICBzdGF0aWMgZnJvbVBheWxvYWQoX3JlZikgewogICAgICAgICAgICBsZXQge2Vycm9yOiBlcnJvciwgZXJyb3JfZGVzY3JpcHRpb246IGVycm9yX2Rlc2NyaXB0aW9ufSA9IF9yZWY7CiAgICAgICAgICAgIHJldHVybiBuZXcgR2VuZXJpY0Vycm9yKGVycm9yLCBlcnJvcl9kZXNjcmlwdGlvbik7CiAgICAgICAgfQogICAgfQogICAgY2xhc3MgTWlzc2luZ1JlZnJlc2hUb2tlbkVycm9yIGV4dGVuZHMgR2VuZXJpY0Vycm9yIHsKICAgICAgICBjb25zdHJ1Y3RvcihhdWRpZW5jZSwgc2NvcGUpIHsKICAgICAgICAgICAgc3VwZXIoIm1pc3NpbmdfcmVmcmVzaF90b2tlbiIsICJNaXNzaW5nIFJlZnJlc2ggVG9rZW4gKGF1ZGllbmNlOiAnIi5jb25jYXQodmFsdWVPckVtcHR5U3RyaW5nKGF1ZGllbmNlLCBbICJkZWZhdWx0IiBdKSwgIicsIHNjb3BlOiAnIikuY29uY2F0KHZhbHVlT3JFbXB0eVN0cmluZyhzY29wZSksICInKSIpKTsKICAgICAgICAgICAgdGhpcy5hdWRpZW5jZSA9IGF1ZGllbmNlOwogICAgICAgICAgICB0aGlzLnNjb3BlID0gc2NvcGU7CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICB9CiAgICBmdW5jdGlvbiB2YWx1ZU9yRW1wdHlTdHJpbmcodmFsdWUpIHsKICAgICAgICBsZXQgZXhjbHVkZSA9IGFyZ3VtZW50cy5sZW5ndGggPiAxICYmIGFyZ3VtZW50c1sxXSAhPT0gdW5kZWZpbmVkID8gYXJndW1lbnRzWzFdIDogW107CiAgICAgICAgcmV0dXJuIHZhbHVlICYmICFleGNsdWRlLmluY2x1ZGVzKHZhbHVlKSA/IHZhbHVlIDogIiI7CiAgICB9CiAgICBjb25zdCBfZXhjbHVkZWQgPSBbICJjbGllbnRJZCIgXTsKICAgIGNvbnN0IHN0cmlwVW5kZWZpbmVkID0gcGFyYW1zID0+IE9iamVjdC5rZXlzKHBhcmFtcykuZmlsdGVyKGsgPT4gdHlwZW9mIHBhcmFtc1trXSAhPT0gInVuZGVmaW5lZCIpLnJlZHVjZSgoYWNjLCBrZXkpID0+IF9vYmplY3RTcHJlYWQyKF9vYmplY3RTcHJlYWQyKHt9LCBhY2MpLCB7fSwgewogICAgICAgIFtrZXldOiBwYXJhbXNba2V5XQogICAgfSksIHt9KTsKICAgIGNvbnN0IGNyZWF0ZVF1ZXJ5UGFyYW1zID0gX3JlZiA9PiB7CiAgICAgICAgbGV0IHtjbGllbnRJZDogY2xpZW50X2lkfSA9IF9yZWYsIHBhcmFtcyA9IF9vYmplY3RXaXRob3V0UHJvcGVydGllcyhfcmVmLCBfZXhjbHVkZWQpOwogICAgICAgIHJldHVybiBuZXcgVVJMU2VhcmNoUGFyYW1zKHN0cmlwVW5kZWZpbmVkKF9vYmplY3RTcHJlYWQyKHsKICAgICAgICAgICAgY2xpZW50X2lkOiBjbGllbnRfaWQKICAgICAgICB9LCBwYXJhbXMpKSkudG9TdHJpbmcoKTsKICAgIH07CiAgICBjb25zdCBmcm9tRW50cmllcyA9IGl0ZXJhYmxlID0+IFsgLi4uaXRlcmFibGUgXS5yZWR1Y2UoKG9iaiwgX3JlZjIpID0+IHsKICAgICAgICBsZXQgW2tleSwgdmFsXSA9IF9yZWYyOwogICAgICAgIG9ialtrZXldID0gdmFsOwogICAgICAgIHJldHVybiBvYmo7CiAgICB9LCB7fSk7CiAgICBsZXQgcmVmcmVzaFRva2VucyA9IHt9OwogICAgY29uc3QgY2FjaGVLZXkgPSAoYXVkaWVuY2UsIHNjb3BlKSA9PiAiIi5jb25jYXQoYXVkaWVuY2UsICJ8IikuY29uY2F0KHNjb3BlKTsKICAgIGNvbnN0IGNhY2hlS2V5Q29udGFpbnNBdWRpZW5jZSA9IChhdWRpZW5jZSwgY2FjaGVLZXkpID0+IGNhY2hlS2V5LnN0YXJ0c1dpdGgoIiIuY29uY2F0KGF1ZGllbmNlLCAifCIpKTsKICAgIGNvbnN0IGdldFJlZnJlc2hUb2tlbiA9IChhdWRpZW5jZSwgc2NvcGUpID0+IHJlZnJlc2hUb2tlbnNbY2FjaGVLZXkoYXVkaWVuY2UsIHNjb3BlKV07CiAgICBjb25zdCBzZXRSZWZyZXNoVG9rZW4gPSAocmVmcmVzaFRva2VuLCBhdWRpZW5jZSwgc2NvcGUpID0+IHJlZnJlc2hUb2tlbnNbY2FjaGVLZXkoYXVkaWVuY2UsIHNjb3BlKV0gPSByZWZyZXNoVG9rZW47CiAgICBjb25zdCBkZWxldGVSZWZyZXNoVG9rZW4gPSAoYXVkaWVuY2UsIHNjb3BlKSA9PiBkZWxldGUgcmVmcmVzaFRva2Vuc1tjYWNoZUtleShhdWRpZW5jZSwgc2NvcGUpXTsKICAgIGNvbnN0IHdhaXQgPSB0aW1lID0+IG5ldyBQcm9taXNlKHJlc29sdmUgPT4gc2V0VGltZW91dChyZXNvbHZlLCB0aW1lKSk7CiAgICBjb25zdCBmb3JtRGF0YVRvT2JqZWN0ID0gZm9ybURhdGEgPT4gewogICAgICAgIGNvbnN0IHF1ZXJ5UGFyYW1zID0gbmV3IFVSTFNlYXJjaFBhcmFtcyhmb3JtRGF0YSk7CiAgICAgICAgY29uc3QgcGFyc2VkUXVlcnkgPSB7fTsKICAgICAgICBxdWVyeVBhcmFtcy5mb3JFYWNoKCh2YWwsIGtleSkgPT4gewogICAgICAgICAgICBwYXJzZWRRdWVyeVtrZXldID0gdmFsOwogICAgICAgIH0pOwogICAgICAgIHJldHVybiBwYXJzZWRRdWVyeTsKICAgIH07CiAgICBjb25zdCB1cGRhdGVSZWZyZXNoVG9rZW5zID0gKG9sZFJlZnJlc2hUb2tlbiwgbmV3UmVmcmVzaFRva2VuKSA9PiB7CiAgICAgICAgT2JqZWN0LmVudHJpZXMocmVmcmVzaFRva2VucykuZm9yRWFjaChfcmVmID0+IHsKICAgICAgICAgICAgbGV0IFtrZXksIHRva2VuXSA9IF9yZWY7CiAgICAgICAgICAgIGlmICh0b2tlbiA9PT0gb2xkUmVmcmVzaFRva2VuKSB7CiAgICAgICAgICAgICAgICByZWZyZXNoVG9rZW5zW2tleV0gPSBuZXdSZWZyZXNoVG9rZW47CiAgICAgICAgICAgIH0KICAgICAgICB9KTsKICAgIH07CiAgICBjb25zdCBjaGVja0Rvd25zY29waW5nID0gKHNjb3BlLCBhdWRpZW5jZSkgPT4gewogICAgICAgIGNvbnN0IGZpbmRDb2luY2lkZW5jZSA9IE9iamVjdC5rZXlzKHJlZnJlc2hUb2tlbnMpLmZpbmQoa2V5ID0+IHsKICAgICAgICAgICAgaWYgKGtleSAhPT0gImxhdGVzdF9yZWZyZXNoX3Rva2VuIikgewogICAgICAgICAgICAgICAgY29uc3QgaXNTYW1lQXVkaWVuY2UgPSBjYWNoZUtleUNvbnRhaW5zQXVkaWVuY2UoYXVkaWVuY2UsIGtleSk7CiAgICAgICAgICAgICAgICBjb25zdCBzY29wZXNLZXkgPSBrZXkuc3BsaXQoInwiKVsxXS5zcGxpdCgiICIpOwogICAgICAgICAgICAgICAgY29uc3QgcmVxdWVzdGVkU2NvcGVzID0gc2NvcGUuc3BsaXQoIiAiKTsKICAgICAgICAgICAgICAgIGNvbnN0IHNjb3Blc0FyZUluY2x1ZGVkID0gcmVxdWVzdGVkU2NvcGVzLmV2ZXJ5KGtleSA9PiBzY29wZXNLZXkuaW5jbHVkZXMoa2V5KSk7CiAgICAgICAgICAgICAgICByZXR1cm4gaXNTYW1lQXVkaWVuY2UgJiYgc2NvcGVzQXJlSW5jbHVkZWQ7CiAgICAgICAgICAgIH0KICAgICAgICB9KTsKICAgICAgICByZXR1cm4gZmluZENvaW5jaWRlbmNlID8gdHJ1ZSA6IGZhbHNlOwogICAgfTsKICAgIGNvbnN0IG1lc3NhZ2VIYW5kbGVyID0gYXN5bmMgX3JlZjIgPT4gewogICAgICAgIGxldCB7ZGF0YToge3RpbWVvdXQ6IHRpbWVvdXQsIGF1dGg6IGF1dGgsIGZldGNoVXJsOiBmZXRjaFVybCwgZmV0Y2hPcHRpb25zOiBmZXRjaE9wdGlvbnMsIHVzZUZvcm1EYXRhOiB1c2VGb3JtRGF0YSwgdXNlTXJydDogdXNlTXJydH0sIHBvcnRzOiBbcG9ydF19ID0gX3JlZjI7CiAgICAgICAgbGV0IGhlYWRlcnMgPSB7fTsKICAgICAgICBsZXQganNvbjsKICAgICAgICBsZXQgcmVmcmVzaFRva2VuOwogICAgICAgIGNvbnN0IHthdWRpZW5jZTogYXVkaWVuY2UsIHNjb3BlOiBzY29wZX0gPSBhdXRoIHx8IHt9OwogICAgICAgIHRyeSB7CiAgICAgICAgICAgIGNvbnN0IGJvZHkgPSB1c2VGb3JtRGF0YSA/IGZvcm1EYXRhVG9PYmplY3QoZmV0Y2hPcHRpb25zLmJvZHkpIDogSlNPTi5wYXJzZShmZXRjaE9wdGlvbnMuYm9keSk7CiAgICAgICAgICAgIGlmICghYm9keS5yZWZyZXNoX3Rva2VuICYmIGJvZHkuZ3JhbnRfdHlwZSA9PT0gInJlZnJlc2hfdG9rZW4iKSB7CiAgICAgICAgICAgICAgICByZWZyZXNoVG9rZW4gPSBnZXRSZWZyZXNoVG9rZW4oYXVkaWVuY2UsIHNjb3BlKTsKICAgICAgICAgICAgICAgIGlmICghcmVmcmVzaFRva2VuICYmIHVzZU1ycnQpIHsKICAgICAgICAgICAgICAgICAgICBjb25zdCBsYXRlc3RSZWZyZXNoVG9rZW4gPSByZWZyZXNoVG9rZW5zWyJsYXRlc3RfcmVmcmVzaF90b2tlbiJdOwogICAgICAgICAgICAgICAgICAgIGNvbnN0IGlzRG93bnNjb3BpbmcgPSBjaGVja0Rvd25zY29waW5nKHNjb3BlLCBhdWRpZW5jZSk7CiAgICAgICAgICAgICAgICAgICAgaWYgKGxhdGVzdFJlZnJlc2hUb2tlbiAmJiAhaXNEb3duc2NvcGluZykgewogICAgICAgICAgICAgICAgICAgICAgICByZWZyZXNoVG9rZW4gPSBsYXRlc3RSZWZyZXNoVG9rZW47CiAgICAgICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgaWYgKCFyZWZyZXNoVG9rZW4pIHsKICAgICAgICAgICAgICAgICAgICB0aHJvdyBuZXcgTWlzc2luZ1JlZnJlc2hUb2tlbkVycm9yKGF1ZGllbmNlLCBzY29wZSk7CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICBmZXRjaE9wdGlvbnMuYm9keSA9IHVzZUZvcm1EYXRhID8gY3JlYXRlUXVlcnlQYXJhbXMoX29iamVjdFNwcmVhZDIoX29iamVjdFNwcmVhZDIoe30sIGJvZHkpLCB7fSwgewogICAgICAgICAgICAgICAgICAgIHJlZnJlc2hfdG9rZW46IHJlZnJlc2hUb2tlbgogICAgICAgICAgICAgICAgfSkpIDogSlNPTi5zdHJpbmdpZnkoX29iamVjdFNwcmVhZDIoX29iamVjdFNwcmVhZDIoe30sIGJvZHkpLCB7fSwgewogICAgICAgICAgICAgICAgICAgIHJlZnJlc2hfdG9rZW46IHJlZnJlc2hUb2tlbgogICAgICAgICAgICAgICAgfSkpOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGxldCBhYm9ydENvbnRyb2xsZXI7CiAgICAgICAgICAgIGlmICh0eXBlb2YgQWJvcnRDb250cm9sbGVyID09PSAiZnVuY3Rpb24iKSB7CiAgICAgICAgICAgICAgICBhYm9ydENvbnRyb2xsZXIgPSBuZXcgQWJvcnRDb250cm9sbGVyOwogICAgICAgICAgICAgICAgZmV0Y2hPcHRpb25zLnNpZ25hbCA9IGFib3J0Q29udHJvbGxlci5zaWduYWw7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgbGV0IHJlc3BvbnNlOwogICAgICAgICAgICB0cnkgewogICAgICAgICAgICAgICAgcmVzcG9uc2UgPSBhd2FpdCBQcm9taXNlLnJhY2UoWyB3YWl0KHRpbWVvdXQpLCBmZXRjaChmZXRjaFVybCwgX29iamVjdFNwcmVhZDIoe30sIGZldGNoT3B0aW9ucykpIF0pOwogICAgICAgICAgICB9IGNhdGNoIChlcnJvcikgewogICAgICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICAgICAgZXJyb3I6IGVycm9yLm1lc3NhZ2UKICAgICAgICAgICAgICAgIH0pOwogICAgICAgICAgICAgICAgcmV0dXJuOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGlmICghcmVzcG9uc2UpIHsKICAgICAgICAgICAgICAgIGlmIChhYm9ydENvbnRyb2xsZXIpIGFib3J0Q29udHJvbGxlci5hYm9ydCgpOwogICAgICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICAgICAgZXJyb3I6ICJUaW1lb3V0IHdoZW4gZXhlY3V0aW5nICdmZXRjaCciCiAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgfQogICAgICAgICAgICBoZWFkZXJzID0gZnJvbUVudHJpZXMocmVzcG9uc2UuaGVhZGVycyk7CiAgICAgICAgICAgIGpzb24gPSBhd2FpdCByZXNwb25zZS5qc29uKCk7CiAgICAgICAgICAgIGlmIChqc29uLnJlZnJlc2hfdG9rZW4pIHsKICAgICAgICAgICAgICAgIGlmICh1c2VNcnJ0KSB7CiAgICAgICAgICAgICAgICAgICAgcmVmcmVzaFRva2Vuc1sibGF0ZXN0X3JlZnJlc2hfdG9rZW4iXSA9IGpzb24ucmVmcmVzaF90b2tlbjsKICAgICAgICAgICAgICAgICAgICB1cGRhdGVSZWZyZXNoVG9rZW5zKHJlZnJlc2hUb2tlbiwganNvbi5yZWZyZXNoX3Rva2VuKTsKICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIHNldFJlZnJlc2hUb2tlbihqc29uLnJlZnJlc2hfdG9rZW4sIGF1ZGllbmNlLCBzY29wZSk7CiAgICAgICAgICAgICAgICBkZWxldGUganNvbi5yZWZyZXNoX3Rva2VuOwogICAgICAgICAgICB9IGVsc2UgewogICAgICAgICAgICAgICAgZGVsZXRlUmVmcmVzaFRva2VuKGF1ZGllbmNlLCBzY29wZSk7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICBvazogcmVzcG9uc2Uub2ssCiAgICAgICAgICAgICAgICBqc29uOiBqc29uLAogICAgICAgICAgICAgICAgaGVhZGVyczogaGVhZGVycwogICAgICAgICAgICB9KTsKICAgICAgICB9IGNhdGNoIChlcnJvcikgewogICAgICAgICAgICBwb3J0LnBvc3RNZXNzYWdlKHsKICAgICAgICAgICAgICAgIG9rOiBmYWxzZSwKICAgICAgICAgICAgICAgIGpzb246IHsKICAgICAgICAgICAgICAgICAgICBlcnJvcjogZXJyb3IuZXJyb3IsCiAgICAgICAgICAgICAgICAgICAgZXJyb3JfZGVzY3JpcHRpb246IGVycm9yLm1lc3NhZ2UKICAgICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgICBoZWFkZXJzOiBoZWFkZXJzCiAgICAgICAgICAgIH0pOwogICAgICAgIH0KICAgIH07CiAgICB7CiAgICAgICAgYWRkRXZlbnRMaXN0ZW5lcigibWVzc2FnZSIsIG1lc3NhZ2VIYW5kbGVyKTsKICAgIH0KfSkoKTsKCg==", null, false);
 
 const singlePromiseMap = {};
 
@@ -2117,11 +2302,12 @@ class CacheKeyManifest {
     constructor(cache, clientId) {
         this.cache = cache;
         this.clientId = clientId;
+        _defineProperty(this, "manifestKey", void 0);
         this.manifestKey = this.createManifestKeyFrom(this.clientId);
     }
     async add(key) {
-        var _a;
-        const keys = new Set(((_a = await this.cache.get(this.manifestKey)) === null || _a === void 0 ? void 0 : _a.keys) || []);
+        var _await$this$cache$get;
+        const keys = new Set(((_await$this$cache$get = await this.cache.get(this.manifestKey)) === null || _await$this$cache$get === void 0 ? void 0 : _await$this$cache$get.keys) || []);
         keys.add(key);
         await this.cache.set(this.manifestKey, {
             keys: [ ...keys ]
@@ -2151,6 +2337,8 @@ class CacheKeyManifest {
     }
 }
 
+const _excluded$2 = [ "openUrl", "onRedirect" ];
+
 const GET_TOKEN_SILENTLY_LOCK_KEY = "auth0.lock.getTokenSilently";
 
 const GET_TOKEN_FROM_IFRAME_LOCK_KEY = "auth0.lock.getTokenFromIFrame";
@@ -2172,9 +2360,9 @@ const cacheLocationBuilders = {
 
 const cacheFactory = location => cacheLocationBuilders[location];
 
-const getAuthorizeParams = (clientOptions, scope, authorizationParams, state, nonce, code_challenge, redirect_uri, response_mode, thumbprint) => Object.assign(Object.assign(Object.assign({
+const getAuthorizeParams = (clientOptions, scope, authorizationParams, state, nonce, code_challenge, redirect_uri, response_mode, thumbprint) => _objectSpread2(_objectSpread2(_objectSpread2({
     client_id: clientOptions.clientId
-}, clientOptions.authorizationParams), authorizationParams), {
+}, clientOptions.authorizationParams), authorizationParams), {}, {
     scope: scopesToRequest(scope, authorizationParams.scope, authorizationParams.audience),
     response_type: "code",
     response_mode: response_mode || "query",
@@ -2187,8 +2375,8 @@ const getAuthorizeParams = (clientOptions, scope, authorizationParams, state, no
 });
 
 const patchOpenUrlWithOnRedirect = options => {
-    const {openUrl: openUrl, onRedirect: onRedirect} = options, originalOptions = __rest(options, [ "openUrl", "onRedirect" ]);
-    const result = Object.assign(Object.assign({}, originalOptions), {
+    const {openUrl: openUrl, onRedirect: onRedirect} = options, originalOptions = _objectWithoutProperties(options, _excluded$2);
+    const result = _objectSpread2(_objectSpread2({}, originalOptions), {}, {
         openUrl: openUrl === false || openUrl ? openUrl : onRedirect
     });
     return result;
@@ -2208,13 +2396,13 @@ const getMissingScopes = (requestedScope, respondedScope) => {
 };
 
 const getScopeToRequest = (useMrrt, authorizationParams, cachedAudience, cachedScope) => {
-    var _a;
     if (useMrrt && cachedAudience && cachedScope) {
+        var _authorizationParams$;
         if (authorizationParams.audience !== cachedAudience) {
             return authorizationParams.scope;
         }
         const cachedScopes = cachedScope.split(" ");
-        const newScopes = ((_a = authorizationParams.scope) === null || _a === void 0 ? void 0 : _a.split(" ")) || [];
+        const newScopes = ((_authorizationParams$ = authorizationParams.scope) === null || _authorizationParams$ === void 0 ? void 0 : _authorizationParams$.split(" ")) || [];
         const newScopesAreIncluded = newScopes.every(scope => cachedScopes.includes(scope));
         return cachedScopes.length >= newScopes.length && newScopesAreIncluded ? cachedScope : authorizationParams.scope;
     }
@@ -2241,6 +2429,8 @@ const AUTH0_NONCE_ID = "auth0";
 
 class DpopStorage {
     constructor(clientId) {
+        _defineProperty(this, "clientId", void 0);
+        _defineProperty(this, "dbHandle", void 0);
         this.clientId = clientId;
     }
     getVersion() {
@@ -2294,7 +2484,7 @@ class DpopStorage {
     }
     async deleteBy(table, predicate) {
         const allKeys = await this.executeDbRequest(table, "readonly", table => table.getAllKeys());
-        allKeys === null || allKeys === void 0 ? void 0 : allKeys.filter(predicate).map(k => this.executeDbRequest(table, "readwrite", table => table.delete(k)));
+        allKeys === null || allKeys === void 0 || allKeys.filter(predicate).map(k => this.executeDbRequest(table, "readwrite", table => table.delete(k)));
     }
     deleteByClientId(table, clientId) {
         return this.deleteBy(table, k => typeof k === "string" && k.startsWith("".concat(clientId, "::")));
@@ -2309,6 +2499,7 @@ class DpopStorage {
 
 class Dpop {
     constructor(clientId) {
+        _defineProperty(this, "storage", void 0);
         this.storage = new DpopStorage(clientId);
     }
     getNonce(id) {
@@ -2327,7 +2518,7 @@ class Dpop {
     }
     async generateProof(params) {
         const keyPair = await this.getOrGenerateKeyPair();
-        return generateProof(Object.assign({
+        return generateProof(_objectSpread2({
             keyPair: keyPair
         }, params));
     }
@@ -2340,17 +2531,18 @@ class Dpop {
     }
 }
 
-var TokenType;
-
-(function(TokenType) {
+var TokenType = function(TokenType) {
     TokenType["Bearer"] = "Bearer";
     TokenType["DPoP"] = "DPoP";
-})(TokenType || (TokenType = {}));
+    return TokenType;
+}(TokenType || {});
 
 class Fetcher {
     constructor(config, hooks) {
+        _defineProperty(this, "config", void 0);
+        _defineProperty(this, "hooks", void 0);
         this.hooks = hooks;
-        this.config = Object.assign(Object.assign({}, config), {
+        this.config = _objectSpread2(_objectSpread2({}, config), {}, {
             fetch: config.fetch || (typeof window === "undefined" ? fetch : window.fetch.bind(window))
         });
     }
@@ -2458,7 +2650,7 @@ class Fetcher {
     }
     fetchWithAuth(info, init, authParams) {
         const callbacks = {
-            onUseDpopNonceError: () => this.internalFetchWithAuth(info, init, Object.assign(Object.assign({}, callbacks), {
+            onUseDpopNonceError: () => this.internalFetchWithAuth(info, init, _objectSpread2(_objectSpread2({}, callbacks), {}, {
                 onUseDpopNonceError: undefined
             }), authParams)
         };
@@ -2516,6 +2708,11 @@ class MyAccountApiError extends Error {
     constructor(_ref) {
         let {type: type, status: status, title: title, detail: detail, validation_errors: validation_errors} = _ref;
         super(detail);
+        _defineProperty(this, "type", void 0);
+        _defineProperty(this, "status", void 0);
+        _defineProperty(this, "title", void 0);
+        _defineProperty(this, "detail", void 0);
+        _defineProperty(this, "validation_errors", void 0);
         this.name = "MyAccountApiError";
         this.type = type;
         this.status = status;
@@ -2556,7 +2753,7 @@ const MfaGrantTypes = {
 
 function getAuthJsEnrollParams(params) {
     const mapping = FACTOR_MAPPING[params.factorType];
-    return Object.assign(Object.assign(Object.assign({
+    return _objectSpread2(_objectSpread2(_objectSpread2({
         mfaToken: params.mfaToken,
         authenticatorTypes: mapping.authenticatorTypes
     }, mapping.oobChannels && {
@@ -2581,177 +2778,6 @@ function getGrantType(params) {
     return undefined;
 }
 
-function _OverloadYield(e, d) {
-    this.v = e, this.k = d;
-}
-
-function _assertClassBrand(e, t, n) {
-    if ("function" == typeof e ? e === t : e.has(t)) return arguments.length < 3 ? t : n;
-    throw new TypeError("Private element is not present on this object");
-}
-
-function _awaitAsyncGenerator(e) {
-    return new _OverloadYield(e, 0);
-}
-
-function _checkPrivateRedeclaration(e, t) {
-    if (t.has(e)) throw new TypeError("Cannot initialize the same private elements twice on an object");
-}
-
-function _classPrivateFieldGet2(s, a) {
-    return s.get(_assertClassBrand(s, a));
-}
-
-function _classPrivateFieldInitSpec(e, t, a) {
-    _checkPrivateRedeclaration(e, t), t.set(e, a);
-}
-
-function _classPrivateFieldSet2(s, a, r) {
-    return s.set(_assertClassBrand(s, a), r), r;
-}
-
-function _classPrivateMethodInitSpec(e, a) {
-    _checkPrivateRedeclaration(e, a), a.add(e);
-}
-
-function _defineProperty(e, r, t) {
-    return (r = _toPropertyKey(r)) in e ? Object.defineProperty(e, r, {
-        value: t,
-        enumerable: !0,
-        configurable: !0,
-        writable: !0
-    }) : e[r] = t, e;
-}
-
-function ownKeys(e, r) {
-    var t = Object.keys(e);
-    if (Object.getOwnPropertySymbols) {
-        var o = Object.getOwnPropertySymbols(e);
-        r && (o = o.filter(function(r) {
-            return Object.getOwnPropertyDescriptor(e, r).enumerable;
-        })), t.push.apply(t, o);
-    }
-    return t;
-}
-
-function _objectSpread2(e) {
-    for (var r = 1; r < arguments.length; r++) {
-        var t = null != arguments[r] ? arguments[r] : {};
-        r % 2 ? ownKeys(Object(t), !0).forEach(function(r) {
-            _defineProperty(e, r, t[r]);
-        }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys(Object(t)).forEach(function(r) {
-            Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r));
-        });
-    }
-    return e;
-}
-
-function _objectWithoutProperties(e, t) {
-    if (null == e) return {};
-    var o, r, i = _objectWithoutPropertiesLoose(e, t);
-    if (Object.getOwnPropertySymbols) {
-        var n = Object.getOwnPropertySymbols(e);
-        for (r = 0; r < n.length; r++) o = n[r], -1 === t.indexOf(o) && {}.propertyIsEnumerable.call(e, o) && (i[o] = e[o]);
-    }
-    return i;
-}
-
-function _objectWithoutPropertiesLoose(r, e) {
-    if (null == r) return {};
-    var t = {};
-    for (var n in r) if ({}.hasOwnProperty.call(r, n)) {
-        if (-1 !== e.indexOf(n)) continue;
-        t[n] = r[n];
-    }
-    return t;
-}
-
-function _toPrimitive(t, r) {
-    if ("object" != typeof t || !t) return t;
-    var e = t[Symbol.toPrimitive];
-    if (void 0 !== e) {
-        var i = e.call(t, r || "default");
-        if ("object" != typeof i) return i;
-        throw new TypeError("@@toPrimitive must return a primitive value.");
-    }
-    return ("string" === r ? String : Number)(t);
-}
-
-function _toPropertyKey(t) {
-    var i = _toPrimitive(t, "string");
-    return "symbol" == typeof i ? i : i + "";
-}
-
-function _wrapAsyncGenerator(e) {
-    return function() {
-        return new AsyncGenerator(e.apply(this, arguments));
-    };
-}
-
-function AsyncGenerator(e) {
-    var r, t;
-    function resume(r, t) {
-        try {
-            var n = e[r](t), o = n.value, u = o instanceof _OverloadYield;
-            Promise.resolve(u ? o.v : o).then(function(t) {
-                if (u) {
-                    var i = "return" === r ? "return" : "next";
-                    if (!o.k || t.done) return resume(i, t);
-                    t = e[i](t).value;
-                }
-                settle(n.done ? "return" : "normal", t);
-            }, function(e) {
-                resume("throw", e);
-            });
-        } catch (e) {
-            settle("throw", e);
-        }
-    }
-    function settle(e, n) {
-        switch (e) {
-          case "return":
-            r.resolve({
-                value: n,
-                done: !0
-            });
-            break;
-
-          case "throw":
-            r.reject(n);
-            break;
-
-          default:
-            r.resolve({
-                value: n,
-                done: !1
-            });
-        }
-        (r = r.next) ? resume(r.key, r.arg) : t = null;
-    }
-    this._invoke = function(e, n) {
-        return new Promise(function(o, u) {
-            var i = {
-                key: e,
-                arg: n,
-                resolve: o,
-                reject: u,
-                next: null
-            };
-            t ? t = t.next = i : (r = t = i, resume(e, n));
-        });
-    }, "function" != typeof e.return && (this.return = void 0);
-}
-
-AsyncGenerator.prototype["function" == typeof Symbol && Symbol.asyncIterator || "@@asyncIterator"] = function() {
-    return this;
-}, AsyncGenerator.prototype.next = function(e) {
-    return this._invoke("next", e);
-}, AsyncGenerator.prototype.throw = function(e) {
-    return this._invoke("throw", e);
-}, AsyncGenerator.prototype.return = function(e) {
-    return this._invoke("return", e);
-};
-
 var _navigator$userAgent$2, _navigator$userAgent$$2;
 
 let USER_AGENT$2;
@@ -6848,7 +6874,7 @@ let USER_AGENT;
 
 if (typeof navigator === "undefined" || !((_navigator$userAgent = navigator.userAgent) !== null && _navigator$userAgent !== void 0 && (_navigator$userAgent$ = _navigator$userAgent.startsWith) !== null && _navigator$userAgent$ !== void 0 && _navigator$userAgent$.call(_navigator$userAgent, "Mozilla/5.0 "))) {
     const NAME = "jose";
-    const VERSION = "v6.2.1";
+    const VERSION = "v6.2.2";
     USER_AGENT = "".concat(NAME, "/").concat(VERSION);
 }
 
@@ -7032,7 +7058,7 @@ function createRemoteJWKSet(url, options) {
     return remoteJWKSet;
 }
 
-const _excluded = [ "mfaToken" ], _excluded2 = [ "mfaToken" ];
+const _excluded$1 = [ "mfaToken" ], _excluded2$1 = [ "mfaToken" ];
 
 var _baseUrl, _clientId, _customFetch, _entries, _ttlMs, _maxEntries, _configuration, _serverMetadata, _clientAuthPromise, _options, _customFetch2, _jwks, _discoveryCache, _inFlightDiscovery, _jwksCache, _Class9_brand;
 
@@ -7080,6 +7106,13 @@ var TokenByRefreshTokenError = class extends ApiError {
     }
 };
 
+var TokenByPasswordError = class extends ApiError {
+    constructor(message, cause) {
+        super("token_by_password_error", message, cause);
+        this.name = "TokenByPasswordError";
+    }
+};
+
 var TokenForConnectionError = class extends ApiError {
     constructor(message, cause) {
         super("token_for_connection_error", message, cause);
@@ -7270,7 +7303,7 @@ class MfaClient {
     }
     async enrollAuthenticator(options) {
         const url = "".concat(_classPrivateFieldGet2(_baseUrl, this), "/mfa/associate");
-        const {mfaToken: mfaToken} = options, sdkParams = _objectWithoutProperties(options, _excluded);
+        const {mfaToken: mfaToken} = options, sdkParams = _objectWithoutProperties(options, _excluded$1);
         const apiParams = {
             authenticator_types: sdkParams.authenticatorTypes
         };
@@ -7315,7 +7348,7 @@ class MfaClient {
     }
     async challengeAuthenticator(options) {
         const url = "".concat(_classPrivateFieldGet2(_baseUrl, this), "/mfa/challenge");
-        const {mfaToken: mfaToken} = options, challengeParams = _objectWithoutProperties(options, _excluded2);
+        const {mfaToken: mfaToken} = options, challengeParams = _objectWithoutProperties(options, _excluded2$1);
         const body = {
             mfa_token: mfaToken,
             client_id: _classPrivateFieldGet2(_clientId, this),
@@ -7372,7 +7405,7 @@ function getTelemetryConfig(config) {
     return {
         enabled: true,
         name: (_config$name = config === null || config === void 0 ? void 0 : config.name) !== null && _config$name !== void 0 ? _config$name : "@auth0/auth0-auth-js",
-        version: (_config$version = config === null || config === void 0 ? void 0 : config.version) !== null && _config$version !== void 0 ? _config$version : "1.5.0"
+        version: (_config$version = config === null || config === void 0 ? void 0 : config.version) !== null && _config$version !== void 0 ? _config$version : "1.6.0"
     };
 }
 
@@ -7739,6 +7772,38 @@ class AuthClient {
             throw new TokenByRefreshTokenError("The access token has expired and there was an error while trying to refresh it.", e);
         }
     }
+    async getTokenByPassword(options) {
+        const {configuration: configuration} = await _assertClassBrand(_Class9_brand, this, _discover).call(this);
+        const params = new URLSearchParams({
+            username: options.username,
+            password: options.password
+        });
+        if (options.audience) {
+            params.append("audience", options.audience);
+        }
+        if (options.scope) {
+            params.append("scope", options.scope);
+        }
+        if (options.realm) {
+            params.append("realm", options.realm);
+        }
+        let requestConfig = configuration;
+        if (options.auth0ForwardedFor) {
+            const clientAuth = await _assertClassBrand(_Class9_brand, this, _getClientAuth).call(this);
+            requestConfig = new Configuration(configuration.serverMetadata(), _classPrivateFieldGet2(_options, this).clientId, _classPrivateFieldGet2(_options, this).clientSecret, clientAuth);
+            requestConfig[customFetch$1] = (url, init) => _classPrivateFieldGet2(_customFetch2, this).call(this, url, _objectSpread2(_objectSpread2({}, init), {}, {
+                headers: _objectSpread2(_objectSpread2({}, init.headers), {}, {
+                    "auth0-forwarded-for": options.auth0ForwardedFor
+                })
+            }));
+        }
+        try {
+            const tokenEndpointResponse = await genericGrantRequest(requestConfig, "password", params);
+            return TokenResponse.fromTokenEndpointResponse(tokenEndpointResponse);
+        } catch (e) {
+            throw new TokenByPasswordError("There was an error while trying to request a token.", e);
+        }
+    }
     async getTokenByClientCredentials(options) {
         const {configuration: configuration} = await _assertClassBrand(_Class9_brand, this, _discover).call(this);
         try {
@@ -8038,12 +8103,13 @@ const DEFAULT_TTL_MS = 10 * 60 * 1e3;
 class MfaContextManager {
     constructor() {
         let ttlMs = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : DEFAULT_TTL_MS;
-        this.contexts = new Map;
+        _defineProperty(this, "contexts", new Map);
+        _defineProperty(this, "ttlMs", void 0);
         this.ttlMs = ttlMs;
     }
     set(mfaToken, context) {
         this.cleanup();
-        this.contexts.set(mfaToken, Object.assign(Object.assign({}, context), {
+        this.contexts.set(mfaToken, _objectSpread2(_objectSpread2({}, context), {}, {
             createdAt: Date.now()
         }));
     }
@@ -8076,6 +8142,9 @@ class MfaContextManager {
 
 class MfaApiClient {
     constructor(authJsMfaClient, auth0Client) {
+        _defineProperty(this, "authJsMfaClient", void 0);
+        _defineProperty(this, "auth0Client", void 0);
+        _defineProperty(this, "contextManager", void 0);
         this.authJsMfaClient = authJsMfaClient;
         this.auth0Client = auth0Client;
         this.contextManager = new MfaContextManager;
@@ -8088,9 +8157,9 @@ class MfaApiClient {
         });
     }
     async getAuthenticators(mfaToken) {
-        var _a, _b;
+        var _context$mfaRequireme;
         const context = this.contextManager.get(mfaToken);
-        if (!((_a = context === null || context === void 0 ? void 0 : context.mfaRequirements) === null || _a === void 0 ? void 0 : _a.challenge) || context.mfaRequirements.challenge.length === 0) {
+        if (!(context !== null && context !== void 0 && (_context$mfaRequireme = context.mfaRequirements) !== null && _context$mfaRequireme !== void 0 && _context$mfaRequireme.challenge) || context.mfaRequirements.challenge.length === 0) {
             throw new MfaListAuthenticatorsError("invalid_request", "challengeType is required and must contain at least one challenge type, please check mfa_required error payload");
         }
         const challengeTypes = context.mfaRequirements.challenge.map(c => c.type);
@@ -8104,25 +8173,25 @@ class MfaApiClient {
             });
         } catch (error) {
             if (error instanceof MfaListAuthenticatorsError$1) {
-                throw new MfaListAuthenticatorsError((_b = error.cause) === null || _b === void 0 ? void 0 : _b.error, error.message);
+                var _error$cause;
+                throw new MfaListAuthenticatorsError((_error$cause = error.cause) === null || _error$cause === void 0 ? void 0 : _error$cause.error, error.message);
             }
             throw error;
         }
     }
     async enroll(params) {
-        var _a;
         const authJsParams = getAuthJsEnrollParams(params);
         try {
             return await this.authJsMfaClient.enrollAuthenticator(authJsParams);
         } catch (error) {
             if (error instanceof MfaEnrollmentError$1) {
-                throw new MfaEnrollmentError((_a = error.cause) === null || _a === void 0 ? void 0 : _a.error, error.message);
+                var _error$cause2;
+                throw new MfaEnrollmentError((_error$cause2 = error.cause) === null || _error$cause2 === void 0 ? void 0 : _error$cause2.error, error.message);
             }
             throw error;
         }
     }
     async challenge(params) {
-        var _a;
         try {
             const authJsParams = {
                 challengeType: params.challengeType,
@@ -8134,7 +8203,8 @@ class MfaApiClient {
             return await this.authJsMfaClient.challengeAuthenticator(authJsParams);
         } catch (error) {
             if (error instanceof MfaChallengeError$1) {
-                throw new MfaChallengeError((_a = error.cause) === null || _a === void 0 ? void 0 : _a.error, error.message);
+                var _error$cause3;
+                throw new MfaChallengeError((_error$cause3 = error.cause) === null || _error$cause3 === void 0 ? void 0 : _error$cause3.error, error.message);
             }
             throw error;
         }
@@ -8184,18 +8254,38 @@ class MfaApiClient {
     }
 }
 
+const _excluded = [ "openUrl", "fragment", "appState" ], _excluded2 = [ "url" ], _excluded3 = [ "cacheMode" ], _excluded4 = [ "federated" ], _excluded5 = [ "openUrl" ], _excluded6 = [ "id_token", "decodedToken" ], _excluded7 = [ "mfaToken" ];
+
 class Auth0Client {
     constructor(options) {
-        this.userCache = (new InMemoryCache).enclosedCache;
-        this.defaultOptions = {
+        _defineProperty(this, "transactionManager", void 0);
+        _defineProperty(this, "cacheManager", void 0);
+        _defineProperty(this, "lockManager", void 0);
+        _defineProperty(this, "domainUrl", void 0);
+        _defineProperty(this, "tokenIssuer", void 0);
+        _defineProperty(this, "scope", void 0);
+        _defineProperty(this, "cookieStorage", void 0);
+        _defineProperty(this, "dpop", void 0);
+        _defineProperty(this, "sessionCheckExpiryDays", void 0);
+        _defineProperty(this, "orgHintCookieName", void 0);
+        _defineProperty(this, "isAuthenticatedCookieName", void 0);
+        _defineProperty(this, "nowProvider", void 0);
+        _defineProperty(this, "httpTimeoutMs", void 0);
+        _defineProperty(this, "options", void 0);
+        _defineProperty(this, "userCache", (new InMemoryCache).enclosedCache);
+        _defineProperty(this, "myAccountApi", void 0);
+        _defineProperty(this, "mfa", void 0);
+        _defineProperty(this, "worker", void 0);
+        _defineProperty(this, "authJsClient", void 0);
+        _defineProperty(this, "defaultOptions", {
             authorizationParams: {
                 scope: DEFAULT_SCOPE
             },
             useRefreshTokensFallback: false,
             useFormData: true
-        };
-        this.options = Object.assign(Object.assign(Object.assign({}, this.defaultOptions), options), {
-            authorizationParams: Object.assign(Object.assign({}, this.defaultOptions.authorizationParams), options.authorizationParams)
+        });
+        this.options = _objectSpread2(_objectSpread2(_objectSpread2({}, this.defaultOptions), options), {}, {
+            authorizationParams: _objectSpread2(_objectSpread2({}, this.defaultOptions.authorizationParams), options.authorizationParams)
         });
         typeof window !== "undefined" && validateCrypto();
         this.lockManager = getLockManager();
@@ -8227,9 +8317,9 @@ class Auth0Client {
         this.domainUrl = getDomain(this.options.domain);
         this.tokenIssuer = getTokenIssuer(this.options.issuer, this.domainUrl);
         const myAccountApiIdentifier = "".concat(this.domainUrl, "/me/");
-        const myAccountFetcher = this.createFetcher(Object.assign(Object.assign({}, this.options.useDpop && {
+        const myAccountFetcher = this.createFetcher(_objectSpread2(_objectSpread2({}, this.options.useDpop && {
             dpopNonceId: "__auth0_my_account_api__"
-        }), {
+        }), {}, {
             getAccessToken: () => this.getTokenSilently({
                 authorizationParams: {
                     scope: "create:me:connected_accounts",
@@ -8292,14 +8382,39 @@ class Auth0Client {
             });
         }
     }
+    _extractSessionTransferToken(paramName) {
+        const params = new URLSearchParams(window.location.search);
+        return params.get(paramName) || undefined;
+    }
+    _clearSessionTransferTokenFromUrl(paramName) {
+        try {
+            const url = new URL(window.location.href);
+            if (url.searchParams.has(paramName)) {
+                url.searchParams.delete(paramName);
+                window.history.replaceState({}, "", url.toString());
+            }
+        } catch (_unused) {}
+    }
+    _applySessionTransferToken(authorizationParams) {
+        const paramName = this.options.sessionTransferTokenQueryParamName;
+        if (!paramName || authorizationParams.session_transfer_token) {
+            return authorizationParams;
+        }
+        const token = this._extractSessionTransferToken(paramName);
+        if (!token) return authorizationParams;
+        this._clearSessionTransferTokenFromUrl(paramName);
+        return _objectSpread2(_objectSpread2({}, authorizationParams), {}, {
+            session_transfer_token: token
+        });
+    }
     async _prepareAuthorizeUrl(authorizationParams, authorizeOptions, fallbackRedirectUri) {
-        var _a;
+        var _this$dpop;
         const state = encode$2(createRandomString());
         const nonce = encode$2(createRandomString());
         const code_verifier = createRandomString();
         const code_challengeBuffer = await sha256(code_verifier);
         const code_challenge = bufferToBase64UrlEncoded(code_challengeBuffer);
-        const thumbprint = await ((_a = this.dpop) === null || _a === void 0 ? void 0 : _a.calculateThumbprint());
+        const thumbprint = await ((_this$dpop = this.dpop) === null || _this$dpop === void 0 ? void 0 : _this$dpop.calculateThumbprint());
         const params = getAuthorizeParams(this.options, this.scope, authorizationParams, state, nonce, code_challenge, authorizationParams.redirect_uri || this.options.authorizationParams.redirect_uri || fallbackRedirectUri, authorizeOptions === null || authorizeOptions === void 0 ? void 0 : authorizeOptions.response_mode, thumbprint);
         const url = this._authorizeUrl(params);
         return {
@@ -8313,7 +8428,7 @@ class Auth0Client {
         };
     }
     async loginWithPopup(options, config) {
-        var _a;
+        var _options$authorizatio;
         options = options || {};
         config = config || {};
         if (!config.popup) {
@@ -8322,17 +8437,18 @@ class Auth0Client {
                 throw new PopupOpenError;
             }
         }
-        const params = await this._prepareAuthorizeUrl(options.authorizationParams || {}, {
+        const authorizationParams = this._applySessionTransferToken(options.authorizationParams || {});
+        const params = await this._prepareAuthorizeUrl(authorizationParams, {
             response_mode: "web_message"
         }, window.location.origin);
         config.popup.location.href = params.url;
-        const codeResult = await runPopup(Object.assign(Object.assign({}, config), {
+        const codeResult = await runPopup(_objectSpread2(_objectSpread2({}, config), {}, {
             timeoutInSeconds: config.timeoutInSeconds || this.options.authorizeTimeoutInSeconds || DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS
-        }));
+        }), new URL(params.url).origin);
         if (params.state !== codeResult.state) {
             throw new GenericError("state_mismatch", "Invalid state");
         }
-        const organization = ((_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.organization) || this.options.authorizationParams.organization;
+        const organization = ((_options$authorizatio = options.authorizationParams) === null || _options$authorizatio === void 0 ? void 0 : _options$authorizatio.organization) || this.options.authorizationParams.organization;
         await this._requestToken({
             audience: params.audience,
             scope: params.scope,
@@ -8346,25 +8462,26 @@ class Auth0Client {
         });
     }
     async getUser() {
-        var _a;
+        var _cache$decodedToken;
         const cache = await this._getIdTokenFromCache();
-        return (_a = cache === null || cache === void 0 ? void 0 : cache.decodedToken) === null || _a === void 0 ? void 0 : _a.user;
+        return cache === null || cache === void 0 || (_cache$decodedToken = cache.decodedToken) === null || _cache$decodedToken === void 0 ? void 0 : _cache$decodedToken.user;
     }
     async getIdTokenClaims() {
-        var _a;
+        var _cache$decodedToken2;
         const cache = await this._getIdTokenFromCache();
-        return (_a = cache === null || cache === void 0 ? void 0 : cache.decodedToken) === null || _a === void 0 ? void 0 : _a.claims;
+        return cache === null || cache === void 0 || (_cache$decodedToken2 = cache.decodedToken) === null || _cache$decodedToken2 === void 0 ? void 0 : _cache$decodedToken2.claims;
     }
     async loginWithRedirect() {
+        var _urlOptions$authoriza;
         let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-        var _a;
-        const _b = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl, fragment: fragment, appState: appState} = _b, urlOptions = __rest(_b, [ "openUrl", "fragment", "appState" ]);
-        const organization = ((_a = urlOptions.authorizationParams) === null || _a === void 0 ? void 0 : _a.organization) || this.options.authorizationParams.organization;
-        const _c = await this._prepareAuthorizeUrl(urlOptions.authorizationParams || {}), {url: url} = _c, transaction = __rest(_c, [ "url" ]);
-        this.transactionManager.create(Object.assign(Object.assign(Object.assign({}, transaction), {
+        const _patchOpenUrlWithOnRe = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl, fragment: fragment, appState: appState} = _patchOpenUrlWithOnRe, urlOptions = _objectWithoutProperties(_patchOpenUrlWithOnRe, _excluded);
+        const organization = ((_urlOptions$authoriza = urlOptions.authorizationParams) === null || _urlOptions$authoriza === void 0 ? void 0 : _urlOptions$authoriza.organization) || this.options.authorizationParams.organization;
+        const authorizationParams = this._applySessionTransferToken(urlOptions.authorizationParams || {});
+        const _await$this$_prepareA = await this._prepareAuthorizeUrl(authorizationParams), {url: url} = _await$this$_prepareA, transaction = _objectWithoutProperties(_await$this$_prepareA, _excluded2);
+        this.transactionManager.create(_objectSpread2(_objectSpread2({}, transaction), {}, {
             appState: appState,
-            response_type: exports.ResponseType.Code
-        }), organization && {
+            response_type: ResponseType.Code
+        }, organization && {
             organization: organization
         }));
         const urlWithFragment = fragment ? "".concat(url, "#").concat(fragment) : url;
@@ -8386,7 +8503,7 @@ class Auth0Client {
         }
         this.transactionManager.remove();
         const authenticationResult = parseAuthenticationResult(queryStringFragments.join(""));
-        if (transaction.response_type === exports.ResponseType.ConnectCode) {
+        if (transaction.response_type === ResponseType.ConnectCode) {
             return this._handleConnectAccountRedirectCallback(authenticationResult, transaction);
         }
         return this._handleLoginRedirectCallback(authenticationResult, transaction);
@@ -8402,7 +8519,7 @@ class Auth0Client {
         const organization = transaction.organization;
         const nonceIn = transaction.nonce;
         const redirect_uri = transaction.redirect_uri;
-        await this._requestToken(Object.assign({
+        await this._requestToken(_objectSpread2({
             audience: transaction.audience,
             scope: transaction.scope,
             code_verifier: transaction.code_verifier,
@@ -8416,7 +8533,7 @@ class Auth0Client {
         });
         return {
             appState: transaction.appState,
-            response_type: exports.ResponseType.Code
+            response_type: ResponseType.Code
         };
     }
     async _handleConnectAccountRedirectCallback(connectResult, transaction) {
@@ -8436,9 +8553,9 @@ class Auth0Client {
             redirect_uri: transaction.redirect_uri,
             code_verifier: transaction.code_verifier
         });
-        return Object.assign(Object.assign({}, data), {
+        return _objectSpread2(_objectSpread2({}, data), {}, {
             appState: transaction.appState,
-            response_type: exports.ResponseType.ConnectCode
+            response_type: ResponseType.ConnectCode
         });
     }
     async checkSession(options) {
@@ -8458,20 +8575,20 @@ class Auth0Client {
         } catch (_) {}
     }
     async getTokenSilently() {
+        var _options$authorizatio2, _options$authorizatio3;
         let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-        var _a, _b;
-        const localOptions = Object.assign(Object.assign({
+        const localOptions = _objectSpread2(_objectSpread2({
             cacheMode: "on"
-        }, options), {
-            authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), options.authorizationParams), {
-                scope: scopesToRequest(this.scope, (_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.scope, ((_b = options.authorizationParams) === null || _b === void 0 ? void 0 : _b.audience) || this.options.authorizationParams.audience)
+        }, options), {}, {
+            authorizationParams: _objectSpread2(_objectSpread2(_objectSpread2({}, this.options.authorizationParams), options.authorizationParams), {}, {
+                scope: scopesToRequest(this.scope, (_options$authorizatio2 = options.authorizationParams) === null || _options$authorizatio2 === void 0 ? void 0 : _options$authorizatio2.scope, ((_options$authorizatio3 = options.authorizationParams) === null || _options$authorizatio3 === void 0 ? void 0 : _options$authorizatio3.audience) || this.options.authorizationParams.audience)
             })
         });
         const result = await singlePromise(() => this._getTokenSilently(localOptions), "".concat(this.options.clientId, "::").concat(localOptions.authorizationParams.audience, "::").concat(localOptions.authorizationParams.scope));
         return options.detailedResponse ? result : result === null || result === void 0 ? void 0 : result.access_token;
     }
     async _getTokenSilently(options) {
-        const {cacheMode: cacheMode} = options, getTokenOptions = __rest(options, [ "cacheMode" ]);
+        const {cacheMode: cacheMode} = options, getTokenOptions = _objectWithoutProperties(options, _excluded3);
         if (cacheMode !== "off") {
             const entry = await this._getEntryFromCache({
                 scope: getTokenOptions.authorizationParams.scope,
@@ -8501,13 +8618,13 @@ class Auth0Client {
                 }
                 const authResult = this.options.useRefreshTokens ? await this._getTokenUsingRefreshToken(getTokenOptions) : await this._getTokenFromIFrame(getTokenOptions);
                 const {id_token: id_token, token_type: token_type, access_token: access_token, oauthTokenScope: oauthTokenScope, expires_in: expires_in} = authResult;
-                return Object.assign(Object.assign({
+                return _objectSpread2(_objectSpread2({
                     id_token: id_token,
                     token_type: token_type,
                     access_token: access_token
                 }, oauthTokenScope ? {
                     scope: oauthTokenScope
-                } : null), {
+                } : null), {}, {
                     expires_in: expires_in
                 });
             });
@@ -8543,15 +8660,15 @@ class Auth0Client {
         }
     }
     async getTokenWithPopup() {
+        var _options$authorizatio4, _options$authorizatio5;
         let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
         let config = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
-        var _a, _b;
-        const localOptions = Object.assign(Object.assign({}, options), {
-            authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), options.authorizationParams), {
-                scope: scopesToRequest(this.scope, (_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.scope, ((_b = options.authorizationParams) === null || _b === void 0 ? void 0 : _b.audience) || this.options.authorizationParams.audience)
+        const localOptions = _objectSpread2(_objectSpread2({}, options), {}, {
+            authorizationParams: _objectSpread2(_objectSpread2(_objectSpread2({}, this.options.authorizationParams), options.authorizationParams), {}, {
+                scope: scopesToRequest(this.scope, (_options$authorizatio4 = options.authorizationParams) === null || _options$authorizatio4 === void 0 ? void 0 : _options$authorizatio4.scope, ((_options$authorizatio5 = options.authorizationParams) === null || _options$authorizatio5 === void 0 ? void 0 : _options$authorizatio5.audience) || this.options.authorizationParams.audience)
             })
         });
-        config = Object.assign(Object.assign({}, DEFAULT_POPUP_CONFIG_OPTIONS), config);
+        config = _objectSpread2(_objectSpread2({}, DEFAULT_POPUP_CONFIG_OPTIONS), config);
         await this.loginWithPopup(localOptions, config);
         const cache = await this.cacheManager.get(new CacheKey({
             scope: localOptions.authorizationParams.scope,
@@ -8570,17 +8687,17 @@ class Auth0Client {
         } else {
             delete options.clientId;
         }
-        const _a = options.logoutParams || {}, {federated: federated} = _a, logoutOptions = __rest(_a, [ "federated" ]);
+        const _ref = options.logoutParams || {}, {federated: federated} = _ref, logoutOptions = _objectWithoutProperties(_ref, _excluded4);
         const federatedQuery = federated ? "&federated" : "";
-        const url = this._url("/v2/logout?".concat(createQueryParams(Object.assign({
+        const url = this._url("/v2/logout?".concat(createQueryParams(_objectSpread2({
             clientId: options.clientId
         }, logoutOptions))));
         return url + federatedQuery;
     }
     async logout() {
+        var _this$dpop2;
         let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-        var _a;
-        const _b = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl} = _b, logoutOptions = __rest(_b, [ "openUrl" ]);
+        const _patchOpenUrlWithOnRe2 = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl} = _patchOpenUrlWithOnRe2, logoutOptions = _objectWithoutProperties(_patchOpenUrlWithOnRe2, _excluded5);
         if (options.clientId === null) {
             await this.cacheManager.clear();
         } else {
@@ -8593,7 +8710,7 @@ class Auth0Client {
             cookieDomain: this.options.cookieDomain
         });
         this.userCache.remove(CACHE_KEY_ID_TOKEN_SUFFIX);
-        await ((_a = this.dpop) === null || _a === void 0 ? void 0 : _a.clear());
+        await ((_this$dpop2 = this.dpop) === null || _this$dpop2 === void 0 ? void 0 : _this$dpop2.clear());
         const url = this._buildLogoutUrl(logoutOptions);
         if (openUrl) {
             await openUrl(url);
@@ -8605,7 +8722,7 @@ class Auth0Client {
         const iframeLockKey = buildIframeLockKey(this.options.clientId);
         try {
             return await this.lockManager.runWithLock(iframeLockKey, 5e3, async () => {
-                const params = Object.assign(Object.assign({}, options.authorizationParams), {
+                const params = _objectSpread2(_objectSpread2({}, options.authorizationParams), {}, {
                     prompt: "none"
                 });
                 const orgHint = this.cookieStorage.get(this.orgHintCookieName);
@@ -8622,14 +8739,14 @@ class Auth0Client {
                 let eventOrigin;
                 try {
                     eventOrigin = new URL(this.domainUrl).origin;
-                } catch (_a) {
+                } catch (_unused2) {
                     eventOrigin = this.domainUrl;
                 }
                 const codeResult = await runIframe(url, eventOrigin, authorizeTimeout);
                 if (stateIn !== codeResult.state) {
                     throw new GenericError("state_mismatch", "Invalid state");
                 }
-                const tokenResult = await this._requestToken(Object.assign(Object.assign({}, options.authorizationParams), {
+                const tokenResult = await this._requestToken(_objectSpread2(_objectSpread2({}, options.authorizationParams), {}, {
                     code_verifier: code_verifier,
                     code: codeResult.code,
                     grant_type: "authorization_code",
@@ -8639,7 +8756,7 @@ class Auth0Client {
                     nonceIn: nonceIn,
                     organization: params.organization
                 });
-                return Object.assign(Object.assign({}, tokenResult), {
+                return _objectSpread2(_objectSpread2({}, tokenResult), {}, {
                     scope: scope,
                     oauthTokenScope: tokenResult.scope,
                     audience: audience
@@ -8658,7 +8775,6 @@ class Auth0Client {
         }
     }
     async _getTokenUsingRefreshToken(options) {
-        var _a, _b;
         const cache = await this.cacheManager.get(new CacheKey({
             scope: options.authorizationParams.scope,
             audience: options.authorizationParams.audience || DEFAULT_AUDIENCE,
@@ -8674,16 +8790,16 @@ class Auth0Client {
         const timeout = typeof options.timeoutInSeconds === "number" ? options.timeoutInSeconds * 1e3 : null;
         const scopesToRequest = getScopeToRequest(this.options.useMrrt, options.authorizationParams, cache === null || cache === void 0 ? void 0 : cache.audience, cache === null || cache === void 0 ? void 0 : cache.scope);
         try {
-            const tokenResult = await this._requestToken(Object.assign(Object.assign(Object.assign({}, options.authorizationParams), {
+            const tokenResult = await this._requestToken(_objectSpread2(_objectSpread2({}, options.authorizationParams), {}, {
                 grant_type: "refresh_token",
                 refresh_token: cache && cache.refresh_token,
                 redirect_uri: redirect_uri
-            }), timeout && {
+            }, timeout && {
                 timeout: timeout
             }), {
                 scopesToRequest: scopesToRequest
             });
-            if (tokenResult.refresh_token && (cache === null || cache === void 0 ? void 0 : cache.refresh_token)) {
+            if (tokenResult.refresh_token && cache !== null && cache !== void 0 && cache.refresh_token) {
                 await this.cacheManager.updateEntry(cache.refresh_token, tokenResult.refresh_token);
             }
             if (this.options.useMrrt) {
@@ -8700,7 +8816,7 @@ class Auth0Client {
                     }
                 }
             }
-            return Object.assign(Object.assign({}, tokenResult), {
+            return _objectSpread2(_objectSpread2({}, tokenResult), {}, {
                 scope: options.authorizationParams.scope,
                 oauthTokenScope: tokenResult.scope,
                 audience: options.authorizationParams.audience || DEFAULT_AUDIENCE
@@ -8718,13 +8834,14 @@ class Auth0Client {
                 }
             }
             if (e instanceof MfaRequiredError) {
-                this.mfa.setMFAAuthDetails(e.mfa_token, (_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.scope, (_b = options.authorizationParams) === null || _b === void 0 ? void 0 : _b.audience, e.mfa_requirements);
+                var _options$authorizatio6, _options$authorizatio7;
+                this.mfa.setMFAAuthDetails(e.mfa_token, (_options$authorizatio6 = options.authorizationParams) === null || _options$authorizatio6 === void 0 ? void 0 : _options$authorizatio6.scope, (_options$authorizatio7 = options.authorizationParams) === null || _options$authorizatio7 === void 0 ? void 0 : _options$authorizatio7.audience, e.mfa_requirements);
             }
             throw e;
         }
     }
     async _saveEntryInCache(entry) {
-        const {id_token: id_token, decodedToken: decodedToken} = entry, entryWithoutIdToken = __rest(entry, [ "id_token", "decodedToken" ]);
+        const {id_token: id_token, decodedToken: decodedToken} = entry, entryWithoutIdToken = _objectWithoutProperties(entry, _excluded6);
         this.userCache.set(CACHE_KEY_ID_TOKEN_SUFFIX, {
             id_token: id_token,
             decodedToken: decodedToken
@@ -8747,8 +8864,8 @@ class Auth0Client {
         this.userCache.set(CACHE_KEY_ID_TOKEN_SUFFIX, cache);
         return cache;
     }
-    async _getEntryFromCache(_ref) {
-        let {scope: scope, audience: audience, clientId: clientId, cacheMode: cacheMode} = _ref;
+    async _getEntryFromCache(_ref2) {
+        let {scope: scope, audience: audience, clientId: clientId, cacheMode: cacheMode} = _ref2;
         const entry = await this.cacheManager.get(new CacheKey({
             scope: scope,
             audience: audience,
@@ -8757,21 +8874,20 @@ class Auth0Client {
         if (entry && entry.access_token) {
             const {token_type: token_type, access_token: access_token, oauthTokenScope: oauthTokenScope, expires_in: expires_in} = entry;
             const cache = await this._getIdTokenFromCache();
-            return cache && Object.assign(Object.assign({
+            return cache && _objectSpread2(_objectSpread2({
                 id_token: cache.id_token,
                 token_type: token_type ? token_type : "Bearer",
                 access_token: access_token
             }, oauthTokenScope ? {
                 scope: oauthTokenScope
-            } : null), {
+            } : null), {}, {
                 expires_in: expires_in
             });
         }
     }
     async _requestToken(options, additionalParameters) {
-        var _a, _b;
         const {nonceIn: nonceIn, organization: organization, scopesToRequest: scopesToRequest} = additionalParameters || {};
-        const authResult = await oauthToken(Object.assign(Object.assign({
+        const authResult = await oauthToken(_objectSpread2(_objectSpread2({
             baseUrl: this.domainUrl,
             client_id: this.options.clientId,
             auth0Client: this.options.auth0Client,
@@ -8779,24 +8895,25 @@ class Auth0Client {
             timeout: this.httpTimeoutMs,
             useMrrt: this.options.useMrrt,
             dpop: this.dpop
-        }, options), {
+        }, options), {}, {
             scope: scopesToRequest || options.scope
         }), this.worker);
         const decodedToken = await this._verifyIdToken(authResult.id_token, nonceIn, organization);
         if (options.grant_type === "authorization_code") {
+            var _existingIdToken$deco;
             const existingIdToken = await this._getIdTokenFromCache();
-            if (((_b = (_a = existingIdToken === null || existingIdToken === void 0 ? void 0 : existingIdToken.decodedToken) === null || _a === void 0 ? void 0 : _a.claims) === null || _b === void 0 ? void 0 : _b.sub) && existingIdToken.decodedToken.claims.sub !== decodedToken.claims.sub) {
+            if (existingIdToken !== null && existingIdToken !== void 0 && (_existingIdToken$deco = existingIdToken.decodedToken) !== null && _existingIdToken$deco !== void 0 && (_existingIdToken$deco = _existingIdToken$deco.claims) !== null && _existingIdToken$deco !== void 0 && _existingIdToken$deco.sub && existingIdToken.decodedToken.claims.sub !== decodedToken.claims.sub) {
                 await this.cacheManager.clear(this.options.clientId);
                 this.userCache.remove(CACHE_KEY_ID_TOKEN_SUFFIX);
             }
         }
-        await this._saveEntryInCache(Object.assign(Object.assign(Object.assign(Object.assign({}, authResult), {
+        await this._saveEntryInCache(_objectSpread2(_objectSpread2(_objectSpread2({}, authResult), {}, {
             decodedToken: decodedToken,
             scope: options.scope,
             audience: options.audience || DEFAULT_AUDIENCE
-        }), authResult.scope ? {
+        }, authResult.scope ? {
             oauthTokenScope: authResult.scope
-        } : null), {
+        } : null), {}, {
             client_id: this.options.clientId
         }));
         this.cookieStorage.save(this.isAuthenticatedCookieName, true, {
@@ -8804,12 +8921,12 @@ class Auth0Client {
             cookieDomain: this.options.cookieDomain
         });
         this._processOrgHint(organization || decodedToken.claims.org_id);
-        return Object.assign(Object.assign({}, authResult), {
+        return _objectSpread2(_objectSpread2({}, authResult), {}, {
             decodedToken: decodedToken
         });
     }
     async loginWithCustomTokenExchange(options) {
-        return this._requestToken(Object.assign(Object.assign({}, options), {
+        return this._requestToken(_objectSpread2(_objectSpread2({}, options), {}, {
             grant_type: "urn:ietf:params:oauth:grant-type:token-exchange",
             subject_token: options.subject_token,
             subject_token_type: options.subject_token_type,
@@ -8843,10 +8960,10 @@ class Auth0Client {
         return new Fetcher(config, {
             isDpopEnabled: () => !!this.options.useDpop,
             getAccessToken: authParams => {
-                var _a;
+                var _authParams$scope;
                 return this.getTokenSilently({
                     authorizationParams: {
-                        scope: (_a = authParams === null || authParams === void 0 ? void 0 : authParams.scope) === null || _a === void 0 ? void 0 : _a.join(" "),
+                        scope: authParams === null || authParams === void 0 || (_authParams$scope = authParams.scope) === null || _authParams$scope === void 0 ? void 0 : _authParams$scope.join(" "),
                         audience: authParams === null || authParams === void 0 ? void 0 : authParams.audience
                     },
                     detailedResponse: true
@@ -8882,7 +8999,7 @@ class Auth0Client {
             redirect_uri: redirectUri,
             appState: appState,
             connection: connection,
-            response_type: exports.ResponseType.ConnectCode
+            response_type: ResponseType.ConnectCode
         });
         const url = new URL(connect_uri);
         url.searchParams.set("ticket", connect_params.ticket);
@@ -8893,8 +9010,8 @@ class Auth0Client {
         }
     }
     async _requestTokenForMfa(options, additionalParameters) {
-        const {mfaToken: mfaToken} = options, restOptions = __rest(options, [ "mfaToken" ]);
-        return this._requestToken(Object.assign(Object.assign({}, restOptions), {
+        const {mfaToken: mfaToken} = options, restOptions = _objectWithoutProperties(options, _excluded7);
+        return this._requestToken(_objectSpread2(_objectSpread2({}, restOptions), {}, {
             mfa_token: mfaToken
         }), additionalParameters);
     }
@@ -8946,6 +9063,8 @@ exports.PopupOpenError = PopupOpenError;
 
 exports.PopupTimeoutError = PopupTimeoutError;
 
+exports.ResponseType = ResponseType;
+
 exports.TimeoutError = TimeoutError;
 
 exports.UseDpopNonceError = UseDpopNonceError;