@auth0/auth0-spa-js 2.18.3 → 2.19.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (31) hide show
  1. package/README.md +1 -1
  2. package/dist/auth0-spa-js.development.js +405 -362
  3. package/dist/auth0-spa-js.development.js.map +1 -1
  4. package/dist/auth0-spa-js.production.esm.js +1 -1
  5. package/dist/auth0-spa-js.production.esm.js.map +1 -1
  6. package/dist/auth0-spa-js.production.js +1 -1
  7. package/dist/auth0-spa-js.production.js.map +1 -1
  8. package/dist/auth0-spa-js.worker.development.js +132 -81
  9. package/dist/auth0-spa-js.worker.development.js.map +1 -1
  10. package/dist/auth0-spa-js.worker.production.js +1 -1
  11. package/dist/auth0-spa-js.worker.production.js.map +1 -1
  12. package/dist/lib/auth0-spa-js.cjs.js +427 -385
  13. package/dist/lib/auth0-spa-js.cjs.js.map +1 -1
  14. package/dist/typings/Auth0Client.d.ts +38 -1
  15. package/dist/typings/api.d.ts +31 -0
  16. package/dist/typings/cache/cache-manager.d.ts +13 -0
  17. package/dist/typings/global.d.ts +7 -0
  18. package/dist/typings/http.d.ts +6 -0
  19. package/dist/typings/version.d.ts +1 -1
  20. package/dist/typings/worker/worker.types.d.ts +13 -6
  21. package/dist/typings/worker/worker.utils.d.ts +11 -5
  22. package/package.json +2 -2
  23. package/src/Auth0Client.ts +73 -2
  24. package/src/api.ts +112 -2
  25. package/src/cache/cache-manager.ts +57 -0
  26. package/src/global.ts +8 -0
  27. package/src/http.ts +28 -21
  28. package/src/version.ts +1 -1
  29. package/src/worker/token.worker.ts +120 -5
  30. package/src/worker/worker.types.ts +17 -6
  31. package/src/worker/worker.utils.ts +18 -7
package/dist/auth0-spa-js.development.js CHANGED
@@ -3,145 +3,19 @@
3
3
  factory(global.auth0 = {}));
4
4
  })(this, function(exports) {
5
5
  "use strict";
6
- function _OverloadYield(e, d) {
7
- this.v = e, this.k = d;
8
- }
9
- function _assertClassBrand(e, t, n) {
10
- if ("function" == typeof e ? e === t : e.has(t)) return arguments.length < 3 ? t : n;
11
- throw new TypeError("Private element is not present on this object");
12
- }
13
- function _awaitAsyncGenerator(e) {
14
- return new _OverloadYield(e, 0);
15
- }
16
- function _checkPrivateRedeclaration(e, t) {
17
- if (t.has(e)) throw new TypeError("Cannot initialize the same private elements twice on an object");
18
- }
19
- function _classPrivateFieldGet2(s, a) {
20
- return s.get(_assertClassBrand(s, a));
21
- }
22
- function _classPrivateFieldInitSpec(e, t, a) {
23
- _checkPrivateRedeclaration(e, t), t.set(e, a);
24
- }
25
- function _classPrivateFieldSet2(s, a, r) {
26
- return s.set(_assertClassBrand(s, a), r), r;
27
- }
28
- function _classPrivateMethodInitSpec(e, a) {
29
- _checkPrivateRedeclaration(e, a), a.add(e);
30
- }
31
- function _defineProperty(e, r, t) {
32
- return (r = _toPropertyKey(r)) in e ? Object.defineProperty(e, r, {
33
- value: t,
34
- enumerable: !0,
35
- configurable: !0,
36
- writable: !0
37
- }) : e[r] = t, e;
38
- }
39
- function ownKeys(e, r) {
40
- var t = Object.keys(e);
41
- if (Object.getOwnPropertySymbols) {
42
- var o = Object.getOwnPropertySymbols(e);
43
- r && (o = o.filter(function(r) {
44
- return Object.getOwnPropertyDescriptor(e, r).enumerable;
45
- })), t.push.apply(t, o);
46
- }
47
- return t;
48
- }
49
- function _objectSpread2(e) {
50
- for (var r = 1; r < arguments.length; r++) {
51
- var t = null != arguments[r] ? arguments[r] : {};
52
- r % 2 ? ownKeys(Object(t), !0).forEach(function(r) {
53
- _defineProperty(e, r, t[r]);
54
- }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys(Object(t)).forEach(function(r) {
55
- Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r));
56
- });
57
- }
58
- return e;
59
- }
60
- function _objectWithoutProperties(e, t) {
61
- if (null == e) return {};
62
- var o, r, i = _objectWithoutPropertiesLoose(e, t);
63
- if (Object.getOwnPropertySymbols) {
64
- var n = Object.getOwnPropertySymbols(e);
65
- for (r = 0; r < n.length; r++) o = n[r], -1 === t.indexOf(o) && {}.propertyIsEnumerable.call(e, o) && (i[o] = e[o]);
66
- }
67
- return i;
68
- }
69
- function _objectWithoutPropertiesLoose(r, e) {
70
- if (null == r) return {};
6
+ function __rest(s, e) {
71
7
  var t = {};
72
- for (var n in r) if ({}.hasOwnProperty.call(r, n)) {
73
- if (-1 !== e.indexOf(n)) continue;
74
- t[n] = r[n];
8
+ for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0) t[p] = s[p];
9
+ if (s != null && typeof Object.getOwnPropertySymbols === "function") for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
10
+ if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i])) t[p[i]] = s[p[i]];
75
11
  }
76
12
  return t;
77
13
  }
78
- function _toPrimitive(t, r) {
79
- if ("object" != typeof t || !t) return t;
80
- var e = t[Symbol.toPrimitive];
81
- if (void 0 !== e) {
82
- var i = e.call(t, r || "default");
83
- if ("object" != typeof i) return i;
84
- throw new TypeError("@@toPrimitive must return a primitive value.");
85
- }
86
- return ("string" === r ? String : Number)(t);
87
- }
88
- function _toPropertyKey(t) {
89
- var i = _toPrimitive(t, "string");
90
- return "symbol" == typeof i ? i : i + "";
91
- }
92
- function _wrapAsyncGenerator(e) {
93
- return function() {
94
- return new AsyncGenerator(e.apply(this, arguments));
95
- };
96
- }
97
- function AsyncGenerator(e) {
98
- var t, n;
99
- function resume(t, n) {
100
- try {
101
- var r = e[t](n), o = r.value, u = o instanceof _OverloadYield;
102
- Promise.resolve(u ? o.v : o).then(function(n) {
103
- if (u) {
104
- var i = "return" === t && o.k ? t : "next";
105
- if (!o.k || n.done) return resume(i, n);
106
- n = e[i](n).value;
107
- }
108
- settle(!!r.done, n);
109
- }, function(e) {
110
- resume("throw", e);
111
- });
112
- } catch (e) {
113
- settle(2, e);
114
- }
115
- }
116
- function settle(e, r) {
117
- 2 === e ? t.reject(r) : t.resolve({
118
- value: r,
119
- done: e
120
- }), (t = t.next) ? resume(t.key, t.arg) : n = null;
121
- }
122
- this._invoke = function(e, r) {
123
- return new Promise(function(o, u) {
124
- var i = {
125
- key: e,
126
- arg: r,
127
- resolve: o,
128
- reject: u,
129
- next: null
130
- };
131
- n ? n = n.next = i : (t = n = i, resume(e, r));
132
- });
133
- }, "function" != typeof e.return && (this.return = void 0);
134
- }
135
- AsyncGenerator.prototype["function" == typeof Symbol && Symbol.asyncIterator || "@@asyncIterator"] = function() {
136
- return this;
137
- }, AsyncGenerator.prototype.next = function(e) {
138
- return this._invoke("next", e);
139
- }, AsyncGenerator.prototype.throw = function(e) {
140
- return this._invoke("throw", e);
141
- }, AsyncGenerator.prototype.return = function(e) {
142
- return this._invoke("return", e);
14
+ typeof SuppressedError === "function" ? SuppressedError : function(error, suppressed, message) {
15
+ var e = new Error(message);
16
+ return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
143
17
  };
144
- var version = "2.18.3";
18
+ var version = "2.19.0";
145
19
  const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;
146
20
  const DEFAULT_POPUP_CONFIG_OPTIONS = {
147
21
  timeoutInSeconds: DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS
@@ -254,7 +128,6 @@
254
128
  let exclude = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : [];
255
129
  return value && !exclude.includes(value) ? value : "";
256
130
  }
257
- const _excluded$5 = [ "clientId" ];
258
131
  const parseAuthenticationResult = queryString => {
259
132
  if (queryString.indexOf("#") > -1) {
260
133
  queryString = queryString.substring(0, queryString.indexOf("#"));
@@ -359,7 +232,7 @@
359
232
  return random;
360
233
  };
361
234
  const encode$2 = value => btoa(value);
362
- const stripUndefined = params => Object.keys(params).filter(k => typeof params[k] !== "undefined").reduce((acc, key) => _objectSpread2(_objectSpread2({}, acc), {}, {
235
+ const stripUndefined = params => Object.keys(params).filter(k => typeof params[k] !== "undefined").reduce((acc, key) => Object.assign(Object.assign({}, acc), {
363
236
  [key]: params[key]
364
237
  }), {});
365
238
  const ALLOWED_AUTH0CLIENT_PROPERTIES = [ {
@@ -385,9 +258,9 @@
385
258
  return acc;
386
259
  }, {});
387
260
  };
388
- const createQueryParams = _ref => {
389
- let {clientId: client_id} = _ref, params = _objectWithoutProperties(_ref, _excluded$5);
390
- return new URLSearchParams(stripUndefined(_objectSpread2({
261
+ const createQueryParams = _a => {
262
+ var {clientId: client_id} = _a, params = __rest(_a, [ "clientId" ]);
263
+ return new URLSearchParams(stripUndefined(Object.assign({
391
264
  client_id: client_id
392
265
  }, params))).toString();
393
266
  };
@@ -437,8 +310,8 @@
437
310
  }
438
311
  return parseInt(value, 10) || undefined;
439
312
  };
440
- const fromEntries = iterable => [ ...iterable ].reduce((obj, _ref2) => {
441
- let [key, val] = _ref2;
313
+ const fromEntries = iterable => [ ...iterable ].reduce((obj, _ref) => {
314
+ let [key, val] = _ref;
442
315
  obj[key] = val;
443
316
  return obj;
444
317
  }, {});
@@ -978,9 +851,7 @@
978
851
  }
979
852
  class LegacyLockManager {
980
853
  constructor() {
981
- _defineProperty(this, "lock", void 0);
982
- _defineProperty(this, "activeLocks", new Set);
983
- _defineProperty(this, "pagehideHandler", void 0);
854
+ this.activeLocks = new Set;
984
855
  this.lock = new _default;
985
856
  this.pagehideHandler = () => {
986
857
  this.activeLocks.forEach(key => this.lock.releaseLock(key));
@@ -1012,8 +883,8 @@
1012
883
  }
1013
884
  }
1014
885
  function isWebLocksSupported() {
1015
- var _navigator$locks;
1016
- return typeof navigator !== "undefined" && typeof ((_navigator$locks = navigator.locks) === null || _navigator$locks === void 0 ? void 0 : _navigator$locks.request) === "function";
886
+ var _a;
887
+ return typeof navigator !== "undefined" && typeof ((_a = navigator.locks) === null || _a === void 0 ? void 0 : _a.request) === "function";
1017
888
  }
1018
889
  function createLockManager() {
1019
890
  return isWebLocksSupported() ? new WebLocksApiManager : new LegacyLockManager;
@@ -1347,21 +1218,12 @@
1347
1218
  };
1348
1219
  to.postMessage(message, [ messageChannel.port2 ]);
1349
1220
  });
1350
- const _excluded$4 = [ "error", "error_description" ];
1351
1221
  const createAbortController = () => new AbortController;
1352
- const dofetch = async (fetchUrl, fetchOptions) => {
1353
- const response = await fetch(fetchUrl, fetchOptions);
1354
- return {
1355
- ok: response.ok,
1356
- json: await response.json(),
1357
- headers: fromEntries(response.headers)
1358
- };
1359
- };
1360
- const fetchWithoutWorker = async (fetchUrl, fetchOptions, timeout) => {
1222
+ const fetchWithTimeout = (fetchUrl, fetchOptions, timeout) => {
1361
1223
  const controller = createAbortController();
1362
1224
  fetchOptions.signal = controller.signal;
1363
1225
  let timeoutId;
1364
- return Promise.race([ dofetch(fetchUrl, fetchOptions), new Promise((_, reject) => {
1226
+ return Promise.race([ fetch(fetchUrl, fetchOptions), new Promise((_, reject) => {
1365
1227
  timeoutId = setTimeout(() => {
1366
1228
  controller.abort();
1367
1229
  reject(new Error("Timeout when executing 'fetch'"));
@@ -1370,7 +1232,16 @@
1370
1232
  clearTimeout(timeoutId);
1371
1233
  });
1372
1234
  };
1235
+ const fetchWithoutWorker = async (fetchUrl, fetchOptions, timeout) => {
1236
+ const response = await fetchWithTimeout(fetchUrl, fetchOptions, timeout);
1237
+ return {
1238
+ ok: response.ok,
1239
+ json: await response.json(),
1240
+ headers: fromEntries(response.headers)
1241
+ };
1242
+ };
1373
1243
  const fetchWithWorker = async (fetchUrl, audience, scope, fetchOptions, timeout, worker, useFormData, useMrrt) => sendMessage({
1244
+ type: "refresh",
1374
1245
  auth: {
1375
1246
  audience: audience,
1376
1247
  scope: scope
@@ -1397,7 +1268,7 @@
1397
1268
  method: options.method || "GET",
1398
1269
  nonce: await dpop.getNonce()
1399
1270
  });
1400
- options.headers = _objectSpread2(_objectSpread2({}, options.headers), {}, {
1271
+ options.headers = Object.assign(Object.assign({}, options.headers), {
1401
1272
  dpop: dpopProof
1402
1273
  });
1403
1274
  }
@@ -1415,7 +1286,7 @@
1415
1286
  if (fetchError) {
1416
1287
  throw fetchError;
1417
1288
  }
1418
- const {json: {error: error, error_description: error_description}, headers: headers, ok: ok} = response, data = _objectWithoutProperties(response.json, _excluded$4);
1289
+ const _a = response.json, {error: error, error_description: error_description} = _a, data = __rest(_a, [ "error", "error_description" ]), {headers: headers, ok: ok} = response;
1419
1290
  let newDpopNonce;
1420
1291
  if (dpop) {
1421
1292
  newDpopNonce = headers[DPOP_NONCE_HEADER];
@@ -1441,12 +1312,11 @@
1441
1312
  }
1442
1313
  return data;
1443
1314
  }
1444
- const _excluded$3 = [ "baseUrl", "timeout", "audience", "scope", "auth0Client", "useFormData", "useMrrt", "dpop" ];
1445
- async function oauthToken(_ref, worker) {
1446
- let {baseUrl: baseUrl, timeout: timeout, audience: audience, scope: scope, auth0Client: auth0Client, useFormData: useFormData, useMrrt: useMrrt, dpop: dpop} = _ref, options = _objectWithoutProperties(_ref, _excluded$3);
1315
+ async function oauthToken(_a, worker) {
1316
+ var {baseUrl: baseUrl, timeout: timeout, audience: audience, scope: scope, auth0Client: auth0Client, useFormData: useFormData, useMrrt: useMrrt, dpop: dpop} = _a, options = __rest(_a, [ "baseUrl", "timeout", "audience", "scope", "auth0Client", "useFormData", "useMrrt", "dpop" ]);
1447
1317
  const isTokenExchange = options.grant_type === "urn:ietf:params:oauth:grant-type:token-exchange";
1448
1318
  const refreshWithMrrt = options.grant_type === "refresh_token" && useMrrt;
1449
- const allParams = _objectSpread2(_objectSpread2(_objectSpread2(_objectSpread2({}, options), isTokenExchange && audience && {
1319
+ const allParams = Object.assign(Object.assign(Object.assign(Object.assign({}, options), isTokenExchange && audience && {
1450
1320
  audience: audience
1451
1321
  }), isTokenExchange && scope && {
1452
1322
  scope: scope
@@ -1465,6 +1335,59 @@
1465
1335
  }
1466
1336
  }, worker, useFormData, useMrrt, isDpopSupported ? dpop : undefined);
1467
1337
  }
1338
+ async function revokeToken(_ref, worker) {
1339
+ let {baseUrl: baseUrl, timeout: timeout, auth0Client: auth0Client, useFormData: useFormData, refreshTokens: refreshTokens, audience: audience, client_id: client_id, onRefreshTokenRevoked: onRefreshTokenRevoked} = _ref;
1340
+ const resolvedTimeout = timeout || DEFAULT_FETCH_TIMEOUT_MS;
1341
+ const token_type_hint = "refresh_token";
1342
+ const fetchUrl = "".concat(baseUrl, "/oauth/revoke");
1343
+ const headers = {
1344
+ "Content-Type": useFormData ? "application/x-www-form-urlencoded" : "application/json",
1345
+ "Auth0-Client": btoa(JSON.stringify(stripAuth0Client(auth0Client || DEFAULT_AUTH0_CLIENT)))
1346
+ };
1347
+ if (worker) {
1348
+ const baseParams = {
1349
+ client_id: client_id,
1350
+ token_type_hint: token_type_hint
1351
+ };
1352
+ const body = useFormData ? createQueryParams(baseParams) : JSON.stringify(baseParams);
1353
+ return sendMessage({
1354
+ type: "revoke",
1355
+ timeout: resolvedTimeout,
1356
+ fetchUrl: fetchUrl,
1357
+ fetchOptions: {
1358
+ method: "POST",
1359
+ body: body,
1360
+ headers: headers
1361
+ },
1362
+ useFormData: useFormData,
1363
+ auth: {
1364
+ audience: audience !== null && audience !== void 0 ? audience : DEFAULT_AUDIENCE
1365
+ }
1366
+ }, worker);
1367
+ }
1368
+ for (const refreshToken of refreshTokens) {
1369
+ const params = {
1370
+ client_id: client_id,
1371
+ token_type_hint: token_type_hint,
1372
+ token: refreshToken
1373
+ };
1374
+ const body = useFormData ? createQueryParams(params) : JSON.stringify(params);
1375
+ const response = await fetchWithTimeout(fetchUrl, {
1376
+ method: "POST",
1377
+ body: body,
1378
+ headers: headers
1379
+ }, resolvedTimeout);
1380
+ if (!response.ok) {
1381
+ let error;
1382
+ let errorDescription;
1383
+ try {
1384
+ ({error: error, error_description: errorDescription} = JSON.parse(await response.text()));
1385
+ } catch (_a) {}
1386
+ throw new GenericError(error || "revoke_error", errorDescription || "HTTP error ".concat(response.status));
1387
+ }
1388
+ await (onRefreshTokenRevoked === null || onRefreshTokenRevoked === void 0 ? void 0 : onRefreshTokenRevoked(refreshToken));
1389
+ }
1390
+ }
1468
1391
  const dedupe = arr => Array.from(new Set(arr));
1469
1392
  const getUniqueScopes = function getUniqueScopes() {
1470
1393
  for (var _len = arguments.length, scopes = new Array(_len), _key = 0; _key < _len; _key++) {
@@ -1508,9 +1431,6 @@
1508
1431
  let suffix = arguments.length > 2 ? arguments[2] : undefined;
1509
1432
  this.prefix = prefix;
1510
1433
  this.suffix = suffix;
1511
- _defineProperty(this, "clientId", void 0);
1512
- _defineProperty(this, "scope", void 0);
1513
- _defineProperty(this, "audience", void 0);
1514
1434
  this.clientId = data.clientId;
1515
1435
  this.scope = data.scope;
1516
1436
  this.audience = data.audience;
@@ -1558,7 +1478,7 @@
1558
1478
  }
1559
1479
  class InMemoryCache {
1560
1480
  constructor() {
1561
- _defineProperty(this, "enclosedCache", function() {
1481
+ this.enclosedCache = function() {
1562
1482
  let cache = {};
1563
1483
  return {
1564
1484
  set(key, entry) {
@@ -1578,7 +1498,7 @@
1578
1498
  return Object.keys(cache);
1579
1499
  }
1580
1500
  };
1581
- }());
1501
+ }();
1582
1502
  }
1583
1503
  }
1584
1504
  const DEFAULT_EXPIRY_ADJUSTMENT_SECONDS = 0;
@@ -1586,17 +1506,16 @@
1586
1506
  constructor(cache, keyManifest, nowProvider) {
1587
1507
  this.cache = cache;
1588
1508
  this.keyManifest = keyManifest;
1589
- _defineProperty(this, "nowProvider", void 0);
1590
1509
  this.nowProvider = nowProvider || DEFAULT_NOW_PROVIDER;
1591
1510
  }
1592
1511
  async setIdToken(clientId, idToken, decodedToken) {
1593
- var _this$keyManifest;
1512
+ var _a;
1594
1513
  const cacheKey = this.getIdTokenCacheKey(clientId);
1595
1514
  await this.cache.set(cacheKey, {
1596
1515
  id_token: idToken,
1597
1516
  decodedToken: decodedToken
1598
1517
  });
1599
- await ((_this$keyManifest = this.keyManifest) === null || _this$keyManifest === void 0 ? void 0 : _this$keyManifest.add(cacheKey));
1518
+ await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.add(cacheKey));
1600
1519
  }
1601
1520
  async getIdToken(cacheKey) {
1602
1521
  const entry = await this.cache.get(this.getIdTokenCacheKey(cacheKey.clientId));
@@ -1625,6 +1544,7 @@
1625
1544
  let expiryAdjustmentSeconds = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : DEFAULT_EXPIRY_ADJUSTMENT_SECONDS;
1626
1545
  let useMrrt = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : false;
1627
1546
  let cacheMode = arguments.length > 3 ? arguments[3] : undefined;
1547
+ var _a;
1628
1548
  let wrappedEntry = await this.cache.get(cacheKey.toKey());
1629
1549
  if (!wrappedEntry) {
1630
1550
  const keys = await this.getCacheKeys();
@@ -1643,12 +1563,11 @@
1643
1563
  const now = await this.nowProvider();
1644
1564
  const nowSeconds = Math.floor(now / 1e3);
1645
1565
  if (wrappedEntry.expiresAt - expiryAdjustmentSeconds < nowSeconds) {
1646
- var _this$keyManifest2;
1647
1566
  if (wrappedEntry.body.refresh_token) {
1648
1567
  return this.modifiedCachedEntry(wrappedEntry, cacheKey);
1649
1568
  }
1650
1569
  await this.cache.remove(cacheKey.toKey());
1651
- await ((_this$keyManifest2 = this.keyManifest) === null || _this$keyManifest2 === void 0 ? void 0 : _this$keyManifest2.remove(cacheKey.toKey()));
1570
+ await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.remove(cacheKey.toKey()));
1652
1571
  return;
1653
1572
  }
1654
1573
  return wrappedEntry.body;
@@ -1667,7 +1586,7 @@
1667
1586
  };
1668
1587
  }
1669
1588
  async set(entry) {
1670
- var _this$keyManifest3;
1589
+ var _a;
1671
1590
  const cacheKey = new CacheKey({
1672
1591
  clientId: entry.client_id,
1673
1592
  scope: entry.scope,
@@ -1675,7 +1594,7 @@
1675
1594
  });
1676
1595
  const wrappedEntry = await this.wrapCacheEntry(entry);
1677
1596
  await this.cache.set(cacheKey.toKey(), wrappedEntry);
1678
- await ((_this$keyManifest3 = this.keyManifest) === null || _this$keyManifest3 === void 0 ? void 0 : _this$keyManifest3.add(cacheKey.toKey()));
1597
+ await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.add(cacheKey.toKey()));
1679
1598
  }
1680
1599
  async remove(client_id, audience, scope) {
1681
1600
  const cacheKey = new CacheKey({
@@ -1685,15 +1604,27 @@
1685
1604
  });
1686
1605
  await this.cache.remove(cacheKey.toKey());
1687
1606
  }
1607
+ async stripRefreshToken(refreshToken) {
1608
+ var _a;
1609
+ const keys = await this.getCacheKeys();
1610
+ if (!keys) return;
1611
+ for (const key of keys) {
1612
+ const entry = await this.cache.get(key);
1613
+ if (((_a = entry === null || entry === void 0 ? void 0 : entry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) === refreshToken) {
1614
+ delete entry.body.refresh_token;
1615
+ await this.cache.set(key, entry);
1616
+ }
1617
+ }
1618
+ }
1688
1619
  async clear(clientId) {
1689
- var _this$keyManifest4;
1620
+ var _a;
1690
1621
  const keys = await this.getCacheKeys();
1691
1622
  if (!keys) return;
1692
1623
  await keys.filter(key => clientId ? key.includes(clientId) : true).reduce(async (memo, key) => {
1693
1624
  await memo;
1694
1625
  await this.cache.remove(key);
1695
1626
  }, Promise.resolve());
1696
- await ((_this$keyManifest4 = this.keyManifest) === null || _this$keyManifest4 === void 0 ? void 0 : _this$keyManifest4.clear());
1627
+ await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.clear());
1697
1628
  }
1698
1629
  async wrapCacheEntry(entry) {
1699
1630
  const now = await this.nowProvider();
@@ -1704,9 +1635,9 @@
1704
1635
  };
1705
1636
  }
1706
1637
  async getCacheKeys() {
1638
+ var _a;
1707
1639
  if (this.keyManifest) {
1708
- var _await$this$keyManife;
1709
- return (_await$this$keyManife = await this.keyManifest.get()) === null || _await$this$keyManife === void 0 ? void 0 : _await$this$keyManife.keys;
1640
+ return (_a = await this.keyManifest.get()) === null || _a === void 0 ? void 0 : _a.keys;
1710
1641
  } else if (this.cache.allKeys) {
1711
1642
  return this.cache.allKeys();
1712
1643
  }
@@ -1718,34 +1649,50 @@
1718
1649
  }
1719
1650
  matchExistingCacheKey(keyToMatch, allKeys) {
1720
1651
  return allKeys.filter(key => {
1721
- var _keyToMatch$scope;
1652
+ var _a;
1722
1653
  const cacheKey = CacheKey.fromKey(key);
1723
1654
  const scopeSet = new Set(cacheKey.scope && cacheKey.scope.split(" "));
1724
- const scopesToMatch = ((_keyToMatch$scope = keyToMatch.scope) === null || _keyToMatch$scope === void 0 ? void 0 : _keyToMatch$scope.split(" ")) || [];
1655
+ const scopesToMatch = ((_a = keyToMatch.scope) === null || _a === void 0 ? void 0 : _a.split(" ")) || [];
1725
1656
  const hasAllScopes = cacheKey.scope && scopesToMatch.reduce((acc, current) => acc && scopeSet.has(current), true);
1726
1657
  return cacheKey.prefix === CACHE_KEY_PREFIX && cacheKey.clientId === keyToMatch.clientId && cacheKey.audience === keyToMatch.audience && hasAllScopes;
1727
1658
  })[0];
1728
1659
  }
1729
1660
  async getEntryWithRefreshToken(keyToMatch, allKeys) {
1661
+ var _a;
1730
1662
  for (const key of allKeys) {
1731
1663
  const cacheKey = CacheKey.fromKey(key);
1732
1664
  if (cacheKey.prefix === CACHE_KEY_PREFIX && cacheKey.clientId === keyToMatch.clientId) {
1733
- var _cachedEntry$body;
1734
1665
  const cachedEntry = await this.cache.get(key);
1735
- if (cachedEntry !== null && cachedEntry !== void 0 && (_cachedEntry$body = cachedEntry.body) !== null && _cachedEntry$body !== void 0 && _cachedEntry$body.refresh_token) {
1666
+ if ((_a = cachedEntry === null || cachedEntry === void 0 ? void 0 : cachedEntry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) {
1736
1667
  return this.modifiedCachedEntry(cachedEntry, keyToMatch);
1737
1668
  }
1738
1669
  }
1739
1670
  }
1740
1671
  return undefined;
1741
1672
  }
1673
+ async getRefreshTokensByAudience(audience, clientId) {
1674
+ var _a;
1675
+ const keys = await this.getCacheKeys();
1676
+ if (!keys) return [];
1677
+ const tokens = new Set;
1678
+ for (const key of keys) {
1679
+ const cacheKey = CacheKey.fromKey(key);
1680
+ if (cacheKey.prefix === CACHE_KEY_PREFIX && cacheKey.clientId === clientId && cacheKey.audience === audience) {
1681
+ const entry = await this.cache.get(key);
1682
+ if ((_a = entry === null || entry === void 0 ? void 0 : entry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) {
1683
+ tokens.add(entry.body.refresh_token);
1684
+ }
1685
+ }
1686
+ }
1687
+ return Array.from(tokens);
1688
+ }
1742
1689
  async updateEntry(oldRefreshToken, newRefreshToken) {
1690
+ var _a;
1743
1691
  const allKeys = await this.getCacheKeys();
1744
1692
  if (!allKeys) return;
1745
1693
  for (const key of allKeys) {
1746
- var _entry$body;
1747
1694
  const entry = await this.cache.get(key);
1748
- if ((entry === null || entry === void 0 || (_entry$body = entry.body) === null || _entry$body === void 0 ? void 0 : _entry$body.refresh_token) === oldRefreshToken) {
1695
+ if (((_a = entry === null || entry === void 0 ? void 0 : entry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) === oldRefreshToken) {
1749
1696
  entry.body.refresh_token = newRefreshToken;
1750
1697
  await this.cache.set(key, entry);
1751
1698
  }
@@ -1758,7 +1705,6 @@
1758
1705
  this.storage = storage;
1759
1706
  this.clientId = clientId;
1760
1707
  this.cookieDomain = cookieDomain;
1761
- _defineProperty(this, "storageKey", void 0);
1762
1708
  this.storageKey = "".concat(TRANSACTION_STORAGE_KEY_PREFIX, ".").concat(this.clientId);
1763
1709
  }
1764
1710
  create(transaction) {
@@ -1982,17 +1928,17 @@
1982
1928
  sameSite: "none"
1983
1929
  };
1984
1930
  }
1985
- if (options !== null && options !== void 0 && options.daysUntilExpire) {
1931
+ if (options === null || options === void 0 ? void 0 : options.daysUntilExpire) {
1986
1932
  cookieAttributes.expires = options.daysUntilExpire;
1987
1933
  }
1988
- if (options !== null && options !== void 0 && options.cookieDomain) {
1934
+ if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
1989
1935
  cookieAttributes.domain = options.cookieDomain;
1990
1936
  }
1991
1937
  set_1(key, JSON.stringify(value), cookieAttributes);
1992
1938
  },
1993
1939
  remove(key, options) {
1994
1940
  let cookieAttributes = {};
1995
- if (options !== null && options !== void 0 && options.cookieDomain) {
1941
+ if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
1996
1942
  cookieAttributes.domain = options.cookieDomain;
1997
1943
  }
1998
1944
  remove_1(key, cookieAttributes);
@@ -2014,10 +1960,10 @@
2014
1960
  secure: true
2015
1961
  };
2016
1962
  }
2017
- if (options !== null && options !== void 0 && options.daysUntilExpire) {
1963
+ if (options === null || options === void 0 ? void 0 : options.daysUntilExpire) {
2018
1964
  cookieAttributes.expires = options.daysUntilExpire;
2019
1965
  }
2020
- if (options !== null && options !== void 0 && options.cookieDomain) {
1966
+ if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
2021
1967
  cookieAttributes.domain = options.cookieDomain;
2022
1968
  }
2023
1969
  set_1("".concat(LEGACY_PREFIX).concat(key), JSON.stringify(value), cookieAttributes);
@@ -2025,7 +1971,7 @@
2025
1971
  },
2026
1972
  remove(key, options) {
2027
1973
  let cookieAttributes = {};
2028
- if (options !== null && options !== void 0 && options.cookieDomain) {
1974
+ if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
2029
1975
  cookieAttributes.domain = options.cookieDomain;
2030
1976
  }
2031
1977
  remove_1(key, cookieAttributes);
@@ -2051,35 +1997,12 @@
2051
1997
  sessionStorage.removeItem(key);
2052
1998
  }
2053
1999
  };
2054
- let ResponseType = function(ResponseType) {
2000
+ exports.ResponseType = void 0;
2001
+ (function(ResponseType) {
2055
2002
  ResponseType["Code"] = "code";
2056
2003
  ResponseType["ConnectCode"] = "connect_code";
2057
- return ResponseType;
2058
- }({});
2059
- class User {
2060
- constructor() {
2061
- _defineProperty(this, "name", void 0);
2062
- _defineProperty(this, "given_name", void 0);
2063
- _defineProperty(this, "family_name", void 0);
2064
- _defineProperty(this, "middle_name", void 0);
2065
- _defineProperty(this, "nickname", void 0);
2066
- _defineProperty(this, "preferred_username", void 0);
2067
- _defineProperty(this, "profile", void 0);
2068
- _defineProperty(this, "picture", void 0);
2069
- _defineProperty(this, "website", void 0);
2070
- _defineProperty(this, "email", void 0);
2071
- _defineProperty(this, "email_verified", void 0);
2072
- _defineProperty(this, "gender", void 0);
2073
- _defineProperty(this, "birthdate", void 0);
2074
- _defineProperty(this, "zoneinfo", void 0);
2075
- _defineProperty(this, "locale", void 0);
2076
- _defineProperty(this, "phone_number", void 0);
2077
- _defineProperty(this, "phone_number_verified", void 0);
2078
- _defineProperty(this, "address", void 0);
2079
- _defineProperty(this, "updated_at", void 0);
2080
- _defineProperty(this, "sub", void 0);
2081
- }
2082
- }
2004
+ })(exports.ResponseType || (exports.ResponseType = {}));
2005
+ class User {}
2083
2006
  function decodeBase64$1(base64, enableUnicode) {
2084
2007
  var binaryString = atob(base64);
2085
2008
  if (enableUnicode) {
@@ -2109,7 +2032,7 @@
2109
2032
  return new Worker(url, options);
2110
2033
  };
2111
2034
  }
2112
- var WorkerFactory = createBase64WorkerFactory("Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwooZnVuY3Rpb24oKSB7CiAgICAidXNlIHN0cmljdCI7CiAgICBmdW5jdGlvbiBfZGVmaW5lUHJvcGVydHkoZSwgciwgdCkgewogICAgICAgIHJldHVybiAociA9IF90b1Byb3BlcnR5S2V5KHIpKSBpbiBlID8gT2JqZWN0LmRlZmluZVByb3BlcnR5KGUsIHIsIHsKICAgICAgICAgICAgdmFsdWU6IHQsCiAgICAgICAgICAgIGVudW1lcmFibGU6ICEwLAogICAgICAgICAgICBjb25maWd1cmFibGU6ICEwLAogICAgICAgICAgICB3cml0YWJsZTogITAKICAgICAgICB9KSA6IGVbcl0gPSB0LCBlOwogICAgfQogICAgZnVuY3Rpb24gb3duS2V5cyhlLCByKSB7CiAgICAgICAgdmFyIHQgPSBPYmplY3Qua2V5cyhlKTsKICAgICAgICBpZiAoT2JqZWN0LmdldE93blByb3BlcnR5U3ltYm9scykgewogICAgICAgICAgICB2YXIgbyA9IE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMoZSk7CiAgICAgICAgICAgIHIgJiYgKG8gPSBvLmZpbHRlcihmdW5jdGlvbihyKSB7CiAgICAgICAgICAgICAgICByZXR1cm4gT2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcihlLCByKS5lbnVtZXJhYmxlOwogICAgICAgICAgICB9KSksIHQucHVzaC5hcHBseSh0LCBvKTsKICAgICAgICB9CiAgICAgICAgcmV0dXJuIHQ7CiAgICB9CiAgICBmdW5jdGlvbiBfb2JqZWN0U3ByZWFkMihlKSB7CiAgICAgICAgZm9yICh2YXIgciA9IDE7IHIgPCBhcmd1bWVudHMubGVuZ3RoOyByKyspIHsKICAgICAgICAgICAgdmFyIHQgPSBudWxsICE9IGFyZ3VtZW50c1tyXSA/IGFyZ3VtZW50c1tyXSA6IHt9OwogICAgICAgICAgICByICUgMiA/IG93bktleXMoT2JqZWN0KHQpLCAhMCkuZm9yRWFjaChmdW5jdGlvbihyKSB7CiAgICAgICAgICAgICAgICBfZGVmaW5lUHJvcGVydHkoZSwgciwgdFtyXSk7CiAgICAgICAgICAgIH0pIDogT2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcnMgPyBPYmplY3QuZGVmaW5lUHJvcGVydGllcyhlLCBPYmplY3QuZ2V0T3duUHJvcGVydHlEZXNjcmlwdG9ycyh0KSkgOiBvd25LZXlzKE9iamVjdCh0KSkuZm9yRWFjaChmdW5jdGlvbihyKSB7CiAgICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoZSwgciwgT2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcih0LCByKSk7CiAgICAgICAgICAgIH0pOwogICAgICAgIH0KICAgICAgICByZXR1cm4gZTsKICAgIH0KICAgIGZ1bmN0aW9uIF9vYmplY3RXaXRob3V0UHJvcGVydGllcyhlLCB0KSB7CiAgICAgICAgaWYgKG51bGwgPT0gZSkgcmV0dXJuIHt9OwogICAgICAgIHZhciBvLCByLCBpID0gX29iamVjdFdpdGhvdXRQcm9wZXJ0aWVzTG9vc2UoZSwgdCk7CiAgICAgICAgaWYgKE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMpIHsKICAgICAgICAgICAgdmFyIG4gPSBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzKGUpOwogICAgICAgICAgICBmb3IgKHIgPSAwOyByIDwgbi5sZW5ndGg7IHIrKykgbyA9IG5bcl0sIC0xID09PSB0LmluZGV4T2YobykgJiYge30ucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChlLCBvKSAmJiAoaVtvXSA9IGVbb10pOwogICAgICAgIH0KICAgICAgICByZXR1cm4gaTsKICAgIH0KICAgIGZ1bmN0aW9uIF9vYmplY3RXaXRob3V0UHJvcGVydGllc0xvb3NlKHIsIGUpIHsKICAgICAgICBpZiAobnVsbCA9PSByKSByZXR1cm4ge307CiAgICAgICAgdmFyIHQgPSB7fTsKICAgICAgICBmb3IgKHZhciBuIGluIHIpIGlmICh7fS5oYXNPd25Qcm9wZXJ0eS5jYWxsKHIsIG4pKSB7CiAgICAgICAgICAgIGlmICgtMSAhPT0gZS5pbmRleE9mKG4pKSBjb250aW51ZTsKICAgICAgICAgICAgdFtuXSA9IHJbbl07CiAgICAgICAgfQogICAgICAgIHJldHVybiB0OwogICAgfQogICAgZnVuY3Rpb24gX3RvUHJpbWl0aXZlKHQsIHIpIHsKICAgICAgICBpZiAoIm9iamVjdCIgIT0gdHlwZW9mIHQgfHwgIXQpIHJldHVybiB0OwogICAgICAgIHZhciBlID0gdFtTeW1ib2wudG9QcmltaXRpdmVdOwogICAgICAgIGlmICh2b2lkIDAgIT09IGUpIHsKICAgICAgICAgICAgdmFyIGkgPSBlLmNhbGwodCwgciB8fCAiZGVmYXVsdCIpOwogICAgICAgICAgICBpZiAoIm9iamVjdCIgIT0gdHlwZW9mIGkpIHJldHVybiBpOwogICAgICAgICAgICB0aHJvdyBuZXcgVHlwZUVycm9yKCJAQHRvUHJpbWl0aXZlIG11c3QgcmV0dXJuIGEgcHJpbWl0aXZlIHZhbHVlLiIpOwogICAgICAgIH0KICAgICAgICByZXR1cm4gKCJzdHJpbmciID09PSByID8gU3RyaW5nIDogTnVtYmVyKSh0KTsKICAgIH0KICAgIGZ1bmN0aW9uIF90b1Byb3BlcnR5S2V5KHQpIHsKICAgICAgICB2YXIgaSA9IF90b1ByaW1pdGl2ZSh0LCAic3RyaW5nIik7CiAgICAgICAgcmV0dXJuICJzeW1ib2wiID09IHR5cGVvZiBpID8gaSA6IGkgKyAiIjsKICAgIH0KICAgIGNsYXNzIEdlbmVyaWNFcnJvciBleHRlbmRzIEVycm9yIHsKICAgICAgICBjb25zdHJ1Y3RvcihlcnJvciwgZXJyb3JfZGVzY3JpcHRpb24pIHsKICAgICAgICAgICAgc3VwZXIoZXJyb3JfZGVzY3JpcHRpb24pOwogICAgICAgICAgICB0aGlzLmVycm9yID0gZXJyb3I7CiAgICAgICAgICAgIHRoaXMuZXJyb3JfZGVzY3JpcHRpb24gPSBlcnJvcl9kZXNjcmlwdGlvbjsKICAgICAgICAgICAgT2JqZWN0LnNldFByb3RvdHlwZU9mKHRoaXMsIEdlbmVyaWNFcnJvci5wcm90b3R5cGUpOwogICAgICAgIH0KICAgICAgICBzdGF0aWMgZnJvbVBheWxvYWQoX3JlZikgewogICAgICAgICAgICBsZXQge2Vycm9yOiBlcnJvciwgZXJyb3JfZGVzY3JpcHRpb246IGVycm9yX2Rlc2NyaXB0aW9ufSA9IF9yZWY7CiAgICAgICAgICAgIHJldHVybiBuZXcgR2VuZXJpY0Vycm9yKGVycm9yLCBlcnJvcl9kZXNjcmlwdGlvbik7CiAgICAgICAgfQogICAgfQogICAgY2xhc3MgTWlzc2luZ1JlZnJlc2hUb2tlbkVycm9yIGV4dGVuZHMgR2VuZXJpY0Vycm9yIHsKICAgICAgICBjb25zdHJ1Y3RvcihhdWRpZW5jZSwgc2NvcGUpIHsKICAgICAgICAgICAgc3VwZXIoIm1pc3NpbmdfcmVmcmVzaF90b2tlbiIsICJNaXNzaW5nIFJlZnJlc2ggVG9rZW4gKGF1ZGllbmNlOiAnIi5jb25jYXQodmFsdWVPckVtcHR5U3RyaW5nKGF1ZGllbmNlLCBbICJkZWZhdWx0IiBdKSwgIicsIHNjb3BlOiAnIikuY29uY2F0KHZhbHVlT3JFbXB0eVN0cmluZyhzY29wZSksICInKSIpKTsKICAgICAgICAgICAgdGhpcy5hdWRpZW5jZSA9IGF1ZGllbmNlOwogICAgICAgICAgICB0aGlzLnNjb3BlID0gc2NvcGU7CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICB9CiAgICBmdW5jdGlvbiB2YWx1ZU9yRW1wdHlTdHJpbmcodmFsdWUpIHsKICAgICAgICBsZXQgZXhjbHVkZSA9IGFyZ3VtZW50cy5sZW5ndGggPiAxICYmIGFyZ3VtZW50c1sxXSAhPT0gdW5kZWZpbmVkID8gYXJndW1lbnRzWzFdIDogW107CiAgICAgICAgcmV0dXJuIHZhbHVlICYmICFleGNsdWRlLmluY2x1ZGVzKHZhbHVlKSA/IHZhbHVlIDogIiI7CiAgICB9CiAgICBjb25zdCBfZXhjbHVkZWQgPSBbICJjbGllbnRJZCIgXTsKICAgIGNvbnN0IHN0cmlwVW5kZWZpbmVkID0gcGFyYW1zID0+IE9iamVjdC5rZXlzKHBhcmFtcykuZmlsdGVyKGsgPT4gdHlwZW9mIHBhcmFtc1trXSAhPT0gInVuZGVmaW5lZCIpLnJlZHVjZSgoYWNjLCBrZXkpID0+IF9vYmplY3RTcHJlYWQyKF9vYmplY3RTcHJlYWQyKHt9LCBhY2MpLCB7fSwgewogICAgICAgIFtrZXldOiBwYXJhbXNba2V5XQogICAgfSksIHt9KTsKICAgIGNvbnN0IGNyZWF0ZVF1ZXJ5UGFyYW1zID0gX3JlZiA9PiB7CiAgICAgICAgbGV0IHtjbGllbnRJZDogY2xpZW50X2lkfSA9IF9yZWYsIHBhcmFtcyA9IF9vYmplY3RXaXRob3V0UHJvcGVydGllcyhfcmVmLCBfZXhjbHVkZWQpOwogICAgICAgIHJldHVybiBuZXcgVVJMU2VhcmNoUGFyYW1zKHN0cmlwVW5kZWZpbmVkKF9vYmplY3RTcHJlYWQyKHsKICAgICAgICAgICAgY2xpZW50X2lkOiBjbGllbnRfaWQKICAgICAgICB9LCBwYXJhbXMpKSkudG9TdHJpbmcoKTsKICAgIH07CiAgICBjb25zdCBmcm9tRW50cmllcyA9IGl0ZXJhYmxlID0+IFsgLi4uaXRlcmFibGUgXS5yZWR1Y2UoKG9iaiwgX3JlZjIpID0+IHsKICAgICAgICBsZXQgW2tleSwgdmFsXSA9IF9yZWYyOwogICAgICAgIG9ialtrZXldID0gdmFsOwogICAgICAgIHJldHVybiBvYmo7CiAgICB9LCB7fSk7CiAgICBsZXQgcmVmcmVzaFRva2VucyA9IHt9OwogICAgbGV0IGFsbG93ZWRCYXNlVXJsID0gbnVsbDsKICAgIGNvbnN0IGNhY2hlS2V5ID0gKGF1ZGllbmNlLCBzY29wZSkgPT4gIiIuY29uY2F0KGF1ZGllbmNlLCAifCIpLmNvbmNhdChzY29wZSk7CiAgICBjb25zdCBjYWNoZUtleUNvbnRhaW5zQXVkaWVuY2UgPSAoYXVkaWVuY2UsIGNhY2hlS2V5KSA9PiBjYWNoZUtleS5zdGFydHNXaXRoKCIiLmNvbmNhdChhdWRpZW5jZSwgInwiKSk7CiAgICBjb25zdCBnZXRSZWZyZXNoVG9rZW4gPSAoYXVkaWVuY2UsIHNjb3BlKSA9PiByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldOwogICAgY29uc3Qgc2V0UmVmcmVzaFRva2VuID0gKHJlZnJlc2hUb2tlbiwgYXVkaWVuY2UsIHNjb3BlKSA9PiByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldID0gcmVmcmVzaFRva2VuOwogICAgY29uc3QgZGVsZXRlUmVmcmVzaFRva2VuID0gKGF1ZGllbmNlLCBzY29wZSkgPT4gZGVsZXRlIHJlZnJlc2hUb2tlbnNbY2FjaGVLZXkoYXVkaWVuY2UsIHNjb3BlKV07CiAgICBjb25zdCB3YWl0ID0gdGltZSA9PiBuZXcgUHJvbWlzZShyZXNvbHZlID0+IHNldFRpbWVvdXQocmVzb2x2ZSwgdGltZSkpOwogICAgY29uc3QgZm9ybURhdGFUb09iamVjdCA9IGZvcm1EYXRhID0+IHsKICAgICAgICBjb25zdCBxdWVyeVBhcmFtcyA9IG5ldyBVUkxTZWFyY2hQYXJhbXMoZm9ybURhdGEpOwogICAgICAgIGNvbnN0IHBhcnNlZFF1ZXJ5ID0ge307CiAgICAgICAgcXVlcnlQYXJhbXMuZm9yRWFjaCgodmFsLCBrZXkpID0+IHsKICAgICAgICAgICAgcGFyc2VkUXVlcnlba2V5XSA9IHZhbDsKICAgICAgICB9KTsKICAgICAgICByZXR1cm4gcGFyc2VkUXVlcnk7CiAgICB9OwogICAgY29uc3QgdXBkYXRlUmVmcmVzaFRva2VucyA9IChvbGRSZWZyZXNoVG9rZW4sIG5ld1JlZnJlc2hUb2tlbikgPT4gewogICAgICAgIE9iamVjdC5lbnRyaWVzKHJlZnJlc2hUb2tlbnMpLmZvckVhY2goX3JlZiA9PiB7CiAgICAgICAgICAgIGxldCBba2V5LCB0b2tlbl0gPSBfcmVmOwogICAgICAgICAgICBpZiAodG9rZW4gPT09IG9sZFJlZnJlc2hUb2tlbikgewogICAgICAgICAgICAgICAgcmVmcmVzaFRva2Vuc1trZXldID0gbmV3UmVmcmVzaFRva2VuOwogICAgICAgICAgICB9CiAgICAgICAgfSk7CiAgICB9OwogICAgY29uc3QgY2hlY2tEb3duc2NvcGluZyA9IChzY29wZSwgYXVkaWVuY2UpID0+IHsKICAgICAgICBjb25zdCBmaW5kQ29pbmNpZGVuY2UgPSBPYmplY3Qua2V5cyhyZWZyZXNoVG9rZW5zKS5maW5kKGtleSA9PiB7CiAgICAgICAgICAgIGlmIChrZXkgIT09ICJsYXRlc3RfcmVmcmVzaF90b2tlbiIpIHsKICAgICAgICAgICAgICAgIGNvbnN0IGlzU2FtZUF1ZGllbmNlID0gY2FjaGVLZXlDb250YWluc0F1ZGllbmNlKGF1ZGllbmNlLCBrZXkpOwogICAgICAgICAgICAgICAgY29uc3Qgc2NvcGVzS2V5ID0ga2V5LnNwbGl0KCJ8IilbMV0uc3BsaXQoIiAiKTsKICAgICAgICAgICAgICAgIGNvbnN0IHJlcXVlc3RlZFNjb3BlcyA9IHNjb3BlLnNwbGl0KCIgIik7CiAgICAgICAgICAgICAgICBjb25zdCBzY29wZXNBcmVJbmNsdWRlZCA9IHJlcXVlc3RlZFNjb3Blcy5ldmVyeShrZXkgPT4gc2NvcGVzS2V5LmluY2x1ZGVzKGtleSkpOwogICAgICAgICAgICAgICAgcmV0dXJuIGlzU2FtZUF1ZGllbmNlICYmIHNjb3Blc0FyZUluY2x1ZGVkOwogICAgICAgICAgICB9CiAgICAgICAgfSk7CiAgICAgICAgcmV0dXJuIGZpbmRDb2luY2lkZW5jZSA/IHRydWUgOiBmYWxzZTsKICAgIH07CiAgICBjb25zdCBtZXNzYWdlSGFuZGxlciA9IGFzeW5jIF9yZWYyID0+IHsKICAgICAgICBsZXQge2RhdGE6IHt0aW1lb3V0OiB0aW1lb3V0LCBhdXRoOiBhdXRoLCBmZXRjaFVybDogZmV0Y2hVcmwsIGZldGNoT3B0aW9uczogZmV0Y2hPcHRpb25zLCB1c2VGb3JtRGF0YTogdXNlRm9ybURhdGEsIHVzZU1ycnQ6IHVzZU1ycnR9LCBwb3J0czogW3BvcnRdfSA9IF9yZWYyOwogICAgICAgIGxldCBoZWFkZXJzID0ge307CiAgICAgICAgbGV0IGpzb247CiAgICAgICAgbGV0IHJlZnJlc2hUb2tlbjsKICAgICAgICBjb25zdCB7YXVkaWVuY2U6IGF1ZGllbmNlLCBzY29wZTogc2NvcGV9ID0gYXV0aCB8fCB7fTsKICAgICAgICB0cnkgewogICAgICAgICAgICBjb25zdCBib2R5ID0gdXNlRm9ybURhdGEgPyBmb3JtRGF0YVRvT2JqZWN0KGZldGNoT3B0aW9ucy5ib2R5KSA6IEpTT04ucGFyc2UoZmV0Y2hPcHRpb25zLmJvZHkpOwogICAgICAgICAgICBpZiAoIWJvZHkucmVmcmVzaF90b2tlbiAmJiBib2R5LmdyYW50X3R5cGUgPT09ICJyZWZyZXNoX3Rva2VuIikgewogICAgICAgICAgICAgICAgcmVmcmVzaFRva2VuID0gZ2V0UmVmcmVzaFRva2VuKGF1ZGllbmNlLCBzY29wZSk7CiAgICAgICAgICAgICAgICBpZiAoIXJlZnJlc2hUb2tlbiAmJiB1c2VNcnJ0KSB7CiAgICAgICAgICAgICAgICAgICAgY29uc3QgbGF0ZXN0UmVmcmVzaFRva2VuID0gcmVmcmVzaFRva2Vuc1sibGF0ZXN0X3JlZnJlc2hfdG9rZW4iXTsKICAgICAgICAgICAgICAgICAgICBjb25zdCBpc0Rvd25zY29waW5nID0gY2hlY2tEb3duc2NvcGluZyhzY29wZSwgYXVkaWVuY2UpOwogICAgICAgICAgICAgICAgICAgIGlmIChsYXRlc3RSZWZyZXNoVG9rZW4gJiYgIWlzRG93bnNjb3BpbmcpIHsKICAgICAgICAgICAgICAgICAgICAgICAgcmVmcmVzaFRva2VuID0gbGF0ZXN0UmVmcmVzaFRva2VuOwogICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIGlmICghcmVmcmVzaFRva2VuKSB7CiAgICAgICAgICAgICAgICAgICAgdGhyb3cgbmV3IE1pc3NpbmdSZWZyZXNoVG9rZW5FcnJvcihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgZmV0Y2hPcHRpb25zLmJvZHkgPSB1c2VGb3JtRGF0YSA/IGNyZWF0ZVF1ZXJ5UGFyYW1zKF9vYmplY3RTcHJlYWQyKF9vYmplY3RTcHJlYWQyKHt9LCBib2R5KSwge30sIHsKICAgICAgICAgICAgICAgICAgICByZWZyZXNoX3Rva2VuOiByZWZyZXNoVG9rZW4KICAgICAgICAgICAgICAgIH0pKSA6IEpTT04uc3RyaW5naWZ5KF9vYmplY3RTcHJlYWQyKF9vYmplY3RTcHJlYWQyKHt9LCBib2R5KSwge30sIHsKICAgICAgICAgICAgICAgICAgICByZWZyZXNoX3Rva2VuOiByZWZyZXNoVG9rZW4KICAgICAgICAgICAgICAgIH0pKTsKICAgICAgICAgICAgfQogICAgICAgICAgICBsZXQgYWJvcnRDb250cm9sbGVyOwogICAgICAgICAgICBpZiAodHlwZW9mIEFib3J0Q29udHJvbGxlciA9PT0gImZ1bmN0aW9uIikgewogICAgICAgICAgICAgICAgYWJvcnRDb250cm9sbGVyID0gbmV3IEFib3J0Q29udHJvbGxlcjsKICAgICAgICAgICAgICAgIGZldGNoT3B0aW9ucy5zaWduYWwgPSBhYm9ydENvbnRyb2xsZXIuc2lnbmFsOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGxldCByZXNwb25zZTsKICAgICAgICAgICAgdHJ5IHsKICAgICAgICAgICAgICAgIHJlc3BvbnNlID0gYXdhaXQgUHJvbWlzZS5yYWNlKFsgd2FpdCh0aW1lb3V0KSwgZmV0Y2goZmV0Y2hVcmwsIF9vYmplY3RTcHJlYWQyKHt9LCBmZXRjaE9wdGlvbnMpKSBdKTsKICAgICAgICAgICAgfSBjYXRjaCAoZXJyb3IpIHsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIGVycm9yOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgfQogICAgICAgICAgICBpZiAoIXJlc3BvbnNlKSB7CiAgICAgICAgICAgICAgICBpZiAoYWJvcnRDb250cm9sbGVyKSBhYm9ydENvbnRyb2xsZXIuYWJvcnQoKTsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIGVycm9yOiAiVGltZW91dCB3aGVuIGV4ZWN1dGluZyAnZmV0Y2gnIgogICAgICAgICAgICAgICAgfSk7CiAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgIH0KICAgICAgICAgICAgaGVhZGVycyA9IGZyb21FbnRyaWVzKHJlc3BvbnNlLmhlYWRlcnMpOwogICAgICAgICAgICBqc29uID0gYXdhaXQgcmVzcG9uc2UuanNvbigpOwogICAgICAgICAgICBpZiAoanNvbi5yZWZyZXNoX3Rva2VuKSB7CiAgICAgICAgICAgICAgICBpZiAodXNlTXJydCkgewogICAgICAgICAgICAgICAgICAgIHJlZnJlc2hUb2tlbnNbImxhdGVzdF9yZWZyZXNoX3Rva2VuIl0gPSBqc29uLnJlZnJlc2hfdG9rZW47CiAgICAgICAgICAgICAgICAgICAgdXBkYXRlUmVmcmVzaFRva2VucyhyZWZyZXNoVG9rZW4sIGpzb24ucmVmcmVzaF90b2tlbik7CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICBzZXRSZWZyZXNoVG9rZW4oanNvbi5yZWZyZXNoX3Rva2VuLCBhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgZGVsZXRlIGpzb24ucmVmcmVzaF90b2tlbjsKICAgICAgICAgICAgfSBlbHNlIHsKICAgICAgICAgICAgICAgIGRlbGV0ZVJlZnJlc2hUb2tlbihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICB9CiAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgb2s6IHJlc3BvbnNlLm9rLAogICAgICAgICAgICAgICAganNvbjoganNvbiwKICAgICAgICAgICAgICAgIGhlYWRlcnM6IGhlYWRlcnMKICAgICAgICAgICAgfSk7CiAgICAgICAgfSBjYXRjaCAoZXJyb3IpIHsKICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICBvazogZmFsc2UsCiAgICAgICAgICAgICAgICBqc29uOiB7CiAgICAgICAgICAgICAgICAgICAgZXJyb3I6IGVycm9yLmVycm9yLAogICAgICAgICAgICAgICAgICAgIGVycm9yX2Rlc2NyaXB0aW9uOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICB9LAogICAgICAgICAgICAgICAgaGVhZGVyczogaGVhZGVycwogICAgICAgICAgICB9KTsKICAgICAgICB9CiAgICB9OwogICAgY29uc3QgaXNBdXRob3JpemVkV29ya2VyUmVxdWVzdCA9IHdvcmtlclJlcXVlc3QgPT4gewogICAgICAgIGlmICghYWxsb3dlZEJhc2VVcmwpIHsKICAgICAgICAgICAgcmV0dXJuIGZhbHNlOwogICAgICAgIH0KICAgICAgICB0cnkgewogICAgICAgICAgICBjb25zdCBhbGxvd2VkQmFzZU9yaWdpbiA9IG5ldyBVUkwoYWxsb3dlZEJhc2VVcmwpLm9yaWdpbjsKICAgICAgICAgICAgY29uc3QgcmVxdWVzdGVkVXJsID0gbmV3IFVSTCh3b3JrZXJSZXF1ZXN0LmZldGNoVXJsKTsKICAgICAgICAgICAgcmV0dXJuIHJlcXVlc3RlZFVybC5vcmlnaW4gPT09IGFsbG93ZWRCYXNlT3JpZ2luICYmIHJlcXVlc3RlZFVybC5wYXRobmFtZSA9PT0gIi9vYXV0aC90b2tlbiI7CiAgICAgICAgfSBjYXRjaCAoX3VudXNlZCkgewogICAgICAgICAgICByZXR1cm4gZmFsc2U7CiAgICAgICAgfQogICAgfTsKICAgIGNvbnN0IG1lc3NhZ2VSb3V0ZXIgPSBldmVudCA9PiB7CiAgICAgICAgY29uc3Qge2RhdGE6IGRhdGEsIHBvcnRzOiBwb3J0c30gPSBldmVudDsKICAgICAgICBjb25zdCBbcG9ydF0gPSBwb3J0czsKICAgICAgICBpZiAoInR5cGUiIGluIGRhdGEgJiYgZGF0YS50eXBlID09PSAiaW5pdCIpIHsKICAgICAgICAgICAgaWYgKGFsbG93ZWRCYXNlVXJsID09PSBudWxsKSB7CiAgICAgICAgICAgICAgICB0cnkgewogICAgICAgICAgICAgICAgICAgIG5ldyBVUkwoZGF0YS5hbGxvd2VkQmFzZVVybCk7CiAgICAgICAgICAgICAgICAgICAgYWxsb3dlZEJhc2VVcmwgPSBkYXRhLmFsbG93ZWRCYXNlVXJsOwogICAgICAgICAgICAgICAgfSBjYXRjaCAoX3VudXNlZDIpIHsKICAgICAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgIH0KICAgICAgICAgICAgcmV0dXJuOwogICAgICAgIH0KICAgICAgICBpZiAoISgiZmV0Y2hVcmwiIGluIGRhdGEpIHx8ICFpc0F1dGhvcml6ZWRXb3JrZXJSZXF1ZXN0KGRhdGEpKSB7CiAgICAgICAgICAgIHBvcnQgPT09IG51bGwgfHwgcG9ydCA9PT0gdm9pZCAwIHx8IHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgb2s6IGZhbHNlLAogICAgICAgICAgICAgICAganNvbjogewogICAgICAgICAgICAgICAgICAgIGVycm9yOiAiaW52YWxpZF9mZXRjaF91cmwiLAogICAgICAgICAgICAgICAgICAgIGVycm9yX2Rlc2NyaXB0aW9uOiAiVW5hdXRob3JpemVkIGZldGNoIFVSTCIKICAgICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgICBoZWFkZXJzOiB7fQogICAgICAgICAgICB9KTsKICAgICAgICAgICAgcmV0dXJuOwogICAgICAgIH0KICAgICAgICBtZXNzYWdlSGFuZGxlcihldmVudCk7CiAgICB9OwogICAgewogICAgICAgIGFkZEV2ZW50TGlzdGVuZXIoIm1lc3NhZ2UiLCBtZXNzYWdlUm91dGVyKTsKICAgIH0KfSkoKTsKCg==", null, false);
2035
+ var WorkerFactory = createBase64WorkerFactory("Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwooZnVuY3Rpb24oKSB7CiAgICAidXNlIHN0cmljdCI7CiAgICBjbGFzcyBHZW5lcmljRXJyb3IgZXh0ZW5kcyBFcnJvciB7CiAgICAgICAgY29uc3RydWN0b3IoZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uKSB7CiAgICAgICAgICAgIHN1cGVyKGVycm9yX2Rlc2NyaXB0aW9uKTsKICAgICAgICAgICAgdGhpcy5lcnJvciA9IGVycm9yOwogICAgICAgICAgICB0aGlzLmVycm9yX2Rlc2NyaXB0aW9uID0gZXJyb3JfZGVzY3JpcHRpb247CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBHZW5lcmljRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICAgICAgc3RhdGljIGZyb21QYXlsb2FkKF9yZWYpIHsKICAgICAgICAgICAgbGV0IHtlcnJvcjogZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uOiBlcnJvcl9kZXNjcmlwdGlvbn0gPSBfcmVmOwogICAgICAgICAgICByZXR1cm4gbmV3IEdlbmVyaWNFcnJvcihlcnJvciwgZXJyb3JfZGVzY3JpcHRpb24pOwogICAgICAgIH0KICAgIH0KICAgIGNsYXNzIE1pc3NpbmdSZWZyZXNoVG9rZW5FcnJvciBleHRlbmRzIEdlbmVyaWNFcnJvciB7CiAgICAgICAgY29uc3RydWN0b3IoYXVkaWVuY2UsIHNjb3BlKSB7CiAgICAgICAgICAgIHN1cGVyKCJtaXNzaW5nX3JlZnJlc2hfdG9rZW4iLCAiTWlzc2luZyBSZWZyZXNoIFRva2VuIChhdWRpZW5jZTogJyIuY29uY2F0KHZhbHVlT3JFbXB0eVN0cmluZyhhdWRpZW5jZSwgWyAiZGVmYXVsdCIgXSksICInLCBzY29wZTogJyIpLmNvbmNhdCh2YWx1ZU9yRW1wdHlTdHJpbmcoc2NvcGUpLCAiJykiKSk7CiAgICAgICAgICAgIHRoaXMuYXVkaWVuY2UgPSBhdWRpZW5jZTsKICAgICAgICAgICAgdGhpcy5zY29wZSA9IHNjb3BlOwogICAgICAgICAgICBPYmplY3Quc2V0UHJvdG90eXBlT2YodGhpcywgTWlzc2luZ1JlZnJlc2hUb2tlbkVycm9yLnByb3RvdHlwZSk7CiAgICAgICAgfQogICAgfQogICAgZnVuY3Rpb24gdmFsdWVPckVtcHR5U3RyaW5nKHZhbHVlKSB7CiAgICAgICAgbGV0IGV4Y2x1ZGUgPSBhcmd1bWVudHMubGVuZ3RoID4gMSAmJiBhcmd1bWVudHNbMV0gIT09IHVuZGVmaW5lZCA/IGFyZ3VtZW50c1sxXSA6IFtdOwogICAgICAgIHJldHVybiB2YWx1ZSAmJiAhZXhjbHVkZS5pbmNsdWRlcyh2YWx1ZSkgPyB2YWx1ZSA6ICIiOwogICAgfQogICAgZnVuY3Rpb24gX19yZXN0KHMsIGUpIHsKICAgICAgICB2YXIgdCA9IHt9OwogICAgICAgIGZvciAodmFyIHAgaW4gcykgaWYgKE9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChzLCBwKSAmJiBlLmluZGV4T2YocCkgPCAwKSB0W3BdID0gc1twXTsKICAgICAgICBpZiAocyAhPSBudWxsICYmIHR5cGVvZiBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzID09PSAiZnVuY3Rpb24iKSBmb3IgKHZhciBpID0gMCwgcCA9IE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMocyk7IGkgPCBwLmxlbmd0aDsgaSsrKSB7CiAgICAgICAgICAgIGlmIChlLmluZGV4T2YocFtpXSkgPCAwICYmIE9iamVjdC5wcm90b3R5cGUucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChzLCBwW2ldKSkgdFtwW2ldXSA9IHNbcFtpXV07CiAgICAgICAgfQogICAgICAgIHJldHVybiB0OwogICAgfQogICAgdHlwZW9mIFN1cHByZXNzZWRFcnJvciA9PT0gImZ1bmN0aW9uIiA/IFN1cHByZXNzZWRFcnJvciA6IGZ1bmN0aW9uKGVycm9yLCBzdXBwcmVzc2VkLCBtZXNzYWdlKSB7CiAgICAgICAgdmFyIGUgPSBuZXcgRXJyb3IobWVzc2FnZSk7CiAgICAgICAgcmV0dXJuIGUubmFtZSA9ICJTdXBwcmVzc2VkRXJyb3IiLCBlLmVycm9yID0gZXJyb3IsIGUuc3VwcHJlc3NlZCA9IHN1cHByZXNzZWQsIGU7CiAgICB9OwogICAgY29uc3Qgc3RyaXBVbmRlZmluZWQgPSBwYXJhbXMgPT4gT2JqZWN0LmtleXMocGFyYW1zKS5maWx0ZXIoayA9PiB0eXBlb2YgcGFyYW1zW2tdICE9PSAidW5kZWZpbmVkIikucmVkdWNlKChhY2MsIGtleSkgPT4gT2JqZWN0LmFzc2lnbihPYmplY3QuYXNzaWduKHt9LCBhY2MpLCB7CiAgICAgICAgW2tleV06IHBhcmFtc1trZXldCiAgICB9KSwge30pOwogICAgY29uc3QgY3JlYXRlUXVlcnlQYXJhbXMgPSBfYSA9PiB7CiAgICAgICAgdmFyIHtjbGllbnRJZDogY2xpZW50X2lkfSA9IF9hLCBwYXJhbXMgPSBfX3Jlc3QoX2EsIFsgImNsaWVudElkIiBdKTsKICAgICAgICByZXR1cm4gbmV3IFVSTFNlYXJjaFBhcmFtcyhzdHJpcFVuZGVmaW5lZChPYmplY3QuYXNzaWduKHsKICAgICAgICAgICAgY2xpZW50X2lkOiBjbGllbnRfaWQKICAgICAgICB9LCBwYXJhbXMpKSkudG9TdHJpbmcoKTsKICAgIH07CiAgICBjb25zdCBmcm9tRW50cmllcyA9IGl0ZXJhYmxlID0+IFsgLi4uaXRlcmFibGUgXS5yZWR1Y2UoKG9iaiwgX3JlZikgPT4gewogICAgICAgIGxldCBba2V5LCB2YWxdID0gX3JlZjsKICAgICAgICBvYmpba2V5XSA9IHZhbDsKICAgICAgICByZXR1cm4gb2JqOwogICAgfSwge30pOwogICAgbGV0IHJlZnJlc2hUb2tlbnMgPSB7fTsKICAgIGxldCBhbGxvd2VkQmFzZVVybCA9IG51bGw7CiAgICBjb25zdCBjYWNoZUtleSA9IChhdWRpZW5jZSwgc2NvcGUpID0+ICIiLmNvbmNhdChhdWRpZW5jZSwgInwiKS5jb25jYXQoc2NvcGUpOwogICAgY29uc3QgY2FjaGVLZXlDb250YWluc0F1ZGllbmNlID0gKGF1ZGllbmNlLCBjYWNoZUtleSkgPT4gY2FjaGVLZXkuc3RhcnRzV2l0aCgiIi5jb25jYXQoYXVkaWVuY2UsICJ8IikpOwogICAgY29uc3QgZ2V0UmVmcmVzaFRva2VuID0gKGF1ZGllbmNlLCBzY29wZSkgPT4gcmVmcmVzaFRva2Vuc1tjYWNoZUtleShhdWRpZW5jZSwgc2NvcGUpXTsKICAgIGNvbnN0IHNldFJlZnJlc2hUb2tlbiA9IChyZWZyZXNoVG9rZW4sIGF1ZGllbmNlLCBzY29wZSkgPT4gcmVmcmVzaFRva2Vuc1tjYWNoZUtleShhdWRpZW5jZSwgc2NvcGUpXSA9IHJlZnJlc2hUb2tlbjsKICAgIGNvbnN0IGRlbGV0ZVJlZnJlc2hUb2tlbiA9IChhdWRpZW5jZSwgc2NvcGUpID0+IGRlbGV0ZSByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldOwogICAgY29uc3QgZ2V0UmVmcmVzaFRva2Vuc0J5QXVkaWVuY2UgPSBhdWRpZW5jZSA9PiB7CiAgICAgICAgY29uc3Qgc2VlbiA9IG5ldyBTZXQ7CiAgICAgICAgT2JqZWN0LmVudHJpZXMocmVmcmVzaFRva2VucykuZm9yRWFjaChfcmVmID0+IHsKICAgICAgICAgICAgbGV0IFtrZXksIHRva2VuXSA9IF9yZWY7CiAgICAgICAgICAgIGlmIChjYWNoZUtleUNvbnRhaW5zQXVkaWVuY2UoYXVkaWVuY2UsIGtleSkpIHsKICAgICAgICAgICAgICAgIHNlZW4uYWRkKHRva2VuKTsKICAgICAgICAgICAgfQogICAgICAgIH0pOwogICAgICAgIHJldHVybiBBcnJheS5mcm9tKHNlZW4pOwogICAgfTsKICAgIGNvbnN0IGRlbGV0ZVJlZnJlc2hUb2tlbnNCeVZhbHVlID0gcmVmcmVzaFRva2VuID0+IHsKICAgICAgICBPYmplY3QuZW50cmllcyhyZWZyZXNoVG9rZW5zKS5mb3JFYWNoKF9yZWYyID0+IHsKICAgICAgICAgICAgbGV0IFtrZXksIHRva2VuXSA9IF9yZWYyOwogICAgICAgICAgICBpZiAodG9rZW4gPT09IHJlZnJlc2hUb2tlbikgewogICAgICAgICAgICAgICAgZGVsZXRlIHJlZnJlc2hUb2tlbnNba2V5XTsKICAgICAgICAgICAgfQogICAgICAgIH0pOwogICAgfTsKICAgIGNvbnN0IHdhaXQgPSB0aW1lID0+IG5ldyBQcm9taXNlKHJlc29sdmUgPT4gc2V0VGltZW91dChyZXNvbHZlLCB0aW1lKSk7CiAgICBjb25zdCBmb3JtRGF0YVRvT2JqZWN0ID0gZm9ybURhdGEgPT4gewogICAgICAgIGNvbnN0IHF1ZXJ5UGFyYW1zID0gbmV3IFVSTFNlYXJjaFBhcmFtcyhmb3JtRGF0YSk7CiAgICAgICAgY29uc3QgcGFyc2VkUXVlcnkgPSB7fTsKICAgICAgICBxdWVyeVBhcmFtcy5mb3JFYWNoKCh2YWwsIGtleSkgPT4gewogICAgICAgICAgICBwYXJzZWRRdWVyeVtrZXldID0gdmFsOwogICAgICAgIH0pOwogICAgICAgIHJldHVybiBwYXJzZWRRdWVyeTsKICAgIH07CiAgICBjb25zdCB1cGRhdGVSZWZyZXNoVG9rZW5zID0gKG9sZFJlZnJlc2hUb2tlbiwgbmV3UmVmcmVzaFRva2VuKSA9PiB7CiAgICAgICAgT2JqZWN0LmVudHJpZXMocmVmcmVzaFRva2VucykuZm9yRWFjaChfcmVmMyA9PiB7CiAgICAgICAgICAgIGxldCBba2V5LCB0b2tlbl0gPSBfcmVmMzsKICAgICAgICAgICAgaWYgKHRva2VuID09PSBvbGRSZWZyZXNoVG9rZW4pIHsKICAgICAgICAgICAgICAgIHJlZnJlc2hUb2tlbnNba2V5XSA9IG5ld1JlZnJlc2hUb2tlbjsKICAgICAgICAgICAgfQogICAgICAgIH0pOwogICAgfTsKICAgIGNvbnN0IGNoZWNrRG93bnNjb3BpbmcgPSAoc2NvcGUsIGF1ZGllbmNlKSA9PiB7CiAgICAgICAgY29uc3QgZmluZENvaW5jaWRlbmNlID0gT2JqZWN0LmtleXMocmVmcmVzaFRva2VucykuZmluZChrZXkgPT4gewogICAgICAgICAgICBpZiAoa2V5ICE9PSAibGF0ZXN0X3JlZnJlc2hfdG9rZW4iKSB7CiAgICAgICAgICAgICAgICBjb25zdCBpc1NhbWVBdWRpZW5jZSA9IGNhY2hlS2V5Q29udGFpbnNBdWRpZW5jZShhdWRpZW5jZSwga2V5KTsKICAgICAgICAgICAgICAgIGNvbnN0IHNjb3Blc0tleSA9IGtleS5zcGxpdCgifCIpWzFdLnNwbGl0KCIgIik7CiAgICAgICAgICAgICAgICBjb25zdCByZXF1ZXN0ZWRTY29wZXMgPSBzY29wZS5zcGxpdCgiICIpOwogICAgICAgICAgICAgICAgY29uc3Qgc2NvcGVzQXJlSW5jbHVkZWQgPSByZXF1ZXN0ZWRTY29wZXMuZXZlcnkoa2V5ID0+IHNjb3Blc0tleS5pbmNsdWRlcyhrZXkpKTsKICAgICAgICAgICAgICAgIHJldHVybiBpc1NhbWVBdWRpZW5jZSAmJiBzY29wZXNBcmVJbmNsdWRlZDsKICAgICAgICAgICAgfQogICAgICAgIH0pOwogICAgICAgIHJldHVybiBmaW5kQ29pbmNpZGVuY2UgPyB0cnVlIDogZmFsc2U7CiAgICB9OwogICAgY29uc3QgbWVzc2FnZUhhbmRsZXIgPSBhc3luYyBfcmVmNCA9PiB7CiAgICAgICAgbGV0IHtkYXRhOiB7dGltZW91dDogdGltZW91dCwgYXV0aDogYXV0aCwgZmV0Y2hVcmw6IGZldGNoVXJsLCBmZXRjaE9wdGlvbnM6IGZldGNoT3B0aW9ucywgdXNlRm9ybURhdGE6IHVzZUZvcm1EYXRhLCB1c2VNcnJ0OiB1c2VNcnJ0fSwgcG9ydHM6IFtwb3J0XX0gPSBfcmVmNDsKICAgICAgICBsZXQgaGVhZGVycyA9IHt9OwogICAgICAgIGxldCBqc29uOwogICAgICAgIGxldCByZWZyZXNoVG9rZW47CiAgICAgICAgY29uc3Qge2F1ZGllbmNlOiBhdWRpZW5jZSwgc2NvcGU6IHNjb3BlfSA9IGF1dGggfHwge307CiAgICAgICAgdHJ5IHsKICAgICAgICAgICAgY29uc3QgYm9keSA9IHVzZUZvcm1EYXRhID8gZm9ybURhdGFUb09iamVjdChmZXRjaE9wdGlvbnMuYm9keSkgOiBKU09OLnBhcnNlKGZldGNoT3B0aW9ucy5ib2R5KTsKICAgICAgICAgICAgaWYgKCFib2R5LnJlZnJlc2hfdG9rZW4gJiYgYm9keS5ncmFudF90eXBlID09PSAicmVmcmVzaF90b2tlbiIpIHsKICAgICAgICAgICAgICAgIHJlZnJlc2hUb2tlbiA9IGdldFJlZnJlc2hUb2tlbihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgaWYgKCFyZWZyZXNoVG9rZW4gJiYgdXNlTXJydCkgewogICAgICAgICAgICAgICAgICAgIGNvbnN0IGxhdGVzdFJlZnJlc2hUb2tlbiA9IHJlZnJlc2hUb2tlbnNbImxhdGVzdF9yZWZyZXNoX3Rva2VuIl07CiAgICAgICAgICAgICAgICAgICAgY29uc3QgaXNEb3duc2NvcGluZyA9IGNoZWNrRG93bnNjb3Bpbmcoc2NvcGUsIGF1ZGllbmNlKTsKICAgICAgICAgICAgICAgICAgICBpZiAobGF0ZXN0UmVmcmVzaFRva2VuICYmICFpc0Rvd25zY29waW5nKSB7CiAgICAgICAgICAgICAgICAgICAgICAgIHJlZnJlc2hUb2tlbiA9IGxhdGVzdFJlZnJlc2hUb2tlbjsKICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICBpZiAoIXJlZnJlc2hUb2tlbikgewogICAgICAgICAgICAgICAgICAgIHRocm93IG5ldyBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IoYXVkaWVuY2UsIHNjb3BlKTsKICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIGZldGNoT3B0aW9ucy5ib2R5ID0gdXNlRm9ybURhdGEgPyBjcmVhdGVRdWVyeVBhcmFtcyhPYmplY3QuYXNzaWduKE9iamVjdC5hc3NpZ24oe30sIGJvZHkpLCB7CiAgICAgICAgICAgICAgICAgICAgcmVmcmVzaF90b2tlbjogcmVmcmVzaFRva2VuCiAgICAgICAgICAgICAgICB9KSkgOiBKU09OLnN0cmluZ2lmeShPYmplY3QuYXNzaWduKE9iamVjdC5hc3NpZ24oe30sIGJvZHkpLCB7CiAgICAgICAgICAgICAgICAgICAgcmVmcmVzaF90b2tlbjogcmVmcmVzaFRva2VuCiAgICAgICAgICAgICAgICB9KSk7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgbGV0IGFib3J0Q29udHJvbGxlcjsKICAgICAgICAgICAgaWYgKHR5cGVvZiBBYm9ydENvbnRyb2xsZXIgPT09ICJmdW5jdGlvbiIpIHsKICAgICAgICAgICAgICAgIGFib3J0Q29udHJvbGxlciA9IG5ldyBBYm9ydENvbnRyb2xsZXI7CiAgICAgICAgICAgICAgICBmZXRjaE9wdGlvbnMuc2lnbmFsID0gYWJvcnRDb250cm9sbGVyLnNpZ25hbDsKICAgICAgICAgICAgfQogICAgICAgICAgICBsZXQgcmVzcG9uc2U7CiAgICAgICAgICAgIHRyeSB7CiAgICAgICAgICAgICAgICByZXNwb25zZSA9IGF3YWl0IFByb21pc2UucmFjZShbIHdhaXQodGltZW91dCksIGZldGNoKGZldGNoVXJsLCBPYmplY3QuYXNzaWduKHt9LCBmZXRjaE9wdGlvbnMpKSBdKTsKICAgICAgICAgICAgfSBjYXRjaCAoZXJyb3IpIHsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIGVycm9yOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgfQogICAgICAgICAgICBpZiAoIXJlc3BvbnNlKSB7CiAgICAgICAgICAgICAgICBpZiAoYWJvcnRDb250cm9sbGVyKSBhYm9ydENvbnRyb2xsZXIuYWJvcnQoKTsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIGVycm9yOiAiVGltZW91dCB3aGVuIGV4ZWN1dGluZyAnZmV0Y2gnIgogICAgICAgICAgICAgICAgfSk7CiAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgIH0KICAgICAgICAgICAgaGVhZGVycyA9IGZyb21FbnRyaWVzKHJlc3BvbnNlLmhlYWRlcnMpOwogICAgICAgICAgICBqc29uID0gYXdhaXQgcmVzcG9uc2UuanNvbigpOwogICAgICAgICAgICBpZiAoanNvbi5yZWZyZXNoX3Rva2VuKSB7CiAgICAgICAgICAgICAgICBpZiAodXNlTXJydCkgewogICAgICAgICAgICAgICAgICAgIHJlZnJlc2hUb2tlbnNbImxhdGVzdF9yZWZyZXNoX3Rva2VuIl0gPSBqc29uLnJlZnJlc2hfdG9rZW47CiAgICAgICAgICAgICAgICAgICAgdXBkYXRlUmVmcmVzaFRva2VucyhyZWZyZXNoVG9rZW4sIGpzb24ucmVmcmVzaF90b2tlbik7CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICBzZXRSZWZyZXNoVG9rZW4oanNvbi5yZWZyZXNoX3Rva2VuLCBhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgZGVsZXRlIGpzb24ucmVmcmVzaF90b2tlbjsKICAgICAgICAgICAgfSBlbHNlIHsKICAgICAgICAgICAgICAgIGRlbGV0ZVJlZnJlc2hUb2tlbihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICB9CiAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgb2s6IHJlc3BvbnNlLm9rLAogICAgICAgICAgICAgICAganNvbjoganNvbiwKICAgICAgICAgICAgICAgIGhlYWRlcnM6IGhlYWRlcnMKICAgICAgICAgICAgfSk7CiAgICAgICAgfSBjYXRjaCAoZXJyb3IpIHsKICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICBvazogZmFsc2UsCiAgICAgICAgICAgICAgICBqc29uOiB7CiAgICAgICAgICAgICAgICAgICAgZXJyb3I6IGVycm9yLmVycm9yLAogICAgICAgICAgICAgICAgICAgIGVycm9yX2Rlc2NyaXB0aW9uOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICB9LAogICAgICAgICAgICAgICAgaGVhZGVyczogaGVhZGVycwogICAgICAgICAgICB9KTsKICAgICAgICB9CiAgICB9OwogICAgY29uc3QgcmV2b2tlTWVzc2FnZUhhbmRsZXIgPSBhc3luYyBfcmVmNSA9PiB7CiAgICAgICAgbGV0IHtkYXRhOiB7dGltZW91dDogdGltZW91dCwgYXV0aDogYXV0aCwgZmV0Y2hVcmw6IGZldGNoVXJsLCBmZXRjaE9wdGlvbnM6IGZldGNoT3B0aW9ucywgdXNlRm9ybURhdGE6IHVzZUZvcm1EYXRhfSwgcG9ydHM6IFtwb3J0XX0gPSBfcmVmNTsKICAgICAgICBjb25zdCB7YXVkaWVuY2U6IGF1ZGllbmNlfSA9IGF1dGggfHwge307CiAgICAgICAgdHJ5IHsKICAgICAgICAgICAgY29uc3QgdG9rZW5zVG9SZXZva2UgPSBnZXRSZWZyZXNoVG9rZW5zQnlBdWRpZW5jZShhdWRpZW5jZSk7CiAgICAgICAgICAgIGlmICh0b2tlbnNUb1Jldm9rZS5sZW5ndGggPT09IDApIHsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIG9rOiB0cnVlCiAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgfQogICAgICAgICAgICBjb25zdCBiYXNlQm9keSA9IHVzZUZvcm1EYXRhID8gZm9ybURhdGFUb09iamVjdChmZXRjaE9wdGlvbnMuYm9keSkgOiBKU09OLnBhcnNlKGZldGNoT3B0aW9ucy5ib2R5KTsKICAgICAgICAgICAgZm9yIChjb25zdCByZWZyZXNoVG9rZW4gb2YgdG9rZW5zVG9SZXZva2UpIHsKICAgICAgICAgICAgICAgIGNvbnN0IGJvZHkgPSB1c2VGb3JtRGF0YSA/IGNyZWF0ZVF1ZXJ5UGFyYW1zKE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSwgYmFzZUJvZHkpLCB7CiAgICAgICAgICAgICAgICAgICAgdG9rZW46IHJlZnJlc2hUb2tlbgogICAgICAgICAgICAgICAgfSkpIDogSlNPTi5zdHJpbmdpZnkoT2JqZWN0LmFzc2lnbihPYmplY3QuYXNzaWduKHt9LCBiYXNlQm9keSksIHsKICAgICAgICAgICAgICAgICAgICB0b2tlbjogcmVmcmVzaFRva2VuCiAgICAgICAgICAgICAgICB9KSk7CiAgICAgICAgICAgICAgICBsZXQgYWJvcnRDb250cm9sbGVyOwogICAgICAgICAgICAgICAgbGV0IHNpZ25hbDsKICAgICAgICAgICAgICAgIGlmICh0eXBlb2YgQWJvcnRDb250cm9sbGVyID09PSAiZnVuY3Rpb24iKSB7CiAgICAgICAgICAgICAgICAgICAgYWJvcnRDb250cm9sbGVyID0gbmV3IEFib3J0Q29udHJvbGxlcjsKICAgICAgICAgICAgICAgICAgICBzaWduYWwgPSBhYm9ydENvbnRyb2xsZXIuc2lnbmFsOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgbGV0IHRpbWVvdXRJZDsKICAgICAgICAgICAgICAgIGxldCByZXNwb25zZTsKICAgICAgICAgICAgICAgIHRyeSB7CiAgICAgICAgICAgICAgICAgICAgcmVzcG9uc2UgPSBhd2FpdCBQcm9taXNlLnJhY2UoWyBuZXcgUHJvbWlzZShyZXNvbHZlID0+IHsKICAgICAgICAgICAgICAgICAgICAgICAgdGltZW91dElkID0gc2V0VGltZW91dChyZXNvbHZlLCB0aW1lb3V0KTsKICAgICAgICAgICAgICAgICAgICB9KSwgZmV0Y2goZmV0Y2hVcmwsIE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSwgZmV0Y2hPcHRpb25zKSwgewogICAgICAgICAgICAgICAgICAgICAgICBib2R5OiBib2R5LAogICAgICAgICAgICAgICAgICAgICAgICBzaWduYWw6IHNpZ25hbAogICAgICAgICAgICAgICAgICAgIH0pKSBdKS5maW5hbGx5KCgpID0+IGNsZWFyVGltZW91dCh0aW1lb3V0SWQpKTsKICAgICAgICAgICAgICAgIH0gY2F0Y2ggKGVycm9yKSB7CiAgICAgICAgICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICAgICAgICAgIGVycm9yOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICAgICAgfSk7CiAgICAgICAgICAgICAgICAgICAgcmV0dXJuOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgaWYgKCFyZXNwb25zZSkgewogICAgICAgICAgICAgICAgICAgIGlmIChhYm9ydENvbnRyb2xsZXIpIGFib3J0Q29udHJvbGxlci5hYm9ydCgpOwogICAgICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgICAgICBlcnJvcjogIlRpbWVvdXQgd2hlbiBleGVjdXRpbmcgJ2ZldGNoJyIKICAgICAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICBpZiAoIXJlc3BvbnNlLm9rKSB7CiAgICAgICAgICAgICAgICAgICAgbGV0IGVycm9yRGVzY3JpcHRpb247CiAgICAgICAgICAgICAgICAgICAgdHJ5IHsKICAgICAgICAgICAgICAgICAgICAgICAgY29uc3Qge2Vycm9yX2Rlc2NyaXB0aW9uOiBlcnJvcl9kZXNjcmlwdGlvbn0gPSBKU09OLnBhcnNlKGF3YWl0IHJlc3BvbnNlLnRleHQoKSk7CiAgICAgICAgICAgICAgICAgICAgICAgIGVycm9yRGVzY3JpcHRpb24gPSBlcnJvcl9kZXNjcmlwdGlvbjsKICAgICAgICAgICAgICAgICAgICB9IGNhdGNoIChfYSkge30KICAgICAgICAgICAgICAgICAgICBwb3J0LnBvc3RNZXNzYWdlKHsKICAgICAgICAgICAgICAgICAgICAgICAgZXJyb3I6IGVycm9yRGVzY3JpcHRpb24gfHwgIkhUVFAgZXJyb3IgIi5jb25jYXQocmVzcG9uc2Uuc3RhdHVzKQogICAgICAgICAgICAgICAgICAgIH0pOwogICAgICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIGRlbGV0ZVJlZnJlc2hUb2tlbnNCeVZhbHVlKHJlZnJlc2hUb2tlbik7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICBvazogdHJ1ZQogICAgICAgICAgICB9KTsKICAgICAgICB9IGNhdGNoIChlcnJvcikgewogICAgICAgICAgICBwb3J0LnBvc3RNZXNzYWdlKHsKICAgICAgICAgICAgICAgIGVycm9yOiBlcnJvci5tZXNzYWdlIHx8ICJVbmtub3duIGVycm9yIGR1cmluZyB0b2tlbiByZXZvY2F0aW9uIgogICAgICAgICAgICB9KTsKICAgICAgICB9CiAgICB9OwogICAgY29uc3QgaXNBdXRob3JpemVkV29ya2VyUmVxdWVzdCA9ICh3b3JrZXJSZXF1ZXN0LCBleHBlY3RlZFBhdGgpID0+IHsKICAgICAgICBpZiAoIWFsbG93ZWRCYXNlVXJsKSB7CiAgICAgICAgICAgIHJldHVybiBmYWxzZTsKICAgICAgICB9CiAgICAgICAgdHJ5IHsKICAgICAgICAgICAgY29uc3QgYWxsb3dlZEJhc2VPcmlnaW4gPSBuZXcgVVJMKGFsbG93ZWRCYXNlVXJsKS5vcmlnaW47CiAgICAgICAgICAgIGNvbnN0IHJlcXVlc3RlZFVybCA9IG5ldyBVUkwod29ya2VyUmVxdWVzdC5mZXRjaFVybCk7CiAgICAgICAgICAgIHJldHVybiByZXF1ZXN0ZWRVcmwub3JpZ2luID09PSBhbGxvd2VkQmFzZU9yaWdpbiAmJiByZXF1ZXN0ZWRVcmwucGF0aG5hbWUgPT09IGV4cGVjdGVkUGF0aDsKICAgICAgICB9IGNhdGNoIChfYSkgewogICAgICAgICAgICByZXR1cm4gZmFsc2U7CiAgICAgICAgfQogICAgfTsKICAgIGNvbnN0IG1lc3NhZ2VSb3V0ZXIgPSBldmVudCA9PiB7CiAgICAgICAgY29uc3Qge2RhdGE6IGRhdGEsIHBvcnRzOiBwb3J0c30gPSBldmVudDsKICAgICAgICBjb25zdCBbcG9ydF0gPSBwb3J0czsKICAgICAgICBpZiAoInR5cGUiIGluIGRhdGEgJiYgZGF0YS50eXBlID09PSAiaW5pdCIpIHsKICAgICAgICAgICAgaWYgKGFsbG93ZWRCYXNlVXJsID09PSBudWxsKSB7CiAgICAgICAgICAgICAgICB0cnkgewogICAgICAgICAgICAgICAgICAgIG5ldyBVUkwoZGF0YS5hbGxvd2VkQmFzZVVybCk7CiAgICAgICAgICAgICAgICAgICAgYWxsb3dlZEJhc2VVcmwgPSBkYXRhLmFsbG93ZWRCYXNlVXJsOwogICAgICAgICAgICAgICAgfSBjYXRjaCAoX2EpIHsKICAgICAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgIH0KICAgICAgICAgICAgcmV0dXJuOwogICAgICAgIH0KICAgICAgICBpZiAoInR5cGUiIGluIGRhdGEgJiYgZGF0YS50eXBlID09PSAicmV2b2tlIikgewogICAgICAgICAgICBpZiAoIWlzQXV0aG9yaXplZFdvcmtlclJlcXVlc3QoZGF0YSwgIi9vYXV0aC9yZXZva2UiKSkgewogICAgICAgICAgICAgICAgcG9ydCA9PT0gbnVsbCB8fCBwb3J0ID09PSB2b2lkIDAgPyB2b2lkIDAgOiBwb3J0LnBvc3RNZXNzYWdlKHsKICAgICAgICAgICAgICAgICAgICBvazogZmFsc2UsCiAgICAgICAgICAgICAgICAgICAganNvbjogewogICAgICAgICAgICAgICAgICAgICAgICBlcnJvcjogImludmFsaWRfZmV0Y2hfdXJsIiwKICAgICAgICAgICAgICAgICAgICAgICAgZXJyb3JfZGVzY3JpcHRpb246ICJVbmF1dGhvcml6ZWQgZmV0Y2ggVVJMIgogICAgICAgICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgICAgICAgaGVhZGVyczoge30KICAgICAgICAgICAgICAgIH0pOwogICAgICAgICAgICAgICAgcmV0dXJuOwogICAgICAgICAgICB9CiAgICAgICAgICAgIHJldm9rZU1lc3NhZ2VIYW5kbGVyKGV2ZW50KTsKICAgICAgICAgICAgcmV0dXJuOwogICAgICAgIH0KICAgICAgICBpZiAoISgiZmV0Y2hVcmwiIGluIGRhdGEpIHx8ICFpc0F1dGhvcml6ZWRXb3JrZXJSZXF1ZXN0KGRhdGEsICIvb2F1dGgvdG9rZW4iKSkgewogICAgICAgICAgICBwb3J0ID09PSBudWxsIHx8IHBvcnQgPT09IHZvaWQgMCA/IHZvaWQgMCA6IHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgb2s6IGZhbHNlLAogICAgICAgICAgICAgICAganNvbjogewogICAgICAgICAgICAgICAgICAgIGVycm9yOiAiaW52YWxpZF9mZXRjaF91cmwiLAogICAgICAgICAgICAgICAgICAgIGVycm9yX2Rlc2NyaXB0aW9uOiAiVW5hdXRob3JpemVkIGZldGNoIFVSTCIKICAgICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgICBoZWFkZXJzOiB7fQogICAgICAgICAgICB9KTsKICAgICAgICAgICAgcmV0dXJuOwogICAgICAgIH0KICAgICAgICBtZXNzYWdlSGFuZGxlcihldmVudCk7CiAgICB9OwogICAgewogICAgICAgIGFkZEV2ZW50TGlzdGVuZXIoIm1lc3NhZ2UiLCBtZXNzYWdlUm91dGVyKTsKICAgIH0KfSkoKTsKCg==", null, false);
2113
2036
  const singlePromiseMap = {};
2114
2037
  const singlePromise = (cb, key) => {
2115
2038
  let promise = singlePromiseMap[key];
@@ -2126,12 +2049,11 @@
2126
2049
  constructor(cache, clientId) {
2127
2050
  this.cache = cache;
2128
2051
  this.clientId = clientId;
2129
- _defineProperty(this, "manifestKey", void 0);
2130
2052
  this.manifestKey = this.createManifestKeyFrom(this.clientId);
2131
2053
  }
2132
2054
  async add(key) {
2133
- var _await$this$cache$get;
2134
- const keys = new Set(((_await$this$cache$get = await this.cache.get(this.manifestKey)) === null || _await$this$cache$get === void 0 ? void 0 : _await$this$cache$get.keys) || []);
2055
+ var _a;
2056
+ const keys = new Set(((_a = await this.cache.get(this.manifestKey)) === null || _a === void 0 ? void 0 : _a.keys) || []);
2135
2057
  keys.add(key);
2136
2058
  await this.cache.set(this.manifestKey, {
2137
2059
  keys: [ ...keys ]
@@ -2160,7 +2082,6 @@
2160
2082
  return "".concat(CACHE_KEY_PREFIX, "::").concat(clientId);
2161
2083
  }
2162
2084
  }
2163
- const _excluded$2 = [ "openUrl", "onRedirect" ];
2164
2085
  const GET_TOKEN_SILENTLY_LOCK_KEY = "auth0.lock.getTokenSilently";
2165
2086
  const GET_TOKEN_FROM_IFRAME_LOCK_KEY = "auth0.lock.getTokenFromIFrame";
2166
2087
  const buildGetTokenSilentlyLockKey = (clientId, audience) => "".concat(GET_TOKEN_SILENTLY_LOCK_KEY, ".").concat(clientId, ".").concat(audience);
@@ -2173,9 +2094,9 @@
2173
2094
  localstorage: () => new LocalStorageCache
2174
2095
  };
2175
2096
  const cacheFactory = location => cacheLocationBuilders[location];
2176
- const getAuthorizeParams = (clientOptions, scope, authorizationParams, state, nonce, code_challenge, redirect_uri, response_mode, thumbprint) => _objectSpread2(_objectSpread2(_objectSpread2({
2097
+ const getAuthorizeParams = (clientOptions, scope, authorizationParams, state, nonce, code_challenge, redirect_uri, response_mode, thumbprint) => Object.assign(Object.assign(Object.assign({
2177
2098
  client_id: clientOptions.clientId
2178
- }, clientOptions.authorizationParams), authorizationParams), {}, {
2099
+ }, clientOptions.authorizationParams), authorizationParams), {
2179
2100
  scope: scopesToRequest(scope, authorizationParams.scope, authorizationParams.audience),
2180
2101
  response_type: "code",
2181
2102
  response_mode: response_mode || "query",
@@ -2187,8 +2108,8 @@
2187
2108
  dpop_jkt: thumbprint
2188
2109
  });
2189
2110
  const patchOpenUrlWithOnRedirect = options => {
2190
- const {openUrl: openUrl, onRedirect: onRedirect} = options, originalOptions = _objectWithoutProperties(options, _excluded$2);
2191
- const result = _objectSpread2(_objectSpread2({}, originalOptions), {}, {
2111
+ const {openUrl: openUrl, onRedirect: onRedirect} = options, originalOptions = __rest(options, [ "openUrl", "onRedirect" ]);
2112
+ const result = Object.assign(Object.assign({}, originalOptions), {
2192
2113
  openUrl: openUrl === false || openUrl ? openUrl : onRedirect
2193
2114
  });
2194
2115
  return result;
@@ -2205,13 +2126,13 @@
2205
2126
  return missingScopes.join(",");
2206
2127
  };
2207
2128
  const getScopeToRequest = (useMrrt, authorizationParams, cachedAudience, cachedScope) => {
2129
+ var _a;
2208
2130
  if (useMrrt && cachedAudience && cachedScope) {
2209
- var _authorizationParams$;
2210
2131
  if (authorizationParams.audience !== cachedAudience) {
2211
2132
  return authorizationParams.scope;
2212
2133
  }
2213
2134
  const cachedScopes = cachedScope.split(" ");
2214
- const newScopes = ((_authorizationParams$ = authorizationParams.scope) === null || _authorizationParams$ === void 0 ? void 0 : _authorizationParams$.split(" ")) || [];
2135
+ const newScopes = ((_a = authorizationParams.scope) === null || _a === void 0 ? void 0 : _a.split(" ")) || [];
2215
2136
  const newScopesAreIncluded = newScopes.every(scope => cachedScopes.includes(scope));
2216
2137
  return cachedScopes.length >= newScopes.length && newScopesAreIncluded ? cachedScope : authorizationParams.scope;
2217
2138
  }
@@ -2232,8 +2153,6 @@
2232
2153
  const AUTH0_NONCE_ID = "auth0";
2233
2154
  class DpopStorage {
2234
2155
  constructor(clientId) {
2235
- _defineProperty(this, "clientId", void 0);
2236
- _defineProperty(this, "dbHandle", void 0);
2237
2156
  this.clientId = clientId;
2238
2157
  }
2239
2158
  getVersion() {
@@ -2287,7 +2206,7 @@
2287
2206
  }
2288
2207
  async deleteBy(table, predicate) {
2289
2208
  const allKeys = await this.executeDbRequest(table, "readonly", table => table.getAllKeys());
2290
- allKeys === null || allKeys === void 0 || allKeys.filter(predicate).map(k => this.executeDbRequest(table, "readwrite", table => table.delete(k)));
2209
+ allKeys === null || allKeys === void 0 ? void 0 : allKeys.filter(predicate).map(k => this.executeDbRequest(table, "readwrite", table => table.delete(k)));
2291
2210
  }
2292
2211
  deleteByClientId(table, clientId) {
2293
2212
  return this.deleteBy(table, k => typeof k === "string" && k.startsWith("".concat(clientId, "::")));
@@ -2301,7 +2220,6 @@
2301
2220
  }
2302
2221
  class Dpop {
2303
2222
  constructor(clientId) {
2304
- _defineProperty(this, "storage", void 0);
2305
2223
  this.storage = new DpopStorage(clientId);
2306
2224
  }
2307
2225
  getNonce(id) {
@@ -2320,7 +2238,7 @@
2320
2238
  }
2321
2239
  async generateProof(params) {
2322
2240
  const keyPair = await this.getOrGenerateKeyPair();
2323
- return generateProof(_objectSpread2({
2241
+ return generateProof(Object.assign({
2324
2242
  keyPair: keyPair
2325
2243
  }, params));
2326
2244
  }
@@ -2332,17 +2250,15 @@
2332
2250
  await Promise.all([ this.storage.clearNonces(), this.storage.clearKeyPairs() ]);
2333
2251
  }
2334
2252
  }
2335
- var TokenType = function(TokenType) {
2253
+ var TokenType;
2254
+ (function(TokenType) {
2336
2255
  TokenType["Bearer"] = "Bearer";
2337
2256
  TokenType["DPoP"] = "DPoP";
2338
- return TokenType;
2339
- }(TokenType || {});
2257
+ })(TokenType || (TokenType = {}));
2340
2258
  class Fetcher {
2341
2259
  constructor(config, hooks) {
2342
- _defineProperty(this, "config", void 0);
2343
- _defineProperty(this, "hooks", void 0);
2344
2260
  this.hooks = hooks;
2345
- this.config = _objectSpread2(_objectSpread2({}, config), {}, {
2261
+ this.config = Object.assign(Object.assign({}, config), {
2346
2262
  fetch: config.fetch || (typeof window === "undefined" ? fetch : window.fetch.bind(window))
2347
2263
  });
2348
2264
  }
@@ -2450,7 +2366,7 @@
2450
2366
  }
2451
2367
  fetchWithAuth(info, init, authParams) {
2452
2368
  const callbacks = {
2453
- onUseDpopNonceError: () => this.internalFetchWithAuth(info, init, _objectSpread2(_objectSpread2({}, callbacks), {}, {
2369
+ onUseDpopNonceError: () => this.internalFetchWithAuth(info, init, Object.assign(Object.assign({}, callbacks), {
2454
2370
  onUseDpopNonceError: undefined
2455
2371
  }), authParams)
2456
2372
  };
@@ -2506,11 +2422,6 @@
2506
2422
  constructor(_ref) {
2507
2423
  let {type: type, status: status, title: title, detail: detail, validation_errors: validation_errors} = _ref;
2508
2424
  super(detail);
2509
- _defineProperty(this, "type", void 0);
2510
- _defineProperty(this, "status", void 0);
2511
- _defineProperty(this, "title", void 0);
2512
- _defineProperty(this, "detail", void 0);
2513
- _defineProperty(this, "validation_errors", void 0);
2514
2425
  this.name = "MyAccountApiError";
2515
2426
  this.type = type;
2516
2427
  this.status = status;
@@ -2548,7 +2459,7 @@
2548
2459
  };
2549
2460
  function getAuthJsEnrollParams(params) {
2550
2461
  const mapping = FACTOR_MAPPING[params.factorType];
2551
- return _objectSpread2(_objectSpread2(_objectSpread2({
2462
+ return Object.assign(Object.assign(Object.assign({
2552
2463
  mfaToken: params.mfaToken,
2553
2464
  authenticatorTypes: mapping.authenticatorTypes
2554
2465
  }, mapping.oobChannels && {
@@ -2571,6 +2482,144 @@
2571
2482
  }
2572
2483
  return undefined;
2573
2484
  }
2485
+ function _OverloadYield(e, d) {
2486
+ this.v = e, this.k = d;
2487
+ }
2488
+ function _assertClassBrand(e, t, n) {
2489
+ if ("function" == typeof e ? e === t : e.has(t)) return arguments.length < 3 ? t : n;
2490
+ throw new TypeError("Private element is not present on this object");
2491
+ }
2492
+ function _awaitAsyncGenerator(e) {
2493
+ return new _OverloadYield(e, 0);
2494
+ }
2495
+ function _checkPrivateRedeclaration(e, t) {
2496
+ if (t.has(e)) throw new TypeError("Cannot initialize the same private elements twice on an object");
2497
+ }
2498
+ function _classPrivateFieldGet2(s, a) {
2499
+ return s.get(_assertClassBrand(s, a));
2500
+ }
2501
+ function _classPrivateFieldInitSpec(e, t, a) {
2502
+ _checkPrivateRedeclaration(e, t), t.set(e, a);
2503
+ }
2504
+ function _classPrivateFieldSet2(s, a, r) {
2505
+ return s.set(_assertClassBrand(s, a), r), r;
2506
+ }
2507
+ function _classPrivateMethodInitSpec(e, a) {
2508
+ _checkPrivateRedeclaration(e, a), a.add(e);
2509
+ }
2510
+ function _defineProperty(e, r, t) {
2511
+ return (r = _toPropertyKey(r)) in e ? Object.defineProperty(e, r, {
2512
+ value: t,
2513
+ enumerable: !0,
2514
+ configurable: !0,
2515
+ writable: !0
2516
+ }) : e[r] = t, e;
2517
+ }
2518
+ function ownKeys(e, r) {
2519
+ var t = Object.keys(e);
2520
+ if (Object.getOwnPropertySymbols) {
2521
+ var o = Object.getOwnPropertySymbols(e);
2522
+ r && (o = o.filter(function(r) {
2523
+ return Object.getOwnPropertyDescriptor(e, r).enumerable;
2524
+ })), t.push.apply(t, o);
2525
+ }
2526
+ return t;
2527
+ }
2528
+ function _objectSpread2(e) {
2529
+ for (var r = 1; r < arguments.length; r++) {
2530
+ var t = null != arguments[r] ? arguments[r] : {};
2531
+ r % 2 ? ownKeys(Object(t), !0).forEach(function(r) {
2532
+ _defineProperty(e, r, t[r]);
2533
+ }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys(Object(t)).forEach(function(r) {
2534
+ Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r));
2535
+ });
2536
+ }
2537
+ return e;
2538
+ }
2539
+ function _objectWithoutProperties(e, t) {
2540
+ if (null == e) return {};
2541
+ var o, r, i = _objectWithoutPropertiesLoose(e, t);
2542
+ if (Object.getOwnPropertySymbols) {
2543
+ var n = Object.getOwnPropertySymbols(e);
2544
+ for (r = 0; r < n.length; r++) o = n[r], -1 === t.indexOf(o) && {}.propertyIsEnumerable.call(e, o) && (i[o] = e[o]);
2545
+ }
2546
+ return i;
2547
+ }
2548
+ function _objectWithoutPropertiesLoose(r, e) {
2549
+ if (null == r) return {};
2550
+ var t = {};
2551
+ for (var n in r) if ({}.hasOwnProperty.call(r, n)) {
2552
+ if (-1 !== e.indexOf(n)) continue;
2553
+ t[n] = r[n];
2554
+ }
2555
+ return t;
2556
+ }
2557
+ function _toPrimitive(t, r) {
2558
+ if ("object" != typeof t || !t) return t;
2559
+ var e = t[Symbol.toPrimitive];
2560
+ if (void 0 !== e) {
2561
+ var i = e.call(t, r || "default");
2562
+ if ("object" != typeof i) return i;
2563
+ throw new TypeError("@@toPrimitive must return a primitive value.");
2564
+ }
2565
+ return ("string" === r ? String : Number)(t);
2566
+ }
2567
+ function _toPropertyKey(t) {
2568
+ var i = _toPrimitive(t, "string");
2569
+ return "symbol" == typeof i ? i : i + "";
2570
+ }
2571
+ function _wrapAsyncGenerator(e) {
2572
+ return function() {
2573
+ return new AsyncGenerator(e.apply(this, arguments));
2574
+ };
2575
+ }
2576
+ function AsyncGenerator(e) {
2577
+ var t, n;
2578
+ function resume(t, n) {
2579
+ try {
2580
+ var r = e[t](n), o = r.value, u = o instanceof _OverloadYield;
2581
+ Promise.resolve(u ? o.v : o).then(function(n) {
2582
+ if (u) {
2583
+ var i = "return" === t && o.k ? t : "next";
2584
+ if (!o.k || n.done) return resume(i, n);
2585
+ n = e[i](n).value;
2586
+ }
2587
+ settle(!!r.done, n);
2588
+ }, function(e) {
2589
+ resume("throw", e);
2590
+ });
2591
+ } catch (e) {
2592
+ settle(2, e);
2593
+ }
2594
+ }
2595
+ function settle(e, r) {
2596
+ 2 === e ? t.reject(r) : t.resolve({
2597
+ value: r,
2598
+ done: e
2599
+ }), (t = t.next) ? resume(t.key, t.arg) : n = null;
2600
+ }
2601
+ this._invoke = function(e, r) {
2602
+ return new Promise(function(o, u) {
2603
+ var i = {
2604
+ key: e,
2605
+ arg: r,
2606
+ resolve: o,
2607
+ reject: u,
2608
+ next: null
2609
+ };
2610
+ n ? n = n.next = i : (t = n = i, resume(e, r));
2611
+ });
2612
+ }, "function" != typeof e.return && (this.return = void 0);
2613
+ }
2614
+ AsyncGenerator.prototype["function" == typeof Symbol && Symbol.asyncIterator || "@@asyncIterator"] = function() {
2615
+ return this;
2616
+ }, AsyncGenerator.prototype.next = function(e) {
2617
+ return this._invoke("next", e);
2618
+ }, AsyncGenerator.prototype.throw = function(e) {
2619
+ return this._invoke("throw", e);
2620
+ }, AsyncGenerator.prototype.return = function(e) {
2621
+ return this._invoke("return", e);
2622
+ };
2574
2623
  var _navigator$userAgent$2, _navigator$userAgent$$2;
2575
2624
  let USER_AGENT$2;
2576
2625
  if (typeof navigator === "undefined" || !((_navigator$userAgent$2 = navigator.userAgent) !== null && _navigator$userAgent$2 !== void 0 && (_navigator$userAgent$$2 = _navigator$userAgent$2.startsWith) !== null && _navigator$userAgent$$2 !== void 0 && _navigator$userAgent$$2.call(_navigator$userAgent$2, "Mozilla/5.0 "))) {
@@ -6526,7 +6575,7 @@
6526
6575
  });
6527
6576
  return remoteJWKSet;
6528
6577
  }
6529
- const _excluded$1 = [ "mfaToken" ], _excluded2$1 = [ "mfaToken" ];
6578
+ const _excluded = [ "mfaToken" ], _excluded2 = [ "mfaToken" ];
6530
6579
  var _baseUrl, _clientId, _customFetch, _entries, _ttlMs, _maxEntries, _configuration, _serverMetadata, _clientAuthPromise, _options, _customFetch2, _jwks, _discoveryCache, _inFlightDiscovery, _jwksCache, _Class9_brand;
6531
6580
  var NotSupportedError = class NotSupportedError extends Error {
6532
6581
  constructor(code, message) {
@@ -6746,7 +6795,7 @@
6746
6795
  }
6747
6796
  async enrollAuthenticator(options) {
6748
6797
  const url = "".concat(_classPrivateFieldGet2(_baseUrl, this), "/mfa/associate");
6749
- const {mfaToken: mfaToken} = options, sdkParams = _objectWithoutProperties(options, _excluded$1);
6798
+ const {mfaToken: mfaToken} = options, sdkParams = _objectWithoutProperties(options, _excluded);
6750
6799
  const apiParams = {
6751
6800
  authenticator_types: sdkParams.authenticatorTypes
6752
6801
  };
@@ -6791,7 +6840,7 @@
6791
6840
  }
6792
6841
  async challengeAuthenticator(options) {
6793
6842
  const url = "".concat(_classPrivateFieldGet2(_baseUrl, this), "/mfa/challenge");
6794
- const {mfaToken: mfaToken} = options, challengeParams = _objectWithoutProperties(options, _excluded2$1);
6843
+ const {mfaToken: mfaToken} = options, challengeParams = _objectWithoutProperties(options, _excluded2);
6795
6844
  const body = {
6796
6845
  mfa_token: mfaToken,
6797
6846
  client_id: _classPrivateFieldGet2(_clientId, this),
@@ -7511,13 +7560,12 @@
7511
7560
  class MfaContextManager {
7512
7561
  constructor() {
7513
7562
  let ttlMs = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : DEFAULT_TTL_MS;
7514
- _defineProperty(this, "contexts", new Map);
7515
- _defineProperty(this, "ttlMs", void 0);
7563
+ this.contexts = new Map;
7516
7564
  this.ttlMs = ttlMs;
7517
7565
  }
7518
7566
  set(mfaToken, context) {
7519
7567
  this.cleanup();
7520
- this.contexts.set(mfaToken, _objectSpread2(_objectSpread2({}, context), {}, {
7568
+ this.contexts.set(mfaToken, Object.assign(Object.assign({}, context), {
7521
7569
  createdAt: Date.now()
7522
7570
  }));
7523
7571
  }
@@ -7549,9 +7597,6 @@
7549
7597
  }
7550
7598
  class MfaApiClient {
7551
7599
  constructor(authJsMfaClient, auth0Client) {
7552
- _defineProperty(this, "authJsMfaClient", void 0);
7553
- _defineProperty(this, "auth0Client", void 0);
7554
- _defineProperty(this, "contextManager", void 0);
7555
7600
  this.authJsMfaClient = authJsMfaClient;
7556
7601
  this.auth0Client = auth0Client;
7557
7602
  this.contextManager = new MfaContextManager;
@@ -7564,9 +7609,9 @@
7564
7609
  });
7565
7610
  }
7566
7611
  async getAuthenticators(mfaToken) {
7567
- var _context$mfaRequireme;
7612
+ var _a, _b;
7568
7613
  const context = this.contextManager.get(mfaToken);
7569
- if (!(context !== null && context !== void 0 && (_context$mfaRequireme = context.mfaRequirements) !== null && _context$mfaRequireme !== void 0 && _context$mfaRequireme.challenge) || context.mfaRequirements.challenge.length === 0) {
7614
+ if (!((_a = context === null || context === void 0 ? void 0 : context.mfaRequirements) === null || _a === void 0 ? void 0 : _a.challenge) || context.mfaRequirements.challenge.length === 0) {
7570
7615
  throw new MfaListAuthenticatorsError("invalid_request", "challengeType is required and must contain at least one challenge type, please check mfa_required error payload");
7571
7616
  }
7572
7617
  const challengeTypes = context.mfaRequirements.challenge.map(c => c.type);
@@ -7580,25 +7625,25 @@
7580
7625
  });
7581
7626
  } catch (error) {
7582
7627
  if (error instanceof MfaListAuthenticatorsError$1) {
7583
- var _error$cause;
7584
- throw new MfaListAuthenticatorsError((_error$cause = error.cause) === null || _error$cause === void 0 ? void 0 : _error$cause.error, error.message);
7628
+ throw new MfaListAuthenticatorsError((_b = error.cause) === null || _b === void 0 ? void 0 : _b.error, error.message);
7585
7629
  }
7586
7630
  throw error;
7587
7631
  }
7588
7632
  }
7589
7633
  async enroll(params) {
7634
+ var _a;
7590
7635
  const authJsParams = getAuthJsEnrollParams(params);
7591
7636
  try {
7592
7637
  return await this.authJsMfaClient.enrollAuthenticator(authJsParams);
7593
7638
  } catch (error) {
7594
7639
  if (error instanceof MfaEnrollmentError$1) {
7595
- var _error$cause2;
7596
- throw new MfaEnrollmentError((_error$cause2 = error.cause) === null || _error$cause2 === void 0 ? void 0 : _error$cause2.error, error.message);
7640
+ throw new MfaEnrollmentError((_a = error.cause) === null || _a === void 0 ? void 0 : _a.error, error.message);
7597
7641
  }
7598
7642
  throw error;
7599
7643
  }
7600
7644
  }
7601
7645
  async challenge(params) {
7646
+ var _a;
7602
7647
  try {
7603
7648
  const authJsParams = {
7604
7649
  challengeType: params.challengeType,
@@ -7610,8 +7655,7 @@
7610
7655
  return await this.authJsMfaClient.challengeAuthenticator(authJsParams);
7611
7656
  } catch (error) {
7612
7657
  if (error instanceof MfaChallengeError$1) {
7613
- var _error$cause3;
7614
- throw new MfaChallengeError((_error$cause3 = error.cause) === null || _error$cause3 === void 0 ? void 0 : _error$cause3.error, error.message);
7658
+ throw new MfaChallengeError((_a = error.cause) === null || _a === void 0 ? void 0 : _a.error, error.message);
7615
7659
  }
7616
7660
  throw error;
7617
7661
  }
@@ -7660,37 +7704,18 @@
7660
7704
  }
7661
7705
  }
7662
7706
  }
7663
- const _excluded = [ "openUrl", "fragment", "appState" ], _excluded2 = [ "url" ], _excluded3 = [ "cacheMode" ], _excluded4 = [ "federated" ], _excluded5 = [ "openUrl" ], _excluded6 = [ "id_token", "decodedToken" ], _excluded7 = [ "mfaToken" ];
7664
7707
  class Auth0Client {
7665
7708
  constructor(options) {
7666
- _defineProperty(this, "transactionManager", void 0);
7667
- _defineProperty(this, "cacheManager", void 0);
7668
- _defineProperty(this, "lockManager", void 0);
7669
- _defineProperty(this, "domainUrl", void 0);
7670
- _defineProperty(this, "tokenIssuer", void 0);
7671
- _defineProperty(this, "scope", void 0);
7672
- _defineProperty(this, "cookieStorage", void 0);
7673
- _defineProperty(this, "dpop", void 0);
7674
- _defineProperty(this, "sessionCheckExpiryDays", void 0);
7675
- _defineProperty(this, "orgHintCookieName", void 0);
7676
- _defineProperty(this, "isAuthenticatedCookieName", void 0);
7677
- _defineProperty(this, "nowProvider", void 0);
7678
- _defineProperty(this, "httpTimeoutMs", void 0);
7679
- _defineProperty(this, "options", void 0);
7680
- _defineProperty(this, "userCache", (new InMemoryCache).enclosedCache);
7681
- _defineProperty(this, "myAccountApi", void 0);
7682
- _defineProperty(this, "mfa", void 0);
7683
- _defineProperty(this, "worker", void 0);
7684
- _defineProperty(this, "authJsClient", void 0);
7685
- _defineProperty(this, "defaultOptions", {
7709
+ this.userCache = (new InMemoryCache).enclosedCache;
7710
+ this.defaultOptions = {
7686
7711
  authorizationParams: {
7687
7712
  scope: DEFAULT_SCOPE
7688
7713
  },
7689
7714
  useRefreshTokensFallback: false,
7690
7715
  useFormData: true
7691
- });
7692
- this.options = _objectSpread2(_objectSpread2(_objectSpread2({}, this.defaultOptions), options), {}, {
7693
- authorizationParams: _objectSpread2(_objectSpread2({}, this.defaultOptions.authorizationParams), options.authorizationParams)
7716
+ };
7717
+ this.options = Object.assign(Object.assign(Object.assign({}, this.defaultOptions), options), {
7718
+ authorizationParams: Object.assign(Object.assign({}, this.defaultOptions.authorizationParams), options.authorizationParams)
7694
7719
  });
7695
7720
  typeof window !== "undefined" && validateCrypto();
7696
7721
  this.lockManager = getLockManager();
@@ -7722,9 +7747,9 @@
7722
7747
  this.domainUrl = getDomain(this.options.domain);
7723
7748
  this.tokenIssuer = getTokenIssuer(this.options.issuer, this.domainUrl);
7724
7749
  const myAccountApiIdentifier = "".concat(this.domainUrl, "/me/");
7725
- const myAccountFetcher = this.createFetcher(_objectSpread2(_objectSpread2({}, this.options.useDpop && {
7750
+ const myAccountFetcher = this.createFetcher(Object.assign(Object.assign({}, this.options.useDpop && {
7726
7751
  dpopNonceId: "__auth0_my_account_api__"
7727
- }), {}, {
7752
+ }), {
7728
7753
  getAccessToken: () => this.getTokenSilently({
7729
7754
  authorizationParams: {
7730
7755
  scope: "create:me:connected_accounts",
@@ -7802,7 +7827,7 @@
7802
7827
  url.searchParams.delete(paramName);
7803
7828
  window.history.replaceState({}, "", url.toString());
7804
7829
  }
7805
- } catch (_unused) {}
7830
+ } catch (_a) {}
7806
7831
  }
7807
7832
  _applySessionTransferToken(authorizationParams) {
7808
7833
  const paramName = this.options.sessionTransferTokenQueryParamName;
@@ -7812,18 +7837,18 @@
7812
7837
  const token = this._extractSessionTransferToken(paramName);
7813
7838
  if (!token) return authorizationParams;
7814
7839
  this._clearSessionTransferTokenFromUrl(paramName);
7815
- return _objectSpread2(_objectSpread2({}, authorizationParams), {}, {
7840
+ return Object.assign(Object.assign({}, authorizationParams), {
7816
7841
  session_transfer_token: token
7817
7842
  });
7818
7843
  }
7819
7844
  async _prepareAuthorizeUrl(authorizationParams, authorizeOptions, fallbackRedirectUri) {
7820
- var _this$dpop;
7845
+ var _a;
7821
7846
  const state = encode$2(createRandomString());
7822
7847
  const nonce = encode$2(createRandomString());
7823
7848
  const code_verifier = createRandomString();
7824
7849
  const code_challengeBuffer = await sha256(code_verifier);
7825
7850
  const code_challenge = bufferToBase64UrlEncoded(code_challengeBuffer);
7826
- const thumbprint = await ((_this$dpop = this.dpop) === null || _this$dpop === void 0 ? void 0 : _this$dpop.calculateThumbprint());
7851
+ const thumbprint = await ((_a = this.dpop) === null || _a === void 0 ? void 0 : _a.calculateThumbprint());
7827
7852
  const params = getAuthorizeParams(this.options, this.scope, authorizationParams, state, nonce, code_challenge, authorizationParams.redirect_uri || this.options.authorizationParams.redirect_uri || fallbackRedirectUri, authorizeOptions === null || authorizeOptions === void 0 ? void 0 : authorizeOptions.response_mode, thumbprint);
7828
7853
  const url = this._authorizeUrl(params);
7829
7854
  return {
@@ -7837,7 +7862,7 @@
7837
7862
  };
7838
7863
  }
7839
7864
  async loginWithPopup(options, config) {
7840
- var _options$authorizatio;
7865
+ var _a;
7841
7866
  options = options || {};
7842
7867
  config = config || {};
7843
7868
  if (!config.popup) {
@@ -7851,13 +7876,13 @@
7851
7876
  response_mode: "web_message"
7852
7877
  }, window.location.origin);
7853
7878
  config.popup.location.href = params.url;
7854
- const codeResult = await runPopup(_objectSpread2(_objectSpread2({}, config), {}, {
7879
+ const codeResult = await runPopup(Object.assign(Object.assign({}, config), {
7855
7880
  timeoutInSeconds: config.timeoutInSeconds || this.options.authorizeTimeoutInSeconds || DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS
7856
7881
  }), new URL(params.url).origin);
7857
7882
  if (params.state !== codeResult.state) {
7858
7883
  throw new GenericError("state_mismatch", "Invalid state");
7859
7884
  }
7860
- const organization = ((_options$authorizatio = options.authorizationParams) === null || _options$authorizatio === void 0 ? void 0 : _options$authorizatio.organization) || this.options.authorizationParams.organization;
7885
+ const organization = ((_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.organization) || this.options.authorizationParams.organization;
7861
7886
  await this._requestToken({
7862
7887
  audience: params.audience,
7863
7888
  scope: params.scope,
@@ -7871,26 +7896,26 @@
7871
7896
  });
7872
7897
  }
7873
7898
  async getUser() {
7874
- var _cache$decodedToken;
7899
+ var _a;
7875
7900
  const cache = await this._getIdTokenFromCache();
7876
- return cache === null || cache === void 0 || (_cache$decodedToken = cache.decodedToken) === null || _cache$decodedToken === void 0 ? void 0 : _cache$decodedToken.user;
7901
+ return (_a = cache === null || cache === void 0 ? void 0 : cache.decodedToken) === null || _a === void 0 ? void 0 : _a.user;
7877
7902
  }
7878
7903
  async getIdTokenClaims() {
7879
- var _cache$decodedToken2;
7904
+ var _a;
7880
7905
  const cache = await this._getIdTokenFromCache();
7881
- return cache === null || cache === void 0 || (_cache$decodedToken2 = cache.decodedToken) === null || _cache$decodedToken2 === void 0 ? void 0 : _cache$decodedToken2.claims;
7906
+ return (_a = cache === null || cache === void 0 ? void 0 : cache.decodedToken) === null || _a === void 0 ? void 0 : _a.claims;
7882
7907
  }
7883
7908
  async loginWithRedirect() {
7884
- var _urlOptions$authoriza;
7885
7909
  let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
7886
- const _patchOpenUrlWithOnRe = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl, fragment: fragment, appState: appState} = _patchOpenUrlWithOnRe, urlOptions = _objectWithoutProperties(_patchOpenUrlWithOnRe, _excluded);
7887
- const organization = ((_urlOptions$authoriza = urlOptions.authorizationParams) === null || _urlOptions$authoriza === void 0 ? void 0 : _urlOptions$authoriza.organization) || this.options.authorizationParams.organization;
7910
+ var _a;
7911
+ const _b = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl, fragment: fragment, appState: appState} = _b, urlOptions = __rest(_b, [ "openUrl", "fragment", "appState" ]);
7912
+ const organization = ((_a = urlOptions.authorizationParams) === null || _a === void 0 ? void 0 : _a.organization) || this.options.authorizationParams.organization;
7888
7913
  const authorizationParams = this._applySessionTransferToken(urlOptions.authorizationParams || {});
7889
- const _await$this$_prepareA = await this._prepareAuthorizeUrl(authorizationParams), {url: url} = _await$this$_prepareA, transaction = _objectWithoutProperties(_await$this$_prepareA, _excluded2);
7890
- this.transactionManager.create(_objectSpread2(_objectSpread2({}, transaction), {}, {
7914
+ const _c = await this._prepareAuthorizeUrl(authorizationParams), {url: url} = _c, transaction = __rest(_c, [ "url" ]);
7915
+ this.transactionManager.create(Object.assign(Object.assign(Object.assign({}, transaction), {
7891
7916
  appState: appState,
7892
- response_type: ResponseType.Code
7893
- }, organization && {
7917
+ response_type: exports.ResponseType.Code
7918
+ }), organization && {
7894
7919
  organization: organization
7895
7920
  }));
7896
7921
  const urlWithFragment = fragment ? "".concat(url, "#").concat(fragment) : url;
@@ -7912,7 +7937,7 @@
7912
7937
  }
7913
7938
  this.transactionManager.remove();
7914
7939
  const authenticationResult = parseAuthenticationResult(queryStringFragments.join(""));
7915
- if (transaction.response_type === ResponseType.ConnectCode) {
7940
+ if (transaction.response_type === exports.ResponseType.ConnectCode) {
7916
7941
  return this._handleConnectAccountRedirectCallback(authenticationResult, transaction);
7917
7942
  }
7918
7943
  return this._handleLoginRedirectCallback(authenticationResult, transaction);
@@ -7928,7 +7953,7 @@
7928
7953
  const organization = transaction.organization;
7929
7954
  const nonceIn = transaction.nonce;
7930
7955
  const redirect_uri = transaction.redirect_uri;
7931
- await this._requestToken(_objectSpread2({
7956
+ await this._requestToken(Object.assign({
7932
7957
  audience: transaction.audience,
7933
7958
  scope: transaction.scope,
7934
7959
  code_verifier: transaction.code_verifier,
@@ -7942,7 +7967,7 @@
7942
7967
  });
7943
7968
  return {
7944
7969
  appState: transaction.appState,
7945
- response_type: ResponseType.Code
7970
+ response_type: exports.ResponseType.Code
7946
7971
  };
7947
7972
  }
7948
7973
  async _handleConnectAccountRedirectCallback(connectResult, transaction) {
@@ -7962,9 +7987,9 @@
7962
7987
  redirect_uri: transaction.redirect_uri,
7963
7988
  code_verifier: transaction.code_verifier
7964
7989
  });
7965
- return _objectSpread2(_objectSpread2({}, data), {}, {
7990
+ return Object.assign(Object.assign({}, data), {
7966
7991
  appState: transaction.appState,
7967
- response_type: ResponseType.ConnectCode
7992
+ response_type: exports.ResponseType.ConnectCode
7968
7993
  });
7969
7994
  }
7970
7995
  async checkSession(options) {
@@ -7984,20 +8009,20 @@
7984
8009
  } catch (_) {}
7985
8010
  }
7986
8011
  async getTokenSilently() {
7987
- var _options$authorizatio2, _options$authorizatio3;
7988
8012
  let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
7989
- const localOptions = _objectSpread2(_objectSpread2({
8013
+ var _a, _b;
8014
+ const localOptions = Object.assign(Object.assign({
7990
8015
  cacheMode: "on"
7991
- }, options), {}, {
7992
- authorizationParams: _objectSpread2(_objectSpread2(_objectSpread2({}, this.options.authorizationParams), options.authorizationParams), {}, {
7993
- scope: scopesToRequest(this.scope, (_options$authorizatio2 = options.authorizationParams) === null || _options$authorizatio2 === void 0 ? void 0 : _options$authorizatio2.scope, ((_options$authorizatio3 = options.authorizationParams) === null || _options$authorizatio3 === void 0 ? void 0 : _options$authorizatio3.audience) || this.options.authorizationParams.audience)
8016
+ }, options), {
8017
+ authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), options.authorizationParams), {
8018
+ scope: scopesToRequest(this.scope, (_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.scope, ((_b = options.authorizationParams) === null || _b === void 0 ? void 0 : _b.audience) || this.options.authorizationParams.audience)
7994
8019
  })
7995
8020
  });
7996
8021
  const result = await singlePromise(() => this._getTokenSilently(localOptions), "".concat(this.options.clientId, "::").concat(localOptions.authorizationParams.audience, "::").concat(localOptions.authorizationParams.scope));
7997
8022
  return options.detailedResponse ? result : result === null || result === void 0 ? void 0 : result.access_token;
7998
8023
  }
7999
8024
  async _getTokenSilently(options) {
8000
- const {cacheMode: cacheMode} = options, getTokenOptions = _objectWithoutProperties(options, _excluded3);
8025
+ const {cacheMode: cacheMode} = options, getTokenOptions = __rest(options, [ "cacheMode" ]);
8001
8026
  if (cacheMode !== "off") {
8002
8027
  const entry = await this._getEntryFromCache({
8003
8028
  scope: getTokenOptions.authorizationParams.scope,
@@ -8027,13 +8052,13 @@
8027
8052
  }
8028
8053
  const authResult = this.options.useRefreshTokens ? await this._getTokenUsingRefreshToken(getTokenOptions) : await this._getTokenFromIFrame(getTokenOptions);
8029
8054
  const {id_token: id_token, token_type: token_type, access_token: access_token, oauthTokenScope: oauthTokenScope, expires_in: expires_in} = authResult;
8030
- return _objectSpread2(_objectSpread2({
8055
+ return Object.assign(Object.assign({
8031
8056
  id_token: id_token,
8032
8057
  token_type: token_type,
8033
8058
  access_token: access_token
8034
8059
  }, oauthTokenScope ? {
8035
8060
  scope: oauthTokenScope
8036
- } : null), {}, {
8061
+ } : null), {
8037
8062
  expires_in: expires_in
8038
8063
  });
8039
8064
  });
@@ -8069,15 +8094,15 @@
8069
8094
  }
8070
8095
  }
8071
8096
  async getTokenWithPopup() {
8072
- var _options$authorizatio4, _options$authorizatio5;
8073
8097
  let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
8074
8098
  let config = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
8075
- const localOptions = _objectSpread2(_objectSpread2({}, options), {}, {
8076
- authorizationParams: _objectSpread2(_objectSpread2(_objectSpread2({}, this.options.authorizationParams), options.authorizationParams), {}, {
8077
- scope: scopesToRequest(this.scope, (_options$authorizatio4 = options.authorizationParams) === null || _options$authorizatio4 === void 0 ? void 0 : _options$authorizatio4.scope, ((_options$authorizatio5 = options.authorizationParams) === null || _options$authorizatio5 === void 0 ? void 0 : _options$authorizatio5.audience) || this.options.authorizationParams.audience)
8099
+ var _a, _b;
8100
+ const localOptions = Object.assign(Object.assign({}, options), {
8101
+ authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), options.authorizationParams), {
8102
+ scope: scopesToRequest(this.scope, (_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.scope, ((_b = options.authorizationParams) === null || _b === void 0 ? void 0 : _b.audience) || this.options.authorizationParams.audience)
8078
8103
  })
8079
8104
  });
8080
- config = _objectSpread2(_objectSpread2({}, DEFAULT_POPUP_CONFIG_OPTIONS), config);
8105
+ config = Object.assign(Object.assign({}, DEFAULT_POPUP_CONFIG_OPTIONS), config);
8081
8106
  await this.loginWithPopup(localOptions, config);
8082
8107
  const cache = await this.cacheManager.get(new CacheKey({
8083
8108
  scope: localOptions.authorizationParams.scope,
@@ -8096,17 +8121,36 @@
8096
8121
  } else {
8097
8122
  delete options.clientId;
8098
8123
  }
8099
- const _ref = options.logoutParams || {}, {federated: federated} = _ref, logoutOptions = _objectWithoutProperties(_ref, _excluded4);
8124
+ const _a = options.logoutParams || {}, {federated: federated} = _a, logoutOptions = __rest(_a, [ "federated" ]);
8100
8125
  const federatedQuery = federated ? "&federated" : "";
8101
- const url = this._url("/v2/logout?".concat(createQueryParams(_objectSpread2({
8126
+ const url = this._url("/v2/logout?".concat(createQueryParams(Object.assign({
8102
8127
  clientId: options.clientId
8103
8128
  }, logoutOptions))));
8104
8129
  return url + federatedQuery;
8105
8130
  }
8131
+ async revokeRefreshToken() {
8132
+ let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
8133
+ if (!this.options.useRefreshTokens) {
8134
+ return;
8135
+ }
8136
+ const audience = options.audience || this.options.authorizationParams.audience;
8137
+ const resolvedAudience = audience || DEFAULT_AUDIENCE;
8138
+ const refreshTokens = await this.cacheManager.getRefreshTokensByAudience(resolvedAudience, this.options.clientId);
8139
+ await revokeToken({
8140
+ baseUrl: this.domainUrl,
8141
+ timeout: this.httpTimeoutMs,
8142
+ auth0Client: this.options.auth0Client,
8143
+ useFormData: this.options.useFormData,
8144
+ client_id: this.options.clientId,
8145
+ refreshTokens: refreshTokens,
8146
+ audience: resolvedAudience,
8147
+ onRefreshTokenRevoked: refreshToken => this.cacheManager.stripRefreshToken(refreshToken)
8148
+ }, this.worker);
8149
+ }
8106
8150
  async logout() {
8107
- var _this$dpop2;
8108
8151
  let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
8109
- const _patchOpenUrlWithOnRe2 = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl} = _patchOpenUrlWithOnRe2, logoutOptions = _objectWithoutProperties(_patchOpenUrlWithOnRe2, _excluded5);
8152
+ var _a;
8153
+ const _b = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl} = _b, logoutOptions = __rest(_b, [ "openUrl" ]);
8110
8154
  if (options.clientId === null) {
8111
8155
  await this.cacheManager.clear();
8112
8156
  } else {
@@ -8119,7 +8163,7 @@
8119
8163
  cookieDomain: this.options.cookieDomain
8120
8164
  });
8121
8165
  this.userCache.remove(CACHE_KEY_ID_TOKEN_SUFFIX);
8122
- await ((_this$dpop2 = this.dpop) === null || _this$dpop2 === void 0 ? void 0 : _this$dpop2.clear());
8166
+ await ((_a = this.dpop) === null || _a === void 0 ? void 0 : _a.clear());
8123
8167
  const url = this._buildLogoutUrl(logoutOptions);
8124
8168
  if (openUrl) {
8125
8169
  await openUrl(url);
@@ -8131,7 +8175,7 @@
8131
8175
  const iframeLockKey = buildIframeLockKey(this.options.clientId);
8132
8176
  try {
8133
8177
  return await this.lockManager.runWithLock(iframeLockKey, 5e3, async () => {
8134
- const params = _objectSpread2(_objectSpread2({}, options.authorizationParams), {}, {
8178
+ const params = Object.assign(Object.assign({}, options.authorizationParams), {
8135
8179
  prompt: "none"
8136
8180
  });
8137
8181
  const orgHint = this.cookieStorage.get(this.orgHintCookieName);
@@ -8148,14 +8192,14 @@
8148
8192
  let eventOrigin;
8149
8193
  try {
8150
8194
  eventOrigin = new URL(this.domainUrl).origin;
8151
- } catch (_unused2) {
8195
+ } catch (_a) {
8152
8196
  eventOrigin = this.domainUrl;
8153
8197
  }
8154
8198
  const codeResult = await runIframe(url, eventOrigin, authorizeTimeout);
8155
8199
  if (stateIn !== codeResult.state) {
8156
8200
  throw new GenericError("state_mismatch", "Invalid state");
8157
8201
  }
8158
- const tokenResult = await this._requestToken(_objectSpread2(_objectSpread2({}, options.authorizationParams), {}, {
8202
+ const tokenResult = await this._requestToken(Object.assign(Object.assign({}, options.authorizationParams), {
8159
8203
  code_verifier: code_verifier,
8160
8204
  code: codeResult.code,
8161
8205
  grant_type: "authorization_code",
@@ -8165,7 +8209,7 @@
8165
8209
  nonceIn: nonceIn,
8166
8210
  organization: params.organization
8167
8211
  });
8168
- return _objectSpread2(_objectSpread2({}, tokenResult), {}, {
8212
+ return Object.assign(Object.assign({}, tokenResult), {
8169
8213
  scope: scope,
8170
8214
  oauthTokenScope: tokenResult.scope,
8171
8215
  audience: audience
@@ -8184,6 +8228,7 @@
8184
8228
  }
8185
8229
  }
8186
8230
  async _getTokenUsingRefreshToken(options) {
8231
+ var _a, _b;
8187
8232
  const cache = await this.cacheManager.get(new CacheKey({
8188
8233
  scope: options.authorizationParams.scope,
8189
8234
  audience: options.authorizationParams.audience || DEFAULT_AUDIENCE,
@@ -8199,16 +8244,16 @@
8199
8244
  const timeout = typeof options.timeoutInSeconds === "number" ? options.timeoutInSeconds * 1e3 : null;
8200
8245
  const scopesToRequest = getScopeToRequest(this.options.useMrrt, options.authorizationParams, cache === null || cache === void 0 ? void 0 : cache.audience, cache === null || cache === void 0 ? void 0 : cache.scope);
8201
8246
  try {
8202
- const tokenResult = await this._requestToken(_objectSpread2(_objectSpread2({}, options.authorizationParams), {}, {
8247
+ const tokenResult = await this._requestToken(Object.assign(Object.assign(Object.assign({}, options.authorizationParams), {
8203
8248
  grant_type: "refresh_token",
8204
8249
  refresh_token: cache && cache.refresh_token,
8205
8250
  redirect_uri: redirect_uri
8206
- }, timeout && {
8251
+ }), timeout && {
8207
8252
  timeout: timeout
8208
8253
  }), {
8209
8254
  scopesToRequest: scopesToRequest
8210
8255
  });
8211
- if (tokenResult.refresh_token && cache !== null && cache !== void 0 && cache.refresh_token) {
8256
+ if (tokenResult.refresh_token && (cache === null || cache === void 0 ? void 0 : cache.refresh_token)) {
8212
8257
  await this.cacheManager.updateEntry(cache.refresh_token, tokenResult.refresh_token);
8213
8258
  }
8214
8259
  if (this.options.useMrrt) {
@@ -8225,7 +8270,7 @@
8225
8270
  }
8226
8271
  }
8227
8272
  }
8228
- return _objectSpread2(_objectSpread2({}, tokenResult), {}, {
8273
+ return Object.assign(Object.assign({}, tokenResult), {
8229
8274
  scope: options.authorizationParams.scope,
8230
8275
  oauthTokenScope: tokenResult.scope,
8231
8276
  audience: options.authorizationParams.audience || DEFAULT_AUDIENCE
@@ -8243,14 +8288,13 @@
8243
8288
  }
8244
8289
  }
8245
8290
  if (e instanceof MfaRequiredError) {
8246
- var _options$authorizatio6, _options$authorizatio7;
8247
- this.mfa.setMFAAuthDetails(e.mfa_token, (_options$authorizatio6 = options.authorizationParams) === null || _options$authorizatio6 === void 0 ? void 0 : _options$authorizatio6.scope, (_options$authorizatio7 = options.authorizationParams) === null || _options$authorizatio7 === void 0 ? void 0 : _options$authorizatio7.audience, e.mfa_requirements);
8291
+ this.mfa.setMFAAuthDetails(e.mfa_token, (_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.scope, (_b = options.authorizationParams) === null || _b === void 0 ? void 0 : _b.audience, e.mfa_requirements);
8248
8292
  }
8249
8293
  throw e;
8250
8294
  }
8251
8295
  }
8252
8296
  async _saveEntryInCache(entry) {
8253
- const {id_token: id_token, decodedToken: decodedToken} = entry, entryWithoutIdToken = _objectWithoutProperties(entry, _excluded6);
8297
+ const {id_token: id_token, decodedToken: decodedToken} = entry, entryWithoutIdToken = __rest(entry, [ "id_token", "decodedToken" ]);
8254
8298
  this.userCache.set(CACHE_KEY_ID_TOKEN_SUFFIX, {
8255
8299
  id_token: id_token,
8256
8300
  decodedToken: decodedToken
@@ -8273,8 +8317,8 @@
8273
8317
  this.userCache.set(CACHE_KEY_ID_TOKEN_SUFFIX, cache);
8274
8318
  return cache;
8275
8319
  }
8276
- async _getEntryFromCache(_ref2) {
8277
- let {scope: scope, audience: audience, clientId: clientId, cacheMode: cacheMode} = _ref2;
8320
+ async _getEntryFromCache(_ref) {
8321
+ let {scope: scope, audience: audience, clientId: clientId, cacheMode: cacheMode} = _ref;
8278
8322
  const entry = await this.cacheManager.get(new CacheKey({
8279
8323
  scope: scope,
8280
8324
  audience: audience,
@@ -8283,20 +8327,21 @@
8283
8327
  if (entry && entry.access_token) {
8284
8328
  const {token_type: token_type, access_token: access_token, oauthTokenScope: oauthTokenScope, expires_in: expires_in} = entry;
8285
8329
  const cache = await this._getIdTokenFromCache();
8286
- return cache && _objectSpread2(_objectSpread2({
8330
+ return cache && Object.assign(Object.assign({
8287
8331
  id_token: cache.id_token,
8288
8332
  token_type: token_type ? token_type : "Bearer",
8289
8333
  access_token: access_token
8290
8334
  }, oauthTokenScope ? {
8291
8335
  scope: oauthTokenScope
8292
- } : null), {}, {
8336
+ } : null), {
8293
8337
  expires_in: expires_in
8294
8338
  });
8295
8339
  }
8296
8340
  }
8297
8341
  async _requestToken(options, additionalParameters) {
8342
+ var _a, _b;
8298
8343
  const {nonceIn: nonceIn, organization: organization, scopesToRequest: scopesToRequest} = additionalParameters || {};
8299
- const authResult = await oauthToken(_objectSpread2(_objectSpread2({
8344
+ const authResult = await oauthToken(Object.assign(Object.assign({
8300
8345
  baseUrl: this.domainUrl,
8301
8346
  client_id: this.options.clientId,
8302
8347
  auth0Client: this.options.auth0Client,
@@ -8304,25 +8349,24 @@
8304
8349
  timeout: this.httpTimeoutMs,
8305
8350
  useMrrt: this.options.useMrrt,
8306
8351
  dpop: this.dpop
8307
- }, options), {}, {
8352
+ }, options), {
8308
8353
  scope: scopesToRequest || options.scope
8309
8354
  }), this.worker);
8310
8355
  const decodedToken = await this._verifyIdToken(authResult.id_token, nonceIn, organization);
8311
8356
  if (options.grant_type === "authorization_code") {
8312
- var _existingIdToken$deco;
8313
8357
  const existingIdToken = await this._getIdTokenFromCache();
8314
- if (existingIdToken !== null && existingIdToken !== void 0 && (_existingIdToken$deco = existingIdToken.decodedToken) !== null && _existingIdToken$deco !== void 0 && (_existingIdToken$deco = _existingIdToken$deco.claims) !== null && _existingIdToken$deco !== void 0 && _existingIdToken$deco.sub && existingIdToken.decodedToken.claims.sub !== decodedToken.claims.sub) {
8358
+ if (((_b = (_a = existingIdToken === null || existingIdToken === void 0 ? void 0 : existingIdToken.decodedToken) === null || _a === void 0 ? void 0 : _a.claims) === null || _b === void 0 ? void 0 : _b.sub) && existingIdToken.decodedToken.claims.sub !== decodedToken.claims.sub) {
8315
8359
  await this.cacheManager.clear(this.options.clientId);
8316
8360
  this.userCache.remove(CACHE_KEY_ID_TOKEN_SUFFIX);
8317
8361
  }
8318
8362
  }
8319
- await this._saveEntryInCache(_objectSpread2(_objectSpread2(_objectSpread2({}, authResult), {}, {
8363
+ await this._saveEntryInCache(Object.assign(Object.assign(Object.assign(Object.assign({}, authResult), {
8320
8364
  decodedToken: decodedToken,
8321
8365
  scope: options.scope,
8322
8366
  audience: options.audience || DEFAULT_AUDIENCE
8323
- }, authResult.scope ? {
8367
+ }), authResult.scope ? {
8324
8368
  oauthTokenScope: authResult.scope
8325
- } : null), {}, {
8369
+ } : null), {
8326
8370
  client_id: this.options.clientId
8327
8371
  }));
8328
8372
  this.cookieStorage.save(this.isAuthenticatedCookieName, true, {
@@ -8330,12 +8374,12 @@
8330
8374
  cookieDomain: this.options.cookieDomain
8331
8375
  });
8332
8376
  this._processOrgHint(organization || decodedToken.claims.org_id);
8333
- return _objectSpread2(_objectSpread2({}, authResult), {}, {
8377
+ return Object.assign(Object.assign({}, authResult), {
8334
8378
  decodedToken: decodedToken
8335
8379
  });
8336
8380
  }
8337
8381
  async loginWithCustomTokenExchange(options) {
8338
- return this._requestToken(_objectSpread2(_objectSpread2({}, options), {}, {
8382
+ return this._requestToken(Object.assign(Object.assign({}, options), {
8339
8383
  grant_type: "urn:ietf:params:oauth:grant-type:token-exchange",
8340
8384
  subject_token: options.subject_token,
8341
8385
  subject_token_type: options.subject_token_type,
@@ -8369,10 +8413,10 @@
8369
8413
  return new Fetcher(config, {
8370
8414
  isDpopEnabled: () => !!this.options.useDpop,
8371
8415
  getAccessToken: authParams => {
8372
- var _authParams$scope;
8416
+ var _a;
8373
8417
  return this.getTokenSilently({
8374
8418
  authorizationParams: {
8375
- scope: authParams === null || authParams === void 0 || (_authParams$scope = authParams.scope) === null || _authParams$scope === void 0 ? void 0 : _authParams$scope.join(" "),
8419
+ scope: (_a = authParams === null || authParams === void 0 ? void 0 : authParams.scope) === null || _a === void 0 ? void 0 : _a.join(" "),
8376
8420
  audience: authParams === null || authParams === void 0 ? void 0 : authParams.audience
8377
8421
  },
8378
8422
  detailedResponse: true
@@ -8408,7 +8452,7 @@
8408
8452
  redirect_uri: redirectUri,
8409
8453
  appState: appState,
8410
8454
  connection: connection,
8411
- response_type: ResponseType.ConnectCode
8455
+ response_type: exports.ResponseType.ConnectCode
8412
8456
  });
8413
8457
  const url = new URL(connect_uri);
8414
8458
  url.searchParams.set("ticket", connect_params.ticket);
@@ -8419,8 +8463,8 @@
8419
8463
  }
8420
8464
  }
8421
8465
  async _requestTokenForMfa(options, additionalParameters) {
8422
- const {mfaToken: mfaToken} = options, restOptions = _objectWithoutProperties(options, _excluded7);
8423
- return this._requestToken(_objectSpread2(_objectSpread2({}, restOptions), {}, {
8466
+ const {mfaToken: mfaToken} = options, restOptions = __rest(options, [ "mfaToken" ]);
8467
+ return this._requestToken(Object.assign(Object.assign({}, restOptions), {
8424
8468
  mfa_token: mfaToken
8425
8469
  }), additionalParameters);
8426
8470
  }
@@ -8450,7 +8494,6 @@
8450
8494
  exports.PopupCancelledError = PopupCancelledError;
8451
8495
  exports.PopupOpenError = PopupOpenError;
8452
8496
  exports.PopupTimeoutError = PopupTimeoutError;
8453
- exports.ResponseType = ResponseType;
8454
8497
  exports.TimeoutError = TimeoutError;
8455
8498
  exports.UseDpopNonceError = UseDpopNonceError;
8456
8499
  exports.User = User;