@auth0/auth0-spa-js 2.18.3 → 2.19.1

package/dist/lib/auth0-spa-js.cjs.js

@@ -4,163 +4,21 @@ Object.defineProperty(exports, "__esModule", {
     value: true
 });
 
-function _OverloadYield(e, d) {
-    this.v = e, this.k = d;
-}
-
-function _assertClassBrand(e, t, n) {
-    if ("function" == typeof e ? e === t : e.has(t)) return arguments.length < 3 ? t : n;
-    throw new TypeError("Private element is not present on this object");
-}
-
-function _awaitAsyncGenerator(e) {
-    return new _OverloadYield(e, 0);
-}
-
-function _checkPrivateRedeclaration(e, t) {
-    if (t.has(e)) throw new TypeError("Cannot initialize the same private elements twice on an object");
-}
-
-function _classPrivateFieldGet2(s, a) {
-    return s.get(_assertClassBrand(s, a));
-}
-
-function _classPrivateFieldInitSpec(e, t, a) {
-    _checkPrivateRedeclaration(e, t), t.set(e, a);
-}
-
-function _classPrivateFieldSet2(s, a, r) {
-    return s.set(_assertClassBrand(s, a), r), r;
-}
-
-function _classPrivateMethodInitSpec(e, a) {
-    _checkPrivateRedeclaration(e, a), a.add(e);
-}
-
-function _defineProperty(e, r, t) {
-    return (r = _toPropertyKey(r)) in e ? Object.defineProperty(e, r, {
-        value: t,
-        enumerable: !0,
-        configurable: !0,
-        writable: !0
-    }) : e[r] = t, e;
-}
-
-function ownKeys(e, r) {
-    var t = Object.keys(e);
-    if (Object.getOwnPropertySymbols) {
-        var o = Object.getOwnPropertySymbols(e);
-        r && (o = o.filter(function(r) {
-            return Object.getOwnPropertyDescriptor(e, r).enumerable;
-        })), t.push.apply(t, o);
-    }
-    return t;
-}
-
-function _objectSpread2(e) {
-    for (var r = 1; r < arguments.length; r++) {
-        var t = null != arguments[r] ? arguments[r] : {};
-        r % 2 ? ownKeys(Object(t), !0).forEach(function(r) {
-            _defineProperty(e, r, t[r]);
-        }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys(Object(t)).forEach(function(r) {
-            Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r));
-        });
-    }
-    return e;
-}
-
-function _objectWithoutProperties(e, t) {
-    if (null == e) return {};
-    var o, r, i = _objectWithoutPropertiesLoose(e, t);
-    if (Object.getOwnPropertySymbols) {
-        var n = Object.getOwnPropertySymbols(e);
-        for (r = 0; r < n.length; r++) o = n[r], -1 === t.indexOf(o) && {}.propertyIsEnumerable.call(e, o) && (i[o] = e[o]);
-    }
-    return i;
-}
-
-function _objectWithoutPropertiesLoose(r, e) {
-    if (null == r) return {};
+function __rest(s, e) {
     var t = {};
-    for (var n in r) if ({}.hasOwnProperty.call(r, n)) {
-        if (-1 !== e.indexOf(n)) continue;
-        t[n] = r[n];
+    for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0) t[p] = s[p];
+    if (s != null && typeof Object.getOwnPropertySymbols === "function") for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
+        if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i])) t[p[i]] = s[p[i]];
     }
     return t;
 }
 
-function _toPrimitive(t, r) {
-    if ("object" != typeof t || !t) return t;
-    var e = t[Symbol.toPrimitive];
-    if (void 0 !== e) {
-        var i = e.call(t, r || "default");
-        if ("object" != typeof i) return i;
-        throw new TypeError("@@toPrimitive must return a primitive value.");
-    }
-    return ("string" === r ? String : Number)(t);
-}
-
-function _toPropertyKey(t) {
-    var i = _toPrimitive(t, "string");
-    return "symbol" == typeof i ? i : i + "";
-}
-
-function _wrapAsyncGenerator(e) {
-    return function() {
-        return new AsyncGenerator(e.apply(this, arguments));
-    };
-}
-
-function AsyncGenerator(e) {
-    var t, n;
-    function resume(t, n) {
-        try {
-            var r = e[t](n), o = r.value, u = o instanceof _OverloadYield;
-            Promise.resolve(u ? o.v : o).then(function(n) {
-                if (u) {
-                    var i = "return" === t && o.k ? t : "next";
-                    if (!o.k || n.done) return resume(i, n);
-                    n = e[i](n).value;
-                }
-                settle(!!r.done, n);
-            }, function(e) {
-                resume("throw", e);
-            });
-        } catch (e) {
-            settle(2, e);
-        }
-    }
-    function settle(e, r) {
-        2 === e ? t.reject(r) : t.resolve({
-            value: r,
-            done: e
-        }), (t = t.next) ? resume(t.key, t.arg) : n = null;
-    }
-    this._invoke = function(e, r) {
-        return new Promise(function(o, u) {
-            var i = {
-                key: e,
-                arg: r,
-                resolve: o,
-                reject: u,
-                next: null
-            };
-            n ? n = n.next = i : (t = n = i, resume(e, r));
-        });
-    }, "function" != typeof e.return && (this.return = void 0);
-}
-
-AsyncGenerator.prototype["function" == typeof Symbol && Symbol.asyncIterator || "@@asyncIterator"] = function() {
-    return this;
-}, AsyncGenerator.prototype.next = function(e) {
-    return this._invoke("next", e);
-}, AsyncGenerator.prototype.throw = function(e) {
-    return this._invoke("throw", e);
-}, AsyncGenerator.prototype.return = function(e) {
-    return this._invoke("return", e);
+typeof SuppressedError === "function" ? SuppressedError : function(error, suppressed, message) {
+    var e = new Error(message);
+    return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
 };
 
-var version = "2.18.3";
+var version = "2.19.1";
 
 const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;
 
@@ -301,8 +159,6 @@ function valueOrEmptyString(value) {
     return value && !exclude.includes(value) ? value : "";
 }
 
-const _excluded$5 = [ "clientId" ];
-
 const parseAuthenticationResult = queryString => {
     if (queryString.indexOf("#") > -1) {
         queryString = queryString.substring(0, queryString.indexOf("#"));
@@ -414,7 +270,7 @@ const createRandomString = () => {
 
 const encode$2 = value => btoa(value);
 
-const stripUndefined = params => Object.keys(params).filter(k => typeof params[k] !== "undefined").reduce((acc, key) => _objectSpread2(_objectSpread2({}, acc), {}, {
+const stripUndefined = params => Object.keys(params).filter(k => typeof params[k] !== "undefined").reduce((acc, key) => Object.assign(Object.assign({}, acc), {
     [key]: params[key]
 }), {});
 
@@ -443,9 +299,9 @@ const stripAuth0Client = function stripAuth0Client(auth0Client) {
     }, {});
 };
 
-const createQueryParams = _ref => {
-    let {clientId: client_id} = _ref, params = _objectWithoutProperties(_ref, _excluded$5);
-    return new URLSearchParams(stripUndefined(_objectSpread2({
+const createQueryParams = _a => {
+    var {clientId: client_id} = _a, params = __rest(_a, [ "clientId" ]);
+    return new URLSearchParams(stripUndefined(Object.assign({
         client_id: client_id
     }, params))).toString();
 };
@@ -505,8 +361,8 @@ const parseNumber = value => {
     return parseInt(value, 10) || undefined;
 };
 
-const fromEntries = iterable => [ ...iterable ].reduce((obj, _ref2) => {
-    let [key, val] = _ref2;
+const fromEntries = iterable => [ ...iterable ].reduce((obj, _ref) => {
+    let [key, val] = _ref;
     obj[key] = val;
     return obj;
 }, {});
@@ -1067,9 +923,7 @@ class WebLocksApiManager {
 
 class LegacyLockManager {
     constructor() {
-        _defineProperty(this, "lock", void 0);
-        _defineProperty(this, "activeLocks", new Set);
-        _defineProperty(this, "pagehideHandler", void 0);
+        this.activeLocks = new Set;
         this.lock = new _default;
         this.pagehideHandler = () => {
             this.activeLocks.forEach(key => this.lock.releaseLock(key));
@@ -1102,8 +956,8 @@ class LegacyLockManager {
 }
 
 function isWebLocksSupported() {
-    var _navigator$locks;
-    return typeof navigator !== "undefined" && typeof ((_navigator$locks = navigator.locks) === null || _navigator$locks === void 0 ? void 0 : _navigator$locks.request) === "function";
+    var _a;
+    return typeof navigator !== "undefined" && typeof ((_a = navigator.locks) === null || _a === void 0 ? void 0 : _a.request) === "function";
 }
 
 function createLockManager() {
@@ -1473,24 +1327,13 @@ const sendMessage = (message, to) => new Promise(function(resolve, reject) {
     to.postMessage(message, [ messageChannel.port2 ]);
 });
 
-const _excluded$4 = [ "error", "error_description" ];
-
 const createAbortController = () => new AbortController;
 
-const dofetch = async (fetchUrl, fetchOptions) => {
-    const response = await fetch(fetchUrl, fetchOptions);
-    return {
-        ok: response.ok,
-        json: await response.json(),
-        headers: fromEntries(response.headers)
-    };
-};
-
-const fetchWithoutWorker = async (fetchUrl, fetchOptions, timeout) => {
+const fetchWithTimeout = (fetchUrl, fetchOptions, timeout) => {
     const controller = createAbortController();
     fetchOptions.signal = controller.signal;
     let timeoutId;
-    return Promise.race([ dofetch(fetchUrl, fetchOptions), new Promise((_, reject) => {
+    return Promise.race([ fetch(fetchUrl, fetchOptions), new Promise((_, reject) => {
         timeoutId = setTimeout(() => {
             controller.abort();
             reject(new Error("Timeout when executing 'fetch'"));
@@ -1500,7 +1343,17 @@ const fetchWithoutWorker = async (fetchUrl, fetchOptions, timeout) => {
     });
 };
 
+const fetchWithoutWorker = async (fetchUrl, fetchOptions, timeout) => {
+    const response = await fetchWithTimeout(fetchUrl, fetchOptions, timeout);
+    return {
+        ok: response.ok,
+        json: await response.json(),
+        headers: fromEntries(response.headers)
+    };
+};
+
 const fetchWithWorker = async (fetchUrl, audience, scope, fetchOptions, timeout, worker, useFormData, useMrrt) => sendMessage({
+    type: "refresh",
     auth: {
         audience: audience,
         scope: scope
@@ -1529,7 +1382,7 @@ async function getJSON(url, timeout, audience, scope, options, worker, useFormDa
             method: options.method || "GET",
             nonce: await dpop.getNonce()
         });
-        options.headers = _objectSpread2(_objectSpread2({}, options.headers), {}, {
+        options.headers = Object.assign(Object.assign({}, options.headers), {
             dpop: dpopProof
         });
     }
@@ -1547,7 +1400,7 @@ async function getJSON(url, timeout, audience, scope, options, worker, useFormDa
     if (fetchError) {
         throw fetchError;
     }
-    const {json: {error: error, error_description: error_description}, headers: headers, ok: ok} = response, data = _objectWithoutProperties(response.json, _excluded$4);
+    const _a = response.json, {error: error, error_description: error_description} = _a, data = __rest(_a, [ "error", "error_description" ]), {headers: headers, ok: ok} = response;
     let newDpopNonce;
     if (dpop) {
         newDpopNonce = headers[DPOP_NONCE_HEADER];
@@ -1574,13 +1427,11 @@ async function getJSON(url, timeout, audience, scope, options, worker, useFormDa
     return data;
 }
 
-const _excluded$3 = [ "baseUrl", "timeout", "audience", "scope", "auth0Client", "useFormData", "useMrrt", "dpop" ];
-
-async function oauthToken(_ref, worker) {
-    let {baseUrl: baseUrl, timeout: timeout, audience: audience, scope: scope, auth0Client: auth0Client, useFormData: useFormData, useMrrt: useMrrt, dpop: dpop} = _ref, options = _objectWithoutProperties(_ref, _excluded$3);
+async function oauthToken(_a, worker) {
+    var {baseUrl: baseUrl, timeout: timeout, audience: audience, scope: scope, auth0Client: auth0Client, useFormData: useFormData, useMrrt: useMrrt, dpop: dpop} = _a, options = __rest(_a, [ "baseUrl", "timeout", "audience", "scope", "auth0Client", "useFormData", "useMrrt", "dpop" ]);
     const isTokenExchange = options.grant_type === "urn:ietf:params:oauth:grant-type:token-exchange";
     const refreshWithMrrt = options.grant_type === "refresh_token" && useMrrt;
-    const allParams = _objectSpread2(_objectSpread2(_objectSpread2(_objectSpread2({}, options), isTokenExchange && audience && {
+    const allParams = Object.assign(Object.assign(Object.assign(Object.assign({}, options), isTokenExchange && audience && {
         audience: audience
     }), isTokenExchange && scope && {
         scope: scope
@@ -1600,6 +1451,64 @@ async function oauthToken(_ref, worker) {
     }, worker, useFormData, useMrrt, isDpopSupported ? dpop : undefined);
 }
 
+async function revokeToken(_ref, worker) {
+    let {baseUrl: baseUrl, timeout: timeout, auth0Client: auth0Client, useFormData: useFormData, refreshTokens: refreshTokens, audience: audience, client_id: client_id, onRefreshTokenRevoked: onRefreshTokenRevoked} = _ref;
+    const resolvedTimeout = timeout || DEFAULT_FETCH_TIMEOUT_MS;
+    const token_type_hint = "refresh_token";
+    const fetchUrl = "".concat(baseUrl, "/oauth/revoke");
+    const headers = {
+        "Content-Type": useFormData ? "application/x-www-form-urlencoded" : "application/json",
+        "Auth0-Client": btoa(JSON.stringify(stripAuth0Client(auth0Client || DEFAULT_AUTH0_CLIENT)))
+    };
+    if (worker) {
+        const baseParams = {
+            client_id: client_id,
+            token_type_hint: token_type_hint
+        };
+        const body = useFormData ? createQueryParams(baseParams) : JSON.stringify(baseParams);
+        try {
+            return await sendMessage({
+                type: "revoke",
+                timeout: resolvedTimeout,
+                fetchUrl: fetchUrl,
+                fetchOptions: {
+                    method: "POST",
+                    body: body,
+                    headers: headers
+                },
+                useFormData: useFormData,
+                auth: {
+                    audience: audience !== null && audience !== void 0 ? audience : DEFAULT_AUDIENCE
+                }
+            }, worker);
+        } catch (e) {
+            throw new GenericError("revoke_error", e.message);
+        }
+    }
+    for (const refreshToken of refreshTokens) {
+        const params = {
+            client_id: client_id,
+            token_type_hint: token_type_hint,
+            token: refreshToken
+        };
+        const body = useFormData ? createQueryParams(params) : JSON.stringify(params);
+        const response = await fetchWithTimeout(fetchUrl, {
+            method: "POST",
+            body: body,
+            headers: headers
+        }, resolvedTimeout);
+        if (!response.ok) {
+            let error;
+            let errorDescription;
+            try {
+                ({error: error, error_description: errorDescription} = JSON.parse(await response.text()));
+            } catch (_a) {}
+            throw new GenericError(error || "revoke_error", errorDescription || "HTTP error ".concat(response.status));
+        }
+        await (onRefreshTokenRevoked === null || onRefreshTokenRevoked === void 0 ? void 0 : onRefreshTokenRevoked(refreshToken));
+    }
+}
+
 const dedupe = arr => Array.from(new Set(arr));
 
 const getUniqueScopes = function getUniqueScopes() {
@@ -1649,9 +1558,6 @@ class CacheKey {
         let suffix = arguments.length > 2 ? arguments[2] : undefined;
         this.prefix = prefix;
         this.suffix = suffix;
-        _defineProperty(this, "clientId", void 0);
-        _defineProperty(this, "scope", void 0);
-        _defineProperty(this, "audience", void 0);
         this.clientId = data.clientId;
         this.scope = data.scope;
         this.audience = data.audience;
@@ -1701,7 +1607,7 @@ class LocalStorageCache {
 
 class InMemoryCache {
     constructor() {
-        _defineProperty(this, "enclosedCache", function() {
+        this.enclosedCache = function() {
             let cache = {};
             return {
                 set(key, entry) {
@@ -1721,7 +1627,7 @@ class InMemoryCache {
                     return Object.keys(cache);
                 }
             };
-        }());
+        }();
     }
 }
 
@@ -1731,17 +1637,16 @@ class CacheManager {
     constructor(cache, keyManifest, nowProvider) {
         this.cache = cache;
         this.keyManifest = keyManifest;
-        _defineProperty(this, "nowProvider", void 0);
         this.nowProvider = nowProvider || DEFAULT_NOW_PROVIDER;
     }
     async setIdToken(clientId, idToken, decodedToken) {
-        var _this$keyManifest;
+        var _a;
         const cacheKey = this.getIdTokenCacheKey(clientId);
         await this.cache.set(cacheKey, {
             id_token: idToken,
             decodedToken: decodedToken
         });
-        await ((_this$keyManifest = this.keyManifest) === null || _this$keyManifest === void 0 ? void 0 : _this$keyManifest.add(cacheKey));
+        await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.add(cacheKey));
     }
     async getIdToken(cacheKey) {
         const entry = await this.cache.get(this.getIdTokenCacheKey(cacheKey.clientId));
@@ -1770,13 +1675,16 @@ class CacheManager {
         let expiryAdjustmentSeconds = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : DEFAULT_EXPIRY_ADJUSTMENT_SECONDS;
         let useMrrt = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : false;
         let cacheMode = arguments.length > 3 ? arguments[3] : undefined;
+        var _a;
         let wrappedEntry = await this.cache.get(cacheKey.toKey());
+        let resolvedCacheKey = cacheKey;
         if (!wrappedEntry) {
             const keys = await this.getCacheKeys();
             if (!keys) return;
             const matchedKey = this.matchExistingCacheKey(cacheKey, keys);
             if (matchedKey) {
                 wrappedEntry = await this.cache.get(matchedKey);
+                resolvedCacheKey = CacheKey.fromKey(matchedKey);
             }
             if (!wrappedEntry && useMrrt && cacheMode !== "cache-only") {
                 return this.getEntryWithRefreshToken(cacheKey, keys);
@@ -1788,31 +1696,34 @@ class CacheManager {
         const now = await this.nowProvider();
         const nowSeconds = Math.floor(now / 1e3);
         if (wrappedEntry.expiresAt - expiryAdjustmentSeconds < nowSeconds) {
-            var _this$keyManifest2;
             if (wrappedEntry.body.refresh_token) {
-                return this.modifiedCachedEntry(wrappedEntry, cacheKey);
+                return this.modifiedCachedEntry(wrappedEntry, resolvedCacheKey);
             }
-            await this.cache.remove(cacheKey.toKey());
-            await ((_this$keyManifest2 = this.keyManifest) === null || _this$keyManifest2 === void 0 ? void 0 : _this$keyManifest2.remove(cacheKey.toKey()));
+            await this.cache.remove(resolvedCacheKey.toKey());
+            await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.remove(resolvedCacheKey.toKey()));
             return;
         }
         return wrappedEntry.body;
     }
     async modifiedCachedEntry(wrappedEntry, cacheKey) {
-        wrappedEntry.body = {
+        const strippedBody = {
             refresh_token: wrappedEntry.body.refresh_token,
             audience: wrappedEntry.body.audience,
             scope: wrappedEntry.body.scope
         };
-        await this.cache.set(cacheKey.toKey(), wrappedEntry);
+        const strippedEntry = {
+            body: strippedBody,
+            expiresAt: wrappedEntry.expiresAt
+        };
+        await this.cache.set(cacheKey.toKey(), strippedEntry);
         return {
-            refresh_token: wrappedEntry.body.refresh_token,
-            audience: wrappedEntry.body.audience,
-            scope: wrappedEntry.body.scope
+            refresh_token: strippedBody.refresh_token,
+            audience: strippedBody.audience,
+            scope: strippedBody.scope
         };
     }
     async set(entry) {
-        var _this$keyManifest3;
+        var _a;
         const cacheKey = new CacheKey({
             clientId: entry.client_id,
             scope: entry.scope,
@@ -1820,7 +1731,7 @@ class CacheManager {
         });
         const wrappedEntry = await this.wrapCacheEntry(entry);
         await this.cache.set(cacheKey.toKey(), wrappedEntry);
-        await ((_this$keyManifest3 = this.keyManifest) === null || _this$keyManifest3 === void 0 ? void 0 : _this$keyManifest3.add(cacheKey.toKey()));
+        await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.add(cacheKey.toKey()));
     }
     async remove(client_id, audience, scope) {
         const cacheKey = new CacheKey({
@@ -1830,15 +1741,27 @@ class CacheManager {
         });
         await this.cache.remove(cacheKey.toKey());
     }
+    async stripRefreshToken(refreshToken) {
+        var _a;
+        const keys = await this.getCacheKeys();
+        if (!keys) return;
+        for (const key of keys) {
+            const entry = await this.cache.get(key);
+            if (((_a = entry === null || entry === void 0 ? void 0 : entry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) === refreshToken) {
+                delete entry.body.refresh_token;
+                await this.cache.set(key, entry);
+            }
+        }
+    }
     async clear(clientId) {
-        var _this$keyManifest4;
+        var _a;
         const keys = await this.getCacheKeys();
         if (!keys) return;
         await keys.filter(key => clientId ? key.includes(clientId) : true).reduce(async (memo, key) => {
             await memo;
             await this.cache.remove(key);
         }, Promise.resolve());
-        await ((_this$keyManifest4 = this.keyManifest) === null || _this$keyManifest4 === void 0 ? void 0 : _this$keyManifest4.clear());
+        await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.clear());
     }
     async wrapCacheEntry(entry) {
         const now = await this.nowProvider();
@@ -1849,9 +1772,9 @@ class CacheManager {
         };
     }
     async getCacheKeys() {
+        var _a;
         if (this.keyManifest) {
-            var _await$this$keyManife;
-            return (_await$this$keyManife = await this.keyManifest.get()) === null || _await$this$keyManife === void 0 ? void 0 : _await$this$keyManife.keys;
+            return (_a = await this.keyManifest.get()) === null || _a === void 0 ? void 0 : _a.keys;
         } else if (this.cache.allKeys) {
             return this.cache.allKeys();
         }
@@ -1863,34 +1786,54 @@ class CacheManager {
     }
     matchExistingCacheKey(keyToMatch, allKeys) {
         return allKeys.filter(key => {
-            var _keyToMatch$scope;
+            var _a;
             const cacheKey = CacheKey.fromKey(key);
             const scopeSet = new Set(cacheKey.scope && cacheKey.scope.split(" "));
-            const scopesToMatch = ((_keyToMatch$scope = keyToMatch.scope) === null || _keyToMatch$scope === void 0 ? void 0 : _keyToMatch$scope.split(" ")) || [];
+            const scopesToMatch = ((_a = keyToMatch.scope) === null || _a === void 0 ? void 0 : _a.split(" ")) || [];
             const hasAllScopes = cacheKey.scope && scopesToMatch.reduce((acc, current) => acc && scopeSet.has(current), true);
             return cacheKey.prefix === CACHE_KEY_PREFIX && cacheKey.clientId === keyToMatch.clientId && cacheKey.audience === keyToMatch.audience && hasAllScopes;
         })[0];
     }
     async getEntryWithRefreshToken(keyToMatch, allKeys) {
+        var _a;
         for (const key of allKeys) {
             const cacheKey = CacheKey.fromKey(key);
             if (cacheKey.prefix === CACHE_KEY_PREFIX && cacheKey.clientId === keyToMatch.clientId) {
-                var _cachedEntry$body;
                 const cachedEntry = await this.cache.get(key);
-                if (cachedEntry !== null && cachedEntry !== void 0 && (_cachedEntry$body = cachedEntry.body) !== null && _cachedEntry$body !== void 0 && _cachedEntry$body.refresh_token) {
-                    return this.modifiedCachedEntry(cachedEntry, keyToMatch);
+                if ((_a = cachedEntry === null || cachedEntry === void 0 ? void 0 : cachedEntry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) {
+                    return {
+                        refresh_token: cachedEntry.body.refresh_token,
+                        audience: cachedEntry.body.audience,
+                        scope: cachedEntry.body.scope
+                    };
                 }
             }
         }
         return undefined;
     }
+    async getRefreshTokensByAudience(audience, clientId) {
+        var _a;
+        const keys = await this.getCacheKeys();
+        if (!keys) return [];
+        const tokens = new Set;
+        for (const key of keys) {
+            const cacheKey = CacheKey.fromKey(key);
+            if (cacheKey.prefix === CACHE_KEY_PREFIX && cacheKey.clientId === clientId && cacheKey.audience === audience) {
+                const entry = await this.cache.get(key);
+                if ((_a = entry === null || entry === void 0 ? void 0 : entry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) {
+                    tokens.add(entry.body.refresh_token);
+                }
+            }
+        }
+        return Array.from(tokens);
+    }
     async updateEntry(oldRefreshToken, newRefreshToken) {
+        var _a;
         const allKeys = await this.getCacheKeys();
         if (!allKeys) return;
         for (const key of allKeys) {
-            var _entry$body;
             const entry = await this.cache.get(key);
-            if ((entry === null || entry === void 0 || (_entry$body = entry.body) === null || _entry$body === void 0 ? void 0 : _entry$body.refresh_token) === oldRefreshToken) {
+            if (((_a = entry === null || entry === void 0 ? void 0 : entry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) === oldRefreshToken) {
                 entry.body.refresh_token = newRefreshToken;
                 await this.cache.set(key, entry);
             }
@@ -1905,7 +1848,6 @@ class TransactionManager {
         this.storage = storage;
         this.clientId = clientId;
         this.cookieDomain = cookieDomain;
-        _defineProperty(this, "storageKey", void 0);
         this.storageKey = "".concat(TRANSACTION_STORAGE_KEY_PREFIX, ".").concat(this.clientId);
     }
     create(transaction) {
@@ -2146,17 +2088,17 @@ const CookieStorage = {
                 sameSite: "none"
             };
         }
-        if (options !== null && options !== void 0 && options.daysUntilExpire) {
+        if (options === null || options === void 0 ? void 0 : options.daysUntilExpire) {
             cookieAttributes.expires = options.daysUntilExpire;
         }
-        if (options !== null && options !== void 0 && options.cookieDomain) {
+        if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
             cookieAttributes.domain = options.cookieDomain;
         }
         set_1(key, JSON.stringify(value), cookieAttributes);
     },
     remove(key, options) {
         let cookieAttributes = {};
-        if (options !== null && options !== void 0 && options.cookieDomain) {
+        if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
             cookieAttributes.domain = options.cookieDomain;
         }
         remove_1(key, cookieAttributes);
@@ -2180,10 +2122,10 @@ const CookieStorageWithLegacySameSite = {
                 secure: true
             };
         }
-        if (options !== null && options !== void 0 && options.daysUntilExpire) {
+        if (options === null || options === void 0 ? void 0 : options.daysUntilExpire) {
             cookieAttributes.expires = options.daysUntilExpire;
         }
-        if (options !== null && options !== void 0 && options.cookieDomain) {
+        if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
             cookieAttributes.domain = options.cookieDomain;
         }
         set_1("".concat(LEGACY_PREFIX).concat(key), JSON.stringify(value), cookieAttributes);
@@ -2191,7 +2133,7 @@ const CookieStorageWithLegacySameSite = {
     },
     remove(key, options) {
         let cookieAttributes = {};
-        if (options !== null && options !== void 0 && options.cookieDomain) {
+        if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
             cookieAttributes.domain = options.cookieDomain;
         }
         remove_1(key, cookieAttributes);
@@ -2219,36 +2161,14 @@ const SessionStorage = {
     }
 };
 
-let ResponseType = function(ResponseType) {
+exports.ResponseType = void 0;
+
+(function(ResponseType) {
     ResponseType["Code"] = "code";
     ResponseType["ConnectCode"] = "connect_code";
-    return ResponseType;
-}({});
+})(exports.ResponseType || (exports.ResponseType = {}));
 
-class User {
-    constructor() {
-        _defineProperty(this, "name", void 0);
-        _defineProperty(this, "given_name", void 0);
-        _defineProperty(this, "family_name", void 0);
-        _defineProperty(this, "middle_name", void 0);
-        _defineProperty(this, "nickname", void 0);
-        _defineProperty(this, "preferred_username", void 0);
-        _defineProperty(this, "profile", void 0);
-        _defineProperty(this, "picture", void 0);
-        _defineProperty(this, "website", void 0);
-        _defineProperty(this, "email", void 0);
-        _defineProperty(this, "email_verified", void 0);
-        _defineProperty(this, "gender", void 0);
-        _defineProperty(this, "birthdate", void 0);
-        _defineProperty(this, "zoneinfo", void 0);
-        _defineProperty(this, "locale", void 0);
-        _defineProperty(this, "phone_number", void 0);
-        _defineProperty(this, "phone_number_verified", void 0);
-        _defineProperty(this, "address", void 0);
-        _defineProperty(this, "updated_at", void 0);
-        _defineProperty(this, "sub", void 0);
-    }
-}
+class User {}
 
 function decodeBase64$1(base64, enableUnicode) {
     var binaryString = atob(base64);
@@ -2282,7 +2202,7 @@ function createBase64WorkerFactory(base64, sourcemapArg, enableUnicodeArg) {
     };
 }
 
-var WorkerFactory = createBase64WorkerFactory("Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwooZnVuY3Rpb24oKSB7CiAgICAidXNlIHN0cmljdCI7CiAgICBmdW5jdGlvbiBfZGVmaW5lUHJvcGVydHkoZSwgciwgdCkgewogICAgICAgIHJldHVybiAociA9IF90b1Byb3BlcnR5S2V5KHIpKSBpbiBlID8gT2JqZWN0LmRlZmluZVByb3BlcnR5KGUsIHIsIHsKICAgICAgICAgICAgdmFsdWU6IHQsCiAgICAgICAgICAgIGVudW1lcmFibGU6ICEwLAogICAgICAgICAgICBjb25maWd1cmFibGU6ICEwLAogICAgICAgICAgICB3cml0YWJsZTogITAKICAgICAgICB9KSA6IGVbcl0gPSB0LCBlOwogICAgfQogICAgZnVuY3Rpb24gb3duS2V5cyhlLCByKSB7CiAgICAgICAgdmFyIHQgPSBPYmplY3Qua2V5cyhlKTsKICAgICAgICBpZiAoT2JqZWN0LmdldE93blByb3BlcnR5U3ltYm9scykgewogICAgICAgICAgICB2YXIgbyA9IE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMoZSk7CiAgICAgICAgICAgIHIgJiYgKG8gPSBvLmZpbHRlcihmdW5jdGlvbihyKSB7CiAgICAgICAgICAgICAgICByZXR1cm4gT2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcihlLCByKS5lbnVtZXJhYmxlOwogICAgICAgICAgICB9KSksIHQucHVzaC5hcHBseSh0LCBvKTsKICAgICAgICB9CiAgICAgICAgcmV0dXJuIHQ7CiAgICB9CiAgICBmdW5jdGlvbiBfb2JqZWN0U3ByZWFkMihlKSB7CiAgICAgICAgZm9yICh2YXIgciA9IDE7IHIgPCBhcmd1bWVudHMubGVuZ3RoOyByKyspIHsKICAgICAgICAgICAgdmFyIHQgPSBudWxsICE9IGFyZ3VtZW50c1tyXSA/IGFyZ3VtZW50c1tyXSA6IHt9OwogICAgICAgICAgICByICUgMiA/IG93bktleXMoT2JqZWN0KHQpLCAhMCkuZm9yRWFjaChmdW5jdGlvbihyKSB7CiAgICAgICAgICAgICAgICBfZGVmaW5lUHJvcGVydHkoZSwgciwgdFtyXSk7CiAgICAgICAgICAgIH0pIDogT2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcnMgPyBPYmplY3QuZGVmaW5lUHJvcGVydGllcyhlLCBPYmplY3QuZ2V0T3duUHJvcGVydHlEZXNjcmlwdG9ycyh0KSkgOiBvd25LZXlzKE9iamVjdCh0KSkuZm9yRWFjaChmdW5jdGlvbihyKSB7CiAgICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoZSwgciwgT2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcih0LCByKSk7CiAgICAgICAgICAgIH0pOwogICAgICAgIH0KICAgICAgICByZXR1cm4gZTsKICAgIH0KICAgIGZ1bmN0aW9uIF9vYmplY3RXaXRob3V0UHJvcGVydGllcyhlLCB0KSB7CiAgICAgICAgaWYgKG51bGwgPT0gZSkgcmV0dXJuIHt9OwogICAgICAgIHZhciBvLCByLCBpID0gX29iamVjdFdpdGhvdXRQcm9wZXJ0aWVzTG9vc2UoZSwgdCk7CiAgICAgICAgaWYgKE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMpIHsKICAgICAgICAgICAgdmFyIG4gPSBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzKGUpOwogICAgICAgICAgICBmb3IgKHIgPSAwOyByIDwgbi5sZW5ndGg7IHIrKykgbyA9IG5bcl0sIC0xID09PSB0LmluZGV4T2YobykgJiYge30ucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChlLCBvKSAmJiAoaVtvXSA9IGVbb10pOwogICAgICAgIH0KICAgICAgICByZXR1cm4gaTsKICAgIH0KICAgIGZ1bmN0aW9uIF9vYmplY3RXaXRob3V0UHJvcGVydGllc0xvb3NlKHIsIGUpIHsKICAgICAgICBpZiAobnVsbCA9PSByKSByZXR1cm4ge307CiAgICAgICAgdmFyIHQgPSB7fTsKICAgICAgICBmb3IgKHZhciBuIGluIHIpIGlmICh7fS5oYXNPd25Qcm9wZXJ0eS5jYWxsKHIsIG4pKSB7CiAgICAgICAgICAgIGlmICgtMSAhPT0gZS5pbmRleE9mKG4pKSBjb250aW51ZTsKICAgICAgICAgICAgdFtuXSA9IHJbbl07CiAgICAgICAgfQogICAgICAgIHJldHVybiB0OwogICAgfQogICAgZnVuY3Rpb24gX3RvUHJpbWl0aXZlKHQsIHIpIHsKICAgICAgICBpZiAoIm9iamVjdCIgIT0gdHlwZW9mIHQgfHwgIXQpIHJldHVybiB0OwogICAgICAgIHZhciBlID0gdFtTeW1ib2wudG9QcmltaXRpdmVdOwogICAgICAgIGlmICh2b2lkIDAgIT09IGUpIHsKICAgICAgICAgICAgdmFyIGkgPSBlLmNhbGwodCwgciB8fCAiZGVmYXVsdCIpOwogICAgICAgICAgICBpZiAoIm9iamVjdCIgIT0gdHlwZW9mIGkpIHJldHVybiBpOwogICAgICAgICAgICB0aHJvdyBuZXcgVHlwZUVycm9yKCJAQHRvUHJpbWl0aXZlIG11c3QgcmV0dXJuIGEgcHJpbWl0aXZlIHZhbHVlLiIpOwogICAgICAgIH0KICAgICAgICByZXR1cm4gKCJzdHJpbmciID09PSByID8gU3RyaW5nIDogTnVtYmVyKSh0KTsKICAgIH0KICAgIGZ1bmN0aW9uIF90b1Byb3BlcnR5S2V5KHQpIHsKICAgICAgICB2YXIgaSA9IF90b1ByaW1pdGl2ZSh0LCAic3RyaW5nIik7CiAgICAgICAgcmV0dXJuICJzeW1ib2wiID09IHR5cGVvZiBpID8gaSA6IGkgKyAiIjsKICAgIH0KICAgIGNsYXNzIEdlbmVyaWNFcnJvciBleHRlbmRzIEVycm9yIHsKICAgICAgICBjb25zdHJ1Y3RvcihlcnJvciwgZXJyb3JfZGVzY3JpcHRpb24pIHsKICAgICAgICAgICAgc3VwZXIoZXJyb3JfZGVzY3JpcHRpb24pOwogICAgICAgICAgICB0aGlzLmVycm9yID0gZXJyb3I7CiAgICAgICAgICAgIHRoaXMuZXJyb3JfZGVzY3JpcHRpb24gPSBlcnJvcl9kZXNjcmlwdGlvbjsKICAgICAgICAgICAgT2JqZWN0LnNldFByb3RvdHlwZU9mKHRoaXMsIEdlbmVyaWNFcnJvci5wcm90b3R5cGUpOwogICAgICAgIH0KICAgICAgICBzdGF0aWMgZnJvbVBheWxvYWQoX3JlZikgewogICAgICAgICAgICBsZXQge2Vycm9yOiBlcnJvciwgZXJyb3JfZGVzY3JpcHRpb246IGVycm9yX2Rlc2NyaXB0aW9ufSA9IF9yZWY7CiAgICAgICAgICAgIHJldHVybiBuZXcgR2VuZXJpY0Vycm9yKGVycm9yLCBlcnJvcl9kZXNjcmlwdGlvbik7CiAgICAgICAgfQogICAgfQogICAgY2xhc3MgTWlzc2luZ1JlZnJlc2hUb2tlbkVycm9yIGV4dGVuZHMgR2VuZXJpY0Vycm9yIHsKICAgICAgICBjb25zdHJ1Y3RvcihhdWRpZW5jZSwgc2NvcGUpIHsKICAgICAgICAgICAgc3VwZXIoIm1pc3NpbmdfcmVmcmVzaF90b2tlbiIsICJNaXNzaW5nIFJlZnJlc2ggVG9rZW4gKGF1ZGllbmNlOiAnIi5jb25jYXQodmFsdWVPckVtcHR5U3RyaW5nKGF1ZGllbmNlLCBbICJkZWZhdWx0IiBdKSwgIicsIHNjb3BlOiAnIikuY29uY2F0KHZhbHVlT3JFbXB0eVN0cmluZyhzY29wZSksICInKSIpKTsKICAgICAgICAgICAgdGhpcy5hdWRpZW5jZSA9IGF1ZGllbmNlOwogICAgICAgICAgICB0aGlzLnNjb3BlID0gc2NvcGU7CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICB9CiAgICBmdW5jdGlvbiB2YWx1ZU9yRW1wdHlTdHJpbmcodmFsdWUpIHsKICAgICAgICBsZXQgZXhjbHVkZSA9IGFyZ3VtZW50cy5sZW5ndGggPiAxICYmIGFyZ3VtZW50c1sxXSAhPT0gdW5kZWZpbmVkID8gYXJndW1lbnRzWzFdIDogW107CiAgICAgICAgcmV0dXJuIHZhbHVlICYmICFleGNsdWRlLmluY2x1ZGVzKHZhbHVlKSA/IHZhbHVlIDogIiI7CiAgICB9CiAgICBjb25zdCBfZXhjbHVkZWQgPSBbICJjbGllbnRJZCIgXTsKICAgIGNvbnN0IHN0cmlwVW5kZWZpbmVkID0gcGFyYW1zID0+IE9iamVjdC5rZXlzKHBhcmFtcykuZmlsdGVyKGsgPT4gdHlwZW9mIHBhcmFtc1trXSAhPT0gInVuZGVmaW5lZCIpLnJlZHVjZSgoYWNjLCBrZXkpID0+IF9vYmplY3RTcHJlYWQyKF9vYmplY3RTcHJlYWQyKHt9LCBhY2MpLCB7fSwgewogICAgICAgIFtrZXldOiBwYXJhbXNba2V5XQogICAgfSksIHt9KTsKICAgIGNvbnN0IGNyZWF0ZVF1ZXJ5UGFyYW1zID0gX3JlZiA9PiB7CiAgICAgICAgbGV0IHtjbGllbnRJZDogY2xpZW50X2lkfSA9IF9yZWYsIHBhcmFtcyA9IF9vYmplY3RXaXRob3V0UHJvcGVydGllcyhfcmVmLCBfZXhjbHVkZWQpOwogICAgICAgIHJldHVybiBuZXcgVVJMU2VhcmNoUGFyYW1zKHN0cmlwVW5kZWZpbmVkKF9vYmplY3RTcHJlYWQyKHsKICAgICAgICAgICAgY2xpZW50X2lkOiBjbGllbnRfaWQKICAgICAgICB9LCBwYXJhbXMpKSkudG9TdHJpbmcoKTsKICAgIH07CiAgICBjb25zdCBmcm9tRW50cmllcyA9IGl0ZXJhYmxlID0+IFsgLi4uaXRlcmFibGUgXS5yZWR1Y2UoKG9iaiwgX3JlZjIpID0+IHsKICAgICAgICBsZXQgW2tleSwgdmFsXSA9IF9yZWYyOwogICAgICAgIG9ialtrZXldID0gdmFsOwogICAgICAgIHJldHVybiBvYmo7CiAgICB9LCB7fSk7CiAgICBsZXQgcmVmcmVzaFRva2VucyA9IHt9OwogICAgbGV0IGFsbG93ZWRCYXNlVXJsID0gbnVsbDsKICAgIGNvbnN0IGNhY2hlS2V5ID0gKGF1ZGllbmNlLCBzY29wZSkgPT4gIiIuY29uY2F0KGF1ZGllbmNlLCAifCIpLmNvbmNhdChzY29wZSk7CiAgICBjb25zdCBjYWNoZUtleUNvbnRhaW5zQXVkaWVuY2UgPSAoYXVkaWVuY2UsIGNhY2hlS2V5KSA9PiBjYWNoZUtleS5zdGFydHNXaXRoKCIiLmNvbmNhdChhdWRpZW5jZSwgInwiKSk7CiAgICBjb25zdCBnZXRSZWZyZXNoVG9rZW4gPSAoYXVkaWVuY2UsIHNjb3BlKSA9PiByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldOwogICAgY29uc3Qgc2V0UmVmcmVzaFRva2VuID0gKHJlZnJlc2hUb2tlbiwgYXVkaWVuY2UsIHNjb3BlKSA9PiByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldID0gcmVmcmVzaFRva2VuOwogICAgY29uc3QgZGVsZXRlUmVmcmVzaFRva2VuID0gKGF1ZGllbmNlLCBzY29wZSkgPT4gZGVsZXRlIHJlZnJlc2hUb2tlbnNbY2FjaGVLZXkoYXVkaWVuY2UsIHNjb3BlKV07CiAgICBjb25zdCB3YWl0ID0gdGltZSA9PiBuZXcgUHJvbWlzZShyZXNvbHZlID0+IHNldFRpbWVvdXQocmVzb2x2ZSwgdGltZSkpOwogICAgY29uc3QgZm9ybURhdGFUb09iamVjdCA9IGZvcm1EYXRhID0+IHsKICAgICAgICBjb25zdCBxdWVyeVBhcmFtcyA9IG5ldyBVUkxTZWFyY2hQYXJhbXMoZm9ybURhdGEpOwogICAgICAgIGNvbnN0IHBhcnNlZFF1ZXJ5ID0ge307CiAgICAgICAgcXVlcnlQYXJhbXMuZm9yRWFjaCgodmFsLCBrZXkpID0+IHsKICAgICAgICAgICAgcGFyc2VkUXVlcnlba2V5XSA9IHZhbDsKICAgICAgICB9KTsKICAgICAgICByZXR1cm4gcGFyc2VkUXVlcnk7CiAgICB9OwogICAgY29uc3QgdXBkYXRlUmVmcmVzaFRva2VucyA9IChvbGRSZWZyZXNoVG9rZW4sIG5ld1JlZnJlc2hUb2tlbikgPT4gewogICAgICAgIE9iamVjdC5lbnRyaWVzKHJlZnJlc2hUb2tlbnMpLmZvckVhY2goX3JlZiA9PiB7CiAgICAgICAgICAgIGxldCBba2V5LCB0b2tlbl0gPSBfcmVmOwogICAgICAgICAgICBpZiAodG9rZW4gPT09IG9sZFJlZnJlc2hUb2tlbikgewogICAgICAgICAgICAgICAgcmVmcmVzaFRva2Vuc1trZXldID0gbmV3UmVmcmVzaFRva2VuOwogICAgICAgICAgICB9CiAgICAgICAgfSk7CiAgICB9OwogICAgY29uc3QgY2hlY2tEb3duc2NvcGluZyA9IChzY29wZSwgYXVkaWVuY2UpID0+IHsKICAgICAgICBjb25zdCBmaW5kQ29pbmNpZGVuY2UgPSBPYmplY3Qua2V5cyhyZWZyZXNoVG9rZW5zKS5maW5kKGtleSA9PiB7CiAgICAgICAgICAgIGlmIChrZXkgIT09ICJsYXRlc3RfcmVmcmVzaF90b2tlbiIpIHsKICAgICAgICAgICAgICAgIGNvbnN0IGlzU2FtZUF1ZGllbmNlID0gY2FjaGVLZXlDb250YWluc0F1ZGllbmNlKGF1ZGllbmNlLCBrZXkpOwogICAgICAgICAgICAgICAgY29uc3Qgc2NvcGVzS2V5ID0ga2V5LnNwbGl0KCJ8IilbMV0uc3BsaXQoIiAiKTsKICAgICAgICAgICAgICAgIGNvbnN0IHJlcXVlc3RlZFNjb3BlcyA9IHNjb3BlLnNwbGl0KCIgIik7CiAgICAgICAgICAgICAgICBjb25zdCBzY29wZXNBcmVJbmNsdWRlZCA9IHJlcXVlc3RlZFNjb3Blcy5ldmVyeShrZXkgPT4gc2NvcGVzS2V5LmluY2x1ZGVzKGtleSkpOwogICAgICAgICAgICAgICAgcmV0dXJuIGlzU2FtZUF1ZGllbmNlICYmIHNjb3Blc0FyZUluY2x1ZGVkOwogICAgICAgICAgICB9CiAgICAgICAgfSk7CiAgICAgICAgcmV0dXJuIGZpbmRDb2luY2lkZW5jZSA/IHRydWUgOiBmYWxzZTsKICAgIH07CiAgICBjb25zdCBtZXNzYWdlSGFuZGxlciA9IGFzeW5jIF9yZWYyID0+IHsKICAgICAgICBsZXQge2RhdGE6IHt0aW1lb3V0OiB0aW1lb3V0LCBhdXRoOiBhdXRoLCBmZXRjaFVybDogZmV0Y2hVcmwsIGZldGNoT3B0aW9uczogZmV0Y2hPcHRpb25zLCB1c2VGb3JtRGF0YTogdXNlRm9ybURhdGEsIHVzZU1ycnQ6IHVzZU1ycnR9LCBwb3J0czogW3BvcnRdfSA9IF9yZWYyOwogICAgICAgIGxldCBoZWFkZXJzID0ge307CiAgICAgICAgbGV0IGpzb247CiAgICAgICAgbGV0IHJlZnJlc2hUb2tlbjsKICAgICAgICBjb25zdCB7YXVkaWVuY2U6IGF1ZGllbmNlLCBzY29wZTogc2NvcGV9ID0gYXV0aCB8fCB7fTsKICAgICAgICB0cnkgewogICAgICAgICAgICBjb25zdCBib2R5ID0gdXNlRm9ybURhdGEgPyBmb3JtRGF0YVRvT2JqZWN0KGZldGNoT3B0aW9ucy5ib2R5KSA6IEpTT04ucGFyc2UoZmV0Y2hPcHRpb25zLmJvZHkpOwogICAgICAgICAgICBpZiAoIWJvZHkucmVmcmVzaF90b2tlbiAmJiBib2R5LmdyYW50X3R5cGUgPT09ICJyZWZyZXNoX3Rva2VuIikgewogICAgICAgICAgICAgICAgcmVmcmVzaFRva2VuID0gZ2V0UmVmcmVzaFRva2VuKGF1ZGllbmNlLCBzY29wZSk7CiAgICAgICAgICAgICAgICBpZiAoIXJlZnJlc2hUb2tlbiAmJiB1c2VNcnJ0KSB7CiAgICAgICAgICAgICAgICAgICAgY29uc3QgbGF0ZXN0UmVmcmVzaFRva2VuID0gcmVmcmVzaFRva2Vuc1sibGF0ZXN0X3JlZnJlc2hfdG9rZW4iXTsKICAgICAgICAgICAgICAgICAgICBjb25zdCBpc0Rvd25zY29waW5nID0gY2hlY2tEb3duc2NvcGluZyhzY29wZSwgYXVkaWVuY2UpOwogICAgICAgICAgICAgICAgICAgIGlmIChsYXRlc3RSZWZyZXNoVG9rZW4gJiYgIWlzRG93bnNjb3BpbmcpIHsKICAgICAgICAgICAgICAgICAgICAgICAgcmVmcmVzaFRva2VuID0gbGF0ZXN0UmVmcmVzaFRva2VuOwogICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIGlmICghcmVmcmVzaFRva2VuKSB7CiAgICAgICAgICAgICAgICAgICAgdGhyb3cgbmV3IE1pc3NpbmdSZWZyZXNoVG9rZW5FcnJvcihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgZmV0Y2hPcHRpb25zLmJvZHkgPSB1c2VGb3JtRGF0YSA/IGNyZWF0ZVF1ZXJ5UGFyYW1zKF9vYmplY3RTcHJlYWQyKF9vYmplY3RTcHJlYWQyKHt9LCBib2R5KSwge30sIHsKICAgICAgICAgICAgICAgICAgICByZWZyZXNoX3Rva2VuOiByZWZyZXNoVG9rZW4KICAgICAgICAgICAgICAgIH0pKSA6IEpTT04uc3RyaW5naWZ5KF9vYmplY3RTcHJlYWQyKF9vYmplY3RTcHJlYWQyKHt9LCBib2R5KSwge30sIHsKICAgICAgICAgICAgICAgICAgICByZWZyZXNoX3Rva2VuOiByZWZyZXNoVG9rZW4KICAgICAgICAgICAgICAgIH0pKTsKICAgICAgICAgICAgfQogICAgICAgICAgICBsZXQgYWJvcnRDb250cm9sbGVyOwogICAgICAgICAgICBpZiAodHlwZW9mIEFib3J0Q29udHJvbGxlciA9PT0gImZ1bmN0aW9uIikgewogICAgICAgICAgICAgICAgYWJvcnRDb250cm9sbGVyID0gbmV3IEFib3J0Q29udHJvbGxlcjsKICAgICAgICAgICAgICAgIGZldGNoT3B0aW9ucy5zaWduYWwgPSBhYm9ydENvbnRyb2xsZXIuc2lnbmFsOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGxldCByZXNwb25zZTsKICAgICAgICAgICAgdHJ5IHsKICAgICAgICAgICAgICAgIHJlc3BvbnNlID0gYXdhaXQgUHJvbWlzZS5yYWNlKFsgd2FpdCh0aW1lb3V0KSwgZmV0Y2goZmV0Y2hVcmwsIF9vYmplY3RTcHJlYWQyKHt9LCBmZXRjaE9wdGlvbnMpKSBdKTsKICAgICAgICAgICAgfSBjYXRjaCAoZXJyb3IpIHsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIGVycm9yOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgfQogICAgICAgICAgICBpZiAoIXJlc3BvbnNlKSB7CiAgICAgICAgICAgICAgICBpZiAoYWJvcnRDb250cm9sbGVyKSBhYm9ydENvbnRyb2xsZXIuYWJvcnQoKTsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIGVycm9yOiAiVGltZW91dCB3aGVuIGV4ZWN1dGluZyAnZmV0Y2gnIgogICAgICAgICAgICAgICAgfSk7CiAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgIH0KICAgICAgICAgICAgaGVhZGVycyA9IGZyb21FbnRyaWVzKHJlc3BvbnNlLmhlYWRlcnMpOwogICAgICAgICAgICBqc29uID0gYXdhaXQgcmVzcG9uc2UuanNvbigpOwogICAgICAgICAgICBpZiAoanNvbi5yZWZyZXNoX3Rva2VuKSB7CiAgICAgICAgICAgICAgICBpZiAodXNlTXJydCkgewogICAgICAgICAgICAgICAgICAgIHJlZnJlc2hUb2tlbnNbImxhdGVzdF9yZWZyZXNoX3Rva2VuIl0gPSBqc29uLnJlZnJlc2hfdG9rZW47CiAgICAgICAgICAgICAgICAgICAgdXBkYXRlUmVmcmVzaFRva2VucyhyZWZyZXNoVG9rZW4sIGpzb24ucmVmcmVzaF90b2tlbik7CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICBzZXRSZWZyZXNoVG9rZW4oanNvbi5yZWZyZXNoX3Rva2VuLCBhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgZGVsZXRlIGpzb24ucmVmcmVzaF90b2tlbjsKICAgICAgICAgICAgfSBlbHNlIHsKICAgICAgICAgICAgICAgIGRlbGV0ZVJlZnJlc2hUb2tlbihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICB9CiAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgb2s6IHJlc3BvbnNlLm9rLAogICAgICAgICAgICAgICAganNvbjoganNvbiwKICAgICAgICAgICAgICAgIGhlYWRlcnM6IGhlYWRlcnMKICAgICAgICAgICAgfSk7CiAgICAgICAgfSBjYXRjaCAoZXJyb3IpIHsKICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICBvazogZmFsc2UsCiAgICAgICAgICAgICAgICBqc29uOiB7CiAgICAgICAgICAgICAgICAgICAgZXJyb3I6IGVycm9yLmVycm9yLAogICAgICAgICAgICAgICAgICAgIGVycm9yX2Rlc2NyaXB0aW9uOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICB9LAogICAgICAgICAgICAgICAgaGVhZGVyczogaGVhZGVycwogICAgICAgICAgICB9KTsKICAgICAgICB9CiAgICB9OwogICAgY29uc3QgaXNBdXRob3JpemVkV29ya2VyUmVxdWVzdCA9IHdvcmtlclJlcXVlc3QgPT4gewogICAgICAgIGlmICghYWxsb3dlZEJhc2VVcmwpIHsKICAgICAgICAgICAgcmV0dXJuIGZhbHNlOwogICAgICAgIH0KICAgICAgICB0cnkgewogICAgICAgICAgICBjb25zdCBhbGxvd2VkQmFzZU9yaWdpbiA9IG5ldyBVUkwoYWxsb3dlZEJhc2VVcmwpLm9yaWdpbjsKICAgICAgICAgICAgY29uc3QgcmVxdWVzdGVkVXJsID0gbmV3IFVSTCh3b3JrZXJSZXF1ZXN0LmZldGNoVXJsKTsKICAgICAgICAgICAgcmV0dXJuIHJlcXVlc3RlZFVybC5vcmlnaW4gPT09IGFsbG93ZWRCYXNlT3JpZ2luICYmIHJlcXVlc3RlZFVybC5wYXRobmFtZSA9PT0gIi9vYXV0aC90b2tlbiI7CiAgICAgICAgfSBjYXRjaCAoX3VudXNlZCkgewogICAgICAgICAgICByZXR1cm4gZmFsc2U7CiAgICAgICAgfQogICAgfTsKICAgIGNvbnN0IG1lc3NhZ2VSb3V0ZXIgPSBldmVudCA9PiB7CiAgICAgICAgY29uc3Qge2RhdGE6IGRhdGEsIHBvcnRzOiBwb3J0c30gPSBldmVudDsKICAgICAgICBjb25zdCBbcG9ydF0gPSBwb3J0czsKICAgICAgICBpZiAoInR5cGUiIGluIGRhdGEgJiYgZGF0YS50eXBlID09PSAiaW5pdCIpIHsKICAgICAgICAgICAgaWYgKGFsbG93ZWRCYXNlVXJsID09PSBudWxsKSB7CiAgICAgICAgICAgICAgICB0cnkgewogICAgICAgICAgICAgICAgICAgIG5ldyBVUkwoZGF0YS5hbGxvd2VkQmFzZVVybCk7CiAgICAgICAgICAgICAgICAgICAgYWxsb3dlZEJhc2VVcmwgPSBkYXRhLmFsbG93ZWRCYXNlVXJsOwogICAgICAgICAgICAgICAgfSBjYXRjaCAoX3VudXNlZDIpIHsKICAgICAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgIH0KICAgICAgICAgICAgcmV0dXJuOwogICAgICAgIH0KICAgICAgICBpZiAoISgiZmV0Y2hVcmwiIGluIGRhdGEpIHx8ICFpc0F1dGhvcml6ZWRXb3JrZXJSZXF1ZXN0KGRhdGEpKSB7CiAgICAgICAgICAgIHBvcnQgPT09IG51bGwgfHwgcG9ydCA9PT0gdm9pZCAwIHx8IHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgb2s6IGZhbHNlLAogICAgICAgICAgICAgICAganNvbjogewogICAgICAgICAgICAgICAgICAgIGVycm9yOiAiaW52YWxpZF9mZXRjaF91cmwiLAogICAgICAgICAgICAgICAgICAgIGVycm9yX2Rlc2NyaXB0aW9uOiAiVW5hdXRob3JpemVkIGZldGNoIFVSTCIKICAgICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgICBoZWFkZXJzOiB7fQogICAgICAgICAgICB9KTsKICAgICAgICAgICAgcmV0dXJuOwogICAgICAgIH0KICAgICAgICBtZXNzYWdlSGFuZGxlcihldmVudCk7CiAgICB9OwogICAgewogICAgICAgIGFkZEV2ZW50TGlzdGVuZXIoIm1lc3NhZ2UiLCBtZXNzYWdlUm91dGVyKTsKICAgIH0KfSkoKTsKCg==", null, false);
+var WorkerFactory = createBase64WorkerFactory("Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwooZnVuY3Rpb24oKSB7CiAgICAidXNlIHN0cmljdCI7CiAgICBjbGFzcyBHZW5lcmljRXJyb3IgZXh0ZW5kcyBFcnJvciB7CiAgICAgICAgY29uc3RydWN0b3IoZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uKSB7CiAgICAgICAgICAgIHN1cGVyKGVycm9yX2Rlc2NyaXB0aW9uKTsKICAgICAgICAgICAgdGhpcy5lcnJvciA9IGVycm9yOwogICAgICAgICAgICB0aGlzLmVycm9yX2Rlc2NyaXB0aW9uID0gZXJyb3JfZGVzY3JpcHRpb247CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBHZW5lcmljRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICAgICAgc3RhdGljIGZyb21QYXlsb2FkKF9yZWYpIHsKICAgICAgICAgICAgbGV0IHtlcnJvcjogZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uOiBlcnJvcl9kZXNjcmlwdGlvbn0gPSBfcmVmOwogICAgICAgICAgICByZXR1cm4gbmV3IEdlbmVyaWNFcnJvcihlcnJvciwgZXJyb3JfZGVzY3JpcHRpb24pOwogICAgICAgIH0KICAgIH0KICAgIGNsYXNzIE1pc3NpbmdSZWZyZXNoVG9rZW5FcnJvciBleHRlbmRzIEdlbmVyaWNFcnJvciB7CiAgICAgICAgY29uc3RydWN0b3IoYXVkaWVuY2UsIHNjb3BlKSB7CiAgICAgICAgICAgIHN1cGVyKCJtaXNzaW5nX3JlZnJlc2hfdG9rZW4iLCAiTWlzc2luZyBSZWZyZXNoIFRva2VuIChhdWRpZW5jZTogJyIuY29uY2F0KHZhbHVlT3JFbXB0eVN0cmluZyhhdWRpZW5jZSwgWyAiZGVmYXVsdCIgXSksICInLCBzY29wZTogJyIpLmNvbmNhdCh2YWx1ZU9yRW1wdHlTdHJpbmcoc2NvcGUpLCAiJykiKSk7CiAgICAgICAgICAgIHRoaXMuYXVkaWVuY2UgPSBhdWRpZW5jZTsKICAgICAgICAgICAgdGhpcy5zY29wZSA9IHNjb3BlOwogICAgICAgICAgICBPYmplY3Quc2V0UHJvdG90eXBlT2YodGhpcywgTWlzc2luZ1JlZnJlc2hUb2tlbkVycm9yLnByb3RvdHlwZSk7CiAgICAgICAgfQogICAgfQogICAgZnVuY3Rpb24gdmFsdWVPckVtcHR5U3RyaW5nKHZhbHVlKSB7CiAgICAgICAgbGV0IGV4Y2x1ZGUgPSBhcmd1bWVudHMubGVuZ3RoID4gMSAmJiBhcmd1bWVudHNbMV0gIT09IHVuZGVmaW5lZCA/IGFyZ3VtZW50c1sxXSA6IFtdOwogICAgICAgIHJldHVybiB2YWx1ZSAmJiAhZXhjbHVkZS5pbmNsdWRlcyh2YWx1ZSkgPyB2YWx1ZSA6ICIiOwogICAgfQogICAgZnVuY3Rpb24gX19yZXN0KHMsIGUpIHsKICAgICAgICB2YXIgdCA9IHt9OwogICAgICAgIGZvciAodmFyIHAgaW4gcykgaWYgKE9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChzLCBwKSAmJiBlLmluZGV4T2YocCkgPCAwKSB0W3BdID0gc1twXTsKICAgICAgICBpZiAocyAhPSBudWxsICYmIHR5cGVvZiBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzID09PSAiZnVuY3Rpb24iKSBmb3IgKHZhciBpID0gMCwgcCA9IE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMocyk7IGkgPCBwLmxlbmd0aDsgaSsrKSB7CiAgICAgICAgICAgIGlmIChlLmluZGV4T2YocFtpXSkgPCAwICYmIE9iamVjdC5wcm90b3R5cGUucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChzLCBwW2ldKSkgdFtwW2ldXSA9IHNbcFtpXV07CiAgICAgICAgfQogICAgICAgIHJldHVybiB0OwogICAgfQogICAgdHlwZW9mIFN1cHByZXNzZWRFcnJvciA9PT0gImZ1bmN0aW9uIiA/IFN1cHByZXNzZWRFcnJvciA6IGZ1bmN0aW9uKGVycm9yLCBzdXBwcmVzc2VkLCBtZXNzYWdlKSB7CiAgICAgICAgdmFyIGUgPSBuZXcgRXJyb3IobWVzc2FnZSk7CiAgICAgICAgcmV0dXJuIGUubmFtZSA9ICJTdXBwcmVzc2VkRXJyb3IiLCBlLmVycm9yID0gZXJyb3IsIGUuc3VwcHJlc3NlZCA9IHN1cHByZXNzZWQsIGU7CiAgICB9OwogICAgY29uc3Qgc3RyaXBVbmRlZmluZWQgPSBwYXJhbXMgPT4gT2JqZWN0LmtleXMocGFyYW1zKS5maWx0ZXIoayA9PiB0eXBlb2YgcGFyYW1zW2tdICE9PSAidW5kZWZpbmVkIikucmVkdWNlKChhY2MsIGtleSkgPT4gT2JqZWN0LmFzc2lnbihPYmplY3QuYXNzaWduKHt9LCBhY2MpLCB7CiAgICAgICAgW2tleV06IHBhcmFtc1trZXldCiAgICB9KSwge30pOwogICAgY29uc3QgY3JlYXRlUXVlcnlQYXJhbXMgPSBfYSA9PiB7CiAgICAgICAgdmFyIHtjbGllbnRJZDogY2xpZW50X2lkfSA9IF9hLCBwYXJhbXMgPSBfX3Jlc3QoX2EsIFsgImNsaWVudElkIiBdKTsKICAgICAgICByZXR1cm4gbmV3IFVSTFNlYXJjaFBhcmFtcyhzdHJpcFVuZGVmaW5lZChPYmplY3QuYXNzaWduKHsKICAgICAgICAgICAgY2xpZW50X2lkOiBjbGllbnRfaWQKICAgICAgICB9LCBwYXJhbXMpKSkudG9TdHJpbmcoKTsKICAgIH07CiAgICBjb25zdCBmcm9tRW50cmllcyA9IGl0ZXJhYmxlID0+IFsgLi4uaXRlcmFibGUgXS5yZWR1Y2UoKG9iaiwgX3JlZikgPT4gewogICAgICAgIGxldCBba2V5LCB2YWxdID0gX3JlZjsKICAgICAgICBvYmpba2V5XSA9IHZhbDsKICAgICAgICByZXR1cm4gb2JqOwogICAgfSwge30pOwogICAgbGV0IHJlZnJlc2hUb2tlbnMgPSB7fTsKICAgIGxldCBhbGxvd2VkQmFzZVVybCA9IG51bGw7CiAgICBjb25zdCBjYWNoZUtleSA9IChhdWRpZW5jZSwgc2NvcGUpID0+ICIiLmNvbmNhdChhdWRpZW5jZSwgInwiKS5jb25jYXQoc2NvcGUpOwogICAgY29uc3QgY2FjaGVLZXlDb250YWluc0F1ZGllbmNlID0gKGF1ZGllbmNlLCBjYWNoZUtleSkgPT4gY2FjaGVLZXkuc3RhcnRzV2l0aCgiIi5jb25jYXQoYXVkaWVuY2UsICJ8IikpOwogICAgY29uc3QgZ2V0UmVmcmVzaFRva2VuID0gKGF1ZGllbmNlLCBzY29wZSkgPT4gcmVmcmVzaFRva2Vuc1tjYWNoZUtleShhdWRpZW5jZSwgc2NvcGUpXTsKICAgIGNvbnN0IHNldFJlZnJlc2hUb2tlbiA9IChyZWZyZXNoVG9rZW4sIGF1ZGllbmNlLCBzY29wZSkgPT4gcmVmcmVzaFRva2Vuc1tjYWNoZUtleShhdWRpZW5jZSwgc2NvcGUpXSA9IHJlZnJlc2hUb2tlbjsKICAgIGNvbnN0IGRlbGV0ZVJlZnJlc2hUb2tlbiA9IChhdWRpZW5jZSwgc2NvcGUpID0+IGRlbGV0ZSByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldOwogICAgY29uc3QgZ2V0UmVmcmVzaFRva2Vuc0J5QXVkaWVuY2UgPSBhdWRpZW5jZSA9PiB7CiAgICAgICAgY29uc3Qgc2VlbiA9IG5ldyBTZXQ7CiAgICAgICAgT2JqZWN0LmVudHJpZXMocmVmcmVzaFRva2VucykuZm9yRWFjaChfcmVmID0+IHsKICAgICAgICAgICAgbGV0IFtrZXksIHRva2VuXSA9IF9yZWY7CiAgICAgICAgICAgIGlmIChjYWNoZUtleUNvbnRhaW5zQXVkaWVuY2UoYXVkaWVuY2UsIGtleSkpIHsKICAgICAgICAgICAgICAgIHNlZW4uYWRkKHRva2VuKTsKICAgICAgICAgICAgfQogICAgICAgIH0pOwogICAgICAgIHJldHVybiBBcnJheS5mcm9tKHNlZW4pOwogICAgfTsKICAgIGNvbnN0IGRlbGV0ZVJlZnJlc2hUb2tlbnNCeVZhbHVlID0gcmVmcmVzaFRva2VuID0+IHsKICAgICAgICBPYmplY3QuZW50cmllcyhyZWZyZXNoVG9rZW5zKS5mb3JFYWNoKF9yZWYyID0+IHsKICAgICAgICAgICAgbGV0IFtrZXksIHRva2VuXSA9IF9yZWYyOwogICAgICAgICAgICBpZiAodG9rZW4gPT09IHJlZnJlc2hUb2tlbikgewogICAgICAgICAgICAgICAgZGVsZXRlIHJlZnJlc2hUb2tlbnNba2V5XTsKICAgICAgICAgICAgfQogICAgICAgIH0pOwogICAgfTsKICAgIGNvbnN0IHdhaXQgPSB0aW1lID0+IG5ldyBQcm9taXNlKHJlc29sdmUgPT4gc2V0VGltZW91dChyZXNvbHZlLCB0aW1lKSk7CiAgICBjb25zdCBmb3JtRGF0YVRvT2JqZWN0ID0gZm9ybURhdGEgPT4gewogICAgICAgIGNvbnN0IHF1ZXJ5UGFyYW1zID0gbmV3IFVSTFNlYXJjaFBhcmFtcyhmb3JtRGF0YSk7CiAgICAgICAgY29uc3QgcGFyc2VkUXVlcnkgPSB7fTsKICAgICAgICBxdWVyeVBhcmFtcy5mb3JFYWNoKCh2YWwsIGtleSkgPT4gewogICAgICAgICAgICBwYXJzZWRRdWVyeVtrZXldID0gdmFsOwogICAgICAgIH0pOwogICAgICAgIHJldHVybiBwYXJzZWRRdWVyeTsKICAgIH07CiAgICBjb25zdCB1cGRhdGVSZWZyZXNoVG9rZW5zID0gKG9sZFJlZnJlc2hUb2tlbiwgbmV3UmVmcmVzaFRva2VuKSA9PiB7CiAgICAgICAgT2JqZWN0LmVudHJpZXMocmVmcmVzaFRva2VucykuZm9yRWFjaChfcmVmMyA9PiB7CiAgICAgICAgICAgIGxldCBba2V5LCB0b2tlbl0gPSBfcmVmMzsKICAgICAgICAgICAgaWYgKHRva2VuID09PSBvbGRSZWZyZXNoVG9rZW4pIHsKICAgICAgICAgICAgICAgIHJlZnJlc2hUb2tlbnNba2V5XSA9IG5ld1JlZnJlc2hUb2tlbjsKICAgICAgICAgICAgfQogICAgICAgIH0pOwogICAgfTsKICAgIGNvbnN0IGNoZWNrRG93bnNjb3BpbmcgPSAoc2NvcGUsIGF1ZGllbmNlKSA9PiB7CiAgICAgICAgY29uc3QgZmluZENvaW5jaWRlbmNlID0gT2JqZWN0LmtleXMocmVmcmVzaFRva2VucykuZmluZChrZXkgPT4gewogICAgICAgICAgICBpZiAoa2V5ICE9PSAibGF0ZXN0X3JlZnJlc2hfdG9rZW4iKSB7CiAgICAgICAgICAgICAgICBjb25zdCBpc1NhbWVBdWRpZW5jZSA9IGNhY2hlS2V5Q29udGFpbnNBdWRpZW5jZShhdWRpZW5jZSwga2V5KTsKICAgICAgICAgICAgICAgIGNvbnN0IHNjb3Blc0tleSA9IGtleS5zcGxpdCgifCIpWzFdLnNwbGl0KCIgIik7CiAgICAgICAgICAgICAgICBjb25zdCByZXF1ZXN0ZWRTY29wZXMgPSBzY29wZS5zcGxpdCgiICIpOwogICAgICAgICAgICAgICAgY29uc3Qgc2NvcGVzQXJlSW5jbHVkZWQgPSByZXF1ZXN0ZWRTY29wZXMuZXZlcnkoa2V5ID0+IHNjb3Blc0tleS5pbmNsdWRlcyhrZXkpKTsKICAgICAgICAgICAgICAgIHJldHVybiBpc1NhbWVBdWRpZW5jZSAmJiBzY29wZXNBcmVJbmNsdWRlZDsKICAgICAgICAgICAgfQogICAgICAgIH0pOwogICAgICAgIHJldHVybiBmaW5kQ29pbmNpZGVuY2UgPyB0cnVlIDogZmFsc2U7CiAgICB9OwogICAgY29uc3QgbWVzc2FnZUhhbmRsZXIgPSBhc3luYyBfcmVmNCA9PiB7CiAgICAgICAgbGV0IHtkYXRhOiB7dGltZW91dDogdGltZW91dCwgYXV0aDogYXV0aCwgZmV0Y2hVcmw6IGZldGNoVXJsLCBmZXRjaE9wdGlvbnM6IGZldGNoT3B0aW9ucywgdXNlRm9ybURhdGE6IHVzZUZvcm1EYXRhLCB1c2VNcnJ0OiB1c2VNcnJ0fSwgcG9ydHM6IFtwb3J0XX0gPSBfcmVmNDsKICAgICAgICBsZXQgaGVhZGVycyA9IHt9OwogICAgICAgIGxldCBqc29uOwogICAgICAgIGxldCByZWZyZXNoVG9rZW47CiAgICAgICAgY29uc3Qge2F1ZGllbmNlOiBhdWRpZW5jZSwgc2NvcGU6IHNjb3BlfSA9IGF1dGggfHwge307CiAgICAgICAgdHJ5IHsKICAgICAgICAgICAgY29uc3QgYm9keSA9IHVzZUZvcm1EYXRhID8gZm9ybURhdGFUb09iamVjdChmZXRjaE9wdGlvbnMuYm9keSkgOiBKU09OLnBhcnNlKGZldGNoT3B0aW9ucy5ib2R5KTsKICAgICAgICAgICAgaWYgKCFib2R5LnJlZnJlc2hfdG9rZW4gJiYgYm9keS5ncmFudF90eXBlID09PSAicmVmcmVzaF90b2tlbiIpIHsKICAgICAgICAgICAgICAgIHJlZnJlc2hUb2tlbiA9IGdldFJlZnJlc2hUb2tlbihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgaWYgKCFyZWZyZXNoVG9rZW4gJiYgdXNlTXJydCkgewogICAgICAgICAgICAgICAgICAgIGNvbnN0IGxhdGVzdFJlZnJlc2hUb2tlbiA9IHJlZnJlc2hUb2tlbnNbImxhdGVzdF9yZWZyZXNoX3Rva2VuIl07CiAgICAgICAgICAgICAgICAgICAgY29uc3QgaXNEb3duc2NvcGluZyA9IGNoZWNrRG93bnNjb3Bpbmcoc2NvcGUsIGF1ZGllbmNlKTsKICAgICAgICAgICAgICAgICAgICBpZiAobGF0ZXN0UmVmcmVzaFRva2VuICYmICFpc0Rvd25zY29waW5nKSB7CiAgICAgICAgICAgICAgICAgICAgICAgIHJlZnJlc2hUb2tlbiA9IGxhdGVzdFJlZnJlc2hUb2tlbjsKICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICBpZiAoIXJlZnJlc2hUb2tlbikgewogICAgICAgICAgICAgICAgICAgIHRocm93IG5ldyBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IoYXVkaWVuY2UsIHNjb3BlKTsKICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIGZldGNoT3B0aW9ucy5ib2R5ID0gdXNlRm9ybURhdGEgPyBjcmVhdGVRdWVyeVBhcmFtcyhPYmplY3QuYXNzaWduKE9iamVjdC5hc3NpZ24oe30sIGJvZHkpLCB7CiAgICAgICAgICAgICAgICAgICAgcmVmcmVzaF90b2tlbjogcmVmcmVzaFRva2VuCiAgICAgICAgICAgICAgICB9KSkgOiBKU09OLnN0cmluZ2lmeShPYmplY3QuYXNzaWduKE9iamVjdC5hc3NpZ24oe30sIGJvZHkpLCB7CiAgICAgICAgICAgICAgICAgICAgcmVmcmVzaF90b2tlbjogcmVmcmVzaFRva2VuCiAgICAgICAgICAgICAgICB9KSk7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgbGV0IGFib3J0Q29udHJvbGxlcjsKICAgICAgICAgICAgaWYgKHR5cGVvZiBBYm9ydENvbnRyb2xsZXIgPT09ICJmdW5jdGlvbiIpIHsKICAgICAgICAgICAgICAgIGFib3J0Q29udHJvbGxlciA9IG5ldyBBYm9ydENvbnRyb2xsZXI7CiAgICAgICAgICAgICAgICBmZXRjaE9wdGlvbnMuc2lnbmFsID0gYWJvcnRDb250cm9sbGVyLnNpZ25hbDsKICAgICAgICAgICAgfQogICAgICAgICAgICBsZXQgcmVzcG9uc2U7CiAgICAgICAgICAgIHRyeSB7CiAgICAgICAgICAgICAgICByZXNwb25zZSA9IGF3YWl0IFByb21pc2UucmFjZShbIHdhaXQodGltZW91dCksIGZldGNoKGZldGNoVXJsLCBPYmplY3QuYXNzaWduKHt9LCBmZXRjaE9wdGlvbnMpKSBdKTsKICAgICAgICAgICAgfSBjYXRjaCAoZXJyb3IpIHsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIGVycm9yOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgfQogICAgICAgICAgICBpZiAoIXJlc3BvbnNlKSB7CiAgICAgICAgICAgICAgICBpZiAoYWJvcnRDb250cm9sbGVyKSBhYm9ydENvbnRyb2xsZXIuYWJvcnQoKTsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIGVycm9yOiAiVGltZW91dCB3aGVuIGV4ZWN1dGluZyAnZmV0Y2gnIgogICAgICAgICAgICAgICAgfSk7CiAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgIH0KICAgICAgICAgICAgaGVhZGVycyA9IGZyb21FbnRyaWVzKHJlc3BvbnNlLmhlYWRlcnMpOwogICAgICAgICAgICBqc29uID0gYXdhaXQgcmVzcG9uc2UuanNvbigpOwogICAgICAgICAgICBpZiAoanNvbi5yZWZyZXNoX3Rva2VuKSB7CiAgICAgICAgICAgICAgICBpZiAodXNlTXJydCkgewogICAgICAgICAgICAgICAgICAgIHJlZnJlc2hUb2tlbnNbImxhdGVzdF9yZWZyZXNoX3Rva2VuIl0gPSBqc29uLnJlZnJlc2hfdG9rZW47CiAgICAgICAgICAgICAgICAgICAgdXBkYXRlUmVmcmVzaFRva2VucyhyZWZyZXNoVG9rZW4sIGpzb24ucmVmcmVzaF90b2tlbik7CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICBzZXRSZWZyZXNoVG9rZW4oanNvbi5yZWZyZXNoX3Rva2VuLCBhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgZGVsZXRlIGpzb24ucmVmcmVzaF90b2tlbjsKICAgICAgICAgICAgfSBlbHNlIHsKICAgICAgICAgICAgICAgIGRlbGV0ZVJlZnJlc2hUb2tlbihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICB9CiAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgb2s6IHJlc3BvbnNlLm9rLAogICAgICAgICAgICAgICAganNvbjoganNvbiwKICAgICAgICAgICAgICAgIGhlYWRlcnM6IGhlYWRlcnMKICAgICAgICAgICAgfSk7CiAgICAgICAgfSBjYXRjaCAoZXJyb3IpIHsKICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICBvazogZmFsc2UsCiAgICAgICAgICAgICAgICBqc29uOiB7CiAgICAgICAgICAgICAgICAgICAgZXJyb3I6IGVycm9yLmVycm9yLAogICAgICAgICAgICAgICAgICAgIGVycm9yX2Rlc2NyaXB0aW9uOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICB9LAogICAgICAgICAgICAgICAgaGVhZGVyczogaGVhZGVycwogICAgICAgICAgICB9KTsKICAgICAgICB9CiAgICB9OwogICAgY29uc3QgcmV2b2tlTWVzc2FnZUhhbmRsZXIgPSBhc3luYyBfcmVmNSA9PiB7CiAgICAgICAgbGV0IHtkYXRhOiB7dGltZW91dDogdGltZW91dCwgYXV0aDogYXV0aCwgZmV0Y2hVcmw6IGZldGNoVXJsLCBmZXRjaE9wdGlvbnM6IGZldGNoT3B0aW9ucywgdXNlRm9ybURhdGE6IHVzZUZvcm1EYXRhfSwgcG9ydHM6IFtwb3J0XX0gPSBfcmVmNTsKICAgICAgICBjb25zdCB7YXVkaWVuY2U6IGF1ZGllbmNlfSA9IGF1dGggfHwge307CiAgICAgICAgdHJ5IHsKICAgICAgICAgICAgY29uc3QgdG9rZW5zVG9SZXZva2UgPSBnZXRSZWZyZXNoVG9rZW5zQnlBdWRpZW5jZShhdWRpZW5jZSk7CiAgICAgICAgICAgIGlmICh0b2tlbnNUb1Jldm9rZS5sZW5ndGggPT09IDApIHsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIG9rOiB0cnVlCiAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgfQogICAgICAgICAgICBjb25zdCBiYXNlQm9keSA9IHVzZUZvcm1EYXRhID8gZm9ybURhdGFUb09iamVjdChmZXRjaE9wdGlvbnMuYm9keSkgOiBKU09OLnBhcnNlKGZldGNoT3B0aW9ucy5ib2R5KTsKICAgICAgICAgICAgZm9yIChjb25zdCByZWZyZXNoVG9rZW4gb2YgdG9rZW5zVG9SZXZva2UpIHsKICAgICAgICAgICAgICAgIGNvbnN0IGJvZHkgPSB1c2VGb3JtRGF0YSA/IGNyZWF0ZVF1ZXJ5UGFyYW1zKE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSwgYmFzZUJvZHkpLCB7CiAgICAgICAgICAgICAgICAgICAgdG9rZW46IHJlZnJlc2hUb2tlbgogICAgICAgICAgICAgICAgfSkpIDogSlNPTi5zdHJpbmdpZnkoT2JqZWN0LmFzc2lnbihPYmplY3QuYXNzaWduKHt9LCBiYXNlQm9keSksIHsKICAgICAgICAgICAgICAgICAgICB0b2tlbjogcmVmcmVzaFRva2VuCiAgICAgICAgICAgICAgICB9KSk7CiAgICAgICAgICAgICAgICBsZXQgYWJvcnRDb250cm9sbGVyOwogICAgICAgICAgICAgICAgbGV0IHNpZ25hbDsKICAgICAgICAgICAgICAgIGlmICh0eXBlb2YgQWJvcnRDb250cm9sbGVyID09PSAiZnVuY3Rpb24iKSB7CiAgICAgICAgICAgICAgICAgICAgYWJvcnRDb250cm9sbGVyID0gbmV3IEFib3J0Q29udHJvbGxlcjsKICAgICAgICAgICAgICAgICAgICBzaWduYWwgPSBhYm9ydENvbnRyb2xsZXIuc2lnbmFsOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgbGV0IHRpbWVvdXRJZDsKICAgICAgICAgICAgICAgIGxldCByZXNwb25zZTsKICAgICAgICAgICAgICAgIHRyeSB7CiAgICAgICAgICAgICAgICAgICAgcmVzcG9uc2UgPSBhd2FpdCBQcm9taXNlLnJhY2UoWyBuZXcgUHJvbWlzZShyZXNvbHZlID0+IHsKICAgICAgICAgICAgICAgICAgICAgICAgdGltZW91dElkID0gc2V0VGltZW91dChyZXNvbHZlLCB0aW1lb3V0KTsKICAgICAgICAgICAgICAgICAgICB9KSwgZmV0Y2goZmV0Y2hVcmwsIE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSwgZmV0Y2hPcHRpb25zKSwgewogICAgICAgICAgICAgICAgICAgICAgICBib2R5OiBib2R5LAogICAgICAgICAgICAgICAgICAgICAgICBzaWduYWw6IHNpZ25hbAogICAgICAgICAgICAgICAgICAgIH0pKSBdKS5maW5hbGx5KCgpID0+IGNsZWFyVGltZW91dCh0aW1lb3V0SWQpKTsKICAgICAgICAgICAgICAgIH0gY2F0Y2ggKGVycm9yKSB7CiAgICAgICAgICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICAgICAgICAgIGVycm9yOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICAgICAgfSk7CiAgICAgICAgICAgICAgICAgICAgcmV0dXJuOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgaWYgKCFyZXNwb25zZSkgewogICAgICAgICAgICAgICAgICAgIGlmIChhYm9ydENvbnRyb2xsZXIpIGFib3J0Q29udHJvbGxlci5hYm9ydCgpOwogICAgICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgICAgICBlcnJvcjogIlRpbWVvdXQgd2hlbiBleGVjdXRpbmcgJ2ZldGNoJyIKICAgICAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICBpZiAoIXJlc3BvbnNlLm9rKSB7CiAgICAgICAgICAgICAgICAgICAgbGV0IGVycm9yRGVzY3JpcHRpb247CiAgICAgICAgICAgICAgICAgICAgdHJ5IHsKICAgICAgICAgICAgICAgICAgICAgICAgY29uc3Qge2Vycm9yX2Rlc2NyaXB0aW9uOiBlcnJvcl9kZXNjcmlwdGlvbn0gPSBKU09OLnBhcnNlKGF3YWl0IHJlc3BvbnNlLnRleHQoKSk7CiAgICAgICAgICAgICAgICAgICAgICAgIGVycm9yRGVzY3JpcHRpb24gPSBlcnJvcl9kZXNjcmlwdGlvbjsKICAgICAgICAgICAgICAgICAgICB9IGNhdGNoIChfYSkge30KICAgICAgICAgICAgICAgICAgICBwb3J0LnBvc3RNZXNzYWdlKHsKICAgICAgICAgICAgICAgICAgICAgICAgZXJyb3I6IGVycm9yRGVzY3JpcHRpb24gfHwgIkhUVFAgZXJyb3IgIi5jb25jYXQocmVzcG9uc2Uuc3RhdHVzKQogICAgICAgICAgICAgICAgICAgIH0pOwogICAgICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIGRlbGV0ZVJlZnJlc2hUb2tlbnNCeVZhbHVlKHJlZnJlc2hUb2tlbik7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICBvazogdHJ1ZQogICAgICAgICAgICB9KTsKICAgICAgICB9IGNhdGNoIChlcnJvcikgewogICAgICAgICAgICBwb3J0LnBvc3RNZXNzYWdlKHsKICAgICAgICAgICAgICAgIGVycm9yOiBlcnJvci5tZXNzYWdlIHx8ICJVbmtub3duIGVycm9yIGR1cmluZyB0b2tlbiByZXZvY2F0aW9uIgogICAgICAgICAgICB9KTsKICAgICAgICB9CiAgICB9OwogICAgY29uc3QgaXNBdXRob3JpemVkV29ya2VyUmVxdWVzdCA9ICh3b3JrZXJSZXF1ZXN0LCBleHBlY3RlZFBhdGgpID0+IHsKICAgICAgICBpZiAoIWFsbG93ZWRCYXNlVXJsKSB7CiAgICAgICAgICAgIHJldHVybiBmYWxzZTsKICAgICAgICB9CiAgICAgICAgdHJ5IHsKICAgICAgICAgICAgY29uc3QgYWxsb3dlZEJhc2VPcmlnaW4gPSBuZXcgVVJMKGFsbG93ZWRCYXNlVXJsKS5vcmlnaW47CiAgICAgICAgICAgIGNvbnN0IHJlcXVlc3RlZFVybCA9IG5ldyBVUkwod29ya2VyUmVxdWVzdC5mZXRjaFVybCk7CiAgICAgICAgICAgIHJldHVybiByZXF1ZXN0ZWRVcmwub3JpZ2luID09PSBhbGxvd2VkQmFzZU9yaWdpbiAmJiByZXF1ZXN0ZWRVcmwucGF0aG5hbWUgPT09IGV4cGVjdGVkUGF0aDsKICAgICAgICB9IGNhdGNoIChfYSkgewogICAgICAgICAgICByZXR1cm4gZmFsc2U7CiAgICAgICAgfQogICAgfTsKICAgIGNvbnN0IG1lc3NhZ2VSb3V0ZXIgPSBldmVudCA9PiB7CiAgICAgICAgY29uc3Qge2RhdGE6IGRhdGEsIHBvcnRzOiBwb3J0c30gPSBldmVudDsKICAgICAgICBjb25zdCBbcG9ydF0gPSBwb3J0czsKICAgICAgICBpZiAoInR5cGUiIGluIGRhdGEgJiYgZGF0YS50eXBlID09PSAiaW5pdCIpIHsKICAgICAgICAgICAgaWYgKGFsbG93ZWRCYXNlVXJsID09PSBudWxsKSB7CiAgICAgICAgICAgICAgICB0cnkgewogICAgICAgICAgICAgICAgICAgIG5ldyBVUkwoZGF0YS5hbGxvd2VkQmFzZVVybCk7CiAgICAgICAgICAgICAgICAgICAgYWxsb3dlZEJhc2VVcmwgPSBkYXRhLmFsbG93ZWRCYXNlVXJsOwogICAgICAgICAgICAgICAgfSBjYXRjaCAoX2EpIHsKICAgICAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgIH0KICAgICAgICAgICAgcmV0dXJuOwogICAgICAgIH0KICAgICAgICBpZiAoInR5cGUiIGluIGRhdGEgJiYgZGF0YS50eXBlID09PSAicmV2b2tlIikgewogICAgICAgICAgICBpZiAoIWlzQXV0aG9yaXplZFdvcmtlclJlcXVlc3QoZGF0YSwgIi9vYXV0aC9yZXZva2UiKSkgewogICAgICAgICAgICAgICAgcG9ydCA9PT0gbnVsbCB8fCBwb3J0ID09PSB2b2lkIDAgPyB2b2lkIDAgOiBwb3J0LnBvc3RNZXNzYWdlKHsKICAgICAgICAgICAgICAgICAgICBvazogZmFsc2UsCiAgICAgICAgICAgICAgICAgICAganNvbjogewogICAgICAgICAgICAgICAgICAgICAgICBlcnJvcjogImludmFsaWRfZmV0Y2hfdXJsIiwKICAgICAgICAgICAgICAgICAgICAgICAgZXJyb3JfZGVzY3JpcHRpb246ICJVbmF1dGhvcml6ZWQgZmV0Y2ggVVJMIgogICAgICAgICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgICAgICAgaGVhZGVyczoge30KICAgICAgICAgICAgICAgIH0pOwogICAgICAgICAgICAgICAgcmV0dXJuOwogICAgICAgICAgICB9CiAgICAgICAgICAgIHJldm9rZU1lc3NhZ2VIYW5kbGVyKGV2ZW50KTsKICAgICAgICAgICAgcmV0dXJuOwogICAgICAgIH0KICAgICAgICBpZiAoISgiZmV0Y2hVcmwiIGluIGRhdGEpIHx8ICFpc0F1dGhvcml6ZWRXb3JrZXJSZXF1ZXN0KGRhdGEsICIvb2F1dGgvdG9rZW4iKSkgewogICAgICAgICAgICBwb3J0ID09PSBudWxsIHx8IHBvcnQgPT09IHZvaWQgMCA/IHZvaWQgMCA6IHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgb2s6IGZhbHNlLAogICAgICAgICAgICAgICAganNvbjogewogICAgICAgICAgICAgICAgICAgIGVycm9yOiAiaW52YWxpZF9mZXRjaF91cmwiLAogICAgICAgICAgICAgICAgICAgIGVycm9yX2Rlc2NyaXB0aW9uOiAiVW5hdXRob3JpemVkIGZldGNoIFVSTCIKICAgICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgICBoZWFkZXJzOiB7fQogICAgICAgICAgICB9KTsKICAgICAgICAgICAgcmV0dXJuOwogICAgICAgIH0KICAgICAgICBtZXNzYWdlSGFuZGxlcihldmVudCk7CiAgICB9OwogICAgewogICAgICAgIGFkZEV2ZW50TGlzdGVuZXIoIm1lc3NhZ2UiLCBtZXNzYWdlUm91dGVyKTsKICAgIH0KfSkoKTsKCg==", null, false);
 
 const singlePromiseMap = {};
 
@@ -2302,12 +2222,11 @@ class CacheKeyManifest {
     constructor(cache, clientId) {
         this.cache = cache;
         this.clientId = clientId;
-        _defineProperty(this, "manifestKey", void 0);
         this.manifestKey = this.createManifestKeyFrom(this.clientId);
     }
     async add(key) {
-        var _await$this$cache$get;
-        const keys = new Set(((_await$this$cache$get = await this.cache.get(this.manifestKey)) === null || _await$this$cache$get === void 0 ? void 0 : _await$this$cache$get.keys) || []);
+        var _a;
+        const keys = new Set(((_a = await this.cache.get(this.manifestKey)) === null || _a === void 0 ? void 0 : _a.keys) || []);
         keys.add(key);
         await this.cache.set(this.manifestKey, {
             keys: [ ...keys ]
@@ -2337,8 +2256,6 @@ class CacheKeyManifest {
     }
 }
 
-const _excluded$2 = [ "openUrl", "onRedirect" ];
-
 const GET_TOKEN_SILENTLY_LOCK_KEY = "auth0.lock.getTokenSilently";
 
 const GET_TOKEN_FROM_IFRAME_LOCK_KEY = "auth0.lock.getTokenFromIFrame";
@@ -2360,9 +2277,9 @@ const cacheLocationBuilders = {
 
 const cacheFactory = location => cacheLocationBuilders[location];
 
-const getAuthorizeParams = (clientOptions, scope, authorizationParams, state, nonce, code_challenge, redirect_uri, response_mode, thumbprint) => _objectSpread2(_objectSpread2(_objectSpread2({
+const getAuthorizeParams = (clientOptions, scope, authorizationParams, state, nonce, code_challenge, redirect_uri, response_mode, thumbprint) => Object.assign(Object.assign(Object.assign({
     client_id: clientOptions.clientId
-}, clientOptions.authorizationParams), authorizationParams), {}, {
+}, clientOptions.authorizationParams), authorizationParams), {
     scope: scopesToRequest(scope, authorizationParams.scope, authorizationParams.audience),
     response_type: "code",
     response_mode: response_mode || "query",
@@ -2375,8 +2292,8 @@ const getAuthorizeParams = (clientOptions, scope, authorizationParams, state, no
 });
 
 const patchOpenUrlWithOnRedirect = options => {
-    const {openUrl: openUrl, onRedirect: onRedirect} = options, originalOptions = _objectWithoutProperties(options, _excluded$2);
-    const result = _objectSpread2(_objectSpread2({}, originalOptions), {}, {
+    const {openUrl: openUrl, onRedirect: onRedirect} = options, originalOptions = __rest(options, [ "openUrl", "onRedirect" ]);
+    const result = Object.assign(Object.assign({}, originalOptions), {
         openUrl: openUrl === false || openUrl ? openUrl : onRedirect
     });
     return result;
@@ -2396,13 +2313,13 @@ const getMissingScopes = (requestedScope, respondedScope) => {
 };
 
 const getScopeToRequest = (useMrrt, authorizationParams, cachedAudience, cachedScope) => {
+    var _a;
     if (useMrrt && cachedAudience && cachedScope) {
-        var _authorizationParams$;
         if (authorizationParams.audience !== cachedAudience) {
             return authorizationParams.scope;
         }
         const cachedScopes = cachedScope.split(" ");
-        const newScopes = ((_authorizationParams$ = authorizationParams.scope) === null || _authorizationParams$ === void 0 ? void 0 : _authorizationParams$.split(" ")) || [];
+        const newScopes = ((_a = authorizationParams.scope) === null || _a === void 0 ? void 0 : _a.split(" ")) || [];
         const newScopesAreIncluded = newScopes.every(scope => cachedScopes.includes(scope));
         return cachedScopes.length >= newScopes.length && newScopesAreIncluded ? cachedScope : authorizationParams.scope;
     }
@@ -2429,8 +2346,6 @@ const AUTH0_NONCE_ID = "auth0";
 
 class DpopStorage {
     constructor(clientId) {
-        _defineProperty(this, "clientId", void 0);
-        _defineProperty(this, "dbHandle", void 0);
         this.clientId = clientId;
     }
     getVersion() {
@@ -2484,7 +2399,7 @@ class DpopStorage {
     }
     async deleteBy(table, predicate) {
         const allKeys = await this.executeDbRequest(table, "readonly", table => table.getAllKeys());
-        allKeys === null || allKeys === void 0 || allKeys.filter(predicate).map(k => this.executeDbRequest(table, "readwrite", table => table.delete(k)));
+        allKeys === null || allKeys === void 0 ? void 0 : allKeys.filter(predicate).map(k => this.executeDbRequest(table, "readwrite", table => table.delete(k)));
     }
     deleteByClientId(table, clientId) {
         return this.deleteBy(table, k => typeof k === "string" && k.startsWith("".concat(clientId, "::")));
@@ -2499,7 +2414,6 @@ class DpopStorage {
 
 class Dpop {
     constructor(clientId) {
-        _defineProperty(this, "storage", void 0);
         this.storage = new DpopStorage(clientId);
     }
     getNonce(id) {
@@ -2518,7 +2432,7 @@ class Dpop {
     }
     async generateProof(params) {
         const keyPair = await this.getOrGenerateKeyPair();
-        return generateProof(_objectSpread2({
+        return generateProof(Object.assign({
             keyPair: keyPair
         }, params));
     }
@@ -2531,18 +2445,17 @@ class Dpop {
     }
 }
 
-var TokenType = function(TokenType) {
+var TokenType;
+
+(function(TokenType) {
     TokenType["Bearer"] = "Bearer";
     TokenType["DPoP"] = "DPoP";
-    return TokenType;
-}(TokenType || {});
+})(TokenType || (TokenType = {}));
 
 class Fetcher {
     constructor(config, hooks) {
-        _defineProperty(this, "config", void 0);
-        _defineProperty(this, "hooks", void 0);
         this.hooks = hooks;
-        this.config = _objectSpread2(_objectSpread2({}, config), {}, {
+        this.config = Object.assign(Object.assign({}, config), {
             fetch: config.fetch || (typeof window === "undefined" ? fetch : window.fetch.bind(window))
         });
     }
@@ -2650,7 +2563,7 @@ class Fetcher {
     }
     fetchWithAuth(info, init, authParams) {
         const callbacks = {
-            onUseDpopNonceError: () => this.internalFetchWithAuth(info, init, _objectSpread2(_objectSpread2({}, callbacks), {}, {
+            onUseDpopNonceError: () => this.internalFetchWithAuth(info, init, Object.assign(Object.assign({}, callbacks), {
                 onUseDpopNonceError: undefined
             }), authParams)
         };
@@ -2708,11 +2621,6 @@ class MyAccountApiError extends Error {
     constructor(_ref) {
         let {type: type, status: status, title: title, detail: detail, validation_errors: validation_errors} = _ref;
         super(detail);
-        _defineProperty(this, "type", void 0);
-        _defineProperty(this, "status", void 0);
-        _defineProperty(this, "title", void 0);
-        _defineProperty(this, "detail", void 0);
-        _defineProperty(this, "validation_errors", void 0);
         this.name = "MyAccountApiError";
         this.type = type;
         this.status = status;
@@ -2753,7 +2661,7 @@ const MfaGrantTypes = {
 
 function getAuthJsEnrollParams(params) {
     const mapping = FACTOR_MAPPING[params.factorType];
-    return _objectSpread2(_objectSpread2(_objectSpread2({
+    return Object.assign(Object.assign(Object.assign({
         mfaToken: params.mfaToken,
         authenticatorTypes: mapping.authenticatorTypes
     }, mapping.oobChannels && {
@@ -2778,6 +2686,162 @@ function getGrantType(params) {
     return undefined;
 }
 
+function _OverloadYield(e, d) {
+    this.v = e, this.k = d;
+}
+
+function _assertClassBrand(e, t, n) {
+    if ("function" == typeof e ? e === t : e.has(t)) return arguments.length < 3 ? t : n;
+    throw new TypeError("Private element is not present on this object");
+}
+
+function _awaitAsyncGenerator(e) {
+    return new _OverloadYield(e, 0);
+}
+
+function _checkPrivateRedeclaration(e, t) {
+    if (t.has(e)) throw new TypeError("Cannot initialize the same private elements twice on an object");
+}
+
+function _classPrivateFieldGet2(s, a) {
+    return s.get(_assertClassBrand(s, a));
+}
+
+function _classPrivateFieldInitSpec(e, t, a) {
+    _checkPrivateRedeclaration(e, t), t.set(e, a);
+}
+
+function _classPrivateFieldSet2(s, a, r) {
+    return s.set(_assertClassBrand(s, a), r), r;
+}
+
+function _classPrivateMethodInitSpec(e, a) {
+    _checkPrivateRedeclaration(e, a), a.add(e);
+}
+
+function _defineProperty(e, r, t) {
+    return (r = _toPropertyKey(r)) in e ? Object.defineProperty(e, r, {
+        value: t,
+        enumerable: !0,
+        configurable: !0,
+        writable: !0
+    }) : e[r] = t, e;
+}
+
+function ownKeys(e, r) {
+    var t = Object.keys(e);
+    if (Object.getOwnPropertySymbols) {
+        var o = Object.getOwnPropertySymbols(e);
+        r && (o = o.filter(function(r) {
+            return Object.getOwnPropertyDescriptor(e, r).enumerable;
+        })), t.push.apply(t, o);
+    }
+    return t;
+}
+
+function _objectSpread2(e) {
+    for (var r = 1; r < arguments.length; r++) {
+        var t = null != arguments[r] ? arguments[r] : {};
+        r % 2 ? ownKeys(Object(t), !0).forEach(function(r) {
+            _defineProperty(e, r, t[r]);
+        }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys(Object(t)).forEach(function(r) {
+            Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r));
+        });
+    }
+    return e;
+}
+
+function _objectWithoutProperties(e, t) {
+    if (null == e) return {};
+    var o, r, i = _objectWithoutPropertiesLoose(e, t);
+    if (Object.getOwnPropertySymbols) {
+        var n = Object.getOwnPropertySymbols(e);
+        for (r = 0; r < n.length; r++) o = n[r], -1 === t.indexOf(o) && {}.propertyIsEnumerable.call(e, o) && (i[o] = e[o]);
+    }
+    return i;
+}
+
+function _objectWithoutPropertiesLoose(r, e) {
+    if (null == r) return {};
+    var t = {};
+    for (var n in r) if ({}.hasOwnProperty.call(r, n)) {
+        if (-1 !== e.indexOf(n)) continue;
+        t[n] = r[n];
+    }
+    return t;
+}
+
+function _toPrimitive(t, r) {
+    if ("object" != typeof t || !t) return t;
+    var e = t[Symbol.toPrimitive];
+    if (void 0 !== e) {
+        var i = e.call(t, r || "default");
+        if ("object" != typeof i) return i;
+        throw new TypeError("@@toPrimitive must return a primitive value.");
+    }
+    return ("string" === r ? String : Number)(t);
+}
+
+function _toPropertyKey(t) {
+    var i = _toPrimitive(t, "string");
+    return "symbol" == typeof i ? i : i + "";
+}
+
+function _wrapAsyncGenerator(e) {
+    return function() {
+        return new AsyncGenerator(e.apply(this, arguments));
+    };
+}
+
+function AsyncGenerator(e) {
+    var t, n;
+    function resume(t, n) {
+        try {
+            var r = e[t](n), o = r.value, u = o instanceof _OverloadYield;
+            Promise.resolve(u ? o.v : o).then(function(n) {
+                if (u) {
+                    var i = "return" === t && o.k ? t : "next";
+                    if (!o.k || n.done) return resume(i, n);
+                    n = e[i](n).value;
+                }
+                settle(!!r.done, n);
+            }, function(e) {
+                resume("throw", e);
+            });
+        } catch (e) {
+            settle(2, e);
+        }
+    }
+    function settle(e, r) {
+        2 === e ? t.reject(r) : t.resolve({
+            value: r,
+            done: e
+        }), (t = t.next) ? resume(t.key, t.arg) : n = null;
+    }
+    this._invoke = function(e, r) {
+        return new Promise(function(o, u) {
+            var i = {
+                key: e,
+                arg: r,
+                resolve: o,
+                reject: u,
+                next: null
+            };
+            n ? n = n.next = i : (t = n = i, resume(e, r));
+        });
+    }, "function" != typeof e.return && (this.return = void 0);
+}
+
+AsyncGenerator.prototype["function" == typeof Symbol && Symbol.asyncIterator || "@@asyncIterator"] = function() {
+    return this;
+}, AsyncGenerator.prototype.next = function(e) {
+    return this._invoke("next", e);
+}, AsyncGenerator.prototype.throw = function(e) {
+    return this._invoke("throw", e);
+}, AsyncGenerator.prototype.return = function(e) {
+    return this._invoke("return", e);
+};
+
 var _navigator$userAgent$2, _navigator$userAgent$$2;
 
 let USER_AGENT$2;
@@ -7058,7 +7122,7 @@ function createRemoteJWKSet(url, options) {
     return remoteJWKSet;
 }
 
-const _excluded$1 = [ "mfaToken" ], _excluded2$1 = [ "mfaToken" ];
+const _excluded = [ "mfaToken" ], _excluded2 = [ "mfaToken" ];
 
 var _baseUrl, _clientId, _customFetch, _entries, _ttlMs, _maxEntries, _configuration, _serverMetadata, _clientAuthPromise, _options, _customFetch2, _jwks, _discoveryCache, _inFlightDiscovery, _jwksCache, _Class9_brand;
 
@@ -7303,7 +7367,7 @@ class MfaClient {
     }
     async enrollAuthenticator(options) {
         const url = "".concat(_classPrivateFieldGet2(_baseUrl, this), "/mfa/associate");
-        const {mfaToken: mfaToken} = options, sdkParams = _objectWithoutProperties(options, _excluded$1);
+        const {mfaToken: mfaToken} = options, sdkParams = _objectWithoutProperties(options, _excluded);
         const apiParams = {
             authenticator_types: sdkParams.authenticatorTypes
         };
@@ -7348,7 +7412,7 @@ class MfaClient {
     }
     async challengeAuthenticator(options) {
         const url = "".concat(_classPrivateFieldGet2(_baseUrl, this), "/mfa/challenge");
-        const {mfaToken: mfaToken} = options, challengeParams = _objectWithoutProperties(options, _excluded2$1);
+        const {mfaToken: mfaToken} = options, challengeParams = _objectWithoutProperties(options, _excluded2);
         const body = {
             mfa_token: mfaToken,
             client_id: _classPrivateFieldGet2(_clientId, this),
@@ -8103,13 +8167,12 @@ const DEFAULT_TTL_MS = 10 * 60 * 1e3;
 class MfaContextManager {
     constructor() {
         let ttlMs = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : DEFAULT_TTL_MS;
-        _defineProperty(this, "contexts", new Map);
-        _defineProperty(this, "ttlMs", void 0);
+        this.contexts = new Map;
         this.ttlMs = ttlMs;
     }
     set(mfaToken, context) {
         this.cleanup();
-        this.contexts.set(mfaToken, _objectSpread2(_objectSpread2({}, context), {}, {
+        this.contexts.set(mfaToken, Object.assign(Object.assign({}, context), {
             createdAt: Date.now()
         }));
     }
@@ -8142,9 +8205,6 @@ class MfaContextManager {
 
 class MfaApiClient {
     constructor(authJsMfaClient, auth0Client) {
-        _defineProperty(this, "authJsMfaClient", void 0);
-        _defineProperty(this, "auth0Client", void 0);
-        _defineProperty(this, "contextManager", void 0);
         this.authJsMfaClient = authJsMfaClient;
         this.auth0Client = auth0Client;
         this.contextManager = new MfaContextManager;
@@ -8157,9 +8217,9 @@ class MfaApiClient {
         });
     }
     async getAuthenticators(mfaToken) {
-        var _context$mfaRequireme;
+        var _a, _b;
         const context = this.contextManager.get(mfaToken);
-        if (!(context !== null && context !== void 0 && (_context$mfaRequireme = context.mfaRequirements) !== null && _context$mfaRequireme !== void 0 && _context$mfaRequireme.challenge) || context.mfaRequirements.challenge.length === 0) {
+        if (!((_a = context === null || context === void 0 ? void 0 : context.mfaRequirements) === null || _a === void 0 ? void 0 : _a.challenge) || context.mfaRequirements.challenge.length === 0) {
             throw new MfaListAuthenticatorsError("invalid_request", "challengeType is required and must contain at least one challenge type, please check mfa_required error payload");
         }
         const challengeTypes = context.mfaRequirements.challenge.map(c => c.type);
@@ -8173,25 +8233,25 @@ class MfaApiClient {
             });
         } catch (error) {
             if (error instanceof MfaListAuthenticatorsError$1) {
-                var _error$cause;
-                throw new MfaListAuthenticatorsError((_error$cause = error.cause) === null || _error$cause === void 0 ? void 0 : _error$cause.error, error.message);
+                throw new MfaListAuthenticatorsError((_b = error.cause) === null || _b === void 0 ? void 0 : _b.error, error.message);
             }
             throw error;
         }
     }
     async enroll(params) {
+        var _a;
         const authJsParams = getAuthJsEnrollParams(params);
         try {
             return await this.authJsMfaClient.enrollAuthenticator(authJsParams);
         } catch (error) {
             if (error instanceof MfaEnrollmentError$1) {
-                var _error$cause2;
-                throw new MfaEnrollmentError((_error$cause2 = error.cause) === null || _error$cause2 === void 0 ? void 0 : _error$cause2.error, error.message);
+                throw new MfaEnrollmentError((_a = error.cause) === null || _a === void 0 ? void 0 : _a.error, error.message);
             }
             throw error;
         }
     }
     async challenge(params) {
+        var _a;
         try {
             const authJsParams = {
                 challengeType: params.challengeType,
@@ -8203,8 +8263,7 @@ class MfaApiClient {
             return await this.authJsMfaClient.challengeAuthenticator(authJsParams);
         } catch (error) {
             if (error instanceof MfaChallengeError$1) {
-                var _error$cause3;
-                throw new MfaChallengeError((_error$cause3 = error.cause) === null || _error$cause3 === void 0 ? void 0 : _error$cause3.error, error.message);
+                throw new MfaChallengeError((_a = error.cause) === null || _a === void 0 ? void 0 : _a.error, error.message);
             }
             throw error;
         }
@@ -8254,38 +8313,18 @@ class MfaApiClient {
     }
 }
 
-const _excluded = [ "openUrl", "fragment", "appState" ], _excluded2 = [ "url" ], _excluded3 = [ "cacheMode" ], _excluded4 = [ "federated" ], _excluded5 = [ "openUrl" ], _excluded6 = [ "id_token", "decodedToken" ], _excluded7 = [ "mfaToken" ];
-
 class Auth0Client {
     constructor(options) {
-        _defineProperty(this, "transactionManager", void 0);
-        _defineProperty(this, "cacheManager", void 0);
-        _defineProperty(this, "lockManager", void 0);
-        _defineProperty(this, "domainUrl", void 0);
-        _defineProperty(this, "tokenIssuer", void 0);
-        _defineProperty(this, "scope", void 0);
-        _defineProperty(this, "cookieStorage", void 0);
-        _defineProperty(this, "dpop", void 0);
-        _defineProperty(this, "sessionCheckExpiryDays", void 0);
-        _defineProperty(this, "orgHintCookieName", void 0);
-        _defineProperty(this, "isAuthenticatedCookieName", void 0);
-        _defineProperty(this, "nowProvider", void 0);
-        _defineProperty(this, "httpTimeoutMs", void 0);
-        _defineProperty(this, "options", void 0);
-        _defineProperty(this, "userCache", (new InMemoryCache).enclosedCache);
-        _defineProperty(this, "myAccountApi", void 0);
-        _defineProperty(this, "mfa", void 0);
-        _defineProperty(this, "worker", void 0);
-        _defineProperty(this, "authJsClient", void 0);
-        _defineProperty(this, "defaultOptions", {
+        this.userCache = (new InMemoryCache).enclosedCache;
+        this.defaultOptions = {
             authorizationParams: {
                 scope: DEFAULT_SCOPE
             },
             useRefreshTokensFallback: false,
             useFormData: true
-        });
-        this.options = _objectSpread2(_objectSpread2(_objectSpread2({}, this.defaultOptions), options), {}, {
-            authorizationParams: _objectSpread2(_objectSpread2({}, this.defaultOptions.authorizationParams), options.authorizationParams)
+        };
+        this.options = Object.assign(Object.assign(Object.assign({}, this.defaultOptions), options), {
+            authorizationParams: Object.assign(Object.assign({}, this.defaultOptions.authorizationParams), options.authorizationParams)
         });
         typeof window !== "undefined" && validateCrypto();
         this.lockManager = getLockManager();
@@ -8317,9 +8356,9 @@ class Auth0Client {
         this.domainUrl = getDomain(this.options.domain);
         this.tokenIssuer = getTokenIssuer(this.options.issuer, this.domainUrl);
         const myAccountApiIdentifier = "".concat(this.domainUrl, "/me/");
-        const myAccountFetcher = this.createFetcher(_objectSpread2(_objectSpread2({}, this.options.useDpop && {
+        const myAccountFetcher = this.createFetcher(Object.assign(Object.assign({}, this.options.useDpop && {
             dpopNonceId: "__auth0_my_account_api__"
-        }), {}, {
+        }), {
             getAccessToken: () => this.getTokenSilently({
                 authorizationParams: {
                     scope: "create:me:connected_accounts",
@@ -8397,7 +8436,7 @@ class Auth0Client {
                 url.searchParams.delete(paramName);
                 window.history.replaceState({}, "", url.toString());
             }
-        } catch (_unused) {}
+        } catch (_a) {}
     }
     _applySessionTransferToken(authorizationParams) {
         const paramName = this.options.sessionTransferTokenQueryParamName;
@@ -8407,18 +8446,18 @@ class Auth0Client {
         const token = this._extractSessionTransferToken(paramName);
         if (!token) return authorizationParams;
         this._clearSessionTransferTokenFromUrl(paramName);
-        return _objectSpread2(_objectSpread2({}, authorizationParams), {}, {
+        return Object.assign(Object.assign({}, authorizationParams), {
             session_transfer_token: token
         });
     }
     async _prepareAuthorizeUrl(authorizationParams, authorizeOptions, fallbackRedirectUri) {
-        var _this$dpop;
+        var _a;
         const state = encode$2(createRandomString());
         const nonce = encode$2(createRandomString());
         const code_verifier = createRandomString();
         const code_challengeBuffer = await sha256(code_verifier);
         const code_challenge = bufferToBase64UrlEncoded(code_challengeBuffer);
-        const thumbprint = await ((_this$dpop = this.dpop) === null || _this$dpop === void 0 ? void 0 : _this$dpop.calculateThumbprint());
+        const thumbprint = await ((_a = this.dpop) === null || _a === void 0 ? void 0 : _a.calculateThumbprint());
         const params = getAuthorizeParams(this.options, this.scope, authorizationParams, state, nonce, code_challenge, authorizationParams.redirect_uri || this.options.authorizationParams.redirect_uri || fallbackRedirectUri, authorizeOptions === null || authorizeOptions === void 0 ? void 0 : authorizeOptions.response_mode, thumbprint);
         const url = this._authorizeUrl(params);
         return {
@@ -8432,7 +8471,7 @@ class Auth0Client {
         };
     }
     async loginWithPopup(options, config) {
-        var _options$authorizatio;
+        var _a;
         options = options || {};
         config = config || {};
         if (!config.popup) {
@@ -8446,13 +8485,13 @@ class Auth0Client {
             response_mode: "web_message"
         }, window.location.origin);
         config.popup.location.href = params.url;
-        const codeResult = await runPopup(_objectSpread2(_objectSpread2({}, config), {}, {
+        const codeResult = await runPopup(Object.assign(Object.assign({}, config), {
             timeoutInSeconds: config.timeoutInSeconds || this.options.authorizeTimeoutInSeconds || DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS
         }), new URL(params.url).origin);
         if (params.state !== codeResult.state) {
             throw new GenericError("state_mismatch", "Invalid state");
         }
-        const organization = ((_options$authorizatio = options.authorizationParams) === null || _options$authorizatio === void 0 ? void 0 : _options$authorizatio.organization) || this.options.authorizationParams.organization;
+        const organization = ((_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.organization) || this.options.authorizationParams.organization;
         await this._requestToken({
             audience: params.audience,
             scope: params.scope,
@@ -8466,26 +8505,26 @@ class Auth0Client {
         });
     }
     async getUser() {
-        var _cache$decodedToken;
+        var _a;
         const cache = await this._getIdTokenFromCache();
-        return cache === null || cache === void 0 || (_cache$decodedToken = cache.decodedToken) === null || _cache$decodedToken === void 0 ? void 0 : _cache$decodedToken.user;
+        return (_a = cache === null || cache === void 0 ? void 0 : cache.decodedToken) === null || _a === void 0 ? void 0 : _a.user;
     }
     async getIdTokenClaims() {
-        var _cache$decodedToken2;
+        var _a;
         const cache = await this._getIdTokenFromCache();
-        return cache === null || cache === void 0 || (_cache$decodedToken2 = cache.decodedToken) === null || _cache$decodedToken2 === void 0 ? void 0 : _cache$decodedToken2.claims;
+        return (_a = cache === null || cache === void 0 ? void 0 : cache.decodedToken) === null || _a === void 0 ? void 0 : _a.claims;
     }
     async loginWithRedirect() {
-        var _urlOptions$authoriza;
         let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-        const _patchOpenUrlWithOnRe = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl, fragment: fragment, appState: appState} = _patchOpenUrlWithOnRe, urlOptions = _objectWithoutProperties(_patchOpenUrlWithOnRe, _excluded);
-        const organization = ((_urlOptions$authoriza = urlOptions.authorizationParams) === null || _urlOptions$authoriza === void 0 ? void 0 : _urlOptions$authoriza.organization) || this.options.authorizationParams.organization;
+        var _a;
+        const _b = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl, fragment: fragment, appState: appState} = _b, urlOptions = __rest(_b, [ "openUrl", "fragment", "appState" ]);
+        const organization = ((_a = urlOptions.authorizationParams) === null || _a === void 0 ? void 0 : _a.organization) || this.options.authorizationParams.organization;
         const authorizationParams = this._applySessionTransferToken(urlOptions.authorizationParams || {});
-        const _await$this$_prepareA = await this._prepareAuthorizeUrl(authorizationParams), {url: url} = _await$this$_prepareA, transaction = _objectWithoutProperties(_await$this$_prepareA, _excluded2);
-        this.transactionManager.create(_objectSpread2(_objectSpread2({}, transaction), {}, {
+        const _c = await this._prepareAuthorizeUrl(authorizationParams), {url: url} = _c, transaction = __rest(_c, [ "url" ]);
+        this.transactionManager.create(Object.assign(Object.assign(Object.assign({}, transaction), {
             appState: appState,
-            response_type: ResponseType.Code
-        }, organization && {
+            response_type: exports.ResponseType.Code
+        }), organization && {
             organization: organization
         }));
         const urlWithFragment = fragment ? "".concat(url, "#").concat(fragment) : url;
@@ -8507,7 +8546,7 @@ class Auth0Client {
         }
         this.transactionManager.remove();
         const authenticationResult = parseAuthenticationResult(queryStringFragments.join(""));
-        if (transaction.response_type === ResponseType.ConnectCode) {
+        if (transaction.response_type === exports.ResponseType.ConnectCode) {
             return this._handleConnectAccountRedirectCallback(authenticationResult, transaction);
         }
         return this._handleLoginRedirectCallback(authenticationResult, transaction);
@@ -8523,7 +8562,7 @@ class Auth0Client {
         const organization = transaction.organization;
         const nonceIn = transaction.nonce;
         const redirect_uri = transaction.redirect_uri;
-        await this._requestToken(_objectSpread2({
+        await this._requestToken(Object.assign({
             audience: transaction.audience,
             scope: transaction.scope,
             code_verifier: transaction.code_verifier,
@@ -8537,7 +8576,7 @@ class Auth0Client {
         });
         return {
             appState: transaction.appState,
-            response_type: ResponseType.Code
+            response_type: exports.ResponseType.Code
         };
     }
     async _handleConnectAccountRedirectCallback(connectResult, transaction) {
@@ -8557,9 +8596,9 @@ class Auth0Client {
             redirect_uri: transaction.redirect_uri,
             code_verifier: transaction.code_verifier
         });
-        return _objectSpread2(_objectSpread2({}, data), {}, {
+        return Object.assign(Object.assign({}, data), {
             appState: transaction.appState,
-            response_type: ResponseType.ConnectCode
+            response_type: exports.ResponseType.ConnectCode
         });
     }
     async checkSession(options) {
@@ -8579,20 +8618,20 @@ class Auth0Client {
         } catch (_) {}
     }
     async getTokenSilently() {
-        var _options$authorizatio2, _options$authorizatio3;
         let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-        const localOptions = _objectSpread2(_objectSpread2({
+        var _a, _b;
+        const localOptions = Object.assign(Object.assign({
             cacheMode: "on"
-        }, options), {}, {
-            authorizationParams: _objectSpread2(_objectSpread2(_objectSpread2({}, this.options.authorizationParams), options.authorizationParams), {}, {
-                scope: scopesToRequest(this.scope, (_options$authorizatio2 = options.authorizationParams) === null || _options$authorizatio2 === void 0 ? void 0 : _options$authorizatio2.scope, ((_options$authorizatio3 = options.authorizationParams) === null || _options$authorizatio3 === void 0 ? void 0 : _options$authorizatio3.audience) || this.options.authorizationParams.audience)
+        }, options), {
+            authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), options.authorizationParams), {
+                scope: scopesToRequest(this.scope, (_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.scope, ((_b = options.authorizationParams) === null || _b === void 0 ? void 0 : _b.audience) || this.options.authorizationParams.audience)
             })
         });
         const result = await singlePromise(() => this._getTokenSilently(localOptions), "".concat(this.options.clientId, "::").concat(localOptions.authorizationParams.audience, "::").concat(localOptions.authorizationParams.scope));
         return options.detailedResponse ? result : result === null || result === void 0 ? void 0 : result.access_token;
     }
     async _getTokenSilently(options) {
-        const {cacheMode: cacheMode} = options, getTokenOptions = _objectWithoutProperties(options, _excluded3);
+        const {cacheMode: cacheMode} = options, getTokenOptions = __rest(options, [ "cacheMode" ]);
         if (cacheMode !== "off") {
             const entry = await this._getEntryFromCache({
                 scope: getTokenOptions.authorizationParams.scope,
@@ -8622,13 +8661,13 @@ class Auth0Client {
                 }
                 const authResult = this.options.useRefreshTokens ? await this._getTokenUsingRefreshToken(getTokenOptions) : await this._getTokenFromIFrame(getTokenOptions);
                 const {id_token: id_token, token_type: token_type, access_token: access_token, oauthTokenScope: oauthTokenScope, expires_in: expires_in} = authResult;
-                return _objectSpread2(_objectSpread2({
+                return Object.assign(Object.assign({
                     id_token: id_token,
                     token_type: token_type,
                     access_token: access_token
                 }, oauthTokenScope ? {
                     scope: oauthTokenScope
-                } : null), {}, {
+                } : null), {
                     expires_in: expires_in
                 });
             });
@@ -8664,15 +8703,15 @@ class Auth0Client {
         }
     }
     async getTokenWithPopup() {
-        var _options$authorizatio4, _options$authorizatio5;
         let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
         let config = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
-        const localOptions = _objectSpread2(_objectSpread2({}, options), {}, {
-            authorizationParams: _objectSpread2(_objectSpread2(_objectSpread2({}, this.options.authorizationParams), options.authorizationParams), {}, {
-                scope: scopesToRequest(this.scope, (_options$authorizatio4 = options.authorizationParams) === null || _options$authorizatio4 === void 0 ? void 0 : _options$authorizatio4.scope, ((_options$authorizatio5 = options.authorizationParams) === null || _options$authorizatio5 === void 0 ? void 0 : _options$authorizatio5.audience) || this.options.authorizationParams.audience)
+        var _a, _b;
+        const localOptions = Object.assign(Object.assign({}, options), {
+            authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), options.authorizationParams), {
+                scope: scopesToRequest(this.scope, (_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.scope, ((_b = options.authorizationParams) === null || _b === void 0 ? void 0 : _b.audience) || this.options.authorizationParams.audience)
             })
         });
-        config = _objectSpread2(_objectSpread2({}, DEFAULT_POPUP_CONFIG_OPTIONS), config);
+        config = Object.assign(Object.assign({}, DEFAULT_POPUP_CONFIG_OPTIONS), config);
         await this.loginWithPopup(localOptions, config);
         const cache = await this.cacheManager.get(new CacheKey({
             scope: localOptions.authorizationParams.scope,
@@ -8691,17 +8730,36 @@ class Auth0Client {
         } else {
             delete options.clientId;
         }
-        const _ref = options.logoutParams || {}, {federated: federated} = _ref, logoutOptions = _objectWithoutProperties(_ref, _excluded4);
+        const _a = options.logoutParams || {}, {federated: federated} = _a, logoutOptions = __rest(_a, [ "federated" ]);
         const federatedQuery = federated ? "&federated" : "";
-        const url = this._url("/v2/logout?".concat(createQueryParams(_objectSpread2({
+        const url = this._url("/v2/logout?".concat(createQueryParams(Object.assign({
             clientId: options.clientId
         }, logoutOptions))));
         return url + federatedQuery;
     }
+    async revokeRefreshToken() {
+        let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
+        if (!this.options.useRefreshTokens) {
+            return;
+        }
+        const audience = options.audience || this.options.authorizationParams.audience;
+        const resolvedAudience = audience || DEFAULT_AUDIENCE;
+        const refreshTokens = await this.cacheManager.getRefreshTokensByAudience(resolvedAudience, this.options.clientId);
+        await revokeToken({
+            baseUrl: this.domainUrl,
+            timeout: this.httpTimeoutMs,
+            auth0Client: this.options.auth0Client,
+            useFormData: this.options.useFormData,
+            client_id: this.options.clientId,
+            refreshTokens: refreshTokens,
+            audience: resolvedAudience,
+            onRefreshTokenRevoked: refreshToken => this.cacheManager.stripRefreshToken(refreshToken)
+        }, this.worker);
+    }
     async logout() {
-        var _this$dpop2;
         let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-        const _patchOpenUrlWithOnRe2 = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl} = _patchOpenUrlWithOnRe2, logoutOptions = _objectWithoutProperties(_patchOpenUrlWithOnRe2, _excluded5);
+        var _a;
+        const _b = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl} = _b, logoutOptions = __rest(_b, [ "openUrl" ]);
         if (options.clientId === null) {
             await this.cacheManager.clear();
         } else {
@@ -8714,7 +8772,7 @@ class Auth0Client {
             cookieDomain: this.options.cookieDomain
         });
         this.userCache.remove(CACHE_KEY_ID_TOKEN_SUFFIX);
-        await ((_this$dpop2 = this.dpop) === null || _this$dpop2 === void 0 ? void 0 : _this$dpop2.clear());
+        await ((_a = this.dpop) === null || _a === void 0 ? void 0 : _a.clear());
         const url = this._buildLogoutUrl(logoutOptions);
         if (openUrl) {
             await openUrl(url);
@@ -8726,7 +8784,7 @@ class Auth0Client {
         const iframeLockKey = buildIframeLockKey(this.options.clientId);
         try {
             return await this.lockManager.runWithLock(iframeLockKey, 5e3, async () => {
-                const params = _objectSpread2(_objectSpread2({}, options.authorizationParams), {}, {
+                const params = Object.assign(Object.assign({}, options.authorizationParams), {
                     prompt: "none"
                 });
                 const orgHint = this.cookieStorage.get(this.orgHintCookieName);
@@ -8743,14 +8801,14 @@ class Auth0Client {
                 let eventOrigin;
                 try {
                     eventOrigin = new URL(this.domainUrl).origin;
-                } catch (_unused2) {
+                } catch (_a) {
                     eventOrigin = this.domainUrl;
                 }
                 const codeResult = await runIframe(url, eventOrigin, authorizeTimeout);
                 if (stateIn !== codeResult.state) {
                     throw new GenericError("state_mismatch", "Invalid state");
                 }
-                const tokenResult = await this._requestToken(_objectSpread2(_objectSpread2({}, options.authorizationParams), {}, {
+                const tokenResult = await this._requestToken(Object.assign(Object.assign({}, options.authorizationParams), {
                     code_verifier: code_verifier,
                     code: codeResult.code,
                     grant_type: "authorization_code",
@@ -8760,7 +8818,7 @@ class Auth0Client {
                     nonceIn: nonceIn,
                     organization: params.organization
                 });
-                return _objectSpread2(_objectSpread2({}, tokenResult), {}, {
+                return Object.assign(Object.assign({}, tokenResult), {
                     scope: scope,
                     oauthTokenScope: tokenResult.scope,
                     audience: audience
@@ -8779,6 +8837,7 @@ class Auth0Client {
         }
     }
     async _getTokenUsingRefreshToken(options) {
+        var _a, _b;
         const cache = await this.cacheManager.get(new CacheKey({
             scope: options.authorizationParams.scope,
             audience: options.authorizationParams.audience || DEFAULT_AUDIENCE,
@@ -8794,16 +8853,16 @@ class Auth0Client {
         const timeout = typeof options.timeoutInSeconds === "number" ? options.timeoutInSeconds * 1e3 : null;
         const scopesToRequest = getScopeToRequest(this.options.useMrrt, options.authorizationParams, cache === null || cache === void 0 ? void 0 : cache.audience, cache === null || cache === void 0 ? void 0 : cache.scope);
         try {
-            const tokenResult = await this._requestToken(_objectSpread2(_objectSpread2({}, options.authorizationParams), {}, {
+            const tokenResult = await this._requestToken(Object.assign(Object.assign(Object.assign({}, options.authorizationParams), {
                 grant_type: "refresh_token",
                 refresh_token: cache && cache.refresh_token,
                 redirect_uri: redirect_uri
-            }, timeout && {
+            }), timeout && {
                 timeout: timeout
             }), {
                 scopesToRequest: scopesToRequest
             });
-            if (tokenResult.refresh_token && cache !== null && cache !== void 0 && cache.refresh_token) {
+            if (tokenResult.refresh_token && (cache === null || cache === void 0 ? void 0 : cache.refresh_token)) {
                 await this.cacheManager.updateEntry(cache.refresh_token, tokenResult.refresh_token);
             }
             if (this.options.useMrrt) {
@@ -8820,7 +8879,7 @@ class Auth0Client {
                     }
                 }
             }
-            return _objectSpread2(_objectSpread2({}, tokenResult), {}, {
+            return Object.assign(Object.assign({}, tokenResult), {
                 scope: options.authorizationParams.scope,
                 oauthTokenScope: tokenResult.scope,
                 audience: options.authorizationParams.audience || DEFAULT_AUDIENCE
@@ -8838,14 +8897,13 @@ class Auth0Client {
                 }
             }
             if (e instanceof MfaRequiredError) {
-                var _options$authorizatio6, _options$authorizatio7;
-                this.mfa.setMFAAuthDetails(e.mfa_token, (_options$authorizatio6 = options.authorizationParams) === null || _options$authorizatio6 === void 0 ? void 0 : _options$authorizatio6.scope, (_options$authorizatio7 = options.authorizationParams) === null || _options$authorizatio7 === void 0 ? void 0 : _options$authorizatio7.audience, e.mfa_requirements);
+                this.mfa.setMFAAuthDetails(e.mfa_token, (_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.scope, (_b = options.authorizationParams) === null || _b === void 0 ? void 0 : _b.audience, e.mfa_requirements);
             }
             throw e;
         }
     }
     async _saveEntryInCache(entry) {
-        const {id_token: id_token, decodedToken: decodedToken} = entry, entryWithoutIdToken = _objectWithoutProperties(entry, _excluded6);
+        const {id_token: id_token, decodedToken: decodedToken} = entry, entryWithoutIdToken = __rest(entry, [ "id_token", "decodedToken" ]);
         this.userCache.set(CACHE_KEY_ID_TOKEN_SUFFIX, {
             id_token: id_token,
             decodedToken: decodedToken
@@ -8868,8 +8926,8 @@ class Auth0Client {
         this.userCache.set(CACHE_KEY_ID_TOKEN_SUFFIX, cache);
         return cache;
     }
-    async _getEntryFromCache(_ref2) {
-        let {scope: scope, audience: audience, clientId: clientId, cacheMode: cacheMode} = _ref2;
+    async _getEntryFromCache(_ref) {
+        let {scope: scope, audience: audience, clientId: clientId, cacheMode: cacheMode} = _ref;
         const entry = await this.cacheManager.get(new CacheKey({
             scope: scope,
             audience: audience,
@@ -8878,20 +8936,21 @@ class Auth0Client {
         if (entry && entry.access_token) {
             const {token_type: token_type, access_token: access_token, oauthTokenScope: oauthTokenScope, expires_in: expires_in} = entry;
             const cache = await this._getIdTokenFromCache();
-            return cache && _objectSpread2(_objectSpread2({
+            return cache && Object.assign(Object.assign({
                 id_token: cache.id_token,
                 token_type: token_type ? token_type : "Bearer",
                 access_token: access_token
             }, oauthTokenScope ? {
                 scope: oauthTokenScope
-            } : null), {}, {
+            } : null), {
                 expires_in: expires_in
             });
         }
     }
     async _requestToken(options, additionalParameters) {
+        var _a, _b;
         const {nonceIn: nonceIn, organization: organization, scopesToRequest: scopesToRequest} = additionalParameters || {};
-        const authResult = await oauthToken(_objectSpread2(_objectSpread2({
+        const authResult = await oauthToken(Object.assign(Object.assign({
             baseUrl: this.domainUrl,
             client_id: this.options.clientId,
             auth0Client: this.options.auth0Client,
@@ -8899,25 +8958,24 @@ class Auth0Client {
             timeout: this.httpTimeoutMs,
             useMrrt: this.options.useMrrt,
             dpop: this.dpop
-        }, options), {}, {
+        }, options), {
             scope: scopesToRequest || options.scope
         }), this.worker);
         const decodedToken = await this._verifyIdToken(authResult.id_token, nonceIn, organization);
         if (options.grant_type === "authorization_code") {
-            var _existingIdToken$deco;
             const existingIdToken = await this._getIdTokenFromCache();
-            if (existingIdToken !== null && existingIdToken !== void 0 && (_existingIdToken$deco = existingIdToken.decodedToken) !== null && _existingIdToken$deco !== void 0 && (_existingIdToken$deco = _existingIdToken$deco.claims) !== null && _existingIdToken$deco !== void 0 && _existingIdToken$deco.sub && existingIdToken.decodedToken.claims.sub !== decodedToken.claims.sub) {
+            if (((_b = (_a = existingIdToken === null || existingIdToken === void 0 ? void 0 : existingIdToken.decodedToken) === null || _a === void 0 ? void 0 : _a.claims) === null || _b === void 0 ? void 0 : _b.sub) && existingIdToken.decodedToken.claims.sub !== decodedToken.claims.sub) {
                 await this.cacheManager.clear(this.options.clientId);
                 this.userCache.remove(CACHE_KEY_ID_TOKEN_SUFFIX);
             }
         }
-        await this._saveEntryInCache(_objectSpread2(_objectSpread2(_objectSpread2({}, authResult), {}, {
+        await this._saveEntryInCache(Object.assign(Object.assign(Object.assign(Object.assign({}, authResult), {
             decodedToken: decodedToken,
             scope: options.scope,
             audience: options.audience || DEFAULT_AUDIENCE
-        }, authResult.scope ? {
+        }), authResult.scope ? {
             oauthTokenScope: authResult.scope
-        } : null), {}, {
+        } : null), {
             client_id: this.options.clientId
         }));
         this.cookieStorage.save(this.isAuthenticatedCookieName, true, {
@@ -8925,12 +8983,12 @@ class Auth0Client {
             cookieDomain: this.options.cookieDomain
         });
         this._processOrgHint(organization || decodedToken.claims.org_id);
-        return _objectSpread2(_objectSpread2({}, authResult), {}, {
+        return Object.assign(Object.assign({}, authResult), {
             decodedToken: decodedToken
         });
     }
     async loginWithCustomTokenExchange(options) {
-        return this._requestToken(_objectSpread2(_objectSpread2({}, options), {}, {
+        return this._requestToken(Object.assign(Object.assign({}, options), {
             grant_type: "urn:ietf:params:oauth:grant-type:token-exchange",
             subject_token: options.subject_token,
             subject_token_type: options.subject_token_type,
@@ -8964,10 +9022,10 @@ class Auth0Client {
         return new Fetcher(config, {
             isDpopEnabled: () => !!this.options.useDpop,
             getAccessToken: authParams => {
-                var _authParams$scope;
+                var _a;
                 return this.getTokenSilently({
                     authorizationParams: {
-                        scope: authParams === null || authParams === void 0 || (_authParams$scope = authParams.scope) === null || _authParams$scope === void 0 ? void 0 : _authParams$scope.join(" "),
+                        scope: (_a = authParams === null || authParams === void 0 ? void 0 : authParams.scope) === null || _a === void 0 ? void 0 : _a.join(" "),
                         audience: authParams === null || authParams === void 0 ? void 0 : authParams.audience
                     },
                     detailedResponse: true
@@ -9003,7 +9061,7 @@ class Auth0Client {
             redirect_uri: redirectUri,
             appState: appState,
             connection: connection,
-            response_type: ResponseType.ConnectCode
+            response_type: exports.ResponseType.ConnectCode
         });
         const url = new URL(connect_uri);
         url.searchParams.set("ticket", connect_params.ticket);
@@ -9014,8 +9072,8 @@ class Auth0Client {
         }
     }
     async _requestTokenForMfa(options, additionalParameters) {
-        const {mfaToken: mfaToken} = options, restOptions = _objectWithoutProperties(options, _excluded7);
-        return this._requestToken(_objectSpread2(_objectSpread2({}, restOptions), {}, {
+        const {mfaToken: mfaToken} = options, restOptions = __rest(options, [ "mfaToken" ]);
+        return this._requestToken(Object.assign(Object.assign({}, restOptions), {
             mfa_token: mfaToken
         }), additionalParameters);
     }
@@ -9067,8 +9125,6 @@ exports.PopupOpenError = PopupOpenError;
 
 exports.PopupTimeoutError = PopupTimeoutError;
 
-exports.ResponseType = ResponseType;
-
 exports.TimeoutError = TimeoutError;
 
 exports.UseDpopNonceError = UseDpopNonceError;