npm - @auth0/auth0-spa-js - Versions diffs - 2.18.3 → 2.19.1 - Mend

@auth0/auth0-spa-js 2.18.3 → 2.19.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (61) hide show

package/README.md +1 -1
package/dist/auth0-spa-js.development.js +427 -370
package/dist/auth0-spa-js.development.js.map +1 -1
package/dist/auth0-spa-js.production.esm.js +1 -1
package/dist/auth0-spa-js.production.esm.js.map +1 -1
package/dist/auth0-spa-js.production.js +1 -1
package/dist/auth0-spa-js.production.js.map +1 -1
package/dist/auth0-spa-js.worker.development.js +132 -81
package/dist/auth0-spa-js.worker.development.js.map +1 -1
package/dist/auth0-spa-js.worker.production.js +1 -1
package/dist/auth0-spa-js.worker.production.js.map +1 -1
package/dist/lib/auth0-spa-js.cjs.js +449 -393
package/dist/lib/auth0-spa-js.cjs.js.map +1 -1
package/dist/typings/Auth0Client.d.ts +476 -439
package/dist/typings/Auth0Client.utils.d.ts +90 -90
package/dist/typings/MyAccountApiClient.d.ts +92 -92
package/dist/typings/TokenExchange.d.ts +77 -77
package/dist/typings/api.d.ts +33 -2
package/dist/typings/cache/cache-localstorage.d.ts +7 -7
package/dist/typings/cache/cache-manager.d.ts +69 -56
package/dist/typings/cache/cache-memory.d.ts +4 -4
package/dist/typings/cache/index.d.ts +4 -4
package/dist/typings/cache/key-manifest.d.ts +12 -12
package/dist/typings/cache/shared.d.ts +68 -68
package/dist/typings/constants.d.ts +58 -58
package/dist/typings/dpop/dpop.d.ts +17 -17
package/dist/typings/dpop/storage.d.ts +27 -27
package/dist/typings/dpop/utils.d.ts +15 -15
package/dist/typings/errors.d.ts +96 -96
package/dist/typings/fetcher.d.ts +54 -54
package/dist/typings/global.d.ts +826 -819
package/dist/typings/http.d.ts +11 -5
package/dist/typings/index.d.ts +24 -24
package/dist/typings/jwt.d.ts +21 -21
package/dist/typings/lock.d.ts +32 -32
package/dist/typings/mfa/MfaApiClient.d.ts +225 -225
package/dist/typings/mfa/MfaContextManager.d.ts +79 -79
package/dist/typings/mfa/constants.d.ts +23 -23
package/dist/typings/mfa/errors.d.ts +117 -117
package/dist/typings/mfa/index.d.ts +4 -4
package/dist/typings/mfa/types.d.ts +181 -181
package/dist/typings/mfa/utils.d.ts +23 -23
package/dist/typings/promise-utils.d.ts +2 -2
package/dist/typings/scope.d.ts +35 -35
package/dist/typings/storage.d.ts +26 -26
package/dist/typings/transaction-manager.d.ts +33 -33
package/dist/typings/utils.d.ts +36 -36
package/dist/typings/version.d.ts +2 -2
package/dist/typings/worker/token.worker.d.ts +1 -1
package/dist/typings/worker/worker.types.d.ts +27 -20
package/dist/typings/worker/worker.utils.d.ts +13 -7
package/package.json +2 -2
package/src/Auth0Client.ts +73 -2
package/src/api.ts +116 -2
package/src/cache/cache-manager.ts +85 -9
package/src/global.ts +8 -0
package/src/http.ts +28 -21
package/src/version.ts +1 -1
package/src/worker/token.worker.ts +120 -5
package/src/worker/worker.types.ts +17 -6
package/src/worker/worker.utils.ts +18 -7

package/dist/auth0-spa-js.development.js CHANGED Viewed

@@ -3,145 +3,19 @@
     factory(global.auth0 = {}));
 })(this, function(exports) {
     "use strict";
-    function _OverloadYield(e, d) {
-        this.v = e, this.k = d;
-    }
-    function _assertClassBrand(e, t, n) {
-        if ("function" == typeof e ? e === t : e.has(t)) return arguments.length < 3 ? t : n;
-        throw new TypeError("Private element is not present on this object");
-    }
-    function _awaitAsyncGenerator(e) {
-        return new _OverloadYield(e, 0);
-    }
-    function _checkPrivateRedeclaration(e, t) {
-        if (t.has(e)) throw new TypeError("Cannot initialize the same private elements twice on an object");
-    }
-    function _classPrivateFieldGet2(s, a) {
-        return s.get(_assertClassBrand(s, a));
-    }
-    function _classPrivateFieldInitSpec(e, t, a) {
-        _checkPrivateRedeclaration(e, t), t.set(e, a);
-    }
-    function _classPrivateFieldSet2(s, a, r) {
-        return s.set(_assertClassBrand(s, a), r), r;
-    }
-    function _classPrivateMethodInitSpec(e, a) {
-        _checkPrivateRedeclaration(e, a), a.add(e);
-    }
-    function _defineProperty(e, r, t) {
-        return (r = _toPropertyKey(r)) in e ? Object.defineProperty(e, r, {
-            value: t,
-            enumerable: !0,
-            configurable: !0,
-            writable: !0
-        }) : e[r] = t, e;
-    }
-    function ownKeys(e, r) {
-        var t = Object.keys(e);
-        if (Object.getOwnPropertySymbols) {
-            var o = Object.getOwnPropertySymbols(e);
-            r && (o = o.filter(function(r) {
-                return Object.getOwnPropertyDescriptor(e, r).enumerable;
-            })), t.push.apply(t, o);
-        }
-        return t;
-    }
-    function _objectSpread2(e) {
-        for (var r = 1; r < arguments.length; r++) {
-            var t = null != arguments[r] ? arguments[r] : {};
-            r % 2 ? ownKeys(Object(t), !0).forEach(function(r) {
-                _defineProperty(e, r, t[r]);
-            }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys(Object(t)).forEach(function(r) {
-                Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r));
-            });
-        }
-        return e;
-    }
-    function _objectWithoutProperties(e, t) {
-        if (null == e) return {};
-        var o, r, i = _objectWithoutPropertiesLoose(e, t);
-        if (Object.getOwnPropertySymbols) {
-            var n = Object.getOwnPropertySymbols(e);
-            for (r = 0; r < n.length; r++) o = n[r], -1 === t.indexOf(o) && {}.propertyIsEnumerable.call(e, o) && (i[o] = e[o]);
-        }
-        return i;
-    }
-    function _objectWithoutPropertiesLoose(r, e) {
-        if (null == r) return {};
+    function __rest(s, e) {
         var t = {};
-        for (var n in r) if ({}.hasOwnProperty.call(r, n)) {
-            if (-1 !== e.indexOf(n)) continue;
-            t[n] = r[n];
+        for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0) t[p] = s[p];
+        if (s != null && typeof Object.getOwnPropertySymbols === "function") for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {
+            if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i])) t[p[i]] = s[p[i]];
         }
         return t;
     }
-    function _toPrimitive(t, r) {
-        if ("object" != typeof t || !t) return t;
-        var e = t[Symbol.toPrimitive];
-        if (void 0 !== e) {
-            var i = e.call(t, r || "default");
-            if ("object" != typeof i) return i;
-            throw new TypeError("@@toPrimitive must return a primitive value.");
-        }
-        return ("string" === r ? String : Number)(t);
-    }
-    function _toPropertyKey(t) {
-        var i = _toPrimitive(t, "string");
-        return "symbol" == typeof i ? i : i + "";
-    }
-    function _wrapAsyncGenerator(e) {
-        return function() {
-            return new AsyncGenerator(e.apply(this, arguments));
-        };
-    }
-    function AsyncGenerator(e) {
-        var t, n;
-        function resume(t, n) {
-            try {
-                var r = e[t](n), o = r.value, u = o instanceof _OverloadYield;
-                Promise.resolve(u ? o.v : o).then(function(n) {
-                    if (u) {
-                        var i = "return" === t && o.k ? t : "next";
-                        if (!o.k || n.done) return resume(i, n);
-                        n = e[i](n).value;
-                    }
-                    settle(!!r.done, n);
-                }, function(e) {
-                    resume("throw", e);
-                });
-            } catch (e) {
-                settle(2, e);
-            }
-        }
-        function settle(e, r) {
-            2 === e ? t.reject(r) : t.resolve({
-                value: r,
-                done: e
-            }), (t = t.next) ? resume(t.key, t.arg) : n = null;
-        }
-        this._invoke = function(e, r) {
-            return new Promise(function(o, u) {
-                var i = {
-                    key: e,
-                    arg: r,
-                    resolve: o,
-                    reject: u,
-                    next: null
-                };
-                n ? n = n.next = i : (t = n = i, resume(e, r));
-            });
-        }, "function" != typeof e.return && (this.return = void 0);
-    }
-    AsyncGenerator.prototype["function" == typeof Symbol && Symbol.asyncIterator || "@@asyncIterator"] = function() {
-        return this;
-    }, AsyncGenerator.prototype.next = function(e) {
-        return this._invoke("next", e);
-    }, AsyncGenerator.prototype.throw = function(e) {
-        return this._invoke("throw", e);
-    }, AsyncGenerator.prototype.return = function(e) {
-        return this._invoke("return", e);
+    typeof SuppressedError === "function" ? SuppressedError : function(error, suppressed, message) {
+        var e = new Error(message);
+        return e.name = "SuppressedError", e.error = error, e.suppressed = suppressed, e;
     };
-    var version = "2.18.3";
+    var version = "2.19.1";
     const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;
     const DEFAULT_POPUP_CONFIG_OPTIONS = {
         timeoutInSeconds: DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS
@@ -254,7 +128,6 @@
         let exclude = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : [];
         return value && !exclude.includes(value) ? value : "";
     }
-    const _excluded$5 = [ "clientId" ];
     const parseAuthenticationResult = queryString => {
         if (queryString.indexOf("#") > -1) {
             queryString = queryString.substring(0, queryString.indexOf("#"));
@@ -359,7 +232,7 @@
         return random;
     };
     const encode$2 = value => btoa(value);
-    const stripUndefined = params => Object.keys(params).filter(k => typeof params[k] !== "undefined").reduce((acc, key) => _objectSpread2(_objectSpread2({}, acc), {}, {
+    const stripUndefined = params => Object.keys(params).filter(k => typeof params[k] !== "undefined").reduce((acc, key) => Object.assign(Object.assign({}, acc), {
         [key]: params[key]
     }), {});
     const ALLOWED_AUTH0CLIENT_PROPERTIES = [ {
@@ -385,9 +258,9 @@
             return acc;
         }, {});
     };
-    const createQueryParams = _ref => {
-        let {clientId: client_id} = _ref, params = _objectWithoutProperties(_ref, _excluded$5);
-        return new URLSearchParams(stripUndefined(_objectSpread2({
+    const createQueryParams = _a => {
+        var {clientId: client_id} = _a, params = __rest(_a, [ "clientId" ]);
+        return new URLSearchParams(stripUndefined(Object.assign({
             client_id: client_id
         }, params))).toString();
     };
@@ -437,8 +310,8 @@
         }
         return parseInt(value, 10) || undefined;
     };
-    const fromEntries = iterable => [ ...iterable ].reduce((obj, _ref2) => {
-        let [key, val] = _ref2;
+    const fromEntries = iterable => [ ...iterable ].reduce((obj, _ref) => {
+        let [key, val] = _ref;
         obj[key] = val;
         return obj;
     }, {});
@@ -978,9 +851,7 @@
     }
     class LegacyLockManager {
         constructor() {
-            _defineProperty(this, "lock", void 0);
-            _defineProperty(this, "activeLocks", new Set);
-            _defineProperty(this, "pagehideHandler", void 0);
+            this.activeLocks = new Set;
             this.lock = new _default;
             this.pagehideHandler = () => {
                 this.activeLocks.forEach(key => this.lock.releaseLock(key));
@@ -1012,8 +883,8 @@
         }
     }
     function isWebLocksSupported() {
-        var _navigator$locks;
-        return typeof navigator !== "undefined" && typeof ((_navigator$locks = navigator.locks) === null || _navigator$locks === void 0 ? void 0 : _navigator$locks.request) === "function";
+        var _a;
+        return typeof navigator !== "undefined" && typeof ((_a = navigator.locks) === null || _a === void 0 ? void 0 : _a.request) === "function";
     }
     function createLockManager() {
         return isWebLocksSupported() ? new WebLocksApiManager : new LegacyLockManager;
@@ -1347,21 +1218,12 @@
         };
         to.postMessage(message, [ messageChannel.port2 ]);
     });
-    const _excluded$4 = [ "error", "error_description" ];
     const createAbortController = () => new AbortController;
-    const dofetch = async (fetchUrl, fetchOptions) => {
-        const response = await fetch(fetchUrl, fetchOptions);
-        return {
-            ok: response.ok,
-            json: await response.json(),
-            headers: fromEntries(response.headers)
-        };
-    };
-    const fetchWithoutWorker = async (fetchUrl, fetchOptions, timeout) => {
+    const fetchWithTimeout = (fetchUrl, fetchOptions, timeout) => {
         const controller = createAbortController();
         fetchOptions.signal = controller.signal;
         let timeoutId;
-        return Promise.race([ dofetch(fetchUrl, fetchOptions), new Promise((_, reject) => {
+        return Promise.race([ fetch(fetchUrl, fetchOptions), new Promise((_, reject) => {
             timeoutId = setTimeout(() => {
                 controller.abort();
                 reject(new Error("Timeout when executing 'fetch'"));
@@ -1370,7 +1232,16 @@
             clearTimeout(timeoutId);
         });
     };
+    const fetchWithoutWorker = async (fetchUrl, fetchOptions, timeout) => {
+        const response = await fetchWithTimeout(fetchUrl, fetchOptions, timeout);
+        return {
+            ok: response.ok,
+            json: await response.json(),
+            headers: fromEntries(response.headers)
+        };
+    };
     const fetchWithWorker = async (fetchUrl, audience, scope, fetchOptions, timeout, worker, useFormData, useMrrt) => sendMessage({
+        type: "refresh",
         auth: {
             audience: audience,
             scope: scope
@@ -1397,7 +1268,7 @@
                 method: options.method || "GET",
                 nonce: await dpop.getNonce()
             });
-            options.headers = _objectSpread2(_objectSpread2({}, options.headers), {}, {
+            options.headers = Object.assign(Object.assign({}, options.headers), {
                 dpop: dpopProof
             });
         }
@@ -1415,7 +1286,7 @@
         if (fetchError) {
             throw fetchError;
         }
-        const {json: {error: error, error_description: error_description}, headers: headers, ok: ok} = response, data = _objectWithoutProperties(response.json, _excluded$4);
+        const _a = response.json, {error: error, error_description: error_description} = _a, data = __rest(_a, [ "error", "error_description" ]), {headers: headers, ok: ok} = response;
         let newDpopNonce;
         if (dpop) {
             newDpopNonce = headers[DPOP_NONCE_HEADER];
@@ -1441,12 +1312,11 @@
         }
         return data;
     }
-    const _excluded$3 = [ "baseUrl", "timeout", "audience", "scope", "auth0Client", "useFormData", "useMrrt", "dpop" ];
-    async function oauthToken(_ref, worker) {
-        let {baseUrl: baseUrl, timeout: timeout, audience: audience, scope: scope, auth0Client: auth0Client, useFormData: useFormData, useMrrt: useMrrt, dpop: dpop} = _ref, options = _objectWithoutProperties(_ref, _excluded$3);
+    async function oauthToken(_a, worker) {
+        var {baseUrl: baseUrl, timeout: timeout, audience: audience, scope: scope, auth0Client: auth0Client, useFormData: useFormData, useMrrt: useMrrt, dpop: dpop} = _a, options = __rest(_a, [ "baseUrl", "timeout", "audience", "scope", "auth0Client", "useFormData", "useMrrt", "dpop" ]);
         const isTokenExchange = options.grant_type === "urn:ietf:params:oauth:grant-type:token-exchange";
         const refreshWithMrrt = options.grant_type === "refresh_token" && useMrrt;
-        const allParams = _objectSpread2(_objectSpread2(_objectSpread2(_objectSpread2({}, options), isTokenExchange && audience && {
+        const allParams = Object.assign(Object.assign(Object.assign(Object.assign({}, options), isTokenExchange && audience && {
             audience: audience
         }), isTokenExchange && scope && {
             scope: scope
@@ -1465,6 +1335,63 @@
             }
         }, worker, useFormData, useMrrt, isDpopSupported ? dpop : undefined);
     }
+    async function revokeToken(_ref, worker) {
+        let {baseUrl: baseUrl, timeout: timeout, auth0Client: auth0Client, useFormData: useFormData, refreshTokens: refreshTokens, audience: audience, client_id: client_id, onRefreshTokenRevoked: onRefreshTokenRevoked} = _ref;
+        const resolvedTimeout = timeout || DEFAULT_FETCH_TIMEOUT_MS;
+        const token_type_hint = "refresh_token";
+        const fetchUrl = "".concat(baseUrl, "/oauth/revoke");
+        const headers = {
+            "Content-Type": useFormData ? "application/x-www-form-urlencoded" : "application/json",
+            "Auth0-Client": btoa(JSON.stringify(stripAuth0Client(auth0Client || DEFAULT_AUTH0_CLIENT)))
+        };
+        if (worker) {
+            const baseParams = {
+                client_id: client_id,
+                token_type_hint: token_type_hint
+            };
+            const body = useFormData ? createQueryParams(baseParams) : JSON.stringify(baseParams);
+            try {
+                return await sendMessage({
+                    type: "revoke",
+                    timeout: resolvedTimeout,
+                    fetchUrl: fetchUrl,
+                    fetchOptions: {
+                        method: "POST",
+                        body: body,
+                        headers: headers
+                    },
+                    useFormData: useFormData,
+                    auth: {
+                        audience: audience !== null && audience !== void 0 ? audience : DEFAULT_AUDIENCE
+                    }
+                }, worker);
+            } catch (e) {
+                throw new GenericError("revoke_error", e.message);
+            }
+        }
+        for (const refreshToken of refreshTokens) {
+            const params = {
+                client_id: client_id,
+                token_type_hint: token_type_hint,
+                token: refreshToken
+            };
+            const body = useFormData ? createQueryParams(params) : JSON.stringify(params);
+            const response = await fetchWithTimeout(fetchUrl, {
+                method: "POST",
+                body: body,
+                headers: headers
+            }, resolvedTimeout);
+            if (!response.ok) {
+                let error;
+                let errorDescription;
+                try {
+                    ({error: error, error_description: errorDescription} = JSON.parse(await response.text()));
+                } catch (_a) {}
+                throw new GenericError(error || "revoke_error", errorDescription || "HTTP error ".concat(response.status));
+            }
+            await (onRefreshTokenRevoked === null || onRefreshTokenRevoked === void 0 ? void 0 : onRefreshTokenRevoked(refreshToken));
+        }
+    }
     const dedupe = arr => Array.from(new Set(arr));
     const getUniqueScopes = function getUniqueScopes() {
         for (var _len = arguments.length, scopes = new Array(_len), _key = 0; _key < _len; _key++) {
@@ -1508,9 +1435,6 @@
             let suffix = arguments.length > 2 ? arguments[2] : undefined;
             this.prefix = prefix;
             this.suffix = suffix;
-            _defineProperty(this, "clientId", void 0);
-            _defineProperty(this, "scope", void 0);
-            _defineProperty(this, "audience", void 0);
             this.clientId = data.clientId;
             this.scope = data.scope;
             this.audience = data.audience;
@@ -1558,7 +1482,7 @@
     }
     class InMemoryCache {
         constructor() {
-            _defineProperty(this, "enclosedCache", function() {
+            this.enclosedCache = function() {
                 let cache = {};
                 return {
                     set(key, entry) {
@@ -1578,7 +1502,7 @@
                         return Object.keys(cache);
                     }
                 };
-            }());
+            }();
         }
     }
     const DEFAULT_EXPIRY_ADJUSTMENT_SECONDS = 0;
@@ -1586,17 +1510,16 @@
         constructor(cache, keyManifest, nowProvider) {
             this.cache = cache;
             this.keyManifest = keyManifest;
-            _defineProperty(this, "nowProvider", void 0);
             this.nowProvider = nowProvider || DEFAULT_NOW_PROVIDER;
         }
         async setIdToken(clientId, idToken, decodedToken) {
-            var _this$keyManifest;
+            var _a;
             const cacheKey = this.getIdTokenCacheKey(clientId);
             await this.cache.set(cacheKey, {
                 id_token: idToken,
                 decodedToken: decodedToken
             });
-            await ((_this$keyManifest = this.keyManifest) === null || _this$keyManifest === void 0 ? void 0 : _this$keyManifest.add(cacheKey));
+            await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.add(cacheKey));
         }
         async getIdToken(cacheKey) {
             const entry = await this.cache.get(this.getIdTokenCacheKey(cacheKey.clientId));
@@ -1625,13 +1548,16 @@
             let expiryAdjustmentSeconds = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : DEFAULT_EXPIRY_ADJUSTMENT_SECONDS;
             let useMrrt = arguments.length > 2 && arguments[2] !== undefined ? arguments[2] : false;
             let cacheMode = arguments.length > 3 ? arguments[3] : undefined;
+            var _a;
             let wrappedEntry = await this.cache.get(cacheKey.toKey());
+            let resolvedCacheKey = cacheKey;
             if (!wrappedEntry) {
                 const keys = await this.getCacheKeys();
                 if (!keys) return;
                 const matchedKey = this.matchExistingCacheKey(cacheKey, keys);
                 if (matchedKey) {
                     wrappedEntry = await this.cache.get(matchedKey);
+                    resolvedCacheKey = CacheKey.fromKey(matchedKey);
                 }
                 if (!wrappedEntry && useMrrt && cacheMode !== "cache-only") {
                     return this.getEntryWithRefreshToken(cacheKey, keys);
@@ -1643,31 +1569,34 @@
             const now = await this.nowProvider();
             const nowSeconds = Math.floor(now / 1e3);
             if (wrappedEntry.expiresAt - expiryAdjustmentSeconds < nowSeconds) {
-                var _this$keyManifest2;
                 if (wrappedEntry.body.refresh_token) {
-                    return this.modifiedCachedEntry(wrappedEntry, cacheKey);
+                    return this.modifiedCachedEntry(wrappedEntry, resolvedCacheKey);
                 }
-                await this.cache.remove(cacheKey.toKey());
-                await ((_this$keyManifest2 = this.keyManifest) === null || _this$keyManifest2 === void 0 ? void 0 : _this$keyManifest2.remove(cacheKey.toKey()));
+                await this.cache.remove(resolvedCacheKey.toKey());
+                await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.remove(resolvedCacheKey.toKey()));
                 return;
             }
             return wrappedEntry.body;
         }
         async modifiedCachedEntry(wrappedEntry, cacheKey) {
-            wrappedEntry.body = {
+            const strippedBody = {
                 refresh_token: wrappedEntry.body.refresh_token,
                 audience: wrappedEntry.body.audience,
                 scope: wrappedEntry.body.scope
             };
-            await this.cache.set(cacheKey.toKey(), wrappedEntry);
+            const strippedEntry = {
+                body: strippedBody,
+                expiresAt: wrappedEntry.expiresAt
+            };
+            await this.cache.set(cacheKey.toKey(), strippedEntry);
             return {
-                refresh_token: wrappedEntry.body.refresh_token,
-                audience: wrappedEntry.body.audience,
-                scope: wrappedEntry.body.scope
+                refresh_token: strippedBody.refresh_token,
+                audience: strippedBody.audience,
+                scope: strippedBody.scope
             };
         }
         async set(entry) {
-            var _this$keyManifest3;
+            var _a;
             const cacheKey = new CacheKey({
                 clientId: entry.client_id,
                 scope: entry.scope,
@@ -1675,7 +1604,7 @@
             });
             const wrappedEntry = await this.wrapCacheEntry(entry);
             await this.cache.set(cacheKey.toKey(), wrappedEntry);
-            await ((_this$keyManifest3 = this.keyManifest) === null || _this$keyManifest3 === void 0 ? void 0 : _this$keyManifest3.add(cacheKey.toKey()));
+            await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.add(cacheKey.toKey()));
         }
         async remove(client_id, audience, scope) {
             const cacheKey = new CacheKey({
@@ -1685,15 +1614,27 @@
             });
             await this.cache.remove(cacheKey.toKey());
         }
+        async stripRefreshToken(refreshToken) {
+            var _a;
+            const keys = await this.getCacheKeys();
+            if (!keys) return;
+            for (const key of keys) {
+                const entry = await this.cache.get(key);
+                if (((_a = entry === null || entry === void 0 ? void 0 : entry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) === refreshToken) {
+                    delete entry.body.refresh_token;
+                    await this.cache.set(key, entry);
+                }
+            }
+        }
         async clear(clientId) {
-            var _this$keyManifest4;
+            var _a;
             const keys = await this.getCacheKeys();
             if (!keys) return;
             await keys.filter(key => clientId ? key.includes(clientId) : true).reduce(async (memo, key) => {
                 await memo;
                 await this.cache.remove(key);
             }, Promise.resolve());
-            await ((_this$keyManifest4 = this.keyManifest) === null || _this$keyManifest4 === void 0 ? void 0 : _this$keyManifest4.clear());
+            await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.clear());
         }
         async wrapCacheEntry(entry) {
             const now = await this.nowProvider();
@@ -1704,9 +1645,9 @@
             };
         }
         async getCacheKeys() {
+            var _a;
             if (this.keyManifest) {
-                var _await$this$keyManife;
-                return (_await$this$keyManife = await this.keyManifest.get()) === null || _await$this$keyManife === void 0 ? void 0 : _await$this$keyManife.keys;
+                return (_a = await this.keyManifest.get()) === null || _a === void 0 ? void 0 : _a.keys;
             } else if (this.cache.allKeys) {
                 return this.cache.allKeys();
             }
@@ -1718,34 +1659,54 @@
         }
         matchExistingCacheKey(keyToMatch, allKeys) {
             return allKeys.filter(key => {
-                var _keyToMatch$scope;
+                var _a;
                 const cacheKey = CacheKey.fromKey(key);
                 const scopeSet = new Set(cacheKey.scope && cacheKey.scope.split(" "));
-                const scopesToMatch = ((_keyToMatch$scope = keyToMatch.scope) === null || _keyToMatch$scope === void 0 ? void 0 : _keyToMatch$scope.split(" ")) || [];
+                const scopesToMatch = ((_a = keyToMatch.scope) === null || _a === void 0 ? void 0 : _a.split(" ")) || [];
                 const hasAllScopes = cacheKey.scope && scopesToMatch.reduce((acc, current) => acc && scopeSet.has(current), true);
                 return cacheKey.prefix === CACHE_KEY_PREFIX && cacheKey.clientId === keyToMatch.clientId && cacheKey.audience === keyToMatch.audience && hasAllScopes;
             })[0];
         }
         async getEntryWithRefreshToken(keyToMatch, allKeys) {
+            var _a;
             for (const key of allKeys) {
                 const cacheKey = CacheKey.fromKey(key);
                 if (cacheKey.prefix === CACHE_KEY_PREFIX && cacheKey.clientId === keyToMatch.clientId) {
-                    var _cachedEntry$body;
                     const cachedEntry = await this.cache.get(key);
-                    if (cachedEntry !== null && cachedEntry !== void 0 && (_cachedEntry$body = cachedEntry.body) !== null && _cachedEntry$body !== void 0 && _cachedEntry$body.refresh_token) {
-                        return this.modifiedCachedEntry(cachedEntry, keyToMatch);
+                    if ((_a = cachedEntry === null || cachedEntry === void 0 ? void 0 : cachedEntry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) {
+                        return {
+                            refresh_token: cachedEntry.body.refresh_token,
+                            audience: cachedEntry.body.audience,
+                            scope: cachedEntry.body.scope
+                        };
                     }
                 }
             }
             return undefined;
         }
+        async getRefreshTokensByAudience(audience, clientId) {
+            var _a;
+            const keys = await this.getCacheKeys();
+            if (!keys) return [];
+            const tokens = new Set;
+            for (const key of keys) {
+                const cacheKey = CacheKey.fromKey(key);
+                if (cacheKey.prefix === CACHE_KEY_PREFIX && cacheKey.clientId === clientId && cacheKey.audience === audience) {
+                    const entry = await this.cache.get(key);
+                    if ((_a = entry === null || entry === void 0 ? void 0 : entry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) {
+                        tokens.add(entry.body.refresh_token);
+                    }
+                }
+            }
+            return Array.from(tokens);
+        }
         async updateEntry(oldRefreshToken, newRefreshToken) {
+            var _a;
             const allKeys = await this.getCacheKeys();
             if (!allKeys) return;
             for (const key of allKeys) {
-                var _entry$body;
                 const entry = await this.cache.get(key);
-                if ((entry === null || entry === void 0 || (_entry$body = entry.body) === null || _entry$body === void 0 ? void 0 : _entry$body.refresh_token) === oldRefreshToken) {
+                if (((_a = entry === null || entry === void 0 ? void 0 : entry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) === oldRefreshToken) {
                     entry.body.refresh_token = newRefreshToken;
                     await this.cache.set(key, entry);
                 }
@@ -1758,7 +1719,6 @@
             this.storage = storage;
             this.clientId = clientId;
             this.cookieDomain = cookieDomain;
-            _defineProperty(this, "storageKey", void 0);
             this.storageKey = "".concat(TRANSACTION_STORAGE_KEY_PREFIX, ".").concat(this.clientId);
         }
         create(transaction) {
@@ -1982,17 +1942,17 @@
                     sameSite: "none"
                 };
             }
-            if (options !== null && options !== void 0 && options.daysUntilExpire) {
+            if (options === null || options === void 0 ? void 0 : options.daysUntilExpire) {
                 cookieAttributes.expires = options.daysUntilExpire;
             }
-            if (options !== null && options !== void 0 && options.cookieDomain) {
+            if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
                 cookieAttributes.domain = options.cookieDomain;
             }
             set_1(key, JSON.stringify(value), cookieAttributes);
         },
         remove(key, options) {
             let cookieAttributes = {};
-            if (options !== null && options !== void 0 && options.cookieDomain) {
+            if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
                 cookieAttributes.domain = options.cookieDomain;
             }
             remove_1(key, cookieAttributes);
@@ -2014,10 +1974,10 @@
                     secure: true
                 };
             }
-            if (options !== null && options !== void 0 && options.daysUntilExpire) {
+            if (options === null || options === void 0 ? void 0 : options.daysUntilExpire) {
                 cookieAttributes.expires = options.daysUntilExpire;
             }
-            if (options !== null && options !== void 0 && options.cookieDomain) {
+            if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
                 cookieAttributes.domain = options.cookieDomain;
             }
             set_1("".concat(LEGACY_PREFIX).concat(key), JSON.stringify(value), cookieAttributes);
@@ -2025,7 +1985,7 @@
         },
         remove(key, options) {
             let cookieAttributes = {};
-            if (options !== null && options !== void 0 && options.cookieDomain) {
+            if (options === null || options === void 0 ? void 0 : options.cookieDomain) {
                 cookieAttributes.domain = options.cookieDomain;
             }
             remove_1(key, cookieAttributes);
@@ -2051,35 +2011,12 @@
             sessionStorage.removeItem(key);
         }
     };
-    let ResponseType = function(ResponseType) {
+    exports.ResponseType = void 0;
+    (function(ResponseType) {
         ResponseType["Code"] = "code";
         ResponseType["ConnectCode"] = "connect_code";
-        return ResponseType;
-    }({});
-    class User {
-        constructor() {
-            _defineProperty(this, "name", void 0);
-            _defineProperty(this, "given_name", void 0);
-            _defineProperty(this, "family_name", void 0);
-            _defineProperty(this, "middle_name", void 0);
-            _defineProperty(this, "nickname", void 0);
-            _defineProperty(this, "preferred_username", void 0);
-            _defineProperty(this, "profile", void 0);
-            _defineProperty(this, "picture", void 0);
-            _defineProperty(this, "website", void 0);
-            _defineProperty(this, "email", void 0);
-            _defineProperty(this, "email_verified", void 0);
-            _defineProperty(this, "gender", void 0);
-            _defineProperty(this, "birthdate", void 0);
-            _defineProperty(this, "zoneinfo", void 0);
-            _defineProperty(this, "locale", void 0);
-            _defineProperty(this, "phone_number", void 0);
-            _defineProperty(this, "phone_number_verified", void 0);
-            _defineProperty(this, "address", void 0);
-            _defineProperty(this, "updated_at", void 0);
-            _defineProperty(this, "sub", void 0);
-        }
-    }
+    })(exports.ResponseType || (exports.ResponseType = {}));
+    class User {}
     function decodeBase64$1(base64, enableUnicode) {
         var binaryString = atob(base64);
         if (enableUnicode) {
@@ -2109,7 +2046,7 @@
             return new Worker(url, options);
         };
     }
-    var WorkerFactory = createBase64WorkerFactory("Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwooZnVuY3Rpb24oKSB7CiAgICAidXNlIHN0cmljdCI7CiAgICBmdW5jdGlvbiBfZGVmaW5lUHJvcGVydHkoZSwgciwgdCkgewogICAgICAgIHJldHVybiAociA9IF90b1Byb3BlcnR5S2V5KHIpKSBpbiBlID8gT2JqZWN0LmRlZmluZVByb3BlcnR5KGUsIHIsIHsKICAgICAgICAgICAgdmFsdWU6IHQsCiAgICAgICAgICAgIGVudW1lcmFibGU6ICEwLAogICAgICAgICAgICBjb25maWd1cmFibGU6ICEwLAogICAgICAgICAgICB3cml0YWJsZTogITAKICAgICAgICB9KSA6IGVbcl0gPSB0LCBlOwogICAgfQogICAgZnVuY3Rpb24gb3duS2V5cyhlLCByKSB7CiAgICAgICAgdmFyIHQgPSBPYmplY3Qua2V5cyhlKTsKICAgICAgICBpZiAoT2JqZWN0LmdldE93blByb3BlcnR5U3ltYm9scykgewogICAgICAgICAgICB2YXIgbyA9IE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMoZSk7CiAgICAgICAgICAgIHIgJiYgKG8gPSBvLmZpbHRlcihmdW5jdGlvbihyKSB7CiAgICAgICAgICAgICAgICByZXR1cm4gT2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcihlLCByKS5lbnVtZXJhYmxlOwogICAgICAgICAgICB9KSksIHQucHVzaC5hcHBseSh0LCBvKTsKICAgICAgICB9CiAgICAgICAgcmV0dXJuIHQ7CiAgICB9CiAgICBmdW5jdGlvbiBfb2JqZWN0U3ByZWFkMihlKSB7CiAgICAgICAgZm9yICh2YXIgciA9IDE7IHIgPCBhcmd1bWVudHMubGVuZ3RoOyByKyspIHsKICAgICAgICAgICAgdmFyIHQgPSBudWxsICE9IGFyZ3VtZW50c1tyXSA/IGFyZ3VtZW50c1tyXSA6IHt9OwogICAgICAgICAgICByICUgMiA/IG93bktleXMoT2JqZWN0KHQpLCAhMCkuZm9yRWFjaChmdW5jdGlvbihyKSB7CiAgICAgICAgICAgICAgICBfZGVmaW5lUHJvcGVydHkoZSwgciwgdFtyXSk7CiAgICAgICAgICAgIH0pIDogT2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcnMgPyBPYmplY3QuZGVmaW5lUHJvcGVydGllcyhlLCBPYmplY3QuZ2V0T3duUHJvcGVydHlEZXNjcmlwdG9ycyh0KSkgOiBvd25LZXlzKE9iamVjdCh0KSkuZm9yRWFjaChmdW5jdGlvbihyKSB7CiAgICAgICAgICAgICAgICBPYmplY3QuZGVmaW5lUHJvcGVydHkoZSwgciwgT2JqZWN0LmdldE93blByb3BlcnR5RGVzY3JpcHRvcih0LCByKSk7CiAgICAgICAgICAgIH0pOwogICAgICAgIH0KICAgICAgICByZXR1cm4gZTsKICAgIH0KICAgIGZ1bmN0aW9uIF9vYmplY3RXaXRob3V0UHJvcGVydGllcyhlLCB0KSB7CiAgICAgICAgaWYgKG51bGwgPT0gZSkgcmV0dXJuIHt9OwogICAgICAgIHZhciBvLCByLCBpID0gX29iamVjdFdpdGhvdXRQcm9wZXJ0aWVzTG9vc2UoZSwgdCk7CiAgICAgICAgaWYgKE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMpIHsKICAgICAgICAgICAgdmFyIG4gPSBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzKGUpOwogICAgICAgICAgICBmb3IgKHIgPSAwOyByIDwgbi5sZW5ndGg7IHIrKykgbyA9IG5bcl0sIC0xID09PSB0LmluZGV4T2YobykgJiYge30ucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChlLCBvKSAmJiAoaVtvXSA9IGVbb10pOwogICAgICAgIH0KICAgICAgICByZXR1cm4gaTsKICAgIH0KICAgIGZ1bmN0aW9uIF9vYmplY3RXaXRob3V0UHJvcGVydGllc0xvb3NlKHIsIGUpIHsKICAgICAgICBpZiAobnVsbCA9PSByKSByZXR1cm4ge307CiAgICAgICAgdmFyIHQgPSB7fTsKICAgICAgICBmb3IgKHZhciBuIGluIHIpIGlmICh7fS5oYXNPd25Qcm9wZXJ0eS5jYWxsKHIsIG4pKSB7CiAgICAgICAgICAgIGlmICgtMSAhPT0gZS5pbmRleE9mKG4pKSBjb250aW51ZTsKICAgICAgICAgICAgdFtuXSA9IHJbbl07CiAgICAgICAgfQogICAgICAgIHJldHVybiB0OwogICAgfQogICAgZnVuY3Rpb24gX3RvUHJpbWl0aXZlKHQsIHIpIHsKICAgICAgICBpZiAoIm9iamVjdCIgIT0gdHlwZW9mIHQgfHwgIXQpIHJldHVybiB0OwogICAgICAgIHZhciBlID0gdFtTeW1ib2wudG9QcmltaXRpdmVdOwogICAgICAgIGlmICh2b2lkIDAgIT09IGUpIHsKICAgICAgICAgICAgdmFyIGkgPSBlLmNhbGwodCwgciB8fCAiZGVmYXVsdCIpOwogICAgICAgICAgICBpZiAoIm9iamVjdCIgIT0gdHlwZW9mIGkpIHJldHVybiBpOwogICAgICAgICAgICB0aHJvdyBuZXcgVHlwZUVycm9yKCJAQHRvUHJpbWl0aXZlIG11c3QgcmV0dXJuIGEgcHJpbWl0aXZlIHZhbHVlLiIpOwogICAgICAgIH0KICAgICAgICByZXR1cm4gKCJzdHJpbmciID09PSByID8gU3RyaW5nIDogTnVtYmVyKSh0KTsKICAgIH0KICAgIGZ1bmN0aW9uIF90b1Byb3BlcnR5S2V5KHQpIHsKICAgICAgICB2YXIgaSA9IF90b1ByaW1pdGl2ZSh0LCAic3RyaW5nIik7CiAgICAgICAgcmV0dXJuICJzeW1ib2wiID09IHR5cGVvZiBpID8gaSA6IGkgKyAiIjsKICAgIH0KICAgIGNsYXNzIEdlbmVyaWNFcnJvciBleHRlbmRzIEVycm9yIHsKICAgICAgICBjb25zdHJ1Y3RvcihlcnJvciwgZXJyb3JfZGVzY3JpcHRpb24pIHsKICAgICAgICAgICAgc3VwZXIoZXJyb3JfZGVzY3JpcHRpb24pOwogICAgICAgICAgICB0aGlzLmVycm9yID0gZXJyb3I7CiAgICAgICAgICAgIHRoaXMuZXJyb3JfZGVzY3JpcHRpb24gPSBlcnJvcl9kZXNjcmlwdGlvbjsKICAgICAgICAgICAgT2JqZWN0LnNldFByb3RvdHlwZU9mKHRoaXMsIEdlbmVyaWNFcnJvci5wcm90b3R5cGUpOwogICAgICAgIH0KICAgICAgICBzdGF0aWMgZnJvbVBheWxvYWQoX3JlZikgewogICAgICAgICAgICBsZXQge2Vycm9yOiBlcnJvciwgZXJyb3JfZGVzY3JpcHRpb246IGVycm9yX2Rlc2NyaXB0aW9ufSA9IF9yZWY7CiAgICAgICAgICAgIHJldHVybiBuZXcgR2VuZXJpY0Vycm9yKGVycm9yLCBlcnJvcl9kZXNjcmlwdGlvbik7CiAgICAgICAgfQogICAgfQogICAgY2xhc3MgTWlzc2luZ1JlZnJlc2hUb2tlbkVycm9yIGV4dGVuZHMgR2VuZXJpY0Vycm9yIHsKICAgICAgICBjb25zdHJ1Y3RvcihhdWRpZW5jZSwgc2NvcGUpIHsKICAgICAgICAgICAgc3VwZXIoIm1pc3NpbmdfcmVmcmVzaF90b2tlbiIsICJNaXNzaW5nIFJlZnJlc2ggVG9rZW4gKGF1ZGllbmNlOiAnIi5jb25jYXQodmFsdWVPckVtcHR5U3RyaW5nKGF1ZGllbmNlLCBbICJkZWZhdWx0IiBdKSwgIicsIHNjb3BlOiAnIikuY29uY2F0KHZhbHVlT3JFbXB0eVN0cmluZyhzY29wZSksICInKSIpKTsKICAgICAgICAgICAgdGhpcy5hdWRpZW5jZSA9IGF1ZGllbmNlOwogICAgICAgICAgICB0aGlzLnNjb3BlID0gc2NvcGU7CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICB9CiAgICBmdW5jdGlvbiB2YWx1ZU9yRW1wdHlTdHJpbmcodmFsdWUpIHsKICAgICAgICBsZXQgZXhjbHVkZSA9IGFyZ3VtZW50cy5sZW5ndGggPiAxICYmIGFyZ3VtZW50c1sxXSAhPT0gdW5kZWZpbmVkID8gYXJndW1lbnRzWzFdIDogW107CiAgICAgICAgcmV0dXJuIHZhbHVlICYmICFleGNsdWRlLmluY2x1ZGVzKHZhbHVlKSA/IHZhbHVlIDogIiI7CiAgICB9CiAgICBjb25zdCBfZXhjbHVkZWQgPSBbICJjbGllbnRJZCIgXTsKICAgIGNvbnN0IHN0cmlwVW5kZWZpbmVkID0gcGFyYW1zID0+IE9iamVjdC5rZXlzKHBhcmFtcykuZmlsdGVyKGsgPT4gdHlwZW9mIHBhcmFtc1trXSAhPT0gInVuZGVmaW5lZCIpLnJlZHVjZSgoYWNjLCBrZXkpID0+IF9vYmplY3RTcHJlYWQyKF9vYmplY3RTcHJlYWQyKHt9LCBhY2MpLCB7fSwgewogICAgICAgIFtrZXldOiBwYXJhbXNba2V5XQogICAgfSksIHt9KTsKICAgIGNvbnN0IGNyZWF0ZVF1ZXJ5UGFyYW1zID0gX3JlZiA9PiB7CiAgICAgICAgbGV0IHtjbGllbnRJZDogY2xpZW50X2lkfSA9IF9yZWYsIHBhcmFtcyA9IF9vYmplY3RXaXRob3V0UHJvcGVydGllcyhfcmVmLCBfZXhjbHVkZWQpOwogICAgICAgIHJldHVybiBuZXcgVVJMU2VhcmNoUGFyYW1zKHN0cmlwVW5kZWZpbmVkKF9vYmplY3RTcHJlYWQyKHsKICAgICAgICAgICAgY2xpZW50X2lkOiBjbGllbnRfaWQKICAgICAgICB9LCBwYXJhbXMpKSkudG9TdHJpbmcoKTsKICAgIH07CiAgICBjb25zdCBmcm9tRW50cmllcyA9IGl0ZXJhYmxlID0+IFsgLi4uaXRlcmFibGUgXS5yZWR1Y2UoKG9iaiwgX3JlZjIpID0+IHsKICAgICAgICBsZXQgW2tleSwgdmFsXSA9IF9yZWYyOwogICAgICAgIG9ialtrZXldID0gdmFsOwogICAgICAgIHJldHVybiBvYmo7CiAgICB9LCB7fSk7CiAgICBsZXQgcmVmcmVzaFRva2VucyA9IHt9OwogICAgbGV0IGFsbG93ZWRCYXNlVXJsID0gbnVsbDsKICAgIGNvbnN0IGNhY2hlS2V5ID0gKGF1ZGllbmNlLCBzY29wZSkgPT4gIiIuY29uY2F0KGF1ZGllbmNlLCAifCIpLmNvbmNhdChzY29wZSk7CiAgICBjb25zdCBjYWNoZUtleUNvbnRhaW5zQXVkaWVuY2UgPSAoYXVkaWVuY2UsIGNhY2hlS2V5KSA9PiBjYWNoZUtleS5zdGFydHNXaXRoKCIiLmNvbmNhdChhdWRpZW5jZSwgInwiKSk7CiAgICBjb25zdCBnZXRSZWZyZXNoVG9rZW4gPSAoYXVkaWVuY2UsIHNjb3BlKSA9PiByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldOwogICAgY29uc3Qgc2V0UmVmcmVzaFRva2VuID0gKHJlZnJlc2hUb2tlbiwgYXVkaWVuY2UsIHNjb3BlKSA9PiByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldID0gcmVmcmVzaFRva2VuOwogICAgY29uc3QgZGVsZXRlUmVmcmVzaFRva2VuID0gKGF1ZGllbmNlLCBzY29wZSkgPT4gZGVsZXRlIHJlZnJlc2hUb2tlbnNbY2FjaGVLZXkoYXVkaWVuY2UsIHNjb3BlKV07CiAgICBjb25zdCB3YWl0ID0gdGltZSA9PiBuZXcgUHJvbWlzZShyZXNvbHZlID0+IHNldFRpbWVvdXQocmVzb2x2ZSwgdGltZSkpOwogICAgY29uc3QgZm9ybURhdGFUb09iamVjdCA9IGZvcm1EYXRhID0+IHsKICAgICAgICBjb25zdCBxdWVyeVBhcmFtcyA9IG5ldyBVUkxTZWFyY2hQYXJhbXMoZm9ybURhdGEpOwogICAgICAgIGNvbnN0IHBhcnNlZFF1ZXJ5ID0ge307CiAgICAgICAgcXVlcnlQYXJhbXMuZm9yRWFjaCgodmFsLCBrZXkpID0+IHsKICAgICAgICAgICAgcGFyc2VkUXVlcnlba2V5XSA9IHZhbDsKICAgICAgICB9KTsKICAgICAgICByZXR1cm4gcGFyc2VkUXVlcnk7CiAgICB9OwogICAgY29uc3QgdXBkYXRlUmVmcmVzaFRva2VucyA9IChvbGRSZWZyZXNoVG9rZW4sIG5ld1JlZnJlc2hUb2tlbikgPT4gewogICAgICAgIE9iamVjdC5lbnRyaWVzKHJlZnJlc2hUb2tlbnMpLmZvckVhY2goX3JlZiA9PiB7CiAgICAgICAgICAgIGxldCBba2V5LCB0b2tlbl0gPSBfcmVmOwogICAgICAgICAgICBpZiAodG9rZW4gPT09IG9sZFJlZnJlc2hUb2tlbikgewogICAgICAgICAgICAgICAgcmVmcmVzaFRva2Vuc1trZXldID0gbmV3UmVmcmVzaFRva2VuOwogICAgICAgICAgICB9CiAgICAgICAgfSk7CiAgICB9OwogICAgY29uc3QgY2hlY2tEb3duc2NvcGluZyA9IChzY29wZSwgYXVkaWVuY2UpID0+IHsKICAgICAgICBjb25zdCBmaW5kQ29pbmNpZGVuY2UgPSBPYmplY3Qua2V5cyhyZWZyZXNoVG9rZW5zKS5maW5kKGtleSA9PiB7CiAgICAgICAgICAgIGlmIChrZXkgIT09ICJsYXRlc3RfcmVmcmVzaF90b2tlbiIpIHsKICAgICAgICAgICAgICAgIGNvbnN0IGlzU2FtZUF1ZGllbmNlID0gY2FjaGVLZXlDb250YWluc0F1ZGllbmNlKGF1ZGllbmNlLCBrZXkpOwogICAgICAgICAgICAgICAgY29uc3Qgc2NvcGVzS2V5ID0ga2V5LnNwbGl0KCJ8IilbMV0uc3BsaXQoIiAiKTsKICAgICAgICAgICAgICAgIGNvbnN0IHJlcXVlc3RlZFNjb3BlcyA9IHNjb3BlLnNwbGl0KCIgIik7CiAgICAgICAgICAgICAgICBjb25zdCBzY29wZXNBcmVJbmNsdWRlZCA9IHJlcXVlc3RlZFNjb3Blcy5ldmVyeShrZXkgPT4gc2NvcGVzS2V5LmluY2x1ZGVzKGtleSkpOwogICAgICAgICAgICAgICAgcmV0dXJuIGlzU2FtZUF1ZGllbmNlICYmIHNjb3Blc0FyZUluY2x1ZGVkOwogICAgICAgICAgICB9CiAgICAgICAgfSk7CiAgICAgICAgcmV0dXJuIGZpbmRDb2luY2lkZW5jZSA/IHRydWUgOiBmYWxzZTsKICAgIH07CiAgICBjb25zdCBtZXNzYWdlSGFuZGxlciA9IGFzeW5jIF9yZWYyID0+IHsKICAgICAgICBsZXQge2RhdGE6IHt0aW1lb3V0OiB0aW1lb3V0LCBhdXRoOiBhdXRoLCBmZXRjaFVybDogZmV0Y2hVcmwsIGZldGNoT3B0aW9uczogZmV0Y2hPcHRpb25zLCB1c2VGb3JtRGF0YTogdXNlRm9ybURhdGEsIHVzZU1ycnQ6IHVzZU1ycnR9LCBwb3J0czogW3BvcnRdfSA9IF9yZWYyOwogICAgICAgIGxldCBoZWFkZXJzID0ge307CiAgICAgICAgbGV0IGpzb247CiAgICAgICAgbGV0IHJlZnJlc2hUb2tlbjsKICAgICAgICBjb25zdCB7YXVkaWVuY2U6IGF1ZGllbmNlLCBzY29wZTogc2NvcGV9ID0gYXV0aCB8fCB7fTsKICAgICAgICB0cnkgewogICAgICAgICAgICBjb25zdCBib2R5ID0gdXNlRm9ybURhdGEgPyBmb3JtRGF0YVRvT2JqZWN0KGZldGNoT3B0aW9ucy5ib2R5KSA6IEpTT04ucGFyc2UoZmV0Y2hPcHRpb25zLmJvZHkpOwogICAgICAgICAgICBpZiAoIWJvZHkucmVmcmVzaF90b2tlbiAmJiBib2R5LmdyYW50X3R5cGUgPT09ICJyZWZyZXNoX3Rva2VuIikgewogICAgICAgICAgICAgICAgcmVmcmVzaFRva2VuID0gZ2V0UmVmcmVzaFRva2VuKGF1ZGllbmNlLCBzY29wZSk7CiAgICAgICAgICAgICAgICBpZiAoIXJlZnJlc2hUb2tlbiAmJiB1c2VNcnJ0KSB7CiAgICAgICAgICAgICAgICAgICAgY29uc3QgbGF0ZXN0UmVmcmVzaFRva2VuID0gcmVmcmVzaFRva2Vuc1sibGF0ZXN0X3JlZnJlc2hfdG9rZW4iXTsKICAgICAgICAgICAgICAgICAgICBjb25zdCBpc0Rvd25zY29waW5nID0gY2hlY2tEb3duc2NvcGluZyhzY29wZSwgYXVkaWVuY2UpOwogICAgICAgICAgICAgICAgICAgIGlmIChsYXRlc3RSZWZyZXNoVG9rZW4gJiYgIWlzRG93bnNjb3BpbmcpIHsKICAgICAgICAgICAgICAgICAgICAgICAgcmVmcmVzaFRva2VuID0gbGF0ZXN0UmVmcmVzaFRva2VuOwogICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIGlmICghcmVmcmVzaFRva2VuKSB7CiAgICAgICAgICAgICAgICAgICAgdGhyb3cgbmV3IE1pc3NpbmdSZWZyZXNoVG9rZW5FcnJvcihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgZmV0Y2hPcHRpb25zLmJvZHkgPSB1c2VGb3JtRGF0YSA/IGNyZWF0ZVF1ZXJ5UGFyYW1zKF9vYmplY3RTcHJlYWQyKF9vYmplY3RTcHJlYWQyKHt9LCBib2R5KSwge30sIHsKICAgICAgICAgICAgICAgICAgICByZWZyZXNoX3Rva2VuOiByZWZyZXNoVG9rZW4KICAgICAgICAgICAgICAgIH0pKSA6IEpTT04uc3RyaW5naWZ5KF9vYmplY3RTcHJlYWQyKF9vYmplY3RTcHJlYWQyKHt9LCBib2R5KSwge30sIHsKICAgICAgICAgICAgICAgICAgICByZWZyZXNoX3Rva2VuOiByZWZyZXNoVG9rZW4KICAgICAgICAgICAgICAgIH0pKTsKICAgICAgICAgICAgfQogICAgICAgICAgICBsZXQgYWJvcnRDb250cm9sbGVyOwogICAgICAgICAgICBpZiAodHlwZW9mIEFib3J0Q29udHJvbGxlciA9PT0gImZ1bmN0aW9uIikgewogICAgICAgICAgICAgICAgYWJvcnRDb250cm9sbGVyID0gbmV3IEFib3J0Q29udHJvbGxlcjsKICAgICAgICAgICAgICAgIGZldGNoT3B0aW9ucy5zaWduYWwgPSBhYm9ydENvbnRyb2xsZXIuc2lnbmFsOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGxldCByZXNwb25zZTsKICAgICAgICAgICAgdHJ5IHsKICAgICAgICAgICAgICAgIHJlc3BvbnNlID0gYXdhaXQgUHJvbWlzZS5yYWNlKFsgd2FpdCh0aW1lb3V0KSwgZmV0Y2goZmV0Y2hVcmwsIF9vYmplY3RTcHJlYWQyKHt9LCBmZXRjaE9wdGlvbnMpKSBdKTsKICAgICAgICAgICAgfSBjYXRjaCAoZXJyb3IpIHsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIGVycm9yOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgfQogICAgICAgICAgICBpZiAoIXJlc3BvbnNlKSB7CiAgICAgICAgICAgICAgICBpZiAoYWJvcnRDb250cm9sbGVyKSBhYm9ydENvbnRyb2xsZXIuYWJvcnQoKTsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIGVycm9yOiAiVGltZW91dCB3aGVuIGV4ZWN1dGluZyAnZmV0Y2gnIgogICAgICAgICAgICAgICAgfSk7CiAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgIH0KICAgICAgICAgICAgaGVhZGVycyA9IGZyb21FbnRyaWVzKHJlc3BvbnNlLmhlYWRlcnMpOwogICAgICAgICAgICBqc29uID0gYXdhaXQgcmVzcG9uc2UuanNvbigpOwogICAgICAgICAgICBpZiAoanNvbi5yZWZyZXNoX3Rva2VuKSB7CiAgICAgICAgICAgICAgICBpZiAodXNlTXJydCkgewogICAgICAgICAgICAgICAgICAgIHJlZnJlc2hUb2tlbnNbImxhdGVzdF9yZWZyZXNoX3Rva2VuIl0gPSBqc29uLnJlZnJlc2hfdG9rZW47CiAgICAgICAgICAgICAgICAgICAgdXBkYXRlUmVmcmVzaFRva2VucyhyZWZyZXNoVG9rZW4sIGpzb24ucmVmcmVzaF90b2tlbik7CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICBzZXRSZWZyZXNoVG9rZW4oanNvbi5yZWZyZXNoX3Rva2VuLCBhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgZGVsZXRlIGpzb24ucmVmcmVzaF90b2tlbjsKICAgICAgICAgICAgfSBlbHNlIHsKICAgICAgICAgICAgICAgIGRlbGV0ZVJlZnJlc2hUb2tlbihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICB9CiAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgb2s6IHJlc3BvbnNlLm9rLAogICAgICAgICAgICAgICAganNvbjoganNvbiwKICAgICAgICAgICAgICAgIGhlYWRlcnM6IGhlYWRlcnMKICAgICAgICAgICAgfSk7CiAgICAgICAgfSBjYXRjaCAoZXJyb3IpIHsKICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICBvazogZmFsc2UsCiAgICAgICAgICAgICAgICBqc29uOiB7CiAgICAgICAgICAgICAgICAgICAgZXJyb3I6IGVycm9yLmVycm9yLAogICAgICAgICAgICAgICAgICAgIGVycm9yX2Rlc2NyaXB0aW9uOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICB9LAogICAgICAgICAgICAgICAgaGVhZGVyczogaGVhZGVycwogICAgICAgICAgICB9KTsKICAgICAgICB9CiAgICB9OwogICAgY29uc3QgaXNBdXRob3JpemVkV29ya2VyUmVxdWVzdCA9IHdvcmtlclJlcXVlc3QgPT4gewogICAgICAgIGlmICghYWxsb3dlZEJhc2VVcmwpIHsKICAgICAgICAgICAgcmV0dXJuIGZhbHNlOwogICAgICAgIH0KICAgICAgICB0cnkgewogICAgICAgICAgICBjb25zdCBhbGxvd2VkQmFzZU9yaWdpbiA9IG5ldyBVUkwoYWxsb3dlZEJhc2VVcmwpLm9yaWdpbjsKICAgICAgICAgICAgY29uc3QgcmVxdWVzdGVkVXJsID0gbmV3IFVSTCh3b3JrZXJSZXF1ZXN0LmZldGNoVXJsKTsKICAgICAgICAgICAgcmV0dXJuIHJlcXVlc3RlZFVybC5vcmlnaW4gPT09IGFsbG93ZWRCYXNlT3JpZ2luICYmIHJlcXVlc3RlZFVybC5wYXRobmFtZSA9PT0gIi9vYXV0aC90b2tlbiI7CiAgICAgICAgfSBjYXRjaCAoX3VudXNlZCkgewogICAgICAgICAgICByZXR1cm4gZmFsc2U7CiAgICAgICAgfQogICAgfTsKICAgIGNvbnN0IG1lc3NhZ2VSb3V0ZXIgPSBldmVudCA9PiB7CiAgICAgICAgY29uc3Qge2RhdGE6IGRhdGEsIHBvcnRzOiBwb3J0c30gPSBldmVudDsKICAgICAgICBjb25zdCBbcG9ydF0gPSBwb3J0czsKICAgICAgICBpZiAoInR5cGUiIGluIGRhdGEgJiYgZGF0YS50eXBlID09PSAiaW5pdCIpIHsKICAgICAgICAgICAgaWYgKGFsbG93ZWRCYXNlVXJsID09PSBudWxsKSB7CiAgICAgICAgICAgICAgICB0cnkgewogICAgICAgICAgICAgICAgICAgIG5ldyBVUkwoZGF0YS5hbGxvd2VkQmFzZVVybCk7CiAgICAgICAgICAgICAgICAgICAgYWxsb3dlZEJhc2VVcmwgPSBkYXRhLmFsbG93ZWRCYXNlVXJsOwogICAgICAgICAgICAgICAgfSBjYXRjaCAoX3VudXNlZDIpIHsKICAgICAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgIH0KICAgICAgICAgICAgcmV0dXJuOwogICAgICAgIH0KICAgICAgICBpZiAoISgiZmV0Y2hVcmwiIGluIGRhdGEpIHx8ICFpc0F1dGhvcml6ZWRXb3JrZXJSZXF1ZXN0KGRhdGEpKSB7CiAgICAgICAgICAgIHBvcnQgPT09IG51bGwgfHwgcG9ydCA9PT0gdm9pZCAwIHx8IHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgb2s6IGZhbHNlLAogICAgICAgICAgICAgICAganNvbjogewogICAgICAgICAgICAgICAgICAgIGVycm9yOiAiaW52YWxpZF9mZXRjaF91cmwiLAogICAgICAgICAgICAgICAgICAgIGVycm9yX2Rlc2NyaXB0aW9uOiAiVW5hdXRob3JpemVkIGZldGNoIFVSTCIKICAgICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgICBoZWFkZXJzOiB7fQogICAgICAgICAgICB9KTsKICAgICAgICAgICAgcmV0dXJuOwogICAgICAgIH0KICAgICAgICBtZXNzYWdlSGFuZGxlcihldmVudCk7CiAgICB9OwogICAgewogICAgICAgIGFkZEV2ZW50TGlzdGVuZXIoIm1lc3NhZ2UiLCBtZXNzYWdlUm91dGVyKTsKICAgIH0KfSkoKTsKCg==", null, false);
+    var WorkerFactory = createBase64WorkerFactory("Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwooZnVuY3Rpb24oKSB7CiAgICAidXNlIHN0cmljdCI7CiAgICBjbGFzcyBHZW5lcmljRXJyb3IgZXh0ZW5kcyBFcnJvciB7CiAgICAgICAgY29uc3RydWN0b3IoZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uKSB7CiAgICAgICAgICAgIHN1cGVyKGVycm9yX2Rlc2NyaXB0aW9uKTsKICAgICAgICAgICAgdGhpcy5lcnJvciA9IGVycm9yOwogICAgICAgICAgICB0aGlzLmVycm9yX2Rlc2NyaXB0aW9uID0gZXJyb3JfZGVzY3JpcHRpb247CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBHZW5lcmljRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICAgICAgc3RhdGljIGZyb21QYXlsb2FkKF9yZWYpIHsKICAgICAgICAgICAgbGV0IHtlcnJvcjogZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uOiBlcnJvcl9kZXNjcmlwdGlvbn0gPSBfcmVmOwogICAgICAgICAgICByZXR1cm4gbmV3IEdlbmVyaWNFcnJvcihlcnJvciwgZXJyb3JfZGVzY3JpcHRpb24pOwogICAgICAgIH0KICAgIH0KICAgIGNsYXNzIE1pc3NpbmdSZWZyZXNoVG9rZW5FcnJvciBleHRlbmRzIEdlbmVyaWNFcnJvciB7CiAgICAgICAgY29uc3RydWN0b3IoYXVkaWVuY2UsIHNjb3BlKSB7CiAgICAgICAgICAgIHN1cGVyKCJtaXNzaW5nX3JlZnJlc2hfdG9rZW4iLCAiTWlzc2luZyBSZWZyZXNoIFRva2VuIChhdWRpZW5jZTogJyIuY29uY2F0KHZhbHVlT3JFbXB0eVN0cmluZyhhdWRpZW5jZSwgWyAiZGVmYXVsdCIgXSksICInLCBzY29wZTogJyIpLmNvbmNhdCh2YWx1ZU9yRW1wdHlTdHJpbmcoc2NvcGUpLCAiJykiKSk7CiAgICAgICAgICAgIHRoaXMuYXVkaWVuY2UgPSBhdWRpZW5jZTsKICAgICAgICAgICAgdGhpcy5zY29wZSA9IHNjb3BlOwogICAgICAgICAgICBPYmplY3Quc2V0UHJvdG90eXBlT2YodGhpcywgTWlzc2luZ1JlZnJlc2hUb2tlbkVycm9yLnByb3RvdHlwZSk7CiAgICAgICAgfQogICAgfQogICAgZnVuY3Rpb24gdmFsdWVPckVtcHR5U3RyaW5nKHZhbHVlKSB7CiAgICAgICAgbGV0IGV4Y2x1ZGUgPSBhcmd1bWVudHMubGVuZ3RoID4gMSAmJiBhcmd1bWVudHNbMV0gIT09IHVuZGVmaW5lZCA/IGFyZ3VtZW50c1sxXSA6IFtdOwogICAgICAgIHJldHVybiB2YWx1ZSAmJiAhZXhjbHVkZS5pbmNsdWRlcyh2YWx1ZSkgPyB2YWx1ZSA6ICIiOwogICAgfQogICAgZnVuY3Rpb24gX19yZXN0KHMsIGUpIHsKICAgICAgICB2YXIgdCA9IHt9OwogICAgICAgIGZvciAodmFyIHAgaW4gcykgaWYgKE9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChzLCBwKSAmJiBlLmluZGV4T2YocCkgPCAwKSB0W3BdID0gc1twXTsKICAgICAgICBpZiAocyAhPSBudWxsICYmIHR5cGVvZiBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzID09PSAiZnVuY3Rpb24iKSBmb3IgKHZhciBpID0gMCwgcCA9IE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMocyk7IGkgPCBwLmxlbmd0aDsgaSsrKSB7CiAgICAgICAgICAgIGlmIChlLmluZGV4T2YocFtpXSkgPCAwICYmIE9iamVjdC5wcm90b3R5cGUucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChzLCBwW2ldKSkgdFtwW2ldXSA9IHNbcFtpXV07CiAgICAgICAgfQogICAgICAgIHJldHVybiB0OwogICAgfQogICAgdHlwZW9mIFN1cHByZXNzZWRFcnJvciA9PT0gImZ1bmN0aW9uIiA/IFN1cHByZXNzZWRFcnJvciA6IGZ1bmN0aW9uKGVycm9yLCBzdXBwcmVzc2VkLCBtZXNzYWdlKSB7CiAgICAgICAgdmFyIGUgPSBuZXcgRXJyb3IobWVzc2FnZSk7CiAgICAgICAgcmV0dXJuIGUubmFtZSA9ICJTdXBwcmVzc2VkRXJyb3IiLCBlLmVycm9yID0gZXJyb3IsIGUuc3VwcHJlc3NlZCA9IHN1cHByZXNzZWQsIGU7CiAgICB9OwogICAgY29uc3Qgc3RyaXBVbmRlZmluZWQgPSBwYXJhbXMgPT4gT2JqZWN0LmtleXMocGFyYW1zKS5maWx0ZXIoayA9PiB0eXBlb2YgcGFyYW1zW2tdICE9PSAidW5kZWZpbmVkIikucmVkdWNlKChhY2MsIGtleSkgPT4gT2JqZWN0LmFzc2lnbihPYmplY3QuYXNzaWduKHt9LCBhY2MpLCB7CiAgICAgICAgW2tleV06IHBhcmFtc1trZXldCiAgICB9KSwge30pOwogICAgY29uc3QgY3JlYXRlUXVlcnlQYXJhbXMgPSBfYSA9PiB7CiAgICAgICAgdmFyIHtjbGllbnRJZDogY2xpZW50X2lkfSA9IF9hLCBwYXJhbXMgPSBfX3Jlc3QoX2EsIFsgImNsaWVudElkIiBdKTsKICAgICAgICByZXR1cm4gbmV3IFVSTFNlYXJjaFBhcmFtcyhzdHJpcFVuZGVmaW5lZChPYmplY3QuYXNzaWduKHsKICAgICAgICAgICAgY2xpZW50X2lkOiBjbGllbnRfaWQKICAgICAgICB9LCBwYXJhbXMpKSkudG9TdHJpbmcoKTsKICAgIH07CiAgICBjb25zdCBmcm9tRW50cmllcyA9IGl0ZXJhYmxlID0+IFsgLi4uaXRlcmFibGUgXS5yZWR1Y2UoKG9iaiwgX3JlZikgPT4gewogICAgICAgIGxldCBba2V5LCB2YWxdID0gX3JlZjsKICAgICAgICBvYmpba2V5XSA9IHZhbDsKICAgICAgICByZXR1cm4gb2JqOwogICAgfSwge30pOwogICAgbGV0IHJlZnJlc2hUb2tlbnMgPSB7fTsKICAgIGxldCBhbGxvd2VkQmFzZVVybCA9IG51bGw7CiAgICBjb25zdCBjYWNoZUtleSA9IChhdWRpZW5jZSwgc2NvcGUpID0+ICIiLmNvbmNhdChhdWRpZW5jZSwgInwiKS5jb25jYXQoc2NvcGUpOwogICAgY29uc3QgY2FjaGVLZXlDb250YWluc0F1ZGllbmNlID0gKGF1ZGllbmNlLCBjYWNoZUtleSkgPT4gY2FjaGVLZXkuc3RhcnRzV2l0aCgiIi5jb25jYXQoYXVkaWVuY2UsICJ8IikpOwogICAgY29uc3QgZ2V0UmVmcmVzaFRva2VuID0gKGF1ZGllbmNlLCBzY29wZSkgPT4gcmVmcmVzaFRva2Vuc1tjYWNoZUtleShhdWRpZW5jZSwgc2NvcGUpXTsKICAgIGNvbnN0IHNldFJlZnJlc2hUb2tlbiA9IChyZWZyZXNoVG9rZW4sIGF1ZGllbmNlLCBzY29wZSkgPT4gcmVmcmVzaFRva2Vuc1tjYWNoZUtleShhdWRpZW5jZSwgc2NvcGUpXSA9IHJlZnJlc2hUb2tlbjsKICAgIGNvbnN0IGRlbGV0ZVJlZnJlc2hUb2tlbiA9IChhdWRpZW5jZSwgc2NvcGUpID0+IGRlbGV0ZSByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldOwogICAgY29uc3QgZ2V0UmVmcmVzaFRva2Vuc0J5QXVkaWVuY2UgPSBhdWRpZW5jZSA9PiB7CiAgICAgICAgY29uc3Qgc2VlbiA9IG5ldyBTZXQ7CiAgICAgICAgT2JqZWN0LmVudHJpZXMocmVmcmVzaFRva2VucykuZm9yRWFjaChfcmVmID0+IHsKICAgICAgICAgICAgbGV0IFtrZXksIHRva2VuXSA9IF9yZWY7CiAgICAgICAgICAgIGlmIChjYWNoZUtleUNvbnRhaW5zQXVkaWVuY2UoYXVkaWVuY2UsIGtleSkpIHsKICAgICAgICAgICAgICAgIHNlZW4uYWRkKHRva2VuKTsKICAgICAgICAgICAgfQogICAgICAgIH0pOwogICAgICAgIHJldHVybiBBcnJheS5mcm9tKHNlZW4pOwogICAgfTsKICAgIGNvbnN0IGRlbGV0ZVJlZnJlc2hUb2tlbnNCeVZhbHVlID0gcmVmcmVzaFRva2VuID0+IHsKICAgICAgICBPYmplY3QuZW50cmllcyhyZWZyZXNoVG9rZW5zKS5mb3JFYWNoKF9yZWYyID0+IHsKICAgICAgICAgICAgbGV0IFtrZXksIHRva2VuXSA9IF9yZWYyOwogICAgICAgICAgICBpZiAodG9rZW4gPT09IHJlZnJlc2hUb2tlbikgewogICAgICAgICAgICAgICAgZGVsZXRlIHJlZnJlc2hUb2tlbnNba2V5XTsKICAgICAgICAgICAgfQogICAgICAgIH0pOwogICAgfTsKICAgIGNvbnN0IHdhaXQgPSB0aW1lID0+IG5ldyBQcm9taXNlKHJlc29sdmUgPT4gc2V0VGltZW91dChyZXNvbHZlLCB0aW1lKSk7CiAgICBjb25zdCBmb3JtRGF0YVRvT2JqZWN0ID0gZm9ybURhdGEgPT4gewogICAgICAgIGNvbnN0IHF1ZXJ5UGFyYW1zID0gbmV3IFVSTFNlYXJjaFBhcmFtcyhmb3JtRGF0YSk7CiAgICAgICAgY29uc3QgcGFyc2VkUXVlcnkgPSB7fTsKICAgICAgICBxdWVyeVBhcmFtcy5mb3JFYWNoKCh2YWwsIGtleSkgPT4gewogICAgICAgICAgICBwYXJzZWRRdWVyeVtrZXldID0gdmFsOwogICAgICAgIH0pOwogICAgICAgIHJldHVybiBwYXJzZWRRdWVyeTsKICAgIH07CiAgICBjb25zdCB1cGRhdGVSZWZyZXNoVG9rZW5zID0gKG9sZFJlZnJlc2hUb2tlbiwgbmV3UmVmcmVzaFRva2VuKSA9PiB7CiAgICAgICAgT2JqZWN0LmVudHJpZXMocmVmcmVzaFRva2VucykuZm9yRWFjaChfcmVmMyA9PiB7CiAgICAgICAgICAgIGxldCBba2V5LCB0b2tlbl0gPSBfcmVmMzsKICAgICAgICAgICAgaWYgKHRva2VuID09PSBvbGRSZWZyZXNoVG9rZW4pIHsKICAgICAgICAgICAgICAgIHJlZnJlc2hUb2tlbnNba2V5XSA9IG5ld1JlZnJlc2hUb2tlbjsKICAgICAgICAgICAgfQogICAgICAgIH0pOwogICAgfTsKICAgIGNvbnN0IGNoZWNrRG93bnNjb3BpbmcgPSAoc2NvcGUsIGF1ZGllbmNlKSA9PiB7CiAgICAgICAgY29uc3QgZmluZENvaW5jaWRlbmNlID0gT2JqZWN0LmtleXMocmVmcmVzaFRva2VucykuZmluZChrZXkgPT4gewogICAgICAgICAgICBpZiAoa2V5ICE9PSAibGF0ZXN0X3JlZnJlc2hfdG9rZW4iKSB7CiAgICAgICAgICAgICAgICBjb25zdCBpc1NhbWVBdWRpZW5jZSA9IGNhY2hlS2V5Q29udGFpbnNBdWRpZW5jZShhdWRpZW5jZSwga2V5KTsKICAgICAgICAgICAgICAgIGNvbnN0IHNjb3Blc0tleSA9IGtleS5zcGxpdCgifCIpWzFdLnNwbGl0KCIgIik7CiAgICAgICAgICAgICAgICBjb25zdCByZXF1ZXN0ZWRTY29wZXMgPSBzY29wZS5zcGxpdCgiICIpOwogICAgICAgICAgICAgICAgY29uc3Qgc2NvcGVzQXJlSW5jbHVkZWQgPSByZXF1ZXN0ZWRTY29wZXMuZXZlcnkoa2V5ID0+IHNjb3Blc0tleS5pbmNsdWRlcyhrZXkpKTsKICAgICAgICAgICAgICAgIHJldHVybiBpc1NhbWVBdWRpZW5jZSAmJiBzY29wZXNBcmVJbmNsdWRlZDsKICAgICAgICAgICAgfQogICAgICAgIH0pOwogICAgICAgIHJldHVybiBmaW5kQ29pbmNpZGVuY2UgPyB0cnVlIDogZmFsc2U7CiAgICB9OwogICAgY29uc3QgbWVzc2FnZUhhbmRsZXIgPSBhc3luYyBfcmVmNCA9PiB7CiAgICAgICAgbGV0IHtkYXRhOiB7dGltZW91dDogdGltZW91dCwgYXV0aDogYXV0aCwgZmV0Y2hVcmw6IGZldGNoVXJsLCBmZXRjaE9wdGlvbnM6IGZldGNoT3B0aW9ucywgdXNlRm9ybURhdGE6IHVzZUZvcm1EYXRhLCB1c2VNcnJ0OiB1c2VNcnJ0fSwgcG9ydHM6IFtwb3J0XX0gPSBfcmVmNDsKICAgICAgICBsZXQgaGVhZGVycyA9IHt9OwogICAgICAgIGxldCBqc29uOwogICAgICAgIGxldCByZWZyZXNoVG9rZW47CiAgICAgICAgY29uc3Qge2F1ZGllbmNlOiBhdWRpZW5jZSwgc2NvcGU6IHNjb3BlfSA9IGF1dGggfHwge307CiAgICAgICAgdHJ5IHsKICAgICAgICAgICAgY29uc3QgYm9keSA9IHVzZUZvcm1EYXRhID8gZm9ybURhdGFUb09iamVjdChmZXRjaE9wdGlvbnMuYm9keSkgOiBKU09OLnBhcnNlKGZldGNoT3B0aW9ucy5ib2R5KTsKICAgICAgICAgICAgaWYgKCFib2R5LnJlZnJlc2hfdG9rZW4gJiYgYm9keS5ncmFudF90eXBlID09PSAicmVmcmVzaF90b2tlbiIpIHsKICAgICAgICAgICAgICAgIHJlZnJlc2hUb2tlbiA9IGdldFJlZnJlc2hUb2tlbihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgaWYgKCFyZWZyZXNoVG9rZW4gJiYgdXNlTXJydCkgewogICAgICAgICAgICAgICAgICAgIGNvbnN0IGxhdGVzdFJlZnJlc2hUb2tlbiA9IHJlZnJlc2hUb2tlbnNbImxhdGVzdF9yZWZyZXNoX3Rva2VuIl07CiAgICAgICAgICAgICAgICAgICAgY29uc3QgaXNEb3duc2NvcGluZyA9IGNoZWNrRG93bnNjb3Bpbmcoc2NvcGUsIGF1ZGllbmNlKTsKICAgICAgICAgICAgICAgICAgICBpZiAobGF0ZXN0UmVmcmVzaFRva2VuICYmICFpc0Rvd25zY29waW5nKSB7CiAgICAgICAgICAgICAgICAgICAgICAgIHJlZnJlc2hUb2tlbiA9IGxhdGVzdFJlZnJlc2hUb2tlbjsKICAgICAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICBpZiAoIXJlZnJlc2hUb2tlbikgewogICAgICAgICAgICAgICAgICAgIHRocm93IG5ldyBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IoYXVkaWVuY2UsIHNjb3BlKTsKICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIGZldGNoT3B0aW9ucy5ib2R5ID0gdXNlRm9ybURhdGEgPyBjcmVhdGVRdWVyeVBhcmFtcyhPYmplY3QuYXNzaWduKE9iamVjdC5hc3NpZ24oe30sIGJvZHkpLCB7CiAgICAgICAgICAgICAgICAgICAgcmVmcmVzaF90b2tlbjogcmVmcmVzaFRva2VuCiAgICAgICAgICAgICAgICB9KSkgOiBKU09OLnN0cmluZ2lmeShPYmplY3QuYXNzaWduKE9iamVjdC5hc3NpZ24oe30sIGJvZHkpLCB7CiAgICAgICAgICAgICAgICAgICAgcmVmcmVzaF90b2tlbjogcmVmcmVzaFRva2VuCiAgICAgICAgICAgICAgICB9KSk7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgbGV0IGFib3J0Q29udHJvbGxlcjsKICAgICAgICAgICAgaWYgKHR5cGVvZiBBYm9ydENvbnRyb2xsZXIgPT09ICJmdW5jdGlvbiIpIHsKICAgICAgICAgICAgICAgIGFib3J0Q29udHJvbGxlciA9IG5ldyBBYm9ydENvbnRyb2xsZXI7CiAgICAgICAgICAgICAgICBmZXRjaE9wdGlvbnMuc2lnbmFsID0gYWJvcnRDb250cm9sbGVyLnNpZ25hbDsKICAgICAgICAgICAgfQogICAgICAgICAgICBsZXQgcmVzcG9uc2U7CiAgICAgICAgICAgIHRyeSB7CiAgICAgICAgICAgICAgICByZXNwb25zZSA9IGF3YWl0IFByb21pc2UucmFjZShbIHdhaXQodGltZW91dCksIGZldGNoKGZldGNoVXJsLCBPYmplY3QuYXNzaWduKHt9LCBmZXRjaE9wdGlvbnMpKSBdKTsKICAgICAgICAgICAgfSBjYXRjaCAoZXJyb3IpIHsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIGVycm9yOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgfQogICAgICAgICAgICBpZiAoIXJlc3BvbnNlKSB7CiAgICAgICAgICAgICAgICBpZiAoYWJvcnRDb250cm9sbGVyKSBhYm9ydENvbnRyb2xsZXIuYWJvcnQoKTsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIGVycm9yOiAiVGltZW91dCB3aGVuIGV4ZWN1dGluZyAnZmV0Y2gnIgogICAgICAgICAgICAgICAgfSk7CiAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgIH0KICAgICAgICAgICAgaGVhZGVycyA9IGZyb21FbnRyaWVzKHJlc3BvbnNlLmhlYWRlcnMpOwogICAgICAgICAgICBqc29uID0gYXdhaXQgcmVzcG9uc2UuanNvbigpOwogICAgICAgICAgICBpZiAoanNvbi5yZWZyZXNoX3Rva2VuKSB7CiAgICAgICAgICAgICAgICBpZiAodXNlTXJydCkgewogICAgICAgICAgICAgICAgICAgIHJlZnJlc2hUb2tlbnNbImxhdGVzdF9yZWZyZXNoX3Rva2VuIl0gPSBqc29uLnJlZnJlc2hfdG9rZW47CiAgICAgICAgICAgICAgICAgICAgdXBkYXRlUmVmcmVzaFRva2VucyhyZWZyZXNoVG9rZW4sIGpzb24ucmVmcmVzaF90b2tlbik7CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICBzZXRSZWZyZXNoVG9rZW4oanNvbi5yZWZyZXNoX3Rva2VuLCBhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgZGVsZXRlIGpzb24ucmVmcmVzaF90b2tlbjsKICAgICAgICAgICAgfSBlbHNlIHsKICAgICAgICAgICAgICAgIGRlbGV0ZVJlZnJlc2hUb2tlbihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICB9CiAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgb2s6IHJlc3BvbnNlLm9rLAogICAgICAgICAgICAgICAganNvbjoganNvbiwKICAgICAgICAgICAgICAgIGhlYWRlcnM6IGhlYWRlcnMKICAgICAgICAgICAgfSk7CiAgICAgICAgfSBjYXRjaCAoZXJyb3IpIHsKICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICBvazogZmFsc2UsCiAgICAgICAgICAgICAgICBqc29uOiB7CiAgICAgICAgICAgICAgICAgICAgZXJyb3I6IGVycm9yLmVycm9yLAogICAgICAgICAgICAgICAgICAgIGVycm9yX2Rlc2NyaXB0aW9uOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICB9LAogICAgICAgICAgICAgICAgaGVhZGVyczogaGVhZGVycwogICAgICAgICAgICB9KTsKICAgICAgICB9CiAgICB9OwogICAgY29uc3QgcmV2b2tlTWVzc2FnZUhhbmRsZXIgPSBhc3luYyBfcmVmNSA9PiB7CiAgICAgICAgbGV0IHtkYXRhOiB7dGltZW91dDogdGltZW91dCwgYXV0aDogYXV0aCwgZmV0Y2hVcmw6IGZldGNoVXJsLCBmZXRjaE9wdGlvbnM6IGZldGNoT3B0aW9ucywgdXNlRm9ybURhdGE6IHVzZUZvcm1EYXRhfSwgcG9ydHM6IFtwb3J0XX0gPSBfcmVmNTsKICAgICAgICBjb25zdCB7YXVkaWVuY2U6IGF1ZGllbmNlfSA9IGF1dGggfHwge307CiAgICAgICAgdHJ5IHsKICAgICAgICAgICAgY29uc3QgdG9rZW5zVG9SZXZva2UgPSBnZXRSZWZyZXNoVG9rZW5zQnlBdWRpZW5jZShhdWRpZW5jZSk7CiAgICAgICAgICAgIGlmICh0b2tlbnNUb1Jldm9rZS5sZW5ndGggPT09IDApIHsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIG9rOiB0cnVlCiAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgfQogICAgICAgICAgICBjb25zdCBiYXNlQm9keSA9IHVzZUZvcm1EYXRhID8gZm9ybURhdGFUb09iamVjdChmZXRjaE9wdGlvbnMuYm9keSkgOiBKU09OLnBhcnNlKGZldGNoT3B0aW9ucy5ib2R5KTsKICAgICAgICAgICAgZm9yIChjb25zdCByZWZyZXNoVG9rZW4gb2YgdG9rZW5zVG9SZXZva2UpIHsKICAgICAgICAgICAgICAgIGNvbnN0IGJvZHkgPSB1c2VGb3JtRGF0YSA/IGNyZWF0ZVF1ZXJ5UGFyYW1zKE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSwgYmFzZUJvZHkpLCB7CiAgICAgICAgICAgICAgICAgICAgdG9rZW46IHJlZnJlc2hUb2tlbgogICAgICAgICAgICAgICAgfSkpIDogSlNPTi5zdHJpbmdpZnkoT2JqZWN0LmFzc2lnbihPYmplY3QuYXNzaWduKHt9LCBiYXNlQm9keSksIHsKICAgICAgICAgICAgICAgICAgICB0b2tlbjogcmVmcmVzaFRva2VuCiAgICAgICAgICAgICAgICB9KSk7CiAgICAgICAgICAgICAgICBsZXQgYWJvcnRDb250cm9sbGVyOwogICAgICAgICAgICAgICAgbGV0IHNpZ25hbDsKICAgICAgICAgICAgICAgIGlmICh0eXBlb2YgQWJvcnRDb250cm9sbGVyID09PSAiZnVuY3Rpb24iKSB7CiAgICAgICAgICAgICAgICAgICAgYWJvcnRDb250cm9sbGVyID0gbmV3IEFib3J0Q29udHJvbGxlcjsKICAgICAgICAgICAgICAgICAgICBzaWduYWwgPSBhYm9ydENvbnRyb2xsZXIuc2lnbmFsOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgbGV0IHRpbWVvdXRJZDsKICAgICAgICAgICAgICAgIGxldCByZXNwb25zZTsKICAgICAgICAgICAgICAgIHRyeSB7CiAgICAgICAgICAgICAgICAgICAgcmVzcG9uc2UgPSBhd2FpdCBQcm9taXNlLnJhY2UoWyBuZXcgUHJvbWlzZShyZXNvbHZlID0+IHsKICAgICAgICAgICAgICAgICAgICAgICAgdGltZW91dElkID0gc2V0VGltZW91dChyZXNvbHZlLCB0aW1lb3V0KTsKICAgICAgICAgICAgICAgICAgICB9KSwgZmV0Y2goZmV0Y2hVcmwsIE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSwgZmV0Y2hPcHRpb25zKSwgewogICAgICAgICAgICAgICAgICAgICAgICBib2R5OiBib2R5LAogICAgICAgICAgICAgICAgICAgICAgICBzaWduYWw6IHNpZ25hbAogICAgICAgICAgICAgICAgICAgIH0pKSBdKS5maW5hbGx5KCgpID0+IGNsZWFyVGltZW91dCh0aW1lb3V0SWQpKTsKICAgICAgICAgICAgICAgIH0gY2F0Y2ggKGVycm9yKSB7CiAgICAgICAgICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICAgICAgICAgIGVycm9yOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICAgICAgfSk7CiAgICAgICAgICAgICAgICAgICAgcmV0dXJuOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgaWYgKCFyZXNwb25zZSkgewogICAgICAgICAgICAgICAgICAgIGlmIChhYm9ydENvbnRyb2xsZXIpIGFib3J0Q29udHJvbGxlci5hYm9ydCgpOwogICAgICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgICAgICBlcnJvcjogIlRpbWVvdXQgd2hlbiBleGVjdXRpbmcgJ2ZldGNoJyIKICAgICAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgICAgICBpZiAoIXJlc3BvbnNlLm9rKSB7CiAgICAgICAgICAgICAgICAgICAgbGV0IGVycm9yRGVzY3JpcHRpb247CiAgICAgICAgICAgICAgICAgICAgdHJ5IHsKICAgICAgICAgICAgICAgICAgICAgICAgY29uc3Qge2Vycm9yX2Rlc2NyaXB0aW9uOiBlcnJvcl9kZXNjcmlwdGlvbn0gPSBKU09OLnBhcnNlKGF3YWl0IHJlc3BvbnNlLnRleHQoKSk7CiAgICAgICAgICAgICAgICAgICAgICAgIGVycm9yRGVzY3JpcHRpb24gPSBlcnJvcl9kZXNjcmlwdGlvbjsKICAgICAgICAgICAgICAgICAgICB9IGNhdGNoIChfYSkge30KICAgICAgICAgICAgICAgICAgICBwb3J0LnBvc3RNZXNzYWdlKHsKICAgICAgICAgICAgICAgICAgICAgICAgZXJyb3I6IGVycm9yRGVzY3JpcHRpb24gfHwgIkhUVFAgZXJyb3IgIi5jb25jYXQocmVzcG9uc2Uuc3RhdHVzKQogICAgICAgICAgICAgICAgICAgIH0pOwogICAgICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIGRlbGV0ZVJlZnJlc2hUb2tlbnNCeVZhbHVlKHJlZnJlc2hUb2tlbik7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICBvazogdHJ1ZQogICAgICAgICAgICB9KTsKICAgICAgICB9IGNhdGNoIChlcnJvcikgewogICAgICAgICAgICBwb3J0LnBvc3RNZXNzYWdlKHsKICAgICAgICAgICAgICAgIGVycm9yOiBlcnJvci5tZXNzYWdlIHx8ICJVbmtub3duIGVycm9yIGR1cmluZyB0b2tlbiByZXZvY2F0aW9uIgogICAgICAgICAgICB9KTsKICAgICAgICB9CiAgICB9OwogICAgY29uc3QgaXNBdXRob3JpemVkV29ya2VyUmVxdWVzdCA9ICh3b3JrZXJSZXF1ZXN0LCBleHBlY3RlZFBhdGgpID0+IHsKICAgICAgICBpZiAoIWFsbG93ZWRCYXNlVXJsKSB7CiAgICAgICAgICAgIHJldHVybiBmYWxzZTsKICAgICAgICB9CiAgICAgICAgdHJ5IHsKICAgICAgICAgICAgY29uc3QgYWxsb3dlZEJhc2VPcmlnaW4gPSBuZXcgVVJMKGFsbG93ZWRCYXNlVXJsKS5vcmlnaW47CiAgICAgICAgICAgIGNvbnN0IHJlcXVlc3RlZFVybCA9IG5ldyBVUkwod29ya2VyUmVxdWVzdC5mZXRjaFVybCk7CiAgICAgICAgICAgIHJldHVybiByZXF1ZXN0ZWRVcmwub3JpZ2luID09PSBhbGxvd2VkQmFzZU9yaWdpbiAmJiByZXF1ZXN0ZWRVcmwucGF0aG5hbWUgPT09IGV4cGVjdGVkUGF0aDsKICAgICAgICB9IGNhdGNoIChfYSkgewogICAgICAgICAgICByZXR1cm4gZmFsc2U7CiAgICAgICAgfQogICAgfTsKICAgIGNvbnN0IG1lc3NhZ2VSb3V0ZXIgPSBldmVudCA9PiB7CiAgICAgICAgY29uc3Qge2RhdGE6IGRhdGEsIHBvcnRzOiBwb3J0c30gPSBldmVudDsKICAgICAgICBjb25zdCBbcG9ydF0gPSBwb3J0czsKICAgICAgICBpZiAoInR5cGUiIGluIGRhdGEgJiYgZGF0YS50eXBlID09PSAiaW5pdCIpIHsKICAgICAgICAgICAgaWYgKGFsbG93ZWRCYXNlVXJsID09PSBudWxsKSB7CiAgICAgICAgICAgICAgICB0cnkgewogICAgICAgICAgICAgICAgICAgIG5ldyBVUkwoZGF0YS5hbGxvd2VkQmFzZVVybCk7CiAgICAgICAgICAgICAgICAgICAgYWxsb3dlZEJhc2VVcmwgPSBkYXRhLmFsbG93ZWRCYXNlVXJsOwogICAgICAgICAgICAgICAgfSBjYXRjaCAoX2EpIHsKICAgICAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgICAgICB9CiAgICAgICAgICAgIH0KICAgICAgICAgICAgcmV0dXJuOwogICAgICAgIH0KICAgICAgICBpZiAoInR5cGUiIGluIGRhdGEgJiYgZGF0YS50eXBlID09PSAicmV2b2tlIikgewogICAgICAgICAgICBpZiAoIWlzQXV0aG9yaXplZFdvcmtlclJlcXVlc3QoZGF0YSwgIi9vYXV0aC9yZXZva2UiKSkgewogICAgICAgICAgICAgICAgcG9ydCA9PT0gbnVsbCB8fCBwb3J0ID09PSB2b2lkIDAgPyB2b2lkIDAgOiBwb3J0LnBvc3RNZXNzYWdlKHsKICAgICAgICAgICAgICAgICAgICBvazogZmFsc2UsCiAgICAgICAgICAgICAgICAgICAganNvbjogewogICAgICAgICAgICAgICAgICAgICAgICBlcnJvcjogImludmFsaWRfZmV0Y2hfdXJsIiwKICAgICAgICAgICAgICAgICAgICAgICAgZXJyb3JfZGVzY3JpcHRpb246ICJVbmF1dGhvcml6ZWQgZmV0Y2ggVVJMIgogICAgICAgICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgICAgICAgaGVhZGVyczoge30KICAgICAgICAgICAgICAgIH0pOwogICAgICAgICAgICAgICAgcmV0dXJuOwogICAgICAgICAgICB9CiAgICAgICAgICAgIHJldm9rZU1lc3NhZ2VIYW5kbGVyKGV2ZW50KTsKICAgICAgICAgICAgcmV0dXJuOwogICAgICAgIH0KICAgICAgICBpZiAoISgiZmV0Y2hVcmwiIGluIGRhdGEpIHx8ICFpc0F1dGhvcml6ZWRXb3JrZXJSZXF1ZXN0KGRhdGEsICIvb2F1dGgvdG9rZW4iKSkgewogICAgICAgICAgICBwb3J0ID09PSBudWxsIHx8IHBvcnQgPT09IHZvaWQgMCA/IHZvaWQgMCA6IHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgb2s6IGZhbHNlLAogICAgICAgICAgICAgICAganNvbjogewogICAgICAgICAgICAgICAgICAgIGVycm9yOiAiaW52YWxpZF9mZXRjaF91cmwiLAogICAgICAgICAgICAgICAgICAgIGVycm9yX2Rlc2NyaXB0aW9uOiAiVW5hdXRob3JpemVkIGZldGNoIFVSTCIKICAgICAgICAgICAgICAgIH0sCiAgICAgICAgICAgICAgICBoZWFkZXJzOiB7fQogICAgICAgICAgICB9KTsKICAgICAgICAgICAgcmV0dXJuOwogICAgICAgIH0KICAgICAgICBtZXNzYWdlSGFuZGxlcihldmVudCk7CiAgICB9OwogICAgewogICAgICAgIGFkZEV2ZW50TGlzdGVuZXIoIm1lc3NhZ2UiLCBtZXNzYWdlUm91dGVyKTsKICAgIH0KfSkoKTsKCg==", null, false);
     const singlePromiseMap = {};
     const singlePromise = (cb, key) => {
         let promise = singlePromiseMap[key];
@@ -2126,12 +2063,11 @@
         constructor(cache, clientId) {
             this.cache = cache;
             this.clientId = clientId;
-            _defineProperty(this, "manifestKey", void 0);
             this.manifestKey = this.createManifestKeyFrom(this.clientId);
         }
         async add(key) {
-            var _await$this$cache$get;
-            const keys = new Set(((_await$this$cache$get = await this.cache.get(this.manifestKey)) === null || _await$this$cache$get === void 0 ? void 0 : _await$this$cache$get.keys) || []);
+            var _a;
+            const keys = new Set(((_a = await this.cache.get(this.manifestKey)) === null || _a === void 0 ? void 0 : _a.keys) || []);
             keys.add(key);
             await this.cache.set(this.manifestKey, {
                 keys: [ ...keys ]
@@ -2160,7 +2096,6 @@
             return "".concat(CACHE_KEY_PREFIX, "::").concat(clientId);
         }
     }
-    const _excluded$2 = [ "openUrl", "onRedirect" ];
     const GET_TOKEN_SILENTLY_LOCK_KEY = "auth0.lock.getTokenSilently";
     const GET_TOKEN_FROM_IFRAME_LOCK_KEY = "auth0.lock.getTokenFromIFrame";
     const buildGetTokenSilentlyLockKey = (clientId, audience) => "".concat(GET_TOKEN_SILENTLY_LOCK_KEY, ".").concat(clientId, ".").concat(audience);
@@ -2173,9 +2108,9 @@
         localstorage: () => new LocalStorageCache
     };
     const cacheFactory = location => cacheLocationBuilders[location];
-    const getAuthorizeParams = (clientOptions, scope, authorizationParams, state, nonce, code_challenge, redirect_uri, response_mode, thumbprint) => _objectSpread2(_objectSpread2(_objectSpread2({
+    const getAuthorizeParams = (clientOptions, scope, authorizationParams, state, nonce, code_challenge, redirect_uri, response_mode, thumbprint) => Object.assign(Object.assign(Object.assign({
         client_id: clientOptions.clientId
-    }, clientOptions.authorizationParams), authorizationParams), {}, {
+    }, clientOptions.authorizationParams), authorizationParams), {
         scope: scopesToRequest(scope, authorizationParams.scope, authorizationParams.audience),
         response_type: "code",
         response_mode: response_mode || "query",
@@ -2187,8 +2122,8 @@
         dpop_jkt: thumbprint
     });
     const patchOpenUrlWithOnRedirect = options => {
-        const {openUrl: openUrl, onRedirect: onRedirect} = options, originalOptions = _objectWithoutProperties(options, _excluded$2);
-        const result = _objectSpread2(_objectSpread2({}, originalOptions), {}, {
+        const {openUrl: openUrl, onRedirect: onRedirect} = options, originalOptions = __rest(options, [ "openUrl", "onRedirect" ]);
+        const result = Object.assign(Object.assign({}, originalOptions), {
             openUrl: openUrl === false || openUrl ? openUrl : onRedirect
         });
         return result;
@@ -2205,13 +2140,13 @@
         return missingScopes.join(",");
     };
     const getScopeToRequest = (useMrrt, authorizationParams, cachedAudience, cachedScope) => {
+        var _a;
         if (useMrrt && cachedAudience && cachedScope) {
-            var _authorizationParams$;
             if (authorizationParams.audience !== cachedAudience) {
                 return authorizationParams.scope;
             }
             const cachedScopes = cachedScope.split(" ");
-            const newScopes = ((_authorizationParams$ = authorizationParams.scope) === null || _authorizationParams$ === void 0 ? void 0 : _authorizationParams$.split(" ")) || [];
+            const newScopes = ((_a = authorizationParams.scope) === null || _a === void 0 ? void 0 : _a.split(" ")) || [];
             const newScopesAreIncluded = newScopes.every(scope => cachedScopes.includes(scope));
             return cachedScopes.length >= newScopes.length && newScopesAreIncluded ? cachedScope : authorizationParams.scope;
         }
@@ -2232,8 +2167,6 @@
     const AUTH0_NONCE_ID = "auth0";
     class DpopStorage {
         constructor(clientId) {
-            _defineProperty(this, "clientId", void 0);
-            _defineProperty(this, "dbHandle", void 0);
             this.clientId = clientId;
         }
         getVersion() {
@@ -2287,7 +2220,7 @@
         }
         async deleteBy(table, predicate) {
             const allKeys = await this.executeDbRequest(table, "readonly", table => table.getAllKeys());
-            allKeys === null || allKeys === void 0 || allKeys.filter(predicate).map(k => this.executeDbRequest(table, "readwrite", table => table.delete(k)));
+            allKeys === null || allKeys === void 0 ? void 0 : allKeys.filter(predicate).map(k => this.executeDbRequest(table, "readwrite", table => table.delete(k)));
         }
         deleteByClientId(table, clientId) {
             return this.deleteBy(table, k => typeof k === "string" && k.startsWith("".concat(clientId, "::")));
@@ -2301,7 +2234,6 @@
     }
     class Dpop {
         constructor(clientId) {
-            _defineProperty(this, "storage", void 0);
             this.storage = new DpopStorage(clientId);
         }
         getNonce(id) {
@@ -2320,7 +2252,7 @@
         }
         async generateProof(params) {
             const keyPair = await this.getOrGenerateKeyPair();
-            return generateProof(_objectSpread2({
+            return generateProof(Object.assign({
                 keyPair: keyPair
             }, params));
         }
@@ -2332,17 +2264,15 @@
             await Promise.all([ this.storage.clearNonces(), this.storage.clearKeyPairs() ]);
         }
     }
-    var TokenType = function(TokenType) {
+    var TokenType;
+    (function(TokenType) {
         TokenType["Bearer"] = "Bearer";
         TokenType["DPoP"] = "DPoP";
-        return TokenType;
-    }(TokenType || {});
+    })(TokenType || (TokenType = {}));
     class Fetcher {
         constructor(config, hooks) {
-            _defineProperty(this, "config", void 0);
-            _defineProperty(this, "hooks", void 0);
             this.hooks = hooks;
-            this.config = _objectSpread2(_objectSpread2({}, config), {}, {
+            this.config = Object.assign(Object.assign({}, config), {
                 fetch: config.fetch || (typeof window === "undefined" ? fetch : window.fetch.bind(window))
             });
         }
@@ -2450,7 +2380,7 @@
         }
         fetchWithAuth(info, init, authParams) {
             const callbacks = {
-                onUseDpopNonceError: () => this.internalFetchWithAuth(info, init, _objectSpread2(_objectSpread2({}, callbacks), {}, {
+                onUseDpopNonceError: () => this.internalFetchWithAuth(info, init, Object.assign(Object.assign({}, callbacks), {
                     onUseDpopNonceError: undefined
                 }), authParams)
             };
@@ -2506,11 +2436,6 @@
         constructor(_ref) {
             let {type: type, status: status, title: title, detail: detail, validation_errors: validation_errors} = _ref;
             super(detail);
-            _defineProperty(this, "type", void 0);
-            _defineProperty(this, "status", void 0);
-            _defineProperty(this, "title", void 0);
-            _defineProperty(this, "detail", void 0);
-            _defineProperty(this, "validation_errors", void 0);
             this.name = "MyAccountApiError";
             this.type = type;
             this.status = status;
@@ -2548,7 +2473,7 @@
     };
     function getAuthJsEnrollParams(params) {
         const mapping = FACTOR_MAPPING[params.factorType];
-        return _objectSpread2(_objectSpread2(_objectSpread2({
+        return Object.assign(Object.assign(Object.assign({
             mfaToken: params.mfaToken,
             authenticatorTypes: mapping.authenticatorTypes
         }, mapping.oobChannels && {
@@ -2571,6 +2496,144 @@
         }
         return undefined;
     }
+    function _OverloadYield(e, d) {
+        this.v = e, this.k = d;
+    }
+    function _assertClassBrand(e, t, n) {
+        if ("function" == typeof e ? e === t : e.has(t)) return arguments.length < 3 ? t : n;
+        throw new TypeError("Private element is not present on this object");
+    }
+    function _awaitAsyncGenerator(e) {
+        return new _OverloadYield(e, 0);
+    }
+    function _checkPrivateRedeclaration(e, t) {
+        if (t.has(e)) throw new TypeError("Cannot initialize the same private elements twice on an object");
+    }
+    function _classPrivateFieldGet2(s, a) {
+        return s.get(_assertClassBrand(s, a));
+    }
+    function _classPrivateFieldInitSpec(e, t, a) {
+        _checkPrivateRedeclaration(e, t), t.set(e, a);
+    }
+    function _classPrivateFieldSet2(s, a, r) {
+        return s.set(_assertClassBrand(s, a), r), r;
+    }
+    function _classPrivateMethodInitSpec(e, a) {
+        _checkPrivateRedeclaration(e, a), a.add(e);
+    }
+    function _defineProperty(e, r, t) {
+        return (r = _toPropertyKey(r)) in e ? Object.defineProperty(e, r, {
+            value: t,
+            enumerable: !0,
+            configurable: !0,
+            writable: !0
+        }) : e[r] = t, e;
+    }
+    function ownKeys(e, r) {
+        var t = Object.keys(e);
+        if (Object.getOwnPropertySymbols) {
+            var o = Object.getOwnPropertySymbols(e);
+            r && (o = o.filter(function(r) {
+                return Object.getOwnPropertyDescriptor(e, r).enumerable;
+            })), t.push.apply(t, o);
+        }
+        return t;
+    }
+    function _objectSpread2(e) {
+        for (var r = 1; r < arguments.length; r++) {
+            var t = null != arguments[r] ? arguments[r] : {};
+            r % 2 ? ownKeys(Object(t), !0).forEach(function(r) {
+                _defineProperty(e, r, t[r]);
+            }) : Object.getOwnPropertyDescriptors ? Object.defineProperties(e, Object.getOwnPropertyDescriptors(t)) : ownKeys(Object(t)).forEach(function(r) {
+                Object.defineProperty(e, r, Object.getOwnPropertyDescriptor(t, r));
+            });
+        }
+        return e;
+    }
+    function _objectWithoutProperties(e, t) {
+        if (null == e) return {};
+        var o, r, i = _objectWithoutPropertiesLoose(e, t);
+        if (Object.getOwnPropertySymbols) {
+            var n = Object.getOwnPropertySymbols(e);
+            for (r = 0; r < n.length; r++) o = n[r], -1 === t.indexOf(o) && {}.propertyIsEnumerable.call(e, o) && (i[o] = e[o]);
+        }
+        return i;
+    }
+    function _objectWithoutPropertiesLoose(r, e) {
+        if (null == r) return {};
+        var t = {};
+        for (var n in r) if ({}.hasOwnProperty.call(r, n)) {
+            if (-1 !== e.indexOf(n)) continue;
+            t[n] = r[n];
+        }
+        return t;
+    }
+    function _toPrimitive(t, r) {
+        if ("object" != typeof t || !t) return t;
+        var e = t[Symbol.toPrimitive];
+        if (void 0 !== e) {
+            var i = e.call(t, r || "default");
+            if ("object" != typeof i) return i;
+            throw new TypeError("@@toPrimitive must return a primitive value.");
+        }
+        return ("string" === r ? String : Number)(t);
+    }
+    function _toPropertyKey(t) {
+        var i = _toPrimitive(t, "string");
+        return "symbol" == typeof i ? i : i + "";
+    }
+    function _wrapAsyncGenerator(e) {
+        return function() {
+            return new AsyncGenerator(e.apply(this, arguments));
+        };
+    }
+    function AsyncGenerator(e) {
+        var t, n;
+        function resume(t, n) {
+            try {
+                var r = e[t](n), o = r.value, u = o instanceof _OverloadYield;
+                Promise.resolve(u ? o.v : o).then(function(n) {
+                    if (u) {
+                        var i = "return" === t && o.k ? t : "next";
+                        if (!o.k || n.done) return resume(i, n);
+                        n = e[i](n).value;
+                    }
+                    settle(!!r.done, n);
+                }, function(e) {
+                    resume("throw", e);
+                });
+            } catch (e) {
+                settle(2, e);
+            }
+        }
+        function settle(e, r) {
+            2 === e ? t.reject(r) : t.resolve({
+                value: r,
+                done: e
+            }), (t = t.next) ? resume(t.key, t.arg) : n = null;
+        }
+        this._invoke = function(e, r) {
+            return new Promise(function(o, u) {
+                var i = {
+                    key: e,
+                    arg: r,
+                    resolve: o,
+                    reject: u,
+                    next: null
+                };
+                n ? n = n.next = i : (t = n = i, resume(e, r));
+            });
+        }, "function" != typeof e.return && (this.return = void 0);
+    }
+    AsyncGenerator.prototype["function" == typeof Symbol && Symbol.asyncIterator || "@@asyncIterator"] = function() {
+        return this;
+    }, AsyncGenerator.prototype.next = function(e) {
+        return this._invoke("next", e);
+    }, AsyncGenerator.prototype.throw = function(e) {
+        return this._invoke("throw", e);
+    }, AsyncGenerator.prototype.return = function(e) {
+        return this._invoke("return", e);
+    };
     var _navigator$userAgent$2, _navigator$userAgent$$2;
     let USER_AGENT$2;
     if (typeof navigator === "undefined" || !((_navigator$userAgent$2 = navigator.userAgent) !== null && _navigator$userAgent$2 !== void 0 && (_navigator$userAgent$$2 = _navigator$userAgent$2.startsWith) !== null && _navigator$userAgent$$2 !== void 0 && _navigator$userAgent$$2.call(_navigator$userAgent$2, "Mozilla/5.0 "))) {
@@ -6526,7 +6589,7 @@
         });
         return remoteJWKSet;
     }
-    const _excluded$1 = [ "mfaToken" ], _excluded2$1 = [ "mfaToken" ];
+    const _excluded = [ "mfaToken" ], _excluded2 = [ "mfaToken" ];
     var _baseUrl, _clientId, _customFetch, _entries, _ttlMs, _maxEntries, _configuration, _serverMetadata, _clientAuthPromise, _options, _customFetch2, _jwks, _discoveryCache, _inFlightDiscovery, _jwksCache, _Class9_brand;
     var NotSupportedError = class NotSupportedError extends Error {
         constructor(code, message) {
@@ -6746,7 +6809,7 @@
         }
         async enrollAuthenticator(options) {
             const url = "".concat(_classPrivateFieldGet2(_baseUrl, this), "/mfa/associate");
-            const {mfaToken: mfaToken} = options, sdkParams = _objectWithoutProperties(options, _excluded$1);
+            const {mfaToken: mfaToken} = options, sdkParams = _objectWithoutProperties(options, _excluded);
             const apiParams = {
                 authenticator_types: sdkParams.authenticatorTypes
             };
@@ -6791,7 +6854,7 @@
         }
         async challengeAuthenticator(options) {
             const url = "".concat(_classPrivateFieldGet2(_baseUrl, this), "/mfa/challenge");
-            const {mfaToken: mfaToken} = options, challengeParams = _objectWithoutProperties(options, _excluded2$1);
+            const {mfaToken: mfaToken} = options, challengeParams = _objectWithoutProperties(options, _excluded2);
             const body = {
                 mfa_token: mfaToken,
                 client_id: _classPrivateFieldGet2(_clientId, this),
@@ -7511,13 +7574,12 @@
     class MfaContextManager {
         constructor() {
             let ttlMs = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : DEFAULT_TTL_MS;
-            _defineProperty(this, "contexts", new Map);
-            _defineProperty(this, "ttlMs", void 0);
+            this.contexts = new Map;
             this.ttlMs = ttlMs;
         }
         set(mfaToken, context) {
             this.cleanup();
-            this.contexts.set(mfaToken, _objectSpread2(_objectSpread2({}, context), {}, {
+            this.contexts.set(mfaToken, Object.assign(Object.assign({}, context), {
                 createdAt: Date.now()
             }));
         }
@@ -7549,9 +7611,6 @@
     }
     class MfaApiClient {
         constructor(authJsMfaClient, auth0Client) {
-            _defineProperty(this, "authJsMfaClient", void 0);
-            _defineProperty(this, "auth0Client", void 0);
-            _defineProperty(this, "contextManager", void 0);
             this.authJsMfaClient = authJsMfaClient;
             this.auth0Client = auth0Client;
             this.contextManager = new MfaContextManager;
@@ -7564,9 +7623,9 @@
             });
         }
         async getAuthenticators(mfaToken) {
-            var _context$mfaRequireme;
+            var _a, _b;
             const context = this.contextManager.get(mfaToken);
-            if (!(context !== null && context !== void 0 && (_context$mfaRequireme = context.mfaRequirements) !== null && _context$mfaRequireme !== void 0 && _context$mfaRequireme.challenge) || context.mfaRequirements.challenge.length === 0) {
+            if (!((_a = context === null || context === void 0 ? void 0 : context.mfaRequirements) === null || _a === void 0 ? void 0 : _a.challenge) || context.mfaRequirements.challenge.length === 0) {
                 throw new MfaListAuthenticatorsError("invalid_request", "challengeType is required and must contain at least one challenge type, please check mfa_required error payload");
             }
             const challengeTypes = context.mfaRequirements.challenge.map(c => c.type);
@@ -7580,25 +7639,25 @@
                 });
             } catch (error) {
                 if (error instanceof MfaListAuthenticatorsError$1) {
-                    var _error$cause;
-                    throw new MfaListAuthenticatorsError((_error$cause = error.cause) === null || _error$cause === void 0 ? void 0 : _error$cause.error, error.message);
+                    throw new MfaListAuthenticatorsError((_b = error.cause) === null || _b === void 0 ? void 0 : _b.error, error.message);
                 }
                 throw error;
             }
         }
         async enroll(params) {
+            var _a;
             const authJsParams = getAuthJsEnrollParams(params);
             try {
                 return await this.authJsMfaClient.enrollAuthenticator(authJsParams);
             } catch (error) {
                 if (error instanceof MfaEnrollmentError$1) {
-                    var _error$cause2;
-                    throw new MfaEnrollmentError((_error$cause2 = error.cause) === null || _error$cause2 === void 0 ? void 0 : _error$cause2.error, error.message);
+                    throw new MfaEnrollmentError((_a = error.cause) === null || _a === void 0 ? void 0 : _a.error, error.message);
                 }
                 throw error;
             }
         }
         async challenge(params) {
+            var _a;
             try {
                 const authJsParams = {
                     challengeType: params.challengeType,
@@ -7610,8 +7669,7 @@
                 return await this.authJsMfaClient.challengeAuthenticator(authJsParams);
             } catch (error) {
                 if (error instanceof MfaChallengeError$1) {
-                    var _error$cause3;
-                    throw new MfaChallengeError((_error$cause3 = error.cause) === null || _error$cause3 === void 0 ? void 0 : _error$cause3.error, error.message);
+                    throw new MfaChallengeError((_a = error.cause) === null || _a === void 0 ? void 0 : _a.error, error.message);
                 }
                 throw error;
             }
@@ -7660,37 +7718,18 @@
             }
         }
     }
-    const _excluded = [ "openUrl", "fragment", "appState" ], _excluded2 = [ "url" ], _excluded3 = [ "cacheMode" ], _excluded4 = [ "federated" ], _excluded5 = [ "openUrl" ], _excluded6 = [ "id_token", "decodedToken" ], _excluded7 = [ "mfaToken" ];
     class Auth0Client {
         constructor(options) {
-            _defineProperty(this, "transactionManager", void 0);
-            _defineProperty(this, "cacheManager", void 0);
-            _defineProperty(this, "lockManager", void 0);
-            _defineProperty(this, "domainUrl", void 0);
-            _defineProperty(this, "tokenIssuer", void 0);
-            _defineProperty(this, "scope", void 0);
-            _defineProperty(this, "cookieStorage", void 0);
-            _defineProperty(this, "dpop", void 0);
-            _defineProperty(this, "sessionCheckExpiryDays", void 0);
-            _defineProperty(this, "orgHintCookieName", void 0);
-            _defineProperty(this, "isAuthenticatedCookieName", void 0);
-            _defineProperty(this, "nowProvider", void 0);
-            _defineProperty(this, "httpTimeoutMs", void 0);
-            _defineProperty(this, "options", void 0);
-            _defineProperty(this, "userCache", (new InMemoryCache).enclosedCache);
-            _defineProperty(this, "myAccountApi", void 0);
-            _defineProperty(this, "mfa", void 0);
-            _defineProperty(this, "worker", void 0);
-            _defineProperty(this, "authJsClient", void 0);
-            _defineProperty(this, "defaultOptions", {
+            this.userCache = (new InMemoryCache).enclosedCache;
+            this.defaultOptions = {
                 authorizationParams: {
                     scope: DEFAULT_SCOPE
                 },
                 useRefreshTokensFallback: false,
                 useFormData: true
-            });
-            this.options = _objectSpread2(_objectSpread2(_objectSpread2({}, this.defaultOptions), options), {}, {
-                authorizationParams: _objectSpread2(_objectSpread2({}, this.defaultOptions.authorizationParams), options.authorizationParams)
+            };
+            this.options = Object.assign(Object.assign(Object.assign({}, this.defaultOptions), options), {
+                authorizationParams: Object.assign(Object.assign({}, this.defaultOptions.authorizationParams), options.authorizationParams)
             });
             typeof window !== "undefined" && validateCrypto();
             this.lockManager = getLockManager();
@@ -7722,9 +7761,9 @@
             this.domainUrl = getDomain(this.options.domain);
             this.tokenIssuer = getTokenIssuer(this.options.issuer, this.domainUrl);
             const myAccountApiIdentifier = "".concat(this.domainUrl, "/me/");
-            const myAccountFetcher = this.createFetcher(_objectSpread2(_objectSpread2({}, this.options.useDpop && {
+            const myAccountFetcher = this.createFetcher(Object.assign(Object.assign({}, this.options.useDpop && {
                 dpopNonceId: "__auth0_my_account_api__"
-            }), {}, {
+            }), {
                 getAccessToken: () => this.getTokenSilently({
                     authorizationParams: {
                         scope: "create:me:connected_accounts",
@@ -7802,7 +7841,7 @@
                     url.searchParams.delete(paramName);
                     window.history.replaceState({}, "", url.toString());
                 }
-            } catch (_unused) {}
+            } catch (_a) {}
         }
         _applySessionTransferToken(authorizationParams) {
             const paramName = this.options.sessionTransferTokenQueryParamName;
@@ -7812,18 +7851,18 @@
             const token = this._extractSessionTransferToken(paramName);
             if (!token) return authorizationParams;
             this._clearSessionTransferTokenFromUrl(paramName);
-            return _objectSpread2(_objectSpread2({}, authorizationParams), {}, {
+            return Object.assign(Object.assign({}, authorizationParams), {
                 session_transfer_token: token
             });
         }
         async _prepareAuthorizeUrl(authorizationParams, authorizeOptions, fallbackRedirectUri) {
-            var _this$dpop;
+            var _a;
             const state = encode$2(createRandomString());
             const nonce = encode$2(createRandomString());
             const code_verifier = createRandomString();
             const code_challengeBuffer = await sha256(code_verifier);
             const code_challenge = bufferToBase64UrlEncoded(code_challengeBuffer);
-            const thumbprint = await ((_this$dpop = this.dpop) === null || _this$dpop === void 0 ? void 0 : _this$dpop.calculateThumbprint());
+            const thumbprint = await ((_a = this.dpop) === null || _a === void 0 ? void 0 : _a.calculateThumbprint());
             const params = getAuthorizeParams(this.options, this.scope, authorizationParams, state, nonce, code_challenge, authorizationParams.redirect_uri || this.options.authorizationParams.redirect_uri || fallbackRedirectUri, authorizeOptions === null || authorizeOptions === void 0 ? void 0 : authorizeOptions.response_mode, thumbprint);
             const url = this._authorizeUrl(params);
             return {
@@ -7837,7 +7876,7 @@
             };
         }
         async loginWithPopup(options, config) {
-            var _options$authorizatio;
+            var _a;
             options = options || {};
             config = config || {};
             if (!config.popup) {
@@ -7851,13 +7890,13 @@
                 response_mode: "web_message"
             }, window.location.origin);
             config.popup.location.href = params.url;
-            const codeResult = await runPopup(_objectSpread2(_objectSpread2({}, config), {}, {
+            const codeResult = await runPopup(Object.assign(Object.assign({}, config), {
                 timeoutInSeconds: config.timeoutInSeconds || this.options.authorizeTimeoutInSeconds || DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS
             }), new URL(params.url).origin);
             if (params.state !== codeResult.state) {
                 throw new GenericError("state_mismatch", "Invalid state");
             }
-            const organization = ((_options$authorizatio = options.authorizationParams) === null || _options$authorizatio === void 0 ? void 0 : _options$authorizatio.organization) || this.options.authorizationParams.organization;
+            const organization = ((_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.organization) || this.options.authorizationParams.organization;
             await this._requestToken({
                 audience: params.audience,
                 scope: params.scope,
@@ -7871,26 +7910,26 @@
             });
         }
         async getUser() {
-            var _cache$decodedToken;
+            var _a;
             const cache = await this._getIdTokenFromCache();
-            return cache === null || cache === void 0 || (_cache$decodedToken = cache.decodedToken) === null || _cache$decodedToken === void 0 ? void 0 : _cache$decodedToken.user;
+            return (_a = cache === null || cache === void 0 ? void 0 : cache.decodedToken) === null || _a === void 0 ? void 0 : _a.user;
         }
         async getIdTokenClaims() {
-            var _cache$decodedToken2;
+            var _a;
             const cache = await this._getIdTokenFromCache();
-            return cache === null || cache === void 0 || (_cache$decodedToken2 = cache.decodedToken) === null || _cache$decodedToken2 === void 0 ? void 0 : _cache$decodedToken2.claims;
+            return (_a = cache === null || cache === void 0 ? void 0 : cache.decodedToken) === null || _a === void 0 ? void 0 : _a.claims;
         }
         async loginWithRedirect() {
-            var _urlOptions$authoriza;
             let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-            const _patchOpenUrlWithOnRe = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl, fragment: fragment, appState: appState} = _patchOpenUrlWithOnRe, urlOptions = _objectWithoutProperties(_patchOpenUrlWithOnRe, _excluded);
-            const organization = ((_urlOptions$authoriza = urlOptions.authorizationParams) === null || _urlOptions$authoriza === void 0 ? void 0 : _urlOptions$authoriza.organization) || this.options.authorizationParams.organization;
+            var _a;
+            const _b = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl, fragment: fragment, appState: appState} = _b, urlOptions = __rest(_b, [ "openUrl", "fragment", "appState" ]);
+            const organization = ((_a = urlOptions.authorizationParams) === null || _a === void 0 ? void 0 : _a.organization) || this.options.authorizationParams.organization;
             const authorizationParams = this._applySessionTransferToken(urlOptions.authorizationParams || {});
-            const _await$this$_prepareA = await this._prepareAuthorizeUrl(authorizationParams), {url: url} = _await$this$_prepareA, transaction = _objectWithoutProperties(_await$this$_prepareA, _excluded2);
-            this.transactionManager.create(_objectSpread2(_objectSpread2({}, transaction), {}, {
+            const _c = await this._prepareAuthorizeUrl(authorizationParams), {url: url} = _c, transaction = __rest(_c, [ "url" ]);
+            this.transactionManager.create(Object.assign(Object.assign(Object.assign({}, transaction), {
                 appState: appState,
-                response_type: ResponseType.Code
-            }, organization && {
+                response_type: exports.ResponseType.Code
+            }), organization && {
                 organization: organization
             }));
             const urlWithFragment = fragment ? "".concat(url, "#").concat(fragment) : url;
@@ -7912,7 +7951,7 @@
             }
             this.transactionManager.remove();
             const authenticationResult = parseAuthenticationResult(queryStringFragments.join(""));
-            if (transaction.response_type === ResponseType.ConnectCode) {
+            if (transaction.response_type === exports.ResponseType.ConnectCode) {
                 return this._handleConnectAccountRedirectCallback(authenticationResult, transaction);
             }
             return this._handleLoginRedirectCallback(authenticationResult, transaction);
@@ -7928,7 +7967,7 @@
             const organization = transaction.organization;
             const nonceIn = transaction.nonce;
             const redirect_uri = transaction.redirect_uri;
-            await this._requestToken(_objectSpread2({
+            await this._requestToken(Object.assign({
                 audience: transaction.audience,
                 scope: transaction.scope,
                 code_verifier: transaction.code_verifier,
@@ -7942,7 +7981,7 @@
             });
             return {
                 appState: transaction.appState,
-                response_type: ResponseType.Code
+                response_type: exports.ResponseType.Code
             };
         }
         async _handleConnectAccountRedirectCallback(connectResult, transaction) {
@@ -7962,9 +8001,9 @@
                 redirect_uri: transaction.redirect_uri,
                 code_verifier: transaction.code_verifier
             });
-            return _objectSpread2(_objectSpread2({}, data), {}, {
+            return Object.assign(Object.assign({}, data), {
                 appState: transaction.appState,
-                response_type: ResponseType.ConnectCode
+                response_type: exports.ResponseType.ConnectCode
             });
         }
         async checkSession(options) {
@@ -7984,20 +8023,20 @@
             } catch (_) {}
         }
         async getTokenSilently() {
-            var _options$authorizatio2, _options$authorizatio3;
             let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-            const localOptions = _objectSpread2(_objectSpread2({
+            var _a, _b;
+            const localOptions = Object.assign(Object.assign({
                 cacheMode: "on"
-            }, options), {}, {
-                authorizationParams: _objectSpread2(_objectSpread2(_objectSpread2({}, this.options.authorizationParams), options.authorizationParams), {}, {
-                    scope: scopesToRequest(this.scope, (_options$authorizatio2 = options.authorizationParams) === null || _options$authorizatio2 === void 0 ? void 0 : _options$authorizatio2.scope, ((_options$authorizatio3 = options.authorizationParams) === null || _options$authorizatio3 === void 0 ? void 0 : _options$authorizatio3.audience) || this.options.authorizationParams.audience)
+            }, options), {
+                authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), options.authorizationParams), {
+                    scope: scopesToRequest(this.scope, (_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.scope, ((_b = options.authorizationParams) === null || _b === void 0 ? void 0 : _b.audience) || this.options.authorizationParams.audience)
                 })
             });
             const result = await singlePromise(() => this._getTokenSilently(localOptions), "".concat(this.options.clientId, "::").concat(localOptions.authorizationParams.audience, "::").concat(localOptions.authorizationParams.scope));
             return options.detailedResponse ? result : result === null || result === void 0 ? void 0 : result.access_token;
         }
         async _getTokenSilently(options) {
-            const {cacheMode: cacheMode} = options, getTokenOptions = _objectWithoutProperties(options, _excluded3);
+            const {cacheMode: cacheMode} = options, getTokenOptions = __rest(options, [ "cacheMode" ]);
             if (cacheMode !== "off") {
                 const entry = await this._getEntryFromCache({
                     scope: getTokenOptions.authorizationParams.scope,
@@ -8027,13 +8066,13 @@
                     }
                     const authResult = this.options.useRefreshTokens ? await this._getTokenUsingRefreshToken(getTokenOptions) : await this._getTokenFromIFrame(getTokenOptions);
                     const {id_token: id_token, token_type: token_type, access_token: access_token, oauthTokenScope: oauthTokenScope, expires_in: expires_in} = authResult;
-                    return _objectSpread2(_objectSpread2({
+                    return Object.assign(Object.assign({
                         id_token: id_token,
                         token_type: token_type,
                         access_token: access_token
                     }, oauthTokenScope ? {
                         scope: oauthTokenScope
-                    } : null), {}, {
+                    } : null), {
                         expires_in: expires_in
                     });
                 });
@@ -8069,15 +8108,15 @@
             }
         }
         async getTokenWithPopup() {
-            var _options$authorizatio4, _options$authorizatio5;
             let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
             let config = arguments.length > 1 && arguments[1] !== undefined ? arguments[1] : {};
-            const localOptions = _objectSpread2(_objectSpread2({}, options), {}, {
-                authorizationParams: _objectSpread2(_objectSpread2(_objectSpread2({}, this.options.authorizationParams), options.authorizationParams), {}, {
-                    scope: scopesToRequest(this.scope, (_options$authorizatio4 = options.authorizationParams) === null || _options$authorizatio4 === void 0 ? void 0 : _options$authorizatio4.scope, ((_options$authorizatio5 = options.authorizationParams) === null || _options$authorizatio5 === void 0 ? void 0 : _options$authorizatio5.audience) || this.options.authorizationParams.audience)
+            var _a, _b;
+            const localOptions = Object.assign(Object.assign({}, options), {
+                authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), options.authorizationParams), {
+                    scope: scopesToRequest(this.scope, (_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.scope, ((_b = options.authorizationParams) === null || _b === void 0 ? void 0 : _b.audience) || this.options.authorizationParams.audience)
                 })
             });
-            config = _objectSpread2(_objectSpread2({}, DEFAULT_POPUP_CONFIG_OPTIONS), config);
+            config = Object.assign(Object.assign({}, DEFAULT_POPUP_CONFIG_OPTIONS), config);
             await this.loginWithPopup(localOptions, config);
             const cache = await this.cacheManager.get(new CacheKey({
                 scope: localOptions.authorizationParams.scope,
@@ -8096,17 +8135,36 @@
             } else {
                 delete options.clientId;
             }
-            const _ref = options.logoutParams || {}, {federated: federated} = _ref, logoutOptions = _objectWithoutProperties(_ref, _excluded4);
+            const _a = options.logoutParams || {}, {federated: federated} = _a, logoutOptions = __rest(_a, [ "federated" ]);
             const federatedQuery = federated ? "&federated" : "";
-            const url = this._url("/v2/logout?".concat(createQueryParams(_objectSpread2({
+            const url = this._url("/v2/logout?".concat(createQueryParams(Object.assign({
                 clientId: options.clientId
             }, logoutOptions))));
             return url + federatedQuery;
         }
+        async revokeRefreshToken() {
+            let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
+            if (!this.options.useRefreshTokens) {
+                return;
+            }
+            const audience = options.audience || this.options.authorizationParams.audience;
+            const resolvedAudience = audience || DEFAULT_AUDIENCE;
+            const refreshTokens = await this.cacheManager.getRefreshTokensByAudience(resolvedAudience, this.options.clientId);
+            await revokeToken({
+                baseUrl: this.domainUrl,
+                timeout: this.httpTimeoutMs,
+                auth0Client: this.options.auth0Client,
+                useFormData: this.options.useFormData,
+                client_id: this.options.clientId,
+                refreshTokens: refreshTokens,
+                audience: resolvedAudience,
+                onRefreshTokenRevoked: refreshToken => this.cacheManager.stripRefreshToken(refreshToken)
+            }, this.worker);
+        }
         async logout() {
-            var _this$dpop2;
             let options = arguments.length > 0 && arguments[0] !== undefined ? arguments[0] : {};
-            const _patchOpenUrlWithOnRe2 = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl} = _patchOpenUrlWithOnRe2, logoutOptions = _objectWithoutProperties(_patchOpenUrlWithOnRe2, _excluded5);
+            var _a;
+            const _b = patchOpenUrlWithOnRedirect(options), {openUrl: openUrl} = _b, logoutOptions = __rest(_b, [ "openUrl" ]);
             if (options.clientId === null) {
                 await this.cacheManager.clear();
             } else {
@@ -8119,7 +8177,7 @@
                 cookieDomain: this.options.cookieDomain
             });
             this.userCache.remove(CACHE_KEY_ID_TOKEN_SUFFIX);
-            await ((_this$dpop2 = this.dpop) === null || _this$dpop2 === void 0 ? void 0 : _this$dpop2.clear());
+            await ((_a = this.dpop) === null || _a === void 0 ? void 0 : _a.clear());
             const url = this._buildLogoutUrl(logoutOptions);
             if (openUrl) {
                 await openUrl(url);
@@ -8131,7 +8189,7 @@
             const iframeLockKey = buildIframeLockKey(this.options.clientId);
             try {
                 return await this.lockManager.runWithLock(iframeLockKey, 5e3, async () => {
-                    const params = _objectSpread2(_objectSpread2({}, options.authorizationParams), {}, {
+                    const params = Object.assign(Object.assign({}, options.authorizationParams), {
                         prompt: "none"
                     });
                     const orgHint = this.cookieStorage.get(this.orgHintCookieName);
@@ -8148,14 +8206,14 @@
                     let eventOrigin;
                     try {
                         eventOrigin = new URL(this.domainUrl).origin;
-                    } catch (_unused2) {
+                    } catch (_a) {
                         eventOrigin = this.domainUrl;
                     }
                     const codeResult = await runIframe(url, eventOrigin, authorizeTimeout);
                     if (stateIn !== codeResult.state) {
                         throw new GenericError("state_mismatch", "Invalid state");
                     }
-                    const tokenResult = await this._requestToken(_objectSpread2(_objectSpread2({}, options.authorizationParams), {}, {
+                    const tokenResult = await this._requestToken(Object.assign(Object.assign({}, options.authorizationParams), {
                         code_verifier: code_verifier,
                         code: codeResult.code,
                         grant_type: "authorization_code",
@@ -8165,7 +8223,7 @@
                         nonceIn: nonceIn,
                         organization: params.organization
                     });
-                    return _objectSpread2(_objectSpread2({}, tokenResult), {}, {
+                    return Object.assign(Object.assign({}, tokenResult), {
                         scope: scope,
                         oauthTokenScope: tokenResult.scope,
                         audience: audience
@@ -8184,6 +8242,7 @@
             }
         }
         async _getTokenUsingRefreshToken(options) {
+            var _a, _b;
             const cache = await this.cacheManager.get(new CacheKey({
                 scope: options.authorizationParams.scope,
                 audience: options.authorizationParams.audience || DEFAULT_AUDIENCE,
@@ -8199,16 +8258,16 @@
             const timeout = typeof options.timeoutInSeconds === "number" ? options.timeoutInSeconds * 1e3 : null;
             const scopesToRequest = getScopeToRequest(this.options.useMrrt, options.authorizationParams, cache === null || cache === void 0 ? void 0 : cache.audience, cache === null || cache === void 0 ? void 0 : cache.scope);
             try {
-                const tokenResult = await this._requestToken(_objectSpread2(_objectSpread2({}, options.authorizationParams), {}, {
+                const tokenResult = await this._requestToken(Object.assign(Object.assign(Object.assign({}, options.authorizationParams), {
                     grant_type: "refresh_token",
                     refresh_token: cache && cache.refresh_token,
                     redirect_uri: redirect_uri
-                }, timeout && {
+                }), timeout && {
                     timeout: timeout
                 }), {
                     scopesToRequest: scopesToRequest
                 });
-                if (tokenResult.refresh_token && cache !== null && cache !== void 0 && cache.refresh_token) {
+                if (tokenResult.refresh_token && (cache === null || cache === void 0 ? void 0 : cache.refresh_token)) {
                     await this.cacheManager.updateEntry(cache.refresh_token, tokenResult.refresh_token);
                 }
                 if (this.options.useMrrt) {
@@ -8225,7 +8284,7 @@
                         }
                     }
                 }
-                return _objectSpread2(_objectSpread2({}, tokenResult), {}, {
+                return Object.assign(Object.assign({}, tokenResult), {
                     scope: options.authorizationParams.scope,
                     oauthTokenScope: tokenResult.scope,
                     audience: options.authorizationParams.audience || DEFAULT_AUDIENCE
@@ -8243,14 +8302,13 @@
                     }
                 }
                 if (e instanceof MfaRequiredError) {
-                    var _options$authorizatio6, _options$authorizatio7;
-                    this.mfa.setMFAAuthDetails(e.mfa_token, (_options$authorizatio6 = options.authorizationParams) === null || _options$authorizatio6 === void 0 ? void 0 : _options$authorizatio6.scope, (_options$authorizatio7 = options.authorizationParams) === null || _options$authorizatio7 === void 0 ? void 0 : _options$authorizatio7.audience, e.mfa_requirements);
+                    this.mfa.setMFAAuthDetails(e.mfa_token, (_a = options.authorizationParams) === null || _a === void 0 ? void 0 : _a.scope, (_b = options.authorizationParams) === null || _b === void 0 ? void 0 : _b.audience, e.mfa_requirements);
                 }
                 throw e;
             }
         }
         async _saveEntryInCache(entry) {
-            const {id_token: id_token, decodedToken: decodedToken} = entry, entryWithoutIdToken = _objectWithoutProperties(entry, _excluded6);
+            const {id_token: id_token, decodedToken: decodedToken} = entry, entryWithoutIdToken = __rest(entry, [ "id_token", "decodedToken" ]);
             this.userCache.set(CACHE_KEY_ID_TOKEN_SUFFIX, {
                 id_token: id_token,
                 decodedToken: decodedToken
@@ -8273,8 +8331,8 @@
             this.userCache.set(CACHE_KEY_ID_TOKEN_SUFFIX, cache);
             return cache;
         }
-        async _getEntryFromCache(_ref2) {
-            let {scope: scope, audience: audience, clientId: clientId, cacheMode: cacheMode} = _ref2;
+        async _getEntryFromCache(_ref) {
+            let {scope: scope, audience: audience, clientId: clientId, cacheMode: cacheMode} = _ref;
             const entry = await this.cacheManager.get(new CacheKey({
                 scope: scope,
                 audience: audience,
@@ -8283,20 +8341,21 @@
             if (entry && entry.access_token) {
                 const {token_type: token_type, access_token: access_token, oauthTokenScope: oauthTokenScope, expires_in: expires_in} = entry;
                 const cache = await this._getIdTokenFromCache();
-                return cache && _objectSpread2(_objectSpread2({
+                return cache && Object.assign(Object.assign({
                     id_token: cache.id_token,
                     token_type: token_type ? token_type : "Bearer",
                     access_token: access_token
                 }, oauthTokenScope ? {
                     scope: oauthTokenScope
-                } : null), {}, {
+                } : null), {
                     expires_in: expires_in
                 });
             }
         }
         async _requestToken(options, additionalParameters) {
+            var _a, _b;
             const {nonceIn: nonceIn, organization: organization, scopesToRequest: scopesToRequest} = additionalParameters || {};
-            const authResult = await oauthToken(_objectSpread2(_objectSpread2({
+            const authResult = await oauthToken(Object.assign(Object.assign({
                 baseUrl: this.domainUrl,
                 client_id: this.options.clientId,
                 auth0Client: this.options.auth0Client,
@@ -8304,25 +8363,24 @@
                 timeout: this.httpTimeoutMs,
                 useMrrt: this.options.useMrrt,
                 dpop: this.dpop
-            }, options), {}, {
+            }, options), {
                 scope: scopesToRequest || options.scope
             }), this.worker);
             const decodedToken = await this._verifyIdToken(authResult.id_token, nonceIn, organization);
             if (options.grant_type === "authorization_code") {
-                var _existingIdToken$deco;
                 const existingIdToken = await this._getIdTokenFromCache();
-                if (existingIdToken !== null && existingIdToken !== void 0 && (_existingIdToken$deco = existingIdToken.decodedToken) !== null && _existingIdToken$deco !== void 0 && (_existingIdToken$deco = _existingIdToken$deco.claims) !== null && _existingIdToken$deco !== void 0 && _existingIdToken$deco.sub && existingIdToken.decodedToken.claims.sub !== decodedToken.claims.sub) {
+                if (((_b = (_a = existingIdToken === null || existingIdToken === void 0 ? void 0 : existingIdToken.decodedToken) === null || _a === void 0 ? void 0 : _a.claims) === null || _b === void 0 ? void 0 : _b.sub) && existingIdToken.decodedToken.claims.sub !== decodedToken.claims.sub) {
                     await this.cacheManager.clear(this.options.clientId);
                     this.userCache.remove(CACHE_KEY_ID_TOKEN_SUFFIX);
                 }
             }
-            await this._saveEntryInCache(_objectSpread2(_objectSpread2(_objectSpread2({}, authResult), {}, {
+            await this._saveEntryInCache(Object.assign(Object.assign(Object.assign(Object.assign({}, authResult), {
                 decodedToken: decodedToken,
                 scope: options.scope,
                 audience: options.audience || DEFAULT_AUDIENCE
-            }, authResult.scope ? {
+            }), authResult.scope ? {
                 oauthTokenScope: authResult.scope
-            } : null), {}, {
+            } : null), {
                 client_id: this.options.clientId
             }));
             this.cookieStorage.save(this.isAuthenticatedCookieName, true, {
@@ -8330,12 +8388,12 @@
                 cookieDomain: this.options.cookieDomain
             });
             this._processOrgHint(organization || decodedToken.claims.org_id);
-            return _objectSpread2(_objectSpread2({}, authResult), {}, {
+            return Object.assign(Object.assign({}, authResult), {
                 decodedToken: decodedToken
             });
         }
         async loginWithCustomTokenExchange(options) {
-            return this._requestToken(_objectSpread2(_objectSpread2({}, options), {}, {
+            return this._requestToken(Object.assign(Object.assign({}, options), {
                 grant_type: "urn:ietf:params:oauth:grant-type:token-exchange",
                 subject_token: options.subject_token,
                 subject_token_type: options.subject_token_type,
@@ -8369,10 +8427,10 @@
             return new Fetcher(config, {
                 isDpopEnabled: () => !!this.options.useDpop,
                 getAccessToken: authParams => {
-                    var _authParams$scope;
+                    var _a;
                     return this.getTokenSilently({
                         authorizationParams: {
-                            scope: authParams === null || authParams === void 0 || (_authParams$scope = authParams.scope) === null || _authParams$scope === void 0 ? void 0 : _authParams$scope.join(" "),
+                            scope: (_a = authParams === null || authParams === void 0 ? void 0 : authParams.scope) === null || _a === void 0 ? void 0 : _a.join(" "),
                             audience: authParams === null || authParams === void 0 ? void 0 : authParams.audience
                         },
                         detailedResponse: true
@@ -8408,7 +8466,7 @@
                 redirect_uri: redirectUri,
                 appState: appState,
                 connection: connection,
-                response_type: ResponseType.ConnectCode
+                response_type: exports.ResponseType.ConnectCode
             });
             const url = new URL(connect_uri);
             url.searchParams.set("ticket", connect_params.ticket);
@@ -8419,8 +8477,8 @@
             }
         }
         async _requestTokenForMfa(options, additionalParameters) {
-            const {mfaToken: mfaToken} = options, restOptions = _objectWithoutProperties(options, _excluded7);
-            return this._requestToken(_objectSpread2(_objectSpread2({}, restOptions), {}, {
+            const {mfaToken: mfaToken} = options, restOptions = __rest(options, [ "mfaToken" ]);
+            return this._requestToken(Object.assign(Object.assign({}, restOptions), {
                 mfa_token: mfaToken
             }), additionalParameters);
         }
@@ -8450,7 +8508,6 @@
     exports.PopupCancelledError = PopupCancelledError;
     exports.PopupOpenError = PopupOpenError;
     exports.PopupTimeoutError = PopupTimeoutError;
-    exports.ResponseType = ResponseType;
     exports.TimeoutError = TimeoutError;
     exports.UseDpopNonceError = UseDpopNonceError;
     exports.User = User;