@auth0/auth0-spa-js 2.4.1 → 2.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (42) hide show
  1. package/README.md +1 -1
  2. package/dist/auth0-spa-js.development.js +298 -43
  3. package/dist/auth0-spa-js.development.js.map +1 -1
  4. package/dist/auth0-spa-js.production.esm.js +1 -1
  5. package/dist/auth0-spa-js.production.esm.js.map +1 -1
  6. package/dist/auth0-spa-js.production.js +1 -1
  7. package/dist/auth0-spa-js.production.js.map +1 -1
  8. package/dist/auth0-spa-js.worker.development.js +34 -2
  9. package/dist/auth0-spa-js.worker.development.js.map +1 -1
  10. package/dist/auth0-spa-js.worker.production.js +1 -1
  11. package/dist/auth0-spa-js.worker.production.js.map +1 -1
  12. package/dist/lib/auth0-spa-js.cjs.js +309 -44
  13. package/dist/lib/auth0-spa-js.cjs.js.map +1 -1
  14. package/dist/typings/Auth0Client.d.ts +42 -2
  15. package/dist/typings/Auth0Client.utils.d.ts +32 -0
  16. package/dist/typings/MyAccountApiClient.d.ts +92 -0
  17. package/dist/typings/api.d.ts +1 -1
  18. package/dist/typings/cache/cache-manager.d.ts +18 -1
  19. package/dist/typings/errors.d.ts +10 -0
  20. package/dist/typings/fetcher.d.ts +11 -7
  21. package/dist/typings/global.d.ts +97 -0
  22. package/dist/typings/http.d.ts +2 -2
  23. package/dist/typings/index.d.ts +2 -1
  24. package/dist/typings/transaction-manager.d.ts +15 -4
  25. package/dist/typings/version.d.ts +1 -1
  26. package/dist/typings/worker/worker.types.d.ts +1 -0
  27. package/package.json +1 -1
  28. package/src/Auth0Client.ts +282 -25
  29. package/src/Auth0Client.utils.ts +66 -0
  30. package/src/MyAccountApiClient.ts +158 -0
  31. package/src/api.ts +7 -1
  32. package/src/cache/cache-manager.ts +82 -7
  33. package/src/errors.ts +18 -0
  34. package/src/fetcher.ts +30 -18
  35. package/src/global.ts +112 -4
  36. package/src/http.ts +12 -5
  37. package/src/index.ts +5 -0
  38. package/src/transaction-manager.ts +17 -4
  39. package/src/utils.ts +1 -0
  40. package/src/version.ts +1 -1
  41. package/src/worker/token.worker.ts +60 -9
  42. package/src/worker/worker.types.ts +1 -0
package/README.md CHANGED
@@ -29,7 +29,7 @@ npm install @auth0/auth0-spa-js
29
29
  From the CDN:
30
30
 
31
31
  ```html
32
- <script src="https://cdn.auth0.com/js/auth0-spa-js/2.4/auth0-spa-js.production.js"></script>
32
+ <script src="https://cdn.auth0.com/js/auth0-spa-js/2.6/auth0-spa-js.production.js"></script>
33
33
  ```
34
34
 
35
35
  ### Configure Auth0
package/dist/auth0-spa-js.development.js CHANGED
@@ -540,7 +540,7 @@
540
540
  exports.default = SuperTokensLock;
541
541
  }));
542
542
  var Lock = unwrapExports(browserTabsLock);
543
- var version = "2.4.1";
543
+ var version = "2.6.0";
544
544
  const DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS = 60;
545
545
  const DEFAULT_POPUP_CONFIG_OPTIONS = {
546
546
  timeoutInSeconds: DEFAULT_AUTHORIZE_TIMEOUT_IN_SECONDS
@@ -577,6 +577,15 @@
577
577
  Object.setPrototypeOf(this, AuthenticationError.prototype);
578
578
  }
579
579
  }
580
+ class ConnectError extends GenericError {
581
+ constructor(error, error_description, connection, state, appState = null) {
582
+ super(error, error_description);
583
+ this.connection = connection;
584
+ this.state = state;
585
+ this.appState = appState;
586
+ Object.setPrototypeOf(this, ConnectError.prototype);
587
+ }
588
+ }
580
589
  class TimeoutError extends GenericError {
581
590
  constructor() {
582
591
  super("timeout", "Timeout");
@@ -630,6 +639,7 @@
630
639
  return {
631
640
  state: searchParams.get("state"),
632
641
  code: searchParams.get("code") || undefined,
642
+ connect_code: searchParams.get("connect_code") || undefined,
633
643
  error: searchParams.get("error") || undefined,
634
644
  error_description: searchParams.get("error_description") || undefined
635
645
  };
@@ -1114,7 +1124,7 @@
1114
1124
  clearTimeout(timeoutId);
1115
1125
  }));
1116
1126
  };
1117
- const fetchWithWorker = async (fetchUrl, audience, scope, fetchOptions, timeout, worker, useFormData) => sendMessage({
1127
+ const fetchWithWorker = async (fetchUrl, audience, scope, fetchOptions, timeout, worker, useFormData, useMrrt) => sendMessage({
1118
1128
  auth: {
1119
1129
  audience: audience,
1120
1130
  scope: scope
@@ -1122,16 +1132,17 @@
1122
1132
  timeout: timeout,
1123
1133
  fetchUrl: fetchUrl,
1124
1134
  fetchOptions: fetchOptions,
1125
- useFormData: useFormData
1135
+ useFormData: useFormData,
1136
+ useMrrt: useMrrt
1126
1137
  }, worker);
1127
- const switchFetch = async (fetchUrl, audience, scope, fetchOptions, worker, useFormData, timeout = DEFAULT_FETCH_TIMEOUT_MS) => {
1138
+ const switchFetch = async (fetchUrl, audience, scope, fetchOptions, worker, useFormData, timeout = DEFAULT_FETCH_TIMEOUT_MS, useMrrt) => {
1128
1139
  if (worker) {
1129
- return fetchWithWorker(fetchUrl, audience, scope, fetchOptions, timeout, worker, useFormData);
1140
+ return fetchWithWorker(fetchUrl, audience, scope, fetchOptions, timeout, worker, useFormData, useMrrt);
1130
1141
  } else {
1131
1142
  return fetchWithoutWorker(fetchUrl, fetchOptions, timeout);
1132
1143
  }
1133
1144
  };
1134
- async function getJSON(url, timeout, audience, scope, options, worker, useFormData, dpop, isDpopRetry) {
1145
+ async function getJSON(url, timeout, audience, scope, options, worker, useFormData, useMrrt, dpop, isDpopRetry) {
1135
1146
  if (dpop) {
1136
1147
  const dpopProof = await dpop.generateProof({
1137
1148
  url: url,
@@ -1146,7 +1157,7 @@
1146
1157
  let response;
1147
1158
  for (let i = 0; i < DEFAULT_SILENT_TOKEN_RETRY_COUNT; i++) {
1148
1159
  try {
1149
- response = await switchFetch(url, audience, scope, options, worker, useFormData, timeout);
1160
+ response = await switchFetch(url, audience, scope, options, worker, useFormData, timeout, useMrrt);
1150
1161
  fetchError = null;
1151
1162
  break;
1152
1163
  } catch (e) {
@@ -1176,19 +1187,23 @@
1176
1187
  if (!dpop || !newDpopNonce || isDpopRetry) {
1177
1188
  throw new UseDpopNonceError(newDpopNonce);
1178
1189
  }
1179
- return getJSON(url, timeout, audience, scope, options, worker, useFormData, dpop, true);
1190
+ return getJSON(url, timeout, audience, scope, options, worker, useFormData, useMrrt, dpop, true);
1180
1191
  }
1181
1192
  throw new GenericError(error || "request_error", errorMessage);
1182
1193
  }
1183
1194
  return data;
1184
1195
  }
1185
1196
  async function oauthToken(_a, worker) {
1186
- var {baseUrl: baseUrl, timeout: timeout, audience: audience, scope: scope, auth0Client: auth0Client, useFormData: useFormData, dpop: dpop} = _a, options = __rest(_a, [ "baseUrl", "timeout", "audience", "scope", "auth0Client", "useFormData", "dpop" ]);
1197
+ var {baseUrl: baseUrl, timeout: timeout, audience: audience, scope: scope, auth0Client: auth0Client, useFormData: useFormData, useMrrt: useMrrt, dpop: dpop} = _a, options = __rest(_a, [ "baseUrl", "timeout", "audience", "scope", "auth0Client", "useFormData", "useMrrt", "dpop" ]);
1187
1198
  const isTokenExchange = options.grant_type === "urn:ietf:params:oauth:grant-type:token-exchange";
1188
- const allParams = Object.assign(Object.assign(Object.assign({}, options), isTokenExchange && audience && {
1199
+ const refreshWithMrrt = options.grant_type === "refresh_token" && useMrrt;
1200
+ const allParams = Object.assign(Object.assign(Object.assign(Object.assign({}, options), isTokenExchange && audience && {
1189
1201
  audience: audience
1190
1202
  }), isTokenExchange && scope && {
1191
1203
  scope: scope
1204
+ }), refreshWithMrrt && {
1205
+ audience: audience,
1206
+ scope: scope
1192
1207
  });
1193
1208
  const body = useFormData ? createQueryParams(allParams) : JSON.stringify(allParams);
1194
1209
  const isDpopSupported = isGrantTypeSupported(options.grant_type);
@@ -1199,7 +1214,7 @@
1199
1214
  "Content-Type": useFormData ? "application/x-www-form-urlencoded" : "application/json",
1200
1215
  "Auth0-Client": btoa(JSON.stringify(auth0Client || DEFAULT_AUTH0_CLIENT))
1201
1216
  }
1202
- }, worker, useFormData, isDpopSupported ? dpop : undefined);
1217
+ }, worker, useFormData, useMrrt, isDpopSupported ? dpop : undefined);
1203
1218
  }
1204
1219
  const dedupe = arr => Array.from(new Set(arr));
1205
1220
  const getUniqueScopes = (...scopes) => dedupe(scopes.filter(Boolean).join(" ").trim().split(/\s+/)).join(" ");
@@ -1318,7 +1333,7 @@
1318
1333
  decodedToken: entry.decodedToken
1319
1334
  };
1320
1335
  }
1321
- async get(cacheKey, expiryAdjustmentSeconds = DEFAULT_EXPIRY_ADJUSTMENT_SECONDS) {
1336
+ async get(cacheKey, expiryAdjustmentSeconds = DEFAULT_EXPIRY_ADJUSTMENT_SECONDS, useMrrt = false, cacheMode) {
1322
1337
  var _a;
1323
1338
  let wrappedEntry = await this.cache.get(cacheKey.toKey());
1324
1339
  if (!wrappedEntry) {
@@ -1328,6 +1343,9 @@
1328
1343
  if (matchedKey) {
1329
1344
  wrappedEntry = await this.cache.get(matchedKey);
1330
1345
  }
1346
+ if (!matchedKey && useMrrt && cacheMode !== "cache-only") {
1347
+ return this.getEntryWithRefreshToken(cacheKey, keys);
1348
+ }
1331
1349
  }
1332
1350
  if (!wrappedEntry) {
1333
1351
  return;
@@ -1336,11 +1354,7 @@
1336
1354
  const nowSeconds = Math.floor(now / 1e3);
1337
1355
  if (wrappedEntry.expiresAt - expiryAdjustmentSeconds < nowSeconds) {
1338
1356
  if (wrappedEntry.body.refresh_token) {
1339
- wrappedEntry.body = {
1340
- refresh_token: wrappedEntry.body.refresh_token
1341
- };
1342
- await this.cache.set(cacheKey.toKey(), wrappedEntry);
1343
- return wrappedEntry.body;
1357
+ return this.modifiedCachedEntry(wrappedEntry, cacheKey);
1344
1358
  }
1345
1359
  await this.cache.remove(cacheKey.toKey());
1346
1360
  await ((_a = this.keyManifest) === null || _a === void 0 ? void 0 : _a.remove(cacheKey.toKey()));
@@ -1348,6 +1362,19 @@
1348
1362
  }
1349
1363
  return wrappedEntry.body;
1350
1364
  }
1365
+ async modifiedCachedEntry(wrappedEntry, cacheKey) {
1366
+ wrappedEntry.body = {
1367
+ refresh_token: wrappedEntry.body.refresh_token,
1368
+ audience: wrappedEntry.body.audience,
1369
+ scope: wrappedEntry.body.scope
1370
+ };
1371
+ await this.cache.set(cacheKey.toKey(), wrappedEntry);
1372
+ return {
1373
+ refresh_token: wrappedEntry.body.refresh_token,
1374
+ audience: wrappedEntry.body.audience,
1375
+ scope: wrappedEntry.body.scope
1376
+ };
1377
+ }
1351
1378
  async set(entry) {
1352
1379
  var _a;
1353
1380
  const cacheKey = new CacheKey({
@@ -1400,6 +1427,33 @@
1400
1427
  return cacheKey.prefix === CACHE_KEY_PREFIX && cacheKey.clientId === keyToMatch.clientId && cacheKey.audience === keyToMatch.audience && hasAllScopes;
1401
1428
  }))[0];
1402
1429
  }
1430
+ async getEntryWithRefreshToken(keyToMatch, allKeys) {
1431
+ var _a;
1432
+ for (const key of allKeys) {
1433
+ const cacheKey = CacheKey.fromKey(key);
1434
+ if (cacheKey.prefix === CACHE_KEY_PREFIX && cacheKey.clientId === keyToMatch.clientId) {
1435
+ const cachedEntry = await this.cache.get(key);
1436
+ if ((_a = cachedEntry === null || cachedEntry === void 0 ? void 0 : cachedEntry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) {
1437
+ return this.modifiedCachedEntry(cachedEntry, keyToMatch);
1438
+ }
1439
+ }
1440
+ }
1441
+ return undefined;
1442
+ }
1443
+ async updateEntry(oldRefreshToken, newRefreshToken) {
1444
+ var _a;
1445
+ const allKeys = await this.getCacheKeys();
1446
+ if (!allKeys) return;
1447
+ for (const key of allKeys) {
1448
+ const entry = await this.cache.get(key);
1449
+ if (((_a = entry === null || entry === void 0 ? void 0 : entry.body) === null || _a === void 0 ? void 0 : _a.refresh_token) === oldRefreshToken) {
1450
+ const cacheEntry = Object.assign(Object.assign({}, entry.body), {
1451
+ refresh_token: newRefreshToken
1452
+ });
1453
+ await this.set(cacheEntry);
1454
+ }
1455
+ }
1456
+ }
1403
1457
  }
1404
1458
  const TRANSACTION_STORAGE_KEY_PREFIX = "a0.spajs.txs";
1405
1459
  class TransactionManager {
@@ -1712,6 +1766,12 @@
1712
1766
  sessionStorage.removeItem(key);
1713
1767
  }
1714
1768
  };
1769
+ exports.ResponseType = void 0;
1770
+ (function(ResponseType) {
1771
+ ResponseType["Code"] = "code";
1772
+ ResponseType["ConnectCode"] = "connect_code";
1773
+ })(exports.ResponseType || (exports.ResponseType = {}));
1774
+ class User {}
1715
1775
  function decodeBase64(base64, enableUnicode) {
1716
1776
  var binaryString = atob(base64);
1717
1777
  if (enableUnicode) {
@@ -1741,7 +1801,7 @@
1741
1801
  return new Worker(url, options);
1742
1802
  };
1743
1803
  }
1744
- var WorkerFactory = createBase64WorkerFactory("Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwooZnVuY3Rpb24oKSB7CiAgICAidXNlIHN0cmljdCI7CiAgICBjbGFzcyBHZW5lcmljRXJyb3IgZXh0ZW5kcyBFcnJvciB7CiAgICAgICAgY29uc3RydWN0b3IoZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uKSB7CiAgICAgICAgICAgIHN1cGVyKGVycm9yX2Rlc2NyaXB0aW9uKTsKICAgICAgICAgICAgdGhpcy5lcnJvciA9IGVycm9yOwogICAgICAgICAgICB0aGlzLmVycm9yX2Rlc2NyaXB0aW9uID0gZXJyb3JfZGVzY3JpcHRpb247CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBHZW5lcmljRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICAgICAgc3RhdGljIGZyb21QYXlsb2FkKHtlcnJvcjogZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uOiBlcnJvcl9kZXNjcmlwdGlvbn0pIHsKICAgICAgICAgICAgcmV0dXJuIG5ldyBHZW5lcmljRXJyb3IoZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uKTsKICAgICAgICB9CiAgICB9CiAgICBjbGFzcyBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IgZXh0ZW5kcyBHZW5lcmljRXJyb3IgewogICAgICAgIGNvbnN0cnVjdG9yKGF1ZGllbmNlLCBzY29wZSkgewogICAgICAgICAgICBzdXBlcigibWlzc2luZ19yZWZyZXNoX3Rva2VuIiwgYE1pc3NpbmcgUmVmcmVzaCBUb2tlbiAoYXVkaWVuY2U6ICcke3ZhbHVlT3JFbXB0eVN0cmluZyhhdWRpZW5jZSwgWyAiZGVmYXVsdCIgXSl9Jywgc2NvcGU6ICcke3ZhbHVlT3JFbXB0eVN0cmluZyhzY29wZSl9JylgKTsKICAgICAgICAgICAgdGhpcy5hdWRpZW5jZSA9IGF1ZGllbmNlOwogICAgICAgICAgICB0aGlzLnNjb3BlID0gc2NvcGU7CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICB9CiAgICBmdW5jdGlvbiB2YWx1ZU9yRW1wdHlTdHJpbmcodmFsdWUsIGV4Y2x1ZGUgPSBbXSkgewogICAgICAgIHJldHVybiB2YWx1ZSAmJiAhZXhjbHVkZS5pbmNsdWRlcyh2YWx1ZSkgPyB2YWx1ZSA6ICIiOwogICAgfQogICAgZnVuY3Rpb24gX19yZXN0KHMsIGUpIHsKICAgICAgICB2YXIgdCA9IHt9OwogICAgICAgIGZvciAodmFyIHAgaW4gcykgaWYgKE9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChzLCBwKSAmJiBlLmluZGV4T2YocCkgPCAwKSB0W3BdID0gc1twXTsKICAgICAgICBpZiAocyAhPSBudWxsICYmIHR5cGVvZiBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzID09PSAiZnVuY3Rpb24iKSBmb3IgKHZhciBpID0gMCwgcCA9IE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMocyk7IGkgPCBwLmxlbmd0aDsgaSsrKSB7CiAgICAgICAgICAgIGlmIChlLmluZGV4T2YocFtpXSkgPCAwICYmIE9iamVjdC5wcm90b3R5cGUucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChzLCBwW2ldKSkgdFtwW2ldXSA9IHNbcFtpXV07CiAgICAgICAgfQogICAgICAgIHJldHVybiB0OwogICAgfQogICAgdHlwZW9mIFN1cHByZXNzZWRFcnJvciA9PT0gImZ1bmN0aW9uIiA/IFN1cHByZXNzZWRFcnJvciA6IGZ1bmN0aW9uKGVycm9yLCBzdXBwcmVzc2VkLCBtZXNzYWdlKSB7CiAgICAgICAgdmFyIGUgPSBuZXcgRXJyb3IobWVzc2FnZSk7CiAgICAgICAgcmV0dXJuIGUubmFtZSA9ICJTdXBwcmVzc2VkRXJyb3IiLCBlLmVycm9yID0gZXJyb3IsIGUuc3VwcHJlc3NlZCA9IHN1cHByZXNzZWQsIGU7CiAgICB9OwogICAgY29uc3Qgc3RyaXBVbmRlZmluZWQgPSBwYXJhbXMgPT4gT2JqZWN0LmtleXMocGFyYW1zKS5maWx0ZXIoKGsgPT4gdHlwZW9mIHBhcmFtc1trXSAhPT0gInVuZGVmaW5lZCIpKS5yZWR1Y2UoKChhY2MsIGtleSkgPT4gT2JqZWN0LmFzc2lnbihPYmplY3QuYXNzaWduKHt9LCBhY2MpLCB7CiAgICAgICAgW2tleV06IHBhcmFtc1trZXldCiAgICB9KSksIHt9KTsKICAgIGNvbnN0IGNyZWF0ZVF1ZXJ5UGFyYW1zID0gX2EgPT4gewogICAgICAgIHZhciB7Y2xpZW50SWQ6IGNsaWVudF9pZH0gPSBfYSwgcGFyYW1zID0gX19yZXN0KF9hLCBbICJjbGllbnRJZCIgXSk7CiAgICAgICAgcmV0dXJuIG5ldyBVUkxTZWFyY2hQYXJhbXMoc3RyaXBVbmRlZmluZWQoT2JqZWN0LmFzc2lnbih7CiAgICAgICAgICAgIGNsaWVudF9pZDogY2xpZW50X2lkCiAgICAgICAgfSwgcGFyYW1zKSkpLnRvU3RyaW5nKCk7CiAgICB9OwogICAgY29uc3QgZnJvbUVudHJpZXMgPSBpdGVyYWJsZSA9PiBbIC4uLml0ZXJhYmxlIF0ucmVkdWNlKCgob2JqLCBba2V5LCB2YWxdKSA9PiB7CiAgICAgICAgb2JqW2tleV0gPSB2YWw7CiAgICAgICAgcmV0dXJuIG9iajsKICAgIH0pLCB7fSk7CiAgICBsZXQgcmVmcmVzaFRva2VucyA9IHt9OwogICAgY29uc3QgY2FjaGVLZXkgPSAoYXVkaWVuY2UsIHNjb3BlKSA9PiBgJHthdWRpZW5jZX18JHtzY29wZX1gOwogICAgY29uc3QgZ2V0UmVmcmVzaFRva2VuID0gKGF1ZGllbmNlLCBzY29wZSkgPT4gcmVmcmVzaFRva2Vuc1tjYWNoZUtleShhdWRpZW5jZSwgc2NvcGUpXTsKICAgIGNvbnN0IHNldFJlZnJlc2hUb2tlbiA9IChyZWZyZXNoVG9rZW4sIGF1ZGllbmNlLCBzY29wZSkgPT4gcmVmcmVzaFRva2Vuc1tjYWNoZUtleShhdWRpZW5jZSwgc2NvcGUpXSA9IHJlZnJlc2hUb2tlbjsKICAgIGNvbnN0IGRlbGV0ZVJlZnJlc2hUb2tlbiA9IChhdWRpZW5jZSwgc2NvcGUpID0+IGRlbGV0ZSByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldOwogICAgY29uc3Qgd2FpdCA9IHRpbWUgPT4gbmV3IFByb21pc2UoKHJlc29sdmUgPT4gc2V0VGltZW91dChyZXNvbHZlLCB0aW1lKSkpOwogICAgY29uc3QgZm9ybURhdGFUb09iamVjdCA9IGZvcm1EYXRhID0+IHsKICAgICAgICBjb25zdCBxdWVyeVBhcmFtcyA9IG5ldyBVUkxTZWFyY2hQYXJhbXMoZm9ybURhdGEpOwogICAgICAgIGNvbnN0IHBhcnNlZFF1ZXJ5ID0ge307CiAgICAgICAgcXVlcnlQYXJhbXMuZm9yRWFjaCgoKHZhbCwga2V5KSA9PiB7CiAgICAgICAgICAgIHBhcnNlZFF1ZXJ5W2tleV0gPSB2YWw7CiAgICAgICAgfSkpOwogICAgICAgIHJldHVybiBwYXJzZWRRdWVyeTsKICAgIH07CiAgICBjb25zdCBtZXNzYWdlSGFuZGxlciA9IGFzeW5jICh7ZGF0YToge3RpbWVvdXQ6IHRpbWVvdXQsIGF1dGg6IGF1dGgsIGZldGNoVXJsOiBmZXRjaFVybCwgZmV0Y2hPcHRpb25zOiBmZXRjaE9wdGlvbnMsIHVzZUZvcm1EYXRhOiB1c2VGb3JtRGF0YX0sIHBvcnRzOiBbcG9ydF19KSA9PiB7CiAgICAgICAgbGV0IGhlYWRlcnMgPSB7fTsKICAgICAgICBsZXQganNvbjsKICAgICAgICBjb25zdCB7YXVkaWVuY2U6IGF1ZGllbmNlLCBzY29wZTogc2NvcGV9ID0gYXV0aCB8fCB7fTsKICAgICAgICB0cnkgewogICAgICAgICAgICBjb25zdCBib2R5ID0gdXNlRm9ybURhdGEgPyBmb3JtRGF0YVRvT2JqZWN0KGZldGNoT3B0aW9ucy5ib2R5KSA6IEpTT04ucGFyc2UoZmV0Y2hPcHRpb25zLmJvZHkpOwogICAgICAgICAgICBpZiAoIWJvZHkucmVmcmVzaF90b2tlbiAmJiBib2R5LmdyYW50X3R5cGUgPT09ICJyZWZyZXNoX3Rva2VuIikgewogICAgICAgICAgICAgICAgY29uc3QgcmVmcmVzaFRva2VuID0gZ2V0UmVmcmVzaFRva2VuKGF1ZGllbmNlLCBzY29wZSk7CiAgICAgICAgICAgICAgICBpZiAoIXJlZnJlc2hUb2tlbikgewogICAgICAgICAgICAgICAgICAgIHRocm93IG5ldyBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IoYXVkaWVuY2UsIHNjb3BlKTsKICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIGZldGNoT3B0aW9ucy5ib2R5ID0gdXNlRm9ybURhdGEgPyBjcmVhdGVRdWVyeVBhcmFtcyhPYmplY3QuYXNzaWduKE9iamVjdC5hc3NpZ24oe30sIGJvZHkpLCB7CiAgICAgICAgICAgICAgICAgICAgcmVmcmVzaF90b2tlbjogcmVmcmVzaFRva2VuCiAgICAgICAgICAgICAgICB9KSkgOiBKU09OLnN0cmluZ2lmeShPYmplY3QuYXNzaWduKE9iamVjdC5hc3NpZ24oe30sIGJvZHkpLCB7CiAgICAgICAgICAgICAgICAgICAgcmVmcmVzaF90b2tlbjogcmVmcmVzaFRva2VuCiAgICAgICAgICAgICAgICB9KSk7CiAgICAgICAgICAgIH0KICAgICAgICAgICAgbGV0IGFib3J0Q29udHJvbGxlcjsKICAgICAgICAgICAgaWYgKHR5cGVvZiBBYm9ydENvbnRyb2xsZXIgPT09ICJmdW5jdGlvbiIpIHsKICAgICAgICAgICAgICAgIGFib3J0Q29udHJvbGxlciA9IG5ldyBBYm9ydENvbnRyb2xsZXI7CiAgICAgICAgICAgICAgICBmZXRjaE9wdGlvbnMuc2lnbmFsID0gYWJvcnRDb250cm9sbGVyLnNpZ25hbDsKICAgICAgICAgICAgfQogICAgICAgICAgICBsZXQgcmVzcG9uc2U7CiAgICAgICAgICAgIHRyeSB7CiAgICAgICAgICAgICAgICByZXNwb25zZSA9IGF3YWl0IFByb21pc2UucmFjZShbIHdhaXQodGltZW91dCksIGZldGNoKGZldGNoVXJsLCBPYmplY3QuYXNzaWduKHt9LCBmZXRjaE9wdGlvbnMpKSBdKTsKICAgICAgICAgICAgfSBjYXRjaCAoZXJyb3IpIHsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIGVycm9yOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgfQogICAgICAgICAgICBpZiAoIXJlc3BvbnNlKSB7CiAgICAgICAgICAgICAgICBpZiAoYWJvcnRDb250cm9sbGVyKSBhYm9ydENvbnRyb2xsZXIuYWJvcnQoKTsKICAgICAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgICAgIGVycm9yOiAiVGltZW91dCB3aGVuIGV4ZWN1dGluZyAnZmV0Y2gnIgogICAgICAgICAgICAgICAgfSk7CiAgICAgICAgICAgICAgICByZXR1cm47CiAgICAgICAgICAgIH0KICAgICAgICAgICAgaGVhZGVycyA9IGZyb21FbnRyaWVzKHJlc3BvbnNlLmhlYWRlcnMpOwogICAgICAgICAgICBqc29uID0gYXdhaXQgcmVzcG9uc2UuanNvbigpOwogICAgICAgICAgICBpZiAoanNvbi5yZWZyZXNoX3Rva2VuKSB7CiAgICAgICAgICAgICAgICBzZXRSZWZyZXNoVG9rZW4oanNvbi5yZWZyZXNoX3Rva2VuLCBhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgZGVsZXRlIGpzb24ucmVmcmVzaF90b2tlbjsKICAgICAgICAgICAgfSBlbHNlIHsKICAgICAgICAgICAgICAgIGRlbGV0ZVJlZnJlc2hUb2tlbihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICB9CiAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgb2s6IHJlc3BvbnNlLm9rLAogICAgICAgICAgICAgICAganNvbjoganNvbiwKICAgICAgICAgICAgICAgIGhlYWRlcnM6IGhlYWRlcnMKICAgICAgICAgICAgfSk7CiAgICAgICAgfSBjYXRjaCAoZXJyb3IpIHsKICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICBvazogZmFsc2UsCiAgICAgICAgICAgICAgICBqc29uOiB7CiAgICAgICAgICAgICAgICAgICAgZXJyb3I6IGVycm9yLmVycm9yLAogICAgICAgICAgICAgICAgICAgIGVycm9yX2Rlc2NyaXB0aW9uOiBlcnJvci5tZXNzYWdlCiAgICAgICAgICAgICAgICB9LAogICAgICAgICAgICAgICAgaGVhZGVyczogaGVhZGVycwogICAgICAgICAgICB9KTsKICAgICAgICB9CiAgICB9OwogICAgewogICAgICAgIGFkZEV2ZW50TGlzdGVuZXIoIm1lc3NhZ2UiLCBtZXNzYWdlSGFuZGxlcik7CiAgICB9Cn0pKCk7Cgo=", null, false);
1804
+ var WorkerFactory = createBase64WorkerFactory("Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwooZnVuY3Rpb24oKSB7CiAgICAidXNlIHN0cmljdCI7CiAgICBjbGFzcyBHZW5lcmljRXJyb3IgZXh0ZW5kcyBFcnJvciB7CiAgICAgICAgY29uc3RydWN0b3IoZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uKSB7CiAgICAgICAgICAgIHN1cGVyKGVycm9yX2Rlc2NyaXB0aW9uKTsKICAgICAgICAgICAgdGhpcy5lcnJvciA9IGVycm9yOwogICAgICAgICAgICB0aGlzLmVycm9yX2Rlc2NyaXB0aW9uID0gZXJyb3JfZGVzY3JpcHRpb247CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBHZW5lcmljRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICAgICAgc3RhdGljIGZyb21QYXlsb2FkKHtlcnJvcjogZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uOiBlcnJvcl9kZXNjcmlwdGlvbn0pIHsKICAgICAgICAgICAgcmV0dXJuIG5ldyBHZW5lcmljRXJyb3IoZXJyb3IsIGVycm9yX2Rlc2NyaXB0aW9uKTsKICAgICAgICB9CiAgICB9CiAgICBjbGFzcyBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IgZXh0ZW5kcyBHZW5lcmljRXJyb3IgewogICAgICAgIGNvbnN0cnVjdG9yKGF1ZGllbmNlLCBzY29wZSkgewogICAgICAgICAgICBzdXBlcigibWlzc2luZ19yZWZyZXNoX3Rva2VuIiwgYE1pc3NpbmcgUmVmcmVzaCBUb2tlbiAoYXVkaWVuY2U6ICcke3ZhbHVlT3JFbXB0eVN0cmluZyhhdWRpZW5jZSwgWyAiZGVmYXVsdCIgXSl9Jywgc2NvcGU6ICcke3ZhbHVlT3JFbXB0eVN0cmluZyhzY29wZSl9JylgKTsKICAgICAgICAgICAgdGhpcy5hdWRpZW5jZSA9IGF1ZGllbmNlOwogICAgICAgICAgICB0aGlzLnNjb3BlID0gc2NvcGU7CiAgICAgICAgICAgIE9iamVjdC5zZXRQcm90b3R5cGVPZih0aGlzLCBNaXNzaW5nUmVmcmVzaFRva2VuRXJyb3IucHJvdG90eXBlKTsKICAgICAgICB9CiAgICB9CiAgICBmdW5jdGlvbiB2YWx1ZU9yRW1wdHlTdHJpbmcodmFsdWUsIGV4Y2x1ZGUgPSBbXSkgewogICAgICAgIHJldHVybiB2YWx1ZSAmJiAhZXhjbHVkZS5pbmNsdWRlcyh2YWx1ZSkgPyB2YWx1ZSA6ICIiOwogICAgfQogICAgZnVuY3Rpb24gX19yZXN0KHMsIGUpIHsKICAgICAgICB2YXIgdCA9IHt9OwogICAgICAgIGZvciAodmFyIHAgaW4gcykgaWYgKE9iamVjdC5wcm90b3R5cGUuaGFzT3duUHJvcGVydHkuY2FsbChzLCBwKSAmJiBlLmluZGV4T2YocCkgPCAwKSB0W3BdID0gc1twXTsKICAgICAgICBpZiAocyAhPSBudWxsICYmIHR5cGVvZiBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzID09PSAiZnVuY3Rpb24iKSBmb3IgKHZhciBpID0gMCwgcCA9IE9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMocyk7IGkgPCBwLmxlbmd0aDsgaSsrKSB7CiAgICAgICAgICAgIGlmIChlLmluZGV4T2YocFtpXSkgPCAwICYmIE9iamVjdC5wcm90b3R5cGUucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChzLCBwW2ldKSkgdFtwW2ldXSA9IHNbcFtpXV07CiAgICAgICAgfQogICAgICAgIHJldHVybiB0OwogICAgfQogICAgdHlwZW9mIFN1cHByZXNzZWRFcnJvciA9PT0gImZ1bmN0aW9uIiA/IFN1cHByZXNzZWRFcnJvciA6IGZ1bmN0aW9uKGVycm9yLCBzdXBwcmVzc2VkLCBtZXNzYWdlKSB7CiAgICAgICAgdmFyIGUgPSBuZXcgRXJyb3IobWVzc2FnZSk7CiAgICAgICAgcmV0dXJuIGUubmFtZSA9ICJTdXBwcmVzc2VkRXJyb3IiLCBlLmVycm9yID0gZXJyb3IsIGUuc3VwcHJlc3NlZCA9IHN1cHByZXNzZWQsIGU7CiAgICB9OwogICAgY29uc3Qgc3RyaXBVbmRlZmluZWQgPSBwYXJhbXMgPT4gT2JqZWN0LmtleXMocGFyYW1zKS5maWx0ZXIoKGsgPT4gdHlwZW9mIHBhcmFtc1trXSAhPT0gInVuZGVmaW5lZCIpKS5yZWR1Y2UoKChhY2MsIGtleSkgPT4gT2JqZWN0LmFzc2lnbihPYmplY3QuYXNzaWduKHt9LCBhY2MpLCB7CiAgICAgICAgW2tleV06IHBhcmFtc1trZXldCiAgICB9KSksIHt9KTsKICAgIGNvbnN0IGNyZWF0ZVF1ZXJ5UGFyYW1zID0gX2EgPT4gewogICAgICAgIHZhciB7Y2xpZW50SWQ6IGNsaWVudF9pZH0gPSBfYSwgcGFyYW1zID0gX19yZXN0KF9hLCBbICJjbGllbnRJZCIgXSk7CiAgICAgICAgcmV0dXJuIG5ldyBVUkxTZWFyY2hQYXJhbXMoc3RyaXBVbmRlZmluZWQoT2JqZWN0LmFzc2lnbih7CiAgICAgICAgICAgIGNsaWVudF9pZDogY2xpZW50X2lkCiAgICAgICAgfSwgcGFyYW1zKSkpLnRvU3RyaW5nKCk7CiAgICB9OwogICAgY29uc3QgZnJvbUVudHJpZXMgPSBpdGVyYWJsZSA9PiBbIC4uLml0ZXJhYmxlIF0ucmVkdWNlKCgob2JqLCBba2V5LCB2YWxdKSA9PiB7CiAgICAgICAgb2JqW2tleV0gPSB2YWw7CiAgICAgICAgcmV0dXJuIG9iajsKICAgIH0pLCB7fSk7CiAgICBsZXQgcmVmcmVzaFRva2VucyA9IHt9OwogICAgY29uc3QgY2FjaGVLZXkgPSAoYXVkaWVuY2UsIHNjb3BlKSA9PiBgJHthdWRpZW5jZX18JHtzY29wZX1gOwogICAgY29uc3QgY2FjaGVLZXlDb250YWluc0F1ZGllbmNlID0gKGF1ZGllbmNlLCBjYWNoZUtleSkgPT4gY2FjaGVLZXkuc3RhcnRzV2l0aChgJHthdWRpZW5jZX18YCk7CiAgICBjb25zdCBnZXRSZWZyZXNoVG9rZW4gPSAoYXVkaWVuY2UsIHNjb3BlKSA9PiByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldOwogICAgY29uc3Qgc2V0UmVmcmVzaFRva2VuID0gKHJlZnJlc2hUb2tlbiwgYXVkaWVuY2UsIHNjb3BlKSA9PiByZWZyZXNoVG9rZW5zW2NhY2hlS2V5KGF1ZGllbmNlLCBzY29wZSldID0gcmVmcmVzaFRva2VuOwogICAgY29uc3QgZGVsZXRlUmVmcmVzaFRva2VuID0gKGF1ZGllbmNlLCBzY29wZSkgPT4gZGVsZXRlIHJlZnJlc2hUb2tlbnNbY2FjaGVLZXkoYXVkaWVuY2UsIHNjb3BlKV07CiAgICBjb25zdCB3YWl0ID0gdGltZSA9PiBuZXcgUHJvbWlzZSgocmVzb2x2ZSA9PiBzZXRUaW1lb3V0KHJlc29sdmUsIHRpbWUpKSk7CiAgICBjb25zdCBmb3JtRGF0YVRvT2JqZWN0ID0gZm9ybURhdGEgPT4gewogICAgICAgIGNvbnN0IHF1ZXJ5UGFyYW1zID0gbmV3IFVSTFNlYXJjaFBhcmFtcyhmb3JtRGF0YSk7CiAgICAgICAgY29uc3QgcGFyc2VkUXVlcnkgPSB7fTsKICAgICAgICBxdWVyeVBhcmFtcy5mb3JFYWNoKCgodmFsLCBrZXkpID0+IHsKICAgICAgICAgICAgcGFyc2VkUXVlcnlba2V5XSA9IHZhbDsKICAgICAgICB9KSk7CiAgICAgICAgcmV0dXJuIHBhcnNlZFF1ZXJ5OwogICAgfTsKICAgIGNvbnN0IHVwZGF0ZVJlZnJlc2hUb2tlbnMgPSAob2xkUmVmcmVzaFRva2VuLCBuZXdSZWZyZXNoVG9rZW4pID0+IHsKICAgICAgICBPYmplY3QuZW50cmllcyhyZWZyZXNoVG9rZW5zKS5mb3JFYWNoKCgoW2tleSwgdG9rZW5dKSA9PiB7CiAgICAgICAgICAgIGlmICh0b2tlbiA9PT0gb2xkUmVmcmVzaFRva2VuKSB7CiAgICAgICAgICAgICAgICByZWZyZXNoVG9rZW5zW2tleV0gPSBuZXdSZWZyZXNoVG9rZW47CiAgICAgICAgICAgIH0KICAgICAgICB9KSk7CiAgICB9OwogICAgY29uc3QgY2hlY2tEb3duc2NvcGluZyA9IChzY29wZSwgYXVkaWVuY2UpID0+IHsKICAgICAgICBjb25zdCBmaW5kQ29pbmNpZGVuY2UgPSBPYmplY3Qua2V5cyhyZWZyZXNoVG9rZW5zKS5maW5kKChrZXkgPT4gewogICAgICAgICAgICBpZiAoa2V5ICE9PSAibGF0ZXN0X3JlZnJlc2hfdG9rZW4iKSB7CiAgICAgICAgICAgICAgICBjb25zdCBpc1NhbWVBdWRpZW5jZSA9IGNhY2hlS2V5Q29udGFpbnNBdWRpZW5jZShhdWRpZW5jZSwga2V5KTsKICAgICAgICAgICAgICAgIGNvbnN0IHNjb3Blc0tleSA9IGtleS5zcGxpdCgifCIpWzFdLnNwbGl0KCIgIik7CiAgICAgICAgICAgICAgICBjb25zdCByZXF1ZXN0ZWRTY29wZXMgPSBzY29wZS5zcGxpdCgiICIpOwogICAgICAgICAgICAgICAgY29uc3Qgc2NvcGVzQXJlSW5jbHVkZWQgPSByZXF1ZXN0ZWRTY29wZXMuZXZlcnkoKGtleSA9PiBzY29wZXNLZXkuaW5jbHVkZXMoa2V5KSkpOwogICAgICAgICAgICAgICAgcmV0dXJuIGlzU2FtZUF1ZGllbmNlICYmIHNjb3Blc0FyZUluY2x1ZGVkOwogICAgICAgICAgICB9CiAgICAgICAgfSkpOwogICAgICAgIHJldHVybiBmaW5kQ29pbmNpZGVuY2UgPyB0cnVlIDogZmFsc2U7CiAgICB9OwogICAgY29uc3QgbWVzc2FnZUhhbmRsZXIgPSBhc3luYyAoe2RhdGE6IHt0aW1lb3V0OiB0aW1lb3V0LCBhdXRoOiBhdXRoLCBmZXRjaFVybDogZmV0Y2hVcmwsIGZldGNoT3B0aW9uczogZmV0Y2hPcHRpb25zLCB1c2VGb3JtRGF0YTogdXNlRm9ybURhdGEsIHVzZU1ycnQ6IHVzZU1ycnR9LCBwb3J0czogW3BvcnRdfSkgPT4gewogICAgICAgIGxldCBoZWFkZXJzID0ge307CiAgICAgICAgbGV0IGpzb247CiAgICAgICAgbGV0IHJlZnJlc2hUb2tlbjsKICAgICAgICBjb25zdCB7YXVkaWVuY2U6IGF1ZGllbmNlLCBzY29wZTogc2NvcGV9ID0gYXV0aCB8fCB7fTsKICAgICAgICB0cnkgewogICAgICAgICAgICBjb25zdCBib2R5ID0gdXNlRm9ybURhdGEgPyBmb3JtRGF0YVRvT2JqZWN0KGZldGNoT3B0aW9ucy5ib2R5KSA6IEpTT04ucGFyc2UoZmV0Y2hPcHRpb25zLmJvZHkpOwogICAgICAgICAgICBpZiAoIWJvZHkucmVmcmVzaF90b2tlbiAmJiBib2R5LmdyYW50X3R5cGUgPT09ICJyZWZyZXNoX3Rva2VuIikgewogICAgICAgICAgICAgICAgcmVmcmVzaFRva2VuID0gZ2V0UmVmcmVzaFRva2VuKGF1ZGllbmNlLCBzY29wZSk7CiAgICAgICAgICAgICAgICBpZiAoIXJlZnJlc2hUb2tlbiAmJiB1c2VNcnJ0KSB7CiAgICAgICAgICAgICAgICAgICAgY29uc3QgbGF0ZXN0UmVmcmVzaFRva2VuID0gcmVmcmVzaFRva2Vuc1sibGF0ZXN0X3JlZnJlc2hfdG9rZW4iXTsKICAgICAgICAgICAgICAgICAgICBjb25zdCBpc0Rvd25zY29waW5nID0gY2hlY2tEb3duc2NvcGluZyhzY29wZSwgYXVkaWVuY2UpOwogICAgICAgICAgICAgICAgICAgIGlmIChsYXRlc3RSZWZyZXNoVG9rZW4gJiYgIWlzRG93bnNjb3BpbmcpIHsKICAgICAgICAgICAgICAgICAgICAgICAgcmVmcmVzaFRva2VuID0gbGF0ZXN0UmVmcmVzaFRva2VuOwogICAgICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIH0KICAgICAgICAgICAgICAgIGlmICghcmVmcmVzaFRva2VuKSB7CiAgICAgICAgICAgICAgICAgICAgdGhyb3cgbmV3IE1pc3NpbmdSZWZyZXNoVG9rZW5FcnJvcihhdWRpZW5jZSwgc2NvcGUpOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgZmV0Y2hPcHRpb25zLmJvZHkgPSB1c2VGb3JtRGF0YSA/IGNyZWF0ZVF1ZXJ5UGFyYW1zKE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSwgYm9keSksIHsKICAgICAgICAgICAgICAgICAgICByZWZyZXNoX3Rva2VuOiByZWZyZXNoVG9rZW4KICAgICAgICAgICAgICAgIH0pKSA6IEpTT04uc3RyaW5naWZ5KE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSwgYm9keSksIHsKICAgICAgICAgICAgICAgICAgICByZWZyZXNoX3Rva2VuOiByZWZyZXNoVG9rZW4KICAgICAgICAgICAgICAgIH0pKTsKICAgICAgICAgICAgfQogICAgICAgICAgICBsZXQgYWJvcnRDb250cm9sbGVyOwogICAgICAgICAgICBpZiAodHlwZW9mIEFib3J0Q29udHJvbGxlciA9PT0gImZ1bmN0aW9uIikgewogICAgICAgICAgICAgICAgYWJvcnRDb250cm9sbGVyID0gbmV3IEFib3J0Q29udHJvbGxlcjsKICAgICAgICAgICAgICAgIGZldGNoT3B0aW9ucy5zaWduYWwgPSBhYm9ydENvbnRyb2xsZXIuc2lnbmFsOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGxldCByZXNwb25zZTsKICAgICAgICAgICAgdHJ5IHsKICAgICAgICAgICAgICAgIHJlc3BvbnNlID0gYXdhaXQgUHJvbWlzZS5yYWNlKFsgd2FpdCh0aW1lb3V0KSwgZmV0Y2goZmV0Y2hVcmwsIE9iamVjdC5hc3NpZ24oe30sIGZldGNoT3B0aW9ucykpIF0pOwogICAgICAgICAgICB9IGNhdGNoIChlcnJvcikgewogICAgICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICAgICAgZXJyb3I6IGVycm9yLm1lc3NhZ2UKICAgICAgICAgICAgICAgIH0pOwogICAgICAgICAgICAgICAgcmV0dXJuOwogICAgICAgICAgICB9CiAgICAgICAgICAgIGlmICghcmVzcG9uc2UpIHsKICAgICAgICAgICAgICAgIGlmIChhYm9ydENvbnRyb2xsZXIpIGFib3J0Q29udHJvbGxlci5hYm9ydCgpOwogICAgICAgICAgICAgICAgcG9ydC5wb3N0TWVzc2FnZSh7CiAgICAgICAgICAgICAgICAgICAgZXJyb3I6ICJUaW1lb3V0IHdoZW4gZXhlY3V0aW5nICdmZXRjaCciCiAgICAgICAgICAgICAgICB9KTsKICAgICAgICAgICAgICAgIHJldHVybjsKICAgICAgICAgICAgfQogICAgICAgICAgICBoZWFkZXJzID0gZnJvbUVudHJpZXMocmVzcG9uc2UuaGVhZGVycyk7CiAgICAgICAgICAgIGpzb24gPSBhd2FpdCByZXNwb25zZS5qc29uKCk7CiAgICAgICAgICAgIGlmIChqc29uLnJlZnJlc2hfdG9rZW4pIHsKICAgICAgICAgICAgICAgIGlmICh1c2VNcnJ0ICYmIGF1ZGllbmNlICE9PSAiZGVmYXVsdCIpIHsKICAgICAgICAgICAgICAgICAgICByZWZyZXNoVG9rZW5zWyJsYXRlc3RfcmVmcmVzaF90b2tlbiJdID0ganNvbi5yZWZyZXNoX3Rva2VuOwogICAgICAgICAgICAgICAgICAgIHVwZGF0ZVJlZnJlc2hUb2tlbnMocmVmcmVzaFRva2VuLCBqc29uLnJlZnJlc2hfdG9rZW4pOwogICAgICAgICAgICAgICAgfQogICAgICAgICAgICAgICAgc2V0UmVmcmVzaFRva2VuKGpzb24ucmVmcmVzaF90b2tlbiwgYXVkaWVuY2UsIHNjb3BlKTsKICAgICAgICAgICAgICAgIGRlbGV0ZSBqc29uLnJlZnJlc2hfdG9rZW47CiAgICAgICAgICAgIH0gZWxzZSB7CiAgICAgICAgICAgICAgICBkZWxldGVSZWZyZXNoVG9rZW4oYXVkaWVuY2UsIHNjb3BlKTsKICAgICAgICAgICAgfQogICAgICAgICAgICBwb3J0LnBvc3RNZXNzYWdlKHsKICAgICAgICAgICAgICAgIG9rOiByZXNwb25zZS5vaywKICAgICAgICAgICAgICAgIGpzb246IGpzb24sCiAgICAgICAgICAgICAgICBoZWFkZXJzOiBoZWFkZXJzCiAgICAgICAgICAgIH0pOwogICAgICAgIH0gY2F0Y2ggKGVycm9yKSB7CiAgICAgICAgICAgIHBvcnQucG9zdE1lc3NhZ2UoewogICAgICAgICAgICAgICAgb2s6IGZhbHNlLAogICAgICAgICAgICAgICAganNvbjogewogICAgICAgICAgICAgICAgICAgIGVycm9yOiBlcnJvci5lcnJvciwKICAgICAgICAgICAgICAgICAgICBlcnJvcl9kZXNjcmlwdGlvbjogZXJyb3IubWVzc2FnZQogICAgICAgICAgICAgICAgfSwKICAgICAgICAgICAgICAgIGhlYWRlcnM6IGhlYWRlcnMKICAgICAgICAgICAgfSk7CiAgICAgICAgfQogICAgfTsKICAgIHsKICAgICAgICBhZGRFdmVudExpc3RlbmVyKCJtZXNzYWdlIiwgbWVzc2FnZUhhbmRsZXIpOwogICAgfQp9KSgpOwoK", null, false);
1745
1805
  const singlePromiseMap = {};
1746
1806
  const singlePromise = (cb, key) => {
1747
1807
  let promise = singlePromiseMap[key];
@@ -1828,6 +1888,30 @@
1828
1888
  });
1829
1889
  return result;
1830
1890
  };
1891
+ const allScopesAreIncluded = (scopeToInclude, scopes) => {
1892
+ const scopeGroup = (scopes === null || scopes === void 0 ? void 0 : scopes.split(" ")) || [];
1893
+ const scopesToInclude = (scopeToInclude === null || scopeToInclude === void 0 ? void 0 : scopeToInclude.split(" ")) || [];
1894
+ return scopesToInclude.every((key => scopeGroup.includes(key)));
1895
+ };
1896
+ const getScopeToRequest = (useMrrt, authorizationParams, cachedAudience, cachedScope) => {
1897
+ var _a;
1898
+ if (useMrrt && cachedAudience && cachedScope) {
1899
+ if (authorizationParams.audience !== cachedAudience) {
1900
+ return authorizationParams.scope;
1901
+ }
1902
+ const cachedScopes = cachedScope.split(" ");
1903
+ const newScopes = ((_a = authorizationParams.scope) === null || _a === void 0 ? void 0 : _a.split(" ")) || [];
1904
+ const newScopesAreIncluded = newScopes.every((scope => cachedScopes.includes(scope)));
1905
+ return cachedScopes.length >= newScopes.length && newScopesAreIncluded ? cachedScope : authorizationParams.scope;
1906
+ }
1907
+ return authorizationParams.scope;
1908
+ };
1909
+ const isRefreshWithMrrt = (cachedAudience, cachedScope, requestAudience, requestScope) => {
1910
+ if (cachedAudience !== requestAudience) {
1911
+ return true;
1912
+ }
1913
+ return !allScopesAreIncluded(requestScope, cachedScope);
1914
+ };
1831
1915
  const VERSION = 1;
1832
1916
  const NAME = "auth0-spa-js";
1833
1917
  const TABLES = {
@@ -1955,8 +2039,8 @@
1955
2039
  }
1956
2040
  throw new TypeError("`url` must be absolute or `baseUrl` non-empty.");
1957
2041
  }
1958
- getAccessToken() {
1959
- return this.config.getAccessToken ? this.config.getAccessToken() : this.hooks.getAccessToken();
2042
+ getAccessToken(authParams) {
2043
+ return this.config.getAccessToken ? this.config.getAccessToken(authParams) : this.hooks.getAccessToken(authParams);
1960
2044
  }
1961
2045
  buildBaseRequest(info, init) {
1962
2046
  const request = new Request(info, init);
@@ -1965,7 +2049,7 @@
1965
2049
  }
1966
2050
  return new Request(this.buildUrl(this.config.baseUrl, request.url), request);
1967
2051
  }
1968
- async setAuthorizationHeader(request, accessToken) {
2052
+ setAuthorizationHeader(request, accessToken) {
1969
2053
  request.headers.set("authorization", `${this.config.dpopNonceId ? "DPoP" : "Bearer"} ${accessToken}`);
1970
2054
  }
1971
2055
  async setDpopProofHeader(request, accessToken) {
@@ -1981,8 +2065,8 @@
1981
2065
  });
1982
2066
  request.headers.set("dpop", dpopProof);
1983
2067
  }
1984
- async prepareRequest(request) {
1985
- const accessToken = await this.getAccessToken();
2068
+ async prepareRequest(request, authParams) {
2069
+ const accessToken = await this.getAccessToken(authParams);
1986
2070
  this.setAuthorizationHeader(request, accessToken);
1987
2071
  await this.setDpopProofHeader(request, accessToken);
1988
2072
  }
@@ -2015,19 +2099,76 @@
2015
2099
  }
2016
2100
  return callbacks.onUseDpopNonceError();
2017
2101
  }
2018
- async internalFetchWithAuth(info, init, callbacks) {
2102
+ async internalFetchWithAuth(info, init, callbacks, authParams) {
2019
2103
  const request = this.buildBaseRequest(info, init);
2020
- await this.prepareRequest(request);
2104
+ await this.prepareRequest(request, authParams);
2021
2105
  const response = await this.config.fetch(request);
2022
2106
  return this.handleResponse(response, callbacks);
2023
2107
  }
2024
- fetchWithAuth(info, init) {
2108
+ fetchWithAuth(info, init, authParams) {
2025
2109
  const callbacks = {
2026
2110
  onUseDpopNonceError: () => this.internalFetchWithAuth(info, init, Object.assign(Object.assign({}, callbacks), {
2027
2111
  onUseDpopNonceError: undefined
2028
- }))
2112
+ }), authParams)
2029
2113
  };
2030
- return this.internalFetchWithAuth(info, init, callbacks);
2114
+ return this.internalFetchWithAuth(info, init, callbacks, authParams);
2115
+ }
2116
+ }
2117
+ class MyAccountApiClient {
2118
+ constructor(myAccountFetcher, apiBase) {
2119
+ this.myAccountFetcher = myAccountFetcher;
2120
+ this.apiBase = apiBase;
2121
+ }
2122
+ async connectAccount(params) {
2123
+ const res = await this.myAccountFetcher.fetchWithAuth(`${this.apiBase}v1/connected-accounts/connect`, {
2124
+ method: "POST",
2125
+ headers: {
2126
+ "Content-Type": "application/json"
2127
+ },
2128
+ body: JSON.stringify(params)
2129
+ });
2130
+ return this._handleResponse(res);
2131
+ }
2132
+ async completeAccount(params) {
2133
+ const res = await this.myAccountFetcher.fetchWithAuth(`${this.apiBase}v1/connected-accounts/complete`, {
2134
+ method: "POST",
2135
+ headers: {
2136
+ "Content-Type": "application/json"
2137
+ },
2138
+ body: JSON.stringify(params)
2139
+ });
2140
+ return this._handleResponse(res);
2141
+ }
2142
+ async _handleResponse(res) {
2143
+ let body;
2144
+ try {
2145
+ body = await res.text();
2146
+ body = JSON.parse(body);
2147
+ } catch (err) {
2148
+ throw new MyAccountApiError({
2149
+ type: "invalid_json",
2150
+ status: res.status,
2151
+ title: "Invalid JSON response",
2152
+ detail: body || String(err)
2153
+ });
2154
+ }
2155
+ if (res.ok) {
2156
+ return body;
2157
+ } else {
2158
+ throw new MyAccountApiError(body);
2159
+ }
2160
+ }
2161
+ }
2162
+ class MyAccountApiError extends Error {
2163
+ constructor({type: type, status: status, title: title, detail: detail, validation_errors: validation_errors}) {
2164
+ super(detail);
2165
+ this.name = "MyAccountApiError";
2166
+ this.type = type;
2167
+ this.status = status;
2168
+ this.title = title;
2169
+ this.detail = detail;
2170
+ this.validation_errors = validation_errors;
2171
+ Object.setPrototypeOf(this, MyAccountApiError.prototype);
2031
2172
  }
2032
2173
  }
2033
2174
  const lock = new Lock;
@@ -2076,6 +2217,18 @@
2076
2217
  this.dpop = this.options.useDpop ? new Dpop(this.options.clientId) : undefined;
2077
2218
  this.domainUrl = getDomain(this.options.domain);
2078
2219
  this.tokenIssuer = getTokenIssuer(this.options.issuer, this.domainUrl);
2220
+ const myAccountApiIdentifier = `${this.domainUrl}/me/`;
2221
+ const myAccountFetcher = this.createFetcher(Object.assign(Object.assign({}, this.options.useDpop && {
2222
+ dpopNonceId: "__auth0_my_account_api__"
2223
+ }), {
2224
+ getAccessToken: () => this.getTokenSilently({
2225
+ authorizationParams: {
2226
+ scope: "create:me:connected_accounts",
2227
+ audience: myAccountApiIdentifier
2228
+ }
2229
+ })
2230
+ }));
2231
+ this.myAccountApi = new MyAccountApiClient(myAccountFetcher, myAccountApiIdentifier);
2079
2232
  if (typeof window !== "undefined" && window.Worker && this.options.useRefreshTokens && cacheLocation === CACHE_LOCATION_MEMORY) {
2080
2233
  if (this.options.workerUrl) {
2081
2234
  this.worker = new Worker(this.options.workerUrl);
@@ -2185,7 +2338,8 @@
2185
2338
  const organization = ((_a = urlOptions.authorizationParams) === null || _a === void 0 ? void 0 : _a.organization) || this.options.authorizationParams.organization;
2186
2339
  const _c = await this._prepareAuthorizeUrl(urlOptions.authorizationParams || {}), {url: url} = _c, transaction = __rest(_c, [ "url" ]);
2187
2340
  this.transactionManager.create(Object.assign(Object.assign(Object.assign({}, transaction), {
2188
- appState: appState
2341
+ appState: appState,
2342
+ response_type: exports.ResponseType.Code
2189
2343
  }), organization && {
2190
2344
  organization: organization
2191
2345
  }));
@@ -2201,12 +2355,19 @@
2201
2355
  if (queryStringFragments.length === 0) {
2202
2356
  throw new Error("There are no query params available for parsing.");
2203
2357
  }
2204
- const {state: state, code: code, error: error, error_description: error_description} = parseAuthenticationResult(queryStringFragments.join(""));
2205
2358
  const transaction = this.transactionManager.get();
2206
2359
  if (!transaction) {
2207
2360
  throw new GenericError("missing_transaction", "Invalid state");
2208
2361
  }
2209
2362
  this.transactionManager.remove();
2363
+ const authenticationResult = parseAuthenticationResult(queryStringFragments.join(""));
2364
+ if (transaction.response_type === exports.ResponseType.ConnectCode) {
2365
+ return this._handleConnectAccountRedirectCallback(authenticationResult, transaction);
2366
+ }
2367
+ return this._handleLoginRedirectCallback(authenticationResult, transaction);
2368
+ }
2369
+ async _handleLoginRedirectCallback(authenticationResult, transaction) {
2370
+ const {code: code, state: state, error: error, error_description: error_description} = authenticationResult;
2210
2371
  if (error) {
2211
2372
  throw new AuthenticationError(error, error_description || error, state, transaction.appState);
2212
2373
  }
@@ -2229,9 +2390,32 @@
2229
2390
  organization: organization
2230
2391
  });
2231
2392
  return {
2232
- appState: transaction.appState
2393
+ appState: transaction.appState,
2394
+ response_type: exports.ResponseType.Code
2233
2395
  };
2234
2396
  }
2397
+ async _handleConnectAccountRedirectCallback(connectResult, transaction) {
2398
+ const {connect_code: connect_code, state: state, error: error, error_description: error_description} = connectResult;
2399
+ if (error) {
2400
+ throw new ConnectError(error, error_description || error, transaction.connection, state, transaction.appState);
2401
+ }
2402
+ if (!connect_code) {
2403
+ throw new GenericError("missing_connect_code", "Missing connect code");
2404
+ }
2405
+ if (!transaction.code_verifier || !transaction.state || !transaction.auth_session || !transaction.redirect_uri || transaction.state !== state) {
2406
+ throw new GenericError("state_mismatch", "Invalid state");
2407
+ }
2408
+ const data = await this.myAccountApi.completeAccount({
2409
+ auth_session: transaction.auth_session,
2410
+ connect_code: connect_code,
2411
+ redirect_uri: transaction.redirect_uri,
2412
+ code_verifier: transaction.code_verifier
2413
+ });
2414
+ return Object.assign(Object.assign({}, data), {
2415
+ appState: transaction.appState,
2416
+ response_type: exports.ResponseType.ConnectCode
2417
+ });
2418
+ }
2235
2419
  async checkSession(options) {
2236
2420
  if (!this.cookieStorage.get(this.isAuthenticatedCookieName)) {
2237
2421
  if (!this.cookieStorage.get(OLD_IS_AUTHENTICATED_COOKIE_NAME)) {
@@ -2266,7 +2450,8 @@
2266
2450
  const entry = await this._getEntryFromCache({
2267
2451
  scope: getTokenOptions.authorizationParams.scope,
2268
2452
  audience: getTokenOptions.authorizationParams.audience || "default",
2269
- clientId: this.options.clientId
2453
+ clientId: this.options.clientId,
2454
+ cacheMode: cacheMode
2270
2455
  });
2271
2456
  if (entry) {
2272
2457
  return entry;
@@ -2320,7 +2505,7 @@
2320
2505
  scope: localOptions.authorizationParams.scope,
2321
2506
  audience: localOptions.authorizationParams.audience || "default",
2322
2507
  clientId: this.options.clientId
2323
- }));
2508
+ }), undefined, this.options.useMrrt);
2324
2509
  return cache.access_token;
2325
2510
  }
2326
2511
  async isAuthenticated() {
@@ -2418,7 +2603,7 @@
2418
2603
  scope: options.authorizationParams.scope,
2419
2604
  audience: options.authorizationParams.audience || "default",
2420
2605
  clientId: this.options.clientId
2421
- }));
2606
+ }), undefined, this.options.useMrrt);
2422
2607
  if ((!cache || !cache.refresh_token) && !this.worker) {
2423
2608
  if (this.options.useRefreshTokensFallback) {
2424
2609
  return await this._getTokenFromIFrame(options);
@@ -2427,6 +2612,7 @@
2427
2612
  }
2428
2613
  const redirect_uri = options.authorizationParams.redirect_uri || this.options.authorizationParams.redirect_uri || window.location.origin;
2429
2614
  const timeout = typeof options.timeoutInSeconds === "number" ? options.timeoutInSeconds * 1e3 : null;
2615
+ const scopesToRequest = getScopeToRequest(this.options.useMrrt, options.authorizationParams, cache === null || cache === void 0 ? void 0 : cache.audience, cache === null || cache === void 0 ? void 0 : cache.scope);
2430
2616
  try {
2431
2617
  const tokenResult = await this._requestToken(Object.assign(Object.assign(Object.assign({}, options.authorizationParams), {
2432
2618
  grant_type: "refresh_token",
@@ -2434,7 +2620,24 @@
2434
2620
  redirect_uri: redirect_uri
2435
2621
  }), timeout && {
2436
2622
  timeout: timeout
2437
- }));
2623
+ }), {
2624
+ scopesToRequest: scopesToRequest
2625
+ });
2626
+ if (tokenResult.refresh_token && this.options.useMrrt && (cache === null || cache === void 0 ? void 0 : cache.refresh_token)) {
2627
+ await this.cacheManager.updateEntry(cache.refresh_token, tokenResult.refresh_token);
2628
+ }
2629
+ if (this.options.useMrrt) {
2630
+ const isRefreshMrrt = isRefreshWithMrrt(cache === null || cache === void 0 ? void 0 : cache.audience, cache === null || cache === void 0 ? void 0 : cache.scope, options.authorizationParams.audience, options.authorizationParams.scope);
2631
+ if (isRefreshMrrt) {
2632
+ const tokenHasAllScopes = allScopesAreIncluded(scopesToRequest, tokenResult.scope);
2633
+ if (!tokenHasAllScopes) {
2634
+ if (this.options.useRefreshTokensFallback) {
2635
+ return await this._getTokenFromIFrame(options);
2636
+ }
2637
+ throw new MissingRefreshTokenError(options.authorizationParams.audience || "default", options.authorizationParams.scope);
2638
+ }
2639
+ }
2640
+ }
2438
2641
  return Object.assign(Object.assign({}, tokenResult), {
2439
2642
  scope: options.authorizationParams.scope,
2440
2643
  oauthTokenScope: tokenResult.scope,
@@ -2470,12 +2673,12 @@
2470
2673
  this.userCache.set(CACHE_KEY_ID_TOKEN_SUFFIX, cache);
2471
2674
  return cache;
2472
2675
  }
2473
- async _getEntryFromCache({scope: scope, audience: audience, clientId: clientId}) {
2676
+ async _getEntryFromCache({scope: scope, audience: audience, clientId: clientId, cacheMode: cacheMode}) {
2474
2677
  const entry = await this.cacheManager.get(new CacheKey({
2475
2678
  scope: scope,
2476
2679
  audience: audience,
2477
2680
  clientId: clientId
2478
- }), 60);
2681
+ }), 60, this.options.useMrrt, cacheMode);
2479
2682
  if (entry && entry.access_token) {
2480
2683
  const {token_type: token_type, access_token: access_token, oauthTokenScope: oauthTokenScope, expires_in: expires_in} = entry;
2481
2684
  const cache = await this._getIdTokenFromCache();
@@ -2491,15 +2694,18 @@
2491
2694
  }
2492
2695
  }
2493
2696
  async _requestToken(options, additionalParameters) {
2494
- const {nonceIn: nonceIn, organization: organization} = additionalParameters || {};
2495
- const authResult = await oauthToken(Object.assign({
2697
+ const {nonceIn: nonceIn, organization: organization, scopesToRequest: scopesToRequest} = additionalParameters || {};
2698
+ const authResult = await oauthToken(Object.assign(Object.assign({
2496
2699
  baseUrl: this.domainUrl,
2497
2700
  client_id: this.options.clientId,
2498
2701
  auth0Client: this.options.auth0Client,
2499
2702
  useFormData: this.options.useFormData,
2500
2703
  timeout: this.httpTimeoutMs,
2704
+ useMrrt: this.options.useMrrt,
2501
2705
  dpop: this.dpop
2502
- }, options), this.worker);
2706
+ }, options), {
2707
+ scope: scopesToRequest || options.scope
2708
+ }), this.worker);
2503
2709
  const decodedToken = await this._verifyIdToken(authResult.id_token, nonceIn, organization);
2504
2710
  await this._saveEntryInCache(Object.assign(Object.assign(Object.assign(Object.assign({}, authResult), {
2505
2711
  decodedToken: decodedToken,
@@ -2551,14 +2757,61 @@
2551
2757
  }
2552
2758
  return new Fetcher(config, {
2553
2759
  isDpopEnabled: () => !!this.options.useDpop,
2554
- getAccessToken: () => this.getTokenSilently(),
2760
+ getAccessToken: authParams => {
2761
+ var _a;
2762
+ return this.getTokenSilently({
2763
+ authorizationParams: {
2764
+ scope: (_a = authParams === null || authParams === void 0 ? void 0 : authParams.scope) === null || _a === void 0 ? void 0 : _a.join(" "),
2765
+ audience: authParams === null || authParams === void 0 ? void 0 : authParams.audience
2766
+ }
2767
+ });
2768
+ },
2555
2769
  getDpopNonce: () => this.getDpopNonce(config.dpopNonceId),
2556
- setDpopNonce: nonce => this.setDpopNonce(nonce),
2770
+ setDpopNonce: nonce => this.setDpopNonce(nonce, config.dpopNonceId),
2557
2771
  generateDpopProof: params => this.generateDpopProof(params)
2558
2772
  });
2559
2773
  }
2774
+ async connectAccountWithRedirect(options) {
2775
+ if (!this.options.useDpop) {
2776
+ throw new Error("`useDpop` option must be enabled before using connectAccountWithRedirect.");
2777
+ }
2778
+ if (!this.options.useMrrt) {
2779
+ throw new Error("`useMrrt` option must be enabled before using connectAccountWithRedirect.");
2780
+ }
2781
+ const {openUrl: openUrl, appState: appState, connection: connection, authorization_params: authorization_params, redirectUri: redirectUri = this.options.authorizationParams.redirect_uri || window.location.origin} = options;
2782
+ if (!connection) {
2783
+ throw new Error("connection is required");
2784
+ }
2785
+ const state = encode(createRandomString());
2786
+ const code_verifier = createRandomString();
2787
+ const code_challengeBuffer = await sha256(code_verifier);
2788
+ const code_challenge = bufferToBase64UrlEncoded(code_challengeBuffer);
2789
+ const {connect_uri: connect_uri, connect_params: connect_params, auth_session: auth_session} = await this.myAccountApi.connectAccount({
2790
+ connection: connection,
2791
+ redirect_uri: redirectUri,
2792
+ state: state,
2793
+ code_challenge: code_challenge,
2794
+ code_challenge_method: "S256",
2795
+ authorization_params: authorization_params
2796
+ });
2797
+ this.transactionManager.create({
2798
+ state: state,
2799
+ code_verifier: code_verifier,
2800
+ auth_session: auth_session,
2801
+ redirect_uri: redirectUri,
2802
+ appState: appState,
2803
+ connection: connection,
2804
+ response_type: exports.ResponseType.ConnectCode
2805
+ });
2806
+ const url = new URL(connect_uri);
2807
+ url.searchParams.set("ticket", connect_params.ticket);
2808
+ if (openUrl) {
2809
+ await openUrl(url.toString());
2810
+ } else {
2811
+ window.location.assign(url);
2812
+ }
2813
+ }
2560
2814
  }
2561
- class User {}
2562
2815
  async function createAuth0Client(options) {
2563
2816
  const auth0 = new Auth0Client(options);
2564
2817
  await auth0.checkSession();
@@ -2567,11 +2820,13 @@
2567
2820
  exports.Auth0Client = Auth0Client;
2568
2821
  exports.AuthenticationError = AuthenticationError;
2569
2822
  exports.CacheKey = CacheKey;
2823
+ exports.ConnectError = ConnectError;
2570
2824
  exports.GenericError = GenericError;
2571
2825
  exports.InMemoryCache = InMemoryCache;
2572
2826
  exports.LocalStorageCache = LocalStorageCache;
2573
2827
  exports.MfaRequiredError = MfaRequiredError;
2574
2828
  exports.MissingRefreshTokenError = MissingRefreshTokenError;
2829
+ exports.MyAccountApiError = MyAccountApiError;
2575
2830
  exports.PopupCancelledError = PopupCancelledError;
2576
2831
  exports.PopupTimeoutError = PopupTimeoutError;
2577
2832
  exports.TimeoutError = TimeoutError;