@faable/auth-js 1.5.2 → 1.5.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/main.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"main.js","sources":["../../node_modules/tslib/tslib.es6.js","../../../src/utils.ts","../../../src/lib/storage_helpers.ts","../../../src/lib/helpers.ts","../../../src/lib/jwt.ts","../../../src/lib/constants.ts","../../../src/lib/local-storage.ts","../../../src/lib/errors.ts","../../../src/lib/version.ts","../../../src/BaseLog.ts","../../../src/lib/globals.ts","../../../src/lib/fetch.ts","../../../src/FaableAuthApi.ts","../../../src/lock/locks.ts","../../../src/Base.ts","../../../src/lock/Lock.ts","../../../src/lib/url_helpers.ts","../../../src/lib/helpers/window.ts","../../../src/FaableAuthClient.ts","../../../src/lib/types.ts","../../../src/createClient.ts"],"sourcesContent":["/******************************************************************************\r\nCopyright (c) Microsoft Corporation.\r\n\r\nPermission to use, copy, modify, and/or distribute this software for any\r\npurpose with or without fee is hereby granted.\r\n\r\nTHE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH\r\nREGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY\r\nAND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,\r\nINDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM\r\nLOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR\r\nOTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR\r\nPERFORMANCE OF THIS SOFTWARE.\r\n***************************************************************************** */\r\n/* global Reflect, Promise, SuppressedError, Symbol, Iterator */\r\n\r\nvar extendStatics = function(d, b) {\r\n extendStatics = Object.setPrototypeOf ||\r\n ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||\r\n function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };\r\n return extendStatics(d, b);\r\n};\r\n\r\nexport function __extends(d, b) {\r\n if (typeof b !== \"function\" && b !== null)\r\n throw new TypeError(\"Class extends value \" + String(b) + \" is not a constructor or null\");\r\n extendStatics(d, b);\r\n function __() { this.constructor = d; }\r\n d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());\r\n}\r\n\r\nexport var __assign = function() {\r\n __assign = Object.assign || function __assign(t) {\r\n for (var s, i = 1, n = arguments.length; i < n; i++) {\r\n s = arguments[i];\r\n for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) t[p] = s[p];\r\n }\r\n return t;\r\n }\r\n return __assign.apply(this, arguments);\r\n}\r\n\r\nexport function __rest(s, e) {\r\n var t = {};\r\n for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)\r\n t[p] = s[p];\r\n if (s != null && typeof Object.getOwnPropertySymbols === \"function\")\r\n for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {\r\n if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))\r\n t[p[i]] = s[p[i]];\r\n }\r\n return t;\r\n}\r\n\r\nexport function __decorate(decorators, target, key, desc) {\r\n var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;\r\n if (typeof Reflect === \"object\" && typeof Reflect.decorate === \"function\") r = Reflect.decorate(decorators, target, key, desc);\r\n else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;\r\n return c > 3 && r && Object.defineProperty(target, key, r), r;\r\n}\r\n\r\nexport function __param(paramIndex, decorator) {\r\n return function (target, key) { decorator(target, key, paramIndex); }\r\n}\r\n\r\nexport function __esDecorate(ctor, descriptorIn, decorators, contextIn, initializers, extraInitializers) {\r\n function accept(f) { if (f !== void 0 && typeof f !== \"function\") throw new TypeError(\"Function expected\"); return f; }\r\n var kind = contextIn.kind, key = kind === \"getter\" ? \"get\" : kind === \"setter\" ? \"set\" : \"value\";\r\n var target = !descriptorIn && ctor ? contextIn[\"static\"] ? ctor : ctor.prototype : null;\r\n var descriptor = descriptorIn || (target ? Object.getOwnPropertyDescriptor(target, contextIn.name) : {});\r\n var _, done = false;\r\n for (var i = decorators.length - 1; i >= 0; i--) {\r\n var context = {};\r\n for (var p in contextIn) context[p] = p === \"access\" ? {} : contextIn[p];\r\n for (var p in contextIn.access) context.access[p] = contextIn.access[p];\r\n context.addInitializer = function (f) { if (done) throw new TypeError(\"Cannot add initializers after decoration has completed\"); extraInitializers.push(accept(f || null)); };\r\n var result = (0, decorators[i])(kind === \"accessor\" ? { get: descriptor.get, set: descriptor.set } : descriptor[key], context);\r\n if (kind === \"accessor\") {\r\n if (result === void 0) continue;\r\n if (result === null || typeof result !== \"object\") throw new TypeError(\"Object expected\");\r\n if (_ = accept(result.get)) descriptor.get = _;\r\n if (_ = accept(result.set)) descriptor.set = _;\r\n if (_ = accept(result.init)) initializers.unshift(_);\r\n }\r\n else if (_ = accept(result)) {\r\n if (kind === \"field\") initializers.unshift(_);\r\n else descriptor[key] = _;\r\n }\r\n }\r\n if (target) Object.defineProperty(target, contextIn.name, descriptor);\r\n done = true;\r\n};\r\n\r\nexport function __runInitializers(thisArg, initializers, value) {\r\n var useValue = arguments.length > 2;\r\n for (var i = 0; i < initializers.length; i++) {\r\n value = useValue ? initializers[i].call(thisArg, value) : initializers[i].call(thisArg);\r\n }\r\n return useValue ? value : void 0;\r\n};\r\n\r\nexport function __propKey(x) {\r\n return typeof x === \"symbol\" ? x : \"\".concat(x);\r\n};\r\n\r\nexport function __setFunctionName(f, name, prefix) {\r\n if (typeof name === \"symbol\") name = name.description ? \"[\".concat(name.description, \"]\") : \"\";\r\n return Object.defineProperty(f, \"name\", { configurable: true, value: prefix ? \"\".concat(prefix, \" \", name) : name });\r\n};\r\n\r\nexport function __metadata(metadataKey, metadataValue) {\r\n if (typeof Reflect === \"object\" && typeof Reflect.metadata === \"function\") return Reflect.metadata(metadataKey, metadataValue);\r\n}\r\n\r\nexport function __awaiter(thisArg, _arguments, P, generator) {\r\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\r\n return new (P || (P = Promise))(function (resolve, reject) {\r\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\r\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\r\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\r\n step((generator = generator.apply(thisArg, _arguments || [])).next());\r\n });\r\n}\r\n\r\nexport function __generator(thisArg, body) {\r\n var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g = Object.create((typeof Iterator === \"function\" ? Iterator : Object).prototype);\r\n return g.next = verb(0), g[\"throw\"] = verb(1), g[\"return\"] = verb(2), typeof Symbol === \"function\" && (g[Symbol.iterator] = function() { return this; }), g;\r\n function verb(n) { return function (v) { return step([n, v]); }; }\r\n function step(op) {\r\n if (f) throw new TypeError(\"Generator is already executing.\");\r\n while (g && (g = 0, op[0] && (_ = 0)), _) try {\r\n if (f = 1, y && (t = op[0] & 2 ? y[\"return\"] : op[0] ? y[\"throw\"] || ((t = y[\"return\"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;\r\n if (y = 0, t) op = [op[0] & 2, t.value];\r\n switch (op[0]) {\r\n case 0: case 1: t = op; break;\r\n case 4: _.label++; return { value: op[1], done: false };\r\n case 5: _.label++; y = op[1]; op = [0]; continue;\r\n case 7: op = _.ops.pop(); _.trys.pop(); continue;\r\n default:\r\n if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }\r\n if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }\r\n if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }\r\n if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }\r\n if (t[2]) _.ops.pop();\r\n _.trys.pop(); continue;\r\n }\r\n op = body.call(thisArg, _);\r\n } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }\r\n if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };\r\n }\r\n}\r\n\r\nexport var __createBinding = Object.create ? (function(o, m, k, k2) {\r\n if (k2 === undefined) k2 = k;\r\n var desc = Object.getOwnPropertyDescriptor(m, k);\r\n if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\r\n desc = { enumerable: true, get: function() { return m[k]; } };\r\n }\r\n Object.defineProperty(o, k2, desc);\r\n}) : (function(o, m, k, k2) {\r\n if (k2 === undefined) k2 = k;\r\n o[k2] = m[k];\r\n});\r\n\r\nexport function __exportStar(m, o) {\r\n for (var p in m) if (p !== \"default\" && !Object.prototype.hasOwnProperty.call(o, p)) __createBinding(o, m, p);\r\n}\r\n\r\nexport function __values(o) {\r\n var s = typeof Symbol === \"function\" && Symbol.iterator, m = s && o[s], i = 0;\r\n if (m) return m.call(o);\r\n if (o && typeof o.length === \"number\") return {\r\n next: function () {\r\n if (o && i >= o.length) o = void 0;\r\n return { value: o && o[i++], done: !o };\r\n }\r\n };\r\n throw new TypeError(s ? \"Object is not iterable.\" : \"Symbol.iterator is not defined.\");\r\n}\r\n\r\nexport function __read(o, n) {\r\n var m = typeof Symbol === \"function\" && o[Symbol.iterator];\r\n if (!m) return o;\r\n var i = m.call(o), r, ar = [], e;\r\n try {\r\n while ((n === void 0 || n-- > 0) && !(r = i.next()).done) ar.push(r.value);\r\n }\r\n catch (error) { e = { error: error }; }\r\n finally {\r\n try {\r\n if (r && !r.done && (m = i[\"return\"])) m.call(i);\r\n }\r\n finally { if (e) throw e.error; }\r\n }\r\n return ar;\r\n}\r\n\r\n/** @deprecated */\r\nexport function __spread() {\r\n for (var ar = [], i = 0; i < arguments.length; i++)\r\n ar = ar.concat(__read(arguments[i]));\r\n return ar;\r\n}\r\n\r\n/** @deprecated */\r\nexport function __spreadArrays() {\r\n for (var s = 0, i = 0, il = arguments.length; i < il; i++) s += arguments[i].length;\r\n for (var r = Array(s), k = 0, i = 0; i < il; i++)\r\n for (var a = arguments[i], j = 0, jl = a.length; j < jl; j++, k++)\r\n r[k] = a[j];\r\n return r;\r\n}\r\n\r\nexport function __spreadArray(to, from, pack) {\r\n if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {\r\n if (ar || !(i in from)) {\r\n if (!ar) ar = Array.prototype.slice.call(from, 0, i);\r\n ar[i] = from[i];\r\n }\r\n }\r\n return to.concat(ar || Array.prototype.slice.call(from));\r\n}\r\n\r\nexport function __await(v) {\r\n return this instanceof __await ? (this.v = v, this) : new __await(v);\r\n}\r\n\r\nexport function __asyncGenerator(thisArg, _arguments, generator) {\r\n if (!Symbol.asyncIterator) throw new TypeError(\"Symbol.asyncIterator is not defined.\");\r\n var g = generator.apply(thisArg, _arguments || []), i, q = [];\r\n return i = Object.create((typeof AsyncIterator === \"function\" ? AsyncIterator : Object).prototype), verb(\"next\"), verb(\"throw\"), verb(\"return\", awaitReturn), i[Symbol.asyncIterator] = function () { return this; }, i;\r\n function awaitReturn(f) { return function (v) { return Promise.resolve(v).then(f, reject); }; }\r\n function verb(n, f) { if (g[n]) { i[n] = function (v) { return new Promise(function (a, b) { q.push([n, v, a, b]) > 1 || resume(n, v); }); }; if (f) i[n] = f(i[n]); } }\r\n function resume(n, v) { try { step(g[n](v)); } catch (e) { settle(q[0][3], e); } }\r\n function step(r) { r.value instanceof __await ? Promise.resolve(r.value.v).then(fulfill, reject) : settle(q[0][2], r); }\r\n function fulfill(value) { resume(\"next\", value); }\r\n function reject(value) { resume(\"throw\", value); }\r\n function settle(f, v) { if (f(v), q.shift(), q.length) resume(q[0][0], q[0][1]); }\r\n}\r\n\r\nexport function __asyncDelegator(o) {\r\n var i, p;\r\n return i = {}, verb(\"next\"), verb(\"throw\", function (e) { throw e; }), verb(\"return\"), i[Symbol.iterator] = function () { return this; }, i;\r\n function verb(n, f) { i[n] = o[n] ? function (v) { return (p = !p) ? { value: __await(o[n](v)), done: false } : f ? f(v) : v; } : f; }\r\n}\r\n\r\nexport function __asyncValues(o) {\r\n if (!Symbol.asyncIterator) throw new TypeError(\"Symbol.asyncIterator is not defined.\");\r\n var m = o[Symbol.asyncIterator], i;\r\n return m ? m.call(o) : (o = typeof __values === \"function\" ? __values(o) : o[Symbol.iterator](), i = {}, verb(\"next\"), verb(\"throw\"), verb(\"return\"), i[Symbol.asyncIterator] = function () { return this; }, i);\r\n function verb(n) { i[n] = o[n] && function (v) { return new Promise(function (resolve, reject) { v = o[n](v), settle(resolve, reject, v.done, v.value); }); }; }\r\n function settle(resolve, reject, d, v) { Promise.resolve(v).then(function(v) { resolve({ value: v, done: d }); }, reject); }\r\n}\r\n\r\nexport function __makeTemplateObject(cooked, raw) {\r\n if (Object.defineProperty) { Object.defineProperty(cooked, \"raw\", { value: raw }); } else { cooked.raw = raw; }\r\n return cooked;\r\n};\r\n\r\nvar __setModuleDefault = Object.create ? (function(o, v) {\r\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\r\n}) : function(o, v) {\r\n o[\"default\"] = v;\r\n};\r\n\r\nvar ownKeys = function(o) {\r\n ownKeys = Object.getOwnPropertyNames || function (o) {\r\n var ar = [];\r\n for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;\r\n return ar;\r\n };\r\n return ownKeys(o);\r\n};\r\n\r\nexport function __importStar(mod) {\r\n if (mod && mod.__esModule) return mod;\r\n var result = {};\r\n if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== \"default\") __createBinding(result, mod, k[i]);\r\n __setModuleDefault(result, mod);\r\n return result;\r\n}\r\n\r\nexport function __importDefault(mod) {\r\n return (mod && mod.__esModule) ? mod : { default: mod };\r\n}\r\n\r\nexport function __classPrivateFieldGet(receiver, state, kind, f) {\r\n if (kind === \"a\" && !f) throw new TypeError(\"Private accessor was defined without a getter\");\r\n if (typeof state === \"function\" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError(\"Cannot read private member from an object whose class did not declare it\");\r\n return kind === \"m\" ? f : kind === \"a\" ? f.call(receiver) : f ? f.value : state.get(receiver);\r\n}\r\n\r\nexport function __classPrivateFieldSet(receiver, state, value, kind, f) {\r\n if (kind === \"m\") throw new TypeError(\"Private method is not writable\");\r\n if (kind === \"a\" && !f) throw new TypeError(\"Private accessor was defined without a setter\");\r\n if (typeof state === \"function\" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError(\"Cannot write private member to an object whose class did not declare it\");\r\n return (kind === \"a\" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;\r\n}\r\n\r\nexport function __classPrivateFieldIn(state, receiver) {\r\n if (receiver === null || (typeof receiver !== \"object\" && typeof receiver !== \"function\")) throw new TypeError(\"Cannot use 'in' operator on non-object\");\r\n return typeof state === \"function\" ? receiver === state : state.has(receiver);\r\n}\r\n\r\nexport function __addDisposableResource(env, value, async) {\r\n if (value !== null && value !== void 0) {\r\n if (typeof value !== \"object\" && typeof value !== \"function\") throw new TypeError(\"Object expected.\");\r\n var dispose, inner;\r\n if (async) {\r\n if (!Symbol.asyncDispose) throw new TypeError(\"Symbol.asyncDispose is not defined.\");\r\n dispose = value[Symbol.asyncDispose];\r\n }\r\n if (dispose === void 0) {\r\n if (!Symbol.dispose) throw new TypeError(\"Symbol.dispose is not defined.\");\r\n dispose = value[Symbol.dispose];\r\n if (async) inner = dispose;\r\n }\r\n if (typeof dispose !== \"function\") throw new TypeError(\"Object not disposable.\");\r\n if (inner) dispose = function() { try { inner.call(this); } catch (e) { return Promise.reject(e); } };\r\n env.stack.push({ value: value, dispose: dispose, async: async });\r\n }\r\n else if (async) {\r\n env.stack.push({ async: true });\r\n }\r\n return value;\r\n\r\n}\r\n\r\nvar _SuppressedError = typeof SuppressedError === \"function\" ? SuppressedError : function (error, suppressed, message) {\r\n var e = new Error(message);\r\n return e.name = \"SuppressedError\", e.error = error, e.suppressed = suppressed, e;\r\n};\r\n\r\nexport function __disposeResources(env) {\r\n function fail(e) {\r\n env.error = env.hasError ? new _SuppressedError(e, env.error, \"An error was suppressed during disposal.\") : e;\r\n env.hasError = true;\r\n }\r\n var r, s = 0;\r\n function next() {\r\n while (r = env.stack.pop()) {\r\n try {\r\n if (!r.async && s === 1) return s = 0, env.stack.push(r), Promise.resolve().then(next);\r\n if (r.dispose) {\r\n var result = r.dispose.call(r.value);\r\n if (r.async) return s |= 2, Promise.resolve(result).then(next, function(e) { fail(e); return next(); });\r\n }\r\n else s |= 1;\r\n }\r\n catch (e) {\r\n fail(e);\r\n }\r\n }\r\n if (s === 1) return env.hasError ? Promise.reject(env.error) : Promise.resolve();\r\n if (env.hasError) throw env.error;\r\n }\r\n return next();\r\n}\r\n\r\nexport function __rewriteRelativeImportExtension(path, preserveJsx) {\r\n if (typeof path === \"string\" && /^\\.\\.?\\//.test(path)) {\r\n return path.replace(/\\.(tsx)$|((?:\\.d)?)((?:\\.[^./]+?)?)\\.([cm]?)ts$/i, function (m, tsx, d, ext, cm) {\r\n return tsx ? preserveJsx ? \".jsx\" : \".js\" : d && (!ext || !cm) ? m : (d + ext + \".\" + cm.toLowerCase() + \"js\");\r\n });\r\n }\r\n return path;\r\n}\r\n\r\nexport default {\r\n __extends: __extends,\r\n __assign: __assign,\r\n __rest: __rest,\r\n __decorate: __decorate,\r\n __param: __param,\r\n __esDecorate: __esDecorate,\r\n __runInitializers: __runInitializers,\r\n __propKey: __propKey,\r\n __setFunctionName: __setFunctionName,\r\n __metadata: __metadata,\r\n __awaiter: __awaiter,\r\n __generator: __generator,\r\n __createBinding: __createBinding,\r\n __exportStar: __exportStar,\r\n __values: __values,\r\n __read: __read,\r\n __spread: __spread,\r\n __spreadArrays: __spreadArrays,\r\n __spreadArray: __spreadArray,\r\n __await: __await,\r\n __asyncGenerator: __asyncGenerator,\r\n __asyncDelegator: __asyncDelegator,\r\n __asyncValues: __asyncValues,\r\n __makeTemplateObject: __makeTemplateObject,\r\n __importStar: __importStar,\r\n __importDefault: __importDefault,\r\n __classPrivateFieldGet: __classPrivateFieldGet,\r\n __classPrivateFieldSet: __classPrivateFieldSet,\r\n __classPrivateFieldIn: __classPrivateFieldIn,\r\n __addDisposableResource: __addDisposableResource,\r\n __disposeResources: __disposeResources,\r\n __rewriteRelativeImportExtension: __rewriteRelativeImportExtension,\r\n};\r\n","import { AuthenticationResult } from \"./lib/types\";\n\nexport const parseAuthenticationResult = (\n queryString: string\n): AuthenticationResult => {\n if (queryString.indexOf(\"#\") > -1) {\n queryString = queryString.substring(0, queryString.indexOf(\"#\"));\n }\n\n const searchParams = new URLSearchParams(queryString);\n\n return {\n state: searchParams.get(\"state\")!,\n code: searchParams.get(\"code\") || undefined,\n error: searchParams.get(\"error\") || undefined,\n error_description: searchParams.get(\"error_description\") || undefined,\n };\n};\n\nconst stripUndefined = (params: any) => {\n return Object.keys(params)\n .filter((k) => typeof params[k] !== \"undefined\")\n .reduce((acc, key) => ({ ...acc, [key]: params[key] }), {});\n};\n\nexport const createQueryParams = ({ clientId: client_id, ...params }: any) => {\n return new URLSearchParams(\n stripUndefined({ client_id, ...params })\n ).toString();\n};\n\n/**\n * @ignore\n */\nexport const getTokenIssuer = (\n issuer: string | undefined,\n domainUrl: string\n) => {\n if (issuer) {\n return issuer.startsWith(\"https://\") ? issuer : `https://${issuer}`;\n }\n\n return `${domainUrl}`;\n};\n\nexport const getDomain = (domainUrl: string) => {\n if (!/^(https|http)?:\\/\\//.test(domainUrl)) {\n const protocol = location?.protocol || \"https\";\n return `${protocol}//${domainUrl}`;\n }\n\n return domainUrl;\n};\n\nexport const encode = (value: string) => btoa(value);\nexport const decode = (value: string) => atob(value);\n\n// https://stackoverflow.com/questions/30106476/\nconst decodeB64 = (input: string) =>\n decodeURIComponent(\n atob(input)\n .split(\"\")\n .map((c) => {\n return \"%\" + (\"00\" + c.charCodeAt(0).toString(16)).slice(-2);\n })\n .join(\"\")\n );\n\nconst urlEncodeB64 = (input: string) => {\n const b64Chars: { [index: string]: string } = { \"+\": \"-\", \"/\": \"_\", \"=\": \"\" };\n return input.replace(/[+/=]/g, (m: string) => b64Chars[m]);\n};\n\nexport const urlDecodeB64 = (input: string) =>\n decodeB64(input.replace(/_/g, \"/\").replace(/-/g, \"+\"));\n\nexport const bufferToBase64UrlEncoded = (input: number[] | Uint8Array) => {\n const ie11SafeInput = new Uint8Array(input);\n return urlEncodeB64(\n window.btoa(String.fromCharCode(...Array.from(ie11SafeInput)))\n );\n};\n\nexport const parseNumber = (value: any): number | undefined => {\n if (typeof value !== \"string\") {\n return value;\n }\n return parseInt(value, 10) || undefined;\n};\n\n/**\n * @ignore\n */\nexport const buildIsAuthenticatedCookieName = (clientId: string) =>\n `auth0.${clientId}.is.authenticated`;\n","import { SupportedStorage } from \"./types\";\n\n// Storage helpers\nexport const setItemAsync = async (\n storage: SupportedStorage,\n key: string,\n data: any\n): Promise<void> => {\n await storage.setItem(key, JSON.stringify(data));\n};\n\nexport const getItemAsync = async (\n storage: SupportedStorage,\n key: string\n): Promise<unknown> => {\n const value = await storage.getItem(key);\n\n if (!value) {\n return null;\n }\n\n try {\n return JSON.parse(value);\n } catch {\n return value;\n }\n};\n\nexport const removeItemAsync = async (\n storage: SupportedStorage,\n key: string\n): Promise<void> => {\n await storage.removeItem(key);\n};\n","import { AuthResponse, SupportedStorage, User, UserResponse } from \"./types\";\nimport { setItemAsync } from \"./storage_helpers\";\nimport { JsonResponse } from \"./fetch\";\n\nfunction dec2hex(dec: number) {\n return (\"0\" + dec.toString(16)).substr(-2);\n}\n\nexport function decodeBase64URL(value: string): string {\n const key =\n \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\";\n let base64 = \"\";\n let chr1, chr2, chr3;\n let enc1, enc2, enc3, enc4;\n let i = 0;\n value = value.replace(\"-\", \"+\").replace(\"_\", \"/\");\n\n while (i < value.length) {\n enc1 = key.indexOf(value.charAt(i++));\n enc2 = key.indexOf(value.charAt(i++));\n enc3 = key.indexOf(value.charAt(i++));\n enc4 = key.indexOf(value.charAt(i++));\n chr1 = (enc1 << 2) | (enc2 >> 4);\n chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);\n chr3 = ((enc3 & 3) << 6) | enc4;\n base64 = base64 + String.fromCharCode(chr1);\n\n if (enc3 != 64 && chr2 != 0) {\n base64 = base64 + String.fromCharCode(chr2);\n }\n if (enc4 != 64 && chr3 != 0) {\n base64 = base64 + String.fromCharCode(chr3);\n }\n }\n return base64;\n}\n\n// Functions below taken from: https://stackoverflow.com/questions/63309409/creating-a-code-verifier-and-challenge-for-pkce-auth-on-spotify-api-in-reactjs\nexport function generatePKCEVerifier() {\n const verifierLength = 56;\n const array = new Uint32Array(verifierLength);\n if (typeof crypto === \"undefined\") {\n const charSet =\n \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~\";\n const charSetLen = charSet.length;\n let verifier = \"\";\n for (let i = 0; i < verifierLength; i++) {\n verifier += charSet.charAt(Math.floor(Math.random() * charSetLen));\n }\n return verifier;\n }\n crypto.getRandomValues(array);\n return Array.from(array, dec2hex).join(\"\");\n}\n\nasync function sha256(randomString: string) {\n const encoder = new TextEncoder();\n const encodedData = encoder.encode(randomString);\n const hash = await crypto.subtle.digest(\"SHA-256\", encodedData);\n const bytes = new Uint8Array(hash);\n\n return Array.from(bytes)\n .map((c) => String.fromCharCode(c))\n .join(\"\");\n}\n\nfunction base64urlencode(str: string) {\n return btoa(str).replace(/\\+/g, \"-\").replace(/\\//g, \"_\").replace(/=+$/, \"\");\n}\n\nexport async function generatePKCEChallenge(verifier: string) {\n const hasCryptoSupport =\n typeof crypto !== \"undefined\" &&\n typeof crypto.subtle !== \"undefined\" &&\n typeof TextEncoder !== \"undefined\";\n\n if (!hasCryptoSupport) {\n console.warn(\n \"WebCrypto API is not supported. Code challenge method will default to use plain instead of sha256.\"\n );\n return verifier;\n }\n const hashed = await sha256(verifier);\n return base64urlencode(hashed);\n}\n\nexport async function getCodeChallengeAndMethod(\n storage: SupportedStorage,\n storageKey: string,\n isPasswordRecovery = false\n) {\n const codeVerifier = generatePKCEVerifier();\n let storedCodeVerifier = codeVerifier;\n if (isPasswordRecovery) {\n storedCodeVerifier += \"/PASSWORD_RECOVERY\";\n }\n await setItemAsync(\n storage,\n `${storageKey}-code-verifier`,\n storedCodeVerifier\n );\n const codeChallenge = await generatePKCEChallenge(codeVerifier);\n const codeChallengeMethod = codeVerifier === codeChallenge ? \"plain\" : \"S256\";\n return [codeChallenge, codeChallengeMethod];\n}\n\nexport const isBrowser = () => typeof document !== \"undefined\";\n\nconst localStorageWriteTests = {\n tested: false,\n writable: false,\n};\n\n/**\n * Checks whether localStorage is supported on this browser.\n */\nexport const supportsLocalStorage = () => {\n if (!isBrowser()) {\n return false;\n }\n\n try {\n if (typeof globalThis.localStorage !== \"object\") {\n return false;\n }\n } catch (e) {\n // DOM exception when accessing `localStorage`\n return false;\n }\n\n if (localStorageWriteTests.tested) {\n return localStorageWriteTests.writable;\n }\n\n const randomKey = `lswt-${Math.random()}${Math.random()}`;\n\n try {\n globalThis.localStorage.setItem(randomKey, randomKey);\n globalThis.localStorage.removeItem(randomKey);\n\n localStorageWriteTests.tested = true;\n localStorageWriteTests.writable = true;\n } catch (e) {\n // localStorage can't be written to\n // https://www.chromium.org/for-testers/bug-reporting-guidelines/uncaught-securityerror-failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document\n\n localStorageWriteTests.tested = true;\n localStorageWriteTests.writable = false;\n }\n\n return localStorageWriteTests.writable;\n};\n\nexport function uuid() {\n return \"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx\".replace(/[xy]/g, function (c) {\n const r = (Math.random() * 16) | 0,\n v = c == \"x\" ? r : (r & 0x3) | 0x8;\n return v.toString(16);\n });\n}\n\nexport type RawAuthResponse = {\n expires_at: number;\n expires_in: number;\n user: User;\n access_token: string;\n refresh_token: string;\n token_type: string;\n};\n/**\n * hasSession checks if the response object contains a valid session\n * @param data A response object\n * @returns true if a session is in the response\n */\nfunction hasSession(data: Partial<RawAuthResponse>): data is RawAuthResponse {\n return !!data.access_token && !!data.refresh_token && !!data.expires_in;\n}\n\nexport function expiresAt(expiresIn: number) {\n const timeNow = Math.round(Date.now() / 1000);\n return timeNow + expiresIn;\n}\n\nexport function _sessionResponse({\n data,\n}: JsonResponse<Partial<RawAuthResponse>>): AuthResponse {\n let session = null;\n if (!data) throw new Error(\"Bad session response\");\n if (hasSession(data)) {\n session = { ...data };\n if (!data.expires_at && data.expires_in) {\n session.expires_at = expiresAt(data.expires_in);\n }\n }\n\n const user: User = data.user ?? (data as User);\n return { data: { session, user }, error: null };\n}\n\n/**\n * A deferred represents some asynchronous work that is not yet finished, which\n * may or may not culminate in a value.\n * Taken from: https://github.com/mike-north/types/blob/master/src/async.ts\n */\nexport class Deferred<T = any> {\n public static promiseConstructor: PromiseConstructor = Promise;\n\n public readonly promise!: PromiseLike<T>;\n\n public readonly resolve!: (value?: T | PromiseLike<T>) => void;\n\n public readonly reject!: (reason?: any) => any;\n\n public constructor() {\n // eslint-disable-next-line @typescript-eslint/no-extra-semi\n (this as any).promise = new Deferred.promiseConstructor((res, rej) => {\n // eslint-disable-next-line @typescript-eslint/no-extra-semi\n (this as any).resolve = res;\n // eslint-disable-next-line @typescript-eslint/no-extra-semi\n (this as any).reject = rej;\n });\n }\n}\n\n/**\n * Converts the provided async function into a retryable function. Each result\n * or thrown error is sent to the isRetryable function which should return true\n * if the function should run again.\n */\nexport function retryable<T>(\n fn: (attempt: number) => Promise<T>,\n isRetryable: (attempt: number, error: any | null, result?: T) => boolean\n): Promise<T> {\n const promise = new Promise<T>((accept, reject) => {\n // eslint-disable-next-line @typescript-eslint/no-extra-semi\n (async () => {\n for (let attempt = 0; attempt < Infinity; attempt++) {\n try {\n const result = await fn(attempt);\n\n if (!isRetryable(attempt, null, result)) {\n accept(result);\n return;\n }\n } catch (e: any) {\n if (!isRetryable(attempt, e)) {\n reject(e);\n return;\n }\n }\n }\n })();\n });\n\n return promise;\n}\n\n/**\n * Creates a promise that resolves to null after some time.\n */\nexport async function sleep(time: number): Promise<null> {\n return new Promise((accept) => {\n setTimeout(() => accept(null), time);\n });\n}\n\nexport const checkExpiresInTime = ({\n expires_in,\n expires_at,\n refreshTick,\n}: {\n expires_in: string;\n expires_at?: string;\n refreshTick: number;\n}) => {\n const timeNow = Math.round(Date.now() / 1000);\n const expiresIn = parseInt(expires_in);\n let expiresAt = timeNow + expiresIn;\n\n if (expires_at) {\n expiresAt = parseInt(expires_at);\n }\n\n const actuallyExpiresIn = expiresAt - timeNow;\n if (actuallyExpiresIn * 1000 <= refreshTick) {\n console.warn(\n `@supabase/gotrue-js: Session as retrieved from URL expires in ${actuallyExpiresIn}s, should have been closer to ${expiresIn}s`\n );\n }\n\n const issuedAt = expiresAt - expiresIn;\n if (timeNow - issuedAt >= 120) {\n console.warn(\n \"@supabase/gotrue-js: Session as retrieved from URL was issued over 120s ago, URL could be stale\",\n issuedAt,\n expiresAt,\n timeNow\n );\n } else if (timeNow - issuedAt < 0) {\n console.warn(\n \"@supabase/gotrue-js: Session as retrieved from URL was issued in the future? Check the device clok for skew\",\n issuedAt,\n expiresAt,\n timeNow\n );\n }\n\n return { expiresIn, expiresAt };\n};\n","import { decodeBase64URL } from \"./helpers\";\n\n/**\n * @ignore\n */\nexport interface JWTVerifyOptions {\n iss: string;\n aud: string;\n id_token: string;\n nonce?: string;\n leeway?: number;\n max_age?: number;\n organizationId?: string;\n now?: number;\n}\n\nexport interface IdToken {\n __raw: string;\n name?: string;\n given_name?: string;\n family_name?: string;\n middle_name?: string;\n nickname?: string;\n preferred_username?: string;\n profile?: string;\n picture?: string;\n website?: string;\n email?: string;\n email_verified?: boolean;\n gender?: string;\n birthdate?: string;\n zoneinfo?: string;\n locale?: string;\n phone_number?: string;\n phone_number_verified?: boolean;\n address?: string;\n updated_at?: string;\n iss?: string;\n aud?: string;\n exp?: number;\n nbf?: number;\n iat?: number;\n jti?: string;\n azp?: string;\n nonce?: string;\n auth_time?: string;\n at_hash?: string;\n c_hash?: string;\n acr?: string;\n amr?: string;\n sub_jwk?: string;\n cnf?: string;\n sid?: string;\n org_id?: string;\n [key: string]: any;\n}\n\nconst isNumber = (n: any) => typeof n === \"number\";\n\nconst idTokendecoded = [\n \"iss\",\n \"aud\",\n \"exp\",\n \"nbf\",\n \"iat\",\n \"jti\",\n \"azp\",\n \"nonce\",\n \"auth_time\",\n \"at_hash\",\n \"c_hash\",\n \"acr\",\n \"amr\",\n \"sub_jwk\",\n \"cnf\",\n \"sip_from_tag\",\n \"sip_date\",\n \"sip_callid\",\n \"sip_cseq_num\",\n \"sip_via_branch\",\n \"orig\",\n \"dest\",\n \"mky\",\n \"events\",\n \"toe\",\n \"txn\",\n \"rph\",\n \"sid\",\n \"vot\",\n \"vtm\",\n];\n\nexport function decodeJWTPayload(token: string) {\n // Regex checks for base64url format\n const base64UrlRegex =\n /^([a-z0-9_-]{4})*($|[a-z0-9_-]{3}=?$|[a-z0-9_-]{2}(==)?$)$/i;\n\n const parts = token.split(\".\");\n\n if (parts.length !== 3) {\n throw new Error(\"JWT is not valid: not a JWT structure\");\n }\n\n if (!base64UrlRegex.test(parts[1])) {\n throw new Error(\"JWT is not valid: payload is not in base64url format\");\n }\n\n const base64Url = parts[1];\n return JSON.parse(decodeBase64URL(base64Url));\n}\n\nexport const verify = (options: JWTVerifyOptions) => {\n if (!options.id_token) {\n throw new Error(\"ID token is required but missing\");\n }\n\n const decoded = decodeJWTPayload(options.id_token);\n\n if (!decoded.claims.iss) {\n throw new Error(\n \"Issuer (iss) claim must be a string present in the ID token\"\n );\n }\n\n if (decoded.claims.iss !== options.iss) {\n throw new Error(\n `Issuer (iss) claim mismatch in the ID token; expected \"${options.iss}\", found \"${decoded.claims.iss}\"`\n );\n }\n\n if (!decoded.user.sub) {\n throw new Error(\n \"Subject (sub) claim must be a string present in the ID token\"\n );\n }\n\n if (decoded.header.alg !== \"RS256\") {\n throw new Error(\n `Signature algorithm of \"${decoded.header.alg}\" is not supported. Expected the ID token to be signed with \"RS256\".`\n );\n }\n\n if (\n !decoded.claims.aud ||\n !(\n typeof decoded.claims.aud === \"string\" ||\n Array.isArray(decoded.claims.aud)\n )\n ) {\n throw new Error(\n \"Audience (aud) claim must be a string or array of strings present in the ID token\"\n );\n }\n if (Array.isArray(decoded.claims.aud)) {\n if (!decoded.claims.aud.includes(options.aud)) {\n throw new Error(\n `Audience (aud) claim mismatch in the ID token; expected \"${\n options.aud\n }\" but was not one of \"${decoded.claims.aud.join(\", \")}\"`\n );\n }\n if (decoded.claims.aud.length > 1) {\n if (!decoded.claims.azp) {\n throw new Error(\n \"Authorized Party (azp) claim must be a string present in the ID token when Audience (aud) claim has multiple values\"\n );\n }\n if (decoded.claims.azp !== options.aud) {\n throw new Error(\n `Authorized Party (azp) claim mismatch in the ID token; expected \"${options.aud}\", found \"${decoded.claims.azp}\"`\n );\n }\n }\n } else if (decoded.claims.aud !== options.aud) {\n throw new Error(\n `Audience (aud) claim mismatch in the ID token; expected \"${options.aud}\" but found \"${decoded.claims.aud}\"`\n );\n }\n if (options.nonce) {\n if (!decoded.claims.nonce) {\n throw new Error(\n \"Nonce (nonce) claim must be a string present in the ID token\"\n );\n }\n if (decoded.claims.nonce !== options.nonce) {\n throw new Error(\n `Nonce (nonce) claim mismatch in the ID token; expected \"${options.nonce}\", found \"${decoded.claims.nonce}\"`\n );\n }\n }\n\n if (options.max_age && !isNumber(decoded.claims.auth_time)) {\n throw new Error(\n \"Authentication Time (auth_time) claim must be a number present in the ID token when Max Age (max_age) is specified\"\n );\n }\n\n /* c8 ignore next 5 */\n if (decoded.claims.exp == null || !isNumber(decoded.claims.exp)) {\n throw new Error(\n \"Expiration Time (exp) claim must be a number present in the ID token\"\n );\n }\n if (!isNumber(decoded.claims.iat)) {\n throw new Error(\n \"Issued At (iat) claim must be a number present in the ID token\"\n );\n }\n\n const leeway = options.leeway || 60;\n const now = new Date(options.now || Date.now());\n const expDate = new Date(0);\n\n expDate.setUTCSeconds(decoded.claims.exp + leeway);\n\n if (now > expDate) {\n throw new Error(\n `Expiration Time (exp) claim error in the ID token; current time (${now}) is after expiration time (${expDate})`\n );\n }\n\n if (decoded.claims.nbf != null && isNumber(decoded.claims.nbf)) {\n const nbfDate = new Date(0);\n nbfDate.setUTCSeconds(decoded.claims.nbf - leeway);\n if (now < nbfDate) {\n throw new Error(\n `Not Before time (nbf) claim in the ID token indicates that this token can't be used just yet. Current time (${now}) is before ${nbfDate}`\n );\n }\n }\n\n if (decoded.claims.auth_time != null && isNumber(decoded.claims.auth_time)) {\n const authTimeDate = new Date(0);\n authTimeDate.setUTCSeconds(\n parseInt(decoded.claims.auth_time) + (options.max_age as number) + leeway\n );\n\n if (now > authTimeDate) {\n throw new Error(\n `Authentication Time (auth_time) claim in the ID token indicates that too much time has passed since the last end-user authentication. Current time (${now}) is after last auth at ${authTimeDate}`\n );\n }\n }\n\n if (options.organizationId) {\n if (!decoded.claims.org_id) {\n throw new Error(\n \"Organization ID (org_id) claim must be a string present in the ID token\"\n );\n } else if (options.organizationId !== decoded.claims.org_id) {\n throw new Error(\n `Organization ID (org_id) claim mismatch in the ID token; expected \"${options.organizationId}\", found \"${decoded.claims.org_id}\"`\n );\n }\n }\n\n return decoded;\n};\n","import { version } from \"./version\";\nexport const GOTRUE_URL = \"http://localhost:9999\";\nexport const STORAGE_KEY = \"faableauth\";\nexport const EXPIRY_MARGIN = 10; // in seconds\n\nexport const API_VERSION_HEADER_NAME = \"X-Faableauth-Api-Version\";\nexport const API_VERSIONS = {\n \"2024-01-01\": {\n timestamp: Date.parse(\"2024-01-01T00:00:00.0Z\"),\n name: \"2024-01-01\",\n },\n};\n","import { supportsLocalStorage } from \"./helpers\";\nimport { SupportedStorage } from \"./types\";\n\n/**\n * Provides safe access to the globalThis.localStorage property.\n */\nexport const localStorageAdapter: SupportedStorage = {\n getItem: (key) => {\n if (!supportsLocalStorage()) {\n return null;\n }\n\n return globalThis.localStorage.getItem(key);\n },\n setItem: (key, value) => {\n if (!supportsLocalStorage()) {\n return;\n }\n\n globalThis.localStorage.setItem(key, value);\n },\n removeItem: (key) => {\n if (!supportsLocalStorage()) {\n return;\n }\n\n globalThis.localStorage.removeItem(key);\n },\n};\n\n/**\n * Returns a localStorage-like object that stores the key-value pairs in\n * memory.\n */\nexport function memoryLocalStorageAdapter(\n store: { [key: string]: string } = {}\n): SupportedStorage {\n return {\n getItem: (key) => {\n return store[key] || null;\n },\n\n setItem: (key, value) => {\n store[key] = value;\n },\n\n removeItem: (key) => {\n delete store[key];\n },\n };\n}\n","/**\n * Known error codes. Note that the server may also return other error codes\n * not included in this list (if the client library is older than the version\n * on the server).\n */\nexport type ErrorCode =\n | \"unexpected_failure\"\n | \"validation_failed\"\n | \"bad_json\"\n | \"email_exists\"\n | \"phone_exists\"\n | \"bad_jwt\"\n | \"not_admin\"\n | \"no_authorization\"\n | \"user_not_found\"\n | \"session_not_found\"\n | \"flow_state_not_found\"\n | \"flow_state_expired\"\n | \"signup_disabled\"\n | \"user_banned\"\n | \"provider_email_needs_verification\"\n | \"invite_not_found\"\n | \"bad_oauth_state\"\n | \"bad_oauth_callback\"\n | \"oauth_provider_not_supported\"\n | \"unexpected_audience\"\n | \"single_identity_not_deletable\"\n | \"email_conflict_identity_not_deletable\"\n | \"identity_already_exists\"\n | \"email_provider_disabled\"\n | \"phone_provider_disabled\"\n | \"too_many_enrolled_mfa_factors\"\n | \"mfa_factor_name_conflict\"\n | \"mfa_factor_not_found\"\n | \"mfa_ip_address_mismatch\"\n | \"mfa_challenge_expired\"\n | \"mfa_verification_failed\"\n | \"mfa_verification_rejected\"\n | \"insufficient_aal\"\n | \"captcha_failed\"\n | \"saml_provider_disabled\"\n | \"manual_linking_disabled\"\n | \"sms_send_failed\"\n | \"email_not_confirmed\"\n | \"phone_not_confirmed\"\n | \"reauth_nonce_missing\"\n | \"saml_relay_state_not_found\"\n | \"saml_relay_state_expired\"\n | \"saml_idp_not_found\"\n | \"saml_assertion_no_user_id\"\n | \"saml_assertion_no_email\"\n | \"user_already_exists\"\n | \"sso_provider_not_found\"\n | \"saml_metadata_fetch_failed\"\n | \"saml_idp_already_exists\"\n | \"sso_domain_already_exists\"\n | \"saml_entity_id_mismatch\"\n | \"conflict\"\n | \"provider_disabled\"\n | \"user_sso_managed\"\n | \"reauthentication_needed\"\n | \"same_password\"\n | \"reauthentication_not_valid\"\n | \"otp_expired\"\n | \"otp_disabled\"\n | \"identity_not_found\"\n | \"weak_password\"\n | \"over_request_rate_limit\"\n | \"over_email_send_rate_limit\"\n | \"over_sms_send_rate_limit\"\n | \"bad_code_verifier\";\n\nexport class AuthError extends Error {\n /**\n * Error code associated with the error. Most errors coming from\n * HTTP responses will have a code, though some errors that occur\n * before a response is received will not have one present. In that\n * case {@link #status} will also be undefined.\n */\n code: ErrorCode | string | undefined;\n\n /** HTTP status code that caused the error. */\n status: number | undefined;\n\n protected __isAuthError = true;\n\n constructor(message: string, status?: number, code?: string) {\n super(message);\n this.name = \"AuthError\";\n this.status = status;\n this.code = code;\n }\n}\n\nexport class CustomAuthError extends AuthError {\n name: string;\n status: number;\n\n constructor(\n message: string,\n name: string,\n status: number,\n code: string | undefined\n ) {\n super(message, status, code);\n this.name = name;\n this.status = status;\n }\n}\n\nexport class AuthSessionMissingError extends CustomAuthError {\n constructor() {\n super(\"Auth session missing!\", \"AuthSessionMissingError\", 400, undefined);\n }\n}\n\nexport function isAuthError(error: unknown): error is AuthError {\n return (\n typeof error === \"object\" && error !== null && \"__isAuthError\" in error\n );\n}\n\nexport class AuthApiError extends AuthError {\n status: number;\n\n constructor(message: string, status: number, code: string | undefined) {\n super(message, status, code);\n this.name = \"AuthApiError\";\n this.status = status;\n this.code = code;\n }\n}\n\nexport function isAuthApiError(error: unknown): error is AuthApiError {\n return isAuthError(error) && error.name === \"AuthApiError\";\n}\n\nexport class AuthImplicitGrantRedirectError extends CustomAuthError {\n details: { error: string; code: string } | null = null;\n constructor(\n message: string,\n details: { error: string; code: string } | null = null\n ) {\n super(message, \"AuthImplicitGrantRedirectError\", 500, undefined);\n this.details = details;\n }\n\n toJSON() {\n return {\n name: this.name,\n message: this.message,\n status: this.status,\n details: this.details,\n };\n }\n}\n\nexport class AuthPKCEGrantCodeExchangeError extends CustomAuthError {\n details: { error: string; code: string } | null = null;\n\n constructor(\n message: string,\n details: { error: string; code: string } | null = null\n ) {\n super(message, \"AuthPKCEGrantCodeExchangeError\", 500, undefined);\n this.details = details;\n }\n\n toJSON() {\n return {\n name: this.name,\n message: this.message,\n status: this.status,\n details: this.details,\n };\n }\n}\n\nexport class AuthUnknownError extends AuthError {\n originalError: unknown;\n\n constructor(message: string, originalError: unknown) {\n super(message);\n this.name = \"AuthUnknownError\";\n this.originalError = originalError;\n }\n}\n\nexport class AuthInvalidTokenResponseError extends CustomAuthError {\n constructor() {\n super(\n \"Auth session or user missing\",\n \"AuthInvalidTokenResponseError\",\n 500,\n undefined\n );\n }\n}\n\nexport class AuthRetryableFetchError extends CustomAuthError {\n constructor(message: string, status: number) {\n super(message, \"AuthRetryableFetchError\", status, undefined);\n }\n}\n\nexport function isAuthRetryableFetchError(\n error: unknown\n): error is AuthRetryableFetchError {\n return isAuthError(error) && error.name === \"AuthRetryableFetchError\";\n}\n","// Will be overwriten by .github/workflows/release.yml\nexport const version = \"0.0.0\";\n","import { version } from \"./lib/version\";\n\nexport type BaseLogOptions = {\n debug?: boolean | ((message: string, ...args: any[]) => void);\n};\n\nexport abstract class BaseLog {\n protected logDebugMessages: boolean;\n protected logger: (message: string, ...args: any[]) => void = console.log;\n\n constructor(config: BaseLogOptions = {}) {\n this.logDebugMessages = !!config.debug;\n if (typeof config.debug === \"function\") {\n this.logger = config.debug;\n }\n }\n\n protected extraPrint?(): string;\n\n protected _debug(...args: any[]) {\n if (this.logDebugMessages) {\n const extra = this.extraPrint ? this.extraPrint() : \"\";\n this.logger(\n `FaableAuth@${extra} (${version}) ${new Date().toISOString()}`,\n ...args\n );\n }\n\n return this;\n }\n}\n","const win: (Window & typeof globalThis) | undefined =\n typeof window !== \"undefined\" ? window : undefined;\n\nconst global: typeof globalThis | undefined =\n typeof globalThis !== \"undefined\" ? globalThis : win;\nexport const document = global?.document as Document;\n\nexport { win as window };\n\nexport const fetch = (global as any).fetch as typeof globalThis.fetch;\n","import { fetch } from \"./globals\";\n\nexport type JsonResponse<T = any> = {\n data: T | null;\n error?: any;\n};\n\ntype RequestInitWithToken = RequestInit & {\n token: string;\n raw: boolean;\n};\n\nconst headers = (init: Partial<RequestInitWithToken> = {}) => {\n let headers = {};\n if (init?.token) {\n headers = { ...headers, Authorization: `Bearer ${init?.token}` };\n }\n return {\n ...init?.headers,\n ...headers,\n };\n};\n\nconst _handleRes = async (\n res: Response,\n options: Partial<RequestInitWithToken> = {}\n) => {\n const body = options.raw ? await res.text() : await res.json();\n if (res.status >= 300) {\n return {\n data: body,\n error: options.raw ? JSON.parse(body)?.message : body?.message,\n };\n }\n return { data: body, error: null };\n};\n\nexport const _post = async <T>(\n url: string,\n data: object,\n options: Partial<RequestInitWithToken> = {}\n): Promise<JsonResponse<T>> => {\n try {\n const res = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(data),\n headers: { ...headers(options), \"Content-Type\": \"application/json\" },\n });\n\n return _handleRes(res, options);\n } catch (e) {\n return { data: null, error: e };\n }\n};\n\nexport const _get = async <T>(\n url: string,\n options: Partial<RequestInitWithToken> = {}\n): Promise<JsonResponse<T>> => {\n try {\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: headers(options),\n });\n\n return _handleRes(res, options);\n } catch (e) {\n return { data: null, error: e };\n }\n};\n","import { BaseLog, BaseLogOptions } from \"./BaseLog\";\nimport { AuthError } from \"./lib/errors\";\nimport { _get } from \"./lib/fetch\";\n\nexport default class FaableAuthApi extends BaseLog {\n constructor(public base_url: string, config: BaseLogOptions) {\n super(config);\n }\n protected extraPrint(): string {\n return \"api\";\n }\n\n async signOut(params: {\n client_id: string;\n returnTo?: string;\n }): Promise<{ data: null; error: AuthError | null }> {\n const url = `${this.base_url}/logout?${new URLSearchParams(params)}`;\n this._debug(`requesting ${url}`);\n const res = await _get(url);\n this._debug(res);\n if (res.error) {\n return { error: res.error, data: null };\n } else {\n return { error: null, data: null };\n }\n }\n}\n","import { supportsLocalStorage } from \"../lib/helpers\";\n\n/**\n * Provide your own global lock implementation instead of the default\n * implementation. The function should acquire a lock for the duration of the\n * `fn` async function, such that no other client instances will be able to\n * hold it at the same time.\n *\n * @experimental\n *\n * @param name Name of the lock to be acquired.\n * @param acquireTimeout If negative, no timeout should occur. If positive it\n * should throw an Error with an `isAcquireTimeout`\n * property set to true if the operation fails to be\n * acquired after this much time (ms).\n * @param fn The operation to execute when the lock is acquired.\n */\nexport type LockFunc = <R>(\n name: string,\n acquireTimeout: number,\n fn: () => Promise<R>\n) => Promise<R>;\n\n/**\n * @experimental\n */\nexport const internals = {\n /**\n * @experimental\n */\n debug: !!(\n globalThis &&\n supportsLocalStorage() &&\n globalThis.localStorage &&\n globalThis.localStorage.getItem(\"supabase.gotrue-js.locks.debug\") === \"true\"\n ),\n};\n\n/**\n * An error thrown when a lock cannot be acquired after some amount of time.\n *\n * Use the {@link #isAcquireTimeout} property instead of checking with `instanceof`.\n */\nexport abstract class LockAcquireTimeoutError extends Error {\n public readonly isAcquireTimeout = true;\n\n constructor(message: string) {\n super(message);\n }\n}\n\nexport class NavigatorLockAcquireTimeoutError extends LockAcquireTimeoutError {}\n\n/**\n * Implements a global exclusive lock using the Navigator LockManager API. It\n * is available on all browsers released after 2022-03-15 with Safari being the\n * last one to release support. If the API is not available, this function will\n * throw. Make sure you check availablility before configuring {@link\n * GoTrueClient}.\n *\n * You can turn on debugging by setting the `supabase.gotrue-js.locks.debug`\n * local storage item to `true`.\n *\n * Internals:\n *\n * Since the LockManager API does not preserve stack traces for the async\n * function passed in the `request` method, a trick is used where acquiring the\n * lock releases a previously started promise to run the operation in the `fn`\n * function. The lock waits for that promise to finish (with or without error),\n * while the function will finally wait for the result anyway.\n *\n * @param name Name of the lock to be acquired.\n * @param acquireTimeout If negative, no timeout. If 0 an error is thrown if\n * the lock can't be acquired without waiting. If positive, the lock acquire\n * will time out after so many milliseconds. An error is\n * a timeout if it has `isAcquireTimeout` set to true.\n * @param fn The operation to run once the lock is acquired.\n */\nexport async function navigatorLock<R>(\n name: string,\n acquireTimeout: number,\n fn: () => Promise<R>\n): Promise<R> {\n if (internals.debug) {\n console.log(\n \"@supabase/gotrue-js: navigatorLock: acquire lock\",\n name,\n acquireTimeout\n );\n }\n\n const abortController = new globalThis.AbortController();\n\n if (acquireTimeout > 0) {\n setTimeout(() => {\n abortController.abort();\n if (internals.debug) {\n console.log(\n \"@supabase/gotrue-js: navigatorLock acquire timed out\",\n name\n );\n }\n }, acquireTimeout);\n }\n\n // MDN article: https://developer.mozilla.org/en-US/docs/Web/API/LockManager/request\n\n return await globalThis.navigator.locks.request(\n name,\n acquireTimeout === 0\n ? {\n mode: \"exclusive\",\n ifAvailable: true,\n }\n : {\n mode: \"exclusive\",\n signal: abortController.signal,\n },\n async (lock) => {\n if (lock) {\n if (internals.debug) {\n console.log(\n \"@supabase/gotrue-js: navigatorLock: acquired\",\n name,\n lock.name\n );\n }\n\n try {\n return await fn();\n } finally {\n if (internals.debug) {\n console.log(\n \"@supabase/gotrue-js: navigatorLock: released\",\n name,\n lock.name\n );\n }\n }\n } else {\n if (acquireTimeout === 0) {\n if (internals.debug) {\n console.log(\n \"@supabase/gotrue-js: navigatorLock: not immediately available\",\n name\n );\n }\n\n throw new NavigatorLockAcquireTimeoutError(\n `Acquiring an exclusive Navigator LockManager lock \"${name}\" immediately failed`\n );\n } else {\n if (internals.debug) {\n try {\n const result = await globalThis.navigator.locks.query();\n\n console.log(\n \"@supabase/gotrue-js: Navigator LockManager state\",\n JSON.stringify(result, null, \" \")\n );\n } catch (e: any) {\n console.warn(\n \"@supabase/gotrue-js: Error when querying Navigator LockManager state\",\n e\n );\n }\n }\n\n // Browser is not following the Navigator LockManager spec, it\n // returned a null lock when we didn't use ifAvailable. So we can\n // pretend the lock is acquired in the name of backward compatibility\n // and user experience and just run the function.\n console.warn(\n \"@supabase/gotrue-js: Navigator LockManager returned a null lock when using #request without ifAvailable set to true, it appears this browser is not following the LockManager spec https://developer.mozilla.org/en-US/docs/Web/API/LockManager/request\"\n );\n\n return await fn();\n }\n }\n }\n );\n}\n\nexport async function lockNoOp<R>(\n name: string,\n acquireTimeout: number,\n fn: () => Promise<R>\n): Promise<R> {\n return await fn();\n}\n","import { BaseLog, BaseLogOptions } from \"./BaseLog\";\n\nexport abstract class Base extends BaseLog {\n private static nextInstanceID = 0;\n private instanceID: number;\n\n constructor(config: BaseLogOptions = {}) {\n super(config);\n this.instanceID = Base.nextInstanceID;\n Base.nextInstanceID += 1;\n }\n\n extraPrint() {\n return this.instanceID.toString();\n }\n}\n","import { Base } from \"../Base\";\nimport { BaseLogOptions } from \"../BaseLog\";\n\nimport { LockFunc, lockNoOp } from \"./locks\";\n\ntype LockOptions = {\n storageKey: string;\n lock?: LockFunc;\n} & BaseLogOptions;\n\nexport class Lock extends Base {\n protected lock: LockFunc;\n lockAcquired = false;\n protected pendingInLock: Promise<any>[] = [];\n\n protected storageKey: string;\n\n constructor(options: LockOptions) {\n super({ debug: options.debug });\n this.lock = options.lock || lockNoOp;\n this.storageKey = options.storageKey;\n }\n\n /**\n * Acquires a global lock based on the storage key.\n */\n async _acquireLock<R>(\n acquireTimeout: number,\n fn: () => Promise<R>\n ): Promise<R> {\n this._debug(\"#_acquireLock\", \"begin\", acquireTimeout);\n\n try {\n if (this.lockAcquired) {\n const last = this.pendingInLock.length\n ? this.pendingInLock[this.pendingInLock.length - 1]\n : Promise.resolve();\n\n const result = (async () => {\n await last;\n return await fn();\n })();\n\n this.pendingInLock.push(\n (async () => {\n try {\n await result;\n } catch (e: any) {\n // we just care if it finished\n }\n })()\n );\n\n return result;\n }\n\n return await this.lock(\n `lock:${this.storageKey}`,\n acquireTimeout,\n async () => {\n this._debug(\n \"#_acquireLock\",\n \"lock acquired for storage key\",\n this.storageKey\n );\n\n try {\n this.lockAcquired = true;\n\n const result = fn();\n\n this.pendingInLock.push(\n (async () => {\n try {\n await result;\n } catch (e: any) {\n // we just care if it finished\n }\n })()\n );\n\n await result;\n\n // keep draining the queue until there's nothing to wait on\n while (this.pendingInLock.length) {\n const waitOn = [...this.pendingInLock];\n\n await Promise.all(waitOn);\n\n this.pendingInLock.splice(0, waitOn.length);\n }\n\n return await result;\n } finally {\n this._debug(\n \"#_acquireLock\",\n \"lock released for storage key\",\n this.storageKey\n );\n\n this.lockAcquired = false;\n }\n }\n );\n } finally {\n this._debug(\"#_acquireLock\", \"end\");\n }\n }\n}\n","/**\n * Extracts parameters encoded in the URL both in the query and fragment.\n */\nexport function parseParametersFromURL(href: string) {\n const result: { [parameter: string]: string } = {};\n\n const url = new URL(href);\n\n if (url.hash && url.hash[0] === \"#\") {\n try {\n const hashSearchParams = new URLSearchParams(url.hash.substring(1));\n hashSearchParams.forEach((value, key) => {\n result[key] = value;\n });\n } catch (e: any) {\n // hash is not a query string\n }\n }\n\n // search parameters take precedence over hash parameters\n url.searchParams.forEach((value, key) => {\n result[key] = value;\n });\n\n return result;\n}\n\nexport const clearURLParameters = (delete_params: string[] = []) => {\n const url = new URL(window.location.href);\n\n delete_params.forEach((param) => {\n url.searchParams.delete(param);\n });\n\n url.hash = \"\";\n\n window.history.replaceState(window.history.state, \"\", url.toString());\n};\n","import { window } from \"../globals\";\n\nfunction redirect(url: string) {\n getWindow().location = url as any;\n}\n\nfunction getDocument() {\n return getWindow().document;\n}\n\nfunction getWindow() {\n if (!window) throw new Error(\"No window in environment\");\n return window;\n}\n\nexport const windowHelpers = {\n redirect: redirect,\n getDocument: getDocument,\n getWindow: getWindow,\n};\n","import { getDomain, getTokenIssuer } from \"./utils\";\n\nimport {\n AuthFlowType,\n SupportedStorage,\n SignInWithOAuthConnection,\n OAuthResponse,\n Subscription,\n InitializeResult,\n User,\n CallRefreshTokenResult,\n} from \"./lib/types\";\n\nimport { decodeJWTPayload, verify as verifyIdToken } from \"./lib/jwt\";\nimport {\n FaableAuthClientConfig,\n AuthResponse,\n AuthChangeEvent,\n} from \"./lib/types\";\nimport { TokenEndpointResponse, Session, SignOut } from \"./lib/types\";\nimport {\n Deferred,\n RawAuthResponse,\n _sessionResponse,\n checkExpiresInTime,\n getCodeChallengeAndMethod,\n isBrowser,\n retryable,\n sleep,\n uuid,\n} from \"./lib/helpers\";\n\nimport { EXPIRY_MARGIN, STORAGE_KEY } from \"./lib/constants\";\nimport { localStorageAdapter } from \"./lib/local-storage\";\nimport {\n AuthError,\n AuthImplicitGrantRedirectError,\n AuthInvalidTokenResponseError,\n AuthPKCEGrantCodeExchangeError,\n AuthSessionMissingError,\n AuthUnknownError,\n isAuthApiError,\n isAuthError,\n isAuthRetryableFetchError,\n} from \"./lib/errors\";\nimport {\n getItemAsync,\n removeItemAsync,\n setItemAsync,\n} from \"./lib/storage_helpers\";\nimport FaableAuthApi from \"./FaableAuthApi\";\nimport { LockAcquireTimeoutError } from \"./lock/locks\";\nimport { _get, _post } from \"./lib/fetch\";\nimport { Base } from \"./Base\";\nimport { Lock } from \"./lock/Lock\";\nimport { document, window } from \"./lib/globals\";\nimport { clearURLParameters, parseParametersFromURL } from \"./lib/url_helpers\";\nimport { windowHelpers } from \"./lib/helpers/window\";\n\n/** Current session will be checked for refresh at this interval. */\nconst AUTO_REFRESH_TICK_DURATION = 30 * 1000;\n\n/**\n * A token refresh will be attempted this many ticks before the current session expires. */\nconst AUTO_REFRESH_TICK_THRESHOLD = 3;\n\nexport class FaableAuthClient extends Base {\n domainUrl: string;\n tokenIssuer: string;\n redirect_uri: string;\n scope?: string;\n sessionCheckExpiryDays: number;\n\n protected initializePromise: Promise<InitializeResult> | null = null;\n protected detectSessionInUrl = true;\n\n protected storageKey: string;\n\n protected clientId: string;\n protected storage: SupportedStorage;\n protected api: FaableAuthApi;\n\n protected autoRefreshToken: boolean;\n protected autoRefreshTicker: ReturnType<typeof setInterval> | null = null;\n protected visibilityChangedCallback: (() => Promise<any>) | null = null;\n\n protected refreshingDeferred: Deferred<CallRefreshTokenResult> | null = null;\n\n /**\n * Used to broadcast state change events to other tabs listening.\n */\n protected broadcastChannel: BroadcastChannel | null = null;\n protected stateChangeEmitters: Map<string, Subscription> = new Map();\n\n protected lock: Lock;\n\n constructor(config: FaableAuthClientConfig) {\n const debug = config?.debug || false;\n super({ debug });\n\n this.sessionCheckExpiryDays = 1;\n this.redirect_uri = config?.redirect_uri || \"\";\n if (!config?.domain) {\n throw new Error(\"Missing domain\");\n }\n this.domainUrl = getDomain(config.domain);\n\n this.tokenIssuer = getTokenIssuer(\"\", this.domainUrl);\n if (!config.clientId) {\n throw new Error(\"Missing clientId\");\n }\n this.clientId = config.clientId;\n\n this.api = new FaableAuthApi(this.domainUrl, { debug });\n\n // Storage key\n const key_prefix = config?.storageKey || STORAGE_KEY;\n this.storageKey = `${key_prefix}-${this.clientId}`;\n\n this.storage = config?.storage || localStorageAdapter;\n\n this.lock = new Lock({\n lock: config.lock,\n storageKey: this.storageKey,\n debug: config.debug,\n });\n\n if (\n isBrowser() &&\n globalThis.BroadcastChannel &&\n // this.persistSession &&\n this.storageKey\n ) {\n try {\n this.broadcastChannel = new globalThis.BroadcastChannel(\n this.storageKey\n );\n } catch (e: any) {\n console.error(\n \"Failed to create a new BroadcastChannel, multi-tab state changes will not be available\",\n e\n );\n }\n\n this.broadcastChannel?.addEventListener(\"message\", async (event) => {\n this._debug(\n \"received broadcast notification from other tab or client\",\n event\n );\n\n await this._notifyAllSubscribers(\n event.data.event,\n event.data.session,\n false\n ); // broadcast = false so we don't get an endless loop of messages\n });\n }\n\n this.autoRefreshToken = true;\n\n this.initialize();\n }\n\n /**\n * Initializes the client session either from the url or from storage.\n * This method is automatically called when instantiating the client, but should also be called\n * manually when checking for an error from an auth redirect (oauth, magiclink, password recovery, etc).\n */\n async initialize(): Promise<InitializeResult> {\n if (this.initializePromise) {\n return await this.initializePromise;\n }\n\n this.initializePromise = (async () => {\n return await this.lock._acquireLock(-1, async () => {\n return await this._initialize();\n });\n })();\n\n return await this.initializePromise;\n }\n\n /**\n * IMPORTANT:\n * 1. Never throw in this method, as it is called from the constructor\n * 2. Never return a session from this method as it would be cached over\n * the whole lifetime of the client\n */\n private async _initialize(): Promise<InitializeResult> {\n try {\n const flow = await this._detectFlowType();\n\n this._debug(\"#_initialize()\", \"begin\", \"flow_type\", flow);\n\n // if exists any flow, process the session\n if (flow) {\n const { data, error } = await this._getSessionFromURL(flow);\n if (error) {\n this._debug(\n \"#_initialize()\",\n \"error detecting session from URL\",\n error\n );\n\n // hacky workaround to keep the existing session if there's an error returned from identity linking\n // TODO: once error codes are ready, we should match against it instead of the message\n if (\n error?.message === \"Identity is already linked\" ||\n error?.message === \"Identity is already linked to another user\"\n ) {\n return { error };\n }\n\n // failed login attempt via url,\n // remove old session as in verifyOtp, signUp and signInWith*\n await this._removeSession();\n\n return { error };\n }\n\n const { session, redirectType } = data;\n\n this._debug(\n \"#_initialize()\",\n \"detected session in URL\",\n session,\n \"redirect type\",\n redirectType\n );\n\n await this._saveSession(session);\n\n setTimeout(async () => {\n if (redirectType === \"recovery\") {\n await this._notifyAllSubscribers(\"PASSWORD_RECOVERY\", session);\n } else {\n await this._notifyAllSubscribers(\"SIGNED_IN\", session);\n }\n }, 0);\n\n return { error: null };\n }\n // no login attempt via callback url try to recover session from storage\n await this._recoverAndRefresh();\n return { error: null };\n } catch (error) {\n if (isAuthError(error)) {\n return { error };\n }\n\n return {\n error: new AuthUnknownError(\n \"Unexpected error during initialization\",\n error\n ),\n };\n } finally {\n await this._handleVisibilityChange();\n this._debug(\"#_initialize()\", \"end\");\n }\n }\n\n /**\n * Gets the session data from a URL string\n */\n private async _getSessionFromURL(flow: AuthFlowType): Promise<\n | {\n data: { session: Session; redirectType: string | null };\n error: null;\n }\n | { data: { session: null; redirectType: null }; error: AuthError }\n > {\n try {\n const params = parseParametersFromURL(window.location.href);\n if (flow == \"pkce\") {\n if (!params.code) {\n throw new AuthPKCEGrantCodeExchangeError(\"No code detected.\");\n }\n\n const { data, error } = await this._exchangeCodeForSession(params.code);\n if (error) throw error;\n\n // Remove code from URL\n clearURLParameters([\"code\"]);\n\n return {\n data: { session: data.session, redirectType: null },\n error: null,\n };\n }\n\n if (params.error || params.error_description || params.error_code) {\n throw new AuthImplicitGrantRedirectError(\n params.error_description ||\n \"Error in URL with unspecified error_description\",\n {\n error: params.error || \"unspecified_error\",\n code: params.error_code || \"unspecified_code\",\n }\n );\n }\n\n const {\n provider_token,\n provider_refresh_token,\n access_token,\n refresh_token,\n expires_in,\n expires_at,\n token_type,\n } = params;\n\n if (!access_token || !expires_in || !refresh_token || !token_type) {\n throw new AuthImplicitGrantRedirectError(\"No session defined in URL\");\n }\n\n // Check time is valid\n const { expiresAt, expiresIn } = checkExpiresInTime({\n expires_in,\n expires_at,\n refreshTick: AUTO_REFRESH_TICK_DURATION,\n });\n\n const { data, error } = await this._getUser(access_token);\n\n if (error || !data.user) throw error;\n\n const session: Session = {\n provider_token,\n provider_refresh_token,\n access_token,\n expires_in: expiresIn,\n expires_at: expiresAt,\n refresh_token,\n token_type,\n user: data.user,\n };\n\n // Remove tokens from URL\n clearURLParameters([\n \"access_token\",\n \"expires_in\",\n \"refresh_token\",\n \"token_type\",\n \"scope\",\n ]);\n this._debug(\"#_getSessionFromURL()\", \"clearing window.location.hash\");\n\n return { data: { session, redirectType: params.type }, error: null };\n } catch (error) {\n this._debug(error);\n if (isAuthError(error)) {\n return { data: { session: null, redirectType: null }, error };\n }\n throw error;\n }\n }\n\n private async _exchangeCodeForSession(authCode: string): Promise<\n | {\n data: { session: Session; user: User; redirectType: string | null };\n error: null;\n }\n | {\n data: { session: null; user: null; redirectType: null };\n error: AuthError;\n }\n > {\n const storageItem = await getItemAsync(\n this.storage,\n `${this.storageKey}-code-verifier`\n );\n const [codeVerifier, redirectType] = ((storageItem ?? \"\") as string).split(\n \"/\"\n );\n\n const rawResponse = await _post<Partial<RawAuthResponse>>(\n `${this.domainUrl}/oauth/token`,\n {\n client_id: this.clientId,\n grant_type: \"authorization_code\",\n code: authCode,\n code_verifier: codeVerifier,\n }\n );\n\n const { data, error } = _sessionResponse(rawResponse);\n\n if (!data) {\n throw new Error(\"Missing data\");\n }\n\n await removeItemAsync(this.storage, `${this.storageKey}-code-verifier`);\n if (error) {\n return { data: { user: null, session: null, redirectType: null }, error };\n } else if (!data || !data.session || !data.user) {\n return {\n data: { user: null, session: null, redirectType: null },\n error: new AuthInvalidTokenResponseError(),\n };\n }\n let session = data.session as Session;\n if (session) {\n const { data: userdata, error } = await this._getUser(\n session.access_token\n );\n if (error || !userdata.user) {\n throw error;\n }\n\n session = {\n ...session,\n user: userdata.user,\n };\n data.session = session;\n\n await this._saveSession(session);\n await this._notifyAllSubscribers(\"SIGNED_IN\", session);\n }\n return {\n data: { ...data, redirectType: redirectType ?? null } as any,\n error,\n };\n }\n\n /**\n * Registers callbacks on the browser / platform, which in-turn run\n * algorithms when the browser window/tab are in foreground. On non-browser\n * platforms it assumes always foreground.\n */\n private async _handleVisibilityChange() {\n this._debug(\"#_handleVisibilityChange()\");\n\n if (!isBrowser() || !window?.addEventListener) {\n if (this.autoRefreshToken) {\n // in non-browser environments the refresh token ticker runs always\n this.startAutoRefresh();\n }\n\n return false;\n }\n\n try {\n this.visibilityChangedCallback = async () =>\n await this._onVisibilityChanged(false);\n\n window?.addEventListener(\n \"visibilitychange\",\n this.visibilityChangedCallback\n );\n\n // now immediately call the visbility changed callback to setup with the\n // current visbility state\n await this._onVisibilityChanged(true); // initial call\n } catch (error) {\n console.error(\"_handleVisibilityChange\", error);\n }\n }\n\n /**\n * Callback registered with `window.addEventListener('visibilitychange')`.\n */\n private async _onVisibilityChanged(calledFromInitialize: boolean) {\n const methodName = `#_onVisibilityChanged(${calledFromInitialize})`;\n this._debug(methodName, \"visibilityState\", document.visibilityState);\n\n if (document.visibilityState === \"visible\") {\n if (this.autoRefreshToken) {\n // in browser environments the refresh token ticker runs only on focused tabs\n // which prevents race conditions\n this._startAutoRefresh();\n }\n\n if (!calledFromInitialize) {\n // called when the visibility has changed, i.e. the browser\n // transitioned from hidden -> visible so we need to see if the session\n // should be recovered immediately... but to do that we need to acquire\n // the lock first asynchronously\n await this.initializePromise;\n\n await this.lock._acquireLock(-1, async () => {\n if (document.visibilityState !== \"visible\") {\n this._debug(\n methodName,\n \"acquired the lock to recover the session, but the browser visibilityState is no longer visible, aborting\"\n );\n\n // visibility has changed while waiting for the lock, abort\n return;\n }\n\n // recover the session\n await this._recoverAndRefresh();\n });\n }\n } else if (document.visibilityState === \"hidden\") {\n if (this.autoRefreshToken) {\n this._stopAutoRefresh();\n }\n }\n }\n\n /**\n * Recovers the session from LocalStorage and refreshes\n * Note: this method is async to accommodate for AsyncStorage e.g. in React native.\n */\n private async _recoverAndRefresh() {\n const debugName = \"#_recoverAndRefresh()\";\n this._debug(debugName, \"begin\");\n\n try {\n const currentSession = await getItemAsync(this.storage, this.storageKey);\n this._debug(debugName, \"session from storage\", currentSession);\n\n if (!this._isValidSession(currentSession)) {\n this._debug(debugName, \"session is not valid\");\n if (currentSession !== null) {\n await this._removeSession();\n }\n\n return;\n }\n\n const timeNow = Math.round(Date.now() / 1000);\n const expiresWithMargin =\n (currentSession.expires_at ?? Infinity) < timeNow + EXPIRY_MARGIN;\n\n this._debug(\n debugName,\n `session has${\n expiresWithMargin ? \"\" : \" not\"\n } expired with margin of ${EXPIRY_MARGIN}s`\n );\n\n if (expiresWithMargin) {\n if (this.autoRefreshToken && currentSession.refresh_token) {\n const { error } = await this._callRefreshToken(\n currentSession.refresh_token\n );\n\n if (error) {\n console.error(error);\n\n if (!isAuthRetryableFetchError(error)) {\n this._debug(\n debugName,\n \"refresh failed with a non-retryable error, removing the session\",\n error\n );\n await this._removeSession();\n }\n }\n }\n } else {\n // no need to persist currentSession again, as we just loaded it from\n // local storage; persisting it again may overwrite a value saved by\n // another client with access to the same local storage\n await this._notifyAllSubscribers(\"SIGNED_IN\", currentSession);\n }\n } catch (err) {\n this._debug(debugName, \"error\", err);\n\n console.error(err);\n return;\n } finally {\n this._debug(debugName, \"end\");\n }\n }\n\n /**\n * Removes any registered visibilitychange callback.\n *\n * {@see #startAutoRefresh}\n * {@see #stopAutoRefresh}\n */\n private _removeVisibilityChangedCallback() {\n this._debug(\"#_removeVisibilityChangedCallback()\");\n\n const callback = this.visibilityChangedCallback;\n this.visibilityChangedCallback = null;\n\n try {\n if (callback && isBrowser() && window?.removeEventListener) {\n window.removeEventListener(\"visibilitychange\", callback);\n }\n } catch (e) {\n console.error(\"removing visibilitychange callback failed\", e);\n }\n }\n\n /**\n * Starts an auto-refresh process in the background. The session is checked\n * every few seconds. Close to the time of expiration a process is started to\n * refresh the session. If refreshing fails it will be retried for as long as\n * necessary.\n *\n * If you set the {@link GoTrueClientOptions#autoRefreshToken} you don't need\n * to call this function, it will be called for you.\n *\n * On browsers the refresh process works only when the tab/window is in the\n * foreground to conserve resources as well as prevent race conditions and\n * flooding auth with requests. If you call this method any managed\n * visibility change callback will be removed and you must manage visibility\n * changes on your own.\n *\n * On non-browser platforms the refresh process works *continuously* in the\n * background, which may not be desirable. You should hook into your\n * platform's foreground indication mechanism and call these methods\n * appropriately to conserve resources.\n *\n * {@see #stopAutoRefresh}\n */\n async startAutoRefresh() {\n this._removeVisibilityChangedCallback();\n await this._startAutoRefresh();\n }\n\n /**\n * This is the private implementation of {@link #startAutoRefresh}. Use this\n * within the library.\n */\n private async _startAutoRefresh() {\n await this._stopAutoRefresh();\n\n this._debug(\"#_startAutoRefresh()\");\n\n const ticker = setInterval(\n () => this._autoRefreshTokenTick(),\n AUTO_REFRESH_TICK_DURATION\n );\n this.autoRefreshTicker = ticker;\n\n if (\n ticker &&\n typeof ticker === \"object\" &&\n typeof ticker.unref === \"function\"\n ) {\n // ticker is a NodeJS Timeout object that has an `unref` method\n // https://nodejs.org/api/timers.html#timeoutunref\n // When auto refresh is used in NodeJS (like for testing) the\n // `setInterval` is preventing the process from being marked as\n // finished and tests run endlessly. This can be prevented by calling\n // `unref()` on the returned object.\n ticker.unref();\n // @ts-ignore\n } else if (\n typeof (globalThis as any).Deno !== \"undefined\" &&\n typeof (globalThis as any).Deno.unrefTimer === \"function\"\n ) {\n // similar like for NodeJS, but with the Deno API\n // https://deno.land/api@latest?unstable&s=Deno.unrefTimer\n // @ts-ignore\n Deno.unrefTimer(ticker);\n }\n\n // run the tick immediately, but in the next pass of the event loop so that\n // #_initialize can be allowed to complete without recursively waiting on\n // itself\n setTimeout(async () => {\n await this.initializePromise;\n await this._autoRefreshTokenTick();\n }, 0);\n }\n\n /**\n * This is the private implementation of {@link #stopAutoRefresh}. Use this\n * within the library.\n */\n private async _stopAutoRefresh() {\n this._debug(\"#_stopAutoRefresh()\");\n\n const ticker = this.autoRefreshTicker;\n this.autoRefreshTicker = null;\n\n if (ticker) {\n clearInterval(ticker);\n }\n }\n\n /**\n * Runs the auto refresh token tick.\n */\n private async _autoRefreshTokenTick() {\n this._debug(\"#_autoRefreshTokenTick()\", \"begin\");\n\n try {\n await this.lock._acquireLock(0, async () => {\n try {\n const now = Date.now();\n\n try {\n return await this._useSession(async (result) => {\n const {\n data: { session },\n } = result;\n\n if (!session || !session.refresh_token || !session.expires_at) {\n this._debug(\"#_autoRefreshTokenTick()\", \"no session\");\n return;\n }\n\n // session will expire in this many ticks (or has already expired if <= 0)\n const expiresInTicks = Math.floor(\n (session.expires_at * 1000 - now) / AUTO_REFRESH_TICK_DURATION\n );\n\n this._debug(\n \"#_autoRefreshTokenTick()\",\n `access token expires in ${expiresInTicks} ticks, a tick lasts ${AUTO_REFRESH_TICK_DURATION}ms, refresh threshold is ${AUTO_REFRESH_TICK_THRESHOLD} ticks`\n );\n\n if (expiresInTicks <= AUTO_REFRESH_TICK_THRESHOLD) {\n await this._callRefreshToken(session.refresh_token);\n }\n });\n } catch (e: any) {\n console.error(\n \"Auto refresh tick failed with error. This is likely a transient error.\",\n e\n );\n }\n } finally {\n this._debug(\"#_autoRefreshTokenTick()\", \"end\");\n }\n });\n } catch (e: any) {\n if (e.isAcquireTimeout || e instanceof LockAcquireTimeoutError) {\n this._debug(\"auto refresh token tick lock not available\");\n } else {\n throw e;\n }\n }\n }\n\n // /**\n // * Checks if the current URL and backing storage contain parameters given by a PKCE flow\n // */\n // private async _isPKCEFlow(): Promise<boolean> {\n // const params = parseParametersFromURL(window.location.href);\n\n // const currentStorageContent = await getItemAsync(\n // this.storage,\n // `${this.storageKey}-code-verifier`\n // );\n\n // return !!(params.code && currentStorageContent);\n // }\n\n // /**\n // * Checks if the current URL contains parameters given by an implicit oauth grant flow (https://www.rfc-editor.org/rfc/rfc6749.html#section-4.2)\n // */\n // private _isImplicitGrantFlow(): boolean {\n // const params = parseParametersFromURL(window.location.href);\n\n // return !!(isBrowser() && (params.access_token || params.error_description));\n // }\n\n private async _detectFlowType(): Promise<AuthFlowType | null> {\n const params = parseParametersFromURL(window.location.href);\n\n const browser = isBrowser();\n\n // PKCE\n if (browser && params.code) {\n return \"pkce\";\n }\n\n // Implicit\n if (browser && (params.access_token || params.error_description)) {\n return \"implicit\";\n }\n return null;\n }\n\n private _scope() {\n return this.scope || \"openid profile email\";\n }\n\n private async _getUrlForConnection(\n url: string,\n params: {\n connection?: string;\n redirectTo?: string;\n scopes?: string;\n response_type?: \"code\" | \"token\";\n queryParams?: { [key: string]: string };\n skipBrowserRedirect?: boolean;\n }\n ) {\n let urlParams: Record<string, any> = params.queryParams || {};\n\n const authorize_params: Record<string, any> = {\n client_id: this.clientId,\n response_type: params.response_type,\n redirect_uri:\n params.redirectTo || this.redirect_uri || window.location.origin,\n scope: params.scopes || this._scope(),\n };\n\n const flowType = await this._detectFlowType();\n\n if (flowType === \"pkce\") {\n const [codeChallenge, codeChallengeMethod] =\n await getCodeChallengeAndMethod(this.storage, this.storageKey);\n\n urlParams = {\n ...urlParams,\n code_challenge: codeChallenge,\n code_challenge_method: codeChallengeMethod,\n };\n }\n\n // Set connection if specified\n if (params.connection) {\n authorize_params.connection = params.connection;\n }\n\n // Merge authorize params with urlParams\n return `${url}?${new URLSearchParams({\n ...urlParams,\n ...authorize_params,\n })}`;\n }\n\n async signInWithOauthConnection(\n credentials: SignInWithOAuthConnection\n ): Promise<OAuthResponse> {\n return await this._handleConnectionSignIn({\n connection: credentials.connection,\n redirectTo: credentials?.redirectTo,\n scopes: credentials?.scopes,\n queryParams: credentials.queryParams,\n skipBrowserRedirect: credentials.skipBrowserRedirect,\n });\n }\n\n async signInWithUsernamePassword(data: {\n username: string;\n password: string;\n redirect_uri?: string;\n }) {\n // Handle response and submit\n const handleCallback = async (formHtml: string) => {\n console.log(\"rawres\");\n console.log(rawAuthResponse);\n const div = document.createElement(\"div\");\n div.innerHTML = formHtml;\n const form = document.body.appendChild(div)\n .children[0] as HTMLFormElement;\n\n form.submit();\n };\n\n const rawAuthResponse = await _post<string>(\n `${this.domainUrl}/usernamepassword/login`,\n {\n username: data.username,\n password: data.password,\n redirect_uri:\n data.redirect_uri || this.redirect_uri || window.location.origin,\n client_id: this.clientId,\n },\n { raw: true }\n );\n\n if (!rawAuthResponse.data || rawAuthResponse.error) {\n throw new Error(\n rawAuthResponse.error || \"Error in username password login\"\n );\n }\n handleCallback(rawAuthResponse.data);\n }\n\n async changePassword(params: { email: string }) {\n if (!params?.email) {\n throw new Error(\"email is required\");\n }\n\n const { data, error } = await _post(\n `${this.domainUrl}/dbconnections/change_password`,\n {\n email: params.email,\n }\n );\n return data;\n }\n\n buildAuthorizeUrl(\n options: {\n redirectTo?: string;\n scope?: string;\n response_type?: string;\n audience?: string;\n } = {}\n ): string {\n const params = {\n client_id: this.clientId,\n redirect_uri:\n options.redirectTo || this.redirect_uri || window.location.origin,\n response_type: options.response_type || isBrowser() ? \"code\" : \"token\",\n audience: options.audience,\n scope: options.scope,\n };\n\n // Create a new object with only non-empty properties\n const y = Object.fromEntries(\n Object.entries(params).filter(([key, value]) => !!value)\n ) as Record<string, string>;\n\n return `${this.domainUrl}/authorize?${new URLSearchParams(y).toString()}`;\n }\n\n authorize(options: {\n redirectTo?: string;\n scope?: string;\n response_type: string;\n audience?: string;\n }) {\n const url = this.buildAuthorizeUrl(options);\n windowHelpers.redirect(url);\n }\n\n private async _handleConnectionSignIn(options: {\n connection?: string;\n redirectTo?: string;\n scopes?: string;\n queryParams?: { [key: string]: string };\n skipBrowserRedirect?: boolean;\n }) {\n const url: string = await this._getUrlForConnection(\n `${this.domainUrl}/authorize`,\n {\n response_type: isBrowser() ? \"code\" : \"token\",\n connection: options.connection,\n redirectTo: options.redirectTo,\n scopes: options.scopes,\n queryParams: options.queryParams,\n }\n );\n\n this._debug(\"#_handleProviderSignIn()\", \"options\", options, \"url\", url);\n\n // try to open on the browser\n if (isBrowser() && !options.skipBrowserRedirect) {\n window.location.assign(url);\n }\n\n return { data: { url }, error: null };\n }\n\n /**\n * Sets the session data from the current session. If the current session is expired, setSession will take care of refreshing it to obtain a new session.\n * If the refresh token or access token in the current session is invalid, an error will be thrown.\n * @param currentSession The current session that minimally contains an access token and refresh token.\n */\n async setSession(currentSession: {\n access_token: string;\n refresh_token: string;\n }): Promise<AuthResponse> {\n await this.initializePromise;\n\n return await this.lock._acquireLock(-1, async () => {\n return await this._setSession(currentSession);\n });\n }\n\n /**\n * Returns the session, refreshing it if necessary.\n *\n * The session returned can be null if the session is not detected which can happen in the event a user is not signed-in or has logged out.\n *\n * **IMPORTANT:** This method loads values directly from the storage attached\n * to the client. If that storage is based on request cookies for example,\n * the values in it may not be authentic and therefore it's strongly advised\n * against using this method and its results in such circumstances. A warning\n * will be emitted if this is detected. Use {@link #getUser()} instead.\n */\n async getSession() {\n await this.initializePromise;\n\n const result = await this.lock._acquireLock(-1, async () => {\n return this._useSession(async (result) => {\n return result;\n });\n });\n\n return result;\n }\n\n /**\n * Use instead of {@link #getSession} inside the library. It is\n * semantically usually what you want, as getting a session involves some\n * processing afterwards that requires only one client operating on the\n * session at once across multiple tabs or processes.\n */\n private async _useSession<R>(\n fn: (\n result:\n | {\n data: {\n session: Session;\n };\n error: null;\n }\n | {\n data: {\n session: null;\n };\n error: AuthError;\n }\n | {\n data: {\n session: null;\n };\n error: null;\n }\n ) => Promise<R>\n ): Promise<R> {\n this._debug(\"#_useSession\", \"begin\");\n\n try {\n // the use of __loadSession here is the only correct use of the function!\n const result = await this.__loadSession();\n\n return await fn(result);\n } finally {\n this._debug(\"#_useSession\", \"end\");\n }\n }\n\n /**\n * NEVER USE DIRECTLY!\n *\n * Always use {@link #_useSession}.\n */\n private async __loadSession(): Promise<\n | {\n data: {\n session: Session;\n };\n error: null;\n }\n | {\n data: {\n session: null;\n };\n error: AuthError;\n }\n | {\n data: {\n session: null;\n };\n error: null;\n }\n > {\n this._debug(\"#__loadSession()\", \"begin\");\n\n if (!this.lock.lockAcquired) {\n this._debug(\n \"#__loadSession()\",\n \"used outside of an acquired lock!\",\n new Error().stack\n );\n }\n\n try {\n let currentSession: Session | null = null;\n\n const maybeSession = await getItemAsync(this.storage, this.storageKey);\n\n this._debug(\"#getSession()\", \"session from storage\", maybeSession);\n\n if (maybeSession !== null) {\n if (this._isValidSession(maybeSession)) {\n currentSession = maybeSession;\n } else {\n this._debug(\"#getSession()\", \"session from storage is not valid\");\n await this._removeSession();\n }\n }\n\n if (!currentSession) {\n return { data: { session: null }, error: null };\n }\n\n const hasExpired = currentSession.expires_at\n ? currentSession.expires_at <= Date.now() / 1000\n : false;\n\n this._debug(\n \"#__loadSession()\",\n `session has${hasExpired ? \"\" : \" not\"} expired`,\n \"expires_at\",\n currentSession.expires_at\n );\n\n if (!hasExpired) {\n if (this.storage.isServer) {\n const proxySession: Session = new Proxy(currentSession, {\n get(target: any, prop: string, receiver: any) {\n if (prop === \"user\") {\n // only show warning when the user object is being accessed from the server\n console.warn(\n \"Using the user object as returned from supabase.auth.getSession() or from some supabase.auth.onAuthStateChange() events could be insecure! This value comes directly from the storage medium (usually cookies on the server) and many not be authentic. Use supabase.auth.getUser() instead which authenticates the data by contacting the Supabase Auth server.\"\n );\n }\n return Reflect.get(target, prop, receiver);\n },\n });\n currentSession = proxySession;\n }\n\n return { data: { session: currentSession }, error: null };\n }\n\n const { session, error } = await this._callRefreshToken(\n currentSession.refresh_token\n );\n if (error) {\n return { data: { session: null }, error };\n }\n\n return { data: { session }, error: null };\n } finally {\n this._debug(\"#__loadSession()\", \"end\");\n }\n }\n\n private async _removeSession() {\n this._debug(\"#_removeSession()\");\n\n await removeItemAsync(this.storage, this.storageKey);\n }\n\n private _isValidSession(maybeSession: unknown): maybeSession is Session {\n const isValidSession =\n typeof maybeSession === \"object\" &&\n maybeSession !== null &&\n \"access_token\" in maybeSession &&\n \"refresh_token\" in maybeSession &&\n \"expires_at\" in maybeSession;\n\n return isValidSession;\n }\n\n protected async _setSession(currentSession: {\n access_token: string;\n refresh_token: string;\n }): Promise<AuthResponse> {\n try {\n if (!currentSession.access_token || !currentSession.refresh_token) {\n throw new AuthSessionMissingError();\n }\n\n const timeNow = Date.now() / 1000;\n let expiresAt = timeNow;\n let hasExpired = true;\n let session: Session | null = null;\n const payload = decodeJWTPayload(currentSession.access_token);\n if (payload.exp) {\n expiresAt = payload.exp;\n hasExpired = expiresAt <= timeNow;\n }\n\n if (hasExpired) {\n const { session: refreshedSession, error } =\n await this._callRefreshToken(currentSession.refresh_token);\n if (error) {\n return { data: { user: null, session: null }, error: error };\n }\n\n if (!refreshedSession) {\n return { data: { user: null, session: null }, error: null };\n }\n session = refreshedSession;\n } else {\n const { data, error } = await this._getUser(\n currentSession.access_token\n );\n if (error || !data.user) {\n throw error;\n }\n session = {\n access_token: currentSession.access_token,\n refresh_token: currentSession.refresh_token,\n user: data.user,\n token_type: \"bearer\",\n expires_in: expiresAt - timeNow,\n expires_at: expiresAt,\n };\n await this._saveSession(session);\n await this._notifyAllSubscribers(\"SIGNED_IN\", session);\n }\n\n return { data: { user: session.user, session }, error: null };\n } catch (error) {\n if (isAuthError(error)) {\n return { data: { session: null, user: null }, error };\n }\n\n throw error;\n }\n }\n\n /**\n * set currentSession and currentUser\n * process to _startAutoRefreshToken if possible\n */\n private async _saveSession(session: Session) {\n this._debug(\"#_saveSession()\", session);\n\n await setItemAsync(this.storage, this.storageKey, session);\n }\n\n private async _getUser(access_token: string) {\n if (!access_token) throw new Error(\"Cannot fetch user without token\");\n this._debug(\"#_getUser() begin\");\n const res = await _get<User>(`${this.domainUrl}/me`, {\n token: access_token,\n });\n this._debug(\"#_getUser() end\");\n return { data: { user: res.data }, error: res.error };\n }\n\n private async _callRefreshToken(refreshToken: string) {\n if (!refreshToken) {\n throw new AuthSessionMissingError();\n }\n\n // refreshing is already in progress\n if (this.refreshingDeferred) {\n return this.refreshingDeferred.promise;\n }\n\n const debugName = `#_callRefreshToken(${refreshToken.substring(0, 5)}...)`;\n\n this._debug(debugName, \"begin\");\n\n try {\n this.refreshingDeferred = new Deferred<CallRefreshTokenResult>();\n\n const { data, error } = await this._refreshAccessToken(refreshToken);\n if (error) throw error;\n if (!data.session) throw new AuthSessionMissingError();\n\n await this._saveSession(data.session);\n await this._notifyAllSubscribers(\"TOKEN_REFRESHED\", data.session);\n\n const result = { session: data.session, error: null };\n\n this.refreshingDeferred.resolve(result);\n\n return result;\n } catch (error) {\n this._debug(debugName, \"error\", error);\n\n if (isAuthError(error)) {\n const result = { session: null, error };\n\n if (!isAuthRetryableFetchError(error)) {\n await this._removeSession();\n await this._notifyAllSubscribers(\"SIGNED_OUT\", null);\n }\n\n this.refreshingDeferred?.resolve(result);\n\n return result;\n }\n\n this.refreshingDeferred?.reject(error);\n throw error;\n } finally {\n this.refreshingDeferred = null;\n this._debug(debugName, \"end\");\n }\n }\n\n /**\n * Generates a new JWT.\n * @param refreshToken A valid refresh token that was returned on login.\n */\n private async _refreshAccessToken(\n refreshToken: string\n ): Promise<AuthResponse> {\n const debugName = `#_refreshAccessToken(${refreshToken.substring(\n 0,\n 5\n )}...)`;\n this._debug(debugName, \"begin\");\n\n try {\n const startedAt = Date.now();\n\n // will attempt to refresh the token with exponential backoff\n\n return await retryable(\n async (attempt) => {\n if (attempt > 0) {\n await sleep(200 * Math.pow(2, attempt - 1)); // 200, 400, 800, ...\n }\n\n this._debug(debugName, \"refreshing attempt\", attempt);\n\n // return await _post(`${this.url}/token?grant_type=refresh_token`, {\n // body: { refresh_token: refreshToken },\n // headers: this.headers,\n // xform: _sessionResponse,\n // });\n const rawResponse = await _post<Partial<RawAuthResponse>>(\n `${this.domainUrl}/oauth/token`,\n {\n client_id: this.clientId,\n grant_type: \"refresh_token\",\n refresh_token: refreshToken,\n }\n );\n const session_res = _sessionResponse(rawResponse);\n\n if (!session_res.data.session?.access_token) {\n throw new Error(\"Bad user\");\n }\n const user_res = await this._getUser(\n session_res.data.session?.access_token\n );\n\n const { data: user, error } = user_res;\n if (error) {\n throw new Error(\"Error requesting user\");\n }\n if (!user) {\n throw new Error(\"No user found\");\n }\n\n const x = {\n data: {\n session: {\n ...session_res.data.session,\n user,\n },\n user,\n },\n error: null,\n };\n // this._debug(x);\n return x;\n },\n (attempt, error) => {\n const nextBackOffInterval = 200 * Math.pow(2, attempt);\n return (\n error &&\n isAuthRetryableFetchError(error) &&\n // retryable only if the request can be sent before the backoff overflows the tick duration\n Date.now() + nextBackOffInterval - startedAt <\n AUTO_REFRESH_TICK_DURATION\n );\n }\n );\n } catch (error) {\n this._debug(debugName, \"error\", error);\n\n if (isAuthError(error)) {\n return { data: { session: null, user: null }, error };\n }\n throw error;\n } finally {\n this._debug(debugName, \"end\");\n }\n }\n\n private async _notifyAllSubscribers(\n event: AuthChangeEvent,\n session: Session | null,\n broadcast = true\n ) {\n const debugName = `#_notifyAllSubscribers(${event})`;\n this._debug(debugName, \"begin\", session, `broadcast = ${broadcast}`);\n\n try {\n if (this.broadcastChannel && broadcast) {\n this.broadcastChannel.postMessage({ event, session });\n }\n\n const errors: any[] = [];\n const promises = Array.from(this.stateChangeEmitters.values()).map(\n async (x) => {\n try {\n await x.callback(event, session);\n } catch (e: any) {\n errors.push(e);\n }\n }\n );\n\n await Promise.all(promises);\n\n if (errors.length > 0) {\n for (let i = 0; i < errors.length; i += 1) {\n console.error(errors[i]);\n }\n\n throw errors[0];\n }\n } finally {\n this._debug(debugName, \"end\");\n }\n }\n\n /**\n * Inside a browser context, `signOut()` will remove the logged in user from the browser session and log them out - removing all items from localstorage and then trigger a `\"SIGNED_OUT\"` event.\n *\n * For server-side management, you can revoke all refresh tokens for a user by passing a user's JWT through to `auth.api.signOut(JWT: string)`.\n * There is no way to revoke a user's access token jwt until it expires. It is recommended to set a shorter expiry on the jwt for this reason.\n *\n * If using `others` scope, no `SIGNED_OUT` event is fired!\n */\n async signOut(\n options: SignOut = { scope: \"global\" }\n ): Promise<{ error: AuthError | null }> {\n await this.initializePromise;\n\n return await this.lock._acquireLock(-1, async () => {\n return await this._signOut(options);\n });\n }\n\n protected async _signOut(\n { scope, returnTo }: SignOut & { returnTo?: string } = { scope: \"global\" }\n ): Promise<{ error: AuthError | null }> {\n return await this._useSession(async (result) => {\n const { data, error: sessionError } = result;\n if (sessionError) {\n return { error: sessionError };\n }\n const accessToken = data.session?.access_token;\n if (accessToken) {\n const { error } = await this.api.signOut({\n client_id: this.clientId,\n });\n if (error) {\n // ignore 404s since user might not exist anymore\n // ignore 401s since an invalid or expired JWT should sign out the current session\n if (\n !(\n isAuthApiError(error) &&\n (error.status === 404 || error.status === 401)\n )\n ) {\n return { error };\n }\n }\n }\n if (scope !== \"others\") {\n await this._removeSession();\n await removeItemAsync(this.storage, `${this.storageKey}-code-verifier`);\n await this._notifyAllSubscribers(\"SIGNED_OUT\", null);\n }\n return { error: null };\n });\n }\n\n /**\n * Receive a notification every time an auth event happens.\n * @param callback A callback function to be invoked when an auth event happens.\n */\n onAuthStateChange(\n callback: (\n event: AuthChangeEvent,\n session: Session | null\n ) => void | Promise<void>\n ): {\n data: { subscription: Subscription };\n } {\n const id: string = uuid();\n const subscription: Subscription = {\n id,\n callback,\n unsubscribe: () => {\n this._debug(\n \"#unsubscribe()\",\n \"state change callback with id removed\",\n id\n );\n\n this.stateChangeEmitters.delete(id);\n },\n };\n\n this._debug(\"#onAuthStateChange()\", \"registered callback with id\", id);\n\n this.stateChangeEmitters.set(id, subscription);\n (async () => {\n await this.initializePromise;\n\n await this.lock._acquireLock(-1, async () => {\n this._emitInitialSession(id);\n });\n })();\n\n return { data: { subscription } };\n }\n\n private async _emitInitialSession(id: string): Promise<void> {\n return await this._useSession(async (result) => {\n try {\n const {\n data: { session },\n error,\n } = result;\n if (error) throw error;\n\n await this.stateChangeEmitters\n .get(id)\n ?.callback(\"INITIAL_SESSION\", session);\n this._debug(\"INITIAL_SESSION\", \"callback id\", id, \"session\", session);\n } catch (err) {\n await this.stateChangeEmitters\n .get(id)\n ?.callback(\"INITIAL_SESSION\", null);\n this._debug(\"INITIAL_SESSION\", \"callback id\", id, \"error\", err);\n console.error(err);\n }\n });\n }\n\n /**\n * Returns a new session, regardless of expiry status.\n * Takes in an optional current session. If not passed in, then refreshSession() will attempt to retrieve it from getSession().\n * If the current session's refresh token is invalid, an error will be thrown.\n * @param currentSession The current session. If passed in, it must contain a refresh token.\n */\n async refreshSession(currentSession?: {\n refresh_token: string;\n }): Promise<AuthResponse> {\n await this.initializePromise;\n\n return await this.lock._acquireLock(-1, async () => {\n return await this._refreshSession(currentSession);\n });\n }\n\n protected async _refreshSession(currentSession?: {\n refresh_token: string;\n }): Promise<AuthResponse> {\n try {\n return await this._useSession(async (result) => {\n if (!currentSession) {\n const { data, error } = result;\n if (error) {\n throw error;\n }\n\n currentSession = data.session ?? undefined;\n }\n\n if (!currentSession?.refresh_token) {\n throw new AuthSessionMissingError();\n }\n\n const { session, error } = await this._callRefreshToken(\n currentSession.refresh_token\n );\n if (error) {\n return { data: { user: null, session: null }, error: error };\n }\n\n if (!session) {\n return { data: { user: null, session: null }, error: null };\n }\n\n return { data: { user: (session as any).user, session }, error: null };\n });\n } catch (error) {\n if (isAuthError(error)) {\n return { data: { user: null, session: null }, error };\n }\n\n throw error;\n }\n }\n}\n","import { AuthError } from \"./errors\";\nimport { LockFunc } from \"../lock/locks\";\nimport { BaseLogOptions } from \"../BaseLog\";\n\n/**\n * @ignore\n */\nexport interface AuthenticationResult {\n state: string;\n code?: string;\n error?: string;\n error_description?: string;\n}\n\nexport class User {\n name?: string;\n profile?: string;\n picture?: string;\n email?: string;\n website?: string;\n birthdate?: string;\n locale?: string;\n sub?: string;\n [key: string]: any;\n}\n\n/**\n * The state of the application before the user was redirected to the login page.\n */\nexport type AppState = {\n returnTo?: string;\n [key: string]: any; // eslint-disable-line @typescript-eslint/no-explicit-any\n};\n\nexport interface AuthorizationParams {\n /**\n * - `'page'`: displays the UI with a full page view\n * - `'popup'`: displays the UI with a popup window\n * - `'touch'`: displays the UI in a way that leverages a touch interface\n * - `'wap'`: displays the UI with a \"feature phone\" type interface\n */\n display?: \"page\" | \"popup\" | \"touch\" | \"wap\";\n\n /**\n * - `'none'`: do not prompt user for login or consent on reauthentication\n * - `'login'`: prompt user for reauthentication\n * - `'consent'`: prompt user for consent before processing request\n * - `'select_account'`: prompt user to select an account\n */\n prompt?: \"none\" | \"login\" | \"consent\" | \"select_account\";\n\n /**\n * Maximum allowable elapsed time (in seconds) since authentication.\n * If the last time the user authenticated is greater than this value,\n * the user must be reauthenticated.\n */\n max_age?: string | number;\n\n /**\n * The space-separated list of language tags, ordered by preference.\n * For example: `'fr-CA fr en'`.\n */\n ui_locales?: string;\n\n /**\n * Previously issued ID Token.\n */\n id_token_hint?: string;\n\n /**\n * Provides a hint to Auth0 as to what flow should be displayed.\n * The default behavior is to show a login page but you can override\n * this by passing 'signup' to show the signup page instead.\n *\n * This only affects the New Universal Login Experience.\n */\n screen_hint?: \"signup\" | \"login\" | string;\n\n /**\n * The user's email address or other identifier. When your app knows\n * which user is trying to authenticate, you can provide this parameter\n * to pre-fill the email box or select the right session for sign-in.\n *\n * This currently only affects the classic Lock experience.\n */\n login_hint?: string;\n\n acr_values?: string;\n\n /**\n * The default scope to be used on authentication requests.\n *\n * This defaults to `profile email` if not set. If you are setting extra scopes and require\n * `profile` and `email` to be included then you must include them in the provided scope.\n *\n * Note: The `openid` scope is **always applied** regardless of this setting.\n */\n scope?: string;\n\n /**\n * The default audience to be used for requesting API access.\n */\n audience?: string;\n\n /**\n * The name of the connection configured for your application.\n * If null, it will redirect to the Auth0 Login Page and show\n * the Login Widget.\n */\n connection?: string;\n\n /**\n * The Id of an organization to log in to.\n *\n * This will specify an `organization` parameter in your user's login request and will add a step to validate\n * the `org_id` claim in your user's ID Token.\n */\n organization?: string;\n\n /**\n * The Id of an invitation to accept. This is available from the user invitation URL that is given when participating in a user invitation flow.\n */\n invitation?: string;\n\n /**\n * The default URL where Auth0 will redirect your browser to with\n * the authentication result. It must be whitelisted in\n * the \"Allowed Callback URLs\" field in your Auth0 Application's\n * settings. If not provided here, it should be provided in the other\n * methods that provide authentication.\n */\n redirect_uri?: string;\n\n /**\n * If you need to send custom parameters to the Authorization Server,\n * make sure to use the original parameter name.\n */\n [key: string]: any;\n}\n\ninterface BaseLoginOptions {\n /**\n * URL parameters that will be sent back to the Authorization Server. This can be known parameters\n * defined by Auth0 or custom parameters that you define.\n */\n authorizationParams?: AuthorizationParams;\n}\n\nexport interface RedirectLoginOptions<TAppState = any>\n extends BaseLoginOptions {\n /**\n * Used to store state before doing the redirect\n */\n appState?: TAppState;\n}\n\nexport interface IdToken {\n __raw: string;\n name?: string;\n given_name?: string;\n family_name?: string;\n middle_name?: string;\n nickname?: string;\n preferred_username?: string;\n profile?: string;\n picture?: string;\n website?: string;\n email?: string;\n email_verified?: boolean;\n gender?: string;\n birthdate?: string;\n zoneinfo?: string;\n locale?: string;\n phone_number?: string;\n phone_number_verified?: boolean;\n address?: string;\n updated_at?: string;\n iss?: string;\n aud?: string;\n exp?: number;\n nbf?: number;\n iat?: number;\n jti?: string;\n azp?: string;\n nonce?: string;\n auth_time?: string;\n at_hash?: string;\n c_hash?: string;\n acr?: string;\n amr?: string;\n sub_jwk?: string;\n cnf?: string;\n sid?: string;\n org_id?: string;\n [key: string]: any;\n}\n\nexport interface GetTokenSilentlyOptions {\n /**\n * When `off`, ignores the cache and always sends a\n * request to Auth0.\n * When `cache-only`, only reads from the cache and never sends a request to Auth0.\n * Defaults to `on`, where it both reads from the cache and sends a request to Auth0 as needed.\n */\n cacheMode?: \"on\" | \"off\" | \"cache-only\";\n\n /**\n * Parameters that will be sent back to Auth0 as part of a request.\n */\n authorizationParams?: {\n /**\n * There's no actual redirect when getting a token silently,\n * but, according to the spec, a `redirect_uri` param is required.\n * Auth0 uses this parameter to validate that the current `origin`\n * matches the `redirect_uri` `origin` when sending the response.\n * It must be whitelisted in the \"Allowed Web Origins\" in your\n * Auth0 Application's settings.\n */\n redirect_uri?: string;\n\n /**\n * The scope that was used in the authentication request\n */\n scope?: string;\n\n /**\n * The audience that was used in the authentication request\n */\n audience?: string;\n\n /**\n * If you need to send custom parameters to the Authorization Server,\n * make sure to use the original parameter name.\n */\n [key: string]: any;\n };\n\n /** A maximum number of seconds to wait before declaring the background /authorize call as failed for timeout\n * Defaults to 60s.\n */\n timeoutInSeconds?: number;\n\n /**\n * If true, the full response from the /oauth/token endpoint (or the cache, if the cache was used) is returned\n * (minus `refresh_token` if one was issued). Otherwise, just the access token is returned.\n *\n * The default is `false`.\n */\n detailedResponse?: boolean;\n}\n\nexport type GetTokenSilentlyVerboseResponse = Omit<\n TokenEndpointResponse,\n \"refresh_token\"\n>;\n\nexport type TokenEndpointResponse = {\n id_token: string;\n access_token: string;\n refresh_token?: string;\n expires_in: number;\n scope?: string;\n};\n\nexport type FaableAuthClientConfig = {\n domain: string;\n clientId: string;\n\n // Optional\n scope?: string;\n audience?: string;\n redirect_uri?: string;\n authorizationParams?: AuthorizationParams;\n cookieDomain?: string;\n useRefreshTokens?: boolean;\n /* If set to 'pkce' PKCE flow. Defaults to the 'implicit' flow otherwise */\n flowType?: AuthFlowType;\n storage?: SupportedStorage;\n /* Optional key name used for storing tokens in local storage. */\n storageKey?: string;\n\n /**\n * Provide your own locking mechanism based on the environment. By default no locking is done at this time.\n *\n * @experimental\n */\n lock?: LockFunc;\n} & BaseLogOptions;\n\ntype AnyFunction = (...args: any[]) => any;\ntype MaybePromisify<T> = T | Promise<T>;\ntype PromisifyMethods<T> = {\n [K in keyof T]: T[K] extends AnyFunction\n ? (...args: Parameters<T[K]>) => MaybePromisify<ReturnType<T[K]>>\n : T[K];\n};\n\nexport type SupportedStorage = PromisifyMethods<\n Pick<Storage, \"getItem\" | \"setItem\" | \"removeItem\">\n> & {\n /**\n * If set to `true` signals to the library that the storage medium is used\n * on a server and the values may not be authentic, such as reading from\n * request cookies. Implementations should not set this to true if the client\n * is used on a server that reads storage information from authenticated\n * sources, such as a secure database or file.\n */\n isServer?: boolean;\n};\n\nexport type Provider = \"google\" | \"github\";\n\nexport type AuthFlowType = \"implicit\" | \"pkce\";\n\nexport type SignInWithOAuthConnection = {\n /** Default connection is used if not setted. */\n connection?: string;\n /** A URL to send the user to after they are confirmed. */\n redirectTo?: string;\n /** A space-separated list of scopes granted to the OAuth application. */\n scopes?: string;\n /** An object of query params */\n queryParams?: { [key: string]: string };\n /** If set to true does not immediately redirect the current browser context to visit the OAuth authorization page for the provider. */\n skipBrowserRedirect?: boolean;\n};\n\nexport type OAuthResponse =\n | {\n data: {\n url: string;\n };\n error: null;\n }\n | {\n data: {\n url: null;\n };\n error: AuthError;\n };\n\nexport interface Session {\n /**\n * The oauth provider token. If present, this can be used to make external API requests to the oauth provider used.\n */\n provider_token?: string | null;\n /**\n * The oauth provider refresh token. If present, this can be used to refresh the provider_token via the oauth provider's API.\n * Not all oauth providers return a provider refresh token. If the provider_refresh_token is missing, please refer to the oauth provider's documentation for information on how to obtain the provider refresh token.\n */\n provider_refresh_token?: string | null;\n /**\n * The access token jwt. It is recommended to set the JWT_EXPIRY to a shorter expiry value.\n */\n access_token: string;\n /**\n * A one-time used refresh token that never expires.\n */\n refresh_token: string;\n /**\n * The number of seconds until the token expires (since it was issued). Returned when a login is confirmed.\n */\n expires_in: number;\n /**\n * A timestamp of when the token will expire. Returned when a login is confirmed.\n */\n expires_at?: number;\n token_type: string;\n user: User;\n}\n\nexport type AuthResponse =\n | {\n data: {\n user: User | null;\n session: Session | null;\n };\n error: null;\n }\n | {\n data: {\n user: null;\n session: null;\n };\n error: AuthError;\n };\n\nexport type AuthChangeEventMFA = \"MFA_CHALLENGE_VERIFIED\";\n\nexport type AuthChangeEvent =\n | \"INITIAL_SESSION\"\n | \"PASSWORD_RECOVERY\"\n | \"SIGNED_IN\"\n | \"SIGNED_OUT\"\n | \"TOKEN_REFRESHED\"\n | \"USER_UPDATED\"\n | AuthChangeEventMFA;\n\nexport interface Subscription {\n /**\n * The subscriber UUID. This will be set by the client.\n */\n id: string;\n /**\n * The function to call every time there is an event. eg: (eventName) => {}\n */\n callback: (event: AuthChangeEvent, session: Session | null) => void;\n /**\n * Call this to remove the listener.\n */\n unsubscribe: () => void;\n}\n\nexport type SignOut = {\n /**\n * Determines which sessions should be\n * logged out. Global means all\n * sessions by this account. Local\n * means only this session. Others\n * means all other sessions except the\n * current one. When using others,\n * there is no sign-out event fired on\n * the current session!\n */\n scope?: \"global\" | \"local\" | \"others\";\n};\n\nexport type InitializeResult = { error: AuthError | null };\n\nexport type UserResponse =\n | {\n data: {\n user: User;\n };\n error: null;\n }\n | {\n data: {\n user: null;\n };\n error: AuthError;\n };\n\nexport type CallRefreshTokenResult =\n | {\n session: Session;\n error: null;\n }\n | {\n session: null;\n error: AuthError;\n };\n","import { FaableAuthClient } from \"./FaableAuthClient\";\nimport { FaableAuthClientConfig } from \"./lib/types\";\n\nexport const createClient = (config: FaableAuthClientConfig) => {\n return new FaableAuthClient(config);\n};\n"],"names":["extendStatics","d","b","Object","setPrototypeOf","__proto__","Array","p","prototype","hasOwnProperty","call","__extends","TypeError","String","__","this","constructor","create","__assign","assign","t","s","i","n","arguments","length","apply","__awaiter","thisArg","_arguments","P","generator","Promise","resolve","reject","fulfilled","value","step","next","e","rejected","result","done","then","__generator","body","f","y","_","label","sent","trys","ops","g","Iterator","verb","Symbol","iterator","v","op","pop","push","__spreadArray","to","from","pack","ar","l","slice","concat","SuppressedError","setItemAsync","storage","key","data","setItem","JSON","stringify","_a","getItemAsync","getItem","parse","_b","removeItemAsync","removeItem","dec2hex","dec","toString","substr","sha256","randomString","encoder","TextEncoder","encodedData","encode","crypto","subtle","digest","hash","bytes","Uint8Array","map","c","fromCharCode","join","generatePKCEChallenge","verifier","console","warn","hashed","str","btoa","replace","getCodeChallengeAndMethod","storage_1","storageKey_1","storageKey","isPasswordRecovery","codeVerifier","array","Uint32Array","charSet","charAt","Math","floor","random","getRandomValues","generatePKCEVerifier","storedCodeVerifier","codeChallenge","isBrowser","document","localStorageWriteTests","tested","writable","supportsLocalStorage","globalThis","localStorage","randomKey","_sessionResponse","expiresIn","session","Error","access_token","refresh_token","expires_in","hasSession","expires_at","round","Date","now","user","error","Deferred","_this","promise","promiseConstructor","res","rej","retryable","fn","isRetryable","accept","attempt","Infinity","e_1","sleep","time","setTimeout","decodeJWTPayload","token","parts","split","test","base64Url","chr1","chr2","chr3","enc2","enc3","enc4","base64","indexOf","decodeBase64URL","localStorageAdapter","AuthError","_super","message","status","code","__isAuthError","name","CustomAuthError","AuthSessionMissingError","undefined","isAuthError","AuthApiError","AuthImplicitGrantRedirectError","details","toJSON","AuthPKCEGrantCodeExchangeError","AuthUnknownError","originalError","AuthInvalidTokenResponseError","isAuthRetryableFetchError","AuthRetryableFetchError","BaseLog","config","logger","log","logDebugMessages","debug","_debug","args","_i","extra","extraPrint","toISOString","win","window","global","fetch","headers","init","Authorization","_handleRes","res_1","args_1","options","raw","text","_c","json","_post","url_1","data_1","url","method","_get","FaableAuthApi","base_url","signOut","params","URLSearchParams","LockAcquireTimeoutError","isAcquireTimeout","lockNoOp","acquireTimeout","NavigatorLockAcquireTimeoutError","Base","instanceID","nextInstanceID","Lock","lockAcquired","pendingInLock","lock","_acquireLock","last_1","result_1","result_2","waitOn","all","splice","parseParametersFromURL","href","URL","substring","forEach","searchParams","clearURLParameters","delete_params","location","param","delete","history","replaceState","state","getWindow","windowHelpers","redirect","getDocument","AUTO_REFRESH_TICK_DURATION","FaableAuthClient","domainUrl","initializePromise","detectSessionInUrl","autoRefreshTicker","visibilityChangedCallback","refreshingDeferred","broadcastChannel","stateChangeEmitters","Map","sessionCheckExpiryDays","redirect_uri","domain","protocol","getDomain","tokenIssuer","clientId","api","key_prefix","BroadcastChannel","addEventListener","event","_notifyAllSubscribers","autoRefreshToken","initialize","_initialize","_detectFlowType","flow","_getSessionFromURL","_removeSession","session_1","redirectType_1","_saveSession","_recoverAndRefresh","error_1","_handleVisibilityChange","_exchangeCodeForSession","_d","error_3","redirectType","error_description","error_code","provider_token","provider_refresh_token","token_type","refreshTick","timeNow","parseInt","expiresAt","actuallyExpiresIn","issuedAt","checkExpiresInTime","_getUser","type","error_2","authCode","storageItem","client_id","grant_type","code_verifier","rawResponse","userdata","error_4","startAutoRefresh","_onVisibilityChanged","error_5","calledFromInitialize","methodName","visibilityState","_startAutoRefresh","_stopAutoRefresh","debugName","currentSession","_isValidSession","expiresWithMargin","_callRefreshToken","err_1","_removeVisibilityChangedCallback","callback","removeEventListener","ticker","setInterval","_autoRefreshTokenTick","unref","Deno","unrefTimer","clearInterval","now_1","_useSession","expiresInTicks","e_2","browser","_scope","scope","_getUrlForConnection","urlParams","queryParams","authorize_params","response_type","redirectTo","origin","scopes","codeChallengeMethod","code_challenge","code_challenge_method","connection","signInWithOauthConnection","credentials","_handleConnectionSignIn","skipBrowserRedirect","signInWithUsernamePassword","handleCallback","formHtml","rawAuthResponse","div","createElement","innerHTML","appendChild","children","submit","username","password","changePassword","email","buildAuthorizeUrl","audience","fromEntries","entries","filter","authorize","setSession","_setSession","getSession","__loadSession","stack","maybeSession","hasExpired","isServer","proxySession","Proxy","get","target","prop","receiver","Reflect","payload","exp","refreshedSession","error_6","refreshToken","_refreshAccessToken","error_7","startedAt_1","pow","session_res","user_res","nextBackOffInterval","error_8","event_1","session_2","broadcast","postMessage","errors_1","promises","values","x","e_3","_signOut","returnTo","sessionError","isAuthApiError","onAuthStateChange","id","r","subscription","unsubscribe","set","_emitInitialSession","err_2","refreshSession","_refreshSession","error_10","error_9","User","createClient"],"mappings":";;;;;AAgBA,IAAIA,EAAgB,SAASC,EAAGC,GAI5B,OAHAF,EAAgBG,OAAOC,gBAClB,CAAEC,UAAW,cAAgBC,OAAS,SAAUL,EAAGC,GAAKD,EAAEI,UAAYH,CAAG,GAC1E,SAAUD,EAAGC,GAAK,IAAK,IAAIK,KAAKL,EAAOC,OAAOK,UAAUC,eAAeC,KAAKR,EAAGK,KAAIN,EAAEM,GAAKL,EAAEK,GAAK,EAC9FP,EAAcC,EAAGC,EAC5B,EAEO,SAASS,EAAUV,EAAGC,GACzB,GAAiB,mBAANA,GAA0B,OAANA,EAC3B,MAAM,IAAIU,UAAU,uBAAyBC,OAAOX,GAAK,iCAE7D,SAASY,IAAOC,KAAKC,YAAcf,CAAG,CADtCD,EAAcC,EAAGC,GAEjBD,EAAEO,UAAkB,OAANN,EAAaC,OAAOc,OAAOf,IAAMY,EAAGN,UAAYN,EAAEM,UAAW,IAAIM,EACnF,CAEO,IAAII,EAAW,WAQlB,OAPAA,EAAWf,OAAOgB,QAAU,SAAkBC,GAC1C,IAAK,IAAIC,EAAGC,EAAI,EAAGC,EAAIC,UAAUC,OAAQH,EAAIC,EAAGD,IAE5C,IAAK,IAAIf,KADTc,EAAIG,UAAUF,GACOnB,OAAOK,UAAUC,eAAeC,KAAKW,EAAGd,KAAIa,EAAEb,GAAKc,EAAEd,IAE9E,OAAOa,CACV,EACMF,EAASQ,MAAMX,KAAMS,UAChC,EA0EO,SAASG,EAAUC,EAASC,EAAYC,EAAGC,GAE9C,OAAO,IAAKD,IAAMA,EAAIE,WAAU,SAAUC,EAASC,GAC/C,SAASC,EAAUC,GAAS,IAAMC,EAAKN,EAAUO,KAAKF,GAAU,CAAC,MAAOG,GAAKL,EAAOK,EAAI,CAAE,CAC1F,SAASC,EAASJ,GAAS,IAAMC,EAAKN,EAAiB,MAAEK,GAAU,CAAC,MAAOG,GAAKL,EAAOK,EAAI,CAAE,CAC7F,SAASF,EAAKI,GAJlB,IAAeL,EAIaK,EAAOC,KAAOT,EAAQQ,EAAOL,QAJ1CA,EAIyDK,EAAOL,MAJhDA,aAAiBN,EAAIM,EAAQ,IAAIN,GAAE,SAAUG,GAAWA,EAAQG,EAAQ,KAIjBO,KAAKR,EAAWK,EAAW,CAC7GH,GAAMN,EAAYA,EAAUL,MAAME,EAASC,GAAc,KAAKS,OAClE,GACJ,CAEO,SAASM,EAAYhB,EAASiB,GACjC,IAAsGC,EAAGC,EAAG3B,EAAxG4B,EAAI,CAAEC,MAAO,EAAGC,KAAM,WAAa,GAAW,EAAP9B,EAAE,GAAQ,MAAMA,EAAE,GAAI,OAAOA,EAAE,EAAK,EAAE+B,KAAM,GAAIC,IAAK,IAAeC,EAAIlD,OAAOc,QAA4B,mBAAbqC,SAA0BA,SAAWnD,QAAQK,WACtL,OAAO6C,EAAEf,KAAOiB,EAAK,GAAIF,EAAS,MAAIE,EAAK,GAAIF,EAAU,OAAIE,EAAK,GAAsB,mBAAXC,SAA0BH,EAAEG,OAAOC,UAAY,WAAa,OAAO1C,IAAO,GAAGsC,EAC1J,SAASE,EAAKhC,GAAK,OAAO,SAAUmC,GAAK,OACzC,SAAcC,GACV,GAAIb,EAAG,MAAM,IAAIlC,UAAU,mCAC3B,KAAOyC,IAAMA,EAAI,EAAGM,EAAG,KAAOX,EAAI,IAAKA,OACnC,GAAIF,EAAI,EAAGC,IAAM3B,EAAY,EAARuC,EAAG,GAASZ,EAAU,OAAIY,EAAG,GAAKZ,EAAS,SAAO3B,EAAI2B,EAAU,SAAM3B,EAAEV,KAAKqC,GAAI,GAAKA,EAAET,SAAWlB,EAAIA,EAAEV,KAAKqC,EAAGY,EAAG,KAAKjB,KAAM,OAAOtB,EAE3J,OADI2B,EAAI,EAAG3B,IAAGuC,EAAK,CAAS,EAARA,EAAG,GAAQvC,EAAEgB,QACzBuB,EAAG,IACP,KAAK,EAAG,KAAK,EAAGvC,EAAIuC,EAAI,MACxB,KAAK,EAAc,OAAXX,EAAEC,QAAgB,CAAEb,MAAOuB,EAAG,GAAIjB,MAAM,GAChD,KAAK,EAAGM,EAAEC,QAASF,EAAIY,EAAG,GAAIA,EAAK,CAAC,GAAI,SACxC,KAAK,EAAGA,EAAKX,EAAEI,IAAIQ,MAAOZ,EAAEG,KAAKS,MAAO,SACxC,QACI,KAAMxC,EAAI4B,EAAEG,MAAM/B,EAAIA,EAAEK,OAAS,GAAKL,EAAEA,EAAEK,OAAS,KAAkB,IAAVkC,EAAG,IAAsB,IAAVA,EAAG,IAAW,CAAEX,EAAI,EAAG,QAAU,CAC3G,GAAc,IAAVW,EAAG,MAAcvC,GAAMuC,EAAG,GAAKvC,EAAE,IAAMuC,EAAG,GAAKvC,EAAE,IAAM,CAAE4B,EAAEC,MAAQU,EAAG,GAAI,KAAO,CACrF,GAAc,IAAVA,EAAG,IAAYX,EAAEC,MAAQ7B,EAAE,GAAI,CAAE4B,EAAEC,MAAQ7B,EAAE,GAAIA,EAAIuC,EAAI,KAAO,CACpE,GAAIvC,GAAK4B,EAAEC,MAAQ7B,EAAE,GAAI,CAAE4B,EAAEC,MAAQ7B,EAAE,GAAI4B,EAAEI,IAAIS,KAAKF,GAAK,KAAO,CAC9DvC,EAAE,IAAI4B,EAAEI,IAAIQ,MAChBZ,EAAEG,KAAKS,MAAO,SAEtBD,EAAKd,EAAKnC,KAAKkB,EAASoB,EAC3B,CAAC,MAAOT,GAAKoB,EAAK,CAAC,EAAGpB,GAAIQ,EAAI,CAAG,CAAU,QAAED,EAAI1B,EAAI,CAAG,CACzD,GAAY,EAARuC,EAAG,GAAQ,MAAMA,EAAG,GAAI,MAAO,CAAEvB,MAAOuB,EAAG,GAAKA,EAAG,QAAK,EAAQjB,MAAM,EAC9E,CAtBgDL,CAAK,CAACd,EAAGmC,GAAM,CAAE,CAuBrE,CA+DO,SAASI,EAAcC,EAAIC,EAAMC,GACpC,GAAIA,GAA6B,IAArBzC,UAAUC,OAAc,IAAK,IAA4ByC,EAAxB5C,EAAI,EAAG6C,EAAIH,EAAKvC,OAAYH,EAAI6C,EAAG7C,KACxE4C,GAAQ5C,KAAK0C,IACRE,IAAIA,EAAK5D,MAAME,UAAU4D,MAAM1D,KAAKsD,EAAM,EAAG1C,IAClD4C,EAAG5C,GAAK0C,EAAK1C,IAGrB,OAAOyC,EAAGM,OAAOH,GAAM5D,MAAME,UAAU4D,MAAM1D,KAAKsD,GACtD,CA2GkD,mBAApBM,iBAAiCA,gBCtSxD,IC/BMC,EAAe,SAC1BC,EACAC,EACAC,GAAS,OAAA/C,OAAA,OAAA,OAAA,GAAA,sDAET,KAAA,EAAA,MAAA,CAAA,EAAM6C,EAAQG,QAAQF,EAAKG,KAAKC,UAAUH,mBAA1CI,EAAA5B,mBAGW6B,EAAe,SAC1BP,EACAC,GAAW,OAAA9C,OAAA,OAAA,OAAA,GAAA,4DAEG,KAAA,EAAA,MAAA,CAAA,EAAM6C,EAAQQ,QAAQP,WAEpC,KAFMrC,EAAQ0C,EAA0B5B,QAGtC,MAAA,CAAA,EAAO,MAGT,IACE,MAAA,CAAA,EAAO0B,KAAKK,MAAM7C,GACnB,CAAC,MAAA8C,GACA,MAAA,CAAA,EAAO9C,EACT,mBAGW+C,EAAkB,SAC7BX,EACAC,GAAW,OAAA9C,OAAA,OAAA,OAAA,GAAA,sDAEX,KAAA,EAAA,MAAA,CAAA,EAAM6C,EAAQY,WAAWX,kBAAzBK,EAAA5B,mBC5BF,SAASmC,EAAQC,GACf,OAAQ,IAAMA,EAAIC,SAAS,KAAKC,UAClC,CAiDA,SAAeC,EAAOC,yGAGP,OAFPC,EAAU,IAAIC,YACdC,EAAcF,EAAQG,OAAOJ,GAChB,CAAA,EAAAK,OAAOC,OAAOC,OAAO,UAAWJ,WAGnD,OAHMK,EAAOpB,EAAkD5B,OACzDiD,EAAQ,IAAIC,WAAWF,GAE7B,CAAA,EAAO5F,MAAM0D,KAAKmC,GACfE,KAAI,SAACC,GAAM,OAAAzF,OAAO0F,aAAaD,EAApB,IACXE,KAAK,WACT,CAMK,SAAgBC,EAAsBC,mGAM1C,MAJoB,oBAAXX,aACkB,IAAlBA,OAAOC,QACS,oBAAhBJ,YAQM,CAAA,EAAMH,EAAOiB,KAL1BC,QAAQC,KACN,sGAEF,CAAA,EAAOF,WAGT,OADMG,EAAS/B,EAAsB5B,OACrC,CAAA,GAjBuB4D,EAiBAD,EAhBhBE,KAAKD,GAAKE,QAAQ,MAAO,KAAKA,QAAQ,MAAO,KAAKA,QAAQ,MAAO,MAD1E,IAAyBF,OAkBxB,UAEqBG,EAAyBC,EAAAC,4CAC7C3C,EACA4C,EACAC,yBAAA,IAAAA,IAAAA,GAA0B,8CAO1B,OALMC,aApDN,IACMC,EAAQ,IAAIC,YADK,IAEvB,GAAsB,oBAAXzB,OAAwB,CAKjC,IAJA,IAAM0B,EACJ,qEAEEf,EAAW,GACNpF,EAAI,EAAGA,EAPK,GAOeA,IAClCoF,GAAYe,EAAQC,OAAOC,KAAKC,MAHfH,GAGqBE,KAAKE,WAE7C,OAAOnB,CACT,CAEA,OADAX,OAAO+B,gBAAgBP,GAChBjH,MAAM0D,KAAKuD,EAAOlC,GAASmB,KAAK,GACzC,CAsCuBuB,GACjBC,EAAqBV,EACrBD,IACFW,GAAsB,sBAElB,CAAA,EAAAzD,EACJC,EACA,GAAAH,OAAG+C,EAA0B,kBAC7BY,WAEoB,OALtBlD,EAAA5B,OAKsB,CAAA,EAAMuD,EAAsBa,WAElD,MAAA,CAAA,EAAO,CAFDW,EAAgBnD,EAAyC5B,OACnCoE,IAAiBW,EAAgB,QAAU,eAExE,CAEM,IAAMC,EAAY,WAAM,MAAoB,oBAAbC,QAAP,EAEzBC,EAAyB,CAC7BC,QAAQ,EACRC,UAAU,GAMCC,EAAuB,WAClC,IAAKL,IACH,OAAO,EAGT,IACE,GAAuC,iBAA5BM,WAAWC,aACpB,OAAO,CAEV,CAAC,MAAOlG,GAEP,OAAO,CACT,CAEA,GAAI6F,EAAuBC,OACzB,OAAOD,EAAuBE,SAGhC,IAAMI,EAAY,QAAQrE,OAAAsD,KAAKE,UAAQxD,OAAGsD,KAAKE,UAE/C,IACEW,WAAWC,aAAa9D,QAAQ+D,EAAWA,GAC3CF,WAAWC,aAAarD,WAAWsD,GAEnCN,EAAuBC,QAAS,EAChCD,EAAuBE,UAAW,CACnC,CAAC,MAAO/F,GAIP6F,EAAuBC,QAAS,EAChCD,EAAuBE,UAAW,CACpC,CAEA,OAAOF,EAAuBE,QAChC,EAgCM,SAAUK,EAAiB7D,SALP8D,EAMxBlE,EAAII,EAAAJ,KAEAmE,EAAU,KACd,IAAKnE,EAAM,MAAM,IAAIoE,MAAM,wBAS3B,OAtBF,SAAoBpE,GAClB,QAASA,EAAKqE,gBAAkBrE,EAAKsE,iBAAmBtE,EAAKuE,UAC/D,CAYMC,CAAWxE,KACbmE,EAAO3H,EAAA,CAAA,EAAQwD,IACVA,EAAKyE,YAAczE,EAAKuE,aAC3BJ,EAAQM,YAbYP,EAaWlE,EAAKuE,WAZxBtB,KAAKyB,MAAMC,KAAKC,MAAQ,KACvBV,KAgBV,CAAElE,KAAM,CAAEmE,QAAOA,EAAEU,KADE,QAATrE,EAAAR,EAAK6E,YAAI,IAAArE,EAAAA,EAAKR,GACC8E,MAAO,KAC3C,CAOA,IAAAC,EAAA,WASE,SAAAA,IAAA,IAQCC,EAAA3I,KANEA,KAAa4I,QAAU,IAAIF,EAASG,oBAAmB,SAACC,EAAKC,GAE3DJ,EAAazH,QAAU4H,EAEvBH,EAAaxH,OAAS4H,CACzB,GACF,CACF,OAjBgBL,EAAkBG,mBAAuB5H,QAiBxDyH,CAAA,CAlBD,GAyBgB,SAAAM,EACdC,EACAC,GAFF,IA0BCP,EAAA3I,KADC,OArBgB,IAAIiB,SAAW,SAACkI,EAAQhI,GAErCP,EAAA+H,OAAA,OAAA,GAAA,uEACUS,EAAU,wBAAGA,EAAUC,KAAQ,MAAA,CAAA,EAAA,oBAErB,6BAAA,CAAA,EAAMJ,EAAGG,WAExB,OAFM1H,EAASqC,EAAiB5B,OAE3B+G,EAAYE,EAAS,KAAM1H,UAC9ByH,EAAOzH,GACA,CAAA,WAGT,kBAAKwH,EAAYE,EAASE,UACxBnI,EAAOmI,GACA,CAAA,kBAX6BF,8BAe3C,GACH,GAGF,CAKM,SAAgBG,EAAMC,sEAC1B,MAAA,CAAA,EAAO,IAAIvI,SAAQ,SAACkI,GAClBM,YAAW,WAAM,OAAAN,EAAO,KAAK,GAAEK,EACjC,UACD,CC5KK,SAAUE,EAAiBC,GAE/B,IAGMC,EAAQD,EAAME,MAAM,KAE1B,GAAqB,IAAjBD,EAAMlJ,OACR,MAAM,IAAIqH,MAAM,yCAGlB,IARE,8DAQkB+B,KAAKF,EAAM,IAC7B,MAAM,IAAI7B,MAAM,wDAGlB,IAAMgC,EAAYH,EAAM,GACxB,OAAO/F,KAAKK,MDpGR,SAA0B7C,GAC9B,IAGI2I,EAAMC,EAAMC,EACNC,EAAMC,EAAMC,EAJhB3G,EACJ,oEACE4G,EAAS,GAGT/J,EAAI,EAGR,IAFAc,EAAQA,EAAM4E,QAAQ,IAAK,KAAKA,QAAQ,IAAK,KAEtC1F,EAAIc,EAAMX,QAKfsJ,EAJOtG,EAAI6G,QAAQlJ,EAAMsF,OAAOpG,OAIhB,GAHhB4J,EAAOzG,EAAI6G,QAAQlJ,EAAMsF,OAAOpG,QAGF,EAC9B0J,GAAgB,GAAPE,IAAc,GAHvBC,EAAO1G,EAAI6G,QAAQlJ,EAAMsF,OAAOpG,QAGK,EACrC2J,GAAgB,EAAPE,IAAa,GAHtBC,EAAO3G,EAAI6G,QAAQlJ,EAAMsF,OAAOpG,OAIhC+J,GAAkBxK,OAAO0F,aAAawE,GAE1B,IAARI,GAAsB,GAARH,IAChBK,GAAkBxK,OAAO0F,aAAayE,IAE5B,IAARI,GAAsB,GAARH,IAChBI,GAAkBxK,OAAO0F,aAAa0E,IAG1C,OAAOI,CACT,CCyEoBE,CAAgBT,GACpC,CC3GO,ICIMU,EAAwC,CACnDxG,QAAS,SAACP,GACR,OAAK8D,IAIEC,WAAWC,aAAazD,QAAQP,GAH9B,IAIV,EACDE,QAAS,SAACF,EAAKrC,GACRmG,KAILC,WAAWC,aAAa9D,QAAQF,EAAKrC,EACtC,EACDgD,WAAY,SAACX,GACN8D,KAILC,WAAWC,aAAarD,WAAWX,EACrC,GC6CFgH,EAAA,SAAAC,GAcE,SAAAD,EAAYE,EAAiBC,EAAiBC,GAC5C,IAAAnC,EAAAgC,EAAKhL,KAAAK,KAAC4K,IAAS5K,YAHP2I,EAAaoC,eAAG,EAIxBpC,EAAKqC,KAAO,YACZrC,EAAKkC,OAASA,EACdlC,EAAKmC,KAAOA,GACd,CACF,OApB+BlL,EAAK8K,EAAAC,GAoBnCD,CAAD,CApBA,CAA+B3C,OAsB/BkD,EAAA,SAAAN,GAIE,SAAAM,EACEL,EACAI,EACAH,EACAC,GAEA,IAAAnC,EAAAgC,YAAMC,EAASC,EAAQC,IAAM9K,YAC7B2I,EAAKqC,KAAOA,EACZrC,EAAKkC,OAASA,GAChB,CACF,OAdqCjL,EAASqL,EAAAN,GAc7CM,CAAD,CAdA,CAAqCP,GAgBrCQ,EAAA,SAAAP,GACE,SAAAO,IACE,OAAAP,EAAMhL,KAAAK,KAAA,wBAAyB,0BAA2B,SAAKmL,IAAWnL,IAC5E,CACF,OAJ6CJ,EAAesL,EAAAP,GAI3DO,CAAD,CAJA,CAA6CD,GAMvC,SAAUG,EAAY3C,GAC1B,MACmB,iBAAVA,GAAgC,OAAVA,GAAkB,kBAAmBA,CAEtE,EAEA,SAAAkC,GAGE,SAAAU,EAAYT,EAAiBC,EAAgBC,GAC3C,IAAAnC,EAAAgC,YAAMC,EAASC,EAAQC,IAAM9K,YAC7B2I,EAAKqC,KAAO,eACZrC,EAAKkC,OAASA,EACdlC,EAAKmC,KAAOA,GACd,CARgClL,EAASyL,EAAAV,EAS3C,CATA,CAAkCD,GAelC,IAAAY,EAAA,SAAAX,GAEE,SACEW,EAAAV,EACAW,QAAA,IAAAA,IAAAA,EAAsD,MAEtD,IAAA5C,EAAAgC,EAAMhL,KAAAK,KAAA4K,EAAS,iCAAkC,SAAKO,IAAWnL,YALnE2I,EAAO4C,QAA2C,KAMhD5C,EAAK4C,QAAUA,GACjB,CAUF,OAlBoD3L,EAAe0L,EAAAX,GAUjEW,EAAA7L,UAAA+L,OAAA,WACE,MAAO,CACLR,KAAMhL,KAAKgL,KACXJ,QAAS5K,KAAK4K,QACdC,OAAQ7K,KAAK6K,OACbU,QAASvL,KAAKuL,QAEjB,EACFD,CAAD,CAlBA,CAAoDL,GAoBpDQ,EAAA,SAAAd,GAGE,SACEc,EAAAb,EACAW,QAAA,IAAAA,IAAAA,EAAsD,MAEtD,IAAA5C,EAAAgC,EAAMhL,KAAAK,KAAA4K,EAAS,iCAAkC,SAAKO,IAAWnL,YANnE2I,EAAO4C,QAA2C,KAOhD5C,EAAK4C,QAAUA,GACjB,CAUF,OAnBoD3L,EAAe6L,EAAAd,GAWjEc,EAAAhM,UAAA+L,OAAA,WACE,MAAO,CACLR,KAAMhL,KAAKgL,KACXJ,QAAS5K,KAAK4K,QACdC,OAAQ7K,KAAK6K,OACbU,QAASvL,KAAKuL,QAEjB,EACFE,CAAD,CAnBA,CAAoDR,GAqBpDS,EAAA,SAAAf,GAGE,SAAYe,EAAAd,EAAiBe,GAC3B,IAAAhD,EAAAgC,EAAKhL,KAAAK,KAAC4K,IAAS5K,YACf2I,EAAKqC,KAAO,mBACZrC,EAAKgD,cAAgBA,GACvB,CACF,OARsC/L,EAAS8L,EAAAf,GAQ9Ce,CAAD,CARA,CAAsChB,GAUtCkB,EAAA,SAAAjB,GACE,SAAAiB,IACE,OAAAjB,EACEhL,KAAAK,KAAA,+BACA,gCACA,SACAmL,IACAnL,IACJ,CACF,OATmDJ,EAAegM,EAAAjB,GASjEiB,CAAD,CATA,CAAmDX,GAiB7C,SAAUY,EACdpD,GAEA,OAAO2C,EAAY3C,IAAyB,4BAAfA,EAAMuC,IACrC,EAVA,SAAAL,GACE,SAAYmB,EAAAlB,EAAiBC,GAC3B,OAAAF,EAAMhL,KAAAK,KAAA4K,EAAS,0BAA2BC,OAAQM,IAAWnL,IAC/D,CAH2CJ,EAAekM,EAAAnB,EAI5D,CAJA,CAA6CM,GCtMtC,ICKPc,EAAA,WAIE,SAAAA,EAAYC,QAAA,IAAAA,IAAAA,EAA2B,CAAA,GAF7BhM,KAAAiM,OAAoDrG,QAAQsG,IAGpElM,KAAKmM,mBAAqBH,EAAOI,MACL,mBAAjBJ,EAAOI,QAChBpM,KAAKiM,OAASD,EAAOI,MAEzB,CAeF,OAXYL,EAAAtM,UAAA4M,OAAV,eAAiB,IAAcC,EAAA,GAAAC,EAAA,EAAdA,EAAc9L,UAAAC,OAAd6L,IAAAD,EAAcC,GAAA9L,UAAA8L,GAC7B,GAAIvM,KAAKmM,iBAAkB,CACzB,IAAMK,EAAQxM,KAAKyM,WAAazM,KAAKyM,aAAe,GACpDzM,KAAKiM,OAAMtL,MAAXX,KACE+C,EAAA,CAAA,cAAAO,OAAckJ,EAAU,MAAAlJ,ODtBT,sBCsBqB,IAAIgF,MAAOoE,gBAC5CJ,GACH,GACJ,CAEA,OAAOtM,IACR,EACF+L,CAAD,CAxBA,GCNMY,EACc,oBAAXC,OAAyBA,YAASzB,EAErC0B,EACkB,oBAAfpF,WAA6BA,WAAakF,EACtCvF,EAAWyF,aAAA,EAAAA,EAAQzF,SAInB0F,EAASD,EAAeC,MCG/BC,EAAU,SAACC,QAAA,IAAAA,IAAAA,EAAwC,CAAA,GACvD,IAAID,EAAU,CAAE,EAIhB,OAHIC,aAAI,EAAJA,EAAMrD,SACRoD,EAAe5M,EAAAA,EAAA,CAAA,EAAA4M,GAAS,CAAAE,cAAe,UAAU3J,OAAA0J,eAAAA,EAAMrD,UAGpDxJ,EAAAA,EAAA,CAAA,EAAA6M,aAAI,EAAJA,EAAMD,SACNA,EAEP,EAEMG,EAAa,SAAAC,+DACjB,OAAAvM,OAAA,EAAAmC,EAAA,CAAAoK,GAAAC,GAAA,QAAA,GAAA,SAAAtE,EACAuE,yBAAA,IAAAA,IAAAA,EAA2C,CAAA,qDAE9BA,EAAQC,IAAM,CAAA,EAAMxE,EAAIyE,QAAb,CAAA,EAAA,iBAAGxJ,EAAAyJ,eAAmB,KAAA,EAAA,MAAA,CAAA,EAAM1E,EAAI2E,eAAV1J,EAAAyJ,0BAC9C,OADM1L,EAAwDiC,EAC1D+E,EAAI+B,QAAU,IACT,CAAA,EAAA,CACLlH,KAAM7B,EACN2G,MAAO4E,EAAQC,IAAsB,QAAhBnJ,EAAAN,KAAKK,MAAMpC,UAAK,IAAAqC,OAAA,EAAAA,EAAEyG,QAAU9I,aAAI,EAAJA,EAAM8I,UAGpD,CAAA,EAAA,CAAEjH,KAAM7B,EAAM2G,MAAO,eAGjBiF,EAAQ,SAAAC,EAAAC,8GACnBC,EACAlK,EACA0J,qBAAA,IAAAA,IAAAA,EAA2C,CAAA,8CAG7B,6BAAM,CAAA,EAAAP,EAAMe,EAAK,CAC3BC,OAAQ,OACRhM,KAAM+B,KAAKC,UAAUH,GACrBoJ,QAAO5M,EAAAA,EAAA,CAAA,EAAO4M,EAAQM,IAAU,CAAA,eAAgB,+BAGlD,OANMvE,EAAM/E,EAIV5B,OAEF,CAAA,EAAO+K,EAAWpE,EAAKuE,WAEvB,MAAO,CAAA,EAAA,CAAE1J,KAAM,KAAM8E,0CAIZsF,EAAO,SAAAJ,+DAClB,OAAA/M,OAAA,EAAAmC,EAAA,CAAA4K,GAAAP,GAAA,QAAA,GAAA,SAAAS,EACAR,qBAAA,IAAAA,IAAAA,EAA2C,CAAA,8CAG7B,6BAAA,CAAA,EAAMP,EAAMe,EACnB1N,EAAAA,EAAA,CAAA,EAAAkN,IACHS,OAAQ,MACRf,QAASA,EAAQM,cAGnB,OANMvE,EAAM/E,EAIV5B,OAEF,CAAA,EAAO+K,EAAWpE,EAAKuE,WAEvB,MAAO,CAAA,EAAA,CAAE1J,KAAM,KAAM8E,0CChEzBuF,EAAA,SAAArD,GACE,SAAmBqD,EAAAC,EAAkBjC,GACnC,IAAArD,EAAAgC,EAAKhL,KAAAK,KAACgM,IAAQhM,YADG2I,EAAQsF,SAARA,GAEnB,CAmBF,OAtB2CrO,EAAOoO,EAAArD,GAItCqD,EAAAvO,UAAAgN,WAAV,WACE,MAAO,KACR,EAEKuB,EAAOvO,UAAAyO,QAAb,SAAcC,qGAMA,OAFNN,EAAM,GAAAvK,OAAGtD,KAAKiO,SAAQ,YAAA3K,OAAW,IAAI8K,gBAAgBD,IAC3DnO,KAAKqM,OAAO,qBAAcwB,IACd,CAAA,EAAME,EAAKF,WAEvB,OAFM/E,EAAM/E,EAAe5B,OAC3BnC,KAAKqM,OAAOvD,GACRA,EAAIL,MACC,CAAA,EAAA,CAAEA,MAAOK,EAAIL,MAAO9E,KAAM,OAE1B,CAAA,EAAA,CAAE8E,MAAO,KAAM9E,KAAM,aAE/B,EACFqK,CAAD,CAtBA,CAA2CjC,GC2BvCtE,YACAD,KACAC,WAAWC,cACXD,WAAWC,aAAazD,QAAQ,kCASpC,IAAAoK,EAAA,SAAA1D,GAGE,SAAA0D,EAAYzD,GACV,IAAAjC,EAAAgC,EAAKhL,KAAAK,KAAC4K,IAAS5K,YAHD2I,EAAgB2F,kBAAG,GAInC,CACF,OANsD1O,EAAKyO,EAAA1D,GAM1D0D,CAAD,CANA,CAAsDtG,gBA4IhCwG,EACpBvD,EACAwD,EACAvF,6FAEO,MAAM,CAAA,EAAAA,KAAb,KAAA,EAAA,MAAA,CAAA,EAAOlF,gBACR,EA1ID,SAAA4G,GAAA,SAAA8D,kDAA+E,CAAzB7O,EAAuB6O,EAAA9D,EAAE,CAA/E,CAAsD0D,GCjDtD,IAAAK,EAAA,SAAA/D,GAIE,SAAA+D,EAAY1C,QAAA,IAAAA,IAAAA,EAA2B,CAAA,GACrC,IAAArD,EAAAgC,EAAKhL,KAAAK,KAACgM,IAAQhM,YACd2I,EAAKgG,WAAaD,EAAKE,eACvBF,EAAKE,gBAAkB,GACzB,CAKF,OAbmChP,EAAO8O,EAAA/D,GAUxC+D,EAAAjP,UAAAgN,WAAA,WACE,OAAOzM,KAAK2O,WAAWnK,UACxB,EAXckK,EAAcE,eAAG,EAYjCF,EAbD,CAAmC3C,GCQnC8C,EAAA,SAAAlE,GAOE,SAAAkE,EAAYxB,GACV,IAAA1E,EAAAgC,EAAMhL,KAAAK,KAAA,CAAEoM,MAAOiB,EAAQjB,SAASpM,YANlC2I,EAAYmG,cAAG,EACLnG,EAAaoG,cAAmB,GAMxCpG,EAAKqG,KAAO3B,EAAQ2B,MAAQT,EAC5B5F,EAAKtC,WAAagH,EAAQhH,YAC5B,CAuFF,OAlG0BzG,EAAIiP,EAAAlE,GAgBtBkE,EAAApP,UAAAwP,aAAN,SACET,EACAvF,4GAEAjJ,KAAKqM,OAAO,gBAAiB,QAASmC,oBAGpC,6BAAIxO,KAAK8O,cACDI,EAAOlP,KAAK+O,cAAcrO,OAC5BV,KAAK+O,cAAc/O,KAAK+O,cAAcrO,OAAS,GAC/CO,QAAQC,UAENiO,EAAUvO,EAAA+H,OAAA,OAAA,GAAA,sDACd,KAAA,EAAA,MAAA,CAAA,EAAMuG,UACC,OADPnL,EAAA5B,OACa,CAAA,EAAA8G,KAAb,KAAA,EAAA,MAAA,CAAA,EAAOlF,aACR,IAED/D,KAAK+O,cAAcjM,KAChBlC,EAAA+H,OAAA,OAAA,GAAA,6DAEG,6BAAA,CAAA,EAAMwG,gEAOZ,CAAA,EAAOA,IAGI,CAAA,EAAAnP,KAAKgP,KAChB,QAAA1L,OAAQtD,KAAKqG,YACbmI,GACA,WAAA,OAAA5N,EAAA+H,OAAA,OAAA,GAAA,4EACE3I,KAAKqM,OACH,gBACA,gCACArM,KAAKqG,6BAkBL,6BAdArG,KAAK8O,cAAe,EAEdM,EAASnG,IAEfjJ,KAAK+O,cAAcjM,KAChBlC,EAAA+H,OAAA,OAAA,GAAA,6DAEG,6BAAA,CAAA,EAAMyG,gEAOZ,CAAA,EAAMA,UAANrL,EAAA5B,+BAGOnC,KAAK+O,cAAcrO,QAClB2O,EAAatM,EAAA,GAAA/C,KAAK+O,kBAExB,CAAA,EAAM9N,QAAQqO,IAAID,KAHY,CAAA,EAAA,iBAG9BtL,EAAA5B,OAEAnC,KAAK+O,cAAcQ,OAAO,EAAGF,EAAO3O,cAG/B,KAAA,EAAA,MAAA,CAAA,EAAM0O,GAAb,KAAA,EAAA,MAAA,CAAA,EAAOrL,wBAEP/D,KAAKqM,OACH,gBACA,gCACArM,KAAKqG,YAGPrG,KAAK8O,cAAe,0BAEvB,GAAA,KA9CH,KAAA,EAAA,MAAA,CAAA,EAAO/K,wBAiDP/D,KAAKqM,OAAO,gBAAiB,kCAEhC,EACFwC,CAAD,CAlGA,CAA0BH,GCPpB,SAAUc,EAAuBC,GACrC,IAAM/N,EAA0C,CAAE,EAE5CmM,EAAM,IAAI6B,IAAID,GAEpB,GAAI5B,EAAI1I,MAAwB,MAAhB0I,EAAI1I,KAAK,GACvB,IAC2B,IAAIiJ,gBAAgBP,EAAI1I,KAAKwK,UAAU,IAC/CC,SAAQ,SAACvO,EAAOqC,GAC/BhC,EAAOgC,GAAOrC,CAChB,GACD,CAAC,MAAOG,GACP,CASJ,OAJAqM,EAAIgC,aAAaD,SAAQ,SAACvO,EAAOqC,GAC/BhC,EAAOgC,GAAOrC,CAChB,IAEOK,CACT,CAEO,IAAMoO,EAAqB,SAACC,QAAA,IAAAA,IAAAA,EAA4B,IAC7D,IAAMlC,EAAM,IAAI6B,IAAI9C,OAAOoD,SAASP,MAEpCM,EAAcH,SAAQ,SAACK,GACrBpC,EAAIgC,aAAaK,OAAOD,EAC1B,IAEApC,EAAI1I,KAAO,GAEXyH,OAAOuD,QAAQC,aAAaxD,OAAOuD,QAAQE,MAAO,GAAIxC,EAAIrJ,WAC5D,EC3BA,SAAS8L,IACP,IAAK1D,EAAQ,MAAM,IAAI7E,MAAM,4BAC7B,OAAO6E,CACT,CAEO,IAAM2D,EAAgB,CAC3BC,SAdF,SAAkB3C,GAChByC,IAAYN,SAAWnC,CACzB,EAaE4C,YAXF,WACE,OAAOH,IAAYlJ,QACrB,EAUEkJ,UAAWA,GC0CPI,EAA6B,IAMnCC,EAAA,SAAAhG,GA8BE,SAAAgG,EAAY3E,GAAZ,MjB5DA4E,EiB6HCjI,EAAA3I,KAhEOoM,GAAQJ,aAAA,EAAAA,EAAQI,SAAS,EAK/B,IAJAzD,EAAAgC,EAAMhL,KAAAK,KAAA,CAAEoM,MAAKA,KAAIpM,MAzBQ6Q,kBAAqC,KACtDlI,EAAkBmI,oBAAG,EASrBnI,EAAiBoI,kBAA0C,KAC3DpI,EAAyBqI,0BAAgC,KAEzDrI,EAAkBsI,mBAA4C,KAK9DtI,EAAgBuI,iBAA4B,KAC5CvI,EAAAwI,oBAAiD,IAAIC,IAQ7DzI,EAAK0I,uBAAyB,EAC9B1I,EAAK2I,cAAetF,aAAM,EAANA,EAAQsF,eAAgB,KACvCtF,aAAA,EAAAA,EAAQuF,QACX,MAAM,IAAIxJ,MAAM,kBAKlB,GAHAY,EAAKiI,UjB5DgB,SAACA,GACxB,IAAK,sBAAsB9G,KAAK8G,GAAY,CAC1C,IAAMY,GAAW,OAAAxB,eAAA,IAAAA,cAAA,EAAAA,SAAUwB,WAAY,QACvC,MAAO,GAAGlO,OAAAkO,EAAa,MAAAlO,OAAAsN,EACzB,CAEA,OAAOA,CACT,CiBqDqBa,CAAUzF,EAAOuF,QAElC5I,EAAK+I,ajBvEPd,EiBuEwCjI,EAAKiI,UjBjEtC,GAAAtN,OAAGsN,KiBkEH5E,EAAO2F,SACV,MAAM,IAAI5J,MAAM,oBAElBY,EAAKgJ,SAAW3F,EAAO2F,SAEvBhJ,EAAKiJ,IAAM,IAAI5D,EAAcrF,EAAKiI,UAAW,CAAExE,MAAKA,IAGpD,IAAMyF,GAAa7F,aAAA,EAAAA,EAAQ3F,ablHJ,aa6HvB,GAVAsC,EAAKtC,WAAa,GAAG/C,OAAAuO,cAAclJ,EAAKgJ,UAExChJ,EAAKlF,SAAUuI,aAAM,EAANA,EAAQvI,UAAWgH,EAElC9B,EAAKqG,KAAO,IAAIH,EAAK,CACnBG,KAAMhD,EAAOgD,KACb3I,WAAYsC,EAAKtC,WACjB+F,MAAOJ,EAAOI,QAIdjF,KACAM,WAAWqK,kBAEXnJ,EAAKtC,WACL,CACA,IACEsC,EAAKuI,iBAAmB,IAAIzJ,WAAWqK,iBACrCnJ,EAAKtC,WAER,CAAC,MAAO7E,GACPoE,QAAQ6C,MACN,yFACAjH,EAEJ,CAEqB,QAArBuC,EAAA4E,EAAKuI,wBAAgB,IAAAnN,GAAAA,EAAEgO,iBAAiB,WAAW,SAAOC,GAAK,OAAApR,EAAA+H,OAAA,OAAA,GAAA,6DAM7D,OALA3I,KAAKqM,OACH,2DACA2F,GAGF,CAAA,EAAMhS,KAAKiS,sBACTD,EAAMrO,KAAKqO,MACXA,EAAMrO,KAAKmE,SACX,kBAHF/D,EAIC5B,cACF,GAAA,GACH,QAEAwG,EAAKuJ,kBAAmB,EAExBvJ,EAAKwJ,cACP,CA04CF,OAz+CsCvS,EAAI+Q,EAAAhG,GAsGlCgG,EAAAlR,UAAA0S,WAAN,uHACMnS,KAAK6Q,kBACM,CAAA,EAAA7Q,KAAK6Q,mBADM,CAAA,EAAA,GACxB,KAAA,EASF,KAAA,EAAA,MAAA,CAAA,EAAO9M,iBAAA,OANP/D,KAAK6Q,kBAAqBjQ,EAAA+H,OAAA,OAAA,GAAA,wEACjB,MAAM,CAAA,EAAA3I,KAAKgP,KAAKC,cAAe,GAAE,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,sDAC/B,KAAA,EAAA,MAAA,CAAA,EAAM3I,KAAKoS,eAAlB,KAAA,EAAA,MAAA,CAAA,EAAOrO,aACR,GAAA,KAFD,KAAA,EAAA,MAAA,CAAA,EAAOA,aAGR,IAEY,CAAA,EAAA/D,KAAK6Q,yBACnB,EAQaF,EAAAlR,UAAA2S,YAAd,8HAEiB,+BAAA,CAAA,EAAMpS,KAAKqS,0BAKpB,OALEC,EAAOnO,EAA4BhC,OAEzCnC,KAAKqM,OAAO,iBAAkB,QAAS,YAAaiG,GAGhDA,EACsB,CAAA,EAAMtS,KAAKuS,mBAAmBD,IADhD,CAAA,EAAA,UAEF,OADEvO,EAAkBI,SAAhBR,EAAII,EAAAJ,MAAE8E,EAAK1E,EAAA0E,QAEjBzI,KAAKqM,OACH,iBACA,mCACA5D,GAMmB,gCAAnBA,eAAAA,EAAOmC,UACY,gDAAnBnC,aAAA,EAAAA,EAAOmC,SAEP,CAAA,EAAO,CAAEnC,MAAKA,IAKhB,CAAA,EAAMzI,KAAKwS,mBAlBJ,CAAA,EAAA,UAoBP,OAFArO,EAAAhC,OAEA,CAAA,EAAO,CAAEsG,MAAKA,WAahB,OAVQgK,EAA0B9O,EAAnBmE,QAAE4K,EAAiB/O,eAElC3D,KAAKqM,OACH,iBACA,0BACAoG,EACA,gBACAC,GAGF,CAAA,EAAM1S,KAAK2S,aAAaF,WAUxB,OAVAtO,EAAAhC,OAEAsH,YAAW,WAAA,OAAA7I,EAAA+H,OAAA,OAAA,GAAA,6DACL,MAAiB,aAAjB+J,EAA2B,CAAA,EAAA,GACvB,CAAA,EAAA1S,KAAKiS,sBAAsB,oBAAqBQ,kBAAtD1O,EAAA5B,oBAEA,MAAM,CAAA,EAAAnC,KAAKiS,sBAAsB,YAAaQ,WAA9C1O,EAAA5B,wCAEH,GAAE,GAEH,CAAA,EAAO,CAAEsG,MAAO,cAGlB,MAAA,CAAA,EAAMzI,KAAK4S,6BACX,OADAzO,EAAAhC,OACA,CAAA,EAAO,CAAEsG,MAAO,cAEhB,OAAI2C,cACF,CAAA,EAAO,CAAE3C,MAAKoK,IAGT,CAAA,EAAA,CACLpK,MAAO,IAAIiD,EACT,yCACAmH,KAIJ,KAAA,EAAA,MAAA,CAAA,EAAM7S,KAAK8S,0CAAX3O,EAAAhC,OACAnC,KAAKqM,OAAO,iBAAkB,mCAEjC,EAKasE,EAAkBlR,UAAA8S,mBAAhC,SAAiCD,uIASzB,yBADEnE,EAASqB,EAAuB5C,EAAOoD,SAASP,MAC1C,QAAR6C,EAAA,MAAc,CAAA,EAAA,GAChB,IAAKnE,EAAOrD,KACV,MAAM,IAAIW,EAA+B,qBAGnB,MAAM,CAAA,EAAAzL,KAAK+S,wBAAwB5E,EAAOrD,cAClE,GADM/G,EAAkBiP,EAA+C7Q,OAA/DyL,EAAI7J,EAAAJ,KAAEsP,EAAKlP,EAAA0E,MACR,MAAMwK,EAKjB,OAFAnD,EAAmB,CAAC,SAEb,CAAA,EAAA,CACLnM,KAAM,CAAEmE,QAAS8F,EAAK9F,QAASoL,aAAc,MAC7CzK,MAAO,cAIX,GAAI0F,EAAO1F,OAAS0F,EAAOgF,mBAAqBhF,EAAOiF,WACrD,MAAM,IAAI9H,EACR6C,EAAOgF,mBACL,kDACF,CACE1K,MAAO0F,EAAO1F,OAAS,oBACvBqC,KAAMqD,EAAOiF,YAAc,qBAejC,GATEC,EAOElF,EAPYkF,eACdC,EAMEnF,EANoBmF,uBACtBtL,EAKEmG,EAAMnG,aAJRC,EAIEkG,EAAMlG,cAHRC,EAGEiG,aAFF/F,EAEE+F,aADFoF,EACEpF,eAECnG,GAAiBE,GAAeD,GAAkBsL,GACrD,MAAM,IAAIjI,EAA+B,6BAUnB,OANlBnH,EfnDsB,SAACJ,GACjC,IAAAmE,eACAE,EAAUrE,EAAAqE,WACVoL,EAAWzP,EAAAyP,YAMLC,EAAU7M,KAAKyB,MAAMC,KAAKC,MAAQ,KAClCV,EAAY6L,SAASxL,GACvByL,EAAYF,EAAU5L,EAEtBO,IACFuL,EAAYD,SAAStL,IAGvB,IAAMwL,EAAoBD,EAAYF,EACd,IAApBG,GAA4BJ,GAC9B5N,QAAQC,KACN,iEAAAvC,OAAiEsQ,EAAkD,kCAAAtQ,OAAAuE,EAAY,MAInI,IAAMgM,EAAWF,EAAY9L,EAiB7B,OAhBI4L,EAAUI,GAAY,IACxBjO,QAAQC,KACN,kGACAgO,EACAF,EACAF,GAEOA,EAAUI,EAAW,GAC9BjO,QAAQC,KACN,8GACAgO,EACAF,EACAF,GAIG,CAAE5L,UAASA,EAAE8L,UAASA,EAC/B,CeSuCG,CAAmB,CAClD5L,WAAUA,EACVE,WAAUA,EACVoL,YAAa9C,IAHPiD,EAASxP,EAAAwP,UAAE9L,cAMK,CAAA,EAAM7H,KAAK+T,SAAS/L,WAE5C,GAFMwF,EAAkBwF,SAAhBrP,EAAI6J,EAAA7J,MAAE8E,EAAK+E,EAAA/E,SAEL9E,EAAK6E,KAAM,MAAMC,EAuB/B,OArBMX,EAAmB,CACvBuL,eAAcA,EACdC,uBAAsBA,EACtBtL,aAAYA,EACZE,WAAYL,EACZO,WAAYuL,EACZ1L,cAAaA,EACbsL,WAAUA,EACV/K,KAAM7E,EAAK6E,MAIbsH,EAAmB,CACjB,eACA,aACA,gBACA,aACA,UAEF9P,KAAKqM,OAAO,wBAAyB,iCAErC,CAAA,EAAO,CAAE1I,KAAM,CAAEmE,QAAOA,EAAEoL,aAAc/E,EAAO6F,MAAQvL,MAAO,cAG9D,cADAzI,KAAKqM,OAAO4H,GACR7I,EAAY6I,GACd,MAAA,CAAA,EAAO,CAAEtQ,KAAM,CAAEmE,QAAS,KAAMoL,aAAc,MAAQzK,MAAKwL,IAE7D,MAAMA,yBAET,EAEatD,EAAuBlR,UAAAsT,wBAArC,SAAsCmB,kHAUhB,KAAA,EAAA,MAAA,CAAA,EAAMlQ,EACxBhE,KAAKyD,QACL,GAAGH,OAAAtD,KAAKqG,WAA0B,2BAMhB,OARd8N,EAAcnB,EAGnB7Q,OACK4B,GAAiCoQ,QAAAA,EAAe,IAAetK,MACnE,KADKtD,OAAc2M,OAID,CAAA,EAAMxF,EACxB,GAAApK,OAAGtD,KAAK4Q,0BACR,CACEwD,UAAWpU,KAAK2R,SAChB0C,WAAY,qBACZvJ,KAAMoJ,EACNI,cAAe/N,YAMnB,GAZMgO,EAAcvB,EAQnB7Q,OAEKgC,EAAkByD,EAAiB2M,GAAjC5Q,EAAIQ,EAAAR,KAAE8E,EAAKtE,EAAAsE,OAEd9E,EACH,MAAM,IAAIoE,MAAM,gBAGlB,MAAA,CAAA,EAAM3D,EAAgBpE,KAAKyD,QAAS,GAAGH,OAAAtD,KAAKqG,WAA0B,2BACtE,OADA2M,EAAA7Q,OACIsG,EACK,CAAA,EAAA,CAAE9E,KAAM,CAAE6E,KAAM,KAAMV,QAAS,KAAMoL,aAAc,MAAQzK,MAAKA,IAC7D9E,GAASA,EAAKmE,SAAYnE,EAAK6E,MAMvCV,EAAUnE,EAAKmE,SAEuB,CAAA,EAAA9H,KAAK+T,SAC3CjM,EAAQE,eAFD,CAAA,EAAA,GANF,CAAA,EAAA,CACLrE,KAAM,CAAE6E,KAAM,KAAMV,QAAS,KAAMoL,aAAc,MACjDzK,MAAO,IAAImD,WAQb,GAHM4B,EAA4BwF,EAEjC7Q,OAFaqS,EAAQhH,EAAA7J,MAAE8Q,EAAKjH,EAAA/E,SAGf+L,EAAShM,KACrB,MAAMiM,EASR,OANA3M,EAAO3H,EAAAA,EAAA,CAAA,EACF2H,GACH,CAAAU,KAAMgM,EAAShM,OAEjB7E,EAAKmE,QAAUA,EAEf,CAAA,EAAM9H,KAAK2S,aAAa7K,WACxB,OADAkL,EAAA7Q,OACM,CAAA,EAAAnC,KAAKiS,sBAAsB,YAAanK,WAA9CkL,EAAA7Q,wBAEF,MAAO,CAAA,EAAA,CACLwB,KAAMxD,EAAAA,EAAA,CAAA,EAAKwD,GAAI,CAAEuP,aAAcA,QAAAA,EAAgB,OAC/CzK,MAAKA,UAER,EAOakI,EAAAlR,UAAAqT,wBAAd,kHAGE,GAFA9S,KAAKqM,OAAO,+BAEPlF,OAAgByF,eAAAA,EAAQmF,kBAM3B,OALI/R,KAAKkS,kBAEPlS,KAAK0U,mBAGP,CAAA,GAAO,oBAcP,6BAVA1U,KAAKgR,0BAA4B,WAAA,OAAApQ,EAAA+H,OAAA,OAAA,GAAA,WAAA,OAAA9G,EAAA7B,MAAA,SAAA+D,mBAC/B,KAAA,EAAA,MAAA,CAAA,EAAM/D,KAAK2U,sBAAqB,IAAhC,KAAA,EAAA,MAAA,CAAA,EAAA5Q,gBAAsC,EAExC6I,SAAAA,EAAQmF,iBACN,mBACA/R,KAAKgR,2BAKP,CAAA,EAAMhR,KAAK2U,sBAAqB,kBAAhC5Q,EAAqC5B,sCAErCyD,QAAQ6C,MAAM,0BAA2BmM,gCAE5C,EAKajE,EAAoBlR,UAAAkV,qBAAlC,SAAmCE,0GAI7B,OAHEC,EAAa,yBAAAxR,OAAyBuR,EAAoB,KAChE7U,KAAKqM,OAAOyI,EAAY,kBAAmB1N,EAAS2N,iBAEnB,YAA7B3N,EAAS2N,gBAA6B,CAAA,EAAA,IACpC/U,KAAKkS,kBAGPlS,KAAKgV,oBAGFH,EAAoB,CAAA,EAAA,GAKjB,CAAA,EAAA7U,KAAK6Q,2BAEX,OAFA9M,EAAA5B,OAEM,CAAA,EAAAnC,KAAKgP,KAAKC,cAAe,GAAE,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,6DAC/B,MAAiC,YAA7BvB,EAAS2N,iBACX/U,KAAKqM,OACHyI,EACA,4GAIK,CAAA,IAIT,CAAA,EAAM9U,KAAK4S,oCAAX7O,EAAA5B,cACD,GAAA,YAbD4B,EAAA5B,2CAeoC,WAA7BiF,EAAS2N,iBACd/U,KAAKkS,kBACPlS,KAAKiV,oDAGV,EAMatE,EAAAlR,UAAAmT,mBAAd,uHACQsC,EAAY,wBAClBlV,KAAKqM,OAAO6I,EAAW,0BAGE,iCAAM,CAAA,EAAAlR,EAAahE,KAAKyD,QAASzD,KAAKqG,oBAGzD,OAHE8O,EAAiBhR,EAAiDhC,OACxEnC,KAAKqM,OAAO6I,EAAW,uBAAwBC,GAE1CnV,KAAKoV,gBAAgBD,GAAe,CAAA,EAAA,IACvCnV,KAAKqM,OAAO6I,EAAW,wBACA,OAAnBC,EAAuB,CAAA,EAAA,GACzB,CAAA,EAAMnV,KAAKwS,0BAAXrO,EAAAhC,wBAGF,MAAO,CAAA,UAcL,OAXEsR,EAAU7M,KAAKyB,MAAMC,KAAKC,MAAQ,KAClC8M,GAC0B,QAA7BtR,EAAAoR,EAAe/M,kBAAc,IAAArE,EAAAA,EAAAsF,KAAYoK,Eb1gBrB,Ga4gBvBzT,KAAKqM,OACH6I,EACA,cAAA5R,OACE+R,EAAoB,GAAK,0Cb/gBN,GaghBmB,MAGtCA,EACErV,KAAKkS,kBAAoBiD,EAAelN,cAClB,CAAA,EAAAjI,KAAKsV,kBAC3BH,EAAelN,gBAFsC,CAAA,EAAA,GADtC,CAAA,EAAA,UAMb,OAJIQ,EAAUtE,EAEjBhC,OAFYsG,QAKX7C,QAAQ6C,MAAMA,GAEToD,EAA0BpD,GAAM,CAAA,EAAA,IACnCzI,KAAKqM,OACH6I,EACA,kEACAzM,GAEF,CAAA,EAAMzI,KAAKwS,oBATN,CAAA,EAAA,UASLrO,EAAAhC,4CAQN,MAAM,CAAA,EAAAnC,KAAKiS,sBAAsB,YAAakD,YAA9ChR,EAAAhC,+CAMF,kBAHAnC,KAAKqM,OAAO6I,EAAW,QAASK,GAEhC3P,QAAQ6C,MAAM8M,GACP,CAAA,kBAEPvV,KAAKqM,OAAO6I,EAAW,mCAE1B,EAQOvE,EAAAlR,UAAA+V,iCAAR,WACExV,KAAKqM,OAAO,uCAEZ,IAAMoJ,EAAWzV,KAAKgR,0BACtBhR,KAAKgR,0BAA4B,KAEjC,IACMyE,GAAYtO,MAAeyF,aAAM,EAANA,EAAQ8I,sBACrC9I,EAAO8I,oBAAoB,mBAAoBD,EAElD,CAAC,MAAOjU,GACPoE,QAAQ6C,MAAM,4CAA6CjH,EAC7D,CACD,EAwBKmP,EAAAlR,UAAAiV,iBAAN,qGAEE,OADA1U,KAAKwV,mCACL,CAAA,EAAMxV,KAAKgV,mCAAXjR,EAAA5B,iBACD,EAMawO,EAAAlR,UAAAuV,kBAAd,2GACE,KAAA,EAAA,MAAA,CAAA,EAAMhV,KAAKiV,kCAAXlR,EAAA5B,OAEAnC,KAAKqM,OAAO,wBAENsJ,EAASC,aACb,WAAM,OAAAjN,EAAKkN,uBAAuB,GAClCnF,GAEF1Q,KAAK+Q,kBAAoB4E,EAGvBA,GACkB,iBAAXA,GACiB,mBAAjBA,EAAOG,MAQdH,EAAOG,aAG6B,IAA5BrO,WAAmBsO,MACoB,mBAAvCtO,WAAmBsO,KAAKC,YAKhCD,KAAKC,WAAWL,GAMlBlM,YAAW,WAAA,OAAA7I,EAAA+H,OAAA,OAAA,GAAA,6DACT,MAAM,CAAA,EAAA3I,KAAK6Q,0BACX,OADA9M,EAAA5B,OACA,CAAA,EAAMnC,KAAK6V,uCAAX9R,EAAA5B,iBACD,GAAE,aACJ,EAMawO,EAAAlR,UAAAwV,iBAAd,2FACEjV,KAAKqM,OAAO,uBAENsJ,EAAS3V,KAAK+Q,kBACpB/Q,KAAK+Q,kBAAoB,KAErB4E,GACFM,cAAcN,YAEjB,EAKahF,EAAAlR,UAAAoW,sBAAd,kHACE7V,KAAKqM,OAAO,2BAA4B,0BAGtC,6BAAA,CAAA,EAAMrM,KAAKgP,KAAKC,aAAa,GAAG,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,kGAEtBuN,EAAM5N,KAAKC,uBAGR,6BAAA,CAAA,EAAMvI,KAAKmW,aAAY,SAAOzU,GAAM,OAAAd,EAAA+H,OAAA,OAAA,GAAA,qEAKzC,OAHUb,EACNpG,EAAMiC,KAAAmE,UAEOA,EAAQG,eAAkBH,EAAQM,YAM7CgO,EAAiBxP,KAAKC,OACJ,IAArBiB,EAAQM,WAAoB8N,GAAOxF,GAGtC1Q,KAAKqM,OACH,2BACA,2BAAA/I,OAA2B8S,EAAc,yBAAA9S,OAAwBoN,EAA0B,6BAAApN,OApoBvE,EAooB8H,WAGhJ8S,GAvoBkB,EAwoBd,CAAA,EAAApW,KAAKsV,kBAAkBxN,EAAQG,gBADU,CAAA,EAAA,KAd/CjI,KAAKqM,OAAO,2BAA4B,cACjC,CAAA,WAcPtI,EAAA5B,qCAEH,GAAA,KAvBD,KAAA,EAAA,MAAA,CAAA,EAAO4B,mCAyBP6B,QAAQ6C,MACN,yEACA4N,0CAIJrW,KAAKqM,OAAO,2BAA4B,+BAE3C,GAAA,mBAtCDtI,EAAA5B,oBAwCA,kBAAMmM,kBAAoBhF,aAAa+E,GAGrC,MAAM/E,SAFNtJ,KAAKqM,OAAO,2EAKjB,EAyBasE,EAAAlR,UAAA4S,gBAAd,sFAME,OALMlE,EAASqB,EAAuB5C,EAAOoD,SAASP,OAEhD6G,EAAUnP,MAGDgH,EAAOrD,KACpB,CAAA,EAAO,QAILwL,IAAYnI,EAAOnG,cAAgBmG,EAAOgF,mBAC5C,CAAA,EAAO,YAET,CAAA,EAAO,WACR,EAEOxC,EAAAlR,UAAA8W,OAAR,WACE,OAAOvW,KAAKwW,OAAS,sBACtB,EAEa7F,EAAAlR,UAAAgX,qBAAd,SACE5I,EACAM,2GAmBiB,OAVbuI,EAAiCvI,EAAOwI,aAAe,CAAE,EAEvDC,EAAwC,CAC5CxC,UAAWpU,KAAK2R,SAChBkF,cAAe1I,EAAO0I,cACtBvF,aACEnD,EAAO2I,YAAc9W,KAAKsR,cAAgB1E,EAAOoD,SAAS+G,OAC5DP,MAAOrI,EAAO6I,QAAUhX,KAAKuW,UAGd,CAAA,EAAMvW,KAAKqS,0BAExB,MAAa,SAFAlO,EAA4BhC,OAEtB,CAAA,EAAA,GAEb,CAAA,EAAA+D,EAA0BlG,KAAKyD,QAASzD,KAAKqG,oBAD/CtC,EACJI,SADK+C,EAAanD,EAAA,GAAEkT,EAAmBlT,EAAA,GAGzC2S,EAASvW,EAAAA,EAAA,CAAA,EACJuW,GAAS,CACZQ,eAAgBhQ,EAChBiQ,sBAAuBF,qBAU3B,OALI9I,EAAOiJ,aACTR,EAAiBQ,WAAajJ,EAAOiJ,YAIhC,CAAA,EAAA,GAAA9T,OAAGuK,EAAG,KAAAvK,OAAI,IAAI8K,gBAChBjO,EAAAA,EAAA,CAAA,EAAAuW,GACAE,YAEN,EAEKjG,EAAyBlR,UAAA4X,0BAA/B,SACEC,6FAEO,MAAM,CAAA,EAAAtX,KAAKuX,wBAAwB,CACxCH,WAAYE,EAAYF,WACxBN,WAAYQ,aAAA,EAAAA,EAAaR,WACzBE,OAAQM,aAAA,EAAAA,EAAaN,OACrBL,YAAaW,EAAYX,YACzBa,oBAAqBF,EAAYE,uBALnC,KAAA,EAAA,MAAA,CAAA,EAAOzT,gBAOR,EAEK4M,EAA0BlR,UAAAgY,2BAAhC,SAAiC9T,4GAiBP,OAXlB+T,EAAiB,SAAOC,GAAgB,OAAA/W,EAAA+H,OAAA,OAAA,GAAA,mDAC5C/C,QAAQsG,IAAI,UACZtG,QAAQsG,IAAI0L,IACNC,EAAMzQ,EAAS0Q,cAAc,QAC/BC,UAAYJ,EACHvQ,EAAStF,KAAKkW,YAAYH,GACpCI,SAAS,GAEPC,kBACN,EAEuB,CAAA,EAAMxK,EAC5B,GAAApK,OAAGtD,KAAK4Q,qCACR,CACEuH,SAAUxU,EAAKwU,SACfC,SAAUzU,EAAKyU,SACf9G,aACE3N,EAAK2N,cAAgBtR,KAAKsR,cAAgB1E,EAAOoD,SAAS+G,OAC5D3C,UAAWpU,KAAK2R,UAElB,CAAErE,KAAK,YAGT,KAZMsK,EAAkB7T,EAUvB5B,QAEoBwB,MAAQiU,EAAgBnP,MAC3C,MAAM,IAAIV,MACR6P,EAAgBnP,OAAS,2CAG7BiP,EAAeE,EAAgBjU,gBAChC,EAEKgN,EAAclR,UAAA4Y,eAApB,SAAqBlK,qGACnB,KAAKA,aAAA,EAAAA,EAAQmK,OACX,MAAM,IAAIvQ,MAAM,qBAGM,MAAA,CAAA,EAAM2F,EAC5B,GAAApK,OAAGtD,KAAK4Q,4CACR,CACE0H,MAAOnK,EAAOmK,gBAGlB,OANMvU,EAAkBI,SAAhBR,EAAII,EAAAJ,KAAOI,EAAA0E,MAMnB,CAAA,EAAO9E,SACR,EAEDgN,EAAiBlR,UAAA8Y,kBAAjB,SACElL,QAAA,IAAAA,IAAAA,EAKM,CAAA,GAEN,IAAMc,EAAS,CACbiG,UAAWpU,KAAK2R,SAChBL,aACEjE,EAAQyJ,YAAc9W,KAAKsR,cAAgB1E,EAAOoD,SAAS+G,OAC7DF,cAAexJ,EAAQwJ,eAAiB1P,IAAc,OAAS,QAC/DqR,SAAUnL,EAAQmL,SAClBhC,MAAOnJ,EAAQmJ,OAIXxU,EAAI5C,OAAOqZ,YACfrZ,OAAOsZ,QAAQvK,GAAQwK,QAAO,SAAC5U,GAAiB,OAAbA,EAAA,KAAOA,EAAA,EAAM,KAGlD,MAAO,GAAGT,OAAAtD,KAAK4Q,gCAAuB,IAAIxC,gBAAgBpM,GAAGwC,WAC9D,EAEDmM,EAASlR,UAAAmZ,UAAT,SAAUvL,GAMR,IAAMQ,EAAM7N,KAAKuY,kBAAkBlL,GACnCkD,EAAcC,SAAS3C,EACxB,EAEa8C,EAAuBlR,UAAA8X,wBAArC,SAAsClK,mGAOhB,MAAM,CAAA,EAAArN,KAAKyW,qBAC7B,UAAGzW,KAAK4Q,UAAS,cACjB,CACEiG,cAAe1P,IAAc,OAAS,QACtCiQ,WAAY/J,EAAQ+J,WACpBN,WAAYzJ,EAAQyJ,WACpBE,OAAQ3J,EAAQ2J,OAChBL,YAAatJ,EAAQsJ,sBAWzB,OAlBM9I,EAAc9J,EASnB5B,OAEDnC,KAAKqM,OAAO,2BAA4B,UAAWgB,EAAS,MAAOQ,GAG/D1G,MAAgBkG,EAAQmK,qBAC1B5K,EAAOoD,SAAS5P,OAAOyN,GAGzB,CAAA,EAAO,CAAElK,KAAM,CAAEkK,IAAGA,GAAIpF,MAAO,aAChC,EAOKkI,EAAUlR,UAAAoZ,WAAhB,SAAiB1D,wGAIf,MAAM,CAAA,EAAAnV,KAAK6Q,0BAEJ,OAFP9M,EAAA5B,OAEa,CAAA,EAAAnC,KAAKgP,KAAKC,cAAe,GAAE,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,sDAC/B,KAAA,EAAA,MAAA,CAAA,EAAM3I,KAAK8Y,YAAY3D,IAA9B,KAAA,EAAA,MAAA,CAAA,EAAOpR,aACR,GAAA,KAFD,KAAA,EAAA,MAAA,CAAA,EAAOA,gBAGR,EAaK4M,EAAAlR,UAAAsZ,WAAN,gHACE,MAAM,CAAA,EAAA/Y,KAAK6Q,0BAEI,OAFf9M,EAAA5B,OAEqB,CAAA,EAAAnC,KAAKgP,KAAKC,cAAe,GAAE,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,iDAC9C,MAAA,CAAA,EAAO3I,KAAKmW,aAAY,SAAOzU,GAAM,OAAAd,EAAA+H,OAAA,OAAA,GAAA,sCACnC,MAAA,CAAA,EAAOjH,KACR,GAAA,OACF,GAAA,YAED,MAAA,CAAA,EANeqC,EAIb5B,cAGH,EAQawO,EAAWlR,UAAA0W,YAAzB,SACElN,mGAsBAjJ,KAAKqM,OAAO,eAAgB,0BAIX,6BAAA,CAAA,EAAMrM,KAAKgZ,wBAEnB,OAFDtX,EAASqC,EAA0B5B,OAElC,CAAA,EAAM8G,EAAGvH,IAAhB,KAAA,EAAA,MAAA,CAAA,EAAOqC,wBAEP/D,KAAKqM,OAAO,eAAgB,kCAE/B,EAOasE,EAAAlR,UAAAuZ,cAAd,uHAoBEhZ,KAAKqM,OAAO,mBAAoB,SAE3BrM,KAAKgP,KAAKF,cACb9O,KAAKqM,OACH,mBACA,qCACA,IAAItE,OAAQkR,wBAOO,6BAFjB9D,EAAiC,KAEV,CAAA,EAAAnR,EAAahE,KAAKyD,QAASzD,KAAKqG,oBAIvD,OAJE6S,EAAe/U,EAAiDhC,OAEtEnC,KAAKqM,OAAO,gBAAiB,uBAAwB6M,GAEhC,OAAjBA,EAAqB,CAAA,EAAA,GACnBlZ,KAAKoV,gBAAgB8D,IACvB/D,EAAiB+D,SADmB,CAAA,EAAA,UAIpC,OADAlZ,KAAKqM,OAAO,gBAAiB,qCAC7B,CAAA,EAAMrM,KAAKwS,yBAAXrO,EAAAhC,wBAIJ,OAAKgT,GAICgE,IAAahE,EAAe/M,YAC9B+M,EAAe/M,YAAcE,KAAKC,MAAQ,IAG9CvI,KAAKqM,OACH,mBACA,cAAc/I,OAAA6V,EAAa,GAAK,OAAM,YACtC,aACAhE,EAAe/M,YAGZ+Q,EAmB4B,CAAA,EAAAnZ,KAAKsV,kBACpCH,EAAelN,iBAnBXjI,KAAKyD,QAAQ2V,WACTC,EAAwB,IAAIC,MAAMnE,EAAgB,CACtDoE,IAAI,SAAAC,EAAaC,EAAcC,GAO7B,MANa,SAATD,GAEF7T,QAAQC,KACN,oWAGG8T,QAAQJ,IAAIC,EAAQC,EAAMC,EACnC,IAEFvE,EAAiBkE,GAGnB,CAAA,EAAO,CAAE1V,KAAM,CAAEmE,QAASqN,GAAkB1M,MAAO,SA9BnD,CAAA,EAAO,CAAE9E,KAAM,CAAEmE,QAAS,MAAQW,MAAO,cAoC3C,OAHM1E,EAAqBI,SAAnB2D,EAAO/D,EAAA+D,SAAEW,EAAK1E,EAAA0E,OAIpB,CAAA,EAAO,CAAE9E,KAAM,CAAEmE,QAAS,MAAQW,MAAKA,IAGzC,CAAA,EAAO,CAAE9E,KAAM,CAAEmE,QAAOA,GAAIW,MAAO,qBAEnCzI,KAAKqM,OAAO,mBAAoB,kCAEnC,EAEasE,EAAAlR,UAAA+S,eAAd,qGAGE,OAFAxS,KAAKqM,OAAO,qBAEN,CAAA,EAAAjI,EAAgBpE,KAAKyD,QAASzD,KAAKqG,2BAAzCtC,EAAA5B,iBACD,EAEOwO,EAAelR,UAAA2V,gBAAvB,SAAwB8D,GAQtB,MAN0B,iBAAjBA,GACU,OAAjBA,GACA,iBAAkBA,GAClB,kBAAmBA,GACnB,eAAgBA,CAGnB,EAEevI,EAAWlR,UAAAqZ,YAA3B,SAA4B3D,uHAKxB,0BAAKA,EAAenN,eAAiBmN,EAAelN,cAClD,MAAM,IAAIiD,EAaR,OAVEuI,EAAUnL,KAAKC,MAAQ,IACzBoL,EAAYF,EACZ0F,GAAa,EACbrR,EAA0B,MACxB8R,EAAUlQ,EAAiByL,EAAenN,eACpC6R,MACVlG,EAAYiG,EAAQC,IACpBV,EAAaxF,GAAaF,GAGxB0F,EAEM,CAAA,EAAAnZ,KAAKsV,kBAAkBH,EAAelN,gBAFlC,CAAA,EAAA,UAGZ,OAFMlE,EACJyJ,SADesM,EAAgB/V,EAAA+D,SAAEW,EAAK1E,EAAA0E,OAGtC,CAAA,EAAO,CAAE9E,KAAM,CAAE6E,KAAM,KAAMV,QAAS,MAAQW,MAAOA,IAGlDqR,GAGLhS,EAAUgS,SAFR,CAAA,EAAO,CAAEnW,KAAM,CAAE6E,KAAM,KAAMV,QAAS,MAAQW,MAAO,cAI/B,MAAM,CAAA,EAAAzI,KAAK+T,SACjCoB,EAAenN,sBAEjB,GAHM7D,EAAkBqJ,SAAhB7J,EAAIQ,EAAAR,MAAE8E,EAAKtE,EAAAsE,SAGL9E,EAAK6E,KACjB,MAAMC,EAUR,OARAX,EAAU,CACRE,aAAcmN,EAAenN,aAC7BC,cAAekN,EAAelN,cAC9BO,KAAM7E,EAAK6E,KACX+K,WAAY,SACZrL,WAAYyL,EAAYF,EACxBrL,WAAYuL,GAEd,CAAA,EAAM3T,KAAK2S,aAAa7K,WACxB,OADA0F,EAAArL,OACM,CAAA,EAAAnC,KAAKiS,sBAAsB,YAAanK,WAA9C0F,EAAArL,iBAGF,KAAA,EAAA,MAAA,CAAA,EAAO,CAAEwB,KAAM,CAAE6E,KAAMV,EAAQU,KAAMV,WAAWW,MAAO,cAEvD,GAAI2C,cACF,MAAA,CAAA,EAAO,CAAEzH,KAAM,CAAEmE,QAAS,KAAMU,KAAM,MAAQC,MAAKsR,IAGrD,MAAMA,yBAET,EAMapJ,EAAYlR,UAAAkT,aAA1B,SAA2B7K,6FAGzB,OAFA9H,KAAKqM,OAAO,kBAAmBvE,GAE/B,CAAA,EAAMtE,EAAaxD,KAAKyD,QAASzD,KAAKqG,WAAYyB,kBAAlD/D,EAAA5B,iBACD,EAEawO,EAAQlR,UAAAsU,SAAtB,SAAuB/L,mGACrB,IAAKA,EAAc,MAAM,IAAID,MAAM,mCAEvB,OADZ/H,KAAKqM,OAAO,qBACA,CAAA,EAAM0B,EAAW,GAAAzK,OAAGtD,KAAK4Q,iBAAgB,CACnDjH,MAAO3B,YAGT,OAJMc,EAAM/E,EAEV5B,OACFnC,KAAKqM,OAAO,mBACZ,CAAA,EAAO,CAAE1I,KAAM,CAAE6E,KAAMM,EAAInF,MAAQ8E,MAAOK,EAAIL,cAC/C,EAEakI,EAAiBlR,UAAA6V,kBAA/B,SAAgC0E,iHAC9B,IAAKA,EACH,MAAM,IAAI9O,EAIZ,GAAIlL,KAAKiR,mBACP,MAAA,CAAA,EAAOjR,KAAKiR,mBAAmBrI,SAG3BsM,EAAY,sBAAsB5R,OAAA0W,EAAarK,UAAU,EAAG,GAAE,QAEpE3P,KAAKqM,OAAO6I,EAAW,0BAKG,gCAFxBlV,KAAKiR,mBAAqB,IAAIvI,EAEN,CAAA,EAAM1I,KAAKia,oBAAoBD,WACvD,GADMjW,EAAkBiP,SAAhBrP,EAAII,EAAAJ,KAAE8E,EAAK1E,EAAA0E,MACR,MAAMA,EACjB,IAAK9E,EAAKmE,QAAS,MAAM,IAAIoD,EAE7B,MAAM,CAAA,EAAAlL,KAAK2S,aAAahP,EAAKmE,iBAC7B,OADAkL,EAAA7Q,OACM,CAAA,EAAAnC,KAAKiS,sBAAsB,kBAAmBtO,EAAKmE,iBAMzD,OANAkL,EAAA7Q,OAEMT,EAAS,CAAEoG,QAASnE,EAAKmE,QAASW,MAAO,MAE/CzI,KAAKiR,mBAAmB/P,QAAQQ,GAEhC,CAAA,EAAOA,UAIH,kBAFJ1B,KAAKqM,OAAO6I,EAAW,QAASgF,GAE5B9O,EAAY8O,IACRxY,EAAS,CAAEoG,QAAS,KAAMW,MAAKyR,GAEhCrO,EAA0BqO,GAAM,CAAA,EAAA,GACnC,CAAA,EAAMla,KAAKwS,mBAJO,CAAA,EAAA,UAKlB,OADAQ,EAAA7Q,OACM,CAAA,EAAAnC,KAAKiS,sBAAsB,aAAc,cAA/Ce,EAAA7Q,wBAKF,OAFuB,QAAvBgC,EAAAnE,KAAKiR,0BAAkB,IAAA9M,GAAAA,EAAEjD,QAAQQ,GAEjC,CAAA,EAAOA,UAIT,MADuB,QAAvB8L,EAAAxN,KAAKiR,0BAAkB,IAAAzD,GAAAA,EAAErM,OAAO+Y,GAC1BA,iBAENla,KAAKiR,mBAAqB,KAC1BjR,KAAKqM,OAAO6I,EAAW,mCAE1B,EAMavE,EAAmBlR,UAAAwa,oBAAjC,SACED,8GAEM9E,EAAY,wBAAwB5R,OAAA0W,EAAarK,UACrD,EACA,GACD,QACD3P,KAAKqM,OAAO6I,EAAW,0BAOd,8BAJDiF,EAAY7R,KAAKC,MAIV,CAAA,EAAAS,GACX,SAAOI,GAAO,OAAAxI,EAAA+H,OAAA,OAAA,GAAA,6EACR,OAAAS,EAAU,EACZ,CAAA,EAAMG,EAAM,IAAM3C,KAAKwT,IAAI,EAAGhR,EAAU,KAD3B,CAAA,EAAA,UACboE,EAA2CrL,wBAUzB,OAPpBnC,KAAKqM,OAAO6I,EAAW,qBAAsB9L,GAOzB,CAAA,EAAMsE,EACxB,GAAApK,OAAGtD,KAAK4Q,0BACR,CACEwD,UAAWpU,KAAK2R,SAChB0C,WAAY,gBACZpM,cAAe+R,YAKnB,GAVMzF,EAAc/G,EAOnBrL,OACKkY,EAAczS,EAAiB2M,KAEN,QAA1BxQ,EAAAsW,EAAY1W,KAAKmE,eAAS,IAAA/D,OAAA,EAAAA,EAAAiE,cAC7B,MAAM,IAAID,MAAM,YAED,MAAA,CAAA,EAAM/H,KAAK+T,SACA,QAA1B5P,EAAAkW,EAAY1W,KAAKmE,eAAS,IAAA3D,OAAA,EAAAA,EAAA6D,sBAI5B,GALMsS,EAAW9M,EAEhBrL,OAEaqG,EAAgB8R,EAAZ3W,KAAY2W,QAE5B,MAAM,IAAIvS,MAAM,yBAElB,IAAKS,EACH,MAAM,IAAIT,MAAM,iBAclB,MAAA,CAAA,EAXU,CACRpE,KAAM,CACJmE,QAAO3H,EAAAA,EAAA,CAAA,EACFka,EAAY1W,KAAKmE,SAAO,CAC3BU,KAAIA,IAENA,KAAIA,GAENC,MAAO,iBAKX,SAACW,EAASX,GACR,IAAM8R,EAAsB,IAAM3T,KAAKwT,IAAI,EAAGhR,GAC9C,OACEX,GACAoD,EAA0BpD,IAE1BH,KAAKC,MAAQgS,EAAsBJ,EACjCzJ,CAEN,YA5DF,MAAA,CAAA,EAAO3M,iBAiEP,cAFA/D,KAAKqM,OAAO6I,EAAW,QAASsF,GAE5BpP,EAAYoP,GACd,MAAA,CAAA,EAAO,CAAE7W,KAAM,CAAEmE,QAAS,KAAMU,KAAM,MAAQC,MAAK+R,IAErD,MAAMA,gBAENxa,KAAKqM,OAAO6I,EAAW,kCAE1B,EAEavE,EAAAlR,UAAAwS,sBAAd,SAAAwI,EAAAC,4CACE1I,EACAlK,EACA6S,kCAAA,IAAAA,IAAAA,GAAgB,8CAEVzF,EAAY,0BAAA5R,OAA0B0O,EAAK,KACjDhS,KAAKqM,OAAO6I,EAAW,QAASpN,EAAS,eAAAxE,OAAeqX,qBAkBtD,6BAfI3a,KAAKkR,kBAAoByJ,GAC3B3a,KAAKkR,iBAAiB0J,YAAY,CAAE5I,MAAKA,EAAElK,QAAOA,IAG9C+S,EAAgB,GAChBC,EAAWvb,MAAM0D,KAAKjD,KAAKmR,oBAAoB4J,UAAUzV,KAC7D,SAAO0V,GAAC,OAAApa,EAAA+H,OAAA,OAAA,GAAA,mEAEJ,6BAAM,CAAA,EAAAqS,EAAEvF,SAASzD,EAAOlK,kBAAxB/D,EAAA5B,sCAEA0Y,EAAO/X,KAAKmY,6BAEf,GAAA,IAGH,CAAA,EAAMha,QAAQqO,IAAIwL,WAElB,GAFA/W,EAAA5B,OAEI0Y,EAAOna,OAAS,EAAG,CACrB,IAASH,EAAI,EAAGA,EAAIsa,EAAOna,OAAQH,GAAK,EACtCqF,QAAQ6C,MAAMoS,EAAOta,IAGvB,MAAMsa,EAAO,EACf,2BAEA7a,KAAKqM,OAAO6I,EAAW,kCAE1B,EAUKvE,EAAAlR,UAAAyO,QAAN,oDACEb,0BAAA,IAAAA,IAAAA,EAAA,CAAqBmJ,MAAO,sDAE5B,MAAM,CAAA,EAAAxW,KAAK6Q,0BAEJ,OAFP9M,EAAA5B,OAEa,CAAA,EAAAnC,KAAKgP,KAAKC,cAAe,GAAE,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,sDAC/B,KAAA,EAAA,MAAA,CAAA,EAAM3I,KAAKkb,SAAS7N,IAA3B,KAAA,EAAA,MAAA,CAAA,EAAOtJ,aACR,GAAA,KAFD,KAAA,EAAA,MAAA,CAAA,EAAOA,gBAGR,EAEe4M,EAAAlR,UAAAyb,SAAhB,oDACEnX,cAAAI,OAAuD,IAAAJ,EAAA,CAAEyS,MAAO,UAAUzS,EAAxEyS,EAAKrS,EAAAqS,aAAUrS,EAAAgX,6CAEV,KAAA,EAAA,MAAA,CAAA,EAAMnb,KAAKmW,aAAY,SAAOzU,GAAM,OAAAd,EAAA+H,OAAA,OAAA,GAAA,yEAEzC,OADQhF,EAA8BjC,EAA1BiC,MAASyX,EAAiB1Z,SAEpC,CAAA,EAAO,CAAE+G,MAAO2S,KAEc,QAAZrX,EAAAJ,EAAKmE,eAAO,IAAA/D,OAAA,EAAAA,EAAEiE,cAEd,CAAA,EAAMhI,KAAK4R,IAAI1D,QAAQ,CACvCkG,UAAWpU,KAAK2R,YAFL,CAAA,EAAA,UAIb,IAHQlJ,EAAUtE,EAEhBhC,OAFWsG,UXtxCf,SAAyBA,GAC7B,OAAO2C,EAAY3C,IAAyB,iBAAfA,EAAMuC,IACrC,CW4xCcqQ,CAAe5S,IACG,MAAjBA,EAAMoC,QAAmC,MAAjBpC,EAAMoC,QAGjC,MAAA,CAAA,EAAO,CAAEpC,MAAKA,qBAIhB,MAAU,WAAV+N,EAAkB,CAAA,EAAA,GACpB,CAAA,EAAMxW,KAAKwS,yBACX,OADArO,EAAAhC,OACA,CAAA,EAAMiC,EAAgBpE,KAAKyD,QAAS,GAAGH,OAAAtD,KAAKqG,WAA0B,2BACtE,OADAlC,EAAAhC,OACM,CAAA,EAAAnC,KAAKiS,sBAAsB,aAAc,cAA/C9N,EAAAhC,iBAEF,KAAA,EAAA,MAAA,CAAA,EAAO,CAAEsG,MAAO,UACjB,GAAA,KA7BD,KAAA,EAAA,MAAA,CAAA,EAAO+E,gBA8BR,EAMDmD,EAAiBlR,UAAA6b,kBAAjB,SACE7F,GADF,IAmCC9M,EAAA3I,KA3BOub,EftyCD,uCAAuCtV,QAAQ,SAAS,SAAUV,GACvE,IAAMiW,EAAqB,GAAhB5U,KAAKE,SAAiB,EAEjC,OADW,KAALvB,EAAWiW,EAAS,EAAJA,EAAW,GACxBhX,SAAS,GACpB,IemyCQiX,EAA6B,CACjCF,GAAEA,EACF9F,SAAQA,EACRiG,YAAa,WACX/S,EAAK0D,OACH,iBACA,wCACAkP,GAGF5S,EAAKwI,oBAAoBjB,OAAOqL,EAClC,GAcF,OAXAvb,KAAKqM,OAAO,uBAAwB,8BAA+BkP,GAEnEvb,KAAKmR,oBAAoBwK,IAAIJ,EAAIE,GAChC7a,EAAA+H,OAAA,OAAA,GAAA,wEACC,MAAM,CAAA,EAAA3I,KAAK6Q,0BAEX,OAFA9M,EAAA5B,OAEM,CAAA,EAAAnC,KAAKgP,KAAKC,cAAe,GAAE,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,6CAC/B3I,KAAK4b,oBAAoBL,SAC1B,GAAA,mBAFDxX,EAAA5B,cAGD,IAEM,CAAEwB,KAAM,CAAE8X,aAAYA,GAC9B,EAEa9K,EAAmBlR,UAAAmc,oBAAjC,SAAkCL,iGACzB,KAAA,EAAA,MAAA,CAAA,EAAMvb,KAAKmW,aAAY,SAAOzU,GAAM,OAAAd,EAAA+H,OAAA,OAAA,GAAA,2EAMvC,yBAHUb,EAENpG,EAFaiC,KAAAmE,QACfW,EACE/G,QACO,MAAM+G,EAEjB,MAAA,CAAA,EAEI,QAFE1E,EAAA/D,KAAKmR,oBACRoI,IAAIgC,UACH,IAAAxX,OAAA,EAAAA,EAAA0R,SAAS,kBAAmB3N,kBAFhC0F,EAAArL,OAGAnC,KAAKqM,OAAO,kBAAmB,cAAekP,EAAI,UAAWzT,gBAE7D,kBAAA,CAAA,EAEI,QAFE3D,EAAAnE,KAAKmR,oBACRoI,IAAIgC,UACH,IAAApX,OAAA,EAAAA,EAAAsR,SAAS,kBAAmB,qBAFhCjI,EAAArL,OAGAnC,KAAKqM,OAAO,kBAAmB,cAAekP,EAAI,QAASM,GAC3DjW,QAAQ6C,MAAMoT,6BAEjB,GAAA,KAnBD,KAAA,EAAA,MAAA,CAAA,EAAO9X,gBAoBR,EAQK4M,EAAclR,UAAAqc,eAApB,SAAqB3G,wGAGnB,MAAM,CAAA,EAAAnV,KAAK6Q,0BAEJ,OAFP9M,EAAA5B,OAEa,CAAA,EAAAnC,KAAKgP,KAAKC,cAAe,GAAE,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,sDAC/B,KAAA,EAAA,MAAA,CAAA,EAAM3I,KAAK+b,gBAAgB5G,IAAlC,KAAA,EAAA,MAAA,CAAA,EAAOpR,aACR,GAAA,KAFD,KAAA,EAAA,MAAA,CAAA,EAAOA,gBAGR,EAEe4M,EAAelR,UAAAsc,gBAA/B,SAAgC5G,0GAIrB,6BAAA,CAAA,EAAMnV,KAAKmW,aAAY,SAAOzU,GAAM,OAAAd,EAAA+H,OAAA,OAAA,GAAA,6EACzC,IAAKwM,EAAgB,CAEnB,GADQxR,EAAgBjC,EAAMiC,KAAhBqY,EAAUta,QAEtB,MAAMsa,EAGR7G,EAA6B,QAAZhR,EAAAR,EAAKmE,eAAO,IAAA3D,EAAAA,OAAIgH,CACnC,CAEA,KAAKgK,aAAA,EAAAA,EAAgBlN,eACnB,MAAM,IAAIiD,EAGe,MAAM,CAAA,EAAAlL,KAAKsV,kBACpCH,EAAelN,uBAEjB,OAHMlE,EAAqByJ,SAAnB1F,EAAO/D,EAAA+D,SAAEW,EAAK1E,EAAA0E,OAIpB,CAAA,EAAO,CAAE9E,KAAM,CAAE6E,KAAM,KAAMV,QAAS,MAAQW,MAAOA,IAGlDX,EAIL,CAAA,EAAO,CAAEnE,KAAM,CAAE6E,KAAOV,EAAgBU,KAAMV,WAAWW,MAAO,OAH9D,CAAA,EAAO,CAAE9E,KAAM,CAAE6E,KAAM,KAAMV,QAAS,MAAQW,MAAO,UAIxD,GAAA,KA1BD,KAAA,EAAA,MAAA,CAAA,EAAO1E,iBA4BP,GAAIqH,cACF,MAAA,CAAA,EAAO,CAAEzH,KAAM,CAAE6E,KAAM,KAAMV,QAAS,MAAQW,MAAKwT,IAGrD,MAAMA,yBAET,EACFtL,CAAD,CAz+CA,CAAsCjC,GCpDtCwN,EAAA,WAAA,ECXaC,EAAe,SAACnQ,GAC3B,OAAO,IAAI2E,EAAiB3E,EAC9B","x_google_ignoreList":[0]}
1
+ {"version":3,"file":"main.js","sources":["../../node_modules/tslib/tslib.es6.js","../../../src/utils.ts","../../../src/lib/storage_helpers.ts","../../../src/lib/helpers.ts","../../../src/lib/jwt.ts","../../../src/lib/constants.ts","../../../src/lib/local-storage.ts","../../../src/lib/errors.ts","../../../src/lib/version.ts","../../../src/BaseLog.ts","../../../src/lib/globals.ts","../../../src/lib/fetch.ts","../../../src/FaableAuthApi.ts","../../../src/lock/locks.ts","../../../src/Base.ts","../../../src/lock/Lock.ts","../../../src/lib/url_helpers.ts","../../../src/lib/helpers/window.ts","../../../src/FaableAuthClient.ts","../../../src/lib/types.ts","../../../src/createClient.ts"],"sourcesContent":["/******************************************************************************\r\nCopyright (c) Microsoft Corporation.\r\n\r\nPermission to use, copy, modify, and/or distribute this software for any\r\npurpose with or without fee is hereby granted.\r\n\r\nTHE SOFTWARE IS PROVIDED \"AS IS\" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH\r\nREGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY\r\nAND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,\r\nINDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM\r\nLOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR\r\nOTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR\r\nPERFORMANCE OF THIS SOFTWARE.\r\n***************************************************************************** */\r\n/* global Reflect, Promise, SuppressedError, Symbol, Iterator */\r\n\r\nvar extendStatics = function(d, b) {\r\n extendStatics = Object.setPrototypeOf ||\r\n ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||\r\n function (d, b) { for (var p in b) if (Object.prototype.hasOwnProperty.call(b, p)) d[p] = b[p]; };\r\n return extendStatics(d, b);\r\n};\r\n\r\nexport function __extends(d, b) {\r\n if (typeof b !== \"function\" && b !== null)\r\n throw new TypeError(\"Class extends value \" + String(b) + \" is not a constructor or null\");\r\n extendStatics(d, b);\r\n function __() { this.constructor = d; }\r\n d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());\r\n}\r\n\r\nexport var __assign = function() {\r\n __assign = Object.assign || function __assign(t) {\r\n for (var s, i = 1, n = arguments.length; i < n; i++) {\r\n s = arguments[i];\r\n for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p)) t[p] = s[p];\r\n }\r\n return t;\r\n }\r\n return __assign.apply(this, arguments);\r\n}\r\n\r\nexport function __rest(s, e) {\r\n var t = {};\r\n for (var p in s) if (Object.prototype.hasOwnProperty.call(s, p) && e.indexOf(p) < 0)\r\n t[p] = s[p];\r\n if (s != null && typeof Object.getOwnPropertySymbols === \"function\")\r\n for (var i = 0, p = Object.getOwnPropertySymbols(s); i < p.length; i++) {\r\n if (e.indexOf(p[i]) < 0 && Object.prototype.propertyIsEnumerable.call(s, p[i]))\r\n t[p[i]] = s[p[i]];\r\n }\r\n return t;\r\n}\r\n\r\nexport function __decorate(decorators, target, key, desc) {\r\n var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;\r\n if (typeof Reflect === \"object\" && typeof Reflect.decorate === \"function\") r = Reflect.decorate(decorators, target, key, desc);\r\n else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;\r\n return c > 3 && r && Object.defineProperty(target, key, r), r;\r\n}\r\n\r\nexport function __param(paramIndex, decorator) {\r\n return function (target, key) { decorator(target, key, paramIndex); }\r\n}\r\n\r\nexport function __esDecorate(ctor, descriptorIn, decorators, contextIn, initializers, extraInitializers) {\r\n function accept(f) { if (f !== void 0 && typeof f !== \"function\") throw new TypeError(\"Function expected\"); return f; }\r\n var kind = contextIn.kind, key = kind === \"getter\" ? \"get\" : kind === \"setter\" ? \"set\" : \"value\";\r\n var target = !descriptorIn && ctor ? contextIn[\"static\"] ? ctor : ctor.prototype : null;\r\n var descriptor = descriptorIn || (target ? Object.getOwnPropertyDescriptor(target, contextIn.name) : {});\r\n var _, done = false;\r\n for (var i = decorators.length - 1; i >= 0; i--) {\r\n var context = {};\r\n for (var p in contextIn) context[p] = p === \"access\" ? {} : contextIn[p];\r\n for (var p in contextIn.access) context.access[p] = contextIn.access[p];\r\n context.addInitializer = function (f) { if (done) throw new TypeError(\"Cannot add initializers after decoration has completed\"); extraInitializers.push(accept(f || null)); };\r\n var result = (0, decorators[i])(kind === \"accessor\" ? { get: descriptor.get, set: descriptor.set } : descriptor[key], context);\r\n if (kind === \"accessor\") {\r\n if (result === void 0) continue;\r\n if (result === null || typeof result !== \"object\") throw new TypeError(\"Object expected\");\r\n if (_ = accept(result.get)) descriptor.get = _;\r\n if (_ = accept(result.set)) descriptor.set = _;\r\n if (_ = accept(result.init)) initializers.unshift(_);\r\n }\r\n else if (_ = accept(result)) {\r\n if (kind === \"field\") initializers.unshift(_);\r\n else descriptor[key] = _;\r\n }\r\n }\r\n if (target) Object.defineProperty(target, contextIn.name, descriptor);\r\n done = true;\r\n};\r\n\r\nexport function __runInitializers(thisArg, initializers, value) {\r\n var useValue = arguments.length > 2;\r\n for (var i = 0; i < initializers.length; i++) {\r\n value = useValue ? initializers[i].call(thisArg, value) : initializers[i].call(thisArg);\r\n }\r\n return useValue ? value : void 0;\r\n};\r\n\r\nexport function __propKey(x) {\r\n return typeof x === \"symbol\" ? x : \"\".concat(x);\r\n};\r\n\r\nexport function __setFunctionName(f, name, prefix) {\r\n if (typeof name === \"symbol\") name = name.description ? \"[\".concat(name.description, \"]\") : \"\";\r\n return Object.defineProperty(f, \"name\", { configurable: true, value: prefix ? \"\".concat(prefix, \" \", name) : name });\r\n};\r\n\r\nexport function __metadata(metadataKey, metadataValue) {\r\n if (typeof Reflect === \"object\" && typeof Reflect.metadata === \"function\") return Reflect.metadata(metadataKey, metadataValue);\r\n}\r\n\r\nexport function __awaiter(thisArg, _arguments, P, generator) {\r\n function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }\r\n return new (P || (P = Promise))(function (resolve, reject) {\r\n function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }\r\n function rejected(value) { try { step(generator[\"throw\"](value)); } catch (e) { reject(e); } }\r\n function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }\r\n step((generator = generator.apply(thisArg, _arguments || [])).next());\r\n });\r\n}\r\n\r\nexport function __generator(thisArg, body) {\r\n var _ = { label: 0, sent: function() { if (t[0] & 1) throw t[1]; return t[1]; }, trys: [], ops: [] }, f, y, t, g = Object.create((typeof Iterator === \"function\" ? Iterator : Object).prototype);\r\n return g.next = verb(0), g[\"throw\"] = verb(1), g[\"return\"] = verb(2), typeof Symbol === \"function\" && (g[Symbol.iterator] = function() { return this; }), g;\r\n function verb(n) { return function (v) { return step([n, v]); }; }\r\n function step(op) {\r\n if (f) throw new TypeError(\"Generator is already executing.\");\r\n while (g && (g = 0, op[0] && (_ = 0)), _) try {\r\n if (f = 1, y && (t = op[0] & 2 ? y[\"return\"] : op[0] ? y[\"throw\"] || ((t = y[\"return\"]) && t.call(y), 0) : y.next) && !(t = t.call(y, op[1])).done) return t;\r\n if (y = 0, t) op = [op[0] & 2, t.value];\r\n switch (op[0]) {\r\n case 0: case 1: t = op; break;\r\n case 4: _.label++; return { value: op[1], done: false };\r\n case 5: _.label++; y = op[1]; op = [0]; continue;\r\n case 7: op = _.ops.pop(); _.trys.pop(); continue;\r\n default:\r\n if (!(t = _.trys, t = t.length > 0 && t[t.length - 1]) && (op[0] === 6 || op[0] === 2)) { _ = 0; continue; }\r\n if (op[0] === 3 && (!t || (op[1] > t[0] && op[1] < t[3]))) { _.label = op[1]; break; }\r\n if (op[0] === 6 && _.label < t[1]) { _.label = t[1]; t = op; break; }\r\n if (t && _.label < t[2]) { _.label = t[2]; _.ops.push(op); break; }\r\n if (t[2]) _.ops.pop();\r\n _.trys.pop(); continue;\r\n }\r\n op = body.call(thisArg, _);\r\n } catch (e) { op = [6, e]; y = 0; } finally { f = t = 0; }\r\n if (op[0] & 5) throw op[1]; return { value: op[0] ? op[1] : void 0, done: true };\r\n }\r\n}\r\n\r\nexport var __createBinding = Object.create ? (function(o, m, k, k2) {\r\n if (k2 === undefined) k2 = k;\r\n var desc = Object.getOwnPropertyDescriptor(m, k);\r\n if (!desc || (\"get\" in desc ? !m.__esModule : desc.writable || desc.configurable)) {\r\n desc = { enumerable: true, get: function() { return m[k]; } };\r\n }\r\n Object.defineProperty(o, k2, desc);\r\n}) : (function(o, m, k, k2) {\r\n if (k2 === undefined) k2 = k;\r\n o[k2] = m[k];\r\n});\r\n\r\nexport function __exportStar(m, o) {\r\n for (var p in m) if (p !== \"default\" && !Object.prototype.hasOwnProperty.call(o, p)) __createBinding(o, m, p);\r\n}\r\n\r\nexport function __values(o) {\r\n var s = typeof Symbol === \"function\" && Symbol.iterator, m = s && o[s], i = 0;\r\n if (m) return m.call(o);\r\n if (o && typeof o.length === \"number\") return {\r\n next: function () {\r\n if (o && i >= o.length) o = void 0;\r\n return { value: o && o[i++], done: !o };\r\n }\r\n };\r\n throw new TypeError(s ? \"Object is not iterable.\" : \"Symbol.iterator is not defined.\");\r\n}\r\n\r\nexport function __read(o, n) {\r\n var m = typeof Symbol === \"function\" && o[Symbol.iterator];\r\n if (!m) return o;\r\n var i = m.call(o), r, ar = [], e;\r\n try {\r\n while ((n === void 0 || n-- > 0) && !(r = i.next()).done) ar.push(r.value);\r\n }\r\n catch (error) { e = { error: error }; }\r\n finally {\r\n try {\r\n if (r && !r.done && (m = i[\"return\"])) m.call(i);\r\n }\r\n finally { if (e) throw e.error; }\r\n }\r\n return ar;\r\n}\r\n\r\n/** @deprecated */\r\nexport function __spread() {\r\n for (var ar = [], i = 0; i < arguments.length; i++)\r\n ar = ar.concat(__read(arguments[i]));\r\n return ar;\r\n}\r\n\r\n/** @deprecated */\r\nexport function __spreadArrays() {\r\n for (var s = 0, i = 0, il = arguments.length; i < il; i++) s += arguments[i].length;\r\n for (var r = Array(s), k = 0, i = 0; i < il; i++)\r\n for (var a = arguments[i], j = 0, jl = a.length; j < jl; j++, k++)\r\n r[k] = a[j];\r\n return r;\r\n}\r\n\r\nexport function __spreadArray(to, from, pack) {\r\n if (pack || arguments.length === 2) for (var i = 0, l = from.length, ar; i < l; i++) {\r\n if (ar || !(i in from)) {\r\n if (!ar) ar = Array.prototype.slice.call(from, 0, i);\r\n ar[i] = from[i];\r\n }\r\n }\r\n return to.concat(ar || Array.prototype.slice.call(from));\r\n}\r\n\r\nexport function __await(v) {\r\n return this instanceof __await ? (this.v = v, this) : new __await(v);\r\n}\r\n\r\nexport function __asyncGenerator(thisArg, _arguments, generator) {\r\n if (!Symbol.asyncIterator) throw new TypeError(\"Symbol.asyncIterator is not defined.\");\r\n var g = generator.apply(thisArg, _arguments || []), i, q = [];\r\n return i = Object.create((typeof AsyncIterator === \"function\" ? AsyncIterator : Object).prototype), verb(\"next\"), verb(\"throw\"), verb(\"return\", awaitReturn), i[Symbol.asyncIterator] = function () { return this; }, i;\r\n function awaitReturn(f) { return function (v) { return Promise.resolve(v).then(f, reject); }; }\r\n function verb(n, f) { if (g[n]) { i[n] = function (v) { return new Promise(function (a, b) { q.push([n, v, a, b]) > 1 || resume(n, v); }); }; if (f) i[n] = f(i[n]); } }\r\n function resume(n, v) { try { step(g[n](v)); } catch (e) { settle(q[0][3], e); } }\r\n function step(r) { r.value instanceof __await ? Promise.resolve(r.value.v).then(fulfill, reject) : settle(q[0][2], r); }\r\n function fulfill(value) { resume(\"next\", value); }\r\n function reject(value) { resume(\"throw\", value); }\r\n function settle(f, v) { if (f(v), q.shift(), q.length) resume(q[0][0], q[0][1]); }\r\n}\r\n\r\nexport function __asyncDelegator(o) {\r\n var i, p;\r\n return i = {}, verb(\"next\"), verb(\"throw\", function (e) { throw e; }), verb(\"return\"), i[Symbol.iterator] = function () { return this; }, i;\r\n function verb(n, f) { i[n] = o[n] ? function (v) { return (p = !p) ? { value: __await(o[n](v)), done: false } : f ? f(v) : v; } : f; }\r\n}\r\n\r\nexport function __asyncValues(o) {\r\n if (!Symbol.asyncIterator) throw new TypeError(\"Symbol.asyncIterator is not defined.\");\r\n var m = o[Symbol.asyncIterator], i;\r\n return m ? m.call(o) : (o = typeof __values === \"function\" ? __values(o) : o[Symbol.iterator](), i = {}, verb(\"next\"), verb(\"throw\"), verb(\"return\"), i[Symbol.asyncIterator] = function () { return this; }, i);\r\n function verb(n) { i[n] = o[n] && function (v) { return new Promise(function (resolve, reject) { v = o[n](v), settle(resolve, reject, v.done, v.value); }); }; }\r\n function settle(resolve, reject, d, v) { Promise.resolve(v).then(function(v) { resolve({ value: v, done: d }); }, reject); }\r\n}\r\n\r\nexport function __makeTemplateObject(cooked, raw) {\r\n if (Object.defineProperty) { Object.defineProperty(cooked, \"raw\", { value: raw }); } else { cooked.raw = raw; }\r\n return cooked;\r\n};\r\n\r\nvar __setModuleDefault = Object.create ? (function(o, v) {\r\n Object.defineProperty(o, \"default\", { enumerable: true, value: v });\r\n}) : function(o, v) {\r\n o[\"default\"] = v;\r\n};\r\n\r\nvar ownKeys = function(o) {\r\n ownKeys = Object.getOwnPropertyNames || function (o) {\r\n var ar = [];\r\n for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;\r\n return ar;\r\n };\r\n return ownKeys(o);\r\n};\r\n\r\nexport function __importStar(mod) {\r\n if (mod && mod.__esModule) return mod;\r\n var result = {};\r\n if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== \"default\") __createBinding(result, mod, k[i]);\r\n __setModuleDefault(result, mod);\r\n return result;\r\n}\r\n\r\nexport function __importDefault(mod) {\r\n return (mod && mod.__esModule) ? mod : { default: mod };\r\n}\r\n\r\nexport function __classPrivateFieldGet(receiver, state, kind, f) {\r\n if (kind === \"a\" && !f) throw new TypeError(\"Private accessor was defined without a getter\");\r\n if (typeof state === \"function\" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError(\"Cannot read private member from an object whose class did not declare it\");\r\n return kind === \"m\" ? f : kind === \"a\" ? f.call(receiver) : f ? f.value : state.get(receiver);\r\n}\r\n\r\nexport function __classPrivateFieldSet(receiver, state, value, kind, f) {\r\n if (kind === \"m\") throw new TypeError(\"Private method is not writable\");\r\n if (kind === \"a\" && !f) throw new TypeError(\"Private accessor was defined without a setter\");\r\n if (typeof state === \"function\" ? receiver !== state || !f : !state.has(receiver)) throw new TypeError(\"Cannot write private member to an object whose class did not declare it\");\r\n return (kind === \"a\" ? f.call(receiver, value) : f ? f.value = value : state.set(receiver, value)), value;\r\n}\r\n\r\nexport function __classPrivateFieldIn(state, receiver) {\r\n if (receiver === null || (typeof receiver !== \"object\" && typeof receiver !== \"function\")) throw new TypeError(\"Cannot use 'in' operator on non-object\");\r\n return typeof state === \"function\" ? receiver === state : state.has(receiver);\r\n}\r\n\r\nexport function __addDisposableResource(env, value, async) {\r\n if (value !== null && value !== void 0) {\r\n if (typeof value !== \"object\" && typeof value !== \"function\") throw new TypeError(\"Object expected.\");\r\n var dispose, inner;\r\n if (async) {\r\n if (!Symbol.asyncDispose) throw new TypeError(\"Symbol.asyncDispose is not defined.\");\r\n dispose = value[Symbol.asyncDispose];\r\n }\r\n if (dispose === void 0) {\r\n if (!Symbol.dispose) throw new TypeError(\"Symbol.dispose is not defined.\");\r\n dispose = value[Symbol.dispose];\r\n if (async) inner = dispose;\r\n }\r\n if (typeof dispose !== \"function\") throw new TypeError(\"Object not disposable.\");\r\n if (inner) dispose = function() { try { inner.call(this); } catch (e) { return Promise.reject(e); } };\r\n env.stack.push({ value: value, dispose: dispose, async: async });\r\n }\r\n else if (async) {\r\n env.stack.push({ async: true });\r\n }\r\n return value;\r\n\r\n}\r\n\r\nvar _SuppressedError = typeof SuppressedError === \"function\" ? SuppressedError : function (error, suppressed, message) {\r\n var e = new Error(message);\r\n return e.name = \"SuppressedError\", e.error = error, e.suppressed = suppressed, e;\r\n};\r\n\r\nexport function __disposeResources(env) {\r\n function fail(e) {\r\n env.error = env.hasError ? new _SuppressedError(e, env.error, \"An error was suppressed during disposal.\") : e;\r\n env.hasError = true;\r\n }\r\n var r, s = 0;\r\n function next() {\r\n while (r = env.stack.pop()) {\r\n try {\r\n if (!r.async && s === 1) return s = 0, env.stack.push(r), Promise.resolve().then(next);\r\n if (r.dispose) {\r\n var result = r.dispose.call(r.value);\r\n if (r.async) return s |= 2, Promise.resolve(result).then(next, function(e) { fail(e); return next(); });\r\n }\r\n else s |= 1;\r\n }\r\n catch (e) {\r\n fail(e);\r\n }\r\n }\r\n if (s === 1) return env.hasError ? Promise.reject(env.error) : Promise.resolve();\r\n if (env.hasError) throw env.error;\r\n }\r\n return next();\r\n}\r\n\r\nexport function __rewriteRelativeImportExtension(path, preserveJsx) {\r\n if (typeof path === \"string\" && /^\\.\\.?\\//.test(path)) {\r\n return path.replace(/\\.(tsx)$|((?:\\.d)?)((?:\\.[^./]+?)?)\\.([cm]?)ts$/i, function (m, tsx, d, ext, cm) {\r\n return tsx ? preserveJsx ? \".jsx\" : \".js\" : d && (!ext || !cm) ? m : (d + ext + \".\" + cm.toLowerCase() + \"js\");\r\n });\r\n }\r\n return path;\r\n}\r\n\r\nexport default {\r\n __extends: __extends,\r\n __assign: __assign,\r\n __rest: __rest,\r\n __decorate: __decorate,\r\n __param: __param,\r\n __esDecorate: __esDecorate,\r\n __runInitializers: __runInitializers,\r\n __propKey: __propKey,\r\n __setFunctionName: __setFunctionName,\r\n __metadata: __metadata,\r\n __awaiter: __awaiter,\r\n __generator: __generator,\r\n __createBinding: __createBinding,\r\n __exportStar: __exportStar,\r\n __values: __values,\r\n __read: __read,\r\n __spread: __spread,\r\n __spreadArrays: __spreadArrays,\r\n __spreadArray: __spreadArray,\r\n __await: __await,\r\n __asyncGenerator: __asyncGenerator,\r\n __asyncDelegator: __asyncDelegator,\r\n __asyncValues: __asyncValues,\r\n __makeTemplateObject: __makeTemplateObject,\r\n __importStar: __importStar,\r\n __importDefault: __importDefault,\r\n __classPrivateFieldGet: __classPrivateFieldGet,\r\n __classPrivateFieldSet: __classPrivateFieldSet,\r\n __classPrivateFieldIn: __classPrivateFieldIn,\r\n __addDisposableResource: __addDisposableResource,\r\n __disposeResources: __disposeResources,\r\n __rewriteRelativeImportExtension: __rewriteRelativeImportExtension,\r\n};\r\n","import { AuthenticationResult } from \"./lib/types\";\n\nexport const parseAuthenticationResult = (\n queryString: string\n): AuthenticationResult => {\n if (queryString.indexOf(\"#\") > -1) {\n queryString = queryString.substring(0, queryString.indexOf(\"#\"));\n }\n\n const searchParams = new URLSearchParams(queryString);\n\n return {\n state: searchParams.get(\"state\")!,\n code: searchParams.get(\"code\") || undefined,\n error: searchParams.get(\"error\") || undefined,\n error_description: searchParams.get(\"error_description\") || undefined,\n };\n};\n\nconst stripUndefined = (params: any) => {\n return Object.keys(params)\n .filter((k) => typeof params[k] !== \"undefined\")\n .reduce((acc, key) => ({ ...acc, [key]: params[key] }), {});\n};\n\nexport const createQueryParams = ({ clientId: client_id, ...params }: any) => {\n return new URLSearchParams(\n stripUndefined({ client_id, ...params })\n ).toString();\n};\n\n/**\n * @ignore\n */\nexport const getTokenIssuer = (\n issuer: string | undefined,\n domainUrl: string\n) => {\n if (issuer) {\n return issuer.startsWith(\"https://\") ? issuer : `https://${issuer}`;\n }\n\n return `${domainUrl}`;\n};\n\nexport const getDomain = (domainUrl: string) => {\n if (!/^(https|http)?:\\/\\//.test(domainUrl)) {\n const protocol = location?.protocol || \"https\";\n return `${protocol}//${domainUrl}`;\n }\n\n return domainUrl;\n};\n\nexport const encode = (value: string) => btoa(value);\nexport const decode = (value: string) => atob(value);\n\n// https://stackoverflow.com/questions/30106476/\nconst decodeB64 = (input: string) =>\n decodeURIComponent(\n atob(input)\n .split(\"\")\n .map((c) => {\n return \"%\" + (\"00\" + c.charCodeAt(0).toString(16)).slice(-2);\n })\n .join(\"\")\n );\n\nconst urlEncodeB64 = (input: string) => {\n const b64Chars: { [index: string]: string } = { \"+\": \"-\", \"/\": \"_\", \"=\": \"\" };\n return input.replace(/[+/=]/g, (m: string) => b64Chars[m]);\n};\n\nexport const urlDecodeB64 = (input: string) =>\n decodeB64(input.replace(/_/g, \"/\").replace(/-/g, \"+\"));\n\nexport const bufferToBase64UrlEncoded = (input: number[] | Uint8Array) => {\n const ie11SafeInput = new Uint8Array(input);\n return urlEncodeB64(\n window.btoa(String.fromCharCode(...Array.from(ie11SafeInput)))\n );\n};\n\nexport const parseNumber = (value: any): number | undefined => {\n if (typeof value !== \"string\") {\n return value;\n }\n return parseInt(value, 10) || undefined;\n};\n\n/**\n * @ignore\n */\nexport const buildIsAuthenticatedCookieName = (clientId: string) =>\n `auth0.${clientId}.is.authenticated`;\n","import { SupportedStorage } from \"./types\";\n\n// Storage helpers\nexport const setItemAsync = async (\n storage: SupportedStorage,\n key: string,\n data: any\n): Promise<void> => {\n await storage.setItem(key, JSON.stringify(data));\n};\n\nexport const getItemAsync = async (\n storage: SupportedStorage,\n key: string\n): Promise<unknown> => {\n const value = await storage.getItem(key);\n\n if (!value) {\n return null;\n }\n\n try {\n return JSON.parse(value);\n } catch {\n return value;\n }\n};\n\nexport const removeItemAsync = async (\n storage: SupportedStorage,\n key: string\n): Promise<void> => {\n await storage.removeItem(key);\n};\n","import { AuthResponse, SupportedStorage, User, UserResponse } from \"./types\";\nimport { setItemAsync } from \"./storage_helpers\";\nimport { JsonResponse } from \"./fetch\";\n\nfunction dec2hex(dec: number) {\n return (\"0\" + dec.toString(16)).substr(-2);\n}\n\nexport function decodeBase64URL(value: string): string {\n const key =\n \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\";\n let base64 = \"\";\n let chr1, chr2, chr3;\n let enc1, enc2, enc3, enc4;\n let i = 0;\n value = value.replace(\"-\", \"+\").replace(\"_\", \"/\");\n\n while (i < value.length) {\n enc1 = key.indexOf(value.charAt(i++));\n enc2 = key.indexOf(value.charAt(i++));\n enc3 = key.indexOf(value.charAt(i++));\n enc4 = key.indexOf(value.charAt(i++));\n chr1 = (enc1 << 2) | (enc2 >> 4);\n chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);\n chr3 = ((enc3 & 3) << 6) | enc4;\n base64 = base64 + String.fromCharCode(chr1);\n\n if (enc3 != 64 && chr2 != 0) {\n base64 = base64 + String.fromCharCode(chr2);\n }\n if (enc4 != 64 && chr3 != 0) {\n base64 = base64 + String.fromCharCode(chr3);\n }\n }\n return base64;\n}\n\n// Functions below taken from: https://stackoverflow.com/questions/63309409/creating-a-code-verifier-and-challenge-for-pkce-auth-on-spotify-api-in-reactjs\nexport function generatePKCEVerifier() {\n const verifierLength = 56;\n const array = new Uint32Array(verifierLength);\n if (typeof crypto === \"undefined\") {\n const charSet =\n \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-._~\";\n const charSetLen = charSet.length;\n let verifier = \"\";\n for (let i = 0; i < verifierLength; i++) {\n verifier += charSet.charAt(Math.floor(Math.random() * charSetLen));\n }\n return verifier;\n }\n crypto.getRandomValues(array);\n return Array.from(array, dec2hex).join(\"\");\n}\n\nasync function sha256(randomString: string) {\n const encoder = new TextEncoder();\n const encodedData = encoder.encode(randomString);\n const hash = await crypto.subtle.digest(\"SHA-256\", encodedData);\n const bytes = new Uint8Array(hash);\n\n return Array.from(bytes)\n .map((c) => String.fromCharCode(c))\n .join(\"\");\n}\n\nfunction base64urlencode(str: string) {\n return btoa(str).replace(/\\+/g, \"-\").replace(/\\//g, \"_\").replace(/=+$/, \"\");\n}\n\nexport async function generatePKCEChallenge(verifier: string) {\n const hasCryptoSupport =\n typeof crypto !== \"undefined\" &&\n typeof crypto.subtle !== \"undefined\" &&\n typeof TextEncoder !== \"undefined\";\n\n if (!hasCryptoSupport) {\n console.warn(\n \"WebCrypto API is not supported. Code challenge method will default to use plain instead of sha256.\"\n );\n return verifier;\n }\n const hashed = await sha256(verifier);\n return base64urlencode(hashed);\n}\n\nexport async function getCodeChallengeAndMethod(\n storage: SupportedStorage,\n storageKey: string,\n isPasswordRecovery = false\n) {\n const codeVerifier = generatePKCEVerifier();\n let storedCodeVerifier = codeVerifier;\n if (isPasswordRecovery) {\n storedCodeVerifier += \"/PASSWORD_RECOVERY\";\n }\n await setItemAsync(\n storage,\n `${storageKey}-code-verifier`,\n storedCodeVerifier\n );\n const codeChallenge = await generatePKCEChallenge(codeVerifier);\n const codeChallengeMethod = codeVerifier === codeChallenge ? \"plain\" : \"S256\";\n return [codeChallenge, codeChallengeMethod];\n}\n\nexport const isBrowser = () => typeof document !== \"undefined\";\n\nconst localStorageWriteTests = {\n tested: false,\n writable: false,\n};\n\n/**\n * Checks whether localStorage is supported on this browser.\n */\nexport const supportsLocalStorage = () => {\n if (!isBrowser()) {\n return false;\n }\n\n try {\n if (typeof globalThis.localStorage !== \"object\") {\n return false;\n }\n } catch (e) {\n // DOM exception when accessing `localStorage`\n return false;\n }\n\n if (localStorageWriteTests.tested) {\n return localStorageWriteTests.writable;\n }\n\n const randomKey = `lswt-${Math.random()}${Math.random()}`;\n\n try {\n globalThis.localStorage.setItem(randomKey, randomKey);\n globalThis.localStorage.removeItem(randomKey);\n\n localStorageWriteTests.tested = true;\n localStorageWriteTests.writable = true;\n } catch (e) {\n // localStorage can't be written to\n // https://www.chromium.org/for-testers/bug-reporting-guidelines/uncaught-securityerror-failed-to-read-the-localstorage-property-from-window-access-is-denied-for-this-document\n\n localStorageWriteTests.tested = true;\n localStorageWriteTests.writable = false;\n }\n\n return localStorageWriteTests.writable;\n};\n\nexport function uuid() {\n return \"xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx\".replace(/[xy]/g, function (c) {\n const r = (Math.random() * 16) | 0,\n v = c == \"x\" ? r : (r & 0x3) | 0x8;\n return v.toString(16);\n });\n}\n\nexport type RawAuthResponse = {\n expires_at: number;\n expires_in: number;\n user: User;\n access_token: string;\n refresh_token: string;\n token_type: string;\n};\n/**\n * hasSession checks if the response object contains a valid session\n * @param data A response object\n * @returns true if a session is in the response\n */\nfunction hasSession(data: Partial<RawAuthResponse>): data is RawAuthResponse {\n return !!data.access_token && !!data.refresh_token && !!data.expires_in;\n}\n\nexport function expiresAt(expiresIn: number) {\n const timeNow = Math.round(Date.now() / 1000);\n return timeNow + expiresIn;\n}\n\nexport function _sessionResponse({\n data,\n}: JsonResponse<Partial<RawAuthResponse>>): AuthResponse {\n let session = null;\n if (!data) throw new Error(\"Bad session response\");\n if (hasSession(data)) {\n session = { ...data };\n if (!data.expires_at && data.expires_in) {\n session.expires_at = expiresAt(data.expires_in);\n }\n }\n\n const user: User = data.user ?? (data as User);\n return { data: { session, user }, error: null };\n}\n\n/**\n * A deferred represents some asynchronous work that is not yet finished, which\n * may or may not culminate in a value.\n * Taken from: https://github.com/mike-north/types/blob/master/src/async.ts\n */\nexport class Deferred<T = any> {\n public static promiseConstructor: PromiseConstructor = Promise;\n\n public readonly promise!: PromiseLike<T>;\n\n public readonly resolve!: (value?: T | PromiseLike<T>) => void;\n\n public readonly reject!: (reason?: any) => any;\n\n public constructor() {\n // eslint-disable-next-line @typescript-eslint/no-extra-semi\n (this as any).promise = new Deferred.promiseConstructor((res, rej) => {\n // eslint-disable-next-line @typescript-eslint/no-extra-semi\n (this as any).resolve = res;\n // eslint-disable-next-line @typescript-eslint/no-extra-semi\n (this as any).reject = rej;\n });\n }\n}\n\n/**\n * Converts the provided async function into a retryable function. Each result\n * or thrown error is sent to the isRetryable function which should return true\n * if the function should run again.\n */\nexport function retryable<T>(\n fn: (attempt: number) => Promise<T>,\n isRetryable: (attempt: number, error: any | null, result?: T) => boolean\n): Promise<T> {\n const promise = new Promise<T>((accept, reject) => {\n // eslint-disable-next-line @typescript-eslint/no-extra-semi\n (async () => {\n for (let attempt = 0; attempt < Infinity; attempt++) {\n try {\n const result = await fn(attempt);\n\n if (!isRetryable(attempt, null, result)) {\n accept(result);\n return;\n }\n } catch (e: any) {\n if (!isRetryable(attempt, e)) {\n reject(e);\n return;\n }\n }\n }\n })();\n });\n\n return promise;\n}\n\n/**\n * Creates a promise that resolves to null after some time.\n */\nexport async function sleep(time: number): Promise<null> {\n return new Promise((accept) => {\n setTimeout(() => accept(null), time);\n });\n}\n\nexport const checkExpiresInTime = ({\n expires_in,\n expires_at,\n refreshTick,\n}: {\n expires_in: string;\n expires_at?: string;\n refreshTick: number;\n}) => {\n const timeNow = Math.round(Date.now() / 1000);\n const expiresIn = parseInt(expires_in);\n let expiresAt = timeNow + expiresIn;\n\n if (expires_at) {\n expiresAt = parseInt(expires_at);\n }\n\n const actuallyExpiresIn = expiresAt - timeNow;\n if (actuallyExpiresIn * 1000 <= refreshTick) {\n console.warn(\n `@supabase/gotrue-js: Session as retrieved from URL expires in ${actuallyExpiresIn}s, should have been closer to ${expiresIn}s`\n );\n }\n\n const issuedAt = expiresAt - expiresIn;\n if (timeNow - issuedAt >= 120) {\n console.warn(\n \"@supabase/gotrue-js: Session as retrieved from URL was issued over 120s ago, URL could be stale\",\n issuedAt,\n expiresAt,\n timeNow\n );\n } else if (timeNow - issuedAt < 0) {\n console.warn(\n \"@supabase/gotrue-js: Session as retrieved from URL was issued in the future? Check the device clok for skew\",\n issuedAt,\n expiresAt,\n timeNow\n );\n }\n\n return { expiresIn, expiresAt };\n};\n","import { decodeBase64URL } from \"./helpers\";\n\n/**\n * @ignore\n */\nexport interface JWTVerifyOptions {\n iss: string;\n aud: string;\n id_token: string;\n nonce?: string;\n leeway?: number;\n max_age?: number;\n organizationId?: string;\n now?: number;\n}\n\nexport interface IdToken {\n __raw: string;\n name?: string;\n given_name?: string;\n family_name?: string;\n middle_name?: string;\n nickname?: string;\n preferred_username?: string;\n profile?: string;\n picture?: string;\n website?: string;\n email?: string;\n email_verified?: boolean;\n gender?: string;\n birthdate?: string;\n zoneinfo?: string;\n locale?: string;\n phone_number?: string;\n phone_number_verified?: boolean;\n address?: string;\n updated_at?: string;\n iss?: string;\n aud?: string;\n exp?: number;\n nbf?: number;\n iat?: number;\n jti?: string;\n azp?: string;\n nonce?: string;\n auth_time?: string;\n at_hash?: string;\n c_hash?: string;\n acr?: string;\n amr?: string;\n sub_jwk?: string;\n cnf?: string;\n sid?: string;\n org_id?: string;\n [key: string]: any;\n}\n\nconst isNumber = (n: any) => typeof n === \"number\";\n\nconst idTokendecoded = [\n \"iss\",\n \"aud\",\n \"exp\",\n \"nbf\",\n \"iat\",\n \"jti\",\n \"azp\",\n \"nonce\",\n \"auth_time\",\n \"at_hash\",\n \"c_hash\",\n \"acr\",\n \"amr\",\n \"sub_jwk\",\n \"cnf\",\n \"sip_from_tag\",\n \"sip_date\",\n \"sip_callid\",\n \"sip_cseq_num\",\n \"sip_via_branch\",\n \"orig\",\n \"dest\",\n \"mky\",\n \"events\",\n \"toe\",\n \"txn\",\n \"rph\",\n \"sid\",\n \"vot\",\n \"vtm\",\n];\n\nexport function decodeJWTPayload(token: string) {\n // Regex checks for base64url format\n const base64UrlRegex =\n /^([a-z0-9_-]{4})*($|[a-z0-9_-]{3}=?$|[a-z0-9_-]{2}(==)?$)$/i;\n\n const parts = token.split(\".\");\n\n if (parts.length !== 3) {\n throw new Error(\"JWT is not valid: not a JWT structure\");\n }\n\n if (!base64UrlRegex.test(parts[1])) {\n throw new Error(\"JWT is not valid: payload is not in base64url format\");\n }\n\n const base64Url = parts[1];\n return JSON.parse(decodeBase64URL(base64Url));\n}\n\nexport const verify = (options: JWTVerifyOptions) => {\n if (!options.id_token) {\n throw new Error(\"ID token is required but missing\");\n }\n\n const decoded = decodeJWTPayload(options.id_token);\n\n if (!decoded.claims.iss) {\n throw new Error(\n \"Issuer (iss) claim must be a string present in the ID token\"\n );\n }\n\n if (decoded.claims.iss !== options.iss) {\n throw new Error(\n `Issuer (iss) claim mismatch in the ID token; expected \"${options.iss}\", found \"${decoded.claims.iss}\"`\n );\n }\n\n if (!decoded.user.sub) {\n throw new Error(\n \"Subject (sub) claim must be a string present in the ID token\"\n );\n }\n\n if (decoded.header.alg !== \"RS256\") {\n throw new Error(\n `Signature algorithm of \"${decoded.header.alg}\" is not supported. Expected the ID token to be signed with \"RS256\".`\n );\n }\n\n if (\n !decoded.claims.aud ||\n !(\n typeof decoded.claims.aud === \"string\" ||\n Array.isArray(decoded.claims.aud)\n )\n ) {\n throw new Error(\n \"Audience (aud) claim must be a string or array of strings present in the ID token\"\n );\n }\n if (Array.isArray(decoded.claims.aud)) {\n if (!decoded.claims.aud.includes(options.aud)) {\n throw new Error(\n `Audience (aud) claim mismatch in the ID token; expected \"${\n options.aud\n }\" but was not one of \"${decoded.claims.aud.join(\", \")}\"`\n );\n }\n if (decoded.claims.aud.length > 1) {\n if (!decoded.claims.azp) {\n throw new Error(\n \"Authorized Party (azp) claim must be a string present in the ID token when Audience (aud) claim has multiple values\"\n );\n }\n if (decoded.claims.azp !== options.aud) {\n throw new Error(\n `Authorized Party (azp) claim mismatch in the ID token; expected \"${options.aud}\", found \"${decoded.claims.azp}\"`\n );\n }\n }\n } else if (decoded.claims.aud !== options.aud) {\n throw new Error(\n `Audience (aud) claim mismatch in the ID token; expected \"${options.aud}\" but found \"${decoded.claims.aud}\"`\n );\n }\n if (options.nonce) {\n if (!decoded.claims.nonce) {\n throw new Error(\n \"Nonce (nonce) claim must be a string present in the ID token\"\n );\n }\n if (decoded.claims.nonce !== options.nonce) {\n throw new Error(\n `Nonce (nonce) claim mismatch in the ID token; expected \"${options.nonce}\", found \"${decoded.claims.nonce}\"`\n );\n }\n }\n\n if (options.max_age && !isNumber(decoded.claims.auth_time)) {\n throw new Error(\n \"Authentication Time (auth_time) claim must be a number present in the ID token when Max Age (max_age) is specified\"\n );\n }\n\n /* c8 ignore next 5 */\n if (decoded.claims.exp == null || !isNumber(decoded.claims.exp)) {\n throw new Error(\n \"Expiration Time (exp) claim must be a number present in the ID token\"\n );\n }\n if (!isNumber(decoded.claims.iat)) {\n throw new Error(\n \"Issued At (iat) claim must be a number present in the ID token\"\n );\n }\n\n const leeway = options.leeway || 60;\n const now = new Date(options.now || Date.now());\n const expDate = new Date(0);\n\n expDate.setUTCSeconds(decoded.claims.exp + leeway);\n\n if (now > expDate) {\n throw new Error(\n `Expiration Time (exp) claim error in the ID token; current time (${now}) is after expiration time (${expDate})`\n );\n }\n\n if (decoded.claims.nbf != null && isNumber(decoded.claims.nbf)) {\n const nbfDate = new Date(0);\n nbfDate.setUTCSeconds(decoded.claims.nbf - leeway);\n if (now < nbfDate) {\n throw new Error(\n `Not Before time (nbf) claim in the ID token indicates that this token can't be used just yet. Current time (${now}) is before ${nbfDate}`\n );\n }\n }\n\n if (decoded.claims.auth_time != null && isNumber(decoded.claims.auth_time)) {\n const authTimeDate = new Date(0);\n authTimeDate.setUTCSeconds(\n parseInt(decoded.claims.auth_time) + (options.max_age as number) + leeway\n );\n\n if (now > authTimeDate) {\n throw new Error(\n `Authentication Time (auth_time) claim in the ID token indicates that too much time has passed since the last end-user authentication. Current time (${now}) is after last auth at ${authTimeDate}`\n );\n }\n }\n\n if (options.organizationId) {\n if (!decoded.claims.org_id) {\n throw new Error(\n \"Organization ID (org_id) claim must be a string present in the ID token\"\n );\n } else if (options.organizationId !== decoded.claims.org_id) {\n throw new Error(\n `Organization ID (org_id) claim mismatch in the ID token; expected \"${options.organizationId}\", found \"${decoded.claims.org_id}\"`\n );\n }\n }\n\n return decoded;\n};\n","import { version } from \"./version\";\nexport const GOTRUE_URL = \"http://localhost:9999\";\nexport const STORAGE_KEY = \"faableauth\";\nexport const EXPIRY_MARGIN = 10; // in seconds\n\nexport const API_VERSION_HEADER_NAME = \"X-Faableauth-Api-Version\";\nexport const API_VERSIONS = {\n \"2024-01-01\": {\n timestamp: Date.parse(\"2024-01-01T00:00:00.0Z\"),\n name: \"2024-01-01\",\n },\n};\n","import { supportsLocalStorage } from \"./helpers\";\nimport { SupportedStorage } from \"./types\";\n\n/**\n * Provides safe access to the globalThis.localStorage property.\n */\nexport const localStorageAdapter: SupportedStorage = {\n getItem: (key) => {\n if (!supportsLocalStorage()) {\n return null;\n }\n\n return globalThis.localStorage.getItem(key);\n },\n setItem: (key, value) => {\n if (!supportsLocalStorage()) {\n return;\n }\n\n globalThis.localStorage.setItem(key, value);\n },\n removeItem: (key) => {\n if (!supportsLocalStorage()) {\n return;\n }\n\n globalThis.localStorage.removeItem(key);\n },\n};\n\n/**\n * Returns a localStorage-like object that stores the key-value pairs in\n * memory.\n */\nexport function memoryLocalStorageAdapter(\n store: { [key: string]: string } = {}\n): SupportedStorage {\n return {\n getItem: (key) => {\n return store[key] || null;\n },\n\n setItem: (key, value) => {\n store[key] = value;\n },\n\n removeItem: (key) => {\n delete store[key];\n },\n };\n}\n","/**\n * Known error codes. Note that the server may also return other error codes\n * not included in this list (if the client library is older than the version\n * on the server).\n */\nexport type ErrorCode =\n | \"unexpected_failure\"\n | \"validation_failed\"\n | \"bad_json\"\n | \"email_exists\"\n | \"phone_exists\"\n | \"bad_jwt\"\n | \"not_admin\"\n | \"no_authorization\"\n | \"user_not_found\"\n | \"session_not_found\"\n | \"flow_state_not_found\"\n | \"flow_state_expired\"\n | \"signup_disabled\"\n | \"user_banned\"\n | \"provider_email_needs_verification\"\n | \"invite_not_found\"\n | \"bad_oauth_state\"\n | \"bad_oauth_callback\"\n | \"oauth_provider_not_supported\"\n | \"unexpected_audience\"\n | \"single_identity_not_deletable\"\n | \"email_conflict_identity_not_deletable\"\n | \"identity_already_exists\"\n | \"email_provider_disabled\"\n | \"phone_provider_disabled\"\n | \"too_many_enrolled_mfa_factors\"\n | \"mfa_factor_name_conflict\"\n | \"mfa_factor_not_found\"\n | \"mfa_ip_address_mismatch\"\n | \"mfa_challenge_expired\"\n | \"mfa_verification_failed\"\n | \"mfa_verification_rejected\"\n | \"insufficient_aal\"\n | \"captcha_failed\"\n | \"saml_provider_disabled\"\n | \"manual_linking_disabled\"\n | \"sms_send_failed\"\n | \"email_not_confirmed\"\n | \"phone_not_confirmed\"\n | \"reauth_nonce_missing\"\n | \"saml_relay_state_not_found\"\n | \"saml_relay_state_expired\"\n | \"saml_idp_not_found\"\n | \"saml_assertion_no_user_id\"\n | \"saml_assertion_no_email\"\n | \"user_already_exists\"\n | \"sso_provider_not_found\"\n | \"saml_metadata_fetch_failed\"\n | \"saml_idp_already_exists\"\n | \"sso_domain_already_exists\"\n | \"saml_entity_id_mismatch\"\n | \"conflict\"\n | \"provider_disabled\"\n | \"user_sso_managed\"\n | \"reauthentication_needed\"\n | \"same_password\"\n | \"reauthentication_not_valid\"\n | \"otp_expired\"\n | \"otp_disabled\"\n | \"identity_not_found\"\n | \"weak_password\"\n | \"over_request_rate_limit\"\n | \"over_email_send_rate_limit\"\n | \"over_sms_send_rate_limit\"\n | \"bad_code_verifier\";\n\nexport class AuthError extends Error {\n /**\n * Error code associated with the error. Most errors coming from\n * HTTP responses will have a code, though some errors that occur\n * before a response is received will not have one present. In that\n * case {@link #status} will also be undefined.\n */\n code: ErrorCode | string | undefined;\n\n /** HTTP status code that caused the error. */\n status: number | undefined;\n\n protected __isAuthError = true;\n\n constructor(message: string, status?: number, code?: string) {\n super(message);\n this.name = \"AuthError\";\n this.status = status;\n this.code = code;\n }\n}\n\nexport class CustomAuthError extends AuthError {\n name: string;\n status: number;\n\n constructor(\n message: string,\n name: string,\n status: number,\n code: string | undefined\n ) {\n super(message, status, code);\n this.name = name;\n this.status = status;\n }\n}\n\nexport class AuthSessionMissingError extends CustomAuthError {\n constructor() {\n super(\"Auth session missing!\", \"AuthSessionMissingError\", 400, undefined);\n }\n}\n\nexport function isAuthError(error: unknown): error is AuthError {\n return (\n typeof error === \"object\" && error !== null && \"__isAuthError\" in error\n );\n}\n\nexport class AuthApiError extends AuthError {\n status: number;\n\n constructor(message: string, status: number, code: string | undefined) {\n super(message, status, code);\n this.name = \"AuthApiError\";\n this.status = status;\n this.code = code;\n }\n}\n\nexport function isAuthApiError(error: unknown): error is AuthApiError {\n return isAuthError(error) && error.name === \"AuthApiError\";\n}\n\nexport class AuthImplicitGrantRedirectError extends CustomAuthError {\n details: { error: string; code: string } | null = null;\n constructor(\n message: string,\n details: { error: string; code: string } | null = null\n ) {\n super(message, \"AuthImplicitGrantRedirectError\", 500, undefined);\n this.details = details;\n }\n\n toJSON() {\n return {\n name: this.name,\n message: this.message,\n status: this.status,\n details: this.details,\n };\n }\n}\n\nexport class AuthPKCEGrantCodeExchangeError extends CustomAuthError {\n details: { error: string; code: string } | null = null;\n\n constructor(\n message: string,\n details: { error: string; code: string } | null = null\n ) {\n super(message, \"AuthPKCEGrantCodeExchangeError\", 500, undefined);\n this.details = details;\n }\n\n toJSON() {\n return {\n name: this.name,\n message: this.message,\n status: this.status,\n details: this.details,\n };\n }\n}\n\nexport class AuthUnknownError extends AuthError {\n originalError: unknown;\n\n constructor(message: string, originalError: unknown) {\n super(message);\n this.name = \"AuthUnknownError\";\n this.originalError = originalError;\n }\n}\n\nexport class AuthInvalidTokenResponseError extends CustomAuthError {\n constructor() {\n super(\n \"Auth session or user missing\",\n \"AuthInvalidTokenResponseError\",\n 500,\n undefined\n );\n }\n}\n\nexport class AuthRetryableFetchError extends CustomAuthError {\n constructor(message: string, status: number) {\n super(message, \"AuthRetryableFetchError\", status, undefined);\n }\n}\n\nexport function isAuthRetryableFetchError(\n error: unknown\n): error is AuthRetryableFetchError {\n return isAuthError(error) && error.name === \"AuthRetryableFetchError\";\n}\n","// Will be overwriten by .github/workflows/release.yml\nexport const version = \"0.0.0\";\n","import { version } from \"./lib/version\";\n\nexport type BaseLogOptions = {\n debug?: boolean | ((message: string, ...args: any[]) => void);\n};\n\nexport abstract class BaseLog {\n protected logDebugMessages: boolean;\n protected logger: (message: string, ...args: any[]) => void = console.log;\n\n constructor(config: BaseLogOptions = {}) {\n this.logDebugMessages = !!config.debug;\n if (typeof config.debug === \"function\") {\n this.logger = config.debug;\n }\n }\n\n protected extraPrint?(): string;\n\n protected _debug(...args: any[]) {\n if (this.logDebugMessages) {\n const extra = this.extraPrint ? this.extraPrint() : \"\";\n this.logger(\n `FaableAuth@${extra} (${version}) ${new Date().toISOString()}`,\n ...args\n );\n }\n\n return this;\n }\n}\n","const win: (Window & typeof globalThis) | undefined =\n typeof window !== \"undefined\" ? window : undefined;\n\nconst global: typeof globalThis | undefined =\n typeof globalThis !== \"undefined\" ? globalThis : win;\nexport const document = global?.document as Document;\n\nexport { win as window };\n\nexport const fetch = (global as any).fetch as typeof globalThis.fetch;\n","import { fetch } from \"./globals\";\n\nexport type JsonResponse<T = any> = {\n data: T | null;\n error?: any;\n};\n\ntype RequestInitWithToken = RequestInit & {\n token: string;\n raw: boolean;\n};\n\nconst headers = (init: Partial<RequestInitWithToken> = {}) => {\n let headers = {};\n if (init?.token) {\n headers = { ...headers, Authorization: `Bearer ${init?.token}` };\n }\n return {\n ...init?.headers,\n ...headers,\n };\n};\n\nconst _handleRes = async (\n res: Response,\n options: Partial<RequestInitWithToken> = {}\n) => {\n const body = options.raw ? await res.text() : await res.json();\n if (res.status >= 300) {\n return {\n data: body,\n error: options.raw ? JSON.parse(body)?.message : body?.message,\n };\n }\n return { data: body, error: null };\n};\n\nexport const _post = async <T>(\n url: string,\n data: object,\n options: Partial<RequestInitWithToken> = {}\n): Promise<JsonResponse<T>> => {\n try {\n const res = await fetch(url, {\n method: \"POST\",\n body: JSON.stringify(data),\n headers: { ...headers(options), \"Content-Type\": \"application/json\" },\n });\n\n return _handleRes(res, options);\n } catch (e) {\n return { data: null, error: e };\n }\n};\n\nexport const _get = async <T>(\n url: string,\n options: Partial<RequestInitWithToken> = {}\n): Promise<JsonResponse<T>> => {\n try {\n const res = await fetch(url, {\n ...options,\n method: \"GET\",\n headers: headers(options),\n });\n\n return _handleRes(res, options);\n } catch (e) {\n return { data: null, error: e };\n }\n};\n","import { BaseLog, BaseLogOptions } from \"./BaseLog\";\nimport { AuthError } from \"./lib/errors\";\nimport { _get } from \"./lib/fetch\";\n\nexport default class FaableAuthApi extends BaseLog {\n constructor(public base_url: string, config: BaseLogOptions) {\n super(config);\n }\n protected extraPrint(): string {\n return \"api\";\n }\n\n async signOut(params: {\n client_id: string;\n returnTo?: string;\n }): Promise<{ data: null; error: AuthError | null }> {\n const url = `${this.base_url}/logout?${new URLSearchParams(params)}`;\n this._debug(`requesting ${url}`);\n const res = await _get(url);\n this._debug(res);\n if (res.error) {\n return { error: res.error, data: null };\n } else {\n return { error: null, data: null };\n }\n }\n}\n","import { supportsLocalStorage } from \"../lib/helpers\";\n\n/**\n * Provide your own global lock implementation instead of the default\n * implementation. The function should acquire a lock for the duration of the\n * `fn` async function, such that no other client instances will be able to\n * hold it at the same time.\n *\n * @experimental\n *\n * @param name Name of the lock to be acquired.\n * @param acquireTimeout If negative, no timeout should occur. If positive it\n * should throw an Error with an `isAcquireTimeout`\n * property set to true if the operation fails to be\n * acquired after this much time (ms).\n * @param fn The operation to execute when the lock is acquired.\n */\nexport type LockFunc = <R>(\n name: string,\n acquireTimeout: number,\n fn: () => Promise<R>\n) => Promise<R>;\n\n/**\n * @experimental\n */\nexport const internals = {\n /**\n * @experimental\n */\n debug: !!(\n globalThis &&\n supportsLocalStorage() &&\n globalThis.localStorage &&\n globalThis.localStorage.getItem(\"supabase.gotrue-js.locks.debug\") === \"true\"\n ),\n};\n\n/**\n * An error thrown when a lock cannot be acquired after some amount of time.\n *\n * Use the {@link #isAcquireTimeout} property instead of checking with `instanceof`.\n */\nexport abstract class LockAcquireTimeoutError extends Error {\n public readonly isAcquireTimeout = true;\n\n constructor(message: string) {\n super(message);\n }\n}\n\nexport class NavigatorLockAcquireTimeoutError extends LockAcquireTimeoutError {}\n\n/**\n * Implements a global exclusive lock using the Navigator LockManager API. It\n * is available on all browsers released after 2022-03-15 with Safari being the\n * last one to release support. If the API is not available, this function will\n * throw. Make sure you check availablility before configuring {@link\n * GoTrueClient}.\n *\n * You can turn on debugging by setting the `supabase.gotrue-js.locks.debug`\n * local storage item to `true`.\n *\n * Internals:\n *\n * Since the LockManager API does not preserve stack traces for the async\n * function passed in the `request` method, a trick is used where acquiring the\n * lock releases a previously started promise to run the operation in the `fn`\n * function. The lock waits for that promise to finish (with or without error),\n * while the function will finally wait for the result anyway.\n *\n * @param name Name of the lock to be acquired.\n * @param acquireTimeout If negative, no timeout. If 0 an error is thrown if\n * the lock can't be acquired without waiting. If positive, the lock acquire\n * will time out after so many milliseconds. An error is\n * a timeout if it has `isAcquireTimeout` set to true.\n * @param fn The operation to run once the lock is acquired.\n */\nexport async function navigatorLock<R>(\n name: string,\n acquireTimeout: number,\n fn: () => Promise<R>\n): Promise<R> {\n if (internals.debug) {\n console.log(\n \"@supabase/gotrue-js: navigatorLock: acquire lock\",\n name,\n acquireTimeout\n );\n }\n\n const abortController = new globalThis.AbortController();\n\n if (acquireTimeout > 0) {\n setTimeout(() => {\n abortController.abort();\n if (internals.debug) {\n console.log(\n \"@supabase/gotrue-js: navigatorLock acquire timed out\",\n name\n );\n }\n }, acquireTimeout);\n }\n\n // MDN article: https://developer.mozilla.org/en-US/docs/Web/API/LockManager/request\n\n return await globalThis.navigator.locks.request(\n name,\n acquireTimeout === 0\n ? {\n mode: \"exclusive\",\n ifAvailable: true,\n }\n : {\n mode: \"exclusive\",\n signal: abortController.signal,\n },\n async (lock) => {\n if (lock) {\n if (internals.debug) {\n console.log(\n \"@supabase/gotrue-js: navigatorLock: acquired\",\n name,\n lock.name\n );\n }\n\n try {\n return await fn();\n } finally {\n if (internals.debug) {\n console.log(\n \"@supabase/gotrue-js: navigatorLock: released\",\n name,\n lock.name\n );\n }\n }\n } else {\n if (acquireTimeout === 0) {\n if (internals.debug) {\n console.log(\n \"@supabase/gotrue-js: navigatorLock: not immediately available\",\n name\n );\n }\n\n throw new NavigatorLockAcquireTimeoutError(\n `Acquiring an exclusive Navigator LockManager lock \"${name}\" immediately failed`\n );\n } else {\n if (internals.debug) {\n try {\n const result = await globalThis.navigator.locks.query();\n\n console.log(\n \"@supabase/gotrue-js: Navigator LockManager state\",\n JSON.stringify(result, null, \" \")\n );\n } catch (e: any) {\n console.warn(\n \"@supabase/gotrue-js: Error when querying Navigator LockManager state\",\n e\n );\n }\n }\n\n // Browser is not following the Navigator LockManager spec, it\n // returned a null lock when we didn't use ifAvailable. So we can\n // pretend the lock is acquired in the name of backward compatibility\n // and user experience and just run the function.\n console.warn(\n \"@supabase/gotrue-js: Navigator LockManager returned a null lock when using #request without ifAvailable set to true, it appears this browser is not following the LockManager spec https://developer.mozilla.org/en-US/docs/Web/API/LockManager/request\"\n );\n\n return await fn();\n }\n }\n }\n );\n}\n\nexport async function lockNoOp<R>(\n name: string,\n acquireTimeout: number,\n fn: () => Promise<R>\n): Promise<R> {\n return await fn();\n}\n","import { BaseLog, BaseLogOptions } from \"./BaseLog\";\n\nexport abstract class Base extends BaseLog {\n private static nextInstanceID = 0;\n private instanceID: number;\n\n constructor(config: BaseLogOptions = {}) {\n super(config);\n this.instanceID = Base.nextInstanceID;\n Base.nextInstanceID += 1;\n }\n\n extraPrint() {\n return this.instanceID.toString();\n }\n}\n","import { Base } from \"../Base\";\nimport { BaseLogOptions } from \"../BaseLog\";\n\nimport { LockFunc, lockNoOp } from \"./locks\";\n\ntype LockOptions = {\n storageKey: string;\n lock?: LockFunc;\n} & BaseLogOptions;\n\nexport class Lock extends Base {\n protected lock: LockFunc;\n lockAcquired = false;\n protected pendingInLock: Promise<any>[] = [];\n\n protected storageKey: string;\n\n constructor(options: LockOptions) {\n super({ debug: options.debug });\n this.lock = options.lock || lockNoOp;\n this.storageKey = options.storageKey;\n }\n\n /**\n * Acquires a global lock based on the storage key.\n */\n async _acquireLock<R>(\n acquireTimeout: number,\n fn: () => Promise<R>\n ): Promise<R> {\n this._debug(\"#_acquireLock\", \"begin\", acquireTimeout);\n\n try {\n if (this.lockAcquired) {\n const last = this.pendingInLock.length\n ? this.pendingInLock[this.pendingInLock.length - 1]\n : Promise.resolve();\n\n const result = (async () => {\n await last;\n return await fn();\n })();\n\n this.pendingInLock.push(\n (async () => {\n try {\n await result;\n } catch (e: any) {\n // we just care if it finished\n }\n })()\n );\n\n return result;\n }\n\n return await this.lock(\n `lock:${this.storageKey}`,\n acquireTimeout,\n async () => {\n this._debug(\n \"#_acquireLock\",\n \"lock acquired for storage key\",\n this.storageKey\n );\n\n try {\n this.lockAcquired = true;\n\n const result = fn();\n\n this.pendingInLock.push(\n (async () => {\n try {\n await result;\n } catch (e: any) {\n // we just care if it finished\n }\n })()\n );\n\n await result;\n\n // keep draining the queue until there's nothing to wait on\n while (this.pendingInLock.length) {\n const waitOn = [...this.pendingInLock];\n\n await Promise.all(waitOn);\n\n this.pendingInLock.splice(0, waitOn.length);\n }\n\n return await result;\n } finally {\n this._debug(\n \"#_acquireLock\",\n \"lock released for storage key\",\n this.storageKey\n );\n\n this.lockAcquired = false;\n }\n }\n );\n } finally {\n this._debug(\"#_acquireLock\", \"end\");\n }\n }\n}\n","/**\n * Extracts parameters encoded in the URL both in the query and fragment.\n */\nexport function parseParametersFromURL(href: string) {\n const result: { [parameter: string]: string } = {};\n\n const url = new URL(href);\n\n if (url.hash && url.hash[0] === \"#\") {\n try {\n const hashSearchParams = new URLSearchParams(url.hash.substring(1));\n hashSearchParams.forEach((value, key) => {\n result[key] = value;\n });\n } catch (e: any) {\n // hash is not a query string\n }\n }\n\n // search parameters take precedence over hash parameters\n url.searchParams.forEach((value, key) => {\n result[key] = value;\n });\n\n return result;\n}\n\nexport const clearURLParameters = (delete_params: string[] = []) => {\n const url = new URL(window.location.href);\n\n delete_params.forEach((param) => {\n url.searchParams.delete(param);\n });\n\n url.hash = \"\";\n\n window.history.replaceState(window.history.state, \"\", url.toString());\n};\n","import { window } from \"../globals\";\n\nfunction redirect(url: string) {\n getWindow().location = url as any;\n}\n\nfunction getDocument() {\n return getWindow().document;\n}\n\nfunction getWindow() {\n if (!window) throw new Error(\"No window in environment\");\n return window;\n}\n\nexport const windowHelpers = {\n redirect: redirect,\n getDocument: getDocument,\n getWindow: getWindow,\n};\n","import { getDomain, getTokenIssuer } from \"./utils\";\n\nimport {\n AuthFlowType,\n SupportedStorage,\n SignInWithOAuthConnection,\n OAuthResponse,\n Subscription,\n InitializeResult,\n User,\n CallRefreshTokenResult,\n} from \"./lib/types\";\n\nimport { decodeJWTPayload, verify as verifyIdToken } from \"./lib/jwt\";\nimport {\n FaableAuthClientConfig,\n AuthResponse,\n AuthChangeEvent,\n} from \"./lib/types\";\nimport { TokenEndpointResponse, Session, SignOut } from \"./lib/types\";\nimport {\n Deferred,\n RawAuthResponse,\n _sessionResponse,\n checkExpiresInTime,\n getCodeChallengeAndMethod,\n isBrowser,\n retryable,\n sleep,\n uuid,\n} from \"./lib/helpers\";\n\nimport { EXPIRY_MARGIN, STORAGE_KEY } from \"./lib/constants\";\nimport { localStorageAdapter } from \"./lib/local-storage\";\nimport {\n AuthError,\n AuthImplicitGrantRedirectError,\n AuthInvalidTokenResponseError,\n AuthPKCEGrantCodeExchangeError,\n AuthSessionMissingError,\n AuthUnknownError,\n isAuthApiError,\n isAuthError,\n isAuthRetryableFetchError,\n} from \"./lib/errors\";\nimport {\n getItemAsync,\n removeItemAsync,\n setItemAsync,\n} from \"./lib/storage_helpers\";\nimport FaableAuthApi from \"./FaableAuthApi\";\nimport { LockAcquireTimeoutError } from \"./lock/locks\";\nimport { _get, _post } from \"./lib/fetch\";\nimport { Base } from \"./Base\";\nimport { Lock } from \"./lock/Lock\";\nimport { document, window } from \"./lib/globals\";\nimport { clearURLParameters, parseParametersFromURL } from \"./lib/url_helpers\";\nimport { windowHelpers } from \"./lib/helpers/window\";\n\n/** Current session will be checked for refresh at this interval. */\nconst AUTO_REFRESH_TICK_DURATION = 30 * 1000;\n\n/**\n * A token refresh will be attempted this many ticks before the current session expires. */\nconst AUTO_REFRESH_TICK_THRESHOLD = 3;\n\nexport class FaableAuthClient extends Base {\n domainUrl: string;\n tokenIssuer: string;\n redirect_uri: string;\n scope?: string;\n sessionCheckExpiryDays: number;\n\n protected initializePromise: Promise<InitializeResult> | null = null;\n protected detectSessionInUrl = true;\n\n protected storageKey: string;\n\n protected clientId: string;\n protected storage: SupportedStorage;\n protected api: FaableAuthApi;\n\n protected autoRefreshToken: boolean;\n protected autoRefreshTicker: ReturnType<typeof setInterval> | null = null;\n protected visibilityChangedCallback: (() => Promise<any>) | null = null;\n\n protected refreshingDeferred: Deferred<CallRefreshTokenResult> | null = null;\n\n /**\n * Used to broadcast state change events to other tabs listening.\n */\n protected broadcastChannel: BroadcastChannel | null = null;\n protected stateChangeEmitters: Map<string, Subscription> = new Map();\n\n protected lock: Lock;\n\n constructor(config: FaableAuthClientConfig) {\n const debug = config?.debug || false;\n super({ debug });\n\n this.sessionCheckExpiryDays = 1;\n this.redirect_uri = config?.redirect_uri || \"\";\n if (!config?.domain) {\n throw new Error(\"Missing domain\");\n }\n this.domainUrl = getDomain(config.domain);\n\n this.tokenIssuer = getTokenIssuer(\"\", this.domainUrl);\n if (!config.clientId) {\n throw new Error(\"Missing clientId\");\n }\n this.clientId = config.clientId;\n\n this.api = new FaableAuthApi(this.domainUrl, { debug });\n\n // Storage key\n const key_prefix = config?.storageKey || STORAGE_KEY;\n this.storageKey = `${key_prefix}-${this.clientId}`;\n\n this.storage = config?.storage || localStorageAdapter;\n\n this.lock = new Lock({\n lock: config.lock,\n storageKey: this.storageKey,\n debug: config.debug,\n });\n\n if (\n isBrowser() &&\n globalThis.BroadcastChannel &&\n // this.persistSession &&\n this.storageKey\n ) {\n try {\n this.broadcastChannel = new globalThis.BroadcastChannel(\n this.storageKey\n );\n } catch (e: any) {\n console.error(\n \"Failed to create a new BroadcastChannel, multi-tab state changes will not be available\",\n e\n );\n }\n\n this.broadcastChannel?.addEventListener(\"message\", async (event) => {\n this._debug(\n \"received broadcast notification from other tab or client\",\n event\n );\n\n await this._notifyAllSubscribers(\n event.data.event,\n event.data.session,\n false\n ); // broadcast = false so we don't get an endless loop of messages\n });\n }\n\n this.autoRefreshToken = true;\n\n this.initialize();\n }\n\n /**\n * Initializes the client session either from the url or from storage.\n * This method is automatically called when instantiating the client, but should also be called\n * manually when checking for an error from an auth redirect (oauth, magiclink, password recovery, etc).\n */\n async initialize(): Promise<InitializeResult> {\n if (this.initializePromise) {\n return await this.initializePromise;\n }\n\n this.initializePromise = (async () => {\n return await this.lock._acquireLock(-1, async () => {\n return await this._initialize();\n });\n })();\n\n return await this.initializePromise;\n }\n\n /**\n * IMPORTANT:\n * 1. Never throw in this method, as it is called from the constructor\n * 2. Never return a session from this method as it would be cached over\n * the whole lifetime of the client\n */\n private async _initialize(): Promise<InitializeResult> {\n try {\n const flow = await this._detectFlowType();\n\n this._debug(\"#_initialize()\", \"begin\", \"flow_type\", flow);\n\n // if exists any flow, process the session\n if (flow) {\n const { data, error } = await this._getSessionFromURL(flow);\n if (error) {\n this._debug(\n \"#_initialize()\",\n \"error detecting session from URL\",\n error\n );\n\n // hacky workaround to keep the existing session if there's an error returned from identity linking\n // TODO: once error codes are ready, we should match against it instead of the message\n if (\n error?.message === \"Identity is already linked\" ||\n error?.message === \"Identity is already linked to another user\"\n ) {\n return { error };\n }\n\n // failed login attempt via url,\n // remove old session as in verifyOtp, signUp and signInWith*\n await this._removeSession();\n\n return { error };\n }\n\n const { session, redirectType } = data;\n\n this._debug(\n \"#_initialize()\",\n \"detected session in URL\",\n session,\n \"redirect type\",\n redirectType\n );\n\n await this._saveSession(session);\n\n setTimeout(async () => {\n if (redirectType === \"recovery\") {\n await this._notifyAllSubscribers(\"PASSWORD_RECOVERY\", session);\n } else {\n await this._notifyAllSubscribers(\"SIGNED_IN\", session);\n }\n }, 0);\n\n return { error: null };\n }\n // no login attempt via callback url try to recover session from storage\n await this._recoverAndRefresh();\n return { error: null };\n } catch (error) {\n if (isAuthError(error)) {\n return { error };\n }\n\n return {\n error: new AuthUnknownError(\n \"Unexpected error during initialization\",\n error\n ),\n };\n } finally {\n await this._handleVisibilityChange();\n this._debug(\"#_initialize()\", \"end\");\n }\n }\n\n /**\n * Gets the session data from a URL string\n */\n private async _getSessionFromURL(flow: AuthFlowType): Promise<\n | {\n data: { session: Session; redirectType: string | null };\n error: null;\n }\n | { data: { session: null; redirectType: null }; error: AuthError }\n > {\n try {\n const params = parseParametersFromURL(window.location.href);\n if (flow == \"pkce\") {\n if (!params.code) {\n throw new AuthPKCEGrantCodeExchangeError(\"No code detected.\");\n }\n\n const { data, error } = await this._exchangeCodeForSession(params.code);\n if (error) throw error;\n\n // Remove code from URL\n clearURLParameters([\"code\"]);\n\n return {\n data: { session: data.session, redirectType: null },\n error: null,\n };\n }\n\n if (params.error || params.error_description || params.error_code) {\n throw new AuthImplicitGrantRedirectError(\n params.error_description ||\n \"Error in URL with unspecified error_description\",\n {\n error: params.error || \"unspecified_error\",\n code: params.error_code || \"unspecified_code\",\n }\n );\n }\n\n const {\n provider_token,\n provider_refresh_token,\n access_token,\n refresh_token,\n expires_in,\n expires_at,\n token_type,\n } = params;\n\n if (!access_token || !expires_in || !refresh_token || !token_type) {\n throw new AuthImplicitGrantRedirectError(\"No session defined in URL\");\n }\n\n // Check time is valid\n const { expiresAt, expiresIn } = checkExpiresInTime({\n expires_in,\n expires_at,\n refreshTick: AUTO_REFRESH_TICK_DURATION,\n });\n\n const { data, error } = await this._getUser(access_token);\n\n if (error || !data.user) throw error;\n\n const session: Session = {\n provider_token,\n provider_refresh_token,\n access_token,\n expires_in: expiresIn,\n expires_at: expiresAt,\n refresh_token,\n token_type,\n user: data.user,\n };\n\n // Remove tokens from URL\n clearURLParameters([\n \"access_token\",\n \"expires_in\",\n \"refresh_token\",\n \"token_type\",\n \"scope\",\n ]);\n this._debug(\"#_getSessionFromURL()\", \"clearing window.location.hash\");\n\n return { data: { session, redirectType: params.type }, error: null };\n } catch (error) {\n this._debug(error);\n if (isAuthError(error)) {\n return { data: { session: null, redirectType: null }, error };\n }\n throw error;\n }\n }\n\n private async _exchangeCodeForSession(authCode: string): Promise<\n | {\n data: { session: Session; user: User; redirectType: string | null };\n error: null;\n }\n | {\n data: { session: null; user: null; redirectType: null };\n error: AuthError;\n }\n > {\n const storageItem = await getItemAsync(\n this.storage,\n `${this.storageKey}-code-verifier`\n );\n const [codeVerifier, redirectType] = ((storageItem ?? \"\") as string).split(\n \"/\"\n );\n\n const rawResponse = await _post<Partial<RawAuthResponse>>(\n `${this.domainUrl}/oauth/token`,\n {\n client_id: this.clientId,\n grant_type: \"authorization_code\",\n code: authCode,\n code_verifier: codeVerifier,\n }\n );\n\n const { data, error } = _sessionResponse(rawResponse);\n\n if (!data) {\n throw new Error(\"Missing data\");\n }\n\n await removeItemAsync(this.storage, `${this.storageKey}-code-verifier`);\n if (error) {\n return { data: { user: null, session: null, redirectType: null }, error };\n } else if (!data || !data.session || !data.user) {\n return {\n data: { user: null, session: null, redirectType: null },\n error: new AuthInvalidTokenResponseError(),\n };\n }\n let session = data.session as Session;\n if (session) {\n const { data: userdata, error } = await this._getUser(\n session.access_token\n );\n if (error || !userdata.user) {\n throw error;\n }\n\n session = {\n ...session,\n user: userdata.user,\n };\n data.session = session;\n\n await this._saveSession(session);\n await this._notifyAllSubscribers(\"SIGNED_IN\", session);\n }\n return {\n data: { ...data, redirectType: redirectType ?? null } as any,\n error,\n };\n }\n\n /**\n * Registers callbacks on the browser / platform, which in-turn run\n * algorithms when the browser window/tab are in foreground. On non-browser\n * platforms it assumes always foreground.\n */\n private async _handleVisibilityChange() {\n this._debug(\"#_handleVisibilityChange()\");\n\n if (!isBrowser() || !window?.addEventListener) {\n if (this.autoRefreshToken) {\n // in non-browser environments the refresh token ticker runs always\n this.startAutoRefresh();\n }\n\n return false;\n }\n\n try {\n this.visibilityChangedCallback = async () =>\n await this._onVisibilityChanged(false);\n\n window?.addEventListener(\n \"visibilitychange\",\n this.visibilityChangedCallback\n );\n\n // now immediately call the visbility changed callback to setup with the\n // current visbility state\n await this._onVisibilityChanged(true); // initial call\n } catch (error) {\n console.error(\"_handleVisibilityChange\", error);\n }\n }\n\n /**\n * Callback registered with `window.addEventListener('visibilitychange')`.\n */\n private async _onVisibilityChanged(calledFromInitialize: boolean) {\n const methodName = `#_onVisibilityChanged(${calledFromInitialize})`;\n this._debug(methodName, \"visibilityState\", document.visibilityState);\n\n if (document.visibilityState === \"visible\") {\n if (this.autoRefreshToken) {\n // in browser environments the refresh token ticker runs only on focused tabs\n // which prevents race conditions\n this._startAutoRefresh();\n }\n\n if (!calledFromInitialize) {\n // called when the visibility has changed, i.e. the browser\n // transitioned from hidden -> visible so we need to see if the session\n // should be recovered immediately... but to do that we need to acquire\n // the lock first asynchronously\n await this.initializePromise;\n\n await this.lock._acquireLock(-1, async () => {\n if (document.visibilityState !== \"visible\") {\n this._debug(\n methodName,\n \"acquired the lock to recover the session, but the browser visibilityState is no longer visible, aborting\"\n );\n\n // visibility has changed while waiting for the lock, abort\n return;\n }\n\n // recover the session\n await this._recoverAndRefresh();\n });\n }\n } else if (document.visibilityState === \"hidden\") {\n if (this.autoRefreshToken) {\n this._stopAutoRefresh();\n }\n }\n }\n\n /**\n * Recovers the session from LocalStorage and refreshes\n * Note: this method is async to accommodate for AsyncStorage e.g. in React native.\n */\n private async _recoverAndRefresh() {\n const debugName = \"#_recoverAndRefresh()\";\n this._debug(debugName, \"begin\");\n\n try {\n const currentSession = await getItemAsync(this.storage, this.storageKey);\n this._debug(debugName, \"session from storage\", currentSession);\n\n if (!this._isValidSession(currentSession)) {\n this._debug(debugName, \"session is not valid\");\n if (currentSession !== null) {\n await this._removeSession();\n }\n\n return;\n }\n\n const timeNow = Math.round(Date.now() / 1000);\n const expiresWithMargin =\n (currentSession.expires_at ?? Infinity) < timeNow + EXPIRY_MARGIN;\n\n this._debug(\n debugName,\n `session has${\n expiresWithMargin ? \"\" : \" not\"\n } expired with margin of ${EXPIRY_MARGIN}s`\n );\n\n if (expiresWithMargin) {\n if (this.autoRefreshToken && currentSession.refresh_token) {\n const { error } = await this._callRefreshToken(\n currentSession.refresh_token\n );\n\n if (error) {\n console.error(error);\n\n if (!isAuthRetryableFetchError(error)) {\n this._debug(\n debugName,\n \"refresh failed with a non-retryable error, removing the session\",\n error\n );\n await this._removeSession();\n }\n }\n }\n } else {\n // no need to persist currentSession again, as we just loaded it from\n // local storage; persisting it again may overwrite a value saved by\n // another client with access to the same local storage\n await this._notifyAllSubscribers(\"SIGNED_IN\", currentSession);\n }\n } catch (err) {\n this._debug(debugName, \"error\", err);\n\n console.error(err);\n return;\n } finally {\n this._debug(debugName, \"end\");\n }\n }\n\n /**\n * Removes any registered visibilitychange callback.\n *\n * {@see #startAutoRefresh}\n * {@see #stopAutoRefresh}\n */\n private _removeVisibilityChangedCallback() {\n this._debug(\"#_removeVisibilityChangedCallback()\");\n\n const callback = this.visibilityChangedCallback;\n this.visibilityChangedCallback = null;\n\n try {\n if (callback && isBrowser() && window?.removeEventListener) {\n window.removeEventListener(\"visibilitychange\", callback);\n }\n } catch (e) {\n console.error(\"removing visibilitychange callback failed\", e);\n }\n }\n\n /**\n * Starts an auto-refresh process in the background. The session is checked\n * every few seconds. Close to the time of expiration a process is started to\n * refresh the session. If refreshing fails it will be retried for as long as\n * necessary.\n *\n * If you set the {@link GoTrueClientOptions#autoRefreshToken} you don't need\n * to call this function, it will be called for you.\n *\n * On browsers the refresh process works only when the tab/window is in the\n * foreground to conserve resources as well as prevent race conditions and\n * flooding auth with requests. If you call this method any managed\n * visibility change callback will be removed and you must manage visibility\n * changes on your own.\n *\n * On non-browser platforms the refresh process works *continuously* in the\n * background, which may not be desirable. You should hook into your\n * platform's foreground indication mechanism and call these methods\n * appropriately to conserve resources.\n *\n * {@see #stopAutoRefresh}\n */\n async startAutoRefresh() {\n this._removeVisibilityChangedCallback();\n await this._startAutoRefresh();\n }\n\n /**\n * This is the private implementation of {@link #startAutoRefresh}. Use this\n * within the library.\n */\n private async _startAutoRefresh() {\n await this._stopAutoRefresh();\n\n this._debug(\"#_startAutoRefresh()\");\n\n const ticker = setInterval(\n () => this._autoRefreshTokenTick(),\n AUTO_REFRESH_TICK_DURATION\n );\n this.autoRefreshTicker = ticker;\n\n if (\n ticker &&\n typeof ticker === \"object\" &&\n typeof ticker.unref === \"function\"\n ) {\n // ticker is a NodeJS Timeout object that has an `unref` method\n // https://nodejs.org/api/timers.html#timeoutunref\n // When auto refresh is used in NodeJS (like for testing) the\n // `setInterval` is preventing the process from being marked as\n // finished and tests run endlessly. This can be prevented by calling\n // `unref()` on the returned object.\n ticker.unref();\n // @ts-ignore\n } else if (\n typeof (globalThis as any).Deno !== \"undefined\" &&\n typeof (globalThis as any).Deno.unrefTimer === \"function\"\n ) {\n // similar like for NodeJS, but with the Deno API\n // https://deno.land/api@latest?unstable&s=Deno.unrefTimer\n // @ts-ignore\n Deno.unrefTimer(ticker);\n }\n\n // run the tick immediately, but in the next pass of the event loop so that\n // #_initialize can be allowed to complete without recursively waiting on\n // itself\n setTimeout(async () => {\n await this.initializePromise;\n await this._autoRefreshTokenTick();\n }, 0);\n }\n\n /**\n * This is the private implementation of {@link #stopAutoRefresh}. Use this\n * within the library.\n */\n private async _stopAutoRefresh() {\n this._debug(\"#_stopAutoRefresh()\");\n\n const ticker = this.autoRefreshTicker;\n this.autoRefreshTicker = null;\n\n if (ticker) {\n clearInterval(ticker);\n }\n }\n\n /**\n * Runs the auto refresh token tick.\n */\n private async _autoRefreshTokenTick() {\n this._debug(\"#_autoRefreshTokenTick()\", \"begin\");\n\n try {\n await this.lock._acquireLock(0, async () => {\n try {\n const now = Date.now();\n\n try {\n return await this._useSession(async (result) => {\n const {\n data: { session },\n } = result;\n\n if (!session || !session.refresh_token || !session.expires_at) {\n this._debug(\"#_autoRefreshTokenTick()\", \"no session\");\n return;\n }\n\n // session will expire in this many ticks (or has already expired if <= 0)\n const expiresInTicks = Math.floor(\n (session.expires_at * 1000 - now) / AUTO_REFRESH_TICK_DURATION\n );\n\n this._debug(\n \"#_autoRefreshTokenTick()\",\n `access token expires in ${expiresInTicks} ticks, a tick lasts ${AUTO_REFRESH_TICK_DURATION}ms, refresh threshold is ${AUTO_REFRESH_TICK_THRESHOLD} ticks`\n );\n\n if (expiresInTicks <= AUTO_REFRESH_TICK_THRESHOLD) {\n await this._callRefreshToken(session.refresh_token);\n }\n });\n } catch (e: any) {\n console.error(\n \"Auto refresh tick failed with error. This is likely a transient error.\",\n e\n );\n }\n } finally {\n this._debug(\"#_autoRefreshTokenTick()\", \"end\");\n }\n });\n } catch (e: any) {\n if (e.isAcquireTimeout || e instanceof LockAcquireTimeoutError) {\n this._debug(\"auto refresh token tick lock not available\");\n } else {\n throw e;\n }\n }\n }\n\n // /**\n // * Checks if the current URL and backing storage contain parameters given by a PKCE flow\n // */\n // private async _isPKCEFlow(): Promise<boolean> {\n // const params = parseParametersFromURL(window.location.href);\n\n // const currentStorageContent = await getItemAsync(\n // this.storage,\n // `${this.storageKey}-code-verifier`\n // );\n\n // return !!(params.code && currentStorageContent);\n // }\n\n // /**\n // * Checks if the current URL contains parameters given by an implicit oauth grant flow (https://www.rfc-editor.org/rfc/rfc6749.html#section-4.2)\n // */\n // private _isImplicitGrantFlow(): boolean {\n // const params = parseParametersFromURL(window.location.href);\n\n // return !!(isBrowser() && (params.access_token || params.error_description));\n // }\n\n private async _detectFlowType(): Promise<AuthFlowType | null> {\n const params = parseParametersFromURL(window.location.href);\n\n const browser = isBrowser();\n\n // PKCE\n if (browser && params.code) {\n return \"pkce\";\n }\n\n // Implicit\n if (browser && (params.access_token || params.error_description)) {\n return \"implicit\";\n }\n return null;\n }\n\n private _scope() {\n return this.scope || \"openid profile email\";\n }\n\n private async _getUrlForConnection(\n url: string,\n params: {\n connection?: string;\n redirectTo?: string;\n scopes?: string;\n response_type?: \"code\" | \"token\";\n queryParams?: { [key: string]: string };\n skipBrowserRedirect?: boolean;\n }\n ) {\n let urlParams: Record<string, any> = params.queryParams || {};\n\n const authorize_params: Record<string, any> = {\n client_id: this.clientId,\n response_type: params.response_type,\n redirect_uri:\n params.redirectTo || this.redirect_uri || window.location.origin,\n scope: params.scopes || this._scope(),\n };\n\n const flowType = await this._detectFlowType();\n\n if (flowType === \"pkce\") {\n const [codeChallenge, codeChallengeMethod] =\n await getCodeChallengeAndMethod(this.storage, this.storageKey);\n\n urlParams = {\n ...urlParams,\n code_challenge: codeChallenge,\n code_challenge_method: codeChallengeMethod,\n };\n }\n\n // Set connection if specified\n if (params.connection) {\n authorize_params.connection = params.connection;\n }\n\n // Merge authorize params with urlParams\n return `${url}?${new URLSearchParams({\n ...urlParams,\n ...authorize_params,\n })}`;\n }\n\n async signInWithOauthConnection(\n credentials: SignInWithOAuthConnection\n ): Promise<OAuthResponse> {\n return await this._handleConnectionSignIn({\n connection: credentials.connection,\n redirectTo: credentials?.redirectTo,\n scopes: credentials?.scopes,\n queryParams: credentials.queryParams,\n skipBrowserRedirect: credentials.skipBrowserRedirect,\n });\n }\n\n async signInWithUsernamePassword(data: {\n username: string;\n password: string;\n redirect_uri?: string;\n state?: string;\n }) {\n // Handle response and submit\n const handleCallback = async (formHtml: string) => {\n console.log(\"rawres\");\n console.log(rawAuthResponse);\n const div = document.createElement(\"div\");\n div.innerHTML = formHtml;\n const form = document.body.appendChild(div)\n .children[0] as HTMLFormElement;\n\n form.submit();\n };\n\n const rawAuthResponse = await _post<string>(\n `${this.domainUrl}/usernamepassword/login`,\n {\n username: data.username,\n password: data.password,\n redirect_uri:\n data.redirect_uri || this.redirect_uri || window.location.origin,\n client_id: this.clientId,\n state: data.state,\n },\n { raw: true }\n );\n\n if (!rawAuthResponse.data || rawAuthResponse.error) {\n throw new Error(\n rawAuthResponse.error || \"Error in username password login\"\n );\n }\n handleCallback(rawAuthResponse.data);\n }\n\n async changePassword(params: { email: string }) {\n if (!params?.email) {\n throw new Error(\"email is required\");\n }\n\n const { data, error } = await _post(\n `${this.domainUrl}/dbconnections/change_password`,\n {\n email: params.email,\n }\n );\n return data;\n }\n\n buildAuthorizeUrl(\n options: {\n redirectTo?: string;\n scope?: string;\n response_type?: string;\n audience?: string;\n } = {}\n ): string {\n const params = {\n client_id: this.clientId,\n redirect_uri:\n options.redirectTo || this.redirect_uri || window.location.origin,\n response_type: options.response_type || isBrowser() ? \"code\" : \"token\",\n audience: options.audience,\n scope: options.scope,\n };\n\n // Create a new object with only non-empty properties\n const y = Object.fromEntries(\n Object.entries(params).filter(([key, value]) => !!value)\n ) as Record<string, string>;\n\n return `${this.domainUrl}/authorize?${new URLSearchParams(y).toString()}`;\n }\n\n authorize(options: {\n redirectTo?: string;\n scope?: string;\n response_type: string;\n audience?: string;\n }) {\n const url = this.buildAuthorizeUrl(options);\n windowHelpers.redirect(url);\n }\n\n private async _handleConnectionSignIn(options: {\n connection?: string;\n redirectTo?: string;\n scopes?: string;\n queryParams?: { [key: string]: string };\n skipBrowserRedirect?: boolean;\n }) {\n const url: string = await this._getUrlForConnection(\n `${this.domainUrl}/authorize`,\n {\n response_type: isBrowser() ? \"code\" : \"token\",\n connection: options.connection,\n redirectTo: options.redirectTo,\n scopes: options.scopes,\n queryParams: options.queryParams,\n }\n );\n\n this._debug(\"#_handleProviderSignIn()\", \"options\", options, \"url\", url);\n\n // try to open on the browser\n if (isBrowser() && !options.skipBrowserRedirect) {\n window.location.assign(url);\n }\n\n return { data: { url }, error: null };\n }\n\n /**\n * Sets the session data from the current session. If the current session is expired, setSession will take care of refreshing it to obtain a new session.\n * If the refresh token or access token in the current session is invalid, an error will be thrown.\n * @param currentSession The current session that minimally contains an access token and refresh token.\n */\n async setSession(currentSession: {\n access_token: string;\n refresh_token: string;\n }): Promise<AuthResponse> {\n await this.initializePromise;\n\n return await this.lock._acquireLock(-1, async () => {\n return await this._setSession(currentSession);\n });\n }\n\n /**\n * Returns the session, refreshing it if necessary.\n *\n * The session returned can be null if the session is not detected which can happen in the event a user is not signed-in or has logged out.\n *\n * **IMPORTANT:** This method loads values directly from the storage attached\n * to the client. If that storage is based on request cookies for example,\n * the values in it may not be authentic and therefore it's strongly advised\n * against using this method and its results in such circumstances. A warning\n * will be emitted if this is detected. Use {@link #getUser()} instead.\n */\n async getSession() {\n await this.initializePromise;\n\n const result = await this.lock._acquireLock(-1, async () => {\n return this._useSession(async (result) => {\n return result;\n });\n });\n\n return result;\n }\n\n /**\n * Use instead of {@link #getSession} inside the library. It is\n * semantically usually what you want, as getting a session involves some\n * processing afterwards that requires only one client operating on the\n * session at once across multiple tabs or processes.\n */\n private async _useSession<R>(\n fn: (\n result:\n | {\n data: {\n session: Session;\n };\n error: null;\n }\n | {\n data: {\n session: null;\n };\n error: AuthError;\n }\n | {\n data: {\n session: null;\n };\n error: null;\n }\n ) => Promise<R>\n ): Promise<R> {\n this._debug(\"#_useSession\", \"begin\");\n\n try {\n // the use of __loadSession here is the only correct use of the function!\n const result = await this.__loadSession();\n\n return await fn(result);\n } finally {\n this._debug(\"#_useSession\", \"end\");\n }\n }\n\n /**\n * NEVER USE DIRECTLY!\n *\n * Always use {@link #_useSession}.\n */\n private async __loadSession(): Promise<\n | {\n data: {\n session: Session;\n };\n error: null;\n }\n | {\n data: {\n session: null;\n };\n error: AuthError;\n }\n | {\n data: {\n session: null;\n };\n error: null;\n }\n > {\n this._debug(\"#__loadSession()\", \"begin\");\n\n if (!this.lock.lockAcquired) {\n this._debug(\n \"#__loadSession()\",\n \"used outside of an acquired lock!\",\n new Error().stack\n );\n }\n\n try {\n let currentSession: Session | null = null;\n\n const maybeSession = await getItemAsync(this.storage, this.storageKey);\n\n this._debug(\"#getSession()\", \"session from storage\", maybeSession);\n\n if (maybeSession !== null) {\n if (this._isValidSession(maybeSession)) {\n currentSession = maybeSession;\n } else {\n this._debug(\"#getSession()\", \"session from storage is not valid\");\n await this._removeSession();\n }\n }\n\n if (!currentSession) {\n return { data: { session: null }, error: null };\n }\n\n const hasExpired = currentSession.expires_at\n ? currentSession.expires_at <= Date.now() / 1000\n : false;\n\n this._debug(\n \"#__loadSession()\",\n `session has${hasExpired ? \"\" : \" not\"} expired`,\n \"expires_at\",\n currentSession.expires_at\n );\n\n if (!hasExpired) {\n if (this.storage.isServer) {\n const proxySession: Session = new Proxy(currentSession, {\n get(target: any, prop: string, receiver: any) {\n if (prop === \"user\") {\n // only show warning when the user object is being accessed from the server\n console.warn(\n \"Using the user object as returned from supabase.auth.getSession() or from some supabase.auth.onAuthStateChange() events could be insecure! This value comes directly from the storage medium (usually cookies on the server) and many not be authentic. Use supabase.auth.getUser() instead which authenticates the data by contacting the Supabase Auth server.\"\n );\n }\n return Reflect.get(target, prop, receiver);\n },\n });\n currentSession = proxySession;\n }\n\n return { data: { session: currentSession }, error: null };\n }\n\n const { session, error } = await this._callRefreshToken(\n currentSession.refresh_token\n );\n if (error) {\n return { data: { session: null }, error };\n }\n\n return { data: { session }, error: null };\n } finally {\n this._debug(\"#__loadSession()\", \"end\");\n }\n }\n\n private async _removeSession() {\n this._debug(\"#_removeSession()\");\n\n await removeItemAsync(this.storage, this.storageKey);\n }\n\n private _isValidSession(maybeSession: unknown): maybeSession is Session {\n const isValidSession =\n typeof maybeSession === \"object\" &&\n maybeSession !== null &&\n \"access_token\" in maybeSession &&\n \"refresh_token\" in maybeSession &&\n \"expires_at\" in maybeSession;\n\n return isValidSession;\n }\n\n protected async _setSession(currentSession: {\n access_token: string;\n refresh_token: string;\n }): Promise<AuthResponse> {\n try {\n if (!currentSession.access_token || !currentSession.refresh_token) {\n throw new AuthSessionMissingError();\n }\n\n const timeNow = Date.now() / 1000;\n let expiresAt = timeNow;\n let hasExpired = true;\n let session: Session | null = null;\n const payload = decodeJWTPayload(currentSession.access_token);\n if (payload.exp) {\n expiresAt = payload.exp;\n hasExpired = expiresAt <= timeNow;\n }\n\n if (hasExpired) {\n const { session: refreshedSession, error } =\n await this._callRefreshToken(currentSession.refresh_token);\n if (error) {\n return { data: { user: null, session: null }, error: error };\n }\n\n if (!refreshedSession) {\n return { data: { user: null, session: null }, error: null };\n }\n session = refreshedSession;\n } else {\n const { data, error } = await this._getUser(\n currentSession.access_token\n );\n if (error || !data.user) {\n throw error;\n }\n session = {\n access_token: currentSession.access_token,\n refresh_token: currentSession.refresh_token,\n user: data.user,\n token_type: \"bearer\",\n expires_in: expiresAt - timeNow,\n expires_at: expiresAt,\n };\n await this._saveSession(session);\n await this._notifyAllSubscribers(\"SIGNED_IN\", session);\n }\n\n return { data: { user: session.user, session }, error: null };\n } catch (error) {\n if (isAuthError(error)) {\n return { data: { session: null, user: null }, error };\n }\n\n throw error;\n }\n }\n\n /**\n * set currentSession and currentUser\n * process to _startAutoRefreshToken if possible\n */\n private async _saveSession(session: Session) {\n this._debug(\"#_saveSession()\", session);\n\n await setItemAsync(this.storage, this.storageKey, session);\n }\n\n private async _getUser(access_token: string) {\n if (!access_token) throw new Error(\"Cannot fetch user without token\");\n this._debug(\"#_getUser() begin\");\n const res = await _get<User>(`${this.domainUrl}/me`, {\n token: access_token,\n });\n this._debug(\"#_getUser() end\");\n return { data: { user: res.data }, error: res.error };\n }\n\n private async _callRefreshToken(refreshToken: string) {\n if (!refreshToken) {\n throw new AuthSessionMissingError();\n }\n\n // refreshing is already in progress\n if (this.refreshingDeferred) {\n return this.refreshingDeferred.promise;\n }\n\n const debugName = `#_callRefreshToken(${refreshToken.substring(0, 5)}...)`;\n\n this._debug(debugName, \"begin\");\n\n try {\n this.refreshingDeferred = new Deferred<CallRefreshTokenResult>();\n\n const { data, error } = await this._refreshAccessToken(refreshToken);\n if (error) throw error;\n if (!data.session) throw new AuthSessionMissingError();\n\n await this._saveSession(data.session);\n await this._notifyAllSubscribers(\"TOKEN_REFRESHED\", data.session);\n\n const result = { session: data.session, error: null };\n\n this.refreshingDeferred.resolve(result);\n\n return result;\n } catch (error) {\n this._debug(debugName, \"error\", error);\n\n if (isAuthError(error)) {\n const result = { session: null, error };\n\n if (!isAuthRetryableFetchError(error)) {\n await this._removeSession();\n await this._notifyAllSubscribers(\"SIGNED_OUT\", null);\n }\n\n this.refreshingDeferred?.resolve(result);\n\n return result;\n }\n\n this.refreshingDeferred?.reject(error);\n throw error;\n } finally {\n this.refreshingDeferred = null;\n this._debug(debugName, \"end\");\n }\n }\n\n /**\n * Generates a new JWT.\n * @param refreshToken A valid refresh token that was returned on login.\n */\n private async _refreshAccessToken(\n refreshToken: string\n ): Promise<AuthResponse> {\n const debugName = `#_refreshAccessToken(${refreshToken.substring(\n 0,\n 5\n )}...)`;\n this._debug(debugName, \"begin\");\n\n try {\n const startedAt = Date.now();\n\n // will attempt to refresh the token with exponential backoff\n\n return await retryable(\n async (attempt) => {\n if (attempt > 0) {\n await sleep(200 * Math.pow(2, attempt - 1)); // 200, 400, 800, ...\n }\n\n this._debug(debugName, \"refreshing attempt\", attempt);\n\n // return await _post(`${this.url}/token?grant_type=refresh_token`, {\n // body: { refresh_token: refreshToken },\n // headers: this.headers,\n // xform: _sessionResponse,\n // });\n const rawResponse = await _post<Partial<RawAuthResponse>>(\n `${this.domainUrl}/oauth/token`,\n {\n client_id: this.clientId,\n grant_type: \"refresh_token\",\n refresh_token: refreshToken,\n }\n );\n const session_res = _sessionResponse(rawResponse);\n\n if (!session_res.data.session?.access_token) {\n throw new Error(\"Bad user\");\n }\n const user_res = await this._getUser(\n session_res.data.session?.access_token\n );\n\n const { data: user, error } = user_res;\n if (error) {\n throw new Error(\"Error requesting user\");\n }\n if (!user) {\n throw new Error(\"No user found\");\n }\n\n const x = {\n data: {\n session: {\n ...session_res.data.session,\n user,\n },\n user,\n },\n error: null,\n };\n // this._debug(x);\n return x;\n },\n (attempt, error) => {\n const nextBackOffInterval = 200 * Math.pow(2, attempt);\n return (\n error &&\n isAuthRetryableFetchError(error) &&\n // retryable only if the request can be sent before the backoff overflows the tick duration\n Date.now() + nextBackOffInterval - startedAt <\n AUTO_REFRESH_TICK_DURATION\n );\n }\n );\n } catch (error) {\n this._debug(debugName, \"error\", error);\n\n if (isAuthError(error)) {\n return { data: { session: null, user: null }, error };\n }\n throw error;\n } finally {\n this._debug(debugName, \"end\");\n }\n }\n\n private async _notifyAllSubscribers(\n event: AuthChangeEvent,\n session: Session | null,\n broadcast = true\n ) {\n const debugName = `#_notifyAllSubscribers(${event})`;\n this._debug(debugName, \"begin\", session, `broadcast = ${broadcast}`);\n\n try {\n if (this.broadcastChannel && broadcast) {\n this.broadcastChannel.postMessage({ event, session });\n }\n\n const errors: any[] = [];\n const promises = Array.from(this.stateChangeEmitters.values()).map(\n async (x) => {\n try {\n await x.callback(event, session);\n } catch (e: any) {\n errors.push(e);\n }\n }\n );\n\n await Promise.all(promises);\n\n if (errors.length > 0) {\n for (let i = 0; i < errors.length; i += 1) {\n console.error(errors[i]);\n }\n\n throw errors[0];\n }\n } finally {\n this._debug(debugName, \"end\");\n }\n }\n\n /**\n * Inside a browser context, `signOut()` will remove the logged in user from the browser session and log them out - removing all items from localstorage and then trigger a `\"SIGNED_OUT\"` event.\n *\n * For server-side management, you can revoke all refresh tokens for a user by passing a user's JWT through to `auth.api.signOut(JWT: string)`.\n * There is no way to revoke a user's access token jwt until it expires. It is recommended to set a shorter expiry on the jwt for this reason.\n *\n * If using `others` scope, no `SIGNED_OUT` event is fired!\n */\n async signOut(\n options: SignOut = { scope: \"global\" }\n ): Promise<{ error: AuthError | null }> {\n await this.initializePromise;\n\n return await this.lock._acquireLock(-1, async () => {\n return await this._signOut(options);\n });\n }\n\n protected async _signOut(\n { scope, returnTo }: SignOut & { returnTo?: string } = { scope: \"global\" }\n ): Promise<{ error: AuthError | null }> {\n return await this._useSession(async (result) => {\n const { data, error: sessionError } = result;\n if (sessionError) {\n return { error: sessionError };\n }\n const accessToken = data.session?.access_token;\n if (accessToken) {\n const { error } = await this.api.signOut({\n client_id: this.clientId,\n });\n if (error) {\n // ignore 404s since user might not exist anymore\n // ignore 401s since an invalid or expired JWT should sign out the current session\n if (\n !(\n isAuthApiError(error) &&\n (error.status === 404 || error.status === 401)\n )\n ) {\n return { error };\n }\n }\n }\n if (scope !== \"others\") {\n await this._removeSession();\n await removeItemAsync(this.storage, `${this.storageKey}-code-verifier`);\n await this._notifyAllSubscribers(\"SIGNED_OUT\", null);\n }\n return { error: null };\n });\n }\n\n /**\n * Receive a notification every time an auth event happens.\n * @param callback A callback function to be invoked when an auth event happens.\n */\n onAuthStateChange(\n callback: (\n event: AuthChangeEvent,\n session: Session | null\n ) => void | Promise<void>\n ): {\n data: { subscription: Subscription };\n } {\n const id: string = uuid();\n const subscription: Subscription = {\n id,\n callback,\n unsubscribe: () => {\n this._debug(\n \"#unsubscribe()\",\n \"state change callback with id removed\",\n id\n );\n\n this.stateChangeEmitters.delete(id);\n },\n };\n\n this._debug(\"#onAuthStateChange()\", \"registered callback with id\", id);\n\n this.stateChangeEmitters.set(id, subscription);\n (async () => {\n await this.initializePromise;\n\n await this.lock._acquireLock(-1, async () => {\n this._emitInitialSession(id);\n });\n })();\n\n return { data: { subscription } };\n }\n\n private async _emitInitialSession(id: string): Promise<void> {\n return await this._useSession(async (result) => {\n try {\n const {\n data: { session },\n error,\n } = result;\n if (error) throw error;\n\n await this.stateChangeEmitters\n .get(id)\n ?.callback(\"INITIAL_SESSION\", session);\n this._debug(\"INITIAL_SESSION\", \"callback id\", id, \"session\", session);\n } catch (err) {\n await this.stateChangeEmitters\n .get(id)\n ?.callback(\"INITIAL_SESSION\", null);\n this._debug(\"INITIAL_SESSION\", \"callback id\", id, \"error\", err);\n console.error(err);\n }\n });\n }\n\n /**\n * Returns a new session, regardless of expiry status.\n * Takes in an optional current session. If not passed in, then refreshSession() will attempt to retrieve it from getSession().\n * If the current session's refresh token is invalid, an error will be thrown.\n * @param currentSession The current session. If passed in, it must contain a refresh token.\n */\n async refreshSession(currentSession?: {\n refresh_token: string;\n }): Promise<AuthResponse> {\n await this.initializePromise;\n\n return await this.lock._acquireLock(-1, async () => {\n return await this._refreshSession(currentSession);\n });\n }\n\n protected async _refreshSession(currentSession?: {\n refresh_token: string;\n }): Promise<AuthResponse> {\n try {\n return await this._useSession(async (result) => {\n if (!currentSession) {\n const { data, error } = result;\n if (error) {\n throw error;\n }\n\n currentSession = data.session ?? undefined;\n }\n\n if (!currentSession?.refresh_token) {\n throw new AuthSessionMissingError();\n }\n\n const { session, error } = await this._callRefreshToken(\n currentSession.refresh_token\n );\n if (error) {\n return { data: { user: null, session: null }, error: error };\n }\n\n if (!session) {\n return { data: { user: null, session: null }, error: null };\n }\n\n return { data: { user: (session as any).user, session }, error: null };\n });\n } catch (error) {\n if (isAuthError(error)) {\n return { data: { user: null, session: null }, error };\n }\n\n throw error;\n }\n }\n}\n","import { AuthError } from \"./errors\";\nimport { LockFunc } from \"../lock/locks\";\nimport { BaseLogOptions } from \"../BaseLog\";\n\n/**\n * @ignore\n */\nexport interface AuthenticationResult {\n state: string;\n code?: string;\n error?: string;\n error_description?: string;\n}\n\nexport class User {\n name?: string;\n profile?: string;\n picture?: string;\n email?: string;\n website?: string;\n birthdate?: string;\n locale?: string;\n sub?: string;\n [key: string]: any;\n}\n\n/**\n * The state of the application before the user was redirected to the login page.\n */\nexport type AppState = {\n returnTo?: string;\n [key: string]: any; // eslint-disable-line @typescript-eslint/no-explicit-any\n};\n\nexport interface AuthorizationParams {\n /**\n * - `'page'`: displays the UI with a full page view\n * - `'popup'`: displays the UI with a popup window\n * - `'touch'`: displays the UI in a way that leverages a touch interface\n * - `'wap'`: displays the UI with a \"feature phone\" type interface\n */\n display?: \"page\" | \"popup\" | \"touch\" | \"wap\";\n\n /**\n * - `'none'`: do not prompt user for login or consent on reauthentication\n * - `'login'`: prompt user for reauthentication\n * - `'consent'`: prompt user for consent before processing request\n * - `'select_account'`: prompt user to select an account\n */\n prompt?: \"none\" | \"login\" | \"consent\" | \"select_account\";\n\n /**\n * Maximum allowable elapsed time (in seconds) since authentication.\n * If the last time the user authenticated is greater than this value,\n * the user must be reauthenticated.\n */\n max_age?: string | number;\n\n /**\n * The space-separated list of language tags, ordered by preference.\n * For example: `'fr-CA fr en'`.\n */\n ui_locales?: string;\n\n /**\n * Previously issued ID Token.\n */\n id_token_hint?: string;\n\n /**\n * Provides a hint to Auth0 as to what flow should be displayed.\n * The default behavior is to show a login page but you can override\n * this by passing 'signup' to show the signup page instead.\n *\n * This only affects the New Universal Login Experience.\n */\n screen_hint?: \"signup\" | \"login\" | string;\n\n /**\n * The user's email address or other identifier. When your app knows\n * which user is trying to authenticate, you can provide this parameter\n * to pre-fill the email box or select the right session for sign-in.\n *\n * This currently only affects the classic Lock experience.\n */\n login_hint?: string;\n\n acr_values?: string;\n\n /**\n * The default scope to be used on authentication requests.\n *\n * This defaults to `profile email` if not set. If you are setting extra scopes and require\n * `profile` and `email` to be included then you must include them in the provided scope.\n *\n * Note: The `openid` scope is **always applied** regardless of this setting.\n */\n scope?: string;\n\n /**\n * The default audience to be used for requesting API access.\n */\n audience?: string;\n\n /**\n * The name of the connection configured for your application.\n * If null, it will redirect to the Auth0 Login Page and show\n * the Login Widget.\n */\n connection?: string;\n\n /**\n * The Id of an organization to log in to.\n *\n * This will specify an `organization` parameter in your user's login request and will add a step to validate\n * the `org_id` claim in your user's ID Token.\n */\n organization?: string;\n\n /**\n * The Id of an invitation to accept. This is available from the user invitation URL that is given when participating in a user invitation flow.\n */\n invitation?: string;\n\n /**\n * The default URL where Auth0 will redirect your browser to with\n * the authentication result. It must be whitelisted in\n * the \"Allowed Callback URLs\" field in your Auth0 Application's\n * settings. If not provided here, it should be provided in the other\n * methods that provide authentication.\n */\n redirect_uri?: string;\n\n /**\n * If you need to send custom parameters to the Authorization Server,\n * make sure to use the original parameter name.\n */\n [key: string]: any;\n}\n\ninterface BaseLoginOptions {\n /**\n * URL parameters that will be sent back to the Authorization Server. This can be known parameters\n * defined by Auth0 or custom parameters that you define.\n */\n authorizationParams?: AuthorizationParams;\n}\n\nexport interface RedirectLoginOptions<TAppState = any>\n extends BaseLoginOptions {\n /**\n * Used to store state before doing the redirect\n */\n appState?: TAppState;\n}\n\nexport interface IdToken {\n __raw: string;\n name?: string;\n given_name?: string;\n family_name?: string;\n middle_name?: string;\n nickname?: string;\n preferred_username?: string;\n profile?: string;\n picture?: string;\n website?: string;\n email?: string;\n email_verified?: boolean;\n gender?: string;\n birthdate?: string;\n zoneinfo?: string;\n locale?: string;\n phone_number?: string;\n phone_number_verified?: boolean;\n address?: string;\n updated_at?: string;\n iss?: string;\n aud?: string;\n exp?: number;\n nbf?: number;\n iat?: number;\n jti?: string;\n azp?: string;\n nonce?: string;\n auth_time?: string;\n at_hash?: string;\n c_hash?: string;\n acr?: string;\n amr?: string;\n sub_jwk?: string;\n cnf?: string;\n sid?: string;\n org_id?: string;\n [key: string]: any;\n}\n\nexport interface GetTokenSilentlyOptions {\n /**\n * When `off`, ignores the cache and always sends a\n * request to Auth0.\n * When `cache-only`, only reads from the cache and never sends a request to Auth0.\n * Defaults to `on`, where it both reads from the cache and sends a request to Auth0 as needed.\n */\n cacheMode?: \"on\" | \"off\" | \"cache-only\";\n\n /**\n * Parameters that will be sent back to Auth0 as part of a request.\n */\n authorizationParams?: {\n /**\n * There's no actual redirect when getting a token silently,\n * but, according to the spec, a `redirect_uri` param is required.\n * Auth0 uses this parameter to validate that the current `origin`\n * matches the `redirect_uri` `origin` when sending the response.\n * It must be whitelisted in the \"Allowed Web Origins\" in your\n * Auth0 Application's settings.\n */\n redirect_uri?: string;\n\n /**\n * The scope that was used in the authentication request\n */\n scope?: string;\n\n /**\n * The audience that was used in the authentication request\n */\n audience?: string;\n\n /**\n * If you need to send custom parameters to the Authorization Server,\n * make sure to use the original parameter name.\n */\n [key: string]: any;\n };\n\n /** A maximum number of seconds to wait before declaring the background /authorize call as failed for timeout\n * Defaults to 60s.\n */\n timeoutInSeconds?: number;\n\n /**\n * If true, the full response from the /oauth/token endpoint (or the cache, if the cache was used) is returned\n * (minus `refresh_token` if one was issued). Otherwise, just the access token is returned.\n *\n * The default is `false`.\n */\n detailedResponse?: boolean;\n}\n\nexport type GetTokenSilentlyVerboseResponse = Omit<\n TokenEndpointResponse,\n \"refresh_token\"\n>;\n\nexport type TokenEndpointResponse = {\n id_token: string;\n access_token: string;\n refresh_token?: string;\n expires_in: number;\n scope?: string;\n};\n\nexport type FaableAuthClientConfig = {\n domain: string;\n clientId: string;\n\n // Optional\n scope?: string;\n audience?: string;\n redirect_uri?: string;\n authorizationParams?: AuthorizationParams;\n cookieDomain?: string;\n useRefreshTokens?: boolean;\n /* If set to 'pkce' PKCE flow. Defaults to the 'implicit' flow otherwise */\n flowType?: AuthFlowType;\n storage?: SupportedStorage;\n /* Optional key name used for storing tokens in local storage. */\n storageKey?: string;\n\n /**\n * Provide your own locking mechanism based on the environment. By default no locking is done at this time.\n *\n * @experimental\n */\n lock?: LockFunc;\n} & BaseLogOptions;\n\ntype AnyFunction = (...args: any[]) => any;\ntype MaybePromisify<T> = T | Promise<T>;\ntype PromisifyMethods<T> = {\n [K in keyof T]: T[K] extends AnyFunction\n ? (...args: Parameters<T[K]>) => MaybePromisify<ReturnType<T[K]>>\n : T[K];\n};\n\nexport type SupportedStorage = PromisifyMethods<\n Pick<Storage, \"getItem\" | \"setItem\" | \"removeItem\">\n> & {\n /**\n * If set to `true` signals to the library that the storage medium is used\n * on a server and the values may not be authentic, such as reading from\n * request cookies. Implementations should not set this to true if the client\n * is used on a server that reads storage information from authenticated\n * sources, such as a secure database or file.\n */\n isServer?: boolean;\n};\n\nexport type Provider = \"google\" | \"github\";\n\nexport type AuthFlowType = \"implicit\" | \"pkce\";\n\nexport type SignInWithOAuthConnection = {\n /** Default connection is used if not setted. */\n connection?: string;\n /** A URL to send the user to after they are confirmed. */\n redirectTo?: string;\n /** A space-separated list of scopes granted to the OAuth application. */\n scopes?: string;\n /** An object of query params */\n queryParams?: { [key: string]: string };\n /** If set to true does not immediately redirect the current browser context to visit the OAuth authorization page for the provider. */\n skipBrowserRedirect?: boolean;\n};\n\nexport type OAuthResponse =\n | {\n data: {\n url: string;\n };\n error: null;\n }\n | {\n data: {\n url: null;\n };\n error: AuthError;\n };\n\nexport interface Session {\n /**\n * The oauth provider token. If present, this can be used to make external API requests to the oauth provider used.\n */\n provider_token?: string | null;\n /**\n * The oauth provider refresh token. If present, this can be used to refresh the provider_token via the oauth provider's API.\n * Not all oauth providers return a provider refresh token. If the provider_refresh_token is missing, please refer to the oauth provider's documentation for information on how to obtain the provider refresh token.\n */\n provider_refresh_token?: string | null;\n /**\n * The access token jwt. It is recommended to set the JWT_EXPIRY to a shorter expiry value.\n */\n access_token: string;\n /**\n * A one-time used refresh token that never expires.\n */\n refresh_token: string;\n /**\n * The number of seconds until the token expires (since it was issued). Returned when a login is confirmed.\n */\n expires_in: number;\n /**\n * A timestamp of when the token will expire. Returned when a login is confirmed.\n */\n expires_at?: number;\n token_type: string;\n user: User;\n}\n\nexport type AuthResponse =\n | {\n data: {\n user: User | null;\n session: Session | null;\n };\n error: null;\n }\n | {\n data: {\n user: null;\n session: null;\n };\n error: AuthError;\n };\n\nexport type AuthChangeEventMFA = \"MFA_CHALLENGE_VERIFIED\";\n\nexport type AuthChangeEvent =\n | \"INITIAL_SESSION\"\n | \"PASSWORD_RECOVERY\"\n | \"SIGNED_IN\"\n | \"SIGNED_OUT\"\n | \"TOKEN_REFRESHED\"\n | \"USER_UPDATED\"\n | AuthChangeEventMFA;\n\nexport interface Subscription {\n /**\n * The subscriber UUID. This will be set by the client.\n */\n id: string;\n /**\n * The function to call every time there is an event. eg: (eventName) => {}\n */\n callback: (event: AuthChangeEvent, session: Session | null) => void;\n /**\n * Call this to remove the listener.\n */\n unsubscribe: () => void;\n}\n\nexport type SignOut = {\n /**\n * Determines which sessions should be\n * logged out. Global means all\n * sessions by this account. Local\n * means only this session. Others\n * means all other sessions except the\n * current one. When using others,\n * there is no sign-out event fired on\n * the current session!\n */\n scope?: \"global\" | \"local\" | \"others\";\n};\n\nexport type InitializeResult = { error: AuthError | null };\n\nexport type UserResponse =\n | {\n data: {\n user: User;\n };\n error: null;\n }\n | {\n data: {\n user: null;\n };\n error: AuthError;\n };\n\nexport type CallRefreshTokenResult =\n | {\n session: Session;\n error: null;\n }\n | {\n session: null;\n error: AuthError;\n };\n","import { FaableAuthClient } from \"./FaableAuthClient\";\nimport { FaableAuthClientConfig } from \"./lib/types\";\n\nexport const createClient = (config: FaableAuthClientConfig) => {\n return new FaableAuthClient(config);\n};\n"],"names":["extendStatics","d","b","Object","setPrototypeOf","__proto__","Array","p","prototype","hasOwnProperty","call","__extends","TypeError","String","__","this","constructor","create","__assign","assign","t","s","i","n","arguments","length","apply","__awaiter","thisArg","_arguments","P","generator","Promise","resolve","reject","fulfilled","value","step","next","e","rejected","result","done","then","__generator","body","f","y","_","label","sent","trys","ops","g","Iterator","verb","Symbol","iterator","v","op","pop","push","__spreadArray","to","from","pack","ar","l","slice","concat","SuppressedError","setItemAsync","storage","key","data","setItem","JSON","stringify","_a","getItemAsync","getItem","parse","_b","removeItemAsync","removeItem","dec2hex","dec","toString","substr","sha256","randomString","encoder","TextEncoder","encodedData","encode","crypto","subtle","digest","hash","bytes","Uint8Array","map","c","fromCharCode","join","generatePKCEChallenge","verifier","console","warn","hashed","str","btoa","replace","getCodeChallengeAndMethod","storage_1","storageKey_1","storageKey","isPasswordRecovery","codeVerifier","array","Uint32Array","charSet","charAt","Math","floor","random","getRandomValues","generatePKCEVerifier","storedCodeVerifier","codeChallenge","isBrowser","document","localStorageWriteTests","tested","writable","supportsLocalStorage","globalThis","localStorage","randomKey","_sessionResponse","expiresIn","session","Error","access_token","refresh_token","expires_in","hasSession","expires_at","round","Date","now","user","error","Deferred","_this","promise","promiseConstructor","res","rej","retryable","fn","isRetryable","accept","attempt","Infinity","e_1","sleep","time","setTimeout","decodeJWTPayload","token","parts","split","test","base64Url","chr1","chr2","chr3","enc2","enc3","enc4","base64","indexOf","decodeBase64URL","localStorageAdapter","AuthError","_super","message","status","code","__isAuthError","name","CustomAuthError","AuthSessionMissingError","undefined","isAuthError","AuthApiError","AuthImplicitGrantRedirectError","details","toJSON","AuthPKCEGrantCodeExchangeError","AuthUnknownError","originalError","AuthInvalidTokenResponseError","isAuthRetryableFetchError","AuthRetryableFetchError","BaseLog","config","logger","log","logDebugMessages","debug","_debug","args","_i","extra","extraPrint","toISOString","win","window","global","fetch","headers","init","Authorization","_handleRes","res_1","args_1","options","raw","text","_c","json","_post","url_1","data_1","url","method","_get","FaableAuthApi","base_url","signOut","params","URLSearchParams","LockAcquireTimeoutError","isAcquireTimeout","lockNoOp","acquireTimeout","NavigatorLockAcquireTimeoutError","Base","instanceID","nextInstanceID","Lock","lockAcquired","pendingInLock","lock","_acquireLock","last_1","result_1","result_2","waitOn","all","splice","parseParametersFromURL","href","URL","substring","forEach","searchParams","clearURLParameters","delete_params","location","param","delete","history","replaceState","state","getWindow","windowHelpers","redirect","getDocument","AUTO_REFRESH_TICK_DURATION","FaableAuthClient","domainUrl","initializePromise","detectSessionInUrl","autoRefreshTicker","visibilityChangedCallback","refreshingDeferred","broadcastChannel","stateChangeEmitters","Map","sessionCheckExpiryDays","redirect_uri","domain","protocol","getDomain","tokenIssuer","clientId","api","key_prefix","BroadcastChannel","addEventListener","event","_notifyAllSubscribers","autoRefreshToken","initialize","_initialize","_detectFlowType","flow","_getSessionFromURL","_removeSession","session_1","redirectType_1","_saveSession","_recoverAndRefresh","error_1","_handleVisibilityChange","_exchangeCodeForSession","_d","error_3","redirectType","error_description","error_code","provider_token","provider_refresh_token","token_type","refreshTick","timeNow","parseInt","expiresAt","actuallyExpiresIn","issuedAt","checkExpiresInTime","_getUser","type","error_2","authCode","storageItem","client_id","grant_type","code_verifier","rawResponse","userdata","error_4","startAutoRefresh","_onVisibilityChanged","error_5","calledFromInitialize","methodName","visibilityState","_startAutoRefresh","_stopAutoRefresh","debugName","currentSession","_isValidSession","expiresWithMargin","_callRefreshToken","err_1","_removeVisibilityChangedCallback","callback","removeEventListener","ticker","setInterval","_autoRefreshTokenTick","unref","Deno","unrefTimer","clearInterval","now_1","_useSession","expiresInTicks","e_2","browser","_scope","scope","_getUrlForConnection","urlParams","queryParams","authorize_params","response_type","redirectTo","origin","scopes","codeChallengeMethod","code_challenge","code_challenge_method","connection","signInWithOauthConnection","credentials","_handleConnectionSignIn","skipBrowserRedirect","signInWithUsernamePassword","handleCallback","formHtml","rawAuthResponse","div","createElement","innerHTML","appendChild","children","submit","username","password","changePassword","email","buildAuthorizeUrl","audience","fromEntries","entries","filter","authorize","setSession","_setSession","getSession","__loadSession","stack","maybeSession","hasExpired","isServer","proxySession","Proxy","get","target","prop","receiver","Reflect","payload","exp","refreshedSession","error_6","refreshToken","_refreshAccessToken","error_7","startedAt_1","pow","session_res","user_res","nextBackOffInterval","error_8","event_1","session_2","broadcast","postMessage","errors_1","promises","values","x","e_3","_signOut","returnTo","sessionError","isAuthApiError","onAuthStateChange","id","r","subscription","unsubscribe","set","_emitInitialSession","err_2","refreshSession","_refreshSession","error_10","error_9","User","createClient"],"mappings":";;;;;AAgBA,IAAIA,EAAgB,SAASC,EAAGC,GAI5B,OAHAF,EAAgBG,OAAOC,gBAClB,CAAEC,UAAW,cAAgBC,OAAS,SAAUL,EAAGC,GAAKD,EAAEI,UAAYH,CAAG,GAC1E,SAAUD,EAAGC,GAAK,IAAK,IAAIK,KAAKL,EAAOC,OAAOK,UAAUC,eAAeC,KAAKR,EAAGK,KAAIN,EAAEM,GAAKL,EAAEK,GAAK,EAC9FP,EAAcC,EAAGC,EAC5B,EAEO,SAASS,EAAUV,EAAGC,GACzB,GAAiB,mBAANA,GAA0B,OAANA,EAC3B,MAAM,IAAIU,UAAU,uBAAyBC,OAAOX,GAAK,iCAE7D,SAASY,IAAOC,KAAKC,YAAcf,CAAG,CADtCD,EAAcC,EAAGC,GAEjBD,EAAEO,UAAkB,OAANN,EAAaC,OAAOc,OAAOf,IAAMY,EAAGN,UAAYN,EAAEM,UAAW,IAAIM,EACnF,CAEO,IAAII,EAAW,WAQlB,OAPAA,EAAWf,OAAOgB,QAAU,SAAkBC,GAC1C,IAAK,IAAIC,EAAGC,EAAI,EAAGC,EAAIC,UAAUC,OAAQH,EAAIC,EAAGD,IAE5C,IAAK,IAAIf,KADTc,EAAIG,UAAUF,GACOnB,OAAOK,UAAUC,eAAeC,KAAKW,EAAGd,KAAIa,EAAEb,GAAKc,EAAEd,IAE9E,OAAOa,CACV,EACMF,EAASQ,MAAMX,KAAMS,UAChC,EA0EO,SAASG,EAAUC,EAASC,EAAYC,EAAGC,GAE9C,OAAO,IAAKD,IAAMA,EAAIE,WAAU,SAAUC,EAASC,GAC/C,SAASC,EAAUC,GAAS,IAAMC,EAAKN,EAAUO,KAAKF,GAAU,CAAC,MAAOG,GAAKL,EAAOK,EAAI,CAAE,CAC1F,SAASC,EAASJ,GAAS,IAAMC,EAAKN,EAAiB,MAAEK,GAAU,CAAC,MAAOG,GAAKL,EAAOK,EAAI,CAAE,CAC7F,SAASF,EAAKI,GAJlB,IAAeL,EAIaK,EAAOC,KAAOT,EAAQQ,EAAOL,QAJ1CA,EAIyDK,EAAOL,MAJhDA,aAAiBN,EAAIM,EAAQ,IAAIN,GAAE,SAAUG,GAAWA,EAAQG,EAAQ,KAIjBO,KAAKR,EAAWK,EAAW,CAC7GH,GAAMN,EAAYA,EAAUL,MAAME,EAASC,GAAc,KAAKS,OAClE,GACJ,CAEO,SAASM,EAAYhB,EAASiB,GACjC,IAAsGC,EAAGC,EAAG3B,EAAxG4B,EAAI,CAAEC,MAAO,EAAGC,KAAM,WAAa,GAAW,EAAP9B,EAAE,GAAQ,MAAMA,EAAE,GAAI,OAAOA,EAAE,EAAK,EAAE+B,KAAM,GAAIC,IAAK,IAAeC,EAAIlD,OAAOc,QAA4B,mBAAbqC,SAA0BA,SAAWnD,QAAQK,WACtL,OAAO6C,EAAEf,KAAOiB,EAAK,GAAIF,EAAS,MAAIE,EAAK,GAAIF,EAAU,OAAIE,EAAK,GAAsB,mBAAXC,SAA0BH,EAAEG,OAAOC,UAAY,WAAa,OAAO1C,IAAO,GAAGsC,EAC1J,SAASE,EAAKhC,GAAK,OAAO,SAAUmC,GAAK,OACzC,SAAcC,GACV,GAAIb,EAAG,MAAM,IAAIlC,UAAU,mCAC3B,KAAOyC,IAAMA,EAAI,EAAGM,EAAG,KAAOX,EAAI,IAAKA,OACnC,GAAIF,EAAI,EAAGC,IAAM3B,EAAY,EAARuC,EAAG,GAASZ,EAAU,OAAIY,EAAG,GAAKZ,EAAS,SAAO3B,EAAI2B,EAAU,SAAM3B,EAAEV,KAAKqC,GAAI,GAAKA,EAAET,SAAWlB,EAAIA,EAAEV,KAAKqC,EAAGY,EAAG,KAAKjB,KAAM,OAAOtB,EAE3J,OADI2B,EAAI,EAAG3B,IAAGuC,EAAK,CAAS,EAARA,EAAG,GAAQvC,EAAEgB,QACzBuB,EAAG,IACP,KAAK,EAAG,KAAK,EAAGvC,EAAIuC,EAAI,MACxB,KAAK,EAAc,OAAXX,EAAEC,QAAgB,CAAEb,MAAOuB,EAAG,GAAIjB,MAAM,GAChD,KAAK,EAAGM,EAAEC,QAASF,EAAIY,EAAG,GAAIA,EAAK,CAAC,GAAI,SACxC,KAAK,EAAGA,EAAKX,EAAEI,IAAIQ,MAAOZ,EAAEG,KAAKS,MAAO,SACxC,QACI,KAAMxC,EAAI4B,EAAEG,MAAM/B,EAAIA,EAAEK,OAAS,GAAKL,EAAEA,EAAEK,OAAS,KAAkB,IAAVkC,EAAG,IAAsB,IAAVA,EAAG,IAAW,CAAEX,EAAI,EAAG,QAAU,CAC3G,GAAc,IAAVW,EAAG,MAAcvC,GAAMuC,EAAG,GAAKvC,EAAE,IAAMuC,EAAG,GAAKvC,EAAE,IAAM,CAAE4B,EAAEC,MAAQU,EAAG,GAAI,KAAO,CACrF,GAAc,IAAVA,EAAG,IAAYX,EAAEC,MAAQ7B,EAAE,GAAI,CAAE4B,EAAEC,MAAQ7B,EAAE,GAAIA,EAAIuC,EAAI,KAAO,CACpE,GAAIvC,GAAK4B,EAAEC,MAAQ7B,EAAE,GAAI,CAAE4B,EAAEC,MAAQ7B,EAAE,GAAI4B,EAAEI,IAAIS,KAAKF,GAAK,KAAO,CAC9DvC,EAAE,IAAI4B,EAAEI,IAAIQ,MAChBZ,EAAEG,KAAKS,MAAO,SAEtBD,EAAKd,EAAKnC,KAAKkB,EAASoB,EAC3B,CAAC,MAAOT,GAAKoB,EAAK,CAAC,EAAGpB,GAAIQ,EAAI,CAAG,CAAU,QAAED,EAAI1B,EAAI,CAAG,CACzD,GAAY,EAARuC,EAAG,GAAQ,MAAMA,EAAG,GAAI,MAAO,CAAEvB,MAAOuB,EAAG,GAAKA,EAAG,QAAK,EAAQjB,MAAM,EAC9E,CAtBgDL,CAAK,CAACd,EAAGmC,GAAM,CAAE,CAuBrE,CA+DO,SAASI,EAAcC,EAAIC,EAAMC,GACpC,GAAIA,GAA6B,IAArBzC,UAAUC,OAAc,IAAK,IAA4ByC,EAAxB5C,EAAI,EAAG6C,EAAIH,EAAKvC,OAAYH,EAAI6C,EAAG7C,KACxE4C,GAAQ5C,KAAK0C,IACRE,IAAIA,EAAK5D,MAAME,UAAU4D,MAAM1D,KAAKsD,EAAM,EAAG1C,IAClD4C,EAAG5C,GAAK0C,EAAK1C,IAGrB,OAAOyC,EAAGM,OAAOH,GAAM5D,MAAME,UAAU4D,MAAM1D,KAAKsD,GACtD,CA2GkD,mBAApBM,iBAAiCA,gBCtSxD,IC/BMC,EAAe,SAC1BC,EACAC,EACAC,GAAS,OAAA/C,OAAA,OAAA,OAAA,GAAA,sDAET,KAAA,EAAA,MAAA,CAAA,EAAM6C,EAAQG,QAAQF,EAAKG,KAAKC,UAAUH,mBAA1CI,EAAA5B,mBAGW6B,EAAe,SAC1BP,EACAC,GAAW,OAAA9C,OAAA,OAAA,OAAA,GAAA,4DAEG,KAAA,EAAA,MAAA,CAAA,EAAM6C,EAAQQ,QAAQP,WAEpC,KAFMrC,EAAQ0C,EAA0B5B,QAGtC,MAAA,CAAA,EAAO,MAGT,IACE,MAAA,CAAA,EAAO0B,KAAKK,MAAM7C,GACnB,CAAC,MAAA8C,GACA,MAAA,CAAA,EAAO9C,EACT,mBAGW+C,EAAkB,SAC7BX,EACAC,GAAW,OAAA9C,OAAA,OAAA,OAAA,GAAA,sDAEX,KAAA,EAAA,MAAA,CAAA,EAAM6C,EAAQY,WAAWX,kBAAzBK,EAAA5B,mBC5BF,SAASmC,EAAQC,GACf,OAAQ,IAAMA,EAAIC,SAAS,KAAKC,UAClC,CAiDA,SAAeC,EAAOC,yGAGP,OAFPC,EAAU,IAAIC,YACdC,EAAcF,EAAQG,OAAOJ,GAChB,CAAA,EAAAK,OAAOC,OAAOC,OAAO,UAAWJ,WAGnD,OAHMK,EAAOpB,EAAkD5B,OACzDiD,EAAQ,IAAIC,WAAWF,GAE7B,CAAA,EAAO5F,MAAM0D,KAAKmC,GACfE,KAAI,SAACC,GAAM,OAAAzF,OAAO0F,aAAaD,EAApB,IACXE,KAAK,WACT,CAMK,SAAgBC,EAAsBC,mGAM1C,MAJoB,oBAAXX,aACkB,IAAlBA,OAAOC,QACS,oBAAhBJ,YAQM,CAAA,EAAMH,EAAOiB,KAL1BC,QAAQC,KACN,sGAEF,CAAA,EAAOF,WAGT,OADMG,EAAS/B,EAAsB5B,OACrC,CAAA,GAjBuB4D,EAiBAD,EAhBhBE,KAAKD,GAAKE,QAAQ,MAAO,KAAKA,QAAQ,MAAO,KAAKA,QAAQ,MAAO,MAD1E,IAAyBF,OAkBxB,UAEqBG,EAAyBC,EAAAC,4CAC7C3C,EACA4C,EACAC,yBAAA,IAAAA,IAAAA,GAA0B,8CAO1B,OALMC,aApDN,IACMC,EAAQ,IAAIC,YADK,IAEvB,GAAsB,oBAAXzB,OAAwB,CAKjC,IAJA,IAAM0B,EACJ,qEAEEf,EAAW,GACNpF,EAAI,EAAGA,EAPK,GAOeA,IAClCoF,GAAYe,EAAQC,OAAOC,KAAKC,MAHfH,GAGqBE,KAAKE,WAE7C,OAAOnB,CACT,CAEA,OADAX,OAAO+B,gBAAgBP,GAChBjH,MAAM0D,KAAKuD,EAAOlC,GAASmB,KAAK,GACzC,CAsCuBuB,GACjBC,EAAqBV,EACrBD,IACFW,GAAsB,sBAElB,CAAA,EAAAzD,EACJC,EACA,GAAAH,OAAG+C,EAA0B,kBAC7BY,WAEoB,OALtBlD,EAAA5B,OAKsB,CAAA,EAAMuD,EAAsBa,WAElD,MAAA,CAAA,EAAO,CAFDW,EAAgBnD,EAAyC5B,OACnCoE,IAAiBW,EAAgB,QAAU,eAExE,CAEM,IAAMC,EAAY,WAAM,MAAoB,oBAAbC,QAAP,EAEzBC,EAAyB,CAC7BC,QAAQ,EACRC,UAAU,GAMCC,EAAuB,WAClC,IAAKL,IACH,OAAO,EAGT,IACE,GAAuC,iBAA5BM,WAAWC,aACpB,OAAO,CAEV,CAAC,MAAOlG,GAEP,OAAO,CACT,CAEA,GAAI6F,EAAuBC,OACzB,OAAOD,EAAuBE,SAGhC,IAAMI,EAAY,QAAQrE,OAAAsD,KAAKE,UAAQxD,OAAGsD,KAAKE,UAE/C,IACEW,WAAWC,aAAa9D,QAAQ+D,EAAWA,GAC3CF,WAAWC,aAAarD,WAAWsD,GAEnCN,EAAuBC,QAAS,EAChCD,EAAuBE,UAAW,CACnC,CAAC,MAAO/F,GAIP6F,EAAuBC,QAAS,EAChCD,EAAuBE,UAAW,CACpC,CAEA,OAAOF,EAAuBE,QAChC,EAgCM,SAAUK,EAAiB7D,SALP8D,EAMxBlE,EAAII,EAAAJ,KAEAmE,EAAU,KACd,IAAKnE,EAAM,MAAM,IAAIoE,MAAM,wBAS3B,OAtBF,SAAoBpE,GAClB,QAASA,EAAKqE,gBAAkBrE,EAAKsE,iBAAmBtE,EAAKuE,UAC/D,CAYMC,CAAWxE,KACbmE,EAAO3H,EAAA,CAAA,EAAQwD,IACVA,EAAKyE,YAAczE,EAAKuE,aAC3BJ,EAAQM,YAbYP,EAaWlE,EAAKuE,WAZxBtB,KAAKyB,MAAMC,KAAKC,MAAQ,KACvBV,KAgBV,CAAElE,KAAM,CAAEmE,QAAOA,EAAEU,KADE,QAATrE,EAAAR,EAAK6E,YAAI,IAAArE,EAAAA,EAAKR,GACC8E,MAAO,KAC3C,CAOA,IAAAC,EAAA,WASE,SAAAA,IAAA,IAQCC,EAAA3I,KANEA,KAAa4I,QAAU,IAAIF,EAASG,oBAAmB,SAACC,EAAKC,GAE3DJ,EAAazH,QAAU4H,EAEvBH,EAAaxH,OAAS4H,CACzB,GACF,CACF,OAjBgBL,EAAkBG,mBAAuB5H,QAiBxDyH,CAAA,CAlBD,GAyBgB,SAAAM,EACdC,EACAC,GAFF,IA0BCP,EAAA3I,KADC,OArBgB,IAAIiB,SAAW,SAACkI,EAAQhI,GAErCP,EAAA+H,OAAA,OAAA,GAAA,uEACUS,EAAU,wBAAGA,EAAUC,KAAQ,MAAA,CAAA,EAAA,oBAErB,6BAAA,CAAA,EAAMJ,EAAGG,WAExB,OAFM1H,EAASqC,EAAiB5B,OAE3B+G,EAAYE,EAAS,KAAM1H,UAC9ByH,EAAOzH,GACA,CAAA,WAGT,kBAAKwH,EAAYE,EAASE,UACxBnI,EAAOmI,GACA,CAAA,kBAX6BF,8BAe3C,GACH,GAGF,CAKM,SAAgBG,EAAMC,sEAC1B,MAAA,CAAA,EAAO,IAAIvI,SAAQ,SAACkI,GAClBM,YAAW,WAAM,OAAAN,EAAO,KAAK,GAAEK,EACjC,UACD,CC5KK,SAAUE,EAAiBC,GAE/B,IAGMC,EAAQD,EAAME,MAAM,KAE1B,GAAqB,IAAjBD,EAAMlJ,OACR,MAAM,IAAIqH,MAAM,yCAGlB,IARE,8DAQkB+B,KAAKF,EAAM,IAC7B,MAAM,IAAI7B,MAAM,wDAGlB,IAAMgC,EAAYH,EAAM,GACxB,OAAO/F,KAAKK,MDpGR,SAA0B7C,GAC9B,IAGI2I,EAAMC,EAAMC,EACNC,EAAMC,EAAMC,EAJhB3G,EACJ,oEACE4G,EAAS,GAGT/J,EAAI,EAGR,IAFAc,EAAQA,EAAM4E,QAAQ,IAAK,KAAKA,QAAQ,IAAK,KAEtC1F,EAAIc,EAAMX,QAKfsJ,EAJOtG,EAAI6G,QAAQlJ,EAAMsF,OAAOpG,OAIhB,GAHhB4J,EAAOzG,EAAI6G,QAAQlJ,EAAMsF,OAAOpG,QAGF,EAC9B0J,GAAgB,GAAPE,IAAc,GAHvBC,EAAO1G,EAAI6G,QAAQlJ,EAAMsF,OAAOpG,QAGK,EACrC2J,GAAgB,EAAPE,IAAa,GAHtBC,EAAO3G,EAAI6G,QAAQlJ,EAAMsF,OAAOpG,OAIhC+J,GAAkBxK,OAAO0F,aAAawE,GAE1B,IAARI,GAAsB,GAARH,IAChBK,GAAkBxK,OAAO0F,aAAayE,IAE5B,IAARI,GAAsB,GAARH,IAChBI,GAAkBxK,OAAO0F,aAAa0E,IAG1C,OAAOI,CACT,CCyEoBE,CAAgBT,GACpC,CC3GO,ICIMU,EAAwC,CACnDxG,QAAS,SAACP,GACR,OAAK8D,IAIEC,WAAWC,aAAazD,QAAQP,GAH9B,IAIV,EACDE,QAAS,SAACF,EAAKrC,GACRmG,KAILC,WAAWC,aAAa9D,QAAQF,EAAKrC,EACtC,EACDgD,WAAY,SAACX,GACN8D,KAILC,WAAWC,aAAarD,WAAWX,EACrC,GC6CFgH,EAAA,SAAAC,GAcE,SAAAD,EAAYE,EAAiBC,EAAiBC,GAC5C,IAAAnC,EAAAgC,EAAKhL,KAAAK,KAAC4K,IAAS5K,YAHP2I,EAAaoC,eAAG,EAIxBpC,EAAKqC,KAAO,YACZrC,EAAKkC,OAASA,EACdlC,EAAKmC,KAAOA,GACd,CACF,OApB+BlL,EAAK8K,EAAAC,GAoBnCD,CAAD,CApBA,CAA+B3C,OAsB/BkD,EAAA,SAAAN,GAIE,SAAAM,EACEL,EACAI,EACAH,EACAC,GAEA,IAAAnC,EAAAgC,YAAMC,EAASC,EAAQC,IAAM9K,YAC7B2I,EAAKqC,KAAOA,EACZrC,EAAKkC,OAASA,GAChB,CACF,OAdqCjL,EAASqL,EAAAN,GAc7CM,CAAD,CAdA,CAAqCP,GAgBrCQ,EAAA,SAAAP,GACE,SAAAO,IACE,OAAAP,EAAMhL,KAAAK,KAAA,wBAAyB,0BAA2B,SAAKmL,IAAWnL,IAC5E,CACF,OAJ6CJ,EAAesL,EAAAP,GAI3DO,CAAD,CAJA,CAA6CD,GAMvC,SAAUG,EAAY3C,GAC1B,MACmB,iBAAVA,GAAgC,OAAVA,GAAkB,kBAAmBA,CAEtE,EAEA,SAAAkC,GAGE,SAAAU,EAAYT,EAAiBC,EAAgBC,GAC3C,IAAAnC,EAAAgC,YAAMC,EAASC,EAAQC,IAAM9K,YAC7B2I,EAAKqC,KAAO,eACZrC,EAAKkC,OAASA,EACdlC,EAAKmC,KAAOA,GACd,CARgClL,EAASyL,EAAAV,EAS3C,CATA,CAAkCD,GAelC,IAAAY,EAAA,SAAAX,GAEE,SACEW,EAAAV,EACAW,QAAA,IAAAA,IAAAA,EAAsD,MAEtD,IAAA5C,EAAAgC,EAAMhL,KAAAK,KAAA4K,EAAS,iCAAkC,SAAKO,IAAWnL,YALnE2I,EAAO4C,QAA2C,KAMhD5C,EAAK4C,QAAUA,GACjB,CAUF,OAlBoD3L,EAAe0L,EAAAX,GAUjEW,EAAA7L,UAAA+L,OAAA,WACE,MAAO,CACLR,KAAMhL,KAAKgL,KACXJ,QAAS5K,KAAK4K,QACdC,OAAQ7K,KAAK6K,OACbU,QAASvL,KAAKuL,QAEjB,EACFD,CAAD,CAlBA,CAAoDL,GAoBpDQ,EAAA,SAAAd,GAGE,SACEc,EAAAb,EACAW,QAAA,IAAAA,IAAAA,EAAsD,MAEtD,IAAA5C,EAAAgC,EAAMhL,KAAAK,KAAA4K,EAAS,iCAAkC,SAAKO,IAAWnL,YANnE2I,EAAO4C,QAA2C,KAOhD5C,EAAK4C,QAAUA,GACjB,CAUF,OAnBoD3L,EAAe6L,EAAAd,GAWjEc,EAAAhM,UAAA+L,OAAA,WACE,MAAO,CACLR,KAAMhL,KAAKgL,KACXJ,QAAS5K,KAAK4K,QACdC,OAAQ7K,KAAK6K,OACbU,QAASvL,KAAKuL,QAEjB,EACFE,CAAD,CAnBA,CAAoDR,GAqBpDS,EAAA,SAAAf,GAGE,SAAYe,EAAAd,EAAiBe,GAC3B,IAAAhD,EAAAgC,EAAKhL,KAAAK,KAAC4K,IAAS5K,YACf2I,EAAKqC,KAAO,mBACZrC,EAAKgD,cAAgBA,GACvB,CACF,OARsC/L,EAAS8L,EAAAf,GAQ9Ce,CAAD,CARA,CAAsChB,GAUtCkB,EAAA,SAAAjB,GACE,SAAAiB,IACE,OAAAjB,EACEhL,KAAAK,KAAA,+BACA,gCACA,SACAmL,IACAnL,IACJ,CACF,OATmDJ,EAAegM,EAAAjB,GASjEiB,CAAD,CATA,CAAmDX,GAiB7C,SAAUY,EACdpD,GAEA,OAAO2C,EAAY3C,IAAyB,4BAAfA,EAAMuC,IACrC,EAVA,SAAAL,GACE,SAAYmB,EAAAlB,EAAiBC,GAC3B,OAAAF,EAAMhL,KAAAK,KAAA4K,EAAS,0BAA2BC,OAAQM,IAAWnL,IAC/D,CAH2CJ,EAAekM,EAAAnB,EAI5D,CAJA,CAA6CM,GCtMtC,ICKPc,EAAA,WAIE,SAAAA,EAAYC,QAAA,IAAAA,IAAAA,EAA2B,CAAA,GAF7BhM,KAAAiM,OAAoDrG,QAAQsG,IAGpElM,KAAKmM,mBAAqBH,EAAOI,MACL,mBAAjBJ,EAAOI,QAChBpM,KAAKiM,OAASD,EAAOI,MAEzB,CAeF,OAXYL,EAAAtM,UAAA4M,OAAV,eAAiB,IAAcC,EAAA,GAAAC,EAAA,EAAdA,EAAc9L,UAAAC,OAAd6L,IAAAD,EAAcC,GAAA9L,UAAA8L,GAC7B,GAAIvM,KAAKmM,iBAAkB,CACzB,IAAMK,EAAQxM,KAAKyM,WAAazM,KAAKyM,aAAe,GACpDzM,KAAKiM,OAAMtL,MAAXX,KACE+C,EAAA,CAAA,cAAAO,OAAckJ,EAAU,MAAAlJ,ODtBT,sBCsBqB,IAAIgF,MAAOoE,gBAC5CJ,GACH,GACJ,CAEA,OAAOtM,IACR,EACF+L,CAAD,CAxBA,GCNMY,EACc,oBAAXC,OAAyBA,YAASzB,EAErC0B,EACkB,oBAAfpF,WAA6BA,WAAakF,EACtCvF,EAAWyF,aAAA,EAAAA,EAAQzF,SAInB0F,EAASD,EAAeC,MCG/BC,EAAU,SAACC,QAAA,IAAAA,IAAAA,EAAwC,CAAA,GACvD,IAAID,EAAU,CAAE,EAIhB,OAHIC,aAAI,EAAJA,EAAMrD,SACRoD,EAAe5M,EAAAA,EAAA,CAAA,EAAA4M,GAAS,CAAAE,cAAe,UAAU3J,OAAA0J,eAAAA,EAAMrD,UAGpDxJ,EAAAA,EAAA,CAAA,EAAA6M,aAAI,EAAJA,EAAMD,SACNA,EAEP,EAEMG,EAAa,SAAAC,+DACjB,OAAAvM,OAAA,EAAAmC,EAAA,CAAAoK,GAAAC,GAAA,QAAA,GAAA,SAAAtE,EACAuE,yBAAA,IAAAA,IAAAA,EAA2C,CAAA,qDAE9BA,EAAQC,IAAM,CAAA,EAAMxE,EAAIyE,QAAb,CAAA,EAAA,iBAAGxJ,EAAAyJ,eAAmB,KAAA,EAAA,MAAA,CAAA,EAAM1E,EAAI2E,eAAV1J,EAAAyJ,0BAC9C,OADM1L,EAAwDiC,EAC1D+E,EAAI+B,QAAU,IACT,CAAA,EAAA,CACLlH,KAAM7B,EACN2G,MAAO4E,EAAQC,IAAsB,QAAhBnJ,EAAAN,KAAKK,MAAMpC,UAAK,IAAAqC,OAAA,EAAAA,EAAEyG,QAAU9I,aAAI,EAAJA,EAAM8I,UAGpD,CAAA,EAAA,CAAEjH,KAAM7B,EAAM2G,MAAO,eAGjBiF,EAAQ,SAAAC,EAAAC,8GACnBC,EACAlK,EACA0J,qBAAA,IAAAA,IAAAA,EAA2C,CAAA,8CAG7B,6BAAM,CAAA,EAAAP,EAAMe,EAAK,CAC3BC,OAAQ,OACRhM,KAAM+B,KAAKC,UAAUH,GACrBoJ,QAAO5M,EAAAA,EAAA,CAAA,EAAO4M,EAAQM,IAAU,CAAA,eAAgB,+BAGlD,OANMvE,EAAM/E,EAIV5B,OAEF,CAAA,EAAO+K,EAAWpE,EAAKuE,WAEvB,MAAO,CAAA,EAAA,CAAE1J,KAAM,KAAM8E,0CAIZsF,EAAO,SAAAJ,+DAClB,OAAA/M,OAAA,EAAAmC,EAAA,CAAA4K,GAAAP,GAAA,QAAA,GAAA,SAAAS,EACAR,qBAAA,IAAAA,IAAAA,EAA2C,CAAA,8CAG7B,6BAAA,CAAA,EAAMP,EAAMe,EACnB1N,EAAAA,EAAA,CAAA,EAAAkN,IACHS,OAAQ,MACRf,QAASA,EAAQM,cAGnB,OANMvE,EAAM/E,EAIV5B,OAEF,CAAA,EAAO+K,EAAWpE,EAAKuE,WAEvB,MAAO,CAAA,EAAA,CAAE1J,KAAM,KAAM8E,0CChEzBuF,EAAA,SAAArD,GACE,SAAmBqD,EAAAC,EAAkBjC,GACnC,IAAArD,EAAAgC,EAAKhL,KAAAK,KAACgM,IAAQhM,YADG2I,EAAQsF,SAARA,GAEnB,CAmBF,OAtB2CrO,EAAOoO,EAAArD,GAItCqD,EAAAvO,UAAAgN,WAAV,WACE,MAAO,KACR,EAEKuB,EAAOvO,UAAAyO,QAAb,SAAcC,qGAMA,OAFNN,EAAM,GAAAvK,OAAGtD,KAAKiO,SAAQ,YAAA3K,OAAW,IAAI8K,gBAAgBD,IAC3DnO,KAAKqM,OAAO,qBAAcwB,IACd,CAAA,EAAME,EAAKF,WAEvB,OAFM/E,EAAM/E,EAAe5B,OAC3BnC,KAAKqM,OAAOvD,GACRA,EAAIL,MACC,CAAA,EAAA,CAAEA,MAAOK,EAAIL,MAAO9E,KAAM,OAE1B,CAAA,EAAA,CAAE8E,MAAO,KAAM9E,KAAM,aAE/B,EACFqK,CAAD,CAtBA,CAA2CjC,GC2BvCtE,YACAD,KACAC,WAAWC,cACXD,WAAWC,aAAazD,QAAQ,kCASpC,IAAAoK,EAAA,SAAA1D,GAGE,SAAA0D,EAAYzD,GACV,IAAAjC,EAAAgC,EAAKhL,KAAAK,KAAC4K,IAAS5K,YAHD2I,EAAgB2F,kBAAG,GAInC,CACF,OANsD1O,EAAKyO,EAAA1D,GAM1D0D,CAAD,CANA,CAAsDtG,gBA4IhCwG,EACpBvD,EACAwD,EACAvF,6FAEO,MAAM,CAAA,EAAAA,KAAb,KAAA,EAAA,MAAA,CAAA,EAAOlF,gBACR,EA1ID,SAAA4G,GAAA,SAAA8D,kDAA+E,CAAzB7O,EAAuB6O,EAAA9D,EAAE,CAA/E,CAAsD0D,GCjDtD,IAAAK,EAAA,SAAA/D,GAIE,SAAA+D,EAAY1C,QAAA,IAAAA,IAAAA,EAA2B,CAAA,GACrC,IAAArD,EAAAgC,EAAKhL,KAAAK,KAACgM,IAAQhM,YACd2I,EAAKgG,WAAaD,EAAKE,eACvBF,EAAKE,gBAAkB,GACzB,CAKF,OAbmChP,EAAO8O,EAAA/D,GAUxC+D,EAAAjP,UAAAgN,WAAA,WACE,OAAOzM,KAAK2O,WAAWnK,UACxB,EAXckK,EAAcE,eAAG,EAYjCF,EAbD,CAAmC3C,GCQnC8C,EAAA,SAAAlE,GAOE,SAAAkE,EAAYxB,GACV,IAAA1E,EAAAgC,EAAMhL,KAAAK,KAAA,CAAEoM,MAAOiB,EAAQjB,SAASpM,YANlC2I,EAAYmG,cAAG,EACLnG,EAAaoG,cAAmB,GAMxCpG,EAAKqG,KAAO3B,EAAQ2B,MAAQT,EAC5B5F,EAAKtC,WAAagH,EAAQhH,YAC5B,CAuFF,OAlG0BzG,EAAIiP,EAAAlE,GAgBtBkE,EAAApP,UAAAwP,aAAN,SACET,EACAvF,4GAEAjJ,KAAKqM,OAAO,gBAAiB,QAASmC,oBAGpC,6BAAIxO,KAAK8O,cACDI,EAAOlP,KAAK+O,cAAcrO,OAC5BV,KAAK+O,cAAc/O,KAAK+O,cAAcrO,OAAS,GAC/CO,QAAQC,UAENiO,EAAUvO,EAAA+H,OAAA,OAAA,GAAA,sDACd,KAAA,EAAA,MAAA,CAAA,EAAMuG,UACC,OADPnL,EAAA5B,OACa,CAAA,EAAA8G,KAAb,KAAA,EAAA,MAAA,CAAA,EAAOlF,aACR,IAED/D,KAAK+O,cAAcjM,KAChBlC,EAAA+H,OAAA,OAAA,GAAA,6DAEG,6BAAA,CAAA,EAAMwG,gEAOZ,CAAA,EAAOA,IAGI,CAAA,EAAAnP,KAAKgP,KAChB,QAAA1L,OAAQtD,KAAKqG,YACbmI,GACA,WAAA,OAAA5N,EAAA+H,OAAA,OAAA,GAAA,4EACE3I,KAAKqM,OACH,gBACA,gCACArM,KAAKqG,6BAkBL,6BAdArG,KAAK8O,cAAe,EAEdM,EAASnG,IAEfjJ,KAAK+O,cAAcjM,KAChBlC,EAAA+H,OAAA,OAAA,GAAA,6DAEG,6BAAA,CAAA,EAAMyG,gEAOZ,CAAA,EAAMA,UAANrL,EAAA5B,+BAGOnC,KAAK+O,cAAcrO,QAClB2O,EAAatM,EAAA,GAAA/C,KAAK+O,kBAExB,CAAA,EAAM9N,QAAQqO,IAAID,KAHY,CAAA,EAAA,iBAG9BtL,EAAA5B,OAEAnC,KAAK+O,cAAcQ,OAAO,EAAGF,EAAO3O,cAG/B,KAAA,EAAA,MAAA,CAAA,EAAM0O,GAAb,KAAA,EAAA,MAAA,CAAA,EAAOrL,wBAEP/D,KAAKqM,OACH,gBACA,gCACArM,KAAKqG,YAGPrG,KAAK8O,cAAe,0BAEvB,GAAA,KA9CH,KAAA,EAAA,MAAA,CAAA,EAAO/K,wBAiDP/D,KAAKqM,OAAO,gBAAiB,kCAEhC,EACFwC,CAAD,CAlGA,CAA0BH,GCPpB,SAAUc,EAAuBC,GACrC,IAAM/N,EAA0C,CAAE,EAE5CmM,EAAM,IAAI6B,IAAID,GAEpB,GAAI5B,EAAI1I,MAAwB,MAAhB0I,EAAI1I,KAAK,GACvB,IAC2B,IAAIiJ,gBAAgBP,EAAI1I,KAAKwK,UAAU,IAC/CC,SAAQ,SAACvO,EAAOqC,GAC/BhC,EAAOgC,GAAOrC,CAChB,GACD,CAAC,MAAOG,GACP,CASJ,OAJAqM,EAAIgC,aAAaD,SAAQ,SAACvO,EAAOqC,GAC/BhC,EAAOgC,GAAOrC,CAChB,IAEOK,CACT,CAEO,IAAMoO,EAAqB,SAACC,QAAA,IAAAA,IAAAA,EAA4B,IAC7D,IAAMlC,EAAM,IAAI6B,IAAI9C,OAAOoD,SAASP,MAEpCM,EAAcH,SAAQ,SAACK,GACrBpC,EAAIgC,aAAaK,OAAOD,EAC1B,IAEApC,EAAI1I,KAAO,GAEXyH,OAAOuD,QAAQC,aAAaxD,OAAOuD,QAAQE,MAAO,GAAIxC,EAAIrJ,WAC5D,EC3BA,SAAS8L,IACP,IAAK1D,EAAQ,MAAM,IAAI7E,MAAM,4BAC7B,OAAO6E,CACT,CAEO,IAAM2D,EAAgB,CAC3BC,SAdF,SAAkB3C,GAChByC,IAAYN,SAAWnC,CACzB,EAaE4C,YAXF,WACE,OAAOH,IAAYlJ,QACrB,EAUEkJ,UAAWA,GC0CPI,EAA6B,IAMnCC,EAAA,SAAAhG,GA8BE,SAAAgG,EAAY3E,GAAZ,MjB5DA4E,EiB6HCjI,EAAA3I,KAhEOoM,GAAQJ,aAAA,EAAAA,EAAQI,SAAS,EAK/B,IAJAzD,EAAAgC,EAAMhL,KAAAK,KAAA,CAAEoM,MAAKA,KAAIpM,MAzBQ6Q,kBAAqC,KACtDlI,EAAkBmI,oBAAG,EASrBnI,EAAiBoI,kBAA0C,KAC3DpI,EAAyBqI,0BAAgC,KAEzDrI,EAAkBsI,mBAA4C,KAK9DtI,EAAgBuI,iBAA4B,KAC5CvI,EAAAwI,oBAAiD,IAAIC,IAQ7DzI,EAAK0I,uBAAyB,EAC9B1I,EAAK2I,cAAetF,aAAM,EAANA,EAAQsF,eAAgB,KACvCtF,aAAA,EAAAA,EAAQuF,QACX,MAAM,IAAIxJ,MAAM,kBAKlB,GAHAY,EAAKiI,UjB5DgB,SAACA,GACxB,IAAK,sBAAsB9G,KAAK8G,GAAY,CAC1C,IAAMY,GAAW,OAAAxB,eAAA,IAAAA,cAAA,EAAAA,SAAUwB,WAAY,QACvC,MAAO,GAAGlO,OAAAkO,EAAa,MAAAlO,OAAAsN,EACzB,CAEA,OAAOA,CACT,CiBqDqBa,CAAUzF,EAAOuF,QAElC5I,EAAK+I,ajBvEPd,EiBuEwCjI,EAAKiI,UjBjEtC,GAAAtN,OAAGsN,KiBkEH5E,EAAO2F,SACV,MAAM,IAAI5J,MAAM,oBAElBY,EAAKgJ,SAAW3F,EAAO2F,SAEvBhJ,EAAKiJ,IAAM,IAAI5D,EAAcrF,EAAKiI,UAAW,CAAExE,MAAKA,IAGpD,IAAMyF,GAAa7F,aAAA,EAAAA,EAAQ3F,ablHJ,aa6HvB,GAVAsC,EAAKtC,WAAa,GAAG/C,OAAAuO,cAAclJ,EAAKgJ,UAExChJ,EAAKlF,SAAUuI,aAAM,EAANA,EAAQvI,UAAWgH,EAElC9B,EAAKqG,KAAO,IAAIH,EAAK,CACnBG,KAAMhD,EAAOgD,KACb3I,WAAYsC,EAAKtC,WACjB+F,MAAOJ,EAAOI,QAIdjF,KACAM,WAAWqK,kBAEXnJ,EAAKtC,WACL,CACA,IACEsC,EAAKuI,iBAAmB,IAAIzJ,WAAWqK,iBACrCnJ,EAAKtC,WAER,CAAC,MAAO7E,GACPoE,QAAQ6C,MACN,yFACAjH,EAEJ,CAEqB,QAArBuC,EAAA4E,EAAKuI,wBAAgB,IAAAnN,GAAAA,EAAEgO,iBAAiB,WAAW,SAAOC,GAAK,OAAApR,EAAA+H,OAAA,OAAA,GAAA,6DAM7D,OALA3I,KAAKqM,OACH,2DACA2F,GAGF,CAAA,EAAMhS,KAAKiS,sBACTD,EAAMrO,KAAKqO,MACXA,EAAMrO,KAAKmE,SACX,kBAHF/D,EAIC5B,cACF,GAAA,GACH,QAEAwG,EAAKuJ,kBAAmB,EAExBvJ,EAAKwJ,cACP,CA44CF,OA3+CsCvS,EAAI+Q,EAAAhG,GAsGlCgG,EAAAlR,UAAA0S,WAAN,uHACMnS,KAAK6Q,kBACM,CAAA,EAAA7Q,KAAK6Q,mBADM,CAAA,EAAA,GACxB,KAAA,EASF,KAAA,EAAA,MAAA,CAAA,EAAO9M,iBAAA,OANP/D,KAAK6Q,kBAAqBjQ,EAAA+H,OAAA,OAAA,GAAA,wEACjB,MAAM,CAAA,EAAA3I,KAAKgP,KAAKC,cAAe,GAAE,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,sDAC/B,KAAA,EAAA,MAAA,CAAA,EAAM3I,KAAKoS,eAAlB,KAAA,EAAA,MAAA,CAAA,EAAOrO,aACR,GAAA,KAFD,KAAA,EAAA,MAAA,CAAA,EAAOA,aAGR,IAEY,CAAA,EAAA/D,KAAK6Q,yBACnB,EAQaF,EAAAlR,UAAA2S,YAAd,8HAEiB,+BAAA,CAAA,EAAMpS,KAAKqS,0BAKpB,OALEC,EAAOnO,EAA4BhC,OAEzCnC,KAAKqM,OAAO,iBAAkB,QAAS,YAAaiG,GAGhDA,EACsB,CAAA,EAAMtS,KAAKuS,mBAAmBD,IADhD,CAAA,EAAA,UAEF,OADEvO,EAAkBI,SAAhBR,EAAII,EAAAJ,MAAE8E,EAAK1E,EAAA0E,QAEjBzI,KAAKqM,OACH,iBACA,mCACA5D,GAMmB,gCAAnBA,eAAAA,EAAOmC,UACY,gDAAnBnC,aAAA,EAAAA,EAAOmC,SAEP,CAAA,EAAO,CAAEnC,MAAKA,IAKhB,CAAA,EAAMzI,KAAKwS,mBAlBJ,CAAA,EAAA,UAoBP,OAFArO,EAAAhC,OAEA,CAAA,EAAO,CAAEsG,MAAKA,WAahB,OAVQgK,EAA0B9O,EAAnBmE,QAAE4K,EAAiB/O,eAElC3D,KAAKqM,OACH,iBACA,0BACAoG,EACA,gBACAC,GAGF,CAAA,EAAM1S,KAAK2S,aAAaF,WAUxB,OAVAtO,EAAAhC,OAEAsH,YAAW,WAAA,OAAA7I,EAAA+H,OAAA,OAAA,GAAA,6DACL,MAAiB,aAAjB+J,EAA2B,CAAA,EAAA,GACvB,CAAA,EAAA1S,KAAKiS,sBAAsB,oBAAqBQ,kBAAtD1O,EAAA5B,oBAEA,MAAM,CAAA,EAAAnC,KAAKiS,sBAAsB,YAAaQ,WAA9C1O,EAAA5B,wCAEH,GAAE,GAEH,CAAA,EAAO,CAAEsG,MAAO,cAGlB,MAAA,CAAA,EAAMzI,KAAK4S,6BACX,OADAzO,EAAAhC,OACA,CAAA,EAAO,CAAEsG,MAAO,cAEhB,OAAI2C,cACF,CAAA,EAAO,CAAE3C,MAAKoK,IAGT,CAAA,EAAA,CACLpK,MAAO,IAAIiD,EACT,yCACAmH,KAIJ,KAAA,EAAA,MAAA,CAAA,EAAM7S,KAAK8S,0CAAX3O,EAAAhC,OACAnC,KAAKqM,OAAO,iBAAkB,mCAEjC,EAKasE,EAAkBlR,UAAA8S,mBAAhC,SAAiCD,uIASzB,yBADEnE,EAASqB,EAAuB5C,EAAOoD,SAASP,MAC1C,QAAR6C,EAAA,MAAc,CAAA,EAAA,GAChB,IAAKnE,EAAOrD,KACV,MAAM,IAAIW,EAA+B,qBAGnB,MAAM,CAAA,EAAAzL,KAAK+S,wBAAwB5E,EAAOrD,cAClE,GADM/G,EAAkBiP,EAA+C7Q,OAA/DyL,EAAI7J,EAAAJ,KAAEsP,EAAKlP,EAAA0E,MACR,MAAMwK,EAKjB,OAFAnD,EAAmB,CAAC,SAEb,CAAA,EAAA,CACLnM,KAAM,CAAEmE,QAAS8F,EAAK9F,QAASoL,aAAc,MAC7CzK,MAAO,cAIX,GAAI0F,EAAO1F,OAAS0F,EAAOgF,mBAAqBhF,EAAOiF,WACrD,MAAM,IAAI9H,EACR6C,EAAOgF,mBACL,kDACF,CACE1K,MAAO0F,EAAO1F,OAAS,oBACvBqC,KAAMqD,EAAOiF,YAAc,qBAejC,GATEC,EAOElF,EAPYkF,eACdC,EAMEnF,EANoBmF,uBACtBtL,EAKEmG,EAAMnG,aAJRC,EAIEkG,EAAMlG,cAHRC,EAGEiG,aAFF/F,EAEE+F,aADFoF,EACEpF,eAECnG,GAAiBE,GAAeD,GAAkBsL,GACrD,MAAM,IAAIjI,EAA+B,6BAUnB,OANlBnH,EfnDsB,SAACJ,GACjC,IAAAmE,eACAE,EAAUrE,EAAAqE,WACVoL,EAAWzP,EAAAyP,YAMLC,EAAU7M,KAAKyB,MAAMC,KAAKC,MAAQ,KAClCV,EAAY6L,SAASxL,GACvByL,EAAYF,EAAU5L,EAEtBO,IACFuL,EAAYD,SAAStL,IAGvB,IAAMwL,EAAoBD,EAAYF,EACd,IAApBG,GAA4BJ,GAC9B5N,QAAQC,KACN,iEAAAvC,OAAiEsQ,EAAkD,kCAAAtQ,OAAAuE,EAAY,MAInI,IAAMgM,EAAWF,EAAY9L,EAiB7B,OAhBI4L,EAAUI,GAAY,IACxBjO,QAAQC,KACN,kGACAgO,EACAF,EACAF,GAEOA,EAAUI,EAAW,GAC9BjO,QAAQC,KACN,8GACAgO,EACAF,EACAF,GAIG,CAAE5L,UAASA,EAAE8L,UAASA,EAC/B,CeSuCG,CAAmB,CAClD5L,WAAUA,EACVE,WAAUA,EACVoL,YAAa9C,IAHPiD,EAASxP,EAAAwP,UAAE9L,cAMK,CAAA,EAAM7H,KAAK+T,SAAS/L,WAE5C,GAFMwF,EAAkBwF,SAAhBrP,EAAI6J,EAAA7J,MAAE8E,EAAK+E,EAAA/E,SAEL9E,EAAK6E,KAAM,MAAMC,EAuB/B,OArBMX,EAAmB,CACvBuL,eAAcA,EACdC,uBAAsBA,EACtBtL,aAAYA,EACZE,WAAYL,EACZO,WAAYuL,EACZ1L,cAAaA,EACbsL,WAAUA,EACV/K,KAAM7E,EAAK6E,MAIbsH,EAAmB,CACjB,eACA,aACA,gBACA,aACA,UAEF9P,KAAKqM,OAAO,wBAAyB,iCAErC,CAAA,EAAO,CAAE1I,KAAM,CAAEmE,QAAOA,EAAEoL,aAAc/E,EAAO6F,MAAQvL,MAAO,cAG9D,cADAzI,KAAKqM,OAAO4H,GACR7I,EAAY6I,GACd,MAAA,CAAA,EAAO,CAAEtQ,KAAM,CAAEmE,QAAS,KAAMoL,aAAc,MAAQzK,MAAKwL,IAE7D,MAAMA,yBAET,EAEatD,EAAuBlR,UAAAsT,wBAArC,SAAsCmB,kHAUhB,KAAA,EAAA,MAAA,CAAA,EAAMlQ,EACxBhE,KAAKyD,QACL,GAAGH,OAAAtD,KAAKqG,WAA0B,2BAMhB,OARd8N,EAAcnB,EAGnB7Q,OACK4B,GAAiCoQ,QAAAA,EAAe,IAAetK,MACnE,KADKtD,OAAc2M,OAID,CAAA,EAAMxF,EACxB,GAAApK,OAAGtD,KAAK4Q,0BACR,CACEwD,UAAWpU,KAAK2R,SAChB0C,WAAY,qBACZvJ,KAAMoJ,EACNI,cAAe/N,YAMnB,GAZMgO,EAAcvB,EAQnB7Q,OAEKgC,EAAkByD,EAAiB2M,GAAjC5Q,EAAIQ,EAAAR,KAAE8E,EAAKtE,EAAAsE,OAEd9E,EACH,MAAM,IAAIoE,MAAM,gBAGlB,MAAA,CAAA,EAAM3D,EAAgBpE,KAAKyD,QAAS,GAAGH,OAAAtD,KAAKqG,WAA0B,2BACtE,OADA2M,EAAA7Q,OACIsG,EACK,CAAA,EAAA,CAAE9E,KAAM,CAAE6E,KAAM,KAAMV,QAAS,KAAMoL,aAAc,MAAQzK,MAAKA,IAC7D9E,GAASA,EAAKmE,SAAYnE,EAAK6E,MAMvCV,EAAUnE,EAAKmE,SAEuB,CAAA,EAAA9H,KAAK+T,SAC3CjM,EAAQE,eAFD,CAAA,EAAA,GANF,CAAA,EAAA,CACLrE,KAAM,CAAE6E,KAAM,KAAMV,QAAS,KAAMoL,aAAc,MACjDzK,MAAO,IAAImD,WAQb,GAHM4B,EAA4BwF,EAEjC7Q,OAFaqS,EAAQhH,EAAA7J,MAAE8Q,EAAKjH,EAAA/E,SAGf+L,EAAShM,KACrB,MAAMiM,EASR,OANA3M,EAAO3H,EAAAA,EAAA,CAAA,EACF2H,GACH,CAAAU,KAAMgM,EAAShM,OAEjB7E,EAAKmE,QAAUA,EAEf,CAAA,EAAM9H,KAAK2S,aAAa7K,WACxB,OADAkL,EAAA7Q,OACM,CAAA,EAAAnC,KAAKiS,sBAAsB,YAAanK,WAA9CkL,EAAA7Q,wBAEF,MAAO,CAAA,EAAA,CACLwB,KAAMxD,EAAAA,EAAA,CAAA,EAAKwD,GAAI,CAAEuP,aAAcA,QAAAA,EAAgB,OAC/CzK,MAAKA,UAER,EAOakI,EAAAlR,UAAAqT,wBAAd,kHAGE,GAFA9S,KAAKqM,OAAO,+BAEPlF,OAAgByF,eAAAA,EAAQmF,kBAM3B,OALI/R,KAAKkS,kBAEPlS,KAAK0U,mBAGP,CAAA,GAAO,oBAcP,6BAVA1U,KAAKgR,0BAA4B,WAAA,OAAApQ,EAAA+H,OAAA,OAAA,GAAA,WAAA,OAAA9G,EAAA7B,MAAA,SAAA+D,mBAC/B,KAAA,EAAA,MAAA,CAAA,EAAM/D,KAAK2U,sBAAqB,IAAhC,KAAA,EAAA,MAAA,CAAA,EAAA5Q,gBAAsC,EAExC6I,SAAAA,EAAQmF,iBACN,mBACA/R,KAAKgR,2BAKP,CAAA,EAAMhR,KAAK2U,sBAAqB,kBAAhC5Q,EAAqC5B,sCAErCyD,QAAQ6C,MAAM,0BAA2BmM,gCAE5C,EAKajE,EAAoBlR,UAAAkV,qBAAlC,SAAmCE,0GAI7B,OAHEC,EAAa,yBAAAxR,OAAyBuR,EAAoB,KAChE7U,KAAKqM,OAAOyI,EAAY,kBAAmB1N,EAAS2N,iBAEnB,YAA7B3N,EAAS2N,gBAA6B,CAAA,EAAA,IACpC/U,KAAKkS,kBAGPlS,KAAKgV,oBAGFH,EAAoB,CAAA,EAAA,GAKjB,CAAA,EAAA7U,KAAK6Q,2BAEX,OAFA9M,EAAA5B,OAEM,CAAA,EAAAnC,KAAKgP,KAAKC,cAAe,GAAE,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,6DAC/B,MAAiC,YAA7BvB,EAAS2N,iBACX/U,KAAKqM,OACHyI,EACA,4GAIK,CAAA,IAIT,CAAA,EAAM9U,KAAK4S,oCAAX7O,EAAA5B,cACD,GAAA,YAbD4B,EAAA5B,2CAeoC,WAA7BiF,EAAS2N,iBACd/U,KAAKkS,kBACPlS,KAAKiV,oDAGV,EAMatE,EAAAlR,UAAAmT,mBAAd,uHACQsC,EAAY,wBAClBlV,KAAKqM,OAAO6I,EAAW,0BAGE,iCAAM,CAAA,EAAAlR,EAAahE,KAAKyD,QAASzD,KAAKqG,oBAGzD,OAHE8O,EAAiBhR,EAAiDhC,OACxEnC,KAAKqM,OAAO6I,EAAW,uBAAwBC,GAE1CnV,KAAKoV,gBAAgBD,GAAe,CAAA,EAAA,IACvCnV,KAAKqM,OAAO6I,EAAW,wBACA,OAAnBC,EAAuB,CAAA,EAAA,GACzB,CAAA,EAAMnV,KAAKwS,0BAAXrO,EAAAhC,wBAGF,MAAO,CAAA,UAcL,OAXEsR,EAAU7M,KAAKyB,MAAMC,KAAKC,MAAQ,KAClC8M,GAC0B,QAA7BtR,EAAAoR,EAAe/M,kBAAc,IAAArE,EAAAA,EAAAsF,KAAYoK,Eb1gBrB,Ga4gBvBzT,KAAKqM,OACH6I,EACA,cAAA5R,OACE+R,EAAoB,GAAK,0Cb/gBN,GaghBmB,MAGtCA,EACErV,KAAKkS,kBAAoBiD,EAAelN,cAClB,CAAA,EAAAjI,KAAKsV,kBAC3BH,EAAelN,gBAFsC,CAAA,EAAA,GADtC,CAAA,EAAA,UAMb,OAJIQ,EAAUtE,EAEjBhC,OAFYsG,QAKX7C,QAAQ6C,MAAMA,GAEToD,EAA0BpD,GAAM,CAAA,EAAA,IACnCzI,KAAKqM,OACH6I,EACA,kEACAzM,GAEF,CAAA,EAAMzI,KAAKwS,oBATN,CAAA,EAAA,UASLrO,EAAAhC,4CAQN,MAAM,CAAA,EAAAnC,KAAKiS,sBAAsB,YAAakD,YAA9ChR,EAAAhC,+CAMF,kBAHAnC,KAAKqM,OAAO6I,EAAW,QAASK,GAEhC3P,QAAQ6C,MAAM8M,GACP,CAAA,kBAEPvV,KAAKqM,OAAO6I,EAAW,mCAE1B,EAQOvE,EAAAlR,UAAA+V,iCAAR,WACExV,KAAKqM,OAAO,uCAEZ,IAAMoJ,EAAWzV,KAAKgR,0BACtBhR,KAAKgR,0BAA4B,KAEjC,IACMyE,GAAYtO,MAAeyF,aAAM,EAANA,EAAQ8I,sBACrC9I,EAAO8I,oBAAoB,mBAAoBD,EAElD,CAAC,MAAOjU,GACPoE,QAAQ6C,MAAM,4CAA6CjH,EAC7D,CACD,EAwBKmP,EAAAlR,UAAAiV,iBAAN,qGAEE,OADA1U,KAAKwV,mCACL,CAAA,EAAMxV,KAAKgV,mCAAXjR,EAAA5B,iBACD,EAMawO,EAAAlR,UAAAuV,kBAAd,2GACE,KAAA,EAAA,MAAA,CAAA,EAAMhV,KAAKiV,kCAAXlR,EAAA5B,OAEAnC,KAAKqM,OAAO,wBAENsJ,EAASC,aACb,WAAM,OAAAjN,EAAKkN,uBAAuB,GAClCnF,GAEF1Q,KAAK+Q,kBAAoB4E,EAGvBA,GACkB,iBAAXA,GACiB,mBAAjBA,EAAOG,MAQdH,EAAOG,aAG6B,IAA5BrO,WAAmBsO,MACoB,mBAAvCtO,WAAmBsO,KAAKC,YAKhCD,KAAKC,WAAWL,GAMlBlM,YAAW,WAAA,OAAA7I,EAAA+H,OAAA,OAAA,GAAA,6DACT,MAAM,CAAA,EAAA3I,KAAK6Q,0BACX,OADA9M,EAAA5B,OACA,CAAA,EAAMnC,KAAK6V,uCAAX9R,EAAA5B,iBACD,GAAE,aACJ,EAMawO,EAAAlR,UAAAwV,iBAAd,2FACEjV,KAAKqM,OAAO,uBAENsJ,EAAS3V,KAAK+Q,kBACpB/Q,KAAK+Q,kBAAoB,KAErB4E,GACFM,cAAcN,YAEjB,EAKahF,EAAAlR,UAAAoW,sBAAd,kHACE7V,KAAKqM,OAAO,2BAA4B,0BAGtC,6BAAA,CAAA,EAAMrM,KAAKgP,KAAKC,aAAa,GAAG,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,kGAEtBuN,EAAM5N,KAAKC,uBAGR,6BAAA,CAAA,EAAMvI,KAAKmW,aAAY,SAAOzU,GAAM,OAAAd,EAAA+H,OAAA,OAAA,GAAA,qEAKzC,OAHUb,EACNpG,EAAMiC,KAAAmE,UAEOA,EAAQG,eAAkBH,EAAQM,YAM7CgO,EAAiBxP,KAAKC,OACJ,IAArBiB,EAAQM,WAAoB8N,GAAOxF,GAGtC1Q,KAAKqM,OACH,2BACA,2BAAA/I,OAA2B8S,EAAc,yBAAA9S,OAAwBoN,EAA0B,6BAAApN,OApoBvE,EAooB8H,WAGhJ8S,GAvoBkB,EAwoBd,CAAA,EAAApW,KAAKsV,kBAAkBxN,EAAQG,gBADU,CAAA,EAAA,KAd/CjI,KAAKqM,OAAO,2BAA4B,cACjC,CAAA,WAcPtI,EAAA5B,qCAEH,GAAA,KAvBD,KAAA,EAAA,MAAA,CAAA,EAAO4B,mCAyBP6B,QAAQ6C,MACN,yEACA4N,0CAIJrW,KAAKqM,OAAO,2BAA4B,+BAE3C,GAAA,mBAtCDtI,EAAA5B,oBAwCA,kBAAMmM,kBAAoBhF,aAAa+E,GAGrC,MAAM/E,SAFNtJ,KAAKqM,OAAO,2EAKjB,EAyBasE,EAAAlR,UAAA4S,gBAAd,sFAME,OALMlE,EAASqB,EAAuB5C,EAAOoD,SAASP,OAEhD6G,EAAUnP,MAGDgH,EAAOrD,KACpB,CAAA,EAAO,QAILwL,IAAYnI,EAAOnG,cAAgBmG,EAAOgF,mBAC5C,CAAA,EAAO,YAET,CAAA,EAAO,WACR,EAEOxC,EAAAlR,UAAA8W,OAAR,WACE,OAAOvW,KAAKwW,OAAS,sBACtB,EAEa7F,EAAAlR,UAAAgX,qBAAd,SACE5I,EACAM,2GAmBiB,OAVbuI,EAAiCvI,EAAOwI,aAAe,CAAE,EAEvDC,EAAwC,CAC5CxC,UAAWpU,KAAK2R,SAChBkF,cAAe1I,EAAO0I,cACtBvF,aACEnD,EAAO2I,YAAc9W,KAAKsR,cAAgB1E,EAAOoD,SAAS+G,OAC5DP,MAAOrI,EAAO6I,QAAUhX,KAAKuW,UAGd,CAAA,EAAMvW,KAAKqS,0BAExB,MAAa,SAFAlO,EAA4BhC,OAEtB,CAAA,EAAA,GAEb,CAAA,EAAA+D,EAA0BlG,KAAKyD,QAASzD,KAAKqG,oBAD/CtC,EACJI,SADK+C,EAAanD,EAAA,GAAEkT,EAAmBlT,EAAA,GAGzC2S,EAASvW,EAAAA,EAAA,CAAA,EACJuW,GAAS,CACZQ,eAAgBhQ,EAChBiQ,sBAAuBF,qBAU3B,OALI9I,EAAOiJ,aACTR,EAAiBQ,WAAajJ,EAAOiJ,YAIhC,CAAA,EAAA,GAAA9T,OAAGuK,EAAG,KAAAvK,OAAI,IAAI8K,gBAChBjO,EAAAA,EAAA,CAAA,EAAAuW,GACAE,YAEN,EAEKjG,EAAyBlR,UAAA4X,0BAA/B,SACEC,6FAEO,MAAM,CAAA,EAAAtX,KAAKuX,wBAAwB,CACxCH,WAAYE,EAAYF,WACxBN,WAAYQ,aAAA,EAAAA,EAAaR,WACzBE,OAAQM,aAAA,EAAAA,EAAaN,OACrBL,YAAaW,EAAYX,YACzBa,oBAAqBF,EAAYE,uBALnC,KAAA,EAAA,MAAA,CAAA,EAAOzT,gBAOR,EAEK4M,EAA0BlR,UAAAgY,2BAAhC,SAAiC9T,4GAkBP,OAXlB+T,EAAiB,SAAOC,GAAgB,OAAA/W,EAAA+H,OAAA,OAAA,GAAA,mDAC5C/C,QAAQsG,IAAI,UACZtG,QAAQsG,IAAI0L,IACNC,EAAMzQ,EAAS0Q,cAAc,QAC/BC,UAAYJ,EACHvQ,EAAStF,KAAKkW,YAAYH,GACpCI,SAAS,GAEPC,kBACN,EAEuB,CAAA,EAAMxK,EAC5B,GAAApK,OAAGtD,KAAK4Q,qCACR,CACEuH,SAAUxU,EAAKwU,SACfC,SAAUzU,EAAKyU,SACf9G,aACE3N,EAAK2N,cAAgBtR,KAAKsR,cAAgB1E,EAAOoD,SAAS+G,OAC5D3C,UAAWpU,KAAK2R,SAChBtB,MAAO1M,EAAK0M,OAEd,CAAE/C,KAAK,YAGT,KAbMsK,EAAkB7T,EAWvB5B,QAEoBwB,MAAQiU,EAAgBnP,MAC3C,MAAM,IAAIV,MACR6P,EAAgBnP,OAAS,2CAG7BiP,EAAeE,EAAgBjU,gBAChC,EAEKgN,EAAclR,UAAA4Y,eAApB,SAAqBlK,qGACnB,KAAKA,aAAA,EAAAA,EAAQmK,OACX,MAAM,IAAIvQ,MAAM,qBAGM,MAAA,CAAA,EAAM2F,EAC5B,GAAApK,OAAGtD,KAAK4Q,4CACR,CACE0H,MAAOnK,EAAOmK,gBAGlB,OANMvU,EAAkBI,SAAhBR,EAAII,EAAAJ,KAAOI,EAAA0E,MAMnB,CAAA,EAAO9E,SACR,EAEDgN,EAAiBlR,UAAA8Y,kBAAjB,SACElL,QAAA,IAAAA,IAAAA,EAKM,CAAA,GAEN,IAAMc,EAAS,CACbiG,UAAWpU,KAAK2R,SAChBL,aACEjE,EAAQyJ,YAAc9W,KAAKsR,cAAgB1E,EAAOoD,SAAS+G,OAC7DF,cAAexJ,EAAQwJ,eAAiB1P,IAAc,OAAS,QAC/DqR,SAAUnL,EAAQmL,SAClBhC,MAAOnJ,EAAQmJ,OAIXxU,EAAI5C,OAAOqZ,YACfrZ,OAAOsZ,QAAQvK,GAAQwK,QAAO,SAAC5U,GAAiB,OAAbA,EAAA,KAAOA,EAAA,EAAM,KAGlD,MAAO,GAAGT,OAAAtD,KAAK4Q,gCAAuB,IAAIxC,gBAAgBpM,GAAGwC,WAC9D,EAEDmM,EAASlR,UAAAmZ,UAAT,SAAUvL,GAMR,IAAMQ,EAAM7N,KAAKuY,kBAAkBlL,GACnCkD,EAAcC,SAAS3C,EACxB,EAEa8C,EAAuBlR,UAAA8X,wBAArC,SAAsClK,mGAOhB,MAAM,CAAA,EAAArN,KAAKyW,qBAC7B,UAAGzW,KAAK4Q,UAAS,cACjB,CACEiG,cAAe1P,IAAc,OAAS,QACtCiQ,WAAY/J,EAAQ+J,WACpBN,WAAYzJ,EAAQyJ,WACpBE,OAAQ3J,EAAQ2J,OAChBL,YAAatJ,EAAQsJ,sBAWzB,OAlBM9I,EAAc9J,EASnB5B,OAEDnC,KAAKqM,OAAO,2BAA4B,UAAWgB,EAAS,MAAOQ,GAG/D1G,MAAgBkG,EAAQmK,qBAC1B5K,EAAOoD,SAAS5P,OAAOyN,GAGzB,CAAA,EAAO,CAAElK,KAAM,CAAEkK,IAAGA,GAAIpF,MAAO,aAChC,EAOKkI,EAAUlR,UAAAoZ,WAAhB,SAAiB1D,wGAIf,MAAM,CAAA,EAAAnV,KAAK6Q,0BAEJ,OAFP9M,EAAA5B,OAEa,CAAA,EAAAnC,KAAKgP,KAAKC,cAAe,GAAE,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,sDAC/B,KAAA,EAAA,MAAA,CAAA,EAAM3I,KAAK8Y,YAAY3D,IAA9B,KAAA,EAAA,MAAA,CAAA,EAAOpR,aACR,GAAA,KAFD,KAAA,EAAA,MAAA,CAAA,EAAOA,gBAGR,EAaK4M,EAAAlR,UAAAsZ,WAAN,gHACE,MAAM,CAAA,EAAA/Y,KAAK6Q,0BAEI,OAFf9M,EAAA5B,OAEqB,CAAA,EAAAnC,KAAKgP,KAAKC,cAAe,GAAE,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,iDAC9C,MAAA,CAAA,EAAO3I,KAAKmW,aAAY,SAAOzU,GAAM,OAAAd,EAAA+H,OAAA,OAAA,GAAA,sCACnC,MAAA,CAAA,EAAOjH,KACR,GAAA,OACF,GAAA,YAED,MAAA,CAAA,EANeqC,EAIb5B,cAGH,EAQawO,EAAWlR,UAAA0W,YAAzB,SACElN,mGAsBAjJ,KAAKqM,OAAO,eAAgB,0BAIX,6BAAA,CAAA,EAAMrM,KAAKgZ,wBAEnB,OAFDtX,EAASqC,EAA0B5B,OAElC,CAAA,EAAM8G,EAAGvH,IAAhB,KAAA,EAAA,MAAA,CAAA,EAAOqC,wBAEP/D,KAAKqM,OAAO,eAAgB,kCAE/B,EAOasE,EAAAlR,UAAAuZ,cAAd,uHAoBEhZ,KAAKqM,OAAO,mBAAoB,SAE3BrM,KAAKgP,KAAKF,cACb9O,KAAKqM,OACH,mBACA,qCACA,IAAItE,OAAQkR,wBAOO,6BAFjB9D,EAAiC,KAEV,CAAA,EAAAnR,EAAahE,KAAKyD,QAASzD,KAAKqG,oBAIvD,OAJE6S,EAAe/U,EAAiDhC,OAEtEnC,KAAKqM,OAAO,gBAAiB,uBAAwB6M,GAEhC,OAAjBA,EAAqB,CAAA,EAAA,GACnBlZ,KAAKoV,gBAAgB8D,IACvB/D,EAAiB+D,SADmB,CAAA,EAAA,UAIpC,OADAlZ,KAAKqM,OAAO,gBAAiB,qCAC7B,CAAA,EAAMrM,KAAKwS,yBAAXrO,EAAAhC,wBAIJ,OAAKgT,GAICgE,IAAahE,EAAe/M,YAC9B+M,EAAe/M,YAAcE,KAAKC,MAAQ,IAG9CvI,KAAKqM,OACH,mBACA,cAAc/I,OAAA6V,EAAa,GAAK,OAAM,YACtC,aACAhE,EAAe/M,YAGZ+Q,EAmB4B,CAAA,EAAAnZ,KAAKsV,kBACpCH,EAAelN,iBAnBXjI,KAAKyD,QAAQ2V,WACTC,EAAwB,IAAIC,MAAMnE,EAAgB,CACtDoE,IAAI,SAAAC,EAAaC,EAAcC,GAO7B,MANa,SAATD,GAEF7T,QAAQC,KACN,oWAGG8T,QAAQJ,IAAIC,EAAQC,EAAMC,EACnC,IAEFvE,EAAiBkE,GAGnB,CAAA,EAAO,CAAE1V,KAAM,CAAEmE,QAASqN,GAAkB1M,MAAO,SA9BnD,CAAA,EAAO,CAAE9E,KAAM,CAAEmE,QAAS,MAAQW,MAAO,cAoC3C,OAHM1E,EAAqBI,SAAnB2D,EAAO/D,EAAA+D,SAAEW,EAAK1E,EAAA0E,OAIpB,CAAA,EAAO,CAAE9E,KAAM,CAAEmE,QAAS,MAAQW,MAAKA,IAGzC,CAAA,EAAO,CAAE9E,KAAM,CAAEmE,QAAOA,GAAIW,MAAO,qBAEnCzI,KAAKqM,OAAO,mBAAoB,kCAEnC,EAEasE,EAAAlR,UAAA+S,eAAd,qGAGE,OAFAxS,KAAKqM,OAAO,qBAEN,CAAA,EAAAjI,EAAgBpE,KAAKyD,QAASzD,KAAKqG,2BAAzCtC,EAAA5B,iBACD,EAEOwO,EAAelR,UAAA2V,gBAAvB,SAAwB8D,GAQtB,MAN0B,iBAAjBA,GACU,OAAjBA,GACA,iBAAkBA,GAClB,kBAAmBA,GACnB,eAAgBA,CAGnB,EAEevI,EAAWlR,UAAAqZ,YAA3B,SAA4B3D,uHAKxB,0BAAKA,EAAenN,eAAiBmN,EAAelN,cAClD,MAAM,IAAIiD,EAaR,OAVEuI,EAAUnL,KAAKC,MAAQ,IACzBoL,EAAYF,EACZ0F,GAAa,EACbrR,EAA0B,MACxB8R,EAAUlQ,EAAiByL,EAAenN,eACpC6R,MACVlG,EAAYiG,EAAQC,IACpBV,EAAaxF,GAAaF,GAGxB0F,EAEM,CAAA,EAAAnZ,KAAKsV,kBAAkBH,EAAelN,gBAFlC,CAAA,EAAA,UAGZ,OAFMlE,EACJyJ,SADesM,EAAgB/V,EAAA+D,SAAEW,EAAK1E,EAAA0E,OAGtC,CAAA,EAAO,CAAE9E,KAAM,CAAE6E,KAAM,KAAMV,QAAS,MAAQW,MAAOA,IAGlDqR,GAGLhS,EAAUgS,SAFR,CAAA,EAAO,CAAEnW,KAAM,CAAE6E,KAAM,KAAMV,QAAS,MAAQW,MAAO,cAI/B,MAAM,CAAA,EAAAzI,KAAK+T,SACjCoB,EAAenN,sBAEjB,GAHM7D,EAAkBqJ,SAAhB7J,EAAIQ,EAAAR,MAAE8E,EAAKtE,EAAAsE,SAGL9E,EAAK6E,KACjB,MAAMC,EAUR,OARAX,EAAU,CACRE,aAAcmN,EAAenN,aAC7BC,cAAekN,EAAelN,cAC9BO,KAAM7E,EAAK6E,KACX+K,WAAY,SACZrL,WAAYyL,EAAYF,EACxBrL,WAAYuL,GAEd,CAAA,EAAM3T,KAAK2S,aAAa7K,WACxB,OADA0F,EAAArL,OACM,CAAA,EAAAnC,KAAKiS,sBAAsB,YAAanK,WAA9C0F,EAAArL,iBAGF,KAAA,EAAA,MAAA,CAAA,EAAO,CAAEwB,KAAM,CAAE6E,KAAMV,EAAQU,KAAMV,WAAWW,MAAO,cAEvD,GAAI2C,cACF,MAAA,CAAA,EAAO,CAAEzH,KAAM,CAAEmE,QAAS,KAAMU,KAAM,MAAQC,MAAKsR,IAGrD,MAAMA,yBAET,EAMapJ,EAAYlR,UAAAkT,aAA1B,SAA2B7K,6FAGzB,OAFA9H,KAAKqM,OAAO,kBAAmBvE,GAE/B,CAAA,EAAMtE,EAAaxD,KAAKyD,QAASzD,KAAKqG,WAAYyB,kBAAlD/D,EAAA5B,iBACD,EAEawO,EAAQlR,UAAAsU,SAAtB,SAAuB/L,mGACrB,IAAKA,EAAc,MAAM,IAAID,MAAM,mCAEvB,OADZ/H,KAAKqM,OAAO,qBACA,CAAA,EAAM0B,EAAW,GAAAzK,OAAGtD,KAAK4Q,iBAAgB,CACnDjH,MAAO3B,YAGT,OAJMc,EAAM/E,EAEV5B,OACFnC,KAAKqM,OAAO,mBACZ,CAAA,EAAO,CAAE1I,KAAM,CAAE6E,KAAMM,EAAInF,MAAQ8E,MAAOK,EAAIL,cAC/C,EAEakI,EAAiBlR,UAAA6V,kBAA/B,SAAgC0E,iHAC9B,IAAKA,EACH,MAAM,IAAI9O,EAIZ,GAAIlL,KAAKiR,mBACP,MAAA,CAAA,EAAOjR,KAAKiR,mBAAmBrI,SAG3BsM,EAAY,sBAAsB5R,OAAA0W,EAAarK,UAAU,EAAG,GAAE,QAEpE3P,KAAKqM,OAAO6I,EAAW,0BAKG,gCAFxBlV,KAAKiR,mBAAqB,IAAIvI,EAEN,CAAA,EAAM1I,KAAKia,oBAAoBD,WACvD,GADMjW,EAAkBiP,SAAhBrP,EAAII,EAAAJ,KAAE8E,EAAK1E,EAAA0E,MACR,MAAMA,EACjB,IAAK9E,EAAKmE,QAAS,MAAM,IAAIoD,EAE7B,MAAM,CAAA,EAAAlL,KAAK2S,aAAahP,EAAKmE,iBAC7B,OADAkL,EAAA7Q,OACM,CAAA,EAAAnC,KAAKiS,sBAAsB,kBAAmBtO,EAAKmE,iBAMzD,OANAkL,EAAA7Q,OAEMT,EAAS,CAAEoG,QAASnE,EAAKmE,QAASW,MAAO,MAE/CzI,KAAKiR,mBAAmB/P,QAAQQ,GAEhC,CAAA,EAAOA,UAIH,kBAFJ1B,KAAKqM,OAAO6I,EAAW,QAASgF,GAE5B9O,EAAY8O,IACRxY,EAAS,CAAEoG,QAAS,KAAMW,MAAKyR,GAEhCrO,EAA0BqO,GAAM,CAAA,EAAA,GACnC,CAAA,EAAMla,KAAKwS,mBAJO,CAAA,EAAA,UAKlB,OADAQ,EAAA7Q,OACM,CAAA,EAAAnC,KAAKiS,sBAAsB,aAAc,cAA/Ce,EAAA7Q,wBAKF,OAFuB,QAAvBgC,EAAAnE,KAAKiR,0BAAkB,IAAA9M,GAAAA,EAAEjD,QAAQQ,GAEjC,CAAA,EAAOA,UAIT,MADuB,QAAvB8L,EAAAxN,KAAKiR,0BAAkB,IAAAzD,GAAAA,EAAErM,OAAO+Y,GAC1BA,iBAENla,KAAKiR,mBAAqB,KAC1BjR,KAAKqM,OAAO6I,EAAW,mCAE1B,EAMavE,EAAmBlR,UAAAwa,oBAAjC,SACED,8GAEM9E,EAAY,wBAAwB5R,OAAA0W,EAAarK,UACrD,EACA,GACD,QACD3P,KAAKqM,OAAO6I,EAAW,0BAOd,8BAJDiF,EAAY7R,KAAKC,MAIV,CAAA,EAAAS,GACX,SAAOI,GAAO,OAAAxI,EAAA+H,OAAA,OAAA,GAAA,6EACR,OAAAS,EAAU,EACZ,CAAA,EAAMG,EAAM,IAAM3C,KAAKwT,IAAI,EAAGhR,EAAU,KAD3B,CAAA,EAAA,UACboE,EAA2CrL,wBAUzB,OAPpBnC,KAAKqM,OAAO6I,EAAW,qBAAsB9L,GAOzB,CAAA,EAAMsE,EACxB,GAAApK,OAAGtD,KAAK4Q,0BACR,CACEwD,UAAWpU,KAAK2R,SAChB0C,WAAY,gBACZpM,cAAe+R,YAKnB,GAVMzF,EAAc/G,EAOnBrL,OACKkY,EAAczS,EAAiB2M,KAEN,QAA1BxQ,EAAAsW,EAAY1W,KAAKmE,eAAS,IAAA/D,OAAA,EAAAA,EAAAiE,cAC7B,MAAM,IAAID,MAAM,YAED,MAAA,CAAA,EAAM/H,KAAK+T,SACA,QAA1B5P,EAAAkW,EAAY1W,KAAKmE,eAAS,IAAA3D,OAAA,EAAAA,EAAA6D,sBAI5B,GALMsS,EAAW9M,EAEhBrL,OAEaqG,EAAgB8R,EAAZ3W,KAAY2W,QAE5B,MAAM,IAAIvS,MAAM,yBAElB,IAAKS,EACH,MAAM,IAAIT,MAAM,iBAclB,MAAA,CAAA,EAXU,CACRpE,KAAM,CACJmE,QAAO3H,EAAAA,EAAA,CAAA,EACFka,EAAY1W,KAAKmE,SAAO,CAC3BU,KAAIA,IAENA,KAAIA,GAENC,MAAO,iBAKX,SAACW,EAASX,GACR,IAAM8R,EAAsB,IAAM3T,KAAKwT,IAAI,EAAGhR,GAC9C,OACEX,GACAoD,EAA0BpD,IAE1BH,KAAKC,MAAQgS,EAAsBJ,EACjCzJ,CAEN,YA5DF,MAAA,CAAA,EAAO3M,iBAiEP,cAFA/D,KAAKqM,OAAO6I,EAAW,QAASsF,GAE5BpP,EAAYoP,GACd,MAAA,CAAA,EAAO,CAAE7W,KAAM,CAAEmE,QAAS,KAAMU,KAAM,MAAQC,MAAK+R,IAErD,MAAMA,gBAENxa,KAAKqM,OAAO6I,EAAW,kCAE1B,EAEavE,EAAAlR,UAAAwS,sBAAd,SAAAwI,EAAAC,4CACE1I,EACAlK,EACA6S,kCAAA,IAAAA,IAAAA,GAAgB,8CAEVzF,EAAY,0BAAA5R,OAA0B0O,EAAK,KACjDhS,KAAKqM,OAAO6I,EAAW,QAASpN,EAAS,eAAAxE,OAAeqX,qBAkBtD,6BAfI3a,KAAKkR,kBAAoByJ,GAC3B3a,KAAKkR,iBAAiB0J,YAAY,CAAE5I,MAAKA,EAAElK,QAAOA,IAG9C+S,EAAgB,GAChBC,EAAWvb,MAAM0D,KAAKjD,KAAKmR,oBAAoB4J,UAAUzV,KAC7D,SAAO0V,GAAC,OAAApa,EAAA+H,OAAA,OAAA,GAAA,mEAEJ,6BAAM,CAAA,EAAAqS,EAAEvF,SAASzD,EAAOlK,kBAAxB/D,EAAA5B,sCAEA0Y,EAAO/X,KAAKmY,6BAEf,GAAA,IAGH,CAAA,EAAMha,QAAQqO,IAAIwL,WAElB,GAFA/W,EAAA5B,OAEI0Y,EAAOna,OAAS,EAAG,CACrB,IAASH,EAAI,EAAGA,EAAIsa,EAAOna,OAAQH,GAAK,EACtCqF,QAAQ6C,MAAMoS,EAAOta,IAGvB,MAAMsa,EAAO,EACf,2BAEA7a,KAAKqM,OAAO6I,EAAW,kCAE1B,EAUKvE,EAAAlR,UAAAyO,QAAN,oDACEb,0BAAA,IAAAA,IAAAA,EAAA,CAAqBmJ,MAAO,sDAE5B,MAAM,CAAA,EAAAxW,KAAK6Q,0BAEJ,OAFP9M,EAAA5B,OAEa,CAAA,EAAAnC,KAAKgP,KAAKC,cAAe,GAAE,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,sDAC/B,KAAA,EAAA,MAAA,CAAA,EAAM3I,KAAKkb,SAAS7N,IAA3B,KAAA,EAAA,MAAA,CAAA,EAAOtJ,aACR,GAAA,KAFD,KAAA,EAAA,MAAA,CAAA,EAAOA,gBAGR,EAEe4M,EAAAlR,UAAAyb,SAAhB,oDACEnX,cAAAI,OAAuD,IAAAJ,EAAA,CAAEyS,MAAO,UAAUzS,EAAxEyS,EAAKrS,EAAAqS,aAAUrS,EAAAgX,6CAEV,KAAA,EAAA,MAAA,CAAA,EAAMnb,KAAKmW,aAAY,SAAOzU,GAAM,OAAAd,EAAA+H,OAAA,OAAA,GAAA,yEAEzC,OADQhF,EAA8BjC,EAA1BiC,MAASyX,EAAiB1Z,SAEpC,CAAA,EAAO,CAAE+G,MAAO2S,KAEc,QAAZrX,EAAAJ,EAAKmE,eAAO,IAAA/D,OAAA,EAAAA,EAAEiE,cAEd,CAAA,EAAMhI,KAAK4R,IAAI1D,QAAQ,CACvCkG,UAAWpU,KAAK2R,YAFL,CAAA,EAAA,UAIb,IAHQlJ,EAAUtE,EAEhBhC,OAFWsG,UXxxCf,SAAyBA,GAC7B,OAAO2C,EAAY3C,IAAyB,iBAAfA,EAAMuC,IACrC,CW8xCcqQ,CAAe5S,IACG,MAAjBA,EAAMoC,QAAmC,MAAjBpC,EAAMoC,QAGjC,MAAA,CAAA,EAAO,CAAEpC,MAAKA,qBAIhB,MAAU,WAAV+N,EAAkB,CAAA,EAAA,GACpB,CAAA,EAAMxW,KAAKwS,yBACX,OADArO,EAAAhC,OACA,CAAA,EAAMiC,EAAgBpE,KAAKyD,QAAS,GAAGH,OAAAtD,KAAKqG,WAA0B,2BACtE,OADAlC,EAAAhC,OACM,CAAA,EAAAnC,KAAKiS,sBAAsB,aAAc,cAA/C9N,EAAAhC,iBAEF,KAAA,EAAA,MAAA,CAAA,EAAO,CAAEsG,MAAO,UACjB,GAAA,KA7BD,KAAA,EAAA,MAAA,CAAA,EAAO+E,gBA8BR,EAMDmD,EAAiBlR,UAAA6b,kBAAjB,SACE7F,GADF,IAmCC9M,EAAA3I,KA3BOub,EfxyCD,uCAAuCtV,QAAQ,SAAS,SAAUV,GACvE,IAAMiW,EAAqB,GAAhB5U,KAAKE,SAAiB,EAEjC,OADW,KAALvB,EAAWiW,EAAS,EAAJA,EAAW,GACxBhX,SAAS,GACpB,IeqyCQiX,EAA6B,CACjCF,GAAEA,EACF9F,SAAQA,EACRiG,YAAa,WACX/S,EAAK0D,OACH,iBACA,wCACAkP,GAGF5S,EAAKwI,oBAAoBjB,OAAOqL,EAClC,GAcF,OAXAvb,KAAKqM,OAAO,uBAAwB,8BAA+BkP,GAEnEvb,KAAKmR,oBAAoBwK,IAAIJ,EAAIE,GAChC7a,EAAA+H,OAAA,OAAA,GAAA,wEACC,MAAM,CAAA,EAAA3I,KAAK6Q,0BAEX,OAFA9M,EAAA5B,OAEM,CAAA,EAAAnC,KAAKgP,KAAKC,cAAe,GAAE,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,6CAC/B3I,KAAK4b,oBAAoBL,SAC1B,GAAA,mBAFDxX,EAAA5B,cAGD,IAEM,CAAEwB,KAAM,CAAE8X,aAAYA,GAC9B,EAEa9K,EAAmBlR,UAAAmc,oBAAjC,SAAkCL,iGACzB,KAAA,EAAA,MAAA,CAAA,EAAMvb,KAAKmW,aAAY,SAAOzU,GAAM,OAAAd,EAAA+H,OAAA,OAAA,GAAA,2EAMvC,yBAHUb,EAENpG,EAFaiC,KAAAmE,QACfW,EACE/G,QACO,MAAM+G,EAEjB,MAAA,CAAA,EAEI,QAFE1E,EAAA/D,KAAKmR,oBACRoI,IAAIgC,UACH,IAAAxX,OAAA,EAAAA,EAAA0R,SAAS,kBAAmB3N,kBAFhC0F,EAAArL,OAGAnC,KAAKqM,OAAO,kBAAmB,cAAekP,EAAI,UAAWzT,gBAE7D,kBAAA,CAAA,EAEI,QAFE3D,EAAAnE,KAAKmR,oBACRoI,IAAIgC,UACH,IAAApX,OAAA,EAAAA,EAAAsR,SAAS,kBAAmB,qBAFhCjI,EAAArL,OAGAnC,KAAKqM,OAAO,kBAAmB,cAAekP,EAAI,QAASM,GAC3DjW,QAAQ6C,MAAMoT,6BAEjB,GAAA,KAnBD,KAAA,EAAA,MAAA,CAAA,EAAO9X,gBAoBR,EAQK4M,EAAclR,UAAAqc,eAApB,SAAqB3G,wGAGnB,MAAM,CAAA,EAAAnV,KAAK6Q,0BAEJ,OAFP9M,EAAA5B,OAEa,CAAA,EAAAnC,KAAKgP,KAAKC,cAAe,GAAE,WAAA,OAAArO,EAAA+H,OAAA,OAAA,GAAA,sDAC/B,KAAA,EAAA,MAAA,CAAA,EAAM3I,KAAK+b,gBAAgB5G,IAAlC,KAAA,EAAA,MAAA,CAAA,EAAOpR,aACR,GAAA,KAFD,KAAA,EAAA,MAAA,CAAA,EAAOA,gBAGR,EAEe4M,EAAelR,UAAAsc,gBAA/B,SAAgC5G,0GAIrB,6BAAA,CAAA,EAAMnV,KAAKmW,aAAY,SAAOzU,GAAM,OAAAd,EAAA+H,OAAA,OAAA,GAAA,6EACzC,IAAKwM,EAAgB,CAEnB,GADQxR,EAAgBjC,EAAMiC,KAAhBqY,EAAUta,QAEtB,MAAMsa,EAGR7G,EAA6B,QAAZhR,EAAAR,EAAKmE,eAAO,IAAA3D,EAAAA,OAAIgH,CACnC,CAEA,KAAKgK,aAAA,EAAAA,EAAgBlN,eACnB,MAAM,IAAIiD,EAGe,MAAM,CAAA,EAAAlL,KAAKsV,kBACpCH,EAAelN,uBAEjB,OAHMlE,EAAqByJ,SAAnB1F,EAAO/D,EAAA+D,SAAEW,EAAK1E,EAAA0E,OAIpB,CAAA,EAAO,CAAE9E,KAAM,CAAE6E,KAAM,KAAMV,QAAS,MAAQW,MAAOA,IAGlDX,EAIL,CAAA,EAAO,CAAEnE,KAAM,CAAE6E,KAAOV,EAAgBU,KAAMV,WAAWW,MAAO,OAH9D,CAAA,EAAO,CAAE9E,KAAM,CAAE6E,KAAM,KAAMV,QAAS,MAAQW,MAAO,UAIxD,GAAA,KA1BD,KAAA,EAAA,MAAA,CAAA,EAAO1E,iBA4BP,GAAIqH,cACF,MAAA,CAAA,EAAO,CAAEzH,KAAM,CAAE6E,KAAM,KAAMV,QAAS,MAAQW,MAAKwT,IAGrD,MAAMA,yBAET,EACFtL,CAAD,CA3+CA,CAAsCjC,GCpDtCwN,EAAA,WAAA,ECXaC,EAAe,SAACnQ,GAC3B,OAAO,IAAI2E,EAAiB3E,EAC9B","x_google_ignoreList":[0]}