@faable/auth-js 1.6.2-next.1 → 1.6.2-next.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/README.md CHANGED
@@ -191,13 +191,23 @@ import { createClient } from '@faable/auth-js'
191
191
  export const auth = createClient({
192
192
  domain: '<faableauth_domain>',
193
193
  clientId: '<client_id>',
194
- cookieOptions: {
195
- domain: '.example.com',
196
- path: '/',
197
- sameSite: 'Lax',
198
- secure: true,
199
- maxAge: 60 * 60 * 24 * 7
200
- }
194
+ storage: 'cookie'
195
+ })
196
+ ```
197
+
198
+ That's it. The adapter sets sensible defaults: `Path=/`, `SameSite=Lax`, auto
199
+ `Secure` on HTTPS, and a 30-day `Max-Age` so users stay signed in across browser
200
+ restarts.
201
+
202
+ Use `cookieOptions` only when you need to override something — e.g. share the
203
+ session across subdomains:
204
+
205
+ ```ts
206
+ createClient({
207
+ domain: '<faableauth_domain>',
208
+ clientId: '<client_id>',
209
+ storage: 'cookie',
210
+ cookieOptions: { domain: '.example.com' }
201
211
  })
202
212
  ```
203
213
 
@@ -225,18 +235,19 @@ the server:
225
235
 
226
236
  ```ts
227
237
  // app/page.tsx
228
- import { cookies } from "next/headers";
229
- import { getSessionFromCookies } from "@faable/auth-js";
238
+ import { cookies } from 'next/headers'
239
+ import { getSessionFromCookies } from '@faable/auth-js'
230
240
 
231
241
  export default async function Page() {
232
- const session = getSessionFromCookies(cookies(), "faable.auth.token-<client_id>");
233
- if (!session) return <SignIn />;
234
- return <Dashboard user={session.user} />;
242
+ const session = getSessionFromCookies(cookies(), { clientId: '<client_id>' })
243
+ if (!session) return <SignIn />
244
+ return <Dashboard user={session.user} />
235
245
  }
236
246
  ```
237
247
 
238
- The storage key follows the pattern
239
- `${storageKey ?? "faable.auth.token"}-${clientId}`.
248
+ Pass the same `clientId` you used in `createClient`. If you also passed a custom
249
+ `storageKey` to `createClient`, mirror it here as `{ clientId, storageKey }` so
250
+ the helper looks at the same cookie.
240
251
 
241
252
  ## License
242
253
 
@@ -1,6 +1,14 @@
1
1
  import { Session } from './types';
2
2
  /**
3
- * Helper for Next.js to get the session from the server-side cookies.
4
- * This can be used in API routes or Server Components.
3
+ * Helper for Next.js (and any other SSR runtime) to read the session from
4
+ * cookies on the server. Mirrors how the browser client builds the storage
5
+ * key and reassembles chunked cookies written by `cookieStorageAdapter`,
6
+ * so the integrator only needs to pass their `clientId`.
7
+ *
8
+ * The first argument can be the result of `cookies()` from `next/headers`,
9
+ * or any plain object whose keys are cookie names.
5
10
  */
6
- export declare const getSessionFromCookies: (cookiesStore: any, storageKey: string) => Session | null;
11
+ export declare const getSessionFromCookies: (cookiesStore: any, options: {
12
+ clientId: string;
13
+ storageKey?: string;
14
+ }) => Session | null;
@@ -9,10 +9,21 @@ export type CookieOptions = CookieAttributes;
9
9
  export interface CookieJar {
10
10
  cookie: string;
11
11
  }
12
+ /**
13
+ * Reads `key` from the parsed cookie map. Prefers a single un-chunked cookie
14
+ * (back-compat with sessions written by earlier SDK versions); falls back to
15
+ * concatenating numbered chunks. Returns null when nothing is found.
16
+ */
17
+ export declare const readChunkedCookieValue: (parsed: Map<string, string>, key: string) => string | null;
12
18
  /**
13
19
  * A storage adapter that uses `document.cookie` to persist sessions. Useful
14
20
  * in SSR setups where the server reads the cookie on every request.
15
21
  *
22
+ * Values exceeding `MAX_CHUNK_SIZE` are transparently split across numbered
23
+ * cookies (`<key>.0`, `<key>.1`, …) so a full session — which easily exceeds
24
+ * the 4 KB per-cookie browser limit once tokens, id_token and user metadata
25
+ * are encoded — round-trips without being silently dropped by the browser.
26
+ *
16
27
  * The optional `jar` parameter lets tests inject a fake document; production
17
28
  * code passes nothing and the adapter uses the real `document` in browsers
18
29
  * (and no-ops on the server).
@@ -259,10 +259,18 @@ export type FaableAuthClientConfig = {
259
259
  cookieDomain?: string;
260
260
  useRefreshTokens?: boolean;
261
261
  flowType?: AuthFlowType;
262
- storage?: SupportedStorage;
262
+ /**
263
+ * Where to keep the session. Pass `'localStorage'` (default) or `'cookie'`
264
+ * for the bundled adapters, or any custom `SupportedStorage` implementation.
265
+ * The cookie adapter ships with sane defaults (`Path=/`, `SameSite=Lax`,
266
+ * auto `Secure` on HTTPS, 30-day `Max-Age`); use `cookieOptions` to override.
267
+ */
268
+ storage?: SupportedStorage | 'cookie' | 'localStorage';
263
269
  storageKey?: string;
264
270
  /**
265
- * (Optional) Options for the cookie storage.
271
+ * (Optional) Overrides for the cookie storage attributes. Setting this also
272
+ * implicitly switches to the cookie adapter, so passing `storage: 'cookie'`
273
+ * is not required when you only want to tweak attributes.
266
274
  */
267
275
  cookieOptions?: CookieOptions;
268
276
  /**
@@ -1,7 +1,7 @@
1
1
  /*!
2
- * @faable/auth-js v1.6.2-next.1
2
+ * @faable/auth-js v1.6.2-next.3
3
3
  * (c) 2026
4
4
  * @license SEE LICENSE.md
5
5
  */
6
- !function(e){"use strict";var t=function(e,r){return t=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var r in t)Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r])},t(e,r)};function r(e,r){if("function"!=typeof r&&null!==r)throw new TypeError("Class extends value "+String(r)+" is not a constructor or null");function n(){this.constructor=e}t(e,r),e.prototype=null===r?Object.create(r):(n.prototype=r.prototype,new n)}var n=function(){return n=Object.assign||function(e){for(var t,r=1,n=arguments.length;r<n;r++)for(var i in t=arguments[r])Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i]);return e},n.apply(this,arguments)};function i(e,t,r,n){return new(r||(r=Promise))((function(i,s){function o(e){try{c(n.next(e))}catch(e){s(e)}}function a(e){try{c(n.throw(e))}catch(e){s(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(o,a)}c((n=n.apply(e,t||[])).next())}))}function s(e,t){var r,n,i,s={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]},o=Object.create(("function"==typeof Iterator?Iterator:Object).prototype);return o.next=a(0),o.throw=a(1),o.return=a(2),"function"==typeof Symbol&&(o[Symbol.iterator]=function(){return this}),o;function a(a){return function(c){return function(a){if(r)throw new TypeError("Generator is already executing.");for(;o&&(o=0,a[0]&&(s=0)),s;)try{if(r=1,n&&(i=2&a[0]?n.return:a[0]?n.throw||((i=n.return)&&i.call(n),0):n.next)&&!(i=i.call(n,a[1])).done)return i;switch(n=0,i&&(a=[2&a[0],i.value]),a[0]){case 0:case 1:i=a;break;case 4:return s.label++,{value:a[1],done:!1};case 5:s.label++,n=a[1],a=[0];continue;case 7:a=s.ops.pop(),s.trys.pop();continue;default:if(!(i=s.trys,(i=i.length>0&&i[i.length-1])||6!==a[0]&&2!==a[0])){s=0;continue}if(3===a[0]&&(!i||a[1]>i[0]&&a[1]<i[3])){s.label=a[1];break}if(6===a[0]&&s.label<i[1]){s.label=i[1],i=a;break}if(i&&s.label<i[2]){s.label=i[2],s.ops.push(a);break}i[2]&&s.ops.pop(),s.trys.pop();continue}a=t.call(e,s)}catch(e){a=[6,e],n=0}finally{r=i=0}if(5&a[0])throw a[1];return{value:a[0]?a[1]:void 0,done:!0}}([a,c])}}}function o(e,t,r){if(r||2===arguments.length)for(var n,i=0,s=t.length;i<s;i++)!n&&i in t||(n||(n=Array.prototype.slice.call(t,0,i)),n[i]=t[i]);return e.concat(n||Array.prototype.slice.call(t))}"function"==typeof SuppressedError&&SuppressedError;var a=function(){function e(e){void 0===e&&(e={}),this.logger=console.log,this.logDebugMessages=!!e.debug,"function"==typeof e.debug&&(this.logger=e.debug)}return e.prototype._debug=function(){for(var e=[],t=0;t<arguments.length;t++)e[t]=arguments[t];if(this.logDebugMessages){var r=this.extraPrint?this.extraPrint():"";this.logger.apply(this,o(["FaableAuth@".concat(r," (").concat("0.0.0",") ").concat((new Date).toISOString())],e,!1))}return this},e}(),c=function(e){function t(r){void 0===r&&(r={});var n=e.call(this,r)||this;return n.instanceID=t.nextInstanceID,t.nextInstanceID+=1,n}return r(t,e),t.prototype.extraPrint=function(){return this.instanceID.toString()},t.nextInstanceID=0,t}(a),u="undefined"!=typeof window?window:void 0,l="undefined"!=typeof globalThis?globalThis:u,h=null==l?void 0:l.document,d=l.fetch,f=function(e){void 0===e&&(e={});var t={};return(null==e?void 0:e.token)&&(t=n(n({},t),{Authorization:"Bearer ".concat(null==e?void 0:e.token)})),n(n({},null==e?void 0:e.headers),t)},v=function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i(void 0,o([e],t,!0),void 0,(function(e,t){var r,n,i;return void 0===t&&(t={}),s(this,(function(s){switch(s.label){case 0:return t.raw?[4,e.text()]:[3,2];case 1:return n=s.sent(),[3,4];case 2:return[4,e.json()];case 3:n=s.sent(),s.label=4;case 4:return r=n,e.status>=300?[2,{data:r,error:t.raw?null===(i=JSON.parse(r))||void 0===i?void 0:i.message:null==r?void 0:r.message}]:[2,{data:r,error:null}]}}))}))},p=function(e,t){for(var r=[],a=2;a<arguments.length;a++)r[a-2]=arguments[a];return i(void 0,o([e,t],r,!0),void 0,(function(e,t,r){var i;return void 0===r&&(r={}),s(this,(function(s){switch(s.label){case 0:return s.trys.push([0,3,,4]),[4,d(e,{method:"POST",body:JSON.stringify(t),headers:n(n({},f(r)),{"Content-Type":"application/json"})})];case 1:return i=s.sent(),[4,v(i,r)];case 2:return[2,s.sent()];case 3:return[2,{data:null,error:s.sent()}];case 4:return[2]}}))}))},b=function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i(void 0,o([e],t,!0),void 0,(function(e,t){var r;return void 0===t&&(t={}),s(this,(function(i){switch(i.label){case 0:return i.trys.push([0,3,,4]),[4,d(e,n(n({},t),{method:"GET",headers:f(t)}))];case 1:return r=i.sent(),[4,v(r,t)];case 2:return[2,i.sent()];case 3:return[2,{data:null,error:i.sent()}];case 4:return[2]}}))}))},g=function(e){function t(t,r){var n=e.call(this,r)||this;return n.base_url=t,n}return r(t,e),t.prototype.extraPrint=function(){return"api"},t.prototype.signOut=function(e){return i(this,void 0,void 0,(function(){var t,r;return s(this,(function(n){switch(n.label){case 0:return t="".concat(this.base_url,"/logout?").concat(new URLSearchParams(e)),this._debug("requesting ".concat(t)),[4,b(t)];case 1:return r=n.sent(),this._debug(r),r.error?[2,{error:r.error,data:null}]:[2,{error:null,data:null}]}}))}))},t}(a),_=function(e,t){return e.response_type||(t?"code":"token")},y=function(e,t,r){return i(void 0,void 0,void 0,(function(){return s(this,(function(n){switch(n.label){case 0:return[4,e.setItem(t,JSON.stringify(r))];case 1:return n.sent(),[2]}}))}))},w=function(e,t){return i(void 0,void 0,void 0,(function(){var r;return s(this,(function(n){switch(n.label){case 0:return[4,e.getItem(t)];case 1:if(!(r=n.sent()))return[2,null];try{return[2,JSON.parse(r)]}catch(e){return[2,r]}return[2]}}))}))},m=function(e,t,r){return i(void 0,[e,t,r],void 0,(function(e,t,r){var n,i=r.verifier,o=r.redirectType,a=r.now,c=void 0===a?Date.now():a;return s(this,(function(r){switch(r.label){case 0:return n={verifier:i,createdAt:c},o&&(n.redirectType=o),[4,y(e,t,n)];case 1:return r.sent(),[2]}}))}))},k=function(e,t){for(var r=[],n=2;n<arguments.length;n++)r[n-2]=arguments[n];return i(void 0,o([e,t],r,!0),void 0,(function(e,t,r){var n,i=(void 0===r?{}:r).now,o=void 0===i?Date.now():i;return s(this,(function(r){switch(r.label){case 0:return[4,w(e,t)];case 1:return n=r.sent(),"object"!=typeof(i=n)||null===i||"string"!=typeof i.verifier||"number"!=typeof i.createdAt?[2,null]:o-n.createdAt>6e5?[4,e.removeItem(t)]:[3,3];case 2:return r.sent(),[2,null];case 3:return[2,n.redirectType?{verifier:n.verifier,redirectType:n.redirectType}:{verifier:n.verifier}]}var i}))}))};function S(e){return("0"+e.toString(16)).substr(-2)}function T(e){return i(this,void 0,void 0,(function(){var t,r,n,i;return s(this,(function(s){switch(s.label){case 0:return t=new TextEncoder,r=t.encode(e),[4,crypto.subtle.digest("SHA-256",r)];case 1:return n=s.sent(),i=new Uint8Array(n),[2,Array.from(i).map((function(e){return String.fromCharCode(e)})).join("")]}}))}))}function I(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:return"undefined"!=typeof crypto&&void 0!==crypto.subtle&&"undefined"!=typeof TextEncoder?[4,T(e)]:(console.warn("WebCrypto API is not supported. Code challenge method will default to use plain instead of sha256."),[2,e]);case 1:return t=r.sent(),[2,(n=t,btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""))]}var n}))}))}function x(e,t){return i(this,arguments,void 0,(function(e,t,r){var n,i;return void 0===r&&(r=!1),s(this,(function(s){switch(s.label){case 0:return n=function(){if("undefined"==typeof crypto||"function"!=typeof crypto.getRandomValues)throw new Error("Web Crypto API is required to generate a PKCE code verifier");var e=new Uint32Array(56);return crypto.getRandomValues(e),Array.from(e,S).join("")}(),[4,m(e,"".concat(t,"-code-verifier"),{verifier:n,redirectType:r?"PASSWORD_RECOVERY":void 0})];case 1:return s.sent(),[4,I(n)];case 2:return[2,[i=s.sent(),n===i?"plain":"S256"]]}}))}))}var A=function(){return"undefined"!=typeof document},R={tested:!1,writable:!1},C=function(){if(!A())return!1;try{if("object"!=typeof globalThis.localStorage)return!1}catch(e){return!1}if(R.tested)return R.writable;var e="lswt-".concat(Math.random()).concat(Math.random());try{globalThis.localStorage.setItem(e,e),globalThis.localStorage.removeItem(e),R.tested=!0,R.writable=!0}catch(e){R.tested=!0,R.writable=!1}return R.writable};function E(e){var t,r,i=e.data,s=null;if(!i)throw new Error("Bad session response");return function(e){return!!e.access_token&&!!e.refresh_token&&!!e.expires_in}(i)&&(s=n({},i),!i.expires_at&&i.expires_in&&(s.expires_at=(r=i.expires_in,Math.round(Date.now()/1e3)+r))),{data:{session:s,user:null!==(t=i.user)&&void 0!==t?t:i},error:null}}var U=function(){function e(){var t=this;this.promise=new e.promiseConstructor((function(e,r){t.resolve=e,t.reject=r}))}return e.promiseConstructor=Promise,e}();function P(e,t){var r=this;return new Promise((function(n,o){i(r,void 0,void 0,(function(){var r,i,a;return s(this,(function(s){switch(s.label){case 0:r=0,s.label=1;case 1:if(!(r<1/0))return[3,6];s.label=2;case 2:return s.trys.push([2,4,,5]),[4,e(r)];case 3:return i=s.sent(),t(r,null,i)?[3,5]:(n(i),[2]);case 4:return a=s.sent(),t(r,a)?[3,5]:(o(a),[2]);case 5:return r++,[3,1];case 6:return[2]}}))}))}))}function L(e){return i(this,void 0,void 0,(function(){return s(this,(function(t){return[2,new Promise((function(t){setTimeout((function(){return t(null)}),e)}))]}))}))}var O=function(){function e(e,t){var r=this;if(this.debug=t,this.channel=null,this.subscribers=new Map,"undefined"!=typeof globalThis&&"function"==typeof globalThis.BroadcastChannel&&e)try{this.channel=new globalThis.BroadcastChannel(e),this.channel.addEventListener("message",(function(e){return i(r,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return this.debug("broadcast_sync: received notification from another tab",e),[4,this.dispatch(e.data.event,e.data.session,!1)];case 1:return t.sent(),[2]}}))}))}))}catch(e){console.error("Failed to create BroadcastChannel; cross-tab sync disabled",e)}}return e.prototype.subscribe=function(e){var t=this,r="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,(function(e){var t=16*Math.random()|0;return("x"==e?t:3&t|8).toString(16)})),n={id:r,callback:e,unsubscribe:function(){t.subscribers.delete(r)}};return this.subscribers.set(r,n),{subscription:n}},e.prototype.notify=function(e,t){return i(this,arguments,void 0,(function(e,t,r){return void 0===r&&(r=!0),s(this,(function(n){switch(n.label){case 0:return r&&this.channel&&this.channel.postMessage({event:e,session:t}),[4,this.dispatch(e,t,r)];case 1:return n.sent(),[2]}}))}))},e.prototype.dispatch=function(e,t,r){return i(this,void 0,void 0,(function(){var r,n,o,a=this;return s(this,(function(c){switch(c.label){case 0:return r=[],n=Array.from(this.subscribers.values()).map((function(n){return i(a,void 0,void 0,(function(){var i;return s(this,(function(s){switch(s.label){case 0:return s.trys.push([0,2,,3]),[4,n.callback(e,t)];case 1:return s.sent(),[3,3];case 2:return i=s.sent(),r.push(i),[3,3];case 3:return[2]}}))}))})),[4,Promise.all(n)];case 1:if(c.sent(),r.length>0){for(o=0;o<r.length;o+=1)console.error(r[o]);throw r[0]}return[2]}}))}))},e.prototype.close=function(){var e;this.subscribers.clear();try{null===(e=this.channel)||void 0===e||e.close()}catch(e){}this.channel=null},e}(),D=function(e){function t(t,r,n){var i=e.call(this,t)||this;return i.__isAuthError=!0,i.name="AuthError",i.status=r,i.code=n,i}return r(t,e),t}(Error),N=function(e){function t(t,r,n,i){var s=e.call(this,t,n,i)||this;return s.name=r,s.status=n,s}return r(t,e),t}(D),q=function(e){function t(){return e.call(this,"Auth session missing!","AuthSessionMissingError",400,void 0)||this}return r(t,e),t}(N);function z(e){return"object"==typeof e&&null!==e&&"__isAuthError"in e}!function(e){function t(t,r,n){var i=e.call(this,t,r,n)||this;return i.name="AuthApiError",i.status=r,i.code=n,i}r(t,e)}(D);var j=function(e){function t(t,r){void 0===r&&(r=null);var n=e.call(this,t,"AuthImplicitGrantRedirectError",500,void 0)||this;return n.details=null,n.details=r,n}return r(t,e),t.prototype.toJSON=function(){return{name:this.name,message:this.message,status:this.status,details:this.details}},t}(N),K=function(e){function t(t,r){void 0===r&&(r=null);var n=e.call(this,t,"AuthPKCEGrantCodeExchangeError",500,void 0)||this;return n.details=null,n.details=r,n}return r(t,e),t.prototype.toJSON=function(){return{name:this.name,message:this.message,status:this.status,details:this.details}},t}(N),M=function(e){function t(t,r){var n=e.call(this,t)||this;return n.name="AuthUnknownError",n.originalError=r,n}return r(t,e),t}(D),F=function(e){function t(){return e.call(this,"Auth session or user missing","AuthInvalidTokenResponseError",500,void 0)||this}return r(t,e),t}(N);function V(e){return z(e)&&"AuthRetryableFetchError"===e.name}function W(){if(!u)throw new Error("No window in environment");return u}!function(e){function t(t,r){return e.call(this,t,"AuthRetryableFetchError",r,void 0)||this}r(t,e)}(N);var G={redirect:function(e){W().location=e},getDocument:function(){return W().document},getWindow:W};function J(e){var t=e.split(".");if(3!==t.length)throw new Error("JWT is not valid: not a JWT structure");if(!/^([a-z0-9_-]{4})*($|[a-z0-9_-]{3}=?$|[a-z0-9_-]{2}(==)?$)$/i.test(t[1]))throw new Error("JWT is not valid: payload is not in base64url format");var r=t[1];return JSON.parse(function(e){var t,r,n,i,s,o,a="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",c="",u=0;for(e=e.replace("-","+").replace("_","/");u<e.length;)t=a.indexOf(e.charAt(u++))<<2|(i=a.indexOf(e.charAt(u++)))>>4,r=(15&i)<<4|(s=a.indexOf(e.charAt(u++)))>>2,n=(3&s)<<6|(o=a.indexOf(e.charAt(u++))),c+=String.fromCharCode(t),64!=s&&0!=r&&(c+=String.fromCharCode(r)),64!=o&&0!=n&&(c+=String.fromCharCode(n));return c}(r))}var B=function(e){return"object"==typeof e&&null!==e&&"access_token"in e&&"refresh_token"in e&&"expires_at"in e},$=function(e){try{return decodeURIComponent(e)}catch(t){return e}},H=function(e,t,r){var n="".concat(encodeURIComponent(e),"=").concat(encodeURIComponent(t));return void 0!==r.maxAge&&(n+="; Max-Age=".concat(r.maxAge)),r.domain&&(n+="; Domain=".concat(r.domain)),r.path&&(n+="; Path=".concat(r.path)),r.sameSite&&(n+="; SameSite=".concat(r.sameSite)),(!0===r.secure||"None"===r.sameSite)&&(n+="; Secure"),n},Y=function(e,t){void 0===e&&(e={}),void 0===t&&(t=A()?document:null);var r=n({path:"/",sameSite:"Lax",secure:A()&&"https:"===window.location.protocol},e);return{getItem:function(e){if(!t)return null;var r=function(e){var t=new Map;if(!e)return t;for(var r=0,n=e.split(";");r<n.length;r++){var i=n[r].trim();if(i){var s=i.indexOf("=");if(!(s<0)){var o=$(i.slice(0,s).trim()),a=$(i.slice(s+1).trim());o&&t.set(o,a)}}}return t}(t.cookie);return r.has(e)?r.get(e):null},setItem:function(e,n){t&&(t.cookie=H(e,n,r))},removeItem:function(e){t&&(t.cookie=function(e,t){return H(e,"",{domain:t.domain,path:t.path,sameSite:t.sameSite,secure:t.secure,maxAge:0})}(e,r))}}},Q={getItem:function(e){return C()?globalThis.localStorage.getItem(e):null},setItem:function(e,t){C()&&globalThis.localStorage.setItem(e,t)},removeItem:function(e){C()&&globalThis.localStorage.removeItem(e)}};function X(e){void 0===e&&(e="");var t={},r=new URL(e);if(r.hash&&"#"===r.hash[0])try{new URLSearchParams(r.hash.substring(1)).forEach((function(e,r){t[r]=e}))}catch(e){}return r.searchParams.forEach((function(e,r){t[r]=e})),t}var Z=function(e){void 0===e&&(e=[]);var t=new URL(window.location.href);e.forEach((function(e){t.searchParams.delete(e)})),t.hash="",window.history.replaceState(window.history.state,"",t.toString())};globalThis&&C()&&globalThis.localStorage&&globalThis.localStorage.getItem("faable.auth.locks.debug");var ee=function(e){function t(t){var r=e.call(this,t)||this;return r.isAcquireTimeout=!0,r}return r(t,e),t}(Error);function te(e,t,r){return i(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,r()];case 1:return[2,e.sent()]}}))}))}!function(e){function t(){return null!==e&&e.apply(this,arguments)||this}r(t,e)}(ee);var re=function(e){function t(t){var r=e.call(this,{debug:t.debug})||this;return r.lockAcquired=!1,r.pendingInLock=[],r.lock=t.lock||te,r.storageKey=t.storageKey,r}return r(t,e),t.prototype._acquireLock=function(e,t){return i(this,void 0,void 0,(function(){var r,n,a=this;return s(this,(function(c){switch(c.label){case 0:this._debug("#_acquireLock","begin",e),c.label=1;case 1:return c.trys.push([1,,3,4]),this.lockAcquired?(r=this.pendingInLock.length?this.pendingInLock[this.pendingInLock.length-1]:Promise.resolve(),n=i(a,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,r];case 1:return e.sent(),[4,t()];case 2:return[2,e.sent()]}}))})),this.pendingInLock.push(i(a,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return e.trys.push([0,2,,3]),[4,n];case 1:case 2:return e.sent(),[3,3];case 3:return[2]}}))}))),[2,n]):[4,this.lock("lock:".concat(this.storageKey),e,(function(){return i(a,void 0,void 0,(function(){var e,r,n=this;return s(this,(function(a){switch(a.label){case 0:this._debug("#_acquireLock","lock acquired for storage key",this.storageKey),a.label=1;case 1:return a.trys.push([1,,7,8]),this.lockAcquired=!0,e=t(),this.pendingInLock.push(i(n,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return t.trys.push([0,2,,3]),[4,e];case 1:case 2:return t.sent(),[3,3];case 3:return[2]}}))}))),[4,e];case 2:a.sent(),a.label=3;case 3:return this.pendingInLock.length?(r=o([],this.pendingInLock,!0),[4,Promise.all(r)]):[3,5];case 4:return a.sent(),this.pendingInLock.splice(0,r.length),[3,3];case 5:return[4,e];case 6:return[2,a.sent()];case 7:return this._debug("#_acquireLock","lock released for storage key",this.storageKey),this.lockAcquired=!1,[7];case 8:return[2]}}))}))}))];case 2:return[2,c.sent()];case 3:return this._debug("#_acquireLock","end"),[7];case 4:return[2]}}))}))},t}(c),ne=3e4,ie=function(e){function t(t){var r,n,i=this,s=(null==t?void 0:t.debug)||!1;if((i=e.call(this,{debug:s})||this).initializePromise=null,i.detectSessionInUrl=!0,i.autoRefreshTicker=null,i.visibilityChangedCallback=null,i.refreshingDeferred=null,i._session=null,i.sessionCheckExpiryDays=1,i.redirectUri=(null==t?void 0:t.redirectUri)||"",!(null==t?void 0:t.domain))throw new Error("Missing domain");if(i.domainUrl=function(e){if(!/^(https|http)?:\/\//.test(e)){var t=(null===location||void 0===location?void 0:location.protocol)||"https";return"".concat(t,"//").concat(e)}return e}(t.domain),i.tokenIssuer=(n=i.domainUrl,"".concat(n)),!t.clientId)throw new Error("Missing clientId");i.clientId=t.clientId,i.api=new g(i.domainUrl,{debug:s});var a=(null==t?void 0:t.storageKey)||"faableauth";return i.storageKey="".concat(a,"-").concat(i.clientId),(null==t?void 0:t.cookieOptions)?i.storage=Y(t.cookieOptions):i.storage=(null==t?void 0:t.storage)||Q,i.lock=new re({lock:t.lock,storageKey:i.storageKey,debug:t.debug}),i.broadcastSync=new O(A()?i.storageKey:"",(function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i._debug.apply(i,o([e],t,!1))})),i.flowType=null!==(r=t.flowType)&&void 0!==r?r:A()?"pkce":"implicit",i.autoRefreshToken=!0,i.initialize(),i}return r(t,e),Object.defineProperty(t.prototype,"session",{get:function(){return this._session},enumerable:!1,configurable:!0}),t.prototype.initialize=function(){return i(this,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return this.initializePromise?[4,this.initializePromise]:[3,2];case 1:case 3:return[2,t.sent()];case 2:return this.initializePromise=i(e,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return[4,this.lock._acquireLock(-1,(function(){return i(e,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,this._initialize()];case 1:return[2,e.sent()]}}))}))}))];case 1:return[2,t.sent()]}}))})),[4,this.initializePromise]}}))}))},t.prototype._initialize=function(){return i(this,void 0,void 0,(function(){var e,t,r,n,o,a,c,u=this;return s(this,(function(l){switch(l.label){case 0:return l.trys.push([0,8,9,11]),[4,this._detectFlowType()];case 1:return e=l.sent(),this._debug("#_initialize()","begin","flow_type",e),e?[4,this._getSessionFromURL(e)]:[3,6];case 2:return t=l.sent(),r=t.data,(n=t.error)?(this._debug("#_initialize()","error detecting session from URL",n),"Identity is already linked"===(null==n?void 0:n.message)||"Identity is already linked to another user"===(null==n?void 0:n.message)?[2,{error:n}]:[4,this._removeSession()]):[3,4];case 3:return l.sent(),[2,{error:n}];case 4:return o=r.session,a=r.redirectType,this._debug("#_initialize()","detected session in URL",o,"redirect type",a),[4,this._saveSession(o)];case 5:return l.sent(),setTimeout((function(){return i(u,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return"recovery"!==a?[3,2]:[4,this._notifyAllSubscribers("PASSWORD_RECOVERY",o)];case 1:return e.sent(),[3,4];case 2:return[4,this._notifyAllSubscribers("SIGNED_IN",o)];case 3:e.sent(),e.label=4;case 4:return[2]}}))}))}),0),[2,{error:null}];case 6:return[4,this._recoverAndRefresh()];case 7:return l.sent(),[2,{error:null}];case 8:return z(c=l.sent())?[2,{error:c}]:[2,{error:new M("Unexpected error during initialization",c)}];case 9:return[4,this._handleVisibilityChange()];case 10:return l.sent(),this._debug("#_initialize()","end"),[7];case 11:return[2]}}))}))},t.prototype._getSessionFromURL=function(e){return i(this,void 0,void 0,(function(){var t,r,n,i,o,a,c,l,h,d,f,v,p,b,g,_,y,w,m;return s(this,(function(s){switch(s.label){case 0:if(s.trys.push([0,4,,5]),t=X(null==u?void 0:u.location.href),"pkce"!=e)return[3,2];if(!t.code)throw new K("No code detected.");return[4,this._exchangeCodeForSession(t.code)];case 1:if(r=s.sent(),n=r.data,i=r.error)throw i;return Z(["code"]),[2,{data:{session:n.session,redirectType:null},error:null}];case 2:if(t.error||t.error_description||t.error_code)throw new j(t.error_description||"Error in URL with unspecified error_description",{error:t.error||"unspecified_error",code:t.error_code||"unspecified_code"});if(o=t.provider_token,a=t.provider_refresh_token,c=t.access_token,l=t.refresh_token,h=t.expires_in,d=t.expires_at,f=t.token_type,!(c&&h&&l&&f))throw new j("No session defined in URL");return v=function(e){var t=e.expires_in,r=e.expires_at,n=e.refreshTick,i=Math.round(Date.now()/1e3),s=parseInt(t),o=i+s;r&&(o=parseInt(r));var a=o-i;1e3*a<=n&&console.warn("@faable/auth-js: Session as retrieved from URL expires in ".concat(a,"s, should have been closer to ").concat(s,"s"));var c=o-s;return i-c>=120?console.warn("@faable/auth-js: Session as retrieved from URL was issued over 120s ago, URL could be stale",c,o,i):i-c<0&&console.warn("@faable/auth-js: Session as retrieved from URL was issued in the future? Check the device clok for skew",c,o,i),{expiresIn:s,expiresAt:o}}({expires_in:h,expires_at:d,refreshTick:ne}),p=v.expiresAt,b=v.expiresIn,[4,this._getUser(c)];case 3:if(g=s.sent(),_=g.data,(y=g.error)||!_)throw y;return w={provider_token:o,provider_refresh_token:a,access_token:c,expires_in:b,expires_at:p,refresh_token:l,token_type:f,user:_},Z(["access_token","expires_in","refresh_token","token_type","scope"]),this._debug("#_getSessionFromURL()","clearing window.location.hash"),[2,{data:{session:w,redirectType:t.type},error:null}];case 4:if(m=s.sent(),this._debug(m),z(m))return[2,{data:{session:null,redirectType:null},error:m}];throw m;case 5:return[2]}}))}))},t.prototype._exchangeCodeForSession=function(e){return i(this,void 0,void 0,(function(){var t,r,i,o,a,c,u,l,h,d,f,v;return s(this,(function(s){switch(s.label){case 0:return[4,k(this.storage,"".concat(this.storageKey,"-code-verifier"))];case 1:return(t=s.sent())?(r=t.verifier,i=t.redirectType,o=void 0===i?null:i,[4,p("".concat(this.domainUrl,"/oauth/token"),{client_id:this.clientId,grant_type:"authorization_code",code:e,code_verifier:r})]):[2,{data:{user:null,session:null,redirectType:null},error:new K("No active PKCE code verifier — the authorization flow has expired or was not started")}];case 2:if(a=s.sent(),c=E(a),u=c.data,l=c.error,!u)throw new Error("Missing data");return[4,this.storage.removeItem("".concat(this.storageKey,"-code-verifier"))];case 3:return s.sent(),l?[2,{data:{user:null,session:null,redirectType:null},error:l}]:u&&u.session&&u.user?(h=u.session)?[4,this._getUser(h.access_token)]:[3,7]:[2,{data:{user:null,session:null,redirectType:null},error:new F}];case 4:if(d=s.sent(),f=d.data,(v=d.error)||!f)throw v;return h=n(n({},h),{user:f}),u.session=h,[4,this._saveSession(h)];case 5:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",h)];case 6:s.sent(),s.label=7;case 7:return[2,{data:n(n({},u),{redirectType:null!=o?o:null}),error:l}]}}))}))},t.prototype._handleVisibilityChange=function(){return i(this,void 0,void 0,(function(){var e,t=this;return s(this,(function(r){switch(r.label){case 0:if(this._debug("#_handleVisibilityChange()"),!A()||!(null==u?void 0:u.addEventListener))return this.autoRefreshToken&&this.startAutoRefresh(),[2,!1];r.label=1;case 1:return r.trys.push([1,3,,4]),this.visibilityChangedCallback=function(){return i(t,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,this._onVisibilityChanged(!1)];case 1:return[2,e.sent()]}}))}))},null==u||u.addEventListener("visibilitychange",this.visibilityChangedCallback),[4,this._onVisibilityChanged(!0)];case 2:return r.sent(),[3,4];case 3:return e=r.sent(),console.error("_handleVisibilityChange",e),[3,4];case 4:return[2]}}))}))},t.prototype._onVisibilityChanged=function(e){return i(this,void 0,void 0,(function(){var t,r=this;return s(this,(function(n){switch(n.label){case 0:return t="#_onVisibilityChanged(".concat(e,")"),this._debug(t,"visibilityState",h.visibilityState),"visible"!==h.visibilityState?[3,4]:(this.autoRefreshToken&&this._startAutoRefresh(),e?[3,3]:[4,this.initializePromise]);case 1:return n.sent(),[4,this.lock._acquireLock(-1,(function(){return i(r,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return"visible"!==h.visibilityState?(this._debug(t,"acquired the lock to recover the session, but the browser visibilityState is no longer visible, aborting"),[2]):[4,this._recoverAndRefresh()];case 1:return e.sent(),[2]}}))}))}))];case 2:n.sent(),n.label=3;case 3:return[3,5];case 4:"hidden"===h.visibilityState&&this.autoRefreshToken&&this._stopAutoRefresh(),n.label=5;case 5:return[2]}}))}))},t.prototype._recoverAndRefresh=function(){return i(this,void 0,void 0,(function(){var e,t,r,n,i,o,a;return s(this,(function(s){switch(s.label){case 0:e="#_recoverAndRefresh()",this._debug(e,"begin"),s.label=1;case 1:return s.trys.push([1,12,13,14]),[4,w(this.storage,this.storageKey)];case 2:return t=s.sent(),this._debug(e,"session from storage",t),B(t)?[3,5]:(this._debug(e,"session is not valid"),null===t?[3,4]:[4,this._removeSession()]);case 3:s.sent(),s.label=4;case 4:return[2];case 5:return r=Math.round(Date.now()/1e3),n=(null!==(a=t.expires_at)&&void 0!==a?a:1/0)<r+10,this._debug(e,"session has".concat(n?"":" not"," expired with margin of ").concat(10,"s")),n?this.autoRefreshToken&&t.refresh_token?[4,this._callRefreshToken(t.refresh_token)]:[3,8]:[3,9];case 6:return(i=s.sent().error)?(console.error(i),V(i)?[3,8]:(this._debug(e,"refresh failed with a non-retryable error, removing the session",i),[4,this._removeSession()])):[3,8];case 7:s.sent(),s.label=8;case 8:return[3,11];case 9:return this._session=t,[4,this._notifyAllSubscribers("SIGNED_IN",t)];case 10:s.sent(),s.label=11;case 11:return[3,14];case 12:return o=s.sent(),this._debug(e,"error",o),console.error(o),[2];case 13:return this._debug(e,"end"),[7];case 14:return[2]}}))}))},t.prototype._removeVisibilityChangedCallback=function(){this._debug("#_removeVisibilityChangedCallback()");var e=this.visibilityChangedCallback;this.visibilityChangedCallback=null;try{e&&A()&&(null==u?void 0:u.removeEventListener)&&u.removeEventListener("visibilitychange",e)}catch(e){console.error("removing visibilitychange callback failed",e)}},t.prototype.startAutoRefresh=function(){return i(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return this._removeVisibilityChangedCallback(),[4,this._startAutoRefresh()];case 1:return e.sent(),[2]}}))}))},t.prototype._startAutoRefresh=function(){return i(this,void 0,void 0,(function(){var e,t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this._stopAutoRefresh()];case 1:return r.sent(),this._debug("#_startAutoRefresh()"),e=setInterval((function(){return t._autoRefreshTokenTick()}),ne),this.autoRefreshTicker=e,e&&"object"==typeof e&&"function"==typeof e.unref?e.unref():void 0!==globalThis.Deno&&"function"==typeof globalThis.Deno.unrefTimer&&globalThis.Deno.unrefTimer(e),setTimeout((function(){return i(t,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,this.initializePromise];case 1:return e.sent(),[4,this._autoRefreshTokenTick()];case 2:return e.sent(),[2]}}))}))}),0),[2]}}))}))},t.prototype._stopAutoRefresh=function(){return i(this,void 0,void 0,(function(){var e;return s(this,(function(t){return this._debug("#_stopAutoRefresh()"),e=this.autoRefreshTicker,this.autoRefreshTicker=null,e&&clearInterval(e),[2]}))}))},t.prototype._autoRefreshTokenTick=function(){return i(this,void 0,void 0,(function(){var e,t=this;return s(this,(function(r){switch(r.label){case 0:this._debug("#_autoRefreshTokenTick()","begin"),r.label=1;case 1:return r.trys.push([1,3,,4]),[4,this.lock._acquireLock(0,(function(){return i(t,void 0,void 0,(function(){var e,t,r=this;return s(this,(function(n){switch(n.label){case 0:n.trys.push([0,,5,6]),e=Date.now(),n.label=1;case 1:return n.trys.push([1,3,,4]),[4,this._useSession((function(t){return i(r,void 0,void 0,(function(){var r,n;return s(this,(function(i){switch(i.label){case 0:return(r=t.data.session)&&r.refresh_token&&r.expires_at?(n=Math.floor((1e3*r.expires_at-e)/ne),this._debug("#_autoRefreshTokenTick()","access token expires in ".concat(n," ticks, a tick lasts ").concat(ne,"ms, refresh threshold is ").concat(3," ticks")),n<=3?[4,this._callRefreshToken(r.refresh_token)]:[3,2]):(this._debug("#_autoRefreshTokenTick()","no session"),[2]);case 1:i.sent(),i.label=2;case 2:return[2]}}))}))}))];case 2:return[2,n.sent()];case 3:return t=n.sent(),console.error("Auto refresh tick failed with error. This is likely a transient error.",t),[3,4];case 4:return[3,6];case 5:return this._debug("#_autoRefreshTokenTick()","end"),[7];case 6:return[2]}}))}))}))];case 2:return r.sent(),[3,4];case 3:if(!((e=r.sent()).isAcquireTimeout||e instanceof ee))throw e;return this._debug("auto refresh token tick lock not available"),[3,4];case 4:return[2]}}))}))},t.prototype._detectFlowType=function(){return i(this,void 0,void 0,(function(){var e,t;return s(this,(function(r){return e=X(null==u?void 0:u.location.href),(t=A())&&e.code?[2,"pkce"]:t&&(e.access_token||e.error_description)?[2,"implicit"]:[2,null]}))}))},t.prototype._scope=function(){return this.scope||"openid profile email"},t.prototype._getUrlForConnection=function(e,t){return i(this,void 0,void 0,(function(){var r,i,o,a,c;return s(this,(function(s){switch(s.label){case 0:return r=t.queryParams||{},i={client_id:this.clientId,response_type:t.response_type,redirect_uri:t.redirectTo||this.redirectUri||(null==u?void 0:u.location.origin),scope:t.scopes||this._scope()},"pkce"!==this.flowType?[3,2]:[4,x(this.storage,this.storageKey)];case 1:o=s.sent(),a=o[0],c=o[1],r=n(n({},r),{code_challenge:a,code_challenge_method:c}),s.label=2;case 2:return t.connection_id?i.connection_id=t.connection_id:t.connection&&(i.connection=t.connection),[2,"".concat(e,"?").concat(new URLSearchParams(n(n({},r),i)))]}}))}))},t.prototype.signInWithOauthConnection=function(e){return i(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._handleConnectionSignIn({connection:e.connection,connection_id:e.connection_id,redirectTo:null==e?void 0:e.redirectTo,scopes:null==e?void 0:e.scopes,queryParams:e.queryParams,skipBrowserRedirect:e.skipBrowserRedirect})];case 1:return[2,t.sent()]}}))}))},t.prototype.signInWithUsernamePassword=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:return[4,p("".concat(this.domainUrl,"/usernamepassword/login"),{username:e.username,password:e.password,redirect_uri:e.redirectTo||this.redirectUri||(null==u?void 0:u.location.origin),client_id:this.clientId,state:e.state},{raw:!0})];case 1:return!(t=r.sent()).data||t.error?[2,{data:null,error:new M(t.error||"Error in username password login",t.error)}]:(function(e,t){var r=t.createElement("div");r.innerHTML=e;var n=t.body.appendChild(r).children[0];if(!n)throw new Error("Auth response did not contain a submittable form");n.submit()}(t.data,h),[2,{data:null,error:null}])}}))}))},t.prototype.signInWithOtp=function(e){return i(this,void 0,void 0,(function(){var t,r,n,i,o,a,c,u;return s(this,(function(s){switch(s.label){case 0:return[4,p("".concat(this.domainUrl,"/oauth/token"),{client_id:this.clientId,grant_type:"http://auth0.com/oauth/grant-type/passwordless/otp",username:e.username,otp:e.otp})];case 1:return t=s.sent(),r=E(t),n=r.data,(i=r.error)?[2,{data:{user:null,session:null},error:i}]:n&&n.session?(o=n.session,[4,this._getUser(o.access_token)]):[2,{data:{user:null,session:null},error:new F}];case 2:return a=s.sent(),c=a.data,(u=a.error)||!c?[2,{data:{user:null,session:null},error:u||new M("Could not fetch user info",null)}]:(o.user=c,[4,this._saveSession(o)]);case 3:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",o)];case 4:return s.sent(),[2,{data:{user:o.user,session:o},error:null}]}}))}))},t.prototype.signInWithPasswordless=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:return[4,p("".concat(this.domainUrl,"/passwordless/start"),{client_id:this.clientId,email:e.email,send:e.type})];case 1:return[2,{data:(t=r.sent()).data,error:t.error}]}}))}))},t.prototype.changePassword=function(e){return i(this,void 0,void 0,(function(){var t,r,n;return s(this,(function(i){switch(i.label){case 0:return(null==e?void 0:e.email)?[4,p("".concat(this.domainUrl,"/dbconnections/change_password"),{email:e.email})]:[2,{data:null,error:new M("email is required",null)}];case 1:return t=i.sent(),r=t.data,n=t.error,[2,{data:null!=r?r:null,error:n?new M(String(n),n):null}]}}))}))},t.prototype.buildAuthorizeUrl=function(e){void 0===e&&(e={});var t={client_id:this.clientId,redirect_uri:e.redirectTo||this.redirectUri||(null==u?void 0:u.location.origin),response_type:_(e,A()),audience:e.audience,scope:e.scope,connection:e.connection},r=Object.fromEntries(Object.entries(t).filter((function(e){return!!e[1]})));return"".concat(this.domainUrl,"/authorize?").concat(new URLSearchParams(r).toString())},t.prototype.authorize=function(e){var t=this.buildAuthorizeUrl(e);G.redirect(t)},t.prototype._handleConnectionSignIn=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:return[4,this._getUrlForConnection("".concat(this.domainUrl,"/authorize"),{response_type:A()?"code":"token",connection:e.connection,connection_id:e.connection_id,redirectTo:e.redirectTo,scopes:e.scopes,queryParams:e.queryParams})];case 1:return t=r.sent(),this._debug("#_handleConnectionSignIn()","options",e,"url",t),A()&&!e.skipBrowserRedirect&&(null==u||u.location.assign(t)),[2,{data:{url:t},error:null}]}}))}))},t.prototype.setSession=function(e){return i(this,void 0,void 0,(function(){var t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,(function(){return i(t,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._setSession(e)];case 1:return[2,t.sent()]}}))}))}))];case 2:return[2,r.sent()]}}))}))},t.prototype.getSession=function(){return i(this,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return[4,this.initializePromise];case 1:return t.sent(),[4,this.lock._acquireLock(-1,(function(){return i(e,void 0,void 0,(function(){var e=this;return s(this,(function(t){return[2,this._useSession((function(t){return i(e,void 0,void 0,(function(){return s(this,(function(e){return[2,t]}))}))}))]}))}))}))];case 2:return[2,t.sent()]}}))}))},t.prototype._useSession=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:this._debug("#_useSession","begin"),r.label=1;case 1:return r.trys.push([1,,4,5]),[4,this.__loadSession()];case 2:return t=r.sent(),[4,e(t)];case 3:return[2,r.sent()];case 4:return this._debug("#_useSession","end"),[7];case 5:return[2]}}))}))},t.prototype.__loadSession=function(){return i(this,void 0,void 0,(function(){var e,t,r,n,i,o,a;return s(this,(function(s){switch(s.label){case 0:this._debug("#__loadSession()","begin"),this.lock.lockAcquired||this._debug("#__loadSession()","used outside of an acquired lock!",(new Error).stack),s.label=1;case 1:return s.trys.push([1,,7,8]),e=null,[4,w(this.storage,this.storageKey)];case 2:return t=s.sent(),this._debug("#getSession()","session from storage",t),null===t?[3,5]:B(t)?(e=t,[3,5]):[3,3];case 3:return this._debug("#getSession()","session from storage is not valid"),[4,this._removeSession()];case 4:s.sent(),s.label=5;case 5:return e?(r=!!e.expires_at&&e.expires_at<=Date.now()/1e3,this._debug("#__loadSession()","session has".concat(r?"":" not"," expired"),"expires_at",e.expires_at),r?[4,this._callRefreshToken(e.refresh_token)]:(this.storage.isServer&&(n=new Proxy(e,{get:function(e,t,r){return"user"===t&&console.warn("Reading `session.user` from a server-side cookie store can be insecure: the value is whatever the cookie contains and has not been verified against Faable Auth. Re-fetch the user with `auth.getUser()` (or verify the access token yourself) before trusting it on the server."),Reflect.get(e,t,r)}}),e=n),[2,{data:{session:e},error:null}])):[2,{data:{session:null},error:null}];case 6:return i=s.sent(),o=i.session,(a=i.error)?[2,{data:{session:null},error:a}]:[2,{data:{session:o},error:null}];case 7:return this._debug("#__loadSession()","end"),[7];case 8:return[2]}}))}))},t.prototype._removeSession=function(){return i(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return this._debug("#_removeSession()"),this._session=null,[4,this.storage.removeItem(this.storageKey)];case 1:return e.sent(),[2]}}))}))},t.prototype._setSession=function(e){return i(this,void 0,void 0,(function(){var t,r,n,i,o,a,c,u,l,h,d;return s(this,(function(s){switch(s.label){case 0:if(s.trys.push([0,7,,8]),!e.access_token||!e.refresh_token)throw new q;return t=Date.now()/1e3,r=t,n=!0,i=null,(o=J(e.access_token)).exp&&(r=o.exp,n=r<=t),n?[4,this._callRefreshToken(e.refresh_token)]:[3,2];case 1:return a=s.sent(),c=a.session,(h=a.error)?[2,{data:{user:null,session:null},error:h}]:c?(i=c,[3,6]):[2,{data:{user:null,session:null},error:null}];case 2:return[4,this._getUser(e.access_token)];case 3:if(u=s.sent(),l=u.data,(h=u.error)||!l)throw h;return i={access_token:e.access_token,refresh_token:e.refresh_token,user:l,token_type:"bearer",expires_in:r-t,expires_at:r},[4,this._saveSession(i)];case 4:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",i)];case 5:s.sent(),s.label=6;case 6:return[2,{data:{user:i.user,session:i},error:null}];case 7:if(z(d=s.sent()))return[2,{data:{session:null,user:null},error:d}];throw d;case 8:return[2]}}))}))},t.prototype._saveSession=function(e){return i(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return this._debug("#_saveSession()",e),this._session=e,[4,y(this.storage,this.storageKey,e)];case 1:return t.sent(),[2]}}))}))},t.prototype._getUser=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:if(!e)throw new Error("Cannot fetch user without token");return this._debug("#_getUser() begin"),[4,b("".concat(this.domainUrl,"/me"),{token:e})];case 1:return t=r.sent(),this._debug("#_getUser() end"),[2,{data:t.data,error:t.error}]}}))}))},t.prototype._callRefreshToken=function(e){return i(this,void 0,void 0,(function(){var t,r,n,i,o,a,c,u;return s(this,(function(s){switch(s.label){case 0:if(!e)throw new q;if(this.refreshingDeferred)return[2,this.refreshingDeferred.promise];t="#_callRefreshToken(".concat(e.substring(0,5),"...)"),this._debug(t,"begin"),s.label=1;case 1:return s.trys.push([1,5,10,11]),this.refreshingDeferred=new U,[4,(l=this._refreshAccessToken(e),h=3e4,d="Token refresh timed out",v=new Promise((function(e,t){f=setTimeout((function(){return t(new Error(d))}),h)})),Promise.race([l.finally((function(){void 0!==f&&clearTimeout(f)})),v]))];case 2:if(r=s.sent(),n=r.data,i=r.error)throw i;if(!n.session)throw new q;return[4,this._saveSession(n.session)];case 3:return s.sent(),[4,this._notifyAllSubscribers("TOKEN_REFRESHED",n.session)];case 4:return s.sent(),a={session:n.session,error:null},this.refreshingDeferred.resolve(a),[2,a];case 5:return o=s.sent(),this._debug(t,"error",o),z(o)?(a={session:null,error:o},V(o)?[3,8]:[4,this._removeSession()]):[3,9];case 6:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_OUT",null)];case 7:s.sent(),s.label=8;case 8:return null===(c=this.refreshingDeferred)||void 0===c||c.resolve(a),[2,a];case 9:throw null===(u=this.refreshingDeferred)||void 0===u||u.reject(o),o;case 10:return this.refreshingDeferred=null,this._debug(t,"end"),[7];case 11:return[2]}var l,h,d,f,v}))}))},t.prototype._refreshAccessToken=function(e){return i(this,void 0,void 0,(function(){var t,r,o,a=this;return s(this,(function(c){switch(c.label){case 0:t="#_refreshAccessToken(".concat(e.substring(0,5),"...)"),this._debug(t,"begin"),c.label=1;case 1:return c.trys.push([1,3,4,5]),r=Date.now(),[4,P((function(r){return i(a,void 0,void 0,(function(){var i,o,a,c,u,l,h;return s(this,(function(s){switch(s.label){case 0:return r>0?[4,L(200*Math.pow(2,r-1))]:[3,2];case 1:s.sent(),s.label=2;case 2:return this._debug(t,"refreshing attempt",r),[4,p("".concat(this.domainUrl,"/oauth/token"),{client_id:this.clientId,grant_type:"refresh_token",refresh_token:e})];case 3:if((i=s.sent()).error)throw new M("Refresh token request failed: ".concat(i.error),i.error);if(o=E(i),!(null===(l=o.data.session)||void 0===l?void 0:l.access_token))throw new F;return[4,this._getUser(null===(h=o.data.session)||void 0===h?void 0:h.access_token)];case 4:if(a=s.sent(),c=a.data,u=a.error)throw new M("Could not fetch user info",u);if(!c)throw new M("Refresh response missing user",null);return[2,{data:{session:n(n({},o.data.session),{user:c}),user:c},error:null}]}}))}))}),(function(e,t){var n=200*Math.pow(2,e);return t&&V(t)&&Date.now()+n-r<ne}))];case 2:return[2,c.sent()];case 3:if(o=c.sent(),this._debug(t,"error",o),z(o))return[2,{data:{session:null,user:null},error:o}];throw o;case 4:return this._debug(t,"end"),[7];case 5:return[2]}}))}))},t.prototype._notifyAllSubscribers=function(e,t){return i(this,arguments,void 0,(function(e,t,r){var n;return void 0===r&&(r=!0),s(this,(function(i){switch(i.label){case 0:n="#_notifyAllSubscribers(".concat(e,")"),this._debug(n,"begin",t,"broadcast = ".concat(r)),i.label=1;case 1:return i.trys.push([1,,3,4]),[4,this.broadcastSync.notify(e,t,r)];case 2:return i.sent(),[3,4];case 3:return this._debug(n,"end"),[7];case 4:return[2]}}))}))},t.prototype.signOut=function(){return i(this,arguments,void 0,(function(e){var t=this;return void 0===e&&(e={scope:"global"}),s(this,(function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,(function(){return i(t,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._signOut(e)];case 1:return[2,t.sent()]}}))}))}))];case 2:return[2,r.sent()]}}))}))},t.prototype._signOut=function(){return i(this,arguments,void 0,(function(e){var t=this,r=(void 0===e?{scope:"global"}:e).scope;return s(this,(function(e){switch(e.label){case 0:return[4,this._useSession((function(e){return i(t,void 0,void 0,(function(){var t,n,i,o;return s(this,(function(s){switch(s.label){case 0:return t=e.data,(n=e.error)?[2,{error:n}]:(null===(o=t.session)||void 0===o?void 0:o.access_token)?[4,this.api.signOut({client_id:this.clientId})]:[3,2];case 1:if((i=s.sent().error)&&(!function(e){return z(e)&&"AuthApiError"===e.name}(i)||404!==i.status&&401!==i.status))return[2,{error:i}];s.label=2;case 2:return"others"===r?[3,6]:[4,this._removeSession()];case 3:return s.sent(),[4,this.storage.removeItem("".concat(this.storageKey,"-code-verifier"))];case 4:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_OUT",null)];case 5:s.sent(),s.label=6;case 6:return[2,{error:null}]}}))}))}))];case 1:return[2,e.sent()]}}))}))},t.prototype.onAuthStateChange=function(e){var t=this,r=this.broadcastSync.subscribe(e).subscription;return this._debug("#onAuthStateChange()","registered callback with id",r.id),i(t,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return[4,this.initializePromise];case 1:return t.sent(),[4,this.lock._acquireLock(-1,(function(){return i(e,void 0,void 0,(function(){return s(this,(function(e){return this._emitInitialSession(r),[2]}))}))}))];case 2:return t.sent(),[2]}}))})),{data:{subscription:r}}},t.prototype._emitInitialSession=function(e){return i(this,void 0,void 0,(function(){var t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this._useSession((function(r){return i(t,void 0,void 0,(function(){var t,n,i;return s(this,(function(s){switch(s.label){case 0:if(s.trys.push([0,2,,4]),t=r.data.session,n=r.error)throw n;return[4,e.callback("INITIAL_SESSION",t)];case 1:return s.sent(),this._debug("INITIAL_SESSION","callback id",e.id,"session",t),[3,4];case 2:return i=s.sent(),[4,e.callback("INITIAL_SESSION",null)];case 3:return s.sent(),this._debug("INITIAL_SESSION","callback id",e.id,"error",i),console.error(i),[3,4];case 4:return[2]}}))}))}))];case 1:return[2,r.sent()]}}))}))},t.prototype.refreshSession=function(e){return i(this,void 0,void 0,(function(){var t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,(function(){return i(t,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._refreshSession(e)];case 1:return[2,t.sent()]}}))}))}))];case 2:return[2,r.sent()]}}))}))},t.prototype._refreshSession=function(e){return i(this,void 0,void 0,(function(){var t,r=this;return s(this,(function(n){switch(n.label){case 0:return n.trys.push([0,2,,3]),[4,this._useSession((function(t){return i(r,void 0,void 0,(function(){var r,n,i,o,a,c;return s(this,(function(s){switch(s.label){case 0:if(!e){if(r=t.data,n=t.error)throw n;e=null!==(c=r.session)&&void 0!==c?c:void 0}if(!(null==e?void 0:e.refresh_token))throw new q;return[4,this._callRefreshToken(e.refresh_token)];case 1:return i=s.sent(),o=i.session,(a=i.error)?[2,{data:{user:null,session:null},error:a}]:o?[2,{data:{user:o.user,session:o},error:null}]:[2,{data:{user:null,session:null},error:null}]}}))}))}))];case 1:return[2,n.sent()];case 2:if(z(t=n.sent()))return[2,{data:{user:null,session:null},error:t}];throw t;case 3:return[2]}}))}))},t}(c),se=function(){};e.AuthError=D,e.FaableAuthClient=ie,e.User=se,e.cookieStorageAdapter=Y,e.createClient=function(e){return new ie(e)},e.getSessionFromCookies=function(e,t){var r,n;if(!(n="function"==typeof e.get?null===(r=e.get(t))||void 0===r?void 0:r.value:e[t]))return null;try{return JSON.parse(decodeURIComponent(n))}catch(e){return console.error("Failed to parse session from cookie",e),null}}}({});
6
+ !function(e){"use strict";var t=function(e,r){return t=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var r in t)Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r])},t(e,r)};function r(e,r){if("function"!=typeof r&&null!==r)throw new TypeError("Class extends value "+String(r)+" is not a constructor or null");function n(){this.constructor=e}t(e,r),e.prototype=null===r?Object.create(r):(n.prototype=r.prototype,new n)}var n=function(){return n=Object.assign||function(e){for(var t,r=1,n=arguments.length;r<n;r++)for(var i in t=arguments[r])Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i]);return e},n.apply(this,arguments)};function i(e,t,r,n){return new(r||(r=Promise))((function(i,s){function o(e){try{c(n.next(e))}catch(e){s(e)}}function a(e){try{c(n.throw(e))}catch(e){s(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(o,a)}c((n=n.apply(e,t||[])).next())}))}function s(e,t){var r,n,i,s={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]},o=Object.create(("function"==typeof Iterator?Iterator:Object).prototype);return o.next=a(0),o.throw=a(1),o.return=a(2),"function"==typeof Symbol&&(o[Symbol.iterator]=function(){return this}),o;function a(a){return function(c){return function(a){if(r)throw new TypeError("Generator is already executing.");for(;o&&(o=0,a[0]&&(s=0)),s;)try{if(r=1,n&&(i=2&a[0]?n.return:a[0]?n.throw||((i=n.return)&&i.call(n),0):n.next)&&!(i=i.call(n,a[1])).done)return i;switch(n=0,i&&(a=[2&a[0],i.value]),a[0]){case 0:case 1:i=a;break;case 4:return s.label++,{value:a[1],done:!1};case 5:s.label++,n=a[1],a=[0];continue;case 7:a=s.ops.pop(),s.trys.pop();continue;default:if(!(i=s.trys,(i=i.length>0&&i[i.length-1])||6!==a[0]&&2!==a[0])){s=0;continue}if(3===a[0]&&(!i||a[1]>i[0]&&a[1]<i[3])){s.label=a[1];break}if(6===a[0]&&s.label<i[1]){s.label=i[1],i=a;break}if(i&&s.label<i[2]){s.label=i[2],s.ops.push(a);break}i[2]&&s.ops.pop(),s.trys.pop();continue}a=t.call(e,s)}catch(e){a=[6,e],n=0}finally{r=i=0}if(5&a[0])throw a[1];return{value:a[0]?a[1]:void 0,done:!0}}([a,c])}}}function o(e,t,r){if(r||2===arguments.length)for(var n,i=0,s=t.length;i<s;i++)!n&&i in t||(n||(n=Array.prototype.slice.call(t,0,i)),n[i]=t[i]);return e.concat(n||Array.prototype.slice.call(t))}"function"==typeof SuppressedError&&SuppressedError;var a=function(){function e(e){void 0===e&&(e={}),this.logger=console.log,this.logDebugMessages=!!e.debug,"function"==typeof e.debug&&(this.logger=e.debug)}return e.prototype._debug=function(){for(var e=[],t=0;t<arguments.length;t++)e[t]=arguments[t];if(this.logDebugMessages){var r=this.extraPrint?this.extraPrint():"";this.logger.apply(this,o(["FaableAuth@".concat(r," (").concat("0.0.0",") ").concat((new Date).toISOString())],e,!1))}return this},e}(),c=function(e){function t(r){void 0===r&&(r={});var n=e.call(this,r)||this;return n.instanceID=t.nextInstanceID,t.nextInstanceID+=1,n}return r(t,e),t.prototype.extraPrint=function(){return this.instanceID.toString()},t.nextInstanceID=0,t}(a),u="undefined"!=typeof window?window:void 0,l="undefined"!=typeof globalThis?globalThis:u,h=null==l?void 0:l.document,d=l.fetch,f=function(e){void 0===e&&(e={});var t={};return(null==e?void 0:e.token)&&(t=n(n({},t),{Authorization:"Bearer ".concat(null==e?void 0:e.token)})),n(n({},null==e?void 0:e.headers),t)},v=function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i(void 0,o([e],t,!0),void 0,(function(e,t){var r,n,i;return void 0===t&&(t={}),s(this,(function(s){switch(s.label){case 0:return t.raw?[4,e.text()]:[3,2];case 1:return n=s.sent(),[3,4];case 2:return[4,e.json()];case 3:n=s.sent(),s.label=4;case 4:return r=n,e.status>=300?[2,{data:r,error:t.raw?null===(i=JSON.parse(r))||void 0===i?void 0:i.message:null==r?void 0:r.message}]:[2,{data:r,error:null}]}}))}))},p=function(e,t){for(var r=[],a=2;a<arguments.length;a++)r[a-2]=arguments[a];return i(void 0,o([e,t],r,!0),void 0,(function(e,t,r){var i;return void 0===r&&(r={}),s(this,(function(s){switch(s.label){case 0:return s.trys.push([0,3,,4]),[4,d(e,{method:"POST",body:JSON.stringify(t),headers:n(n({},f(r)),{"Content-Type":"application/json"})})];case 1:return i=s.sent(),[4,v(i,r)];case 2:return[2,s.sent()];case 3:return[2,{data:null,error:s.sent()}];case 4:return[2]}}))}))},b=function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i(void 0,o([e],t,!0),void 0,(function(e,t){var r;return void 0===t&&(t={}),s(this,(function(i){switch(i.label){case 0:return i.trys.push([0,3,,4]),[4,d(e,n(n({},t),{method:"GET",headers:f(t)}))];case 1:return r=i.sent(),[4,v(r,t)];case 2:return[2,i.sent()];case 3:return[2,{data:null,error:i.sent()}];case 4:return[2]}}))}))},g=function(e){function t(t,r){var n=e.call(this,r)||this;return n.base_url=t,n}return r(t,e),t.prototype.extraPrint=function(){return"api"},t.prototype.signOut=function(e){return i(this,void 0,void 0,(function(){var t,r;return s(this,(function(n){switch(n.label){case 0:return t="".concat(this.base_url,"/logout?").concat(new URLSearchParams(e)),this._debug("requesting ".concat(t)),[4,b(t)];case 1:return r=n.sent(),this._debug(r),r.error?[2,{error:r.error,data:null}]:[2,{error:null,data:null}]}}))}))},t}(a),_=function(e,t){return e.response_type||(t?"code":"token")},y=function(e,t,r){return i(void 0,void 0,void 0,(function(){return s(this,(function(n){switch(n.label){case 0:return[4,e.setItem(t,JSON.stringify(r))];case 1:return n.sent(),[2]}}))}))},w=function(e,t){return i(void 0,void 0,void 0,(function(){var r;return s(this,(function(n){switch(n.label){case 0:return[4,e.getItem(t)];case 1:if(!(r=n.sent()))return[2,null];try{return[2,JSON.parse(r)]}catch(e){return[2,r]}return[2]}}))}))},m=function(e,t,r){return i(void 0,[e,t,r],void 0,(function(e,t,r){var n,i=r.verifier,o=r.redirectType,a=r.now,c=void 0===a?Date.now():a;return s(this,(function(r){switch(r.label){case 0:return n={verifier:i,createdAt:c},o&&(n.redirectType=o),[4,y(e,t,n)];case 1:return r.sent(),[2]}}))}))},k=function(e,t){for(var r=[],n=2;n<arguments.length;n++)r[n-2]=arguments[n];return i(void 0,o([e,t],r,!0),void 0,(function(e,t,r){var n,i=(void 0===r?{}:r).now,o=void 0===i?Date.now():i;return s(this,(function(r){switch(r.label){case 0:return[4,w(e,t)];case 1:return n=r.sent(),"object"!=typeof(i=n)||null===i||"string"!=typeof i.verifier||"number"!=typeof i.createdAt?[2,null]:o-n.createdAt>6e5?[4,e.removeItem(t)]:[3,3];case 2:return r.sent(),[2,null];case 3:return[2,n.redirectType?{verifier:n.verifier,redirectType:n.redirectType}:{verifier:n.verifier}]}var i}))}))};function S(e){return("0"+e.toString(16)).substr(-2)}function T(e){return i(this,void 0,void 0,(function(){var t,r,n,i;return s(this,(function(s){switch(s.label){case 0:return t=new TextEncoder,r=t.encode(e),[4,crypto.subtle.digest("SHA-256",r)];case 1:return n=s.sent(),i=new Uint8Array(n),[2,Array.from(i).map((function(e){return String.fromCharCode(e)})).join("")]}}))}))}function I(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:return"undefined"!=typeof crypto&&void 0!==crypto.subtle&&"undefined"!=typeof TextEncoder?[4,T(e)]:(console.warn("WebCrypto API is not supported. Code challenge method will default to use plain instead of sha256."),[2,e]);case 1:return t=r.sent(),[2,(n=t,btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""))]}var n}))}))}function x(e,t){return i(this,arguments,void 0,(function(e,t,r){var n,i;return void 0===r&&(r=!1),s(this,(function(s){switch(s.label){case 0:return n=function(){if("undefined"==typeof crypto||"function"!=typeof crypto.getRandomValues)throw new Error("Web Crypto API is required to generate a PKCE code verifier");var e=new Uint32Array(56);return crypto.getRandomValues(e),Array.from(e,S).join("")}(),[4,m(e,"".concat(t,"-code-verifier"),{verifier:n,redirectType:r?"PASSWORD_RECOVERY":void 0})];case 1:return s.sent(),[4,I(n)];case 2:return[2,[i=s.sent(),n===i?"plain":"S256"]]}}))}))}var A=function(){return"undefined"!=typeof document},R={tested:!1,writable:!1},E=function(){if(!A())return!1;try{if("object"!=typeof globalThis.localStorage)return!1}catch(e){return!1}if(R.tested)return R.writable;var e="lswt-".concat(Math.random()).concat(Math.random());try{globalThis.localStorage.setItem(e,e),globalThis.localStorage.removeItem(e),R.tested=!0,R.writable=!0}catch(e){R.tested=!0,R.writable=!1}return R.writable};function C(e){var t,r,i=e.data,s=null;if(!i)throw new Error("Bad session response");return function(e){return!!e.access_token&&!!e.refresh_token&&!!e.expires_in}(i)&&(s=n({},i),!i.expires_at&&i.expires_in&&(s.expires_at=(r=i.expires_in,Math.round(Date.now()/1e3)+r))),{data:{session:s,user:null!==(t=i.user)&&void 0!==t?t:i},error:null}}var U=function(){function e(){var t=this;this.promise=new e.promiseConstructor((function(e,r){t.resolve=e,t.reject=r}))}return e.promiseConstructor=Promise,e}();function P(e,t){var r=this;return new Promise((function(n,o){i(r,void 0,void 0,(function(){var r,i,a;return s(this,(function(s){switch(s.label){case 0:r=0,s.label=1;case 1:if(!(r<1/0))return[3,6];s.label=2;case 2:return s.trys.push([2,4,,5]),[4,e(r)];case 3:return i=s.sent(),t(r,null,i)?[3,5]:(n(i),[2]);case 4:return a=s.sent(),t(r,a)?[3,5]:(o(a),[2]);case 5:return r++,[3,1];case 6:return[2]}}))}))}))}function L(e){return i(this,void 0,void 0,(function(){return s(this,(function(t){return[2,new Promise((function(t){setTimeout((function(){return t(null)}),e)}))]}))}))}var O=function(){function e(e,t){var r=this;if(this.debug=t,this.channel=null,this.subscribers=new Map,"undefined"!=typeof globalThis&&"function"==typeof globalThis.BroadcastChannel&&e)try{this.channel=new globalThis.BroadcastChannel(e),this.channel.addEventListener("message",(function(e){return i(r,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return this.debug("broadcast_sync: received notification from another tab",e),[4,this.dispatch(e.data.event,e.data.session,!1)];case 1:return t.sent(),[2]}}))}))}))}catch(e){console.error("Failed to create BroadcastChannel; cross-tab sync disabled",e)}}return e.prototype.subscribe=function(e){var t=this,r="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,(function(e){var t=16*Math.random()|0;return("x"==e?t:3&t|8).toString(16)})),n={id:r,callback:e,unsubscribe:function(){t.subscribers.delete(r)}};return this.subscribers.set(r,n),{subscription:n}},e.prototype.notify=function(e,t){return i(this,arguments,void 0,(function(e,t,r){return void 0===r&&(r=!0),s(this,(function(n){switch(n.label){case 0:return r&&this.channel&&this.channel.postMessage({event:e,session:t}),[4,this.dispatch(e,t,r)];case 1:return n.sent(),[2]}}))}))},e.prototype.dispatch=function(e,t,r){return i(this,void 0,void 0,(function(){var r,n,o,a=this;return s(this,(function(c){switch(c.label){case 0:return r=[],n=Array.from(this.subscribers.values()).map((function(n){return i(a,void 0,void 0,(function(){var i;return s(this,(function(s){switch(s.label){case 0:return s.trys.push([0,2,,3]),[4,n.callback(e,t)];case 1:return s.sent(),[3,3];case 2:return i=s.sent(),r.push(i),[3,3];case 3:return[2]}}))}))})),[4,Promise.all(n)];case 1:if(c.sent(),r.length>0){for(o=0;o<r.length;o+=1)console.error(r[o]);throw r[0]}return[2]}}))}))},e.prototype.close=function(){var e;this.subscribers.clear();try{null===(e=this.channel)||void 0===e||e.close()}catch(e){}this.channel=null},e}(),D="faableauth",N=function(e){function t(t,r,n){var i=e.call(this,t)||this;return i.__isAuthError=!0,i.name="AuthError",i.status=r,i.code=n,i}return r(t,e),t}(Error),q=function(e){function t(t,r,n,i){var s=e.call(this,t,n,i)||this;return s.name=r,s.status=n,s}return r(t,e),t}(N),z=function(e){function t(){return e.call(this,"Auth session missing!","AuthSessionMissingError",400,void 0)||this}return r(t,e),t}(q);function j(e){return"object"==typeof e&&null!==e&&"__isAuthError"in e}!function(e){function t(t,r,n){var i=e.call(this,t,r,n)||this;return i.name="AuthApiError",i.status=r,i.code=n,i}r(t,e)}(N);var K=function(e){function t(t,r){void 0===r&&(r=null);var n=e.call(this,t,"AuthImplicitGrantRedirectError",500,void 0)||this;return n.details=null,n.details=r,n}return r(t,e),t.prototype.toJSON=function(){return{name:this.name,message:this.message,status:this.status,details:this.details}},t}(q),M=function(e){function t(t,r){void 0===r&&(r=null);var n=e.call(this,t,"AuthPKCEGrantCodeExchangeError",500,void 0)||this;return n.details=null,n.details=r,n}return r(t,e),t.prototype.toJSON=function(){return{name:this.name,message:this.message,status:this.status,details:this.details}},t}(q),F=function(e){function t(t,r){var n=e.call(this,t)||this;return n.name="AuthUnknownError",n.originalError=r,n}return r(t,e),t}(N),V=function(e){function t(){return e.call(this,"Auth session or user missing","AuthInvalidTokenResponseError",500,void 0)||this}return r(t,e),t}(q);function W(e){return j(e)&&"AuthRetryableFetchError"===e.name}function G(){if(!u)throw new Error("No window in environment");return u}!function(e){function t(t,r){return e.call(this,t,"AuthRetryableFetchError",r,void 0)||this}r(t,e)}(q);var J={redirect:function(e){G().location=e},getDocument:function(){return G().document},getWindow:G};function B(e){var t=e.split(".");if(3!==t.length)throw new Error("JWT is not valid: not a JWT structure");if(!/^([a-z0-9_-]{4})*($|[a-z0-9_-]{3}=?$|[a-z0-9_-]{2}(==)?$)$/i.test(t[1]))throw new Error("JWT is not valid: payload is not in base64url format");var r=t[1];return JSON.parse(function(e){var t,r,n,i,s,o,a="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",c="",u=0;for(e=e.replace("-","+").replace("_","/");u<e.length;)t=a.indexOf(e.charAt(u++))<<2|(i=a.indexOf(e.charAt(u++)))>>4,r=(15&i)<<4|(s=a.indexOf(e.charAt(u++)))>>2,n=(3&s)<<6|(o=a.indexOf(e.charAt(u++))),c+=String.fromCharCode(t),64!=s&&0!=r&&(c+=String.fromCharCode(r)),64!=o&&0!=n&&(c+=String.fromCharCode(n));return c}(r))}var $=function(e,t){if(!e)return null;var r="function"==typeof e.get?function(t){var r;return null===(r=e.get(t))||void 0===r?void 0:r.value}:function(t){return e[t]},n=r(t);if(n)return n;for(var i=[],s=0;;s++){var o=r("".concat(t,".").concat(s));if(!o)break;i.push(o)}return i.length?i.join(""):null},H=function(e){return"object"==typeof e&&null!==e&&"access_token"in e&&"refresh_token"in e&&"expires_at"in e},Y=function(e){var t=new Map;if(!e)return t;for(var r=0,n=e.split(";");r<n.length;r++){var i=n[r].trim();if(i){var s=i.indexOf("=");if(!(s<0)){var o=Q(i.slice(0,s).trim()),a=Q(i.slice(s+1).trim());o&&t.set(o,a)}}}return t},Q=function(e){try{return decodeURIComponent(e)}catch(t){return e}},X=function(e,t,r){var n="".concat(encodeURIComponent(e),"=").concat(encodeURIComponent(t));return void 0!==r.maxAge&&(n+="; Max-Age=".concat(r.maxAge)),r.domain&&(n+="; Domain=".concat(r.domain)),r.path&&(n+="; Path=".concat(r.path)),r.sameSite&&(n+="; SameSite=".concat(r.sameSite)),(!0===r.secure||"None"===r.sameSite)&&(n+="; Secure"),n},Z=function(e,t){return X(e,"",{domain:t.domain,path:t.path,sameSite:t.sameSite,secure:t.secure,maxAge:0})},ee=3200,te=function(e,t){return"".concat(e,".").concat(t)},re=function(e,t){var r="".concat(t,"."),n=[];return e.forEach((function(e,t){if(t.startsWith(r)){var i=t.slice(r.length);/^\d+$/.test(i)&&n.push({name:t,idx:Number(i)})}})),n.sort((function(e,t){return e.idx-t.idx})),n.map((function(e){return e.name}))},ne=function(e,t){void 0===e&&(e={}),void 0===t&&(t=A()?document:null);var r=n({path:"/",sameSite:"Lax",secure:A()&&"https:"===window.location.protocol,maxAge:2592e3},e);return{getItem:function(e){return t?function(e,t){var r=e.get(t);if(void 0!==r)return r;var n=re(e,t);return 0===n.length?null:n.map((function(t){return e.get(t)})).join("")}(Y(t.cookie),e):null},setItem:function(e,n){if(t){var i=Y(t.cookie);if(n.length<=ee){for(var s=0,o=re(i,e);s<o.length;s++){var a=o[s];t.cookie=Z(a,r)}t.cookie=X(e,n,r)}else{i.has(e)&&(t.cookie=Z(e,r));for(var c=Math.ceil(n.length/ee),u=0,l=re(i,e);u<l.length;u++){var h=l[u];Number(h.slice(e.length+1))>=c&&(t.cookie=Z(h,r))}for(var d=0,f=0;d<n.length;d+=ee,f++){var v=n.slice(d,d+ee);t.cookie=X(te(e,f),v,r)}}}},removeItem:function(e){if(t){var n=Y(t.cookie);t.cookie=Z(e,r);for(var i=0,s=re(n,e);i<s.length;i++){var o=s[i];t.cookie=Z(o,r)}}}}},ie={getItem:function(e){return E()?globalThis.localStorage.getItem(e):null},setItem:function(e,t){E()&&globalThis.localStorage.setItem(e,t)},removeItem:function(e){E()&&globalThis.localStorage.removeItem(e)}};function se(e){void 0===e&&(e="");var t={},r=new URL(e);if(r.hash&&"#"===r.hash[0])try{new URLSearchParams(r.hash.substring(1)).forEach((function(e,r){t[r]=e}))}catch(e){}return r.searchParams.forEach((function(e,r){t[r]=e})),t}var oe=function(e){void 0===e&&(e=[]);var t=new URL(window.location.href);e.forEach((function(e){t.searchParams.delete(e)})),t.hash="",window.history.replaceState(window.history.state,"",t.toString())};globalThis&&E()&&globalThis.localStorage&&globalThis.localStorage.getItem("faable.auth.locks.debug");var ae=function(e){function t(t){var r=e.call(this,t)||this;return r.isAcquireTimeout=!0,r}return r(t,e),t}(Error);function ce(e,t,r){return i(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,r()];case 1:return[2,e.sent()]}}))}))}!function(e){function t(){return null!==e&&e.apply(this,arguments)||this}r(t,e)}(ae);var ue=function(e){function t(t){var r=e.call(this,{debug:t.debug})||this;return r.lockAcquired=!1,r.pendingInLock=[],r.lock=t.lock||ce,r.storageKey=t.storageKey,r}return r(t,e),t.prototype._acquireLock=function(e,t){return i(this,void 0,void 0,(function(){var r,n,a=this;return s(this,(function(c){switch(c.label){case 0:this._debug("#_acquireLock","begin",e),c.label=1;case 1:return c.trys.push([1,,3,4]),this.lockAcquired?(r=this.pendingInLock.length?this.pendingInLock[this.pendingInLock.length-1]:Promise.resolve(),n=i(a,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,r];case 1:return e.sent(),[4,t()];case 2:return[2,e.sent()]}}))})),this.pendingInLock.push(i(a,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return e.trys.push([0,2,,3]),[4,n];case 1:case 2:return e.sent(),[3,3];case 3:return[2]}}))}))),[2,n]):[4,this.lock("lock:".concat(this.storageKey),e,(function(){return i(a,void 0,void 0,(function(){var e,r,n=this;return s(this,(function(a){switch(a.label){case 0:this._debug("#_acquireLock","lock acquired for storage key",this.storageKey),a.label=1;case 1:return a.trys.push([1,,7,8]),this.lockAcquired=!0,e=t(),this.pendingInLock.push(i(n,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return t.trys.push([0,2,,3]),[4,e];case 1:case 2:return t.sent(),[3,3];case 3:return[2]}}))}))),[4,e];case 2:a.sent(),a.label=3;case 3:return this.pendingInLock.length?(r=o([],this.pendingInLock,!0),[4,Promise.all(r)]):[3,5];case 4:return a.sent(),this.pendingInLock.splice(0,r.length),[3,3];case 5:return[4,e];case 6:return[2,a.sent()];case 7:return this._debug("#_acquireLock","lock released for storage key",this.storageKey),this.lockAcquired=!1,[7];case 8:return[2]}}))}))}))];case 2:return[2,c.sent()];case 3:return this._debug("#_acquireLock","end"),[7];case 4:return[2]}}))}))},t}(c),le=3e4,he=function(e){function t(t){var r,n,i=this,s=(null==t?void 0:t.debug)||!1;if((i=e.call(this,{debug:s})||this).initializePromise=null,i.detectSessionInUrl=!0,i.autoRefreshTicker=null,i.visibilityChangedCallback=null,i.refreshingDeferred=null,i._session=null,i.sessionCheckExpiryDays=1,i.redirectUri=(null==t?void 0:t.redirectUri)||"",!(null==t?void 0:t.domain))throw new Error("Missing domain");if(i.domainUrl=function(e){if(!/^(https|http)?:\/\//.test(e)){var t=(null===location||void 0===location?void 0:location.protocol)||"https";return"".concat(t,"//").concat(e)}return e}(t.domain),i.tokenIssuer=(n=i.domainUrl,"".concat(n)),!t.clientId)throw new Error("Missing clientId");i.clientId=t.clientId,i.api=new g(i.domainUrl,{debug:s});var a=(null==t?void 0:t.storageKey)||D;return i.storageKey="".concat(a,"-").concat(i.clientId),i.storage=function(e){var t=e.storage,r=e.cookieOptions;return"cookie"===t||r?ne(r):"localStorage"===t||void 0===t?ie:t}(t),i.lock=new ue({lock:t.lock,storageKey:i.storageKey,debug:t.debug}),i.broadcastSync=new O(A()?i.storageKey:"",(function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i._debug.apply(i,o([e],t,!1))})),i.flowType=null!==(r=t.flowType)&&void 0!==r?r:A()?"pkce":"implicit",i.autoRefreshToken=!0,i.initialize(),i}return r(t,e),Object.defineProperty(t.prototype,"session",{get:function(){return this._session},enumerable:!1,configurable:!0}),t.prototype.initialize=function(){return i(this,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return this.initializePromise?[4,this.initializePromise]:[3,2];case 1:case 3:return[2,t.sent()];case 2:return this.initializePromise=i(e,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return[4,this.lock._acquireLock(-1,(function(){return i(e,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,this._initialize()];case 1:return[2,e.sent()]}}))}))}))];case 1:return[2,t.sent()]}}))})),[4,this.initializePromise]}}))}))},t.prototype._initialize=function(){return i(this,void 0,void 0,(function(){var e,t,r,n,o,a,c,u=this;return s(this,(function(l){switch(l.label){case 0:return l.trys.push([0,8,9,11]),[4,this._detectFlowType()];case 1:return e=l.sent(),this._debug("#_initialize()","begin","flow_type",e),e?[4,this._getSessionFromURL(e)]:[3,6];case 2:return t=l.sent(),r=t.data,(n=t.error)?(this._debug("#_initialize()","error detecting session from URL",n),"Identity is already linked"===(null==n?void 0:n.message)||"Identity is already linked to another user"===(null==n?void 0:n.message)?[2,{error:n}]:[4,this._removeSession()]):[3,4];case 3:return l.sent(),[2,{error:n}];case 4:return o=r.session,a=r.redirectType,this._debug("#_initialize()","detected session in URL",o,"redirect type",a),[4,this._saveSession(o)];case 5:return l.sent(),setTimeout((function(){return i(u,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return"recovery"!==a?[3,2]:[4,this._notifyAllSubscribers("PASSWORD_RECOVERY",o)];case 1:return e.sent(),[3,4];case 2:return[4,this._notifyAllSubscribers("SIGNED_IN",o)];case 3:e.sent(),e.label=4;case 4:return[2]}}))}))}),0),[2,{error:null}];case 6:return[4,this._recoverAndRefresh()];case 7:return l.sent(),[2,{error:null}];case 8:return j(c=l.sent())?[2,{error:c}]:[2,{error:new F("Unexpected error during initialization",c)}];case 9:return[4,this._handleVisibilityChange()];case 10:return l.sent(),this._debug("#_initialize()","end"),[7];case 11:return[2]}}))}))},t.prototype._getSessionFromURL=function(e){return i(this,void 0,void 0,(function(){var t,r,n,i,o,a,c,l,h,d,f,v,p,b,g,_,y,w,m;return s(this,(function(s){switch(s.label){case 0:if(s.trys.push([0,4,,5]),t=se(null==u?void 0:u.location.href),"pkce"!=e)return[3,2];if(!t.code)throw new M("No code detected.");return[4,this._exchangeCodeForSession(t.code)];case 1:if(r=s.sent(),n=r.data,i=r.error)throw i;return oe(["code"]),[2,{data:{session:n.session,redirectType:null},error:null}];case 2:if(t.error||t.error_description||t.error_code)throw new K(t.error_description||"Error in URL with unspecified error_description",{error:t.error||"unspecified_error",code:t.error_code||"unspecified_code"});if(o=t.provider_token,a=t.provider_refresh_token,c=t.access_token,l=t.refresh_token,h=t.expires_in,d=t.expires_at,f=t.token_type,!(c&&h&&l&&f))throw new K("No session defined in URL");return v=function(e){var t=e.expires_in,r=e.expires_at,n=e.refreshTick,i=Math.round(Date.now()/1e3),s=parseInt(t),o=i+s;r&&(o=parseInt(r));var a=o-i;1e3*a<=n&&console.warn("@faable/auth-js: Session as retrieved from URL expires in ".concat(a,"s, should have been closer to ").concat(s,"s"));var c=o-s;return i-c>=120?console.warn("@faable/auth-js: Session as retrieved from URL was issued over 120s ago, URL could be stale",c,o,i):i-c<0&&console.warn("@faable/auth-js: Session as retrieved from URL was issued in the future? Check the device clok for skew",c,o,i),{expiresIn:s,expiresAt:o}}({expires_in:h,expires_at:d,refreshTick:le}),p=v.expiresAt,b=v.expiresIn,[4,this._getUser(c)];case 3:if(g=s.sent(),_=g.data,(y=g.error)||!_)throw y;return w={provider_token:o,provider_refresh_token:a,access_token:c,expires_in:b,expires_at:p,refresh_token:l,token_type:f,user:_},oe(["access_token","expires_in","refresh_token","token_type","scope"]),this._debug("#_getSessionFromURL()","clearing window.location.hash"),[2,{data:{session:w,redirectType:t.type},error:null}];case 4:if(m=s.sent(),this._debug(m),j(m))return[2,{data:{session:null,redirectType:null},error:m}];throw m;case 5:return[2]}}))}))},t.prototype._exchangeCodeForSession=function(e){return i(this,void 0,void 0,(function(){var t,r,i,o,a,c,u,l,h,d,f,v;return s(this,(function(s){switch(s.label){case 0:return[4,k(this.storage,"".concat(this.storageKey,"-code-verifier"))];case 1:return(t=s.sent())?(r=t.verifier,i=t.redirectType,o=void 0===i?null:i,[4,p("".concat(this.domainUrl,"/oauth/token"),{client_id:this.clientId,grant_type:"authorization_code",code:e,code_verifier:r})]):[2,{data:{user:null,session:null,redirectType:null},error:new M("No active PKCE code verifier — the authorization flow has expired or was not started")}];case 2:if(a=s.sent(),c=C(a),u=c.data,l=c.error,!u)throw new Error("Missing data");return[4,this.storage.removeItem("".concat(this.storageKey,"-code-verifier"))];case 3:return s.sent(),l?[2,{data:{user:null,session:null,redirectType:null},error:l}]:u&&u.session&&u.user?(h=u.session)?[4,this._getUser(h.access_token)]:[3,7]:[2,{data:{user:null,session:null,redirectType:null},error:new V}];case 4:if(d=s.sent(),f=d.data,(v=d.error)||!f)throw v;return h=n(n({},h),{user:f}),u.session=h,[4,this._saveSession(h)];case 5:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",h)];case 6:s.sent(),s.label=7;case 7:return[2,{data:n(n({},u),{redirectType:null!=o?o:null}),error:l}]}}))}))},t.prototype._handleVisibilityChange=function(){return i(this,void 0,void 0,(function(){var e,t=this;return s(this,(function(r){switch(r.label){case 0:if(this._debug("#_handleVisibilityChange()"),!A()||!(null==u?void 0:u.addEventListener))return this.autoRefreshToken&&this.startAutoRefresh(),[2,!1];r.label=1;case 1:return r.trys.push([1,3,,4]),this.visibilityChangedCallback=function(){return i(t,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,this._onVisibilityChanged(!1)];case 1:return[2,e.sent()]}}))}))},null==u||u.addEventListener("visibilitychange",this.visibilityChangedCallback),[4,this._onVisibilityChanged(!0)];case 2:return r.sent(),[3,4];case 3:return e=r.sent(),console.error("_handleVisibilityChange",e),[3,4];case 4:return[2]}}))}))},t.prototype._onVisibilityChanged=function(e){return i(this,void 0,void 0,(function(){var t,r=this;return s(this,(function(n){switch(n.label){case 0:return t="#_onVisibilityChanged(".concat(e,")"),this._debug(t,"visibilityState",h.visibilityState),"visible"!==h.visibilityState?[3,4]:(this.autoRefreshToken&&this._startAutoRefresh(),e?[3,3]:[4,this.initializePromise]);case 1:return n.sent(),[4,this.lock._acquireLock(-1,(function(){return i(r,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return"visible"!==h.visibilityState?(this._debug(t,"acquired the lock to recover the session, but the browser visibilityState is no longer visible, aborting"),[2]):[4,this._recoverAndRefresh()];case 1:return e.sent(),[2]}}))}))}))];case 2:n.sent(),n.label=3;case 3:return[3,5];case 4:"hidden"===h.visibilityState&&this.autoRefreshToken&&this._stopAutoRefresh(),n.label=5;case 5:return[2]}}))}))},t.prototype._recoverAndRefresh=function(){return i(this,void 0,void 0,(function(){var e,t,r,n,i,o,a;return s(this,(function(s){switch(s.label){case 0:e="#_recoverAndRefresh()",this._debug(e,"begin"),s.label=1;case 1:return s.trys.push([1,12,13,14]),[4,w(this.storage,this.storageKey)];case 2:return t=s.sent(),this._debug(e,"session from storage",t),H(t)?[3,5]:(this._debug(e,"session is not valid"),null===t?[3,4]:[4,this._removeSession()]);case 3:s.sent(),s.label=4;case 4:return[2];case 5:return r=Math.round(Date.now()/1e3),n=(null!==(a=t.expires_at)&&void 0!==a?a:1/0)<r+10,this._debug(e,"session has".concat(n?"":" not"," expired with margin of ").concat(10,"s")),n?this.autoRefreshToken&&t.refresh_token?[4,this._callRefreshToken(t.refresh_token)]:[3,8]:[3,9];case 6:return(i=s.sent().error)?(console.error(i),W(i)?[3,8]:(this._debug(e,"refresh failed with a non-retryable error, removing the session",i),[4,this._removeSession()])):[3,8];case 7:s.sent(),s.label=8;case 8:return[3,11];case 9:return this._session=t,[4,this._notifyAllSubscribers("SIGNED_IN",t)];case 10:s.sent(),s.label=11;case 11:return[3,14];case 12:return o=s.sent(),this._debug(e,"error",o),console.error(o),[2];case 13:return this._debug(e,"end"),[7];case 14:return[2]}}))}))},t.prototype._removeVisibilityChangedCallback=function(){this._debug("#_removeVisibilityChangedCallback()");var e=this.visibilityChangedCallback;this.visibilityChangedCallback=null;try{e&&A()&&(null==u?void 0:u.removeEventListener)&&u.removeEventListener("visibilitychange",e)}catch(e){console.error("removing visibilitychange callback failed",e)}},t.prototype.startAutoRefresh=function(){return i(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return this._removeVisibilityChangedCallback(),[4,this._startAutoRefresh()];case 1:return e.sent(),[2]}}))}))},t.prototype._startAutoRefresh=function(){return i(this,void 0,void 0,(function(){var e,t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this._stopAutoRefresh()];case 1:return r.sent(),this._debug("#_startAutoRefresh()"),e=setInterval((function(){return t._autoRefreshTokenTick()}),le),this.autoRefreshTicker=e,e&&"object"==typeof e&&"function"==typeof e.unref?e.unref():void 0!==globalThis.Deno&&"function"==typeof globalThis.Deno.unrefTimer&&globalThis.Deno.unrefTimer(e),setTimeout((function(){return i(t,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,this.initializePromise];case 1:return e.sent(),[4,this._autoRefreshTokenTick()];case 2:return e.sent(),[2]}}))}))}),0),[2]}}))}))},t.prototype._stopAutoRefresh=function(){return i(this,void 0,void 0,(function(){var e;return s(this,(function(t){return this._debug("#_stopAutoRefresh()"),e=this.autoRefreshTicker,this.autoRefreshTicker=null,e&&clearInterval(e),[2]}))}))},t.prototype._autoRefreshTokenTick=function(){return i(this,void 0,void 0,(function(){var e,t=this;return s(this,(function(r){switch(r.label){case 0:this._debug("#_autoRefreshTokenTick()","begin"),r.label=1;case 1:return r.trys.push([1,3,,4]),[4,this.lock._acquireLock(0,(function(){return i(t,void 0,void 0,(function(){var e,t,r=this;return s(this,(function(n){switch(n.label){case 0:n.trys.push([0,,5,6]),e=Date.now(),n.label=1;case 1:return n.trys.push([1,3,,4]),[4,this._useSession((function(t){return i(r,void 0,void 0,(function(){var r,n;return s(this,(function(i){switch(i.label){case 0:return(r=t.data.session)&&r.refresh_token&&r.expires_at?(n=Math.floor((1e3*r.expires_at-e)/le),this._debug("#_autoRefreshTokenTick()","access token expires in ".concat(n," ticks, a tick lasts ").concat(le,"ms, refresh threshold is ").concat(3," ticks")),n<=3?[4,this._callRefreshToken(r.refresh_token)]:[3,2]):(this._debug("#_autoRefreshTokenTick()","no session"),[2]);case 1:i.sent(),i.label=2;case 2:return[2]}}))}))}))];case 2:return[2,n.sent()];case 3:return t=n.sent(),console.error("Auto refresh tick failed with error. This is likely a transient error.",t),[3,4];case 4:return[3,6];case 5:return this._debug("#_autoRefreshTokenTick()","end"),[7];case 6:return[2]}}))}))}))];case 2:return r.sent(),[3,4];case 3:if(!((e=r.sent()).isAcquireTimeout||e instanceof ae))throw e;return this._debug("auto refresh token tick lock not available"),[3,4];case 4:return[2]}}))}))},t.prototype._detectFlowType=function(){return i(this,void 0,void 0,(function(){var e,t;return s(this,(function(r){return e=se(null==u?void 0:u.location.href),(t=A())&&e.code?[2,"pkce"]:t&&(e.access_token||e.error_description)?[2,"implicit"]:[2,null]}))}))},t.prototype._scope=function(){return this.scope||"openid profile email"},t.prototype._getUrlForConnection=function(e,t){return i(this,void 0,void 0,(function(){var r,i,o,a,c;return s(this,(function(s){switch(s.label){case 0:return r=t.queryParams||{},i={client_id:this.clientId,response_type:t.response_type,redirect_uri:t.redirectTo||this.redirectUri||(null==u?void 0:u.location.origin),scope:t.scopes||this._scope()},"pkce"!==this.flowType?[3,2]:[4,x(this.storage,this.storageKey)];case 1:o=s.sent(),a=o[0],c=o[1],r=n(n({},r),{code_challenge:a,code_challenge_method:c}),s.label=2;case 2:return t.connection_id?i.connection_id=t.connection_id:t.connection&&(i.connection=t.connection),[2,"".concat(e,"?").concat(new URLSearchParams(n(n({},r),i)))]}}))}))},t.prototype.signInWithOauthConnection=function(e){return i(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._handleConnectionSignIn({connection:e.connection,connection_id:e.connection_id,redirectTo:null==e?void 0:e.redirectTo,scopes:null==e?void 0:e.scopes,queryParams:e.queryParams,skipBrowserRedirect:e.skipBrowserRedirect})];case 1:return[2,t.sent()]}}))}))},t.prototype.signInWithUsernamePassword=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:return[4,p("".concat(this.domainUrl,"/usernamepassword/login"),{username:e.username,password:e.password,redirect_uri:e.redirectTo||this.redirectUri||(null==u?void 0:u.location.origin),client_id:this.clientId,state:e.state},{raw:!0})];case 1:return!(t=r.sent()).data||t.error?[2,{data:null,error:new F(t.error||"Error in username password login",t.error)}]:(function(e,t){var r=t.createElement("div");r.innerHTML=e;var n=t.body.appendChild(r).children[0];if(!n)throw new Error("Auth response did not contain a submittable form");n.submit()}(t.data,h),[2,{data:null,error:null}])}}))}))},t.prototype.signInWithOtp=function(e){return i(this,void 0,void 0,(function(){var t,r,n,i,o,a,c,u;return s(this,(function(s){switch(s.label){case 0:return[4,p("".concat(this.domainUrl,"/oauth/token"),{client_id:this.clientId,grant_type:"http://auth0.com/oauth/grant-type/passwordless/otp",username:e.username,otp:e.otp})];case 1:return t=s.sent(),r=C(t),n=r.data,(i=r.error)?[2,{data:{user:null,session:null},error:i}]:n&&n.session?(o=n.session,[4,this._getUser(o.access_token)]):[2,{data:{user:null,session:null},error:new V}];case 2:return a=s.sent(),c=a.data,(u=a.error)||!c?[2,{data:{user:null,session:null},error:u||new F("Could not fetch user info",null)}]:(o.user=c,[4,this._saveSession(o)]);case 3:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",o)];case 4:return s.sent(),[2,{data:{user:o.user,session:o},error:null}]}}))}))},t.prototype.signInWithPasswordless=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:return[4,p("".concat(this.domainUrl,"/passwordless/start"),{client_id:this.clientId,email:e.email,send:e.type})];case 1:return[2,{data:(t=r.sent()).data,error:t.error}]}}))}))},t.prototype.changePassword=function(e){return i(this,void 0,void 0,(function(){var t,r,n;return s(this,(function(i){switch(i.label){case 0:return(null==e?void 0:e.email)?[4,p("".concat(this.domainUrl,"/dbconnections/change_password"),{email:e.email})]:[2,{data:null,error:new F("email is required",null)}];case 1:return t=i.sent(),r=t.data,n=t.error,[2,{data:null!=r?r:null,error:n?new F(String(n),n):null}]}}))}))},t.prototype.buildAuthorizeUrl=function(e){void 0===e&&(e={});var t={client_id:this.clientId,redirect_uri:e.redirectTo||this.redirectUri||(null==u?void 0:u.location.origin),response_type:_(e,A()),audience:e.audience,scope:e.scope,connection:e.connection},r=Object.fromEntries(Object.entries(t).filter((function(e){return!!e[1]})));return"".concat(this.domainUrl,"/authorize?").concat(new URLSearchParams(r).toString())},t.prototype.authorize=function(e){var t=this.buildAuthorizeUrl(e);J.redirect(t)},t.prototype._handleConnectionSignIn=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:return[4,this._getUrlForConnection("".concat(this.domainUrl,"/authorize"),{response_type:A()?"code":"token",connection:e.connection,connection_id:e.connection_id,redirectTo:e.redirectTo,scopes:e.scopes,queryParams:e.queryParams})];case 1:return t=r.sent(),this._debug("#_handleConnectionSignIn()","options",e,"url",t),A()&&!e.skipBrowserRedirect&&(null==u||u.location.assign(t)),[2,{data:{url:t},error:null}]}}))}))},t.prototype.setSession=function(e){return i(this,void 0,void 0,(function(){var t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,(function(){return i(t,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._setSession(e)];case 1:return[2,t.sent()]}}))}))}))];case 2:return[2,r.sent()]}}))}))},t.prototype.getSession=function(){return i(this,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return[4,this.initializePromise];case 1:return t.sent(),[4,this.lock._acquireLock(-1,(function(){return i(e,void 0,void 0,(function(){var e=this;return s(this,(function(t){return[2,this._useSession((function(t){return i(e,void 0,void 0,(function(){return s(this,(function(e){return[2,t]}))}))}))]}))}))}))];case 2:return[2,t.sent()]}}))}))},t.prototype._useSession=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:this._debug("#_useSession","begin"),r.label=1;case 1:return r.trys.push([1,,4,5]),[4,this.__loadSession()];case 2:return t=r.sent(),[4,e(t)];case 3:return[2,r.sent()];case 4:return this._debug("#_useSession","end"),[7];case 5:return[2]}}))}))},t.prototype.__loadSession=function(){return i(this,void 0,void 0,(function(){var e,t,r,n,i,o,a;return s(this,(function(s){switch(s.label){case 0:this._debug("#__loadSession()","begin"),this.lock.lockAcquired||this._debug("#__loadSession()","used outside of an acquired lock!",(new Error).stack),s.label=1;case 1:return s.trys.push([1,,7,8]),e=null,[4,w(this.storage,this.storageKey)];case 2:return t=s.sent(),this._debug("#getSession()","session from storage",t),null===t?[3,5]:H(t)?(e=t,[3,5]):[3,3];case 3:return this._debug("#getSession()","session from storage is not valid"),[4,this._removeSession()];case 4:s.sent(),s.label=5;case 5:return e?(r=!!e.expires_at&&e.expires_at<=Date.now()/1e3,this._debug("#__loadSession()","session has".concat(r?"":" not"," expired"),"expires_at",e.expires_at),r?[4,this._callRefreshToken(e.refresh_token)]:(this.storage.isServer&&(n=new Proxy(e,{get:function(e,t,r){return"user"===t&&console.warn("Reading `session.user` from a server-side cookie store can be insecure: the value is whatever the cookie contains and has not been verified against Faable Auth. Re-fetch the user with `auth.getUser()` (or verify the access token yourself) before trusting it on the server."),Reflect.get(e,t,r)}}),e=n),[2,{data:{session:e},error:null}])):[2,{data:{session:null},error:null}];case 6:return i=s.sent(),o=i.session,(a=i.error)?[2,{data:{session:null},error:a}]:[2,{data:{session:o},error:null}];case 7:return this._debug("#__loadSession()","end"),[7];case 8:return[2]}}))}))},t.prototype._removeSession=function(){return i(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return this._debug("#_removeSession()"),this._session=null,[4,this.storage.removeItem(this.storageKey)];case 1:return e.sent(),[2]}}))}))},t.prototype._setSession=function(e){return i(this,void 0,void 0,(function(){var t,r,n,i,o,a,c,u,l,h,d;return s(this,(function(s){switch(s.label){case 0:if(s.trys.push([0,7,,8]),!e.access_token||!e.refresh_token)throw new z;return t=Date.now()/1e3,r=t,n=!0,i=null,(o=B(e.access_token)).exp&&(r=o.exp,n=r<=t),n?[4,this._callRefreshToken(e.refresh_token)]:[3,2];case 1:return a=s.sent(),c=a.session,(h=a.error)?[2,{data:{user:null,session:null},error:h}]:c?(i=c,[3,6]):[2,{data:{user:null,session:null},error:null}];case 2:return[4,this._getUser(e.access_token)];case 3:if(u=s.sent(),l=u.data,(h=u.error)||!l)throw h;return i={access_token:e.access_token,refresh_token:e.refresh_token,user:l,token_type:"bearer",expires_in:r-t,expires_at:r},[4,this._saveSession(i)];case 4:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",i)];case 5:s.sent(),s.label=6;case 6:return[2,{data:{user:i.user,session:i},error:null}];case 7:if(j(d=s.sent()))return[2,{data:{session:null,user:null},error:d}];throw d;case 8:return[2]}}))}))},t.prototype._saveSession=function(e){return i(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return this._debug("#_saveSession()",e),this._session=e,[4,y(this.storage,this.storageKey,e)];case 1:return t.sent(),[2]}}))}))},t.prototype._getUser=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:if(!e)throw new Error("Cannot fetch user without token");return this._debug("#_getUser() begin"),[4,b("".concat(this.domainUrl,"/me"),{token:e})];case 1:return t=r.sent(),this._debug("#_getUser() end"),[2,{data:t.data,error:t.error}]}}))}))},t.prototype._callRefreshToken=function(e){return i(this,void 0,void 0,(function(){var t,r,n,i,o,a,c,u;return s(this,(function(s){switch(s.label){case 0:if(!e)throw new z;if(this.refreshingDeferred)return[2,this.refreshingDeferred.promise];t="#_callRefreshToken(".concat(e.substring(0,5),"...)"),this._debug(t,"begin"),s.label=1;case 1:return s.trys.push([1,5,10,11]),this.refreshingDeferred=new U,[4,(l=this._refreshAccessToken(e),h=3e4,d="Token refresh timed out",v=new Promise((function(e,t){f=setTimeout((function(){return t(new Error(d))}),h)})),Promise.race([l.finally((function(){void 0!==f&&clearTimeout(f)})),v]))];case 2:if(r=s.sent(),n=r.data,i=r.error)throw i;if(!n.session)throw new z;return[4,this._saveSession(n.session)];case 3:return s.sent(),[4,this._notifyAllSubscribers("TOKEN_REFRESHED",n.session)];case 4:return s.sent(),a={session:n.session,error:null},this.refreshingDeferred.resolve(a),[2,a];case 5:return o=s.sent(),this._debug(t,"error",o),j(o)?(a={session:null,error:o},W(o)?[3,8]:[4,this._removeSession()]):[3,9];case 6:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_OUT",null)];case 7:s.sent(),s.label=8;case 8:return null===(c=this.refreshingDeferred)||void 0===c||c.resolve(a),[2,a];case 9:throw null===(u=this.refreshingDeferred)||void 0===u||u.reject(o),o;case 10:return this.refreshingDeferred=null,this._debug(t,"end"),[7];case 11:return[2]}var l,h,d,f,v}))}))},t.prototype._refreshAccessToken=function(e){return i(this,void 0,void 0,(function(){var t,r,o,a=this;return s(this,(function(c){switch(c.label){case 0:t="#_refreshAccessToken(".concat(e.substring(0,5),"...)"),this._debug(t,"begin"),c.label=1;case 1:return c.trys.push([1,3,4,5]),r=Date.now(),[4,P((function(r){return i(a,void 0,void 0,(function(){var i,o,a,c,u,l,h;return s(this,(function(s){switch(s.label){case 0:return r>0?[4,L(200*Math.pow(2,r-1))]:[3,2];case 1:s.sent(),s.label=2;case 2:return this._debug(t,"refreshing attempt",r),[4,p("".concat(this.domainUrl,"/oauth/token"),{client_id:this.clientId,grant_type:"refresh_token",refresh_token:e})];case 3:if((i=s.sent()).error)throw new F("Refresh token request failed: ".concat(i.error),i.error);if(o=C(i),!(null===(l=o.data.session)||void 0===l?void 0:l.access_token))throw new V;return[4,this._getUser(null===(h=o.data.session)||void 0===h?void 0:h.access_token)];case 4:if(a=s.sent(),c=a.data,u=a.error)throw new F("Could not fetch user info",u);if(!c)throw new F("Refresh response missing user",null);return[2,{data:{session:n(n({},o.data.session),{user:c}),user:c},error:null}]}}))}))}),(function(e,t){var n=200*Math.pow(2,e);return t&&W(t)&&Date.now()+n-r<le}))];case 2:return[2,c.sent()];case 3:if(o=c.sent(),this._debug(t,"error",o),j(o))return[2,{data:{session:null,user:null},error:o}];throw o;case 4:return this._debug(t,"end"),[7];case 5:return[2]}}))}))},t.prototype._notifyAllSubscribers=function(e,t){return i(this,arguments,void 0,(function(e,t,r){var n;return void 0===r&&(r=!0),s(this,(function(i){switch(i.label){case 0:n="#_notifyAllSubscribers(".concat(e,")"),this._debug(n,"begin",t,"broadcast = ".concat(r)),i.label=1;case 1:return i.trys.push([1,,3,4]),[4,this.broadcastSync.notify(e,t,r)];case 2:return i.sent(),[3,4];case 3:return this._debug(n,"end"),[7];case 4:return[2]}}))}))},t.prototype.signOut=function(){return i(this,arguments,void 0,(function(e){var t=this;return void 0===e&&(e={scope:"global"}),s(this,(function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,(function(){return i(t,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._signOut(e)];case 1:return[2,t.sent()]}}))}))}))];case 2:return[2,r.sent()]}}))}))},t.prototype._signOut=function(){return i(this,arguments,void 0,(function(e){var t=this,r=(void 0===e?{scope:"global"}:e).scope;return s(this,(function(e){switch(e.label){case 0:return[4,this._useSession((function(e){return i(t,void 0,void 0,(function(){var t,n,i,o;return s(this,(function(s){switch(s.label){case 0:return t=e.data,(n=e.error)?[2,{error:n}]:(null===(o=t.session)||void 0===o?void 0:o.access_token)?[4,this.api.signOut({client_id:this.clientId})]:[3,2];case 1:if((i=s.sent().error)&&(!function(e){return j(e)&&"AuthApiError"===e.name}(i)||404!==i.status&&401!==i.status))return[2,{error:i}];s.label=2;case 2:return"others"===r?[3,6]:[4,this._removeSession()];case 3:return s.sent(),[4,this.storage.removeItem("".concat(this.storageKey,"-code-verifier"))];case 4:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_OUT",null)];case 5:s.sent(),s.label=6;case 6:return[2,{error:null}]}}))}))}))];case 1:return[2,e.sent()]}}))}))},t.prototype.onAuthStateChange=function(e){var t=this,r=this.broadcastSync.subscribe(e).subscription;return this._debug("#onAuthStateChange()","registered callback with id",r.id),i(t,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return[4,this.initializePromise];case 1:return t.sent(),[4,this.lock._acquireLock(-1,(function(){return i(e,void 0,void 0,(function(){return s(this,(function(e){return this._emitInitialSession(r),[2]}))}))}))];case 2:return t.sent(),[2]}}))})),{data:{subscription:r}}},t.prototype._emitInitialSession=function(e){return i(this,void 0,void 0,(function(){var t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this._useSession((function(r){return i(t,void 0,void 0,(function(){var t,n,i;return s(this,(function(s){switch(s.label){case 0:if(s.trys.push([0,2,,4]),t=r.data.session,n=r.error)throw n;return[4,e.callback("INITIAL_SESSION",t)];case 1:return s.sent(),this._debug("INITIAL_SESSION","callback id",e.id,"session",t),[3,4];case 2:return i=s.sent(),[4,e.callback("INITIAL_SESSION",null)];case 3:return s.sent(),this._debug("INITIAL_SESSION","callback id",e.id,"error",i),console.error(i),[3,4];case 4:return[2]}}))}))}))];case 1:return[2,r.sent()]}}))}))},t.prototype.refreshSession=function(e){return i(this,void 0,void 0,(function(){var t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,(function(){return i(t,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._refreshSession(e)];case 1:return[2,t.sent()]}}))}))}))];case 2:return[2,r.sent()]}}))}))},t.prototype._refreshSession=function(e){return i(this,void 0,void 0,(function(){var t,r=this;return s(this,(function(n){switch(n.label){case 0:return n.trys.push([0,2,,3]),[4,this._useSession((function(t){return i(r,void 0,void 0,(function(){var r,n,i,o,a,c;return s(this,(function(s){switch(s.label){case 0:if(!e){if(r=t.data,n=t.error)throw n;e=null!==(c=r.session)&&void 0!==c?c:void 0}if(!(null==e?void 0:e.refresh_token))throw new z;return[4,this._callRefreshToken(e.refresh_token)];case 1:return i=s.sent(),o=i.session,(a=i.error)?[2,{data:{user:null,session:null},error:a}]:o?[2,{data:{user:o.user,session:o},error:null}]:[2,{data:{user:null,session:null},error:null}]}}))}))}))];case 1:return[2,n.sent()];case 2:if(j(t=n.sent()))return[2,{data:{user:null,session:null},error:t}];throw t;case 3:return[2]}}))}))},t}(c),de=function(){};e.AuthError=N,e.FaableAuthClient=he,e.User=de,e.cookieStorageAdapter=ne,e.createClient=function(e){return new he(e)},e.getSessionFromCookies=function(e,t){var r,n="".concat(null!==(r=t.storageKey)&&void 0!==r?r:D,"-").concat(t.clientId),i=$(e,n);if(!i)return null;try{return JSON.parse(decodeURIComponent(i))}catch(e){return console.error("Failed to parse session from cookie",e),null}}}({});
7
7
  //# sourceMappingURL=faableauth.js.map