@faable/auth-js 1.7.0 → 1.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -10,6 +10,15 @@ export interface AuthenticationResult {
10
10
  error?: string;
11
11
  error_description?: string;
12
12
  }
13
+ /**
14
+ * OpenID Connect–style user profile returned by the tenant's userinfo
15
+ * endpoint.
16
+ *
17
+ * Standard OIDC claims are typed explicitly; provider-specific or custom
18
+ * claims (e.g. `org_id`, `roles`) surface through the index signature.
19
+ *
20
+ * @see {@link https://faable.com/docs/auth/oidc/userinfo | UserInfo}
21
+ */
13
22
  export declare class User {
14
23
  name?: string;
15
24
  profile?: string;
@@ -227,37 +236,56 @@ export type TokenEndpointResponse = {
227
236
  expires_in: number;
228
237
  scope?: string;
229
238
  };
239
+ /**
240
+ * Attribute overrides for the bundled cookie storage adapter.
241
+ *
242
+ * Defaults: `Path=/`, `SameSite=Lax`, `Secure` on HTTPS, `Max-Age` 30 days.
243
+ * Use this to share the session across subdomains or tighten `SameSite`.
244
+ *
245
+ * @see {@link https://faable.com/docs/auth/quickstart/nextjs | Next.js Quickstart}
246
+ */
230
247
  export interface CookieOptions {
231
- /**
232
- * (Optional) The domain of the cookie.
233
- */
248
+ /** (Optional) The domain of the cookie. Use a leading dot to share across subdomains, e.g. `.example.com`. */
234
249
  domain?: string;
235
- /**
236
- * (Optional) The path of the cookie.
237
- */
250
+ /** (Optional) The path of the cookie. Defaults to `/`. */
238
251
  path?: string;
239
- /**
240
- * (Optional) The same-site attribute of the cookie.
241
- */
252
+ /** (Optional) The same-site attribute of the cookie. Defaults to `'Lax'`. */
242
253
  sameSite?: 'Lax' | 'Strict' | 'None';
243
- /**
244
- * (Optional) Whether the cookie should only be sent over HTTPS.
245
- */
254
+ /** (Optional) Whether the cookie should only be sent over HTTPS. Defaults to `true` when the current page is HTTPS. */
246
255
  secure?: boolean;
247
- /**
248
- * (Optional) The maximum age of the cookie in seconds.
249
- */
256
+ /** (Optional) The maximum age of the cookie in seconds. Defaults to 30 days. */
250
257
  maxAge?: number;
251
258
  }
259
+ /**
260
+ * Configuration accepted by {@link createClient} and the
261
+ * `FaableAuthClient` constructor.
262
+ *
263
+ * `domain` and `clientId` are the only required fields. Everything else has
264
+ * sensible defaults — see the individual properties for the specifics.
265
+ *
266
+ * @see {@link https://faable.com/docs/auth/get-started | Get Started with Faable Auth}
267
+ * @see {@link https://faable.com/docs/auth/clients | Clients}
268
+ */
252
269
  export type FaableAuthClientConfig = {
270
+ /** **Required.** Your Faable Auth tenant domain. */
253
271
  domain: string;
272
+ /** **Required.** Application client ID from the dashboard. */
254
273
  clientId: string;
274
+ /** Space-separated scopes. Defaults to `openid profile email`. */
255
275
  scope?: string;
276
+ /**
277
+ * Default API audience the access tokens issued for this client should be
278
+ * bound to. Forwarded to `/authorize` and to the `/oauth/token` POST bodies
279
+ * (code exchange, refresh, OTP). `signInWith*` methods accept an `audience`
280
+ * argument to override it per call.
281
+ */
256
282
  audience?: string;
283
+ /** Default callback URL. Falls back to `window.location.origin`. */
257
284
  redirectUri?: string;
258
285
  authorizationParams?: AuthorizationParams;
259
286
  cookieDomain?: string;
260
287
  useRefreshTokens?: boolean;
288
+ /** OAuth flow used when initiating sign-in. Defaults to `'pkce'` in browsers and `'implicit'` elsewhere. */
261
289
  flowType?: AuthFlowType;
262
290
  /**
263
291
  * Where to keep the session. Pass `'localStorage'` (default) or `'cookie'`
@@ -266,6 +294,7 @@ export type FaableAuthClientConfig = {
266
294
  * auto `Secure` on HTTPS, 30-day `Max-Age`); use `cookieOptions` to override.
267
295
  */
268
296
  storage?: SupportedStorage | 'cookie' | 'localStorage';
297
+ /** Optional prefix for the storage key. Final key is `${storageKey}-${clientId}`. */
269
298
  storageKey?: string;
270
299
  /**
271
300
  * (Optional) Overrides for the cookie storage attributes. Setting this also
@@ -285,18 +314,51 @@ type MaybePromisify<T> = T | Promise<T>;
285
314
  type PromisifyMethods<T> = {
286
315
  [K in keyof T]: T[K] extends AnyFunction ? (...args: Parameters<T[K]>) => MaybePromisify<ReturnType<T[K]>> : T[K];
287
316
  };
317
+ /**
318
+ * Minimal storage contract the SDK relies on. Compatible with `localStorage`,
319
+ * `sessionStorage`, the bundled cookie adapter, and any custom adapter you
320
+ * provide. Methods may return synchronously or asynchronously.
321
+ *
322
+ * @example
323
+ * ```ts
324
+ * const memoryStorage: SupportedStorage = {
325
+ * store: new Map<string, string>(),
326
+ * getItem: k => memoryStorage.store.get(k) ?? null,
327
+ * setItem: (k, v) => void memoryStorage.store.set(k, v),
328
+ * removeItem: k => void memoryStorage.store.delete(k)
329
+ * }
330
+ * ```
331
+ */
288
332
  export type SupportedStorage = PromisifyMethods<Pick<Storage, 'getItem' | 'setItem' | 'removeItem'>> & {
289
333
  /**
290
- * If set to `true` signals to the library that the storage medium is used
291
- * on a server and the values may not be authentic, such as reading from
292
- * request cookies. Implementations should not set this to true if the client
293
- * is used on a server that reads storage information from authenticated
294
- * sources, such as a secure database or file.
334
+ * Set to `true` when the storage medium reads from an untrusted source
335
+ * (e.g. request cookies on the server). Triggers a warning when consumers
336
+ * access `session.user` so they refresh against a verified source instead.
295
337
  */
296
338
  isServer?: boolean;
297
339
  };
340
+ /**
341
+ * Built-in social OAuth providers. Custom enterprise / SAML / OIDC
342
+ * connections are addressed by their `connection` name or `connection_id`.
343
+ *
344
+ * @see {@link https://faable.com/docs/auth/connections | Connections}
345
+ */
298
346
  export type Provider = 'google' | 'github';
347
+ /**
348
+ * OAuth initiation flow.
349
+ *
350
+ * - `'pkce'` — recommended for SPAs / public clients; the SDK stores a code
351
+ * verifier and exchanges the auth code for a session on the callback.
352
+ * - `'implicit'` — tokens are returned directly in the URL fragment.
353
+ *
354
+ * @see {@link https://faable.com/docs/auth/oauth-flows/authorization-code | Authorization Code with PKCE}
355
+ */
299
356
  export type AuthFlowType = 'implicit' | 'pkce';
357
+ /**
358
+ * Options accepted by {@link FaableAuthClient.signInWithOauthConnection}.
359
+ *
360
+ * @see {@link https://faable.com/docs/auth/connections | Connections}
361
+ */
300
362
  export type SignInWithOAuthConnection = {
301
363
  /**
302
364
  * Identifier of the connection to use. Preferred over `connection` when
@@ -316,7 +378,17 @@ export type SignInWithOAuthConnection = {
316
378
  };
317
379
  /** If set to true does not immediately redirect the current browser context to visit the OAuth authorization page for the provider. */
318
380
  skipBrowserRedirect?: boolean;
381
+ /**
382
+ * Override the API audience the issued access token should be bound to.
383
+ * Falls back to `FaableAuthClientConfig.audience` when omitted.
384
+ */
385
+ audience?: string;
319
386
  };
387
+ /**
388
+ * Result of {@link FaableAuthClient.signInWithOauthConnection}. Carries the
389
+ * authorize URL on success (useful when `skipBrowserRedirect: true` so you
390
+ * can drive the navigation yourself) or an {@link AuthError} on failure.
391
+ */
320
392
  export type OAuthResponse = {
321
393
  data: {
322
394
  url: string;
@@ -328,6 +400,14 @@ export type OAuthResponse = {
328
400
  };
329
401
  error: AuthError;
330
402
  };
403
+ /**
404
+ * A signed-in session as persisted by the client.
405
+ *
406
+ * Use {@link FaableAuthClient.getSession} to obtain the current value; the
407
+ * SDK refreshes it automatically before `expires_at`.
408
+ *
409
+ * @see {@link https://faable.com/docs/auth/oidc/userinfo | UserInfo}
410
+ */
331
411
  export interface Session {
332
412
  /**
333
413
  * The oauth provider token. If present, this can be used to make external API requests to the oauth provider used.
@@ -357,6 +437,10 @@ export interface Session {
357
437
  token_type: string;
358
438
  user: User;
359
439
  }
440
+ /**
441
+ * Discriminated union returned by every sign-in / set-session / refresh
442
+ * method. Always check `error` first — `data` fields are `null` on failure.
443
+ */
360
444
  export type AuthResponse = {
361
445
  data: {
362
446
  user: User | null;
@@ -371,31 +455,47 @@ export type AuthResponse = {
371
455
  error: AuthError;
372
456
  };
373
457
  export type AuthChangeEventMFA = 'MFA_CHALLENGE_VERIFIED';
458
+ /**
459
+ * Event names delivered to {@link FaableAuthClient.onAuthStateChange}
460
+ * callbacks.
461
+ *
462
+ * - `INITIAL_SESSION` — fired once on subscribe with the currently-loaded session
463
+ * - `SIGNED_IN` — a session was newly stored or adopted
464
+ * - `SIGNED_OUT` — the session was cleared (locally or via global sign-out)
465
+ * - `TOKEN_REFRESHED` — the SDK refreshed the access token in the background
466
+ * - `PASSWORD_RECOVERY` — the user landed back from a password-reset link
467
+ * - `USER_UPDATED` — the user object was reloaded from `/me`
468
+ *
469
+ * @see {@link https://faable.com/docs/auth/get-started | Get Started with Faable Auth}
470
+ */
374
471
  export type AuthChangeEvent = 'INITIAL_SESSION' | 'PASSWORD_RECOVERY' | 'SIGNED_IN' | 'SIGNED_OUT' | 'TOKEN_REFRESHED' | 'USER_UPDATED' | AuthChangeEventMFA;
472
+ /**
473
+ * Handle returned by {@link FaableAuthClient.onAuthStateChange}.
474
+ *
475
+ * Call `unsubscribe()` to stop receiving events — for example, in a React
476
+ * `useEffect` cleanup.
477
+ */
375
478
  export interface Subscription {
376
- /**
377
- * The subscriber UUID. This will be set by the client.
378
- */
479
+ /** Subscriber UUID assigned by the client. */
379
480
  id: string;
380
- /**
381
- * The function to call every time there is an event. eg: (eventName) => {}
382
- */
481
+ /** Invoked every time an auth event happens. */
383
482
  callback: (event: AuthChangeEvent, session: Session | null) => void;
384
- /**
385
- * Call this to remove the listener.
386
- */
483
+ /** Call to remove the listener. */
387
484
  unsubscribe: () => void;
388
485
  }
486
+ /**
487
+ * Options accepted by {@link FaableAuthClient.signOut}.
488
+ *
489
+ * @see {@link https://faable.com/docs/auth/oidc/logout | Logout}
490
+ */
389
491
  export type SignOut = {
390
492
  /**
391
- * Determines which sessions should be
392
- * logged out. Global means all
393
- * sessions by this account. Local
394
- * means only this session. Others
395
- * means all other sessions except the
396
- * current one. When using others,
397
- * there is no sign-out event fired on
398
- * the current session!
493
+ * Which sessions to log out.
494
+ *
495
+ * - `'global'` every refresh token for the user (default)
496
+ * - `'local'` — only this client's storage
497
+ * - `'others'` — every other session except this device's; no
498
+ * `SIGNED_OUT` event is fired locally
399
499
  */
400
500
  scope?: 'global' | 'local' | 'others';
401
501
  };
@@ -1,7 +1,7 @@
1
1
  /*!
2
- * @faable/auth-js v1.7.0
2
+ * @faable/auth-js v1.7.1
3
3
  * (c) 2026
4
4
  * @license SEE LICENSE.md
5
5
  */
6
- !function(e){"use strict";var t=function(e,r){return t=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var r in t)Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r])},t(e,r)};function r(e,r){if("function"!=typeof r&&null!==r)throw new TypeError("Class extends value "+String(r)+" is not a constructor or null");function n(){this.constructor=e}t(e,r),e.prototype=null===r?Object.create(r):(n.prototype=r.prototype,new n)}var n=function(){return n=Object.assign||function(e){for(var t,r=1,n=arguments.length;r<n;r++)for(var i in t=arguments[r])Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i]);return e},n.apply(this,arguments)};function i(e,t,r,n){return new(r||(r=Promise))((function(i,s){function o(e){try{c(n.next(e))}catch(e){s(e)}}function a(e){try{c(n.throw(e))}catch(e){s(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(o,a)}c((n=n.apply(e,t||[])).next())}))}function s(e,t){var r,n,i,s={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]},o=Object.create(("function"==typeof Iterator?Iterator:Object).prototype);return o.next=a(0),o.throw=a(1),o.return=a(2),"function"==typeof Symbol&&(o[Symbol.iterator]=function(){return this}),o;function a(a){return function(c){return function(a){if(r)throw new TypeError("Generator is already executing.");for(;o&&(o=0,a[0]&&(s=0)),s;)try{if(r=1,n&&(i=2&a[0]?n.return:a[0]?n.throw||((i=n.return)&&i.call(n),0):n.next)&&!(i=i.call(n,a[1])).done)return i;switch(n=0,i&&(a=[2&a[0],i.value]),a[0]){case 0:case 1:i=a;break;case 4:return s.label++,{value:a[1],done:!1};case 5:s.label++,n=a[1],a=[0];continue;case 7:a=s.ops.pop(),s.trys.pop();continue;default:if(!(i=s.trys,(i=i.length>0&&i[i.length-1])||6!==a[0]&&2!==a[0])){s=0;continue}if(3===a[0]&&(!i||a[1]>i[0]&&a[1]<i[3])){s.label=a[1];break}if(6===a[0]&&s.label<i[1]){s.label=i[1],i=a;break}if(i&&s.label<i[2]){s.label=i[2],s.ops.push(a);break}i[2]&&s.ops.pop(),s.trys.pop();continue}a=t.call(e,s)}catch(e){a=[6,e],n=0}finally{r=i=0}if(5&a[0])throw a[1];return{value:a[0]?a[1]:void 0,done:!0}}([a,c])}}}function o(e,t,r){if(r||2===arguments.length)for(var n,i=0,s=t.length;i<s;i++)!n&&i in t||(n||(n=Array.prototype.slice.call(t,0,i)),n[i]=t[i]);return e.concat(n||Array.prototype.slice.call(t))}"function"==typeof SuppressedError&&SuppressedError;var a=function(){function e(e){void 0===e&&(e={}),this.logger=console.log,this.logDebugMessages=!!e.debug,"function"==typeof e.debug&&(this.logger=e.debug)}return e.prototype._debug=function(){for(var e=[],t=0;t<arguments.length;t++)e[t]=arguments[t];if(this.logDebugMessages){var r=this.extraPrint?this.extraPrint():"";this.logger.apply(this,o(["FaableAuth@".concat(r," (").concat("0.0.0",") ").concat((new Date).toISOString())],e,!1))}return this},e}(),c=function(e){function t(r){void 0===r&&(r={});var n=e.call(this,r)||this;return n.instanceID=t.nextInstanceID,t.nextInstanceID+=1,n}return r(t,e),t.prototype.extraPrint=function(){return this.instanceID.toString()},t.nextInstanceID=0,t}(a),u="undefined"!=typeof window?window:void 0,l="undefined"!=typeof globalThis?globalThis:u,h=null==l?void 0:l.document,d=l.fetch,f=function(e){void 0===e&&(e={});var t={};return(null==e?void 0:e.token)&&(t=n(n({},t),{Authorization:"Bearer ".concat(null==e?void 0:e.token)})),n(n({},null==e?void 0:e.headers),t)},v=function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i(void 0,o([e],t,!0),void 0,(function(e,t){var r,n,i;return void 0===t&&(t={}),s(this,(function(s){switch(s.label){case 0:return t.raw?[4,e.text()]:[3,2];case 1:return n=s.sent(),[3,4];case 2:return[4,e.json()];case 3:n=s.sent(),s.label=4;case 4:return r=n,e.status>=300?[2,{data:r,error:t.raw?null===(i=JSON.parse(r))||void 0===i?void 0:i.message:null==r?void 0:r.message}]:[2,{data:r,error:null}]}}))}))},p=function(e,t){for(var r=[],a=2;a<arguments.length;a++)r[a-2]=arguments[a];return i(void 0,o([e,t],r,!0),void 0,(function(e,t,r){var i;return void 0===r&&(r={}),s(this,(function(s){switch(s.label){case 0:return s.trys.push([0,3,,4]),[4,d(e,{method:"POST",body:JSON.stringify(t),headers:n(n({},f(r)),{"Content-Type":"application/json"})})];case 1:return i=s.sent(),[4,v(i,r)];case 2:return[2,s.sent()];case 3:return[2,{data:null,error:s.sent()}];case 4:return[2]}}))}))},b=function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i(void 0,o([e],t,!0),void 0,(function(e,t){var r;return void 0===t&&(t={}),s(this,(function(i){switch(i.label){case 0:return i.trys.push([0,3,,4]),[4,d(e,n(n({},t),{method:"GET",headers:f(t)}))];case 1:return r=i.sent(),[4,v(r,t)];case 2:return[2,i.sent()];case 3:return[2,{data:null,error:i.sent()}];case 4:return[2]}}))}))},g=function(e){function t(t,r){var n=e.call(this,r)||this;return n.base_url=t,n}return r(t,e),t.prototype.extraPrint=function(){return"api"},t.prototype.signOut=function(e){return i(this,void 0,void 0,(function(){var t,r;return s(this,(function(n){switch(n.label){case 0:return t="".concat(this.base_url,"/logout?").concat(new URLSearchParams(e)),this._debug("requesting ".concat(t)),[4,b(t)];case 1:return r=n.sent(),this._debug(r),r.error?[2,{error:r.error,data:null}]:[2,{error:null,data:null}]}}))}))},t}(a),_=function(e,t){return e.response_type||(t?"code":"token")},y=function(e,t,r){return i(void 0,void 0,void 0,(function(){return s(this,(function(n){switch(n.label){case 0:return[4,e.setItem(t,JSON.stringify(r))];case 1:return n.sent(),[2]}}))}))},w=function(e,t){return i(void 0,void 0,void 0,(function(){var r;return s(this,(function(n){switch(n.label){case 0:return[4,e.getItem(t)];case 1:if(!(r=n.sent()))return[2,null];try{return[2,JSON.parse(r)]}catch(e){return[2,r]}return[2]}}))}))},m=function(e,t,r){return i(void 0,[e,t,r],void 0,(function(e,t,r){var n,i=r.verifier,o=r.redirectType,a=r.now,c=void 0===a?Date.now():a;return s(this,(function(r){switch(r.label){case 0:return n={verifier:i,createdAt:c},o&&(n.redirectType=o),[4,y(e,t,n)];case 1:return r.sent(),[2]}}))}))},k=function(e,t){for(var r=[],n=2;n<arguments.length;n++)r[n-2]=arguments[n];return i(void 0,o([e,t],r,!0),void 0,(function(e,t,r){var n,i=(void 0===r?{}:r).now,o=void 0===i?Date.now():i;return s(this,(function(r){switch(r.label){case 0:return[4,w(e,t)];case 1:return n=r.sent(),"object"!=typeof(i=n)||null===i||"string"!=typeof i.verifier||"number"!=typeof i.createdAt?[2,null]:o-n.createdAt>6e5?[4,e.removeItem(t)]:[3,3];case 2:return r.sent(),[2,null];case 3:return[2,n.redirectType?{verifier:n.verifier,redirectType:n.redirectType}:{verifier:n.verifier}]}var i}))}))};function S(e){return("0"+e.toString(16)).substr(-2)}function T(e){return i(this,void 0,void 0,(function(){var t,r,n,i;return s(this,(function(s){switch(s.label){case 0:return t=new TextEncoder,r=t.encode(e),[4,crypto.subtle.digest("SHA-256",r)];case 1:return n=s.sent(),i=new Uint8Array(n),[2,Array.from(i).map((function(e){return String.fromCharCode(e)})).join("")]}}))}))}function I(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:return"undefined"!=typeof crypto&&void 0!==crypto.subtle&&"undefined"!=typeof TextEncoder?[4,T(e)]:(console.warn("WebCrypto API is not supported. Code challenge method will default to use plain instead of sha256."),[2,e]);case 1:return t=r.sent(),[2,(n=t,btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""))]}var n}))}))}function x(e,t){return i(this,arguments,void 0,(function(e,t,r){var n,i;return void 0===r&&(r=!1),s(this,(function(s){switch(s.label){case 0:return n=function(){if("undefined"==typeof crypto||"function"!=typeof crypto.getRandomValues)throw new Error("Web Crypto API is required to generate a PKCE code verifier");var e=new Uint32Array(56);return crypto.getRandomValues(e),Array.from(e,S).join("")}(),[4,m(e,"".concat(t,"-code-verifier"),{verifier:n,redirectType:r?"PASSWORD_RECOVERY":void 0})];case 1:return s.sent(),[4,I(n)];case 2:return[2,[i=s.sent(),n===i?"plain":"S256"]]}}))}))}var A=function(){return"undefined"!=typeof document},R={tested:!1,writable:!1},E=function(){if(!A())return!1;try{if("object"!=typeof globalThis.localStorage)return!1}catch(e){return!1}if(R.tested)return R.writable;var e="lswt-".concat(Math.random()).concat(Math.random());try{globalThis.localStorage.setItem(e,e),globalThis.localStorage.removeItem(e),R.tested=!0,R.writable=!0}catch(e){R.tested=!0,R.writable=!1}return R.writable};function C(e){var t,r,i=e.data,s=null;if(!i)throw new Error("Bad session response");return function(e){return!!e.access_token&&!!e.refresh_token&&!!e.expires_in}(i)&&(s=n({},i),!i.expires_at&&i.expires_in&&(s.expires_at=(r=i.expires_in,Math.round(Date.now()/1e3)+r))),{data:{session:s,user:null!==(t=i.user)&&void 0!==t?t:i},error:null}}var U=function(){function e(){var t=this;this.promise=new e.promiseConstructor((function(e,r){t.resolve=e,t.reject=r}))}return e.promiseConstructor=Promise,e}();function P(e,t){var r=this;return new Promise((function(n,o){i(r,void 0,void 0,(function(){var r,i,a;return s(this,(function(s){switch(s.label){case 0:r=0,s.label=1;case 1:if(!(r<1/0))return[3,6];s.label=2;case 2:return s.trys.push([2,4,,5]),[4,e(r)];case 3:return i=s.sent(),t(r,null,i)?[3,5]:(n(i),[2]);case 4:return a=s.sent(),t(r,a)?[3,5]:(o(a),[2]);case 5:return r++,[3,1];case 6:return[2]}}))}))}))}function L(e){return i(this,void 0,void 0,(function(){return s(this,(function(t){return[2,new Promise((function(t){setTimeout((function(){return t(null)}),e)}))]}))}))}var O=function(){function e(e,t){var r=this;if(this.debug=t,this.channel=null,this.subscribers=new Map,"undefined"!=typeof globalThis&&"function"==typeof globalThis.BroadcastChannel&&e)try{this.channel=new globalThis.BroadcastChannel(e),this.channel.addEventListener("message",(function(e){return i(r,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return this.debug("broadcast_sync: received notification from another tab",e),[4,this.dispatch(e.data.event,e.data.session,!1)];case 1:return t.sent(),[2]}}))}))}))}catch(e){console.error("Failed to create BroadcastChannel; cross-tab sync disabled",e)}}return e.prototype.subscribe=function(e){var t=this,r="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,(function(e){var t=16*Math.random()|0;return("x"==e?t:3&t|8).toString(16)})),n={id:r,callback:e,unsubscribe:function(){t.subscribers.delete(r)}};return this.subscribers.set(r,n),{subscription:n}},e.prototype.notify=function(e,t){return i(this,arguments,void 0,(function(e,t,r){return void 0===r&&(r=!0),s(this,(function(n){switch(n.label){case 0:return r&&this.channel&&this.channel.postMessage({event:e,session:t}),[4,this.dispatch(e,t,r)];case 1:return n.sent(),[2]}}))}))},e.prototype.dispatch=function(e,t,r){return i(this,void 0,void 0,(function(){var r,n,o,a=this;return s(this,(function(c){switch(c.label){case 0:return r=[],n=Array.from(this.subscribers.values()).map((function(n){return i(a,void 0,void 0,(function(){var i;return s(this,(function(s){switch(s.label){case 0:return s.trys.push([0,2,,3]),[4,n.callback(e,t)];case 1:return s.sent(),[3,3];case 2:return i=s.sent(),r.push(i),[3,3];case 3:return[2]}}))}))})),[4,Promise.all(n)];case 1:if(c.sent(),r.length>0){for(o=0;o<r.length;o+=1)console.error(r[o]);throw r[0]}return[2]}}))}))},e.prototype.close=function(){var e;this.subscribers.clear();try{null===(e=this.channel)||void 0===e||e.close()}catch(e){}this.channel=null},e}(),D="faableauth",N=function(e){function t(t,r,n){var i=e.call(this,t)||this;return i.__isAuthError=!0,i.name="AuthError",i.status=r,i.code=n,i}return r(t,e),t}(Error),q=function(e){function t(t,r,n,i){var s=e.call(this,t,n,i)||this;return s.name=r,s.status=n,s}return r(t,e),t}(N),z=function(e){function t(){return e.call(this,"Auth session missing!","AuthSessionMissingError",400,void 0)||this}return r(t,e),t}(q);function j(e){return"object"==typeof e&&null!==e&&"__isAuthError"in e}!function(e){function t(t,r,n){var i=e.call(this,t,r,n)||this;return i.name="AuthApiError",i.status=r,i.code=n,i}r(t,e)}(N);var K=function(e){function t(t,r){void 0===r&&(r=null);var n=e.call(this,t,"AuthImplicitGrantRedirectError",500,void 0)||this;return n.details=null,n.details=r,n}return r(t,e),t.prototype.toJSON=function(){return{name:this.name,message:this.message,status:this.status,details:this.details}},t}(q),M=function(e){function t(t,r){void 0===r&&(r=null);var n=e.call(this,t,"AuthPKCEGrantCodeExchangeError",500,void 0)||this;return n.details=null,n.details=r,n}return r(t,e),t.prototype.toJSON=function(){return{name:this.name,message:this.message,status:this.status,details:this.details}},t}(q),F=function(e){function t(t,r){var n=e.call(this,t)||this;return n.name="AuthUnknownError",n.originalError=r,n}return r(t,e),t}(N),V=function(e){function t(){return e.call(this,"Auth session or user missing","AuthInvalidTokenResponseError",500,void 0)||this}return r(t,e),t}(q);function W(e){return j(e)&&"AuthRetryableFetchError"===e.name}function G(){if(!u)throw new Error("No window in environment");return u}!function(e){function t(t,r){return e.call(this,t,"AuthRetryableFetchError",r,void 0)||this}r(t,e)}(q);var J={redirect:function(e){G().location=e},getDocument:function(){return G().document},getWindow:G};function B(e){var t=e.split(".");if(3!==t.length)throw new Error("JWT is not valid: not a JWT structure");if(!/^([a-z0-9_-]{4})*($|[a-z0-9_-]{3}=?$|[a-z0-9_-]{2}(==)?$)$/i.test(t[1]))throw new Error("JWT is not valid: payload is not in base64url format");var r=t[1];return JSON.parse(function(e){var t,r,n,i,s,o,a="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",c="",u=0;for(e=e.replace("-","+").replace("_","/");u<e.length;)t=a.indexOf(e.charAt(u++))<<2|(i=a.indexOf(e.charAt(u++)))>>4,r=(15&i)<<4|(s=a.indexOf(e.charAt(u++)))>>2,n=(3&s)<<6|(o=a.indexOf(e.charAt(u++))),c+=String.fromCharCode(t),64!=s&&0!=r&&(c+=String.fromCharCode(r)),64!=o&&0!=n&&(c+=String.fromCharCode(n));return c}(r))}var $=function(e,t){if(!e)return null;var r="function"==typeof e.get?function(t){var r;return null===(r=e.get(t))||void 0===r?void 0:r.value}:function(t){return e[t]},n=r(t);if(n)return n;for(var i=[],s=0;;s++){var o=r("".concat(t,".").concat(s));if(!o)break;i.push(o)}return i.length?i.join(""):null},H=function(e){return"object"==typeof e&&null!==e&&"access_token"in e&&"refresh_token"in e&&"expires_at"in e},Y=function(e){var t=new Map;if(!e)return t;for(var r=0,n=e.split(";");r<n.length;r++){var i=n[r].trim();if(i){var s=i.indexOf("=");if(!(s<0)){var o=Q(i.slice(0,s).trim()),a=Q(i.slice(s+1).trim());o&&t.set(o,a)}}}return t},Q=function(e){try{return decodeURIComponent(e)}catch(t){return e}},X=function(e,t,r){var n="".concat(encodeURIComponent(e),"=").concat(encodeURIComponent(t));return void 0!==r.maxAge&&(n+="; Max-Age=".concat(r.maxAge)),r.domain&&(n+="; Domain=".concat(r.domain)),r.path&&(n+="; Path=".concat(r.path)),r.sameSite&&(n+="; SameSite=".concat(r.sameSite)),(!0===r.secure||"None"===r.sameSite)&&(n+="; Secure"),n},Z=function(e,t){return X(e,"",{domain:t.domain,path:t.path,sameSite:t.sameSite,secure:t.secure,maxAge:0})},ee=3200,te=function(e,t){return"".concat(e,".").concat(t)},re=function(e,t){var r="".concat(t,"."),n=[];return e.forEach((function(e,t){if(t.startsWith(r)){var i=t.slice(r.length);/^\d+$/.test(i)&&n.push({name:t,idx:Number(i)})}})),n.sort((function(e,t){return e.idx-t.idx})),n.map((function(e){return e.name}))},ne=function(e,t){void 0===e&&(e={}),void 0===t&&(t=A()?document:null);var r=n({path:"/",sameSite:"Lax",secure:A()&&"https:"===window.location.protocol,maxAge:2592e3},e);return{getItem:function(e){return t?function(e,t){var r=e.get(t);if(void 0!==r)return r;var n=re(e,t);return 0===n.length?null:n.map((function(t){return e.get(t)})).join("")}(Y(t.cookie),e):null},setItem:function(e,n){if(t){var i=Y(t.cookie);if(n.length<=ee){for(var s=0,o=re(i,e);s<o.length;s++){var a=o[s];t.cookie=Z(a,r)}t.cookie=X(e,n,r)}else{i.has(e)&&(t.cookie=Z(e,r));for(var c=Math.ceil(n.length/ee),u=0,l=re(i,e);u<l.length;u++){var h=l[u];Number(h.slice(e.length+1))>=c&&(t.cookie=Z(h,r))}for(var d=0,f=0;d<n.length;d+=ee,f++){var v=n.slice(d,d+ee);t.cookie=X(te(e,f),v,r)}}}},removeItem:function(e){if(t){var n=Y(t.cookie);t.cookie=Z(e,r);for(var i=0,s=re(n,e);i<s.length;i++){var o=s[i];t.cookie=Z(o,r)}}}}},ie={getItem:function(e){return E()?globalThis.localStorage.getItem(e):null},setItem:function(e,t){E()&&globalThis.localStorage.setItem(e,t)},removeItem:function(e){E()&&globalThis.localStorage.removeItem(e)}};function se(e){void 0===e&&(e="");var t={},r=new URL(e);if(r.hash&&"#"===r.hash[0])try{new URLSearchParams(r.hash.substring(1)).forEach((function(e,r){t[r]=e}))}catch(e){}return r.searchParams.forEach((function(e,r){t[r]=e})),t}var oe=function(e){void 0===e&&(e=[]);var t=new URL(window.location.href);e.forEach((function(e){t.searchParams.delete(e)})),t.hash="",window.history.replaceState(window.history.state,"",t.toString())};globalThis&&E()&&globalThis.localStorage&&globalThis.localStorage.getItem("faable.auth.locks.debug");var ae=function(e){function t(t){var r=e.call(this,t)||this;return r.isAcquireTimeout=!0,r}return r(t,e),t}(Error);function ce(e,t,r){return i(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,r()];case 1:return[2,e.sent()]}}))}))}!function(e){function t(){return null!==e&&e.apply(this,arguments)||this}r(t,e)}(ae);var ue=function(e){function t(t){var r=e.call(this,{debug:t.debug})||this;return r.lockAcquired=!1,r.pendingInLock=[],r.lock=t.lock||ce,r.storageKey=t.storageKey,r}return r(t,e),t.prototype._acquireLock=function(e,t){return i(this,void 0,void 0,(function(){var r,n,a=this;return s(this,(function(c){switch(c.label){case 0:this._debug("#_acquireLock","begin",e),c.label=1;case 1:return c.trys.push([1,,3,4]),this.lockAcquired?(r=this.pendingInLock.length?this.pendingInLock[this.pendingInLock.length-1]:Promise.resolve(),n=i(a,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,r];case 1:return e.sent(),[4,t()];case 2:return[2,e.sent()]}}))})),this.pendingInLock.push(i(a,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return e.trys.push([0,2,,3]),[4,n];case 1:case 2:return e.sent(),[3,3];case 3:return[2]}}))}))),[2,n]):[4,this.lock("lock:".concat(this.storageKey),e,(function(){return i(a,void 0,void 0,(function(){var e,r,n=this;return s(this,(function(a){switch(a.label){case 0:this._debug("#_acquireLock","lock acquired for storage key",this.storageKey),a.label=1;case 1:return a.trys.push([1,,7,8]),this.lockAcquired=!0,e=t(),this.pendingInLock.push(i(n,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return t.trys.push([0,2,,3]),[4,e];case 1:case 2:return t.sent(),[3,3];case 3:return[2]}}))}))),[4,e];case 2:a.sent(),a.label=3;case 3:return this.pendingInLock.length?(r=o([],this.pendingInLock,!0),[4,Promise.all(r)]):[3,5];case 4:return a.sent(),this.pendingInLock.splice(0,r.length),[3,3];case 5:return[4,e];case 6:return[2,a.sent()];case 7:return this._debug("#_acquireLock","lock released for storage key",this.storageKey),this.lockAcquired=!1,[7];case 8:return[2]}}))}))}))];case 2:return[2,c.sent()];case 3:return this._debug("#_acquireLock","end"),[7];case 4:return[2]}}))}))},t}(c),le=3e4,he=function(e){function t(t){var r,n,i=this,s=(null==t?void 0:t.debug)||!1;if((i=e.call(this,{debug:s})||this).initializePromise=null,i.detectSessionInUrl=!0,i.autoRefreshTicker=null,i.visibilityChangedCallback=null,i.refreshingDeferred=null,i._session=null,i.sessionCheckExpiryDays=1,i.redirectUri=(null==t?void 0:t.redirectUri)||"",!(null==t?void 0:t.domain))throw new Error("Missing domain");if(i.domainUrl=function(e){if(!/^(https|http)?:\/\//.test(e)){var t=(null===location||void 0===location?void 0:location.protocol)||"https";return"".concat(t,"//").concat(e)}return e}(t.domain),i.tokenIssuer=(n=i.domainUrl,"".concat(n)),!t.clientId)throw new Error("Missing clientId");i.clientId=t.clientId,i.api=new g(i.domainUrl,{debug:s});var a=(null==t?void 0:t.storageKey)||D;return i.storageKey="".concat(a,"-").concat(i.clientId),i.storage=function(e){var t=e.storage,r=e.cookieOptions;return"cookie"===t||r?ne(r):"localStorage"===t||void 0===t?ie:t}(t),i.lock=new ue({lock:t.lock,storageKey:i.storageKey,debug:t.debug}),i.broadcastSync=new O(A()?i.storageKey:"",(function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i._debug.apply(i,o([e],t,!1))})),i.flowType=null!==(r=t.flowType)&&void 0!==r?r:A()?"pkce":"implicit",i.autoRefreshToken=!0,i.initialize(),i}return r(t,e),Object.defineProperty(t.prototype,"session",{get:function(){return this._session},enumerable:!1,configurable:!0}),t.prototype.initialize=function(){return i(this,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return this.initializePromise?[4,this.initializePromise]:[3,2];case 1:case 3:return[2,t.sent()];case 2:return this.initializePromise=i(e,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return[4,this.lock._acquireLock(-1,(function(){return i(e,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,this._initialize()];case 1:return[2,e.sent()]}}))}))}))];case 1:return[2,t.sent()]}}))})),[4,this.initializePromise]}}))}))},t.prototype._initialize=function(){return i(this,void 0,void 0,(function(){var e,t,r,n,o,a,c,u=this;return s(this,(function(l){switch(l.label){case 0:return l.trys.push([0,8,9,11]),[4,this._detectFlowType()];case 1:return e=l.sent(),this._debug("#_initialize()","begin","flow_type",e),e?[4,this._getSessionFromURL(e)]:[3,6];case 2:return t=l.sent(),r=t.data,(n=t.error)?(this._debug("#_initialize()","error detecting session from URL",n),"Identity is already linked"===(null==n?void 0:n.message)||"Identity is already linked to another user"===(null==n?void 0:n.message)?[2,{error:n}]:[4,this._removeSession()]):[3,4];case 3:return l.sent(),[2,{error:n}];case 4:return o=r.session,a=r.redirectType,this._debug("#_initialize()","detected session in URL",o,"redirect type",a),[4,this._saveSession(o)];case 5:return l.sent(),setTimeout((function(){return i(u,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return"recovery"!==a?[3,2]:[4,this._notifyAllSubscribers("PASSWORD_RECOVERY",o)];case 1:return e.sent(),[3,4];case 2:return[4,this._notifyAllSubscribers("SIGNED_IN",o)];case 3:e.sent(),e.label=4;case 4:return[2]}}))}))}),0),[2,{error:null}];case 6:return[4,this._recoverAndRefresh()];case 7:return l.sent(),[2,{error:null}];case 8:return j(c=l.sent())?[2,{error:c}]:[2,{error:new F("Unexpected error during initialization",c)}];case 9:return[4,this._handleVisibilityChange()];case 10:return l.sent(),this._debug("#_initialize()","end"),[7];case 11:return[2]}}))}))},t.prototype._getSessionFromURL=function(e){return i(this,void 0,void 0,(function(){var t,r,n,i,o,a,c,l,h,d,f,v,p,b,g,_,y,w,m;return s(this,(function(s){switch(s.label){case 0:if(s.trys.push([0,4,,5]),t=se(null==u?void 0:u.location.href),"pkce"!=e)return[3,2];if(!t.code)throw new M("No code detected.");return[4,this._exchangeCodeForSession(t.code)];case 1:if(r=s.sent(),n=r.data,i=r.error)throw i;return oe(["code"]),[2,{data:{session:n.session,redirectType:null},error:null}];case 2:if(t.error||t.error_description||t.error_code)throw new K(t.error_description||"Error in URL with unspecified error_description",{error:t.error||"unspecified_error",code:t.error_code||"unspecified_code"});if(o=t.provider_token,a=t.provider_refresh_token,c=t.access_token,l=t.refresh_token,h=t.expires_in,d=t.expires_at,f=t.token_type,!(c&&h&&l&&f))throw new K("No session defined in URL");return v=function(e){var t=e.expires_in,r=e.expires_at,n=e.refreshTick,i=Math.round(Date.now()/1e3),s=parseInt(t),o=i+s;r&&(o=parseInt(r));var a=o-i;1e3*a<=n&&console.warn("@faable/auth-js: Session as retrieved from URL expires in ".concat(a,"s, should have been closer to ").concat(s,"s"));var c=o-s;return i-c>=120?console.warn("@faable/auth-js: Session as retrieved from URL was issued over 120s ago, URL could be stale",c,o,i):i-c<0&&console.warn("@faable/auth-js: Session as retrieved from URL was issued in the future? Check the device clok for skew",c,o,i),{expiresIn:s,expiresAt:o}}({expires_in:h,expires_at:d,refreshTick:le}),p=v.expiresAt,b=v.expiresIn,[4,this._getUser(c)];case 3:if(g=s.sent(),_=g.data,(y=g.error)||!_)throw y;return w={provider_token:o,provider_refresh_token:a,access_token:c,expires_in:b,expires_at:p,refresh_token:l,token_type:f,user:_},oe(["access_token","expires_in","refresh_token","token_type","scope"]),this._debug("#_getSessionFromURL()","clearing window.location.hash"),[2,{data:{session:w,redirectType:t.type},error:null}];case 4:if(m=s.sent(),this._debug(m),j(m))return[2,{data:{session:null,redirectType:null},error:m}];throw m;case 5:return[2]}}))}))},t.prototype._exchangeCodeForSession=function(e){return i(this,void 0,void 0,(function(){var t,r,i,o,a,c,u,l,h,d,f,v;return s(this,(function(s){switch(s.label){case 0:return[4,k(this.storage,"".concat(this.storageKey,"-code-verifier"))];case 1:return(t=s.sent())?(r=t.verifier,i=t.redirectType,o=void 0===i?null:i,[4,p("".concat(this.domainUrl,"/oauth/token"),{client_id:this.clientId,grant_type:"authorization_code",code:e,code_verifier:r})]):[2,{data:{user:null,session:null,redirectType:null},error:new M("No active PKCE code verifier — the authorization flow has expired or was not started")}];case 2:if(a=s.sent(),c=C(a),u=c.data,l=c.error,!u)throw new Error("Missing data");return[4,this.storage.removeItem("".concat(this.storageKey,"-code-verifier"))];case 3:return s.sent(),l?[2,{data:{user:null,session:null,redirectType:null},error:l}]:u&&u.session&&u.user?(h=u.session)?[4,this._getUser(h.access_token)]:[3,7]:[2,{data:{user:null,session:null,redirectType:null},error:new V}];case 4:if(d=s.sent(),f=d.data,(v=d.error)||!f)throw v;return h=n(n({},h),{user:f}),u.session=h,[4,this._saveSession(h)];case 5:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",h)];case 6:s.sent(),s.label=7;case 7:return[2,{data:n(n({},u),{redirectType:null!=o?o:null}),error:l}]}}))}))},t.prototype._handleVisibilityChange=function(){return i(this,void 0,void 0,(function(){var e,t=this;return s(this,(function(r){switch(r.label){case 0:if(this._debug("#_handleVisibilityChange()"),!A()||!(null==u?void 0:u.addEventListener))return this.autoRefreshToken&&this.startAutoRefresh(),[2,!1];r.label=1;case 1:return r.trys.push([1,3,,4]),this.visibilityChangedCallback=function(){return i(t,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,this._onVisibilityChanged(!1)];case 1:return[2,e.sent()]}}))}))},null==u||u.addEventListener("visibilitychange",this.visibilityChangedCallback),[4,this._onVisibilityChanged(!0)];case 2:return r.sent(),[3,4];case 3:return e=r.sent(),console.error("_handleVisibilityChange",e),[3,4];case 4:return[2]}}))}))},t.prototype._onVisibilityChanged=function(e){return i(this,void 0,void 0,(function(){var t,r=this;return s(this,(function(n){switch(n.label){case 0:return t="#_onVisibilityChanged(".concat(e,")"),this._debug(t,"visibilityState",h.visibilityState),"visible"!==h.visibilityState?[3,4]:(this.autoRefreshToken&&this._startAutoRefresh(),e?[3,3]:[4,this.initializePromise]);case 1:return n.sent(),[4,this.lock._acquireLock(-1,(function(){return i(r,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return"visible"!==h.visibilityState?(this._debug(t,"acquired the lock to recover the session, but the browser visibilityState is no longer visible, aborting"),[2]):[4,this._recoverAndRefresh()];case 1:return e.sent(),[2]}}))}))}))];case 2:n.sent(),n.label=3;case 3:return[3,5];case 4:"hidden"===h.visibilityState&&this.autoRefreshToken&&this._stopAutoRefresh(),n.label=5;case 5:return[2]}}))}))},t.prototype._recoverAndRefresh=function(){return i(this,void 0,void 0,(function(){var e,t,r,n,i,o,a;return s(this,(function(s){switch(s.label){case 0:e="#_recoverAndRefresh()",this._debug(e,"begin"),s.label=1;case 1:return s.trys.push([1,12,13,14]),[4,w(this.storage,this.storageKey)];case 2:return t=s.sent(),this._debug(e,"session from storage",t),H(t)?[3,5]:(this._debug(e,"session is not valid"),null===t?[3,4]:[4,this._removeSession()]);case 3:s.sent(),s.label=4;case 4:return[2];case 5:return r=Math.round(Date.now()/1e3),n=(null!==(a=t.expires_at)&&void 0!==a?a:1/0)<r+10,this._debug(e,"session has".concat(n?"":" not"," expired with margin of ").concat(10,"s")),n?this.autoRefreshToken&&t.refresh_token?[4,this._callRefreshToken(t.refresh_token)]:[3,8]:[3,9];case 6:return(i=s.sent().error)?(console.error(i),W(i)?[3,8]:(this._debug(e,"refresh failed with a non-retryable error, removing the session",i),[4,this._removeSession()])):[3,8];case 7:s.sent(),s.label=8;case 8:return[3,11];case 9:return this._session=t,[4,this._notifyAllSubscribers("SIGNED_IN",t)];case 10:s.sent(),s.label=11;case 11:return[3,14];case 12:return o=s.sent(),this._debug(e,"error",o),console.error(o),[2];case 13:return this._debug(e,"end"),[7];case 14:return[2]}}))}))},t.prototype._removeVisibilityChangedCallback=function(){this._debug("#_removeVisibilityChangedCallback()");var e=this.visibilityChangedCallback;this.visibilityChangedCallback=null;try{e&&A()&&(null==u?void 0:u.removeEventListener)&&u.removeEventListener("visibilitychange",e)}catch(e){console.error("removing visibilitychange callback failed",e)}},t.prototype.startAutoRefresh=function(){return i(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return this._removeVisibilityChangedCallback(),[4,this._startAutoRefresh()];case 1:return e.sent(),[2]}}))}))},t.prototype._startAutoRefresh=function(){return i(this,void 0,void 0,(function(){var e,t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this._stopAutoRefresh()];case 1:return r.sent(),this._debug("#_startAutoRefresh()"),e=setInterval((function(){return t._autoRefreshTokenTick()}),le),this.autoRefreshTicker=e,e&&"object"==typeof e&&"function"==typeof e.unref?e.unref():void 0!==globalThis.Deno&&"function"==typeof globalThis.Deno.unrefTimer&&globalThis.Deno.unrefTimer(e),setTimeout((function(){return i(t,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,this.initializePromise];case 1:return e.sent(),[4,this._autoRefreshTokenTick()];case 2:return e.sent(),[2]}}))}))}),0),[2]}}))}))},t.prototype._stopAutoRefresh=function(){return i(this,void 0,void 0,(function(){var e;return s(this,(function(t){return this._debug("#_stopAutoRefresh()"),e=this.autoRefreshTicker,this.autoRefreshTicker=null,e&&clearInterval(e),[2]}))}))},t.prototype._autoRefreshTokenTick=function(){return i(this,void 0,void 0,(function(){var e,t=this;return s(this,(function(r){switch(r.label){case 0:this._debug("#_autoRefreshTokenTick()","begin"),r.label=1;case 1:return r.trys.push([1,3,,4]),[4,this.lock._acquireLock(0,(function(){return i(t,void 0,void 0,(function(){var e,t,r=this;return s(this,(function(n){switch(n.label){case 0:n.trys.push([0,,5,6]),e=Date.now(),n.label=1;case 1:return n.trys.push([1,3,,4]),[4,this._useSession((function(t){return i(r,void 0,void 0,(function(){var r,n;return s(this,(function(i){switch(i.label){case 0:return(r=t.data.session)&&r.refresh_token&&r.expires_at?(n=Math.floor((1e3*r.expires_at-e)/le),this._debug("#_autoRefreshTokenTick()","access token expires in ".concat(n," ticks, a tick lasts ").concat(le,"ms, refresh threshold is ").concat(3," ticks")),n<=3?[4,this._callRefreshToken(r.refresh_token)]:[3,2]):(this._debug("#_autoRefreshTokenTick()","no session"),[2]);case 1:i.sent(),i.label=2;case 2:return[2]}}))}))}))];case 2:return[2,n.sent()];case 3:return t=n.sent(),console.error("Auto refresh tick failed with error. This is likely a transient error.",t),[3,4];case 4:return[3,6];case 5:return this._debug("#_autoRefreshTokenTick()","end"),[7];case 6:return[2]}}))}))}))];case 2:return r.sent(),[3,4];case 3:if(!((e=r.sent()).isAcquireTimeout||e instanceof ae))throw e;return this._debug("auto refresh token tick lock not available"),[3,4];case 4:return[2]}}))}))},t.prototype._detectFlowType=function(){return i(this,void 0,void 0,(function(){var e,t;return s(this,(function(r){return e=se(null==u?void 0:u.location.href),(t=A())&&e.code?[2,"pkce"]:t&&(e.access_token||e.error_description)?[2,"implicit"]:[2,null]}))}))},t.prototype._scope=function(){return this.scope||"openid profile email"},t.prototype._getUrlForConnection=function(e,t){return i(this,void 0,void 0,(function(){var r,i,o,a,c;return s(this,(function(s){switch(s.label){case 0:return r=t.queryParams||{},i={client_id:this.clientId,response_type:t.response_type,redirect_uri:t.redirectTo||this.redirectUri||(null==u?void 0:u.location.origin),scope:t.scopes||this._scope()},"pkce"!==this.flowType?[3,2]:[4,x(this.storage,this.storageKey)];case 1:o=s.sent(),a=o[0],c=o[1],r=n(n({},r),{code_challenge:a,code_challenge_method:c}),s.label=2;case 2:return t.connection_id?i.connection_id=t.connection_id:t.connection&&(i.connection=t.connection),[2,"".concat(e,"?").concat(new URLSearchParams(n(n({},r),i)))]}}))}))},t.prototype.signInWithOauthConnection=function(e){return i(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._handleConnectionSignIn({connection:e.connection,connection_id:e.connection_id,redirectTo:null==e?void 0:e.redirectTo,scopes:null==e?void 0:e.scopes,queryParams:e.queryParams,skipBrowserRedirect:e.skipBrowserRedirect})];case 1:return[2,t.sent()]}}))}))},t.prototype.signInWithUsernamePassword=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:return[4,p("".concat(this.domainUrl,"/usernamepassword/login"),{username:e.username,password:e.password,redirect_uri:e.redirectTo||this.redirectUri||(null==u?void 0:u.location.origin),client_id:this.clientId,state:e.state},{raw:!0})];case 1:return!(t=r.sent()).data||t.error?[2,{data:null,error:new F(t.error||"Error in username password login",t.error)}]:(function(e,t){var r=t.createElement("div");r.innerHTML=e;var n=t.body.appendChild(r).children[0];if(!n)throw new Error("Auth response did not contain a submittable form");n.submit()}(t.data,h),[2,{data:null,error:null}])}}))}))},t.prototype.signInWithOtp=function(e){return i(this,void 0,void 0,(function(){var t,r,n,i,o,a,c,u;return s(this,(function(s){switch(s.label){case 0:return[4,p("".concat(this.domainUrl,"/oauth/token"),{client_id:this.clientId,grant_type:"http://auth0.com/oauth/grant-type/passwordless/otp",username:e.username,otp:e.otp})];case 1:return t=s.sent(),r=C(t),n=r.data,(i=r.error)?[2,{data:{user:null,session:null},error:i}]:n&&n.session?(o=n.session,[4,this._getUser(o.access_token)]):[2,{data:{user:null,session:null},error:new V}];case 2:return a=s.sent(),c=a.data,(u=a.error)||!c?[2,{data:{user:null,session:null},error:u||new F("Could not fetch user info",null)}]:(o.user=c,[4,this._saveSession(o)]);case 3:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",o)];case 4:return s.sent(),[2,{data:{user:o.user,session:o},error:null}]}}))}))},t.prototype.signInWithPasswordless=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:return[4,p("".concat(this.domainUrl,"/passwordless/start"),{client_id:this.clientId,email:e.email,send:e.type})];case 1:return[2,{data:(t=r.sent()).data,error:t.error}]}}))}))},t.prototype.changePassword=function(e){return i(this,void 0,void 0,(function(){var t,r,n;return s(this,(function(i){switch(i.label){case 0:return(null==e?void 0:e.email)?[4,p("".concat(this.domainUrl,"/dbconnections/change_password"),{email:e.email})]:[2,{data:null,error:new F("email is required",null)}];case 1:return t=i.sent(),r=t.data,n=t.error,[2,{data:null!=r?r:null,error:n?new F(String(n),n):null}]}}))}))},t.prototype.buildAuthorizeUrl=function(e){void 0===e&&(e={});var t={client_id:this.clientId,redirect_uri:e.redirectTo||this.redirectUri||(null==u?void 0:u.location.origin),response_type:_(e,A()),audience:e.audience,scope:e.scope,connection:e.connection},r=Object.fromEntries(Object.entries(t).filter((function(e){return!!e[1]})));return"".concat(this.domainUrl,"/authorize?").concat(new URLSearchParams(r).toString())},t.prototype.authorize=function(e){var t=this.buildAuthorizeUrl(e);J.redirect(t)},t.prototype._handleConnectionSignIn=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:return[4,this._getUrlForConnection("".concat(this.domainUrl,"/authorize"),{response_type:A()?"code":"token",connection:e.connection,connection_id:e.connection_id,redirectTo:e.redirectTo,scopes:e.scopes,queryParams:e.queryParams})];case 1:return t=r.sent(),this._debug("#_handleConnectionSignIn()","options",e,"url",t),A()&&!e.skipBrowserRedirect&&(null==u||u.location.assign(t)),[2,{data:{url:t},error:null}]}}))}))},t.prototype.setSession=function(e){return i(this,void 0,void 0,(function(){var t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,(function(){return i(t,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._setSession(e)];case 1:return[2,t.sent()]}}))}))}))];case 2:return[2,r.sent()]}}))}))},t.prototype.getSession=function(){return i(this,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return[4,this.initializePromise];case 1:return t.sent(),[4,this.lock._acquireLock(-1,(function(){return i(e,void 0,void 0,(function(){var e=this;return s(this,(function(t){return[2,this._useSession((function(t){return i(e,void 0,void 0,(function(){return s(this,(function(e){return[2,t]}))}))}))]}))}))}))];case 2:return[2,t.sent()]}}))}))},t.prototype._useSession=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:this._debug("#_useSession","begin"),r.label=1;case 1:return r.trys.push([1,,4,5]),[4,this.__loadSession()];case 2:return t=r.sent(),[4,e(t)];case 3:return[2,r.sent()];case 4:return this._debug("#_useSession","end"),[7];case 5:return[2]}}))}))},t.prototype.__loadSession=function(){return i(this,void 0,void 0,(function(){var e,t,r,n,i,o,a;return s(this,(function(s){switch(s.label){case 0:this._debug("#__loadSession()","begin"),this.lock.lockAcquired||this._debug("#__loadSession()","used outside of an acquired lock!",(new Error).stack),s.label=1;case 1:return s.trys.push([1,,7,8]),e=null,[4,w(this.storage,this.storageKey)];case 2:return t=s.sent(),this._debug("#getSession()","session from storage",t),null===t?[3,5]:H(t)?(e=t,[3,5]):[3,3];case 3:return this._debug("#getSession()","session from storage is not valid"),[4,this._removeSession()];case 4:s.sent(),s.label=5;case 5:return e?(r=!!e.expires_at&&e.expires_at<=Date.now()/1e3,this._debug("#__loadSession()","session has".concat(r?"":" not"," expired"),"expires_at",e.expires_at),r?[4,this._callRefreshToken(e.refresh_token)]:(this.storage.isServer&&(n=new Proxy(e,{get:function(e,t,r){return"user"===t&&console.warn("Reading `session.user` from a server-side cookie store can be insecure: the value is whatever the cookie contains and has not been verified against Faable Auth. Re-fetch the user with `auth.getUser()` (or verify the access token yourself) before trusting it on the server."),Reflect.get(e,t,r)}}),e=n),[2,{data:{session:e},error:null}])):[2,{data:{session:null},error:null}];case 6:return i=s.sent(),o=i.session,(a=i.error)?[2,{data:{session:null},error:a}]:[2,{data:{session:o},error:null}];case 7:return this._debug("#__loadSession()","end"),[7];case 8:return[2]}}))}))},t.prototype._removeSession=function(){return i(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return this._debug("#_removeSession()"),this._session=null,[4,this.storage.removeItem(this.storageKey)];case 1:return e.sent(),[2]}}))}))},t.prototype._setSession=function(e){return i(this,void 0,void 0,(function(){var t,r,n,i,o,a,c,u,l,h,d;return s(this,(function(s){switch(s.label){case 0:if(s.trys.push([0,7,,8]),!e.access_token||!e.refresh_token)throw new z;return t=Date.now()/1e3,r=t,n=!0,i=null,(o=B(e.access_token)).exp&&(r=o.exp,n=r<=t),n?[4,this._callRefreshToken(e.refresh_token)]:[3,2];case 1:return a=s.sent(),c=a.session,(h=a.error)?[2,{data:{user:null,session:null},error:h}]:c?(i=c,[3,6]):[2,{data:{user:null,session:null},error:null}];case 2:return[4,this._getUser(e.access_token)];case 3:if(u=s.sent(),l=u.data,(h=u.error)||!l)throw h;return i={access_token:e.access_token,refresh_token:e.refresh_token,user:l,token_type:"bearer",expires_in:r-t,expires_at:r},[4,this._saveSession(i)];case 4:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",i)];case 5:s.sent(),s.label=6;case 6:return[2,{data:{user:i.user,session:i},error:null}];case 7:if(j(d=s.sent()))return[2,{data:{session:null,user:null},error:d}];throw d;case 8:return[2]}}))}))},t.prototype._saveSession=function(e){return i(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return this._debug("#_saveSession()",e),this._session=e,[4,y(this.storage,this.storageKey,e)];case 1:return t.sent(),[2]}}))}))},t.prototype._getUser=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:if(!e)throw new Error("Cannot fetch user without token");return this._debug("#_getUser() begin"),[4,b("".concat(this.domainUrl,"/me"),{token:e})];case 1:return t=r.sent(),this._debug("#_getUser() end"),[2,{data:t.data,error:t.error}]}}))}))},t.prototype._callRefreshToken=function(e){return i(this,void 0,void 0,(function(){var t,r,n,i,o,a,c,u;return s(this,(function(s){switch(s.label){case 0:if(!e)throw new z;if(this.refreshingDeferred)return[2,this.refreshingDeferred.promise];t="#_callRefreshToken(".concat(e.substring(0,5),"...)"),this._debug(t,"begin"),s.label=1;case 1:return s.trys.push([1,5,10,11]),this.refreshingDeferred=new U,[4,(l=this._refreshAccessToken(e),h=3e4,d="Token refresh timed out",v=new Promise((function(e,t){f=setTimeout((function(){return t(new Error(d))}),h)})),Promise.race([l.finally((function(){void 0!==f&&clearTimeout(f)})),v]))];case 2:if(r=s.sent(),n=r.data,i=r.error)throw i;if(!n.session)throw new z;return[4,this._saveSession(n.session)];case 3:return s.sent(),[4,this._notifyAllSubscribers("TOKEN_REFRESHED",n.session)];case 4:return s.sent(),a={session:n.session,error:null},this.refreshingDeferred.resolve(a),[2,a];case 5:return o=s.sent(),this._debug(t,"error",o),j(o)?(a={session:null,error:o},W(o)?[3,8]:[4,this._removeSession()]):[3,9];case 6:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_OUT",null)];case 7:s.sent(),s.label=8;case 8:return null===(c=this.refreshingDeferred)||void 0===c||c.resolve(a),[2,a];case 9:throw null===(u=this.refreshingDeferred)||void 0===u||u.reject(o),o;case 10:return this.refreshingDeferred=null,this._debug(t,"end"),[7];case 11:return[2]}var l,h,d,f,v}))}))},t.prototype._refreshAccessToken=function(e){return i(this,void 0,void 0,(function(){var t,r,o,a=this;return s(this,(function(c){switch(c.label){case 0:t="#_refreshAccessToken(".concat(e.substring(0,5),"...)"),this._debug(t,"begin"),c.label=1;case 1:return c.trys.push([1,3,4,5]),r=Date.now(),[4,P((function(r){return i(a,void 0,void 0,(function(){var i,o,a,c,u,l,h;return s(this,(function(s){switch(s.label){case 0:return r>0?[4,L(200*Math.pow(2,r-1))]:[3,2];case 1:s.sent(),s.label=2;case 2:return this._debug(t,"refreshing attempt",r),[4,p("".concat(this.domainUrl,"/oauth/token"),{client_id:this.clientId,grant_type:"refresh_token",refresh_token:e})];case 3:if((i=s.sent()).error)throw new F("Refresh token request failed: ".concat(i.error),i.error);if(o=C(i),!(null===(l=o.data.session)||void 0===l?void 0:l.access_token))throw new V;return[4,this._getUser(null===(h=o.data.session)||void 0===h?void 0:h.access_token)];case 4:if(a=s.sent(),c=a.data,u=a.error)throw new F("Could not fetch user info",u);if(!c)throw new F("Refresh response missing user",null);return[2,{data:{session:n(n({},o.data.session),{user:c}),user:c},error:null}]}}))}))}),(function(e,t){var n=200*Math.pow(2,e);return t&&W(t)&&Date.now()+n-r<le}))];case 2:return[2,c.sent()];case 3:if(o=c.sent(),this._debug(t,"error",o),j(o))return[2,{data:{session:null,user:null},error:o}];throw o;case 4:return this._debug(t,"end"),[7];case 5:return[2]}}))}))},t.prototype._notifyAllSubscribers=function(e,t){return i(this,arguments,void 0,(function(e,t,r){var n;return void 0===r&&(r=!0),s(this,(function(i){switch(i.label){case 0:n="#_notifyAllSubscribers(".concat(e,")"),this._debug(n,"begin",t,"broadcast = ".concat(r)),i.label=1;case 1:return i.trys.push([1,,3,4]),[4,this.broadcastSync.notify(e,t,r)];case 2:return i.sent(),[3,4];case 3:return this._debug(n,"end"),[7];case 4:return[2]}}))}))},t.prototype.signOut=function(){return i(this,arguments,void 0,(function(e){var t=this;return void 0===e&&(e={scope:"global"}),s(this,(function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,(function(){return i(t,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._signOut(e)];case 1:return[2,t.sent()]}}))}))}))];case 2:return[2,r.sent()]}}))}))},t.prototype._signOut=function(){return i(this,arguments,void 0,(function(e){var t=this,r=(void 0===e?{scope:"global"}:e).scope;return s(this,(function(e){switch(e.label){case 0:return[4,this._useSession((function(e){return i(t,void 0,void 0,(function(){var t,n,i,o;return s(this,(function(s){switch(s.label){case 0:return t=e.data,(n=e.error)?[2,{error:n}]:(null===(o=t.session)||void 0===o?void 0:o.access_token)?[4,this.api.signOut({client_id:this.clientId})]:[3,2];case 1:if((i=s.sent().error)&&(!function(e){return j(e)&&"AuthApiError"===e.name}(i)||404!==i.status&&401!==i.status))return[2,{error:i}];s.label=2;case 2:return"others"===r?[3,6]:[4,this._removeSession()];case 3:return s.sent(),[4,this.storage.removeItem("".concat(this.storageKey,"-code-verifier"))];case 4:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_OUT",null)];case 5:s.sent(),s.label=6;case 6:return[2,{error:null}]}}))}))}))];case 1:return[2,e.sent()]}}))}))},t.prototype.onAuthStateChange=function(e){var t=this,r=this.broadcastSync.subscribe(e).subscription;return this._debug("#onAuthStateChange()","registered callback with id",r.id),i(t,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return[4,this.initializePromise];case 1:return t.sent(),[4,this.lock._acquireLock(-1,(function(){return i(e,void 0,void 0,(function(){return s(this,(function(e){return this._emitInitialSession(r),[2]}))}))}))];case 2:return t.sent(),[2]}}))})),{data:{subscription:r}}},t.prototype._emitInitialSession=function(e){return i(this,void 0,void 0,(function(){var t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this._useSession((function(r){return i(t,void 0,void 0,(function(){var t,n,i;return s(this,(function(s){switch(s.label){case 0:if(s.trys.push([0,2,,4]),t=r.data.session,n=r.error)throw n;return[4,e.callback("INITIAL_SESSION",t)];case 1:return s.sent(),this._debug("INITIAL_SESSION","callback id",e.id,"session",t),[3,4];case 2:return i=s.sent(),[4,e.callback("INITIAL_SESSION",null)];case 3:return s.sent(),this._debug("INITIAL_SESSION","callback id",e.id,"error",i),console.error(i),[3,4];case 4:return[2]}}))}))}))];case 1:return[2,r.sent()]}}))}))},t.prototype.refreshSession=function(e){return i(this,void 0,void 0,(function(){var t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,(function(){return i(t,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._refreshSession(e)];case 1:return[2,t.sent()]}}))}))}))];case 2:return[2,r.sent()]}}))}))},t.prototype._refreshSession=function(e){return i(this,void 0,void 0,(function(){var t,r=this;return s(this,(function(n){switch(n.label){case 0:return n.trys.push([0,2,,3]),[4,this._useSession((function(t){return i(r,void 0,void 0,(function(){var r,n,i,o,a,c;return s(this,(function(s){switch(s.label){case 0:if(!e){if(r=t.data,n=t.error)throw n;e=null!==(c=r.session)&&void 0!==c?c:void 0}if(!(null==e?void 0:e.refresh_token))throw new z;return[4,this._callRefreshToken(e.refresh_token)];case 1:return i=s.sent(),o=i.session,(a=i.error)?[2,{data:{user:null,session:null},error:a}]:o?[2,{data:{user:o.user,session:o},error:null}]:[2,{data:{user:null,session:null},error:null}]}}))}))}))];case 1:return[2,n.sent()];case 2:if(j(t=n.sent()))return[2,{data:{user:null,session:null},error:t}];throw t;case 3:return[2]}}))}))},t}(c),de=function(){};e.AuthError=N,e.FaableAuthClient=he,e.User=de,e.cookieStorageAdapter=ne,e.createClient=function(e){return new he(e)},e.getSessionFromCookies=function(e,t){var r,n="".concat(null!==(r=t.storageKey)&&void 0!==r?r:D,"-").concat(t.clientId),i=$(e,n);if(!i)return null;try{return JSON.parse(decodeURIComponent(i))}catch(e){return console.error("Failed to parse session from cookie",e),null}}}({});
6
+ !function(e){"use strict";var t=function(e,r){return t=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var r in t)Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r])},t(e,r)};function r(e,r){if("function"!=typeof r&&null!==r)throw new TypeError("Class extends value "+String(r)+" is not a constructor or null");function n(){this.constructor=e}t(e,r),e.prototype=null===r?Object.create(r):(n.prototype=r.prototype,new n)}var n=function(){return n=Object.assign||function(e){for(var t,r=1,n=arguments.length;r<n;r++)for(var i in t=arguments[r])Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i]);return e},n.apply(this,arguments)};function i(e,t,r,n){return new(r||(r=Promise))((function(i,s){function o(e){try{c(n.next(e))}catch(e){s(e)}}function a(e){try{c(n.throw(e))}catch(e){s(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(o,a)}c((n=n.apply(e,t||[])).next())}))}function s(e,t){var r,n,i,s={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]},o=Object.create(("function"==typeof Iterator?Iterator:Object).prototype);return o.next=a(0),o.throw=a(1),o.return=a(2),"function"==typeof Symbol&&(o[Symbol.iterator]=function(){return this}),o;function a(a){return function(c){return function(a){if(r)throw new TypeError("Generator is already executing.");for(;o&&(o=0,a[0]&&(s=0)),s;)try{if(r=1,n&&(i=2&a[0]?n.return:a[0]?n.throw||((i=n.return)&&i.call(n),0):n.next)&&!(i=i.call(n,a[1])).done)return i;switch(n=0,i&&(a=[2&a[0],i.value]),a[0]){case 0:case 1:i=a;break;case 4:return s.label++,{value:a[1],done:!1};case 5:s.label++,n=a[1],a=[0];continue;case 7:a=s.ops.pop(),s.trys.pop();continue;default:if(!(i=s.trys,(i=i.length>0&&i[i.length-1])||6!==a[0]&&2!==a[0])){s=0;continue}if(3===a[0]&&(!i||a[1]>i[0]&&a[1]<i[3])){s.label=a[1];break}if(6===a[0]&&s.label<i[1]){s.label=i[1],i=a;break}if(i&&s.label<i[2]){s.label=i[2],s.ops.push(a);break}i[2]&&s.ops.pop(),s.trys.pop();continue}a=t.call(e,s)}catch(e){a=[6,e],n=0}finally{r=i=0}if(5&a[0])throw a[1];return{value:a[0]?a[1]:void 0,done:!0}}([a,c])}}}function o(e,t,r){if(r||2===arguments.length)for(var n,i=0,s=t.length;i<s;i++)!n&&i in t||(n||(n=Array.prototype.slice.call(t,0,i)),n[i]=t[i]);return e.concat(n||Array.prototype.slice.call(t))}"function"==typeof SuppressedError&&SuppressedError;var a=function(){function e(e){void 0===e&&(e={}),this.logger=console.log,this.logDebugMessages=!!e.debug,"function"==typeof e.debug&&(this.logger=e.debug)}return e.prototype._debug=function(){for(var e=[],t=0;t<arguments.length;t++)e[t]=arguments[t];if(this.logDebugMessages){var r=this.extraPrint?this.extraPrint():"";this.logger.apply(this,o(["FaableAuth@".concat(r," (").concat("0.0.0",") ").concat((new Date).toISOString())],e,!1))}return this},e}(),c=function(e){function t(r){void 0===r&&(r={});var n=e.call(this,r)||this;return n.instanceID=t.nextInstanceID,t.nextInstanceID+=1,n}return r(t,e),t.prototype.extraPrint=function(){return this.instanceID.toString()},t.nextInstanceID=0,t}(a),u="undefined"!=typeof window?window:void 0,l="undefined"!=typeof globalThis?globalThis:u,h=null==l?void 0:l.document,d=l.fetch,f=function(e){void 0===e&&(e={});var t={};return(null==e?void 0:e.token)&&(t=n(n({},t),{Authorization:"Bearer ".concat(null==e?void 0:e.token)})),n(n({},null==e?void 0:e.headers),t)},v=function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i(void 0,o([e],t,!0),void 0,(function(e,t){var r,n,i;return void 0===t&&(t={}),s(this,(function(s){switch(s.label){case 0:return t.raw?[4,e.text()]:[3,2];case 1:return n=s.sent(),[3,4];case 2:return[4,e.json()];case 3:n=s.sent(),s.label=4;case 4:return r=n,e.status>=300?[2,{data:r,error:t.raw?null===(i=JSON.parse(r))||void 0===i?void 0:i.message:null==r?void 0:r.message}]:[2,{data:r,error:null}]}}))}))},p=function(e,t){for(var r=[],a=2;a<arguments.length;a++)r[a-2]=arguments[a];return i(void 0,o([e,t],r,!0),void 0,(function(e,t,r){var i;return void 0===r&&(r={}),s(this,(function(s){switch(s.label){case 0:return s.trys.push([0,3,,4]),[4,d(e,{method:"POST",body:JSON.stringify(t),headers:n(n({},f(r)),{"Content-Type":"application/json"})})];case 1:return i=s.sent(),[4,v(i,r)];case 2:return[2,s.sent()];case 3:return[2,{data:null,error:s.sent()}];case 4:return[2]}}))}))},b=function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i(void 0,o([e],t,!0),void 0,(function(e,t){var r;return void 0===t&&(t={}),s(this,(function(i){switch(i.label){case 0:return i.trys.push([0,3,,4]),[4,d(e,n(n({},t),{method:"GET",headers:f(t)}))];case 1:return r=i.sent(),[4,v(r,t)];case 2:return[2,i.sent()];case 3:return[2,{data:null,error:i.sent()}];case 4:return[2]}}))}))},g=function(e){function t(t,r){var n=e.call(this,r)||this;return n.base_url=t,n}return r(t,e),t.prototype.extraPrint=function(){return"api"},t.prototype.signOut=function(e){return i(this,void 0,void 0,(function(){var t,r;return s(this,(function(n){switch(n.label){case 0:return t="".concat(this.base_url,"/logout?").concat(new URLSearchParams(e)),this._debug("requesting ".concat(t)),[4,b(t)];case 1:return r=n.sent(),this._debug(r),r.error?[2,{error:r.error,data:null}]:[2,{error:null,data:null}]}}))}))},t}(a),_=function(e,t){return e.response_type||(t?"code":"token")},y=function(e,t,r){return i(void 0,void 0,void 0,(function(){return s(this,(function(n){switch(n.label){case 0:return[4,e.setItem(t,JSON.stringify(r))];case 1:return n.sent(),[2]}}))}))},w=function(e,t){return i(void 0,void 0,void 0,(function(){var r;return s(this,(function(n){switch(n.label){case 0:return[4,e.getItem(t)];case 1:if(!(r=n.sent()))return[2,null];try{return[2,JSON.parse(r)]}catch(e){return[2,r]}return[2]}}))}))},m=function(e,t,r){return i(void 0,[e,t,r],void 0,(function(e,t,r){var n,i=r.verifier,o=r.redirectType,a=r.now,c=void 0===a?Date.now():a;return s(this,(function(r){switch(r.label){case 0:return n={verifier:i,createdAt:c},o&&(n.redirectType=o),[4,y(e,t,n)];case 1:return r.sent(),[2]}}))}))},k=function(e,t){for(var r=[],n=2;n<arguments.length;n++)r[n-2]=arguments[n];return i(void 0,o([e,t],r,!0),void 0,(function(e,t,r){var n,i=(void 0===r?{}:r).now,o=void 0===i?Date.now():i;return s(this,(function(r){switch(r.label){case 0:return[4,w(e,t)];case 1:return n=r.sent(),"object"!=typeof(i=n)||null===i||"string"!=typeof i.verifier||"number"!=typeof i.createdAt?[2,null]:o-n.createdAt>6e5?[4,e.removeItem(t)]:[3,3];case 2:return r.sent(),[2,null];case 3:return[2,n.redirectType?{verifier:n.verifier,redirectType:n.redirectType}:{verifier:n.verifier}]}var i}))}))};function S(e){return("0"+e.toString(16)).substr(-2)}function T(e){return i(this,void 0,void 0,(function(){var t,r,n,i;return s(this,(function(s){switch(s.label){case 0:return t=new TextEncoder,r=t.encode(e),[4,crypto.subtle.digest("SHA-256",r)];case 1:return n=s.sent(),i=new Uint8Array(n),[2,Array.from(i).map((function(e){return String.fromCharCode(e)})).join("")]}}))}))}function I(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:return"undefined"!=typeof crypto&&void 0!==crypto.subtle&&"undefined"!=typeof TextEncoder?[4,T(e)]:(console.warn("WebCrypto API is not supported. Code challenge method will default to use plain instead of sha256."),[2,e]);case 1:return t=r.sent(),[2,(n=t,btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""))]}var n}))}))}function x(e,t){return i(this,arguments,void 0,(function(e,t,r){var n,i;return void 0===r&&(r=!1),s(this,(function(s){switch(s.label){case 0:return n=function(){if("undefined"==typeof crypto||"function"!=typeof crypto.getRandomValues)throw new Error("Web Crypto API is required to generate a PKCE code verifier");var e=new Uint32Array(56);return crypto.getRandomValues(e),Array.from(e,S).join("")}(),[4,m(e,"".concat(t,"-code-verifier"),{verifier:n,redirectType:r?"PASSWORD_RECOVERY":void 0})];case 1:return s.sent(),[4,I(n)];case 2:return[2,[i=s.sent(),n===i?"plain":"S256"]]}}))}))}var A=function(){return"undefined"!=typeof document},R={tested:!1,writable:!1},E=function(){if(!A())return!1;try{if("object"!=typeof globalThis.localStorage)return!1}catch(e){return!1}if(R.tested)return R.writable;var e="lswt-".concat(Math.random()).concat(Math.random());try{globalThis.localStorage.setItem(e,e),globalThis.localStorage.removeItem(e),R.tested=!0,R.writable=!0}catch(e){R.tested=!0,R.writable=!1}return R.writable};function C(e){var t,r,i=e.data,s=null;if(!i)throw new Error("Bad session response");return function(e){return!!e.access_token&&!!e.refresh_token&&!!e.expires_in}(i)&&(s=n({},i),!i.expires_at&&i.expires_in&&(s.expires_at=(r=i.expires_in,Math.round(Date.now()/1e3)+r))),{data:{session:s,user:null!==(t=i.user)&&void 0!==t?t:i},error:null}}var U=function(){function e(){var t=this;this.promise=new e.promiseConstructor((function(e,r){t.resolve=e,t.reject=r}))}return e.promiseConstructor=Promise,e}();function P(e,t){var r=this;return new Promise((function(n,o){i(r,void 0,void 0,(function(){var r,i,a;return s(this,(function(s){switch(s.label){case 0:r=0,s.label=1;case 1:if(!(r<1/0))return[3,6];s.label=2;case 2:return s.trys.push([2,4,,5]),[4,e(r)];case 3:return i=s.sent(),t(r,null,i)?[3,5]:(n(i),[2]);case 4:return a=s.sent(),t(r,a)?[3,5]:(o(a),[2]);case 5:return r++,[3,1];case 6:return[2]}}))}))}))}function L(e){return i(this,void 0,void 0,(function(){return s(this,(function(t){return[2,new Promise((function(t){setTimeout((function(){return t(null)}),e)}))]}))}))}var O=function(){function e(e,t){var r=this;if(this.debug=t,this.channel=null,this.subscribers=new Map,"undefined"!=typeof globalThis&&"function"==typeof globalThis.BroadcastChannel&&e)try{this.channel=new globalThis.BroadcastChannel(e),this.channel.addEventListener("message",(function(e){return i(r,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return this.debug("broadcast_sync: received notification from another tab",e),[4,this.dispatch(e.data.event,e.data.session,!1)];case 1:return t.sent(),[2]}}))}))}))}catch(e){console.error("Failed to create BroadcastChannel; cross-tab sync disabled",e)}}return e.prototype.subscribe=function(e){var t=this,r="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,(function(e){var t=16*Math.random()|0;return("x"==e?t:3&t|8).toString(16)})),n={id:r,callback:e,unsubscribe:function(){t.subscribers.delete(r)}};return this.subscribers.set(r,n),{subscription:n}},e.prototype.notify=function(e,t){return i(this,arguments,void 0,(function(e,t,r){return void 0===r&&(r=!0),s(this,(function(n){switch(n.label){case 0:return r&&this.channel&&this.channel.postMessage({event:e,session:t}),[4,this.dispatch(e,t,r)];case 1:return n.sent(),[2]}}))}))},e.prototype.dispatch=function(e,t,r){return i(this,void 0,void 0,(function(){var r,n,o,a=this;return s(this,(function(c){switch(c.label){case 0:return r=[],n=Array.from(this.subscribers.values()).map((function(n){return i(a,void 0,void 0,(function(){var i;return s(this,(function(s){switch(s.label){case 0:return s.trys.push([0,2,,3]),[4,n.callback(e,t)];case 1:return s.sent(),[3,3];case 2:return i=s.sent(),r.push(i),[3,3];case 3:return[2]}}))}))})),[4,Promise.all(n)];case 1:if(c.sent(),r.length>0){for(o=0;o<r.length;o+=1)console.error(r[o]);throw r[0]}return[2]}}))}))},e.prototype.close=function(){var e;this.subscribers.clear();try{null===(e=this.channel)||void 0===e||e.close()}catch(e){}this.channel=null},e}(),D="faableauth",N=function(e){function t(t,r,n){var i=e.call(this,t)||this;return i.__isAuthError=!0,i.name="AuthError",i.status=r,i.code=n,i}return r(t,e),t}(Error),q=function(e){function t(t,r,n,i){var s=e.call(this,t,n,i)||this;return s.name=r,s.status=n,s}return r(t,e),t}(N),z=function(e){function t(){return e.call(this,"Auth session missing!","AuthSessionMissingError",400,void 0)||this}return r(t,e),t}(q);function j(e){return"object"==typeof e&&null!==e&&"__isAuthError"in e}!function(e){function t(t,r,n){var i=e.call(this,t,r,n)||this;return i.name="AuthApiError",i.status=r,i.code=n,i}r(t,e)}(N);var K=function(e){function t(t,r){void 0===r&&(r=null);var n=e.call(this,t,"AuthImplicitGrantRedirectError",500,void 0)||this;return n.details=null,n.details=r,n}return r(t,e),t.prototype.toJSON=function(){return{name:this.name,message:this.message,status:this.status,details:this.details}},t}(q),M=function(e){function t(t,r){void 0===r&&(r=null);var n=e.call(this,t,"AuthPKCEGrantCodeExchangeError",500,void 0)||this;return n.details=null,n.details=r,n}return r(t,e),t.prototype.toJSON=function(){return{name:this.name,message:this.message,status:this.status,details:this.details}},t}(q),F=function(e){function t(t,r){var n=e.call(this,t)||this;return n.name="AuthUnknownError",n.originalError=r,n}return r(t,e),t}(N),V=function(e){function t(){return e.call(this,"Auth session or user missing","AuthInvalidTokenResponseError",500,void 0)||this}return r(t,e),t}(q);function W(e){return j(e)&&"AuthRetryableFetchError"===e.name}function G(){if(!u)throw new Error("No window in environment");return u}!function(e){function t(t,r){return e.call(this,t,"AuthRetryableFetchError",r,void 0)||this}r(t,e)}(q);var J={redirect:function(e){G().location=e},getDocument:function(){return G().document},getWindow:G};function B(e){var t=e.split(".");if(3!==t.length)throw new Error("JWT is not valid: not a JWT structure");if(!/^([a-z0-9_-]{4})*($|[a-z0-9_-]{3}=?$|[a-z0-9_-]{2}(==)?$)$/i.test(t[1]))throw new Error("JWT is not valid: payload is not in base64url format");var r=t[1];return JSON.parse(function(e){var t,r,n,i,s,o,a="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",c="",u=0;for(e=e.replace("-","+").replace("_","/");u<e.length;)t=a.indexOf(e.charAt(u++))<<2|(i=a.indexOf(e.charAt(u++)))>>4,r=(15&i)<<4|(s=a.indexOf(e.charAt(u++)))>>2,n=(3&s)<<6|(o=a.indexOf(e.charAt(u++))),c+=String.fromCharCode(t),64!=s&&0!=r&&(c+=String.fromCharCode(r)),64!=o&&0!=n&&(c+=String.fromCharCode(n));return c}(r))}var $=function(e,t){if(!e)return null;var r="function"==typeof e.get?function(t){var r;return null===(r=e.get(t))||void 0===r?void 0:r.value}:function(t){return e[t]},n=r(t);if(n)return n;for(var i=[],s=0;;s++){var o=r("".concat(t,".").concat(s));if(!o)break;i.push(o)}return i.length?i.join(""):null},H=function(e){return"object"==typeof e&&null!==e&&"access_token"in e&&"refresh_token"in e&&"expires_at"in e},Y=function(e){var t=new Map;if(!e)return t;for(var r=0,n=e.split(";");r<n.length;r++){var i=n[r].trim();if(i){var s=i.indexOf("=");if(!(s<0)){var o=Q(i.slice(0,s).trim()),a=Q(i.slice(s+1).trim());o&&t.set(o,a)}}}return t},Q=function(e){try{return decodeURIComponent(e)}catch(t){return e}},X=function(e,t,r){var n="".concat(encodeURIComponent(e),"=").concat(encodeURIComponent(t));return void 0!==r.maxAge&&(n+="; Max-Age=".concat(r.maxAge)),r.domain&&(n+="; Domain=".concat(r.domain)),r.path&&(n+="; Path=".concat(r.path)),r.sameSite&&(n+="; SameSite=".concat(r.sameSite)),(!0===r.secure||"None"===r.sameSite)&&(n+="; Secure"),n},Z=function(e,t){return X(e,"",{domain:t.domain,path:t.path,sameSite:t.sameSite,secure:t.secure,maxAge:0})},ee=3200,te=function(e,t){return"".concat(e,".").concat(t)},re=function(e,t){var r="".concat(t,"."),n=[];return e.forEach((function(e,t){if(t.startsWith(r)){var i=t.slice(r.length);/^\d+$/.test(i)&&n.push({name:t,idx:Number(i)})}})),n.sort((function(e,t){return e.idx-t.idx})),n.map((function(e){return e.name}))},ne=function(e,t){void 0===e&&(e={}),void 0===t&&(t=A()?document:null);var r=n({path:"/",sameSite:"Lax",secure:A()&&"https:"===window.location.protocol,maxAge:2592e3},e);return{getItem:function(e){return t?function(e,t){var r=e.get(t);if(void 0!==r)return r;var n=re(e,t);return 0===n.length?null:n.map((function(t){return e.get(t)})).join("")}(Y(t.cookie),e):null},setItem:function(e,n){if(t){var i=Y(t.cookie);if(n.length<=ee){for(var s=0,o=re(i,e);s<o.length;s++){var a=o[s];t.cookie=Z(a,r)}t.cookie=X(e,n,r)}else{i.has(e)&&(t.cookie=Z(e,r));for(var c=Math.ceil(n.length/ee),u=0,l=re(i,e);u<l.length;u++){var h=l[u];Number(h.slice(e.length+1))>=c&&(t.cookie=Z(h,r))}for(var d=0,f=0;d<n.length;d+=ee,f++){var v=n.slice(d,d+ee);t.cookie=X(te(e,f),v,r)}}}},removeItem:function(e){if(t){var n=Y(t.cookie);t.cookie=Z(e,r);for(var i=0,s=re(n,e);i<s.length;i++){var o=s[i];t.cookie=Z(o,r)}}}}},ie={getItem:function(e){return E()?globalThis.localStorage.getItem(e):null},setItem:function(e,t){E()&&globalThis.localStorage.setItem(e,t)},removeItem:function(e){E()&&globalThis.localStorage.removeItem(e)}};function se(e){void 0===e&&(e="");var t={},r=new URL(e);if(r.hash&&"#"===r.hash[0])try{new URLSearchParams(r.hash.substring(1)).forEach((function(e,r){t[r]=e}))}catch(e){}return r.searchParams.forEach((function(e,r){t[r]=e})),t}var oe=function(e){void 0===e&&(e=[]);var t=new URL(window.location.href);e.forEach((function(e){t.searchParams.delete(e)})),t.hash="",window.history.replaceState(window.history.state,"",t.toString())};globalThis&&E()&&globalThis.localStorage&&globalThis.localStorage.getItem("faable.auth.locks.debug");var ae=function(e){function t(t){var r=e.call(this,t)||this;return r.isAcquireTimeout=!0,r}return r(t,e),t}(Error);function ce(e,t,r){return i(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,r()];case 1:return[2,e.sent()]}}))}))}!function(e){function t(){return null!==e&&e.apply(this,arguments)||this}r(t,e)}(ae);var ue=function(e){function t(t){var r=e.call(this,{debug:t.debug})||this;return r.lockAcquired=!1,r.pendingInLock=[],r.lock=t.lock||ce,r.storageKey=t.storageKey,r}return r(t,e),t.prototype._acquireLock=function(e,t){return i(this,void 0,void 0,(function(){var r,n,a=this;return s(this,(function(c){switch(c.label){case 0:this._debug("#_acquireLock","begin",e),c.label=1;case 1:return c.trys.push([1,,3,4]),this.lockAcquired?(r=this.pendingInLock.length?this.pendingInLock[this.pendingInLock.length-1]:Promise.resolve(),n=i(a,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,r];case 1:return e.sent(),[4,t()];case 2:return[2,e.sent()]}}))})),this.pendingInLock.push(i(a,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return e.trys.push([0,2,,3]),[4,n];case 1:case 2:return e.sent(),[3,3];case 3:return[2]}}))}))),[2,n]):[4,this.lock("lock:".concat(this.storageKey),e,(function(){return i(a,void 0,void 0,(function(){var e,r,n=this;return s(this,(function(a){switch(a.label){case 0:this._debug("#_acquireLock","lock acquired for storage key",this.storageKey),a.label=1;case 1:return a.trys.push([1,,7,8]),this.lockAcquired=!0,e=t(),this.pendingInLock.push(i(n,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return t.trys.push([0,2,,3]),[4,e];case 1:case 2:return t.sent(),[3,3];case 3:return[2]}}))}))),[4,e];case 2:a.sent(),a.label=3;case 3:return this.pendingInLock.length?(r=o([],this.pendingInLock,!0),[4,Promise.all(r)]):[3,5];case 4:return a.sent(),this.pendingInLock.splice(0,r.length),[3,3];case 5:return[4,e];case 6:return[2,a.sent()];case 7:return this._debug("#_acquireLock","lock released for storage key",this.storageKey),this.lockAcquired=!1,[7];case 8:return[2]}}))}))}))];case 2:return[2,c.sent()];case 3:return this._debug("#_acquireLock","end"),[7];case 4:return[2]}}))}))},t}(c),le=3e4,he=function(e){function t(t){var r,n,i=this,s=(null==t?void 0:t.debug)||!1;if((i=e.call(this,{debug:s})||this).initializePromise=null,i.detectSessionInUrl=!0,i.autoRefreshTicker=null,i.visibilityChangedCallback=null,i.refreshingDeferred=null,i._session=null,i.sessionCheckExpiryDays=1,i.redirectUri=(null==t?void 0:t.redirectUri)||"",!(null==t?void 0:t.domain))throw new Error("Missing domain");if(i.domainUrl=function(e){if(!/^(https|http)?:\/\//.test(e)){var t=(null===location||void 0===location?void 0:location.protocol)||"https";return"".concat(t,"//").concat(e)}return e}(t.domain),i.tokenIssuer=(n=i.domainUrl,"".concat(n)),!t.clientId)throw new Error("Missing clientId");i.clientId=t.clientId,i.audience=t.audience,i.api=new g(i.domainUrl,{debug:s});var a=(null==t?void 0:t.storageKey)||D;return i.storageKey="".concat(a,"-").concat(i.clientId),i.storage=function(e){var t=e.storage,r=e.cookieOptions;return"cookie"===t||r?ne(r):"localStorage"===t||void 0===t?ie:t}(t),i.lock=new ue({lock:t.lock,storageKey:i.storageKey,debug:t.debug}),i.broadcastSync=new O(A()?i.storageKey:"",(function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i._debug.apply(i,o([e],t,!1))})),i.flowType=null!==(r=t.flowType)&&void 0!==r?r:A()?"pkce":"implicit",i.autoRefreshToken=!0,i.initialize(),i}return r(t,e),Object.defineProperty(t.prototype,"session",{get:function(){return this._session},enumerable:!1,configurable:!0}),t.prototype.initialize=function(){return i(this,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return this.initializePromise?[4,this.initializePromise]:[3,2];case 1:case 3:return[2,t.sent()];case 2:return this.initializePromise=i(e,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return[4,this.lock._acquireLock(-1,(function(){return i(e,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,this._initialize()];case 1:return[2,e.sent()]}}))}))}))];case 1:return[2,t.sent()]}}))})),[4,this.initializePromise]}}))}))},t.prototype._initialize=function(){return i(this,void 0,void 0,(function(){var e,t,r,n,o,a,c,u=this;return s(this,(function(l){switch(l.label){case 0:return l.trys.push([0,8,9,11]),[4,this._detectFlowType()];case 1:return e=l.sent(),this._debug("#_initialize()","begin","flow_type",e),e?[4,this._getSessionFromURL(e)]:[3,6];case 2:return t=l.sent(),r=t.data,(n=t.error)?(this._debug("#_initialize()","error detecting session from URL",n),"Identity is already linked"===(null==n?void 0:n.message)||"Identity is already linked to another user"===(null==n?void 0:n.message)?[2,{error:n}]:[4,this._removeSession()]):[3,4];case 3:return l.sent(),[2,{error:n}];case 4:return o=r.session,a=r.redirectType,this._debug("#_initialize()","detected session in URL",o,"redirect type",a),[4,this._saveSession(o)];case 5:return l.sent(),setTimeout((function(){return i(u,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return"recovery"!==a?[3,2]:[4,this._notifyAllSubscribers("PASSWORD_RECOVERY",o)];case 1:return e.sent(),[3,4];case 2:return[4,this._notifyAllSubscribers("SIGNED_IN",o)];case 3:e.sent(),e.label=4;case 4:return[2]}}))}))}),0),[2,{error:null}];case 6:return[4,this._recoverAndRefresh()];case 7:return l.sent(),[2,{error:null}];case 8:return j(c=l.sent())?[2,{error:c}]:[2,{error:new F("Unexpected error during initialization",c)}];case 9:return[4,this._handleVisibilityChange()];case 10:return l.sent(),this._debug("#_initialize()","end"),[7];case 11:return[2]}}))}))},t.prototype._getSessionFromURL=function(e){return i(this,void 0,void 0,(function(){var t,r,n,i,o,a,c,l,h,d,f,v,p,b,g,_,y,w,m;return s(this,(function(s){switch(s.label){case 0:if(s.trys.push([0,4,,5]),t=se(null==u?void 0:u.location.href),"pkce"!=e)return[3,2];if(!t.code)throw new M("No code detected.");return[4,this._exchangeCodeForSession(t.code)];case 1:if(r=s.sent(),n=r.data,i=r.error)throw i;return oe(["code"]),[2,{data:{session:n.session,redirectType:null},error:null}];case 2:if(t.error||t.error_description||t.error_code)throw new K(t.error_description||"Error in URL with unspecified error_description",{error:t.error||"unspecified_error",code:t.error_code||"unspecified_code"});if(o=t.provider_token,a=t.provider_refresh_token,c=t.access_token,l=t.refresh_token,h=t.expires_in,d=t.expires_at,f=t.token_type,!(c&&h&&l&&f))throw new K("No session defined in URL");return v=function(e){var t=e.expires_in,r=e.expires_at,n=e.refreshTick,i=Math.round(Date.now()/1e3),s=parseInt(t),o=i+s;r&&(o=parseInt(r));var a=o-i;1e3*a<=n&&console.warn("@faable/auth-js: Session as retrieved from URL expires in ".concat(a,"s, should have been closer to ").concat(s,"s"));var c=o-s;return i-c>=120?console.warn("@faable/auth-js: Session as retrieved from URL was issued over 120s ago, URL could be stale",c,o,i):i-c<0&&console.warn("@faable/auth-js: Session as retrieved from URL was issued in the future? Check the device clok for skew",c,o,i),{expiresIn:s,expiresAt:o}}({expires_in:h,expires_at:d,refreshTick:le}),p=v.expiresAt,b=v.expiresIn,[4,this._getUser(c)];case 3:if(g=s.sent(),_=g.data,(y=g.error)||!_)throw y;return w={provider_token:o,provider_refresh_token:a,access_token:c,expires_in:b,expires_at:p,refresh_token:l,token_type:f,user:_},oe(["access_token","expires_in","refresh_token","token_type","scope"]),this._debug("#_getSessionFromURL()","clearing window.location.hash"),[2,{data:{session:w,redirectType:t.type},error:null}];case 4:if(m=s.sent(),this._debug(m),j(m))return[2,{data:{session:null,redirectType:null},error:m}];throw m;case 5:return[2]}}))}))},t.prototype._exchangeCodeForSession=function(e){return i(this,void 0,void 0,(function(){var t,r,i,o,a,c,u,l,h,d,f,v;return s(this,(function(s){switch(s.label){case 0:return[4,k(this.storage,"".concat(this.storageKey,"-code-verifier"))];case 1:return(t=s.sent())?(r=t.verifier,i=t.redirectType,o=void 0===i?null:i,[4,p("".concat(this.domainUrl,"/oauth/token"),n({client_id:this.clientId,grant_type:"authorization_code",code:e,code_verifier:r},this.audience?{audience:this.audience}:{}))]):[2,{data:{user:null,session:null,redirectType:null},error:new M("No active PKCE code verifier — the authorization flow has expired or was not started")}];case 2:if(a=s.sent(),c=C(a),u=c.data,l=c.error,!u)throw new Error("Missing data");return[4,this.storage.removeItem("".concat(this.storageKey,"-code-verifier"))];case 3:return s.sent(),l?[2,{data:{user:null,session:null,redirectType:null},error:l}]:u&&u.session&&u.user?(h=u.session)?[4,this._getUser(h.access_token)]:[3,7]:[2,{data:{user:null,session:null,redirectType:null},error:new V}];case 4:if(d=s.sent(),f=d.data,(v=d.error)||!f)throw v;return h=n(n({},h),{user:f}),u.session=h,[4,this._saveSession(h)];case 5:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",h)];case 6:s.sent(),s.label=7;case 7:return[2,{data:n(n({},u),{redirectType:null!=o?o:null}),error:l}]}}))}))},t.prototype._handleVisibilityChange=function(){return i(this,void 0,void 0,(function(){var e,t=this;return s(this,(function(r){switch(r.label){case 0:if(this._debug("#_handleVisibilityChange()"),!A()||!(null==u?void 0:u.addEventListener))return this.autoRefreshToken&&this.startAutoRefresh(),[2,!1];r.label=1;case 1:return r.trys.push([1,3,,4]),this.visibilityChangedCallback=function(){return i(t,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,this._onVisibilityChanged(!1)];case 1:return[2,e.sent()]}}))}))},null==u||u.addEventListener("visibilitychange",this.visibilityChangedCallback),[4,this._onVisibilityChanged(!0)];case 2:return r.sent(),[3,4];case 3:return e=r.sent(),console.error("_handleVisibilityChange",e),[3,4];case 4:return[2]}}))}))},t.prototype._onVisibilityChanged=function(e){return i(this,void 0,void 0,(function(){var t,r=this;return s(this,(function(n){switch(n.label){case 0:return t="#_onVisibilityChanged(".concat(e,")"),this._debug(t,"visibilityState",h.visibilityState),"visible"!==h.visibilityState?[3,4]:(this.autoRefreshToken&&this._startAutoRefresh(),e?[3,3]:[4,this.initializePromise]);case 1:return n.sent(),[4,this.lock._acquireLock(-1,(function(){return i(r,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return"visible"!==h.visibilityState?(this._debug(t,"acquired the lock to recover the session, but the browser visibilityState is no longer visible, aborting"),[2]):[4,this._recoverAndRefresh()];case 1:return e.sent(),[2]}}))}))}))];case 2:n.sent(),n.label=3;case 3:return[3,5];case 4:"hidden"===h.visibilityState&&this.autoRefreshToken&&this._stopAutoRefresh(),n.label=5;case 5:return[2]}}))}))},t.prototype._recoverAndRefresh=function(){return i(this,void 0,void 0,(function(){var e,t,r,n,i,o,a;return s(this,(function(s){switch(s.label){case 0:e="#_recoverAndRefresh()",this._debug(e,"begin"),s.label=1;case 1:return s.trys.push([1,12,13,14]),[4,w(this.storage,this.storageKey)];case 2:return t=s.sent(),this._debug(e,"session from storage",t),H(t)?[3,5]:(this._debug(e,"session is not valid"),null===t?[3,4]:[4,this._removeSession()]);case 3:s.sent(),s.label=4;case 4:return[2];case 5:return r=Math.round(Date.now()/1e3),n=(null!==(a=t.expires_at)&&void 0!==a?a:1/0)<r+10,this._debug(e,"session has".concat(n?"":" not"," expired with margin of ").concat(10,"s")),n?this.autoRefreshToken&&t.refresh_token?[4,this._callRefreshToken(t.refresh_token)]:[3,8]:[3,9];case 6:return(i=s.sent().error)?(console.error(i),W(i)?[3,8]:(this._debug(e,"refresh failed with a non-retryable error, removing the session",i),[4,this._removeSession()])):[3,8];case 7:s.sent(),s.label=8;case 8:return[3,11];case 9:return this._session=t,[4,this._notifyAllSubscribers("SIGNED_IN",t)];case 10:s.sent(),s.label=11;case 11:return[3,14];case 12:return o=s.sent(),this._debug(e,"error",o),console.error(o),[2];case 13:return this._debug(e,"end"),[7];case 14:return[2]}}))}))},t.prototype._removeVisibilityChangedCallback=function(){this._debug("#_removeVisibilityChangedCallback()");var e=this.visibilityChangedCallback;this.visibilityChangedCallback=null;try{e&&A()&&(null==u?void 0:u.removeEventListener)&&u.removeEventListener("visibilitychange",e)}catch(e){console.error("removing visibilitychange callback failed",e)}},t.prototype.startAutoRefresh=function(){return i(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return this._removeVisibilityChangedCallback(),[4,this._startAutoRefresh()];case 1:return e.sent(),[2]}}))}))},t.prototype._startAutoRefresh=function(){return i(this,void 0,void 0,(function(){var e,t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this._stopAutoRefresh()];case 1:return r.sent(),this._debug("#_startAutoRefresh()"),e=setInterval((function(){return t._autoRefreshTokenTick()}),le),this.autoRefreshTicker=e,e&&"object"==typeof e&&"function"==typeof e.unref?e.unref():void 0!==globalThis.Deno&&"function"==typeof globalThis.Deno.unrefTimer&&globalThis.Deno.unrefTimer(e),setTimeout((function(){return i(t,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return[4,this.initializePromise];case 1:return e.sent(),[4,this._autoRefreshTokenTick()];case 2:return e.sent(),[2]}}))}))}),0),[2]}}))}))},t.prototype._stopAutoRefresh=function(){return i(this,void 0,void 0,(function(){var e;return s(this,(function(t){return this._debug("#_stopAutoRefresh()"),e=this.autoRefreshTicker,this.autoRefreshTicker=null,e&&clearInterval(e),[2]}))}))},t.prototype._autoRefreshTokenTick=function(){return i(this,void 0,void 0,(function(){var e,t=this;return s(this,(function(r){switch(r.label){case 0:this._debug("#_autoRefreshTokenTick()","begin"),r.label=1;case 1:return r.trys.push([1,3,,4]),[4,this.lock._acquireLock(0,(function(){return i(t,void 0,void 0,(function(){var e,t,r=this;return s(this,(function(n){switch(n.label){case 0:n.trys.push([0,,5,6]),e=Date.now(),n.label=1;case 1:return n.trys.push([1,3,,4]),[4,this._useSession((function(t){return i(r,void 0,void 0,(function(){var r,n;return s(this,(function(i){switch(i.label){case 0:return(r=t.data.session)&&r.refresh_token&&r.expires_at?(n=Math.floor((1e3*r.expires_at-e)/le),this._debug("#_autoRefreshTokenTick()","access token expires in ".concat(n," ticks, a tick lasts ").concat(le,"ms, refresh threshold is ").concat(3," ticks")),n<=3?[4,this._callRefreshToken(r.refresh_token)]:[3,2]):(this._debug("#_autoRefreshTokenTick()","no session"),[2]);case 1:i.sent(),i.label=2;case 2:return[2]}}))}))}))];case 2:return[2,n.sent()];case 3:return t=n.sent(),console.error("Auto refresh tick failed with error. This is likely a transient error.",t),[3,4];case 4:return[3,6];case 5:return this._debug("#_autoRefreshTokenTick()","end"),[7];case 6:return[2]}}))}))}))];case 2:return r.sent(),[3,4];case 3:if(!((e=r.sent()).isAcquireTimeout||e instanceof ae))throw e;return this._debug("auto refresh token tick lock not available"),[3,4];case 4:return[2]}}))}))},t.prototype._detectFlowType=function(){return i(this,void 0,void 0,(function(){var e,t;return s(this,(function(r){return e=se(null==u?void 0:u.location.href),(t=A())&&e.code?[2,"pkce"]:t&&(e.access_token||e.error_description)?[2,"implicit"]:[2,null]}))}))},t.prototype._scope=function(){return this.scope||"openid profile email"},t.prototype._getUrlForConnection=function(e,t){return i(this,void 0,void 0,(function(){var r,i,o,a,c,l,h;return s(this,(function(s){switch(s.label){case 0:return r=t.queryParams||{},i={client_id:this.clientId,response_type:t.response_type,redirect_uri:t.redirectTo||this.redirectUri||(null==u?void 0:u.location.origin),scope:t.scopes||this._scope()},"pkce"!==this.flowType?[3,2]:[4,x(this.storage,this.storageKey)];case 1:o=s.sent(),a=o[0],c=o[1],r=n(n({},r),{code_challenge:a,code_challenge_method:c}),s.label=2;case 2:return t.connection_id?i.connection_id=t.connection_id:t.connection&&(i.connection=t.connection),(l=null!==(h=t.audience)&&void 0!==h?h:this.audience)&&(i.audience=l),[2,"".concat(e,"?").concat(new URLSearchParams(n(n({},r),i)))]}}))}))},t.prototype.signInWithOauthConnection=function(e){return i(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._handleConnectionSignIn({connection:e.connection,connection_id:e.connection_id,redirectTo:null==e?void 0:e.redirectTo,scopes:null==e?void 0:e.scopes,queryParams:e.queryParams,skipBrowserRedirect:e.skipBrowserRedirect,audience:e.audience})];case 1:return[2,t.sent()]}}))}))},t.prototype.signInWithUsernamePassword=function(e){return i(this,void 0,void 0,(function(){var t,r,i;return s(this,(function(s){switch(s.label){case 0:return t=null!==(i=e.audience)&&void 0!==i?i:this.audience,[4,p("".concat(this.domainUrl,"/usernamepassword/login"),n({username:e.username,password:e.password,redirect_uri:e.redirectTo||this.redirectUri||(null==u?void 0:u.location.origin),client_id:this.clientId,state:e.state},t?{audience:t}:{}),{raw:!0})];case 1:return!(r=s.sent()).data||r.error?[2,{data:null,error:new F(r.error||"Error in username password login",r.error)}]:(function(e,t){var r=t.createElement("div");r.innerHTML=e;var n=t.body.appendChild(r).children[0];if(!n)throw new Error("Auth response did not contain a submittable form");n.submit()}(r.data,h),[2,{data:null,error:null}])}}))}))},t.prototype.signInWithOtp=function(e){return i(this,void 0,void 0,(function(){var t,r,i,o,a,c,u,l,h,d;return s(this,(function(s){switch(s.label){case 0:return t=null!==(d=e.audience)&&void 0!==d?d:this.audience,[4,p("".concat(this.domainUrl,"/oauth/token"),n({client_id:this.clientId,grant_type:"http://auth0.com/oauth/grant-type/passwordless/otp",username:e.username,otp:e.otp},t?{audience:t}:{}))];case 1:return r=s.sent(),i=C(r),o=i.data,(a=i.error)?[2,{data:{user:null,session:null},error:a}]:o&&o.session?(c=o.session,[4,this._getUser(c.access_token)]):[2,{data:{user:null,session:null},error:new V}];case 2:return u=s.sent(),l=u.data,(h=u.error)||!l?[2,{data:{user:null,session:null},error:h||new F("Could not fetch user info",null)}]:(c.user=l,[4,this._saveSession(c)]);case 3:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",c)];case 4:return s.sent(),[2,{data:{user:c.user,session:c},error:null}]}}))}))},t.prototype.signInWithPasswordless=function(e){return i(this,void 0,void 0,(function(){var t,r,i;return s(this,(function(s){switch(s.label){case 0:return t=null!==(i=e.audience)&&void 0!==i?i:this.audience,[4,p("".concat(this.domainUrl,"/passwordless/start"),n({client_id:this.clientId,email:e.email,send:e.type},t?{audience:t}:{}))];case 1:return[2,{data:(r=s.sent()).data,error:r.error}]}}))}))},t.prototype.changePassword=function(e){return i(this,void 0,void 0,(function(){var t,r,n;return s(this,(function(i){switch(i.label){case 0:return(null==e?void 0:e.email)?[4,p("".concat(this.domainUrl,"/dbconnections/change_password"),{email:e.email})]:[2,{data:null,error:new F("email is required",null)}];case 1:return t=i.sent(),r=t.data,n=t.error,[2,{data:null!=r?r:null,error:n?new F(String(n),n):null}]}}))}))},t.prototype.buildAuthorizeUrl=function(e){var t;void 0===e&&(e={});var r={client_id:this.clientId,redirect_uri:e.redirectTo||this.redirectUri||(null==u?void 0:u.location.origin),response_type:_(e,A()),audience:null!==(t=e.audience)&&void 0!==t?t:this.audience,scope:e.scope,connection:e.connection},n=Object.fromEntries(Object.entries(r).filter((function(e){return!!e[1]})));return"".concat(this.domainUrl,"/authorize?").concat(new URLSearchParams(n).toString())},t.prototype.authorize=function(e){var t=this.buildAuthorizeUrl(e);J.redirect(t)},t.prototype._handleConnectionSignIn=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:return[4,this._getUrlForConnection("".concat(this.domainUrl,"/authorize"),{response_type:A()?"code":"token",connection:e.connection,connection_id:e.connection_id,redirectTo:e.redirectTo,scopes:e.scopes,queryParams:e.queryParams,audience:e.audience})];case 1:return t=r.sent(),this._debug("#_handleConnectionSignIn()","options",e,"url",t),A()&&!e.skipBrowserRedirect&&(null==u||u.location.assign(t)),[2,{data:{url:t},error:null}]}}))}))},t.prototype.setSession=function(e){return i(this,void 0,void 0,(function(){var t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,(function(){return i(t,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._setSession(e)];case 1:return[2,t.sent()]}}))}))}))];case 2:return[2,r.sent()]}}))}))},t.prototype.getSession=function(){return i(this,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return[4,this.initializePromise];case 1:return t.sent(),[4,this.lock._acquireLock(-1,(function(){return i(e,void 0,void 0,(function(){var e=this;return s(this,(function(t){return[2,this._useSession((function(t){return i(e,void 0,void 0,(function(){return s(this,(function(e){return[2,t]}))}))}))]}))}))}))];case 2:return[2,t.sent()]}}))}))},t.prototype._useSession=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:this._debug("#_useSession","begin"),r.label=1;case 1:return r.trys.push([1,,4,5]),[4,this.__loadSession()];case 2:return t=r.sent(),[4,e(t)];case 3:return[2,r.sent()];case 4:return this._debug("#_useSession","end"),[7];case 5:return[2]}}))}))},t.prototype.__loadSession=function(){return i(this,void 0,void 0,(function(){var e,t,r,n,i,o,a;return s(this,(function(s){switch(s.label){case 0:this._debug("#__loadSession()","begin"),this.lock.lockAcquired||this._debug("#__loadSession()","used outside of an acquired lock!",(new Error).stack),s.label=1;case 1:return s.trys.push([1,,7,8]),e=null,[4,w(this.storage,this.storageKey)];case 2:return t=s.sent(),this._debug("#getSession()","session from storage",t),null===t?[3,5]:H(t)?(e=t,[3,5]):[3,3];case 3:return this._debug("#getSession()","session from storage is not valid"),[4,this._removeSession()];case 4:s.sent(),s.label=5;case 5:return e?(r=!!e.expires_at&&e.expires_at<=Date.now()/1e3,this._debug("#__loadSession()","session has".concat(r?"":" not"," expired"),"expires_at",e.expires_at),r?[4,this._callRefreshToken(e.refresh_token)]:(this.storage.isServer&&(n=new Proxy(e,{get:function(e,t,r){return"user"===t&&console.warn("Reading `session.user` from a server-side cookie store can be insecure: the value is whatever the cookie contains and has not been verified against Faable Auth. Re-fetch the user with `auth.getUser()` (or verify the access token yourself) before trusting it on the server."),Reflect.get(e,t,r)}}),e=n),[2,{data:{session:e},error:null}])):[2,{data:{session:null},error:null}];case 6:return i=s.sent(),o=i.session,(a=i.error)?[2,{data:{session:null},error:a}]:[2,{data:{session:o},error:null}];case 7:return this._debug("#__loadSession()","end"),[7];case 8:return[2]}}))}))},t.prototype._removeSession=function(){return i(this,void 0,void 0,(function(){return s(this,(function(e){switch(e.label){case 0:return this._debug("#_removeSession()"),this._session=null,[4,this.storage.removeItem(this.storageKey)];case 1:return e.sent(),[2]}}))}))},t.prototype._setSession=function(e){return i(this,void 0,void 0,(function(){var t,r,n,i,o,a,c,u,l,h,d;return s(this,(function(s){switch(s.label){case 0:if(s.trys.push([0,7,,8]),!e.access_token||!e.refresh_token)throw new z;return t=Date.now()/1e3,r=t,n=!0,i=null,(o=B(e.access_token)).exp&&(r=o.exp,n=r<=t),n?[4,this._callRefreshToken(e.refresh_token)]:[3,2];case 1:return a=s.sent(),c=a.session,(h=a.error)?[2,{data:{user:null,session:null},error:h}]:c?(i=c,[3,6]):[2,{data:{user:null,session:null},error:null}];case 2:return[4,this._getUser(e.access_token)];case 3:if(u=s.sent(),l=u.data,(h=u.error)||!l)throw h;return i={access_token:e.access_token,refresh_token:e.refresh_token,user:l,token_type:"bearer",expires_in:r-t,expires_at:r},[4,this._saveSession(i)];case 4:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",i)];case 5:s.sent(),s.label=6;case 6:return[2,{data:{user:i.user,session:i},error:null}];case 7:if(j(d=s.sent()))return[2,{data:{session:null,user:null},error:d}];throw d;case 8:return[2]}}))}))},t.prototype._saveSession=function(e){return i(this,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return this._debug("#_saveSession()",e),this._session=e,[4,y(this.storage,this.storageKey,e)];case 1:return t.sent(),[2]}}))}))},t.prototype._getUser=function(e){return i(this,void 0,void 0,(function(){var t;return s(this,(function(r){switch(r.label){case 0:if(!e)throw new Error("Cannot fetch user without token");return this._debug("#_getUser() begin"),[4,b("".concat(this.domainUrl,"/me"),{token:e})];case 1:return t=r.sent(),this._debug("#_getUser() end"),[2,{data:t.data,error:t.error}]}}))}))},t.prototype._callRefreshToken=function(e){return i(this,void 0,void 0,(function(){var t,r,n,i,o,a,c,u;return s(this,(function(s){switch(s.label){case 0:if(!e)throw new z;if(this.refreshingDeferred)return[2,this.refreshingDeferred.promise];t="#_callRefreshToken(".concat(e.substring(0,5),"...)"),this._debug(t,"begin"),s.label=1;case 1:return s.trys.push([1,5,10,11]),this.refreshingDeferred=new U,[4,(l=this._refreshAccessToken(e),h=3e4,d="Token refresh timed out",v=new Promise((function(e,t){f=setTimeout((function(){return t(new Error(d))}),h)})),Promise.race([l.finally((function(){void 0!==f&&clearTimeout(f)})),v]))];case 2:if(r=s.sent(),n=r.data,i=r.error)throw i;if(!n.session)throw new z;return[4,this._saveSession(n.session)];case 3:return s.sent(),[4,this._notifyAllSubscribers("TOKEN_REFRESHED",n.session)];case 4:return s.sent(),a={session:n.session,error:null},this.refreshingDeferred.resolve(a),[2,a];case 5:return o=s.sent(),this._debug(t,"error",o),j(o)?(a={session:null,error:o},W(o)?[3,8]:[4,this._removeSession()]):[3,9];case 6:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_OUT",null)];case 7:s.sent(),s.label=8;case 8:return null===(c=this.refreshingDeferred)||void 0===c||c.resolve(a),[2,a];case 9:throw null===(u=this.refreshingDeferred)||void 0===u||u.reject(o),o;case 10:return this.refreshingDeferred=null,this._debug(t,"end"),[7];case 11:return[2]}var l,h,d,f,v}))}))},t.prototype._refreshAccessToken=function(e){return i(this,void 0,void 0,(function(){var t,r,o,a=this;return s(this,(function(c){switch(c.label){case 0:t="#_refreshAccessToken(".concat(e.substring(0,5),"...)"),this._debug(t,"begin"),c.label=1;case 1:return c.trys.push([1,3,4,5]),r=Date.now(),[4,P((function(r){return i(a,void 0,void 0,(function(){var i,o,a,c,u,l,h;return s(this,(function(s){switch(s.label){case 0:return r>0?[4,L(200*Math.pow(2,r-1))]:[3,2];case 1:s.sent(),s.label=2;case 2:return this._debug(t,"refreshing attempt",r),[4,p("".concat(this.domainUrl,"/oauth/token"),n({client_id:this.clientId,grant_type:"refresh_token",refresh_token:e},this.audience?{audience:this.audience}:{}))];case 3:if((i=s.sent()).error)throw new F("Refresh token request failed: ".concat(i.error),i.error);if(o=C(i),!(null===(l=o.data.session)||void 0===l?void 0:l.access_token))throw new V;return[4,this._getUser(null===(h=o.data.session)||void 0===h?void 0:h.access_token)];case 4:if(a=s.sent(),c=a.data,u=a.error)throw new F("Could not fetch user info",u);if(!c)throw new F("Refresh response missing user",null);return[2,{data:{session:n(n({},o.data.session),{user:c}),user:c},error:null}]}}))}))}),(function(e,t){var n=200*Math.pow(2,e);return t&&W(t)&&Date.now()+n-r<le}))];case 2:return[2,c.sent()];case 3:if(o=c.sent(),this._debug(t,"error",o),j(o))return[2,{data:{session:null,user:null},error:o}];throw o;case 4:return this._debug(t,"end"),[7];case 5:return[2]}}))}))},t.prototype._notifyAllSubscribers=function(e,t){return i(this,arguments,void 0,(function(e,t,r){var n;return void 0===r&&(r=!0),s(this,(function(i){switch(i.label){case 0:n="#_notifyAllSubscribers(".concat(e,")"),this._debug(n,"begin",t,"broadcast = ".concat(r)),i.label=1;case 1:return i.trys.push([1,,3,4]),[4,this.broadcastSync.notify(e,t,r)];case 2:return i.sent(),[3,4];case 3:return this._debug(n,"end"),[7];case 4:return[2]}}))}))},t.prototype.signOut=function(){return i(this,arguments,void 0,(function(e){var t=this;return void 0===e&&(e={scope:"global"}),s(this,(function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,(function(){return i(t,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._signOut(e)];case 1:return[2,t.sent()]}}))}))}))];case 2:return[2,r.sent()]}}))}))},t.prototype._signOut=function(){return i(this,arguments,void 0,(function(e){var t=this,r=(void 0===e?{scope:"global"}:e).scope;return s(this,(function(e){switch(e.label){case 0:return[4,this._useSession((function(e){return i(t,void 0,void 0,(function(){var t,n,i,o;return s(this,(function(s){switch(s.label){case 0:return t=e.data,(n=e.error)?[2,{error:n}]:(null===(o=t.session)||void 0===o?void 0:o.access_token)?[4,this.api.signOut({client_id:this.clientId})]:[3,2];case 1:if((i=s.sent().error)&&(!function(e){return j(e)&&"AuthApiError"===e.name}(i)||404!==i.status&&401!==i.status))return[2,{error:i}];s.label=2;case 2:return"others"===r?[3,6]:[4,this._removeSession()];case 3:return s.sent(),[4,this.storage.removeItem("".concat(this.storageKey,"-code-verifier"))];case 4:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_OUT",null)];case 5:s.sent(),s.label=6;case 6:return[2,{error:null}]}}))}))}))];case 1:return[2,e.sent()]}}))}))},t.prototype.onAuthStateChange=function(e){var t=this,r=this.broadcastSync.subscribe(e).subscription;return this._debug("#onAuthStateChange()","registered callback with id",r.id),i(t,void 0,void 0,(function(){var e=this;return s(this,(function(t){switch(t.label){case 0:return[4,this.initializePromise];case 1:return t.sent(),[4,this.lock._acquireLock(-1,(function(){return i(e,void 0,void 0,(function(){return s(this,(function(e){return this._emitInitialSession(r),[2]}))}))}))];case 2:return t.sent(),[2]}}))})),{data:{subscription:r}}},t.prototype._emitInitialSession=function(e){return i(this,void 0,void 0,(function(){var t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this._useSession((function(r){return i(t,void 0,void 0,(function(){var t,n,i;return s(this,(function(s){switch(s.label){case 0:if(s.trys.push([0,2,,4]),t=r.data.session,n=r.error)throw n;return[4,e.callback("INITIAL_SESSION",t)];case 1:return s.sent(),this._debug("INITIAL_SESSION","callback id",e.id,"session",t),[3,4];case 2:return i=s.sent(),[4,e.callback("INITIAL_SESSION",null)];case 3:return s.sent(),this._debug("INITIAL_SESSION","callback id",e.id,"error",i),console.error(i),[3,4];case 4:return[2]}}))}))}))];case 1:return[2,r.sent()]}}))}))},t.prototype.refreshSession=function(e){return i(this,void 0,void 0,(function(){var t=this;return s(this,(function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,(function(){return i(t,void 0,void 0,(function(){return s(this,(function(t){switch(t.label){case 0:return[4,this._refreshSession(e)];case 1:return[2,t.sent()]}}))}))}))];case 2:return[2,r.sent()]}}))}))},t.prototype._refreshSession=function(e){return i(this,void 0,void 0,(function(){var t,r=this;return s(this,(function(n){switch(n.label){case 0:return n.trys.push([0,2,,3]),[4,this._useSession((function(t){return i(r,void 0,void 0,(function(){var r,n,i,o,a,c;return s(this,(function(s){switch(s.label){case 0:if(!e){if(r=t.data,n=t.error)throw n;e=null!==(c=r.session)&&void 0!==c?c:void 0}if(!(null==e?void 0:e.refresh_token))throw new z;return[4,this._callRefreshToken(e.refresh_token)];case 1:return i=s.sent(),o=i.session,(a=i.error)?[2,{data:{user:null,session:null},error:a}]:o?[2,{data:{user:o.user,session:o},error:null}]:[2,{data:{user:null,session:null},error:null}]}}))}))}))];case 1:return[2,n.sent()];case 2:if(j(t=n.sent()))return[2,{data:{user:null,session:null},error:t}];throw t;case 3:return[2]}}))}))},t}(c),de=function(){};e.AuthError=N,e.FaableAuthClient=he,e.User=de,e.cookieStorageAdapter=ne,e.createClient=function(e){return new he(e)},e.getSessionFromCookies=function(e,t){var r,n="".concat(null!==(r=t.storageKey)&&void 0!==r?r:D,"-").concat(t.clientId),i=$(e,n);if(!i)return null;try{return JSON.parse(decodeURIComponent(i))}catch(e){return console.error("Failed to parse session from cookie",e),null}}}({});
7
7
  //# sourceMappingURL=faableauth.js.map