@faable/auth-js 1.7.4 → 1.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +11 -11
- package/dist/dts/FaableAuthClient.d.ts +41 -0
- package/dist/dts/lib/helpers.d.ts +1 -1
- package/dist/dts/lib/jwt.d.ts +15 -0
- package/dist/dts/lib/pkce_storage.d.ts +3 -1
- package/dist/dts/lib/types.d.ts +18 -0
- package/dist/faableauth.js +2 -2
- package/dist/faableauth.js.map +1 -1
- package/dist/main.js +2 -2
- package/dist/main.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -59,17 +59,17 @@ await auth.signInWithOauthConnection({ connection: 'google' })
|
|
|
59
59
|
|
|
60
60
|
`createClient(config)` accepts:
|
|
61
61
|
|
|
62
|
-
| Option | Type | Description
|
|
63
|
-
| --------------- | ------------------ |
|
|
64
|
-
| `domain` | `string` | **Required.** Your Faable Auth tenant domain.
|
|
65
|
-
| `clientId` | `string` | **Required.** Application client ID.
|
|
66
|
-
| `redirectUri` | `string` | Default callback URL. Falls back to `window.location.origin`.
|
|
67
|
-
| `scope` | `string` | Space-separated scopes. Defaults to `openid profile email`.
|
|
68
|
-
| `storage` | `SupportedStorage` | Custom storage adapter. Defaults to `localStorage`.
|
|
69
|
-
| `storageKey` | `string` | Prefix for the storage key. Final key is `${storageKey}-${clientId}`.
|
|
70
|
-
| `cookieOptions` | `CookieOptions` | When set, switches storage to the cookie adapter.
|
|
71
|
-
| `lock` | `LockFunc` | Custom locking primitive for concurrent refreshes.
|
|
72
|
-
| `debug` | `boolean` | Enables verbose logging.
|
|
62
|
+
| Option | Type | Description |
|
|
63
|
+
| --------------- | ------------------ | -------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
|
64
|
+
| `domain` | `string` | **Required.** Your Faable Auth tenant domain. The protocol is optional — `tenant.auth.faable.link` and `https://tenant.auth.faable.link` are equivalent. |
|
|
65
|
+
| `clientId` | `string` | **Required.** Application client ID. |
|
|
66
|
+
| `redirectUri` | `string` | Default callback URL. Falls back to `window.location.origin`. |
|
|
67
|
+
| `scope` | `string` | Space-separated scopes. Defaults to `openid profile email`. |
|
|
68
|
+
| `storage` | `SupportedStorage` | Custom storage adapter. Defaults to `localStorage`. |
|
|
69
|
+
| `storageKey` | `string` | Prefix for the storage key. Final key is `${storageKey}-${clientId}`. |
|
|
70
|
+
| `cookieOptions` | `CookieOptions` | When set, switches storage to the cookie adapter. |
|
|
71
|
+
| `lock` | `LockFunc` | Custom locking primitive for concurrent refreshes. |
|
|
72
|
+
| `debug` | `boolean` | Enables verbose logging. |
|
|
73
73
|
|
|
74
74
|
## Authentication flows
|
|
75
75
|
|
|
@@ -32,6 +32,7 @@ export declare class FaableAuthClient extends Base {
|
|
|
32
32
|
audience?: string;
|
|
33
33
|
sessionCheckExpiryDays: number;
|
|
34
34
|
protected initializePromise: Promise<InitializeResult> | null;
|
|
35
|
+
protected _lastInitializeResult: InitializeResult | null;
|
|
35
36
|
protected detectSessionInUrl: boolean;
|
|
36
37
|
protected storageKey: string;
|
|
37
38
|
protected clientId: string;
|
|
@@ -109,6 +110,46 @@ export declare class FaableAuthClient extends Base {
|
|
|
109
110
|
* @category Lifecycle
|
|
110
111
|
*/
|
|
111
112
|
initialize(): Promise<InitializeResult>;
|
|
113
|
+
/**
|
|
114
|
+
* The result of the most recent {@link FaableAuthClient.initialize} run, or
|
|
115
|
+
* `null` while the first one is still in flight.
|
|
116
|
+
*
|
|
117
|
+
* The constructor starts `initialize()` in the background and discards the
|
|
118
|
+
* promise; this accessor lets code that cannot await it (for example a
|
|
119
|
+
* React provider effect) read whether the last OAuth/redirect attempt
|
|
120
|
+
* errored, instead of being stuck with a session that silently stays
|
|
121
|
+
* `null`.
|
|
122
|
+
*
|
|
123
|
+
* @category Lifecycle
|
|
124
|
+
*/
|
|
125
|
+
get lastInitializeResult(): InitializeResult | null;
|
|
126
|
+
/**
|
|
127
|
+
* Completes an OAuth / magic-link / password-recovery redirect on your
|
|
128
|
+
* callback route and reports the outcome.
|
|
129
|
+
*
|
|
130
|
+
* The SDK already consumes the URL during the `initialize()` it kicks off
|
|
131
|
+
* from the constructor; this is a thin, discoverable wrapper that awaits
|
|
132
|
+
* that same in-flight run (idempotent) so you can:
|
|
133
|
+
*
|
|
134
|
+
* - redirect **only once** the token exchange has finished, and
|
|
135
|
+
* - surface `error` instead of hanging on a "Signing you in…" screen when
|
|
136
|
+
* the exchange fails (e.g. an expired PKCE verifier).
|
|
137
|
+
*
|
|
138
|
+
* It also returns `returnTo` — the app-side destination you optionally
|
|
139
|
+
* passed to `signInWith*({ returnTo })` — so you don't need a side channel
|
|
140
|
+
* (like `sessionStorage`) to remember where to send the user.
|
|
141
|
+
*
|
|
142
|
+
* @example
|
|
143
|
+
* ```ts
|
|
144
|
+
* // app/callback/page.tsx
|
|
145
|
+
* const { error, returnTo } = await auth.handleRedirectCallback()
|
|
146
|
+
* if (error) showError(error.message)
|
|
147
|
+
* else router.replace(returnTo ?? '/')
|
|
148
|
+
* ```
|
|
149
|
+
* @see {@link FaableAuthClient.initialize}
|
|
150
|
+
* @category Lifecycle
|
|
151
|
+
*/
|
|
152
|
+
handleRedirectCallback(): Promise<InitializeResult>;
|
|
112
153
|
/**
|
|
113
154
|
* IMPORTANT:
|
|
114
155
|
* 1. Never throw in this method, as it is called from the constructor
|
|
@@ -3,7 +3,7 @@ import { AuthResponse, SupportedStorage, User } from './types';
|
|
|
3
3
|
export declare function decodeBase64URL(value: string): string;
|
|
4
4
|
export declare function generatePKCEVerifier(): string;
|
|
5
5
|
export declare function generatePKCEChallenge(verifier: string): Promise<string>;
|
|
6
|
-
export declare function getCodeChallengeAndMethod(storage: SupportedStorage, storageKey: string, isPasswordRecovery?: boolean): Promise<string[]>;
|
|
6
|
+
export declare function getCodeChallengeAndMethod(storage: SupportedStorage, storageKey: string, isPasswordRecovery?: boolean, returnTo?: string): Promise<string[]>;
|
|
7
7
|
export declare const isBrowser: () => boolean;
|
|
8
8
|
/**
|
|
9
9
|
* Checks whether localStorage is supported on this browser.
|
package/dist/dts/lib/jwt.d.ts
CHANGED
|
@@ -52,4 +52,19 @@ export interface IdToken {
|
|
|
52
52
|
[key: string]: any;
|
|
53
53
|
}
|
|
54
54
|
export declare function decodeJWTPayload(token: string): any;
|
|
55
|
+
/**
|
|
56
|
+
* Derives a session's expiry from a redirect that may omit the OIDC envelope
|
|
57
|
+
* (`expires_in` / `token_type`). Some flows hand the tokens back in the query
|
|
58
|
+
* string with only the token pair; in that case we trust the access token's
|
|
59
|
+
* own `exp` claim. An explicit `expires_at` (in seconds) wins when provided.
|
|
60
|
+
*
|
|
61
|
+
* @param accessToken The access token JWT to read `exp` from.
|
|
62
|
+
* @param expiresAt Optional explicit absolute expiry (seconds since epoch).
|
|
63
|
+
* @param now Current time in seconds (injectable for tests).
|
|
64
|
+
* @returns Absolute `expiresAt` and relative `expiresIn`, both in seconds.
|
|
65
|
+
*/
|
|
66
|
+
export declare function expiryFromAccessToken(accessToken: string, expiresAt?: string | number, now?: number): {
|
|
67
|
+
expiresAt: number;
|
|
68
|
+
expiresIn: number;
|
|
69
|
+
};
|
|
55
70
|
export declare const verify: (options: JWTVerifyOptions) => any;
|
|
@@ -3,10 +3,12 @@ export declare const CODE_VERIFIER_TTL_MS: number;
|
|
|
3
3
|
type LoadedCodeVerifier = {
|
|
4
4
|
verifier: string;
|
|
5
5
|
redirectType?: string;
|
|
6
|
+
returnTo?: string;
|
|
6
7
|
};
|
|
7
|
-
export declare const saveCodeVerifier: (storage: SupportedStorage, key: string, { verifier, redirectType, now }: {
|
|
8
|
+
export declare const saveCodeVerifier: (storage: SupportedStorage, key: string, { verifier, redirectType, returnTo, now }: {
|
|
8
9
|
verifier: string;
|
|
9
10
|
redirectType?: string;
|
|
11
|
+
returnTo?: string;
|
|
10
12
|
now?: number;
|
|
11
13
|
}) => Promise<void>;
|
|
12
14
|
export declare const loadCodeVerifier: (storage: SupportedStorage, key: string, { now }?: {
|
package/dist/dts/lib/types.d.ts
CHANGED
|
@@ -370,6 +370,13 @@ export type SignInWithOAuthConnection = {
|
|
|
370
370
|
connection?: string;
|
|
371
371
|
/** A URL to send the user to after they are confirmed. */
|
|
372
372
|
redirectTo?: string;
|
|
373
|
+
/**
|
|
374
|
+
* App-side destination to return the user to once the callback has been
|
|
375
|
+
* processed. It is stored locally alongside the PKCE verifier (never sent
|
|
376
|
+
* to the server) and surfaced back as `returnTo` on the result of
|
|
377
|
+
* {@link FaableAuthClient.handleRedirectCallback} / {@link FaableAuthClient.initialize}.
|
|
378
|
+
*/
|
|
379
|
+
returnTo?: string;
|
|
373
380
|
/** A space-separated list of scopes granted to the OAuth application. */
|
|
374
381
|
scopes?: string;
|
|
375
382
|
/** An object of query params */
|
|
@@ -501,6 +508,17 @@ export type SignOut = {
|
|
|
501
508
|
};
|
|
502
509
|
export type InitializeResult = {
|
|
503
510
|
error: AuthError | null;
|
|
511
|
+
/**
|
|
512
|
+
* Set when a sign-in redirect was consumed from the URL (e.g.
|
|
513
|
+
* `'PASSWORD_RECOVERY'`). Absent when the session was recovered from
|
|
514
|
+
* storage or there was nothing to process.
|
|
515
|
+
*/
|
|
516
|
+
redirectType?: string | null;
|
|
517
|
+
/**
|
|
518
|
+
* The app-side destination passed as `returnTo` when starting the sign-in,
|
|
519
|
+
* round-tripped through the flow so the callback page can navigate there.
|
|
520
|
+
*/
|
|
521
|
+
returnTo?: string | null;
|
|
504
522
|
};
|
|
505
523
|
export type UserResponse = {
|
|
506
524
|
data: {
|
package/dist/faableauth.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
/*!
|
|
2
|
-
* @faable/auth-js v1.
|
|
2
|
+
* @faable/auth-js v1.8.0
|
|
3
3
|
* (c) 2026
|
|
4
4
|
* @license SEE LICENSE.md
|
|
5
5
|
*/
|
|
6
|
-
!function(e){"use strict";var t=function(e,r){return t=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var r in t)Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r])},t(e,r)};function r(e,r){if("function"!=typeof r&&null!==r)throw new TypeError("Class extends value "+String(r)+" is not a constructor or null");function n(){this.constructor=e}t(e,r),e.prototype=null===r?Object.create(r):(n.prototype=r.prototype,new n)}var n=function(){return n=Object.assign||function(e){for(var t,r=1,n=arguments.length;r<n;r++)for(var i in t=arguments[r])Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i]);return e},n.apply(this,arguments)};function i(e,t,r,n){return new(r||(r=Promise))(function(i,s){function o(e){try{c(n.next(e))}catch(e){s(e)}}function a(e){try{c(n.throw(e))}catch(e){s(e)}}function c(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r(function(e){e(t)})).then(o,a)}c((n=n.apply(e,t||[])).next())})}function s(e,t){var r,n,i,s={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]},o=Object.create(("function"==typeof Iterator?Iterator:Object).prototype);return o.next=a(0),o.throw=a(1),o.return=a(2),"function"==typeof Symbol&&(o[Symbol.iterator]=function(){return this}),o;function a(a){return function(c){return function(a){if(r)throw new TypeError("Generator is already executing.");for(;o&&(o=0,a[0]&&(s=0)),s;)try{if(r=1,n&&(i=2&a[0]?n.return:a[0]?n.throw||((i=n.return)&&i.call(n),0):n.next)&&!(i=i.call(n,a[1])).done)return i;switch(n=0,i&&(a=[2&a[0],i.value]),a[0]){case 0:case 1:i=a;break;case 4:return s.label++,{value:a[1],done:!1};case 5:s.label++,n=a[1],a=[0];continue;case 7:a=s.ops.pop(),s.trys.pop();continue;default:if(!(i=s.trys,(i=i.length>0&&i[i.length-1])||6!==a[0]&&2!==a[0])){s=0;continue}if(3===a[0]&&(!i||a[1]>i[0]&&a[1]<i[3])){s.label=a[1];break}if(6===a[0]&&s.label<i[1]){s.label=i[1],i=a;break}if(i&&s.label<i[2]){s.label=i[2],s.ops.push(a);break}i[2]&&s.ops.pop(),s.trys.pop();continue}a=t.call(e,s)}catch(e){a=[6,e],n=0}finally{r=i=0}if(5&a[0])throw a[1];return{value:a[0]?a[1]:void 0,done:!0}}([a,c])}}}function o(e,t,r){if(r||2===arguments.length)for(var n,i=0,s=t.length;i<s;i++)!n&&i in t||(n||(n=Array.prototype.slice.call(t,0,i)),n[i]=t[i]);return e.concat(n||Array.prototype.slice.call(t))}"function"==typeof SuppressedError&&SuppressedError;var a="0.0.0",c=function(){function e(e){void 0===e&&(e={}),this.logger=console.log,this.logDebugMessages=!!e.debug,"function"==typeof e.debug&&(this.logger=e.debug)}return e.prototype._debug=function(){for(var e=[],t=0;t<arguments.length;t++)e[t]=arguments[t];if(this.logDebugMessages){var r=this.extraPrint?this.extraPrint():"";this.logger.apply(this,o(["FaableAuth@".concat(r," (").concat(a,") ").concat((new Date).toISOString())],e,!1))}return this},e}(),u=function(e){function t(r){void 0===r&&(r={});var n=e.call(this,r)||this;return n.instanceID=t.nextInstanceID,t.nextInstanceID+=1,n}return r(t,e),t.prototype.extraPrint=function(){return this.instanceID.toString()},t.nextInstanceID=0,t}(c),l="undefined"!=typeof window?window:void 0,h="undefined"!=typeof globalThis?globalThis:l,d=null==h?void 0:h.document,f=h.fetch,v=function(e){void 0===e&&(e={});var t={"x-faable-client":"auth-js/".concat(a)};return(null==e?void 0:e.token)&&(t=n(n({},t),{Authorization:"Bearer ".concat(null==e?void 0:e.token)})),n(n({},null==e?void 0:e.headers),t)},p=function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i(void 0,o([e],t,!0),void 0,function(e,t){var r,n,i;return void 0===t&&(t={}),s(this,function(s){switch(s.label){case 0:return t.raw?[4,e.text()]:[3,2];case 1:return n=s.sent(),[3,4];case 2:return[4,e.json()];case 3:n=s.sent(),s.label=4;case 4:return r=n,e.status>=300?[2,{data:r,error:t.raw?null===(i=JSON.parse(r))||void 0===i?void 0:i.message:null==r?void 0:r.message}]:[2,{data:r,error:null}]}})})},b=function(e,t){for(var r=[],a=2;a<arguments.length;a++)r[a-2]=arguments[a];return i(void 0,o([e,t],r,!0),void 0,function(e,t,r){var i;return void 0===r&&(r={}),s(this,function(s){switch(s.label){case 0:return s.trys.push([0,3,,4]),[4,f(e,{method:"POST",body:JSON.stringify(t),headers:n(n({},v(r)),{"Content-Type":"application/json"})})];case 1:return i=s.sent(),[4,p(i,r)];case 2:return[2,s.sent()];case 3:return[2,{data:null,error:s.sent()}];case 4:return[2]}})})},g=function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i(void 0,o([e],t,!0),void 0,function(e,t){var r;return void 0===t&&(t={}),s(this,function(i){switch(i.label){case 0:return i.trys.push([0,3,,4]),[4,f(e,n(n({},t),{method:"GET",headers:v(t)}))];case 1:return r=i.sent(),[4,p(r,t)];case 2:return[2,i.sent()];case 3:return[2,{data:null,error:i.sent()}];case 4:return[2]}})})},_=function(e){function t(t,r){var n=e.call(this,r)||this;return n.base_url=t,n}return r(t,e),t.prototype.extraPrint=function(){return"api"},t.prototype.signOut=function(e){return i(this,void 0,void 0,function(){var t,r;return s(this,function(n){switch(n.label){case 0:return t="".concat(this.base_url,"/logout?").concat(new URLSearchParams(e)),this._debug("requesting ".concat(t)),[4,g(t)];case 1:return r=n.sent(),this._debug(r),r.error?[2,{error:r.error,data:null}]:[2,{error:null,data:null}]}})})},t}(c),y=function(e,t){return e.response_type||(t?"code":"token")},w=function(e,t,r){return i(void 0,void 0,void 0,function(){return s(this,function(n){switch(n.label){case 0:return[4,e.setItem(t,JSON.stringify(r))];case 1:return n.sent(),[2]}})})},m=function(e,t){return i(void 0,void 0,void 0,function(){var r;return s(this,function(n){switch(n.label){case 0:return[4,e.getItem(t)];case 1:if(!(r=n.sent()))return[2,null];try{return[2,JSON.parse(r)]}catch(e){return[2,r]}return[2]}})})},k=function(e,t,r){return i(void 0,[e,t,r],void 0,function(e,t,r){var n,i=r.verifier,o=r.redirectType,a=r.now,c=void 0===a?Date.now():a;return s(this,function(r){switch(r.label){case 0:return n={verifier:i,createdAt:c},o&&(n.redirectType=o),[4,w(e,t,n)];case 1:return r.sent(),[2]}})})},S=function(e,t){for(var r=[],n=2;n<arguments.length;n++)r[n-2]=arguments[n];return i(void 0,o([e,t],r,!0),void 0,function(e,t,r){var n,i=(void 0===r?{}:r).now,o=void 0===i?Date.now():i;return s(this,function(r){switch(r.label){case 0:return[4,m(e,t)];case 1:return n=r.sent(),"object"!=typeof(i=n)||null===i||"string"!=typeof i.verifier||"number"!=typeof i.createdAt?[2,null]:o-n.createdAt>6e5?[4,e.removeItem(t)]:[3,3];case 2:return r.sent(),[2,null];case 3:return[2,n.redirectType?{verifier:n.verifier,redirectType:n.redirectType}:{verifier:n.verifier}]}var i})})};function T(e){return("0"+e.toString(16)).substr(-2)}function I(e){return i(this,void 0,void 0,function(){var t,r,n,i;return s(this,function(s){switch(s.label){case 0:return t=new TextEncoder,r=t.encode(e),[4,crypto.subtle.digest("SHA-256",r)];case 1:return n=s.sent(),i=new Uint8Array(n),[2,Array.from(i).map(function(e){return String.fromCharCode(e)}).join("")]}})})}function x(e){return i(this,void 0,void 0,function(){var t;return s(this,function(r){switch(r.label){case 0:return"undefined"!=typeof crypto&&void 0!==crypto.subtle&&"undefined"!=typeof TextEncoder?[4,I(e)]:(console.warn("WebCrypto API is not supported. Code challenge method will default to use plain instead of sha256."),[2,e]);case 1:return t=r.sent(),[2,(n=t,btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""))]}var n})})}function A(e,t){return i(this,arguments,void 0,function(e,t,r){var n,i;return void 0===r&&(r=!1),s(this,function(s){switch(s.label){case 0:return n=function(){if("undefined"==typeof crypto||"function"!=typeof crypto.getRandomValues)throw new Error("Web Crypto API is required to generate a PKCE code verifier");var e=new Uint32Array(56);return crypto.getRandomValues(e),Array.from(e,T).join("")}(),[4,k(e,"".concat(t,"-code-verifier"),{verifier:n,redirectType:r?"PASSWORD_RECOVERY":void 0})];case 1:return s.sent(),[4,x(n)];case 2:return[2,[i=s.sent(),n===i?"plain":"S256"]]}})})}var R=function(){return"undefined"!=typeof document},E={tested:!1,writable:!1},C=function(){if(!R())return!1;try{if("object"!=typeof globalThis.localStorage)return!1}catch(e){return!1}if(E.tested)return E.writable;var e="lswt-".concat(Math.random()).concat(Math.random());try{globalThis.localStorage.setItem(e,e),globalThis.localStorage.removeItem(e),E.tested=!0,E.writable=!0}catch(e){E.tested=!0,E.writable=!1}return E.writable};function U(e){var t,r,i=e.data,s=null;if(!i)throw new Error("Bad session response");return function(e){return!!e.access_token&&!!e.refresh_token&&!!e.expires_in}(i)&&(s=n({},i),!i.expires_at&&i.expires_in&&(s.expires_at=(r=i.expires_in,Math.round(Date.now()/1e3)+r))),{data:{session:s,user:null!==(t=i.user)&&void 0!==t?t:i},error:null}}var P=function(){function e(){var t=this;this.promise=new e.promiseConstructor(function(e,r){t.resolve=e,t.reject=r})}return e.promiseConstructor=Promise,e}();function L(e,t){var r=this;return new Promise(function(n,o){i(r,void 0,void 0,function(){var r,i,a;return s(this,function(s){switch(s.label){case 0:r=0,s.label=1;case 1:if(!(r<1/0))return[3,6];s.label=2;case 2:return s.trys.push([2,4,,5]),[4,e(r)];case 3:return i=s.sent(),t(r,null,i)?[3,5]:(n(i),[2]);case 4:return a=s.sent(),t(r,a)?[3,5]:(o(a),[2]);case 5:return r++,[3,1];case 6:return[2]}})})})}function O(e){return i(this,void 0,void 0,function(){return s(this,function(t){return[2,new Promise(function(t){setTimeout(function(){return t(null)},e)})]})})}var D=function(){function e(e,t){var r=this;if(this.debug=t,this.channel=null,this.subscribers=new Map,"undefined"!=typeof globalThis&&"function"==typeof globalThis.BroadcastChannel&&e)try{this.channel=new globalThis.BroadcastChannel(e),this.channel.addEventListener("message",function(e){return i(r,void 0,void 0,function(){return s(this,function(t){switch(t.label){case 0:return this.debug("broadcast_sync: received notification from another tab",e),[4,this.dispatch(e.data.event,e.data.session,!1)];case 1:return t.sent(),[2]}})})})}catch(e){console.error("Failed to create BroadcastChannel; cross-tab sync disabled",e)}}return e.prototype.subscribe=function(e){var t=this,r="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,function(e){var t=16*Math.random()|0;return("x"==e?t:3&t|8).toString(16)}),n={id:r,callback:e,unsubscribe:function(){t.subscribers.delete(r)}};return this.subscribers.set(r,n),{subscription:n}},e.prototype.notify=function(e,t){return i(this,arguments,void 0,function(e,t,r){return void 0===r&&(r=!0),s(this,function(n){switch(n.label){case 0:return r&&this.channel&&this.channel.postMessage({event:e,session:t}),[4,this.dispatch(e,t,r)];case 1:return n.sent(),[2]}})})},e.prototype.dispatch=function(e,t,r){return i(this,void 0,void 0,function(){var r,n,o,a=this;return s(this,function(c){switch(c.label){case 0:return r=[],n=Array.from(this.subscribers.values()).map(function(n){return i(a,void 0,void 0,function(){var i;return s(this,function(s){switch(s.label){case 0:return s.trys.push([0,2,,3]),[4,n.callback(e,t)];case 1:return s.sent(),[3,3];case 2:return i=s.sent(),r.push(i),[3,3];case 3:return[2]}})})}),[4,Promise.all(n)];case 1:if(c.sent(),r.length>0){for(o=0;o<r.length;o+=1)console.error(r[o]);throw r[0]}return[2]}})})},e.prototype.close=function(){var e;this.subscribers.clear();try{null===(e=this.channel)||void 0===e||e.close()}catch(e){}this.channel=null},e}(),N="faableauth",q=function(e){function t(t,r,n){var i=e.call(this,t)||this;return i.__isAuthError=!0,i.name="AuthError",i.status=r,i.code=n,i}return r(t,e),t}(Error),z=function(e){function t(t,r,n,i){var s=e.call(this,t,n,i)||this;return s.name=r,s.status=n,s}return r(t,e),t}(q),j=function(e){function t(){return e.call(this,"Auth session missing!","AuthSessionMissingError",400,void 0)||this}return r(t,e),t}(z);function K(e){return"object"==typeof e&&null!==e&&"__isAuthError"in e}!function(e){function t(t,r,n){var i=e.call(this,t,r,n)||this;return i.name="AuthApiError",i.status=r,i.code=n,i}r(t,e)}(q);var M=function(e){function t(t,r){void 0===r&&(r=null);var n=e.call(this,t,"AuthImplicitGrantRedirectError",500,void 0)||this;return n.details=null,n.details=r,n}return r(t,e),t.prototype.toJSON=function(){return{name:this.name,message:this.message,status:this.status,details:this.details}},t}(z),F=function(e){function t(t,r){void 0===r&&(r=null);var n=e.call(this,t,"AuthPKCEGrantCodeExchangeError",500,void 0)||this;return n.details=null,n.details=r,n}return r(t,e),t.prototype.toJSON=function(){return{name:this.name,message:this.message,status:this.status,details:this.details}},t}(z),V=function(e){function t(t,r){var n=e.call(this,t)||this;return n.name="AuthUnknownError",n.originalError=r,n}return r(t,e),t}(q),W=function(e){function t(){return e.call(this,"Auth session or user missing","AuthInvalidTokenResponseError",500,void 0)||this}return r(t,e),t}(z);function G(e){return K(e)&&"AuthRetryableFetchError"===e.name}function J(){if(!l)throw new Error("No window in environment");return l}!function(e){function t(t,r){return e.call(this,t,"AuthRetryableFetchError",r,void 0)||this}r(t,e)}(z);var B={redirect:function(e){J().location=e},getDocument:function(){return J().document},getWindow:J};function $(e){var t=e.split(".");if(3!==t.length)throw new Error("JWT is not valid: not a JWT structure");if(!/^([a-z0-9_-]{4})*($|[a-z0-9_-]{3}=?$|[a-z0-9_-]{2}(==)?$)$/i.test(t[1]))throw new Error("JWT is not valid: payload is not in base64url format");var r=t[1];return JSON.parse(function(e){var t,r,n,i,s,o,a="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",c="",u=0;for(e=e.replace("-","+").replace("_","/");u<e.length;)t=a.indexOf(e.charAt(u++))<<2|(i=a.indexOf(e.charAt(u++)))>>4,r=(15&i)<<4|(s=a.indexOf(e.charAt(u++)))>>2,n=(3&s)<<6|(o=a.indexOf(e.charAt(u++))),c+=String.fromCharCode(t),64!=s&&0!=r&&(c+=String.fromCharCode(r)),64!=o&&0!=n&&(c+=String.fromCharCode(n));return c}(r))}var H=function(e,t){if(!e)return null;var r="function"==typeof e.get?function(t){var r;return null===(r=e.get(t))||void 0===r?void 0:r.value}:function(t){return e[t]},n=r(t);if(n)return n;for(var i=[],s=0;;s++){var o=r("".concat(t,".").concat(s));if(!o)break;i.push(o)}return i.length?i.join(""):null},Y=function(e){return"object"==typeof e&&null!==e&&"access_token"in e&&"refresh_token"in e&&"expires_at"in e},Q=function(e){var t=new Map;if(!e)return t;for(var r=0,n=e.split(";");r<n.length;r++){var i=n[r].trim();if(i){var s=i.indexOf("=");if(!(s<0)){var o=X(i.slice(0,s).trim()),a=X(i.slice(s+1).trim());o&&t.set(o,a)}}}return t},X=function(e){try{return decodeURIComponent(e)}catch(t){return e}},Z=function(e,t,r){var n="".concat(encodeURIComponent(e),"=").concat(encodeURIComponent(t));return void 0!==r.maxAge&&(n+="; Max-Age=".concat(r.maxAge)),r.domain&&(n+="; Domain=".concat(r.domain)),r.path&&(n+="; Path=".concat(r.path)),r.sameSite&&(n+="; SameSite=".concat(r.sameSite)),(!0===r.secure||"None"===r.sameSite)&&(n+="; Secure"),n},ee=function(e,t){return Z(e,"",{domain:t.domain,path:t.path,sameSite:t.sameSite,secure:t.secure,maxAge:0})},te=3200,re=function(e,t){return"".concat(e,".").concat(t)},ne=function(e,t){var r="".concat(t,"."),n=[];return e.forEach(function(e,t){if(t.startsWith(r)){var i=t.slice(r.length);/^\d+$/.test(i)&&n.push({name:t,idx:Number(i)})}}),n.sort(function(e,t){return e.idx-t.idx}),n.map(function(e){return e.name})},ie=function(e,t){void 0===e&&(e={}),void 0===t&&(t=R()?document:null);var r=n({path:"/",sameSite:"Lax",secure:R()&&"https:"===window.location.protocol,maxAge:2592e3},e);return{getItem:function(e){return t?function(e,t){var r=e.get(t);if(void 0!==r)return r;var n=ne(e,t);return 0===n.length?null:n.map(function(t){return e.get(t)}).join("")}(Q(t.cookie),e):null},setItem:function(e,n){if(t){var i=Q(t.cookie);if(n.length<=te){for(var s=0,o=ne(i,e);s<o.length;s++){var a=o[s];t.cookie=ee(a,r)}t.cookie=Z(e,n,r)}else{i.has(e)&&(t.cookie=ee(e,r));for(var c=Math.ceil(n.length/te),u=0,l=ne(i,e);u<l.length;u++){var h=l[u];Number(h.slice(e.length+1))>=c&&(t.cookie=ee(h,r))}for(var d=0,f=0;d<n.length;d+=te,f++){var v=n.slice(d,d+te);t.cookie=Z(re(e,f),v,r)}}}},removeItem:function(e){if(t){var n=Q(t.cookie);t.cookie=ee(e,r);for(var i=0,s=ne(n,e);i<s.length;i++){var o=s[i];t.cookie=ee(o,r)}}}}},se={getItem:function(e){return C()?globalThis.localStorage.getItem(e):null},setItem:function(e,t){C()&&globalThis.localStorage.setItem(e,t)},removeItem:function(e){C()&&globalThis.localStorage.removeItem(e)}};function oe(e){void 0===e&&(e="");var t={},r=new URL(e);if(r.hash&&"#"===r.hash[0])try{new URLSearchParams(r.hash.substring(1)).forEach(function(e,r){t[r]=e})}catch(e){}return r.searchParams.forEach(function(e,r){t[r]=e}),t}var ae=function(e){void 0===e&&(e=[]);var t=new URL(window.location.href);e.forEach(function(e){t.searchParams.delete(e)}),t.hash="",window.history.replaceState(window.history.state,"",t.toString())};globalThis&&C()&&globalThis.localStorage&&globalThis.localStorage.getItem("faable.auth.locks.debug");var ce=function(e){function t(t){var r=e.call(this,t)||this;return r.isAcquireTimeout=!0,r}return r(t,e),t}(Error);function ue(e,t,r){return i(this,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return[4,r()];case 1:return[2,e.sent()]}})})}!function(e){function t(){return null!==e&&e.apply(this,arguments)||this}r(t,e)}(ce);var le=function(e){function t(t){var r=e.call(this,{debug:t.debug})||this;return r.lockAcquired=!1,r.pendingInLock=[],r.lock=t.lock||ue,r.storageKey=t.storageKey,r}return r(t,e),t.prototype._acquireLock=function(e,t){return i(this,void 0,void 0,function(){var r,n,a=this;return s(this,function(c){switch(c.label){case 0:this._debug("#_acquireLock","begin",e),c.label=1;case 1:return c.trys.push([1,,3,4]),this.lockAcquired?(r=this.pendingInLock.length?this.pendingInLock[this.pendingInLock.length-1]:Promise.resolve(),n=i(a,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return[4,r];case 1:return e.sent(),[4,t()];case 2:return[2,e.sent()]}})}),this.pendingInLock.push(i(a,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return e.trys.push([0,2,,3]),[4,n];case 1:case 2:return e.sent(),[3,3];case 3:return[2]}})})),[2,n]):[4,this.lock("lock:".concat(this.storageKey),e,function(){return i(a,void 0,void 0,function(){var e,r,n=this;return s(this,function(a){switch(a.label){case 0:this._debug("#_acquireLock","lock acquired for storage key",this.storageKey),a.label=1;case 1:return a.trys.push([1,,7,8]),this.lockAcquired=!0,e=t(),this.pendingInLock.push(i(n,void 0,void 0,function(){return s(this,function(t){switch(t.label){case 0:return t.trys.push([0,2,,3]),[4,e];case 1:case 2:return t.sent(),[3,3];case 3:return[2]}})})),[4,e];case 2:a.sent(),a.label=3;case 3:return this.pendingInLock.length?(r=o([],this.pendingInLock,!0),[4,Promise.all(r)]):[3,5];case 4:return a.sent(),this.pendingInLock.splice(0,r.length),[3,3];case 5:return[4,e];case 6:return[2,a.sent()];case 7:return this._debug("#_acquireLock","lock released for storage key",this.storageKey),this.lockAcquired=!1,[7];case 8:return[2]}})})})];case 2:return[2,c.sent()];case 3:return this._debug("#_acquireLock","end"),[7];case 4:return[2]}})})},t}(u),he=3e4,de=function(e){function t(t){var r,n,i=this,s=(null==t?void 0:t.debug)||!1;if((i=e.call(this,{debug:s})||this).initializePromise=null,i.detectSessionInUrl=!0,i.autoRefreshTicker=null,i.visibilityChangedCallback=null,i.refreshingDeferred=null,i._session=null,i.sessionCheckExpiryDays=1,i.redirectUri=(null==t?void 0:t.redirectUri)||"",!(null==t?void 0:t.domain))throw new Error("Missing domain");if(i.domainUrl=function(e){if(!/^(https|http)?:\/\//.test(e)){var t=(null===location||void 0===location?void 0:location.protocol)||"https";return"".concat(t,"//").concat(e)}return e}(t.domain),i.tokenIssuer=(n=i.domainUrl,"".concat(n)),!t.clientId)throw new Error("Missing clientId");i.clientId=t.clientId,i.audience=t.audience,i.api=new _(i.domainUrl,{debug:s});var a=(null==t?void 0:t.storageKey)||N;return i.storageKey="".concat(a,"-").concat(i.clientId),i.storage=function(e){var t=e.storage,r=e.cookieOptions;return"cookie"===t||r?ie(r):"localStorage"===t||void 0===t?se:t}(t),i.lock=new le({lock:t.lock,storageKey:i.storageKey,debug:t.debug}),i.broadcastSync=new D(R()?i.storageKey:"",function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i._debug.apply(i,o([e],t,!1))}),i.flowType=null!==(r=t.flowType)&&void 0!==r?r:R()?"pkce":"implicit",i.autoRefreshToken=!0,i.initialize(),i}return r(t,e),Object.defineProperty(t.prototype,"session",{get:function(){return this._session},enumerable:!1,configurable:!0}),t.prototype.initialize=function(){return i(this,void 0,void 0,function(){var e=this;return s(this,function(t){switch(t.label){case 0:return this.initializePromise?[4,this.initializePromise]:[3,2];case 1:case 3:return[2,t.sent()];case 2:return this.initializePromise=i(e,void 0,void 0,function(){var e=this;return s(this,function(t){switch(t.label){case 0:return[4,this.lock._acquireLock(-1,function(){return i(e,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return[4,this._initialize()];case 1:return[2,e.sent()]}})})})];case 1:return[2,t.sent()]}})}),[4,this.initializePromise]}})})},t.prototype._initialize=function(){return i(this,void 0,void 0,function(){var e,t,r,n,o,a,c,u=this;return s(this,function(l){switch(l.label){case 0:return l.trys.push([0,8,9,11]),[4,this._detectFlowType()];case 1:return e=l.sent(),this._debug("#_initialize()","begin","flow_type",e),e?[4,this._getSessionFromURL(e)]:[3,6];case 2:return t=l.sent(),r=t.data,(n=t.error)?(this._debug("#_initialize()","error detecting session from URL",n),"Identity is already linked"===(null==n?void 0:n.message)||"Identity is already linked to another user"===(null==n?void 0:n.message)?[2,{error:n}]:[4,this._removeSession()]):[3,4];case 3:return l.sent(),[2,{error:n}];case 4:return o=r.session,a=r.redirectType,this._debug("#_initialize()","detected session in URL",o,"redirect type",a),[4,this._saveSession(o)];case 5:return l.sent(),setTimeout(function(){return i(u,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return"recovery"!==a?[3,2]:[4,this._notifyAllSubscribers("PASSWORD_RECOVERY",o)];case 1:return e.sent(),[3,4];case 2:return[4,this._notifyAllSubscribers("SIGNED_IN",o)];case 3:e.sent(),e.label=4;case 4:return[2]}})})},0),[2,{error:null}];case 6:return[4,this._recoverAndRefresh()];case 7:return l.sent(),[2,{error:null}];case 8:return K(c=l.sent())?[2,{error:c}]:[2,{error:new V("Unexpected error during initialization",c)}];case 9:return[4,this._handleVisibilityChange()];case 10:return l.sent(),this._debug("#_initialize()","end"),[7];case 11:return[2]}})})},t.prototype._getSessionFromURL=function(e){return i(this,void 0,void 0,function(){var t,r,n,i,o,a,c,u,h,d,f,v,p,b,g,_,y,w,m;return s(this,function(s){switch(s.label){case 0:if(s.trys.push([0,4,,5]),t=oe(null==l?void 0:l.location.href),"pkce"!=e)return[3,2];if(!t.code)throw new F("No code detected.");return[4,this._exchangeCodeForSession(t.code)];case 1:if(r=s.sent(),n=r.data,i=r.error)throw i;return ae(["code"]),[2,{data:{session:n.session,redirectType:null},error:null}];case 2:if(t.error||t.error_description||t.error_code)throw new M(t.error_description||"Error in URL with unspecified error_description",{error:t.error||"unspecified_error",code:t.error_code||"unspecified_code"});if(o=t.provider_token,a=t.provider_refresh_token,c=t.access_token,u=t.refresh_token,h=t.expires_in,d=t.expires_at,f=t.token_type,!(c&&h&&u&&f))throw new M("No session defined in URL");return v=function(e){var t=e.expires_in,r=e.expires_at,n=e.refreshTick,i=Math.round(Date.now()/1e3),s=parseInt(t),o=i+s;r&&(o=parseInt(r));var a=o-i;1e3*a<=n&&console.warn("@faable/auth-js: Session as retrieved from URL expires in ".concat(a,"s, should have been closer to ").concat(s,"s"));var c=o-s;return i-c>=120?console.warn("@faable/auth-js: Session as retrieved from URL was issued over 120s ago, URL could be stale",c,o,i):i-c<0&&console.warn("@faable/auth-js: Session as retrieved from URL was issued in the future? Check the device clok for skew",c,o,i),{expiresIn:s,expiresAt:o}}({expires_in:h,expires_at:d,refreshTick:he}),p=v.expiresAt,b=v.expiresIn,[4,this._getUser(c)];case 3:if(g=s.sent(),_=g.data,(y=g.error)||!_)throw y;return w={provider_token:o,provider_refresh_token:a,access_token:c,expires_in:b,expires_at:p,refresh_token:u,token_type:f,user:_},ae(["access_token","expires_in","refresh_token","token_type","scope"]),this._debug("#_getSessionFromURL()","clearing window.location.hash"),[2,{data:{session:w,redirectType:t.type},error:null}];case 4:if(m=s.sent(),this._debug(m),K(m))return[2,{data:{session:null,redirectType:null},error:m}];throw m;case 5:return[2]}})})},t.prototype._exchangeCodeForSession=function(e){return i(this,void 0,void 0,function(){var t,r,i,o,a,c,u,l,h,d,f,v;return s(this,function(s){switch(s.label){case 0:return[4,S(this.storage,"".concat(this.storageKey,"-code-verifier"))];case 1:return(t=s.sent())?(r=t.verifier,i=t.redirectType,o=void 0===i?null:i,[4,b("".concat(this.domainUrl,"/oauth/token"),n({client_id:this.clientId,grant_type:"authorization_code",code:e,code_verifier:r},this.audience?{audience:this.audience}:{}))]):[2,{data:{user:null,session:null,redirectType:null},error:new F("No active PKCE code verifier — the authorization flow has expired or was not started")}];case 2:if(a=s.sent(),c=U(a),u=c.data,l=c.error,!u)throw new Error("Missing data");return[4,this.storage.removeItem("".concat(this.storageKey,"-code-verifier"))];case 3:return s.sent(),l?[2,{data:{user:null,session:null,redirectType:null},error:l}]:u&&u.session&&u.user?(h=u.session)?[4,this._getUser(h.access_token)]:[3,7]:[2,{data:{user:null,session:null,redirectType:null},error:new W}];case 4:if(d=s.sent(),f=d.data,(v=d.error)||!f)throw v;return h=n(n({},h),{user:f}),u.session=h,[4,this._saveSession(h)];case 5:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",h)];case 6:s.sent(),s.label=7;case 7:return[2,{data:n(n({},u),{redirectType:null!=o?o:null}),error:l}]}})})},t.prototype._handleVisibilityChange=function(){return i(this,void 0,void 0,function(){var e,t=this;return s(this,function(r){switch(r.label){case 0:if(this._debug("#_handleVisibilityChange()"),!R()||!(null==l?void 0:l.addEventListener))return this.autoRefreshToken&&this.startAutoRefresh(),[2,!1];r.label=1;case 1:return r.trys.push([1,3,,4]),this.visibilityChangedCallback=function(){return i(t,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return[4,this._onVisibilityChanged(!1)];case 1:return[2,e.sent()]}})})},null==l||l.addEventListener("visibilitychange",this.visibilityChangedCallback),[4,this._onVisibilityChanged(!0)];case 2:return r.sent(),[3,4];case 3:return e=r.sent(),console.error("_handleVisibilityChange",e),[3,4];case 4:return[2]}})})},t.prototype._onVisibilityChanged=function(e){return i(this,void 0,void 0,function(){var t,r=this;return s(this,function(n){switch(n.label){case 0:return t="#_onVisibilityChanged(".concat(e,")"),this._debug(t,"visibilityState",d.visibilityState),"visible"!==d.visibilityState?[3,4]:(this.autoRefreshToken&&this._startAutoRefresh(),e?[3,3]:[4,this.initializePromise]);case 1:return n.sent(),[4,this.lock._acquireLock(-1,function(){return i(r,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return"visible"!==d.visibilityState?(this._debug(t,"acquired the lock to recover the session, but the browser visibilityState is no longer visible, aborting"),[2]):[4,this._recoverAndRefresh()];case 1:return e.sent(),[2]}})})})];case 2:n.sent(),n.label=3;case 3:return[3,5];case 4:"hidden"===d.visibilityState&&this.autoRefreshToken&&this._stopAutoRefresh(),n.label=5;case 5:return[2]}})})},t.prototype._recoverAndRefresh=function(){return i(this,void 0,void 0,function(){var e,t,r,n,i,o,a;return s(this,function(s){switch(s.label){case 0:e="#_recoverAndRefresh()",this._debug(e,"begin"),s.label=1;case 1:return s.trys.push([1,12,13,14]),[4,m(this.storage,this.storageKey)];case 2:return t=s.sent(),this._debug(e,"session from storage",t),Y(t)?[3,5]:(this._debug(e,"session is not valid"),null===t?[3,4]:[4,this._removeSession()]);case 3:s.sent(),s.label=4;case 4:return[2];case 5:return r=Math.round(Date.now()/1e3),n=(null!==(a=t.expires_at)&&void 0!==a?a:1/0)<r+10,this._debug(e,"session has".concat(n?"":" not"," expired with margin of ").concat(10,"s")),n?this.autoRefreshToken&&t.refresh_token?[4,this._callRefreshToken(t.refresh_token)]:[3,8]:[3,9];case 6:return(i=s.sent().error)?(console.error(i),G(i)?[3,8]:(this._debug(e,"refresh failed with a non-retryable error, removing the session",i),[4,this._removeSession()])):[3,8];case 7:s.sent(),s.label=8;case 8:return[3,11];case 9:return this._session=t,[4,this._notifyAllSubscribers("SIGNED_IN",t)];case 10:s.sent(),s.label=11;case 11:return[3,14];case 12:return o=s.sent(),this._debug(e,"error",o),console.error(o),[2];case 13:return this._debug(e,"end"),[7];case 14:return[2]}})})},t.prototype._removeVisibilityChangedCallback=function(){this._debug("#_removeVisibilityChangedCallback()");var e=this.visibilityChangedCallback;this.visibilityChangedCallback=null;try{e&&R()&&(null==l?void 0:l.removeEventListener)&&l.removeEventListener("visibilitychange",e)}catch(e){console.error("removing visibilitychange callback failed",e)}},t.prototype.startAutoRefresh=function(){return i(this,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return this._removeVisibilityChangedCallback(),[4,this._startAutoRefresh()];case 1:return e.sent(),[2]}})})},t.prototype._startAutoRefresh=function(){return i(this,void 0,void 0,function(){var e,t=this;return s(this,function(r){switch(r.label){case 0:return[4,this._stopAutoRefresh()];case 1:return r.sent(),this._debug("#_startAutoRefresh()"),e=setInterval(function(){return t._autoRefreshTokenTick()},he),this.autoRefreshTicker=e,e&&"object"==typeof e&&"function"==typeof e.unref?e.unref():void 0!==globalThis.Deno&&"function"==typeof globalThis.Deno.unrefTimer&&globalThis.Deno.unrefTimer(e),setTimeout(function(){return i(t,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return[4,this.initializePromise];case 1:return e.sent(),[4,this._autoRefreshTokenTick()];case 2:return e.sent(),[2]}})})},0),[2]}})})},t.prototype._stopAutoRefresh=function(){return i(this,void 0,void 0,function(){var e;return s(this,function(t){return this._debug("#_stopAutoRefresh()"),e=this.autoRefreshTicker,this.autoRefreshTicker=null,e&&clearInterval(e),[2]})})},t.prototype._autoRefreshTokenTick=function(){return i(this,void 0,void 0,function(){var e,t=this;return s(this,function(r){switch(r.label){case 0:this._debug("#_autoRefreshTokenTick()","begin"),r.label=1;case 1:return r.trys.push([1,3,,4]),[4,this.lock._acquireLock(0,function(){return i(t,void 0,void 0,function(){var e,t,r=this;return s(this,function(n){switch(n.label){case 0:n.trys.push([0,,5,6]),e=Date.now(),n.label=1;case 1:return n.trys.push([1,3,,4]),[4,this._useSession(function(t){return i(r,void 0,void 0,function(){var r,n;return s(this,function(i){switch(i.label){case 0:return(r=t.data.session)&&r.refresh_token&&r.expires_at?(n=Math.floor((1e3*r.expires_at-e)/he),this._debug("#_autoRefreshTokenTick()","access token expires in ".concat(n," ticks, a tick lasts ").concat(he,"ms, refresh threshold is ").concat(3," ticks")),n<=3?[4,this._callRefreshToken(r.refresh_token)]:[3,2]):(this._debug("#_autoRefreshTokenTick()","no session"),[2]);case 1:i.sent(),i.label=2;case 2:return[2]}})})})];case 2:return[2,n.sent()];case 3:return t=n.sent(),console.error("Auto refresh tick failed with error. This is likely a transient error.",t),[3,4];case 4:return[3,6];case 5:return this._debug("#_autoRefreshTokenTick()","end"),[7];case 6:return[2]}})})})];case 2:return r.sent(),[3,4];case 3:if(!((e=r.sent()).isAcquireTimeout||e instanceof ce))throw e;return this._debug("auto refresh token tick lock not available"),[3,4];case 4:return[2]}})})},t.prototype._detectFlowType=function(){return i(this,void 0,void 0,function(){var e,t;return s(this,function(r){return e=oe(null==l?void 0:l.location.href),(t=R())&&e.code?[2,"pkce"]:t&&(e.access_token||e.error_description)?[2,"implicit"]:[2,null]})})},t.prototype._scope=function(){return this.scope||"openid profile email"},t.prototype._getUrlForConnection=function(e,t){return i(this,void 0,void 0,function(){var r,i,o,a,c,u,h;return s(this,function(s){switch(s.label){case 0:return r=t.queryParams||{},i={client_id:this.clientId,response_type:t.response_type,redirect_uri:t.redirectTo||this.redirectUri||(null==l?void 0:l.location.origin),scope:t.scopes||this._scope()},"pkce"!==this.flowType?[3,2]:[4,A(this.storage,this.storageKey)];case 1:o=s.sent(),a=o[0],c=o[1],r=n(n({},r),{code_challenge:a,code_challenge_method:c}),s.label=2;case 2:return t.connection_id?i.connection_id=t.connection_id:t.connection&&(i.connection=t.connection),(u=null!==(h=t.audience)&&void 0!==h?h:this.audience)&&(i.audience=u),[2,"".concat(e,"?").concat(new URLSearchParams(n(n({},r),i)))]}})})},t.prototype.signInWithOauthConnection=function(e){return i(this,void 0,void 0,function(){return s(this,function(t){switch(t.label){case 0:return[4,this._handleConnectionSignIn({connection:e.connection,connection_id:e.connection_id,redirectTo:null==e?void 0:e.redirectTo,scopes:null==e?void 0:e.scopes,queryParams:e.queryParams,skipBrowserRedirect:e.skipBrowserRedirect,audience:e.audience})];case 1:return[2,t.sent()]}})})},t.prototype.signInWithUsernamePassword=function(e){return i(this,void 0,void 0,function(){var t,r,i;return s(this,function(s){switch(s.label){case 0:return t=null!==(i=e.audience)&&void 0!==i?i:this.audience,[4,b("".concat(this.domainUrl,"/usernamepassword/login"),n({username:e.username,password:e.password,redirect_uri:e.redirectTo||this.redirectUri||(null==l?void 0:l.location.origin),client_id:this.clientId,state:e.state},t?{audience:t}:{}),{raw:!0})];case 1:return!(r=s.sent()).data||r.error?[2,{data:null,error:new V(r.error||"Error in username password login",r.error)}]:(function(e,t){var r=t.createElement("div");r.innerHTML=e;var n=t.body.appendChild(r).children[0];if(!n)throw new Error("Auth response did not contain a submittable form");n.submit()}(r.data,d),[2,{data:null,error:null}])}})})},t.prototype.signInWithOtp=function(e){return i(this,void 0,void 0,function(){var t,r,i,o,a,c,u,l,h,d;return s(this,function(s){switch(s.label){case 0:return t=null!==(d=e.audience)&&void 0!==d?d:this.audience,[4,b("".concat(this.domainUrl,"/oauth/token"),n({client_id:this.clientId,grant_type:"http://auth0.com/oauth/grant-type/passwordless/otp",username:e.username,otp:e.otp},t?{audience:t}:{}))];case 1:return r=s.sent(),i=U(r),o=i.data,(a=i.error)?[2,{data:{user:null,session:null},error:a}]:o&&o.session?(c=o.session,[4,this._getUser(c.access_token)]):[2,{data:{user:null,session:null},error:new W}];case 2:return u=s.sent(),l=u.data,(h=u.error)||!l?[2,{data:{user:null,session:null},error:h||new V("Could not fetch user info",null)}]:(c.user=l,[4,this._saveSession(c)]);case 3:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",c)];case 4:return s.sent(),[2,{data:{user:c.user,session:c},error:null}]}})})},t.prototype.signInWithPasswordless=function(e){return i(this,void 0,void 0,function(){var t,r,i;return s(this,function(s){switch(s.label){case 0:return t=null!==(i=e.audience)&&void 0!==i?i:this.audience,[4,b("".concat(this.domainUrl,"/passwordless/start"),n({client_id:this.clientId,email:e.email,send:e.type},t?{audience:t}:{}))];case 1:return[2,{data:(r=s.sent()).data,error:r.error}]}})})},t.prototype.changePassword=function(e){return i(this,void 0,void 0,function(){var t,r,n;return s(this,function(i){switch(i.label){case 0:return(null==e?void 0:e.email)?[4,b("".concat(this.domainUrl,"/dbconnections/change_password"),{email:e.email})]:[2,{data:null,error:new V("email is required",null)}];case 1:return t=i.sent(),r=t.data,n=t.error,[2,{data:null!=r?r:null,error:n?new V(String(n),n):null}]}})})},t.prototype.buildAuthorizeUrl=function(e){var t;void 0===e&&(e={});var r={client_id:this.clientId,redirect_uri:e.redirectTo||this.redirectUri||(null==l?void 0:l.location.origin),response_type:y(e,R()),audience:null!==(t=e.audience)&&void 0!==t?t:this.audience,scope:e.scope,connection:e.connection},n=Object.fromEntries(Object.entries(r).filter(function(e){return!!e[1]}));return"".concat(this.domainUrl,"/authorize?").concat(new URLSearchParams(n).toString())},t.prototype.authorize=function(e){var t=this.buildAuthorizeUrl(e);B.redirect(t)},t.prototype._handleConnectionSignIn=function(e){return i(this,void 0,void 0,function(){var t;return s(this,function(r){switch(r.label){case 0:return[4,this._getUrlForConnection("".concat(this.domainUrl,"/authorize"),{response_type:R()?"code":"token",connection:e.connection,connection_id:e.connection_id,redirectTo:e.redirectTo,scopes:e.scopes,queryParams:e.queryParams,audience:e.audience})];case 1:return t=r.sent(),this._debug("#_handleConnectionSignIn()","options",e,"url",t),R()&&!e.skipBrowserRedirect&&(null==l||l.location.assign(t)),[2,{data:{url:t},error:null}]}})})},t.prototype.setSession=function(e){return i(this,void 0,void 0,function(){var t=this;return s(this,function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,function(){return i(t,void 0,void 0,function(){return s(this,function(t){switch(t.label){case 0:return[4,this._setSession(e)];case 1:return[2,t.sent()]}})})})];case 2:return[2,r.sent()]}})})},t.prototype.getSession=function(){return i(this,void 0,void 0,function(){var e=this;return s(this,function(t){switch(t.label){case 0:return[4,this.initializePromise];case 1:return t.sent(),[4,this.lock._acquireLock(-1,function(){return i(e,void 0,void 0,function(){var e=this;return s(this,function(t){return[2,this._useSession(function(t){return i(e,void 0,void 0,function(){return s(this,function(e){return[2,t]})})})]})})})];case 2:return[2,t.sent()]}})})},t.prototype._useSession=function(e){return i(this,void 0,void 0,function(){var t;return s(this,function(r){switch(r.label){case 0:this._debug("#_useSession","begin"),r.label=1;case 1:return r.trys.push([1,,4,5]),[4,this.__loadSession()];case 2:return t=r.sent(),[4,e(t)];case 3:return[2,r.sent()];case 4:return this._debug("#_useSession","end"),[7];case 5:return[2]}})})},t.prototype.__loadSession=function(){return i(this,void 0,void 0,function(){var e,t,r,n,i,o,a;return s(this,function(s){switch(s.label){case 0:this._debug("#__loadSession()","begin"),this.lock.lockAcquired||this._debug("#__loadSession()","used outside of an acquired lock!",(new Error).stack),s.label=1;case 1:return s.trys.push([1,,7,8]),e=null,[4,m(this.storage,this.storageKey)];case 2:return t=s.sent(),this._debug("#getSession()","session from storage",t),null===t?[3,5]:Y(t)?(e=t,[3,5]):[3,3];case 3:return this._debug("#getSession()","session from storage is not valid"),[4,this._removeSession()];case 4:s.sent(),s.label=5;case 5:return e?(r=!!e.expires_at&&e.expires_at<=Date.now()/1e3,this._debug("#__loadSession()","session has".concat(r?"":" not"," expired"),"expires_at",e.expires_at),r?[4,this._callRefreshToken(e.refresh_token)]:(this.storage.isServer&&(n=new Proxy(e,{get:function(e,t,r){return"user"===t&&console.warn("Reading `session.user` from a server-side cookie store can be insecure: the value is whatever the cookie contains and has not been verified against Faable Auth. Re-fetch the user with `auth.getUser()` (or verify the access token yourself) before trusting it on the server."),Reflect.get(e,t,r)}}),e=n),[2,{data:{session:e},error:null}])):[2,{data:{session:null},error:null}];case 6:return i=s.sent(),o=i.session,(a=i.error)?[2,{data:{session:null},error:a}]:[2,{data:{session:o},error:null}];case 7:return this._debug("#__loadSession()","end"),[7];case 8:return[2]}})})},t.prototype._removeSession=function(){return i(this,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return this._debug("#_removeSession()"),this._session=null,[4,this.storage.removeItem(this.storageKey)];case 1:return e.sent(),[2]}})})},t.prototype._setSession=function(e){return i(this,void 0,void 0,function(){var t,r,n,i,o,a,c,u,l,h,d;return s(this,function(s){switch(s.label){case 0:if(s.trys.push([0,7,,8]),!e.access_token||!e.refresh_token)throw new j;return t=Date.now()/1e3,r=t,n=!0,i=null,(o=$(e.access_token)).exp&&(r=o.exp,n=r<=t),n?[4,this._callRefreshToken(e.refresh_token)]:[3,2];case 1:return a=s.sent(),c=a.session,(h=a.error)?[2,{data:{user:null,session:null},error:h}]:c?(i=c,[3,6]):[2,{data:{user:null,session:null},error:null}];case 2:return[4,this._getUser(e.access_token)];case 3:if(u=s.sent(),l=u.data,(h=u.error)||!l)throw h;return i={access_token:e.access_token,refresh_token:e.refresh_token,user:l,token_type:"bearer",expires_in:r-t,expires_at:r},[4,this._saveSession(i)];case 4:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",i)];case 5:s.sent(),s.label=6;case 6:return[2,{data:{user:i.user,session:i},error:null}];case 7:if(K(d=s.sent()))return[2,{data:{session:null,user:null},error:d}];throw d;case 8:return[2]}})})},t.prototype._saveSession=function(e){return i(this,void 0,void 0,function(){return s(this,function(t){switch(t.label){case 0:return this._debug("#_saveSession()",e),this._session=e,[4,w(this.storage,this.storageKey,e)];case 1:return t.sent(),[2]}})})},t.prototype._getUser=function(e){return i(this,void 0,void 0,function(){var t;return s(this,function(r){switch(r.label){case 0:if(!e)throw new Error("Cannot fetch user without token");return this._debug("#_getUser() begin"),[4,g("".concat(this.domainUrl,"/me"),{token:e})];case 1:return t=r.sent(),this._debug("#_getUser() end"),[2,{data:t.data,error:t.error}]}})})},t.prototype._callRefreshToken=function(e){return i(this,void 0,void 0,function(){var t,r,n,i,o,a,c,u;return s(this,function(s){switch(s.label){case 0:if(!e)throw new j;if(this.refreshingDeferred)return[2,this.refreshingDeferred.promise];t="#_callRefreshToken(".concat(e.substring(0,5),"...)"),this._debug(t,"begin"),s.label=1;case 1:return s.trys.push([1,5,10,11]),this.refreshingDeferred=new P,[4,(l=this._refreshAccessToken(e),h=3e4,d="Token refresh timed out",v=new Promise(function(e,t){f=setTimeout(function(){return t(new Error(d))},h)}),Promise.race([l.finally(function(){void 0!==f&&clearTimeout(f)}),v]))];case 2:if(r=s.sent(),n=r.data,i=r.error)throw i;if(!n.session)throw new j;return[4,this._saveSession(n.session)];case 3:return s.sent(),[4,this._notifyAllSubscribers("TOKEN_REFRESHED",n.session)];case 4:return s.sent(),a={session:n.session,error:null},this.refreshingDeferred.resolve(a),[2,a];case 5:return o=s.sent(),this._debug(t,"error",o),K(o)?(a={session:null,error:o},G(o)?[3,8]:[4,this._removeSession()]):[3,9];case 6:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_OUT",null)];case 7:s.sent(),s.label=8;case 8:return null===(c=this.refreshingDeferred)||void 0===c||c.resolve(a),[2,a];case 9:throw null===(u=this.refreshingDeferred)||void 0===u||u.reject(o),o;case 10:return this.refreshingDeferred=null,this._debug(t,"end"),[7];case 11:return[2]}var l,h,d,f,v})})},t.prototype._refreshAccessToken=function(e){return i(this,void 0,void 0,function(){var t,r,o,a=this;return s(this,function(c){switch(c.label){case 0:t="#_refreshAccessToken(".concat(e.substring(0,5),"...)"),this._debug(t,"begin"),c.label=1;case 1:return c.trys.push([1,3,4,5]),r=Date.now(),[4,L(function(r){return i(a,void 0,void 0,function(){var i,o,a,c,u,l,h;return s(this,function(s){switch(s.label){case 0:return r>0?[4,O(200*Math.pow(2,r-1))]:[3,2];case 1:s.sent(),s.label=2;case 2:return this._debug(t,"refreshing attempt",r),[4,b("".concat(this.domainUrl,"/oauth/token"),n({client_id:this.clientId,grant_type:"refresh_token",refresh_token:e},this.audience?{audience:this.audience}:{}))];case 3:if((i=s.sent()).error)throw new V("Refresh token request failed: ".concat(i.error),i.error);if(o=U(i),!(null===(l=o.data.session)||void 0===l?void 0:l.access_token))throw new W;return[4,this._getUser(null===(h=o.data.session)||void 0===h?void 0:h.access_token)];case 4:if(a=s.sent(),c=a.data,u=a.error)throw new V("Could not fetch user info",u);if(!c)throw new V("Refresh response missing user",null);return[2,{data:{session:n(n({},o.data.session),{user:c}),user:c},error:null}]}})})},function(e,t){var n=200*Math.pow(2,e);return t&&G(t)&&Date.now()+n-r<he})];case 2:return[2,c.sent()];case 3:if(o=c.sent(),this._debug(t,"error",o),K(o))return[2,{data:{session:null,user:null},error:o}];throw o;case 4:return this._debug(t,"end"),[7];case 5:return[2]}})})},t.prototype._notifyAllSubscribers=function(e,t){return i(this,arguments,void 0,function(e,t,r){var n;return void 0===r&&(r=!0),s(this,function(i){switch(i.label){case 0:n="#_notifyAllSubscribers(".concat(e,")"),this._debug(n,"begin",t,"broadcast = ".concat(r)),i.label=1;case 1:return i.trys.push([1,,3,4]),[4,this.broadcastSync.notify(e,t,r)];case 2:return i.sent(),[3,4];case 3:return this._debug(n,"end"),[7];case 4:return[2]}})})},t.prototype.signOut=function(){return i(this,arguments,void 0,function(e){var t=this;return void 0===e&&(e={scope:"global"}),s(this,function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,function(){return i(t,void 0,void 0,function(){return s(this,function(t){switch(t.label){case 0:return[4,this._signOut(e)];case 1:return[2,t.sent()]}})})})];case 2:return[2,r.sent()]}})})},t.prototype._signOut=function(){return i(this,arguments,void 0,function(e){var t=this,r=(void 0===e?{scope:"global"}:e).scope;return s(this,function(e){switch(e.label){case 0:return[4,this._useSession(function(e){return i(t,void 0,void 0,function(){var t,n,i,o;return s(this,function(s){switch(s.label){case 0:return t=e.data,(n=e.error)?[2,{error:n}]:(null===(o=t.session)||void 0===o?void 0:o.access_token)?[4,this.api.signOut({client_id:this.clientId})]:[3,2];case 1:if((i=s.sent().error)&&(!function(e){return K(e)&&"AuthApiError"===e.name}(i)||404!==i.status&&401!==i.status))return[2,{error:i}];s.label=2;case 2:return"others"===r?[3,6]:[4,this._removeSession()];case 3:return s.sent(),[4,this.storage.removeItem("".concat(this.storageKey,"-code-verifier"))];case 4:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_OUT",null)];case 5:s.sent(),s.label=6;case 6:return[2,{error:null}]}})})})];case 1:return[2,e.sent()]}})})},t.prototype.onAuthStateChange=function(e){var t=this,r=this.broadcastSync.subscribe(e).subscription;return this._debug("#onAuthStateChange()","registered callback with id",r.id),i(t,void 0,void 0,function(){var e=this;return s(this,function(t){switch(t.label){case 0:return[4,this.initializePromise];case 1:return t.sent(),[4,this.lock._acquireLock(-1,function(){return i(e,void 0,void 0,function(){return s(this,function(e){return this._emitInitialSession(r),[2]})})})];case 2:return t.sent(),[2]}})}),{data:{subscription:r}}},t.prototype._emitInitialSession=function(e){return i(this,void 0,void 0,function(){var t=this;return s(this,function(r){switch(r.label){case 0:return[4,this._useSession(function(r){return i(t,void 0,void 0,function(){var t,n,i;return s(this,function(s){switch(s.label){case 0:if(s.trys.push([0,2,,4]),t=r.data.session,n=r.error)throw n;return[4,e.callback("INITIAL_SESSION",t)];case 1:return s.sent(),this._debug("INITIAL_SESSION","callback id",e.id,"session",t),[3,4];case 2:return i=s.sent(),[4,e.callback("INITIAL_SESSION",null)];case 3:return s.sent(),this._debug("INITIAL_SESSION","callback id",e.id,"error",i),console.error(i),[3,4];case 4:return[2]}})})})];case 1:return[2,r.sent()]}})})},t.prototype.refreshSession=function(e){return i(this,void 0,void 0,function(){var t=this;return s(this,function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,function(){return i(t,void 0,void 0,function(){return s(this,function(t){switch(t.label){case 0:return[4,this._refreshSession(e)];case 1:return[2,t.sent()]}})})})];case 2:return[2,r.sent()]}})})},t.prototype._refreshSession=function(e){return i(this,void 0,void 0,function(){var t,r=this;return s(this,function(n){switch(n.label){case 0:return n.trys.push([0,2,,3]),[4,this._useSession(function(t){return i(r,void 0,void 0,function(){var r,n,i,o,a,c;return s(this,function(s){switch(s.label){case 0:if(!e){if(r=t.data,n=t.error)throw n;e=null!==(c=r.session)&&void 0!==c?c:void 0}if(!(null==e?void 0:e.refresh_token))throw new j;return[4,this._callRefreshToken(e.refresh_token)];case 1:return i=s.sent(),o=i.session,(a=i.error)?[2,{data:{user:null,session:null},error:a}]:o?[2,{data:{user:o.user,session:o},error:null}]:[2,{data:{user:null,session:null},error:null}]}})})})];case 1:return[2,n.sent()];case 2:if(K(t=n.sent()))return[2,{data:{user:null,session:null},error:t}];throw t;case 3:return[2]}})})},t}(u),fe=function(){};e.AuthError=q,e.FaableAuthClient=de,e.User=fe,e.cookieStorageAdapter=ie,e.createClient=function(e){return new de(e)},e.getSessionFromCookies=function(e,t){var r,n="".concat(null!==(r=t.storageKey)&&void 0!==r?r:N,"-").concat(t.clientId),i=H(e,n);if(!i)return null;try{return JSON.parse(decodeURIComponent(i))}catch(e){return console.error("Failed to parse session from cookie",e),null}}}({});
|
|
6
|
+
!function(e){"use strict";var t=function(e,r){return t=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var r in t)Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r])},t(e,r)};function r(e,r){if("function"!=typeof r&&null!==r)throw new TypeError("Class extends value "+String(r)+" is not a constructor or null");function n(){this.constructor=e}t(e,r),e.prototype=null===r?Object.create(r):(n.prototype=r.prototype,new n)}var n=function(){return n=Object.assign||function(e){for(var t,r=1,n=arguments.length;r<n;r++)for(var i in t=arguments[r])Object.prototype.hasOwnProperty.call(t,i)&&(e[i]=t[i]);return e},n.apply(this,arguments)};function i(e,t,r,n){return new(r||(r=Promise))(function(i,s){function o(e){try{u(n.next(e))}catch(e){s(e)}}function a(e){try{u(n.throw(e))}catch(e){s(e)}}function u(e){var t;e.done?i(e.value):(t=e.value,t instanceof r?t:new r(function(e){e(t)})).then(o,a)}u((n=n.apply(e,t||[])).next())})}function s(e,t){var r,n,i,s={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]},o=Object.create(("function"==typeof Iterator?Iterator:Object).prototype);return o.next=a(0),o.throw=a(1),o.return=a(2),"function"==typeof Symbol&&(o[Symbol.iterator]=function(){return this}),o;function a(a){return function(u){return function(a){if(r)throw new TypeError("Generator is already executing.");for(;o&&(o=0,a[0]&&(s=0)),s;)try{if(r=1,n&&(i=2&a[0]?n.return:a[0]?n.throw||((i=n.return)&&i.call(n),0):n.next)&&!(i=i.call(n,a[1])).done)return i;switch(n=0,i&&(a=[2&a[0],i.value]),a[0]){case 0:case 1:i=a;break;case 4:return s.label++,{value:a[1],done:!1};case 5:s.label++,n=a[1],a=[0];continue;case 7:a=s.ops.pop(),s.trys.pop();continue;default:if(!(i=s.trys,(i=i.length>0&&i[i.length-1])||6!==a[0]&&2!==a[0])){s=0;continue}if(3===a[0]&&(!i||a[1]>i[0]&&a[1]<i[3])){s.label=a[1];break}if(6===a[0]&&s.label<i[1]){s.label=i[1],i=a;break}if(i&&s.label<i[2]){s.label=i[2],s.ops.push(a);break}i[2]&&s.ops.pop(),s.trys.pop();continue}a=t.call(e,s)}catch(e){a=[6,e],n=0}finally{r=i=0}if(5&a[0])throw a[1];return{value:a[0]?a[1]:void 0,done:!0}}([a,u])}}}function o(e,t,r){if(r||2===arguments.length)for(var n,i=0,s=t.length;i<s;i++)!n&&i in t||(n||(n=Array.prototype.slice.call(t,0,i)),n[i]=t[i]);return e.concat(n||Array.prototype.slice.call(t))}"function"==typeof SuppressedError&&SuppressedError;var a="0.0.0",u=function(){function e(e){void 0===e&&(e={}),this.logger=console.log,this.logDebugMessages=!!e.debug,"function"==typeof e.debug&&(this.logger=e.debug)}return e.prototype._debug=function(){for(var e=[],t=0;t<arguments.length;t++)e[t]=arguments[t];if(this.logDebugMessages){var r=this.extraPrint?this.extraPrint():"";this.logger.apply(this,o(["FaableAuth@".concat(r," (").concat(a,") ").concat((new Date).toISOString())],e,!1))}return this},e}(),c=function(e){function t(r){void 0===r&&(r={});var n=e.call(this,r)||this;return n.instanceID=t.nextInstanceID,t.nextInstanceID+=1,n}return r(t,e),t.prototype.extraPrint=function(){return this.instanceID.toString()},t.nextInstanceID=0,t}(u),l="undefined"!=typeof window?window:void 0,h="undefined"!=typeof globalThis?globalThis:l,d=null==h?void 0:h.document,f=h.fetch,v=function(e){void 0===e&&(e={});var t={"x-faable-client":"auth-js/".concat(a)};return(null==e?void 0:e.token)&&(t=n(n({},t),{Authorization:"Bearer ".concat(null==e?void 0:e.token)})),n(n({},null==e?void 0:e.headers),t)},p=function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i(void 0,o([e],t,!0),void 0,function(e,t){var r,n,i;return void 0===t&&(t={}),s(this,function(s){switch(s.label){case 0:return t.raw?[4,e.text()]:[3,2];case 1:return n=s.sent(),[3,4];case 2:return[4,e.json()];case 3:n=s.sent(),s.label=4;case 4:return r=n,e.status>=300?[2,{data:r,error:t.raw?null===(i=JSON.parse(r))||void 0===i?void 0:i.message:null==r?void 0:r.message}]:[2,{data:r,error:null}]}})})},b=function(e,t){for(var r=[],a=2;a<arguments.length;a++)r[a-2]=arguments[a];return i(void 0,o([e,t],r,!0),void 0,function(e,t,r){var i;return void 0===r&&(r={}),s(this,function(s){switch(s.label){case 0:return s.trys.push([0,3,,4]),[4,f(e,{method:"POST",body:JSON.stringify(t),headers:n(n({},v(r)),{"Content-Type":"application/json"})})];case 1:return i=s.sent(),[4,p(i,r)];case 2:return[2,s.sent()];case 3:return[2,{data:null,error:s.sent()}];case 4:return[2]}})})},g=function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i(void 0,o([e],t,!0),void 0,function(e,t){var r;return void 0===t&&(t={}),s(this,function(i){switch(i.label){case 0:return i.trys.push([0,3,,4]),[4,f(e,n(n({},t),{method:"GET",headers:v(t)}))];case 1:return r=i.sent(),[4,p(r,t)];case 2:return[2,i.sent()];case 3:return[2,{data:null,error:i.sent()}];case 4:return[2]}})})},_=function(e){function t(t,r){var n=e.call(this,r)||this;return n.base_url=t,n}return r(t,e),t.prototype.extraPrint=function(){return"api"},t.prototype.signOut=function(e){return i(this,void 0,void 0,function(){var t,r;return s(this,function(n){switch(n.label){case 0:return t="".concat(this.base_url,"/logout?").concat(new URLSearchParams(e)),this._debug("requesting ".concat(t)),[4,g(t)];case 1:return r=n.sent(),this._debug(r),r.error?[2,{error:r.error,data:null}]:[2,{error:null,data:null}]}})})},t}(u),y=function(e,t){return e.response_type||(t?"code":"token")},w=function(e,t,r){return i(void 0,void 0,void 0,function(){return s(this,function(n){switch(n.label){case 0:return[4,e.setItem(t,JSON.stringify(r))];case 1:return n.sent(),[2]}})})},m=function(e,t){return i(void 0,void 0,void 0,function(){var r;return s(this,function(n){switch(n.label){case 0:return[4,e.getItem(t)];case 1:if(!(r=n.sent()))return[2,null];try{return[2,JSON.parse(r)]}catch(e){return[2,r]}return[2]}})})},k=function(e,t,r){return i(void 0,[e,t,r],void 0,function(e,t,r){var n,i=r.verifier,o=r.redirectType,a=r.returnTo,u=r.now,c=void 0===u?Date.now():u;return s(this,function(r){switch(r.label){case 0:return n={verifier:i,createdAt:c},o&&(n.redirectType=o),a&&(n.returnTo=a),[4,w(e,t,n)];case 1:return r.sent(),[2]}})})},S=function(e,t){for(var r=[],n=2;n<arguments.length;n++)r[n-2]=arguments[n];return i(void 0,o([e,t],r,!0),void 0,function(e,t,r){var n,i,o=(void 0===r?{}:r).now,a=void 0===o?Date.now():o;return s(this,function(r){switch(r.label){case 0:return[4,m(e,t)];case 1:return n=r.sent(),"object"!=typeof(s=n)||null===s||"string"!=typeof s.verifier||"number"!=typeof s.createdAt?[2,null]:a-n.createdAt>6e5?[4,e.removeItem(t)]:[3,3];case 2:return r.sent(),[2,null];case 3:return i={verifier:n.verifier},n.redirectType&&(i.redirectType=n.redirectType),n.returnTo&&(i.returnTo=n.returnTo),[2,i]}var s})})};function T(e){return("0"+e.toString(16)).substr(-2)}function I(e){return i(this,void 0,void 0,function(){var t,r,n,i;return s(this,function(s){switch(s.label){case 0:return t=new TextEncoder,r=t.encode(e),[4,crypto.subtle.digest("SHA-256",r)];case 1:return n=s.sent(),i=new Uint8Array(n),[2,Array.from(i).map(function(e){return String.fromCharCode(e)}).join("")]}})})}function x(e){return i(this,void 0,void 0,function(){var t;return s(this,function(r){switch(r.label){case 0:return"undefined"!=typeof crypto&&void 0!==crypto.subtle&&"undefined"!=typeof TextEncoder?[4,I(e)]:(console.warn("WebCrypto API is not supported. Code challenge method will default to use plain instead of sha256."),[2,e]);case 1:return t=r.sent(),[2,(n=t,btoa(n).replace(/\+/g,"-").replace(/\//g,"_").replace(/=+$/,""))]}var n})})}function A(e,t){return i(this,arguments,void 0,function(e,t,r,n){var i,o;return void 0===r&&(r=!1),s(this,function(s){switch(s.label){case 0:return i=function(){if("undefined"==typeof crypto||"function"!=typeof crypto.getRandomValues)throw new Error("Web Crypto API is required to generate a PKCE code verifier");var e=new Uint32Array(56);return crypto.getRandomValues(e),Array.from(e,T).join("")}(),[4,k(e,"".concat(t,"-code-verifier"),{verifier:i,redirectType:r?"PASSWORD_RECOVERY":void 0,returnTo:n})];case 1:return s.sent(),[4,x(i)];case 2:return[2,[o=s.sent(),i===o?"plain":"S256"]]}})})}var R=function(){return"undefined"!=typeof document},C={tested:!1,writable:!1},E=function(){if(!R())return!1;try{if("object"!=typeof globalThis.localStorage)return!1}catch(e){return!1}if(C.tested)return C.writable;var e="lswt-".concat(Math.random()).concat(Math.random());try{globalThis.localStorage.setItem(e,e),globalThis.localStorage.removeItem(e),C.tested=!0,C.writable=!0}catch(e){C.tested=!0,C.writable=!1}return C.writable};function U(e){var t,r,i=e.data,s=null;if(!i)throw new Error("Bad session response");return function(e){return!!e.access_token&&!!e.refresh_token&&!!e.expires_in}(i)&&(s=n({},i),!i.expires_at&&i.expires_in&&(s.expires_at=(r=i.expires_in,Math.round(Date.now()/1e3)+r))),{data:{session:s,user:null!==(t=i.user)&&void 0!==t?t:i},error:null}}var P=function(){function e(){var t=this;this.promise=new e.promiseConstructor(function(e,r){t.resolve=e,t.reject=r})}return e.promiseConstructor=Promise,e}();function L(e,t){var r=this;return new Promise(function(n,o){i(r,void 0,void 0,function(){var r,i,a;return s(this,function(s){switch(s.label){case 0:r=0,s.label=1;case 1:if(!(r<1/0))return[3,6];s.label=2;case 2:return s.trys.push([2,4,,5]),[4,e(r)];case 3:return i=s.sent(),t(r,null,i)?[3,5]:(n(i),[2]);case 4:return a=s.sent(),t(r,a)?[3,5]:(o(a),[2]);case 5:return r++,[3,1];case 6:return[2]}})})})}function O(e){return i(this,void 0,void 0,function(){return s(this,function(t){return[2,new Promise(function(t){setTimeout(function(){return t(null)},e)})]})})}var D=function(){function e(e,t){var r=this;if(this.debug=t,this.channel=null,this.subscribers=new Map,"undefined"!=typeof globalThis&&"function"==typeof globalThis.BroadcastChannel&&e)try{this.channel=new globalThis.BroadcastChannel(e),this.channel.addEventListener("message",function(e){return i(r,void 0,void 0,function(){return s(this,function(t){switch(t.label){case 0:return this.debug("broadcast_sync: received notification from another tab",e),[4,this.dispatch(e.data.event,e.data.session,!1)];case 1:return t.sent(),[2]}})})})}catch(e){console.error("Failed to create BroadcastChannel; cross-tab sync disabled",e)}}return e.prototype.subscribe=function(e){var t=this,r="xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx".replace(/[xy]/g,function(e){var t=16*Math.random()|0;return("x"==e?t:3&t|8).toString(16)}),n={id:r,callback:e,unsubscribe:function(){t.subscribers.delete(r)}};return this.subscribers.set(r,n),{subscription:n}},e.prototype.notify=function(e,t){return i(this,arguments,void 0,function(e,t,r){return void 0===r&&(r=!0),s(this,function(n){switch(n.label){case 0:return r&&this.channel&&this.channel.postMessage({event:e,session:t}),[4,this.dispatch(e,t,r)];case 1:return n.sent(),[2]}})})},e.prototype.dispatch=function(e,t,r){return i(this,void 0,void 0,function(){var r,n,o,a=this;return s(this,function(u){switch(u.label){case 0:return r=[],n=Array.from(this.subscribers.values()).map(function(n){return i(a,void 0,void 0,function(){var i;return s(this,function(s){switch(s.label){case 0:return s.trys.push([0,2,,3]),[4,n.callback(e,t)];case 1:return s.sent(),[3,3];case 2:return i=s.sent(),r.push(i),[3,3];case 3:return[2]}})})}),[4,Promise.all(n)];case 1:if(u.sent(),r.length>0){for(o=0;o<r.length;o+=1)console.error(r[o]);throw r[0]}return[2]}})})},e.prototype.close=function(){var e;this.subscribers.clear();try{null===(e=this.channel)||void 0===e||e.close()}catch(e){}this.channel=null},e}(),z="faableauth",N=function(e){function t(t,r,n){var i=e.call(this,t)||this;return i.__isAuthError=!0,i.name="AuthError",i.status=r,i.code=n,i}return r(t,e),t}(Error),q=function(e){function t(t,r,n,i){var s=e.call(this,t,n,i)||this;return s.name=r,s.status=n,s}return r(t,e),t}(N),j=function(e){function t(){return e.call(this,"Auth session missing!","AuthSessionMissingError",400,void 0)||this}return r(t,e),t}(q);function K(e){return"object"==typeof e&&null!==e&&"__isAuthError"in e}!function(e){function t(t,r,n){var i=e.call(this,t,r,n)||this;return i.name="AuthApiError",i.status=r,i.code=n,i}r(t,e)}(N);var M=function(e){function t(t,r){void 0===r&&(r=null);var n=e.call(this,t,"AuthImplicitGrantRedirectError",500,void 0)||this;return n.details=null,n.details=r,n}return r(t,e),t.prototype.toJSON=function(){return{name:this.name,message:this.message,status:this.status,details:this.details}},t}(q),F=function(e){function t(t,r){void 0===r&&(r=null);var n=e.call(this,t,"AuthPKCEGrantCodeExchangeError",500,void 0)||this;return n.details=null,n.details=r,n}return r(t,e),t.prototype.toJSON=function(){return{name:this.name,message:this.message,status:this.status,details:this.details}},t}(q),V=function(e){function t(t,r){var n=e.call(this,t)||this;return n.name="AuthUnknownError",n.originalError=r,n}return r(t,e),t}(N),W=function(e){function t(){return e.call(this,"Auth session or user missing","AuthInvalidTokenResponseError",500,void 0)||this}return r(t,e),t}(q);function G(e){return K(e)&&"AuthRetryableFetchError"===e.name}function J(){if(!l)throw new Error("No window in environment");return l}!function(e){function t(t,r){return e.call(this,t,"AuthRetryableFetchError",r,void 0)||this}r(t,e)}(q);var B={redirect:function(e){J().location=e},getDocument:function(){return J().document},getWindow:J};function $(e){var t=e.split(".");if(3!==t.length)throw new Error("JWT is not valid: not a JWT structure");if(!/^([a-z0-9_-]{4})*($|[a-z0-9_-]{3}=?$|[a-z0-9_-]{2}(==)?$)$/i.test(t[1]))throw new Error("JWT is not valid: payload is not in base64url format");var r=t[1];return JSON.parse(function(e){var t,r,n,i,s,o,a="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=",u="",c=0;for(e=e.replace("-","+").replace("_","/");c<e.length;)t=a.indexOf(e.charAt(c++))<<2|(i=a.indexOf(e.charAt(c++)))>>4,r=(15&i)<<4|(s=a.indexOf(e.charAt(c++)))>>2,n=(3&s)<<6|(o=a.indexOf(e.charAt(c++))),u+=String.fromCharCode(t),64!=s&&0!=r&&(u+=String.fromCharCode(r)),64!=o&&0!=n&&(u+=String.fromCharCode(n));return u}(r))}var H=function(e,t){if(!e)return null;var r="function"==typeof e.get?function(t){var r;return null===(r=e.get(t))||void 0===r?void 0:r.value}:function(t){return e[t]},n=r(t);if(n)return n;for(var i=[],s=0;;s++){var o=r("".concat(t,".").concat(s));if(!o)break;i.push(o)}return i.length?i.join(""):null},Y=function(e){return"object"==typeof e&&null!==e&&"access_token"in e&&"refresh_token"in e&&"expires_at"in e},Q=function(e){var t=new Map;if(!e)return t;for(var r=0,n=e.split(";");r<n.length;r++){var i=n[r].trim();if(i){var s=i.indexOf("=");if(!(s<0)){var o=X(i.slice(0,s).trim()),a=X(i.slice(s+1).trim());o&&t.set(o,a)}}}return t},X=function(e){try{return decodeURIComponent(e)}catch(t){return e}},Z=function(e,t,r){var n="".concat(encodeURIComponent(e),"=").concat(encodeURIComponent(t));return void 0!==r.maxAge&&(n+="; Max-Age=".concat(r.maxAge)),r.domain&&(n+="; Domain=".concat(r.domain)),r.path&&(n+="; Path=".concat(r.path)),r.sameSite&&(n+="; SameSite=".concat(r.sameSite)),(!0===r.secure||"None"===r.sameSite)&&(n+="; Secure"),n},ee=function(e,t){return Z(e,"",{domain:t.domain,path:t.path,sameSite:t.sameSite,secure:t.secure,maxAge:0})},te=3200,re=function(e,t){return"".concat(e,".").concat(t)},ne=function(e,t){var r="".concat(t,"."),n=[];return e.forEach(function(e,t){if(t.startsWith(r)){var i=t.slice(r.length);/^\d+$/.test(i)&&n.push({name:t,idx:Number(i)})}}),n.sort(function(e,t){return e.idx-t.idx}),n.map(function(e){return e.name})},ie=function(e,t){void 0===e&&(e={}),void 0===t&&(t=R()?document:null);var r=n({path:"/",sameSite:"Lax",secure:R()&&"https:"===window.location.protocol,maxAge:2592e3},e);return{getItem:function(e){return t?function(e,t){var r=e.get(t);if(void 0!==r)return r;var n=ne(e,t);return 0===n.length?null:n.map(function(t){return e.get(t)}).join("")}(Q(t.cookie),e):null},setItem:function(e,n){if(t){var i=Q(t.cookie);if(n.length<=te){for(var s=0,o=ne(i,e);s<o.length;s++){var a=o[s];t.cookie=ee(a,r)}t.cookie=Z(e,n,r)}else{i.has(e)&&(t.cookie=ee(e,r));for(var u=Math.ceil(n.length/te),c=0,l=ne(i,e);c<l.length;c++){var h=l[c];Number(h.slice(e.length+1))>=u&&(t.cookie=ee(h,r))}for(var d=0,f=0;d<n.length;d+=te,f++){var v=n.slice(d,d+te);t.cookie=Z(re(e,f),v,r)}}}},removeItem:function(e){if(t){var n=Q(t.cookie);t.cookie=ee(e,r);for(var i=0,s=ne(n,e);i<s.length;i++){var o=s[i];t.cookie=ee(o,r)}}}}},se={getItem:function(e){return E()?globalThis.localStorage.getItem(e):null},setItem:function(e,t){E()&&globalThis.localStorage.setItem(e,t)},removeItem:function(e){E()&&globalThis.localStorage.removeItem(e)}};function oe(e){void 0===e&&(e="");var t={},r=new URL(e);if(r.hash&&"#"===r.hash[0])try{new URLSearchParams(r.hash.substring(1)).forEach(function(e,r){t[r]=e})}catch(e){}return r.searchParams.forEach(function(e,r){t[r]=e}),t}var ae=function(e){void 0===e&&(e=[]);var t=new URL(window.location.href);e.forEach(function(e){t.searchParams.delete(e)}),t.hash="",window.history.replaceState(window.history.state,"",t.toString())};globalThis&&E()&&globalThis.localStorage&&globalThis.localStorage.getItem("faable.auth.locks.debug");var ue=function(e){function t(t){var r=e.call(this,t)||this;return r.isAcquireTimeout=!0,r}return r(t,e),t}(Error);function ce(e,t,r){return i(this,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return[4,r()];case 1:return[2,e.sent()]}})})}!function(e){function t(){return null!==e&&e.apply(this,arguments)||this}r(t,e)}(ue);var le=function(e){function t(t){var r=e.call(this,{debug:t.debug})||this;return r.lockAcquired=!1,r.pendingInLock=[],r.lock=t.lock||ce,r.storageKey=t.storageKey,r}return r(t,e),t.prototype._acquireLock=function(e,t){return i(this,void 0,void 0,function(){var r,n,a=this;return s(this,function(u){switch(u.label){case 0:this._debug("#_acquireLock","begin",e),u.label=1;case 1:return u.trys.push([1,,3,4]),this.lockAcquired?(r=this.pendingInLock.length?this.pendingInLock[this.pendingInLock.length-1]:Promise.resolve(),n=i(a,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return[4,r];case 1:return e.sent(),[4,t()];case 2:return[2,e.sent()]}})}),this.pendingInLock.push(i(a,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return e.trys.push([0,2,,3]),[4,n];case 1:case 2:return e.sent(),[3,3];case 3:return[2]}})})),[2,n]):[4,this.lock("lock:".concat(this.storageKey),e,function(){return i(a,void 0,void 0,function(){var e,r,n=this;return s(this,function(a){switch(a.label){case 0:this._debug("#_acquireLock","lock acquired for storage key",this.storageKey),a.label=1;case 1:return a.trys.push([1,,7,8]),this.lockAcquired=!0,e=t(),this.pendingInLock.push(i(n,void 0,void 0,function(){return s(this,function(t){switch(t.label){case 0:return t.trys.push([0,2,,3]),[4,e];case 1:case 2:return t.sent(),[3,3];case 3:return[2]}})})),[4,e];case 2:a.sent(),a.label=3;case 3:return this.pendingInLock.length?(r=o([],this.pendingInLock,!0),[4,Promise.all(r)]):[3,5];case 4:return a.sent(),this.pendingInLock.splice(0,r.length),[3,3];case 5:return[4,e];case 6:return[2,a.sent()];case 7:return this._debug("#_acquireLock","lock released for storage key",this.storageKey),this.lockAcquired=!1,[7];case 8:return[2]}})})})];case 2:return[2,u.sent()];case 3:return this._debug("#_acquireLock","end"),[7];case 4:return[2]}})})},t}(c),he=3e4,de=function(e){function t(t){var r,n,i=this,s=(null==t?void 0:t.debug)||!1;if((i=e.call(this,{debug:s})||this).initializePromise=null,i._lastInitializeResult=null,i.detectSessionInUrl=!0,i.autoRefreshTicker=null,i.visibilityChangedCallback=null,i.refreshingDeferred=null,i._session=null,i.sessionCheckExpiryDays=1,i.redirectUri=(null==t?void 0:t.redirectUri)||"",!(null==t?void 0:t.domain))throw new Error("Missing domain");if(i.domainUrl=function(e){var t=(null!=e?e:"").trim().replace(/\/+$/,""),r=t.match(/^(https?):\/\/(.*)$/i);if(r){var n=r[2].replace(/^(https?:\/\/)+/i,"");return"".concat(r[1].toLowerCase(),"://").concat(n)}var i="undefined"!=typeof location&&(null===location||void 0===location?void 0:location.protocol)?location.protocol.replace(/:$/,""):"https";return"".concat(i,"://").concat(t)}(t.domain),i.tokenIssuer=(n=i.domainUrl,"".concat(n)),!t.clientId)throw new Error("Missing clientId");i.clientId=t.clientId,i.audience=t.audience,i.api=new _(i.domainUrl,{debug:s});var a=(null==t?void 0:t.storageKey)||z;return i.storageKey="".concat(a,"-").concat(i.clientId),i.storage=function(e){var t=e.storage,r=e.cookieOptions;return"cookie"===t||r?ie(r):"localStorage"===t||void 0===t?se:t}(t),i.lock=new le({lock:t.lock,storageKey:i.storageKey,debug:t.debug}),i.broadcastSync=new D(R()?i.storageKey:"",function(e){for(var t=[],r=1;r<arguments.length;r++)t[r-1]=arguments[r];return i._debug.apply(i,o([e],t,!1))}),i.flowType=null!==(r=t.flowType)&&void 0!==r?r:R()?"pkce":"implicit",i.autoRefreshToken=!0,i.initialize(),i}return r(t,e),Object.defineProperty(t.prototype,"session",{get:function(){return this._session},enumerable:!1,configurable:!0}),t.prototype.initialize=function(){return i(this,void 0,void 0,function(){var e,t=this;return s(this,function(r){switch(r.label){case 0:return this.initializePromise?[4,this.initializePromise]:[3,2];case 1:return[2,r.sent()];case 2:return this.initializePromise=i(t,void 0,void 0,function(){var e=this;return s(this,function(t){switch(t.label){case 0:return[4,this.lock._acquireLock(-1,function(){return i(e,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return[4,this._initialize()];case 1:return[2,e.sent()]}})})})];case 1:return[2,t.sent()]}})}),[4,this.initializePromise];case 3:return e=r.sent(),this._lastInitializeResult=e,[2,e]}})})},Object.defineProperty(t.prototype,"lastInitializeResult",{get:function(){return this._lastInitializeResult},enumerable:!1,configurable:!0}),t.prototype.handleRedirectCallback=function(){return i(this,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return[4,this.initialize()];case 1:return[2,e.sent()]}})})},t.prototype._initialize=function(){return i(this,void 0,void 0,function(){var e,t,r,n,o,a,u,c,l=this;return s(this,function(h){switch(h.label){case 0:return h.trys.push([0,8,9,11]),[4,this._detectFlowType()];case 1:return e=h.sent(),this._debug("#_initialize()","begin","flow_type",e),e?[4,this._getSessionFromURL(e)]:[3,6];case 2:return t=h.sent(),r=t.data,(n=t.error)?(this._debug("#_initialize()","error detecting session from URL",n),"Identity is already linked"===(null==n?void 0:n.message)||"Identity is already linked to another user"===(null==n?void 0:n.message)?[2,{error:n}]:[4,this._removeSession()]):[3,4];case 3:return h.sent(),[2,{error:n}];case 4:return o=r.session,a=r.redirectType,u=r.returnTo,this._debug("#_initialize()","detected session in URL",o,"redirect type",a),[4,this._saveSession(o)];case 5:return h.sent(),setTimeout(function(){return i(l,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return"recovery"!==a?[3,2]:[4,this._notifyAllSubscribers("PASSWORD_RECOVERY",o)];case 1:return e.sent(),[3,4];case 2:return[4,this._notifyAllSubscribers("SIGNED_IN",o)];case 3:e.sent(),e.label=4;case 4:return[2]}})})},0),[2,{error:null,redirectType:a,returnTo:u}];case 6:return[4,this._recoverAndRefresh()];case 7:return h.sent(),[2,{error:null}];case 8:return K(c=h.sent())?[2,{error:c}]:[2,{error:new V("Unexpected error during initialization",c)}];case 9:return[4,this._handleVisibilityChange()];case 10:return h.sent(),this._debug("#_initialize()","end"),[7];case 11:return[2]}})})},t.prototype._getSessionFromURL=function(e){return i(this,void 0,void 0,function(){var t,r,n,i,o,a,u,c,h,d,f,v,p,b,g,_,y,w,m,k;return s(this,function(s){switch(s.label){case 0:if(s.trys.push([0,4,,5]),t=oe(null==l?void 0:l.location.href),"pkce"!=e)return[3,2];if(!t.code)throw new F("No code detected.");return[4,this._exchangeCodeForSession(t.code)];case 1:if(r=s.sent(),n=r.data,i=r.error)throw i;return ae(["code"]),[2,{data:{session:n.session,redirectType:n.redirectType,returnTo:n.returnTo},error:null}];case 2:if(t.error||t.error_description||t.error_code)throw new M(t.error_description||"Error in URL with unspecified error_description",{error:t.error||"unspecified_error",code:t.error_code||"unspecified_code"});if(o=t.provider_token,a=t.provider_refresh_token,u=t.access_token,c=t.refresh_token,h=t.expires_in,d=t.expires_at,f=t.token_type,!u||!c)throw new M("No session defined in URL");return v=void 0,p=void 0,h?(m=function(e){var t=e.expires_in,r=e.expires_at,n=e.refreshTick,i=Math.round(Date.now()/1e3),s=parseInt(t),o=i+s;r&&(o=parseInt(r));var a=o-i;1e3*a<=n&&console.warn("@faable/auth-js: Session as retrieved from URL expires in ".concat(a,"s, should have been closer to ").concat(s,"s"));var u=o-s;return i-u>=120?console.warn("@faable/auth-js: Session as retrieved from URL was issued over 120s ago, URL could be stale",u,o,i):i-u<0&&console.warn("@faable/auth-js: Session as retrieved from URL was issued in the future? Check the device clok for skew",u,o,i),{expiresIn:s,expiresAt:o}}({expires_in:h,expires_at:d,refreshTick:he}),v=m.expiresAt,p=m.expiresIn):(k=function(e,t,r){var n;void 0===r&&(r=Date.now()/1e3);var i=$(e),s=null!=t&&""!==t?Number(t):null!==(n=i.exp)&&void 0!==n?n:r;return{expiresAt:s,expiresIn:s-r}}(u,d),v=k.expiresAt,p=k.expiresIn),[4,this._getUser(u)];case 3:if(b=s.sent(),g=b.data,(_=b.error)||!g)throw _;return y={provider_token:o,provider_refresh_token:a,access_token:u,expires_in:p,expires_at:v,refresh_token:c,token_type:f||"bearer",user:g},ae(["access_token","expires_in","refresh_token","token_type","scope"]),this._debug("#_getSessionFromURL()","clearing window.location.hash"),[2,{data:{session:y,redirectType:t.type,returnTo:null},error:null}];case 4:if(w=s.sent(),this._debug(w),K(w))return[2,{data:{session:null,redirectType:null,returnTo:null},error:w}];throw w;case 5:return[2]}})})},t.prototype._exchangeCodeForSession=function(e){return i(this,void 0,void 0,function(){var t,r,i,o,a,u,c,l,h,d,f,v,p,g;return s(this,function(s){switch(s.label){case 0:return[4,S(this.storage,"".concat(this.storageKey,"-code-verifier"))];case 1:return(t=s.sent())?(r=t.verifier,i=t.redirectType,o=void 0===i?null:i,a=t.returnTo,u=void 0===a?null:a,[4,b("".concat(this.domainUrl,"/oauth/token"),n({client_id:this.clientId,grant_type:"authorization_code",code:e,code_verifier:r},this.audience?{audience:this.audience}:{}))]):[2,{data:{user:null,session:null,redirectType:null,returnTo:null},error:new F("No active PKCE code verifier — the authorization flow has expired or was not started")}];case 2:if(c=s.sent(),l=U(c),h=l.data,d=l.error,!h)throw new Error("Missing data");return[4,this.storage.removeItem("".concat(this.storageKey,"-code-verifier"))];case 3:return s.sent(),d?[2,{data:{user:null,session:null,redirectType:null,returnTo:null},error:d}]:h&&h.session&&h.user?(f=h.session)?[4,this._getUser(f.access_token)]:[3,7]:[2,{data:{user:null,session:null,redirectType:null,returnTo:null},error:new W}];case 4:if(v=s.sent(),p=v.data,(g=v.error)||!p)throw g;return f=n(n({},f),{user:p}),h.session=f,[4,this._saveSession(f)];case 5:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",f)];case 6:s.sent(),s.label=7;case 7:return[2,{data:n(n({},h),{redirectType:null!=o?o:null,returnTo:null!=u?u:null}),error:d}]}})})},t.prototype._handleVisibilityChange=function(){return i(this,void 0,void 0,function(){var e,t=this;return s(this,function(r){switch(r.label){case 0:if(this._debug("#_handleVisibilityChange()"),!R()||!(null==l?void 0:l.addEventListener))return this.autoRefreshToken&&this.startAutoRefresh(),[2,!1];r.label=1;case 1:return r.trys.push([1,3,,4]),this.visibilityChangedCallback=function(){return i(t,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return[4,this._onVisibilityChanged(!1)];case 1:return[2,e.sent()]}})})},null==l||l.addEventListener("visibilitychange",this.visibilityChangedCallback),[4,this._onVisibilityChanged(!0)];case 2:return r.sent(),[3,4];case 3:return e=r.sent(),console.error("_handleVisibilityChange",e),[3,4];case 4:return[2]}})})},t.prototype._onVisibilityChanged=function(e){return i(this,void 0,void 0,function(){var t,r=this;return s(this,function(n){switch(n.label){case 0:return t="#_onVisibilityChanged(".concat(e,")"),this._debug(t,"visibilityState",d.visibilityState),"visible"!==d.visibilityState?[3,4]:(this.autoRefreshToken&&this._startAutoRefresh(),e?[3,3]:[4,this.initializePromise]);case 1:return n.sent(),[4,this.lock._acquireLock(-1,function(){return i(r,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return"visible"!==d.visibilityState?(this._debug(t,"acquired the lock to recover the session, but the browser visibilityState is no longer visible, aborting"),[2]):[4,this._recoverAndRefresh()];case 1:return e.sent(),[2]}})})})];case 2:n.sent(),n.label=3;case 3:return[3,5];case 4:"hidden"===d.visibilityState&&this.autoRefreshToken&&this._stopAutoRefresh(),n.label=5;case 5:return[2]}})})},t.prototype._recoverAndRefresh=function(){return i(this,void 0,void 0,function(){var e,t,r,n,i,o,a;return s(this,function(s){switch(s.label){case 0:e="#_recoverAndRefresh()",this._debug(e,"begin"),s.label=1;case 1:return s.trys.push([1,12,13,14]),[4,m(this.storage,this.storageKey)];case 2:return t=s.sent(),this._debug(e,"session from storage",t),Y(t)?[3,5]:(this._debug(e,"session is not valid"),null===t?[3,4]:[4,this._removeSession()]);case 3:s.sent(),s.label=4;case 4:return[2];case 5:return r=Math.round(Date.now()/1e3),n=(null!==(a=t.expires_at)&&void 0!==a?a:1/0)<r+10,this._debug(e,"session has".concat(n?"":" not"," expired with margin of ").concat(10,"s")),n?this.autoRefreshToken&&t.refresh_token?[4,this._callRefreshToken(t.refresh_token)]:[3,8]:[3,9];case 6:return(i=s.sent().error)?(console.error(i),G(i)?[3,8]:(this._debug(e,"refresh failed with a non-retryable error, removing the session",i),[4,this._removeSession()])):[3,8];case 7:s.sent(),s.label=8;case 8:return[3,11];case 9:return this._session=t,[4,this._notifyAllSubscribers("SIGNED_IN",t)];case 10:s.sent(),s.label=11;case 11:return[3,14];case 12:return o=s.sent(),this._debug(e,"error",o),console.error(o),[2];case 13:return this._debug(e,"end"),[7];case 14:return[2]}})})},t.prototype._removeVisibilityChangedCallback=function(){this._debug("#_removeVisibilityChangedCallback()");var e=this.visibilityChangedCallback;this.visibilityChangedCallback=null;try{e&&R()&&(null==l?void 0:l.removeEventListener)&&l.removeEventListener("visibilitychange",e)}catch(e){console.error("removing visibilitychange callback failed",e)}},t.prototype.startAutoRefresh=function(){return i(this,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return this._removeVisibilityChangedCallback(),[4,this._startAutoRefresh()];case 1:return e.sent(),[2]}})})},t.prototype._startAutoRefresh=function(){return i(this,void 0,void 0,function(){var e,t=this;return s(this,function(r){switch(r.label){case 0:return[4,this._stopAutoRefresh()];case 1:return r.sent(),this._debug("#_startAutoRefresh()"),e=setInterval(function(){return t._autoRefreshTokenTick()},he),this.autoRefreshTicker=e,e&&"object"==typeof e&&"function"==typeof e.unref?e.unref():void 0!==globalThis.Deno&&"function"==typeof globalThis.Deno.unrefTimer&&globalThis.Deno.unrefTimer(e),setTimeout(function(){return i(t,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return[4,this.initializePromise];case 1:return e.sent(),[4,this._autoRefreshTokenTick()];case 2:return e.sent(),[2]}})})},0),[2]}})})},t.prototype._stopAutoRefresh=function(){return i(this,void 0,void 0,function(){var e;return s(this,function(t){return this._debug("#_stopAutoRefresh()"),e=this.autoRefreshTicker,this.autoRefreshTicker=null,e&&clearInterval(e),[2]})})},t.prototype._autoRefreshTokenTick=function(){return i(this,void 0,void 0,function(){var e,t=this;return s(this,function(r){switch(r.label){case 0:this._debug("#_autoRefreshTokenTick()","begin"),r.label=1;case 1:return r.trys.push([1,3,,4]),[4,this.lock._acquireLock(0,function(){return i(t,void 0,void 0,function(){var e,t,r=this;return s(this,function(n){switch(n.label){case 0:n.trys.push([0,,5,6]),e=Date.now(),n.label=1;case 1:return n.trys.push([1,3,,4]),[4,this._useSession(function(t){return i(r,void 0,void 0,function(){var r,n;return s(this,function(i){switch(i.label){case 0:return(r=t.data.session)&&r.refresh_token&&r.expires_at?(n=Math.floor((1e3*r.expires_at-e)/he),this._debug("#_autoRefreshTokenTick()","access token expires in ".concat(n," ticks, a tick lasts ").concat(he,"ms, refresh threshold is ").concat(3," ticks")),n<=3?[4,this._callRefreshToken(r.refresh_token)]:[3,2]):(this._debug("#_autoRefreshTokenTick()","no session"),[2]);case 1:i.sent(),i.label=2;case 2:return[2]}})})})];case 2:return[2,n.sent()];case 3:return t=n.sent(),console.error("Auto refresh tick failed with error. This is likely a transient error.",t),[3,4];case 4:return[3,6];case 5:return this._debug("#_autoRefreshTokenTick()","end"),[7];case 6:return[2]}})})})];case 2:return r.sent(),[3,4];case 3:if(!((e=r.sent()).isAcquireTimeout||e instanceof ue))throw e;return this._debug("auto refresh token tick lock not available"),[3,4];case 4:return[2]}})})},t.prototype._detectFlowType=function(){return i(this,void 0,void 0,function(){var e,t;return s(this,function(r){return e=oe(null==l?void 0:l.location.href),(t=R())&&e.code?[2,"pkce"]:t&&(e.access_token||e.error_description)?[2,"implicit"]:[2,null]})})},t.prototype._scope=function(){return this.scope||"openid profile email"},t.prototype._getUrlForConnection=function(e,t){return i(this,void 0,void 0,function(){var r,i,o,a,u,c,h;return s(this,function(s){switch(s.label){case 0:return r=t.queryParams||{},i={client_id:this.clientId,response_type:t.response_type,redirect_uri:t.redirectTo||this.redirectUri||(null==l?void 0:l.location.origin),scope:t.scopes||this._scope()},"pkce"!==this.flowType?[3,2]:[4,A(this.storage,this.storageKey,!1,t.returnTo)];case 1:o=s.sent(),a=o[0],u=o[1],r=n(n({},r),{code_challenge:a,code_challenge_method:u}),s.label=2;case 2:return t.connection_id?i.connection_id=t.connection_id:t.connection&&(i.connection=t.connection),(c=null!==(h=t.audience)&&void 0!==h?h:this.audience)&&(i.audience=c),[2,"".concat(e,"?").concat(new URLSearchParams(n(n({},r),i)))]}})})},t.prototype.signInWithOauthConnection=function(e){return i(this,void 0,void 0,function(){return s(this,function(t){switch(t.label){case 0:return[4,this._handleConnectionSignIn({connection:e.connection,connection_id:e.connection_id,redirectTo:null==e?void 0:e.redirectTo,returnTo:null==e?void 0:e.returnTo,scopes:null==e?void 0:e.scopes,queryParams:e.queryParams,skipBrowserRedirect:e.skipBrowserRedirect,audience:e.audience})];case 1:return[2,t.sent()]}})})},t.prototype.signInWithUsernamePassword=function(e){return i(this,void 0,void 0,function(){var t,r,i;return s(this,function(s){switch(s.label){case 0:return t=null!==(i=e.audience)&&void 0!==i?i:this.audience,[4,b("".concat(this.domainUrl,"/usernamepassword/login"),n({username:e.username,password:e.password,redirect_uri:e.redirectTo||this.redirectUri||(null==l?void 0:l.location.origin),client_id:this.clientId,state:e.state},t?{audience:t}:{}),{raw:!0})];case 1:return!(r=s.sent()).data||r.error?[2,{data:null,error:new V(r.error||"Error in username password login",r.error)}]:(function(e,t){var r=t.createElement("div");r.innerHTML=e;var n=t.body.appendChild(r).children[0];if(!n)throw new Error("Auth response did not contain a submittable form");n.submit()}(r.data,d),[2,{data:null,error:null}])}})})},t.prototype.signInWithOtp=function(e){return i(this,void 0,void 0,function(){var t,r,i,o,a,u,c,l,h,d;return s(this,function(s){switch(s.label){case 0:return t=null!==(d=e.audience)&&void 0!==d?d:this.audience,[4,b("".concat(this.domainUrl,"/oauth/token"),n({client_id:this.clientId,grant_type:"http://auth0.com/oauth/grant-type/passwordless/otp",username:e.username,otp:e.otp},t?{audience:t}:{}))];case 1:return r=s.sent(),i=U(r),o=i.data,(a=i.error)?[2,{data:{user:null,session:null},error:a}]:o&&o.session?(u=o.session,[4,this._getUser(u.access_token)]):[2,{data:{user:null,session:null},error:new W}];case 2:return c=s.sent(),l=c.data,(h=c.error)||!l?[2,{data:{user:null,session:null},error:h||new V("Could not fetch user info",null)}]:(u.user=l,[4,this._saveSession(u)]);case 3:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",u)];case 4:return s.sent(),[2,{data:{user:u.user,session:u},error:null}]}})})},t.prototype.signInWithPasswordless=function(e){return i(this,void 0,void 0,function(){var t,r,i;return s(this,function(s){switch(s.label){case 0:return t=null!==(i=e.audience)&&void 0!==i?i:this.audience,[4,b("".concat(this.domainUrl,"/passwordless/start"),n({client_id:this.clientId,email:e.email,send:e.type},t?{audience:t}:{}))];case 1:return[2,{data:(r=s.sent()).data,error:r.error}]}})})},t.prototype.changePassword=function(e){return i(this,void 0,void 0,function(){var t,r,n;return s(this,function(i){switch(i.label){case 0:return(null==e?void 0:e.email)?[4,b("".concat(this.domainUrl,"/dbconnections/change_password"),{email:e.email})]:[2,{data:null,error:new V("email is required",null)}];case 1:return t=i.sent(),r=t.data,n=t.error,[2,{data:null!=r?r:null,error:n?new V(String(n),n):null}]}})})},t.prototype.buildAuthorizeUrl=function(e){var t;void 0===e&&(e={});var r={client_id:this.clientId,redirect_uri:e.redirectTo||this.redirectUri||(null==l?void 0:l.location.origin),response_type:y(e,R()),audience:null!==(t=e.audience)&&void 0!==t?t:this.audience,scope:e.scope,connection:e.connection},n=Object.fromEntries(Object.entries(r).filter(function(e){return!!e[1]}));return"".concat(this.domainUrl,"/authorize?").concat(new URLSearchParams(n).toString())},t.prototype.authorize=function(e){var t=this.buildAuthorizeUrl(e);B.redirect(t)},t.prototype._handleConnectionSignIn=function(e){return i(this,void 0,void 0,function(){var t;return s(this,function(r){switch(r.label){case 0:return[4,this._getUrlForConnection("".concat(this.domainUrl,"/authorize"),{response_type:R()?"code":"token",connection:e.connection,connection_id:e.connection_id,redirectTo:e.redirectTo,returnTo:e.returnTo,scopes:e.scopes,queryParams:e.queryParams,audience:e.audience})];case 1:return t=r.sent(),this._debug("#_handleConnectionSignIn()","options",e,"url",t),R()&&!e.skipBrowserRedirect&&(null==l||l.location.assign(t)),[2,{data:{url:t},error:null}]}})})},t.prototype.setSession=function(e){return i(this,void 0,void 0,function(){var t=this;return s(this,function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,function(){return i(t,void 0,void 0,function(){return s(this,function(t){switch(t.label){case 0:return[4,this._setSession(e)];case 1:return[2,t.sent()]}})})})];case 2:return[2,r.sent()]}})})},t.prototype.getSession=function(){return i(this,void 0,void 0,function(){var e=this;return s(this,function(t){switch(t.label){case 0:return[4,this.initializePromise];case 1:return t.sent(),[4,this.lock._acquireLock(-1,function(){return i(e,void 0,void 0,function(){var e=this;return s(this,function(t){return[2,this._useSession(function(t){return i(e,void 0,void 0,function(){return s(this,function(e){return[2,t]})})})]})})})];case 2:return[2,t.sent()]}})})},t.prototype._useSession=function(e){return i(this,void 0,void 0,function(){var t;return s(this,function(r){switch(r.label){case 0:this._debug("#_useSession","begin"),r.label=1;case 1:return r.trys.push([1,,4,5]),[4,this.__loadSession()];case 2:return t=r.sent(),[4,e(t)];case 3:return[2,r.sent()];case 4:return this._debug("#_useSession","end"),[7];case 5:return[2]}})})},t.prototype.__loadSession=function(){return i(this,void 0,void 0,function(){var e,t,r,n,i,o,a;return s(this,function(s){switch(s.label){case 0:this._debug("#__loadSession()","begin"),this.lock.lockAcquired||this._debug("#__loadSession()","used outside of an acquired lock!",(new Error).stack),s.label=1;case 1:return s.trys.push([1,,7,8]),e=null,[4,m(this.storage,this.storageKey)];case 2:return t=s.sent(),this._debug("#getSession()","session from storage",t),null===t?[3,5]:Y(t)?(e=t,[3,5]):[3,3];case 3:return this._debug("#getSession()","session from storage is not valid"),[4,this._removeSession()];case 4:s.sent(),s.label=5;case 5:return e?(r=!!e.expires_at&&e.expires_at<=Date.now()/1e3,this._debug("#__loadSession()","session has".concat(r?"":" not"," expired"),"expires_at",e.expires_at),r?[4,this._callRefreshToken(e.refresh_token)]:(this.storage.isServer&&(n=new Proxy(e,{get:function(e,t,r){return"user"===t&&console.warn("Reading `session.user` from a server-side cookie store can be insecure: the value is whatever the cookie contains and has not been verified against Faable Auth. Re-fetch the user with `auth.getUser()` (or verify the access token yourself) before trusting it on the server."),Reflect.get(e,t,r)}}),e=n),[2,{data:{session:e},error:null}])):[2,{data:{session:null},error:null}];case 6:return i=s.sent(),o=i.session,(a=i.error)?[2,{data:{session:null},error:a}]:[2,{data:{session:o},error:null}];case 7:return this._debug("#__loadSession()","end"),[7];case 8:return[2]}})})},t.prototype._removeSession=function(){return i(this,void 0,void 0,function(){return s(this,function(e){switch(e.label){case 0:return this._debug("#_removeSession()"),this._session=null,[4,this.storage.removeItem(this.storageKey)];case 1:return e.sent(),[2]}})})},t.prototype._setSession=function(e){return i(this,void 0,void 0,function(){var t,r,n,i,o,a,u,c,l,h,d;return s(this,function(s){switch(s.label){case 0:if(s.trys.push([0,7,,8]),!e.access_token||!e.refresh_token)throw new j;return t=Date.now()/1e3,r=t,n=!0,i=null,(o=$(e.access_token)).exp&&(r=o.exp,n=r<=t),n?[4,this._callRefreshToken(e.refresh_token)]:[3,2];case 1:return a=s.sent(),u=a.session,(h=a.error)?[2,{data:{user:null,session:null},error:h}]:u?(i=u,[3,6]):[2,{data:{user:null,session:null},error:null}];case 2:return[4,this._getUser(e.access_token)];case 3:if(c=s.sent(),l=c.data,(h=c.error)||!l)throw h;return i={access_token:e.access_token,refresh_token:e.refresh_token,user:l,token_type:"bearer",expires_in:r-t,expires_at:r},[4,this._saveSession(i)];case 4:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_IN",i)];case 5:s.sent(),s.label=6;case 6:return[2,{data:{user:i.user,session:i},error:null}];case 7:if(K(d=s.sent()))return[2,{data:{session:null,user:null},error:d}];throw d;case 8:return[2]}})})},t.prototype._saveSession=function(e){return i(this,void 0,void 0,function(){return s(this,function(t){switch(t.label){case 0:return this._debug("#_saveSession()",e),this._session=e,[4,w(this.storage,this.storageKey,e)];case 1:return t.sent(),[2]}})})},t.prototype._getUser=function(e){return i(this,void 0,void 0,function(){var t;return s(this,function(r){switch(r.label){case 0:if(!e)throw new Error("Cannot fetch user without token");return this._debug("#_getUser() begin"),[4,g("".concat(this.domainUrl,"/me"),{token:e})];case 1:return t=r.sent(),this._debug("#_getUser() end"),[2,{data:t.data,error:t.error}]}})})},t.prototype._callRefreshToken=function(e){return i(this,void 0,void 0,function(){var t,r,n,i,o,a,u,c;return s(this,function(s){switch(s.label){case 0:if(!e)throw new j;if(this.refreshingDeferred)return[2,this.refreshingDeferred.promise];t="#_callRefreshToken(".concat(e.substring(0,5),"...)"),this._debug(t,"begin"),s.label=1;case 1:return s.trys.push([1,5,10,11]),this.refreshingDeferred=new P,[4,(l=this._refreshAccessToken(e),h=3e4,d="Token refresh timed out",v=new Promise(function(e,t){f=setTimeout(function(){return t(new Error(d))},h)}),Promise.race([l.finally(function(){void 0!==f&&clearTimeout(f)}),v]))];case 2:if(r=s.sent(),n=r.data,i=r.error)throw i;if(!n.session)throw new j;return[4,this._saveSession(n.session)];case 3:return s.sent(),[4,this._notifyAllSubscribers("TOKEN_REFRESHED",n.session)];case 4:return s.sent(),a={session:n.session,error:null},this.refreshingDeferred.resolve(a),[2,a];case 5:return o=s.sent(),this._debug(t,"error",o),K(o)?(a={session:null,error:o},G(o)?[3,8]:[4,this._removeSession()]):[3,9];case 6:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_OUT",null)];case 7:s.sent(),s.label=8;case 8:return null===(u=this.refreshingDeferred)||void 0===u||u.resolve(a),[2,a];case 9:throw null===(c=this.refreshingDeferred)||void 0===c||c.reject(o),o;case 10:return this.refreshingDeferred=null,this._debug(t,"end"),[7];case 11:return[2]}var l,h,d,f,v})})},t.prototype._refreshAccessToken=function(e){return i(this,void 0,void 0,function(){var t,r,o,a=this;return s(this,function(u){switch(u.label){case 0:t="#_refreshAccessToken(".concat(e.substring(0,5),"...)"),this._debug(t,"begin"),u.label=1;case 1:return u.trys.push([1,3,4,5]),r=Date.now(),[4,L(function(r){return i(a,void 0,void 0,function(){var i,o,a,u,c,l,h;return s(this,function(s){switch(s.label){case 0:return r>0?[4,O(200*Math.pow(2,r-1))]:[3,2];case 1:s.sent(),s.label=2;case 2:return this._debug(t,"refreshing attempt",r),[4,b("".concat(this.domainUrl,"/oauth/token"),n({client_id:this.clientId,grant_type:"refresh_token",refresh_token:e},this.audience?{audience:this.audience}:{}))];case 3:if((i=s.sent()).error)throw new V("Refresh token request failed: ".concat(i.error),i.error);if(o=U(i),!(null===(l=o.data.session)||void 0===l?void 0:l.access_token))throw new W;return[4,this._getUser(null===(h=o.data.session)||void 0===h?void 0:h.access_token)];case 4:if(a=s.sent(),u=a.data,c=a.error)throw new V("Could not fetch user info",c);if(!u)throw new V("Refresh response missing user",null);return[2,{data:{session:n(n({},o.data.session),{user:u}),user:u},error:null}]}})})},function(e,t){var n=200*Math.pow(2,e);return t&&G(t)&&Date.now()+n-r<he})];case 2:return[2,u.sent()];case 3:if(o=u.sent(),this._debug(t,"error",o),K(o))return[2,{data:{session:null,user:null},error:o}];throw o;case 4:return this._debug(t,"end"),[7];case 5:return[2]}})})},t.prototype._notifyAllSubscribers=function(e,t){return i(this,arguments,void 0,function(e,t,r){var n;return void 0===r&&(r=!0),s(this,function(i){switch(i.label){case 0:n="#_notifyAllSubscribers(".concat(e,")"),this._debug(n,"begin",t,"broadcast = ".concat(r)),i.label=1;case 1:return i.trys.push([1,,3,4]),[4,this.broadcastSync.notify(e,t,r)];case 2:return i.sent(),[3,4];case 3:return this._debug(n,"end"),[7];case 4:return[2]}})})},t.prototype.signOut=function(){return i(this,arguments,void 0,function(e){var t=this;return void 0===e&&(e={scope:"global"}),s(this,function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,function(){return i(t,void 0,void 0,function(){return s(this,function(t){switch(t.label){case 0:return[4,this._signOut(e)];case 1:return[2,t.sent()]}})})})];case 2:return[2,r.sent()]}})})},t.prototype._signOut=function(){return i(this,arguments,void 0,function(e){var t=this,r=(void 0===e?{scope:"global"}:e).scope;return s(this,function(e){switch(e.label){case 0:return[4,this._useSession(function(e){return i(t,void 0,void 0,function(){var t,n,i,o;return s(this,function(s){switch(s.label){case 0:return t=e.data,(n=e.error)?[2,{error:n}]:(null===(o=t.session)||void 0===o?void 0:o.access_token)?[4,this.api.signOut({client_id:this.clientId})]:[3,2];case 1:if((i=s.sent().error)&&(!function(e){return K(e)&&"AuthApiError"===e.name}(i)||404!==i.status&&401!==i.status))return[2,{error:i}];s.label=2;case 2:return"others"===r?[3,6]:[4,this._removeSession()];case 3:return s.sent(),[4,this.storage.removeItem("".concat(this.storageKey,"-code-verifier"))];case 4:return s.sent(),[4,this._notifyAllSubscribers("SIGNED_OUT",null)];case 5:s.sent(),s.label=6;case 6:return[2,{error:null}]}})})})];case 1:return[2,e.sent()]}})})},t.prototype.onAuthStateChange=function(e){var t=this,r=this.broadcastSync.subscribe(e).subscription;return this._debug("#onAuthStateChange()","registered callback with id",r.id),i(t,void 0,void 0,function(){var e=this;return s(this,function(t){switch(t.label){case 0:return[4,this.initializePromise];case 1:return t.sent(),[4,this.lock._acquireLock(-1,function(){return i(e,void 0,void 0,function(){return s(this,function(e){return this._emitInitialSession(r),[2]})})})];case 2:return t.sent(),[2]}})}),{data:{subscription:r}}},t.prototype._emitInitialSession=function(e){return i(this,void 0,void 0,function(){var t=this;return s(this,function(r){switch(r.label){case 0:return[4,this._useSession(function(r){return i(t,void 0,void 0,function(){var t,n,i;return s(this,function(s){switch(s.label){case 0:if(s.trys.push([0,2,,4]),t=r.data.session,n=r.error)throw n;return[4,e.callback("INITIAL_SESSION",t)];case 1:return s.sent(),this._debug("INITIAL_SESSION","callback id",e.id,"session",t),[3,4];case 2:return i=s.sent(),[4,e.callback("INITIAL_SESSION",null)];case 3:return s.sent(),this._debug("INITIAL_SESSION","callback id",e.id,"error",i),console.error(i),[3,4];case 4:return[2]}})})})];case 1:return[2,r.sent()]}})})},t.prototype.refreshSession=function(e){return i(this,void 0,void 0,function(){var t=this;return s(this,function(r){switch(r.label){case 0:return[4,this.initializePromise];case 1:return r.sent(),[4,this.lock._acquireLock(-1,function(){return i(t,void 0,void 0,function(){return s(this,function(t){switch(t.label){case 0:return[4,this._refreshSession(e)];case 1:return[2,t.sent()]}})})})];case 2:return[2,r.sent()]}})})},t.prototype._refreshSession=function(e){return i(this,void 0,void 0,function(){var t,r=this;return s(this,function(n){switch(n.label){case 0:return n.trys.push([0,2,,3]),[4,this._useSession(function(t){return i(r,void 0,void 0,function(){var r,n,i,o,a,u;return s(this,function(s){switch(s.label){case 0:if(!e){if(r=t.data,n=t.error)throw n;e=null!==(u=r.session)&&void 0!==u?u:void 0}if(!(null==e?void 0:e.refresh_token))throw new j;return[4,this._callRefreshToken(e.refresh_token)];case 1:return i=s.sent(),o=i.session,(a=i.error)?[2,{data:{user:null,session:null},error:a}]:o?[2,{data:{user:o.user,session:o},error:null}]:[2,{data:{user:null,session:null},error:null}]}})})})];case 1:return[2,n.sent()];case 2:if(K(t=n.sent()))return[2,{data:{user:null,session:null},error:t}];throw t;case 3:return[2]}})})},t}(c),fe=function(){};e.AuthError=N,e.FaableAuthClient=de,e.User=fe,e.cookieStorageAdapter=ie,e.createClient=function(e){return new de(e)},e.getSessionFromCookies=function(e,t){var r,n="".concat(null!==(r=t.storageKey)&&void 0!==r?r:z,"-").concat(t.clientId),i=H(e,n);if(!i)return null;try{return JSON.parse(decodeURIComponent(i))}catch(e){return console.error("Failed to parse session from cookie",e),null}}}({});
|
|
7
7
|
//# sourceMappingURL=faableauth.js.map
|