npm - @versini/auth-provider - Versions diffs - 6.4.3 → 7.0.0 - Mend

@versini/auth-provider 6.4.3 → 7.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.js CHANGED Viewed

@@ -1,123 +1,123 @@
-var Pt = Object.defineProperty;
-var kt = (e, t, n) => t in e ? Pt(e, t, { enumerable: !0, configurable: !0, writable: !0, value: n }) : e[t] = n;
-var X = (e, t, n) => kt(e, typeof t != "symbol" ? t + "" : t, n);
-import { jsx as ke } from "react/jsx-runtime";
-import Ot, { useSyncExternalStore as Nt, useCallback as U, useEffect as Re, createContext as Dt, useReducer as Ut, useRef as Oe, useContext as $t } from "react";
+var Et = Object.defineProperty;
+var mt = (e, t, r) => t in e ? Et(e, t, { enumerable: !0, configurable: !0, writable: !0, value: r }) : e[t] = r;
+var j = (e, t, r) => mt(e, typeof t != "symbol" ? t + "" : t, r);
+import { jsx as be } from "react/jsx-runtime";
+import wt, { useSyncExternalStore as St, useCallback as N, useEffect as He, createContext as At, useReducer as Tt, useRef as Rt, useContext as _t } from "react";
 /*!
-  @versini/auth-provider v6.4.3
+  @versini/auth-provider v7.0.0
   © 2024 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
-    version: "6.4.3",
-    buildTime: "07/29/2024 04:11 PM EDT",
+    version: "7.0.0",
+    buildTime: "08/19/2024 06:11 PM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
 } catch {
 }
-function v(e) {
+function _(e) {
   const t = new Uint8Array(e);
-  let n = "";
+  let r = "";
   for (const a of t)
-    n += String.fromCharCode(a);
-  return btoa(n).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
+    r += String.fromCharCode(a);
+  return btoa(r).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
 }
-function ce(e) {
-  const t = e.replace(/-/g, "+").replace(/_/g, "/"), n = (4 - t.length % 4) % 4, r = t.padEnd(t.length + n, "="), a = atob(r), s = new ArrayBuffer(a.length), o = new Uint8Array(s);
+function re(e) {
+  const t = e.replace(/-/g, "+").replace(/_/g, "/"), r = (4 - t.length % 4) % 4, n = t.padEnd(t.length + r, "="), a = atob(n), o = new ArrayBuffer(a.length), s = new Uint8Array(o);
   for (let i = 0; i < a.length; i++)
-    o[i] = a.charCodeAt(i);
-  return s;
+    s[i] = a.charCodeAt(i);
+  return o;
 }
-function be() {
+function Se() {
   return window?.PublicKeyCredential !== void 0 && typeof window.PublicKeyCredential == "function";
 }
-function je(e) {
+function We(e) {
   const { id: t } = e;
   return {
     ...e,
-    id: ce(t),
+    id: re(t),
     transports: e.transports
   };
 }
-function Fe(e) {
+function xe(e) {
   return e === "localhost" || /^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(e);
 }
-class b extends Error {
-  constructor({ message: t, code: n, cause: r, name: a }) {
-    super(t, { cause: r }), this.name = a ?? r.name, this.code = n;
+class w extends Error {
+  constructor({ message: t, code: r, cause: n, name: a }) {
+    super(t, { cause: n }), this.name = a ?? n.name, this.code = r;
   }
 }
-function Kt({ error: e, options: t }) {
-  const { publicKey: n } = t;
-  if (!n)
+function It({ error: e, options: t }) {
+  const { publicKey: r } = t;
+  if (!r)
     throw Error("options was missing required publicKey property");
   if (e.name === "AbortError") {
     if (t.signal instanceof AbortSignal)
-      return new b({
+      return new w({
         message: "Registration ceremony was sent an abort signal",
         code: "ERROR_CEREMONY_ABORTED",
         cause: e
       });
   } else if (e.name === "ConstraintError") {
-    if (n.authenticatorSelection?.requireResidentKey === !0)
-      return new b({
+    if (r.authenticatorSelection?.requireResidentKey === !0)
+      return new w({
         message: "Discoverable credentials were required but no available authenticator supported it",
         code: "ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",
         cause: e
       });
-    if (n.authenticatorSelection?.userVerification === "required")
-      return new b({
+    if (r.authenticatorSelection?.userVerification === "required")
+      return new w({
         message: "User verification was required but no available authenticator supported it",
         code: "ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",
         cause: e
       });
   } else {
     if (e.name === "InvalidStateError")
-      return new b({
+      return new w({
         message: "The authenticator was previously registered",
         code: "ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",
         cause: e
       });
     if (e.name === "NotAllowedError")
-      return new b({
+      return new w({
         message: e.message,
         code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",
         cause: e
       });
     if (e.name === "NotSupportedError")
-      return n.pubKeyCredParams.filter((a) => a.type === "public-key").length === 0 ? new b({
+      return r.pubKeyCredParams.filter((a) => a.type === "public-key").length === 0 ? new w({
         message: 'No entry in pubKeyCredParams was of type "public-key"',
         code: "ERROR_MALFORMED_PUBKEYCREDPARAMS",
         cause: e
-      }) : new b({
+      }) : new w({
         message: "No available authenticator supported any of the specified pubKeyCredParams algorithms",
         code: "ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",
         cause: e
       });
     if (e.name === "SecurityError") {
-      const r = window.location.hostname;
-      if (Fe(r)) {
-        if (n.rp.id !== r)
-          return new b({
-            message: `The RP ID "${n.rp.id}" is invalid for this domain`,
+      const n = window.location.hostname;
+      if (xe(n)) {
+        if (r.rp.id !== n)
+          return new w({
+            message: `The RP ID "${r.rp.id}" is invalid for this domain`,
             code: "ERROR_INVALID_RP_ID",
             cause: e
           });
-      } else return new b({
+      } else return new w({
         message: `${window.location.hostname} is an invalid domain`,
         code: "ERROR_INVALID_DOMAIN",
         cause: e
       });
     } else if (e.name === "TypeError") {
-      if (n.user.id.byteLength < 1 || n.user.id.byteLength > 64)
-        return new b({
+      if (r.user.id.byteLength < 1 || r.user.id.byteLength > 64)
+        return new w({
           message: "User ID was not between 1 and 64 characters",
           code: "ERROR_INVALID_USER_ID_LENGTH",
           cause: e
         });
     } else if (e.name === "UnknownError")
-      return new b({
+      return new w({
         message: "The authenticator was unable to process the specified options, or could not create a new credential",
         code: "ERROR_AUTHENTICATOR_GENERAL_ERROR",
         cause: e
@@ -125,11 +125,11 @@ function Kt({ error: e, options: t }) {
   }
   return e;
 }
-class Ht {
+class bt {
   createNewAbortSignal() {
     if (this.controller) {
-      const n = new Error("Cancelling existing WebAuthn API call for new one");
-      n.name = "AbortError", this.controller.abort(n);
+      const r = new Error("Cancelling existing WebAuthn API call for new one");
+      r.name = "AbortError", this.controller.abort(r);
     }
     const t = new AbortController();
     return this.controller = t, t.signal;
@@ -141,117 +141,117 @@ class Ht {
     }
   }
 }
-const Be = new Ht(), Lt = ["cross-platform", "platform"];
-function qe(e) {
-  if (e && !(Lt.indexOf(e) < 0))
+const Je = new bt(), Ot = ["cross-platform", "platform"];
+function Ye(e) {
+  if (e && !(Ot.indexOf(e) < 0))
     return e;
 }
-async function Wt(e) {
-  if (!be())
+async function vt(e) {
+  if (!Se())
     throw new Error("WebAuthn is not supported in this browser");
-  const n = { publicKey: {
+  const r = { publicKey: {
     ...e,
-    challenge: ce(e.challenge),
+    challenge: re(e.challenge),
     user: {
       ...e.user,
-      id: ce(e.user.id)
+      id: re(e.user.id)
     },
-    excludeCredentials: e.excludeCredentials?.map(je)
+    excludeCredentials: e.excludeCredentials?.map(We)
   } };
-  n.signal = Be.createNewAbortSignal();
-  let r;
+  r.signal = Je.createNewAbortSignal();
+  let n;
   try {
-    r = await navigator.credentials.create(n);
-  } catch (g) {
-    throw Kt({ error: g, options: n });
+    n = await navigator.credentials.create(r);
+  } catch (l) {
+    throw It({ error: l, options: r });
   }
-  if (!r)
+  if (!n)
     throw new Error("Registration was not completed");
-  const { id: a, rawId: s, response: o, type: i } = r;
+  const { id: a, rawId: o, response: s, type: i } = n;
   let c;
-  typeof o.getTransports == "function" && (c = o.getTransports());
-  let y;
-  if (typeof o.getPublicKeyAlgorithm == "function")
+  typeof s.getTransports == "function" && (c = s.getTransports());
+  let u;
+  if (typeof s.getPublicKeyAlgorithm == "function")
     try {
-      y = o.getPublicKeyAlgorithm();
-    } catch (g) {
-      ge("getPublicKeyAlgorithm()", g);
+      u = s.getPublicKeyAlgorithm();
+    } catch (l) {
+      he("getPublicKeyAlgorithm()", l);
     }
-  let l;
-  if (typeof o.getPublicKey == "function")
+  let p;
+  if (typeof s.getPublicKey == "function")
     try {
-      const g = o.getPublicKey();
-      g !== null && (l = v(g));
-    } catch (g) {
-      ge("getPublicKey()", g);
+      const l = s.getPublicKey();
+      l !== null && (p = _(l));
+    } catch (l) {
+      he("getPublicKey()", l);
     }
-  let h;
-  if (typeof o.getAuthenticatorData == "function")
+  let f;
+  if (typeof s.getAuthenticatorData == "function")
     try {
-      h = v(o.getAuthenticatorData());
-    } catch (g) {
-      ge("getAuthenticatorData()", g);
+      f = _(s.getAuthenticatorData());
+    } catch (l) {
+      he("getAuthenticatorData()", l);
     }
   return {
     id: a,
-    rawId: v(s),
+    rawId: _(o),
     response: {
-      attestationObject: v(o.attestationObject),
-      clientDataJSON: v(o.clientDataJSON),
+      attestationObject: _(s.attestationObject),
+      clientDataJSON: _(s.clientDataJSON),
       transports: c,
-      publicKeyAlgorithm: y,
-      publicKey: l,
-      authenticatorData: h
+      publicKeyAlgorithm: u,
+      publicKey: p,
+      authenticatorData: f
     },
     type: i,
-    clientExtensionResults: r.getClientExtensionResults(),
-    authenticatorAttachment: qe(r.authenticatorAttachment)
+    clientExtensionResults: n.getClientExtensionResults(),
+    authenticatorAttachment: Ye(n.authenticatorAttachment)
   };
 }
-function ge(e, t) {
+function he(e, t) {
   console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${e}. You should report this error to them.
 `, t);
 }
-function xt() {
-  if (!be())
+function kt() {
+  if (!Se())
     return new Promise((t) => t(!1));
   const e = window.PublicKeyCredential;
   return e.isConditionalMediationAvailable === void 0 ? new Promise((t) => t(!1)) : e.isConditionalMediationAvailable();
 }
-function Mt({ error: e, options: t }) {
-  const { publicKey: n } = t;
-  if (!n)
+function Pt({ error: e, options: t }) {
+  const { publicKey: r } = t;
+  if (!r)
     throw Error("options was missing required publicKey property");
   if (e.name === "AbortError") {
     if (t.signal instanceof AbortSignal)
-      return new b({
+      return new w({
         message: "Authentication ceremony was sent an abort signal",
         code: "ERROR_CEREMONY_ABORTED",
         cause: e
       });
   } else {
     if (e.name === "NotAllowedError")
-      return new b({
+      return new w({
         message: e.message,
         code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",
         cause: e
       });
     if (e.name === "SecurityError") {
-      const r = window.location.hostname;
-      if (Fe(r)) {
-        if (n.rpId !== r)
-          return new b({
-            message: `The RP ID "${n.rpId}" is invalid for this domain`,
+      const n = window.location.hostname;
+      if (xe(n)) {
+        if (r.rpId !== n)
+          return new w({
+            message: `The RP ID "${r.rpId}" is invalid for this domain`,
             code: "ERROR_INVALID_RP_ID",
             cause: e
           });
-      } else return new b({
+      } else return new w({
         message: `${window.location.hostname} is an invalid domain`,
         code: "ERROR_INVALID_DOMAIN",
         cause: e
       });
     } else if (e.name === "UnknownError")
-      return new b({
+      return new w({
         message: "The authenticator was unable to process the specified options, or could not create a new assertion signature",
         code: "ERROR_AUTHENTICATOR_GENERAL_ERROR",
         cause: e
@@ -259,71 +259,71 @@ function Mt({ error: e, options: t }) {
   }
   return e;
 }
-async function Gt(e, t = !1) {
-  if (!be())
+async function Ct(e, t = !1) {
+  if (!Se())
     throw new Error("WebAuthn is not supported in this browser");
-  let n;
-  e.allowCredentials?.length !== 0 && (n = e.allowCredentials?.map(je));
-  const r = {
+  let r;
+  e.allowCredentials?.length !== 0 && (r = e.allowCredentials?.map(We));
+  const n = {
     ...e,
-    challenge: ce(e.challenge),
-    allowCredentials: n
+    challenge: re(e.challenge),
+    allowCredentials: r
   }, a = {};
   if (t) {
-    if (!await xt())
+    if (!await kt())
       throw Error("Browser does not support WebAuthn autofill");
     if (document.querySelectorAll("input[autocomplete$='webauthn']").length < 1)
       throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');
-    a.mediation = "conditional", r.allowCredentials = [];
+    a.mediation = "conditional", n.allowCredentials = [];
   }
-  a.publicKey = r, a.signal = Be.createNewAbortSignal();
-  let s;
+  a.publicKey = n, a.signal = Je.createNewAbortSignal();
+  let o;
   try {
-    s = await navigator.credentials.get(a);
-  } catch (h) {
-    throw Mt({ error: h, options: a });
+    o = await navigator.credentials.get(a);
+  } catch (f) {
+    throw Pt({ error: f, options: a });
   }
-  if (!s)
+  if (!o)
     throw new Error("Authentication was not completed");
-  const { id: o, rawId: i, response: c, type: y } = s;
-  let l;
-  return c.userHandle && (l = v(c.userHandle)), {
-    id: o,
-    rawId: v(i),
+  const { id: s, rawId: i, response: c, type: u } = o;
+  let p;
+  return c.userHandle && (p = _(c.userHandle)), {
+    id: s,
+    rawId: _(i),
     response: {
-      authenticatorData: v(c.authenticatorData),
-      clientDataJSON: v(c.clientDataJSON),
-      signature: v(c.signature),
-      userHandle: l
+      authenticatorData: _(c.authenticatorData),
+      clientDataJSON: _(c.clientDataJSON),
+      signature: _(c.signature),
+      userHandle: p
     },
-    type: y,
-    clientExtensionResults: s.getClientExtensionResults(),
-    authenticatorAttachment: qe(s.authenticatorAttachment)
+    type: u,
+    clientExtensionResults: o.getClientExtensionResults(),
+    authenticatorAttachment: Ye(o.authenticatorAttachment)
   };
 }
 /*!
-  @versini/auth-common v3.3.0
+  @versini/auth-common v4.0.0
   © 2024 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_COMMON__ || (window.__VERSINI_AUTH_COMMON__ = {
-    version: "3.3.0",
-    buildTime: "07/29/2024 04:11 PM EDT",
+    version: "4.0.0",
+    buildTime: "08/19/2024 06:11 PM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
 } catch {
 }
-const G = {
+const oe = {
   ID_TOKEN: "id_token",
   ACCESS_TOKEN: "token",
   ID_AND_ACCESS_TOKEN: "id_token token",
   CODE: "code",
   REFRESH_TOKEN: "refresh_token",
   PASSKEY: "passkey"
-}, ze = {
+}, Ge = {
   CLIENT_ID: "X-Auth-ClientId"
-}, T = {
+}, S = {
   ALG: "RS256",
   USER_ID_KEY: "sub",
   TOKEN_ID_KEY: "__raw",
@@ -333,8 +333,9 @@ const G = {
   EXPIRES_AT_KEY: "exp",
   CREATED_AT_KEY: "iat",
   SCOPES_KEY: "scopes",
+  CLIENT_ID_KEY: "aud",
   ISSUER: "gizmette.com"
-}, Jt = `-----BEGIN PUBLIC KEY-----
+}, Nt = `-----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6i3Jd9fY/3COqCw/m7
 w5PKyTYLGAI2I6SIIdpe6i6DOCbEkmDz7LdVsBqwNtVi8gvWYIj+8ol6rU3qu1v5
 i1Jd45GSK4kzkVdgCmQZbM5ak0KI99q5wsrAIzUd+LRJ2HRvWtr5IYdsIiXaQjle
@@ -342,56 +343,59 @@ aMwPFOIcJH+rKfFgNcHLcaS5syp7zU1ANwZ+trgR+DifBr8TLVkBynmNeTyhDm2+
 l0haqjMk0UoNPPE8iYBWUHQJJE1Dqstj65d6Eh5g64Pao25y4cmYJbKjiblIGEkE
 sjqybA9mARAqh9k/eiIopecWSiffNQTwVQVd2I9ZH3BalhEXHlqFgrjz51kFqg81
 awIDAQAB
------END PUBLIC KEY-----`, he = {
-  AUTHENTICATE: "authenticate",
+-----END PUBLIC KEY-----`, ie = {
   CODE: "code",
-  LOGOUT: "logout"
-}, pe = crypto, Qe = (e) => e instanceof CryptoKey, Z = new TextEncoder(), q = new TextDecoder();
-function Yt(...e) {
-  const t = e.reduce((a, { length: s }) => a + s, 0), n = new Uint8Array(t);
-  let r = 0;
+  LOGOUT: "logout",
+  LOGIN: "login",
+  REFRESH: "refresh"
+}, ce = crypto, Me = (e) => e instanceof CryptoKey, F = new TextEncoder(), G = new TextDecoder();
+function Dt(...e) {
+  const t = e.reduce((a, { length: o }) => a + o, 0), r = new Uint8Array(t);
+  let n = 0;
   for (const a of e)
-    n.set(a, r), r += a.length;
-  return n;
+    r.set(a, n), n += a.length;
+  return r;
 }
-const Vt = (e) => {
-  const t = atob(e), n = new Uint8Array(t.length);
-  for (let r = 0; r < t.length; r++)
-    n[r] = t.charCodeAt(r);
-  return n;
-}, B = (e) => {
+const Ut = (e) => {
+  const t = atob(e), r = new Uint8Array(t.length);
+  for (let n = 0; n < t.length; n++)
+    r[n] = t.charCodeAt(n);
+  return r;
+}, Y = (e) => {
   let t = e;
-  t instanceof Uint8Array && (t = q.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
+  t instanceof Uint8Array && (t = G.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
   try {
-    return Vt(t);
+    return Ut(t);
   } catch {
     throw new TypeError("The input to be decoded is not correctly encoded.");
   }
 };
-let $ = class extends Error {
+class D extends Error {
   static get code() {
     return "ERR_JOSE_GENERIC";
   }
   constructor(t) {
-    var n;
-    super(t), this.code = "ERR_JOSE_GENERIC", this.name = this.constructor.name, (n = Error.captureStackTrace) == null || n.call(Error, this, this.constructor);
+    var r;
+    super(t), this.code = "ERR_JOSE_GENERIC", this.name = this.constructor.name, (r = Error.captureStackTrace) == null || r.call(Error, this, this.constructor);
   }
-}, _ = class extends $ {
+}
+class R extends D {
   static get code() {
     return "ERR_JWT_CLAIM_VALIDATION_FAILED";
   }
-  constructor(t, n, r = "unspecified", a = "unspecified") {
-    super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = r, this.reason = a, this.payload = n;
+  constructor(t, r, n = "unspecified", a = "unspecified") {
+    super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = n, this.reason = a, this.payload = r;
   }
-}, Ne = class extends $ {
+}
+class Oe extends D {
   static get code() {
     return "ERR_JWT_EXPIRED";
   }
-  constructor(t, n, r = "unspecified", a = "unspecified") {
-    super(t), this.code = "ERR_JWT_EXPIRED", this.claim = r, this.reason = a, this.payload = n;
+  constructor(t, r, n = "unspecified", a = "unspecified") {
+    super(t), this.code = "ERR_JWT_EXPIRED", this.claim = n, this.reason = a, this.payload = r;
   }
-};
-class jt extends $ {
+}
+class Kt extends D {
   constructor() {
     super(...arguments), this.code = "ERR_JOSE_ALG_NOT_ALLOWED";
   }
@@ -399,15 +403,15 @@ class jt extends $ {
     return "ERR_JOSE_ALG_NOT_ALLOWED";
   }
 }
-let N = class extends $ {
+class k extends D {
   constructor() {
     super(...arguments), this.code = "ERR_JOSE_NOT_SUPPORTED";
   }
   static get code() {
     return "ERR_JOSE_NOT_SUPPORTED";
   }
-};
-class A extends $ {
+}
+class m extends D {
   constructor() {
     super(...arguments), this.code = "ERR_JWS_INVALID";
   }
@@ -415,7 +419,7 @@ class A extends $ {
     return "ERR_JWS_INVALID";
   }
 }
-let k = class extends $ {
+let O = class extends D {
   constructor() {
     super(...arguments), this.code = "ERR_JWT_INVALID";
   }
@@ -423,7 +427,7 @@ let k = class extends $ {
     return "ERR_JWT_INVALID";
   }
 };
-class Ft extends $ {
+class Lt extends D {
   constructor() {
     super(...arguments), this.code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED", this.message = "signature verification failed";
   }
@@ -431,16 +435,16 @@ class Ft extends $ {
     return "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
   }
 }
-function P(e, t = "algorithm.name") {
+function b(e, t = "algorithm.name") {
   return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`);
 }
-function ee(e, t) {
+function B(e, t) {
   return e.name === t;
 }
-function me(e) {
+function pe(e) {
   return parseInt(e.name.slice(4), 10);
 }
-function Bt(e) {
+function $t(e) {
   switch (e) {
     case "ES256":
       return "P-256";
@@ -452,104 +456,104 @@ function Bt(e) {
       throw new Error("unreachable");
   }
 }
-function qt(e, t) {
-  if (t.length && !t.some((n) => e.usages.includes(n))) {
-    let n = "CryptoKey does not support this operation, its usages must include ";
+function Ht(e, t) {
+  if (t.length && !t.some((r) => e.usages.includes(r))) {
+    let r = "CryptoKey does not support this operation, its usages must include ";
     if (t.length > 2) {
-      const r = t.pop();
-      n += `one of ${t.join(", ")}, or ${r}.`;
-    } else t.length === 2 ? n += `one of ${t[0]} or ${t[1]}.` : n += `${t[0]}.`;
-    throw new TypeError(n);
+      const n = t.pop();
+      r += `one of ${t.join(", ")}, or ${n}.`;
+    } else t.length === 2 ? r += `one of ${t[0]} or ${t[1]}.` : r += `${t[0]}.`;
+    throw new TypeError(r);
   }
 }
-function zt(e, t, ...n) {
+function Wt(e, t, ...r) {
   switch (t) {
     case "HS256":
     case "HS384":
     case "HS512": {
-      if (!ee(e.algorithm, "HMAC"))
-        throw P("HMAC");
-      const r = parseInt(t.slice(2), 10);
-      if (me(e.algorithm.hash) !== r)
-        throw P(`SHA-${r}`, "algorithm.hash");
+      if (!B(e.algorithm, "HMAC"))
+        throw b("HMAC");
+      const n = parseInt(t.slice(2), 10);
+      if (pe(e.algorithm.hash) !== n)
+        throw b(`SHA-${n}`, "algorithm.hash");
       break;
     }
     case "RS256":
     case "RS384":
     case "RS512": {
-      if (!ee(e.algorithm, "RSASSA-PKCS1-v1_5"))
-        throw P("RSASSA-PKCS1-v1_5");
-      const r = parseInt(t.slice(2), 10);
-      if (me(e.algorithm.hash) !== r)
-        throw P(`SHA-${r}`, "algorithm.hash");
+      if (!B(e.algorithm, "RSASSA-PKCS1-v1_5"))
+        throw b("RSASSA-PKCS1-v1_5");
+      const n = parseInt(t.slice(2), 10);
+      if (pe(e.algorithm.hash) !== n)
+        throw b(`SHA-${n}`, "algorithm.hash");
       break;
     }
     case "PS256":
     case "PS384":
     case "PS512": {
-      if (!ee(e.algorithm, "RSA-PSS"))
-        throw P("RSA-PSS");
-      const r = parseInt(t.slice(2), 10);
-      if (me(e.algorithm.hash) !== r)
-        throw P(`SHA-${r}`, "algorithm.hash");
+      if (!B(e.algorithm, "RSA-PSS"))
+        throw b("RSA-PSS");
+      const n = parseInt(t.slice(2), 10);
+      if (pe(e.algorithm.hash) !== n)
+        throw b(`SHA-${n}`, "algorithm.hash");
       break;
     }
     case "EdDSA": {
       if (e.algorithm.name !== "Ed25519" && e.algorithm.name !== "Ed448")
-        throw P("Ed25519 or Ed448");
+        throw b("Ed25519 or Ed448");
       break;
     }
     case "ES256":
     case "ES384":
     case "ES512": {
-      if (!ee(e.algorithm, "ECDSA"))
-        throw P("ECDSA");
-      const r = Bt(t);
-      if (e.algorithm.namedCurve !== r)
-        throw P(r, "algorithm.namedCurve");
+      if (!B(e.algorithm, "ECDSA"))
+        throw b("ECDSA");
+      const n = $t(t);
+      if (e.algorithm.namedCurve !== n)
+        throw b(n, "algorithm.namedCurve");
       break;
     }
     default:
       throw new TypeError("CryptoKey does not support this operation");
   }
-  qt(e, n);
+  Ht(e, r);
 }
-function Xe(e, t, ...n) {
-  var r;
-  if (n.length > 2) {
-    const a = n.pop();
-    e += `one of type ${n.join(", ")}, or ${a}.`;
-  } else n.length === 2 ? e += `one of type ${n[0]} or ${n[1]}.` : e += `of type ${n[0]}.`;
-  return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (r = t.constructor) != null && r.name && (e += ` Received an instance of ${t.constructor.name}`), e;
+function Ve(e, t, ...r) {
+  var n;
+  if (r.length > 2) {
+    const a = r.pop();
+    e += `one of type ${r.join(", ")}, or ${a}.`;
+  } else r.length === 2 ? e += `one of type ${r[0]} or ${r[1]}.` : e += `of type ${r[0]}.`;
+  return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (n = t.constructor) != null && n.name && (e += ` Received an instance of ${t.constructor.name}`), e;
 }
-const De = (e, ...t) => Xe("Key must be ", e, ...t);
-function Ze(e, t, ...n) {
-  return Xe(`Key for the ${e} algorithm must be `, t, ...n);
+const ve = (e, ...t) => Ve("Key must be ", e, ...t);
+function je(e, t, ...r) {
+  return Ve(`Key for the ${e} algorithm must be `, t, ...r);
 }
-const et = (e) => Qe(e) ? !0 : e?.[Symbol.toStringTag] === "KeyObject", ue = ["CryptoKey"], Qt = (...e) => {
+const Fe = (e) => Me(e) ? !0 : e?.[Symbol.toStringTag] === "KeyObject", ne = ["CryptoKey"], xt = (...e) => {
   const t = e.filter(Boolean);
   if (t.length === 0 || t.length === 1)
     return !0;
-  let n;
-  for (const r of t) {
-    const a = Object.keys(r);
-    if (!n || n.size === 0) {
-      n = new Set(a);
+  let r;
+  for (const n of t) {
+    const a = Object.keys(n);
+    if (!r || r.size === 0) {
+      r = new Set(a);
       continue;
     }
-    for (const s of a) {
-      if (n.has(s))
+    for (const o of a) {
+      if (r.has(o))
         return !1;
-      n.add(s);
+      r.add(o);
     }
   }
   return !0;
 };
-function Xt(e) {
+function Jt(e) {
   return typeof e == "object" && e !== null;
 }
-function le(e) {
-  if (!Xt(e) || Object.prototype.toString.call(e) !== "[object Object]")
+function ae(e) {
+  if (!Jt(e) || Object.prototype.toString.call(e) !== "[object Object]")
     return !1;
   if (Object.getPrototypeOf(e) === null)
     return !0;
@@ -558,27 +562,27 @@ function le(e) {
     t = Object.getPrototypeOf(t);
   return Object.getPrototypeOf(e) === t;
 }
-const Zt = (e, t) => {
+const Yt = (e, t) => {
   if (e.startsWith("RS") || e.startsWith("PS")) {
-    const { modulusLength: n } = t.algorithm;
-    if (typeof n != "number" || n < 2048)
+    const { modulusLength: r } = t.algorithm;
+    if (typeof r != "number" || r < 2048)
       throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`);
   }
 };
-function en(e) {
-  let t, n;
+function Gt(e) {
+  let t, r;
   switch (e.kty) {
     case "RSA": {
       switch (e.alg) {
         case "PS256":
         case "PS384":
         case "PS512":
-          t = { name: "RSA-PSS", hash: `SHA-${e.alg.slice(-3)}` }, n = e.d ? ["sign"] : ["verify"];
+          t = { name: "RSA-PSS", hash: `SHA-${e.alg.slice(-3)}` }, r = e.d ? ["sign"] : ["verify"];
           break;
         case "RS256":
         case "RS384":
         case "RS512":
-          t = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${e.alg.slice(-3)}` }, n = e.d ? ["sign"] : ["verify"];
+          t = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${e.alg.slice(-3)}` }, r = e.d ? ["sign"] : ["verify"];
           break;
         case "RSA-OAEP":
         case "RSA-OAEP-256":
@@ -587,952 +591,595 @@ function en(e) {
           t = {
             name: "RSA-OAEP",
             hash: `SHA-${parseInt(e.alg.slice(-3), 10) || 1}`
-          }, n = e.d ? ["decrypt", "unwrapKey"] : ["encrypt", "wrapKey"];
+          }, r = e.d ? ["decrypt", "unwrapKey"] : ["encrypt", "wrapKey"];
           break;
         default:
-          throw new N('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
+          throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
       }
       break;
     }
     case "EC": {
       switch (e.alg) {
         case "ES256":
-          t = { name: "ECDSA", namedCurve: "P-256" }, n = e.d ? ["sign"] : ["verify"];
+          t = { name: "ECDSA", namedCurve: "P-256" }, r = e.d ? ["sign"] : ["verify"];
           break;
         case "ES384":
-          t = { name: "ECDSA", namedCurve: "P-384" }, n = e.d ? ["sign"] : ["verify"];
+          t = { name: "ECDSA", namedCurve: "P-384" }, r = e.d ? ["sign"] : ["verify"];
           break;
         case "ES512":
-          t = { name: "ECDSA", namedCurve: "P-521" }, n = e.d ? ["sign"] : ["verify"];
+          t = { name: "ECDSA", namedCurve: "P-521" }, r = e.d ? ["sign"] : ["verify"];
           break;
         case "ECDH-ES":
         case "ECDH-ES+A128KW":
         case "ECDH-ES+A192KW":
         case "ECDH-ES+A256KW":
-          t = { name: "ECDH", namedCurve: e.crv }, n = e.d ? ["deriveBits"] : [];
+          t = { name: "ECDH", namedCurve: e.crv }, r = e.d ? ["deriveBits"] : [];
           break;
         default:
-          throw new N('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
+          throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
       }
       break;
     }
     case "OKP": {
       switch (e.alg) {
         case "EdDSA":
-          t = { name: e.crv }, n = e.d ? ["sign"] : ["verify"];
+          t = { name: e.crv }, r = e.d ? ["sign"] : ["verify"];
           break;
         case "ECDH-ES":
         case "ECDH-ES+A128KW":
         case "ECDH-ES+A192KW":
         case "ECDH-ES+A256KW":
-          t = { name: e.crv }, n = e.d ? ["deriveBits"] : [];
+          t = { name: e.crv }, r = e.d ? ["deriveBits"] : [];
           break;
         default:
-          throw new N('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
+          throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
       }
       break;
     }
     default:
-      throw new N('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
+      throw new k('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
   }
-  return { algorithm: t, keyUsages: n };
+  return { algorithm: t, keyUsages: r };
 }
-const tn = async (e) => {
+const Mt = async (e) => {
   if (!e.alg)
     throw new TypeError('"alg" argument is required when "jwk.alg" is not present');
-  const { algorithm: t, keyUsages: n } = en(e), r = [
+  const { algorithm: t, keyUsages: r } = Gt(e), n = [
     t,
     e.ext ?? !1,
-    e.key_ops ?? n
+    e.key_ops ?? r
   ], a = { ...e };
-  return delete a.alg, delete a.use, pe.subtle.importKey("jwk", a, ...r);
-}, tt = (e) => B(e);
-let we, Ee;
-const nt = (e) => e?.[Symbol.toStringTag] === "KeyObject", rt = async (e, t, n, r) => {
+  return delete a.alg, delete a.use, ce.subtle.importKey("jwk", a, ...n);
+}, Be = (e) => Y(e);
+let fe, ye;
+const qe = (e) => e?.[Symbol.toStringTag] === "KeyObject", ze = async (e, t, r, n) => {
   let a = e.get(t);
-  if (a != null && a[r])
-    return a[r];
-  const s = await tn({ ...n, alg: r });
-  return a ? a[r] = s : e.set(t, { [r]: s }), s;
-}, nn = (e, t) => {
-  if (nt(e)) {
-    let n = e.export({ format: "jwk" });
-    return delete n.d, delete n.dp, delete n.dq, delete n.p, delete n.q, delete n.qi, n.k ? tt(n.k) : (Ee || (Ee = /* @__PURE__ */ new WeakMap()), rt(Ee, e, n, t));
+  if (a != null && a[n])
+    return a[n];
+  const o = await Mt({ ...r, alg: n });
+  return a ? a[n] = o : e.set(t, { [n]: o }), o;
+}, Vt = (e, t) => {
+  if (qe(e)) {
+    let r = e.export({ format: "jwk" });
+    return delete r.d, delete r.dp, delete r.dq, delete r.p, delete r.q, delete r.qi, r.k ? Be(r.k) : (ye || (ye = /* @__PURE__ */ new WeakMap()), ze(ye, e, r, t));
   }
   return e;
-}, rn = (e, t) => {
-  if (nt(e)) {
-    let n = e.export({ format: "jwk" });
-    return n.k ? tt(n.k) : (we || (we = /* @__PURE__ */ new WeakMap()), rt(we, e, n, t));
+}, jt = (e, t) => {
+  if (qe(e)) {
+    let r = e.export({ format: "jwk" });
+    return r.k ? Be(r.k) : (fe || (fe = /* @__PURE__ */ new WeakMap()), ze(fe, e, r, t));
   }
   return e;
-}, an = { normalizePublicKey: nn, normalizePrivateKey: rn }, O = (e, t, n = 0) => {
-  n === 0 && (t.unshift(t.length), t.unshift(6));
-  const r = e.indexOf(t[0], n);
-  if (r === -1)
+}, Ft = { normalizePublicKey: Vt, normalizePrivateKey: jt }, v = (e, t, r = 0) => {
+  r === 0 && (t.unshift(t.length), t.unshift(6));
+  const n = e.indexOf(t[0], r);
+  if (n === -1)
     return !1;
-  const a = e.subarray(r, r + t.length);
-  return a.length !== t.length ? !1 : a.every((s, o) => s === t[o]) || O(e, t, r + 1);
-}, Ue = (e) => {
+  const a = e.subarray(n, n + t.length);
+  return a.length !== t.length ? !1 : a.every((o, s) => o === t[s]) || v(e, t, n + 1);
+}, ke = (e) => {
   switch (!0) {
-    case O(e, [42, 134, 72, 206, 61, 3, 1, 7]):
+    case v(e, [42, 134, 72, 206, 61, 3, 1, 7]):
       return "P-256";
-    case O(e, [43, 129, 4, 0, 34]):
+    case v(e, [43, 129, 4, 0, 34]):
       return "P-384";
-    case O(e, [43, 129, 4, 0, 35]):
+    case v(e, [43, 129, 4, 0, 35]):
       return "P-521";
-    case O(e, [43, 101, 110]):
+    case v(e, [43, 101, 110]):
       return "X25519";
-    case O(e, [43, 101, 111]):
+    case v(e, [43, 101, 111]):
       return "X448";
-    case O(e, [43, 101, 112]):
+    case v(e, [43, 101, 112]):
       return "Ed25519";
-    case O(e, [43, 101, 113]):
+    case v(e, [43, 101, 113]):
       return "Ed448";
     default:
-      throw new N("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
+      throw new k("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
   }
-}, on = async (e, t, n, r, a) => {
-  let s, o;
-  const i = new Uint8Array(atob(n.replace(e, "")).split("").map((c) => c.charCodeAt(0)));
-  switch (r) {
+}, Bt = async (e, t, r, n, a) => {
+  let o, s;
+  const i = new Uint8Array(atob(r.replace(e, "")).split("").map((c) => c.charCodeAt(0)));
+  switch (n) {
     case "PS256":
     case "PS384":
     case "PS512":
-      s = { name: "RSA-PSS", hash: `SHA-${r.slice(-3)}` }, o = ["verify"];
+      o = { name: "RSA-PSS", hash: `SHA-${n.slice(-3)}` }, s = ["verify"];
       break;
     case "RS256":
     case "RS384":
     case "RS512":
-      s = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${r.slice(-3)}` }, o = ["verify"];
+      o = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${n.slice(-3)}` }, s = ["verify"];
       break;
     case "RSA-OAEP":
     case "RSA-OAEP-256":
     case "RSA-OAEP-384":
     case "RSA-OAEP-512":
-      s = {
+      o = {
         name: "RSA-OAEP",
-        hash: `SHA-${parseInt(r.slice(-3), 10) || 1}`
-      }, o = ["encrypt", "wrapKey"];
+        hash: `SHA-${parseInt(n.slice(-3), 10) || 1}`
+      }, s = ["encrypt", "wrapKey"];
       break;
     case "ES256":
-      s = { name: "ECDSA", namedCurve: "P-256" }, o = ["verify"];
+      o = { name: "ECDSA", namedCurve: "P-256" }, s = ["verify"];
       break;
     case "ES384":
-      s = { name: "ECDSA", namedCurve: "P-384" }, o = ["verify"];
+      o = { name: "ECDSA", namedCurve: "P-384" }, s = ["verify"];
       break;
     case "ES512":
-      s = { name: "ECDSA", namedCurve: "P-521" }, o = ["verify"];
+      o = { name: "ECDSA", namedCurve: "P-521" }, s = ["verify"];
       break;
     case "ECDH-ES":
     case "ECDH-ES+A128KW":
     case "ECDH-ES+A192KW":
     case "ECDH-ES+A256KW": {
-      const c = Ue(i);
-      s = c.startsWith("P-") ? { name: "ECDH", namedCurve: c } : { name: c }, o = [];
+      const c = ke(i);
+      o = c.startsWith("P-") ? { name: "ECDH", namedCurve: c } : { name: c }, s = [];
       break;
     }
     case "EdDSA":
-      s = { name: Ue(i) }, o = ["verify"];
+      o = { name: ke(i) }, s = ["verify"];
       break;
     default:
-      throw new N('Invalid or unsupported "alg" (Algorithm) value');
+      throw new k('Invalid or unsupported "alg" (Algorithm) value');
   }
-  return pe.subtle.importKey(t, i, s, !1, o);
-}, sn = (e, t, n) => on(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
-async function cn(e, t, n) {
+  return ce.subtle.importKey(t, i, o, !1, s);
+}, qt = (e, t, r) => Bt(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
+async function zt(e, t, r) {
   if (e.indexOf("-----BEGIN PUBLIC KEY-----") !== 0)
     throw new TypeError('"spki" must be SPKI formatted string');
-  return sn(e, t);
+  return qt(e, t);
 }
-const ie = (e) => e?.[Symbol.toStringTag], un = (e, t) => {
+const ee = (e) => e?.[Symbol.toStringTag], Qt = (e, t) => {
   if (!(t instanceof Uint8Array)) {
-    if (!et(t))
-      throw new TypeError(Ze(e, t, ...ue, "Uint8Array"));
+    if (!Fe(t))
+      throw new TypeError(je(e, t, ...ne, "Uint8Array"));
     if (t.type !== "secret")
-      throw new TypeError(`${ie(t)} instances for symmetric algorithms must be of type "secret"`);
+      throw new TypeError(`${ee(t)} instances for symmetric algorithms must be of type "secret"`);
   }
-}, ln = (e, t, n) => {
-  if (!et(t))
-    throw new TypeError(Ze(e, t, ...ue));
+}, Xt = (e, t, r) => {
+  if (!Fe(t))
+    throw new TypeError(je(e, t, ...ne));
   if (t.type === "secret")
-    throw new TypeError(`${ie(t)} instances for asymmetric algorithms must not be of type "secret"`);
-  if (t.algorithm && n === "verify" && t.type === "private")
-    throw new TypeError(`${ie(t)} instances for asymmetric algorithm verifying must be of type "public"`);
-  if (t.algorithm && n === "encrypt" && t.type === "private")
-    throw new TypeError(`${ie(t)} instances for asymmetric algorithm encryption must be of type "public"`);
-}, dn = (e, t, n) => {
-  e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? un(e, t) : ln(e, t, n);
+    throw new TypeError(`${ee(t)} instances for asymmetric algorithms must not be of type "secret"`);
+  if (t.algorithm && r === "verify" && t.type === "private")
+    throw new TypeError(`${ee(t)} instances for asymmetric algorithm verifying must be of type "public"`);
+  if (t.algorithm && r === "encrypt" && t.type === "private")
+    throw new TypeError(`${ee(t)} instances for asymmetric algorithm encryption must be of type "public"`);
+}, Zt = (e, t, r) => {
+  e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? Qt(e, t) : Xt(e, t, r);
 };
-function hn(e, t, n, r, a) {
-  if (a.crit !== void 0 && r?.crit === void 0)
+function er(e, t, r, n, a) {
+  if (a.crit !== void 0 && n?.crit === void 0)
     throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');
-  if (!r || r.crit === void 0)
+  if (!n || n.crit === void 0)
     return /* @__PURE__ */ new Set();
-  if (!Array.isArray(r.crit) || r.crit.length === 0 || r.crit.some((o) => typeof o != "string" || o.length === 0))
+  if (!Array.isArray(n.crit) || n.crit.length === 0 || n.crit.some((s) => typeof s != "string" || s.length === 0))
     throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');
-  let s;
-  n !== void 0 ? s = new Map([...Object.entries(n), ...t.entries()]) : s = t;
-  for (const o of r.crit) {
-    if (!s.has(o))
-      throw new N(`Extension Header Parameter "${o}" is not recognized`);
-    if (a[o] === void 0)
-      throw new e(`Extension Header Parameter "${o}" is missing`);
-    if (s.get(o) && r[o] === void 0)
-      throw new e(`Extension Header Parameter "${o}" MUST be integrity protected`);
-  }
-  return new Set(r.crit);
+  let o;
+  r !== void 0 ? o = new Map([...Object.entries(r), ...t.entries()]) : o = t;
+  for (const s of n.crit) {
+    if (!o.has(s))
+      throw new k(`Extension Header Parameter "${s}" is not recognized`);
+    if (a[s] === void 0)
+      throw new e(`Extension Header Parameter "${s}" is missing`);
+    if (o.get(s) && n[s] === void 0)
+      throw new e(`Extension Header Parameter "${s}" MUST be integrity protected`);
+  }
+  return new Set(n.crit);
 }
-const pn = (e, t) => {
-  if (t !== void 0 && (!Array.isArray(t) || t.some((n) => typeof n != "string")))
+const tr = (e, t) => {
+  if (t !== void 0 && (!Array.isArray(t) || t.some((r) => typeof r != "string")))
     throw new TypeError(`"${e}" option must be an array of strings`);
   if (t)
     return new Set(t);
 };
-function fn(e, t) {
-  const n = `SHA-${e.slice(-3)}`;
+function rr(e, t) {
+  const r = `SHA-${e.slice(-3)}`;
   switch (e) {
     case "HS256":
     case "HS384":
     case "HS512":
-      return { hash: n, name: "HMAC" };
+      return { hash: r, name: "HMAC" };
     case "PS256":
     case "PS384":
     case "PS512":
-      return { hash: n, name: "RSA-PSS", saltLength: e.slice(-3) >> 3 };
+      return { hash: r, name: "RSA-PSS", saltLength: e.slice(-3) >> 3 };
     case "RS256":
     case "RS384":
     case "RS512":
-      return { hash: n, name: "RSASSA-PKCS1-v1_5" };
+      return { hash: r, name: "RSASSA-PKCS1-v1_5" };
     case "ES256":
     case "ES384":
     case "ES512":
-      return { hash: n, name: "ECDSA", namedCurve: t.namedCurve };
+      return { hash: r, name: "ECDSA", namedCurve: t.namedCurve };
     case "EdDSA":
       return { name: t.name };
     default:
-      throw new N(`alg ${e} is not supported either by JOSE or your javascript runtime`);
+      throw new k(`alg ${e} is not supported either by JOSE or your javascript runtime`);
   }
 }
-async function yn(e, t, n) {
-  if (t = await an.normalizePublicKey(t, e), Qe(t))
-    return zt(t, e, n), t;
+async function nr(e, t, r) {
+  if (t = await Ft.normalizePublicKey(t, e), Me(t))
+    return Wt(t, e, r), t;
   if (t instanceof Uint8Array) {
     if (!e.startsWith("HS"))
-      throw new TypeError(De(t, ...ue));
-    return pe.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [n]);
+      throw new TypeError(ve(t, ...ne));
+    return ce.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [r]);
   }
-  throw new TypeError(De(t, ...ue, "Uint8Array"));
+  throw new TypeError(ve(t, ...ne, "Uint8Array"));
 }
-const gn = async (e, t, n, r) => {
-  const a = await yn(e, t, "verify");
-  Zt(e, a);
-  const s = fn(e, a.algorithm);
+const ar = async (e, t, r, n) => {
+  const a = await nr(e, t, "verify");
+  Yt(e, a);
+  const o = rr(e, a.algorithm);
   try {
-    return await pe.subtle.verify(s, a, n, r);
+    return await ce.subtle.verify(o, a, r, n);
   } catch {
     return !1;
   }
 };
-async function mn(e, t, n) {
-  if (!le(e))
-    throw new A("Flattened JWS must be an object");
+async function sr(e, t, r) {
+  if (!ae(e))
+    throw new m("Flattened JWS must be an object");
   if (e.protected === void 0 && e.header === void 0)
-    throw new A('Flattened JWS must have either of the "protected" or "header" members');
+    throw new m('Flattened JWS must have either of the "protected" or "header" members');
   if (e.protected !== void 0 && typeof e.protected != "string")
-    throw new A("JWS Protected Header incorrect type");
+    throw new m("JWS Protected Header incorrect type");
   if (e.payload === void 0)
-    throw new A("JWS Payload missing");
+    throw new m("JWS Payload missing");
   if (typeof e.signature != "string")
-    throw new A("JWS Signature missing or incorrect type");
-  if (e.header !== void 0 && !le(e.header))
-    throw new A("JWS Unprotected Header incorrect type");
-  let r = {};
+    throw new m("JWS Signature missing or incorrect type");
+  if (e.header !== void 0 && !ae(e.header))
+    throw new m("JWS Unprotected Header incorrect type");
+  let n = {};
   if (e.protected)
     try {
-      const u = B(e.protected);
-      r = JSON.parse(q.decode(u));
+      const T = Y(e.protected);
+      n = JSON.parse(G.decode(T));
     } catch {
-      throw new A("JWS Protected Header is invalid");
+      throw new m("JWS Protected Header is invalid");
     }
-  if (!Qt(r, e.header))
-    throw new A("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
+  if (!xt(n, e.header))
+    throw new m("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
   const a = {
-    ...r,
+    ...n,
     ...e.header
-  }, s = hn(A, /* @__PURE__ */ new Map([["b64", !0]]), n?.crit, r, a);
-  let o = !0;
-  if (s.has("b64") && (o = r.b64, typeof o != "boolean"))
-    throw new A('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
+  }, o = er(m, /* @__PURE__ */ new Map([["b64", !0]]), r?.crit, n, a);
+  let s = !0;
+  if (o.has("b64") && (s = n.b64, typeof s != "boolean"))
+    throw new m('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
   const { alg: i } = a;
   if (typeof i != "string" || !i)
-    throw new A('JWS "alg" (Algorithm) Header Parameter missing or invalid');
-  const c = n && pn("algorithms", n.algorithms);
+    throw new m('JWS "alg" (Algorithm) Header Parameter missing or invalid');
+  const c = r && tr("algorithms", r.algorithms);
   if (c && !c.has(i))
-    throw new jt('"alg" (Algorithm) Header Parameter value not allowed');
-  if (o) {
+    throw new Kt('"alg" (Algorithm) Header Parameter value not allowed');
+  if (s) {
     if (typeof e.payload != "string")
-      throw new A("JWS Payload must be a string");
+      throw new m("JWS Payload must be a string");
   } else if (typeof e.payload != "string" && !(e.payload instanceof Uint8Array))
-    throw new A("JWS Payload must be a string or an Uint8Array instance");
-  let y = !1;
-  typeof t == "function" && (t = await t(r, e), y = !0), dn(i, t, "verify");
-  const l = Yt(Z.encode(e.protected ?? ""), Z.encode("."), typeof e.payload == "string" ? Z.encode(e.payload) : e.payload);
-  let h;
+    throw new m("JWS Payload must be a string or an Uint8Array instance");
+  let u = !1;
+  typeof t == "function" && (t = await t(n, e), u = !0), Zt(i, t, "verify");
+  const p = Dt(F.encode(e.protected ?? ""), F.encode("."), typeof e.payload == "string" ? F.encode(e.payload) : e.payload);
+  let f;
   try {
-    h = B(e.signature);
+    f = Y(e.signature);
   } catch {
-    throw new A("Failed to base64url decode the signature");
+    throw new m("Failed to base64url decode the signature");
   }
-  if (!await gn(i, t, h, l))
-    throw new Ft();
-  let g;
-  if (o)
+  if (!await ar(i, t, f, p))
+    throw new Lt();
+  let l;
+  if (s)
     try {
-      g = B(e.payload);
+      l = Y(e.payload);
     } catch {
-      throw new A("Failed to base64url decode the payload");
+      throw new m("Failed to base64url decode the payload");
     }
-  else typeof e.payload == "string" ? g = Z.encode(e.payload) : g = e.payload;
-  const f = { payload: g };
-  return e.protected !== void 0 && (f.protectedHeader = r), e.header !== void 0 && (f.unprotectedHeader = e.header), y ? { ...f, key: t } : f;
+  else typeof e.payload == "string" ? l = F.encode(e.payload) : l = e.payload;
+  const A = { payload: l };
+  return e.protected !== void 0 && (A.protectedHeader = n), e.header !== void 0 && (A.unprotectedHeader = e.header), u ? { ...A, key: t } : A;
 }
-async function wn(e, t, n) {
-  if (e instanceof Uint8Array && (e = q.decode(e)), typeof e != "string")
-    throw new A("Compact JWS must be a string or Uint8Array");
-  const { 0: r, 1: a, 2: s, length: o } = e.split(".");
-  if (o !== 3)
-    throw new A("Invalid Compact JWS");
-  const i = await mn({ payload: a, protected: r, signature: s }, t, n), c = { payload: i.payload, protectedHeader: i.protectedHeader };
+async function or(e, t, r) {
+  if (e instanceof Uint8Array && (e = G.decode(e)), typeof e != "string")
+    throw new m("Compact JWS must be a string or Uint8Array");
+  const { 0: n, 1: a, 2: o, length: s } = e.split(".");
+  if (s !== 3)
+    throw new m("Invalid Compact JWS");
+  const i = await sr({ payload: a, protected: n, signature: o }, t, r), c = { payload: i.payload, protectedHeader: i.protectedHeader };
   return typeof t == "function" ? { ...c, key: i.key } : c;
 }
-const En = (e) => Math.floor(e.getTime() / 1e3), at = 60, ot = at * 60, Ie = ot * 24, Sn = Ie * 7, An = Ie * 365.25, Tn = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, $e = (e) => {
-  const t = Tn.exec(e);
+const ir = (e) => Math.floor(e.getTime() / 1e3), Qe = 60, Xe = Qe * 60, Ae = Xe * 24, cr = Ae * 7, ur = Ae * 365.25, lr = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, Pe = (e) => {
+  const t = lr.exec(e);
   if (!t || t[4] && t[1])
     throw new TypeError("Invalid time period format");
-  const n = parseFloat(t[2]), r = t[3].toLowerCase();
+  const r = parseFloat(t[2]), n = t[3].toLowerCase();
   let a;
-  switch (r) {
+  switch (n) {
     case "sec":
     case "secs":
     case "second":
     case "seconds":
     case "s":
-      a = Math.round(n);
+      a = Math.round(r);
       break;
     case "minute":
     case "minutes":
     case "min":
     case "mins":
     case "m":
-      a = Math.round(n * at);
+      a = Math.round(r * Qe);
       break;
     case "hour":
     case "hours":
     case "hr":
     case "hrs":
     case "h":
-      a = Math.round(n * ot);
+      a = Math.round(r * Xe);
       break;
     case "day":
     case "days":
     case "d":
-      a = Math.round(n * Ie);
+      a = Math.round(r * Ae);
       break;
     case "week":
     case "weeks":
     case "w":
-      a = Math.round(n * Sn);
+      a = Math.round(r * cr);
       break;
     default:
-      a = Math.round(n * An);
+      a = Math.round(r * ur);
       break;
   }
   return t[1] === "-" || t[4] === "ago" ? -a : a;
-}, Ke = (e) => e.toLowerCase().replace(/^application\//, ""), Rn = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, bn = (e, t, n = {}) => {
-  let r;
+}, Ce = (e) => e.toLowerCase().replace(/^application\//, ""), dr = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, hr = (e, t, r = {}) => {
+  let n;
   try {
-    r = JSON.parse(q.decode(t));
+    n = JSON.parse(G.decode(t));
   } catch {
   }
-  if (!le(r))
-    throw new k("JWT Claims Set must be a top-level JSON object");
-  const { typ: a } = n;
-  if (a && (typeof e.typ != "string" || Ke(e.typ) !== Ke(a)))
-    throw new _('unexpected "typ" JWT header value', r, "typ", "check_failed");
-  const { requiredClaims: s = [], issuer: o, subject: i, audience: c, maxTokenAge: y } = n, l = [...s];
-  y !== void 0 && l.push("iat"), c !== void 0 && l.push("aud"), i !== void 0 && l.push("sub"), o !== void 0 && l.push("iss");
-  for (const u of new Set(l.reverse()))
-    if (!(u in r))
-      throw new _(`missing required "${u}" claim`, r, u, "missing");
-  if (o && !(Array.isArray(o) ? o : [o]).includes(r.iss))
-    throw new _('unexpected "iss" claim value', r, "iss", "check_failed");
-  if (i && r.sub !== i)
-    throw new _('unexpected "sub" claim value', r, "sub", "check_failed");
-  if (c && !Rn(r.aud, typeof c == "string" ? [c] : c))
-    throw new _('unexpected "aud" claim value', r, "aud", "check_failed");
-  let h;
-  switch (typeof n.clockTolerance) {
+  if (!ae(n))
+    throw new O("JWT Claims Set must be a top-level JSON object");
+  const { typ: a } = r;
+  if (a && (typeof e.typ != "string" || Ce(e.typ) !== Ce(a)))
+    throw new R('unexpected "typ" JWT header value', n, "typ", "check_failed");
+  const { requiredClaims: o = [], issuer: s, subject: i, audience: c, maxTokenAge: u } = r, p = [...o];
+  u !== void 0 && p.push("iat"), c !== void 0 && p.push("aud"), i !== void 0 && p.push("sub"), s !== void 0 && p.push("iss");
+  for (const T of new Set(p.reverse()))
+    if (!(T in n))
+      throw new R(`missing required "${T}" claim`, n, T, "missing");
+  if (s && !(Array.isArray(s) ? s : [s]).includes(n.iss))
+    throw new R('unexpected "iss" claim value', n, "iss", "check_failed");
+  if (i && n.sub !== i)
+    throw new R('unexpected "sub" claim value', n, "sub", "check_failed");
+  if (c && !dr(n.aud, typeof c == "string" ? [c] : c))
+    throw new R('unexpected "aud" claim value', n, "aud", "check_failed");
+  let f;
+  switch (typeof r.clockTolerance) {
     case "string":
-      h = $e(n.clockTolerance);
+      f = Pe(r.clockTolerance);
       break;
     case "number":
-      h = n.clockTolerance;
+      f = r.clockTolerance;
       break;
     case "undefined":
-      h = 0;
+      f = 0;
       break;
     default:
       throw new TypeError("Invalid clockTolerance option type");
   }
-  const { currentDate: g } = n, f = En(g || /* @__PURE__ */ new Date());
-  if ((r.iat !== void 0 || y) && typeof r.iat != "number")
-    throw new _('"iat" claim must be a number', r, "iat", "invalid");
-  if (r.nbf !== void 0) {
-    if (typeof r.nbf != "number")
-      throw new _('"nbf" claim must be a number', r, "nbf", "invalid");
-    if (r.nbf > f + h)
-      throw new _('"nbf" claim timestamp check failed', r, "nbf", "check_failed");
-  }
-  if (r.exp !== void 0) {
-    if (typeof r.exp != "number")
-      throw new _('"exp" claim must be a number', r, "exp", "invalid");
-    if (r.exp <= f - h)
-      throw new Ne('"exp" claim timestamp check failed', r, "exp", "check_failed");
-  }
-  if (y) {
-    const u = f - r.iat, m = typeof y == "number" ? y : $e(y);
-    if (u - h > m)
-      throw new Ne('"iat" claim timestamp check failed (too far in the past)', r, "iat", "check_failed");
-    if (u < 0 - h)
-      throw new _('"iat" claim timestamp check failed (it should be in the past)', r, "iat", "check_failed");
+  const { currentDate: l } = r, A = ir(l || /* @__PURE__ */ new Date());
+  if ((n.iat !== void 0 || u) && typeof n.iat != "number")
+    throw new R('"iat" claim must be a number', n, "iat", "invalid");
+  if (n.nbf !== void 0) {
+    if (typeof n.nbf != "number")
+      throw new R('"nbf" claim must be a number', n, "nbf", "invalid");
+    if (n.nbf > A + f)
+      throw new R('"nbf" claim timestamp check failed', n, "nbf", "check_failed");
+  }
+  if (n.exp !== void 0) {
+    if (typeof n.exp != "number")
+      throw new R('"exp" claim must be a number', n, "exp", "invalid");
+    if (n.exp <= A - f)
+      throw new Oe('"exp" claim timestamp check failed', n, "exp", "check_failed");
+  }
+  if (u) {
+    const T = A - n.iat, le = typeof u == "number" ? u : Pe(u);
+    if (T - f > le)
+      throw new Oe('"iat" claim timestamp check failed (too far in the past)', n, "iat", "check_failed");
+    if (T < 0 - f)
+      throw new R('"iat" claim timestamp check failed (it should be in the past)', n, "iat", "check_failed");
   }
-  return r;
+  return n;
 };
-async function In(e, t, n) {
-  var r;
-  const a = await wn(e, t, n);
-  if ((r = a.protectedHeader.crit) != null && r.includes("b64") && a.protectedHeader.b64 === !1)
-    throw new k("JWTs MUST NOT use unencoded payload");
-  const s = { payload: bn(a.protectedHeader, a.payload, n), protectedHeader: a.protectedHeader };
-  return typeof t == "function" ? { ...s, key: a.key } : s;
+async function pr(e, t, r) {
+  var n;
+  const a = await or(e, t, r);
+  if ((n = a.protectedHeader.crit) != null && n.includes("b64") && a.protectedHeader.b64 === !1)
+    throw new O("JWTs MUST NOT use unencoded payload");
+  const o = { payload: hr(a.protectedHeader, a.payload, r), protectedHeader: a.protectedHeader };
+  return typeof t == "function" ? { ...o, key: a.key } : o;
 }
-const _n = B;
-function vn(e) {
+const fr = Y;
+function yr(e) {
   if (typeof e != "string")
-    throw new k("JWTs must use Compact JWS serialization, JWT must be a string");
-  const { 1: t, length: n } = e.split(".");
-  if (n === 5)
-    throw new k("Only JWTs using Compact JWS serialization can be decoded");
-  if (n !== 3)
-    throw new k("Invalid JWT");
+    throw new O("JWTs must use Compact JWS serialization, JWT must be a string");
+  const { 1: t, length: r } = e.split(".");
+  if (r === 5)
+    throw new O("Only JWTs using Compact JWS serialization can be decoded");
+  if (r !== 3)
+    throw new O("Invalid JWT");
   if (!t)
-    throw new k("JWTs must contain a payload");
-  let r;
+    throw new O("JWTs must contain a payload");
+  let n;
   try {
-    r = _n(t);
+    n = fr(t);
   } catch {
-    throw new k("Failed to base64url decode the payload");
+    throw new O("Failed to base64url decode the payload");
   }
   let a;
   try {
-    a = JSON.parse(q.decode(r));
+    a = JSON.parse(G.decode(n));
   } catch {
-    throw new k("Failed to parse the decoded payload as JSON");
+    throw new O("Failed to parse the decoded payload as JSON");
   }
-  if (!le(a))
-    throw new k("Invalid JWT Claims Set");
+  if (!ae(a))
+    throw new O("Invalid JWT Claims Set");
   return a;
 }
-const J = async (e) => {
+const H = async (e) => {
   try {
-    const t = T.ALG, n = await cn(Jt, t);
-    return await In(e, n, {
-      issuer: T.ISSUER
+    const t = S.ALG, r = await zt(Nt, t);
+    return await pr(e, r, {
+      issuer: S.ISSUER
     });
   } catch {
     return;
   }
-}, Cn = (e) => {
+}, gr = (e) => {
   try {
-    return vn(e);
+    return yr(e);
   } catch {
     return;
   }
 };
-var E = [];
-for (var Se = 0; Se < 256; ++Se)
-  E.push((Se + 256).toString(16).slice(1));
-function Pn(e, t = 0) {
-  return (E[e[t + 0]] + E[e[t + 1]] + E[e[t + 2]] + E[e[t + 3]] + "-" + E[e[t + 4]] + E[e[t + 5]] + "-" + E[e[t + 6]] + E[e[t + 7]] + "-" + E[e[t + 8]] + E[e[t + 9]] + "-" + E[e[t + 10]] + E[e[t + 11]] + E[e[t + 12]] + E[e[t + 13]] + E[e[t + 14]] + E[e[t + 15]]).toLowerCase();
+var g = [];
+for (var ge = 0; ge < 256; ++ge)
+  g.push((ge + 256).toString(16).slice(1));
+function Er(e, t = 0) {
+  return (g[e[t + 0]] + g[e[t + 1]] + g[e[t + 2]] + g[e[t + 3]] + "-" + g[e[t + 4]] + g[e[t + 5]] + "-" + g[e[t + 6]] + g[e[t + 7]] + "-" + g[e[t + 8]] + g[e[t + 9]] + "-" + g[e[t + 10]] + g[e[t + 11]] + g[e[t + 12]] + g[e[t + 13]] + g[e[t + 14]] + g[e[t + 15]]).toLowerCase();
 }
-var te, kn = new Uint8Array(16);
-function On() {
-  if (!te && (te = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !te))
+var q, mr = new Uint8Array(16);
+function wr() {
+  if (!q && (q = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !q))
     throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
-  return te(kn);
+  return q(mr);
 }
-var Nn = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
-const He = {
-  randomUUID: Nn
+var Sr = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
+const Ne = {
+  randomUUID: Sr
 };
-function Le(e, t, n) {
-  if (He.randomUUID && !t && !e)
-    return He.randomUUID();
+function De(e, t, r) {
+  if (Ne.randomUUID && !t && !e)
+    return Ne.randomUUID();
   e = e || {};
-  var r = e.random || (e.rng || On)();
-  return r[6] = r[6] & 15 | 64, r[8] = r[8] & 63 | 128, Pn(r);
+  var n = e.random || (e.rng || wr)();
+  return n[6] = n[6] & 15 | 64, n[8] = n[8] & 63 | 128, Er(n);
 }
-const We = globalThis.crypto, Dn = (e) => `${Le()}${Le()}`.slice(0, e), Un = (e) => btoa(
+const Ue = globalThis.crypto, Ar = (e) => `${De()}${De()}`.slice(0, e), Tr = (e) => btoa(
   [...new Uint8Array(e)].map((t) => String.fromCharCode(t)).join("")
 );
-async function $n(e) {
-  if (!We.subtle)
+async function Rr(e) {
+  if (!Ue.subtle)
     throw new Error(
       "crypto.subtle is available only in secure contexts (HTTPS)."
     );
-  const t = new TextEncoder().encode(e), n = await We.subtle.digest("SHA-256", t);
-  return Un(n).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+  const t = new TextEncoder().encode(e), r = await Ue.subtle.digest("SHA-256", t);
+  return Tr(r).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
 }
-async function Kn(e) {
-  const n = Dn(43), r = await $n(n);
+async function _r(e) {
+  const r = Ar(43), n = await Rr(r);
   return {
-    code_verifier: n,
-    code_challenge: r
+    code_verifier: r,
+    code_challenge: n
   };
 }
-const Ur = async (e, t) => {
-  var n;
-  const r = await J(e);
-  if (!r || !Array.isArray((n = r.payload) == null ? void 0 : n[T.SCOPES_KEY]))
+const Br = async (e, t) => {
+  var r;
+  const n = await H(e);
+  if (!n || !Array.isArray((r = n.payload) == null ? void 0 : r[S.SCOPES_KEY]))
     return !1;
-  const a = r.payload[T.SCOPES_KEY];
-  return Array.isArray(t) ? t.every((s) => a.includes(s)) : Object.keys(t).some(
-    (s) => t[s].every((o) => a.includes(o))
+  const a = n.payload[S.SCOPES_KEY];
+  return Array.isArray(t) ? t.every((o) => a.includes(o)) : Object.keys(t).some(
+    (o) => t[o].every((s) => a.includes(s))
   );
 };
-function st(e, t) {
+function Ze(e, t) {
   window.dispatchEvent(new StorageEvent("storage", { key: e, newValue: t }));
 }
-const xe = (e, t) => {
-  const n = JSON.stringify(
+const Ke = (e, t) => {
+  const r = JSON.stringify(
     typeof t == "function" ? t() : t
   );
-  window.localStorage.setItem(e, n), st(e, n);
-}, Hn = (e) => {
-  window.localStorage.removeItem(e), st(e, null);
-}, Me = (e) => window.localStorage.getItem(e), Ln = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
-function ne({
+  window.localStorage.setItem(e, r), Ze(e, r);
+}, Ir = (e) => {
+  window.localStorage.removeItem(e), Ze(e, null);
+}, Le = (e) => window.localStorage.getItem(e), br = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
+function z({
   key: e,
   initialValue: t
 }) {
-  const n = Nt(Ln, () => Me(e)), r = U(
-    (o) => {
+  const r = St(br, () => Le(e)), n = N(
+    (s) => {
       try {
-        const i = typeof o == "function" ? o(JSON.parse(n)) : o;
-        i == null ? Hn(e) : xe(e, i);
+        const i = typeof s == "function" ? s(JSON.parse(r)) : s;
+        i == null ? Ir(e) : Ke(e, i);
       } catch (i) {
         console.warn(i);
       }
     },
-    [e, n]
-  ), a = U(() => {
-    r(t);
-  }, [t, r]), s = U(() => {
-    r(null);
-  }, [r]);
-  return Re(() => {
+    [e, r]
+  ), a = N(() => {
+    n(t);
+  }, [t, n]), o = N(() => {
+    n(null);
+  }, [n]);
+  return He(() => {
     try {
-      Me(e) === null && typeof t < "u" && xe(e, t);
-    } catch (o) {
-      console.warn(o);
+      Le(e) === null && typeof t < "u" && Ke(e, t);
+    } catch (s) {
+      console.warn(s);
     }
-  }, [e, t]), [n ? JSON.parse(n) : null, r, a, s];
+  }, [e, t]), [r ? JSON.parse(r) : null, n, a, o];
 }
-var S = [];
-for (var Ae = 0; Ae < 256; ++Ae)
-  S.push((Ae + 256).toString(16).slice(1));
-function Wn(e, t = 0) {
-  return (S[e[t + 0]] + S[e[t + 1]] + S[e[t + 2]] + S[e[t + 3]] + "-" + S[e[t + 4]] + S[e[t + 5]] + "-" + S[e[t + 6]] + S[e[t + 7]] + "-" + S[e[t + 8]] + S[e[t + 9]] + "-" + S[e[t + 10]] + S[e[t + 11]] + S[e[t + 12]] + S[e[t + 13]] + S[e[t + 14]] + S[e[t + 15]]).toLowerCase();
+var E = [];
+for (var Ee = 0; Ee < 256; ++Ee)
+  E.push((Ee + 256).toString(16).slice(1));
+function Or(e, t = 0) {
+  return (E[e[t + 0]] + E[e[t + 1]] + E[e[t + 2]] + E[e[t + 3]] + "-" + E[e[t + 4]] + E[e[t + 5]] + "-" + E[e[t + 6]] + E[e[t + 7]] + "-" + E[e[t + 8]] + E[e[t + 9]] + "-" + E[e[t + 10]] + E[e[t + 11]] + E[e[t + 12]] + E[e[t + 13]] + E[e[t + 14]] + E[e[t + 15]]).toLowerCase();
 }
-var re, xn = new Uint8Array(16);
-function Mn() {
-  if (!re && (re = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !re))
+var Q, vr = new Uint8Array(16);
+function kr() {
+  if (!Q && (Q = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !Q))
     throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
-  return re(xn);
+  return Q(vr);
 }
-var Gn = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
-const Ge = {
-  randomUUID: Gn
+var Pr = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
+const $e = {
+  randomUUID: Pr
 };
-function Te(e, t, n) {
-  if (Ge.randomUUID && !t && !e)
-    return Ge.randomUUID();
+function me(e, t, r) {
+  if ($e.randomUUID && !t && !e)
+    return $e.randomUUID();
   e = e || {};
-  var r = e.random || (e.rng || Mn)();
-  return r[6] = r[6] & 15 | 64, r[8] = r[8] & 63 | 128, Wn(r);
+  var n = e.random || (e.rng || kr)();
+  return n[6] = n[6] & 15 | 64, n[8] = n[8] & 63 | 128, Or(n);
 }
-const H = "Oops! It looks like your session has expired. For your security, please log in again to continue.", Jn = "Your session has been successfully terminated.", ae = "Login failed. Please try again.", Yn = "Error getting access token, please re-authenticate.", Vn = "You forgot to wrap your component in <AuthProvider>.", de = {
+const U = "Your session has expired. For your security, please log in again to continue.", Cr = "Your session has been successfully terminated.", we = "Login failed. Please try again.", Nr = "Error getting access token, please re-authenticate.", Dr = "You forgot to wrap your component in <AuthProvider>.", se = {
   dev: "https://auth.gizmette.local.com:3003",
   prod: "https://mylogin.gizmette.com/auth"
-}, oe = "@@auth@@", j = "LOADING", F = "LOGIN", it = "LOGOUT", fe = "success", C = "failure";
-/*!
-  @versini/ui-fingerprint v1.0.1
-  © 2024 gizmette.com
-*/
-try {
-  window.__VERSINI_UI_FINGERPRINT__ || (window.__VERSINI_UI_FINGERPRINT__ = {
-    version: "1.0.1",
-    buildTime: "07/18/2024 09:17 AM EDT",
-    homepage: "https://github.com/aversini/ui-components",
-    license: "MIT"
-  });
-} catch {
-}
-const jn = (e) => Array.from(e).map((t) => t.toString(16).padStart(2, "0")).join(""), ct = async (e) => {
-  if (e === "")
-    return "";
-  const t = new TextEncoder().encode(e), n = await crypto.subtle.digest("SHA-256", t);
-  return Array.from(new Uint8Array(n)).map((r) => r.toString(16).padStart(2, "0")).join("");
-};
-function Je(e, t) {
-  return new Promise((n) => setTimeout(n, e, t));
-}
-async function Fn(e, t, n = 50) {
-  var r, a, s;
-  const o = document;
-  for (; !o.body; )
-    await Je(n);
-  const i = o.createElement("iframe");
-  try {
-    for (await new Promise((c, y) => {
-      let l = !1;
-      const h = () => {
-        l = !0, c();
-      }, g = (m) => {
-        l = !0, y(m);
-      };
-      i.onload = h, i.onerror = g;
-      const { style: f } = i;
-      f.setProperty("display", "block", "important"), f.position = "absolute", f.top = "0", f.left = "0", f.visibility = "hidden", i.src = "about:blank", o.body.appendChild(i);
-      const u = () => {
-        var m, R;
-        l || (((R = (m = i.contentWindow) == null ? void 0 : m.document) == null ? void 0 : R.readyState) === "complete" ? h() : setTimeout(u, 10));
-      };
-      u();
-    }); !((a = (r = i.contentWindow) == null ? void 0 : r.document) != null && a.body); )
-      await Je(n);
-    return await e(i, i.contentWindow);
-  } finally {
-    (s = i.parentNode) == null || s.removeChild(i);
-  }
-}
-const Bn = {
-  audio: {
-    sampleHash: "",
-    oscillator: "",
-    maxChannels: 0,
-    channelCountMode: ""
-  }
-}, qn = async (e) => new Promise((t) => {
-  try {
-    const n = new window.OfflineAudioContext(1, 5e3, 44100), r = n.createBufferSource(), a = n.createOscillator();
-    a.frequency.value = 1e3;
-    const s = n.createDynamicsCompressor();
-    s.threshold.value = -50, s.knee.value = 40, s.ratio.value = 12, s.attack.value = 0, s.release.value = 0.2, a.connect(s), s.connect(n.destination), a.start(), n.startRendering(), n.oncomplete = (o) => {
-      const i = o.renderedBuffer.getChannelData(0);
-      a.disconnect(), s.disconnect(), t({
-        audio: {
-          sampleHash: jn(i),
-          oscillator: a.type,
-          maxChannels: n.destination.maxChannelCount,
-          channelCountMode: r.channelCountMode
-        }
-      });
-    };
-  } catch {
-    t({
-      audio: {
-        sampleHash: "",
-        oscillator: "",
-        maxChannels: 0,
-        channelCountMode: ""
-      }
-    });
-  }
-}), ut = { browser: "" }, zn = async (e) => typeof navigator > "u" ? ut : { browser: navigator.userAgent }, lt = {
-  canvas: {
-    data: ""
-  }
-}, Qn = async (e) => {
-  try {
-    const t = Array.from(
-      { length: 3 },
-      () => Xn(300, 30)
-    ), n = er(t, 300, 30);
-    return {
-      canvas: {
-        data: (await ct(n.data.toString())).toString()
-      }
-    };
-  } catch {
-    return lt;
-  }
-}, Xn = (e, t) => {
-  const n = document.createElement("canvas"), r = n.getContext("2d");
-  if (!r)
-    return new ImageData(1, 1);
-  n.width = e, n.height = t;
-  const a = r.createLinearGradient(0, 0, n.width, n.height);
-  a.addColorStop(0, "red"), a.addColorStop(1 / 6, "orange"), a.addColorStop(2 / 6, "yellow"), a.addColorStop(3 / 6, "green"), a.addColorStop(4 / 6, "blue"), a.addColorStop(5 / 6, "indigo"), a.addColorStop(1, "violet"), r.fillStyle = a, r.fillRect(0, 0, n.width, n.height);
-  const s = "mmMwWLliI0O&1 - Les sanglots longs des violons de l'automne blessent mon coeur d'une langueur monotone";
-  return r.font = "26.321px Arial", r.fillStyle = "black", r.fillText(s, -5, 15), r.fillStyle = "rgba(0, 0, 255, 0.5)", r.fillText(s, -3.3, 17.7), r.beginPath(), r.moveTo(0, 0), r.lineTo(n.width * 2 / 7, n.height), r.strokeStyle = "white", r.lineWidth = 2, r.stroke(), r.getImageData(0, 0, n.width, n.height);
-}, Zn = (e) => {
-  if (e.length === 0)
-    return 0;
-  const t = {};
-  for (const r of e)
-    t[r] = (t[r] || 0) + 1;
-  let n = e[0];
-  for (const r in t)
-    t[r] > t[n] && (n = parseInt(r, 10));
-  return n;
-}, er = (e, t, n) => {
-  const r = [];
-  for (let o = 0; o < e[0].data.length; o++) {
-    const i = [];
-    for (let c = 0; c < e.length; c++)
-      i.push(e[c].data[o]);
-    r.push(Zn(i));
-  }
-  const a = r, s = new Uint8ClampedArray(a);
-  return new ImageData(s, t, n);
-}, tr = [], nr = "mmMwWLliI0O&1", rr = "48px", L = ["monospace", "sans-serif", "serif"], Ye = [
-  "sans-serif-thin",
-  "ARNO PRO",
-  "Agency FB",
-  "Arabic Typesetting",
-  "Arial Unicode MS",
-  "AvantGarde Bk BT",
-  "BankGothic Md BT",
-  "Bitstream Vera Sans Mono",
-  "Calibri",
-  "Century",
-  "Century Gothic",
-  "Clarendon",
-  "EUROSTILE",
-  "Franklin Gothic",
-  "GOTHAM",
-  "Gill Sans",
-  "Helvetica Neue",
-  "Letter Gothic",
-  "Menlo",
-  "MS Outlook",
-  "MS Reference Specialty",
-  "MS UI Gothic",
-  "MT Extra",
-  "MYRIAD PRO",
-  "Marlett",
-  "Microsoft Uighur",
-  "Minion Pro",
-  "Monotype Corsiva",
-  "PMingLiU",
-  "Pristina",
-  "SCRIPTINA",
-  "SimHei",
-  "Small Fonts",
-  "Staccato222 BT",
-  "TRAJAN PRO",
-  "Univers CE 55 Medium",
-  "ZWAdobeF"
-], ar = async (e) => Fn(async (t, { document: n }) => {
-  const r = n.body;
-  r.style.fontSize = rr;
-  const a = n.createElement("div");
-  a.style.setProperty("visibility", "hidden", "important");
-  const s = {}, o = {}, i = (u) => {
-    const m = n.createElement("span"), { style: R } = m;
-    return R.position = "absolute", R.top = "0", R.left = "0", R.fontFamily = u, m.textContent = nr, a.appendChild(m), m;
-  }, c = (u, m) => i(`'${u}',${m}`), y = () => L.map(i), l = () => {
-    const u = {};
-    for (const m of Ye)
-      u[m] = L.map(
-        (R) => c(m, R)
-      );
-    return u;
-  }, h = (u) => L.some(
-    (m, R) => u[R].offsetWidth !== s[m] || u[R].offsetHeight !== o[m]
-  ), g = y(), f = l();
-  r.appendChild(a);
-  for (let u = 0; u < L.length; u++)
-    s[L[u]] = g[u].offsetWidth, o[L[u]] = g[u].offsetHeight;
-  return Ye.filter((u) => h(f[u]));
-}), dt = {
-  vendor: "",
-  vendorUnmasked: "",
-  renderer: "",
-  rendererUnmasked: "",
-  version: "",
-  shadingLanguageVersion: ""
-}, ht = {
-  hardware: {
-    videocard: dt,
-    architecture: 0,
-    deviceMemory: "undefined",
-    jsHeapSizeLimit: 0
-  }
-};
-function or() {
-  const e = document.createElement("canvas"), t = e.getContext("webgl") ?? e.getContext("experimental-webgl");
-  if (t && "getParameter" in t) {
-    const n = t.getExtension("WEBGL_debug_renderer_info");
-    return {
-      vendor: (t.getParameter(t.VENDOR) || "").toString(),
-      vendorUnmasked: n ? (t.getParameter(n.UNMASKED_VENDOR_WEBGL) || "").toString() : "",
-      renderer: (t.getParameter(t.RENDERER) || "").toString(),
-      rendererUnmasked: n ? (t.getParameter(n.UNMASKED_RENDERER_WEBGL) || "").toString() : "",
-      version: (t.getParameter(t.VERSION) || "").toString(),
-      shadingLanguageVersion: (t.getParameter(t.SHADING_LANGUAGE_VERSION) || "").toString()
-    };
-  }
-  return dt;
-}
-function sr() {
-  const e = new Float32Array(1), t = new Uint8Array(e.buffer);
-  return e[0] = 1 / 0, e[0] = e[0] - e[0], t[3];
-}
-const ir = () => navigator.deviceMemory || 0, cr = () => window.performance && window.performance.memory || {
-  jsHeapSizeLimit: 0
-}, ur = async (e) => new Promise((t) => {
-  try {
-    const n = ir(), r = cr();
-    t({
-      hardware: {
-        videocard: or(),
-        architecture: sr(),
-        deviceMemory: n.toString() || "undefined",
-        jsHeapSizeLimit: r.jsHeapSizeLimit || 0
-      }
-    });
-  } catch {
-    t(ht);
-  }
-}), lr = {
-  locales: {
-    languages: "",
-    timezone: ""
-  }
-}, dr = async (e) => new Promise((t) => {
-  t({
-    locales: {
-      languages: navigator.language,
-      timezone: Intl.DateTimeFormat().resolvedOptions().timeZone
-    }
-  });
-}), pt = {
-  screen: {
-    colorDepth: 0,
-    pixelDepth: 0,
-    isTouchScreen: !1,
-    maxTouchPoints: 0,
-    mediaMatches: []
-  }
-}, hr = async (e) => new Promise((t) => {
-  try {
-    const n = window.screen, r = {
-      screen: {
-        colorDepth: n.colorDepth,
-        pixelDepth: n.pixelDepth,
-        isTouchScreen: navigator.maxTouchPoints > 0,
-        maxTouchPoints: navigator.maxTouchPoints,
-        mediaMatches: pr()
-      }
-    };
-    t(r);
-  } catch {
-    t(pt);
-  }
-});
-function pr() {
-  const e = [], t = {
-    "prefers-contrast": [
-      "high",
-      "more",
-      "low",
-      "less",
-      "forced",
-      "no-preference"
-    ],
-    "any-hover": ["hover", "none"],
-    "any-pointer": ["none", "coarse", "fine"],
-    pointer: ["none", "coarse", "fine"],
-    hover: ["hover", "none"],
-    update: ["fast", "slow"],
-    "inverted-colors": ["inverted", "none"],
-    "prefers-reduced-motion": ["reduce", "no-preference"],
-    "prefers-reduced-transparency": ["reduce", "no-preference"],
-    scripting: ["none", "initial-only", "enabled"],
-    "forced-colors": ["active", "none"],
-    "color-gamut": ["srgb", "p3", "rec2020"]
-  };
-  return Object.keys(t).forEach((n) => {
-    t[n].forEach((r) => {
-      matchMedia(`(${n}: ${r})`).matches && e.push(`${n}: ${r}`);
-    });
-  }), e;
-}
-const fr = async (e) => {
-  try {
-    return {
-      system: {
-        platform: navigator.platform,
-        cookieEnabled: navigator.cookieEnabled,
-        productSub: navigator.productSub,
-        product: navigator.product
-      }
-    };
-  } catch {
-    return ft;
-  }
-}, ft = {
-  system: {
-    platform: "",
-    cookieEnabled: !1,
-    productSub: "",
-    product: ""
-  }
-}, yr = async (e) => {
-  try {
-    return Promise.all([
-      qn(e),
-      zn(),
-      Qn(e),
-      ar(),
-      ur(e),
-      dr(),
-      hr(e),
-      fr(e)
-    ]);
-  } catch {
-    return [
-      Bn,
-      ut,
-      lt,
-      tr,
-      ht,
-      lr,
-      pt,
-      ft
-    ];
-  }
-}, gr = async (e) => {
-  try {
-    const t = await yr(e);
-    return await ct(JSON.stringify(t));
-  } catch {
-    return "";
-  }
-}, se = {
+}, X = "@@auth@@", J = "LOADING", te = "LOGIN", et = "LOGOUT", M = "success", I = "failure", tt = "include", rt = "POST", nt = "application/json", Z = {
   GET_REGISTRATION_OPTIONS: `mutation GetPasskeyRegistrationOptions(
 	$clientId: String!,
 	$username: String!,
@@ -1594,14 +1241,14 @@ const fr = async (e) => {
 		$authentication: AuthenticationOptionsInput!,
 		$nonce: String!,
 		$domain: String,
-		$fingerprint: String) {
+		$sessionExpiration: String) {
 		verifyPasskeyAuthentication(
 			clientId: $clientId,
 			id: $id,
 			authentication: $authentication,
 			nonce: $nonce,
 			domain: $domain,
-			fingerprint: $fingerprint) {
+			sessionExpiration: $sessionExpiration) {
 				status,
 				idToken,
 				accessToken,
@@ -1610,40 +1257,39 @@ const fr = async (e) => {
 				username,
 		}
 	}`
-}, W = {
+}, K = {
   GET_REGISTRATION_OPTIONS: {
-    schema: se.GET_REGISTRATION_OPTIONS,
+    schema: Z.GET_REGISTRATION_OPTIONS,
     method: "getPasskeyRegistrationOptions"
   },
   VERIFY_REGISTRATION: {
-    schema: se.VERIFY_REGISTRATION,
+    schema: Z.VERIFY_REGISTRATION,
     method: "verifyPasskeyRegistration"
   },
   GET_AUTHENTICATION_OPTIONS: {
-    schema: se.GET_AUTHENTICATION_OPTIONS,
+    schema: Z.GET_AUTHENTICATION_OPTIONS,
     method: "getPasskeyAuthenticationOptions"
   },
   VERIFY_AUTHENTICATION: {
-    schema: se.VERIFY_AUTHENTICATION,
+    schema: Z.VERIFY_AUTHENTICATION,
     method: "verifyPasskeyAuthentication"
   }
-}, x = async ({
+}, L = async ({
   accessToken: e,
   type: t,
-  clientId: n,
-  params: r = {}
+  clientId: r,
+  params: n = {}
 }) => {
   try {
-    const a = t?.data ? t.data(r) : r, s = `Bearer ${e}`, o = await fetch(
-      yt ? `${de.dev}/graphql` : `${de.prod}/graphql`,
+    const a = n, o = `Bearer ${e}`, s = await fetch(
+      at ? `${se.dev}/graphql` : `${se.prod}/graphql`,
       {
-        method: "POST",
-        credentials: "include",
+        credentials: tt,
+        method: rt,
         headers: {
-          authorization: s,
-          "Content-Type": "application/json",
-          Accept: "application/json",
-          [ze.CLIENT_ID]: `${n}`
+          authorization: o,
+          "Content-Type": nt,
+          [Ge.CLIENT_ID]: `${r}`
         },
         body: JSON.stringify({
           query: t.schema,
@@ -1651,118 +1297,109 @@ const fr = async (e) => {
         })
       }
     );
-    if (o.status !== 200)
-      return { status: C, data: [] };
-    const { data: i } = await o.json();
+    if (s.status !== 200)
+      return { status: I, data: [] };
+    const { data: i } = await s.json();
     return {
-      status: fe,
+      status: M,
       data: i[t.method]
     };
   } catch (a) {
-    return console.error(a), { status: C, data: [] };
+    return console.error(a), { status: I, data: [] };
   }
-}, ye = async ({
+}, ue = async ({
   type: e,
   clientId: t,
-  params: n = {}
+  params: r = {}
 }) => {
   try {
-    const r = await fetch(
-      yt ? `${de.dev}/${e}` : `${de.prod}/${e}`,
+    const n = await fetch(
+      at ? `${se.dev}/${e}` : `${se.prod}/${e}`,
       {
-        credentials: "include",
-        method: "POST",
+        credentials: tt,
+        method: rt,
         headers: {
-          "Content-Type": "application/json",
-          [ze.CLIENT_ID]: `${t}`
+          "Content-Type": nt,
+          [Ge.CLIENT_ID]: `${t}`
         },
-        body: JSON.stringify(n)
+        body: JSON.stringify(r)
       }
     );
-    if (r.status !== 200)
-      return { status: C, data: [] };
-    const { data: a } = await r.json();
+    if (n.status !== 200)
+      return { status: I, data: [] };
+    const { data: a } = await n.json();
     return {
-      status: fe,
+      status: M,
       data: a || []
     };
-  } catch (r) {
-    return console.error(r), { status: C, data: [] };
+  } catch (n) {
+    return console.error(n), { status: I, data: [] };
   }
-}, mr = process.env.NODE_ENV === "production", yt = !mr, gt = {
+}, Ur = process.env.NODE_ENV === "production", at = !Ur, st = {
   isLoading: !0,
   isAuthenticated: !1,
-  authenticationType: null,
   user: void 0,
   logoutReason: "",
   debug: !1
-}, wr = (e) => {
+}, Kr = (e) => {
   try {
-    const t = Cn(e);
-    return t ? t[T.USER_ID_KEY] : "";
+    const t = gr(e);
+    return t ? t[S.USER_ID_KEY] : "";
   } catch {
     return "";
   }
-}, Er = async ({
+}, Lr = async ({
   userId: e,
-  idToken: t,
-  accessToken: n,
-  refreshToken: r,
-  clientId: a,
-  domain: s
+  clientId: t,
+  domain: r
 }) => {
   try {
     return {
-      status: (await ye({
-        type: he.LOGOUT,
-        clientId: a,
+      status: (await ue({
+        type: ie.LOGOUT,
+        clientId: t,
         params: {
           userId: e,
-          idToken: t,
-          accessToken: n,
-          refreshToken: r,
-          domain: s
+          domain: r
         }
-      }))?.status || C
+      }))?.status || I
     };
   } catch {
     return {
-      status: C
+      status: I
     };
   }
-}, Ve = async ({
+}, $r = async ({
   username: e,
   password: t,
-  clientId: n,
-  nonce: r,
+  clientId: r,
+  nonce: n,
   type: a,
-  sessionExpiration: s,
-  code: o,
+  sessionExpiration: o,
+  code: s,
   code_verifier: i,
-  domain: c,
-  fingerprint: y
+  domain: c
 }) => {
   try {
-    const l = await ye({
-      type: he.AUTHENTICATE,
-      clientId: n,
+    const u = await ue({
+      type: ie.LOGIN,
+      clientId: r,
       params: {
-        type: a || G.ID_AND_ACCESS_TOKEN,
+        type: a || oe.ID_AND_ACCESS_TOKEN,
         username: e,
         password: t,
-        sessionExpiration: s,
-        nonce: r,
-        code: o,
+        sessionExpiration: o,
+        nonce: n,
+        code: s,
         code_verifier: i,
-        domain: c,
-        fingerprint: y
+        domain: c
       }
-    }), h = await J(l?.data?.idToken);
-    return h && h.payload[T.USER_ID_KEY] !== "" && h.payload[T.NONCE_KEY] === r ? {
-      idToken: l.data.idToken,
-      accessToken: l.data.accessToken,
-      refreshToken: l.data.refreshToken,
-      userId: h.payload[T.USER_ID_KEY],
+    }), p = await H(u?.data?.idToken);
+    return p && p.payload[S.USER_ID_KEY] !== "" && p.payload[S.NONCE_KEY] === n ? {
+      idToken: u.data.idToken,
+      accessToken: u.data.accessToken,
+      refreshToken: u.data.refreshToken,
+      userId: p.payload[S.USER_ID_KEY],
       status: !0
     } : {
       status: !1
@@ -1772,60 +1409,59 @@ const fr = async (e) => {
       status: !1
     };
   }
-}, Sr = async ({
+}, Hr = async ({
   nonce: e,
   clientId: t,
-  code_challenge: n
+  code_challenge: r
 }) => {
   try {
-    const r = await ye({
-      type: he.CODE,
+    const n = await ue({
+      type: ie.CODE,
       clientId: t,
       params: {
-        type: G.CODE,
+        type: oe.CODE,
         nonce: e,
-        code_challenge: n
+        code_challenge: r
       }
     });
-    return r?.data?.code ? {
-      status: fe,
-      data: r.data.code
+    return n?.data?.code ? {
+      status: M,
+      data: n.data.code
     } : {
-      status: C,
+      status: I,
       data: ""
     };
   } catch {
     return {
-      status: C,
+      status: I,
       data: ""
     };
   }
-}, Ar = async ({
+}, Wr = async ({
   clientId: e,
   userId: t,
-  nonce: n,
-  refreshToken: r,
+  nonce: r,
+  refreshToken: n,
   accessToken: a,
-  domain: s
+  domain: o
 }) => {
   try {
-    const o = await ye({
-      type: he.AUTHENTICATE,
+    const s = await ue({
+      type: ie.REFRESH,
       clientId: e,
       params: {
-        type: G.REFRESH_TOKEN,
+        type: oe.REFRESH_TOKEN,
         userId: t,
-        nonce: n,
-        refreshToken: r,
+        nonce: r,
+        refreshToken: n,
         accessToken: a,
-        domain: s,
-        fingerprint: await mt()
+        domain: o
       }
-    }), i = await J(o?.data?.accessToken);
-    return i && i.payload[T.USER_ID_KEY] !== "" && i.payload[T.NONCE_KEY] === n ? {
-      accessToken: o.data.accessToken,
-      refreshToken: o.data.refreshToken,
-      userId: i.payload[T.USER_ID_KEY],
+    }), i = await H(s?.data?.accessToken);
+    return i && i.payload[S.USER_ID_KEY] !== "" && i.payload[S.NONCE_KEY] === r ? {
+      accessToken: s.data.accessToken,
+      refreshToken: s.data.refreshToken,
+      userId: i.payload[S.USER_ID_KEY],
       status: !0
     } : {
       status: !1
@@ -1835,30 +1471,24 @@ const fr = async (e) => {
       status: !1
     };
   }
-}, mt = async () => {
-  try {
-    return await gr();
-  } catch {
-    return "";
-  }
 };
-class Tr {
-  constructor(t = null, n = null) {
-    X(this, "refreshTokenPromise", null);
-    X(this, "accessToken");
-    X(this, "refreshToken");
-    this.accessToken = t || "", this.refreshToken = n || "";
+class xr {
+  constructor(t = null, r = null) {
+    j(this, "refreshTokenPromise", null);
+    j(this, "accessToken");
+    j(this, "refreshToken");
+    this.accessToken = t || "", this.refreshToken = r || "";
   }
   async refreshtoken({
     clientId: t,
-    userId: n,
-    nonce: r,
+    userId: r,
+    nonce: n,
     domain: a
   }) {
     this.refreshTokenPromise || (this.refreshTokenPromise = this._refreshToken({
       clientId: t,
-      userId: n,
-      nonce: r,
+      userId: r,
+      nonce: n,
       domain: a
     }));
     try {
@@ -1869,284 +1499,243 @@ class Tr {
   }
   async _refreshToken({
     clientId: t,
-    userId: n,
-    nonce: r,
+    userId: r,
+    nonce: n,
     domain: a
   }) {
-    const s = await J(this.refreshToken);
-    if (s && s.payload[T.USER_ID_KEY] !== "") {
-      const o = await Ar({
+    const o = await H(this.refreshToken);
+    if (o && o.payload[S.USER_ID_KEY] !== "") {
+      const s = await Wr({
         clientId: t,
-        userId: n,
-        nonce: r,
+        userId: r,
+        nonce: n,
         refreshToken: this.refreshToken,
         accessToken: this.accessToken,
         domain: a
       });
-      return o.status ? (this.accessToken = o.accessToken, this.refreshToken = o.refreshToken, {
-        status: fe,
-        newAccessToken: o.accessToken,
-        newRefreshToken: o.refreshToken
+      return s.status ? (this.accessToken = s.accessToken, this.refreshToken = s.refreshToken, {
+        status: M,
+        newAccessToken: s.accessToken,
+        newRefreshToken: s.refreshToken
       }) : {
-        status: C
+        status: I
       };
     } else
       return {
-        status: C
+        status: I
       };
   }
 }
-const Rr = (e) => U(
+const Jr = (e) => N(
   (...t) => {
     e && console.info(`==> [Auth ${Date.now()}]: `, ...t);
   },
   [e]
-), M = () => {
-  throw new Error(Vn);
-}, wt = Dt({
+), $ = () => {
+  throw new Error(Dr);
+}, ot = At({
   isAuthenticated: !1,
   isLoading: !1,
-  authenticationType: null,
-  login: M,
-  logout: M,
-  getAccessToken: M,
-  getIdToken: M,
-  registeringForPasskey: M,
-  loginWithPasskey: M,
+  login: $,
+  logout: $,
+  getAccessToken: $,
+  getIdToken: $,
+  registeringForPasskey: $,
+  loginWithPasskey: $,
   logoutReason: ""
-}), br = Ot.createContext({
-  state: gt,
+}), Yr = wt.createContext({
+  state: st,
   dispatch: () => {
   }
-}), Ir = (e, t) => t?.type === j ? {
+}), Gr = (e, t) => t?.type === J ? {
   ...e,
   isLoading: t.payload.isLoading
-} : t?.type === F ? {
+} : t?.type === te ? {
   ...e,
   isLoading: !1,
   isAuthenticated: !0,
   user: t.payload.user,
-  authenticationType: t.payload.authenticationType,
   logoutReason: ""
-} : t?.type === it ? {
+} : t?.type === et ? {
   ...e,
   isLoading: !1,
   isAuthenticated: !1,
   user: void 0,
-  authenticationType: null,
   logoutReason: t.payload.logoutReason
-} : e, $r = ({
+} : e, qr = ({
   children: e,
   sessionExpiration: t,
-  clientId: n,
-  domain: r = "",
+  clientId: r,
+  domain: n = "",
   debug: a = !1
 }) => {
-  const [s, o] = Ut(Ir, {
-    ...gt,
+  const [o, s] = Tt(Gr, {
+    ...st,
     debug: a
-  }), i = Rr(a), c = Oe(!1), y = Oe(""), [l, h, , g] = ne({
-    key: `${oe}::${n}::@@user@@`
-  }), [f, u, , m] = ne({
-    key: `${oe}::${n}::@@access@@`
-  }), [R, z, , _e] = ne(
+  }), i = Jr(a), c = Rt(!1), [u, p, , f] = z({
+    key: `${X}::${r}::@@user@@`
+  }), [l, A, , T] = z({
+    key: `${X}::${r}::@@access@@`
+  }), [le, de, , Te] = z(
     {
-      key: `${oe}::${n}::@@refresh@@`
+      key: `${X}::${r}::@@refresh@@`
     }
-  ), [Et, ve, , Ce] = ne({
-    key: `${oe}::${n}::@@nonce@@`
-  }), St = new Tr(f, R), Q = U(() => {
-    i("removeLocalStorage: removing local storage"), g(), m(), _e(), Ce();
+  ), [it, Re, , _e] = z({
+    key: `${X}::${r}::@@nonce@@`
+  }), ct = new xr(l, le), V = N(() => {
+    i("removeLocalStorage: removing local storage"), f(), T(), Te(), _e();
   }, [
-    m,
-    g,
-    Ce,
+    T,
+    f,
     _e,
+    Te,
     i
-  ]), K = U(
+  ]), W = N(
     (d) => {
       i(
         "removeStateAndLocalStorage: removing state and local storage with reason: ",
         d
-      ), o({
-        type: it,
+      ), s({
+        type: et,
         payload: {
-          logoutReason: d || H
+          logoutReason: d || U
         }
-      }), Q(), o({ type: j, payload: { isLoading: !1 } });
+      }), V(), s({ type: J, payload: { isLoading: !1 } });
     },
-    [Q, i]
-  ), D = U(
+    [V, i]
+  ), P = N(
     async (d) => {
       i("invalidateAndLogout: invalidating and logging out");
-      const { user: w } = s, p = w?.userId || wr(l);
-      p || i(
+      const { user: y } = o, h = y?.userId || Kr(u);
+      h || i(
         "invalidateAndLogout: user cannot be identified, logging out without userId"
-      ), await Er({
-        userId: p,
-        idToken: l,
-        accessToken: f,
-        refreshToken: R,
-        clientId: n,
-        domain: r
-      }), K(d || H);
+      ), await Lr({
+        userId: h,
+        clientId: r,
+        domain: n
+      }), W(d || U);
     },
-    [
-      f,
-      s,
-      n,
-      r,
-      l,
-      R,
-      K,
-      i
-    ]
+    [u, o, r, n, W, i]
   );
-  Re(() => ((async () => y.current = await mt())(), () => {
-    y.current = "";
-  }), []), Re(() => {
+  He(() => {
     if (!c.current)
-      return s.isLoading && l !== null ? (async () => {
+      return o.isLoading && u !== null ? (async () => {
         try {
-          const d = await J(l);
-          d && d.payload[T.USER_ID_KEY] !== "" ? (i("useEffect: setting the authentication state"), o({
-            type: F,
+          const d = await H(u);
+          d && d.payload[S.USER_ID_KEY] !== "" ? (i("useEffect: setting the authentication state"), s({
+            type: te,
             payload: {
-              authenticationType: d.payload[T.AUTH_TYPE_KEY],
               user: {
-                userId: d.payload[T.USER_ID_KEY],
-                username: d.payload[T.USERNAME_KEY]
+                userId: d.payload[S.USER_ID_KEY],
+                username: d.payload[S.USERNAME_KEY]
               }
             }
-          })) : (i("useEffect: invalid JWT, invalidating and logging out"), await D(H));
+          })) : (i("useEffect: invalid JWT, invalidating and logging out"), await P(U));
         } catch {
           i(
             "useEffect: exception validating JWT, invalidating and logging out"
-          ), await D(H);
+          ), await P(U);
         }
-      })() : (i("useEffect: setting the loading state to false"), o({ type: j, payload: { isLoading: !1 } })), () => {
+      })() : (i("useEffect: setting the loading state to false"), s({ type: J, payload: { isLoading: !1 } })), () => {
         c.current = !0;
       };
-  }, [s.isLoading, l, D, i]);
-  const At = async (d, w, p = G.CODE) => {
-    o({ type: j, payload: { isLoading: !0 } }), Q();
-    const I = Te();
-    if (ve(I), i("login: Logging in with type: ", p), p === G.CODE) {
-      const { code_verifier: vt, code_challenge: Ct } = await Kn(), Pe = await Sr({
-        nonce: I,
-        clientId: n,
-        code_challenge: Ct
+  }, [o.isLoading, u, P, i]);
+  const ut = async (d, y) => {
+    s({ type: J, payload: { isLoading: !0 } }), V();
+    const h = me();
+    Re(h), i("login: Logging in with password");
+    const C = oe.CODE, { code_verifier: yt, code_challenge: gt } = await _r(), Ie = await Hr({
+      nonce: h,
+      clientId: r,
+      code_challenge: gt
+    });
+    if (Ie.status) {
+      const x = await $r({
+        username: d,
+        password: y,
+        clientId: r,
+        sessionExpiration: t,
+        nonce: h,
+        type: C,
+        code: Ie.data,
+        code_verifier: yt,
+        domain: n
       });
-      if (Pe.status) {
-        const V = await Ve({
-          username: d,
-          password: w,
-          clientId: n,
-          sessionExpiration: t,
-          nonce: I,
-          type: p,
-          code: Pe.data,
-          code_verifier: vt,
-          domain: r,
-          fingerprint: y.current
-        });
-        return V.status ? (h(V.idToken), u(V.accessToken), z(V.refreshToken), o({
-          type: F,
-          payload: {
-            authenticationType: p,
-            user: {
-              userId: V.userId,
-              username: d
-            }
+      return x.status ? (p(x.idToken), A(x.accessToken), de(x.refreshToken), s({
+        type: te,
+        payload: {
+          user: {
+            userId: x.userId,
+            username: d
           }
-        }), !0) : (K(ae), !1);
-      }
-      return !1;
-    }
-    const Y = await Ve({
-      username: d,
-      password: w,
-      clientId: n,
-      sessionExpiration: t,
-      nonce: I,
-      type: p,
-      domain: r,
-      fingerprint: y.current
-    });
-    return Y.status ? (h(Y.idToken), u(Y.accessToken), z(Y.refreshToken), o({
-      type: F,
-      payload: {
-        authenticationType: p,
-        user: {
-          userId: Y.userId,
-          username: d
         }
-      }
-    }), !0) : (K(ae), !1);
-  }, Tt = async (d) => {
-    d?.preventDefault(), await D(Jn);
-  }, Rt = async () => {
-    const { isAuthenticated: d, user: w } = s;
+      }), !0) : (W(we), !1);
+    }
+    return !1;
+  }, lt = async (d) => {
+    d?.preventDefault(), await P(Cr);
+  }, dt = async () => {
+    const { isAuthenticated: d, user: y } = o;
     try {
-      if (d && w && w.userId) {
-        if (f) {
+      if (d && y && y.userId) {
+        if (l) {
           i("getAccessToken");
-          const I = await J(f);
-          if (I && I.payload[T.USER_ID_KEY] !== "")
-            return f;
+          const C = await H(l);
+          if (C && C.payload[S.USER_ID_KEY] !== "")
+            return l;
         }
         i("getAccessToken: invalid access token, trying to refresh it");
-        const p = await St.refreshtoken({
-          clientId: n,
-          userId: w.userId,
-          nonce: Et,
-          domain: r
+        const h = await ct.refreshtoken({
+          clientId: r,
+          userId: y.userId,
+          nonce: it,
+          domain: n
         });
-        return p.status && p.status === "success" && p.newAccessToken ? (u(p.newAccessToken), z(p.newRefreshToken), p.newAccessToken) : (i(
+        return h.status && h.status === "success" && h.newAccessToken ? (A(h.newAccessToken), de(h.newRefreshToken), h.newAccessToken) : (i(
           "getAccessToken: invalid refresh token, need to re-authenticate"
-        ), await D(H), "");
+        ), await P(U), "");
       }
       return i(
         "getAccessToken: user is not authenticated, cannot get access token"
-      ), await D(H), "";
+      ), await P(U), "";
     } catch {
       return i(
         "getAccessToken: exception occurred, invalidating and logging out"
-      ), await D(Yn), "";
+      ), await P(Nr), "";
     }
-  }, bt = () => s.isAuthenticated && l ? l : "", It = async () => {
-    const { user: d } = s;
-    let w = await x({
-      accessToken: f,
-      clientId: n,
-      type: W.GET_REGISTRATION_OPTIONS,
+  }, ht = () => o.isAuthenticated && u ? u : "", pt = async () => {
+    const { user: d } = o;
+    let y = await L({
+      accessToken: l,
+      clientId: r,
+      type: K.GET_REGISTRATION_OPTIONS,
       params: {
-        clientId: n,
+        clientId: r,
         id: d?.userId,
         username: d?.username
       }
     });
-    if (w.status)
+    if (y.status)
       try {
-        const p = await Wt(w.data);
-        return w = await x({
-          accessToken: f,
-          clientId: n,
-          type: W.VERIFY_REGISTRATION,
+        const h = await vt(y.data);
+        return y = await L({
+          accessToken: l,
+          clientId: r,
+          type: K.VERIFY_REGISTRATION,
           params: {
-            clientId: n,
+            clientId: r,
             id: d?.userId,
             username: d?.username,
-            registration: p
+            registration: h
           }
-        }), !!(w.status && w.data.length > 0);
+        }), !!(y.status && y.data.length > 0);
       } catch {
-        return await x({
-          accessToken: f,
-          clientId: n,
-          type: W.VERIFY_REGISTRATION,
+        return await L({
+          accessToken: l,
+          clientId: r,
+          type: K.VERIFY_REGISTRATION,
           params: {
-            clientId: n,
+            clientId: r,
             id: d?.userId,
             username: d?.username,
             registration: {}
@@ -2154,79 +1743,80 @@ const Rr = (e) => U(
         }), !1;
       }
     return !1;
-  }, _t = async () => {
-    const d = Te();
-    ve(d), o({ type: j, payload: { isLoading: !0 } }), Q(), i("loginWithPasskey");
-    const w = Te();
-    let p = await x({
-      accessToken: f,
-      clientId: n,
-      type: W.GET_AUTHENTICATION_OPTIONS,
+  }, ft = async () => {
+    s({ type: J, payload: { isLoading: !0 } }), V();
+    const d = me();
+    Re(d), i("loginWithPasskey");
+    const y = me();
+    let h = await L({
+      accessToken: l,
+      clientId: r,
+      type: K.GET_AUTHENTICATION_OPTIONS,
       params: {
-        id: w,
-        clientId: n
+        id: y,
+        clientId: r
       }
     });
-    if (p.status)
+    if (h.status)
       try {
-        const I = await Gt(p.data);
-        return p = await x({
-          accessToken: f,
-          clientId: n,
-          type: W.VERIFY_AUTHENTICATION,
+        const C = await Ct(h.data);
+        return h = await L({
+          accessToken: l,
+          clientId: r,
+          type: K.VERIFY_AUTHENTICATION,
           params: {
-            clientId: n,
-            id: w,
-            authentication: I,
+            clientId: r,
+            id: y,
+            authentication: C,
             nonce: d,
-            domain: r,
-            fingerprint: y.current
+            domain: n,
+            sessionExpiration: t
           }
-        }), p.data.status === "success" ? (h(p.data.idToken), u(p.data.accessToken), z(p.data.refreshToken), o({
-          type: F,
+        }), h.data.status === M ? (p(h.data.idToken), A(h.data.accessToken), de(h.data.refreshToken), s({
+          type: te,
           payload: {
-            authenticationType: G.PASSKEY,
             user: {
-              userId: p.data.userId,
-              username: p.data.username
+              userId: h.data.userId,
+              username: h.data.username
             }
           }
-        }), !0) : (K(ae), !1);
+        }), !0) : (W(we), !1);
       } catch {
-        return await x({
-          accessToken: f,
-          clientId: n,
-          type: W.VERIFY_AUTHENTICATION,
+        return await L({
+          accessToken: l,
+          clientId: r,
+          type: K.VERIFY_AUTHENTICATION,
           params: {
-            clientId: n,
-            id: w,
+            clientId: r,
+            id: y,
             authentication: {},
             nonce: d,
-            domain: r
+            domain: n,
+            sessionExpiration: t
           }
-        }), K(ae), !1;
+        }), W(we), !1;
       }
     return !1;
   };
-  return /* @__PURE__ */ ke(br.Provider, { value: { state: s, dispatch: o }, children: /* @__PURE__ */ ke(
-    wt.Provider,
+  return /* @__PURE__ */ be(Yr.Provider, { value: { state: o, dispatch: s }, children: /* @__PURE__ */ be(
+    ot.Provider,
     {
       value: {
-        ...s,
-        login: At,
-        logout: Tt,
-        getAccessToken: Rt,
-        getIdToken: bt,
-        registeringForPasskey: It,
-        loginWithPasskey: _t
+        ...o,
+        login: ut,
+        logout: lt,
+        getAccessToken: dt,
+        getIdToken: ht,
+        registeringForPasskey: pt,
+        loginWithPasskey: ft
       },
       children: e
     }
   ) });
-}, Kr = (e = wt) => $t(e);
+}, zr = (e = ot) => _t(e);
 export {
-  G as AUTH_TYPES,
-  $r as AuthProvider,
-  Ur as isGranted,
-  Kr as useAuth
+  oe as AUTH_TYPES,
+  qr as AuthProvider,
+  Br as isGranted,
+  zr as useAuth
 };