npm - @versini/auth-provider - Versions diffs - 6.4.4 → 7.1.0 - Mend

@versini/auth-provider 6.4.4 → 7.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/dist/index.js CHANGED Viewed

@@ -1,123 +1,123 @@
-var Nt = Object.defineProperty;
-var Dt = (e, t, n) => t in e ? Nt(e, t, { enumerable: !0, configurable: !0, writable: !0, value: n }) : e[t] = n;
-var X = (e, t, n) => Dt(e, typeof t != "symbol" ? t + "" : t, n);
-import { jsx as ke } from "react/jsx-runtime";
-import Ut, { useSyncExternalStore as $t, useCallback as U, useEffect as Re, createContext as Kt, useReducer as Ht, useRef as Oe, useContext as Lt } from "react";
+var Et = Object.defineProperty;
+var mt = (e, t, r) => t in e ? Et(e, t, { enumerable: !0, configurable: !0, writable: !0, value: r }) : e[t] = r;
+var j = (e, t, r) => mt(e, typeof t != "symbol" ? t + "" : t, r);
+import { jsx as be } from "react/jsx-runtime";
+import wt, { useSyncExternalStore as St, useCallback as N, useEffect as He, createContext as At, useReducer as Tt, useRef as Rt, useContext as _t } from "react";
 /*!
-  @versini/auth-provider v6.4.4
+  @versini/auth-provider v7.1.0
   © 2024 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_CLIENT__ || (window.__VERSINI_AUTH_CLIENT__ = {
-    version: "6.4.4",
-    buildTime: "07/31/2024 08:11 PM EDT",
+    version: "7.1.0",
+    buildTime: "08/25/2024 01:31 PM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
 } catch {
 }
-function v(e) {
+function _(e) {
   const t = new Uint8Array(e);
-  let n = "";
+  let r = "";
   for (const a of t)
-    n += String.fromCharCode(a);
-  return btoa(n).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
+    r += String.fromCharCode(a);
+  return btoa(r).replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, "");
 }
-function ce(e) {
-  const t = e.replace(/-/g, "+").replace(/_/g, "/"), n = (4 - t.length % 4) % 4, r = t.padEnd(t.length + n, "="), a = atob(r), s = new ArrayBuffer(a.length), o = new Uint8Array(s);
+function re(e) {
+  const t = e.replace(/-/g, "+").replace(/_/g, "/"), r = (4 - t.length % 4) % 4, n = t.padEnd(t.length + r, "="), a = atob(n), o = new ArrayBuffer(a.length), s = new Uint8Array(o);
   for (let i = 0; i < a.length; i++)
-    o[i] = a.charCodeAt(i);
-  return s;
+    s[i] = a.charCodeAt(i);
+  return o;
 }
-function be() {
+function Se() {
   return window?.PublicKeyCredential !== void 0 && typeof window.PublicKeyCredential == "function";
 }
-function je(e) {
+function We(e) {
   const { id: t } = e;
   return {
     ...e,
-    id: ce(t),
+    id: re(t),
     transports: e.transports
   };
 }
-function Fe(e) {
+function xe(e) {
   return e === "localhost" || /^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(e);
 }
-class b extends Error {
-  constructor({ message: t, code: n, cause: r, name: a }) {
-    super(t, { cause: r }), this.name = a ?? r.name, this.code = n;
+class w extends Error {
+  constructor({ message: t, code: r, cause: n, name: a }) {
+    super(t, { cause: n }), this.name = a ?? n.name, this.code = r;
   }
 }
-function Wt({ error: e, options: t }) {
-  const { publicKey: n } = t;
-  if (!n)
+function It({ error: e, options: t }) {
+  const { publicKey: r } = t;
+  if (!r)
     throw Error("options was missing required publicKey property");
   if (e.name === "AbortError") {
     if (t.signal instanceof AbortSignal)
-      return new b({
+      return new w({
         message: "Registration ceremony was sent an abort signal",
         code: "ERROR_CEREMONY_ABORTED",
         cause: e
       });
   } else if (e.name === "ConstraintError") {
-    if (n.authenticatorSelection?.requireResidentKey === !0)
-      return new b({
+    if (r.authenticatorSelection?.requireResidentKey === !0)
+      return new w({
         message: "Discoverable credentials were required but no available authenticator supported it",
         code: "ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",
         cause: e
       });
-    if (n.authenticatorSelection?.userVerification === "required")
-      return new b({
+    if (r.authenticatorSelection?.userVerification === "required")
+      return new w({
         message: "User verification was required but no available authenticator supported it",
         code: "ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",
         cause: e
       });
   } else {
     if (e.name === "InvalidStateError")
-      return new b({
+      return new w({
         message: "The authenticator was previously registered",
         code: "ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",
         cause: e
       });
     if (e.name === "NotAllowedError")
-      return new b({
+      return new w({
         message: e.message,
         code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",
         cause: e
       });
     if (e.name === "NotSupportedError")
-      return n.pubKeyCredParams.filter((a) => a.type === "public-key").length === 0 ? new b({
+      return r.pubKeyCredParams.filter((a) => a.type === "public-key").length === 0 ? new w({
         message: 'No entry in pubKeyCredParams was of type "public-key"',
         code: "ERROR_MALFORMED_PUBKEYCREDPARAMS",
         cause: e
-      }) : new b({
+      }) : new w({
         message: "No available authenticator supported any of the specified pubKeyCredParams algorithms",
         code: "ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",
         cause: e
       });
     if (e.name === "SecurityError") {
-      const r = window.location.hostname;
-      if (Fe(r)) {
-        if (n.rp.id !== r)
-          return new b({
-            message: `The RP ID "${n.rp.id}" is invalid for this domain`,
+      const n = window.location.hostname;
+      if (xe(n)) {
+        if (r.rp.id !== n)
+          return new w({
+            message: `The RP ID "${r.rp.id}" is invalid for this domain`,
             code: "ERROR_INVALID_RP_ID",
             cause: e
           });
-      } else return new b({
+      } else return new w({
         message: `${window.location.hostname} is an invalid domain`,
         code: "ERROR_INVALID_DOMAIN",
         cause: e
       });
     } else if (e.name === "TypeError") {
-      if (n.user.id.byteLength < 1 || n.user.id.byteLength > 64)
-        return new b({
+      if (r.user.id.byteLength < 1 || r.user.id.byteLength > 64)
+        return new w({
           message: "User ID was not between 1 and 64 characters",
           code: "ERROR_INVALID_USER_ID_LENGTH",
           cause: e
         });
     } else if (e.name === "UnknownError")
-      return new b({
+      return new w({
         message: "The authenticator was unable to process the specified options, or could not create a new credential",
         code: "ERROR_AUTHENTICATOR_GENERAL_ERROR",
         cause: e
@@ -125,11 +125,11 @@ function Wt({ error: e, options: t }) {
   }
   return e;
 }
-class xt {
+class bt {
   createNewAbortSignal() {
     if (this.controller) {
-      const n = new Error("Cancelling existing WebAuthn API call for new one");
-      n.name = "AbortError", this.controller.abort(n);
+      const r = new Error("Cancelling existing WebAuthn API call for new one");
+      r.name = "AbortError", this.controller.abort(r);
     }
     const t = new AbortController();
     return this.controller = t, t.signal;
@@ -141,117 +141,117 @@ class xt {
     }
   }
 }
-const Be = new xt(), Mt = ["cross-platform", "platform"];
-function qe(e) {
-  if (e && !(Mt.indexOf(e) < 0))
+const Je = new bt(), vt = ["cross-platform", "platform"];
+function Ye(e) {
+  if (e && !(vt.indexOf(e) < 0))
     return e;
 }
-async function Gt(e) {
-  if (!be())
+async function Ot(e) {
+  if (!Se())
     throw new Error("WebAuthn is not supported in this browser");
-  const n = { publicKey: {
+  const r = { publicKey: {
     ...e,
-    challenge: ce(e.challenge),
+    challenge: re(e.challenge),
     user: {
       ...e.user,
-      id: ce(e.user.id)
+      id: re(e.user.id)
     },
-    excludeCredentials: e.excludeCredentials?.map(je)
+    excludeCredentials: e.excludeCredentials?.map(We)
   } };
-  n.signal = Be.createNewAbortSignal();
-  let r;
+  r.signal = Je.createNewAbortSignal();
+  let n;
   try {
-    r = await navigator.credentials.create(n);
-  } catch (g) {
-    throw Wt({ error: g, options: n });
+    n = await navigator.credentials.create(r);
+  } catch (u) {
+    throw It({ error: u, options: r });
   }
-  if (!r)
+  if (!n)
     throw new Error("Registration was not completed");
-  const { id: a, rawId: s, response: o, type: i } = r;
+  const { id: a, rawId: o, response: s, type: i } = n;
   let c;
-  typeof o.getTransports == "function" && (c = o.getTransports());
-  let y;
-  if (typeof o.getPublicKeyAlgorithm == "function")
+  typeof s.getTransports == "function" && (c = s.getTransports());
+  let h;
+  if (typeof s.getPublicKeyAlgorithm == "function")
     try {
-      y = o.getPublicKeyAlgorithm();
-    } catch (g) {
-      ge("getPublicKeyAlgorithm()", g);
+      h = s.getPublicKeyAlgorithm();
+    } catch (u) {
+      he("getPublicKeyAlgorithm()", u);
     }
-  let l;
-  if (typeof o.getPublicKey == "function")
+  let f;
+  if (typeof s.getPublicKey == "function")
     try {
-      const g = o.getPublicKey();
-      g !== null && (l = v(g));
-    } catch (g) {
-      ge("getPublicKey()", g);
+      const u = s.getPublicKey();
+      u !== null && (f = _(u));
+    } catch (u) {
+      he("getPublicKey()", u);
     }
-  let h;
-  if (typeof o.getAuthenticatorData == "function")
+  let p;
+  if (typeof s.getAuthenticatorData == "function")
     try {
-      h = v(o.getAuthenticatorData());
-    } catch (g) {
-      ge("getAuthenticatorData()", g);
+      p = _(s.getAuthenticatorData());
+    } catch (u) {
+      he("getAuthenticatorData()", u);
     }
   return {
     id: a,
-    rawId: v(s),
+    rawId: _(o),
     response: {
-      attestationObject: v(o.attestationObject),
-      clientDataJSON: v(o.clientDataJSON),
+      attestationObject: _(s.attestationObject),
+      clientDataJSON: _(s.clientDataJSON),
       transports: c,
-      publicKeyAlgorithm: y,
-      publicKey: l,
-      authenticatorData: h
+      publicKeyAlgorithm: h,
+      publicKey: f,
+      authenticatorData: p
     },
     type: i,
-    clientExtensionResults: r.getClientExtensionResults(),
-    authenticatorAttachment: qe(r.authenticatorAttachment)
+    clientExtensionResults: n.getClientExtensionResults(),
+    authenticatorAttachment: Ye(n.authenticatorAttachment)
   };
 }
-function ge(e, t) {
+function he(e, t) {
   console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${e}. You should report this error to them.
 `, t);
 }
-function Jt() {
-  if (!be())
+function kt() {
+  if (!Se())
     return new Promise((t) => t(!1));
   const e = window.PublicKeyCredential;
   return e.isConditionalMediationAvailable === void 0 ? new Promise((t) => t(!1)) : e.isConditionalMediationAvailable();
 }
-function Yt({ error: e, options: t }) {
-  const { publicKey: n } = t;
-  if (!n)
+function Pt({ error: e, options: t }) {
+  const { publicKey: r } = t;
+  if (!r)
     throw Error("options was missing required publicKey property");
   if (e.name === "AbortError") {
     if (t.signal instanceof AbortSignal)
-      return new b({
+      return new w({
         message: "Authentication ceremony was sent an abort signal",
         code: "ERROR_CEREMONY_ABORTED",
         cause: e
       });
   } else {
     if (e.name === "NotAllowedError")
-      return new b({
+      return new w({
         message: e.message,
         code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",
         cause: e
       });
     if (e.name === "SecurityError") {
-      const r = window.location.hostname;
-      if (Fe(r)) {
-        if (n.rpId !== r)
-          return new b({
-            message: `The RP ID "${n.rpId}" is invalid for this domain`,
+      const n = window.location.hostname;
+      if (xe(n)) {
+        if (r.rpId !== n)
+          return new w({
+            message: `The RP ID "${r.rpId}" is invalid for this domain`,
             code: "ERROR_INVALID_RP_ID",
             cause: e
           });
-      } else return new b({
+      } else return new w({
         message: `${window.location.hostname} is an invalid domain`,
         code: "ERROR_INVALID_DOMAIN",
         cause: e
       });
     } else if (e.name === "UnknownError")
-      return new b({
+      return new w({
         message: "The authenticator was unable to process the specified options, or could not create a new assertion signature",
         code: "ERROR_AUTHENTICATOR_GENERAL_ERROR",
         cause: e
@@ -259,71 +259,71 @@ function Yt({ error: e, options: t }) {
   }
   return e;
 }
-async function Vt(e, t = !1) {
-  if (!be())
+async function Ct(e, t = !1) {
+  if (!Se())
     throw new Error("WebAuthn is not supported in this browser");
-  let n;
-  e.allowCredentials?.length !== 0 && (n = e.allowCredentials?.map(je));
-  const r = {
+  let r;
+  e.allowCredentials?.length !== 0 && (r = e.allowCredentials?.map(We));
+  const n = {
     ...e,
-    challenge: ce(e.challenge),
-    allowCredentials: n
+    challenge: re(e.challenge),
+    allowCredentials: r
   }, a = {};
   if (t) {
-    if (!await Jt())
+    if (!await kt())
       throw Error("Browser does not support WebAuthn autofill");
     if (document.querySelectorAll("input[autocomplete$='webauthn']").length < 1)
       throw Error('No <input> with "webauthn" as the only or last value in its `autocomplete` attribute was detected');
-    a.mediation = "conditional", r.allowCredentials = [];
+    a.mediation = "conditional", n.allowCredentials = [];
   }
-  a.publicKey = r, a.signal = Be.createNewAbortSignal();
-  let s;
+  a.publicKey = n, a.signal = Je.createNewAbortSignal();
+  let o;
   try {
-    s = await navigator.credentials.get(a);
-  } catch (h) {
-    throw Yt({ error: h, options: a });
+    o = await navigator.credentials.get(a);
+  } catch (p) {
+    throw Pt({ error: p, options: a });
   }
-  if (!s)
+  if (!o)
     throw new Error("Authentication was not completed");
-  const { id: o, rawId: i, response: c, type: y } = s;
-  let l;
-  return c.userHandle && (l = v(c.userHandle)), {
-    id: o,
-    rawId: v(i),
+  const { id: s, rawId: i, response: c, type: h } = o;
+  let f;
+  return c.userHandle && (f = _(c.userHandle)), {
+    id: s,
+    rawId: _(i),
     response: {
-      authenticatorData: v(c.authenticatorData),
-      clientDataJSON: v(c.clientDataJSON),
-      signature: v(c.signature),
-      userHandle: l
+      authenticatorData: _(c.authenticatorData),
+      clientDataJSON: _(c.clientDataJSON),
+      signature: _(c.signature),
+      userHandle: f
     },
-    type: y,
-    clientExtensionResults: s.getClientExtensionResults(),
-    authenticatorAttachment: qe(s.authenticatorAttachment)
+    type: h,
+    clientExtensionResults: o.getClientExtensionResults(),
+    authenticatorAttachment: Ye(o.authenticatorAttachment)
   };
 }
 /*!
-  @versini/auth-common v3.3.0
+  @versini/auth-common v4.0.0
   © 2024 gizmette.com
 */
 try {
   window.__VERSINI_AUTH_COMMON__ || (window.__VERSINI_AUTH_COMMON__ = {
-    version: "3.3.0",
-    buildTime: "07/31/2024 08:11 PM EDT",
+    version: "4.0.0",
+    buildTime: "08/25/2024 01:31 PM EDT",
     homepage: "https://github.com/aversini/auth-client",
     license: "MIT"
   });
 } catch {
 }
-const G = {
+const oe = {
   ID_TOKEN: "id_token",
   ACCESS_TOKEN: "token",
   ID_AND_ACCESS_TOKEN: "id_token token",
   CODE: "code",
   REFRESH_TOKEN: "refresh_token",
   PASSKEY: "passkey"
-}, ze = {
+}, Ge = {
   CLIENT_ID: "X-Auth-ClientId"
-}, T = {
+}, S = {
   ALG: "RS256",
   USER_ID_KEY: "sub",
   TOKEN_ID_KEY: "__raw",
@@ -333,8 +333,9 @@ const G = {
   EXPIRES_AT_KEY: "exp",
   CREATED_AT_KEY: "iat",
   SCOPES_KEY: "scopes",
+  CLIENT_ID_KEY: "aud",
   ISSUER: "gizmette.com"
-}, jt = `-----BEGIN PUBLIC KEY-----
+}, Nt = `-----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF6i3Jd9fY/3COqCw/m7
 w5PKyTYLGAI2I6SIIdpe6i6DOCbEkmDz7LdVsBqwNtVi8gvWYIj+8ol6rU3qu1v5
 i1Jd45GSK4kzkVdgCmQZbM5ak0KI99q5wsrAIzUd+LRJ2HRvWtr5IYdsIiXaQjle
@@ -342,56 +343,59 @@ aMwPFOIcJH+rKfFgNcHLcaS5syp7zU1ANwZ+trgR+DifBr8TLVkBynmNeTyhDm2+
 l0haqjMk0UoNPPE8iYBWUHQJJE1Dqstj65d6Eh5g64Pao25y4cmYJbKjiblIGEkE
 sjqybA9mARAqh9k/eiIopecWSiffNQTwVQVd2I9ZH3BalhEXHlqFgrjz51kFqg81
 awIDAQAB
------END PUBLIC KEY-----`, he = {
-  AUTHENTICATE: "authenticate",
+-----END PUBLIC KEY-----`, ie = {
   CODE: "code",
-  LOGOUT: "logout"
-}, pe = crypto, Qe = (e) => e instanceof CryptoKey, Z = new TextEncoder(), q = new TextDecoder();
-function Ft(...e) {
-  const t = e.reduce((a, { length: s }) => a + s, 0), n = new Uint8Array(t);
-  let r = 0;
+  LOGOUT: "logout",
+  LOGIN: "login",
+  REFRESH: "refresh"
+}, ce = crypto, Me = (e) => e instanceof CryptoKey, F = new TextEncoder(), G = new TextDecoder();
+function Dt(...e) {
+  const t = e.reduce((a, { length: o }) => a + o, 0), r = new Uint8Array(t);
+  let n = 0;
   for (const a of e)
-    n.set(a, r), r += a.length;
-  return n;
+    r.set(a, n), n += a.length;
+  return r;
 }
-const Bt = (e) => {
-  const t = atob(e), n = new Uint8Array(t.length);
-  for (let r = 0; r < t.length; r++)
-    n[r] = t.charCodeAt(r);
-  return n;
-}, B = (e) => {
+const Ut = (e) => {
+  const t = atob(e), r = new Uint8Array(t.length);
+  for (let n = 0; n < t.length; n++)
+    r[n] = t.charCodeAt(n);
+  return r;
+}, Y = (e) => {
   let t = e;
-  t instanceof Uint8Array && (t = q.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
+  t instanceof Uint8Array && (t = G.decode(t)), t = t.replace(/-/g, "+").replace(/_/g, "/").replace(/\s/g, "");
   try {
-    return Bt(t);
+    return Ut(t);
   } catch {
     throw new TypeError("The input to be decoded is not correctly encoded.");
   }
 };
-let $ = class extends Error {
+class D extends Error {
   static get code() {
     return "ERR_JOSE_GENERIC";
   }
   constructor(t) {
-    var n;
-    super(t), this.code = "ERR_JOSE_GENERIC", this.name = this.constructor.name, (n = Error.captureStackTrace) == null || n.call(Error, this, this.constructor);
+    var r;
+    super(t), this.code = "ERR_JOSE_GENERIC", this.name = this.constructor.name, (r = Error.captureStackTrace) == null || r.call(Error, this, this.constructor);
   }
-}, _ = class extends $ {
+}
+class R extends D {
   static get code() {
     return "ERR_JWT_CLAIM_VALIDATION_FAILED";
   }
-  constructor(t, n, r = "unspecified", a = "unspecified") {
-    super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = r, this.reason = a, this.payload = n;
+  constructor(t, r, n = "unspecified", a = "unspecified") {
+    super(t), this.code = "ERR_JWT_CLAIM_VALIDATION_FAILED", this.claim = n, this.reason = a, this.payload = r;
   }
-}, Ne = class extends $ {
+}
+class ve extends D {
   static get code() {
     return "ERR_JWT_EXPIRED";
   }
-  constructor(t, n, r = "unspecified", a = "unspecified") {
-    super(t), this.code = "ERR_JWT_EXPIRED", this.claim = r, this.reason = a, this.payload = n;
+  constructor(t, r, n = "unspecified", a = "unspecified") {
+    super(t), this.code = "ERR_JWT_EXPIRED", this.claim = n, this.reason = a, this.payload = r;
   }
-};
-class qt extends $ {
+}
+class Kt extends D {
   constructor() {
     super(...arguments), this.code = "ERR_JOSE_ALG_NOT_ALLOWED";
   }
@@ -399,15 +403,15 @@ class qt extends $ {
     return "ERR_JOSE_ALG_NOT_ALLOWED";
   }
 }
-let N = class extends $ {
+class k extends D {
   constructor() {
     super(...arguments), this.code = "ERR_JOSE_NOT_SUPPORTED";
   }
   static get code() {
     return "ERR_JOSE_NOT_SUPPORTED";
   }
-};
-class A extends $ {
+}
+class m extends D {
   constructor() {
     super(...arguments), this.code = "ERR_JWS_INVALID";
   }
@@ -415,7 +419,7 @@ class A extends $ {
     return "ERR_JWS_INVALID";
   }
 }
-let k = class extends $ {
+let v = class extends D {
   constructor() {
     super(...arguments), this.code = "ERR_JWT_INVALID";
   }
@@ -423,7 +427,7 @@ let k = class extends $ {
     return "ERR_JWT_INVALID";
   }
 };
-class zt extends $ {
+class $t extends D {
   constructor() {
     super(...arguments), this.code = "ERR_JWS_SIGNATURE_VERIFICATION_FAILED", this.message = "signature verification failed";
   }
@@ -431,16 +435,16 @@ class zt extends $ {
     return "ERR_JWS_SIGNATURE_VERIFICATION_FAILED";
   }
 }
-function P(e, t = "algorithm.name") {
+function b(e, t = "algorithm.name") {
   return new TypeError(`CryptoKey does not support this operation, its ${t} must be ${e}`);
 }
-function ee(e, t) {
+function B(e, t) {
   return e.name === t;
 }
-function me(e) {
+function pe(e) {
   return parseInt(e.name.slice(4), 10);
 }
-function Qt(e) {
+function Lt(e) {
   switch (e) {
     case "ES256":
       return "P-256";
@@ -452,104 +456,104 @@ function Qt(e) {
       throw new Error("unreachable");
   }
 }
-function Xt(e, t) {
-  if (t.length && !t.some((n) => e.usages.includes(n))) {
-    let n = "CryptoKey does not support this operation, its usages must include ";
+function Ht(e, t) {
+  if (t.length && !t.some((r) => e.usages.includes(r))) {
+    let r = "CryptoKey does not support this operation, its usages must include ";
     if (t.length > 2) {
-      const r = t.pop();
-      n += `one of ${t.join(", ")}, or ${r}.`;
-    } else t.length === 2 ? n += `one of ${t[0]} or ${t[1]}.` : n += `${t[0]}.`;
-    throw new TypeError(n);
+      const n = t.pop();
+      r += `one of ${t.join(", ")}, or ${n}.`;
+    } else t.length === 2 ? r += `one of ${t[0]} or ${t[1]}.` : r += `${t[0]}.`;
+    throw new TypeError(r);
   }
 }
-function Zt(e, t, ...n) {
+function Wt(e, t, ...r) {
   switch (t) {
     case "HS256":
     case "HS384":
     case "HS512": {
-      if (!ee(e.algorithm, "HMAC"))
-        throw P("HMAC");
-      const r = parseInt(t.slice(2), 10);
-      if (me(e.algorithm.hash) !== r)
-        throw P(`SHA-${r}`, "algorithm.hash");
+      if (!B(e.algorithm, "HMAC"))
+        throw b("HMAC");
+      const n = parseInt(t.slice(2), 10);
+      if (pe(e.algorithm.hash) !== n)
+        throw b(`SHA-${n}`, "algorithm.hash");
       break;
     }
     case "RS256":
     case "RS384":
     case "RS512": {
-      if (!ee(e.algorithm, "RSASSA-PKCS1-v1_5"))
-        throw P("RSASSA-PKCS1-v1_5");
-      const r = parseInt(t.slice(2), 10);
-      if (me(e.algorithm.hash) !== r)
-        throw P(`SHA-${r}`, "algorithm.hash");
+      if (!B(e.algorithm, "RSASSA-PKCS1-v1_5"))
+        throw b("RSASSA-PKCS1-v1_5");
+      const n = parseInt(t.slice(2), 10);
+      if (pe(e.algorithm.hash) !== n)
+        throw b(`SHA-${n}`, "algorithm.hash");
       break;
     }
     case "PS256":
     case "PS384":
     case "PS512": {
-      if (!ee(e.algorithm, "RSA-PSS"))
-        throw P("RSA-PSS");
-      const r = parseInt(t.slice(2), 10);
-      if (me(e.algorithm.hash) !== r)
-        throw P(`SHA-${r}`, "algorithm.hash");
+      if (!B(e.algorithm, "RSA-PSS"))
+        throw b("RSA-PSS");
+      const n = parseInt(t.slice(2), 10);
+      if (pe(e.algorithm.hash) !== n)
+        throw b(`SHA-${n}`, "algorithm.hash");
       break;
     }
     case "EdDSA": {
       if (e.algorithm.name !== "Ed25519" && e.algorithm.name !== "Ed448")
-        throw P("Ed25519 or Ed448");
+        throw b("Ed25519 or Ed448");
       break;
     }
     case "ES256":
     case "ES384":
     case "ES512": {
-      if (!ee(e.algorithm, "ECDSA"))
-        throw P("ECDSA");
-      const r = Qt(t);
-      if (e.algorithm.namedCurve !== r)
-        throw P(r, "algorithm.namedCurve");
+      if (!B(e.algorithm, "ECDSA"))
+        throw b("ECDSA");
+      const n = Lt(t);
+      if (e.algorithm.namedCurve !== n)
+        throw b(n, "algorithm.namedCurve");
       break;
     }
     default:
       throw new TypeError("CryptoKey does not support this operation");
   }
-  Xt(e, n);
+  Ht(e, r);
 }
-function Xe(e, t, ...n) {
-  var r;
-  if (n.length > 2) {
-    const a = n.pop();
-    e += `one of type ${n.join(", ")}, or ${a}.`;
-  } else n.length === 2 ? e += `one of type ${n[0]} or ${n[1]}.` : e += `of type ${n[0]}.`;
-  return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (r = t.constructor) != null && r.name && (e += ` Received an instance of ${t.constructor.name}`), e;
+function Ve(e, t, ...r) {
+  var n;
+  if (r.length > 2) {
+    const a = r.pop();
+    e += `one of type ${r.join(", ")}, or ${a}.`;
+  } else r.length === 2 ? e += `one of type ${r[0]} or ${r[1]}.` : e += `of type ${r[0]}.`;
+  return t == null ? e += ` Received ${t}` : typeof t == "function" && t.name ? e += ` Received function ${t.name}` : typeof t == "object" && t != null && (n = t.constructor) != null && n.name && (e += ` Received an instance of ${t.constructor.name}`), e;
 }
-const De = (e, ...t) => Xe("Key must be ", e, ...t);
-function Ze(e, t, ...n) {
-  return Xe(`Key for the ${e} algorithm must be `, t, ...n);
+const Oe = (e, ...t) => Ve("Key must be ", e, ...t);
+function je(e, t, ...r) {
+  return Ve(`Key for the ${e} algorithm must be `, t, ...r);
 }
-const et = (e) => Qe(e) ? !0 : e?.[Symbol.toStringTag] === "KeyObject", ue = ["CryptoKey"], en = (...e) => {
+const Fe = (e) => Me(e) ? !0 : e?.[Symbol.toStringTag] === "KeyObject", ne = ["CryptoKey"], xt = (...e) => {
   const t = e.filter(Boolean);
   if (t.length === 0 || t.length === 1)
     return !0;
-  let n;
-  for (const r of t) {
-    const a = Object.keys(r);
-    if (!n || n.size === 0) {
-      n = new Set(a);
+  let r;
+  for (const n of t) {
+    const a = Object.keys(n);
+    if (!r || r.size === 0) {
+      r = new Set(a);
       continue;
     }
-    for (const s of a) {
-      if (n.has(s))
+    for (const o of a) {
+      if (r.has(o))
         return !1;
-      n.add(s);
+      r.add(o);
     }
   }
   return !0;
 };
-function tn(e) {
+function Jt(e) {
   return typeof e == "object" && e !== null;
 }
-function le(e) {
-  if (!tn(e) || Object.prototype.toString.call(e) !== "[object Object]")
+function ae(e) {
+  if (!Jt(e) || Object.prototype.toString.call(e) !== "[object Object]")
     return !1;
   if (Object.getPrototypeOf(e) === null)
     return !0;
@@ -558,27 +562,27 @@ function le(e) {
     t = Object.getPrototypeOf(t);
   return Object.getPrototypeOf(e) === t;
 }
-const nn = (e, t) => {
+const Yt = (e, t) => {
   if (e.startsWith("RS") || e.startsWith("PS")) {
-    const { modulusLength: n } = t.algorithm;
-    if (typeof n != "number" || n < 2048)
+    const { modulusLength: r } = t.algorithm;
+    if (typeof r != "number" || r < 2048)
       throw new TypeError(`${e} requires key modulusLength to be 2048 bits or larger`);
   }
 };
-function rn(e) {
-  let t, n;
+function Gt(e) {
+  let t, r;
   switch (e.kty) {
     case "RSA": {
       switch (e.alg) {
         case "PS256":
         case "PS384":
         case "PS512":
-          t = { name: "RSA-PSS", hash: `SHA-${e.alg.slice(-3)}` }, n = e.d ? ["sign"] : ["verify"];
+          t = { name: "RSA-PSS", hash: `SHA-${e.alg.slice(-3)}` }, r = e.d ? ["sign"] : ["verify"];
           break;
         case "RS256":
         case "RS384":
         case "RS512":
-          t = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${e.alg.slice(-3)}` }, n = e.d ? ["sign"] : ["verify"];
+          t = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${e.alg.slice(-3)}` }, r = e.d ? ["sign"] : ["verify"];
           break;
         case "RSA-OAEP":
         case "RSA-OAEP-256":
@@ -587,93 +591,93 @@ function rn(e) {
           t = {
             name: "RSA-OAEP",
             hash: `SHA-${parseInt(e.alg.slice(-3), 10) || 1}`
-          }, n = e.d ? ["decrypt", "unwrapKey"] : ["encrypt", "wrapKey"];
+          }, r = e.d ? ["decrypt", "unwrapKey"] : ["encrypt", "wrapKey"];
           break;
         default:
-          throw new N('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
+          throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
       }
       break;
     }
     case "EC": {
       switch (e.alg) {
         case "ES256":
-          t = { name: "ECDSA", namedCurve: "P-256" }, n = e.d ? ["sign"] : ["verify"];
+          t = { name: "ECDSA", namedCurve: "P-256" }, r = e.d ? ["sign"] : ["verify"];
           break;
         case "ES384":
-          t = { name: "ECDSA", namedCurve: "P-384" }, n = e.d ? ["sign"] : ["verify"];
+          t = { name: "ECDSA", namedCurve: "P-384" }, r = e.d ? ["sign"] : ["verify"];
           break;
         case "ES512":
-          t = { name: "ECDSA", namedCurve: "P-521" }, n = e.d ? ["sign"] : ["verify"];
+          t = { name: "ECDSA", namedCurve: "P-521" }, r = e.d ? ["sign"] : ["verify"];
           break;
         case "ECDH-ES":
         case "ECDH-ES+A128KW":
         case "ECDH-ES+A192KW":
         case "ECDH-ES+A256KW":
-          t = { name: "ECDH", namedCurve: e.crv }, n = e.d ? ["deriveBits"] : [];
+          t = { name: "ECDH", namedCurve: e.crv }, r = e.d ? ["deriveBits"] : [];
           break;
         default:
-          throw new N('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
+          throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
       }
       break;
     }
     case "OKP": {
       switch (e.alg) {
         case "EdDSA":
-          t = { name: e.crv }, n = e.d ? ["sign"] : ["verify"];
+          t = { name: e.crv }, r = e.d ? ["sign"] : ["verify"];
           break;
         case "ECDH-ES":
         case "ECDH-ES+A128KW":
         case "ECDH-ES+A192KW":
         case "ECDH-ES+A256KW":
-          t = { name: e.crv }, n = e.d ? ["deriveBits"] : [];
+          t = { name: e.crv }, r = e.d ? ["deriveBits"] : [];
           break;
         default:
-          throw new N('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
+          throw new k('Invalid or unsupported JWK "alg" (Algorithm) Parameter value');
       }
       break;
     }
     default:
-      throw new N('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
+      throw new k('Invalid or unsupported JWK "kty" (Key Type) Parameter value');
   }
-  return { algorithm: t, keyUsages: n };
+  return { algorithm: t, keyUsages: r };
 }
-const an = async (e) => {
+const Mt = async (e) => {
   if (!e.alg)
     throw new TypeError('"alg" argument is required when "jwk.alg" is not present');
-  const { algorithm: t, keyUsages: n } = rn(e), r = [
+  const { algorithm: t, keyUsages: r } = Gt(e), n = [
     t,
     e.ext ?? !1,
-    e.key_ops ?? n
+    e.key_ops ?? r
   ], a = { ...e };
-  return delete a.alg, delete a.use, pe.subtle.importKey("jwk", a, ...r);
-}, tt = (e) => B(e);
-let Ee, we;
-const nt = (e) => e?.[Symbol.toStringTag] === "KeyObject", rt = async (e, t, n, r) => {
+  return delete a.alg, delete a.use, ce.subtle.importKey("jwk", a, ...n);
+}, Be = (e) => Y(e);
+let fe, ye;
+const qe = (e) => e?.[Symbol.toStringTag] === "KeyObject", ze = async (e, t, r, n) => {
   let a = e.get(t);
-  if (a != null && a[r])
-    return a[r];
-  const s = await an({ ...n, alg: r });
-  return a ? a[r] = s : e.set(t, { [r]: s }), s;
-}, on = (e, t) => {
-  if (nt(e)) {
-    let n = e.export({ format: "jwk" });
-    return delete n.d, delete n.dp, delete n.dq, delete n.p, delete n.q, delete n.qi, n.k ? tt(n.k) : (we || (we = /* @__PURE__ */ new WeakMap()), rt(we, e, n, t));
+  if (a != null && a[n])
+    return a[n];
+  const o = await Mt({ ...r, alg: n });
+  return a ? a[n] = o : e.set(t, { [n]: o }), o;
+}, Vt = (e, t) => {
+  if (qe(e)) {
+    let r = e.export({ format: "jwk" });
+    return delete r.d, delete r.dp, delete r.dq, delete r.p, delete r.q, delete r.qi, r.k ? Be(r.k) : (ye || (ye = /* @__PURE__ */ new WeakMap()), ze(ye, e, r, t));
   }
   return e;
-}, sn = (e, t) => {
-  if (nt(e)) {
-    let n = e.export({ format: "jwk" });
-    return n.k ? tt(n.k) : (Ee || (Ee = /* @__PURE__ */ new WeakMap()), rt(Ee, e, n, t));
+}, jt = (e, t) => {
+  if (qe(e)) {
+    let r = e.export({ format: "jwk" });
+    return r.k ? Be(r.k) : (fe || (fe = /* @__PURE__ */ new WeakMap()), ze(fe, e, r, t));
   }
   return e;
-}, cn = { normalizePublicKey: on, normalizePrivateKey: sn }, O = (e, t, n = 0) => {
-  n === 0 && (t.unshift(t.length), t.unshift(6));
-  const r = e.indexOf(t[0], n);
-  if (r === -1)
+}, Ft = { normalizePublicKey: Vt, normalizePrivateKey: jt }, O = (e, t, r = 0) => {
+  r === 0 && (t.unshift(t.length), t.unshift(6));
+  const n = e.indexOf(t[0], r);
+  if (n === -1)
     return !1;
-  const a = e.subarray(r, r + t.length);
-  return a.length !== t.length ? !1 : a.every((s, o) => s === t[o]) || O(e, t, r + 1);
-}, Ue = (e) => {
+  const a = e.subarray(n, n + t.length);
+  return a.length !== t.length ? !1 : a.every((o, s) => o === t[s]) || O(e, t, n + 1);
+}, ke = (e) => {
   switch (!0) {
     case O(e, [42, 134, 72, 206, 61, 3, 1, 7]):
       return "P-256";
@@ -690,492 +694,492 @@ const nt = (e) => e?.[Symbol.toStringTag] === "KeyObject", rt = async (e, t, n,
     case O(e, [43, 101, 113]):
       return "Ed448";
     default:
-      throw new N("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
+      throw new k("Invalid or unsupported EC Key Curve or OKP Key Sub Type");
   }
-}, un = async (e, t, n, r, a) => {
-  let s, o;
-  const i = new Uint8Array(atob(n.replace(e, "")).split("").map((c) => c.charCodeAt(0)));
-  switch (r) {
+}, Bt = async (e, t, r, n, a) => {
+  let o, s;
+  const i = new Uint8Array(atob(r.replace(e, "")).split("").map((c) => c.charCodeAt(0)));
+  switch (n) {
     case "PS256":
     case "PS384":
     case "PS512":
-      s = { name: "RSA-PSS", hash: `SHA-${r.slice(-3)}` }, o = ["verify"];
+      o = { name: "RSA-PSS", hash: `SHA-${n.slice(-3)}` }, s = ["verify"];
       break;
     case "RS256":
     case "RS384":
     case "RS512":
-      s = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${r.slice(-3)}` }, o = ["verify"];
+      o = { name: "RSASSA-PKCS1-v1_5", hash: `SHA-${n.slice(-3)}` }, s = ["verify"];
       break;
     case "RSA-OAEP":
     case "RSA-OAEP-256":
     case "RSA-OAEP-384":
     case "RSA-OAEP-512":
-      s = {
+      o = {
         name: "RSA-OAEP",
-        hash: `SHA-${parseInt(r.slice(-3), 10) || 1}`
-      }, o = ["encrypt", "wrapKey"];
+        hash: `SHA-${parseInt(n.slice(-3), 10) || 1}`
+      }, s = ["encrypt", "wrapKey"];
       break;
     case "ES256":
-      s = { name: "ECDSA", namedCurve: "P-256" }, o = ["verify"];
+      o = { name: "ECDSA", namedCurve: "P-256" }, s = ["verify"];
       break;
     case "ES384":
-      s = { name: "ECDSA", namedCurve: "P-384" }, o = ["verify"];
+      o = { name: "ECDSA", namedCurve: "P-384" }, s = ["verify"];
       break;
     case "ES512":
-      s = { name: "ECDSA", namedCurve: "P-521" }, o = ["verify"];
+      o = { name: "ECDSA", namedCurve: "P-521" }, s = ["verify"];
       break;
     case "ECDH-ES":
     case "ECDH-ES+A128KW":
     case "ECDH-ES+A192KW":
     case "ECDH-ES+A256KW": {
-      const c = Ue(i);
-      s = c.startsWith("P-") ? { name: "ECDH", namedCurve: c } : { name: c }, o = [];
+      const c = ke(i);
+      o = c.startsWith("P-") ? { name: "ECDH", namedCurve: c } : { name: c }, s = [];
       break;
     }
     case "EdDSA":
-      s = { name: Ue(i) }, o = ["verify"];
+      o = { name: ke(i) }, s = ["verify"];
       break;
     default:
-      throw new N('Invalid or unsupported "alg" (Algorithm) value');
+      throw new k('Invalid or unsupported "alg" (Algorithm) value');
   }
-  return pe.subtle.importKey(t, i, s, !1, o);
-}, ln = (e, t, n) => un(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
-async function dn(e, t, n) {
+  return ce.subtle.importKey(t, i, o, !1, s);
+}, qt = (e, t, r) => Bt(/(?:-----(?:BEGIN|END) PUBLIC KEY-----|\s)/g, "spki", e, t);
+async function zt(e, t, r) {
   if (e.indexOf("-----BEGIN PUBLIC KEY-----") !== 0)
     throw new TypeError('"spki" must be SPKI formatted string');
-  return ln(e, t);
+  return qt(e, t);
 }
-const ie = (e) => e?.[Symbol.toStringTag], hn = (e, t) => {
+const ee = (e) => e?.[Symbol.toStringTag], Qt = (e, t) => {
   if (!(t instanceof Uint8Array)) {
-    if (!et(t))
-      throw new TypeError(Ze(e, t, ...ue, "Uint8Array"));
+    if (!Fe(t))
+      throw new TypeError(je(e, t, ...ne, "Uint8Array"));
     if (t.type !== "secret")
-      throw new TypeError(`${ie(t)} instances for symmetric algorithms must be of type "secret"`);
+      throw new TypeError(`${ee(t)} instances for symmetric algorithms must be of type "secret"`);
   }
-}, pn = (e, t, n) => {
-  if (!et(t))
-    throw new TypeError(Ze(e, t, ...ue));
+}, Xt = (e, t, r) => {
+  if (!Fe(t))
+    throw new TypeError(je(e, t, ...ne));
   if (t.type === "secret")
-    throw new TypeError(`${ie(t)} instances for asymmetric algorithms must not be of type "secret"`);
-  if (t.algorithm && n === "verify" && t.type === "private")
-    throw new TypeError(`${ie(t)} instances for asymmetric algorithm verifying must be of type "public"`);
-  if (t.algorithm && n === "encrypt" && t.type === "private")
-    throw new TypeError(`${ie(t)} instances for asymmetric algorithm encryption must be of type "public"`);
-}, fn = (e, t, n) => {
-  e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? hn(e, t) : pn(e, t, n);
+    throw new TypeError(`${ee(t)} instances for asymmetric algorithms must not be of type "secret"`);
+  if (t.algorithm && r === "verify" && t.type === "private")
+    throw new TypeError(`${ee(t)} instances for asymmetric algorithm verifying must be of type "public"`);
+  if (t.algorithm && r === "encrypt" && t.type === "private")
+    throw new TypeError(`${ee(t)} instances for asymmetric algorithm encryption must be of type "public"`);
+}, Zt = (e, t, r) => {
+  e.startsWith("HS") || e === "dir" || e.startsWith("PBES2") || /^A\d{3}(?:GCM)?KW$/.test(e) ? Qt(e, t) : Xt(e, t, r);
 };
-function yn(e, t, n, r, a) {
-  if (a.crit !== void 0 && r?.crit === void 0)
+function er(e, t, r, n, a) {
+  if (a.crit !== void 0 && n?.crit === void 0)
     throw new e('"crit" (Critical) Header Parameter MUST be integrity protected');
-  if (!r || r.crit === void 0)
+  if (!n || n.crit === void 0)
     return /* @__PURE__ */ new Set();
-  if (!Array.isArray(r.crit) || r.crit.length === 0 || r.crit.some((o) => typeof o != "string" || o.length === 0))
+  if (!Array.isArray(n.crit) || n.crit.length === 0 || n.crit.some((s) => typeof s != "string" || s.length === 0))
     throw new e('"crit" (Critical) Header Parameter MUST be an array of non-empty strings when present');
-  let s;
-  n !== void 0 ? s = new Map([...Object.entries(n), ...t.entries()]) : s = t;
-  for (const o of r.crit) {
-    if (!s.has(o))
-      throw new N(`Extension Header Parameter "${o}" is not recognized`);
-    if (a[o] === void 0)
-      throw new e(`Extension Header Parameter "${o}" is missing`);
-    if (s.get(o) && r[o] === void 0)
-      throw new e(`Extension Header Parameter "${o}" MUST be integrity protected`);
-  }
-  return new Set(r.crit);
+  let o;
+  r !== void 0 ? o = new Map([...Object.entries(r), ...t.entries()]) : o = t;
+  for (const s of n.crit) {
+    if (!o.has(s))
+      throw new k(`Extension Header Parameter "${s}" is not recognized`);
+    if (a[s] === void 0)
+      throw new e(`Extension Header Parameter "${s}" is missing`);
+    if (o.get(s) && n[s] === void 0)
+      throw new e(`Extension Header Parameter "${s}" MUST be integrity protected`);
+  }
+  return new Set(n.crit);
 }
-const gn = (e, t) => {
-  if (t !== void 0 && (!Array.isArray(t) || t.some((n) => typeof n != "string")))
+const tr = (e, t) => {
+  if (t !== void 0 && (!Array.isArray(t) || t.some((r) => typeof r != "string")))
     throw new TypeError(`"${e}" option must be an array of strings`);
   if (t)
     return new Set(t);
 };
-function mn(e, t) {
-  const n = `SHA-${e.slice(-3)}`;
+function rr(e, t) {
+  const r = `SHA-${e.slice(-3)}`;
   switch (e) {
     case "HS256":
     case "HS384":
     case "HS512":
-      return { hash: n, name: "HMAC" };
+      return { hash: r, name: "HMAC" };
     case "PS256":
     case "PS384":
     case "PS512":
-      return { hash: n, name: "RSA-PSS", saltLength: e.slice(-3) >> 3 };
+      return { hash: r, name: "RSA-PSS", saltLength: e.slice(-3) >> 3 };
     case "RS256":
     case "RS384":
     case "RS512":
-      return { hash: n, name: "RSASSA-PKCS1-v1_5" };
+      return { hash: r, name: "RSASSA-PKCS1-v1_5" };
     case "ES256":
     case "ES384":
     case "ES512":
-      return { hash: n, name: "ECDSA", namedCurve: t.namedCurve };
+      return { hash: r, name: "ECDSA", namedCurve: t.namedCurve };
     case "EdDSA":
       return { name: t.name };
     default:
-      throw new N(`alg ${e} is not supported either by JOSE or your javascript runtime`);
+      throw new k(`alg ${e} is not supported either by JOSE or your javascript runtime`);
   }
 }
-async function En(e, t, n) {
-  if (t = await cn.normalizePublicKey(t, e), Qe(t))
-    return Zt(t, e, n), t;
+async function nr(e, t, r) {
+  if (t = await Ft.normalizePublicKey(t, e), Me(t))
+    return Wt(t, e, r), t;
   if (t instanceof Uint8Array) {
     if (!e.startsWith("HS"))
-      throw new TypeError(De(t, ...ue));
-    return pe.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [n]);
+      throw new TypeError(Oe(t, ...ne));
+    return ce.subtle.importKey("raw", t, { hash: `SHA-${e.slice(-3)}`, name: "HMAC" }, !1, [r]);
   }
-  throw new TypeError(De(t, ...ue, "Uint8Array"));
+  throw new TypeError(Oe(t, ...ne, "Uint8Array"));
 }
-const wn = async (e, t, n, r) => {
-  const a = await En(e, t, "verify");
-  nn(e, a);
-  const s = mn(e, a.algorithm);
+const ar = async (e, t, r, n) => {
+  const a = await nr(e, t, "verify");
+  Yt(e, a);
+  const o = rr(e, a.algorithm);
   try {
-    return await pe.subtle.verify(s, a, n, r);
+    return await ce.subtle.verify(o, a, r, n);
   } catch {
     return !1;
   }
 };
-async function Sn(e, t, n) {
-  if (!le(e))
-    throw new A("Flattened JWS must be an object");
+async function sr(e, t, r) {
+  if (!ae(e))
+    throw new m("Flattened JWS must be an object");
   if (e.protected === void 0 && e.header === void 0)
-    throw new A('Flattened JWS must have either of the "protected" or "header" members');
+    throw new m('Flattened JWS must have either of the "protected" or "header" members');
   if (e.protected !== void 0 && typeof e.protected != "string")
-    throw new A("JWS Protected Header incorrect type");
+    throw new m("JWS Protected Header incorrect type");
   if (e.payload === void 0)
-    throw new A("JWS Payload missing");
+    throw new m("JWS Payload missing");
   if (typeof e.signature != "string")
-    throw new A("JWS Signature missing or incorrect type");
-  if (e.header !== void 0 && !le(e.header))
-    throw new A("JWS Unprotected Header incorrect type");
-  let r = {};
+    throw new m("JWS Signature missing or incorrect type");
+  if (e.header !== void 0 && !ae(e.header))
+    throw new m("JWS Unprotected Header incorrect type");
+  let n = {};
   if (e.protected)
     try {
-      const u = B(e.protected);
-      r = JSON.parse(q.decode(u));
+      const T = Y(e.protected);
+      n = JSON.parse(G.decode(T));
     } catch {
-      throw new A("JWS Protected Header is invalid");
+      throw new m("JWS Protected Header is invalid");
     }
-  if (!en(r, e.header))
-    throw new A("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
+  if (!xt(n, e.header))
+    throw new m("JWS Protected and JWS Unprotected Header Parameter names must be disjoint");
   const a = {
-    ...r,
+    ...n,
     ...e.header
-  }, s = yn(A, /* @__PURE__ */ new Map([["b64", !0]]), n?.crit, r, a);
-  let o = !0;
-  if (s.has("b64") && (o = r.b64, typeof o != "boolean"))
-    throw new A('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
+  }, o = er(m, /* @__PURE__ */ new Map([["b64", !0]]), r?.crit, n, a);
+  let s = !0;
+  if (o.has("b64") && (s = n.b64, typeof s != "boolean"))
+    throw new m('The "b64" (base64url-encode payload) Header Parameter must be a boolean');
   const { alg: i } = a;
   if (typeof i != "string" || !i)
-    throw new A('JWS "alg" (Algorithm) Header Parameter missing or invalid');
-  const c = n && gn("algorithms", n.algorithms);
+    throw new m('JWS "alg" (Algorithm) Header Parameter missing or invalid');
+  const c = r && tr("algorithms", r.algorithms);
   if (c && !c.has(i))
-    throw new qt('"alg" (Algorithm) Header Parameter value not allowed');
-  if (o) {
+    throw new Kt('"alg" (Algorithm) Header Parameter value not allowed');
+  if (s) {
     if (typeof e.payload != "string")
-      throw new A("JWS Payload must be a string");
+      throw new m("JWS Payload must be a string");
   } else if (typeof e.payload != "string" && !(e.payload instanceof Uint8Array))
-    throw new A("JWS Payload must be a string or an Uint8Array instance");
-  let y = !1;
-  typeof t == "function" && (t = await t(r, e), y = !0), fn(i, t, "verify");
-  const l = Ft(Z.encode(e.protected ?? ""), Z.encode("."), typeof e.payload == "string" ? Z.encode(e.payload) : e.payload);
-  let h;
+    throw new m("JWS Payload must be a string or an Uint8Array instance");
+  let h = !1;
+  typeof t == "function" && (t = await t(n, e), h = !0), Zt(i, t, "verify");
+  const f = Dt(F.encode(e.protected ?? ""), F.encode("."), typeof e.payload == "string" ? F.encode(e.payload) : e.payload);
+  let p;
   try {
-    h = B(e.signature);
+    p = Y(e.signature);
   } catch {
-    throw new A("Failed to base64url decode the signature");
+    throw new m("Failed to base64url decode the signature");
   }
-  if (!await wn(i, t, h, l))
-    throw new zt();
-  let g;
-  if (o)
+  if (!await ar(i, t, p, f))
+    throw new $t();
+  let u;
+  if (s)
     try {
-      g = B(e.payload);
+      u = Y(e.payload);
     } catch {
-      throw new A("Failed to base64url decode the payload");
+      throw new m("Failed to base64url decode the payload");
     }
-  else typeof e.payload == "string" ? g = Z.encode(e.payload) : g = e.payload;
-  const f = { payload: g };
-  return e.protected !== void 0 && (f.protectedHeader = r), e.header !== void 0 && (f.unprotectedHeader = e.header), y ? { ...f, key: t } : f;
+  else typeof e.payload == "string" ? u = F.encode(e.payload) : u = e.payload;
+  const A = { payload: u };
+  return e.protected !== void 0 && (A.protectedHeader = n), e.header !== void 0 && (A.unprotectedHeader = e.header), h ? { ...A, key: t } : A;
 }
-async function An(e, t, n) {
-  if (e instanceof Uint8Array && (e = q.decode(e)), typeof e != "string")
-    throw new A("Compact JWS must be a string or Uint8Array");
-  const { 0: r, 1: a, 2: s, length: o } = e.split(".");
-  if (o !== 3)
-    throw new A("Invalid Compact JWS");
-  const i = await Sn({ payload: a, protected: r, signature: s }, t, n), c = { payload: i.payload, protectedHeader: i.protectedHeader };
+async function or(e, t, r) {
+  if (e instanceof Uint8Array && (e = G.decode(e)), typeof e != "string")
+    throw new m("Compact JWS must be a string or Uint8Array");
+  const { 0: n, 1: a, 2: o, length: s } = e.split(".");
+  if (s !== 3)
+    throw new m("Invalid Compact JWS");
+  const i = await sr({ payload: a, protected: n, signature: o }, t, r), c = { payload: i.payload, protectedHeader: i.protectedHeader };
   return typeof t == "function" ? { ...c, key: i.key } : c;
 }
-const Tn = (e) => Math.floor(e.getTime() / 1e3), at = 60, ot = at * 60, Ie = ot * 24, Rn = Ie * 7, bn = Ie * 365.25, In = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, $e = (e) => {
-  const t = In.exec(e);
+const ir = (e) => Math.floor(e.getTime() / 1e3), Qe = 60, Xe = Qe * 60, Ae = Xe * 24, cr = Ae * 7, ur = Ae * 365.25, lr = /^(\+|\-)? ?(\d+|\d+\.\d+) ?(seconds?|secs?|s|minutes?|mins?|m|hours?|hrs?|h|days?|d|weeks?|w|years?|yrs?|y)(?: (ago|from now))?$/i, Pe = (e) => {
+  const t = lr.exec(e);
   if (!t || t[4] && t[1])
     throw new TypeError("Invalid time period format");
-  const n = parseFloat(t[2]), r = t[3].toLowerCase();
+  const r = parseFloat(t[2]), n = t[3].toLowerCase();
   let a;
-  switch (r) {
+  switch (n) {
     case "sec":
     case "secs":
     case "second":
     case "seconds":
     case "s":
-      a = Math.round(n);
+      a = Math.round(r);
       break;
     case "minute":
     case "minutes":
     case "min":
     case "mins":
     case "m":
-      a = Math.round(n * at);
+      a = Math.round(r * Qe);
       break;
     case "hour":
     case "hours":
     case "hr":
     case "hrs":
     case "h":
-      a = Math.round(n * ot);
+      a = Math.round(r * Xe);
       break;
     case "day":
     case "days":
     case "d":
-      a = Math.round(n * Ie);
+      a = Math.round(r * Ae);
       break;
     case "week":
     case "weeks":
     case "w":
-      a = Math.round(n * Rn);
+      a = Math.round(r * cr);
       break;
     default:
-      a = Math.round(n * bn);
+      a = Math.round(r * ur);
       break;
   }
   return t[1] === "-" || t[4] === "ago" ? -a : a;
-}, Ke = (e) => e.toLowerCase().replace(/^application\//, ""), _n = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, vn = (e, t, n = {}) => {
-  let r;
+}, Ce = (e) => e.toLowerCase().replace(/^application\//, ""), dr = (e, t) => typeof e == "string" ? t.includes(e) : Array.isArray(e) ? t.some(Set.prototype.has.bind(new Set(e))) : !1, hr = (e, t, r = {}) => {
+  let n;
   try {
-    r = JSON.parse(q.decode(t));
+    n = JSON.parse(G.decode(t));
   } catch {
   }
-  if (!le(r))
-    throw new k("JWT Claims Set must be a top-level JSON object");
-  const { typ: a } = n;
-  if (a && (typeof e.typ != "string" || Ke(e.typ) !== Ke(a)))
-    throw new _('unexpected "typ" JWT header value', r, "typ", "check_failed");
-  const { requiredClaims: s = [], issuer: o, subject: i, audience: c, maxTokenAge: y } = n, l = [...s];
-  y !== void 0 && l.push("iat"), c !== void 0 && l.push("aud"), i !== void 0 && l.push("sub"), o !== void 0 && l.push("iss");
-  for (const u of new Set(l.reverse()))
-    if (!(u in r))
-      throw new _(`missing required "${u}" claim`, r, u, "missing");
-  if (o && !(Array.isArray(o) ? o : [o]).includes(r.iss))
-    throw new _('unexpected "iss" claim value', r, "iss", "check_failed");
-  if (i && r.sub !== i)
-    throw new _('unexpected "sub" claim value', r, "sub", "check_failed");
-  if (c && !_n(r.aud, typeof c == "string" ? [c] : c))
-    throw new _('unexpected "aud" claim value', r, "aud", "check_failed");
-  let h;
-  switch (typeof n.clockTolerance) {
+  if (!ae(n))
+    throw new v("JWT Claims Set must be a top-level JSON object");
+  const { typ: a } = r;
+  if (a && (typeof e.typ != "string" || Ce(e.typ) !== Ce(a)))
+    throw new R('unexpected "typ" JWT header value', n, "typ", "check_failed");
+  const { requiredClaims: o = [], issuer: s, subject: i, audience: c, maxTokenAge: h } = r, f = [...o];
+  h !== void 0 && f.push("iat"), c !== void 0 && f.push("aud"), i !== void 0 && f.push("sub"), s !== void 0 && f.push("iss");
+  for (const T of new Set(f.reverse()))
+    if (!(T in n))
+      throw new R(`missing required "${T}" claim`, n, T, "missing");
+  if (s && !(Array.isArray(s) ? s : [s]).includes(n.iss))
+    throw new R('unexpected "iss" claim value', n, "iss", "check_failed");
+  if (i && n.sub !== i)
+    throw new R('unexpected "sub" claim value', n, "sub", "check_failed");
+  if (c && !dr(n.aud, typeof c == "string" ? [c] : c))
+    throw new R('unexpected "aud" claim value', n, "aud", "check_failed");
+  let p;
+  switch (typeof r.clockTolerance) {
     case "string":
-      h = $e(n.clockTolerance);
+      p = Pe(r.clockTolerance);
       break;
     case "number":
-      h = n.clockTolerance;
+      p = r.clockTolerance;
       break;
     case "undefined":
-      h = 0;
+      p = 0;
       break;
     default:
       throw new TypeError("Invalid clockTolerance option type");
   }
-  const { currentDate: g } = n, f = Tn(g || /* @__PURE__ */ new Date());
-  if ((r.iat !== void 0 || y) && typeof r.iat != "number")
-    throw new _('"iat" claim must be a number', r, "iat", "invalid");
-  if (r.nbf !== void 0) {
-    if (typeof r.nbf != "number")
-      throw new _('"nbf" claim must be a number', r, "nbf", "invalid");
-    if (r.nbf > f + h)
-      throw new _('"nbf" claim timestamp check failed', r, "nbf", "check_failed");
-  }
-  if (r.exp !== void 0) {
-    if (typeof r.exp != "number")
-      throw new _('"exp" claim must be a number', r, "exp", "invalid");
-    if (r.exp <= f - h)
-      throw new Ne('"exp" claim timestamp check failed', r, "exp", "check_failed");
+  const { currentDate: u } = r, A = ir(u || /* @__PURE__ */ new Date());
+  if ((n.iat !== void 0 || h) && typeof n.iat != "number")
+    throw new R('"iat" claim must be a number', n, "iat", "invalid");
+  if (n.nbf !== void 0) {
+    if (typeof n.nbf != "number")
+      throw new R('"nbf" claim must be a number', n, "nbf", "invalid");
+    if (n.nbf > A + p)
+      throw new R('"nbf" claim timestamp check failed', n, "nbf", "check_failed");
+  }
+  if (n.exp !== void 0) {
+    if (typeof n.exp != "number")
+      throw new R('"exp" claim must be a number', n, "exp", "invalid");
+    if (n.exp <= A - p)
+      throw new ve('"exp" claim timestamp check failed', n, "exp", "check_failed");
+  }
+  if (h) {
+    const T = A - n.iat, le = typeof h == "number" ? h : Pe(h);
+    if (T - p > le)
+      throw new ve('"iat" claim timestamp check failed (too far in the past)', n, "iat", "check_failed");
+    if (T < 0 - p)
+      throw new R('"iat" claim timestamp check failed (it should be in the past)', n, "iat", "check_failed");
   }
-  if (y) {
-    const u = f - r.iat, m = typeof y == "number" ? y : $e(y);
-    if (u - h > m)
-      throw new Ne('"iat" claim timestamp check failed (too far in the past)', r, "iat", "check_failed");
-    if (u < 0 - h)
-      throw new _('"iat" claim timestamp check failed (it should be in the past)', r, "iat", "check_failed");
-  }
-  return r;
+  return n;
 };
-async function Cn(e, t, n) {
-  var r;
-  const a = await An(e, t, n);
-  if ((r = a.protectedHeader.crit) != null && r.includes("b64") && a.protectedHeader.b64 === !1)
-    throw new k("JWTs MUST NOT use unencoded payload");
-  const s = { payload: vn(a.protectedHeader, a.payload, n), protectedHeader: a.protectedHeader };
-  return typeof t == "function" ? { ...s, key: a.key } : s;
+async function pr(e, t, r) {
+  var n;
+  const a = await or(e, t, r);
+  if ((n = a.protectedHeader.crit) != null && n.includes("b64") && a.protectedHeader.b64 === !1)
+    throw new v("JWTs MUST NOT use unencoded payload");
+  const o = { payload: hr(a.protectedHeader, a.payload, r), protectedHeader: a.protectedHeader };
+  return typeof t == "function" ? { ...o, key: a.key } : o;
 }
-const Pn = B;
-function kn(e) {
+const fr = Y;
+function yr(e) {
   if (typeof e != "string")
-    throw new k("JWTs must use Compact JWS serialization, JWT must be a string");
-  const { 1: t, length: n } = e.split(".");
-  if (n === 5)
-    throw new k("Only JWTs using Compact JWS serialization can be decoded");
-  if (n !== 3)
-    throw new k("Invalid JWT");
+    throw new v("JWTs must use Compact JWS serialization, JWT must be a string");
+  const { 1: t, length: r } = e.split(".");
+  if (r === 5)
+    throw new v("Only JWTs using Compact JWS serialization can be decoded");
+  if (r !== 3)
+    throw new v("Invalid JWT");
   if (!t)
-    throw new k("JWTs must contain a payload");
-  let r;
+    throw new v("JWTs must contain a payload");
+  let n;
   try {
-    r = Pn(t);
+    n = fr(t);
   } catch {
-    throw new k("Failed to base64url decode the payload");
+    throw new v("Failed to base64url decode the payload");
   }
   let a;
   try {
-    a = JSON.parse(q.decode(r));
+    a = JSON.parse(G.decode(n));
   } catch {
-    throw new k("Failed to parse the decoded payload as JSON");
+    throw new v("Failed to parse the decoded payload as JSON");
   }
-  if (!le(a))
-    throw new k("Invalid JWT Claims Set");
+  if (!ae(a))
+    throw new v("Invalid JWT Claims Set");
   return a;
 }
-const J = async (e) => {
+const H = async (e) => {
   try {
-    const t = T.ALG, n = await dn(jt, t);
-    return await Cn(e, n, {
-      issuer: T.ISSUER
+    const t = S.ALG, r = await zt(Nt, t);
+    return await pr(e, r, {
+      issuer: S.ISSUER
     });
   } catch {
     return;
   }
-}, On = (e) => {
+}, gr = (e) => {
   try {
-    return kn(e);
+    return yr(e);
   } catch {
     return;
   }
 };
-var w = [];
-for (var Se = 0; Se < 256; ++Se)
-  w.push((Se + 256).toString(16).slice(1));
-function Nn(e, t = 0) {
-  return (w[e[t + 0]] + w[e[t + 1]] + w[e[t + 2]] + w[e[t + 3]] + "-" + w[e[t + 4]] + w[e[t + 5]] + "-" + w[e[t + 6]] + w[e[t + 7]] + "-" + w[e[t + 8]] + w[e[t + 9]] + "-" + w[e[t + 10]] + w[e[t + 11]] + w[e[t + 12]] + w[e[t + 13]] + w[e[t + 14]] + w[e[t + 15]]).toLowerCase();
+var g = [];
+for (var ge = 0; ge < 256; ++ge)
+  g.push((ge + 256).toString(16).slice(1));
+function Er(e, t = 0) {
+  return (g[e[t + 0]] + g[e[t + 1]] + g[e[t + 2]] + g[e[t + 3]] + "-" + g[e[t + 4]] + g[e[t + 5]] + "-" + g[e[t + 6]] + g[e[t + 7]] + "-" + g[e[t + 8]] + g[e[t + 9]] + "-" + g[e[t + 10]] + g[e[t + 11]] + g[e[t + 12]] + g[e[t + 13]] + g[e[t + 14]] + g[e[t + 15]]).toLowerCase();
 }
-var te, Dn = new Uint8Array(16);
-function Un() {
-  if (!te && (te = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !te))
+var q, mr = new Uint8Array(16);
+function wr() {
+  if (!q && (q = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !q))
     throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
-  return te(Dn);
+  return q(mr);
 }
-var $n = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
-const He = {
-  randomUUID: $n
+var Sr = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
+const Ne = {
+  randomUUID: Sr
 };
-function Le(e, t, n) {
-  if (He.randomUUID && !t && !e)
-    return He.randomUUID();
+function De(e, t, r) {
+  if (Ne.randomUUID && !t && !e)
+    return Ne.randomUUID();
   e = e || {};
-  var r = e.random || (e.rng || Un)();
-  return r[6] = r[6] & 15 | 64, r[8] = r[8] & 63 | 128, Nn(r);
+  var n = e.random || (e.rng || wr)();
+  return n[6] = n[6] & 15 | 64, n[8] = n[8] & 63 | 128, Er(n);
 }
-const We = globalThis.crypto, Kn = (e) => `${Le()}${Le()}`.slice(0, e), Hn = (e) => btoa(
+const Ue = globalThis.crypto, Ar = (e) => `${De()}${De()}`.slice(0, e), Tr = (e) => btoa(
   [...new Uint8Array(e)].map((t) => String.fromCharCode(t)).join("")
 );
-async function Ln(e) {
-  if (!We.subtle)
+async function Rr(e) {
+  if (!Ue.subtle)
     throw new Error(
       "crypto.subtle is available only in secure contexts (HTTPS)."
     );
-  const t = new TextEncoder().encode(e), n = await We.subtle.digest("SHA-256", t);
-  return Hn(n).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+  const t = new TextEncoder().encode(e), r = await Ue.subtle.digest("SHA-256", t);
+  return Tr(r).replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
 }
-async function Wn(e) {
-  const n = Kn(43), r = await Ln(n);
+async function _r(e) {
+  const r = Ar(43), n = await Rr(r);
   return {
-    code_verifier: n,
-    code_challenge: r
+    code_verifier: r,
+    code_challenge: n
   };
 }
-const Hr = async (e, t) => {
-  var n;
-  const r = await J(e);
-  if (!r || !Array.isArray((n = r.payload) == null ? void 0 : n[T.SCOPES_KEY]))
+const Br = async (e, t) => {
+  var r;
+  const n = await H(e);
+  if (!n || !Array.isArray((r = n.payload) == null ? void 0 : r[S.SCOPES_KEY]))
     return !1;
-  const a = r.payload[T.SCOPES_KEY];
-  return Array.isArray(t) ? t.every((s) => a.includes(s)) : Object.keys(t).some(
-    (s) => t[s].every((o) => a.includes(o))
+  const a = n.payload[S.SCOPES_KEY];
+  return Array.isArray(t) ? t.every((o) => a.includes(o)) : Object.keys(t).some(
+    (o) => t[o].every((s) => a.includes(s))
   );
 };
-function st(e, t) {
+function Ze(e, t) {
   window.dispatchEvent(new StorageEvent("storage", { key: e, newValue: t }));
 }
-const xe = (e, t) => {
-  const n = JSON.stringify(
+const Ke = (e, t) => {
+  const r = JSON.stringify(
     typeof t == "function" ? t() : t
   );
-  window.localStorage.setItem(e, n), st(e, n);
-}, xn = (e) => {
-  window.localStorage.removeItem(e), st(e, null);
-}, Me = (e) => window.localStorage.getItem(e), Mn = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
-function ne({
+  window.localStorage.setItem(e, r), Ze(e, r);
+}, Ir = (e) => {
+  window.localStorage.removeItem(e), Ze(e, null);
+}, $e = (e) => window.localStorage.getItem(e), br = (e) => (window.addEventListener("storage", e), () => window.removeEventListener("storage", e));
+function z({
   key: e,
   initialValue: t
 }) {
-  const n = $t(Mn, () => Me(e)), r = U(
-    (o) => {
+  const r = St(br, () => $e(e)), n = N(
+    (s) => {
       try {
-        const i = typeof o == "function" ? o(JSON.parse(n)) : o;
-        i == null ? xn(e) : xe(e, i);
+        const i = typeof s == "function" ? s(JSON.parse(r)) : s;
+        i == null ? Ir(e) : Ke(e, i);
       } catch (i) {
         console.warn(i);
       }
     },
-    [e, n]
-  ), a = U(() => {
-    r(t);
-  }, [t, r]), s = U(() => {
-    r(null);
-  }, [r]);
-  return Re(() => {
+    [e, r]
+  ), a = N(() => {
+    n(t);
+  }, [t, n]), o = N(() => {
+    n(null);
+  }, [n]);
+  return He(() => {
     try {
-      Me(e) === null && typeof t < "u" && xe(e, t);
-    } catch (o) {
-      console.warn(o);
+      $e(e) === null && typeof t < "u" && Ke(e, t);
+    } catch (s) {
+      console.warn(s);
     }
-  }, [e, t]), [n ? JSON.parse(n) : null, r, a, s];
+  }, [e, t]), [r ? JSON.parse(r) : null, n, a, o];
 }
-var S = [];
-for (var Ae = 0; Ae < 256; ++Ae)
-  S.push((Ae + 256).toString(16).slice(1));
-function Gn(e, t = 0) {
-  return (S[e[t + 0]] + S[e[t + 1]] + S[e[t + 2]] + S[e[t + 3]] + "-" + S[e[t + 4]] + S[e[t + 5]] + "-" + S[e[t + 6]] + S[e[t + 7]] + "-" + S[e[t + 8]] + S[e[t + 9]] + "-" + S[e[t + 10]] + S[e[t + 11]] + S[e[t + 12]] + S[e[t + 13]] + S[e[t + 14]] + S[e[t + 15]]).toLowerCase();
+var E = [];
+for (var Ee = 0; Ee < 256; ++Ee)
+  E.push((Ee + 256).toString(16).slice(1));
+function vr(e, t = 0) {
+  return (E[e[t + 0]] + E[e[t + 1]] + E[e[t + 2]] + E[e[t + 3]] + "-" + E[e[t + 4]] + E[e[t + 5]] + "-" + E[e[t + 6]] + E[e[t + 7]] + "-" + E[e[t + 8]] + E[e[t + 9]] + "-" + E[e[t + 10]] + E[e[t + 11]] + E[e[t + 12]] + E[e[t + 13]] + E[e[t + 14]] + E[e[t + 15]]).toLowerCase();
 }
-var re, Jn = new Uint8Array(16);
-function Yn() {
-  if (!re && (re = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !re))
+var Q, Or = new Uint8Array(16);
+function kr() {
+  if (!Q && (Q = typeof crypto < "u" && crypto.getRandomValues && crypto.getRandomValues.bind(crypto), !Q))
     throw new Error("crypto.getRandomValues() not supported. See https://github.com/uuidjs/uuid#getrandomvalues-not-supported");
-  return re(Jn);
+  return Q(Or);
 }
-var Vn = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
-const Ge = {
-  randomUUID: Vn
+var Pr = typeof crypto < "u" && crypto.randomUUID && crypto.randomUUID.bind(crypto);
+const Le = {
+  randomUUID: Pr
 };
-function Te(e, t, n) {
-  if (Ge.randomUUID && !t && !e)
-    return Ge.randomUUID();
+function me(e, t, r) {
+  if (Le.randomUUID && !t && !e)
+    return Le.randomUUID();
   e = e || {};
-  var r = e.random || (e.rng || Yn)();
-  return r[6] = r[6] & 15 | 64, r[8] = r[8] & 63 | 128, Gn(r);
+  var n = e.random || (e.rng || kr)();
+  return n[6] = n[6] & 15 | 64, n[8] = n[8] & 63 | 128, vr(n);
 }
-const H = "Your session has expired. For your security, please log in again to continue.", jn = "Your session has been successfully terminated.", ae = "Login failed. Please try again.", Fn = "Error getting access token, please re-authenticate.", Bn = "You forgot to wrap your component in <AuthProvider>.", de = {
+const U = "Your session has expired. For your security, please log in again to continue.", Cr = "Your session has been successfully terminated.", we = "Login failed. Please try again.", Nr = "Error getting access token, please re-authenticate.", Dr = "You forgot to wrap your component in <AuthProvider>.", se = {
   dev: "https://auth.gizmette.local.com:3003",
   prod: "https://mylogin.gizmette.com/auth"
-}, oe = "@@auth@@", j = "LOADING", F = "LOGIN", it = "LOGOUT", fe = "success", C = "failure", ct = "include", ut = "POST", lt = "application/json", se = {
+}, X = "@@auth@@", J = "LOADING", te = "LOGIN", et = "LOGOUT", M = "success", I = "failure", tt = "include", rt = "POST", nt = "application/json", Z = {
   GET_REGISTRATION_OPTIONS: `mutation GetPasskeyRegistrationOptions(
 	$clientId: String!,
 	$username: String!,
@@ -1237,14 +1241,16 @@ const H = "Your session has expired. For your security, please log in again to c
 		$authentication: AuthenticationOptionsInput!,
 		$nonce: String!,
 		$domain: String,
-		$fingerprint: String) {
+		$sessionExpiration: String,
+		$ua: String) {
 		verifyPasskeyAuthentication(
 			clientId: $clientId,
 			id: $id,
 			authentication: $authentication,
 			nonce: $nonce,
 			domain: $domain,
-			fingerprint: $fingerprint) {
+			sessionExpiration: $sessionExpiration,
+			ua: $ua) {
 				status,
 				idToken,
 				accessToken,
@@ -1253,515 +1259,151 @@ const H = "Your session has expired. For your security, please log in again to c
 				username,
 		}
 	}`
-};
-/*!
-  @versini/ui-fingerprint v1.0.1
-  © 2024 gizmette.com
-*/
-try {
-  window.__VERSINI_UI_FINGERPRINT__ || (window.__VERSINI_UI_FINGERPRINT__ = {
-    version: "1.0.1",
-    buildTime: "07/18/2024 09:17 AM EDT",
-    homepage: "https://github.com/aversini/ui-components",
-    license: "MIT"
-  });
-} catch {
-}
-const qn = (e) => Array.from(e).map((t) => t.toString(16).padStart(2, "0")).join(""), dt = async (e) => {
-  if (e === "")
-    return "";
-  const t = new TextEncoder().encode(e), n = await crypto.subtle.digest("SHA-256", t);
-  return Array.from(new Uint8Array(n)).map((r) => r.toString(16).padStart(2, "0")).join("");
-};
-function Je(e, t) {
-  return new Promise((n) => setTimeout(n, e, t));
-}
-async function zn(e, t, n = 50) {
-  var r, a, s;
-  const o = document;
-  for (; !o.body; )
-    await Je(n);
-  const i = o.createElement("iframe");
-  try {
-    for (await new Promise((c, y) => {
-      let l = !1;
-      const h = () => {
-        l = !0, c();
-      }, g = (m) => {
-        l = !0, y(m);
-      };
-      i.onload = h, i.onerror = g;
-      const { style: f } = i;
-      f.setProperty("display", "block", "important"), f.position = "absolute", f.top = "0", f.left = "0", f.visibility = "hidden", i.src = "about:blank", o.body.appendChild(i);
-      const u = () => {
-        var m, R;
-        l || (((R = (m = i.contentWindow) == null ? void 0 : m.document) == null ? void 0 : R.readyState) === "complete" ? h() : setTimeout(u, 10));
-      };
-      u();
-    }); !((a = (r = i.contentWindow) == null ? void 0 : r.document) != null && a.body); )
-      await Je(n);
-    return await e(i, i.contentWindow);
-  } finally {
-    (s = i.parentNode) == null || s.removeChild(i);
-  }
-}
-const Qn = {
-  audio: {
-    sampleHash: "",
-    oscillator: "",
-    maxChannels: 0,
-    channelCountMode: ""
-  }
-}, Xn = async (e) => new Promise((t) => {
-  try {
-    const n = new window.OfflineAudioContext(1, 5e3, 44100), r = n.createBufferSource(), a = n.createOscillator();
-    a.frequency.value = 1e3;
-    const s = n.createDynamicsCompressor();
-    s.threshold.value = -50, s.knee.value = 40, s.ratio.value = 12, s.attack.value = 0, s.release.value = 0.2, a.connect(s), s.connect(n.destination), a.start(), n.startRendering(), n.oncomplete = (o) => {
-      const i = o.renderedBuffer.getChannelData(0);
-      a.disconnect(), s.disconnect(), t({
-        audio: {
-          sampleHash: qn(i),
-          oscillator: a.type,
-          maxChannels: n.destination.maxChannelCount,
-          channelCountMode: r.channelCountMode
-        }
-      });
-    };
-  } catch {
-    t({
-      audio: {
-        sampleHash: "",
-        oscillator: "",
-        maxChannels: 0,
-        channelCountMode: ""
-      }
-    });
-  }
-}), ht = { browser: "" }, Zn = async (e) => typeof navigator > "u" ? ht : { browser: navigator.userAgent }, pt = {
-  canvas: {
-    data: ""
-  }
-}, er = async (e) => {
-  try {
-    const t = Array.from(
-      { length: 3 },
-      () => tr(300, 30)
-    ), n = rr(t, 300, 30);
-    return {
-      canvas: {
-        data: (await dt(n.data.toString())).toString()
-      }
-    };
-  } catch {
-    return pt;
-  }
-}, tr = (e, t) => {
-  const n = document.createElement("canvas"), r = n.getContext("2d");
-  if (!r)
-    return new ImageData(1, 1);
-  n.width = e, n.height = t;
-  const a = r.createLinearGradient(0, 0, n.width, n.height);
-  a.addColorStop(0, "red"), a.addColorStop(1 / 6, "orange"), a.addColorStop(2 / 6, "yellow"), a.addColorStop(3 / 6, "green"), a.addColorStop(4 / 6, "blue"), a.addColorStop(5 / 6, "indigo"), a.addColorStop(1, "violet"), r.fillStyle = a, r.fillRect(0, 0, n.width, n.height);
-  const s = "mmMwWLliI0O&1 - Les sanglots longs des violons de l'automne blessent mon coeur d'une langueur monotone";
-  return r.font = "26.321px Arial", r.fillStyle = "black", r.fillText(s, -5, 15), r.fillStyle = "rgba(0, 0, 255, 0.5)", r.fillText(s, -3.3, 17.7), r.beginPath(), r.moveTo(0, 0), r.lineTo(n.width * 2 / 7, n.height), r.strokeStyle = "white", r.lineWidth = 2, r.stroke(), r.getImageData(0, 0, n.width, n.height);
-}, nr = (e) => {
-  if (e.length === 0)
-    return 0;
-  const t = {};
-  for (const r of e)
-    t[r] = (t[r] || 0) + 1;
-  let n = e[0];
-  for (const r in t)
-    t[r] > t[n] && (n = parseInt(r, 10));
-  return n;
-}, rr = (e, t, n) => {
-  const r = [];
-  for (let o = 0; o < e[0].data.length; o++) {
-    const i = [];
-    for (let c = 0; c < e.length; c++)
-      i.push(e[c].data[o]);
-    r.push(nr(i));
-  }
-  const a = r, s = new Uint8ClampedArray(a);
-  return new ImageData(s, t, n);
-}, ar = [], or = "mmMwWLliI0O&1", sr = "48px", L = ["monospace", "sans-serif", "serif"], Ye = [
-  "sans-serif-thin",
-  "ARNO PRO",
-  "Agency FB",
-  "Arabic Typesetting",
-  "Arial Unicode MS",
-  "AvantGarde Bk BT",
-  "BankGothic Md BT",
-  "Bitstream Vera Sans Mono",
-  "Calibri",
-  "Century",
-  "Century Gothic",
-  "Clarendon",
-  "EUROSTILE",
-  "Franklin Gothic",
-  "GOTHAM",
-  "Gill Sans",
-  "Helvetica Neue",
-  "Letter Gothic",
-  "Menlo",
-  "MS Outlook",
-  "MS Reference Specialty",
-  "MS UI Gothic",
-  "MT Extra",
-  "MYRIAD PRO",
-  "Marlett",
-  "Microsoft Uighur",
-  "Minion Pro",
-  "Monotype Corsiva",
-  "PMingLiU",
-  "Pristina",
-  "SCRIPTINA",
-  "SimHei",
-  "Small Fonts",
-  "Staccato222 BT",
-  "TRAJAN PRO",
-  "Univers CE 55 Medium",
-  "ZWAdobeF"
-], ir = async (e) => zn(async (t, { document: n }) => {
-  const r = n.body;
-  r.style.fontSize = sr;
-  const a = n.createElement("div");
-  a.style.setProperty("visibility", "hidden", "important");
-  const s = {}, o = {}, i = (u) => {
-    const m = n.createElement("span"), { style: R } = m;
-    return R.position = "absolute", R.top = "0", R.left = "0", R.fontFamily = u, m.textContent = or, a.appendChild(m), m;
-  }, c = (u, m) => i(`'${u}',${m}`), y = () => L.map(i), l = () => {
-    const u = {};
-    for (const m of Ye)
-      u[m] = L.map(
-        (R) => c(m, R)
-      );
-    return u;
-  }, h = (u) => L.some(
-    (m, R) => u[R].offsetWidth !== s[m] || u[R].offsetHeight !== o[m]
-  ), g = y(), f = l();
-  r.appendChild(a);
-  for (let u = 0; u < L.length; u++)
-    s[L[u]] = g[u].offsetWidth, o[L[u]] = g[u].offsetHeight;
-  return Ye.filter((u) => h(f[u]));
-}), ft = {
-  vendor: "",
-  vendorUnmasked: "",
-  renderer: "",
-  rendererUnmasked: "",
-  version: "",
-  shadingLanguageVersion: ""
-}, yt = {
-  hardware: {
-    videocard: ft,
-    architecture: 0,
-    deviceMemory: "undefined",
-    jsHeapSizeLimit: 0
-  }
-};
-function cr() {
-  const e = document.createElement("canvas"), t = e.getContext("webgl") ?? e.getContext("experimental-webgl");
-  if (t && "getParameter" in t) {
-    const n = t.getExtension("WEBGL_debug_renderer_info");
-    return {
-      vendor: (t.getParameter(t.VENDOR) || "").toString(),
-      vendorUnmasked: n ? (t.getParameter(n.UNMASKED_VENDOR_WEBGL) || "").toString() : "",
-      renderer: (t.getParameter(t.RENDERER) || "").toString(),
-      rendererUnmasked: n ? (t.getParameter(n.UNMASKED_RENDERER_WEBGL) || "").toString() : "",
-      version: (t.getParameter(t.VERSION) || "").toString(),
-      shadingLanguageVersion: (t.getParameter(t.SHADING_LANGUAGE_VERSION) || "").toString()
-    };
-  }
-  return ft;
-}
-function ur() {
-  const e = new Float32Array(1), t = new Uint8Array(e.buffer);
-  return e[0] = 1 / 0, e[0] = e[0] - e[0], t[3];
-}
-const lr = () => navigator.deviceMemory || 0, dr = () => window.performance && window.performance.memory || {
-  jsHeapSizeLimit: 0
-}, hr = async (e) => new Promise((t) => {
-  try {
-    const n = lr(), r = dr();
-    t({
-      hardware: {
-        videocard: cr(),
-        architecture: ur(),
-        deviceMemory: n.toString() || "undefined",
-        jsHeapSizeLimit: r.jsHeapSizeLimit || 0
-      }
-    });
-  } catch {
-    t(yt);
-  }
-}), pr = {
-  locales: {
-    languages: "",
-    timezone: ""
-  }
-}, fr = async (e) => new Promise((t) => {
-  t({
-    locales: {
-      languages: navigator.language,
-      timezone: Intl.DateTimeFormat().resolvedOptions().timeZone
-    }
-  });
-}), gt = {
-  screen: {
-    colorDepth: 0,
-    pixelDepth: 0,
-    isTouchScreen: !1,
-    maxTouchPoints: 0,
-    mediaMatches: []
-  }
-}, yr = async (e) => new Promise((t) => {
-  try {
-    const n = window.screen, r = {
-      screen: {
-        colorDepth: n.colorDepth,
-        pixelDepth: n.pixelDepth,
-        isTouchScreen: navigator.maxTouchPoints > 0,
-        maxTouchPoints: navigator.maxTouchPoints,
-        mediaMatches: gr()
-      }
-    };
-    t(r);
-  } catch {
-    t(gt);
-  }
-});
-function gr() {
-  const e = [], t = {
-    "prefers-contrast": [
-      "high",
-      "more",
-      "low",
-      "less",
-      "forced",
-      "no-preference"
-    ],
-    "any-hover": ["hover", "none"],
-    "any-pointer": ["none", "coarse", "fine"],
-    pointer: ["none", "coarse", "fine"],
-    hover: ["hover", "none"],
-    update: ["fast", "slow"],
-    "inverted-colors": ["inverted", "none"],
-    "prefers-reduced-motion": ["reduce", "no-preference"],
-    "prefers-reduced-transparency": ["reduce", "no-preference"],
-    scripting: ["none", "initial-only", "enabled"],
-    "forced-colors": ["active", "none"],
-    "color-gamut": ["srgb", "p3", "rec2020"]
-  };
-  return Object.keys(t).forEach((n) => {
-    t[n].forEach((r) => {
-      matchMedia(`(${n}: ${r})`).matches && e.push(`${n}: ${r}`);
-    });
-  }), e;
-}
-const mr = async (e) => {
-  try {
-    return {
-      system: {
-        platform: navigator.platform,
-        cookieEnabled: navigator.cookieEnabled,
-        productSub: navigator.productSub,
-        product: navigator.product
-      }
-    };
-  } catch {
-    return mt;
-  }
-}, mt = {
-  system: {
-    platform: "",
-    cookieEnabled: !1,
-    productSub: "",
-    product: ""
-  }
-}, Er = async (e) => {
-  try {
-    return Promise.all([
-      Xn(e),
-      Zn(),
-      er(e),
-      ir(),
-      hr(e),
-      fr(),
-      yr(e),
-      mr(e)
-    ]);
-  } catch {
-    return [
-      Qn,
-      ht,
-      pt,
-      ar,
-      yt,
-      pr,
-      gt,
-      mt
-    ];
-  }
-}, wr = async (e) => {
-  try {
-    const t = await Er(e);
-    return await dt(JSON.stringify(t));
-  } catch {
-    return "";
-  }
-}, W = {
+}, K = {
   GET_REGISTRATION_OPTIONS: {
-    schema: se.GET_REGISTRATION_OPTIONS,
+    schema: Z.GET_REGISTRATION_OPTIONS,
     method: "getPasskeyRegistrationOptions"
   },
   VERIFY_REGISTRATION: {
-    schema: se.VERIFY_REGISTRATION,
+    schema: Z.VERIFY_REGISTRATION,
     method: "verifyPasskeyRegistration"
   },
   GET_AUTHENTICATION_OPTIONS: {
-    schema: se.GET_AUTHENTICATION_OPTIONS,
+    schema: Z.GET_AUTHENTICATION_OPTIONS,
     method: "getPasskeyAuthenticationOptions"
   },
   VERIFY_AUTHENTICATION: {
-    schema: se.VERIFY_AUTHENTICATION,
+    schema: Z.VERIFY_AUTHENTICATION,
     method: "verifyPasskeyAuthentication"
   }
-}, x = async ({
+}, $ = async ({
   accessToken: e,
   type: t,
-  clientId: n,
-  params: r = {}
+  clientId: r,
+  params: n = {}
 }) => {
   try {
-    const a = r, s = `Bearer ${e}`, o = await fetch(
-      Et ? `${de.dev}/graphql` : `${de.prod}/graphql`,
+    const a = `Bearer ${e}`, o = await fetch(
+      at ? `${se.dev}/graphql` : `${se.prod}/graphql`,
       {
-        credentials: ct,
-        method: ut,
+        credentials: tt,
+        method: rt,
         headers: {
-          authorization: s,
-          "Content-Type": lt,
-          [ze.CLIENT_ID]: `${n}`
+          authorization: a,
+          "Content-Type": nt,
+          [Ge.CLIENT_ID]: `${r}`
         },
         body: JSON.stringify({
           query: t.schema,
-          variables: a
+          variables: n
         })
       }
     );
     if (o.status !== 200)
-      return { status: C, data: [] };
-    const { data: i } = await o.json();
+      return { status: I, data: [] };
+    const { data: s } = await o.json();
     return {
-      status: fe,
-      data: i[t.method]
+      status: M,
+      data: s[t.method]
     };
   } catch (a) {
-    return console.error(a), { status: C, data: [] };
+    return console.error(a), { status: I, data: [] };
   }
-}, ye = async ({
+}, ue = async ({
   type: e,
   clientId: t,
-  params: n = {}
+  params: r = {}
 }) => {
   try {
-    const r = await fetch(
-      Et ? `${de.dev}/${e}` : `${de.prod}/${e}`,
+    const n = await fetch(
+      at ? `${se.dev}/${e}` : `${se.prod}/${e}`,
       {
-        credentials: ct,
-        method: ut,
+        credentials: tt,
+        method: rt,
         headers: {
-          "Content-Type": lt,
-          [ze.CLIENT_ID]: `${t}`
+          "Content-Type": nt,
+          [Ge.CLIENT_ID]: `${t}`
         },
-        body: JSON.stringify(n)
+        body: JSON.stringify(r)
       }
     );
-    if (r.status !== 200)
-      return { status: C, data: [] };
-    const { data: a } = await r.json();
+    if (n.status !== 200)
+      return { status: I, data: [] };
+    const { data: a } = await n.json();
     return {
-      status: fe,
+      status: M,
       data: a || []
     };
-  } catch (r) {
-    return console.error(r), { status: C, data: [] };
+  } catch (n) {
+    return console.error(n), { status: I, data: [] };
   }
-}, Sr = process.env.NODE_ENV === "production", Et = !Sr, wt = {
+}, Ur = process.env.NODE_ENV === "production", at = !Ur, st = {
   isLoading: !0,
   isAuthenticated: !1,
-  authenticationType: null,
   user: void 0,
   logoutReason: "",
   debug: !1
-}, Ar = (e) => {
+}, Kr = (e) => {
   try {
-    const t = On(e);
-    return t ? t[T.USER_ID_KEY] : "";
+    const t = gr(e);
+    return t ? t[S.USER_ID_KEY] : "";
   } catch {
     return "";
   }
-}, Tr = async ({
+}, $r = async ({
   userId: e,
-  idToken: t,
-  accessToken: n,
-  refreshToken: r,
-  clientId: a,
-  domain: s
+  clientId: t,
+  domain: r
 }) => {
   try {
     return {
-      status: (await ye({
-        type: he.LOGOUT,
-        clientId: a,
+      status: (await ue({
+        type: ie.LOGOUT,
+        clientId: t,
         params: {
           userId: e,
-          idToken: t,
-          accessToken: n,
-          refreshToken: r,
-          domain: s
+          domain: r
         }
-      }))?.status || C
+      }))?.status || I
     };
   } catch {
     return {
-      status: C
+      status: I
     };
   }
-}, Ve = async ({
+}, Lr = async ({
   username: e,
   password: t,
-  clientId: n,
-  nonce: r,
+  clientId: r,
+  nonce: n,
   type: a,
-  sessionExpiration: s,
-  code: o,
+  sessionExpiration: o,
+  code: s,
   code_verifier: i,
   domain: c,
-  fingerprint: y
+  ua: h
 }) => {
   try {
-    const l = await ye({
-      type: he.AUTHENTICATE,
-      clientId: n,
+    const f = await ue({
+      type: ie.LOGIN,
+      clientId: r,
       params: {
-        type: a || G.ID_AND_ACCESS_TOKEN,
+        type: a || oe.ID_AND_ACCESS_TOKEN,
         username: e,
         password: t,
-        sessionExpiration: s,
-        nonce: r,
-        code: o,
+        sessionExpiration: o,
+        nonce: n,
+        code: s,
         code_verifier: i,
         domain: c,
-        fingerprint: y
+        ua: h
       }
-    }), h = await J(l?.data?.idToken);
-    return h && h.payload[T.USER_ID_KEY] !== "" && h.payload[T.NONCE_KEY] === r ? {
-      idToken: l.data.idToken,
-      accessToken: l.data.accessToken,
-      refreshToken: l.data.refreshToken,
-      userId: h.payload[T.USER_ID_KEY],
+    }), p = await H(f?.data?.idToken);
+    return p && p.payload[S.USER_ID_KEY] !== "" && p.payload[S.NONCE_KEY] === n ? {
+      idToken: f.data.idToken,
+      accessToken: f.data.accessToken,
+      refreshToken: f.data.refreshToken,
+      userId: p.payload[S.USER_ID_KEY],
       status: !0
     } : {
       status: !1
@@ -1771,60 +1413,59 @@ const mr = async (e) => {
       status: !1
     };
   }
-}, Rr = async ({
+}, Hr = async ({
   nonce: e,
   clientId: t,
-  code_challenge: n
+  code_challenge: r
 }) => {
   try {
-    const r = await ye({
-      type: he.CODE,
+    const n = await ue({
+      type: ie.CODE,
       clientId: t,
       params: {
-        type: G.CODE,
+        type: oe.CODE,
         nonce: e,
-        code_challenge: n
+        code_challenge: r
       }
     });
-    return r?.data?.code ? {
-      status: fe,
-      data: r.data.code
+    return n?.data?.code ? {
+      status: M,
+      data: n.data.code
     } : {
-      status: C,
+      status: I,
       data: ""
     };
   } catch {
     return {
-      status: C,
+      status: I,
       data: ""
     };
   }
-}, br = async ({
+}, Wr = async ({
   clientId: e,
   userId: t,
-  nonce: n,
-  refreshToken: r,
+  nonce: r,
+  refreshToken: n,
   accessToken: a,
-  domain: s
+  domain: o
 }) => {
   try {
-    const o = await ye({
-      type: he.AUTHENTICATE,
+    const s = await ue({
+      type: ie.REFRESH,
       clientId: e,
       params: {
-        type: G.REFRESH_TOKEN,
+        type: oe.REFRESH_TOKEN,
         userId: t,
-        nonce: n,
-        refreshToken: r,
+        nonce: r,
+        refreshToken: n,
         accessToken: a,
-        domain: s,
-        fingerprint: await St()
+        domain: o
       }
-    }), i = await J(o?.data?.accessToken);
-    return i && i.payload[T.USER_ID_KEY] !== "" && i.payload[T.NONCE_KEY] === n ? {
-      accessToken: o.data.accessToken,
-      refreshToken: o.data.refreshToken,
-      userId: i.payload[T.USER_ID_KEY],
+    }), i = await H(s?.data?.accessToken);
+    return i && i.payload[S.USER_ID_KEY] !== "" && i.payload[S.NONCE_KEY] === r ? {
+      accessToken: s.data.accessToken,
+      refreshToken: s.data.refreshToken,
+      userId: i.payload[S.USER_ID_KEY],
       status: !0
     } : {
       status: !1
@@ -1834,30 +1475,24 @@ const mr = async (e) => {
       status: !1
     };
   }
-}, St = async () => {
-  try {
-    return await wr();
-  } catch {
-    return "";
-  }
 };
-class Ir {
-  constructor(t = null, n = null) {
-    X(this, "refreshTokenPromise", null);
-    X(this, "accessToken");
-    X(this, "refreshToken");
-    this.accessToken = t || "", this.refreshToken = n || "";
+class xr {
+  constructor(t = null, r = null) {
+    j(this, "refreshTokenPromise", null);
+    j(this, "accessToken");
+    j(this, "refreshToken");
+    this.accessToken = t || "", this.refreshToken = r || "";
   }
   async refreshtoken({
     clientId: t,
-    userId: n,
-    nonce: r,
+    userId: r,
+    nonce: n,
     domain: a
   }) {
     this.refreshTokenPromise || (this.refreshTokenPromise = this._refreshToken({
       clientId: t,
-      userId: n,
-      nonce: r,
+      userId: r,
+      nonce: n,
       domain: a
     }));
     try {
@@ -1868,365 +1503,326 @@ class Ir {
   }
   async _refreshToken({
     clientId: t,
-    userId: n,
-    nonce: r,
+    userId: r,
+    nonce: n,
     domain: a
   }) {
-    const s = await J(this.refreshToken);
-    if (s && s.payload[T.USER_ID_KEY] !== "") {
-      const o = await br({
+    const o = await H(this.refreshToken);
+    if (o && o.payload[S.USER_ID_KEY] !== "") {
+      const s = await Wr({
         clientId: t,
-        userId: n,
-        nonce: r,
+        userId: r,
+        nonce: n,
         refreshToken: this.refreshToken,
         accessToken: this.accessToken,
         domain: a
       });
-      return o.status ? (this.accessToken = o.accessToken, this.refreshToken = o.refreshToken, {
-        status: fe,
-        newAccessToken: o.accessToken,
-        newRefreshToken: o.refreshToken
+      return s.status ? (this.accessToken = s.accessToken, this.refreshToken = s.refreshToken, {
+        status: M,
+        newAccessToken: s.accessToken,
+        newRefreshToken: s.refreshToken
       }) : {
-        status: C
+        status: I
       };
     } else
       return {
-        status: C
+        status: I
       };
   }
 }
-const _r = (e) => U(
+const Jr = (e) => N(
   (...t) => {
     e && console.info(`==> [Auth ${Date.now()}]: `, ...t);
   },
   [e]
-), M = () => {
-  throw new Error(Bn);
-}, At = Kt({
+), L = () => {
+  throw new Error(Dr);
+}, ot = At({
   isAuthenticated: !1,
   isLoading: !1,
-  authenticationType: null,
-  login: M,
-  logout: M,
-  getAccessToken: M,
-  getIdToken: M,
-  registeringForPasskey: M,
-  loginWithPasskey: M,
+  login: L,
+  logout: L,
+  getAccessToken: L,
+  getIdToken: L,
+  registeringForPasskey: L,
+  loginWithPasskey: L,
   logoutReason: ""
-}), vr = Ut.createContext({
-  state: wt,
+}), Yr = wt.createContext({
+  state: st,
   dispatch: () => {
   }
-}), Cr = (e, t) => t?.type === j ? {
+}), Gr = (e, t) => t?.type === J ? {
   ...e,
   isLoading: t.payload.isLoading
-} : t?.type === F ? {
+} : t?.type === te ? {
   ...e,
   isLoading: !1,
   isAuthenticated: !0,
   user: t.payload.user,
-  authenticationType: t.payload.authenticationType,
   logoutReason: ""
-} : t?.type === it ? {
+} : t?.type === et ? {
   ...e,
   isLoading: !1,
   isAuthenticated: !1,
   user: void 0,
-  authenticationType: null,
   logoutReason: t.payload.logoutReason
-} : e, Lr = ({
+} : e, qr = ({
   children: e,
   sessionExpiration: t,
-  clientId: n,
-  domain: r = "",
+  clientId: r,
+  domain: n = "",
   debug: a = !1
 }) => {
-  const [s, o] = Ht(Cr, {
-    ...wt,
+  const [o, s] = Tt(Gr, {
+    ...st,
     debug: a
-  }), i = _r(a), c = Oe(!1), y = Oe(""), [l, h, , g] = ne({
-    key: `${oe}::${n}::@@user@@`
-  }), [f, u, , m] = ne({
-    key: `${oe}::${n}::@@access@@`
-  }), [R, z, , _e] = ne(
+  }), i = Jr(a), c = Rt(!1), [h, f, , p] = z({
+    key: `${X}::${r}::@@user@@`
+  }), [u, A, , T] = z({
+    key: `${X}::${r}::@@access@@`
+  }), [le, de, , Te] = z(
     {
-      key: `${oe}::${n}::@@refresh@@`
+      key: `${X}::${r}::@@refresh@@`
     }
-  ), [Tt, ve, , Ce] = ne({
-    key: `${oe}::${n}::@@nonce@@`
-  }), Rt = new Ir(f, R), Q = U(() => {
-    i("removeLocalStorage: removing local storage"), g(), m(), _e(), Ce();
+  ), [it, Re, , _e] = z({
+    key: `${X}::${r}::@@nonce@@`
+  }), ct = new xr(u, le), V = N(() => {
+    i("removeLocalStorage: removing local storage"), p(), T(), Te(), _e();
   }, [
-    m,
-    g,
-    Ce,
+    T,
+    p,
     _e,
+    Te,
     i
-  ]), K = U(
-    (d) => {
+  ]), W = N(
+    (l) => {
       i(
         "removeStateAndLocalStorage: removing state and local storage with reason: ",
-        d
-      ), o({
-        type: it,
+        l
+      ), s({
+        type: et,
         payload: {
-          logoutReason: d || H
+          logoutReason: l || U
         }
-      }), Q(), o({ type: j, payload: { isLoading: !1 } });
+      }), V(), s({ type: J, payload: { isLoading: !1 } });
     },
-    [Q, i]
-  ), D = U(
-    async (d) => {
+    [V, i]
+  ), P = N(
+    async (l) => {
       i("invalidateAndLogout: invalidating and logging out");
-      const { user: E } = s, p = E?.userId || Ar(l);
-      p || i(
+      const { user: y } = o, d = y?.userId || Kr(h);
+      d || i(
         "invalidateAndLogout: user cannot be identified, logging out without userId"
-      ), await Tr({
-        userId: p,
-        idToken: l,
-        accessToken: f,
-        refreshToken: R,
-        clientId: n,
-        domain: r
-      }), K(d || H);
+      ), await $r({
+        userId: d,
+        clientId: r,
+        domain: n
+      }), W(l || U);
     },
-    [
-      f,
-      s,
-      n,
-      r,
-      l,
-      R,
-      K,
-      i
-    ]
+    [h, o, r, n, W, i]
   );
-  Re(() => ((async () => y.current = await St())(), () => {
-    y.current = "";
-  }), []), Re(() => {
+  He(() => {
     if (!c.current)
-      return s.isLoading && l !== null ? (async () => {
+      return o.isLoading && h !== null ? (async () => {
         try {
-          const d = await J(l);
-          d && d.payload[T.USER_ID_KEY] !== "" ? (i("useEffect: setting the authentication state"), o({
-            type: F,
+          const l = await H(h);
+          l && l.payload[S.USER_ID_KEY] !== "" ? (i("useEffect: setting the authentication state"), s({
+            type: te,
             payload: {
-              authenticationType: d.payload[T.AUTH_TYPE_KEY],
               user: {
-                userId: d.payload[T.USER_ID_KEY],
-                username: d.payload[T.USERNAME_KEY]
+                userId: l.payload[S.USER_ID_KEY],
+                username: l.payload[S.USERNAME_KEY]
               }
             }
-          })) : (i("useEffect: invalid JWT, invalidating and logging out"), await D(H));
+          })) : (i("useEffect: invalid JWT, invalidating and logging out"), await P(U));
         } catch {
           i(
             "useEffect: exception validating JWT, invalidating and logging out"
-          ), await D(H);
+          ), await P(U);
         }
-      })() : (i("useEffect: setting the loading state to false"), o({ type: j, payload: { isLoading: !1 } })), () => {
+      })() : (i("useEffect: setting the loading state to false"), s({ type: J, payload: { isLoading: !1 } })), () => {
         c.current = !0;
       };
-  }, [s.isLoading, l, D, i]);
-  const bt = async (d, E, p = G.CODE) => {
-    o({ type: j, payload: { isLoading: !0 } }), Q();
-    const I = Te();
-    if (ve(I), i("login: Logging in with type: ", p), p === G.CODE) {
-      const { code_verifier: kt, code_challenge: Ot } = await Wn(), Pe = await Rr({
-        nonce: I,
-        clientId: n,
-        code_challenge: Ot
+  }, [o.isLoading, h, P, i]);
+  const ut = async (l, y) => {
+    s({ type: J, payload: { isLoading: !0 } }), V();
+    const d = me();
+    Re(d), i("login: Logging in with password");
+    const C = oe.CODE, { code_verifier: yt, code_challenge: gt } = await _r(), Ie = await Hr({
+      nonce: d,
+      clientId: r,
+      code_challenge: gt
+    });
+    if (Ie.status) {
+      const x = await Lr({
+        username: l,
+        password: y,
+        clientId: r,
+        sessionExpiration: t,
+        nonce: d,
+        type: C,
+        code: Ie.data,
+        code_verifier: yt,
+        domain: n,
+        ua: navigator.userAgent
       });
-      if (Pe.status) {
-        const V = await Ve({
-          username: d,
-          password: E,
-          clientId: n,
-          sessionExpiration: t,
-          nonce: I,
-          type: p,
-          code: Pe.data,
-          code_verifier: kt,
-          domain: r,
-          fingerprint: y.current
-        });
-        return V.status ? (h(V.idToken), u(V.accessToken), z(V.refreshToken), o({
-          type: F,
-          payload: {
-            authenticationType: p,
-            user: {
-              userId: V.userId,
-              username: d
-            }
+      return x.status ? (f(x.idToken), A(x.accessToken), de(x.refreshToken), s({
+        type: te,
+        payload: {
+          user: {
+            userId: x.userId,
+            username: l
           }
-        }), !0) : (K(ae), !1);
-      }
-      return !1;
-    }
-    const Y = await Ve({
-      username: d,
-      password: E,
-      clientId: n,
-      sessionExpiration: t,
-      nonce: I,
-      type: p,
-      domain: r,
-      fingerprint: y.current
-    });
-    return Y.status ? (h(Y.idToken), u(Y.accessToken), z(Y.refreshToken), o({
-      type: F,
-      payload: {
-        authenticationType: p,
-        user: {
-          userId: Y.userId,
-          username: d
         }
-      }
-    }), !0) : (K(ae), !1);
-  }, It = async (d) => {
-    d?.preventDefault(), await D(jn);
-  }, _t = async () => {
-    const { isAuthenticated: d, user: E } = s;
+      }), !0) : (W(we), !1);
+    }
+    return !1;
+  }, lt = async (l) => {
+    l?.preventDefault(), await P(Cr);
+  }, dt = async () => {
+    const { isAuthenticated: l, user: y } = o;
     try {
-      if (d && E && E.userId) {
-        if (f) {
+      if (l && y && y.userId) {
+        if (u) {
           i("getAccessToken");
-          const I = await J(f);
-          if (I && I.payload[T.USER_ID_KEY] !== "")
-            return f;
+          const C = await H(u);
+          if (C && C.payload[S.USER_ID_KEY] !== "")
+            return u;
         }
         i("getAccessToken: invalid access token, trying to refresh it");
-        const p = await Rt.refreshtoken({
-          clientId: n,
-          userId: E.userId,
-          nonce: Tt,
-          domain: r
+        const d = await ct.refreshtoken({
+          clientId: r,
+          userId: y.userId,
+          nonce: it,
+          domain: n
         });
-        return p.status && p.status === "success" && p.newAccessToken ? (u(p.newAccessToken), z(p.newRefreshToken), p.newAccessToken) : (i(
+        return d.status && d.status === "success" && d.newAccessToken ? (A(d.newAccessToken), de(d.newRefreshToken), d.newAccessToken) : (i(
           "getAccessToken: invalid refresh token, need to re-authenticate"
-        ), await D(H), "");
+        ), await P(U), "");
       }
       return i(
         "getAccessToken: user is not authenticated, cannot get access token"
-      ), await D(H), "";
+      ), await P(U), "";
     } catch {
       return i(
         "getAccessToken: exception occurred, invalidating and logging out"
-      ), await D(Fn), "";
+      ), await P(Nr), "";
     }
-  }, vt = () => s.isAuthenticated && l ? l : "", Ct = async () => {
-    const { user: d } = s;
-    let E = await x({
-      accessToken: f,
-      clientId: n,
-      type: W.GET_REGISTRATION_OPTIONS,
+  }, ht = () => o.isAuthenticated && h ? h : "", pt = async () => {
+    const { user: l } = o;
+    let y = await $({
+      accessToken: u,
+      clientId: r,
+      type: K.GET_REGISTRATION_OPTIONS,
       params: {
-        clientId: n,
-        id: d?.userId,
-        username: d?.username
+        clientId: r,
+        id: l?.userId,
+        username: l?.username
       }
     });
-    if (E.status)
+    if (y.status)
       try {
-        const p = await Gt(E.data);
-        return E = await x({
-          accessToken: f,
-          clientId: n,
-          type: W.VERIFY_REGISTRATION,
+        const d = await Ot(y.data);
+        return y = await $({
+          accessToken: u,
+          clientId: r,
+          type: K.VERIFY_REGISTRATION,
           params: {
-            clientId: n,
-            id: d?.userId,
-            username: d?.username,
-            registration: p
+            clientId: r,
+            id: l?.userId,
+            username: l?.username,
+            registration: d
           }
-        }), !!(E.status && E.data.length > 0);
+        }), !!(y.status && y.data.length > 0);
       } catch {
-        return await x({
-          accessToken: f,
-          clientId: n,
-          type: W.VERIFY_REGISTRATION,
+        return await $({
+          accessToken: u,
+          clientId: r,
+          type: K.VERIFY_REGISTRATION,
           params: {
-            clientId: n,
-            id: d?.userId,
-            username: d?.username,
+            clientId: r,
+            id: l?.userId,
+            username: l?.username,
             registration: {}
           }
         }), !1;
       }
     return !1;
-  }, Pt = async () => {
-    o({ type: j, payload: { isLoading: !0 } }), Q();
-    const d = Te();
-    ve(d), i("loginWithPasskey");
-    const E = Te();
-    let p = await x({
-      accessToken: f,
-      clientId: n,
-      type: W.GET_AUTHENTICATION_OPTIONS,
+  }, ft = async () => {
+    s({ type: J, payload: { isLoading: !0 } }), V();
+    const l = me();
+    Re(l), i("loginWithPasskey");
+    const y = me();
+    let d = await $({
+      accessToken: u,
+      clientId: r,
+      type: K.GET_AUTHENTICATION_OPTIONS,
       params: {
-        id: E,
-        clientId: n
+        id: y,
+        clientId: r
       }
     });
-    if (p.status)
+    if (d.status)
       try {
-        const I = await Vt(p.data);
-        return p = await x({
-          accessToken: f,
-          clientId: n,
-          type: W.VERIFY_AUTHENTICATION,
+        const C = await Ct(d.data);
+        return d = await $({
+          accessToken: u,
+          clientId: r,
+          type: K.VERIFY_AUTHENTICATION,
           params: {
-            clientId: n,
-            id: E,
-            authentication: I,
-            nonce: d,
-            domain: r,
-            fingerprint: y.current
+            clientId: r,
+            id: y,
+            authentication: C,
+            nonce: l,
+            domain: n,
+            sessionExpiration: t,
+            ua: navigator.userAgent
           }
-        }), p.data.status === "success" ? (h(p.data.idToken), u(p.data.accessToken), z(p.data.refreshToken), o({
-          type: F,
+        }), d.data.status === M ? (f(d.data.idToken), A(d.data.accessToken), de(d.data.refreshToken), s({
+          type: te,
           payload: {
-            authenticationType: G.PASSKEY,
             user: {
-              userId: p.data.userId,
-              username: p.data.username
+              userId: d.data.userId,
+              username: d.data.username
             }
           }
-        }), !0) : (K(ae), !1);
+        }), !0) : (W(we), !1);
       } catch {
-        return await x({
-          accessToken: f,
-          clientId: n,
-          type: W.VERIFY_AUTHENTICATION,
+        return await $({
+          accessToken: u,
+          clientId: r,
+          type: K.VERIFY_AUTHENTICATION,
           params: {
-            clientId: n,
-            id: E,
+            clientId: r,
+            id: y,
             authentication: {},
-            nonce: d,
-            domain: r
+            nonce: l,
+            domain: n,
+            sessionExpiration: t
           }
-        }), K(ae), !1;
+        }), W(we), !1;
       }
     return !1;
   };
-  return /* @__PURE__ */ ke(vr.Provider, { value: { state: s, dispatch: o }, children: /* @__PURE__ */ ke(
-    At.Provider,
+  return /* @__PURE__ */ be(Yr.Provider, { value: { state: o, dispatch: s }, children: /* @__PURE__ */ be(
+    ot.Provider,
     {
       value: {
-        ...s,
-        login: bt,
-        logout: It,
-        getAccessToken: _t,
-        getIdToken: vt,
-        registeringForPasskey: Ct,
-        loginWithPasskey: Pt
+        ...o,
+        login: ut,
+        logout: lt,
+        getAccessToken: dt,
+        getIdToken: ht,
+        registeringForPasskey: pt,
+        loginWithPasskey: ft
       },
       children: e
     }
   ) });
-}, Wr = (e = At) => Lt(e);
+}, zr = (e = ot) => _t(e);
 export {
-  G as AUTH_TYPES,
-  Lr as AuthProvider,
-  Hr as isGranted,
-  Wr as useAuth
+  oe as AUTH_TYPES,
+  qr as AuthProvider,
+  Br as isGranted,
+  zr as useAuth
 };