@wandelbots/wandelbots-js-react-components 2.54.5 → 3.0.0

package/dist/auth0-spa-js.production.esm-Bb4L9JDU.js

@@ -0,0 +1,1423 @@
+function I(i, e) {
+  var t = {};
+  for (var o in i) Object.prototype.hasOwnProperty.call(i, o) && e.indexOf(o) < 0 && (t[o] = i[o]);
+  if (i != null && typeof Object.getOwnPropertySymbols == "function") {
+    var n = 0;
+    for (o = Object.getOwnPropertySymbols(i); n < o.length; n++) e.indexOf(o[n]) < 0 && Object.prototype.propertyIsEnumerable.call(i, o[n]) && (t[o[n]] = i[o[n]]);
+  }
+  return t;
+}
+var C = typeof globalThis < "u" ? globalThis : typeof window < "u" ? window : typeof global < "u" ? global : typeof self < "u" ? self : {};
+function Q(i) {
+  return i && i.__esModule && Object.prototype.hasOwnProperty.call(i, "default") ? i.default : i;
+}
+function ee(i, e) {
+  return i(e = { exports: {} }, e.exports), e.exports;
+}
+var O = ee(function(i, e) {
+  Object.defineProperty(e, "__esModule", { value: !0 });
+  var t = function() {
+    function o() {
+      var n = this;
+      this.locked = /* @__PURE__ */ new Map(), this.addToLocked = function(r, a) {
+        var h = n.locked.get(r);
+        h === void 0 ? a === void 0 ? n.locked.set(r, []) : n.locked.set(r, [a]) : a !== void 0 && (h.unshift(a), n.locked.set(r, h));
+      }, this.isLocked = function(r) {
+        return n.locked.has(r);
+      }, this.lock = function(r) {
+        return new Promise(function(a, h) {
+          n.isLocked(r) ? n.addToLocked(r, a) : (n.addToLocked(r), a());
+        });
+      }, this.unlock = function(r) {
+        var a = n.locked.get(r);
+        if (a !== void 0 && a.length !== 0) {
+          var h = a.pop();
+          n.locked.set(r, a), h !== void 0 && setTimeout(h, 0);
+        } else n.locked.delete(r);
+      };
+    }
+    return o.getInstance = function() {
+      return o.instance === void 0 && (o.instance = new o()), o.instance;
+    }, o;
+  }();
+  e.default = function() {
+    return t.getInstance();
+  };
+});
+Q(O);
+var Ce = Q(ee(function(i, e) {
+  var t = C && C.__awaiter || function(s, c, d, l) {
+    return new (d || (d = Promise))(function(m, y) {
+      function g(w) {
+        try {
+          b(l.next(w));
+        } catch (f) {
+          y(f);
+        }
+      }
+      function k(w) {
+        try {
+          b(l.throw(w));
+        } catch (f) {
+          y(f);
+        }
+      }
+      function b(w) {
+        w.done ? m(w.value) : new d(function(f) {
+          f(w.value);
+        }).then(g, k);
+      }
+      b((l = l.apply(s, c || [])).next());
+    });
+  }, o = C && C.__generator || function(s, c) {
+    var d, l, m, y, g = { label: 0, sent: function() {
+      if (1 & m[0]) throw m[1];
+      return m[1];
+    }, trys: [], ops: [] };
+    return y = { next: k(0), throw: k(1), return: k(2) }, typeof Symbol == "function" && (y[Symbol.iterator] = function() {
+      return this;
+    }), y;
+    function k(b) {
+      return function(w) {
+        return function(f) {
+          if (d) throw new TypeError("Generator is already executing.");
+          for (; g; ) try {
+            if (d = 1, l && (m = 2 & f[0] ? l.return : f[0] ? l.throw || ((m = l.return) && m.call(l), 0) : l.next) && !(m = m.call(l, f[1])).done) return m;
+            switch (l = 0, m && (f = [2 & f[0], m.value]), f[0]) {
+              case 0:
+              case 1:
+                m = f;
+                break;
+              case 4:
+                return g.label++, { value: f[1], done: !1 };
+              case 5:
+                g.label++, l = f[1], f = [0];
+                continue;
+              case 7:
+                f = g.ops.pop(), g.trys.pop();
+                continue;
+              default:
+                if (m = g.trys, !((m = m.length > 0 && m[m.length - 1]) || f[0] !== 6 && f[0] !== 2)) {
+                  g = 0;
+                  continue;
+                }
+                if (f[0] === 3 && (!m || f[1] > m[0] && f[1] < m[3])) {
+                  g.label = f[1];
+                  break;
+                }
+                if (f[0] === 6 && g.label < m[1]) {
+                  g.label = m[1], m = f;
+                  break;
+                }
+                if (m && g.label < m[2]) {
+                  g.label = m[2], g.ops.push(f);
+                  break;
+                }
+                m[2] && g.ops.pop(), g.trys.pop();
+                continue;
+            }
+            f = c.call(s, g);
+          } catch (S) {
+            f = [6, S], l = 0;
+          } finally {
+            d = m = 0;
+          }
+          if (5 & f[0]) throw f[1];
+          return { value: f[0] ? f[1] : void 0, done: !0 };
+        }([b, w]);
+      };
+    }
+  }, n = C;
+  Object.defineProperty(e, "__esModule", { value: !0 });
+  var r = "browser-tabs-lock-key", a = { key: function(s) {
+    return t(n, void 0, void 0, function() {
+      return o(this, function(c) {
+        throw new Error("Unsupported");
+      });
+    });
+  }, getItem: function(s) {
+    return t(n, void 0, void 0, function() {
+      return o(this, function(c) {
+        throw new Error("Unsupported");
+      });
+    });
+  }, clear: function() {
+    return t(n, void 0, void 0, function() {
+      return o(this, function(s) {
+        return [2, window.localStorage.clear()];
+      });
+    });
+  }, removeItem: function(s) {
+    return t(n, void 0, void 0, function() {
+      return o(this, function(c) {
+        throw new Error("Unsupported");
+      });
+    });
+  }, setItem: function(s, c) {
+    return t(n, void 0, void 0, function() {
+      return o(this, function(d) {
+        throw new Error("Unsupported");
+      });
+    });
+  }, keySync: function(s) {
+    return window.localStorage.key(s);
+  }, getItemSync: function(s) {
+    return window.localStorage.getItem(s);
+  }, clearSync: function() {
+    return window.localStorage.clear();
+  }, removeItemSync: function(s) {
+    return window.localStorage.removeItem(s);
+  }, setItemSync: function(s, c) {
+    return window.localStorage.setItem(s, c);
+  } };
+  function h(s) {
+    return new Promise(function(c) {
+      return setTimeout(c, s);
+    });
+  }
+  function u(s) {
+    for (var c = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXTZabcdefghiklmnopqrstuvwxyz", d = "", l = 0; l < s; l++)
+      d += c[Math.floor(Math.random() * c.length)];
+    return d;
+  }
+  var p = function() {
+    function s(c) {
+      this.acquiredIatSet = /* @__PURE__ */ new Set(), this.storageHandler = void 0, this.id = Date.now().toString() + u(15), this.acquireLock = this.acquireLock.bind(this), this.releaseLock = this.releaseLock.bind(this), this.releaseLock__private__ = this.releaseLock__private__.bind(this), this.waitForSomethingToChange = this.waitForSomethingToChange.bind(this), this.refreshLockWhileAcquired = this.refreshLockWhileAcquired.bind(this), this.storageHandler = c, s.waiters === void 0 && (s.waiters = []);
+    }
+    return s.prototype.acquireLock = function(c, d) {
+      return d === void 0 && (d = 5e3), t(this, void 0, void 0, function() {
+        var l, m, y, g, k, b, w;
+        return o(this, function(f) {
+          switch (f.label) {
+            case 0:
+              l = Date.now() + u(4), m = Date.now() + d, y = r + "-" + c, g = this.storageHandler === void 0 ? a : this.storageHandler, f.label = 1;
+            case 1:
+              return Date.now() < m ? [4, h(30)] : [3, 8];
+            case 2:
+              return f.sent(), g.getItemSync(y) !== null ? [3, 5] : (k = this.id + "-" + c + "-" + l, [4, h(Math.floor(25 * Math.random()))]);
+            case 3:
+              return f.sent(), g.setItemSync(y, JSON.stringify({ id: this.id, iat: l, timeoutKey: k, timeAcquired: Date.now(), timeRefreshed: Date.now() })), [4, h(30)];
+            case 4:
+              return f.sent(), (b = g.getItemSync(y)) !== null && (w = JSON.parse(b)).id === this.id && w.iat === l ? (this.acquiredIatSet.add(l), this.refreshLockWhileAcquired(y, l), [2, !0]) : [3, 7];
+            case 5:
+              return s.lockCorrector(this.storageHandler === void 0 ? a : this.storageHandler), [4, this.waitForSomethingToChange(m)];
+            case 6:
+              f.sent(), f.label = 7;
+            case 7:
+              return l = Date.now() + u(4), [3, 1];
+            case 8:
+              return [2, !1];
+          }
+        });
+      });
+    }, s.prototype.refreshLockWhileAcquired = function(c, d) {
+      return t(this, void 0, void 0, function() {
+        var l = this;
+        return o(this, function(m) {
+          return setTimeout(function() {
+            return t(l, void 0, void 0, function() {
+              var y, g, k;
+              return o(this, function(b) {
+                switch (b.label) {
+                  case 0:
+                    return [4, O.default().lock(d)];
+                  case 1:
+                    return b.sent(), this.acquiredIatSet.has(d) ? (y = this.storageHandler === void 0 ? a : this.storageHandler, (g = y.getItemSync(c)) === null ? (O.default().unlock(d), [2]) : ((k = JSON.parse(g)).timeRefreshed = Date.now(), y.setItemSync(c, JSON.stringify(k)), O.default().unlock(d), this.refreshLockWhileAcquired(c, d), [2])) : (O.default().unlock(d), [2]);
+                }
+              });
+            });
+          }, 1e3), [2];
+        });
+      });
+    }, s.prototype.waitForSomethingToChange = function(c) {
+      return t(this, void 0, void 0, function() {
+        return o(this, function(d) {
+          switch (d.label) {
+            case 0:
+              return [4, new Promise(function(l) {
+                var m = !1, y = Date.now(), g = !1;
+                function k() {
+                  if (g || (window.removeEventListener("storage", k), s.removeFromWaiting(k), clearTimeout(b), g = !0), !m) {
+                    m = !0;
+                    var w = 50 - (Date.now() - y);
+                    w > 0 ? setTimeout(l, w) : l(null);
+                  }
+                }
+                window.addEventListener("storage", k), s.addToWaiting(k);
+                var b = setTimeout(k, Math.max(0, c - Date.now()));
+              })];
+            case 1:
+              return d.sent(), [2];
+          }
+        });
+      });
+    }, s.addToWaiting = function(c) {
+      this.removeFromWaiting(c), s.waiters !== void 0 && s.waiters.push(c);
+    }, s.removeFromWaiting = function(c) {
+      s.waiters !== void 0 && (s.waiters = s.waiters.filter(function(d) {
+        return d !== c;
+      }));
+    }, s.notifyWaiters = function() {
+      s.waiters !== void 0 && s.waiters.slice().forEach(function(c) {
+        return c();
+      });
+    }, s.prototype.releaseLock = function(c) {
+      return t(this, void 0, void 0, function() {
+        return o(this, function(d) {
+          switch (d.label) {
+            case 0:
+              return [4, this.releaseLock__private__(c)];
+            case 1:
+              return [2, d.sent()];
+          }
+        });
+      });
+    }, s.prototype.releaseLock__private__ = function(c) {
+      return t(this, void 0, void 0, function() {
+        var d, l, m, y;
+        return o(this, function(g) {
+          switch (g.label) {
+            case 0:
+              return d = this.storageHandler === void 0 ? a : this.storageHandler, l = r + "-" + c, (m = d.getItemSync(l)) === null ? [2] : (y = JSON.parse(m)).id !== this.id ? [3, 2] : [4, O.default().lock(y.iat)];
+            case 1:
+              g.sent(), this.acquiredIatSet.delete(y.iat), d.removeItemSync(l), O.default().unlock(y.iat), s.notifyWaiters(), g.label = 2;
+            case 2:
+              return [2];
+          }
+        });
+      });
+    }, s.lockCorrector = function(c) {
+      for (var d = Date.now() - 5e3, l = c, m = [], y = 0; ; ) {
+        var g = l.keySync(y);
+        if (g === null) break;
+        m.push(g), y++;
+      }
+      for (var k = !1, b = 0; b < m.length; b++) {
+        var w = m[b];
+        if (w.includes(r)) {
+          var f = l.getItemSync(w);
+          if (f !== null) {
+            var S = JSON.parse(f);
+            (S.timeRefreshed === void 0 && S.timeAcquired < d || S.timeRefreshed !== void 0 && S.timeRefreshed < d) && (l.removeItemSync(w), k = !0);
+          }
+        }
+      }
+      k && s.notifyWaiters();
+    }, s.waiters = void 0, s;
+  }();
+  e.default = p;
+}));
+const je = { timeoutInSeconds: 60 }, we = { name: "auth0-spa-js", version: "2.8.0" }, be = () => Date.now();
+class v extends Error {
+  constructor(e, t) {
+    super(t), this.error = e, this.error_description = t, Object.setPrototypeOf(this, v.prototype);
+  }
+  static fromPayload({ error: e, error_description: t }) {
+    return new v(e, t);
+  }
+}
+class te extends v {
+  constructor(e, t, o, n = null) {
+    super(e, t), this.state = o, this.appState = n, Object.setPrototypeOf(this, te.prototype);
+  }
+}
+class oe extends v {
+  constructor(e, t, o, n, r = null) {
+    super(e, t), this.connection = o, this.state = n, this.appState = r, Object.setPrototypeOf(this, oe.prototype);
+  }
+}
+class U extends v {
+  constructor() {
+    super("timeout", "Timeout"), Object.setPrototypeOf(this, U.prototype);
+  }
+}
+class ne extends U {
+  constructor(e) {
+    super(), this.popup = e, Object.setPrototypeOf(this, ne.prototype);
+  }
+}
+class ie extends v {
+  constructor(e) {
+    super("cancelled", "Popup closed"), this.popup = e, Object.setPrototypeOf(this, ie.prototype);
+  }
+}
+class re extends v {
+  constructor(e, t, o) {
+    super(e, t), this.mfa_token = o, Object.setPrototypeOf(this, re.prototype);
+  }
+}
+class V extends v {
+  constructor(e, t) {
+    super("missing_refresh_token", `Missing Refresh Token (audience: '${W(e, ["default"])}', scope: '${W(t)}')`), this.audience = e, this.scope = t, Object.setPrototypeOf(this, V.prototype);
+  }
+}
+class se extends v {
+  constructor(e, t) {
+    super("missing_scopes", `Missing requested scopes after refresh (audience: '${W(e, ["default"])}', missing scope: '${W(t)}')`), this.audience = e, this.scope = t, Object.setPrototypeOf(this, se.prototype);
+  }
+}
+class F extends v {
+  constructor(e) {
+    super("use_dpop_nonce", "Server rejected DPoP proof: wrong nonce"), this.newDpopNonce = e, Object.setPrototypeOf(this, F.prototype);
+  }
+}
+function W(i, e = []) {
+  return i && !e.includes(i) ? i : "";
+}
+const J = () => window.crypto, N = () => {
+  const i = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz-_~.";
+  let e = "";
+  return Array.from(J().getRandomValues(new Uint8Array(43))).forEach((t) => e += i[t % i.length]), e;
+}, G = (i) => btoa(i), Ke = [{ key: "name", type: ["string"] }, { key: "version", type: ["string", "number"] }, { key: "env", type: ["object"] }], xe = (i) => Object.keys(i).reduce((e, t) => {
+  const o = Ke.find((n) => n.key === t);
+  return o && o.type.includes(typeof i[t]) && (e[t] = i[t]), e;
+}, {}), B = (i) => {
+  var { clientId: e } = i, t = I(i, ["clientId"]);
+  return new URLSearchParams(((o) => Object.keys(o).filter((n) => o[n] !== void 0).reduce((n, r) => Object.assign(Object.assign({}, n), { [r]: o[r] }), {}))(Object.assign({ client_id: e }, t))).toString();
+}, ce = async (i) => await J().subtle.digest({ name: "SHA-256" }, new TextEncoder().encode(i)), ue = (i) => ((e) => decodeURIComponent(atob(e).split("").map((t) => "%" + ("00" + t.charCodeAt(0).toString(16)).slice(-2)).join("")))(i.replace(/_/g, "/").replace(/-/g, "+")), he = (i) => {
+  const e = new Uint8Array(i);
+  return ((t) => {
+    const o = { "+": "-", "/": "_", "=": "" };
+    return t.replace(/[+/=]/g, (n) => o[n]);
+  })(window.btoa(String.fromCharCode(...Array.from(e))));
+}, Ee = new TextEncoder(), ze = new TextDecoder();
+function D(i) {
+  return typeof i == "string" ? Ee.encode(i) : ze.decode(i);
+}
+function de(i) {
+  if (typeof i.modulusLength != "number" || i.modulusLength < 2048) throw new Re(`${i.name} modulusLength must be at least 2048 bits`);
+}
+async function Ne(i, e, t) {
+  if (t.usages.includes("sign") === !1) throw new TypeError('private CryptoKey instances used for signing assertions must include "sign" in their "usages"');
+  const o = `${A(D(JSON.stringify(i)))}.${A(D(JSON.stringify(e)))}`;
+  return `${o}.${A(await crypto.subtle.sign(function(n) {
+    switch (n.algorithm.name) {
+      case "ECDSA":
+        return { name: n.algorithm.name, hash: "SHA-256" };
+      case "RSA-PSS":
+        return de(n.algorithm), { name: n.algorithm.name, saltLength: 32 };
+      case "RSASSA-PKCS1-v1_5":
+        return de(n.algorithm), { name: n.algorithm.name };
+      case "Ed25519":
+        return { name: n.algorithm.name };
+    }
+    throw new K();
+  }(t), t, D(o)))}`;
+}
+let q;
+Uint8Array.prototype.toBase64 ? q = (i) => (i instanceof ArrayBuffer && (i = new Uint8Array(i)), i.toBase64({ alphabet: "base64url", omitPadding: !0 })) : q = (e) => {
+  e instanceof ArrayBuffer && (e = new Uint8Array(e));
+  const t = [];
+  for (let o = 0; o < e.byteLength; o += 32768) t.push(String.fromCharCode.apply(null, e.subarray(o, o + 32768)));
+  return btoa(t.join("")).replace(/=/g, "").replace(/\+/g, "-").replace(/\//g, "_");
+};
+function A(i) {
+  return q(i);
+}
+class K extends Error {
+  constructor(e) {
+    var t;
+    super(e ?? "operation not supported"), this.name = this.constructor.name, (t = Error.captureStackTrace) === null || t === void 0 || t.call(Error, this, this.constructor);
+  }
+}
+class Re extends Error {
+  constructor(e) {
+    var t;
+    super(e), this.name = this.constructor.name, (t = Error.captureStackTrace) === null || t === void 0 || t.call(Error, this, this.constructor);
+  }
+}
+function De(i) {
+  switch (i.algorithm.name) {
+    case "RSA-PSS":
+      return function(e) {
+        if (e.algorithm.hash.name === "SHA-256") return "PS256";
+        throw new K("unsupported RsaHashedKeyAlgorithm hash name");
+      }(i);
+    case "RSASSA-PKCS1-v1_5":
+      return function(e) {
+        if (e.algorithm.hash.name === "SHA-256") return "RS256";
+        throw new K("unsupported RsaHashedKeyAlgorithm hash name");
+      }(i);
+    case "ECDSA":
+      return function(e) {
+        if (e.algorithm.namedCurve === "P-256") return "ES256";
+        throw new K("unsupported EcKeyAlgorithm namedCurve");
+      }(i);
+    case "Ed25519":
+      return "Ed25519";
+    default:
+      throw new K("unsupported CryptoKey algorithm name");
+  }
+}
+function ke(i) {
+  return i instanceof CryptoKey;
+}
+function ve(i) {
+  return ke(i) && i.type === "public";
+}
+async function Ae(i, e, t, o, n, r) {
+  const a = i == null ? void 0 : i.privateKey, h = i == null ? void 0 : i.publicKey;
+  if (!ke(u = a) || u.type !== "private") throw new TypeError('"keypair.privateKey" must be a private CryptoKey');
+  var u;
+  if (!ve(h)) throw new TypeError('"keypair.publicKey" must be a public CryptoKey');
+  if (h.extractable !== !0) throw new TypeError('"keypair.publicKey.extractable" must be true');
+  if (typeof e != "string") throw new TypeError('"htu" must be a string');
+  if (typeof t != "string") throw new TypeError('"htm" must be a string');
+  if (o !== void 0 && typeof o != "string") throw new TypeError('"nonce" must be a string or undefined');
+  if (n !== void 0 && typeof n != "string") throw new TypeError('"accessToken" must be a string or undefined');
+  return Ne({ alg: De(a), typ: "dpop+jwt", jwk: await _e(h) }, Object.assign(Object.assign({}, r), { iat: Math.floor(Date.now() / 1e3), jti: crypto.randomUUID(), htm: t, nonce: o, htu: e, ath: n ? A(await crypto.subtle.digest("SHA-256", D(n))) : void 0 }), a);
+}
+async function _e(i) {
+  const { kty: e, e: t, n: o, x: n, y: r, crv: a } = await crypto.subtle.exportKey("jwk", i);
+  return { kty: e, crv: a, e: t, n: o, x: n, y: r };
+}
+const Ue = ["authorization_code", "refresh_token", "urn:ietf:params:oauth:grant-type:token-exchange"];
+function Le() {
+  return async function(i, e) {
+    var t;
+    let o;
+    if (i.length === 0) throw new TypeError('"alg" must be a non-empty string');
+    switch (i) {
+      case "PS256":
+        o = { name: "RSA-PSS", hash: "SHA-256", modulusLength: 2048, publicExponent: new Uint8Array([1, 0, 1]) };
+        break;
+      case "RS256":
+        o = { name: "RSASSA-PKCS1-v1_5", hash: "SHA-256", modulusLength: 2048, publicExponent: new Uint8Array([1, 0, 1]) };
+        break;
+      case "ES256":
+        o = { name: "ECDSA", namedCurve: "P-256" };
+        break;
+      case "Ed25519":
+        o = { name: "Ed25519" };
+        break;
+      default:
+        throw new K();
+    }
+    return crypto.subtle.generateKey(o, (t = e == null ? void 0 : e.extractable) !== null && t !== void 0 && t, ["sign", "verify"]);
+  }("ES256", { extractable: !1 });
+}
+function Ze(i) {
+  return async function(e) {
+    if (!ve(e)) throw new TypeError('"publicKey" must be a public CryptoKey');
+    if (e.extractable !== !0) throw new TypeError('"publicKey.extractable" must be true');
+    const t = await _e(e);
+    let o;
+    switch (t.kty) {
+      case "EC":
+        o = { crv: t.crv, kty: t.kty, x: t.x, y: t.y };
+        break;
+      case "OKP":
+        o = { crv: t.crv, kty: t.kty, x: t.x };
+        break;
+      case "RSA":
+        o = { e: t.e, kty: t.kty, n: t.n };
+        break;
+      default:
+        throw new K("unsupported JWK kty");
+    }
+    return A(await crypto.subtle.digest({ name: "SHA-256" }, D(JSON.stringify(o))));
+  }(i.publicKey);
+}
+function He({ keyPair: i, url: e, method: t, nonce: o, accessToken: n }) {
+  const r = function(a) {
+    const h = new URL(a);
+    return h.search = "", h.hash = "", h.href;
+  }(e);
+  return Ae(i, r, t, o, n);
+}
+const We = async (i, e) => {
+  const t = await fetch(i, e);
+  return { ok: t.ok, json: await t.json(), headers: (o = t.headers, [...o].reduce((n, [r, a]) => (n[r] = a, n), {})) };
+  var o;
+}, Je = async (i, e, t) => {
+  const o = new AbortController();
+  let n;
+  return e.signal = o.signal, Promise.race([We(i, e), new Promise((r, a) => {
+    n = setTimeout(() => {
+      o.abort(), a(new Error("Timeout when executing 'fetch'"));
+    }, t);
+  })]).finally(() => {
+    clearTimeout(n);
+  });
+}, Xe = async (i, e, t, o, n, r, a, h) => {
+  return u = { auth: { audience: e, scope: t }, timeout: n, fetchUrl: i, fetchOptions: o, useFormData: a, useMrrt: h }, p = r, new Promise(function(s, c) {
+    const d = new MessageChannel();
+    d.port1.onmessage = function(l) {
+      l.data.error ? c(new Error(l.data.error)) : s(l.data), d.port1.close();
+    }, p.postMessage(u, [d.port2]);
+  });
+  var u, p;
+}, Ve = async (i, e, t, o, n, r, a = 1e4, h) => n ? Xe(i, e, t, o, a, n, r, h) : Je(i, o, a);
+async function Se(i, e, t, o, n, r, a, h, u, p) {
+  if (u) {
+    const w = await u.generateProof({ url: i, method: n.method || "GET", nonce: await u.getNonce() });
+    n.headers = Object.assign(Object.assign({}, n.headers), { dpop: w });
+  }
+  let s, c = null;
+  for (let w = 0; w < 3; w++) try {
+    s = await Ve(i, t, o, n, r, a, e, h), c = null;
+    break;
+  } catch (f) {
+    c = f;
+  }
+  if (c) throw c;
+  const d = s.json, { error: l, error_description: m } = d, y = I(d, ["error", "error_description"]), { headers: g, ok: k } = s;
+  let b;
+  if (u && (b = g["dpop-nonce"], b && await u.setNonce(b)), !k) {
+    const w = m || `HTTP error. Unable to fetch ${i}`;
+    if (l === "mfa_required") throw new re(l, w, y.mfa_token);
+    if (l === "missing_refresh_token") throw new V(t, o);
+    if (l === "use_dpop_nonce") {
+      if (!u || !b || p) throw new F(b);
+      return Se(i, e, t, o, n, r, a, h, u, !0);
+    }
+    throw new v(l || "request_error", w);
+  }
+  return y;
+}
+async function Fe(i, e) {
+  var { baseUrl: t, timeout: o, audience: n, scope: r, auth0Client: a, useFormData: h, useMrrt: u, dpop: p } = i, s = I(i, ["baseUrl", "timeout", "audience", "scope", "auth0Client", "useFormData", "useMrrt", "dpop"]);
+  const c = s.grant_type === "urn:ietf:params:oauth:grant-type:token-exchange", d = s.grant_type === "refresh_token" && u, l = Object.assign(Object.assign(Object.assign(Object.assign({}, s), c && n && { audience: n }), c && r && { scope: r }), d && { audience: n, scope: r }), m = h ? B(l) : JSON.stringify(l), y = (g = s.grant_type, Ue.includes(g));
+  var g;
+  return await Se(`${t}/oauth/token`, o, n || "default", r, { method: "POST", body: m, headers: { "Content-Type": h ? "application/x-www-form-urlencoded" : "application/json", "Auth0-Client": btoa(JSON.stringify(xe(a || we))) } }, e, h, u, y ? p : void 0);
+}
+const H = (...i) => {
+  return (e = i.filter(Boolean).join(" ").trim().split(/\s+/), Array.from(new Set(e))).join(" ");
+  var e;
+}, Z = (i, e, t) => {
+  let o;
+  return t && (o = i[t]), o || (o = i.default), H(o, e);
+};
+class _ {
+  constructor(e, t = "@@auth0spajs@@", o) {
+    this.prefix = t, this.suffix = o, this.clientId = e.clientId, this.scope = e.scope, this.audience = e.audience;
+  }
+  toKey() {
+    return [this.prefix, this.clientId, this.audience, this.scope, this.suffix].filter(Boolean).join("::");
+  }
+  static fromKey(e) {
+    const [t, o, n, r] = e.split("::");
+    return new _({ clientId: o, scope: r, audience: n }, t);
+  }
+  static fromCacheEntry(e) {
+    const { scope: t, audience: o, client_id: n } = e;
+    return new _({ scope: t, audience: o, clientId: n });
+  }
+}
+class Ge {
+  set(e, t) {
+    localStorage.setItem(e, JSON.stringify(t));
+  }
+  get(e) {
+    const t = window.localStorage.getItem(e);
+    if (t) try {
+      return JSON.parse(t);
+    } catch {
+      return;
+    }
+  }
+  remove(e) {
+    localStorage.removeItem(e);
+  }
+  allKeys() {
+    return Object.keys(window.localStorage).filter((e) => e.startsWith("@@auth0spajs@@"));
+  }
+}
+class Ie {
+  constructor() {
+    this.enclosedCache = /* @__PURE__ */ function() {
+      let e = {};
+      return { set(t, o) {
+        e[t] = o;
+      }, get(t) {
+        const o = e[t];
+        if (o) return o;
+      }, remove(t) {
+        delete e[t];
+      }, allKeys: () => Object.keys(e) };
+    }();
+  }
+}
+class Me {
+  constructor(e, t, o) {
+    this.cache = e, this.keyManifest = t, this.nowProvider = o || be;
+  }
+  async setIdToken(e, t, o) {
+    var n;
+    const r = this.getIdTokenCacheKey(e);
+    await this.cache.set(r, { id_token: t, decodedToken: o }), await ((n = this.keyManifest) === null || n === void 0 ? void 0 : n.add(r));
+  }
+  async getIdToken(e) {
+    const t = await this.cache.get(this.getIdTokenCacheKey(e.clientId));
+    if (!t && e.scope && e.audience) {
+      const o = await this.get(e);
+      return !o || !o.id_token || !o.decodedToken ? void 0 : { id_token: o.id_token, decodedToken: o.decodedToken };
+    }
+    if (t) return { id_token: t.id_token, decodedToken: t.decodedToken };
+  }
+  async get(e, t = 0, o = !1, n) {
+    var r;
+    let a = await this.cache.get(e.toKey());
+    if (!a) {
+      const p = await this.getCacheKeys();
+      if (!p) return;
+      const s = this.matchExistingCacheKey(e, p);
+      if (s && (a = await this.cache.get(s)), !s && o && n !== "cache-only") return this.getEntryWithRefreshToken(e, p);
+    }
+    if (!a) return;
+    const h = await this.nowProvider(), u = Math.floor(h / 1e3);
+    return a.expiresAt - t < u ? a.body.refresh_token ? this.modifiedCachedEntry(a, e) : (await this.cache.remove(e.toKey()), void await ((r = this.keyManifest) === null || r === void 0 ? void 0 : r.remove(e.toKey()))) : a.body;
+  }
+  async modifiedCachedEntry(e, t) {
+    return e.body = { refresh_token: e.body.refresh_token, audience: e.body.audience, scope: e.body.scope }, await this.cache.set(t.toKey(), e), { refresh_token: e.body.refresh_token, audience: e.body.audience, scope: e.body.scope };
+  }
+  async set(e) {
+    var t;
+    const o = new _({ clientId: e.client_id, scope: e.scope, audience: e.audience }), n = await this.wrapCacheEntry(e);
+    await this.cache.set(o.toKey(), n), await ((t = this.keyManifest) === null || t === void 0 ? void 0 : t.add(o.toKey()));
+  }
+  async remove(e, t, o) {
+    const n = new _({ clientId: e, scope: o, audience: t });
+    await this.cache.remove(n.toKey());
+  }
+  async clear(e) {
+    var t;
+    const o = await this.getCacheKeys();
+    o && (await o.filter((n) => !e || n.includes(e)).reduce(async (n, r) => {
+      await n, await this.cache.remove(r);
+    }, Promise.resolve()), await ((t = this.keyManifest) === null || t === void 0 ? void 0 : t.clear()));
+  }
+  async wrapCacheEntry(e) {
+    const t = await this.nowProvider();
+    return { body: e, expiresAt: Math.floor(t / 1e3) + e.expires_in };
+  }
+  async getCacheKeys() {
+    var e;
+    return this.keyManifest ? (e = await this.keyManifest.get()) === null || e === void 0 ? void 0 : e.keys : this.cache.allKeys ? this.cache.allKeys() : void 0;
+  }
+  getIdTokenCacheKey(e) {
+    return new _({ clientId: e }, "@@auth0spajs@@", "@@user@@").toKey();
+  }
+  matchExistingCacheKey(e, t) {
+    return t.filter((o) => {
+      var n;
+      const r = _.fromKey(o), a = new Set(r.scope && r.scope.split(" ")), h = ((n = e.scope) === null || n === void 0 ? void 0 : n.split(" ")) || [], u = r.scope && h.reduce((p, s) => p && a.has(s), !0);
+      return r.prefix === "@@auth0spajs@@" && r.clientId === e.clientId && r.audience === e.audience && u;
+    })[0];
+  }
+  async getEntryWithRefreshToken(e, t) {
+    var o;
+    for (const n of t) {
+      const r = _.fromKey(n);
+      if (r.prefix === "@@auth0spajs@@" && r.clientId === e.clientId) {
+        const a = await this.cache.get(n);
+        if (!((o = a == null ? void 0 : a.body) === null || o === void 0) && o.refresh_token) return this.modifiedCachedEntry(a, e);
+      }
+    }
+  }
+  async updateEntry(e, t) {
+    var o;
+    const n = await this.getCacheKeys();
+    if (n) for (const r of n) {
+      const a = await this.cache.get(r);
+      if (((o = a == null ? void 0 : a.body) === null || o === void 0 ? void 0 : o.refresh_token) === e) {
+        const h = Object.assign(Object.assign({}, a.body), { refresh_token: t });
+        await this.set(h);
+      }
+    }
+  }
+}
+class Ye {
+  constructor(e, t, o) {
+    this.storage = e, this.clientId = t, this.cookieDomain = o, this.storageKey = `a0.spajs.txs.${this.clientId}`;
+  }
+  create(e) {
+    this.storage.save(this.storageKey, e, { daysUntilExpire: 1, cookieDomain: this.cookieDomain });
+  }
+  get() {
+    return this.storage.get(this.storageKey);
+  }
+  remove() {
+    this.storage.remove(this.storageKey, { cookieDomain: this.cookieDomain });
+  }
+}
+const R = (i) => typeof i == "number", $e = ["iss", "aud", "exp", "nbf", "iat", "jti", "azp", "nonce", "auth_time", "at_hash", "c_hash", "acr", "amr", "sub_jwk", "cnf", "sip_from_tag", "sip_date", "sip_callid", "sip_cseq_num", "sip_via_branch", "orig", "dest", "mky", "events", "toe", "txn", "rph", "sid", "vot", "vtm"], Be = (i) => {
+  if (!i.id_token) throw new Error("ID token is required but missing");
+  const e = ((r) => {
+    const a = r.split("."), [h, u, p] = a;
+    if (a.length !== 3 || !h || !u || !p) throw new Error("ID token could not be decoded");
+    const s = JSON.parse(ue(u)), c = { __raw: r }, d = {};
+    return Object.keys(s).forEach((l) => {
+      c[l] = s[l], $e.includes(l) || (d[l] = s[l]);
+    }), { encoded: { header: h, payload: u, signature: p }, header: JSON.parse(ue(h)), claims: c, user: d };
+  })(i.id_token);
+  if (!e.claims.iss) throw new Error("Issuer (iss) claim must be a string present in the ID token");
+  if (e.claims.iss !== i.iss) throw new Error(`Issuer (iss) claim mismatch in the ID token; expected "${i.iss}", found "${e.claims.iss}"`);
+  if (!e.user.sub) throw new Error("Subject (sub) claim must be a string present in the ID token");
+  if (e.header.alg !== "RS256") throw new Error(`Signature algorithm of "${e.header.alg}" is not supported. Expected the ID token to be signed with "RS256".`);
+  if (!e.claims.aud || typeof e.claims.aud != "string" && !Array.isArray(e.claims.aud)) throw new Error("Audience (aud) claim must be a string or array of strings present in the ID token");
+  if (Array.isArray(e.claims.aud)) {
+    if (!e.claims.aud.includes(i.aud)) throw new Error(`Audience (aud) claim mismatch in the ID token; expected "${i.aud}" but was not one of "${e.claims.aud.join(", ")}"`);
+    if (e.claims.aud.length > 1) {
+      if (!e.claims.azp) throw new Error("Authorized Party (azp) claim must be a string present in the ID token when Audience (aud) claim has multiple values");
+      if (e.claims.azp !== i.aud) throw new Error(`Authorized Party (azp) claim mismatch in the ID token; expected "${i.aud}", found "${e.claims.azp}"`);
+    }
+  } else if (e.claims.aud !== i.aud) throw new Error(`Audience (aud) claim mismatch in the ID token; expected "${i.aud}" but found "${e.claims.aud}"`);
+  if (i.nonce) {
+    if (!e.claims.nonce) throw new Error("Nonce (nonce) claim must be a string present in the ID token");
+    if (e.claims.nonce !== i.nonce) throw new Error(`Nonce (nonce) claim mismatch in the ID token; expected "${i.nonce}", found "${e.claims.nonce}"`);
+  }
+  if (i.max_age && !R(e.claims.auth_time)) throw new Error("Authentication Time (auth_time) claim must be a number present in the ID token when Max Age (max_age) is specified");
+  if (e.claims.exp == null || !R(e.claims.exp)) throw new Error("Expiration Time (exp) claim must be a number present in the ID token");
+  if (!R(e.claims.iat)) throw new Error("Issued At (iat) claim must be a number present in the ID token");
+  const t = i.leeway || 60, o = new Date(i.now || Date.now()), n = /* @__PURE__ */ new Date(0);
+  if (n.setUTCSeconds(e.claims.exp + t), o > n) throw new Error(`Expiration Time (exp) claim error in the ID token; current time (${o}) is after expiration time (${n})`);
+  if (e.claims.nbf != null && R(e.claims.nbf)) {
+    const r = /* @__PURE__ */ new Date(0);
+    if (r.setUTCSeconds(e.claims.nbf - t), o < r) throw new Error(`Not Before time (nbf) claim in the ID token indicates that this token can't be used just yet. Current time (${o}) is before ${r}`);
+  }
+  if (e.claims.auth_time != null && R(e.claims.auth_time)) {
+    const r = /* @__PURE__ */ new Date(0);
+    if (r.setUTCSeconds(parseInt(e.claims.auth_time) + i.max_age + t), o > r) throw new Error(`Authentication Time (auth_time) claim in the ID token indicates that too much time has passed since the last end-user authentication. Current time (${o}) is after last auth at ${r}`);
+  }
+  if (i.organization) {
+    const r = i.organization.trim();
+    if (r.startsWith("org_")) {
+      const a = r;
+      if (!e.claims.org_id) throw new Error("Organization ID (org_id) claim must be a string present in the ID token");
+      if (a !== e.claims.org_id) throw new Error(`Organization ID (org_id) claim mismatch in the ID token; expected "${a}", found "${e.claims.org_id}"`);
+    } else {
+      const a = r.toLowerCase();
+      if (!e.claims.org_name) throw new Error("Organization Name (org_name) claim must be a string present in the ID token");
+      if (a !== e.claims.org_name) throw new Error(`Organization Name (org_name) claim mismatch in the ID token; expected "${a}", found "${e.claims.org_name}"`);
+    }
+  }
+  return e;
+};
+var x = ee(function(i, e) {
+  var t = C && C.__assign || function() {
+    return t = Object.assign || function(u) {
+      for (var p, s = 1, c = arguments.length; s < c; s++) for (var d in p = arguments[s]) Object.prototype.hasOwnProperty.call(p, d) && (u[d] = p[d]);
+      return u;
+    }, t.apply(this, arguments);
+  };
+  function o(u, p) {
+    if (!p) return "";
+    var s = "; " + u;
+    return p === !0 ? s : s + "=" + p;
+  }
+  function n(u, p, s) {
+    return encodeURIComponent(u).replace(/%(23|24|26|2B|5E|60|7C)/g, decodeURIComponent).replace(/\(/g, "%28").replace(/\)/g, "%29") + "=" + encodeURIComponent(p).replace(/%(23|24|26|2B|3A|3C|3E|3D|2F|3F|40|5B|5D|5E|60|7B|7D|7C)/g, decodeURIComponent) + function(c) {
+      if (typeof c.expires == "number") {
+        var d = /* @__PURE__ */ new Date();
+        d.setMilliseconds(d.getMilliseconds() + 864e5 * c.expires), c.expires = d;
+      }
+      return o("Expires", c.expires ? c.expires.toUTCString() : "") + o("Domain", c.domain) + o("Path", c.path) + o("Secure", c.secure) + o("SameSite", c.sameSite);
+    }(s);
+  }
+  function r(u) {
+    for (var p = {}, s = u ? u.split("; ") : [], c = /(%[\dA-F]{2})+/gi, d = 0; d < s.length; d++) {
+      var l = s[d].split("="), m = l.slice(1).join("=");
+      m.charAt(0) === '"' && (m = m.slice(1, -1));
+      try {
+        p[l[0].replace(c, decodeURIComponent)] = m.replace(c, decodeURIComponent);
+      } catch {
+      }
+    }
+    return p;
+  }
+  function a() {
+    return r(document.cookie);
+  }
+  function h(u, p, s) {
+    document.cookie = n(u, p, t({ path: "/" }, s));
+  }
+  e.__esModule = !0, e.encode = n, e.parse = r, e.getAll = a, e.get = function(u) {
+    return a()[u];
+  }, e.set = h, e.remove = function(u, p) {
+    h(u, "", t(t({}, p), { expires: -1 }));
+  };
+});
+Q(x), x.encode, x.parse, x.getAll;
+var qe = x.get, Pe = x.set, Te = x.remove;
+const E = { get(i) {
+  const e = qe(i);
+  if (e !== void 0) return JSON.parse(e);
+}, save(i, e, t) {
+  let o = {};
+  window.location.protocol === "https:" && (o = { secure: !0, sameSite: "none" }), t != null && t.daysUntilExpire && (o.expires = t.daysUntilExpire), t != null && t.cookieDomain && (o.domain = t.cookieDomain), Pe(i, JSON.stringify(e), o);
+}, remove(i, e) {
+  let t = {};
+  e != null && e.cookieDomain && (t.domain = e.cookieDomain), Te(i, t);
+} }, Qe = { get(i) {
+  return E.get(i) || E.get(`_legacy_${i}`);
+}, save(i, e, t) {
+  let o = {};
+  window.location.protocol === "https:" && (o = { secure: !0 }), t != null && t.daysUntilExpire && (o.expires = t.daysUntilExpire), t != null && t.cookieDomain && (o.domain = t.cookieDomain), Pe(`_legacy_${i}`, JSON.stringify(e), o), E.save(i, e, t);
+}, remove(i, e) {
+  let t = {};
+  e != null && e.cookieDomain && (t.domain = e.cookieDomain), Te(i, t), E.remove(i, e), E.remove(`_legacy_${i}`, e);
+} }, et = { get(i) {
+  if (typeof sessionStorage > "u") return;
+  const e = sessionStorage.getItem(i);
+  return e != null ? JSON.parse(e) : void 0;
+}, save(i, e) {
+  sessionStorage.setItem(i, JSON.stringify(e));
+}, remove(i) {
+  sessionStorage.removeItem(i);
+} };
+var j;
+(function(i) {
+  i.Code = "code", i.ConnectCode = "connect_code";
+})(j || (j = {}));
+function tt(i, e, t) {
+  var o = e === void 0 ? null : e, n = function(u, p) {
+    var s = atob(u);
+    if (p) {
+      for (var c = new Uint8Array(s.length), d = 0, l = s.length; d < l; ++d) c[d] = s.charCodeAt(d);
+      return String.fromCharCode.apply(null, new Uint16Array(c.buffer));
+    }
+    return s;
+  }(i, t !== void 0 && t), r = n.indexOf(`
+`, 10) + 1, a = n.substring(r) + (o ? "//# sourceMappingURL=" + o : ""), h = new Blob([a], { type: "application/javascript" });
+  return URL.createObjectURL(h);
+}
+var le, pe, me, M, ot = (le = "Lyogcm9sbHVwLXBsdWdpbi13ZWItd29ya2VyLWxvYWRlciAqLwohZnVuY3Rpb24oKXsidXNlIHN0cmljdCI7Y2xhc3MgZSBleHRlbmRzIEVycm9ye2NvbnN0cnVjdG9yKHQscil7c3VwZXIociksdGhpcy5lcnJvcj10LHRoaXMuZXJyb3JfZGVzY3JpcHRpb249cixPYmplY3Quc2V0UHJvdG90eXBlT2YodGhpcyxlLnByb3RvdHlwZSl9c3RhdGljIGZyb21QYXlsb2FkKHtlcnJvcjp0LGVycm9yX2Rlc2NyaXB0aW9uOnJ9KXtyZXR1cm4gbmV3IGUodCxyKX19Y2xhc3MgdCBleHRlbmRzIGV7Y29uc3RydWN0b3IoZSxzKXtzdXBlcigibWlzc2luZ19yZWZyZXNoX3Rva2VuIixgTWlzc2luZyBSZWZyZXNoIFRva2VuIChhdWRpZW5jZTogJyR7cihlLFsiZGVmYXVsdCJdKX0nLCBzY29wZTogJyR7cihzKX0nKWApLHRoaXMuYXVkaWVuY2U9ZSx0aGlzLnNjb3BlPXMsT2JqZWN0LnNldFByb3RvdHlwZU9mKHRoaXMsdC5wcm90b3R5cGUpfX1mdW5jdGlvbiByKGUsdD1bXSl7cmV0dXJuIGUmJiF0LmluY2x1ZGVzKGUpP2U6IiJ9ImZ1bmN0aW9uIj09dHlwZW9mIFN1cHByZXNzZWRFcnJvciYmU3VwcHJlc3NlZEVycm9yO2NvbnN0IHM9ZT0+e3ZhcntjbGllbnRJZDp0fT1lLHI9ZnVuY3Rpb24oZSx0KXt2YXIgcj17fTtmb3IodmFyIHMgaW4gZSlPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwoZSxzKSYmdC5pbmRleE9mKHMpPDAmJihyW3NdPWVbc10pO2lmKG51bGwhPWUmJiJmdW5jdGlvbiI9PXR5cGVvZiBPYmplY3QuZ2V0T3duUHJvcGVydHlTeW1ib2xzKXt2YXIgbz0wO2ZvcihzPU9iamVjdC5nZXRPd25Qcm9wZXJ0eVN5bWJvbHMoZSk7bzxzLmxlbmd0aDtvKyspdC5pbmRleE9mKHNbb10pPDAmJk9iamVjdC5wcm90b3R5cGUucHJvcGVydHlJc0VudW1lcmFibGUuY2FsbChlLHNbb10pJiYocltzW29dXT1lW3Nbb11dKX1yZXR1cm4gcn0oZSxbImNsaWVudElkIl0pO3JldHVybiBuZXcgVVJMU2VhcmNoUGFyYW1zKChlPT5PYmplY3Qua2V5cyhlKS5maWx0ZXIoKHQ9PnZvaWQgMCE9PWVbdF0pKS5yZWR1Y2UoKCh0LHIpPT5PYmplY3QuYXNzaWduKE9iamVjdC5hc3NpZ24oe30sdCkse1tyXTplW3JdfSkpLHt9KSkoT2JqZWN0LmFzc2lnbih7Y2xpZW50X2lkOnR9LHIpKSkudG9TdHJpbmcoKX07bGV0IG89e307Y29uc3Qgbj0oZSx0KT0+YCR7ZX18JHt0fWA7YWRkRXZlbnRMaXN0ZW5lcigibWVzc2FnZSIsKGFzeW5jKHtkYXRhOnt0aW1lb3V0OmUsYXV0aDpyLGZldGNoVXJsOmksZmV0Y2hPcHRpb25zOmMsdXNlRm9ybURhdGE6YSx1c2VNcnJ0OmZ9LHBvcnRzOltwXX0pPT57bGV0IGgsdSxsPXt9O2NvbnN0e2F1ZGllbmNlOmQsc2NvcGU6eX09cnx8e307dHJ5e2NvbnN0IHI9YT8oZT0+e2NvbnN0IHQ9bmV3IFVSTFNlYXJjaFBhcmFtcyhlKSxyPXt9O3JldHVybiB0LmZvckVhY2goKChlLHQpPT57clt0XT1lfSkpLHJ9KShjLmJvZHkpOkpTT04ucGFyc2UoYy5ib2R5KTtpZighci5yZWZyZXNoX3Rva2VuJiYicmVmcmVzaF90b2tlbiI9PT1yLmdyYW50X3R5cGUpe2lmKHU9KChlLHQpPT5vW24oZSx0KV0pKGQseSksIXUmJmYpe2NvbnN0IGU9by5sYXRlc3RfcmVmcmVzaF90b2tlbix0PSgoZSx0KT0+e2NvbnN0IHI9T2JqZWN0LmtleXMobykuZmluZCgocj0+e2lmKCJsYXRlc3RfcmVmcmVzaF90b2tlbiIhPT1yKXtjb25zdCBzPSgoZSx0KT0+dC5zdGFydHNXaXRoKGAke2V9fGApKSh0LHIpLG89ci5zcGxpdCgifCIpWzFdLnNwbGl0KCIgIiksbj1lLnNwbGl0KCIgIikuZXZlcnkoKGU9Pm8uaW5jbHVkZXMoZSkpKTtyZXR1cm4gcyYmbn19KSk7cmV0dXJuISFyfSkoeSxkKTtlJiYhdCYmKHU9ZSl9aWYoIXUpdGhyb3cgbmV3IHQoZCx5KTtjLmJvZHk9YT9zKE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSxyKSx7cmVmcmVzaF90b2tlbjp1fSkpOkpTT04uc3RyaW5naWZ5KE9iamVjdC5hc3NpZ24oT2JqZWN0LmFzc2lnbih7fSxyKSx7cmVmcmVzaF90b2tlbjp1fSkpfWxldCBqLGs7ImZ1bmN0aW9uIj09dHlwZW9mIEFib3J0Q29udHJvbGxlciYmKGo9bmV3IEFib3J0Q29udHJvbGxlcixjLnNpZ25hbD1qLnNpZ25hbCk7dHJ5e2s9YXdhaXQgUHJvbWlzZS5yYWNlKFsoXz1lLG5ldyBQcm9taXNlKChlPT5zZXRUaW1lb3V0KGUsXykpKSksZmV0Y2goaSxPYmplY3QuYXNzaWduKHt9LGMpKV0pfWNhdGNoKGUpe3JldHVybiB2b2lkIHAucG9zdE1lc3NhZ2Uoe2Vycm9yOmUubWVzc2FnZX0pfWlmKCFrKXJldHVybiBqJiZqLmFib3J0KCksdm9pZCBwLnBvc3RNZXNzYWdlKHtlcnJvcjoiVGltZW91dCB3aGVuIGV4ZWN1dGluZyAnZmV0Y2gnIn0pO2c9ay5oZWFkZXJzLGw9Wy4uLmddLnJlZHVjZSgoKGUsW3Qscl0pPT4oZVt0XT1yLGUpKSx7fSksaD1hd2FpdCBrLmpzb24oKSxoLnJlZnJlc2hfdG9rZW4/KGYmJihvLmxhdGVzdF9yZWZyZXNoX3Rva2VuPWgucmVmcmVzaF90b2tlbixPPXUsYj1oLnJlZnJlc2hfdG9rZW4sT2JqZWN0LmVudHJpZXMobykuZm9yRWFjaCgoKFtlLHRdKT0+e3Q9PT1PJiYob1tlXT1iKX0pKSksKChlLHQscik9PntvW24odCxyKV09ZX0pKGgucmVmcmVzaF90b2tlbixkLHkpLGRlbGV0ZSBoLnJlZnJlc2hfdG9rZW4pOigoZSx0KT0+e2RlbGV0ZSBvW24oZSx0KV19KShkLHkpLHAucG9zdE1lc3NhZ2Uoe29rOmsub2ssanNvbjpoLGhlYWRlcnM6bH0pfWNhdGNoKGUpe3AucG9zdE1lc3NhZ2Uoe29rOiExLGpzb246e2Vycm9yOmUuZXJyb3IsZXJyb3JfZGVzY3JpcHRpb246ZS5tZXNzYWdlfSxoZWFkZXJzOmx9KX12YXIgTyxiLGcsX30pKX0oKTsKCg==", pe = null, me = !1, function(i) {
+  return M = M || tt(le, pe, me), new Worker(M, i);
+});
+const Y = {};
+class nt {
+  constructor(e, t) {
+    this.cache = e, this.clientId = t, this.manifestKey = this.createManifestKeyFrom(this.clientId);
+  }
+  async add(e) {
+    var t;
+    const o = new Set(((t = await this.cache.get(this.manifestKey)) === null || t === void 0 ? void 0 : t.keys) || []);
+    o.add(e), await this.cache.set(this.manifestKey, { keys: [...o] });
+  }
+  async remove(e) {
+    const t = await this.cache.get(this.manifestKey);
+    if (t) {
+      const o = new Set(t.keys);
+      return o.delete(e), o.size > 0 ? await this.cache.set(this.manifestKey, { keys: [...o] }) : await this.cache.remove(this.manifestKey);
+    }
+  }
+  get() {
+    return this.cache.get(this.manifestKey);
+  }
+  clear() {
+    return this.cache.remove(this.manifestKey);
+  }
+  createManifestKeyFrom(e) {
+    return `@@auth0spajs@@::${e}`;
+  }
+}
+const it = { memory: () => new Ie().enclosedCache, localstorage: () => new Ge() }, fe = (i) => it[i], ge = (i) => {
+  const { openUrl: e, onRedirect: t } = i, o = I(i, ["openUrl", "onRedirect"]);
+  return Object.assign(Object.assign({}, o), { openUrl: e === !1 || e ? e : t });
+}, ye = (i, e) => {
+  const t = (e == null ? void 0 : e.split(" ")) || [];
+  return ((i == null ? void 0 : i.split(" ")) || []).every((o) => t.includes(o));
+}, T = { NONCE: "nonce", KEYPAIR: "keypair" };
+class rt {
+  constructor(e) {
+    this.clientId = e;
+  }
+  getVersion() {
+    return 1;
+  }
+  createDbHandle() {
+    const e = window.indexedDB.open("auth0-spa-js", this.getVersion());
+    return new Promise((t, o) => {
+      e.onupgradeneeded = () => Object.values(T).forEach((n) => e.result.createObjectStore(n)), e.onerror = () => o(e.error), e.onsuccess = () => t(e.result);
+    });
+  }
+  async getDbHandle() {
+    return this.dbHandle || (this.dbHandle = await this.createDbHandle()), this.dbHandle;
+  }
+  async executeDbRequest(e, t, o) {
+    const n = o((await this.getDbHandle()).transaction(e, t).objectStore(e));
+    return new Promise((r, a) => {
+      n.onsuccess = () => r(n.result), n.onerror = () => a(n.error);
+    });
+  }
+  buildKey(e) {
+    const t = e ? `_${e}` : "auth0";
+    return `${this.clientId}::${t}`;
+  }
+  setNonce(e, t) {
+    return this.save(T.NONCE, this.buildKey(t), e);
+  }
+  setKeyPair(e) {
+    return this.save(T.KEYPAIR, this.buildKey(), e);
+  }
+  async save(e, t, o) {
+    await this.executeDbRequest(e, "readwrite", (n) => n.put(o, t));
+  }
+  findNonce(e) {
+    return this.find(T.NONCE, this.buildKey(e));
+  }
+  findKeyPair() {
+    return this.find(T.KEYPAIR, this.buildKey());
+  }
+  find(e, t) {
+    return this.executeDbRequest(e, "readonly", (o) => o.get(t));
+  }
+  async deleteBy(e, t) {
+    const o = await this.executeDbRequest(e, "readonly", (n) => n.getAllKeys());
+    o == null || o.filter(t).map((n) => this.executeDbRequest(e, "readwrite", (r) => r.delete(n)));
+  }
+  deleteByClientId(e, t) {
+    return this.deleteBy(e, (o) => typeof o == "string" && o.startsWith(`${t}::`));
+  }
+  clearNonces() {
+    return this.deleteByClientId(T.NONCE, this.clientId);
+  }
+  clearKeyPairs() {
+    return this.deleteByClientId(T.KEYPAIR, this.clientId);
+  }
+}
+class st {
+  constructor(e) {
+    this.storage = new rt(e);
+  }
+  getNonce(e) {
+    return this.storage.findNonce(e);
+  }
+  setNonce(e, t) {
+    return this.storage.setNonce(e, t);
+  }
+  async getOrGenerateKeyPair() {
+    let e = await this.storage.findKeyPair();
+    return e || (e = await Le(), await this.storage.setKeyPair(e)), e;
+  }
+  async generateProof(e) {
+    const t = await this.getOrGenerateKeyPair();
+    return He(Object.assign({ keyPair: t }, e));
+  }
+  async calculateThumbprint() {
+    return Ze(await this.getOrGenerateKeyPair());
+  }
+  async clear() {
+    await Promise.all([this.storage.clearNonces(), this.storage.clearKeyPairs()]);
+  }
+}
+var z;
+(function(i) {
+  i.Bearer = "Bearer", i.DPoP = "DPoP";
+})(z || (z = {}));
+class at {
+  constructor(e, t) {
+    this.hooks = t, this.config = Object.assign(Object.assign({}, e), { fetch: e.fetch || (typeof window > "u" ? fetch : window.fetch.bind(window)) });
+  }
+  isAbsoluteUrl(e) {
+    return /^(https?:)?\/\//i.test(e);
+  }
+  buildUrl(e, t) {
+    if (t) {
+      if (this.isAbsoluteUrl(t)) return t;
+      if (e) return `${e.replace(/\/?\/$/, "")}/${t.replace(/^\/+/, "")}`;
+    }
+    throw new TypeError("`url` must be absolute or `baseUrl` non-empty.");
+  }
+  getAccessToken(e) {
+    return this.config.getAccessToken ? this.config.getAccessToken(e) : this.hooks.getAccessToken(e);
+  }
+  extractUrl(e) {
+    return typeof e == "string" ? e : e instanceof URL ? e.href : e.url;
+  }
+  buildBaseRequest(e, t) {
+    if (!this.config.baseUrl) return new Request(e, t);
+    const o = this.buildUrl(this.config.baseUrl, this.extractUrl(e)), n = e instanceof Request ? new Request(o, e) : o;
+    return new Request(n, t);
+  }
+  setAuthorizationHeader(e, t, o = z.Bearer) {
+    e.headers.set("authorization", `${o} ${t}`);
+  }
+  async setDpopProofHeader(e, t) {
+    if (!this.config.dpopNonceId) return;
+    const o = await this.hooks.getDpopNonce(), n = await this.hooks.generateDpopProof({ accessToken: t, method: e.method, nonce: o, url: e.url });
+    e.headers.set("dpop", n);
+  }
+  async prepareRequest(e, t) {
+    const o = await this.getAccessToken(t);
+    let n, r;
+    typeof o == "string" ? (n = this.config.dpopNonceId ? z.DPoP : z.Bearer, r = o) : (n = o.token_type, r = o.access_token), this.setAuthorizationHeader(e, r, n), n === z.DPoP && await this.setDpopProofHeader(e, r);
+  }
+  getHeader(e, t) {
+    return Array.isArray(e) ? new Headers(e).get(t) || "" : typeof e.get == "function" ? e.get(t) || "" : e[t] || "";
+  }
+  hasUseDpopNonceError(e) {
+    if (e.status !== 401) return !1;
+    const t = this.getHeader(e.headers, "www-authenticate");
+    return t.includes("invalid_dpop_nonce") || t.includes("use_dpop_nonce");
+  }
+  async handleResponse(e, t) {
+    const o = this.getHeader(e.headers, "dpop-nonce");
+    if (o && await this.hooks.setDpopNonce(o), !this.hasUseDpopNonceError(e)) return e;
+    if (!o || !t.onUseDpopNonceError) throw new F(o);
+    return t.onUseDpopNonceError();
+  }
+  async internalFetchWithAuth(e, t, o, n) {
+    const r = this.buildBaseRequest(e, t);
+    await this.prepareRequest(r, n);
+    const a = await this.config.fetch(r);
+    return this.handleResponse(a, o);
+  }
+  fetchWithAuth(e, t, o) {
+    const n = { onUseDpopNonceError: () => this.internalFetchWithAuth(e, t, Object.assign(Object.assign({}, n), { onUseDpopNonceError: void 0 }), o) };
+    return this.internalFetchWithAuth(e, t, n, o);
+  }
+}
+class ct {
+  constructor(e, t) {
+    this.myAccountFetcher = e, this.apiBase = t;
+  }
+  async connectAccount(e) {
+    const t = await this.myAccountFetcher.fetchWithAuth(`${this.apiBase}v1/connected-accounts/connect`, { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify(e) });
+    return this._handleResponse(t);
+  }
+  async completeAccount(e) {
+    const t = await this.myAccountFetcher.fetchWithAuth(`${this.apiBase}v1/connected-accounts/complete`, { method: "POST", headers: { "Content-Type": "application/json" }, body: JSON.stringify(e) });
+    return this._handleResponse(t);
+  }
+  async _handleResponse(e) {
+    let t;
+    try {
+      t = await e.text(), t = JSON.parse(t);
+    } catch (o) {
+      throw new X({ type: "invalid_json", status: e.status, title: "Invalid JSON response", detail: t || String(o) });
+    }
+    if (e.ok) return t;
+    throw new X(t);
+  }
+}
+class X extends Error {
+  constructor({ type: e, status: t, title: o, detail: n, validation_errors: r }) {
+    super(n), this.name = "MyAccountApiError", this.type = e, this.status = t, this.title = o, this.detail = n, this.validation_errors = r, Object.setPrototypeOf(this, X.prototype);
+  }
+}
+const $ = new Ce();
+class ut {
+  constructor(e) {
+    let t, o;
+    if (this.userCache = new Ie().enclosedCache, this.activeLockKeys = /* @__PURE__ */ new Set(), this.defaultOptions = { authorizationParams: { scope: "openid profile email" }, useRefreshTokensFallback: !1, useFormData: !0 }, this._releaseLockOnPageHide = async () => {
+      const u = Array.from(this.activeLockKeys);
+      for (const p of u) await $.releaseLock(p);
+      this.activeLockKeys.clear(), window.removeEventListener("pagehide", this._releaseLockOnPageHide);
+    }, this.options = Object.assign(Object.assign(Object.assign({}, this.defaultOptions), e), { authorizationParams: Object.assign(Object.assign({}, this.defaultOptions.authorizationParams), e.authorizationParams) }), typeof window < "u" && (() => {
+      if (!J()) throw new Error("For security reasons, `window.crypto` is required to run `auth0-spa-js`.");
+      if (J().subtle === void 0) throw new Error(`
+      auth0-spa-js must run on a secure origin. See https://github.com/auth0/auth0-spa-js/blob/main/FAQ.md#why-do-i-get-auth0-spa-js-must-run-on-a-secure-origin for more information.
+    `);
+    })(), e.cache && e.cacheLocation && console.warn("Both `cache` and `cacheLocation` options have been specified in the Auth0Client configuration; ignoring `cacheLocation` and using `cache`."), e.cache) o = e.cache;
+    else {
+      if (t = e.cacheLocation || "memory", !fe(t)) throw new Error(`Invalid cache location "${t}"`);
+      o = fe(t)();
+    }
+    this.httpTimeoutMs = e.httpTimeoutInSeconds ? 1e3 * e.httpTimeoutInSeconds : 1e4, this.cookieStorage = e.legacySameSiteCookie === !1 ? E : Qe, this.orgHintCookieName = `auth0.${this.options.clientId}.organization_hint`, this.isAuthenticatedCookieName = ((u) => `auth0.${u}.is.authenticated`)(this.options.clientId), this.sessionCheckExpiryDays = e.sessionCheckExpiryDays || 1;
+    const n = e.useCookiesForTransactions ? this.cookieStorage : et;
+    var r;
+    this.scope = ((u, p, ...s) => {
+      if (typeof u != "object") return { default: H(p, u, ...s) };
+      let c = { default: H(p, ...s) };
+      return Object.keys(u).forEach((d) => {
+        const l = u[d];
+        c[d] = H(p, l, ...s);
+      }), c;
+    })(this.options.authorizationParams.scope, "openid", this.options.useRefreshTokens ? "offline_access" : ""), this.transactionManager = new Ye(n, this.options.clientId, this.options.cookieDomain), this.nowProvider = this.options.nowProvider || be, this.cacheManager = new Me(o, o.allKeys ? void 0 : new nt(o, this.options.clientId), this.nowProvider), this.dpop = this.options.useDpop ? new st(this.options.clientId) : void 0, this.domainUrl = (r = this.options.domain, /^https?:\/\//.test(r) ? r : `https://${r}`), this.tokenIssuer = ((u, p) => u ? u.startsWith("https://") ? u : `https://${u}/` : `${p}/`)(this.options.issuer, this.domainUrl);
+    const a = `${this.domainUrl}/me/`, h = this.createFetcher(Object.assign(Object.assign({}, this.options.useDpop && { dpopNonceId: "__auth0_my_account_api__" }), { getAccessToken: () => this.getTokenSilently({ authorizationParams: { scope: "create:me:connected_accounts", audience: a }, detailedResponse: !0 }) }));
+    this.myAccountApi = new ct(h, a), typeof window < "u" && window.Worker && this.options.useRefreshTokens && t === "memory" && (this.options.workerUrl ? this.worker = new Worker(this.options.workerUrl) : this.worker = new ot());
+  }
+  _url(e) {
+    const t = encodeURIComponent(btoa(JSON.stringify(this.options.auth0Client || we)));
+    return `${this.domainUrl}${e}&auth0Client=${t}`;
+  }
+  _authorizeUrl(e) {
+    return this._url(`/authorize?${B(e)}`);
+  }
+  async _verifyIdToken(e, t, o) {
+    const n = await this.nowProvider();
+    return Be({ iss: this.tokenIssuer, aud: this.options.clientId, id_token: e, nonce: t, organization: o, leeway: this.options.leeway, max_age: (r = this.options.authorizationParams.max_age, typeof r != "string" ? r : parseInt(r, 10) || void 0), now: n });
+    var r;
+  }
+  _processOrgHint(e) {
+    e ? this.cookieStorage.save(this.orgHintCookieName, e, { daysUntilExpire: this.sessionCheckExpiryDays, cookieDomain: this.options.cookieDomain }) : this.cookieStorage.remove(this.orgHintCookieName, { cookieDomain: this.options.cookieDomain });
+  }
+  async _prepareAuthorizeUrl(e, t, o) {
+    var n;
+    const r = G(N()), a = G(N()), h = N(), u = await ce(h), p = he(u), s = await ((n = this.dpop) === null || n === void 0 ? void 0 : n.calculateThumbprint()), c = ((l, m, y, g, k, b, w, f, S) => Object.assign(Object.assign(Object.assign({ client_id: l.clientId }, l.authorizationParams), y), { scope: Z(m, y.scope, y.audience), response_type: "code", response_mode: f || "query", state: g, nonce: k, redirect_uri: w || l.authorizationParams.redirect_uri, code_challenge: b, code_challenge_method: "S256", dpop_jkt: S }))(this.options, this.scope, e, r, a, p, e.redirect_uri || this.options.authorizationParams.redirect_uri || o, t == null ? void 0 : t.response_mode, s), d = this._authorizeUrl(c);
+    return { nonce: a, code_verifier: h, scope: c.scope, audience: c.audience || "default", redirect_uri: c.redirect_uri, state: r, url: d };
+  }
+  async loginWithPopup(e, t) {
+    var o;
+    if (e = e || {}, !(t = t || {}).popup && (t.popup = ((h) => {
+      const u = window.screenX + (window.innerWidth - 400) / 2, p = window.screenY + (window.innerHeight - 600) / 2;
+      return window.open(h, "auth0:authorize:popup", `left=${u},top=${p},width=400,height=600,resizable,scrollbars=yes,status=1`);
+    })(""), !t.popup)) throw new Error("Unable to open a popup for loginWithPopup - window.open returned `null`");
+    const n = await this._prepareAuthorizeUrl(e.authorizationParams || {}, { response_mode: "web_message" }, window.location.origin);
+    t.popup.location.href = n.url;
+    const r = await ((h) => new Promise((u, p) => {
+      let s;
+      const c = setInterval(() => {
+        h.popup && h.popup.closed && (clearInterval(c), clearTimeout(d), window.removeEventListener("message", s, !1), p(new ie(h.popup)));
+      }, 1e3), d = setTimeout(() => {
+        clearInterval(c), p(new ne(h.popup)), window.removeEventListener("message", s, !1);
+      }, 1e3 * (h.timeoutInSeconds || 60));
+      s = function(l) {
+        if (l.data && l.data.type === "authorization_response") {
+          if (clearTimeout(d), clearInterval(c), window.removeEventListener("message", s, !1), h.popup.close(), l.data.response.error) return p(v.fromPayload(l.data.response));
+          u(l.data.response);
+        }
+      }, window.addEventListener("message", s);
+    }))(Object.assign(Object.assign({}, t), { timeoutInSeconds: t.timeoutInSeconds || this.options.authorizeTimeoutInSeconds || 60 }));
+    if (n.state !== r.state) throw new v("state_mismatch", "Invalid state");
+    const a = ((o = e.authorizationParams) === null || o === void 0 ? void 0 : o.organization) || this.options.authorizationParams.organization;
+    await this._requestToken({ audience: n.audience, scope: n.scope, code_verifier: n.code_verifier, grant_type: "authorization_code", code: r.code, redirect_uri: n.redirect_uri }, { nonceIn: n.nonce, organization: a });
+  }
+  async getUser() {
+    var e;
+    const t = await this._getIdTokenFromCache();
+    return (e = t == null ? void 0 : t.decodedToken) === null || e === void 0 ? void 0 : e.user;
+  }
+  async getIdTokenClaims() {
+    var e;
+    const t = await this._getIdTokenFromCache();
+    return (e = t == null ? void 0 : t.decodedToken) === null || e === void 0 ? void 0 : e.claims;
+  }
+  async loginWithRedirect(e = {}) {
+    var t;
+    const o = ge(e), { openUrl: n, fragment: r, appState: a } = o, h = I(o, ["openUrl", "fragment", "appState"]), u = ((t = h.authorizationParams) === null || t === void 0 ? void 0 : t.organization) || this.options.authorizationParams.organization, p = await this._prepareAuthorizeUrl(h.authorizationParams || {}), { url: s } = p, c = I(p, ["url"]);
+    this.transactionManager.create(Object.assign(Object.assign(Object.assign({}, c), { appState: a, response_type: j.Code }), u && { organization: u }));
+    const d = r ? `${s}#${r}` : s;
+    n ? await n(d) : window.location.assign(d);
+  }
+  async handleRedirectCallback(e = window.location.href) {
+    const t = e.split("?").slice(1);
+    if (t.length === 0) throw new Error("There are no query params available for parsing.");
+    const o = this.transactionManager.get();
+    if (!o) throw new v("missing_transaction", "Invalid state");
+    this.transactionManager.remove();
+    const n = ((r) => {
+      r.indexOf("#") > -1 && (r = r.substring(0, r.indexOf("#")));
+      const a = new URLSearchParams(r);
+      return { state: a.get("state"), code: a.get("code") || void 0, connect_code: a.get("connect_code") || void 0, error: a.get("error") || void 0, error_description: a.get("error_description") || void 0 };
+    })(t.join(""));
+    return o.response_type === j.ConnectCode ? this._handleConnectAccountRedirectCallback(n, o) : this._handleLoginRedirectCallback(n, o);
+  }
+  async _handleLoginRedirectCallback(e, t) {
+    const { code: o, state: n, error: r, error_description: a } = e;
+    if (r) throw new te(r, a || r, n, t.appState);
+    if (!t.code_verifier || t.state && t.state !== n) throw new v("state_mismatch", "Invalid state");
+    const h = t.organization, u = t.nonce, p = t.redirect_uri;
+    return await this._requestToken(Object.assign({ audience: t.audience, scope: t.scope, code_verifier: t.code_verifier, grant_type: "authorization_code", code: o }, p ? { redirect_uri: p } : {}), { nonceIn: u, organization: h }), { appState: t.appState, response_type: j.Code };
+  }
+  async _handleConnectAccountRedirectCallback(e, t) {
+    const { connect_code: o, state: n, error: r, error_description: a } = e;
+    if (r) throw new oe(r, a || r, t.connection, n, t.appState);
+    if (!o) throw new v("missing_connect_code", "Missing connect code");
+    if (!(t.code_verifier && t.state && t.auth_session && t.redirect_uri && t.state === n)) throw new v("state_mismatch", "Invalid state");
+    const h = await this.myAccountApi.completeAccount({ auth_session: t.auth_session, connect_code: o, redirect_uri: t.redirect_uri, code_verifier: t.code_verifier });
+    return Object.assign(Object.assign({}, h), { appState: t.appState, response_type: j.ConnectCode });
+  }
+  async checkSession(e) {
+    if (!this.cookieStorage.get(this.isAuthenticatedCookieName)) {
+      if (!this.cookieStorage.get("auth0.is.authenticated")) return;
+      this.cookieStorage.save(this.isAuthenticatedCookieName, !0, { daysUntilExpire: this.sessionCheckExpiryDays, cookieDomain: this.options.cookieDomain }), this.cookieStorage.remove("auth0.is.authenticated");
+    }
+    try {
+      await this.getTokenSilently(e);
+    } catch {
+    }
+  }
+  async getTokenSilently(e = {}) {
+    var t, o;
+    const n = Object.assign(Object.assign({ cacheMode: "on" }, e), { authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), e.authorizationParams), { scope: Z(this.scope, (t = e.authorizationParams) === null || t === void 0 ? void 0 : t.scope, ((o = e.authorizationParams) === null || o === void 0 ? void 0 : o.audience) || this.options.authorizationParams.audience) }) }), r = await ((a, h) => {
+      let u = Y[h];
+      return u || (u = a().finally(() => {
+        delete Y[h], u = null;
+      }), Y[h] = u), u;
+    })(() => this._getTokenSilently(n), `${this.options.clientId}::${n.authorizationParams.audience}::${n.authorizationParams.scope}`);
+    return e.detailedResponse ? r : r == null ? void 0 : r.access_token;
+  }
+  async _getTokenSilently(e) {
+    const { cacheMode: t } = e, o = I(e, ["cacheMode"]);
+    if (t !== "off") {
+      const h = await this._getEntryFromCache({ scope: o.authorizationParams.scope, audience: o.authorizationParams.audience || "default", clientId: this.options.clientId, cacheMode: t });
+      if (h) return h;
+    }
+    if (t === "cache-only") return;
+    const n = (r = this.options.clientId, a = o.authorizationParams.audience || "default", `auth0.lock.getTokenSilently.${r}.${a}`);
+    var r, a;
+    if (!await (async (h, u = 3) => {
+      for (let p = 0; p < u; p++) if (await h()) return !0;
+      return !1;
+    })(() => $.acquireLock(n, 5e3), 10)) throw new U();
+    this.activeLockKeys.add(n), this.activeLockKeys.size === 1 && window.addEventListener("pagehide", this._releaseLockOnPageHide);
+    try {
+      if (t !== "off") {
+        const l = await this._getEntryFromCache({ scope: o.authorizationParams.scope, audience: o.authorizationParams.audience || "default", clientId: this.options.clientId });
+        if (l) return l;
+      }
+      const h = this.options.useRefreshTokens ? await this._getTokenUsingRefreshToken(o) : await this._getTokenFromIFrame(o), { id_token: u, token_type: p, access_token: s, oauthTokenScope: c, expires_in: d } = h;
+      return Object.assign(Object.assign({ id_token: u, token_type: p, access_token: s }, c ? { scope: c } : null), { expires_in: d });
+    } finally {
+      await $.releaseLock(n), this.activeLockKeys.delete(n), this.activeLockKeys.size === 0 && window.removeEventListener("pagehide", this._releaseLockOnPageHide);
+    }
+  }
+  async getTokenWithPopup(e = {}, t = {}) {
+    var o, n;
+    const r = Object.assign(Object.assign({}, e), { authorizationParams: Object.assign(Object.assign(Object.assign({}, this.options.authorizationParams), e.authorizationParams), { scope: Z(this.scope, (o = e.authorizationParams) === null || o === void 0 ? void 0 : o.scope, ((n = e.authorizationParams) === null || n === void 0 ? void 0 : n.audience) || this.options.authorizationParams.audience) }) });
+    return t = Object.assign(Object.assign({}, je), t), await this.loginWithPopup(r, t), (await this.cacheManager.get(new _({ scope: r.authorizationParams.scope, audience: r.authorizationParams.audience || "default", clientId: this.options.clientId }), void 0, this.options.useMrrt)).access_token;
+  }
+  async isAuthenticated() {
+    return !!await this.getUser();
+  }
+  _buildLogoutUrl(e) {
+    e.clientId !== null ? e.clientId = e.clientId || this.options.clientId : delete e.clientId;
+    const t = e.logoutParams || {}, { federated: o } = t, n = I(t, ["federated"]), r = o ? "&federated" : "";
+    return this._url(`/v2/logout?${B(Object.assign({ clientId: e.clientId }, n))}`) + r;
+  }
+  async logout(e = {}) {
+    var t;
+    const o = ge(e), { openUrl: n } = o, r = I(o, ["openUrl"]);
+    e.clientId === null ? await this.cacheManager.clear() : await this.cacheManager.clear(e.clientId || this.options.clientId), this.cookieStorage.remove(this.orgHintCookieName, { cookieDomain: this.options.cookieDomain }), this.cookieStorage.remove(this.isAuthenticatedCookieName, { cookieDomain: this.options.cookieDomain }), this.userCache.remove("@@user@@"), await ((t = this.dpop) === null || t === void 0 ? void 0 : t.clear());
+    const a = this._buildLogoutUrl(r);
+    n ? await n(a) : n !== !1 && window.location.assign(a);
+  }
+  async _getTokenFromIFrame(e) {
+    const t = Object.assign(Object.assign({}, e.authorizationParams), { prompt: "none" }), o = this.cookieStorage.get(this.orgHintCookieName);
+    o && !t.organization && (t.organization = o);
+    const { url: n, state: r, nonce: a, code_verifier: h, redirect_uri: u, scope: p, audience: s } = await this._prepareAuthorizeUrl(t, { response_mode: "web_message" }, window.location.origin);
+    try {
+      if (window.crossOriginIsolated) throw new v("login_required", "The application is running in a Cross-Origin Isolated context, silently retrieving a token without refresh token is not possible.");
+      const c = e.timeoutInSeconds || this.options.authorizeTimeoutInSeconds;
+      let d;
+      try {
+        d = new URL(this.domainUrl).origin;
+      } catch {
+        d = this.domainUrl;
+      }
+      const l = await ((y, g, k = 60) => new Promise((b, w) => {
+        const f = window.document.createElement("iframe");
+        f.setAttribute("width", "0"), f.setAttribute("height", "0"), f.style.display = "none";
+        const S = () => {
+          window.document.body.contains(f) && (window.document.body.removeChild(f), window.removeEventListener("message", L, !1));
+        };
+        let L;
+        const Oe = setTimeout(() => {
+          w(new U()), S();
+        }, 1e3 * k);
+        L = function(P) {
+          if (P.origin != g || !P.data || P.data.type !== "authorization_response") return;
+          const ae = P.source;
+          ae && ae.close(), P.data.response.error ? w(v.fromPayload(P.data.response)) : b(P.data.response), clearTimeout(Oe), window.removeEventListener("message", L, !1), setTimeout(S, 2e3);
+        }, window.addEventListener("message", L, !1), window.document.body.appendChild(f), f.setAttribute("src", y);
+      }))(n, d, c);
+      if (r !== l.state) throw new v("state_mismatch", "Invalid state");
+      const m = await this._requestToken(Object.assign(Object.assign({}, e.authorizationParams), { code_verifier: h, code: l.code, grant_type: "authorization_code", redirect_uri: u, timeout: e.authorizationParams.timeout || this.httpTimeoutMs }), { nonceIn: a, organization: t.organization });
+      return Object.assign(Object.assign({}, m), { scope: p, oauthTokenScope: m.scope, audience: s });
+    } catch (c) {
+      throw c.error === "login_required" && this.logout({ openUrl: !1 }), c;
+    }
+  }
+  async _getTokenUsingRefreshToken(e) {
+    const t = await this.cacheManager.get(new _({ scope: e.authorizationParams.scope, audience: e.authorizationParams.audience || "default", clientId: this.options.clientId }), void 0, this.options.useMrrt);
+    if (!(t && t.refresh_token || this.worker)) {
+      if (this.options.useRefreshTokensFallback) return await this._getTokenFromIFrame(e);
+      throw new V(e.authorizationParams.audience || "default", e.authorizationParams.scope);
+    }
+    const o = e.authorizationParams.redirect_uri || this.options.authorizationParams.redirect_uri || window.location.origin, n = typeof e.timeoutInSeconds == "number" ? 1e3 * e.timeoutInSeconds : null, r = ((s, c, d, l) => {
+      var m;
+      if (s && d && l) {
+        if (c.audience !== d) return c.scope;
+        const y = l.split(" "), g = ((m = c.scope) === null || m === void 0 ? void 0 : m.split(" ")) || [], k = g.every((b) => y.includes(b));
+        return y.length >= g.length && k ? l : c.scope;
+      }
+      return c.scope;
+    })(this.options.useMrrt, e.authorizationParams, t == null ? void 0 : t.audience, t == null ? void 0 : t.scope);
+    try {
+      const s = await this._requestToken(Object.assign(Object.assign(Object.assign({}, e.authorizationParams), { grant_type: "refresh_token", refresh_token: t && t.refresh_token, redirect_uri: o }), n && { timeout: n }), { scopesToRequest: r });
+      if (s.refresh_token && this.options.useMrrt && (t != null && t.refresh_token) && await this.cacheManager.updateEntry(t.refresh_token, s.refresh_token), this.options.useMrrt && (a = t == null ? void 0 : t.audience, h = t == null ? void 0 : t.scope, u = e.authorizationParams.audience, p = e.authorizationParams.scope, (a !== u || !ye(p, h)) && !ye(r, s.scope))) {
+        if (this.options.useRefreshTokensFallback) return await this._getTokenFromIFrame(e);
+        await this.cacheManager.remove(this.options.clientId, e.authorizationParams.audience, e.authorizationParams.scope);
+        const c = ((d, l) => {
+          const m = (d == null ? void 0 : d.split(" ")) || [], y = (l == null ? void 0 : l.split(" ")) || [];
+          return m.filter((g) => y.indexOf(g) == -1).join(",");
+        })(r, s.scope);
+        throw new se(e.authorizationParams.audience || "default", c);
+      }
+      return Object.assign(Object.assign({}, s), { scope: e.authorizationParams.scope, oauthTokenScope: s.scope, audience: e.authorizationParams.audience || "default" });
+    } catch (s) {
+      if ((s.message.indexOf("Missing Refresh Token") > -1 || s.message && s.message.indexOf("invalid refresh token") > -1) && this.options.useRefreshTokensFallback) return await this._getTokenFromIFrame(e);
+      throw s;
+    }
+    var a, h, u, p;
+  }
+  async _saveEntryInCache(e) {
+    const { id_token: t, decodedToken: o } = e, n = I(e, ["id_token", "decodedToken"]);
+    this.userCache.set("@@user@@", { id_token: t, decodedToken: o }), await this.cacheManager.setIdToken(this.options.clientId, e.id_token, e.decodedToken), await this.cacheManager.set(n);
+  }
+  async _getIdTokenFromCache() {
+    const e = this.options.authorizationParams.audience || "default", t = this.scope[e], o = await this.cacheManager.getIdToken(new _({ clientId: this.options.clientId, audience: e, scope: t })), n = this.userCache.get("@@user@@");
+    return o && o.id_token === (n == null ? void 0 : n.id_token) ? n : (this.userCache.set("@@user@@", o), o);
+  }
+  async _getEntryFromCache({ scope: e, audience: t, clientId: o, cacheMode: n }) {
+    const r = await this.cacheManager.get(new _({ scope: e, audience: t, clientId: o }), 60, this.options.useMrrt, n);
+    if (r && r.access_token) {
+      const { token_type: a, access_token: h, oauthTokenScope: u, expires_in: p } = r, s = await this._getIdTokenFromCache();
+      return s && Object.assign(Object.assign({ id_token: s.id_token, token_type: a || "Bearer", access_token: h }, u ? { scope: u } : null), { expires_in: p });
+    }
+  }
+  async _requestToken(e, t) {
+    const { nonceIn: o, organization: n, scopesToRequest: r } = t || {}, a = await Fe(Object.assign(Object.assign({ baseUrl: this.domainUrl, client_id: this.options.clientId, auth0Client: this.options.auth0Client, useFormData: this.options.useFormData, timeout: this.httpTimeoutMs, useMrrt: this.options.useMrrt, dpop: this.dpop }, e), { scope: r || e.scope }), this.worker), h = await this._verifyIdToken(a.id_token, o, n);
+    return await this._saveEntryInCache(Object.assign(Object.assign(Object.assign(Object.assign({}, a), { decodedToken: h, scope: e.scope, audience: e.audience || "default" }), a.scope ? { oauthTokenScope: a.scope } : null), { client_id: this.options.clientId })), this.cookieStorage.save(this.isAuthenticatedCookieName, !0, { daysUntilExpire: this.sessionCheckExpiryDays, cookieDomain: this.options.cookieDomain }), this._processOrgHint(n || h.claims.org_id), Object.assign(Object.assign({}, a), { decodedToken: h });
+  }
+  async exchangeToken(e) {
+    return this._requestToken({ grant_type: "urn:ietf:params:oauth:grant-type:token-exchange", subject_token: e.subject_token, subject_token_type: e.subject_token_type, scope: Z(this.scope, e.scope, e.audience || this.options.authorizationParams.audience), audience: e.audience || this.options.authorizationParams.audience });
+  }
+  _assertDpop(e) {
+    if (!e) throw new Error("`useDpop` option must be enabled before using DPoP.");
+  }
+  getDpopNonce(e) {
+    return this._assertDpop(this.dpop), this.dpop.getNonce(e);
+  }
+  setDpopNonce(e, t) {
+    return this._assertDpop(this.dpop), this.dpop.setNonce(e, t);
+  }
+  generateDpopProof(e) {
+    return this._assertDpop(this.dpop), this.dpop.generateProof(e);
+  }
+  createFetcher(e = {}) {
+    return new at(e, { isDpopEnabled: () => !!this.options.useDpop, getAccessToken: (t) => {
+      var o;
+      return this.getTokenSilently({ authorizationParams: { scope: (o = t == null ? void 0 : t.scope) === null || o === void 0 ? void 0 : o.join(" "), audience: t == null ? void 0 : t.audience }, detailedResponse: !0 });
+    }, getDpopNonce: () => this.getDpopNonce(e.dpopNonceId), setDpopNonce: (t) => this.setDpopNonce(t, e.dpopNonceId), generateDpopProof: (t) => this.generateDpopProof(t) });
+  }
+  async connectAccountWithRedirect(e) {
+    const { openUrl: t, appState: o, connection: n, authorization_params: r, redirectUri: a = this.options.authorizationParams.redirect_uri || window.location.origin } = e;
+    if (!n) throw new Error("connection is required");
+    const h = G(N()), u = N(), p = await ce(u), s = he(p), { connect_uri: c, connect_params: d, auth_session: l } = await this.myAccountApi.connectAccount({ connection: n, redirect_uri: a, state: h, code_challenge: s, code_challenge_method: "S256", authorization_params: r });
+    this.transactionManager.create({ state: h, code_verifier: u, auth_session: l, redirect_uri: a, appState: o, connection: n, response_type: j.ConnectCode });
+    const m = new URL(c);
+    m.searchParams.set("ticket", d.ticket), t ? await t(m.toString()) : window.location.assign(m);
+  }
+}
+export {
+  ut as Auth0Client,
+  te as AuthenticationError,
+  _ as CacheKey,
+  oe as ConnectError,
+  v as GenericError,
+  Ie as InMemoryCache,
+  Ge as LocalStorageCache,
+  re as MfaRequiredError,
+  V as MissingRefreshTokenError,
+  X as MyAccountApiError,
+  ie as PopupCancelledError,
+  ne as PopupTimeoutError,
+  j as ResponseType,
+  U as TimeoutError,
+  F as UseDpopNonceError
+};
+//# sourceMappingURL=auth0-spa-js.production.esm-Bb4L9JDU.js.map